1778 files changed, 0 insertions, 399109 deletions

diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
deleted file mode 100644
index 0ef0122b5d7f..000000000000
--- a/crypto/openssl/CHANGES
+++ /dev/null
@@ -1,6343 +0,0 @@
-
- OpenSSL CHANGES
- _______________
-
- Changes between 0.9.7 and 0.9.7a  [19 Feb 2003]
-
-  *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
-     via timing by performing a MAC computation even if incorrrect
-     block cipher padding has been found.  This is a countermeasure
-     against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
-
-     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
-     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
-     Martin Vuagnoux (EPFL, Ilion)]
-
-  *) Make the no-err option work as intended.  The intention with no-err
-     is not to have the whole error stack handling routines removed from
-     libcrypto, it's only intended to remove all the function name and
-     reason texts, thereby removing some of the footprint that may not
-     be interesting if those errors aren't displayed anyway.
-
-     NOTE: it's still possible for any application or module to have it's
-     own set of error texts inserted.  The routines are there, just not
-     used by default when no-err is given.
-     [Richard Levitte]
-
-  *) Add support for FreeBSD on IA64.
-     [dirk.meyer@dinoex.sub.org via Richard Levitte, resolves #454]
-
-  *) Adjust DES_cbc_cksum() so it returns the same value as the MIT
-     Kerberos function mit_des_cbc_cksum().  Before this change,
-     the value returned by DES_cbc_cksum() was like the one from
-     mit_des_cbc_cksum(), except the bytes were swapped.
-     [Kevin Greaney <Kevin.Greaney@hp.com> and Richard Levitte]
-
-  *) Allow an application to disable the automatic SSL chain building.
-     Before this a rather primitive chain build was always performed in
-     ssl3_output_cert_chain(): an application had no way to send the 
-     correct chain if the automatic operation produced an incorrect result.
-
-     Now the chain builder is disabled if either:
-
-     1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
-
-     2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
-
-     The reasoning behind this is that an application would not want the
-     auto chain building to take place if extra chain certificates are
-     present and it might also want a means of sending no additional
-     certificates (for example the chain has two certificates and the
-     root is omitted).
-     [Steve Henson]
-
-  *) Add the possibility to build without the ENGINE framework.
-     [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
-
-  *) Under Win32 gmtime() can return NULL: check return value in
-     OPENSSL_gmtime(). Add error code for case where gmtime() fails.
-     [Steve Henson]
-
-  *) DSA routines: under certain error conditions uninitialized BN objects
-     could be freed. Solution: make sure initialization is performed early
-     enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
-     Nils Larsch <nla@trustcenter.de> via PR#459)
-     [Lutz Jaenicke]
-
-  *) Another fix for SSLv2 session ID handling: the session ID was incorrectly
-     checked on reconnect on the client side, therefore session resumption
-     could still fail with a "ssl session id is different" error. This
-     behaviour is masked when SSL_OP_ALL is used due to
-     SSL_OP_MICROSOFT_SESS_ID_BUG being set.
-     Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
-     followup to PR #377.
-     [Lutz Jaenicke]
-
-  *) IA-32 assembler support enhancements: unified ELF targets, support
-     for SCO/Caldera platforms, fix for Cygwin shared build.
-     [Andy Polyakov]
-
-  *) Add support for FreeBSD on sparc64.  As a consequence, support for
-     FreeBSD on non-x86 processors is separate from x86 processors on
-     the config script, much like the NetBSD support.
-     [Richard Levitte & Kris Kennaway <kris@obsecurity.org>]
-
- Changes between 0.9.6h and 0.9.7  [31 Dec 2002]
-
-  *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
-     code (06) was taken as the first octet of the session ID and the last
-     octet was ignored consequently. As a result SSLv2 client side session
-     caching could not have worked due to the session ID mismatch between
-     client and server.
-     Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
-     PR #377.
-     [Lutz Jaenicke]
-
-  *) Change the declaration of needed Kerberos libraries to use EX_LIBS
-     instead of the special (and badly supported) LIBKRB5.  LIBKRB5 is
-     removed entirely.
-     [Richard Levitte]
-
-  *) The hw_ncipher.c engine requires dynamic locks.  Unfortunately, it
-     seems that in spite of existing for more than a year, many application
-     author have done nothing to provide the necessary callbacks, which
-     means that this particular engine will not work properly anywhere.
-     This is a very unfortunate situation which forces us, in the name
-     of usability, to give the hw_ncipher.c a static lock, which is part
-     of libcrypto.
-     NOTE: This is for the 0.9.7 series ONLY.  This hack will never
-     appear in 0.9.8 or later.  We EXPECT application authors to have
-     dealt properly with this when 0.9.8 is released (unless we actually
-     make such changes in the libcrypto locking code that changes will
-     have to be made anyway).
-     [Richard Levitte]
-
-  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
-     octets have been read, EOF or an error occurs. Without this change
-     some truncated ASN1 structures will not produce an error.
-     [Steve Henson]
-
-  *) Disable Heimdal support, since it hasn't been fully implemented.
-     Still give the possibility to force the use of Heimdal, but with
-     warnings and a request that patches get sent to openssl-dev.
-     [Richard Levitte]
-
-  *) Add the VC-CE target, introduce the WINCE sysname, and add
-     INSTALL.WCE and appropriate conditionals to make it build.
-     [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
-
-  *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
-     cygssl-x.y.z.dll, where x, y and z are the major, minor and
-     edit numbers of the version.
-     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
-
-  *) Introduce safe string copy and catenation functions
-     (BUF_strlcpy() and BUF_strlcat()).
-     [Ben Laurie (CHATS) and Richard Levitte]
-
-  *) Avoid using fixed-size buffers for one-line DNs.
-     [Ben Laurie (CHATS)]
-
-  *) Add BUF_MEM_grow_clean() to avoid information leakage when
-     resizing buffers containing secrets, and use where appropriate.
-     [Ben Laurie (CHATS)]
-
-  *) Avoid using fixed size buffers for configuration file location.
-     [Ben Laurie (CHATS)]
-
-  *) Avoid filename truncation for various CA files.
-     [Ben Laurie (CHATS)]
-
-  *) Use sizeof in preference to magic numbers.
-     [Ben Laurie (CHATS)]
-
-  *) Avoid filename truncation in cert requests.
-     [Ben Laurie (CHATS)]
-
-  *) Add assertions to check for (supposedly impossible) buffer
-     overflows.
-     [Ben Laurie (CHATS)]
-
-  *) Don't cache truncated DNS entries in the local cache (this could
-     potentially lead to a spoofing attack).
-     [Ben Laurie (CHATS)]
-
-  *) Fix various buffers to be large enough for hex/decimal
-     representations in a platform independent manner.
-     [Ben Laurie (CHATS)]
-
-  *) Add CRYPTO_realloc_clean() to avoid information leakage when
-     resizing buffers containing secrets, and use where appropriate.
-     [Ben Laurie (CHATS)]
-
-  *) Add BIO_indent() to avoid much slightly worrying code to do
-     indents.
-     [Ben Laurie (CHATS)]
-
-  *) Convert sprintf()/BIO_puts() to BIO_printf().
-     [Ben Laurie (CHATS)]
-
-  *) buffer_gets() could terminate with the buffer only half
-     full. Fixed.
-     [Ben Laurie (CHATS)]
-
-  *) Add assertions to prevent user-supplied crypto functions from
-     overflowing internal buffers by having large block sizes, etc.
-     [Ben Laurie (CHATS)]
-
-  *) New OPENSSL_assert() macro (similar to assert(), but enabled
-     unconditionally).
-     [Ben Laurie (CHATS)]
-
-  *) Eliminate unused copy of key in RC4.
-     [Ben Laurie (CHATS)]
-
-  *) Eliminate unused and incorrectly sized buffers for IV in pem.h.
-     [Ben Laurie (CHATS)]
-
-  *) Fix off-by-one error in EGD path.
-     [Ben Laurie (CHATS)]
-
-  *) If RANDFILE path is too long, ignore instead of truncating.
-     [Ben Laurie (CHATS)]
-
-  *) Eliminate unused and incorrectly sized X.509 structure
-     CBCParameter.
-     [Ben Laurie (CHATS)]
-
-  *) Eliminate unused and dangerous function knumber().
-     [Ben Laurie (CHATS)]
-
-  *) Eliminate unused and dangerous structure, KSSL_ERR.
-     [Ben Laurie (CHATS)]
-
-  *) Protect against overlong session ID context length in an encoded
-     session object. Since these are local, this does not appear to be
-     exploitable.
-     [Ben Laurie (CHATS)]
-
-  *) Change from security patch (see 0.9.6e below) that did not affect
-     the 0.9.6 release series:
-
-     Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized master key in Kerberos-enabled versions.
-     (CAN-2002-0657)
-     [Ben Laurie (CHATS)]
-
-  *) Change the SSL kerb5 codes to match RFC 2712.
-     [Richard Levitte]
-
-  *) Make -nameopt work fully for req and add -reqopt switch.
-     [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson]
-
-  *) The "block size" for block ciphers in CFB and OFB mode should be 1.
-     [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve@opera.com>]
-
-  *) Make sure tests can be performed even if the corresponding algorithms
-     have been removed entirely.  This was also the last step to make
-     OpenSSL compilable with DJGPP under all reasonable conditions.
-     [Richard Levitte, Doug Kaufman <dkaufman@rahul.net>]
-
-  *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
-     to allow version independent disabling of normally unselected ciphers,
-     which may be activated as a side-effect of selecting a single cipher.
-
-     (E.g., cipher list string "RSA" enables ciphersuites that are left
-     out of "ALL" because they do not provide symmetric encryption.
-     "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
-     [Lutz Jaenicke, Bodo Moeller]
-
-  *) Add appropriate support for separate platform-dependent build
-     directories.  The recommended way to make a platform-dependent
-     build directory is the following (tested on Linux), maybe with
-     some local tweaks:
-
-	# Place yourself outside of the OpenSSL source tree.  In
-	# this example, the environment variable OPENSSL_SOURCE
-	# is assumed to contain the absolute OpenSSL source directory.
-	mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
-	cd objtree/"`uname -s`-`uname -r`-`uname -m`"
-	(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
-		mkdir -p `dirname $F`
-		ln -s $OPENSSL_SOURCE/$F $F
-	done
-
-     To be absolutely sure not to disturb the source tree, a "make clean"
-     is a good thing.  If it isn't successfull, don't worry about it,
-     it probably means the source directory is very clean.
-     [Richard Levitte]
-
-  *) Make sure any ENGINE control commands make local copies of string
-     pointers passed to them whenever necessary. Otherwise it is possible
-     the caller may have overwritten (or deallocated) the original string
-     data when a later ENGINE operation tries to use the stored values.
-     [Götz Babin-Ebell <babinebell@trustcenter.de>]
-
-  *) Improve diagnostics in file reading and command-line digests.
-     [Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
-
-  *) Add AES modes CFB and OFB to the object database.  Correct an
-     error in AES-CFB decryption.
-     [Richard Levitte]
-
-  *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this 
-     allows existing EVP_CIPHER_CTX structures to be reused after
-     calling EVP_*Final(). This behaviour is used by encryption
-     BIOs and some applications. This has the side effect that
-     applications must explicitly clean up cipher contexts with
-     EVP_CIPHER_CTX_cleanup() or they will leak memory.
-     [Steve Henson]
-
-  *) Check the values of dna and dnb in bn_mul_recursive before calling
-     bn_mul_comba (a non zero value means the a or b arrays do not contain
-     n2 elements) and fallback to bn_mul_normal if either is not zero.
-     [Steve Henson]
-
-  *) Fix escaping of non-ASCII characters when using the -subj option
-     of the "openssl req" command line tool. (Robert Joop <joop@fokus.gmd.de>)
-     [Lutz Jaenicke]
-
-  *) Make object definitions compliant to LDAP (RFC2256): SN is the short
-     form for "surname", serialNumber has no short form.
-     Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
-     therefore remove "mail" short name for "internet 7".
-     The OID for unique identifiers in X509 certificates is
-     x500UniqueIdentifier, not uniqueIdentifier.
-     Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
-     [Lutz Jaenicke]
-
-  *) Add an "init" command to the ENGINE config module and auto initialize
-     ENGINEs. Without any "init" command the ENGINE will be initialized 
-     after all ctrl commands have been executed on it. If init=1 the 
-     ENGINE is initailized at that point (ctrls before that point are run
-     on the uninitialized ENGINE and after on the initialized one). If
-     init=0 then the ENGINE will not be iniatialized at all.
-     [Steve Henson]
-
-  *) Fix the 'app_verify_callback' interface so that the user-defined
-     argument is actually passed to the callback: In the
-     SSL_CTX_set_cert_verify_callback() prototype, the callback
-     declaration has been changed from
-          int (*cb)()
-     into
-          int (*cb)(X509_STORE_CTX *,void *);
-     in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
-          i=s->ctx->app_verify_callback(&ctx)
-     has been changed into
-          i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
-
-     To update applications using SSL_CTX_set_cert_verify_callback(),
-     a dummy argument can be added to their callback functions.
-     [D. K. Smetters <smetters@parc.xerox.com>]
-
-  *) Added the '4758cca' ENGINE to support IBM 4758 cards.
-     [Maurice Gittens <maurice@gittens.nl>, touchups by Geoff Thorpe]
-
-  *) Add and OPENSSL_LOAD_CONF define which will cause
-     OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
-     This allows older applications to transparently support certain
-     OpenSSL features: such as crypto acceleration and dynamic ENGINE loading.
-     Two new functions OPENSSL_add_all_algorithms_noconf() which will never
-     load the config file and OPENSSL_add_all_algorithms_conf() which will
-     always load it have also been added.
-     [Steve Henson]
-
-  *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
-     Adjust NIDs and EVP layer.
-     [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
-
-  *) Config modules support in openssl utility.
-
-     Most commands now load modules from the config file,
-     though in a few (such as version) this isn't done 
-     because it couldn't be used for anything.
-
-     In the case of ca and req the config file used is
-     the same as the utility itself: that is the -config
-     command line option can be used to specify an
-     alternative file.
-     [Steve Henson]
-
-  *) Move default behaviour from OPENSSL_config(). If appname is NULL
-     use "openssl_conf" if filename is NULL use default openssl config file.
-     [Steve Henson]
-
-  *) Add an argument to OPENSSL_config() to allow the use of an alternative
-     config section name. Add a new flag to tolerate a missing config file
-     and move code to CONF_modules_load_file().
-     [Steve Henson]
-
-  *) Support for crypto accelerator cards from Accelerated Encryption
-     Processing, www.aep.ie.  (Use engine 'aep')
-     The support was copied from 0.9.6c [engine] and adapted/corrected
-     to work with the new engine framework.
-     [AEP Inc. and Richard Levitte]
-
-  *) Support for SureWare crypto accelerator cards from Baltimore
-     Technologies.  (Use engine 'sureware')
-     The support was copied from 0.9.6c [engine] and adapted
-     to work with the new engine framework.
-     [Richard Levitte]
-
-  *) Have the CHIL engine fork-safe (as defined by nCipher) and actually
-     make the newer ENGINE framework commands for the CHIL engine work.
-     [Toomas Kiisk <vix@cyber.ee> and Richard Levitte]
-
-  *) Make it possible to produce shared libraries on ReliantUNIX.
-     [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
-
-  *) Add the configuration target debug-linux-ppro.
-     Make 'openssl rsa' use the general key loading routines
-     implemented in apps.c, and make those routines able to
-     handle the key format FORMAT_NETSCAPE and the variant
-     FORMAT_IISSGC.
-     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
- *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
-     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
-  *) Add -keyform to rsautl, and document -engine.
-     [Richard Levitte, inspired by Toomas Kiisk <vix@cyber.ee>]
-
-  *) Change BIO_new_file (crypto/bio/bss_file.c) to use new
-     BIO_R_NO_SUCH_FILE error code rather than the generic
-     ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
-     [Ben Laurie]
-
-  *) Add new functions
-          ERR_peek_last_error
-          ERR_peek_last_error_line
-          ERR_peek_last_error_line_data.
-     These are similar to
-          ERR_peek_error
-          ERR_peek_error_line
-          ERR_peek_error_line_data,
-     but report on the latest error recorded rather than the first one
-     still in the error queue.
-     [Ben Laurie, Bodo Moeller]
-        
-  *) default_algorithms option in ENGINE config module. This allows things
-     like:
-     default_algorithms = ALL
-     default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
-     [Steve Henson]
-
-  *) Prelminary ENGINE config module.
-     [Steve Henson]
-
-  *) New experimental application configuration code.
-     [Steve Henson]
-
-  *) Change the AES code to follow the same name structure as all other
-     symmetric ciphers, and behave the same way.  Move everything to
-     the directory crypto/aes, thereby obsoleting crypto/rijndael.
-     [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
-
-  *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
-     [Ben Laurie and Theo de Raadt]
-
-  *) Add option to output public keys in req command.
-     [Massimiliano Pala madwolf@openca.org]
-
-  *) Use wNAFs in EC_POINTs_mul() for improved efficiency
-     (up to about 10% better than before for P-192 and P-224).
-     [Bodo Moeller]
-
-  *) New functions/macros
-
-          SSL_CTX_set_msg_callback(ctx, cb)
-          SSL_CTX_set_msg_callback_arg(ctx, arg)
-          SSL_set_msg_callback(ssl, cb)
-          SSL_set_msg_callback_arg(ssl, arg)
-
-     to request calling a callback function
-
-          void cb(int write_p, int version, int content_type,
-                  const void *buf, size_t len, SSL *ssl, void *arg)
-
-     whenever a protocol message has been completely received
-     (write_p == 0) or sent (write_p == 1).  Here 'version' is the
-     protocol version  according to which the SSL library interprets
-     the current protocol message (SSL2_VERSION, SSL3_VERSION, or
-     TLS1_VERSION).  'content_type' is 0 in the case of SSL 2.0, or
-     the content type as defined in the SSL 3.0/TLS 1.0 protocol
-     specification (change_cipher_spec(20), alert(21), handshake(22)).
-     'buf' and 'len' point to the actual message, 'ssl' to the
-     SSL object, and 'arg' is the application-defined value set by
-     SSL[_CTX]_set_msg_callback_arg().
-
-     'openssl s_client' and 'openssl s_server' have new '-msg' options
-     to enable a callback that displays all protocol messages.
-     [Bodo Moeller]
-
-  *) Change the shared library support so shared libraries are built as
-     soon as the corresponding static library is finished, and thereby get
-     openssl and the test programs linked against the shared library.
-     This still only happens when the keyword "shard" has been given to
-     the configuration scripts.
-
-     NOTE: shared library support is still an experimental thing, and
-     backward binary compatibility is still not guaranteed.
-     ["Maciej W. Rozycki" <macro@ds2.pg.gda.pl> and Richard Levitte]
-
-  *) Add support for Subject Information Access extension.
-     [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
-
-  *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero
-     additional bytes when new memory had to be allocated, not just
-     when reusing an existing buffer.
-     [Bodo Moeller]
-
-  *) New command line and configuration option 'utf8' for the req command.
-     This allows field values to be specified as UTF8 strings.
-     [Steve Henson]
-
-  *) Add -multi and -mr options to "openssl speed" - giving multiple parallel
-     runs for the former and machine-readable output for the latter.
-     [Ben Laurie]
-
-  *) Add '-noemailDN' option to 'openssl ca'.  This prevents inclusion
-     of the e-mail address in the DN (i.e., it will go into a certificate
-     extension only).  The new configuration file option 'email_in_dn = no'
-     has the same effect.
-     [Massimiliano Pala madwolf@openca.org]
-
-  *) Change all functions with names starting with des_ to be starting
-     with DES_ instead.  Add wrappers that are compatible with libdes,
-     but are named _ossl_old_des_*.  Finally, add macros that map the
-     des_* symbols to the corresponding _ossl_old_des_* if libdes
-     compatibility is desired.  If OpenSSL 0.9.6c compatibility is
-     desired, the des_* symbols will be mapped to DES_*, with one
-     exception.
-
-     Since we provide two compatibility mappings, the user needs to
-     define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes
-     compatibility is desired.  The default (i.e., when that macro
-     isn't defined) is OpenSSL 0.9.6c compatibility.
-
-     There are also macros that enable and disable the support of old
-     des functions altogether.  Those are OPENSSL_ENABLE_OLD_DES_SUPPORT
-     and OPENSSL_DISABLE_OLD_DES_SUPPORT.  If none or both of those
-     are defined, the default will apply: to support the old des routines.
-
-     In either case, one must include openssl/des.h to get the correct
-     definitions.  Do not try to just include openssl/des_old.h, that
-     won't work.
-
-     NOTE: This is a major break of an old API into a new one.  Software
-     authors are encouraged to switch to the DES_ style functions.  Some
-     time in the future, des_old.h and the libdes compatibility functions
-     will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the
-     default), and then completely removed.
-     [Richard Levitte]
-
-  *) Test for certificates which contain unsupported critical extensions.
-     If such a certificate is found during a verify operation it is 
-     rejected by default: this behaviour can be overridden by either
-     handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
-     by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
-     X509_supported_extension() has also been added which returns 1 if a
-     particular extension is supported.
-     [Steve Henson]
-
-  *) Modify the behaviour of EVP cipher functions in similar way to digests
-     to retain compatibility with existing code.
-     [Steve Henson]
-
-  *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
-     compatibility with existing code. In particular the 'ctx' parameter does
-     not have to be to be initialized before the call to EVP_DigestInit() and
-     it is tidied up after a call to EVP_DigestFinal(). New function
-     EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function
-     EVP_MD_CTX_copy() changed to not require the destination to be
-     initialized valid and new function EVP_MD_CTX_copy_ex() added which
-     requires the destination to be valid.
-
-     Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(),
-     EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex().
-     [Steve Henson]
-
-  *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it
-     so that complete 'Handshake' protocol structures are kept in memory
-     instead of overwriting 'msg_type' and 'length' with 'body' data.
-     [Bodo Moeller]
-
-  *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32.
-     [Massimo Santin via Richard Levitte]
-
-  *) Major restructuring to the underlying ENGINE code. This includes
-     reduction of linker bloat, separation of pure "ENGINE" manipulation
-     (initialisation, etc) from functionality dealing with implementations
-     of specific crypto iterfaces. This change also introduces integrated
-     support for symmetric ciphers and digest implementations - so ENGINEs
-     can now accelerate these by providing EVP_CIPHER and EVP_MD
-     implementations of their own. This is detailed in crypto/engine/README
-     as it couldn't be adequately described here. However, there are a few
-     API changes worth noting - some RSA, DSA, DH, and RAND functions that
-     were changed in the original introduction of ENGINE code have now
-     reverted back - the hooking from this code to ENGINE is now a good
-     deal more passive and at run-time, operations deal directly with
-     RSA_METHODs, DSA_METHODs (etc) as they did before, rather than
-     dereferencing through an ENGINE pointer any more. Also, the ENGINE
-     functions dealing with BN_MOD_EXP[_CRT] handlers have been removed -
-     they were not being used by the framework as there is no concept of a
-     BIGNUM_METHOD and they could not be generalised to the new
-     'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
-     ENGINE_cpy() has been removed as it cannot be consistently defined in
-     the new code.
-     [Geoff Thorpe]
-
-  *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds.
-     [Steve Henson]
-
-  *) Change mkdef.pl to sort symbols that get the same entry number,
-     and make sure the automatically generated functions ERR_load_*
-     become part of libeay.num as well.
-     [Richard Levitte]
-
-  *) New function SSL_renegotiate_pending().  This returns true once
-     renegotiation has been requested (either SSL_renegotiate() call
-     or HelloRequest/ClientHello receveived from the peer) and becomes
-     false once a handshake has been completed.
-     (For servers, SSL_renegotiate() followed by SSL_do_handshake()
-     sends a HelloRequest, but does not ensure that a handshake takes
-     place.  SSL_renegotiate_pending() is useful for checking if the
-     client has followed the request.)
-     [Bodo Moeller]
-
-  *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
-     By default, clients may request session resumption even during
-     renegotiation (if session ID contexts permit); with this option,
-     session resumption is possible only in the first handshake.
-
-     SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL.  This makes
-     more bits available for options that should not be part of
-     SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
-     [Bodo Moeller]
-
-  *) Add some demos for certificate and certificate request creation.
-     [Steve Henson]
-
-  *) Make maximum certificate chain size accepted from the peer application
-     settable (SSL*_get/set_max_cert_list()), as proposed by
-     "Douglas E. Engert" <deengert@anl.gov>.
-     [Lutz Jaenicke]
-
-  *) Add support for shared libraries for Unixware-7
-     (Boyd Lynn Gerber <gerberb@zenez.com>).
-     [Lutz Jaenicke]
-
-  *) Add a "destroy" handler to ENGINEs that allows structural cleanup to
-     be done prior to destruction. Use this to unload error strings from
-     ENGINEs that load their own error strings. NB: This adds two new API
-     functions to "get" and "set" this destroy handler in an ENGINE.
-     [Geoff Thorpe]
-
-  *) Alter all existing ENGINE implementations (except "openssl" and
-     "openbsd") to dynamically instantiate their own error strings. This
-     makes them more flexible to be built both as statically-linked ENGINEs
-     and self-contained shared-libraries loadable via the "dynamic" ENGINE.
-     Also, add stub code to each that makes building them as self-contained
-     shared-libraries easier (see README.ENGINE).
-     [Geoff Thorpe]
-
-  *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE
-     implementations into applications that are completely implemented in
-     self-contained shared-libraries. The "dynamic" ENGINE exposes control
-     commands that can be used to configure what shared-library to load and
-     to control aspects of the way it is handled. Also, made an update to
-     the README.ENGINE file that brings its information up-to-date and
-     provides some information and instructions on the "dynamic" ENGINE
-     (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc).
-     [Geoff Thorpe]
-
-  *) Make it possible to unload ranges of ERR strings with a new
-     "ERR_unload_strings" function.
-     [Geoff Thorpe]
-
-  *) Add a copy() function to EVP_MD.
-     [Ben Laurie]
-
-  *) Make EVP_MD routines take a context pointer instead of just the
-     md_data void pointer.
-     [Ben Laurie]
-
-  *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates
-     that the digest can only process a single chunk of data
-     (typically because it is provided by a piece of
-     hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application
-     is only going to provide a single chunk of data, and hence the
-     framework needn't accumulate the data for oneshot drivers.
-     [Ben Laurie]
-
-  *) As with "ERR", make it possible to replace the underlying "ex_data"
-     functions. This change also alters the storage and management of global
-     ex_data state - it's now all inside ex_data.c and all "class" code (eg.
-     RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class
-     index counters. The API functions that use this state have been changed
-     to take a "class_index" rather than pointers to the class's local STACK
-     and counter, and there is now an API function to dynamically create new
-     classes. This centralisation allows us to (a) plug a lot of the
-     thread-safety problems that existed, and (b) makes it possible to clean
-     up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b)
-     such data would previously have always leaked in application code and
-     workarounds were in place to make the memory debugging turn a blind eye
-     to it. Application code that doesn't use this new function will still
-     leak as before, but their memory debugging output will announce it now
-     rather than letting it slide.
-
-     Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change
-     induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now
-     has a return value to indicate success or failure.
-     [Geoff Thorpe]
-
-  *) Make it possible to replace the underlying "ERR" functions such that the
-     global state (2 LHASH tables and 2 locks) is only used by the "default"
-     implementation. This change also adds two functions to "get" and "set"
-     the implementation prior to it being automatically set the first time
-     any other ERR function takes place. Ie. an application can call "get",
-     pass the return value to a module it has just loaded, and that module
-     can call its own "set" function using that value. This means the
-     module's "ERR" operations will use (and modify) the error state in the
-     application and not in its own statically linked copy of OpenSSL code.
-     [Geoff Thorpe]
-
-  *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment
-     reference counts. This performs normal REF_PRINT/REF_CHECK macros on
-     the operation, and provides a more encapsulated way for external code
-     (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code
-     to use these functions rather than manually incrementing the counts.
-
-     Also rename "DSO_up()" function to more descriptive "DSO_up_ref()".
-     [Geoff Thorpe]
-
-  *) Add EVP test program.
-     [Ben Laurie]
-
-  *) Add symmetric cipher support to ENGINE. Expect the API to change!
-     [Ben Laurie]
-
-  *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
-     X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
-     X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().
-     These allow a CRL to be built without having to access X509_CRL fields
-     directly. Modify 'ca' application to use new functions.
-     [Steve Henson]
-
-  *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
-     bug workarounds. Rollback attack detection is a security feature.
-     The problem will only arise on OpenSSL servers when TLSv1 is not
-     available (sslv3_server_method() or SSL_OP_NO_TLSv1).
-     Software authors not wanting to support TLSv1 will have special reasons
-     for their choice and can explicitly enable this option.
-     [Bodo Moeller, Lutz Jaenicke]
-
-  *) Rationalise EVP so it can be extended: don't include a union of
-     cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
-     (similar to those existing for EVP_CIPHER_CTX).
-     Usage example:
-
-         EVP_MD_CTX md;
-
-         EVP_MD_CTX_init(&md);             /* new function call */
-         EVP_DigestInit(&md, EVP_sha1());
-         EVP_DigestUpdate(&md, in, len);
-         EVP_DigestFinal(&md, out, NULL);
-         EVP_MD_CTX_cleanup(&md);          /* new function call */
-
-     [Ben Laurie]
-
-  *) Make DES key schedule conform to the usual scheme, as well as
-     correcting its structure. This means that calls to DES functions
-     now have to pass a pointer to a des_key_schedule instead of a
-     plain des_key_schedule (which was actually always a pointer
-     anyway): E.g.,
-
-         des_key_schedule ks;
-
-	 des_set_key_checked(..., &ks);
-	 des_ncbc_encrypt(..., &ks, ...);
-
-     (Note that a later change renames 'des_...' into 'DES_...'.)
-     [Ben Laurie]
-
-  *) Initial reduction of linker bloat: the use of some functions, such as
-     PEM causes large amounts of unused functions to be linked in due to
-     poor organisation. For example pem_all.c contains every PEM function
-     which has a knock on effect of linking in large amounts of (unused)
-     ASN1 code. Grouping together similar functions and splitting unrelated
-     functions prevents this.
-     [Steve Henson]
-
-  *) Cleanup of EVP macros.
-     [Ben Laurie]
-
-  *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
-     correct _ecb suffix.
-     [Ben Laurie]
-
-  *) Add initial OCSP responder support to ocsp application. The
-     revocation information is handled using the text based index
-     use by the ca application. The responder can either handle
-     requests generated internally, supplied in files (for example
-     via a CGI script) or using an internal minimal server.
-     [Steve Henson]
-
-  *) Add configuration choices to get zlib compression for TLS.
-     [Richard Levitte]
-
-  *) Changes to Kerberos SSL for RFC 2712 compliance:
-     1.  Implemented real KerberosWrapper, instead of just using
-         KRB5 AP_REQ message.  [Thanks to Simon Wilkinson <sxw@sxw.org.uk>]
-     2.  Implemented optional authenticator field of KerberosWrapper.
-
-     Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
-     and authenticator structs; see crypto/krb5/.
-
-     Generalized Kerberos calls to support multiple Kerberos libraries.
-     [Vern Staats <staatsvr@asc.hpc.mil>,
-      Jeffrey Altman <jaltman@columbia.edu>
-      via Richard Levitte]
-
-  *) Cause 'openssl speed' to use fully hard-coded DSA keys as it
-     already does with RSA. testdsa.h now has 'priv_key/pub_key'
-     values for each of the key sizes rather than having just
-     parameters (and 'speed' generating keys each time).
-     [Geoff Thorpe]
-
-  *) Speed up EVP routines.
-     Before:
-encrypt
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-des-cbc           4408.85k     5560.51k     5778.46k     5862.20k     5825.16k
-des-cbc           4389.55k     5571.17k     5792.23k     5846.91k     5832.11k
-des-cbc           4394.32k     5575.92k     5807.44k     5848.37k     5841.30k
-decrypt
-des-cbc           3482.66k     5069.49k     5496.39k     5614.16k     5639.28k
-des-cbc           3480.74k     5068.76k     5510.34k     5609.87k     5635.52k
-des-cbc           3483.72k     5067.62k     5504.60k     5708.01k     5724.80k
-     After:
-encrypt
-des-cbc           4660.16k     5650.19k     5807.19k     5827.13k     5783.32k
-decrypt
-des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
-     [Ben Laurie]
-
-  *) Added the OS2-EMX target.
-     ["Brian Havard" <brianh@kheldar.apana.org.au> and Richard Levitte]
-
-  *) Rewrite apps to use NCONF routines instead of the old CONF. New functions
-     to support NCONF routines in extension code. New function CONF_set_nconf()
-     to allow functions which take an NCONF to also handle the old LHASH
-     structure: this means that the old CONF compatible routines can be
-     retained (in particular wrt extensions) without having to duplicate the
-     code. New function X509V3_add_ext_nconf_sk to add extensions to a stack.
-     [Steve Henson]
-
-  *) Enhance the general user interface with mechanisms for inner control
-     and with possibilities to have yes/no kind of prompts.
-     [Richard Levitte]
-
-  *) Change all calls to low level digest routines in the library and
-     applications to use EVP. Add missing calls to HMAC_cleanup() and
-     don't assume HMAC_CTX can be copied using memcpy().
-     [Verdon Walker <VWalker@novell.com>, Steve Henson]
-
-  *) Add the possibility to control engines through control names but with
-     arbitrary arguments instead of just a string.
-     Change the key loaders to take a UI_METHOD instead of a callback
-     function pointer.  NOTE: this breaks binary compatibility with earlier
-     versions of OpenSSL [engine].
-     Adapt the nCipher code for these new conditions and add a card insertion
-     callback.
-     [Richard Levitte]
-
-  *) Enhance the general user interface with mechanisms to better support
-     dialog box interfaces, application-defined prompts, the possibility
-     to use defaults (for example default passwords from somewhere else)
-     and interrupts/cancellations.
-     [Richard Levitte]
-
-  *) Tidy up PKCS#12 attribute handling. Add support for the CSP name
-     attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
-     [Steve Henson]
-
-  *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also
-     tidy up some unnecessarily weird code in 'sk_new()').
-     [Geoff, reported by Diego Tartara <dtartara@novamens.com>]
-
-  *) Change the key loading routines for ENGINEs to use the same kind
-     callback (pem_password_cb) as all other routines that need this
-     kind of callback.
-     [Richard Levitte]
-
-  *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
-     256 bit (=32 byte) keys. Of course seeding with more entropy bytes
-     than this minimum value is recommended.
-     [Lutz Jaenicke]
-
-  *) New random seeder for OpenVMS, using the system process statistics
-     that are easily reachable.
-     [Richard Levitte]
-
-  *) Windows apparently can't transparently handle global
-     variables defined in DLLs. Initialisations such as:
-
-        const ASN1_ITEM *it = &ASN1_INTEGER_it;
-
-     wont compile. This is used by the any applications that need to
-     declare their own ASN1 modules. This was fixed by adding the option
-     EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly
-     needed for static libraries under Win32.
-     [Steve Henson]
-
-  *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
-     setting of purpose and trust fields. New X509_STORE trust and
-     purpose functions and tidy up setting in other SSL functions.
-     [Steve Henson]
-
-  *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
-     structure. These are inherited by X509_STORE_CTX when it is 
-     initialised. This allows various defaults to be set in the
-     X509_STORE structure (such as flags for CRL checking and custom
-     purpose or trust settings) for functions which only use X509_STORE_CTX
-     internally such as S/MIME.
-
-     Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and
-     trust settings if they are not set in X509_STORE. This allows X509_STORE
-     purposes and trust (in S/MIME for example) to override any set by default.
-
-     Add command line options for CRL checking to smime, s_client and s_server
-     applications.
-     [Steve Henson]
-
-  *) Initial CRL based revocation checking. If the CRL checking flag(s)
-     are set then the CRL is looked up in the X509_STORE structure and
-     its validity and signature checked, then if the certificate is found
-     in the CRL the verify fails with a revoked error.
-
-     Various new CRL related callbacks added to X509_STORE_CTX structure.
-
-     Command line options added to 'verify' application to support this.
-
-     This needs some additional work, such as being able to handle multiple
-     CRLs with different times, extension based lookup (rather than just
-     by subject name) and ultimately more complete V2 CRL extension
-     handling.
-     [Steve Henson]
-
-  *) Add a general user interface API (crypto/ui/).  This is designed
-     to replace things like des_read_password and friends (backward
-     compatibility functions using this new API are provided).
-     The purpose is to remove prompting functions from the DES code
-     section as well as provide for prompting through dialog boxes in
-     a window system and the like.
-     [Richard Levitte]
-
-  *) Add "ex_data" support to ENGINE so implementations can add state at a
-     per-structure level rather than having to store it globally.
-     [Geoff]
-
-  *) Make it possible for ENGINE structures to be copied when retrieved by
-     ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
-     This causes the "original" ENGINE structure to act like a template,
-     analogous to the RSA vs. RSA_METHOD type of separation. Because of this
-     operational state can be localised to each ENGINE structure, despite the
-     fact they all share the same "methods". New ENGINE structures returned in
-     this case have no functional references and the return value is the single
-     structural reference. This matches the single structural reference returned
-     by ENGINE_by_id() normally, when it is incremented on the pre-existing
-     ENGINE structure.
-     [Geoff]
-
-  *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this
-     needs to match any other type at all we need to manually clear the
-     tag cache.
-     [Steve Henson]
-
-  *) Changes to the "openssl engine" utility to include;
-     - verbosity levels ('-v', '-vv', and '-vvv') that provide information
-       about an ENGINE's available control commands.
-     - executing control commands from command line arguments using the
-       '-pre' and '-post' switches. '-post' is only used if '-t' is
-       specified and the ENGINE is successfully initialised. The syntax for
-       the individual commands are colon-separated, for example;
-	 openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so
-     [Geoff]
-
-  *) New dynamic control command support for ENGINEs. ENGINEs can now
-     declare their own commands (numbers), names (strings), descriptions,
-     and input types for run-time discovery by calling applications. A
-     subset of these commands are implicitly classed as "executable"
-     depending on their input type, and only these can be invoked through
-     the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
-     can be based on user input, config files, etc). The distinction is
-     that "executable" commands cannot return anything other than a boolean
-     result and can only support numeric or string input, whereas some
-     discoverable commands may only be for direct use through
-     ENGINE_ctrl(), eg. supporting the exchange of binary data, function
-     pointers, or other custom uses. The "executable" commands are to
-     support parameterisations of ENGINE behaviour that can be
-     unambiguously defined by ENGINEs and used consistently across any
-     OpenSSL-based application. Commands have been added to all the
-     existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow
-     control over shared-library paths without source code alterations.
-     [Geoff]
-
-  *) Changed all ENGINE implementations to dynamically allocate their
-     ENGINEs rather than declaring them statically. Apart from this being
-     necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction,
-     this also allows the implementations to compile without using the
-     internal engine_int.h header.
-     [Geoff]
-
-  *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a
-     'const' value. Any code that should be able to modify a RAND_METHOD
-     should already have non-const pointers to it (ie. they should only
-     modify their own ones).
-     [Geoff]
-
-  *) Made a variety of little tweaks to the ENGINE code.
-     - "atalla" and "ubsec" string definitions were moved from header files
-       to C code. "nuron" string definitions were placed in variables
-       rather than hard-coded - allowing parameterisation of these values
-       later on via ctrl() commands.
-     - Removed unused "#if 0"'d code.
-     - Fixed engine list iteration code so it uses ENGINE_free() to release
-       structural references.
-     - Constified the RAND_METHOD element of ENGINE structures.
-     - Constified various get/set functions as appropriate and added
-       missing functions (including a catch-all ENGINE_cpy that duplicates
-       all ENGINE values onto a new ENGINE except reference counts/state).
-     - Removed NULL parameter checks in get/set functions. Setting a method
-       or function to NULL is a way of cancelling out a previously set
-       value.  Passing a NULL ENGINE parameter is just plain stupid anyway
-       and doesn't justify the extra error symbols and code.
-     - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for
-       flags from engine_int.h to engine.h.
-     - Changed prototypes for ENGINE handler functions (init(), finish(),
-       ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
-     [Geoff]
-
-  *) Implement binary inversion algorithm for BN_mod_inverse in addition
-     to the algorithm using long division.  The binary algorithm can be
-     used only if the modulus is odd.  On 32-bit systems, it is faster
-     only for relatively small moduli (roughly 20-30% for 128-bit moduli,
-     roughly 5-15% for 256-bit moduli), so we use it only for moduli
-     up to 450 bits.  In 64-bit environments, the binary algorithm
-     appears to be advantageous for much longer moduli; here we use it
-     for moduli up to 2048 bits.
-     [Bodo Moeller]
-
-  *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code
-     could not support the combine flag in choice fields.
-     [Steve Henson]
-
-  *) Add a 'copy_extensions' option to the 'ca' utility. This copies
-     extensions from a certificate request to the certificate.
-     [Steve Henson]
-
-  *) Allow multiple 'certopt' and 'nameopt' options to be separated
-     by commas. Add 'namopt' and 'certopt' options to the 'ca' config
-     file: this allows the display of the certificate about to be
-     signed to be customised, to allow certain fields to be included
-     or excluded and extension details. The old system didn't display
-     multicharacter strings properly, omitted fields not in the policy
-     and couldn't display additional details such as extensions.
-     [Steve Henson]
-
-  *) Function EC_POINTs_mul for multiple scalar multiplication
-     of an arbitrary number of elliptic curve points
-          \sum scalars[i]*points[i],
-     optionally including the generator defined for the EC_GROUP:
-          scalar*generator +  \sum scalars[i]*points[i].
-
-     EC_POINT_mul is a simple wrapper function for the typical case
-     that the point list has just one item (besides the optional
-     generator).
-     [Bodo Moeller]
-
-  *) First EC_METHODs for curves over GF(p):
-
-     EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr
-     operations and provides various method functions that can also
-     operate with faster implementations of modular arithmetic.     
-
-     EC_GFp_mont_method() reuses most functions that are part of
-     EC_GFp_simple_method, but uses Montgomery arithmetic.
-
-     [Bodo Moeller; point addition and point doubling
-     implementation directly derived from source code provided by
-     Lenka Fibikova <fibikova@exp-math.uni-essen.de>]
-
-  *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h,
-     crypto/ec/ec_lib.c):
-
-     Curves are EC_GROUP objects (with an optional group generator)
-     based on EC_METHODs that are built into the library.
-
-     Points are EC_POINT objects based on EC_GROUP objects.
-
-     Most of the framework would be able to handle curves over arbitrary
-     finite fields, but as there are no obvious types for fields other
-     than GF(p), some functions are limited to that for now.
-     [Bodo Moeller]
-
-  *) Add the -HTTP option to s_server.  It is similar to -WWW, but requires
-     that the file contains a complete HTTP response.
-     [Richard Levitte]
-
-  *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl
-     change the def and num file printf format specifier from "%-40sXXX"
-     to "%-39s XXX". The latter will always guarantee a space after the
-     field while the former will cause them to run together if the field
-     is 40 of more characters long.
-     [Steve Henson]
-
-  *) Constify the cipher and digest 'method' functions and structures
-     and modify related functions to take constant EVP_MD and EVP_CIPHER
-     pointers.
-     [Steve Henson]
-
-  *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them
-     in <openssl/bn.h>.  Also further increase BN_CTX_NUM to 32.
-     [Bodo Moeller]
-
-  *) Modify EVP_Digest*() routines so they now return values. Although the
-     internal software routines can never fail additional hardware versions
-     might.
-     [Steve Henson]
-
-  *) Clean up crypto/err/err.h and change some error codes to avoid conflicts:
-
-     Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7
-     (= ERR_R_PKCS7_LIB); it is now 64 instead of 32.
-
-     ASN1 error codes
-          ERR_R_NESTED_ASN1_ERROR
-          ...
-          ERR_R_MISSING_ASN1_EOS
-     were 4 .. 9, conflicting with
-          ERR_LIB_RSA (= ERR_R_RSA_LIB)
-          ...
-          ERR_LIB_PEM (= ERR_R_PEM_LIB).
-     They are now 58 .. 63 (i.e., just below ERR_R_FATAL).
-
-     Add new error code 'ERR_R_INTERNAL_ERROR'.
-     [Bodo Moeller]
-
-  *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock
-     suffices.
-     [Bodo Moeller]
-
-  *) New option '-subj arg' for 'openssl req' and 'openssl ca'.  This
-     sets the subject name for a new request or supersedes the
-     subject name in a given request. Formats that can be parsed are
-          'CN=Some Name, OU=myOU, C=IT'
-     and
-          'CN=Some Name/OU=myOU/C=IT'.
-
-     Add options '-batch' and '-verbose' to 'openssl req'.
-     [Massimiliano Pala <madwolf@hackmasters.net>]
-
-  *) Introduce the possibility to access global variables through
-     functions on platform were that's the best way to handle exporting
-     global variables in shared libraries.  To enable this functionality,
-     one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
-     "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
-     is normally done by Configure or something similar).
-
-     To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
-     in the source file (foo.c) like this:
-
-	OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
-	OPENSSL_IMPLEMENT_GLOBAL(double,bar);
-
-     To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
-     and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:
-
-	OPENSSL_DECLARE_GLOBAL(int,foo);
-	#define foo OPENSSL_GLOBAL_REF(foo)
-	OPENSSL_DECLARE_GLOBAL(double,bar);
-	#define bar OPENSSL_GLOBAL_REF(bar)
-
-     The #defines are very important, and therefore so is including the
-     header file everywhere where the defined globals are used.
-
-     The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
-     of ASN.1 items, but that structure is a bit different.
-
-     The largest change is in util/mkdef.pl which has been enhanced with
-     better and easier to understand logic to choose which symbols should
-     go into the Windows .def files as well as a number of fixes and code
-     cleanup (among others, algorithm keywords are now sorted
-     lexicographically to avoid constant rewrites).
-     [Richard Levitte]
-
-  *) In BN_div() keep a copy of the sign of 'num' before writing the
-     result to 'rm' because if rm==num the value will be overwritten
-     and produce the wrong result if 'num' is negative: this caused
-     problems with BN_mod() and BN_nnmod().
-     [Steve Henson]
-
-  *) Function OCSP_request_verify(). This checks the signature on an
-     OCSP request and verifies the signer certificate. The signer
-     certificate is just checked for a generic purpose and OCSP request
-     trust settings.
-     [Steve Henson]
-
-  *) Add OCSP_check_validity() function to check the validity of OCSP
-     responses. OCSP responses are prepared in real time and may only
-     be a few seconds old. Simply checking that the current time lies
-     between thisUpdate and nextUpdate max reject otherwise valid responses
-     caused by either OCSP responder or client clock inaccuracy. Instead
-     we allow thisUpdate and nextUpdate to fall within a certain period of
-     the current time. The age of the response can also optionally be
-     checked. Two new options -validity_period and -status_age added to
-     ocsp utility.
-     [Steve Henson]
-
-  *) If signature or public key algorithm is unrecognized print out its
-     OID rather that just UNKNOWN.
-     [Steve Henson]
-
-  *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
-     OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
-     ID to be generated from the issuer certificate alone which can then be
-     passed to OCSP_id_issuer_cmp().
-     [Steve Henson]
-
-  *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
-     ASN1 modules to export functions returning ASN1_ITEM pointers
-     instead of the ASN1_ITEM structures themselves. This adds several
-     new macros which allow the underlying ASN1 function/structure to
-     be accessed transparently. As a result code should not use ASN1_ITEM
-     references directly (such as &X509_it) but instead use the relevant
-     macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
-     use of the new ASN1 code on platforms where exporting structures
-     is problematical (for example in shared libraries) but exporting
-     functions returning pointers to structures is not.
-     [Steve Henson]
-
-  *) Add support for overriding the generation of SSL/TLS session IDs.
-     These callbacks can be registered either in an SSL_CTX or per SSL.
-     The purpose of this is to allow applications to control, if they wish,
-     the arbitrary values chosen for use as session IDs, particularly as it
-     can be useful for session caching in multiple-server environments. A
-     command-line switch for testing this (and any client code that wishes
-     to use such a feature) has been added to "s_server".
-     [Geoff Thorpe, Lutz Jaenicke]
-
-  *) Modify mkdef.pl to recognise and parse preprocessor conditionals
-     of the form '#if defined(...) || defined(...) || ...' and
-     '#if !defined(...) && !defined(...) && ...'.  This also avoids
-     the growing number of special cases it was previously handling.
-     [Richard Levitte]
-
-  *) Make all configuration macros available for application by making
-     sure they are available in opensslconf.h, by giving them names starting
-     with "OPENSSL_" to avoid conflicts with other packages and by making
-     sure e_os2.h will cover all platform-specific cases together with
-     opensslconf.h.
-     Additionally, it is now possible to define configuration/platform-
-     specific names (called "system identities").  In the C code, these
-     are prefixed with "OPENSSL_SYSNAME_".  e_os2.h will create another
-     macro with the name beginning with "OPENSSL_SYS_", which is determined
-     from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
-     what is available.
-     [Richard Levitte]
-
-  *) New option -set_serial to 'req' and 'x509' this allows the serial
-     number to use to be specified on the command line. Previously self
-     signed certificates were hard coded with serial number 0 and the 
-     CA options of 'x509' had to use a serial number in a file which was
-     auto incremented.
-     [Steve Henson]
-
-  *) New options to 'ca' utility to support V2 CRL entry extensions.
-     Currently CRL reason, invalidity date and hold instruction are
-     supported. Add new CRL extensions to V3 code and some new objects.
-     [Steve Henson]
-
-  *) New function EVP_CIPHER_CTX_set_padding() this is used to
-     disable standard block padding (aka PKCS#5 padding) in the EVP
-     API, which was previously mandatory. This means that the data is
-     not padded in any way and so the total length much be a multiple
-     of the block size, otherwise an error occurs.
-     [Steve Henson]
-
-  *) Initial (incomplete) OCSP SSL support.
-     [Steve Henson]
-
-  *) New function OCSP_parse_url(). This splits up a URL into its host,
-     port and path components: primarily to parse OCSP URLs. New -url
-     option to ocsp utility.
-     [Steve Henson]
-
-  *) New nonce behavior. The return value of OCSP_check_nonce() now 
-     reflects the various checks performed. Applications can decide
-     whether to tolerate certain situations such as an absent nonce
-     in a response when one was present in a request: the ocsp application
-     just prints out a warning. New function OCSP_add1_basic_nonce()
-     this is to allow responders to include a nonce in a response even if
-     the request is nonce-less.
-     [Steve Henson]
-
-  *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
-     skipped when using openssl x509 multiple times on a single input file,
-     e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
-     [Bodo Moeller]
-
-  *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
-     set string type: to handle setting ASN1_TIME structures. Fix ca
-     utility to correctly initialize revocation date of CRLs.
-     [Steve Henson]
-
-  *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
-     the clients preferred ciphersuites and rather use its own preferences.
-     Should help to work around M$ SGC (Server Gated Cryptography) bug in
-     Internet Explorer by ensuring unchanged hash method during stepup.
-     (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
-     [Lutz Jaenicke]
-
-  *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
-     to aes and add a new 'exist' option to print out symbols that don't
-     appear to exist.
-     [Steve Henson]
-
-  *) Additional options to ocsp utility to allow flags to be set and
-     additional certificates supplied.
-     [Steve Henson]
-
-  *) Add the option -VAfile to 'openssl ocsp', so the user can give the
-     OCSP client a number of certificate to only verify the response
-     signature against.
-     [Richard Levitte]
-
-  *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
-     handle the new API. Currently only ECB, CBC modes supported. Add new
-     AES OIDs.
-
-     Add TLS AES ciphersuites as described in RFC3268, "Advanced
-     Encryption Standard (AES) Ciphersuites for Transport Layer
-     Security (TLS)".  (In beta versions of OpenSSL 0.9.7, these were
-     not enabled by default and were not part of the "ALL" ciphersuite
-     alias because they were not yet official; they could be
-     explicitly requested by specifying the "AESdraft" ciphersuite
-     group alias.  In the final release of OpenSSL 0.9.7, the group
-     alias is called "AES" and is part of "ALL".)
-     [Ben Laurie, Steve  Henson, Bodo Moeller]
-
-  *) New function OCSP_copy_nonce() to copy nonce value (if present) from
-     request to response.
-     [Steve Henson]
-
-  *) Functions for OCSP responders. OCSP_request_onereq_count(),
-     OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
-     extract information from a certificate request. OCSP_response_create()
-     creates a response and optionally adds a basic response structure.
-     OCSP_basic_add1_status() adds a complete single response to a basic
-     response and returns the OCSP_SINGLERESP structure just added (to allow
-     extensions to be included for example). OCSP_basic_add1_cert() adds a
-     certificate to a basic response and OCSP_basic_sign() signs a basic
-     response with various flags. New helper functions ASN1_TIME_check()
-     (checks validity of ASN1_TIME structure) and ASN1_TIME_to_generalizedtime()
-     (converts ASN1_TIME to GeneralizedTime).
-     [Steve Henson]
-
-  *) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
-     in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
-     structure from a certificate. X509_pubkey_digest() digests the public_key
-     contents: this is used in various key identifiers. 
-     [Steve Henson]
-
-  *) Make sk_sort() tolerate a NULL argument.
-     [Steve Henson reported by Massimiliano Pala <madwolf@comune.modena.it>]
-
-  *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
-     passed by the function are trusted implicitly. If any of them signed the
-     response then it is assumed to be valid and is not verified.
-     [Steve Henson]
-
-  *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
-     to data. This was previously part of the PKCS7 ASN1 code. This
-     was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
-     [Steve Henson, reported by Kenneth R. Robinette
-				<support@securenetterm.com>]
-
-  *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
-     routines: without these tracing memory leaks is very painful.
-     Fix leaks in PKCS12 and PKCS7 routines.
-     [Steve Henson]
-
-  *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
-     Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
-     effectively meant GeneralizedTime would never be used. Now it
-     is initialised to -1 but X509_time_adj() now has to check the value
-     and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
-     V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
-     [Steve Henson, reported by Kenneth R. Robinette
-				<support@securenetterm.com>]
-
-  *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
-     result in a zero length in the ASN1_INTEGER structure which was
-     not consistent with the structure when d2i_ASN1_INTEGER() was used
-     and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER()
-     to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER()
-     where it did not print out a minus for negative ASN1_INTEGER.
-     [Steve Henson]
-
-  *) Add summary printout to ocsp utility. The various functions which
-     convert status values to strings have been renamed to:
-     OCSP_response_status_str(), OCSP_cert_status_str() and
-     OCSP_crl_reason_str() and are no longer static. New options
-     to verify nonce values and to disable verification. OCSP response
-     printout format cleaned up.
-     [Steve Henson]
-
-  *) Add additional OCSP certificate checks. These are those specified
-     in RFC2560. This consists of two separate checks: the CA of the
-     certificate being checked must either be the OCSP signer certificate
-     or the issuer of the OCSP signer certificate. In the latter case the
-     OCSP signer certificate must contain the OCSP signing extended key
-     usage. This check is performed by attempting to match the OCSP
-     signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash
-     in the OCSP_CERTID structures of the response.
-     [Steve Henson]
-
-  *) Initial OCSP certificate verification added to OCSP_basic_verify()
-     and related routines. This uses the standard OpenSSL certificate
-     verify routines to perform initial checks (just CA validity) and
-     to obtain the certificate chain. Then additional checks will be
-     performed on the chain. Currently the root CA is checked to see
-     if it is explicitly trusted for OCSP signing. This is used to set
-     a root CA as a global signing root: that is any certificate that
-     chains to that CA is an acceptable OCSP signing certificate.
-     [Steve Henson]
-
-  *) New '-extfile ...' option to 'openssl ca' for reading X.509v3
-     extensions from a separate configuration file.
-     As when reading extensions from the main configuration file,
-     the '-extensions ...' option may be used for specifying the
-     section to use.
-     [Massimiliano Pala <madwolf@comune.modena.it>]
-
-  *) New OCSP utility. Allows OCSP requests to be generated or
-     read. The request can be sent to a responder and the output
-     parsed, outputed or printed in text form. Not complete yet:
-     still needs to check the OCSP response validity.
-     [Steve Henson]
-
-  *) New subcommands for 'openssl ca':
-     'openssl ca -status <serial>' prints the status of the cert with
-     the given serial number (according to the index file).
-     'openssl ca -updatedb' updates the expiry status of certificates
-     in the index file.
-     [Massimiliano Pala <madwolf@comune.modena.it>]
-
-  *) New '-newreq-nodes' command option to CA.pl.  This is like
-     '-newreq', but calls 'openssl req' with the '-nodes' option
-     so that the resulting key is not encrypted.
-     [Damien Miller <djm@mindrot.org>]
-
-  *) New configuration for the GNU Hurd.
-     [Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte]
-
-  *) Initial code to implement OCSP basic response verify. This
-     is currently incomplete. Currently just finds the signer's
-     certificate and verifies the signature on the response.
-     [Steve Henson]
-
-  *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in
-     value of OPENSSLDIR.  This is available via the new '-d' option
-     to 'openssl version', and is also included in 'openssl version -a'.
-     [Bodo Moeller]
-
-  *) Allowing defining memory allocation callbacks that will be given
-     file name and line number information in additional arguments
-     (a const char* and an int).  The basic functionality remains, as
-     well as the original possibility to just replace malloc(),
-     realloc() and free() by functions that do not know about these
-     additional arguments.  To register and find out the current
-     settings for extended allocation functions, the following
-     functions are provided:
-
-	CRYPTO_set_mem_ex_functions
-	CRYPTO_set_locked_mem_ex_functions
-	CRYPTO_get_mem_ex_functions
-	CRYPTO_get_locked_mem_ex_functions
-
-     These work the same way as CRYPTO_set_mem_functions and friends.
-     CRYPTO_get_[locked_]mem_functions now writes 0 where such an
-     extended allocation function is enabled.
-     Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where
-     a conventional allocation function is enabled.
-     [Richard Levitte, Bodo Moeller]
-
-  *) Finish off removing the remaining LHASH function pointer casts.
-     There should no longer be any prototype-casting required when using
-     the LHASH abstraction, and any casts that remain are "bugs". See
-     the callback types and macros at the head of lhash.h for details
-     (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example).
-     [Geoff Thorpe]
-
-  *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
-     If /dev/[u]random devices are not available or do not return enough
-     entropy, EGD style sockets (served by EGD or PRNGD) will automatically
-     be queried.
-     The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and
-     /etc/entropy will be queried once each in this sequence, quering stops
-     when enough entropy was collected without querying more sockets.
-     [Lutz Jaenicke]
-
-  *) Change the Unix RAND_poll() variant to be able to poll several
-     random devices, as specified by DEVRANDOM, until a sufficient amount
-     of data has been collected.   We spend at most 10 ms on each file
-     (select timeout) and read in non-blocking mode.  DEVRANDOM now
-     defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom"
-     (previously it was just the string "/dev/urandom"), so on typical
-     platforms the 10 ms delay will never occur.
-     Also separate out the Unix variant to its own file, rand_unix.c.
-     For VMS, there's a currently-empty rand_vms.c.
-     [Richard Levitte]
-
-  *) Move OCSP client related routines to ocsp_cl.c. These
-     provide utility functions which an application needing
-     to issue a request to an OCSP responder and analyse the
-     response will typically need: as opposed to those which an
-     OCSP responder itself would need which will be added later.
-
-     OCSP_request_sign() signs an OCSP request with an API similar
-     to PKCS7_sign(). OCSP_response_status() returns status of OCSP
-     response. OCSP_response_get1_basic() extracts basic response
-     from response. OCSP_resp_find_status(): finds and extracts status
-     information from an OCSP_CERTID structure (which will be created
-     when the request structure is built). These are built from lower
-     level functions which work on OCSP_SINGLERESP structures but
-     wont normally be used unless the application wishes to examine
-     extensions in the OCSP response for example.
-
-     Replace nonce routines with a pair of functions.
-     OCSP_request_add1_nonce() adds a nonce value and optionally
-     generates a random value. OCSP_check_nonce() checks the
-     validity of the nonce in an OCSP response.
-     [Steve Henson]
-
-  *) Change function OCSP_request_add() to OCSP_request_add0_id().
-     This doesn't copy the supplied OCSP_CERTID and avoids the
-     need to free up the newly created id. Change return type
-     to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure.
-     This can then be used to add extensions to the request.
-     Deleted OCSP_request_new(), since most of its functionality
-     is now in OCSP_REQUEST_new() (and the case insensitive name
-     clash) apart from the ability to set the request name which
-     will be added elsewhere.
-     [Steve Henson]
-
-  *) Update OCSP API. Remove obsolete extensions argument from
-     various functions. Extensions are now handled using the new
-     OCSP extension code. New simple OCSP HTTP function which 
-     can be used to send requests and parse the response.
-     [Steve Henson]
-
-  *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
-     ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN
-     uses the special reorder version of SET OF to sort the attributes
-     and reorder them to match the encoded order. This resolves a long
-     standing problem: a verify on a PKCS7 structure just after signing
-     it used to fail because the attribute order did not match the
-     encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes:
-     it uses the received order. This is necessary to tolerate some broken
-     software that does not order SET OF. This is handled by encoding
-     as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class)
-     to produce the required SET OF.
-     [Steve Henson]
-
-  *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and
-     OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header
-     files to get correct declarations of the ASN.1 item variables.
-     [Richard Levitte]
-
-  *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
-     PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
-     asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
-     NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
-     New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
-     ASN1_ITEM and no wrapper functions.
-     [Steve Henson]
-
-  *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
-     replace the old function pointer based I/O routines. Change most of
-     the *_d2i_bio() and *_d2i_fp() functions to use these.
-     [Steve Henson]
-
-  *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor
-     lines, recognice more "algorithms" that can be deselected, and make
-     it complain about algorithm deselection that isn't recognised.
-     [Richard Levitte]
-
-  *) New ASN1 functions to handle dup, sign, verify, digest, pack and
-     unpack operations in terms of ASN1_ITEM. Modify existing wrappers
-     to use new functions. Add NO_ASN1_OLD which can be set to remove
-     some old style ASN1 functions: this can be used to determine if old
-     code will still work when these eventually go away.
-     [Steve Henson]
-
-  *) New extension functions for OCSP structures, these follow the
-     same conventions as certificates and CRLs.
-     [Steve Henson]
-
-  *) New function X509V3_add1_i2d(). This automatically encodes and
-     adds an extension. Its behaviour can be customised with various
-     flags to append, replace or delete. Various wrappers added for
-     certifcates and CRLs.
-     [Steve Henson]
-
-  *) Fix to avoid calling the underlying ASN1 print routine when
-     an extension cannot be parsed. Correct a typo in the
-     OCSP_SERVICELOC extension. Tidy up print OCSP format.
-     [Steve Henson]
-
-  *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
-     entries for variables.
-     [Steve Henson]
-
-  *) Add functionality to apps/openssl.c for detecting locking
-     problems: As the program is single-threaded, all we have
-     to do is register a locking callback using an array for
-     storing which locks are currently held by the program.
-     [Bodo Moeller]
-
-  *) Use a lock around the call to CRYPTO_get_ex_new_index() in
-     SSL_get_ex_data_X509_STORE_idx(), which is used in
-     ssl_verify_cert_chain() and thus can be called at any time
-     during TLS/SSL handshakes so that thread-safety is essential.
-     Unfortunately, the ex_data design is not at all suited
-     for multi-threaded use, so it probably should be abolished.
-     [Bodo Moeller]
-
-  *) Added Broadcom "ubsec" ENGINE to OpenSSL.
-     [Broadcom, tweaked and integrated by Geoff Thorpe]
-
-  *) Move common extension printing code to new function
-     X509V3_print_extensions(). Reorganise OCSP print routines and
-     implement some needed OCSP ASN1 functions. Add OCSP extensions.
-     [Steve Henson]
-
-  *) New function X509_signature_print() to remove duplication in some
-     print routines.
-     [Steve Henson]
-
-  *) Add a special meaning when SET OF and SEQUENCE OF flags are both
-     set (this was treated exactly the same as SET OF previously). This
-     is used to reorder the STACK representing the structure to match the
-     encoding. This will be used to get round a problem where a PKCS7
-     structure which was signed could not be verified because the STACK
-     order did not reflect the encoded order.
-     [Steve Henson]
-
-  *) Reimplement the OCSP ASN1 module using the new code.
-     [Steve Henson]
-
-  *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
-     for its ASN1 operations. The old style function pointers still exist
-     for now but they will eventually go away.
-     [Steve Henson]
-
-  *) Merge in replacement ASN1 code from the ASN1 branch. This almost
-     completely replaces the old ASN1 functionality with a table driven
-     encoder and decoder which interprets an ASN1_ITEM structure describing
-     the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is
-     largely maintained. Almost all of the old asn1_mac.h macro based ASN1
-     has also been converted to the new form.
-     [Steve Henson]
-
-  *) Change BN_mod_exp_recp so that negative moduli are tolerated
-     (the sign is ignored).  Similarly, ignore the sign in BN_MONT_CTX_set
-     so that BN_mod_exp_mont and BN_mod_exp_mont_word work
-     for negative moduli.
-     [Bodo Moeller]
-
-  *) Fix BN_uadd and BN_usub: Always return non-negative results instead
-     of not touching the result's sign bit.
-     [Bodo Moeller]
-
-  *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
-     set.
-     [Bodo Moeller]
-
-  *) Changed the LHASH code to use prototypes for callbacks, and created
-     macros to declare and implement thin (optionally static) functions
-     that provide type-safety and avoid function pointer casting for the
-     type-specific callbacks.
-     [Geoff Thorpe]
-
-  *) Added Kerberos Cipher Suites to be used with TLS, as written in
-     RFC 2712.
-     [Veers Staats <staatsvr@asc.hpc.mil>,
-      Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte]
-
-  *) Reformat the FAQ so the different questions and answers can be divided
-     in sections depending on the subject.
-     [Richard Levitte]
-
-  *) Have the zlib compression code load ZLIB.DLL dynamically under
-     Windows.
-     [Richard Levitte]
-
-  *) New function BN_mod_sqrt for computing square roots modulo a prime
-     (using the probabilistic Tonelli-Shanks algorithm unless
-     p == 3 (mod 4)  or  p == 5 (mod 8),  which are cases that can
-     be handled deterministically).
-     [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
-
-  *) Make BN_mod_inverse faster by explicitly handling small quotients
-     in the Euclid loop. (Speed gain about 20% for small moduli [256 or
-     512 bits], about 30% for larger ones [1024 or 2048 bits].)
-     [Bodo Moeller]
-
-  *) New function BN_kronecker.
-     [Bodo Moeller]
-
-  *) Fix BN_gcd so that it works on negative inputs; the result is
-     positive unless both parameters are zero.
-     Previously something reasonably close to an infinite loop was
-     possible because numbers could be growing instead of shrinking
-     in the implementation of Euclid's algorithm.
-     [Bodo Moeller]
-
-  *) Fix BN_is_word() and BN_is_one() macros to take into account the
-     sign of the number in question.
-
-     Fix BN_is_word(a,w) to work correctly for w == 0.
-
-     The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w)
-     because its test if the absolute value of 'a' equals 'w'.
-     Note that BN_abs_is_word does *not* handle w == 0 reliably;
-     it exists mostly for use in the implementations of BN_is_zero(),
-     BN_is_one(), and BN_is_word().
-     [Bodo Moeller]
-
-  *) New function BN_swap.
-     [Bodo Moeller]
-
-  *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that
-     the exponentiation functions are more likely to produce reasonable
-     results on negative inputs.
-     [Bodo Moeller]
-
-  *) Change BN_mod_mul so that the result is always non-negative.
-     Previously, it could be negative if one of the factors was negative;
-     I don't think anyone really wanted that behaviour.
-     [Bodo Moeller]
-
-  *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
-     (except for exponentiation, which stays in crypto/bn/bn_exp.c,
-     and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
-     and add new functions:
-
-          BN_nnmod
-          BN_mod_sqr
-          BN_mod_add
-          BN_mod_add_quick
-          BN_mod_sub
-          BN_mod_sub_quick
-          BN_mod_lshift1
-          BN_mod_lshift1_quick
-          BN_mod_lshift
-          BN_mod_lshift_quick
-
-     These functions always generate non-negative results.
-
-     BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder  r
-     such that  |m| < r < 0,  BN_nnmod will output  rem + |m|  instead).
-
-     BN_mod_XXX_quick(r, a, [b,] m) generates the same result as
-     BN_mod_XXX(r, a, [b,] m, ctx), but requires that  a  [and  b]
-     be reduced modulo  m.
-     [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
-
-#if 0
-     The following entry accidentily appeared in the CHANGES file
-     distributed with OpenSSL 0.9.7.  The modifications described in
-     it do *not* apply to OpenSSL 0.9.7.
-
-  *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
-     was actually never needed) and in BN_mul().  The removal in BN_mul()
-     required a small change in bn_mul_part_recursive() and the addition
-     of the functions bn_cmp_part_words(), bn_sub_part_words() and
-     bn_add_part_words(), which do the same thing as bn_cmp_words(),
-     bn_sub_words() and bn_add_words() except they take arrays with
-     differing sizes.
-     [Richard Levitte]
-#endif
-
-  *) In 'openssl passwd', verify passwords read from the terminal
-     unless the '-salt' option is used (which usually means that
-     verification would just waste user's time since the resulting
-     hash is going to be compared with some given password hash)
-     or the new '-noverify' option is used.
-
-     This is an incompatible change, but it does not affect
-     non-interactive use of 'openssl passwd' (passwords on the command
-     line, '-stdin' option, '-in ...' option) and thus should not
-     cause any problems.
-     [Bodo Moeller]
-
-  *) Remove all references to RSAref, since there's no more need for it.
-     [Richard Levitte]
-
-  *) Make DSO load along a path given through an environment variable
-     (SHLIB_PATH) with shl_load().
-     [Richard Levitte]
-
-  *) Constify the ENGINE code as a result of BIGNUM constification.
-     Also constify the RSA code and most things related to it.  In a
-     few places, most notable in the depth of the ASN.1 code, ugly
-     casts back to non-const were required (to be solved at a later
-     time)
-     [Richard Levitte]
-
-  *) Make it so the openssl application has all engines loaded by default.
-     [Richard Levitte]
-
-  *) Constify the BIGNUM routines a little more.
-     [Richard Levitte]
-
-  *) Add the following functions:
-
-	ENGINE_load_cswift()
-	ENGINE_load_chil()
-	ENGINE_load_atalla()
-	ENGINE_load_nuron()
-	ENGINE_load_builtin_engines()
-
-     That way, an application can itself choose if external engines that
-     are built-in in OpenSSL shall ever be used or not.  The benefit is
-     that applications won't have to be linked with libdl or other dso
-     libraries unless it's really needed.
-
-     Changed 'openssl engine' to load all engines on demand.
-     Changed the engine header files to avoid the duplication of some
-     declarations (they differed!).
-     [Richard Levitte]
-
-  *) 'openssl engine' can now list capabilities.
-     [Richard Levitte]
-
-  *) Better error reporting in 'openssl engine'.
-     [Richard Levitte]
-
-  *) Never call load_dh_param(NULL) in s_server.
-     [Bodo Moeller]
-
-  *) Add engine application.  It can currently list engines by name and
-     identity, and test if they are actually available.
-     [Richard Levitte]
-
-  *) Improve RPM specification file by forcing symbolic linking and making
-     sure the installed documentation is also owned by root.root.
-     [Damien Miller <djm@mindrot.org>]
-
-  *) Give the OpenSSL applications more possibilities to make use of
-     keys (public as well as private) handled by engines.
-     [Richard Levitte]
-
-  *) Add OCSP code that comes from CertCo.
-     [Richard Levitte]
-
-  *) Add VMS support for the Rijndael code.
-     [Richard Levitte]
-
-  *) Added untested support for Nuron crypto accelerator.
-     [Ben Laurie]
-
-  *) Add support for external cryptographic devices.  This code was
-     previously distributed separately as the "engine" branch.
-     [Geoff Thorpe, Richard Levitte]
-
-  *) Rework the filename-translation in the DSO code. It is now possible to
-     have far greater control over how a "name" is turned into a filename
-     depending on the operating environment and any oddities about the
-     different shared library filenames on each system.
-     [Geoff Thorpe]
-
-  *) Support threads on FreeBSD-elf in Configure.
-     [Richard Levitte]
-
-  *) Fix for SHA1 assembly problem with MASM: it produces
-     warnings about corrupt line number information when assembling
-     with debugging information. This is caused by the overlapping
-     of two sections.
-     [Bernd Matthes <mainbug@celocom.de>, Steve Henson]
-
-  *) NCONF changes.
-     NCONF_get_number() has no error checking at all.  As a replacement,
-     NCONF_get_number_e() is defined (_e for "error checking") and is
-     promoted strongly.  The old NCONF_get_number is kept around for
-     binary backward compatibility.
-     Make it possible for methods to load from something other than a BIO,
-     by providing a function pointer that is given a name instead of a BIO.
-     For example, this could be used to load configuration data from an
-     LDAP server.
-     [Richard Levitte]
-
-  *) Fix for non blocking accept BIOs. Added new I/O special reason
-     BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
-     with non blocking I/O was not possible because no retry code was
-     implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
-     this case.
-     [Steve Henson]
-
-  *) Added the beginnings of Rijndael support.
-     [Ben Laurie]
-
-  *) Fix for bug in DirectoryString mask setting. Add support for
-     X509_NAME_print_ex() in 'req' and X509_print_ex() function
-     to allow certificate printing to more controllable, additional
-     'certopt' option to 'x509' to allow new printing options to be
-     set.
-     [Steve Henson]
-
-  *) Clean old EAY MD5 hack from e_os.h.
-     [Richard Levitte]
-
- Changes between 0.9.6h and 0.9.6i  [19 Feb 2003]
-
-  *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
-     via timing by performing a MAC computation even if incorrrect
-     block cipher padding has been found.  This is a countermeasure
-     against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
-
-     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
-     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
-     Martin Vuagnoux (EPFL, Ilion)]
-
- Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]
-
-  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
-     memory from it's contents.  This is done with a counter that will
-     place alternating values in each byte.  This can be used to solve
-     two issues: 1) the removal of calls to memset() by highly optimizing
-     compilers, and 2) cleansing with other values than 0, since those can
-     be read through on certain media, for example a swap space on disk.
-     [Geoff Thorpe]
-
-  *) Bugfix: client side session caching did not work with external caching,
-     because the session->cipher setting was not restored when reloading
-     from the external cache. This problem was masked, when
-     SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
-     (Found by Steve Haslam <steve@araqnid.ddts.net>.)
-     [Lutz Jaenicke]
-
-  *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
-     length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
-     [Zeev Lieber <zeev-l@yahoo.com>]
-
-  *) Undo an undocumented change introduced in 0.9.6e which caused
-     repeated calls to OpenSSL_add_all_ciphers() and 
-     OpenSSL_add_all_digests() to be ignored, even after calling
-     EVP_cleanup().
-     [Richard Levitte]
-
-  *) Change the default configuration reader to deal with last line not
-     being properly terminated.
-     [Richard Levitte]
-
-  *) Change X509_NAME_cmp() so it applies the special rules on handling
-     DN values that are of type PrintableString, as well as RDNs of type
-     emailAddress where the value has the type ia5String.
-     [stefank@valicert.com via Richard Levitte]
-
-  *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
-     the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
-     doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
-     the bitwise-OR of the two for use by the majority of applications
-     wanting this behaviour, and update the docs. The documented
-     behaviour and actual behaviour were inconsistent and had been
-     changing anyway, so this is more a bug-fix than a behavioural
-     change.
-     [Geoff Thorpe, diagnosed by Nadav Har'El]
-
-  *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
-     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
-     [Bodo Moeller]
-
-  *) Fix initialization code race conditions in
-        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
-        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
-        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
-        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
-        ssl2_get_cipher_by_char(),
-        ssl3_get_cipher_by_char().
-     [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]
-
-  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
-     the cached sessions are flushed, as the remove_cb() might use ex_data
-     contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
-     (see [openssl.org #212]).
-     [Geoff Thorpe, Lutz Jaenicke]
-
-  *) Fix typo in OBJ_txt2obj which incorrectly passed the content
-     length, instead of the encoding length to d2i_ASN1_OBJECT.
-     [Steve Henson]
-
- Changes between 0.9.6f and 0.9.6g  [9 Aug 2002]
-
-  *) [In 0.9.6g-engine release:]
-     Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
-     [Lynn Gazis <lgazis@rainbow.com>]
-
- Changes between 0.9.6e and 0.9.6f  [8 Aug 2002]
-
-  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
-     and get fix the header length calculation.
-     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
-	Alon Kantor <alonk@checkpoint.com> (and others),
-	Steve Henson]
-
-  *) Use proper error handling instead of 'assertions' in buffer
-     overflow checks added in 0.9.6e.  This prevents DoS (the
-     assertions could call abort()).
-     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
-
- Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
-
-  *) Add various sanity checks to asn1_get_length() to reject
-     the ASN1 length bytes if they exceed sizeof(long), will appear
-     negative or the content length exceeds the length of the
-     supplied buffer.
-     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
-
-  *) Fix cipher selection routines: ciphers without encryption had no flags
-     for the cipher strength set and where therefore not handled correctly
-     by the selection routines (PR #130).
-     [Lutz Jaenicke]
-
-  *) Fix EVP_dsa_sha macro.
-     [Nils Larsch]
-
-  *) New option
-          SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-     for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
-     that was added in OpenSSL 0.9.6d.
-
-     As the countermeasure turned out to be incompatible with some
-     broken SSL implementations, the new option is part of SSL_OP_ALL.
-     SSL_OP_ALL is usually employed when compatibility with weird SSL
-     implementations is desired (e.g. '-bugs' option to 's_client' and
-     's_server'), so the new option is automatically set in many
-     applications.
-     [Bodo Moeller]
-
-  *) Changes in security patch:
-
-     Changes marked "(CHATS)" were sponsored by the Defense Advanced
-     Research Projects Agency (DARPA) and Air Force Research Laboratory,
-     Air Force Materiel Command, USAF, under agreement number
-     F30602-01-2-0537.
-
-  *) Add various sanity checks to asn1_get_length() to reject
-     the ASN1 length bytes if they exceed sizeof(long), will appear
-     negative or the content length exceeds the length of the
-     supplied buffer. (CAN-2002-0659)
-     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
-
-  *) Assertions for various potential buffer overflows, not known to
-     happen in practice.
-     [Ben Laurie (CHATS)]
-
-  *) Various temporary buffers to hold ASCII versions of integers were
-     too small for 64 bit platforms. (CAN-2002-0655)
-     [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
-
-  *) Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized session ID to a client. (CAN-2002-0656)
-     [Ben Laurie (CHATS)]
-
-  *) Remote buffer overflow in SSL2 protocol - an attacker could
-     supply an oversized client master key. (CAN-2002-0656)
-     [Ben Laurie (CHATS)]
-
- Changes between 0.9.6c and 0.9.6d  [9 May 2002]
-
-  *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
-     encoded as NULL) with id-dsa-with-sha1.
-     [Nils Larsch <nla@trustcenter.de>; problem pointed out by Bodo Moeller]
-
-  *) Check various X509_...() return values in apps/req.c.
-     [Nils Larsch <nla@trustcenter.de>]
-
-  *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
-     an end-of-file condition would erronously be flagged, when the CRLF
-     was just at the end of a processed block. The bug was discovered when
-     processing data through a buffering memory BIO handing the data to a
-     BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
-     <ptsekov@syntrex.com> and Nedelcho Stanev.
-     [Lutz Jaenicke]
-
-  *) Implement a countermeasure against a vulnerability recently found
-     in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
-     before application data chunks to avoid the use of known IVs
-     with data potentially chosen by the attacker.
-     [Bodo Moeller]
-
-  *) Fix length checks in ssl3_get_client_hello().
-     [Bodo Moeller]
-
-  *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
-     to prevent ssl3_read_internal() from incorrectly assuming that
-     ssl3_read_bytes() found application data while handshake
-     processing was enabled when in fact s->s3->in_read_app_data was
-     merely automatically cleared during the initial handshake.
-     [Bodo Moeller; problem pointed out by Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Fix object definitions for Private and Enterprise: they were not
-     recognized in their shortname (=lowercase) representation. Extend
-     obj_dat.pl to issue an error when using undefined keywords instead
-     of silently ignoring the problem (Svenning Sorensen
-     <sss@sss.dnsalias.net>).
-     [Lutz Jaenicke]
-
-  *) Fix DH_generate_parameters() so that it works for 'non-standard'
-     generators, i.e. generators other than 2 and 5.  (Previously, the
-     code did not properly initialise the 'add' and 'rem' values to
-     BN_generate_prime().)
-
-     In the new general case, we do not insist that 'generator' is
-     actually a primitive root: This requirement is rather pointless;
-     a generator of the order-q subgroup is just as good, if not
-     better.
-     [Bodo Moeller]
- 
-  *) Map new X509 verification errors to alerts. Discovered and submitted by
-     Tom Wu <tom@arcot.com>.
-     [Lutz Jaenicke]
-
-  *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
-     returning non-zero before the data has been completely received
-     when using non-blocking I/O.
-     [Bodo Moeller; problem pointed out by John Hughes]
-
-  *) Some of the ciphers missed the strength entry (SSL_LOW etc).
-     [Ben Laurie, Lutz Jaenicke]
-
-  *) Fix bug in SSL_clear(): bad sessions were not removed (found by
-     Yoram Zahavi <YoramZ@gilian.com>).
-     [Lutz Jaenicke]
-
-  *) Add information about CygWin 1.3 and on, and preserve proper
-     configuration for the versions before that.
-     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
-
-  *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
-     check whether we deal with a copy of a session and do not delete from
-     the cache in this case. Problem reported by "Izhar Shoshani Levi"
-     <izhar@checkpoint.com>.
-     [Lutz Jaenicke]
-
-  *) Do not store session data into the internal session cache, if it
-     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
-     flag is set). Proposed by Aslam <aslam@funk.com>.
-     [Lutz Jaenicke]
-
-  *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
-     value is 0.
-     [Richard Levitte]
-
-  *) [In 0.9.6d-engine release:]
-     Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
-     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
-
-  *) Add the configuration target linux-s390x.
-     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
-
-  *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
-     ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
-     variable as an indication that a ClientHello message has been
-     received.  As the flag value will be lost between multiple
-     invocations of ssl3_accept when using non-blocking I/O, the
-     function may not be aware that a handshake has actually taken
-     place, thus preventing a new session from being added to the
-     session cache.
-
-     To avoid this problem, we now set s->new_session to 2 instead of
-     using a local variable.
-     [Lutz Jaenicke, Bodo Moeller]
-
-  *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
-     if the SSL_R_LENGTH_MISMATCH error is detected.
-     [Geoff Thorpe, Bodo Moeller]
-
-  *) New 'shared_ldflag' column in Configure platform table.
-     [Richard Levitte]
-
-  *) Fix EVP_CIPHER_mode macro.
-     ["Dan S. Camper" <dan@bti.net>]
-
-  *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
-     type, we must throw them away by setting rr->length to 0.
-     [D P Chang <dpc@qualys.com>]
-
- Changes between 0.9.6b and 0.9.6c  [21 dec 2001]
-
-  *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
-     <Dominikus.Scherkl@biodata.com>.  (The previous implementation
-     worked incorrectly for those cases where  range = 10..._2  and
-     3*range  is two bits longer than  range.)
-     [Bodo Moeller]
-
-  *) Only add signing time to PKCS7 structures if it is not already
-     present.
-     [Steve Henson]
-
-  *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
-     OBJ_ld_ce should be OBJ_id_ce.
-     Also some ip-pda OIDs in crypto/objects/objects.txt were
-     incorrect (cf. RFC 3039).
-     [Matt Cooper, Frederic Giudicelli, Bodo Moeller]
-
-  *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
-     returns early because it has nothing to do.
-     [Andy Schneider <andy.schneider@bjss.co.uk>]
-
-  *) [In 0.9.6c-engine release:]
-     Fix mutex callback return values in crypto/engine/hw_ncipher.c.
-     [Andy Schneider <andy.schneider@bjss.co.uk>]
-
-  *) [In 0.9.6c-engine release:]
-     Add support for Cryptographic Appliance's keyserver technology.
-     (Use engine 'keyclient')
-     [Cryptographic Appliances and Geoff Thorpe]
-
-  *) Add a configuration entry for OS/390 Unix.  The C compiler 'c89'
-     is called via tools/c89.sh because arguments have to be
-     rearranged (all '-L' options must appear before the first object
-     modules).
-     [Richard Shapiro <rshapiro@abinitio.com>]
-
-  *) [In 0.9.6c-engine release:]
-     Add support for Broadcom crypto accelerator cards, backported
-     from 0.9.7.
-     [Broadcom, Nalin Dahyabhai <nalin@redhat.com>, Mark Cox]
-
-  *) [In 0.9.6c-engine release:]
-     Add support for SureWare crypto accelerator cards from 
-     Baltimore Technologies.  (Use engine 'sureware')
-     [Baltimore Technologies and Mark Cox]
-
-  *) [In 0.9.6c-engine release:]
-     Add support for crypto accelerator cards from Accelerated
-     Encryption Processing, www.aep.ie.  (Use engine 'aep')
-     [AEP Inc. and Mark Cox]
-
-  *) Add a configuration entry for gcc on UnixWare.
-     [Gary Benson <gbenson@redhat.com>]
-
-  *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
-     messages are stored in a single piece (fixed-length part and
-     variable-length part combined) and fix various bugs found on the way.
-     [Bodo Moeller]
-
-  *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
-     instead.  BIO_gethostbyname() does not know what timeouts are
-     appropriate, so entries would stay in cache even when they have
-     become invalid.
-     [Bodo Moeller; problem pointed out by Rich Salz <rsalz@zolera.com>
-
-  *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
-     faced with a pathologically small ClientHello fragment that does
-     not contain client_version: Instead of aborting with an error,
-     simply choose the highest available protocol version (i.e.,
-     TLS 1.0 unless it is disabled).  In practice, ClientHello
-     messages are never sent like this, but this change gives us
-     strictly correct behaviour at least for TLS.
-     [Bodo Moeller]
-
-  *) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
-     never resets s->method to s->ctx->method when called from within
-     one of the SSL handshake functions.
-     [Bodo Moeller; problem pointed out by Niko Baric]
-
-  *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
-     (sent using the client's version number) if client_version is
-     smaller than the protocol version in use.  Also change
-     ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
-     the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
-     the client will at least see that alert.
-     [Bodo Moeller]
-
-  *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
-     correctly.
-     [Bodo Moeller]
-
-  *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
-     client receives HelloRequest while in a handshake.
-     [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>]
-
-  *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
-     should end in 'break', not 'goto end' which circuments various
-     cleanups done in state SSL_ST_OK.   But session related stuff
-     must be disabled for SSL_ST_OK in the case that we just sent a
-     HelloRequest.
-
-     Also avoid some overhead by not calling ssl_init_wbio_buffer()
-     before just sending a HelloRequest.
-     [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
-
-  *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
-     reveal whether illegal block cipher padding was found or a MAC
-     verification error occured.  (Neither SSLerr() codes nor alerts
-     are directly visible to potential attackers, but the information
-     may leak via logfiles.)
-
-     Similar changes are not required for the SSL 2.0 implementation
-     because the number of padding bytes is sent in clear for SSL 2.0,
-     and the extra bytes are just ignored.  However ssl/s2_pkt.c
-     failed to verify that the purported number of padding bytes is in
-     the legal range.
-     [Bodo Moeller]
-
-  *) Add OpenUNIX-8 support including shared libraries
-     (Boyd Lynn Gerber <gerberb@zenez.com>).
-     [Lutz Jaenicke]
-
-  *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
-     'wristwatch attack' using huge encoding parameters (cf.
-     James H. Manger's CRYPTO 2001 paper).  Note that the
-     RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
-     encoding parameters and hence was not vulnerable.
-     [Bodo Moeller]
-
-  *) BN_sqr() bug fix.
-     [Ulf Möller, reported by Jim Ellis <jim.ellis@cavium.com>]
-
-  *) Rabin-Miller test analyses assume uniformly distributed witnesses,
-     so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
-     followed by modular reduction.
-     [Bodo Moeller; pointed out by Adam Young <AYoung1@NCSUS.JNJ.COM>]
-
-  *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
-     equivalent based on BN_pseudo_rand() instead of BN_rand().
-     [Bodo Moeller]
-
-  *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
-     This function was broken, as the check for a new client hello message
-     to handle SGC did not allow these large messages.
-     (Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
-     [Lutz Jaenicke]
-
-  *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
-     [Lutz Jaenicke]
-
-  *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
-     for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
-     [Lutz Jaenicke]
-
-  *) Rework the configuration and shared library support for Tru64 Unix.
-     The configuration part makes use of modern compiler features and
-     still retains old compiler behavior for those that run older versions
-     of the OS.  The shared library support part includes a variant that
-     uses the RPATH feature, and is available through the special
-     configuration target "alpha-cc-rpath", which will never be selected
-     automatically.
-     [Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
-
-  *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
-     with the same message size as in ssl3_get_certificate_request().
-     Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
-     messages might inadvertently be reject as too long.
-     [Petr Lampa <lampa@fee.vutbr.cz>]
-
-  *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
-     [Andy Polyakov]
-
-  *) Modified SSL library such that the verify_callback that has been set
-     specificly for an SSL object with SSL_set_verify() is actually being
-     used. Before the change, a verify_callback set with this function was
-     ignored and the verify_callback() set in the SSL_CTX at the time of
-     the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
-     to allow the necessary settings.
-     [Lutz Jaenicke]
-
-  *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
-     explicitly to NULL, as at least on Solaris 8 this seems not always to be
-     done automatically (in contradiction to the requirements of the C
-     standard). This made problems when used from OpenSSH.
-     [Lutz Jaenicke]
-
-  *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
-     dh->length and always used
-
-          BN_rand_range(priv_key, dh->p).
-
-     BN_rand_range() is not necessary for Diffie-Hellman, and this
-     specific range makes Diffie-Hellman unnecessarily inefficient if
-     dh->length (recommended exponent length) is much smaller than the
-     length of dh->p.  We could use BN_rand_range() if the order of
-     the subgroup was stored in the DH structure, but we only have
-     dh->length.
-
-     So switch back to
-
-          BN_rand(priv_key, l, ...)
-
-     where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
-     otherwise.
-     [Bodo Moeller]
-
-  *) In
-
-          RSA_eay_public_encrypt
-          RSA_eay_private_decrypt
-          RSA_eay_private_encrypt (signing)
-          RSA_eay_public_decrypt (signature verification)
-
-     (default implementations for RSA_public_encrypt,
-     RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
-     always reject numbers >= n.
-     [Bodo Moeller]
-
-  *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
-     to synchronize access to 'locking_thread'.  This is necessary on
-     systems where access to 'locking_thread' (an 'unsigned long'
-     variable) is not atomic.
-     [Bodo Moeller]
-
-  *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
-     *before* setting the 'crypto_lock_rand' flag.  The previous code had
-     a race condition if 0 is a valid thread ID.
-     [Travis Vitek <vitek@roguewave.com>]
-
-  *) Add support for shared libraries under Irix.
-     [Albert Chin-A-Young <china@thewrittenword.com>]
-
-  *) Add configuration option to build on Linux on both big-endian and
-     little-endian MIPS.
-     [Ralf Baechle <ralf@uni-koblenz.de>]
-
-  *) Add the possibility to create shared libraries on HP-UX.
-     [Richard Levitte]
-
- Changes between 0.9.6a and 0.9.6b  [9 Jul 2001]
-
-  *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
-     to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
-     Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
-     PRNG state recovery was possible based on the output of
-     one PRNG request appropriately sized to gain knowledge on
-     'md' followed by enough consecutive 1-byte PRNG requests
-     to traverse all of 'state'.
-
-     1. When updating 'md_local' (the current thread's copy of 'md')
-        during PRNG output generation, hash all of the previous
-        'md_local' value, not just the half used for PRNG output.
-
-     2. Make the number of bytes from 'state' included into the hash
-        independent from the number of PRNG bytes requested.
-
-     The first measure alone would be sufficient to avoid
-     Markku-Juhani's attack.  (Actually it had never occurred
-     to me that the half of 'md_local' used for chaining was the
-     half from which PRNG output bytes were taken -- I had always
-     assumed that the secret half would be used.)  The second
-     measure makes sure that additional data from 'state' is never
-     mixed into 'md_local' in small portions; this heuristically
-     further strengthens the PRNG.
-     [Bodo Moeller]
-
-  *) Fix crypto/bn/asm/mips3.s.
-     [Andy Polyakov]
-
-  *) When only the key is given to "enc", the IV is undefined. Print out
-     an error message in this case.
-     [Lutz Jaenicke]
-
-  *) Handle special case when X509_NAME is empty in X509 printing routines.
-     [Steve Henson]
-
-  *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
-     positive and less than q.
-     [Bodo Moeller]
-
-  *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
-     used: it isn't thread safe and the add_lock_callback should handle
-     that itself.
-     [Paul Rose <Paul.Rose@bridge.com>]
-
-  *) Verify that incoming data obeys the block size in
-     ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
-     [Bodo Moeller]
-
-  *) Fix OAEP check.
-     [Ulf Möller, Bodo Möller]
-
-  *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
-     RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
-     when fixing the server behaviour for backwards-compatible 'client
-     hello' messages.  (Note that the attack is impractical against
-     SSL 3.0 and TLS 1.0 anyway because length and version checking
-     means that the probability of guessing a valid ciphertext is
-     around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
-     paper.)
-
-     Before 0.9.5, the countermeasure (hide the error by generating a
-     random 'decryption result') did not work properly because
-     ERR_clear_error() was missing, meaning that SSL_get_error() would
-     detect the supposedly ignored error.
-
-     Both problems are now fixed.
-     [Bodo Moeller]
-
-  *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
-     (previously it was 1024).
-     [Bodo Moeller]
-
-  *) Fix for compatibility mode trust settings: ignore trust settings
-     unless some valid trust or reject settings are present.
-     [Steve Henson]
-
-  *) Fix for blowfish EVP: its a variable length cipher.
-     [Steve Henson]
-
-  *) Fix various bugs related to DSA S/MIME verification. Handle missing
-     parameters in DSA public key structures and return an error in the
-     DSA routines if parameters are absent.
-     [Steve Henson]
-
-  *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
-     in the current directory if neither $RANDFILE nor $HOME was set.
-     RAND_file_name() in 0.9.6a returned NULL in this case.  This has
-     caused some confusion to Windows users who haven't defined $HOME.
-     Thus RAND_file_name() is changed again: e_os.h can define a
-     DEFAULT_HOME, which will be used if $HOME is not set.
-     For Windows, we use "C:"; on other platforms, we still require
-     environment variables.
-
-  *) Move 'if (!initialized) RAND_poll()' into regions protected by
-     CRYPTO_LOCK_RAND.  This is not strictly necessary, but avoids
-     having multiple threads call RAND_poll() concurrently.
-     [Bodo Moeller]
-
-  *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
-     combination of a flag and a thread ID variable.
-     Otherwise while one thread is in ssleay_rand_bytes (which sets the
-     flag), *other* threads can enter ssleay_add_bytes without obeying
-     the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
-     that they do not hold after the first thread unsets add_do_not_lock).
-     [Bodo Moeller]
-
-  *) Change bctest again: '-x' expressions are not available in all
-     versions of 'test'.
-     [Bodo Moeller]
-
- Changes between 0.9.6 and 0.9.6a  [5 Apr 2001]
-
-  *) Fix a couple of memory leaks in PKCS7_dataDecode()
-     [Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]
-
-  *) Change Configure and Makefiles to provide EXE_EXT, which will contain
-     the default extension for executables, if any.  Also, make the perl
-     scripts that use symlink() to test if it really exists and use "cp"
-     if it doesn't.  All this made OpenSSL compilable and installable in
-     CygWin.
-     [Richard Levitte]
-
-  *) Fix for asn1_GetSequence() for indefinite length constructed data.
-     If SEQUENCE is length is indefinite just set c->slen to the total
-     amount of data available.
-     [Steve Henson, reported by shige@FreeBSD.org]
-     [This change does not apply to 0.9.7.]
-
-  *) Change bctest to avoid here-documents inside command substitution
-     (workaround for FreeBSD /bin/sh bug).
-     For compatibility with Ultrix, avoid shell functions (introduced
-     in the bctest version that searches along $PATH).
-     [Bodo Moeller]
-
-  *) Rename 'des_encrypt' to 'des_encrypt1'.  This avoids the clashes
-     with des_encrypt() defined on some operating systems, like Solaris
-     and UnixWare.
-     [Richard Levitte]
-
-  *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
-     On the Importance of Eliminating Errors in Cryptographic
-     Computations, J. Cryptology 14 (2001) 2, 101-119,
-     http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
-     [Ulf Moeller]
-  
-  *) MIPS assembler BIGNUM division bug fix. 
-     [Andy Polyakov]
-
-  *) Disabled incorrect Alpha assembler code.
-     [Richard Levitte]
-
-  *) Fix PKCS#7 decode routines so they correctly update the length
-     after reading an EOC for the EXPLICIT tag.
-     [Steve Henson]
-     [This change does not apply to 0.9.7.]
-
-  *) Fix bug in PKCS#12 key generation routines. This was triggered
-     if a 3DES key was generated with a 0 initial byte. Include
-     PKCS12_BROKEN_KEYGEN compilation option to retain the old
-     (but broken) behaviour.
-     [Steve Henson]
-
-  *) Enhance bctest to search for a working bc along $PATH and print
-     it when found.
-     [Tim Rice <tim@multitalents.net> via Richard Levitte]
-
-  *) Fix memory leaks in err.c: free err_data string if necessary;
-     don't write to the wrong index in ERR_set_error_data.
-     [Bodo Moeller]
-
-  *) Implement ssl23_peek (analogous to ssl23_read), which previously
-     did not exist.
-     [Bodo Moeller]
-
-  *) Replace rdtsc with _emit statements for VC++ version 5.
-     [Jeremy Cooper <jeremy@baymoo.org>]
-
-  *) Make it possible to reuse SSLv2 sessions.
-     [Richard Levitte]
-
-  *) In copy_email() check for >= 0 as a return value for
-     X509_NAME_get_index_by_NID() since 0 is a valid index.
-     [Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
-
-  *) Avoid coredump with unsupported or invalid public keys by checking if
-     X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
-     PKCS7_verify() fails with non detached data.
-     [Steve Henson]
-
-  *) Don't use getenv in library functions when run as setuid/setgid.
-     New function OPENSSL_issetugid().
-     [Ulf Moeller]
-
-  *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
-     due to incorrect handling of multi-threading:
-
-     1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
-
-     2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
-
-     3. Count how many times MemCheck_off() has been called so that
-        nested use can be treated correctly.  This also avoids 
-        inband-signalling in the previous code (which relied on the
-        assumption that thread ID 0 is impossible).
-     [Bodo Moeller]
-
-  *) Add "-rand" option also to s_client and s_server.
-     [Lutz Jaenicke]
-
-  *) Fix CPU detection on Irix 6.x.
-     [Kurt Hockenbury <khockenb@stevens-tech.edu> and
-      "Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
-
-  *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
-     was empty.
-     [Steve Henson]
-     [This change does not apply to 0.9.7.]
-
-  *) Use the cached encoding of an X509_NAME structure rather than
-     copying it. This is apparently the reason for the libsafe "errors"
-     but the code is actually correct.
-     [Steve Henson]
-
-  *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
-     Bleichenbacher's DSA attack.
-     Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
-     to be set and top=0 forces the highest bit to be set; top=-1 is new
-     and leaves the highest bit random.
-     [Ulf Moeller, Bodo Moeller]
-
-  *) In the NCONF_...-based implementations for CONF_... queries
-     (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
-     a temporary CONF structure with the data component set to NULL
-     (which gives segmentation faults in lh_retrieve).
-     Instead, use NULL for the CONF pointer in CONF_get_string and
-     CONF_get_number (which may use environment variables) and directly
-     return NULL from CONF_get_section.
-     [Bodo Moeller]
-
-  *) Fix potential buffer overrun for EBCDIC.
-     [Ulf Moeller]
-
-  *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
-     keyUsage if basicConstraints absent for a CA.
-     [Steve Henson]
-
-  *) Make SMIME_write_PKCS7() write mail header values with a format that
-     is more generally accepted (no spaces before the semicolon), since
-     some programs can't parse those values properly otherwise.  Also make
-     sure BIO's that break lines after each write do not create invalid
-     headers.
-     [Richard Levitte]
-
-  *) Make the CRL encoding routines work with empty SEQUENCE OF. The
-     macros previously used would not encode an empty SEQUENCE OF
-     and break the signature.
-     [Steve Henson]
-     [This change does not apply to 0.9.7.]
-
-  *) Zero the premaster secret after deriving the master secret in
-     DH ciphersuites.
-     [Steve Henson]
-
-  *) Add some EVP_add_digest_alias registrations (as found in
-     OpenSSL_add_all_digests()) to SSL_library_init()
-     aka OpenSSL_add_ssl_algorithms().  This provides improved
-     compatibility with peers using X.509 certificates
-     with unconventional AlgorithmIdentifier OIDs.
-     [Bodo Moeller]
-
-  *) Fix for Irix with NO_ASM.
-     ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
-
-  *) ./config script fixes.
-     [Ulf Moeller, Richard Levitte]
-
-  *) Fix 'openssl passwd -1'.
-     [Bodo Moeller]
-
-  *) Change PKCS12_key_gen_asc() so it can cope with non null
-     terminated strings whose length is passed in the passlen
-     parameter, for example from PEM callbacks. This was done
-     by adding an extra length parameter to asc2uni().
-     [Steve Henson, reported by <oddissey@samsung.co.kr>]
-
-  *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
-     call failed, free the DSA structure.
-     [Bodo Moeller]
-
-  *) Fix to uni2asc() to cope with zero length Unicode strings.
-     These are present in some PKCS#12 files.
-     [Steve Henson]
-
-  *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
-     Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
-     when writing a 32767 byte record.
-     [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
-
-  *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
-     obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
-
-     (RSA objects have a reference count access to which is protected
-     by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
-     so they are meant to be shared between threads.)
-     [Bodo Moeller, Geoff Thorpe; original patch submitted by
-     "Reddie, Steven" <Steven.Reddie@ca.com>]
-
-  *) Fix a deadlock in CRYPTO_mem_leaks().
-     [Bodo Moeller]
-
-  *) Use better test patterns in bntest.
-     [Ulf Möller]
-
-  *) rand_win.c fix for Borland C.
-     [Ulf Möller]
- 
-  *) BN_rshift bugfix for n == 0.
-     [Bodo Moeller]
-
-  *) Add a 'bctest' script that checks for some known 'bc' bugs
-     so that 'make test' does not abort just because 'bc' is broken.
-     [Bodo Moeller]
-
-  *) Store verify_result within SSL_SESSION also for client side to
-     avoid potential security hole. (Re-used sessions on the client side
-     always resulted in verify_result==X509_V_OK, not using the original
-     result of the server certificate verification.)
-     [Lutz Jaenicke]
-
-  *) Fix ssl3_pending: If the record in s->s3->rrec is not of type
-     SSL3_RT_APPLICATION_DATA, return 0.
-     Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
-     [Bodo Moeller]
-
-  *) Fix SSL_peek:
-     Both ssl2_peek and ssl3_peek, which were totally broken in earlier
-     releases, have been re-implemented by renaming the previous
-     implementations of ssl2_read and ssl3_read to ssl2_read_internal
-     and ssl3_read_internal, respectively, and adding 'peek' parameters
-     to them.  The new ssl[23]_{read,peek} functions are calls to
-     ssl[23]_read_internal with the 'peek' flag set appropriately.
-     A 'peek' parameter has also been added to ssl3_read_bytes, which
-     does the actual work for ssl3_read_internal.
-     [Bodo Moeller]
-
-  *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
-     the method-specific "init()" handler. Also clean up ex_data after
-     calling the method-specific "finish()" handler. Previously, this was
-     happening the other way round.
-     [Geoff Thorpe]
-
-  *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
-     The previous value, 12, was not always sufficient for BN_mod_exp().
-     [Bodo Moeller]
-
-  *) Make sure that shared libraries get the internal name engine with
-     the full version number and not just 0.  This should mark the
-     shared libraries as not backward compatible.  Of course, this should
-     be changed again when we can guarantee backward binary compatibility.
-     [Richard Levitte]
-
-  *) Fix typo in get_cert_by_subject() in by_dir.c
-     [Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
-
-  *) Rework the system to generate shared libraries:
-
-     - Make note of the expected extension for the shared libraries and
-       if there is a need for symbolic links from for example libcrypto.so.0
-       to libcrypto.so.0.9.7.  There is extended info in Configure for
-       that.
-
-     - Make as few rebuilds of the shared libraries as possible.
-
-     - Still avoid linking the OpenSSL programs with the shared libraries.
-
-     - When installing, install the shared libraries separately from the
-       static ones.
-     [Richard Levitte]
-
-  *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
-
-     Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
-     and not in SSL_clear because the latter is also used by the
-     accept/connect functions; previously, the settings made by
-     SSL_set_read_ahead would be lost during the handshake.
-     [Bodo Moeller; problems reported by Anders Gertz <gertz@epact.se>]     
-
-  *) Correct util/mkdef.pl to be selective about disabled algorithms.
-     Previously, it would create entries for disableed algorithms no
-     matter what.
-     [Richard Levitte]
-
-  *) Added several new manual pages for SSL_* function.
-     [Lutz Jaenicke]
-
- Changes between 0.9.5a and 0.9.6  [24 Sep 2000]
-
-  *) In ssl23_get_client_hello, generate an error message when faced
-     with an initial SSL 3.0/TLS record that is too small to contain the
-     first two bytes of the ClientHello message, i.e. client_version.
-     (Note that this is a pathologic case that probably has never happened
-     in real life.)  The previous approach was to use the version number
-     from the record header as a substitute; but our protocol choice
-     should not depend on that one because it is not authenticated
-     by the Finished messages.
-     [Bodo Moeller]
-
-  *) More robust randomness gathering functions for Windows.
-     [Jeffrey Altman <jaltman@columbia.edu>]
-
-  *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
-     not set then we don't setup the error code for issuer check errors
-     to avoid possibly overwriting other errors which the callback does
-     handle. If an application does set the flag then we assume it knows
-     what it is doing and can handle the new informational codes
-     appropriately.
-     [Steve Henson]
-
-  *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
-     a general "ANY" type, as such it should be able to decode anything
-     including tagged types. However it didn't check the class so it would
-     wrongly interpret tagged types in the same way as their universal
-     counterpart and unknown types were just rejected. Changed so that the
-     tagged and unknown types are handled in the same way as a SEQUENCE:
-     that is the encoding is stored intact. There is also a new type
-     "V_ASN1_OTHER" which is used when the class is not universal, in this
-     case we have no idea what the actual type is so we just lump them all
-     together.
-     [Steve Henson]
-
-  *) On VMS, stdout may very well lead to a file that is written to
-     in a record-oriented fashion.  That means that every write() will
-     write a separate record, which will be read separately by the
-     programs trying to read from it.  This can be very confusing.
-
-     The solution is to put a BIO filter in the way that will buffer
-     text until a linefeed is reached, and then write everything a
-     line at a time, so every record written will be an actual line,
-     not chunks of lines and not (usually doesn't happen, but I've
-     seen it once) several lines in one record.  BIO_f_linebuffer() is
-     the answer.
-
-     Currently, it's a VMS-only method, because that's where it has
-     been tested well enough.
-     [Richard Levitte]
-
-  *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
-     it can return incorrect results.
-     (Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
-     but it was in 0.9.6-beta[12].)
-     [Bodo Moeller]
-
-  *) Disable the check for content being present when verifying detached
-     signatures in pk7_smime.c. Some versions of Netscape (wrongly)
-     include zero length content when signing messages.
-     [Steve Henson]
-
-  *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
-     BIO_ctrl (for BIO pairs).
-     [Bodo Möller]
-
-  *) Add DSO method for VMS.
-     [Richard Levitte]
-
-  *) Bug fix: Montgomery multiplication could produce results with the
-     wrong sign.
-     [Ulf Möller]
-
-  *) Add RPM specification openssl.spec and modify it to build three
-     packages.  The default package contains applications, application
-     documentation and run-time libraries.  The devel package contains
-     include files, static libraries and function documentation.  The
-     doc package contains the contents of the doc directory.  The original
-     openssl.spec was provided by Damien Miller <djm@mindrot.org>.
-     [Richard Levitte]
-     
-  *) Add a large number of documentation files for many SSL routines.
-     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>]
-
-  *) Add a configuration entry for Sony News 4.
-     [NAKAJI Hiroyuki <nakaji@tutrp.tut.ac.jp>]
-
-  *) Don't set the two most significant bits to one when generating a
-     random number < q in the DSA library.
-     [Ulf Möller]
-
-  *) New SSL API mode 'SSL_MODE_AUTO_RETRY'.  This disables the default
-     behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
-     the underlying transport is blocking) if a handshake took place.
-     (The default behaviour is needed by applications such as s_client
-     and s_server that use select() to determine when to use SSL_read;
-     but for applications that know in advance when to expect data, it
-     just makes things more complicated.)
-     [Bodo Moeller]
-
-  *) Add RAND_egd_bytes(), which gives control over the number of bytes read
-     from EGD.
-     [Ben Laurie]
-
-  *) Add a few more EBCDIC conditionals that make `req' and `x509'
-     work better on such systems.
-     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
-
-  *) Add two demo programs for PKCS12_parse() and PKCS12_create().
-     Update PKCS12_parse() so it copies the friendlyName and the
-     keyid to the certificates aux info.
-     [Steve Henson]
-
-  *) Fix bug in PKCS7_verify() which caused an infinite loop
-     if there was more than one signature.
-     [Sven Uszpelkat <su@celocom.de>]
-
-  *) Major change in util/mkdef.pl to include extra information
-     about each symbol, as well as presentig variables as well
-     as functions.  This change means that there's n more need
-     to rebuild the .num files when some algorithms are excluded.
-     [Richard Levitte]
-
-  *) Allow the verify time to be set by an application,
-     rather than always using the current time.
-     [Steve Henson]
-  
-  *) Phase 2 verify code reorganisation. The certificate
-     verify code now looks up an issuer certificate by a
-     number of criteria: subject name, authority key id
-     and key usage. It also verifies self signed certificates
-     by the same criteria. The main comparison function is
-     X509_check_issued() which performs these checks.
- 
-     Lot of changes were necessary in order to support this
-     without completely rewriting the lookup code.
- 
-     Authority and subject key identifier are now cached.
- 
-     The LHASH 'certs' is X509_STORE has now been replaced
-     by a STACK_OF(X509_OBJECT). This is mainly because an
-     LHASH can't store or retrieve multiple objects with
-     the same hash value.
-
-     As a result various functions (which were all internal
-     use only) have changed to handle the new X509_STORE
-     structure. This will break anything that messed round
-     with X509_STORE internally.
- 
-     The functions X509_STORE_add_cert() now checks for an
-     exact match, rather than just subject name.
- 
-     The X509_STORE API doesn't directly support the retrieval
-     of multiple certificates matching a given criteria, however
-     this can be worked round by performing a lookup first
-     (which will fill the cache with candidate certificates)
-     and then examining the cache for matches. This is probably
-     the best we can do without throwing out X509_LOOKUP
-     entirely (maybe later...).
- 
-     The X509_VERIFY_CTX structure has been enhanced considerably.
- 
-     All certificate lookup operations now go via a get_issuer()
-     callback. Although this currently uses an X509_STORE it
-     can be replaced by custom lookups. This is a simple way
-     to bypass the X509_STORE hackery necessary to make this
-     work and makes it possible to use more efficient techniques
-     in future. A very simple version which uses a simple
-     STACK for its trusted certificate store is also provided
-     using X509_STORE_CTX_trusted_stack().
- 
-     The verify_cb() and verify() callbacks now have equivalents
-     in the X509_STORE_CTX structure.
- 
-     X509_STORE_CTX also has a 'flags' field which can be used
-     to customise the verify behaviour.
-     [Steve Henson]
- 
-  *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which 
-     excludes S/MIME capabilities.
-     [Steve Henson]
-
-  *) When a certificate request is read in keep a copy of the
-     original encoding of the signed data and use it when outputing
-     again. Signatures then use the original encoding rather than
-     a decoded, encoded version which may cause problems if the
-     request is improperly encoded.
-     [Steve Henson]
-
-  *) For consistency with other BIO_puts implementations, call
-     buffer_write(b, ...) directly in buffer_puts instead of calling
-     BIO_write(b, ...).
-
-     In BIO_puts, increment b->num_write as in BIO_write.
-     [Peter.Sylvester@EdelWeb.fr]
-
-  *) Fix BN_mul_word for the case where the word is 0. (We have to use
-     BN_zero, we may not return a BIGNUM with an array consisting of
-     words set to zero.)
-     [Bodo Moeller]
-
-  *) Avoid calling abort() from within the library when problems are
-     detected, except if preprocessor symbols have been defined
-     (such as REF_CHECK, BN_DEBUG etc.).
-     [Bodo Moeller]
-
-  *) New openssl application 'rsautl'. This utility can be
-     used for low level RSA operations. DER public key
-     BIO/fp routines also added.
-     [Steve Henson]
-
-  *) New Configure entry and patches for compiling on QNX 4.
-     [Andreas Schneider <andreas@ds3.etech.fh-hamburg.de>]
-
-  *) A demo state-machine implementation was sponsored by
-     Nuron (http://www.nuron.com/) and is now available in
-     demos/state_machine.
-     [Ben Laurie]
-
-  *) New options added to the 'dgst' utility for signature
-     generation and verification.
-     [Steve Henson]
-
-  *) Unrecognized PKCS#7 content types are now handled via a
-     catch all ASN1_TYPE structure. This allows unsupported
-     types to be stored as a "blob" and an application can
-     encode and decode it manually.
-     [Steve Henson]
-
-  *) Fix various signed/unsigned issues to make a_strex.c
-     compile under VC++.
-     [Oscar Jacobsson <oscar.jacobsson@celocom.com>]
-
-  *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
-     length if passed a buffer. ASN1_INTEGER_to_BN failed
-     if passed a NULL BN and its argument was negative.
-     [Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]
-
-  *) Modification to PKCS#7 encoding routines to output definite
-     length encoding. Since currently the whole structures are in
-     memory there's not real point in using indefinite length 
-     constructed encoding. However if OpenSSL is compiled with
-     the flag PKCS7_INDEFINITE_ENCODING the old form is used.
-     [Steve Henson]
-
-  *) Added BIO_vprintf() and BIO_vsnprintf().
-     [Richard Levitte]
-
-  *) Added more prefixes to parse for in the the strings written
-     through a logging bio, to cover all the levels that are available
-     through syslog.  The prefixes are now:
-
-	PANIC, EMERG, EMR	=>	LOG_EMERG
-	ALERT, ALR		=>	LOG_ALERT
-	CRIT, CRI		=>	LOG_CRIT
-	ERROR, ERR		=>	LOG_ERR
-	WARNING, WARN, WAR	=>	LOG_WARNING
-	NOTICE, NOTE, NOT	=>	LOG_NOTICE
-	INFO, INF		=>	LOG_INFO
-	DEBUG, DBG		=>	LOG_DEBUG
-
-     and as before, if none of those prefixes are present at the
-     beginning of the string, LOG_ERR is chosen.
-
-     On Win32, the LOG_* levels are mapped according to this:
-
-	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR	=> EVENTLOG_ERROR_TYPE
-	LOG_WARNING				=> EVENTLOG_WARNING_TYPE
-	LOG_NOTICE, LOG_INFO, LOG_DEBUG		=> EVENTLOG_INFORMATION_TYPE
-
-     [Richard Levitte]
-
-  *) Made it possible to reconfigure with just the configuration
-     argument "reconf" or "reconfigure".  The command line arguments
-     are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
-     and are retrieved from there when reconfiguring.
-     [Richard Levitte]
-
-  *) MD4 implemented.
-     [Assar Westerlund <assar@sics.se>, Richard Levitte]
-
-  *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
-     [Richard Levitte]
-
-  *) The obj_dat.pl script was messing up the sorting of object
-     names. The reason was that it compared the quoted version
-     of strings as a result "OCSP" > "OCSP Signing" because
-     " > SPACE. Changed script to store unquoted versions of
-     names and add quotes on output. It was also omitting some
-     names from the lookup table if they were given a default
-     value (that is if SN is missing it is given the same
-     value as LN and vice versa), these are now added on the
-     grounds that if an object has a name we should be able to
-     look it up. Finally added warning output when duplicate
-     short or long names are found.
-     [Steve Henson]
-
-  *) Changes needed for Tandem NSK.
-     [Scott Uroff <scott@xypro.com>]
-
-  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
-     RSA_padding_check_SSLv23(), special padding was never detected
-     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
-     version rollback attacks was not effective.
-
-     In s23_clnt.c, don't use special rollback-attack detection padding
-     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
-     client; similarly, in s23_srvr.c, don't do the rollback check if
-     SSL 2.0 is the only protocol enabled in the server.
-     [Bodo Moeller]
-
-  *) Make it possible to get hexdumps of unprintable data with 'openssl
-     asn1parse'.  By implication, the functions ASN1_parse_dump() and
-     BIO_dump_indent() are added.
-     [Richard Levitte]
-
-  *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
-     these print out strings and name structures based on various
-     flags including RFC2253 support and proper handling of
-     multibyte characters. Added options to the 'x509' utility 
-     to allow the various flags to be set.
-     [Steve Henson]
-
-  *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
-     Also change the functions X509_cmp_current_time() and
-     X509_gmtime_adj() work with an ASN1_TIME structure,
-     this will enable certificates using GeneralizedTime in validity
-     dates to be checked.
-     [Steve Henson]
-
-  *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
-     negative public key encodings) on by default,
-     NO_NEG_PUBKEY_BUG can be set to disable it.
-     [Steve Henson]
-
-  *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
-     content octets. An i2c_ASN1_OBJECT is unnecessary because
-     the encoding can be trivially obtained from the structure.
-     [Steve Henson]
-
-  *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
-     not read locks (CRYPTO_r_[un]lock).
-     [Bodo Moeller]
-
-  *) A first attempt at creating official support for shared
-     libraries through configuration.  I've kept it so the
-     default is static libraries only, and the OpenSSL programs
-     are always statically linked for now, but there are
-     preparations for dynamic linking in place.
-     This has been tested on Linux and Tru64.
-     [Richard Levitte]
-
-  *) Randomness polling function for Win9x, as described in:
-     Peter Gutmann, Software Generation of Practically Strong
-     Random Numbers.
-     [Ulf Möller]
-
-  *) Fix so PRNG is seeded in req if using an already existing
-     DSA key.
-     [Steve Henson]
-
-  *) New options to smime application. -inform and -outform
-     allow alternative formats for the S/MIME message including
-     PEM and DER. The -content option allows the content to be
-     specified separately. This should allow things like Netscape
-     form signing output easier to verify.
-     [Steve Henson]
-
-  *) Fix the ASN1 encoding of tags using the 'long form'.
-     [Steve Henson]
-
-  *) New ASN1 functions, i2c_* and c2i_* for INTEGER and BIT
-     STRING types. These convert content octets to and from the
-     underlying type. The actual tag and length octets are
-     already assumed to have been read in and checked. These
-     are needed because all other string types have virtually
-     identical handling apart from the tag. By having versions
-     of the ASN1 functions that just operate on content octets
-     IMPLICIT tagging can be handled properly. It also allows
-     the ASN1_ENUMERATED code to be cut down because ASN1_ENUMERATED
-     and ASN1_INTEGER are identical apart from the tag.
-     [Steve Henson]
-
-  *) Change the handling of OID objects as follows:
-
-     - New object identifiers are inserted in objects.txt, following
-       the syntax given in objects.README.
-     - objects.pl is used to process obj_mac.num and create a new
-       obj_mac.h.
-     - obj_dat.pl is used to create a new obj_dat.h, using the data in
-       obj_mac.h.
-
-     This is currently kind of a hack, and the perl code in objects.pl
-     isn't very elegant, but it works as I intended.  The simplest way
-     to check that it worked correctly is to look in obj_dat.h and
-     check the array nid_objs and make sure the objects haven't moved
-     around (this is important!).  Additions are OK, as well as
-     consistent name changes. 
-     [Richard Levitte]
-
-  *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
-     [Bodo Moeller]
-
-  *) Addition of the command line parameter '-rand file' to 'openssl req'.
-     The given file adds to whatever has already been seeded into the
-     random pool through the RANDFILE configuration file option or
-     environment variable, or the default random state file.
-     [Richard Levitte]
-
-  *) mkstack.pl now sorts each macro group into lexical order.
-     Previously the output order depended on the order the files
-     appeared in the directory, resulting in needless rewriting
-     of safestack.h .
-     [Steve Henson]
-
-  *) Patches to make OpenSSL compile under Win32 again. Mostly
-     work arounds for the VC++ problem that it treats func() as
-     func(void). Also stripped out the parts of mkdef.pl that
-     added extra typesafe functions: these no longer exist.
-     [Steve Henson]
-
-  *) Reorganisation of the stack code. The macros are now all 
-     collected in safestack.h . Each macro is defined in terms of
-     a "stack macro" of the form SKM_<name>(type, a, b). The 
-     DEBUG_SAFESTACK is now handled in terms of function casts,
-     this has the advantage of retaining type safety without the
-     use of additional functions. If DEBUG_SAFESTACK is not defined
-     then the non typesafe macros are used instead. Also modified the
-     mkstack.pl script to handle the new form. Needs testing to see
-     if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK
-     the default if no major problems. Similar behaviour for ASN1_SET_OF
-     and PKCS12_STACK_OF.
-     [Steve Henson]
-
-  *) When some versions of IIS use the 'NET' form of private key the
-     key derivation algorithm is different. Normally MD5(password) is
-     used as a 128 bit RC4 key. In the modified case
-     MD5(MD5(password) + "SGCKEYSALT")  is used insted. Added some
-     new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same
-     as the old Netscape_RSA functions except they have an additional
-     'sgckey' parameter which uses the modified algorithm. Also added
-     an -sgckey command line option to the rsa utility. Thanks to 
-     Adrian Peck <bertie@ncipher.com> for posting details of the modified
-     algorithm to openssl-dev.
-     [Steve Henson]
-
-  *) The evp_local.h macros were using 'c.##kname' which resulted in
-     invalid expansion on some systems (SCO 5.0.5 for example).
-     Corrected to 'c.kname'.
-     [Phillip Porch <root@theporch.com>]
-
-  *) New X509_get1_email() and X509_REQ_get1_email() functions that return
-     a STACK of email addresses from a certificate or request, these look
-     in the subject name and the subject alternative name extensions and 
-     omit any duplicate addresses.
-     [Steve Henson]
-
-  *) Re-implement BN_mod_exp2_mont using independent (and larger) windows.
-     This makes DSA verification about 2 % faster.
-     [Bodo Moeller]
-
-  *) Increase maximum window size in BN_mod_exp_... to 6 bits instead of 5
-     (meaning that now 2^5 values will be precomputed, which is only 4 KB
-     plus overhead for 1024 bit moduli).
-     This makes exponentiations about 0.5 % faster for 1024 bit
-     exponents (as measured by "openssl speed rsa2048").
-     [Bodo Moeller]
-
-  *) Rename memory handling macros to avoid conflicts with other
-     software:
-          Malloc         =>  OPENSSL_malloc
-          Malloc_locked  =>  OPENSSL_malloc_locked
-          Realloc        =>  OPENSSL_realloc
-          Free           =>  OPENSSL_free
-     [Richard Levitte]
-
-  *) New function BN_mod_exp_mont_word for small bases (roughly 15%
-     faster than BN_mod_exp_mont, i.e. 7% for a full DH exchange).
-     [Bodo Moeller]
-
-  *) CygWin32 support.
-     [John Jarvie <jjarvie@newsguy.com>]
-
-  *) The type-safe stack code has been rejigged. It is now only compiled
-     in when OpenSSL is configured with the DEBUG_SAFESTACK option and
-     by default all type-specific stack functions are "#define"d back to
-     standard stack functions. This results in more streamlined output
-     but retains the type-safety checking possibilities of the original
-     approach.
-     [Geoff Thorpe]
-
-  *) The STACK code has been cleaned up, and certain type declarations
-     that didn't make a lot of sense have been brought in line. This has
-     also involved a cleanup of sorts in safestack.h to more correctly
-     map type-safe stack functions onto their plain stack counterparts.
-     This work has also resulted in a variety of "const"ifications of
-     lots of the code, especially "_cmp" operations which should normally
-     be prototyped with "const" parameters anyway.
-     [Geoff Thorpe]
-
-  *) When generating bytes for the first time in md_rand.c, 'stir the pool'
-     by seeding with STATE_SIZE dummy bytes (with zero entropy count).
-     (The PRNG state consists of two parts, the large pool 'state' and 'md',
-     where all of 'md' is used each time the PRNG is used, but 'state'
-     is used only indexed by a cyclic counter. As entropy may not be
-     well distributed from the beginning, 'md' is important as a
-     chaining variable. However, the output function chains only half
-     of 'md', i.e. 80 bits.  ssleay_rand_add, on the other hand, chains
-     all of 'md', and seeding with STATE_SIZE dummy bytes will result
-     in all of 'state' being rewritten, with the new values depending
-     on virtually all of 'md'.  This overcomes the 80 bit limitation.)
-     [Bodo Moeller]
-
-  *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
-     the handshake is continued after ssl_verify_cert_chain();
-     otherwise, if SSL_VERIFY_NONE is set, remaining error codes
-     can lead to 'unexplainable' connection aborts later.
-     [Bodo Moeller; problem tracked down by Lutz Jaenicke]
-
-  *) Major EVP API cipher revision.
-     Add hooks for extra EVP features. This allows various cipher
-     parameters to be set in the EVP interface. Support added for variable
-     key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and
-     setting of RC2 and RC5 parameters.
-
-     Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length
-     ciphers.
-
-     Remove lots of duplicated code from the EVP library. For example *every*
-     cipher init() function handles the 'iv' in the same way according to the
-     cipher mode. They also all do nothing if the 'key' parameter is NULL and
-     for CFB and OFB modes they zero ctx->num.
-
-     New functionality allows removal of S/MIME code RC2 hack.
-
-     Most of the routines have the same form and so can be declared in terms
-     of macros.
-
-     By shifting this to the top level EVP_CipherInit() it can be removed from
-     all individual ciphers. If the cipher wants to handle IVs or keys
-     differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
-     flags.
-
-     Change lots of functions like EVP_EncryptUpdate() to now return a
-     value: although software versions of the algorithms cannot fail
-     any installed hardware versions can.
-     [Steve Henson]
-
-  *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if
-     this option is set, tolerate broken clients that send the negotiated
-     protocol version number instead of the requested protocol version
-     number.
-     [Bodo Moeller]
-
-  *) Call dh_tmp_cb (set by ..._TMP_DH_CB) with correct 'is_export' flag;
-     i.e. non-zero for export ciphersuites, zero otherwise.
-     Previous versions had this flag inverted, inconsistent with
-     rsa_tmp_cb (..._TMP_RSA_CB).
-     [Bodo Moeller; problem reported by Amit Chopra]
-
-  *) Add missing DSA library text string. Work around for some IIS
-     key files with invalid SEQUENCE encoding.
-     [Steve Henson]
-
-  *) Add a document (doc/standards.txt) that list all kinds of standards
-     and so on that are implemented in OpenSSL.
-     [Richard Levitte]
-
-  *) Enhance c_rehash script. Old version would mishandle certificates
-     with the same subject name hash and wouldn't handle CRLs at all.
-     Added -fingerprint option to crl utility, to support new c_rehash
-     features.
-     [Steve Henson]
-
-  *) Eliminate non-ANSI declarations in crypto.h and stack.h.
-     [Ulf Möller]
-
-  *) Fix for SSL server purpose checking. Server checking was
-     rejecting certificates which had extended key usage present
-     but no ssl client purpose.
-     [Steve Henson, reported by Rene Grosser <grosser@hisolutions.com>]
-
-  *) Make PKCS#12 code work with no password. The PKCS#12 spec
-     is a little unclear about how a blank password is handled.
-     Since the password in encoded as a BMPString with terminating
-     double NULL a zero length password would end up as just the
-     double NULL. However no password at all is different and is
-     handled differently in the PKCS#12 key generation code. NS
-     treats a blank password as zero length. MSIE treats it as no
-     password on export: but it will try both on import. We now do
-     the same: PKCS12_parse() tries zero length and no password if
-     the password is set to "" or NULL (NULL is now a valid password:
-     it wasn't before) as does the pkcs12 application.
-     [Steve Henson]
-
-  *) Bugfixes in apps/x509.c: Avoid a memory leak; and don't use
-     perror when PEM_read_bio_X509_REQ fails, the error message must
-     be obtained from the error queue.
-     [Bodo Moeller]
-
-  *) Avoid 'thread_hash' memory leak in crypto/err/err.c by freeing
-     it in ERR_remove_state if appropriate, and change ERR_get_state
-     accordingly to avoid race conditions (this is necessary because
-     thread_hash is no longer constant once set).
-     [Bodo Moeller]
-
-  *) Bugfix for linux-elf makefile.one.
-     [Ulf Möller]
-
-  *) RSA_get_default_method() will now cause a default
-     RSA_METHOD to be chosen if one doesn't exist already.
-     Previously this was only set during a call to RSA_new()
-     or RSA_new_method(NULL) meaning it was possible for
-     RSA_get_default_method() to return NULL.
-     [Geoff Thorpe]
-
-  *) Added native name translation to the existing DSO code
-     that will convert (if the flag to do so is set) filenames
-     that are sufficiently small and have no path information
-     into a canonical native form. Eg. "blah" converted to
-     "libblah.so" or "blah.dll" etc.
-     [Geoff Thorpe]
-
-  *) New function ERR_error_string_n(e, buf, len) which is like
-     ERR_error_string(e, buf), but writes at most 'len' bytes
-     including the 0 terminator.  For ERR_error_string_n, 'buf'
-     may not be NULL.
-     [Damien Miller <djm@mindrot.org>, Bodo Moeller]
-
-  *) CONF library reworked to become more general.  A new CONF
-     configuration file reader "class" is implemented as well as a
-     new functions (NCONF_*, for "New CONF") to handle it.  The now
-     old CONF_* functions are still there, but are reimplemented to
-     work in terms of the new functions.  Also, a set of functions
-     to handle the internal storage of the configuration data is
-     provided to make it easier to write new configuration file
-     reader "classes" (I can definitely see something reading a
-     configuration file in XML format, for example), called _CONF_*,
-     or "the configuration storage API"...
-
-     The new configuration file reading functions are:
-
-        NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio,
-        NCONF_get_section, NCONF_get_string, NCONF_get_numbre
-
-        NCONF_default, NCONF_WIN32
-
-        NCONF_dump_fp, NCONF_dump_bio
-
-     NCONF_default and NCONF_WIN32 are method (or "class") choosers,
-     NCONF_new creates a new CONF object.  This works in the same way
-     as other interfaces in OpenSSL, like the BIO interface.
-     NCONF_dump_* dump the internal storage of the configuration file,
-     which is useful for debugging.  All other functions take the same
-     arguments as the old CONF_* functions wth the exception of the
-     first that must be a `CONF *' instead of a `LHASH *'.
-
-     To make it easer to use the new classes with the old CONF_* functions,
-     the function CONF_set_default_method is provided.
-     [Richard Levitte]
-
-  *) Add '-tls1' option to 'openssl ciphers', which was already
-     mentioned in the documentation but had not been implemented.
-     (This option is not yet really useful because even the additional
-     experimental TLS 1.0 ciphers are currently treated as SSL 3.0 ciphers.)
-     [Bodo Moeller]
-
-  *) Initial DSO code added into libcrypto for letting OpenSSL (and
-     OpenSSL-based applications) load shared libraries and bind to
-     them in a portable way.
-     [Geoff Thorpe, with contributions from Richard Levitte]
-
- Changes between 0.9.5 and 0.9.5a  [1 Apr 2000]
-
-  *) Make sure _lrotl and _lrotr are only used with MSVC.
-
-  *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status
-     (the default implementation of RAND_status).
-
-  *) Rename openssl x509 option '-crlext', which was added in 0.9.5,
-     to '-clrext' (= clear extensions), as intended and documented.
-     [Bodo Moeller; inconsistency pointed out by Michael Attili
-     <attili@amaxo.com>]
-
-  *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
-     was larger than the MD block size.      
-     [Steve Henson, pointed out by Yost William <YostW@tce.com>]
-
-  *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
-     fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
-     using the passed key: if the passed key was a private key the result
-     of X509_print(), for example, would be to print out all the private key
-     components.
-     [Steve Henson]
-
-  *) des_quad_cksum() byte order bug fix.
-     [Ulf Möller, using the problem description in krb4-0.9.7, where
-      the solution is attributed to Derrick J Brashear <shadow@DEMENTIA.ORG>]
-
-  *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
-     discouraged.
-     [Steve Henson, pointed out by Brian Korver <briank@cs.stanford.edu>]
-
-  *) For easily testing in shell scripts whether some command
-     'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
-     returns with exit code 0 iff no command of the given name is available.
-     'no-XXX' is printed in this case, 'XXX' otherwise.  In both cases,
-     the output goes to stdout and nothing is printed to stderr.
-     Additional arguments are always ignored.
-
-     Since for each cipher there is a command of the same name,
-     the 'no-cipher' compilation switches can be tested this way.
-
-     ('openssl no-XXX' is not able to detect pseudo-commands such
-     as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
-     [Bodo Moeller]
-
-  *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
-     [Bodo Moeller]
-
-  *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
-     is set; it will be thrown away anyway because each handshake creates
-     its own key.
-     ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
-     to parameters -- in previous versions (since OpenSSL 0.9.3) the
-     'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
-     you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
-     [Bodo Moeller]
-
-  *) New s_client option -ign_eof: EOF at stdin is ignored, and
-     'Q' and 'R' lose their special meanings (quit/renegotiate).
-     This is part of what -quiet does; unlike -quiet, -ign_eof
-     does not suppress any output.
-     [Richard Levitte]
-
-  *) Add compatibility options to the purpose and trust code. The
-     purpose X509_PURPOSE_ANY is "any purpose" which automatically
-     accepts a certificate or CA, this was the previous behaviour,
-     with all the associated security issues.
-
-     X509_TRUST_COMPAT is the old trust behaviour: only and
-     automatically trust self signed roots in certificate store. A
-     new trust setting X509_TRUST_DEFAULT is used to specify that
-     a purpose has no associated trust setting and it should instead
-     use the value in the default purpose.
-     [Steve Henson]
-
-  *) Fix the PKCS#8 DSA private key code so it decodes keys again
-     and fix a memory leak.
-     [Steve Henson]
-
-  *) In util/mkerr.pl (which implements 'make errors'), preserve
-     reason strings from the previous version of the .c file, as
-     the default to have only downcase letters (and digits) in
-     automatically generated reasons codes is not always appropriate.
-     [Bodo Moeller]
-
-  *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
-     using strerror.  Previously, ERR_reason_error_string() returned
-     library names as reason strings for SYSerr; but SYSerr is a special
-     case where small numbers are errno values, not library numbers.
-     [Bodo Moeller]
-
-  *) Add '-dsaparam' option to 'openssl dhparam' application.  This
-     converts DSA parameters into DH parameters. (When creating parameters,
-     DSA_generate_parameters is used.)
-     [Bodo Moeller]
-
-  *) Include 'length' (recommended exponent length) in C code generated
-     by 'openssl dhparam -C'.
-     [Bodo Moeller]
-
-  *) The second argument to set_label in perlasm was already being used
-     so couldn't be used as a "file scope" flag. Moved to third argument
-     which was free.
-     [Steve Henson]
-
-  *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
-     instead of RAND_bytes for encryption IVs and salts.
-     [Bodo Moeller]
-
-  *) Include RAND_status() into RAND_METHOD instead of implementing
-     it only for md_rand.c  Otherwise replacing the PRNG by calling
-     RAND_set_rand_method would be impossible.
-     [Bodo Moeller]
-
-  *) Don't let DSA_generate_key() enter an infinite loop if the random
-     number generation fails.
-     [Bodo Moeller]
-
-  *) New 'rand' application for creating pseudo-random output.
-     [Bodo Moeller]
-
-  *) Added configuration support for Linux/IA64
-     [Rolf Haberrecker <rolf@suse.de>]
-
-  *) Assembler module support for Mingw32.
-     [Ulf Möller]
-
-  *) Shared library support for HPUX (in shlib/).
-     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Anonymous]
-
-  *) Shared library support for Solaris gcc.
-     [Lutz Behnke <behnke@trustcenter.de>]
-
- Changes between 0.9.4 and 0.9.5  [28 Feb 2000]
-
-  *) PKCS7_encrypt() was adding text MIME headers twice because they
-     were added manually and by SMIME_crlf_copy().
-     [Steve Henson]
-
-  *) In bntest.c don't call BN_rand with zero bits argument.
-     [Steve Henson, pointed out by Andrew W. Gray <agray@iconsinc.com>]
-
-  *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
-     case was implemented. This caused BN_div_recp() to fail occasionally.
-     [Ulf Möller]
-
-  *) Add an optional second argument to the set_label() in the perl
-     assembly language builder. If this argument exists and is set
-     to 1 it signals that the assembler should use a symbol whose 
-     scope is the entire file, not just the current function. This
-     is needed with MASM which uses the format label:: for this scope.
-     [Steve Henson, pointed out by Peter Runestig <peter@runestig.com>]
-
-  *) Change the ASN1 types so they are typedefs by default. Before
-     almost all types were #define'd to ASN1_STRING which was causing
-     STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING)
-     for example.
-     [Steve Henson]
-
-  *) Change names of new functions to the new get1/get0 naming
-     convention: After 'get1', the caller owns a reference count
-     and has to call ..._free; 'get0' returns a pointer to some
-     data structure without incrementing reference counters.
-     (Some of the existing 'get' functions increment a reference
-     counter, some don't.)
-     Similarly, 'set1' and 'add1' functions increase reference
-     counters or duplicate objects.
-     [Steve Henson]
-
-  *) Allow for the possibility of temp RSA key generation failure:
-     the code used to assume it always worked and crashed on failure.
-     [Steve Henson]
-
-  *) Fix potential buffer overrun problem in BIO_printf().
-     [Ulf Möller, using public domain code by Patrick Powell; problem
-      pointed out by David Sacerdote <das33@cornell.edu>]
-
-  *) Support EGD <http://www.lothar.com/tech/crypto/>.  New functions
-     RAND_egd() and RAND_status().  In the command line application,
-     the EGD socket can be specified like a seed file using RANDFILE
-     or -rand.
-     [Ulf Möller]
-
-  *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
-     Some CAs (e.g. Verisign) distribute certificates in this form.
-     [Steve Henson]
-
-  *) Remove the SSL_ALLOW_ADH compile option and set the default cipher
-     list to exclude them. This means that no special compilation option
-     is needed to use anonymous DH: it just needs to be included in the
-     cipher list.
-     [Steve Henson]
-
-  *) Change the EVP_MD_CTX_type macro so its meaning consistent with
-     EVP_MD_type. The old functionality is available in a new macro called
-     EVP_MD_md(). Change code that uses it and update docs.
-     [Steve Henson]
-
-  *) ..._ctrl functions now have corresponding ..._callback_ctrl functions
-     where the 'void *' argument is replaced by a function pointer argument.
-     Previously 'void *' was abused to point to functions, which works on
-     many platforms, but is not correct.  As these functions are usually
-     called by macros defined in OpenSSL header files, most source code
-     should work without changes.
-     [Richard Levitte]
-
-  *) <openssl/opensslconf.h> (which is created by Configure) now contains
-     sections with information on -D... compiler switches used for
-     compiling the library so that applications can see them.  To enable
-     one of these sections, a pre-processor symbol OPENSSL_..._DEFINES
-     must be defined.  E.g.,
-        #define OPENSSL_ALGORITHM_DEFINES
-        #include <openssl/opensslconf.h>
-     defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc.
-     [Richard Levitte, Ulf and Bodo Möller]
-
-  *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS
-     record layer.
-     [Bodo Moeller]
-
-  *) Change the 'other' type in certificate aux info to a STACK_OF
-     X509_ALGOR. Although not an AlgorithmIdentifier as such it has
-     the required ASN1 format: arbitrary types determined by an OID.
-     [Steve Henson]
-
-  *) Add some PEM_write_X509_REQ_NEW() functions and a command line
-     argument to 'req'. This is not because the function is newer or
-     better than others it just uses the work 'NEW' in the certificate
-     request header lines. Some software needs this.
-     [Steve Henson]
-
-  *) Reorganise password command line arguments: now passwords can be
-     obtained from various sources. Delete the PEM_cb function and make
-     it the default behaviour: i.e. if the callback is NULL and the
-     usrdata argument is not NULL interpret it as a null terminated pass
-     phrase. If usrdata and the callback are NULL then the pass phrase
-     is prompted for as usual.
-     [Steve Henson]
-
-  *) Add support for the Compaq Atalla crypto accelerator. If it is installed,
-     the support is automatically enabled. The resulting binaries will
-     autodetect the card and use it if present.
-     [Ben Laurie and Compaq Inc.]
-
-  *) Work around for Netscape hang bug. This sends certificate request
-     and server done in one record. Since this is perfectly legal in the
-     SSL/TLS protocol it isn't a "bug" option and is on by default. See
-     the bugs/SSLv3 entry for more info.
-     [Steve Henson]
-
-  *) HP-UX tune-up: new unified configs, HP C compiler bug workaround.
-     [Andy Polyakov]
-
-  *) Add -rand argument to smime and pkcs12 applications and read/write
-     of seed file.
-     [Steve Henson]
-
-  *) New 'passwd' tool for crypt(3) and apr1 password hashes.
-     [Bodo Moeller]
-
-  *) Add command line password options to the remaining applications.
-     [Steve Henson]
-
-  *) Bug fix for BN_div_recp() for numerators with an even number of
-     bits.
-     [Ulf Möller]
-
-  *) More tests in bntest.c, and changed test_bn output.
-     [Ulf Möller]
-
-  *) ./config recognizes MacOS X now.
-     [Andy Polyakov]
-
-  *) Bug fix for BN_div() when the first words of num and divsor are
-     equal (it gave wrong results if (rem=(n1-q*d0)&BN_MASK2) < d0).
-     [Ulf Möller]
-
-  *) Add support for various broken PKCS#8 formats, and command line
-     options to produce them.
-     [Steve Henson]
-
-  *) New functions BN_CTX_start(), BN_CTX_get() and BT_CTX_end() to
-     get temporary BIGNUMs from a BN_CTX.
-     [Ulf Möller]
-
-  *) Correct return values in BN_mod_exp_mont() and BN_mod_exp2_mont()
-     for p == 0.
-     [Ulf Möller]
-
-  *) Change the SSLeay_add_all_*() functions to OpenSSL_add_all_*() and
-     include a #define from the old name to the new. The original intent
-     was that statically linked binaries could for example just call
-     SSLeay_add_all_ciphers() to just add ciphers to the table and not
-     link with digests. This never worked becayse SSLeay_add_all_digests()
-     and SSLeay_add_all_ciphers() were in the same source file so calling
-     one would link with the other. They are now in separate source files.
-     [Steve Henson]
-
-  *) Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
-     [Steve Henson]
-
-  *) Use a less unusual form of the Miller-Rabin primality test (it used
-     a binary algorithm for exponentiation integrated into the Miller-Rabin
-     loop, our standard modexp algorithms are faster).
-     [Bodo Moeller]
-
-  *) Support for the EBCDIC character set completed.
-     [Martin Kraemer <Martin.Kraemer@Mch.SNI.De>]
-
-  *) Source code cleanups: use const where appropriate, eliminate casts,
-     use void * instead of char * in lhash.
-     [Ulf Möller] 
-
-  *) Bugfix: ssl3_send_server_key_exchange was not restartable
-     (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of
-     this the server could overwrite ephemeral keys that the client
-     has already seen).
-     [Bodo Moeller]
-
-  *) Turn DSA_is_prime into a macro that calls BN_is_prime,
-     using 50 iterations of the Rabin-Miller test.
-
-     DSA_generate_parameters now uses BN_is_prime_fasttest (with 50
-     iterations of the Rabin-Miller test as required by the appendix
-     to FIPS PUB 186[-1]) instead of DSA_is_prime.
-     As BN_is_prime_fasttest includes trial division, DSA parameter
-     generation becomes much faster.
-
-     This implies a change for the callback functions in DSA_is_prime
-     and DSA_generate_parameters: The callback function is called once
-     for each positive witness in the Rabin-Miller test, not just
-     occasionally in the inner loop; and the parameters to the
-     callback function now provide an iteration count for the outer
-     loop rather than for the current invocation of the inner loop.
-     DSA_generate_parameters additionally can call the callback
-     function with an 'iteration count' of -1, meaning that a
-     candidate has passed the trial division test (when q is generated 
-     from an application-provided seed, trial division is skipped).
-     [Bodo Moeller]
-
-  *) New function BN_is_prime_fasttest that optionally does trial
-     division before starting the Rabin-Miller test and has
-     an additional BN_CTX * argument (whereas BN_is_prime always
-     has to allocate at least one BN_CTX).
-     'callback(1, -1, cb_arg)' is called when a number has passed the
-     trial division stage.
-     [Bodo Moeller]
-
-  *) Fix for bug in CRL encoding. The validity dates weren't being handled
-     as ASN1_TIME.
-     [Steve Henson]
-
-  *) New -pkcs12 option to CA.pl script to write out a PKCS#12 file.
-     [Steve Henson]
-
-  *) New function BN_pseudo_rand().
-     [Ulf Möller]
-
-  *) Clean up BN_mod_mul_montgomery(): replace the broken (and unreadable)
-     bignum version of BN_from_montgomery() with the working code from
-     SSLeay 0.9.0 (the word based version is faster anyway), and clean up
-     the comments.
-     [Ulf Möller]
-
-  *) Avoid a race condition in s2_clnt.c (function get_server_hello) that
-     made it impossible to use the same SSL_SESSION data structure in
-     SSL2 clients in multiple threads.
-     [Bodo Moeller]
-
-  *) The return value of RAND_load_file() no longer counts bytes obtained
-     by stat().  RAND_load_file(..., -1) is new and uses the complete file
-     to seed the PRNG (previously an explicit byte count was required).
-     [Ulf Möller, Bodo Möller]
-
-  *) Clean up CRYPTO_EX_DATA functions, some of these didn't have prototypes
-     used (char *) instead of (void *) and had casts all over the place.
-     [Steve Henson]
-
-  *) Make BN_generate_prime() return NULL on error if ret!=NULL.
-     [Ulf Möller]
-
-  *) Retain source code compatibility for BN_prime_checks macro:
-     BN_is_prime(..., BN_prime_checks, ...) now uses
-     BN_prime_checks_for_size to determine the appropriate number of
-     Rabin-Miller iterations.
-     [Ulf Möller]
-
-  *) Diffie-Hellman uses "safe" primes: DH_check() return code renamed to
-     DH_CHECK_P_NOT_SAFE_PRIME.
-     (Check if this is true? OpenPGP calls them "strong".)
-     [Ulf Möller]
-
-  *) Merge the functionality of "dh" and "gendh" programs into a new program
-     "dhparam". The old programs are retained for now but will handle DH keys
-     (instead of parameters) in future.
-     [Steve Henson]
-
-  *) Make the ciphers, s_server and s_client programs check the return values
-     when a new cipher list is set.
-     [Steve Henson]
-
-  *) Enhance the SSL/TLS cipher mechanism to correctly handle the TLS 56bit
-     ciphers. Before when the 56bit ciphers were enabled the sorting was
-     wrong.
-
-     The syntax for the cipher sorting has been extended to support sorting by
-     cipher-strength (using the strength_bits hard coded in the tables).
-     The new command is "@STRENGTH" (see also doc/apps/ciphers.pod).
-
-     Fix a bug in the cipher-command parser: when supplying a cipher command
-     string with an "undefined" symbol (neither command nor alphanumeric
-     [A-Za-z0-9], ssl_set_cipher_list used to hang in an endless loop. Now
-     an error is flagged.
-
-     Due to the strength-sorting extension, the code of the
-     ssl_create_cipher_list() function was completely rearranged. I hope that
-     the readability was also increased :-)
-     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>]
-
-  *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1
-     for the first serial number and places 2 in the serial number file. This
-     avoids problems when the root CA is created with serial number zero and
-     the first user certificate has the same issuer name and serial number
-     as the root CA.
-     [Steve Henson]
-
-  *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses
-     the new code. Add documentation for this stuff.
-     [Steve Henson]
-
-  *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
-     X509_*() to X509at_*() on the grounds that they don't handle X509
-     structures and behave in an analagous way to the X509v3 functions:
-     they shouldn't be called directly but wrapper functions should be used
-     instead.
-
-     So we also now have some wrapper functions that call the X509at functions
-     when passed certificate requests. (TO DO: similar things can be done with
-     PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
-     things. Some of these need some d2i or i2d and print functionality
-     because they handle more complex structures.)
-     [Steve Henson]
-
-  *) Add missing #ifndefs that caused missing symbols when building libssl
-     as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
-     NO_RSA in ssl/s2*.c. 
-     [Kris Kennaway <kris@hub.freebsd.org>, modified by Ulf Möller]
-
-  *) Precautions against using the PRNG uninitialized: RAND_bytes() now
-     has a return value which indicates the quality of the random data
-     (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
-     error queue. New function RAND_pseudo_bytes() generates output that is
-     guaranteed to be unique but not unpredictable. RAND_add is like
-     RAND_seed, but takes an extra argument for an entropy estimate
-     (RAND_seed always assumes full entropy).
-     [Ulf Möller]
-
-  *) Do more iterations of Rabin-Miller probable prime test (specifically,
-     3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
-     instead of only 2 for all lengths; see BN_prime_checks_for_size definition
-     in crypto/bn/bn_prime.c for the complete table).  This guarantees a
-     false-positive rate of at most 2^-80 for random input.
-     [Bodo Moeller]
-
-  *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
-     [Bodo Moeller]
-
-  *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain
-     in the 0.9.5 release), this returns the chain
-     from an X509_CTX structure with a dup of the stack and all
-     the X509 reference counts upped: so the stack will exist
-     after X509_CTX_cleanup() has been called. Modify pkcs12.c
-     to use this.
-
-     Also make SSL_SESSION_print() print out the verify return
-     code.
-     [Steve Henson]
-
-  *) Add manpage for the pkcs12 command. Also change the default
-     behaviour so MAC iteration counts are used unless the new
-     -nomaciter option is used. This improves file security and
-     only older versions of MSIE (4.0 for example) need it.
-     [Steve Henson]
-
-  *) Honor the no-xxx Configure options when creating .DEF files.
-     [Ulf Möller]
-
-  *) Add PKCS#10 attributes to field table: challengePassword, 
-     unstructuredName and unstructuredAddress. These are taken from
-     draft PKCS#9 v2.0 but are compatible with v1.2 provided no 
-     international characters are used.
-
-     More changes to X509_ATTRIBUTE code: allow the setting of types
-     based on strings. Remove the 'loc' parameter when adding
-     attributes because these will be a SET OF encoding which is sorted
-     in ASN1 order.
-     [Steve Henson]
-
-  *) Initial changes to the 'req' utility to allow request generation
-     automation. This will allow an application to just generate a template
-     file containing all the field values and have req construct the
-     request.
-
-     Initial support for X509_ATTRIBUTE handling. Stacks of these are
-     used all over the place including certificate requests and PKCS#7
-     structures. They are currently handled manually where necessary with
-     some primitive wrappers for PKCS#7. The new functions behave in a
-     manner analogous to the X509 extension functions: they allow
-     attributes to be looked up by NID and added.
-
-     Later something similar to the X509V3 code would be desirable to
-     automatically handle the encoding, decoding and printing of the
-     more complex types. The string types like challengePassword can
-     be handled by the string table functions.
-
-     Also modified the multi byte string table handling. Now there is
-     a 'global mask' which masks out certain types. The table itself
-     can use the flag STABLE_NO_MASK to ignore the mask setting: this
-     is useful when for example there is only one permissible type
-     (as in countryName) and using the mask might result in no valid
-     types at all.
-     [Steve Henson]
-
-  *) Clean up 'Finished' handling, and add functions SSL_get_finished and
-     SSL_get_peer_finished to allow applications to obtain the latest
-     Finished messages sent to the peer or expected from the peer,
-     respectively.  (SSL_get_peer_finished is usually the Finished message
-     actually received from the peer, otherwise the protocol will be aborted.)
-
-     As the Finished message are message digests of the complete handshake
-     (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
-     be used for external authentication procedures when the authentication
-     provided by SSL/TLS is not desired or is not enough.
-     [Bodo Moeller]
-
-  *) Enhanced support for Alpha Linux is added. Now ./config checks if
-     the host supports BWX extension and if Compaq C is present on the
-     $PATH. Just exploiting of the BWX extension results in 20-30%
-     performance kick for some algorithms, e.g. DES and RC4 to mention
-     a couple. Compaq C in turn generates ~20% faster code for MD5 and
-     SHA1.
-     [Andy Polyakov]
-
-  *) Add support for MS "fast SGC". This is arguably a violation of the
-     SSL3/TLS protocol. Netscape SGC does two handshakes: the first with
-     weak crypto and after checking the certificate is SGC a second one
-     with strong crypto. MS SGC stops the first handshake after receiving
-     the server certificate message and sends a second client hello. Since
-     a server will typically do all the time consuming operations before
-     expecting any further messages from the client (server key exchange
-     is the most expensive) there is little difference between the two.
-
-     To get OpenSSL to support MS SGC we have to permit a second client
-     hello message after we have sent server done. In addition we have to
-     reset the MAC if we do get this second client hello.
-     [Steve Henson]
-
-  *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide
-     if a DER encoded private key is RSA or DSA traditional format. Changed
-     d2i_PrivateKey_bio() to use it. This is only needed for the "traditional"
-     format DER encoded private key. Newer code should use PKCS#8 format which
-     has the key type encoded in the ASN1 structure. Added DER private key
-     support to pkcs8 application.
-     [Steve Henson]
-
-  *) SSL 3/TLS 1 servers now don't request certificates when an anonymous
-     ciphersuites has been selected (as required by the SSL 3/TLS 1
-     specifications).  Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT
-     is set, we interpret this as a request to violate the specification
-     (the worst that can happen is a handshake failure, and 'correct'
-     behaviour would result in a handshake failure anyway).
-     [Bodo Moeller]
-
-  *) In SSL_CTX_add_session, take into account that there might be multiple
-     SSL_SESSION structures with the same session ID (e.g. when two threads
-     concurrently obtain them from an external cache).
-     The internal cache can handle only one SSL_SESSION with a given ID,
-     so if there's a conflict, we now throw out the old one to achieve
-     consistency.
-     [Bodo Moeller]
-
-  *) Add OIDs for idea and blowfish in CBC mode. This will allow both
-     to be used in PKCS#5 v2.0 and S/MIME.  Also add checking to
-     some routines that use cipher OIDs: some ciphers do not have OIDs
-     defined and so they cannot be used for S/MIME and PKCS#5 v2.0 for
-     example.
-     [Steve Henson]
-
-  *) Simplify the trust setting structure and code. Now we just have
-     two sequences of OIDs for trusted and rejected settings. These will
-     typically have values the same as the extended key usage extension
-     and any application specific purposes.
-
-     The trust checking code now has a default behaviour: it will just
-     check for an object with the same NID as the passed id. Functions can
-     be provided to override either the default behaviour or the behaviour
-     for a given id. SSL client, server and email already have functions
-     in place for compatibility: they check the NID and also return "trusted"
-     if the certificate is self signed.
-     [Steve Henson]
-
-  *) Add d2i,i2d bio/fp functions for PrivateKey: these convert the
-     traditional format into an EVP_PKEY structure.
-     [Steve Henson]
-
-  *) Add a password callback function PEM_cb() which either prompts for
-     a password if usr_data is NULL or otherwise assumes it is a null
-     terminated password. Allow passwords to be passed on command line
-     environment or config files in a few more utilities.
-     [Steve Henson]
-
-  *) Add a bunch of DER and PEM functions to handle PKCS#8 format private
-     keys. Add some short names for PKCS#8 PBE algorithms and allow them
-     to be specified on the command line for the pkcs8 and pkcs12 utilities.
-     Update documentation.
-     [Steve Henson]
-
-  *) Support for ASN1 "NULL" type. This could be handled before by using
-     ASN1_TYPE but there wasn't any function that would try to read a NULL
-     and produce an error if it couldn't. For compatibility we also have
-     ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and
-     don't allocate anything because they don't need to.
-     [Steve Henson]
-
-  *) Initial support for MacOS is now provided. Examine INSTALL.MacOS
-     for details.
-     [Andy Polyakov, Roy Woods <roy@centicsystems.ca>]
-
-  *) Rebuild of the memory allocation routines used by OpenSSL code and
-     possibly others as well.  The purpose is to make an interface that
-     provide hooks so anyone can build a separate set of allocation and
-     deallocation routines to be used by OpenSSL, for example memory
-     pool implementations, or something else, which was previously hard
-     since Malloc(), Realloc() and Free() were defined as macros having
-     the values malloc, realloc and free, respectively (except for Win32
-     compilations).  The same is provided for memory debugging code.
-     OpenSSL already comes with functionality to find memory leaks, but
-     this gives people a chance to debug other memory problems.
-
-     With these changes, a new set of functions and macros have appeared:
-
-       CRYPTO_set_mem_debug_functions()	        [F]
-       CRYPTO_get_mem_debug_functions()         [F]
-       CRYPTO_dbg_set_options()	                [F]
-       CRYPTO_dbg_get_options()                 [F]
-       CRYPTO_malloc_debug_init()               [M]
-
-     The memory debug functions are NULL by default, unless the library
-     is compiled with CRYPTO_MDEBUG or friends is defined.  If someone
-     wants to debug memory anyway, CRYPTO_malloc_debug_init() (which
-     gives the standard debugging functions that come with OpenSSL) or
-     CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions
-     provided by the library user) must be used.  When the standard
-     debugging functions are used, CRYPTO_dbg_set_options can be used to
-     request additional information:
-     CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting
-     the CRYPTO_MDEBUG_xxx macro when compiling the library.   
-
-     Also, things like CRYPTO_set_mem_functions will always give the
-     expected result (the new set of functions is used for allocation
-     and deallocation) at all times, regardless of platform and compiler
-     options.
-
-     To finish it up, some functions that were never use in any other
-     way than through macros have a new API and new semantic:
-
-       CRYPTO_dbg_malloc()
-       CRYPTO_dbg_realloc()
-       CRYPTO_dbg_free()
-
-     All macros of value have retained their old syntax.
-     [Richard Levitte and Bodo Moeller]
-
-  *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
-     ordering of SMIMECapabilities wasn't in "strength order" and there
-     was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
-     algorithm.
-     [Steve Henson]
-
-  *) Some ASN1 types with illegal zero length encoding (INTEGER,
-     ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
-     [Frans Heymans <fheymans@isaserver.be>, modified by Steve Henson]
-
-  *) Merge in my S/MIME library for OpenSSL. This provides a simple
-     S/MIME API on top of the PKCS#7 code, a MIME parser (with enough
-     functionality to handle multipart/signed properly) and a utility
-     called 'smime' to call all this stuff. This is based on code I
-     originally wrote for Celo who have kindly allowed it to be
-     included in OpenSSL.
-     [Steve Henson]
-
-  *) Add variants des_set_key_checked and des_set_key_unchecked of
-     des_set_key (aka des_key_sched).  Global variable des_check_key
-     decides which of these is called by des_set_key; this way
-     des_check_key behaves as it always did, but applications and
-     the library itself, which was buggy for des_check_key == 1,
-     have a cleaner way to pick the version they need.
-     [Bodo Moeller]
-
-  *) New function PKCS12_newpass() which changes the password of a
-     PKCS12 structure.
-     [Steve Henson]
-
-  *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and
-     dynamic mix. In both cases the ids can be used as an index into the
-     table. Also modified the X509_TRUST_add() and X509_PURPOSE_add()
-     functions so they accept a list of the field values and the
-     application doesn't need to directly manipulate the X509_TRUST
-     structure.
-     [Steve Henson]
-
-  *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't
-     need initialising.
-     [Steve Henson]
-
-  *) Modify the way the V3 extension code looks up extensions. This now
-     works in a similar way to the object code: we have some "standard"
-     extensions in a static table which is searched with OBJ_bsearch()
-     and the application can add dynamic ones if needed. The file
-     crypto/x509v3/ext_dat.h now has the info: this file needs to be
-     updated whenever a new extension is added to the core code and kept
-     in ext_nid order. There is a simple program 'tabtest.c' which checks
-     this. New extensions are not added too often so this file can readily
-     be maintained manually.
-
-     There are two big advantages in doing things this way. The extensions
-     can be looked up immediately and no longer need to be "added" using
-     X509V3_add_standard_extensions(): this function now does nothing.
-     [Side note: I get *lots* of email saying the extension code doesn't
-      work because people forget to call this function]
-     Also no dynamic allocation is done unless new extensions are added:
-     so if we don't add custom extensions there is no need to call
-     X509V3_EXT_cleanup().
-     [Steve Henson]
-
-  *) Modify enc utility's salting as follows: make salting the default. Add a
-     magic header, so unsalted files fail gracefully instead of just decrypting
-     to garbage. This is because not salting is a big security hole, so people
-     should be discouraged from doing it.
-     [Ben Laurie]
-
-  *) Fixes and enhancements to the 'x509' utility. It allowed a message
-     digest to be passed on the command line but it only used this
-     parameter when signing a certificate. Modified so all relevant
-     operations are affected by the digest parameter including the
-     -fingerprint and -x509toreq options. Also -x509toreq choked if a
-     DSA key was used because it didn't fix the digest.
-     [Steve Henson]
-
-  *) Initial certificate chain verify code. Currently tests the untrusted
-     certificates for consistency with the verify purpose (which is set
-     when the X509_STORE_CTX structure is set up) and checks the pathlength.
-
-     There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
-     this is because it will reject chains with invalid extensions whereas
-     every previous version of OpenSSL and SSLeay made no checks at all.
-
-     Trust code: checks the root CA for the relevant trust settings. Trust
-     settings have an initial value consistent with the verify purpose: e.g.
-     if the verify purpose is for SSL client use it expects the CA to be
-     trusted for SSL client use. However the default value can be changed to
-     permit custom trust settings: one example of this would be to only trust
-     certificates from a specific "secure" set of CAs.
-
-     Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions
-     which should be used for version portability: especially since the
-     verify structure is likely to change more often now.
-
-     SSL integration. Add purpose and trust to SSL_CTX and SSL and functions
-     to set them. If not set then assume SSL clients will verify SSL servers
-     and vice versa.
-
-     Two new options to the verify program: -untrusted allows a set of
-     untrusted certificates to be passed in and -purpose which sets the
-     intended purpose of the certificate. If a purpose is set then the
-     new chain verify code is used to check extension consistency.
-     [Steve Henson]
-
-  *) Support for the authority information access extension.
-     [Steve Henson]
-
-  *) Modify RSA and DSA PEM read routines to transparently handle
-     PKCS#8 format private keys. New *_PUBKEY_* functions that handle
-     public keys in a format compatible with certificate
-     SubjectPublicKeyInfo structures. Unfortunately there were already
-     functions called *_PublicKey_* which used various odd formats so
-     these are retained for compatibility: however the DSA variants were
-     never in a public release so they have been deleted. Changed dsa/rsa
-     utilities to handle the new format: note no releases ever handled public
-     keys so we should be OK.
-
-     The primary motivation for this change is to avoid the same fiasco
-     that dogs private keys: there are several incompatible private key
-     formats some of which are standard and some OpenSSL specific and
-     require various evil hacks to allow partial transparent handling and
-     even then it doesn't work with DER formats. Given the option anything
-     other than PKCS#8 should be dumped: but the other formats have to
-     stay in the name of compatibility.
-
-     With public keys and the benefit of hindsight one standard format 
-     is used which works with EVP_PKEY, RSA or DSA structures: though
-     it clearly returns an error if you try to read the wrong kind of key.
-
-     Added a -pubkey option to the 'x509' utility to output the public key.
-     Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*()
-     (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add
-     EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*())
-     that do the same as the EVP_PKEY_assign_*() except they up the
-     reference count of the added key (they don't "swallow" the
-     supplied key).
-     [Steve Henson]
-
-  *) Fixes to crypto/x509/by_file.c the code to read in certificates and
-     CRLs would fail if the file contained no certificates or no CRLs:
-     added a new function to read in both types and return the number
-     read: this means that if none are read it will be an error. The
-     DER versions of the certificate and CRL reader would always fail
-     because it isn't possible to mix certificates and CRLs in DER format
-     without choking one or the other routine. Changed this to just read
-     a certificate: this is the best we can do. Also modified the code
-     in apps/verify.c to take notice of return codes: it was previously
-     attempting to read in certificates from NULL pointers and ignoring
-     any errors: this is one reason why the cert and CRL reader seemed
-     to work. It doesn't check return codes from the default certificate
-     routines: these may well fail if the certificates aren't installed.
-     [Steve Henson]
-
-  *) Code to support otherName option in GeneralName.
-     [Steve Henson]
-
-  *) First update to verify code. Change the verify utility
-     so it warns if it is passed a self signed certificate:
-     for consistency with the normal behaviour. X509_verify
-     has been modified to it will now verify a self signed
-     certificate if *exactly* the same certificate appears
-     in the store: it was previously impossible to trust a
-     single self signed certificate. This means that:
-     openssl verify ss.pem
-     now gives a warning about a self signed certificate but
-     openssl verify -CAfile ss.pem ss.pem
-     is OK.
-     [Steve Henson]
-
-  *) For servers, store verify_result in SSL_SESSION data structure
-     (and add it to external session representation).
-     This is needed when client certificate verifications fails,
-     but an application-provided verification callback (set by
-     SSL_CTX_set_cert_verify_callback) allows accepting the session
-     anyway (i.e. leaves x509_store_ctx->error != X509_V_OK
-     but returns 1): When the session is reused, we have to set
-     ssl->verify_result to the appropriate error code to avoid
-     security holes.
-     [Bodo Moeller, problem pointed out by Lutz Jaenicke]
-
-  *) Fix a bug in the new PKCS#7 code: it didn't consider the
-     case in PKCS7_dataInit() where the signed PKCS7 structure
-     didn't contain any existing data because it was being created.
-     [Po-Cheng Chen <pocheng@nst.com.tw>, slightly modified by Steve Henson]
-
-  *) Add a salt to the key derivation routines in enc.c. This
-     forms the first 8 bytes of the encrypted file. Also add a
-     -S option to allow a salt to be input on the command line.
-     [Steve Henson]
-
-  *) New function X509_cmp(). Oddly enough there wasn't a function
-     to compare two certificates. We do this by working out the SHA1
-     hash and comparing that. X509_cmp() will be needed by the trust
-     code.
-     [Steve Henson]
-
-  *) SSL_get1_session() is like SSL_get_session(), but increments
-     the reference count in the SSL_SESSION returned.
-     [Geoff Thorpe <geoff@eu.c2.net>]
-
-  *) Fix for 'req': it was adding a null to request attributes.
-     Also change the X509_LOOKUP and X509_INFO code to handle
-     certificate auxiliary information.
-     [Steve Henson]
-
-  *) Add support for 40 and 64 bit RC2 and RC4 algorithms: document
-     the 'enc' command.
-     [Steve Henson]
-
-  *) Add the possibility to add extra information to the memory leak
-     detecting output, to form tracebacks, showing from where each
-     allocation was originated: CRYPTO_push_info("constant string") adds
-     the string plus current file name and line number to a per-thread
-     stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
-     is like calling CYRPTO_pop_info() until the stack is empty.
-     Also updated memory leak detection code to be multi-thread-safe.
-     [Richard Levitte]
-
-  *) Add options -text and -noout to pkcs7 utility and delete the
-     encryption options which never did anything. Update docs.
-     [Steve Henson]
-
-  *) Add options to some of the utilities to allow the pass phrase
-     to be included on either the command line (not recommended on
-     OSes like Unix) or read from the environment. Update the
-     manpages and fix a few bugs.
-     [Steve Henson]
-
-  *) Add a few manpages for some of the openssl commands.
-     [Steve Henson]
-
-  *) Fix the -revoke option in ca. It was freeing up memory twice,
-     leaking and not finding already revoked certificates.
-     [Steve Henson]
-
-  *) Extensive changes to support certificate auxiliary information.
-     This involves the use of X509_CERT_AUX structure and X509_AUX
-     functions. An X509_AUX function such as PEM_read_X509_AUX()
-     can still read in a certificate file in the usual way but it
-     will also read in any additional "auxiliary information". By
-     doing things this way a fair degree of compatibility can be
-     retained: existing certificates can have this information added
-     using the new 'x509' options. 
-
-     Current auxiliary information includes an "alias" and some trust
-     settings. The trust settings will ultimately be used in enhanced
-     certificate chain verification routines: currently a certificate
-     can only be trusted if it is self signed and then it is trusted
-     for all purposes.
-     [Steve Henson]
-
-  *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
-     The problem was that one of the replacement routines had not been working
-     since SSLeay releases.  For now the offending routine has been replaced
-     with non-optimised assembler.  Even so, this now gives around 95%
-     performance improvement for 1024 bit RSA signs.
-     [Mark Cox]
-
-  *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 
-     handling. Most clients have the effective key size in bits equal to
-     the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key.
-     A few however don't do this and instead use the size of the decrypted key
-     to determine the RC2 key length and the AlgorithmIdentifier to determine
-     the effective key length. In this case the effective key length can still
-     be 40 bits but the key length can be 168 bits for example. This is fixed
-     by manually forcing an RC2 key into the EVP_PKEY structure because the
-     EVP code can't currently handle unusual RC2 key sizes: it always assumes
-     the key length and effective key length are equal.
-     [Steve Henson]
-
-  *) Add a bunch of functions that should simplify the creation of 
-     X509_NAME structures. Now you should be able to do:
-     X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, "Steve", -1, -1, 0);
-     and have it automatically work out the correct field type and fill in
-     the structures. The more adventurous can try:
-     X509_NAME_add_entry_by_txt(nm, field, MBSTRING_UTF8, str, -1, -1, 0);
-     and it will (hopefully) work out the correct multibyte encoding.
-     [Steve Henson]
-
-  *) Change the 'req' utility to use the new field handling and multibyte
-     copy routines. Before the DN field creation was handled in an ad hoc
-     way in req, ca, and x509 which was rather broken and didn't support
-     BMPStrings or UTF8Strings. Since some software doesn't implement
-     BMPStrings or UTF8Strings yet, they can be enabled using the config file
-     using the dirstring_type option. See the new comment in the default
-     openssl.cnf for more info.
-     [Steve Henson]
-
-  *) Make crypto/rand/md_rand.c more robust:
-     - Assure unique random numbers after fork().
-     - Make sure that concurrent threads access the global counter and
-       md serializably so that we never lose entropy in them
-       or use exactly the same state in multiple threads.
-       Access to the large state is not always serializable because
-       the additional locking could be a performance killer, and
-       md should be large enough anyway.
-     [Bodo Moeller]
-
-  *) New file apps/app_rand.c with commonly needed functionality
-     for handling the random seed file.
-
-     Use the random seed file in some applications that previously did not:
-          ca,
-          dsaparam -genkey (which also ignored its '-rand' option), 
-          s_client,
-          s_server,
-          x509 (when signing).
-     Except on systems with /dev/urandom, it is crucial to have a random
-     seed file at least for key creation, DSA signing, and for DH exchanges;
-     for RSA signatures we could do without one.
-
-     gendh and gendsa (unlike genrsa) used to read only the first byte
-     of each file listed in the '-rand' option.  The function as previously
-     found in genrsa is now in app_rand.c and is used by all programs
-     that support '-rand'.
-     [Bodo Moeller]
-
-  *) In RAND_write_file, use mode 0600 for creating files;
-     don't just chmod when it may be too late.
-     [Bodo Moeller]
-
-  *) Report an error from X509_STORE_load_locations
-     when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
-     [Bill Perry]
-
-  *) New function ASN1_mbstring_copy() this copies a string in either
-     ASCII, Unicode, Universal (4 bytes per character) or UTF8 format
-     into an ASN1_STRING type. A mask of permissible types is passed
-     and it chooses the "minimal" type to use or an error if not type
-     is suitable.
-     [Steve Henson]
-
-  *) Add function equivalents to the various macros in asn1.h. The old
-     macros are retained with an M_ prefix. Code inside the library can
-     use the M_ macros. External code (including the openssl utility)
-     should *NOT* in order to be "shared library friendly".
-     [Steve Henson]
-
-  *) Add various functions that can check a certificate's extensions
-     to see if it usable for various purposes such as SSL client,
-     server or S/MIME and CAs of these types. This is currently 
-     VERY EXPERIMENTAL but will ultimately be used for certificate chain
-     verification. Also added a -purpose flag to x509 utility to
-     print out all the purposes.
-     [Steve Henson]
-
-  *) Add a CRYPTO_EX_DATA to X509 certificate structure and associated
-     functions.
-     [Steve Henson]
-
-  *) New X509V3_{X509,CRL,REVOKED}_get_d2i() functions. These will search
-     for, obtain and decode and extension and obtain its critical flag.
-     This allows all the necessary extension code to be handled in a
-     single function call.
-     [Steve Henson]
-
-  *) RC4 tune-up featuring 30-40% performance improvement on most RISC
-     platforms. See crypto/rc4/rc4_enc.c for further details.
-     [Andy Polyakov]
-
-  *) New -noout option to asn1parse. This causes no output to be produced
-     its main use is when combined with -strparse and -out to extract data
-     from a file (which may not be in ASN.1 format).
-     [Steve Henson]
-
-  *) Fix for pkcs12 program. It was hashing an invalid certificate pointer
-     when producing the local key id.
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) New option -dhparam in s_server. This allows a DH parameter file to be
-     stated explicitly. If it is not stated then it tries the first server
-     certificate file. The previous behaviour hard coded the filename
-     "server.pem".
-     [Steve Henson]
-
-  *) Add -pubin and -pubout options to the rsa and dsa commands. These allow
-     a public key to be input or output. For example:
-     openssl rsa -in key.pem -pubout -out pubkey.pem
-     Also added necessary DSA public key functions to handle this.
-     [Steve Henson]
-
-  *) Fix so PKCS7_dataVerify() doesn't crash if no certificates are contained
-     in the message. This was handled by allowing
-     X509_find_by_issuer_and_serial() to tolerate a NULL passed to it.
-     [Steve Henson, reported by Sampo Kellomaki <sampo@mail.neuronio.pt>]
-
-  *) Fix for bug in d2i_ASN1_bytes(): other ASN1 functions add an extra null
-     to the end of the strings whereas this didn't. This would cause problems
-     if strings read with d2i_ASN1_bytes() were later modified.
-     [Steve Henson, reported by Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Fix for base64 decode bug. When a base64 bio reads only one line of
-     data and it contains EOF it will end up returning an error. This is
-     caused by input 46 bytes long. The cause is due to the way base64
-     BIOs find the start of base64 encoded data. They do this by trying a
-     trial decode on each line until they find one that works. When they
-     do a flag is set and it starts again knowing it can pass all the
-     data directly through the decoder. Unfortunately it doesn't reset
-     the context it uses. This means that if EOF is reached an attempt
-     is made to pass two EOFs through the context and this causes the
-     resulting error. This can also cause other problems as well. As is
-     usual with these problems it takes *ages* to find and the fix is
-     trivial: move one line.
-     [Steve Henson, reported by ian@uns.ns.ac.yu (Ivan Nejgebauer) ]
-
-  *) Ugly workaround to get s_client and s_server working under Windows. The
-     old code wouldn't work because it needed to select() on sockets and the
-     tty (for keypresses and to see if data could be written). Win32 only
-     supports select() on sockets so we select() with a 1s timeout on the
-     sockets and then see if any characters are waiting to be read, if none
-     are present then we retry, we also assume we can always write data to
-     the tty. This isn't nice because the code then blocks until we've
-     received a complete line of data and it is effectively polling the
-     keyboard at 1s intervals: however it's quite a bit better than not
-     working at all :-) A dedicated Windows application might handle this
-     with an event loop for example.
-     [Steve Henson]
-
-  *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
-     and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
-     will be called when RSA_sign() and RSA_verify() are used. This is useful
-     if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
-     For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
-     should *not* be used: RSA_sign() and RSA_verify() must be used instead.
-     This necessitated the support of an extra signature type NID_md5_sha1
-     for SSL signatures and modifications to the SSL library to use it instead
-     of calling RSA_public_decrypt() and RSA_private_encrypt().
-     [Steve Henson]
-
-  *) Add new -verify -CAfile and -CApath options to the crl program, these
-     will lookup a CRL issuers certificate and verify the signature in a
-     similar way to the verify program. Tidy up the crl program so it
-     no longer accesses structures directly. Make the ASN1 CRL parsing a bit
-     less strict. It will now permit CRL extensions even if it is not
-     a V2 CRL: this will allow it to tolerate some broken CRLs.
-     [Steve Henson]
-
-  *) Initialize all non-automatic variables each time one of the openssl
-     sub-programs is started (this is necessary as they may be started
-     multiple times from the "OpenSSL>" prompt).
-     [Lennart Bang, Bodo Moeller]
-
-  *) Preliminary compilation option RSA_NULL which disables RSA crypto without
-     removing all other RSA functionality (this is what NO_RSA does). This
-     is so (for example) those in the US can disable those operations covered
-     by the RSA patent while allowing storage and parsing of RSA keys and RSA
-     key generation.
-     [Steve Henson]
-
-  *) Non-copying interface to BIO pairs.
-     (still largely untested)
-     [Bodo Moeller]
-
-  *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
-     ASCII string. This was handled independently in various places before.
-     [Steve Henson]
-
-  *) New functions UTF8_getc() and UTF8_putc() that parse and generate
-     UTF8 strings a character at a time.
-     [Steve Henson]
-
-  *) Use client_version from client hello to select the protocol
-     (s23_srvr.c) and for RSA client key exchange verification
-     (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
-     [Bodo Moeller]
-
-  *) Add various utility functions to handle SPKACs, these were previously
-     handled by poking round in the structure internals. Added new function
-     NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
-     print, verify and generate SPKACs. Based on an original idea from
-     Massimiliano Pala <madwolf@comune.modena.it> but extensively modified.
-     [Steve Henson]
-
-  *) RIPEMD160 is operational on all platforms and is back in 'make test'.
-     [Andy Polyakov]
-
-  *) Allow the config file extension section to be overwritten on the
-     command line. Based on an original idea from Massimiliano Pala
-     <madwolf@comune.modena.it>. The new option is called -extensions
-     and can be applied to ca, req and x509. Also -reqexts to override
-     the request extensions in req and -crlexts to override the crl extensions
-     in ca.
-     [Steve Henson]
-
-  *) Add new feature to the SPKAC handling in ca.  Now you can include
-     the same field multiple times by preceding it by "XXXX." for example:
-     1.OU="Unit name 1"
-     2.OU="Unit name 2"
-     this is the same syntax as used in the req config file.
-     [Steve Henson]
-
-  *) Allow certificate extensions to be added to certificate requests. These
-     are specified in a 'req_extensions' option of the req section of the
-     config file. They can be printed out with the -text option to req but
-     are otherwise ignored at present.
-     [Steve Henson]
-
-  *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
-     data read consists of only the final block it would not decrypted because
-     EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
-     A misplaced 'break' also meant the decrypted final block might not be
-     copied until the next read.
-     [Steve Henson]
-
-  *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
-     a few extra parameters to the DH structure: these will be useful if
-     for example we want the value of 'q' or implement X9.42 DH.
-     [Steve Henson]
-
-  *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
-     provides hooks that allow the default DSA functions or functions on a
-     "per key" basis to be replaced. This allows hardware acceleration and
-     hardware key storage to be handled without major modification to the
-     library. Also added low level modexp hooks and CRYPTO_EX structure and 
-     associated functions.
-     [Steve Henson]
-
-  *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
-     as "read only": it can't be written to and the buffer it points to will
-     not be freed. Reading from a read only BIO is much more efficient than
-     a normal memory BIO. This was added because there are several times when
-     an area of memory needs to be read from a BIO. The previous method was
-     to create a memory BIO and write the data to it, this results in two
-     copies of the data and an O(n^2) reading algorithm. There is a new
-     function BIO_new_mem_buf() which creates a read only memory BIO from
-     an area of memory. Also modified the PKCS#7 routines to use read only
-     memory BIOs.
-     [Steve Henson]
-
-  *) Bugfix: ssl23_get_client_hello did not work properly when called in
-     state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
-     a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
-     but a retry condition occured while trying to read the rest.
-     [Bodo Moeller]
-
-  *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
-     NID_pkcs7_encrypted by default: this was wrong since this should almost
-     always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
-     the encrypted data type: this is a more sensible place to put it and it
-     allows the PKCS#12 code to be tidied up that duplicated this
-     functionality.
-     [Steve Henson]
-
-  *) Changed obj_dat.pl script so it takes its input and output files on
-     the command line. This should avoid shell escape redirection problems
-     under Win32.
-     [Steve Henson]
-
-  *) Initial support for certificate extension requests, these are included
-     in things like Xenroll certificate requests. Included functions to allow
-     extensions to be obtained and added.
-     [Steve Henson]
-
-  *) -crlf option to s_client and s_server for sending newlines as
-     CRLF (as required by many protocols).
-     [Bodo Moeller]
-
- Changes between 0.9.3a and 0.9.4  [09 Aug 1999]
-  
-  *) Install libRSAglue.a when OpenSSL is built with RSAref.
-     [Ralf S. Engelschall]
-
-  *) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
-     [Andrija Antonijevic <TheAntony2@bigfoot.com>]
-
-  *) Fix -startdate and -enddate (which was missing) arguments to 'ca'
-     program.
-     [Steve Henson]
-
-  *) New function DSA_dup_DH, which duplicates DSA parameters/keys as
-     DH parameters/keys (q is lost during that conversion, but the resulting
-     DH parameters contain its length).
-
-     For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
-     much faster than DH_generate_parameters (which creates parameters
-     where p = 2*q + 1), and also the smaller q makes DH computations
-     much more efficient (160-bit exponentiation instead of 1024-bit
-     exponentiation); so this provides a convenient way to support DHE
-     ciphersuites in SSL/TLS servers (see ssl/ssltest.c).  It is of
-     utter importance to use
-         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
-     or
-         SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
-     when such DH parameters are used, because otherwise small subgroup
-     attacks may become possible!
-     [Bodo Moeller]
-
-  *) Avoid memory leak in i2d_DHparams.
-     [Bodo Moeller]
-
-  *) Allow the -k option to be used more than once in the enc program:
-     this allows the same encrypted message to be read by multiple recipients.
-     [Steve Henson]
-
-  *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
-     an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
-     it will always use the numerical form of the OID, even if it has a short
-     or long name.
-     [Steve Henson]
-
-  *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
-     method only got called if p,q,dmp1,dmq1,iqmp components were present,
-     otherwise bn_mod_exp was called. In the case of hardware keys for example
-     no private key components need be present and it might store extra data
-     in the RSA structure, which cannot be accessed from bn_mod_exp.
-     By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
-     private key operations.
-     [Steve Henson]
-
-  *) Added support for SPARC Linux.
-     [Andy Polyakov]
-
-  *) pem_password_cb function type incompatibly changed from
-          typedef int pem_password_cb(char *buf, int size, int rwflag);
-     to
-          ....(char *buf, int size, int rwflag, void *userdata);
-     so that applications can pass data to their callbacks:
-     The PEM[_ASN1]_{read,write}... functions and macros now take an
-     additional void * argument, which is just handed through whenever
-     the password callback is called.
-     [Damien Miller <dmiller@ilogic.com.au>; tiny changes by Bodo Moeller]
-
-     New function SSL_CTX_set_default_passwd_cb_userdata.
-
-     Compatibility note: As many C implementations push function arguments
-     onto the stack in reverse order, the new library version is likely to
-     interoperate with programs that have been compiled with the old
-     pem_password_cb definition (PEM_whatever takes some data that
-     happens to be on the stack as its last argument, and the callback
-     just ignores this garbage); but there is no guarantee whatsoever that
-     this will work.
-
-  *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
-     (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
-     problems not only on Windows, but also on some Unix platforms.
-     To avoid problematic command lines, these definitions are now in an
-     auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
-     for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
-     [Bodo Moeller]
-
-  *) MIPS III/IV assembler module is reimplemented.
-     [Andy Polyakov]
-
-  *) More DES library cleanups: remove references to srand/rand and
-     delete an unused file.
-     [Ulf Möller]
-
-  *) Add support for the the free Netwide assembler (NASM) under Win32,
-     since not many people have MASM (ml) and it can be hard to obtain.
-     This is currently experimental but it seems to work OK and pass all
-     the tests. Check out INSTALL.W32 for info.
-     [Steve Henson]
-
-  *) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
-     without temporary keys kept an extra copy of the server key,
-     and connections with temporary keys did not free everything in case
-     of an error.
-     [Bodo Moeller]
-
-  *) New function RSA_check_key and new openssl rsa option -check
-     for verifying the consistency of RSA keys.
-     [Ulf Moeller, Bodo Moeller]
-
-  *) Various changes to make Win32 compile work: 
-     1. Casts to avoid "loss of data" warnings in p5_crpt2.c
-     2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
-        comparison" warnings.
-     3. Add sk_<TYPE>_sort to DEF file generator and do make update.
-     [Steve Henson]
-
-  *) Add a debugging option to PKCS#5 v2 key generation function: when
-     you #define DEBUG_PKCS5V2 passwords, salts, iteration counts and
-     derived keys are printed to stderr.
-     [Steve Henson]
-
-  *) Copy the flags in ASN1_STRING_dup().
-     [Roman E. Pavlov <pre@mo.msk.ru>]
-
-  *) The x509 application mishandled signing requests containing DSA
-     keys when the signing key was also DSA and the parameters didn't match.
-
-     It was supposed to omit the parameters when they matched the signing key:
-     the verifying software was then supposed to automatically use the CA's
-     parameters if they were absent from the end user certificate.
-
-     Omitting parameters is no longer recommended. The test was also
-     the wrong way round! This was probably due to unusual behaviour in
-     EVP_cmp_parameters() which returns 1 if the parameters match. 
-     This meant that parameters were omitted when they *didn't* match and
-     the certificate was useless. Certificates signed with 'ca' didn't have
-     this bug.
-     [Steve Henson, reported by Doug Erickson <Doug.Erickson@Part.NET>]
-
-  *) Memory leak checking (-DCRYPTO_MDEBUG) had some problems.
-     The interface is as follows:
-     Applications can use
-         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) aka MemCheck_start(),
-         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) aka MemCheck_stop();
-     "off" is now the default.
-     The library internally uses
-         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) aka MemCheck_off(),
-         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) aka MemCheck_on()
-     to disable memory-checking temporarily.
-
-     Some inconsistent states that previously were possible (and were
-     even the default) are now avoided.
-
-     -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time
-     with each memory chunk allocated; this is occasionally more helpful
-     than just having a counter.
-
-     -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID.
-
-     -DCRYPTO_MDEBUG_ALL enables all of the above, plus any future
-     extensions.
-     [Bodo Moeller]
-
-  *) Introduce "mode" for SSL structures (with defaults in SSL_CTX),
-     which largely parallels "options", but is for changing API behaviour,
-     whereas "options" are about protocol behaviour.
-     Initial "mode" flags are:
-
-     SSL_MODE_ENABLE_PARTIAL_WRITE   Allow SSL_write to report success when
-                                     a single record has been written.
-     SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER  Don't insist that SSL_write
-                                     retries use the same buffer location.
-                                     (But all of the contents must be
-                                     copied!)
-     [Bodo Moeller]
-
-  *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
-     worked.
-
-  *) Fix problems with no-hmac etc.
-     [Ulf Möller, pointed out by Brian Wellington <bwelling@tislabs.com>]
-
-  *) New functions RSA_get_default_method(), RSA_set_method() and
-     RSA_get_method(). These allows replacement of RSA_METHODs without having
-     to mess around with the internals of an RSA structure.
-     [Steve Henson]
-
-  *) Fix memory leaks in DSA_do_sign and DSA_is_prime.
-     Also really enable memory leak checks in openssl.c and in some
-     test programs.
-     [Chad C. Mulligan, Bodo Moeller]
-
-  *) Fix a bug in d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() which can mess
-     up the length of negative integers. This has now been simplified to just
-     store the length when it is first determined and use it later, rather
-     than trying to keep track of where data is copied and updating it to
-     point to the end.
-     [Steve Henson, reported by Brien Wheeler
-      <bwheeler@authentica-security.com>]
-
-  *) Add a new function PKCS7_signatureVerify. This allows the verification
-     of a PKCS#7 signature but with the signing certificate passed to the
-     function itself. This contrasts with PKCS7_dataVerify which assumes the
-     certificate is present in the PKCS#7 structure. This isn't always the
-     case: certificates can be omitted from a PKCS#7 structure and be
-     distributed by "out of band" means (such as a certificate database).
-     [Steve Henson]
-
-  *) Complete the PEM_* macros with DECLARE_PEM versions to replace the
-     function prototypes in pem.h, also change util/mkdef.pl to add the
-     necessary function names. 
-     [Steve Henson]
-
-  *) mk1mf.pl (used by Windows builds) did not properly read the
-     options set by Configure in the top level Makefile, and Configure
-     was not even able to write more than one option correctly.
-     Fixed, now "no-idea no-rc5 -DCRYPTO_MDEBUG" etc. works as intended.
-     [Bodo Moeller]
-
-  *) New functions CONF_load_bio() and CONF_load_fp() to allow a config
-     file to be loaded from a BIO or FILE pointer. The BIO version will
-     for example allow memory BIOs to contain config info.
-     [Steve Henson]
-
-  *) New function "CRYPTO_num_locks" that returns CRYPTO_NUM_LOCKS.
-     Whoever hopes to achieve shared-library compatibility across versions
-     must use this, not the compile-time macro.
-     (Exercise 0.9.4: Which is the minimum library version required by
-     such programs?)
-     Note: All this applies only to multi-threaded programs, others don't
-     need locks.
-     [Bodo Moeller]
-
-  *) Add missing case to s3_clnt.c state machine -- one of the new SSL tests
-     through a BIO pair triggered the default case, i.e.
-     SSLerr(...,SSL_R_UNKNOWN_STATE).
-     [Bodo Moeller]
-
-  *) New "BIO pair" concept (crypto/bio/bss_bio.c) so that applications
-     can use the SSL library even if none of the specific BIOs is
-     appropriate.
-     [Bodo Moeller]
-
-  *) Fix a bug in i2d_DSAPublicKey() which meant it returned the wrong value
-     for the encoded length.
-     [Jeon KyoungHo <khjeon@sds.samsung.co.kr>]
-
-  *) Add initial documentation of the X509V3 functions.
-     [Steve Henson]
-
-  *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and 
-     PEM_write_bio_PKCS8PrivateKey() that are equivalent to
-     PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
-     secure PKCS#8 private key format with a high iteration count.
-     [Steve Henson]
-
-  *) Fix determination of Perl interpreter: A perl or perl5
-     _directory_ in $PATH was also accepted as the interpreter.
-     [Ralf S. Engelschall]
-
-  *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
-     wrong with it but it was very old and did things like calling
-     PEM_ASN1_read() directly and used MD5 for the hash not to mention some
-     unusual formatting.
-     [Steve Henson]
-
-  *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
-     to use the new extension code.
-     [Steve Henson]
-
-  *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
-     with macros. This should make it easier to change their form, add extra
-     arguments etc. Fix a few PEM prototypes which didn't have cipher as a
-     constant.
-     [Steve Henson]
-
-  *) Add to configuration table a new entry that can specify an alternative
-     name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
-     according to Mark Crispin <MRC@Panda.COM>.
-     [Bodo Moeller]
-
-#if 0
-  *) DES CBC did not update the IV. Weird.
-     [Ben Laurie]
-#else
-     des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
-     Changing the behaviour of the former might break existing programs --
-     where IV updating is needed, des_ncbc_encrypt can be used.
-#endif
-
-  *) When bntest is run from "make test" it drives bc to check its
-     calculations, as well as internally checking them. If an internal check
-     fails, it needs to cause bc to give a non-zero result or make test carries
-     on without noticing the failure. Fixed.
-     [Ben Laurie]
-
-  *) DES library cleanups.
-     [Ulf Möller]
-
-  *) Add support for PKCS#5 v2.0 PBE algorithms. This will permit PKCS#8 to be
-     used with any cipher unlike PKCS#5 v1.5 which can at most handle 64 bit
-     ciphers. NOTE: although the key derivation function has been verified
-     against some published test vectors it has not been extensively tested
-     yet. Added a -v2 "cipher" option to pkcs8 application to allow the use
-     of v2.0.
-     [Steve Henson]
-
-  *) Instead of "mkdir -p", which is not fully portable, use new
-     Perl script "util/mkdir-p.pl".
-     [Bodo Moeller]
-
-  *) Rewrite the way password based encryption (PBE) is handled. It used to
-     assume that the ASN1 AlgorithmIdentifier parameter was a PBEParameter
-     structure. This was true for the PKCS#5 v1.5 and PKCS#12 PBE algorithms
-     but doesn't apply to PKCS#5 v2.0 where it can be something else. Now
-     the 'parameter' field of the AlgorithmIdentifier is passed to the
-     underlying key generation function so it must do its own ASN1 parsing.
-     This has also changed the EVP_PBE_CipherInit() function which now has a
-     'parameter' argument instead of literal salt and iteration count values
-     and the function EVP_PBE_ALGOR_CipherInit() has been deleted.
-     [Steve Henson]
-
-  *) Support for PKCS#5 v1.5 compatible password based encryption algorithms
-     and PKCS#8 functionality. New 'pkcs8' application linked to openssl.
-     Needed to change the PEM_STRING_EVP_PKEY value which was just "PRIVATE
-     KEY" because this clashed with PKCS#8 unencrypted string. Since this
-     value was just used as a "magic string" and not used directly its
-     value doesn't matter.
-     [Steve Henson]
-
-  *) Introduce some semblance of const correctness to BN. Shame C doesn't
-     support mutable.
-     [Ben Laurie]
-
-  *) "linux-sparc64" configuration (ultrapenguin).
-     [Ray Miller <ray.miller@oucs.ox.ac.uk>]
-     "linux-sparc" configuration.
-     [Christian Forster <fo@hawo.stw.uni-erlangen.de>]
-
-  *) config now generates no-xxx options for missing ciphers.
-     [Ulf Möller]
-
-  *) Support the EBCDIC character set (work in progress).
-     File ebcdic.c not yet included because it has a different license.
-     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
-
-  *) Support BS2000/OSD-POSIX.
-     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
-
-  *) Make callbacks for key generation use void * instead of char *.
-     [Ben Laurie]
-
-  *) Make S/MIME samples compile (not yet tested).
-     [Ben Laurie]
-
-  *) Additional typesafe stacks.
-     [Ben Laurie]
-
-  *) New configuration variants "bsdi-elf-gcc" (BSD/OS 4.x).
-     [Bodo Moeller]
-
-
- Changes between 0.9.3 and 0.9.3a  [29 May 1999]
-
-  *) New configuration variant "sco5-gcc".
-
-  *) Updated some demos.
-     [Sean O Riordain, Wade Scholine]
-
-  *) Add missing BIO_free at exit of pkcs12 application.
-     [Wu Zhigang]
-
-  *) Fix memory leak in conf.c.
-     [Steve Henson]
-
-  *) Updates for Win32 to assembler version of MD5.
-     [Steve Henson]
-
-  *) Set #! path to perl in apps/der_chop to where we found it
-     instead of using a fixed path.
-     [Bodo Moeller]
-
-  *) SHA library changes for irix64-mips4-cc.
-     [Andy Polyakov]
-
-  *) Improvements for VMS support.
-     [Richard Levitte]
-
-
- Changes between 0.9.2b and 0.9.3  [24 May 1999]
-
-  *) Bignum library bug fix. IRIX 6 passes "make test" now!
-     This also avoids the problems with SC4.2 and unpatched SC5.  
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) New functions sk_num, sk_value and sk_set to replace the previous macros.
-     These are required because of the typesafe stack would otherwise break 
-     existing code. If old code used a structure member which used to be STACK
-     and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
-     sk_num or sk_value it would produce an error because the num, data members
-     are not present in STACK_OF. Now it just produces a warning. sk_set
-     replaces the old method of assigning a value to sk_value
-     (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
-     that does this will no longer work (and should use sk_set instead) but
-     this could be regarded as a "questionable" behaviour anyway.
-     [Steve Henson]
-
-  *) Fix most of the other PKCS#7 bugs. The "experimental" code can now
-     correctly handle encrypted S/MIME data.
-     [Steve Henson]
-
-  *) Change type of various DES function arguments from des_cblock
-     (which means, in function argument declarations, pointer to char)
-     to des_cblock * (meaning pointer to array with 8 char elements),
-     which allows the compiler to do more typechecking; it was like
-     that back in SSLeay, but with lots of ugly casts.
-
-     Introduce new type const_des_cblock.
-     [Bodo Moeller]
-
-  *) Reorganise the PKCS#7 library and get rid of some of the more obvious
-     problems: find RecipientInfo structure that matches recipient certificate
-     and initialise the ASN1 structures properly based on passed cipher.
-     [Steve Henson]
-
-  *) Belatedly make the BN tests actually check the results.
-     [Ben Laurie]
-
-  *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
-     to and from BNs: it was completely broken. New compilation option
-     NEG_PUBKEY_BUG to allow for some broken certificates that encode public
-     key elements as negative integers.
-     [Steve Henson]
-
-  *) Reorganize and speed up MD5.
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) VMS support.
-     [Richard Levitte <richard@levitte.org>]
-
-  *) New option -out to asn1parse to allow the parsed structure to be
-     output to a file. This is most useful when combined with the -strparse
-     option to examine the output of things like OCTET STRINGS.
-     [Steve Henson]
-
-  *) Make SSL library a little more fool-proof by not requiring any longer
-     that SSL_set_{accept,connect}_state be called before
-     SSL_{accept,connect} may be used (SSL_set_..._state is omitted
-     in many applications because usually everything *appeared* to work as
-     intended anyway -- now it really works as intended).
-     [Bodo Moeller]
-
-  *) Move openssl.cnf out of lib/.
-     [Ulf Möller]
-
-  *) Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall
-     -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes
-     -Wmissing-declarations -Wnested-externs -Winline'' with EGCS 1.1.2+ 
-     [Ralf S. Engelschall]
-
-  *) Various fixes to the EVP and PKCS#7 code. It may now be able to
-     handle PKCS#7 enveloped data properly.
-     [Sebastian Akerman <sak@parallelconsulting.com>, modified by Steve]
-
-  *) Create a duplicate of the SSL_CTX's CERT in SSL_new instead of
-     copying pointers.  The cert_st handling is changed by this in
-     various ways (and thus what used to be known as ctx->default_cert
-     is now called ctx->cert, since we don't resort to s->ctx->[default_]cert
-     any longer when s->cert does not give us what we need).
-     ssl_cert_instantiate becomes obsolete by this change.
-     As soon as we've got the new code right (possibly it already is?),
-     we have solved a couple of bugs of the earlier code where s->cert
-     was used as if it could not have been shared with other SSL structures.
-
-     Note that using the SSL API in certain dirty ways now will result
-     in different behaviour than observed with earlier library versions:
-     Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)
-     does not influence s as it used to.
-     
-     In order to clean up things more thoroughly, inside SSL_SESSION
-     we don't use CERT any longer, but a new structure SESS_CERT
-     that holds per-session data (if available); currently, this is
-     the peer's certificate chain and, for clients, the server's certificate
-     and temporary key.  CERT holds only those values that can have
-     meaningful defaults in an SSL_CTX.
-     [Bodo Moeller]
-
-  *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure
-     from the internal representation. Various PKCS#7 fixes: remove some
-     evil casts and set the enc_dig_alg field properly based on the signing
-     key type.
-     [Steve Henson]
-
-  *) Allow PKCS#12 password to be set from the command line or the
-     environment. Let 'ca' get its config file name from the environment
-     variables "OPENSSL_CONF" or "SSLEAY_CONF" (for consistency with 'req'
-     and 'x509').
-     [Steve Henson]
-
-  *) Allow certificate policies extension to use an IA5STRING for the
-     organization field. This is contrary to the PKIX definition but
-     VeriSign uses it and IE5 only recognises this form. Document 'x509'
-     extension option.
-     [Steve Henson]
-
-  *) Add PEDANTIC compiler flag to allow compilation with gcc -pedantic,
-     without disallowing inline assembler and the like for non-pedantic builds.
-     [Ben Laurie]
-
-  *) Support Borland C++ builder.
-     [Janez Jere <jj@void.si>, modified by Ulf Möller]
-
-  *) Support Mingw32.
-     [Ulf Möller]
-
-  *) SHA-1 cleanups and performance enhancements.
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) Sparc v8plus assembler for the bignum library.
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) Accept any -xxx and +xxx compiler options in Configure.
-     [Ulf Möller]
-
-  *) Update HPUX configuration.
-     [Anonymous]
-  
-  *) Add missing sk_<type>_unshift() function to safestack.h
-     [Ralf S. Engelschall]
-
-  *) New function SSL_CTX_use_certificate_chain_file that sets the
-     "extra_cert"s in addition to the certificate.  (This makes sense
-     only for "PEM" format files, as chains as a whole are not
-     DER-encoded.)
-     [Bodo Moeller]
-
-  *) Support verify_depth from the SSL API.
-     x509_vfy.c had what can be considered an off-by-one-error:
-     Its depth (which was not part of the external interface)
-     was actually counting the number of certificates in a chain;
-     now it really counts the depth.
-     [Bodo Moeller]
-
-  *) Bugfix in crypto/x509/x509_cmp.c: The SSLerr macro was used
-     instead of X509err, which often resulted in confusing error
-     messages since the error codes are not globally unique
-     (e.g. an alleged error in ssl3_accept when a certificate
-     didn't match the private key).
-
-  *) New function SSL_CTX_set_session_id_context that allows to set a default
-     value (so that you don't need SSL_set_session_id_context for each
-     connection using the SSL_CTX).
-     [Bodo Moeller]
-
-  *) OAEP decoding bug fix.
-     [Ulf Möller]
-
-  *) Support INSTALL_PREFIX for package builders, as proposed by
-     David Harris.
-     [Bodo Moeller]
-
-  *) New Configure options "threads" and "no-threads".  For systems
-     where the proper compiler options are known (currently Solaris
-     and Linux), "threads" is the default.
-     [Bodo Moeller]
-
-  *) New script util/mklink.pl as a faster substitute for util/mklink.sh.
-     [Bodo Moeller]
-
-  *) Install various scripts to $(OPENSSLDIR)/misc, not to
-     $(INSTALLTOP)/bin -- they shouldn't clutter directories
-     such as /usr/local/bin.
-     [Bodo Moeller]
-
-  *) "make linux-shared" to build shared libraries.
-     [Niels Poppe <niels@netbox.org>]
-
-  *) New Configure option no-<cipher> (rsa, idea, rc5, ...).
-     [Ulf Möller]
-
-  *) Add the PKCS#12 API documentation to openssl.txt. Preliminary support for
-     extension adding in x509 utility.
-     [Steve Henson]
-
-  *) Remove NOPROTO sections and error code comments.
-     [Ulf Möller]
-
-  *) Partial rewrite of the DEF file generator to now parse the ANSI
-     prototypes.
-     [Steve Henson]
-
-  *) New Configure options --prefix=DIR and --openssldir=DIR.
-     [Ulf Möller]
-
-  *) Complete rewrite of the error code script(s). It is all now handled
-     by one script at the top level which handles error code gathering,
-     header rewriting and C source file generation. It should be much better
-     than the old method: it now uses a modified version of Ulf's parser to
-     read the ANSI prototypes in all header files (thus the old K&R definitions
-     aren't needed for error creation any more) and do a better job of
-     translating function codes into names. The old 'ASN1 error code imbedded
-     in a comment' is no longer necessary and it doesn't use .err files which
-     have now been deleted. Also the error code call doesn't have to appear all
-     on one line (which resulted in some large lines...).
-     [Steve Henson]
-
-  *) Change #include filenames from <foo.h> to <openssl/foo.h>.
-     [Bodo Moeller]
-
-  *) Change behaviour of ssl2_read when facing length-0 packets: Don't return
-     0 (which usually indicates a closed connection), but continue reading.
-     [Bodo Moeller]
-
-  *) Fix some race conditions.
-     [Bodo Moeller]
-
-  *) Add support for CRL distribution points extension. Add Certificate
-     Policies and CRL distribution points documentation.
-     [Steve Henson]
-
-  *) Move the autogenerated header file parts to crypto/opensslconf.h.
-     [Ulf Möller]
-
-  *) Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of
-     8 of keying material. Merlin has also confirmed interop with this fix
-     between OpenSSL and Baltimore C/SSL 2.0 and J/SSL 2.0.
-     [Merlin Hughes <merlin@baltimore.ie>]
-
-  *) Fix lots of warnings.
-     [Richard Levitte <levitte@stacken.kth.se>]
- 
-  *) In add_cert_dir() in crypto/x509/by_dir.c, break out of the loop if
-     the directory spec didn't end with a LIST_SEPARATOR_CHAR.
-     [Richard Levitte <levitte@stacken.kth.se>]
- 
-  *) Fix problems with sizeof(long) == 8.
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) Change functions to ANSI C.
-     [Ulf Möller]
-
-  *) Fix typos in error codes.
-     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>, Ulf Möller]
-
-  *) Remove defunct assembler files from Configure.
-     [Ulf Möller]
-
-  *) SPARC v8 assembler BIGNUM implementation.
-     [Andy Polyakov <appro@fy.chalmers.se>]
-
-  *) Support for Certificate Policies extension: both print and set.
-     Various additions to support the r2i method this uses.
-     [Steve Henson]
-
-  *) A lot of constification, and fix a bug in X509_NAME_oneline() that could
-     return a const string when you are expecting an allocated buffer.
-     [Ben Laurie]
-
-  *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
-     types DirectoryString and DisplayText.
-     [Steve Henson]
-
-  *) Add code to allow r2i extensions to access the configuration database,
-     add an LHASH database driver and add several ctx helper functions.
-     [Steve Henson]
-
-  *) Fix an evil bug in bn_expand2() which caused various BN functions to
-     fail when they extended the size of a BIGNUM.
-     [Steve Henson]
-
-  *) Various utility functions to handle SXNet extension. Modify mkdef.pl to
-     support typesafe stack.
-     [Steve Henson]
-
-  *) Fix typo in SSL_[gs]et_options().
-     [Nils Frostberg <nils@medcom.se>]
-
-  *) Delete various functions and files that belonged to the (now obsolete)
-     old X509V3 handling code.
-     [Steve Henson]
-
-  *) New Configure option "rsaref".
-     [Ulf Möller]
-
-  *) Don't auto-generate pem.h.
-     [Bodo Moeller]
-
-  *) Introduce type-safe ASN.1 SETs.
-     [Ben Laurie]
-
-  *) Convert various additional casted stacks to type-safe STACK_OF() variants.
-     [Ben Laurie, Ralf S. Engelschall, Steve Henson]
-
-  *) Introduce type-safe STACKs. This will almost certainly break lots of code
-     that links with OpenSSL (well at least cause lots of warnings), but fear
-     not: the conversion is trivial, and it eliminates loads of evil casts. A
-     few STACKed things have been converted already. Feel free to convert more.
-     In the fullness of time, I'll do away with the STACK type altogether.
-     [Ben Laurie]
-
-  *) Add `openssl ca -revoke <certfile>' facility which revokes a certificate
-     specified in <certfile> by updating the entry in the index.txt file.
-     This way one no longer has to edit the index.txt file manually for
-     revoking a certificate. The -revoke option does the gory details now.
-     [Massimiliano Pala <madwolf@openca.org>, Ralf S. Engelschall]
-
-  *) Fix `openssl crl -noout -text' combination where `-noout' killed the
-     `-text' option at all and this way the `-noout -text' combination was
-     inconsistent in `openssl crl' with the friends in `openssl x509|rsa|dsa'.
-     [Ralf S. Engelschall]
-
-  *) Make sure a corresponding plain text error message exists for the
-     X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
-     verify callback function determined that a certificate was revoked.
-     [Ralf S. Engelschall]
-
-  *) Bugfix: In test/testenc, don't test "openssl <cipher>" for
-     ciphers that were excluded, e.g. by -DNO_IDEA.  Also, test
-     all available cipers including rc5, which was forgotten until now.
-     In order to let the testing shell script know which algorithms
-     are available, a new (up to now undocumented) command
-     "openssl list-cipher-commands" is used.
-     [Bodo Moeller]
-
-  *) Bugfix: s_client occasionally would sleep in select() when
-     it should have checked SSL_pending() first.
-     [Bodo Moeller]
-
-  *) New functions DSA_do_sign and DSA_do_verify to provide access to
-     the raw DSA values prior to ASN.1 encoding.
-     [Ulf Möller]
-
-  *) Tweaks to Configure
-     [Niels Poppe <niels@netbox.org>]
-
-  *) Add support for PKCS#5 v2.0 ASN1 PBES2 structures. No other support,
-     yet...
-     [Steve Henson]
-
-  *) New variables $(RANLIB) and $(PERL) in the Makefiles.
-     [Ulf Möller]
-
-  *) New config option to avoid instructions that are illegal on the 80386.
-     The default code is faster, but requires at least a 486.
-     [Ulf Möller]
-  
-  *) Got rid of old SSL2_CLIENT_VERSION (inconsistently used) and
-     SSL2_SERVER_VERSION (not used at all) macros, which are now the
-     same as SSL2_VERSION anyway.
-     [Bodo Moeller]
-
-  *) New "-showcerts" option for s_client.
-     [Bodo Moeller]
-
-  *) Still more PKCS#12 integration. Add pkcs12 application to openssl
-     application. Various cleanups and fixes.
-     [Steve Henson]
-
-  *) More PKCS#12 integration. Add new pkcs12 directory with Makefile.ssl and
-     modify error routines to work internally. Add error codes and PBE init
-     to library startup routines.
-     [Steve Henson]
-
-  *) Further PKCS#12 integration. Added password based encryption, PKCS#8 and
-     packing functions to asn1 and evp. Changed function names and error
-     codes along the way.
-     [Steve Henson]
-
-  *) PKCS12 integration: and so it begins... First of several patches to
-     slowly integrate PKCS#12 functionality into OpenSSL. Add PKCS#12
-     objects to objects.h
-     [Steve Henson]
-
-  *) Add a new 'indent' option to some X509V3 extension code. Initial ASN1
-     and display support for Thawte strong extranet extension.
-     [Steve Henson]
-
-  *) Add LinuxPPC support.
-     [Jeff Dubrule <igor@pobox.org>]
-
-  *) Get rid of redundant BN file bn_mulw.c, and rename bn_div64 to
-     bn_div_words in alpha.s.
-     [Hannes Reinecke <H.Reinecke@hw.ac.uk> and Ben Laurie]
-
-  *) Make sure the RSA OAEP test is skipped under -DRSAref because
-     OAEP isn't supported when OpenSSL is built with RSAref.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Move definitions of IS_SET/IS_SEQUENCE inside crypto/asn1/asn1.h 
-     so they no longer are missing under -DNOPROTO. 
-     [Soren S. Jorvang <soren@t.dk>]
-
-
- Changes between 0.9.1c and 0.9.2b  [22 Mar 1999]
-
-  *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
-     doesn't work when the session is reused. Coming soon!
-     [Ben Laurie]
-
-  *) Fix a security hole, that allows sessions to be reused in the wrong
-     context thus bypassing client cert protection! All software that uses
-     client certs and session caches in multiple contexts NEEDS PATCHING to
-     allow session reuse! A fuller solution is in the works.
-     [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]
-
-  *) Some more source tree cleanups (removed obsolete files
-     crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed
-     permission on "config" script to be executable) and a fix for the INSTALL
-     document.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Remove some legacy and erroneous uses of malloc, free instead of
-     Malloc, Free.
-     [Lennart Bang <lob@netstream.se>, with minor changes by Steve]
-
-  *) Make rsa_oaep_test return non-zero on error.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Add support for native Solaris shared libraries. Configure
-     solaris-sparc-sc4-pic, make, then run shlib/solaris-sc4.sh. It'd be nice
-     if someone would make that last step automatic.
-     [Matthias Loepfe <Matthias.Loepfe@AdNovum.CH>]
-
-  *) ctx_size was not built with the right compiler during "make links". Fixed.
-     [Ben Laurie]
-
-  *) Change the meaning of 'ALL' in the cipher list. It now means "everything
-     except NULL ciphers". This means the default cipher list will no longer
-     enable NULL ciphers. They need to be specifically enabled e.g. with
-     the string "DEFAULT:eNULL".
-     [Steve Henson]
-
-  *) Fix to RSA private encryption routines: if p < q then it would
-     occasionally produce an invalid result. This will only happen with
-     externally generated keys because OpenSSL (and SSLeay) ensure p > q.
-     [Steve Henson]
-
-  *) Be less restrictive and allow also `perl util/perlpath.pl
-     /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin',
-     because this way one can also use an interpreter named `perl5' (which is
-     usually the name of Perl 5.xxx on platforms where an Perl 4.x is still
-     installed as `perl').
-     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Let util/clean-depend.pl work also with older Perl 5.00x versions.
-     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Fix Makefile.org so CC,CFLAG etc are passed to 'make links' add
-     advapi32.lib to Win32 build and change the pem test comparision
-     to fc.exe (thanks to Ulrich Kroener <kroneru@yahoo.com> for the
-     suggestion). Fix misplaced ASNI prototypes and declarations in evp.h
-     and crypto/des/ede_cbcm_enc.c.
-     [Steve Henson]
-
-  *) DES quad checksum was broken on big-endian architectures. Fixed.
-     [Ben Laurie]
-
-  *) Comment out two functions in bio.h that aren't implemented. Fix up the
-     Win32 test batch file so it (might) work again. The Win32 test batch file
-     is horrible: I feel ill....
-     [Steve Henson]
-
-  *) Move various #ifdefs around so NO_SYSLOG, NO_DIRENT etc are now selected
-     in e_os.h. Audit of header files to check ANSI and non ANSI
-     sections: 10 functions were absent from non ANSI section and not exported
-     from Windows DLLs. Fixed up libeay.num for new functions.
-     [Steve Henson]
-
-  *) Make `openssl version' output lines consistent.
-     [Ralf S. Engelschall]
-
-  *) Fix Win32 symbol export lists for BIO functions: Added
-     BIO_get_ex_new_index, BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data
-     to ms/libeay{16,32}.def.
-     [Ralf S. Engelschall]
-
-  *) Second round of fixing the OpenSSL perl/ stuff. It now at least compiled
-     fine under Unix and passes some trivial tests I've now added. But the
-     whole stuff is horribly incomplete, so a README.1ST with a disclaimer was
-     added to make sure no one expects that this stuff really works in the
-     OpenSSL 0.9.2 release.  Additionally I've started to clean the XS sources
-     up and fixed a few little bugs and inconsistencies in OpenSSL.{pm,xs} and
-     openssl_bio.xs.
-     [Ralf S. Engelschall]
-
-  *) Fix the generation of two part addresses in perl.
-     [Kenji Miyake <kenji@miyake.org>, integrated by Ben Laurie]
-
-  *) Add config entry for Linux on MIPS.
-     [John Tobey <jtobey@channel1.com>]
-
-  *) Make links whenever Configure is run, unless we are on Windoze.
-     [Ben Laurie]
-
-  *) Permit extensions to be added to CRLs using crl_section in openssl.cnf.
-     Currently only issuerAltName and AuthorityKeyIdentifier make any sense
-     in CRLs.
-     [Steve Henson]
-
-  *) Add a useful kludge to allow package maintainers to specify compiler and
-     other platforms details on the command line without having to patch the
-     Configure script everytime: One now can use ``perl Configure
-     <id>:<details>'', i.e. platform ids are allowed to have details appended
-     to them (seperated by colons). This is treated as there would be a static
-     pre-configured entry in Configure's %table under key <id> with value
-     <details> and ``perl Configure <id>'' is called.  So, when you want to
-     perform a quick test-compile under FreeBSD 3.1 with pgcc and without
-     assembler stuff you can use ``perl Configure "FreeBSD-elf:pgcc:-O6:::"''
-     now, which overrides the FreeBSD-elf entry on-the-fly.
-     [Ralf S. Engelschall]
-
-  *) Disable new TLS1 ciphersuites by default: they aren't official yet.
-     [Ben Laurie]
-
-  *) Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified
-     on the `perl Configure ...' command line. This way one can compile
-     OpenSSL libraries with Position Independent Code (PIC) which is needed
-     for linking it into DSOs.
-     [Ralf S. Engelschall]
-
-  *) Remarkably, export ciphers were totally broken and no-one had noticed!
-     Fixed.
-     [Ben Laurie]
-
-  *) Cleaned up the LICENSE document: The official contact for any license
-     questions now is the OpenSSL core team under openssl-core@openssl.org.
-     And add a paragraph about the dual-license situation to make sure people
-     recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply
-     to the OpenSSL toolkit.
-     [Ralf S. Engelschall]
-
-  *) General source tree makefile cleanups: Made `making xxx in yyy...'
-     display consistent in the source tree and replaced `/bin/rm' by `rm'.
-     Additonally cleaned up the `make links' target: Remove unnecessary
-     semicolons, subsequent redundant removes, inline point.sh into mklink.sh
-     to speed processing and no longer clutter the display with confusing
-     stuff. Instead only the actually done links are displayed.
-     [Ralf S. Engelschall]
-
-  *) Permit null encryption ciphersuites, used for authentication only. It used
-     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
-     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
-     encryption.
-     [Ben Laurie]
-
-  *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
-     signed attributes when verifying signatures (this would break them), 
-     the detached data encoding was wrong and public keys obtained using
-     X509_get_pubkey() weren't freed.
-     [Steve Henson]
-
-  *) Add text documentation for the BUFFER functions. Also added a work around
-     to a Win95 console bug. This was triggered by the password read stuff: the
-     last character typed gets carried over to the next fread(). If you were 
-     generating a new cert request using 'req' for example then the last
-     character of the passphrase would be CR which would then enter the first
-     field as blank.
-     [Steve Henson]
-
-  *) Added the new `Includes OpenSSL Cryptography Software' button as
-     doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
-     button and can be used by applications based on OpenSSL to show the
-     relationship to the OpenSSL project.  
-     [Ralf S. Engelschall]
-
-  *) Remove confusing variables in function signatures in files
-     ssl/ssl_lib.c and ssl/ssl.h.
-     [Lennart Bong <lob@kulthea.stacken.kth.se>]
-
-  *) Don't install bss_file.c under PREFIX/include/
-     [Lennart Bong <lob@kulthea.stacken.kth.se>]
-
-  *) Get the Win32 compile working again. Modify mkdef.pl so it can handle
-     functions that return function pointers and has support for NT specific
-     stuff. Fix mk1mf.pl and VC-32.pl to support NT differences also. Various
-     #ifdef WIN32 and WINNTs sprinkled about the place and some changes from
-     unsigned to signed types: this was killing the Win32 compile.
-     [Steve Henson]
-
-  *) Add new certificate file to stack functions,
-     SSL_add_dir_cert_subjects_to_stack() and
-     SSL_add_file_cert_subjects_to_stack().  These largely supplant
-     SSL_load_client_CA_file(), and can be used to add multiple certs easily
-     to a stack (usually this is then handed to SSL_CTX_set_client_CA_list()).
-     This means that Apache-SSL and similar packages don't have to mess around
-     to add as many CAs as they want to the preferred list.
-     [Ben Laurie]
-
-  *) Experiment with doxygen documentation. Currently only partially applied to
-     ssl/ssl_lib.c.
-     See http://www.stack.nl/~dimitri/doxygen/index.html, and run doxygen with
-     openssl.doxy as the configuration file.
-     [Ben Laurie]
-  
-  *) Get rid of remaining C++-style comments which strict C compilers hate.
-     [Ralf S. Engelschall, pointed out by Carlos Amengual]
-
-  *) Changed BN_RECURSION in bn_mont.c to BN_RECURSION_MONT so it is not
-     compiled in by default: it has problems with large keys.
-     [Steve Henson]
-
-  *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
-     DH private keys and/or callback functions which directly correspond to
-     their SSL_CTX_xxx() counterparts but work on a per-connection basis. This
-     is needed for applications which have to configure certificates on a
-     per-connection basis (e.g. Apache+mod_ssl) instead of a per-context basis
-     (e.g. s_server). 
-        For the RSA certificate situation is makes no difference, but
-     for the DSA certificate situation this fixes the "no shared cipher"
-     problem where the OpenSSL cipher selection procedure failed because the
-     temporary keys were not overtaken from the context and the API provided
-     no way to reconfigure them. 
-        The new functions now let applications reconfigure the stuff and they
-     are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
-     SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback.  Additionally a new
-     non-public-API function ssl_cert_instantiate() is used as a helper
-     function and also to reduce code redundancy inside ssl_rsa.c.
-     [Ralf S. Engelschall]
-
-  *) Move s_server -dcert and -dkey options out of the undocumented feature
-     area because they are useful for the DSA situation and should be
-     recognized by the users.
-     [Ralf S. Engelschall]
-
-  *) Fix the cipher decision scheme for export ciphers: the export bits are
-     *not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
-     SSL_EXP_MASK.  So, the original variable has to be used instead of the
-     already masked variable.
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
-     from `int' to `unsigned int' because it's a length and initialized by
-     EVP_DigestFinal() which expects an `unsigned int *'.
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Don't hard-code path to Perl interpreter on shebang line of Configure
-     script. Instead use the usual Shell->Perl transition trick.
-     [Ralf S. Engelschall]
-
-  *) Make `openssl x509 -noout -modulus' functional also for DSA certificates
-     (in addition to RSA certificates) to match the behaviour of `openssl dsa
-     -noout -modulus' as it's already the case for `openssl rsa -noout
-     -modulus'.  For RSA the -modulus is the real "modulus" while for DSA
-     currently the public key is printed (a decision which was already done by
-     `openssl dsa -modulus' in the past) which serves a similar purpose.
-     Additionally the NO_RSA no longer completely removes the whole -modulus
-     option; it now only avoids using the RSA stuff. Same applies to NO_DSA
-     now, too.
-     [Ralf S.  Engelschall]
-
-  *) Add Arne Ansper's reliable BIO - this is an encrypted, block-digested
-     BIO. See the source (crypto/evp/bio_ok.c) for more info.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Dump the old yucky req code that tried (and failed) to allow raw OIDs
-     to be added. Now both 'req' and 'ca' can use new objects defined in the
-     config file.
-     [Steve Henson]
-
-  *) Add cool BIO that does syslog (or event log on NT).
-     [Arne Ansper <arne@ats.cyber.ee>, integrated by Ben Laurie]
-
-  *) Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
-     TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 and
-     TLS_RSA_EXPORT56_WITH_DES_CBC_SHA, as specified in "56-bit Export Cipher
-     Suites For TLS", draft-ietf-tls-56-bit-ciphersuites-00.txt.
-     [Ben Laurie]
-
-  *) Add preliminary config info for new extension code.
-     [Steve Henson]
-
-  *) Make RSA_NO_PADDING really use no padding.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Generate errors when private/public key check is done.
-     [Ben Laurie]
-
-  *) Overhaul for 'crl' utility. New function X509_CRL_print. Partial support
-     for some CRL extensions and new objects added.
-     [Steve Henson]
-
-  *) Really fix the ASN1 IMPLICIT bug this time... Partial support for private
-     key usage extension and fuller support for authority key id.
-     [Steve Henson]
-
-  *) Add OAEP encryption for the OpenSSL crypto library. OAEP is the improved
-     padding method for RSA, which is recommended for new applications in PKCS
-     #1 v2.0 (RFC 2437, October 1998).
-     OAEP (Optimal Asymmetric Encryption Padding) has better theoretical
-     foundations than the ad-hoc padding used in PKCS #1 v1.5. It is secure
-     against Bleichbacher's attack on RSA.
-     [Ulf Moeller <ulf@fitug.de>, reformatted, corrected and integrated by
-      Ben Laurie]
-
-  *) Updates to the new SSL compression code
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Fix so that the version number in the master secret, when passed
-     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
-     (because the server will not accept higher), that the version number
-     is 0x03,0x01, not 0x03,0x00
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
-     leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
-     in apps/ and an unrelated leak in crypto/dsa/dsa_vrf.c
-     [Steve Henson]
-
-  *) Support for RAW extensions where an arbitrary extension can be
-     created by including its DER encoding. See apps/openssl.cnf for
-     an example.
-     [Steve Henson]
-
-  *) Make sure latest Perl versions don't interpret some generated C array
-     code as Perl array code in the crypto/err/err_genc.pl script.
-     [Lars Weber <3weber@informatik.uni-hamburg.de>]
-
-  *) Modify ms/do_ms.bat to not generate assembly language makefiles since
-     not many people have the assembler. Various Win32 compilation fixes and
-     update to the INSTALL.W32 file with (hopefully) more accurate Win32
-     build instructions.
-     [Steve Henson]
-
-  *) Modify configure script 'Configure' to automatically create crypto/date.h
-     file under Win32 and also build pem.h from pem.org. New script
-     util/mkfiles.pl to create the MINFO file on environments that can't do a
-     'make files': perl util/mkfiles.pl >MINFO should work.
-     [Steve Henson]
-
-  *) Major rework of DES function declarations, in the pursuit of correctness
-     and purity. As a result, many evil casts evaporated, and some weirdness,
-     too. You may find this causes warnings in your code. Zapping your evil
-     casts will probably fix them. Mostly.
-     [Ben Laurie]
-
-  *) Fix for a typo in asn1.h. Bug fix to object creation script
-     obj_dat.pl. It considered a zero in an object definition to mean
-     "end of object": none of the objects in objects.h have any zeros
-     so it wasn't spotted.
-     [Steve Henson, reported by Erwann ABALEA <eabalea@certplus.com>]
-
-  *) Add support for Triple DES Cipher Block Chaining with Output Feedback
-     Masking (CBCM). In the absence of test vectors, the best I have been able
-     to do is check that the decrypt undoes the encrypt, so far. Send me test
-     vectors if you have them.
-     [Ben Laurie]
-
-  *) Correct calculation of key length for export ciphers (too much space was
-     allocated for null ciphers). This has not been tested!
-     [Ben Laurie]
-
-  *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage
-     message is now correct (it understands "crypto" and "ssl" on its
-     command line). There is also now an "update" option. This will update
-     the util/ssleay.num and util/libeay.num files with any new functions.
-     If you do a: 
-     perl util/mkdef.pl crypto ssl update
-     it will update them.
-     [Steve Henson]
-
-  *) Overhauled the Perl interface (perl/*):
-     - ported BN stuff to OpenSSL's different BN library
-     - made the perl/ source tree CVS-aware
-     - renamed the package from SSLeay to OpenSSL (the files still contain
-       their history because I've copied them in the repository)
-     - removed obsolete files (the test scripts will be replaced
-       by better Test::Harness variants in the future)
-     [Ralf S. Engelschall]
-
-  *) First cut for a very conservative source tree cleanup:
-     1. merge various obsolete readme texts into doc/ssleay.txt
-     where we collect the old documents and readme texts.
-     2. remove the first part of files where I'm already sure that we no
-     longer need them because of three reasons: either they are just temporary
-     files which were left by Eric or they are preserved original files where
-     I've verified that the diff is also available in the CVS via "cvs diff
-     -rSSLeay_0_8_1b" or they were renamed (as it was definitely the case for
-     the crypto/md/ stuff).
-     [Ralf S. Engelschall]
-
-  *) More extension code. Incomplete support for subject and issuer alt
-     name, issuer and authority key id. Change the i2v function parameters
-     and add an extra 'crl' parameter in the X509V3_CTX structure: guess
-     what that's for :-) Fix to ASN1 macro which messed up
-     IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
-     [Steve Henson]
-
-  *) Preliminary support for ENUMERATED type. This is largely copied from the
-     INTEGER code.
-     [Steve Henson]
-
-  *) Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Make sure `make rehash' target really finds the `openssl' program.
-     [Ralf S. Engelschall, Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Squeeze another 7% of speed out of MD5 assembler, at least on a P2. I'd
-     like to hear about it if this slows down other processors.
-     [Ben Laurie]
-
-  *) Add CygWin32 platform information to Configure script.
-     [Alan Batie <batie@aahz.jf.intel.com>]
-
-  *) Fixed ms/32all.bat script: `no_asm' -> `no-asm'
-     [Rainer W. Gerling <gerling@mpg-gv.mpg.de>]
-  
-  *) New program nseq to manipulate netscape certificate sequences
-     [Steve Henson]
-
-  *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a
-     few typos.
-     [Steve Henson]
-
-  *) Fixes to BN code.  Previously the default was to define BN_RECURSION
-     but the BN code had some problems that would cause failures when
-     doing certificate verification and some other functions.
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Add ASN1 and PEM code to support netscape certificate sequences.
-     [Steve Henson]
-
-  *) Add ASN1 and PEM code to support netscape certificate sequences.
-     [Steve Henson]
-
-  *) Add several PKIX and private extended key usage OIDs.
-     [Steve Henson]
-
-  *) Modify the 'ca' program to handle the new extension code. Modify
-     openssl.cnf for new extension format, add comments.
-     [Steve Henson]
-
-  *) More X509 V3 changes. Fix typo in v3_bitstr.c. Add support to 'req'
-     and add a sample to openssl.cnf so req -x509 now adds appropriate
-     CA extensions.
-     [Steve Henson]
-
-  *) Continued X509 V3 changes. Add to other makefiles, integrate with the
-     error code, add initial support to X509_print() and x509 application.
-     [Steve Henson]
-
-  *) Takes a deep breath and start addding X509 V3 extension support code. Add
-     files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
-     stuff is currently isolated and isn't even compiled yet.
-     [Steve Henson]
-
-  *) Continuing patches for GeneralizedTime. Fix up certificate and CRL
-     ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.
-     Removed the versions check from X509 routines when loading extensions:
-     this allows certain broken certificates that don't set the version
-     properly to be processed.
-     [Steve Henson]
-
-  *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another
-     Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which
-     can still be regenerated with "make depend".
-     [Ben Laurie]
-
-  *) Spelling mistake in C version of CAST-128.
-     [Ben Laurie, reported by Jeremy Hylton <jeremy@cnri.reston.va.us>]
-
-  *) Changes to the error generation code. The perl script err-code.pl 
-     now reads in the old error codes and retains the old numbers, only
-     adding new ones if necessary. It also only changes the .err files if new
-     codes are added. The makefiles have been modified to only insert errors
-     when needed (to avoid needlessly modifying header files). This is done
-     by only inserting errors if the .err file is newer than the auto generated
-     C file. To rebuild all the error codes from scratch (the old behaviour)
-     either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl
-     or delete all the .err files.
-     [Steve Henson]
-
-  *) CAST-128 was incorrectly implemented for short keys. The C version has
-     been fixed, but is untested. The assembler versions are also fixed, but
-     new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
-     to regenerate it if needed.
-     [Ben Laurie, reported (with fix for C version) by Jun-ichiro itojun
-      Hagino <itojun@kame.net>]
-
-  *) File was opened incorrectly in randfile.c.
-     [Ulf Möller <ulf@fitug.de>]
-
-  *) Beginning of support for GeneralizedTime. d2i, i2d, check and print
-     functions. Also ASN1_TIME suite which is a CHOICE of UTCTime or
-     GeneralizedTime. ASN1_TIME is the proper type used in certificates et
-     al: it's just almost always a UTCTime. Note this patch adds new error
-     codes so do a "make errors" if there are problems.
-     [Steve Henson]
-
-  *) Correct Linux 1 recognition in config.
-     [Ulf Möller <ulf@fitug.de>]
-
-  *) Remove pointless MD5 hash when using DSA keys in ca.
-     [Anonymous <nobody@replay.com>]
-
-  *) Generate an error if given an empty string as a cert directory. Also
-     generate an error if handed NULL (previously returned 0 to indicate an
-     error, but didn't set one).
-     [Ben Laurie, reported by Anonymous <nobody@replay.com>]
-
-  *) Add prototypes to SSL methods. Make SSL_write's buffer const, at last.
-     [Ben Laurie]
-
-  *) Fix the dummy function BN_ref_mod_exp() in rsaref.c to have the correct
-     parameters. This was causing a warning which killed off the Win32 compile.
-     [Steve Henson]
-
-  *) Remove C++ style comments from crypto/bn/bn_local.h.
-     [Neil Costigan <neil.costigan@celocom.com>]
-
-  *) The function OBJ_txt2nid was broken. It was supposed to return a nid
-     based on a text string, looking up short and long names and finally
-     "dot" format. The "dot" format stuff didn't work. Added new function
-     OBJ_txt2obj to do the same but return an ASN1_OBJECT and rewrote 
-     OBJ_txt2nid to use it. OBJ_txt2obj can also return objects even if the
-     OID is not part of the table.
-     [Steve Henson]
-
-  *) Add prototypes to X509 lookup/verify methods, fixing a bug in
-     X509_LOOKUP_by_alias().
-     [Ben Laurie]
-
-  *) Sort openssl functions by name.
-     [Ben Laurie]
-
-  *) Get the gendsa program working (hopefully) and add it to app list. Remove
-     encryption from sample DSA keys (in case anyone is interested the password
-     was "1234").
-     [Steve Henson]
-
-  *) Make _all_ *_free functions accept a NULL pointer.
-     [Frans Heymans <fheymans@isaserver.be>]
-
-  *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
-     NULL pointers.
-     [Anonymous <nobody@replay.com>]
-
-  *) s_server should send the CAfile as acceptable CAs, not its own cert.
-     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
-
-  *) Don't blow it for numeric -newkey arguments to apps/req.
-     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
-
-  *) Temp key "for export" tests were wrong in s3_srvr.c.
-     [Anonymous <nobody@replay.com>]
-
-  *) Add prototype for temp key callback functions
-     SSL_CTX_set_tmp_{rsa,dh}_callback().
-     [Ben Laurie]
-
-  *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and
-     DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey().
-     [Steve Henson]
-
-  *) X509_name_add_entry() freed the wrong thing after an error.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) rsa_eay.c would attempt to free a NULL context.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) BIO_s_socket() had a broken should_retry() on Windoze.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Make sure the already existing X509_STORE->depth variable is initialized
-     in X509_STORE_new(), but document the fact that this variable is still
-     unused in the certificate verification process.
-     [Ralf S. Engelschall]
-
-  *) Fix the various library and apps files to free up pkeys obtained from
-     X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
-     [Steve Henson]
-
-  *) Fix reference counting in X509_PUBKEY_get(). This makes
-     demos/maurice/example2.c work, amongst others, probably.
-     [Steve Henson and Ben Laurie]
-
-  *) First cut of a cleanup for apps/. First the `ssleay' program is now named
-     `openssl' and second, the shortcut symlinks for the `openssl <command>'
-     are no longer created. This way we have a single and consistent command
-     line interface `openssl <command>', similar to `cvs <command>'.
-     [Ralf S. Engelschall, Paul Sutton and Ben Laurie]
-
-  *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
-     BIT STRING wrapper always have zero unused bits.
-     [Steve Henson]
-
-  *) Add CA.pl, perl version of CA.sh, add extended key usage OID.
-     [Steve Henson]
-
-  *) Make the top-level INSTALL documentation easier to understand.
-     [Paul Sutton]
-
-  *) Makefiles updated to exit if an error occurs in a sub-directory
-     make (including if user presses ^C) [Paul Sutton]
-
-  *) Make Montgomery context stuff explicit in RSA data structure.
-     [Ben Laurie]
-
-  *) Fix build order of pem and err to allow for generated pem.h.
-     [Ben Laurie]
-
-  *) Fix renumbering bug in X509_NAME_delete_entry().
-     [Ben Laurie]
-
-  *) Enhanced the err-ins.pl script so it makes the error library number 
-     global and can add a library name. This is needed for external ASN1 and
-     other error libraries.
-     [Steve Henson]
-
-  *) Fixed sk_insert which never worked properly.
-     [Steve Henson]
-
-  *) Fix ASN1 macros so they can handle indefinite length construted 
-     EXPLICIT tags. Some non standard certificates use these: they can now
-     be read in.
-     [Steve Henson]
-
-  *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc)
-     into a single doc/ssleay.txt bundle. This way the information is still
-     preserved but no longer messes up this directory. Now it's new room for
-     the new set of documenation files.
-     [Ralf S. Engelschall]
-
-  *) SETs were incorrectly DER encoded. This was a major pain, because they
-     shared code with SEQUENCEs, which aren't coded the same. This means that
-     almost everything to do with SETs or SEQUENCEs has either changed name or
-     number of arguments.
-     [Ben Laurie, based on a partial fix by GP Jayan <gp@nsj.co.jp>]
-
-  *) Fix test data to work with the above.
-     [Ben Laurie]
-
-  *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
-     was already fixed by Eric for 0.9.1 it seems.
-     [Ben Laurie - pointed out by Ulf Möller <ulf@fitug.de>]
-
-  *) Autodetect FreeBSD3.
-     [Ben Laurie]
-
-  *) Fix various bugs in Configure. This affects the following platforms:
-     nextstep
-     ncr-scde
-     unixware-2.0
-     unixware-2.0-pentium
-     sco5-cc.
-     [Ben Laurie]
-
-  *) Eliminate generated files from CVS. Reorder tests to regenerate files
-     before they are needed.
-     [Ben Laurie]
-
-  *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
-     [Ben Laurie]
-
-
- Changes between 0.9.1b and 0.9.1c  [23-Dec-1998]
-
-  *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and 
-     changed SSLeay to OpenSSL in version strings.
-     [Ralf S. Engelschall]
-  
-  *) Some fixups to the top-level documents.
-     [Paul Sutton]
-
-  *) Fixed the nasty bug where rsaref.h was not found under compile-time
-     because the symlink to include/ was missing.
-     [Ralf S. Engelschall]
-
-  *) Incorporated the popular no-RSA/DSA-only patches 
-     which allow to compile a RSA-free SSLeay.
-     [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
-
-  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
-     when "ssleay" is still not found.
-     [Ralf S. Engelschall]
-
-  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
-     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
-
-  *) Updated the README file.
-     [Ralf S. Engelschall]
-
-  *) Added various .cvsignore files in the CVS repository subdirs
-     to make a "cvs update" really silent.
-     [Ralf S. Engelschall]
-
-  *) Recompiled the error-definition header files and added
-     missing symbols to the Win32 linker tables.
-     [Ralf S. Engelschall]
-
-  *) Cleaned up the top-level documents;
-     o new files: CHANGES and LICENSE
-     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
-     o merged COPYRIGHT into LICENSE
-     o removed obsolete TODO file
-     o renamed MICROSOFT to INSTALL.W32
-     [Ralf S. Engelschall]
-
-  *) Removed dummy files from the 0.9.1b source tree: 
-     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
-     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
-     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
-     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
-     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
-     [Ralf S. Engelschall]
-
-  *) Added various platform portability fixes.
-     [Mark J. Cox]
-
-  *) The Genesis of the OpenSSL rpject:
-     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
-     Young and Tim J. Hudson created while they were working for C2Net until
-     summer 1998.
-     [The OpenSSL Project]
- 
-
- Changes between 0.9.0b and 0.9.1b  [not released]
-
-  *) Updated a few CA certificates under certs/
-     [Eric A. Young]
-
-  *) Changed some BIGNUM api stuff.
-     [Eric A. Young]
-
-  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
-     DGUX x86, Linux Alpha, etc.
-     [Eric A. Young]
-
-  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
-     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
-     available).
-     [Eric A. Young]
-
-  *) Add -strparse option to asn1pars program which parses nested 
-     binary structures 
-     [Dr Stephen Henson <shenson@bigfoot.com>]
-
-  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
-     [Eric A. Young]
-
-  *) DSA fix for "ca" program.
-     [Eric A. Young]
-
-  *) Added "-genkey" option to "dsaparam" program.
-     [Eric A. Young]
-
-  *) Added RIPE MD160 (rmd160) message digest.
-     [Eric A. Young]
-
-  *) Added -a (all) option to "ssleay version" command.
-     [Eric A. Young]
-
-  *) Added PLATFORM define which is the id given to Configure.
-     [Eric A. Young]
-
-  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
-     [Eric A. Young]
-
-  *) Extended the ASN.1 parser routines.
-     [Eric A. Young]
-
-  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
-     [Eric A. Young]
-
-  *) Added a BN_CTX to the BN library.
-     [Eric A. Young]
-
-  *) Fixed the weak key values in DES library
-     [Eric A. Young]
-
-  *) Changed API in EVP library for cipher aliases.
-     [Eric A. Young]
-
-  *) Added support for RC2/64bit cipher.
-     [Eric A. Young]
-
-  *) Converted the lhash library to the crypto/mem.c functions.
-     [Eric A. Young]
-
-  *) Added more recognized ASN.1 object ids.
-     [Eric A. Young]
-
-  *) Added more RSA padding checks for SSL/TLS.
-     [Eric A. Young]
-
-  *) Added BIO proxy/filter functionality.
-     [Eric A. Young]
-
-  *) Added extra_certs to SSL_CTX which can be used
-     send extra CA certificates to the client in the CA cert chain sending
-     process. It can be configured with SSL_CTX_add_extra_chain_cert().
-     [Eric A. Young]
-
-  *) Now Fortezza is denied in the authentication phase because
-     this is key exchange mechanism is not supported by SSLeay at all.
-     [Eric A. Young]
-
-  *) Additional PKCS1 checks.
-     [Eric A. Young]
-
-  *) Support the string "TLSv1" for all TLS v1 ciphers.
-     [Eric A. Young]
-
-  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
-     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
-     [Eric A. Young]
-
-  *) Fixed a few memory leaks.
-     [Eric A. Young]
-
-  *) Fixed various code and comment typos.
-     [Eric A. Young]
-
-  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
-     bytes sent in the client random.
-     [Edward Bishop <ebishop@spyglass.com>]
-
diff --git a/crypto/openssl/CHANGES.SSLeay b/crypto/openssl/CHANGES.SSLeay
deleted file mode 100644
index dbb80b003d81..000000000000
--- a/crypto/openssl/CHANGES.SSLeay
+++ /dev/null
@@ -1,968 +0,0 @@
-This file contains the changes for the SSLeay library up to version
-0.9.0b. For later changes, see the file "CHANGES".
-
-  SSLeay CHANGES
-  ______________
-
-Changes between 0.8.x and 0.9.0b
-
-10-Apr-1998
-
-I said the next version would go out at easter, and so it shall.
-I expect a 0.9.1 will follow with portability fixes in the next few weeks.
-
-This is a quick, meet the deadline.  Look to ssl-users for comments on what
-is new etc.
-
-eric (about to go bushwalking for the 4 day easter break :-)
-
-16-Mar-98
-    - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
-    - Lots and lots of changes
-
-29-Jan-98
-    - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
-      Goetz Babin-Ebell <babinebell@trustcenter.de>.
-    - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
-      TLS1_VERSION.
-
-7-Jan-98
-    - Finally reworked the cipher string to ciphers again, so it
-      works correctly
-    - All the app_data stuff is now ex_data with funcion calls to access.
-      The index is supplied by a function and 'methods' can be setup
-      for the types that are called on XXX_new/XXX_free.  This lets
-      applications get notified on creation and destruction.  Some of
-      the RSA methods could be implemented this way and I may do so.
-    - Oh yes, SSL under perl5 is working at the basic level.
-
-15-Dec-97
-    - Warning - the gethostbyname cache is not fully thread safe,
-      but it should work well enough.
-    - Major internal reworking of the app_data stuff.  More functions
-      but if you were accessing ->app_data directly, things will
-      stop working.
-    - The perlv5 stuff is working.  Currently on message digests,
-      ciphers and the bignum library.
-
-9-Dec-97
-    - Modified re-negotiation so that server initated re-neg
-      will cause a SSL_read() to return -1 should retry.
-      The danger otherwise was that the server and the
-      client could end up both trying to read when using non-blocking
-      sockets.
-
-4-Dec-97
-    - Lots of small changes
-    - Fix for binaray mode in Windows for the FILE BIO, thanks to
-      Bob Denny <rdenny@dc3.com>
-
-17-Nov-97
-    - Quite a few internal cleanups, (removal of errno, and using macros
-      defined in e_os.h).
-    - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
-      the automactic naming out output files was being stuffed up.
-
-29-Oct-97
-    - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
-      for x86.
-
-21-Oct-97
-    - Fixed a bug in the BIO_gethostbyname() cache.
-
-15-Oct-97
-    - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
-      has also been improved.  At this point in time, on the pentium,
-      md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
-      des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
-      is %62 faster.
-
-12-Oct-97
-    - MEM_BUF_grow() has been fixed so that it always sets the buf->length
-      to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
-      way to set the length value correctly.
-
-10-Oct-97
-    - I now hash for certificate lookup on the raw DER encoded RDN (md5).
-      This breaks things again :-(.  This is efficent since I cache
-      the DER encoding of the RDN.
-    - The text DN now puts in the numeric OID instead of UNKNOWN.
-    - req can now process arbitary OIDs in the config file.
-    - I've been implementing md5 in x86 asm, much faster :-).
-    - Started sha1 in x86 asm, needs more work.
-    - Quite a few speedups in the BN stuff.  RSA public operation
-      has been made faster by caching the BN_MONT_CTX structure.
-      The calulating of the Ai where A*Ai === 1 mod m was rather
-      expensive.  Basically a 40-50% speedup on public operations.
-      The RSA speedup is now 15% on pentiums and %20 on pentium
-      pro.
-
-30-Sep-97
-    - After doing some profiling, I added x86 adm for bn_add_words(),
-      which just adds 2 arrays of longs together.  A %10 speedup
-      for 512 and 1024 bit RSA on the pentium pro.
-
-29-Sep-97
-    - Converted the x86 bignum assembler to us the perl scripts
-      for generation.
-
-23-Sep-97
-    - If SSL_set_session() is passed a NULL session, it now clears the
-      current session-id.
-
-22-Sep-97
-    - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
-      certificates.
-    - Bug in crypto/evp/encode.c where by decoding of 65 base64
-      encoded lines, one line at a time (via a memory BIO) would report
-      EOF after the first line was decoded.
-    - Fix in X509_find_by_issuer_and_serial() from
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-19-Sep-97
-    - NO_FP_API and NO_STDIO added.
-    - Put in sh config command.  It auto runs Configure with the correct
-      parameters.
-
-18-Sep-97
-    - Fix x509.c so if a DSA cert has different parameters to its parent,
-      they are left in place.  Not tested yet.
-
-16-Sep-97
-    - ssl_create_cipher_list() had some bugs, fixes from
-      Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
-    - Fixed a bug in the Base64 BIO, where it would return 1 instead
-      of -1 when end of input was encountered but should retry.
-      Basically a Base64/Memory BIO interaction problem.
-    - Added a HMAC set of functions in preporarion for TLS work.
-
-15-Sep-97
-    - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
-    - Prime generation spead up %25 (512 bit prime, pentium pro linux)
-      by using montgomery multiplication in the prime number test.
-
-11-Sep-97
-    - Ugly bug in ssl3_write_bytes().  Basically if application land
-      does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
-      did not check the size and tried to copy the entire buffer.
-      This would tend to cause memory overwrites since SSLv3 has
-      a maximum packet size of 16k.  If your program uses
-      buffers <= 16k, you would probably never see this problem.
-    - Fixed a new errors that were cause by malloc() not returning
-      0 initialised memory..
-    - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
-      SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
-      since this flags stops SSLeay being able to handle client
-      cert requests correctly.
-
-08-Sep-97
-    - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
-      on, the SSL server routines will not use a SSL_SESSION that is
-      held in it's cache.  This in intended to be used with the session-id
-      callbacks so that while the session-ids are still stored in the
-      cache, the decision to use them and how to look them up can be
-      done by the callbacks.  The are the 'new', 'get' and 'remove'
-      callbacks.  This can be used to determine the session-id
-      to use depending on information like which port/host the connection
-      is coming from.  Since the are also SSL_SESSION_set_app_data() and
-      SSL_SESSION_get_app_data() functions, the application can hold
-      information against the session-id as well.
-
-03-Sep-97
-    - Added lookup of CRLs to the by_dir method,
-      X509_load_crl_file() also added.  Basically it means you can
-      lookup CRLs via the same system used to lookup certificates.
-    - Changed things so that the X509_NAME structure can contain
-      ASN.1 BIT_STRINGS which is required for the unique
-      identifier OID.
-    - Fixed some problems with the auto flushing of the session-id
-      cache.  It was not occuring on the server side.
-
-02-Sep-97
-    - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
-      which is the maximum number of entries allowed in the
-      session-id cache.  This is enforced with a simple FIFO list.
-      The default size is 20*1024 entries which is rather large :-).
-      The Timeout code is still always operating.
-
-01-Sep-97
-    - Added an argument to all the 'generate private key/prime`
-      callbacks.  It is the last parameter so this should not
-      break existing code but it is needed for C++.
-    - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
-      BIO.  This lets the BIO read and write base64 encoded data
-      without inserting or looking for '\n' characters.  The '-A'
-      flag turns this on when using apps/enc.c.
-    - RSA_NO_PADDING added to help BSAFE functionality.  This is a
-      very dangerous thing to use, since RSA private key
-      operations without random padding bytes (as PKCS#1 adds) can
-      be attacked such that the private key can be revealed.
-    - ASN.1 bug and rc2-40-cbc and rc4-40 added by
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-31-Aug-97 (stuff added while I was away)    
-    - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
-    - RSA_flags() added allowing bypass of pub/priv match check
-      in ssl/ssl_rsa.c - Tim Hudson.
-    - A few minor bugs.
-
-SSLeay 0.8.1 released.
-
-19-Jul-97
-    - Server side initated dynamic renegotiation is broken.  I will fix
-      it when I get back from holidays.
-
-15-Jul-97
-    - Quite a few small changes.
-    - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
-
-09-Jul-97
-    - Added 2 new values to the SSL info callback.
-      SSL_CB_START which is passed when the SSL protocol is started
-      and SSL_CB_DONE when it has finished sucsessfully.
-
-08-Jul-97
-    - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
-      that related to DSA public/private keys.
-    - Added all the relevent PEM and normal IO functions to support
-      reading and writing RSAPublic keys.
-    - Changed makefiles to use ${AR} instead of 'ar r'
-
-07-Jul-97
-    - Error in ERR_remove_state() that would leave a dangling reference
-      to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
-    - s_client now prints the X509_NAMEs passed from the server
-      when requesting a client cert.
-    - Added a ssl->type, which is one of SSL_ST_CONNECT or
-      SSL_ST_ACCEPT.  I had to add it so I could tell if I was
-      a connect or an accept after the handshake had finished.
-    - SSL_get_client_CA_list(SSL *s) now returns the CA names
-      passed by the server if called by a client side SSL.
-
-05-Jul-97
-    - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
-      0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
-
-04-Jul-97
-    - Fixed some things in X509_NAME_add_entry(), thanks to
-      Matthew Donald <matthew@world.net>.
-    - I had a look at the cipher section and though that it was a
-      bit confused, so I've changed it.
-    - I was not setting up the RC4-64-MD5 cipher correctly.  It is
-      a MS special that appears in exported MS Money.
-    - Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
-      spec.  I was missing the two byte length header for the
-      ClientDiffieHellmanPublic value.  This is a packet sent from
-      the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-      option will enable SSLeay server side SSLv3 accept either
-      the correct or my 080 packet format.
-    - Fixed a few typos in crypto/pem.org.
-
-02-Jul-97
-    - Alias mapping for EVP_get_(digest|cipher)byname is now
-      performed before a lookup for actual cipher.  This means
-      that an alias can be used to 're-direct' a cipher or a
-      digest.
-    - ASN1_read_bio() had a bug that only showed up when using a
-      memory BIO.  When EOF is reached in the memory BIO, it is
-      reported as a -1 with BIO_should_retry() set to true.
-
-01-Jul-97
-    - Fixed an error in X509_verify_cert() caused by my
-      miss-understanding how 'do { contine } while(0);' works.
-      Thanks to Emil Sit <sit@mit.edu> for educating me :-)
-
-30-Jun-97
-    - Base64 decoding error.  If the last data line did not end with
-      a '=', sometimes extra data would be returned.
-    - Another 'cut and paste' bug in x509.c related to setting up the
-      STDout BIO.
-
-27-Jun-97
-    - apps/ciphers.c was not printing due to an editing error.
-    - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
-      a library build error in util/mk1mf.pl
-
-26-Jun-97
-    - Still did not have the auto 'experimental' code removal
-      script correct.
-    - A few header tweaks for Watcom 11.0 under Win32 from
-      Rolf Lindemann <Lindemann@maz-hh.de>
-    - 0 length OCTET_STRING bug in asn1_parse
-    - A minor fix with an non-existent function in the MS .def files.
-    - A few changes to the PKCS7 stuff.
-
-25-Jun-97
-    SSLeay 0.8.0 finally it gets released.
-
-24-Jun-97
-    Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
-    use a temporary RSA key.  This is experimental and needs some more work.
-    Fixed a few Win16 build problems.
-
-23-Jun-97
-    SSLv3 bug. I was not doing the 'lookup' of the CERT structure
-    correctly. I was taking the SSL->ctx->default_cert when I should
-    have been using SSL->cert. The bug was in ssl/s3_srvr.c
-
-20-Jun-97
-    X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
-    rest of the library. Even though I had the code required to do
-    it correctly, apps/req.c was doing the wrong thing.  I have fixed
-    and tested everything.
-
-    Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
-
-19-Jun-97
-    Fixed a bug in the SSLv2 server side first packet handling. When
-    using the non-blocking test BIO, the ssl->s2->first_packet flag
-    was being reset when a would-block failure occurred when reading
-    the first 5 bytes of the first packet. This caused the checking
-    logic to run at the wrong time and cause an error.
-
-    Fixed a problem with specifying cipher. If RC4-MD5 were used,
-    only the SSLv3 version would be picked up.  Now this will pick
-    up both SSLv2 and SSLv3 versions. This required changing the
-    SSL_CIPHER->mask values so that they only mask the ciphers,
-    digests, authentication, export type and key-exchange algorithms.
-
-    I found that when a SSLv23 session is established, a reused
-    session, of type SSLv3 was attempting to write the SSLv2 
-    ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
-    method has been modified so it will only write out cipher which
-    that method knows about.  
-
-
- Changes between 0.8.0 and 0.8.1
-
-  *) Mostly bug fixes. 
-     There is an Ephemeral DH cipher problem which is fixed.
-
- SSLeay 0.8.0
-
-This version of SSLeay has quite a lot of things different from the
-previous version.
-
-Basically check all callback parameters, I will be producing documentation
-about how to use things in th future.  Currently I'm just getting 080 out
-the door.  Please not that there are several ways to do everything, and
-most of the applications in the apps directory are hybrids, some using old
-methods and some using new methods.
-
-Have a look in demos/bio for some very simple programs and
-apps/s_client.c and apps/s_server.c for some more advanced versions.
-Notes are definitly needed but they are a week or so away.
-
-Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
----
-Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
-get those people that want to move to using the new code base off to
-a quick start.
-
-Note that Eric has tidied up a lot of the areas of the API that were
-less than desirable and renamed quite a few things (as he had to break
-the API in lots of places anyrate). There are a whole pile of additional
-functions for making dealing with (and creating) certificates a lot
-cleaner.
-
-01-Jul-97
-Tim Hudson
-tjh@cryptsoft.com
-
----8<---
-
-To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
-use something like the following (assuming you #include "crypto.h" which
-is something that you really should be doing).
-
-#if SSLEAY_VERSION_NUMBER >= 0x0800
-#define SSLEAY8
-#endif
-
-buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
-            too if you are working with BIO internal stuff (as distinct
-        from simply using the interface in an opaque manner)
-
-#include "bio.h"    - required along with "buffer.h" if you write
-              your own BIO routines as the buffer and bio
-              stuff that was intermixed has been separated
-              out 
-            
-envelope.h -> evp.h  (which should have been done ages ago)
-
-Initialisation ... don't forget these or you end up with code that
-is missing the bits required to do useful things (like ciphers):
-
-SSLeay_add_ssl_algorithms()
-(probably also want SSL_load_error_strings() too but you should have
- already had that call in place)
-
-SSL_CTX_new()   - requires an extra method parameter
-              SSL_CTX_new(SSLv23_method()) 
-              SSL_CTX_new(SSLv2_method()) 
-              SSL_CTX_new(SSLv3_method()) 
-
-          OR to only have the server or the client code
-              SSL_CTX_new(SSLv23_server_method()) 
-              SSL_CTX_new(SSLv2_server_method()) 
-              SSL_CTX_new(SSLv3_server_method()) 
-          or  
-              SSL_CTX_new(SSLv23_client_method()) 
-              SSL_CTX_new(SSLv2_client_method()) 
-              SSL_CTX_new(SSLv3_client_method()) 
-
-SSL_set_default_verify_paths() ... renamed to the more appropriate
-SSL_CTX_set_default_verify_paths()
-
-If you want to use client certificates then you have to add in a bit
-of extra stuff in that a SSLv3 server sends a list of those CAs that
-it will accept certificates from ... so you have to provide a list to
-SSLeay otherwise certain browsers will not send client certs.
-
-SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
-
-
-X509_NAME_oneline(X)    -> X509_NAME_oneline(X,NULL,0)  
-               or provide a buffer and size to copy the
-               result into
-
-X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
-          notes on X509_NAME structure changes too)
-
-
-VERIFICATION CODE
-=================
-
-The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
-more accurately reflect things.
-
-The verification callback args are now packaged differently so that
-extra fields for verification can be added easily in future without
-having to break things by adding extra parameters each release :-)
-
-X509_cert_verify_error_string -> X509_verify_cert_error_string
-
-
-BIO INTERNALS
-=============
-
-Eric has fixed things so that extra flags can be introduced in
-the BIO layer in future without having to play with all the BIO
-modules by adding in some macros.
-
-The ugly stuff using 
-    b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_clear_retry_flags(b)
-
-    b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_set_retry_read(b)
-
-Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
-
-
-
-OTHER THINGS
-============
-
-X509_NAME has been altered so that it isn't just a STACK ... the STACK
-is now in the "entries" field ... and there are a pile of nice functions
-for getting at the details in a much cleaner manner.
-
-SSL_CTX has been altered ... "cert" is no longer a direct member of this
-structure ... things are now down under "cert_store" (see x509_vfy.h) and
-things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
-If your code "knows" about this level of detail then it will need some 
-surgery.
-
-If you depending on the incorrect spelling of a number of the error codes
-then you will have to change your code as these have been fixed.
-
-ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
-has been all along so this makes things clearer.
-ify_cert_error_string(ctx->error));
-
-SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
-            and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
-
-
-
- Changes between 0.7.x and 0.8.0
-  
-  *) There have been lots of changes, mostly the addition of SSLv3.
-     There have been many additions from people and amongst
-     others, C2Net has assisted greatly.
- 
- Changes between 0.7.x and 0.7.x
-
-  *) Internal development version only
-
-SSLeay 0.6.6 13-Jan-1997
-
-The main additions are
-
-- assember for x86 DES improvments.
-  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
-  loop and the IP/FP modifications are from
-  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
-  contribution.
-- The 'DES macros' introduced in 0.6.5 now have 3 types.
-  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
-  is best and there is a summery of mine in crypto/des/options.txt
-- A few bug fixes.
-- Added blowfish.  It is not used by SSL but all the other stuff that
-  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
-  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
-  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
-  the 'Configure' script.
-- There is now a 'get client certificate' callback which can be
-  'non-blocking'.  If more details are required, let me know.  It will
-  documented more in SSLv3 when I finish it.
-- Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
-  now tests the ca program.
-- Lots of little things modified and tweaked.
-
- SSLeay 0.6.5
-
-After quite some time (3 months), the new release.  I have been very busy
-for the last few months and so this is mostly bug fixes and improvments.
-
-The main additions are
-
-- assember for x86 DES.  For all those gcc based systems, this is a big
-  improvement.  From 117,000 DES operation a second on a pentium 100,
-  I now get 191,000.  I have also reworked the C version so it
-  now gives 148,000 DESs per second.  
-- As mentioned above, the inner DES macros now have some more variant that
-  sometimes help, sometimes hinder performance.  There are now 3 options
-  DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
-  and DES_RISC (a more register intensive version of the inner macro).
-  The crypto/des/des_opts.c program, when compiled and run, will give
-  an indication of the correct options to use.
-- The BIO stuff has been improved.  Read doc/bio.doc.  There are now
-  modules for encryption and base64 encoding and a BIO_printf() function.
-- The CA program will accept simple one line X509v3 extensions in the
-  ssleay.cnf file.  Have a look at the example.  Currently this just
-  puts the text into the certificate as an OCTET_STRING so currently
-  the more advanced X509v3 data types are not handled but this is enough
-  for the netscape extensions.
-- There is the start of a nicer higher level interface to the X509
-  strucutre.
-- Quite a lot of bug fixes.
-- CRYPTO_malloc_init()  (or CRYPTO_set_mem_functions()) can be used
-  to define the malloc(), free() and realloc() routines to use
-  (look in crypto/crypto.h).  This is mostly needed for Windows NT/95 when
-  using DLLs and mixing CRT libraries.
-
-In general, read the 'VERSION' file for changes and be aware that some of
-the new stuff may not have been tested quite enough yet, so don't just plonk
-in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
-
-SSLeay 0.6.4 30/08/96 eay
-
-I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
-Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
-
-The main changes in this release
-
-- Thread safe.  have a read of doc/threads.doc and play in the mt directory.
-  For anyone using 0.6.3 with threads, I found 2 major errors so consider
-  moving to 0.6.4.  I have a test program that builds under NT and
-  solaris.
-- The get session-id callback has changed.  Have a read of doc/callback.doc.
-- The X509_cert_verify callback (the SSL_verify callback) now
-  has another argument.  Have a read of doc/callback.doc
-- 'ca -preserve', sign without re-ordering the DN.  Not tested much.
-- VMS support.
-- Compile time memory leak detection can now be built into SSLeay.
-  Read doc/memory.doc
-- CONF routines now understand '\', '\n', '\r' etc.  What this means is that
-  the  SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
-- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
-- RC2 key setup is now compatable with Netscape.
-- Modifed server side of SSL implementation, big performance difference when
-      using session-id reuse.
-
-0.6.3
-
-Bug fixes and the addition of some nice stuff to the 'ca' program.
-Have a read of doc/ns-ca.doc for how hit has been modified so
-it can be driven from a CGI script.  The CGI script is not provided,
-but that is just being left as an excersize for the reader :-).
-
-0.6.2
-
-This is most bug fixes and functionality improvements.
-
-Additions are
-- More thread debugging patches, the thread stuff is still being
-  tested, but for those keep to play with stuff, have a look in
-  crypto/cryptlib.c.  The application needs to define 1 (or optionaly
-  a second) callback that is used to implement locking.  Compiling
-  with LOCK_DEBUG spits out lots of locking crud :-).
-  This is what I'm currently working on.
-- SSL_CTX_set_default_passwd_cb() can be used to define the callback
-  function used in the SSL*_file() functions used to load keys.  I was
-  always of the opinion that people should call
-  PEM_read_RSAPrivateKey() and pass the callback they want to use, but
-  it appears they just want to use the SSL_*_file() function() :-(.
-- 'enc' now has a -kfile so a key can be read from a file.  This is
-  mostly used so that the passwd does not appear when using 'ps',
-  which appears imposible to stop under solaris.
-- X509v3 certificates now work correctly.  I even have more examples
-  in my tests :-).  There is now a X509_EXTENSION type that is used in
-  X509v3 certificates and CRLv2.
-- Fixed that signature type error :-(
-- Fixed quite a few potential memory leaks and problems when reusing
-  X509, CRL and REQ structures.
-- EVP_set_pw_prompt() now sets the library wide default password
-  prompt.
-- The 'pkcs7' command will now, given the -print_certs flag, output in
-  pem format, all certificates and CRL contained within.  This is more
-  of a pre-emtive thing for the new verisign distribution method.  I
-  should also note, that this also gives and example in code, of how
-  to do this :-), or for that matter, what is involved in going the
-  other way (list of certs and crl -> pkcs7).
-- Added RSA's DESX to the DES library.  It is also available via the
-  EVP_desx_cbc() method and via 'enc desx'. 
-
-SSLeay 0.6.1
-
-The main functional changes since 0.6.0 are as follows
-- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
-  that from now on, I'll keep the .def numbers the same so they will be.
-- RSA private key operations are about 2 times faster that 0.6.0
-- The SSL_CTX now has more fields so default values can be put against
-  it.  When an SSL structure is created, these default values are used
-  but can be overwritten.  There are defaults for cipher, certificate,
-  private key, verify mode and callback.  This means SSL session
-  creation can now be
-  ssl=SSL_new()
-  SSL_set_fd(ssl,sock);
-  SSL_accept(ssl)
-  ....
-  All the other uglyness with having to keep a global copy of the
-  private key and certificate/verify mode in the server is now gone.
-- ssl/ssltest.c - one process talking SSL to its self for testing.
-- Storage of Session-id's can be controled via a session_cache_mode
-  flag.  There is also now an automatic default flushing of 
-  old session-id's.
-- The X509_cert_verify() function now has another parameter, this
-  should not effect most people but it now means that the reason for
-  the failure to verify is now available via SSL_get_verify_result(ssl).
-  You don't have to use a global variable.
-- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
-  application data against the SSL structure.  It is upto the application
-  to free the data.  I don't use it, but it is available.
-- SSL_CTX_set_cert_verify_callback() can be used to specify a
-  verify callback function that completly replaces my certificate
-  verification code.  Xcert should be able to use this :-).
-  The callback is of the form int app_verify_callback(arg,ssl,cert).
-  This needs to be documented more.
-- I have started playing with shared library builds, have a look in
-  the shlib directory.  It is very simple.  If you need a numbered
-  list of functions, have a look at misc/crypto.num and misc/ssl.num.
-- There is some stuff to do locking to make the library thread safe.
-  I have only started this stuff and have not finished.  If anyone is
-  keen to do so, please send me the patches when finished.
-
-So I have finally made most of the additions to the SSL interface that
-I thought were needed.
-
-There will probably be a pause before I make any non-bug/documentation
-related changes to SSLeay since I'm feeling like a bit of a break.
-
-eric - 12 Jul 1996
-I saw recently a comment by some-one that we now seem to be entering
-the age of perpetual Beta software.
-Pioneered by packages like linux but refined to an art form by
-netscape.
-
-I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
-
-There are quite a large number of sections that are 'works in
-progress' in this package.  I will also list the major changes and
-what files you should read.
-
-BIO - this is the new IO structure being used everywhere in SSLeay.  I
-started out developing this because of microsoft, I wanted a mechanism
-to callback to the application for all IO, so Windows 3.1 DLL
-perversion could be hidden from me and the 15 different ways to write
-to a file under NT would also not be dictated by me at library build
-time.  What the 'package' is is an API for a data structure containing
-functions.  IO interfaces can be written to conform to the
-specification.  This in not intended to hide the underlying data type
-from the application, but to hide it from SSLeay :-).
-I have only really finished testing the FILE * and socket/fd modules.
-There are also 'filter' BIO's.  Currently I have only implemented
-message digests, and it is in use in the dgst application.  This
-functionality will allow base64/encrypto/buffering modules to be
-'push' into a BIO without it affecting the semantics.  I'm also
-working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
-from an event loop which uses the interface.
-It is also possible to 'attach' callbacks to a BIO so they get called
-before and after each operation, alowing extensive debug output
-to be generated (try running dgst with -d).
-
-Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
-functions that used to take FILE *, now take BIO *.
-The wrappers are easy to write
-
-function_fp(fp,x)
-FILE *fp;
-    {
-    BIO *b;
-    int ret;
-
-    if ((b=BIO_new(BIO_s_file())) == NULL) error.....
-    BIO_set_fp(b,fp,BIO_NOCLOSE);
-    ret=function_bio(b,x);
-    BIO_free(b);
-    return(ret);
-    }
-Remember, there are no functions that take FILE * in SSLeay when
-compiled for Windows 3.1 DLL's.
-
---
-I have added a general EVP_PKEY type that can hold a public/private
-key.  This is now what is used by the EVP_ functions and is passed
-around internally.  I still have not done the PKCS#8 stuff, but
-X509_PKEY is defined and waiting :-)
-
---
-For a full function name listings, have a look at ms/crypt32.def and
-ms/ssl32.def.  These are auto-generated but are complete.
-Things like ASN1_INTEGER_get() have been added and are in here if you
-look.  I have renamed a few things, again, have a look through the
-function list and you will probably find what you are after.  I intend
-to at least put a one line descrition for each one.....
-
---
-Microsoft - thats what this release is about, read the MICROSOFT file.
-
---
-Multi-threading support.  I have started hunting through the code and
-flaging where things need to be done.  In a state of work but high on
-the list.
-
---
-For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
-be be you random data device, otherwise 'RFILE' in e_os.h
-will be used, in your home directory.  It will be updated
-periodically.  The environment variable RANDFILE will override this
-choice and read/write to that file instead.  DEVRANDOM is used in
-conjunction to the RFILE/RANDFILE.  If you wish to 'seed' the random
-number generator, pick on one of these files.
-
---
-
-The list of things to read and do
-
-dgst -d
-s_client -state (this uses a callback placed in the SSL state loop and
-        will be used else-where to help debug/monitor what
-        is happening.)
-
-doc/why.doc
-doc/bio.doc <- hmmm, needs lots of work.
-doc/bss_file.doc <- one that is working :-)
-doc/session.doc <- it has changed
-doc/speed.doc
- also play with ssleay version -a.  I have now added a SSLeay()
- function that returns a version number, eg 0600 for this release
- which is primarily to be used to check DLL version against the
- application.
-util/*  Quite a few will not interest people, but some may, like
- mk1mf.pl, mkdef.pl,
-util/do_ms.sh
-
-try
-cc -Iinclude -Icrypto -c crypto/crypto.c
-cc -Iinclude -Issl -c ssl/ssl.c
-You have just built the SSLeay libraries as 2 object files :-)
-
-Have a general rummage around in the bin stall directory and look at
-what is in there, like CA.sh and c_rehash
-
-There are lots more things but it is 12:30am on a Friday night and I'm
-heading home :-).
-
-eric 22-Jun-1996
-This version has quite a few major bug fixes and improvements.  It DOES NOT
-do SSLv3 yet.
-
-The main things changed
-- A Few days ago I added the s_mult application to ssleay which is
-  a demo of an SSL server running in an event loop type thing.
-  It supports non-blocking IO, I have finally gotten it right, SSL_accept()
-  can operate in non-blocking IO mode, look at the code to see how :-).
-  Have a read of doc/s_mult as well.  This program leaks memory and
-  file descriptors everywhere but I have not cleaned it up yet.
-  This is a demo of how to do non-blocking IO.
-- The SSL session management has been 'worked over' and there is now
-  quite an expansive set of functions to manipulate them.  Have a read of
-  doc/session.doc for some-things I quickly whipped up about how it now works.
-  This assume you know the SSLv2 protocol :-)
-- I can now read/write the netscape certificate format, use the
-  -inform/-outform  'net' options to the x509 command.  I have not put support
-  for this type in the other demo programs, but it would be easy to add.
-- asn1parse and 'enc' have been modified so that when reading base64
-  encoded files (pem format), they do not require '-----BEGIN' header lines.
-  The 'enc' program had a buffering bug fixed, it can be used as a general
-  base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
-  respecivly.  Leaving out the '-a' flag in this case makes the 'enc' command
-  into a form of 'cat'.
-- The 'x509' and 'req' programs have been fixed and modified a little so
-  that they generate self-signed certificates correctly.  The test
-  script actually generates a 'CA' certificate and then 'signs' a
-  'user' certificate.  Have a look at this shell script (test/sstest)
-  to see how things work, it tests most possible combinations of what can
-  be done.
-- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
-  of SSL_set_cipher_list() is now the correct API (stops confusion :-).
-  If this function is used in the client, only the specified ciphers can
-  be used, with preference given to the order the ciphers were listed.
-  For the server, if this is used, only the specified ciphers will be used
-  to accept connections.  If this 'option' is not used, a default set of
-  ciphers will be used.  The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
-  list for all ciphers started against the SSL_CTX.  So the order is
-  SSL cipher_list, if not present, SSL_CTX cipher list, if not
-  present, then the library default.
-  What this means is that normally ciphers like
-  NULL-MD5 will never be used.  The only way this cipher can be used
-  for both ends to specify to use it.
-  To enable or disable ciphers in the library at build time, modify the
-  first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
-  This file also contains the 'pref_cipher' list which is the default
-  cipher preference order.
-- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
-  options work.  They should, and they enable loading and writing the
-  netscape rsa private key format.  I will be re-working this section of
-  SSLeay for the next version.  What is currently in place is a quick and
-  dirty hack.
-- I've re-written parts of the bignum library.  This gives speedups
-  for all platforms.  I now provide assembler for use under Windows NT.
-  I have not tested the Windows 3.1 assembler but it is quite simple code.
-  This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
-  and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
-  Basically the times available under linux/solaris x86 can be achieve under
-  Windows NT.  I still don't know how these times compare to RSA's BSAFE
-  library but I have been emailing with people and with their help, I should
-  be able to get my library's quite a bit faster still (more algorithm changes).
-  The object file crypto/bn/asm/x86-32.obj should be used when linking
-  under NT.
-- 'make makefile.one' in the top directory will generate a single makefile
-  called 'makefile.one'  This makefile contains no perl references and
-  will build the SSLeay library into the 'tmp' and 'out' directories.
-  util/mk1mf.pl >makefile.one is how this makefile is
-  generated.  The mk1mf.pl command take several option to generate the
-  makefile for use with cc, gcc, Visual C++ and Borland C++.  This is
-  still under development.  I have only build .lib's for NT and MSDOS
-  I will be working on this more.  I still need to play with the
-  correct compiler setups for these compilers and add some more stuff but
-  basically if you just want to compile the library
-  on a 'non-unix' platform, this is a very very good file to start with :-).
-  Have a look in the 'microsoft' directory for my current makefiles.
-  I have not yet modified things to link with sockets under Windows NT.
-  You guys should be able to do this since this is actually outside of the
-  SSLeay scope :-).  I will be doing it for myself soon.
-  util/mk1mf.pl takes quite a few options including no-rc, rsaref  and no-sock
-  to build without RC2/RC4, to require RSAref for linking, and to
-  build with no socket code.
-
-- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
-  that was posted to sci.crypt has been added to the library and SSL.
-  I take the view that if RC2 is going to be included in a standard,
-  I'll include the cipher to make my package complete.
-  There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
-  at compile time.  I have not tested this recently but it should all work
-  and if you are in the USA and don't want RSA threatening to sue you,
-  you could probably remove the RC4/RC2 code inside these sections.
-  I may in the future include a perl script that does this code
-  removal automatically for those in the USA :-).
-- I have removed all references to sed in the makefiles.  So basically,
-  the development environment requires perl and sh.  The build environment
-  does not (use the makefile.one makefile).
-  The Configure script still requires perl, this will probably stay that way
-  since I have perl for Windows NT :-).
-
-eric (03-May-1996)
-
-PS Have a look in the VERSION file for more details on the changes and
-   bug fixes.
-I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
-things up.  This version will be quite stable, mostly because I'm on
-holidays until 10-March-1996.  For any problems in the interum, send email
-to Tim Hudson <tjh@mincom.oz.au>.
-
-SSLeay 0.5.0
-
-12-12-95
-This is going out before it should really be released.
-
-I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
-this for 11 weeks or get things out.  It is still going to change a
-lot in the next week so if you do grab this version, please test and
-give me feed back ASAP, inculuding questions on how to do things with
-the library.  This will prompt me to write documentation so I don't
-have to answer the same question again :-).
-
-This 'pre' release version is for people who are interested in the
-library.  The applications will have to be changed to use
-the new version of the SSL interface.  I intend to finish more
-documentation before I leave but until then, look at the programs in
-the apps directory.  As far as code goes, it is much much nicer than
-the old version.
-
-The current library works, has no memory leaks (as far as I can tell)
-and is far more bug free that 0.4.5d.  There are no global variable of
-consequence (I believe) and I will produce some documentation that
-tell where to look for those people that do want to do multi-threaded
-stuff.
-
-There should be more documentation.  Have a look in the
-doc directory.  I'll be adding more before I leave, it is a start
-by mostly documents the crypto library.  Tim Hudson will update
-the web page ASAP.  The spelling and grammar are crap but
-it is better than nothing :-)
-
-Reasons to start playing with version 0.5.0
-- All the programs in the apps directory build into one ssleay binary.
-- There is a new version of the 'req' program that generates certificate
-  requests, there is even documentation for this one :-)
-- There is a demo certification authorithy program.  Currently it will
-  look at the simple database and update it.  It will generate CRL from
-  the data base.  You need to edit the database by hand to revoke a
-  certificate, it is my aim to use perl5/Tk but I don't have time to do
-  this right now.  It will generate the certificates but the management
-  scripts still need to be written.  This is not a hard task.
-- Things have been cleaned up alot.
-- Have a look at the enc and dgst programs in the apps directory.
-- It supports v3 of x509 certiticates.
-
-
-Major things missing.
-- I have been working on (and thinging about) the distributed x509
-  hierachy problem.  I have not had time to put my solution in place.
-  It will have to wait until I come back.
-- I have not put in CRL checking in the certificate verification but
-  it would not be hard to do.  I was waiting until I could generate my
-  own CRL (which has only been in the last week) and I don't have time
-  to put it in correctly.
-- Montgomery multiplication need to be implemented.  I know the
-  algorithm, just ran out of time.
-- PKCS#7.  I can load and write the DER version.  I need to re-work
-  things to support BER (if that means nothing, read the ASN1 spec :-).
-- Testing of the higher level digital envelope routines.  I have not
-  played with the *_seal() and *_open() type functions.  They are
-  written but need testing.  The *_sign() and *_verify() functions are
-  rock solid. 
-- PEM.  Doing this and PKCS#7 have been dependant on the distributed
-  x509 heirachy problem.  I started implementing my ideas, got
-  distracted writing a CA program and then ran out of time.  I provide
-  the functionality of RSAref at least.
-- Re work the asm. code for the x86.  I've changed by low level bignum
-  interface again, so I really need to tweak the x86 stuff.  gcc is
-  good enough for the other boxes.
-
diff --git a/crypto/openssl/Configure b/crypto/openssl/Configure
deleted file mode 100755
index 768651f03cd0..000000000000
--- a/crypto/openssl/Configure
+++ /dev/null
@@ -1,1671 +0,0 @@
-:
-eval 'exec perl -S $0 ${1+"$@"}'
-    if $running_under_some_shell;
-##
-##  Configure -- OpenSSL source tree configuration script
-##
-
-require 5.000;
-use strict;
-
-# see INSTALL for instructions.
-
-my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
-
-# Options:
-#
-# --openssldir  install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
-#               --prefix option is given; /usr/local/ssl otherwise)
-# --prefix      prefix for the OpenSSL include, lib and bin directories
-#               (Default: the OPENSSLDIR directory)
-#
-# --install_prefix  Additional prefix for package builders (empty by
-#               default).  This needn't be set in advance, you can
-#               just as well use "make INSTALL_PREFIX=/whatever install".
-#
-# --with-krb5-dir  Declare where Kerberos 5 lives.  The libraries are expected
-#		to live in the subdirectory lib/ and the header files in
-#		include/.  A value is required.
-# --with-krb5-lib  Declare where the Kerberos 5 libraries live.  A value is
-#		required.
-#		(Default: KRB5_DIR/lib)
-# --with-krb5-include  Declare where the Kerberos 5 header files live.  A
-#		value is required.
-#		(Default: KRB5_DIR/include)
-# --with-krb5-flavor  Declare what flavor of Kerberos 5 is used.  Currently
-#		supported values are "MIT" and "Heimdal".  A value is required.
-#
-# --test-sanity Make a number of sanity checks on the data in this file.
-#               This is a debugging tool for OpenSSL developers.
-#
-# no-engine     do not compile in any engine code.
-# no-hw-xxx     do not compile support for specific crypto hardware.
-#               Generic OpenSSL-style methods relating to this support
-#               are always compiled but return NULL if the hardware
-#               support isn't compiled.
-# no-hw         do not compile support for any crypto hardware.
-# [no-]threads  [don't] try to create a library that is suitable for
-#               multithreaded applications (default is "threads" if we
-#               know how to do it)
-# [no-]shared	[don't] try to create shared libraries when supported.
-# no-asm        do not use assembler
-# no-dso        do not compile in any native shared-library methods. This
-#               will ensure that all methods just return NULL.
-# no-krb5       do not compile in any KRB5 library or code.
-# [no-]zlib     [don't] compile support for zlib compression.
-# zlib-dynamic	Like "zlib", but the zlib library is expected to be a shared
-#		library and will be loaded in run-time by the OpenSSL library.
-# 386           generate 80386 code
-# no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
-# -<xxx> +<xxx> compiler options are passed through 
-#
-# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-#		provided to stack calls. Generates unique stack functions for
-#		each possible stack type.
-# DES_PTR	use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
-# DES_RISC1	use different DES_ENCRYPT macro that helps reduce register
-#		dependancies but needs to more registers, good for RISC CPU's
-# DES_RISC2	A different RISC variant.
-# DES_UNROLL	unroll the inner DES loop, sometimes helps, somtimes hinders.
-# DES_INT	use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
-#		This is used on the DEC Alpha where long is 8 bytes
-#		and int is 4
-# BN_LLONG	use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# IDEA_SHORT	use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# IDEA_LONG	use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# RC2_SHORT	use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC2_LONG	use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC4_CHAR	use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_LONG	use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
-#		array lookups instead of pointer use.
-# RC4_CHUNK	enables code that handles data aligned at long (natural CPU
-#		word) boundary.
-# RC4_CHUNK_LL	enables code that handles data aligned at long long boundary
-#		(intended for 64-bit CPUs running 32-bit OS).
-# BF_PTR	use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
-# BF_PTR2	intel specific version (generic version is more efficient).
-# MD5_ASM	use some extra md5 assember,
-# SHA1_ASM	use some extra sha1 assember, must define L_ENDIAN for x86
-# RMD160_ASM	use some extra ripemd160 assember,
-
-my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-
-# MD2_CHAR slags pentium pros
-my $x86_gcc_opts="RC4_INDEX MD2_INT";
-
-# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
-# Don't worry about these normally
-
-my $tcc="cc";
-my $tflags="-fast -Xa";
-my $tbn_mul="";
-my $tlib="-lnsl -lsocket";
-#$bits1="SIXTEEN_BIT ";
-#$bits2="THIRTY_TWO_BIT ";
-my $bits1="THIRTY_TWO_BIT ";
-my $bits2="SIXTY_FOUR_BIT ";
-
-my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
-my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
-my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
-
-my $mips3_irix_asm="asm/mips3.o::::::::";
-# There seems to be boundary faults in asm/alpha.s.
-#my $alpha_asm="asm/alpha.o::::::::";
-my $alpha_asm="::::::::";
-
-# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
-# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
-
-#config-string	$cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags
-
-my %table=(
-# File 'TABLE' (created by 'make TABLE') contains the data from this list,
-# formatted for better readability.
-
-
-#"b",		"${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
-#"bl-4c-2c",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
-#"bl-4c-ri",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
-#"b2-is-ri-dp",	"${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
-
-# Our development configs
-"purify",	"purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
-"debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
-"debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o",
-"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::",
-"debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
-"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo",	"gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn",
-"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"dist",		"cc:-O::(unknown)::::::",
-
-# Basic configs that should work on any (32 and less bit) box
-"gcc",		"gcc:-O3::(unknown):::BN_LLONG:::",
-"cc",		"cc:-O::(unknown)::::::",
-
-#### Solaris x86 with GNU C setups
-# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
-# here because whenever GNU C instantiates an assembler template it
-# surrounds it with #APP #NO_APP comment pair which (at least Solaris
-# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
-# error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### Solaris x86 with Sun C setups
-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### SPARC Solaris with GNU C setups
-"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
-# but keep the assembler modules.
-"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### SPARC Solaris with Sun C setups
-# DO NOT use /xO[34] on sparc with SC3.0.  It is broken, and will not pass the tests
-"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
-# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
-# SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
-####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### SPARC Linux setups
-"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
-# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
-# assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# it's a real mess with -mcpu=ultrasparc option under Linux, but
-# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# Sunos configs, assuming sparc for the gcc one.
-##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:::",
-"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",
-
-#### IRIX 5.x configs
-# -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-#### IRIX 6.x configs
-# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
-# './Configure irix-[g]cc' manually.
-# -mips4 flag is added by ./config when appropriate.
-"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### Unified HP-UX ANSI C configs.
-# Special notes:
-# - Originally we were optimizing at +O4 level. It should be noted
-#   that the only difference between +O3 and +O4 is global inter-
-#   procedural analysis. As it has to be performed during the link
-#   stage the compiler leaves behind certain pseudo-code in lib*.a
-#   which might be release or even patch level specific. Generating
-#   the machine code for and analyzing the *whole* program appears
-#   to be *extremely* memory demanding while the performance gain is
-#   actually questionable. The situation is intensified by the default
-#   HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB
-#   which is way too low for +O4. In other words, doesn't +O3 make
-#   more sense?
-# - Keep in mind that the HP compiler by default generates code
-#   suitable for execution on the host you're currently compiling at.
-#   If the toolkit is ment to be used on various PA-RISC processors
-#   consider './config +DAportable'.
-# - +DD64 is chosen in favour of +DA2.0W because it's ment to be
-#   compatible with *future* releases.
-# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to
-#   pass -D_REENTRANT on HP-UX 10 and later.
-# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in
-#   32-bit message digests. (For the moment of this writing) HP C
-#   doesn't seem to "digest" too many local variables (they make "him"
-#   chew forever:-). For more details look-up MD32_XARRAY comment in
-#   crypto/sha/sha_lcl.h.
-#					<appro@fy.chalmers.se>
-#
-#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
-# Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# 64bit PARISC for GCC without optimization, which seems to make problems.
-# Submitted by <ross.alexander@uk.neceur.com>
-"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
-# with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# More attempts at unified 10.X and 11.X targets for HP C compiler.
-#
-# Chris Ruemmler <ruemmler@cup.hp.com>
-# Kevin Steves <ks@hp.se>
-"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# Isn't the line below meaningless? HP-UX cc optimizes for host by default.
-# hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
-"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# HPUX 9.X config.
-# Don't use the bundled cc.  It is broken.  Use HP ANSI C if possible, or
-# egcs.  gcc 2.8.1 is also broken.
-
-"hpux-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
-# please report your OS and compiler version to the openssl-bugs@openssl.org
-# mailing list.
-"hpux-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"hpux-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# If hpux-gcc fails, try this one:
-"hpux-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# HPUX 9.X on Motorola 68k platforms with gcc
-"hpux-m68k-gcc",  "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::",
-
-# HPUX 10.X config.  Supports threads.
-"hpux10-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
-"hpux10-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-"hpux10-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# If hpux10-gcc fails, try this one:
-"hpux10-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# HPUX 11.X from www.globus.org.
-# Only works on PA-RISC 2.0 cpus, and not optimized.  Why?
-#"hpux11-32bit-cc","cc:+DA2.0 -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::DES_PTR DES_UNROLL DES_RISC1:::",
-#"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::",
-# Use unified settings above instead.
-
-#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
-"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-
-#### PARISC Linux setups
-"linux-parisc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
-
-# Dec Alpha, OSF/1 - the alpha164-cc is historical, for the conversion
-# from the older DEC C Compiler to the newer compiler.  It's now the
-# same as the preferred entry, alpha-cc.  If you are still using the
-# older compiler (you're at 3.x or earlier, or perhaps very early 4.x)
-# you should use `alphaold-cc'.
-#
-#	"What's in a name? That which we call a rose
-#	 By any other word would smell as sweet."
-#
-# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
-#
-# For OSF/1 3.2b and earlier, and Digital UNIX 3.2c - 3.2g, with the
-# vendor compiler, use alphaold-cc.
-# For Digital UNIX 4.0 - 4.0e, with the vendor compiler, use alpha-cc.
-# For Tru64 UNIX 4.f - current, with the vendor compiler, use alpha-cc.
-#
-# There's also an alternate target available (which `config' will never
-# select) called alpha-cc-rpath.  This target builds an RPATH into the
-# shared libraries, which is very convenient on Tru64 since binaries
-# linked against that shared library will automatically inherit that RPATH,
-# and hence know where to look for the openssl libraries, even if they're in
-# an odd place.
-#
-# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
-#
-"alpha-gcc","gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
-"alphaold-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
-"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
-"alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
-"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared-rpath:::.so",
-#
-# This probably belongs in a different section.
-#
-"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-#### Alpha Linux with GNU C and Compaq C setups
-# Special notes:
-# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
-#   ought to run './Configure linux-alpha+bwx-gcc' manually, do
-#   complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever
-#   which is appropriate.
-# - If you use ccc keep in mind that -fast implies -arch host and the
-#   compiler is free to issue instructions which gonna make elder CPU
-#   choke. If you wish to build "blended" toolkit, add -arch generic
-#   *after* -fast and invoke './Configure linux-alpha-ccc' manually.
-#
-#					<appro@fy.chalmers.se>
-#
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-
-# assembler versions -- currently defunct:
-##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
-
-# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
-# bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-pentium",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppro",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-k6",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
-"linux-mipsel",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-mips",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-m68k",   "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
-"linux-s390",	"gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-s390x",	"gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"nextstep",	"cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
-"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
-
-# NCR MP-RAS UNIX ver 02.03.01
-"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
-
-# QNX 4
-"qnx4",	"cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-
-# QNX 6
-"qnx6",	"cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
-
-# Linux on ARM
-"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-# SCO/Caldera targets.
-#
-# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
-# Now we only have blended unixware-* as it's the only one used by ./config.
-# If you want to optimize for particular microarchitecture, bypass ./config
-# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
-# Note that not all targets include assembler support. Mostly because of
-# lack of motivation to support out-of-date platforms with out-of-date
-# compiler drivers and assemblers. Tim Rice <tim@multitalents.net> has
-# patiently assisted to debug most of it.
-#
-# UnixWare 2.0x fails destest with -O
-"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
-"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
-"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"sco3-gcc",  "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
-# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc.
-"sco5-cc",  "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-
-# IBM's AIX.
-"aix-cc",   "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc",  "gcc:-O3 -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix43-cc",   "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::",
-"aix43-gcc",  "gcc:-O1 -DAIX -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:",
-"aix64-cc",   "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384 -q64::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
-
-#
-# Cray T90 and similar (SDSC)
-# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
-# defined.  The T90 ints and longs are 8 bytes long, and apparently the
-# B_ENDIAN code assumes 4 byte ints.  Fortunately, the non-B_ENDIAN and
-# non L_ENDIAN code aligns the bytes in each word correctly.
-#
-# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
-#'Taking the address of a bit field is not allowed. '
-#'An expression with bit field exists as the operand of "sizeof" '
-# (written by Wayne Schroeder <schroede@SDSC.EDU>)
-#
-# j90 is considered the base machine type for unicos machines,
-# so this configuration is now called "cray-j90" ...
-"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::",
-
-#
-# Cray T3E (Research Center Juelich, beckman@acl.lanl.gov)
-#
-# The BIT_FIELD_LIMITS define was written for the C90 (it seems).  I added
-# another use.  Basically, the problem is that the T3E uses some bit fields
-# for some st_addr stuff, and then sizeof and address-of fails
-# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
-# did not like it.
-"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::",
-
-# DGUX, 88100.
-"dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::",
-"dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-
-# Sinix/ReliantUNIX RM400
-# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
-"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
-"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
-
-# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
-"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
-
-# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
-# You need to compile using the c89.sh wrapper in the tools directory, because the
-# IBM compiler does not like the -L switch after any object modules.
-#
-"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H  -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
-
-# Windows NT, Microsoft Visual C++ 4.0
-
-"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
-"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
-"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
-"VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-"VC-W31-32","cl::::WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-
-# Borland C++ 4.5
-"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN::::::::::win32",
-"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-
-# Mingw32
-# (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl
-# and its library files in util/pl/*)
-"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-
-# UWIN 
-"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-
-# Cygwin
-"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
-
-# DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
-
-# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
-"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
-"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::",
-# K&R C is no longer supported; you need gcc on old Ultrix installations
-##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
-
-# Some OpenBSD from Bob Beck <beck@obtuse.com>
-"OpenBSD",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-alpha",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-i386",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-m68k",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-m88k",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-mips",		"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-powerpc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-vax",		"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-hppa",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
-##### MacOS X (a.k.a. Rhapsody or Darwin) setup
-"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
-"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-
-##### A/UX
-"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
-
-##### Sony NEWS-OS 4.x
-"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
-
-##### GNU Hurd
-"hurd-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
-
-##### OS/2 EMX
-"OS2-EMX", "gcc::::::::",
-
-##### VxWorks for various targets
-"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
-"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
-
-##### Compaq Non-Stop Kernel (Tandem)
-"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
-
-);
-
-my @WinTargets=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS
-	BC-32 BC-16 Mingw32 OS2-EMX);
-
-my $idx = 0;
-my $idx_cc = $idx++;
-my $idx_cflags = $idx++;
-my $idx_unistd = $idx++;
-my $idx_thread_cflag = $idx++;
-my $idx_sys_id = $idx++;
-my $idx_lflags = $idx++;
-my $idx_bn_ops = $idx++;
-my $idx_bn_obj = $idx++;
-my $idx_des_obj = $idx++;
-my $idx_bf_obj = $idx++;
-my $idx_md5_obj = $idx++;
-my $idx_sha1_obj = $idx++;
-my $idx_cast_obj = $idx++;
-my $idx_rc4_obj = $idx++;
-my $idx_rmd160_obj = $idx++;
-my $idx_rc5_obj = $idx++;
-my $idx_dso_scheme = $idx++;
-my $idx_shared_target = $idx++;
-my $idx_shared_cflag = $idx++;
-my $idx_shared_ldflag = $idx++;
-my $idx_shared_extension = $idx++;
-my $idx_ranlib = $idx++;
-my $idx_arflags = $idx++;
-
-my $prefix="";
-my $openssldir="";
-my $exe_ext="";
-my $install_prefix="";
-my $no_threads=0;
-my $no_shared=1;
-my $zlib=0;
-my $no_krb5=0;
-my $threads=0;
-my $no_asm=0;
-my $no_dso=0;
-my @skip=();
-my $Makefile="Makefile.ssl";
-my $des_locl="crypto/des/des_locl.h";
-my $des	="crypto/des/des.h";
-my $bn	="crypto/bn/bn.h";
-my $md2	="crypto/md2/md2.h";
-my $rc4	="crypto/rc4/rc4.h";
-my $rc4_locl="crypto/rc4/rc4_locl.h";
-my $idea	="crypto/idea/idea.h";
-my $rc2	="crypto/rc2/rc2.h";
-my $bf	="crypto/bf/bf_locl.h";
-my $bn_asm	="bn_asm.o";
-my $des_enc="des_enc.o fcrypt_b.o";
-my $bf_enc	="bf_enc.o";
-my $cast_enc="c_enc.o";
-my $rc4_enc="rc4_enc.o";
-my $rc5_enc="rc5_enc.o";
-my $md5_obj="";
-my $sha1_obj="";
-my $rmd160_obj="";
-my $processor="";
-my $default_ranlib;
-my $perl;
-
-my $no_ssl2=0;
-my $no_ssl3=0;
-my $no_tls1=0;
-my $no_md5=0;
-my $no_sha=0;
-my $no_rsa=0;
-my $no_dh=0;
-
-$default_ranlib= &which("ranlib") or $default_ranlib="true";
-$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
-  or $perl="perl";
-
-&usage if ($#ARGV < 0);
-
-my $flags;
-my $depflags;
-my $openssl_algorithm_defines;
-my $openssl_thread_defines;
-my $openssl_sys_defines="";
-my $openssl_other_defines;
-my $libs;
-my $libkrb5="";
-my $target;
-my $options;
-my $symlink;
-my $make_depend=0;
-my %withargs=();
-
-my @argvcopy=@ARGV;
-my $argvstring="";
-my $argv_unprocessed=1;
-
-while($argv_unprocessed)
-	{
-	$flags="";
-	$depflags="";
-	$openssl_algorithm_defines="";
-	$openssl_thread_defines="";
-	$openssl_sys_defines="";
-	$openssl_other_defines="";
-	$libs="";
-	$target="";
-	$options="";
-	$symlink=1;
-
-	$argv_unprocessed=0;
-	$argvstring=join(' ',@argvcopy);
-
-PROCESS_ARGS:
-	foreach (@argvcopy)
-		{
-		s /^-no-/no-/; # some people just can't read the instructions
-		if (/^--test-sanity$/)
-			{
-			exit(&test_sanity());
-			}
-		elsif (/^no-asm$/)
-		 	{
-			$no_asm=1;
-			$flags .= "-DOPENSSL_NO_ASM ";
-			$openssl_other_defines .= "#define OPENSSL_NO_ASM\n";
-			}
-		elsif (/^no-err$/)
-		 	{
-			$flags .= "-DOPENSSL_NO_ERR ";
-			$openssl_other_defines .= "#define OPENSSL_NO_ERR\n";
-			}
-		elsif (/^no-hw-(.+)$/)
-			{
-			my $hw=$1;
-			$hw =~ tr/[a-z]/[A-Z]/;
-			$flags .= "-DOPENSSL_NO_HW_$hw ";
-			$openssl_other_defines .= "#define OPENSSL_NO_HW_$hw\n";
-			}
-		elsif (/^no-hw$/)
-			{
-			$flags .= "-DOPENSSL_NO_HW ";
-			$openssl_other_defines .= "#define OPENSSL_NO_HW\n";
-			}
-		elsif (/^no-dso$/)
-			{ $no_dso=1; }
-		elsif (/^no-krb5$/)
-			{ $no_krb5=1; }
-		elsif (/^no-threads$/)
-			{ $no_threads=1; }
-		elsif (/^threads$/)
-			{ $threads=1; }
-		elsif (/^no-shared$/)
-			{ $no_shared=1; }
-		elsif (/^shared$/ || /^-shared$/ || /^--shared$/)
-			{ $no_shared=0; }
-		elsif (/^no-zlib$/)
-			{ $zlib=0; }
-		elsif (/^zlib$/)
-			{ $zlib=1; }
-		elsif (/^zlib-dynamic$/)
-			{ $zlib=2; }
-		elsif (/^no-symlinks$/)
-			{ $symlink=0; }
-		elsif (/^no-ssl$/)
-			{ $no_ssl2 = $no_ssl3 = 1; }
-		elsif (/^no-ssl2$/)
-			{ $no_ssl2 = 1; }
-		elsif (/^no-ssl3$/)
-			{ $no_ssl3 = 1; }
-		elsif (/^no-tls1?$/)
-			{ $no_tls1 = 1; }
-		elsif (/^no-(.+)$/)
-			{
-			my $algo=$1;
-			push @skip,$algo;
-			$algo =~ tr/[a-z]/[A-Z]/;
-			$flags .= "-DOPENSSL_NO_$algo ";
-			$depflags .= "-DOPENSSL_NO_$algo ";
-			$openssl_algorithm_defines .= "#define OPENSSL_NO_$algo\n";
-			if ($algo eq "RIJNDAEL")
-				{
-				push @skip, "aes";
-				$flags .= "-DOPENSSL_NO_AES ";
-				$depflags .= "-DOPENSSL_NO_AES ";
-				$openssl_algorithm_defines .= "#define OPENSSL_NO_AES\n";
-				}
-			if ($algo eq "DES")
-				{
-				push @skip, "mdc2";
-				$options .= " no-mdc2";
-				$flags .= "-DOPENSSL_NO_MDC2 ";
-				$depflags .= "-DOPENSSL_NO_MDC2 ";
-				$openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n";
-				}
-			if ($algo eq "MD5")
-				{
-				$no_md5 = 1;
-				}
-			if ($algo eq "SHA")
-				{
-				$no_sha = 1;
-				}
-			if ($algo eq "RSA")
-				{
-				$no_rsa = 1;
-				}
-			if ($algo eq "DH")
-				{
-				$no_dh = 1;
-				}
-			}
-		elsif (/^reconfigure/ || /^reconf/)
-			{
-			if (open(IN,"<$Makefile"))
-				{
-				while (<IN>)
-					{
-					chop;
-					if (/^CONFIGURE_ARGS=(.*)/)
-						{
-						$argvstring=$1;
-						@argvcopy=split(' ',$argvstring);
-						die "Incorrect data to reconfigure, please do a normal configuration\n"
-							if (grep(/^reconf/,@argvcopy));
-						print "Reconfiguring with: $argvstring\n";
-						$argv_unprocessed=1;
-						close(IN);
-						last PROCESS_ARGS;
-						}
-					}
-				close(IN);
-				}
-			die "Insufficient data to reconfigure, please do a normal configuration\n";
-			}
-		elsif (/^386$/)
-			{ $processor=386; }
-		elsif (/^rsaref$/)
-			{
-			# No RSAref support any more since it's not needed.
-			# The check for the option is there so scripts aren't
-			# broken
-			}
-		elsif (/^[-+]/)
-			{
-			if (/^-[lL](.*)$/)
-				{
-				$libs.=$_." ";
-				}
-			elsif (/^-[^-]/ or /^\+/)
-				{
-				$flags.=$_." ";
-				}
-			elsif (/^--prefix=(.*)$/)
-				{
-				$prefix=$1;
-				}
-			elsif (/^--openssldir=(.*)$/)
-				{
-				$openssldir=$1;
-				}
-			elsif (/^--install.prefix=(.*)$/)
-				{
-				$install_prefix=$1;
-				}
-			elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
-				{
-				$withargs{"krb5-".$1}=$2;
-				}
-			else
-				{
-				print STDERR $usage;
-				exit(1);
-				}
-			}
-		elsif ($_ =~ /^([^:]+):(.+)$/)
-			{
-			eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
-			$target=$1;
-			}
-		else
-			{
-			die "target already defined - $target\n" if ($target ne "");
-			$target=$_;
-			}
-		unless ($_ eq $target) {
-			if ($options eq "") {
-				$options = $_;
-			} else {
-				$options .= " ".$_;
-			}
-		}
-	}
-}
-
-$no_ssl3=1 if ($no_md5 || $no_sha);
-$no_ssl3=1 if ($no_rsa && $no_dh);
-
-$no_ssl2=1 if ($no_md5);
-$no_ssl2=1 if ($no_rsa);
-
-$no_tls1=1 if ($no_md5 || $no_sha);
-$no_tls1=1 if ($no_dh);
-
-if ($no_ssl2)
-	{
-	push @skip,"SSL2";
-	$flags .= "-DOPENSSL_NO_SSL2 ";
-	$depflags .= "-DOPENSSL_NO_SSL2 ";
-	$openssl_algorithm_defines .= "#define OPENSSL_NO_SSL2\n";
-	}
-
-if ($no_ssl3)
-	{
-	push @skip,"SSL3";
-	$flags .= "-DOPENSSL_NO_SSL3 ";
-	$depflags .= "-DOPENSSL_NO_SSL3 ";
-	$openssl_algorithm_defines .= "#define OPENSSL_NO_SSL3\n";
-	}
-
-if ($no_tls1)
-	{
-	push @skip,"TLS1";
-	$flags .= "-DOPENSSL_NO_TLS1 ";
-	$depflags .= "-DOPENSSL_NO_TLS1 ";
-	$openssl_algorithm_defines .= "#define OPENSSL_NO_TLS1\n";
-	}
-
-if ($target eq "TABLE") {
-	foreach $target (sort keys %table) {
-		print_table_entry($target);
-	}
-	exit 0;
-}
-
-if ($target eq "LIST") {
-	foreach (sort keys %table) {
-		print;
-		print "\n";
-	}
-	exit 0;
-}
-
-if ($target =~ m/^CygWin32(-.*)$/) {
-	$target = "Cygwin".$1;
-}
-
-print "Configuring for $target\n";
-
-&usage if (!defined($table{$target}));
-
-my $IsWindows=scalar grep /^$target$/,@WinTargets;
-
-$exe_ext=".exe" if ($target eq "Cygwin");
-$exe_ext=".exe" if ($target eq "DJGPP");
-$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
-$prefix=$openssldir if $prefix eq "";
-
-chop $openssldir if $openssldir =~ /\/$/;
-chop $prefix if $prefix =~ /\/$/;
-
-$openssldir=$prefix . "/ssl" if $openssldir eq "";
-$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
-
-
-print "IsWindows=$IsWindows\n";
-
-my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-my $cc = $fields[$idx_cc];
-my $cflags = $fields[$idx_cflags];
-my $unistd = $fields[$idx_unistd];
-my $thread_cflag = $fields[$idx_thread_cflag];
-my $sys_id = $fields[$idx_sys_id];
-my $lflags = $fields[$idx_lflags];
-my $bn_ops = $fields[$idx_bn_ops];
-my $bn_obj = $fields[$idx_bn_obj];
-my $des_obj = $fields[$idx_des_obj];
-my $bf_obj = $fields[$idx_bf_obj];
-$md5_obj = $fields[$idx_md5_obj];
-$sha1_obj = $fields[$idx_sha1_obj];
-my $cast_obj = $fields[$idx_cast_obj];
-my $rc4_obj = $fields[$idx_rc4_obj];
-$rmd160_obj = $fields[$idx_rmd160_obj];
-my $rc5_obj = $fields[$idx_rc5_obj];
-my $dso_scheme = $fields[$idx_dso_scheme];
-my $shared_target = $fields[$idx_shared_target];
-my $shared_cflag = $fields[$idx_shared_cflag];
-my $shared_ldflag = $fields[$idx_shared_ldflag];
-my $shared_extension = $fields[$idx_shared_extension];
-my $ranlib = $fields[$idx_ranlib];
-my $arflags = $fields[$idx_arflags];
-
-my $no_shared_warn=0;
-
-$cflags="$flags$cflags" if ($flags ne "");
-
-# Kerberos settings.  The flavor must be provided from outside, either through
-# the script "config" or manually.
-if ($no_krb5
-	|| !defined($withargs{"krb5-flavor"})
-	|| $withargs{"krb5-flavor"} eq "")
-	{
-	$cflags="-DOPENSSL_NO_KRB5 $cflags";
-	$options.=" no-krb5" unless $no_krb5;
-	$openssl_algorithm_defines .= "#define OPENSSL_NO_KRB5\n";
-	}
-else
-	{
-	my ($lresolv, $lpath, $lext);
-	if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
-		{
-		die "Sorry, Heimdal is currently not supported\n";
-		}
-	##### HACK to force use of Heimdal.
-	##### WARNING: Since we don't really have adequate support for Heimdal,
-	#####          using this will break the build.  You'll have to make
-	#####          changes to the source, and if you do, please send
-	#####          patches to openssl-dev@openssl.org
-	if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
-		{
-		warn "Heimdal isn't really supported.  Your build WILL break\n";
-		warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
-		$withargs{"krb5-dir"} = "/usr/heimdal"
-			if $withargs{"krb5-dir"} eq "";
-		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
-			"/lib -lgssapi -lkrb5 -lcom_err"
-			if $withargs{"krb5-lib"} eq "";
-		$cflags="-DKRB5_HEIMDAL $cflags";
-		}
-	if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
-		{
-		$withargs{"krb5-dir"} = "/usr/kerberos"
-			if $withargs{"krb5-dir"} eq "";
-		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
-			"/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
-			if $withargs{"krb5-lib"} eq "";
-		$cflags="-DKRB5_MIT $cflags";
-		$withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
-		if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
-			{
-			$cflags="-DKRB5_MIT_OLD11 $cflags";
-			}
-		}
-	LRESOLV:
-	foreach $lpath ("/lib", "/usr/lib")
-		{
-		foreach $lext ("a", "so")
-			{
-			$lresolv = "$lpath/libresolv.$lext";
-			last LRESOLV	if (-r "$lresolv");
-			$lresolv = "";
-			}
-		}
-	$withargs{"krb5-lib"} .= " -lresolv"
-		if ("$lresolv" ne "");
-	$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
-		if $withargs{"krb5-include"} eq "" &&
-		   $withargs{"krb5-dir"} ne "";
-	}
-
-# The DSO code currently always implements all functions so that no
-# applications will have to worry about that from a compilation point
-# of view. However, the "method"s may return zero unless that platform
-# has support compiled in for them. Currently each method is enabled
-# by a define "DSO_<name>" ... we translate the "dso_scheme" config
-# string entry into using the following logic;
-my $dso_cflags;
-if (!$no_dso && $dso_scheme ne "")
-	{
-	$dso_scheme =~ tr/[a-z]/[A-Z]/;
-	if ($dso_scheme eq "DLFCN")
-		{
-		$dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
-		}
-	elsif ($dso_scheme eq "DLFCN_NO_H")
-		{
-		$dso_cflags = "-DDSO_DLFCN";
-		}
-	else
-		{
-		$dso_cflags = "-DDSO_$dso_scheme";
-		}
-	$cflags = "$dso_cflags $cflags";
-	}
-
-my $thread_cflags;
-my $thread_defines;
-if ($thread_cflag ne "(unknown)" && !$no_threads)
-	{
-	# If we know how to do it, support threads by default.
-	$threads = 1;
-	}
-if ($thread_cflag eq "(unknown)")
-	{
-	# If the user asked for "threads", hopefully they also provided
-	# any system-dependent compiler options that are necessary.
-	$thread_cflags="-DOPENSSL_THREADS $cflags" ;
-	$thread_defines .= "#define OPENSSL_THREADS\n";
-	}
-else
-	{
-	$thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
-	$thread_defines .= "#define OPENSSL_THREADS\n";
-#	my $def;
-#	foreach $def (split ' ',$thread_cflag)
-#		{
-#		if ($def =~ s/^-D// && $def !~ /^_/)
-#			{
-#			$thread_defines .= "#define $def\n";
-#			}
-#		}
-	}	
-
-$lflags="$libs$lflags" if ($libs ne "");
-
-if ($no_asm)
-	{
-	$bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
-	$sha1_obj=$md5_obj=$rmd160_obj="";
-	}
-
-if (!$no_shared)
-	{
-	$cast_obj="";	# CAST assembler is not PIC
-	}
-
-if ($threads)
-	{
-	$cflags=$thread_cflags;
-	$openssl_thread_defines .= $thread_defines;
-	}
-
-if ($zlib)
-	{
-	$cflags = "-DZLIB $cflags";
-	$cflags = "-DZLIB_SHARED $cflags" if $zlib == 2;
-	$lflags = "$lflags -lz" if $zlib == 1;
-	}
-
-# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
-my $shared_mark = "";
-if ($shared_target eq "")
-	{
-	$no_shared_warn = 1 if !$no_shared;
-	$no_shared = 1;
-	}
-if (!$no_shared)
-	{
-	if ($shared_cflag ne "")
-		{
-		$cflags = "$shared_cflag $cflags";
-		}
-	}
-
-if ($sys_id ne "")
-	{
-	$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags";
-	$openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n";
-	}
-
-if ($ranlib eq "")
-	{
-	$ranlib = $default_ranlib;
-	}
-
-#my ($bn1)=split(/\s+/,$bn_obj);
-#$bn1 = "" unless defined $bn1;
-#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
-#$bn_obj="$bn1";
-
-$bn_obj = $bn_asm unless $bn_obj ne "";
-
-$des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
-$cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
-$rc4_obj=$rc4_enc	unless ($rc4_obj =~ /\.o$/);
-$rc5_obj=$rc5_enc	unless ($rc5_obj =~ /\.o$/);
-if ($sha1_obj =~ /\.o$/)
-	{
-#	$sha1_obj=$sha1_enc;
-	$cflags.=" -DSHA1_ASM";
-	}
-if ($md5_obj =~ /\.o$/)
-	{
-#	$md5_obj=$md5_enc;
-	$cflags.=" -DMD5_ASM";
-	}
-if ($rmd160_obj =~ /\.o$/)
-	{
-#	$rmd160_obj=$rmd160_enc;
-	$cflags.=" -DRMD160_ASM";
-	}
-
-# "Stringify" the C flags string.  This permits it to be made part of a string
-# and works as well on command lines.
-$cflags =~ s/([\\\"])/\\\1/g;
-
-my $version = "unknown";
-my $major = "unknown";
-my $minor = "unknown";
-my $shlib_version_number = "unknown";
-my $shlib_version_history = "unknown";
-my $shlib_major = "unknown";
-my $shlib_minor = "unknown";
-
-open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
-while (<IN>)
-	{
-	$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
-	$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
-	$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
-	}
-close(IN);
-if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }
-
-if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
-	{
-	$major=$1;
-	$minor=$2;
-	}
-
-if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
-	{
-	$shlib_major=$1;
-	$shlib_minor=$2;
-	}
-
-open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
-unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
-open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
-my $sdirs=0;
-while (<IN>)
-	{
-	chop;
-	$sdirs = 1 if /^SDIRS=/;
-	if ($sdirs) {
-		my $dir;
-		foreach $dir (@skip) {
-			s/([ 	])$dir /\1/;
-			}
-		}
-	$sdirs = 0 unless /\\$/;
-	s/^VERSION=.*/VERSION=$version/;
-	s/^MAJOR=.*/MAJOR=$major/;
-	s/^MINOR=.*/MINOR=$minor/;
-	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
-	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
-	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
-	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
-	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
-	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
-	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
-	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
-	s/^PLATFORM=.*$/PLATFORM=$target/;
-	s/^OPTIONS=.*$/OPTIONS=$options/;
-	s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
-	s/^CC=.*$/CC= $cc/;
-	s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
-	s/^CFLAG=.*$/CFLAG= $cflags/;
-	s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
-	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
-	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
-	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
-	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
-	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
-	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
-	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
-	s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
-	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
-	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
-	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
-	s/^PROCESSOR=.*/PROCESSOR= $processor/;
-	s/^RANLIB=.*/RANLIB= $ranlib/;
-	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
-	s/^PERL=.*/PERL= $perl/;
-	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
-	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
-	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
-	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
-	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
-	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
-		{
-		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
-		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
-		{
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
-		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
-		{
-		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
-		{
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
-		}
-	s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
-	print OUT $_."\n";
-	}
-close(IN);
-close(OUT);
-rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
-rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
-
-print "CC            =$cc\n";
-print "CFLAG         =$cflags\n";
-print "EX_LIBS       =$lflags\n";
-print "BN_ASM        =$bn_obj\n";
-print "DES_ENC       =$des_obj\n";
-print "BF_ENC        =$bf_obj\n";
-print "CAST_ENC      =$cast_obj\n";
-print "RC4_ENC       =$rc4_obj\n";
-print "RC5_ENC       =$rc5_obj\n";
-print "MD5_OBJ_ASM   =$md5_obj\n";
-print "SHA1_OBJ_ASM  =$sha1_obj\n";
-print "RMD160_OBJ_ASM=$rmd160_obj\n";
-print "PROCESSOR     =$processor\n";
-print "RANLIB        =$ranlib\n";
-print "ARFLAGS       =$arflags\n";
-print "PERL          =$perl\n";
-print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
-	if $withargs{"krb5-include"} ne "";
-
-my $des_ptr=0;
-my $des_risc1=0;
-my $des_risc2=0;
-my $des_unroll=0;
-my $bn_ll=0;
-my $def_int=2;
-my $rc4_int=$def_int;
-my $md2_int=$def_int;
-my $idea_int=$def_int;
-my $rc2_int=$def_int;
-my $rc4_idx=0;
-my $rc4_chunk=0;
-my $bf_ptr=0;
-my @type=("char","short","int","long");
-my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
-my $export_var_as_fn=0;
-
-my $des_int;
-
-foreach (sort split(/\s+/,$bn_ops))
-	{
-	$des_ptr=1 if /DES_PTR/;
-	$des_risc1=1 if /DES_RISC1/;
-	$des_risc2=1 if /DES_RISC2/;
-	$des_unroll=1 if /DES_UNROLL/;
-	$des_int=1 if /DES_INT/;
-	$bn_ll=1 if /BN_LLONG/;
-	$rc4_int=0 if /RC4_CHAR/;
-	$rc4_int=3 if /RC4_LONG/;
-	$rc4_idx=1 if /RC4_INDEX/;
-	$rc4_chunk=1 if /RC4_CHUNK/;
-	$rc4_chunk=2 if /RC4_CHUNK_LL/;
-	$md2_int=0 if /MD2_CHAR/;
-	$md2_int=3 if /MD2_LONG/;
-	$idea_int=1 if /IDEA_SHORT/;
-	$idea_int=3 if /IDEA_LONG/;
-	$rc2_int=1 if /RC2_SHORT/;
-	$rc2_int=3 if /RC2_LONG/;
-	$bf_ptr=1 if $_ eq "BF_PTR";
-	$bf_ptr=2 if $_ eq "BF_PTR2";
-	($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
-	$export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
-	}
-
-open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
-unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
-open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
-print OUT "/* opensslconf.h */\n";
-print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
-
-print OUT "/* OpenSSL was configured with the following options: */\n";
-my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
-$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n#  define $1\n# endif/mg;
-$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_algorithm_defines = "   /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
-$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
-print OUT $openssl_sys_defines;
-print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
-print OUT $openssl_algorithm_defines;
-print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n";
-print OUT $openssl_thread_defines;
-print OUT $openssl_other_defines,"\n";
-
-print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
-print OUT "   asks for it.  This is a transient feature that is provided for those\n";
-print OUT "   who haven't had the time to do the appropriate changes in their\n";
-print OUT "   applications.  */\n";
-print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
-print OUT $openssl_algorithm_defines_trans;
-print OUT "#endif\n\n";
-
-while (<IN>)
-	{
-	if	(/^#define\s+OPENSSLDIR/)
-		{ print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
-	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
-		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
-			if $export_var_as_fn;
-		  printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
-			($export_var_as_fn)?"define":"undef"; }
-	elsif	(/^#define\s+OPENSSL_UNISTD/)
-		{
-		$unistd = "<unistd.h>" if $unistd eq "";
-		print OUT "#define OPENSSL_UNISTD $unistd\n";
-		}
-	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
-		{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
-		{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
-		{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+SIXTEEN_BIT/)
-		{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+EIGHT_BIT/)
-		{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+BN_LLONG\s*$/)
-		{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
-	elsif	(/^\#define\s+DES_LONG\s+.*/)
-		{ printf OUT "#define DES_LONG unsigned %s\n",
-			($des_int)?'int':'long'; }
-	elsif	(/^\#(define|undef)\s+DES_PTR/)
-		{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_RISC1/)
-		{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_RISC2/)
-		{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_UNROLL/)
-		{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
-	elsif	(/^#define\s+RC4_INT\s/)
-		{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
-	elsif	(/^#undef\s+RC4_CHUNK/)
-		{
-		printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
-		printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
-		printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
-		}
-	elsif	(/^#((define)|(undef))\s+RC4_INDEX/)
-		{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
-	elsif (/^#(define|undef)\s+I386_ONLY/)
-		{ printf OUT "#%s I386_ONLY\n", ($processor == 386)?
-			"define":"undef"; }
-	elsif	(/^#define\s+MD2_INT\s/)
-		{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
-	elsif	(/^#define\s+IDEA_INT\s/)
-		{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
-	elsif	(/^#define\s+RC2_INT\s/)
-		{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
-	elsif (/^#(define|undef)\s+BF_PTR/)
-		{
-		printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
-		printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
-		printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
-	        }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
-
-
-# Fix the date
-
-print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
-print "SIXTY_FOUR_BIT mode\n" if $b64;
-print "THIRTY_TWO_BIT mode\n" if $b32;
-print "SIXTEEN_BIT mode\n" if $b16;
-print "EIGHT_BIT mode\n" if $b8;
-print "DES_PTR used\n" if $des_ptr;
-print "DES_RISC1 used\n" if $des_risc1;
-print "DES_RISC2 used\n" if $des_risc2;
-print "DES_UNROLL used\n" if $des_unroll;
-print "DES_INT used\n" if $des_int;
-print "BN_LLONG mode\n" if $bn_ll;
-print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
-print "RC4_INDEX mode\n" if $rc4_idx;
-print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
-print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
-print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
-print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
-print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
-print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
-print "BF_PTR used\n" if $bf_ptr == 1; 
-print "BF_PTR2 used\n" if $bf_ptr == 2; 
-
-if($IsWindows) {
-	open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
-	printf OUT <<EOF;
-#ifndef MK1MF_BUILD
-  /* auto-generated by Configure for crypto/cversion.c:
-   * for Unix builds, crypto/Makefile.ssl generates functional definitions;
-   * Windows builds (and other mk1mf builds) compile cversion.c with
-   * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
-  #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
-#endif
-EOF
-	close(OUT);
-} else {
-	my $make_command = "make -f Makefile.ssl PERL=\'$perl\'";
-	my $make_targets = "";
-	$make_targets .= " links" if $symlink;
-	$make_targets .= " depend" if $depflags ne "" && $make_depend;
-	$make_targets .= " gentests" if $symlink;
-	(system $make_command.$make_targets) == 0 or exit $?
-		if $make_targets ne "";
-	if ( $perl =~ m@^/@) {
-	    &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
-	    &dofile("apps/der_chop",$perl,'^#!/', '#!%s');
-	    &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
-	} else {
-	    # No path for Perl known ...
-	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
-	    &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
-	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
-	}
-	if ($depflags ne "" && !$make_depend) {
-		print <<EOF;
-
-Since you've disabled at least one algorithm, you need to do the following
-before building:
-
-	make depend
-EOF
-	}
-}
-
-print <<EOF;
-
-Configured for $target.
-EOF
-
-print <<\EOF if (!$no_threads && !$threads);
-
-The library could not be configured for supporting multi-threaded
-applications as the compiler options required on this system are not known.
-See file INSTALL for details if you need multi-threading.
-EOF
-
-print <<\EOF if ($no_shared_warn);
-
-You gave the option 'shared'.  Normally, that would give you shared libraries.
-Unfortunately, the OpenSSL configuration doesn't include shared library support
-for this platform yet, so it will pretend you gave the option 'no-shared'.  If
-you can inform the developpers (openssl-dev\@openssl.org) how to support shared
-libraries on this platform, they will at least look at it and try their best
-(but please first make sure you have tried with a current version of OpenSSL).
-EOF
-
-exit(0);
-
-sub usage
-	{
-	print STDERR $usage;
-	print STDERR "\npick os/compiler from:\n";
-	my $j=0;
-	my $i;
-        my $k=0;
-	foreach $i (sort keys %table)
-		{
-		next if $i =~ /^debug/;
-		$k += length($i) + 1;
-		if ($k > 78)
-			{
-			print STDERR "\n";
-			$k=length($i);
-			}
-		print STDERR $i . " ";
-		}
-	foreach $i (sort keys %table)
-		{
-		next if $i !~ /^debug/;
-		$k += length($i) + 1;
-		if ($k > 78)
-			{
-			print STDERR "\n";
-			$k=length($i);
-			}
-		print STDERR $i . " ";
-		}
-	print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
-	exit(1);
-	}
-
-sub which
-	{
-	my($name)=@_;
-	my $path;
-	foreach $path (split /:/, $ENV{PATH})
-		{
-		if (-f "$path/$name" and -x _)
-			{
-			return "$path/$name" unless ($name eq "perl" and
-			 system("$path/$name -e " . '\'exit($]<5.0);\''));
-			}
-		}
-	}
-
-sub dofile
-	{
-	my $f; my $p; my %m; my @a; my $k; my $ff;
-	($f,$p,%m)=@_;
-
-	open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
-	@a=<IN>;
-	close(IN);
-	foreach $k (keys %m)
-		{
-		grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
-		}
-	open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
-	print OUT @a;
-	close(OUT);
-	rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
-	rename("$f.new",$f) || die "unable to rename $f.new\n";
-	}
-
-sub print_table_entry
-	{
-	my $target = shift;
-
-	(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
-	my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
-	my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
-	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
-	my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=
-	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-			
-	print <<EOF
-
-*** $target
-\$cc           = $cc
-\$cflags       = $cflags
-\$unistd       = $unistd
-\$thread_cflag = $thread_cflag
-\$sys_id       = $sys_id
-\$lflags       = $lflags
-\$bn_ops       = $bn_ops
-\$bn_obj       = $bn_obj
-\$des_obj      = $des_obj
-\$bf_obj       = $bf_obj
-\$md5_obj      = $md5_obj
-\$sha1_obj     = $sha1_obj
-\$cast_obj     = $cast_obj
-\$rc4_obj      = $rc4_obj
-\$rmd160_obj   = $rmd160_obj
-\$rc5_obj      = $rc5_obj
-\$dso_scheme   = $dso_scheme
-\$shared_target= $shared_target
-\$shared_cflag = $shared_cflag
-\$shared_ldflag = $shared_ldflag
-\$shared_extension = $shared_extension
-\$ranlib       = $ranlib
-\$arflags      = $arflags
-EOF
-	}
-
-sub test_sanity
-	{
-	my $errorcnt = 0;
-
-	print STDERR "=" x 70, "\n";
-	print STDERR "=== SANITY TESTING!\n";
-	print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
-	print STDERR "=" x 70, "\n";
-
-	foreach $target (sort keys %table)
-		{
-		@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-
-		if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
-			{
-			$errorcnt++;
-			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
-			print STDERR "              in the previous field\n";
-			}
-		elsif ($fields[$idx_dso_scheme+1] =~ /^(dl|dlfcn|win32|vms)$/)
-			{
-			$errorcnt++;
-			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
-			print STDERR "              in the following field\n";
-			}
-		elsif ($fields[$idx_dso_scheme] !~ /^(dl|dlfcn|win32|vms|)$/)
-			{
-			$errorcnt++;
-			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
-			print STDERR "              valid values are 'dl', 'dlfcn', 'win32' and 'vms'\n";
-			}
-		}
-	print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
-	return $errorcnt;
-	}
diff --git a/crypto/openssl/FAQ b/crypto/openssl/FAQ
deleted file mode 100644
index 389d786dab4d..000000000000
--- a/crypto/openssl/FAQ
+++ /dev/null
@@ -1,765 +0,0 @@
-OpenSSL  -  Frequently Asked Questions
---------------------------------------
-
-[MISC] Miscellaneous questions
-
-* Which is the current version of OpenSSL?
-* Where is the documentation?
-* How can I contact the OpenSSL developers?
-* Where can I get a compiled version of OpenSSL?
-* Why aren't tools like 'autoconf' and 'libtool' used?
-* What is an 'engine' version?
-* How do I check the authenticity of the OpenSSL distribution?
-
-[LEGAL] Legal questions
-
-* Do I need patent licenses to use OpenSSL?
-* Can I use OpenSSL with GPL software? 
-
-[USER] Questions on using the OpenSSL applications
-
-* Why do I get a "PRNG not seeded" error message?
-* Why do I get an "unable to write 'random state'" error message?
-* How do I create certificates or certificate requests?
-* Why can't I create certificate requests?
-* Why does <SSL program> fail with a certificate verify error?
-* Why can I only use weak ciphers when I connect to a server using OpenSSL?
-* How can I create DSA certificates?
-* Why can't I make an SSL connection using a DSA certificate?
-* How can I remove the passphrase on a private key?
-* Why can't I use OpenSSL certificates with SSL client authentication?
-* Why does my browser give a warning about a mismatched hostname?
-* How do I install a CA certificate into a browser?
-* Why is OpenSSL x509 DN output not conformant to RFC2253?
-
-[BUILD] Questions about building and testing OpenSSL
-
-* Why does the linker complain about undefined symbols?
-* Why does the OpenSSL test fail with "bc: command not found"?
-* Why does the OpenSSL test fail with "bc: 1 no implemented"?
-* Why does the OpenSSL test fail with "bc: stack empty"?
-* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
-* Why does the OpenSSL compilation fail with "ar: command not found"?
-* Why does the OpenSSL compilation fail on Win32 with VC++?
-* What is special about OpenSSL on Redhat?
-* Why does the OpenSSL compilation fail on MacOS X?
-* Why does the OpenSSL test suite fail on MacOS X?
-* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
-* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
-
-[PROG] Questions about programming with OpenSSL
-
-* Is OpenSSL thread-safe?
-* I've compiled a program under Windows and it crashes: why?
-* How do I read or write a DER encoded buffer using the ASN1 functions?
-* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
-* I've called <some function> and it fails, why?
-* I just get a load of numbers for the error output, what do they mean?
-* Why do I get errors about unknown algorithms?
-* Why can't the OpenSSH configure script detect OpenSSL?
-* Can I use OpenSSL's SSL library with non-blocking I/O?
-* Why doesn't my server application receive a client certificate?
-* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
-
-===============================================================================
-
-[MISC] ========================================================================
-
-* Which is the current version of OpenSSL?
-
-The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7a was released on February 19, 2003.
-
-In addition to the current stable release, you can also access daily
-snapshots of the OpenSSL development version at <URL:
-ftp://ftp.openssl.org/snapshot/>, or get it by anonymous CVS access.
-
-
-* Where is the documentation?
-
-OpenSSL is a library that provides cryptographic functionality to
-applications such as secure web servers.  Be sure to read the
-documentation of the application you want to use.  The INSTALL file
-explains how to install this library.
-
-OpenSSL includes a command line utility that can be used to perform a
-variety of cryptographic functions.  It is described in the openssl(1)
-manpage.  Documentation for developers is currently being written.  A
-few manual pages already are available; overviews over libcrypto and
-libssl are given in the crypto(3) and ssl(3) manpages.
-
-The OpenSSL manpages are installed in /usr/local/ssl/man/ (or a
-different directory if you specified one as described in INSTALL).
-In addition, you can read the most current versions at
-<URL: http://www.openssl.org/docs/>.
-
-For information on parts of libcrypto that are not yet documented, you
-might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
-predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>.  Much
-of this still applies to OpenSSL.
-
-There is some documentation about certificate extensions and PKCS#12
-in doc/openssl.txt
-
-The original SSLeay documentation is included in OpenSSL as
-doc/ssleay.txt.  It may be useful when none of the other resources
-help, but please note that it reflects the obsolete version SSLeay
-0.6.6.
-
-
-* How can I contact the OpenSSL developers?
-
-The README file describes how to submit bug reports and patches to
-OpenSSL.  Information on the OpenSSL mailing lists is available from
-<URL: http://www.openssl.org>.
-
-
-* Where can I get a compiled version of OpenSSL?
-
-Some applications that use OpenSSL are distributed in binary form.
-When using such an application, you don't need to install OpenSSL
-yourself; the application will include the required parts (e.g. DLLs).
-
-If you want to install OpenSSL on a Windows system and you don't have
-a C compiler, read the "Mingw32" section of INSTALL.W32 for information
-on how to obtain and install the free GNU C compiler.
-
-A number of Linux and *BSD distributions include OpenSSL.
-
-
-* Why aren't tools like 'autoconf' and 'libtool' used?
-
-autoconf will probably be used in future OpenSSL versions. If it was
-less Unix-centric, it might have been used much earlier.
-
-* What is an 'engine' version?
-
-With version 0.9.6 OpenSSL was extended to interface to external crypto
-hardware. This was realized in a special release '0.9.6-engine'. With
-version 0.9.7 (not yet released) the changes were merged into the main
-development line, so that the special release is no longer necessary.
-
-* How do I check the authenticity of the OpenSSL distribution?
-
-We provide MD5 digests and ASC signatures of each tarball.
-Use MD5 to check that a tarball from a mirror site is identical:
-
-   md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
-
-You can check authenticity using pgp or gpg. You need the OpenSSL team
-member public key used to sign it (download it from a key server). Then
-just do:
-
-   pgp TARBALL.asc
-
-[LEGAL] =======================================================================
-
-* Do I need patent licenses to use OpenSSL?
-
-The patents section of the README file lists patents that may apply to
-you if you want to use OpenSSL.  For information on intellectual
-property rights, please consult a lawyer.  The OpenSSL team does not
-offer legal advice.
-
-You can configure OpenSSL so as not to use RC5 and IDEA by using
- ./config no-rc5 no-idea
-
-
-* Can I use OpenSSL with GPL software?
-
-On many systems including the major Linux and BSD distributions, yes (the
-GPL does not place restrictions on using libraries that are part of the
-normal operating system distribution).
-
-On other systems, the situation is less clear. Some GPL software copyright
-holders claim that you infringe on their rights if you use OpenSSL with
-their software on operating systems that don't normally include OpenSSL.
-
-If you develop open source software that uses OpenSSL, you may find it
-useful to choose an other license than the GPL, or state explicitly that
-"This program is released under the GPL with the additional exemption that
-compiling, linking, and/or using OpenSSL is allowed."  If you are using
-GPL software developed by others, you may want to ask the copyright holder
-for permission to use their software with OpenSSL.
-
-
-[USER] ========================================================================
-
-* Why do I get a "PRNG not seeded" error message?
-
-Cryptographic software needs a source of unpredictable data to work
-correctly.  Many open source operating systems provide a "randomness
-device" (/dev/urandom or /dev/random) that serves this purpose.
-All OpenSSL versions try to use /dev/urandom by default; starting with
-version 0.9.7, OpenSSL also tries /dev/random if /dev/urandom is not
-available.
-
-On other systems, applications have to call the RAND_add() or
-RAND_seed() function with appropriate data before generating keys or
-performing public key encryption. (These functions initialize the
-pseudo-random number generator, PRNG.)  Some broken applications do
-not do this.  As of version 0.9.5, the OpenSSL functions that need
-randomness report an error if the random number generator has not been
-seeded with at least 128 bits of randomness.  If this error occurs and
-is not discussed in the documentation of the application you are
-using, please contact the author of that application; it is likely
-that it never worked correctly.  OpenSSL 0.9.5 and later make the
-error visible by refusing to perform potentially insecure encryption.
-
-If you are using Solaris 8, you can add /dev/urandom and /dev/random
-devices by installing patch 112438 (Sparc) or 112439 (x86), which are
-available via the Patchfinder at <URL: http://sunsolve.sun.com>
-(Solaris 9 includes these devices by default). For /dev/random support
-for earlier Solaris versions, see Sun's statement at
-<URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski>
-(the SUNWski package is available in patch 105710).
-
-On systems without /dev/urandom and /dev/random, it is a good idea to
-use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for
-details.  Starting with version 0.9.7, OpenSSL will automatically look
-for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and
-/etc/entropy.
-
-Most components of the openssl command line utility automatically try
-to seed the random number generator from a file.  The name of the
-default seeding file is determined as follows: If environment variable
-RANDFILE is set, then it names the seeding file.  Otherwise if
-environment variable HOME is set, then the seeding file is $HOME/.rnd.
-If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will
-use file .rnd in the current directory while OpenSSL 0.9.6a uses no
-default seeding file at all.  OpenSSL 0.9.6b and later will behave
-similarly to 0.9.6a, but will use a default of "C:\" for HOME on
-Windows systems if the environment variable has not been set.
-
-If the default seeding file does not exist or is too short, the "PRNG
-not seeded" error message may occur.
-
-The openssl command line utility will write back a new state to the
-default seeding file (and create this file if necessary) unless
-there was no sufficient seeding.
-
-Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work.
-Use the "-rand" option of the OpenSSL command line tools instead.
-The $RANDFILE environment variable and $HOME/.rnd are only used by the
-OpenSSL command line tools. Applications using the OpenSSL library
-provide their own configuration options to specify the entropy source,
-please check out the documentation coming the with application.
-
-
-* Why do I get an "unable to write 'random state'" error message?
-
-
-Sometimes the openssl command line utility does not abort with
-a "PRNG not seeded" error message, but complains that it is
-"unable to write 'random state'".  This message refers to the
-default seeding file (see previous answer).  A possible reason
-is that no default filename is known because neither RANDFILE
-nor HOME is set.  (Versions up to 0.9.6 used file ".rnd" in the
-current directory in this case, but this has changed with 0.9.6a.)
-
-
-* How do I create certificates or certificate requests?
-
-Check out the CA.pl(1) manual page. This provides a simple wrapper round
-the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
-out the manual pages for the individual utilities and the certificate
-extensions documentation (currently in doc/openssl.txt).
-
-
-* Why can't I create certificate requests?
-
-You typically get the error:
-
-	unable to find 'distinguished_name' in config
-	problems making Certificate Request
-
-This is because it can't find the configuration file. Check out the
-DIAGNOSTICS section of req(1) for more information.
-
-
-* Why does <SSL program> fail with a certificate verify error?
-
-This problem is usually indicated by log messages saying something like
-"unable to get local issuer certificate" or "self signed certificate".
-When a certificate is verified its root CA must be "trusted" by OpenSSL
-this typically means that the CA certificate must be placed in a directory
-or file and the relevant program configured to read it. The OpenSSL program
-'verify' behaves in a similar way and issues similar error messages: check
-the verify(1) program manual page for more information.
-
-
-* Why can I only use weak ciphers when I connect to a server using OpenSSL?
-
-This is almost certainly because you are using an old "export grade" browser
-which only supports weak encryption. Upgrade your browser to support 128 bit
-ciphers.
-
-
-* How can I create DSA certificates?
-
-Check the CA.pl(1) manual page for a DSA certificate example.
-
-
-* Why can't I make an SSL connection to a server using a DSA certificate?
-
-Typically you'll see a message saying there are no shared ciphers when
-the same setup works fine with an RSA certificate. There are two possible
-causes. The client may not support connections to DSA servers most web
-browsers (including Netscape and MSIE) only support connections to servers
-supporting RSA cipher suites. The other cause is that a set of DH parameters
-has not been supplied to the server. DH parameters can be created with the
-dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
-check the source to s_server in apps/s_server.c for an example.
-
-
-* How can I remove the passphrase on a private key?
-
-Firstly you should be really *really* sure you want to do this. Leaving
-a private key unencrypted is a major security risk. If you decide that
-you do have to do this check the EXAMPLES sections of the rsa(1) and
-dsa(1) manual pages.
-
-
-* Why can't I use OpenSSL certificates with SSL client authentication?
-
-What will typically happen is that when a server requests authentication
-it will either not include your certificate or tell you that you have
-no client certificates (Netscape) or present you with an empty list box
-(MSIE). The reason for this is that when a server requests a client
-certificate it includes a list of CAs names which it will accept. Browsers
-will only let you select certificates from the list on the grounds that
-there is little point presenting a certificate which the server will
-reject.
-
-The solution is to add the relevant CA certificate to your servers "trusted
-CA list". How you do this depends on the server software in uses. You can
-print out the servers list of acceptable CAs using the OpenSSL s_client tool:
-
-openssl s_client -connect www.some.host:443 -prexit
-
-If your server only requests certificates on certain URLs then you may need
-to manually issue an HTTP GET command to get the list when s_client connects:
-
-GET /some/page/needing/a/certificate.html
-
-If your CA does not appear in the list then this confirms the problem.
-
-
-* Why does my browser give a warning about a mismatched hostname?
-
-Browsers expect the server's hostname to match the value in the commonName
-(CN) field of the certificate. If it does not then you get a warning.
-
-
-* How do I install a CA certificate into a browser?
-
-The usual way is to send the DER encoded certificate to the browser as
-MIME type application/x-x509-ca-cert, for example by clicking on an appropriate
-link. On MSIE certain extensions such as .der or .cacert may also work, or you
-can import the certificate using the certificate import wizard.
-
-You can convert a certificate to DER form using the command:
-
-openssl x509 -in ca.pem -outform DER -out ca.der
-
-Occasionally someone suggests using a command such as:
-
-openssl pkcs12 -export -out cacert.p12 -in cacert.pem -inkey cakey.pem
-
-DO NOT DO THIS! This command will give away your CAs private key and
-reduces its security to zero: allowing anyone to forge certificates in
-whatever name they choose.
-
-* Why is OpenSSL x509 DN output not conformant to RFC2253?
-
-The ways to print out the oneline format of the DN (Distinguished Name) have
-been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex()
-interface, the "-nameopt" option could be introduded. See the manual
-page of the "openssl x509" commandline tool for details. The old behaviour
-has however been left as default for the sake of compatibility.
-
-[BUILD] =======================================================================
-
-* Why does the linker complain about undefined symbols?
-
-Maybe the compilation was interrupted, and make doesn't notice that
-something is missing.  Run "make clean; make".
-
-If you used ./Configure instead of ./config, make sure that you
-selected the right target.  File formats may differ slightly between
-OS versions (for example sparcv8/sparcv9, or a.out/elf).
-
-In case you get errors about the following symbols, use the config
-option "no-asm", as described in INSTALL:
-
- BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt,
- CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt,
- RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words,
- bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4,
- bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3,
- des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3,
- des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order
-
-If none of these helps, you may want to try using the current snapshot.
-If the problem persists, please submit a bug report.
-
-
-* Why does the OpenSSL test fail with "bc: command not found"?
-
-You didn't install "bc", the Unix calculator.  If you want to run the
-tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
-
-
-* Why does the OpenSSL test fail with "bc: 1 no implemented"?
-
-On some SCO installations or versions, bc has a bug that gets triggered
-when you run the test suite (using "make test").  The message returned is
-"bc: 1 not implemented".
-
-The best way to deal with this is to find another implementation of bc
-and compile/install it.  GNU bc (see http://www.gnu.org/software/software.html
-for download instructions) can be safely used, for example.
-
-
-* Why does the OpenSSL test fail with "bc: stack empty"?
-
-On some DG/ux versions, bc seems to have a too small stack for calculations
-that the OpenSSL bntest throws at it.  This gets triggered when you run the
-test suite (using "make test").  The message returned is "bc: stack empty".
-
-The best way to deal with this is to find another implementation of bc
-and compile/install it.  GNU bc (see http://www.gnu.org/software/software.html
-for download instructions) can be safely used, for example.
-
-
-* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
-
-On some Alpha installations running Tru64 Unix and Compaq C, the compilation
-of crypto/sha/sha_dgst.c fails with the message 'Fatal:  Insufficient virtual
-memory to continue compilation.'  As far as the tests have shown, this may be
-a compiler bug.  What happens is that it eats up a lot of resident memory
-to build something, probably a table.  The problem is clearly in the
-optimization code, because if one eliminates optimization completely (-O0),
-the compilation goes through (and the compiler consumes about 2MB of resident
-memory instead of 240MB or whatever one's limit is currently).
-
-There are three options to solve this problem:
-
-1. set your current data segment size soft limit higher.  Experience shows
-that about 241000 kbytes seems to be enough on an AlphaServer DS10.  You do
-this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
-kbytes to set the limit to.
-
-2. If you have a hard limit that is lower than what you need and you can't
-get it changed, you can compile all of OpenSSL with -O0 as optimization
-level.  This is however not a very nice thing to do for those who expect to
-get the best result from OpenSSL.  A bit more complicated solution is the
-following:
-
------ snip:start -----
-  make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
-       sed -e 's/ -O[0-9] / -O0 /'`"
-  rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
-  make
------ snip:end -----
-
-This will only compile sha_dgst.c with -O0, the rest with the optimization
-level chosen by the configuration process.  When the above is done, do the
-test and installation and you're set.
-
-
-* Why does the OpenSSL compilation fail with "ar: command not found"?
-
-Getting this message is quite usual on Solaris 2, because Sun has hidden
-away 'ar' and other development commands in directories that aren't in
-$PATH by default.  One of those directories is '/usr/ccs/bin'.  The
-quickest way to fix this is to do the following (it assumes you use sh
-or any sh-compatible shell):
-
------ snip:start -----
-  PATH=${PATH}:/usr/ccs/bin; export PATH
------ snip:end -----
-
-and then redo the compilation.  What you should really do is make sure
-'/usr/ccs/bin' is permanently in your $PATH, for example through your
-'.profile' (again, assuming you use a sh-compatible shell).
-
-
-* Why does the OpenSSL compilation fail on Win32 with VC++?
-
-Sometimes, you may get reports from VC++ command line (cl) that it
-can't find standard include files like stdio.h and other weirdnesses.
-One possible cause is that the environment isn't correctly set up.
-To solve that problem for VC++ versions up to 6, one should run
-VCVARS32.BAT which is found in the 'bin' subdirectory of the VC++
-installation directory (somewhere under 'Program Files').  For VC++
-version 7 (and up?), which is also called VS.NET, the file is called
-VSVARS32.BAT instead.
-This needs to be done prior to running NMAKE, and the changes are only
-valid for the current DOS session.
-
-
-* What is special about OpenSSL on Redhat?
-
-Red Hat Linux (release 7.0 and later) include a preinstalled limited
-version of OpenSSL. For patent reasons, support for IDEA, RC5 and MDC2
-is disabled in this version. The same may apply to other Linux distributions.
-Users may therefore wish to install more or all of the features left out.
-
-To do this you MUST ensure that you do not overwrite the openssl that is in
-/usr/bin on your Red Hat machine. Several packages depend on this file,
-including sendmail and ssh. /usr/local/bin is a good alternative choice. The
-libraries that come with Red Hat 7.0 onwards have different names and so are
-not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
-/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
-/lib/libcrypto.so.2 respectively).
-
-Please note that we have been advised by Red Hat attempting to recompile the
-openssl rpm with all the cryptography enabled will not work. All other
-packages depend on the original Red Hat supplied openssl package. It is also
-worth noting that due to the way Red Hat supplies its packages, updates to
-openssl on each distribution never change the package version, only the
-build number. For example, on Red Hat 7.1, the latest openssl package has
-version number 0.9.6 and build number 9 even though it contains all the
-relevant updates in packages up to and including 0.9.6b.
-
-A possible way around this is to persuade Red Hat to produce a non-US
-version of Red Hat Linux.
-
-FYI: Patent numbers and expiry dates of US patents:
-MDC-2: 4,908,861 13/03/2007
-IDEA:  5,214,703 25/05/2010
-RC5:   5,724,428 03/03/2015
-
-
-* Why does the OpenSSL compilation fail on MacOS X?
-
-If the failure happens when trying to build the "openssl" binary, with
-a large number of undefined symbols, it's very probable that you have
-OpenSSL 0.9.6b delivered with the operating system (you can find out by
-running '/usr/bin/openssl version') and that you were trying to build
-OpenSSL 0.9.7 or newer.  The problem is that the loader ('ld') in
-MacOS X has a misfeature that's quite difficult to go around.
-Look in the file PROBLEMS for a more detailed explanation and for possible
-solutions.
-
-
-* Why does the OpenSSL test suite fail on MacOS X?
-
-If the failure happens when running 'make test' and the RC4 test fails,
-it's very probable that you have OpenSSL 0.9.6b delivered with the
-operating system (you can find out by running '/usr/bin/openssl version')
-and that you were trying to build OpenSSL 0.9.6d.  The problem is that
-the loader ('ld') in MacOS X has a misfeature that's quite difficult to
-go around and has linked the programs "openssl" and the test programs
-with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the
-libraries you just built.
-Look in the file PROBLEMS for a more detailed explanation and for possible
-solutions.
-
-* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
-
-Failure in BN_sqr test is most likely caused by a failure to configure the
-toolkit for current platform or lack of support for the platform in question.
-Run './config -t' and './apps/openssl version -p'. Do these platform
-identifiers match? If they don't, then you most likely failed to run
-./config and you're hereby advised to do so before filing a bug report.
-If ./config itself fails to run, then it's most likely problem with your
-local environment and you should turn to your system administrator (or
-similar). If identifiers match (and/or no alternative identifier is
-suggested by ./config script), then the platform is unsupported. There might
-or might not be a workaround. Most notably on SPARC64 platforms with GNU
-C compiler you should be able to produce a working build by running
-'./config -m32'. I understand that -m32 might not be what you want/need,
-but the build should be operational. For further details turn to
-<openssl-dev@openssl.org>.
-
-* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
-
-As of 0.9.7 assembler routines were overhauled for position independence
-of the machine code, which is essential for shared library support. For
-some reason OpenBSD is equipped with an out-of-date GNU assembler which
-finds the new code offensive. To work around the problem, configure with
-no-asm (and sacrifice a great deal of performance) or patch your assembler
-according to <URL: http://www.openssl.org/~appro/gas-1.92.3.OpenBSD.patch>.
-For your convenience a pre-compiled replacement binary is provided at
-<URL: http://www.openssl.org/~appro/gas-1.92.3.static.aout.bin>.
-Reportedly elder *BSD a.out platforms also suffer from this problem and
-remedy should be same. Provided binary is statically linked and should be
-working across wider range of *BSD branches, not just OpenBSD.
-
-[PROG] ========================================================================
-
-* Is OpenSSL thread-safe?
-
-Yes (with limitations: an SSL connection may not concurrently be used
-by multiple threads).  On Windows and many Unix systems, OpenSSL
-automatically uses the multi-threaded versions of the standard
-libraries.  If your platform is not one of these, consult the INSTALL
-file.
-
-Multi-threaded applications must provide two callback functions to
-OpenSSL.  This is described in the threads(3) manpage.
-
-
-* I've compiled a program under Windows and it crashes: why?
-
-This is usually because you've missed the comment in INSTALL.W32.
-Your application must link against the same version of the Win32
-C-Runtime against which your openssl libraries were linked.  The
-default version for OpenSSL is /MD - "Multithreaded DLL".
-
-If you are using Microsoft Visual C++'s IDE (Visual Studio), in
-many cases, your new project most likely defaulted to "Debug
-Singlethreaded" - /ML.  This is NOT interchangeable with /MD and your
-program will crash, typically on the first BIO related read or write
-operation.
-
-For each of the six possible link stage configurations within Win32,
-your application must link  against the same by which OpenSSL was
-built.  If you are using MS Visual C++ (Studio) this can be changed
-by:
-
-1.  Select Settings... from the Project Menu.
-2.  Select the C/C++ Tab.
-3.  Select "Code Generation from the "Category" drop down list box
-4.  Select the Appropriate library (see table below) from the "Use
-    run-time library" drop down list box.  Perform this step for both
-    your debug and release versions of your application (look at the
-    top left of the settings panel to change between the two)
-
-    Single Threaded           /ML        -  MS VC++ often defaults to
-                                            this for the release
-                                            version of a new project.
-    Debug Single Threaded     /MLd       -  MS VC++ often defaults to
-                                            this for the debug version
-                                            of a new project.
-    Multithreaded             /MT
-    Debug Multithreaded       /MTd
-    Multithreaded DLL         /MD        -  OpenSSL defaults to this.
-    Debug Multithreaded DLL   /MDd
-
-Note that debug and release libraries are NOT interchangeable.  If you
-built OpenSSL with /MD your application must use /MD and cannot use /MDd.
-
-
-* How do I read or write a DER encoded buffer using the ASN1 functions?
-
-You have two options. You can either use a memory BIO in conjunction
-with the i2d_XXX_bio() or d2i_XXX_bio() functions or you can use the
-i2d_XXX(), d2i_XXX() functions directly. Since these are often the
-cause of grief here are some code fragments using PKCS7 as an example:
-
-unsigned char *buf, *p;
-int len;
-
-len = i2d_PKCS7(p7, NULL);
-buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
-p = buf;
-i2d_PKCS7(p7, &p);
-
-At this point buf contains the len bytes of the DER encoding of
-p7.
-
-The opposite assumes we already have len bytes in buf:
-
-unsigned char *p;
-p = buf;
-p7 = d2i_PKCS7(NULL, &p, len);
-
-At this point p7 contains a valid PKCS7 structure of NULL if an error
-occurred. If an error occurred ERR_print_errors(bio) should give more
-information.
-
-The reason for the temporary variable 'p' is that the ASN1 functions
-increment the passed pointer so it is ready to read or write the next
-structure. This is often a cause of problems: without the temporary
-variable the buffer pointer is changed to point just after the data
-that has been read or written. This may well be uninitialized data
-and attempts to free the buffer will have unpredictable results
-because it no longer points to the same address.
-
-
-* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
-
-This usually happens when you try compiling something using the PKCS#12
-macros with a C++ compiler. There is hardly ever any need to use the
-PKCS#12 macros in a program, it is much easier to parse and create
-PKCS#12 files using the PKCS12_parse() and PKCS12_create() functions
-documented in doc/openssl.txt and with examples in demos/pkcs12. The
-'pkcs12' application has to use the macros because it prints out 
-debugging information.
-
-
-* I've called <some function> and it fails, why?
-
-Before submitting a report or asking in one of the mailing lists, you
-should try to determine the cause. In particular, you should call
-ERR_print_errors() or ERR_print_errors_fp() after the failed call
-and see if the message helps. Note that the problem may occur earlier
-than you think -- you should check for errors after every call where
-it is possible, otherwise the actual problem may be hidden because
-some OpenSSL functions clear the error state.
-
-
-* I just get a load of numbers for the error output, what do they mean?
-
-The actual format is described in the ERR_print_errors() manual page.
-You should call the function ERR_load_crypto_strings() before hand and
-the message will be output in text form. If you can't do this (for example
-it is a pre-compiled binary) you can use the errstr utility on the error
-code itself (the hex digits after the second colon).
-
-
-* Why do I get errors about unknown algorithms?
-
-This can happen under several circumstances such as reading in an
-encrypted private key or attempting to decrypt a PKCS#12 file. The cause
-is forgetting to load OpenSSL's table of algorithms with
-OpenSSL_add_all_algorithms(). See the manual page for more information.
-
-
-* Why can't the OpenSSH configure script detect OpenSSL?
-
-Several reasons for problems with the automatic detection exist.
-OpenSSH requires at least version 0.9.5a of the OpenSSL libraries.
-Sometimes the distribution has installed an older version in the system
-locations that is detected instead of a new one installed. The OpenSSL
-library might have been compiled for another CPU or another mode (32/64 bits).
-Permissions might be wrong.
-
-The general answer is to check the config.log file generated when running
-the OpenSSH configure script. It should contain the detailed information
-on why the OpenSSL library was not detected or considered incompatible.
-
-* Can I use OpenSSL's SSL library with non-blocking I/O?
-
-Yes; make sure to read the SSL_get_error(3) manual page!
-
-A pitfall to avoid: Don't assume that SSL_read() will just read from
-the underlying transport or that SSL_write() will just write to it --
-it is also possible that SSL_write() cannot do any useful work until
-there is data to read, or that SSL_read() cannot do anything until it
-is possible to send data.  One reason for this is that the peer may
-request a new TLS/SSL handshake at any time during the protocol,
-requiring a bi-directional message exchange; both SSL_read() and
-SSL_write() will try to continue any pending handshake.
-
-
-* Why doesn't my server application receive a client certificate?
-
-Due to the TLS protocol definition, a client will only send a certificate,
-if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
-SSL_CTX_set_verify() function to enable the use of client certificates.
-
-
-* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
-
-For OpenSSL 0.9.7 the OID table was extended and corrected. In earlier
-versions, uniqueIdentifier was incorrectly used for X.509 certificates.
-The correct name according to RFC2256 (LDAP) is x500UniqueIdentifier.
-Change your code to use the new name when compiling against OpenSSL 0.9.7.
-
-
-===============================================================================
-
diff --git a/crypto/openssl/FREEBSD-Xlist b/crypto/openssl/FREEBSD-Xlist
deleted file mode 100644
index 180281aecfb2..000000000000
--- a/crypto/openssl/FREEBSD-Xlist
+++ /dev/null
@@ -1,29 +0,0 @@
-INSTALL.MacOS
-INSTALL.VMS
-INSTALL.W32
-MacOS/
-VMS/
-*.com
-*/*.bat
-*/*.com
-*/*/*.bat
-*/*/*.com
-apps/openssl-vms.cnf
-crypto/bn/asm/pa-risc2.s.old
-crypto/bn/asm/vms.mar
-crypto/bn/vms-helper.c
-crypto/dso/dso_vms.c
-crypto/dso/dso_win32.c
-crypto/threads/solaris.sh
-ms/
-rsaref/
-shlib/Makefile.hpux10-cc
-shlib/hpux10-cc.sh
-shlib/irix.sh
-shlib/solaris-sc4.sh
-shlib/solaris.sh
-shlib/sun.sh
-shlib/svr5-shared-gcc.sh
-shlib/svr5-shared-installed
-shlib/svr5-shared.sh
-util/cygwin.sh
diff --git a/crypto/openssl/INSTALL b/crypto/openssl/INSTALL
deleted file mode 100644
index 1c3f3c3fe922..000000000000
--- a/crypto/openssl/INSTALL
+++ /dev/null
@@ -1,332 +0,0 @@
-
- INSTALLATION ON THE UNIX PLATFORM
- ---------------------------------
-
- [Installation on DOS (with djgpp), Windows, OpenVMS and MacOS (before MacOS X)
-  is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.
-  This document describes installation on operating systems in the Unix
-  family.]
-
- To install OpenSSL, you will need:
-
-  * make
-  * Perl 5
-  * an ANSI C compiler
-  * a development environment in form of development libraries and C
-    header files
-  * a supported Unix operating system
-
- Quick Start
- -----------
-
- If you want to just get on with it, do:
-
-  $ ./config
-  $ make
-  $ make test
-  $ make install
-
- [If any of these steps fails, see section Installation in Detail below.]
-
- This will build and install OpenSSL in the default location, which is (for
- historical reasons) /usr/local/ssl. If you want to install it anywhere else,
- run config like this:
-
-  $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
-
-
- Configuration Options
- ---------------------
-
- There are several options to ./config (or ./Configure) to customize
- the build:
-
-  --prefix=DIR  Install in DIR/bin, DIR/lib, DIR/include/openssl.
-	        Configuration files used by OpenSSL will be in DIR/ssl
-                or the directory specified by --openssldir.
-
-  --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
-                the library files and binaries are also installed there.
-
-  no-threads    Don't try to build with support for multi-threaded
-                applications.
-
-  threads       Build with support for multi-threaded applications.
-                This will usually require additional system-dependent options!
-                See "Note on multi-threading" below.
-
-  no-zlib       Don't try to build with support for zlib compression and
-                decompression.
-
-  zlib          Build with support for zlib compression/decompression.
-
-  zlib-dynamic  Like "zlib", but has OpenSSL load the zlib library dynamically
-                when needed.  This is only supported on systems where loading
-                of shared libraries is supported.  This is the default choice.
-
-  no-shared     Don't try to create shared libraries.
-
-  shared        In addition to the usual static libraries, create shared
-                libraries on platforms where it's supported.  See "Note on
-                shared libraries" below.
-
-  no-asm        Do not use assembler code.
-
-  386           Use the 80386 instruction set only (the default x86 code is
-                more efficient, but requires at least a 486).
-
-  no-<cipher>   Build without the specified cipher (bf, cast, des, dh, dsa,
-                hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
-                The crypto/<cipher> directory can be removed after running
-                "make depend".
-
-  -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will
-                be passed through to the compiler to allow you to
-                define preprocessor symbols, specify additional libraries,
-                library directories or other compiler options.
-
-
- Installation in Detail
- ----------------------
-
- 1a. Configure OpenSSL for your operation system automatically:
-
-       $ ./config [options]
-
-     This guesses at your operating system (and compiler, if necessary) and
-     configures OpenSSL based on this guess. Run ./config -t to see
-     if it guessed correctly. If you want to use a different compiler, you
-     are cross-compiling for another platform, or the ./config guess was
-     wrong for other reasons, go to step 1b. Otherwise go to step 2.
-
-     On some systems, you can include debugging information as follows:
-
-       $ ./config -d [options]
-
- 1b. Configure OpenSSL for your operating system manually
-
-     OpenSSL knows about a range of different operating system, hardware and
-     compiler combinations. To see the ones it knows about, run
-
-       $ ./Configure
-
-     Pick a suitable name from the list that matches your system. For most
-     operating systems there is a choice between using "cc" or "gcc".  When
-     you have identified your system (and if necessary compiler) use this name
-     as the argument to ./Configure. For example, a "linux-elf" user would
-     run:
-
-       $ ./Configure linux-elf [options]
-
-     If your system is not available, you will have to edit the Configure
-     program and add the correct configuration for your system. The
-     generic configurations "cc" or "gcc" should usually work on 32 bit
-     systems.
-
-     Configure creates the file Makefile.ssl from Makefile.org and
-     defines various macros in crypto/opensslconf.h (generated from
-     crypto/opensslconf.h.in).
-
-  2. Build OpenSSL by running:
-
-       $ make
-
-     This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
-     OpenSSL binary ("openssl"). The libraries will be built in the top-level
-     directory, and the binary will be in the "apps" directory.
-
-     If "make" fails, look at the output.  There may be reasons for
-     the failure that aren't problems in OpenSSL itself (like missing
-     standard headers).  If it is a problem with OpenSSL itself, please
-     report the problem to <openssl-bugs@openssl.org> (note that your
-     message will be recorded in the request tracker publicly readable
-     via http://www.openssl.org/support/rt2.html and will be forwarded to a
-     public mailing list). Include the output of "make report" in your message.
-     Please check out the request tracker. Maybe the bug was already
-     reported or has already been fixed.
-
-     [If you encounter assembler error messages, try the "no-asm"
-     configuration option as an immediate fix.]
-
-     Compiling parts of OpenSSL with gcc and others with the system
-     compiler will result in unresolved symbols on some systems.
-
-  3. After a successful build, the libraries should be tested. Run:
-
-       $ make test
-
-     If a test fails, look at the output.  There may be reasons for
-     the failure that isn't a problem in OpenSSL itself (like a missing
-     or malfunctioning bc).  If it is a problem with OpenSSL itself,
-     try removing any compiler optimization flags from the CFLAG line
-     in Makefile.ssl and run "make clean; make". Please send a bug
-     report to <openssl-bugs@openssl.org>, including the output of
-     "make report" in order to be added to the request tracker at
-     http://www.openssl.org/support/rt2.html.
-
-  4. If everything tests ok, install OpenSSL with
-
-       $ make install
-
-     This will create the installation directory (if it does not exist) and
-     then the following subdirectories:
-
-       certs           Initially empty, this is the default location
-                       for certificate files.
-       man/man1        Manual pages for the 'openssl' command line tool
-       man/man3        Manual pages for the libraries (very incomplete)
-       misc            Various scripts.
-       private         Initially empty, this is the default location
-                       for private key files.
-
-     If you didn't choose a different installation prefix, the
-     following additional subdirectories will be created:
-
-       bin             Contains the openssl binary and a few other 
-                       utility programs. 
-       include/openssl Contains the header files needed if you want to
-                       compile programs with libcrypto or libssl.
-       lib             Contains the OpenSSL library files themselves.
-
-     Package builders who want to configure the library for standard
-     locations, but have the package installed somewhere else so that
-     it can easily be packaged, can use
-
-       $ make INSTALL_PREFIX=/tmp/package-root install
-
-     (or specify "--install_prefix=/tmp/package-root" as a configure
-     option).  The specified prefix will be prepended to all
-     installation target filenames.
-
-
-  NOTE: The header files used to reside directly in the include
-  directory, but have now been moved to include/openssl so that
-  OpenSSL can co-exist with other libraries which use some of the
-  same filenames.  This means that applications that use OpenSSL
-  should now use C preprocessor directives of the form
-
-       #include <openssl/ssl.h>
-
-  instead of "#include <ssl.h>", which was used with library versions
-  up to OpenSSL 0.9.2b.
-
-  If you install a new version of OpenSSL over an old library version,
-  you should delete the old header files in the include directory.
-
-  Compatibility issues:
-
-  *  COMPILING existing applications
-
-     To compile an application that uses old filenames -- e.g.
-     "#include <ssl.h>" --, it will usually be enough to find
-     the CFLAGS definition in the application's Makefile and
-     add a C option such as
-
-          -I/usr/local/ssl/include/openssl
-
-     to it.
-
-     But don't delete the existing -I option that points to
-     the ..../include directory!  Otherwise, OpenSSL header files
-     could not #include each other.
-
-  *  WRITING applications
-
-     To write an application that is able to handle both the new
-     and the old directory layout, so that it can still be compiled
-     with library versions up to OpenSSL 0.9.2b without bothering
-     the user, you can proceed as follows:
-
-     -  Always use the new filename of OpenSSL header files,
-        e.g. #include <openssl/ssl.h>.
-
-     -  Create a directory "incl" that contains only a symbolic
-        link named "openssl", which points to the "include" directory
-        of OpenSSL.
-        For example, your application's Makefile might contain the
-        following rule, if OPENSSLDIR is a pathname (absolute or
-        relative) of the directory where OpenSSL resides:
-
-        incl/openssl:
-        	-mkdir incl
-        	cd $(OPENSSLDIR) # Check whether the directory really exists
-        	-ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
-
-        You will have to add "incl/openssl" to the dependencies
-        of those C files that include some OpenSSL header file.
-
-     -  Add "-Iincl" to your CFLAGS.
-
-     With these additions, the OpenSSL header files will be available
-     under both name variants if an old library version is used:
-     Your application can reach them under names like <openssl/foo.h>,
-     while the header files still are able to #include each other
-     with names of the form <foo.h>.
-
-
- Note on multi-threading
- -----------------------
-
- For some systems, the OpenSSL Configure script knows what compiler options
- are needed to generate a library that is suitable for multi-threaded
- applications.  On these systems, support for multi-threading is enabled
- by default; use the "no-threads" option to disable (this should never be
- necessary).
-
- On other systems, to enable support for multi-threading, you will have
- to specify at least two options: "threads", and a system-dependent option.
- (The latter is "-D_REENTRANT" on various systems.)  The default in this
- case, obviously, is not to include support for multi-threading (but
- you can still use "no-threads" to suppress an annoying warning message
- from the Configure script.)
-
-
- Note on shared libraries
- ------------------------
-
- Shared library is currently an experimental feature.  The only reason to
- have them would be to conserve memory on systems where several program
- are using OpenSSL.  Binary backward compatibility can't be guaranteed
- before OpenSSL version 1.0.
-
- For some systems, the OpenSSL Configure script knows what is needed to
- build shared libraries for libcrypto and libssl.  On these systems,
- the shared libraries are currently not created by default, but giving
- the option "shared" will get them created.  This method supports Makefile
- targets for shared library creation, like linux-shared.  Those targets
- can currently be used on their own just as well, but this is expected
- to change in future versions of OpenSSL.
-
- Note on random number generation
- --------------------------------
-
- Availability of cryptographically secure random numbers is required for
- secret key generation. OpenSSL provides several options to seed the
- internal PRNG. If not properly seeded, the internal PRNG will refuse
- to deliver random bytes and a "PRNG not seeded error" will occur.
- On systems without /dev/urandom (or similar) device, it may be necessary
- to install additional support software to obtain random seed.
- Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
- and the FAQ for more information.
-
- Note on support for multiple builds
- -----------------------------------
-
- OpenSSL is usually built in it's source tree.  Unfortunately, this doesn't
- support building for multiple platforms from the same source tree very well.
- It is however possible to build in a separate tree through the use of lots
- of symbolic links, which should be prepared like this:
-
-	mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
-	cd objtree/"`uname -s`-`uname -r`-`uname -m`"
-	(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
-		mkdir -p `dirname $F`
-		rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
-		echo $F '->' $OPENSSL_SOURCE/$F
-	done
-	make -f Makefile.org clean
-
- OPENSSL_SOURCE is an environment variable that contains the absolute (this
- is important!) path to the OpenSSL source tree.
-
- Also, operations like 'make update' should still be made in the source tree.
diff --git a/crypto/openssl/LICENSE b/crypto/openssl/LICENSE
deleted file mode 100644
index 7b93e0dbcea5..000000000000
--- a/crypto/openssl/LICENSE
+++ /dev/null
@@ -1,127 +0,0 @@
-
-  LICENSE ISSUES
-  ==============
-
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-  the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts. Actually both licenses are BSD-style
-  Open Source licenses. In case of any license issues related to OpenSSL
-  please contact openssl-core@openssl.org.
-
-  OpenSSL License
-  ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
diff --git a/crypto/openssl/Makefile.org b/crypto/openssl/Makefile.org
deleted file mode 100644
index 860901908395..000000000000
--- a/crypto/openssl/Makefile.org
+++ /dev/null
@@ -1,870 +0,0 @@
-##
-## Makefile for OpenSSL
-##
-
-VERSION=
-MAJOR=
-MINOR=
-SHLIB_VERSION_NUMBER=
-SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=
-SHLIB_MINOR=
-SHLIB_EXT=
-PLATFORM=dist
-OPTIONS=
-CONFIGURE_ARGS=
-SHLIB_TARGET=
-
-# HERE indicates where this Makefile lives.  This can be used to indicate
-# where sub-Makefiles are expected to be.  Currently has very limited usage,
-# and should probably not be bothered with at all.
-HERE=.
-
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4  - Define to build without the RC4 algorithm
-# NO_RC2  - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#           one.  32 bytes will be read from this when the random
-#           number generator is initalised.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-#           NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#       call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= gcc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-DEPFLAG= 
-PEX_LIBS= 
-EX_LIBS= 
-EXE_EXT= 
-ARFLAGS=
-AR=ar $(ARFLAGS) r
-RANLIB= ranlib
-PERL= perl
-TAR= tar
-TARFLAGS= --no-recursion
-MAKEDEPPROG=makedepend
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAGS=$(CFLAG)
-
-# Set BN_ASM to bn_asm.o if you want to use the C version
-BN_ASM= bn_asm.o
-#BN_ASM= bn_asm.o
-#BN_ASM= asm/bn86-elf.o	# elf, linux-elf
-#BN_ASM= asm/bn86-sol.o # solaris
-#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
-#BN_ASM= asm/bn86bsdi.o # bsdi
-#BN_ASM= asm/alpha.o    # DEC Alpha
-#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_ASM= asm/r3000.o    # SGI MIPS cpu
-#BN_ASM= asm/sparc.o    # Sun solaris/SunOS
-#BN_ASM= asm/bn-win32.o # Windows 95/NT
-#BN_ASM= asm/x86w16.o   # 16 bit code for Windows 3.1/DOS
-#BN_ASM= asm/x86w32.o   # 32 bit code for Windows 3.1
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# Set DES_ENC to des_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-DES_ENC= asm/dx86-out.o asm/yx86-out.o
-#DES_ENC= des_enc.o fcrypt_b.o          # C
-#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
-#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
-
-# Set BF_ENC to bf_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-BF_ENC= asm/bx86-out.o
-#BF_ENC= bf_enc.o
-#BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o # solaris
-#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o # bsdi
-
-# Set CAST_ENC to c_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-CAST_ENC= asm/cx86-out.o
-#CAST_ENC= c_enc.o
-#CAST_ENC= asm/cx86-elf.o # elf
-#CAST_ENC= asm/cx86-sol.o # solaris
-#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
-#CAST_ENC= asm/cx86bsdi.o # bsdi
-
-# Set RC4_ENC to rc4_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC4_ENC= asm/rx86-out.o
-#RC4_ENC= rc4_enc.o
-#RC4_ENC= asm/rx86-elf.o # elf
-#RC4_ENC= asm/rx86-sol.o # solaris
-#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
-#RC4_ENC= asm/rx86bsdi.o # bsdi
-
-# Set RC5_ENC to rc5_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC5_ENC= asm/r586-out.o
-#RC5_ENC= rc5_enc.o
-#RC5_ENC= asm/r586-elf.o # elf
-#RC5_ENC= asm/r586-sol.o # solaris
-#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
-#RC5_ENC= asm/r586bsdi.o # bsdi
-
-# Also need MD5_ASM defined
-MD5_ASM_OBJ= asm/mx86-out.o
-#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
-#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
-#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
-#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
-
-# Also need SHA1_ASM defined
-SHA1_ASM_OBJ= asm/sx86-out.o
-#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
-#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
-#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
-#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
-
-# Also need RMD160_ASM defined
-RMD160_ASM_OBJ= asm/rm86-out.o
-#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
-#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
-#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
-#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
-
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-# When we're prepared to use shared libraries in the programs we link here
-# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
-SHLIB_MARK=
-
-DIRS=   crypto ssl $(SHLIB_MARK) apps test tools
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS=  \
-	md2 md4 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa dh dso engine aes \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
-
-# tests to perform.  "alltests" is a special word indicating that all tests
-# should be performed.
-TESTS = alltests
-
-MAKEFILE= Makefile.ssl
-MAKE=     make -f Makefile.ssl
-
-MANDIR=$(OPENSSLDIR)/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-
-TOP=    .
-ONEDIRS=out tmp
-EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS=  windows
-LIBS=   libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
-SHARED_LDFLAGS=
-
-GENERAL=        Makefile
-BASENAME=       openssl
-NAME=           $(BASENAME)-$(VERSION)
-TARFILE=        $(NAME).tar
-WTARFILE=       $(NAME)-win.tar
-EXHEADER=       e_os2.h
-HEADER=         e_os.h
-
-# When we're prepared to use shared libraries in the programs we link here
-# we might remove 'clean-shared' from the targets to perform at this stage
-
-all: Makefile.ssl sub_all openssl.pc
-
-sub_all:
-	@for i in $(DIRS); \
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making all in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAGS='${ASFLAGS}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
-	else \
-		$(MAKE) $$i; \
-	fi; \
-	done;
-
-libcrypto$(SHLIB_EXT): libcrypto.a
-	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=crypto build-shared; \
-	else \
-		echo "There's no support for shared libraries on this platform" >&2; \
-	fi
-
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
-	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
-	else \
-		echo "There's no support for shared libraries on this platform" >&2; \
-	fi
-
-clean-shared:
-	@for i in $(SHLIBDIRS); do \
-		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-			for j in $${tmp:-x}; do \
-				( set -x; rm -f lib$$i$$j ); \
-			done; \
-		fi; \
-		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then \
-			( set -x; rm -f cyg$$i-$(SHLIB_VERSION_NUMBER)$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
-		fi; \
-	done
-
-link-shared:
-	@if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-		tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-		for i in $(SHLIBDIRS); do \
-			prev=lib$$i$(SHLIB_EXT); \
-			for j in $${tmp:-x}; do \
-				( set -x; \
-				rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
-				prev=lib$$i$$j; \
-			done; \
-		done; \
-	fi
-
-build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
-
-do_bsd-gcc-shared: do_gnu-shared
-do_linux-shared: do_gnu-shared
-do_gnu-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC} ${SHARED_LDFLAGS} \
-		-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Wl,-Bsymbolic \
-		-Wl,--whole-archive lib$$i.a \
-		-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
-
-# For Darwin AKA Mac OS/X (dyld)
-do_darwin-shared: 
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
-		lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
-		-install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
-	libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \
-	echo "" ; \
-	done
-
-do_cygwin-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC}  -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \
-		-Wl,-Bsymbolic \
-		-Wl,--whole-archive lib$$i.a \
-		-Wl,--out-implib,lib$$i.dll.a \
-		-Wl,--no-whole-archive $$libs ) || exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-# This assumes that GNU utilities are *not* used
-do_alpha-osf1-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -o lib$$i.so \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# The difference between alpha-osf1-shared and tru64-shared is the `-msym'
-# option passed to the linker.
-do_tru64-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -msym -o lib$$i.so \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# The difference between tru64-shared and tru64-shared-rpath is the
-# -rpath ${INSTALLTOP}/lib passed to the linker.
-do_tru64-shared-rpath:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -msym -o lib$$i.so \
-			-rpath  ${INSTALLTOP}/lib \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-
-# This assumes that GNU utilities are *not* used
-do_solaris-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  MINUSZ='-z '; \
-		  (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
-		  set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \
-			-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
-			$$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# OpenServer 5 native compilers used
-do_svr3-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  find . -name "*.o" -print > allobjs ; \
-		  OBJS= ; export OBJS ; \
-		  for obj in `ar t lib$$i.a` ; do \
-		    OBJS="$${OBJS} `grep $$obj allobjs`" ; \
-		  done ; \
-		  set -x; ${CC}  -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# UnixWare 7 and OpenUNIX 8 native compilers used
-do_svr5-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  find . -name "*.o" -print > allobjs ; \
-		  OBJS= ; export OBJS ; \
-		  for obj in `ar t lib$$i.a` ; do \
-		    OBJS="$${OBJS} `grep $$obj allobjs`" ; \
-		  done ; \
-		  set -x; ${CC} ${SHARED_LDFLAGS} \
-			-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-do_irix-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# HP-UX includes the full pathname of libs we depend on, so we would get
-# ./libcrypto (with ./ as path information) compiled into libssl, hence
-# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
-# anyway.
-# The object modules are loaded from lib$i.a using the undocumented -Fl
-# option.
-#
-# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH
-#          by temporarily specifying "+s"!
-#
-do_hpux-shared:
-	for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
- 		+vnocompatwarnings \
-		-b -z +s \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Fl lib$$i.a -ldld -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
-	done
-
-# This assumes that GNU utilities are *not* used
-# HP-UX includes the full pathname of libs we depend on, so we would get
-# ./libcrypto (with ./ as path information) compiled into libssl, hence
-# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
-# anyway.
-#
-# HP-UX in 64bit mode has "+s" enabled by default; it will search for
-# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH.
-#
-do_hpux64-shared:
-	for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
- 		-b -z \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+forceload lib$$i.a -ldl -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
-	done
-
-# The following method is said to work on all platforms.  Tests will
-# determine if that's how it's gong to be used.
-# This assumes that for all but GNU systems, GNU utilities are *not* used.
-# ALLSYMSFLAGS would be:
-#  GNU systems: --whole-archive
-#  Tru64 Unix:  -all
-#  Solaris:     -z allextract
-#  Irix:        -all
-#  HP/UX-32bit: -Fl
-#  HP/UX-64bit: +forceload
-#  AIX:		-bnogc
-# SHAREDFLAGS would be:
-#  GNU systems: -shared -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  Tru64 Unix:  -shared \
-#		-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}"
-#  Solaris:     -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  Irix:        -shared -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  HP/UX-32bit: +vnocompatwarnings -b -z +s \
-#		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  HP/UX-64bit: -b -z +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  AIX:		-G -bE:lib$$i.exp -bM:SRE
-# SHAREDCMD would be:
-#  GNU systems: $(CC)
-#  Tru64 Unix:  $(CC)
-#  Solaris:     $(CC)
-#  Irix:        $(CC)
-#  HP/UX-32bit: /usr/ccs/bin/ld
-#  HP/UX-64bit: /usr/ccs/bin/ld
-#  AIX:		$(CC)
-ALLSYMSFLAG=-bnogc
-SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE
-SHAREDCMD=$(CC)
-do_aix-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; \
-	  ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
-	  ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
-	    $(SHAREDCMD) $(SHAREDFLAGS) \
-		-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
-		$$libs ${EX_LIBS} ) ) \
-	|| exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-do_reliantunix-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \
-	( set -x; \
-	  ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
-	    cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \
-	    ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
-	  ) || exit 1; \
-	  cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
-	) || exit 1; \
-	rm -rf $$tmpdir ; \
-	libs="-l$$i $$libs"; \
-	done
-
-openssl.pc: Makefile.ssl
-	@ ( echo 'prefix=$(INSTALLTOP)'; \
-	    echo 'exec_prefix=$${prefix}'; \
-	    echo 'libdir=$${exec_prefix}/lib'; \
-	    echo 'includedir=$${prefix}/include'; \
-	    echo ''; \
-	    echo 'Name: OpenSSL'; \
-	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
-	    echo 'Version: '$(VERSION); \
-	    echo 'Requires: '; \
-	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \
-	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-
-Makefile.ssl: Makefile.org
-	@echo "Makefile.ssl is older than Makefile.org."
-	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
-	@false
-
-libclean:
-	rm -f *.a */lib */*/lib
-
-clean:
-	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making clean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
-		rm -f $(LIBS); \
-	fi; \
-	done;
-	rm -f openssl.pc
-	rm -f *.a *.o speed.* *.map *.so .pure core
-	rm -f $(TARFILE)
-	@for i in $(ONEDIRS) ;\
-	do \
-	rm -fr $$i/*; \
-	done
-
-makefile.one: files
-	$(PERL) util/mk1mf.pl >makefile.one; \
-	sh util/do_ms.sh
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making 'files' in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
-	fi; \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
-	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
-	@for i in $(DIRS); do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making links in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \
-	fi; \
-	done;
-
-gentests:
-	@(cd test && echo "generating dummy tests (if needed)..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
-
-dclean:
-	rm -f *.bak
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dclean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
-	fi; \
-	done;
-
-rehash: rehash.time
-rehash.time: certs
-	@(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
-		export OPENSSL OPENSSL_DEBUG_MEMORY; \
-		LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-		$(PERL) tools/c_rehash certs)
-	touch rehash.time
-
-test:   tests
-
-tests: rehash
-	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
-	@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-		apps/openssl version -a
-
-report:
-	@$(PERL) util/selftest.pl
-
-depend:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dependencies $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \
-	fi; \
-	done;
-
-lint:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making lint $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
-	fi; \
-	done;
-
-tags:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making tags $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
-	fi; \
-	done;
-
-errors:
-	$(PERL) util/mkerr.pl -recurse -write
-	(cd crypto/engine; $(MAKE) PERL=$(PERL) errors)
-
-stacks:
-	$(PERL) util/mkstack.pl -write
-
-util/libeay.num::
-	$(PERL) util/mkdef.pl crypto update
-
-util/ssleay.num::
-	$(PERL) util/mkdef.pl ssl update
-
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
-	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
-	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-
-TABLE: Configure
-	(echo 'Output of `Configure TABLE'"':"; \
-	$(PERL) Configure TABLE) > TABLE
-
-update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
-
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
-tar:
-	find . -type d -print | xargs chmod 755
-	find . -type f -print | xargs chmod a+r
-	find . -type f -perm -0100 -print | xargs chmod a+x
-	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
-	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
-	gzip --best >../$(TARFILE).gz; \
-	rm -f ../$(TARFILE).list; \
-	ls -l ../$(TARFILE).gz
-
-tar-snap:
-	@$(TAR) $(TARFLAGS) -cvf - \
-		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
-	ls -l ../$(TARFILE)
-
-dist:   
-	$(PERL) Configure dist
-	@$(MAKE) dist_pem_h
-	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
-
-dist_pem_h:
-	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
-
-install: all install_docs
-	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/private \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/lib
-	@for i in $(EXHEADER) ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i; echo "installing $$i..."; \
-		$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \
-	fi; \
-	done
-	@for i in $(LIBS) ;\
-	do \
-		if [ -f "$$i" ]; then \
-		(       echo installing $$i; \
-			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
-		fi; \
-	done;
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-		tmp="$(SHARED_LIBS)"; \
-		for i in $${tmp:-x}; \
-		do \
-			if [ -f "$$i" -o -f "$$i.a" ]; then \
-			(       echo installing $$i; \
-				if [ "$(PLATFORM)" != "Cygwin" ]; then \
-					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
-				else \
-					c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
-					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
-					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
-					cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
-				fi ); \
-			fi; \
-		done; \
-		(	here="`pwd`"; \
-			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-			set $(MAKE); \
-			$$1 -f $$here/Makefile link-shared ); \
-		if [ "$(INSTALLTOP)" != "/usr" ]; then \
-			echo 'OpenSSL shared libraries have been installed in:'; \
-			echo '  $(INSTALLTOP)'; \
-			echo ''; \
-			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
-		fi; \
-	fi
-	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
-
-install_docs:
-	@$(PERL) $(TOP)/util/mkdir-p.pl \
-		$(INSTALL_PREFIX)$(MANDIR)/man1 \
-		$(INSTALL_PREFIX)$(MANDIR)/man3 \
-		$(INSTALL_PREFIX)$(MANDIR)/man5 \
-		$(INSTALL_PREFIX)$(MANDIR)/man7
-	@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
-	here="`pwd`"; \
-	filecase=; \
-	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" ]; then \
-		filecase=-i; \
-	fi; \
-	for i in doc/apps/*.pod; do \
-		fn=`basename $$i .pod`; \
-		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
-		echo "installing man$$sec/$$fn.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
-		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
-			 while read n; do \
-				$$here/util/point.sh $$fn.$$sec $$n.$$sec; \
-			 done); \
-	done; \
-	for i in doc/crypto/*.pod doc/ssl/*.pod; do \
-		fn=`basename $$i .pod`; \
-		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
-		echo "installing man$$sec/$$fn.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
-		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
-			 while read n; do \
-				$$here/util/point.sh $$fn.$$sec $$n.$$sec; \
-			 done); \
-	done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/Makefile.ssl b/crypto/openssl/Makefile.ssl
deleted file mode 100644
index 04de989fabd2..000000000000
--- a/crypto/openssl/Makefile.ssl
+++ /dev/null
@@ -1,872 +0,0 @@
-### Generated automatically from Makefile.org by Configure.
-
-##
-## Makefile for OpenSSL
-##
-
-VERSION=0.9.7a
-MAJOR=0
-MINOR=9.7
-SHLIB_VERSION_NUMBER=0.9.7
-SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=0
-SHLIB_MINOR=9.7
-SHLIB_EXT=
-PLATFORM=dist
-OPTIONS= no-krb5
-CONFIGURE_ARGS=dist
-SHLIB_TARGET=
-
-# HERE indicates where this Makefile lives.  This can be used to indicate
-# where sub-Makefiles are expected to be.  Currently has very limited usage,
-# and should probably not be bothered with at all.
-HERE=.
-
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4  - Define to build without the RC4 algorithm
-# NO_RC2  - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#           one.  32 bytes will be read from this when the random
-#           number generator is initalised.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-#           NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#       call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= cc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DOPENSSL_NO_KRB5 -O
-DEPFLAG= 
-PEX_LIBS= 
-EX_LIBS= 
-EXE_EXT= 
-ARFLAGS= 
-AR=ar $(ARFLAGS) r
-RANLIB= /usr/bin/ranlib
-PERL= /usr/local/bin/perl
-TAR= tar
-TARFLAGS= --no-recursion
-MAKEDEPPROG=makedepend
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAGS=$(CFLAG)
-
-# Set BN_ASM to bn_asm.o if you want to use the C version
-BN_ASM= bn_asm.o
-#BN_ASM= bn_asm.o
-#BN_ASM= asm/bn86-elf.o	# elf, linux-elf
-#BN_ASM= asm/bn86-sol.o # solaris
-#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
-#BN_ASM= asm/bn86bsdi.o # bsdi
-#BN_ASM= asm/alpha.o    # DEC Alpha
-#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_ASM= asm/r3000.o    # SGI MIPS cpu
-#BN_ASM= asm/sparc.o    # Sun solaris/SunOS
-#BN_ASM= asm/bn-win32.o # Windows 95/NT
-#BN_ASM= asm/x86w16.o   # 16 bit code for Windows 3.1/DOS
-#BN_ASM= asm/x86w32.o   # 32 bit code for Windows 3.1
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR= 
-
-# Set DES_ENC to des_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-DES_ENC= des_enc.o fcrypt_b.o
-#DES_ENC= des_enc.o fcrypt_b.o          # C
-#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
-#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
-
-# Set BF_ENC to bf_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-BF_ENC= bf_enc.o
-#BF_ENC= bf_enc.o
-#BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o # solaris
-#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o # bsdi
-
-# Set CAST_ENC to c_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-CAST_ENC= c_enc.o
-#CAST_ENC= c_enc.o
-#CAST_ENC= asm/cx86-elf.o # elf
-#CAST_ENC= asm/cx86-sol.o # solaris
-#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
-#CAST_ENC= asm/cx86bsdi.o # bsdi
-
-# Set RC4_ENC to rc4_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC4_ENC= rc4_enc.o
-#RC4_ENC= rc4_enc.o
-#RC4_ENC= asm/rx86-elf.o # elf
-#RC4_ENC= asm/rx86-sol.o # solaris
-#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
-#RC4_ENC= asm/rx86bsdi.o # bsdi
-
-# Set RC5_ENC to rc5_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC5_ENC= rc5_enc.o
-#RC5_ENC= rc5_enc.o
-#RC5_ENC= asm/r586-elf.o # elf
-#RC5_ENC= asm/r586-sol.o # solaris
-#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
-#RC5_ENC= asm/r586bsdi.o # bsdi
-
-# Also need MD5_ASM defined
-MD5_ASM_OBJ= 
-#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
-#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
-#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
-#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
-
-# Also need SHA1_ASM defined
-SHA1_ASM_OBJ= 
-#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
-#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
-#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
-#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
-
-# Also need RMD160_ASM defined
-RMD160_ASM_OBJ= 
-#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
-#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
-#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
-#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
-
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-# When we're prepared to use shared libraries in the programs we link here
-# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
-SHLIB_MARK=
-
-DIRS=   crypto ssl $(SHLIB_MARK) apps test tools
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS=  \
-	md2 md4 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa dh dso engine aes \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
-
-# tests to perform.  "alltests" is a special word indicating that all tests
-# should be performed.
-TESTS = alltests
-
-MAKEFILE= Makefile.ssl
-MAKE=     make -f Makefile.ssl
-
-MANDIR=$(OPENSSLDIR)/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-
-TOP=    .
-ONEDIRS=out tmp
-EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS=  windows
-LIBS=   libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
-SHARED_LDFLAGS=
-
-GENERAL=        Makefile
-BASENAME=       openssl
-NAME=           $(BASENAME)-$(VERSION)
-TARFILE=        $(NAME).tar
-WTARFILE=       $(NAME)-win.tar
-EXHEADER=       e_os2.h
-HEADER=         e_os.h
-
-# When we're prepared to use shared libraries in the programs we link here
-# we might remove 'clean-shared' from the targets to perform at this stage
-
-all: Makefile.ssl sub_all openssl.pc
-
-sub_all:
-	@for i in $(DIRS); \
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making all in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAGS='${ASFLAGS}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
-	else \
-		$(MAKE) $$i; \
-	fi; \
-	done;
-
-libcrypto$(SHLIB_EXT): libcrypto.a
-	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=crypto build-shared; \
-	else \
-		echo "There's no support for shared libraries on this platform" >&2; \
-	fi
-
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
-	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
-	else \
-		echo "There's no support for shared libraries on this platform" >&2; \
-	fi
-
-clean-shared:
-	@for i in $(SHLIBDIRS); do \
-		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-			for j in $${tmp:-x}; do \
-				( set -x; rm -f lib$$i$$j ); \
-			done; \
-		fi; \
-		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then \
-			( set -x; rm -f cyg$$i-$(SHLIB_VERSION_NUMBER)$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
-		fi; \
-	done
-
-link-shared:
-	@if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-		tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-		for i in $(SHLIBDIRS); do \
-			prev=lib$$i$(SHLIB_EXT); \
-			for j in $${tmp:-x}; do \
-				( set -x; \
-				rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
-				prev=lib$$i$$j; \
-			done; \
-		done; \
-	fi
-
-build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
-
-do_bsd-gcc-shared: do_gnu-shared
-do_linux-shared: do_gnu-shared
-do_gnu-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC} ${SHARED_LDFLAGS} \
-		-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Wl,-Bsymbolic \
-		-Wl,--whole-archive lib$$i.a \
-		-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
-
-# For Darwin AKA Mac OS/X (dyld)
-do_darwin-shared: 
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
-		lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
-		-install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
-	libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \
-	echo "" ; \
-	done
-
-do_cygwin-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; ${CC}  -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \
-		-Wl,-Bsymbolic \
-		-Wl,--whole-archive lib$$i.a \
-		-Wl,--out-implib,lib$$i.dll.a \
-		-Wl,--no-whole-archive $$libs ) || exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-# This assumes that GNU utilities are *not* used
-do_alpha-osf1-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -o lib$$i.so \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# The difference between alpha-osf1-shared and tru64-shared is the `-msym'
-# option passed to the linker.
-do_tru64-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -msym -o lib$$i.so \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# The difference between tru64-shared and tru64-shared-rpath is the
-# -rpath ${INSTALLTOP}/lib passed to the linker.
-do_tru64-shared-rpath:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -msym -o lib$$i.so \
-			-rpath  ${INSTALLTOP}/lib \
-			-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-			-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-
-# This assumes that GNU utilities are *not* used
-do_solaris-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  MINUSZ='-z '; \
-		  (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
-		  set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \
-			-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
-			$$libs ${EX_LIBS} -lc ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# OpenServer 5 native compilers used
-do_svr3-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  find . -name "*.o" -print > allobjs ; \
-		  OBJS= ; export OBJS ; \
-		  for obj in `ar t lib$$i.a` ; do \
-		    OBJS="$${OBJS} `grep $$obj allobjs`" ; \
-		  done ; \
-		  set -x; ${CC}  -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# UnixWare 7 and OpenUNIX 8 native compilers used
-do_svr5-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
-		  find . -name "*.o" -print > allobjs ; \
-		  OBJS= ; export OBJS ; \
-		  for obj in `ar t lib$$i.a` ; do \
-		    OBJS="$${OBJS} `grep $$obj allobjs`" ; \
-		  done ; \
-		  set -x; ${CC} ${SHARED_LDFLAGS} \
-			-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-do_irix-shared:
-	if ${DETECT_GNU_LD}; then \
-		$(MAKE) do_gnu-shared; \
-	else \
-		libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-			libs="$(LIBKRB5) $$libs"; \
-		fi; \
-		( set -x; ${CC} ${SHARED_LDFLAGS} \
-			-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
-		libs="-l$$i $$libs"; \
-		done; \
-	fi
-
-# This assumes that GNU utilities are *not* used
-# HP-UX includes the full pathname of libs we depend on, so we would get
-# ./libcrypto (with ./ as path information) compiled into libssl, hence
-# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
-# anyway.
-# The object modules are loaded from lib$i.a using the undocumented -Fl
-# option.
-#
-# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH
-#          by temporarily specifying "+s"!
-#
-do_hpux-shared:
-	for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
- 		+vnocompatwarnings \
-		-b -z +s \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Fl lib$$i.a -ldld -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
-	done
-
-# This assumes that GNU utilities are *not* used
-# HP-UX includes the full pathname of libs we depend on, so we would get
-# ./libcrypto (with ./ as path information) compiled into libssl, hence
-# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
-# anyway.
-#
-# HP-UX in 64bit mode has "+s" enabled by default; it will search for
-# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH.
-#
-do_hpux64-shared:
-	for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
- 		-b -z \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+forceload lib$$i.a -ldl -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
-	done
-
-# The following method is said to work on all platforms.  Tests will
-# determine if that's how it's gong to be used.
-# This assumes that for all but GNU systems, GNU utilities are *not* used.
-# ALLSYMSFLAGS would be:
-#  GNU systems: --whole-archive
-#  Tru64 Unix:  -all
-#  Solaris:     -z allextract
-#  Irix:        -all
-#  HP/UX-32bit: -Fl
-#  HP/UX-64bit: +forceload
-#  AIX:		-bnogc
-# SHAREDFLAGS would be:
-#  GNU systems: -shared -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  Tru64 Unix:  -shared \
-#		-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}"
-#  Solaris:     -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  Irix:        -shared -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  HP/UX-32bit: +vnocompatwarnings -b -z +s \
-#		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  HP/UX-64bit: -b -z +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
-#  AIX:		-G -bE:lib$$i.exp -bM:SRE
-# SHAREDCMD would be:
-#  GNU systems: $(CC)
-#  Tru64 Unix:  $(CC)
-#  Solaris:     $(CC)
-#  Irix:        $(CC)
-#  HP/UX-32bit: /usr/ccs/bin/ld
-#  HP/UX-64bit: /usr/ccs/bin/ld
-#  AIX:		$(CC)
-ALLSYMSFLAG=-bnogc
-SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE
-SHAREDCMD=$(CC)
-do_aix-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	( set -x; \
-	  ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
-	  ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
-	    $(SHAREDCMD) $(SHAREDFLAGS) \
-		-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
-		$$libs ${EX_LIBS} ) ) \
-	|| exit 1; \
-	libs="-l$$i $$libs"; \
-	done
-
-do_reliantunix-shared:
-	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
-		libs="$(LIBKRB5) $$libs"; \
-	fi; \
-	tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \
-	( set -x; \
-	  ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
-	    cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \
-	    ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
-	  ) || exit 1; \
-	  cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
-	) || exit 1; \
-	rm -rf $$tmpdir ; \
-	libs="-l$$i $$libs"; \
-	done
-
-openssl.pc: Makefile.ssl
-	@ ( echo 'prefix=$(INSTALLTOP)'; \
-	    echo 'exec_prefix=$${prefix}'; \
-	    echo 'libdir=$${exec_prefix}/lib'; \
-	    echo 'includedir=$${prefix}/include'; \
-	    echo ''; \
-	    echo 'Name: OpenSSL'; \
-	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
-	    echo 'Version: '$(VERSION); \
-	    echo 'Requires: '; \
-	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \
-	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-
-Makefile.ssl: Makefile.org
-	@echo "Makefile.ssl is older than Makefile.org."
-	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
-	@false
-
-libclean:
-	rm -f *.a */lib */*/lib
-
-clean:
-	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making clean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
-		rm -f $(LIBS); \
-	fi; \
-	done;
-	rm -f openssl.pc
-	rm -f *.a *.o speed.* *.map *.so .pure core
-	rm -f $(TARFILE)
-	@for i in $(ONEDIRS) ;\
-	do \
-	rm -fr $$i/*; \
-	done
-
-makefile.one: files
-	$(PERL) util/mk1mf.pl >makefile.one; \
-	sh util/do_ms.sh
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making 'files' in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
-	fi; \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
-	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
-	@for i in $(DIRS); do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making links in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \
-	fi; \
-	done;
-
-gentests:
-	@(cd test && echo "generating dummy tests (if needed)..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
-
-dclean:
-	rm -f *.bak
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dclean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
-	fi; \
-	done;
-
-rehash: rehash.time
-rehash.time: certs
-	@(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
-		export OPENSSL OPENSSL_DEBUG_MEMORY; \
-		LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-		$(PERL) tools/c_rehash certs)
-	touch rehash.time
-
-test:   tests
-
-tests: rehash
-	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
-	@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-		apps/openssl version -a
-
-report:
-	@$(PERL) util/selftest.pl
-
-depend:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dependencies $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \
-	fi; \
-	done;
-
-lint:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making lint $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
-	fi; \
-	done;
-
-tags:
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making tags $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
-	fi; \
-	done;
-
-errors:
-	$(PERL) util/mkerr.pl -recurse -write
-	(cd crypto/engine; $(MAKE) PERL=$(PERL) errors)
-
-stacks:
-	$(PERL) util/mkstack.pl -write
-
-util/libeay.num::
-	$(PERL) util/mkdef.pl crypto update
-
-util/ssleay.num::
-	$(PERL) util/mkdef.pl ssl update
-
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
-	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
-	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-
-TABLE: Configure
-	(echo 'Output of `Configure TABLE'"':"; \
-	$(PERL) Configure TABLE) > TABLE
-
-update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
-
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
-tar:
-	find . -type d -print | xargs chmod 755
-	find . -type f -print | xargs chmod a+r
-	find . -type f -perm -0100 -print | xargs chmod a+x
-	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
-	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
-	gzip --best >../$(TARFILE).gz; \
-	rm -f ../$(TARFILE).list; \
-	ls -l ../$(TARFILE).gz
-
-tar-snap:
-	@$(TAR) $(TARFLAGS) -cvf - \
-		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
-	ls -l ../$(TARFILE)
-
-dist:   
-	$(PERL) Configure dist
-	@$(MAKE) dist_pem_h
-	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
-
-dist_pem_h:
-	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
-
-install: all install_docs
-	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/private \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/lib
-	@for i in $(EXHEADER) ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i; echo "installing $$i..."; \
-		$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \
-	fi; \
-	done
-	@for i in $(LIBS) ;\
-	do \
-		if [ -f "$$i" ]; then \
-		(       echo installing $$i; \
-			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
-		fi; \
-	done;
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-		tmp="$(SHARED_LIBS)"; \
-		for i in $${tmp:-x}; \
-		do \
-			if [ -f "$$i" -o -f "$$i.a" ]; then \
-			(       echo installing $$i; \
-				if [ "$(PLATFORM)" != "Cygwin" ]; then \
-					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
-				else \
-					c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
-					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
-					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
-					cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
-				fi ); \
-			fi; \
-		done; \
-		(	here="`pwd`"; \
-			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-			set $(MAKE); \
-			$$1 -f $$here/Makefile link-shared ); \
-		if [ "$(INSTALLTOP)" != "/usr" ]; then \
-			echo 'OpenSSL shared libraries have been installed in:'; \
-			echo '  $(INSTALLTOP)'; \
-			echo ''; \
-			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
-		fi; \
-	fi
-	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
-
-install_docs:
-	@$(PERL) $(TOP)/util/mkdir-p.pl \
-		$(INSTALL_PREFIX)$(MANDIR)/man1 \
-		$(INSTALL_PREFIX)$(MANDIR)/man3 \
-		$(INSTALL_PREFIX)$(MANDIR)/man5 \
-		$(INSTALL_PREFIX)$(MANDIR)/man7
-	@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
-	here="`pwd`"; \
-	filecase=; \
-	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" ]; then \
-		filecase=-i; \
-	fi; \
-	for i in doc/apps/*.pod; do \
-		fn=`basename $$i .pod`; \
-		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
-		echo "installing man$$sec/$$fn.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
-		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
-			 while read n; do \
-				$$here/util/point.sh $$fn.$$sec $$n.$$sec; \
-			 done); \
-	done; \
-	for i in doc/crypto/*.pod doc/ssl/*.pod; do \
-		fn=`basename $$i .pod`; \
-		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
-		echo "installing man$$sec/$$fn.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
-		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
-			 while read n; do \
-				$$here/util/point.sh $$fn.$$sec $$n.$$sec; \
-			 done); \
-	done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
deleted file mode 100644
index 3cf173ebae23..000000000000
--- a/crypto/openssl/NEWS
+++ /dev/null
@@ -1,273 +0,0 @@
-
-  NEWS
-  ====
-
-  This file gives a brief overview of the major changes between each OpenSSL
-  release. For more details please read the CHANGES file.
-
-  Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a:
-
-      o Security: Important security related bugfixes.
-      o Enhanced compatibility with MIT Kerberos.
-      o Can be built without the ENGINE framework.
-      o IA32 assembler enhancements.
-      o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64.
-      o Configuration: the no-err option now works properly.
-      o SSL/TLS: now handles manual certificate chain building.
-      o SSL/TLS: certain session ID malfunctions corrected.
-
-  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7:
-
-      o New library section OCSP.
-      o Complete rewrite of ASN1 code.
-      o CRL checking in verify code and openssl utility.
-      o Extension copying in 'ca' utility.
-      o Flexible display options in 'ca' utility.
-      o Provisional support for international characters with UTF8.
-      o Support for external crypto devices ('engine') is no longer
-        a separate distribution.
-      o New elliptic curve library section.
-      o New AES (Rijndael) library section.
-      o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
-        Linux x86_64, Linux 64-bit on Sparc v9
-      o Extended support for some platforms: VxWorks
-      o Enhanced support for shared libraries.
-      o Now only builds PIC code when shared library support is requested.
-      o Support for pkg-config.
-      o Lots of new manuals.
-      o Makes symbolic links to or copies of manuals to cover all described
-        functions.
-      o Change DES API to clean up the namespace (some applications link also
-        against libdes providing similar functions having the same name).
-        Provide macros for backward compatibility (will be removed in the
-        future).
-      o Unify handling of cryptographic algorithms (software and engine)
-        to be available via EVP routines for asymmetric and symmetric ciphers.
-      o NCONF: new configuration handling routines.
-      o Change API to use more 'const' modifiers to improve error checking
-        and help optimizers.
-      o Finally remove references to RSAref.
-      o Reworked parts of the BIGNUM code.
-      o Support for new engines: Broadcom ubsec, Accelerated Encryption
-        Processing, IBM 4758.
-      o A few new engines added in the demos area.
-      o Extended and corrected OID (object identifier) table.
-      o PRNG: query at more locations for a random device, automatic query for
-        EGD style random sources at several locations.
-      o SSL/TLS: allow optional cipher choice according to server's preference.
-      o SSL/TLS: allow server to explicitly set new session ids.
-      o SSL/TLS: support Kerberos cipher suites (RFC2712).
-	Only supports MIT Kerberos for now.
-      o SSL/TLS: allow more precise control of renegotiations and sessions.
-      o SSL/TLS: add callback to retrieve SSL/TLS messages.
-      o SSL/TLS: support AES cipher suites (RFC3268).
-
-  Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i:
-
-      o Important security related bugfixes.
-
-  Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h:
-
-      o New configuration targets for Tandem OSS and A/UX.
-      o New OIDs for Microsoft attributes.
-      o Better handling of SSL session caching.
-      o Better comparison of distinguished names.
-      o Better handling of shared libraries in a mixed GNU/non-GNU environment.
-      o Support assembler code with Borland C.
-      o Fixes for length problems.
-      o Fixes for uninitialised variables.
-      o Fixes for memory leaks, some unusual crashes and some race conditions.
-      o Fixes for smaller building problems.
-      o Updates of manuals, FAQ and other instructive documents.
-
-  Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g:
-
-      o Important building fixes on Unix.
-
-  Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
-
-      o Various important bugfixes.
-
-  Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
-
-      o Important security related bugfixes.
-      o Various SSL/TLS library bugfixes.
-
-  Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
-
-      o Various SSL/TLS library bugfixes.
-      o Fix DH parameter generation for 'non-standard' generators.
-
-  Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c:
-
-      o Various SSL/TLS library bugfixes.
-      o BIGNUM library fixes.
-      o RSA OAEP and random number generation fixes.
-      o Object identifiers corrected and added.
-      o Add assembler BN routines for IA64.
-      o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8,
-        MIPS Linux; shared library support for Irix, HP-UX.
-      o Add crypto accelerator support for AEP, Baltimore SureWare,
-        Broadcom and Cryptographic Appliance's keyserver
-        [in 0.9.6c-engine release].
-
-  Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
-
-      o Security fix: PRNG improvements.
-      o Security fix: RSA OAEP check.
-      o Security fix: Reinsert and fix countermeasure to Bleichbacher's
-        attack.
-      o MIPS bug fix in BIGNUM.
-      o Bug fix in "openssl enc".
-      o Bug fix in X.509 printing routine.
-      o Bug fix in DSA verification routine and DSA S/MIME verification.
-      o Bug fix to make PRNG thread-safe.
-      o Bug fix in RAND_file_name().
-      o Bug fix in compatibility mode trust settings.
-      o Bug fix in blowfish EVP.
-      o Increase default size for BIO buffering filter.
-      o Compatibility fixes in some scripts.
-
-  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
-
-      o Security fix: change behavior of OpenSSL to avoid using
-        environment variables when running as root.
-      o Security fix: check the result of RSA-CRT to reduce the
-        possibility of deducing the private key from an incorrectly
-        calculated signature.
-      o Security fix: prevent Bleichenbacher's DSA attack.
-      o Security fix: Zero the premaster secret after deriving the
-        master secret in DH ciphersuites.
-      o Reimplement SSL_peek(), which had various problems.
-      o Compatibility fix: the function des_encrypt() renamed to
-        des_encrypt1() to avoid clashes with some Unixen libc.
-      o Bug fixes for Win32, HP/UX and Irix.
-      o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
-        memory checking routines.
-      o Bug fixes for RSA operations in threaded environments.
-      o Bug fixes in misc. openssl applications.
-      o Remove a few potential memory leaks.
-      o Add tighter checks of BIGNUM routines.
-      o Shared library support has been reworked for generality.
-      o More documentation.
-      o New function BN_rand_range().
-      o Add "-rand" option to openssl s_client and s_server.
-
-  Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
-
-      o Some documentation for BIO and SSL libraries.
-      o Enhanced chain verification using key identifiers.
-      o New sign and verify options to 'dgst' application.
-      o Support for DER and PEM encoded messages in 'smime' application.
-      o New 'rsautl' application, low level RSA utility.
-      o MD4 now included.
-      o Bugfix for SSL rollback padding check.
-      o Support for external crypto devices [1].
-      o Enhanced EVP interface.
-
-    [1] The support for external crypto devices is currently a separate
-        distribution.  See the file README.ENGINE.
-
-  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
-
-      o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
-      o Shared library support for HPUX and Solaris-gcc
-      o Support of Linux/IA64
-      o Assembler support for Mingw32
-      o New 'rand' application
-      o New way to check for existence of algorithms from scripts
-
-  Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:
-
-      o S/MIME support in new 'smime' command
-      o Documentation for the OpenSSL command line application
-      o Automation of 'req' application
-      o Fixes to make s_client, s_server work under Windows
-      o Support for multiple fieldnames in SPKACs
-      o New SPKAC command line utilty and associated library functions
-      o Options to allow passwords to be obtained from various sources
-      o New public key PEM format and options to handle it
-      o Many other fixes and enhancements to command line utilities
-      o Usable certificate chain verification
-      o Certificate purpose checking
-      o Certificate trust settings
-      o Support of authority information access extension
-      o Extensions in certificate requests
-      o Simplified X509 name and attribute routines
-      o Initial (incomplete) support for international character sets
-      o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD
-      o Read only memory BIOs and simplified creation function
-      o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0
-        record; allow fragmentation and interleaving of handshake and other
-        data
-      o TLS/SSL code now "tolerates" MS SGC
-      o Work around for Netscape client certificate hang bug
-      o RSA_NULL option that removes RSA patent code but keeps other
-        RSA functionality
-      o Memory leak detection now allows applications to add extra information
-        via a per-thread stack
-      o PRNG robustness improved
-      o EGD support
-      o BIGNUM library bug fixes
-      o Faster DSA parameter generation
-      o Enhanced support for Alpha Linux
-      o Experimental MacOS support
-
-  Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
-
-      o Transparent support for PKCS#8 format private keys: these are used
-        by several software packages and are more secure than the standard
-        form
-      o PKCS#5 v2.0 implementation
-      o Password callbacks have a new void * argument for application data
-      o Avoid various memory leaks
-      o New pipe-like BIO that allows using the SSL library when actual I/O
-        must be handled by the application (BIO pair)
-
-  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
-      o Lots of enhancements and cleanups to the Configuration mechanism
-      o RSA OEAP related fixes
-      o Added `openssl ca -revoke' option for revoking a certificate
-      o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
-      o Source tree cleanups: removed lots of obsolete files
-      o Thawte SXNet, certificate policies and CRL distribution points
-        extension support
-      o Preliminary (experimental) S/MIME support
-      o Support for ASN.1 UTF8String and VisibleString
-      o Full integration of PKCS#12 code
-      o Sparc assembler bignum implementation, optimized hash functions
-      o Option to disable selected ciphers
-
-  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:
-      o Fixed a security hole related to session resumption
-      o Fixed RSA encryption routines for the p < q case
-      o "ALL" in cipher lists now means "everything except NULL ciphers"
-      o Support for Triple-DES CBCM cipher
-      o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
-      o First support for new TLSv1 ciphers
-      o Added a few new BIOs (syslog BIO, reliable BIO)
-      o Extended support for DSA certificate/keys.
-      o Extended support for Certificate Signing Requests (CSR)
-      o Initial support for X.509v3 extensions
-      o Extended support for compression inside the SSL record layer
-      o Overhauled Win32 builds
-      o Cleanups and fixes to the Big Number (BN) library
-      o Support for ASN.1 GeneralizedTime
-      o Splitted ASN.1 SETs from SEQUENCEs
-      o ASN1 and PEM support for Netscape Certificate Sequences
-      o Overhauled Perl interface
-      o Lots of source tree cleanups.
-      o Lots of memory leak fixes.
-      o Lots of bug fixes.
-
-  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
-      o Integration of the popular NO_RSA/NO_DSA patches
-      o Initial support for compression inside the SSL record layer
-      o Added BIO proxy and filtering functionality
-      o Extended Big Number (BN) library
-      o Added RIPE MD160 message digest
-      o Addeed support for RC2/64bit cipher
-      o Extended ASN.1 parser routines
-      o Adjustations of the source tree for CVS
-      o Support for various new platforms
-
diff --git a/crypto/openssl/PROBLEMS b/crypto/openssl/PROBLEMS
deleted file mode 100644
index 1a956b54815c..000000000000
--- a/crypto/openssl/PROBLEMS
+++ /dev/null
@@ -1,100 +0,0 @@
-* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
-
-
-    NOTE: The problem described here only applies when OpenSSL isn't built
-    with shared library support (i.e. without the "shared" configuration
-    option).  If you build with shared library support, you will have no
-    problems as long as you set up DYLD_LIBRARY_PATH properly at all times.
-
-
-This is really a misfeature in ld, which seems to look for .dylib libraries
-along the whole library path before it bothers looking for .a libraries.  This
-means that -L switches won't matter unless OpenSSL is built with shared
-library support.
-
-The workaround may be to change the following lines in apps/Makefile.ssl and
-test/Makefile.ssl:
-
-  LIBCRYPTO=-L.. -lcrypto
-  LIBSSL=-L.. -lssl
-
-to:
-
-  LIBCRYPTO=../libcrypto.a
-  LIBSSL=../libssl.a
-
-It's possible that something similar is needed for shared library support
-as well.  That hasn't been well tested yet.
-
-
-Another solution that many seem to recommend is to move the libraries
-/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different
-directory, build and install OpenSSL and anything that depends on your
-build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their
-original places.  Note that the version numbers on those two libraries
-may differ on your machine.
-
-
-As long as Apple doesn't fix the problem with ld, this problem building
-OpenSSL will remain as is.
-
-
-* Parallell make leads to errors
-
-While running tests, running a parallell make is a bad idea.  Many test
-scripts use the same name for output and input files, which means different
-will interfere with each other and lead to test failure.
-
-The solution is simple for now: don't run parallell make when testing.
-
-
-* Bugs in gcc 3.0 triggered
-
-According to a problem report, there are bugs in gcc 3.0 that are
-triggered by some of the code in OpenSSL, more specifically in
-PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
-
-	header+=11;
-	if (*header != '4') return(0); header++;
-	if (*header != ',') return(0); header++;
-
-What happens is that gcc might optimize a little too agressively, and
-you end up with an extra incrementation when *header != '4'.
-
-We recommend that you upgrade gcc to as high a 3.x version as you can.
-
-* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
-
-As subject suggests SHA-1 might perform poorly (4 times slower)
-if compiled with WorkShop 6 compiler and -xarch=v9. The cause for
-this seems to be the fact that compiler emits multiplication to
-perform shift operations:-( To work the problem around configure
-with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'.
-
-* Problems with hp-parisc2-cc target when used with "no-asm" flag
-
-When using the hp-parisc2-cc target, wrong bignum code is generated.
-This is due to the SIXTY_FOUR_BIT build being compiled with the +O3
-aggressive optimization.
-The problem manifests itself by the BN_kronecker test hanging in an
-endless loop. Reason: the BN_kronecker test calls BN_generate_prime()
-which itself hangs. The reason could be tracked down to the bn_mul_comba8()
-function in bn_asm.c. At some occasions the higher 32bit value of r[7]
-is off by 1 (meaning: calculated=shouldbe+1). Further analysis failed,
-as no debugger support possible at +O3 and additional fprintf()'s
-introduced fixed the bug, therefore it is most likely a bug in the
-optimizer.
-The bug was found in the BN_kronecker test but may also lead to
-failures in other parts of the code.
-(See Ticket #426.)
-
-Workaround: modify the target to +O2 when building with no-asm.
-
-* Poor support for AIX shared builds.
-
-do_aix-shared rule is not flexible enough to parameterize through a
-config-line. './Configure aix43-cc shared' is working, but not
-'./Configure aix64-gcc shared'. In latter case make fails to create shared
-libraries. It's possible to build 64-bit shared libraries by running
-'env OBJECT_MODE=64 make', but we need more elegant solution. Preferably one
-supporting even gcc shared builds. See RT#463 for background information.
diff --git a/crypto/openssl/README b/crypto/openssl/README
deleted file mode 100644
index 35bedc08ebe2..000000000000
--- a/crypto/openssl/README
+++ /dev/null
@@ -1,187 +0,0 @@
-
- OpenSSL 0.9.7a Feb 19 2003
-
- Copyright (c) 1998-2003 The OpenSSL Project
- Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
- All rights reserved.
-
- DESCRIPTION
- -----------
-
- The OpenSSL Project is a collaborative effort to develop a robust,
- commercial-grade, fully featured, and Open Source toolkit implementing the
- Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols as well as a full-strength general purpose cryptography library.
- The project is managed by a worldwide community of volunteers that use the
- Internet to communicate, plan, and develop the OpenSSL toolkit and its
- related documentation. 
-
- OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
- and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
- OpenSSL license plus the SSLeay license) situation, which basically means
- that you are free to get and use it for commercial and non-commercial
- purposes as long as you fulfill the conditions of both licenses. 
-
- OVERVIEW
- --------
-
- The OpenSSL toolkit includes:
-
- libssl.a:
-     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
-     both SSLv2, SSLv3 and TLSv1 in the one server and client.
-
- libcrypto.a:
-     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
-     actually logically part of it. It includes routines for the following:
-
-     Ciphers
-        libdes - EAY's libdes DES encryption package which has been floating
-                 around the net for a few years.  It includes 15
-                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
-                 cbc, cfb and ofb; pcbc and a more general form of cfb and
-                 ofb) including desx in cbc mode, a fast crypt(3), and
-                 routines to read passwords from the keyboard.
-        RC4 encryption,
-        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
-        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
-        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
-
-     Digests
-        MD5 and MD2 message digest algorithms, fast implementations,
-        SHA (SHA-0) and SHA-1 message digest algorithms,
-        MDC2 message digest. A DES based hash that is popular on smart cards.
-
-     Public Key
-        RSA encryption/decryption/generation.  
-            There is no limit on the number of bits.
-        DSA encryption/decryption/generation.   
-            There is no limit on the number of bits.
-        Diffie-Hellman key-exchange/key generation.  
-            There is no limit on the number of bits.
-
-     X.509v3 certificates
-        X509 encoding/decoding into/from binary ASN1 and a PEM
-             based ASCII-binary encoding which supports encryption with a
-             private key.  Program to generate RSA and DSA certificate
-             requests and to generate RSA and DSA certificates.
-
-     Systems
-        The normal digital envelope routines and base64 encoding.  Higher
-        level access to ciphers and digests by name.  New ciphers can be
-        loaded at run time.  The BIO io system which is a simple non-blocking
-        IO abstraction.  Current methods supported are file descriptors,
-        sockets, socket accept, socket connect, memory buffer, buffering, SSL
-        client/server, file pointer, encryption, digest, non-blocking testing
-        and null.
-
-     Data structures
-        A dynamically growing hashing system
-        A simple stack.
-        A Configuration loader that uses a format similar to MS .ini files.
-
- openssl: 
-     A command line tool that can be used for:
-        Creation of RSA, DH and DSA key parameters
-        Creation of X.509 certificates, CSRs and CRLs 
-        Calculation of Message Digests
-        Encryption and Decryption with Ciphers
-        SSL/TLS Client and Server Tests
-        Handling of S/MIME signed or encrypted mail
-
-        
- PATENTS
- -------
-
- Various companies hold various patents for various algorithms in various
- locations around the world. _YOU_ are responsible for ensuring that your use
- of any algorithms is legal by checking if there are any patents in your
- country.  The file contains some of the patents that we know about or are
- rumored to exist. This is not a definitive list.
-
- RSA Security holds software patents on the RC5 algorithm.  If you
- intend to use this cipher, you must contact RSA Security for
- licensing conditions. Their web page is http://www.rsasecurity.com/.
-
- RC4 is a trademark of RSA Security, so use of this label should perhaps
- only be used with RSA Security's permission. 
-
- The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
- Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They
- should be contacted if that algorithm is to be used; their web page is
- http://www.ascom.ch/.
-
- INSTALLATION
- ------------
-
- To install this package under a Unix derivative, read the INSTALL file.  For
- a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
- INSTALL.VMS.
-
- Read the documentation in the doc/ directory.  It is quite rough, but it
- lists the functions; you will probably have to look at the code to work out
- how to use them. Look at the example programs.
-
- PROBLEMS
- --------
-
- For some platforms, there are some known problems that may affect the user
- or application author.  We try to collect those in doc/PROBLEMS, with current
- thoughts on how they should be solved in a future of OpenSSL.
-
- SUPPORT 
- -------
-
- If you have any problems with OpenSSL then please take the following steps
- first:
-
-    - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
-      to see if the problem has already been addressed
-    - Remove ASM versions of libraries
-    - Remove compiler optimisation flags 
-
- If you wish to report a bug then please include the following information in
- any bug report:
-
-    - On Unix systems:
-        Self-test report generated by 'make report'
-    - On other systems:
-        OpenSSL version: output of 'openssl version -a'
-        OS Name, Version, Hardware platform
-        Compiler Details (name, version)
-    - Application Details (name, version)
-    - Problem Description (steps that will reproduce the problem, if known)
-    - Stack Traceback (if the application dumps core)
-
- Report the bug to the OpenSSL project via the Request Tracker
- (http://www.openssl.org/support/rt2.html) by mail to:
-
-    openssl-bugs@openssl.org
-
- Note that mail to openssl-bugs@openssl.org is recorded in the publicly
- readable request tracker database and is forwarded to a public
- mailing list. Confidential mail may be sent to openssl-security@openssl.org
- (PGP key available from the key servers).
-
- HOW TO CONTRIBUTE TO OpenSSL
- ----------------------------
-
- Development is coordinated on the openssl-dev mailing list (see
- http://www.openssl.org for information on subscribing). If you
- would like to submit a patch, send it to openssl-dev@openssl.org with
- the string "[PATCH]" in the subject. Please be sure to include a
- textual explanation of what your patch does.
-
- Note: For legal reasons, contributions from the US can be accepted only
- if a TSA notification and a copy of the patch is sent to crypt@bis.doc.gov;
- see http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
- and http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e)).
-
- The preferred format for changes is "diff -u" output. You might
- generate it like this:
-
- # cd openssl-work
- # [your changes]
- # ./Configure dist; make clean
- # cd ..
- # diff -ur openssl-orig openssl-work > mydiffs.patch
diff --git a/crypto/openssl/README.ASN1 b/crypto/openssl/README.ASN1
deleted file mode 100644
index 11bcfaf4ddb2..000000000000
--- a/crypto/openssl/README.ASN1
+++ /dev/null
@@ -1,187 +0,0 @@
-
-OpenSSL ASN1 Revision
-=====================
-
-This document describes some of the issues relating to the new ASN1 code.
-
-Previous OpenSSL ASN1 problems
-=============================
-
-OK why did the OpenSSL ASN1 code need revising in the first place? Well
-there are lots of reasons some of which are included below...
-
-1. The code is difficult to read and write. For every single ASN1 structure
-(e.g. SEQUENCE) four functions need to be written for new, free, encode and
-decode operations. This is a very painful and error prone operation. Very few
-people have ever written any OpenSSL ASN1 and those that have usually wish
-they hadn't.
-
-2. Partly because of 1. the code is bloated and takes up a disproportionate
-amount of space. The SEQUENCE encoder is particularly bad: it essentially
-contains two copies of the same operation, one to compute the SEQUENCE length
-and the other to encode it.
-
-3. The code is memory based: that is it expects to be able to read the whole
-structure from memory. This is fine for small structures but if you have a
-(say) 1Gb PKCS#7 signedData structure it isn't such a good idea...
-
-4. The code for the ASN1 IMPLICIT tag is evil. It is handled by temporarily
-changing the tag to the expected one, attempting to read it, then changing it
-back again. This means that decode buffers have to be writable even though they
-are ultimately unchanged. This gets in the way of constification.
-
-5. The handling of EXPLICIT isn't much better. It adds a chunk of code into 
-the decoder and encoder for every EXPLICIT tag.
-
-6. APPLICATION and PRIVATE tags aren't even supported at all.
-
-7. Even IMPLICIT isn't complete: there is no support for implicitly tagged
-types that are not OPTIONAL.
-
-8. Much of the code assumes that a tag will fit in a single octet. This is
-only true if the tag is 30 or less (mercifully tags over 30 are rare).
-
-9. The ASN1 CHOICE type has to be largely handled manually, there aren't any
-macros that properly support it.
-
-10. Encoders have no concept of OPTIONAL and have no error checking. If the
-passed structure contains a NULL in a mandatory field it will not be encoded,
-resulting in an invalid structure.
-
-11. It is tricky to add ASN1 encoders and decoders to external applications.
-
-Template model
-==============
-
-One of the major problems with revision is the sheer volume of the ASN1 code.
-Attempts to change (for example) the IMPLICIT behaviour would result in a
-modification of *every* single decode function. 
-
-I decided to adopt a template based approach. I'm using the term 'template'
-in a manner similar to SNACC templates: it has nothing to do with C++
-templates.
-
-A template is a description of an ASN1 module as several constant C structures.
-It describes in a machine readable way exactly how the ASN1 structure should
-behave. If this template contains enough detail then it is possible to write
-versions of new, free, encode, decode (and possibly others operations) that
-operate on templates.
-
-Instead of having to write code to handle each operation only a single
-template needs to be written. If new operations are needed (such as a 'print'
-operation) only a single new template based function needs to be written 
-which will then automatically handle all existing templates.
-
-Plans for revision
-==================
-
-The revision will consist of the following steps. Other than the first two
-these can be handled in any order.
- 
-o Design and write template new, free, encode and decode operations, initially
-memory based. *DONE*
-
-o Convert existing ASN1 code to template form. *IN PROGRESS*
-
-o Convert an existing ASN1 compiler (probably SNACC) to output templates
-in OpenSSL form.
-
-o Add support for BIO based ASN1 encoders and decoders to handle large
-structures, initially blocking I/O.
-
-o Add support for non blocking I/O: this is quite a bit harder than blocking
-I/O.
-
-o Add new ASN1 structures, such as OCSP, CRMF, S/MIME v3 (CMS), attribute
-certificates etc etc.
-
-Description of major changes
-============================
-
-The BOOLEAN type now takes three values. 0xff is TRUE, 0 is FALSE and -1 is
-absent. The meaning of absent depends on the context. If for example the
-boolean type is DEFAULT FALSE (as in the case of the critical flag for
-certificate extensions) then -1 is FALSE, if DEFAULT TRUE then -1 is TRUE.
-Usually the value will only ever be read via an API which will hide this from
-an application.
-
-There is an evil bug in the old ASN1 code that mishandles OPTIONAL with
-SEQUENCE OF or SET OF. These are both implemented as a STACK structure. The
-old code would omit the structure if the STACK was NULL (which is fine) or if
-it had zero elements (which is NOT OK). This causes problems because an empty
-SEQUENCE OF or SET OF will result in an empty STACK when it is decoded but when
-it is encoded it will be omitted resulting in different encodings. The new code
-only omits the encoding if the STACK is NULL, if it contains zero elements it
-is encoded and empty. There is an additional problem though: because an empty
-STACK was omitted, sometimes the corresponding *_new() function would
-initialize the STACK to empty so an application could immediately use it, if
-this is done with the new code (i.e. a NULL) it wont work. Therefore a new
-STACK should be allocated first. One instance of this is the X509_CRL list of
-revoked certificates: a helper function X509_CRL_add0_revoked() has been added
-for this purpose.
-
-The X509_ATTRIBUTE structure used to have an element called 'set' which took
-the value 1 if the attribute value was a SET OF or 0 if it was a single. Due
-to the behaviour of CHOICE in the new code this has been changed to a field
-called 'single' which is 0 for a SET OF and 1 for single. The old field has
-been deleted to deliberately break source compatibility. Since this structure
-is normally accessed via higher level functions this shouldn't break too much.
-
-The X509_REQ_INFO certificate request info structure no longer has a field
-called 'req_kludge'. This used to be set to 1 if the attributes field was
-(incorrectly) omitted. You can check to see if the field is omitted now by
-checking if the attributes field is NULL. Similarly if you need to omit
-the field then free attributes and set it to NULL.
-
-The top level 'detached' field in the PKCS7 structure is no longer set when
-a PKCS#7 structure is read in. PKCS7_is_detached() should be called instead.
-The behaviour of PKCS7_get_detached() is unaffected.
-
-The values of 'type' in the GENERAL_NAME structure have changed. This is
-because the old code use the ASN1 initial octet as the selector. The new
-code uses the index in the ASN1_CHOICE template.
-
-The DIST_POINT_NAME structure has changed to be a true CHOICE type.
-
-typedef struct DIST_POINT_NAME_st {
-int type;
-union {
-	STACK_OF(GENERAL_NAME) *fullname;
-	STACK_OF(X509_NAME_ENTRY) *relativename;
-} name;
-} DIST_POINT_NAME;
-
-This means that name.fullname or name.relativename should be set
-and type reflects the option. That is if name.fullname is set then
-type is 0 and if name.relativename is set type is 1.
-
-With the old code using the i2d functions would typically involve:
-
-unsigned char *buf, *p;
-int len;
-/* Find length of encoding */
-len = i2d_SOMETHING(x, NULL);
-/* Allocate buffer */
-buf = OPENSSL_malloc(len);
-if(buf == NULL) {
-	/* Malloc error */
-}
-/* Use temp variable because &p gets updated to point to end of
- * encoding.
- */
-p = buf;
-i2d_SOMETHING(x, &p);
-
-
-Using the new i2d you can also do:
-
-unsigned char *buf = NULL;
-int len;
-len = i2d_SOMETHING(x, &buf);
-if(len < 0) {
-	/* Malloc error */
-}
-
-and it will automatically allocate and populate a buffer with the
-encoding. After this call 'buf' will point to the start of the
-encoding which is len bytes long.
diff --git a/crypto/openssl/README.ENGINE b/crypto/openssl/README.ENGINE
deleted file mode 100644
index 0ff833370930..000000000000
--- a/crypto/openssl/README.ENGINE
+++ /dev/null
@@ -1,289 +0,0 @@
-  ENGINE
-  ======
-
-  With OpenSSL 0.9.6, a new component was added to support alternative
-  cryptography implementations, most commonly for interfacing with external
-  crypto devices (eg. accelerator cards). This component is called ENGINE,
-  and its presence in OpenSSL 0.9.6 (and subsequent bug-fix releases)
-  caused a little confusion as 0.9.6** releases were rolled in two
-  versions, a "standard" and an "engine" version. In development for 0.9.7,
-  the ENGINE code has been merged into the main branch and will be present
-  in the standard releases from 0.9.7 forwards.
-
-  There are currently built-in ENGINE implementations for the following
-  crypto devices:
-
-      o CryptoSwift
-      o Compaq Atalla
-      o nCipher CHIL
-      o Nuron
-      o Broadcom uBSec
-
-  In addition, dynamic binding to external ENGINE implementations is now
-  provided by a special ENGINE called "dynamic". See the "DYNAMIC ENGINE"
-  section below for details.
-
-  At this stage, a number of things are still needed and are being worked on:
-
-      1 Integration of EVP support.
-      2 Configuration support.
-      3 Documentation!
-
-1 With respect to EVP, this relates to support for ciphers and digests in
-  the ENGINE model so that alternative implementations of existing
-  algorithms/modes (or previously unimplemented ones) can be provided by
-  ENGINE implementations.
-
-2 Configuration support currently exists in the ENGINE API itself, in the
-  form of "control commands". These allow an application to expose to the
-  user/admin the set of commands and parameter types a given ENGINE
-  implementation supports, and for an application to directly feed string
-  based input to those ENGINEs, in the form of name-value pairs. This is an
-  extensible way for ENGINEs to define their own "configuration" mechanisms
-  that are specific to a given ENGINE (eg. for a particular hardware
-  device) but that should be consistent across *all* OpenSSL-based
-  applications when they use that ENGINE. Work is in progress (or at least
-  in planning) for supporting these control commands from the CONF (or
-  NCONF) code so that applications using OpenSSL's existing configuration
-  file format can have ENGINE settings specified in much the same way.
-  Presently however, applications must use the ENGINE API itself to provide
-  such functionality. To see first hand the types of commands available
-  with the various compiled-in ENGINEs (see further down for dynamic
-  ENGINEs), use the "engine" openssl utility with full verbosity, ie;
-       openssl engine -vvvv
-
-3 Documentation? Volunteers welcome! The source code is reasonably well
-  self-documenting, but some summaries and usage instructions are needed -
-  moreover, they are needed in the same POD format the existing OpenSSL
-  documentation is provided in. Any complete or incomplete contributions
-  would help make this happen.
-
-  STABILITY & BUG-REPORTS
-  =======================
-
-  What already exists is fairly stable as far as it has been tested, but
-  the test base has been a bit small most of the time. For the most part,
-  the vendors of the devices these ENGINEs support have contributed to the
-  development and/or testing of the implementations, and *usually* (with no
-  guarantees) have experience in using the ENGINE support to drive their
-  devices from common OpenSSL-based applications. Bugs and/or inexplicable
-  behaviour in using a specific ENGINE implementation should be sent to the
-  author of that implementation (if it is mentioned in the corresponding C
-  file), and in the case of implementations for commercial hardware
-  devices, also through whatever vendor support channels are available.  If
-  none of this is possible, or the problem seems to be something about the
-  ENGINE API itself (ie. not necessarily specific to a particular ENGINE
-  implementation) then you should mail complete details to the relevant
-  OpenSSL mailing list. For a definition of "complete details", refer to
-  the OpenSSL "README" file. As for which list to send it to;
-
-     openssl-users: if you are *using* the ENGINE abstraction, either in an
-          pre-compiled application or in your own application code.
-
-     openssl-dev: if you are discussing problems with OpenSSL source code.
-
-  USAGE
-  =====
-
-  The default "openssl" ENGINE is always chosen when performing crypto
-  operations unless you specify otherwise. You must actively tell the
-  openssl utility commands to use anything else through a new command line
-  switch called "-engine". Also, if you want to use the ENGINE support in
-  your own code to do something similar, you must likewise explicitly
-  select the ENGINE implementation you want.
-
-  Depending on the type of hardware, system, and configuration, "settings"
-  may need to be applied to an ENGINE for it to function as expected/hoped.
-  The recommended way of doing this is for the application to support
-  ENGINE "control commands" so that each ENGINE implementation can provide
-  whatever configuration primitives it might require and the application
-  can allow the user/admin (and thus the hardware vendor's support desk
-  also) to provide any such input directly to the ENGINE implementation.
-  This way, applications do not need to know anything specific to any
-  device, they only need to provide the means to carry such user/admin
-  input through to the ENGINE in question. Ie. this connects *you* (and
-  your helpdesk) to the specific ENGINE implementation (and device), and
-  allows application authors to not get buried in hassle supporting
-  arbitrary devices they know (and care) nothing about.
-
-  A new "openssl" utility, "openssl engine", has been added in that allows
-  for testing and examination of ENGINE implementations. Basic usage
-  instructions are available by specifying the "-?" command line switch.
-
-  DYNAMIC ENGINES
-  ===============
-
-  The new "dynamic" ENGINE provides a low-overhead way to support ENGINE
-  implementations that aren't pre-compiled and linked into OpenSSL-based
-  applications. This could be because existing compiled-in implementations
-  have known problems and you wish to use a newer version with an existing
-  application. It could equally be because the application (or OpenSSL
-  library) you are using simply doesn't have support for the ENGINE you
-  wish to use, and the ENGINE provider (eg. hardware vendor) is providing
-  you with a self-contained implementation in the form of a shared-library.
-  The other use-case for "dynamic" is with applications that wish to
-  maintain the smallest foot-print possible and so do not link in various
-  ENGINE implementations from OpenSSL, but instead leaves you to provide
-  them, if you want them, in the form of "dynamic"-loadable
-  shared-libraries. It should be possible for hardware vendors to provide
-  their own shared-libraries to support arbitrary hardware to work with
-  applications based on OpenSSL 0.9.7 or later. If you're using an
-  application based on 0.9.7 (or later) and the support you desire is only
-  announced for versions later than the one you need, ask the vendor to
-  backport their ENGINE to the version you need.
-
-  How does "dynamic" work?
-  ------------------------
-    The dynamic ENGINE has a special flag in its implementation such that
-    every time application code asks for the 'dynamic' ENGINE, it in fact
-    gets its own copy of it. As such, multi-threaded code (or code that
-    multiplexes multiple uses of 'dynamic' in a single application in any
-    way at all) does not get confused by 'dynamic' being used to do many
-    independent things. Other ENGINEs typically don't do this so there is
-    only ever 1 ENGINE structure of its type (and reference counts are used
-    to keep order). The dynamic ENGINE itself provides absolutely no
-    cryptographic functionality, and any attempt to "initialise" the ENGINE
-    automatically fails. All it does provide are a few "control commands"
-    that can be used to control how it will load an external ENGINE
-    implementation from a shared-library. To see these control commands,
-    use the command-line;
-
-       openssl engine -vvvv dynamic
-
-    The "SO_PATH" control command should be used to identify the
-    shared-library that contains the ENGINE implementation, and "NO_VCHECK"
-    might possibly be useful if there is a minor version conflict and you
-    (or a vendor helpdesk) is convinced you can safely ignore it.
-    "ID" is probably only needed if a shared-library implements
-    multiple ENGINEs, but if you know the engine id you expect to be using,
-    it doesn't hurt to specify it (and this provides a sanity check if
-    nothing else). "LIST_ADD" is only required if you actually wish the
-    loaded ENGINE to be discoverable by application code later on using the
-    ENGINE's "id". For most applications, this isn't necessary - but some
-    application authors may have nifty reasons for using it. The "LOAD"
-    command is the only one that takes no parameters and is the command
-    that uses the settings from any previous commands to actually *load*
-    the shared-library ENGINE implementation. If this command succeeds, the
-    (copy of the) 'dynamic' ENGINE will magically morph into the ENGINE
-    that has been loaded from the shared-library. As such, any control
-    commands supported by the loaded ENGINE could then be executed as per
-    normal. Eg. if ENGINE "foo" is implemented in the shared-library
-    "libfoo.so" and it supports some special control command "CMD_FOO", the
-    following code would load and use it (NB: obviously this code has no
-    error checking);
-
-       ENGINE *e = ENGINE_by_id("dynamic");
-       ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libfoo.so", 0);
-       ENGINE_ctrl_cmd_string(e, "ID", "foo", 0);
-       ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0);
-       ENGINE_ctrl_cmd_string(e, "CMD_FOO", "some input data", 0);
-
-    For testing, the "openssl engine" utility can be useful for this sort
-    of thing. For example the above code excerpt would achieve much the
-    same result as;
-
-       openssl engine dynamic \
-                 -pre SO_PATH:/lib/libfoo.so \
-                 -pre ID:foo \
-                 -pre LOAD \
-                 -pre "CMD_FOO:some input data"
-
-    Or to simply see the list of commands supported by the "foo" ENGINE;
-
-       openssl engine -vvvv dynamic \
-                 -pre SO_PATH:/lib/libfoo.so \
-                 -pre ID:foo \
-                 -pre LOAD
-
-    Applications that support the ENGINE API and more specifically, the
-    "control commands" mechanism, will provide some way for you to pass
-    such commands through to ENGINEs. As such, you would select "dynamic"
-    as the ENGINE to use, and the parameters/commands you pass would
-    control the *actual* ENGINE used. Each command is actually a name-value
-    pair and the value can sometimes be omitted (eg. the "LOAD" command).
-    Whilst the syntax demonstrated in "openssl engine" uses a colon to
-    separate the command name from the value, applications may provide
-    their own syntax for making that separation (eg. a win32 registry
-    key-value pair may be used by some applications). The reason for the
-    "-pre" syntax in the "openssl engine" utility is that some commands
-    might be issued to an ENGINE *after* it has been initialised for use.
-    Eg. if an ENGINE implementation requires a smart-card to be inserted
-    during initialisation (or a PIN to be typed, or whatever), there may be
-    a control command you can issue afterwards to "forget" the smart-card
-    so that additional initialisation is no longer possible. In
-    applications such as web-servers, where potentially volatile code may
-    run on the same host system, this may provide some arguable security
-    value. In such a case, the command would be passed to the ENGINE after
-    it has been initialised for use, and so the "-post" switch would be
-    used instead. Applications may provide a different syntax for
-    supporting this distinction, and some may simply not provide it at all
-    ("-pre" is almost always what you're after, in reality).
-
-  How do I build a "dynamic" ENGINE?
-  ----------------------------------
-    This question is trickier - currently OpenSSL bundles various ENGINE
-    implementations that are statically built in, and any application that
-    calls the "ENGINE_load_builtin_engines()" function will automatically
-    have all such ENGINEs available (and occupying memory). Applications
-    that don't call that function have no ENGINEs available like that and
-    would have to use "dynamic" to load any such ENGINE - but on the other
-    hand such applications would only have the memory footprint of any
-    ENGINEs explicitly loaded using user/admin provided control commands.
-    The main advantage of not statically linking ENGINEs and only using
-    "dynamic" for hardware support is that any installation using no
-    "external" ENGINE suffers no unnecessary memory footprint from unused
-    ENGINEs. Likewise, installations that do require an ENGINE incur the
-    overheads from only *that* ENGINE once it has been loaded.
-
-    Sounds good? Maybe, but currently building an ENGINE implementation as
-    a shared-library that can be loaded by "dynamic" isn't automated in
-    OpenSSL's build process. It can be done manually quite easily however.
-    Such a shared-library can either be built with any OpenSSL code it
-    needs statically linked in, or it can link dynamically against OpenSSL
-    if OpenSSL itself is built as a shared library. The instructions are
-    the same in each case, but in the former (statically linked any
-    dependencies on OpenSSL) you must ensure OpenSSL is built with
-    position-independent code ("PIC"). The default OpenSSL compilation may
-    already specify the relevant flags to do this, but you should consult
-    with your compiler documentation if you are in any doubt.
-
-    This example will show building the "atalla" ENGINE in the
-    crypto/engine/ directory as a shared-library for use via the "dynamic"
-    ENGINE.
-    1) "cd" to the crypto/engine/ directory of a pre-compiled OpenSSL
-       source tree.
-    2) Recompile at least one source file so you can see all the compiler
-       flags (and syntax) being used to build normally. Eg;
-           touch hw_atalla.c ; make
-       will rebuild "hw_atalla.o" using all such flags.
-    3) Manually enter the same compilation line to compile the
-       "hw_atalla.c" file but with the following two changes;
-         (a) add "-DENGINE_DYNAMIC_SUPPORT" to the command line switches,
-	 (b) change the output file from "hw_atalla.o" to something new,
-             eg. "tmp_atalla.o"
-    4) Link "tmp_atalla.o" into a shared-library using the top-level
-       OpenSSL libraries to resolve any dependencies. The syntax for doing
-       this depends heavily on your system/compiler and is a nightmare
-       known well to anyone who has worked with shared-library portability
-       before. 'gcc' on Linux, for example, would use the following syntax;
-          gcc -shared -o dyn_atalla.so tmp_atalla.o -L../.. -lcrypto
-    5) Test your shared library using "openssl engine" as explained in the
-       previous section. Eg. from the top-level directory, you might try;
-          apps/openssl engine -vvvv dynamic \
-              -pre SO_PATH:./crypto/engine/dyn_atalla.so -pre LOAD
-       If the shared-library loads successfully, you will see both "-pre"
-       commands marked as "SUCCESS" and the list of control commands
-       displayed (because of "-vvvv") will be the control commands for the
-       *atalla* ENGINE (ie. *not* the 'dynamic' ENGINE). You can also add
-       the "-t" switch to the utility if you want it to try and initialise
-       the atalla ENGINE for use to test any possible hardware/driver
-       issues.
-
-  PROBLEMS
-  ========
-
-  It seems like the ENGINE part doesn't work too well with CryptoSwift on Win32.
-  A quick test done right before the release showed that trying "openssl speed
-  -engine cswift" generated errors. If the DSO gets enabled, an attempt is made
-  to write at memory address 0x00000002.
-
diff --git a/crypto/openssl/STATUS b/crypto/openssl/STATUS
deleted file mode 100644
index 028abb85abea..000000000000
--- a/crypto/openssl/STATUS
+++ /dev/null
@@ -1,92 +0,0 @@
-
-  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/09/24 15:42:34 $
-
-  DEVELOPMENT STATE
-
-    o  OpenSSL 0.9.6:  Released on September 24th, 2000
-    o  OpenSSL 0.9.5a: Released on April      1st, 2000
-    o  OpenSSL 0.9.5:  Released on February  28th, 2000
-    o  OpenSSL 0.9.4:  Released on August    09th, 1999
-    o  OpenSSL 0.9.3a: Released on May       29th, 1999
-    o  OpenSSL 0.9.3:  Released on May       25th, 1999
-    o  OpenSSL 0.9.2b: Released on March     22th, 1999
-    o  OpenSSL 0.9.1c: Released on December  23th, 1998
-
-  RELEASE SHOWSTOPPERS
-
-  AVAILABLE PATCHES
-
-    o CA.pl patch (Damien Miller)
-
-  IN PROGRESS
-
-    o Steve is currently working on (in no particular order):
-        ASN1 code redesign, butchery, replacement.
-        EVP cipher enhancement.
-        Proper (or at least usable) certificate chain verification.
-	Private key, certificate and CRL API and implementation.
-	Developing and bugfixing PKCS#7 (S/MIME code).
-        Various X509 issues: character sets, certificate request extensions.
-    o Geoff and Richard are currently working on:
-	ENGINE (the new code that gives hardware support among others).
-    o Richard is currently working on:
-	UTIL (a new set of library functions to support some higher level
-	      functionality that is currently missing).
-	Dynamic thread-lock support.
-	Shared library support for VMS.
-
-  NEEDS PATCH
-
-    o  non-blocking socket on AIX
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
-
-  OPEN ISSUES
-
-    o internal_verify doesn't know about X509.v3 (basicConstraints
-      CA flag ...)
-
-    o  The Makefile hierarchy and build mechanism is still not a round thing:
-
-       1. The config vs. Configure scripts
-          It's the same nasty situation as for Apache with APACI vs.
-          src/Configure. It confuses.
-          Suggestion: Merge Configure and config into a single configure
-                      script with a Autoconf style interface ;-) and remove
-                      Configure and config. Or even let us use GNU Autoconf
-                      itself. Then we can avoid a lot of those platform checks
-                      which are currently in Configure.
-
-    o  Support for Shared Libraries has to be added at least
-       for the major Unix platforms. The details we can rip from the stuff
-       Ralf has done for the Apache src/Configure script. Ben wants the
-       solution to be really simple.
-
-       Status: Ralf will look how we can easily incorporate the
-               compiler PIC and linker DSO flags from Apache
-               into the OpenSSL Configure script.
-
-               Ulf: +1 for using GNU autoconf and libtool (but not automake,
-                    which apparently is not flexible enough to generate
-                    libcrypto)
-
-
-    o  The perl/ stuff needs a major overhaul. Currently it's
-       totally obsolete. Either we clean it up and enhance it to be up-to-date
-       with the C code or we also could replace it with the really nice
-       Net::SSLeay package we can find under
-       http://www.neuronio.pt/SSLeay.pm.html.  Ralf uses this package for a
-       longer time and it works fine and is a nice Perl module. Best would be
-       to convince the author to work for the OpenSSL project and create a
-       Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
-       us.
-
-       Status: Ralf thinks we should both contact the author of Net::SSLeay
-               and look how much effort it is to bring Eric's perl/ stuff up
-               to date.
-               Paul +1
-
-  WISHES
-
-    o 
diff --git a/crypto/openssl/TABLE b/crypto/openssl/TABLE
deleted file mode 100644
index 35421ceed48f..000000000000
--- a/crypto/openssl/TABLE
+++ /dev/null
@@ -1,2301 +0,0 @@
-Output of `Configure TABLE':
-
-*** BC-16
-$cc           = bcc
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** BC-32
-$cc           = bcc32
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR RC4_INDEX
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-
-*** BS2000-OSD
-$cc           = c89
-$cflags       = -O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl
-$bn_ops       = THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** CygWin32
-$cc           = gcc
-$cflags       = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-
-*** FreeBSD
-$cc           = gcc
-$cflags       = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-out.o asm/co86-out.o
-$des_obj      = asm/dx86-out.o asm/yx86-out.o
-$bf_obj       = asm/bx86-out.o
-$md5_obj      = asm/mx86-out.o
-$sha1_obj     = asm/sx86-out.o
-$cast_obj     = asm/cx86-out.o
-$rc4_obj      = asm/rx86-out.o
-$rmd160_obj   = asm/rm86-out.o
-$rc5_obj      = asm/r586-out.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** FreeBSD-alpha
-$cc           = gcc
-$cflags       = -DTERMIOS -O -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** FreeBSD-elf
-$cc           = gcc
-$cflags       = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** MPE/iX-gcc
-$cc           = gcc
-$cflags       = -D_ENDIAN -DBN_DIV2W -O3 -DMPE -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -L/SYSLOG/PUB -lsyslog -lsocket -lcurses
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** Mingw32
-$cc           = gcc
-$cflags       = -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-
-*** NetBSD-m68
-$cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** NetBSD-sparc
-$cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** NetBSD-x86
-$cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** OpenBSD
-$cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** OpenBSD-alpha
-$cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** OpenBSD-mips
-$cc           = gcc
-$cflags       = -O2 -DL_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** OpenBSD-x86
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-out.o asm/co86-out.o
-$des_obj      = asm/dx86-out.o asm/yx86-out.o
-$bf_obj       = asm/bx86-out.o
-$md5_obj      = asm/mx86-out.o
-$sha1_obj     = asm/sx86-out.o
-$cast_obj     = asm/cx86-out.o
-$rc4_obj      = asm/rx86-out.o
-$rmd160_obj   = asm/rm86-out.o
-$rc5_obj      = asm/r586-out.o
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** ReliantUNIX
-$cc           = cc
-$cflags       = -KPIC -g -DSNI -DTERMIOS -DB_ENDIAN
-$unistd       = 
-$thread_cflag = -Kthread
-$lflags       = -lsocket -lnsl -lc -L/usr/ucblib -lucb
-$bn_ops       = BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** SINIX
-$cc           = cc
-$cflags       = -O -DSNI
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl -lc -L/usr/ucblib -lucb
-$bn_ops       = RC4_INDEX RC4_CHAR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** SINIX-N
-$cc           = /usr/ucb/cc
-$cflags       = -O2 -misaligned
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lucb
-$bn_ops       = RC4_INDEX RC4_CHAR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** VC-MSDOS
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** VC-NT
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_INDEX RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-
-*** VC-W31-16
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** VC-W31-32
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** VC-WIN16
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** VC-WIN32
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_INDEX RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-
-*** aix-cc
-$cc           = cc
-$cflags       = -O -DAIX -DB_ENDIAN -qmaxmem=16384
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** aix-gcc
-$cc           = gcc
-$cflags       = -O3 -DAIX -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** alpha-cc
-$cc           = cc
-$cflags       = -std1 -tune host -O4 -readonly_strings
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= true64-shared
-$shared_cflag = 
-
-*** alpha-gcc
-$cc           = gcc
-$cflags       = -O3
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= true64-shared
-$shared_cflag = 
-
-*** alpha164-cc
-$cc           = cc
-$cflags       = -std1 -tune host -fast -readonly_strings
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= true64-shared
-$shared_cflag = 
-
-*** bsdi-elf-gcc
-$cc           = gcc
-$cflags       = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** bsdi-gcc
-$cc           = gcc
-$cflags       = -O3 -ffast-math -DL_ENDIAN -DPERL5 -m486
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = RSA_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86bsdi.o asm/co86bsdi.o
-$des_obj      = asm/dx86bsdi.o asm/yx86bsdi.o
-$bf_obj       = asm/bx86bsdi.o
-$md5_obj      = asm/mx86bsdi.o
-$sha1_obj     = asm/sx86bsdi.o
-$cast_obj     = asm/cx86bsdi.o
-$rc4_obj      = asm/rx86bsdi.o
-$rmd160_obj   = asm/rm86bsdi.o
-$rc5_obj      = asm/r586bsdi.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** cc
-$cc           = cc
-$cflags       = -O
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** cray-t3e
-$cc           = cc
-$cflags       = -DBIT_FIELD_LIMITS -DTERMIOS
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** cray-t90-cc
-$cc           = cc
-$cflags       = -DBIT_FIELD_LIMITS -DTERMIOS
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lefence
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-ben
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-ben-debug
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-ben-strict
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-bodo
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-levitte-linux-elf
-$cc           = gcc
-$cflags       = -DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** debug-linux-elf
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lefence -ldl
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** debug-linux-elf-noefence
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** debug-rse
-$cc           = cc
-$cflags       = -DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-solaris-sparcv8-cc
-$cc           = cc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** debug-solaris-sparcv8-gcc
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** debug-solaris-sparcv9-cc
-$cc           = cc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv8plus.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** debug-solaris-sparcv9-gcc
-$cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** debug-steve
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** debug-ulf
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** dgux-R3-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = RC4_INDEX DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** dgux-R4-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lnsl -lsocket
-$bn_ops       = RC4_INDEX
-$bn_obj       = RC4_INDEX DES_UNROLL
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** dgux-R4-x86-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer -DL_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lnsl -lsocket
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** dist
-$cc           = cc
-$cflags       = -O
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** gcc
-$cc           = gcc
-$cflags       = -O3
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-brokencc
-$cc           = cc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -ldld
-$bn_ops       = DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-brokengcc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -O3
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -ldld
-$bn_ops       = DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-cc
-$cc           = cc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-gcc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -O3
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-parisc-cc
-$cc           = cc
-$cflags       = +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-parisc-cc-o4
-$cc           = cc
-$cflags       = -Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = 
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-parisc-gcc
-$cc           = gcc
-$cflags       = -O3 -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = 
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-parisc1_1-cc
-$cc           = cc
-$cflags       = +DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux-parisc2-cc
-$cc           = cc
-$cflags       = +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = asm/pa-risc2.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux10-brokencc
-$cc           = cc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux10-brokengcc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -O3
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux10-cc
-$cc           = cc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux10-gcc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DBN_DIV2W -O3
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldld
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dl
-$shared_target= 
-$shared_cflag = 
-
-*** hpux64-parisc-cc
-$cc           = cc
-$cflags       = -Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** hpux64-parisc2-cc
-$cc           = cc
-$cflags       = +DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = asm/pa-risc2W.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= 
-$shared_cflag = 
-
-*** irix-cc
-$cc           = cc
-$cflags       = -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** irix-gcc
-$cc           = gcc
-$cflags       = -O3 -DTERMIOS -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** irix-mips3-cc
-$cc           = cc
-$cflags       = -n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
-$unistd       = 
-$thread_cflag = -D_SGI_MP_SOURCE
-$lflags       = 
-$bn_ops       = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT
-$bn_obj       = asm/mips3.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** irix-mips3-gcc
-$cc           = gcc
-$cflags       = -mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
-$unistd       = 
-$thread_cflag = -D_SGI_MP_SOURCE
-$lflags       = 
-$bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT
-$bn_obj       = asm/mips3.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** irix64-mips4-cc
-$cc           = cc
-$cflags       = -64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
-$unistd       = 
-$thread_cflag = -D_SGI_MP_SOURCE
-$lflags       = 
-$bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
-$bn_obj       = asm/mips3.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** irix64-mips4-gcc
-$cc           = gcc
-$cflags       = -mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
-$unistd       = 
-$thread_cflag = -D_SGI_MP_SOURCE
-$lflags       = 
-$bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
-$bn_obj       = asm/mips3.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-alpha+bwx-ccc
-$cc           = ccc
-$cflags       = -fast -readonly_strings -DL_ENDIAN -DTERMIO
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-alpha+bwx-gcc
-$cc           = gcc
-$cflags       = -O3 -DL_ENDIAN -DTERMIO
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= linux-shared
-$shared_cflag = -fPIC
-
-*** linux-alpha-ccc
-$cc           = ccc
-$cflags       = -fast -readonly_strings -DL_ENDIAN -DTERMIO
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-alpha-gcc
-$cc           = gcc
-$cflags       = -O3 -DL_ENDIAN -DTERMIO
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL
-$bn_obj       = asm/alpha.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= linux-shared
-$shared_cflag = -fPIC
-
-*** linux-aout
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-out.o asm/co86-out.o
-$des_obj      = asm/dx86-out.o asm/yx86-out.o
-$bf_obj       = asm/bx86-out.o
-$md5_obj      = asm/mx86-out.o
-$sha1_obj     = asm/sx86-out.o
-$cast_obj     = asm/cx86-out.o
-$rc4_obj      = asm/rx86-out.o
-$rmd160_obj   = asm/rm86-out.o
-$rc5_obj      = asm/r586-out.o
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-elf
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -ldl
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
-$dso_scheme   = dlfcn
-$shared_target= linux-shared
-$shared_cflag = -fPIC
-
-*** linux-elf-arm
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= linux-shared
-$shared_cflag = -fPIC
-
-*** linux-ia64
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-m68k
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-mips
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-ppc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-sparcv7
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-sparcv8
-$cc           = gcc
-$cflags       = -mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** linux-sparcv9
-$cc           = gcc
-$cflags       = -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv8plus.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** ncr-scde
-$cc           = cc
-$cflags       = -O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** newsos4-gcc
-$cc           = gcc
-$cflags       = -O -DB_ENDIAN -DNEWS4
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lmld -liberty
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** nextstep
-$cc           = cc
-$cflags       = -O -Wall
-$unistd       = <libc.h>
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** nextstep3.3
-$cc           = cc
-$cflags       = -O3 -Wall
-$unistd       = <libc.h>
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** purify
-$cc           = purify gcc
-$cflags       = -g -DPURIFY -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** qnx4
-$cc           = cc
-$cflags       = -DL_ENDIAN -DTERMIO
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** rhapsody-ppc-cc
-$cc           = cc
-$cflags       = -O3 -DB_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** sco5-cc
-$cc           = cc
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** sco5-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** solaris-sparc-sc3
-$cc           = cc
-$cflags       = -fast -O -Xa -DB_ENDIAN
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** solaris-sparcv7-cc
-$cc           = cc
-$cflags       = -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** solaris-sparcv7-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** solaris-sparcv8-cc
-$cc           = cc
-$cflags       = -xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** solaris-sparcv8-gcc
-$cc           = gcc
-$cflags       = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** solaris-sparcv9-cc
-$cc           = cc
-$cflags       = -xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv8plus.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** solaris-sparcv9-gcc
-$cc           = gcc
-$cflags       = -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv8plus.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** solaris-sparcv9-gcc27
-$cc           = gcc
-$cflags       = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$bn_obj       = asm/sparcv8plus-gcc27.o
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv8plus-gcc27.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** solaris-x86-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-sol.o asm/co86-sol.o
-$des_obj      = asm/dx86-sol.o asm/yx86-sol.o
-$bf_obj       = asm/bx86-sol.o
-$md5_obj      = asm/mx86-sol.o
-$sha1_obj     = asm/sx86-sol.o
-$cast_obj     = asm/cx86-sol.o
-$rc4_obj      = asm/rx86-sol.o
-$rmd160_obj   = asm/rm86-sol.o
-$rc5_obj      = asm/r586-sol.o
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-
-*** solaris64-sparcv9-cc
-$cc           = cc
-$cflags       = -xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv9.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -KPIC
-
-*** sunos-gcc
-$cc           = gcc
-$cflags       = -O3 -mv8 -Dssize_t=int
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** ultrix-cc
-$cc           = cc
-$cflags       = -std1 -O -Olimit 1000 -DL_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** ultrix-gcc
-$cc           = gcc
-$cflags       = -O3 -DL_ENDIAN
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = 
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** unixware-2.0
-$cc           = cc
-$cflags       = -O -DFILIO_H
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** unixware-2.0-pentium
-$cc           = cc
-$cflags       = -O -DFILIO_H -Kpentium -Kthread
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = -lsocket -lnsl
-$bn_ops       = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-
-*** unixware-7
-$cc           = cc
-$cflags       = -O -DFILIO_H -Kalloca
-$unistd       = 
-$thread_cflag = -Kthread
-$lflags       = -lsocket -lnsl
-$bn_ops       = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
diff --git a/crypto/openssl/apps/CA.pl b/crypto/openssl/apps/CA.pl
deleted file mode 100755
index 8b2ce7ea4248..000000000000
--- a/crypto/openssl/apps/CA.pl
+++ /dev/null
@@ -1,173 +0,0 @@
-#!/usr/local/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";
-$REQ="openssl req $SSLEAY_CONFIG";
-$CA="openssl ca $SSLEAY_CONFIG";
-$VERIFY="openssl verify";
-$X509="openssl x509";
-$PKCS12="openssl pkcs12";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate (and private key) is in newreq.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newreq-nodes$/) {
-	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newca$/) {
-		# if explicitly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/serial";
-		print OUT "01\n";
-		close OUT;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = <STDIN>;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -x509 -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-pkcs12$/) {
-	    my $cname = $ARGV[1];
-	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
-			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-			"-export -name \"$cname\"");
-	    $RET=$?;
-	    exit $RET;
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^(-signCA)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-					"-extensions v3_ca -infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed CA certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-
diff --git a/crypto/openssl/apps/CA.pl.in b/crypto/openssl/apps/CA.pl.in
deleted file mode 100644
index 8b2ce7ea4248..000000000000
--- a/crypto/openssl/apps/CA.pl.in
+++ /dev/null
@@ -1,173 +0,0 @@
-#!/usr/local/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";
-$REQ="openssl req $SSLEAY_CONFIG";
-$CA="openssl ca $SSLEAY_CONFIG";
-$VERIFY="openssl verify";
-$X509="openssl x509";
-$PKCS12="openssl pkcs12";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate (and private key) is in newreq.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newreq-nodes$/) {
-	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newca$/) {
-		# if explicitly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/serial";
-		print OUT "01\n";
-		close OUT;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = <STDIN>;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -x509 -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-pkcs12$/) {
-	    my $cname = $ARGV[1];
-	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
-			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-			"-export -name \"$cname\"");
-	    $RET=$?;
-	    exit $RET;
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^(-signCA)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-					"-extensions v3_ca -infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed CA certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-
diff --git a/crypto/openssl/apps/CA.sh b/crypto/openssl/apps/CA.sh
deleted file mode 100644
index d9f3069fb2a6..000000000000
--- a/crypto/openssl/apps/CA.sh
+++ /dev/null
@@ -1,132 +0,0 @@
-#!/bin/sh
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-DAYS="-days 365"
-REQ="openssl req $SSLEAY_CONFIG"
-CA="openssl ca $SSLEAY_CONFIG"
-VERIFY="openssl verify"
-X509="openssl x509"
-
-CATOP=./demoCA
-CAKEY=./cakey.pem
-CACERT=./cacert.pem
-
-for i
-do
-case $i in
--\?|-h|-help)
-    echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
-    exit 0
-    ;;
--newcert) 
-    # create a certificate
-    $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Certificate (and private key) is in newreq.pem"
-    ;;
--newreq) 
-    # create a certificate request
-    $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request (and private key) is in newreq.pem"
-    ;;
--newca)     
-    # if explicitly asked for or it doesn't exist then setup the directory
-    # structure that Eric likes to manage things 
-    NEW="1"
-    if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
-	# create the directory hierarchy
-	mkdir ${CATOP} 
-	mkdir ${CATOP}/certs 
-	mkdir ${CATOP}/crl 
-	mkdir ${CATOP}/newcerts
-	mkdir ${CATOP}/private
-	echo "01" > ${CATOP}/serial
-	touch ${CATOP}/index.txt
-    fi
-    if [ ! -f ${CATOP}/private/$CAKEY ]; then
-	echo "CA certificate filename (or enter to create)"
-	read FILE
-
-	# ask user for existing CA certificate
-	if [ "$FILE" ]; then
-	    cp $FILE ${CATOP}/private/$CAKEY
-	    RET=$?
-	else
-	    echo "Making CA certificate ..."
-	    $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
-			   -out ${CATOP}/$CACERT $DAYS
-	    RET=$?
-	fi
-    fi
-    ;;
--xsign)
-    $CA -policy policy_anything -infiles newreq.pem 
-    RET=$?
-    ;;
--sign|-signreq) 
-    $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--signcert) 
-    echo "Cert passphrase will be requested twice - bug?"
-    $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-    $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--verify) 
-    shift
-    if [ -z "$1" ]; then
-	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
-	    RET=$?
-    else
-	for j
-	do
-	    $VERIFY -CAfile $CATOP/$CACERT $j
-	    if [ $? != 0 ]; then
-		    RET=$?
-	    fi
-	done
-    fi
-    exit 0
-    ;;
-*)
-    echo "Unknown arg $i";
-    exit 1
-    ;;
-esac
-done
-exit $RET
-
diff --git a/crypto/openssl/apps/Makefile.save b/crypto/openssl/apps/Makefile.save
deleted file mode 100644
index 94430b3fa5f6..000000000000
--- a/crypto/openssl/apps/Makefile.save
+++ /dev/null
@@ -1,945 +0,0 @@
-#
-#  apps/Makefile.ssl
-#
-
-DIR=		apps
-TOP=		..
-CC=		cc
-INCLUDES=	-I../include
-CFLAG=		-g -static
-INSTALL_PREFIX=
-INSTALLTOP=	/usr/local/ssl
-OPENSSLDIR=	/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-PERL=/usr/local/bin/perl
-RM=		rm -f
-
-PEX_LIBS=
-EX_LIBS= 
-
-CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile makeapps.com install.com
-
-DLIBCRYPTO=../libcrypto.a
-DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
-
-PROGRAM= openssl
-
-SCRIPTS=CA.sh CA.pl der_chop
-
-EXE= $(PROGRAM)
-
-E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
-	ca crl rsa rsautl dsa dsaparam \
-	x509 genrsa gendsa s_server s_client speed \
-	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 spkac smime rand
-
-PROGS= $(PROGRAM).c
-
-A_OBJ=apps.o
-A_SRC=apps.c
-S_OBJ=	s_cb.o s_socket.o
-S_SRC=	s_cb.c s_socket.c
-RAND_OBJ=app_rand.o
-RAND_SRC=app_rand.c
-
-E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
-	ca.o pkcs7.o crl2p7.o crl.o \
-	rsa.o rsautl.o dsa.o dsaparam.o \
-	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
-	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o
-
-E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
-	rsa.c rsautl.c dsa.c dsaparam.c \
-	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
-	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c
-
-SRC=$(E_SRC)
-
-EXHEADER=
-HEADER=	apps.h progs.h s_apps.h \
-	testdsa.h testrsa.h \
-	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(EXE)
-
-req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
-	$(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-sreq.o: req.c 
-	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-install:
-	@for i in $(EXE); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
-	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	 done;
-	@for i in $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
-
-$(DLIBSSL):
-	(cd ../ssl; $(MAKE))
-
-$(DLIBCRYPTO):
-	(cd ../crypto; $(MAKE))
-
-$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(PROGRAM)
-	$(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
-	-(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs)
-
-progs.h: progs.pl
-	$(PERL) progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-app_rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-app_rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-app_rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-app_rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-app_rand.o: ../include/openssl/des.h ../include/openssl/dh.h
-app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-app_rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
-app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
-app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-app_rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
-app_rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-app_rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-app_rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-apps.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-apps.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-apps.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-apps.o: ../include/openssl/des.h ../include/openssl/dh.h
-apps.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-apps.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-apps.o: ../include/openssl/err.h ../include/openssl/evp.h
-apps.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-apps.o: ../include/openssl/md2.h ../include/openssl/md4.h
-apps.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-apps.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
-apps.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-apps.o: ../include/openssl/x509_vfy.h apps.h
-asn1pars.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-asn1pars.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-asn1pars.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-asn1pars.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-asn1pars.o: ../include/openssl/des.h ../include/openssl/dh.h
-asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
-asn1pars.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-asn1pars.o: ../include/openssl/md2.h ../include/openssl/md4.h
-asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-asn1pars.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-asn1pars.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-ca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ca.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h
-ca.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ca.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ca.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ca.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ca.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ca.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ca.o: ../include/openssl/x509v3.h apps.h
-ciphers.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ciphers.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ciphers.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ciphers.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ciphers.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-crl.o: ../include/openssl/des.h ../include/openssl/dh.h
-crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-crl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-crl.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-crl.o: ../include/openssl/md2.h ../include/openssl/md4.h
-crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-crl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-crl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl.o: ../include/openssl/x509v3.h apps.h
-crl2p7.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-crl2p7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-crl2p7.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-crl2p7.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-crl2p7.o: ../include/openssl/des.h ../include/openssl/dh.h
-crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl2p7.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-crl2p7.o: ../include/openssl/md2.h ../include/openssl/md4.h
-crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-crl2p7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-crl2p7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-dgst.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dgst.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dgst.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dgst.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dgst.o: ../include/openssl/des.h ../include/openssl/dh.h
-dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dgst.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-dh.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dh.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h
-dh.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-dh.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-dh.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dh.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-dh.o: ../include/openssl/x509_vfy.h apps.h
-dsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsa.o: ../include/openssl/des.h ../include/openssl/dh.h
-dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-dsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-dsaparam.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dsaparam.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dsaparam.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsaparam.o: ../include/openssl/des.h ../include/openssl/dh.h
-dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsaparam.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dsaparam.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsaparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-enc.o: ../include/openssl/des.h ../include/openssl/dh.h
-enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
-enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
-enc.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-enc.o: ../include/openssl/x509_vfy.h apps.h
-errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h
-errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h
-errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-errstr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-errstr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendh.o: ../include/openssl/des.h ../include/openssl/dh.h
-gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendh.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-gendh.o: ../include/openssl/md2.h ../include/openssl/md4.h
-gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-gendh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-gendh.o: ../include/openssl/x509_vfy.h apps.h
-gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendsa.o: ../include/openssl/des.h ../include/openssl/dh.h
-gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-gendsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-genrsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-genrsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-genrsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-genrsa.o: ../include/openssl/des.h ../include/openssl/dh.h
-genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-genrsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-genrsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-genrsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-nseq.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-nseq.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-nseq.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-nseq.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-nseq.o: ../include/openssl/des.h ../include/openssl/dh.h
-nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
-nseq.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-nseq.o: ../include/openssl/md2.h ../include/openssl/md4.h
-nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-nseq.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-nseq.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-openssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-openssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-openssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h
-openssl.o: ../include/openssl/crypto.h ../include/openssl/des.h
-openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-openssl.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-openssl.o: progs.h s_apps.h
-passwd.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-passwd.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-passwd.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-passwd.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-passwd.o: ../include/openssl/des.h ../include/openssl/dh.h
-passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-passwd.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
-passwd.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-passwd.o: ../include/openssl/md2.h ../include/openssl/md4.h
-passwd.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
-passwd.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-passwd.o: ../include/openssl/x509_vfy.h apps.h
-pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs12.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-pkcs12.o: ../include/openssl/des.h ../include/openssl/dh.h
-pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs12.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs12.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs12.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs12.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-pkcs12.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-pkcs12.o: ../include/openssl/x509_vfy.h apps.h
-pkcs7.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs7.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs7.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-pkcs7.o: ../include/openssl/des.h ../include/openssl/dh.h
-pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs7.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-pkcs7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-pkcs8.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs8.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs8.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs8.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-pkcs8.o: ../include/openssl/des.h ../include/openssl/dh.h
-pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs8.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs8.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs8.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs8.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-pkcs8.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-pkcs8.o: ../include/openssl/x509_vfy.h apps.h
-rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-rand.o: ../include/openssl/des.h ../include/openssl/dh.h
-rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rand.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rand.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-rand.o: ../include/openssl/x509_vfy.h apps.h
-req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-req.o: ../include/openssl/des.h ../include/openssl/dh.h
-req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-req.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-req.o: ../include/openssl/err.h ../include/openssl/evp.h
-req.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-req.o: ../include/openssl/md2.h ../include/openssl/md4.h
-req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-req.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-req.o: ../include/openssl/x509v3.h apps.h
-rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-rsa.o: ../include/openssl/des.h ../include/openssl/dh.h
-rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-rsautl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-rsautl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-rsautl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-rsautl.o: ../include/openssl/des.h ../include/openssl/dh.h
-rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-rsautl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsautl.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rsautl.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rsautl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-rsautl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rsautl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_cb.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_cb.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_cb.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_cb.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_cb.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h s_apps.h
-s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_client.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_client.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_client.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_client.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_client.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h
-s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_server.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_server.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_server.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_server.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h
-s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_socket.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
-s_socket.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-s_socket.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s_socket.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_socket.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h
-s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_time.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_time.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_time.o: s_apps.h
-sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h
-sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h
-sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-sess_id.o: ../include/openssl/evp.h ../include/openssl/idea.h
-sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h
-sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-sess_id.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-smime.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-smime.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-smime.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-smime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-smime.o: ../include/openssl/des.h ../include/openssl/dh.h
-smime.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-smime.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-smime.o: ../include/openssl/err.h ../include/openssl/evp.h
-smime.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-smime.o: ../include/openssl/md2.h ../include/openssl/md4.h
-smime.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-smime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-smime.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-smime.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-smime.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-speed.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-speed.o: ../include/openssl/des.h ../include/openssl/dh.h
-speed.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-speed.o: ../include/openssl/err.h ../include/openssl/evp.h
-speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-speed.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-speed.o: ../include/openssl/md4.h ../include/openssl/md5.h
-speed.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-speed.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-speed.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
-speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h
-speed.o: ./testrsa.h apps.h
-spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-spkac.o: ../include/openssl/des.h ../include/openssl/dh.h
-spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-spkac.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-spkac.o: ../include/openssl/md2.h ../include/openssl/md4.h
-spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-spkac.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-spkac.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-spkac.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-verify.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-verify.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-verify.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-verify.o: ../include/openssl/des.h ../include/openssl/dh.h
-verify.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-verify.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-verify.o: ../include/openssl/md2.h ../include/openssl/md4.h
-verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-verify.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-verify.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-verify.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-verify.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-verify.o: ../include/openssl/x509v3.h apps.h
-version.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-version.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-version.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-version.o: ../include/openssl/des.h ../include/openssl/dh.h
-version.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-version.o: ../include/openssl/evp.h ../include/openssl/idea.h
-version.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-version.o: ../include/openssl/md4.h ../include/openssl/md5.h
-version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-version.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
-version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-version.o: ../include/openssl/sha.h ../include/openssl/stack.h
-version.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-version.o: ../include/openssl/x509_vfy.h apps.h
-x509.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-x509.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-x509.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-x509.o: ../include/openssl/des.h ../include/openssl/dh.h
-x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-x509.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-x509.o: ../include/openssl/err.h ../include/openssl/evp.h
-x509.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-x509.o: ../include/openssl/md2.h ../include/openssl/md4.h
-x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-x509.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-x509.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-x509.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-x509.o: ../include/openssl/x509v3.h apps.h
diff --git a/crypto/openssl/apps/Makefile.ssl b/crypto/openssl/apps/Makefile.ssl
deleted file mode 100644
index ff433d6a80d5..000000000000
--- a/crypto/openssl/apps/Makefile.ssl
+++ /dev/null
@@ -1,1141 +0,0 @@
-#
-#  apps/Makefile.ssl
-#
-
-DIR=		apps
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g -static
-INSTALL_PREFIX=
-INSTALLTOP=	/usr/local/ssl
-OPENSSLDIR=	/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-PERL=		perl
-RM=		rm -f
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= 
-EXE_EXT= 
-
-SHLIB_TARGET=
-
-CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile makeapps.com install.com
-
-DLIBCRYPTO=../libcrypto.a
-DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
-
-PROGRAM= openssl
-
-SCRIPTS=CA.sh CA.pl der_chop
-
-EXE= $(PROGRAM)$(EXE_EXT)
-
-E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
-	ca crl rsa rsautl dsa dsaparam \
-	x509 genrsa gendsa s_server s_client speed \
-	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 spkac smime rand engine ocsp
-
-PROGS= $(PROGRAM).c
-
-A_OBJ=apps.o
-A_SRC=apps.c
-S_OBJ=	s_cb.o s_socket.o
-S_SRC=	s_cb.c s_socket.c
-RAND_OBJ=app_rand.o
-RAND_SRC=app_rand.c
-
-E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
-	ca.o pkcs7.o crl2p7.o crl.o \
-	rsa.o rsautl.o dsa.o dsaparam.o \
-	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
-	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o ocsp.o
-
-E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
-	rsa.c rsautl.c dsa.c dsaparam.c \
-	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
-	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c ocsp.c
-
-SRC=$(E_SRC)
-
-EXHEADER=
-HEADER=	apps.h progs.h s_apps.h \
-	testdsa.h testrsa.h \
-	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(PROGRAM)
-
-req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
-	$(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-sreq.o: req.c 
-	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-install:
-	@for i in $(EXE); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	 done;
-	@for i in $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(PROGRAM)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-	-(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
-		LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-		$(PERL) tools/c_rehash certs)
-
-progs.h: progs.pl
-	$(PERL) progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-app_rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-app_rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-app_rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-app_rand.o: ../include/openssl/cast.h ../include/openssl/conf.h
-app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
-app_rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-app_rand.o: ../include/openssl/engine.h ../include/openssl/err.h
-app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
-app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
-app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-app_rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h app_rand.c
-app_rand.o: apps.h
-apps.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-apps.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-apps.o: ../include/openssl/cast.h ../include/openssl/conf.h
-apps.o: ../include/openssl/crypto.h ../include/openssl/des.h
-apps.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-apps.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-apps.o: ../include/openssl/engine.h ../include/openssl/err.h
-apps.o: ../include/openssl/evp.h ../include/openssl/idea.h
-apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-apps.o: ../include/openssl/md4.h ../include/openssl/md5.h
-apps.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-apps.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-apps.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
-asn1pars.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-asn1pars.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-asn1pars.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-asn1pars.o: ../include/openssl/cast.h ../include/openssl/conf.h
-asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h
-asn1pars.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-asn1pars.o: ../include/openssl/engine.h ../include/openssl/err.h
-asn1pars.o: ../include/openssl/evp.h ../include/openssl/idea.h
-asn1pars.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-asn1pars.o: ../include/openssl/md4.h ../include/openssl/md5.h
-asn1pars.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
-asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-asn1pars.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-asn1pars.o: asn1pars.c
-ca.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ca.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ca.o: ../include/openssl/cast.h ../include/openssl/conf.h
-ca.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ca.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ca.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ca.o: ../include/openssl/engine.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ca.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ca.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ca.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-ca.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ca.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ca.c
-ciphers.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ciphers.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ciphers.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ciphers.o: ../include/openssl/des.h ../include/openssl/des_old.h
-ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ciphers.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h
-ciphers.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ciphers.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-ciphers.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ciphers.o: ../include/openssl/x509_vfy.h apps.h ciphers.c
-crl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-crl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-crl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-crl.o: ../include/openssl/cast.h ../include/openssl/conf.h
-crl.o: ../include/openssl/crypto.h ../include/openssl/des.h
-crl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-crl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-crl.o: ../include/openssl/engine.h ../include/openssl/err.h
-crl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-crl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-crl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl.o: ../include/openssl/x509v3.h apps.h crl.c
-crl2p7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-crl2p7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-crl2p7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-crl2p7.o: ../include/openssl/cast.h ../include/openssl/conf.h
-crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h
-crl2p7.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-crl2p7.o: ../include/openssl/engine.h ../include/openssl/err.h
-crl2p7.o: ../include/openssl/evp.h ../include/openssl/idea.h
-crl2p7.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-crl2p7.o: ../include/openssl/md4.h ../include/openssl/md5.h
-crl2p7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl2p7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-crl2p7.o: crl2p7.c
-dgst.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-dgst.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-dgst.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dgst.o: ../include/openssl/cast.h ../include/openssl/conf.h
-dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dgst.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/engine.h ../include/openssl/err.h
-dgst.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dgst.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dgst.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dgst.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dgst.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.c
-dh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-dh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dh.o: ../include/openssl/cast.h ../include/openssl/conf.h
-dh.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dh.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-dh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dh.o: ../include/openssl/engine.h ../include/openssl/err.h
-dh.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dh.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dh.c
-dsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-dsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
-dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-dsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dsa.c
-dsaparam.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-dsaparam.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsaparam.o: ../include/openssl/cast.h ../include/openssl/conf.h
-dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dsaparam.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-dsaparam.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dsaparam.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dsaparam.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dsaparam.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsaparam.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-dsaparam.o: dsaparam.c
-enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-enc.o: ../include/openssl/cast.h ../include/openssl/conf.h
-enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
-enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/engine.h ../include/openssl/err.h
-enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
-enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
-enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
-enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h enc.c
-engine.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-engine.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-engine.o: ../include/openssl/cast.h ../include/openssl/comp.h
-engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-engine.o: ../include/openssl/des.h ../include/openssl/des_old.h
-engine.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-engine.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-engine.o: ../include/openssl/err.h ../include/openssl/evp.h
-engine.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-engine.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-engine.o: ../include/openssl/md4.h ../include/openssl/md5.h
-engine.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-engine.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-engine.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-engine.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-engine.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-engine.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-engine.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-engine.o: ../include/openssl/x509_vfy.h apps.h engine.c
-errstr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-errstr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-errstr.o: ../include/openssl/cast.h ../include/openssl/comp.h
-errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-errstr.o: ../include/openssl/des.h ../include/openssl/des_old.h
-errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-errstr.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-errstr.o: ../include/openssl/err.h ../include/openssl/evp.h
-errstr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-errstr.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-errstr.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-errstr.o: ../include/openssl/x509_vfy.h apps.h errstr.c
-gendh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-gendh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendh.o: ../include/openssl/cast.h ../include/openssl/conf.h
-gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h
-gendh.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
-gendh.o: ../include/openssl/evp.h ../include/openssl/idea.h
-gendh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-gendh.o: ../include/openssl/md4.h ../include/openssl/md5.h
-gendh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-gendh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h gendh.c
-gendsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-gendsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
-gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-gendsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-gendsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
-gendsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-gendsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-gendsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-gendsa.o: gendsa.c
-genrsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-genrsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-genrsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
-genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-genrsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-genrsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
-genrsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-genrsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-genrsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-genrsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-genrsa.o: genrsa.c
-nseq.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-nseq.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-nseq.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-nseq.o: ../include/openssl/cast.h ../include/openssl/conf.h
-nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h
-nseq.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-nseq.o: ../include/openssl/engine.h ../include/openssl/err.h
-nseq.o: ../include/openssl/evp.h ../include/openssl/idea.h
-nseq.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-nseq.o: ../include/openssl/md4.h ../include/openssl/md5.h
-nseq.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
-nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-nseq.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h nseq.c
-ocsp.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ocsp.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ocsp.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ocsp.o: ../include/openssl/des.h ../include/openssl/des_old.h
-ocsp.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ocsp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
-ocsp.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ocsp.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ocsp.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ocsp.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ocsp.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ocsp.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ocsp.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-ocsp.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
-openssl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-openssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-openssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
-openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-openssl.o: ../include/openssl/des.h ../include/openssl/des_old.h
-openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-openssl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-openssl.o: ../include/openssl/err.h ../include/openssl/evp.h
-openssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-openssl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-openssl.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-openssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-openssl.o: ../include/openssl/x509_vfy.h apps.h openssl.c progs.h s_apps.h
-passwd.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-passwd.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-passwd.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-passwd.o: ../include/openssl/cast.h ../include/openssl/conf.h
-passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
-passwd.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-passwd.o: ../include/openssl/engine.h ../include/openssl/err.h
-passwd.o: ../include/openssl/evp.h ../include/openssl/idea.h
-passwd.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-passwd.o: ../include/openssl/md4.h ../include/openssl/md5.h
-passwd.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
-passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-passwd.o: passwd.c
-pkcs12.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-pkcs12.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-pkcs12.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-pkcs12.o: ../include/openssl/cast.h ../include/openssl/conf.h
-pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs12.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/engine.h ../include/openssl/err.h
-pkcs12.o: ../include/openssl/evp.h ../include/openssl/idea.h
-pkcs12.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-pkcs12.o: ../include/openssl/md4.h ../include/openssl/md5.h
-pkcs12.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs12.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-pkcs12.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-pkcs12.o: ../include/openssl/x509_vfy.h apps.h pkcs12.c
-pkcs7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-pkcs7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-pkcs7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-pkcs7.o: ../include/openssl/cast.h ../include/openssl/conf.h
-pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs7.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/engine.h ../include/openssl/err.h
-pkcs7.o: ../include/openssl/evp.h ../include/openssl/idea.h
-pkcs7.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-pkcs7.o: ../include/openssl/md4.h ../include/openssl/md5.h
-pkcs7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-pkcs7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs7.c
-pkcs8.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-pkcs8.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-pkcs8.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-pkcs8.o: ../include/openssl/cast.h ../include/openssl/conf.h
-pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs8.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/engine.h ../include/openssl/err.h
-pkcs8.o: ../include/openssl/evp.h ../include/openssl/idea.h
-pkcs8.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-pkcs8.o: ../include/openssl/md4.h ../include/openssl/md5.h
-pkcs8.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs8.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-pkcs8.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-pkcs8.o: ../include/openssl/x509_vfy.h apps.h pkcs8.c
-rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-rand.o: ../include/openssl/cast.h ../include/openssl/conf.h
-rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/engine.h ../include/openssl/err.h
-rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
-rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
-rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c
-req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-req.o: ../include/openssl/des.h ../include/openssl/des_old.h
-req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-req.o: ../include/openssl/err.h ../include/openssl/evp.h
-req.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-req.o: ../include/openssl/md2.h ../include/openssl/md4.h
-req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-req.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-req.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
-rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-rsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
-rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
-rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rsa.c
-rsautl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-rsautl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-rsautl.o: ../include/openssl/cast.h ../include/openssl/conf.h
-rsautl.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rsautl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h
-rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rsautl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rsautl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rsautl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-rsautl.o: rsautl.c
-s_cb.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s_cb.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_cb.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_cb.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_cb.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_cb.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_cb.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_cb.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_cb.c
-s_client.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s_client.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_client.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_client.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_client.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_client.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_client.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_client.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.c
-s_server.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s_server.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_server.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_server.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_server.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_server.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_server.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.c
-s_socket.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s_socket.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s_socket.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_socket.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_socket.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_socket.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-s_socket.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_socket.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_socket.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_socket.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_socket.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_socket.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_socket.c
-s_time.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s_time.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_time.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_time.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_time.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-s_time.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_time.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_time.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_time.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.c
-sess_id.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-sess_id.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-sess_id.o: ../include/openssl/cast.h ../include/openssl/comp.h
-sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-sess_id.o: ../include/openssl/des.h ../include/openssl/des_old.h
-sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-sess_id.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h
-sess_id.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h
-sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-sess_id.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-sess_id.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-sess_id.o: ../include/openssl/x509_vfy.h apps.h sess_id.c
-smime.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-smime.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-smime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-smime.o: ../include/openssl/cast.h ../include/openssl/conf.h
-smime.o: ../include/openssl/crypto.h ../include/openssl/des.h
-smime.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-smime.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-smime.o: ../include/openssl/engine.h ../include/openssl/err.h
-smime.o: ../include/openssl/evp.h ../include/openssl/idea.h
-smime.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-smime.o: ../include/openssl/md4.h ../include/openssl/md5.h
-smime.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-smime.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
-smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-smime.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h smime.c
-speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
-speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
-speed.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-speed.o: ../include/openssl/engine.h ../include/openssl/err.h
-speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-speed.o: ../include/openssl/md2.h ../include/openssl/md4.h
-speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h
-spkac.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-spkac.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-spkac.o: ../include/openssl/cast.h ../include/openssl/conf.h
-spkac.o: ../include/openssl/crypto.h ../include/openssl/des.h
-spkac.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/engine.h ../include/openssl/err.h
-spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h
-spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-spkac.o: ../include/openssl/md4.h ../include/openssl/md5.h
-spkac.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h
-spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-spkac.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h spkac.c
-verify.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-verify.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-verify.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-verify.o: ../include/openssl/cast.h ../include/openssl/conf.h
-verify.o: ../include/openssl/crypto.h ../include/openssl/des.h
-verify.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-verify.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/engine.h ../include/openssl/err.h
-verify.o: ../include/openssl/evp.h ../include/openssl/idea.h
-verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-verify.o: ../include/openssl/md4.h ../include/openssl/md5.h
-verify.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-verify.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
-verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-verify.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-verify.o: ../include/openssl/x509v3.h apps.h verify.c
-version.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-version.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-version.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-version.o: ../include/openssl/cast.h ../include/openssl/conf.h
-version.o: ../include/openssl/crypto.h ../include/openssl/des.h
-version.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-version.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-version.o: ../include/openssl/engine.h ../include/openssl/err.h
-version.o: ../include/openssl/evp.h ../include/openssl/idea.h
-version.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-version.o: ../include/openssl/md4.h ../include/openssl/md5.h
-version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-version.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-version.o: ../include/openssl/sha.h ../include/openssl/stack.h
-version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-version.o: version.c
-x509.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-x509.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-x509.o: ../include/openssl/cast.h ../include/openssl/conf.h
-x509.o: ../include/openssl/crypto.h ../include/openssl/des.h
-x509.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-x509.o: ../include/openssl/engine.h ../include/openssl/err.h
-x509.o: ../include/openssl/evp.h ../include/openssl/idea.h
-x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-x509.o: ../include/openssl/md4.h ../include/openssl/md5.h
-x509.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-x509.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
-x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-x509.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-x509.o: ../include/openssl/x509v3.h apps.h x509.c
diff --git a/crypto/openssl/apps/app_rand.c b/crypto/openssl/apps/app_rand.c
deleted file mode 100644
index b7b6128c1eb9..000000000000
--- a/crypto/openssl/apps/app_rand.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* apps/app_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-
-
-static int seeded = 0;
-static int egdsocket = 0;
-
-int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
-	{
-	int consider_randfile = (file == NULL);
-	char buffer[200];
-	
-#ifdef OPENSSL_SYS_WINDOWS
-	BIO_printf(bio_e,"Loading 'screen' into random state -");
-	BIO_flush(bio_e);
-	RAND_screen();
-	BIO_printf(bio_e," done\n");
-#endif
-
-	if (file == NULL)
-		file = RAND_file_name(buffer, sizeof buffer);
-	else if (RAND_egd(file) > 0)
-		{
-		/* we try if the given filename is an EGD socket.
-		   if it is, we don't write anything back to the file. */
-		egdsocket = 1;
-		return 1;
-		}
-	if (file == NULL || !RAND_load_file(file, -1))
-		{
-		if (RAND_status() == 0)
-			{
-			if (!dont_warn)
-				{
-				BIO_printf(bio_e,"unable to load 'random state'\n");
-				BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
-				BIO_printf(bio_e,"with much random data.\n");
-				if (consider_randfile) /* explanation does not apply when a file is explicitly named */
-					{
-					BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
-					BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
-					}
-				}
-			return 0;
-			}
-		}
-	seeded = 1;
-	return 1;
-	}
-
-long app_RAND_load_files(char *name)
-	{
-	char *p,*n;
-	int last;
-	long tot=0;
-	int egd;
-	
-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
-
-		egd=RAND_egd(n);
-		if (egd > 0)
-			tot+=egd;
-		else
-			tot+=RAND_load_file(n,-1);
-		if (last) break;
-		}
-	if (tot > 512)
-		app_RAND_allow_write_file();
-	return(tot);
-	}
-
-int app_RAND_write_file(const char *file, BIO *bio_e)
-	{
-	char buffer[200];
-	
-	if (egdsocket || !seeded)
-		/* If we did not manage to read the seed file,
-		 * we should not write a low-entropy seed file back --
-		 * it would suppress a crucial warning the next time
-		 * we want to use it. */
-		return 0;
-
-	if (file == NULL)
-		file = RAND_file_name(buffer, sizeof buffer);
-	if (file == NULL || !RAND_write_file(file))
-		{
-		BIO_printf(bio_e,"unable to write 'random state'\n");
-		return 0;
-		}
-	return 1;
-	}
-
-void app_RAND_allow_write_file(void)
-	{
-	seeded = 1;
-	}
diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c
deleted file mode 100644
index ec3e391b66ab..000000000000
--- a/crypto/openssl/apps/apps.c
+++ /dev/null
@@ -1,1428 +0,0 @@
-/* apps/apps.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <ctype.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include <openssl/ui.h>
-#include <openssl/safestack.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_SYS_WINDOWS
-#define strcasecmp _stricmp
-#else
-#  ifdef NO_STRINGS_H
-    int	strcasecmp();
-#  else
-#    include <strings.h>
-#  endif /* NO_STRINGS_H */
-#endif
-
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-
-#ifdef OPENSSL_SYS_WINDOWS
-#  include "bss_file.c"
-#endif
-
-typedef struct {
-	char *name;
-	unsigned long flag;
-	unsigned long mask;
-} NAME_EX_TBL;
-
-static UI_METHOD *ui_method = NULL;
-
-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
-static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-/* Looks like this stuff is worth moving into separate function */
-static EVP_PKEY *
-load_netscape_key(BIO *err, BIO *key, const char *file,
-		const char *key_descrip, int format);
-#endif
-
-int app_init(long mesgwin);
-#ifdef undef /* never finished - probably never will be :-) */
-int args_from_file(char *file, int *argc, char **argv[])
-	{
-	FILE *fp;
-	int num,i;
-	unsigned int len;
-	static char *buf=NULL;
-	static char **arg=NULL;
-	char *p;
-	struct stat stbuf;
-
-	if (stat(file,&stbuf) < 0) return(0);
-
-	fp=fopen(file,"r");
-	if (fp == NULL)
-		return(0);
-
-	*argc=0;
-	*argv=NULL;
-
-	len=(unsigned int)stbuf.st_size;
-	if (buf != NULL) OPENSSL_free(buf);
-	buf=(char *)OPENSSL_malloc(len+1);
-	if (buf == NULL) return(0);
-
-	len=fread(buf,1,len,fp);
-	if (len <= 1) return(0);
-	buf[len]='\0';
-
-	i=0;
-	for (p=buf; *p; p++)
-		if (*p == '\n') i++;
-	if (arg != NULL) OPENSSL_free(arg);
-	arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2));
-
-	*argv=arg;
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		if (!*p) break;
-		if (*p == '#') /* comment line */
-			{
-			while (*p && (*p != '\n')) p++;
-			continue;
-			}
-		/* else we have a line */
-		*(arg++)=p;
-		num++;
-		while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			*(p++)='\0';
-			continue;
-			}
-		/* else it is a tab or space */
-		p++;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			p++;
-			continue;
-			}
-		*(arg++)=p++;
-		num++;
-		while (*p && (*p != '\n')) p++;
-		if (!*p) break;
-		/* else *p == '\n' */
-		*(p++)='\0';
-		}
-	*argc=num;
-	return(1);
-	}
-#endif
-
-int str2fmt(char *s)
-	{
-	if 	((*s == 'D') || (*s == 'd'))
-		return(FORMAT_ASN1);
-	else if ((*s == 'T') || (*s == 't'))
-		return(FORMAT_TEXT);
-	else if ((*s == 'P') || (*s == 'p'))
-		return(FORMAT_PEM);
-	else if ((*s == 'N') || (*s == 'n'))
-		return(FORMAT_NETSCAPE);
-	else if ((*s == 'S') || (*s == 's'))
-		return(FORMAT_SMIME);
-	else if ((*s == '1')
-		|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
-		|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
-		return(FORMAT_PKCS12);
-	else if ((*s == 'E') || (*s == 'e'))
-		return(FORMAT_ENGINE);
-	else
-		return(FORMAT_UNDEF);
-	}
-
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-void program_name(char *in, char *out, int size)
-	{
-	int i,n;
-	char *p=NULL;
-
-	n=strlen(in);
-	/* find the last '/', '\' or ':' */
-	for (i=n-1; i>0; i--)
-		{
-		if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
-			{
-			p= &(in[i+1]);
-			break;
-			}
-		}
-	if (p == NULL)
-		p=in;
-	n=strlen(p);
-	/* strip off trailing .exe if present. */
-	if ((n > 4) && (p[n-4] == '.') &&
-		((p[n-3] == 'e') || (p[n-3] == 'E')) &&
-		((p[n-2] == 'x') || (p[n-2] == 'X')) &&
-		((p[n-1] == 'e') || (p[n-1] == 'E')))
-		n-=4;
-	if (n > size-1)
-		n=size-1;
-
-	for (i=0; i<n; i++)
-		{
-		if ((p[i] >= 'A') && (p[i] <= 'Z'))
-			out[i]=p[i]-'A'+'a';
-		else
-			out[i]=p[i];
-		}
-	out[n]='\0';
-	}
-#else
-#ifdef OPENSSL_SYS_VMS
-void program_name(char *in, char *out, int size)
-	{
-	char *p=in, *q;
-	char *chars=":]>";
-
-	while(*chars != '\0')
-		{
-		q=strrchr(p,*chars);
-		if (q > p)
-			p = q + 1;
-		chars++;
-		}
-
-	q=strrchr(p,'.');
-	if (q == NULL)
-		q = p + strlen(p);
-	strncpy(out,p,size-1);
-	if (q-p >= size)
-		{
-		out[size-1]='\0';
-		}
-	else
-		{
-		out[q-p]='\0';
-		}
-	}
-#else
-void program_name(char *in, char *out, int size)
-	{
-	char *p;
-
-	p=strrchr(in,'/');
-	if (p != NULL)
-		p++;
-	else
-		p=in;
-	BUF_strlcpy(out,p,size);
-	}
-#endif
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-int WIN32_rename(char *from, char *to)
-	{
-#ifndef OPENSSL_SYS_WINCE
-	/* Windows rename gives an error if 'to' exists, so delete it
-	 * first and ignore file not found errror
-	 */
-	if((remove(to) != 0) && (errno != ENOENT))
-		return -1;
-#undef rename
-	return rename(from, to);
-#else
-	/* convert strings to UNICODE */
-	{
-	BOOL result = FALSE;
-	WCHAR* wfrom;
-	WCHAR* wto;
-	int i;
-	wfrom = malloc((strlen(from)+1)*2);
-	wto = malloc((strlen(to)+1)*2);
-	if (wfrom != NULL && wto != NULL)
-		{
-		for (i=0; i<(int)strlen(from)+1; i++)
-			wfrom[i] = (short)from[i];
-		for (i=0; i<(int)strlen(to)+1; i++)
-			wto[i] = (short)to[i];
-		result = MoveFile(wfrom, wto);
-		}
-	if (wfrom != NULL)
-		free(wfrom);
-	if (wto != NULL)
-		free(wto);
-	return result;
-	}
-#endif
-	}
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-int VMS_strcasecmp(const char *str1, const char *str2)
-	{
-	while (*str1 && *str2)
-		{
-		int res = toupper(*str1) - toupper(*str2);
-		if (res) return res < 0 ? -1 : 1;
-		}
-	if (*str1)
-		return 1;
-	if (*str2)
-		return -1;
-	return 0;
-	}
-#endif
-
-int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
-	{
-	int num,len,i;
-	char *p;
-
-	*argc=0;
-	*argv=NULL;
-
-	len=strlen(buf);
-	i=0;
-	if (arg->count == 0)
-		{
-		arg->count=20;
-		arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
-		}
-	for (i=0; i<arg->count; i++)
-		arg->data[i]=NULL;
-
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		/* first scan over white space */
-		if (!*p) break;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-
-		/* The start of something good :-) */
-		if (num >= arg->count)
-			{
-			arg->count+=20;
-			arg->data=(char **)OPENSSL_realloc(arg->data,
-				sizeof(char *)*arg->count);
-			if (argc == 0) return(0);
-			}
-		arg->data[num++]=p;
-
-		/* now look for the end of this */
-		if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
-			{
-			i= *(p++);
-			arg->data[num-1]++; /* jump over quote */
-			while (*p && (*p != i))
-				p++;
-			*p='\0';
-			}
-		else
-			{
-			while (*p && ((*p != ' ') &&
-				(*p != '\t') && (*p != '\n')))
-				p++;
-
-			if (*p == '\0')
-				p--;
-			else
-				*p='\0';
-			}
-		p++;
-		}
-	*argc=num;
-	*argv=arg->data;
-	return(1);
-	}
-
-#ifndef APP_INIT
-int app_init(long mesgwin)
-	{
-	return(1);
-	}
-#endif
-
-
-int dump_cert_text (BIO *out, X509 *x)
-{
-	char *p;
-
-	p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0);
-	BIO_puts(out,"subject=");
-	BIO_puts(out,p);
-	OPENSSL_free(p);
-
-	p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0);
-	BIO_puts(out,"\nissuer=");
-	BIO_puts(out,p);
-	BIO_puts(out,"\n");
-	OPENSSL_free(p);
-
-	return 0;
-}
-
-static int ui_open(UI *ui)
-	{
-	return UI_method_get_opener(UI_OpenSSL())(ui);
-	}
-static int ui_read(UI *ui, UI_STRING *uis)
-	{
-	if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
-		&& UI_get0_user_data(ui))
-		{
-		switch(UI_get_string_type(uis))
-			{
-		case UIT_PROMPT:
-		case UIT_VERIFY:
-			{
-			const char *password =
-				((PW_CB_DATA *)UI_get0_user_data(ui))->password;
-			if (password[0] != '\0')
-				{
-				UI_set_result(ui, uis, password);
-				return 1;
-				}
-			}
-		default:
-			break;
-			}
-		}
-	return UI_method_get_reader(UI_OpenSSL())(ui, uis);
-	}
-static int ui_write(UI *ui, UI_STRING *uis)
-	{
-	if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
-		&& UI_get0_user_data(ui))
-		{
-		switch(UI_get_string_type(uis))
-			{
-		case UIT_PROMPT:
-		case UIT_VERIFY:
-			{
-			const char *password =
-				((PW_CB_DATA *)UI_get0_user_data(ui))->password;
-			if (password[0] != '\0')
-				return 1;
-			}
-		default:
-			break;
-			}
-		}
-	return UI_method_get_writer(UI_OpenSSL())(ui, uis);
-	}
-static int ui_close(UI *ui)
-	{
-	return UI_method_get_closer(UI_OpenSSL())(ui);
-	}
-int setup_ui_method(void)
-	{
-	ui_method = UI_create_method("OpenSSL application user interface");
-	UI_method_set_opener(ui_method, ui_open);
-	UI_method_set_reader(ui_method, ui_read);
-	UI_method_set_writer(ui_method, ui_write);
-	UI_method_set_closer(ui_method, ui_close);
-	return 0;
-	}
-void destroy_ui_method(void)
-	{
-	if(ui_method)
-		{
-		UI_destroy_method(ui_method);
-		ui_method = NULL;
-		}
-	}
-int password_callback(char *buf, int bufsiz, int verify,
-	PW_CB_DATA *cb_tmp)
-	{
-	UI *ui = NULL;
-	int res = 0;
-	const char *prompt_info = NULL;
-	const char *password = NULL;
-	PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
-
-	if (cb_data)
-		{
-		if (cb_data->password)
-			password = cb_data->password;
-		if (cb_data->prompt_info)
-			prompt_info = cb_data->prompt_info;
-		}
-
-	if (password)
-		{
-		res = strlen(password);
-		if (res > bufsiz)
-			res = bufsiz;
-		memcpy(buf, password, res);
-		return res;
-		}
-
-	ui = UI_new_method(ui_method);
-	if (ui)
-		{
-		int ok = 0;
-		char *buff = NULL;
-		int ui_flags = 0;
-		char *prompt = NULL;
-
-		prompt = UI_construct_prompt(ui, "pass phrase",
-			cb_data->prompt_info);
-
-		ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
-		UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
-		if (ok >= 0)
-			ok = UI_add_input_string(ui,prompt,ui_flags,buf,
-				PW_MIN_LENGTH,BUFSIZ-1);
-		if (ok >= 0 && verify)
-			{
-			buff = (char *)OPENSSL_malloc(bufsiz);
-			ok = UI_add_verify_string(ui,prompt,ui_flags,buff,
-				PW_MIN_LENGTH,BUFSIZ-1, buf);
-			}
-		if (ok >= 0)
-			do
-				{
-				ok = UI_process(ui);
-				}
-			while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
-		if (buff)
-			{
-			OPENSSL_cleanse(buff,(unsigned int)bufsiz);
-			OPENSSL_free(buff);
-			}
-
-		if (ok >= 0)
-			res = strlen(buf);
-		if (ok == -1)
-			{
-			BIO_printf(bio_err, "User interface error\n");
-			ERR_print_errors(bio_err);
-			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
-			res = 0;
-			}
-		if (ok == -2)
-			{
-			BIO_printf(bio_err,"aborted!\n");
-			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
-			res = 0;
-			}
-		UI_free(ui);
-		OPENSSL_free(prompt);
-		}
-	return res;
-	}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio);
-
-int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
-{
-	int same;
-	if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0;
-	else same = 1;
-	if(arg1) {
-		*pass1 = app_get_pass(err, arg1, same);
-		if(!*pass1) return 0;
-	} else if(pass1) *pass1 = NULL;
-	if(arg2) {
-		*pass2 = app_get_pass(err, arg2, same ? 2 : 0);
-		if(!*pass2) return 0;
-	} else if(pass2) *pass2 = NULL;
-	return 1;
-}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio)
-{
-	char *tmp, tpass[APP_PASS_LEN];
-	static BIO *pwdbio = NULL;
-	int i;
-	if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5);
-	if(!strncmp(arg, "env:", 4)) {
-		tmp = getenv(arg + 4);
-		if(!tmp) {
-			BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
-			return NULL;
-		}
-		return BUF_strdup(tmp);
-	}
-	if(!keepbio || !pwdbio) {
-		if(!strncmp(arg, "file:", 5)) {
-			pwdbio = BIO_new_file(arg + 5, "r");
-			if(!pwdbio) {
-				BIO_printf(err, "Can't open file %s\n", arg + 5);
-				return NULL;
-			}
-		} else if(!strncmp(arg, "fd:", 3)) {
-			BIO *btmp;
-			i = atoi(arg + 3);
-			if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
-			if((i < 0) || !pwdbio) {
-				BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
-				return NULL;
-			}
-			/* Can't do BIO_gets on an fd BIO so add a buffering BIO */
-			btmp = BIO_new(BIO_f_buffer());
-			pwdbio = BIO_push(btmp, pwdbio);
-		} else if(!strcmp(arg, "stdin")) {
-			pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
-			if(!pwdbio) {
-				BIO_printf(err, "Can't open BIO for stdin\n");
-				return NULL;
-			}
-		} else {
-			BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
-			return NULL;
-		}
-	}
-	i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
-	if(keepbio != 1) {
-		BIO_free_all(pwdbio);
-		pwdbio = NULL;
-	}
-	if(i <= 0) {
-		BIO_printf(err, "Error reading password from BIO\n");
-		return NULL;
-	}
-	tmp = strchr(tpass, '\n');
-	if(tmp) *tmp = 0;
-	return BUF_strdup(tpass);
-}
-
-int add_oid_section(BIO *err, CONF *conf)
-{	
-	char *p;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(p=NCONF_get_string(conf,NULL,"oid_section")))
-		{
-		ERR_clear_error();
-		return 1;
-		}
-	if(!(sktmp = NCONF_get_section(conf, p))) {
-		BIO_printf(err, "problem loading oid section %s\n", p);
-		return 0;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		cnf = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
-			BIO_printf(err, "problem creating object %s=%s\n",
-							 cnf->name, cnf->value);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-X509 *load_cert(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip)
-	{
-	ASN1_HEADER *ah=NULL;
-	BUF_MEM *buf=NULL;
-	X509 *x=NULL;
-	BIO *cert;
-
-	if ((cert=BIO_new(BIO_s_file())) == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-
-	if (file == NULL)
-		{
-		setvbuf(stdin, NULL, _IONBF, 0);
-		BIO_set_fp(cert,stdin,BIO_NOCLOSE);
-		}
-	else
-		{
-		if (BIO_read_filename(cert,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				cert_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-			}
-		}
-
-	if 	(format == FORMAT_ASN1)
-		x=d2i_X509_bio(cert,NULL);
-	else if (format == FORMAT_NETSCAPE)
-		{
-		unsigned char *p,*op;
-		int size=0,i;
-
-		/* We sort of have to do it this way because it is sort of nice
-		 * to read the header first and check it, then
-		 * try to read the certificate */
-		buf=BUF_MEM_new();
-		for (;;)
-			{
-			if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
-				goto end;
-			i=BIO_read(cert,&(buf->data[size]),1024*10);
-			size+=i;
-			if (i == 0) break;
-			if (i < 0)
-				{
-				perror("reading certificate");
-				goto end;
-				}
-			}
-		p=(unsigned char *)buf->data;
-		op=p;
-
-		/* First load the header */
-		if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
-			goto end;
-		if ((ah->header == NULL) || (ah->header->data == NULL) ||
-			(strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
-			ah->header->length) != 0))
-			{
-			BIO_printf(err,"Error reading header on certificate\n");
-			goto end;
-			}
-		/* header is ok, so now read the object */
-		p=op;
-		ah->meth=X509_asn1_meth();
-		if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
-			goto end;
-		x=(X509 *)ah->data;
-		ah->data=NULL;
-		}
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_AUX(cert,NULL,
-			(pem_password_cb *)password_callback, NULL);
-	else if (format == FORMAT_PKCS12)
-		{
-		PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
-
-		PKCS12_parse(p12, NULL, NULL, &x, NULL);
-		PKCS12_free(p12);
-		p12 = NULL;
-		}
-	else	{
-		BIO_printf(err,"bad input format specified for %s\n",
-			cert_descrip);
-		goto end;
-		}
-end:
-	if (x == NULL)
-		{
-		BIO_printf(err,"unable to load certificate\n");
-		ERR_print_errors(err);
-		}
-	if (ah != NULL) ASN1_HEADER_free(ah);
-	if (cert != NULL) BIO_free(cert);
-	if (buf != NULL) BUF_MEM_free(buf);
-	return(x);
-	}
-
-EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip)
-	{
-	BIO *key=NULL;
-	EVP_PKEY *pkey=NULL;
-	PW_CB_DATA cb_data;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE))
-		{
-		BIO_printf(err,"no keyfile specified\n");
-		goto end;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	if (format == FORMAT_ENGINE)
-		{
-		if (!e)
-			BIO_printf(bio_err,"no engine specified\n");
-		else
-			pkey = ENGINE_load_private_key(e, file,
-				ui_method, &cb_data);
-		goto end;
-		}
-#endif
-	key=BIO_new(BIO_s_file());
-	if (key == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-	if (file == NULL && maybe_stdin)
-		{
-		setvbuf(stdin, NULL, _IONBF, 0);
-		BIO_set_fp(key,stdin,BIO_NOCLOSE);
-		}
-	else
-		if (BIO_read_filename(key,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				key_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-			}
-	if (format == FORMAT_ASN1)
-		{
-		pkey=d2i_PrivateKey_bio(key, NULL);
-		}
-	else if (format == FORMAT_PEM)
-		{
-		pkey=PEM_read_bio_PrivateKey(key,NULL,
-			(pem_password_cb *)password_callback, &cb_data);
-		}
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-	else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-		pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
-	else if (format == FORMAT_PKCS12)
-		{
-		PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
-
-		PKCS12_parse(p12, pass, &pkey, NULL, NULL);
-		PKCS12_free(p12);
-		p12 = NULL;
-		}
-	else
-		{
-		BIO_printf(err,"bad input format specified for key file\n");
-		goto end;
-		}
- end:
-	if (key != NULL) BIO_free(key);
-	if (pkey == NULL)
-		BIO_printf(err,"unable to load %s\n", key_descrip);
-	return(pkey);
-	}
-
-EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip)
-	{
-	BIO *key=NULL;
-	EVP_PKEY *pkey=NULL;
-	PW_CB_DATA cb_data;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE))
-		{
-		BIO_printf(err,"no keyfile specified\n");
-		goto end;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	if (format == FORMAT_ENGINE)
-		{
-		if (!e)
-			BIO_printf(bio_err,"no engine specified\n");
-		else
-			pkey = ENGINE_load_public_key(e, file,
-				ui_method, &cb_data);
-		goto end;
-		}
-#endif
-	key=BIO_new(BIO_s_file());
-	if (key == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-	if (file == NULL && maybe_stdin)
-		{
-		setvbuf(stdin, NULL, _IONBF, 0);
-		BIO_set_fp(key,stdin,BIO_NOCLOSE);
-		}
-	else
-		if (BIO_read_filename(key,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				key_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-		}
-	if (format == FORMAT_ASN1)
-		{
-		pkey=d2i_PUBKEY_bio(key, NULL);
-		}
-	else if (format == FORMAT_PEM)
-		{
-		pkey=PEM_read_bio_PUBKEY(key,NULL,
-			(pem_password_cb *)password_callback, &cb_data);
-		}
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-	else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-		pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
-	else
-		{
-		BIO_printf(err,"bad input format specified for key file\n");
-		goto end;
-		}
- end:
-	if (key != NULL) BIO_free(key);
-	if (pkey == NULL)
-		BIO_printf(err,"unable to load %s\n", key_descrip);
-	return(pkey);
-	}
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-static EVP_PKEY *
-load_netscape_key(BIO *err, BIO *key, const char *file,
-		const char *key_descrip, int format)
-	{
-	EVP_PKEY *pkey;
-	BUF_MEM *buf;
-	RSA	*rsa;
-	const unsigned char *p;
-	int size, i;
-
-	buf=BUF_MEM_new();
-	pkey = EVP_PKEY_new();
-	size = 0;
-	if (buf == NULL || pkey == NULL)
-		goto error;
-	for (;;)
-		{
-		if (!BUF_MEM_grow_clean(buf,size+1024*10))
-			goto error;
-		i = BIO_read(key, &(buf->data[size]), 1024*10);
-		size += i;
-		if (i == 0)
-			break;
-		if (i < 0)
-			{
-				BIO_printf(err, "Error reading %s %s",
-					key_descrip, file);
-				goto error;
-			}
-		}
-	p=(unsigned char *)buf->data;
-	rsa = d2i_RSA_NET(NULL,&p,(long)size,NULL,
-		(format == FORMAT_IISSGC ? 1 : 0));
-	if (rsa == NULL)
-		goto error;
-	BUF_MEM_free(buf);
-	EVP_PKEY_set1_RSA(pkey, rsa);
-	return pkey;
-error:
-	BUF_MEM_free(buf);
-	EVP_PKEY_free(pkey);
-	return NULL;
-	}
-#endif /* ndef OPENSSL_NO_RC4 */
-
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip)
-	{
-	BIO *certs;
-	int i;
-	STACK_OF(X509) *othercerts = NULL;
-	STACK_OF(X509_INFO) *allcerts = NULL;
-	X509_INFO *xi;
-	PW_CB_DATA cb_data;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if((certs = BIO_new(BIO_s_file())) == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-
-	if (file == NULL)
-		BIO_set_fp(certs,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(certs,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				cert_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-			}
-		}
-
-	if      (format == FORMAT_PEM)
-		{
-		othercerts = sk_X509_new_null();
-		if(!othercerts)
-			{
-			sk_X509_free(othercerts);
-			othercerts = NULL;
-			goto end;
-			}
-		allcerts = PEM_X509_INFO_read_bio(certs, NULL,
-				(pem_password_cb *)password_callback, &cb_data);
-		for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
-			{
-			xi = sk_X509_INFO_value (allcerts, i);
-			if (xi->x509)
-				{
-				sk_X509_push(othercerts, xi->x509);
-				xi->x509 = NULL;
-				}
-			}
-		goto end;
-		}
-	else	{
-		BIO_printf(err,"bad input format specified for %s\n",
-			cert_descrip);
-		goto end;
-		}
-end:
-	if (othercerts == NULL)
-		{
-		BIO_printf(err,"unable to load certificates\n");
-		ERR_print_errors(err);
-		}
-	if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
-	if (certs != NULL) BIO_free(certs);
-	return(othercerts);
-	}
-
-
-#define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT		0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN	(1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN	(2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN		(3L << 16)
-
-#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
-			 X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
-
-int set_cert_ex(unsigned long *flags, const char *arg)
-{
-	static const NAME_EX_TBL cert_tbl[] = {
-		{ "compatible", X509_FLAG_COMPAT, 0xffffffffl},
-		{ "ca_default", X509_FLAG_CA, 0xffffffffl},
-		{ "no_header", X509_FLAG_NO_HEADER, 0},
-		{ "no_version", X509_FLAG_NO_VERSION, 0},
-		{ "no_serial", X509_FLAG_NO_SERIAL, 0},
-		{ "no_signame", X509_FLAG_NO_SIGNAME, 0},
-		{ "no_validity", X509_FLAG_NO_VALIDITY, 0},
-		{ "no_subject", X509_FLAG_NO_SUBJECT, 0},
-		{ "no_issuer", X509_FLAG_NO_ISSUER, 0},
-		{ "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
-		{ "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
-		{ "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
-		{ "no_aux", X509_FLAG_NO_AUX, 0},
-		{ "no_attributes", X509_FLAG_NO_ATTRIBUTES, 0},
-		{ "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ NULL, 0, 0}
-	};
-	return set_multi_opts(flags, arg, cert_tbl);
-}
-
-int set_name_ex(unsigned long *flags, const char *arg)
-{
-	static const NAME_EX_TBL ex_tbl[] = {
-		{ "esc_2253", ASN1_STRFLGS_ESC_2253, 0},
-		{ "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
-		{ "esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
-		{ "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
-		{ "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
-		{ "ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
-		{ "show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
-		{ "dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
-		{ "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
-		{ "dump_der", ASN1_STRFLGS_DUMP_DER, 0},
-		{ "compat", XN_FLAG_COMPAT, 0xffffffffL},
-		{ "sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
-		{ "sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
-		{ "sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
-		{ "sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
-		{ "dn_rev", XN_FLAG_DN_REV, 0},
-		{ "nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
-		{ "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
-		{ "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
-		{ "align", XN_FLAG_FN_ALIGN, 0},
-		{ "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
-		{ "space_eq", XN_FLAG_SPC_EQ, 0},
-		{ "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
-		{ "RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
-		{ "oneline", XN_FLAG_ONELINE, 0xffffffffL},
-		{ "multiline", XN_FLAG_MULTILINE, 0xffffffffL},
-		{ "ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
-		{ NULL, 0, 0}
-	};
-	return set_multi_opts(flags, arg, ex_tbl);
-}
-
-int set_ext_copy(int *copy_type, const char *arg)
-{
-	if (!strcasecmp(arg, "none"))
-		*copy_type = EXT_COPY_NONE;
-	else if (!strcasecmp(arg, "copy"))
-		*copy_type = EXT_COPY_ADD;
-	else if (!strcasecmp(arg, "copyall"))
-		*copy_type = EXT_COPY_ALL;
-	else
-		return 0;
-	return 1;
-}
-
-int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
-{
-	STACK_OF(X509_EXTENSION) *exts = NULL;
-	X509_EXTENSION *ext, *tmpext;
-	ASN1_OBJECT *obj;
-	int i, idx, ret = 0;
-	if (!x || !req || (copy_type == EXT_COPY_NONE))
-		return 1;
-	exts = X509_REQ_get_extensions(req);
-
-	for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-		ext = sk_X509_EXTENSION_value(exts, i);
-		obj = X509_EXTENSION_get_object(ext);
-		idx = X509_get_ext_by_OBJ(x, obj, -1);
-		/* Does extension exist? */
-		if (idx != -1) {
-			/* If normal copy don't override existing extension */
-			if (copy_type == EXT_COPY_ADD)
-				continue;
-			/* Delete all extensions of same type */
-			do {
-				tmpext = X509_get_ext(x, idx);
-				X509_delete_ext(x, idx);
-				X509_EXTENSION_free(tmpext);
-				idx = X509_get_ext_by_OBJ(x, obj, -1);
-			} while (idx != -1);
-		}
-		if (!X509_add_ext(x, ext, -1))
-			goto end;
-	}
-
-	ret = 1;
-
-	end:
-
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-
-	return ret;
-}
-		
-		
-			
-
-static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
-{
-	STACK_OF(CONF_VALUE) *vals;
-	CONF_VALUE *val;
-	int i, ret = 1;
-	if(!arg) return 0;
-	vals = X509V3_parse_list(arg);
-	for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-		val = sk_CONF_VALUE_value(vals, i);
-		if (!set_table_opts(flags, val->name, in_tbl))
-			ret = 0;
-	}
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	return ret;
-}
-
-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
-{
-	char c;
-	const NAME_EX_TBL *ptbl;
-	c = arg[0];
-
-	if(c == '-') {
-		c = 0;
-		arg++;
-	} else if (c == '+') {
-		c = 1;
-		arg++;
-	} else c = 1;
-
-	for(ptbl = in_tbl; ptbl->name; ptbl++) {
-		if(!strcasecmp(arg, ptbl->name)) {
-			*flags &= ~ptbl->mask;
-			if(c) *flags |= ptbl->flag;
-			else *flags &= ~ptbl->flag;
-			return 1;
-		}
-	}
-	return 0;
-}
-
-void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
-{
-	char *buf;
-	char mline = 0;
-	int indent = 0;
-
-	if(title) BIO_puts(out, title);
-	if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-		mline = 1;
-		indent = 4;
-	}
-	if(lflags == XN_FLAG_COMPAT) {
-		buf = X509_NAME_oneline(nm, 0, 0);
-		BIO_puts(out, buf);
-		BIO_puts(out, "\n");
-		OPENSSL_free(buf);
-	} else {
-		if(mline) BIO_puts(out, "\n");
-		X509_NAME_print_ex(out, nm, indent, lflags);
-		BIO_puts(out, "\n");
-	}
-}
-
-X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
-{
-	X509_STORE *store;
-	X509_LOOKUP *lookup;
-	if(!(store = X509_STORE_new())) goto end;
-	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
-	if (lookup == NULL) goto end;
-	if (CAfile) {
-		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
-			BIO_printf(bp, "Error loading file %s\n", CAfile);
-			goto end;
-		}
-	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-		
-	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) goto end;
-	if (CApath) {
-		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
-			BIO_printf(bp, "Error loading directory %s\n", CApath);
-			goto end;
-		}
-	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
-	ERR_clear_error();
-	return store;
-	end:
-	X509_STORE_free(store);
-	return NULL;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-/* Try to load an engine in a shareable library */
-static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
-	{
-	ENGINE *e = ENGINE_by_id("dynamic");
-	if (e)
-		{
-		if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
-			|| !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
-			{
-			ENGINE_free(e);
-			e = NULL;
-			}
-		}
-	return e;
-	}
-
-ENGINE *setup_engine(BIO *err, const char *engine, int debug)
-        {
-        ENGINE *e = NULL;
-
-        if (engine)
-                {
-		if(strcmp(engine, "auto") == 0)
-			{
-			BIO_printf(err,"enabling auto ENGINE support\n");
-			ENGINE_register_all_complete();
-			return NULL;
-			}
-		if((e = ENGINE_by_id(engine)) == NULL
-			&& (e = try_load_engine(err, engine, debug)) == NULL)
-			{
-			BIO_printf(err,"invalid engine \"%s\"\n", engine);
-			ERR_print_errors(err);
-			return NULL;
-			}
-		if (debug)
-			{
-			ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
-				0, err, 0);
-			}
-                ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
-		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
-			{
-			BIO_printf(err,"can't use that engine\n");
-			ERR_print_errors(err);
-			ENGINE_free(e);
-			return NULL;
-			}
-
-		BIO_printf(err,"engine \"%s\" set.\n", ENGINE_get_id(e));
-
-		/* Free our "structural" reference. */
-		ENGINE_free(e);
-		}
-        return e;
-        }
-#endif
-
-int load_config(BIO *err, CONF *cnf)
-	{
-	if (!cnf)
-		cnf = config;
-	if (!cnf)
-		return 1;
-
-	OPENSSL_load_builtin_modules();
-
-	if (CONF_modules_load(cnf, NULL, 0) <= 0)
-		{
-		BIO_printf(err, "Error configuring OpenSSL\n");
-		ERR_print_errors(err);
-		return 0;
-		}
-	return 1;
-	}
-
-char *make_config_name()
-	{
-	const char *t=X509_get_default_cert_area();
-	char *p;
-
-	p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
-	strcpy(p,t);
-#ifndef OPENSSL_SYS_VMS
-	strcat(p,"/");
-#endif
-	strcat(p,OPENSSL_CONF);
-
-	return p;
-	}
diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h
deleted file mode 100644
index c36b9d256657..000000000000
--- a/crypto/openssl/apps/apps.h
+++ /dev/null
@@ -1,313 +0,0 @@
-/* apps/apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_APPS_H
-#define HEADER_APPS_H
-
-#include "e_os.h"
-
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/txt_db.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/ossl_typ.h>
-
-int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
-int app_RAND_write_file(const char *file, BIO *bio_e);
-/* When `file' is NULL, use defaults.
- * `bio_e' is for error messages. */
-void app_RAND_allow_write_file(void);
-long app_RAND_load_files(char *file); /* `file' is a list of files to read,
-                                       * separated by LIST_SEPARATOR_CHAR
-                                       * (see e_os.h).  The string is
-                                       * destroyed! */
-
-#ifdef OPENSSL_SYS_WIN32
-#define rename(from,to) WIN32_rename((from),(to))
-int WIN32_rename(char *oldname,char *newname);
-#endif
-
-/* VMS below version 7.0 doesn't have strcasecmp() */
-#ifdef OPENSSL_SYS_VMS
-#define strcasecmp(str1,str2) VMS_strcasecmp((str1),(str2))
-int VMS_strcasecmp(const char *str1, const char *str2);
-#endif
-
-#ifndef MONOLITH
-
-#define MAIN(a,v)	main(a,v)
-
-#ifndef NON_MAIN
-CONF *config=NULL;
-BIO *bio_err=NULL;
-#else
-extern CONF *config;
-extern BIO *bio_err;
-#endif
-
-#else
-
-#define MAIN(a,v)	PROG(a,v)
-extern CONF *config;
-extern char *default_config_file;
-extern BIO *bio_err;
-
-#endif
-
-#include <signal.h>
-
-#ifdef SIGPIPE
-#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
-#else
-#define do_pipe_sig()
-#endif
-
-#if defined(MONOLITH) && !defined(OPENSSL_C)
-#  define apps_startup() \
-		do_pipe_sig()
-#  define apps_shutdown()
-#else
-#  ifndef OPENSSL_NO_ENGINE
-#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
-     defined(OPENSSL_SYS_WIN32)
-#      ifdef _O_BINARY
-#        define apps_startup() \
-			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-#      else
-#        define apps_startup() \
-			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-#      endif
-#    else
-#      define apps_startup() \
-			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
-			ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
-			setup_ui_method(); } while(0)
-#    endif
-#    define apps_shutdown() \
-			do { CONF_modules_unload(1); destroy_ui_method(); \
-			EVP_cleanup(); ENGINE_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
-			ERR_free_strings(); } while(0)
-#  else
-#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
-     defined(OPENSSL_SYS_WIN32)
-#      ifdef _O_BINARY
-#        define apps_startup() \
-			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			setup_ui_method(); } while(0)
-#      else
-#        define apps_startup() \
-			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			setup_ui_method(); } while(0)
-#      endif
-#    else
-#      define apps_startup() \
-			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
-			ERR_load_crypto_strings(); \
-			setup_ui_method(); } while(0)
-#    endif
-#    define apps_shutdown() \
-			do { CONF_modules_unload(1); destroy_ui_method(); \
-			EVP_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
-			ERR_free_strings(); } while(0)
-#  endif
-#endif
-
-typedef struct args_st
-	{
-	char **data;
-	int count;
-	} ARGS;
-
-#define PW_MIN_LENGTH 4
-typedef struct pw_cb_data
-	{
-	const void *password;
-	const char *prompt_info;
-	} PW_CB_DATA;
-
-int password_callback(char *buf, int bufsiz, int verify,
-	PW_CB_DATA *cb_data);
-
-int setup_ui_method(void);
-void destroy_ui_method(void);
-
-int should_retry(int i);
-int args_from_file(char *file, int *argc, char **argv[]);
-int str2fmt(char *s);
-void program_name(char *in,char *out,int size);
-int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
-#ifdef HEADER_X509_H
-int dump_cert_text(BIO *out, X509 *x);
-void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags);
-#endif
-int set_cert_ex(unsigned long *flags, const char *arg);
-int set_name_ex(unsigned long *flags, const char *arg);
-int set_ext_copy(int *copy_type, const char *arg);
-int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
-int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
-int add_oid_section(BIO *err, CONF *conf);
-X509 *load_cert(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
-EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip);
-EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip);
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
-X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
-#ifndef OPENSSL_NO_ENGINE
-ENGINE *setup_engine(BIO *err, const char *engine, int debug);
-#endif
-
-int load_config(BIO *err, CONF *cnf);
-char *make_config_name(void);
-
-/* Functions defined in ca.c and also used in ocsp.c */
-int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
-			ASN1_GENERALIZEDTIME **pinvtm, char *str);
-int make_serial_index(TXT_DB *db);
-
-X509_NAME *do_subject(char *str, long chtype);
-
-#define FORMAT_UNDEF    0
-#define FORMAT_ASN1     1
-#define FORMAT_TEXT     2
-#define FORMAT_PEM      3
-#define FORMAT_NETSCAPE 4
-#define FORMAT_PKCS12   5
-#define FORMAT_SMIME    6
-#define FORMAT_ENGINE   7
-#define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
-				 * adding yet another param to load_*key() */
-
-#define EXT_COPY_NONE	0
-#define EXT_COPY_ADD	1
-#define EXT_COPY_ALL	2
-
-#define NETSCAPE_CERT_HDR	"certificate"
-
-#define APP_PASS_LEN	1024
-
-#endif
diff --git a/crypto/openssl/apps/asn1pars.c b/crypto/openssl/apps/asn1pars.c
deleted file mode 100644
index 83674154053a..000000000000
--- a/crypto/openssl/apps/asn1pars.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* apps/asn1pars.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
- * add the -strparse option which parses nested binary structures
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -in arg	- input file - default stdin
- * -i		- indent the details by depth
- * -offset	- where in the file to start
- * -length	- how many bytes to use
- * -oid file	- extra oid description file
- */
-
-#undef PROG
-#define PROG	asn1parse_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,badops=0,offset=0,ret=1,j;
-	unsigned int length=0;
-	long num,tmplen;
-	BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
-	int informat,indent=0, noout = 0, dump = 0;
-	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
-	unsigned char *tmpbuf;
-	BUF_MEM *buf=NULL;
-	STACK *osk=NULL;
-	ASN1_TYPE *at=NULL;
-
-	informat=FORMAT_PEM;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	if ((osk=sk_new_null()) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto end;
-		}
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			derfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-i") == 0)
-			{
-			indent=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0) noout = 1;
-		else if (strcmp(*argv,"-oid") == 0)
-			{
-			if (--argc < 1) goto bad;
-			oidfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-offset") == 0)
-			{
-			if (--argc < 1) goto bad;
-			offset= atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-length") == 0)
-			{
-			if (--argc < 1) goto bad;
-			length= atoi(*(++argv));
-			if (length == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-dump") == 0)
-			{
-			dump= -1;
-			}
-		else if (strcmp(*argv,"-dlimit") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dump= atoi(*(++argv));
-			if (dump <= 0) goto bad;
-			}
-		else if (strcmp(*argv,"-strparse") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sk_push(osk,*(++argv));
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file (output format is always DER\n");
-		BIO_printf(bio_err," -noout arg    don't produce any output\n");
-		BIO_printf(bio_err," -offset arg   offset into file\n");
-		BIO_printf(bio_err," -length arg   length of section in file\n");
-		BIO_printf(bio_err," -i            indent entries\n");
-		BIO_printf(bio_err," -dump         dump unknown data in hex form\n");
-		BIO_printf(bio_err," -dlimit arg   dump the first arg bytes of unknown data in hex form\n");
-		BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
-		BIO_printf(bio_err," -strparse offset\n");
-		BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
-		BIO_printf(bio_err,"               ASN1 blob wrappings\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	out = BIO_push(tmpbio, out);
-	}
-#endif
-
-	if (oidfile != NULL)
-		{
-		if (BIO_read_filename(in,oidfile) <= 0)
-			{
-			BIO_printf(bio_err,"problems opening %s\n",oidfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		OBJ_create_objects(in);
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	if (derfile) {
-		if(!(derout = BIO_new_file(derfile, "wb"))) {
-			BIO_printf(bio_err,"problems opening %s\n",derfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
-	if ((buf=BUF_MEM_new()) == NULL) goto end;
-	if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
-
-	if (informat == FORMAT_PEM)
-		{
-		BIO *tmp;
-
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		BIO_push(b64,in);
-		tmp=in;
-		in=b64;
-		b64=tmp;
-		}
-
-	num=0;
-	for (;;)
-		{
-		if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
-		i=BIO_read(in,&(buf->data[num]),BUFSIZ);
-		if (i <= 0) break;
-		num+=i;
-		}
-	str=buf->data;
-
-	/* If any structs to parse go through in sequence */
-
-	if (sk_num(osk))
-		{
-		tmpbuf=(unsigned char *)str;
-		tmplen=num;
-		for (i=0; i<sk_num(osk); i++)
-			{
-			ASN1_TYPE *atmp;
-			j=atoi(sk_value(osk,i));
-			if (j == 0)
-				{
-				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
-				continue;
-				}
-			tmpbuf+=j;
-			tmplen-=j;
-			atmp = at;
-			at = d2i_ASN1_TYPE(NULL,&tmpbuf,tmplen);
-			ASN1_TYPE_free(atmp);
-			if(!at)
-				{
-				BIO_printf(bio_err,"Error parsing structure\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			/* hmm... this is a little evil but it works */
-			tmpbuf=at->value.asn1_string->data;
-			tmplen=at->value.asn1_string->length;
-			}
-		str=(char *)tmpbuf;
-		num=tmplen;
-		}
-
-	if (length == 0) length=(unsigned int)num;
-	if(derout) {
-		if(BIO_write(derout, str + offset, length) != (int)length) {
-			BIO_printf(bio_err, "Error writing output\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-	if (!noout &&
-	    !ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
-		    indent,dump))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	BIO_free(derout);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (b64 != NULL) BIO_free(b64);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (buf != NULL) BUF_MEM_free(buf);
-	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_free(osk);
-	OBJ_cleanup();
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
diff --git a/crypto/openssl/apps/ca-cert.srl b/crypto/openssl/apps/ca-cert.srl
deleted file mode 100644
index 2c7456e3eb66..000000000000
--- a/crypto/openssl/apps/ca-cert.srl
+++ /dev/null
@@ -1 +0,0 @@
-07
diff --git a/crypto/openssl/apps/ca-key.pem b/crypto/openssl/apps/ca-key.pem
deleted file mode 100644
index 3a520b238f5b..000000000000
--- a/crypto/openssl/apps/ca-key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/ca-req.pem b/crypto/openssl/apps/ca-req.pem
deleted file mode 100644
index 77bf7ec308b5..000000000000
--- a/crypto/openssl/apps/ca-req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
-MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
-bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
-FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
-cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
-cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
-5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
-kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/ca.c b/crypto/openssl/apps/ca.c
deleted file mode 100644
index 1d4e4aa7d3db..000000000000
--- a/crypto/openssl/apps/ca.c
+++ /dev/null
@@ -1,3337 +0,0 @@
-/* apps/ca.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <openssl/conf.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/txt_db.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-
-#ifdef OPENSSL_SYS_WINDOWS
-#define strcasecmp _stricmp
-#else
-#  ifdef NO_STRINGS_H
-    int	strcasecmp();
-#  else
-#    include <strings.h>
-#  endif /* NO_STRINGS_H */
-#endif
-
-#ifndef W_OK
-#  ifdef OPENSSL_SYS_VMS
-#    if defined(__DECC)
-#      include <unistd.h>
-#    else
-#      include <unixlib.h>
-#    endif
-#  elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS)
-#    include <sys/file.h>
-#  endif
-#endif
-
-#include "apps.h"
-
-#ifndef W_OK
-#  define F_OK 0
-#  define X_OK 1
-#  define W_OK 2
-#  define R_OK 4
-#endif
-
-#undef PROG
-#define PROG ca_main
-
-#define BASE_SECTION	"ca"
-#define CONFIG_FILE "openssl.cnf"
-
-#define ENV_DEFAULT_CA		"default_ca"
-
-#define ENV_DIR			"dir"
-#define ENV_CERTS		"certs"
-#define ENV_CRL_DIR		"crl_dir"
-#define ENV_CA_DB		"CA_DB"
-#define ENV_NEW_CERTS_DIR	"new_certs_dir"
-#define ENV_CERTIFICATE 	"certificate"
-#define ENV_SERIAL		"serial"
-#define ENV_CRL			"crl"
-#define ENV_PRIVATE_KEY		"private_key"
-#define ENV_RANDFILE		"RANDFILE"
-#define ENV_DEFAULT_DAYS 	"default_days"
-#define ENV_DEFAULT_STARTDATE 	"default_startdate"
-#define ENV_DEFAULT_ENDDATE 	"default_enddate"
-#define ENV_DEFAULT_CRL_DAYS 	"default_crl_days"
-#define ENV_DEFAULT_CRL_HOURS 	"default_crl_hours"
-#define ENV_DEFAULT_MD		"default_md"
-#define ENV_DEFAULT_EMAIL_DN	"email_in_dn"
-#define ENV_PRESERVE		"preserve"
-#define ENV_POLICY      	"policy"
-#define ENV_EXTENSIONS      	"x509_extensions"
-#define ENV_CRLEXT      	"crl_extensions"
-#define ENV_MSIE_HACK		"msie_hack"
-#define ENV_NAMEOPT		"name_opt"
-#define ENV_CERTOPT		"cert_opt"
-#define ENV_EXTCOPY		"copy_extensions"
-
-#define ENV_DATABASE		"database"
-
-#define DB_type         0
-#define DB_exp_date     1
-#define DB_rev_date     2
-#define DB_serial       3       /* index - unique */
-#define DB_file         4       
-#define DB_name         5       /* index - unique for active */
-#define DB_NUMBER       6
-
-#define DB_TYPE_REV	'R'
-#define DB_TYPE_EXP	'E'
-#define DB_TYPE_VAL	'V'
-
-/* Additional revocation information types */
-
-#define REV_NONE		0	/* No addditional information */
-#define REV_CRL_REASON		1	/* Value is CRL reason code */
-#define REV_HOLD		2	/* Value is hold instruction */
-#define REV_KEY_COMPROMISE	3	/* Value is cert key compromise time */
-#define REV_CA_COMPROMISE	4	/* Value is CA key compromise time */
-
-static char *ca_usage[]={
-"usage: ca args\n",
-"\n",
-" -verbose        - Talk alot while doing things\n",
-" -config file    - A config file\n",
-" -name arg       - The particular CA definition to use\n",
-" -gencrl         - Generate a new CRL\n",
-" -crldays days   - Days is when the next CRL is due\n",
-" -crlhours hours - Hours is when the next CRL is due\n",
-" -startdate YYMMDDHHMMSSZ  - certificate validity notBefore\n",
-" -enddate YYMMDDHHMMSSZ    - certificate validity notAfter (overrides -days)\n",
-" -days arg       - number of days to certify the certificate for\n",
-" -md arg         - md to use, one of md2, md5, sha or sha1\n",
-" -policy arg     - The CA 'policy' to support\n",
-" -keyfile arg    - private key file\n",
-" -keyform arg    - private key file format (PEM or ENGINE)\n",
-" -key arg        - key to decode the private key if it is encrypted\n",
-" -cert file      - The CA certificate\n",
-" -in file        - The input PEM encoded certificate request(s)\n",
-" -out file       - Where to put the output file(s)\n",
-" -outdir dir     - Where to put output certificates\n",
-" -infiles ....   - The last argument, requests to process\n",
-" -spkac file     - File contains DN and signed public key and challenge\n",
-" -ss_cert file   - File contains a self signed cert to sign\n",
-" -preserveDN     - Don't re-order the DN\n",
-" -noemailDN      - Don't add the EMAIL field into certificate' subject\n",
-" -batch          - Don't ask questions\n",
-" -msie_hack      - msie modifications to handle all those universal strings\n",
-" -revoke file    - Revoke a certificate (given in file)\n",
-" -subj arg       - Use arg instead of request's subject\n",
-" -extensions ..  - Extension section (override value in config file)\n",
-" -extfile file   - Configuration file with X509v3 extentions to add\n",
-" -crlexts ..     - CRL extension section (override value in config file)\n",
-#ifndef OPENSSL_NO_ENGINE
-" -engine e       - use engine e, possibly a hardware device.\n",
-#endif
-" -status serial  - Shows certificate status given the serial number\n",
-" -updatedb       - Updates db for expired certificates\n",
-NULL
-};
-
-#ifdef EFENCE
-extern int EF_PROTECT_FREE;
-extern int EF_PROTECT_BELOW;
-extern int EF_ALIGNMENT;
-#endif
-
-static void lookup_fail(char *name,char *tag);
-static unsigned long index_serial_hash(const char **a);
-static int index_serial_cmp(const char **a, const char **b);
-static unsigned long index_name_hash(const char **a);
-static int index_name_qual(char **a);
-static int index_name_cmp(const char **a,const char **b);
-static BIGNUM *load_serial(char *serialfile);
-static int save_serial(char *serialfile, BIGNUM *serial);
-static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-		   const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,TXT_DB *db,
-		   BIGNUM *serial, char *subj, int email_dn, char *startdate,
-		   char *enddate, long days, int batch, char *ext_sect, CONF *conf,
-		   int verbose, unsigned long certopt, unsigned long nameopt,
-		   int default_op, int ext_copy);
-static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-			const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			TXT_DB *db, BIGNUM *serial, char *subj, int email_dn,
-			char *startdate, char *enddate, long days, int batch,
-			char *ext_sect, CONF *conf,int verbose, unsigned long certopt,
-			unsigned long nameopt, int default_op, int ext_copy,
-			ENGINE *e);
-static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-			 const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			 TXT_DB *db, BIGNUM *serial,char *subj, int email_dn,
-			 char *startdate, char *enddate, long days, char *ext_sect,
-			 CONF *conf, int verbose, unsigned long certopt, 
-			 unsigned long nameopt, int default_op, int ext_copy);
-static int fix_data(int nid, int *type);
-static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
-static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
-	STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial,char *subj,
-	int email_dn, char *startdate, char *enddate, long days, int batch,
-       	int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
-	unsigned long certopt, unsigned long nameopt, int default_op,
-	int ext_copy);
-static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
-static int get_certificate_status(const char *ser_status, TXT_DB *db);
-static int do_updatedb(TXT_DB *db);
-static int check_time_format(char *str);
-char *make_revocation_str(int rev_type, char *rev_arg);
-int make_revoked(X509_REVOKED *rev, char *str);
-int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str);
-static CONF *conf=NULL;
-static CONF *extconf=NULL;
-static char *section=NULL;
-
-static int preserve=0;
-static int msie_hack=0;
-
-static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
-static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
-
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char *key=NULL,*passargin=NULL;
-	int free_key = 0;
-	int total=0;
-	int total_done=0;
-	int badops=0;
-	int ret=1;
-	int email_dn=1;
-	int req=0;
-	int verbose=0;
-	int gencrl=0;
-	int dorevoke=0;
-	int doupdatedb=0;
-	long crldays=0;
-	long crlhours=0;
-	long errorline= -1;
-	char *configfile=NULL;
-	char *md=NULL;
-	char *policy=NULL;
-	char *keyfile=NULL;
-	char *certfile=NULL;
-	int keyform=FORMAT_PEM;
-	char *infile=NULL;
-	char *spkac_file=NULL;
-	char *ss_cert_file=NULL;
-	char *ser_status=NULL;
-	EVP_PKEY *pkey=NULL;
-	int output_der = 0;
-	char *outfile=NULL;
-	char *outdir=NULL;
-	char *serialfile=NULL;
-	char *extensions=NULL;
-	char *extfile=NULL;
-	char *subj=NULL;
-	char *tmp_email_dn=NULL;
-	char *crl_ext=NULL;
-	int rev_type = REV_NONE;
-	char *rev_arg = NULL;
-	BIGNUM *serial=NULL;
-	char *startdate=NULL;
-	char *enddate=NULL;
-	long days=0;
-	int batch=0;
-	int notext=0;
-	unsigned long nameopt = 0, certopt = 0;
-	int default_op = 1;
-	int ext_copy = EXT_COPY_NONE;
-	X509 *x509=NULL;
-	X509 *x=NULL;
-	BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
-	char *dbfile=NULL;
-	TXT_DB *db=NULL;
-	X509_CRL *crl=NULL;
-	X509_REVOKED *r=NULL;
-	ASN1_TIME *tmptm;
-	ASN1_INTEGER *tmpser;
-	char **pp,*p,*f;
-	int i,j;
-	long l;
-	const EVP_MD *dgst=NULL;
-	STACK_OF(CONF_VALUE) *attribs=NULL;
-	STACK_OF(X509) *cert_sk=NULL;
-#undef BSIZE
-#define BSIZE 256
-	MS_STATIC char buf[3][BSIZE];
-	char *randfile=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-	char *tofree=NULL;
-
-#ifdef EFENCE
-EF_PROTECT_FREE=1;
-EF_PROTECT_BELOW=1;
-EF_ALIGNMENT=0;
-#endif
-
-	apps_startup();
-
-	conf = NULL;
-	key = NULL;
-	section = NULL;
-
-	preserve=0;
-	msie_hack=0;
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-verbose") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-config") == 0)
-			{
-			if (--argc < 1) goto bad;
-			configfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-name") == 0)
-			{
-			if (--argc < 1) goto bad;
-			section= *(++argv);
-			}
-		else if (strcmp(*argv,"-subj") == 0)
-			{
-			if (--argc < 1) goto bad;
-			subj= *(++argv);
-			/* preserve=1; */
-			}
-		else if (strcmp(*argv,"-startdate") == 0)
-			{
-			if (--argc < 1) goto bad;
-			startdate= *(++argv);
-			}
-		else if (strcmp(*argv,"-enddate") == 0)
-			{
-			if (--argc < 1) goto bad;
-			enddate= *(++argv);
-			}
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days=atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-md") == 0)
-			{
-			if (--argc < 1) goto bad;
-			md= *(++argv);
-			}
-		else if (strcmp(*argv,"-policy") == 0)
-			{
-			if (--argc < 1) goto bad;
-			policy= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key= *(++argv);
-			}
-		else if (strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			certfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-outdir") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outdir= *(++argv);
-			}
-		else if (strcmp(*argv,"-notext") == 0)
-			notext=1;
-		else if (strcmp(*argv,"-batch") == 0)
-			batch=1;
-		else if (strcmp(*argv,"-preserveDN") == 0)
-			preserve=1;
-		else if (strcmp(*argv,"-noemailDN") == 0)
-			email_dn=0;
-		else if (strcmp(*argv,"-gencrl") == 0)
-			gencrl=1;
-		else if (strcmp(*argv,"-msie_hack") == 0)
-			msie_hack=1;
-		else if (strcmp(*argv,"-crldays") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crldays= atol(*(++argv));
-			}
-		else if (strcmp(*argv,"-crlhours") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crlhours= atol(*(++argv));
-			}
-		else if (strcmp(*argv,"-infiles") == 0)
-			{
-			argc--;
-			argv++;
-			req=1;
-			break;
-			}
-		else if (strcmp(*argv, "-ss_cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ss_cert_file = *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv, "-spkac") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spkac_file = *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv,"-revoke") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			dorevoke=1;
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extensions= *(++argv);
-			}
-		else if (strcmp(*argv,"-extfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-status") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ser_status= *(++argv);
-			}
-		else if (strcmp(*argv,"-updatedb") == 0)
-			{
-			doupdatedb=1;
-			}
-		else if (strcmp(*argv,"-crlexts") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crl_ext= *(++argv);
-			}
-		else if (strcmp(*argv,"-crl_reason") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_CRL_REASON;
-			}
-		else if (strcmp(*argv,"-crl_hold") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_HOLD;
-			}
-		else if (strcmp(*argv,"-crl_compromise") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_KEY_COMPROMISE;
-			}
-		else if (strcmp(*argv,"-crl_CA_compromise") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_CA_COMPROMISE;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else
-			{
-bad:
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-		for (pp=ca_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto err;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-	e = setup_engine(bio_err, engine, 0);
-#endif
-
-	/*****************************************************************/
-	tofree=NULL;
-	if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
-	if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
-	if (configfile == NULL)
-		{
-		const char *s=X509_get_default_cert_area();
-
-#ifdef OPENSSL_SYS_VMS
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
-		strcpy(tofree,s);
-#else
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
-		strcpy(tofree,s);
-		strcat(tofree,"/");
-#endif
-		strcat(tofree,CONFIG_FILE);
-		configfile=tofree;
-		}
-
-	BIO_printf(bio_err,"Using configuration from %s\n",configfile);
-	conf = NCONF_new(NULL);
-	if (NCONF_load(conf,configfile,&errorline) <= 0)
-		{
-		if (errorline <= 0)
-			BIO_printf(bio_err,"error loading the config file '%s'\n",
-				configfile);
-		else
-			BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
-				,errorline,configfile);
-		goto err;
-		}
-	if(tofree)
-		{
-		OPENSSL_free(tofree);
-		tofree = NULL;
-		}
-
-	if (!load_config(bio_err, conf))
-		goto err;
-
-	/* Lets get the config section we are using */
-	if (section == NULL)
-		{
-		section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA);
-		if (section == NULL)
-			{
-			lookup_fail(BASE_SECTION,ENV_DEFAULT_CA);
-			goto err;
-			}
-		}
-
-	if (conf != NULL)
-		{
-		p=NCONF_get_string(conf,NULL,"oid_file");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			BIO *oid_bio;
-
-			oid_bio=BIO_new_file(p,"r");
-			if (oid_bio == NULL) 
-				{
-				/*
-				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
-				ERR_print_errors(bio_err);
-				*/
-				ERR_clear_error();
-				}
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free(oid_bio);
-				}
-			}
-		if (!add_oid_section(bio_err,conf)) 
-			{
-			ERR_print_errors(bio_err);
-			goto err;
-			}
-		}
-
-	randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
-	if (randfile == NULL)
-		ERR_clear_error();
-	app_RAND_load_file(randfile, bio_err, 0);
-	
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	Sout=BIO_new(BIO_s_file());
-	Cout=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/*****************************************************************/
-	/* report status of cert with serial number given on command line */
-	if (ser_status)
-	{
-		if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
-			{
-			lookup_fail(section,ENV_DATABASE);
-			goto err;
-			}
-		if (BIO_read_filename(in,dbfile) <= 0)
-			{
-			perror(dbfile);
-			BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
-			goto err;
-			}
-		db=TXT_DB_read(in,DB_NUMBER);
-		if (db == NULL) goto err;
-
-		if (!make_serial_index(db))
-			goto err;
-
-		if (get_certificate_status(ser_status,db) != 1)
-			BIO_printf(bio_err,"Error verifying serial %s!\n",
-				 ser_status);
-		goto err;
-	}
-
-	/*****************************************************************/
-	/* we definitely need a public key, so let's get it */
-
-	if ((keyfile == NULL) && ((keyfile=NCONF_get_string(conf,
-		section,ENV_PRIVATE_KEY)) == NULL))
-		{
-		lookup_fail(section,ENV_PRIVATE_KEY);
-		goto err;
-		}
-	if (!key)
-		{
-		free_key = 1;
-		if (!app_passwd(bio_err, passargin, NULL, &key, NULL))
-			{
-			BIO_printf(bio_err,"Error getting password\n");
-			goto err;
-			}
-		}
-	pkey = load_key(bio_err, keyfile, keyform, 0, key, e, 
-		"CA private key");
-	if (key) OPENSSL_cleanse(key,strlen(key));
-	if (pkey == NULL)
-		{
-		/* load_key() has already printed an appropriate message */
-		goto err;
-		}
-
-	/*****************************************************************/
-	/* we need a certificate */
-	if ((certfile == NULL) && ((certfile=NCONF_get_string(conf,
-		section,ENV_CERTIFICATE)) == NULL))
-		{
-		lookup_fail(section,ENV_CERTIFICATE);
-		goto err;
-		}
-	x509=load_cert(bio_err, certfile, FORMAT_PEM, NULL, e,
-		"CA certificate");
-	if (x509 == NULL)
-		goto err;
-
-	if (!X509_check_private_key(x509,pkey))
-		{
-		BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
-		goto err;
-		}
-
-	f=NCONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
-	if (f == NULL)
-		ERR_clear_error();
-	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
-		preserve=1;
-	f=NCONF_get_string(conf,BASE_SECTION,ENV_MSIE_HACK);
-	if (f == NULL)
-		ERR_clear_error();
-	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
-		msie_hack=1;
-
-	f=NCONF_get_string(conf,section,ENV_NAMEOPT);
-
-	if (f)
-		{
-		if (!set_name_ex(&nameopt, f))
-			{
-			BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f);
-			goto err;
-			}
-		default_op = 0;
-		}
-	else
-		ERR_clear_error();
-
-	f=NCONF_get_string(conf,section,ENV_CERTOPT);
-
-	if (f)
-		{
-		if (!set_cert_ex(&certopt, f))
-			{
-			BIO_printf(bio_err, "Invalid certificate options: \"%s\"\n", f);
-			goto err;
-			}
-		default_op = 0;
-		}
-	else
-		ERR_clear_error();
-
-	f=NCONF_get_string(conf,section,ENV_EXTCOPY);
-
-	if (f)
-		{
-		if (!set_ext_copy(&ext_copy, f))
-			{
-			BIO_printf(bio_err, "Invalid extension copy option: \"%s\"\n", f);
-			goto err;
-			}
-		}
-	else
-		ERR_clear_error();
-
-	/*****************************************************************/
-	/* lookup where to write new certificates */
-	if ((outdir == NULL) && (req))
-		{
-		struct stat sb;
-
-		if ((outdir=NCONF_get_string(conf,section,ENV_NEW_CERTS_DIR))
-			== NULL)
-			{
-			BIO_printf(bio_err,"there needs to be defined a directory for new certificate to be placed in\n");
-			goto err;
-			}
-#ifndef OPENSSL_SYS_VMS
-	    /* outdir is a directory spec, but access() for VMS demands a
-	       filename.  In any case, stat(), below, will catch the problem
-	       if outdir is not a directory spec, and the fopen() or open()
-	       will catch an error if there is no write access.
-
-	       Presumably, this problem could also be solved by using the DEC
-	       C routines to convert the directory syntax to Unixly, and give
-	       that to access().  However, time's too short to do that just
-	       now.
-	    */
-		if (access(outdir,R_OK|W_OK|X_OK) != 0)
-			{
-			BIO_printf(bio_err,"I am unable to access the %s directory\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-
-		if (stat(outdir,&sb) != 0)
-			{
-			BIO_printf(bio_err,"unable to stat(%s)\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-#ifdef S_IFDIR
-		if (!(sb.st_mode & S_IFDIR))
-			{
-			BIO_printf(bio_err,"%s need to be a directory\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-#endif
-#endif
-		}
-
-	/*****************************************************************/
-	/* we need to load the database file */
-	if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
-		{
-		lookup_fail(section,ENV_DATABASE);
-		goto err;
-		}
-	if (BIO_read_filename(in,dbfile) <= 0)
-		{
-		perror(dbfile);
-		BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
-		goto err;
-		}
-	db=TXT_DB_read(in,DB_NUMBER);
-	if (db == NULL) goto err;
-
-	/* Lets check some fields */
-	for (i=0; i<sk_num(db->data); i++)
-		{
-		pp=(char **)sk_value(db->data,i);
-		if ((pp[DB_type][0] != DB_TYPE_REV) &&
-			(pp[DB_rev_date][0] != '\0'))
-			{
-			BIO_printf(bio_err,"entry %d: not revoked yet, but has a revocation date\n",i+1);
-			goto err;
-			}
-		if ((pp[DB_type][0] == DB_TYPE_REV) &&
-			!make_revoked(NULL, pp[DB_rev_date]))
-			{
-			BIO_printf(bio_err," in entry %d\n", i+1);
-			goto err;
-			}
-		if (!check_time_format(pp[DB_exp_date]))
-			{
-			BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1);
-			goto err;
-			}
-		p=pp[DB_serial];
-		j=strlen(p);
-		if (*p == '-')
-			{
-			p++;
-			j--;
-			}
-		if ((j&1) || (j < 2))
-			{
-			BIO_printf(bio_err,"entry %d: bad serial number length (%d)\n",i+1,j);
-			goto err;
-			}
-		while (*p)
-			{
-			if (!(	((*p >= '0') && (*p <= '9')) ||
-				((*p >= 'A') && (*p <= 'F')) ||
-				((*p >= 'a') && (*p <= 'f')))  )
-				{
-				BIO_printf(bio_err,"entry %d: bad serial number characters, char pos %ld, char is '%c'\n",i+1,(long)(p-pp[DB_serial]),*p);
-				goto err;
-				}
-			p++;
-			}
-		}
-	if (verbose)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		TXT_DB_write(out,db);
-		BIO_printf(bio_err,"%d entries loaded from the database\n",
-			db->data->num);
-		BIO_printf(bio_err,"generating index\n");
-		}
-	
-	if (!make_serial_index(db))
-		goto err;
-
-	if (!TXT_DB_create_index(db, DB_name, index_name_qual,
-			LHASH_HASH_FN(index_name_hash),
-			LHASH_COMP_FN(index_name_cmp)))
-		{
-		BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
-			db->error,db->arg1,db->arg2);
-		goto err;
-		}
-
-	/*****************************************************************/
-	/* Update the db file for expired certificates */
-	if (doupdatedb)
-		{
-		if (verbose)
-			BIO_printf(bio_err, "Updating %s ...\n",
-							dbfile);
-
-		i = do_updatedb(db);
-		if (i == -1)
-			{
-			BIO_printf(bio_err,"Malloc failure\n");
-			goto err;
-			}
-		else if (i == 0)
-			{
-			if (verbose) BIO_printf(bio_err,
-					"No entries found to mark expired\n"); 
-			}
-	    	else
-			{
-			out = BIO_new(BIO_s_file());
-			if (out == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto err;
-				}
-
-#ifndef OPENSSL_SYS_VMS
-			j = BIO_snprintf(buf[0], sizeof buf[0], "%s.new", dbfile);
-#else
-			j = BIO_snprintf(buf[0], sizeof buf[0], "%s-new", dbfile);
-#endif
-			if (j < 0 || j >= sizeof buf[0])
-				{
-				BIO_printf(bio_err, "file name too long\n");
-				goto err;
-				}
-			if (BIO_write_filename(out,buf[0]) <= 0)
-		  		{
-		    		perror(dbfile);
-		    		BIO_printf(bio_err,"unable to open '%s'\n",
-									dbfile);
-		    		goto err;
-		  		}
-			j=TXT_DB_write(out,db);
-			if (j <= 0) goto err;
-			
-			BIO_free(out);
-			out = NULL;
-#ifndef OPENSSL_SYS_VMS
-			j = BIO_snprintf(buf[1], sizeof buf[1], "%s.old", dbfile);
-#else
-			j = BIO_snprintf(buf[1], sizeof buf[1], "%s-old", dbfile);
-#endif
-			if (j < 0 || j >= sizeof buf[1])
-				{
-				BIO_printf(bio_err, "file name too long\n");
-				goto err;
-				}
-			if (rename(dbfile,buf[1]) < 0)
-		  		{
-		    		BIO_printf(bio_err,
-						"unable to rename %s to %s\n",
-						dbfile, buf[1]);
-		    		perror("reason");
-		    		goto err;
-		  		}
-			if (rename(buf[0],dbfile) < 0)
-				{
-		    		BIO_printf(bio_err,
-						"unable to rename %s to %s\n",
-						buf[0],dbfile);
-		    		perror("reason");
-		    		rename(buf[1],dbfile);
-		    		goto err;
-		  		}
-				
-			if (verbose) BIO_printf(bio_err,
-				"Done. %d entries marked as expired\n",i); 
-	      		}
-			goto err;
-	  	}
-
- 	/*****************************************************************/
-	/* Read extentions config file                                   */
-	if (extfile)
-		{
-		extconf = NCONF_new(NULL);
-		if (NCONF_load(extconf,extfile,&errorline) <= 0)
-			{
-			if (errorline <= 0)
-				BIO_printf(bio_err, "ERROR: loading the config file '%s'\n",
-					extfile);
-			else
-				BIO_printf(bio_err, "ERROR: on line %ld of config file '%s'\n",
-					errorline,extfile);
-			ret = 1;
-			goto err;
-			}
-
-		if (verbose)
-			BIO_printf(bio_err, "Successfully loaded extensions file %s\n", extfile);
-
-		/* We can have sections in the ext file */
-		if (!extensions && !(extensions = NCONF_get_string(extconf, "default", "extensions")))
-			extensions = "default";
-		}
-
-	/*****************************************************************/
-	if (req || gencrl)
-		{
-		if (outfile != NULL)
-			{
-			if (BIO_write_filename(Sout,outfile) <= 0)
-				{
-				perror(outfile);
-				goto err;
-				}
-			}
-		else
-			{
-			BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			Sout = BIO_push(tmpbio, Sout);
-			}
-#endif
-			}
-		}
-
-	if (req)
-		{
-		if ((md == NULL) && ((md=NCONF_get_string(conf,
-			section,ENV_DEFAULT_MD)) == NULL))
-			{
-			lookup_fail(section,ENV_DEFAULT_MD);
-			goto err;
-			}
-		if ((email_dn == 1) && ((tmp_email_dn=NCONF_get_string(conf,
-			section,ENV_DEFAULT_EMAIL_DN)) != NULL ))
-			{
-			if(strcmp(tmp_email_dn,"no") == 0)
-				email_dn=0;
-			}
-		if ((dgst=EVP_get_digestbyname(md)) == NULL)
-			{
-			BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
-			goto err;
-			}
-		if (verbose)
-			BIO_printf(bio_err,"message digest is %s\n",
-				OBJ_nid2ln(dgst->type));
-		if ((policy == NULL) && ((policy=NCONF_get_string(conf,
-			section,ENV_POLICY)) == NULL))
-			{
-			lookup_fail(section,ENV_POLICY);
-			goto err;
-			}
-		if (verbose)
-			BIO_printf(bio_err,"policy is %s\n",policy);
-
-		if ((serialfile=NCONF_get_string(conf,section,ENV_SERIAL))
-			== NULL)
-			{
-			lookup_fail(section,ENV_SERIAL);
-			goto err;
-			}
-
-		if (!extconf)
-			{
-			/* no '-extfile' option, so we look for extensions
-			 * in the main configuration file */
-			if (!extensions)
-				{
-				extensions=NCONF_get_string(conf,section,
-								ENV_EXTENSIONS);
-				if (!extensions)
-					ERR_clear_error();
-				}
-			if (extensions)
-				{
-				/* Check syntax of file */
-				X509V3_CTX ctx;
-				X509V3_set_ctx_test(&ctx);
-				X509V3_set_nconf(&ctx, conf);
-				if (!X509V3_EXT_add_nconf(conf, &ctx, extensions,
-								NULL))
-					{
-					BIO_printf(bio_err,
-				 	"Error Loading extension section %s\n",
-								 extensions);
-					ret = 1;
-					goto err;
-					}
-				}
-			}
-
-		if (startdate == NULL)
-			{
-			startdate=NCONF_get_string(conf,section,
-				ENV_DEFAULT_STARTDATE);
-			if (startdate == NULL)
-				ERR_clear_error();
-			}
-		if (startdate && !ASN1_UTCTIME_set_string(NULL,startdate))
-			{
-			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ\n");
-			goto err;
-			}
-		if (startdate == NULL) startdate="today";
-
-		if (enddate == NULL)
-			{
-			enddate=NCONF_get_string(conf,section,
-				ENV_DEFAULT_ENDDATE);
-			if (enddate == NULL)
-				ERR_clear_error();
-			}
-		if (enddate && !ASN1_UTCTIME_set_string(NULL,enddate))
-			{
-			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ\n");
-			goto err;
-			}
-
-		if (days == 0)
-			{
-			if(!NCONF_get_number(conf,section, ENV_DEFAULT_DAYS, &days))
-				days = 0;
-			}
-		if (!enddate && (days == 0))
-			{
-			BIO_printf(bio_err,"cannot lookup how many days to certify for\n");
-			goto err;
-			}
-
-		if ((serial=load_serial(serialfile)) == NULL)
-			{
-			BIO_printf(bio_err,"error while loading serial number\n");
-			goto err;
-			}
-		if (verbose)
-			{
-			if (BN_is_zero(serial))
-				BIO_printf(bio_err,"next serial number is 00\n");
-			else
-				{
-				if ((f=BN_bn2hex(serial)) == NULL) goto err;
-				BIO_printf(bio_err,"next serial number is %s\n",f);
-				OPENSSL_free(f);
-				}
-			}
-
-		if ((attribs=NCONF_get_section(conf,policy)) == NULL)
-			{
-			BIO_printf(bio_err,"unable to find 'section' for %s\n",policy);
-			goto err;
-			}
-
-		if ((cert_sk=sk_X509_new_null()) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		if (spkac_file != NULL)
-			{
-			total++;
-			j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
-				serial,subj,email_dn,startdate,enddate,days,extensions,
-				conf,verbose,certopt,nameopt,default_op,ext_copy);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				if (outfile)
-					{
-					output_der = 1;
-					batch = 1;
-					}
-				}
-			}
-		if (ss_cert_file != NULL)
-			{
-			total++;
-			j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
-				db,serial,subj,email_dn,startdate,enddate,days,batch,
-				extensions,conf,verbose, certopt, nameopt,
-				default_op, ext_copy, e);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}
-		if (infile != NULL)
-			{
-			total++;
-			j=certify(&x,infile,pkey,x509,dgst,attribs,db,
-				serial,subj,email_dn,startdate,enddate,days,batch,
-				extensions,conf,verbose, certopt, nameopt,
-				default_op, ext_copy);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}
-		for (i=0; i<argc; i++)
-			{
-			total++;
-			j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
-				serial,subj,email_dn,startdate,enddate,days,batch,
-				extensions,conf,verbose, certopt, nameopt,
-				default_op, ext_copy);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}	
-		/* we have a stack of newly certified certificates
-		 * and a data base and serial number that need
-		 * updating */
-
-		if (sk_X509_num(cert_sk) > 0)
-			{
-			if (!batch)
-				{
-				BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
-				(void)BIO_flush(bio_err);
-				buf[0][0]='\0';
-				fgets(buf[0],10,stdin);
-				if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
-					{
-					BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); 
-					ret=0;
-					goto err;
-					}
-				}
-
-			BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
-
-			if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5)
-				{
-				BIO_printf(bio_err,"file name too long\n");
-				goto err;
-				}
-
-			strcpy(buf[0],serialfile);
-
-#ifdef OPENSSL_SYS_VMS
-			strcat(buf[0],"-new");
-#else
-			strcat(buf[0],".new");
-#endif
-
-			if (!save_serial(buf[0],serial)) goto err;
-
-			strcpy(buf[1],dbfile);
-
-#ifdef OPENSSL_SYS_VMS
-			strcat(buf[1],"-new");
-#else
-			strcat(buf[1],".new");
-#endif
-
-			if (BIO_write_filename(out,buf[1]) <= 0)
-				{
-				perror(dbfile);
-				BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
-				goto err;
-				}
-			l=TXT_DB_write(out,db);
-			if (l <= 0) goto err;
-			}
-	
-		if (verbose)
-			BIO_printf(bio_err,"writing new certificates\n");
-		for (i=0; i<sk_X509_num(cert_sk); i++)
-			{
-			int k;
-			unsigned char *n;
-
-			x=sk_X509_value(cert_sk,i);
-
-			j=x->cert_info->serialNumber->length;
-			p=(char *)x->cert_info->serialNumber->data;
-			
-			if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8))
-				{
-				BIO_printf(bio_err,"certificate file name too long\n");
-				goto err;
-				}
-
-			strcpy(buf[2],outdir);
-
-#ifndef OPENSSL_SYS_VMS
-			strcat(buf[2],"/");
-#endif
-
-			n=(unsigned char *)&(buf[2][strlen(buf[2])]);
-			if (j > 0)
-				{
-				for (k=0; k<j; k++)
-					{
-					sprintf((char *)n,"%02X",(unsigned char)*(p++));
-					n+=2;
-					}
-				}
-			else
-				{
-				*(n++)='0';
-				*(n++)='0';
-				}
-			*(n++)='.'; *(n++)='p'; *(n++)='e'; *(n++)='m';
-			*n='\0';
-			if (verbose)
-				BIO_printf(bio_err,"writing %s\n",buf[2]);
-
-			if (BIO_write_filename(Cout,buf[2]) <= 0)
-				{
-				perror(buf[2]);
-				goto err;
-				}
-			write_new_certificate(Cout,x, 0, notext);
-			write_new_certificate(Sout,x, output_der, notext);
-			}
-
-		if (sk_X509_num(cert_sk))
-			{
-			/* Rename the database and the serial file */
-			strncpy(buf[2],serialfile,BSIZE-4);
-			buf[2][BSIZE-4]='\0';
-
-#ifdef OPENSSL_SYS_VMS
-			strcat(buf[2],"-old");
-#else
-			strcat(buf[2],".old");
-#endif
-
-			BIO_free(in);
-			BIO_free_all(out);
-			in=NULL;
-			out=NULL;
-			if (rename(serialfile,buf[2]) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n",
-					serialfile,buf[2]);
-				perror("reason");
-				goto err;
-				}
-			if (rename(buf[0],serialfile) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n",
-					buf[0],serialfile);
-				perror("reason");
-				rename(buf[2],serialfile);
-				goto err;
-				}
-
-			strncpy(buf[2],dbfile,BSIZE-4);
-			buf[2][BSIZE-4]='\0';
-
-#ifdef OPENSSL_SYS_VMS
-			strcat(buf[2],"-old");
-#else
-			strcat(buf[2],".old");
-#endif
-
-			if (rename(dbfile,buf[2]) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n",
-					dbfile,buf[2]);
-				perror("reason");
-				goto err;
-				}
-			if (rename(buf[1],dbfile) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n",
-					buf[1],dbfile);
-				perror("reason");
-				rename(buf[2],dbfile);
-				goto err;
-				}
-			BIO_printf(bio_err,"Data Base Updated\n");
-			}
-		}
-	
-	/*****************************************************************/
-	if (gencrl)
-		{
-		int crl_v2 = 0;
-		if (!crl_ext)
-			{
-			crl_ext=NCONF_get_string(conf,section,ENV_CRLEXT);
-			if (!crl_ext)
-				ERR_clear_error();
-			}
-		if (crl_ext)
-			{
-			/* Check syntax of file */
-			X509V3_CTX ctx;
-			X509V3_set_ctx_test(&ctx);
-			X509V3_set_nconf(&ctx, conf);
-			if (!X509V3_EXT_add_nconf(conf, &ctx, crl_ext, NULL))
-				{
-				BIO_printf(bio_err,
-				 "Error Loading CRL extension section %s\n",
-								 crl_ext);
-				ret = 1;
-				goto err;
-				}
-			}
-
-		if (!crldays && !crlhours)
-			{
-			if (!NCONF_get_number(conf,section,
-				ENV_DEFAULT_CRL_DAYS, &crldays))
-				crldays = 0;
-			if (!NCONF_get_number(conf,section,
-				ENV_DEFAULT_CRL_HOURS, &crlhours))
-				crlhours = 0;
-			}
-		if ((crldays == 0) && (crlhours == 0))
-			{
-			BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
-			goto err;
-			}
-
-		if (verbose) BIO_printf(bio_err,"making CRL\n");
-		if ((crl=X509_CRL_new()) == NULL) goto err;
-		if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err;
-
-		tmptm = ASN1_TIME_new();
-		if (!tmptm) goto err;
-		X509_gmtime_adj(tmptm,0);
-		X509_CRL_set_lastUpdate(crl, tmptm);	
-		X509_gmtime_adj(tmptm,(crldays*24+crlhours)*60*60);
-		X509_CRL_set_nextUpdate(crl, tmptm);	
-
-		ASN1_TIME_free(tmptm);
-
-		for (i=0; i<sk_num(db->data); i++)
-			{
-			pp=(char **)sk_value(db->data,i);
-			if (pp[DB_type][0] == DB_TYPE_REV)
-				{
-				if ((r=X509_REVOKED_new()) == NULL) goto err;
-				j = make_revoked(r, pp[DB_rev_date]);
-				if (!j) goto err;
-				if (j == 2) crl_v2 = 1;
-				if (!BN_hex2bn(&serial, pp[DB_serial]))
-					goto err;
-				tmpser = BN_to_ASN1_INTEGER(serial, NULL);
-				BN_free(serial);
-				serial = NULL;
-				if (!tmpser)
-					goto err;
-				X509_REVOKED_set_serialNumber(r, tmpser);
-				ASN1_INTEGER_free(tmpser);
-				X509_CRL_add0_revoked(crl,r);
-				}
-			}
-
-		/* sort the data so it will be written in serial
-		 * number order */
-		X509_CRL_sort(crl);
-
-		/* we now have a CRL */
-		if (verbose) BIO_printf(bio_err,"signing CRL\n");
-		if (md != NULL)
-			{
-			if ((dgst=EVP_get_digestbyname(md)) == NULL)
-				{
-				BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
-				goto err;
-				}
-			}
-		else
-			{
-#ifndef OPENSSL_NO_DSA
-			if (pkey->type == EVP_PKEY_DSA) 
-				dgst=EVP_dss1();
-			else
-#endif
-				dgst=EVP_md5();
-			}
-
-		/* Add any extensions asked for */
-
-		if (crl_ext)
-			{
-			X509V3_CTX crlctx;
-			X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);
-			X509V3_set_nconf(&crlctx, conf);
-
-			if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx,
-				crl_ext, crl)) goto err;
-			}
-		if (crl_ext || crl_v2)
-			{
-			if (!X509_CRL_set_version(crl, 1))
-				goto err; /* version 2 CRL */
-			}
-
-		if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
-
-		PEM_write_bio_X509_CRL(Sout,crl);
-		}
-	/*****************************************************************/
-	if (dorevoke)
-		{
-		if (infile == NULL) 
-			{
-			BIO_printf(bio_err,"no input files\n");
-			goto err;
-			}
-		else
-			{
-			X509 *revcert;
-			revcert=load_cert(bio_err, infile, FORMAT_PEM,
-				NULL, e, infile);
-			if (revcert == NULL)
-				goto err;
-			j=do_revoke(revcert,db, rev_type, rev_arg);
-			if (j <= 0) goto err;
-			X509_free(revcert);
-
-			if(strlen(dbfile) > BSIZE-5)
-				{
-				BIO_printf(bio_err,"filename too long\n");
-				goto err;
-				}
-
-			strcpy(buf[0],dbfile);
-#ifndef OPENSSL_SYS_VMS
-			strcat(buf[0],".new");
-#else
-			strcat(buf[0],"-new");
-#endif
-			if (BIO_write_filename(out,buf[0]) <= 0)
-				{
-				perror(dbfile);
-				BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
-				goto err;
-				}
-			j=TXT_DB_write(out,db);
-			if (j <= 0) goto err;
-			BIO_free_all(out);
-			out = NULL;
-			BIO_free_all(in);
-			in = NULL;
-			strncpy(buf[1],dbfile,BSIZE-4);
-			buf[1][BSIZE-4]='\0';
-#ifndef OPENSSL_SYS_VMS
-			strcat(buf[1],".old");
-#else
-			strcat(buf[1],"-old");
-#endif
-			if (rename(dbfile,buf[1]) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
-				perror("reason");
-				goto err;
-				}
-			if (rename(buf[0],dbfile) < 0)
-				{
-				BIO_printf(bio_err,"unable to rename %s to %s\n", buf[0],dbfile);
-				perror("reason");
-				rename(buf[1],dbfile);
-				goto err;
-				}
-			BIO_printf(bio_err,"Data Base Updated\n"); 
-			}
-		}
-	/*****************************************************************/
-	ret=0;
-err:
-	if(tofree)
-		OPENSSL_free(tofree);
-	BIO_free_all(Cout);
-	BIO_free_all(Sout);
-	BIO_free_all(out);
-	BIO_free_all(in);
-
-	if (cert_sk)
-		sk_X509_pop_free(cert_sk,X509_free);
-
-	if (ret) ERR_print_errors(bio_err);
-	app_RAND_write_file(randfile, bio_err);
-	if (free_key && key)
-		OPENSSL_free(key);
-	BN_free(serial);
-	TXT_DB_free(db);
-	EVP_PKEY_free(pkey);
-	X509_free(x509);
-	X509_CRL_free(crl);
-	NCONF_free(conf);
-	OBJ_cleanup();
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void lookup_fail(char *name, char *tag)
-	{
-	BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
-	}
-
-static unsigned long index_serial_hash(const char **a)
-	{
-	const char *n;
-
-	n=a[DB_serial];
-	while (*n == '0') n++;
-	return(lh_strhash(n));
-	}
-
-static int index_serial_cmp(const char **a, const char **b)
-	{
-	const char *aa,*bb;
-
-	for (aa=a[DB_serial]; *aa == '0'; aa++);
-	for (bb=b[DB_serial]; *bb == '0'; bb++);
-	return(strcmp(aa,bb));
-	}
-
-static unsigned long index_name_hash(const char **a)
-	{ return(lh_strhash(a[DB_name])); }
-
-static int index_name_qual(char **a)
-	{ return(a[0][0] == 'V'); }
-
-static int index_name_cmp(const char **a, const char **b)
-	{ return(strcmp(a[DB_name],
-	     b[DB_name])); }
-
-static BIGNUM *load_serial(char *serialfile)
-	{
-	BIO *in=NULL;
-	BIGNUM *ret=NULL;
-	MS_STATIC char buf[1024];
-	ASN1_INTEGER *ai=NULL;
-
-	if ((in=BIO_new(BIO_s_file())) == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	if (BIO_read_filename(in,serialfile) <= 0)
-		{
-		perror(serialfile);
-		goto err;
-		}
-	ai=ASN1_INTEGER_new();
-	if (ai == NULL) goto err;
-	if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
-		{
-		BIO_printf(bio_err,"unable to load number from %s\n",
-			serialfile);
-		goto err;
-		}
-	ret=ASN1_INTEGER_to_BN(ai,NULL);
-	if (ret == NULL)
-		{
-		BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
-		goto err;
-		}
-err:
-	if (in != NULL) BIO_free(in);
-	if (ai != NULL) ASN1_INTEGER_free(ai);
-	return(ret);
-	}
-
-static int save_serial(char *serialfile, BIGNUM *serial)
-	{
-	BIO *out;
-	int ret=0;
-	ASN1_INTEGER *ai=NULL;
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-	if (BIO_write_filename(out,serialfile) <= 0)
-		{
-		perror(serialfile);
-		goto err;
-		}
-
-	if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
-		goto err;
-		}
-	i2a_ASN1_INTEGER(out,ai);
-	BIO_puts(out,"\n");
-	ret=1;
-err:
-	if (out != NULL) BIO_free_all(out);
-	if (ai != NULL) ASN1_INTEGER_free(ai);
-	return(ret);
-	}
-
-static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
-	     BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
-	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy)
-	{
-	X509_REQ *req=NULL;
-	BIO *in=NULL;
-	EVP_PKEY *pktmp=NULL;
-	int ok= -1,i;
-
-	in=BIO_new(BIO_s_file());
-
-	if (BIO_read_filename(in,infile) <= 0)
-		{
-		perror(infile);
-		goto err;
-		}
-	if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"Error reading certificate request in %s\n",
-			infile);
-		goto err;
-		}
-	if (verbose)
-		X509_REQ_print(bio_err,req);
-
-	BIO_printf(bio_err,"Check that the request matches the signature\n");
-
-	if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking public key\n");
-		goto err;
-		}
-	i=X509_REQ_verify(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (i < 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature verification problems....\n");
-		goto err;
-		}
-	if (i == 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature did not match the certificate request\n");
-		goto err;
-		}
-	else
-		BIO_printf(bio_err,"Signature ok\n");
-
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj, email_dn,
-		startdate,enddate,days,batch,verbose,req,ext_sect,lconf,
-		certopt, nameopt, default_op, ext_copy);
-
-err:
-	if (req != NULL) X509_REQ_free(req);
-	if (in != NULL) BIO_free(in);
-	return(ok);
-	}
-
-static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
-	     BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
-	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy, ENGINE *e)
-	{
-	X509 *req=NULL;
-	X509_REQ *rreq=NULL;
-	EVP_PKEY *pktmp=NULL;
-	int ok= -1,i;
-
-	if ((req=load_cert(bio_err, infile, FORMAT_PEM, NULL, e, infile)) == NULL)
-		goto err;
-	if (verbose)
-		X509_print(bio_err,req);
-
-	BIO_printf(bio_err,"Check that the request matches the signature\n");
-
-	if ((pktmp=X509_get_pubkey(req)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking public key\n");
-		goto err;
-		}
-	i=X509_verify(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (i < 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature verification problems....\n");
-		goto err;
-		}
-	if (i == 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature did not match the certificate\n");
-		goto err;
-		}
-	else
-		BIO_printf(bio_err,"Signature ok\n");
-
-	if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
-		goto err;
-
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,email_dn,startdate,enddate,
-		days,batch,verbose,rreq,ext_sect,lconf, certopt, nameopt, default_op,
-		ext_copy);
-
-err:
-	if (rreq != NULL) X509_REQ_free(rreq);
-	if (req != NULL) X509_free(req);
-	return(ok);
-	}
-
-static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
-	     STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial, char *subj,
-	     int email_dn, char *startdate, char *enddate, long days, int batch,
-	     int verbose, X509_REQ *req, char *ext_sect, CONF *lconf,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy)
-	{
-	X509_NAME *name=NULL,*CAname=NULL,*subject=NULL, *dn_subject=NULL;
-	ASN1_UTCTIME *tm,*tmptm;
-	ASN1_STRING *str,*str2;
-	ASN1_OBJECT *obj;
-	X509 *ret=NULL;
-	X509_CINF *ci;
-	X509_NAME_ENTRY *ne;
-	X509_NAME_ENTRY *tne,*push;
-	EVP_PKEY *pktmp;
-	int ok= -1,i,j,last,nid;
-	char *p;
-	CONF_VALUE *cv;
-	char *row[DB_NUMBER],**rrow,**irow=NULL;
-	char buf[25];
-
-	tmptm=ASN1_UTCTIME_new();
-	if (tmptm == NULL)
-		{
-		BIO_printf(bio_err,"malloc error\n");
-		return(0);
-		}
-
-	for (i=0; i<DB_NUMBER; i++)
-		row[i]=NULL;
-
-	if (subj)
-		{
-		X509_NAME *n = do_subject(subj, MBSTRING_ASC);
-
-		if (!n)
-			{
-			ERR_print_errors(bio_err);
-			goto err;
-			}
-		X509_REQ_set_subject_name(req,n);
-		req->req_info->enc.modified = 1;
-		X509_NAME_free(n);
-		}
-
-	if (default_op)
-		BIO_printf(bio_err,"The Subject's Distinguished Name is as follows\n");
-
-	name=X509_REQ_get_subject_name(req);
-	for (i=0; i<X509_NAME_entry_count(name); i++)
-		{
-		ne= X509_NAME_get_entry(name,i);
-		str=X509_NAME_ENTRY_get_data(ne);
-		obj=X509_NAME_ENTRY_get_object(ne);
-
-		if (msie_hack)
-			{
-			/* assume all type should be strings */
-			nid=OBJ_obj2nid(ne->object);
-
-			if (str->type == V_ASN1_UNIVERSALSTRING)
-				ASN1_UNIVERSALSTRING_to_string(str);
-
-			if ((str->type == V_ASN1_IA5STRING) &&
-				(nid != NID_pkcs9_emailAddress))
-				str->type=V_ASN1_T61STRING;
-
-			if ((nid == NID_pkcs9_emailAddress) &&
-				(str->type == V_ASN1_PRINTABLESTRING))
-				str->type=V_ASN1_IA5STRING;
-			}
-
-		/* If no EMAIL is wanted in the subject */
-		if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && (!email_dn))
-			continue;
-
-		/* check some things */
-		if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
-			(str->type != V_ASN1_IA5STRING))
-			{
-			BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
-			goto err;
-			}
-		if ((str->type != V_ASN1_BMPSTRING) && (str->type != V_ASN1_UTF8STRING))
-			{
-			j=ASN1_PRINTABLE_type(str->data,str->length);
-			if (	((j == V_ASN1_T61STRING) &&
-				 (str->type != V_ASN1_T61STRING)) ||
-				((j == V_ASN1_IA5STRING) &&
-				 (str->type == V_ASN1_PRINTABLESTRING)))
-				{
-				BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
-				goto err;
-				}
-			}
-
-		if (default_op)
-			old_entry_print(bio_err, obj, str);
-		}
-
-	/* Ok, now we check the 'policy' stuff. */
-	if ((subject=X509_NAME_new()) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	/* take a copy of the issuer name before we mess with it. */
-	CAname=X509_NAME_dup(x509->cert_info->subject);
-	if (CAname == NULL) goto err;
-	str=str2=NULL;
-
-	for (i=0; i<sk_CONF_VALUE_num(policy); i++)
-		{
-		cv=sk_CONF_VALUE_value(policy,i); /* get the object id */
-		if ((j=OBJ_txt2nid(cv->name)) == NID_undef)
-			{
-			BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name);
-			goto err;
-			}
-		obj=OBJ_nid2obj(j);
-
-		last= -1;
-		for (;;)
-			{
-			/* lookup the object in the supplied name list */
-			j=X509_NAME_get_index_by_OBJ(name,obj,last);
-			if (j < 0)
-				{
-				if (last != -1) break;
-				tne=NULL;
-				}
-			else
-				{
-				tne=X509_NAME_get_entry(name,j);
-				}
-			last=j;
-
-			/* depending on the 'policy', decide what to do. */
-			push=NULL;
-			if (strcmp(cv->value,"optional") == 0)
-				{
-				if (tne != NULL)
-					push=tne;
-				}
-			else if (strcmp(cv->value,"supplied") == 0)
-				{
-				if (tne == NULL)
-					{
-					BIO_printf(bio_err,"The %s field needed to be supplied and was missing\n",cv->name);
-					goto err;
-					}
-				else
-					push=tne;
-				}
-			else if (strcmp(cv->value,"match") == 0)
-				{
-				int last2;
-
-				if (tne == NULL)
-					{
-					BIO_printf(bio_err,"The mandatory %s field was missing\n",cv->name);
-					goto err;
-					}
-
-				last2= -1;
-
-again2:
-				j=X509_NAME_get_index_by_OBJ(CAname,obj,last2);
-				if ((j < 0) && (last2 == -1))
-					{
-					BIO_printf(bio_err,"The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",cv->name);
-					goto err;
-					}
-				if (j >= 0)
-					{
-					push=X509_NAME_get_entry(CAname,j);
-					str=X509_NAME_ENTRY_get_data(tne);
-					str2=X509_NAME_ENTRY_get_data(push);
-					last2=j;
-					if (ASN1_STRING_cmp(str,str2) != 0)
-						goto again2;
-					}
-				if (j < 0)
-					{
-					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str2 == NULL)?"NULL":(char *)str2->data),((str == NULL)?"NULL":(char *)str->data));
-					goto err;
-					}
-				}
-			else
-				{
-				BIO_printf(bio_err,"%s:invalid type in 'policy' configuration\n",cv->value);
-				goto err;
-				}
-
-			if (push != NULL)
-				{
-				if (!X509_NAME_add_entry(subject,push, -1, 0))
-					{
-					if (push != NULL)
-						X509_NAME_ENTRY_free(push);
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			if (j < 0) break;
-			}
-		}
-
-	if (preserve)
-		{
-		X509_NAME_free(subject);
-		/* subject=X509_NAME_dup(X509_REQ_get_subject_name(req)); */
-		subject=X509_NAME_dup(name);
-		if (subject == NULL) goto err;
-		}
-
-	if (verbose)
-		BIO_printf(bio_err,"The subject name appears to be ok, checking data base for clashes\n");
-
-	/* Build the correct Subject if no e-mail is wanted in the subject */
-	/* and add it later on because of the method extensions are added (altName) */
-	 
-	if (email_dn)
-		dn_subject = subject;
-	else
-		{
-		X509_NAME_ENTRY *tmpne;
-		/* Its best to dup the subject DN and then delete any email
-		 * addresses because this retains its structure.
-		 */
-		if (!(dn_subject = X509_NAME_dup(subject)))
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		while((i = X509_NAME_get_index_by_NID(dn_subject,
-					NID_pkcs9_emailAddress, -1)) >= 0)
-			{
-			tmpne = X509_NAME_get_entry(dn_subject, i);
-			X509_NAME_delete_entry(dn_subject, i);
-			X509_NAME_ENTRY_free(tmpne);
-			}
-		}
-
-	if (BN_is_zero(serial))
-		row[DB_serial]=BUF_strdup("00");
-	else
-		row[DB_serial]=BN_bn2hex(serial);
-	if (row[DB_serial] == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	rrow=TXT_DB_get_by_index(db,DB_name,row);
-	if (rrow != NULL)
-		{
-		BIO_printf(bio_err,"ERROR:There is already a certificate for %s\n",
-			row[DB_name]);
-		}
-	else
-		{
-		rrow=TXT_DB_get_by_index(db,DB_serial,row);
-		if (rrow != NULL)
-			{
-			BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n",
-				row[DB_serial]);
-			BIO_printf(bio_err,"      check the database/serial_file for corruption\n");
-			}
-		}
-
-	if (rrow != NULL)
-		{
-		BIO_printf(bio_err,
-			"The matching entry has the following details\n");
-		if (rrow[DB_type][0] == 'E')
-			p="Expired";
-		else if (rrow[DB_type][0] == 'R')
-			p="Revoked";
-		else if (rrow[DB_type][0] == 'V')
-			p="Valid";
-		else
-			p="\ninvalid type, Data base error\n";
-		BIO_printf(bio_err,"Type	  :%s\n",p);;
-		if (rrow[DB_type][0] == 'R')
-			{
-			p=rrow[DB_exp_date]; if (p == NULL) p="undef";
-			BIO_printf(bio_err,"Was revoked on:%s\n",p);
-			}
-		p=rrow[DB_exp_date]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Expires on    :%s\n",p);
-		p=rrow[DB_serial]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Serial Number :%s\n",p);
-		p=rrow[DB_file]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"File name     :%s\n",p);
-		p=rrow[DB_name]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Subject Name  :%s\n",p);
-		ok= -1; /* This is now a 'bad' error. */
-		goto err;
-		}
-
-	/* We are now totally happy, lets make and sign the certificate */
-	if (verbose)
-		BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n");
-
-	if ((ret=X509_new()) == NULL) goto err;
-	ci=ret->cert_info;
-
-#ifdef X509_V3
-	/* Make it an X509 v3 certificate. */
-	if (!X509_set_version(x509,2)) goto err;
-#endif
-
-	if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL)
-		goto err;
-	if (!X509_set_issuer_name(ret,X509_get_subject_name(x509)))
-		goto err;
-
-	if (strcmp(startdate,"today") == 0)
-		X509_gmtime_adj(X509_get_notBefore(ret),0);
-	else ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
-
-	if (enddate == NULL)
-		X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
-	else ASN1_UTCTIME_set_string(X509_get_notAfter(ret),enddate);
-
-	if (!X509_set_subject_name(ret,subject)) goto err;
-
-	pktmp=X509_REQ_get_pubkey(req);
-	i = X509_set_pubkey(ret,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (!i) goto err;
-
-	/* Lets add the extensions, if there are any */
-	if (ext_sect)
-		{
-		X509V3_CTX ctx;
-		if (ci->version == NULL)
-			if ((ci->version=ASN1_INTEGER_new()) == NULL)
-				goto err;
-		ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */
-
-		/* Free the current entries if any, there should not
-		 * be any I believe */
-		if (ci->extensions != NULL)
-			sk_X509_EXTENSION_pop_free(ci->extensions,
-						   X509_EXTENSION_free);
-
-		ci->extensions = NULL;
-
-		/* Initialize the context structure */
-		X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0);
-
-		if (extconf)
-			{
-			if (verbose)
-				BIO_printf(bio_err, "Extra configuration file found\n");
- 
-			/* Use the extconf configuration db LHASH */
-			X509V3_set_nconf(&ctx, extconf);
- 
-			/* Test the structure (needed?) */
-			/* X509V3_set_ctx_test(&ctx); */
-
-			/* Adds exts contained in the configuration file */
-			if (!X509V3_EXT_add_nconf(extconf, &ctx, ext_sect,ret))
-				{
-				BIO_printf(bio_err,
-				    "ERROR: adding extensions in section %s\n",
-								ext_sect);
-				ERR_print_errors(bio_err);
-				goto err;
-				}
-			if (verbose)
-				BIO_printf(bio_err, "Successfully added extensions from file.\n");
-			}
-		else if (ext_sect)
-			{
-			/* We found extensions to be set from config file */
-			X509V3_set_nconf(&ctx, lconf);
-
-			if(!X509V3_EXT_add_nconf(lconf, &ctx, ext_sect, ret))
-				{
-				BIO_printf(bio_err, "ERROR: adding extensions in section %s\n", ext_sect);
-				ERR_print_errors(bio_err);
-				goto err;
-				}
-
-			if (verbose) 
-				BIO_printf(bio_err, "Successfully added extensions from config\n");
-			}
-		}
-
-	/* Copy extensions from request (if any) */
-
-	if (!copy_extensions(ret, req, ext_copy))
-		{
-		BIO_printf(bio_err, "ERROR: adding extensions from request\n");
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/* Set the right value for the noemailDN option */
-	if( email_dn == 0 )
-		{
-		if (!X509_set_subject_name(ret,dn_subject)) goto err;
-		}
-
-	if (!default_op)
-		{
-		BIO_printf(bio_err, "Certificate Details:\n");
-		/* Never print signature details because signature not present */
-		certopt |= X509_FLAG_NO_SIGDUMP | X509_FLAG_NO_SIGNAME;
-		X509_print_ex(bio_err, ret, nameopt, certopt); 
-		}
-
-	BIO_printf(bio_err,"Certificate is to be certified until ");
-	ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
-	if (days) BIO_printf(bio_err," (%d days)",days);
-	BIO_printf(bio_err, "\n");
-
-	if (!batch)
-		{
-
-		BIO_printf(bio_err,"Sign the certificate? [y/n]:");
-		(void)BIO_flush(bio_err);
-		buf[0]='\0';
-		fgets(buf,sizeof(buf)-1,stdin);
-		if (!((buf[0] == 'y') || (buf[0] == 'Y')))
-			{
-			BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");
-			ok=0;
-			goto err;
-			}
-		}
-
-
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
-	pktmp=X509_get_pubkey(ret);
-	if (EVP_PKEY_missing_parameters(pktmp) &&
-		!EVP_PKEY_missing_parameters(pkey))
-		EVP_PKEY_copy_parameters(pktmp,pkey);
-	EVP_PKEY_free(pktmp);
-#endif
-
-	if (!X509_sign(ret,pkey,dgst))
-		goto err;
-
-	/* We now just add it to the database */
-	row[DB_type]=(char *)OPENSSL_malloc(2);
-
-	tm=X509_get_notAfter(ret);
-	row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1);
-	memcpy(row[DB_exp_date],tm->data,tm->length);
-	row[DB_exp_date][tm->length]='\0';
-
-	row[DB_rev_date]=NULL;
-
-	/* row[DB_serial] done already */
-	row[DB_file]=(char *)OPENSSL_malloc(8);
-	row[DB_name]=X509_NAME_oneline(X509_get_subject_name(ret),NULL,0);
-
-	if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-		(row[DB_file] == NULL) || (row[DB_name] == NULL))
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-	strcpy(row[DB_file],"unknown");
-	row[DB_type][0]='V';
-	row[DB_type][1]='\0';
-
-	if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	for (i=0; i<DB_NUMBER; i++)
-		{
-		irow[i]=row[i];
-		row[i]=NULL;
-		}
-	irow[DB_NUMBER]=NULL;
-
-	if (!TXT_DB_insert(db,irow))
-		{
-		BIO_printf(bio_err,"failed to update database\n");
-		BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
-		goto err;
-		}
-	ok=1;
-err:
-	for (i=0; i<DB_NUMBER; i++)
-		if (row[i] != NULL) OPENSSL_free(row[i]);
-
-	if (CAname != NULL)
-		X509_NAME_free(CAname);
-	if (subject != NULL)
-		X509_NAME_free(subject);
-	if ((dn_subject != NULL) && !email_dn)
-		X509_NAME_free(dn_subject);
-	if (tmptm != NULL)
-		ASN1_UTCTIME_free(tmptm);
-	if (ok <= 0)
-		{
-		if (ret != NULL) X509_free(ret);
-		ret=NULL;
-		}
-	else
-		*xret=ret;
-	return(ok);
-	}
-
-static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext)
-	{
-
-	if (output_der)
-		{
-		(void)i2d_X509_bio(bp,x);
-		return;
-		}
-#if 0
-	/* ??? Not needed since X509_print prints all this stuff anyway */
-	f=X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
-	BIO_printf(bp,"issuer :%s\n",f);
-
-	f=X509_NAME_oneline(X509_get_subject_name(x),buf,256);
-	BIO_printf(bp,"subject:%s\n",f);
-
-	BIO_puts(bp,"serial :");
-	i2a_ASN1_INTEGER(bp,x->cert_info->serialNumber);
-	BIO_puts(bp,"\n\n");
-#endif
-	if (!notext)X509_print(bp,x);
-	PEM_write_bio_X509(bp,x);
-	}
-
-static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
-	     BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
-	     long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt,
-	     unsigned long nameopt, int default_op, int ext_copy)
-	{
-	STACK_OF(CONF_VALUE) *sk=NULL;
-	LHASH *parms=NULL;
-	X509_REQ *req=NULL;
-	CONF_VALUE *cv=NULL;
-	NETSCAPE_SPKI *spki = NULL;
-	X509_REQ_INFO *ri;
-	char *type,*buf;
-	EVP_PKEY *pktmp=NULL;
-	X509_NAME *n=NULL;
-	X509_NAME_ENTRY *ne=NULL;
-	int ok= -1,i,j;
-	long errline;
-	int nid;
-
-	/*
-	 * Load input file into a hash table.  (This is just an easy
-	 * way to read and parse the file, then put it into a convenient
-	 * STACK format).
-	 */
-	parms=CONF_load(NULL,infile,&errline);
-	if (parms == NULL)
-		{
-		BIO_printf(bio_err,"error on line %ld of %s\n",errline,infile);
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	sk=CONF_get_section(parms, "default");
-	if (sk_CONF_VALUE_num(sk) == 0)
-		{
-		BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
-		CONF_free(parms);
-		goto err;
-		}
-
-	/*
-	 * Now create a dummy X509 request structure.  We don't actually
-	 * have an X509 request, but we have many of the components
-	 * (a public key, various DN components).  The idea is that we
-	 * put these components into the right X509 request structure
-	 * and we can use the same code as if you had a real X509 request.
-	 */
-	req=X509_REQ_new();
-	if (req == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/*
-	 * Build up the subject name set.
-	 */
-	ri=req->req_info;
-	n = ri->subject;
-
-	for (i = 0; ; i++)
-		{
-		if (sk_CONF_VALUE_num(sk) <= i) break;
-
-		cv=sk_CONF_VALUE_value(sk,i);
-		type=cv->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances
-		 */
-		for (buf = cv->name; *buf ; buf++)
-			if ((*buf == ':') || (*buf == ',') || (*buf == '.'))
-				{
-				buf++;
-				if (*buf) type = buf;
-				break;
-				}
-
-		buf=cv->value;
-		if ((nid=OBJ_txt2nid(type)) == NID_undef)
-			{
-			if (strcmp(type, "SPKAC") == 0)
-				{
-				spki = NETSCAPE_SPKI_b64_decode(cv->value, -1);
-				if (spki == NULL)
-					{
-					BIO_printf(bio_err,"unable to load Netscape SPKAC structure\n");
-					ERR_print_errors(bio_err);
-					goto err;
-					}
-				}
-			continue;
-			}
-
-		/*
-		if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
-			continue;
-		*/
-		
-		j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
-		if (fix_data(nid, &j) == 0)
-			{
-			BIO_printf(bio_err,
-				"invalid characters in string %s\n",buf);
-			goto err;
-			}
-
-		if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
-			(unsigned char *)buf,
-			strlen(buf))) == NULL)
-			goto err;
-
-		if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err;
-		}
-	if (spki == NULL)
-		{
-		BIO_printf(bio_err,"Netscape SPKAC structure not found in %s\n",
-			infile);
-		goto err;
-		}
-
-	/*
-	 * Now extract the key from the SPKI structure.
-	 */
-
-	BIO_printf(bio_err,"Check that the SPKAC request matches the signature\n");
-
-	if ((pktmp=NETSCAPE_SPKI_get_pubkey(spki)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking SPKAC public key\n");
-		goto err;
-		}
-
-	j = NETSCAPE_SPKI_verify(spki, pktmp);
-	if (j <= 0)
-		{
-		BIO_printf(bio_err,"signature verification failed on SPKAC public key\n");
-		goto err;
-		}
-	BIO_printf(bio_err,"Signature ok\n");
-
-	X509_REQ_set_pubkey(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,email_dn,startdate,enddate,
-		   days,1,verbose,req,ext_sect,lconf, certopt, nameopt, default_op,
-			ext_copy);
-err:
-	if (req != NULL) X509_REQ_free(req);
-	if (parms != NULL) CONF_free(parms);
-	if (spki != NULL) NETSCAPE_SPKI_free(spki);
-	if (ne != NULL) X509_NAME_ENTRY_free(ne);
-
-	return(ok);
-	}
-
-static int fix_data(int nid, int *type)
-	{
-	if (nid == NID_pkcs9_emailAddress)
-		*type=V_ASN1_IA5STRING;
-	if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
-		*type=V_ASN1_T61STRING;
-	if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
-		*type=V_ASN1_T61STRING;
-	if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
-		return(0);
-	if (nid == NID_pkcs9_unstructuredName)
-		*type=V_ASN1_IA5STRING;
-	return(1);
-	}
-
-static int check_time_format(char *str)
-	{
-	ASN1_UTCTIME tm;
-
-	tm.data=(unsigned char *)str;
-	tm.length=strlen(str);
-	tm.type=V_ASN1_UTCTIME;
-	return(ASN1_UTCTIME_check(&tm));
-	}
-
-static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
-	{
-	ASN1_UTCTIME *tm=NULL;
-	char *row[DB_NUMBER],**rrow,**irow;
-	char *rev_str = NULL;
-	BIGNUM *bn = NULL;
-	int ok=-1,i;
-
-	for (i=0; i<DB_NUMBER; i++)
-		row[i]=NULL;
-	row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0);
-	bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
-	if (BN_is_zero(bn))
-		row[DB_serial]=BUF_strdup("00");
-	else
-		row[DB_serial]=BN_bn2hex(bn);
-	BN_free(bn);
-	if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-	/* We have to lookup by serial number because name lookup
-	 * skips revoked certs
- 	 */
-	rrow=TXT_DB_get_by_index(db,DB_serial,row);
-	if (rrow == NULL)
-		{
-		BIO_printf(bio_err,"Adding Entry to DB for %s\n", row[DB_name]);
-
-		/* We now just add it to the database */
-		row[DB_type]=(char *)OPENSSL_malloc(2);
-
-		tm=X509_get_notAfter(x509);
-		row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1);
-		memcpy(row[DB_exp_date],tm->data,tm->length);
-		row[DB_exp_date][tm->length]='\0';
-
-		row[DB_rev_date]=NULL;
-
-		/* row[DB_serial] done already */
-		row[DB_file]=(char *)OPENSSL_malloc(8);
-
-		/* row[DB_name] done already */
-
-		if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-			(row[DB_file] == NULL))
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		strcpy(row[DB_file],"unknown");
-		row[DB_type][0]='V';
-		row[DB_type][1]='\0';
-
-		if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-
-		for (i=0; i<DB_NUMBER; i++)
-			{
-			irow[i]=row[i];
-			row[i]=NULL;
-			}
-		irow[DB_NUMBER]=NULL;
-
-		if (!TXT_DB_insert(db,irow))
-			{
-			BIO_printf(bio_err,"failed to update database\n");
-			BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
-			goto err;
-			}
-
-		/* Revoke Certificate */
-		ok = do_revoke(x509,db, type, value);
-
-		goto err;
-
-		}
-	else if (index_name_cmp((const char **)row,(const char **)rrow))
-		{
-		BIO_printf(bio_err,"ERROR:name does not match %s\n",
-			   row[DB_name]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='R')
-		{
-		BIO_printf(bio_err,"ERROR:Already revoked, serial number %s\n",
-			   row[DB_serial]);
-		goto err;
-		}
-	else
-		{
-		BIO_printf(bio_err,"Revoking Certificate %s.\n", rrow[DB_serial]);
-		rev_str = make_revocation_str(type, value);
-		if (!rev_str)
-			{
-			BIO_printf(bio_err, "Error in revocation arguments\n");
-			goto err;
-			}
-		rrow[DB_type][0]='R';
-		rrow[DB_type][1]='\0';
-		rrow[DB_rev_date] = rev_str;
-		}
-	ok=1;
-err:
-	for (i=0; i<DB_NUMBER; i++)
-		{
-		if (row[i] != NULL) 
-			OPENSSL_free(row[i]);
-		}
-	return(ok);
-	}
-
-static int get_certificate_status(const char *serial, TXT_DB *db)
-	{
-	char *row[DB_NUMBER],**rrow;
-	int ok=-1,i;
-
-	/* Free Resources */
-	for (i=0; i<DB_NUMBER; i++)
-		row[i]=NULL;
-
-	/* Malloc needed char spaces */
-	row[DB_serial] = OPENSSL_malloc(strlen(serial) + 2);
-	if (row[DB_serial] == NULL)
-		{
-		BIO_printf(bio_err,"Malloc failure\n");
-		goto err;
-		}
-
-	if (strlen(serial) % 2)
-		{
-		/* Set the first char to 0 */;
-		row[DB_serial][0]='0';
-
-		/* Copy String from serial to row[DB_serial] */
-		memcpy(row[DB_serial]+1, serial, strlen(serial));
-		row[DB_serial][strlen(serial)+1]='\0';
-		}
-	else
-		{
-		/* Copy String from serial to row[DB_serial] */
-		memcpy(row[DB_serial], serial, strlen(serial));
-		row[DB_serial][strlen(serial)]='\0';
-		}
-			
-	/* Make it Upper Case */
-	for (i=0; row[DB_serial][i] != '\0'; i++)
-		row[DB_serial][i] = toupper(row[DB_serial][i]);
-	
-
-	ok=1;
-
-	/* Search for the certificate */
-	rrow=TXT_DB_get_by_index(db,DB_serial,row);
-	if (rrow == NULL)
-		{
-		BIO_printf(bio_err,"Serial %s not present in db.\n",
-				 row[DB_serial]);
-		ok=-1;
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='V')
-		{
-		BIO_printf(bio_err,"%s=Valid (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='R')
-		{
-		BIO_printf(bio_err,"%s=Revoked (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='E')
-		{
-		BIO_printf(bio_err,"%s=Expired (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='S')
-		{
-		BIO_printf(bio_err,"%s=Suspended (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else
-		{
-		BIO_printf(bio_err,"%s=Unknown (%c).\n",
-			row[DB_serial], rrow[DB_type][0]);
-		ok=-1;
-		}
-err:
-	for (i=0; i<DB_NUMBER; i++)
-		{
-		if (row[i] != NULL)
-			OPENSSL_free(row[i]);
-		}
-	return(ok);
-	}
-
-static int do_updatedb (TXT_DB *db)
-	{
-	ASN1_UTCTIME	*a_tm = NULL;
-	int i, cnt = 0;
-	int db_y2k, a_y2k;  /* flags = 1 if y >= 2000 */ 
-	char **rrow, *a_tm_s;
-
-	a_tm = ASN1_UTCTIME_new();
-
-	/* get actual time and make a string */
-	a_tm = X509_gmtime_adj(a_tm, 0);
-	a_tm_s = (char *) OPENSSL_malloc(a_tm->length+1);
-	if (a_tm_s == NULL)
-		{
-		cnt = -1;
-		goto err;
-		}
-
-	memcpy(a_tm_s, a_tm->data, a_tm->length);
-	a_tm_s[a_tm->length] = '\0';
-
-	if (strncmp(a_tm_s, "49", 2) <= 0)
-		a_y2k = 1;
-	else
-		a_y2k = 0;
-
-	for (i = 0; i < sk_num(db->data); i++)
-		{
-		rrow = (char **) sk_value(db->data, i);
-
-		if (rrow[DB_type][0] == 'V')
-		 	{
-			/* ignore entries that are not valid */
-			if (strncmp(rrow[DB_exp_date], "49", 2) <= 0)
-				db_y2k = 1;
-			else
-				db_y2k = 0;
-
-			if (db_y2k == a_y2k)
-				{
-				/* all on the same y2k side */
-				if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0)
-				       	{
-				       	rrow[DB_type][0]  = 'E';
-				       	rrow[DB_type][1]  = '\0';
-	  				cnt++;
-
-					BIO_printf(bio_err, "%s=Expired\n",
-							rrow[DB_serial]);
-					}
-				}
-			else if (db_y2k < a_y2k)
-				{
-		  		rrow[DB_type][0]  = 'E';
-		  		rrow[DB_type][1]  = '\0';
-	  			cnt++;
-
-				BIO_printf(bio_err, "%s=Expired\n",
-							rrow[DB_serial]);
-				}
-
-			}
-    		}
-
-err:
-
-	ASN1_UTCTIME_free(a_tm);
-	OPENSSL_free(a_tm_s);
-
-	return (cnt);
-	}
-
-static char *crl_reasons[] = {
-	/* CRL reason strings */
-	"unspecified",
-	"keyCompromise",
-	"CACompromise",
-	"affiliationChanged",
-	"superseded", 
-	"cessationOfOperation",
-	"certificateHold",
-	"removeFromCRL",
-	/* Additional pseudo reasons */
-	"holdInstruction",
-	"keyTime",
-	"CAkeyTime"
-};
-
-#define NUM_REASONS (sizeof(crl_reasons) / sizeof(char *))
-
-/* Given revocation information convert to a DB string.
- * The format of the string is:
- * revtime[,reason,extra]. Where 'revtime' is the
- * revocation time (the current time). 'reason' is the
- * optional CRL reason and 'extra' is any additional
- * argument
- */
-
-char *make_revocation_str(int rev_type, char *rev_arg)
-	{
-	char *reason = NULL, *other = NULL, *str;
-	ASN1_OBJECT *otmp;
-	ASN1_UTCTIME *revtm = NULL;
-	int i;
-	switch (rev_type)
-		{
-	case REV_NONE:
-		break;
-
-	case REV_CRL_REASON:
-		for (i = 0; i < 8; i++)
-			{
-			if (!strcasecmp(rev_arg, crl_reasons[i]))
-				{
-				reason = crl_reasons[i];
-				break;
-				}
-			}
-		if (reason == NULL)
-			{
-			BIO_printf(bio_err, "Unknown CRL reason %s\n", rev_arg);
-			return NULL;
-			}
-		break;
-
-	case REV_HOLD:
-		/* Argument is an OID */
-
-		otmp = OBJ_txt2obj(rev_arg, 0);
-		ASN1_OBJECT_free(otmp);
-
-		if (otmp == NULL)
-			{
-			BIO_printf(bio_err, "Invalid object identifier %s\n", rev_arg);
-			return NULL;
-			}
-
-		reason = "holdInstruction";
-		other = rev_arg;
-		break;
-		
-	case REV_KEY_COMPROMISE:
-	case REV_CA_COMPROMISE:
-
-		/* Argument is the key compromise time  */
-		if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg))
-			{	
-			BIO_printf(bio_err, "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n", rev_arg);
-			return NULL;
-			}
-		other = rev_arg;
-		if (rev_type == REV_KEY_COMPROMISE)
-			reason = "keyTime";
-		else 
-			reason = "CAkeyTime";
-
-		break;
-
-		}
-
-	revtm = X509_gmtime_adj(NULL, 0);
-
-	i = revtm->length + 1;
-
-	if (reason) i += strlen(reason) + 1;
-	if (other) i += strlen(other) + 1;
-
-	str = OPENSSL_malloc(i);
-
-	if (!str) return NULL;
-
-	strcpy(str, (char *)revtm->data);
-	if (reason)
-		{
-		strcat(str, ",");
-		strcat(str, reason);
-		}
-	if (other)
-		{
-		strcat(str, ",");
-		strcat(str, other);
-		}
-	ASN1_UTCTIME_free(revtm);
-	return str;
-	}
-
-/* Convert revocation field to X509_REVOKED entry 
- * return code:
- * 0 error
- * 1 OK
- * 2 OK and some extensions added (i.e. V2 CRL)
- */
-
-
-int make_revoked(X509_REVOKED *rev, char *str)
-	{
-	char *tmp = NULL;
-	int reason_code = -1;
-	int i, ret = 0;
-	ASN1_OBJECT *hold = NULL;
-	ASN1_GENERALIZEDTIME *comp_time = NULL;
-	ASN1_ENUMERATED *rtmp = NULL;
-
-	ASN1_TIME *revDate = NULL;
-
-	i = unpack_revinfo(&revDate, &reason_code, &hold, &comp_time, str);
-
-	if (i == 0)
-		goto err;
-
-	if (rev && !X509_REVOKED_set_revocationDate(rev, revDate))
-		goto err;
-
-	if (rev && (reason_code != OCSP_REVOKED_STATUS_NOSTATUS))
-		{
-		rtmp = ASN1_ENUMERATED_new();
-		if (!rtmp || !ASN1_ENUMERATED_set(rtmp, reason_code))
-			goto err;
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rtmp, 0, 0))
-			goto err;
-		}
-
-	if (rev && comp_time)
-		{
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, comp_time, 0, 0))
-			goto err;
-		}
-	if (rev && hold)
-		{
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_hold_instruction_code, hold, 0, 0))
-			goto err;
-		}
-
-	if (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)
-		ret = 2;
-	else ret = 1;
-
-	err:
-
-	if (tmp) OPENSSL_free(tmp);
-	ASN1_OBJECT_free(hold);
-	ASN1_GENERALIZEDTIME_free(comp_time);
-	ASN1_ENUMERATED_free(rtmp);
-	ASN1_TIME_free(revDate);
-
-	return ret;
-	}
-
-/*
- * subject is expected to be in the format /type0=value0/type1=value1/type2=...
- * where characters may be escaped by \
- */
-X509_NAME *do_subject(char *subject, long chtype)
-	{
-	size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
-	char *buf = OPENSSL_malloc(buflen);
-	size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
-	char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *));
-	char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *));
-
-	char *sp = subject, *bp = buf;
-	int i, ne_num = 0;
-
-	X509_NAME *n = NULL;
-	int nid;
-
-	if (!buf || !ne_types || !ne_values)
-	{
-		BIO_printf(bio_err, "malloc error\n");
-		goto error;
-	}
-
-	if (*subject != '/')
-	{
-		BIO_printf(bio_err, "Subject does not start with '/'.\n");
-		goto error;
-	}
-	sp++; /* skip leading / */
-
-	while (*sp)
-		{
-		/* collect type */
-		ne_types[ne_num] = bp;
-		while (*sp)
-			{
-			if (*sp == '\\') /* is there anything to escape in the type...? */
-				{
-				if (*++sp)
-					*bp++ = *sp++;
-				else
-					{
-					BIO_printf(bio_err, "escape character at end of string\n");
-					goto error;
-					}
-				}
-			else if (*sp == '=')
-				{
-				sp++;
-				*bp++ = '\0';
-				break;
-				}
-			else
-				*bp++ = *sp++;
-			}
-		if (!*sp)
-			{
-			BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
-			goto error;
-			}
-		ne_values[ne_num] = bp;
-		while (*sp)
-			{
-			if (*sp == '\\')
-				{
-				if (*++sp)
-					*bp++ = *sp++;
-				else
-					{
-					BIO_printf(bio_err, "escape character at end of string\n");
-					goto error;
-					}
-				}
-			else if (*sp == '/')
-				{
-				sp++;
-				break;
-				}
-			else
-				*bp++ = *sp++;
-			}
-		*bp++ = '\0';
-		ne_num++;
-		}
-
-	if (!(n = X509_NAME_new()))
-		goto error;
-
-	for (i = 0; i < ne_num; i++)
-		{
-		if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef)
-			{
-			BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]);
-			continue;
-			}
-
-		if (!*ne_values[i])
-			{
-			BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
-			continue;
-			}
-
-		if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0))
-			goto error;
-		}
-
-	OPENSSL_free(ne_values);
-	OPENSSL_free(ne_types);
-	OPENSSL_free(buf);
-	return n;
-
-error:
-	X509_NAME_free(n);
-	if (ne_values)
-		OPENSSL_free(ne_values);
-	if (ne_types)
-		OPENSSL_free(ne_types);
-	if (buf)
-		OPENSSL_free(buf);
-	return NULL;
-}
-
-int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
-	{
-	char buf[25],*pbuf, *p;
-	int j;
-	j=i2a_ASN1_OBJECT(bp,obj);
-	pbuf=buf;
-	for (j=22-j; j>0; j--)
-		*(pbuf++)=' ';
-	*(pbuf++)=':';
-	*(pbuf++)='\0';
-	BIO_puts(bp,buf);
-
-	if (str->type == V_ASN1_PRINTABLESTRING)
-		BIO_printf(bp,"PRINTABLE:'");
-	else if (str->type == V_ASN1_T61STRING)
-		BIO_printf(bp,"T61STRING:'");
-	else if (str->type == V_ASN1_IA5STRING)
-		BIO_printf(bp,"IA5STRING:'");
-	else if (str->type == V_ASN1_UNIVERSALSTRING)
-		BIO_printf(bp,"UNIVERSALSTRING:'");
-	else
-		BIO_printf(bp,"ASN.1 %2d:'",str->type);
-			
-	p=(char *)str->data;
-	for (j=str->length; j>0; j--)
-		{
-		if ((*p >= ' ') && (*p <= '~'))
-			BIO_printf(bp,"%c",*p);
-		else if (*p & 0x80)
-			BIO_printf(bp,"\\0x%02X",*p);
-		else if ((unsigned char)*p == 0xf7)
-			BIO_printf(bp,"^?");
-		else	BIO_printf(bp,"^%c",*p+'@');
-		p++;
-		}
-	BIO_printf(bp,"'\n");
-	return 1;
-	}
-
-int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, char *str)
-	{
-	char *tmp = NULL;
-	char *rtime_str, *reason_str = NULL, *arg_str = NULL, *p;
-	int reason_code = -1;
-	int i, ret = 0;
-	ASN1_OBJECT *hold = NULL;
-	ASN1_GENERALIZEDTIME *comp_time = NULL;
-	tmp = BUF_strdup(str);
-
-	p = strchr(tmp, ',');
-
-	rtime_str = tmp;
-
-	if (p)
-		{
-		*p = '\0';
-		p++;
-		reason_str = p;
-		p = strchr(p, ',');
-		if (p)
-			{
-			*p = '\0';
-			arg_str = p + 1;
-			}
-		}
-
-	if (prevtm)
-		{
-		*prevtm = ASN1_UTCTIME_new();
-		if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str))
-			{
-			BIO_printf(bio_err, "invalid revocation date %s\n", rtime_str);
-			goto err;
-			}
-		}
-	if (reason_str)
-		{
-		for (i = 0; i < NUM_REASONS; i++)
-			{
-			if(!strcasecmp(reason_str, crl_reasons[i]))
-				{
-				reason_code = i;
-				break;
-				}
-			}
-		if (reason_code == OCSP_REVOKED_STATUS_NOSTATUS)
-			{
-			BIO_printf(bio_err, "invalid reason code %s\n", reason_str);
-			goto err;
-			}
-
-		if (reason_code == 7)
-			reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL;
-		else if (reason_code == 8)		/* Hold instruction */
-			{
-			if (!arg_str)
-				{	
-				BIO_printf(bio_err, "missing hold instruction\n");
-				goto err;
-				}
-			reason_code = OCSP_REVOKED_STATUS_CERTIFICATEHOLD;
-			hold = OBJ_txt2obj(arg_str, 0);
-
-			if (!hold)
-				{
-				BIO_printf(bio_err, "invalid object identifier %s\n", arg_str);
-				goto err;
-				}
-			if (phold) *phold = hold;
-			}
-		else if ((reason_code == 9) || (reason_code == 10))
-			{
-			if (!arg_str)
-				{	
-				BIO_printf(bio_err, "missing compromised time\n");
-				goto err;
-				}
-			comp_time = ASN1_GENERALIZEDTIME_new();
-			if (!ASN1_GENERALIZEDTIME_set_string(comp_time, arg_str))
-				{	
-				BIO_printf(bio_err, "invalid compromised time %s\n", arg_str);
-				goto err;
-				}
-			if (reason_code == 9)
-				reason_code = OCSP_REVOKED_STATUS_KEYCOMPROMISE;
-			else
-				reason_code = OCSP_REVOKED_STATUS_CACOMPROMISE;
-			}
-		}
-
-	if (preason) *preason = reason_code;
-	if (pinvtm) *pinvtm = comp_time;
-	else ASN1_GENERALIZEDTIME_free(comp_time);
-
-	ret = 1;
-
-	err:
-
-	if (tmp) OPENSSL_free(tmp);
-	if (!phold) ASN1_OBJECT_free(hold);
-	if (!pinvtm) ASN1_GENERALIZEDTIME_free(comp_time);
-
-	return ret;
-	}
-
-int make_serial_index(TXT_DB *db)
-	{
-	if (!TXT_DB_create_index(db, DB_serial, NULL,
-				LHASH_HASH_FN(index_serial_hash),
-				LHASH_COMP_FN(index_serial_cmp)))
-		{
-		BIO_printf(bio_err,
-		  "error creating serial number index:(%ld,%ld,%ld)\n",
-		  			db->error,db->arg1,db->arg2);
-			return 0;
-		}
-	return 1;
-	}
diff --git a/crypto/openssl/apps/cert.pem b/crypto/openssl/apps/cert.pem
deleted file mode 100644
index de4a77ac6db6..000000000000
--- a/crypto/openssl/apps/cert.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
-VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
-Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
-YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
-DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
-tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
-sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
-19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/ciphers.c b/crypto/openssl/apps/ciphers.c
deleted file mode 100644
index 7c62fc5dc339..000000000000
--- a/crypto/openssl/apps/ciphers.c
+++ /dev/null
@@ -1,208 +0,0 @@
-/* apps/ciphers.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-#undef PROG
-#define PROG	ciphers_main
-
-static char *ciphers_usage[]={
-"usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the ciphers in SSLeay\n",
-" -ssl2       - SSL2 mode\n",
-" -ssl3       - SSL3 mode\n",
-" -tls1       - TLS1 mode\n",
-NULL
-};
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
-	int verbose=0;
-	char **pp;
-	const char *p;
-	int badops=0;
-	SSL_CTX *ctx=NULL;
-	SSL *ssl=NULL;
-	char *ciphers=NULL;
-	SSL_METHOD *meth=NULL;
-	STACK_OF(SSL_CIPHER) *sk;
-	char buf[512];
-	BIO *STDout=NULL;
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_server_method();
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-v") == 0)
-			verbose=1;
-#ifndef OPENSSL_NO_SSL2
-		else if (strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-		else if (strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef OPENSSL_NO_TLS1
-		else if (strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-			 (strcmp(*argv,"-?") == 0))
-			{
-			badops=1;
-			break;
-			}
-		else
-			{
-			ciphers= *argv;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-		for (pp=ciphers_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	OpenSSL_add_ssl_algorithms();
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL) goto err;
-	if (ciphers != NULL) {
-		if(!SSL_CTX_set_cipher_list(ctx,ciphers)) {
-			BIO_printf(bio_err, "Error in cipher list\n");
-			goto err;
-		}
-	}
-	ssl=SSL_new(ctx);
-	if (ssl == NULL) goto err;
-
-
-	if (!verbose)
-		{
-		for (i=0; ; i++)
-			{
-			p=SSL_get_cipher_list(ssl,i);
-			if (p == NULL) break;
-			if (i != 0) BIO_printf(STDout,":");
-			BIO_printf(STDout,"%s",p);
-			}
-		BIO_printf(STDout,"\n");
-		}
-	else
-		{
-		sk=SSL_get_ciphers(ssl);
-
-		for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-			{
-			BIO_puts(STDout,SSL_CIPHER_description(
-				sk_SSL_CIPHER_value(sk,i),
-				buf,sizeof buf));
-			}
-		}
-
-	ret=0;
-	if (0)
-		{
-err:
-		SSL_load_error_strings();
-		ERR_print_errors(bio_err);
-		}
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (ssl != NULL) SSL_free(ssl);
-	if (STDout != NULL) BIO_free_all(STDout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
diff --git a/crypto/openssl/apps/client.pem b/crypto/openssl/apps/client.pem
deleted file mode 100644
index 307910e56e58..000000000000
--- a/crypto/openssl/apps/client.pem
+++ /dev/null
@@ -1,24 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
-MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
-Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
-XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
-NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
-UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
-9TKwhS4GlwbtCfxSKQ==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
-q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
-/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
-HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
-ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
-nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
-ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/crl.c b/crypto/openssl/apps/crl.c
deleted file mode 100644
index c6089ace5261..000000000000
--- a/crypto/openssl/apps/crl.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/* apps/crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	crl_main
-
-#undef POSTFIX
-#define	POSTFIX	".rvk"
-
-static char *crl_usage[]={
-"usage: crl args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -text           - print out a text format version\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -hash           - print hash value\n",
-" -issuer         - print issuer DN\n",
-" -lastupdate     - lastUpdate field\n",
-" -nextupdate     - nextUpdate field\n",
-" -noout          - no CRL output\n",
-" -CAfile  name   - verify CRL using certificates in file \"name\"\n",
-" -CApath  dir    - verify CRL using certificates in \"dir\"\n",
-" -nameopt arg    - various certificate name options\n",
-NULL
-};
-
-static X509_CRL *load_crl(char *file, int format);
-static BIO *bio_out=NULL;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	unsigned long nmflag = 0;
-	X509_CRL *x=NULL;
-	char *CAfile = NULL, *CApath = NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL;
-	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
-	int fingerprint = 0;
-	char **pp;
-	X509_STORE *store = NULL;
-	X509_STORE_CTX ctx;
-	X509_LOOKUP *lookup = NULL;
-	X509_OBJECT xobj;
-	EVP_PKEY *pkey;
-	int do_ver = 0;
-	const EVP_MD *md_alg,*digest=EVP_md5();
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	if (bio_out == NULL)
-		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-			{
-			BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			bio_out = BIO_push(tmpbio, bio_out);
-			}
-#endif
-			}
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-#ifdef undef
-		if	(strcmp(*argv,"-p") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
-			}
-#endif
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath = *(++argv);
-			do_ver = 1;
-			}
-		else if (strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile = *(++argv);
-			do_ver = 1;
-			}
-		else if (strcmp(*argv,"-verify") == 0)
-			do_ver = 1;
-		else if (strcmp(*argv,"-text") == 0)
-			text = 1;
-		else if (strcmp(*argv,"-hash") == 0)
-			hash= ++num;
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-lastupdate") == 0)
-			lastupdate= ++num;
-		else if (strcmp(*argv,"-nextupdate") == 0)
-			nextupdate= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-fingerprint") == 0)
-			fingerprint= ++num;
-		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=crl_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	x=load_crl(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if(do_ver) {
-		store = X509_STORE_new();
-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
-			X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-			
-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
-			X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-		ERR_clear_error();
-
-		if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
-			BIO_printf(bio_err,
-				"Error initialising X509 store\n");
-			goto end;
-		}
-
-		i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, 
-					X509_CRL_get_issuer(x), &xobj);
-		if(i <= 0) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer certificate\n");
-			goto end;
-		}
-		pkey = X509_get_pubkey(xobj.data.x509);
-		X509_OBJECT_free_contents(&xobj);
-		if(!pkey) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer public key\n");
-			goto end;
-		}
-		i = X509_CRL_verify(x, pkey);
-		EVP_PKEY_free(pkey);
-		if(i < 0) goto end;
-		if(i == 0) BIO_printf(bio_err, "verify failure\n");
-		else BIO_printf(bio_err, "verify OK\n");
-	}
-
-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
-				}
-
-			if (hash == i)
-				{
-				BIO_printf(bio_out,"%08lx\n",
-					X509_NAME_hash(X509_CRL_get_issuer(x)));
-				}
-			if (lastupdate == i)
-				{
-				BIO_printf(bio_out,"lastUpdate=");
-				ASN1_TIME_print(bio_out,
-						X509_CRL_get_lastUpdate(x));
-				BIO_printf(bio_out,"\n");
-				}
-			if (nextupdate == i)
-				{
-				BIO_printf(bio_out,"nextUpdate=");
-				if (X509_CRL_get_nextUpdate(x)) 
-					ASN1_TIME_print(bio_out,
-						X509_CRL_get_nextUpdate(x));
-				else
-					BIO_printf(bio_out,"NONE");
-				BIO_printf(bio_out,"\n");
-				}
-			if (fingerprint == i)
-				{
-				int j;
-				unsigned int n;
-				unsigned char md[EVP_MAX_MD_SIZE];
-
-				if (!X509_CRL_digest(x,digest,md,&n))
-					{
-					BIO_printf(bio_err,"out of memory\n");
-					goto end;
-					}
-				BIO_printf(bio_out,"%s Fingerprint=",
-						OBJ_nid2sn(EVP_MD_type(digest)));
-				for (j=0; j<(int)n; j++)
-					{
-					BIO_printf(bio_out,"%02X%c",md[j],
-						(j+1 == (int)n)
-						?'\n':':');
-					}
-				}
-			}
-		}
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) X509_CRL_print(out, x);
-
-	if (noout) goto end;
-
-	if 	(outformat == FORMAT_ASN1)
-		i=(int)i2d_X509_CRL_bio(out,x);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_X509_CRL(out,x);
-	else	
-		{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
-	ret=0;
-end:
-	BIO_free_all(out);
-	BIO_free_all(bio_out);
-	bio_out=NULL;
-	X509_CRL_free(x);
-	if(store) {
-		X509_STORE_CTX_cleanup(&ctx);
-		X509_STORE_free(store);
-	}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static X509_CRL *load_crl(char *infile, int format)
-	{
-	X509_CRL *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_X509_CRL_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load CRL\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	BIO_free(in);
-	return(x);
-	}
-
diff --git a/crypto/openssl/apps/crl2p7.c b/crypto/openssl/apps/crl2p7.c
deleted file mode 100644
index b2f2d121d56c..000000000000
--- a/crypto/openssl/apps/crl2p7.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* apps/crl2p7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
- * and donated 'to the cause' along with lots and lots of other fixes to
- * the library. */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#include <openssl/objects.h>
-
-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
-#undef PROG
-#define PROG	crl2pkcs7_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog,*certfile;
-	PKCS7 *p7 = NULL;
-	PKCS7_SIGNED *p7s = NULL;
-	X509_CRL *crl=NULL;
-	STACK *certflst=NULL;
-	STACK_OF(X509_CRL) *crl_stack=NULL;
-	STACK_OF(X509) *cert_stack=NULL;
-	int ret=1,nocrl=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocrl") == 0)
-			{
-			nocrl=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-certfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_new_null();
-			sk_push(certflst,*(++argv));
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg    input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -certfile arg  certificates file of chain to a trusted CA\n");
-		BIO_printf(bio_err,"                (can be used more than once)\n");
-		BIO_printf(bio_err," -nocrl         no crl to load, just certs from '-certfile'\n");
-		ret = 1;
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (!nocrl)
-		{
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if 	(informat == FORMAT_ASN1)
-			crl=d2i_X509_CRL_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad input format specified for input crl\n");
-			goto end;
-			}
-		if (crl == NULL)
-			{
-			BIO_printf(bio_err,"unable to load CRL\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	
-	if ((p7=PKCS7_new()) == NULL) goto end;
-	if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
-	p7->type=OBJ_nid2obj(NID_pkcs7_signed);
-	p7->d.sign=p7s;
-	p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
-
-	if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
-	if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
-	p7s->crl=crl_stack;
-	if (crl != NULL)
-		{
-		sk_X509_CRL_push(crl_stack,crl);
-		crl=NULL; /* now part of p7 for OPENSSL_freeing */
-		}
-
-	if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
-	p7s->cert=cert_stack;
-
-	if(certflst) for(i = 0; i < sk_num(certflst); i++) {
-		certfile = sk_value(certflst, i);
-		if (add_certs_from_file(cert_stack,certfile) < 0)
-			{
-			BIO_printf(bio_err, "error loading certificates\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	}
-
-	sk_free(certflst);
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_PKCS7_bio(out,p7);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_PKCS7(out,p7);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write pkcs7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (p7 != NULL) PKCS7_free(p7);
-	if (crl != NULL) X509_CRL_free(crl);
-
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/*
- *----------------------------------------------------------------------
- * int add_certs_from_file
- *
- *	Read a list of certificates to be checked from a file.
- *
- * Results:
- *	number of certs added if successful, -1 if not.
- *----------------------------------------------------------------------
- */
-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
-	{
-	struct stat st;
-	BIO *in=NULL;
-	int count=0;
-	int ret= -1;
-	STACK_OF(X509_INFO) *sk=NULL;
-	X509_INFO *xi;
-
-	if ((stat(certfile,&st) != 0))
-		{
-		BIO_printf(bio_err,"unable to load the file, %s\n",certfile);
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
-		{
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
-		goto end;
-		}
-
-	/* This loads from a file, a stack of x509/crl/pkey sets */
-	sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
-	if (sk == NULL) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* scan over it and pull out the CRL's */
-	while (sk_X509_INFO_num(sk))
-		{
-		xi=sk_X509_INFO_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_X509_push(stack,xi->x509);
-			xi->x509=NULL;
-			count++;
-			}
-		X509_INFO_free(xi);
-		}
-
-	ret=count;
-end:
- 	/* never need to OPENSSL_free x */
-	if (in != NULL) BIO_free(in);
-	if (sk != NULL) sk_X509_INFO_free(sk);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/apps/demoCA/cacert.pem b/crypto/openssl/apps/demoCA/cacert.pem
deleted file mode 100644
index affbce3bc948..000000000000
--- a/crypto/openssl/apps/demoCA/cacert.pem
+++ /dev/null
@@ -1,14 +0,0 @@
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
diff --git a/crypto/openssl/apps/demoCA/index.txt b/crypto/openssl/apps/demoCA/index.txt
deleted file mode 100644
index 2cdd252d67ca..000000000000
--- a/crypto/openssl/apps/demoCA/index.txt
+++ /dev/null
@@ -1,39 +0,0 @@
-R	980705233205Z	951009233205Z	01	certs/00000001	/CN=Eric Young
-E	951009233205Z		02	certs/00000002	/CN=Duncan Young
-R	980705233205Z	951201010000Z	03	certs/00000003	/CN=Tim Hudson
-V	980705233205Z		04	certs/00000004	/CN=Eric Young4
-V	980705233205Z		05	certs/00000004	/CN=Eric Young5
-V	980705233205Z		06	certs/00000004	/CN=Eric Young6
-V	980705233205Z		07	certs/00000004	/CN=Eric Young7
-V	980705233205Z		08	certs/00000004	/CN=Eric Young8
-V	980705233205Z		09	certs/00000004	/CN=Eric Young9
-V	980705233205Z		0A	certs/00000004	/CN=Eric YoungA
-V	980705233205Z		0B	certs/00000004	/CN=Eric YoungB
-V	980705233205Z		0C	certs/00000004	/CN=Eric YoungC
-V	980705233205Z		0D	certs/00000004	/CN=Eric YoungD
-V	980705233205Z		0E	certs/00000004	/CN=Eric YoungE
-V	980705233205Z		0F	certs/00000004	/CN=Eric YoungF
-V	980705233205Z		10	certs/00000004	/CN=Eric Young10
-V	980705233205Z		11	certs/00000004	/CN=Eric Young11
-V	980705233205Z		12	certs/00000004	/CN=Eric Young12
-V	980705233205Z		13	certs/00000004	/CN=Eric Young13
-V	980705233205Z		14	certs/00000004	/CN=Eric Young14
-V	980705233205Z		15	certs/00000004	/CN=Eric Young15
-V	980705233205Z		16	certs/00000004	/CN=Eric Young16
-V	980705233205Z		17	certs/00000004	/CN=Eric Young17
-V	961206150305Z		010C	unknown	/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	961206153245Z		010D	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322074816Z		010E	unknown	/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322075152Z		010F	unknown	/CN=Eric Young
-V	970322075906Z		0110	unknown	/CN=Eric Youngg
-V	970324092238Z		0111	unknown	/C=AU/SP=Queensland/CN=Eric Young
-V	970324221931Z		0112	unknown	/CN=Fred
-V	970324224934Z		0113	unknown	/C=AU/CN=eay
-V	971001005237Z		0114	unknown	/C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971001010331Z		0115	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
-V	971001013945Z		0117	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971014225415Z		0118	unknown	/C=AU/SP=Queensland/CN=test
-V	971015004448Z		0119	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
-V	971016035001Z		011A	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
-V	971016080129Z		011B	unknown	/C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
-V	971016224000Z		011D	unknown	/L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk
diff --git a/crypto/openssl/apps/demoCA/private/cakey.pem b/crypto/openssl/apps/demoCA/private/cakey.pem
deleted file mode 100644
index 48fb18c7d807..000000000000
--- a/crypto/openssl/apps/demoCA/private/cakey.pem
+++ /dev/null
@@ -1,24 +0,0 @@
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-
-MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
-Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
-hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
-sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
-tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
-agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
-g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/demoCA/serial b/crypto/openssl/apps/demoCA/serial
deleted file mode 100644
index 69fa0ffe28e7..000000000000
--- a/crypto/openssl/apps/demoCA/serial
+++ /dev/null
@@ -1 +0,0 @@
-011E
diff --git a/crypto/openssl/apps/der_chop b/crypto/openssl/apps/der_chop
deleted file mode 100644
index 9070b032fc38..000000000000
--- a/crypto/openssl/apps/der_chop
+++ /dev/null
@@ -1,305 +0,0 @@
-#!/usr/local/bin/perl
-#
-# der_chop ... this is one total hack that Eric is really not proud of
-#              so don't look at it and don't ask for support
-#
-# The "documentation" for this (i.e. all the comments) are my fault --tjh
-#
-# This program takes the "raw" output of derparse/asn1parse and 
-# converts it into tokens and then runs regular expression matches
-# to try to figure out what to grab to get the things that are needed
-# and it is possible that this will do the wrong thing as it is a *hack*
-#
-# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
-# [I know ... promises promises :-)]
-#
-# To convert a Netscape Certificate:
-#    der_chop < ServerCert.der > cert.pem
-# To convert a Netscape Key (and encrypt it again to protect it)
-#    rsa -inform NET -in ServerKey.der -des > key.pem
-#
-# 23-Apr-96 eay    Added the extra ASN.1 string types, I still think this
-#		   is an evil hack.  If nothing else the parsing should
-#		   be relative, not absolute.
-# 19-Apr-96 tjh    hacked (with eay) into 0.5.x format
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-
-require 'getopts.pl';
-
-$debug=0;
-
-# this was the 0.4.x way of doing things ...
-$cmd="derparse";
-$x509_cmd="x509";
-$crl_cmd="crl";
-$rc4_cmd="rc4";
-$md2_cmd="md2";
-$md4_cmd="md4";
-$rsa_cmd="rsa -des -inform der ";
-
-# this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
-
-&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
-$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
-
-&init_der();
-
-if ($#ARGV != -1)
-	{
-	foreach $file (@ARGV)
-		{
-		print STDERR "doing $file\n";
-		&dofile($file);
-		}
-	}
-else
-	{
-	$file="/tmp/a$$.DER";
-	open(OUT,">$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(STDIN,$b,1024*10);
-		last if ($i <= 0);
-		$i=syswrite(OUT,$b,$i);
-		}
-	&dofile($file);
-	unlink($file);
-	}
-	
-sub dofile
-	{
-	local($file)=@_;
-	local(@p);
-
-	$b=&load_file($file);
-	@p=&load_file_parse($file);
-
-	foreach $_ (@p)
-		{
-		($off,$d,$hl,$len)=&parse_line($_);
-		$d-=$depth;
-		next if ($d != 0);
-		next if ($len == 0);
-
-		$o=substr($b,$off,$len+$hl);
-		($str,@data)=&der_str($o);
-		print "$str\n" if ($opt_v);
-		if ($str =~ /^$crl/)
-			{
-			open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
-				die "unable to run $crl_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$x509/)
-			{
-			open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
-				|| die "unable to run $x509_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$rsa/)
-			{
-			($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-			next unless ($type eq "rsaEncryption");
-			($off,$d,$hl,$len)=&parse_line($data[5]);
-			$os=substr($o,$off+$hl,$len);
-			open(OUT,"|$rsa_cmd")
-				|| die "unable to run $rsa_cmd:$!\n";
-			print OUT $os;
-			close(OUT);
-			}
-		elsif ($str =~ /^0G-1D-1G/)
-			{
-			($off,$d,$hl,$len)=&parse_line($data[1]);
-			$os=substr($o,$off+$hl,$len);
-			print STDERR "<$os>\n" if $opt_v;
-			&do_certificate($o,@data)
-				if (($os eq "certificate") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			&do_private_key($o,@data)
-				if (($os eq "private-key") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			}
-		}
-	}
-
-sub der_str
-	{
-	local($str)=@_;
-	local(*OUT,*IN,@a,$t,$d,$ret);
-	local($file)="/tmp/b$$.DER";
-	local(@ret);
-
-	open(OUT,">$file");
-	print OUT $str;
-	close(OUT);
-	open(IN,"$cmd -inform 'd' -in $file |") ||
-		die "unable to run $cmd:$!\n";
-	$ret="";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-
-		print STDERR "$_\n" if ($debug);
-
-		@a=split(/\s*:\s*/);
-		($d)=($a[1] =~ /d=\s*(\d+)/);
-		$a[2] =~ s/\s+$//;
-		$t=$DER_s2i{$a[2]};
-		$ret.="$d$t-";
-		}
-	close(IN);
-	unlink($file);
-	chop $ret;
-	$ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
-	$ret =~ s/(-3G-4B-4L)+/-RCERT/g;
-	return($ret,@ret);
-	}
-
-sub init_der
-	{
-	$crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
-	$x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
-	$rsa= "0G-1B-1G-2F-2E-1D";
-
-	%DER_i2s=(
-		# SSLeay 0.4.x has this list
-		"A","EOC",
-		"B","INTEGER",
-		"C","BIT STRING",
-		"D","OCTET STRING",
-		"E","NULL",
-		"F","OBJECT",
-		"G","SEQUENCE",
-		"H","SET",
-		"I","PRINTABLESTRING",
-		"J","T61STRING",
-		"K","IA5STRING",
-		"L","UTCTIME",
-		"M","NUMERICSTRING",
-		"N","VIDEOTEXSTRING",
-		"O","GENERALIZEDTIME",
-		"P","GRAPHICSTRING",
-		"Q","ISO64STRING",
-		"R","GENERALSTRING",
-		"S","UNIVERSALSTRING",
-
-		# SSLeay 0.5.x changed some things ... and I'm
-		# leaving in the old stuff but adding in these
-		# to handle the new as well --tjh
-		# - Well I've just taken them out and added the extra new
-		# ones :-) - eay
-		);
-
-	foreach (keys %DER_i2s)
-		{ $DER_s2i{$DER_i2s{$_}}=$_; }
-	}
-
-sub parse_line
-	{
-	local($_)=@_;
-
-	return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
-	}
-
-#  0:d=0 hl=4 l=377 cons: univ: SEQUENCE          
-#  4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING      
-# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE          
-# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE          
-# 23:d=3 hl=2 l=  8 prim: univ: OBJECT_IDENTIFIER :rc4
-# 33:d=3 hl=2 l=  0 prim: univ: NULL              
-# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
-sub do_private_key
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-	if ($type eq "rc4")
-		{
-		($off,$d,$hl,$len)=&parse_line($struct[6]);
-		open(OUT,"|$rc4_cmd >$file") ||
-			die "unable to run $rc4_cmd:$!\n";
-		print OUT substr($data,$off+$hl,$len);
-		close(OUT);
-
-		$b=&load_file($file);
-		unlink($file);
-
-		($s,@p)=&der_str($b);
-		die "unknown rsa key type\n$s\n"
-			if ($s ne '0G-1B-1G-2F-2E-1D');
-		local($off,$d,$hl,$len)=&parse_line($p[5]);
-		$b=substr($b,$off+$hl,$len);
-		($s,@p)=&der_str($b);
-		open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
-		print OUT $b;
-		close(OUT);
-		}
-	else
-		{
-		print "'$type' is unknown\n";
-		exit(1);
-		}
-	}
-
-sub do_certificate
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($off,$d,$hl,$len)=&parse_line($struct[2]);
-	$b=substr($data,$off,$len+$hl);
-
-	open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
-	print OUT $b;
-	close(OUT);
-	}
-
-sub load_file
-	{
-	local($file)=@_;
-	local(*IN,$r,$b,$i);
-
-	$r="";
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(IN,$b,10240);
-		last if ($i <= 0);
-		$r.=$b;
-		}
-	close(IN);
-	return($r);
-	}
-
-sub load_file_parse
-	{
-	local($file)=@_;
-	local(*IN,$r,@ret,$_,$i,$n,$b);
-
-	open(IN,"$cmd -inform d -in $file|")
-		|| die "unable to run der_parse\n";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-		}
-	return($r,@ret);
-	}
-
diff --git a/crypto/openssl/apps/der_chop.in b/crypto/openssl/apps/der_chop.in
deleted file mode 100644
index 9070b032fc38..000000000000
--- a/crypto/openssl/apps/der_chop.in
+++ /dev/null
@@ -1,305 +0,0 @@
-#!/usr/local/bin/perl
-#
-# der_chop ... this is one total hack that Eric is really not proud of
-#              so don't look at it and don't ask for support
-#
-# The "documentation" for this (i.e. all the comments) are my fault --tjh
-#
-# This program takes the "raw" output of derparse/asn1parse and 
-# converts it into tokens and then runs regular expression matches
-# to try to figure out what to grab to get the things that are needed
-# and it is possible that this will do the wrong thing as it is a *hack*
-#
-# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
-# [I know ... promises promises :-)]
-#
-# To convert a Netscape Certificate:
-#    der_chop < ServerCert.der > cert.pem
-# To convert a Netscape Key (and encrypt it again to protect it)
-#    rsa -inform NET -in ServerKey.der -des > key.pem
-#
-# 23-Apr-96 eay    Added the extra ASN.1 string types, I still think this
-#		   is an evil hack.  If nothing else the parsing should
-#		   be relative, not absolute.
-# 19-Apr-96 tjh    hacked (with eay) into 0.5.x format
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-
-require 'getopts.pl';
-
-$debug=0;
-
-# this was the 0.4.x way of doing things ...
-$cmd="derparse";
-$x509_cmd="x509";
-$crl_cmd="crl";
-$rc4_cmd="rc4";
-$md2_cmd="md2";
-$md4_cmd="md4";
-$rsa_cmd="rsa -des -inform der ";
-
-# this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
-
-&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
-$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
-
-&init_der();
-
-if ($#ARGV != -1)
-	{
-	foreach $file (@ARGV)
-		{
-		print STDERR "doing $file\n";
-		&dofile($file);
-		}
-	}
-else
-	{
-	$file="/tmp/a$$.DER";
-	open(OUT,">$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(STDIN,$b,1024*10);
-		last if ($i <= 0);
-		$i=syswrite(OUT,$b,$i);
-		}
-	&dofile($file);
-	unlink($file);
-	}
-	
-sub dofile
-	{
-	local($file)=@_;
-	local(@p);
-
-	$b=&load_file($file);
-	@p=&load_file_parse($file);
-
-	foreach $_ (@p)
-		{
-		($off,$d,$hl,$len)=&parse_line($_);
-		$d-=$depth;
-		next if ($d != 0);
-		next if ($len == 0);
-
-		$o=substr($b,$off,$len+$hl);
-		($str,@data)=&der_str($o);
-		print "$str\n" if ($opt_v);
-		if ($str =~ /^$crl/)
-			{
-			open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
-				die "unable to run $crl_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$x509/)
-			{
-			open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
-				|| die "unable to run $x509_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$rsa/)
-			{
-			($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-			next unless ($type eq "rsaEncryption");
-			($off,$d,$hl,$len)=&parse_line($data[5]);
-			$os=substr($o,$off+$hl,$len);
-			open(OUT,"|$rsa_cmd")
-				|| die "unable to run $rsa_cmd:$!\n";
-			print OUT $os;
-			close(OUT);
-			}
-		elsif ($str =~ /^0G-1D-1G/)
-			{
-			($off,$d,$hl,$len)=&parse_line($data[1]);
-			$os=substr($o,$off+$hl,$len);
-			print STDERR "<$os>\n" if $opt_v;
-			&do_certificate($o,@data)
-				if (($os eq "certificate") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			&do_private_key($o,@data)
-				if (($os eq "private-key") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			}
-		}
-	}
-
-sub der_str
-	{
-	local($str)=@_;
-	local(*OUT,*IN,@a,$t,$d,$ret);
-	local($file)="/tmp/b$$.DER";
-	local(@ret);
-
-	open(OUT,">$file");
-	print OUT $str;
-	close(OUT);
-	open(IN,"$cmd -inform 'd' -in $file |") ||
-		die "unable to run $cmd:$!\n";
-	$ret="";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-
-		print STDERR "$_\n" if ($debug);
-
-		@a=split(/\s*:\s*/);
-		($d)=($a[1] =~ /d=\s*(\d+)/);
-		$a[2] =~ s/\s+$//;
-		$t=$DER_s2i{$a[2]};
-		$ret.="$d$t-";
-		}
-	close(IN);
-	unlink($file);
-	chop $ret;
-	$ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
-	$ret =~ s/(-3G-4B-4L)+/-RCERT/g;
-	return($ret,@ret);
-	}
-
-sub init_der
-	{
-	$crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
-	$x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
-	$rsa= "0G-1B-1G-2F-2E-1D";
-
-	%DER_i2s=(
-		# SSLeay 0.4.x has this list
-		"A","EOC",
-		"B","INTEGER",
-		"C","BIT STRING",
-		"D","OCTET STRING",
-		"E","NULL",
-		"F","OBJECT",
-		"G","SEQUENCE",
-		"H","SET",
-		"I","PRINTABLESTRING",
-		"J","T61STRING",
-		"K","IA5STRING",
-		"L","UTCTIME",
-		"M","NUMERICSTRING",
-		"N","VIDEOTEXSTRING",
-		"O","GENERALIZEDTIME",
-		"P","GRAPHICSTRING",
-		"Q","ISO64STRING",
-		"R","GENERALSTRING",
-		"S","UNIVERSALSTRING",
-
-		# SSLeay 0.5.x changed some things ... and I'm
-		# leaving in the old stuff but adding in these
-		# to handle the new as well --tjh
-		# - Well I've just taken them out and added the extra new
-		# ones :-) - eay
-		);
-
-	foreach (keys %DER_i2s)
-		{ $DER_s2i{$DER_i2s{$_}}=$_; }
-	}
-
-sub parse_line
-	{
-	local($_)=@_;
-
-	return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
-	}
-
-#  0:d=0 hl=4 l=377 cons: univ: SEQUENCE          
-#  4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING      
-# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE          
-# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE          
-# 23:d=3 hl=2 l=  8 prim: univ: OBJECT_IDENTIFIER :rc4
-# 33:d=3 hl=2 l=  0 prim: univ: NULL              
-# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
-sub do_private_key
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-	if ($type eq "rc4")
-		{
-		($off,$d,$hl,$len)=&parse_line($struct[6]);
-		open(OUT,"|$rc4_cmd >$file") ||
-			die "unable to run $rc4_cmd:$!\n";
-		print OUT substr($data,$off+$hl,$len);
-		close(OUT);
-
-		$b=&load_file($file);
-		unlink($file);
-
-		($s,@p)=&der_str($b);
-		die "unknown rsa key type\n$s\n"
-			if ($s ne '0G-1B-1G-2F-2E-1D');
-		local($off,$d,$hl,$len)=&parse_line($p[5]);
-		$b=substr($b,$off+$hl,$len);
-		($s,@p)=&der_str($b);
-		open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
-		print OUT $b;
-		close(OUT);
-		}
-	else
-		{
-		print "'$type' is unknown\n";
-		exit(1);
-		}
-	}
-
-sub do_certificate
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($off,$d,$hl,$len)=&parse_line($struct[2]);
-	$b=substr($data,$off,$len+$hl);
-
-	open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
-	print OUT $b;
-	close(OUT);
-	}
-
-sub load_file
-	{
-	local($file)=@_;
-	local(*IN,$r,$b,$i);
-
-	$r="";
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(IN,$b,10240);
-		last if ($i <= 0);
-		$r.=$b;
-		}
-	close(IN);
-	return($r);
-	}
-
-sub load_file_parse
-	{
-	local($file)=@_;
-	local(*IN,$r,@ret,$_,$i,$n,$b);
-
-	open(IN,"$cmd -inform d -in $file|")
-		|| die "unable to run der_parse\n";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-		}
-	return($r,@ret);
-	}
-
diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c
deleted file mode 100644
index 47d1309b14c1..000000000000
--- a/crypto/openssl/apps/dgst.c
+++ /dev/null
@@ -1,445 +0,0 @@
-/* apps/dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef BUFSIZE
-#define BUFSIZE	1024*8
-
-#undef PROG
-#define PROG	dgst_main
-
-int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	unsigned char *buf=NULL;
-	int i,err=0;
-	const EVP_MD *md=NULL,*m;
-	BIO *in=NULL,*inp;
-	BIO *bmd=NULL;
-	BIO *out = NULL;
-	const char *name;
-#define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-	int separator=0;
-	int debug=0;
-	int keyform=FORMAT_PEM;
-	const char *outfile = NULL, *keyfile = NULL;
-	const char *sigfile = NULL, *randfile = NULL;
-	int out_bin = -1, want_pub = 0, do_verify = 0;
-	EVP_PKEY *sigkey = NULL;
-	unsigned char *sigbuf = NULL;
-	int siglen = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	/* first check the program name */
-	program_name(argv[0],pname,sizeof pname);
-
-	md=EVP_get_digestbyname(pname);
-
-	argc--;
-	argv++;
-	while (argc > 0)
-		{
-		if ((*argv)[0] != '-') break;
-		if (strcmp(*argv,"-c") == 0)
-			separator=1;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) break;
-			randfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) break;
-			outfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-sign") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-verify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			want_pub = 1;
-			do_verify = 1;
-			}
-		else if (strcmp(*argv,"-prverify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			do_verify = 1;
-			}
-		else if (strcmp(*argv,"-signature") == 0)
-			{
-			if (--argc < 1) break;
-			sigfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) break;
-			keyform=str2fmt(*(++argv));
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) break;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-hex") == 0)
-			out_bin = 0;
-		else if (strcmp(*argv,"-binary") == 0)
-			out_bin = 1;
-		else if (strcmp(*argv,"-d") == 0)
-			debug=1;
-		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			md=m;
-		else
-			break;
-		argc--;
-		argv++;
-		}
-
-	if (md == NULL)
-		md=EVP_md5();
-
-	if(do_verify && !sigfile) {
-		BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
-		err = 1; 
-		goto end;
-	}
-
-	if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
-		{
-		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-		BIO_printf(bio_err,"options are\n");
-		BIO_printf(bio_err,"-c              to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-d              to output debug info\n");
-		BIO_printf(bio_err,"-hex            output as hex dump\n");
-		BIO_printf(bio_err,"-binary         output in binary form\n");
-		BIO_printf(bio_err,"-sign   file    sign digest using private key in file\n");
-		BIO_printf(bio_err,"-verify file    verify a signature using public key in file\n");
-		BIO_printf(bio_err,"-prverify file  verify a signature using private key in file\n");
-		BIO_printf(bio_err,"-keyform arg    key file format (PEM or ENGINE)\n");
-		BIO_printf(bio_err,"-signature file signature to verify\n");
-		BIO_printf(bio_err,"-binary         output in binary form\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
-#endif
-
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
-			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_md4,LN_md4);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_md2,LN_md2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha,LN_sha);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_ripemd160,LN_ripemd160);
-		err=1;
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	in=BIO_new(BIO_s_file());
-	bmd=BIO_new(BIO_f_md());
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,bio_err);
-		}
-
-	if ((in == NULL) || (bmd == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if(out_bin == -1) {
-		if(keyfile) out_bin = 1;
-		else out_bin = 0;
-	}
-
-	if(randfile)
-		app_RAND_load_file(randfile, bio_err, 0);
-
-	if(outfile) {
-		if(out_bin)
-			out = BIO_new_file(outfile, "wb");
-		else    out = BIO_new_file(outfile, "w");
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if(!out) {
-		BIO_printf(bio_err, "Error opening output file %s\n", 
-					outfile ? outfile : "(stdout)");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	if(keyfile)
-		{
-		if (want_pub)
-			sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
-				e, "key file");
-		else
-			sigkey = load_key(bio_err, keyfile, keyform, 0, NULL,
-				e, "key file");
-		if (!sigkey)
-			{
-			/* load_[pub]key() has already printed an appropriate
-			   message */
-			goto end;
-			}
-		}
-
-	if(sigfile && sigkey) {
-		BIO *sigbio;
-		sigbio = BIO_new_file(sigfile, "rb");
-		siglen = EVP_PKEY_size(sigkey);
-		sigbuf = OPENSSL_malloc(siglen);
-		if(!sigbio) {
-			BIO_printf(bio_err, "Error opening signature file %s\n",
-								sigfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		siglen = BIO_read(sigbio, sigbuf, siglen);
-		BIO_free(sigbio);
-		if(siglen <= 0) {
-			BIO_printf(bio_err, "Error reading signature file %s\n",
-								sigfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-		
-
-
-	/* we use md as a filter, reading from 'in' */
-	BIO_set_md(bmd,md);
-	inp=BIO_push(bmd,in);
-
-	if (argc == 0)
-		{
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)");
-		}
-	else
-		{
-		name=OBJ_nid2sn(md->type);
-		for (i=0; i<argc; i++)
-			{
-			char *tmp,*tofree=NULL;
-			int r;
-
-			if (BIO_read_filename(in,argv[i]) <= 0)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			if(!out_bin)
-				{
-				tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
-				sprintf(tmp,"%s(%s)= ",name,argv[i]);
-				}
-			else
-				tmp="";
-			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i]);
-			if(r)
-			    err=r;
-			if(tofree)
-				OPENSSL_free(tofree);
-			(void)BIO_reset(bmd);
-			}
-		}
-end:
-	if (buf != NULL)
-		{
-		OPENSSL_cleanse(buf,BUFSIZE);
-		OPENSSL_free(buf);
-		}
-	if (in != NULL) BIO_free(in);
-	BIO_free_all(out);
-	EVP_PKEY_free(sigkey);
-	if(sigbuf) OPENSSL_free(sigbuf);
-	if (bmd != NULL) BIO_free(bmd);
-	apps_shutdown();
-	OPENSSL_EXIT(err);
-	}
-
-int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file)
-	{
-	int len;
-	int i;
-
-	for (;;)
-		{
-		i=BIO_read(bp,(char *)buf,BUFSIZE);
-		if(i < 0)
-			{
-			BIO_printf(bio_err, "Read Error in %s\n",file);
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		if (i == 0) break;
-		}
-	if(sigin)
-		{
-		EVP_MD_CTX *ctx;
-		BIO_get_md_ctx(bp, &ctx);
-		i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); 
-		if(i > 0)
-			BIO_printf(out, "Verified OK\n");
-		else if(i == 0)
-			{
-			BIO_printf(out, "Verification Failure\n");
-			return 1;
-			}
-		else
-			{
-			BIO_printf(bio_err, "Error Verifying Data\n");
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		return 0;
-		}
-	if(key)
-		{
-		EVP_MD_CTX *ctx;
-		BIO_get_md_ctx(bp, &ctx);
-		if(!EVP_SignFinal(ctx, buf, (unsigned int *)&len, key)) 
-			{
-			BIO_printf(bio_err, "Error Signing Data\n");
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		}
-	else
-		len=BIO_gets(bp,(char *)buf,BUFSIZE);
-
-	if(binout) BIO_write(out, buf, len);
-	else 
-		{
-		BIO_write(out,title,strlen(title));
-		for (i=0; i<len; i++)
-			{
-			if (sep && (i != 0))
-				BIO_printf(out, ":");
-			BIO_printf(out, "%02x",buf[i]);
-			}
-		BIO_printf(out, "\n");
-		}
-	return 0;
-	}
-
diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c
deleted file mode 100644
index cd01fed13987..000000000000
--- a/crypto/openssl/apps/dh.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* apps/dh.c */
-/* obsoleted by dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	dh_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -check	- check the parameters are ok
- * -noout
- * -text
- * -C
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		dh=d2i_DHparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dh == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DH parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-#ifdef undef
-		printf("p=");
-		BN_print(stdout,dh->p);
-		printf("\ng=");
-		BN_print(stdout,dh->g);
-		printf("\n");
-		if (dh->length != 0)
-			printf("recommended private length=%ld\n",dh->length);
-#endif
-		}
-	
-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (i & DH_CHECK_P_NOT_PRIME)
-			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
-		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-			printf("unable to check the generator value\n");
-		if (i & DH_NOT_SUITABLE_GENERATOR)
-			printf("the g value is not a generator\n");
-		if (i == 0)
-			printf("DH parameters appear to be ok.\n");
-		}
-	if (C)
-		{
-		unsigned char *data;
-		int len,l,bits;
-
-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dh->p,data);
-		printf("static unsigned char dh%d_p[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dh->g,data);
-		printf("static unsigned char dh%d_g[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n\n");
-
-		printf("DH *get_dh%d()\n\t{\n",bits);
-		printf("\tDH *dh;\n\n");
-		printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
-		printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
-		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
-		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
-		printf("\treturn(dh);\n\t}\n");
-		OPENSSL_free(data);
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#endif
diff --git a/crypto/openssl/apps/dh1024.pem b/crypto/openssl/apps/dh1024.pem
deleted file mode 100644
index 6eaeca9b8eb1..000000000000
--- a/crypto/openssl/apps/dh1024.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
-jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
-ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
------END DH PARAMETERS-----
-
-These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/crypto/openssl/apps/dh2048.pem b/crypto/openssl/apps/dh2048.pem
deleted file mode 100644
index dcd0b8d01b89..000000000000
--- a/crypto/openssl/apps/dh2048.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
-89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
-T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
-zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
-Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
-CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==
------END DH PARAMETERS-----
-
-These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
diff --git a/crypto/openssl/apps/dh4096.pem b/crypto/openssl/apps/dh4096.pem
deleted file mode 100644
index 1b35ad8e62eb..000000000000
--- a/crypto/openssl/apps/dh4096.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
-l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
-Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
-Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
-VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
-alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
-sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
-ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
-OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
-AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
-KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
------END DH PARAMETERS-----
-
-These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/crypto/openssl/apps/dh512.pem b/crypto/openssl/apps/dh512.pem
deleted file mode 100644
index 200d16cd8971..000000000000
--- a/crypto/openssl/apps/dh512.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DH PARAMETERS-----
-MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak
-XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC
------END DH PARAMETERS-----
-
-These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c
deleted file mode 100644
index dc00355b95b7..000000000000
--- a/crypto/openssl/apps/dhparam.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/* apps/dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#undef PROG
-#define PROG	dhparam_main
-
-#define DEFBITS	512
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -dsaparam  - read or generate DSA parameters, convert to DH
- * -check	- check the parameters are ok
- * -noout
- * -text
- * -C
- */
-
-static void MS_CALLBACK dh_cb(int p, int n, void *arg);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-#ifndef OPENSSL_NO_DSA
-	int dsaparam=0;
-#endif
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int num = 0, g = 0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-#ifndef OPENSSL_NO_DSA
-		else if (strcmp(*argv,"-dsaparam") == 0)
-			dsaparam=1;
-#endif
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
-			goto bad;
-		argv++;
-		argc--;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [numbits]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-#ifndef OPENSSL_NO_DSA
-		BIO_printf(bio_err," -dsaparam     read or generate DSA parameters, convert to DH\n");
-#endif
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
-		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
-		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"               the random number generator\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (g && !num)
-		num = DEFBITS;
-
-#ifndef OPENSSL_NO_DSA
-	if (dsaparam)
-		{
-		if (g)
-			{
-			BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
-			goto end;
-			}
-		}
-	else
-#endif
-		{
-		/* DH parameters */
-		if (num && !g)
-			g = 2;
-		}
-
-	if(num) {
-
-		if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-			{
-			BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-			}
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-
-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa;
-			
-			BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-			dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err);
-			if (dsa == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-			BIO_printf(bio_err,"This is going to take a long time\n");
-			dh=DH_generate_parameters(num,g,dh_cb,bio_err);
-			
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-
-		app_RAND_write_file(NULL, bio_err);
-	} else {
-
-		in=BIO_new(BIO_s_file());
-		if (in == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if	(informat != FORMAT_ASN1 && informat != FORMAT_PEM)
-			{
-			BIO_printf(bio_err,"bad input format specified\n");
-			goto end;
-			}
-
-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa;
-			
-			if (informat == FORMAT_ASN1)
-				dsa=d2i_DSAparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-			
-			if (dsa == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DSA parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			if (informat == FORMAT_ASN1)
-				dh=d2i_DHparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-			
-			if (dh == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DH parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		
-		/* dh != NULL */
-	}
-	
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-		}
-	
-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (i & DH_CHECK_P_NOT_PRIME)
-			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
-		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-			printf("unable to check the generator value\n");
-		if (i & DH_NOT_SUITABLE_GENERATOR)
-			printf("the g value is not a generator\n");
-		if (i == 0)
-			printf("DH parameters appear to be ok.\n");
-		}
-	if (C)
-		{
-		unsigned char *data;
-		int len,l,bits;
-
-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		printf("#ifndef HEADER_DH_H\n"
-		       "#include <openssl/dh.h>\n"
-		       "#endif\n");
-		printf("DH *get_dh%d()\n\t{\n",bits);
-
-		l=BN_bn2bin(dh->p,data);
-		printf("\tstatic unsigned char dh%d_p[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t\t};\n");
-
-		l=BN_bn2bin(dh->g,data);
-		printf("\tstatic unsigned char dh%d_g[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t\t};\n");
-
-		printf("\tDH *dh;\n\n");
-		printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
-		printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
-		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
-		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\t{ DH_free(dh); return(NULL); }\n");
-		if (dh->length)
-			printf("\tdh->length = %ld;\n", dh->length);
-		printf("\treturn(dh);\n\t}\n");
-		OPENSSL_free(data);
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
-static void MS_CALLBACK dh_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-
-#endif
diff --git a/crypto/openssl/apps/dsa-ca.pem b/crypto/openssl/apps/dsa-ca.pem
deleted file mode 100644
index cccc14208fc1..000000000000
--- a/crypto/openssl/apps/dsa-ca.pem
+++ /dev/null
@@ -1,40 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
-94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
-tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
-J6zsFbSEHaQGUmfSeoM=
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/apps/dsa-pca.pem b/crypto/openssl/apps/dsa-pca.pem
deleted file mode 100644
index d23774edd618..000000000000
--- a/crypto/openssl/apps/dsa-pca.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
-6TicfImU7UFRn9h00j0lJQ==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/apps/dsa.c b/crypto/openssl/apps/dsa.c
deleted file mode 100644
index e9de3a3bdfb6..000000000000
--- a/crypto/openssl/apps/dsa.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* apps/dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DSA
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	dsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -aes128	- encrypt output if PEM format
- * -aes192	- encrypt output if PEM format
- * -aes256	- encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the DSA public key
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	int ret=1;
-	DSA *dsa=NULL;
-	int i,badops=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,noout=0;
-	int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine;
-#endif
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-	int modulus=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the DSA public value\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	BIO_printf(bio_err,"read DSA key\n");
-	if	(informat == FORMAT_ASN1) {
-		if(pubin) dsa=d2i_DSA_PUBKEY_bio(in,NULL);
-		else dsa=d2i_DSAPrivateKey_bio(in,NULL);
-	} else if (informat == FORMAT_PEM) {
-		if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL);
-		else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin);
-	} else
-		{
-		BIO_printf(bio_err,"bad input format specified for key\n");
-		goto end;
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!DSA_print(out,dsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		fprintf(stdout,"Public Key=");
-		BN_print(out,dsa->pub_key);
-		fprintf(stdout,"\n");
-		}
-
-	if (noout) goto end;
-	BIO_printf(bio_err,"writing DSA key\n");
-	if 	(outformat == FORMAT_ASN1) {
-		if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
-		else i=i2d_DSAPrivateKey_bio(out,dsa);
-	} else if (outformat == FORMAT_PEM) {
-		if(pubin || pubout)
-			i=PEM_write_bio_DSA_PUBKEY(out,dsa);
-		else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
-							NULL,0,NULL, passout);
-	} else {
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write private key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(in != NULL) BIO_free(in);
-	if(out != NULL) BIO_free_all(out);
-	if(dsa != NULL) DSA_free(dsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#endif
diff --git a/crypto/openssl/apps/dsa1024.pem b/crypto/openssl/apps/dsa1024.pem
deleted file mode 100644
index 082dec389782..000000000000
--- a/crypto/openssl/apps/dsa1024.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
-mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
-OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
-bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
-3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
-zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
-Arg=
------END DSA PARAMETERS-----
diff --git a/crypto/openssl/apps/dsa512.pem b/crypto/openssl/apps/dsa512.pem
deleted file mode 100644
index 5f86d1a6e7e8..000000000000
--- a/crypto/openssl/apps/dsa512.pem
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
-TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
-gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
-L8wka5B33qJoplISogOdIA==
------END DSA PARAMETERS-----
diff --git a/crypto/openssl/apps/dsap.pem b/crypto/openssl/apps/dsap.pem
deleted file mode 100644
index d4dfdb3054f3..000000000000
--- a/crypto/openssl/apps/dsap.pem
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
-GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
-t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
-ADiRffvSdhrNw5dkqdql
------END DSA PARAMETERS-----
diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c
deleted file mode 100644
index 04861e898639..000000000000
--- a/crypto/openssl/apps/dsaparam.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/* apps/dsaparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DSA
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	dsaparam_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -noout
- * -text
- * -C
- * -noout
- * -genkey
- */
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	DSA *dsa=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL;
-	int numbits= -1,num,genkey=0;
-	int need_rand=0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if(strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine = *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			{
-			genkey=1;
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (sscanf(*argv,"%d",&num) == 1)
-			{
-			/* generate a key */
-			numbits=num;
-			need_rand=1;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -text         print as text\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		BIO_printf(bio_err," -genkey       generate a DSA key\n");
-		BIO_printf(bio_err," -rand         files to use for random number input\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," number        number of bits to use for generating private key\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (need_rand)
-		{
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-		}
-
-	if (numbits > 0)
-		{
-		assert(need_rand);
-		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-	        BIO_printf(bio_err,"This could take some time\n");
-	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, dsa_cb,bio_err);
-		}
-	else if	(informat == FORMAT_ASN1)
-		dsa=d2i_DSAparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (text)
-		{
-		DSAparams_print(out,dsa);
-		}
-	
-	if (C)
-		{
-		unsigned char *data;
-		int l,len,bits_p,bits_q,bits_g;
-
-		len=BN_num_bytes(dsa->p);
-		bits_p=BN_num_bits(dsa->p);
-		bits_q=BN_num_bits(dsa->q);
-		bits_g=BN_num_bits(dsa->g);
-		data=(unsigned char *)OPENSSL_malloc(len+20);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dsa->p,data);
-		printf("static unsigned char dsa%d_p[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dsa->q,data);
-		printf("static unsigned char dsa%d_q[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dsa->g,data);
-		printf("static unsigned char dsa%d_g[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n\n");
-
-		printf("DSA *get_dsa%d()\n\t{\n",bits_p);
-		printf("\tDSA *dsa;\n\n");
-		printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
-		printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
-			bits_p,bits_p);
-		printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
-		printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
-		printf("\treturn(dsa);\n\t}\n");
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAparams_bio(out,dsa);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAparams(out,dsa);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DSA parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	if (genkey)
-		{
-		DSA *dsakey;
-
-		assert(need_rand);
-		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
-		if (!DSA_generate_key(dsakey)) goto end;
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAPrivateKey_bio(out,dsakey);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		DSA_free(dsakey);
-		}
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(arg,&c,1);
-	(void)BIO_flush(arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#endif
diff --git a/crypto/openssl/apps/eay.c b/crypto/openssl/apps/eay.c
deleted file mode 100644
index a84aa382bde4..000000000000
--- a/crypto/openssl/apps/eay.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* apps/eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define MONOLITH
-#define USE_SOCKETS
-
-#include "openssl/e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-
-#include <openssl/err.h>
-
-#include <openssl/bn.h>
-
-#include <openssl/evp.h>
-
-#include <openssl/rand.h>
-#include <openssl/conf.h>
-#include <openssl/txt_db.h>
-
-#include <openssl/err.h>
-
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-#define MONOLITH
-
-#include "openssl.c"
-#include "apps.c"
-#include "asn1pars.c"
-#ifndef NO_RSA
-#include "ca.c"
-#include "genrsa.c"
-#include "req.c"
-#include "rsa.c"
-#endif
-#ifndef NO_DH
-#include "gendh.c"
-#include "dh.c"
-#endif
-#include "crl.c"
-#include "crl2p7.c"
-#include "dgst.c"
-#include "enc.c"
-#include "errstr.c"
-#if !defined(NO_SSL2) || !defined(NO_SSL3)
-#ifndef NO_SOCK
-#include "s_cb.c"
-#include "s_client.c"
-#include "s_server.c"
-#include "s_socket.c"
-#include "s_time.c"
-#endif
-#endif
-#include "speed.c"
-#include "verify.c"
-#include "version.c"
-#include "x509.c"
-#include "ciphers.c"
-#include "sess_id.c"
-#include "pkcs7.c"
-#ifndef NO_DSA
-#include "dsaparam.c"
-#include "dsa.c"
-#include "gendsa.c"
-#endif
-
diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c
deleted file mode 100644
index 0a9f7310bf51..000000000000
--- a/crypto/openssl/apps/enc.c
+++ /dev/null
@@ -1,636 +0,0 @@
-/* apps/enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-#include <openssl/pem.h>
-#include <ctype.h>
-
-int set_hex(char *in,unsigned char *out,int size);
-#undef SIZE
-#undef BSIZE
-#undef PROG
-
-#define SIZE	(512)
-#define BSIZE	(8*1024)
-#define	PROG	enc_main
-
-static void show_ciphers(const OBJ_NAME *name,void *bio_)
-	{
-	BIO *bio=bio_;
-	static int n;
-
-	if(!islower((unsigned char)*name->name))
-		return;
-
-	BIO_printf(bio,"-%-25s",name->name);
-	if(++n == 3)
-		{
-		BIO_printf(bio,"\n");
-		n=0;
-		}
-	else
-		BIO_printf(bio," ");
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	static const char magic[]="Salted__";
-	char mbuf[sizeof magic-1];
-	char *strbuf=NULL;
-	unsigned char *buff=NULL,*bufsize=NULL;
-	int bsize=BSIZE,verbose=0;
-	int ret=1,inl;
-	int nopad = 0;
-	unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
-	unsigned char salt[PKCS5_SALT_LEN];
-	char *str=NULL, *passarg = NULL, *pass = NULL;
-	char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
-	int enc=1,printkey=0,i,base64=0;
-	int debug=0,olb64=0,nosalt=0;
-	const EVP_CIPHER *cipher=NULL,*c;
-	char *inf=NULL,*outf=NULL;
-	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
-#define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	/* first check the program name */
-	program_name(argv[0],pname,sizeof pname);
-	if (strcmp(pname,"base64") == 0)
-		base64=1;
-
-	cipher=EVP_get_cipherbyname(pname);
-	if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
-		{
-		BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
-		goto bad;
-		}
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-e") == 0)
-			enc=1;
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inf= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outf= *(++argv);
-			}
-		else if (strcmp(*argv,"-pass") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passarg= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if	(strcmp(*argv,"-d") == 0)
-			enc=0;
-		else if	(strcmp(*argv,"-p") == 0)
-			printkey=1;
-		else if	(strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-nopad") == 0)
-			nopad=1;
-		else if	(strcmp(*argv,"-salt") == 0)
-			nosalt=0;
-		else if	(strcmp(*argv,"-nosalt") == 0)
-			nosalt=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			debug=1;
-		else if	(strcmp(*argv,"-P") == 0)
-			printkey=2;
-		else if	(strcmp(*argv,"-A") == 0)
-			olb64=1;
-		else if	(strcmp(*argv,"-a") == 0)
-			base64=1;
-		else if	(strcmp(*argv,"-base64") == 0)
-			base64=1;
-		else if (strcmp(*argv,"-bufsize") == 0)
-			{
-			if (--argc < 1) goto bad;
-			bufsize=(unsigned char *)*(++argv);
-			}
-		else if (strcmp(*argv,"-k") == 0)
-			{
-			if (--argc < 1) goto bad;
-			str= *(++argv);
-			}
-		else if (strcmp(*argv,"-kfile") == 0)
-			{
-			static char buf[128];
-			FILE *infile;
-			char *file;
-
-			if (--argc < 1) goto bad;
-			file= *(++argv);
-			infile=fopen(file,"r");
-			if (infile == NULL)
-				{
-				BIO_printf(bio_err,"unable to read key from '%s'\n",
-					file);
-				goto bad;
-				}
-			buf[0]='\0';
-			fgets(buf,sizeof buf,infile);
-			fclose(infile);
-			i=strlen(buf);
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if (i < 1)
-				{
-				BIO_printf(bio_err,"zero length password\n");
-				goto bad;
-				}
-			str=buf;
-			}
-		else if (strcmp(*argv,"-K") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hkey= *(++argv);
-			}
-		else if (strcmp(*argv,"-S") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hsalt= *(++argv);
-			}
-		else if (strcmp(*argv,"-iv") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hiv= *(++argv);
-			}
-		else if	((argv[0][0] == '-') &&
-			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
-			{
-			cipher=c;
-			}
-		else if (strcmp(*argv,"-none") == 0)
-			cipher=NULL;
-		else
-			{
-			BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-bad:
-			BIO_printf(bio_err,"options are\n");
-			BIO_printf(bio_err,"%-14s input file\n","-in <file>");
-			BIO_printf(bio_err,"%-14s output file\n","-out <file>");
-			BIO_printf(bio_err,"%-14s pass phrase source\n","-pass <arg>");
-			BIO_printf(bio_err,"%-14s encrypt\n","-e");
-			BIO_printf(bio_err,"%-14s decrypt\n","-d");
-			BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
-			BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
-			BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
-			BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
-			BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
-			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
-#ifndef OPENSSL_NO_ENGINE
-			BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
-#endif
-
-			BIO_printf(bio_err,"Cipher Types\n");
-			OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
-					       show_ciphers,
-					       bio_err);
-			BIO_printf(bio_err,"\n");
-
-			goto end;
-			}
-		argc--;
-		argv++;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (bufsize != NULL)
-		{
-		unsigned long n;
-
-		for (n=0; *bufsize; bufsize++)
-			{
-			i= *bufsize;
-			if ((i <= '9') && (i >= '0'))
-				n=n*10+i-'0';
-			else if (i == 'k')
-				{
-				n*=1024;
-				bufsize++;
-				break;
-				}
-			}
-		if (*bufsize != '\0')
-			{
-			BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
-			goto end;
-			}
-
-		/* It must be large enough for a base64 encoded line */
-		if (n < 80) n=80;
-
-		bsize=(int)n;
-		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
-		}
-
-	strbuf=OPENSSL_malloc(SIZE);
-	buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
-	if ((buff == NULL) || (strbuf == NULL))
-		{
-		BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,bio_err);
-		BIO_set_callback_arg(out,bio_err);
-		}
-
-	if (inf == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,inf) <= 0)
-			{
-			perror(inf);
-			goto end;
-			}
-		}
-
-	if(!str && passarg) {
-		if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
-			BIO_printf(bio_err, "Error getting password\n");
-			goto end;
-		}
-		str = pass;
-	}
-
-	if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
-		{
-		for (;;)
-			{
-			char buf[200];
-
-			sprintf(buf,"enter %s %s password:",
-				OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				(enc)?"encryption":"decryption");
-			strbuf[0]='\0';
-			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
-			if (i == 0)
-				{
-				if (strbuf[0] == '\0')
-					{
-					ret=1;
-					goto end;
-					}
-				str=strbuf;
-				break;
-				}
-			if (i < 0)
-				{
-				BIO_printf(bio_err,"bad password read\n");
-				goto end;
-				}
-			}
-		}
-
-
-	if (outf == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outf) <= 0)
-			{
-			perror(outf);
-			goto end;
-			}
-		}
-
-	rbio=in;
-	wbio=out;
-
-	if (base64)
-		{
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		if (debug)
-			{
-			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,bio_err);
-			}
-		if (olb64)
-			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
-		if (enc)
-			wbio=BIO_push(b64,wbio);
-		else
-			rbio=BIO_push(b64,rbio);
-		}
-
-	if (cipher != NULL)
-		{
-		/* Note that str is NULL if a key was passed on the command
-		 * line, so we get no salt in that case. Is this a bug?
-		 */
-		if (str != NULL)
-			{
-			/* Salt handling: if encrypting generate a salt and
-			 * write to output BIO. If decrypting read salt from
-			 * input BIO.
-			 */
-			unsigned char *sptr;
-			if(nosalt) sptr = NULL;
-			else {
-				if(enc) {
-					if(hsalt) {
-						if(!set_hex(hsalt,salt,sizeof salt)) {
-							BIO_printf(bio_err,
-								"invalid hex salt value\n");
-							goto end;
-						}
-					} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
-						goto end;
-					/* If -P option then don't bother writing */
-					if((printkey != 2)
-					   && (BIO_write(wbio,magic,
-							 sizeof magic-1) != sizeof magic-1
-					       || BIO_write(wbio,
-							    (char *)salt,
-							    sizeof salt) != sizeof salt)) {
-						BIO_printf(bio_err,"error writing output file\n");
-						goto end;
-					}
-				} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
-					  || BIO_read(rbio,
-						      (unsigned char *)salt,
-				    sizeof salt) != sizeof salt) {
-					BIO_printf(bio_err,"error reading input file\n");
-					goto end;
-				} else if(memcmp(mbuf,magic,sizeof magic-1)) {
-				    BIO_printf(bio_err,"bad magic number\n");
-				    goto end;
-				}
-
-				sptr = salt;
-			}
-
-			EVP_BytesToKey(cipher,EVP_md5(),sptr,
-				(unsigned char *)str,
-				strlen(str),1,key,iv);
-			/* zero the complete buffer or the string
-			 * passed from the command line
-			 * bug picked up by
-			 * Larry J. Hughes Jr. <hughes@indiana.edu> */
-			if (str == strbuf)
-				OPENSSL_cleanse(str,SIZE);
-			else
-				OPENSSL_cleanse(str,strlen(str));
-			}
-		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
-			{
-			BIO_printf(bio_err,"invalid hex iv value\n");
-			goto end;
-			}
-		if ((hiv == NULL) && (str == NULL))
-			{
-			/* No IV was explicitly set and no IV was generated
-			 * during EVP_BytesToKey. Hence the IV is undefined,
-			 * making correct decryption impossible. */
-			BIO_printf(bio_err, "iv undefined\n");
-			goto end;
-			}
-		if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
-			{
-			BIO_printf(bio_err,"invalid hex key value\n");
-			goto end;
-			}
-
-		if ((benc=BIO_new(BIO_f_cipher())) == NULL)
-			goto end;
-		BIO_set_cipher(benc,cipher,key,iv,enc);
-		if (nopad)
-			{
-			EVP_CIPHER_CTX *ctx;
-			BIO_get_cipher_ctx(benc, &ctx);
-			EVP_CIPHER_CTX_set_padding(ctx, 0);
-			}
-		if (debug)
-			{
-			BIO_set_callback(benc,BIO_debug_callback);
-			BIO_set_callback_arg(benc,bio_err);
-			}
-
-		if (printkey)
-			{
-			if (!nosalt)
-				{
-				printf("salt=");
-				for (i=0; i<sizeof salt; i++)
-					printf("%02X",salt[i]);
-				printf("\n");
-				}
-			if (cipher->key_len > 0)
-				{
-				printf("key=");
-				for (i=0; i<cipher->key_len; i++)
-					printf("%02X",key[i]);
-				printf("\n");
-				}
-			if (cipher->iv_len > 0)
-				{
-				printf("iv =");
-				for (i=0; i<cipher->iv_len; i++)
-					printf("%02X",iv[i]);
-				printf("\n");
-				}
-			if (printkey == 2)
-				{
-				ret=0;
-				goto end;
-				}
-			}
-		}
-
-	/* Only encrypt/decrypt as we write the file */
-	if (benc != NULL)
-		wbio=BIO_push(benc,wbio);
-
-	for (;;)
-		{
-		inl=BIO_read(rbio,(char *)buff,bsize);
-		if (inl <= 0) break;
-		if (BIO_write(wbio,(char *)buff,inl) != inl)
-			{
-			BIO_printf(bio_err,"error writing output file\n");
-			goto end;
-			}
-		}
-	if (!BIO_flush(wbio))
-		{
-		BIO_printf(bio_err,"bad decrypt\n");
-		goto end;
-		}
-
-	ret=0;
-	if (verbose)
-		{
-		BIO_printf(bio_err,"bytes read   :%8ld\n",BIO_number_read(in));
-		BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
-		}
-end:
-	ERR_print_errors(bio_err);
-	if (strbuf != NULL) OPENSSL_free(strbuf);
-	if (buff != NULL) OPENSSL_free(buff);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (benc != NULL) BIO_free(benc);
-	if (b64 != NULL) BIO_free(b64);
-	if(pass) OPENSSL_free(pass);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-int set_hex(char *in, unsigned char *out, int size)
-	{
-	int i,n;
-	unsigned char j;
-
-	n=strlen(in);
-	if (n > (size*2))
-		{
-		BIO_printf(bio_err,"hex string is too long\n");
-		return(0);
-		}
-	memset(out,0,size);
-	for (i=0; i<n; i++)
-		{
-		j=(unsigned char)*in;
-		*(in++)='\0';
-		if (j == 0) break;
-		if ((j >= '0') && (j <= '9'))
-			j-='0';
-		else if ((j >= 'A') && (j <= 'F'))
-			j=j-'A'+10;
-		else if ((j >= 'a') && (j <= 'f'))
-			j=j-'a'+10;
-		else
-			{
-			BIO_printf(bio_err,"non-hex digit\n");
-			return(0);
-			}
-		if (i&1)
-			out[i/2]|=j;
-		else
-			out[i/2]=(j<<4);
-		}
-	return(1);
-	}
diff --git a/crypto/openssl/apps/engine.c b/crypto/openssl/apps/engine.c
deleted file mode 100644
index 456f80a70621..000000000000
--- a/crypto/openssl/apps/engine.c
+++ /dev/null
@@ -1,523 +0,0 @@
-/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_ENGINE
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/engine.h>
-#include <openssl/ssl.h>
-
-#undef PROG
-#define PROG	engine_main
-
-static char *engine_usage[]={
-"usage: engine opts [engine ...]\n",
-" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
-"               -vv will additionally display each command's description\n",
-"               -vvv will also add the input flags for each command\n",
-"               -vvvv will also show internal input flags\n",
-" -c          - for each engine, also list the capabilities\n",
-" -t          - for each engine, check that they are really available\n",
-" -pre <cmd>  - runs command 'cmd' against the ENGINE before any attempts\n",
-"               to load it (if -t is used)\n",
-" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
-"               (only used if -t is also provided)\n",
-" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
-" line, or all supported ENGINEs if none are specified.\n",
-" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
-" argument \"/lib/libdriver.so\".\n",
-NULL
-};
-
-static void identity(void *ptr)
-	{
-	return;
-	}
-
-static int append_buf(char **buf, const char *s, int *size, int step)
-	{
-	int l = strlen(s);
-
-	if (*buf == NULL)
-		{
-		*size = step;
-		*buf = OPENSSL_malloc(*size);
-		if (*buf == NULL)
-			return 0;
-		**buf = '\0';
-		}
-
-	if (**buf != '\0')
-		l += 2;		/* ", " */
-
-	if (strlen(*buf) + strlen(s) >= (unsigned int)*size)
-		{
-		*size += step;
-		*buf = OPENSSL_realloc(*buf, *size);
-		}
-
-	if (*buf == NULL)
-		return 0;
-
-	if (**buf != '\0')
-		strcat(*buf, ", ");
-	strcat(*buf, s);
-
-	return 1;
-	}
-
-static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
-	{
-	int started = 0, err = 0;
-	/* Indent before displaying input flags */
-	BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
-	if(flags == 0)
-		{
-		BIO_printf(bio_out, "<no flags>\n");
-		return 1;
-		}
-        /* If the object is internal, mark it in a way that shows instead of
-         * having it part of all the other flags, even if it really is. */
-	if(flags & ENGINE_CMD_FLAG_INTERNAL)
-		{
-		BIO_printf(bio_out, "[Internal] ");
-		}
-
-	if(flags & ENGINE_CMD_FLAG_NUMERIC)
-		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
-		BIO_printf(bio_out, "NUMERIC");
-		started = 1;
-		}
-	/* Now we check that no combinations of the mutually exclusive NUMERIC,
-	 * STRING, and NO_INPUT flags have been used. Future flags that can be
-	 * OR'd together with these would need to added after these to preserve
-	 * the testing logic. */
-	if(flags & ENGINE_CMD_FLAG_STRING)
-		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
-		BIO_printf(bio_out, "STRING");
-		started = 1;
-		}
-	if(flags & ENGINE_CMD_FLAG_NO_INPUT)
-		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
-		BIO_printf(bio_out, "NO_INPUT");
-		started = 1;
-		}
-	/* Check for unknown flags */
-	flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
-			~ENGINE_CMD_FLAG_STRING &
-			~ENGINE_CMD_FLAG_NO_INPUT &
-			~ENGINE_CMD_FLAG_INTERNAL;
-	if(flags)
-		{
-		if(started) BIO_printf(bio_out, "|");
-		BIO_printf(bio_out, "<0x%04X>", flags);
-		}
-	if(err)
-		BIO_printf(bio_out, "  <illegal flags!>");
-	BIO_printf(bio_out, "\n");
-	return 1;
-	}
-
-static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent)
-	{
-	static const int line_wrap = 78;
-	int num;
-	int ret = 0;
-	char *name = NULL;
-	char *desc = NULL;
-	int flags;
-	int xpos = 0;
-	STACK *cmds = NULL;
-	if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
-			((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
-					0, NULL, NULL)) <= 0))
-		{
-#if 0
-		BIO_printf(bio_out, "%s<no control commands>\n", indent);
-#endif
-		return 1;
-		}
-
-	cmds = sk_new_null();
-
-	if(!cmds)
-		goto err;
-	do {
-		int len;
-		/* Get the command input flags */
-		if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
-					NULL, NULL)) < 0)
-			goto err;
-                if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4)
-                        {
-                        /* Get the command name */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
-                                NULL, NULL)) <= 0)
-                                goto err;
-                        if((name = OPENSSL_malloc(len + 1)) == NULL)
-                                goto err;
-                        if(ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
-                                NULL) <= 0)
-                                goto err;
-                        /* Get the command description */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
-                                NULL, NULL)) < 0)
-                                goto err;
-                        if(len > 0)
-                                {
-                                if((desc = OPENSSL_malloc(len + 1)) == NULL)
-                                        goto err;
-                                if(ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
-                                        NULL) <= 0)
-                                        goto err;
-                                }
-                        /* Now decide on the output */
-                        if(xpos == 0)
-                                /* Do an indent */
-                                xpos = BIO_printf(bio_out, indent);
-                        else
-                                /* Otherwise prepend a ", " */
-                                xpos += BIO_printf(bio_out, ", ");
-                        if(verbose == 1)
-                                {
-                                /* We're just listing names, comma-delimited */
-                                if((xpos > (int)strlen(indent)) &&
-					(xpos + (int)strlen(name) > line_wrap))
-                                        {
-                                        BIO_printf(bio_out, "\n");
-                                        xpos = BIO_printf(bio_out, indent);
-                                        }
-                                xpos += BIO_printf(bio_out, "%s", name);
-                                }
-                        else
-                                {
-                                /* We're listing names plus descriptions */
-                                BIO_printf(bio_out, "%s: %s\n", name,
-                                        (desc == NULL) ? "<no description>" : desc);
-                                /* ... and sometimes input flags */
-                                if((verbose >= 3) && !util_flags(bio_out, flags,
-                                        indent))
-                                        goto err;
-                                xpos = 0;
-                                }
-                        }
-		OPENSSL_free(name); name = NULL;
-		if(desc) { OPENSSL_free(desc); desc = NULL; }
-		/* Move to the next command */
-		num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE,
-					num, NULL, NULL);
-		} while(num > 0);
-	if(xpos > 0)
-		BIO_printf(bio_out, "\n");
-	ret = 1;
-err:
-	if(cmds) sk_pop_free(cmds, identity);
-	if(name) OPENSSL_free(name);
-	if(desc) OPENSSL_free(desc);
-	return ret;
-	}
-
-static void util_do_cmds(ENGINE *e, STACK *cmds, BIO *bio_out, const char *indent)
-	{
-	int loop, res, num = sk_num(cmds);
-	if(num < 0)
-		{
-		BIO_printf(bio_out, "[Error]: internal stack error\n");
-		return;
-		}
-	for(loop = 0; loop < num; loop++)
-		{
-		char buf[256];
-		const char *cmd, *arg;
-		cmd = sk_value(cmds, loop);
-		res = 1; /* assume success */
-		/* Check if this command has no ":arg" */
-		if((arg = strstr(cmd, ":")) == NULL)
-			{
-			if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
-				res = 0;
-			}
-		else
-			{
-			if((int)(arg - cmd) > 254)
-				{
-				BIO_printf(bio_out,"[Error]: command name too long\n");
-				return;
-				}
-			memcpy(buf, cmd, (int)(arg - cmd));
-			buf[arg-cmd] = '\0';
-			arg++; /* Move past the ":" */
-			/* Call the command with the argument */
-			if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
-				res = 0;
-			}
-		if(res)
-			BIO_printf(bio_out, "[Success]: %s\n", cmd);
-		else
-			{
-			BIO_printf(bio_out, "[Failure]: %s\n", cmd);
-			ERR_print_errors(bio_out);
-			}
-		}
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
-	char **pp;
-	int verbose=0, list_cap=0, test_avail=0;
-	ENGINE *e;
-	STACK *engines = sk_new_null();
-	STACK *pre_cmds = sk_new_null();
-	STACK *post_cmds = sk_new_null();
-	int badops=1;
-	BIO *bio_out=NULL;
-	const char *indent = "     ";
-
-	apps_startup();
-	SSL_load_error_strings();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	bio_out = BIO_push(tmpbio, bio_out);
-	}
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strncmp(*argv,"-v",2) == 0)
-			{
-			if(strspn(*argv + 1, "v") < strlen(*argv + 1))
-				goto skip_arg_loop;
-			if((verbose=strlen(*argv + 1)) > 4)
-				goto skip_arg_loop;
-			}
-		else if (strcmp(*argv,"-c") == 0)
-			list_cap=1;
-		else if (strcmp(*argv,"-t") == 0)
-			test_avail=1;
-		else if (strcmp(*argv,"-pre") == 0)
-			{
-			argc--; argv++;
-			sk_push(pre_cmds,*argv);
-			}
-		else if (strcmp(*argv,"-post") == 0)
-			{
-			argc--; argv++;
-			sk_push(post_cmds,*argv);
-			}
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-				(strcmp(*argv,"-?") == 0))
-			goto skip_arg_loop;
-		else
-			sk_push(engines,*argv);
-		argc--;
-		argv++;
-		}
-	/* Looks like everything went OK */
-	badops = 0;
-skip_arg_loop:
-
-	if (badops)
-		{
-		for (pp=engine_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	if (sk_num(engines) == 0)
-		{
-		for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
-			{
-			sk_push(engines,(char *)ENGINE_get_id(e));
-			}
-		}
-
-	for (i=0; i<sk_num(engines); i++)
-		{
-		const char *id = sk_value(engines,i);
-		if ((e = ENGINE_by_id(id)) != NULL)
-			{
-			const char *name = ENGINE_get_name(e);
-			/* Do "id" first, then "name". Easier to auto-parse. */
-			BIO_printf(bio_out, "(%s) %s\n", id, name);
-			util_do_cmds(e, pre_cmds, bio_out, indent);
-			if (strcmp(ENGINE_get_id(e), id) != 0)
-				{
-				BIO_printf(bio_out, "Loaded: (%s) %s\n",
-					ENGINE_get_id(e), ENGINE_get_name(e));
-				}
-			if (list_cap)
-				{
-				int cap_size = 256;
-				char *cap_buf = NULL;
-				int k,n;
-				const int *nids;
-				ENGINE_CIPHERS_PTR fn_c;
-				ENGINE_DIGESTS_PTR fn_d;
-
-				if (ENGINE_get_RSA(e) != NULL
-					&& !append_buf(&cap_buf, "RSA",
-						&cap_size, 256))
-					goto end;
-				if (ENGINE_get_DSA(e) != NULL
-					&& !append_buf(&cap_buf, "DSA",
-						&cap_size, 256))
-					goto end;
-				if (ENGINE_get_DH(e) != NULL
-					&& !append_buf(&cap_buf, "DH",
-						&cap_size, 256))
-					goto end;
-				if (ENGINE_get_RAND(e) != NULL
-					&& !append_buf(&cap_buf, "RAND",
-						&cap_size, 256))
-					goto end;
-
-				fn_c = ENGINE_get_ciphers(e);
-				if(!fn_c) goto skip_ciphers;
-				n = fn_c(e, NULL, &nids, 0);
-				for(k=0 ; k < n ; ++k)
-					if(!append_buf(&cap_buf,
-						       OBJ_nid2sn(nids[k]),
-						       &cap_size, 256))
-						goto end;
-
-skip_ciphers:
-				fn_d = ENGINE_get_digests(e);
-				if(!fn_d) goto skip_digests;
-				n = fn_d(e, NULL, &nids, 0);
-				for(k=0 ; k < n ; ++k)
-					if(!append_buf(&cap_buf,
-						       OBJ_nid2sn(nids[k]),
-						       &cap_size, 256))
-						goto end;
-
-skip_digests:
-				if (cap_buf && (*cap_buf != '\0'))
-					BIO_printf(bio_out, " [%s]\n", cap_buf);
-
-				OPENSSL_free(cap_buf);
-				}
-			if(test_avail)
-				{
-				BIO_printf(bio_out, "%s", indent);
-				if (ENGINE_init(e))
-					{
-					BIO_printf(bio_out, "[ available ]\n");
-					util_do_cmds(e, post_cmds, bio_out, indent);
-					ENGINE_finish(e);
-					}
-				else
-					{
-					BIO_printf(bio_out, "[ unavailable ]\n");
-					ERR_print_errors_fp(stdout);
-					ERR_clear_error();
-					}
-				}
-			if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
-				goto end;
-			ENGINE_free(e);
-			}
-		else
-			ERR_print_errors(bio_err);
-		}
-
-	ret=0;
-end:
-	ERR_print_errors(bio_err);
-	sk_pop_free(engines, identity);
-	sk_pop_free(pre_cmds, identity);
-	sk_pop_free(post_cmds, identity);
-	if (bio_out != NULL) BIO_free_all(bio_out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#endif
diff --git a/crypto/openssl/apps/errstr.c b/crypto/openssl/apps/errstr.c
deleted file mode 100644
index 19489b0df3b7..000000000000
--- a/crypto/openssl/apps/errstr.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* apps/errstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-#undef PROG
-#define PROG	errstr_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
-	char buf[256];
-	unsigned long l;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	SSL_load_error_strings();
-
-	if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
-		{
-		BIO *out=NULL;
-
-		out=BIO_new(BIO_s_file());
-		if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
-			{
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_node_usage_stats_bio((LHASH *)
-				ERR_get_string_table(),out);
-			}
-		if (out != NULL) BIO_free_all(out);
-		argc--;
-		argv++;
-		}
-
-	for (i=1; i<argc; i++)
-		{
-		if (sscanf(argv[i],"%lx",&l))
-			{
-			ERR_error_string_n(l, buf, sizeof buf);
-			printf("%s\n",buf);
-			}
-		else
-			{
-			printf("%s: bad error code\n",argv[i]);
-			printf("usage: errstr [-stats] <errno> ...\n");
-			ret++;
-			}
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c
deleted file mode 100644
index a34a862caf97..000000000000
--- a/crypto/openssl/apps/gendh.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* apps/gendh.c */
-/* obsoleted by dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendh_main
-
-static void MS_CALLBACK dh_cb(int p, int n, void *arg);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	DH *dh=NULL;
-	int ret=1,num=DEFBITS;
-	int g=2;
-	char *outfile=NULL;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	BIO *out=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-	/*	else if (strcmp(*argv,"-3") == 0)
-			g=3; */
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
-		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2        - use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3        - use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5        - use 5 as the generator value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		goto end;
-		}
-		
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-	BIO_printf(bio_err,"This is going to take a long time\n");
-	dh=DH_generate_parameters(num,g,dh_cb,bio_err);
-		
-	if (dh == NULL) goto end;
-
-	app_RAND_write_file(NULL, bio_err);
-
-	if (!PEM_write_bio_DHparams(out,dh))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void MS_CALLBACK dh_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#endif
diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c
deleted file mode 100644
index 6d2ed06c81d9..000000000000
--- a/crypto/openssl/apps/gendsa.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* apps/gendsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DSA
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendsa_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	DSA *dsa=NULL;
-	int ret=1;
-	char *outfile=NULL;
-	char *inrand=NULL,*dsaparams=NULL;
-	char *passargout = NULL, *passout = NULL;
-	BIO *out=NULL,*in=NULL;
-	const EVP_CIPHER *enc=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-") == 0)
-			goto bad;
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-		else if (**argv != '-' && dsaparams == NULL)
-			{
-			dsaparams = *argv;
-			}
-		else
-			goto bad;
-		argv++;
-		argc--;
-		}
-
-	if (dsaparams == NULL)
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-		BIO_printf(bio_err," -out file - output the key to 'file'\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," dsaparam-file\n");
-		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-
-	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,dsaparams)))
-		{
-		perror(dsaparams);
-		goto end;
-		}
-
-	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameter file\n");
-		goto end;
-		}
-	BIO_free(in);
-	in = NULL;
-		
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) goto end;
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-							BN_num_bits(dsa->p));
-	if (!DSA_generate_key(dsa)) goto end;
-
-	app_RAND_write_file(NULL, bio_err);
-
-	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#endif
diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c
deleted file mode 100644
index 63be873b7bf8..000000000000
--- a/crypto/openssl/apps/genrsa.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* apps/genrsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-
-#define DEFBITS	512
-#undef PROG
-#define PROG genrsa_main
-
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	int ret=1;
-	RSA *rsa=NULL;
-	int i,num=DEFBITS;
-	long l;
-	const EVP_CIPHER *enc=NULL;
-	unsigned long f4=RSA_F4;
-	char *outfile=NULL;
-	char *passargout = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *inrand=NULL;
-	BIO *out=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-	if ((out=BIO_new(BIO_s_file())) == NULL)
-		{
-		BIO_printf(bio_err,"unable to create BIO for output\n");
-		goto err;
-		}
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-3") == 0)
-			f4=3;
-		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
-			f4=RSA_F4;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
-		BIO_printf(bio_err," -des            encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-		BIO_printf(bio_err," -out file       output the key to 'file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
-		BIO_printf(bio_err," -3              use 3 for the E value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"                 the random number generator\n");
-		goto err;
-		}
-		
-	ERR_load_crypto_strings();
-
-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto err;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto err;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
-		num);
-	rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
-		
-	app_RAND_write_file(NULL, bio_err);
-
-	if (rsa == NULL) goto err;
-	
-	/* We need to do the following for when the base number size is <
-	 * long, esp windows 3.1 :-(. */
-	l=0L;
-	for (i=0; i<rsa->e->top; i++)
-		{
-#ifndef SIXTY_FOUR_BIT
-		l<<=BN_BITS4;
-		l<<=BN_BITS4;
-#endif
-		l+=rsa->e->d[i];
-		}
-	BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
-	{
-	PW_CB_DATA cb_data;
-	cb_data.password = passout;
-	cb_data.prompt_info = outfile;
-	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
-		(pem_password_cb *)password_callback,&cb_data))
-		goto err;
-	}
-
-	ret=0;
-err:
-	if (rsa != NULL) RSA_free(rsa);
-	if (out != NULL) BIO_free_all(out);
-	if(passout) OPENSSL_free(passout);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/apps/nseq.c b/crypto/openssl/apps/nseq.c
deleted file mode 100644
index dc71d45012f8..000000000000
--- a/crypto/openssl/apps/nseq.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* nseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/pem.h>
-#include <openssl/err.h>
-
-#undef PROG
-#define PROG nseq_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int toseq = 0;
-	X509 *x509 = NULL;
-	NETSCAPE_CERT_SEQUENCE *seq = NULL;
-	int i, ret = 1;
-	int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-	ERR_load_crypto_strings();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-toseq")) toseq = 1;
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		BIO_printf (bio_err, "Netscape certificate sequence utility\n");
-		BIO_printf (bio_err, "Usage nseq [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-in file  input file\n");
-		BIO_printf (bio_err, "-out file output file\n");
-		BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
-		OPENSSL_EXIT(1);
-	}
-
-	if (infile) {
-		if (!(in = BIO_new_file (infile, "r"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "w"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-	if (toseq) {
-		seq = NETSCAPE_CERT_SEQUENCE_new();
-		seq->certs = sk_X509_new_null();
-		while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) 
-		    sk_X509_push(seq->certs,x509);
-
-		if(!sk_X509_num(seq->certs))
-		{
-			BIO_printf (bio_err, "Error reading certs file %s\n", infile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
-		ret = 0;
-		goto end;
-	}
-
-	if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
-		BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	for(i = 0; i < sk_X509_num(seq->certs); i++) {
-		x509 = sk_X509_value(seq->certs, i);
-		dump_cert_text(out, x509);
-		PEM_write_bio_X509(out, x509);
-	}
-	ret = 0;
-end:
-	BIO_free(in);
-	BIO_free_all(out);
-	NETSCAPE_CERT_SEQUENCE_free(seq);
-
-	OPENSSL_EXIT(ret);
-}
-
diff --git a/crypto/openssl/apps/ocsp.c b/crypto/openssl/apps/ocsp.c
deleted file mode 100644
index f05ec0e65540..000000000000
--- a/crypto/openssl/apps/ocsp.c
+++ /dev/null
@@ -1,1248 +0,0 @@
-/* ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_OCSP
-
-#include <stdio.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/pem.h>
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* Maximum leeway in validity period: default 5 minutes */
-#define MAX_VALIDITY_PERIOD	(5 * 60)
-
-/* CA index.txt definitions */
-#define DB_type         0
-#define DB_exp_date     1
-#define DB_rev_date     2
-#define DB_serial       3       /* index - unique */
-#define DB_file         4       
-#define DB_name         5       /* index - unique for active */
-#define DB_NUMBER       6
-
-#define DB_TYPE_REV	'R'
-#define DB_TYPE_EXP	'E'
-#define DB_TYPE_VAL	'V'
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids);
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids);
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-				STACK *names, STACK_OF(OCSP_CERTID) *ids,
-				long nsec, long maxage);
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
-			X509 *ca, X509 *rcert, EVP_PKEY *rkey,
-			STACK_OF(X509) *rother, unsigned long flags,
-			int nmin, int ndays);
-
-static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser);
-static BIO *init_responder(char *port);
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
-
-#undef PROG
-#define PROG ocsp_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char **args;
-	char *host = NULL, *port = NULL, *path = "/";
-	char *reqin = NULL, *respin = NULL;
-	char *reqout = NULL, *respout = NULL;
-	char *signfile = NULL, *keyfile = NULL;
-	char *rsignfile = NULL, *rkeyfile = NULL;
-	char *outfile = NULL;
-	int add_nonce = 1, noverify = 0, use_ssl = -1;
-	OCSP_REQUEST *req = NULL;
-	OCSP_RESPONSE *resp = NULL;
-	OCSP_BASICRESP *bs = NULL;
-	X509 *issuer = NULL, *cert = NULL;
-	X509 *signer = NULL, *rsigner = NULL;
-	EVP_PKEY *key = NULL, *rkey = NULL;
-	BIO *acbio = NULL, *cbio = NULL;
-	BIO *derbio = NULL;
-	BIO *out = NULL;
-	int req_text = 0, resp_text = 0;
-	long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
-	char *CAfile = NULL, *CApath = NULL;
-	X509_STORE *store = NULL;
-	SSL_CTX *ctx = NULL;
-	STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
-	char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
-	unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
-	int ret = 1;
-	int accept_count = -1;
-	int badarg = 0;
-	int i;
-	STACK *reqnames = NULL;
-	STACK_OF(OCSP_CERTID) *ids = NULL;
-
-	X509 *rca_cert = NULL;
-	char *ridx_filename = NULL;
-	char *rca_filename = NULL;
-	TXT_DB *rdb = NULL;
-	int nmin = 0, ndays = -1;
-
-	if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	SSL_load_error_strings();
-	args = argv + 1;
-	reqnames = sk_new_null();
-	ids = sk_OCSP_CERTID_new_null();
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-url"))
-			{
-			if (args[1])
-				{
-				args++;
-				if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl))
-					{
-					BIO_printf(bio_err, "Error parsing URL\n");
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-host"))
-			{
-			if (args[1])
-				{
-				args++;
-				host = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-port"))
-			{
-			if (args[1])
-				{
-				args++;
-				port = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-noverify"))
-			noverify = 1;
-		else if (!strcmp(*args, "-nonce"))
-			add_nonce = 2;
-		else if (!strcmp(*args, "-no_nonce"))
-			add_nonce = 0;
-		else if (!strcmp(*args, "-resp_no_certs"))
-			rflags |= OCSP_NOCERTS;
-		else if (!strcmp(*args, "-resp_key_id"))
-			rflags |= OCSP_RESPID_KEY;
-		else if (!strcmp(*args, "-no_certs"))
-			sign_flags |= OCSP_NOCERTS;
-		else if (!strcmp(*args, "-no_signature_verify"))
-			verify_flags |= OCSP_NOSIGS;
-		else if (!strcmp(*args, "-no_cert_verify"))
-			verify_flags |= OCSP_NOVERIFY;
-		else if (!strcmp(*args, "-no_chain"))
-			verify_flags |= OCSP_NOCHAIN;
-		else if (!strcmp(*args, "-no_cert_checks"))
-			verify_flags |= OCSP_NOCHECKS;
-		else if (!strcmp(*args, "-no_explicit"))
-			verify_flags |= OCSP_NOEXPLICIT;
-		else if (!strcmp(*args, "-trust_other"))
-			verify_flags |= OCSP_TRUSTOTHER;
-		else if (!strcmp(*args, "-no_intern"))
-			verify_flags |= OCSP_NOINTERN;
-		else if (!strcmp(*args, "-text"))
-			{
-			req_text = 1;
-			resp_text = 1;
-			}
-		else if (!strcmp(*args, "-req_text"))
-			req_text = 1;
-		else if (!strcmp(*args, "-resp_text"))
-			resp_text = 1;
-		else if (!strcmp(*args, "-reqin"))
-			{
-			if (args[1])
-				{
-				args++;
-				reqin = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-respin"))
-			{
-			if (args[1])
-				{
-				args++;
-				respin = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-signer"))
-			{
-			if (args[1])
-				{
-				args++;
-				signfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-VAfile"))
-			{
-			if (args[1])
-				{
-				args++;
-				verify_certfile = *args;
-				verify_flags |= OCSP_TRUSTOTHER;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-sign_other"))
-			{
-			if (args[1])
-				{
-				args++;
-				sign_certfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-verify_other"))
-			{
-			if (args[1])
-				{
-				args++;
-				verify_certfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-CAfile"))
-			{
-			if (args[1])
-				{
-				args++;
-				CAfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-CApath"))
-			{
-			if (args[1])
-				{
-				args++;
-				CApath = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-validity_period"))
-			{
-			if (args[1])
-				{
-				args++;
-				nsec = atol(*args);
-				if (nsec < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal validity period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-status_age"))
-			{
-			if (args[1])
-				{
-				args++;
-				maxage = atol(*args);
-				if (maxage < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal validity age %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		 else if (!strcmp(*args, "-signkey"))
-			{
-			if (args[1])
-				{
-				args++;
-				keyfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-reqout"))
-			{
-			if (args[1])
-				{
-				args++;
-				reqout = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-respout"))
-			{
-			if (args[1])
-				{
-				args++;
-				respout = *args;
-				}
-			else badarg = 1;
-			}
-		 else if (!strcmp(*args, "-path"))
-			{
-			if (args[1])
-				{
-				args++;
-				path = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-issuer"))
-			{
-			if (args[1])
-				{
-				args++;
-				X509_free(issuer);
-				issuer = load_cert(bio_err, *args, FORMAT_PEM,
-					NULL, e, "issuer certificate");
-				if(!issuer) goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-cert"))
-			{
-			if (args[1])
-				{
-				args++;
-				X509_free(cert);
-				cert = load_cert(bio_err, *args, FORMAT_PEM,
-					NULL, e, "certificate");
-				if(!cert) goto end;
-				if(!add_ocsp_cert(&req, cert, issuer, ids))
-					goto end;
-				if(!sk_push(reqnames, *args))
-					goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-serial"))
-			{
-			if (args[1])
-				{
-				args++;
-				if(!add_ocsp_serial(&req, *args, issuer, ids))
-					goto end;
-				if(!sk_push(reqnames, *args))
-					goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-index"))
-			{
-			if (args[1])
-				{
-				args++;
-				ridx_filename = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-CA"))
-			{
-			if (args[1])
-				{
-				args++;
-				rca_filename = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-nmin"))
-			{
-			if (args[1])
-				{
-				args++;
-				nmin = atol(*args);
-				if (nmin < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal update period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-				if (ndays == -1)
-					ndays = 0;
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-nrequest"))
-			{
-			if (args[1])
-				{
-				args++;
-				accept_count = atol(*args);
-				if (accept_count < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal accept count %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-ndays"))
-			{
-			if (args[1])
-				{
-				args++;
-				ndays = atol(*args);
-				if (ndays < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal update period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rsigner"))
-			{
-			if (args[1])
-				{
-				args++;
-				rsignfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rkey"))
-			{
-			if (args[1])
-				{
-				args++;
-				rkeyfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rother"))
-			{
-			if (args[1])
-				{
-				args++;
-				rcertfile = *args;
-				}
-			else badarg = 1;
-			}
-		else badarg = 1;
-		args++;
-		}
-
-	/* Have we anything to do? */
-	if (!req && !reqin && !respin && !(port && ridx_filename)) badarg = 1;
-
-	if (badarg)
-		{
-		BIO_printf (bio_err, "OCSP utility\n");
-		BIO_printf (bio_err, "Usage ocsp [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-out file          output filename\n");
-		BIO_printf (bio_err, "-issuer file       issuer certificate\n");
-		BIO_printf (bio_err, "-cert file         certificate to check\n");
-		BIO_printf (bio_err, "-serial n          serial number to check\n");
-		BIO_printf (bio_err, "-signer file       certificate to sign OCSP request with\n");
-		BIO_printf (bio_err, "-signkey file      private key to sign OCSP request with\n");
-		BIO_printf (bio_err, "-sign_certs file   additional certificates to include in signed request\n");
-		BIO_printf (bio_err, "-no_certs          don't include any certificates in signed request\n");
-		BIO_printf (bio_err, "-req_text          print text form of request\n");
-		BIO_printf (bio_err, "-resp_text         print text form of response\n");
-		BIO_printf (bio_err, "-text              print text form of request and response\n");
-		BIO_printf (bio_err, "-reqout file       write DER encoded OCSP request to \"file\"\n");
-		BIO_printf (bio_err, "-respout file      write DER encoded OCSP reponse to \"file\"\n");
-		BIO_printf (bio_err, "-reqin file        read DER encoded OCSP request from \"file\"\n");
-		BIO_printf (bio_err, "-respin file       read DER encoded OCSP reponse from \"file\"\n");
-		BIO_printf (bio_err, "-nonce             add OCSP nonce to request\n");
-		BIO_printf (bio_err, "-no_nonce          don't add OCSP nonce to request\n");
-		BIO_printf (bio_err, "-url URL           OCSP responder URL\n");
-		BIO_printf (bio_err, "-host host:n       send OCSP request to host on port n\n");
-		BIO_printf (bio_err, "-path              path to use in OCSP request\n");
-		BIO_printf (bio_err, "-CApath dir        trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file       trusted certificates file\n");
-		BIO_printf (bio_err, "-VAfile file       validator certificates file\n");
-		BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n");
-		BIO_printf (bio_err, "-status_age n      maximum status age in seconds\n");
-		BIO_printf (bio_err, "-noverify          don't verify response at all\n");
-		BIO_printf (bio_err, "-verify_certs file additional certificates to search for signer\n");
-		BIO_printf (bio_err, "-trust_other       don't verify additional certificates\n");
-		BIO_printf (bio_err, "-no_intern         don't search certificates contained in response for signer\n");
-		BIO_printf (bio_err, "-no_sig_verify     don't check signature on response\n");
-		BIO_printf (bio_err, "-no_cert_verify    don't check signing certificate\n");
-		BIO_printf (bio_err, "-no_chain          don't chain verify response\n");
-		BIO_printf (bio_err, "-no_cert_checks    don't do additional checks on signing certificate\n");
-		BIO_printf (bio_err, "-port num		 port to run responder on\n");
-		BIO_printf (bio_err, "-index file	 certificate status index file\n");
-		BIO_printf (bio_err, "-CA file		 CA certificate\n");
-		BIO_printf (bio_err, "-rsigner file	 responder certificate to sign responses with\n");
-		BIO_printf (bio_err, "-rkey file	 responder key to sign responses with\n");
-		BIO_printf (bio_err, "-rother file	 other certificates to include in response\n");
-		BIO_printf (bio_err, "-resp_no_certs     don't include any certificates in response\n");
-		BIO_printf (bio_err, "-nmin n	 	 number of minutes before next update\n");
-		BIO_printf (bio_err, "-ndays n	 	 number of days before next update\n");
-		BIO_printf (bio_err, "-resp_key_id       identify reponse by signing certificate key ID\n");
-		BIO_printf (bio_err, "-nrequest n        number of requests to accept (default unlimited)\n");
-		goto end;
-		}
-
-	if(outfile) out = BIO_new_file(outfile, "w");
-	else out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
-	if(!out)
-		{
-		BIO_printf(bio_err, "Error opening output file\n");
-		goto end;
-		}
-
-	if (!req && (add_nonce != 2)) add_nonce = 0;
-
-	if (!req && reqin)
-		{
-		derbio = BIO_new_file(reqin, "rb");
-		if (!derbio)
-			{
-			BIO_printf(bio_err, "Error Opening OCSP request file\n");
-			goto end;
-			}
-		req = d2i_OCSP_REQUEST_bio(derbio, NULL);
-		BIO_free(derbio);
-		if(!req)
-			{
-			BIO_printf(bio_err, "Error reading OCSP request\n");
-			goto end;
-			}
-		}
-
-	if (!req && port)
-		{
-		acbio = init_responder(port);
-		if (!acbio)
-			goto end;
-		}
-
-	if (rsignfile && !rdb)
-		{
-		if (!rkeyfile) rkeyfile = rsignfile;
-		rsigner = load_cert(bio_err, rsignfile, FORMAT_PEM,
-			NULL, e, "responder certificate");
-		if (!rsigner)
-			{
-			BIO_printf(bio_err, "Error loading responder certificate\n");
-			goto end;
-			}
-		rca_cert = load_cert(bio_err, rca_filename, FORMAT_PEM,
-			NULL, e, "CA certificate");
-		if (rcertfile)
-			{
-			rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
-				NULL, e, "responder other certificates");
-			if (!rother) goto end;
-			}
-		rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
-			"responder private key");
-		if (!rkey)
-			goto end;
-		}
-	if(acbio)
-		BIO_printf(bio_err, "Waiting for OCSP client connections...\n");
-
-	redo_accept:
-
-	if (acbio)
-		{
-		if (!do_responder(&req, &cbio, acbio, port))
-			goto end;
-		if (!req)
-			{
-			resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
-			send_ocsp_response(cbio, resp);
-			goto done_resp;
-			}
-		}
-
-	if (!req && (signfile || reqout || host || add_nonce || ridx_filename))
-		{
-		BIO_printf(bio_err, "Need an OCSP request for this operation!\n");
-		goto end;
-		}
-
-	if (req && add_nonce) OCSP_request_add1_nonce(req, NULL, -1);
-
-	if (signfile)
-		{
-		if (!keyfile) keyfile = signfile;
-		signer = load_cert(bio_err, signfile, FORMAT_PEM,
-			NULL, e, "signer certificate");
-		if (!signer)
-			{
-			BIO_printf(bio_err, "Error loading signer certificate\n");
-			goto end;
-			}
-		if (sign_certfile)
-			{
-			sign_other = load_certs(bio_err, sign_certfile, FORMAT_PEM,
-				NULL, e, "signer certificates");
-			if (!sign_other) goto end;
-			}
-		key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
-			"signer private key");
-		if (!key)
-			goto end;
-		if (!OCSP_request_sign(req, signer, key, EVP_sha1(), sign_other, sign_flags))
-			{
-			BIO_printf(bio_err, "Error signing OCSP request\n");
-			goto end;
-			}
-		}
-
-	if (req_text && req) OCSP_REQUEST_print(out, req, 0);
-
-	if (reqout)
-		{
-		derbio = BIO_new_file(reqout, "wb");
-		if(!derbio)
-			{
-			BIO_printf(bio_err, "Error opening file %s\n", reqout);
-			goto end;
-			}
-		i2d_OCSP_REQUEST_bio(derbio, req);
-		BIO_free(derbio);
-		}
-
-	if (ridx_filename && (!rkey || !rsigner || !rca_cert))
-		{
-		BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n");
-		goto end;
-		}
-
-	if (ridx_filename && !rdb)
-		{
-		BIO *db_bio = NULL;
-		db_bio = BIO_new_file(ridx_filename, "r");
-		if (!db_bio)
-			{
-			BIO_printf(bio_err, "Error opening index file %s\n", ridx_filename);
-			goto end;
-			}
-		rdb = TXT_DB_read(db_bio, DB_NUMBER);
-		BIO_free(db_bio);
-		if (!rdb)
-			{
-			BIO_printf(bio_err, "Error reading index file %s\n", ridx_filename);
-			goto end;
-			}
-		if (!make_serial_index(rdb))
-			goto end;
-		}
-
-	if (rdb)
-		{
-		i = make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey, rother, rflags, nmin, ndays);
-		if (cbio)
-			send_ocsp_response(cbio, resp);
-		}
-	else if (host)
-		{
-#ifndef OPENSSL_NO_SOCK
-		cbio = BIO_new_connect(host);
-#else
-		BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n");
-		goto end;
-#endif
-		if (!cbio)
-			{
-			BIO_printf(bio_err, "Error creating connect BIO\n");
-			goto end;
-			}
-		if (port) BIO_set_conn_port(cbio, port);
-		if (use_ssl == 1)
-			{
-			BIO *sbio;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-			ctx = SSL_CTX_new(SSLv23_client_method());
-#elif !defined(OPENSSL_NO_SSL3)
-			ctx = SSL_CTX_new(SSLv3_client_method());
-#elif !defined(OPENSSL_NO_SSL2)
-			ctx = SSL_CTX_new(SSLv2_client_method());
-#else
-			BIO_printf(bio_err, "SSL is disabled\n");
-			goto end;
-#endif
-			SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
-			sbio = BIO_new_ssl(ctx, 1);
-			cbio = BIO_push(sbio, cbio);
-			}
-		if (BIO_do_connect(cbio) <= 0)
-			{
-			BIO_printf(bio_err, "Error connecting BIO\n");
-			goto end;
-			}
-		resp = OCSP_sendreq_bio(cbio, path, req);
-		BIO_free_all(cbio);
-		cbio = NULL;
-		if (!resp)
-			{
-			BIO_printf(bio_err, "Error querying OCSP responsder\n");
-			goto end;
-			}
-		}
-	else if (respin)
-		{
-		derbio = BIO_new_file(respin, "rb");
-		if (!derbio)
-			{
-			BIO_printf(bio_err, "Error Opening OCSP response file\n");
-			goto end;
-			}
-		resp = d2i_OCSP_RESPONSE_bio(derbio, NULL);
-		BIO_free(derbio);
-		if(!resp)
-			{
-			BIO_printf(bio_err, "Error reading OCSP response\n");
-			goto end;
-			}
-	
-		}
-	else
-		{
-		ret = 0;
-		goto end;
-		}
-
-	done_resp:
-
-	if (respout)
-		{
-		derbio = BIO_new_file(respout, "wb");
-		if(!derbio)
-			{
-			BIO_printf(bio_err, "Error opening file %s\n", respout);
-			goto end;
-			}
-		i2d_OCSP_RESPONSE_bio(derbio, resp);
-		BIO_free(derbio);
-		}
-
-	i = OCSP_response_status(resp);
-
-	if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL)
-		{
-		BIO_printf(out, "Responder Error: %s (%ld)\n",
-				OCSP_response_status_str(i), i);
-		ret = 0;
-		goto end;
-		}
-
-	if (resp_text) OCSP_RESPONSE_print(out, resp, 0);
-
-	/* If running as responder don't verify our own response */
-	if (cbio)
-		{
-		if (accept_count > 0)
-			accept_count--;
-		/* Redo if more connections needed */
-		if (accept_count)
-			{
-			BIO_free_all(cbio);
-			cbio = NULL;
-			OCSP_REQUEST_free(req);
-			req = NULL;
-			OCSP_RESPONSE_free(resp);
-			resp = NULL;
-			goto redo_accept;
-			}
-		goto end;
-		}
-
-	if (!store)
-		store = setup_verify(bio_err, CAfile, CApath);
-	if (!store)
-		goto end;
-	if (verify_certfile)
-		{
-		verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
-			NULL, e, "validator certificate");
-		if (!verify_other) goto end;
-		}
-
-	bs = OCSP_response_get1_basic(resp);
-
-	if (!bs)
-		{
-		BIO_printf(bio_err, "Error parsing response\n");
-		goto end;
-		}
-
-	if (!noverify)
-		{
-		if (req && ((i = OCSP_check_nonce(req, bs)) <= 0))
-			{
-			if (i == -1)
-				BIO_printf(bio_err, "WARNING: no nonce in response\n");
-			else
-				{
-				BIO_printf(bio_err, "Nonce Verify error\n");
-				goto end;
-				}
-			}
-
-		i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
-                if (i < 0) i = OCSP_basic_verify(bs, NULL, store, 0);
-
-		if(i <= 0)
-			{
-			BIO_printf(bio_err, "Response Verify Failure\n", i);
-			ERR_print_errors(bio_err);
-			}
-		else
-			BIO_printf(bio_err, "Response verify OK\n");
-
-		}
-
-	if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
-		goto end;
-
-	ret = 0;
-
-end:
-	ERR_print_errors(bio_err);
-	X509_free(signer);
-	X509_STORE_free(store);
-	EVP_PKEY_free(key);
-	EVP_PKEY_free(rkey);
-	X509_free(issuer);
-	X509_free(cert);
-	X509_free(rsigner);
-	X509_free(rca_cert);
-	TXT_DB_free(rdb);
-	BIO_free_all(cbio);
-	BIO_free_all(acbio);
-	BIO_free(out);
-	OCSP_REQUEST_free(req);
-	OCSP_RESPONSE_free(resp);
-	OCSP_BASICRESP_free(bs);
-	sk_free(reqnames);
-	sk_OCSP_CERTID_free(ids);
-	sk_X509_pop_free(sign_other, X509_free);
-	sk_X509_pop_free(verify_other, X509_free);
-
-	if (use_ssl != -1)
-		{
-		OPENSSL_free(host);
-		OPENSSL_free(port);
-		OPENSSL_free(path);
-		SSL_CTX_free(ctx);
-		}
-
-	OPENSSL_EXIT(ret);
-}
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids)
-	{
-	OCSP_CERTID *id;
-	if(!issuer)
-		{
-		BIO_printf(bio_err, "No issuer certificate specified\n");
-		return 0;
-		}
-	if(!*req) *req = OCSP_REQUEST_new();
-	if(!*req) goto err;
-	id = OCSP_cert_to_id(NULL, cert, issuer);
-	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
-	if(!OCSP_request_add0_id(*req, id)) goto err;
-	return 1;
-
-	err:
-	BIO_printf(bio_err, "Error Creating OCSP request\n");
-	return 0;
-	}
-
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids)
-	{
-	OCSP_CERTID *id;
-	X509_NAME *iname;
-	ASN1_BIT_STRING *ikey;
-	ASN1_INTEGER *sno;
-	if(!issuer)
-		{
-		BIO_printf(bio_err, "No issuer certificate specified\n");
-		return 0;
-		}
-	if(!*req) *req = OCSP_REQUEST_new();
-	if(!*req) goto err;
-	iname = X509_get_subject_name(issuer);
-	ikey = X509_get0_pubkey_bitstr(issuer);
-	sno = s2i_ASN1_INTEGER(NULL, serial);
-	if(!sno)
-		{
-		BIO_printf(bio_err, "Error converting serial number %s\n", serial);
-		return 0;
-		}
-	id = OCSP_cert_id_new(EVP_sha1(), iname, ikey, sno);
-	ASN1_INTEGER_free(sno);
-	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
-	if(!OCSP_request_add0_id(*req, id)) goto err;
-	return 1;
-
-	err:
-	BIO_printf(bio_err, "Error Creating OCSP request\n");
-	return 0;
-	}
-
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-					STACK *names, STACK_OF(OCSP_CERTID) *ids,
-					long nsec, long maxage)
-	{
-	OCSP_CERTID *id;
-	char *name;
-	int i;
-
-	int status, reason;
-
-	ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
-
-	if (!bs || !req || !sk_num(names) || !sk_OCSP_CERTID_num(ids))
-		return 1;
-
-	for (i = 0; i < sk_OCSP_CERTID_num(ids); i++)
-		{
-		id = sk_OCSP_CERTID_value(ids, i);
-		name = sk_value(names, i);
-		BIO_printf(out, "%s: ", name);
-
-		if(!OCSP_resp_find_status(bs, id, &status, &reason,
-					&rev, &thisupd, &nextupd))
-			{
-			BIO_puts(out, "ERROR: No Status found.\n");
-			continue;
-			}
-
-		/* Check validity: if invalid write to output BIO so we
-		 * know which response this refers to.
-		 */
-		if (!OCSP_check_validity(thisupd, nextupd, nsec, maxage))
-			{
-			BIO_puts(out, "WARNING: Status times invalid.\n");
-			ERR_print_errors(out);
-			}
-		BIO_printf(out, "%s\n", OCSP_cert_status_str(status));
-
-		BIO_puts(out, "\tThis Update: ");
-		ASN1_GENERALIZEDTIME_print(out, thisupd);
-		BIO_puts(out, "\n");
-
-		if(nextupd)
-			{
-			BIO_puts(out, "\tNext Update: ");
-			ASN1_GENERALIZEDTIME_print(out, nextupd);
-			BIO_puts(out, "\n");
-			}
-
-		if (status != V_OCSP_CERTSTATUS_REVOKED)
-			continue;
-
-		if (reason != -1)
-			BIO_printf(out, "\tReason: %s\n",
-				OCSP_crl_reason_str(reason));
-
-		BIO_puts(out, "\tRevocation Time: ");
-		ASN1_GENERALIZEDTIME_print(out, rev);
-		BIO_puts(out, "\n");
-		}
-
-	return 1;
-	}
-
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
-			X509 *ca, X509 *rcert, EVP_PKEY *rkey,
-			STACK_OF(X509) *rother, unsigned long flags,
-			int nmin, int ndays)
-	{
-	ASN1_TIME *thisupd = NULL, *nextupd = NULL;
-	OCSP_CERTID *cid, *ca_id = NULL;
-	OCSP_BASICRESP *bs = NULL;
-	int i, id_count, ret = 1;
-
-
-	id_count = OCSP_request_onereq_count(req);
-
-	if (id_count <= 0)
-		{
-		*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
-		goto end;
-		}
-
-	ca_id = OCSP_cert_to_id(EVP_sha1(), NULL, ca);
-
-	bs = OCSP_BASICRESP_new();
-	thisupd = X509_gmtime_adj(NULL, 0);
-	if (ndays != -1)
-		nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24 );
-
-	/* Examine each certificate id in the request */
-	for (i = 0; i < id_count; i++)
-		{
-		OCSP_ONEREQ *one;
-		ASN1_INTEGER *serial;
-		char **inf;
-		one = OCSP_request_onereq_get0(req, i);
-		cid = OCSP_onereq_get0_id(one);
-		/* Is this request about our CA? */
-		if (OCSP_id_issuer_cmp(ca_id, cid))
-			{
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_UNKNOWN,
-						0, NULL,
-						thisupd, nextupd);
-			continue;
-			}
-		OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid);
-		inf = lookup_serial(db, serial);
-		if (!inf)
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_UNKNOWN,
-						0, NULL,
-						thisupd, nextupd);
-		else if (inf[DB_type][0] == DB_TYPE_VAL)
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_GOOD,
-						0, NULL,
-						thisupd, nextupd);
-		else if (inf[DB_type][0] == DB_TYPE_REV)
-			{
-			ASN1_OBJECT *inst = NULL;
-			ASN1_TIME *revtm = NULL;
-			ASN1_GENERALIZEDTIME *invtm = NULL;
-			OCSP_SINGLERESP *single;
-			int reason = -1;
-			unpack_revinfo(&revtm, &reason, &inst, &invtm, inf[DB_rev_date]);
-			single = OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_REVOKED,
-						reason, revtm,
-						thisupd, nextupd);
-			if (invtm)
-				OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date, invtm, 0, 0);
-			else if (inst)
-				OCSP_SINGLERESP_add1_ext_i2d(single, NID_hold_instruction_code, inst, 0, 0);
-			ASN1_OBJECT_free(inst);
-			ASN1_TIME_free(revtm);
-			ASN1_GENERALIZEDTIME_free(invtm);
-			}
-		}
-
-	OCSP_copy_nonce(bs, req);
-		
-	OCSP_basic_sign(bs, rcert, rkey, EVP_sha1(), rother, flags);
-
-	*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
-
-	end:
-	ASN1_TIME_free(thisupd);
-	ASN1_TIME_free(nextupd);
-	OCSP_CERTID_free(ca_id);
-	OCSP_BASICRESP_free(bs);
-	return ret;
-
-	}
-
-static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
-	{
-	int i;
-	BIGNUM *bn = NULL;
-	char *itmp, *row[DB_NUMBER],**rrow;
-	for (i = 0; i < DB_NUMBER; i++) row[i] = NULL;
-	bn = ASN1_INTEGER_to_BN(ser,NULL);
-	if (BN_is_zero(bn))
-		itmp = BUF_strdup("00");
-	else
-		itmp = BN_bn2hex(bn);
-	row[DB_serial] = itmp;
-	BN_free(bn);
-	rrow=TXT_DB_get_by_index(db,DB_serial,row);
-	OPENSSL_free(itmp);
-	return rrow;
-	}
-
-/* Quick and dirty OCSP server: read in and parse input request */
-
-static BIO *init_responder(char *port)
-	{
-	BIO *acbio = NULL, *bufbio = NULL;
-	bufbio = BIO_new(BIO_f_buffer());
-	if (!bufbio) 
-		goto err;
-#ifndef OPENSSL_NO_SOCK
-	acbio = BIO_new_accept(port);
-#else
-	BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n");
-#endif
-	if (!acbio)
-		goto err;
-	BIO_set_accept_bios(acbio, bufbio);
-	bufbio = NULL;
-
-	if (BIO_do_accept(acbio) <= 0)
-		{
-			BIO_printf(bio_err, "Error setting up accept BIO\n");
-			ERR_print_errors(bio_err);
-			goto err;
-		}
-
-	return acbio;
-
-	err:
-	BIO_free_all(acbio);
-	BIO_free(bufbio);
-	return NULL;
-	}
-
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port)
-	{
-	int have_post = 0, len;
-	OCSP_REQUEST *req = NULL;
-	char inbuf[1024];
-	BIO *cbio = NULL;
-
-	if (BIO_do_accept(acbio) <= 0)
-		{
-			BIO_printf(bio_err, "Error accepting connection\n");
-			ERR_print_errors(bio_err);
-			return 0;
-		}
-
-	cbio = BIO_pop(acbio);
-	*pcbio = cbio;
-
-	for(;;)
-		{
-		len = BIO_gets(cbio, inbuf, sizeof inbuf);
-		if (len <= 0)
-			return 1;
-		/* Look for "POST" signalling start of query */
-		if (!have_post)
-			{
-			if(strncmp(inbuf, "POST", 4))
-				{
-				BIO_printf(bio_err, "Invalid request\n");
-				return 1;
-				}
-			have_post = 1;
-			}
-		/* Look for end of headers */
-		if ((inbuf[0] == '\r') || (inbuf[0] == '\n'))
-			break;
-		}
-
-	/* Try to read OCSP request */
-
-	req = d2i_OCSP_REQUEST_bio(cbio, NULL);
-
-	if (!req)
-		{
-		BIO_printf(bio_err, "Error parsing OCSP request\n");
-		ERR_print_errors(bio_err);
-		}
-
-	*preq = req;
-
-	return 1;
-
-	}
-
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
-	{
-	char http_resp[] = 
-		"HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
-		"Content-Length: %d\r\n\r\n";
-	if (!cbio)
-		return 0;
-	BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
-	i2d_OCSP_RESPONSE_bio(cbio, resp);
-	BIO_flush(cbio);
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/apps/oid.cnf b/crypto/openssl/apps/oid.cnf
deleted file mode 100644
index faf425a156bd..000000000000
--- a/crypto/openssl/apps/oid.cnf
+++ /dev/null
@@ -1,6 +0,0 @@
-2.99999.1       SET.ex1         SET x509v3 extension 1
-2.99999.2       SET.ex2         SET x509v3 extension 2
-2.99999.3       SET.ex3         SET x509v3 extension 3
-2.99999.4       SET.ex4         SET x509v3 extension 4
-2.99999.5       SET.ex5         SET x509v3 extension 5
-2.99999.6       SET.ex6         SET x509v3 extension 6
diff --git a/crypto/openssl/apps/openssl.c b/crypto/openssl/apps/openssl.c
deleted file mode 100644
index 45af2ba7f9a8..000000000000
--- a/crypto/openssl/apps/openssl.c
+++ /dev/null
@@ -1,517 +0,0 @@
-/* apps/openssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
-#include "progs.h"
-#include "s_apps.h"
-#include <openssl/err.h>
-
-/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
- * base prototypes (we cast each variable inside the function to the required
- * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
- * functions. */
-
-/* static unsigned long MS_CALLBACK hash(FUNCTION *a); */
-static unsigned long MS_CALLBACK hash(const void *a_void);
-/* static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b); */
-static int MS_CALLBACK cmp(const void *a_void,const void *b_void);
-static LHASH *prog_init(void );
-static int do_cmd(LHASH *prog,int argc,char *argv[]);
-char *default_config_file=NULL;
-
-/* Make sure there is only one when MONOLITH is defined */
-#ifdef MONOLITH
-CONF *config=NULL;
-BIO *bio_err=NULL;
-#endif
-
-
-static void lock_dbg_cb(int mode, int type, const char *file, int line)
-	{
-	static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
-	const char *errstr = NULL;
-	int rw;
-	
-	rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
-	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
-	if (type < 0 || type > CRYPTO_NUM_LOCKS)
-		{
-		errstr = "type out of bounds";
-		goto err;
-		}
-
-	if (mode & CRYPTO_LOCK)
-		{
-		if (modes[type])
-			{
-			errstr = "already locked";
-			/* must not happen in a single-threaded program
-			 * (would deadlock) */
-			goto err;
-			}
-
-		modes[type] = rw;
-		}
-	else if (mode & CRYPTO_UNLOCK)
-		{
-		if (!modes[type])
-			{
-			errstr = "not locked";
-			goto err;
-			}
-		
-		if (modes[type] != rw)
-			{
-			errstr = (rw == CRYPTO_READ) ?
-				"CRYPTO_r_unlock on write lock" :
-				"CRYPTO_w_unlock on read lock";
-			}
-
-		modes[type] = 0;
-		}
-	else
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
- err:
-	if (errstr)
-		{
-		/* we cannot use bio_err here */
-		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
-			errstr, mode, type, file, line);
-		}
-	}
-
-
-int main(int Argc, char *Argv[])
-	{
-	ARGS arg;
-#define PROG_NAME_SIZE	39
-	char pname[PROG_NAME_SIZE+1];
-	FUNCTION f,*fp;
-	MS_STATIC char *prompt,buf[1024];
-	char *to_free=NULL;
-	int n,i,ret=0;
-	int argc;
-	char **argv,*p;
-	LHASH *prog=NULL;
-	long errline;
- 
-	arg.data=NULL;
-	arg.count=0;
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
-		{
-		if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
-			{
-			CRYPTO_malloc_debug_init();
-			CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-			}
-		else
-			{
-			/* OPENSSL_DEBUG_MEMORY=off */
-			CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
-			}
-		}
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-#if 0
-	if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
-#endif
-		{
-		CRYPTO_set_locking_callback(lock_dbg_cb);
-		}
-
-	apps_startup();
-
-	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
-	if (p == NULL)
-		p=to_free=make_config_name();
-
-	default_config_file=p;
-
-	config=NCONF_new(NULL);
-	i=NCONF_load(config,p,&errline);
-	if (i == 0)
-		{
-		NCONF_free(config);
-		config = NULL;
-		ERR_clear_error();
-		}
-
-	prog=prog_init();
-
-	/* first check the program name */
-	program_name(Argv[0],pname,sizeof pname);
-
-	f.name=pname;
-	fp=(FUNCTION *)lh_retrieve(prog,&f);
-	if (fp != NULL)
-		{
-		Argv[0]=pname;
-		ret=fp->func(Argc,Argv);
-		goto end;
-		}
-
-	/* ok, now check that there are not arguments, if there are,
-	 * run with them, shifting the ssleay off the front */
-	if (Argc != 1)
-		{
-		Argc--;
-		Argv++;
-		ret=do_cmd(prog,Argc,Argv);
-		if (ret < 0) ret=0;
-		goto end;
-		}
-
-	/* ok, lets enter the old 'OpenSSL>' mode */
-	
-	for (;;)
-		{
-		ret=0;
-		p=buf;
-		n=sizeof buf;
-		i=0;
-		for (;;)
-			{
-			p[0]='\0';
-			if (i++)
-				prompt=">";
-			else	prompt="OpenSSL> ";
-			fputs(prompt,stdout);
-			fflush(stdout);
-			fgets(p,n,stdin);
-			if (p[0] == '\0') goto end;
-			i=strlen(p);
-			if (i <= 1) break;
-			if (p[i-2] != '\\') break;
-			i-=2;
-			p+=i;
-			n-=i;
-			}
-		if (!chopup_args(&arg,buf,&argc,&argv)) break;
-
-		ret=do_cmd(prog,argc,argv);
-		if (ret < 0)
-			{
-			ret=0;
-			goto end;
-			}
-		if (ret != 0)
-			BIO_printf(bio_err,"error in %s\n",argv[0]);
-		(void)BIO_flush(bio_err);
-		}
-	BIO_printf(bio_err,"bad exit\n");
-	ret=1;
-end:
-	if (to_free)
-		OPENSSL_free(to_free);
-	if (config != NULL)
-		{
-		NCONF_free(config);
-		config=NULL;
-		}
-	if (prog != NULL) lh_free(prog);
-	if (arg.data != NULL) OPENSSL_free(arg.data);
-
-	apps_shutdown();
-
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL)
-		{
-		BIO_free(bio_err);
-		bio_err=NULL;
-		}
-	OPENSSL_EXIT(ret);
-	}
-
-#define LIST_STANDARD_COMMANDS "list-standard-commands"
-#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
-#define LIST_CIPHER_COMMANDS "list-cipher-commands"
-
-static int do_cmd(LHASH *prog, int argc, char *argv[])
-	{
-	FUNCTION f,*fp;
-	int i,ret=1,tp,nl;
-
-	if ((argc <= 0) || (argv[0] == NULL))
-		{ ret=0; goto end; }
-	f.name=argv[0];
-	fp=(FUNCTION *)lh_retrieve(prog,&f);
-	if (fp != NULL)
-		{
-		ret=fp->func(argc,argv);
-		}
-	else if ((strncmp(argv[0],"no-",3)) == 0)
-		{
-		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
-		f.name=argv[0]+3;
-		ret = (lh_retrieve(prog,&f) != NULL);
-		if (!ret)
-			BIO_printf(bio_stdout, "%s\n", argv[0]);
-		else
-			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
-		BIO_free_all(bio_stdout);
-		goto end;
-		}
-	else if ((strcmp(argv[0],"quit") == 0) ||
-		(strcmp(argv[0],"q") == 0) ||
-		(strcmp(argv[0],"exit") == 0) ||
-		(strcmp(argv[0],"bye") == 0))
-		{
-		ret= -1;
-		goto end;
-		}
-	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0))
-		{
-		int list_type;
-		BIO *bio_stdout;
-
-		if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
-			list_type = FUNC_TYPE_GENERAL;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
-			list_type = FUNC_TYPE_MD;
-		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
-			list_type = FUNC_TYPE_CIPHER;
-		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
-		
-		for (fp=functions; fp->name != NULL; fp++)
-			if (fp->type == list_type)
-				BIO_printf(bio_stdout, "%s\n", fp->name);
-		BIO_free_all(bio_stdout);
-		ret=0;
-		goto end;
-		}
-	else
-		{
-		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
-			argv[0]);
-		BIO_printf(bio_err, "\nStandard commands");
-		i=0;
-		tp=0;
-		for (fp=functions; fp->name != NULL; fp++)
-			{
-			nl=0;
-			if (((i++) % 5) == 0)
-				{
-				BIO_printf(bio_err,"\n");
-				nl=1;
-				}
-			if (fp->type != tp)
-				{
-				tp=fp->type;
-				if (!nl) BIO_printf(bio_err,"\n");
-				if (tp == FUNC_TYPE_MD)
-					{
-					i=1;
-					BIO_printf(bio_err,
-						"\nMessage Digest commands (see the `dgst' command for more details)\n");
-					}
-				else if (tp == FUNC_TYPE_CIPHER)
-					{
-					i=1;
-					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
-					}
-				}
-			BIO_printf(bio_err,"%-15s",fp->name);
-			}
-		BIO_printf(bio_err,"\n\n");
-		ret=0;
-		}
-end:
-	return(ret);
-	}
-
-static int SortFnByName(const void *_f1,const void *_f2)
-    {
-    const FUNCTION *f1=_f1;
-    const FUNCTION *f2=_f2;
-
-    if(f1->type != f2->type)
-	return f1->type-f2->type;
-    return strcmp(f1->name,f2->name);
-    }
-
-static LHASH *prog_init(void)
-	{
-	LHASH *ret;
-	FUNCTION *f;
-	int i;
-
-	/* Purely so it looks nice when the user hits ? */
-	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
-	    ;
-	qsort(functions,i,sizeof *functions,SortFnByName);
-
-	if ((ret=lh_new(hash, cmp)) == NULL)
-		return(NULL);
-
-	for (f=functions; f->name != NULL; f++)
-		lh_insert(ret,f);
-	return(ret);
-	}
-
-/* static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) */
-static int MS_CALLBACK cmp(const void *a_void, const void *b_void)
-	{
-	return(strncmp(((FUNCTION *)a_void)->name,
-			((FUNCTION *)b_void)->name,8));
-	}
-
-/* static unsigned long MS_CALLBACK hash(FUNCTION *a) */
-static unsigned long MS_CALLBACK hash(const void *a_void)
-	{
-	return(lh_strhash(((FUNCTION *)a_void)->name));
-	}
diff --git a/crypto/openssl/apps/openssl.cnf b/crypto/openssl/apps/openssl.cnf
deleted file mode 100644
index eca51c332280..000000000000
--- a/crypto/openssl/apps/openssl.cnf
+++ /dev/null
@@ -1,255 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Comment out the following two lines for the "traditional"
-# (and highly broken) format.
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-# Extension copying option: use with caution.
-# copy_extensions = copy
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 64
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/crypto/openssl/apps/passwd.c b/crypto/openssl/apps/passwd.c
deleted file mode 100644
index 3ad91d89d6a5..000000000000
--- a/crypto/openssl/apps/passwd.c
+++ /dev/null
@@ -1,510 +0,0 @@
-/* apps/passwd.c */
-
-#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
-# define NO_MD5CRYPT_1
-#endif
-
-#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
-
-#include <assert.h>
-#include <string.h>
-
-#include "apps.h"
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-#endif
-#ifndef NO_MD5CRYPT_1
-# include <openssl/md5.h>
-#endif
-
-
-#undef PROG
-#define PROG passwd_main
-
-
-static unsigned const char cov_2char[64]={
-	/* from crypto/des/fcrypt.c */
-	0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-	0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-	0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-	0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-	0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-	0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-	0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-	0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
-};
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out, int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1);
-
-/* -crypt        - standard Unix password algorithm (default)
- * -1            - MD5-based password algorithm
- * -apr1         - MD5-based password algorithm, Apache variant
- * -salt string  - salt
- * -in file      - read passwords from file
- * -stdin        - read passwords from stdin
- * -noverify     - never verify when reading password from terminal
- * -quiet        - no warnings
- * -table        - format output as table
- * -reverse      - switch table columns
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret = 1;
-	char *infile = NULL;
-	int in_stdin = 0;
-	int in_noverify = 0;
-	char *salt = NULL, *passwd = NULL, **passwds = NULL;
-	char *salt_malloc = NULL, *passwd_malloc = NULL;
-	size_t passwd_malloc_size = 0;
-	int pw_source_defined = 0;
-	BIO *in = NULL, *out = NULL;
-	int i, badopt, opt_done;
-	int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
-	int usecrypt = 0, use1 = 0, useapr1 = 0;
-	size_t pw_maxlen = 0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-	out = BIO_new(BIO_s_file());
-	if (out == NULL)
-		goto err;
-	BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	out = BIO_push(tmpbio, out);
-	}
-#endif
-
-	badopt = 0, opt_done = 0;
-	i = 0;
-	while (!badopt && !opt_done && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-crypt") == 0)
-			usecrypt = 1;
-		else if (strcmp(argv[i], "-1") == 0)
-			use1 = 1;
-		else if (strcmp(argv[i], "-apr1") == 0)
-			useapr1 = 1;
-		else if (strcmp(argv[i], "-salt") == 0)
-			{
-			if ((argv[i+1] != NULL) && (salt == NULL))
-				{
-				passed_salt = 1;
-				salt = argv[++i];
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-in") == 0)
-			{
-			if ((argv[i+1] != NULL) && !pw_source_defined)
-				{
-				pw_source_defined = 1;
-				infile = argv[++i];
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-stdin") == 0)
-			{
-			if (!pw_source_defined)
-				{
-				pw_source_defined = 1;
-				in_stdin = 1;
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-noverify") == 0)
-			in_noverify = 1;
-		else if (strcmp(argv[i], "-quiet") == 0)
-			quiet = 1;
-		else if (strcmp(argv[i], "-table") == 0)
-			table = 1;
-		else if (strcmp(argv[i], "-reverse") == 0)
-			reverse = 1;
-		else if (argv[i][0] == '-')
-			badopt = 1;
-		else if (!pw_source_defined)
-			/* non-option arguments, use as passwords */
-			{
-			pw_source_defined = 1;
-			passwds = &argv[i];
-			opt_done = 1;
-			}
-		else
-			badopt = 1;
-		}
-
-	if (!usecrypt && !use1 && !useapr1) /* use default */
-		usecrypt = 1;
-	if (usecrypt + use1 + useapr1 > 1) /* conflict */
-		badopt = 1;
-
-	/* reject unsupported algorithms */
-#ifdef OPENSSL_NO_DES
-	if (usecrypt) badopt = 1;
-#endif
-#ifdef NO_MD5CRYPT_1
-	if (use1 || useapr1) badopt = 1;
-#endif
-
-	if (badopt) 
-		{
-		BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
-		BIO_printf(bio_err, "where options are\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err, "-crypt             standard Unix password algorithm (default)\n");
-#endif
-#ifndef NO_MD5CRYPT_1
-		BIO_printf(bio_err, "-1                 MD5-based password algorithm\n");
-		BIO_printf(bio_err, "-apr1              MD5-based password algorithm, Apache variant\n");
-#endif
-		BIO_printf(bio_err, "-salt string       use provided salt\n");
-		BIO_printf(bio_err, "-in file           read passwords from file\n");
-		BIO_printf(bio_err, "-stdin             read passwords from stdin\n");
-		BIO_printf(bio_err, "-noverify          never verify when reading password from terminal\n");
-		BIO_printf(bio_err, "-quiet             no warnings\n");
-		BIO_printf(bio_err, "-table             format output as table\n");
-		BIO_printf(bio_err, "-reverse           switch table columns\n");
-		
-		goto err;
-		}
-
-	if ((infile != NULL) || in_stdin)
-		{
-		in = BIO_new(BIO_s_file());
-		if (in == NULL)
-			goto err;
-		if (infile != NULL)
-			{
-			assert(in_stdin == 0);
-			if (BIO_read_filename(in, infile) <= 0)
-				goto err;
-			}
-		else
-			{
-			assert(in_stdin);
-			BIO_set_fp(in, stdin, BIO_NOCLOSE);
-			}
-		}
-	
-	if (usecrypt)
-		pw_maxlen = 8;
-	else if (use1 || useapr1)
-		pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
-
-	if (passwds == NULL)
-		{
-		/* no passwords on the command line */
-
-		passwd_malloc_size = pw_maxlen + 2;
-		/* longer than necessary so that we can warn about truncation */
-		passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
-		if (passwd_malloc == NULL)
-			goto err;
-		}
-
-	if ((in == NULL) && (passwds == NULL))
-		{
-		/* build a null-terminated list */
-		static char *passwds_static[2] = {NULL, NULL};
-		
-		passwds = passwds_static;
-		if (in == NULL)
-			if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
-				goto err;
-		passwds[0] = passwd_malloc;
-		}
-
-	if (in == NULL)
-		{
-		assert(passwds != NULL);
-		assert(*passwds != NULL);
-		
-		do /* loop over list of passwords */
-			{
-			passwd = *passwds++;
-			if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-				quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
-				goto err;
-			}
-		while (*passwds != NULL);
-		}
-	else
-		/* in != NULL */
-		{
-		int done;
-
-		assert (passwd != NULL);
-		do
-			{
-			int r = BIO_gets(in, passwd, pw_maxlen + 1);
-			if (r > 0)
-				{
-				char *c = (strchr(passwd, '\n')) ;
-				if (c != NULL)
-					*c = 0; /* truncate at newline */
-				else
-					{
-					/* ignore rest of line */
-					char trash[BUFSIZ];
-					do
-						r = BIO_gets(in, trash, sizeof trash);
-					while ((r > 0) && (!strchr(trash, '\n')));
-					}
-				
-				if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-					quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
-					goto err;
-				}
-			done = (r <= 0);
-			}
-		while (!done);
-		}
-	ret = 0;
-
-err:
-	ERR_print_errors(bio_err);
-	if (salt_malloc)
-		OPENSSL_free(salt_malloc);
-	if (passwd_malloc)
-		OPENSSL_free(passwd_malloc);
-	if (in)
-		BIO_free(in);
-	if (out)
-		BIO_free_all(out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-
-#ifndef NO_MD5CRYPT_1
-/* MD5-based password algorithm (should probably be available as a library
- * function; then the static buffer would not be acceptable).
- * For magic string "1", this should be compatible to the MD5-based BSD
- * password algorithm.
- * For 'magic' string "apr1", this is compatible to the MD5-based Apache
- * password algorithm.
- * (Apparently, the Apache password algorithm is identical except that the
- * 'magic' string was changed -- the laziest application of the NIH principle
- * I've ever encountered.)
- */
-static char *md5crypt(const char *passwd, const char *magic, const char *salt)
-	{
-	static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
-	unsigned char buf[MD5_DIGEST_LENGTH];
-	char *salt_out;
-	int n, i;
-	EVP_MD_CTX md,md2;
-	size_t passwd_len, salt_len;
-
-	passwd_len = strlen(passwd);
-	out_buf[0] = '$';
-	out_buf[1] = 0;
-	assert(strlen(magic) <= 4); /* "1" or "apr1" */
-	strncat(out_buf, magic, 4);
-	strncat(out_buf, "$", 1);
-	strncat(out_buf, salt, 8);
-	assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
-	salt_out = out_buf + 2 + strlen(magic);
-	salt_len = strlen(salt_out);
-	assert(salt_len <= 8);
-	
-	EVP_MD_CTX_init(&md);
-	EVP_DigestInit_ex(&md,EVP_md5(), NULL);
-	EVP_DigestUpdate(&md, passwd, passwd_len);
-	EVP_DigestUpdate(&md, "$", 1);
-	EVP_DigestUpdate(&md, magic, strlen(magic));
-	EVP_DigestUpdate(&md, "$", 1);
-	EVP_DigestUpdate(&md, salt_out, salt_len);
-	
-	EVP_MD_CTX_init(&md2);
-	EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-	EVP_DigestUpdate(&md2, passwd, passwd_len);
-	EVP_DigestUpdate(&md2, salt_out, salt_len);
-	EVP_DigestUpdate(&md2, passwd, passwd_len);
-	EVP_DigestFinal_ex(&md2, buf, NULL);
-
-	for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
-		EVP_DigestUpdate(&md, buf, sizeof buf);
-	EVP_DigestUpdate(&md, buf, i);
-	
-	n = passwd_len;
-	while (n)
-		{
-		EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
-		n >>= 1;
-		}
-	EVP_DigestFinal_ex(&md, buf, NULL);
-
-	for (i = 0; i < 1000; i++)
-		{
-		EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
-		                       (i & 1) ? passwd_len : sizeof buf);
-		if (i % 3)
-			EVP_DigestUpdate(&md2, salt_out, salt_len);
-		if (i % 7)
-			EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
-		                       (i & 1) ? sizeof buf : passwd_len);
-		EVP_DigestFinal_ex(&md2, buf, NULL);
-		}
-	EVP_MD_CTX_cleanup(&md2);
-	
-	 {
-		/* transform buf into output string */
-	
-		unsigned char buf_perm[sizeof buf];
-		int dest, source;
-		char *output;
-
-		/* silly output permutation */
-		for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
-			buf_perm[dest] = buf[source];
-		buf_perm[14] = buf[5];
-		buf_perm[15] = buf[11];
-#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */
-		assert(16 == sizeof buf_perm);
-#endif
-		
-		output = salt_out + salt_len;
-		assert(output == out_buf + strlen(out_buf));
-		
-		*output++ = '$';
-
-		for (i = 0; i < 15; i += 3)
-			{
-			*output++ = cov_2char[buf_perm[i+2] & 0x3f];
-			*output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
-				                  (buf_perm[i+2] >> 6)];
-			*output++ = cov_2char[((buf_perm[i] & 3) << 4) |
-				                  (buf_perm[i+1] >> 4)];
-			*output++ = cov_2char[buf_perm[i] >> 2];
-			}
-		assert(i == 15);
-		*output++ = cov_2char[buf_perm[i] & 0x3f];
-		*output++ = cov_2char[buf_perm[i] >> 6];
-		*output = 0;
-		assert(strlen(out_buf) < sizeof(out_buf));
-	 }
-	EVP_MD_CTX_cleanup(&md);
-
-	return out_buf;
-	}
-#endif
-
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out,	int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1)
-	{
-	char *hash = NULL;
-
-	assert(salt_p != NULL);
-	assert(salt_malloc_p != NULL);
-
-	/* first make sure we have a salt */
-	if (!passed_salt)
-		{
-#ifndef OPENSSL_NO_DES
-		if (usecrypt)
-			{
-			if (*salt_malloc_p == NULL)
-				{
-				*salt_p = *salt_malloc_p = OPENSSL_malloc(3);
-				if (*salt_malloc_p == NULL)
-					goto err;
-				}
-			if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
-				goto err;
-			(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
-			(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
-			(*salt_p)[2] = 0;
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert
-			                                    * back to ASCII */
-#endif
-			}
-#endif /* !OPENSSL_NO_DES */
-
-#ifndef NO_MD5CRYPT_1
-		if (use1 || useapr1)
-			{
-			int i;
-			
-			if (*salt_malloc_p == NULL)
-				{
-				*salt_p = *salt_malloc_p = OPENSSL_malloc(9);
-				if (*salt_malloc_p == NULL)
-					goto err;
-				}
-			if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
-				goto err;
-			
-			for (i = 0; i < 8; i++)
-				(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
-			(*salt_p)[8] = 0;
-			}
-#endif /* !NO_MD5CRYPT_1 */
-		}
-	
-	assert(*salt_p != NULL);
-	
-	/* truncate password if necessary */
-	if ((strlen(passwd) > pw_maxlen))
-		{
-		if (!quiet)
-			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen);
-		passwd[pw_maxlen] = 0;
-		}
-	assert(strlen(passwd) <= pw_maxlen);
-	
-	/* now compute password hash */
-#ifndef OPENSSL_NO_DES
-	if (usecrypt)
-		hash = DES_crypt(passwd, *salt_p);
-#endif
-#ifndef NO_MD5CRYPT_1
-	if (use1 || useapr1)
-		hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
-#endif
-	assert(hash != NULL);
-
-	if (table && !reverse)
-		BIO_printf(out, "%s\t%s\n", passwd, hash);
-	else if (table && reverse)
-		BIO_printf(out, "%s\t%s\n", hash, passwd);
-	else
-		BIO_printf(out, "%s\n", hash);
-	return 1;
-	
-err:
-	return 0;
-	}
-#else
-
-int MAIN(int argc, char **argv)
-	{
-	fputs("Program not available.\n", stderr)
-	OPENSSL_EXIT(1);
-	}
-#endif
diff --git a/crypto/openssl/apps/pca-cert.srl b/crypto/openssl/apps/pca-cert.srl
deleted file mode 100644
index 2c7456e3eb66..000000000000
--- a/crypto/openssl/apps/pca-cert.srl
+++ /dev/null
@@ -1 +0,0 @@
-07
diff --git a/crypto/openssl/apps/pca-key.pem b/crypto/openssl/apps/pca-key.pem
deleted file mode 100644
index 20029ab779f2..000000000000
--- a/crypto/openssl/apps/pca-key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/pca-req.pem b/crypto/openssl/apps/pca-req.pem
deleted file mode 100644
index 33f155337b34..000000000000
--- a/crypto/openssl/apps/pca-req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
-MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
-Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
-MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
-vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
-IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
-wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
-Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/pem_mail.c b/crypto/openssl/apps/pem_mail.c
deleted file mode 100644
index f85c7b1c831a..000000000000
--- a/crypto/openssl/apps/pem_mail.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* apps/pem_mail.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include "apps.h"
-
-#undef PROG
-#define PROG	pem_mail_main
-
-static char *usage[]={
-"usage: pem_mail args\n",
-"\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -cert arg       - the certificate to use\n",
-" -key arg        - the private key to use\n",
-" -MIC           - sign the message\n",
-" -enc arg        - encrypt with one of cbc-des\n",
-NULL
-};
-
-
-typedef struct lines_St
-	{
-	char *line;
-	struct lines_st *next;
-	} LINES;
-
-int main(int argc, char **argv)
-	{
-	FILE *in;
-	RSA *rsa=NULL;
-	EVP_MD_CTX ctx;
-	unsigned int mic=0,i,n;
-	unsigned char buf[1024*15];
-	char *prog,*infile=NULL,*outfile=NULL,*key=NULL;
-	int badops=0;
-
-	apps_startup();
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key= *(++argv);
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-mic") == 0)
-			mic=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options  are\n");
-		EXIT(1);
-		}
-
-	if (key == NULL)
-		{ BIO_printf(bio_err,"you need to specify a key\n"); EXIT(1); }
-	in=fopen(key,"r");
-	if (in == NULL) { perror(key); EXIT(1); }
-	rsa=PEM_read_RSAPrivateKey(in,NULL,NULL);
-	if (rsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Private Key\n");
-		ERR_print_errors(bio_err);
-		EXIT(1);
-		}
-	fclose(in);
-
-	PEM_SignInit(&ctx,EVP_md5());
-	for (;;)
-		{
-		i=fread(buf,1,1024*10,stdin);
-		if (i <= 0) break;
-		PEM_SignUpdate(&ctx,buf,i);
-		}
-	if (!PEM_SignFinal(&ctx,buf,&n,rsa)) goto err;
-	BIO_printf(bio_err,"%s\n",buf);
-	EXIT(0);
-err:
-	ERR_print_errors(bio_err);
-	EXIT(1);
-	}
-#endif
diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c
deleted file mode 100644
index 5136acdc5759..000000000000
--- a/crypto/openssl/apps/pkcs12.c
+++ /dev/null
@@ -1,958 +0,0 @@
-/* pkcs12.c */
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-
-#define PROG pkcs12_main
-
-const EVP_CIPHER *enc;
-
-
-#define NOKEYS		0x1
-#define NOCERTS 	0x2
-#define INFO		0x4
-#define CLCERTS		0x8
-#define CACERTS		0x10
-
-int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
-int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass);
-int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
-			  int passlen, int options, char *pempass);
-int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name);
-void hex_prin(BIO *out, unsigned char *buf, int len);
-int alg_print(BIO *x, X509_ALGOR *alg);
-int cert_load(BIO *in, STACK_OF(X509) *sk);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-    ENGINE *e = NULL;
-    char *infile=NULL, *outfile=NULL, *keyname = NULL;	
-    char *certfile=NULL;
-    BIO *in=NULL, *out = NULL;
-    char **args;
-    char *name = NULL;
-    char *csp_name = NULL;
-    PKCS12 *p12 = NULL;
-    char pass[50], macpass[50];
-    int export_cert = 0;
-    int options = 0;
-    int chain = 0;
-    int badarg = 0;
-    int iter = PKCS12_DEFAULT_ITER;
-    int maciter = PKCS12_DEFAULT_ITER;
-    int twopass = 0;
-    int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-    int ret = 1;
-    int macver = 1;
-    int noprompt = 0;
-    STACK *canames = NULL;
-    char *cpass = NULL, *mpass = NULL;
-    char *passargin = NULL, *passargout = NULL, *passarg = NULL;
-    char *passin = NULL, *passout = NULL;
-    char *inrand = NULL;
-    char *CApath = NULL, *CAfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
-    char *engine=NULL;
-#endif
-
-    apps_startup();
-
-    enc = EVP_des_ede3_cbc();
-    if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-    args = argv + 1;
-
-
-    while (*args) {
-	if (*args[0] == '-') {
-		if (!strcmp (*args, "-nokeys")) options |= NOKEYS;
-		else if (!strcmp (*args, "-keyex")) keytype = KEY_EX;
-		else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG;
-		else if (!strcmp (*args, "-nocerts")) options |= NOCERTS;
-		else if (!strcmp (*args, "-clcerts")) options |= CLCERTS;
-		else if (!strcmp (*args, "-cacerts")) options |= CACERTS;
-		else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS);
-		else if (!strcmp (*args, "-info")) options |= INFO;
-		else if (!strcmp (*args, "-chain")) chain = 1;
-		else if (!strcmp (*args, "-twopass")) twopass = 1;
-		else if (!strcmp (*args, "-nomacver")) macver = 0;
-		else if (!strcmp (*args, "-descert"))
-    			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-		else if (!strcmp (*args, "-export")) export_cert = 1;
-		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
-#ifndef OPENSSL_NO_IDEA
-		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
-#endif
-		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
-#ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
-#endif
-		else if (!strcmp (*args, "-noiter")) iter = 1;
-		else if (!strcmp (*args, "-maciter"))
-					 maciter = PKCS12_DEFAULT_ITER;
-		else if (!strcmp (*args, "-nomaciter"))
-					 maciter = 1;
-		else if (!strcmp (*args, "-nodes")) enc=NULL;
-		else if (!strcmp (*args, "-certpbe")) {
-			if (args[1]) {
-				args++;
-				cert_pbe=OBJ_txt2nid(*args);
-				if(cert_pbe == NID_undef) {
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-keypbe")) {
-			if (args[1]) {
-				args++;
-				key_pbe=OBJ_txt2nid(*args);
-				if(key_pbe == NID_undef) {
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-rand")) {
-		    if (args[1]) {
-			args++;	
-			inrand = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-inkey")) {
-		    if (args[1]) {
-			args++;	
-			keyname = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-certfile")) {
-		    if (args[1]) {
-			args++;	
-			certfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-name")) {
-		    if (args[1]) {
-			args++;	
-			name = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-CSP")) {
-		    if (args[1]) {
-			args++;	
-			csp_name = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-caname")) {
-		    if (args[1]) {
-			args++;	
-			if (!canames) canames = sk_new_null();
-			sk_push(canames, *args);
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-in")) {
-		    if (args[1]) {
-			args++;	
-			infile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-		    if (args[1]) {
-			args++;	
-			outfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-passin")) {
-		    if (args[1]) {
-			args++;	
-			passargin = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-passout")) {
-		    if (args[1]) {
-			args++;	
-			passargout = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-password")) {
-		    if (args[1]) {
-			args++;	
-			passarg = *args;
-		    	noprompt = 1;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-CApath")) {
-		    if (args[1]) {
-			args++;	
-			CApath = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-CAfile")) {
-		    if (args[1]) {
-			args++;	
-			CAfile = *args;
-		    } else badarg = 1;
-#ifndef OPENSSL_NO_ENGINE
-		} else if (!strcmp(*args,"-engine")) {
-		    if (args[1]) {
-			args++;	
-			engine = *args;
-		    } else badarg = 1;
-#endif
-		} else badarg = 1;
-
-	} else badarg = 1;
-	args++;
-    }
-
-    if (badarg) {
-	BIO_printf (bio_err, "Usage: pkcs12 [options]\n");
-	BIO_printf (bio_err, "where options are\n");
-	BIO_printf (bio_err, "-export       output PKCS12 file\n");
-	BIO_printf (bio_err, "-chain        add certificate chain\n");
-	BIO_printf (bio_err, "-inkey file   private key if not infile\n");
-	BIO_printf (bio_err, "-certfile f   add all certs in f\n");
-	BIO_printf (bio_err, "-CApath arg   - PEM format directory of CA's\n");
-	BIO_printf (bio_err, "-CAfile arg   - PEM format file of CA's\n");
-	BIO_printf (bio_err, "-name \"name\"  use name as friendly name\n");
-	BIO_printf (bio_err, "-caname \"nm\"  use nm as CA friendly name (can be used more than once).\n");
-	BIO_printf (bio_err, "-in  infile   input filename\n");
-	BIO_printf (bio_err, "-out outfile  output filename\n");
-	BIO_printf (bio_err, "-noout        don't output anything, just verify.\n");
-	BIO_printf (bio_err, "-nomacver     don't verify MAC.\n");
-	BIO_printf (bio_err, "-nocerts      don't output certificates.\n");
-	BIO_printf (bio_err, "-clcerts      only output client certificates.\n");
-	BIO_printf (bio_err, "-cacerts      only output CA certificates.\n");
-	BIO_printf (bio_err, "-nokeys       don't output private keys.\n");
-	BIO_printf (bio_err, "-info         give info about PKCS#12 structure.\n");
-	BIO_printf (bio_err, "-des          encrypt private keys with DES\n");
-	BIO_printf (bio_err, "-des3         encrypt private keys with triple DES (default)\n");
-#ifndef OPENSSL_NO_IDEA
-	BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-	BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-	BIO_printf (bio_err, "              encrypt PEM output with cbc aes\n");
-#endif
-	BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
-	BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");
-	BIO_printf (bio_err, "-maciter      use MAC iteration\n");
-	BIO_printf (bio_err, "-twopass      separate MAC, encryption passwords\n");
-	BIO_printf (bio_err, "-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
-	BIO_printf (bio_err, "-certpbe alg  specify certificate PBE algorithm (default RC2-40)\n");
-	BIO_printf (bio_err, "-keypbe alg   specify private key PBE algorithm (default 3DES)\n");
-	BIO_printf (bio_err, "-keyex        set MS key exchange type\n");
-	BIO_printf (bio_err, "-keysig       set MS key signature type\n");
-	BIO_printf (bio_err, "-password p   set import/export password source\n");
-	BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
-	BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf (bio_err, "-engine e     use engine e, possibly a hardware device.\n");
-#endif
-	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
-	BIO_printf(bio_err,  "              the random number generator\n");
-    	goto end;
-    }
-
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(bio_err, engine, 0);
-#endif
-
-    if(passarg) {
-	if(export_cert) passargout = passarg;
-	else passargin = passarg;
-    }
-
-    if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-	BIO_printf(bio_err, "Error getting passwords\n");
-	goto end;
-    }
-
-    if(!cpass) {
-    	if(export_cert) cpass = passout;
-    	else cpass = passin;
-    }
-
-    if(cpass) {
-	mpass = cpass;
-	noprompt = 1;
-    } else {
-	cpass = pass;
-	mpass = macpass;
-    }
-
-    if(export_cert || inrand) {
-    	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-        if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-    }
-    ERR_load_crypto_strings();
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read files");
-#endif
-
-    if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
-    else in = BIO_new_file(infile, "rb");
-    if (!in) {
-	    BIO_printf(bio_err, "Error opening input file %s\n",
-						infile ? infile : "<stdin>");
-	    perror (infile);
-	    goto end;
-   }
-
-#if 0
-   if (certfile) {
-    	if(!(certsin = BIO_new_file(certfile, "r"))) {
-	    BIO_printf(bio_err, "Can't open certificate file %s\n", certfile);
-	    perror (certfile);
-	    goto end;
-	}
-    }
-
-    if (keyname) {
-    	if(!(inkey = BIO_new_file(keyname, "r"))) {
-	    BIO_printf(bio_err, "Can't key certificate file %s\n", keyname);
-	    perror (keyname);
-	    goto end;
-	}
-     }
-#endif
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-    CRYPTO_push_info("write files");
-#endif
-
-    if (!outfile) {
-	out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	    out = BIO_push(tmpbio, out);
-	}
-#endif
-    } else out = BIO_new_file(outfile, "wb");
-    if (!out) {
-	BIO_printf(bio_err, "Error opening output file %s\n",
-						outfile ? outfile : "<stdout>");
-	perror (outfile);
-	goto end;
-    }
-    if (twopass) {
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read MAC password");
-#endif
-	if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert))
-	{
-    	    BIO_printf (bio_err, "Can't read Password\n");
-    	    goto end;
-       	}
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    }
-
-    if (export_cert) {
-	EVP_PKEY *key = NULL;
-	STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
-	STACK_OF(PKCS7) *safes = NULL;
-	PKCS12_SAFEBAG *bag = NULL;
-	PKCS8_PRIV_KEY_INFO *p8 = NULL;
-	PKCS7 *authsafe = NULL;
-	X509 *ucert = NULL;
-	STACK_OF(X509) *certs=NULL;
-	char *catmp = NULL;
-	int i;
-	unsigned char keyid[EVP_MAX_MD_SIZE];
-	unsigned int keyidlen = 0;
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("process -export_cert");
-	CRYPTO_push_info("reading private key");
-#endif
-	key = load_key(bio_err, keyname ? keyname : infile, FORMAT_PEM, 1,
-		passin, e, "private key");
-	if (!key) {
-		goto export_end;
-	}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from input");
-#endif
-
-	/* Load in all certs in input file */
-	if(!(certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
-		"certificates"))) {
-		goto export_end;
-	}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from input 2");
-#endif
-
-	for(i = 0; i < sk_X509_num(certs); i++) {
-		ucert = sk_X509_value(certs, i);
-		if(X509_check_private_key(ucert, key)) {
-			X509_digest(ucert, EVP_sha1(), keyid, &keyidlen);
-			break;
-		}
-	}
-	if(!keyidlen) {
-		ucert = NULL;
-		BIO_printf(bio_err, "No certificate matches private key\n");
-		goto export_end;
-	}
-	
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from certfile");
-#endif
-
-	bags = sk_PKCS12_SAFEBAG_new_null ();
-
-	/* Add any more certificates asked for */
-	if (certfile) {
-		STACK_OF(X509) *morecerts=NULL;
-		if(!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
-					    NULL, e,
-					    "certificates from certfile"))) {
-			goto export_end;
-		}
-		while(sk_X509_num(morecerts) > 0) {
-			sk_X509_push(certs, sk_X509_shift(morecerts));
-		}
-		sk_X509_free(morecerts);
- 	}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("building chain");
-#endif
-
-	/* If chaining get chain from user cert */
-	if (chain) {
-        	int vret;
-		STACK_OF(X509) *chain2;
-		X509_STORE *store = X509_STORE_new();
-		if (!store)
-			{
-			BIO_printf (bio_err, "Memory allocation error\n");
-			goto export_end;
-			}
-		if (!X509_STORE_load_locations(store, CAfile, CApath))
-			X509_STORE_set_default_paths (store);
-
-		vret = get_cert_chain (ucert, store, &chain2);
-		X509_STORE_free(store);
-
-		if (!vret) {
-		    /* Exclude verified certificate */
-		    for (i = 1; i < sk_X509_num (chain2) ; i++) 
-			sk_X509_push(certs, sk_X509_value (chain2, i));
-		    /* Free first certificate */
-		    X509_free(sk_X509_value(chain2, 0));
-		    sk_X509_free(chain2);
-		} else {
-			BIO_printf (bio_err, "Error %s getting chain.\n",
-					X509_verify_cert_error_string(vret));
-			goto export_end;
-		}			
-    	}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("building bags");
-#endif
-
-	/* We now have loads of certificates: include them all */
-	for(i = 0; i < sk_X509_num(certs); i++) {
-		X509 *cert = NULL;
-		cert = sk_X509_value(certs, i);
-		bag = PKCS12_x5092certbag(cert);
-		/* If it matches private key set id */
-		if(cert == ucert) {
-			if(name) PKCS12_add_friendlyname(bag, name, -1);
-			PKCS12_add_localkeyid(bag, keyid, keyidlen);
-		} else if((catmp = sk_shift(canames))) 
-				PKCS12_add_friendlyname(bag, catmp, -1);
-		sk_PKCS12_SAFEBAG_push(bags, bag);
-	}
-	sk_X509_pop_free(certs, X509_free);
-	certs = NULL;
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("encrypting bags");
-#endif
-
-	if(!noprompt &&
-		EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) {
-	    BIO_printf (bio_err, "Can't read Password\n");
-	    goto export_end;
-        }
-	if (!twopass) strcpy(macpass, pass);
-	/* Turn certbags into encrypted authsafe */
-	authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
-								 iter, bags);
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	bags = NULL;
-
-	if (!authsafe) {
-		ERR_print_errors (bio_err);
-		goto export_end;
-	}
-
-	safes = sk_PKCS7_new_null ();
-	sk_PKCS7_push (safes, authsafe);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("building shrouded key bag");
-#endif
-
-	/* Make a shrouded key bag */
-	p8 = EVP_PKEY2PKCS8 (key);
-	if(keytype) PKCS8_add_keyusage(p8, keytype);
-	bag = PKCS12_MAKE_SHKEYBAG(key_pbe, cpass, -1, NULL, 0, iter, p8);
-	PKCS8_PRIV_KEY_INFO_free(p8);
-	p8 = NULL;
-        if (name) PKCS12_add_friendlyname (bag, name, -1);
-	if(csp_name) PKCS12_add_CSPName_asc(bag, csp_name, -1);
-	PKCS12_add_localkeyid (bag, keyid, keyidlen);
-	bags = sk_PKCS12_SAFEBAG_new_null();
-	sk_PKCS12_SAFEBAG_push (bags, bag);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("encrypting shrouded key bag");
-#endif
-
-	/* Turn it into unencrypted safe bag */
-	authsafe = PKCS12_pack_p7data (bags);
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	bags = NULL;
-	sk_PKCS7_push (safes, authsafe);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("building pkcs12");
-#endif
-
-	p12 = PKCS12_init(NID_pkcs7_data);
-
-	PKCS12_pack_authsafes(p12, safes);
-
-	sk_PKCS7_pop_free(safes, PKCS7_free);
-	safes = NULL;
-
-	PKCS12_set_mac (p12, mpass, -1, NULL, 0, maciter, NULL);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("writing pkcs12");
-#endif
-
-	i2d_PKCS12_bio (out, p12);
-
-	ret = 0;
-
-    export_end:
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_pop_info();
-	CRYPTO_push_info("process -export_cert: freeing");
-#endif
-
-	if (key) EVP_PKEY_free(key);
-	if (certs) sk_X509_pop_free(certs, X509_free);
-	if (safes) sk_PKCS7_pop_free(safes, PKCS7_free);
-	if (bags) sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif
-	goto end;
-	
-    }
-
-    if (!(p12 = d2i_PKCS12_bio (in, NULL))) {
-	ERR_print_errors(bio_err);
-	goto end;
-    }
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read import password");
-#endif
-    if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
-	BIO_printf (bio_err, "Can't read Password\n");
-	goto end;
-    }
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-
-    if (!twopass) strcpy(macpass, pass);
-
-    if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
-    if(macver) {
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("verify MAC");
-#endif
-	/* If we enter empty password try no password first */
-	if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
-		/* If mac and crypto pass the same set it to NULL too */
-		if(!twopass) cpass = NULL;
-	} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
-	    BIO_printf (bio_err, "Mac verify error: invalid password?\n");
-	    ERR_print_errors (bio_err);
-	    goto end;
-	}
-	BIO_printf (bio_err, "MAC verified OK\n");
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    }
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("output keys and certificates");
-#endif
-    if (!dump_certs_keys_p12 (out, p12, cpass, -1, options, passout)) {
-	BIO_printf(bio_err, "Error outputting keys and certificates\n");
-	ERR_print_errors (bio_err);
-	goto end;
-    }
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    ret = 0;
- end:
-    if (p12) PKCS12_free(p12);
-    if(export_cert || inrand) app_RAND_write_file(NULL, bio_err);
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_remove_all_info();
-#endif
-    BIO_free(in);
-    BIO_free_all(out);
-    if (canames) sk_free(canames);
-    if(passin) OPENSSL_free(passin);
-    if(passout) OPENSSL_free(passout);
-    apps_shutdown();
-    OPENSSL_EXIT(ret);
-}
-
-int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
-	     int passlen, int options, char *pempass)
-{
-	STACK_OF(PKCS7) *asafes;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid;
-	PKCS7 *p7;
-
-	if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0;
-	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
-		p7 = sk_PKCS7_value (asafes, i);
-		bagnid = OBJ_obj2nid (p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-			if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n");
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			if (options & INFO) {
-				BIO_printf(bio_err, "PKCS7 Encrypted data: ");
-				alg_print(bio_err, 
-					p7->d.encrypted->enc_data->algorithm);
-			}
-			bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
-		} else continue;
-		if (!bags) return 0;
-	    	if (!dump_certs_pkeys_bags (out, bags, pass, passlen, 
-						 options, pempass)) {
-			sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
-			return 0;
-		}
-		sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
-	}
-	sk_PKCS7_pop_free (asafes, PKCS7_free);
-	return 1;
-}
-
-int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
-			   char *pass, int passlen, int options, char *pempass)
-{
-	int i;
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) {
-		if (!dump_certs_pkeys_bag (out,
-					   sk_PKCS12_SAFEBAG_value (bags, i),
-					   pass, passlen,
-					   options, pempass))
-		    return 0;
-	}
-	return 1;
-}
-
-int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
-	     int passlen, int options, char *pempass)
-{
-	EVP_PKEY *pkey;
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509 *x509;
-	
-	switch (M_PKCS12_bag_type(bag))
-	{
-	case NID_keyBag:
-		if (options & INFO) BIO_printf (bio_err, "Key bag\n");
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		p8 = bag->value.keybag;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_pkcs8ShroudedKeyBag:
-		if (options & INFO) {
-			BIO_printf (bio_err, "Shrouded Keybag: ");
-			alg_print (bio_err, bag->value.shkeybag->algor);
-		}
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
-				return 0;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) {
-			PKCS8_PRIV_KEY_INFO_free(p8);
-			return 0;
-		}
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_certBag:
-		if (options & INFO) BIO_printf (bio_err, "Certificate bag\n");
-		if (options & NOCERTS) return 1;
-                if (PKCS12_get_attr(bag, NID_localKeyID)) {
-			if (options & CACERTS) return 1;
-		} else if (options & CLCERTS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-								 return 1;
-		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
-		dump_cert_text (out, x509);
-		PEM_write_bio_X509 (out, x509);
-		X509_free(x509);
-	break;
-
-	case NID_safeContentsBag:
-		if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n");
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		return dump_certs_pkeys_bags (out, bag->value.safes, pass,
-							    passlen, options, pempass);
-					
-	default:
-		BIO_printf (bio_err, "Warning unsupported bag type: ");
-		i2a_ASN1_OBJECT (bio_err, bag->type);
-		BIO_printf (bio_err, "\n");
-		return 1;
-	break;
-	}
-	return 1;
-}
-
-/* Given a single certificate return a verified chain or NULL if error */
-
-/* Hope this is OK .... */
-
-int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
-{
-	X509_STORE_CTX store_ctx;
-	STACK_OF(X509) *chn;
-	int i;
-
-	/* FIXME: Should really check the return status of X509_STORE_CTX_init
-	 * for an error, but how that fits into the return value of this
-	 * function is less obvious. */
-	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
-	if (X509_verify_cert(&store_ctx) <= 0) {
-		i = X509_STORE_CTX_get_error (&store_ctx);
-		goto err;
-	}
-	chn =  X509_STORE_CTX_get1_chain(&store_ctx);
-	i = 0;
-	*chain = chn;
-err:
-	X509_STORE_CTX_cleanup(&store_ctx);
-	
-	return i;
-}	
-
-int alg_print (BIO *x, X509_ALGOR *alg)
-{
-	PBEPARAM *pbe;
-	unsigned char *p;
-	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
-	BIO_printf (bio_err, "%s, Iteration %d\n", 
-	OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), ASN1_INTEGER_get(pbe->iter));
-	PBEPARAM_free (pbe);
-	return 0;
-}
-
-/* Load all certificates from a given file */
-
-int cert_load(BIO *in, STACK_OF(X509) *sk)
-{
-	int ret;
-	X509 *cert;
-	ret = 0;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("cert_load(): reading one cert");
-#endif
-	while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif
-		ret = 1;
-		sk_X509_push(sk, cert);
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("cert_load(): reading one cert");
-#endif
-	}
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif
-	if(ret) ERR_clear_error();
-	return ret;
-}
-
-/* Generalised attribute print: handle PKCS#8 and bag attributes */
-
-int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
-{
-	X509_ATTRIBUTE *attr;
-	ASN1_TYPE *av;
-	char *value;
-	int i, attr_nid;
-	if(!attrlst) {
-		BIO_printf(out, "%s: <No Attributes>\n", name);
-		return 1;
-	}
-	if(!sk_X509_ATTRIBUTE_num(attrlst)) {
-		BIO_printf(out, "%s: <Empty Attributes>\n", name);
-		return 1;
-	}
-	BIO_printf(out, "%s\n", name);
-	for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
-		attr = sk_X509_ATTRIBUTE_value(attrlst, i);
-		attr_nid = OBJ_obj2nid(attr->object);
-		BIO_printf(out, "    ");
-		if(attr_nid == NID_undef) {
-			i2a_ASN1_OBJECT (out, attr->object);
-			BIO_printf(out, ": ");
-		} else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
-
-		if(sk_ASN1_TYPE_num(attr->value.set)) {
-			av = sk_ASN1_TYPE_value(attr->value.set, 0);
-			switch(av->type) {
-				case V_ASN1_BMPSTRING:
-        			value = uni2asc(av->value.bmpstring->data,
-                                	       av->value.bmpstring->length);
-				BIO_printf(out, "%s\n", value);
-				OPENSSL_free(value);
-				break;
-
-				case V_ASN1_OCTET_STRING:
-				hex_prin(out, av->value.octet_string->data,
-					av->value.octet_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				case V_ASN1_BIT_STRING:
-				hex_prin(out, av->value.bit_string->data,
-					av->value.bit_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				default:
-					BIO_printf(out, "<Unsupported tag %d>\n", av->type);
-				break;
-			}
-		} else BIO_printf(out, "<No Values>\n");
-	}
-	return 1;
-}
-
-void hex_prin(BIO *out, unsigned char *buf, int len)
-{
-	int i;
-	for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
-}
-
-#endif
diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c
deleted file mode 100644
index 6c58c67eb279..000000000000
--- a/crypto/openssl/apps/pkcs7.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* apps/pkcs7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	pkcs7_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -print_certs
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	PKCS7 *p7=NULL;
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog;
-	int print_certs=0,text=0,noout=0;
-	int ret=1;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-print_certs") == 0)
-			print_certs=1;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
-		BIO_printf(bio_err," -text         print full details of certificates\n");
-		BIO_printf(bio_err," -noout        don't output encoded data\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		ret = 1;
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-                goto end;
-                }
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-		if (in == NULL)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		p7=d2i_PKCS7_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
-		goto end;
-		}
-	if (p7 == NULL)
-		{
-		BIO_printf(bio_err,"unable to load PKCS7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (print_certs)
-		{
-		STACK_OF(X509) *certs=NULL;
-		STACK_OF(X509_CRL) *crls=NULL;
-
-		i=OBJ_obj2nid(p7->type);
-		switch (i)
-			{
-		case NID_pkcs7_signed:
-			certs=p7->d.sign->cert;
-			crls=p7->d.sign->crl;
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			certs=p7->d.signed_and_enveloped->cert;
-			crls=p7->d.signed_and_enveloped->crl;
-			break;
-		default:
-			break;
-			}
-
-		if (certs != NULL)
-			{
-			X509 *x;
-
-			for (i=0; i<sk_X509_num(certs); i++)
-				{
-				x=sk_X509_value(certs,i);
-				if(text) X509_print(out, x);
-				else dump_cert_text(out, x);
-
-				if(!noout) PEM_write_bio_X509(out,x);
-				BIO_puts(out,"\n");
-				}
-			}
-		if (crls != NULL)
-			{
-			X509_CRL *crl;
-
-			for (i=0; i<sk_X509_CRL_num(crls); i++)
-				{
-				crl=sk_X509_CRL_value(crls,i);
-
-				X509_CRL_print(out, crl);
-
-				if(!noout)PEM_write_bio_X509_CRL(out,crl);
-				BIO_puts(out,"\n");
-				}
-			}
-
-		ret=0;
-		goto end;
-		}
-
-	if(!noout) {
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_PKCS7_bio(out,p7);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_PKCS7(out,p7);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write pkcs7 object\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	}
-	ret=0;
-end:
-	if (p7 != NULL) PKCS7_free(p7);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c
deleted file mode 100644
index 6be27e7f442f..000000000000
--- a/crypto/openssl/apps/pkcs8.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/* pkcs8.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-
-#define PROG pkcs8_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-	ENGINE *e = NULL;
-	char **args, *infile = NULL, *outfile = NULL;
-	char *passargin = NULL, *passargout = NULL;
-	BIO *in = NULL, *out = NULL;
-	int topk8 = 0;
-	int pbe_nid = -1;
-	const EVP_CIPHER *cipher = NULL;
-	int iter = PKCS12_DEFAULT_ITER;
-	int informat, outformat;
-	int p8_broken = PKCS8_OK;
-	int nocrypt = 0;
-	X509_SIG *p8;
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	EVP_PKEY *pkey=NULL;
-	char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
-	int badarg = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp(*args,"-v2")) {
-			if (args[1]) {
-				args++;
-				cipher=EVP_get_cipherbyname(*args);
-				if(!cipher) {
-					BIO_printf(bio_err,
-						 "Unknown cipher %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
-		} else if (!strcmp(*args,"-v1")) {
-			if (args[1]) {
-				args++;
-				pbe_nid=OBJ_txt2nid(*args);
-				if(pbe_nid == NID_undef) {
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
-		} else if (!strcmp(*args,"-inform")) {
-			if (args[1]) {
-				args++;
-				informat=str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp(*args,"-outform")) {
-			if (args[1]) {
-				args++;
-				outformat=str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-topk8")) topk8 = 1;
-		else if (!strcmp (*args, "-noiter")) iter = 1;
-		else if (!strcmp (*args, "-nocrypt")) nocrypt = 1;
-		else if (!strcmp (*args, "-nooct")) p8_broken = PKCS8_NO_OCTET;
-		else if (!strcmp (*args, "-nsdb")) p8_broken = PKCS8_NS_DB;
-		else if (!strcmp (*args, "-embed")) p8_broken = PKCS8_EMBEDDED_PARAM;
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1]) goto bad;
-			passargin= *(++args);
-			}
-		else if (!strcmp(*args,"-passout"))
-			{
-			if (!args[1]) goto bad;
-			passargout= *(++args);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
-			}
-#endif
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		bad:
-		BIO_printf(bio_err, "Usage pkcs8 [options]\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-in file        input file\n");
-		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err, "-topk8          output PKCS8 file\n");
-		BIO_printf(bio_err, "-nooct          use (nonstandard) no octet format\n");
-		BIO_printf(bio_err, "-embed          use (nonstandard) embedded DSA parameters format\n");
-		BIO_printf(bio_err, "-nsdb           use (nonstandard) DSA Netscape DB format\n");
-		BIO_printf(bio_err, "-noiter         use 1 as iteration count\n");
-		BIO_printf(bio_err, "-nocrypt        use or expect unencrypted private key\n");
-		BIO_printf(bio_err, "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
-		BIO_printf(bio_err, "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		return (1);
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		return (1);
-	}
-
-	if ((pbe_nid == -1) && !cipher) pbe_nid = NID_pbeWithMD5AndDES_CBC;
-
-	if (infile) {
-		if (!(in = BIO_new_file(infile, "rb"))) {
-			BIO_printf(bio_err,
-				 "Can't open input file %s\n", infile);
-			return (1);
-		}
-	} else in = BIO_new_fp (stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "wb"))) {
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
-			return (1);
-		}
-	} else {
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-	if (topk8)
-		{
-		BIO_free(in); /* Not needed in this section */
-		pkey = load_key(bio_err, infile, informat, 1,
-			passin, e, "key");
-		if (!pkey) {
-			return (1);
-		}
-		if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
-			BIO_printf(bio_err, "Error converting key\n", outfile);
-			ERR_print_errors(bio_err);
-			return (1);
-		}
-		if(nocrypt) {
-			if(outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
-			else if(outformat == FORMAT_ASN1)
-				i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
-			else {
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				return (1);
-			}
-		} else {
-			if(passout) p8pass = passout;
-			else {
-				p8pass = pass;
-				if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
-					return (1);
-			}
-			app_RAND_load_file(NULL, bio_err, 0);
-			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
-					p8pass, strlen(p8pass),
-					NULL, 0, iter, p8inf))) {
-				BIO_printf(bio_err, "Error encrypting key\n",
-								 outfile);
-				ERR_print_errors(bio_err);
-				return (1);
-			}
-			app_RAND_write_file(NULL, bio_err);
-			if(outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8(out, p8);
-			else if(outformat == FORMAT_ASN1)
-				i2d_PKCS8_bio(out, p8);
-			else {
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				return (1);
-			}
-			X509_SIG_free(p8);
-		}
-		PKCS8_PRIV_KEY_INFO_free (p8inf);
-		EVP_PKEY_free(pkey);
-		BIO_free_all(out);
-		if(passin) OPENSSL_free(passin);
-		if(passout) OPENSSL_free(passout);
-		return (0);
-	}
-
-	if(nocrypt) {
-		if(informat == FORMAT_PEM) 
-			p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
-		else if(informat == FORMAT_ASN1)
-			p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
-		else {
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
-		}
-	} else {
-		if(informat == FORMAT_PEM) 
-			p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
-		else if(informat == FORMAT_ASN1)
-			p8 = d2i_PKCS8_bio(in, NULL);
-		else {
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
-		}
-
-		if (!p8) {
-			BIO_printf (bio_err, "Error reading key\n", outfile);
-			ERR_print_errors(bio_err);
-			return (1);
-		}
-		if(passin) p8pass = passin;
-		else {
-			p8pass = pass;
-			EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
-		}
-		p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
-		X509_SIG_free(p8);
-	}
-
-	if (!p8inf) {
-		BIO_printf(bio_err, "Error decrypting key\n", outfile);
-		ERR_print_errors(bio_err);
-		return (1);
-	}
-
-	if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
-		BIO_printf(bio_err, "Error converting key\n", outfile);
-		ERR_print_errors(bio_err);
-		return (1);
-	}
-	
-	if (p8inf->broken) {
-		BIO_printf(bio_err, "Warning: broken key encoding: ");
-		switch (p8inf->broken) {
-			case PKCS8_NO_OCTET:
-			BIO_printf(bio_err, "No Octet String in PrivateKey\n");
-			break;
-
-			case PKCS8_EMBEDDED_PARAM:
-			BIO_printf(bio_err, "DSA parameters included in PrivateKey\n");
-			break;
-
-			case PKCS8_NS_DB:
-			BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
-			break;
-
-			default:
-			BIO_printf(bio_err, "Unknown broken type\n");
-			break;
-		}
-	}
-	
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	if(outformat == FORMAT_PEM) 
-		PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
-	else if(outformat == FORMAT_ASN1)
-		i2d_PrivateKey_bio(out, pkey);
-	else {
-		BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
-	}
-
-	end:
-	EVP_PKEY_free(pkey);
-	BIO_free_all(out);
-	BIO_free(in);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
-
-	return (0);
-}
diff --git a/crypto/openssl/apps/privkey.pem b/crypto/openssl/apps/privkey.pem
deleted file mode 100644
index 0af46474a7ee..000000000000
--- a/crypto/openssl/apps/privkey.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
-
-6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
-Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
-F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
-XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
-jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
-vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
-JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
-PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
-POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
-gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
-8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
-Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
-dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/progs.h b/crypto/openssl/apps/progs.h
deleted file mode 100644
index 70e4dbac0733..000000000000
--- a/crypto/openssl/apps/progs.h
+++ /dev/null
@@ -1,298 +0,0 @@
-/* apps/progs.h */
-/* automatically generated by progs.pl for openssl.c */
-
-extern int verify_main(int argc,char *argv[]);
-extern int asn1parse_main(int argc,char *argv[]);
-extern int req_main(int argc,char *argv[]);
-extern int dgst_main(int argc,char *argv[]);
-extern int dh_main(int argc,char *argv[]);
-extern int dhparam_main(int argc,char *argv[]);
-extern int enc_main(int argc,char *argv[]);
-extern int passwd_main(int argc,char *argv[]);
-extern int gendh_main(int argc,char *argv[]);
-extern int errstr_main(int argc,char *argv[]);
-extern int ca_main(int argc,char *argv[]);
-extern int crl_main(int argc,char *argv[]);
-extern int rsa_main(int argc,char *argv[]);
-extern int rsautl_main(int argc,char *argv[]);
-extern int dsa_main(int argc,char *argv[]);
-extern int dsaparam_main(int argc,char *argv[]);
-extern int x509_main(int argc,char *argv[]);
-extern int genrsa_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
-extern int s_server_main(int argc,char *argv[]);
-extern int s_client_main(int argc,char *argv[]);
-extern int speed_main(int argc,char *argv[]);
-extern int s_time_main(int argc,char *argv[]);
-extern int version_main(int argc,char *argv[]);
-extern int pkcs7_main(int argc,char *argv[]);
-extern int crl2pkcs7_main(int argc,char *argv[]);
-extern int sess_id_main(int argc,char *argv[]);
-extern int ciphers_main(int argc,char *argv[]);
-extern int nseq_main(int argc,char *argv[]);
-extern int pkcs12_main(int argc,char *argv[]);
-extern int pkcs8_main(int argc,char *argv[]);
-extern int spkac_main(int argc,char *argv[]);
-extern int smime_main(int argc,char *argv[]);
-extern int rand_main(int argc,char *argv[]);
-#ifndef OPENSSL_NO_ENGINE
-extern int engine_main(int argc,char *argv[]);
-#endif
-extern int ocsp_main(int argc,char *argv[]);
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-
-typedef struct {
-	int type;
-	char *name;
-	int (*func)();
-	} FUNCTION;
-
-FUNCTION functions[] = {
-	{FUNC_TYPE_GENERAL,"verify",verify_main},
-	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
-	{FUNC_TYPE_GENERAL,"req",req_main},
-	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dh",dh_main},
-#endif
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
-#endif
-	{FUNC_TYPE_GENERAL,"enc",enc_main},
-	{FUNC_TYPE_GENERAL,"passwd",passwd_main},
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
-#endif
-	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
-	{FUNC_TYPE_GENERAL,"ca",ca_main},
-	{FUNC_TYPE_GENERAL,"crl",crl_main},
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
-#endif
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsa",dsa_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
-#endif
-	{FUNC_TYPE_GENERAL,"x509",x509_main},
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
-#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
-#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
-#endif
-#ifndef OPENSSL_NO_SPEED
-	{FUNC_TYPE_GENERAL,"speed",speed_main},
-#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
-#endif
-	{FUNC_TYPE_GENERAL,"version",version_main},
-	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
-	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
-	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
-#endif
-	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
-#endif
-	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
-	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
-	{FUNC_TYPE_GENERAL,"smime",smime_main},
-	{FUNC_TYPE_GENERAL,"rand",rand_main},
-#ifndef OPENSSL_NO_ENGINE
-	{FUNC_TYPE_GENERAL,"engine",engine_main},
-#endif
-	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
-#ifndef OPENSSL_NO_MD2
-	{FUNC_TYPE_MD,"md2",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MD4
-	{FUNC_TYPE_MD,"md4",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MD5
-	{FUNC_TYPE_MD,"md5",dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA
-	{FUNC_TYPE_MD,"sha",dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA1
-	{FUNC_TYPE_MD,"sha1",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MDC2
-	{FUNC_TYPE_MD,"mdc2",dgst_main},
-#endif
-#ifndef OPENSSL_NO_RMD160
-	{FUNC_TYPE_MD,"rmd160",dgst_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
-#endif
-	{FUNC_TYPE_CIPHER,"base64",enc_main},
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des3",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"desx",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
-#endif
-	{0,NULL,NULL}
-	};
diff --git a/crypto/openssl/apps/progs.pl b/crypto/openssl/apps/progs.pl
deleted file mode 100644
index d6a40edb91d2..000000000000
--- a/crypto/openssl/apps/progs.pl
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/usr/local/bin/perl
-
-print "/* apps/progs.h */\n";
-print "/* automatically generated by progs.pl for openssl.c */\n\n";
-
-grep(s/^asn1pars$/asn1parse/,@ARGV);
-
-foreach (@ARGV)
-	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
-
-print <<'EOF';
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-
-typedef struct {
-	int type;
-	char *name;
-	int (*func)();
-	} FUNCTION;
-
-FUNCTION functions[] = {
-EOF
-
-foreach (@ARGV)
-	{
-	push(@files,$_);
-	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
-	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
-		{ print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; } 
-	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) 
-		{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n";  }
-	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
-		{ print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
-		{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^pkcs12$/))
-		{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
-	else
-		{ print $str; }
-	}
-
-foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
-	{
-	push(@files,$_);
-	printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
-	}
-
-foreach (
-	"aes-128-cbc", "aes-128-ecb",
-	"aes-192-cbc", "aes-192-ecb",
-	"aes-256-cbc", "aes-256-ecb",
-	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc4-40",
-	"rc2", "bf", "cast", "rc5",
-	"des-ecb", "des-ede",    "des-ede3",
-	"des-cbc", "des-ede-cbc","des-ede3-cbc",
-	"des-cfb", "des-ede-cfb","des-ede3-cfb",
-	"des-ofb", "des-ede-ofb","des-ede3-ofb",
-	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
-	"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
-	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
-	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
-	{
-	push(@files,$_);
-
-	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
-	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
-	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
-	elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
-	elsif ($_ =~ /rc4/)  { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
-	elsif ($_ =~ /rc2/)  { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
-	elsif ($_ =~ /bf/)   { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
-	elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
-	elsif ($_ =~ /rc5/)  { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
-	print $t;
-	}
-
-print "\t{0,NULL,NULL}\n\t};\n";
diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c
deleted file mode 100644
index 63724bc73025..000000000000
--- a/crypto/openssl/apps/rand.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* apps/rand.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "apps.h"
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#undef PROG
-#define PROG rand_main
-
-/* -out file         - write to file
- * -rand file:file   - PRNG seed files
- * -base64           - encode output
- * num               - write 'num' bytes
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	int i, r, ret = 1;
-	int badopt;
-	char *outfile = NULL;
-	char *inrand = NULL;
-	int base64 = 0;
-	BIO *out = NULL;
-	int num = -1;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-
-	badopt = 0;
-	i = 0;
-	while (!badopt && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-out") == 0)
-			{
-			if ((argv[i+1] != NULL) && (outfile == NULL))
-				outfile = argv[++i];
-			else
-				badopt = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(argv[i], "-engine") == 0)
-			{
-			if ((argv[i+1] != NULL) && (engine == NULL))
-				engine = argv[++i];
-			else
-				badopt = 1;
-			}
-#endif
-		else if (strcmp(argv[i], "-rand") == 0)
-			{
-			if ((argv[i+1] != NULL) && (inrand == NULL))
-				inrand = argv[++i];
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-base64") == 0)
-			{
-			if (!base64)
-				base64 = 1;
-			else
-				badopt = 1;
-			}
-		else if (isdigit((unsigned char)argv[i][0]))
-			{
-			if (num < 0)
-				{
-				r = sscanf(argv[i], "%d", &num);
-				if (r == 0 || num < 0)
-					badopt = 1;
-				}
-			else
-				badopt = 1;
-			}
-		else
-			badopt = 1;
-		}
-
-	if (num < 0)
-		badopt = 1;
-	
-	if (badopt) 
-		{
-		BIO_printf(bio_err, "Usage: rand [options] num\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-out file             - write to file\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e             - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-base64               - encode output\n");
-		goto err;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	out = BIO_new(BIO_s_file());
-	if (out == NULL)
-		goto err;
-	if (outfile != NULL)
-		r = BIO_write_filename(out, outfile);
-	else
-		{
-		r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	if (r <= 0)
-		goto err;
-
-	if (base64)
-		{
-		BIO *b64 = BIO_new(BIO_f_base64());
-		if (b64 == NULL)
-			goto err;
-		out = BIO_push(b64, out);
-		}
-	
-	while (num > 0) 
-		{
-		unsigned char buf[4096];
-		int chunk;
-
-		chunk = num;
-		if (chunk > sizeof buf)
-			chunk = sizeof buf;
-		r = RAND_bytes(buf, chunk);
-		if (r <= 0)
-			goto err;
-		BIO_write(out, buf, chunk);
-		num -= chunk;
-		}
-	BIO_flush(out);
-
-	app_RAND_write_file(NULL, bio_err);
-	ret = 0;
-	
-err:
-	ERR_print_errors(bio_err);
-	if (out)
-		BIO_free_all(out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c
deleted file mode 100644
index 5f6ec3d33914..000000000000
--- a/crypto/openssl/apps/req.c
+++ /dev/null
@@ -1,1554 +0,0 @@
-/* apps/req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include "../crypto/cryptlib.h"
-
-#define SECTION		"req"
-
-#define BITS		"default_bits"
-#define KEYFILE		"default_keyfile"
-#define PROMPT		"prompt"
-#define DISTINGUISHED_NAME	"distinguished_name"
-#define ATTRIBUTES	"attributes"
-#define V3_EXTENSIONS	"x509_extensions"
-#define REQ_EXTENSIONS	"req_extensions"
-#define STRING_MASK	"string_mask"
-#define UTF8_IN		"utf8"
-
-#define DEFAULT_KEY_LENGTH	512
-#define MIN_KEY_LENGTH		384
-
-#undef PROG
-#define PROG	req_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -verify	- check request signature
- * -noout	- don't print stuff out.
- * -text	- print out human readable text.
- * -nodes	- no des encryption
- * -config file	- Load configuration file.
- * -key file	- make a request using key in file (or use it for verification).
- * -keyform arg	- key file format.
- * -rand file(s) - load the file(s) into the PRNG.
- * -newkey	- make a key and a request.
- * -modulus	- print RSA modulus.
- * -pubkey	- output Public Key.
- * -x509	- output a self signed X509 structure instead.
- * -asn1-kludge	- output new certificate request in a format that some CA's
- *		  require.  This format is wrong
- */
-
-static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int attribs,
-		unsigned long chtype);
-static int build_subject(X509_REQ *req, char *subj, unsigned long chtype);
-static int prompt_info(X509_REQ *req,
-		STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
-		STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs,
-		unsigned long chtype);
-static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk,
-				STACK_OF(CONF_VALUE) *attr, int attribs,
-				unsigned long chtype);
-static int add_attribute_object(X509_REQ *req, char *text,
-				char *def, char *value, int nid, int n_min,
-				int n_max, unsigned long chtype);
-static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
-	int nid,int n_min,int n_max, unsigned long chtype);
-#ifndef OPENSSL_NO_RSA
-static void MS_CALLBACK req_cb(int p,int n,void *arg);
-#endif
-static int req_check_len(int len,int n_min,int n_max);
-static int check_end(char *str, char *end);
-#ifndef MONOLITH
-static char *default_config_file=NULL;
-#endif
-static CONF *req_conf=NULL;
-static int batch=0;
-
-#define TYPE_RSA	1
-#define TYPE_DSA	2
-#define TYPE_DH		3
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa_params=NULL;
-#endif
-	unsigned long nmflag = 0, reqflag = 0;
-	int ex=1,x509=0,days=30;
-	X509 *x509ss=NULL;
-	X509_REQ *req=NULL;
-	EVP_PKEY *pkey=NULL;
-	int i=0,badops=0,newreq=0,verbose=0,pkey_type=TYPE_RSA;
-	long newkey = -1;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
-	int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
-	char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *extensions = NULL;
-	char *req_exts = NULL;
-	const EVP_CIPHER *cipher=NULL;
-	ASN1_INTEGER *serial = NULL;
-	int modulus=0;
-	char *inrand=NULL;
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-	char *p;
-	char *subj = NULL;
-	const EVP_MD *md_alg=NULL,*digest=EVP_md5();
-	unsigned long chtype = MBSTRING_ASC;
-#ifndef MONOLITH
-	char *to_free;
-	long errline;
-#endif
-
-	req_conf = NULL;
-#ifndef OPENSSL_NO_DES
-	cipher=EVP_des_ede3_cbc();
-#endif
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-pubkey") == 0)
-			{
-			pubkey=1;
-			}
-		else if (strcmp(*argv,"-new") == 0)
-			{
-			newreq=1;
-			}
-		else if (strcmp(*argv,"-config") == 0)
-			{	
-			if (--argc < 1) goto bad;
-			template= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyout= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-newkey") == 0)
-			{
-			int is_numeric;
-
-			if (--argc < 1) goto bad;
-			p= *(++argv);
-			is_numeric = p[0] >= '0' && p[0] <= '9';
-			if (strncmp("rsa:",p,4) == 0 || is_numeric)
-				{
-				pkey_type=TYPE_RSA;
-				if(!is_numeric)
-				    p+=4;
-				newkey= atoi(p);
-				}
-			else
-#ifndef OPENSSL_NO_DSA
-				if (strncmp("dsa:",p,4) == 0)
-				{
-				X509 *xtmp=NULL;
-				EVP_PKEY *dtmp;
-
-				pkey_type=TYPE_DSA;
-				p+=4;
-				if ((in=BIO_new_file(p,"r")) == NULL)
-					{
-					perror(p);
-					goto end;
-					}
-				if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
-					{
-					ERR_clear_error();
-					(void)BIO_reset(in);
-					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
-						{
-						BIO_printf(bio_err,"unable to load DSA parameters from file\n");
-						goto end;
-						}
-
-					if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
-					if (dtmp->type == EVP_PKEY_DSA)
-						dsa_params=DSAparams_dup(dtmp->pkey.dsa);
-					EVP_PKEY_free(dtmp);
-					X509_free(xtmp);
-					if (dsa_params == NULL)
-						{
-						BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
-						goto end;
-						}
-					}
-				BIO_free(in);
-				newkey=BN_num_bits(dsa_params->p);
-				in=NULL;
-				}
-			else 
-#endif
-#ifndef OPENSSL_NO_DH
-				if (strncmp("dh:",p,4) == 0)
-				{
-				pkey_type=TYPE_DH;
-				p+=3;
-				}
-			else
-#endif
-				pkey_type=TYPE_RSA;
-
-			newreq=1;
-			}
-		else if (strcmp(*argv,"-batch") == 0)
-			batch=1;
-		else if (strcmp(*argv,"-newhdr") == 0)
-			newhdr=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-verify") == 0)
-			verify=1;
-		else if (strcmp(*argv,"-nodes") == 0)
-			nodes=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-verbose") == 0)
-			verbose=1;
-		else if (strcmp(*argv,"-utf8") == 0)
-			chtype = MBSTRING_UTF8;
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-reqopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_cert_ex(&reqflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-subject") == 0)
-			subject=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-x509") == 0)
-			x509=1;
-		else if (strcmp(*argv,"-asn1-kludge") == 0)
-			kludge=1;
-		else if (strcmp(*argv,"-no-asn1-kludge") == 0)
-			kludge=0;
-		else if (strcmp(*argv,"-subj") == 0)
-			{
-			if (--argc < 1) goto bad;
-			subj= *(++argv);
-			}
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days= atoi(*(++argv));
-			if (days == 0) days=30;
-			}
-		else if (strcmp(*argv,"-set_serial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			serial = s2i_ASN1_INTEGER(NULL, *(++argv));
-			if (!serial) goto bad;
-			}
-		else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extensions = *(++argv);
-			}
-		else if (strcmp(*argv,"-reqexts") == 0)
-			{
-			if (--argc < 1) goto bad;
-			req_exts = *(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options  are\n");
-		BIO_printf(bio_err," -inform arg    input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -text          text form of request\n");
-		BIO_printf(bio_err," -pubkey        output public key\n");
-		BIO_printf(bio_err," -noout         do not output REQ\n");
-		BIO_printf(bio_err," -verify        verify signature on REQ\n");
-		BIO_printf(bio_err," -modulus       RSA modulus\n");
-		BIO_printf(bio_err," -nodes         don't encrypt the output key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device\n");
-#endif
-		BIO_printf(bio_err," -subject       output the request's subject\n");
-		BIO_printf(bio_err," -passin        private key password source\n");
-		BIO_printf(bio_err," -key file      use the private key contained in file\n");
-		BIO_printf(bio_err," -keyform arg   key file format\n");
-		BIO_printf(bio_err," -keyout arg    file to send the key to\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"                load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"                the random number generator\n");
-		BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
-		BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
-		BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
-		BIO_printf(bio_err," -config file   request template file.\n");
-		BIO_printf(bio_err," -subj arg      set or modify request subject\n");
-		BIO_printf(bio_err," -new           new request.\n");
-		BIO_printf(bio_err," -batch         do not ask anything during request generation\n");
-		BIO_printf(bio_err," -x509          output a x509 structure instead of a cert. req.\n");
-		BIO_printf(bio_err," -days          number of days a certificate generated by -x509 is valid for.\n");
-		BIO_printf(bio_err," -set_serial    serial number to use for a certificate generated by -x509.\n");
-		BIO_printf(bio_err," -newhdr        output \"NEW\" in the header lines\n");
-		BIO_printf(bio_err," -asn1-kludge   Output the 'request' in a format that is wrong but some CA's\n");
-		BIO_printf(bio_err,"                have been reported as requiring\n");
-		BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
-		BIO_printf(bio_err," -reqexts ..    specify request extension section (override value in config file)\n");
-		BIO_printf(bio_err," -utf8          input characters are UTF8 (default ASCII)\n");
-		BIO_printf(bio_err," -nameopt arg    - various certificate name options\n");
-		BIO_printf(bio_err," -reqopt arg    - various request text options\n\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */
-	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
-	if (p == NULL)
-		p=to_free=make_config_name();
-	default_config_file=p;
-	config=NCONF_new(NULL);
-	i=NCONF_load(config, p, &errline);
-#endif
-
-	if (template != NULL)
-		{
-		long errline = -1;
-
-		if( verbose )
-			BIO_printf(bio_err,"Using configuration from %s\n",template);
-		req_conf=NCONF_new(NULL);
-		i=NCONF_load(req_conf,template,&errline);
-		if (i == 0)
-			{
-			BIO_printf(bio_err,"error on line %ld of %s\n",errline,template);
-			goto end;
-			}
-		}
-	else
-		{
-		req_conf=config;
-		if( verbose )
-			BIO_printf(bio_err,"Using configuration from %s\n",
-			default_config_file);
-		if (req_conf == NULL)
-			{
-			BIO_printf(bio_err,"Unable to load config info\n");
-			}
-		}
-
-	if (req_conf != NULL)
-		{
-		if (!load_config(bio_err, req_conf))
-			goto end;
-		p=NCONF_get_string(req_conf,NULL,"oid_file");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			BIO *oid_bio;
-
-			oid_bio=BIO_new_file(p,"r");
-			if (oid_bio == NULL) 
-				{
-				/*
-				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
-				ERR_print_errors(bio_err);
-				*/
-				}
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free(oid_bio);
-				}
-			}
-		}
-	if(!add_oid_section(bio_err, req_conf)) goto end;
-
-	if (md_alg == NULL)
-		{
-		p=NCONF_get_string(req_conf,SECTION,"default_md");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			if ((md_alg=EVP_get_digestbyname(p)) != NULL)
-				digest=md_alg;
-			}
-		}
-
-	if (!extensions)
-		{
-		extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
-		if (!extensions)
-			ERR_clear_error();
-		}
-	if (extensions) {
-		/* Check syntax of file */
-		X509V3_CTX ctx;
-		X509V3_set_ctx_test(&ctx);
-		X509V3_set_nconf(&ctx, req_conf);
-		if(!X509V3_EXT_add_nconf(req_conf, &ctx, extensions, NULL)) {
-			BIO_printf(bio_err,
-			 "Error Loading extension section %s\n", extensions);
-			goto end;
-		}
-	}
-
-	if(!passin)
-		{
-		passin = NCONF_get_string(req_conf, SECTION, "input_password");
-		if (!passin)
-			ERR_clear_error();
-		}
-	
-	if(!passout)
-		{
-		passout = NCONF_get_string(req_conf, SECTION, "output_password");
-		if (!passout)
-			ERR_clear_error();
-		}
-
-	p = NCONF_get_string(req_conf, SECTION, STRING_MASK);
-	if (!p)
-		ERR_clear_error();
-
-	if(p && !ASN1_STRING_set_default_mask_asc(p)) {
-		BIO_printf(bio_err, "Invalid global string mask setting %s\n", p);
-		goto end;
-	}
-
-	if (chtype != MBSTRING_UTF8)
-		{
-		p = NCONF_get_string(req_conf, SECTION, UTF8_IN);
-		if (!p)
-			ERR_clear_error();
-		else if (!strcmp(p, "yes"))
-			chtype = MBSTRING_UTF8;
-		}
-
-
-	if(!req_exts)
-		{
-		req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
-		if (!req_exts)
-			ERR_clear_error();
-		}
-	if(req_exts) {
-		/* Check syntax of file */
-		X509V3_CTX ctx;
-		X509V3_set_ctx_test(&ctx);
-		X509V3_set_nconf(&ctx, req_conf);
-		if(!X509V3_EXT_add_nconf(req_conf, &ctx, req_exts, NULL)) {
-			BIO_printf(bio_err,
-			 "Error Loading request extension section %s\n",
-								req_exts);
-			goto end;
-		}
-	}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (keyfile != NULL)
-		{
-		pkey = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			"Private Key");
-		if (!pkey)
-			{
-			/* load_key() has already printed an appropriate
-			   message */
-			goto end;
-			}
-		if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA)
-			{
-			char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
-			if (randfile == NULL)
-				ERR_clear_error();
-			app_RAND_load_file(randfile, bio_err, 0);
-			}
-		}
-
-	if (newreq && (pkey == NULL))
-		{
-		char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
-		if (randfile == NULL)
-			ERR_clear_error();
-		app_RAND_load_file(randfile, bio_err, 0);
-		if (inrand)
-			app_RAND_load_files(inrand);
-	
-		if (newkey <= 0)
-			{
-			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
-				newkey=DEFAULT_KEY_LENGTH;
-			}
-
-		if (newkey < MIN_KEY_LENGTH)
-			{
-			BIO_printf(bio_err,"private key length is too short,\n");
-			BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey);
-			goto end;
-			}
-		BIO_printf(bio_err,"Generating a %d bit %s private key\n",
-			newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA");
-
-		if ((pkey=EVP_PKEY_new()) == NULL) goto end;
-
-#ifndef OPENSSL_NO_RSA
-		if (pkey_type == TYPE_RSA)
-			{
-			if (!EVP_PKEY_assign_RSA(pkey,
-				RSA_generate_key(newkey,0x10001,
-					req_cb,bio_err)))
-				goto end;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (pkey_type == TYPE_DSA)
-			{
-			if (!DSA_generate_key(dsa_params)) goto end;
-			if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
-			dsa_params=NULL;
-			}
-#endif
-
-		app_RAND_write_file(randfile, bio_err);
-
-		if (pkey == NULL) goto end;
-
-		if (keyout == NULL)
-			{
-			keyout=NCONF_get_string(req_conf,SECTION,KEYFILE);
-			if (keyout == NULL)
-				ERR_clear_error();
-			}
-		
-		if (keyout == NULL)
-			{
-			BIO_printf(bio_err,"writing new private key to stdout\n");
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			BIO_printf(bio_err,"writing new private key to '%s'\n",keyout);
-			if (BIO_write_filename(out,keyout) <= 0)
-				{
-				perror(keyout);
-				goto end;
-				}
-			}
-
-		p=NCONF_get_string(req_conf,SECTION,"encrypt_rsa_key");
-		if (p == NULL)
-			{
-			ERR_clear_error();
-			p=NCONF_get_string(req_conf,SECTION,"encrypt_key");
-			if (p == NULL)
-				ERR_clear_error();
-			}
-		if ((p != NULL) && (strcmp(p,"no") == 0))
-			cipher=NULL;
-		if (nodes) cipher=NULL;
-		
-		i=0;
-loop:
-		if (!PEM_write_bio_PrivateKey(out,pkey,cipher,
-			NULL,0,NULL,passout))
-			{
-			if ((ERR_GET_REASON(ERR_peek_error()) ==
-				PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3))
-				{
-				ERR_clear_error();
-				i++;
-				goto loop;
-				}
-			goto end;
-			}
-		BIO_printf(bio_err,"-----\n");
-		}
-
-	if (!newreq)
-		{
-		/* Since we are using a pre-existing certificate
-		 * request, the kludge 'format' info should not be
-		 * changed. */
-		kludge= -1;
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if	(informat == FORMAT_ASN1)
-			req=d2i_X509_REQ_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL);
-		else
-			{
-			BIO_printf(bio_err,"bad input format specified for X509 request\n");
-			goto end;
-			}
-		if (req == NULL)
-			{
-			BIO_printf(bio_err,"unable to load X509 request\n");
-			goto end;
-			}
-		}
-
-	if (newreq || x509)
-		{
-		if (pkey == NULL)
-			{
-			BIO_printf(bio_err,"you need to specify a private key\n");
-			goto end;
-			}
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			digest=EVP_dss1();
-#endif
-		if (req == NULL)
-			{
-			req=X509_REQ_new();
-			if (req == NULL)
-				{
-				goto end;
-				}
-
-			i=make_REQ(req,pkey,subj,!x509, chtype);
-			subj=NULL; /* done processing '-subj' option */
-			if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes))
-				{
-				sk_X509_ATTRIBUTE_free(req->req_info->attributes);
-				req->req_info->attributes = NULL;
-				}
-			if (!i)
-				{
-				BIO_printf(bio_err,"problems making Certificate Request\n");
-				goto end;
-				}
-			}
-		if (x509)
-			{
-			EVP_PKEY *tmppkey;
-			X509V3_CTX ext_ctx;
-			if ((x509ss=X509_new()) == NULL) goto end;
-
-			/* Set version to V3 */
-			if(!X509_set_version(x509ss, 2)) goto end;
-			if (serial)
-				{
-				if (!X509_set_serialNumber(x509ss, serial)) goto end;
-				}
-			else
-				{
-				if (!ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L)) goto end;
-				}
-
-			if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
-			if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
-			if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
-			if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
-			tmppkey = X509_REQ_get_pubkey(req);
-			if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
-			EVP_PKEY_free(tmppkey);
-
-			/* Set up V3 context struct */
-
-			X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0);
-			X509V3_set_nconf(&ext_ctx, req_conf);
-
-			/* Add extensions */
-			if(extensions && !X509V3_EXT_add_nconf(req_conf, 
-				 	&ext_ctx, extensions, x509ss))
-				{
-				BIO_printf(bio_err,
-					"Error Loading extension section %s\n",
-					extensions);
-				goto end;
-				}
-			
-			if (!(i=X509_sign(x509ss,pkey,digest)))
-				goto end;
-			}
-		else
-			{
-			X509V3_CTX ext_ctx;
-
-			/* Set up V3 context struct */
-
-			X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0);
-			X509V3_set_nconf(&ext_ctx, req_conf);
-
-			/* Add extensions */
-			if(req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, 
-				 	&ext_ctx, req_exts, req))
-				{
-				BIO_printf(bio_err,
-					"Error Loading extension section %s\n",
-					req_exts);
-				goto end;
-				}
-			if (!(i=X509_REQ_sign(req,pkey,digest)))
-				goto end;
-			}
-		}
-
-	if (subj && x509)
-		{
-		BIO_printf(bio_err, "Cannot modifiy certificate subject\n");
-		goto end;
-		}
-
-	if (subj && !x509)
-		{
-		if (verbose)
-			{
-			BIO_printf(bio_err, "Modifying Request's Subject\n");
-			print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), nmflag);
-			}
-
-		if (build_subject(req, subj, chtype) == 0)
-			{
-			BIO_printf(bio_err, "ERROR: cannot modify subject\n");
-			ex=1;
-			goto end;
-			}
-
-		req->req_info->enc.modified = 1;
-
-		if (verbose)
-			{
-			print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), nmflag);
-			}
-		}
-
-	if (verify && !x509)
-		{
-		int tmp=0;
-
-		if (pkey == NULL)
-			{
-			pkey=X509_REQ_get_pubkey(req);
-			tmp=1;
-			if (pkey == NULL) goto end;
-			}
-
-		i=X509_REQ_verify(req,pkey);
-		if (tmp) {
-			EVP_PKEY_free(pkey);
-			pkey=NULL;
-		}
-
-		if (i < 0)
-			{
-			goto end;
-			}
-		else if (i == 0)
-			{
-			BIO_printf(bio_err,"verify failure\n");
-			ERR_print_errors(bio_err);
-			}
-		else /* if (i > 0) */
-			BIO_printf(bio_err,"verify OK\n");
-		}
-
-	if (noout && !text && !modulus && !subject && !pubkey)
-		{
-		ex=0;
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
-			i=(int)BIO_append_filename(out,outfile);
-		else
-			i=(int)BIO_write_filename(out,outfile);
-		if (!i)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (pubkey)
-		{
-		EVP_PKEY *tpubkey; 
-		tpubkey=X509_REQ_get_pubkey(req);
-		if (tpubkey == NULL)
-			{
-			BIO_printf(bio_err,"Error getting public key\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		PEM_write_bio_PUBKEY(out, tpubkey);
-		EVP_PKEY_free(tpubkey);
-		}
-
-	if (text)
-		{
-		if (x509)
-			X509_print_ex(out, x509ss, nmflag, reqflag);
-		else	
-			X509_REQ_print_ex(out, req, nmflag, reqflag);
-		}
-
-	if(subject) 
-		{
-		if(x509)
-			print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag);
-		else
-			print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag);
-		}
-
-	if (modulus)
-		{
-		EVP_PKEY *tpubkey;
-
-		if (x509)
-			tpubkey=X509_get_pubkey(x509ss);
-		else
-			tpubkey=X509_REQ_get_pubkey(req);
-		if (tpubkey == NULL)
-			{
-			fprintf(stdout,"Modulus=unavailable\n");
-			goto end; 
-			}
-		fprintf(stdout,"Modulus=");
-#ifndef OPENSSL_NO_RSA
-		if (tpubkey->type == EVP_PKEY_RSA)
-			BN_print(out,tpubkey->pkey.rsa->n);
-		else
-#endif
-			fprintf(stdout,"Wrong Algorithm type");
-		EVP_PKEY_free(tpubkey);
-		fprintf(stdout,"\n");
-		}
-
-	if (!noout && !x509)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_X509_REQ_bio(out,req);
-		else if (outformat == FORMAT_PEM) {
-			if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req);
-			else i=PEM_write_bio_X509_REQ(out,req);
-		} else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write X509 request\n");
-			goto end;
-			}
-		}
-	if (!noout && x509 && (x509ss != NULL))
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_X509_bio(out,x509ss);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,x509ss);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write X509 certificate\n");
-			goto end;
-			}
-		}
-	ex=0;
-end:
-#ifndef MONOLITH
-	if(to_free)
-		OPENSSL_free(to_free);
-#endif
-	if (ex)
-		{
-		ERR_print_errors(bio_err);
-		}
-	if ((req_conf != NULL) && (req_conf != config)) NCONF_free(req_conf);
-	BIO_free(in);
-	BIO_free_all(out);
-	EVP_PKEY_free(pkey);
-	X509_REQ_free(req);
-	X509_free(x509ss);
-	ASN1_INTEGER_free(serial);
-	if(passargin && passin) OPENSSL_free(passin);
-	if(passargout && passout) OPENSSL_free(passout);
-	OBJ_cleanup();
-#ifndef OPENSSL_NO_DSA
-	if (dsa_params != NULL) DSA_free(dsa_params);
-#endif
-	apps_shutdown();
-	OPENSSL_EXIT(ex);
-	}
-
-static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs,
-			unsigned long chtype)
-	{
-	int ret=0,i;
-	char no_prompt = 0;
-	STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL;
-	char *tmp, *dn_sect,*attr_sect;
-
-	tmp=NCONF_get_string(req_conf,SECTION,PROMPT);
-	if (tmp == NULL)
-		ERR_clear_error();
-	if((tmp != NULL) && !strcmp(tmp, "no")) no_prompt = 1;
-
-	dn_sect=NCONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
-	if (dn_sect == NULL)
-		{
-		BIO_printf(bio_err,"unable to find '%s' in config\n",
-			DISTINGUISHED_NAME);
-		goto err;
-		}
-	dn_sk=NCONF_get_section(req_conf,dn_sect);
-	if (dn_sk == NULL)
-		{
-		BIO_printf(bio_err,"unable to get '%s' section\n",dn_sect);
-		goto err;
-		}
-
-	attr_sect=NCONF_get_string(req_conf,SECTION,ATTRIBUTES);
-	if (attr_sect == NULL)
-		{
-		ERR_clear_error();		
-		attr_sk=NULL;
-		}
-	else
-		{
-		attr_sk=NCONF_get_section(req_conf,attr_sect);
-		if (attr_sk == NULL)
-			{
-			BIO_printf(bio_err,"unable to get '%s' section\n",attr_sect);
-			goto err;
-			}
-		}
-
-	/* setup version number */
-	if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */
-
-	if (no_prompt) 
-		i = auto_info(req, dn_sk, attr_sk, attribs, chtype);
-	else 
-		{
-		if (subj)
-			i = build_subject(req, subj, chtype);
-		else
-			i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype);
-		}
-	if(!i) goto err;
-
-	if (!X509_REQ_set_pubkey(req,pkey)) goto err;
-
-	ret=1;
-err:
-	return(ret);
-	}
-
-/*
- * subject is expected to be in the format /type0=value0/type1=value1/type2=...
- * where characters may be escaped by \
- */
-static int build_subject(X509_REQ *req, char *subject, unsigned long chtype)
-	{
-	X509_NAME *n;
-
-	if (!(n = do_subject(subject, chtype)))
-		return 0;
-
-	if (!X509_REQ_set_subject_name(req, n))
-		{
-		X509_NAME_free(n);
-		return 0;
-		}
-	X509_NAME_free(n);
-	return 1;
-}
-
-
-static int prompt_info(X509_REQ *req,
-		STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
-		STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs,
-		unsigned long chtype)
-	{
-	int i;
-	char *p,*q;
-	char buf[100];
-	int nid;
-	long n_min,n_max;
-	char *type,*def,*value;
-	CONF_VALUE *v;
-	X509_NAME *subj;
-	subj = X509_REQ_get_subject_name(req);
-
-	if(!batch)
-		{
-		BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n");
-		BIO_printf(bio_err,"into your certificate request.\n");
-		BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n");
-		BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n");
-		BIO_printf(bio_err,"For some fields there will be a default value,\n");
-		BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n");
-		BIO_printf(bio_err,"-----\n");
-		}
-
-
-	if (sk_CONF_VALUE_num(dn_sk))
-		{
-		i= -1;
-start:		for (;;)
-			{
-			i++;
-			if (sk_CONF_VALUE_num(dn_sk) <= i) break;
-
-			v=sk_CONF_VALUE_value(dn_sk,i);
-			p=q=NULL;
-			type=v->name;
-			if(!check_end(type,"_min") || !check_end(type,"_max") ||
-				!check_end(type,"_default") ||
-					 !check_end(type,"_value")) continue;
-			/* Skip past any leading X. X: X, etc to allow for
-			 * multiple instances 
-			 */
-			for(p = v->name; *p ; p++) 
-				if ((*p == ':') || (*p == ',') ||
-							 (*p == '.')) {
-					p++;
-					if(*p) type = p;
-					break;
-				}
-			/* If OBJ not recognised ignore it */
-			if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
-
-			if(strlen(v->name) > sizeof buf-9)
-			   {
-			   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
-			   return 0;
-			   }
-
-			sprintf(buf,"%s_default",v->name);
-			if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
-				{
-				ERR_clear_error();
-				def="";
-				}
-			sprintf(buf,"%s_value",v->name);
-			if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
-				{
-				ERR_clear_error();
-				value=NULL;
-				}
-
-			sprintf(buf,"%s_min",v->name);
-			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
-				{
-				ERR_clear_error();
-				n_min = -1;
-				}
-
-			sprintf(buf,"%s_max",v->name);
-			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
-				{
-				ERR_clear_error();
-				n_max = -1;
-				}
-
-			if (!add_DN_object(subj,v->value,def,value,nid,
-				n_min,n_max, chtype))
-				return 0;
-			}
-		if (X509_NAME_entry_count(subj) == 0)
-			{
-			BIO_printf(bio_err,"error, no objects specified in config file\n");
-			return 0;
-			}
-
-		if (attribs)
-			{
-			if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) && (!batch))
-				{
-				BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
-				BIO_printf(bio_err,"to be sent with your certificate request\n");
-				}
-
-			i= -1;
-start2:			for (;;)
-				{
-				i++;
-				if ((attr_sk == NULL) ||
-					    (sk_CONF_VALUE_num(attr_sk) <= i))
-					break;
-
-				v=sk_CONF_VALUE_value(attr_sk,i);
-				type=v->name;
-				if ((nid=OBJ_txt2nid(type)) == NID_undef)
-					goto start2;
-
-				if(strlen(v->name) > sizeof buf-9)
-				   {
-				   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
-				   return 0;
-				   }
-
-				sprintf(buf,"%s_default",type);
-				if ((def=NCONF_get_string(req_conf,attr_sect,buf))
-					== NULL)
-					{
-					ERR_clear_error();
-					def="";
-					}
-				
-				
-				sprintf(buf,"%s_value",type);
-				if ((value=NCONF_get_string(req_conf,attr_sect,buf))
-					== NULL)
-					{
-					ERR_clear_error();
-					value=NULL;
-					}
-
-				sprintf(buf,"%s_min",type);
-				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
-					n_min = -1;
-
-				sprintf(buf,"%s_max",type);
-				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
-					n_max = -1;
-
-				if (!add_attribute_object(req,
-					v->value,def,value,nid,n_min,n_max, chtype))
-					return 0;
-				}
-			}
-		}
-	else
-		{
-		BIO_printf(bio_err,"No template, please set one up.\n");
-		return 0;
-		}
-
-	return 1;
-
-	}
-
-static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
-			STACK_OF(CONF_VALUE) *attr_sk, int attribs, unsigned long chtype)
-	{
-	int i;
-	char *p,*q;
-	char *type;
-	CONF_VALUE *v;
-	X509_NAME *subj;
-
-	subj = X509_REQ_get_subject_name(req);
-
-	for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
-		{
-		v=sk_CONF_VALUE_value(dn_sk,i);
-		p=q=NULL;
-		type=v->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances 
-		 */
-		for(p = v->name; *p ; p++) 
-#ifndef CHARSET_EBCDIC
-			if ((*p == ':') || (*p == ',') || (*p == '.')) {
-#else
-			if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) {
-#endif
-				p++;
-				if(*p) type = p;
-				break;
-			}
-		if (!X509_NAME_add_entry_by_txt(subj,type, chtype,
-				(unsigned char *) v->value,-1,-1,0)) return 0;
-
-		}
-
-		if (!X509_NAME_entry_count(subj))
-			{
-			BIO_printf(bio_err,"error, no objects specified in config file\n");
-			return 0;
-			}
-		if (attribs)
-			{
-			for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++)
-				{
-				v=sk_CONF_VALUE_value(attr_sk,i);
-				if(!X509_REQ_add1_attr_by_txt(req, v->name, chtype,
-					(unsigned char *)v->value, -1)) return 0;
-				}
-			}
-	return 1;
-	}
-
-
-static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
-	     int nid, int n_min, int n_max, unsigned long chtype)
-	{
-	int i,ret=0;
-	MS_STATIC char buf[1024];
-start:
-	if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
-	if(value != NULL)
-		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
-		BIO_printf(bio_err,"%s\n",value);
-		}
-	else
-		{
-		buf[0]='\0';
-		if (!batch)
-			{
-			fgets(buf,sizeof buf,stdin);
-			}
-		else
-			{
-			buf[0] = '\n';
-			buf[1] = '\0';
-			}
-		}
-
-	if (buf[0] == '\0') return(0);
-	else if (buf[0] == '\n')
-		{
-		if ((def == NULL) || (def[0] == '\0'))
-			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
-		}
-	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
-
-	i=strlen(buf);
-	if (buf[i-1] != '\n')
-		{
-		BIO_printf(bio_err,"weird input :-(\n");
-		return(0);
-		}
-	buf[--i]='\0';
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, i);
-#endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
-	if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
-				(unsigned char *) buf, -1,-1,0)) goto err;
-	ret=1;
-err:
-	return(ret);
-	}
-
-static int add_attribute_object(X509_REQ *req, char *text,
-				char *def, char *value, int nid, int n_min,
-				int n_max, unsigned long chtype)
-	{
-	int i;
-	static char buf[1024];
-
-start:
-	if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
-	if (value != NULL)
-		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
-		BIO_printf(bio_err,"%s\n",value);
-		}
-	else
-		{
-		buf[0]='\0';
-		if (!batch)
-			{
-			fgets(buf,sizeof buf,stdin);
-			}
-		else
-			{
-			buf[0] = '\n';
-			buf[1] = '\0';
-			}
-		}
-
-	if (buf[0] == '\0') return(0);
-	else if (buf[0] == '\n')
-		{
-		if ((def == NULL) || (def[0] == '\0'))
-			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
-		}
-	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
-
-	i=strlen(buf);
-	if (buf[i-1] != '\n')
-		{
-		BIO_printf(bio_err,"weird input :-(\n");
-		return(0);
-		}
-	buf[--i]='\0';
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, i);
-#endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
-
-	if(!X509_REQ_add1_attr_by_NID(req, nid, chtype,
-					(unsigned char *)buf, -1)) {
-		BIO_printf(bio_err, "Error adding attribute\n");
-		ERR_print_errors(bio_err);
-		goto err;
-	}
-
-	return(1);
-err:
-	return(0);
-	}
-
-#ifndef OPENSSL_NO_RSA
-static void MS_CALLBACK req_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#endif
-
-static int req_check_len(int len, int n_min, int n_max)
-	{
-	if ((n_min > 0) && (len < n_min))
-		{
-		BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",n_min);
-		return(0);
-		}
-	if ((n_max >= 0) && (len > n_max))
-		{
-		BIO_printf(bio_err,"string is too long, it needs to be less than  %d bytes long\n",n_max);
-		return(0);
-		}
-	return(1);
-	}
-
-/* Check if the end of a string matches 'end' */
-static int check_end(char *str, char *end)
-{
-	int elen, slen;	
-	char *tmp;
-	elen = strlen(end);
-	slen = strlen(str);
-	if(elen > slen) return 1;
-	tmp = str + slen - elen;
-	return strcmp(tmp, end);
-}
diff --git a/crypto/openssl/apps/req.pem b/crypto/openssl/apps/req.pem
deleted file mode 100644
index 5537df601df9..000000000000
--- a/crypto/openssl/apps/req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
-YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
-S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
-AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
-tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
-84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
-CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
-Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/rsa.c b/crypto/openssl/apps/rsa.c
deleted file mode 100644
index 0acdb08b24c3..000000000000
--- a/crypto/openssl/apps/rsa.c
+++ /dev/null
@@ -1,388 +0,0 @@
-/* apps/rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	rsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -aes128	- encrypt output if PEM format
- * -aes192	- encrypt output if PEM format
- * -aes256	- encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the RSA key modulus
- * -check	- verify key consistency
- * -pubin	- Expect a public key in input file.
- * -pubout	- Output a public key.
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int ret=1;
-	RSA *rsa=NULL;
-	int i,badops=0, sgckey=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *out=NULL;
-	int informat,outformat,text=0,check=0,noout=0;
-	int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int modulus=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-sgckey") == 0)
-			sgckey=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -sgckey         Use IIS SGC key format\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the RSA key modulus\n");
-		BIO_printf(bio_err," -check          verify key consistency\n");
-		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
-		BIO_printf(bio_err," -pubout         output a public key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-	if(check && pubin) {
-		BIO_printf(bio_err, "Only private keys can be checked\n");
-		goto end;
-	}
-
-	out=BIO_new(BIO_s_file());
-
-	{
-		EVP_PKEY	*pkey;
-
-		if (pubin)
-			pkey = load_pubkey(bio_err, infile,
-				(informat == FORMAT_NETSCAPE && sgckey ?
-					FORMAT_IISSGC : informat), 1,
-				passin, e, "Public Key");
-		else
-			pkey = load_key(bio_err, infile,
-				(informat == FORMAT_NETSCAPE && sgckey ?
-					FORMAT_IISSGC : informat), 1,
-				passin, e, "Private Key");
-
-		if (pkey != NULL)
-		rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey);
-		EVP_PKEY_free(pkey);
-	}
-
-	if (rsa == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!RSA_print(out,rsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		BIO_printf(out,"Modulus=");
-		BN_print(out,rsa->n);
-		BIO_printf(out,"\n");
-		}
-
-	if (check)
-		{
-		int r = RSA_check_key(rsa);
-
-		if (r == 1)
-			BIO_printf(out,"RSA key ok\n");
-		else if (r == 0)
-			{
-			long err;
-
-			while ((err = ERR_peek_error()) != 0 &&
-				ERR_GET_LIB(err) == ERR_LIB_RSA &&
-				ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
-				ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
-				{
-				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
-				ERR_get_error(); /* remove e from error stack */
-				}
-			}
-		
-		if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-		
-	if (noout)
-		{
-		ret = 0;
-		goto end;
-		}
-	BIO_printf(bio_err,"writing RSA key\n");
-	if 	(outformat == FORMAT_ASN1) {
-		if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa);
-		else i=i2d_RSAPrivateKey_bio(out,rsa);
-	}
-#ifndef OPENSSL_NO_RC4
-	else if (outformat == FORMAT_NETSCAPE)
-		{
-		unsigned char *p,*pp;
-		int size;
-
-		i=1;
-		size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
-		if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto end;
-			}
-		pp=p;
-		i2d_RSA_NET(rsa,&p,NULL, sgckey);
-		BIO_write(out,(char *)pp,size);
-		OPENSSL_free(pp);
-		}
-#endif
-	else if (outformat == FORMAT_PEM) {
-		if(pubout || pubin)
-		    i=PEM_write_bio_RSA_PUBKEY(out,rsa);
-		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
-						enc,NULL,0,NULL,passout);
-	} else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(out != NULL) BIO_free_all(out);
-	if(rsa != NULL) RSA_free(rsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/apps/rsa/01.pem b/crypto/openssl/apps/rsa/01.pem
deleted file mode 100644
index 36ec57598efe..000000000000
--- a/crypto/openssl/apps/rsa/01.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/rsa/1.txt b/crypto/openssl/apps/rsa/1.txt
deleted file mode 100644
index 95a862e150ef..000000000000
--- a/crypto/openssl/apps/rsa/1.txt
+++ /dev/null
@@ -1,50 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: May 18 00:00:00 1998 GMT
-            Not After : May 18 23:59:59 1999 GMT
-        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
-                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
-                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
-                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
-                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
-                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
-                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
-                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
-                    b0:91:2d:85:ad:2a:1c:e7:f7
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md5WithRSAEncryption
-        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
-        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
-        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
-        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
-        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
-        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
-        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
------BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/rsa/SecureServer.pem b/crypto/openssl/apps/rsa/SecureServer.pem
deleted file mode 100644
index 7c8ffb2cd85c..000000000000
--- a/crypto/openssl/apps/rsa/SecureServer.pem
+++ /dev/null
@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/rsa/s.txt b/crypto/openssl/apps/rsa/s.txt
deleted file mode 100644
index 7de7e0764fa9..000000000000
--- a/crypto/openssl/apps/rsa/s.txt
+++ /dev/null
@@ -1,49 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/rsa8192.pem b/crypto/openssl/apps/rsa8192.pem
deleted file mode 100644
index 946a6e5433ce..000000000000
--- a/crypto/openssl/apps/rsa8192.pem
+++ /dev/null
@@ -1,101 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-
-MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
-ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
-MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
-55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
-yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
-tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
-LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
-aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
-PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
-mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
-71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
-d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
-wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
-bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
-Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
-Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
-pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
-os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
-mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
-cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
-LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
-tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
-PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
-psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
-9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
-xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
-ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
-RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
-1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
-P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
-77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
-4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
-/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
-GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
-HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
-ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
-AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
-52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
-5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
-7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
-KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
-cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
-dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
-DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
-Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
-f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
-J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
-TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
-fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
-Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
-mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
-YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
-mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
-Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
-c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
-Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
-WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
-KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
-JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
-yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
-kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
-DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
-22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
-ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
-D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
-PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
-dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
-FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
-6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
-eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
-bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
-XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
-7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
-82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
-beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
-pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
-70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
-YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
-ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
-lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
-4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
-lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
-LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
-x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
-O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
-6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
-Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
-DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
-Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
-oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
-nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
-X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
-QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
-TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
-46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
-rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
-I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
------END RSA PRIVATE KEY-----
-
diff --git a/crypto/openssl/apps/rsautl.c b/crypto/openssl/apps/rsautl.c
deleted file mode 100644
index 5a6fd115f41b..000000000000
--- a/crypto/openssl/apps/rsautl.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* rsautl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_RSA
-
-#include "apps.h"
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-#define RSA_SIGN 	1
-#define RSA_VERIFY 	2
-#define RSA_ENCRYPT 	3
-#define RSA_DECRYPT 	4
-
-#define KEY_PRIVKEY	1
-#define KEY_PUBKEY	2
-#define KEY_CERT	3
-
-static void usage(void);
-
-#undef PROG
-
-#define PROG rsautl_main
-
-int MAIN(int argc, char **);
-
-int MAIN(int argc, char **argv)
-{
-	ENGINE *e = NULL;
-	BIO *in = NULL, *out = NULL;
-	char *infile = NULL, *outfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-	char *keyfile = NULL;
-	char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
-	int keyform = FORMAT_PEM;
-	char need_priv = 0, badarg = 0, rev = 0;
-	char hexdump = 0, asn1parse = 0;
-	X509 *x;
-	EVP_PKEY *pkey = NULL;
-	RSA *rsa = NULL;
-	unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
-	int rsa_inlen, rsa_outlen = 0;
-	int keysize;
-
-	int ret = 1;
-
-	argc--;
-	argv++;
-
-	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	pad = RSA_PKCS1_PADDING;
-	
-	while(argc >= 1)
-	{
-		if (!strcmp(*argv,"-in")) {
-			if (--argc < 1) badarg = 1;
-                        infile= *(++argv);
-		} else if (!strcmp(*argv,"-out")) {
-			if (--argc < 1) badarg = 1;
-			outfile= *(++argv);
-		} else if(!strcmp(*argv, "-inkey")) {
-			if (--argc < 1) badarg = 1;
-			keyfile = *(++argv);
-		} else if (strcmp(*argv,"-keyform") == 0) {
-			if (--argc < 1) badarg = 1;
-			keyform=str2fmt(*(++argv));
-#ifndef OPENSSL_NO_ENGINE
-		} else if(!strcmp(*argv, "-engine")) {
-			if (--argc < 1) badarg = 1;
-			engine = *(++argv);
-#endif
-		} else if(!strcmp(*argv, "-pubin")) {
-			key_type = KEY_PUBKEY;
-		} else if(!strcmp(*argv, "-certin")) {
-			key_type = KEY_CERT;
-		} 
-		else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
-		else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
-		else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
-		else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
-		else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
-		else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
-		else if(!strcmp(*argv, "-sign")) {
-			rsa_mode = RSA_SIGN;
-			need_priv = 1;
-		} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
-		else if(!strcmp(*argv, "-rev")) rev = 1;
-		else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
-		else if(!strcmp(*argv, "-decrypt")) {
-			rsa_mode = RSA_DECRYPT;
-			need_priv = 1;
-		} else badarg = 1;
-		if(badarg) {
-			usage();
-			goto end;
-		}
-		argc--;
-		argv++;
-	}
-
-	if(need_priv && (key_type != KEY_PRIVKEY)) {
-		BIO_printf(bio_err, "A private key is needed for this operation\n");
-		goto end;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-/* FIXME: seed PRNG only if needed */
-	app_RAND_load_file(NULL, bio_err, 0);
-	
-	switch(key_type) {
-		case KEY_PRIVKEY:
-		pkey = load_key(bio_err, keyfile, keyform, 0,
-			NULL, e, "Private Key");
-		break;
-
-		case KEY_PUBKEY:
-		pkey = load_pubkey(bio_err, keyfile, keyform, 0,
-			NULL, e, "Public Key");
-		break;
-
-		case KEY_CERT:
-		x = load_cert(bio_err, keyfile, keyform,
-			NULL, e, "Certificate");
-		if(x) {
-			pkey = X509_get_pubkey(x);
-			X509_free(x);
-		}
-		break;
-	}
-
-	if(!pkey) {
-		return 1;
-	}
-
-	rsa = EVP_PKEY_get1_RSA(pkey);
-	EVP_PKEY_free(pkey);
-
-	if(!rsa) {
-		BIO_printf(bio_err, "Error getting RSA key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-
-	if(infile) {
-		if(!(in = BIO_new_file(infile, "rb"))) {
-			BIO_printf(bio_err, "Error Reading Input File\n");
-			ERR_print_errors(bio_err);	
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if(outfile) {
-		if(!(out = BIO_new_file(outfile, "wb"))) {
-			BIO_printf(bio_err, "Error Reading Output File\n");
-			ERR_print_errors(bio_err);	
-			goto end;
-		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	keysize = RSA_size(rsa);
-
-	rsa_in = OPENSSL_malloc(keysize * 2);
-	rsa_out = OPENSSL_malloc(keysize);
-
-	/* Read the input data */
-	rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
-	if(rsa_inlen <= 0) {
-		BIO_printf(bio_err, "Error reading input Data\n");
-		exit(1);
-	}
-	if(rev) {
-		int i;
-		unsigned char ctmp;
-		for(i = 0; i < rsa_inlen/2; i++) {
-			ctmp = rsa_in[i];
-			rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
-			rsa_in[rsa_inlen - 1 - i] = ctmp;
-		}
-	}
-	switch(rsa_mode) {
-
-		case RSA_VERIFY:
-			rsa_outlen  = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_SIGN:
-			rsa_outlen  = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_ENCRYPT:
-			rsa_outlen  = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_DECRYPT:
-			rsa_outlen  = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-	}
-
-	if(rsa_outlen <= 0) {
-		BIO_printf(bio_err, "RSA operation error\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-	ret = 0;
-	if(asn1parse) {
-		if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
-			ERR_print_errors(bio_err);
-		}
-	} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
-	else BIO_write(out, rsa_out, rsa_outlen);
-	end:
-	RSA_free(rsa);
-	BIO_free(in);
-	BIO_free_all(out);
-	if(rsa_in) OPENSSL_free(rsa_in);
-	if(rsa_out) OPENSSL_free(rsa_out);
-	return ret;
-}
-
-static void usage()
-{
-	BIO_printf(bio_err, "Usage: rsautl [options]\n");
-	BIO_printf(bio_err, "-in file        input file\n");
-	BIO_printf(bio_err, "-out file       output file\n");
-	BIO_printf(bio_err, "-inkey file     input key\n");
-	BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
-	BIO_printf(bio_err, "-pubin          input is an RSA public\n");
-	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
-	BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
-	BIO_printf(bio_err, "-raw            use no padding\n");
-	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");
-	BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");
-	BIO_printf(bio_err, "-sign           sign with private key\n");
-	BIO_printf(bio_err, "-verify         verify with public key\n");
-	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
-	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
-	BIO_printf(bio_err, "-hexdump        hex dump output\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-#endif
-
-}
-
-#endif
diff --git a/crypto/openssl/apps/s1024key.pem b/crypto/openssl/apps/s1024key.pem
deleted file mode 100644
index 19e04035724f..000000000000
--- a/crypto/openssl/apps/s1024key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/s1024req.pem b/crypto/openssl/apps/s1024req.pem
deleted file mode 100644
index bb75e7eeb7e9..000000000000
--- a/crypto/openssl/apps/s1024req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
-dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
-9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
-KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
-RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
-BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
-nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
-frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/s512-key.pem b/crypto/openssl/apps/s512-key.pem
deleted file mode 100644
index 0e3ff2d373a3..000000000000
--- a/crypto/openssl/apps/s512-key.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/apps/s512-req.pem b/crypto/openssl/apps/s512-req.pem
deleted file mode 100644
index ea314be5550e..000000000000
--- a/crypto/openssl/apps/s512-req.pem
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
-MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
-IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
-MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
-y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
-5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/s_apps.h b/crypto/openssl/apps/s_apps.h
deleted file mode 100644
index ff18a72fe078..000000000000
--- a/crypto/openssl/apps/s_apps.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/* apps/s_apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <sys/types.h>
-#include <openssl/opensslconf.h>
-
-#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
-/* VAX C does not defined fd_set and friends, but it's actually quite simple */
-/* These definitions are borrowed from SOCKETSHR.	/Richard Levitte */
-#define MAX_NOFILE	32
-#define	NBBY		 8		/* number of bits in a byte	*/
-
-#ifndef	FD_SETSIZE
-#define	FD_SETSIZE	MAX_NOFILE
-#endif	/* FD_SETSIZE */
-
-/* How many things we'll allow select to use. 0 if unlimited */
-#define MAXSELFD	MAX_NOFILE
-typedef int	fd_mask;	/* int here! VMS prototypes int, not long */
-#define NFDBITS	(sizeof(fd_mask) * NBBY)	/* bits per mask (power of 2!)*/
-#define NFDSHIFT 5				/* Shift based on above */
-
-typedef fd_mask fd_set;
-#define	FD_SET(n, p)	(*(p) |= (1 << ((n) % NFDBITS)))
-#define	FD_CLR(n, p)	(*(p) &= ~(1 << ((n) % NFDBITS)))
-#define	FD_ISSET(n, p)	(*(p) & (1 << ((n) % NFDBITS)))
-#define FD_ZERO(p)	memset((char *)(p), 0, sizeof(*(p)))
-#endif
-
-#define PORT            4433
-#define PORT_STR        "4433"
-#define PROTOCOL        "tcp"
-
-int do_server(int port, int *ret, int (*cb) (), char *context);
-#ifdef HEADER_X509_H
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
-#endif
-#ifdef HEADER_SSL_H
-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
-#endif
-int init_client(int *sock, char *server, int port);
-int should_retry(int i);
-int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-
-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
-	int argi, long argl, long ret);
-
-#ifdef HEADER_SSL_H
-void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
-#endif
diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c
deleted file mode 100644
index 675527df1fc5..000000000000
--- a/crypto/openssl/apps/s_cb.c
+++ /dev/null
@@ -1,549 +0,0 @@
-/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-#undef USE_SOCKETS
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include "s_apps.h"
-
-int verify_depth=0;
-int verify_error=X509_V_OK;
-
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	char buf[256];
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
-
-	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,sizeof buf);
-	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-		if (verify_depth >= depth)
-			{
-			ok=1;
-			verify_error=X509_V_OK;
-			}
-		else
-			{
-			ok=0;
-			verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
-			}
-		}
-	switch (ctx->error)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,sizeof buf);
-		BIO_printf(bio_err,"issuer= %s\n",buf);
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-		}
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
-
-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
-	{
-	if (cert_file != NULL)
-		{
-		/*
-		SSL *ssl;
-		X509 *x509;
-		*/
-
-		if (SSL_CTX_use_certificate_file(ctx,cert_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-		if (key_file == NULL) key_file=cert_file;
-		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-
-		/*
-		In theory this is no longer needed 
-		ssl=SSL_new(ctx);
-		x509=SSL_get_certificate(ssl);
-
-		if (x509 != NULL) {
-			EVP_PKEY *pktmp;
-			pktmp = X509_get_pubkey(x509);
-			EVP_PKEY_copy_parameters(pktmp,
-						SSL_get_privatekey(ssl));
-			EVP_PKEY_free(pktmp);
-		}
-		SSL_free(ssl);
-		*/
-
-		/* If we are using DSA, we can copy the parameters from
-		 * the private key */
-		
-		
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-		if (!SSL_CTX_check_private_key(ctx))
-			{
-			BIO_printf(bio_err,"Private key does not match the certificate public key\n");
-			return(0);
-			}
-		}
-	return(1);
-	}
-
-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
-	     long argl, long ret)
-	{
-	BIO *out;
-
-	out=(BIO *)BIO_get_callback_arg(bio);
-	if (out == NULL) return(ret);
-
-	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-			bio,argp,argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		return(ret);
-		}
-	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-			bio,argp,argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		}
-	return(ret);
-	}
-
-void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
-	{
-	char *str;
-	int w;
-
-	w=where& ~SSL_ST_MASK;
-
-	if (w & SSL_ST_CONNECT) str="SSL_connect";
-	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-	else str="undefined";
-
-	if (where & SSL_CB_LOOP)
-		{
-		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
-		}
-	else if (where & SSL_CB_ALERT)
-		{
-		str=(where & SSL_CB_READ)?"read":"write";
-		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
-			str,
-			SSL_alert_type_string_long(ret),
-			SSL_alert_desc_string_long(ret));
-		}
-	else if (where & SSL_CB_EXIT)
-		{
-		if (ret == 0)
-			BIO_printf(bio_err,"%s:failed in %s\n",
-				str,SSL_state_string_long(s));
-		else if (ret < 0)
-			{
-			BIO_printf(bio_err,"%s:error in %s\n",
-				str,SSL_state_string_long(s));
-			}
-		}
-	}
-
-
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
-	{
-	BIO *bio = arg;
-	const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
-	
-	str_write_p = write_p ? ">>>" : "<<<";
-
-	switch (version)
-		{
-	case SSL2_VERSION:
-		str_version = "SSL 2.0";
-		break;
-	case SSL3_VERSION:
-		str_version = "SSL 3.0 ";
-		break;
-	case TLS1_VERSION:
-		str_version = "TLS 1.0 ";
-		break;
-	default:
-		str_version = "???";
-		}
-
-	if (version == SSL2_VERSION)
-		{
-		str_details1 = "???";
-
-		if (len > 0)
-			{
-			switch (((unsigned char*)buf)[0])
-				{
-				case 0:
-					str_details1 = ", ERROR:";
-					str_details2 = " ???";
-					if (len >= 3)
-						{
-						unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2];
-						
-						switch (err)
-							{
-						case 0x0001:
-							str_details2 = " NO-CIPHER-ERROR";
-							break;
-						case 0x0002:
-							str_details2 = " NO-CERTIFICATE-ERROR";
-							break;
-						case 0x0004:
-							str_details2 = " BAD-CERTIFICATE-ERROR";
-							break;
-						case 0x0006:
-							str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-							break;
-							}
-						}
-
-					break;
-				case 1:
-					str_details1 = ", CLIENT-HELLO";
-					break;
-				case 2:
-					str_details1 = ", CLIENT-MASTER-KEY";
-					break;
-				case 3:
-					str_details1 = ", CLIENT-FINISHED";
-					break;
-				case 4:
-					str_details1 = ", SERVER-HELLO";
-					break;
-				case 5:
-					str_details1 = ", SERVER-VERIFY";
-					break;
-				case 6:
-					str_details1 = ", SERVER-FINISHED";
-					break;
-				case 7:
-					str_details1 = ", REQUEST-CERTIFICATE";
-					break;
-				case 8:
-					str_details1 = ", CLIENT-CERTIFICATE";
-					break;
-				}
-			}
-		}
-
-	if (version == SSL3_VERSION || version == TLS1_VERSION)
-		{
-		switch (content_type)
-			{
-		case 20:
-			str_content_type = "ChangeCipherSpec";
-			break;
-		case 21:
-			str_content_type = "Alert";
-			break;
-		case 22:
-			str_content_type = "Handshake";
-			break;
-			}
-
-		if (content_type == 21) /* Alert */
-			{
-			str_details1 = ", ???";
-			
-			if (len == 2)
-				{
-				switch (((unsigned char*)buf)[0])
-					{
-				case 1:
-					str_details1 = ", warning";
-					break;
-				case 2:
-					str_details1 = ", fatal";
-					break;
-					}
-
-				str_details2 = " ???";
-				switch (((unsigned char*)buf)[1])
-					{
-				case 0:
-					str_details2 = " close_notify";
-					break;
-				case 10:
-					str_details2 = " unexpected_message";
-					break;
-				case 20:
-					str_details2 = " bad_record_mac";
-					break;
-				case 21:
-					str_details2 = " decryption_failed";
-					break;
-				case 22:
-					str_details2 = " record_overflow";
-					break;
-				case 30:
-					str_details2 = " decompression_failure";
-					break;
-				case 40:
-					str_details2 = " handshake_failure";
-					break;
-				case 42:
-					str_details2 = " bad_certificate";
-					break;
-				case 43:
-					str_details2 = " unsupported_certificate";
-					break;
-				case 44:
-					str_details2 = " certificate_revoked";
-					break;
-				case 45:
-					str_details2 = " certificate_expired";
-					break;
-				case 46:
-					str_details2 = " certificate_unknown";
-					break;
-				case 47:
-					str_details2 = " illegal_parameter";
-					break;
-				case 48:
-					str_details2 = " unknown_ca";
-					break;
-				case 49:
-					str_details2 = " access_denied";
-					break;
-				case 50:
-					str_details2 = " decode_error";
-					break;
-				case 51:
-					str_details2 = " decrypt_error";
-					break;
-				case 60:
-					str_details2 = " export_restriction";
-					break;
-				case 70:
-					str_details2 = " protocol_version";
-					break;
-				case 71:
-					str_details2 = " insufficient_security";
-					break;
-				case 80:
-					str_details2 = " internal_error";
-					break;
-				case 90:
-					str_details2 = " user_canceled";
-					break;
-				case 100:
-					str_details2 = " no_renegotiation";
-					break;
-					}
-				}
-			}
-		
-		if (content_type == 22) /* Handshake */
-			{
-			str_details1 = "???";
-
-			if (len > 0)
-				{
-				switch (((unsigned char*)buf)[0])
-					{
-				case 0:
-					str_details1 = ", HelloRequest";
-					break;
-				case 1:
-					str_details1 = ", ClientHello";
-					break;
-				case 2:
-					str_details1 = ", ServerHello";
-					break;
-				case 11:
-					str_details1 = ", Certificate";
-					break;
-				case 12:
-					str_details1 = ", ServerKeyExchange";
-					break;
-				case 13:
-					str_details1 = ", CertificateRequest";
-					break;
-				case 14:
-					str_details1 = ", ServerHelloDone";
-					break;
-				case 15:
-					str_details1 = ", CertificateVerify";
-					break;
-				case 16:
-					str_details1 = ", ClientKeyExchange";
-					break;
-				case 20:
-					str_details1 = ", Finished";
-					break;
-					}
-				}
-			}
-		}
-
-	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
-
-	if (len > 0)
-		{
-		size_t num, i;
-		
-		BIO_printf(bio, "   ");
-		num = len;
-#if 0
-		if (num > 16)
-			num = 16;
-#endif
-		for (i = 0; i < num; i++)
-			{
-			if (i % 16 == 0 && i > 0)
-				BIO_printf(bio, "\n   ");
-			BIO_printf(bio, " %02x", ((unsigned char*)buf)[i]);
-			}
-		if (i < len)
-			BIO_printf(bio, " ...");
-		BIO_printf(bio, "\n");
-		}
-	BIO_flush(bio);
-	}
diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c
deleted file mode 100644
index 2e73f34676ff..000000000000
--- a/crypto/openssl/apps/s_client.c
+++ /dev/null
@@ -1,1052 +0,0 @@
-/* apps/s_client.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/e_os2.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#define USE_SOCKETS
-#include "apps.h"
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#include "s_apps.h"
-
-#ifdef OPENSSL_SYS_WINDOWS
-#include <conio.h>
-#endif
-
-#ifdef OPENSSL_SYS_WINCE
-/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
-#ifdef fileno
-#undef fileno
-#endif
-#define fileno(a) (int)_fileno(a)
-#endif
-
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-#undef PROG
-#define PROG	s_client_main
-
-/*#define SSL_HOST_NAME	"www.netscape.com" */
-/*#define SSL_HOST_NAME	"193.118.187.102" */
-#define SSL_HOST_NAME	"localhost"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*8
-
-extern int verify_depth;
-extern int verify_error;
-
-#ifdef FIONBIO
-static int c_nbio=0;
-#endif
-static int c_Pause=0;
-static int c_debug=0;
-static int c_msg=0;
-static int c_showcerts=0;
-
-static void sc_usage(void);
-static void print_stuff(BIO *berr,SSL *con,int full);
-static BIO *bio_c_out=NULL;
-static int c_quiet=0;
-static int c_ign_eof=0;
-
-static void sc_usage(void)
-	{
-	BIO_printf(bio_err,"usage: s_client args\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -host host     - use -connect instead\n");
-	BIO_printf(bio_err," -port port     - use -connect instead\n");
-	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
-
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
-	BIO_printf(bio_err," -key arg      - Private key file to use, PEM format assumed, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified but cert file is.\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
-	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
-	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
-	BIO_printf(bio_err," -debug        - extra output\n");
-	BIO_printf(bio_err," -msg          - Show protocol messages\n");
-	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
-	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
-	BIO_printf(bio_err," -quiet        - no s_client output\n");
-	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
-	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
-	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
-	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
-	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
-	BIO_printf(bio_err,"                 command to see what is available\n");
-	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
-	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
-	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-	BIO_printf(bio_err,"                 only \"smtp\" is supported.\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
-#endif
-	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int off=0;
-	SSL *con=NULL,*con2=NULL;
-	X509_STORE *store = NULL;
-	int s,k,width,state=0;
-	char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
-	int cbuf_len,cbuf_off;
-	int sbuf_len,sbuf_off;
-	fd_set readfds,writefds;
-	short port=PORT;
-	int full_log=1;
-	char *host=SSL_HOST_NAME;
-	char *cert_file=NULL,*key_file=NULL;
-	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
-	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-	int crlf=0;
-	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
-	SSL_CTX *ctx=NULL;
-	int ret=1,in_init=1,i,nbio_test=0;
-	int smtp_starttls = 0;
-	int prexit = 0, vflags = 0;
-	SSL_METHOD *meth=NULL;
-	BIO *sbio;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine_id=NULL;
-	ENGINE *e=NULL;
-#endif
-#ifdef OPENSSL_SYS_WINDOWS
-	struct timeval tv;
-#endif
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_client_method();
-#endif
-
-	apps_startup();
-	c_Pause=0;
-	c_quiet=0;
-	c_ign_eof=0;
-	c_debug=0;
-	c_msg=0;
-	c_showcerts=0;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	if (	((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
-		((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
-		((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL))
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-
-	verify_depth=0;
-	verify_error=X509_V_OK;
-#ifdef FIONBIO
-	c_nbio=0;
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-host") == 0)
-			{
-			if (--argc < 1) goto bad;
-			host= *(++argv);
-			}
-		else if	(strcmp(*argv,"-port") == 0)
-			{
-			if (--argc < 1) goto bad;
-			port=atoi(*(++argv));
-			if (port == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-connect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_host_port(*(++argv),&host,NULL,&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			verify=SSL_VERIFY_PEER;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-crl_check") == 0)
-			vflags |= X509_V_FLAG_CRL_CHECK;
-		else if	(strcmp(*argv,"-crl_check_all") == 0)
-			vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
-		else if	(strcmp(*argv,"-prexit") == 0)
-			prexit=1;
-		else if	(strcmp(*argv,"-crlf") == 0)
-			crlf=1;
-		else if	(strcmp(*argv,"-quiet") == 0)
-			{
-			c_quiet=1;
-			c_ign_eof=1;
-			}
-		else if	(strcmp(*argv,"-ign_eof") == 0)
-			c_ign_eof=1;
-		else if	(strcmp(*argv,"-pause") == 0)
-			c_Pause=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			c_debug=1;
-		else if	(strcmp(*argv,"-msg") == 0)
-			c_msg=1;
-		else if	(strcmp(*argv,"-showcerts") == 0)
-			c_showcerts=1;
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			nbio_test=1;
-		else if	(strcmp(*argv,"-state") == 0)
-			state=1;
-#ifndef OPENSSL_NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef OPENSSL_NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-		else if (strcmp(*argv,"-bugs") == 0)
-			bugs=1;
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			{
-			reconnect=5;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-no_tls1") == 0)
-			off|=SSL_OP_NO_TLSv1;
-		else if (strcmp(*argv,"-no_ssl3") == 0)
-			off|=SSL_OP_NO_SSLv3;
-		else if (strcmp(*argv,"-no_ssl2") == 0)
-			off|=SSL_OP_NO_SSLv2;
-		else if (strcmp(*argv,"-serverpref") == 0)
-			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-#ifdef FIONBIO
-		else if (strcmp(*argv,"-nbio") == 0)
-			{ c_nbio=1; }
-#endif
-		else if	(strcmp(*argv,"-starttls") == 0)
-			{
-			if (--argc < 1) goto bad;
-			++argv;
-			if (strcmp(*argv,"smtp") == 0)
-				smtp_starttls = 1;
-			else
-				goto bad;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if	(strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine_id = *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sc_usage();
-		goto end;
-		}
-
-	OpenSSL_add_ssl_algorithms();
-	SSL_load_error_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine_id, 1);
-#endif
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	if (bio_c_out == NULL)
-		{
-		if (c_quiet && !c_debug && !c_msg)
-			{
-			bio_c_out=BIO_new(BIO_s_null());
-			}
-		else
-			{
-			if (bio_c_out == NULL)
-				bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-			}
-		}
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (bugs)
-		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
-	else
-		SSL_CTX_set_options(ctx,off);
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-	if (cipher != NULL)
-		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-		BIO_printf(bio_err,"error setting cipher list\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-#if 0
-	else
-		SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
-#endif
-
-	SSL_CTX_set_verify(ctx,verify,verify_callback);
-	if (!set_cert_stuff(ctx,cert_file,key_file))
-		goto end;
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	store = SSL_CTX_get_cert_store(ctx);
-	X509_STORE_set_flags(store, vflags);
-
-	con=SSL_new(ctx);
-#ifndef OPENSSL_NO_KRB5
-	if (con  &&  (con->kssl_ctx = kssl_ctx_new()) != NULL)
-                {
-                kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host);
-		}
-#endif	/* OPENSSL_NO_KRB5  */
-/*	SSL_set_cipher_list(con,"RC4-MD5"); */
-
-re_start:
-
-	if (init_client(&s,host,port) == 0)
-		{
-		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
-		SHUTDOWN(s);
-		goto end;
-		}
-	BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
-
-#ifdef FIONBIO
-	if (c_nbio)
-		{
-		unsigned long l=1;
-		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-#endif                                              
-	if (c_Pause & 0x01) con->debug=1;
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-	if (nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-
-	if (c_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(sbio,bio_dump_cb);
-		BIO_set_callback_arg(sbio,bio_c_out);
-		}
-	if (c_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_c_out);
-		}
-
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_connect_state(con);
-
-	/* ok, lets connect */
-	width=SSL_get_fd(con)+1;
-
-	read_tty=1;
-	write_tty=0;
-	tty_on=0;
-	read_ssl=1;
-	write_ssl=1;
-	
-	cbuf_len=0;
-	cbuf_off=0;
-	sbuf_len=0;
-	sbuf_off=0;
-
-	/* This is an ugly hack that does a lot of assumptions */
-	if (smtp_starttls)
-		{
-		BIO_read(sbio,mbuf,BUFSIZZ);
-		BIO_printf(sbio,"STARTTLS\r\n");
-		BIO_read(sbio,sbuf,BUFSIZZ);
-		}
-
-	for (;;)
-		{
-		FD_ZERO(&readfds);
-		FD_ZERO(&writefds);
-
-		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
-			{
-			in_init=1;
-			tty_on=0;
-			}
-		else
-			{
-			tty_on=1;
-			if (in_init)
-				{
-				in_init=0;
-				print_stuff(bio_c_out,con,full_log);
-				if (full_log > 0) full_log--;
-
-				if (smtp_starttls)
-					{
-					BIO_printf(bio_err,"%s",mbuf);
-					/* We don't need to know any more */
-					smtp_starttls = 0;
-					}
-
-				if (reconnect)
-					{
-					reconnect--;
-					BIO_printf(bio_c_out,"drop connection and then reconnect\n");
-					SSL_shutdown(con);
-					SSL_set_connect_state(con);
-					SHUTDOWN(SSL_get_fd(con));
-					goto re_start;
-					}
-				}
-			}
-
-		ssl_pending = read_ssl && SSL_pending(con);
-
-		if (!ssl_pending)
-			{
-#ifndef OPENSSL_SYS_WINDOWS
-			if (tty_on)
-				{
-				if (read_tty)  FD_SET(fileno(stdin),&readfds);
-				if (write_tty) FD_SET(fileno(stdout),&writefds);
-				}
-			if (read_ssl)
-				FD_SET(SSL_get_fd(con),&readfds);
-			if (write_ssl)
-				FD_SET(SSL_get_fd(con),&writefds);
-#else
-			if(!tty_on || !write_tty) {
-				if (read_ssl)
-					FD_SET(SSL_get_fd(con),&readfds);
-				if (write_ssl)
-					FD_SET(SSL_get_fd(con),&writefds);
-			}
-#endif
-/*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
-				tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
-
-			/* Note: under VMS with SOCKETSHR the second parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-#ifdef OPENSSL_SYS_WINDOWS
-			/* Under Windows we make the assumption that we can
-			 * always write to the tty: therefore if we need to
-			 * write to the tty we just fall through. Otherwise
-			 * we timeout the select every second and see if there
-			 * are any keypresses. Note: this is a hack, in a proper
-			 * Windows application we wouldn't do this.
-			 */
-			i=0;
-			if(!write_tty) {
-				if(read_tty) {
-					tv.tv_sec = 1;
-					tv.tv_usec = 0;
-					i=select(width,(void *)&readfds,(void *)&writefds,
-						 NULL,&tv);
-#ifdef OPENSSL_SYS_WINCE
-					if(!i && (!_kbhit() || !read_tty) ) continue;
-#else
-					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
-#endif
-				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					 NULL,NULL);
-			}
-#else
-			i=select(width,(void *)&readfds,(void *)&writefds,
-				 NULL,NULL);
-#endif
-			if ( i < 0)
-				{
-				BIO_printf(bio_err,"bad select %d\n",
-				get_last_socket_error());
-				goto shut;
-				/* goto end; */
-				}
-			}
-
-		if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
-			{
-			k=SSL_write(con,&(cbuf[cbuf_off]),
-				(unsigned int)cbuf_len);
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				cbuf_off+=k;
-				cbuf_len-=k;
-				if (k <= 0) goto end;
-				/* we have done a  write(con,NULL,0); */
-				if (cbuf_len <= 0)
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				else /* if (cbuf_len > 0) */
-					{
-					read_tty=0;
-					write_ssl=1;
-					}
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"write W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"write R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				write_ssl=0;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"write X BLOCK\n");
-				break;
-			case SSL_ERROR_ZERO_RETURN:
-				if (cbuf_len != 0)
-					{
-					BIO_printf(bio_c_out,"shutdown\n");
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					break;
-					}
-				
-			case SSL_ERROR_SYSCALL:
-				if ((k != 0) || (cbuf_len != 0))
-					{
-					BIO_printf(bio_err,"write:errno=%d\n",
-						get_last_socket_error());
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				break;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				}
-			}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-		/* Assume Windows/DOS can always write */
-		else if (!ssl_pending && write_tty)
-#else
-		else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
-#endif
-			{
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
-#endif
-			i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
-
-			if (i <= 0)
-				{
-				BIO_printf(bio_c_out,"DONE\n");
-				goto shut;
-				/* goto end; */
-				}
-
-			sbuf_len-=i;;
-			sbuf_off+=i;
-			if (sbuf_len <= 0)
-				{
-				read_ssl=1;
-				write_tty=0;
-				}
-			}
-		else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
-			{
-#ifdef RENEG
-{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
-#endif
-#if 1
-			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
-#else
-/* Demo for pending and peek :-) */
-			k=SSL_read(con,sbuf,16);
-{ char zbuf[10240]; 
-printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
-}
-#endif
-
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				if (k <= 0)
-					goto end;
-				sbuf_off=0;
-				sbuf_len=k;
-
-				read_ssl=0;
-				write_tty=1;
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"read W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"read R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				if ((read_tty == 0) && (write_ssl == 0))
-					write_ssl=1;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"read X BLOCK\n");
-				break;
-			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
-				goto shut;
-			case SSL_ERROR_ZERO_RETURN:
-				BIO_printf(bio_c_out,"closed\n");
-				goto shut;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				/* break; */
-				}
-			}
-
-#ifdef OPENSSL_SYS_WINDOWS
-#ifdef OPENSSL_SYS_WINCE
-		else if (_kbhit())
-#else
-		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
-#endif
-#else
-		else if (FD_ISSET(fileno(stdin),&readfds))
-#endif
-			{
-			if (crlf)
-				{
-				int j, lf_num;
-
-				i=read(fileno(stdin),cbuf,BUFSIZZ/2);
-				lf_num = 0;
-				/* both loops are skipped when i <= 0 */
-				for (j = 0; j < i; j++)
-					if (cbuf[j] == '\n')
-						lf_num++;
-				for (j = i-1; j >= 0; j--)
-					{
-					cbuf[j+lf_num] = cbuf[j];
-					if (cbuf[j] == '\n')
-						{
-						lf_num--;
-						i++;
-						cbuf[j+lf_num] = '\r';
-						}
-					}
-				assert(lf_num == 0);
-				}
-			else
-				i=read(fileno(stdin),cbuf,BUFSIZZ);
-
-			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
-				{
-				BIO_printf(bio_err,"DONE\n");
-				goto shut;
-				}
-
-			if ((!c_ign_eof) && (cbuf[0] == 'R'))
-				{
-				BIO_printf(bio_err,"RENEGOTIATING\n");
-				SSL_renegotiate(con);
-				cbuf_len=0;
-				}
-			else
-				{
-				cbuf_len=i;
-				cbuf_off=0;
-#ifdef CHARSET_EBCDIC
-				ebcdic2ascii(cbuf, cbuf, i);
-#endif
-				}
-
-			write_ssl=1;
-			read_tty=0;
-			}
-		}
-shut:
-	SSL_shutdown(con);
-	SHUTDOWN(SSL_get_fd(con));
-	ret=0;
-end:
-	if(prexit) print_stuff(bio_c_out,con,1);
-	if (con != NULL) SSL_free(con);
-	if (con2 != NULL) SSL_free(con2);
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
-	if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
-	if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
-	if (bio_c_out != NULL)
-		{
-		BIO_free(bio_c_out);
-		bio_c_out=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-
-static void print_stuff(BIO *bio, SSL *s, int full)
-	{
-	X509 *peer=NULL;
-	char *p;
-	static char *space="                ";
-	char buf[BUFSIZ];
-	STACK_OF(X509) *sk;
-	STACK_OF(X509_NAME) *sk2;
-	SSL_CIPHER *c;
-	X509_NAME *xn;
-	int j,i;
-
-	if (full)
-		{
-		int got_a_chain = 0;
-
-		sk=SSL_get_peer_cert_chain(s);
-		if (sk != NULL)
-			{
-			got_a_chain = 1; /* we don't have it for SSL2 (yet) */
-
-			BIO_printf(bio,"---\nCertificate chain\n");
-			for (i=0; i<sk_X509_num(sk); i++)
-				{
-				X509_NAME_oneline(X509_get_subject_name(
-					sk_X509_value(sk,i)),buf,sizeof buf);
-				BIO_printf(bio,"%2d s:%s\n",i,buf);
-				X509_NAME_oneline(X509_get_issuer_name(
-					sk_X509_value(sk,i)),buf,sizeof buf);
-				BIO_printf(bio,"   i:%s\n",buf);
-				if (c_showcerts)
-					PEM_write_bio_X509(bio,sk_X509_value(sk,i));
-				}
-			}
-
-		BIO_printf(bio,"---\n");
-		peer=SSL_get_peer_certificate(s);
-		if (peer != NULL)
-			{
-			BIO_printf(bio,"Server certificate\n");
-			if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
-				PEM_write_bio_X509(bio,peer);
-			X509_NAME_oneline(X509_get_subject_name(peer),
-				buf,sizeof buf);
-			BIO_printf(bio,"subject=%s\n",buf);
-			X509_NAME_oneline(X509_get_issuer_name(peer),
-				buf,sizeof buf);
-			BIO_printf(bio,"issuer=%s\n",buf);
-			}
-		else
-			BIO_printf(bio,"no peer certificate available\n");
-
-		sk2=SSL_get_client_CA_list(s);
-		if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0))
-			{
-			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
-			for (i=0; i<sk_X509_NAME_num(sk2); i++)
-				{
-				xn=sk_X509_NAME_value(sk2,i);
-				X509_NAME_oneline(xn,buf,sizeof(buf));
-				BIO_write(bio,buf,strlen(buf));
-				BIO_write(bio,"\n",1);
-				}
-			}
-		else
-			{
-			BIO_printf(bio,"---\nNo client certificate CA names sent\n");
-			}
-		p=SSL_get_shared_ciphers(s,buf,sizeof buf);
-		if (p != NULL)
-			{
-			/* This works only for SSL 2.  In later protocol
-			 * versions, the client does not know what other
-			 * ciphers (in addition to the one to be used
-			 * in the current connection) the server supports. */
-
-			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
-			j=i=0;
-			while (*p)
-				{
-				if (*p == ':')
-					{
-					BIO_write(bio,space,15-j%25);
-					i++;
-					j=0;
-					BIO_write(bio,((i%3)?" ":"\n"),1);
-					}
-				else
-					{
-					BIO_write(bio,p,1);
-					j++;
-					}
-				p++;
-				}
-			BIO_write(bio,"\n",1);
-			}
-
-		BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
-			BIO_number_read(SSL_get_rbio(s)),
-			BIO_number_written(SSL_get_wbio(s)));
-		}
-	BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
-	c=SSL_get_current_cipher(s);
-	BIO_printf(bio,"%s, Cipher is %s\n",
-		SSL_CIPHER_get_version(c),
-		SSL_CIPHER_get_name(c));
-	if (peer != NULL) {
-		EVP_PKEY *pktmp;
-		pktmp = X509_get_pubkey(peer);
-		BIO_printf(bio,"Server public key is %d bit\n",
-							 EVP_PKEY_bits(pktmp));
-		EVP_PKEY_free(pktmp);
-	}
-	SSL_SESSION_print(bio,SSL_get_session(s));
-	BIO_printf(bio,"---\n");
-	if (peer != NULL)
-		X509_free(peer);
-	/* flush, or debugging output gets mixed with http response */
-	BIO_flush(bio);
-	}
-
diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c
deleted file mode 100644
index 5157aae4d19c..000000000000
--- a/crypto/openssl/apps/s_server.c
+++ /dev/null
@@ -1,1734 +0,0 @@
-/* apps/s_server.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <openssl/e_os2.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#include <openssl/lhash.h>
-#include <openssl/bn.h>
-#define USE_SOCKETS
-#include "apps.h"
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/rand.h>
-#include "s_apps.h"
-
-#ifdef OPENSSL_SYS_WINDOWS
-#include <conio.h>
-#endif
-
-#ifdef OPENSSL_SYS_WINCE
-/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
-#ifdef fileno
-#undef fileno
-#endif
-#define fileno(a) (int)_fileno(a)
-#endif
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
-#endif
-static int sv_body(char *hostname, int s, unsigned char *context);
-static int www_body(char *hostname, int s, unsigned char *context);
-static void close_accept_socket(void );
-static void sv_usage(void);
-static int init_ssl_connection(SSL *s);
-static void print_stats(BIO *bp,SSL_CTX *ctx);
-static int generate_session_id(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len);
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(char *dhfile);
-static DH *get_dh512(void);
-#endif
-#ifdef MONOLITH
-static void s_server_init(void);
-#endif
-
-#ifndef S_ISDIR
-# if defined(_S_IFMT) && defined(_S_IFDIR)
-#  define S_ISDIR(a)	(((a) & _S_IFMT) == _S_IFDIR)
-# else
-#  define S_ISDIR(a)	(((a) & S_IFMT) == S_IFDIR)
-# endif
-#endif
-
-#ifndef OPENSSL_NO_DH
-static unsigned char dh512_p[]={
-	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
-	0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
-	0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
-	0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
-	0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
-	0x47,0x74,0xE8,0x33,
-	};
-static unsigned char dh512_g[]={
-	0x02,
-	};
-
-static DH *get_dh512(void)
-	{
-	DH *dh=NULL;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		return(NULL);
-	return(dh);
-	}
-#endif
-
-/* static int load_CA(SSL_CTX *ctx, char *file);*/
-
-#undef BUFSIZZ
-#define BUFSIZZ	16*1024
-static int bufsize=BUFSIZZ;
-static int accept_socket= -1;
-
-#define TEST_CERT	"server.pem"
-#undef PROG
-#define PROG		s_server_main
-
-extern int verify_depth;
-
-static char *cipher=NULL;
-static int s_server_verify=SSL_VERIFY_NONE;
-static int s_server_session_id_context = 1; /* anything will do */
-static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
-static char *s_dcert_file=NULL,*s_dkey_file=NULL;
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-static int s_nbio_test=0;
-int s_crlf=0;
-static SSL_CTX *ctx=NULL;
-static int www=0;
-
-static BIO *bio_s_out=NULL;
-static int s_debug=0;
-static int s_msg=0;
-static int s_quiet=0;
-
-static int hack=0;
-#ifndef OPENSSL_NO_ENGINE
-static char *engine_id=NULL;
-#endif
-static const char *session_id_prefix=NULL;
-
-#ifdef MONOLITH
-static void s_server_init(void)
-	{
-	accept_socket=-1;
-	cipher=NULL;
-	s_server_verify=SSL_VERIFY_NONE;
-	s_dcert_file=NULL;
-	s_dkey_file=NULL;
-	s_cert_file=TEST_CERT;
-	s_key_file=NULL;
-#ifdef FIONBIO
-	s_nbio=0;
-#endif
-	s_nbio_test=0;
-	ctx=NULL;
-	www=0;
-
-	bio_s_out=NULL;
-	s_debug=0;
-	s_msg=0;
-	s_quiet=0;
-	hack=0;
-#ifndef OPENSSL_NO_ENGINE
-	engine_id=NULL;
-#endif
-	}
-#endif
-
-static void sv_usage(void)
-	{
-	BIO_printf(bio_err,"usage: s_server [args ...]\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -accept arg   - port to accept on (default is %d)\n",PORT);
-	BIO_printf(bio_err," -context arg  - set session ID context\n");
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
-	BIO_printf(bio_err,"                 (default is %s)\n",TEST_CERT);
-	BIO_printf(bio_err," -key arg      - Private Key file to use, PEM format assumed, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT);
-	BIO_printf(bio_err," -dcert arg    - second certificate file to use (usually for DSA)\n");
-	BIO_printf(bio_err," -dkey arg     - second private key file to use (usually for DSA)\n");
-	BIO_printf(bio_err," -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
-	BIO_printf(bio_err,"                 or a default set of parameters is used\n");
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -nbio_test    - test with the non-blocking test bio\n");
-	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
-	BIO_printf(bio_err," -debug        - Print more output\n");
-	BIO_printf(bio_err," -msg          - Show protocol messages\n");
-	BIO_printf(bio_err," -state        - Print the SSL states\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -nocert       - Don't use any certificates (Anon-DH)\n");
-	BIO_printf(bio_err," -cipher arg   - play with 'openssl ciphers' to see what goes here\n");
-	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences\n");
-	BIO_printf(bio_err," -quiet        - No server output\n");
-	BIO_printf(bio_err," -no_tmp_rsa   - Do not generate a tmp RSA key\n");
-	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
-	BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
-	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
-	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
-	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
-#ifndef OPENSSL_NO_DH
-	BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
-#endif
-	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatibility\n");
-	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
-	BIO_printf(bio_err," -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
-	BIO_printf(bio_err," -HTTP         - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
-        BIO_printf(bio_err,"                 with the assumption it contains a complete HTTP response.\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
-#endif
-	BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
-	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-	}
-
-static int local_argc=0;
-static char **local_argv;
-
-#ifdef CHARSET_EBCDIC
-static int ebcdic_new(BIO *bi);
-static int ebcdic_free(BIO *a);
-static int ebcdic_read(BIO *b, char *out, int outl);
-static int ebcdic_write(BIO *b, const char *in, int inl);
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
-static int ebcdic_gets(BIO *bp, char *buf, int size);
-static int ebcdic_puts(BIO *bp, const char *str);
-
-#define BIO_TYPE_EBCDIC_FILTER	(18|0x0200)
-static BIO_METHOD methods_ebcdic=
-	{
-	BIO_TYPE_EBCDIC_FILTER,
-	"EBCDIC/ASCII filter",
-	ebcdic_write,
-	ebcdic_read,
-	ebcdic_puts,
-	ebcdic_gets,
-	ebcdic_ctrl,
-	ebcdic_new,
-	ebcdic_free,
-	};
-
-typedef struct
-{
-	size_t	alloced;
-	char	buff[1];
-} EBCDIC_OUTBUFF;
-
-BIO_METHOD *BIO_f_ebcdic_filter()
-{
-	return(&methods_ebcdic);
-}
-
-static int ebcdic_new(BIO *bi)
-{
-	EBCDIC_OUTBUFF *wbuf;
-
-	wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
-	wbuf->alloced = 1024;
-	wbuf->buff[0] = '\0';
-
-	bi->ptr=(char *)wbuf;
-	bi->init=1;
-	bi->flags=0;
-	return(1);
-}
-
-static int ebcdic_free(BIO *a)
-{
-	if (a == NULL) return(0);
-	if (a->ptr != NULL)
-		OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-}
-	
-static int ebcdic_read(BIO *b, char *out, int outl)
-{
-	int ret=0;
-
-	if (out == NULL || outl == 0) return(0);
-	if (b->next_bio == NULL) return(0);
-
-	ret=BIO_read(b->next_bio,out,outl);
-	if (ret > 0)
-		ascii2ebcdic(out,out,ret);
-	return(ret);
-}
-
-static int ebcdic_write(BIO *b, const char *in, int inl)
-{
-	EBCDIC_OUTBUFF *wbuf;
-	int ret=0;
-	int num;
-	unsigned char n;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	if (b->next_bio == NULL) return(0);
-
-	wbuf=(EBCDIC_OUTBUFF *)b->ptr;
-
-	if (inl > (num = wbuf->alloced))
-	{
-		num = num + num;  /* double the size */
-		if (num < inl)
-			num = inl;
-		OPENSSL_free(wbuf);
-		wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
-
-		wbuf->alloced = num;
-		wbuf->buff[0] = '\0';
-
-		b->ptr=(char *)wbuf;
-	}
-
-	ebcdic2ascii(wbuf->buff, in, inl);
-
-	ret=BIO_write(b->next_bio, wbuf->buff, inl);
-
-	return(ret);
-}
-
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-	{
-	case BIO_CTRL_DUP:
-		ret=0L;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	}
-	return(ret);
-}
-
-static int ebcdic_gets(BIO *bp, char *buf, int size)
-{
-	int i, ret=0;
-	if (bp->next_bio == NULL) return(0);
-/*	return(BIO_gets(bp->next_bio,buf,size));*/
-	for (i=0; i<size-1; ++i)
-	{
-		ret = ebcdic_read(bp,&buf[i],1);
-		if (ret <= 0)
-			break;
-		else if (buf[i] == '\n')
-		{
-			++i;
-			break;
-		}
-	}
-	if (i < size)
-		buf[i] = '\0';
-	return (ret < 0 && i == 0) ? ret : i;
-}
-
-static int ebcdic_puts(BIO *bp, const char *str)
-{
-	if (bp->next_bio == NULL) return(0);
-	return ebcdic_write(bp, str, strlen(str));
-}
-#endif
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char *argv[])
-	{
-	X509_STORE *store = NULL;
-	int vflags = 0;
-	short port=PORT;
-	char *CApath=NULL,*CAfile=NULL;
-	char *context = NULL;
-	char *dhfile = NULL;
-	int badop=0,bugs=0;
-	int ret=1;
-	int off=0;
-	int no_tmp_rsa=0,no_dhe=0,nocert=0;
-	int state=0;
-	SSL_METHOD *meth=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e=NULL;
-#endif
-	char *inrand=NULL;
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_server_method();
-#endif
-
-	local_argc=argc;
-	local_argv=argv;
-
-	apps_startup();
-#ifdef MONOLITH
-	s_server_init();
-#endif
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	verify_depth=0;
-#ifdef FIONBIO
-	s_nbio=0;
-#endif
-	s_nbio_test=0;
-
-	argc--;
-	argv++;
-
-	while (argc >= 1)
-		{
-		if	((strcmp(*argv,"-port") == 0) ||
-			 (strcmp(*argv,"-accept") == 0))
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_port(*(++argv),&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-Verify") == 0)
-			{
-			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
-				SSL_VERIFY_CLIENT_ONCE;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-context") == 0)
-			{
-			if (--argc < 1) goto bad;
-			context= *(++argv);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-dhparam") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dhfile = *(++argv);
-			}
-		else if	(strcmp(*argv,"-dcert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dcert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-dkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dkey_file= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocert") == 0)
-			{
-			nocert=1;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if (strcmp(*argv,"-crl_check") == 0)
-			{
-			vflags |= X509_V_FLAG_CRL_CHECK;
-			}
-		else if (strcmp(*argv,"-crl_check") == 0)
-			{
-			vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
-			}
-		else if	(strcmp(*argv,"-serverpref") == 0)
-			{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-#ifdef FIONBIO	
-		else if	(strcmp(*argv,"-nbio") == 0)
-			{ s_nbio=1; }
-#endif
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			{
-#ifdef FIONBIO	
-			s_nbio=1;
-#endif
-			s_nbio_test=1;
-			}
-		else if	(strcmp(*argv,"-debug") == 0)
-			{ s_debug=1; }
-		else if	(strcmp(*argv,"-msg") == 0)
-			{ s_msg=1; }
-		else if	(strcmp(*argv,"-hack") == 0)
-			{ hack=1; }
-		else if	(strcmp(*argv,"-state") == 0)
-			{ state=1; }
-		else if	(strcmp(*argv,"-crlf") == 0)
-			{ s_crlf=1; }
-		else if	(strcmp(*argv,"-quiet") == 0)
-			{ s_quiet=1; }
-		else if	(strcmp(*argv,"-bugs") == 0)
-			{ bugs=1; }
-		else if	(strcmp(*argv,"-no_tmp_rsa") == 0)
-			{ no_tmp_rsa=1; }
-		else if	(strcmp(*argv,"-no_dhe") == 0)
-			{ no_dhe=1; }
-		else if	(strcmp(*argv,"-www") == 0)
-			{ www=1; }
-		else if	(strcmp(*argv,"-WWW") == 0)
-			{ www=2; }
-		else if	(strcmp(*argv,"-HTTP") == 0)
-			{ www=3; }
-		else if	(strcmp(*argv,"-no_ssl2") == 0)
-			{ off|=SSL_OP_NO_SSLv2; }
-		else if	(strcmp(*argv,"-no_ssl3") == 0)
-			{ off|=SSL_OP_NO_SSLv3; }
-		else if	(strcmp(*argv,"-no_tls1") == 0)
-			{ off|=SSL_OP_NO_TLSv1; }
-#ifndef OPENSSL_NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			{ meth=SSLv2_server_method(); }
-#endif
-#ifndef OPENSSL_NO_SSL3
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			{ meth=SSLv3_server_method(); }
-#endif
-#ifndef OPENSSL_NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			{ meth=TLSv1_server_method(); }
-#endif
-		else if (strcmp(*argv, "-id_prefix") == 0)
-			{
-			if (--argc < 1) goto bad;
-			session_id_prefix = *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine_id= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sv_usage();
-		goto end;
-		}
-
-	SSL_load_error_strings();
-	OpenSSL_add_ssl_algorithms();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine_id, 1);
-#endif
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	if (bio_s_out == NULL)
-		{
-		if (s_quiet && !s_debug && !s_msg)
-			{
-			bio_s_out=BIO_new(BIO_s_null());
-			}
-		else
-			{
-			if (bio_s_out == NULL)
-				bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-			}
-		}
-
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
-	if (nocert)
-#endif
-		{
-		s_cert_file=NULL;
-		s_key_file=NULL;
-		s_dcert_file=NULL;
-		s_dkey_file=NULL;
-		}
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (session_id_prefix)
-		{
-		if(strlen(session_id_prefix) >= 32)
-			BIO_printf(bio_err,
-"warning: id_prefix is too long, only one new session will be possible\n");
-		else if(strlen(session_id_prefix) >= 16)
-			BIO_printf(bio_err,
-"warning: id_prefix is too long if you use SSLv2\n");
-		if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id))
-			{
-			BIO_printf(bio_err,"error setting 'id_prefix'\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
-		}
-	SSL_CTX_set_quiet_shutdown(ctx,1);
-	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
-	if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
-	SSL_CTX_set_options(ctx,off);
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-
-	SSL_CTX_sess_set_cache_size(ctx,128);
-
-#if 0
-	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
-#endif
-
-#if 0
-	if (s_cert_file == NULL)
-		{
-		BIO_printf(bio_err,"You must specify a certificate file for the server to use\n");
-		goto end;
-		}
-#endif
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-	store = SSL_CTX_get_cert_store(ctx);
-	X509_STORE_set_flags(store, vflags);
-
-#ifndef OPENSSL_NO_DH
-	if (!no_dhe)
-		{
-		DH *dh=NULL;
-
-		if (dhfile)
-			dh = load_dh_param(dhfile);
-		else if (s_cert_file)
-			dh = load_dh_param(s_cert_file);
-
-		if (dh != NULL)
-			{
-			BIO_printf(bio_s_out,"Setting temp DH parameters\n");
-			}
-		else
-			{
-			BIO_printf(bio_s_out,"Using default temp DH parameters\n");
-			dh=get_dh512();
-			}
-		(void)BIO_flush(bio_s_out);
-
-		SSL_CTX_set_tmp_dh(ctx,dh);
-		DH_free(dh);
-		}
-#endif
-	
-	if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
-		goto end;
-	if (s_dcert_file != NULL)
-		{
-		if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
-			goto end;
-		}
-
-#ifndef OPENSSL_NO_RSA
-#if 1
-	if (!no_tmp_rsa)
-		SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
-#else
-	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
-		{
-		RSA *rsa;
-
-		BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key...");
-		BIO_flush(bio_s_out);
-
-		rsa=RSA_generate_key(512,RSA_F4,NULL);
-
-		if (!SSL_CTX_set_tmp_rsa(ctx,rsa))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		RSA_free(rsa);
-		BIO_printf(bio_s_out,"\n");
-		}
-#endif
-#endif
-
-	if (cipher != NULL)
-		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-		BIO_printf(bio_err,"error setting cipher list\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-	SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
-	SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
-		sizeof s_server_session_id_context);
-
-	if (CAfile != NULL)
-	    SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
-
-	BIO_printf(bio_s_out,"ACCEPT\n");
-	if (www)
-		do_server(port,&accept_socket,www_body, context);
-	else
-		do_server(port,&accept_socket,sv_body, context);
-	print_stats(bio_s_out,ctx);
-	ret=0;
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (bio_s_out != NULL)
-		{
-		BIO_free(bio_s_out);
-		bio_s_out=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
-	{
-	BIO_printf(bio,"%4ld items in the session cache\n",
-		SSL_CTX_sess_number(ssl_ctx));
-	BIO_printf(bio,"%4d client connects (SSL_connect())\n",
-		SSL_CTX_sess_connect(ssl_ctx));
-	BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n",
-		SSL_CTX_sess_connect_renegotiate(ssl_ctx));
-	BIO_printf(bio,"%4d client connects that finished\n",
-		SSL_CTX_sess_connect_good(ssl_ctx));
-	BIO_printf(bio,"%4d server accepts (SSL_accept())\n",
-		SSL_CTX_sess_accept(ssl_ctx));
-	BIO_printf(bio,"%4d server renegotiates (SSL_accept())\n",
-		SSL_CTX_sess_accept_renegotiate(ssl_ctx));
-	BIO_printf(bio,"%4d server accepts that finished\n",
-		SSL_CTX_sess_accept_good(ssl_ctx));
-	BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
-	BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
-	BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
-	BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
-	BIO_printf(bio,"%4d cache full overflows (%d allowed)\n",
-		SSL_CTX_sess_cache_full(ssl_ctx),
-		SSL_CTX_sess_get_cache_size(ssl_ctx));
-	}
-
-static int sv_body(char *hostname, int s, unsigned char *context)
-	{
-	char *buf=NULL;
-	fd_set readfds;
-	int ret=1,width;
-	int k,i;
-	unsigned long l;
-	SSL *con=NULL;
-	BIO *sbio;
-#ifdef OPENSSL_SYS_WINDOWS
-	struct timeval tv;
-#endif
-
-	if ((buf=OPENSSL_malloc(bufsize)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto err;
-		}
-#ifdef FIONBIO	
-	if (s_nbio)
-		{
-		unsigned long sl=1;
-
-		if (!s_quiet)
-			BIO_printf(bio_err,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
-			ERR_print_errors(bio_err);
-		}
-#endif
-
-	if (con == NULL) {
-		con=SSL_new(ctx);
-#ifndef OPENSSL_NO_KRB5
-		if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
-                        {
-                        kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE,
-								KRB5SVC);
-                        kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB,
-								KRB5KEYTAB);
-                        }
-#endif	/* OPENSSL_NO_KRB5 */
-		if(context)
-		      SSL_set_session_id_context(con, context,
-						 strlen((char *)context));
-	}
-	SSL_clear(con);
-
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-	if (s_nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_accept_state(con);
-	/* SSL_set_fd(con,s); */
-
-	if (s_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
-		}
-	if (s_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_s_out);
-		}
-
-	width=s+1;
-	for (;;)
-		{
-		int read_from_terminal;
-		int read_from_sslcon;
-
-		read_from_terminal = 0;
-		read_from_sslcon = SSL_pending(con);
-
-		if (!read_from_sslcon)
-			{
-			FD_ZERO(&readfds);
-#ifndef OPENSSL_SYS_WINDOWS
-			FD_SET(fileno(stdin),&readfds);
-#endif
-			FD_SET(s,&readfds);
-			/* Note: under VMS with SOCKETSHR the second parameter is
-			 * currently of type (int *) whereas under other systems
-			 * it is (void *) if you don't have a cast it will choke
-			 * the compiler: if you do have a cast then you can either
-			 * go for (int *) or (void *).
-			 */
-#ifdef OPENSSL_SYS_WINDOWS
-			/* Under Windows we can't select on stdin: only
-			 * on sockets. As a workaround we timeout the select every
-			 * second and check for any keypress. In a proper Windows
-			 * application we wouldn't do this because it is inefficient.
-			 */
-			tv.tv_sec = 1;
-			tv.tv_usec = 0;
-			i=select(width,(void *)&readfds,NULL,NULL,&tv);
-			if((i < 0) || (!i && !_kbhit() ) )continue;
-			if(_kbhit())
-				read_from_terminal = 1;
-#else
-			i=select(width,(void *)&readfds,NULL,NULL,NULL);
-			if (i <= 0) continue;
-			if (FD_ISSET(fileno(stdin),&readfds))
-				read_from_terminal = 1;
-#endif
-			if (FD_ISSET(s,&readfds))
-				read_from_sslcon = 1;
-			}
-		if (read_from_terminal)
-			{
-			if (s_crlf)
-				{
-				int j, lf_num;
-
-				i=read(fileno(stdin), buf, bufsize/2);
-				lf_num = 0;
-				/* both loops are skipped when i <= 0 */
-				for (j = 0; j < i; j++)
-					if (buf[j] == '\n')
-						lf_num++;
-				for (j = i-1; j >= 0; j--)
-					{
-					buf[j+lf_num] = buf[j];
-					if (buf[j] == '\n')
-						{
-						lf_num--;
-						i++;
-						buf[j+lf_num] = '\r';
-						}
-					}
-				assert(lf_num == 0);
-				}
-			else
-				i=read(fileno(stdin),buf,bufsize);
-			if (!s_quiet)
-				{
-				if ((i <= 0) || (buf[0] == 'Q'))
-					{
-					BIO_printf(bio_s_out,"DONE\n");
-					SHUTDOWN(s);
-					close_accept_socket();
-					ret= -11;
-					goto err;
-					}
-				if ((i <= 0) || (buf[0] == 'q'))
-					{
-					BIO_printf(bio_s_out,"DONE\n");
-					SHUTDOWN(s);
-	/*				close_accept_socket();
-					ret= -11;*/
-					goto err;
-					}
-				if ((buf[0] == 'r') && 
-					((buf[1] == '\n') || (buf[1] == '\r')))
-					{
-					SSL_renegotiate(con);
-					i=SSL_do_handshake(con);
-					printf("SSL_do_handshake -> %d\n",i);
-					i=0; /*13; */
-					continue;
-					/* strcpy(buf,"server side RE-NEGOTIATE\n"); */
-					}
-				if ((buf[0] == 'R') &&
-					((buf[1] == '\n') || (buf[1] == '\r')))
-					{
-					SSL_set_verify(con,
-						SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
-					SSL_renegotiate(con);
-					i=SSL_do_handshake(con);
-					printf("SSL_do_handshake -> %d\n",i);
-					i=0; /* 13; */
-					continue;
-					/* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */
-					}
-				if (buf[0] == 'P')
-					{
-					static char *str="Lets print some clear text\n";
-					BIO_write(SSL_get_wbio(con),str,strlen(str));
-					}
-				if (buf[0] == 'S')
-					{
-					print_stats(bio_s_out,SSL_get_SSL_CTX(con));
-					}
-				}
-#ifdef CHARSET_EBCDIC
-			ebcdic2ascii(buf,buf,i);
-#endif
-			l=k=0;
-			for (;;)
-				{
-				/* should do a select for the write */
-#ifdef RENEG
-{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } }
-#endif
-				k=SSL_write(con,&(buf[l]),(unsigned int)i);
-				switch (SSL_get_error(con,k))
-					{
-				case SSL_ERROR_NONE:
-					break;
-				case SSL_ERROR_WANT_WRITE:
-				case SSL_ERROR_WANT_READ:
-				case SSL_ERROR_WANT_X509_LOOKUP:
-					BIO_printf(bio_s_out,"Write BLOCK\n");
-					break;
-				case SSL_ERROR_SYSCALL:
-				case SSL_ERROR_SSL:
-					BIO_printf(bio_s_out,"ERROR\n");
-					ERR_print_errors(bio_err);
-					ret=1;
-					goto err;
-					/* break; */
-				case SSL_ERROR_ZERO_RETURN:
-					BIO_printf(bio_s_out,"DONE\n");
-					ret=1;
-					goto err;
-					}
-				l+=k;
-				i-=k;
-				if (i <= 0) break;
-				}
-			}
-		if (read_from_sslcon)
-			{
-			if (!SSL_is_init_finished(con))
-				{
-				i=init_ssl_connection(con);
-				
-				if (i < 0)
-					{
-					ret=0;
-					goto err;
-					}
-				else if (i == 0)
-					{
-					ret=1;
-					goto err;
-					}
-				}
-			else
-				{
-again:	
-				i=SSL_read(con,(char *)buf,bufsize);
-				switch (SSL_get_error(con,i))
-					{
-				case SSL_ERROR_NONE:
-#ifdef CHARSET_EBCDIC
-					ascii2ebcdic(buf,buf,i);
-#endif
-					write(fileno(stdout),buf,
-						(unsigned int)i);
-					if (SSL_pending(con)) goto again;
-					break;
-				case SSL_ERROR_WANT_WRITE:
-				case SSL_ERROR_WANT_READ:
-				case SSL_ERROR_WANT_X509_LOOKUP:
-					BIO_printf(bio_s_out,"Read BLOCK\n");
-					break;
-				case SSL_ERROR_SYSCALL:
-				case SSL_ERROR_SSL:
-					BIO_printf(bio_s_out,"ERROR\n");
-					ERR_print_errors(bio_err);
-					ret=1;
-					goto err;
-				case SSL_ERROR_ZERO_RETURN:
-					BIO_printf(bio_s_out,"DONE\n");
-					ret=1;
-					goto err;
-					}
-				}
-			}
-		}
-err:
-	BIO_printf(bio_s_out,"shutting down SSL\n");
-#if 1
-	SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-	SSL_shutdown(con);
-#endif
-	if (con != NULL) SSL_free(con);
-	BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
-	if (buf != NULL)
-		{
-		OPENSSL_cleanse(buf,bufsize);
-		OPENSSL_free(buf);
-		}
-	if (ret >= 0)
-		BIO_printf(bio_s_out,"ACCEPT\n");
-	return(ret);
-	}
-
-static void close_accept_socket(void)
-	{
-	BIO_printf(bio_err,"shutdown accept socket\n");
-	if (accept_socket >= 0)
-		{
-		SHUTDOWN2(accept_socket);
-		}
-	}
-
-static int init_ssl_connection(SSL *con)
-	{
-	int i;
-	const char *str;
-	X509 *peer;
-	long verify_error;
-	MS_STATIC char buf[BUFSIZ];
-
-	if ((i=SSL_accept(con)) <= 0)
-		{
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_s_out,"DELAY\n");
-			return(1);
-			}
-
-		BIO_printf(bio_err,"ERROR\n");
-		verify_error=SSL_get_verify_result(con);
-		if (verify_error != X509_V_OK)
-			{
-			BIO_printf(bio_err,"verify error:%s\n",
-				X509_verify_cert_error_string(verify_error));
-			}
-		else
-			ERR_print_errors(bio_err);
-		return(0);
-		}
-
-	PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con));
-
-	peer=SSL_get_peer_certificate(con);
-	if (peer != NULL)
-		{
-		BIO_printf(bio_s_out,"Client certificate\n");
-		PEM_write_bio_X509(bio_s_out,peer);
-		X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf);
-		BIO_printf(bio_s_out,"subject=%s\n",buf);
-		X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf);
-		BIO_printf(bio_s_out,"issuer=%s\n",buf);
-		X509_free(peer);
-		}
-
-	if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL)
-		BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
-	str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
-	BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
-	if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
-	if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
-		TLS1_FLAGS_TLS_PADDING_BUG)
-		BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
-
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(char *dhfile)
-	{
-	DH *ret=NULL;
-	BIO *bio;
-
-	if ((bio=BIO_new_file(dhfile,"r")) == NULL)
-		goto err;
-	ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
-err:
-	if (bio != NULL) BIO_free(bio);
-	return(ret);
-	}
-#endif
-
-#if 0
-static int load_CA(SSL_CTX *ctx, char *file)
-	{
-	FILE *in;
-	X509 *x=NULL;
-
-	if ((in=fopen(file,"r")) == NULL)
-		return(0);
-
-	for (;;)
-		{
-		if (PEM_read_X509(in,&x,NULL) == NULL)
-			break;
-		SSL_CTX_add_client_CA(ctx,x);
-		}
-	if (x != NULL) X509_free(x);
-	fclose(in);
-	return(1);
-	}
-#endif
-
-static int www_body(char *hostname, int s, unsigned char *context)
-	{
-	char *buf=NULL;
-	int ret=1;
-	int i,j,k,blank,dot;
-	struct stat st_buf;
-	SSL *con;
-	SSL_CIPHER *c;
-	BIO *io,*ssl_bio,*sbio;
-	long total_bytes;
-
-	buf=OPENSSL_malloc(bufsize);
-	if (buf == NULL) return(0);
-	io=BIO_new(BIO_f_buffer());
-	ssl_bio=BIO_new(BIO_f_ssl());
-	if ((io == NULL) || (ssl_bio == NULL)) goto err;
-
-#ifdef FIONBIO	
-	if (s_nbio)
-		{
-		unsigned long sl=1;
-
-		if (!s_quiet)
-			BIO_printf(bio_err,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
-			ERR_print_errors(bio_err);
-		}
-#endif
-
-	/* lets make the output buffer a reasonable size */
-	if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
-
-	if ((con=SSL_new(ctx)) == NULL) goto err;
-#ifndef OPENSSL_NO_KRB5
-	if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
-		{
-		kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
-		kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
-		}
-#endif	/* OPENSSL_NO_KRB5 */
-	if(context) SSL_set_session_id_context(con, context,
-					       strlen((char *)context));
-
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-	if (s_nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_accept_state(con);
-
-	/* SSL_set_fd(con,s); */
-	BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
-	BIO_push(io,ssl_bio);
-#ifdef CHARSET_EBCDIC
-	io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io);
-#endif
-
-	if (s_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
-		}
-	if (s_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_s_out);
-		}
-
-	blank=0;
-	for (;;)
-		{
-		if (hack)
-			{
-			i=SSL_accept(con);
-
-			switch (SSL_get_error(con,i))
-				{
-			case SSL_ERROR_NONE:
-				break;
-			case SSL_ERROR_WANT_WRITE:
-			case SSL_ERROR_WANT_READ:
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				continue;
-			case SSL_ERROR_SYSCALL:
-			case SSL_ERROR_SSL:
-			case SSL_ERROR_ZERO_RETURN:
-				ret=1;
-				goto err;
-				/* break; */
-				}
-
-			SSL_renegotiate(con);
-			SSL_write(con,NULL,0);
-			}
-
-		i=BIO_gets(io,buf,bufsize-1);
-		if (i < 0) /* error */
-			{
-			if (!BIO_should_retry(io))
-				{
-				if (!s_quiet)
-					ERR_print_errors(bio_err);
-				goto err;
-				}
-			else
-				{
-				BIO_printf(bio_s_out,"read R BLOCK\n");
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
-				sleep(1);
-#endif
-				continue;
-				}
-			}
-		else if (i == 0) /* end of input */
-			{
-			ret=1;
-			goto end;
-			}
-
-		/* else we have data */
-		if (	((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
-			((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
-			{
-			char *p;
-			X509 *peer;
-			STACK_OF(SSL_CIPHER) *sk;
-			static char *space="                          ";
-
-			BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
-			BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n");
-			BIO_puts(io,"<pre>\n");
-/*			BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
-			BIO_puts(io,"\n");
-			for (i=0; i<local_argc; i++)
-				{
-				BIO_puts(io,local_argv[i]);
-				BIO_write(io," ",1);
-				}
-			BIO_puts(io,"\n");
-
-			/* The following is evil and should not really
-			 * be done */
-			BIO_printf(io,"Ciphers supported in s_server binary\n");
-			sk=SSL_get_ciphers(con);
-			j=sk_SSL_CIPHER_num(sk);
-			for (i=0; i<j; i++)
-				{
-				c=sk_SSL_CIPHER_value(sk,i);
-				BIO_printf(io,"%-11s:%-25s",
-					SSL_CIPHER_get_version(c),
-					SSL_CIPHER_get_name(c));
-				if ((((i+1)%2) == 0) && (i+1 != j))
-					BIO_puts(io,"\n");
-				}
-			BIO_puts(io,"\n");
-			p=SSL_get_shared_ciphers(con,buf,bufsize);
-			if (p != NULL)
-				{
-				BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
-				j=i=0;
-				while (*p)
-					{
-					if (*p == ':')
-						{
-						BIO_write(io,space,26-j);
-						i++;
-						j=0;
-						BIO_write(io,((i%3)?" ":"\n"),1);
-						}
-					else
-						{
-						BIO_write(io,p,1);
-						j++;
-						}
-					p++;
-					}
-				BIO_puts(io,"\n");
-				}
-			BIO_printf(io,((con->hit)
-				?"---\nReused, "
-				:"---\nNew, "));
-			c=SSL_get_current_cipher(con);
-			BIO_printf(io,"%s, Cipher is %s\n",
-				SSL_CIPHER_get_version(c),
-				SSL_CIPHER_get_name(c));
-			SSL_SESSION_print(io,SSL_get_session(con));
-			BIO_printf(io,"---\n");
-			print_stats(io,SSL_get_SSL_CTX(con));
-			BIO_printf(io,"---\n");
-			peer=SSL_get_peer_certificate(con);
-			if (peer != NULL)
-				{
-				BIO_printf(io,"Client certificate\n");
-				X509_print(io,peer);
-				PEM_write_bio_X509(io,peer);
-				}
-			else
-				BIO_puts(io,"no client certificate available\n");
-			BIO_puts(io,"</BODY></HTML>\r\n\r\n");
-			break;
-			}
-		else if ((www == 2 || www == 3)
-                         && (strncmp("GET /",buf,5) == 0))
-			{
-			BIO *file;
-			char *p,*e;
-			static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
-
-			/* skip the '/' */
-			p= &(buf[5]);
-
-			dot = 1;
-			for (e=p; *e != '\0'; e++)
-				{
-				if (e[0] == ' ')
-					break;
-
-				switch (dot)
-					{
-				case 1:
-					dot = (e[0] == '.') ? 2 : 0;
-					break;
-				case 2:
-					dot = (e[0] == '.') ? 3 : 0;
-					break;
-				case 3:
-					dot = (e[0] == '/') ? -1 : 0;
-					break;
-					}
-				if (dot == 0)
-					dot = (e[0] == '/') ? 1 : 0;
-				}
-			dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
-
-			if (*e == '\0')
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is an invalid file name\r\n",p);
-				break;
-				}
-			*e='\0';
-
-			if (dot)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' contains '..' reference\r\n",p);
-				break;
-				}
-
-			if (*p == '/')
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is an invalid path\r\n",p);
-				break;
-				}
-
-#if 0
-			/* append if a directory lookup */
-			if (e[-1] == '/')
-				strcat(p,"index.html");
-#endif
-
-			/* if a directory, do the index thang */
-			if (stat(p,&st_buf) < 0)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"Error accessing '%s'\r\n",p);
-				ERR_print_errors(io);
-				break;
-				}
-			if (S_ISDIR(st_buf.st_mode))
-				{
-#if 0 /* must check buffer size */
-				strcat(p,"/index.html");
-#else
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is a directory\r\n",p);
-				break;
-#endif
-				}
-
-			if ((file=BIO_new_file(p,"r")) == NULL)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"Error opening '%s'\r\n",p);
-				ERR_print_errors(io);
-				break;
-				}
-
-			if (!s_quiet)
-				BIO_printf(bio_err,"FILE:%s\n",p);
-
-                        if (www == 2)
-                                {
-                                i=strlen(p);
-                                if (	((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) ||
-                                        ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) ||
-                                        ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0)))
-                                        BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
-                                else
-                                        BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
-                                }
-			/* send the file */
-			total_bytes=0;
-			for (;;)
-				{
-				i=BIO_read(file,buf,bufsize);
-				if (i <= 0) break;
-
-#ifdef RENEG
-				total_bytes+=i;
-				fprintf(stderr,"%d\n",i);
-				if (total_bytes > 3*1024)
-					{
-					total_bytes=0;
-					fprintf(stderr,"RENEGOTIATE\n");
-					SSL_renegotiate(con);
-					}
-#endif
-
-				for (j=0; j<i; )
-					{
-#ifdef RENEG
-{ static count=0; if (++count == 13) { SSL_renegotiate(con); } }
-#endif
-					k=BIO_write(io,&(buf[j]),i-j);
-					if (k <= 0)
-						{
-						if (!BIO_should_retry(io))
-							goto write_error;
-						else
-							{
-							BIO_printf(bio_s_out,"rwrite W BLOCK\n");
-							}
-						}
-					else
-						{
-						j+=k;
-						}
-					}
-				}
-write_error:
-			BIO_free(file);
-			break;
-			}
-		}
-
-	for (;;)
-		{
-		i=(int)BIO_flush(io);
-		if (i <= 0)
-			{
-			if (!BIO_should_retry(io))
-				break;
-			}
-		else
-			break;
-		}
-end:
-#if 1
-	/* make sure we re-use sessions */
-	SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-	/* This kills performance */
-/*	SSL_shutdown(con); A shutdown gets sent in the
- *	BIO_free_all(io) procession */
-#endif
-
-err:
-
-	if (ret >= 0)
-		BIO_printf(bio_s_out,"ACCEPT\n");
-
-	if (buf != NULL) OPENSSL_free(buf);
-	if (io != NULL) BIO_free_all(io);
-/*	if (ssl_bio != NULL) BIO_free(ssl_bio);*/
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
-	{
-	static RSA *rsa_tmp=NULL;
-
-	if (rsa_tmp == NULL)
-		{
-		if (!s_quiet)
-			{
-			BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
-			(void)BIO_flush(bio_err);
-			}
-		rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
-		if (!s_quiet)
-			{
-			BIO_printf(bio_err,"\n");
-			(void)BIO_flush(bio_err);
-			}
-		}
-	return(rsa_tmp);
-	}
-#endif
-
-#define MAX_SESSION_ID_ATTEMPTS 10
-static int generate_session_id(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len)
-	{
-	unsigned int count = 0;
-	do	{
-		RAND_pseudo_bytes(id, *id_len);
-		/* Prefix the session_id with the required prefix. NB: If our
-		 * prefix is too long, clip it - but there will be worse effects
-		 * anyway, eg. the server could only possibly create 1 session
-		 * ID (ie. the prefix!) so all future session negotiations will
-		 * fail due to conflicts. */
-		memcpy(id, session_id_prefix,
-			(strlen(session_id_prefix) < *id_len) ?
-			strlen(session_id_prefix) : *id_len);
-		}
-	while(SSL_has_matching_session_id(ssl, id, *id_len) &&
-		(++count < MAX_SESSION_ID_ATTEMPTS));
-	if(count >= MAX_SESSION_ID_ATTEMPTS)
-		return 0;
-	return 1;
-	}
diff --git a/crypto/openssl/apps/s_socket.c b/crypto/openssl/apps/s_socket.c
deleted file mode 100644
index a88de6c8c85c..000000000000
--- a/crypto/openssl/apps/s_socket.c
+++ /dev/null
@@ -1,555 +0,0 @@
-/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <signal.h>
-
-#include <openssl/e_os2.h>
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef USE_SOCKETS
-#undef NON_MAIN
-#include "s_apps.h"
-#include <openssl/ssl.h>
-
-static struct hostent *GetHostByName(char *name);
-#ifdef OPENSSL_SYS_WINDOWS
-static void ssl_sock_cleanup(void);
-#endif
-static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port);
-static int init_server(int *sock, int port);
-static int init_server_long(int *sock, int port,char *ip);
-static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
-
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL	IPPROTO_TCP
-#endif
-
-#ifdef OPENSSL_SYS_WINDOWS
-static struct WSAData wsa_state;
-static int wsa_init_done=0;
-
-#ifdef OPENSSL_SYS_WIN16
-static HWND topWnd=0;
-static FARPROC lpTopWndProc=NULL;
-static FARPROC lpTopHookProc=NULL;
-extern HINSTANCE _hInstance;  /* nice global CRT provides */
-
-static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
-	     LPARAM lParam)
-	{
-	if (hwnd == topWnd)
-		{
-		switch(message)
-			{
-		case WM_DESTROY:
-		case WM_CLOSE:
-			SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
-			ssl_sock_cleanup();
-			break;
-			}
-		}
-	return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
-	}
-
-static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
-	{
-	topWnd=hwnd;
-	return(FALSE);
-	}
-
-#endif /* OPENSSL_SYS_WIN32 */
-#endif /* OPENSSL_SYS_WINDOWS */
-
-#ifdef OPENSSL_SYS_WINDOWS
-static void ssl_sock_cleanup(void)
-	{
-	if (wsa_init_done)
-		{
-		wsa_init_done=0;
-#ifndef OPENSSL_SYS_WINCE
-		WSACancelBlockingCall();
-#endif
-		WSACleanup();
-		}
-	}
-#endif
-
-static int ssl_sock_init(void)
-	{
-#ifdef WATT32
-	extern int _watt_do_exit;
-	_watt_do_exit = 0;
-	dbug_init();
-	if (sock_init())
-		return (0);
-#elif defined(OPENSSL_SYS_WINDOWS)
-	if (!wsa_init_done)
-		{
-		int err;
-	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
-#endif
-		wsa_init_done=1;
-		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
-			{
-			err=WSAGetLastError();
-			BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
-			return(0);
-			}
-
-#ifdef OPENSSL_SYS_WIN16
-		EnumTaskWindows(GetCurrentTask(),enumproc,0L);
-		lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
-		lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
-
-		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
-#endif /* OPENSSL_SYS_WIN16 */
-		}
-#endif /* OPENSSL_SYS_WINDOWS */
-	return(1);
-	}
-
-int init_client(int *sock, char *host, int port)
-	{
-	unsigned char ip[4];
-	short p=0;
-
-	if (!host_ip(host,&(ip[0])))
-		{
-		return(0);
-		}
-	if (p != 0) port=p;
-	return(init_client_ip(sock,ip,port));
-	}
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port)
-	{
-	unsigned long addr;
-	struct sockaddr_in them;
-	int s,i;
-
-	if (!ssl_sock_init()) return(0);
-
-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
-
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-#ifndef OPENSSL_SYS_MPE
-	i=0;
-	i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
-#endif
-
-	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-		{ close(s); perror("connect"); return(0); }
-	*sock=s;
-	return(1);
-	}
-
-int do_server(int port, int *ret, int (*cb)(), char *context)
-	{
-	int sock;
-	char *name;
-	int accept_socket;
-	int i;
-
-	if (!init_server(&accept_socket,port)) return(0);
-
-	if (ret != NULL)
-		{
-		*ret=accept_socket;
-		/* return(1);*/
-		}
-	for (;;)
-		{
-		if (do_accept(accept_socket,&sock,&name) == 0)
-			{
-			SHUTDOWN(accept_socket);
-			return(0);
-			}
-		i=(*cb)(name,sock, context);
-		if (name != NULL) OPENSSL_free(name);
-		SHUTDOWN2(sock);
-		if (i < 0)
-			{
-			SHUTDOWN2(accept_socket);
-			return(i);
-			}
-		}
-	}
-
-static int init_server_long(int *sock, int port, char *ip)
-	{
-	int ret=0;
-	struct sockaddr_in server;
-	int s= -1,i;
-
-	if (!ssl_sock_init()) return(0);
-
-	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons((unsigned short)port);
-	if (ip == NULL)
-		server.sin_addr.s_addr=INADDR_ANY;
-	else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-		memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-		memcpy(&server.sin_addr,ip,4);
-#endif
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-
-	if (s == INVALID_SOCKET) goto err;
-#if defined SOL_SOCKET && defined SO_REUSEADDR
-		{
-		int j = 1;
-		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-			   (void *) &j, sizeof j);
-		}
-#endif
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-		{
-#ifndef OPENSSL_SYS_WINDOWS
-		perror("bind");
-#endif
-		goto err;
-		}
-	/* Make it 128 for linux */
-	if (listen(s,128) == -1) goto err;
-	i=0;
-	*sock=s;
-	ret=1;
-err:
-	if ((ret == 0) && (s != -1))
-		{
-		SHUTDOWN(s);
-		}
-	return(ret);
-	}
-
-static int init_server(int *sock, int port)
-	{
-	return(init_server_long(sock, port, NULL));
-	}
-
-static int do_accept(int acc_sock, int *sock, char **host)
-	{
-	int ret,i;
-	struct hostent *h1,*h2;
-	static struct sockaddr_in from;
-	int len;
-/*	struct linger ling; */
-
-	if (!ssl_sock_init()) return(0);
-
-#ifndef OPENSSL_SYS_WINDOWS
-redoit:
-#endif
-
-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
-	if (ret == INVALID_SOCKET)
-		{
-#ifdef OPENSSL_SYS_WINDOWS
-		i=WSAGetLastError();
-		BIO_printf(bio_err,"accept error %d\n",i);
-#else
-		if (errno == EINTR)
-			{
-			/*check_timeout(); */
-			goto redoit;
-			}
-		fprintf(stderr,"errno=%d ",errno);
-		perror("accept");
-#endif
-		return(0);
-		}
-
-/*
-	ling.l_onoff=1;
-	ling.l_linger=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
-	if (i < 0) { perror("linger"); return(0); }
-	i=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
-*/
-
-	if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
-	/* I should use WSAAsyncGetHostByName() under windows */
-	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
-		sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-	h1=gethostbyaddr((char *)&from.sin_addr,
-		sizeof(struct in_addr),AF_INET);
-#endif
-	if (h1 == NULL)
-		{
-		BIO_printf(bio_err,"bad gethostbyaddr\n");
-		*host=NULL;
-		/* return(0); */
-		}
-	else
-		{
-		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
-			{
-			perror("OPENSSL_malloc");
-			return(0);
-			}
-		strcpy(*host,h1->h_name);
-
-		h2=GetHostByName(*host);
-		if (h2 == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			return(0);
-			}
-		i=0;
-		if (h2->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		}
-end:
-	*sock=ret;
-	return(1);
-	}
-
-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
-	     short *port_ptr)
-	{
-	char *h,*p;
-
-	h=str;
-	p=strchr(str,':');
-	if (p == NULL)
-		{
-		BIO_printf(bio_err,"no port defined\n");
-		return(0);
-		}
-	*(p++)='\0';
-
-	if ((ip != NULL) && !host_ip(str,ip))
-		goto err;
-	if (host_ptr != NULL) *host_ptr=h;
-
-	if (!extract_port(p,port_ptr))
-		goto err;
-	return(1);
-err:
-	return(0);
-	}
-
-static int host_ip(char *str, unsigned char ip[4])
-	{
-	unsigned int in[4]; 
-	int i;
-
-	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-		{
-		for (i=0; i<4; i++)
-			if (in[i] > 255)
-				{
-				BIO_printf(bio_err,"invalid IP address\n");
-				goto err;
-				}
-		ip[0]=in[0];
-		ip[1]=in[1];
-		ip[2]=in[2];
-		ip[3]=in[3];
-		}
-	else
-		{ /* do a gethostbyname */
-		struct hostent *he;
-
-		if (!ssl_sock_init()) return(0);
-
-		he=GetHostByName(str);
-		if (he == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			goto err;
-			}
-		/* cast to short because of win16 winsock definition */
-		if ((short)he->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		ip[0]=he->h_addr_list[0][0];
-		ip[1]=he->h_addr_list[0][1];
-		ip[2]=he->h_addr_list[0][2];
-		ip[3]=he->h_addr_list[0][3];
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int extract_port(char *str, short *port_ptr)
-	{
-	int i;
-	struct servent *s;
-
-	i=atoi(str);
-	if (i != 0)
-		*port_ptr=(unsigned short)i;
-	else
-		{
-		s=getservbyname(str,"tcp");
-		if (s == NULL)
-			{
-			BIO_printf(bio_err,"getservbyname failure for %s\n",str);
-			return(0);
-			}
-		*port_ptr=ntohs((unsigned short)s->s_port);
-		}
-	return(1);
-	}
-
-#define GHBN_NUM	4
-static struct ghbn_cache_st
-	{
-	char name[128];
-	struct hostent ent;
-	unsigned long order;
-	} ghbn_cache[GHBN_NUM];
-
-static unsigned long ghbn_hits=0L;
-static unsigned long ghbn_miss=0L;
-
-static struct hostent *GetHostByName(char *name)
-	{
-	struct hostent *ret;
-	int i,lowi=0;
-	unsigned long low= (unsigned long)-1;
-
-	for (i=0; i<GHBN_NUM; i++)
-		{
-		if (low > ghbn_cache[i].order)
-			{
-			low=ghbn_cache[i].order;
-			lowi=i;
-			}
-		if (ghbn_cache[i].order > 0)
-			{
-			if (strncmp(name,ghbn_cache[i].name,128) == 0)
-				break;
-			}
-		}
-	if (i == GHBN_NUM) /* no hit*/
-		{
-		ghbn_miss++;
-		ret=gethostbyname(name);
-		if (ret == NULL) return(NULL);
-		/* else add to cache */
-		if(strlen(name) < sizeof ghbn_cache[0].name)
-			{
-			strcpy(ghbn_cache[lowi].name,name);
-			memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
-			ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
-			}
-		return(ret);
-		}
-	else
-		{
-		ghbn_hits++;
-		ret= &(ghbn_cache[i].ent);
-		ghbn_cache[i].order=ghbn_miss+ghbn_hits;
-		return(ret);
-		}
-	}
diff --git a/crypto/openssl/apps/s_time.c b/crypto/openssl/apps/s_time.c
deleted file mode 100644
index 1ad16cd607d4..000000000000
--- a/crypto/openssl/apps/s_time.c
+++ /dev/null
@@ -1,721 +0,0 @@
-/* apps/s_time.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NO_SHUTDOWN
-
-/*-----------------------------------------
-   s_time - SSL client connection timer program
-   Written and donated by Larry Streepy <streepy@healthcare.com>
-  -----------------------------------------*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define USE_SOCKETS
-#include "apps.h"
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/pem.h>
-#include "s_apps.h"
-#include <openssl/err.h>
-#ifdef WIN32_STUFF
-#include "winmain.h"
-#include "wintext.h"
-#endif
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-#define TIMES
-#endif
-
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS)
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed
-*/
-#ifndef HZ
-# ifdef _SC_CLK_TCK
-#  define HZ ((double)sysconf(_SC_CLK_TCK))
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ	100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
-#undef PROG
-#define PROG s_time_main
-
-#undef ioctl
-#define ioctl ioctlsocket
-
-#define SSL_CONNECT_NAME	"localhost:4433"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*10
-
-#define MYBUFSIZ 1024*8
-
-#undef min
-#undef max
-#define min(a,b) (((a) < (b)) ? (a) : (b))
-#define max(a,b) (((a) > (b)) ? (a) : (b))
-
-#undef SECONDS
-#define SECONDS	30
-extern int verify_depth;
-extern int verify_error;
-
-static void s_time_usage(void);
-static int parseArgs( int argc, char **argv );
-static SSL *doConnection( SSL *scon );
-static void s_time_init(void);
-
-/***********************************************************************
- * Static data declarations
- */
-
-/* static char *port=PORT_STR;*/
-static char *host=SSL_CONNECT_NAME;
-static char *t_cert_file=NULL;
-static char *t_key_file=NULL;
-static char *CApath=NULL;
-static char *CAfile=NULL;
-static char *tm_cipher=NULL;
-static int tm_verify = SSL_VERIFY_NONE;
-static int maxTime = SECONDS;
-static SSL_CTX *tm_ctx=NULL;
-static SSL_METHOD *s_time_meth=NULL;
-static char *s_www_path=NULL;
-static long bytes_read=0; 
-static int st_bugs=0;
-static int perform=0;
-#ifdef FIONBIO
-static int t_nbio=0;
-#endif
-#ifdef OPENSSL_SYS_WIN32
-static int exitNow = 0;		/* Set when it's time to exit main */
-#endif
-
-static void s_time_init(void)
-	{
-	host=SSL_CONNECT_NAME;
-	t_cert_file=NULL;
-	t_key_file=NULL;
-	CApath=NULL;
-	CAfile=NULL;
-	tm_cipher=NULL;
-	tm_verify = SSL_VERIFY_NONE;
-	maxTime = SECONDS;
-	tm_ctx=NULL;
-	s_time_meth=NULL;
-	s_www_path=NULL;
-	bytes_read=0; 
-	st_bugs=0;
-	perform=0;
-
-#ifdef FIONBIO
-	t_nbio=0;
-#endif
-#ifdef OPENSSL_SYS_WIN32
-	exitNow = 0;		/* Set when it's time to exit main */
-#endif
-	}
-
-/***********************************************************************
- * usage - display usage message
- */
-static void s_time_usage(void)
-{
-	static char umsg[] = "\
--time arg     - max number of seconds to collect data, default %d\n\
--verify arg   - turn on peer certificate verification, arg == depth\n\
--cert arg     - certificate file to use, PEM format assumed\n\
--key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
-                file if not specified by this option\n\
--CApath arg   - PEM format directory of CA's\n\
--CAfile arg   - PEM format file of CA's\n\
--cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";
-
-	printf( "usage: s_time <args>\n\n" );
-
-	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
-#ifdef FIONBIO
-	printf("-nbio         - Run with non-blocking IO\n");
-	printf("-ssl2         - Just use SSLv2\n");
-	printf("-ssl3         - Just use SSLv3\n");
-	printf("-bugs         - Turn on SSL bug compatibility\n");
-	printf("-new          - Just time new connections\n");
-	printf("-reuse        - Just time connection reuse\n");
-	printf("-www page     - Retrieve 'page' from the site\n");
-#endif
-	printf( umsg,SECONDS );
-}
-
-/***********************************************************************
- * parseArgs - Parse command line arguments and initialize data
- *
- * Returns 0 if ok, -1 on bad args
- */
-static int parseArgs(int argc, char **argv)
-{
-    int badop = 0;
-
-    verify_depth=0;
-    verify_error=X509_V_OK;
-
-    argc--;
-    argv++;
-
-    while (argc >= 1) {
-	if (strcmp(*argv,"-connect") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-#if 0
-	else if( strcmp(*argv,"-host") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-	else if( strcmp(*argv,"-port") == 0)
-		{
-		if (--argc < 1) goto bad;
-		port= *(++argv);
-		}
-#endif
-	else if (strcmp(*argv,"-reuse") == 0)
-		perform=2;
-	else if (strcmp(*argv,"-new") == 0)
-		perform=1;
-	else if( strcmp(*argv,"-verify") == 0) {
-
-	    tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-	    if (--argc < 1) goto bad;
-	    verify_depth=atoi(*(++argv));
-	    BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-
-	} else if( strcmp(*argv,"-cert") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_cert_file= *(++argv);
-
-	} else if( strcmp(*argv,"-key") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_key_file= *(++argv);
-
-	} else if( strcmp(*argv,"-CApath") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CApath= *(++argv);
-
-	} else if( strcmp(*argv,"-CAfile") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CAfile= *(++argv);
-
-	} else if( strcmp(*argv,"-cipher") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    tm_cipher= *(++argv);
-	}
-#ifdef FIONBIO
-	else if(strcmp(*argv,"-nbio") == 0) {
-	    t_nbio=1;
-	}
-#endif
-	else if(strcmp(*argv,"-www") == 0)
-		{
-		if (--argc < 1) goto bad;
-		s_www_path= *(++argv);
-		if(strlen(s_www_path) > MYBUFSIZ-100)
-			{
-			BIO_printf(bio_err,"-www option too long\n");
-			badop=1;
-			}
-		}
-	else if(strcmp(*argv,"-bugs") == 0)
-	    st_bugs=1;
-#ifndef OPENSSL_NO_SSL2
-	else if(strcmp(*argv,"-ssl2") == 0)
-	    s_time_meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-	else if(strcmp(*argv,"-ssl3") == 0)
-	    s_time_meth=SSLv3_client_method();
-#endif
-	else if( strcmp(*argv,"-time") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    maxTime= atoi(*(++argv));
-	}
-	else {
-	    BIO_printf(bio_err,"unknown option %s\n",*argv);
-	    badop=1;
-	    break;
-	}
-
-	argc--;
-	argv++;
-    }
-
-    if (perform == 0) perform=3;
-
-    if(badop) {
-bad:
-		s_time_usage();
-		return -1;
-    }
-
-	return 0;			/* Valid args */
-}
-
-/***********************************************************************
- * TIME - time functions
- */
-#define START	0
-#define STOP	1
-
-static double tm_Time_F(int s)
-	{
-	static double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if(s == START) {
-		times(&tstart);
-		return(0);
-	} else {
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-	}
-#elif defined(OPENSSL_SYS_VXWORKS)
-        {
-	static unsigned long tick_start, tick_end;
-
-	if( s == START )
-		{
-		tick_start = tickGet();
-		return 0;
-		}
-	else
-		{
-		tick_end = tickGet();
-		ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
-		return((ret == 0.0)?1e-6:ret);
-		}
-        }
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if(s == START) {
-		ftime(&tstart);
-		return(0);
-	} else {
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-	}
-#endif
-}
-
-/***********************************************************************
- * MAIN - main processing area for client
- *			real name depends on MONOLITH
- */
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	double totalTime = 0.0;
-	int nConn = 0;
-	SSL *scon=NULL;
-	long finishtime=0;
-	int ret=1,i;
-	MS_STATIC char buf[1024*8];
-	int ver;
-
-	apps_startup();
-	s_time_init();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	s_time_meth=SSLv2_client_method();
-#endif
-
-	/* parse the command line arguments */
-	if( parseArgs( argc, argv ) < 0 )
-		goto end;
-
-	OpenSSL_add_ssl_algorithms();
-	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
-
-	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
-
-	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
-	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
-	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
-		goto end;
-
-	SSL_load_error_strings();
-
-	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
-		{
-		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	if (tm_cipher == NULL)
-		tm_cipher = getenv("SSL_CIPHER");
-
-	if (tm_cipher == NULL ) {
-		fprintf( stderr, "No CIPHER specified\n" );
-	}
-
-	if (!(perform & 1)) goto next;
-	printf( "Collecting connection statistics for %d seconds\n", maxTime );
-
-	/* Loop and time how long it takes to make connections */
-
-	bytes_read=0;
-	finishtime=(long)time(NULL)+maxTime;
-	tm_Time_F(START);
-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
-#ifdef WIN32_STUFF
-
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )		/* we're dead */
-			goto end;
-#endif
-
-		if( (scon = doConnection( NULL )) == NULL )
-			goto end;
-
-		if (s_www_path != NULL)
-			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-
-		SSL_free( scon );
-		scon=NULL;
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
-
-	i=(int)((long)time(NULL)-finishtime+maxTime);
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	/* Now loop and time connections using the same session id over and over */
-
-next:
-	if (!(perform & 2)) goto end;
-	printf( "\n\nNow timing with session id reuse.\n" );
-
-	/* Get an SSL object so we can reuse the session id */
-	if( (scon = doConnection( NULL )) == NULL )
-		{
-		fprintf( stderr, "Unable to get connection\n" );
-		goto end;
-		}
-
-	if (s_www_path != NULL)
-		{
-		sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-		SSL_write(scon,buf,strlen(buf));
-		while (SSL_read(scon,buf,sizeof(buf)) > 0)
-			;
-		}
-#ifdef NO_SHUTDOWN
-	SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-	SSL_shutdown(scon);
-#endif
-	SHUTDOWN2(SSL_get_fd(scon));
-
-	nConn = 0;
-	totalTime = 0.0;
-
-	finishtime=(long)time(NULL)+maxTime;
-
-	printf( "starting\n" );
-	bytes_read=0;
-	tm_Time_F(START);
-		
-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
-
-#ifdef WIN32_STUFF
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )	/* we're dead */
-			goto end;
-#endif
-
-	 	if( (doConnection( scon )) == NULL )
-			goto end;
-
-		if (s_www_path)
-			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-	
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
-
-
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	ret=0;
-end:
-	if (scon != NULL) SSL_free(scon);
-
-	if (tm_ctx != NULL)
-		{
-		SSL_CTX_free(tm_ctx);
-		tm_ctx=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/***********************************************************************
- * doConnection - make a connection
- * Args:
- *		scon	= earlier ssl connection for session id, or NULL
- * Returns:
- *		SSL *	= the connection pointer.
- */
-static SSL *doConnection(SSL *scon)
-	{
-	BIO *conn;
-	SSL *serverCon;
-	int width, i;
-	fd_set readfds;
-
-	if ((conn=BIO_new(BIO_s_connect())) == NULL)
-		return(NULL);
-
-/*	BIO_set_conn_port(conn,port);*/
-	BIO_set_conn_hostname(conn,host);
-
-	if (scon == NULL)
-		serverCon=SSL_new(tm_ctx);
-	else
-		{
-		serverCon=scon;
-		SSL_set_connect_state(serverCon);
-		}
-
-	SSL_set_bio(serverCon,conn,conn);
-
-#if 0
-	if( scon != NULL )
-		SSL_set_session(serverCon,SSL_get_session(scon));
-#endif
-
-	/* ok, lets connect */
-	for(;;) {
-		i=SSL_connect(serverCon);
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_err,"DELAY\n");
-
-			i=SSL_get_fd(serverCon);
-			width=i+1;
-			FD_ZERO(&readfds);
-			FD_SET(i,&readfds);
-			/* Note: under VMS with SOCKETSHR the 2nd parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-			select(width,(void *)&readfds,NULL,NULL,NULL);
-			continue;
-			}
-		break;
-		}
-	if(i <= 0)
-		{
-		BIO_printf(bio_err,"ERROR\n");
-		if (verify_error != X509_V_OK)
-			BIO_printf(bio_err,"verify error:%s\n",
-				X509_verify_cert_error_string(verify_error));
-		else
-			ERR_print_errors(bio_err);
-		if (scon == NULL)
-			SSL_free(serverCon);
-		return NULL;
-		}
-
-	return serverCon;
-	}
-
-
diff --git a/crypto/openssl/apps/server.pem b/crypto/openssl/apps/server.pem
deleted file mode 100644
index 56248e57a3f4..000000000000
--- a/crypto/openssl/apps/server.pem
+++ /dev/null
@@ -1,369 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
-MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
-Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
-GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
-k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
-itAE+OjGF+PFKbwX8Q==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/server.srl b/crypto/openssl/apps/server.srl
deleted file mode 100644
index 8a0f05e166aa..000000000000
--- a/crypto/openssl/apps/server.srl
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/crypto/openssl/apps/server2.pem b/crypto/openssl/apps/server2.pem
deleted file mode 100644
index 8bb664194edc..000000000000
--- a/crypto/openssl/apps/server2.pem
+++ /dev/null
@@ -1,376 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
------BEGIN CERTIFICATE-----
-MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
-MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
-cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
-RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
-6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
-JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
-gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
-dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
-8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/sess_id.c b/crypto/openssl/apps/sess_id.c
deleted file mode 100644
index d91d84d2206b..000000000000
--- a/crypto/openssl/apps/sess_id.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* apps/sess_id.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-
-#undef PROG
-#define PROG	sess_id_main
-
-static char *sess_id_usage[]={
-"usage: sess_id args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -text           - print ssl session id details\n",
-" -cert           - output certificate \n",
-" -noout          - no CRL output\n",
-" -context arg    - set the session ID context\n",
-NULL
-};
-
-static SSL_SESSION *load_sess_id(char *file, int format);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	SSL_SESSION *x=NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL,*context=NULL;
-	int cert=0,noout=0,text=0;
-	char **pp;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-cert") == 0)
-			cert= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-context") == 0)
-		    {
-		    if(--argc < 1) goto bad;
-		    context=*++argv;
-		    }
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=sess_id_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	x=load_sess_id(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if(context)
-	    {
-	    x->sid_ctx_length=strlen(context);
-	    if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
-		{
-		BIO_printf(bio_err,"Context too long\n");
-		goto end;
-		}
-	    memcpy(x->sid_ctx,context,x->sid_ctx_length);
-	    }
-
-#ifdef undef
-	/* just testing for memory leaks :-) */
-	{
-	SSL_SESSION *s;
-	char buf[1024*10],*p;
-	int i;
-
-	s=SSL_SESSION_new();
-
-	p= &buf;
-	i=i2d_SSL_SESSION(x,&p);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	SSL_SESSION_free(s);
-	}
-#endif
-
-	if (!noout || text)
-		{
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (outfile == NULL)
-			{
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
-				perror(outfile);
-				goto end;
-				}
-			}
-		}
-
-	if (text)
-		{
-		SSL_SESSION_print(out,x);
-
-		if (cert)
-			{
-			if (x->peer == NULL)
-				BIO_puts(out,"No certificate present\n");
-			else
-				X509_print(out,x->peer);
-			}
-		}
-
-	if (!noout && !cert)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_SSL_SESSION_bio(out,x);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_SSL_SESSION(out,x);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write SSL_SESSION\n");
-			goto end;
-			}
-		}
-	else if (!noout && (x->peer != NULL)) /* just print the certificate */
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_X509_bio(out,x->peer);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,x->peer);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write X509\n");
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (out != NULL) BIO_free_all(out);
-	if (x != NULL) SSL_SESSION_free(x);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static SSL_SESSION *load_sess_id(char *infile, int format)
-	{
-	SSL_SESSION *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_SSL_SESSION_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load SSL_SESSION\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	if (in != NULL) BIO_free(in);
-	return(x);
-	}
-
diff --git a/crypto/openssl/apps/set/set-g-ca.pem b/crypto/openssl/apps/set/set-g-ca.pem
deleted file mode 100644
index 78499f05706c..000000000000
--- a/crypto/openssl/apps/set/set-g-ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
-Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
-6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
-vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
-SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
-AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
-9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
-a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/set/set-m-ca.pem b/crypto/openssl/apps/set/set-m-ca.pem
deleted file mode 100644
index 0e74caff67b8..000000000000
--- a/crypto/openssl/apps/set/set-m-ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
-Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
-7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
-FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
-SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
-GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
-EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
-x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/set/set_b_ca.pem b/crypto/openssl/apps/set/set_b_ca.pem
deleted file mode 100644
index eba7d5cf54bd..000000000000
--- a/crypto/openssl/apps/set/set_b_ca.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
-b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
-9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
-ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
-3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
-J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
-mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
-EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
-IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
-jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
-NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
-ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
-DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
-43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
-9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
-VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
-WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
-lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/set/set_c_ca.pem b/crypto/openssl/apps/set/set_c_ca.pem
deleted file mode 100644
index 48b2cbdc7cd5..000000000000
--- a/crypto/openssl/apps/set/set_c_ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
-Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
-Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
-pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
-RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
-u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
-XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
-+IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/set/set_d_ct.pem b/crypto/openssl/apps/set/set_d_ct.pem
deleted file mode 100644
index 9f8c7d8b086a..000000000000
--- a/crypto/openssl/apps/set/set_d_ct.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
-NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
-MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
-cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
-MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
-/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
-HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
-IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
-NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
-IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
-BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
-ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
-MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
-c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
-mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
-ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
-UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/set/set_root.pem b/crypto/openssl/apps/set/set_root.pem
deleted file mode 100644
index 8dd104f058d3..000000000000
--- a/crypto/openssl/apps/set/set_root.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
-zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
-rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
-/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
-g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
-ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
-AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
-OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
-Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
-y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
-vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
-O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
-DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
-vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
-bxCrVJLd8tu9WgA=
------END CERTIFICATE-----
diff --git a/crypto/openssl/apps/smime.c b/crypto/openssl/apps/smime.c
deleted file mode 100644
index cc248d377bb4..000000000000
--- a/crypto/openssl/apps/smime.c
+++ /dev/null
@@ -1,587 +0,0 @@
-/* smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* S/MIME utility function */
-
-#include <stdio.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-
-#undef PROG
-#define PROG smime_main
-static int save_certs(char *signerfile, STACK_OF(X509) *signers);
-
-#define SMIME_OP	0x10
-#define SMIME_ENCRYPT	(1 | SMIME_OP)
-#define SMIME_DECRYPT	2
-#define SMIME_SIGN	(3 | SMIME_OP)
-#define SMIME_VERIFY	4
-#define SMIME_PK7OUT	5
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-	ENGINE *e = NULL;
-	int operation = 0;
-	int ret = 0;
-	char **args;
-	char *inmode = "r", *outmode = "w";
-	char *infile = NULL, *outfile = NULL;
-	char *signerfile = NULL, *recipfile = NULL;
-	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
-	const EVP_CIPHER *cipher = NULL;
-	PKCS7 *p7 = NULL;
-	X509_STORE *store = NULL;
-	X509 *cert = NULL, *recip = NULL, *signer = NULL;
-	EVP_PKEY *key = NULL;
-	STACK_OF(X509) *encerts = NULL, *other = NULL;
-	BIO *in = NULL, *out = NULL, *indata = NULL;
-	int badarg = 0;
-	int flags = PKCS7_DETACHED, store_flags = 0;
-	char *to = NULL, *from = NULL, *subject = NULL;
-	char *CAfile = NULL, *CApath = NULL;
-	char *passargin = NULL, *passin = NULL;
-	char *inrand = NULL;
-	int need_rand = 0;
-	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
-        int keyform = FORMAT_PEM;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	args = argv + 1;
-	ret = 1;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-encrypt")) operation = SMIME_ENCRYPT;
-		else if (!strcmp (*args, "-decrypt")) operation = SMIME_DECRYPT;
-		else if (!strcmp (*args, "-sign")) operation = SMIME_SIGN;
-		else if (!strcmp (*args, "-verify")) operation = SMIME_VERIFY;
-		else if (!strcmp (*args, "-pk7out")) operation = SMIME_PK7OUT;
-#ifndef OPENSSL_NO_DES
-		else if (!strcmp (*args, "-des3")) 
-				cipher = EVP_des_ede3_cbc();
-		else if (!strcmp (*args, "-des")) 
-				cipher = EVP_des_cbc();
-#endif
-#ifndef OPENSSL_NO_RC2
-		else if (!strcmp (*args, "-rc2-40")) 
-				cipher = EVP_rc2_40_cbc();
-		else if (!strcmp (*args, "-rc2-128")) 
-				cipher = EVP_rc2_cbc();
-		else if (!strcmp (*args, "-rc2-64")) 
-				cipher = EVP_rc2_64_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128"))
-				cipher = EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192"))
-				cipher = EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256"))
-				cipher = EVP_aes_256_cbc();
-#endif
-		else if (!strcmp (*args, "-text")) 
-				flags |= PKCS7_TEXT;
-		else if (!strcmp (*args, "-nointern")) 
-				flags |= PKCS7_NOINTERN;
-		else if (!strcmp (*args, "-noverify")) 
-				flags |= PKCS7_NOVERIFY;
-		else if (!strcmp (*args, "-nochain")) 
-				flags |= PKCS7_NOCHAIN;
-		else if (!strcmp (*args, "-nocerts")) 
-				flags |= PKCS7_NOCERTS;
-		else if (!strcmp (*args, "-noattr")) 
-				flags |= PKCS7_NOATTR;
-		else if (!strcmp (*args, "-nodetach")) 
-				flags &= ~PKCS7_DETACHED;
-		else if (!strcmp (*args, "-nosmimecap"))
-				flags |= PKCS7_NOSMIMECAP;
-		else if (!strcmp (*args, "-binary"))
-				flags |= PKCS7_BINARY;
-		else if (!strcmp (*args, "-nosigs"))
-				flags |= PKCS7_NOSIGS;
-		else if (!strcmp (*args, "-crl_check"))
-				store_flags |= X509_V_FLAG_CRL_CHECK;
-		else if (!strcmp (*args, "-crl_check_all"))
-				store_flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
-		else if (!strcmp(*args,"-rand")) {
-			if (args[1]) {
-				args++;
-				inrand = *args;
-			} else badarg = 1;
-			need_rand = 1;
-#ifndef OPENSSL_NO_ENGINE
-		} else if (!strcmp(*args,"-engine")) {
-			if (args[1]) {
-				args++;
-				engine = *args;
-			} else badarg = 1;
-#endif
-		} else if (!strcmp(*args,"-passin")) {
-			if (args[1]) {
-				args++;
-				passargin = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-to")) {
-			if (args[1]) {
-				args++;
-				to = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-from")) {
-			if (args[1]) {
-				args++;
-				from = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-subject")) {
-			if (args[1]) {
-				args++;
-				subject = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-signer")) {
-			if (args[1]) {
-				args++;
-				signerfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-recip")) {
-			if (args[1]) {
-				args++;
-				recipfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-inkey")) {
-			if (args[1]) {
-				args++;
-				keyfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-keyform")) {
-			if (args[1]) {
-				args++;
-				keyform = str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-certfile")) {
-			if (args[1]) {
-				args++;
-				certfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-CAfile")) {
-			if (args[1]) {
-				args++;
-				CAfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-CApath")) {
-			if (args[1]) {
-				args++;
-				CApath = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-inform")) {
-			if (args[1]) {
-				args++;
-				informat = str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-outform")) {
-			if (args[1]) {
-				args++;
-				outformat = str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-content")) {
-			if (args[1]) {
-				args++;
-				contfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if(operation == SMIME_SIGN) {
-		if(!signerfile) {
-			BIO_printf(bio_err, "No signer certificate specified\n");
-			badarg = 1;
-		}
-		need_rand = 1;
-	} else if(operation == SMIME_DECRYPT) {
-		if(!recipfile) {
-			BIO_printf(bio_err, "No recipient certificate and key specified\n");
-			badarg = 1;
-		}
-	} else if(operation == SMIME_ENCRYPT) {
-		if(!*args) {
-			BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
-			badarg = 1;
-		}
-		need_rand = 1;
-	} else if(!operation) badarg = 1;
-
-	if (badarg) {
-		BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-encrypt       encrypt message\n");
-		BIO_printf (bio_err, "-decrypt       decrypt encrypted message\n");
-		BIO_printf (bio_err, "-sign          sign message\n");
-		BIO_printf (bio_err, "-verify        verify signed message\n");
-		BIO_printf (bio_err, "-pk7out        output PKCS#7 structure\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
-		BIO_printf (bio_err, "-des           encrypt with DES\n");
-#endif
-#ifndef OPENSSL_NO_RC2
-		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
-		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
-		BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
-#endif
-		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
-		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
-		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
-		BIO_printf (bio_err, "-nocerts       don't include signers certificate when signing\n");
-		BIO_printf (bio_err, "-nodetach      use opaque signing\n");
-		BIO_printf (bio_err, "-noattr        don't include any signed attributes\n");
-		BIO_printf (bio_err, "-binary        don't translate message to text\n");
-		BIO_printf (bio_err, "-certfile file other certificates file\n");
-		BIO_printf (bio_err, "-signer file   signer certificate file\n");
-		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
-		BIO_printf (bio_err, "-in file       input file\n");
-		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");
-		BIO_printf (bio_err, "-keyform arg   input private key format (PEM or ENGINE)\n");
-		BIO_printf (bio_err, "-out file      output file\n");
-		BIO_printf (bio_err, "-outform arg   output format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-content file  supply or override content for detached signature\n");
-		BIO_printf (bio_err, "-to addr       to address\n");
-		BIO_printf (bio_err, "-from ad       from address\n");
-		BIO_printf (bio_err, "-subject s     subject\n");
-		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
-		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
-		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,  "               the random number generator\n");
-		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
-		goto end;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-	if (need_rand) {
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-	}
-
-	ret = 2;
-
-	if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED;
-
-	if(operation & SMIME_OP) {
-		if(flags & PKCS7_BINARY) inmode = "rb";
-		if(outformat == FORMAT_ASN1) outmode = "wb";
-	} else {
-		if(flags & PKCS7_BINARY) outmode = "wb";
-		if(informat == FORMAT_ASN1) inmode = "rb";
-	}
-
-	if(operation == SMIME_ENCRYPT) {
-		if (!cipher) {
-#ifndef OPENSSL_NO_RC2			
-			cipher = EVP_rc2_40_cbc();
-#else
-			BIO_printf(bio_err, "No cipher selected\n");
-			goto end;
-#endif
-		}
-		encerts = sk_X509_new_null();
-		while (*args) {
-			if(!(cert = load_cert(bio_err,*args,FORMAT_PEM,
-				NULL, e, "recipient certificate file"))) {
-#if 0				/* An appropriate message is already printed */
-				BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
-#endif
-				goto end;
-			}
-			sk_X509_push(encerts, cert);
-			cert = NULL;
-			args++;
-		}
-	}
-
-	if(signerfile && (operation == SMIME_SIGN)) {
-		if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL,
-			e, "signer certificate"))) {
-#if 0			/* An appropri message has already been printed */
-			BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
-#endif
-			goto end;
-		}
-	}
-
-	if(certfile) {
-		if(!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
-			e, "certificate file"))) {
-#if 0			/* An appropriate message has already been printed */
-			BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
-#endif
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
-	if(recipfile && (operation == SMIME_DECRYPT)) {
-		if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
-			e, "recipient certificate file"))) {
-#if 0			/* An appropriate message has alrady been printed */
-			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
-#endif
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
-	if(operation == SMIME_DECRYPT) {
-		if(!keyfile) keyfile = recipfile;
-	} else if(operation == SMIME_SIGN) {
-		if(!keyfile) keyfile = signerfile;
-	} else keyfile = NULL;
-
-	if(keyfile) {
-		key = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			       "signing key file");
-		if (!key) {
-			goto end;
-                }
-	}
-
-	if (infile) {
-		if (!(in = BIO_new_file(infile, inmode))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file(outfile, outmode))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if(operation == SMIME_VERIFY) {
-		if(!(store = setup_verify(bio_err, CAfile, CApath))) goto end;
-		X509_STORE_set_flags(store, store_flags);
-	}
-
-
-	ret = 3;
-
-	if(operation == SMIME_ENCRYPT) {
-		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-	} else if(operation == SMIME_SIGN) {
-		p7 = PKCS7_sign(signer, key, other, in, flags);
-		if (BIO_reset(in) != 0 && (flags & PKCS7_DETACHED)) {
-		  BIO_printf(bio_err, "Can't rewind input file\n");
-		  goto end;
-		}
-	} else {
-		if(informat == FORMAT_SMIME) 
-			p7 = SMIME_read_PKCS7(in, &indata);
-		else if(informat == FORMAT_PEM) 
-			p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
-		else if(informat == FORMAT_ASN1) 
-			p7 = d2i_PKCS7_bio(in, NULL);
-		else {
-			BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
-			goto end;
-		}
-
-		if(!p7) {
-			BIO_printf(bio_err, "Error reading S/MIME message\n");
-			goto end;
-		}
-		if(contfile) {
-			BIO_free(indata);
-			if(!(indata = BIO_new_file(contfile, "rb"))) {
-				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
-				goto end;
-			}
-		}
-	}
-
-	if(!p7) {
-		BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
-		goto end;
-	}
-
-	ret = 4;
-	if(operation == SMIME_DECRYPT) {
-		if(!PKCS7_decrypt(p7, key, recip, out, flags)) {
-			BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
-			goto end;
-		}
-	} else if(operation == SMIME_VERIFY) {
-		STACK_OF(X509) *signers;
-		if(PKCS7_verify(p7, other, store, indata, out, flags)) {
-			BIO_printf(bio_err, "Verification successful\n");
-		} else {
-			BIO_printf(bio_err, "Verification failure\n");
-			goto end;
-		}
-		signers = PKCS7_get0_signers(p7, other, flags);
-		if(!save_certs(signerfile, signers)) {
-			BIO_printf(bio_err, "Error writing signers to %s\n",
-								signerfile);
-			ret = 5;
-			goto end;
-		}
-		sk_X509_free(signers);
-	} else if(operation == SMIME_PK7OUT) {
-		PEM_write_bio_PKCS7(out, p7);
-	} else {
-		if(to) BIO_printf(out, "To: %s\n", to);
-		if(from) BIO_printf(out, "From: %s\n", from);
-		if(subject) BIO_printf(out, "Subject: %s\n", subject);
-		if(outformat == FORMAT_SMIME) 
-			SMIME_write_PKCS7(out, p7, in, flags);
-		else if(outformat == FORMAT_PEM) 
-			PEM_write_bio_PKCS7(out,p7);
-		else if(outformat == FORMAT_ASN1) 
-			i2d_PKCS7_bio(out,p7);
-		else {
-			BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
-			goto end;
-		}
-	}
-	ret = 0;
-end:
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	if(ret) ERR_print_errors(bio_err);
-	sk_X509_pop_free(encerts, X509_free);
-	sk_X509_pop_free(other, X509_free);
-	X509_STORE_free(store);
-	X509_free(cert);
-	X509_free(recip);
-	X509_free(signer);
-	EVP_PKEY_free(key);
-	PKCS7_free(p7);
-	BIO_free(in);
-	BIO_free(indata);
-	BIO_free_all(out);
-	if(passin) OPENSSL_free(passin);
-	return (ret);
-}
-
-static int save_certs(char *signerfile, STACK_OF(X509) *signers)
-{
-	int i;
-	BIO *tmp;
-	if(!signerfile) return 1;
-	tmp = BIO_new_file(signerfile, "w");
-	if(!tmp) return 0;
-	for(i = 0; i < sk_X509_num(signers); i++)
-		PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
-	BIO_free(tmp);
-	return 1;
-}
-	
diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c
deleted file mode 100644
index ec55b4188cb4..000000000000
--- a/crypto/openssl/apps/speed.c
+++ /dev/null
@@ -1,1951 +0,0 @@
-/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#ifndef OPENSSL_NO_SPEED
-
-#undef SECONDS
-#define SECONDS		3	
-#define RSA_SECONDS	10
-#define DSA_SECONDS	10
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#undef PROG
-#define PROG speed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <math.h>
-#include "apps.h"
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX)
-# define USE_TOD
-#elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-# define TIMES
-#endif
-#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) && !defined(OPENSSL_SYS_VXWORKS) /* FIXME */
-# define TIMEB
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-#ifdef USE_TOD
-# include <sys/time.h>
-# include <sys/resource.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifdef TIMEB
-#include <sys/timeb.h>
-#endif
-
-#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS)
-#error "It seems neither struct tms nor struct timeb is supported in this platform!"
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_AES
-#include <openssl/aes.h>
-#endif
-#ifndef OPENSSL_NO_MD2
-#include <openssl/md2.h>
-#endif
-#ifndef OPENSSL_NO_MDC2
-#include <openssl/mdc2.h>
-#endif
-#ifndef OPENSSL_NO_MD4
-#include <openssl/md4.h>
-#endif
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
-#ifndef OPENSSL_NO_HMAC
-#include <openssl/hmac.h>
-#endif
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_SHA
-#include <openssl/sha.h>
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-#include <openssl/ripemd.h>
-#endif
-#ifndef OPENSSL_NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef OPENSSL_NO_RC5
-#include <openssl/rc5.h>
-#endif
-#ifndef OPENSSL_NO_RC2
-#include <openssl/rc2.h>
-#endif
-#ifndef OPENSSL_NO_IDEA
-#include <openssl/idea.h>
-#endif
-#ifndef OPENSSL_NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef OPENSSL_NO_CAST
-#include <openssl/cast.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#include "./testrsa.h"
-#endif
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_DSA
-#include "./testdsa.h"
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# if defined(_SC_CLK_TCK) \
-     && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
-#  define HZ ((double)sysconf(_SC_CLK_TCK))
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ	100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
-#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2)
-# define HAVE_FORK 1
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE	((long)1024*8+1)
-int run=0;
-
-static char ftime_used = 0, times_used = 0, gettimeofday_used = 0, getrusage_used = 0;
-static int mr=0;
-static int usertime=1;
-
-static double Time_F(int s);
-static void print_message(const char *s,long num,int length);
-static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
-static void print_result(int alg,int run_no,int count,double time_used);
-#ifdef HAVE_FORK
-static int do_multi(int multi);
-#endif
-
-#define ALGOR_NUM	19
-#define SIZE_NUM	5
-#define RSA_NUM		4
-#define DSA_NUM		3
-static const char *names[ALGOR_NUM]={
-  "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
-  "des cbc","des ede3","idea cbc",
-  "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
-  "aes-128 cbc","aes-192 cbc","aes-256 cbc"};
-static double results[ALGOR_NUM][SIZE_NUM];
-static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
-static double rsa_results[RSA_NUM][2];
-static double dsa_results[DSA_NUM][2];
-
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif 
-
-static SIGRETTYPE sig_done(int sig);
-static SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-static double Time_F(int s)
-	{
-	double ret;
-
-#ifdef USE_TOD
-	if(usertime)
-	    {
-		static struct rusage tstart,tend;
-
-		getrusage_used = 1;
-		if (s == START)
-			{
-			getrusage(RUSAGE_SELF,&tstart);
-			return(0);
-			}
-		else
-			{
-			long i;
-
-			getrusage(RUSAGE_SELF,&tend);
-			i=(long)tend.ru_utime.tv_usec-(long)tstart.ru_utime.tv_usec;
-			ret=((double)(tend.ru_utime.tv_sec-tstart.ru_utime.tv_sec))
-			  +((double)i)/1000000.0;
-			return((ret < 0.001)?0.001:ret);
-			}
-		}
-	else
-		{
-		static struct timeval tstart,tend;
-		long i;
-
-		gettimeofday_used = 1;
-		if (s == START)
-			{
-			gettimeofday(&tstart,NULL);
-			return(0);
-			}
-		else
-			{
-			gettimeofday(&tend,NULL);
-			i=(long)tend.tv_usec-(long)tstart.tv_usec;
-			ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0;
-			return((ret < 0.001)?0.001:ret);
-			}
-		}
-#else  /* ndef USE_TOD */
-		
-# ifdef TIMES
-	if (usertime)
-		{
-		static struct tms tstart,tend;
-
-		times_used = 1;
-		if (s == START)
-			{
-			times(&tstart);
-			return(0);
-			}
-		else
-			{
-			times(&tend);
-			ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-			return((ret < 1e-3)?1e-3:ret);
-			}
-		}
-# endif /* times() */
-# if defined(TIMES) && defined(TIMEB)
-	else
-# endif
-# ifdef OPENSSL_SYS_VXWORKS
-                {
-		static unsigned long tick_start, tick_end;
-
-		if( s == START )
-			{
-			tick_start = tickGet();
-			return 0;
-			}
-		else
-			{
-			tick_end = tickGet();
-			ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
-			return((ret < 0.001)?0.001:ret);
-			}
-                }
-# elif defined(TIMEB)
-		{
-		static struct timeb tstart,tend;
-		long i;
-
-		ftime_used = 1;
-		if (s == START)
-			{
-			ftime(&tstart);
-			return(0);
-			}
-		else
-			{
-			ftime(&tend);
-			i=(long)tend.millitm-(long)tstart.millitm;
-			ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-			return((ret < 0.001)?0.001:ret);
-			}
-		}
-# endif
-#endif
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	unsigned char *buf=NULL,*buf2=NULL;
-	int mret=1;
-	long count=0,save_count=0;
-	int i,j,k;
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
-	long rsa_count;
-#endif
-#ifndef OPENSSL_NO_RSA
-	unsigned rsa_num;
-#endif
-	unsigned char md[EVP_MAX_MD_SIZE];
-#ifndef OPENSSL_NO_MD2
-	unsigned char md2[MD2_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MDC2
-	unsigned char mdc2[MDC2_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MD4
-	unsigned char md4[MD4_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MD5
-	unsigned char md5[MD5_DIGEST_LENGTH];
-	unsigned char hmac[MD5_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_SHA
-	unsigned char sha[SHA_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-	unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_RC4
-	RC4_KEY rc4_ks;
-#endif
-#ifndef OPENSSL_NO_RC5
-	RC5_32_KEY rc5_ks;
-#endif
-#ifndef OPENSSL_NO_RC2
-	RC2_KEY rc2_ks;
-#endif
-#ifndef OPENSSL_NO_IDEA
-	IDEA_KEY_SCHEDULE idea_ks;
-#endif
-#ifndef OPENSSL_NO_BF
-	BF_KEY bf_ks;
-#endif
-#ifndef OPENSSL_NO_CAST
-	CAST_KEY cast_ks;
-#endif
-	static const unsigned char key16[16]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-	static const unsigned char key24[24]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	static const unsigned char key32[32]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
-		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
-#ifndef OPENSSL_NO_AES
-#define MAX_BLOCK_SIZE 128
-#else
-#define MAX_BLOCK_SIZE 64
-#endif
-	unsigned char DES_iv[8];
-	unsigned char iv[MAX_BLOCK_SIZE/8];
-#ifndef OPENSSL_NO_DES
-	DES_cblock *buf_as_des_cblock = NULL;
-	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-	static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	DES_key_schedule sch;
-	DES_key_schedule sch2;
-	DES_key_schedule sch3;
-#endif
-#ifndef OPENSSL_NO_AES
-	AES_KEY aes_ks1, aes_ks2, aes_ks3;
-#endif
-#define	D_MD2		0
-#define	D_MDC2		1
-#define	D_MD4		2
-#define	D_MD5		3
-#define	D_HMAC		4
-#define	D_SHA1		5
-#define D_RMD160	6
-#define	D_RC4		7
-#define	D_CBC_DES	8
-#define	D_EDE3_DES	9
-#define	D_CBC_IDEA	10
-#define	D_CBC_RC2	11
-#define	D_CBC_RC5	12
-#define	D_CBC_BF	13
-#define	D_CBC_CAST	14
-#define D_CBC_128_AES	15
-#define D_CBC_192_AES	16
-#define D_CBC_256_AES	17
-#define D_EVP		18
-	double d=0.0;
-	long c[ALGOR_NUM][SIZE_NUM];
-#define	R_DSA_512	0
-#define	R_DSA_1024	1
-#define	R_DSA_2048	2
-#define	R_RSA_512	0
-#define	R_RSA_1024	1
-#define	R_RSA_2048	2
-#define	R_RSA_4096	3
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa_key[RSA_NUM];
-	long rsa_c[RSA_NUM][2];
-	static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
-	static unsigned char *rsa_data[RSA_NUM]=
-		{test512,test1024,test2048,test4096};
-	static int rsa_data_length[RSA_NUM]={
-		sizeof(test512),sizeof(test1024),
-		sizeof(test2048),sizeof(test4096)};
-#endif
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa_key[DSA_NUM];
-	long dsa_c[DSA_NUM][2];
-	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
-#endif
-	int rsa_doit[RSA_NUM];
-	int dsa_doit[DSA_NUM];
-	int doit[ALGOR_NUM];
-	int pr_header=0;
-	const EVP_CIPHER *evp_cipher=NULL;
-	const EVP_MD *evp_md=NULL;
-	int decrypt=0;
-#ifdef HAVE_FORK
-	int multi=0;
-#endif
-
-#ifndef TIMES
-	usertime=-1;
-#endif
-
-	apps_startup();
-	memset(results, 0, sizeof(results));
-#ifndef OPENSSL_NO_DSA
-	memset(dsa_key,0,sizeof(dsa_key));
-#endif
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_RSA
-	memset(rsa_key,0,sizeof(rsa_key));
-	for (i=0; i<RSA_NUM; i++)
-		rsa_key[i]=NULL;
-#endif
-
-	if ((buf=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-#ifndef OPENSSL_NO_DES
-	buf_as_des_cblock = (DES_cblock *)buf;
-#endif
-	if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-
-	memset(c,0,sizeof(c));
-	memset(DES_iv,0,sizeof(DES_iv));
-	memset(iv,0,sizeof(iv));
-
-	for (i=0; i<ALGOR_NUM; i++)
-		doit[i]=0;
-	for (i=0; i<RSA_NUM; i++)
-		rsa_doit[i]=0;
-	for (i=0; i<DSA_NUM; i++)
-		dsa_doit[i]=0;
-	
-	j=0;
-	argc--;
-	argv++;
-	while (argc)
-		{
-		if	((argc > 0) && (strcmp(*argv,"-elapsed") == 0))
-			{
-			usertime = 0;
-			j--;	/* Otherwise, -elapsed gets confused with
-				   an algorithm. */
-			}
-		else if	((argc > 0) && (strcmp(*argv,"-evp") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no EVP given\n");
-				goto end;
-				}
-			evp_cipher=EVP_get_cipherbyname(*argv);
-			if(!evp_cipher)
-				{
-				evp_md=EVP_get_digestbyname(*argv);
-				}
-			if(!evp_cipher && !evp_md)
-				{
-				BIO_printf(bio_err,"%s is an unknown cipher or digest\n",*argv);
-				goto end;
-				}
-			doit[D_EVP]=1;
-			}
-		else if (argc > 0 && !strcmp(*argv,"-decrypt"))
-			{
-			decrypt=1;
-			j--;	/* Otherwise, -elapsed gets confused with
-				   an algorithm. */
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if	((argc > 0) && (strcmp(*argv,"-engine") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no engine given\n");
-				goto end;
-				}
-                        e = setup_engine(bio_err, *argv, 0);
-			/* j will be increased again further down.  We just
-			   don't want speed to confuse an engine with an
-			   algorithm, especially when none is given (which
-			   means all of them should be run) */
-			j--;
-			}
-#endif
-#ifdef HAVE_FORK
-		else if	((argc > 0) && (strcmp(*argv,"-multi") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no multi count given\n");
-				goto end;
-				}
-			multi=atoi(argv[0]);
-			if(multi <= 0)
-			    {
-				BIO_printf(bio_err,"bad multi count\n");
-				goto end;
-				}				
-			j--;	/* Otherwise, -mr gets confused with
-				   an algorithm. */
-			}
-#endif
-		else if (argc > 0 && !strcmp(*argv,"-mr"))
-			{
-			mr=1;
-			j--;	/* Otherwise, -mr gets confused with
-				   an algorithm. */
-			}
-		else
-#ifndef OPENSSL_NO_MD2
-		if	(strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MDC2
-			if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD4
-			if (strcmp(*argv,"md4") == 0) doit[D_MD4]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD5
-			if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD5
-			if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_SHA
-			if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
-		else
-			if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-			if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RC4
-			if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
-		else 
-#endif
-#ifndef OPENSSL_NO_DES
-			if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1;
-		else	if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_AES
-			if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1;
-		else	if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1;
-		else	if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RSA
-#if 0 /* was: #ifdef RSAref */
-			if (strcmp(*argv,"rsaref") == 0) 
-			{
-			RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
-			j--;
-			}
-		else
-#endif
-#ifndef RSA_NULL
-			if (strcmp(*argv,"openssl") == 0) 
-			{
-			RSA_set_default_method(RSA_PKCS1_SSLeay());
-			j--;
-			}
-		else
-#endif
-#endif /* !OPENSSL_NO_RSA */
-		     if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2;
-		else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2;
-		else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2;
-		else if (strcmp(*argv,"rsa512") == 0) rsa_doit[R_RSA_512]=2;
-		else if (strcmp(*argv,"rsa1024") == 0) rsa_doit[R_RSA_1024]=2;
-		else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2;
-		else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2;
-		else
-#ifndef OPENSSL_NO_RC2
-		     if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1;
-		else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RC5
-		     if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1;
-		else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_IDEA
-		     if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
-		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_BF
-		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
-		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
-		else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_CAST
-		     if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_DES
-			if (strcmp(*argv,"des") == 0)
-			{
-			doit[D_CBC_DES]=1;
-			doit[D_EDE3_DES]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_AES
-			if (strcmp(*argv,"aes") == 0)
-			{
-			doit[D_CBC_128_AES]=1;
-			doit[D_CBC_192_AES]=1;
-			doit[D_CBC_256_AES]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_RSA
-			if (strcmp(*argv,"rsa") == 0)
-			{
-			rsa_doit[R_RSA_512]=1;
-			rsa_doit[R_RSA_1024]=1;
-			rsa_doit[R_RSA_2048]=1;
-			rsa_doit[R_RSA_4096]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (strcmp(*argv,"dsa") == 0)
-			{
-			dsa_doit[R_DSA_512]=1;
-			dsa_doit[R_DSA_1024]=1;
-			}
-		else
-#endif
-			{
-			BIO_printf(bio_err,"Error: bad option or value\n");
-			BIO_printf(bio_err,"\n");
-			BIO_printf(bio_err,"Available values:\n");
-#ifndef OPENSSL_NO_MD2
-			BIO_printf(bio_err,"md2      ");
-#endif
-#ifndef OPENSSL_NO_MDC2
-			BIO_printf(bio_err,"mdc2     ");
-#endif
-#ifndef OPENSSL_NO_MD4
-			BIO_printf(bio_err,"md4      ");
-#endif
-#ifndef OPENSSL_NO_MD5
-			BIO_printf(bio_err,"md5      ");
-#ifndef OPENSSL_NO_HMAC
-			BIO_printf(bio_err,"hmac     ");
-#endif
-#endif
-#ifndef OPENSSL_NO_SHA1
-			BIO_printf(bio_err,"sha1     ");
-#endif
-#ifndef OPENSSL_NO_RIPEMD160
-			BIO_printf(bio_err,"rmd160");
-#endif
-#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
-    !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
-    !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160)
-			BIO_printf(bio_err,"\n");
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-			BIO_printf(bio_err,"idea-cbc ");
-#endif
-#ifndef OPENSSL_NO_RC2
-			BIO_printf(bio_err,"rc2-cbc  ");
-#endif
-#ifndef OPENSSL_NO_RC5
-			BIO_printf(bio_err,"rc5-cbc  ");
-#endif
-#ifndef OPENSSL_NO_BF
-			BIO_printf(bio_err,"bf-cbc");
-#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
-    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
-			BIO_printf(bio_err,"\n");
-#endif
-#ifndef OPENSSL_NO_DES
-			BIO_printf(bio_err,"des-cbc  des-ede3 ");
-#endif
-#ifndef OPENSSL_NO_AES
-			BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
-#endif
-#ifndef OPENSSL_NO_RC4
-			BIO_printf(bio_err,"rc4");
-#endif
-			BIO_printf(bio_err,"\n");
-
-#ifndef OPENSSL_NO_RSA
-			BIO_printf(bio_err,"rsa512   rsa1024  rsa2048  rsa4096\n");
-#endif
-
-#ifndef OPENSSL_NO_DSA
-			BIO_printf(bio_err,"dsa512   dsa1024  dsa2048\n");
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-			BIO_printf(bio_err,"idea     ");
-#endif
-#ifndef OPENSSL_NO_RC2
-			BIO_printf(bio_err,"rc2      ");
-#endif
-#ifndef OPENSSL_NO_DES
-			BIO_printf(bio_err,"des      ");
-#endif
-#ifndef OPENSSL_NO_AES
-			BIO_printf(bio_err,"aes      ");
-#endif
-#ifndef OPENSSL_NO_RSA
-			BIO_printf(bio_err,"rsa      ");
-#endif
-#ifndef OPENSSL_NO_BF
-			BIO_printf(bio_err,"blowfish");
-#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
-    !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \
-    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES)
-			BIO_printf(bio_err,"\n");
-#endif
-
-			BIO_printf(bio_err,"\n");
-			BIO_printf(bio_err,"Available options:\n");
-#if defined(TIMES) || defined(USE_TOD)
-			BIO_printf(bio_err,"-elapsed        measure time in real time instead of CPU user time.\n");
-#endif
-#ifndef OPENSSL_NO_ENGINE
-			BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
-#endif
-			BIO_printf(bio_err,"-evp e          use EVP e.\n");
-			BIO_printf(bio_err,"-decrypt        time decryption instead of encryption (only EVP).\n");
-			BIO_printf(bio_err,"-mr             produce machine readable output.\n");
-#ifdef HAVE_FORK
-			BIO_printf(bio_err,"-multi n        run n benchmarks in parallel.\n");
-#endif
-			goto end;
-			}
-		argc--;
-		argv++;
-		j++;
-		}
-
-#ifdef HAVE_FORK
-	if(multi && do_multi(multi))
-		goto show_res;
-#endif
-
-	if (j == 0)
-		{
-		for (i=0; i<ALGOR_NUM; i++)
-			{
-			if (i != D_EVP)
-				doit[i]=1;
-			}
-		for (i=0; i<RSA_NUM; i++)
-			rsa_doit[i]=1;
-		for (i=0; i<DSA_NUM; i++)
-			dsa_doit[i]=1;
-		}
-	for (i=0; i<ALGOR_NUM; i++)
-		if (doit[i]) pr_header++;
-
-	if (usertime == 0 && !mr)
-		BIO_printf(bio_err,"You have chosen to measure elapsed time instead of user CPU time.\n");
-	if (usertime <= 0 && !mr)
-		{
-		BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
-		BIO_printf(bio_err,"program when this computer is idle.\n");
-		}
-
-#ifndef OPENSSL_NO_RSA
-	for (i=0; i<RSA_NUM; i++)
-		{
-		const unsigned char *p;
-
-		p=rsa_data[i];
-		rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]);
-		if (rsa_key[i] == NULL)
-			{
-			BIO_printf(bio_err,"internal error loading RSA key number %d\n",i);
-			goto end;
-			}
-#if 0
-		else
-			{
-			BIO_printf(bio_err,mr ? "+RK:%d:"
-				   : "Loaded RSA key, %d bit modulus and e= 0x",
-				   BN_num_bits(rsa_key[i]->n));
-			BN_print(bio_err,rsa_key[i]->e);
-			BIO_printf(bio_err,"\n");
-			}
-#endif
-		}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	dsa_key[0]=get_dsa512();
-	dsa_key[1]=get_dsa1024();
-	dsa_key[2]=get_dsa2048();
-#endif
-
-#ifndef OPENSSL_NO_DES
-	DES_set_key_unchecked(&key,&sch);
-	DES_set_key_unchecked(&key2,&sch2);
-	DES_set_key_unchecked(&key3,&sch3);
-#endif
-#ifndef OPENSSL_NO_AES
-	AES_set_encrypt_key(key16,128,&aes_ks1);
-	AES_set_encrypt_key(key24,192,&aes_ks2);
-	AES_set_encrypt_key(key32,256,&aes_ks3);
-#endif
-#ifndef OPENSSL_NO_IDEA
-	idea_set_encrypt_key(key16,&idea_ks);
-#endif
-#ifndef OPENSSL_NO_RC4
-	RC4_set_key(&rc4_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_RC2
-	RC2_set_key(&rc2_ks,16,key16,128);
-#endif
-#ifndef OPENSSL_NO_RC5
-	RC5_32_set_key(&rc5_ks,16,key16,12);
-#endif
-#ifndef OPENSSL_NO_BF
-	BF_set_key(&bf_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_CAST
-	CAST_set_key(&cast_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_RSA
-	memset(rsa_c,0,sizeof(rsa_c));
-#endif
-#ifndef SIGALRM
-#ifndef OPENSSL_NO_DES
-	BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
-	count=10;
-	do	{
-		long i;
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
-				&sch,DES_ENCRYPT);
-		d=Time_F(STOP);
-		} while (d <3);
-	save_count=count;
-	c[D_MD2][0]=count/10;
-	c[D_MDC2][0]=count/10;
-	c[D_MD4][0]=count;
-	c[D_MD5][0]=count;
-	c[D_HMAC][0]=count;
-	c[D_SHA1][0]=count;
-	c[D_RMD160][0]=count;
-	c[D_RC4][0]=count*5;
-	c[D_CBC_DES][0]=count;
-	c[D_EDE3_DES][0]=count/3;
-	c[D_CBC_IDEA][0]=count;
-	c[D_CBC_RC2][0]=count;
-	c[D_CBC_RC5][0]=count;
-	c[D_CBC_BF][0]=count;
-	c[D_CBC_CAST][0]=count;
-
-	for (i=1; i<SIZE_NUM; i++)
-		{
-		c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
-		c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
-		c[D_MD4][i]=c[D_MD4][0]*4*lengths[0]/lengths[i];
-		c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
-		c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
-		c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
-		c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
-		}
-	for (i=1; i<SIZE_NUM; i++)
-		{
-		long l0,l1;
-
-		l0=(long)lengths[i-1];
-		l1=(long)lengths[i];
-		c[D_RC4][i]=c[D_RC4][i-1]*l0/l1;
-		c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
-		c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
-		c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
-		c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
-		c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
-		c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
-		c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1;
-		}
-#ifndef OPENSSL_NO_RSA
-	rsa_c[R_RSA_512][0]=count/2000;
-	rsa_c[R_RSA_512][1]=count/400;
-	for (i=1; i<RSA_NUM; i++)
-		{
-		rsa_c[i][0]=rsa_c[i-1][0]/8;
-		rsa_c[i][1]=rsa_c[i-1][1]/4;
-		if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
-			rsa_doit[i]=0;
-		else
-			{
-			if (rsa_c[i][0] == 0)
-				{
-				rsa_c[i][0]=1;
-				rsa_c[i][1]=20;
-				}
-			}				
-		}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	dsa_c[R_DSA_512][0]=count/1000;
-	dsa_c[R_DSA_512][1]=count/1000/2;
-	for (i=1; i<DSA_NUM; i++)
-		{
-		dsa_c[i][0]=dsa_c[i-1][0]/4;
-		dsa_c[i][1]=dsa_c[i-1][1]/4;
-		if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
-			dsa_doit[i]=0;
-		else
-			{
-			if (dsa_c[i] == 0)
-				{
-				dsa_c[i][0]=1;
-				dsa_c[i][1]=1;
-				}
-			}				
-		}
-#endif
-
-#define COND(d)	(count < (d))
-#define COUNT(d) (d)
-#else
-/* not worth fixing */
-# error "You cannot disable DES on systems without SIGALRM."
-#endif /* OPENSSL_NO_DES */
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-#endif /* SIGALRM */
-
-#ifndef OPENSSL_NO_MD2
-	if (doit[D_MD2])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_MD2][j]); count++)
-				EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2(),NULL);
-			d=Time_F(STOP);
-			print_result(D_MD2,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_MDC2
-	if (doit[D_MDC2])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_MDC2][j]); count++)
-				EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2(),NULL);
-			d=Time_F(STOP);
-			print_result(D_MDC2,j,count,d);
-			}
-		}
-#endif
-
-#ifndef OPENSSL_NO_MD4
-	if (doit[D_MD4])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_MD4],c[D_MD4][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_MD4][j]); count++)
-				EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4(),NULL);
-			d=Time_F(STOP);
-			print_result(D_MD4,j,count,d);
-			}
-		}
-#endif
-
-#ifndef OPENSSL_NO_MD5
-	if (doit[D_MD5])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_MD5][j]); count++)
-				EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_get_digestbyname("md5"),NULL);
-			d=Time_F(STOP);
-			print_result(D_MD5,j,count,d);
-			}
-		}
-#endif
-
-#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
-	if (doit[D_HMAC])
-		{
-		HMAC_CTX hctx;
-
-		HMAC_CTX_init(&hctx);
-		HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...",
-			16,EVP_md5(), NULL);
-
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_HMAC][j]); count++)
-				{
-				HMAC_Init_ex(&hctx,NULL,0,NULL,NULL);
-				HMAC_Update(&hctx,buf,lengths[j]);
-				HMAC_Final(&hctx,&(hmac[0]),NULL);
-				}
-			d=Time_F(STOP);
-			print_result(D_HMAC,j,count,d);
-			}
-		HMAC_CTX_cleanup(&hctx);
-		}
-#endif
-#ifndef OPENSSL_NO_SHA
-	if (doit[D_SHA1])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_SHA1][j]); count++)
-				EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1(),NULL);
-			d=Time_F(STOP);
-			print_result(D_SHA1,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-	if (doit[D_RMD160])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_RMD160][j]); count++)
-				EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160(),NULL);
-			d=Time_F(STOP);
-			print_result(D_RMD160,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_RC4
-	if (doit[D_RC4])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_RC4],c[D_RC4][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_RC4][j]); count++)
-				RC4(&rc4_ks,(unsigned int)lengths[j],
-					buf,buf);
-			d=Time_F(STOP);
-			print_result(D_RC4,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_DES
-	if (doit[D_CBC_DES])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_DES][j]); count++)
-				DES_ncbc_encrypt(buf,buf,lengths[j],&sch,
-						 &DES_iv,DES_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_DES,j,count,d);
-			}
-		}
-
-	if (doit[D_EDE3_DES])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++)
-				DES_ede3_cbc_encrypt(buf,buf,lengths[j],
-						     &sch,&sch2,&sch3,
-						     &DES_iv,DES_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_EDE3_DES,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_AES
-	if (doit[D_CBC_128_AES])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_128_AES],c[D_CBC_128_AES][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_128_AES][j]); count++)
-				AES_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&aes_ks1,
-					iv,AES_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_128_AES,j,count,d);
-			}
-		}
-	if (doit[D_CBC_192_AES])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_192_AES],c[D_CBC_192_AES][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_192_AES][j]); count++)
-				AES_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&aes_ks2,
-					iv,AES_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_192_AES,j,count,d);
-			}
-		}
-	if (doit[D_CBC_256_AES])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_256_AES],c[D_CBC_256_AES][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_256_AES][j]); count++)
-				AES_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&aes_ks3,
-					iv,AES_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_256_AES,j,count,d);
-			}
-		}
-
-#endif
-#ifndef OPENSSL_NO_IDEA
-	if (doit[D_CBC_IDEA])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
-				idea_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&idea_ks,
-					iv,IDEA_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_IDEA,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_RC2
-	if (doit[D_CBC_RC2])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
-				RC2_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&rc2_ks,
-					iv,RC2_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_RC2,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_RC5
-	if (doit[D_CBC_RC5])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
-				RC5_32_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&rc5_ks,
-					iv,RC5_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_RC5,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_BF
-	if (doit[D_CBC_BF])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
-				BF_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&bf_ks,
-					iv,BF_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_BF,j,count,d);
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_CAST
-	if (doit[D_CBC_CAST])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
-				CAST_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&cast_ks,
-					iv,CAST_ENCRYPT);
-			d=Time_F(STOP);
-			print_result(D_CBC_CAST,j,count,d);
-			}
-		}
-#endif
-
-	if (doit[D_EVP])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			if (evp_cipher)
-				{
-				EVP_CIPHER_CTX ctx;
-				int outl;
-
-				names[D_EVP]=OBJ_nid2ln(evp_cipher->nid);
-				/* -O3 -fschedule-insns messes up an
-				 * optimization here!  names[D_EVP]
-				 * somehow becomes NULL */
-				print_message(names[D_EVP],save_count,
-					lengths[j]);
-
-				EVP_CIPHER_CTX_init(&ctx);
-				if(decrypt)
-					EVP_DecryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
-				else
-					EVP_EncryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
-
-				Time_F(START);
-				if(decrypt)
-					for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-						EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
-				else
-					for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-						EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
-				if(decrypt)
-					EVP_DecryptFinal_ex(&ctx,buf,&outl);
-				else
-					EVP_EncryptFinal_ex(&ctx,buf,&outl);
-				d=Time_F(STOP);
-				EVP_CIPHER_CTX_cleanup(&ctx);
-				}
-			if (evp_md)
-				{
-				names[D_EVP]=OBJ_nid2ln(evp_md->type);
-				print_message(names[D_EVP],save_count,
-					lengths[j]);
-
-				Time_F(START);
-				for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-					EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL);
-
-				d=Time_F(STOP);
-				}
-			print_result(D_EVP,j,count,d);
-			}
-		}
-
-	RAND_pseudo_bytes(buf,36);
-#ifndef OPENSSL_NO_RSA
-	for (j=0; j<RSA_NUM; j++)
-		{
-		int ret;
-		if (!rsa_doit[j]) continue;
-		ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]);
-		if (ret == 0)
-			{
-			BIO_printf(bio_err,"RSA sign failure.  No RSA sign will be done.\n");
-			ERR_print_errors(bio_err);
-			rsa_count=1;
-			}
-		else
-			{
-			pkey_print_message("private","rsa",
-				rsa_c[j][0],rsa_bits[j],
-				RSA_SECONDS);
-/*			RSA_blinding_on(rsa_key[j],NULL); */
-			Time_F(START);
-			for (count=0,run=1; COND(rsa_c[j][0]); count++)
-				{
-				ret=RSA_sign(NID_md5_sha1, buf,36, buf2,
-					&rsa_num, rsa_key[j]);
-				if (ret == 0)
-					{
-					BIO_printf(bio_err,
-						"RSA sign failure\n");
-					ERR_print_errors(bio_err);
-					count=1;
-					break;
-					}
-				}
-			d=Time_F(STOP);
-			BIO_printf(bio_err,mr ? "+R1:%ld:%d:%.2f\n"
-				   : "%ld %d bit private RSA's in %.2fs\n",
-				   count,rsa_bits[j],d);
-			rsa_results[j][0]=d/(double)count;
-			rsa_count=count;
-			}
-
-#if 1
-		ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]);
-		if (ret <= 0)
-			{
-			BIO_printf(bio_err,"RSA verify failure.  No RSA verify will be done.\n");
-			ERR_print_errors(bio_err);
-			rsa_doit[j] = 0;
-			}
-		else
-			{
-			pkey_print_message("public","rsa",
-				rsa_c[j][1],rsa_bits[j],
-				RSA_SECONDS);
-			Time_F(START);
-			for (count=0,run=1; COND(rsa_c[j][1]); count++)
-				{
-				ret=RSA_verify(NID_md5_sha1, buf,36, buf2,
-					rsa_num, rsa_key[j]);
-				if (ret == 0)
-					{
-					BIO_printf(bio_err,
-						"RSA verify failure\n");
-					ERR_print_errors(bio_err);
-					count=1;
-					break;
-					}
-				}
-			d=Time_F(STOP);
-			BIO_printf(bio_err,mr ? "+R2:%ld:%d:%.2f\n"
-				   : "%ld %d bit public RSA's in %.2fs\n",
-				   count,rsa_bits[j],d);
-			rsa_results[j][1]=d/(double)count;
-			}
-#endif
-
-		if (rsa_count <= 1)
-			{
-			/* if longer than 10s, don't do any more */
-			for (j++; j<RSA_NUM; j++)
-				rsa_doit[j]=0;
-			}
-		}
-#endif
-
-	RAND_pseudo_bytes(buf,20);
-#ifndef OPENSSL_NO_DSA
-	if (RAND_status() != 1)
-		{
-		RAND_seed(rnd_seed, sizeof rnd_seed);
-		rnd_fake = 1;
-		}
-	for (j=0; j<DSA_NUM; j++)
-		{
-		unsigned int kk;
-		int ret;
-
-		if (!dsa_doit[j]) continue;
-/*		DSA_generate_key(dsa_key[j]); */
-/*		DSA_sign_setup(dsa_key[j],NULL); */
-		ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
-			&kk,dsa_key[j]);
-		if (ret == 0)
-			{
-			BIO_printf(bio_err,"DSA sign failure.  No DSA sign will be done.\n");
-			ERR_print_errors(bio_err);
-			rsa_count=1;
-			}
-		else
-			{
-			pkey_print_message("sign","dsa",
-				dsa_c[j][0],dsa_bits[j],
-				DSA_SECONDS);
-			Time_F(START);
-			for (count=0,run=1; COND(dsa_c[j][0]); count++)
-				{
-				ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
-					&kk,dsa_key[j]);
-				if (ret == 0)
-					{
-					BIO_printf(bio_err,
-						"DSA sign failure\n");
-					ERR_print_errors(bio_err);
-					count=1;
-					break;
-					}
-				}
-			d=Time_F(STOP);
-			BIO_printf(bio_err,mr ? "+R3:%ld:%d:%.2f\n"
-				   : "%ld %d bit DSA signs in %.2fs\n",
-				   count,dsa_bits[j],d);
-			dsa_results[j][0]=d/(double)count;
-			rsa_count=count;
-			}
-
-		ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
-			kk,dsa_key[j]);
-		if (ret <= 0)
-			{
-			BIO_printf(bio_err,"DSA verify failure.  No DSA verify will be done.\n");
-			ERR_print_errors(bio_err);
-			dsa_doit[j] = 0;
-			}
-		else
-			{
-			pkey_print_message("verify","dsa",
-				dsa_c[j][1],dsa_bits[j],
-				DSA_SECONDS);
-			Time_F(START);
-			for (count=0,run=1; COND(dsa_c[j][1]); count++)
-				{
-				ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
-					kk,dsa_key[j]);
-				if (ret <= 0)
-					{
-					BIO_printf(bio_err,
-						"DSA verify failure\n");
-					ERR_print_errors(bio_err);
-					count=1;
-					break;
-					}
-				}
-			d=Time_F(STOP);
-			BIO_printf(bio_err,mr ? "+R4:%ld:%d:%.2f\n"
-				   : "%ld %d bit DSA verify in %.2fs\n",
-				   count,dsa_bits[j],d);
-			dsa_results[j][1]=d/(double)count;
-			}
-
-		if (rsa_count <= 1)
-			{
-			/* if longer than 10s, don't do any more */
-			for (j++; j<DSA_NUM; j++)
-				dsa_doit[j]=0;
-			}
-		}
-	if (rnd_fake) RAND_cleanup();
-#endif
-#ifdef HAVE_FORK
-show_res:
-#endif
-	if(!mr)
-		{
-		fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION));
-        fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_BUILT_ON));
-		printf("options:");
-		printf("%s ",BN_options());
-#ifndef OPENSSL_NO_MD2
-		printf("%s ",MD2_options());
-#endif
-#ifndef OPENSSL_NO_RC4
-		printf("%s ",RC4_options());
-#endif
-#ifndef OPENSSL_NO_DES
-		printf("%s ",DES_options());
-#endif
-#ifndef OPENSSL_NO_AES
-		printf("%s ",AES_options());
-#endif
-#ifndef OPENSSL_NO_IDEA
-		printf("%s ",idea_options());
-#endif
-#ifndef OPENSSL_NO_BF
-		printf("%s ",BF_options());
-#endif
-		fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
-		printf("available timing options: ");
-#ifdef TIMES
-		printf("TIMES ");
-#endif
-#ifdef TIMEB
-		printf("TIMEB ");
-#endif
-#ifdef USE_TOD
-		printf("USE_TOD ");
-#endif
-#ifdef HZ
-#define as_string(s) (#s)
-		printf("HZ=%g", (double)HZ);
-# ifdef _SC_CLK_TCK
-		printf(" [sysconf value]");
-# endif
-#endif
-		printf("\n");
-		printf("timing function used: %s%s%s%s%s%s%s\n",
-		       (ftime_used ? "ftime" : ""),
-		       (ftime_used + times_used > 1 ? "," : ""),
-		       (times_used ? "times" : ""),
-		       (ftime_used + times_used + gettimeofday_used > 1 ? "," : ""),
-		       (gettimeofday_used ? "gettimeofday" : ""),
-		       (ftime_used + times_used + gettimeofday_used + getrusage_used > 1 ? "," : ""),
-		       (getrusage_used ? "getrusage" : ""));
-		}
-
-	if (pr_header)
-		{
-		if(mr)
-			fprintf(stdout,"+H");
-		else
-			{
-			fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n"); 
-			fprintf(stdout,"type        ");
-			}
-		for (j=0;  j<SIZE_NUM; j++)
-			fprintf(stdout,mr ? ":%d" : "%7d bytes",lengths[j]);
-		fprintf(stdout,"\n");
-		}
-
-	for (k=0; k<ALGOR_NUM; k++)
-		{
-		if (!doit[k]) continue;
-		if(mr)
-			fprintf(stdout,"+F:%d:%s",k,names[k]);
-		else
-			fprintf(stdout,"%-13s",names[k]);
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			if (results[k][j] > 10000 && !mr)
-				fprintf(stdout," %11.2fk",results[k][j]/1e3);
-			else
-				fprintf(stdout,mr ? ":%.2f" : " %11.2f ",results[k][j]);
-			}
-		fprintf(stdout,"\n");
-		}
-#ifndef OPENSSL_NO_RSA
-	j=1;
-	for (k=0; k<RSA_NUM; k++)
-		{
-		if (!rsa_doit[k]) continue;
-		if (j && !mr)
-			{
-			printf("%18ssign    verify    sign/s verify/s\n"," ");
-			j=0;
-			}
-		if(mr)
-			fprintf(stdout,"+F2:%u:%u:%f:%f\n",
-				k,rsa_bits[k],rsa_results[k][0],
-				rsa_results[k][1]);
-		else
-			fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
-				rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
-				1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
-		}
-#endif
-#ifndef OPENSSL_NO_DSA
-	j=1;
-	for (k=0; k<DSA_NUM; k++)
-		{
-		if (!dsa_doit[k]) continue;
-		if (j && !mr)
-			{
-			printf("%18ssign    verify    sign/s verify/s\n"," ");
-			j=0;
-			}
-		if(mr)
-			fprintf(stdout,"+F3:%u:%u:%f:%f\n",
-				k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
-		else
-			fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
-				dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
-				1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
-		}
-#endif
-	mret=0;
-end:
-	ERR_print_errors(bio_err);
-	if (buf != NULL) OPENSSL_free(buf);
-	if (buf2 != NULL) OPENSSL_free(buf2);
-#ifndef OPENSSL_NO_RSA
-	for (i=0; i<RSA_NUM; i++)
-		if (rsa_key[i] != NULL)
-			RSA_free(rsa_key[i]);
-#endif
-#ifndef OPENSSL_NO_DSA
-	for (i=0; i<DSA_NUM; i++)
-		if (dsa_key[i] != NULL)
-			DSA_free(dsa_key[i]);
-#endif
-	apps_shutdown();
-	OPENSSL_EXIT(mret);
-	}
-
-static void print_message(const char *s, long num, int length)
-	{
-#ifdef SIGALRM
-	BIO_printf(bio_err,mr ? "+DT:%s:%d:%d\n"
-		   : "Doing %s for %ds on %d size blocks: ",s,SECONDS,length);
-	(void)BIO_flush(bio_err);
-	alarm(SECONDS);
-#else
-	BIO_printf(bio_err,mr ? "+DN:%s:%ld:%d\n"
-		   : "Doing %s %ld times on %d size blocks: ",s,num,length);
-	(void)BIO_flush(bio_err);
-#endif
-#ifdef LINT
-	num=num;
-#endif
-	}
-
-static void pkey_print_message(char *str, char *str2, long num, int bits,
-	     int tm)
-	{
-#ifdef SIGALRM
-	BIO_printf(bio_err,mr ? "+DTP:%d:%s:%s:%d\n"
-			   : "Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
-	(void)BIO_flush(bio_err);
-	alarm(RSA_SECONDS);
-#else
-	BIO_printf(bio_err,mr ? "+DNP:%ld:%d:%s:%s\n"
-			   : "Doing %ld %d bit %s %s's: ",num,bits,str,str2);
-	(void)BIO_flush(bio_err);
-#endif
-#ifdef LINT
-	num=num;
-#endif
-	}
-
-static void print_result(int alg,int run_no,int count,double time_used)
-	{
-	BIO_printf(bio_err,mr ? "+R:%ld:%s:%f\n"
-		   : "%ld %s's in %.2fs\n",count,names[alg],time_used);
-	results[alg][run_no]=((double)count)/time_used*lengths[run_no];
-	}
-
-static char *sstrsep(char **string, const char *delim)
-    {
-    char isdelim[256];
-    char *token = *string;
-
-    if (**string == 0)
-        return NULL;
-
-    memset(isdelim, 0, sizeof isdelim);
-    isdelim[0] = 1;
-
-    while (*delim)
-        {
-        isdelim[(unsigned char)(*delim)] = 1;
-        delim++;
-        }
-
-    while (!isdelim[(unsigned char)(**string)])
-        {
-        (*string)++;
-        }
-
-    if (**string)
-        {
-        **string = 0;
-        (*string)++;
-        }
-
-    return token;
-    }
-
-#ifdef HAVE_FORK
-static int do_multi(int multi)
-	{
-	int n;
-	int fd[2];
-	int *fds;
-	static char sep[]=":";
-
-	fds=malloc(multi*sizeof *fds);
-	for(n=0 ; n < multi ; ++n)
-		{
-		pipe(fd);
-		if(fork())
-			{
-			close(fd[1]);
-			fds[n]=fd[0];
-			}
-		else
-			{
-			close(fd[0]);
-			close(1);
-			dup(fd[1]);
-			close(fd[1]);
-			mr=1;
-			usertime=0;
-			return 0;
-			}
-		printf("Forked child %d\n",n);
-		}
-
-	/* for now, assume the pipe is long enough to take all the output */
-	for(n=0 ; n < multi ; ++n)
-		{
-		FILE *f;
-		char buf[1024];
-		char *p;
-
-		f=fdopen(fds[n],"r");
-		while(fgets(buf,sizeof buf,f))
-			{
-			p=strchr(buf,'\n');
-			if(p)
-				*p='\0';
-			if(buf[0] != '+')
-				{
-				fprintf(stderr,"Don't understand line '%s' from child %d\n",
-						buf,n);
-				continue;
-				}
-			printf("Got: %s from %d\n",buf,n);
-			if(!strncmp(buf,"+F:",3))
-				{
-				int alg;
-				int j;
-
-				p=buf+3;
-				alg=atoi(sstrsep(&p,sep));
-				sstrsep(&p,sep);
-				for(j=0 ; j < SIZE_NUM ; ++j)
-					results[alg][j]+=atof(sstrsep(&p,sep));
-				}
-			else if(!strncmp(buf,"+F2:",4))
-				{
-				int k;
-				double d;
-				
-				p=buf+4;
-				k=atoi(sstrsep(&p,sep));
-				sstrsep(&p,sep);
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					rsa_results[k][0]=1/(1/rsa_results[k][0]+1/d);
-				else
-					rsa_results[k][0]=d;
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					rsa_results[k][1]=1/(1/rsa_results[k][1]+1/d);
-				else
-					rsa_results[k][1]=d;
-				}
-			else if(!strncmp(buf,"+F2:",4))
-				{
-				int k;
-				double d;
-				
-				p=buf+4;
-				k=atoi(sstrsep(&p,sep));
-				sstrsep(&p,sep);
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					rsa_results[k][0]=1/(1/rsa_results[k][0]+1/d);
-				else
-					rsa_results[k][0]=d;
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					rsa_results[k][1]=1/(1/rsa_results[k][1]+1/d);
-				else
-					rsa_results[k][1]=d;
-				}
-			else if(!strncmp(buf,"+F3:",4))
-				{
-				int k;
-				double d;
-				
-				p=buf+4;
-				k=atoi(sstrsep(&p,sep));
-				sstrsep(&p,sep);
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					dsa_results[k][0]=1/(1/dsa_results[k][0]+1/d);
-				else
-					dsa_results[k][0]=d;
-
-				d=atof(sstrsep(&p,sep));
-				if(n)
-					dsa_results[k][1]=1/(1/dsa_results[k][1]+1/d);
-				else
-					dsa_results[k][1]=d;
-				}
-			else if(!strncmp(buf,"+H:",3))
-				{
-				}
-			else
-				fprintf(stderr,"Unknown type '%s' from child %d\n",buf,n);
-			}
-		}
-	return 1;
-	}
-#endif
-#endif
diff --git a/crypto/openssl/apps/spkac.c b/crypto/openssl/apps/spkac.c
deleted file mode 100644
index 47ee53f1eef6..000000000000
--- a/crypto/openssl/apps/spkac.c
+++ /dev/null
@@ -1,307 +0,0 @@
-/* apps/spkac.c */
-
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999. Based on an original idea by Massimiliano Pala
- * (madwolf@openca.org).
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	spkac_main
-
-/* -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int i,badops=0, ret = 1;
-	BIO *in = NULL,*out = NULL;
-	int verify=0,noout=0,pubkey=0;
-	char *infile = NULL,*outfile = NULL,*prog;
-	char *passargin = NULL, *passin = NULL;
-	char *spkac = "SPKAC", *spksect = "default", *spkstr = NULL;
-	char *challenge = NULL, *keyfile = NULL;
-	CONF *conf = NULL;
-	NETSCAPE_SPKI *spki = NULL;
-	EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-challenge") == 0)
-			{
-			if (--argc < 1) goto bad;
-			challenge= *(++argv);
-			}
-		else if (strcmp(*argv,"-spkac") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spkac= *(++argv);
-			}
-		else if (strcmp(*argv,"-spksect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spksect= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-pubkey") == 0)
-			pubkey=1;
-		else if (strcmp(*argv,"-verify") == 0)
-			verify=1;
-		else badops = 1;
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -key arg       create SPKAC using private key\n");
-		BIO_printf(bio_err," -passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err," -challenge arg challenge string\n");
-		BIO_printf(bio_err," -spkac arg     alternative SPKAC name\n");
-		BIO_printf(bio_err," -noout         don't print SPKAC\n");
-		BIO_printf(bio_err," -pubkey        output public key\n");
-		BIO_printf(bio_err," -verify        verify SPKAC signature\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(keyfile) {
-		pkey = load_key(bio_err,
-				strcmp(keyfile, "-") ? keyfile : NULL,
-				FORMAT_PEM, 1, passin, e, "private key");
-		if(!pkey) {
-			goto end;
-		}
-		spki = NETSCAPE_SPKI_new();
-		if(challenge) ASN1_STRING_set(spki->spkac->challenge,
-						 challenge, strlen(challenge));
-		NETSCAPE_SPKI_set_pubkey(spki, pkey);
-		NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
-		spkstr = NETSCAPE_SPKI_b64_encode(spki);
-
-		if (outfile) out = BIO_new_file(outfile, "w");
-		else {
-			out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			    out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-
-		if(!out) {
-			BIO_printf(bio_err, "Error opening output file\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		BIO_printf(out, "SPKAC=%s\n", spkstr);
-		OPENSSL_free(spkstr);
-		ret = 0;
-		goto end;
-	}
-
-	
-
-	if (infile) in = BIO_new_file(infile, "r");
-	else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if(!in) {
-		BIO_printf(bio_err, "Error opening input file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	conf = NCONF_new(NULL);
-	i = NCONF_load_bio(conf, in, NULL);
-
-	if(!i) {
-		BIO_printf(bio_err, "Error parsing config file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	spkstr = NCONF_get_string(conf, spksect, spkac);
-		
-	if(!spkstr) {
-		BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
-	
-	if(!spki) {
-		BIO_printf(bio_err, "Error loading SPKAC\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	if (outfile) out = BIO_new_file(outfile, "w");
-	else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if(!out) {
-		BIO_printf(bio_err, "Error opening output file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	if(!noout) NETSCAPE_SPKI_print(out, spki);
-	pkey = NETSCAPE_SPKI_get_pubkey(spki);
-	if(verify) {
-		i = NETSCAPE_SPKI_verify(spki, pkey);
-		if(i) BIO_printf(bio_err, "Signature OK\n");
-		else {
-			BIO_printf(bio_err, "Signature Failure\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-	if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
-
-	ret = 0;
-
-end:
-	NCONF_free(conf);
-	NETSCAPE_SPKI_free(spki);
-	BIO_free(in);
-	BIO_free_all(out);
-	EVP_PKEY_free(pkey);
-	if(passin) OPENSSL_free(passin);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/crypto/openssl/apps/testCA.pem b/crypto/openssl/apps/testCA.pem
deleted file mode 100644
index dcb710aa9d12..000000000000
--- a/crypto/openssl/apps/testCA.pem
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
-MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
-hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
-VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
-hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
-uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/apps/testdsa.h b/crypto/openssl/apps/testdsa.h
deleted file mode 100644
index 9e84e31c9394..000000000000
--- a/crypto/openssl/apps/testdsa.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* NOCW */
-/* used by apps/speed.c */
-DSA *get_dsa512(void );
-DSA *get_dsa1024(void );
-DSA *get_dsa2048(void );
-static unsigned char dsa512_priv[] = {
-	0x65,0xe5,0xc7,0x38,0x60,0x24,0xb5,0x89,0xd4,0x9c,0xeb,0x4c,
-	0x9c,0x1d,0x7a,0x22,0xbd,0xd1,0xc2,0xd2,
-	};
-static unsigned char dsa512_pub[] = {
-	0x00,0x95,0xa7,0x0d,0xec,0x93,0x68,0xba,0x5f,0xf7,0x5f,0x07,
-	0xf2,0x3b,0xad,0x6b,0x01,0xdc,0xbe,0xec,0xde,0x04,0x7a,0x3a,
-	0x27,0xb3,0xec,0x49,0xfd,0x08,0x43,0x3d,0x7e,0xa8,0x2c,0x5e,
-	0x7b,0xbb,0xfc,0xf4,0x6e,0xeb,0x6c,0xb0,0x6e,0xf8,0x02,0x12,
-	0x8c,0x38,0x5d,0x83,0x56,0x7d,0xee,0x53,0x05,0x3e,0x24,0x84,
-	0xbe,0xba,0x0a,0x6b,0xc8,
-	};
-static unsigned char dsa512_p[]={
-	0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
-	0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
-	0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
-	0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
-	0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
-	0xA2,0x76,0x7D,0x31,
-	};
-static unsigned char dsa512_q[]={
-	0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
-	0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
-	};
-static unsigned char dsa512_g[]={
-	0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
-	0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
-	0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
-	0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
-	0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
-	0xA2,0x03,0x9D,0x20,
-	};
-
-DSA *get_dsa512()
-	{
-	DSA *dsa;
-
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa512_priv,sizeof(dsa512_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa512_pub,sizeof(dsa512_pub),NULL);
-	dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
-	dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
-	dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static unsigned char dsa1024_priv[]={
-	0x7d,0x21,0xda,0xbb,0x62,0x15,0x47,0x36,0x07,0x67,0x12,0xe8,
-	0x8c,0xaa,0x1c,0xcd,0x38,0x12,0x61,0x18,
-	};
-static unsigned char dsa1024_pub[]={
-	0x3c,0x4e,0x9c,0x2a,0x7f,0x16,0xc1,0x25,0xeb,0xac,0x78,0x63,
-	0x90,0x14,0x8c,0x8b,0xf4,0x68,0x43,0x3c,0x2d,0xee,0x65,0x50,
-	0x7d,0x9c,0x8f,0x8c,0x8a,0x51,0xd6,0x11,0x2b,0x99,0xaf,0x1e,
-	0x90,0x97,0xb5,0xd3,0xa6,0x20,0x25,0xd6,0xfe,0x43,0x02,0xd5,
-	0x91,0x7d,0xa7,0x8c,0xdb,0xc9,0x85,0xa3,0x36,0x48,0xf7,0x68,
-	0xaa,0x60,0xb1,0xf7,0x05,0x68,0x3a,0xa3,0x3f,0xd3,0x19,0x82,
-	0xd8,0x82,0x7a,0x77,0xfb,0xef,0xf4,0x15,0x0a,0xeb,0x06,0x04,
-	0x7f,0x53,0x07,0x0c,0xbc,0xcb,0x2d,0x83,0xdb,0x3e,0xd1,0x28,
-	0xa5,0xa1,0x31,0xe0,0x67,0xfa,0x50,0xde,0x9b,0x07,0x83,0x7e,
-	0x2c,0x0b,0xc3,0x13,0x50,0x61,0xe5,0xad,0xbd,0x36,0xb8,0x97,
-	0x4e,0x40,0x7d,0xe8,0x83,0x0d,0xbc,0x4b
-	};
-static unsigned char dsa1024_p[]={
-	0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
-	0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
-	0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
-	0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
-	0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
-	0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
-	0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
-	0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
-	0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
-	0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
-	0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
-	};
-static unsigned char dsa1024_q[]={
-	0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
-	0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
-	};
-static unsigned char dsa1024_g[]={
-	0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
-	0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
-	0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
-	0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
-	0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
-	0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
-	0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
-	0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
-	0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
-	0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
-	0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
-	};
-
-DSA *get_dsa1024()
-	{
-	DSA *dsa;
-
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa1024_priv,sizeof(dsa1024_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa1024_pub,sizeof(dsa1024_pub),NULL);
-	dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
-	dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
-	dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static unsigned char dsa2048_priv[]={
-	0x32,0x67,0x92,0xf6,0xc4,0xe2,0xe2,0xe8,0xa0,0x8b,0x6b,0x45,
-	0x0c,0x8a,0x76,0xb0,0xee,0xcf,0x91,0xa7,
-	};
-static unsigned char dsa2048_pub[]={
-	0x17,0x8f,0xa8,0x11,0x84,0x92,0xec,0x83,0x47,0xc7,0x6a,0xb0,
-	0x92,0xaf,0x5a,0x20,0x37,0xa3,0x64,0x79,0xd2,0xd0,0x3d,0xcd,
-	0xe0,0x61,0x88,0x88,0x21,0xcc,0x74,0x5d,0xce,0x4c,0x51,0x47,
-	0xf0,0xc5,0x5c,0x4c,0x82,0x7a,0xaf,0x72,0xad,0xb9,0xe0,0x53,
-	0xf2,0x78,0xb7,0xf0,0xb5,0x48,0x7f,0x8a,0x3a,0x18,0xd1,0x9f,
-	0x8b,0x7d,0xa5,0x47,0xb7,0x95,0xab,0x98,0xf8,0x7b,0x74,0x50,
-	0x56,0x8e,0x57,0xf0,0xee,0xf5,0xb7,0xba,0xab,0x85,0x86,0xf9,
-	0x2b,0xef,0x41,0x56,0xa0,0xa4,0x9f,0xb7,0x38,0x00,0x46,0x0a,
-	0xa6,0xf1,0xfc,0x1f,0xd8,0x4e,0x85,0x44,0x92,0x43,0x21,0x5d,
-	0x6e,0xcc,0xc2,0xcb,0x26,0x31,0x0d,0x21,0xc4,0xbd,0x8d,0x24,
-	0xbc,0xd9,0x18,0x19,0xd7,0xdc,0xf1,0xe7,0x93,0x50,0x48,0x03,
-	0x2c,0xae,0x2e,0xe7,0x49,0x88,0x5f,0x93,0x57,0x27,0x99,0x36,
-	0xb4,0x20,0xab,0xfc,0xa7,0x2b,0xf2,0xd9,0x98,0xd7,0xd4,0x34,
-	0x9d,0x96,0x50,0x58,0x9a,0xea,0x54,0xf3,0xee,0xf5,0x63,0x14,
-	0xee,0x85,0x83,0x74,0x76,0xe1,0x52,0x95,0xc3,0xf7,0xeb,0x04,
-	0x04,0x7b,0xa7,0x28,0x1b,0xcc,0xea,0x4a,0x4e,0x84,0xda,0xd8,
-	0x9c,0x79,0xd8,0x9b,0x66,0x89,0x2f,0xcf,0xac,0xd7,0x79,0xf9,
-	0xa9,0xd8,0x45,0x13,0x78,0xb9,0x00,0x14,0xc9,0x7e,0x22,0x51,
-	0x86,0x67,0xb0,0x9f,0x26,0x11,0x23,0xc8,0x38,0xd7,0x70,0x1d,
-	0x15,0x8e,0x4d,0x4f,0x95,0x97,0x40,0xa1,0xc2,0x7e,0x01,0x18,
-	0x72,0xf4,0x10,0xe6,0x8d,0x52,0x16,0x7f,0xf2,0xc9,0xf8,0x33,
-	0x8b,0x33,0xb7,0xce,
-	};
-static unsigned char dsa2048_p[]={
-	0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
-	0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
-	0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
-	0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
-	0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
-	0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
-	0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
-	0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
-	0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
-	0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
-	0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
-	0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
-	0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
-	0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
-	0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
-	0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
-	0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
-	0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
-	0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
-	0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
-	0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
-	0xF8,0x68,0xCF,0x9B,
-	};
-static unsigned char dsa2048_q[]={
-	0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
-	0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
-	};
-static unsigned char dsa2048_g[]={
-	0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
-	0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
-	0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
-	0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
-	0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
-	0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
-	0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
-	0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
-	0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
-	0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
-	0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
-	0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
-	0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
-	0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
-	0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
-	0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
-	0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
-	0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
-	0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
-	0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
-	0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
-	0xF8,0xB2,0xE5,0x38,
-	};
- 
-DSA *get_dsa2048()
-	{
-	DSA *dsa;
- 
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa2048_priv,sizeof(dsa2048_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa2048_pub,sizeof(dsa2048_pub),NULL);
-	dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
-	dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
-	dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-static int rnd_fake = 0;
diff --git a/crypto/openssl/apps/testrsa.h b/crypto/openssl/apps/testrsa.h
deleted file mode 100644
index 3007d792b0db..000000000000
--- a/crypto/openssl/apps/testrsa.h
+++ /dev/null
@@ -1,518 +0,0 @@
-/* apps/testrsa.h */
-/* used by apps/speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static unsigned char test512[]={
-	0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
-	0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
-	0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
-	0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
-	0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
-	0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
-	0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
-	0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
-	0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
-	0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
-	0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
-	0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
-	0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
-	0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
-	0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
-	0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
-	0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
-	0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
-	0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
-	0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
-	0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
-	0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
-	0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
-	0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
-	0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
-	0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
-	0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
-	0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
-	0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
-	0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
-	0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
-	};
-
-static unsigned char test1024[]={
-	0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
-	0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
-	0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
-	0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
-	0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
-	0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
-	0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
-	0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
-	0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
-	0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
-	0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
-	0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
-	0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
-	0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
-	0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
-	0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
-	0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
-	0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
-	0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
-	0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
-	0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
-	0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
-	0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
-	0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
-	0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
-	0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
-	0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
-	0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
-	0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
-	0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
-	0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
-	0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
-	0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
-	0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
-	0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
-	0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
-	0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
-	0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
-	0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
-	0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
-	0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
-	0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
-	0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
-	0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
-	0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
-	0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
-	0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
-	0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
-	0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
-	0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
-	0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
-	0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
-	0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
-	0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
-	0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
-	0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
-	0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
-	0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
-	0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
-	0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
-	0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
-	};
-
-static unsigned char test2048[]={
-	0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
-	0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
-	0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
-	0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
-	0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
-	0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
-	0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
-	0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
-	0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
-	0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
-	0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
-	0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
-	0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
-	0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
-	0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
-	0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
-	0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
-	0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
-	0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
-	0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
-	0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
-	0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
-	0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
-	0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
-	0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
-	0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
-	0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
-	0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
-	0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
-	0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
-	0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
-	0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
-	0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
-	0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
-	0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
-	0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
-	0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
-	0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
-	0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
-	0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
-	0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
-	0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
-	0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
-	0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
-	0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
-	0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
-	0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
-	0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
-	0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
-	0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
-	0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
-	0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
-	0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
-	0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
-	0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
-	0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
-	0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
-	0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
-	0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
-	0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
-	0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
-	0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
-	0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
-	0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
-	0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
-	0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
-	0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
-	0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
-	0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
-	0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
-	0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
-	0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
-	0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
-	0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
-	0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
-	0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
-	0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
-	0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
-	0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
-	0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
-	0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
-	0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
-	0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
-	0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
-	0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
-	0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
-	0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
-	0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
-	0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
-	0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
-	0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
-	0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
-	0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
-	0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
-	0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
-	0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
-	0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
-	0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
-	0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
-	0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
-	0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
-	0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
-	0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
-	0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
-	0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
-	0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
-	0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
-	0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
-	0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
-	0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
-	0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
-	0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
-	0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
-	0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
-	0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
-	0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
-	0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
-	0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
-	0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
-	0x95,
-	};
-
-static unsigned char test4096[]={
-	0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
-	0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
-	0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
-	0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
-	0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
-	0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
-	0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
-	0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
-	0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
-	0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
-	0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
-	0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
-	0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
-	0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
-	0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
-	0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
-	0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
-	0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
-	0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
-	0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
-	0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
-	0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
-	0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
-	0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
-	0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
-	0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
-	0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
-	0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
-	0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
-	0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
-	0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
-	0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
-	0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
-	0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
-	0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
-	0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
-	0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
-	0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
-	0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
-	0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
-	0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
-	0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
-	0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
-	0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
-	0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
-	0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
-	0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
-	0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
-	0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
-	0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
-	0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
-	0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
-	0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
-	0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
-	0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
-	0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
-	0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
-	0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
-	0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
-	0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
-	0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
-	0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
-	0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
-	0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
-	0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
-	0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
-	0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
-	0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
-	0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
-	0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
-	0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
-	0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
-	0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
-	0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
-	0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
-	0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
-	0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
-	0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
-	0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
-	0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
-	0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
-	0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
-	0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
-	0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
-	0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
-	0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
-	0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
-	0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
-	0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
-	0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
-	0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
-	0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
-	0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
-	0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
-	0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
-	0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
-	0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
-	0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
-	0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
-	0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
-	0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
-	0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
-	0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
-	0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
-	0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
-	0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
-	0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
-	0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
-	0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
-	0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
-	0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
-	0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
-	0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
-	0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
-	0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
-	0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
-	0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
-	0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
-	0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
-	0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
-	0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
-	0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
-	0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
-	0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
-	0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
-	0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
-	0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
-	0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
-	0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
-	0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
-	0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
-	0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
-	0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
-	0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
-	0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
-	0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
-	0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
-	0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
-	0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
-	0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
-	0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
-	0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
-	0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
-	0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
-	0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
-	0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
-	0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
-	0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
-	0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
-	0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
-	0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
-	0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
-	0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
-	0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
-	0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
-	0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
-	0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
-	0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
-	0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
-	0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
-	0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
-	0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
-	0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
-	0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
-	0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
-	0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
-	0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
-	0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
-	0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
-	0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
-	0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
-	0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
-	0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
-	0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
-	0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
-	0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
-	0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
-	0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
-	0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
-	0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
-	0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
-	0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
-	0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
-	0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
-	0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
-	0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
-	0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
-	0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
-	0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
-	0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
-	0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
-	0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
-	0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
-	0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
-	0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
-	0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
-	0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
-	0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
-	0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
-	0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
-	0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
-	0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
-	0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
-	0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
-	0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
-	0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
-	0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
-	0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
-	0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
-	0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
-	0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
-	0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
-	0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
-	0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
-	0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
-	0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
-	0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
-	0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
-	0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
-	0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
-	0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
-	0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
-	0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
-	0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
-	0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
-	0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
-	0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
-	0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
-	0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
-	0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
-	0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
-	0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
-	0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
-	0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
-	};
diff --git a/crypto/openssl/apps/tkca b/crypto/openssl/apps/tkca
deleted file mode 100644
index bdaf21606afe..000000000000
--- a/crypto/openssl/apps/tkca
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/usr/local/bin/perl5
-#
-# This is only something I'm playing with, it does not work :-)
-#
-
-use Tk;
-
-my $main=MainWindow->new();
-my $f=$main->Frame(-relief => "ridge", -borderwidth => 2);
-$f->pack(-fill => 'x');
-
-my $ff=$f->Frame;
-$ff->pack(-fill => 'x');
-my $l=$ff->Label(-text => "TkCA - SSLeay",
-	-relief => "ridge", -borderwidth => 2);
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Certify");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Review");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Revoke");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Generate CRL");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my($db)=&load_db("demoCA/index.txt");
-
-MainLoop;
-
-sub load_db
-	{
-	my(%ret);
-	my($file)=@_;
-	my(*IN);
-	my(%db_serial,%db_name,@f,@db_s);
-
-	$ret{'serial'}=\%db_serial;
-	$ret{'name'}=\%db_name;
-
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-	while (<IN>)
-		{
-		chop;
-		s/([^\\])\t/\1\t\t/g;
-		my(@f)=split(/\t\t/);
-		die "wrong number of fields in $file, line $.\n"
-			if ($#f != 5);
-
-		my(%f);
-		$f{'type'}=$f[0];
-		$f{'exp'}=$f[1];
-		$f{'rev'}=$f[2];
-		$f{'serial'}=$f[3];
-		$f{'file'}=$f[4];
-		$f{'name'}=$f[5];
-		die "serial number $f{'serial'} appears twice (line $.)\n"
-			if (defined($db{$f{'serial'}}))
-		$db_serial{$f{'serial'}}=\%f;
-		$db_name{$f{'name'}}.=$f{'serial'}." ";
-		}
-	return \%ret;
-	}
diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c
deleted file mode 100644
index 6a93c018b8ce..000000000000
--- a/crypto/openssl/apps/verify.c
+++ /dev/null
@@ -1,368 +0,0 @@
-/* apps/verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG	verify_main
-
-static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e);
-static STACK_OF(X509) *load_untrusted(char *file);
-static int v_verbose=0, vflags = 0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int i,ret=1;
-	int purpose = -1;
-	char *CApath=NULL,*CAfile=NULL;
-	char *untfile = NULL, *trustfile = NULL;
-	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
-	X509_STORE *cert_ctx=NULL;
-	X509_LOOKUP *lookup=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	cert_ctx=X509_STORE_new();
-	if (cert_ctx == NULL) goto end;
-	X509_STORE_set_verify_cb_func(cert_ctx,cb);
-
-	ERR_load_crypto_strings();
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argc--;
-	argv++;
-	for (;;)
-		{
-		if (argc >= 1)
-			{
-			if (strcmp(*argv,"-CApath") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CApath= *(++argv);
-				}
-			else if (strcmp(*argv,"-CAfile") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CAfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-purpose") == 0)
-				{
-				X509_PURPOSE *xptmp;
-				if (argc-- < 1) goto end;
-				i = X509_PURPOSE_get_by_sname(*(++argv));
-				if(i < 0)
-					{
-					BIO_printf(bio_err, "unrecognized purpose\n");
-					goto end;
-					}
-				xptmp = X509_PURPOSE_get0(i);
-				purpose = X509_PURPOSE_get_id(xptmp);
-				}
-			else if (strcmp(*argv,"-untrusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				untfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-trusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				trustfile= *(++argv);
-				}
-#ifndef OPENSSL_NO_ENGINE
-			else if (strcmp(*argv,"-engine") == 0)
-				{
-				if (--argc < 1) goto end;
-				engine= *(++argv);
-				}
-#endif
-			else if (strcmp(*argv,"-help") == 0)
-				goto end;
-			else if (strcmp(*argv,"-ignore_critical") == 0)
-				vflags |= X509_V_FLAG_IGNORE_CRITICAL;
-			else if (strcmp(*argv,"-issuer_checks") == 0)
-				vflags |= X509_V_FLAG_CB_ISSUER_CHECK;
-			else if (strcmp(*argv,"-crl_check") == 0)
-				vflags |= X509_V_FLAG_CRL_CHECK;
-			else if (strcmp(*argv,"-crl_check_all") == 0)
-				vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
-			else if (strcmp(*argv,"-verbose") == 0)
-				v_verbose=1;
-			else if (argv[0][0] == '-')
-				goto end;
-			else
-				break;
-			argc--;
-			argv++;
-			}
-		else
-			break;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
-	if (lookup == NULL) abort();
-	if (CAfile) {
-		i=X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM);
-		if(!i) {
-			BIO_printf(bio_err, "Error loading file %s\n", CAfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-		
-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) abort();
-	if (CApath) {
-		i=X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM);
-		if(!i) {
-			BIO_printf(bio_err, "Error loading directory %s\n", CApath);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
-	ERR_clear_error();
-
-	if(untfile) {
-		if(!(untrusted = load_untrusted(untfile))) {
-			BIO_printf(bio_err, "Error loading untrusted file %s\n", untfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
-	if(trustfile) {
-		if(!(trusted = load_untrusted(trustfile))) {
-			BIO_printf(bio_err, "Error loading untrusted file %s\n", trustfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
-	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, purpose, e);
-	else
-		for (i=0; i<argc; i++)
-			check(cert_ctx,argv[i], untrusted, trusted, purpose, e);
-	ret=0;
-end:
-	if (ret == 1) {
-		BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," [-engine e]");
-#endif
-		BIO_printf(bio_err," cert1 cert2 ...\n");
-		BIO_printf(bio_err,"recognized usages:\n");
-		for(i = 0; i < X509_PURPOSE_get_count(); i++) {
-			X509_PURPOSE *ptmp;
-			ptmp = X509_PURPOSE_get0(i);
-			BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp),
-								X509_PURPOSE_get0_name(ptmp));
-		}
-	}
-	if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
-	sk_X509_pop_free(untrusted, X509_free);
-	sk_X509_pop_free(trusted, X509_free);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e)
-	{
-	X509 *x=NULL;
-	int i=0,ret=0;
-	X509_STORE_CTX *csc;
-
-	x = load_cert(bio_err, file, FORMAT_PEM, NULL, e, "certificate file");
-	if (x == NULL)
-		goto end;
-	fprintf(stdout,"%s: ",(file == NULL)?"stdin":file);
-
-	csc = X509_STORE_CTX_new();
-	if (csc == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	X509_STORE_set_flags(ctx, vflags);
-	if(!X509_STORE_CTX_init(csc,ctx,x,uchain))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
-	if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose);
-	i=X509_verify_cert(csc);
-	X509_STORE_CTX_free(csc);
-
-	ret=0;
-end:
-	if (i)
-		{
-		fprintf(stdout,"OK\n");
-		ret=1;
-		}
-	else
-		ERR_print_errors(bio_err);
-	if (x != NULL) X509_free(x);
-
-	return(ret);
-	}
-
-static STACK_OF(X509) *load_untrusted(char *certfile)
-{
-	STACK_OF(X509_INFO) *sk=NULL;
-	STACK_OF(X509) *stack=NULL, *ret=NULL;
-	BIO *in=NULL;
-	X509_INFO *xi;
-
-	if(!(stack = sk_X509_new_null())) {
-		BIO_printf(bio_err,"memory allocation failure\n");
-		goto end;
-	}
-
-	if(!(in=BIO_new_file(certfile, "r"))) {
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* This loads from a file, a stack of x509/crl/pkey sets */
-	if(!(sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL))) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* scan over it and pull out the certs */
-	while (sk_X509_INFO_num(sk))
-		{
-		xi=sk_X509_INFO_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_X509_push(stack,xi->x509);
-			xi->x509=NULL;
-			}
-		X509_INFO_free(xi);
-		}
-	if(!sk_X509_num(stack)) {
-		BIO_printf(bio_err,"no certificates in file, %s\n",certfile);
-		sk_X509_free(stack);
-		goto end;
-	}
-	ret=stack;
-end:
-	BIO_free(in);
-	sk_X509_INFO_free(sk);
-	return(ret);
-	}
-
-static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
-	{
-	char buf[256];
-
-	if (!ok)
-		{
-		X509_NAME_oneline(
-				X509_get_subject_name(ctx->current_cert),buf,
-				sizeof buf);
-		printf("%s\n",buf);
-		printf("error %d at %d depth lookup:%s\n",ctx->error,
-			ctx->error_depth,
-			X509_verify_cert_error_string(ctx->error));
-		if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED) ok=1;
-		/* since we are just checking the certificates, it is
-		 * ok if they are self signed. But we should still warn
-		 * the user.
- 		 */
-		if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
-		/* Continue after extension errors too */
-		if (ctx->error == X509_V_ERR_INVALID_CA) ok=1;
-		if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED) ok=1;
-		if (ctx->error == X509_V_ERR_INVALID_PURPOSE) ok=1;
-		if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
-		if (ctx->error == X509_V_ERR_CRL_HAS_EXPIRED) ok=1;
-		if (ctx->error == X509_V_ERR_CRL_NOT_YET_VALID) ok=1;
-		if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) ok=1;
-		}
-	if (!v_verbose)
-		ERR_clear_error();
-	return(ok);
-	}
-
diff --git a/crypto/openssl/apps/version.c b/crypto/openssl/apps/version.c
deleted file mode 100644
index 0843b67565e7..000000000000
--- a/crypto/openssl/apps/version.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* apps/version.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/evp.h>
-#include <openssl/crypto.h>
-#ifndef OPENSSL_NO_MD2
-# include <openssl/md2.h>
-#endif
-#ifndef OPENSSL_NO_RC4
-# include <openssl/rc4.h>
-#endif
-#ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_IDEA
-# include <openssl/idea.h>
-#endif
-#ifndef OPENSSL_NO_BF
-# include <openssl/blowfish.h>
-#endif
-
-#undef PROG
-#define PROG	version_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
-	int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (argc == 1) version=1;
-	for (i=1; i<argc; i++)
-		{
-		if (strcmp(argv[i],"-v") == 0)
-			version=1;	
-		else if (strcmp(argv[i],"-b") == 0)
-			date=1;
-		else if (strcmp(argv[i],"-f") == 0)
-			cflags=1;
-		else if (strcmp(argv[i],"-o") == 0)
-			options=1;
-		else if (strcmp(argv[i],"-p") == 0)
-			platform=1;
-		else if (strcmp(argv[i],"-d") == 0)
-			dir=1;
-		else if (strcmp(argv[i],"-a") == 0)
-			date=version=cflags=options=platform=dir=1;
-		else
-			{
-			BIO_printf(bio_err,"usage:version -[avbofp]\n");
-			ret=1;
-			goto end;
-			}
-		}
-
-	if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION));
-	if (date)    printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
-	if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM));
-	if (options) 
-		{
-		printf("options:  ");
-		printf("%s ",BN_options());
-#ifndef OPENSSL_NO_MD2
-		printf("%s ",MD2_options());
-#endif
-#ifndef OPENSSL_NO_RC4
-		printf("%s ",RC4_options());
-#endif
-#ifndef OPENSSL_NO_DES
-		printf("%s ",DES_options());
-#endif
-#ifndef OPENSSL_NO_IDEA
-		printf("%s ",idea_options());
-#endif
-#ifndef OPENSSL_NO_BF
-		printf("%s ",BF_options());
-#endif
-		printf("\n");
-		}
-	if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
-	if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
-end:
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/crypto/openssl/apps/winrand.c b/crypto/openssl/apps/winrand.c
deleted file mode 100644
index 59bede3d70ac..000000000000
--- a/crypto/openssl/apps/winrand.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* apps/winrand.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Usage: winrand [filename]
- *
- * Collects entropy from mouse movements and other events and writes
- * random data to filename or .rnd
- */
-
-#include <windows.h>
-#include <openssl/opensslv.h>
-#include <openssl/rand.h>
-
-LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
-const char *filename;
-
-int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
-        PSTR cmdline, int iCmdShow)
-	{
-	static char appname[] = "OpenSSL";
-	HWND hwnd;
-	MSG msg;
-	WNDCLASSEX wndclass;
-        char buffer[200];
-
-        if (cmdline[0] == '\0')
-                filename = RAND_file_name(buffer, sizeof buffer);
-        else
-                filename = cmdline;
-
-        RAND_load_file(filename, -1);
-
-	wndclass.cbSize = sizeof(wndclass);
-	wndclass.style = CS_HREDRAW | CS_VREDRAW;
-	wndclass.lpfnWndProc = WndProc;
-	wndclass.cbClsExtra = 0;
-	wndclass.cbWndExtra = 0;
-	wndclass.hInstance = hInstance;
-	wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION);
-	wndclass.hCursor = LoadCursor(NULL, IDC_ARROW);
-	wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH);
-	wndclass.lpszMenuName = NULL;
-        wndclass.lpszClassName = appname;
-	wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION);
-	RegisterClassEx(&wndclass);
-
-        hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
-		WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
-		CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
-
-	ShowWindow(hwnd, iCmdShow);
-	UpdateWindow(hwnd);
-
-
-	while (GetMessage(&msg, NULL, 0, 0))
-		{
-		TranslateMessage(&msg);
-		DispatchMessage(&msg);
-		}
-
-	return msg.wParam;
-	}
-
-LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
-	{
-        HDC hdc;
-	PAINTSTRUCT ps;
-        RECT rect;
-        static int seeded = 0;
-
-	switch (iMsg)
-		{
-	case WM_PAINT:
-		hdc = BeginPaint(hwnd, &ps);
-		GetClientRect(hwnd, &rect);
-                DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1,
-			&rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER);
-		EndPaint(hwnd, &ps);
-		return 0;
-		
-        case WM_DESTROY:
-                PostQuitMessage(0);
-                return 0;
-                }
-
-        if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
-                {
-                seeded = 1;
-                if (RAND_write_file(filename) <= 0)
-                        MessageBox(hwnd, "Couldn't write random file!",
-				"OpenSSL", MB_OK | MB_ICONERROR);
-                PostQuitMessage(0);
-                }
-
-	return DefWindowProc(hwnd, iMsg, wParam, lParam);
-	}
diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c
deleted file mode 100644
index 1ac6452bdb4c..000000000000
--- a/crypto/openssl/apps/x509.c
+++ /dev/null
@@ -1,1290 +0,0 @@
-/* apps/x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-
-#undef PROG
-#define PROG x509_main
-
-#undef POSTFIX
-#define	POSTFIX	".srl"
-#define DEF_DAYS	30
-
-static char *x509_usage[]={
-"usage: x509 args\n",
-" -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
-" -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
-" -keyform arg    - private key format - default PEM\n",
-" -CAform arg     - CA format - default PEM\n",
-" -CAkeyform arg  - CA key format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -passin arg     - private key password source\n",
-" -serial         - print serial number value\n",
-" -hash           - print hash value\n",
-" -subject        - print subject DN\n",
-" -issuer         - print issuer DN\n",
-" -email          - print email address(es)\n",
-" -startdate      - notBefore field\n",
-" -enddate        - notAfter field\n",
-" -purpose        - print out certificate purposes\n",
-" -dates          - both Before and After dates\n",
-" -modulus        - print the RSA key modulus\n",
-" -pubkey         - output the public key\n",
-" -fingerprint    - print the certificate fingerprint\n",
-" -alias          - output certificate alias\n",
-" -noout          - no certificate output\n",
-" -ocspid         - print OCSP hash values for the subject name and public key\n",
-" -trustout       - output a \"trusted\" certificate\n",
-" -clrtrust       - clear all trusted purposes\n",
-" -clrreject      - clear all rejected purposes\n",
-" -addtrust arg   - trust certificate for a given purpose\n",
-" -addreject arg  - reject certificate for a given purpose\n",
-" -setalias arg   - set certificate alias\n",
-" -days arg       - How long till expiry of a signed certificate - def 30 days\n",
-" -checkend arg   - check whether the cert expires in the next arg seconds\n",
-"                   exit 1 if so, 0 if not\n",
-" -signkey arg    - self sign cert with arg\n",
-" -x509toreq      - output a certification request object\n",
-" -req            - input is a certificate request, sign and output.\n",
-" -CA arg         - set the CA certificate, must be PEM format.\n",
-" -CAkey arg      - set the CA key, must be PEM format\n",
-"                   missing, it is assumed to be in the CA file.\n",
-" -CAcreateserial - create serial number file if it does not exist\n",
-" -CAserial arg   - serial file\n",
-" -set_serial     - serial number to use\n",
-" -text           - print the certificate in text form\n",
-" -C              - print out C code forms\n",
-" -md2/-md5/-sha1/-mdc2 - digest to use\n",
-" -extfile        - configuration file with X509V3 extensions to add\n",
-" -extensions     - section from config file with X509V3 extensions to add\n",
-" -clrext         - delete extensions before signing and input certificate\n",
-" -nameopt arg    - various certificate name options\n",
-#ifndef OPENSSL_NO_ENGINE
-" -engine e       - use engine e, possibly a hardware device.\n",
-#endif
-" -certopt arg    - various certificate text options\n",
-NULL
-};
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
-static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest,
-						CONF *conf, char *section);
-static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest,
-			 X509 *x,X509 *xca,EVP_PKEY *pkey,char *serial,
-			 int create,int days, int clrext, CONF *conf, char *section,
-						ASN1_INTEGER *sno);
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
-static int reqfile=0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int ret=1;
-	X509_REQ *req=NULL;
-	X509 *x=NULL,*xca=NULL;
-	ASN1_OBJECT *objtmp;
-	EVP_PKEY *Upkey=NULL,*CApkey=NULL;
-	ASN1_INTEGER *sno = NULL;
-	int i,num,badops=0;
-	BIO *out=NULL;
-	BIO *STDout=NULL;
-	STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
-	int informat,outformat,keyformat,CAformat,CAkeyformat;
-	char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
-	char *CAkeyfile=NULL,*CAserial=NULL;
-	char *alias=NULL;
-	int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;
-	int ocspid=0;
-	int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
-	int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
-	int C=0;
-	int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0;
-	int pprint = 0;
-	char **pp;
-	X509_STORE *ctx=NULL;
-	X509_REQ *rq=NULL;
-	int fingerprint=0;
-	char buf[256];
-	const EVP_MD *md_alg,*digest=EVP_md5();
-	CONF *extconf = NULL;
-	char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
-	int need_rand = 0;
-	int checkend=0,checkoffset=0;
-	unsigned long nmflag = 0, certflag = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	reqfile=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-	keyformat=FORMAT_PEM;
-	CAformat=FORMAT_PEM;
-	CAkeyformat=FORMAT_PEM;
-
-	ctx=X509_STORE_new();
-	if (ctx == NULL) goto end;
-	X509_STORE_set_verify_cb_func(ctx,callb);
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-req") == 0)
-			{
-			reqfile=1;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CAform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-CAkeyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAkeyformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days=atoi(*(++argv));
-			if (days == 0)
-				{
-				BIO_printf(STDout,"bad number of days\n");
-				goto bad;
-				}
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-extfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extsect= *(++argv);
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-signkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			sign_flag= ++num;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CA") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			CA_flag= ++num;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CAkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAkeyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-CAserial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAserial= *(++argv);
-			}
-		else if (strcmp(*argv,"-set_serial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(sno = s2i_ASN1_INTEGER(NULL, *(++argv))))
-				goto bad;
-			}
-		else if (strcmp(*argv,"-addtrust") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(objtmp = OBJ_txt2obj(*(++argv), 0)))
-				{
-				BIO_printf(bio_err,
-					"Invalid trust object value %s\n", *argv);
-				goto bad;
-				}
-			if (!trust) trust = sk_ASN1_OBJECT_new_null();
-			sk_ASN1_OBJECT_push(trust, objtmp);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-addreject") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(objtmp = OBJ_txt2obj(*(++argv), 0)))
-				{
-				BIO_printf(bio_err,
-					"Invalid reject object value %s\n", *argv);
-				goto bad;
-				}
-			if (!reject) reject = sk_ASN1_OBJECT_new_null();
-			sk_ASN1_OBJECT_push(reject, objtmp);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-setalias") == 0)
-			{
-			if (--argc < 1) goto bad;
-			alias= *(++argv);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-certopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_cert_ex(&certflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-setalias") == 0)
-			{
-			if (--argc < 1) goto bad;
-			alias= *(++argv);
-			trustout = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-C") == 0)
-			C= ++num;
-		else if (strcmp(*argv,"-email") == 0)
-			email= ++num;
-		else if (strcmp(*argv,"-serial") == 0)
-			serial= ++num;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus= ++num;
-		else if (strcmp(*argv,"-pubkey") == 0)
-			pubkey= ++num;
-		else if (strcmp(*argv,"-x509toreq") == 0)
-			x509req= ++num;
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-hash") == 0)
-			hash= ++num;
-		else if (strcmp(*argv,"-subject") == 0)
-			subject= ++num;
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-fingerprint") == 0)
-			fingerprint= ++num;
-		else if (strcmp(*argv,"-dates") == 0)
-			{
-			startdate= ++num;
-			enddate= ++num;
-			}
-		else if (strcmp(*argv,"-purpose") == 0)
-			pprint= ++num;
-		else if (strcmp(*argv,"-startdate") == 0)
-			startdate= ++num;
-		else if (strcmp(*argv,"-enddate") == 0)
-			enddate= ++num;
-		else if (strcmp(*argv,"-checkend") == 0)
-			{
-			if (--argc < 1) goto bad;
-			checkoffset=atoi(*(++argv));
-			checkend=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-trustout") == 0)
-			trustout= 1;
-		else if (strcmp(*argv,"-clrtrust") == 0)
-			clrtrust= ++num;
-		else if (strcmp(*argv,"-clrreject") == 0)
-			clrreject= ++num;
-		else if (strcmp(*argv,"-alias") == 0)
-			aliasout= ++num;
-		else if (strcmp(*argv,"-CAcreateserial") == 0)
-			CA_createserial= ++num;
-		else if (strcmp(*argv,"-clrext") == 0)
-			clrext = 1;
-#if 1 /* stay backwards-compatible with 0.9.5; this should go away soon */
-		else if (strcmp(*argv,"-crlext") == 0)
-			{
-			BIO_printf(bio_err,"use -clrext instead of -crlext\n");
-			clrext = 1;
-			}
-#endif
-		else if (strcmp(*argv,"-ocspid") == 0)
-			ocspid= ++num;
-		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=x509_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (need_rand)
-		app_RAND_load_file(NULL, bio_err, 0);
-
-	ERR_load_crypto_strings();
-
-	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (!X509_STORE_set_default_paths(ctx))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM))
-		{ CAkeyfile=CAfile; }
-	else if ((CA_flag) && (CAkeyfile == NULL))
-		{
-		BIO_printf(bio_err,"need to specify a CAkey if using the CA command\n");
-		goto end;
-		}
-
-	if (extfile)
-		{
-		long errorline = -1;
-		X509V3_CTX ctx2;
-		extconf = NCONF_new(NULL);
-		if (!NCONF_load(extconf, extfile,&errorline))
-			{
-			if (errorline <= 0)
-				BIO_printf(bio_err,
-					"error loading the config file '%s'\n",
-								extfile);
-                	else
-                        	BIO_printf(bio_err,
-				       "error on line %ld of config file '%s'\n"
-							,errorline,extfile);
-			goto end;
-			}
-		if (!extsect)
-			{
-			extsect = NCONF_get_string(extconf, "default", "extensions");
-			if (!extsect)
-				{
-				ERR_clear_error();
-				extsect = "default";
-				}
-			}
-		X509V3_set_ctx_test(&ctx2);
-		X509V3_set_nconf(&ctx2, extconf);
-		if (!X509V3_EXT_add_nconf(extconf, &ctx2, extsect, NULL))
-			{
-			BIO_printf(bio_err,
-				"Error Loading extension section %s\n",
-								 extsect);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-
-	if (reqfile)
-		{
-		EVP_PKEY *pkey;
-		X509_CINF *ci;
-		BIO *in;
-
-		if (!sign_flag && !CA_flag)
-			{
-			BIO_printf(bio_err,"We need a private key to sign with\n");
-			goto end;
-			}
-		in=BIO_new(BIO_s_file());
-		if (in == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				BIO_free(in);
-				goto end;
-				}
-			}
-		req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL);
-		BIO_free(in);
-
-		if (req == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (	(req->req_info == NULL) ||
-			(req->req_info->pubkey == NULL) ||
-			(req->req_info->pubkey->public_key == NULL) ||
-			(req->req_info->pubkey->public_key->data == NULL))
-			{
-			BIO_printf(bio_err,"The certificate request appears to corrupted\n");
-			BIO_printf(bio_err,"It does not contain a public key\n");
-			goto end;
-			}
-		if ((pkey=X509_REQ_get_pubkey(req)) == NULL)
-	                {
-	                BIO_printf(bio_err,"error unpacking public key\n");
-	                goto end;
-	                }
-		i=X509_REQ_verify(req,pkey);
-		EVP_PKEY_free(pkey);
-		if (i < 0)
-			{
-			BIO_printf(bio_err,"Signature verification error\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	        if (i == 0)
-			{
-			BIO_printf(bio_err,"Signature did not match the certificate request\n");
-			goto end;
-			}
-		else
-			BIO_printf(bio_err,"Signature ok\n");
-
-		print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
-
-		if ((x=X509_new()) == NULL) goto end;
-		ci=x->cert_info;
-
-		if (sno)
-			{
-			if (!X509_set_serialNumber(x, sno))
-				goto end;
-			}
-		else if (!ASN1_INTEGER_set(X509_get_serialNumber(x),0)) goto end;
-		if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
-		if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
-
-		X509_gmtime_adj(X509_get_notBefore(x),0);
-	        X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
-
-		pkey = X509_REQ_get_pubkey(req);
-		X509_set_pubkey(x,pkey);
-		EVP_PKEY_free(pkey);
-		}
-	else
-		x=load_cert(bio_err,infile,informat,NULL,e,"Certificate");
-
-	if (x == NULL) goto end;
-	if (CA_flag)
-		{
-		xca=load_cert(bio_err,CAfile,CAformat,NULL,e,"CA Certificate");
-		if (xca == NULL) goto end;
-		}
-
-	if (!noout || text)
-		{
-		OBJ_create("2.99999.3",
-			"SET.ex3","SET x509v3 extension 3");
-
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (outfile == NULL)
-			{
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
-				perror(outfile);
-				goto end;
-				}
-			}
-		}
-
-	if (alias) X509_alias_set1(x, (unsigned char *)alias, -1);
-
-	if (clrtrust) X509_trust_clear(x);
-	if (clrreject) X509_reject_clear(x);
-
-	if (trust)
-		{
-		for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++)
-			{
-			objtmp = sk_ASN1_OBJECT_value(trust, i);
-			X509_add1_trust_object(x, objtmp);
-			}
-		}
-
-	if (reject)
-		{
-		for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++)
-			{
-			objtmp = sk_ASN1_OBJECT_value(reject, i);
-			X509_add1_reject_object(x, objtmp);
-			}
-		}
-
-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				print_name(STDout, "issuer= ",
-					X509_get_issuer_name(x), nmflag);
-				}
-			else if (subject == i) 
-				{
-				print_name(STDout, "subject= ",
-					X509_get_subject_name(x), nmflag);
-				}
-			else if (serial == i)
-				{
-				BIO_printf(STDout,"serial=");
-				i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
-				BIO_printf(STDout,"\n");
-				}
-			else if (email == i) 
-				{
-				int j;
-				STACK *emlst;
-				emlst = X509_get1_email(x);
-				for (j = 0; j < sk_num(emlst); j++)
-					BIO_printf(STDout, "%s\n", sk_value(emlst, j));
-				X509_email_free(emlst);
-				}
-			else if (aliasout == i)
-				{
-				unsigned char *alstr;
-				alstr = X509_alias_get0(x, NULL);
-				if (alstr) BIO_printf(STDout,"%s\n", alstr);
-				else BIO_puts(STDout,"<No Alias>\n");
-				}
-			else if (hash == i)
-				{
-				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
-				}
-			else if (pprint == i)
-				{
-				X509_PURPOSE *ptmp;
-				int j;
-				BIO_printf(STDout, "Certificate purposes:\n");
-				for (j = 0; j < X509_PURPOSE_get_count(); j++)
-					{
-					ptmp = X509_PURPOSE_get0(j);
-					purpose_print(STDout, x, ptmp);
-					}
-				}
-			else
-				if (modulus == i)
-				{
-				EVP_PKEY *pkey;
-
-				pkey=X509_get_pubkey(x);
-				if (pkey == NULL)
-					{
-					BIO_printf(bio_err,"Modulus=unavailable\n");
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				BIO_printf(STDout,"Modulus=");
-#ifndef OPENSSL_NO_RSA
-				if (pkey->type == EVP_PKEY_RSA)
-					BN_print(STDout,pkey->pkey.rsa->n);
-				else
-#endif
-#ifndef OPENSSL_NO_DSA
-				if (pkey->type == EVP_PKEY_DSA)
-					BN_print(STDout,pkey->pkey.dsa->pub_key);
-				else
-#endif
-					BIO_printf(STDout,"Wrong Algorithm type");
-				BIO_printf(STDout,"\n");
-				EVP_PKEY_free(pkey);
-				}
-			else
-				if (pubkey == i)
-				{
-				EVP_PKEY *pkey;
-
-				pkey=X509_get_pubkey(x);
-				if (pkey == NULL)
-					{
-					BIO_printf(bio_err,"Error getting public key\n");
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				PEM_write_bio_PUBKEY(STDout, pkey);
-				EVP_PKEY_free(pkey);
-				}
-			else
-				if (C == i)
-				{
-				unsigned char *d;
-				char *m;
-				int y,z;
-
-				X509_NAME_oneline(X509_get_subject_name(x),
-					buf,sizeof buf);
-				BIO_printf(STDout,"/* subject:%s */\n",buf);
-				m=X509_NAME_oneline(
-					X509_get_issuer_name(x),buf,
-					sizeof buf);
-				BIO_printf(STDout,"/* issuer :%s */\n",buf);
-
-				z=i2d_X509(x,NULL);
-				m=OPENSSL_malloc(z);
-
-				d=(unsigned char *)m;
-				z=i2d_X509_NAME(X509_get_subject_name(x),&d);
-				BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z);
-				d=(unsigned char *)m;
-				for (y=0; y<z; y++)
-					{
-					BIO_printf(STDout,"0x%02X,",d[y]);
-					if ((y & 0x0f) == 0x0f) BIO_printf(STDout,"\n");
-					}
-				if (y%16 != 0) BIO_printf(STDout,"\n");
-				BIO_printf(STDout,"};\n");
-
-				z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d);
-				BIO_printf(STDout,"unsigned char XXX_public_key[%d]={\n",z);
-				d=(unsigned char *)m;
-				for (y=0; y<z; y++)
-					{
-					BIO_printf(STDout,"0x%02X,",d[y]);
-					if ((y & 0x0f) == 0x0f)
-						BIO_printf(STDout,"\n");
-					}
-				if (y%16 != 0) BIO_printf(STDout,"\n");
-				BIO_printf(STDout,"};\n");
-
-				z=i2d_X509(x,&d);
-				BIO_printf(STDout,"unsigned char XXX_certificate[%d]={\n",z);
-				d=(unsigned char *)m;
-				for (y=0; y<z; y++)
-					{
-					BIO_printf(STDout,"0x%02X,",d[y]);
-					if ((y & 0x0f) == 0x0f)
-						BIO_printf(STDout,"\n");
-					}
-				if (y%16 != 0) BIO_printf(STDout,"\n");
-				BIO_printf(STDout,"};\n");
-
-				OPENSSL_free(m);
-				}
-			else if (text == i)
-				{
-				X509_print_ex(out,x,nmflag, certflag);
-				}
-			else if (startdate == i)
-				{
-				BIO_puts(STDout,"notBefore=");
-				ASN1_TIME_print(STDout,X509_get_notBefore(x));
-				BIO_puts(STDout,"\n");
-				}
-			else if (enddate == i)
-				{
-				BIO_puts(STDout,"notAfter=");
-				ASN1_TIME_print(STDout,X509_get_notAfter(x));
-				BIO_puts(STDout,"\n");
-				}
-			else if (fingerprint == i)
-				{
-				int j;
-				unsigned int n;
-				unsigned char md[EVP_MAX_MD_SIZE];
-
-				if (!X509_digest(x,digest,md,&n))
-					{
-					BIO_printf(bio_err,"out of memory\n");
-					goto end;
-					}
-				BIO_printf(STDout,"%s Fingerprint=",
-						OBJ_nid2sn(EVP_MD_type(digest)));
-				for (j=0; j<(int)n; j++)
-					{
-					BIO_printf(STDout,"%02X%c",md[j],
-						(j+1 == (int)n)
-						?'\n':':');
-					}
-				}
-
-			/* should be in the library */
-			else if ((sign_flag == i) && (x509req == 0))
-				{
-				BIO_printf(bio_err,"Getting Private key\n");
-				if (Upkey == NULL)
-					{
-					Upkey=load_key(bio_err,
-						keyfile, keyformat, 0,
-						passin, e, "Private key");
-					if (Upkey == NULL) goto end;
-					}
-#ifndef OPENSSL_NO_DSA
-		                if (Upkey->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-
-				assert(need_rand);
-				if (!sign(x,Upkey,days,clrext,digest,
-						 extconf, extsect)) goto end;
-				}
-			else if (CA_flag == i)
-				{
-				BIO_printf(bio_err,"Getting CA Private Key\n");
-				if (CAkeyfile != NULL)
-					{
-					CApkey=load_key(bio_err,
-						CAkeyfile, CAkeyformat,
-						0, passin, e,
-						"CA Private Key");
-					if (CApkey == NULL) goto end;
-					}
-#ifndef OPENSSL_NO_DSA
-		                if (CApkey->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-				
-				assert(need_rand);
-				if (!x509_certify(ctx,CAfile,digest,x,xca,
-					CApkey, CAserial,CA_createserial,days, clrext,
-					extconf, extsect, sno))
-					goto end;
-				}
-			else if (x509req == i)
-				{
-				EVP_PKEY *pk;
-
-				BIO_printf(bio_err,"Getting request Private Key\n");
-				if (keyfile == NULL)
-					{
-					BIO_printf(bio_err,"no request key file specified\n");
-					goto end;
-					}
-				else
-					{
-					pk=load_key(bio_err,
-						keyfile, FORMAT_PEM, 0,
-						passin, e, "request key");
-					if (pk == NULL) goto end;
-					}
-
-				BIO_printf(bio_err,"Generating certificate request\n");
-
-#ifndef OPENSSL_NO_DSA
-		                if (pk->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-
-				rq=X509_to_X509_REQ(x,pk,digest);
-				EVP_PKEY_free(pk);
-				if (rq == NULL)
-					{
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				if (!noout)
-					{
-					X509_REQ_print(out,rq);
-					PEM_write_bio_X509_REQ(out,rq);
-					}
-				noout=1;
-				}
-			else if (ocspid == i)
-				{
-				X509_ocspid_print(out, x);
-				}
-			}
-		}
-
-	if (checkend)
-		{
-		time_t tnow=time(NULL);
-
-		if (ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(x), tnow+checkoffset) == -1)
-			{
-			BIO_printf(out,"Certificate will expire\n");
-			ret=1;
-			}
-		else
-			{
-			BIO_printf(out,"Certificate will not expire\n");
-			ret=0;
-			}
-		goto end;
-		}
-
-	if (noout)
-		{
-		ret=0;
-		goto end;
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_X509_bio(out,x);
-	else if (outformat == FORMAT_PEM)
-		{
-		if (trustout) i=PEM_write_bio_X509_AUX(out,x);
-		else i=PEM_write_bio_X509(out,x);
-		}
-	else if (outformat == FORMAT_NETSCAPE)
-		{
-		ASN1_HEADER ah;
-		ASN1_OCTET_STRING os;
-
-		os.data=(unsigned char *)NETSCAPE_CERT_HDR;
-		os.length=strlen(NETSCAPE_CERT_HDR);
-		ah.header= &os;
-		ah.data=(char *)x;
-		ah.meth=X509_asn1_meth();
-
-		/* no macro for this one yet */
-		i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah);
-		}
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write certificate\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	OBJ_cleanup();
-	NCONF_free(extconf);
-	BIO_free_all(out);
-	BIO_free_all(STDout);
-	X509_STORE_free(ctx);
-	X509_REQ_free(req);
-	X509_free(x);
-	X509_free(xca);
-	EVP_PKEY_free(Upkey);
-	EVP_PKEY_free(CApkey);
-	X509_REQ_free(rq);
-	ASN1_INTEGER_free(sno);
-	sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
-	sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
-	if (passin) OPENSSL_free(passin);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
-	{
-	char *buf = NULL, *p;
-	MS_STATIC char buf2[1024];
-	ASN1_INTEGER *bs = NULL, *bs2 = NULL;
-	BIO *io = NULL;
-	BIGNUM *serial = NULL;
-
-	buf=OPENSSL_malloc( ((serialfile == NULL)
-			?(strlen(CAfile)+strlen(POSTFIX)+1)
-			:(strlen(serialfile)))+1);
-	if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
-	if (serialfile == NULL)
-		{
-		strcpy(buf,CAfile);
-		for (p=buf; *p; p++)
-			if (*p == '.')
-				{
-				*p='\0';
-				break;
-				}
-		strcat(buf,POSTFIX);
-		}
-	else
-		strcpy(buf,serialfile);
-	serial=BN_new();
-	bs=ASN1_INTEGER_new();
-	if ((serial == NULL) || (bs == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	io=BIO_new(BIO_s_file());
-	if (io == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-	if (BIO_read_filename(io,buf) <= 0)
-		{
-		if (!create)
-			{
-			perror(buf);
-			goto end;
-			}
-		else
-			{
-			ASN1_INTEGER_set(bs,1);
-			BN_one(serial);
-			}
-		}
-	else 
-		{
-		if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2))
-			{
-			BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		else
-			{
-			serial=BN_bin2bn(bs->data,bs->length,serial);
-			if (serial == NULL)
-				{
-				BIO_printf(bio_err,"error converting bin 2 bn");
-				goto end;
-				}
-			}
-		}
-
-	if (!BN_add_word(serial,1))
-		{ BIO_printf(bio_err,"add_word failure\n"); goto end; }
-	if (!(bs2 = BN_to_ASN1_INTEGER(serial, NULL)))
-		{ BIO_printf(bio_err,"error converting bn 2 asn1_integer\n"); goto end; }
-	if (BIO_write_filename(io,buf) <= 0)
-		{
-		BIO_printf(bio_err,"error attempting to write serial number file\n");
-		perror(buf);
-		goto end;
-		}
-	i2a_ASN1_INTEGER(io,bs2);
-	BIO_puts(io,"\n");
-
-	BIO_free(io);
-	if (buf) OPENSSL_free(buf);
-	ASN1_INTEGER_free(bs2);
-	BN_free(serial);
-	io=NULL;
-	return bs;
-
-	end:
-	if (buf) OPENSSL_free(buf);
-	BIO_free(io);
-	ASN1_INTEGER_free(bs);
-	BN_free(serial);
-	return NULL;
-
-	}
-
-static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
-	     X509 *x, X509 *xca, EVP_PKEY *pkey, char *serialfile, int create,
-	     int days, int clrext, CONF *conf, char *section, ASN1_INTEGER *sno)
-	{
-	int ret=0;
-	ASN1_INTEGER *bs=NULL;
-	X509_STORE_CTX xsc;
-	EVP_PKEY *upkey;
-
-	upkey = X509_get_pubkey(xca);
-	EVP_PKEY_copy_parameters(upkey,pkey);
-	EVP_PKEY_free(upkey);
-
-	if(!X509_STORE_CTX_init(&xsc,ctx,x,NULL))
-		{
-		BIO_printf(bio_err,"Error initialising X509 store\n");
-		goto end;
-		}
-	if (sno) bs = sno;
-	else if (!(bs = load_serial(CAfile, serialfile, create)))
-		goto end;
-
-	if (!X509_STORE_add_cert(ctx,x)) goto end;
-
-	/* NOTE: this certificate can/should be self signed, unless it was
-	 * a certificate request in which case it is not. */
-	X509_STORE_CTX_set_cert(&xsc,x);
-	if (!reqfile && !X509_verify_cert(&xsc))
-		goto end;
-
-	if (!X509_check_private_key(xca,pkey))
-		{
-		BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
-		goto end;
-		}
-
-	if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
-	if (!X509_set_serialNumber(x,bs)) goto end;
-
-	if (X509_gmtime_adj(X509_get_notBefore(x),0L) == NULL)
-		goto end;
-
-	/* hardwired expired */
-	if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
-		goto end;
-
-	if (clrext)
-		{
-		while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0);
-		}
-
-	if (conf)
-		{
-		X509V3_CTX ctx2;
-		X509_set_version(x,2); /* version 3 certificate */
-                X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
-                X509V3_set_nconf(&ctx2, conf);
-                if (!X509V3_EXT_add_nconf(conf, &ctx2, section, x)) goto end;
-		}
-
-	if (!X509_sign(x,pkey,digest)) goto end;
-	ret=1;
-end:
-	X509_STORE_CTX_cleanup(&xsc);
-	if (!ret)
-		ERR_print_errors(bio_err);
-	if (!sno) ASN1_INTEGER_free(bs);
-	return ret;
-	}
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
-	{
-	int err;
-	X509 *err_cert;
-
-	/* it is ok to use a self signed certificate
-	 * This case will catch both the initial ok == 0 and the
-	 * final ok == 1 calls to this function */
-	err=X509_STORE_CTX_get_error(ctx);
-	if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
-		return 1;
-
-	/* BAD we should have gotten an error.  Normally if everything
-	 * worked X509_STORE_CTX_get_error(ctx) will still be set to
-	 * DEPTH_ZERO_SELF_.... */
-	if (ok)
-		{
-		BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n");
-		return 0;
-		}
-	else
-		{
-		err_cert=X509_STORE_CTX_get_current_cert(ctx);
-		print_name(bio_err, NULL, X509_get_subject_name(err_cert),0);
-		BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n",
-			err,X509_STORE_CTX_get_error_depth(ctx),
-			X509_verify_cert_error_string(err));
-		return 1;
-		}
-	}
-
-/* self sign */
-static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, 
-						CONF *conf, char *section)
-	{
-
-	EVP_PKEY *pktmp;
-
-	pktmp = X509_get_pubkey(x);
-	EVP_PKEY_copy_parameters(pktmp,pkey);
-	EVP_PKEY_save_parameters(pktmp,1);
-	EVP_PKEY_free(pktmp);
-
-	if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
-	if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;
-
-	/* Lets just make it 12:00am GMT, Jan 1 1970 */
-	/* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
-	/* 28 days to be certified */
-
-	if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
-		goto err;
-
-	if (!X509_set_pubkey(x,pkey)) goto err;
-	if (clrext)
-		{
-		while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0);
-		}
-	if (conf)
-		{
-		X509V3_CTX ctx;
-		X509_set_version(x,2); /* version 3 certificate */
-                X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);
-                X509V3_set_nconf(&ctx, conf);
-                if (!X509V3_EXT_add_nconf(conf, &ctx, section, x)) goto err;
-		}
-	if (!X509_sign(x,pkey,digest)) goto err;
-	return 1;
-err:
-	ERR_print_errors(bio_err);
-	return 0;
-	}
-
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
-{
-	int id, i, idret;
-	char *pname;
-	id = X509_PURPOSE_get_id(pt);
-	pname = X509_PURPOSE_get0_name(pt);
-	for (i = 0; i < 2; i++)
-		{
-		idret = X509_check_purpose(cert, id, i);
-		BIO_printf(bio, "%s%s : ", pname, i ? " CA" : ""); 
-		if (idret == 1) BIO_printf(bio, "Yes\n");
-		else if (idret == 0) BIO_printf(bio, "No\n");
-		else BIO_printf(bio, "Yes (WARNING code=%d)\n", idret);
-		}
-	return 1;
-}
diff --git a/crypto/openssl/bugs/MS b/crypto/openssl/bugs/MS
deleted file mode 100644
index a1dcfb90de20..000000000000
--- a/crypto/openssl/bugs/MS
+++ /dev/null
@@ -1,7 +0,0 @@
-If you use the function that does an fopen inside the DLL, it's malloc
-will be used and when the function is then written inside, more
-hassles
-....
-
-
-think about it.
diff --git a/crypto/openssl/bugs/SSLv3 b/crypto/openssl/bugs/SSLv3
deleted file mode 100644
index db53e1343a0e..000000000000
--- a/crypto/openssl/bugs/SSLv3
+++ /dev/null
@@ -1,49 +0,0 @@
-So far...
-
-ssl3.netscape.com:443 does not support client side dynamic
-session-renegotiation.
-
-ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN
-in an invalid format (the outer sequence is removed).
-
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when opperating in SSLv2/v3 compatablity mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
-
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
-
-ssl3.netscape.com:443, first a connection is established with RC4-MD5.
-If it is then resumed, we end up using DES-CBC3-SHA.  It should be
-RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
-Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
-It only really shows up when connecting via SSLv2/v3 then reconnecting
-via SSLv3. The cipher list changes....
-NEW INFORMATION.  Try connecting with a cipher list of just
-DES-CBC-SHA:RC4-MD5.  For some weird reason, each new connection uses
-RC4-MD5, but a re-connect tries to use DES-CBC-SHA.  So netscape, when
-doing a re-connect, always takes the first cipher in the cipher list.
-
-If we accept a netscape connection, demand a client cert, have a
-non-self-sighed CA which does not have it's CA in netscape, and the
-browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
-
-Netscape browsers do not really notice the server sending a
-close notify message.  I was sending one, and then some invalid data.
-netscape complained of an invalid mac. (a fork()ed child doing a
-SSL_shutdown() and still sharing the socket with its parent).
-
-Netscape, when using export ciphers, will accept a 1024 bit temporary
-RSA key.  It is supposed to only accept 512.
-
-If Netscape connects to a server which requests a client certificate
-it will frequently hang after the user has selected one and never
-complete the connection. Hitting "Stop" and reload fixes this and
-all subsequent connections work fine. This appears to be because 
-Netscape wont read any new records in when it is awaiting a server
-done message at this point. The fix is to send the certificate request
-and server done messages in one record.
diff --git a/crypto/openssl/bugs/VC16.bug b/crypto/openssl/bugs/VC16.bug
deleted file mode 100644
index 7815bb5c77ea..000000000000
--- a/crypto/openssl/bugs/VC16.bug
+++ /dev/null
@@ -1,18 +0,0 @@
-Microsoft (R) C/C++ Optimizing Compiler Version 8.00c
-
-Compile with /O2 chokes the compiler on these files
-
-crypto\md\md5_dgst.c		warning '@(#)reg86.c:1.26', line 1110
-crypto\des\ofb64ede.c		warning '@(#)grammar.c:1.147', line 168
-crypto\des\ofb64enc.c		warning '@(#)grammar.c:1.147', line 168
-crypto\des\qud_cksm.c		warning '@(#)grammar.c:1.147', line 168
-crypto\rc2\rc2ofb64.c		warning '@(#)grammar.c:1.147', line 168
-crypto\objects\obj_dat.c	warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-crypto\objects\obj_lib.c	warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-ssl\ssl_auth.c			warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-
-Turning on /G3 with build flags that worked fine for /G2 came up with
-divide by zero errors in 'normal' code in speed.c :-(
diff --git a/crypto/openssl/bugs/alpha.c b/crypto/openssl/bugs/alpha.c
deleted file mode 100644
index 701d6a7c7422..000000000000
--- a/crypto/openssl/bugs/alpha.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* bugs/alpha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* while not exactly a bug (ASN1 C leaves this undefined) it is
- * something to watch out for.  This was fine on linux/NT/Solaris but not
- * Alpha */
-
-/* it is basically an example of
- * func(*(a++),*(a++))
- * which parameter is evaluated first?  It is not defined in ASN1 C.
- */
-
-#include <stdio.h>
-
-#define TYPE    unsigned int
-
-void func(a,b)
-TYPE *a;
-TYPE b;
-        {
-        printf("%ld -1 == %ld\n",a[0],b);
-        }
-
-main()
-        {
-        TYPE data[5]={1L,2L,3L,4L,5L};
-        TYPE *p;
-        int i;
-
-        p=data;
-
-        for (i=0; i<4; i++)
-                {
-                func(p,*(p++));
-                }
-        }
diff --git a/crypto/openssl/bugs/dggccbug.c b/crypto/openssl/bugs/dggccbug.c
deleted file mode 100644
index 30e07a60ea4a..000000000000
--- a/crypto/openssl/bugs/dggccbug.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/* NOCW */
-/* dggccbug.c */
-/* bug found by Eric Young (eay@cryptsoft.com) - May 1995 */
-
-#include <stdio.h>
-
-/* There is a bug in
- * gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994)
- * as shipped with DGUX 5.4R3.10 that can be bypassed by defining
- * DG_GCC_BUG in my code.
- * The bug manifests itself by the vaule of a pointer that is
- * used only by reference, not having it's value change when it is used
- * to check for exiting the loop.  Probably caused by there being 2
- * copies of the valiable, one in a register and one being an address
- * that is passed. */
-
-/* compare the out put from
- * gcc dggccbug.c; ./a.out
- * and
- * gcc -O dggccbug.c; ./a.out
- * compile with -DFIXBUG to remove the bug when optimising.
- */
-
-void inc(a)
-int *a;
-	{
-	(*a)++;
-	}
-
-main()
-	{
-	int p=0;
-#ifdef FIXBUG
-	int dummy;
-#endif
-
-	while (p<3)
-		{
-		fprintf(stderr,"%08X\n",p);
-		inc(&p);
-#ifdef FIXBUG
-		dummy+=p;
-#endif
-		}
-	}
diff --git a/crypto/openssl/bugs/sgiccbug.c b/crypto/openssl/bugs/sgiccbug.c
deleted file mode 100644
index 178239d492a2..000000000000
--- a/crypto/openssl/bugs/sgiccbug.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* NOCW */
-/* sgibug.c */
-/* bug found by Eric Young (eay@mincom.oz.au) May 95 */
-
-#include <stdio.h>
-
-/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
- * the only versions of IRIX I have access to.
- * defining FIXBUG removes the bug.
- * (bug is still present in IRIX 6.3 according to
- * Gage <agage@forgetmenot.Mines.EDU>
- */
- 
-/* Compare the output from
- * cc sgiccbug.c; ./a.out
- * and
- * cc -O sgiccbug.c; ./a.out
- */
-
-static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210};
-static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567};
-static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9};
-
-main()
-	{
-	unsigned long r[4];
-	sub(r,a,b);
-	fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]);
-	fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]);
-	fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]);
-	fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]);
-	}
-
-int sub(r,a,b)
-unsigned long *r,*a,*b;
-	{
-	register unsigned long t1,t2,*ap,*bp,*rp;
-	int i,carry;
-#ifdef FIXBUG
-	unsigned long dummy;
-#endif
-
-	ap=a;
-	bp=b;
-	rp=r;
-	carry=0;
-	for (i=0; i<4; i++)
-		{
-		t1= *(ap++);
-		t2= *(bp++);
-		t1=(t1-t2);
-#ifdef FIXBUG
-		dummy=t1;
-#endif
-		*(rp++)=t1&0xffffffff;
-		}
-	}
diff --git a/crypto/openssl/bugs/sslref.dif b/crypto/openssl/bugs/sslref.dif
deleted file mode 100644
index 0aa92bfe6de8..000000000000
--- a/crypto/openssl/bugs/sslref.dif
+++ /dev/null
@@ -1,26 +0,0 @@
-The February 9th, 1995 version of the SSL document differs from
-https://www.netscape.com in the following ways.
-=====
-The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is
-KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID]
-not
-KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID]
-as specified in the documentation.
-=====
-From the section 2.6 Server Only Protocol Messages
-
-If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE,
-CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero. 
-
-This is not true for https://www.netscape.com.  The CERTIFICATE-TYPE
-is returned as 1.
-=====
-I have not tested the following but it is reported by holtzman@mit.edu.
-
-SSLref clients wait to recieve a server-verify before they send a
-client-finished.  Besides this not being evident from the examples in
-2.2.1, it makes more sense to always send all packets you can before
-reading.  SSLeay was waiting in the server to recieve a client-finish
-before sending the server-verify :-).  I have changed SSLeay to send a
-server-verify before trying to read the client-finished.
-
diff --git a/crypto/openssl/bugs/stream.c b/crypto/openssl/bugs/stream.c
deleted file mode 100644
index c3b5e867d284..000000000000
--- a/crypto/openssl/bugs/stream.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* bugs/stream.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/rc4.h>
-#ifdef OPENSSL_NO_DES
-#include <des.h>
-#else
-#include <openssl/des.h>
-#endif
-
-/* show how stream ciphers are not very good.  The mac has no affect
- * on RC4 while it does for cfb DES
- */
-
-main()
-	{
-	fprintf(stderr,"rc4\n");
-	rc4();
-	fprintf(stderr,"cfb des\n");
-	des();
-	}
-
-int des()
-	{
-	des_key_schedule ks;
-	des_cblock iv,key;
-	int num;
-	static char *keystr="01234567";
-	static char *in1="0123456789ABCEDFdata 12345";
-	static char *in2="9876543210abcdefdata 12345";
-	unsigned char out[100];
-	int i;
-
-	des_set_key((des_cblock *)keystr,ks);
-
-	num=0;
-	memset(iv,0,8);
-	des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1);
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-
-	num=0;
-	memset(iv,0,8);
-	des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1);
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-	}
-
-int rc4()
-	{
-	static char *keystr="0123456789abcdef";
-	RC4_KEY key;
-	unsigned char in[100],out[100];
-	int i;
-
-	RC4_set_key(&key,16,keystr);
-	in[0]='\0';
-	strcpy(in,"0123456789ABCEDFdata 12345");
-	RC4(key,26,in,out);
-
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-
-	RC4_set_key(&key,16,keystr);
-	in[0]='\0';
-	strcpy(in,"9876543210abcdefdata 12345");
-	RC4(key,26,in,out);
-
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-	}
diff --git a/crypto/openssl/bugs/ultrixcc.c b/crypto/openssl/bugs/ultrixcc.c
deleted file mode 100644
index 7ba75b140f1f..000000000000
--- a/crypto/openssl/bugs/ultrixcc.c
+++ /dev/null
@@ -1,45 +0,0 @@
-#include <stdio.h>
-
-/* This is a cc optimiser bug for ultrix 4.3, mips CPU.
- * What happens is that the compiler, due to the (a)&7,
- * does
- * i=a&7;
- * i--;
- * i*=4;
- * Then uses i as the offset into a jump table.
- * The problem is that a value of 0 generates an offset of
- * 0xfffffffc.
- */
-
-main()
-	{
-	f(5);
-	f(0);
-	}
-
-int f(a)
-int a;
-	{
-	switch(a&7)
-		{
-	case 7:
-		printf("7\n");
-	case 6:
-		printf("6\n");
-	case 5:
-		printf("5\n");
-	case 4:
-		printf("4\n");
-	case 3:
-		printf("3\n");
-	case 2:
-		printf("2\n");
-	case 1:
-		printf("1\n");
-#ifdef FIX_BUG
-	case 0:
-		;
-#endif
-		}
-	}	
-
diff --git a/crypto/openssl/certs/ICE-CA.pem b/crypto/openssl/certs/ICE-CA.pem
deleted file mode 100644
index 75652366c2a4..000000000000
--- a/crypto/openssl/certs/ICE-CA.pem
+++ /dev/null
@@ -1,59 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:35:53 1997 GMT
-            Not After : Apr  2 17:35:53 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
-                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
-                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
-                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
-                    49:11:a5:c9:45
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0.........z.."p......e..
-            X509v3 Subject Key Identifier: 
-                ..~r..:..B.44fu......3
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...
-            X509v3 Subject Alternative Name: 
-                0!..secude-support@darmstadt.gmd.de
-            X509v3 Issuer Alternative Name: 
-                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
-            X509v3 Basic Constraints: critical
-                0....
-            X509v3 CRL Distribution Points: 
-                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
-    Signature Algorithm: md5WithRSAEncryption
-        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
-        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
-        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
-        88:73:cd:60:28:79:a3:fc:48:7a
------BEGIN CERTIFICATE-----
-MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
-AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
-BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
-IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
-NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
-MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
-VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
-LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
-/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
-aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
-7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/ICE-root.pem b/crypto/openssl/certs/ICE-root.pem
deleted file mode 100644
index fa991599c9fe..000000000000
--- a/crypto/openssl/certs/ICE-root.pem
+++ /dev/null
@@ -1,48 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:33:36 1997 GMT
-            Not After : Apr  2 17:33:36 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
-                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
-                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
-                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
-                    e7:c7:9f:41:cd
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                ........z.."p......e..
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Subject Alternative Name: 
-                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
-            X509v3 Basic Constraints: critical
-                0....
-    Signature Algorithm: md5WithRSAEncryption
-        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
-        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
-        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
-        7e:22:9f:25:06:60:bd:79:30:3d
------BEGIN CERTIFICATE-----
-MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
-EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
-0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
-ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
-dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
-LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
-iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
-fiKfJQZgvXkwPQ==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/ICE-user.pem b/crypto/openssl/certs/ICE-user.pem
deleted file mode 100644
index 28065fd37d62..000000000000
--- a/crypto/openssl/certs/ICE-user.pem
+++ /dev/null
@@ -1,63 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Validity
-            Not Before: Apr  2 17:35:59 1997 GMT
-            Not After : Apr  2 17:35:59 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
-                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
-                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
-                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
-                    be:3e:a4:61:8b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0...~r..:..B.44fu......3
-            X509v3 Subject Key Identifier: 
-                ...... .*...1.*.......
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...0.......
-            X509v3 Subject Alternative Name: 
-                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
-            X509v3 Issuer Alternative Name: 
-                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
-..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
-            X509v3 Basic Constraints: critical
-                0.
-            X509v3 CRL Distribution Points: 
-                0.0.......gmdca@gmd.de
-    Signature Algorithm: md5WithRSAEncryption
-        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
-        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
-        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
-        9a:f7:6f:63:9b:94:99:83:d6:a4
------BEGIN CERTIFICATE-----
-MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
-OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
-Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
-EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
-qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
-BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
-nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
-A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
-HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
-YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
-dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
-VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
-Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
-ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
-DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/ICE.crl b/crypto/openssl/certs/ICE.crl
deleted file mode 100644
index 21939e8cc4a4..000000000000
--- a/crypto/openssl/certs/ICE.crl
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN X509 CRL-----
-MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
-VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
-NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
-WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
-i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
-KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
-mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
------END X509 CRL-----
diff --git a/crypto/openssl/certs/RegTP-4R.pem b/crypto/openssl/certs/RegTP-4R.pem
deleted file mode 100644
index 6f2c6abccd6c..000000000000
--- a/crypto/openssl/certs/RegTP-4R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Jan 21 16:04:53 1999 GMT
-notAfter=Jan 21 16:04:53 2004 GMT
-subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
-MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
-dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
-MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
-AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
-dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
-IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
-aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
-jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
-5gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
-JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
-Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
-JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/RegTP-5R.pem b/crypto/openssl/certs/RegTP-5R.pem
deleted file mode 100644
index 9eb79aa17c5d..000000000000
--- a/crypto/openssl/certs/RegTP-5R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=5R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Mar 22 08:55:51 2000 GMT
-notAfter=Mar 22 08:55:51 2005 GMT
-subject= CN=5R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICaDCCAdSgAwIBAgIDDIOqMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w
-OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0
-aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4w
-IhgPMjAwMDAzMjIwODU1NTFaGA8yMDA1MDMyMjA4NTU1MVowbzELMAkGA1UEBhMC
-REUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11
-bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNVItQ0Eg
-MTpQTjCBoTANBgkqhkiG9w0BAQEFAAOBjwAwgYsCgYEAih5BUycfBpqKhU8RDsaS
-vV5AtzWeXQRColL9CH3t0DKnhjKAlJ8iccFtJNv+d3bh8bb9sh0maRSo647xP7hs
-HTjKgTE4zM5BYNfXvST79OtcMgAzrnDiGjQIIWv8xbfV1MqxxdtZJygrwzRMb9jG
-CAGoJEymoyzAMNG7tSdBWnUCBQDAAAABoxIwEDAOBgNVHQ8BAf8EBAMCAQYwCgYG
-KyQDAwECBQADgYEAOaK8ihVSBUcL2IdVBxZYYUKwMz5m7H3zqhN8W9w+iafWudH6
-b+aahkbENEwzg3C3v5g8nze7v7ssacQze657LHjP+e7ksUDIgcS4R1pU2eN16bjS
-P/qGPF3rhrIEHoK5nJULkjkZYTtNiOvmQ/+G70TXDi3Os/TwLlWRvu+7YLM=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/RegTP-6R.pem b/crypto/openssl/certs/RegTP-6R.pem
deleted file mode 100644
index 4d79c74e5ac5..000000000000
--- a/crypto/openssl/certs/RegTP-6R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=6R-Ca 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Feb  1 09:52:17 2001 GMT
-notAfter=Jun  1 09:52:17 2005 GMT
-subject= CN=6R-Ca 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICaDCCAdSgAwIBAgIDMtGNMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w
-OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0
-aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6UE4w
-IhgPMjAwMTAyMDEwOTUyMTdaGA8yMDA1MDYwMTA5NTIxN1owbzELMAkGA1UEBhMC
-REUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11
-bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg
-MTpQTjCBoTANBgkqhkiG9w0BAQEFAAOBjwAwgYsCgYEAg6KrFSTNXKqe+2GKGeW2
-wTmbVeflNkp5H/YxA9K1zmEn5XjKm0S0jH4Wfms6ipPlURVaFwTfnB1s++AnJAWf
-mayaE9BP/pdIY6WtZGgW6aZc32VDMCMKPWyBNyagsJVDmzlakIA5cXBVa7Xqqd3P
-ew8i2feMnQXcqHfDv02CW88CBQDAAAABoxIwEDAOBgNVHQ8BAf8EBAMCAQYwCgYG
-KyQDAwECBQADgYEAOkqkUwdaTCt8wcJLA2zLuOwL5ADHMWLhv6gr5zEF+VckA6qe
-IVLVf8e7fYlRmzQd+5OJcGglCQJLGT+ZplI3Mjnrd4plkoTNKV4iOzBcvJD7K4tn
-XPvs9wCFcC7QU7PLvc1FDsAlr7e4wyefZRDL+wbqNfI7QZTSF1ubLd9AzeQ=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/ca-cert.pem b/crypto/openssl/certs/ca-cert.pem
deleted file mode 100644
index bcba68aefad4..000000000000
--- a/crypto/openssl/certs/ca-cert.pem
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
-MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
-HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
-MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
-ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
-KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
-yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
-b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
-5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
-U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
-R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
-IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
-6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
-3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
-sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/certs/dsa-ca.pem b/crypto/openssl/certs/dsa-ca.pem
deleted file mode 100644
index 9eb08f3ddd45..000000000000
--- a/crypto/openssl/certs/dsa-ca.pem
+++ /dev/null
@@ -1,43 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
-
-svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
-Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
-Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
-par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
-zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
-uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
-rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
-1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
-HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
-MVqOsYxGCb+kez0FoDSTgw==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/certs/dsa-pca.pem b/crypto/openssl/certs/dsa-pca.pem
deleted file mode 100644
index e3641ad47e6b..000000000000
--- a/crypto/openssl/certs/dsa-pca.pem
+++ /dev/null
@@ -1,49 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
-
-GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
-mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
-of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
-FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
-RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
-qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
-diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
-V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
-hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
-dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/certs/expired/ICE-CA.pem b/crypto/openssl/certs/expired/ICE-CA.pem
deleted file mode 100644
index 75652366c2a4..000000000000
--- a/crypto/openssl/certs/expired/ICE-CA.pem
+++ /dev/null
@@ -1,59 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:35:53 1997 GMT
-            Not After : Apr  2 17:35:53 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
-                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
-                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
-                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
-                    49:11:a5:c9:45
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0.........z.."p......e..
-            X509v3 Subject Key Identifier: 
-                ..~r..:..B.44fu......3
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...
-            X509v3 Subject Alternative Name: 
-                0!..secude-support@darmstadt.gmd.de
-            X509v3 Issuer Alternative Name: 
-                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
-            X509v3 Basic Constraints: critical
-                0....
-            X509v3 CRL Distribution Points: 
-                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
-    Signature Algorithm: md5WithRSAEncryption
-        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
-        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
-        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
-        88:73:cd:60:28:79:a3:fc:48:7a
------BEGIN CERTIFICATE-----
-MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
-AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
-BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
-IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
-NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
-MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
-VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
-LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
-/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
-aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
-7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/expired/ICE-root.pem b/crypto/openssl/certs/expired/ICE-root.pem
deleted file mode 100644
index fa991599c9fe..000000000000
--- a/crypto/openssl/certs/expired/ICE-root.pem
+++ /dev/null
@@ -1,48 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:33:36 1997 GMT
-            Not After : Apr  2 17:33:36 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
-                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
-                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
-                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
-                    e7:c7:9f:41:cd
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                ........z.."p......e..
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Subject Alternative Name: 
-                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
-            X509v3 Basic Constraints: critical
-                0....
-    Signature Algorithm: md5WithRSAEncryption
-        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
-        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
-        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
-        7e:22:9f:25:06:60:bd:79:30:3d
------BEGIN CERTIFICATE-----
-MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
-EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
-0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
-ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
-dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
-LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
-iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
-fiKfJQZgvXkwPQ==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/expired/ICE-user.pem b/crypto/openssl/certs/expired/ICE-user.pem
deleted file mode 100644
index 28065fd37d62..000000000000
--- a/crypto/openssl/certs/expired/ICE-user.pem
+++ /dev/null
@@ -1,63 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Validity
-            Not Before: Apr  2 17:35:59 1997 GMT
-            Not After : Apr  2 17:35:59 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
-                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
-                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
-                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
-                    be:3e:a4:61:8b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0...~r..:..B.44fu......3
-            X509v3 Subject Key Identifier: 
-                ...... .*...1.*.......
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...0.......
-            X509v3 Subject Alternative Name: 
-                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
-            X509v3 Issuer Alternative Name: 
-                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
-..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
-            X509v3 Basic Constraints: critical
-                0.
-            X509v3 CRL Distribution Points: 
-                0.0.......gmdca@gmd.de
-    Signature Algorithm: md5WithRSAEncryption
-        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
-        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
-        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
-        9a:f7:6f:63:9b:94:99:83:d6:a4
------BEGIN CERTIFICATE-----
-MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
-OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
-Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
-EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
-qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
-BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
-nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
-A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
-HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
-YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
-dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
-VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
-Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
-ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
-DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/expired/ICE.crl b/crypto/openssl/certs/expired/ICE.crl
deleted file mode 100644
index 21939e8cc4a4..000000000000
--- a/crypto/openssl/certs/expired/ICE.crl
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN X509 CRL-----
-MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
-VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
-NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
-WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
-i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
-KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
-mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
------END X509 CRL-----
diff --git a/crypto/openssl/certs/expired/rsa-ssca.pem b/crypto/openssl/certs/expired/rsa-ssca.pem
deleted file mode 100644
index c9403212d183..000000000000
--- a/crypto/openssl/certs/expired/rsa-ssca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
diff --git a/crypto/openssl/certs/factory.pem b/crypto/openssl/certs/factory.pem
deleted file mode 100644
index 8e28b391b2f3..000000000000
--- a/crypto/openssl/certs/factory.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/nortelCA.pem b/crypto/openssl/certs/nortelCA.pem
deleted file mode 100644
index 207f34ab3a7d..000000000000
--- a/crypto/openssl/certs/nortelCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/certs/pca-cert.pem b/crypto/openssl/certs/pca-cert.pem
deleted file mode 100644
index 9d754d460d57..000000000000
--- a/crypto/openssl/certs/pca-cert.pem
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
-MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
-HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
-MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
-ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
-ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
-V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
-JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
-S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
-aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
-1kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
-+Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
-JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
-Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/certs/rsa-cca.pem b/crypto/openssl/certs/rsa-cca.pem
deleted file mode 100644
index 69f5c1c84cd7..000000000000
--- a/crypto/openssl/certs/rsa-cca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
diff --git a/crypto/openssl/certs/rsa-ssca.pem b/crypto/openssl/certs/rsa-ssca.pem
deleted file mode 100644
index c9403212d183..000000000000
--- a/crypto/openssl/certs/rsa-ssca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
diff --git a/crypto/openssl/certs/thawteCb.pem b/crypto/openssl/certs/thawteCb.pem
deleted file mode 100644
index 27df192f0d08..000000000000
--- a/crypto/openssl/certs/thawteCb.pem
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
-MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
-MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
-DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
-dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
-cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
-DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
-yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
-L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
-EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
-7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
-QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
-qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/thawteCp.pem b/crypto/openssl/certs/thawteCp.pem
deleted file mode 100644
index 51285e33c2fc..000000000000
--- a/crypto/openssl/certs/thawteCp.pem
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
-dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
-MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
-MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
-A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
-cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
-VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
-ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
-uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
-9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
-hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
-pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/timCA.pem b/crypto/openssl/certs/timCA.pem
deleted file mode 100644
index 9c8d5bf9c690..000000000000
--- a/crypto/openssl/certs/timCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/certs/tjhCA.pem b/crypto/openssl/certs/tjhCA.pem
deleted file mode 100644
index 67bee1b20018..000000000000
--- a/crypto/openssl/certs/tjhCA.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/vsign1.pem b/crypto/openssl/certs/vsign1.pem
deleted file mode 100644
index 277894d1ff19..000000000000
--- a/crypto/openssl/certs/vsign1.pem
+++ /dev/null
@@ -1,17 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2020 GMT
------BEGIN CERTIFICATE-----
-MIICPDCCAaUCEDJQM89Q0VbzXIGtZVxPyCUwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
-cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
-MDEyOTAwMDAwMFoXDTIwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
-BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
-YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
-zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
-TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
-CSqGSIb3DQEBAgUAA4GBAEtEZmBoZOSYG/OwcuaViXzde7OVwB0u2NgZ0C00PcZQ
-mhCGjKo/O6gE/DdSlcPZydvN8oYGxLEb8IKIMEKOF1AcZHq4PplJdJf8rAJD+5YM
-VgQlDHx8h50kp9jwMim1pN9dokzFFjKoQvZFprY2ueC/ZTaTwtLXa9zeWdaiNfhF
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/vsign2.pem b/crypto/openssl/certs/vsign2.pem
deleted file mode 100644
index d8bdd8c812f1..000000000000
--- a/crypto/openssl/certs/vsign2.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2004 GMT
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
-oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
-uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
-v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
-G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
-1Q==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/vsign3.pem b/crypto/openssl/certs/vsign3.pem
deleted file mode 100644
index aa5bb4c1f32b..000000000000
--- a/crypto/openssl/certs/vsign3.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2004 GMT
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
-RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
-rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
-STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
-ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
-pA==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/vsignss.pem b/crypto/openssl/certs/vsignss.pem
deleted file mode 100644
index 5de48bfcf974..000000000000
--- a/crypto/openssl/certs/vsignss.pem
+++ /dev/null
@@ -1,17 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=Nov  9 00:00:00 1994 GMT
-notAfter=Jan  7 23:59:59 2010 GMT
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----
diff --git a/crypto/openssl/certs/vsigntca.pem b/crypto/openssl/certs/vsigntca.pem
deleted file mode 100644
index 05acf76e66c6..000000000000
--- a/crypto/openssl/certs/vsigntca.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
-notBefore=Mar  4 00:00:00 1997 GMT
-notAfter=Mar  4 23:59:59 2025 GMT
------BEGIN CERTIFICATE-----
-MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
-BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
-cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
-RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
-IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
-NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
-ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
-aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
-aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
-cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
-ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
-ToLEMaUojc3DuNXHG21PDG8=
------END CERTIFICATE-----
diff --git a/crypto/openssl/config b/crypto/openssl/config
deleted file mode 100755
index 88d28735cdf2..000000000000
--- a/crypto/openssl/config
+++ /dev/null
@@ -1,854 +0,0 @@
-#!/bin/sh
-#
-# OpenSSL config: determine the operating system and run ./Configure
-#
-# "config -h" for usage information.
-#
-#          this is a merge of minarch and GuessOS from the Apache Group.
-#          Originally written by Tim Hudson <tjh@cryptsoft.com>.
-
-# Original Apache Group comments on GuessOS
-
-# Simple OS/Platform guesser. Similar to config.guess but
-# much, much smaller. Since it was developed for use with
-# Apache, it follows under Apache's regular licensing
-# with one specific addition: Any changes or additions
-# to this script should be Emailed to the Apache
-# group (apache@apache.org) in general and to
-# Jim Jagielski (jim@jaguNET.com) in specific.
-#
-# Be as similar to the output of config.guess/config.sub
-# as possible.
-
-PREFIX=""
-SUFFIX=""
-TEST="false"
-
-# pick up any command line args to config
-for i
-do
-case "$i" in 
--d*) PREFIX="debug-";;
--t*) TEST="true";;
--h*) TEST="true"; cat <<EOF
-Usage: config [options]
- -d	Add a debug- prefix to machine choice.
- -t	Test mode, do not run the Configure perl script.
- -h	This help.
-
-Any other text will be passed to the Configure perl script.
-See INSTALL for instructions.
-
-EOF
-;;
-*) options=$options" $i" ;;
-esac
-done
-
-# First get uname entries that we use below
-
-MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
-RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
-SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
-VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
-
-
-# Now test for ISC and SCO, since it is has a braindamaged uname.
-#
-# We need to work around FreeBSD 1.1.5.1 
-(
-XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'`
-if [ "x$XREL" != "x" ]; then
-    if [ -f /etc/kconfig ]; then
-	case "$XREL" in
-	    4.0|4.1)
-		    echo "${MACHINE}-whatever-isc4"; exit 0
-		;;
-	esac
-    else
-	case "$XREL" in
-	    3.2v4.2)
-		echo "whatever-whatever-sco3"; exit 0
-		;;
-	    3.2v5.0*)
-		echo "whatever-whatever-sco5"; exit 0
-		;;
-	    4.2MP)
-		case "x${VERSION}" in
-		    x2.0*) echo "whatever-whatever-unixware20"; exit 0 ;;
-		    x2.1*) echo "whatever-whatever-unixware21"; exit 0 ;;
-		    x2*)   echo "whatever-whatever-unixware2";  exit 0 ;;
-		esac
-		;;
-	    4.2)
-		echo "i386-whatever-unixware1"; exit 0
-		;;
-	    5)
-		case "x${VERSION}" in
-		    # We hardcode i586 in place of ${MACHINE} for the
-		    # following reason. The catch is that even though Pentium
-		    # is minimum requirement for platforms in question,
-		    # ${MACHINE} gets always assigned to i386. Now, problem
-		    # with i386 is that it makes ./config pass 386 to
-		    # ./Configure, which in turn makes make generate
-		    # inefficient SHA-1 (for this moment) code.
-		    x7*)  echo "i586-sco-unixware7";           exit 0 ;;
-		    x8*)  echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;;
-		esac
-		;;
-	esac
-    fi
-fi
-# Now we simply scan though... In most cases, the SYSTEM info is enough
-#
-case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
-    MPE/iX:*)
-	MACHINE=`echo "$MACHINE" | sed -e 's/-/_/g'`
-	echo "parisc-hp-MPE/iX"; exit 0
-	;;
-    A/UX:*)
-	echo "m68k-apple-aux3"; exit 0
-	;;
-
-    AIX:[3456789]:4:*)
-	echo "${MACHINE}-ibm-aix43"; exit 0
-	;;
-
-    AIX:*:[56789]:*)
-	echo "${MACHINE}-ibm-aix43"; exit 0
-	;;
-
-    AIX:*)
-	echo "${MACHINE}-ibm-aix"; exit 0
-	;;
-
-    dgux:*)
-	echo "${MACHINE}-dg-dgux"; exit 0
-	;;
-
-    HI-UX:*)
-	echo "${MACHINE}-hi-hiux"; exit 0
-	;;
-
-    HP-UX:*)
-	HPUXVER=`echo ${RELEASE}|sed -e 's/[^.]*.[0B]*//'`
-	case "$HPUXVER" in
-	    1[0-9].*)	# HPUX 10 and 11 targets are unified
-		echo "${MACHINE}-hp-hpux10"; exit 0
-		;;
-	    *)
-		echo "${MACHINE}-hp-hpux"; exit 0
-		;;
-	esac
-	;;
-
-    IRIX:5.*)
-	echo "mips2-sgi-irix"; exit 0
-	;;
-
-    IRIX:6.*)
-	echo "mips3-sgi-irix"; exit 0
-	;;
-
-    IRIX64:*)
-	echo "mips4-sgi-irix64"; exit 0
-	;;
-
-    Linux:[2-9].*)
-	echo "${MACHINE}-whatever-linux2"; exit 0
-	;;
-
-    Linux:1.*)
-	echo "${MACHINE}-whatever-linux1"; exit 0
-	;;
-
-    GNU*)
-	echo "hurd-x86"; exit 0;
-	;;
-
-    LynxOS:*)
-	echo "${MACHINE}-lynx-lynxos"; exit 0
-	;;
-
-    BSD/OS:4.*)  # BSD/OS always says 386
-	echo "i486-whatever-bsdi4"; exit 0
-	;;
-
-    BSD/386:*:*:*486*|BSD/OS:*:*:*:*486*)
-        case `/sbin/sysctl -n hw.model` in
-	    Pentium*)
-                echo "i586-whatever-bsdi"; exit 0
-                ;;
-            *)
-                echo "i386-whatever-bsdi"; exit 0
-                ;;
-            esac;
-	;;
-
-    BSD/386:*|BSD/OS:*)
-	echo "${MACHINE}-whatever-bsdi"; exit 0
-	;;
-
-    FreeBSD:*:*:*386*)
-        VERS=`echo ${RELEASE} | sed -e 's/[-(].*//'`
-        MACH=`sysctl -n hw.model`
-        ARCH='whatever'
-        case ${MACH} in
-           *386*       ) MACH="i386"     ;;
-           *486*       ) MACH="i486"     ;;
-           Pentium\ II*) MACH="i686"     ;;
-           Pentium*    ) MACH="i586"     ;;
-           *           ) MACH="$MACHINE" ;;
-        esac
-        case ${MACH} in
-           i[0-9]86 ) ARCH="pc" ;;
-        esac
-        echo "${MACH}-${ARCH}-freebsd${VERS}"; exit 0
-        ;;
-
-    FreeBSD:*)
-	echo "${MACHINE}-whatever-freebsd"; exit 0
-	;;
-
-    NetBSD:*:*:*386*)
-        echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
-	;;
-
-    NetBSD:*)
-	echo "${MACHINE}-whatever-netbsd"; exit 0
-	;;
-
-    OpenBSD:*)
-	echo "${MACHINE}-whatever-openbsd"; exit 0
-	;;
-
-    OpenUNIX:*)
-	echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0
-	;;
-
-    OSF1:*:*:*alpha*)
-	OSFMAJOR=`echo ${RELEASE}| sed -e 's/^V\([0-9]*\)\..*$/\1/'`
-	case "$OSFMAJOR" in
-	    4|5)
-		echo "${MACHINE}-dec-tru64"; exit 0
-		;;
-	    1|2|3)
-		echo "${MACHINE}-dec-osf"; exit 0
-		;;
-	    *)
-		echo "${MACHINE}-dec-osf"; exit 0
-		;;
-	esac
-	;;
-
-    QNX:*)
-	case "$RELEASE" in
-	    4*)
-		echo "${MACHINE}-whatever-qnx4"
-		;;
-	    6*)
-		echo "${MACHINE}-whatever-qnx6"
-		;;
-	    *)
-		echo "${MACHINE}-whatever-qnx"
-		;;
-	esac
-	exit 0
-	;;
-
-    Paragon*:*:*:*)
-	echo "i860-intel-osf1"; exit 0
-	;;
-
-    Rhapsody:*)
-	echo "ppc-apple-rhapsody"; exit 0
-	;;
-
-    Darwin:*)
-	case "$MACHINE" in
-	    Power*)
-		echo "ppc-apple-darwin${VERSION}"
-		;;
-	    *)
-		echo "i386-apple-darwin${VERSION}"
-		;;
-	esac
-	exit 0
-	;;
-
-    SunOS:5.*)
-	echo "${MACHINE}-whatever-solaris2"; exit 0
-	;;
-
-    SunOS:*)
-	echo "${MACHINE}-sun-sunos4"; exit 0
-	;;
-
-    UNIX_System_V:4.*:*)
-	echo "${MACHINE}-whatever-sysv4"; exit 0
-	;;
-
-    *:4*:R4*:m88k)
-	echo "${MACHINE}-whatever-sysv4"; exit 0
-	;;
-
-    DYNIX/ptx:4*:*)
-	echo "${MACHINE}-whatever-sysv4"; exit 0
-	;;
-
-    *:4.0:3.0:3[34]?? | *:4.0:3.0:3[34]??,*)
-	echo "i486-ncr-sysv4"; exit 0
-	;;
-
-    ULTRIX:*)
-	echo "${MACHINE}-unknown-ultrix"; exit 0
-	;;
-
-    SINIX*|ReliantUNIX*)
-	echo "${MACHINE}-siemens-sysv4"; exit 0
-	;;
-
-    POSIX-BC*)
-	echo "${MACHINE}-siemens-sysv4"; exit 0   # Here, $MACHINE == "BS2000"
-	;;
-
-    machten:*)
-       echo "${MACHINE}-tenon-${SYSTEM}"; exit 0;
-       ;;
-
-    library:*)
-	echo "${MACHINE}-ncr-sysv4"; exit 0
-	;;
-
-    ConvexOS:*:11.0:*)
-	echo "${MACHINE}-v11-${SYSTEM}"; exit 0;
-	;;
-
-    NEWS-OS:4.*)
-	echo "mips-sony-newsos4"; exit 0;
-	;;
-
-    CYGWIN*)
-	case "$RELEASE" in
-	    [bB]*|1.0|1.[12].*)
-		echo "${MACHINE}-whatever-cygwin_pre1.3"
-		;;
-	    *)
-		echo "${MACHINE}-whatever-cygwin"
-		;;
-	esac
-	exit 0
-	;;
-
-    *"CRAY T3E")
-       echo "t3e-cray-unicosmk"; exit 0;
-       ;;
-
-    *CRAY*)
-       echo "j90-cray-unicos"; exit 0;
-       ;;
-
-    NONSTOP_KERNEL*)
-       echo "nsr-tandem-nsk"; exit 0;
-       ;;
-esac
-
-#
-# Ugg. These are all we can determine by what we know about
-# the output of uname. Be more creative:
-#
-
-# Do the Apollo stuff first. Here, we just simply assume
-# that the existance of the /usr/apollo directory is proof
-# enough
-if [ -d /usr/apollo ]; then
-    echo "whatever-apollo-whatever"
-    exit 0
-fi
-
-# Now NeXT
-ISNEXT=`hostinfo 2>/dev/null`
-case "$ISNEXT" in
-    *'NeXT Mach 3.3'*)
-	echo "whatever-next-nextstep3.3"; exit 0
-	;;
-    *NeXT*)
-	echo "whatever-next-nextstep"; exit 0
-	;;
-esac
-
-# At this point we gone through all the one's
-# we know of: Punt
-
-echo "${MACHINE}-whatever-${SYSTEM}" 
-exit 0
-) 2>/dev/null | (
-
-# ---------------------------------------------------------------------------
-# this is where the translation occurs into SSLeay terms
-# ---------------------------------------------------------------------------
-
-# figure out if gcc is available and if so we use it otherwise
-# we fallback to whatever cc does on the system
-GCCVER=`(gcc -dumpversion) 2>/dev/null`
-if [ "$GCCVER" != "" ]; then
-  CC=gcc
-  # then strip off whatever prefix egcs prepends the number with...
-  # Hopefully, this will work for any future prefixes as well.
-  GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'`
-  # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
-  # does give us what we want though, so we use that.  We just just the
-  # major and minor version numbers.
-  # peak single digit before and after first dot, e.g. 2.95.1 gives 29
-  GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
-else
-  CC=cc
-fi
-GCCVER=${GCCVER:-0}
-if [ "$SYSTEM" = "HP-UX" ];then
-  # By default gcc is a ILP32 compiler (with long long == 64).
-  GCC_BITS="32"
-  if [ $GCCVER -ge 30 ]; then
-    # PA64 support only came in with gcc 3.0.x.
-    # We look for the preprocessor symbol __LP64__ indicating
-    # 64bit bit long and pointer.  sizeof(int) == 32 on HPUX64.
-    if gcc -v -E -x c /dev/null 2>&1 | grep __LP64__ > /dev/null; then
-      GCC_BITS="64"
-    fi
-  fi
-fi
-if [ "$SYSTEM" = "SunOS" ]; then
-  if [ $GCCVER -ge 30 ]; then
-    # 64-bit ABI isn't officially supported in gcc 3.0, but it appears
-    # to be working, at the very least 'make test' passes...
-    if gcc -v -E -x c /dev/null 2>&1 | grep __arch64__ > /dev/null; then
-      GCC_ARCH="-m64"
-    else
-      GCC_ARCH="-m32"
-    fi
-  fi
-  # check for WorkShop C, expected output is "cc: blah-blah C x.x"
-  CCVER=`(cc -V 2>&1) 2>/dev/null | \
-  	egrep -e '^cc: .* C [0-9]\.[0-9]' | \
-	sed 's/.* C \([0-9]\)\.\([0-9]\).*/\1\2/'`
-  CCVER=${CCVER:-0}
-  if [ $CCVER -gt 40 ]; then
-    CC=cc	# overrides gcc!!!
-    if [ $CCVER -eq 50 ]; then
-      echo "WARNING! Detected WorkShop C 5.0. Do make sure you have"
-      echo "         patch #107357-01 or later applied."
-      sleep 5
-    fi
-  elif [ "$CC" = "cc" -a $CCVER -gt 0 ]; then
-    CC=sc3
-  fi
-fi
-
-if [ "${SYSTEM}-${MACHINE}" = "Linux-alpha" ]; then
-  # check for Compaq C, expected output is "blah-blah C Vx.x"
-  CCCVER=`(ccc -V 2>&1) 2>/dev/null | \
-	egrep -e '.* C V[0-9]\.[0-9]' | \
-	sed 's/.* C V\([0-9]\)\.\([0-9]\).*/\1\2/'`
-  CCCVER=${CCCVER:-0}
-  if [ $CCCVER -gt 60 ]; then
-    CC=ccc	# overrides gcc!!! well, ccc outperforms inoticeably
-		# only on hash routines and des, otherwise gcc (2.95)
-		# keeps along rather tight...
-  fi
-fi
-
-if [ "${SYSTEM}" = "AIX" ]; then	# favor vendor cc over gcc
-    (cc) 2>&1 | grep -iv "command not found" > /dev/null && CC=cc
-fi
-
-CCVER=${CCVER:-0}
-
-# read the output of the embedded GuessOS 
-read GUESSOS
-
-echo Operating system: $GUESSOS
-
-# now map the output into SSLeay terms ... really should hack into the
-# script above so we end up with values in vars but that would take
-# more time that I want to waste at the moment
-case "$GUESSOS" in
-  mips2-sgi-irix)
-	CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
-	CPU=${CPU:-0}
-	if [ $CPU -ge 4000 ]; then
-		options="$options -mips2"
-	fi
-	OUT="irix-$CC"
-	;;
-  mips3-sgi-irix)
-	CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
-	CPU=${CPU:-0}
-	if [ $CPU -ge 5000 ]; then
-		options="$options -mips4"
-	else
-		options="$options -mips3"
-	fi
-	OUT="irix-mips3-$CC"
-	;;
-  mips4-sgi-irix64)
-	echo "WARNING! If you wish to build 64-bit library, then you have to"
-	echo "         invoke './Configure irix64-mips4-$CC' *manually*."
-	if [ "$TEST" = "false" ]; then
-	  echo "         You have about 5 seconds to press Ctrl-C to abort."
-	  (stty -icanon min 0 time 50; read waste) < /dev/tty
-	fi
-        CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
-        CPU=${CPU:-0}
-        if [ $CPU -ge 5000 ]; then
-                options="$options -mips4"
-        else
-                options="$options -mips3"
-        fi
-	OUT="irix-mips3-$CC"
-	;;
-  alpha-*-linux2)
-        ISA=`awk '/cpu model/{print$4}' /proc/cpuinfo`
-	case ${ISA:-generic} in
-	*[67])	OUT="linux-alpha+bwx-$CC" ;;
-	*)	OUT="linux-alpha-$CC" ;;
-	esac
-	if [ "$CC" = "gcc" ]; then
-	    case ${ISA:-generic} in
-	    EV5|EV45)		options="$options -mcpu=ev5";;
-	    EV56|PCA56)		options="$options -mcpu=ev56";;
-	    EV6|EV67|PCA57)	options="$options -mcpu=ev6";;
-	    esac
-	fi
-	;;
-  mips-*-linux?)
-          cat >dummy.c <<EOF
-#include <stdio.h>  /* for printf() prototype */
-        int main (argc, argv) int argc; char *argv[]; {
-#ifdef __MIPSEB__
-  printf ("linux-%s\n", argv[1]);
-#endif
-#ifdef __MIPSEL__
-  printf ("linux-%sel\n", argv[1]);
-#endif
-  return 0;
-}
-EOF
-	${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}`
-	rm dummy dummy.c
-	;;
-  ppc64-*-linux2)
-	#Use the standard target for PPC architecture until we create a
-	#special one for the 64bit architecture.
-	OUT="linux-ppc" ;;
-  ppc-*-linux2) OUT="linux-ppc" ;;
-  m68k-*-linux*) OUT="linux-m68k" ;;
-  ia64-*-linux?) OUT="linux-ia64" ;;
-  ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
-  ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
-  i386-apple-darwin*) OUT="darwin-i386-cc" ;;
-  sparc64-*-linux2)
-	echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
-	echo "         and wish to build 64-bit library, then you have to"
-	echo "         invoke './Configure linux64-sparcv9' *manually*."
-	if [ "$TEST" = "false" ]; then
-	  echo "          You have about 5 seconds to press Ctrl-C to abort."
-	  (stty -icanon min 0 time 50; read waste) < /dev/tty
-	fi
-	OUT="linux-sparcv9" ;;
-  sparc-*-linux2)
-	KARCH=`awk '/^type/{print$3}' /proc/cpuinfo`
-	case ${KARCH:-sun4} in
-	sun4u*)	OUT="linux-sparcv9" ;;
-	sun4m)	OUT="linux-sparcv8" ;;
-	sun4d)	OUT="linux-sparcv8" ;;
-	*)	OUT="linux-sparcv7" ;;
-	esac ;;
-  parisc-*-linux2)
-        CPUARCH=`awk '/cpu family/{print substr($5,1,3)}' /proc/cpuinfo`
-	CPUSCHEDULE=`awk '/^cpu.[ 	]: PA/{print substr($3,3)}' /proc/cpuinfo`
-
-	# ??TODO ??  Model transformations
-	# 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off
-	#    assuming no further arch. identification will ever be used by GCC.
-	# 1. I'm most concerned about whether is a 7300LC is closer to a 7100 versus a 7100LC.
-	# 2. The variant 64-bit processors cause concern should GCC support explicit schedulers
-	#    for these chips in the future.
-	#         PA7300LC -> 7100LC (1.1)
-	#         PA8200   -> 8000   (2.0)
-	#         PA8500   -> 8000   (2.0)
-	#         PA8600   -> 8000   (2.0)
-
-	CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8?00/8000/'`
-	# Finish Model transformations
-
-	options="$options -mschedule=$CPUSCHEDULE -march=$CPUARCH"
-	OUT="linux-parisc" ;;
-  arm*-*-linux2) OUT="linux-elf-arm" ;;
-  s390-*-linux2) OUT="linux-s390" ;;
-  s390x-*-linux?) OUT="linux-s390x" ;;
-  x86_64-*-linux?) OUT="linux-x86_64" ;;
-  *-*-linux2) OUT="linux-elf"
-	if [ "$GCCVER" -gt 28 ]; then
-          if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
-            OUT="linux-pentium"
-          fi
-          if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
-            OUT="linux-ppro"
-          fi
-          if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
-            OUT="linux-k6"
-          fi
-        fi ;;
-  *-*-linux1) OUT="linux-aout" ;;
-  sun4u*-*-solaris2)
-	OUT="solaris-sparcv9-$CC"
-	ISA64=`(isalist) 2>/dev/null | grep sparcv9`
-	if [ "$ISA64" != "" ]; then
-	    if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
-		echo "WARNING! If you wish to build 64-bit library, then you have to"
-		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
-		if [ "$TEST" = "false" ]; then
-		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
-		fi
-	    elif [ "$CC" = "gcc" -a "$GCC_ARCH" = "-m64" ]; then
-		# $GCC_ARCH denotes default ABI chosen by compiler driver
-		# (first one found on the $PATH). I assume that user
-		# expects certain consistency with the rest of his builds
-		# and therefore switch over to 64-bit. <appro>
-		OUT="solaris64-sparcv9-gcc"
-		echo "WARNING! If you wish to build 32-bit library, then you have to"
-		echo "         invoke './Configure solaris-sparcv9-gcc' *manually*."
-		if [ "$TEST" = "false" ]; then
-		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
-		fi
-	    elif [ "$GCC_ARCH" = "-m32" ]; then
-		echo "NOTICE! If you *know* that your GNU C supports 64-bit/V9 ABI"
-		echo "        and wish to build 64-bit library, then you have to"
-		echo "        invoke './Configure solaris64-sparcv9-gcc' *manually*."
-		if [ "$TEST" = "false" ]; then
-		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
-		fi
-	    fi
-	fi
-	;;
-  sun4m-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
-  sun4d-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
-  sun4*-*-solaris2)	OUT="solaris-sparcv7-$CC" ;;
-  *86*-*-solaris2) OUT="solaris-x86-$CC" ;;
-  *-*-sunos4) OUT="sunos-$CC" ;;
-  alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;;
-  sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;;
-  ia64-*-freebsd*) OUT="FreeBSD-ia64" ;;
-  *-freebsd[3-9]*) OUT="FreeBSD-elf" ;;
-  *-freebsd[1-2]*) OUT="FreeBSD" ;;
-  *86*-*-netbsd) OUT="NetBSD-x86" ;;
-  sun3*-*-netbsd) OUT="NetBSD-m68" ;;
-  *-*-netbsd) OUT="NetBSD-sparc" ;;
-  alpha*-*-openbsd) OUT="OpenBSD-alpha" ;;
-  *86*-*-openbsd) OUT="OpenBSD-i386" ;;
-  m68k*-*-openbsd) OUT="OpenBSD-m68k" ;;
-  m88k*-*-openbsd) OUT="OpenBSD-m88k" ;;
-  mips*-*-openbsd) OUT="OpenBSD-mips" ;;
-  pmax*-*-openbsd) OUT="OpenBSD-mips" ;;
-  powerpc*-*-openbsd) OUT="OpenBSD-powerpc" ;;
-  sparc64*-*-openbsd) OUT="OpenBSD-sparc64" ;;
-  sparc*-*-openbsd) OUT="OpenBSD-sparc" ;;
-  vax*-*-openbsd) OUT="OpenBSD-vax" ;;
-  hppa*-*-openbsd) OUT="OpenBSD-hppa" ;;
-  *-*-openbsd) OUT="OpenBSD" ;;
-  *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;;
-  *-*-osf) OUT="alphaold-cc" ;;
-  *-*-tru64) OUT="alpha-cc" ;;
-  *-*-OpenUNIX*)
-	if [ "$CC" = "gcc" ]; then
-	  OUT="OpenUNIX-8-gcc" 
-	else    
-	  OUT="OpenUNIX-8" 
-	fi
-	;;
-  *-*-unixware7) OUT="unixware-7" ;;
-  *-*-UnixWare7) OUT="unixware-7" ;;
-  *-*-Unixware7) OUT="unixware-7" ;;
-  *-*-unixware20*) OUT="unixware-2.0" ;;
-  *-*-unixware21*) OUT="unixware-2.1" ;;
-  *-*-UnixWare20*) OUT="unixware-2.0" ;;
-  *-*-UnixWare21*) OUT="unixware-2.1" ;;
-  *-*-Unixware20*) OUT="unixware-2.0" ;;
-  *-*-Unixware21*) OUT="unixware-2.1" ;;
-  BS2000-siemens-sysv4) OUT="BS2000-OSD" ;;
-  RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
-  *-siemens-sysv4) OUT="SINIX" ;;
-  *-hpux1*)
-	if [ $CC = "gcc" ];
-	then
-	  if [ $GCC_BITS = "64" ]; then
-	    OUT="hpux64-parisc-gcc"
-	  else
-	    OUT="hpux-parisc-gcc"
-	  fi
-	else
-	  OUT="hpux-parisc-$CC"
-	fi
-	KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
-	KERNEL_BITS=${KERNEL_BITS:-32}
-	CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`
-	CPU_VERSION=${CPU_VERSION:-0}
-	# See <sys/unistd.h> for further info on CPU_VERSION.
-	if   [ $CPU_VERSION -ge 768 ]; then	# IA-64 CPU
-	     echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
-	     echo "         If you wish to build 32-bit library, the you have to"
-	     echo "         invoke './Configure hpux-ia32-cc' *manually*."
-	     if [ "$TEST" = "false" ]; then
-		echo "         You have about 5 seconds to press Ctrl-C to abort."
-		(stty -icanon min 0 time 50; read waste) < /dev/tty
-	     fi
-	     OUT="hpux64-ia64-cc"
-	elif [ $CPU_VERSION -ge 532 ]; then	# PA-RISC 2.x CPU
-	     if [ "$CC" = "cc" ]; then
-		OUT="hpux-parisc2-cc" # can't we have hpux-parisc2-gcc?
-	     fi
-	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
-		echo "WARNING! If you wish to build 64-bit library then you have to"
-		echo "         invoke './Configure hpux64-parisc2-cc' *manually*."
-		if [ "$TEST" = "false" ]; then
-		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
-		fi
-	     fi
-	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
-	     :
-	elif [ $CPU_VERSION -ge 523 ]; then	# PA-RISC 1.0 CPU
-	     :
-	else					# Motorola(?) CPU
-	     OUT="hpux-$CC"
-	fi
-	options="$options -D_REENTRANT" ;;
-  *-hpux)	OUT="hpux-parisc-$CC" ;;
-  # these are all covered by the catchall below
-  # *-aix) OUT="aix-$CC" ;;
-  # *-dgux) OUT="dgux" ;;
-  mips-sony-newsos4) OUT="newsos4-gcc" ;;
-  *-*-cygwin_pre1.3) OUT="Cygwin-pre1.3" ;;
-  *-*-cygwin) OUT="Cygwin" ;;
-  t3e-cray-unicosmk) OUT="cray-t3e" ;;
-  j90-cray-unicos) OUT="cray-j90" ;;
-  nsr-tandem-nsk) OUT="tandem-c89" ;;
-  *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
-esac
-
-# NB: This atalla support has been superceded by the ENGINE support
-# That contains its own header and definitions anyway. Support can
-# be enabled or disabled on any supported platform without external
-# headers, eg. by adding the "hw-atalla" switch to ./config or
-# perl Configure
-#
-# See whether we can compile Atalla support
-#if [ -f /usr/include/atasi.h ]
-#then
-#  options="$options -DATALLA"
-#fi
-
-# gcc < 2.8 does not support -mcpu=ultrasparc
-if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
-then
-  echo "WARNING! Do consider upgrading to gcc-2.8 or later."
-  sleep 5
-  OUT=solaris-sparcv9-gcc27
-fi
-if [ "$OUT" = "linux-sparcv9" -a $GCCVER -lt 28 ]
-then
-  echo "WARNING! Falling down to 'linux-sparcv8'."
-  echo "         Upgrade to gcc-2.8 or later."
-  sleep 5
-  OUT=linux-sparcv8
-fi
-
-case "$GUESSOS" in
-  i386-*) options="$options 386" ;;
-esac
-
-for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha
-do
-  if [ ! -d crypto/$i ]
-  then
-    options="$options no-$i"
-  fi
-done
-
-# Discover Kerberos 5 (since it's still a prototype, we don't
-# do any guesses yet, that's why this section is commented away.
-#if [ -d /usr/kerberos ]; then
-#    krb5_dir=/usr/kerberos
-#    if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\
-#	-a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
-#	-a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
-#	-a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\
-#	-a \( -f $krb5_dir/include/krb5.h \) ]; then
-#	options="$options --with-krb5-flavor=MIT"
-#    fi
-#elif [ -d /usr/heimdal ]; then
-#    krb5_dir=/usr/heimdal
-#    if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\
-#	-a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
-#	-a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
-#	-a \( -f $krb5_dir/include/krb5.h \) ]; then
-#	options="$options --with-krb5-flavor=Heimdal"
-#    fi
-#fi
-
-if [ -z "$OUT" ]; then
-  OUT="$CC"
-fi
-
-if [ ".$PERL" = . ] ; then
-	for i in . `echo $PATH | sed 's/:/ /g'`; do
-		if [ -f "$i/perl5" ] ; then
-			PERL="$i/perl5"
-			break;
-		fi;
-	done
-fi
-
-if [ ".$PERL" = . ] ; then
-	for i in . `echo $PATH | sed 's/:/ /g'`; do
-		if [ -f "$i/perl" ] ; then
-			if "$i/perl" -e 'exit($]<5.0)'; then
-				PERL="$i/perl"
-				break;
-			fi;
-		fi;
-	done
-fi
-
-if [ ".$PERL" = . ] ; then
-	echo "You need Perl 5."
-	exit 1
-fi
-
-# run Configure to check to see if we need to specify the 
-# compiler for the platform ... in which case we add it on
-# the end ... otherwise we leave it off
-
-$PERL ./Configure LIST | grep "$OUT-$CC" > /dev/null
-if [ $? = "0" ]; then
-  OUT="$OUT-$CC"
-fi
-
-OUT="$PREFIX$OUT"
-
-$PERL ./Configure LIST | grep "$OUT" > /dev/null
-if [ $? = "0" ]; then
-  echo Configuring for $OUT
-
-  if [ "$TEST" = "true" ]; then
-    echo $PERL ./Configure $OUT $options
-  else
-    $PERL ./Configure $OUT $options
-  fi
-else
-  echo "This system ($OUT) is not supported. See file INSTALL for details."
-fi
-)
diff --git a/crypto/openssl/crypto/Makefile.save b/crypto/openssl/crypto/Makefile.save
deleted file mode 100644
index 97984f8e8355..000000000000
--- a/crypto/openssl/crypto/Makefile.save
+++ /dev/null
@@ -1,203 +0,0 @@
-#
-# SSLeay/crypto/Makefile
-#
-
-DIR=		crypto
-TOP=		..
-CC=		cc
-INCLUDE=	-I. -I../include
-INCLUDES=	-I.. -I../../include
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=       Makefile.ssl
-RM=             rm -f
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDE) $(CFLAG)
-
-
-LIBS=
-
-SDIRS=	md2 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn rsa dsa dh dso \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp
-
-GENERAL=Makefile README crypto-lib.com install.com
-
-LIB= $(TOP)/libcrypto.a
-LIBSRC=	cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c
-LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h
-HEADER=	cryptlib.h buildinf.h md32_common.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all: buildinf.h lib subdirs
-
-buildinf.h: ../Makefile.ssl
-	( echo "#ifndef MK1MF_BUILD"; \
-	echo "  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \
-	echo "  #define CFLAGS \"$(CC) $(CFLAG)\""; \
-	echo "  #define PLATFORM \"$(PLATFORM)\""; \
-	echo "  #define DATE \"`date`\""; \
-	echo "#endif" ) >buildinf.h
-
-testapps:
-	if echo ${SDIRS} | fgrep ' des '; \
-	then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
-	cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps
-
-subdirs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making all in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
-	done;
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making 'files' in crypto/$$i..."; \
-	$(MAKE) PERL='${PERL}' files ); \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@for i in $(SDIRS); do \
-	(cd $$i; echo "making links in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
-	done;
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-libs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making libs in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
-	done;
-
-tests:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making tests in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
-	done;
-
-install:
-	@for i in $(EXHEADER) ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making install in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}'  INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
-	done;
-
-lint:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making lint in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
-	done;
-
-depend:
-	if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist
-	$(MAKEDEPEND) $(INCLUDE) $(DEPFLAG) $(PROGS) $(LIBSRC)
-	if [ ! -s buildinf.h ]; then rm buildinf.h; fi
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making depend in crypto/$$i..."; \
-	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' depend ); \
-	done;
-
-clean:
-	rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making clean in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
-	done;
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i; echo "making dclean in crypto/$$i..."; \
-	$(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
-	done;
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
-cpt_err.o: ../include/openssl/err.h ../include/openssl/lhash.h
-cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-cryptlib.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-cryptlib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-cryptlib.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-cryptlib.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-cversion.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-cversion.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-cversion.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-cversion.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
-cversion.o: cryptlib.h
-ex_data.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-ex_data.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ex_data.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-ex_data.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-mem.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-mem.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-mem.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-mem.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-mem.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-mem_dbg.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-mem_dbg.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-mem_dbg.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-mem_dbg.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-tmdiff.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-tmdiff.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-tmdiff.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-tmdiff.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h
-uid.o: ../include/openssl/crypto.h ../include/openssl/opensslv.h
-uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-uid.o: ../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/Makefile.ssl b/crypto/openssl/crypto/Makefile.ssl
deleted file mode 100644
index 9def17ae601f..000000000000
--- a/crypto/openssl/crypto/Makefile.ssl
+++ /dev/null
@@ -1,218 +0,0 @@
-#
-# SSLeay/crypto/Makefile
-#
-
-DIR=		crypto
-TOP=		..
-CC=		cc
-INCLUDE=	-I. -I$(TOP) -I../include
-INCLUDES=	-I.. -I../.. -I../../include
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-RM=             rm -f
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDE) $(CFLAG)
-
-
-LIBS=
-
-SDIRS=	md2 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa dh dso engine aes \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
-
-GENERAL=Makefile README crypto-lib.com install.com
-
-LIB= $(TOP)/libcrypto.a
-SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
-	ossl_typ.h
-HEADER=	cryptlib.h buildinf.h md32_common.h o_time.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all: buildinf.h lib subdirs shared
-
-buildinf.h: ../Makefile.ssl
-	( echo "#ifndef MK1MF_BUILD"; \
-	echo '  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
-	echo '  #define CFLAGS "$(CC) $(CFLAG)"'; \
-	echo '  #define PLATFORM "$(PLATFORM)"'; \
-	echo "  #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
-	echo '#endif' ) >buildinf.h
-
-testapps:
-	if echo ${SDIRS} | fgrep ' des '; \
-	then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
-	cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps
-
-subdirs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making all in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
-	done;
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making 'files' in crypto/$$i..." && \
-	$(MAKE) PERL='${PERL}' files ); \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@for i in $(SDIRS); do \
-	(cd $$i && echo "making links in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
-	done;
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-shared:
-	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-	fi
-
-libs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making libs in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
-	done;
-
-tests:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making tests in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
-	done;
-
-install:
-	@for i in $(EXHEADER) ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making install in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}'  INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
-	done;
-
-lint:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making lint in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
-	done;
-
-depend:
-	if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-	if [ ! -s buildinf.h ]; then rm buildinf.h; fi
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making depend in crypto/$$i..." && \
-	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \
-	done;
-
-clean:
-	rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making clean in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
-	done;
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making dclean in crypto/$$i..." && \
-	$(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
-	done;
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
-cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
-cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cpt_err.c
-cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
-cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-cryptlib.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-cryptlib.o: ../include/openssl/symhacks.h cryptlib.c cryptlib.h
-cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
-cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-cversion.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-cversion.o: ../include/openssl/symhacks.h buildinf.h cryptlib.h cversion.c
-ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
-ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
-ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ex_data.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-ex_data.o: ../include/openssl/symhacks.h cryptlib.h ex_data.c
-mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
-mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c
-mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-mem_clr.o: ../include/openssl/symhacks.h mem_clr.c
-mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
-mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c
-o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
-o_time.o: o_time.h
-tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h
-tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-tmdiff.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-tmdiff.o: ../include/openssl/symhacks.h ../include/openssl/tmdiff.h cryptlib.h
-tmdiff.o: tmdiff.c
-uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-uid.o: ../include/openssl/symhacks.h uid.c
diff --git a/crypto/openssl/crypto/aes/Makefile.ssl b/crypto/openssl/crypto/aes/Makefile.ssl
deleted file mode 100644
index 364d05bbfe01..000000000000
--- a/crypto/openssl/crypto/aes/Makefile.ssl
+++ /dev/null
@@ -1,103 +0,0 @@
-#
-# crypto/aes/Makefile
-#
-
-DIR=	aes
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-#TEST=aestest.c
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
-LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= aes.h
-HEADER= aes_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-$(LIBOBJ): $(LIBSRC)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
-aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c aes_locl.h
-aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
-aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
-aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
-aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_misc.o: ../../include/openssl/opensslconf.h
-aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
-aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c
diff --git a/crypto/openssl/crypto/aes/README b/crypto/openssl/crypto/aes/README
deleted file mode 100644
index 0f9620a80eca..000000000000
--- a/crypto/openssl/crypto/aes/README
+++ /dev/null
@@ -1,3 +0,0 @@
-This is an OpenSSL-compatible version of AES (also called Rijndael).
-aes_core.c is basically the same as rijndael-alg-fst.c but with an
-API that looks like the rest of the OpenSSL symmetric cipher suite.
diff --git a/crypto/openssl/crypto/aes/aes.h b/crypto/openssl/crypto/aes/aes.h
deleted file mode 100644
index 8294a41a3ad6..000000000000
--- a/crypto/openssl/crypto/aes/aes.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-#define HEADER_AES_H
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#define AES_ENCRYPT	1
-#define AES_DECRYPT	0
-
-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-#define AES_MAXNR 14
-#define AES_BLOCK_SIZE 16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-    unsigned long rd_key[4 *(AES_MAXNR + 1)];
-    int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, int *num);
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char counter[AES_BLOCK_SIZE],
-	unsigned char ecount_buf[AES_BLOCK_SIZE],
-	unsigned int *num);
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* !HEADER_AES_H */
diff --git a/crypto/openssl/crypto/aes/aes_cbc.c b/crypto/openssl/crypto/aes/aes_cbc.c
deleted file mode 100644
index de438306b15a..000000000000
--- a/crypto/openssl/crypto/aes/aes_cbc.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-		     const unsigned long length, const AES_KEY *key,
-		     unsigned char *ivec, const int enc) {
-
-	unsigned long n;
-	unsigned long len = length;
-	unsigned char tmp[AES_BLOCK_SIZE];
-
-	assert(in && out && key && ivec);
-	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
-
-	if (AES_ENCRYPT == enc) {
-		while (len >= AES_BLOCK_SIZE) {
-			for(n=0; n < sizeof tmp; ++n)
-				tmp[n] = in[n] ^ ivec[n];
-			AES_encrypt(tmp, out, key);
-			memcpy(ivec, out, AES_BLOCK_SIZE);
-			len -= AES_BLOCK_SIZE;
-			in += AES_BLOCK_SIZE;
-			out += AES_BLOCK_SIZE;
-		}
-		if (len) {
-			for(n=0; n < len; ++n)
-				tmp[n] = in[n] ^ ivec[n];
-			for(n=len; n < AES_BLOCK_SIZE; ++n)
-				tmp[n] = ivec[n];
-			AES_encrypt(tmp, tmp, key);
-			memcpy(out, tmp, len);
-			memcpy(ivec, tmp, sizeof tmp);
-		}			
-	} else {
-		while (len >= AES_BLOCK_SIZE) {
-			memcpy(tmp, in, sizeof tmp);
-			AES_decrypt(in, out, key);
-			for(n=0; n < AES_BLOCK_SIZE; ++n)
-				out[n] ^= ivec[n];
-			memcpy(ivec, tmp, AES_BLOCK_SIZE);
-			len -= AES_BLOCK_SIZE;
-			in += AES_BLOCK_SIZE;
-			out += AES_BLOCK_SIZE;
-		}
-		if (len) {
-			memcpy(tmp, in, sizeof tmp);
-			AES_decrypt(tmp, tmp, key);
-			for(n=0; n < len; ++n)
-				out[n] ^= ivec[n];
-			memcpy(ivec, tmp, sizeof tmp);
-		}			
-	}
-}
diff --git a/crypto/openssl/crypto/aes/aes_cfb.c b/crypto/openssl/crypto/aes/aes_cfb.c
deleted file mode 100644
index 9b569dda903e..000000000000
--- a/crypto/openssl/crypto/aes/aes_cfb.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/* The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc) {
-
-	unsigned int n;
-	unsigned long l = length;
-	unsigned char c;
-
-	assert(in && out && key && ivec && num);
-
-	n = *num;
-
-	if (enc) {
-		while (l--) {
-			if (n == 0) {
-				AES_encrypt(ivec, ivec, key);
-			}
-			ivec[n] = *(out++) = *(in++) ^ ivec[n];
-			n = (n+1) % AES_BLOCK_SIZE;
-		}
-	} else {
-		while (l--) {
-			if (n == 0) {
-				AES_encrypt(ivec, ivec, key);
-			}
-			c = *(in);
-			*(out++) = *(in++) ^ ivec[n];
-			ivec[n] = c;
-			n = (n+1) % AES_BLOCK_SIZE;
-		}
-	}
-
-	*num=n;
-}
-
diff --git a/crypto/openssl/crypto/aes/aes_core.c b/crypto/openssl/crypto/aes/aes_core.c
deleted file mode 100644
index 2f41a825f8d9..000000000000
--- a/crypto/openssl/crypto/aes/aes_core.c
+++ /dev/null
@@ -1,1257 +0,0 @@
-/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto@terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* Note: rewritten a little bit to provide error control and an OpenSSL-
-   compatible API */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/*
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-Te4[x] = S [x].[01, 01, 01, 01];
-
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01, 01, 01, 01];
-*/
-
-static const u32 Te0[256] = {
-    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
-    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
-    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
-    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
-    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
-    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
-    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
-    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
-    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
-    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
-    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
-    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
-    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
-    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
-    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
-    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
-    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
-    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
-    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
-    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
-    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
-    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
-    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
-    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
-    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
-    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
-    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
-    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
-    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
-    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
-    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
-    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
-    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
-    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
-    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
-    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
-    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
-    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
-    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
-    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
-    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
-    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
-    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
-    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
-    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
-    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
-    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
-    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
-    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
-    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
-    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
-    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
-    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
-    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
-    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
-    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
-    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
-    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
-    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
-    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
-    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
-    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
-    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
-    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-};
-static const u32 Te1[256] = {
-    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
-    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
-    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
-    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
-    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
-    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
-    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
-    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
-    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
-    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
-    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
-    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
-    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
-    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
-    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
-    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
-    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
-    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
-    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
-    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
-    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
-    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
-    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
-    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
-    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
-    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
-    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
-    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
-    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
-    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
-    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
-    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
-    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
-    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
-    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
-    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
-    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
-    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
-    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
-    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
-    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
-    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
-    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
-    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
-    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
-    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
-    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
-    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
-    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
-    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
-    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
-    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
-    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
-    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
-    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
-    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
-    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
-    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
-    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
-    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
-    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
-    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
-    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
-    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-};
-static const u32 Te2[256] = {
-    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
-    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
-    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
-    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
-    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
-    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
-    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
-    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
-    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
-    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
-    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
-    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
-    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
-    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
-    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
-    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
-    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
-    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
-    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
-    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
-    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
-    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
-    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
-    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
-    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
-    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
-    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
-    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
-    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
-    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
-    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
-    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
-    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
-    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
-    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
-    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
-    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
-    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
-    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
-    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
-    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
-    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
-    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
-    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
-    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
-    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
-    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
-    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
-    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
-    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
-    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
-    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
-    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
-    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
-    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
-    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
-    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
-    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
-    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
-    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
-    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
-    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
-    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
-    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-};
-static const u32 Te3[256] = {
-
-    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
-    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
-    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
-    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
-    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
-    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
-    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
-    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
-    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
-    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
-    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
-    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
-    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
-    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
-    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
-    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
-    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
-    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
-    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
-    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
-    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
-    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
-    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
-    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
-    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
-    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
-    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
-    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
-    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
-    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
-    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
-    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
-    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
-    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
-    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
-    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
-    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
-    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
-    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
-    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
-    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
-    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
-    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
-    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
-    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
-    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
-    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
-    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
-    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
-    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
-    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
-    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
-    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
-    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
-    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
-    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
-    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
-    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
-    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
-    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
-    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
-    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
-    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
-    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-};
-static const u32 Te4[256] = {
-    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
-    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
-    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
-    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
-    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
-    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
-    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
-    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
-    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
-    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
-    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
-    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
-    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
-    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
-    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
-    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
-    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
-    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
-    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
-    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
-    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
-    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
-    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
-    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
-    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
-    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
-    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
-    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
-    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
-    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
-    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
-    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
-    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
-    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
-    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
-    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
-    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
-    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
-    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
-    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
-    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
-    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
-    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
-    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
-    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
-    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
-    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
-    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
-    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
-    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
-    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
-    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
-    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
-    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
-    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
-    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
-    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
-    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
-    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
-    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
-    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
-    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
-    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
-    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
-};
-static const u32 Td0[256] = {
-    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
-    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
-    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
-    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
-    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
-    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
-    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
-    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
-    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
-    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
-    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
-    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
-    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
-    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
-    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
-    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
-    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
-    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
-    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
-    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
-    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
-    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
-    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
-    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
-    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
-    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
-    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
-    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
-    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
-    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
-    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
-    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
-    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
-    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
-    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
-    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
-    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
-    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
-    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
-    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
-    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
-    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
-    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
-    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
-    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
-    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
-    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
-    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
-    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
-    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
-    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
-    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
-    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
-    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
-    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
-    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
-    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
-    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
-    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
-    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
-    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
-    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
-    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
-    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-};
-static const u32 Td1[256] = {
-    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
-    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
-    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
-    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
-    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
-    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
-    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
-    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
-    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
-    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
-    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
-    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
-    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
-    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
-    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
-    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
-    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
-    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
-    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
-    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
-    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
-    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
-    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
-    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
-    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
-    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
-    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
-    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
-    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
-    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
-    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
-    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
-    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
-    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
-    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
-    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
-    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
-    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
-    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
-    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
-    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
-    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
-    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
-    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
-    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
-    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
-    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
-    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
-    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
-    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
-    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
-    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
-    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
-    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
-    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
-    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
-    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
-    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
-    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
-    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
-    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
-    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
-    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
-    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-};
-static const u32 Td2[256] = {
-    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
-    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
-    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
-    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
-    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
-    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
-    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
-    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
-    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
-    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
-    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
-    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
-    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
-    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
-    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
-    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
-    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
-    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
-    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
-    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
-
-    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
-    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
-    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
-    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
-    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
-    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
-    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
-    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
-    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
-    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
-    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
-    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
-    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
-    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
-    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
-    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
-    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
-    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
-    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
-    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
-    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
-    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
-    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
-    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
-    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
-    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
-    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
-    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
-    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
-    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
-    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
-    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
-    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
-    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
-    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
-    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
-    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
-    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
-    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
-    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
-    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
-    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
-    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
-    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-};
-static const u32 Td3[256] = {
-    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
-    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
-    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
-    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
-    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
-    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
-    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
-    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
-    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
-    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
-    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
-    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
-    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
-    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
-    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
-    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
-    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
-    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
-    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
-    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
-    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
-    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
-    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
-    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
-    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
-    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
-    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
-    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
-    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
-    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
-    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
-    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
-    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
-    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
-    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
-    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
-    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
-    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
-    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
-    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
-    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
-    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
-    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
-    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
-    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
-    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
-    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
-    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
-    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
-    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
-    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
-    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
-    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
-    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
-    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
-    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
-    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
-    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
-    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
-    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
-    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
-    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
-    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
-    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-};
-static const u32 Td4[256] = {
-    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
-    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
-    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
-    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
-    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
-    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
-    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
-    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
-    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
-    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
-    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
-    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
-    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
-    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
-    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
-    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
-    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
-    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
-    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
-    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
-    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
-    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
-    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
-    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
-    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
-    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
-    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
-    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
-    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
-    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
-    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
-    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
-    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
-    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
-    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
-    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
-    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
-    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
-    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
-    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
-    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
-    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
-    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
-    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
-    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
-    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
-    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
-    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
-    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
-    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
-    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
-    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
-    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
-    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
-    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
-    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
-    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
-    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
-    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
-    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
-    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
-    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
-    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
-    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
-};
-static const u32 rcon[] = {
-	0x01000000, 0x02000000, 0x04000000, 0x08000000,
-	0x10000000, 0x20000000, 0x40000000, 0x80000000,
-	0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-			AES_KEY *key) {
-
-	u32 *rk;
-   	int i = 0;
-	u32 temp;
-
-	if (!userKey || !key)
-		return -1;
-	if (bits != 128 && bits != 192 && bits != 256)
-		return -2;
-
-	rk = key->rd_key;
-
-	if (bits==128)
-		key->rounds = 10;
-	else if (bits==192)
-		key->rounds = 12;
-	else
-		key->rounds = 14;
-
-	rk[0] = GETU32(userKey     );
-	rk[1] = GETU32(userKey +  4);
-	rk[2] = GETU32(userKey +  8);
-	rk[3] = GETU32(userKey + 12);
-	if (bits == 128) {
-		while (1) {
-			temp  = rk[3];
-			rk[4] = rk[0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
-				rcon[i];
-			rk[5] = rk[1] ^ rk[4];
-			rk[6] = rk[2] ^ rk[5];
-			rk[7] = rk[3] ^ rk[6];
-			if (++i == 10) {
-				return 0;
-			}
-			rk += 4;
-		}
-	}
-	rk[4] = GETU32(userKey + 16);
-	rk[5] = GETU32(userKey + 20);
-	if (bits == 192) {
-		while (1) {
-			temp = rk[ 5];
-			rk[ 6] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
-				rcon[i];
-			rk[ 7] = rk[ 1] ^ rk[ 6];
-			rk[ 8] = rk[ 2] ^ rk[ 7];
-			rk[ 9] = rk[ 3] ^ rk[ 8];
-			if (++i == 8) {
-				return 0;
-			}
-			rk[10] = rk[ 4] ^ rk[ 9];
-			rk[11] = rk[ 5] ^ rk[10];
-			rk += 6;
-		}
-	}
-	rk[6] = GETU32(userKey + 24);
-	rk[7] = GETU32(userKey + 28);
-	if (bits == 256) {
-		while (1) {
-			temp = rk[ 7];
-			rk[ 8] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
-				rcon[i];
-			rk[ 9] = rk[ 1] ^ rk[ 8];
-			rk[10] = rk[ 2] ^ rk[ 9];
-			rk[11] = rk[ 3] ^ rk[10];
-			if (++i == 7) {
-				return 0;
-			}
-			temp = rk[11];
-			rk[12] = rk[ 4] ^
-				(Te4[(temp >> 24)       ] & 0xff000000) ^
-				(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp      ) & 0xff] & 0x000000ff);
-			rk[13] = rk[ 5] ^ rk[12];
-			rk[14] = rk[ 6] ^ rk[13];
-			rk[15] = rk[ 7] ^ rk[14];
-
-			rk += 8;
-        	}
-	}
-	return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-			 AES_KEY *key) {
-
-        u32 *rk;
-	int i, j, status;
-	u32 temp;
-
-	/* first, start with an encryption schedule */
-	status = AES_set_encrypt_key(userKey, bits, key);
-	if (status < 0)
-		return status;
-
-	rk = key->rd_key;
-
-	/* invert the order of the round keys: */
-	for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-		temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-		temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-		temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-		temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-	}
-	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
-	for (i = 1; i < (key->rounds); i++) {
-		rk += 4;
-		rk[0] =
-			Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
-		rk[1] =
-			Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
-		rk[2] =
-			Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
-		rk[3] =
-			Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
-	}
-	return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-		 const AES_KEY *key) {
-
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-	int r;
-#endif /* ?FULL_UNROLL */
-
-	assert(in && out && key);
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-	s0 = GETU32(in     ) ^ rk[0];
-	s1 = GETU32(in +  4) ^ rk[1];
-	s2 = GETU32(in +  8) ^ rk[2];
-	s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-	/* round 1: */
-   	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
-   	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
-   	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
-   	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
-   	/* round 2: */
-   	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
-   	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
-   	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
-   	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
-	/* round 3: */
-   	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
-   	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
-   	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
-   	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
-   	/* round 4: */
-   	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
-   	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
-   	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
-   	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
-	/* round 5: */
-   	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
-   	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
-   	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
-   	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
-   	/* round 6: */
-   	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
-   	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
-   	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
-   	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
-	/* round 7: */
-   	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
-   	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
-   	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
-   	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
-   	/* round 8: */
-   	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
-   	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
-   	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
-   	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
-	/* round 9: */
-   	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
-   	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
-   	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
-   	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
-    if (key->rounds > 10) {
-        /* round 10: */
-        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
-        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
-        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
-        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
-        /* round 11: */
-        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
-        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
-        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
-        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
-        if (key->rounds > 12) {
-            /* round 12: */
-            s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
-            s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
-            s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
-            s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
-            /* round 13: */
-            t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
-            t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
-            t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
-            t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
-        }
-    }
-    rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-    r = key->rounds >> 1;
-    for (;;) {
-        t0 =
-            Te0[(s0 >> 24)       ] ^
-            Te1[(s1 >> 16) & 0xff] ^
-            Te2[(s2 >>  8) & 0xff] ^
-            Te3[(s3      ) & 0xff] ^
-            rk[4];
-        t1 =
-            Te0[(s1 >> 24)       ] ^
-            Te1[(s2 >> 16) & 0xff] ^
-            Te2[(s3 >>  8) & 0xff] ^
-            Te3[(s0      ) & 0xff] ^
-            rk[5];
-        t2 =
-            Te0[(s2 >> 24)       ] ^
-            Te1[(s3 >> 16) & 0xff] ^
-            Te2[(s0 >>  8) & 0xff] ^
-            Te3[(s1      ) & 0xff] ^
-            rk[6];
-        t3 =
-            Te0[(s3 >> 24)       ] ^
-            Te1[(s0 >> 16) & 0xff] ^
-            Te2[(s1 >>  8) & 0xff] ^
-            Te3[(s2      ) & 0xff] ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        s0 =
-            Te0[(t0 >> 24)       ] ^
-            Te1[(t1 >> 16) & 0xff] ^
-            Te2[(t2 >>  8) & 0xff] ^
-            Te3[(t3      ) & 0xff] ^
-            rk[0];
-        s1 =
-            Te0[(t1 >> 24)       ] ^
-            Te1[(t2 >> 16) & 0xff] ^
-            Te2[(t3 >>  8) & 0xff] ^
-            Te3[(t0      ) & 0xff] ^
-            rk[1];
-        s2 =
-            Te0[(t2 >> 24)       ] ^
-            Te1[(t3 >> 16) & 0xff] ^
-            Te2[(t0 >>  8) & 0xff] ^
-            Te3[(t1      ) & 0xff] ^
-            rk[2];
-        s3 =
-            Te0[(t3 >> 24)       ] ^
-            Te1[(t0 >> 16) & 0xff] ^
-            Te2[(t1 >>  8) & 0xff] ^
-            Te3[(t2      ) & 0xff] ^
-            rk[3];
-    }
-#endif /* ?FULL_UNROLL */
-    /*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-	s0 =
-		(Te4[(t0 >> 24)       ] & 0xff000000) ^
-		(Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t3      ) & 0xff] & 0x000000ff) ^
-		rk[0];
-	PUTU32(out     , s0);
-	s1 =
-		(Te4[(t1 >> 24)       ] & 0xff000000) ^
-		(Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t0      ) & 0xff] & 0x000000ff) ^
-		rk[1];
-	PUTU32(out +  4, s1);
-	s2 =
-		(Te4[(t2 >> 24)       ] & 0xff000000) ^
-		(Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t1      ) & 0xff] & 0x000000ff) ^
-		rk[2];
-	PUTU32(out +  8, s2);
-	s3 =
-		(Te4[(t3 >> 24)       ] & 0xff000000) ^
-		(Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t2      ) & 0xff] & 0x000000ff) ^
-		rk[3];
-	PUTU32(out + 12, s3);
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-		 const AES_KEY *key) {
-
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-	int r;
-#endif /* ?FULL_UNROLL */
-
-	assert(in && out && key);
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-    s0 = GETU32(in     ) ^ rk[0];
-    s1 = GETU32(in +  4) ^ rk[1];
-    s2 = GETU32(in +  8) ^ rk[2];
-    s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-    /* round 1: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
-    /* round 2: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
-    /* round 3: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
-    /* round 4: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
-    /* round 5: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
-    /* round 6: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
-    /* round 7: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
-    /* round 8: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
-    /* round 9: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
-    if (key->rounds > 10) {
-        /* round 10: */
-        s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
-        s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
-        s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
-        s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
-        /* round 11: */
-        t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
-        t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
-        t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
-        t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
-        if (key->rounds > 12) {
-            /* round 12: */
-            s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
-            s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
-            s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
-            s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
-            /* round 13: */
-            t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
-            t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
-            t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
-            t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
-        }
-    }
-	rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-    r = key->rounds >> 1;
-    for (;;) {
-        t0 =
-            Td0[(s0 >> 24)       ] ^
-            Td1[(s3 >> 16) & 0xff] ^
-            Td2[(s2 >>  8) & 0xff] ^
-            Td3[(s1      ) & 0xff] ^
-            rk[4];
-        t1 =
-            Td0[(s1 >> 24)       ] ^
-            Td1[(s0 >> 16) & 0xff] ^
-            Td2[(s3 >>  8) & 0xff] ^
-            Td3[(s2      ) & 0xff] ^
-            rk[5];
-        t2 =
-            Td0[(s2 >> 24)       ] ^
-            Td1[(s1 >> 16) & 0xff] ^
-            Td2[(s0 >>  8) & 0xff] ^
-            Td3[(s3      ) & 0xff] ^
-            rk[6];
-        t3 =
-            Td0[(s3 >> 24)       ] ^
-            Td1[(s2 >> 16) & 0xff] ^
-            Td2[(s1 >>  8) & 0xff] ^
-            Td3[(s0      ) & 0xff] ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        s0 =
-            Td0[(t0 >> 24)       ] ^
-            Td1[(t3 >> 16) & 0xff] ^
-            Td2[(t2 >>  8) & 0xff] ^
-            Td3[(t1      ) & 0xff] ^
-            rk[0];
-        s1 =
-            Td0[(t1 >> 24)       ] ^
-            Td1[(t0 >> 16) & 0xff] ^
-            Td2[(t3 >>  8) & 0xff] ^
-            Td3[(t2      ) & 0xff] ^
-            rk[1];
-        s2 =
-            Td0[(t2 >> 24)       ] ^
-            Td1[(t1 >> 16) & 0xff] ^
-            Td2[(t0 >>  8) & 0xff] ^
-            Td3[(t3      ) & 0xff] ^
-            rk[2];
-        s3 =
-            Td0[(t3 >> 24)       ] ^
-            Td1[(t2 >> 16) & 0xff] ^
-            Td2[(t1 >>  8) & 0xff] ^
-            Td3[(t0      ) & 0xff] ^
-            rk[3];
-    }
-#endif /* ?FULL_UNROLL */
-    /*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-   	s0 =
-   		(Td4[(t0 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t1      ) & 0xff] & 0x000000ff) ^
-   		rk[0];
-	PUTU32(out     , s0);
-   	s1 =
-   		(Td4[(t1 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t2      ) & 0xff] & 0x000000ff) ^
-   		rk[1];
-	PUTU32(out +  4, s1);
-   	s2 =
-   		(Td4[(t2 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t3      ) & 0xff] & 0x000000ff) ^
-   		rk[2];
-	PUTU32(out +  8, s2);
-   	s3 =
-   		(Td4[(t3 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t0      ) & 0xff] & 0x000000ff) ^
-   		rk[3];
-	PUTU32(out + 12, s3);
-}
-
diff --git a/crypto/openssl/crypto/aes/aes_ctr.c b/crypto/openssl/crypto/aes/aes_ctr.c
deleted file mode 100644
index 59088499a0a9..000000000000
--- a/crypto/openssl/crypto/aes/aes_ctr.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/* NOTE: CTR mode is big-endian.  The rest of the AES code
- * is endian-neutral. */
-
-/* increment counter (128-bit int) by 2^64 */
-static void AES_ctr128_inc(unsigned char *counter) {
-	unsigned long c;
-
-	/* Grab 3rd dword of counter and increment */
-#ifdef L_ENDIAN
-	c = GETU32(counter + 8);
-	c++;
-	PUTU32(counter + 8, c);
-#else
-	c = GETU32(counter + 4);
-	c++;
-	PUTU32(counter + 4, c);
-#endif
-
-	/* if no overflow, we're done */
-	if (c)
-		return;
-
-	/* Grab top dword of counter and increment */
-#ifdef L_ENDIAN
-	c = GETU32(counter + 12);
-	c++;
-	PUTU32(counter + 12, c);
-#else
-	c = GETU32(counter +  0);
-	c++;
-	PUTU32(counter +  0, c);
-#endif
-
-}
-
-/* The input encrypted as though 128bit counter mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num, and the
- * encrypted counter is kept in ecount_buf.  Both *num and
- * ecount_buf must be initialised with zeros before the first
- * call to AES_ctr128_encrypt().
- */
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char counter[AES_BLOCK_SIZE],
-	unsigned char ecount_buf[AES_BLOCK_SIZE],
-	unsigned int *num) {
-
-	unsigned int n;
-	unsigned long l=length;
-
-	assert(in && out && key && counter && num);
-	assert(*num < AES_BLOCK_SIZE);
-
-	n = *num;
-
-	while (l--) {
-		if (n == 0) {
-			AES_encrypt(counter, ecount_buf, key);
-			AES_ctr128_inc(counter);
-		}
-		*(out++) = *(in++) ^ ecount_buf[n];
-		n = (n+1) % AES_BLOCK_SIZE;
-	}
-
-	*num=n;
-}
diff --git a/crypto/openssl/crypto/aes/aes_ecb.c b/crypto/openssl/crypto/aes/aes_ecb.c
deleted file mode 100644
index 28aa561c2d89..000000000000
--- a/crypto/openssl/crypto/aes/aes_ecb.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-		     const AES_KEY *key, const int enc) {
-
-        assert(in && out && key);
-	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
-
-	if (AES_ENCRYPT == enc)
-		AES_encrypt(in, out, key);
-	else
-		AES_decrypt(in, out, key);
-}
-
diff --git a/crypto/openssl/crypto/aes/aes_locl.h b/crypto/openssl/crypto/aes/aes_locl.h
deleted file mode 100644
index f290946058eb..000000000000
--- a/crypto/openssl/crypto/aes/aes_locl.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_LOCL_H
-#define HEADER_AES_LOCL_H
-
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
-# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-# define GETU32(p) SWAP(*((u32 *)(p)))
-# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
-#else
-# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
-# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
-#endif
-
-typedef unsigned long u32;
-typedef unsigned short u16;
-typedef unsigned char u8;
-
-#define MAXKC   (256/32)
-#define MAXKB   (256/8)
-#define MAXNR   14
-
-/* This controls loop-unrolling in aes_core.c */
-#undef FULL_UNROLL
-
-#endif /* !HEADER_AES_LOCL_H */
diff --git a/crypto/openssl/crypto/aes/aes_misc.c b/crypto/openssl/crypto/aes/aes_misc.c
deleted file mode 100644
index 090def25d5ac..000000000000
--- a/crypto/openssl/crypto/aes/aes_misc.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
-
-const char *AES_options(void) {
-#ifdef FULL_UNROLL
-        return "aes(full)";
-#else   
-        return "aes(partial)";
-#endif
-}
diff --git a/crypto/openssl/crypto/aes/aes_ofb.c b/crypto/openssl/crypto/aes/aes_ofb.c
deleted file mode 100644
index f358bb39e27c..000000000000
--- a/crypto/openssl/crypto/aes/aes_ofb.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/* The input and output encrypted as though 128bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, int *num) {
-
-	unsigned int n;
-	unsigned long l=length;
-
-	assert(in && out && key && ivec && num);
-
-	n = *num;
-
-	while (l--) {
-		if (n == 0) {
-			AES_encrypt(ivec, ivec, key);
-		}
-		*(out++) = *(in++) ^ ivec[n];
-		n = (n+1) % AES_BLOCK_SIZE;
-	}
-
-	*num=n;
-}
diff --git a/crypto/openssl/crypto/asn1/Makefile.save b/crypto/openssl/crypto/asn1/Makefile.save
deleted file mode 100644
index 269af4459323..000000000000
--- a/crypto/openssl/crypto/asn1/Makefile.save
+++ /dev/null
@@ -1,1346 +0,0 @@
-#
-# SSLeay/crypto/asn1/Makefile
-#
-
-DIR=	asn1
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
-	a_null.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
-	a_enum.c a_vis.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
-	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
-	x_name.c x_cinf.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
-	d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
-	d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
-	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
-	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
-	p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \
-	p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
-	f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
-	f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
-	asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
-	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c
-LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
-	a_null.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
-	a_enum.o a_vis.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
-	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
-	x_name.o x_cinf.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
-	d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
-	d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
-	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
-	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
-	p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \
-	p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
-	f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
-	f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
-	asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
-	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  asn1.h asn1_mac.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:	test.c
-	cc -g -I../../include -c test.c
-	cc -g -I../../include -o test test.o -L../.. -lcrypto
-
-pk:	pk.c
-	cc -g -I../../include -c pk.c
-	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-a_bitstr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bitstr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bitstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bitstr.o: ../cryptlib.h
-a_bmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bmp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bmp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bmp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bmp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bmp.o: ../cryptlib.h
-a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bool.o: ../cryptlib.h
-a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bytes.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_d2i_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_d2i_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_d2i_fp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_d2i_fp.o: ../../include/openssl/opensslconf.h
-a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_d2i_fp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_d2i_fp.o: ../cryptlib.h
-a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_digest.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_digest.o: ../../include/openssl/opensslconf.h
-a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-a_digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-a_digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_dup.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_dup.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_enum.o: ../cryptlib.h
-a_gentm.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_gentm.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_gentm.o: ../cryptlib.h
-a_hdr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_hdr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_hdr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_hdr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_i2d_fp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_i2d_fp.o: ../../include/openssl/opensslconf.h
-a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_i2d_fp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_i2d_fp.o: ../cryptlib.h
-a_int.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_int.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_int.o: ../cryptlib.h
-a_mbstr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_mbstr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_mbstr.o: ../cryptlib.h
-a_meth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_meth.o: ../cryptlib.h
-a_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_null.o: ../cryptlib.h
-a_object.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_object.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_object.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_object.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_object.o: ../cryptlib.h
-a_octet.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_octet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_octet.o: ../cryptlib.h
-a_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_print.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_print.o: ../cryptlib.h
-a_set.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_set.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_set.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_sign.o: ../cryptlib.h
-a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
-a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-a_strex.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_strex.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_strex.o: charmap.h
-a_strnid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_strnid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_strnid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_strnid.o: ../cryptlib.h
-a_time.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_time.o: ../cryptlib.h
-a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_type.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_utctm.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_utctm.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_utctm.o: ../cryptlib.h
-a_utf8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_utf8.o: ../cryptlib.h
-a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_verify.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_verify.o: ../../include/openssl/opensslconf.h
-a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-a_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-a_verify.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_vis.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_vis.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_vis.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_vis.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_vis.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_vis.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_vis.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_vis.o: ../cryptlib.h
-asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_err.o: ../../include/openssl/opensslconf.h
-asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-asn1_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn1_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_lib.o: ../../include/openssl/opensslconf.h
-asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-asn1_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn1_lib.o: ../cryptlib.h
-asn1_par.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn1_par.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-asn1_par.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn1_par.o: ../cryptlib.h
-asn_pack.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn_pack.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-asn_pack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn_pack.o: ../cryptlib.h
-d2i_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-d2i_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-d2i_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-d2i_dhp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dhp.o: ../cryptlib.h
-d2i_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_dsap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_dsap.o: ../../include/openssl/opensslconf.h
-d2i_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dsap.o: ../cryptlib.h
-d2i_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-d2i_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-d2i_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-d2i_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_pu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-d2i_pu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-d2i_pu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-d2i_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pr.o: ../../include/openssl/opensslconf.h
-d2i_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pu.o: ../../include/openssl/opensslconf.h
-d2i_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pr.o: ../../include/openssl/opensslconf.h
-d2i_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pr.o: ../cryptlib.h
-d2i_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pu.o: ../../include/openssl/opensslconf.h
-d2i_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pu.o: ../cryptlib.h
-evp_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-evp_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-evp_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-evp_asn1.o: ../../include/openssl/opensslconf.h
-evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-evp_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_asn1.o: ../cryptlib.h
-f_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-f_enum.o: ../cryptlib.h
-f_int.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-f_int.o: ../cryptlib.h
-f_string.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_string.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-f_string.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-f_string.o: ../cryptlib.h
-i2d_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-i2d_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-i2d_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-i2d_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dhp.o: ../cryptlib.h
-i2d_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_dsap.o: ../../include/openssl/opensslconf.h
-i2d_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dsap.o: ../cryptlib.h
-i2d_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-i2d_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-i2d_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_pu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-i2d_pu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-i2d_pu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-i2d_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pr.o: ../../include/openssl/opensslconf.h
-i2d_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pu.o: ../../include/openssl/opensslconf.h
-i2d_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pr.o: ../../include/openssl/opensslconf.h
-i2d_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pr.o: ../cryptlib.h
-i2d_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pu.o: ../../include/openssl/opensslconf.h
-i2d_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pu.o: ../cryptlib.h
-n_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-n_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-n_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-n_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-nsseq.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-nsseq.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-nsseq.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-nsseq.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-nsseq.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p5_pbe.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p5_pbe.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p5_pbe.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p5_pbe.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_pbe.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_pbe.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../cryptlib.h
-p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p5_pbev2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p5_pbev2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-p5_pbev2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_pbev2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbev2.o: ../cryptlib.h
-p7_dgst.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_dgst.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_dgst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_dgst.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_dgst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_dgst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_dgst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_dgst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_dgst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_dgst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_dgst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_dgst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_dgst.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc_c.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc_c.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc_c.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc_c.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc_c.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc_c.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc_c.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc_c.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc_c.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc_c.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc_c.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc_c.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc_c.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc_c.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc_c.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_enc_c.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc_c.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc_c.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc_c.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_evp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_evp.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_evp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_evp.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_evp.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_evp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_evp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_evp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_evp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_evp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_evp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_evp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_evp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_evp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_evp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_i_s.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_i_s.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_i_s.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_i_s.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_i_s.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_i_s.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_i_s.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_i_s.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_i_s.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_i_s.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_i_s.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_i_s.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_i_s.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_i_s.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_i_s.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_i_s.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_i_s.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_i_s.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_recip.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_recip.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_recip.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_recip.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_recip.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_recip.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_recip.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_recip.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_recip.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_recip.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_recip.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_recip.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_recip.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_recip.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_recip.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_recip.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_recip.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_recip.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_recip.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_s_e.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_s_e.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_s_e.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_s_e.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_s_e.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_s_e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_s_e.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_s_e.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_s_e.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_s_e.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_s_e.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_s_e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_s_e.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_s_e.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_s_e.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_s_e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_s_e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_s_e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signd.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signd.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signd.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signd.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signd.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_signd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signi.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signi.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signi.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signi.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signi.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signi.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signi.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signi.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signi.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signi.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signi.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signi.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signi.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signi.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p7_signi.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signi.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signi.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signi.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p8_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p8_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p8_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_bitst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_bitst.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_bitst.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_bitst.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_bitst.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_crl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_crl.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_crl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_crl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_crl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-t_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-t_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_pkey.o: ../cryptlib.h
-t_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_req.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_req.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_x509.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_x509.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_x509a.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_algor.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_algor.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_algor.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_algor.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_algor.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_algor.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_attrib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_attrib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_attrib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_attrib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_cinf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_cinf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_cinf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_cinf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_cinf.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_cinf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_cinf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_cinf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_cinf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_cinf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_cinf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_cinf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_cinf.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_cinf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_cinf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_cinf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_cinf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_cinf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_crl.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_crl.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_crl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_crl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_crl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_exten.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_exten.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_exten.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_exten.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_exten.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_exten.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_info.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_name.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_name.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_name.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_name.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_name.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_name.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_name.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_pubkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_pubkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_pubkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_pubkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_req.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_req.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_req.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_req.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_req.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_req.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_sig.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_sig.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_sig.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_sig.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_sig.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_sig.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_val.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_val.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_val.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_val.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_val.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_val.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_val.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_x509.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x_x509.o: ../cryptlib.h
-x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_x509a.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
diff --git a/crypto/openssl/crypto/asn1/Makefile.ssl b/crypto/openssl/crypto/asn1/Makefile.ssl
deleted file mode 100644
index 944d8f164ae6..000000000000
--- a/crypto/openssl/crypto/asn1/Makefile.ssl
+++ /dev/null
@@ -1,1152 +0,0 @@
-#
-# SSLeay/crypto/asn1/Makefile
-#
-
-DIR=	asn1
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
-	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
-	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
-	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
-	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
-	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
-	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
-	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
-	f_int.c f_string.c n_pkey.c \
-	f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
-	asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
-	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
-LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
-	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
-	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
-	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
-	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
-	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
-	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
-	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
-	f_int.o f_string.o n_pkey.o \
-	f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
-	asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
-	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  asn1.h asn1_mac.h asn1t.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:	test.c
-	cc -g -I../../include -c test.c
-	cc -g -I../../include -o test test.o -L../.. -lcrypto
-
-pk:	pk.c
-	cc -g -I../../include -c pk.c
-	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
-a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bool.o: ../cryptlib.h a_bool.c
-a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c
-a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
-a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_d2i_fp.o: ../../include/openssl/opensslconf.h
-a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
-a_digest.o: ../../e_os.h ../../include/openssl/aes.h
-a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_digest.o: ../../include/openssl/opensslconf.h
-a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-a_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_digest.o: ../cryptlib.h a_digest.c
-a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_dup.o: ../cryptlib.h a_dup.c
-a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_enum.o: ../cryptlib.h a_enum.c
-a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
-a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c
-a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_hdr.o: ../cryptlib.h a_hdr.c
-a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
-a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
-a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_int.o: ../cryptlib.h a_int.c
-a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c
-a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_meth.o: ../cryptlib.h a_meth.c
-a_object.o: ../../e_os.h ../../include/openssl/asn1.h
-a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
-a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
-a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c
-a_print.o: ../../e_os.h ../../include/openssl/asn1.h
-a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c
-a_set.o: ../../e_os.h ../../include/openssl/asn1.h
-a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_set.o: ../cryptlib.h a_set.c
-a_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-a_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-a_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-a_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-a_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_sign.o: ../cryptlib.h a_sign.c
-a_strex.o: ../../e_os.h ../../include/openssl/aes.h
-a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-a_strex.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-a_strex.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
-a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
-a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
-a_time.o: ../../e_os.h ../../include/openssl/asn1.h
-a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_time.o: ../cryptlib.h ../o_time.h a_time.c
-a_type.o: ../../e_os.h ../../include/openssl/asn1.h
-a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_type.o: ../cryptlib.h a_type.c
-a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
-a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c
-a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_utf8.o: ../cryptlib.h a_utf8.c
-a_verify.o: ../../e_os.h ../../include/openssl/aes.h
-a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-a_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_verify.o: ../../include/openssl/opensslconf.h
-a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-a_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_verify.o: ../cryptlib.h a_verify.c
-asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
-asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_lib.o: ../../include/openssl/opensslconf.h
-asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
-asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
-asn_moid.o: ../../e_os.h ../../include/openssl/aes.h
-asn_moid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn_moid.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-asn_moid.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-asn_moid.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-asn_moid.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-asn_moid.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn_moid.o: ../../include/openssl/opensslconf.h
-asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-asn_moid.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-asn_moid.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn_moid.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-asn_moid.o: ../cryptlib.h asn_moid.c
-asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
-asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
-d2i_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-d2i_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c
-d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c
-evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-evp_asn1.o: ../../include/openssl/opensslconf.h
-evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
-f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-f_enum.o: ../cryptlib.h f_enum.c
-f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-f_int.o: ../cryptlib.h f_int.c
-f_string.o: ../../e_os.h ../../include/openssl/asn1.h
-f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
-i2d_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-i2d_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c
-i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c
-n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
-n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-n_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-n_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-n_pkey.o: ../cryptlib.h n_pkey.c
-nsseq.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-nsseq.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-nsseq.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-nsseq.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
-p5_pbe.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-p5_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p5_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p5_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p5_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_pbe.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../cryptlib.h p5_pbe.c
-p5_pbev2.o: ../../e_os.h ../../include/openssl/aes.h
-p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p5_pbev2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p5_pbev2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p5_pbev2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p5_pbev2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c
-p8_pkey.o: ../../e_os.h ../../include/openssl/aes.h
-p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p8_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p8_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p8_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p8_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p8_pkey.o: ../cryptlib.h p8_pkey.c
-t_bitst.o: ../../e_os.h ../../include/openssl/aes.h
-t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
-t_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-t_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_crl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-t_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-t_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-t_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_crl.o: ../cryptlib.h t_crl.c
-t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c
-t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_req.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-t_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-t_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-t_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_req.o: ../cryptlib.h t_req.c
-t_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_spki.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_spki.o: ../cryptlib.h t_spki.c
-t_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-t_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-t_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-t_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-t_x509.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_x509.o: ../cryptlib.h t_x509.c
-t_x509a.o: ../../e_os.h ../../include/openssl/aes.h
-t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-t_x509a.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-t_x509a.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
-tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
-tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tasn_enc.o: ../../include/openssl/opensslconf.h
-tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c
-tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tasn_fre.o: ../../include/openssl/opensslconf.h
-tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
-tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tasn_new.o: ../../include/openssl/opensslconf.h
-tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
-tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_typ.o: ../../include/openssl/opensslconf.h
-tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
-tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tasn_utl.o: ../../include/openssl/opensslconf.h
-tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
-x_algor.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_algor.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_algor.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_algor.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_algor.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_algor.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_algor.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_algor.o: x_algor.c
-x_attrib.o: ../../e_os.h ../../include/openssl/aes.h
-x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_attrib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_attrib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_attrib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_attrib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_attrib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_attrib.o: ../cryptlib.h x_attrib.c
-x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
-x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-x_bignum.o: ../../include/openssl/opensslconf.h
-x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
-x_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c
-x_exten.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_exten.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_exten.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_exten.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_exten.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_exten.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_exten.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_exten.o: x_exten.c
-x_info.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_info.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_info.o: ../cryptlib.h x_info.c
-x_long.o: ../../e_os.h ../../include/openssl/asn1.h
-x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_long.o: ../cryptlib.h x_long.c
-x_name.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_name.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c
-x_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-x_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
-x_pubkey.o: ../../e_os.h ../../include/openssl/aes.h
-x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_pubkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_pubkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_pubkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_pubkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_pubkey.o: ../cryptlib.h x_pubkey.c
-x_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c
-x_sig.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_sig.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_sig.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_sig.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_sig.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_sig.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_sig.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c
-x_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_spki.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c
-x_val.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_val.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_val.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_val.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_val.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_val.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_val.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_val.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x_val.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c
-x_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x_x509.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c
-x_x509a.o: ../../e_os.h ../../include/openssl/aes.h
-x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_x509a.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_x509a.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/crypto/openssl/crypto/asn1/a_bitstr.c b/crypto/openssl/crypto/asn1/a_bitstr.c
deleted file mode 100644
index f4ea96cd54e8..000000000000
--- a/crypto/openssl/crypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* crypto/asn1/a_bitstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
-{ return M_ASN1_BIT_STRING_set(x, d, len); }
-
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-	{
-	int ret,j,bits,len;
-	unsigned char *p,*d;
-
-	if (a == NULL) return(0);
-
-	len=a->length;
-
-	if (len > 0)
-		{
-		if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
-			{
-			bits=(int)a->flags&0x07;
-			}
-		else
-			{
-			for ( ; len > 0; len--)
-				{
-				if (a->data[len-1]) break;
-				}
-			j=a->data[len-1];
-			if      (j & 0x01) bits=0;
-			else if (j & 0x02) bits=1;
-			else if (j & 0x04) bits=2;
-			else if (j & 0x08) bits=3;
-			else if (j & 0x10) bits=4;
-			else if (j & 0x20) bits=5;
-			else if (j & 0x40) bits=6;
-			else if (j & 0x80) bits=7;
-			else bits=0; /* should not happen */
-			}
-		}
-	else
-		bits=0;
-
-	ret=1+len;
-	if (pp == NULL) return(ret);
-
-	p= *pp;
-
-	*(p++)=(unsigned char)bits;
-	d=a->data;
-	memcpy(p,d,len);
-	p+=len;
-	if (len > 0) p[-1]&=(0xff<<bits);
-	*pp=p;
-	return(ret);
-	}
-
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
-	     long len)
-	{
-	ASN1_BIT_STRING *ret=NULL;
-	unsigned char *p,*s;
-	int i;
-
-	if (len < 1)
-		{
-		i=ASN1_R_STRING_TOO_SHORT;
-		goto err;
-		}
-
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
-		}
-	else
-		ret=(*a);
-
-	p= *pp;
-	i= *(p++);
-	/* We do this to preserve the settings.  If we modify
-	 * the settings, via the _set_bit function, we will recalculate
-	 * on output */
-	ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
-	ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
-
-	if (len-- > 1) /* using one because of the bits left byte */
-		{
-		s=(unsigned char *)OPENSSL_malloc((int)len);
-		if (s == NULL)
-			{
-			i=ERR_R_MALLOC_FAILURE;
-			goto err;
-			}
-		memcpy(s,p,(int)len);
-		s[len-1]&=(0xff<<i);
-		p+=len;
-		}
-	else
-		s=NULL;
-
-	ret->length=(int)len;
-	if (ret->data != NULL) OPENSSL_free(ret->data);
-	ret->data=s;
-	ret->type=V_ASN1_BIT_STRING;
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		M_ASN1_BIT_STRING_free(ret);
-	return(NULL);
-	}
-
-/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
- */
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
-	{
-	int w,v,iv;
-	unsigned char *c;
-
-	w=n/8;
-	v=1<<(7-(n&0x07));
-	iv= ~v;
-	if (!value) v=0;
-
-	a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
-
-	if (a == NULL) return(0);
-	if ((a->length < (w+1)) || (a->data == NULL))
-		{
-		if (!value) return(1); /* Don't need to set */
-		if (a->data == NULL)
-			c=(unsigned char *)OPENSSL_malloc(w+1);
-		else
-			c=(unsigned char *)OPENSSL_realloc_clean(a->data,
-								 a->length,
-								 w+1);
-		if (c == NULL) return(0);
-		if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
-		a->data=c;
-		a->length=w+1;
-	}
-	a->data[w]=((a->data[w])&iv)|v;
-	while ((a->length > 0) && (a->data[a->length-1] == 0))
-		a->length--;
-	return(1);
-	}
-
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
-	{
-	int w,v;
-
-	w=n/8;
-	v=1<<(7-(n&0x07));
-	if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
-		return(0);
-	return((a->data[w]&v) != 0);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/a_bmp.c b/crypto/openssl/crypto/asn1/a_bmp.c
deleted file mode 100644
index d9ac5a0475bb..000000000000
--- a/crypto/openssl/crypto/asn1/a_bmp.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_bmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_BMPSTRING *ASN1_BMPSTRING_new(void)
-{ return M_ASN1_BMPSTRING_new(); }
-
-void ASN1_BMPSTRING_free(ASN1_BMPSTRING *x)
-{ M_ASN1_BMPSTRING_free(x); }
-
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp)
-	{
-	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-		V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL));
-	}
-
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
-	     long length)
-	{
-	ASN1_BMPSTRING *ret=NULL;
-
-	ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-		pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR);
-		return(NULL);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/a_bool.c b/crypto/openssl/crypto/asn1/a_bool.c
deleted file mode 100644
index 24333ea4d525..000000000000
--- a/crypto/openssl/crypto/asn1/a_bool.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/asn1/a_bool.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
-	{
-	int r;
-	unsigned char *p;
-
-	r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
-	if (pp == NULL) return(r);
-	p= *pp;
-
-	ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
-	*(p++)= (unsigned char)a;
-	*pp=p;
-	return(r);
-	}
-
-int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length)
-	{
-	int ret= -1;
-	unsigned char *p;
-	long len;
-	int inf,tag,xclass;
-	int i=0;
-
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80)
-		{
-		i=ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-		}
-
-	if (tag != V_ASN1_BOOLEAN)
-		{
-		i=ASN1_R_EXPECTING_A_BOOLEAN;
-		goto err;
-		}
-
-	if (len != 1)
-		{
-		i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
-		goto err;
-		}
-	ret= (int)*(p++);
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
-	return(ret);
-	}
-
-
diff --git a/crypto/openssl/crypto/asn1/a_bytes.c b/crypto/openssl/crypto/asn1/a_bytes.c
deleted file mode 100644
index afd27b80e1b0..000000000000
--- a/crypto/openssl/crypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* crypto/asn1/a_bytes.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
-/* type is a 'bitmap' of acceptable string types.
- */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
-	     long length, int type)
-	{
-	ASN1_STRING *ret=NULL;
-	unsigned char *p,*s;
-	long len;
-	int inf,tag,xclass;
-	int i=0;
-
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80) goto err;
-
-	if (tag >= 32)
-		{
-		i=ASN1_R_TAG_VALUE_TOO_HIGH;;
-		goto err;
-		}
-	if (!(ASN1_tag2bit(tag) & type))
-		{
-		i=ASN1_R_WRONG_TYPE;
-		goto err;
-		}
-
-	/* If a bit-string, exit early */
-	if (tag == V_ASN1_BIT_STRING)
-		return(d2i_ASN1_BIT_STRING(a,pp,length));
-
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
-		}
-	else
-		ret=(*a);
-
-	if (len != 0)
-		{
-		s=(unsigned char *)OPENSSL_malloc((int)len+1);
-		if (s == NULL)
-			{
-			i=ERR_R_MALLOC_FAILURE;
-			goto err;
-			}
-		memcpy(s,p,(int)len);
-		s[len]='\0';
-		p+=len;
-		}
-	else
-		s=NULL;
-
-	if (ret->data != NULL) OPENSSL_free(ret->data);
-	ret->length=(int)len;
-	ret->data=s;
-	ret->type=tag;
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_STRING_free(ret);
-	return(NULL);
-	}
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
-	{
-	int ret,r,constructed;
-	unsigned char *p;
-
-	if (a == NULL)  return(0);
-
-	if (tag == V_ASN1_BIT_STRING)
-		return(i2d_ASN1_BIT_STRING(a,pp));
-		
-	ret=a->length;
-	r=ASN1_object_size(0,ret,tag);
-	if (pp == NULL) return(r);
-	p= *pp;
-
-	if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
-		constructed=1;
-	else
-		constructed=0;
-	ASN1_put_object(&p,constructed,ret,tag,xclass);
-	memcpy(p,a->data,a->length);
-	p+=a->length;
-	*pp= p;
-	return(r);
-	}
-
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
-	     int Ptag, int Pclass)
-	{
-	ASN1_STRING *ret=NULL;
-	unsigned char *p,*s;
-	long len;
-	int inf,tag,xclass;
-	int i=0;
-
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
-		}
-	else
-		ret=(*a);
-
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80)
-		{
-		i=ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-		}
-
-	if (tag != Ptag)
-		{
-		i=ASN1_R_WRONG_TAG;
-		goto err;
-		}
-
-	if (inf & V_ASN1_CONSTRUCTED)
-		{
-		ASN1_CTX c;
-
-		c.pp=pp;
-		c.p=p;
-		c.inf=inf;
-		c.slen=len;
-		c.tag=Ptag;
-		c.xclass=Pclass;
-		c.max=(length == 0)?0:(p+length);
-		if (!asn1_collate_primitive(ret,&c)) 
-			goto err; 
-		else
-			{
-			p=c.p;
-			}
-		}
-	else
-		{
-		if (len != 0)
-			{
-			if ((ret->length < len) || (ret->data == NULL))
-				{
-				if (ret->data != NULL) OPENSSL_free(ret->data);
-				s=(unsigned char *)OPENSSL_malloc((int)len + 1);
-				if (s == NULL)
-					{
-					i=ERR_R_MALLOC_FAILURE;
-					goto err;
-					}
-				}
-			else
-				s=ret->data;
-			memcpy(s,p,(int)len);
-			s[len] = '\0';
-			p+=len;
-			}
-		else
-			{
-			s=NULL;
-			if (ret->data != NULL) OPENSSL_free(ret->data);
-			}
-
-		ret->length=(int)len;
-		ret->data=s;
-		ret->type=Ptag;
-		}
-
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_STRING_free(ret);
-	ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
-	return(NULL);
-	}
-
-
-/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
- * them into the one structure that is then returned */
-/* There have been a few bug fixes for this function from
- * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
-	{
-	ASN1_STRING *os=NULL;
-	BUF_MEM b;
-	int num;
-
-	b.length=0;
-	b.max=0;
-	b.data=NULL;
-
-	if (a == NULL)
-		{
-		c->error=ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-		}
-
-	num=0;
-	for (;;)
-		{
-		if (c->inf & 1)
-			{
-			c->eos=ASN1_check_infinite_end(&c->p,
-				(long)(c->max-c->p));
-			if (c->eos) break;
-			}
-		else
-			{
-			if (c->slen <= 0) break;
-			}
-
-		c->q=c->p;
-		if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
-			== NULL)
-			{
-			c->error=ERR_R_ASN1_LIB;
-			goto err;
-			}
-
-		if (!BUF_MEM_grow_clean(&b,num+os->length))
-			{
-			c->error=ERR_R_BUF_LIB;
-			goto err;
-			}
-		memcpy(&(b.data[num]),os->data,os->length);
-		if (!(c->inf & 1))
-			c->slen-=(c->p-c->q);
-		num+=os->length;
-		}
-
-	if (!asn1_Finish(c)) goto err;
-
-	a->length=num;
-	if (a->data != NULL) OPENSSL_free(a->data);
-	a->data=(unsigned char *)b.data;
-	if (os != NULL) ASN1_STRING_free(os);
-	return(1);
-err:
-	ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
-	if (os != NULL) ASN1_STRING_free(os);
-	if (b.data != NULL) OPENSSL_free(b.data);
-	return(0);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/a_d2i_fp.c b/crypto/openssl/crypto/asn1/a_d2i_fp.c
deleted file mode 100644
index b67b75e7c27e..000000000000
--- a/crypto/openssl/crypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* crypto/asn1/a_d2i_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-#ifndef NO_OLD_ASN1
-#ifndef OPENSSL_NO_FP_API
-
-char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
-	     unsigned char **x)
-        {
-        BIO *b;
-        char *ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
-                return(NULL);
-		}
-        BIO_set_fp(b,in,BIO_NOCLOSE);
-        ret=ASN1_d2i_bio(xnew,d2i,b,x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in,
-	     unsigned char **x)
-	{
-	BUF_MEM *b = NULL;
-	unsigned char *p;
-	char *ret=NULL;
-	int len;
-
-	len = asn1_d2i_read_bio(in, &b);
-	if(len < 0) goto err;
-
-	p=(unsigned char *)b->data;
-	ret=d2i(x,&p,len);
-err:
-	if (b != NULL) BUF_MEM_free(b);
-	return(ret);
-	}
-
-#endif
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
-	{
-	BUF_MEM *b = NULL;
-	unsigned char *p;
-	void *ret=NULL;
-	int len;
-
-	len = asn1_d2i_read_bio(in, &b);
-	if(len < 0) goto err;
-
-	p=(unsigned char *)b->data;
-	ret=ASN1_item_d2i(x,&p,len, it);
-err:
-	if (b != NULL) BUF_MEM_free(b);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
-        {
-        BIO *b;
-        char *ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
-                return(NULL);
-		}
-        BIO_set_fp(b,in,BIO_NOCLOSE);
-        ret=ASN1_item_d2i_bio(it,b,x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-#define HEADER_SIZE   8
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
-	{
-	BUF_MEM *b;
-	unsigned char *p;
-	int i;
-	int ret=-1;
-	ASN1_CTX c;
-	int want=HEADER_SIZE;
-	int eos=0;
-#if defined(__GNUC__) && defined(__ia64)
-	/* pathetic compiler bug in all known versions as of Nov. 2002 */
-	long off=0;
-#else
-	int off=0;
-#endif
-	int len=0;
-
-	b=BUF_MEM_new();
-	if (b == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
-		return -1;
-		}
-
-	ERR_clear_error();
-	for (;;)
-		{
-		if (want >= (len-off))
-			{
-			want-=(len-off);
-
-			if (!BUF_MEM_grow_clean(b,len+want))
-				{
-				ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			i=BIO_read(in,&(b->data[len]),want);
-			if ((i < 0) && ((len-off) == 0))
-				{
-				ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
-				goto err;
-				}
-			if (i > 0)
-				len+=i;
-			}
-		/* else data already loaded */
-
-		p=(unsigned char *)&(b->data[off]);
-		c.p=p;
-		c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
-			len-off);
-		if (c.inf & 0x80)
-			{
-			unsigned long e;
-
-			e=ERR_GET_REASON(ERR_peek_error());
-			if (e != ASN1_R_TOO_LONG)
-				goto err;
-			else
-				ERR_get_error(); /* clear error */
-			}
-		i=c.p-p;/* header length */
-		off+=i;	/* end of data */
-
-		if (c.inf & 1)
-			{
-			/* no data body so go round again */
-			eos++;
-			want=HEADER_SIZE;
-			}
-		else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
-			{
-			/* eos value, so go back and read another header */
-			eos--;
-			if (eos <= 0)
-				break;
-			else
-				want=HEADER_SIZE;
-			}
-		else 
-			{
-			/* suck in c.slen bytes of data */
-			want=(int)c.slen;
-			if (want > (len-off))
-				{
-				want-=(len-off);
-				if (!BUF_MEM_grow_clean(b,len+want))
-					{
-					ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
-					goto err;
-					}
-				while (want > 0)
-					{
-					i=BIO_read(in,&(b->data[len]),want);
-					if (i <= 0)
-						{
-						ASN1err(ASN1_F_ASN1_D2I_BIO,
-						    ASN1_R_NOT_ENOUGH_DATA);
-						goto err;
-						}
-					len+=i;
-					want -= i;
-					}
-				}
-			off+=(int)c.slen;
-			if (eos <= 0)
-				{
-				break;
-				}
-			else
-				want=HEADER_SIZE;
-			}
-		}
-
-	*pb = b;
-	return off;
-err:
-	if (b != NULL) BUF_MEM_free(b);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_digest.c b/crypto/openssl/crypto/asn1/a_digest.c
deleted file mode 100644
index 4931e222a05e..000000000000
--- a/crypto/openssl/crypto/asn1/a_digest.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/asn1/a_digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
-		unsigned char *md, unsigned int *len)
-	{
-	int i;
-	unsigned char *str,*p;
-
-	i=i2d(data,NULL);
-	if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0);
-	p=str;
-	i2d(data,&p);
-
-	EVP_Digest(str, i, md, len, type, NULL);
-	OPENSSL_free(str);
-	return(1);
-	}
-
-#endif
-
-
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
-		unsigned char *md, unsigned int *len)
-	{
-	int i;
-	unsigned char *str = NULL;
-
-	i=ASN1_item_i2d(asn,&str, it);
-	if (!str) return(0);
-
-	EVP_Digest(str, i, md, len, type, NULL);
-	OPENSSL_free(str);
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/a_dup.c b/crypto/openssl/crypto/asn1/a_dup.c
deleted file mode 100644
index 58a017884cb5..000000000000
--- a/crypto/openssl/crypto/asn1/a_dup.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/asn1/a_dup.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-#ifndef NO_OLD_ASN1
-
-char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
-	{
-	unsigned char *b,*p;
-	long i;
-	char *ret;
-
-	if (x == NULL) return(NULL);
-
-	i=(long)i2d(x,NULL);
-	b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
-	if (b == NULL)
-		{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
-	p= b;
-	i=i2d(x,&p);
-	p= b;
-	ret=d2i(NULL,&p,i);
-	OPENSSL_free(b);
-	return(ret);
-	}
-
-#endif
-
-/* ASN1_ITEM version of dup: this follows the model above except we don't need
- * to allocate the buffer. At some point this could be rewritten to directly dup
- * the underlying structure instead of doing and encode and decode.
- */
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
-	{
-	unsigned char *b = NULL, *p;
-	long i;
-	void *ret;
-
-	if (x == NULL) return(NULL);
-
-	i=ASN1_item_i2d(x,&b,it);
-	if (b == NULL)
-		{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
-	p= b;
-	ret=ASN1_item_d2i(NULL,&p,i, it);
-	OPENSSL_free(b);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_enum.c b/crypto/openssl/crypto/asn1/a_enum.c
deleted file mode 100644
index ad8f0ffd1ab3..000000000000
--- a/crypto/openssl/crypto/asn1/a_enum.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* crypto/asn1/a_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/* 
- * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
- * for comments on encoding see a_int.c
- */
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
-	{
-	int i,j,k;
-	unsigned char buf[sizeof(long)+1];
-	long d;
-
-	a->type=V_ASN1_ENUMERATED;
-	if (a->length < (sizeof(long)+1))
-		{
-		if (a->data != NULL)
-			OPENSSL_free(a->data);
-		if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
-			memset((char *)a->data,0,sizeof(long)+1);
-		}
-	if (a->data == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	d=v;
-	if (d < 0)
-		{
-		d= -d;
-		a->type=V_ASN1_NEG_ENUMERATED;
-		}
-
-	for (i=0; i<sizeof(long); i++)
-		{
-		if (d == 0) break;
-		buf[i]=(int)d&0xff;
-		d>>=8;
-		}
-	j=0;
-	for (k=i-1; k >=0; k--)
-		a->data[j++]=buf[k];
-	a->length=j;
-	return(1);
-	}
-
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
-	{
-	int neg=0,i;
-	long r=0;
-
-	if (a == NULL) return(0L);
-	i=a->type;
-	if (i == V_ASN1_NEG_ENUMERATED)
-		neg=1;
-	else if (i != V_ASN1_ENUMERATED)
-		return -1;
-	
-	if (a->length > sizeof(long))
-		{
-		/* hmm... a bit ugly */
-		return(0xffffffffL);
-		}
-	if (a->data == NULL)
-		return 0;
-
-	for (i=0; i<a->length; i++)
-		{
-		r<<=8;
-		r|=(unsigned char)a->data[i];
-		}
-	if (neg) r= -r;
-	return(r);
-	}
-
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
-	{
-	ASN1_ENUMERATED *ret;
-	int len,j;
-
-	if (ai == NULL)
-		ret=M_ASN1_ENUMERATED_new();
-	else
-		ret=ai;
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-		}
-	if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED;
-	else ret->type=V_ASN1_ENUMERATED;
-	j=BN_num_bits(bn);
-	len=((j == 0)?0:((j/8)+1));
-	if (ret->length < len+4)
-		{
-		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
-		if (!new_data)
-			{
-			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		ret->data=new_data;
-		}
-
-	ret->length=BN_bn2bin(bn,ret->data);
-	return(ret);
-err:
-	if (ret != ai) M_ASN1_ENUMERATED_free(ret);
-	return(NULL);
-	}
-
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
-	{
-	BIGNUM *ret;
-
-	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
-		ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
-	else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1;
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_gentm.c b/crypto/openssl/crypto/asn1/a_gentm.c
deleted file mode 100644
index cd09f68b38f6..000000000000
--- a/crypto/openssl/crypto/asn1/a_gentm.c
+++ /dev/null
@@ -1,239 +0,0 @@
-/* crypto/asn1/a_gentm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1.h>
-
-#if 0
-
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
-	{
-#ifdef CHARSET_EBCDIC
-	/* KLUDGE! We convert to ascii before writing DER */
-	int len;
-	char tmp[24];
-	ASN1_STRING tmpstr = *(ASN1_STRING *)a;
-
-	len = tmpstr.length;
-	ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
-	tmpstr.data = tmp;
-
-	a = (ASN1_GENERALIZEDTIME *) &tmpstr;
-#endif
-	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-		V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL));
-	}
-
-
-ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
-	     unsigned char **pp, long length)
-	{
-	ASN1_GENERALIZEDTIME *ret=NULL;
-
-	ret=(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
-		V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL);
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ERR_R_NESTED_ASN1_ERROR);
-		return(NULL);
-		}
-#ifdef CHARSET_EBCDIC
-	ascii2ebcdic(ret->data, ret->data, ret->length);
-#endif
-	if (!ASN1_GENERALIZEDTIME_check(ret))
-		{
-		ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ASN1_R_INVALID_TIME_FORMAT);
-		goto err;
-		}
-
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		M_ASN1_GENERALIZEDTIME_free(ret);
-	return(NULL);
-	}
-
-#endif
-
-int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
-	{
-	static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
-	static int max[9]={99, 99,12,31,23,59,59,12,59};
-	char *a;
-	int n,i,l,o;
-
-	if (d->type != V_ASN1_GENERALIZEDTIME) return(0);
-	l=d->length;
-	a=(char *)d->data;
-	o=0;
-	/* GENERALIZEDTIME is similar to UTCTIME except the year is
-         * represented as YYYY. This stuff treats everything as a two digit
-         * field so make first two fields 00 to 99
-         */
-	if (l < 13) goto err;
-	for (i=0; i<7; i++)
-		{
-		if ((i == 6) && ((a[o] == 'Z') ||
-			(a[o] == '+') || (a[o] == '-')))
-			{ i++; break; }
-		if ((a[o] < '0') || (a[o] > '9')) goto err;
-		n= a[o]-'0';
-		if (++o > l) goto err;
-
-		if ((a[o] < '0') || (a[o] > '9')) goto err;
-		n=(n*10)+ a[o]-'0';
-		if (++o > l) goto err;
-
-		if ((n < min[i]) || (n > max[i])) goto err;
-		}
-	/* Optional fractional seconds: decimal point followed by one
-	 * or more digits.
-	 */
-	if (a[o] == '.')
-		{
-		if (++o > l) goto err;
-		i = o;
-		while ((a[o] >= '0') && (a[o] <= '9') && (o <= l))
-			o++;
-		/* Must have at least one digit after decimal point */
-		if (i == o) goto err;
-		}
-
-	if (a[o] == 'Z')
-		o++;
-	else if ((a[o] == '+') || (a[o] == '-'))
-		{
-		o++;
-		if (o+4 > l) goto err;
-		for (i=7; i<9; i++)
-			{
-			if ((a[o] < '0') || (a[o] > '9')) goto err;
-			n= a[o]-'0';
-			o++;
-			if ((a[o] < '0') || (a[o] > '9')) goto err;
-			n=(n*10)+ a[o]-'0';
-			if ((n < min[i]) || (n > max[i])) goto err;
-			o++;
-			}
-		}
-	return(o == l);
-err:
-	return(0);
-	}
-
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str)
-	{
-	ASN1_GENERALIZEDTIME t;
-
-	t.type=V_ASN1_GENERALIZEDTIME;
-	t.length=strlen(str);
-	t.data=(unsigned char *)str;
-	if (ASN1_GENERALIZEDTIME_check(&t))
-		{
-		if (s != NULL)
-			{
-			ASN1_STRING_set((ASN1_STRING *)s,
-				(unsigned char *)str,t.length);
-			s->type=V_ASN1_GENERALIZEDTIME;
-			}
-		return(1);
-		}
-	else
-		return(0);
-	}
-
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
-	     time_t t)
-	{
-	char *p;
-	struct tm *ts;
-	struct tm data;
-
-	if (s == NULL)
-		s=M_ASN1_GENERALIZEDTIME_new();
-	if (s == NULL)
-		return(NULL);
-
-	ts=OPENSSL_gmtime(&t, &data);
-	if (ts == NULL)
-		return(NULL);
-
-	p=(char *)s->data;
-	if ((p == NULL) || (s->length < 16))
-		{
-		p=OPENSSL_malloc(20);
-		if (p == NULL) return(NULL);
-		if (s->data != NULL)
-			OPENSSL_free(s->data);
-		s->data=(unsigned char *)p;
-		}
-
-	sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
-		ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
-	s->length=strlen(p);
-	s->type=V_ASN1_GENERALIZEDTIME;
-#ifdef CHARSET_EBCDIC_not
-	ebcdic2ascii(s->data, s->data, s->length);
-#endif
-	return(s);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_hdr.c b/crypto/openssl/crypto/asn1/a_hdr.c
deleted file mode 100644
index b1aad81f7731..000000000000
--- a/crypto/openssl/crypto/asn1/a_hdr.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/asn1/a_hdr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/asn1.h>
-
-int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->header,	i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len(a->data,		a->meth->i2d);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->header,	i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put(a->data,		a->meth->i2d);
-
-	M_ASN1_I2D_finish();
-	}
-
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
-
-	M_ASN1_D2I_Init();
-        M_ASN1_D2I_start_sequence();
-        M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
-	if (ret->meth != NULL)
-		{
-		M_ASN1_D2I_get(ret->data,ret->meth->d2i);
-		}
-	else
-		{
-		if (a != NULL) (*a)=ret;
-		return(ret);
-		}
-        M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
-	}
-
-ASN1_HEADER *ASN1_HEADER_new(void)
-	{
-	ASN1_HEADER *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,ASN1_HEADER);
-	M_ASN1_New(ret->header,M_ASN1_OCTET_STRING_new);
-	ret->meth=NULL;
-	ret->data=NULL;
-	return(ret);
-        M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
-	}
-
-void ASN1_HEADER_free(ASN1_HEADER *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_OCTET_STRING_free(a->header);
-	if (a->meth != NULL)
-		a->meth->destroy(a->data);
-	OPENSSL_free(a);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_i2d_fp.c b/crypto/openssl/crypto/asn1/a_i2d_fp.c
deleted file mode 100644
index f4f1b73ebe88..000000000000
--- a/crypto/openssl/crypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/* crypto/asn1/a_i2d_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-#ifndef NO_OLD_ASN1
-
-#ifndef OPENSSL_NO_FP_API
-int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,out,BIO_NOCLOSE);
-        ret=ASN1_i2d_bio(i2d,b,x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x)
-	{
-	char *b;
-	unsigned char *p;
-	int i,j=0,n,ret=1;
-
-	n=i2d(x,NULL);
-	b=(char *)OPENSSL_malloc(n);
-	if (b == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-
-	p=(unsigned char *)b;
-	i2d(x,&p);
-	
-	for (;;)
-		{
-		i=BIO_write(out,&(b[j]),n);
-		if (i == n) break;
-		if (i <= 0)
-			{
-			ret=0;
-			break;
-			}
-		j+=i;
-		n-=i;
-		}
-	OPENSSL_free(b);
-	return(ret);
-	}
-
-#endif
-
-#ifndef OPENSSL_NO_FP_API
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,out,BIO_NOCLOSE);
-        ret=ASN1_item_i2d_bio(it,b,x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
-	{
-	unsigned char *b = NULL;
-	int i,j=0,n,ret=1;
-
-	n = ASN1_item_i2d(x, &b, it);
-	if (b == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-
-	for (;;)
-		{
-		i=BIO_write(out,&(b[j]),n);
-		if (i == n) break;
-		if (i <= 0)
-			{
-			ret=0;
-			break;
-			}
-		j+=i;
-		n-=i;
-		}
-	OPENSSL_free(b);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_int.c b/crypto/openssl/crypto/asn1/a_int.c
deleted file mode 100644
index edb243c0217e..000000000000
--- a/crypto/openssl/crypto/asn1/a_int.c
+++ /dev/null
@@ -1,434 +0,0 @@
-/* crypto/asn1/a_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
-{ return M_ASN1_INTEGER_dup(x);}
-
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
-{ return M_ASN1_INTEGER_cmp(x,y);}
-
-/* 
- * This converts an ASN1 INTEGER into its content encoding.
- * The internal representation is an ASN1_STRING whose data is a big endian
- * representation of the value, ignoring the sign. The sign is determined by
- * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. 
- *
- * Positive integers are no problem: they are almost the same as the DER
- * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
- *
- * Negative integers are a bit trickier...
- * The DER representation of negative integers is in 2s complement form.
- * The internal form is converted by complementing each octet and finally 
- * adding one to the result. This can be done less messily with a little trick.
- * If the internal form has trailing zeroes then they will become FF by the
- * complement and 0 by the add one (due to carry) so just copy as many trailing 
- * zeros to the destination as there are in the source. The carry will add one
- * to the last none zero octet: so complement this octet and add one and finally
- * complement any left over until you get to the start of the string.
- *
- * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
- * with 0xff. However if the first byte is 0x80 and one of the following bytes
- * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
- * followed by optional zeros isn't padded.
- */
-
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-	{
-	int pad=0,ret,i,neg;
-	unsigned char *p,*n,pb=0;
-
-	if ((a == NULL) || (a->data == NULL)) return(0);
-	neg=a->type & V_ASN1_NEG;
-	if (a->length == 0)
-		ret=1;
-	else
-		{
-		ret=a->length;
-		i=a->data[0];
-		if (!neg && (i > 127)) {
-			pad=1;
-			pb=0;
-		} else if(neg) {
-			if(i>128) {
-				pad=1;
-				pb=0xFF;
-			} else if(i == 128) {
-			/*
-			 * Special case: if any other bytes non zero we pad:
-			 * otherwise we don't.
-			 */
-				for(i = 1; i < a->length; i++) if(a->data[i]) {
-						pad=1;
-						pb=0xFF;
-						break;
-				}
-			}
-		}
-		ret+=pad;
-		}
-	if (pp == NULL) return(ret);
-	p= *pp;
-
-	if (pad) *(p++)=pb;
-	if (a->length == 0) *(p++)=0;
-	else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
-	else {
-		/* Begin at the end of the encoding */
-		n=a->data + a->length - 1;
-		p += a->length - 1;
-		i = a->length;
-		/* Copy zeros to destination as long as source is zero */
-		while(!*n) {
-			*(p--) = 0;
-			n--;
-			i--;
-		}
-		/* Complement and increment next octet */
-		*(p--) = ((*(n--)) ^ 0xff) + 1;
-		i--;
-		/* Complement any octets left */
-		for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
-	}
-
-	*pp+=ret;
-	return(ret);
-	}
-
-/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
-
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
-	     long len)
-	{
-	ASN1_INTEGER *ret=NULL;
-	unsigned char *p,*to,*s, *pend;
-	int i;
-
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
-		ret->type=V_ASN1_INTEGER;
-		}
-	else
-		ret=(*a);
-
-	p= *pp;
-	pend = p + len;
-
-	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
-	 * signifies a missing NULL parameter. */
-	s=(unsigned char *)OPENSSL_malloc((int)len+1);
-	if (s == NULL)
-		{
-		i=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-	to=s;
-	if(!len) {
-		/* Strictly speaking this is an illegal INTEGER but we
-		 * tolerate it.
-		 */
-		ret->type=V_ASN1_INTEGER;
-	} else if (*p & 0x80) /* a negative number */
-		{
-		ret->type=V_ASN1_NEG_INTEGER;
-		if ((*p == 0xff) && (len != 1)) {
-			p++;
-			len--;
-		}
-		i = len;
-		p += i - 1;
-		to += i - 1;
-		while((!*p) && i) {
-			*(to--) = 0;
-			i--;
-			p--;
-		}
-		/* Special case: if all zeros then the number will be of
-		 * the form FF followed by n zero bytes: this corresponds to
-		 * 1 followed by n zero bytes. We've already written n zeros
-		 * so we just append an extra one and set the first byte to
-		 * a 1. This is treated separately because it is the only case
-		 * where the number of bytes is larger than len.
-		 */
-		if(!i) {
-			*s = 1;
-			s[len] = 0;
-			len++;
-		} else {
-			*(to--) = (*(p--) ^ 0xff) + 1;
-			i--;
-			for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
-		}
-	} else {
-		ret->type=V_ASN1_INTEGER;
-		if ((*p == 0) && (len != 1))
-			{
-			p++;
-			len--;
-			}
-		memcpy(s,p,(int)len);
-	}
-
-	if (ret->data != NULL) OPENSSL_free(ret->data);
-	ret->data=s;
-	ret->length=(int)len;
-	if (a != NULL) (*a)=ret;
-	*pp=pend;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		M_ASN1_INTEGER_free(ret);
-	return(NULL);
-	}
-
-
-/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
- * ASN1 integers: some broken software can encode a positive INTEGER
- * with its MSB set as negative (it doesn't add a padding zero).
- */
-
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
-	     long length)
-	{
-	ASN1_INTEGER *ret=NULL;
-	unsigned char *p,*to,*s;
-	long len;
-	int inf,tag,xclass;
-	int i;
-
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
-		ret->type=V_ASN1_INTEGER;
-		}
-	else
-		ret=(*a);
-
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80)
-		{
-		i=ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-		}
-
-	if (tag != V_ASN1_INTEGER)
-		{
-		i=ASN1_R_EXPECTING_AN_INTEGER;
-		goto err;
-		}
-
-	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
-	 * signifies a missing NULL parameter. */
-	s=(unsigned char *)OPENSSL_malloc((int)len+1);
-	if (s == NULL)
-		{
-		i=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-	to=s;
-	ret->type=V_ASN1_INTEGER;
-	if(len) {
-		if ((*p == 0) && (len != 1))
-			{
-			p++;
-			len--;
-			}
-		memcpy(s,p,(int)len);
-		p+=len;
-	}
-
-	if (ret->data != NULL) OPENSSL_free(ret->data);
-	ret->data=s;
-	ret->length=(int)len;
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		M_ASN1_INTEGER_free(ret);
-	return(NULL);
-	}
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
-	{
-	int i,j,k;
-	unsigned char buf[sizeof(long)+1];
-	long d;
-
-	a->type=V_ASN1_INTEGER;
-	if (a->length < (sizeof(long)+1))
-		{
-		if (a->data != NULL)
-			OPENSSL_free(a->data);
-		if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
-			memset((char *)a->data,0,sizeof(long)+1);
-		}
-	if (a->data == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	d=v;
-	if (d < 0)
-		{
-		d= -d;
-		a->type=V_ASN1_NEG_INTEGER;
-		}
-
-	for (i=0; i<sizeof(long); i++)
-		{
-		if (d == 0) break;
-		buf[i]=(int)d&0xff;
-		d>>=8;
-		}
-	j=0;
-	for (k=i-1; k >=0; k--)
-		a->data[j++]=buf[k];
-	a->length=j;
-	return(1);
-	}
-
-long ASN1_INTEGER_get(ASN1_INTEGER *a)
-	{
-	int neg=0,i;
-	long r=0;
-
-	if (a == NULL) return(0L);
-	i=a->type;
-	if (i == V_ASN1_NEG_INTEGER)
-		neg=1;
-	else if (i != V_ASN1_INTEGER)
-		return -1;
-	
-	if (a->length > sizeof(long))
-		{
-		/* hmm... a bit ugly */
-		return(0xffffffffL);
-		}
-	if (a->data == NULL)
-		return 0;
-
-	for (i=0; i<a->length; i++)
-		{
-		r<<=8;
-		r|=(unsigned char)a->data[i];
-		}
-	if (neg) r= -r;
-	return(r);
-	}
-
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
-	{
-	ASN1_INTEGER *ret;
-	int len,j;
-
-	if (ai == NULL)
-		ret=M_ASN1_INTEGER_new();
-	else
-		ret=ai;
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-		}
-	if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
-	else ret->type=V_ASN1_INTEGER;
-	j=BN_num_bits(bn);
-	len=((j == 0)?0:((j/8)+1));
-	if (ret->length < len+4)
-		{
-		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
-		if (!new_data)
-			{
-			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		ret->data=new_data;
-		}
-	ret->length=BN_bn2bin(bn,ret->data);
-	/* Correct zero case */
-	if(!ret->length)
-		{
-		ret->data[0] = 0;
-		ret->length = 1;
-		}
-	return(ret);
-err:
-	if (ret != ai) M_ASN1_INTEGER_free(ret);
-	return(NULL);
-	}
-
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
-	{
-	BIGNUM *ret;
-
-	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
-		ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
-	else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
-	return(ret);
-	}
-
-IMPLEMENT_STACK_OF(ASN1_INTEGER)
-IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c
deleted file mode 100644
index 5d981c655387..000000000000
--- a/crypto/openssl/crypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/* a_mbstr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int traverse_string(const unsigned char *p, int len, int inform,
-		 int (*rfunc)(unsigned long value, void *in), void *arg);
-static int in_utf8(unsigned long value, void *arg);
-static int out_utf8(unsigned long value, void *arg);
-static int type_str(unsigned long value, void *arg);
-static int cpy_asc(unsigned long value, void *arg);
-static int cpy_bmp(unsigned long value, void *arg);
-static int cpy_univ(unsigned long value, void *arg);
-static int cpy_utf8(unsigned long value, void *arg);
-static int is_printable(unsigned long value);
-
-/* These functions take a string in UTF8, ASCII or multibyte form and
- * a mask of permissible ASN1 string types. It then works out the minimal
- * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
- * and creates a string of the correct type with the supplied data.
- * Yes this is horrible: it has to be :-(
- * The 'ncopy' form checks minimum and maximum size limits too.
- */
-
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-					int inform, unsigned long mask)
-{
-	return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
-}
-
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-					int inform, unsigned long mask, 
-					long minsize, long maxsize)
-{
-	int str_type;
-	int ret;
-	char free_out;
-	int outform, outlen;
-	ASN1_STRING *dest;
-	unsigned char *p;
-	int nchar;
-	char strbuf[32];
-	int (*cpyfunc)(unsigned long,void *) = NULL;
-	if(len == -1) len = strlen((const char *)in);
-	if(!mask) mask = DIRSTRING_TYPE;
-
-	/* First do a string check and work out the number of characters */
-	switch(inform) {
-
-		case MBSTRING_BMP:
-		if(len & 1) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
-					 ASN1_R_INVALID_BMPSTRING_LENGTH);
-			return -1;
-		}
-		nchar = len >> 1;
-		break;
-
-		case MBSTRING_UNIV:
-		if(len & 3) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
-					 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
-			return -1;
-		}
-		nchar = len >> 2;
-		break;
-
-		case MBSTRING_UTF8:
-		nchar = 0;
-		/* This counts the characters and does utf8 syntax checking */
-		ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
-		if(ret < 0) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
-						 ASN1_R_INVALID_UTF8STRING);
-			return -1;
-		}
-		break;
-
-		case MBSTRING_ASC:
-		nchar = len;
-		break;
-
-		default:
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT);
-		return -1;
-	}
-
-	if((minsize > 0) && (nchar < minsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
-		sprintf(strbuf, "%ld", minsize);
-		ERR_add_error_data(2, "minsize=", strbuf);
-		return -1;
-	}
-
-	if((maxsize > 0) && (nchar > maxsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
-		sprintf(strbuf, "%ld", maxsize);
-		ERR_add_error_data(2, "maxsize=", strbuf);
-		return -1;
-	}
-
-	/* Now work out minimal type (if any) */
-	if(traverse_string(in, len, inform, type_str, &mask) < 0) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS);
-		return -1;
-	}
-
-
-	/* Now work out output format and string type */
-	outform = MBSTRING_ASC;
-	if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING;
-	else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING;
-	else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING;
-	else if(mask & B_ASN1_BMPSTRING) {
-		str_type = V_ASN1_BMPSTRING;
-		outform = MBSTRING_BMP;
-	} else if(mask & B_ASN1_UNIVERSALSTRING) {
-		str_type = V_ASN1_UNIVERSALSTRING;
-		outform = MBSTRING_UNIV;
-	} else {
-		str_type = V_ASN1_UTF8STRING;
-		outform = MBSTRING_UTF8;
-	}
-	if(!out) return str_type;
-	if(*out) {
-		free_out = 0;
-		dest = *out;
-		if(dest->data) {
-			dest->length = 0;
-			OPENSSL_free(dest->data);
-			dest->data = NULL;
-		}
-		dest->type = str_type;
-	} else {
-		free_out = 1;
-		dest = ASN1_STRING_type_new(str_type);
-		if(!dest) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
-							ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-		*out = dest;
-	}
-	/* If both the same type just copy across */
-	if(inform == outform) {
-		if(!ASN1_STRING_set(dest, in, len)) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-		return str_type;
-	} 
-
-	/* Work out how much space the destination will need */
-	switch(outform) {
-		case MBSTRING_ASC:
-		outlen = nchar;
-		cpyfunc = cpy_asc;
-		break;
-
-		case MBSTRING_BMP:
-		outlen = nchar << 1;
-		cpyfunc = cpy_bmp;
-		break;
-
-		case MBSTRING_UNIV:
-		outlen = nchar << 2;
-		cpyfunc = cpy_univ;
-		break;
-
-		case MBSTRING_UTF8:
-		outlen = 0;
-		traverse_string(in, len, inform, out_utf8, &outlen);
-		cpyfunc = cpy_utf8;
-		break;
-	}
-	if(!(p = OPENSSL_malloc(outlen + 1))) {
-		if(free_out) ASN1_STRING_free(dest);
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-	dest->length = outlen;
-	dest->data = p;
-	p[outlen] = 0;
-	traverse_string(in, len, inform, cpyfunc, &p);
-	return str_type;	
-}
-
-/* This function traverses a string and passes the value of each character
- * to an optional function along with a void * argument.
- */
-
-static int traverse_string(const unsigned char *p, int len, int inform,
-		 int (*rfunc)(unsigned long value, void *in), void *arg)
-{
-	unsigned long value;
-	int ret;
-	while(len) {
-		if(inform == MBSTRING_ASC) {
-			value = *p++;
-			len--;
-		} else if(inform == MBSTRING_BMP) {
-			value = *p++ << 8;
-			value |= *p++;
-			len -= 2;
-		} else if(inform == MBSTRING_UNIV) {
-			value = ((unsigned long)*p++) << 24;
-			value |= ((unsigned long)*p++) << 16;
-			value |= *p++ << 8;
-			value |= *p++;
-			len -= 4;
-		} else {
-			ret = UTF8_getc(p, len, &value);
-			if(ret < 0) return -1;
-			len -= ret;
-			p += ret;
-		}
-		if(rfunc) {
-			ret = rfunc(value, arg);
-			if(ret <= 0) return ret;
-		}
-	}
-	return 1;
-}
-
-/* Various utility functions for traverse_string */
-
-/* Just count number of characters */
-
-static int in_utf8(unsigned long value, void *arg)
-{
-	int *nchar;
-	nchar = arg;
-	(*nchar)++;
-	return 1;
-}
-
-/* Determine size of output as a UTF8 String */
-
-static int out_utf8(unsigned long value, void *arg)
-{
-	long *outlen;
-	outlen = arg;
-	*outlen += UTF8_putc(NULL, -1, value);
-	return 1;
-}
-
-/* Determine the "type" of a string: check each character against a
- * supplied "mask".
- */
-
-static int type_str(unsigned long value, void *arg)
-{
-	unsigned long types;
-	types = *((unsigned long *)arg);
-	if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
-					types &= ~B_ASN1_PRINTABLESTRING;
-	if((types & B_ASN1_IA5STRING) && (value > 127))
-					types &= ~B_ASN1_IA5STRING;
-	if((types & B_ASN1_T61STRING) && (value > 0xff))
-					types &= ~B_ASN1_T61STRING;
-	if((types & B_ASN1_BMPSTRING) && (value > 0xffff))
-					types &= ~B_ASN1_BMPSTRING;
-	if(!types) return -1;
-	*((unsigned long *)arg) = types;
-	return 1;
-}
-
-/* Copy one byte per character ASCII like strings */
-
-static int cpy_asc(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-	p = arg;
-	q = *p;
-	*q = (unsigned char) value;
-	(*p)++;
-	return 1;
-}
-
-/* Copy two byte per character BMPStrings */
-
-static int cpy_bmp(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-	p = arg;
-	q = *p;
-	*q++ = (unsigned char) ((value >> 8) & 0xff);
-	*q = (unsigned char) (value & 0xff);
-	*p += 2;
-	return 1;
-}
-
-/* Copy four byte per character UniversalStrings */
-
-static int cpy_univ(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-	p = arg;
-	q = *p;
-	*q++ = (unsigned char) ((value >> 24) & 0xff);
-	*q++ = (unsigned char) ((value >> 16) & 0xff);
-	*q++ = (unsigned char) ((value >> 8) & 0xff);
-	*q = (unsigned char) (value & 0xff);
-	*p += 4;
-	return 1;
-}
-
-/* Copy to a UTF8String */
-
-static int cpy_utf8(unsigned long value, void *arg)
-{
-	unsigned char **p;
-	int ret;
-	p = arg;
-	/* We already know there is enough room so pass 0xff as the length */
-	ret = UTF8_putc(*p, 0xff, value);
-	*p += ret;
-	return 1;
-}
-
-/* Return 1 if the character is permitted in a PrintableString */
-static int is_printable(unsigned long value)
-{
-	int ch;
-	if(value > 0x7f) return 0;
-	ch = (int) value;
-	/* Note: we can't use 'isalnum' because certain accented 
-	 * characters may count as alphanumeric in some environments.
-	 */
-#ifndef CHARSET_EBCDIC
-	if((ch >= 'a') && (ch <= 'z')) return 1;
-	if((ch >= 'A') && (ch <= 'Z')) return 1;
-	if((ch >= '0') && (ch <= '9')) return 1;
-	if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
-#else /*CHARSET_EBCDIC*/
-	if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
-	if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
-	if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
-	if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
-#endif /*CHARSET_EBCDIC*/
-	return 0;
-}
diff --git a/crypto/openssl/crypto/asn1/a_meth.c b/crypto/openssl/crypto/asn1/a_meth.c
deleted file mode 100644
index 63158e9cab2d..000000000000
--- a/crypto/openssl/crypto/asn1/a_meth.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* crypto/asn1/a_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-static  ASN1_METHOD ia5string_meth={
-	(int (*)())	i2d_ASN1_IA5STRING,
-	(char *(*)())	d2i_ASN1_IA5STRING,
-	(char *(*)())	ASN1_STRING_new,
-	(void (*)())	ASN1_STRING_free};
-
-static  ASN1_METHOD bit_string_meth={
-	(int (*)())	i2d_ASN1_BIT_STRING,
-	(char *(*)())	d2i_ASN1_BIT_STRING,
-	(char *(*)())	ASN1_STRING_new,
-	(void (*)())	ASN1_STRING_free};
-
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void)
-	{
-	return(&ia5string_meth);
-	}
-
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void)
-	{
-	return(&bit_string_meth);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_null.c b/crypto/openssl/crypto/asn1/a_null.c
deleted file mode 100644
index 119fd784beab..000000000000
--- a/crypto/openssl/crypto/asn1/a_null.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* a_null.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/* ASN1 functions for NULL type. For compatibility with other ASN1 code
- * it returns a pointer to an "ASN1_NULL" structure. The new/free functions
- * don't need to do any allocating because nothing is stored in a NULL.
- */
-
-int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **pp)
-	{
-	if(!a) return 0;
-	if (pp) ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
-	return 2;
-	}
-
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp, long length)
-	{
-	ASN1_NULL *ret = NULL;
-	unsigned char *p;
-	long len;
-	int inf,tag,xclass;
-	int i=0;
-
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80)
-		{
-		i=ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-		}
-
-	if (tag != V_ASN1_NULL)
-		{
-		i=ASN1_R_EXPECTING_A_NULL;
-		goto err;
-		}
-
-	if (len != 0)
-		{
-		i=ASN1_R_NULL_IS_WRONG_LENGTH;
-		goto err;
-		}
-	ret=(ASN1_NULL *)1;
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_NULL,i);
-	return(ret);
-	}
-
-ASN1_NULL *ASN1_NULL_new(void)
-{
-	return (ASN1_NULL *)1;
-}
-
-void ASN1_NULL_free(ASN1_NULL *a)
-{
-	return;
-}
diff --git a/crypto/openssl/crypto/asn1/a_object.c b/crypto/openssl/crypto/asn1/a_object.c
deleted file mode 100644
index 0a8e6c287cc3..000000000000
--- a/crypto/openssl/crypto/asn1/a_object.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* crypto/asn1/a_object.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
-	{
-	unsigned char *p;
-	int objsize;
-
-	if ((a == NULL) || (a->data == NULL)) return(0);
-
-	objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
-	if (pp == NULL) return objsize;
-
-	p= *pp;
-	ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
-	memcpy(p,a->data,a->length);
-	p+=a->length;
-
-	*pp=p;
-	return(objsize);
-	}
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
-	{
-	int i,first,len=0,c;
-	char tmp[24];
-	const char *p;
-	unsigned long l;
-
-	if (num == 0)
-		return(0);
-	else if (num == -1)
-		num=strlen(buf);
-
-	p=buf;
-	c= *(p++);
-	num--;
-	if ((c >= '0') && (c <= '2'))
-		{
-		first=(c-'0')*40;
-		}
-	else
-		{
-		ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
-		goto err;
-		}
-
-	if (num <= 0)
-		{
-		ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
-		goto err;
-		}
-	c= *(p++);
-	num--;
-	for (;;)
-		{
-		if (num <= 0) break;
-		if ((c != '.') && (c != ' '))
-			{
-			ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
-			goto err;
-			}
-		l=0;
-		for (;;)
-			{
-			if (num <= 0) break;
-			num--;
-			c= *(p++);
-			if ((c == ' ') || (c == '.'))
-				break;
-			if ((c < '0') || (c > '9'))
-				{
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
-				goto err;
-				}
-			l=l*10L+(long)(c-'0');
-			}
-		if (len == 0)
-			{
-			if ((first < 2) && (l >= 40))
-				{
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
-				goto err;
-				}
-			l+=(long)first;
-			}
-		i=0;
-		for (;;)
-			{
-			tmp[i++]=(unsigned char)l&0x7f;
-			l>>=7L;
-			if (l == 0L) break;
-			}
-		if (out != NULL)
-			{
-			if (len+i > olen)
-				{
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
-				goto err;
-				}
-			while (--i > 0)
-				out[len++]=tmp[i]|0x80;
-			out[len++]=tmp[0];
-			}
-		else
-			len+=i;
-		}
-	return(len);
-err:
-	return(0);
-	}
-
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
-{
-	return OBJ_obj2txt(buf, buf_len, a, 0);
-}
-
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
-	{
-	char buf[80];
-	int i;
-
-	if ((a == NULL) || (a->data == NULL))
-		return(BIO_write(bp,"NULL",4));
-	i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
-	if (i > sizeof buf) i=sizeof buf;
-	BIO_write(bp,buf,i);
-	return(i);
-	}
-
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
-	     long length)
-{
-	unsigned char *p;
-	long len;
-	int tag,xclass;
-	int inf,i;
-	ASN1_OBJECT *ret = NULL;
-	p= *pp;
-	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-	if (inf & 0x80)
-		{
-		i=ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-		}
-
-	if (tag != V_ASN1_OBJECT)
-		{
-		i=ASN1_R_EXPECTING_AN_OBJECT;
-		goto err;
-		}
-	ret = c2i_ASN1_OBJECT(a, &p, len);
-	if(ret) *pp = p;
-	return ret;
-err:
-	ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_OBJECT_free(ret);
-	return(NULL);
-}
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
-	     long len)
-	{
-	ASN1_OBJECT *ret=NULL;
-	unsigned char *p;
-	int i;
-
-	/* only the ASN1_OBJECTs from the 'table' will have values
-	 * for ->sn or ->ln */
-	if ((a == NULL) || ((*a) == NULL) ||
-		!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
-		{
-		if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
-		}
-	else	ret=(*a);
-
-	p= *pp;
-	if ((ret->data == NULL) || (ret->length < len))
-		{
-		if (ret->data != NULL) OPENSSL_free(ret->data);
-		ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
-		ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-		if (ret->data == NULL)
-			{ i=ERR_R_MALLOC_FAILURE; goto err; }
-		}
-	memcpy(ret->data,p,(int)len);
-	ret->length=(int)len;
-	ret->sn=NULL;
-	ret->ln=NULL;
-	/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
-	p+=len;
-
-	if (a != NULL) (*a)=ret;
-	*pp=p;
-	return(ret);
-err:
-	ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_OBJECT_free(ret);
-	return(NULL);
-	}
-
-ASN1_OBJECT *ASN1_OBJECT_new(void)
-	{
-	ASN1_OBJECT *ret;
-
-	ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->length=0;
-	ret->data=NULL;
-	ret->nid=0;
-	ret->sn=NULL;
-	ret->ln=NULL;
-	ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
-	return(ret);
-	}
-
-void ASN1_OBJECT_free(ASN1_OBJECT *a)
-	{
-	if (a == NULL) return;
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
-		{
-#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
-		if (a->sn != NULL) OPENSSL_free((void *)a->sn);
-		if (a->ln != NULL) OPENSSL_free((void *)a->ln);
-#endif
-		a->sn=a->ln=NULL;
-		}
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
-		{
-		if (a->data != NULL) OPENSSL_free(a->data);
-		a->data=NULL;
-		a->length=0;
-		}
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
-		OPENSSL_free(a);
-	}
-
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
-	     const char *sn, const char *ln)
-	{
-	ASN1_OBJECT o;
-
-	o.sn=sn;
-	o.ln=ln;
-	o.data=data;
-	o.nid=nid;
-	o.length=len;
-	o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
-		ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-	return(OBJ_dup(&o));
-	}
-
-IMPLEMENT_STACK_OF(ASN1_OBJECT)
-IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/crypto/openssl/crypto/asn1/a_octet.c b/crypto/openssl/crypto/asn1/a_octet.c
deleted file mode 100644
index 9690bae0f12d..000000000000
--- a/crypto/openssl/crypto/asn1/a_octet.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* crypto/asn1/a_octet.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
-{ return M_ASN1_OCTET_STRING_dup(x); }
-
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
-{ return M_ASN1_OCTET_STRING_cmp(a, b); }
-
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
-{ return M_ASN1_OCTET_STRING_set(x, d, len); }
-
diff --git a/crypto/openssl/crypto/asn1/a_print.c b/crypto/openssl/crypto/asn1/a_print.c
deleted file mode 100644
index 8035513f0478..000000000000
--- a/crypto/openssl/crypto/asn1/a_print.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/asn1/a_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-int ASN1_PRINTABLE_type(unsigned char *s, int len)
-	{
-	int c;
-	int ia5=0;
-	int t61=0;
-
-	if (len <= 0) len= -1;
-	if (s == NULL) return(V_ASN1_PRINTABLESTRING);
-
-	while ((*s) && (len-- != 0))
-		{
-		c= *(s++);
-#ifndef CHARSET_EBCDIC
-		if (!(	((c >= 'a') && (c <= 'z')) ||
-			((c >= 'A') && (c <= 'Z')) ||
-			(c == ' ') ||
-			((c >= '0') && (c <= '9')) ||
-			(c == ' ') || (c == '\'') ||
-			(c == '(') || (c == ')') ||
-			(c == '+') || (c == ',') ||
-			(c == '-') || (c == '.') ||
-			(c == '/') || (c == ':') ||
-			(c == '=') || (c == '?')))
-			ia5=1;
-		if (c&0x80)
-			t61=1;
-#else
-		if (!isalnum(c) && (c != ' ') &&
-		    strchr("'()+,-./:=?", c) == NULL)
-			ia5=1;
-		if (os_toascii[c] & 0x80)
-			t61=1;
-#endif
-		}
-	if (t61) return(V_ASN1_T61STRING);
-	if (ia5) return(V_ASN1_IA5STRING);
-	return(V_ASN1_PRINTABLESTRING);
-	}
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
-	{
-	int i;
-	unsigned char *p;
-
-	if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
-	if ((s->length%4) != 0) return(0);
-	p=s->data;
-	for (i=0; i<s->length; i+=4)
-		{
-		if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
-			break;
-		else
-			p+=4;
-		}
-	if (i < s->length) return(0);
-	p=s->data;
-	for (i=3; i<s->length; i+=4)
-		{
-		*(p++)=s->data[i];
-		}
-	*(p)='\0';
-	s->length/=4;
-	s->type=ASN1_PRINTABLE_type(s->data,s->length);
-	return(1);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_set.c b/crypto/openssl/crypto/asn1/a_set.c
deleted file mode 100644
index 0f839822ff22..000000000000
--- a/crypto/openssl/crypto/asn1/a_set.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/* crypto/asn1/a_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_ASN1_OLD
-
-typedef struct
-    {
-    unsigned char *pbData;
-    int cbData;
-    } MYBLOB;
-
-/* SetBlobCmp
- * This function compares two elements of SET_OF block
- */
-static int SetBlobCmp(const void *elem1, const void *elem2 )
-    {
-    const MYBLOB *b1 = (const MYBLOB *)elem1;
-    const MYBLOB *b2 = (const MYBLOB *)elem2;
-    int r;
-
-    r = memcmp(b1->pbData, b2->pbData,
-	       b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
-    if(r != 0)
-	return r;
-    return b1->cbData-b2->cbData;
-    }
-
-/* int is_set:  if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)    */
-int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
-	     int ex_class, int is_set)
-	{
-	int ret=0,r;
-	int i;
-	unsigned char *p;
-        unsigned char *pStart, *pTempMem;
-        MYBLOB *rgSetBlob;
-        int totSize;
-
-	if (a == NULL) return(0);
-	for (i=sk_num(a)-1; i>=0; i--)
-		ret+=func(sk_value(a,i),NULL);
-	r=ASN1_object_size(1,ret,ex_tag);
-	if (pp == NULL) return(r);
-
-	p= *pp;
-	ASN1_put_object(&p,1,ret,ex_tag,ex_class);
-
-/* Modified by gp@nsj.co.jp */
-	/* And then again by Ben */
-	/* And again by Steve */
-
-	if(!is_set || (sk_num(a) < 2))
-		{
-		for (i=0; i<sk_num(a); i++)
-                	func(sk_value(a,i),&p);
-
-		*pp=p;
-		return(r);
-		}
-
-        pStart  = p; /* Catch the beg of Setblobs*/
-        if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
-we will store the SET blobs */
-
-        for (i=0; i<sk_num(a); i++)
-	        {
-                rgSetBlob[i].pbData = p;  /* catch each set encode blob */
-                func(sk_value(a,i),&p);
-                rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
-SetBlob
-*/
-		}
-        *pp=p;
-        totSize = p - pStart; /* This is the total size of all set blobs */
-
- /* Now we have to sort the blobs. I am using a simple algo.
-    *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
-        qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
-        if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
-
-/* Copy to temp mem */
-        p = pTempMem;
-        for(i=0; i<sk_num(a); ++i)
-		{
-                memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
-                p += rgSetBlob[i].cbData;
-		}
-
-/* Copy back to user mem*/
-        memcpy(pStart, pTempMem, totSize);
-        OPENSSL_free(pTempMem);
-        OPENSSL_free(rgSetBlob);
-
-        return(r);
-        }
-
-STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
-	     char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
-	{
-	ASN1_CTX c;
-	STACK *ret=NULL;
-
-	if ((a == NULL) || ((*a) == NULL))
-		{ if ((ret=sk_new_null()) == NULL) goto err; }
-	else
-		ret=(*a);
-
-	c.p= *pp;
-	c.max=(length == 0)?0:(c.p+length);
-
-	c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
-	if (c.inf & 0x80) goto err;
-	if (ex_class != c.xclass)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
-		goto err;
-		}
-	if (ex_tag != c.tag)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
-		goto err;
-		}
-	if ((c.slen+c.p) > c.max)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
-		goto err;
-		}
-	/* check for infinite constructed - it can be as long
-	 * as the amount of data passed to us */
-	if (c.inf == (V_ASN1_CONSTRUCTED+1))
-		c.slen=length+ *pp-c.p;
-	c.max=c.p+c.slen;
-
-	while (c.p < c.max)
-		{
-		char *s;
-
-		if (M_ASN1_D2I_end_sequence()) break;
-		if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
-			{
-			ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
-			asn1_add_error(*pp,(int)(c.q- *pp));
-			goto err;
-			}
-		if (!sk_push(ret,s)) goto err;
-		}
-	if (a != NULL) (*a)=ret;
-	*pp=c.p;
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		{
-		if (free_func != NULL)
-			sk_pop_free(ret,free_func);
-		else
-			sk_free(ret);
-		}
-	return(NULL);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/a_sign.c b/crypto/openssl/crypto/asn1/a_sign.c
deleted file mode 100644
index 52ce7e39740b..000000000000
--- a/crypto/openssl/crypto/asn1/a_sign.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* crypto/asn1/a_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
-	     ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
-	     const EVP_MD *type)
-	{
-	EVP_MD_CTX ctx;
-	unsigned char *p,*buf_in=NULL,*buf_out=NULL;
-	int i,inl=0,outl=0,outll=0;
-	X509_ALGOR *a;
-
-	EVP_MD_CTX_init(&ctx);
-	for (i=0; i<2; i++)
-		{
-		if (i == 0)
-			a=algor1;
-		else
-			a=algor2;
-		if (a == NULL) continue;
-                if (type->pkey_type == NID_dsaWithSHA1)
-			{
-			/* special case: RFC 2459 tells us to omit 'parameters'
-			 * with id-dsa-with-sha1 */
-			ASN1_TYPE_free(a->parameter);
-			a->parameter = NULL;
-			}
-		else if ((a->parameter == NULL) || 
-			(a->parameter->type != V_ASN1_NULL))
-			{
-			ASN1_TYPE_free(a->parameter);
-			if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
-			a->parameter->type=V_ASN1_NULL;
-			}
-		ASN1_OBJECT_free(a->algorithm);
-		a->algorithm=OBJ_nid2obj(type->pkey_type);
-		if (a->algorithm == NULL)
-			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
-			goto err;
-			}
-		if (a->algorithm->length == 0)
-			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-			goto err;
-			}
-		}
-	inl=i2d(data,NULL);
-	buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
-	outll=outl=EVP_PKEY_size(pkey);
-	buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
-	if ((buf_in == NULL) || (buf_out == NULL))
-		{
-		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=buf_in;
-
-	i2d(data,&p);
-	EVP_SignInit_ex(&ctx,type, NULL);
-	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
-	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
-			(unsigned int *)&outl,pkey))
-		{
-		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
-		goto err;
-		}
-	if (signature->data != NULL) OPENSSL_free(signature->data);
-	signature->data=buf_out;
-	buf_out=NULL;
-	signature->length=outl;
-	/* In the interests of compatibility, I'll make sure that
-	 * the bit string has a 'not-used bits' value of 0
-	 */
-	signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-	signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	if (buf_in != NULL)
-		{ OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
-	if (buf_out != NULL)
-		{ OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); }
-	return(outl);
-	}
-
-#endif
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
-	     ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey,
-	     const EVP_MD *type)
-	{
-	EVP_MD_CTX ctx;
-	unsigned char *buf_in=NULL,*buf_out=NULL;
-	int i,inl=0,outl=0,outll=0;
-	X509_ALGOR *a;
-
-	EVP_MD_CTX_init(&ctx);
-	for (i=0; i<2; i++)
-		{
-		if (i == 0)
-			a=algor1;
-		else
-			a=algor2;
-		if (a == NULL) continue;
-                if (type->pkey_type == NID_dsaWithSHA1)
-			{
-			/* special case: RFC 2459 tells us to omit 'parameters'
-			 * with id-dsa-with-sha1 */
-			ASN1_TYPE_free(a->parameter);
-			a->parameter = NULL;
-			}
-		else if ((a->parameter == NULL) || 
-			(a->parameter->type != V_ASN1_NULL))
-			{
-			ASN1_TYPE_free(a->parameter);
-			if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
-			a->parameter->type=V_ASN1_NULL;
-			}
-		ASN1_OBJECT_free(a->algorithm);
-		a->algorithm=OBJ_nid2obj(type->pkey_type);
-		if (a->algorithm == NULL)
-			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
-			goto err;
-			}
-		if (a->algorithm->length == 0)
-			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-			goto err;
-			}
-		}
-	inl=ASN1_item_i2d(asn,&buf_in, it);
-	outll=outl=EVP_PKEY_size(pkey);
-	buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
-	if ((buf_in == NULL) || (buf_out == NULL))
-		{
-		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	EVP_SignInit_ex(&ctx,type, NULL);
-	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
-	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
-			(unsigned int *)&outl,pkey))
-		{
-		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
-		goto err;
-		}
-	if (signature->data != NULL) OPENSSL_free(signature->data);
-	signature->data=buf_out;
-	buf_out=NULL;
-	signature->length=outl;
-	/* In the interests of compatibility, I'll make sure that
-	 * the bit string has a 'not-used bits' value of 0
-	 */
-	signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-	signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	if (buf_in != NULL)
-		{ OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
-	if (buf_out != NULL)
-		{ OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); }
-	return(outl);
-	}
diff --git a/crypto/openssl/crypto/asn1/a_strex.c b/crypto/openssl/crypto/asn1/a_strex.c
deleted file mode 100644
index 1def6c654943..000000000000
--- a/crypto/openssl/crypto/asn1/a_strex.c
+++ /dev/null
@@ -1,562 +0,0 @@
-/* a_strex.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-
-#include "charmap.h"
-#include "cryptlib.h"
-
-/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
- * Enhanced string and name printing routines handling
- * multibyte characters, RFC2253 and a host of other
- * options.
- */
-
-
-#define CHARTYPE_BS_ESC		(ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
-
-
-/* Three IO functions for sending data to memory, a BIO and
- * and a FILE pointer.
- */
-#if 0				/* never used */
-static int send_mem_chars(void *arg, const void *buf, int len)
-{
-	unsigned char **out = arg;
-	if(!out) return 1;
-	memcpy(*out, buf, len);
-	*out += len;
-	return 1;
-}
-#endif
-
-static int send_bio_chars(void *arg, const void *buf, int len)
-{
-	if(!arg) return 1;
-	if(BIO_write(arg, buf, len) != len) return 0;
-	return 1;
-}
-
-static int send_fp_chars(void *arg, const void *buf, int len)
-{
-	if(!arg) return 1;
-	if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
-	return 1;
-}
-
-typedef int char_io(void *arg, const void *buf, int len);
-
-/* This function handles display of
- * strings, one character at a time.
- * It is passed an unsigned long for each
- * character because it could come from 2 or even
- * 4 byte forms.
- */
-
-static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
-{
-	unsigned char chflgs, chtmp;
-	char tmphex[HEX_SIZE(long)+3];
-
-	if(c > 0xffffffffL)
-		return -1;
-	if(c > 0xffff) {
-		BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
-		if(!io_ch(arg, tmphex, 10)) return -1;
-		return 10;
-	}
-	if(c > 0xff) {
-		BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
-		if(!io_ch(arg, tmphex, 6)) return -1;
-		return 6;
-	}
-	chtmp = (unsigned char)c;
-	if(chtmp > 0x7f) chflgs = flags & ASN1_STRFLGS_ESC_MSB;
-	else chflgs = char_type[chtmp] & flags;
-	if(chflgs & CHARTYPE_BS_ESC) {
-		/* If we don't escape with quotes, signal we need quotes */
-		if(chflgs & ASN1_STRFLGS_ESC_QUOTE) {
-			if(do_quotes) *do_quotes = 1;
-			if(!io_ch(arg, &chtmp, 1)) return -1;
-			return 1;
-		}
-		if(!io_ch(arg, "\\", 1)) return -1;
-		if(!io_ch(arg, &chtmp, 1)) return -1;
-		return 2;
-	}
-	if(chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
-		BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
-		if(!io_ch(arg, tmphex, 3)) return -1;
-		return 3;
-	}
-	if(!io_ch(arg, &chtmp, 1)) return -1;
-	return 1;
-}
-
-#define BUF_TYPE_WIDTH_MASK	0x7
-#define BUF_TYPE_CONVUTF8	0x8
-
-/* This function sends each character in a buffer to
- * do_esc_char(). It interprets the content formats
- * and converts to or from UTF8 as appropriate.
- */
-
-static int do_buf(unsigned char *buf, int buflen,
-			int type, unsigned char flags, char *quotes, char_io *io_ch, void *arg)
-{
-	int i, outlen, len;
-	unsigned char orflags, *p, *q;
-	unsigned long c;
-	p = buf;
-	q = buf + buflen;
-	outlen = 0;
-	while(p != q) {
-		if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
-		else orflags = 0;
-		switch(type & BUF_TYPE_WIDTH_MASK) {
-			case 4:
-			c = ((unsigned long)*p++) << 24;
-			c |= ((unsigned long)*p++) << 16;
-			c |= ((unsigned long)*p++) << 8;
-			c |= *p++;
-			break;
-
-			case 2:
-			c = ((unsigned long)*p++) << 8;
-			c |= *p++;
-			break;
-
-			case 1:
-			c = *p++;
-			break;
-			
-			case 0:
-			i = UTF8_getc(p, buflen, &c);
-			if(i < 0) return -1;	/* Invalid UTF8String */
-			p += i;
-			break;
-		}
-		if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
-		if(type & BUF_TYPE_CONVUTF8) {
-			unsigned char utfbuf[6];
-			int utflen;
-			utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
-			for(i = 0; i < utflen; i++) {
-				/* We don't need to worry about setting orflags correctly
-				 * because if utflen==1 its value will be correct anyway 
-				 * otherwise each character will be > 0x7f and so the 
-				 * character will never be escaped on first and last.
-				 */
-				len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), quotes, io_ch, arg);
-				if(len < 0) return -1;
-				outlen += len;
-			}
-		} else {
-			len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, io_ch, arg);
-			if(len < 0) return -1;
-			outlen += len;
-		}
-	}
-	return outlen;
-}
-
-/* This function hex dumps a buffer of characters */
-
-static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
-{
-	const static char hexdig[] = "0123456789ABCDEF";
-	unsigned char *p, *q;
-	char hextmp[2];
-	if(arg) {
-		p = buf;
-		q = buf + buflen;
-		while(p != q) {
-			hextmp[0] = hexdig[*p >> 4];
-			hextmp[1] = hexdig[*p & 0xf];
-			if(!io_ch(arg, hextmp, 2)) return -1;
-			p++;
-		}
-	}
-	return buflen << 1;
-}
-
-/* "dump" a string. This is done when the type is unknown,
- * or the flags request it. We can either dump the content
- * octets or the entire DER encoding. This uses the RFC2253
- * #01234 format.
- */
-
-static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
-{
-	/* Placing the ASN1_STRING in a temp ASN1_TYPE allows
-	 * the DER encoding to readily obtained
-	 */
-	ASN1_TYPE t;
-	unsigned char *der_buf, *p;
-	int outlen, der_len;
-
-	if(!io_ch(arg, "#", 1)) return -1;
-	/* If we don't dump DER encoding just dump content octets */
-	if(!(lflags & ASN1_STRFLGS_DUMP_DER)) {
-		outlen = do_hex_dump(io_ch, arg, str->data, str->length);
-		if(outlen < 0) return -1;
-		return outlen + 1;
-	}
-	t.type = str->type;
-	t.value.ptr = (char *)str;
-	der_len = i2d_ASN1_TYPE(&t, NULL);
-	der_buf = OPENSSL_malloc(der_len);
-	if(!der_buf) return -1;
-	p = der_buf;
-	i2d_ASN1_TYPE(&t, &p);
-	outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
-	OPENSSL_free(der_buf);
-	if(outlen < 0) return -1;
-	return outlen + 1;
-}
-
-/* Lookup table to convert tags to character widths,
- * 0 = UTF8 encoded, -1 is used for non string types
- * otherwise it is the number of bytes per character
- */
-
-const static char tag2nbyte[] = {
-	-1, -1, -1, -1, -1,	/* 0-4 */
-	-1, -1, -1, -1, -1,	/* 5-9 */
-	-1, -1, 0, -1,		/* 10-13 */
-	-1, -1, -1, -1,		/* 15-17 */
-	-1, 1, 1,		/* 18-20 */
-	-1, 1, -1,-1,		/* 21-24 */
-	-1, 1, -1,		/* 25-27 */
-	4, -1, 2		/* 28-30 */
-};
-
-#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
-		  ASN1_STRFLGS_ESC_QUOTE | \
-		  ASN1_STRFLGS_ESC_CTRL | \
-		  ASN1_STRFLGS_ESC_MSB)
-
-/* This is the main function, print out an
- * ASN1_STRING taking note of various escape
- * and display options. Returns number of
- * characters written or -1 if an error
- * occurred.
- */
-
-static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
-{
-	int outlen, len;
-	int type;
-	char quotes;
-	unsigned char flags;
-	quotes = 0;
-	/* Keep a copy of escape flags */
-	flags = (unsigned char)(lflags & ESC_FLAGS);
-
-	type = str->type;
-
-	outlen = 0;
-
-
-	if(lflags & ASN1_STRFLGS_SHOW_TYPE) {
-		const char *tagname;
-		tagname = ASN1_tag2str(type);
-		outlen += strlen(tagname);
-		if(!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) return -1; 
-		outlen++;
-	}
-
-	/* Decide what to do with type, either dump content or display it */
-
-	/* Dump everything */
-	if(lflags & ASN1_STRFLGS_DUMP_ALL) type = -1;
-	/* Ignore the string type */
-	else if(lflags & ASN1_STRFLGS_IGNORE_TYPE) type = 1;
-	else {
-		/* Else determine width based on type */
-		if((type > 0) && (type < 31)) type = tag2nbyte[type];
-		else type = -1;
-		if((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) type = 1;
-	}
-
-	if(type == -1) {
-		len = do_dump(lflags, io_ch, arg, str);
-		if(len < 0) return -1;
-		outlen += len;
-		return outlen;
-	}
-
-	if(lflags & ASN1_STRFLGS_UTF8_CONVERT) {
-		/* Note: if string is UTF8 and we want
-		 * to convert to UTF8 then we just interpret
-		 * it as 1 byte per character to avoid converting
-		 * twice.
-		 */
-		if(!type) type = 1;
-		else type |= BUF_TYPE_CONVUTF8;
-	}
-
-	len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
-	if(outlen < 0) return -1;
-	outlen += len;
-	if(quotes) outlen += 2;
-	if(!arg) return outlen;
-	if(quotes && !io_ch(arg, "\"", 1)) return -1;
-	do_buf(str->data, str->length, type, flags, NULL, io_ch, arg);
-	if(quotes && !io_ch(arg, "\"", 1)) return -1;
-	return outlen;
-}
-
-/* Used for line indenting: print 'indent' spaces */
-
-static int do_indent(char_io *io_ch, void *arg, int indent)
-{
-	int i;
-	for(i = 0; i < indent; i++)
-			if(!io_ch(arg, " ", 1)) return 0;
-	return 1;
-}
-
-#define FN_WIDTH_LN	25
-#define FN_WIDTH_SN	10
-
-static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
-				int indent, unsigned long flags)
-{
-	int i, prev = -1, orflags, cnt;
-	int fn_opt, fn_nid;
-	ASN1_OBJECT *fn;
-	ASN1_STRING *val;
-	X509_NAME_ENTRY *ent;
-	char objtmp[80];
-	const char *objbuf;
-	int outlen, len;
-	char *sep_dn, *sep_mv, *sep_eq;
-	int sep_dn_len, sep_mv_len, sep_eq_len;
-	if(indent < 0) indent = 0;
-	outlen = indent;
-	if(!do_indent(io_ch, arg, indent)) return -1;
-	switch (flags & XN_FLAG_SEP_MASK)
-	{
-		case XN_FLAG_SEP_MULTILINE:
-		sep_dn = "\n";
-		sep_dn_len = 1;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		break;
-
-		case XN_FLAG_SEP_COMMA_PLUS:
-		sep_dn = ",";
-		sep_dn_len = 1;
-		sep_mv = "+";
-		sep_mv_len = 1;
-		indent = 0;
-		break;
-
-		case XN_FLAG_SEP_CPLUS_SPC:
-		sep_dn = ", ";
-		sep_dn_len = 2;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		indent = 0;
-		break;
-
-		case XN_FLAG_SEP_SPLUS_SPC:
-		sep_dn = "; ";
-		sep_dn_len = 2;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		indent = 0;
-		break;
-
-		default:
-		return -1;
-	}
-
-	if(flags & XN_FLAG_SPC_EQ) {
-		sep_eq = " = ";
-		sep_eq_len = 3;
-	} else {
-		sep_eq = "=";
-		sep_eq_len = 1;
-	}
-
-	fn_opt = flags & XN_FLAG_FN_MASK;
-
-	cnt = X509_NAME_entry_count(n);	
-	for(i = 0; i < cnt; i++) {
-		if(flags & XN_FLAG_DN_REV)
-				ent = X509_NAME_get_entry(n, cnt - i - 1);
-		else ent = X509_NAME_get_entry(n, i);
-		if(prev != -1) {
-			if(prev == ent->set) {
-				if(!io_ch(arg, sep_mv, sep_mv_len)) return -1;
-				outlen += sep_mv_len;
-			} else {
-				if(!io_ch(arg, sep_dn, sep_dn_len)) return -1;
-				outlen += sep_dn_len;
-				if(!do_indent(io_ch, arg, indent)) return -1;
-				outlen += indent;
-			}
-		}
-		prev = ent->set;
-		fn = X509_NAME_ENTRY_get_object(ent);
-		val = X509_NAME_ENTRY_get_data(ent);
-		fn_nid = OBJ_obj2nid(fn);
-		if(fn_opt != XN_FLAG_FN_NONE) {
-			int objlen, fld_len;
-			if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
-				OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
-				fld_len = 0; /* XXX: what should this be? */
-				objbuf = objtmp;
-			} else {
-				if(fn_opt == XN_FLAG_FN_SN) {
-					fld_len = FN_WIDTH_SN;
-					objbuf = OBJ_nid2sn(fn_nid);
-				} else if(fn_opt == XN_FLAG_FN_LN) {
-					fld_len = FN_WIDTH_LN;
-					objbuf = OBJ_nid2ln(fn_nid);
-				} else {
-					fld_len = 0; /* XXX: what should this be? */
-					objbuf = "";
-				}
-			}
-			objlen = strlen(objbuf);
-			if(!io_ch(arg, objbuf, objlen)) return -1;
-			if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
-				if (!do_indent(io_ch, arg, fld_len - objlen)) return -1;
-				outlen += fld_len - objlen;
-			}
-			if(!io_ch(arg, sep_eq, sep_eq_len)) return -1;
-			outlen += objlen + sep_eq_len;
-		}
-		/* If the field name is unknown then fix up the DER dump
-		 * flag. We might want to limit this further so it will
- 		 * DER dump on anything other than a few 'standard' fields.
-		 */
-		if((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS)) 
-					orflags = ASN1_STRFLGS_DUMP_ALL;
-		else orflags = 0;
-     
-		len = do_print_ex(io_ch, arg, flags | orflags, val);
-		if(len < 0) return -1;
-		outlen += len;
-	}
-	return outlen;
-}
-
-/* Wrappers round the main functions */
-
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
-{
-	if(flags == XN_FLAG_COMPAT)
-		return X509_NAME_print(out, nm, indent);
-	return do_name_ex(send_bio_chars, out, nm, indent, flags);
-}
-
-
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
-{
-	if(flags == XN_FLAG_COMPAT)
-		{
-		BIO *btmp;
-		int ret;
-		btmp = BIO_new_fp(fp, BIO_NOCLOSE);
-		if(!btmp) return -1;
-		ret = X509_NAME_print(btmp, nm, indent);
-		BIO_free(btmp);
-		return ret;
-		}
-	return do_name_ex(send_fp_chars, fp, nm, indent, flags);
-}
-
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
-{
-	return do_print_ex(send_bio_chars, out, flags, str);
-}
-
-
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
-{
-	return do_print_ex(send_fp_chars, fp, flags, str);
-}
-
-/* Utility function: convert any string type to UTF8, returns number of bytes
- * in output string or a negative error code
- */
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
-{
-	ASN1_STRING stmp, *str = &stmp;
-	int mbflag, type, ret;
-	if(!in) return -1;
-	type = in->type;
-	if((type < 0) || (type > 30)) return -1;
-	mbflag = tag2nbyte[type];
-	if(mbflag == -1) return -1;
-	mbflag |= MBSTRING_FLAG;
-	stmp.data = NULL;
-	ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
-	if(ret < 0) return ret;
-	*out = stmp.data;
-	return stmp.length;
-}
diff --git a/crypto/openssl/crypto/asn1/a_strnid.c b/crypto/openssl/crypto/asn1/a_strnid.c
deleted file mode 100644
index 04789d1c63fa..000000000000
--- a/crypto/openssl/crypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/* a_strnid.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-
-static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
-static void st_free(ASN1_STRING_TABLE *tbl);
-static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
-			const ASN1_STRING_TABLE * const *b);
-static int table_cmp(const void *a, const void *b);
-
-
-/* This is the global mask for the mbstring functions: this is use to
- * mask out certain types (such as BMPString and UTF8String) because
- * certain software (e.g. Netscape) has problems with them.
- */
-
-static unsigned long global_mask = 0xFFFFFFFFL;
-
-void ASN1_STRING_set_default_mask(unsigned long mask)
-{
-	global_mask = mask;
-}
-
-unsigned long ASN1_STRING_get_default_mask(void)
-{
-	return global_mask;
-}
-
-/* This function sets the default to various "flavours" of configuration.
- * based on an ASCII string. Currently this is:
- * MASK:XXXX : a numerical mask value.
- * nobmp : Don't use BMPStrings (just Printable, T61).
- * pkix : PKIX recommendation in RFC2459.
- * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
- * default:   the default value, Printable, T61, BMP.
- */
-
-int ASN1_STRING_set_default_mask_asc(char *p)
-{
-	unsigned long mask;
-	char *end;
-	if(!strncmp(p, "MASK:", 5)) {
-		if(!p[5]) return 0;
-		mask = strtoul(p + 5, &end, 0);
-		if(*end) return 0;
-	} else if(!strcmp(p, "nombstr"))
-			 mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING));
-	else if(!strcmp(p, "pkix"))
-			mask = ~((unsigned long)B_ASN1_T61STRING);
-	else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING;
-	else if(!strcmp(p, "default"))
-	    mask = 0xFFFFFFFFL;
-	else return 0;
-	ASN1_STRING_set_default_mask(mask);
-	return 1;
-}
-
-/* The following function generates an ASN1_STRING based on limits in a table.
- * Frequently the types and length of an ASN1_STRING are restricted by a 
- * corresponding OID. For example certificates and certificate requests.
- */
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
-					int inlen, int inform, int nid)
-{
-	ASN1_STRING_TABLE *tbl;
-	ASN1_STRING *str = NULL;
-	unsigned long mask;
-	int ret;
-	if(!out) out = &str;
-	tbl = ASN1_STRING_TABLE_get(nid);
-	if(tbl) {
-		mask = tbl->mask;
-		if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
-		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
-					tbl->minsize, tbl->maxsize);
-	} else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
-	if(ret <= 0) return NULL;
-	return *out;
-}
-
-/* Now the tables and helper functions for the string table:
- */
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-#define ub_name				32768
-#define ub_common_name			64
-#define ub_locality_name		128
-#define ub_state_name			128
-#define ub_organization_name		64
-#define ub_organization_unit_name	64
-#define ub_title			64
-#define ub_email_address		128
-
-/* This table must be kept in NID order */
-
-static ASN1_STRING_TABLE tbl_standard[] = {
-{NID_commonName,		1, ub_common_name, DIRSTRING_TYPE, 0},
-{NID_countryName,		2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-{NID_localityName,		1, ub_locality_name, DIRSTRING_TYPE, 0},
-{NID_stateOrProvinceName,	1, ub_state_name, DIRSTRING_TYPE, 0},
-{NID_organizationName,		1, ub_organization_name, DIRSTRING_TYPE, 0},
-{NID_organizationalUnitName,	1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
-{NID_pkcs9_emailAddress,	1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
-{NID_pkcs9_unstructuredName,	1, -1, PKCS9STRING_TYPE, 0},
-{NID_pkcs9_challengePassword,	1, -1, PKCS9STRING_TYPE, 0},
-{NID_pkcs9_unstructuredAddress,	1, -1, DIRSTRING_TYPE, 0},
-{NID_givenName,			1, ub_name, DIRSTRING_TYPE, 0},
-{NID_surname,			1, ub_name, DIRSTRING_TYPE, 0},
-{NID_initials,			1, ub_name, DIRSTRING_TYPE, 0},
-{NID_friendlyName,		-1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
-{NID_name,			1, ub_name, DIRSTRING_TYPE, 0},
-{NID_dnQualifier,		-1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-{NID_ms_csp_name,		-1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
-};
-
-static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
-			const ASN1_STRING_TABLE * const *b)
-{
-	return (*a)->nid - (*b)->nid;
-}
-
-static int table_cmp(const void *a, const void *b)
-{
-	const ASN1_STRING_TABLE *sa = a, *sb = b;
-	return sa->nid - sb->nid;
-}
-
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
-{
-	int idx;
-	ASN1_STRING_TABLE *ttmp;
-	ASN1_STRING_TABLE fnd;
-	fnd.nid = nid;
-	ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
-					(char *)tbl_standard, 
-			sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
-			sizeof(ASN1_STRING_TABLE), table_cmp);
-	if(ttmp) return ttmp;
-	if(!stable) return NULL;
-	idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
-	if(idx < 0) return NULL;
-	return sk_ASN1_STRING_TABLE_value(stable, idx);
-}
-	
-int ASN1_STRING_TABLE_add(int nid,
-		 long minsize, long maxsize, unsigned long mask,
-				unsigned long flags)
-{
-	ASN1_STRING_TABLE *tmp;
-	char new_nid = 0;
-	flags &= ~STABLE_FLAGS_MALLOC;
-	if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
-	if(!stable) {
-		ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if(!(tmp = ASN1_STRING_TABLE_get(nid))) {
-		tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
-		if(!tmp) {
-			ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
-							ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		tmp->flags = flags | STABLE_FLAGS_MALLOC;
-		tmp->nid = nid;
-		new_nid = 1;
-	} else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
-	if(minsize != -1) tmp->minsize = minsize;
-	if(maxsize != -1) tmp->maxsize = maxsize;
-	tmp->mask = mask;
-	if(new_nid) sk_ASN1_STRING_TABLE_push(stable, tmp);
-	return 1;
-}
-
-void ASN1_STRING_TABLE_cleanup(void)
-{
-	STACK_OF(ASN1_STRING_TABLE) *tmp;
-	tmp = stable;
-	if(!tmp) return;
-	stable = NULL;
-	sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
-}
-
-static void st_free(ASN1_STRING_TABLE *tbl)
-{
-	if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl);
-}
-
-IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
diff --git a/crypto/openssl/crypto/asn1/a_time.c b/crypto/openssl/crypto/asn1/a_time.c
deleted file mode 100644
index 7348da9457b3..000000000000
--- a/crypto/openssl/crypto/asn1/a_time.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* crypto/asn1/a_time.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-/* This is an implementation of the ASN1 Time structure which is:
- *    Time ::= CHOICE {
- *      utcTime        UTCTime,
- *      generalTime    GeneralizedTime }
- * written by Steve Henson.
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1t.h>
-
-IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
-
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
-
-#if 0
-int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
-	{
-#ifdef CHARSET_EBCDIC
-	/* KLUDGE! We convert to ascii before writing DER */
-	char tmp[24];
-	ASN1_STRING tmpstr;
-
-	if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
-	    int len;
-
-	    tmpstr = *(ASN1_STRING *)a;
-	    len = tmpstr.length;
-	    ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
-	    tmpstr.data = tmp;
-	    a = (ASN1_GENERALIZEDTIME *) &tmpstr;
-	}
-#endif
-	if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
-				return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-				     a->type ,V_ASN1_UNIVERSAL));
-	ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
-	return -1;
-	}
-#endif
-
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
-	{
-	struct tm *ts;
-	struct tm data;
-
-	ts=OPENSSL_gmtime(&t,&data);
-	if (ts == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
-		return NULL;
-		}
-	if((ts->tm_year >= 50) && (ts->tm_year < 150))
-					return ASN1_UTCTIME_set(s, t);
-	return ASN1_GENERALIZEDTIME_set(s,t);
-	}
-
-int ASN1_TIME_check(ASN1_TIME *t)
-	{
-	if (t->type == V_ASN1_GENERALIZEDTIME)
-		return ASN1_GENERALIZEDTIME_check(t);
-	else if (t->type == V_ASN1_UTCTIME)
-		return ASN1_UTCTIME_check(t);
-	return 0;
-	}
-
-/* Convert an ASN1_TIME structure to GeneralizedTime */
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
-	{
-	ASN1_GENERALIZEDTIME *ret;
-	char *str;
-
-	if (!ASN1_TIME_check(t)) return NULL;
-
-	if (!out || !*out)
-		{
-		if (!(ret = ASN1_GENERALIZEDTIME_new ()))
-			return NULL;
-		if (out) *out = ret;
-		}
-	else ret = *out;
-
-	/* If already GeneralizedTime just copy across */
-	if (t->type == V_ASN1_GENERALIZEDTIME)
-		{
-		if(!ASN1_STRING_set(ret, t->data, t->length))
-			return NULL;
-		return ret;
-		}
-
-	/* grow the string */
-	if (!ASN1_STRING_set(ret, NULL, t->length + 2))
-		return NULL;
-	str = (char *)ret->data;
-	/* Work out the century and prepend */
-	if (t->data[0] >= '5') strcpy(str, "19");
-	else strcpy(str, "20");
-
-	BUF_strlcat(str, (char *)t->data, t->length+3);	/* Include space for a '\0' */
-
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/asn1/a_type.c b/crypto/openssl/crypto/asn1/a_type.c
deleted file mode 100644
index fe3fcd40b0b2..000000000000
--- a/crypto/openssl/crypto/asn1/a_type.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/asn1/a_type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/asn1t.h>
-#include "cryptlib.h"
-
-int ASN1_TYPE_get(ASN1_TYPE *a)
-	{
-	if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
-		return(a->type);
-	else
-		return(0);
-	}
-
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
-	{
-	if (a->value.ptr != NULL)
-		ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
-	a->type=type;
-	a->value.ptr=value;
-	}
-
-
-IMPLEMENT_STACK_OF(ASN1_TYPE)
-IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/crypto/openssl/crypto/asn1/a_utctm.c b/crypto/openssl/crypto/asn1/a_utctm.c
deleted file mode 100644
index dbb4a42c9d15..000000000000
--- a/crypto/openssl/crypto/asn1/a_utctm.c
+++ /dev/null
@@ -1,297 +0,0 @@
-/* crypto/asn1/a_utctm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1.h>
-
-#if 0
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
-	{
-#ifndef CHARSET_EBCDIC
-	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-		V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
-#else
-	/* KLUDGE! We convert to ascii before writing DER */
-	int len;
-	char tmp[24];
-	ASN1_STRING x = *(ASN1_STRING *)a;
-
-	len = x.length;
-	ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
-	x.data = tmp;
-	return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
-#endif
-	}
-
-
-ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
-	     long length)
-	{
-	ASN1_UTCTIME *ret=NULL;
-
-	ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
-		V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
-		return(NULL);
-		}
-#ifdef CHARSET_EBCDIC
-	ascii2ebcdic(ret->data, ret->data, ret->length);
-#endif
-	if (!ASN1_UTCTIME_check(ret))
-		{
-		ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
-		goto err;
-		}
-
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		M_ASN1_UTCTIME_free(ret);
-	return(NULL);
-	}
-
-#endif
-
-int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
-	{
-	static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
-	static int max[8]={99,12,31,23,59,59,12,59};
-	char *a;
-	int n,i,l,o;
-
-	if (d->type != V_ASN1_UTCTIME) return(0);
-	l=d->length;
-	a=(char *)d->data;
-	o=0;
-
-	if (l < 11) goto err;
-	for (i=0; i<6; i++)
-		{
-		if ((i == 5) && ((a[o] == 'Z') ||
-			(a[o] == '+') || (a[o] == '-')))
-			{ i++; break; }
-		if ((a[o] < '0') || (a[o] > '9')) goto err;
-		n= a[o]-'0';
-		if (++o > l) goto err;
-
-		if ((a[o] < '0') || (a[o] > '9')) goto err;
-		n=(n*10)+ a[o]-'0';
-		if (++o > l) goto err;
-
-		if ((n < min[i]) || (n > max[i])) goto err;
-		}
-	if (a[o] == 'Z')
-		o++;
-	else if ((a[o] == '+') || (a[o] == '-'))
-		{
-		o++;
-		if (o+4 > l) goto err;
-		for (i=6; i<8; i++)
-			{
-			if ((a[o] < '0') || (a[o] > '9')) goto err;
-			n= a[o]-'0';
-			o++;
-			if ((a[o] < '0') || (a[o] > '9')) goto err;
-			n=(n*10)+ a[o]-'0';
-			if ((n < min[i]) || (n > max[i])) goto err;
-			o++;
-			}
-		}
-	return(o == l);
-err:
-	return(0);
-	}
-
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str)
-	{
-	ASN1_UTCTIME t;
-
-	t.type=V_ASN1_UTCTIME;
-	t.length=strlen(str);
-	t.data=(unsigned char *)str;
-	if (ASN1_UTCTIME_check(&t))
-		{
-		if (s != NULL)
-			{
-			ASN1_STRING_set((ASN1_STRING *)s,
-				(unsigned char *)str,t.length);
-			s->type = V_ASN1_UTCTIME;
-			}
-		return(1);
-		}
-	else
-		return(0);
-	}
-
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
-	{
-	char *p;
-	struct tm *ts;
-	struct tm data;
-
-	if (s == NULL)
-		s=M_ASN1_UTCTIME_new();
-	if (s == NULL)
-		return(NULL);
-
-	ts=OPENSSL_gmtime(&t, &data);
-	if (ts == NULL)
-		return(NULL);
-
-	p=(char *)s->data;
-	if ((p == NULL) || (s->length < 14))
-		{
-		p=OPENSSL_malloc(20);
-		if (p == NULL) return(NULL);
-		if (s->data != NULL)
-			OPENSSL_free(s->data);
-		s->data=(unsigned char *)p;
-		}
-
-	sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
-		ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
-	s->length=strlen(p);
-	s->type=V_ASN1_UTCTIME;
-#ifdef CHARSET_EBCDIC_not
-	ebcdic2ascii(s->data, s->data, s->length);
-#endif
-	return(s);
-	}
-
-
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
-	{
-	struct tm *tm;
-	struct tm data;
-	int offset;
-	int year;
-
-#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
-
-	if (s->data[12] == 'Z')
-		offset=0;
-	else
-		{
-		offset = g2(s->data+13)*60+g2(s->data+15);
-		if (s->data[12] == '-')
-			offset = -offset;
-		}
-
-	t -= offset*60; /* FIXME: may overflow in extreme cases */
-
-	tm = OPENSSL_gmtime(&t, &data);
-	
-#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
-	year = g2(s->data);
-	if (year < 50)
-		year += 100;
-	return_cmp(year,              tm->tm_year);
-	return_cmp(g2(s->data+2) - 1, tm->tm_mon);
-	return_cmp(g2(s->data+4),     tm->tm_mday);
-	return_cmp(g2(s->data+6),     tm->tm_hour);
-	return_cmp(g2(s->data+8),     tm->tm_min);
-	return_cmp(g2(s->data+10),    tm->tm_sec);
-#undef g2
-#undef return_cmp
-
-	return 0;
-	}
-
-
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
-	{
-	struct tm tm;
-	int offset;
-
-	memset(&tm,'\0',sizeof tm);
-
-#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
-	tm.tm_year=g2(s->data);
-	if(tm.tm_year < 50)
-		tm.tm_year+=100;
-	tm.tm_mon=g2(s->data+2)-1;
-	tm.tm_mday=g2(s->data+4);
-	tm.tm_hour=g2(s->data+6);
-	tm.tm_min=g2(s->data+8);
-	tm.tm_sec=g2(s->data+10);
-	if(s->data[12] == 'Z')
-		offset=0;
-	else
-		{
-		offset=g2(s->data+13)*60+g2(s->data+15);
-		if(s->data[12] == '-')
-			offset= -offset;
-		}
-#undef g2
-
-	return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone
-	                               * instead of UTC, and unless we rewrite OpenSSL
-				       * in Lisp we cannot locally change the timezone
-				       * without possibly interfering with other parts
-	                               * of the program. timegm, which uses UTC, is
-				       * non-standard.
-	                               * Also time_t is inappropriate for general
-	                               * UTC times because it may a 32 bit type. */
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/a_utf8.c b/crypto/openssl/crypto/asn1/a_utf8.c
deleted file mode 100644
index 508e11e527c8..000000000000
--- a/crypto/openssl/crypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/* crypto/asn1/a_utf8.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-
-/* UTF8 utilities */
-
-/* This parses a UTF8 string one character at a time. It is passed a pointer
- * to the string and the length of the string. It sets 'value' to the value of
- * the current character. It returns the number of characters read or a
- * negative error code:
- * -1 = string too short
- * -2 = illegal character
- * -3 = subsequent characters not of the form 10xxxxxx
- * -4 = character encoded incorrectly (not minimal length).
- */
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
-{
-	const unsigned char *p;
-	unsigned long value;
-	int ret;
-	if(len <= 0) return 0;
-	p = str;
-
-	/* Check syntax and work out the encoded value (if correct) */
-	if((*p & 0x80) == 0) {
-		value = *p++ & 0x7f;
-		ret = 1;
-	} else if((*p & 0xe0) == 0xc0) {
-		if(len < 2) return -1;
-		if((p[1] & 0xc0) != 0x80) return -3;
-		value = (*p++ & 0x1f) << 6;
-		value |= *p++ & 0x3f;
-		if(value < 0x80) return -4;
-		ret = 2;
-	} else if((*p & 0xf0) == 0xe0) {
-		if(len < 3) return -1;
-		if( ((p[1] & 0xc0) != 0x80)
-		   || ((p[2] & 0xc0) != 0x80) ) return -3;
-		value = (*p++ & 0xf) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if(value < 0x800) return -4;
-		ret = 3;
-	} else if((*p & 0xf8) == 0xf0) {
-		if(len < 4) return -1;
-		if( ((p[1] & 0xc0) != 0x80)
-		   || ((p[2] & 0xc0) != 0x80) 
-		   || ((p[3] & 0xc0) != 0x80) ) return -3;
-		value = ((unsigned long)(*p++ & 0x7)) << 18;
-		value |= (*p++ & 0x3f) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if(value < 0x10000) return -4;
-		ret = 4;
-	} else if((*p & 0xfc) == 0xf8) {
-		if(len < 5) return -1;
-		if( ((p[1] & 0xc0) != 0x80)
-		   || ((p[2] & 0xc0) != 0x80) 
-		   || ((p[3] & 0xc0) != 0x80) 
-		   || ((p[4] & 0xc0) != 0x80) ) return -3;
-		value = ((unsigned long)(*p++ & 0x3)) << 24;
-		value |= ((unsigned long)(*p++ & 0x3f)) << 18;
-		value |= ((unsigned long)(*p++ & 0x3f)) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if(value < 0x200000) return -4;
-		ret = 5;
-	} else if((*p & 0xfe) == 0xfc) {
-		if(len < 6) return -1;
-		if( ((p[1] & 0xc0) != 0x80)
-		   || ((p[2] & 0xc0) != 0x80) 
-		   || ((p[3] & 0xc0) != 0x80) 
-		   || ((p[4] & 0xc0) != 0x80) 
-		   || ((p[5] & 0xc0) != 0x80) ) return -3;
-		value = ((unsigned long)(*p++ & 0x1)) << 30;
-		value |= ((unsigned long)(*p++ & 0x3f)) << 24;
-		value |= ((unsigned long)(*p++ & 0x3f)) << 18;
-		value |= ((unsigned long)(*p++ & 0x3f)) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if(value < 0x4000000) return -4;
-		ret = 6;
-	} else return -2;
-	*val = value;
-	return ret;
-}
-
-/* This takes a character 'value' and writes the UTF8 encoded value in
- * 'str' where 'str' is a buffer containing 'len' characters. Returns
- * the number of characters written or -1 if 'len' is too small. 'str' can
- * be set to NULL in which case it just returns the number of characters.
- * It will need at most 6 characters.
- */
-
-int UTF8_putc(unsigned char *str, int len, unsigned long value)
-{
-	if(!str) len = 6;	/* Maximum we will need */
-	else if(len <= 0) return -1;
-	if(value < 0x80) {
-		if(str) *str = (unsigned char)value;
-		return 1;
-	}
-	if(value < 0x800) {
-		if(len < 2) return -1;
-		if(str) {
-			*str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
-			*str = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 2;
-	}
-	if(value < 0x10000) {
-		if(len < 3) return -1;
-		if(str) {
-			*str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
-			*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-			*str = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 3;
-	}
-	if(value < 0x200000) {
-		if(len < 4) return -1;
-		if(str) {
-			*str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
-			*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-			*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-			*str = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 4;
-	}
-	if(value < 0x4000000) {
-		if(len < 5) return -1;
-		if(str) {
-			*str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
-			*str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
-			*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-			*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-			*str = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 5;
-	}
-	if(len < 6) return -1;
-	if(str) {
-		*str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
-		*str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
-		*str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
-		*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-		*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-		*str = (unsigned char)((value & 0x3f) | 0x80);
-	}
-	return 6;
-}
diff --git a/crypto/openssl/crypto/asn1/a_verify.c b/crypto/openssl/crypto/asn1/a_verify.c
deleted file mode 100644
index da2a0a6d6950..000000000000
--- a/crypto/openssl/crypto/asn1/a_verify.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* crypto/asn1/a_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
-	     char *data, EVP_PKEY *pkey)
-	{
-	EVP_MD_CTX ctx;
-	const EVP_MD *type;
-	unsigned char *p,*buf_in=NULL;
-	int ret= -1,i,inl;
-
-	EVP_MD_CTX_init(&ctx);
-	i=OBJ_obj2nid(a->algorithm);
-	type=EVP_get_digestbyname(OBJ_nid2sn(i));
-	if (type == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
-		goto err;
-		}
-	
-	inl=i2d(data,NULL);
-	buf_in=OPENSSL_malloc((unsigned int)inl);
-	if (buf_in == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=buf_in;
-
-	i2d(data,&p);
-	EVP_VerifyInit_ex(&ctx,type, NULL);
-	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
-
-	OPENSSL_cleanse(buf_in,(unsigned int)inl);
-	OPENSSL_free(buf_in);
-
-	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
-			(unsigned int)signature->length,pkey) <= 0)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
-		ret=0;
-		goto err;
-		}
-	/* we don't need to zero the 'ctx' because we just checked
-	 * public information */
-	/* memset(&ctx,0,sizeof(ctx)); */
-	ret=1;
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	return(ret);
-	}
-
-#endif
-
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature,
-	     void *asn, EVP_PKEY *pkey)
-	{
-	EVP_MD_CTX ctx;
-	const EVP_MD *type;
-	unsigned char *buf_in=NULL;
-	int ret= -1,i,inl;
-
-	EVP_MD_CTX_init(&ctx);
-	i=OBJ_obj2nid(a->algorithm);
-	type=EVP_get_digestbyname(OBJ_nid2sn(i));
-	if (type == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
-		goto err;
-		}
-
-	inl = ASN1_item_i2d(asn, &buf_in, it);
-	
-	if (buf_in == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	EVP_VerifyInit_ex(&ctx,type, NULL);
-	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
-
-	OPENSSL_cleanse(buf_in,(unsigned int)inl);
-	OPENSSL_free(buf_in);
-
-	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
-			(unsigned int)signature->length,pkey) <= 0)
-		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
-		ret=0;
-		goto err;
-		}
-	/* we don't need to zero the 'ctx' because we just checked
-	 * public information */
-	/* memset(&ctx,0,sizeof(ctx)); */
-	ret=1;
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	return(ret);
-	}
-
-
diff --git a/crypto/openssl/crypto/asn1/a_vis.c b/crypto/openssl/crypto/asn1/a_vis.c
deleted file mode 100644
index 5cfc080bec31..000000000000
--- a/crypto/openssl/crypto/asn1/a_vis.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_vis.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void)
-{ return M_ASN1_VISIBLESTRING_new(); }
-
-void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *x)
-{ M_ASN1_VISIBLESTRING_free(x); }
-
-int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **pp)
-	{
-	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-		V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL));
-	}
-
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
-	     unsigned char **pp, long length)
-	{
-	ASN1_VISIBLESTRING *ret=NULL;
-
-	ret=(ASN1_VISIBLESTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-		pp,length,V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL);
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_D2I_ASN1_VISIBLESTRING,ERR_R_NESTED_ASN1_ERROR);
-		return(NULL);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/asn1.h b/crypto/openssl/crypto/asn1/asn1.h
deleted file mode 100644
index 99ba920eca1f..000000000000
--- a/crypto/openssl/crypto/asn1/asn1.h
+++ /dev/null
@@ -1,1105 +0,0 @@
-/* crypto/asn1/asn1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
-
-#include <time.h>
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/e_os2.h>
-#include <openssl/bn.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-
-#include <openssl/symhacks.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define V_ASN1_UNIVERSAL		0x00
-#define	V_ASN1_APPLICATION		0x40
-#define V_ASN1_CONTEXT_SPECIFIC		0x80
-#define V_ASN1_PRIVATE			0xc0
-
-#define V_ASN1_CONSTRUCTED		0x20
-#define V_ASN1_PRIMITIVE_TAG		0x1f
-#define V_ASN1_PRIMATIVE_TAG		0x1f
-
-#define V_ASN1_APP_CHOOSE		-2	/* let the recipient choose */
-#define V_ASN1_OTHER			-3	/* used in ASN1_TYPE */
-#define V_ASN1_ANY			-4	/* used in ASN1 template code */
-
-#define V_ASN1_NEG			0x100	/* negative flag */
-
-#define V_ASN1_UNDEF			-1
-#define V_ASN1_EOC			0
-#define V_ASN1_BOOLEAN			1	/**/
-#define V_ASN1_INTEGER			2
-#define V_ASN1_NEG_INTEGER		(2 | V_ASN1_NEG)
-#define V_ASN1_BIT_STRING		3
-#define V_ASN1_OCTET_STRING		4
-#define V_ASN1_NULL			5
-#define V_ASN1_OBJECT			6
-#define V_ASN1_OBJECT_DESCRIPTOR	7
-#define V_ASN1_EXTERNAL			8
-#define V_ASN1_REAL			9
-#define V_ASN1_ENUMERATED		10
-#define V_ASN1_NEG_ENUMERATED		(10 | V_ASN1_NEG)
-#define V_ASN1_UTF8STRING		12
-#define V_ASN1_SEQUENCE			16
-#define V_ASN1_SET			17
-#define V_ASN1_NUMERICSTRING		18	/**/
-#define V_ASN1_PRINTABLESTRING		19
-#define V_ASN1_T61STRING		20
-#define V_ASN1_TELETEXSTRING		20	/* alias */
-#define V_ASN1_VIDEOTEXSTRING		21	/**/
-#define V_ASN1_IA5STRING		22
-#define V_ASN1_UTCTIME			23
-#define V_ASN1_GENERALIZEDTIME		24	/**/
-#define V_ASN1_GRAPHICSTRING		25	/**/
-#define V_ASN1_ISO64STRING		26	/**/
-#define V_ASN1_VISIBLESTRING		26	/* alias */
-#define V_ASN1_GENERALSTRING		27	/**/
-#define V_ASN1_UNIVERSALSTRING		28	/**/
-#define V_ASN1_BMPSTRING		30
-
-/* For use with d2i_ASN1_type_bytes() */
-#define B_ASN1_NUMERICSTRING	0x0001
-#define B_ASN1_PRINTABLESTRING	0x0002
-#define B_ASN1_T61STRING	0x0004
-#define B_ASN1_TELETEXSTRING	0x0008
-#define B_ASN1_VIDEOTEXSTRING	0x0008
-#define B_ASN1_IA5STRING	0x0010
-#define B_ASN1_GRAPHICSTRING	0x0020
-#define B_ASN1_ISO64STRING	0x0040
-#define B_ASN1_VISIBLESTRING	0x0040
-#define B_ASN1_GENERALSTRING	0x0080
-#define B_ASN1_UNIVERSALSTRING	0x0100
-#define B_ASN1_OCTET_STRING	0x0200
-#define B_ASN1_BIT_STRING	0x0400
-#define B_ASN1_BMPSTRING	0x0800
-#define B_ASN1_UNKNOWN		0x1000
-#define B_ASN1_UTF8STRING	0x2000
-#define B_ASN1_UTCTIME		0x4000
-#define B_ASN1_GENERALIZEDTIME	0x8000
-
-/* For use with ASN1_mbstring_copy() */
-#define MBSTRING_FLAG		0x1000
-#define MBSTRING_ASC		(MBSTRING_FLAG|1)
-#define MBSTRING_BMP		(MBSTRING_FLAG|2)
-#define MBSTRING_UNIV		(MBSTRING_FLAG|3)
-#define MBSTRING_UTF8		(MBSTRING_FLAG|4)
-
-struct X509_algor_st;
-
-#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
-#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
-
-typedef struct asn1_ctx_st
-	{
-	unsigned char *p;/* work char pointer */
-	int eos;	/* end of sequence read for indefinite encoding */
-	int error;	/* error code to use when returning an error */
-	int inf;	/* constructed if 0x20, indefinite is 0x21 */
-	int tag;	/* tag from last 'get object' */
-	int xclass;	/* class from last 'get object' */
-	long slen;	/* length of last 'get object' */
-	unsigned char *max; /* largest value of p allowed */
-	unsigned char *q;/* temporary variable */
-	unsigned char **pp;/* variable */
-	int line;	/* used in error processing */
-	} ASN1_CTX;
-
-/* These are used internally in the ASN1_OBJECT to keep track of
- * whether the names and data need to be free()ed */
-#define ASN1_OBJECT_FLAG_DYNAMIC	 0x01	/* internal use */
-#define ASN1_OBJECT_FLAG_CRITICAL	 0x02	/* critical x509v3 object id */
-#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04	/* internal use */
-#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 	 0x08	/* internal use */
-typedef struct asn1_object_st
-	{
-	const char *sn,*ln;
-	int nid;
-	int length;
-	unsigned char *data;
-	int flags;	/* Should we free this one */
-	} ASN1_OBJECT;
-
-#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
-/* This is the base type that holds just about everything :-) */
-typedef struct asn1_string_st
-	{
-	int length;
-	int type;
-	unsigned char *data;
-	/* The value of the following field depends on the type being
-	 * held.  It is mostly being used for BIT_STRING so if the
-	 * input data has a non-zero 'unused bits' value, it will be
-	 * handled correctly */
-	long flags;
-	} ASN1_STRING;
-
-/* ASN1_ENCODING structure: this is used to save the received
- * encoding of an ASN1 type. This is useful to get round
- * problems with invalid encodings which can break signatures.
- */
-
-typedef struct ASN1_ENCODING_st
-	{
-	unsigned char *enc;	/* DER encoding */
-	long len;		/* Length of encoding */
-	int modified;		 /* set to 1 if 'enc' is invalid */
-	} ASN1_ENCODING;
-
-/* Used with ASN1 LONG type: if a long is set to this it is omitted */
-#define ASN1_LONG_UNDEF	0x7fffffffL
-
-#define STABLE_FLAGS_MALLOC	0x01
-#define STABLE_NO_MASK		0x02
-#define DIRSTRING_TYPE	\
- (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
-
-typedef struct asn1_string_table_st {
-	int nid;
-	long minsize;
-	long maxsize;
-	unsigned long mask;
-	unsigned long flags;
-} ASN1_STRING_TABLE;
-
-DECLARE_STACK_OF(ASN1_STRING_TABLE)
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-#define ub_name				32768
-#define ub_common_name			64
-#define ub_locality_name		128
-#define ub_state_name			128
-#define ub_organization_name		64
-#define ub_organization_unit_name	64
-#define ub_title			64
-#define ub_email_address		128
-
-/* Declarations for template structures: for full definitions
- * see asn1t.h
- */
-typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_ITEM_st ASN1_ITEM;
-typedef struct ASN1_TLC_st ASN1_TLC;
-/* This is just an opaque pointer */
-typedef struct ASN1_VALUE_st ASN1_VALUE;
-
-/* Declare ASN1 functions: the implement macro in in asn1t.h */
-
-#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-
-#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
-	type *name##_new(void); \
-	void name##_free(type *a); \
-	DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-
-#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
-	type *name##_new(void); \
-	void name##_free(type *a); \
-	DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
-
-#define	DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
-	type *d2i_##name(type **a, unsigned char **in, long len); \
-	int i2d_##name(type *a, unsigned char **out); \
-	DECLARE_ASN1_ITEM(itname)
-
-#define	DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
-	type *d2i_##name(type **a, const unsigned char **in, long len); \
-	int i2d_##name(const type *a, unsigned char **out); \
-	DECLARE_ASN1_ITEM(name)
-
-#define DECLARE_ASN1_FUNCTIONS_const(name) \
-	name *name##_new(void); \
-	void name##_free(name *a);
-
-
-/* The following macros and typedefs allow an ASN1_ITEM
- * to be embedded in a structure and referenced. Since
- * the ASN1_ITEM pointers need to be globally accessible
- * (possibly from shared libraries) they may exist in
- * different forms. On platforms that support it the
- * ASN1_ITEM structure itself will be globally exported.
- * Other platforms will export a function that returns
- * an ASN1_ITEM pointer.
- *
- * To handle both cases transparently the macros below
- * should be used instead of hard coding an ASN1_ITEM
- * pointer in a structure.
- *
- * The structure will look like this:
- *
- * typedef struct SOMETHING_st {
- *      ...
- *      ASN1_ITEM_EXP *iptr;
- *      ...
- * } SOMETHING; 
- *
- * It would be initialised as e.g.:
- *
- * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
- *
- * and the actual pointer extracted with:
- *
- * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
- *
- * Finally an ASN1_ITEM pointer can be extracted from an
- * appropriate reference with: ASN1_ITEM_rptr(X509). This
- * would be used when a function takes an ASN1_ITEM * argument.
- *
- */
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM ASN1_ITEM_EXP;
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-#define ASN1_ITEM_ptr(iptr) (iptr)
-
-/* Macro to include ASN1_ITEM pointer from base type */
-#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
-
-#define ASN1_ITEM_rptr(ref) (&(ref##_it))
-
-#define DECLARE_ASN1_ITEM(name) \
-	OPENSSL_EXTERN const ASN1_ITEM name##_it;
-
-#else
-
-/* Platforms that can't easily handle shared global variables are declared
- * as functions returning ASN1_ITEM pointers.
- */
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-#define ASN1_ITEM_ptr(iptr) (iptr())
-
-/* Macro to include ASN1_ITEM pointer from base type */
-#define ASN1_ITEM_ref(iptr) (iptr##_it)
-
-#define ASN1_ITEM_rptr(ref) (ref##_it())
-
-#define DECLARE_ASN1_ITEM(name) \
-	const ASN1_ITEM * name##_it(void);
-
-#endif
-
-/* Parameters used by ASN1_STRING_print_ex() */
-
-/* These determine which characters to escape:
- * RFC2253 special characters, control characters and
- * MSB set characters
- */
-
-#define ASN1_STRFLGS_ESC_2253		1
-#define ASN1_STRFLGS_ESC_CTRL		2
-#define ASN1_STRFLGS_ESC_MSB		4
-
-
-/* This flag determines how we do escaping: normally
- * RC2253 backslash only, set this to use backslash and
- * quote.
- */
-
-#define ASN1_STRFLGS_ESC_QUOTE		8
-
-
-/* These three flags are internal use only. */
-
-/* Character is a valid PrintableString character */
-#define CHARTYPE_PRINTABLESTRING	0x10
-/* Character needs escaping if it is the first character */
-#define CHARTYPE_FIRST_ESC_2253		0x20
-/* Character needs escaping if it is the last character */
-#define CHARTYPE_LAST_ESC_2253		0x40
-
-/* NB the internal flags are safely reused below by flags
- * handled at the top level.
- */
-
-/* If this is set we convert all character strings
- * to UTF8 first 
- */
-
-#define ASN1_STRFLGS_UTF8_CONVERT	0x10
-
-/* If this is set we don't attempt to interpret content:
- * just assume all strings are 1 byte per character. This
- * will produce some pretty odd looking output!
- */
-
-#define ASN1_STRFLGS_IGNORE_TYPE	0x20
-
-/* If this is set we include the string type in the output */
-#define ASN1_STRFLGS_SHOW_TYPE		0x40
-
-/* This determines which strings to display and which to
- * 'dump' (hex dump of content octets or DER encoding). We can
- * only dump non character strings or everything. If we
- * don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to
- * the usual escaping options.
- */
-
-#define ASN1_STRFLGS_DUMP_ALL		0x80
-#define ASN1_STRFLGS_DUMP_UNKNOWN	0x100
-
-/* These determine what 'dumping' does, we can dump the
- * content octets or the DER encoding: both use the
- * RFC2253 #XXXXX notation.
- */
-
-#define ASN1_STRFLGS_DUMP_DER		0x200
-
-/* All the string flags consistent with RFC2253,
- * escaping control characters isn't essential in
- * RFC2253 but it is advisable anyway.
- */
-
-#define ASN1_STRFLGS_RFC2253	(ASN1_STRFLGS_ESC_2253 | \
-				ASN1_STRFLGS_ESC_CTRL | \
-				ASN1_STRFLGS_ESC_MSB | \
-				ASN1_STRFLGS_UTF8_CONVERT | \
-				ASN1_STRFLGS_DUMP_UNKNOWN | \
-				ASN1_STRFLGS_DUMP_DER)
-
-DECLARE_STACK_OF(ASN1_INTEGER)
-DECLARE_ASN1_SET_OF(ASN1_INTEGER)
-
-DECLARE_STACK_OF(ASN1_GENERALSTRING)
-
-typedef struct asn1_type_st
-	{
-	int type;
-	union	{
-		char *ptr;
-		ASN1_BOOLEAN		boolean;
-		ASN1_STRING *		asn1_string;
-		ASN1_OBJECT *		object;
-		ASN1_INTEGER *		integer;
-		ASN1_ENUMERATED *	enumerated;
-		ASN1_BIT_STRING *	bit_string;
-		ASN1_OCTET_STRING *	octet_string;
-		ASN1_PRINTABLESTRING *	printablestring;
-		ASN1_T61STRING *	t61string;
-		ASN1_IA5STRING *	ia5string;
-		ASN1_GENERALSTRING *	generalstring;
-		ASN1_BMPSTRING *	bmpstring;
-		ASN1_UNIVERSALSTRING *	universalstring;
-		ASN1_UTCTIME *		utctime;
-		ASN1_GENERALIZEDTIME *	generalizedtime;
-		ASN1_VISIBLESTRING *	visiblestring;
-		ASN1_UTF8STRING *	utf8string;
-		/* set and sequence are left complete and still
-		 * contain the set or sequence bytes */
-		ASN1_STRING *		set;
-		ASN1_STRING *		sequence;
-		} value;
-	} ASN1_TYPE;
-
-DECLARE_STACK_OF(ASN1_TYPE)
-DECLARE_ASN1_SET_OF(ASN1_TYPE)
-
-typedef struct asn1_method_st
-	{
-	int (*i2d)();
-	char *(*d2i)();
-	char *(*create)();
-	void (*destroy)();
-	} ASN1_METHOD;
-
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st
-	{
-	ASN1_OCTET_STRING *header;
-	char *data;
-	ASN1_METHOD *meth;
-	} ASN1_HEADER;
-
-/* This is used to contain a list of bit names */
-typedef struct BIT_STRING_BITNAME_st {
-	int bitnum;
-	const char *lname;
-	const char *sname;
-} BIT_STRING_BITNAME;
-
-
-#define M_ASN1_STRING_length(x)	((x)->length)
-#define M_ASN1_STRING_length_set(x, n)	((x)->length = (n))
-#define M_ASN1_STRING_type(x)	((x)->type)
-#define M_ASN1_STRING_data(x)	((x)->data)
-
-/* Macros for string operations */
-#define M_ASN1_BIT_STRING_new()	(ASN1_BIT_STRING *)\
-		ASN1_STRING_type_new(V_ASN1_BIT_STRING)
-#define M_ASN1_BIT_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
-		ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-
-#define M_ASN1_INTEGER_new()	(ASN1_INTEGER *)\
-		ASN1_STRING_type_new(V_ASN1_INTEGER)
-#define M_ASN1_INTEGER_free(a)		ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_cmp(a,b)	ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
-
-#define M_ASN1_ENUMERATED_new()	(ASN1_ENUMERATED *)\
-		ASN1_STRING_type_new(V_ASN1_ENUMERATED)
-#define M_ASN1_ENUMERATED_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_cmp(a,b)	ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
-
-#define M_ASN1_OCTET_STRING_new()	(ASN1_OCTET_STRING *)\
-		ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
-#define M_ASN1_OCTET_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
-		ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_OCTET_STRING_set(a,b,c)	ASN1_STRING_set((ASN1_STRING *)a,b,c)
-#define M_ASN1_OCTET_STRING_print(a,b)	ASN1_STRING_print(a,(ASN1_STRING *)b)
-#define M_i2d_ASN1_OCTET_STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
-		V_ASN1_UNIVERSAL)
-
-#define B_ASN1_TIME \
-			B_ASN1_UTCTIME | \
-			B_ASN1_GENERALIZEDTIME
-
-#define B_ASN1_PRINTABLE \
-			B_ASN1_PRINTABLESTRING| \
-			B_ASN1_T61STRING| \
-			B_ASN1_IA5STRING| \
-			B_ASN1_BIT_STRING| \
-			B_ASN1_UNIVERSALSTRING|\
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UTF8STRING|\
-			B_ASN1_UNKNOWN
-
-#define B_ASN1_DIRECTORYSTRING \
-			B_ASN1_PRINTABLESTRING| \
-			B_ASN1_TELETEXSTRING|\
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UNIVERSALSTRING|\
-			B_ASN1_UTF8STRING
-
-#define B_ASN1_DISPLAYTEXT \
-			B_ASN1_IA5STRING| \
-			B_ASN1_VISIBLESTRING| \
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UTF8STRING
-
-#define M_ASN1_PRINTABLE_new()	ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-		pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_PRINTABLE)
-
-#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_DIRECTORYSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-						pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DIRECTORYSTRING(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_DIRECTORYSTRING)
-
-#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-						pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DISPLAYTEXT(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_DISPLAYTEXT)
-
-#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
-		ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_ASN1_PRINTABLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
-		V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
-		(ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
-
-#define M_ASN1_T61STRING_new()	(ASN1_T61STRING *)\
-		ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_T61STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_T61STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
-		V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_T61STRING(a,pp,l) \
-		(ASN1_T61STRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
-
-#define M_ASN1_IA5STRING_new()	(ASN1_IA5STRING *)\
-		ASN1_STRING_type_new(V_ASN1_IA5STRING)
-#define M_ASN1_IA5STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_IA5STRING_dup(a)	\
-			(ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_i2d_ASN1_IA5STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_IA5STRING(a,pp,l) \
-		(ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
-			B_ASN1_IA5STRING)
-
-#define M_ASN1_UTCTIME_new()	(ASN1_UTCTIME *)\
-		ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_UTCTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
-
-#define M_ASN1_GENERALIZEDTIME_new()	(ASN1_GENERALIZEDTIME *)\
-		ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
-#define M_ASN1_GENERALIZEDTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
-	(ASN1_STRING *)a)
-
-#define M_ASN1_TIME_new()	(ASN1_TIME *)\
-		ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_TIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
-
-#define M_ASN1_GENERALSTRING_new()	(ASN1_GENERALSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
-#define M_ASN1_GENERALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_GENERALSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
-		(ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
-
-#define M_ASN1_UNIVERSALSTRING_new()	(ASN1_UNIVERSALSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
-#define M_ASN1_UNIVERSALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
-		(ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
-
-#define M_ASN1_BMPSTRING_new()	(ASN1_BMPSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_BMPSTRING)
-#define M_ASN1_BMPSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_BMPSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
-		(ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
-
-#define M_ASN1_VISIBLESTRING_new()	(ASN1_VISIBLESTRING *)\
-		ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_ASN1_VISIBLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
-		(ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
-
-#define M_ASN1_UTF8STRING_new()	(ASN1_UTF8STRING *)\
-		ASN1_STRING_type_new(V_ASN1_UTF8STRING)
-#define M_ASN1_UTF8STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UTF8STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
-		(ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
-
-  /* for the is_set parameter to i2d_ASN1_SET */
-#define IS_SEQUENCE	0
-#define IS_SET		1
-
-DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-int ASN1_TYPE_get(ASN1_TYPE *a);
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
-
-ASN1_OBJECT *	ASN1_OBJECT_new(void );
-void		ASN1_OBJECT_free(ASN1_OBJECT *a);
-int		i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
-ASN1_OBJECT *	c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
-			long length);
-ASN1_OBJECT *	d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
-			long length);
-
-DECLARE_ASN1_ITEM(ASN1_OBJECT)
-
-DECLARE_STACK_OF(ASN1_OBJECT)
-DECLARE_ASN1_SET_OF(ASN1_OBJECT)
-
-ASN1_STRING *	ASN1_STRING_new(void);
-void		ASN1_STRING_free(ASN1_STRING *a);
-ASN1_STRING *	ASN1_STRING_dup(ASN1_STRING *a);
-ASN1_STRING *	ASN1_STRING_type_new(int type );
-int 		ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
-  /* Since this is used to store all sorts of things, via macros, for now, make
-     its data void * */
-int 		ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-int ASN1_STRING_length(ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
-int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char * ASN1_STRING_data(ASN1_STRING *x);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-int		i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
-			long length);
-int		ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
-			int length );
-int		ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int		ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-
-#ifndef OPENSSL_NO_BIO
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-				BIT_STRING_BITNAME *tbl, int indent);
-#endif
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-				BIT_STRING_BITNAME *tbl);
-
-int		i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
-int 		d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
-int		i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
-			long length);
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
-			long length);
-ASN1_INTEGER *	ASN1_INTEGER_dup(ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); 
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
-#endif
-
-int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); 
-
-DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *	ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
-int 	ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
-int 	ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
-DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
-int ASN1_TIME_check(ASN1_TIME *t);
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
-
-int		i2d_ASN1_SET(STACK *a, unsigned char **pp,
-			int (*func)(), int ex_tag, int ex_class, int is_set);
-STACK *		d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
-			char *(*func)(), void (*free_func)(void *),
-			int ex_tag, int ex_class);
-
-#ifndef OPENSSL_NO_BIO
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size);
-int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-#endif
-int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
-
-int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
-	const char *sn, const char *ln);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
-
-/* General */
-/* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(unsigned char *s, int max);
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
-	long length, int Ptag, int Pclass);
-unsigned long ASN1_tag2bit(int tag);
-/* type is one or more of the B_ASN1_ values. */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
-		long length,int type);
-
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
-	int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p,long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length,
-	int tag, int xclass);
-int ASN1_object_size(int constructed, int length, int tag);
-
-/* Used to implement other functions */
-char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
-
-#ifndef OPENSSL_NO_FP_API
-char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-#endif
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-#ifndef OPENSSL_NO_BIO
-char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
-int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump);
-#endif
-const char *ASN1_tag2str(int tag);
-
-/* Used to load and write netscape format cert/key */
-int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
-ASN1_HEADER *ASN1_HEADER_new(void );
-void ASN1_HEADER_free(ASN1_HEADER *a);
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-
-/* Not used that much at this point, except for the first two */
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
-	unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
-	unsigned char *data, int max_len);
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
-	unsigned char *data, int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
-	unsigned char *data, int max_len);
-
-STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
-						 void (*free_func)(void *) ); 
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
-			     int *len );
-void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
-ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
-
-void ASN1_STRING_set_default_mask(unsigned long mask);
-int ASN1_STRING_set_default_mask_asc(char *p);
-unsigned long ASN1_STRING_get_default_mask(void);
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-					int inform, unsigned long mask);
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-					int inform, unsigned long mask, 
-					long minsize, long maxsize);
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, 
-		const unsigned char *in, int inlen, int inform, int nid);
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
-int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
-void ASN1_STRING_TABLE_cleanup(void);
-
-/* ASN1 template functions */
-
-/* Old API compatible functions */
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
-ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it);
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-
-void ASN1_add_oid_module(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ASN1_strings(void);
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-#define ASN1_F_A2D_ASN1_OBJECT				 100
-#define ASN1_F_A2I_ASN1_ENUMERATED			 101
-#define ASN1_F_A2I_ASN1_INTEGER				 102
-#define ASN1_F_A2I_ASN1_STRING				 103
-#define ASN1_F_ASN1_CHECK_TLEN				 104
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE			 105
-#define ASN1_F_ASN1_COLLECT				 106
-#define ASN1_F_ASN1_D2I_BIO				 107
-#define ASN1_F_ASN1_D2I_EX_PRIMITIVE			 108
-#define ASN1_F_ASN1_D2I_FP				 109
-#define ASN1_F_ASN1_DO_ADB				 110
-#define ASN1_F_ASN1_DUP					 111
-#define ASN1_F_ASN1_ENUMERATED_SET			 112
-#define ASN1_F_ASN1_ENUMERATED_TO_BN			 113
-#define ASN1_F_ASN1_GET_OBJECT				 114
-#define ASN1_F_ASN1_HEADER_NEW				 115
-#define ASN1_F_ASN1_I2D_BIO				 116
-#define ASN1_F_ASN1_I2D_FP				 117
-#define ASN1_F_ASN1_INTEGER_SET				 118
-#define ASN1_F_ASN1_INTEGER_TO_BN			 119
-#define ASN1_F_ASN1_ITEM_EX_D2I				 120
-#define ASN1_F_ASN1_ITEM_NEW				 121
-#define ASN1_F_ASN1_MBSTRING_COPY			 122
-#define ASN1_F_ASN1_OBJECT_NEW				 123
-#define ASN1_F_ASN1_PACK_STRING				 124
-#define ASN1_F_ASN1_PBE_SET				 125
-#define ASN1_F_ASN1_SEQ_PACK				 126
-#define ASN1_F_ASN1_SEQ_UNPACK				 127
-#define ASN1_F_ASN1_SIGN				 128
-#define ASN1_F_ASN1_STRING_TABLE_ADD			 129
-#define ASN1_F_ASN1_STRING_TYPE_NEW			 130
-#define ASN1_F_ASN1_TEMPLATE_D2I			 131
-#define ASN1_F_ASN1_TEMPLATE_EX_D2I			 132
-#define ASN1_F_ASN1_TEMPLATE_NEW			 133
-#define ASN1_F_ASN1_TIME_SET				 175
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 134
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 135
-#define ASN1_F_ASN1_UNPACK_STRING			 136
-#define ASN1_F_ASN1_VERIFY				 137
-#define ASN1_F_BN_TO_ASN1_ENUMERATED			 138
-#define ASN1_F_BN_TO_ASN1_INTEGER			 139
-#define ASN1_F_COLLECT_DATA				 140
-#define ASN1_F_D2I_ASN1_BIT_STRING			 141
-#define ASN1_F_D2I_ASN1_BOOLEAN				 142
-#define ASN1_F_D2I_ASN1_BYTES				 143
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME			 144
-#define ASN1_F_D2I_ASN1_HEADER				 145
-#define ASN1_F_D2I_ASN1_INTEGER				 146
-#define ASN1_F_D2I_ASN1_OBJECT				 147
-#define ASN1_F_D2I_ASN1_SET				 148
-#define ASN1_F_D2I_ASN1_TYPE_BYTES			 149
-#define ASN1_F_D2I_ASN1_UINTEGER			 150
-#define ASN1_F_D2I_ASN1_UTCTIME				 151
-#define ASN1_F_D2I_NETSCAPE_RSA				 152
-#define ASN1_F_D2I_NETSCAPE_RSA_2			 153
-#define ASN1_F_D2I_PRIVATEKEY				 154
-#define ASN1_F_D2I_PUBLICKEY				 155
-#define ASN1_F_D2I_X509					 156
-#define ASN1_F_D2I_X509_CINF				 157
-#define ASN1_F_D2I_X509_NAME				 158
-#define ASN1_F_D2I_X509_PKEY				 159
-#define ASN1_F_I2D_ASN1_TIME				 160
-#define ASN1_F_I2D_DSA_PUBKEY				 161
-#define ASN1_F_I2D_NETSCAPE_RSA				 162
-#define ASN1_F_I2D_PRIVATEKEY				 163
-#define ASN1_F_I2D_PUBLICKEY				 164
-#define ASN1_F_I2D_RSA_PUBKEY				 165
-#define ASN1_F_LONG_C2I					 166
-#define ASN1_F_OID_MODULE_INIT				 174
-#define ASN1_F_PKCS5_PBE2_SET				 167
-#define ASN1_F_X509_CINF_NEW				 168
-#define ASN1_F_X509_CRL_ADD0_REVOKED			 169
-#define ASN1_F_X509_INFO_NEW				 170
-#define ASN1_F_X509_NAME_NEW				 171
-#define ASN1_F_X509_NEW					 172
-#define ASN1_F_X509_PKEY_NEW				 173
-
-/* Reason codes. */
-#define ASN1_R_ADDING_OBJECT				 171
-#define ASN1_R_AUX_ERROR				 100
-#define ASN1_R_BAD_CLASS				 101
-#define ASN1_R_BAD_OBJECT_HEADER			 102
-#define ASN1_R_BAD_PASSWORD_READ			 103
-#define ASN1_R_BAD_TAG					 104
-#define ASN1_R_BN_LIB					 105
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 106
-#define ASN1_R_BUFFER_TOO_SMALL				 107
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER		 108
-#define ASN1_R_DATA_IS_WRONG				 109
-#define ASN1_R_DECODE_ERROR				 110
-#define ASN1_R_DECODING_ERROR				 111
-#define ASN1_R_ENCODE_ERROR				 112
-#define ASN1_R_ERROR_GETTING_TIME			 173
-#define ASN1_R_ERROR_LOADING_SECTION			 172
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT		 113
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS		 114
-#define ASN1_R_EXPECTING_AN_INTEGER			 115
-#define ASN1_R_EXPECTING_AN_OBJECT			 116
-#define ASN1_R_EXPECTING_A_BOOLEAN			 117
-#define ASN1_R_EXPECTING_A_TIME				 118
-#define ASN1_R_EXPLICIT_LENGTH_MISMATCH			 119
-#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED		 120
-#define ASN1_R_FIELD_MISSING				 121
-#define ASN1_R_FIRST_NUM_TOO_LARGE			 122
-#define ASN1_R_HEADER_TOO_LONG				 123
-#define ASN1_R_ILLEGAL_CHARACTERS			 124
-#define ASN1_R_ILLEGAL_NULL				 125
-#define ASN1_R_ILLEGAL_OPTIONAL_ANY			 126
-#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE		 170
-#define ASN1_R_ILLEGAL_TAGGED_ANY			 127
-#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG		 128
-#define ASN1_R_INVALID_BMPSTRING_LENGTH			 129
-#define ASN1_R_INVALID_DIGIT				 130
-#define ASN1_R_INVALID_SEPARATOR			 131
-#define ASN1_R_INVALID_TIME_FORMAT			 132
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH		 133
-#define ASN1_R_INVALID_UTF8STRING			 134
-#define ASN1_R_IV_TOO_LARGE				 135
-#define ASN1_R_LENGTH_ERROR				 136
-#define ASN1_R_MISSING_EOC				 137
-#define ASN1_R_MISSING_SECOND_NUMBER			 138
-#define ASN1_R_MSTRING_NOT_UNIVERSAL			 139
-#define ASN1_R_MSTRING_WRONG_TAG			 140
-#define ASN1_R_NON_HEX_CHARACTERS			 141
-#define ASN1_R_NOT_ENOUGH_DATA				 142
-#define ASN1_R_NO_MATCHING_CHOICE_TYPE			 143
-#define ASN1_R_NULL_IS_WRONG_LENGTH			 144
-#define ASN1_R_ODD_NUMBER_OF_CHARS			 145
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 146
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 147
-#define ASN1_R_SEQUENCE_LENGTH_MISMATCH			 148
-#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED			 149
-#define ASN1_R_SHORT_LINE				 150
-#define ASN1_R_STRING_TOO_LONG				 151
-#define ASN1_R_STRING_TOO_SHORT				 152
-#define ASN1_R_TAG_VALUE_TOO_HIGH			 153
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-#define ASN1_R_TOO_LONG					 155
-#define ASN1_R_TYPE_NOT_CONSTRUCTED			 156
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 158
-#define ASN1_R_UNEXPECTED_EOC				 159
-#define ASN1_R_UNKNOWN_FORMAT				 160
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161
-#define ASN1_R_UNKNOWN_OBJECT_TYPE			 162
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 163
-#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE		 164
-#define ASN1_R_UNSUPPORTED_CIPHER			 165
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 166
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 167
-#define ASN1_R_WRONG_TAG				 168
-#define ASN1_R_WRONG_TYPE				 169
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/asn1/asn1_err.c b/crypto/openssl/crypto/asn1/asn1_err.c
deleted file mode 100644
index 094ec06fda08..000000000000
--- a/crypto/openssl/crypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/* crypto/asn1/asn1_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ASN1_str_functs[]=
-	{
-{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0),	"a2d_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0),	"a2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0),	"a2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0),	"a2i_ASN1_STRING"},
-{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0),	"ASN1_CHECK_TLEN"},
-{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0),	"ASN1_COLLATE_PRIMITIVE"},
-{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0),	"ASN1_COLLECT"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0),	"ASN1_d2i_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0),	"ASN1_D2I_EX_PRIMITIVE"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0),	"ASN1_d2i_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0),	"ASN1_DO_ADB"},
-{ERR_PACK(0,ASN1_F_ASN1_DUP,0),	"ASN1_dup"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0),	"ASN1_ENUMERATED_set"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0),	"ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0),	"ASN1_get_object"},
-{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0),	"ASN1_HEADER_new"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0),	"ASN1_i2d_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0),	"ASN1_i2d_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0),	"ASN1_INTEGER_set"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0),	"ASN1_INTEGER_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0),	"ASN1_ITEM_EX_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0),	"ASN1_item_new"},
-{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0),	"ASN1_mbstring_copy"},
-{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0),	"ASN1_OBJECT_new"},
-{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0),	"ASN1_pack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0),	"ASN1_PBE_SET"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0),	"ASN1_seq_pack"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0),	"ASN1_seq_unpack"},
-{ERR_PACK(0,ASN1_F_ASN1_SIGN,0),	"ASN1_sign"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),	"ASN1_STRING_TABLE_add"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),	"ASN1_STRING_type_new"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0),	"ASN1_TEMPLATE_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0),	"ASN1_TEMPLATE_EX_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0),	"ASN1_TEMPLATE_NEW"},
-{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0),	"ASN1_TIME_set"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),	"ASN1_TYPE_get_int_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),	"ASN1_TYPE_get_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0),	"ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),	"ASN1_verify"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0),	"BN_to_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),	"BN_to_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_COLLECT_DATA,0),	"COLLECT_DATA"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),	"D2I_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),	"d2i_ASN1_BOOLEAN"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),	"d2i_ASN1_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0),	"D2I_ASN1_GENERALIZEDTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0),	"d2i_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0),	"D2I_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0),	"d2i_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0),	"d2i_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),	"d2i_ASN1_type_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0),	"d2i_ASN1_UINTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),	"D2I_ASN1_UTCTIME"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0),	"d2i_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),	"D2I_NETSCAPE_RSA_2"},
-{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0),	"d2i_PrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0),	"d2i_PublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_X509,0),	"D2I_X509"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),	"D2I_X509_CINF"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),	"D2I_X509_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),	"d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),	"I2D_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),	"i2d_DSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),	"i2d_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),	"i2d_PrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),	"i2d_PublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0),	"i2d_RSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_LONG_C2I,0),	"LONG_C2I"},
-{ERR_PACK(0,ASN1_F_OID_MODULE_INIT,0),	"OID_MODULE_INIT"},
-{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0),	"PKCS5_pbe2_set"},
-{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),	"X509_CINF_NEW"},
-{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0),	"X509_CRL_add0_revoked"},
-{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0),	"X509_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),	"X509_NAME_NEW"},
-{ERR_PACK(0,ASN1_F_X509_NEW,0),	"X509_NEW"},
-{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0),	"X509_PKEY_new"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ASN1_str_reasons[]=
-	{
-{ASN1_R_ADDING_OBJECT                    ,"adding object"},
-{ASN1_R_AUX_ERROR                        ,"aux error"},
-{ASN1_R_BAD_CLASS                        ,"bad class"},
-{ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
-{ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
-{ASN1_R_BAD_TAG                          ,"bad tag"},
-{ASN1_R_BN_LIB                           ,"bn lib"},
-{ASN1_R_BOOLEAN_IS_WRONG_LENGTH          ,"boolean is wrong length"},
-{ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
-{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER  ,"cipher has no object identifier"},
-{ASN1_R_DATA_IS_WRONG                    ,"data is wrong"},
-{ASN1_R_DECODE_ERROR                     ,"decode error"},
-{ASN1_R_DECODING_ERROR                   ,"decoding error"},
-{ASN1_R_ENCODE_ERROR                     ,"encode error"},
-{ASN1_R_ERROR_GETTING_TIME               ,"error getting time"},
-{ASN1_R_ERROR_LOADING_SECTION            ,"error loading section"},
-{ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},
-{ASN1_R_ERROR_SETTING_CIPHER_PARAMS      ,"error setting cipher params"},
-{ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
-{ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
-{ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_TIME                 ,"expecting a time"},
-{ASN1_R_EXPLICIT_LENGTH_MISMATCH         ,"explicit length mismatch"},
-{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED     ,"explicit tag not constructed"},
-{ASN1_R_FIELD_MISSING                    ,"field missing"},
-{ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
-{ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
-{ASN1_R_ILLEGAL_CHARACTERS               ,"illegal characters"},
-{ASN1_R_ILLEGAL_NULL                     ,"illegal null"},
-{ASN1_R_ILLEGAL_OPTIONAL_ANY             ,"illegal optional any"},
-{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"},
-{ASN1_R_ILLEGAL_TAGGED_ANY               ,"illegal tagged any"},
-{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG       ,"integer too large for long"},
-{ASN1_R_INVALID_BMPSTRING_LENGTH         ,"invalid bmpstring length"},
-{ASN1_R_INVALID_DIGIT                    ,"invalid digit"},
-{ASN1_R_INVALID_SEPARATOR                ,"invalid separator"},
-{ASN1_R_INVALID_TIME_FORMAT              ,"invalid time format"},
-{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH   ,"invalid universalstring length"},
-{ASN1_R_INVALID_UTF8STRING               ,"invalid utf8string"},
-{ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
-{ASN1_R_LENGTH_ERROR                     ,"length error"},
-{ASN1_R_MISSING_EOC                      ,"missing eoc"},
-{ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
-{ASN1_R_MSTRING_NOT_UNIVERSAL            ,"mstring not universal"},
-{ASN1_R_MSTRING_WRONG_TAG                ,"mstring wrong tag"},
-{ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
-{ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
-{ASN1_R_NO_MATCHING_CHOICE_TYPE          ,"no matching choice type"},
-{ASN1_R_NULL_IS_WRONG_LENGTH             ,"null is wrong length"},
-{ASN1_R_ODD_NUMBER_OF_CHARS              ,"odd number of chars"},
-{ASN1_R_PRIVATE_KEY_HEADER_MISSING       ,"private key header missing"},
-{ASN1_R_SECOND_NUMBER_TOO_LARGE          ,"second number too large"},
-{ASN1_R_SEQUENCE_LENGTH_MISMATCH         ,"sequence length mismatch"},
-{ASN1_R_SEQUENCE_NOT_CONSTRUCTED         ,"sequence not constructed"},
-{ASN1_R_SHORT_LINE                       ,"short line"},
-{ASN1_R_STRING_TOO_LONG                  ,"string too long"},
-{ASN1_R_STRING_TOO_SHORT                 ,"string too short"},
-{ASN1_R_TAG_VALUE_TOO_HIGH               ,"tag value too high"},
-{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{ASN1_R_TOO_LONG                         ,"too long"},
-{ASN1_R_TYPE_NOT_CONSTRUCTED             ,"type not constructed"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_KEY         ,"unable to decode rsa key"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
-{ASN1_R_UNEXPECTED_EOC                   ,"unexpected eoc"},
-{ASN1_R_UNKNOWN_FORMAT                   ,"unknown format"},
-{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
-{ASN1_R_UNKNOWN_OBJECT_TYPE              ,"unknown object type"},
-{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE          ,"unknown public key type"},
-{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE  ,"unsupported any defined by type"},
-{ASN1_R_UNSUPPORTED_CIPHER               ,"unsupported cipher"},
-{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
-{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE      ,"unsupported public key type"},
-{ASN1_R_WRONG_TAG                        ,"wrong tag"},
-{ASN1_R_WRONG_TYPE                       ,"wrong type"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_ASN1_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
-		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/asn1/asn1_lib.c b/crypto/openssl/crypto/asn1/asn1_lib.c
deleted file mode 100644
index 0638870ab78f..000000000000
--- a/crypto/openssl/crypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,430 +0,0 @@
-/* crypto/asn1/asn1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
-static void asn1_put_length(unsigned char **pp, int length);
-const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
-
-int ASN1_check_infinite_end(unsigned char **p, long len)
-	{
-	/* If there is 0 or 1 byte left, the length check should pick
-	 * things up */
-	if (len <= 0)
-		return(1);
-	else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
-		{
-		(*p)+=2;
-		return(1);
-		}
-	return(0);
-	}
-
-
-int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
-	     long omax)
-	{
-	int i,ret;
-	long l;
-	unsigned char *p= *pp;
-	int tag,xclass,inf;
-	long max=omax;
-
-	if (!max) goto err;
-	ret=(*p&V_ASN1_CONSTRUCTED);
-	xclass=(*p&V_ASN1_PRIVATE);
-	i= *p&V_ASN1_PRIMITIVE_TAG;
-	if (i == V_ASN1_PRIMITIVE_TAG)
-		{		/* high-tag */
-		p++;
-		if (--max == 0) goto err;
-		l=0;
-		while (*p&0x80)
-			{
-			l<<=7L;
-			l|= *(p++)&0x7f;
-			if (--max == 0) goto err;
-			}
-		l<<=7L;
-		l|= *(p++)&0x7f;
-		tag=(int)l;
-		}
-	else
-		{ 
-		tag=i;
-		p++;
-		if (--max == 0) goto err;
-		}
-	*ptag=tag;
-	*pclass=xclass;
-	if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
-
-#if 0
-	fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n", 
-		(int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
-		(int)(omax+ *pp));
-
-#endif
-	if (*plength > (omax - (p - *pp)))
-		{
-		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
-		/* Set this so that even if things are not long enough
-		 * the values are set correctly */
-		ret|=0x80;
-		}
-	*pp=p;
-	return(ret|inf);
-err:
-	ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
-	return(0x80);
-	}
-
-static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
-	{
-	unsigned char *p= *pp;
-	unsigned long ret=0;
-	int i;
-
-	if (max-- < 1) return(0);
-	if (*p == 0x80)
-		{
-		*inf=1;
-		ret=0;
-		p++;
-		}
-	else
-		{
-		*inf=0;
-		i= *p&0x7f;
-		if (*(p++) & 0x80)
-			{
-			if (i > sizeof(long))
-				return 0;
-			if (max-- == 0) return(0);
-			while (i-- > 0)
-				{
-				ret<<=8L;
-				ret|= *(p++);
-				if (max-- == 0) return(0);
-				}
-			}
-		else
-			ret=i;
-		}
-	if (ret > LONG_MAX)
-		return 0;
-	*pp=p;
-	*rl=(long)ret;
-	return(1);
-	}
-
-/* class 0 is constructed
- * constructed == 2 for indefinite length constructed */
-void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
-	     int xclass)
-	{
-	unsigned char *p= *pp;
-	int i, ttag;
-
-	i=(constructed)?V_ASN1_CONSTRUCTED:0;
-	i|=(xclass&V_ASN1_PRIVATE);
-	if (tag < 31)
-		*(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
-	else
-		{
-		*(p++)=i|V_ASN1_PRIMITIVE_TAG;
-		for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
-		ttag = i;
-		while(i-- > 0)
-			{
-			p[i] = tag & 0x7f;
-			if(i != (ttag - 1)) p[i] |= 0x80;
-			tag >>= 7;
-			}
-		p += ttag;
-		}
-	if ((constructed == 2) && (length == 0))
-		*(p++)=0x80; /* der_put_length would output 0 instead */
-	else
-		asn1_put_length(&p,length);
-	*pp=p;
-	}
-
-static void asn1_put_length(unsigned char **pp, int length)
-	{
-	unsigned char *p= *pp;
-	int i,l;
-	if (length <= 127)
-		*(p++)=(unsigned char)length;
-	else
-		{
-		l=length;
-		for (i=0; l > 0; i++)
-			l>>=8;
-		*(p++)=i|0x80;
-		l=i;
-		while (i-- > 0)
-			{
-			p[i]=length&0xff;
-			length>>=8;
-			}
-		p+=l;
-		}
-	*pp=p;
-	}
-
-int ASN1_object_size(int constructed, int length, int tag)
-	{
-	int ret;
-
-	ret=length;
-	ret++;
-	if (tag >= 31)
-		{
-		while (tag > 0)
-			{
-			tag>>=7;
-			ret++;
-			}
-		}
-	if ((length == 0) && (constructed == 2))
-		ret+=2;
-	ret++;
-	if (length > 127)
-		{
-		while (length > 0)
-			{
-			length>>=8;
-			ret++;
-			}
-		}
-	return(ret);
-	}
-
-int asn1_Finish(ASN1_CTX *c)
-	{
-	if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
-		{
-		if (!ASN1_check_infinite_end(&c->p,c->slen))
-			{
-			c->error=ERR_R_MISSING_ASN1_EOS;
-			return(0);
-			}
-		}
-	if (	((c->slen != 0) && !(c->inf & 1)) ||
-		((c->slen < 0) && (c->inf & 1)))
-		{
-		c->error=ERR_R_ASN1_LENGTH_MISMATCH;
-		return(0);
-		}
-	return(1);
-	}
-
-int asn1_GetSequence(ASN1_CTX *c, long *length)
-	{
-	unsigned char *q;
-
-	q=c->p;
-	c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
-		*length);
-	if (c->inf & 0x80)
-		{
-		c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
-		return(0);
-		}
-	if (c->tag != V_ASN1_SEQUENCE)
-		{
-		c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
-		return(0);
-		}
-	(*length)-=(c->p-q);
-	if (c->max && (*length < 0))
-		{
-		c->error=ERR_R_ASN1_LENGTH_MISMATCH;
-		return(0);
-		}
-	if (c->inf == (1|V_ASN1_CONSTRUCTED))
-		c->slen= *length+ *(c->pp)-c->p;
-	c->eos=0;
-	return(1);
-	}
-
-ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
-	{
-	ASN1_STRING *ret;
-
-	if (str == NULL) return(NULL);
-	if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
-		return(NULL);
-	if (!ASN1_STRING_set(ret,str->data,str->length))
-		{
-		ASN1_STRING_free(ret);
-		return(NULL);
-		}
-	ret->flags = str->flags;
-	return(ret);
-	}
-
-int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
-	{
-	unsigned char *c;
-	const char *data=_data;
-
-	if (len < 0)
-		{
-		if (data == NULL)
-			return(0);
-		else
-			len=strlen(data);
-		}
-	if ((str->length < len) || (str->data == NULL))
-		{
-		c=str->data;
-		if (c == NULL)
-			str->data=OPENSSL_malloc(len+1);
-		else
-			str->data=OPENSSL_realloc(c,len+1);
-
-		if (str->data == NULL)
-			{
-			str->data=c;
-			return(0);
-			}
-		}
-	str->length=len;
-	if (data != NULL)
-		{
-		memcpy(str->data,data,len);
-		/* an allowance for strings :-) */
-		str->data[len]='\0';
-		}
-	return(1);
-	}
-
-ASN1_STRING *ASN1_STRING_new(void)
-	{
-	return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
-	}
-
-
-ASN1_STRING *ASN1_STRING_type_new(int type)
-	{
-	ASN1_STRING *ret;
-
-	ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->length=0;
-	ret->type=type;
-	ret->data=NULL;
-	ret->flags=0;
-	return(ret);
-	}
-
-void ASN1_STRING_free(ASN1_STRING *a)
-	{
-	if (a == NULL) return;
-	if (a->data != NULL) OPENSSL_free(a->data);
-	OPENSSL_free(a);
-	}
-
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
-	{
-	int i;
-
-	i=(a->length-b->length);
-	if (i == 0)
-		{
-		i=memcmp(a->data,b->data,a->length);
-		if (i == 0)
-			return(a->type-b->type);
-		else
-			return(i);
-		}
-	else
-		return(i);
-	}
-
-void asn1_add_error(unsigned char *address, int offset)
-	{
-	char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
-
-	sprintf(buf1,"%lu",(unsigned long)address);
-	sprintf(buf2,"%d",offset);
-	ERR_add_error_data(4,"address=",buf1," offset=",buf2);
-	}
-
-int ASN1_STRING_length(ASN1_STRING *x)
-{ return M_ASN1_STRING_length(x); }
-
-void ASN1_STRING_length_set(ASN1_STRING *x, int len)
-{ M_ASN1_STRING_length_set(x, len); return; }
-
-int ASN1_STRING_type(ASN1_STRING *x)
-{ return M_ASN1_STRING_type(x); }
-
-unsigned char * ASN1_STRING_data(ASN1_STRING *x)
-{ return M_ASN1_STRING_data(x); }
diff --git a/crypto/openssl/crypto/asn1/asn1_mac.h b/crypto/openssl/crypto/asn1/asn1_mac.h
deleted file mode 100644
index a48649ceeb32..000000000000
--- a/crypto/openssl/crypto/asn1/asn1_mac.h
+++ /dev/null
@@ -1,560 +0,0 @@
-/* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-#define HEADER_ASN1_MAC_H
-
-#include <openssl/asn1.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifndef ASN1_MAC_ERR_LIB
-#define ASN1_MAC_ERR_LIB	ERR_LIB_ASN1
-#endif 
-
-#define ASN1_MAC_H_err(f,r,line) \
-	ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-
-#define M_ASN1_D2I_vars(a,type,func) \
-	ASN1_CTX c; \
-	type ret=NULL; \
-	\
-	c.pp=(unsigned char **)pp; \
-	c.q= *(unsigned char **)pp; \
-	c.error=ERR_R_NESTED_ASN1_ERROR; \
-	if ((a == NULL) || ((*a) == NULL)) \
-		{ if ((ret=(type)func()) == NULL) \
-			{ c.line=__LINE__; goto err; } } \
-	else	ret=(*a);
-
-#define M_ASN1_D2I_Init() \
-	c.p= *(unsigned char **)pp; \
-	c.max=(length == 0)?0:(c.p+length);
-
-#define M_ASN1_D2I_Finish_2(a) \
-	if (!asn1_Finish(&c)) \
-		{ c.line=__LINE__; goto err; } \
-	*(unsigned char **)pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret);
-
-#define M_ASN1_D2I_Finish(a,func,e) \
-	M_ASN1_D2I_Finish_2(a); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_start_sequence() \
-	if (!asn1_GetSequence(&c,&length)) \
-		{ c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-#define M_ASN1_D2I_begin() \
-	c.slen = length;
-
-/* End reading ASN1 with no check on length */
-#define M_ASN1_D2I_Finish_nolen(a, func, e) \
-	*pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_end_sequence() \
-	(((c.inf&1) == 0)?(c.slen <= 0): \
-		(c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b,func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-/* use this instead () */
-#define M_ASN1_D2I_get_int(b,func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) < 0) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_opt(b,func,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-		== (V_ASN1_UNIVERSAL|(type)))) \
-		{ \
-		M_ASN1_D2I_get(b,func); \
-		}
-
-#define M_ASN1_D2I_get_imp(b,func, type) \
-	M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
-	c.slen-=(c.p-c.q);\
-	M_ASN1_next_prev=_tmp;
-
-#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
-		(V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
-		{ \
-		unsigned char _tmp = M_ASN1_next; \
-		M_ASN1_D2I_get_imp(b,func, type);\
-		}
-
-#define M_ASN1_D2I_get_set(r,func,free_func) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func, \
-			V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
-			V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-		{ M_ASN1_D2I_get_set(r,func,free_func); }
-
-#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-		{ M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-#define M_ASN1_I2D_len_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_len_SET(a,f);
-
-#define M_ASN1_I2D_put_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SET(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
-	if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
-	if ((c.slen != 0) && \
-		(M_ASN1_next == \
-		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-		{ \
-		M_ASN1_D2I_get_imp_set(b,func,free_func,\
-			tag,V_ASN1_CONTEXT_SPECIFIC); \
-		}
-
-#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
-	if ((c.slen != 0) && \
-		(M_ASN1_next == \
-		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-		{ \
-		M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
-			tag,V_ASN1_CONTEXT_SPECIFIC); \
-		}
-
-#define M_ASN1_D2I_get_seq(r,func,free_func) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func,\
-			V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-					    V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-		{ M_ASN1_D2I_get_seq(r,func,free_func); }
-
-#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-		{ M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func,\
-			x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-			x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
-		(void (*)())free_func,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
-				   free_func,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
-	if ((c.slen != 0L) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (func(&(r),&c.p,Tlen) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
-	if ((c.slen != 0) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
-			(void (*)())free_func, \
-			b,V_ASN1_UNIVERSAL) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
-	if ((c.slen != 0) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
-			free_func,b,V_ASN1_UNIVERSAL) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-/* New macros */
-#define M_ASN1_New_Malloc(ret,type) \
-	if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
-		{ c.line=__LINE__; goto err2; }
-
-#define M_ASN1_New(arg,func) \
-	if (((arg)=func()) == NULL) return(NULL)
-
-#define M_ASN1_New_Error(a) \
-/*	err:	ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
-		return(NULL);*/ \
-	err2:	ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
-		return(NULL)
-
-
-#define M_ASN1_next		(*c.p)
-#define M_ASN1_next_prev	(*c.q)
-
-/*************************************************/
-
-#define M_ASN1_I2D_vars(a)	int r=0,ret=0; \
-				unsigned char *p; \
-				if (a == NULL) return(0)
-
-/* Length Macros */
-#define M_ASN1_I2D_len(a,f)	ret+=f(a,NULL)
-#define M_ASN1_I2D_len_IMP_opt(a,f)	if (a != NULL) M_ASN1_I2D_len(a,f)
-
-#define M_ASN1_I2D_len_SET(a,f) \
-		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SET_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
-					    V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SEQUENCE(a,f) \
-		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-				  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
-					    V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
-		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					    V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-					  IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					       V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
-		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-					  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-						    V_ASN1_CONTEXT_SPECIFIC, \
-						    IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
-		if (a != NULL)\
-			{ \
-			v=f(a,NULL); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
-				       IS_SEQUENCE); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
-						 V_ASN1_UNIVERSAL, \
-						 IS_SEQUENCE); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-/* Put Macros */
-#define M_ASN1_I2D_put(a,f)	f(a,&p)
-
-#define M_ASN1_I2D_put_IMP_opt(a,f,t)	\
-		if (a != NULL) \
-			{ \
-			unsigned char *q=p; \
-			f(a,&p); \
-			*q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
-			}
-
-#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
-			V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_SET_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-			V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-			V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
-					     V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-			    IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				       IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				       IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
-		if (a != NULL) \
-			{ \
-			ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
-			f(a,&p); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
-					       IS_SEQUENCE); \
-			}
-
-#define M_ASN1_I2D_seq_total() \
-		r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
-		if (pp == NULL) return(r); \
-		p= *pp; \
-		ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
-		*(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
-		*(p++)=0x80
-
-#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-#define M_ASN1_I2D_finish()	*pp=p; \
-				return(r);
-
-int asn1_GetSequence(ASN1_CTX *c, long *length);
-void asn1_add_error(unsigned char *address,int offset);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/asn1_par.c b/crypto/openssl/crypto/asn1/asn1_par.c
deleted file mode 100644
index e48532a24dc7..000000000000
--- a/crypto/openssl/crypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/* crypto/asn1/asn1_par.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
-	int indent);
-static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
-	int offset, int depth, int indent, int dump);
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
-	     int indent)
-	{
-	static const char fmt[]="%-18s";
-	static const char fmt2[]="%2d %-15s";
-	char str[128];
-	const char *p,*p2=NULL;
-
-	if (constructed & V_ASN1_CONSTRUCTED)
-		p="cons: ";
-	else
-		p="prim: ";
-	if (BIO_write(bp,p,6) < 6) goto err;
-	BIO_indent(bp,indent,128);
-
-	p=str;
-	if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
-		sprintf(str,"priv [ %d ] ",tag);
-	else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
-		sprintf(str,"cont [ %d ]",tag);
-	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
-		sprintf(str,"appl [ %d ]",tag);
-	else p = ASN1_tag2str(tag);
-
-	if (p2 != NULL)
-		{
-		if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
-		}
-	else
-		{
-		if (BIO_printf(bp,fmt,p) <= 0) goto err;
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent)
-	{
-	return(asn1_parse2(bp,&pp,len,0,0,indent,0));
-	}
-
-int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump)
-	{
-	return(asn1_parse2(bp,&pp,len,0,0,indent,dump));
-	}
-
-static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
-	     int depth, int indent, int dump)
-	{
-	unsigned char *p,*ep,*tot,*op,*opp;
-	long len;
-	int tag,xclass,ret=0;
-	int nl,hl,j,r;
-	ASN1_OBJECT *o=NULL;
-	ASN1_OCTET_STRING *os=NULL;
-	/* ASN1_BMPSTRING *bmp=NULL;*/
-	int dump_indent;
-
-#if 0
-	dump_indent = indent;
-#else
-	dump_indent = 6;	/* Because we know BIO_dump_indent() */
-#endif
-	p= *pp;
-	tot=p+length;
-	op=p-1;
-	while ((p < tot) && (op < p))
-		{
-		op=p;
-		j=ASN1_get_object(&p,&len,&tag,&xclass,length);
-#ifdef LINT
-		j=j;
-#endif
-		if (j & 0x80)
-			{
-			if (BIO_write(bp,"Error in encoding\n",18) <= 0)
-				goto end;
-			ret=0;
-			goto end;
-			}
-		hl=(p-op);
-		length-=hl;
-		/* if j == 0x21 it is a constructed indefinite length object */
-		if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
-			<= 0) goto end;
-
-		if (j != (V_ASN1_CONSTRUCTED | 1))
-			{
-			if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
-				depth,(long)hl,len) <= 0)
-				goto end;
-			}
-		else
-			{
-			if (BIO_printf(bp,"d=%-2d hl=%ld l=inf  ",
-				depth,(long)hl) <= 0)
-				goto end;
-			}
-		if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
-			goto end;
-		if (j & V_ASN1_CONSTRUCTED)
-			{
-			ep=p+len;
-			if (BIO_write(bp,"\n",1) <= 0) goto end;
-			if (len > length)
-				{
-				BIO_printf(bp,
-					"length is greater than %ld\n",length);
-				ret=0;
-				goto end;
-				}
-			if ((j == 0x21) && (len == 0))
-				{
-				for (;;)
-					{
-					r=asn1_parse2(bp,&p,(long)(tot-p),
-						offset+(p - *pp),depth+1,
-						indent,dump);
-					if (r == 0) { ret=0; goto end; }
-					if ((r == 2) || (p >= tot)) break;
-					}
-				}
-			else
-				while (p < ep)
-					{
-					r=asn1_parse2(bp,&p,(long)len,
-						offset+(p - *pp),depth+1,
-						indent,dump);
-					if (r == 0) { ret=0; goto end; }
-					}
-			}
-		else if (xclass != 0)
-			{
-			p+=len;
-			if (BIO_write(bp,"\n",1) <= 0) goto end;
-			}
-		else
-			{
-			nl=0;
-			if (	(tag == V_ASN1_PRINTABLESTRING) ||
-				(tag == V_ASN1_T61STRING) ||
-				(tag == V_ASN1_IA5STRING) ||
-				(tag == V_ASN1_VISIBLESTRING) ||
-				(tag == V_ASN1_UTCTIME) ||
-				(tag == V_ASN1_GENERALIZEDTIME))
-				{
-				if (BIO_write(bp,":",1) <= 0) goto end;
-				if ((len > 0) &&
-					BIO_write(bp,(char *)p,(int)len)
-					!= (int)len)
-					goto end;
-				}
-			else if (tag == V_ASN1_OBJECT)
-				{
-				opp=op;
-				if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
-					{
-					if (BIO_write(bp,":",1) <= 0) goto end;
-					i2a_ASN1_OBJECT(bp,o);
-					}
-				else
-					{
-					if (BIO_write(bp,":BAD OBJECT",11) <= 0)
-						goto end;
-					}
-				}
-			else if (tag == V_ASN1_BOOLEAN)
-				{
-				int ii;
-
-				opp=op;
-				ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
-				if (ii < 0)
-					{
-					if (BIO_write(bp,"Bad boolean\n",12))
-						goto end;
-					}
-				BIO_printf(bp,":%d",ii);
-				}
-			else if (tag == V_ASN1_BMPSTRING)
-				{
-				/* do the BMP thang */
-				}
-			else if (tag == V_ASN1_OCTET_STRING)
-				{
-				int i,printable=1;
-
-				opp=op;
-				os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
-				if (os != NULL)
-					{
-					opp=os->data;
-					for (i=0; i<os->length; i++)
-						{
-						if ((	(opp[i] < ' ') &&
-							(opp[i] != '\n') &&
-							(opp[i] != '\r') &&
-							(opp[i] != '\t')) ||
-							(opp[i] > '~'))
-							{
-							printable=0;
-							break;
-							}
-						}
-					if (printable && (os->length > 0))
-						{
-						if (BIO_write(bp,":",1) <= 0)
-							goto end;
-						if (BIO_write(bp,(char *)opp,
-							os->length) <= 0)
-							goto end;
-						}
-					if (!printable && (os->length > 0)
-						&& dump)
-						{
-						if (!nl) 
-							{
-							if (BIO_write(bp,"\n",1) <= 0)
-								goto end;
-							}
-						if (BIO_dump_indent(bp,(char *)opp,
-							((dump == -1 || dump > os->length)?os->length:dump),
-							dump_indent) <= 0)
-							goto end;
-						nl=1;
-						}
-					M_ASN1_OCTET_STRING_free(os);
-					os=NULL;
-					}
-				}
-			else if (tag == V_ASN1_INTEGER)
-				{
-				ASN1_INTEGER *bs;
-				int i;
-
-				opp=op;
-				bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
-				if (bs != NULL)
-					{
-					if (BIO_write(bp,":",1) <= 0) goto end;
-					if (bs->type == V_ASN1_NEG_INTEGER)
-						if (BIO_write(bp,"-",1) <= 0)
-							goto end;
-					for (i=0; i<bs->length; i++)
-						{
-						if (BIO_printf(bp,"%02X",
-							bs->data[i]) <= 0)
-							goto end;
-						}
-					if (bs->length == 0)
-						{
-						if (BIO_write(bp,"00",2) <= 0)
-							goto end;
-						}
-					}
-				else
-					{
-					if (BIO_write(bp,"BAD INTEGER",11) <= 0)
-						goto end;
-					}
-				M_ASN1_INTEGER_free(bs);
-				}
-			else if (tag == V_ASN1_ENUMERATED)
-				{
-				ASN1_ENUMERATED *bs;
-				int i;
-
-				opp=op;
-				bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
-				if (bs != NULL)
-					{
-					if (BIO_write(bp,":",1) <= 0) goto end;
-					if (bs->type == V_ASN1_NEG_ENUMERATED)
-						if (BIO_write(bp,"-",1) <= 0)
-							goto end;
-					for (i=0; i<bs->length; i++)
-						{
-						if (BIO_printf(bp,"%02X",
-							bs->data[i]) <= 0)
-							goto end;
-						}
-					if (bs->length == 0)
-						{
-						if (BIO_write(bp,"00",2) <= 0)
-							goto end;
-						}
-					}
-				else
-					{
-					if (BIO_write(bp,"BAD ENUMERATED",11) <= 0)
-						goto end;
-					}
-				M_ASN1_ENUMERATED_free(bs);
-				}
-			else if (len > 0 && dump)
-				{
-				if (!nl) 
-					{
-					if (BIO_write(bp,"\n",1) <= 0)
-						goto end;
-					}
-				if (BIO_dump_indent(bp,(char *)p,
-					((dump == -1 || dump > len)?len:dump),
-					dump_indent) <= 0)
-					goto end;
-				nl=1;
-				}
-
-			if (!nl) 
-				{
-				if (BIO_write(bp,"\n",1) <= 0) goto end;
-				}
-			p+=len;
-			if ((tag == V_ASN1_EOC) && (xclass == 0))
-				{
-				ret=2; /* End of sequence */
-				goto end;
-				}
-			}
-		length-=len;
-		}
-	ret=1;
-end:
-	if (o != NULL) ASN1_OBJECT_free(o);
-	if (os != NULL) M_ASN1_OCTET_STRING_free(os);
-	*pp=p;
-	return(ret);
-	}
-
-const char *ASN1_tag2str(int tag)
-{
-	const static char *tag2str[] = {
-	 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
-	 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
-	 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", 	    /* 10-13 */
-	"<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", 		    /* 15-17 */
-	"NUMERICSTRING", "PRINTABLESTRING", "T61STRING",	    /* 18-20 */
-	"VIDEOTEXSTRING", "IA5STRING", "UTCTIME","GENERALIZEDTIME", /* 21-24 */
-	"GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",	    /* 25-27 */
-	"UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"		    /* 28-30 */
-	};
-
-	if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
-							tag &= ~0x100;
-
-	if(tag < 0 || tag > 30) return "(unknown)";
-	return tag2str[tag];
-}
-
diff --git a/crypto/openssl/crypto/asn1/asn1t.h b/crypto/openssl/crypto/asn1/asn1t.h
deleted file mode 100644
index ed372f855413..000000000000
--- a/crypto/openssl/crypto/asn1/asn1t.h
+++ /dev/null
@@ -1,846 +0,0 @@
-/* asn1t.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
-
-#include <stddef.h>
-#include <openssl/e_os2.h>
-#include <openssl/asn1.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-/* ASN1 template defines, structures and functions */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#define ASN1_ITEM_start(itname) \
-	OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
-
-#define ASN1_ITEM_end(itname) \
-		};
-
-#else
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
-
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#define ASN1_ITEM_start(itname) \
-	const ASN1_ITEM * itname##_it(void) \
-	{ \
-		static const ASN1_ITEM local_it = { \
-
-#define ASN1_ITEM_end(itname) \
-		}; \
-	return &local_it; \
-	}
-
-#endif
-
-
-/* Macros to aid ASN1 template writing */
-
-#define ASN1_ITEM_TEMPLATE(tname) \
-	const static ASN1_TEMPLATE tname##_item_tt 
-
-#define ASN1_ITEM_TEMPLATE_END(tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_PRIMITIVE,\
-		-1,\
-		&tname##_item_tt,\
-		0,\
-		NULL,\
-		0,\
-		#tname \
-	ASN1_ITEM_end(tname)
-
-
-/* This is a ASN1 type which just embeds a template */
- 
-/* This pair helps declare a SEQUENCE. We can do:
- *
- * 	ASN1_SEQUENCE(stname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END(stname)
- *
- * 	This will produce an ASN1_ITEM called stname_it
- *	for a structure called stname.
- *
- * 	If you want the same structure but a different
- *	name then use:
- *
- * 	ASN1_SEQUENCE(itname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END_name(stname, itname)
- *
- *	This will create an item called itname_it using
- *	a structure called stname.
- */
-
-#define ASN1_SEQUENCE(tname) \
-	const static ASN1_TEMPLATE tname##_seq_tt[] 
-
-#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-
-#define ASN1_SEQUENCE_END_name(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_SEQUENCE_cb(tname, cb) \
-	const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_BROKEN_SEQUENCE(tname) \
-	const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_ref(tname, cb, lck) \
-	const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_enc(tname, enc, cb) \
-	const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-
-#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_ref(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-
-/* This pair helps declare a CHOICE type. We can do:
- *
- * 	ASN1_CHOICE(chname) = {
- * 		... CHOICE options ...
- * 	ASN1_CHOICE_END(chname)
- *
- * 	This will produce an ASN1_ITEM called chname_it
- *	for a structure called chname. The structure
- *	definition must look like this:
- *	typedef struct {
- *		int type;
- *		union {
- *			ASN1_SOMETHING *opt1;
- *			ASN1_SOMEOTHER *opt2;
- *		} value;
- *	} chname;
- *	
- *	the name of the selector must be 'type'.
- * 	to use an alternative selector name use the
- *      ASN1_CHOICE_END_selector() version.
- */
-
-#define ASN1_CHOICE(tname) \
-	const static ASN1_TEMPLATE tname##_ch_tt[] 
-
-#define ASN1_CHOICE_cb(tname, cb) \
-	const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_CHOICE(tname)
-
-#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-
-#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-
-#define ASN1_CHOICE_END_selector(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_CHOICE_END_cb(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-/* This helps with the template wrapper form of ASN1_ITEM */
-
-#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
-	(flags), (tag), 0,\
-	#name, ASN1_ITEM_ref(type) }
-
-/* These help with SEQUENCE or CHOICE components */
-
-/* used to declare other types */
-
-#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
-	(flags), (tag), offsetof(stname, field),\
-	#field, ASN1_ITEM_ref(type) }
-
-/* used when the structure is combined with the parent */
-
-#define ASN1_EX_COMBINE(flags, tag, type) { \
-	(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
-/* implicit and explicit helper macros */
-
-#define ASN1_IMP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-
-#define ASN1_EXP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
-
-/* Any defined by macros: the field used is in the table itself */
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#else
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
-#endif
-/* Plain simple type */
-#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
-
-/* OPTIONAL simple type */
-#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* IMPLICIT tagged simple type */
-#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
-
-/* IMPLICIT tagged OPTIONAL simple type */
-#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* Same as above but EXPLICIT */
-
-#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* SEQUENCE OF type */
-#define ASN1_SEQUENCE_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
-
-/* OPTIONAL SEQUENCE OF */
-#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Same as above but for SET OF */
-
-#define ASN1_SET_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-
-#define ASN1_SET_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-
-#define ASN1_IMP_SET_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_EXP_SET_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-/* Macros for the ASN1_ADB structure */
-
-#define ASN1_ADB(name) \
-	const static ASN1_ADB_TABLE name##_adbtbl[] 
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-	;\
-	const static ASN1_ADB name##_adb = {\
-		flags,\
-		offsetof(name, field),\
-		app_table,\
-		name##_adbtbl,\
-		sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-		def,\
-		none\
-	}
-
-#else
-
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-	;\
-	const static ASN1_ITEM *name##_adb(void) \
-	{ \
-	const static ASN1_ADB internal_adb = \
-		{\
-		flags,\
-		offsetof(name, field),\
-		app_table,\
-		name##_adbtbl,\
-		sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-		def,\
-		none\
-		}; \
-		return (const ASN1_ITEM *) &internal_adb; \
-	} \
-	void dummy_function(void)
-
-#endif
-
-#define ADB_ENTRY(val, template) {val, template}
-
-#define ASN1_ADB_TEMPLATE(name) \
-	const static ASN1_TEMPLATE name##_tt 
-
-/* This is the ASN1 template structure that defines
- * a wrapper round the actual type. It determines the
- * actual position of the field in the value structure,
- * various flags such as OPTIONAL and the field name.
- */
-
-struct ASN1_TEMPLATE_st {
-unsigned long flags;		/* Various flags */
-long tag;			/* tag, not used if no tagging */
-unsigned long offset;		/* Offset of this field in structure */
-#ifndef NO_ASN1_FIELD_NAMES
-char *field_name;		/* Field name */
-#endif
-ASN1_ITEM_EXP *item;		/* Relevant ASN1_ITEM or ASN1_ADB */
-};
-
-/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-
-#define ASN1_TEMPLATE_item(t) (t->item_ptr)
-#define ASN1_TEMPLATE_adb(t) (t->item_ptr)
-
-typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
-typedef struct ASN1_ADB_st ASN1_ADB;
-
-struct ASN1_ADB_st {
-	unsigned long flags;	/* Various flags */
-	unsigned long offset;	/* Offset of selector field */
-	STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
-	const ASN1_ADB_TABLE *tbl;	/* Table of possible types */
-	long tblcount;		/* Number of entries in tbl */
-	const ASN1_TEMPLATE *default_tt;  /* Type to use if no match */
-	const ASN1_TEMPLATE *null_tt;  /* Type to use if selector is NULL */
-};
-
-struct ASN1_ADB_TABLE_st {
-	long value;		/* NID for an object or value for an int */
-	const ASN1_TEMPLATE tt;		/* item for this value */
-};
-
-/* template flags */
-
-/* Field is optional */
-#define ASN1_TFLG_OPTIONAL	(0x1)
-
-/* Field is a SET OF */
-#define ASN1_TFLG_SET_OF	(0x1 << 1)
-
-/* Field is a SEQUENCE OF */
-#define ASN1_TFLG_SEQUENCE_OF	(0x2 << 1)
-
-/* Special case: this refers to a SET OF that
- * will be sorted into DER order when encoded *and*
- * the corresponding STACK will be modified to match
- * the new order.
- */
-#define ASN1_TFLG_SET_ORDER	(0x3 << 1)
-
-/* Mask for SET OF or SEQUENCE OF */
-#define ASN1_TFLG_SK_MASK	(0x3 << 1)
-
-/* These flags mean the tag should be taken from the
- * tag field. If EXPLICIT then the underlying type
- * is used for the inner tag.
- */
-
-/* IMPLICIT tagging */
-#define ASN1_TFLG_IMPTAG	(0x1 << 3)
-
-
-/* EXPLICIT tagging, inner tag from underlying type */
-#define ASN1_TFLG_EXPTAG	(0x2 << 3)
-
-#define ASN1_TFLG_TAG_MASK	(0x3 << 3)
-
-/* context specific IMPLICIT */
-#define ASN1_TFLG_IMPLICIT	ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
-
-/* context specific EXPLICIT */
-#define ASN1_TFLG_EXPLICIT	ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-
-/* If tagging is in force these determine the
- * type of tag to use. Otherwise the tag is
- * determined by the underlying type. These 
- * values reflect the actual octet format.
- */
-
-/* Universal tag */ 
-#define ASN1_TFLG_UNIVERSAL	(0x0<<6)
-/* Application tag */ 
-#define ASN1_TFLG_APPLICATION	(0x1<<6)
-/* Context specific tag */ 
-#define ASN1_TFLG_CONTEXT	(0x2<<6)
-/* Private tag */ 
-#define ASN1_TFLG_PRIVATE	(0x3<<6)
-
-#define ASN1_TFLG_TAG_CLASS	(0x3<<6)
-
-/* These are for ANY DEFINED BY type. In this case
- * the 'item' field points to an ASN1_ADB structure
- * which contains a table of values to decode the
- * relevant type
- */
-
-#define ASN1_TFLG_ADB_MASK	(0x3<<8)
-
-#define ASN1_TFLG_ADB_OID	(0x1<<8)
-
-#define ASN1_TFLG_ADB_INT	(0x1<<9)
-
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-#define ASN1_TFLG_COMBINE	(0x1<<10)
-
-/* This is the actual ASN1 item itself */
-
-struct ASN1_ITEM_st {
-char itype;			/* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype;			/* underlying type */
-const ASN1_TEMPLATE *templates;	/* If SEQUENCE or CHOICE this contains the contents */
-long tcount;			/* Number of templates if SEQUENCE or CHOICE */
-const void *funcs;		/* functions that handle this type */
-long size;			/* Structure size (usually)*/
-#ifndef NO_ASN1_FIELD_NAMES
-const char *sname;		/* Structure name */
-#endif
-};
-
-/* These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single 
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions. 
- *
- * For COMPAT types the funcs field gives a
- * set of functions that handle this type, this
- * supports the old d2i, i2d convention.
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- */
-
-#define ASN1_ITYPE_PRIMITIVE	0x0
-
-#define ASN1_ITYPE_SEQUENCE	0x1
-
-#define ASN1_ITYPE_CHOICE	0x2
-
-#define ASN1_ITYPE_COMPAT	0x3
-
-#define ASN1_ITYPE_EXTERN	0x4
-
-#define ASN1_ITYPE_MSTRING	0x5
-
-/* Cache for ASN1 tag and length, so we
- * don't keep re-reading it for things
- * like CHOICE
- */
-
-struct ASN1_TLC_st{
-	char valid;	/* Values below are valid */
-	int ret;	/* return value */
-	long plen;	/* length */
-	int ptag;	/* class value */
-	int pclass;	/* class value */
-	int hdrlen;	/* header length */
-};
-
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE * ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-typedef struct ASN1_COMPAT_FUNCS_st {
-	ASN1_new_func *asn1_new;
-	ASN1_free_func *asn1_free;
-	ASN1_d2i_func *asn1_d2i;
-	ASN1_i2d_func *asn1_i2d;
-} ASN1_COMPAT_FUNCS;
-
-typedef struct ASN1_EXTERN_FUNCS_st {
-	void *app_data;
-	ASN1_ex_new_func *asn1_ex_new;
-	ASN1_ex_free_func *asn1_ex_free;
-	ASN1_ex_free_func *asn1_ex_clear;
-	ASN1_ex_d2i *asn1_ex_d2i;
-	ASN1_ex_i2d *asn1_ex_i2d;
-} ASN1_EXTERN_FUNCS;
-
-typedef struct ASN1_PRIMITIVE_FUNCS_st {
-	void *app_data;
-	unsigned long flags;
-	ASN1_ex_new_func *prim_new;
-	ASN1_ex_free_func *prim_free;
-	ASN1_ex_free_func *prim_clear;
-	ASN1_primitive_c2i *prim_c2i;
-	ASN1_primitive_i2c *prim_i2c;
-} ASN1_PRIMITIVE_FUNCS;
-
-/* This is the ASN1_AUX structure: it handles various
- * miscellaneous requirements. For example the use of
- * reference counts and an informational callback.
- *
- * The "informational callback" is called at various
- * points during the ASN1 encoding and decoding. It can
- * be used to provide minor customisation of the structures
- * used. This is most useful where the supplied routines
- * *almost* do the right thing but need some extra help
- * at a few points. If the callback returns zero then
- * it is assumed a fatal error has occurred and the 
- * main operation should be abandoned.
- *
- * If major changes in the default behaviour are required
- * then an external type is more appropriate.
- */
-
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
-
-typedef struct ASN1_AUX_st {
-	void *app_data;
-	int flags;
-	int ref_offset;		/* Offset of reference value */
-	int ref_lock;		/* Lock type to use */
-	ASN1_aux_cb *asn1_cb;
-	int enc_offset;		/* Offset of ASN1_ENCODING structure */
-} ASN1_AUX;
-
-/* Flags in ASN1_AUX */
-
-/* Use a reference count */
-#define ASN1_AFLG_REFCOUNT	1
-/* Save the encoding of structure (useful for signatures) */
-#define ASN1_AFLG_ENCODING	2
-/* The Sequence length is invalid */
-#define ASN1_AFLG_BROKEN	4
-
-/* operation values for asn1_cb */
-
-#define ASN1_OP_NEW_PRE		0
-#define ASN1_OP_NEW_POST	1
-#define ASN1_OP_FREE_PRE	2
-#define ASN1_OP_FREE_POST	3
-#define ASN1_OP_D2I_PRE		4
-#define ASN1_OP_D2I_POST	5
-#define ASN1_OP_I2D_PRE		6
-#define ASN1_OP_I2D_POST	7
-
-/* Macro to implement a primitive type */
-#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
-				ASN1_ITEM_end(itname)
-
-/* Macro to implement a multi string type */
-#define IMPLEMENT_ASN1_MSTRING(itname, mask) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
-				ASN1_ITEM_end(itname)
-
-/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-
-#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-
-#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
-	static const ASN1_COMPAT_FUNCS sname##_ff = { \
-		(ASN1_new_func *)sname##_new, \
-		(ASN1_free_func *)sname##_free, \
-		(ASN1_d2i_func *)d2i_##sname, \
-		(ASN1_i2d_func *)i2d_##sname, \
-	}; \
-	ASN1_ITEM_start(sname) \
-		ASN1_ITYPE_COMPAT, \
-		tag, \
-		NULL, \
-		0, \
-		&sname##_ff, \
-		0, \
-		#sname \
-	ASN1_ITEM_end(sname)
-
-#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
-	ASN1_ITEM_start(sname) \
-		ASN1_ITYPE_EXTERN, \
-		tag, \
-		NULL, \
-		0, \
-		&fptrs, \
-		0, \
-		#sname \
-	ASN1_ITEM_end(sname)
-
-/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-
-#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
-			IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
-	stname *fname##_new(void) \
-	{ \
-		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-	} \
-	void fname##_free(stname *a) \
-	{ \
-		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-	}
-
-#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-/* This includes evil casts to remove const: they will go away when full
- * ASN1 constification is done.
- */
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(const stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
-	stname * stname##_dup(stname *x) \
-        { \
-        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
-        }
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
-		IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-/* external definitions for primitive types */
-
-DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_ANY)
-DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
-DECLARE_ASN1_ITEM(CBIGNUM)
-DECLARE_ASN1_ITEM(BIGNUM)
-DECLARE_ASN1_ITEM(LONG)
-DECLARE_ASN1_ITEM(ZLONG)
-
-DECLARE_STACK_OF(ASN1_VALUE)
-
-/* Functions used internally by the ASN1 code */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt);
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
-				int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
-
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/asn1/asn_moid.c b/crypto/openssl/crypto/asn1/asn_moid.c
deleted file mode 100644
index be20db4bad7f..000000000000
--- a/crypto/openssl/crypto/asn1/asn_moid.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* asn_moid.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-
-/* Simple ASN1 OID module: add all objects in a given section */
-
-static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
-	{
-	int i;
-	const char *oid_section;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *oval;
-	oid_section = CONF_imodule_get_value(md);
-	if(!(sktmp = NCONF_get_section(cnf, oid_section)))
-		{
-		ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
-		return 0;
-		}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++)
-		{
-		oval = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(oval->value, oval->name, oval->name) == NID_undef)
-			{
-			ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
-			return 0;
-			}
-		}
-	return 1;
-}
-
-void ASN1_add_oid_module(void)
-	{
-	CONF_module_add("oid_section", oid_module_init, 0);
-	}
diff --git a/crypto/openssl/crypto/asn1/asn_pack.c b/crypto/openssl/crypto/asn1/asn_pack.c
deleted file mode 100644
index e6051db2dc98..000000000000
--- a/crypto/openssl/crypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/* asn_pack.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-#ifndef NO_ASN1_OLD
-
-/* ASN1 packing and unpacking functions */
-
-/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
-
-STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
-	     void (*free_func)(void *))
-{
-    STACK *sk;
-    unsigned char *pbuf;
-    pbuf =  buf;
-    if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
-					V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
-		 ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR);
-    return sk;
-}
-
-/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
-	     int *len)
-{
-	int safelen;
-	unsigned char *safe, *p;
-	if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
-					      V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
-		ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
-		return NULL;
-	}
-	if (!(safe = OPENSSL_malloc (safelen))) {
-		ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p = safe;
-	i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
-								 IS_SEQUENCE);
-	if (len) *len = safelen;
-	if (buf) *buf = safe;
-	return safe;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
-{
-	unsigned char *p;
-	char *ret;
-
-	p = oct->data;
-	if(!(ret = d2i(NULL, &p, oct->length)))
-		ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
-	return ret;
-}
-
-/* Pack an ASN1 object into an ASN1_STRING */
-
-ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct)
-{
-	unsigned char *p;
-	ASN1_STRING *octmp;
-
-	if (!oct || !*oct) {
-		if (!(octmp = ASN1_STRING_new ())) {
-			ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		if (oct) *oct = octmp;
-	} else octmp = *oct;
-		
-	if (!(octmp->length = i2d(obj, NULL))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
-		return NULL;
-	}
-	if (!(p = OPENSSL_malloc (octmp->length))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	octmp->data = p;
-	i2d (obj, &p);
-	return octmp;
-}
-
-#endif
-
-/* ASN1_ITEM versions of the above */
-
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
-{
-	ASN1_STRING *octmp;
-
-	if (!oct || !*oct) {
-		if (!(octmp = ASN1_STRING_new ())) {
-			ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		if (oct) *oct = octmp;
-	} else octmp = *oct;
-
-	if(octmp->data) {
-		OPENSSL_free(octmp->data);
-		octmp->data = NULL;
-	}
-		
-	if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
-		return NULL;
-	}
-	if (!octmp->data) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	return octmp;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
-{
-	unsigned char *p;
-	void *ret;
-
-	p = oct->data;
-	if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
-		ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
-	return ret;
-}
diff --git a/crypto/openssl/crypto/asn1/charmap.h b/crypto/openssl/crypto/asn1/charmap.h
deleted file mode 100644
index bd020a9562fd..000000000000
--- a/crypto/openssl/crypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static unsigned char char_type[] = {
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 9, 9,16, 9,16,
- 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 0, 1, 0, 0, 0,
- 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 0, 0, 0, 0, 2
-};
-
diff --git a/crypto/openssl/crypto/asn1/charmap.pl b/crypto/openssl/crypto/asn1/charmap.pl
deleted file mode 100644
index 2875c5986728..000000000000
--- a/crypto/openssl/crypto/asn1/charmap.pl
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/local/bin/perl -w
-
-use strict;
-
-my ($i, @arr);
-
-# Set up an array with the type of ASCII characters
-# Each set bit represents a character property.
-
-# RFC2253 character properties
-my $RFC2253_ESC = 1;	# Character escaped with \
-my $ESC_CTRL	= 2;	# Escaped control character
-# These are used with RFC1779 quoting using "
-my $NOESC_QUOTE	= 8;	# Not escaped if quoted
-my $PSTRING_CHAR = 0x10;	# Valid PrintableString character
-my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
-my $RFC2253_LAST_ESC = 0x40;  # Escaped with \ if last character
-
-for($i = 0; $i < 128; $i++) {
-	# Set the RFC2253 escape characters (control)
-	$arr[$i] = 0;
-	if(($i < 32) || ($i > 126)) {
-		$arr[$i] |= $ESC_CTRL;
-	}
-
-	# Some PrintableString characters
-	if(		   ( ( $i >= ord("a")) && ( $i <= ord("z")) )
-			|| (  ( $i >= ord("A")) && ( $i <= ord("Z")) )
-			|| (  ( $i >= ord("0")) && ( $i <= ord("9")) )  ) {
-		$arr[$i] |= $PSTRING_CHAR;
-	}
-}
-
-# Now setup the rest
-
-# Remaining RFC2253 escaped characters
-
-$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
-$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
-
-$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("\"")] |= $RFC2253_ESC;
-$arr[ord("\\")] |= $RFC2253_ESC;
-$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
-
-# Remaining PrintableString characters
-
-$arr[ord(" ")] |= $PSTRING_CHAR;
-$arr[ord("'")] |= $PSTRING_CHAR;
-$arr[ord("(")] |= $PSTRING_CHAR;
-$arr[ord(")")] |= $PSTRING_CHAR;
-$arr[ord("+")] |= $PSTRING_CHAR;
-$arr[ord(",")] |= $PSTRING_CHAR;
-$arr[ord("-")] |= $PSTRING_CHAR;
-$arr[ord(".")] |= $PSTRING_CHAR;
-$arr[ord("/")] |= $PSTRING_CHAR;
-$arr[ord(":")] |= $PSTRING_CHAR;
-$arr[ord("=")] |= $PSTRING_CHAR;
-$arr[ord("?")] |= $PSTRING_CHAR;
-
-# Now generate the C code
-
-print <<EOF;
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static unsigned char char_type[] = {
-EOF
-
-for($i = 0; $i < 128; $i++) {
-	print("\n") if($i && (($i % 16) == 0));
-	printf("%2d", $arr[$i]);
-	print(",") if ($i != 127);
-}
-print("\n};\n\n");
-
diff --git a/crypto/openssl/crypto/asn1/d2i_dhp.c b/crypto/openssl/crypto/asn1/d2i_dhp.c
deleted file mode 100644
index 223ebbbd46d1..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_dhp.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* crypto/asn1/d2i_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DH *d2i_DHparams(DH **a, unsigned char **pp, long length)
-	{
-	int i=ERR_R_NESTED_ASN1_ERROR;
-	ASN1_INTEGER *bs=NULL;
-	long v=0;
-	M_ASN1_D2I_vars(a,DH *,DH_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
-	if (!M_ASN1_D2I_end_sequence())
-		{
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		for (i=0; i<bs->length; i++)
-			v=(v<<8)|(bs->data[i]);
-		ret->length=(int)v;
-		}
-
-	M_ASN1_BIT_STRING_free(bs);
-	bs = NULL;
-
-	M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_DHPARAMS,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret);
-	if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
-	return(NULL);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/d2i_dsap.c b/crypto/openssl/crypto/asn1/d2i_dsap.c
deleted file mode 100644
index a68f35d852bd..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_dsap.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/asn1/d2i_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAparams(DSA **a, unsigned char **pp, long length)
-	{
-	int i=ERR_R_NESTED_ASN1_ERROR;
-	ASN1_INTEGER *bs=NULL;
-	M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
-	M_ASN1_BIT_STRING_free(bs);
-	bs = NULL;
-
-	M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_DSAPARAMS,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-	if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
-	return(NULL);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/d2i_pr.c b/crypto/openssl/crypto/asn1/d2i_pr.c
deleted file mode 100644
index 2e7d96af904a..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/asn1/d2i_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
-	     long length)
-	{
-	EVP_PKEY *ret;
-
-	if ((a == NULL) || (*a == NULL))
-		{
-		if ((ret=EVP_PKEY_new()) == NULL)
-			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
-			return(NULL);
-			}
-		}
-	else	ret= *a;
-
-	ret->save_type=type;
-	ret->type=EVP_PKEY_type(type);
-	switch (ret->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
-			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
-			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		break;
-#endif
-	default:
-		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-		/* break; */
-		}
-	if (a != NULL) (*a)=ret;
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
-	return(NULL);
-	}
-
-/* This works like d2i_PrivateKey() except it automatically works out the type */
-
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
-	     long length)
-{
-	STACK_OF(ASN1_TYPE) *inkey;
-	unsigned char *p;
-	int keytype;
-	p = *pp;
-	/* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
-	 * by analyzing it we can determine the passed structure: this
-	 * assumes the input is surrounded by an ASN1 SEQUENCE.
-	 */
-	inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, 
-			ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-	/* Since we only need to discern "traditional format" RSA and DSA
-	 * keys we can just count the elements.
-         */
-	if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
-	else keytype = EVP_PKEY_RSA;
-	sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-	return d2i_PrivateKey(keytype, a, pp, length);
-}
diff --git a/crypto/openssl/crypto/asn1/d2i_pu.c b/crypto/openssl/crypto/asn1/d2i_pu.c
deleted file mode 100644
index 71f2eb361bd4..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/asn1/d2i_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
-	     long length)
-	{
-	EVP_PKEY *ret;
-
-	if ((a == NULL) || (*a == NULL))
-		{
-		if ((ret=EVP_PKEY_new()) == NULL)
-			{
-			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
-			return(NULL);
-			}
-		}
-	else	ret= *a;
-
-	ret->save_type=type;
-	ret->type=EVP_PKEY_type(type);
-	switch (ret->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
-			{
-			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
-			{
-			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		break;
-#endif
-	default:
-		ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-		/* break; */
-		}
-	if (a != NULL) (*a)=ret;
-	return(ret);
-err:
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
-	return(NULL);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/d2i_r_pr.c b/crypto/openssl/crypto/asn1/d2i_r_pr.c
deleted file mode 100644
index afd5adb1d871..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_r_pr.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/d2i_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-static ASN1_METHOD method={
-        (int (*)())  i2d_RSAPrivateKey,
-        (char *(*)())d2i_RSAPrivateKey,
-        (char *(*)())RSA_new,
-        (void (*)()) RSA_free};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-	{
-	return(&method);
-	}
-
-RSA *d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length)
-	{
-	int i=ASN1_R_PARSING;
-	ASN1_INTEGER *bs=NULL;
-	M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if (bs->length == 0)
-		ret->version=0;
-	else	ret->version=bs->data[0];
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL)
-		goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL)
-		goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL)
-		goto err_bn;
-
-	M_ASN1_INTEGER_free(bs);
-	bs = NULL;
-
-	M_ASN1_D2I_Finish_2(a);
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
-	if (bs != NULL) M_ASN1_INTEGER_free(bs);
-
-	return(NULL);
-	}
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/d2i_r_pu.c b/crypto/openssl/crypto/asn1/d2i_r_pu.c
deleted file mode 100644
index 9e5d41cf5318..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_r_pu.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/asn1/d2i_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-RSA *d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length)
-	{
-	int i=ASN1_R_PARSING;
-	ASN1_INTEGER *bs=NULL;
-	M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
-
-	M_ASN1_INTEGER_free(bs);
-	bs=NULL;
-
-	M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
-	if (bs != NULL) M_ASN1_INTEGER_free(bs);
-	return(NULL);
-	}
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/d2i_s_pr.c b/crypto/openssl/crypto/asn1/d2i_s_pr.c
deleted file mode 100644
index 55d5802d702f..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_s_pr.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/asn1/d2i_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DSA *d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length)
-	{
-	int i=ASN1_R_PARSING;
-	ASN1_INTEGER *bs=NULL;
-	M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if (bs->length == 0)
-		ret->version=0;
-	else	ret->version=bs->data[0];
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-		== NULL) goto err_bn;
-	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-	if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key))
-		== NULL) goto err_bn;
-
-	M_ASN1_INTEGER_free(bs);
-	bs = NULL;
-
-	M_ASN1_D2I_Finish_2(a);
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-	if (bs != NULL) M_ASN1_INTEGER_free(bs);
-	return(NULL);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/d2i_s_pu.c b/crypto/openssl/crypto/asn1/d2i_s_pu.c
deleted file mode 100644
index 0b7d2fafccc9..000000000000
--- a/crypto/openssl/crypto/asn1/d2i_s_pu.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/d2i_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length)
-	{
-	int i=ASN1_R_PARSING;
-	ASN1_INTEGER *bs=NULL;
-	M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-	M_ASN1_D2I_Init();
-	if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED))
-		== (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER))))
-		{
-		c.slen=length;
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-                        == NULL)
-                        goto err_bn;
-		ret->write_params=0;
-		}
-	else
-		{
-		M_ASN1_D2I_start_sequence();
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-			== NULL)
-			goto err_bn;
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL)
-			goto err_bn;
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL)
-			goto err_bn;
-		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-		if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL)
-			goto err_bn;
-
-		ret->write_params=1;
-		}
-
-	M_ASN1_INTEGER_free(bs);
-	bs=NULL;
-	M_ASN1_D2I_Finish_2(a);
-err_bn:
-	i=ERR_R_BN_LIB;
-err:
-	ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-	if (bs != NULL) M_ASN1_INTEGER_free(bs);
-	return(NULL);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/evp_asn1.c b/crypto/openssl/crypto/asn1/evp_asn1.c
deleted file mode 100644
index 3506005a7146..000000000000
--- a/crypto/openssl/crypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* crypto/asn1/evp_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
-	{
-	ASN1_STRING *os;
-
-	if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
-	if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
-	ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
-	return(1);
-	}
-
-/* int max_len:  for returned value    */
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
-	     int max_len)
-	{
-	int ret,num;
-	unsigned char *p;
-
-	if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL))
-		{
-		ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
-		return(-1);
-		}
-	p=M_ASN1_STRING_data(a->value.octet_string);
-	ret=M_ASN1_STRING_length(a->value.octet_string);
-	if (ret < max_len)
-		num=ret;
-	else
-		num=max_len;
-	memcpy(data,p,num);
-	return(ret);
-	}
-
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
-	     int len)
-	{
-	int n,size;
-	ASN1_OCTET_STRING os,*osp;
-	ASN1_INTEGER in;
-	unsigned char *p;
-	unsigned char buf[32]; /* when they have 256bit longs, 
-				* I'll be in trouble */
-	in.data=buf;
-	in.length=32;
-	os.data=data;
-	os.type=V_ASN1_OCTET_STRING;
-	os.length=len;
-	ASN1_INTEGER_set(&in,num);
-	n =  i2d_ASN1_INTEGER(&in,NULL);
-	n+=M_i2d_ASN1_OCTET_STRING(&os,NULL);
-
-	size=ASN1_object_size(1,n,V_ASN1_SEQUENCE);
-
-	if ((osp=ASN1_STRING_new()) == NULL) return(0);
-	/* Grow the 'string' */
-	ASN1_STRING_set(osp,NULL,size);
-
-	M_ASN1_STRING_length_set(osp, size);
-	p=M_ASN1_STRING_data(osp);
-
-	ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-	  i2d_ASN1_INTEGER(&in,&p);
-	M_i2d_ASN1_OCTET_STRING(&os,&p);
-
-	ASN1_TYPE_set(a,V_ASN1_SEQUENCE,osp);
-	return(1);
-	}
-
-/* we return the actual length..., num may be missing, in which
- * case, set it to zero */
-/* int max_len:  for returned value    */
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
-	     int max_len)
-	{
-	int ret= -1,n;
-	ASN1_INTEGER *ai=NULL;
-	ASN1_OCTET_STRING *os=NULL;
-	unsigned char *p;
-	long length;
-	ASN1_CTX c;
-
-	if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
-		{
-		goto err;
-		}
-	p=M_ASN1_STRING_data(a->value.sequence);
-	length=M_ASN1_STRING_length(a->value.sequence);
-
-	c.pp= &p;
-	c.p=p;
-	c.max=p+length;
-	c.error=ASN1_R_DATA_IS_WRONG;
-
-	M_ASN1_D2I_start_sequence();
-	c.q=c.p;
-	if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err;
-        c.slen-=(c.p-c.q);
-	c.q=c.p;
-	if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err;
-        c.slen-=(c.p-c.q);
-	if (!M_ASN1_D2I_end_sequence()) goto err;
-
-	if (num != NULL)
-		*num=ASN1_INTEGER_get(ai);
-
-	ret=M_ASN1_STRING_length(os);
-	if (max_len > ret)
-		n=ret;
-	else
-		n=max_len;
-
-	if (data != NULL)
-		memcpy(data,M_ASN1_STRING_data(os),n);
-	if (0)
-		{
-err:
-		ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
-		}
-	if (os != NULL) M_ASN1_OCTET_STRING_free(os);
-	if (ai != NULL) M_ASN1_INTEGER_free(ai);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/f.c b/crypto/openssl/crypto/asn1/f.c
deleted file mode 100644
index 82bccdfd5109..000000000000
--- a/crypto/openssl/crypto/asn1/f.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/asn1/f.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-main()
-	{
-	ASN1_TYPE *at;
-	char buf[512];
-	int n;
-	long l;
-
-	at=ASN1_TYPE_new();
-
-	n=ASN1_TYPE_set_int_octetstring(at,98736,"01234567",8);
-	printf("%d\n",n);
-	n=ASN1_TYPE_get_int_octetstring(at,&l,buf,8);
-	buf[8]='\0';
-	printf("%ld %d %d\n",l,n,buf[8]);
-	buf[8]='\0';
-	printf("%s\n",buf);
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	}
diff --git a/crypto/openssl/crypto/asn1/f_enum.c b/crypto/openssl/crypto/asn1/f_enum.c
deleted file mode 100644
index 56e3cc8df2b7..000000000000
--- a/crypto/openssl/crypto/asn1/f_enum.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/asn1/f_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
-	{
-	int i,n=0;
-	static const char *h="0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL) return(0);
-
-	if (a->length == 0)
-		{
-		if (BIO_write(bp,"00",2) != 2) goto err;
-		n=2;
-		}
-	else
-		{
-		for (i=0; i<a->length; i++)
-			{
-			if ((i != 0) && (i%35 == 0))
-				{
-				if (BIO_write(bp,"\\\n",2) != 2) goto err;
-				n+=2;
-				}
-			buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
-			buf[1]=h[((unsigned char)a->data[i]   )&0x0f];
-			if (BIO_write(bp,buf,2) != 2) goto err;
-			n+=2;
-			}
-		}
-	return(n);
-err:
-	return(-1);
-	}
-
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
-	{
-	int ret=0;
-	int i,j,k,m,n,again,bufsize;
-	unsigned char *s=NULL,*sp;
-	unsigned char *bufp;
-	int num=0,slen=0,first=1;
-
-	bs->type=V_ASN1_ENUMERATED;
-
-	bufsize=BIO_gets(bp,buf,size);
-	for (;;)
-		{
-		if (bufsize < 1) goto err_sl;
-		i=bufsize;
-		if (buf[i-1] == '\n') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		if (buf[i-1] == '\r') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		again=(buf[i-1] == '\\');
-
-		for (j=0; j<i; j++)
-			{
-			if (!(	((buf[j] >= '0') && (buf[j] <= '9')) ||
-				((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-				((buf[j] >= 'A') && (buf[j] <= 'F'))))
-				{
-				i=j;
-				break;
-				}
-			}
-		buf[i]='\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2) goto err_sl;
-
-		bufp=(unsigned char *)buf;
-		if (first)
-			{
-			first=0;
-			if ((bufp[0] == '0') && (buf[1] == '0'))
-				{
-				bufp+=2;
-				i-=2;
-				}
-			}
-		k=0;
-		i-=again;
-		if (i%2 != 0)
-			{
-			ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-			}
-		i/=2;
-		if (num+i > slen)
-			{
-			if (s == NULL)
-				sp=(unsigned char *)OPENSSL_malloc(
-					(unsigned int)num+i*2);
-			else
-				sp=(unsigned char *)OPENSSL_realloc(s,
-					(unsigned int)num+i*2);
-			if (sp == NULL)
-				{
-				ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
-				if (s != NULL) OPENSSL_free(s);
-				goto err;
-				}
-			s=sp;
-			slen=num+i*2;
-			}
-		for (j=0; j<i; j++,k+=2)
-			{
-			for (n=0; n<2; n++)
-				{
-				m=bufp[k+n];
-				if ((m >= '0') && (m <= '9'))
-					m-='0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m=m-'a'+10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m=m-'A'+10;
-				else
-					{
-					ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-					}
-				s[num+j]<<=4;
-				s[num+j]|=m;
-				}
-			}
-		num+=i;
-		if (again)
-			bufsize=BIO_gets(bp,buf,size);
-		else
-			break;
-		}
-	bs->length=num;
-	bs->data=s;
-	ret=1;
-err:
-	if (0)
-		{
-err_sl:
-		ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/f_int.c b/crypto/openssl/crypto/asn1/f_int.c
deleted file mode 100644
index 9494e597abc3..000000000000
--- a/crypto/openssl/crypto/asn1/f_int.c
+++ /dev/null
@@ -1,219 +0,0 @@
-/* crypto/asn1/f_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
-	{
-	int i,n=0;
-	static const char *h="0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL) return(0);
-
-	if (a->type & V_ASN1_NEG)
-		{
-		if (BIO_write(bp, "-", 1) != 1) goto err;
-		n = 1;
-		}
-
-	if (a->length == 0)
-		{
-		if (BIO_write(bp,"00",2) != 2) goto err;
-		n += 2;
-		}
-	else
-		{
-		for (i=0; i<a->length; i++)
-			{
-			if ((i != 0) && (i%35 == 0))
-				{
-				if (BIO_write(bp,"\\\n",2) != 2) goto err;
-				n+=2;
-				}
-			buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
-			buf[1]=h[((unsigned char)a->data[i]   )&0x0f];
-			if (BIO_write(bp,buf,2) != 2) goto err;
-			n+=2;
-			}
-		}
-	return(n);
-err:
-	return(-1);
-	}
-
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
-	{
-	int ret=0;
-	int i,j,k,m,n,again,bufsize;
-	unsigned char *s=NULL,*sp;
-	unsigned char *bufp;
-	int num=0,slen=0,first=1;
-
-	bs->type=V_ASN1_INTEGER;
-
-	bufsize=BIO_gets(bp,buf,size);
-	for (;;)
-		{
-		if (bufsize < 1) goto err_sl;
-		i=bufsize;
-		if (buf[i-1] == '\n') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		if (buf[i-1] == '\r') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		again=(buf[i-1] == '\\');
-
-		for (j=0; j<i; j++)
-			{
-#ifndef CHARSET_EBCDIC
-			if (!(	((buf[j] >= '0') && (buf[j] <= '9')) ||
-				((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-				((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
-			/* This #ifdef is not strictly necessary, since
-			 * the characters A...F a...f 0...9 are contiguous
-			 * (yes, even in EBCDIC - but not the whole alphabet).
-			 * Nevertheless, isxdigit() is faster.
-			 */
-			if (!isxdigit(buf[j]))
-#endif
-				{
-				i=j;
-				break;
-				}
-			}
-		buf[i]='\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2) goto err_sl;
-
-		bufp=(unsigned char *)buf;
-		if (first)
-			{
-			first=0;
-			if ((bufp[0] == '0') && (buf[1] == '0'))
-				{
-				bufp+=2;
-				i-=2;
-				}
-			}
-		k=0;
-		i-=again;
-		if (i%2 != 0)
-			{
-			ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-			}
-		i/=2;
-		if (num+i > slen)
-			{
-			if (s == NULL)
-				sp=(unsigned char *)OPENSSL_malloc(
-					(unsigned int)num+i*2);
-			else
-				sp=OPENSSL_realloc_clean(s,slen,num+i*2);
-			if (sp == NULL)
-				{
-				ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-				if (s != NULL) OPENSSL_free(s);
-				goto err;
-				}
-			s=sp;
-			slen=num+i*2;
-			}
-		for (j=0; j<i; j++,k+=2)
-			{
-			for (n=0; n<2; n++)
-				{
-				m=bufp[k+n];
-				if ((m >= '0') && (m <= '9'))
-					m-='0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m=m-'a'+10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m=m-'A'+10;
-				else
-					{
-					ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-					}
-				s[num+j]<<=4;
-				s[num+j]|=m;
-				}
-			}
-		num+=i;
-		if (again)
-			bufsize=BIO_gets(bp,buf,size);
-		else
-			break;
-		}
-	bs->length=num;
-	bs->data=s;
-	ret=1;
-err:
-	if (0)
-		{
-err_sl:
-		ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/f_string.c b/crypto/openssl/crypto/asn1/f_string.c
deleted file mode 100644
index 968698a79887..000000000000
--- a/crypto/openssl/crypto/asn1/f_string.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/* crypto/asn1/f_string.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
-	{
-	int i,n=0;
-	static const char *h="0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL) return(0);
-
-	if (a->length == 0)
-		{
-		if (BIO_write(bp,"0",1) != 1) goto err;
-		n=1;
-		}
-	else
-		{
-		for (i=0; i<a->length; i++)
-			{
-			if ((i != 0) && (i%35 == 0))
-				{
-				if (BIO_write(bp,"\\\n",2) != 2) goto err;
-				n+=2;
-				}
-			buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
-			buf[1]=h[((unsigned char)a->data[i]   )&0x0f];
-			if (BIO_write(bp,buf,2) != 2) goto err;
-			n+=2;
-			}
-		}
-	return(n);
-err:
-	return(-1);
-	}
-
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
-	{
-	int ret=0;
-	int i,j,k,m,n,again,bufsize;
-	unsigned char *s=NULL,*sp;
-	unsigned char *bufp;
-	int num=0,slen=0,first=1;
-
-	bufsize=BIO_gets(bp,buf,size);
-	for (;;)
-		{
-		if (bufsize < 1)
-			{
-			if (first)
-				break;
-			else
-				goto err_sl;
-			}
-		first=0;
-
-		i=bufsize;
-		if (buf[i-1] == '\n') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		if (buf[i-1] == '\r') buf[--i]='\0';
-		if (i == 0) goto err_sl;
-		again=(buf[i-1] == '\\');
-
-		for (j=i-1; j>0; j--)
-			{
-#ifndef CHARSET_EBCDIC
-			if (!(	((buf[j] >= '0') && (buf[j] <= '9')) ||
-				((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-				((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
-			/* This #ifdef is not strictly necessary, since
-			 * the characters A...F a...f 0...9 are contiguous
-			 * (yes, even in EBCDIC - but not the whole alphabet).
-			 * Nevertheless, isxdigit() is faster.
-			 */
-			if (!isxdigit(buf[j]))
-#endif
-				{
-				i=j;
-				break;
-				}
-			}
-		buf[i]='\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2) goto err_sl;
-
-		bufp=(unsigned char *)buf;
-
-		k=0;
-		i-=again;
-		if (i%2 != 0)
-			{
-			ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-			}
-		i/=2;
-		if (num+i > slen)
-			{
-			if (s == NULL)
-				sp=(unsigned char *)OPENSSL_malloc(
-					(unsigned int)num+i*2);
-			else
-				sp=(unsigned char *)OPENSSL_realloc(s,
-					(unsigned int)num+i*2);
-			if (sp == NULL)
-				{
-				ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
-				if (s != NULL) OPENSSL_free(s);
-				goto err;
-				}
-			s=sp;
-			slen=num+i*2;
-			}
-		for (j=0; j<i; j++,k+=2)
-			{
-			for (n=0; n<2; n++)
-				{
-				m=bufp[k+n];
-				if ((m >= '0') && (m <= '9'))
-					m-='0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m=m-'a'+10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m=m-'A'+10;
-				else
-					{
-					ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-					}
-				s[num+j]<<=4;
-				s[num+j]|=m;
-				}
-			}
-		num+=i;
-		if (again)
-			bufsize=BIO_gets(bp,buf,size);
-		else
-			break;
-		}
-	bs->length=num;
-	bs->data=s;
-	ret=1;
-err:
-	if (0)
-		{
-err_sl:
-		ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/i2d_dhp.c b/crypto/openssl/crypto/asn1/i2d_dhp.c
deleted file mode 100644
index b1de17fe075f..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_dhp.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/asn1/i2d_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dh.h>
-
-int i2d_DHparams(DH *a, unsigned char **pp)
-	{
-	BIGNUM *num[3];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot=0,len,max=0;
-	int t,ret= -1;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-	num[0]=a->p;
-	num[1]=a->g;
-	if (a->length != 0)
-		{
-		if ((num[2]=BN_new()) == NULL) goto err;
-		if (!BN_set_word(num[2],a->length)) goto err;
-		}
-	else	
-		num[2]=NULL;
-
-	for (i=0; i<3; i++)
-		{
-		if (num[i] == NULL) continue;
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-	if (pp == NULL)
-		{
-		if (num[2] != NULL)
-			BN_free(num[2]);
-		return(t);
-		}
-
-	p= *pp;
-	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	bs.type=V_ASN1_INTEGER;
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	for (i=0; i<3; i++)
-		{
-		if (num[i] == NULL) continue;
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	ret=t;
-err:
-	if (num[2] != NULL) BN_free(num[2]);
-	*pp=p;
-	return(ret);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/i2d_dsap.c b/crypto/openssl/crypto/asn1/i2d_dsap.c
deleted file mode 100644
index 157fb43893fc..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_dsap.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/asn1/i2d_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dsa.h>
-
-int i2d_DSAparams(DSA *a, unsigned char **pp)
-	{
-	BIGNUM *num[3];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot=0,len,max=0;
-	int t,ret= -1;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-	num[0]=a->p;
-	num[1]=a->q;
-	num[2]=a->g;
-
-	for (i=0; i<3; i++)
-		{
-		if (num[i] == NULL) continue;
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-	if (pp == NULL) return(t);
-
-	p= *pp;
-	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	bs.type=V_ASN1_INTEGER;
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	for (i=0; i<3; i++)
-		{
-		if (num[i] == NULL) continue;
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	ret=t;
-err:
-	*pp=p;
-	return(ret);
-	}
-#endif
-
diff --git a/crypto/openssl/crypto/asn1/i2d_pr.c b/crypto/openssl/crypto/asn1/i2d_pr.c
deleted file mode 100644
index 1e951ae01d3b..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* crypto/asn1/i2d_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
-	{
-#ifndef OPENSSL_NO_RSA
-	if (a->type == EVP_PKEY_RSA)
-		{
-		return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
-		}
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-	if (a->type == EVP_PKEY_DSA)
-		{
-		return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
-		}
-#endif
-
-	ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-	return(-1);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/i2d_pu.c b/crypto/openssl/crypto/asn1/i2d_pu.c
deleted file mode 100644
index 013d19bbf418..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/asn1/i2d_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
-	{
-	switch (a->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		return(i2d_RSAPublicKey(a->pkey.rsa,pp));
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		return(i2d_DSAPublicKey(a->pkey.dsa,pp));
-#endif
-	default:
-		ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-		return(-1);
-		}
-	}
-
diff --git a/crypto/openssl/crypto/asn1/i2d_r_pr.c b/crypto/openssl/crypto/asn1/i2d_r_pr.c
deleted file mode 100644
index 88b1aac98982..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_r_pr.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/asn1/i2d_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPrivateKey(RSA *a, unsigned char **pp)
-	{
-	BIGNUM *num[9];
-	unsigned char data[1];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot,t,len,max=0;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-
-	num[1]=a->n;
-	num[2]=a->e;
-	num[3]=a->d;
-	num[4]=a->p;
-	num[5]=a->q;
-	num[6]=a->dmp1;
-	num[7]=a->dmq1;
-	num[8]=a->iqmp;
-
-	bs.length=1;
-	bs.data=data;
-	bs.type=V_ASN1_INTEGER;
-	data[0]=a->version&0x7f;
-
-	tot=i2d_ASN1_INTEGER(&(bs),NULL);
-	for (i=1; i<9; i++)
-		{
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-	if (pp == NULL) return(t);
-
-	p= *pp;
-	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	i2d_ASN1_INTEGER(&bs,&p);
-
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(-1);
-		}
-
-	for (i=1; i<9; i++)
-		{
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	*pp=p;
-	return(t);
-	}
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
-
diff --git a/crypto/openssl/crypto/asn1/i2d_r_pu.c b/crypto/openssl/crypto/asn1/i2d_r_pu.c
deleted file mode 100644
index 8178c2c3b3e0..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_r_pu.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/asn1/i2d_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPublicKey(RSA *a, unsigned char **pp)
-	{
-	BIGNUM *num[2];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot=0,len,max=0,t;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-
-	num[0]=a->n;
-	num[1]=a->e;
-
-	for (i=0; i<2; i++)
-		{
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-	if (pp == NULL) return(t);
-
-	p= *pp;
-	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	bs.type=V_ASN1_INTEGER;
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
-		return(-1);
-		}
-
-	for (i=0; i<2; i++)
-		{
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	*pp=p;
-	return(t);
-	}
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/i2d_s_pr.c b/crypto/openssl/crypto/asn1/i2d_s_pr.c
deleted file mode 100644
index 9922952ad77b..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_s_pr.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/asn1/i2d_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPrivateKey(DSA *a, unsigned char **pp)
-	{
-	BIGNUM *num[6];
-	unsigned char data[1];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot,t,len,max=0;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-
-	num[1]=a->p;
-	num[2]=a->q;
-	num[3]=a->g;
-	num[4]=a->pub_key;
-	num[5]=a->priv_key;
-
-	bs.length=1;
-	bs.data=data;
-	bs.type=V_ASN1_INTEGER;
-	data[0]=a->version&0x7f;
-
-	tot=i2d_ASN1_INTEGER(&(bs),NULL);
-	for (i=1; i<6; i++)
-		{
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-	if (pp == NULL) return(t);
-
-	p= *pp;
-	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	i2d_ASN1_INTEGER(&bs,&p);
-
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(-1);
-		}
-
-	for (i=1; i<6; i++)
-		{
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	*pp=p;
-	return(t);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/i2d_s_pu.c b/crypto/openssl/crypto/asn1/i2d_s_pu.c
deleted file mode 100644
index e6014b82a84c..000000000000
--- a/crypto/openssl/crypto/asn1/i2d_s_pu.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/i2d_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPublicKey(DSA *a, unsigned char **pp)
-	{
-	BIGNUM *num[4];
-	ASN1_INTEGER bs;
-	unsigned int j,i,tot=0,len,max=0,t=0,all,n=1;
-	unsigned char *p;
-
-	if (a == NULL) return(0);
-
-	all=a->write_params;
-
-	num[0]=a->pub_key;
-	if (all)
-		{
-		num[1]=a->p;
-		num[2]=a->q;
-		num[3]=a->g;
-		n=4;
-		}
-
-	for (i=0; i<n; i++)
-		{
-		j=BN_num_bits(num[i]);
-		len=((j == 0)?0:((j/8)+1));
-		if (len > max) max=len;
-		len=ASN1_object_size(0,len,
-			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-		tot+=len;
-		}
-
-	if (all)
-		{
-		t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-		if (pp == NULL) return(t);
-		}
-	else
-		{
-		if (pp == NULL) return(tot);
-		}
-
-	p= *pp;
-	if (all)
-		ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-	bs.type=V_ASN1_INTEGER;
-	bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-	if (bs.data == NULL)
-		{
-		ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
-		return(-1);
-		}
-
-	for (i=0; i<n; i++)
-		{
-		bs.length=BN_bn2bin(num[i],bs.data);
-		i2d_ASN1_INTEGER(&bs,&p);
-		}
-	OPENSSL_free(bs.data);
-	*pp=p;
-	if(all) return(t);
-	else return(tot);
-	}
-#endif
diff --git a/crypto/openssl/crypto/asn1/n_pkey.c b/crypto/openssl/crypto/asn1/n_pkey.c
deleted file mode 100644
index 766b51c53830..000000000000
--- a/crypto/openssl/crypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,333 +0,0 @@
-/* crypto/asn1/n_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-
-#ifndef OPENSSL_NO_RC4
-
-typedef struct netscape_pkey_st
-	{
-	long version;
-	X509_ALGOR *algor;
-	ASN1_OCTET_STRING *private_key;
-	} NETSCAPE_PKEY;
-
-typedef struct netscape_encrypted_pkey_st
-	{
-	ASN1_OCTET_STRING *os;
-	/* This is the same structure as DigestInfo so use it:
-	 * although this isn't really anything to do with
-	 * digests.
-	 */
-	X509_SIG *enckey;
-	} NETSCAPE_ENCRYPTED_PKEY;
-
-
-ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
-	ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
-} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
-
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
-IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
-
-ASN1_SEQUENCE(NETSCAPE_PKEY) = {
-	ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
-	ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
-	ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
-
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
-IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
-
-static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-	     int (*cb)(), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
-{
-	return i2d_RSA_NET(a, pp, cb, 0);
-}
-
-int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
-	{
-	int i, j, ret = 0;
-	int rsalen, pkeylen, olen;
-	NETSCAPE_PKEY *pkey = NULL;
-	NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-	unsigned char buf[256],*zz;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	EVP_CIPHER_CTX ctx;
-
-	if (a == NULL) return(0);
-
-	if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
-	if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err;
-	pkey->version = 0;
-
-	pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
-	if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
-	pkey->algor->parameter->type=V_ASN1_NULL;
-
-	rsalen = i2d_RSAPrivateKey(a, NULL);
-
-	/* Fake some octet strings just for the initial length
-	 * calculation.
- 	 */
-
-	pkey->private_key->length=rsalen;
-
-	pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL);
-
-	enckey->enckey->digest->length = pkeylen;
-
-	enckey->os->length = 11;	/* "private-key" */
-
-	enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4);
-	if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
-	enckey->enckey->algor->parameter->type=V_ASN1_NULL;
-
-	if (pp == NULL)
-		{
-		olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
-		NETSCAPE_PKEY_free(pkey);
-		NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-		return olen;
-		}
-
-
-	/* Since its RC4 encrypted length is actual length */
-	if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
-		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	pkey->private_key->data = zz;
-	/* Write out private key encoding */
-	i2d_RSAPrivateKey(a,&zz);
-
-	if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
-		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 
-		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	enckey->enckey->digest->data = zz;
-	i2d_NETSCAPE_PKEY(pkey,&zz);
-
-	/* Wipe the private key encoding */
-	OPENSSL_cleanse(pkey->private_key->data, rsalen);
-		
-	if (cb == NULL)
-		cb=EVP_read_pw_string;
-	i=cb(buf,256,"Enter Private Key password:",1);
-	if (i != 0)
-		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
-		goto err;
-		}
-	i = strlen((char *)buf);
-	/* If the key is used for SGC the algorithm is modified a little. */
-	if(sgckey) {
-		EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
-		memcpy(buf + 16, "SGCKEYSALT", 10);
-		i = 26;
-	}
-
-	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-	OPENSSL_cleanse(buf,256);
-
-	/* Encrypt private key in place */
-	zz = enckey->enckey->digest->data;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
-	EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
-	EVP_EncryptFinal_ex(&ctx,zz + i,&j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
-
-	ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
-err:
-	NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-	NETSCAPE_PKEY_free(pkey);
-	return(ret);
-	}
-
-
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)())
-{
-	return d2i_RSA_NET(a, pp, length, cb, 0);
-}
-
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
-	{
-	RSA *ret=NULL;
-	const unsigned char *p, *kp;
-	NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-
-	p = *pp;
-
-	enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
-	if(!enckey) {
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
-		return NULL;
-	}
-
-	if ((enckey->os->length != 11) || (strncmp("private-key",
-		(char *)enckey->os->data,11) != 0))
-		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
-		NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-		return NULL;
-		}
-	if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
-		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
-		goto err;
-	}
-	kp = enckey->enckey->digest->data;
-	if (cb == NULL)
-		cb=EVP_read_pw_string;
-	if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
-
-	*pp = p;
-
-	err:
-	NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-	return ret;
-
-	}
-
-static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-	     int (*cb)(), int sgckey)
-	{
-	NETSCAPE_PKEY *pkey=NULL;
-	RSA *ret=NULL;
-	int i,j;
-	unsigned char buf[256];
-	const unsigned char *zz;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	EVP_CIPHER_CTX ctx;
-
-	i=cb(buf,256,"Enter Private Key password:",0);
-	if (i != 0)
-		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
-		goto err;
-		}
-
-	i = strlen((char *)buf);
-	if(sgckey){
-		EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
-		memcpy(buf + 16, "SGCKEYSALT", 10);
-		i = 26;
-	}
-		
-	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-	OPENSSL_cleanse(buf,256);
-
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
-	EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
-	EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	os->length=i+j;
-
-	zz=os->data;
-
-	if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
-		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
-		goto err;
-		}
-		
-	zz=pkey->private_key->data;
-	if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
-		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
-		goto err;
-		}
-err:
-	NETSCAPE_PKEY_free(pkey);
-	return(ret);
-	}
-
-#endif /* OPENSSL_NO_RC4 */
-
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/asn1/nsseq.c b/crypto/openssl/crypto/asn1/nsseq.c
deleted file mode 100644
index 50e2d4d07a13..000000000000
--- a/crypto/openssl/crypto/asn1/nsseq.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* nsseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_NEW_POST) {
-		NETSCAPE_CERT_SEQUENCE *nsseq;
-		nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
-		nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
-	}
-	return 1;
-}
-
-/* Netscape certificate sequence structure */
-
-ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
-	ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
-	ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
-} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
diff --git a/crypto/openssl/crypto/asn1/p5_pbe.c b/crypto/openssl/crypto/asn1/p5_pbe.c
deleted file mode 100644
index 891150638e99..000000000000
--- a/crypto/openssl/crypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* p5_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 password based encryption structure */
-
-ASN1_SEQUENCE(PBEPARAM) = {
-	ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PBEPARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
-
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
-	     int saltlen)
-{
-	PBEPARAM *pbe;
-	ASN1_OBJECT *al;
-	X509_ALGOR *algor;
-	ASN1_TYPE *astype;
-
-	if (!(pbe = PBEPARAM_new ())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
-	ASN1_INTEGER_set (pbe->iter, iter);
-	if (!saltlen) saltlen = PKCS5_SALT_LEN;
-	if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	pbe->salt->length = saltlen;
-	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
-		return NULL;
-
-	if (!(astype = ASN1_TYPE_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	astype->type = V_ASN1_SEQUENCE;
-	if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	PBEPARAM_free (pbe);
-	
-	al = OBJ_nid2obj(alg); /* never need to free al */
-	if (!(algor = X509_ALGOR_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ASN1_OBJECT_free(algor->algorithm);
-	algor->algorithm = al;
-	algor->parameter = astype;
-
-	return (algor);
-}
diff --git a/crypto/openssl/crypto/asn1/p5_pbev2.c b/crypto/openssl/crypto/asn1/p5_pbev2.c
deleted file mode 100644
index 91e1c8987d35..000000000000
--- a/crypto/openssl/crypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* p5_pbev2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 v2.0 password based encryption structures */
-
-ASN1_SEQUENCE(PBE2PARAM) = {
-	ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
-	ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBE2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
-
-ASN1_SEQUENCE(PBKDF2PARAM) = {
-	ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
-	ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
-	ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
-	ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBKDF2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
- * yes I know this is horrible!
- */
-
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-				 unsigned char *salt, int saltlen)
-{
-	X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
-	int alg_nid;
-	EVP_CIPHER_CTX ctx;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-	PBKDF2PARAM *kdf = NULL;
-	PBE2PARAM *pbe2 = NULL;
-	ASN1_OCTET_STRING *osalt = NULL;
-	ASN1_OBJECT *obj;
-
-	alg_nid = EVP_CIPHER_type(cipher);
-	if(alg_nid == NID_undef) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET,
-				ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-		goto err;
-	}
-	obj = OBJ_nid2obj(alg_nid);
-
-	if(!(pbe2 = PBE2PARAM_new())) goto merr;
-
-	/* Setup the AlgorithmIdentifier for the encryption scheme */
-	scheme = pbe2->encryption;
-
-	scheme->algorithm = obj;
-	if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
-
-	/* Create random IV */
-	if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
-		goto err;
-
-	EVP_CIPHER_CTX_init(&ctx);
-
-	/* Dummy cipherinit to just setup the IV */
-	EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
-	if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET,
-					ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
-		goto err;
-	}
-	EVP_CIPHER_CTX_cleanup(&ctx);
-
-	if(!(kdf = PBKDF2PARAM_new())) goto merr;
-	if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
-
-	if (!saltlen) saltlen = PKCS5_SALT_LEN;
-	if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
-	osalt->length = saltlen;
-	if (salt) memcpy (osalt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
-
-	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
-	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
-
-	/* Now include salt in kdf structure */
-	kdf->salt->value.octet_string = osalt;
-	kdf->salt->type = V_ASN1_OCTET_STRING;
-	osalt = NULL;
-
-	/* If its RC2 then we'd better setup the key length */
-
-	if(alg_nid == NID_rc2_cbc) {
-		if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
-		if(!ASN1_INTEGER_set (kdf->keylength,
-				 EVP_CIPHER_key_length(cipher))) goto merr;
-	}
-
-	/* prf can stay NULL because we are using hmacWithSHA1 */
-
-	/* Now setup the PBE2PARAM keyfunc structure */
-
-	pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
-	/* Encode PBKDF2PARAM into parameter of pbe2 */
-
-	if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
-
-	if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM,
-			 &pbe2->keyfunc->parameter->value.sequence)) goto merr;
-	pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
-	PBKDF2PARAM_free(kdf);
-	kdf = NULL;
-
-	/* Now set up top level AlgorithmIdentifier */
-
-	if(!(ret = X509_ALGOR_new())) goto merr;
-	if(!(ret->parameter = ASN1_TYPE_new())) goto merr;
-
-	ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
-	/* Encode PBE2PARAM into parameter */
-
-	if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM,
-				 &ret->parameter->value.sequence)) goto merr;
-	ret->parameter->type = V_ASN1_SEQUENCE;
-
-	PBE2PARAM_free(pbe2);
-	pbe2 = NULL;
-
-	return ret;
-
-	merr:
-	ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE);
-
-	err:
-	PBE2PARAM_free(pbe2);
-	/* Note 'scheme' is freed as part of pbe2 */
-	M_ASN1_OCTET_STRING_free(osalt);
-	PBKDF2PARAM_free(kdf);
-	X509_ALGOR_free(kalg);
-	X509_ALGOR_free(ret);
-
-	return NULL;
-
-}
diff --git a/crypto/openssl/crypto/asn1/p7_dgst.c b/crypto/openssl/crypto/asn1/p7_dgst.c
deleted file mode 100644
index c170244616b0..000000000000
--- a/crypto/openssl/crypto/asn1/p7_dgst.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/p7_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(a->md,i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->contents,i2d_PKCS7);
-	M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(a->md,i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->contents,i2d_PKCS7);
-	M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
-	M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
-
-	M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST);
-	}
-
-PKCS7_DIGEST *PKCS7_DIGEST_new(void)
-	{
-	PKCS7_DIGEST *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->md,X509_ALGOR_new);
-	M_ASN1_New(ret->contents,PKCS7_new);
-	M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW);
-	}
-
-void PKCS7_DIGEST_free(PKCS7_DIGEST *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	X509_ALGOR_free(a->md);
-	PKCS7_free(a->contents);
-	M_ASN1_OCTET_STRING_free(a->digest);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_enc.c b/crypto/openssl/crypto/asn1/p7_enc.c
deleted file mode 100644
index 38ccafbdb0dd..000000000000
--- a/crypto/openssl/crypto/asn1/p7_enc.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
-	M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT);
-	}
-
-PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void)
-	{
-	PKCS7_ENCRYPT *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW);
-	}
-
-void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	PKCS7_ENC_CONTENT_free(a->enc_data);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_enc_c.c b/crypto/openssl/crypto/asn1/p7_enc_c.c
deleted file mode 100644
index 031178ab52c0..000000000000
--- a/crypto/openssl/crypto/asn1/p7_enc_c.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/asn1/p7_enc_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT);
-	M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR);
-	M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT);
-	M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR);
-	M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
-	     unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT);
-	M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR);
-	M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0,
-		V_ASN1_OCTET_STRING);
-
-	M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free,
-		ASN1_F_D2I_PKCS7_ENC_CONTENT);
-	}
-
-PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void)
-	{
-	PKCS7_ENC_CONTENT *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
-	/* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */
-	/* We will almost always want this: so make it the default */
-	ret->content_type=OBJ_nid2obj(NID_pkcs7_data);
-	M_ASN1_New(ret->algorithm,X509_ALGOR_new);
-	ret->enc_data=NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW);
-	}
-
-void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a)
-	{
-	if (a == NULL) return;
-	ASN1_OBJECT_free(a->content_type);
-	X509_ALGOR_free(a->algorithm);
-	M_ASN1_OCTET_STRING_free(a->enc_data);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_evp.c b/crypto/openssl/crypto/asn1/p7_evp.c
deleted file mode 100644
index 60be3e5f6603..000000000000
--- a/crypto/openssl/crypto/asn1/p7_evp.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/asn1/p7_evp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-				i2d_PKCS7_RECIP_INFO);
-	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-				i2d_PKCS7_RECIP_INFO);
-	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
-				d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
-	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
-	M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE);
-	}
-
-PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void)
-	{
-	PKCS7_ENVELOPE *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
-	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW);
-	}
-
-void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
-	PKCS7_ENC_CONTENT_free(a->enc_data);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_i_s.c b/crypto/openssl/crypto/asn1/p7_i_s.c
deleted file mode 100644
index 4a7260a5c84f..000000000000
--- a/crypto/openssl/crypto/asn1/p7_i_s.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_i_s.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a,
-	     unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
-	M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
-	M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
-	M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free,
-		ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL);
-	}
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void)
-	{
-	PKCS7_ISSUER_AND_SERIAL *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_New(ret->issuer,X509_NAME_new);
-	M_ASN1_New(ret->serial,M_ASN1_INTEGER_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW);
-	}
-
-void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a)
-	{
-	if (a == NULL) return;
-	X509_NAME_free(a->issuer);
-	M_ASN1_INTEGER_free(a->serial);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_lib.c b/crypto/openssl/crypto/asn1/p7_lib.c
deleted file mode 100644
index 8a340b01190e..000000000000
--- a/crypto/openssl/crypto/asn1/p7_lib.c
+++ /dev/null
@@ -1,393 +0,0 @@
-/* crypto/asn1/p7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs7.h>
-#include <openssl/objects.h>
-
-#ifdef PKCS7_INDEFINITE_ENCODING
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	if (a->asn1 != NULL)
-		{
-		if (pp == NULL)
-			return((int)a->length);
-		memcpy(*pp,a->asn1,(int)a->length);
-		*pp+=a->length;
-		return((int)a->length);
-		}
-
-	ret+=4; /* sequence, BER header plus '0 0' end padding */
-	M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
-	if (a->d.ptr != NULL)
-		{
-		ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */
-		switch (OBJ_obj2nid(a->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
-			break;
-		case NID_pkcs7_signed:
-			M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
-			break;
-		case NID_pkcs7_enveloped:
-			M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			M_ASN1_I2D_len(a->d.signed_and_enveloped,
-				i2d_PKCS7_SIGN_ENVELOPE);
-			break;
-		case NID_pkcs7_digest:
-			M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
-			break;
-		case NID_pkcs7_encrypted:
-			M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-			break;
-		default:
-			M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
-			break;
-			}
-		}
-	r=ret;
-	if (pp == NULL) return(r);
-	p= *pp;
-	M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-	M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
-	if (a->d.ptr != NULL)
-		{
-		M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC);
-		switch (OBJ_obj2nid(a->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
-			break;
-		case NID_pkcs7_signed:
-			M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
-			break;
-		case NID_pkcs7_enveloped:
-			M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			M_ASN1_I2D_put(a->d.signed_and_enveloped,
-				i2d_PKCS7_SIGN_ENVELOPE);
-			break;
-		case NID_pkcs7_digest:
-			M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
-			break;
-		case NID_pkcs7_encrypted:
-			M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-			break;
-		default:
-			M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
-			break;
-			}
-		M_ASN1_I2D_INF_seq_end();
-		}
-	M_ASN1_I2D_INF_seq_end();
-	M_ASN1_I2D_finish();
-	}
-
-#else
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
-	{
-	int explen = 0;
-	M_ASN1_I2D_vars(a);
-
-	if (a->asn1 != NULL)
-		{
-		if (pp == NULL)
-			return((int)a->length);
-		memcpy(*pp,a->asn1,(int)a->length);
-		*pp+=a->length;
-		return((int)a->length);
-		}
-
-	M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
-	if (a->d.ptr != NULL)
-		{
-		/* Save current length */
-		r = ret;
-		switch (OBJ_obj2nid(a->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
-			break;
-		case NID_pkcs7_signed:
-			M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
-			break;
-		case NID_pkcs7_enveloped:
-			M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			M_ASN1_I2D_len(a->d.signed_and_enveloped,
-				i2d_PKCS7_SIGN_ENVELOPE);
-			break;
-		case NID_pkcs7_digest:
-			M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
-			break;
-		case NID_pkcs7_encrypted:
-			M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-			break;
-		default:
-			M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
-			break;
-			}
-		/* Work out explicit tag content size */
-		explen = ret - r;
-		/* Work out explicit tag size: Note: ASN1_object_size
-		 * includes the content length.
-		 */
-		ret =  r + ASN1_object_size(1, explen, 0);
-		}
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
-	if (a->d.ptr != NULL)
-		{
-		ASN1_put_object(&p, 1, explen, 0, V_ASN1_CONTEXT_SPECIFIC);
-		switch (OBJ_obj2nid(a->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
-			break;
-		case NID_pkcs7_signed:
-			M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
-			break;
-		case NID_pkcs7_enveloped:
-			M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			M_ASN1_I2D_put(a->d.signed_and_enveloped,
-				i2d_PKCS7_SIGN_ENVELOPE);
-			break;
-		case NID_pkcs7_digest:
-			M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
-			break;
-		case NID_pkcs7_encrypted:
-			M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-			break;
-		default:
-			M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
-			break;
-			}
-		}
-	M_ASN1_I2D_finish();
-	}
-
-#endif
-
-PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new);
-
-	if ((a != NULL) && ((*a) != NULL))
-		{
-		if ((*a)->asn1 != NULL)
-			{
-			OPENSSL_free((*a)->asn1);
-			(*a)->asn1=NULL;
-			}
-		(*a)->length=0;
-		}
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT);
-	if (!M_ASN1_D2I_end_sequence())
-		{
-		int Tinf,Ttag,Tclass;
-		long Tlen;
-
-		if (M_ASN1_next != (V_ASN1_CONSTRUCTED|
-			V_ASN1_CONTEXT_SPECIFIC|0))
-			{
-			c.error=ASN1_R_BAD_PKCS7_CONTENT;
-			c.line=__LINE__;
-			goto err;
-			}
-
-		ret->detached=0;
-
-		c.q=c.p;
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,
-			(c.inf & 1)?(length+ *pp-c.q):c.slen);
-		if (Tinf & 0x80) { c.line=__LINE__; goto err; }
-		c.slen-=(c.p-c.q);
-
-		switch (OBJ_obj2nid(ret->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING);
-			break;
-		case NID_pkcs7_signed:
-			M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED);
-			if (ret->d.sign->contents->d.ptr == NULL)
-				ret->detached=1;
-			break;
-		case NID_pkcs7_enveloped:
-			M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			M_ASN1_D2I_get(ret->d.signed_and_enveloped,
-				d2i_PKCS7_SIGN_ENVELOPE);
-			break;
-		case NID_pkcs7_digest:
-			M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST);
-			break;
-		case NID_pkcs7_encrypted:
-			M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT);
-			break;
-		default:
-			M_ASN1_D2I_get(ret->d.other,d2i_ASN1_TYPE);
-			break;
-			}
-		if (Tinf == (1|V_ASN1_CONSTRUCTED))
-			{
-			c.q=c.p;
-			if (!ASN1_check_infinite_end(&c.p,c.slen))
-				{
-				c.error=ERR_R_MISSING_ASN1_EOS;
-				c.line=__LINE__;
-				goto err;
-				}
-			c.slen-=(c.p-c.q);
-			}
-		}
-	else
-		ret->detached=1;
-		
-	M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7);
-	}
-
-PKCS7 *PKCS7_new(void)
-	{
-	PKCS7 *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7);
-	ret->type=OBJ_nid2obj(NID_undef);
-	ret->asn1=NULL;
-	ret->length=0;
-	ret->detached=0;
-	ret->d.ptr=NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_NEW);
-	}
-
-void PKCS7_free(PKCS7 *a)
-	{
-	if (a == NULL) return;
-
-	PKCS7_content_free(a);
-	if (a->type != NULL)
-		{
-		ASN1_OBJECT_free(a->type);
-		}
-	OPENSSL_free(a);
-	}
-
-void PKCS7_content_free(PKCS7 *a)
-	{
-	if(a == NULL)
-	    return;
-
-	if (a->asn1 != NULL) OPENSSL_free(a->asn1);
-
-	if (a->d.ptr != NULL)
-		{
-		if (a->type == NULL) return;
-
-		switch (OBJ_obj2nid(a->type))
-			{
-		case NID_pkcs7_data:
-			M_ASN1_OCTET_STRING_free(a->d.data);
-			break;
-		case NID_pkcs7_signed:
-			PKCS7_SIGNED_free(a->d.sign);
-			break;
-		case NID_pkcs7_enveloped:
-			PKCS7_ENVELOPE_free(a->d.enveloped);
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped);
-			break;
-		case NID_pkcs7_digest:
-			PKCS7_DIGEST_free(a->d.digest);
-			break;
-		case NID_pkcs7_encrypted:
-			PKCS7_ENCRYPT_free(a->d.encrypted);
-			break;
-		default:
-			ASN1_TYPE_free(a->d.other);
-			break;
-			}
-		}
-	a->d.ptr=NULL;
-	}
-
-IMPLEMENT_STACK_OF(PKCS7)
-IMPLEMENT_ASN1_SET_OF(PKCS7)
diff --git a/crypto/openssl/crypto/asn1/p7_recip.c b/crypto/openssl/crypto/asn1/p7_recip.c
deleted file mode 100644
index 5f6c88a2fa47..000000000000
--- a/crypto/openssl/crypto/asn1/p7_recip.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/asn1/p7_recip.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
-	     unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING);
-
-	M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO);
-	}
-
-PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void)
-	{
-	PKCS7_RECIP_INFO *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
-	M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
-	M_ASN1_New(ret->enc_key,M_ASN1_OCTET_STRING_new);
-	ret->cert=NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
-	}
-
-void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
-	X509_ALGOR_free(a->key_enc_algor);
-	M_ASN1_OCTET_STRING_free(a->enc_key);
-	if (a->cert != NULL) X509_free(a->cert);
-	OPENSSL_free(a);
-	}
-
-IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_RECIP_INFO)
diff --git a/crypto/openssl/crypto/asn1/p7_s_e.c b/crypto/openssl/crypto/asn1/p7_s_e.c
deleted file mode 100644
index 709eb24b27cc..000000000000
--- a/crypto/openssl/crypto/asn1/p7_s_e.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/asn1/p7_s_e.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-				i2d_PKCS7_RECIP_INFO);
-	M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-	M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-	M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-	M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-				i2d_PKCS7_SIGNER_INFO);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-				i2d_PKCS7_RECIP_INFO);
-	M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-	M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-	M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-	M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-				i2d_PKCS7_SIGNER_INFO);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
-	     unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
-				d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
-	M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
-				X509_ALGOR_free);
-	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
-					X509_CRL_free,1);
-	M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
-				d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
-	M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free,
-		ASN1_F_D2I_PKCS7_SIGN_ENVELOPE);
-	}
-
-PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void)
-	{
-	PKCS7_SIGN_ENVELOPE *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
-	M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
-	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-	ret->cert=NULL;
-	ret->crl=NULL;
-	M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW);
-	}
-
-void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
-	sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
-	PKCS7_ENC_CONTENT_free(a->enc_data);
-	sk_X509_pop_free(a->cert,X509_free);
-	sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
-	sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p7_signd.c b/crypto/openssl/crypto/asn1/p7_signd.c
deleted file mode 100644
index c835f5475f97..000000000000
--- a/crypto/openssl/crypto/asn1/p7_signd.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/asn1/p7_signd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->contents,i2d_PKCS7);
-	M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-	M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-	M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-				i2d_PKCS7_SIGNER_INFO);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->contents,i2d_PKCS7);
-	M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-	M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-	M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-				i2d_PKCS7_SIGNER_INFO);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
-				X509_ALGOR_free);
-	M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
-					X509_CRL_free,1);
-	M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
-				d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
-	M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED);
-	}
-
-PKCS7_SIGNED *PKCS7_SIGNED_new(void)
-	{
-	PKCS7_SIGNED *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_SIGNED);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
-	M_ASN1_New(ret->contents,PKCS7_new);
-	ret->cert=NULL;
-	ret->crl=NULL;
-	M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW);
-	}
-
-void PKCS7_SIGNED_free(PKCS7_SIGNED *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
-	PKCS7_free(a->contents);
-	sk_X509_pop_free(a->cert,X509_free);
-	sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
-	sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
-	OPENSSL_free(a);
-	}
diff --git a/crypto/openssl/crypto/asn1/p7_signi.c b/crypto/openssl/crypto/asn1/p7_signi.c
deleted file mode 100644
index 248bf0094546..000000000000
--- a/crypto/openssl/crypto/asn1/p7_signi.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/asn1/p7_signi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
-	M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
-					i2d_X509_ATTRIBUTE,0);
-	M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
-					i2d_X509_ATTRIBUTE,1);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
-	M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
-					i2d_X509_ATTRIBUTE,0);
-	M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
-					i2d_X509_ATTRIBUTE,1);
-
-	M_ASN1_I2D_finish();
-	}
-
-PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
-	     unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
-	M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->auth_attr,
-					d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free,
-					0);
-	M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING);
-	M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->unauth_attr,
-					d2i_X509_ATTRIBUTE,
-					X509_ATTRIBUTE_free,1);
-
-	M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free,
-		ASN1_F_D2I_PKCS7_SIGNER_INFO);
-	}
-
-PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void)
-	{
-	PKCS7_SIGNER_INFO *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO);
-	M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
-	M_ASN1_New(ret->digest_alg,X509_ALGOR_new);
-	ret->auth_attr=NULL;
-	M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new);
-	M_ASN1_New(ret->enc_digest,M_ASN1_OCTET_STRING_new);
-	ret->unauth_attr=NULL;
-	ret->pkey=NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW);
-	}
-
-void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
-	X509_ALGOR_free(a->digest_alg);
-	sk_X509_ATTRIBUTE_pop_free(a->auth_attr,X509_ATTRIBUTE_free);
-	X509_ALGOR_free(a->digest_enc_alg);
-	M_ASN1_OCTET_STRING_free(a->enc_digest);
-	sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free);
-	if (a->pkey != NULL)
-		EVP_PKEY_free(a->pkey);
-	OPENSSL_free(a);
-	}
-
-IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_SIGNER_INFO)
diff --git a/crypto/openssl/crypto/asn1/p8_key.c b/crypto/openssl/crypto/asn1/p8_key.c
deleted file mode 100644
index 3a31248e14be..000000000000
--- a/crypto/openssl/crypto/asn1/p8_key.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/asn1/p8_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
-
-int i2d_X509_KEY(X509 *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_finish();
-	}
-
-X509 *d2i_X509_KEY(X509 **a, unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,X509 *,X509_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
-	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-	M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
-	}
-
-X509 *X509_KEY_new(void)
-	{
-	X509_KEY *ret=NULL;
-
-	M_ASN1_New_OPENSSL_malloc(ret,X509_KEY);
-	ret->references=1;
-	ret->type=NID
-	M_ASN1_New(ret->cert_info,X509_CINF_new);
-	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_X509_NEW);
-	}
-
-void X509_KEY_free(X509 *a)
-	{
-	int i;
-
-	if (a == NULL) return;
-
-	i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
-#ifdef REF_PRINT
-	REF_PRINT("X509_KEY",a);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"X509_KEY_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	X509_CINF_free(a->cert_info);
-	X509_ALGOR_free(a->sig_alg);
-	ASN1_BIT_STRING_free(a->signature);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/p8_pkey.c b/crypto/openssl/crypto/asn1/p8_pkey.c
deleted file mode 100644
index 24b409132f53..000000000000
--- a/crypto/openssl/crypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* p8_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* Minor tweak to operation: zero private key data */
-static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
-	if(operation == ASN1_OP_FREE_PRE) {
-		PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-		if (key->pkey->value.octet_string)
-		OPENSSL_cleanse(key->pkey->value.octet_string->data,
-			key->pkey->value.octet_string->length);
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
-	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
-	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
-	ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
-} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
diff --git a/crypto/openssl/crypto/asn1/pkcs8.c b/crypto/openssl/crypto/asn1/pkcs8.c
deleted file mode 100644
index 29c4ea6a296c..000000000000
--- a/crypto/openssl/crypto/asn1/pkcs8.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/asn1/pkcs8.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
-
-int i2d_X509_KEY(X509 *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_finish();
-	}
-
-X509 *d2i_X509_KEY(X509 **a, unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,X509 *,X509_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
-	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-	M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
-	}
-
-X509 *X509_KEY_new(void)
-	{
-	X509_KEY *ret=NULL;
-
-	M_ASN1_New_Malloc(ret,X509_KEY);
-	ret->references=1;
-	ret->type=NID
-	M_ASN1_New(ret->cert_info,X509_CINF_new);
-	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_X509_NEW);
-	}
-
-void X509_KEY_free(X509 *a)
-	{
-	int i;
-
-	if (a == NULL) return;
-
-	i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
-#ifdef REF_PRINT
-	REF_PRINT("X509_KEY",a);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"X509_KEY_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	X509_CINF_free(a->cert_info);
-	X509_ALGOR_free(a->sig_alg);
-	ASN1_BIT_STRING_free(a->signature);
-	Free((char *)a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/t_bitst.c b/crypto/openssl/crypto/asn1/t_bitst.c
deleted file mode 100644
index 8ee789f0825f..000000000000
--- a/crypto/openssl/crypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* t_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-				BIT_STRING_BITNAME *tbl, int indent)
-{
-	BIT_STRING_BITNAME *bnam;
-	char first = 1;
-	BIO_printf(out, "%*s", indent, "");
-	for(bnam = tbl; bnam->lname; bnam++) {
-		if(ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
-			if(!first) BIO_puts(out, ", ");
-			BIO_puts(out, bnam->lname);
-			first = 0;
-		}
-	}
-	BIO_puts(out, "\n");
-	return 1;
-}
-
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-				BIT_STRING_BITNAME *tbl)
-{
-	int bitnum;
-	bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
-	if(bitnum < 0) return 0;
-	if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value);
-	return 1;
-}
-
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
-{
-	BIT_STRING_BITNAME *bnam;
-	for(bnam = tbl; bnam->lname; bnam++) {
-		if(!strcmp(bnam->sname, name) ||
-			!strcmp(bnam->lname, name) ) return bnam->bitnum;
-	}
-	return -1;
-}
diff --git a/crypto/openssl/crypto/asn1/t_crl.c b/crypto/openssl/crypto/asn1/t_crl.c
deleted file mode 100644
index 757c148df81d..000000000000
--- a/crypto/openssl/crypto/asn1/t_crl.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/* t_crl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_FP_API
-int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_CRL_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int X509_CRL_print(BIO *out, X509_CRL *x)
-{
-	STACK_OF(X509_REVOKED) *rev;
-	X509_REVOKED *r;
-	long l;
-	int i, n;
-	char *p;
-
-	BIO_printf(out, "Certificate Revocation List (CRL):\n");
-	l = X509_CRL_get_version(x);
-	BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l);
-	i = OBJ_obj2nid(x->sig_alg->algorithm);
-	BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
-				 (i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
-	p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0);
-	BIO_printf(out,"%8sIssuer: %s\n","",p);
-	OPENSSL_free(p);
-	BIO_printf(out,"%8sLast Update: ","");
-	ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x));
-	BIO_printf(out,"\n%8sNext Update: ","");
-	if (X509_CRL_get_nextUpdate(x))
-		 ASN1_TIME_print(out,X509_CRL_get_nextUpdate(x));
-	else BIO_printf(out,"NONE");
-	BIO_printf(out,"\n");
-
-	n=X509_CRL_get_ext_count(x);
-	X509V3_extensions_print(out, "CRL extensions",
-						x->crl->extensions, 0, 8);
-
-	rev = X509_CRL_get_REVOKED(x);
-
-	if(sk_X509_REVOKED_num(rev) > 0)
-	    BIO_printf(out, "Revoked Certificates:\n");
-	else BIO_printf(out, "No Revoked Certificates.\n");
-
-	for(i = 0; i < sk_X509_REVOKED_num(rev); i++) {
-		r = sk_X509_REVOKED_value(rev, i);
-		BIO_printf(out,"    Serial Number: ");
-		i2a_ASN1_INTEGER(out,r->serialNumber);
-		BIO_printf(out,"\n        Revocation Date: ","");
-		ASN1_TIME_print(out,r->revocationDate);
-		BIO_printf(out,"\n");
-		X509V3_extensions_print(out, "CRL entry extensions",
-						r->extensions, 0, 8);
-	}
-	X509_signature_print(out, x->sig_alg, x->signature);
-
-	return 1;
-
-}
diff --git a/crypto/openssl/crypto/asn1/t_pkey.c b/crypto/openssl/crypto/asn1/t_pkey.c
deleted file mode 100644
index 4e09c9e44e23..000000000000
--- a/crypto/openssl/crypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/asn1/t_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-static int print(BIO *fp,const char *str,BIGNUM *num,
-		unsigned char *buf,int off);
-#ifndef OPENSSL_NO_RSA
-#ifndef OPENSSL_NO_FP_API
-int RSA_print_fp(FILE *fp, const RSA *x, int off)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=RSA_print(b,x,off);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int RSA_print(BIO *bp, const RSA *x, int off)
-	{
-	char str[128];
-	const char *s;
-	unsigned char *m=NULL;
-	int ret=0;
-	size_t buf_len=0, i;
-
-	if (x->n)
-		buf_len = (size_t)BN_num_bytes(x->n);
-	if (x->e)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
-			buf_len = i;
-	if (x->d)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
-			buf_len = i;
-	if (x->p)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
-			buf_len = i;
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->dmp1)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
-			buf_len = i;
-	if (x->dmq1)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
-			buf_len = i;
-	if (x->iqmp)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
-			buf_len = i;
-
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (x->d != NULL)
-		{
-		if(!BIO_indent(bp,off,128))
-		   goto err;
-		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
-			<= 0) goto err;
-		}
-
-	if (x->d == NULL)
-		sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
-	else
-		strcpy(str,"modulus:");
-	if (!print(bp,str,x->n,m,off)) goto err;
-	s=(x->d == NULL)?"Exponent:":"publicExponent:";
-	if (!print(bp,s,x->e,m,off)) goto err;
-	if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
-	if (!print(bp,"prime1:",x->p,m,off)) goto err;
-	if (!print(bp,"prime2:",x->q,m,off)) goto err;
-	if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
-	if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
-	if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif /* OPENSSL_NO_RSA */
-
-#ifndef OPENSSL_NO_DSA
-#ifndef OPENSSL_NO_FP_API
-int DSA_print_fp(FILE *fp, const DSA *x, int off)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=DSA_print(b,x,off);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int DSA_print(BIO *bp, const DSA *x, int off)
-	{
-	unsigned char *m=NULL;
-	int ret=0;
-	size_t buf_len=0,i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	if (x->priv_key)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
-			buf_len = i;
-	if (x->pub_key)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
-			buf_len = i;
-
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (x->priv_key != NULL)
-		{
-		if(!BIO_indent(bp,off,128))
-		   goto err;
-		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
-			<= 0) goto err;
-		}
-
-	if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
-		goto err;
-	if ((x->pub_key  != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
-		goto err;
-	if ((x->p != NULL) && !print(bp,"P:   ",x->p,m,off)) goto err;
-	if ((x->q != NULL) && !print(bp,"Q:   ",x->q,m,off)) goto err;
-	if ((x->g != NULL) && !print(bp,"G:   ",x->g,m,off)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif /* !OPENSSL_NO_DSA */
-
-static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
-	     int off)
-	{
-	int n,i;
-	const char *neg;
-
-	if (num == NULL) return(1);
-	neg=(num->neg)?"-":"";
-	if(!BIO_indent(bp,off,128))
-		return 0;
-
-	if (BN_num_bytes(num) <= BN_BYTES)
-		{
-		if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
-			(unsigned long)num->d[0],neg,(unsigned long)num->d[0])
-			<= 0) return(0);
-		}
-	else
-		{
-		buf[0]=0;
-		if (BIO_printf(bp,"%s%s",number,
-			(neg[0] == '-')?" (Negative)":"") <= 0)
-			return(0);
-		n=BN_bn2bin(num,&buf[1]);
-	
-		if (buf[1] & 0x80)
-			n++;
-		else	buf++;
-
-		for (i=0; i<n; i++)
-			{
-			if ((i%15) == 0)
-				{
-				if(BIO_puts(bp,"\n") <= 0
-				   || !BIO_indent(bp,off+4,128))
-				    return 0;
-				}
-			if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
-				<= 0) return(0);
-			}
-		if (BIO_write(bp,"\n",1) <= 0) return(0);
-		}
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_DH
-#ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=DHparams_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int DHparams_print(BIO *bp, const DH *x)
-	{
-	unsigned char *m=NULL;
-	int reason=ERR_R_BUF_LIB,ret=0;
-	size_t buf_len=0, i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
-		BN_num_bits(x->p)) <= 0)
-		goto err;
-	if (!print(bp,"prime:",x->p,m,4)) goto err;
-	if (!print(bp,"generator:",x->g,m,4)) goto err;
-	if (x->length != 0)
-		{
-		if (BIO_printf(bp,"    recommended-private-length: %d bits\n",
-			(int)x->length) <= 0) goto err;
-		}
-	ret=1;
-	if (0)
-		{
-err:
-		DHerr(DH_F_DHPARAMS_PRINT,reason);
-		}
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#ifndef OPENSSL_NO_FP_API
-int DSAparams_print_fp(FILE *fp, const DSA *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=DSAparams_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int DSAparams_print(BIO *bp, const DSA *x)
-	{
-	unsigned char *m=NULL;
-	int reason=ERR_R_BUF_LIB,ret=0;
-	size_t buf_len=0,i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
-		BN_num_bits(x->p)) <= 0)
-		goto err;
-	if (!print(bp,"p:",x->p,m,4)) goto err;
-	if (!print(bp,"q:",x->q,m,4)) goto err;
-	if (!print(bp,"g:",x->g,m,4)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
-	return(ret);
-	}
-
-#endif /* !OPENSSL_NO_DSA */
-
diff --git a/crypto/openssl/crypto/asn1/t_req.c b/crypto/openssl/crypto/asn1/t_req.c
deleted file mode 100644
index 740cee80c0fd..000000000000
--- a/crypto/openssl/crypto/asn1/t_req.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/* crypto/asn1/t_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_FP_API
-int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_REQ_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long cflag)
-	{
-	unsigned long l;
-	int i;
-	const char *neg;
-	X509_REQ_INFO *ri;
-	EVP_PKEY *pkey;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	STACK_OF(X509_EXTENSION) *exts;
-	char mlch = ' ';
-	int nmindent = 0;
-
-	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-		mlch = '\n';
-		nmindent = 12;
-	}
-
-	if(nmflags == X509_FLAG_COMPAT)
-		nmindent = 16;
-
-
-	ri=x->req_info;
-	if(!(cflag & X509_FLAG_NO_HEADER))
-		{
-		if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err;
-		if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_VERSION))
-		{
-		neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
-		l=0;
-		for (i=0; i<ri->version->length; i++)
-			{ l<<=8; l+=ri->version->data[i]; }
-		if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,
-			      l) <= 0)
-		    goto err;
-		}
-        if(!(cflag & X509_FLAG_NO_SUBJECT))
-                {
-                if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
-                if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err;
-                if (BIO_write(bp,"\n",1) <= 0) goto err;
-                }
-	if(!(cflag & X509_FLAG_NO_PUBKEY))
-		{
-		if (BIO_write(bp,"        Subject Public Key Info:\n",33) <= 0)
-			goto err;
-		if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, "\n") <= 0)
-			goto err;
-
-		pkey=X509_REQ_get_pubkey(x);
-		if (pkey == NULL)
-			{
-			BIO_printf(bp,"%12sUnable to load Public Key\n","");
-			ERR_print_errors(bp);
-			}
-		else
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-			BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(bp,pkey->pkey.rsa,16);
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			{
-			BIO_printf(bp,"%12sDSA Public Key:\n","");
-			DSA_print(bp,pkey->pkey.dsa,16);
-			}
-		else
-#endif
-			BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
-		EVP_PKEY_free(pkey);
-		}
-
-	if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
-		{
-		/* may not be */
-		if(BIO_printf(bp,"%8sAttributes:\n","") <= 0)
-		    goto err;
-
-		sk=x->req_info->attributes;
-		if (sk_X509_ATTRIBUTE_num(sk) == 0)
-			{
-			if(BIO_printf(bp,"%12sa0:00\n","") <= 0)
-			    goto err;
-			}
-		else
-			{
-			for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
-				{
-				ASN1_TYPE *at;
-				X509_ATTRIBUTE *a;
-				ASN1_BIT_STRING *bs=NULL;
-				ASN1_TYPE *t;
-				int j,type=0,count=1,ii=0;
-
-				a=sk_X509_ATTRIBUTE_value(sk,i);
-				if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
-									continue;
-				if(BIO_printf(bp,"%12s","") <= 0)
-				    goto err;
-				if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
-				{
-				if (a->single)
-					{
-					t=a->value.single;
-					type=t->type;
-					bs=t->value.bit_string;
-					}
-				else
-					{
-					ii=0;
-					count=sk_ASN1_TYPE_num(a->value.set);
-get_next:
-					at=sk_ASN1_TYPE_value(a->value.set,ii);
-					type=at->type;
-					bs=at->value.asn1_string;
-					}
-				}
-				for (j=25-j; j>0; j--)
-					if (BIO_write(bp," ",1) != 1) goto err;
-				if (BIO_puts(bp,":") <= 0) goto err;
-				if (	(type == V_ASN1_PRINTABLESTRING) ||
-					(type == V_ASN1_T61STRING) ||
-					(type == V_ASN1_IA5STRING))
-					{
-					if (BIO_write(bp,(char *)bs->data,bs->length)
-						!= bs->length)
-						goto err;
-					BIO_puts(bp,"\n");
-					}
-				else
-					{
-					BIO_puts(bp,"unable to print attribute\n");
-					}
-				if (++ii < count) goto get_next;
-				}
-			}
-		}
-	if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
-		{
-		exts = X509_REQ_get_extensions(x);
-		if(exts)
-			{
-			BIO_printf(bp,"%8sRequested Extensions:\n","");
-			for (i=0; i<sk_X509_EXTENSION_num(exts); i++)
-				{
-				ASN1_OBJECT *obj;
-				X509_EXTENSION *ex;
-				int j;
-				ex=sk_X509_EXTENSION_value(exts, i);
-				if (BIO_printf(bp,"%12s","") <= 0) goto err;
-				obj=X509_EXTENSION_get_object(ex);
-				i2a_ASN1_OBJECT(bp,obj);
-				j=X509_EXTENSION_get_critical(ex);
-				if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
-					goto err;
-				if(!X509V3_EXT_print(bp, ex, 0, 16))
-					{
-					BIO_printf(bp, "%16s", "");
-					M_ASN1_OCTET_STRING_print(bp,ex->value);
-					}
-				if (BIO_write(bp,"\n",1) <= 0) goto err;
-				}
-			sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-			}
-		}
-
-	if(!(cflag & X509_FLAG_NO_SIGDUMP))
-		{
-		if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err;
-		}
-
-	return(1);
-err:
-	X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
-	return(0);
-	}
-
-int X509_REQ_print(BIO *bp, X509_REQ *x)
-	{
-	return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-	}
diff --git a/crypto/openssl/crypto/asn1/t_spki.c b/crypto/openssl/crypto/asn1/t_spki.c
deleted file mode 100644
index 5abfbc815ea9..000000000000
--- a/crypto/openssl/crypto/asn1/t_spki.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* t_spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-
-/* Print out an SPKI */
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
-{
-	EVP_PKEY *pkey;
-	ASN1_IA5STRING *chal;
-	int i, n;
-	char *s;
-	BIO_printf(out, "Netscape SPKI:\n");
-	i=OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
-	BIO_printf(out,"  Public Key Algorithm: %s\n",
-				(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
-	pkey = X509_PUBKEY_get(spki->spkac->pubkey);
-	if(!pkey) BIO_printf(out, "  Unable to load public key\n");
-	else {
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			BIO_printf(out,"  RSA Public Key: (%d bit)\n",
-				BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(out,pkey->pkey.rsa,2);
-			}
-		else 
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		{
-		BIO_printf(out,"  DSA Public Key:\n");
-		DSA_print(out,pkey->pkey.dsa,2);
-		}
-		else
-#endif
-			BIO_printf(out,"  Unknown Public Key:\n");
-		EVP_PKEY_free(pkey);
-	}
-	chal = spki->spkac->challenge;
-	if(chal->length)
-		BIO_printf(out, "  Challenge String: %s\n", chal->data);
-	i=OBJ_obj2nid(spki->sig_algor->algorithm);
-	BIO_printf(out,"  Signature Algorithm: %s",
-				(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
-
-	n=spki->signature->length;
-	s=(char *)spki->signature->data;
-	for (i=0; i<n; i++)
-		{
-		if ((i%18) == 0) BIO_write(out,"\n      ",7);
-		BIO_printf(out,"%02x%s",(unsigned char)s[i],
-						((i+1) == n)?"":":");
-		}
-	BIO_write(out,"\n",1);
-	return 1;
-}
diff --git a/crypto/openssl/crypto/asn1/t_x509.c b/crypto/openssl/crypto/asn1/t_x509.c
deleted file mode 100644
index d1034c47f83f..000000000000
--- a/crypto/openssl/crypto/asn1/t_x509.c
+++ /dev/null
@@ -1,505 +0,0 @@
-/* crypto/asn1/t_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_FP_API
-int X509_print_fp(FILE *fp, X509 *x)
-	{
-	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-	}
-
-int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_print_ex(b, x, nmflag, cflag);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int X509_print(BIO *bp, X509 *x)
-{
-	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
-	{
-	long l;
-	int ret=0,i;
-	char *m=NULL,mlch = ' ';
-	int nmindent = 0;
-	X509_CINF *ci;
-	ASN1_INTEGER *bs;
-	EVP_PKEY *pkey=NULL;
-	const char *neg;
-	ASN1_STRING *str=NULL;
-
-	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-			mlch = '\n';
-			nmindent = 12;
-	}
-
-	if(nmflags == X509_FLAG_COMPAT)
-		nmindent = 16;
-
-	ci=x->cert_info;
-	if(!(cflag & X509_FLAG_NO_HEADER))
-		{
-		if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
-		if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_VERSION))
-		{
-		l=X509_get_version(x);
-		if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_SERIAL))
-		{
-
-		if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
-
-		bs=X509_get_serialNumber(x);
-		if (bs->length <= 4)
-			{
-			l=ASN1_INTEGER_get(bs);
-			if (l < 0)
-				{
-				l= -l;
-				neg="-";
-				}
-			else
-				neg="";
-			if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
-				goto err;
-			}
-		else
-			{
-			neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
-			if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-
-			for (i=0; i<bs->length; i++)
-				{
-				if (BIO_printf(bp,"%02x%c",bs->data[i],
-					((i+1 == bs->length)?'\n':':')) <= 0)
-					goto err;
-				}
-			}
-
-		}
-
-	if(!(cflag & X509_FLAG_NO_SIGNAME))
-		{
-		if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0) 
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, "\n") <= 0)
-			goto err;
-		}
-
-	if(!(cflag & X509_FLAG_NO_ISSUER))
-		{
-		if (BIO_printf(bp,"        Issuer:%c",mlch) <= 0) goto err;
-		if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
-		if (BIO_write(bp,"\n",1) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_VALIDITY))
-		{
-		if (BIO_write(bp,"        Validity\n",17) <= 0) goto err;
-		if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
-		if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
-		if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
-		if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
-		if (BIO_write(bp,"\n",1) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_SUBJECT))
-		{
-		if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
-		if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
-		if (BIO_write(bp,"\n",1) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_PUBKEY))
-		{
-		if (BIO_write(bp,"        Subject Public Key Info:\n",33) <= 0)
-			goto err;
-		if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, "\n") <= 0)
-			goto err;
-
-		pkey=X509_get_pubkey(x);
-		if (pkey == NULL)
-			{
-			BIO_printf(bp,"%12sUnable to load Public Key\n","");
-			ERR_print_errors(bp);
-			}
-		else
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-			BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(bp,pkey->pkey.rsa,16);
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			{
-			BIO_printf(bp,"%12sDSA Public Key:\n","");
-			DSA_print(bp,pkey->pkey.dsa,16);
-			}
-		else
-#endif
-			BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
-		EVP_PKEY_free(pkey);
-		}
-
-	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
-		X509V3_extensions_print(bp, "X509v3 extensions",
-					ci->extensions, cflag, 8);
-
-	if(!(cflag & X509_FLAG_NO_SIGDUMP))
-		{
-		if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_AUX))
-		{
-		if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
-		}
-	ret=1;
-err:
-	if (str != NULL) ASN1_STRING_free(str);
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-
-int X509_ocspid_print (BIO *bp, X509 *x)
-	{
-	unsigned char *der=NULL ;
-	unsigned char *dertmp;
-	int derlen;
-	int i;
-	unsigned char SHA1md[SHA_DIGEST_LENGTH];
-
-	/* display the hash of the subject as it would appear
-	   in OCSP requests */
-	if (BIO_printf(bp,"        Subject OCSP hash: ") <= 0)
-		goto err;
-	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
-	if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
-		goto err;
-	i2d_X509_NAME(x->cert_info->subject, &dertmp);
-
-	EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
-	for (i=0; i < SHA_DIGEST_LENGTH; i++)
-		{
-		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
-		}
-	OPENSSL_free (der);
-	der=NULL;
-
-	/* display the hash of the public key as it would appear
-	   in OCSP requests */
-	if (BIO_printf(bp,"\n        Public key OCSP hash: ") <= 0)
-		goto err;
-
-	EVP_Digest(x->cert_info->key->public_key->data,
-		x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
-	for (i=0; i < SHA_DIGEST_LENGTH; i++)
-		{
-		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
-			goto err;
-		}
-	BIO_printf(bp,"\n");
-
-	return (1);
-err:
-	if (der != NULL) OPENSSL_free(der);
-	return(0);
-	}
-
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
-{
-	unsigned char *s;
-	int i, n;
-	if (BIO_puts(bp,"    Signature Algorithm: ") <= 0) return 0;
-	if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
-
-	n=sig->length;
-	s=sig->data;
-	for (i=0; i<n; i++)
-		{
-		if ((i%18) == 0)
-			if (BIO_write(bp,"\n        ",9) <= 0) return 0;
-			if (BIO_printf(bp,"%02x%s",s[i],
-				((i+1) == n)?"":":") <= 0) return 0;
-		}
-	if (BIO_write(bp,"\n",1) != 1) return 0;
-	return 1;
-}
-
-int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
-	{
-	int i,n;
-	char buf[80],*p;;
-
-	if (v == NULL) return(0);
-	n=0;
-	p=(char *)v->data;
-	for (i=0; i<v->length; i++)
-		{
-		if ((p[i] > '~') || ((p[i] < ' ') &&
-			(p[i] != '\n') && (p[i] != '\r')))
-			buf[n]='.';
-		else
-			buf[n]=p[i];
-		n++;
-		if (n >= 80)
-			{
-			if (BIO_write(bp,buf,n) <= 0)
-				return(0);
-			n=0;
-			}
-		}
-	if (n > 0)
-		if (BIO_write(bp,buf,n) <= 0)
-			return(0);
-	return(1);
-	}
-
-int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
-{
-	if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
-	if(tm->type == V_ASN1_GENERALIZEDTIME)
-				return ASN1_GENERALIZEDTIME_print(bp, tm);
-	BIO_write(bp,"Bad time value",14);
-	return(0);
-}
-
-static const char *mon[12]=
-    {
-    "Jan","Feb","Mar","Apr","May","Jun",
-    "Jul","Aug","Sep","Oct","Nov","Dec"
-    };
-
-int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
-	{
-	char *v;
-	int gmt=0;
-	int i;
-	int y=0,M=0,d=0,h=0,m=0,s=0;
-
-	i=tm->length;
-	v=(char *)tm->data;
-
-	if (i < 12) goto err;
-	if (v[i-1] == 'Z') gmt=1;
-	for (i=0; i<12; i++)
-		if ((v[i] > '9') || (v[i] < '0')) goto err;
-	y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
-	M= (v[4]-'0')*10+(v[5]-'0');
-	if ((M > 12) || (M < 1)) goto err;
-	d= (v[6]-'0')*10+(v[7]-'0');
-	h= (v[8]-'0')*10+(v[9]-'0');
-	m=  (v[10]-'0')*10+(v[11]-'0');
-	if (	(v[12] >= '0') && (v[12] <= '9') &&
-		(v[13] >= '0') && (v[13] <= '9'))
-		s=  (v[12]-'0')*10+(v[13]-'0');
-
-	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
-		mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
-		return(0);
-	else
-		return(1);
-err:
-	BIO_write(bp,"Bad time value",14);
-	return(0);
-	}
-
-int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
-	{
-	char *v;
-	int gmt=0;
-	int i;
-	int y=0,M=0,d=0,h=0,m=0,s=0;
-
-	i=tm->length;
-	v=(char *)tm->data;
-
-	if (i < 10) goto err;
-	if (v[i-1] == 'Z') gmt=1;
-	for (i=0; i<10; i++)
-		if ((v[i] > '9') || (v[i] < '0')) goto err;
-	y= (v[0]-'0')*10+(v[1]-'0');
-	if (y < 50) y+=100;
-	M= (v[2]-'0')*10+(v[3]-'0');
-	if ((M > 12) || (M < 1)) goto err;
-	d= (v[4]-'0')*10+(v[5]-'0');
-	h= (v[6]-'0')*10+(v[7]-'0');
-	m=  (v[8]-'0')*10+(v[9]-'0');
-	if (	(v[10] >= '0') && (v[10] <= '9') &&
-		(v[11] >= '0') && (v[11] <= '9'))
-		s=  (v[10]-'0')*10+(v[11]-'0');
-
-	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
-		mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
-		return(0);
-	else
-		return(1);
-err:
-	BIO_write(bp,"Bad time value",14);
-	return(0);
-	}
-
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
-	{
-	char *s,*c,*b;
-	int ret=0,l,ll,i,first=1;
-
-	ll=80-2-obase;
-
-	b=s=X509_NAME_oneline(name,NULL,0);
-	if (!*s)
-		{
-		OPENSSL_free(b);
-		return 1;
-		}
-	s++; /* skip the first slash */
-
-	l=ll;
-	c=s;
-	for (;;)
-		{
-#ifndef CHARSET_EBCDIC
-		if (	((*s == '/') &&
-				((s[1] >= 'A') && (s[1] <= 'Z') && (
-					(s[2] == '=') ||
-					((s[2] >= 'A') && (s[2] <= 'Z') &&
-					(s[3] == '='))
-				 ))) ||
-			(*s == '\0'))
-#else
-		if (	((*s == '/') &&
-				(isupper(s[1]) && (
-					(s[2] == '=') ||
-					(isupper(s[2]) &&
-					(s[3] == '='))
-				 ))) ||
-			(*s == '\0'))
-#endif
-			{
-			if ((l <= 0) && !first)
-				{
-				first=0;
-				if (BIO_write(bp,"\n",1) != 1) goto err;
-				for (i=0; i<obase; i++)
-					{
-					if (BIO_write(bp," ",1) != 1) goto err;
-					}
-				l=ll;
-				}
-			i=s-c;
-			if (BIO_write(bp,c,i) != i) goto err;
-			c+=i;
-			c++;
-			if (*s != '\0')
-				{
-				if (BIO_write(bp,", ",2) != 2) goto err;
-				}
-			l--;
-			}
-		if (*s == '\0') break;
-		s++;
-		l--;
-		}
-	
-	ret=1;
-	if (0)
-		{
-err:
-		X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
-		}
-	OPENSSL_free(b);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/t_x509a.c b/crypto/openssl/crypto/asn1/t_x509a.c
deleted file mode 100644
index ffbbfb51f43e..000000000000
--- a/crypto/openssl/crypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* t_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX and string set routines
- */
-
-int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
-{
-	char oidstr[80], first;
-	int i;
-	if(!aux) return 1;
-	if(aux->trust) {
-		first = 1;
-		BIO_printf(out, "%*sTrusted Uses:\n%*s",
-						indent, "", indent + 2, "");
-		for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
-			if(!first) BIO_puts(out, ", ");
-			else first = 0;
-			OBJ_obj2txt(oidstr, sizeof oidstr,
-				sk_ASN1_OBJECT_value(aux->trust, i), 0);
-			BIO_puts(out, oidstr);
-		}
-		BIO_puts(out, "\n");
-	} else BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
-	if(aux->reject) {
-		first = 1;
-		BIO_printf(out, "%*sRejected Uses:\n%*s",
-						indent, "", indent + 2, "");
-		for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
-			if(!first) BIO_puts(out, ", ");
-			else first = 0;
-			OBJ_obj2txt(oidstr, sizeof oidstr,
-				sk_ASN1_OBJECT_value(aux->reject, i), 0);
-			BIO_puts(out, oidstr);
-		}
-		BIO_puts(out, "\n");
-	} else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
-	if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "",
-							aux->alias->data);
-	if(aux->keyid) {
-		BIO_printf(out, "%*sKey Id: ", indent, "");
-		for(i = 0; i < aux->keyid->length; i++) 
-			BIO_printf(out, "%s%02X", 
-				i ? ":" : "",
-				aux->keyid->data[i]);
-		BIO_write(out,"\n",1);
-	}
-	return 1;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c
deleted file mode 100644
index 76fc023230a8..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_dec.c
+++ /dev/null
@@ -1,958 +0,0 @@
-/* tasn_dec.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_check_eoc(unsigned char **in, long len);
-static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
-static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
-			unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx);
-static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len,
-					const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-/* Table to convert tags to bit values, used for MSTRING type */
-static unsigned long tag2bit[32]={
-0,	0,	0,	B_ASN1_BIT_STRING,	/* tags  0 -  3 */
-B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
-B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
-B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0,	0,	B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,   /* tags 16-19 */
-B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,       /* tags 20-22 */
-B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,			       /* tags 23-24 */	
-B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,  /* tags 25-27 */
-B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */
-	};
-
-unsigned long ASN1_tag2bit(int tag)
-{
-	if((tag < 0) || (tag > 30)) return 0;
-	return tag2bit[tag];
-}
-
-/* Macro to initialize and invalidate the cache */
-
-#define asn1_tlc_clear(c)	if(c) (c)->valid = 0
-
-/* Decode an ASN1 item, this currently behaves just 
- * like a standard 'd2i' function. 'in' points to 
- * a buffer to read the data from, in future we will
- * have more advanced versions that can input data
- * a piece at a time and this will simply be a special
- * case.
- */
-
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it)
-{
-	ASN1_TLC c;
-	ASN1_VALUE *ptmpval = NULL;
-	if(!pval) pval = &ptmpval;
-	asn1_tlc_clear(&c);
-	if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) 
-		return *pval;
-	return NULL;
-}
-
-int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt)
-{
-	ASN1_TLC c;
-	asn1_tlc_clear(&c);
-	return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
-}
-
-
-/* Decode an item, taking care of IMPLICIT tagging, if any.
- * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
- */
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
-				int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	const ASN1_TEMPLATE *tt, *errtt = NULL;
-	const ASN1_COMPAT_FUNCS *cf;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	unsigned char *p, *q, imphack = 0, oclass;
-	char seq_eoc, seq_nolen, cst, isopt;
-	long tmplen;
-	int i;
-	int otag;
-	int ret = 0;
-	ASN1_VALUE *pchval, **pchptr, *ptmpval;
-	if(!pval) return 0;
-	if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
-	else asn1_cb = 0;
-
-	switch(it->itype) {
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates) {
-			/* tagging or OPTIONAL is currently illegal on an item template
-			 * because the flags can't get passed down. In practice this isn't
-			 * a problem: we include the relevant flags from the item template
-			 * in the template itself.
-			 */
-			if ((tag != -1) || opt) {
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
-				goto err;
-			}
-			return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx);
-		}
-		return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx);
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		p = *in;
-		/* Just read in tag and class */
-		ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} 
-		/* Must be UNIVERSAL class */
-		if(oclass != V_ASN1_UNIVERSAL) {
-			/* If OPTIONAL, assume this is OK */
-			if(opt) return -1;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
-			goto err;
-		} 
-		/* Check tag matches bit map */
-		if(!(ASN1_tag2bit(otag) & it->utype)) {
-			/* If OPTIONAL, assume this is OK */
-			if(opt) return -1;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
-			goto err;
-		} 
-		return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
-
-		case ASN1_ITYPE_EXTERN:
-		/* Use new style d2i */
-		ef = it->funcs;
-		return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
-
-		case ASN1_ITYPE_COMPAT:
-		/* we must resort to old style evil hackery */
-		cf = it->funcs;
-
-		/* If OPTIONAL see if it is there */
-		if(opt) {
-			int exptag;
-			p = *in;
-			if(tag == -1) exptag = it->utype;
-			else exptag = tag;
-			/* Don't care about anything other than presence of expected tag */
-			ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx);
-			if(!ret) {
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-				goto err;
-			}
-			if(ret == -1) return -1;
-		}
-		/* This is the old style evil hack IMPLICIT handling:
-		 * since the underlying code is expecting a tag and
-		 * class other than the one present we change the
-		 * buffer temporarily then change it back afterwards.
-		 * This doesn't and never did work for tags > 30.
-		 *
-		 * Yes this is *horrible* but it is only needed for
-		 * old style d2i which will hopefully not be around
-		 * for much longer.
-		 * FIXME: should copy the buffer then modify it so
-		 * the input buffer can be const: we should *always*
-		 * copy because the old style d2i might modify the
-		 * buffer.
-		 */
-
-		if(tag != -1) {
-			p = *in;
-			imphack = *p;
-			*p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype);
-		}
-
-		ptmpval = cf->asn1_d2i(pval, in, len);
-
-		if(tag != -1) *p = imphack;
-
-		if(ptmpval) return 1;
-		ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-
-
-		case ASN1_ITYPE_CHOICE:
-		if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
-				goto auxerr;
-
-		/* Allocate structure */
-		if(!*pval) {
-			if(!ASN1_item_ex_new(pval, it)) {
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-				goto err;
-			}
-		}
-		/* CHOICE type, try each possibility in turn */
-		pchval = NULL;
-		p = *in;
-		for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
-			pchptr = asn1_get_field_ptr(pval, tt);
-			/* We mark field as OPTIONAL so its absence
-			 * can be recognised.
-			 */
-			ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
-			/* If field not present, try the next one */
-			if(ret == -1) continue;
-			/* If positive return, read OK, break loop */
-			if(ret > 0) break;
-			/* Otherwise must be an ASN1 parsing error */
-			errtt = tt;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		/* Did we fall off the end without reading anything? */
-		if(i == it->tcount) {
-			/* If OPTIONAL, this is OK */
-			if(opt) {
-				/* Free and zero it */
-				ASN1_item_ex_free(pval, it);
-				return -1;
-			}
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
-			goto err;
-		}
-		asn1_set_choice_selector(pval, i, it);
-		*in = p;
-		if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
-				goto auxerr;
-		return 1;
-
-		case ASN1_ITYPE_SEQUENCE:
-		p = *in;
-		tmplen = len;
-
-		/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-		if(tag == -1) {
-			tag = V_ASN1_SEQUENCE;
-			aclass = V_ASN1_UNIVERSAL;
-		}
-		/* Get SEQUENCE length and update len, p */
-		ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if(ret == -1) return -1;
-		if(aux && (aux->flags & ASN1_AFLG_BROKEN)) {
-			len = tmplen - (p - *in);
-			seq_nolen = 1;
-		} else seq_nolen = seq_eoc;	/* If indefinite we don't do a length check */
-		if(!cst) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
-			goto err;
-		}
-
-		if(!*pval) {
-			if(!ASN1_item_ex_new(pval, it)) {
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-				goto err;
-			}
-		}
-		if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
-				goto auxerr;
-
-		/* Get each field entry */
-		for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if(!seqtt) goto err;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* Have we ran out of data? */
-			if(!len) break;
-			q = p;
-			if(asn1_check_eoc(&p, len)) {
-				if(!seq_eoc) {
-					ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
-					goto err;
-				}
-				len -= p - q;
-				seq_eoc = 0;
-				q = p;
-				break;
-			}
-			/* This determines the OPTIONAL flag value. The field cannot
-			 * be omitted if it is the last of a SEQUENCE and there is
-			 * still data to be read. This isn't strictly necessary but
-			 * it increases efficiency in some cases.
-			 */
-			if(i == (it->tcount - 1)) isopt = 0;
-			else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
-			/* attempt to read in field, allowing each to be OPTIONAL */
-			ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
-			if(!ret) {
-				errtt = seqtt;
-				goto err;
-			} else if(ret == -1) {
-				/* OPTIONAL component absent. Free and zero the field
-				 */
-				ASN1_template_free(pseqval, seqtt);
-				continue;
-			}
-			/* Update length */
-			len -= p - q;
-		}
-		/* Check for EOC if expecting one */
-		if(seq_eoc && !asn1_check_eoc(&p, len)) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
-			goto err;
-		}
-		/* Check all data read */
-		if(!seq_nolen && len) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
-			goto err;
-		}
-
-		/* If we get here we've got no more data in the SEQUENCE,
-		 * however we may not have read all fields so check all
-		 * remaining are OPTIONAL and clear any that are.
-		 */
-		for(; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if(!seqtt) goto err;
-			if(seqtt->flags & ASN1_TFLG_OPTIONAL) {
-				ASN1_VALUE **pseqval;
-				pseqval = asn1_get_field_ptr(pval, seqtt);
-				ASN1_template_free(pseqval, seqtt);
-			} else {
-				errtt = seqtt;
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
-				goto err;
-			}
-		}
-		/* Save encoding */
-		if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr;
-		*in = p;
-		if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
-				goto auxerr;
-		return 1;
-
-		default:
-		return 0;
-	}
-	auxerr:
-	ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
-	err:
-	ASN1_item_ex_free(pval, it);
-	if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname);
-	else ERR_add_error_data(2, "Type=", it->sname);
-	return 0;
-}
-
-/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the
- * rest.
- */
-
-static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
-	int flags, aclass;
-	int ret;
-	long len;
-	unsigned char *p, *q;
-	char exp_eoc;
-	if(!val) return 0;
-	flags = tt->flags;
-	aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-	p = *in;
-
-	/* Check if EXPLICIT tag expected */
-	if(flags & ASN1_TFLG_EXPTAG) {
-		char cst;
-		/* Need to work out amount of data available to the inner content and where it
-		 * starts: so read in EXPLICIT header to get the info.
-		 */
-		ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx);
-		q = p;
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		} else if(ret == -1) return -1;
-		if(!cst) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
-			return 0;
-		}
-		/* We've found the field so it can't be OPTIONAL now */
-		ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		/* We read the field in OK so update length */
-		len -= p - q;
-		if(exp_eoc) {
-			/* If NDEF we must have an EOC here */
-			if(!asn1_check_eoc(&p, len)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
-				goto err;
-			}
-		} else {
-			/* Otherwise we must hit the EXPLICIT tag end or its an error */
-			if(len) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH);
-				goto err;
-			}
-		}
-	} else 
-		return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
-
-	*in = p;
-	return 1;
-
-	err:
-	ASN1_template_free(val, tt);
-	*val = NULL;
-	return 0;
-}
-
-static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
-	int flags, aclass;
-	int ret;
-	unsigned char *p, *q;
-	if(!val) return 0;
-	flags = tt->flags;
-	aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-	p = *in;
-	q = p;
-
-	if(flags & ASN1_TFLG_SK_MASK) {
-		/* SET OF, SEQUENCE OF */
-		int sktag, skaclass;
-		char sk_eoc;
-		/* First work out expected inner tag value */
-		if(flags & ASN1_TFLG_IMPTAG) {
-			sktag = tt->tag;
-			skaclass = aclass;
-		} else {
-			skaclass = V_ASN1_UNIVERSAL;
-			if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET;
-			else sktag = V_ASN1_SEQUENCE;
-		}
-		/* Get the tag */
-		ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		} else if(ret == -1) return -1;
-		if(!*val) *val = (ASN1_VALUE *)sk_new_null();
-		else {
-			/* We've got a valid STACK: free up any items present */
-			STACK *sktmp = (STACK *)*val;
-			ASN1_VALUE *vtmp;
-			while(sk_num(sktmp) > 0) {
-				vtmp = (ASN1_VALUE *)sk_pop(sktmp);
-				ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
-			}
-		}
-				
-		if(!*val) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/* Read as many items as we can */
-		while(len > 0) {
-			ASN1_VALUE *skfield;
-			q = p;
-			/* See if EOC found */
-			if(asn1_check_eoc(&p, len)) {
-				if(!sk_eoc) {
-					ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC);
-					goto err;
-				}
-				len -= p - q;
-				sk_eoc = 0;
-				break;
-			}
-			skfield = NULL;
-			if(!ASN1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
-				goto err;
-			}
-			len -= p - q;
-			if(!sk_push((STACK *)*val, (char *)skfield)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-		if(sk_eoc) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
-			goto err;
-		}
-	} else if(flags & ASN1_TFLG_IMPTAG) {
-		/* IMPLICIT tagging */
-		ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if(ret == -1) return -1;
-	} else {
-		/* Nothing special */
-		ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, opt, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if(ret == -1) return -1;
-	}
-
-	*in = p;
-	return 1;
-
-	err:
-	ASN1_template_free(val, tt);
-	*val = NULL;
-	return 0;
-}
-
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, 
-						const ASN1_ITEM *it,
-						int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	int ret = 0, utype;
-	long plen;
-	char cst, inf, free_cont = 0;
-	unsigned char *p;
-	BUF_MEM buf;
-	unsigned char *cont = NULL;
-	long len; 
-	if(!pval) {
-		ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
-		return 0; /* Should never happen */
-	}
-
-	if(it->itype == ASN1_ITYPE_MSTRING) {
-		utype = tag;
-		tag = -1;
-	} else utype = it->utype;
-
-	if(utype == V_ASN1_ANY) {
-		/* If type is ANY need to figure out type from tag */
-		unsigned char oclass;
-		if(tag >= 0) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
-			return 0;
-		}
-		if(opt) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY);
-			return 0;
-		}
-		p = *in;
-		ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx);
-		if(!ret) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER;
-	}
-	if(tag == -1) {
-		tag = utype;
-		aclass = V_ASN1_UNIVERSAL;
-	}
-	p = *in;
-	/* Check header */
-	ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx);
-	if(!ret) {
-		ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
-		return 0;
-	} else if(ret == -1) return -1;
-	/* SEQUENCE, SET and "OTHER" are left in encoded form */
-	if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
-		/* Clear context cache for type OTHER because the auto clear when
-		 * we have a exact match wont work
-		 */
-		if(utype == V_ASN1_OTHER) {
-			asn1_tlc_clear(ctx);
-		/* SEQUENCE and SET must be constructed */
-		} else if(!cst) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED);
-			return 0;
-		}
-
-		cont = *in;
-		/* If indefinite length constructed find the real end */
-		if(inf) {
-			if(!asn1_collect(NULL, &p, plen, inf, -1, -1)) goto err;
-			len = p - cont;
-		} else {
-			len = p - cont + plen;
-			p += plen;
-			buf.data = NULL;
-		}
-	} else if(cst) {
-		buf.length = 0;
-		buf.max = 0;
-		buf.data = NULL;
-		/* Should really check the internal tags are correct but
-		 * some things may get this wrong. The relevant specs
-		 * say that constructed string types should be OCTET STRINGs
-		 * internally irrespective of the type. So instead just check
-		 * for UNIVERSAL class and ignore the tag.
-		 */
-		if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err;
-		len = buf.length;
-		/* Append a final null to string */
-		if(!BUF_MEM_grow_clean(&buf, len + 1)) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		buf.data[len] = 0;
-		cont = (unsigned char *)buf.data;
-		free_cont = 1;
-	} else {
-		cont = p;
-		len = plen;
-		p += plen;
-	}
-
-	/* We now have content length and type: translate into a structure */
-	if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err;
-
-	*in = p;
-	ret = 1;
-	err:
-	if(free_cont && buf.data) OPENSSL_free(buf.data);
-	return ret;
-}
-
-/* Translate ASN1 content octets into a structure */
-
-int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
-{
-	ASN1_STRING *stmp;
-	ASN1_TYPE *typ = NULL;
-	int ret = 0;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	ASN1_INTEGER **tint;
-	pf = it->funcs;
-	if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
-	/* If ANY type clear type and set pointer to internal value */
-	if(it->utype == V_ASN1_ANY) {
-		if(!*pval) {
-			typ = ASN1_TYPE_new();
-			*pval = (ASN1_VALUE *)typ;
-		} else typ = (ASN1_TYPE *)*pval;
-		if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
-		pval = (ASN1_VALUE **)&typ->value.ptr;
-	}
-	switch(utype) {
-		case V_ASN1_OBJECT:
-		if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err;
-		break;
-
-		case V_ASN1_NULL:
-		if(len) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH);
-			goto err;
-		}
-		*pval = (ASN1_VALUE *)1;
-		break;
-
-		case V_ASN1_BOOLEAN:
-		if(len != 1) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
-			goto err;
-		} else {
-			ASN1_BOOLEAN *tbool;
-			tbool = (ASN1_BOOLEAN *)pval;
-			*tbool = *cont;
-		}
-		break;
-
-		case V_ASN1_BIT_STRING:
-		if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err;
-		break;
-
-		case V_ASN1_INTEGER:
-		case V_ASN1_NEG_INTEGER:
-		case V_ASN1_ENUMERATED:
-		case V_ASN1_NEG_ENUMERATED:
-		tint = (ASN1_INTEGER **)pval;
-		if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err;
-		/* Fixup type to match the expected form */
-		(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
-		break;
-
-		case V_ASN1_OCTET_STRING:
-		case V_ASN1_NUMERICSTRING:
-		case V_ASN1_PRINTABLESTRING:
-		case V_ASN1_T61STRING:
-		case V_ASN1_VIDEOTEXSTRING:
-		case V_ASN1_IA5STRING:
-		case V_ASN1_UTCTIME:
-		case V_ASN1_GENERALIZEDTIME:
-		case V_ASN1_GRAPHICSTRING:
-		case V_ASN1_VISIBLESTRING:
-		case V_ASN1_GENERALSTRING:
-		case V_ASN1_UNIVERSALSTRING:
-		case V_ASN1_BMPSTRING:
-		case V_ASN1_UTF8STRING:
-		case V_ASN1_OTHER:
-		case V_ASN1_SET:
-		case V_ASN1_SEQUENCE:
-		default:
-		/* All based on ASN1_STRING and handled the same */
-		if(!*pval) {
-			stmp = ASN1_STRING_type_new(utype);
-			if(!stmp) {
-				ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			*pval = (ASN1_VALUE *)stmp;
-		} else {
-			stmp = (ASN1_STRING *)*pval;
-			stmp->type = utype;
-		}
-		/* If we've already allocated a buffer use it */
-		if(*free_cont) {
-			if(stmp->data) OPENSSL_free(stmp->data);
-			stmp->data = cont;
-			stmp->length = len;
-			*free_cont = 0;
-		} else {
-			if(!ASN1_STRING_set(stmp, cont, len)) {
-				ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
-				ASN1_STRING_free(stmp);	
-				*pval = NULL;
-				goto err;
-			}
-		}
-		break;
-	}
-	/* If ASN1_ANY and NULL type fix up value */
-	if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL;
-
-	ret = 1;
-	err:
-	if(!ret) ASN1_TYPE_free(typ);
-	return ret;
-}
-
-/* This function collects the asn1 data from a constructred string
- * type into a buffer. The values of 'in' and 'len' should refer
- * to the contents of the constructed type and 'inf' should be set
- * if it is indefinite length. If 'buf' is NULL then we just want
- * to find the end of the current structure: useful for indefinite
- * length constructed stuff.
- */
-
-static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
-{
-	unsigned char *p, *q;
-	long plen;
-	char cst, ininf;
-	p = *in;
-	inf &= 1;
-	/* If no buffer and not indefinite length constructed just pass over the encoded data */
-	if(!buf && !inf) {
-		*in += len;
-		return 1;
-	}
-	while(len > 0) {
-		q = p;
-		/* Check for EOC */
-		if(asn1_check_eoc(&p, len)) {
-			/* EOC is illegal outside indefinite length constructed form */
-			if(!inf) {
-				ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
-				return 0;
-			}
-			inf = 0;
-			break;
-		}
-		if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) {
-			ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		/* If indefinite length constructed update max length */
-		if(cst) {
-			if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0;
-		} else {
-			if(!collect_data(buf, &p, plen)) return 0;
-		}
-		len -= p - q;
-	}
-	if(inf) {
-		ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
-		return 0;
-	}
-	*in = p;
-	return 1;
-}
-
-static int collect_data(BUF_MEM *buf, unsigned char **p, long plen)
-{
-		int len;
-		if(buf) {
-			len = buf->length;
-			if(!BUF_MEM_grow_clean(buf, len + plen)) {
-				ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-			memcpy(buf->data + len, *p, plen);
-		}
-		*p += plen;
-		return 1;
-}
-
-/* Check for ASN1 EOC and swallow it if found */
-
-static int asn1_check_eoc(unsigned char **in, long len)
-{
-	unsigned char *p;
-	if(len < 2) return 0;
-	p = *in;
-	if(!p[0] && !p[1]) {
-		*in += 2;
-		return 1;
-	}
-	return 0;
-}
-
-/* Check an ASN1 tag and length: a bit like ASN1_get_object
- * but it sets the length for indefinite length constructed
- * form, we don't know the exact length but we can set an
- * upper bound to the amount of data available minus the
- * header length just read.
- */
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
-		unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx)
-{
-	int i;
-	int ptag, pclass;
-	long plen;
-	unsigned char *p, *q;
-	p = *in;
-	q = p;
-
-	if(ctx && ctx->valid) {
-		i = ctx->ret;
-		plen = ctx->plen;
-		pclass = ctx->pclass;
-		ptag = ctx->ptag;
-		p += ctx->hdrlen;
-	} else {
-		i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
-		if(ctx) {
-			ctx->ret = i;
-			ctx->plen = plen;
-			ctx->pclass = pclass;
-			ctx->ptag = ptag;
-			ctx->hdrlen = p - q;
-			ctx->valid = 1;
-			/* If definite length, and no error, length +
-			 * header can't exceed total amount of data available. 
-			 */
-			if(!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
-				ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
-				asn1_tlc_clear(ctx);
-				return 0;
-			}
-		}
-	}
-
-	if(i & 0x80) {
-		ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
-		asn1_tlc_clear(ctx);
-		return 0;
-	}
-	if(exptag >= 0) {
-		if((exptag != ptag) || (expclass != pclass)) {
-			/* If type is OPTIONAL, not an error, but indicate missing
-			 * type.
-			 */
-			if(opt) return -1;
-			asn1_tlc_clear(ctx);
-			ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
-			return 0;
-		}
-		/* We have a tag and class match, so assume we are going to do something with it */
-		asn1_tlc_clear(ctx);
-	}
-
-	if(i & 1) plen = len - (p - q);
-
-	if(inf) *inf = i & 1;
-
-	if(cst) *cst = i & V_ASN1_CONSTRUCTED;
-
-	if(olen) *olen = plen;
-	if(oclass) *oclass = pclass;
-	if(otag) *otag = ptag;
-
-	*in = p;
-	return 1;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_enc.c b/crypto/openssl/crypto/asn1/tasn_enc.c
deleted file mode 100644
index f6c8ddef0aad..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_enc.c
+++ /dev/null
@@ -1,497 +0,0 @@
-/* tasn_enc.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset);
-
-/* Encode an ASN1 item, this is compatible with the
- * standard 'i2d' function. 'out' points to 
- * a buffer to output the data to, in future we will
- * have more advanced versions that can output data
- * a piece at a time and this will simply be a special
- * case.
- *
- * The new i2d has one additional feature. If the output
- * buffer is NULL (i.e. *out == NULL) then a buffer is
- * allocated and populated with the encoding.
- */
-
-
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
-{
-	if(out && !*out) {
-		unsigned char *p, *buf;
-		int len;
-		len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0);
-		if(len <= 0) return len;
-		buf = OPENSSL_malloc(len);
-		if(!buf) return -1;
-		p = buf;
-		ASN1_item_ex_i2d(&val, &p, it, -1, 0);
-		*out = buf;
-		return len;
-	}
-		
-	return ASN1_item_ex_i2d(&val, out, it, -1, 0);
-}
-
-/* Encode an item, taking care of IMPLICIT tagging (if any).
- * This function performs the normal item handling: it can be
- * used in external types.
- */
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
-{
-	const ASN1_TEMPLATE *tt = NULL;
-	unsigned char *p = NULL;
-	int i, seqcontlen, seqlen;
-	ASN1_STRING *strtmp;
-	const ASN1_COMPAT_FUNCS *cf;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0;
-	if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
-	else asn1_cb = 0;
-
-	switch(it->itype) {
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates)
-			return ASN1_template_i2d(pval, out, it->templates);
-		return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		strtmp = (ASN1_STRING *)*pval;
-		return asn1_i2d_ex_primitive(pval, out, it, -1, 0);
-
-		case ASN1_ITYPE_CHOICE:
-		if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
-				return 0;
-		i = asn1_get_choice_selector(pval, it);
-		if((i >= 0) && (i < it->tcount)) {
-			ASN1_VALUE **pchval;
-			const ASN1_TEMPLATE *chtt;
-			chtt = it->templates + i;
-			pchval = asn1_get_field_ptr(pval, chtt);
-			return ASN1_template_i2d(pchval, out, chtt);
-		} 
-		/* Fixme: error condition if selector out of range */
-		if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
-				return 0;
-		break;
-
-		case ASN1_ITYPE_EXTERN:
-		/* If new style i2d it does all the work */
-		ef = it->funcs;
-		return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-
-		case ASN1_ITYPE_COMPAT:
-		/* old style hackery... */
-		cf = it->funcs;
-		if(out) p = *out;
-		i = cf->asn1_i2d(*pval, out);
-		/* Fixup for IMPLICIT tag: note this messes up for tags > 30,
-		 * but so did the old code. Tags > 30 are very rare anyway.
-		 */
-		if(out && (tag != -1))
-			*p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
-		return i;
-		
-		case ASN1_ITYPE_SEQUENCE:
-		i = asn1_enc_restore(&seqcontlen, out, pval, it);
-		/* An error occurred */
-		if(i < 0) return 0;
-		/* We have a valid cached encoding... */
-		if(i > 0) return seqcontlen;
-		/* Otherwise carry on */
-		seqcontlen = 0;
-		/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-		if(tag == -1) {
-			tag = V_ASN1_SEQUENCE;
-			aclass = V_ASN1_UNIVERSAL;
-		}
-		if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
-				return 0;
-		/* First work out sequence content length */
-		for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if(!seqtt) return 0;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* FIXME: check for errors in enhanced version */
-			/* FIXME: special handling of indefinite length encoding */
-			seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt);
-		}
-		seqlen = ASN1_object_size(1, seqcontlen, tag);
-		if(!out) return seqlen;
-		/* Output SEQUENCE header */
-		ASN1_put_object(out, 1, seqcontlen, tag, aclass);
-		for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if(!seqtt) return 0;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* FIXME: check for errors in enhanced version */
-			ASN1_template_i2d(pseqval, out, seqtt);
-		}
-		if(asn1_cb  && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
-				return 0;
-		return seqlen;
-
-		default:
-		return 0;
-	}
-	return 0;
-}
-
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt)
-{
-	int i, ret, flags, aclass;
-	flags = tt->flags;
-	aclass = flags & ASN1_TFLG_TAG_CLASS;
-	if(flags & ASN1_TFLG_SK_MASK) {
-		/* SET OF, SEQUENCE OF */
-		STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-		int isset, sktag, skaclass;
-		int skcontlen, sklen;
-		ASN1_VALUE *skitem;
-		if(!*pval) return 0;
-		if(flags & ASN1_TFLG_SET_OF) {
-			isset = 1;
-			/* 2 means we reorder */
-			if(flags & ASN1_TFLG_SEQUENCE_OF) isset = 2;
-		} else isset = 0;
-		/* First work out inner tag value */
-		if(flags & ASN1_TFLG_IMPTAG) {
-			sktag = tt->tag;
-			skaclass = aclass;
-		} else {
-			skaclass = V_ASN1_UNIVERSAL;
-			if(isset) sktag = V_ASN1_SET;
-			else sktag = V_ASN1_SEQUENCE;
-		}
-		/* Now work out length of items */
-		skcontlen = 0;
-		for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			skitem = sk_ASN1_VALUE_value(sk, i);
-			skcontlen += ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, 0);
-		}
-		sklen = ASN1_object_size(1, skcontlen, sktag);
-		/* If EXPLICIT need length of surrounding tag */
-		if(flags & ASN1_TFLG_EXPTAG)
-			ret = ASN1_object_size(1, sklen, tt->tag);
-		else ret = sklen;
-
-		if(!out) return ret;
-
-		/* Now encode this lot... */
-		/* EXPLICIT tag */
-		if(flags & ASN1_TFLG_EXPTAG)
-			ASN1_put_object(out, 1, sklen, tt->tag, aclass);
-		/* SET or SEQUENCE and IMPLICIT tag */
-		ASN1_put_object(out, 1, skcontlen, sktag, skaclass);
-		/* And finally the stuff itself */
-		asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), isset);
-
-		return ret;
-	}
-			
-	if(flags & ASN1_TFLG_EXPTAG) {
-		/* EXPLICIT tagging */
-		/* Find length of tagged item */
-		i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0);
-		if(!i) return 0;
-		/* Find length of EXPLICIT tag */
-		ret = ASN1_object_size(1, i, tt->tag);
-		if(out) {
-			/* Output tag and item */
-			ASN1_put_object(out, 1, i, tt->tag, aclass);
-			ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0);
-		}
-		return ret;
-	}
-	if(flags & ASN1_TFLG_IMPTAG) {
-		/* IMPLICIT tagging */
-		return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), tt->tag, aclass);
-	}
-	/* Nothing special: treat as normal */
-	return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0);
-}
-
-/* Temporary structure used to hold DER encoding of items for SET OF */
-
-typedef	struct {
-	unsigned char *data;
-	int length;
-	ASN1_VALUE *field;
-} DER_ENC;
-
-static int der_cmp(const void *a, const void *b)
-{
-	const DER_ENC *d1 = a, *d2 = b;
-	int cmplen, i;
-	cmplen = (d1->length < d2->length) ? d1->length : d2->length;
-	i = memcmp(d1->data, d2->data, cmplen);
-	if(i) return i;
-	return d1->length - d2->length;
-}
-
-/* Output the content octets of SET OF or SEQUENCE OF */
-
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort)
-{
-	int i;
-	ASN1_VALUE *skitem;
-	unsigned char *tmpdat = NULL, *p = NULL;
-	DER_ENC *derlst = NULL, *tder;
-	if(do_sort) {
-		/* Don't need to sort less than 2 items */
-		if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0;
-		else {
-			derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst));
-			tmpdat = OPENSSL_malloc(skcontlen);
-			if(!derlst || !tmpdat) return 0;
-		}
-	}
-	/* If not sorting just output each item */
-	if(!do_sort) {
-		for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			skitem = sk_ASN1_VALUE_value(sk, i);
-			ASN1_item_i2d(skitem, out, item);
-		}
-		return 1;
-	}
-	p = tmpdat;
-	/* Doing sort: build up a list of each member's DER encoding */
-	for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-		skitem = sk_ASN1_VALUE_value(sk, i);
-		tder->data = p;
-		tder->length = ASN1_item_i2d(skitem, &p, item);
-		tder->field = skitem;
-	}
-	/* Now sort them */
-	qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
-	/* Output sorted DER encoding */	
-	p = *out;
-	for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-		memcpy(p, tder->data, tder->length);
-		p += tder->length;
-	}
-	*out = p;
-	/* If do_sort is 2 then reorder the STACK */
-	if(do_sort == 2) {
-		for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
-			sk_ASN1_VALUE_set(sk, i, tder->field);
-	}
-	OPENSSL_free(derlst);
-	OPENSSL_free(tmpdat);
-	return 1;
-}
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
-{
-	int len;
-	int utype;
-	int usetag;
-
-	utype = it->utype;
-
-	/* Get length of content octets and maybe find
-	 * out the underlying type.
-	 */
-
-	len = asn1_ex_i2c(pval, NULL, &utype, it);
-
-	/* If SEQUENCE, SET or OTHER then header is
-	 * included in pseudo content octets so don't
-	 * include tag+length. We need to check here
-	 * because the call to asn1_ex_i2c() could change
-	 * utype.
-	 */
-	if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
-	   (utype == V_ASN1_OTHER))
-		usetag = 0;
-	else usetag = 1;
-
-	/* -1 means omit type */
-
-	if(len == -1) return 0;
-
-	/* If not implicitly tagged get tag from underlying type */
-	if(tag == -1) tag = utype;
-
-	/* Output tag+length followed by content octets */
-	if(out) {
-		if(usetag) ASN1_put_object(out, 0, len, tag, aclass);
-		asn1_ex_i2c(pval, *out, &utype, it);
-		*out += len;
-	}
-
-	if(usetag) return ASN1_object_size(0, len, tag);
-	return len;
-}
-
-/* Produce content octets from a structure */
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it)
-{
-	ASN1_BOOLEAN *tbool = NULL;
-	ASN1_STRING *strtmp;
-	ASN1_OBJECT *otmp;
-	int utype;
-	unsigned char *cont, c;
-	int len;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	pf = it->funcs;
-	if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it);
-
-	/* Should type be omitted? */
-	if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
-		if(!*pval) return -1;
-	}
-
-	if(it->itype == ASN1_ITYPE_MSTRING) {
-		/* If MSTRING type set the underlying type */
-		strtmp = (ASN1_STRING *)*pval;
-		utype = strtmp->type;
-		*putype = utype;
-	} else if(it->utype == V_ASN1_ANY) {
-		/* If ANY set type and pointer to value */
-		ASN1_TYPE *typ;
-		typ = (ASN1_TYPE *)*pval;
-		utype = typ->type;
-		*putype = utype;
-		pval = (ASN1_VALUE **)&typ->value.ptr;
-	} else utype = *putype;
-
-	switch(utype) {
-		case V_ASN1_OBJECT:
-		otmp = (ASN1_OBJECT *)*pval;
-		cont = otmp->data;
-		len = otmp->length;
-		break;
-
-		case V_ASN1_NULL:
-		cont = NULL;
-		len = 0;
-		break;
-
-		case V_ASN1_BOOLEAN:
-		tbool = (ASN1_BOOLEAN *)pval;
-		if(*tbool == -1) return -1;
-		/* Default handling if value == size field then omit */
-		if(*tbool && (it->size > 0)) return -1;
-		if(!*tbool && !it->size) return -1;
-		c = (unsigned char)*tbool;
-		cont = &c;
-		len = 1;
-		break;
-
-		case V_ASN1_BIT_STRING:
-		return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL);
-		break;
-
-		case V_ASN1_INTEGER:
-		case V_ASN1_NEG_INTEGER:
-		case V_ASN1_ENUMERATED:
-		case V_ASN1_NEG_ENUMERATED:
-		/* These are all have the same content format
-		 * as ASN1_INTEGER
-		 */
-		return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
-		break;
-
-		case V_ASN1_OCTET_STRING:
-		case V_ASN1_NUMERICSTRING:
-		case V_ASN1_PRINTABLESTRING:
-		case V_ASN1_T61STRING:
-		case V_ASN1_VIDEOTEXSTRING:
-		case V_ASN1_IA5STRING:
-		case V_ASN1_UTCTIME:
-		case V_ASN1_GENERALIZEDTIME:
-		case V_ASN1_GRAPHICSTRING:
-		case V_ASN1_VISIBLESTRING:
-		case V_ASN1_GENERALSTRING:
-		case V_ASN1_UNIVERSALSTRING:
-		case V_ASN1_BMPSTRING:
-		case V_ASN1_UTF8STRING:
-		case V_ASN1_SEQUENCE:
-		case V_ASN1_SET:
-		default:
-		/* All based on ASN1_STRING and handled the same */
-		strtmp = (ASN1_STRING *)*pval;
-		cont = strtmp->data;
-		len = strtmp->length;
-
-		break;
-
-	}
-	if(cout && len) memcpy(cout, cont, len);
-	return len;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_fre.c b/crypto/openssl/crypto/asn1/tasn_fre.c
deleted file mode 100644
index 2dd844159ebe..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_fre.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* tasn_fre.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
-
-/* Free up an ASN1 structure */
-
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
-{
-	asn1_item_combine_free(&val, it, 0);
-}
-
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	asn1_item_combine_free(pval, it, 0);
-}
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
-{
-	const ASN1_TEMPLATE *tt = NULL, *seqtt;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_COMPAT_FUNCS *cf;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	int i;
-	if(!pval) return;
-	if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return;
-	if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
-	else asn1_cb = 0;
-
-	switch(it->itype) {
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates) ASN1_template_free(pval, it->templates);
-		else ASN1_primitive_free(pval, it);
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		ASN1_primitive_free(pval, it);
-		break;
-
-		case ASN1_ITYPE_CHOICE:
-		if(asn1_cb) {
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
-			if(i == 2) return;
-		}
-		i = asn1_get_choice_selector(pval, it);
-		if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it);
-		if((i >= 0) && (i < it->tcount)) {
-			ASN1_VALUE **pchval;
-			tt = it->templates + i;
-			pchval = asn1_get_field_ptr(pval, tt);
-			ASN1_template_free(pchval, tt);
-		}
-		if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
-		if(!combine) {
-			OPENSSL_free(*pval);
-			*pval = NULL;
-		}
-		break;
-
-		case ASN1_ITYPE_COMPAT:
-		cf = it->funcs;
-		if(cf && cf->asn1_free) cf->asn1_free(*pval);
-		break;
-
-		case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it);
-		break;
-
-		case ASN1_ITYPE_SEQUENCE:
-		if(asn1_do_lock(pval, -1, it) > 0) return;
-		if(asn1_cb) {
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
-			if(i == 2) return;
-		}		
-		asn1_enc_free(pval, it);
-		/* If we free up as normal we will invalidate any
-		 * ANY DEFINED BY field and we wont be able to 
-		 * determine the type of the field it defines. So
-		 * free up in reverse order.
-		 */
-		tt = it->templates + it->tcount - 1;
-		for(i = 0; i < it->tcount; tt--, i++) {
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 0);
-			if(!seqtt) continue;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			ASN1_template_free(pseqval, seqtt);
-		}
-		if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
-		if(!combine) {
-			OPENSSL_free(*pval);
-			*pval = NULL;
-		}
-		break;
-	}
-}
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	int i;
-	if(tt->flags & ASN1_TFLG_SK_MASK) {
-		STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-		for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			ASN1_VALUE *vtmp;
-			vtmp = sk_ASN1_VALUE_value(sk, i);
-			asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0);
-		}
-		sk_ASN1_VALUE_free(sk);
-		*pval = NULL;
-	} else asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
-						tt->flags & ASN1_TFLG_COMBINE);
-}
-
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int utype;
-	if(it) {
-		const ASN1_PRIMITIVE_FUNCS *pf;
-		pf = it->funcs;
-		if(pf && pf->prim_free) {
-			pf->prim_free(pval, it);
-			return;
-		}
-	}
-	/* Special case: if 'it' is NULL free contents of ASN1_TYPE */
-	if(!it) {
-		ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
-		utype = typ->type;
-		pval = (ASN1_VALUE **)&typ->value.ptr;
-		if(!*pval) return;
-	} else if(it->itype == ASN1_ITYPE_MSTRING) {
-		utype = -1;
-		if(!*pval) return;
-	} else {
-		utype = it->utype;
-		if((utype != V_ASN1_BOOLEAN) && !*pval) return;
-	}
-
-	switch(utype) {
-		case V_ASN1_OBJECT:
-		ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
-		break;
-
-		case V_ASN1_BOOLEAN:
-		if (it)
-			*(ASN1_BOOLEAN *)pval = it->size;
-		else
-			*(ASN1_BOOLEAN *)pval = -1;
-		return;
-
-		case V_ASN1_NULL:
-		break;
-
-		case V_ASN1_ANY:
-		ASN1_primitive_free(pval, NULL);
-		OPENSSL_free(*pval);
-		break;
-
-		default:
-		ASN1_STRING_free((ASN1_STRING *)*pval);
-		*pval = NULL;
-		break;
-	}
-	*pval = NULL;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_new.c b/crypto/openssl/crypto/asn1/tasn_new.c
deleted file mode 100644
index a0e3db574f2d..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_new.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* tasn_new.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-#include <string.h>
-
-static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
-static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
-{
-	ASN1_VALUE *ret = NULL;
-	if(ASN1_item_ex_new(&ret, it) > 0) return ret;
-	return NULL;
-}
-
-/* Allocate an ASN1 structure */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	return asn1_item_ex_combine_new(pval, it, 0);
-}
-
-static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
-{
-	const ASN1_TEMPLATE *tt = NULL;
-	const ASN1_COMPAT_FUNCS *cf;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	ASN1_VALUE **pseqval;
-	int i;
-	if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
-	else asn1_cb = 0;
-
-	if(!combine) *pval = NULL;
-
-#ifdef CRYPTO_MDEBUG
-	if(it->sname) CRYPTO_push_info(it->sname);
-#endif
-
-	switch(it->itype) {
-
-		case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if(ef && ef->asn1_ex_new) {
-			if(!ef->asn1_ex_new(pval, it))
-				goto memerr;
-		}
-		break;
-
-		case ASN1_ITYPE_COMPAT:
-		cf = it->funcs;
-		if(cf && cf->asn1_new) {
-			*pval = cf->asn1_new();
-			if(!*pval) goto memerr;
-		}
-		break;
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates) {
-			if(!ASN1_template_new(pval, it->templates))
-				goto memerr;
-		} else {
-			if(!ASN1_primitive_new(pval, it))
-				goto memerr;
-		}
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		if(!ASN1_primitive_new(pval, it))
-				goto memerr;
-		break;
-
-		case ASN1_ITYPE_CHOICE:
-		if(asn1_cb) {
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
-			if(!i) goto auxerr;
-			if(i==2) {
-#ifdef CRYPTO_MDEBUG
-				if(it->sname) CRYPTO_pop_info();
-#endif
-				return 1;
-			}
-		}
-		if(!combine) {
-			*pval = OPENSSL_malloc(it->size);
-			if(!*pval) goto memerr;
-			memset(*pval, 0, it->size);
-		}
-		asn1_set_choice_selector(pval, -1, it);
-		if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
-				goto auxerr;
-		break;
-
-		case ASN1_ITYPE_SEQUENCE:
-		if(asn1_cb) {
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
-			if(!i) goto auxerr;
-			if(i==2) {
-#ifdef CRYPTO_MDEBUG
-				if(it->sname) CRYPTO_pop_info();
-#endif
-				return 1;
-			}
-		}
-		if(!combine) {
-			*pval = OPENSSL_malloc(it->size);
-			if(!*pval) goto memerr;
-			memset(*pval, 0, it->size);
-			asn1_do_lock(pval, 0, it);
-			asn1_enc_init(pval, it);
-		}
-		for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			pseqval = asn1_get_field_ptr(pval, tt);
-			if(!ASN1_template_new(pseqval, tt)) goto memerr;
-		}
-		if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
-				goto auxerr;
-		break;
-	}
-#ifdef CRYPTO_MDEBUG
-	if(it->sname) CRYPTO_pop_info();
-#endif
-	return 1;
-
-	memerr:
-	ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE);
-#ifdef CRYPTO_MDEBUG
-	if(it->sname) CRYPTO_pop_info();
-#endif
-	return 0;
-
-	auxerr:
-	ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR);
-	ASN1_item_ex_free(pval, it);
-#ifdef CRYPTO_MDEBUG
-	if(it->sname) CRYPTO_pop_info();
-#endif
-	return 0;
-
-}
-
-static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	const ASN1_EXTERN_FUNCS *ef;
-
-	switch(it->itype) {
-
-		case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if(ef && ef->asn1_ex_clear) 
-			ef->asn1_ex_clear(pval, it);
-		else *pval = NULL;
-		break;
-
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates) 
-			asn1_template_clear(pval, it->templates);
-		else
-			asn1_primitive_clear(pval, it);
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		asn1_primitive_clear(pval, it);
-		break;
-
-		case ASN1_ITYPE_COMPAT:
-		case ASN1_ITYPE_CHOICE:
-		case ASN1_ITYPE_SEQUENCE:
-		*pval = NULL;
-		break;
-	}
-}
-
-
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
-	int ret;
-	if(tt->flags & ASN1_TFLG_OPTIONAL) {
-		asn1_template_clear(pval, tt);
-		return 1;
-	}
-	/* If ANY DEFINED BY nothing to do */
-
-	if(tt->flags & ASN1_TFLG_ADB_MASK) {
-		*pval = NULL;
-		return 1;
-	}
-#ifdef CRYPTO_MDEBUG
-	if(tt->field_name) CRYPTO_push_info(tt->field_name);
-#endif
-	/* If SET OF or SEQUENCE OF, its a STACK */
-	if(tt->flags & ASN1_TFLG_SK_MASK) {
-		STACK_OF(ASN1_VALUE) *skval;
-		skval = sk_ASN1_VALUE_new_null();
-		if(!skval) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
-			ret = 0;
-			goto done;
-		}
-		*pval = (ASN1_VALUE *)skval;
-		ret = 1;
-		goto done;
-	}
-	/* Otherwise pass it back to the item routine */
-	ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
-	done:
-#ifdef CRYPTO_MDEBUG
-	if(it->sname) CRYPTO_pop_info();
-#endif
-	return ret;
-}
-
-static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	/* If ADB or STACK just NULL the field */
-	if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) 
-		*pval = NULL;
-	else
-		asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
-}
-
-
-/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old
- * functions.
- */
-
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_TYPE *typ;
-	int utype;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	pf = it->funcs;
-	if(pf && pf->prim_new) return pf->prim_new(pval, it);
-	if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
-	else utype = it->utype;
-	switch(utype) {
-		case V_ASN1_OBJECT:
-		*pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
-		return 1;
-
-		case V_ASN1_BOOLEAN:
-		if (it)
-			*(ASN1_BOOLEAN *)pval = it->size;
-		else
-			*(ASN1_BOOLEAN *)pval = -1;
-		return 1;
-
-		case V_ASN1_NULL:
-		*pval = (ASN1_VALUE *)1;
-		return 1;
-
-		case V_ASN1_ANY:
-		typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
-		if(!typ) return 0;
-		typ->value.ptr = NULL;
-		typ->type = -1;
-		*pval = (ASN1_VALUE *)typ;
-		break;
-
-		default:
-		*pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
-		break;
-	}
-	if(*pval) return 1;
-	return 0;
-}
-
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int utype;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	pf = it->funcs;
-	if(pf) {
-		if(pf->prim_clear)
-			pf->prim_clear(pval, it);
-		else 
-			*pval = NULL;
-		return;
-	}
-	if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
-	else utype = it->utype;
-	if(utype == V_ASN1_BOOLEAN)
-		*(ASN1_BOOLEAN *)pval = it->size;
-	else *pval = NULL;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_prn.c b/crypto/openssl/crypto/asn1/tasn_prn.c
deleted file mode 100644
index 719639b511fc..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_prn.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* tasn_prn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/nasn.h>
-
-/* Print routines. Print out a whole structure from a template.
- */
-
-static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name);
-
-int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it)
-{
-	return asn1_item_print_nm(out, fld, indent, it, it->sname);
-}
-
-static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name)
-{
-	ASN1_STRING *str;
-	const ASN1_TEMPLATE *tt;
-	void *tmpfld;
-	int i;
-	if(!fld) {
-		BIO_printf(out, "%*s%s ABSENT\n", indent, "", name);
-		return 1;
-	}
-	switch(it->itype) {
-
-		case ASN1_ITYPE_PRIMITIVE:
-		if(it->templates)
-			return ASN1_template_print(out, fld, indent, it->templates);
-		return asn1_primitive_print(out, fld, it->utype, indent, name);
-		break;
-
-		case ASN1_ITYPE_MSTRING:
-		str = fld;
-		return asn1_primitive_print(out, fld, str->type, indent, name);
-
-		case ASN1_ITYPE_EXTERN:
-		BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
-		return 1;
-		case ASN1_ITYPE_COMPAT:
-		BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
-		return 1;
-
-
-		case ASN1_ITYPE_CHOICE:
-		/* CHOICE type, get selector */
-		i = asn1_get_choice_selector(fld, it);
-		/* This should never happen... */
-		if((i < 0) || (i >= it->tcount)) {
-			BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i);
-			return 1;
-		}
-		tt = it->templates + i;
-		tmpfld = asn1_get_field(fld, tt);
-		return ASN1_template_print(out, tmpfld, indent, tt);
-
-		case ASN1_ITYPE_SEQUENCE:
-		BIO_printf(out, "%*s%s {\n", indent, "", name);
-		/* Get each field entry */
-		for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			tmpfld = asn1_get_field(fld, tt);
-			ASN1_template_print(out, tmpfld, indent + 2, tt);
-		}
-		BIO_printf(out, "%*s}\n", indent, "");
-		return 1;
-
-		default:
-		return 0;
-	}
-}
-
-int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt)
-{
-	int i, flags;
-#if 0
-	if(!fld) return 0; 
-#endif
-	flags = tt->flags;
-	if(flags & ASN1_TFLG_SK_MASK) {
-		char *tname;
-		void *skitem;
-		/* SET OF, SEQUENCE OF */
-		if(flags & ASN1_TFLG_SET_OF) tname = "SET";
-		else tname = "SEQUENCE";
-		if(fld) {
-			BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name);
-			for(i = 0; i < sk_num(fld); i++) {
-				skitem = sk_value(fld, i);
-				asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
-			}
-			BIO_printf(out, "%*s}\n", indent, "");
-		} else 
-			BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name);
-		return 1;
-	}
-	return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
-}
-
-static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name)
-{
-	ASN1_STRING *str = fld;
-	if(fld) {
-		if(utype == V_ASN1_BOOLEAN) {
-			int *bool = fld;
-if(*bool == -1) printf("BOOL MISSING\n");
-			BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE");
-		} else if((utype == V_ASN1_INTEGER) 
-			  || (utype == V_ASN1_ENUMERATED)) {
-			char *s, *nm;
-			s = i2s_ASN1_INTEGER(NULL, fld);
-			if(utype == V_ASN1_INTEGER) nm = "INTEGER";
-			else nm = "ENUMERATED";
-			BIO_printf(out, "%*s%s:%s", indent, "", nm, s);
-			OPENSSL_free(s);
-		} else if(utype == V_ASN1_NULL) {
-			BIO_printf(out, "%*s%s", indent, "", "NULL");
-		} else if(utype == V_ASN1_UTCTIME) {
-			BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME");
-			ASN1_UTCTIME_print(out, str);
-		} else if(utype == V_ASN1_GENERALIZEDTIME) {
-			BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME");
-			ASN1_GENERALIZEDTIME_print(out, str);
-		} else if(utype == V_ASN1_OBJECT) {
-			char objbuf[80], *ln;
-			ln = OBJ_nid2ln(OBJ_obj2nid(fld));
-			if(!ln) ln = "";
-			OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1);
-			BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
-		} else {
-			BIO_printf(out, "%*s%s:", indent, "", name);
-			ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE);
-		}
-		BIO_printf(out, "\n");
-	} else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name);
-	return 1;
-}
diff --git a/crypto/openssl/crypto/asn1/tasn_typ.c b/crypto/openssl/crypto/asn1/tasn_typ.c
deleted file mode 100644
index 804d2eeba273..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_typ.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* tasn_typ.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Declarations for string types */
-
-
-IMPLEMENT_ASN1_TYPE(ASN1_INTEGER)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER)
-
-IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_NULL)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL)
-
-IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_T61STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_GENERALSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME)
-
-IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-
-IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_ANY)
-
-/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
-IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
-
-IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-/* Multistring types */
-
-IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-
-IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-
-/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
-IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
-IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
-IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
diff --git a/crypto/openssl/crypto/asn1/tasn_utl.c b/crypto/openssl/crypto/asn1/tasn_utl.c
deleted file mode 100644
index 8996ce8c13d2..000000000000
--- a/crypto/openssl/crypto/asn1/tasn_utl.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* tasn_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-
-/* Utility functions for manipulating fields and offsets */
-
-/* Add 'offset' to 'addr' */
-#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
-
-/* Given an ASN1_ITEM CHOICE type return
- * the selector value
- */
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int *sel = offset2ptr(*pval, it->utype);
-	return *sel;
-}
-
-/* Given an ASN1_ITEM CHOICE type set
- * the selector value, return old value.
- */
-
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
-{	
-	int *sel, ret;
-	sel = offset2ptr(*pval, it->utype);
-	ret = *sel;
-	*sel = value;
-	return ret;
-}
-
-/* Do reference counting. The value 'op' decides what to do. 
- * if it is +1 then the count is incremented. If op is 0 count is
- * set to 1. If op is -1 count is decremented and the return value
- * is the current refrence count or 0 if no reference count exists.
- */
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
-{
-	const ASN1_AUX *aux;
-	int *lck, ret;
-	if(it->itype != ASN1_ITYPE_SEQUENCE) return 0;
-	aux = it->funcs;
-	if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0;
-	lck = offset2ptr(*pval, aux->ref_offset);
-	if(op == 0) {
-		*lck = 1;
-		return 1;
-	}
-	ret = CRYPTO_add(lck, op, aux->ref_lock);
-#ifdef REF_PRINT
-	fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
-#endif
-#ifdef REF_CHECK
-	if(ret < 0) 
-		fprintf(stderr, "%s, bad reference count\n", it->sname);
-#endif
-	return ret;
-}
-
-static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	const ASN1_AUX *aux;
-	if(!pval || !*pval) return NULL;
-	aux = it->funcs;
-	if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL;
-	return offset2ptr(*pval, aux->enc_offset);
-}
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-	enc = asn1_get_enc_ptr(pval, it);
-	if(enc) {
-		enc->enc = NULL;
-		enc->len = 0;
-		enc->modified = 1;
-	}
-}
-
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-	enc = asn1_get_enc_ptr(pval, it);
-	if(enc) {
-		if(enc->enc) OPENSSL_free(enc->enc);
-		enc->enc = NULL;
-		enc->len = 0;
-		enc->modified = 1;
-	}
-}
-
-int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-	enc = asn1_get_enc_ptr(pval, it);
-	if(!enc) return 1;
-
-	if(enc->enc) OPENSSL_free(enc->enc);
-	enc->enc = OPENSSL_malloc(inlen);
-	if(!enc->enc) return 0;
-	memcpy(enc->enc, in, inlen);
-	enc->len = inlen;
-	enc->modified = 0;
-
-	return 1;
-}
-		
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-	enc = asn1_get_enc_ptr(pval, it);
-	if(!enc || enc->modified) return 0;
-	if(out) {
-		memcpy(*out, enc->enc, enc->len);
-		*out += enc->len;
-	}
-	if(len) *len = enc->len;
-	return 1;
-}
-
-/* Given an ASN1_TEMPLATE get a pointer to a field */
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	ASN1_VALUE **pvaltmp;
-	if(tt->flags & ASN1_TFLG_COMBINE) return pval;
-	pvaltmp = offset2ptr(*pval, tt->offset);
-	/* NOTE for BOOLEAN types the field is just a plain
- 	 * int so we can't return int **, so settle for
-	 * (int *).
-	 */
-	return pvaltmp;
-}
-
-/* Handle ANY DEFINED BY template, find the selector, look up
- * the relevant ASN1_TEMPLATE in the table and return it.
- */
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr)
-{
-	const ASN1_ADB *adb;
-	const ASN1_ADB_TABLE *atbl;
-	long selector;
-	ASN1_VALUE **sfld;
-	int i;
-	if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt;
-
-	/* Else ANY DEFINED BY ... get the table */
-	adb = ASN1_ADB_ptr(tt->item);
-
-	/* Get the selector field */
-	sfld = offset2ptr(*pval, adb->offset);
-
-	/* Check if NULL */
-	if(!sfld) {
-		if(!adb->null_tt) goto err;
-		return adb->null_tt;
-	}
-
-	/* Convert type to a long:
-	 * NB: don't check for NID_undef here because it
-	 * might be a legitimate value in the table
-	 */
-	if(tt->flags & ASN1_TFLG_ADB_OID) 
-		selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
-	else 
-		selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
-
-	/* Try to find matching entry in table
-	 * Maybe should check application types first to
-	 * allow application override? Might also be useful
-	 * to have a flag which indicates table is sorted and
-	 * we can do a binary search. For now stick to a
-	 * linear search.
-	 */
-
-	for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
-		if(atbl->value == selector) return &atbl->tt;
-
-	/* FIXME: need to search application table too */
-
-	/* No match, return default type */
-	if(!adb->default_tt) goto err;		
-	return adb->default_tt;
-	
-	err:
-	/* FIXME: should log the value or OID of unsupported type */
-	if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
-	return NULL;
-}
diff --git a/crypto/openssl/crypto/asn1/x_algor.c b/crypto/openssl/crypto/asn1/x_algor.c
deleted file mode 100644
index 00b9ea54a15f..000000000000
--- a/crypto/openssl/crypto/asn1/x_algor.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* x_algor.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(X509_ALGOR) = {
-	ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
-	ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
-} ASN1_SEQUENCE_END(X509_ALGOR)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
-
-IMPLEMENT_STACK_OF(X509_ALGOR)
-IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
diff --git a/crypto/openssl/crypto/asn1/x_attrib.c b/crypto/openssl/crypto/asn1/x_attrib.c
deleted file mode 100644
index 1e3713f18f26..000000000000
--- a/crypto/openssl/crypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/asn1/x_attrib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* X509_ATTRIBUTE: this has the following form:
- *
- * typedef struct x509_attributes_st
- *	{
- *	ASN1_OBJECT *object;
- *	int single;
- *	union	{
- *		char		*ptr;
- * 		STACK_OF(ASN1_TYPE) *set;
- * 		ASN1_TYPE	*single;
- *		} value;
- *	} X509_ATTRIBUTE;
- *
- * this needs some extra thought because the CHOICE type is
- * merged with the main structure and because the value can
- * be anything at all we *must* try the SET OF first because
- * the ASN1_ANY type will swallow anything including the whole
- * SET OF structure.
- */
-
-ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
-	ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
-	ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
-} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single)
-
-ASN1_SEQUENCE(X509_ATTRIBUTE) = {
-	ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
-	/* CHOICE type merged with parent */
-	ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
-} ASN1_SEQUENCE_END(X509_ATTRIBUTE)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
-	{
-	X509_ATTRIBUTE *ret=NULL;
-	ASN1_TYPE *val=NULL;
-
-	if ((ret=X509_ATTRIBUTE_new()) == NULL)
-		return(NULL);
-	ret->object=OBJ_nid2obj(nid);
-	ret->single=0;
-	if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
-	if ((val=ASN1_TYPE_new()) == NULL) goto err;
-	if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
-
-	ASN1_TYPE_set(val,atrtype,value);
-	return(ret);
-err:
-	if (ret != NULL) X509_ATTRIBUTE_free(ret);
-	if (val != NULL) ASN1_TYPE_free(val);
-	return(NULL);
-	}
diff --git a/crypto/openssl/crypto/asn1/x_bignum.c b/crypto/openssl/crypto/asn1/x_bignum.c
deleted file mode 100644
index 848c7a08779c..000000000000
--- a/crypto/openssl/crypto/asn1/x_bignum.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* x_bignum.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-
-/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
- * BIGNUM directly. Currently it ignores the sign which isn't a problem since all
- * BIGNUMs used are non negative and anything that looks negative is normally due
- * to an encoding error.
- */
-
-#define BN_SENSITIVE	1
-
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-static ASN1_PRIMITIVE_FUNCS bignum_pf = {
-	NULL, 0,
-	bn_new,
-	bn_free,
-	0,
-	bn_c2i,
-	bn_i2c
-};
-
-ASN1_ITEM_start(BIGNUM)
-	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
-ASN1_ITEM_end(BIGNUM)
-
-ASN1_ITEM_start(CBIGNUM)
-	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
-ASN1_ITEM_end(CBIGNUM)
-
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*pval = (ASN1_VALUE *)BN_new();
-	if(*pval) return 1;
-	else return 0;
-}
-
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(!*pval) return;
-	if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
-	else BN_free((BIGNUM *)*pval);
-	*pval = NULL;
-}
-
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
-{
-	BIGNUM *bn;
-	int pad;
-	if(!*pval) return -1;
-	bn = (BIGNUM *)*pval;
-	/* If MSB set in an octet we need a padding byte */
-	if(BN_num_bits(bn) & 0x7) pad = 0;
-	else pad = 1;
-	if(cont) {
-		if(pad) *cont++ = 0;
-		BN_bn2bin(bn, cont);
-	}
-	return pad + BN_num_bytes(bn);
-}
-
-static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
-{
-	BIGNUM *bn;
-	if(!*pval) bn_new(pval, it);
-	bn  = (BIGNUM *)*pval;
-	if(!BN_bin2bn(cont, len, bn)) {
-		bn_free(pval, it);
-		return 0;
-	}
-	return 1;
-}
-
-
diff --git a/crypto/openssl/crypto/asn1/x_cinf.c b/crypto/openssl/crypto/asn1/x_cinf.c
deleted file mode 100644
index 339a110eefd6..000000000000
--- a/crypto/openssl/crypto/asn1/x_cinf.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* crypto/asn1/x_cinf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_CINF(X509_CINF *a, unsigned char **pp)
-	{
-	int v1=0,v2=0;
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
-	M_ASN1_I2D_len(a->serialNumber,		i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(a->signature,		i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->issuer,		i2d_X509_NAME);
-	M_ASN1_I2D_len(a->validity,		i2d_X509_VAL);
-	M_ASN1_I2D_len(a->subject,		i2d_X509_NAME);
-	M_ASN1_I2D_len(a->key,			i2d_X509_PUBKEY);
-	M_ASN1_I2D_len_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING);
-	M_ASN1_I2D_len_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING);
-	M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-					     i2d_X509_EXTENSION,3,
-					     V_ASN1_SEQUENCE,v2);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
-	M_ASN1_I2D_put(a->serialNumber,		i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(a->signature,		i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->issuer,		i2d_X509_NAME);
-	M_ASN1_I2D_put(a->validity,		i2d_X509_VAL);
-	M_ASN1_I2D_put(a->subject,		i2d_X509_NAME);
-	M_ASN1_I2D_put(a->key,			i2d_X509_PUBKEY);
-	M_ASN1_I2D_put_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING,1);
-	M_ASN1_I2D_put_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING,2);
-	M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-					     i2d_X509_EXTENSION,3,
-					     V_ASN1_SEQUENCE,v2);
-
-	M_ASN1_I2D_finish();
-	}
-
-X509_CINF *d2i_X509_CINF(X509_CINF **a, unsigned char **pp, long length)
-	{
-	int ver=0;
-	M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	/* we have the optional version field */
-	if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0))
-		{
-		M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0);
-		if (ret->version->data != NULL)
-			ver=ret->version->data[0];
-		}
-	else
-		{
-		if (ret->version != NULL)
-			{
-			M_ASN1_INTEGER_free(ret->version);
-			ret->version=NULL;
-			}
-		}
-	M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
-	M_ASN1_D2I_get(ret->validity,d2i_X509_VAL);
-	M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
-	M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY);
-	if (ver >= 1) /* version 2 extensions */
-		{
-		if (ret->issuerUID != NULL)
-			{
-			M_ASN1_BIT_STRING_free(ret->issuerUID);
-			ret->issuerUID=NULL;
-			}
-		if (ret->subjectUID != NULL)
-			{
-			M_ASN1_BIT_STRING_free(ret->subjectUID);
-			ret->subjectUID=NULL;
-			}
-		M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING,  1,
-			V_ASN1_BIT_STRING);
-		M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
-			V_ASN1_BIT_STRING);
-		}
-/* Note: some broken certificates include extensions but don't set
- * the version number properly. By bypassing this check they can
- * be parsed.
- */
-
-#ifdef VERSION_EXT_CHECK
-	if (ver >= 2) /* version 3 extensions */
-#endif
-		{
-		if (ret->extensions != NULL)
-			while (sk_X509_EXTENSION_num(ret->extensions))
-				X509_EXTENSION_free(
-				      sk_X509_EXTENSION_pop(ret->extensions));
-		M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
-						d2i_X509_EXTENSION,
-						X509_EXTENSION_free,3,
-						V_ASN1_SEQUENCE);
-		}
-	M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
-	}
-
-X509_CINF *X509_CINF_new(void)
-	{
-	X509_CINF *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,X509_CINF);
-	ret->version=NULL;
-	M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
-	M_ASN1_New(ret->signature,X509_ALGOR_new);
-	M_ASN1_New(ret->issuer,X509_NAME_new);
-	M_ASN1_New(ret->validity,X509_VAL_new);
-	M_ASN1_New(ret->subject,X509_NAME_new);
-	M_ASN1_New(ret->key,X509_PUBKEY_new);
-	ret->issuerUID=NULL;
-	ret->subjectUID=NULL;
-	ret->extensions=NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
-	}
-
-void X509_CINF_free(X509_CINF *a)
-	{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	M_ASN1_INTEGER_free(a->serialNumber);
-	X509_ALGOR_free(a->signature);
-	X509_NAME_free(a->issuer);
-	X509_VAL_free(a->validity);
-	X509_NAME_free(a->subject);
-	X509_PUBKEY_free(a->key);
-	M_ASN1_BIT_STRING_free(a->issuerUID);
-	M_ASN1_BIT_STRING_free(a->subjectUID);
-	sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
-	OPENSSL_free(a);
-	}
-
diff --git a/crypto/openssl/crypto/asn1/x_crl.c b/crypto/openssl/crypto/asn1/x_crl.c
deleted file mode 100644
index 11fce968257d..000000000000
--- a/crypto/openssl/crypto/asn1/x_crl.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* crypto/asn1/x_crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
-				const X509_REVOKED * const *b);
-static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
-				const X509_REVOKED * const *b);
-
-ASN1_SEQUENCE(X509_REVOKED) = {
-	ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
-	ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
-	ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
-} ASN1_SEQUENCE_END(X509_REVOKED)
-
-/* The X509_CRL_INFO structure needs a bit of customisation. This is actually
- * mirroring the old behaviour: its purpose is to allow the use of
- * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately
- * this will zap the original order and the signature so we keep a copy
- * of the original positions and reorder appropriately before encoding.
- *
- * Might want to see if there's a better way of doing this later...
- */
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
-	int i;
-	int (*old_cmp)(const X509_REVOKED * const *,
-			const X509_REVOKED * const *);
-
-	if(!a || !a->revoked) return 1;
-	switch(operation) {
-
-		/* Save original order */
-		case ASN1_OP_D2I_POST:
-		for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
-			sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
-		sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
-		break;
-
-		/* Restore original order */
-		case ASN1_OP_I2D_PRE:
-		old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
-		sk_X509_REVOKED_sort(a->revoked);
-		sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
-		break;
-	}
-	return 1;
-}
-
-
-ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
-	ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
-	ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
-	ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
-	ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
-	ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
-	ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
-	ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO)
-
-ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
-	ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
-	ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
-	ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
-IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
-IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
-
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
-			const X509_REVOKED * const *b)
-	{
-	return(ASN1_STRING_cmp(
-		(ASN1_STRING *)(*a)->serialNumber,
-		(ASN1_STRING *)(*b)->serialNumber));
-	}
-
-static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
-				const X509_REVOKED * const *b)
-	{
-	return((*a)->sequence-(*b)->sequence);
-	}
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
-{
-	X509_CRL_INFO *inf;
-	inf = crl->crl;
-	if(!inf->revoked)
-		inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
-	if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
-		ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-IMPLEMENT_STACK_OF(X509_REVOKED)
-IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
-IMPLEMENT_STACK_OF(X509_CRL)
-IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/crypto/openssl/crypto/asn1/x_exten.c b/crypto/openssl/crypto/asn1/x_exten.c
deleted file mode 100644
index 702421b6c851..000000000000
--- a/crypto/openssl/crypto/asn1/x_exten.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* x_exten.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(X509_EXTENSION) = {
-	ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
-	ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
-	ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(X509_EXTENSION)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/crypto/openssl/crypto/asn1/x_info.c b/crypto/openssl/crypto/asn1/x_info.c
deleted file mode 100644
index d44f6cdb0197..000000000000
--- a/crypto/openssl/crypto/asn1/x_info.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/asn1/x_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-
-X509_INFO *X509_INFO_new(void)
-	{
-	X509_INFO *ret=NULL;
-
-	ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
-	if (ret == NULL)
-		{
-		ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
- 
-        ret->enc_cipher.cipher=NULL;
-        ret->enc_len=0;
-        ret->enc_data=NULL;
- 
-	ret->references=1;
-	ret->x509=NULL;
-	ret->crl=NULL;
-	ret->x_pkey=NULL;
-	return(ret);
-	}
-
-void X509_INFO_free(X509_INFO *x)
-	{
-	int i;
-
-	if (x == NULL) return;
-
-	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
-#ifdef REF_PRINT
-	REF_PRINT("X509_INFO",x);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"X509_INFO_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	if (x->x509 != NULL) X509_free(x->x509);
-	if (x->crl != NULL) X509_CRL_free(x->crl);
-	if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
-	if (x->enc_data != NULL) OPENSSL_free(x->enc_data);
-	OPENSSL_free(x);
-	}
-
-IMPLEMENT_STACK_OF(X509_INFO)
-
diff --git a/crypto/openssl/crypto/asn1/x_long.c b/crypto/openssl/crypto/asn1/x_long.c
deleted file mode 100644
index c04b192794f1..000000000000
--- a/crypto/openssl/crypto/asn1/x_long.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/* x_long.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-
-/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
- * and a long directly.
- */
-
-
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-static ASN1_PRIMITIVE_FUNCS long_pf = {
-	NULL, 0,
-	long_new,
-	long_free,
-	long_free,	/* Clear should set to initial value */
-	long_c2i,
-	long_i2c
-};
-
-ASN1_ITEM_start(LONG)
-	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
-ASN1_ITEM_end(LONG)
-
-ASN1_ITEM_start(ZLONG)
-	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
-ASN1_ITEM_end(ZLONG)
-
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*(long *)pval = it->size;
-	return 1;
-}
-
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*(long *)pval = it->size;
-}
-
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
-{
-	long ltmp;
-	unsigned long utmp;
-	int clen, pad, i;
-	ltmp = *(long *)pval;
-	if(ltmp == it->size) return -1;
-	/* Convert the long to positive: we subtract one if negative so
-	 * we can cleanly handle the padding if only the MSB of the leading
-	 * octet is set. 
-	 */
-	if(ltmp < 0) utmp = -ltmp - 1;
-	else utmp = ltmp;
-	clen = BN_num_bits_word(utmp);
-	/* If MSB of leading octet set we need to pad */
-	if(!(clen & 0x7)) pad = 1;
-	else pad = 0;
-
-	/* Convert number of bits to number of octets */
-	clen = (clen + 7) >> 3;
-
-	if(cont) {
-		if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
-		for(i = clen - 1; i >= 0; i--) {
-			cont[i] = (unsigned char)(utmp & 0xff);
-			if(ltmp < 0) cont[i] ^= 0xff;
-			utmp >>= 8;
-		}
-	}
-	return clen + pad;
-}
-
-static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
-{
-	int neg, i;
-	long ltmp;
-	unsigned long utmp = 0;
-	if(len > sizeof(long)) {
-		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-		return 0;
-	}
-	/* Is it negative? */
-	if(len && (cont[0] & 0x80)) neg = 1;
-	else neg = 0;
-	utmp = 0;
-	for(i = 0; i < len; i++) {
-		utmp <<= 8;
-		if(neg) utmp |= cont[i] ^ 0xff;
-		else utmp |= cont[i];
-	}
-	ltmp = (long)utmp;
-	if(neg) {
-		ltmp++;
-		ltmp = -ltmp;
-	}
-	if(ltmp == it->size) {
-		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-		return 0;
-	}
-	*(long *)pval = ltmp;
-	return 1;
-}
diff --git a/crypto/openssl/crypto/asn1/x_name.c b/crypto/openssl/crypto/asn1/x_name.c
deleted file mode 100644
index caece0f1585c..000000000000
--- a/crypto/openssl/crypto/asn1/x_name.c
+++ /dev/null
@@ -1,272 +0,0 @@
-/* crypto/asn1/x_name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
-static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
-
-static int x509_name_encode(X509_NAME *a);
-
-ASN1_SEQUENCE(X509_NAME_ENTRY) = {
-	ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
-	ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
-} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
-
-/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
- * so declare two template wrappers for this
- */
-
-ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
-
-ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
-
-/* Normally that's where it would end: we'd have two nested STACK structures
- * representing the ASN1. Unfortunately X509_NAME uses a completely different
- * form and caches encodings so we have to process the internal form and convert
- * to the external form.
- */
-
-const ASN1_EXTERN_FUNCS x509_name_ff = {
-	NULL,
-	x509_name_ex_new,
-	x509_name_ex_free,
-	0,	/* Default clear behaviour is OK */
-	x509_name_ex_d2i,
-	x509_name_ex_i2d
-};
-
-IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) 
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
-
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
-{
-	X509_NAME *ret = NULL;
-	ret = OPENSSL_malloc(sizeof(X509_NAME));
-	if(!ret) goto memerr;
-	if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
-		goto memerr;
-	if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
-	ret->modified=1;
-	*val = (ASN1_VALUE *)ret;
-	return 1;
-
- memerr:
-	ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE);
-	if (ret)
-		{
-		if (ret->entries)
-			sk_X509_NAME_ENTRY_free(ret->entries);
-		OPENSSL_free(ret);
-		}
-	return 0;
-}
-
-static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	X509_NAME *a;
-	if(!pval || !*pval)
-	    return;
-	a = (X509_NAME *)*pval;
-
-	BUF_MEM_free(a->bytes);
-	sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
-	OPENSSL_free(a);
-	*pval = NULL;
-}
-
-/* Used with sk_pop_free() to free up the internal representation.
- * NB: we only free the STACK and not its contents because it is
- * already present in the X509_NAME structure.
- */
-
-static void sk_internal_free(void *a)
-{
-	sk_free(a);
-}
-
-static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	unsigned char *p = *in, *q;
-	STACK *intname = NULL;
-	int i, j, ret;
-	X509_NAME *nm = NULL;
-	STACK_OF(X509_NAME_ENTRY) *entries;
-	X509_NAME_ENTRY *entry;
-	q = p;
-
-	/* Get internal representation of Name */
-	ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
-								tag, aclass, opt, ctx);
-	
-	if(ret <= 0) return ret;
-
-	if(*val) x509_name_ex_free(val, NULL);
-	if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
-	/* We've decoded it: now cache encoding */
-	if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
-	memcpy(nm->bytes->data, q, p - q);
-
-	/* Convert internal representation to X509_NAME structure */
-	for(i = 0; i < sk_num(intname); i++) {
-		entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
-		for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
-			entry = sk_X509_NAME_ENTRY_value(entries, j);
-			entry->set = i;
-			if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
-				goto err;
-		}
-		sk_X509_NAME_ENTRY_free(entries);
-	}
-	sk_free(intname);
-	nm->modified = 0;
-	*val = (ASN1_VALUE *)nm;
-	*in = p;
-	return ret;
-	err:
-	ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR);
-	return 0;
-}
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
-{
-	int ret;
-	X509_NAME *a = (X509_NAME *)*val;
-	if(a->modified) {
-		ret = x509_name_encode((X509_NAME *)a);
-		if(ret < 0) return ret;
-	}
-	ret = a->bytes->length;
-	if(out != NULL) {
-		memcpy(*out,a->bytes->data,ret);
-		*out+=ret;
-	}
-	return ret;
-}
-
-static int x509_name_encode(X509_NAME *a)
-{
-	STACK *intname = NULL;
-	int len;
-	unsigned char *p;
-	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
-	X509_NAME_ENTRY *entry;
-	int i, set = -1;
-	intname = sk_new_null();
-	if(!intname) goto memerr;
-	for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
-		if(entry->set != set) {
-			entries = sk_X509_NAME_ENTRY_new_null();
-			if(!entries) goto memerr;
-			if(!sk_push(intname, (char *)entries)) goto memerr;
-			set = entry->set;
-		}
-		if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
-	}
-	len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-	if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
-	p=(unsigned char *)a->bytes->data;
-	ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-	sk_pop_free(intname, sk_internal_free);
-	a->modified = 0;
-	return len;
-	memerr:
-	sk_pop_free(intname, sk_internal_free);
-	ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE);
-	return -1;
-}
-
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
-	{
-	X509_NAME *in;
-
-	if (!xn || !name) return(0);
-
-	if (*xn != name)
-		{
-		in=X509_NAME_dup(name);
-		if (in != NULL)
-			{
-			X509_NAME_free(*xn);
-			*xn=in;
-			}
-		}
-	return(*xn != NULL);
-	}
-	
-IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
-IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/crypto/openssl/crypto/asn1/x_pkey.c b/crypto/openssl/crypto/asn1/x_pkey.c
deleted file mode 100644
index f1c6221ac3f1..000000000000
--- a/crypto/openssl/crypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* crypto/asn1/x_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* need to implement */
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
-	{
-	return(0);
-	}
-
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length)
-	{
-	int i;
-	M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
-
-	ret->cipher.cipher=EVP_get_cipherbyname(
-		OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
-	if (ret->cipher.cipher == NULL)
-		{
-		c.error=ASN1_R_UNSUPPORTED_CIPHER;
-		c.line=__LINE__;
-		goto err;
-		}
-	if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) 
-		{
-		i=ret->enc_algor->parameter->value.octet_string->length;
-		if (i > EVP_MAX_IV_LENGTH)
-			{
-			c.error=ASN1_R_IV_TOO_LARGE;
-			c.line=__LINE__;
-			goto err;
-			}
-		memcpy(ret->cipher.iv,
-			ret->enc_algor->parameter->value.octet_string->data,i);
-		}
-	else
-		memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
-	M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
-	}
-
-X509_PKEY *X509_PKEY_new(void)
-	{
-	X509_PKEY *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,X509_PKEY);
-	ret->version=0;
-	M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
-	M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
-	ret->dec_pkey=NULL;
-	ret->key_length=0;
-	ret->key_data=NULL;
-	ret->key_free=0;
-	ret->cipher.cipher=NULL;
-	memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
-	ret->references=1;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
-	}
-
-void X509_PKEY_free(X509_PKEY *x)
-	{
-	int i;
-
-	if (x == NULL) return;
-
-	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
-#ifdef REF_PRINT
-	REF_PRINT("X509_PKEY",x);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"X509_PKEY_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
-	if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
-	if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
-	if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data);
-	OPENSSL_free(x);
-	}
diff --git a/crypto/openssl/crypto/asn1/x_pubkey.c b/crypto/openssl/crypto/asn1/x_pubkey.c
deleted file mode 100644
index d9585401206d..000000000000
--- a/crypto/openssl/crypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/asn1/x_pubkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_FREE_POST) {
-		X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
-		EVP_PKEY_free(pubkey->pkey);
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
-	ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
-	ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
-	{
-	int ok=0;
-	X509_PUBKEY *pk;
-	X509_ALGOR *a;
-	ASN1_OBJECT *o;
-	unsigned char *s,*p = NULL;
-	int i;
-
-	if (x == NULL) return(0);
-
-	if ((pk=X509_PUBKEY_new()) == NULL) goto err;
-	a=pk->algor;
-
-	/* set the algorithm id */
-	if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
-	ASN1_OBJECT_free(a->algorithm);
-	a->algorithm=o;
-
-	/* Set the parameter list */
-	if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
-		{
-		if ((a->parameter == NULL) ||
-			(a->parameter->type != V_ASN1_NULL))
-			{
-			ASN1_TYPE_free(a->parameter);
-			a->parameter=ASN1_TYPE_new();
-			a->parameter->type=V_ASN1_NULL;
-			}
-		}
-	else
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		{
-		unsigned char *pp;
-		DSA *dsa;
-
-		dsa=pkey->pkey.dsa;
-		dsa->write_params=0;
-		ASN1_TYPE_free(a->parameter);
-		i=i2d_DSAparams(dsa,NULL);
-		if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
-		pp=p;
-		i2d_DSAparams(dsa,&pp);
-		a->parameter=ASN1_TYPE_new();
-		a->parameter->type=V_ASN1_SEQUENCE;
-		a->parameter->value.sequence=ASN1_STRING_new();
-		ASN1_STRING_set(a->parameter->value.sequence,p,i);
-		OPENSSL_free(p);
-		}
-	else
-#endif
-		{
-		X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
-		goto err;
-		}
-
-	if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
-	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
-		{
-		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=s;
-	i2d_PublicKey(pkey,&p);
-	if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
-	/* Set number of unused bits to zero */
-	pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-	pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-
-	OPENSSL_free(s);
-
-#if 0
-	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	pk->pkey=pkey;
-#endif
-
-	if (*x != NULL)
-		X509_PUBKEY_free(*x);
-
-	*x=pk;
-	pk=NULL;
-
-	ok=1;
-err:
-	if (pk != NULL) X509_PUBKEY_free(pk);
-	return(ok);
-	}
-
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
-	{
-	EVP_PKEY *ret=NULL;
-	long j;
-	int type;
-	unsigned char *p;
-#ifndef OPENSSL_NO_DSA
-	const unsigned char *cp;
-	X509_ALGOR *a;
-#endif
-
-	if (key == NULL) goto err;
-
-	if (key->pkey != NULL)
-	    {
-	    CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	    return(key->pkey);
-	    }
-
-	if (key->public_key == NULL) goto err;
-
-	type=OBJ_obj2nid(key->algor->algorithm);
-	p=key->public_key->data;
-        j=key->public_key->length;
-        if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
-		{
-		X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
-		goto err;
-		}
-	ret->save_parameters=0;
-
-#ifndef OPENSSL_NO_DSA
-	a=key->algor;
-	if (ret->type == EVP_PKEY_DSA)
-		{
-		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
-			{
-			ret->pkey.dsa->write_params=0;
-			cp=p=a->parameter->value.sequence->data;
-			j=a->parameter->value.sequence->length;
-			if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
-				goto err;
-			}
-		ret->save_parameters=1;
-		}
-#endif
-	key->pkey=ret;
-	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
-	return(ret);
-err:
-	if (ret != NULL)
-		EVP_PKEY_free(ret);
-	return(NULL);
-	}
-
-/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
- * and encode or decode as X509_PUBKEY
- */
-
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
-	     long length)
-{
-	X509_PUBKEY *xpk;
-	EVP_PKEY *pktmp;
-	xpk = d2i_X509_PUBKEY(NULL, pp, length);
-	if(!xpk) return NULL;
-	pktmp = X509_PUBKEY_get(xpk);
-	X509_PUBKEY_free(xpk);
-	if(!pktmp) return NULL;
-	if(a) {
-		EVP_PKEY_free(*a);
-		*a = pktmp;
-	}
-	return pktmp;
-}
-
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
-{
-	X509_PUBKEY *xpk=NULL;
-	int ret;
-	if(!a) return 0;
-	if(!X509_PUBKEY_set(&xpk, a)) return 0;
-	ret = i2d_X509_PUBKEY(xpk, pp);
-	X509_PUBKEY_free(xpk);
-	return ret;
-}
-
-/* The following are equivalents but which return RSA and DSA
- * keys
- */
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
-	     long length)
-{
-	EVP_PKEY *pkey;
-	RSA *key;
-	unsigned char *q;
-	q = *pp;
-	pkey = d2i_PUBKEY(NULL, &q, length);
-	if(!pkey) return NULL;
-	key = EVP_PKEY_get1_RSA(pkey);
-	EVP_PKEY_free(pkey);
-	if(!key) return NULL;
-	*pp = q;
-	if(a) {
-		RSA_free(*a);
-		*a = key;
-	}
-	return key;
-}
-
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
-{
-	EVP_PKEY *pktmp;
-	int ret;
-	if(!a) return 0;
-	pktmp = EVP_PKEY_new();
-	if(!pktmp) {
-		ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	EVP_PKEY_set1_RSA(pktmp, a);
-	ret = i2d_PUBKEY(pktmp, pp);
-	EVP_PKEY_free(pktmp);
-	return ret;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
-	     long length)
-{
-	EVP_PKEY *pkey;
-	DSA *key;
-	unsigned char *q;
-	q = *pp;
-	pkey = d2i_PUBKEY(NULL, &q, length);
-	if(!pkey) return NULL;
-	key = EVP_PKEY_get1_DSA(pkey);
-	EVP_PKEY_free(pkey);
-	if(!key) return NULL;
-	*pp = q;
-	if(a) {
-		DSA_free(*a);
-		*a = key;
-	}
-	return key;
-}
-
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
-{
-	EVP_PKEY *pktmp;
-	int ret;
-	if(!a) return 0;
-	pktmp = EVP_PKEY_new();
-	if(!pktmp) {
-		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	EVP_PKEY_set1_DSA(pktmp, a);
-	ret = i2d_PUBKEY(pktmp, pp);
-	EVP_PKEY_free(pktmp);
-	return ret;
-}
-#endif
diff --git a/crypto/openssl/crypto/asn1/x_req.c b/crypto/openssl/crypto/asn1/x_req.c
deleted file mode 100644
index b3f18ebc12fb..000000000000
--- a/crypto/openssl/crypto/asn1/x_req.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/asn1/x_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* X509_REQ_INFO is handled in an unusual way to get round
- * invalid encodings. Some broken certificate requests don't
- * encode the attributes field if it is empty. This is in
- * violation of PKCS#10 but we need to tolerate it. We do
- * this by making the attributes field OPTIONAL then using
- * the callback to initialise it to an empty STACK. 
- *
- * This means that the field will be correctly encoded unless
- * we NULL out the field.
- *
- * As a result we no longer need the req_kludge field because
- * the information is now contained in the attributes field:
- * 1. If it is NULL then it's the invalid omission.
- * 2. If it is empty it is the correct encoding.
- * 3. If it is not empty then some attributes are present.
- *
- */
-
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
-
-	if(operation == ASN1_OP_NEW_POST) {
-		rinf->attributes = sk_X509_ATTRIBUTE_new_null();
-		if(!rinf->attributes) return 0;
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
-	ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
-	ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
-	ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
-	/* This isn't really OPTIONAL but it gets round invalid
-	 * encodings
-	 */
-	ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
-} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
-
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
-	ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
-	ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
-	ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_REQ)
diff --git a/crypto/openssl/crypto/asn1/x_sig.c b/crypto/openssl/crypto/asn1/x_sig.c
deleted file mode 100644
index 42efa86c1cd9..000000000000
--- a/crypto/openssl/crypto/asn1/x_sig.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/asn1/x_sig.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-ASN1_SEQUENCE(X509_SIG) = {
-	ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
-	ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(X509_SIG)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
diff --git a/crypto/openssl/crypto/asn1/x_spki.c b/crypto/openssl/crypto/asn1/x_spki.c
deleted file mode 100644
index 2aece077c53a..000000000000
--- a/crypto/openssl/crypto/asn1/x_spki.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/asn1/x_spki.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
- /* This module was send to me my Pat Richards <patr@x509.com> who
-  * wrote it.  It is under my Copyright with his permission
-  */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
-	ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
-	ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_SPKAC)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-
-ASN1_SEQUENCE(NETSCAPE_SPKI) = {
-	ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
-	ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
-	ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_SPKI)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
diff --git a/crypto/openssl/crypto/asn1/x_val.c b/crypto/openssl/crypto/asn1/x_val.c
deleted file mode 100644
index dc17c67758cb..000000000000
--- a/crypto/openssl/crypto/asn1/x_val.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/asn1/x_val.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-ASN1_SEQUENCE(X509_VAL) = {
-	ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
-	ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
-} ASN1_SEQUENCE_END(X509_VAL)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
diff --git a/crypto/openssl/crypto/asn1/x_x509.c b/crypto/openssl/crypto/asn1/x_x509.c
deleted file mode 100644
index b50167ce433b..000000000000
--- a/crypto/openssl/crypto/asn1/x_x509.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* crypto/asn1/x_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(X509_CINF) = {
-	ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
-	ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
-	ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
-	ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
-	ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
-	ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
-	ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
-	ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
-	ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
-	ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END(X509_CINF)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
-/* X509 top level structure needs a bit of customisation */
-
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	X509 *ret = (X509 *)*pval;
-
-	switch(operation) {
-
-		case ASN1_OP_NEW_POST:
-		ret->valid=0;
-		ret->name = NULL;
-		ret->ex_flags = 0;
-		ret->ex_pathlen = -1;
-		ret->skid = NULL;
-		ret->akid = NULL;
-		ret->aux = NULL;
-		CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-		break;
-
-		case ASN1_OP_D2I_POST:
-		if (ret->name != NULL) OPENSSL_free(ret->name);
-		ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
-		break;
-
-		case ASN1_OP_FREE_POST:
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-		X509_CERT_AUX_free(ret->aux);
-		ASN1_OCTET_STRING_free(ret->skid);
-		AUTHORITY_KEYID_free(ret->akid);
-
-		if (ret->name != NULL) OPENSSL_free(ret->name);
-		break;
-
-	}
-
-	return 1;
-
-}
-
-ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
-	ASN1_SIMPLE(X509, cert_info, X509_CINF),
-	ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
-	ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509, X509)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-
-static ASN1_METHOD meth={
-	(int (*)())  i2d_X509,
-	(char *(*)())d2i_X509,
-	(char *(*)())X509_new,
-	(void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
-	{
-	return(&meth);
-	}
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
-				new_func, dup_func, free_func);
-        }
-
-int X509_set_ex_data(X509 *r, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
-	}
-
-void *X509_get_ex_data(X509 *r, int idx)
-	{
-	return(CRYPTO_get_ex_data(&r->ex_data,idx));
-	}
-
-/* X509_AUX ASN1 routines. X509_AUX is the name given to
- * a certificate with extra info tagged on the end. Since these
- * functions set how a certificate is trusted they should only
- * be used when the certificate comes from a reliable source
- * such as local storage.
- *
- */
-
-X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
-{
-	unsigned char *q;
-	X509 *ret;
-	/* Save start position */
-	q = *pp;
-	ret = d2i_X509(a, pp, length);
-	/* If certificate unreadable then forget it */
-	if(!ret) return NULL;
-	/* update length */
-	length -= *pp - q;
-	if(!length) return ret;
-	if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
-	return ret;
-	err:
-	X509_free(ret);
-	return NULL;
-}
-
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
-	int length;
-	length = i2d_X509(a, pp);
-	if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
-	return length;
-}
diff --git a/crypto/openssl/crypto/asn1/x_x509a.c b/crypto/openssl/crypto/asn1/x_x509a.c
deleted file mode 100644
index f244768b7e1d..000000000000
--- a/crypto/openssl/crypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* a_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX routines. These are used to encode additional
- * user modifiable data about a certificate. This data is
- * appended to the X509 encoding when the *_X509_AUX routines
- * are used. This means that the "traditional" X509 routines
- * will simply ignore the extra data. 
- */
-
-static X509_CERT_AUX *aux_get(X509 *x);
-
-ASN1_SEQUENCE(X509_CERT_AUX) = {
-	ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
-	ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
-	ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
-	ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
-	ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
-} ASN1_SEQUENCE_END(X509_CERT_AUX)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-static X509_CERT_AUX *aux_get(X509 *x)
-{
-	if(!x) return NULL;
-	if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL;
-	return x->aux;
-}
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
-{
-	X509_CERT_AUX *aux;
-	if(!(aux = aux_get(x))) return 0;
-	if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
-	return ASN1_STRING_set(aux->alias, name, len);
-}
-
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
-{
-	X509_CERT_AUX *aux;
-	if(!(aux = aux_get(x))) return 0;
-	if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
-	return ASN1_STRING_set(aux->keyid, id, len);
-}
-
-unsigned char *X509_alias_get0(X509 *x, int *len)
-{
-	if(!x->aux || !x->aux->alias) return NULL;
-	if(len) *len = x->aux->alias->length;
-	return x->aux->alias->data;
-}
-
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
-{
-	X509_CERT_AUX *aux;
-	ASN1_OBJECT *objtmp;
-	if(!(objtmp = OBJ_dup(obj))) return 0;
-	if(!(aux = aux_get(x))) return 0;
-	if(!aux->trust
-		&& !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
-	return sk_ASN1_OBJECT_push(aux->trust, objtmp);
-}
-
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
-{
-	X509_CERT_AUX *aux;
-	ASN1_OBJECT *objtmp;
-	if(!(objtmp = OBJ_dup(obj))) return 0;
-	if(!(aux = aux_get(x))) return 0;
-	if(!aux->reject
-		&& !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
-	return sk_ASN1_OBJECT_push(aux->reject, objtmp);
-}
-
-void X509_trust_clear(X509 *x)
-{
-	if(x->aux && x->aux->trust) {
-		sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
-		x->aux->trust = NULL;
-	}
-}
-
-void X509_reject_clear(X509 *x)
-{
-	if(x->aux && x->aux->reject) {
-		sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
-		x->aux->reject = NULL;
-	}
-}
-
diff --git a/crypto/openssl/crypto/bf/COPYRIGHT b/crypto/openssl/crypto/bf/COPYRIGHT
deleted file mode 100644
index 6857223506de..000000000000
--- a/crypto/openssl/crypto/bf/COPYRIGHT
+++ /dev/null
@@ -1,46 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an Blowfish implementation written
-by Eric Young (eay@cryptsoft.com).
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/crypto/openssl/crypto/bf/INSTALL b/crypto/openssl/crypto/bf/INSTALL
deleted file mode 100644
index 3b259235326a..000000000000
--- a/crypto/openssl/crypto/bf/INSTALL
+++ /dev/null
@@ -1,14 +0,0 @@
-This Eric Young's blowfish implementation, taken from his SSLeay library
-and made available as a separate library.
- 
-The version number (0.7.2m) is the SSLeay version that this library was
-taken from.
- 
-To build, just unpack and type make.
-If you are not using gcc, edit the Makefile.
-If you are compiling for an x86 box, try the assembler (it needs improving).
-There are also some compile time options that can improve performance,
-these are documented in the Makefile.
- 
-eric 15-Apr-1997
- 
diff --git a/crypto/openssl/crypto/bf/Makefile.save b/crypto/openssl/crypto/bf/Makefile.save
deleted file mode 100644
index 2d61ec50f422..000000000000
--- a/crypto/openssl/crypto/bf/Makefile.save
+++ /dev/null
@@ -1,119 +0,0 @@
-#
-# SSLeay/crypto/blowfish/Makefile
-#
-
-DIR=	bf
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BF_ENC=		bf_enc.o
-# or use
-#DES_ENC=	bx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=bftest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= blowfish.h
-HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/bx86-elf.o: asm/bx86unix.cpp
-	$(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o
-
-# solaris
-asm/bx86-sol.o: asm/bx86unix.cpp
-	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
-	as -o asm/bx86-sol.o asm/bx86-sol.s
-	rm -f asm/bx86-sol.s
-
-# a.out
-asm/bx86-out.o: asm/bx86unix.cpp
-	$(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
-
-# bsdi
-asm/bx86bsdi.o: asm/bx86unix.cpp
-	$(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
-
-asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bf_cfb64.o: ../../include/openssl/blowfish.h
-bf_cfb64.o: ../../include/openssl/opensslconf.h bf_locl.h
-bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h
-bf_ecb.o: ../../include/openssl/opensslv.h bf_locl.h
-bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h
-bf_enc.o: bf_locl.h
-bf_ofb64.o: ../../include/openssl/blowfish.h
-bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h
-bf_skey.o: bf_locl.h bf_pi.h
diff --git a/crypto/openssl/crypto/bf/Makefile.ssl b/crypto/openssl/crypto/bf/Makefile.ssl
deleted file mode 100644
index bb14a0ee8250..000000000000
--- a/crypto/openssl/crypto/bf/Makefile.ssl
+++ /dev/null
@@ -1,114 +0,0 @@
-#
-# SSLeay/crypto/blowfish/Makefile
-#
-
-DIR=	bf
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BF_ENC=		bf_enc.o
-# or use
-#DES_ENC=	bx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=bftest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= blowfish.h
-HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s)
-
-# a.out
-asm/bx86-out.o: asm/bx86unix.cpp
-	$(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
-
-# bsdi
-asm/bx86bsdi.o: asm/bx86unix.cpp
-	$(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
-
-asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
-bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_ecb.o: bf_ecb.c bf_locl.h
-bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
-bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/crypto/openssl/crypto/bf/Makefile.uni b/crypto/openssl/crypto/bf/Makefile.uni
deleted file mode 100644
index f67e5ca23bcf..000000000000
--- a/crypto/openssl/crypto/bf/Makefile.uni
+++ /dev/null
@@ -1,157 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=	bf
-TOP=	.
-# use BF_PTR2 for intel boxes,
-# BF_PTR for sparc and MIPS/SGI
-# use nothing for Alpha and HP.
-
-# There are 3 possible performance options, experiment :-)
-#OPTS= -DBF_PTR  # usr for sparc and MIPS/SGI
-#OPTS= -DBF_PTR2 # use for pentium
-OPTS=		 # use for pentium pro, Alpha and HP
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-RANLIB=ranlib
-
-# Assember version of bf_encrypt().
-BF_ENC=bf_enc.o		# normal C version
-#BF_ENC=asm/bx86-elf.o	# elf format x86
-#BF_ENC=asm/bx86-out.o	# a.out format x86
-#BF_ENC=asm/bx86-sol.o	# solaris format x86 
-#BF_ENC=asm/bx86bsdi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
-
-GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
-	COPYRIGHT blowfish.doc INSTALL
-
-TESTING=    bftest bfspeed bf_opts
-TESTING_SRC=bftest.c bfspeed.c bf_opts.c
-HEADERS=bf_locl.h blowfish.h bf_pi.h
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
-
-BLIB=	libblowfish.a
-
-all: $(BLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) BF_ENC='asm/bx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) BF_ENC='asm/bx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) BF_ENC='asm/bx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/bx86-elf.o: asm/bx86unix.cpp
-	$(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
-
-# solaris
-asm/bx86-sol.o: asm/bx86unix.cpp
-	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
-	as -o asm/bx86-sol.o asm/bx86-sol.s
-	rm -f asm/bx86-sol.s
-
-# a.out
-asm/bx86-out.o: asm/bx86unix.cpp
-	$(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
-
-# bsdi
-asm/bx86bsdi.o: asm/bx86unix.cpp
-	$(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
-
-asm/bx86unix.cpp:
-	(cd asm; perl bf-586.pl cpp >bx86unix.cpp)
-	
-test:	all
-	./bftest
-
-$(BLIB): $(LIBOBJ)
-	/bin/rm -f $(BLIB)
-	ar cr $(BLIB) $(LIBOBJ)
-	$(RANLIB) $(BLIB)
-
-bftest: bftest.o $(BLIB)
-	$(CC) $(CFLAGS) -o bftest bftest.o $(BLIB)
-
-bfspeed: bfspeed.o $(BLIB)
-	$(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
-
-bf_opts: bf_opts.o $(BLIB)
-	$(CC) $(CFLAGS) -o bf_opts bf_opts.o $(BLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBBF)
-
-tar:
-	tar chf libbf.tar $(ALL)
-
-shar:
-	shar $(ALL) >libbf.shar
-
-depend:
-	makedepend $(LIBBF) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(BLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install: $(BLIB)
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(BLIB) $(INSTALLTOP)/lib; \
-		$(RANLIB) $(BLIB); \
-	    chmod 644 $(INSTALLTOP)/lib/$(BLIB); \
-	    cp blowfish.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/blowfish.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(BLIB) $(LIBDIR)/$(BLIB); \
-		$(RANLIB) $(BLIB); \
-	    chmod 644 $(LIBDIR)/$(BLIB); \
-	    cp blowfish.h $(INCDIR)/blowfish.h; \
-	    chmod 644 $(INCDIR)/blowfish.h; \
-	fi
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/bf/README b/crypto/openssl/crypto/bf/README
deleted file mode 100644
index f2712fd0e7df..000000000000
--- a/crypto/openssl/crypto/bf/README
+++ /dev/null
@@ -1,8 +0,0 @@
-This is a quick packaging up of my blowfish code into a library.
-It has been lifted from SSLeay.
-The copyright notices seem a little harsh because I have not spent the
-time to rewrite the conditions from the normal SSLeay ones.
-
-Basically if you just want to play with the library, not a problem.
-
-eric 15-Apr-1997
diff --git a/crypto/openssl/crypto/bf/VERSION b/crypto/openssl/crypto/bf/VERSION
deleted file mode 100644
index be995855e43b..000000000000
--- a/crypto/openssl/crypto/bf/VERSION
+++ /dev/null
@@ -1,6 +0,0 @@
-The version numbers will follow my SSL implementation
-
-0.7.2r - Some reasonable default compiler options from 
-	Peter Gutman <pgut001@cs.auckland.ac.nz>
-
-0.7.2m - the first release
diff --git a/crypto/openssl/crypto/bf/asm/bf-586.pl b/crypto/openssl/crypto/bf/asm/bf-586.pl
deleted file mode 100644
index b556642c949a..000000000000
--- a/crypto/openssl/crypto/bf/asm/bf-586.pl
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
-
-$BF_ROUNDS=16;
-$BF_OFF=($BF_ROUNDS+2)*4;
-$L="edi";
-$R="esi";
-$P="ebp";
-$tmp1="eax";
-$tmp2="ebx";
-$tmp3="ecx";
-$tmp4="edx";
-
-&BF_encrypt("BF_encrypt",1);
-&BF_encrypt("BF_decrypt",0);
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
-&asm_finish();
-
-sub BF_encrypt
-	{
-	local($name,$enc)=@_;
-
-	&function_begin_B($name,"");
-
-	&comment("");
-
-	&push("ebp");
-	&push("ebx");
-	&mov($tmp2,&wparam(0));
-	&mov($P,&wparam(1));
-	&push("esi");
-	&push("edi");
-
-	&comment("Load the 2 words");
-	&mov($L,&DWP(0,$tmp2,"",0));
-	&mov($R,&DWP(4,$tmp2,"",0));
-
-	&xor(	$tmp1,	$tmp1);
-
-	# encrypting part
-
-	if ($enc)
-		{
-		 &mov($tmp2,&DWP(0,$P,"",0));
-		&xor(	$tmp3,	$tmp3);
-
-		&xor($L,$tmp2);
-		for ($i=0; $i<$BF_ROUNDS; $i+=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
-
-			&comment("");
-			&comment("Round ".sprintf("%d",$i+1));
-			&BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
-			}
-		# &mov($tmp1,&wparam(0)); In last loop
-		&mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-		}
-	else
-		{
-		 &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-		&xor(	$tmp3,	$tmp3);
-
-		&xor($L,$tmp2);
-		for ($i=$BF_ROUNDS; $i>0; $i-=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
-			&comment("");
-			&comment("Round ".sprintf("%d",$i-1));
-			&BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
-			}
-		# &mov($tmp1,&wparam(0)); In last loop
-		&mov($tmp4,&DWP(0,$P,"",0));
-		}
-
-	&xor($R,$tmp4);
-	&mov(&DWP(4,$tmp1,"",0),$L);
-
-	&mov(&DWP(0,$tmp1,"",0),$R);
-	&function_end($name);
-	}
-
-sub BF_ENCRYPT
-	{
-	local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
-
-	&mov(	$tmp4,		&DWP(&n2a($i*4),$P,"",0)); # for next round
-
-	&mov(	$tmp2,		$R);
-	&xor(	$L,		$tmp4);
-
-	&shr(	$tmp2,		16);
-	&mov(	$tmp4,		$R);
-
-	&movb(	&LB($tmp1),	&HB($tmp2));	# A
-	&and(	$tmp2,		0xff);		# B
-
-	&movb(	&LB($tmp3),	&HB($tmp4));	# C
-	&and(	$tmp4,		0xff);		# D
-
-	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
-	&mov(	$tmp2,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
-
-	&add(	$tmp2,		$tmp1);
-	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
-
-	&xor(	$tmp2,		$tmp1);
-	&mov(	$tmp4,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
-
-	&add(	$tmp2,		$tmp4);
-	if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
-		{ &xor(	$tmp1,		$tmp1); }
-	else
-		{
-		&comment("Load parameter 0 ($i) enc=$enc");
-		&mov($tmp1,&wparam(0));
-		} # In last loop
-
-	&xor(	$L,		$tmp2);
-	# delay
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
diff --git a/crypto/openssl/crypto/bf/asm/bf-686.pl b/crypto/openssl/crypto/bf/asm/bf-686.pl
deleted file mode 100644
index 8e4c25f59847..000000000000
--- a/crypto/openssl/crypto/bf/asm/bf-686.pl
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"bf-686.pl");
-
-$BF_ROUNDS=16;
-$BF_OFF=($BF_ROUNDS+2)*4;
-$L="ecx";
-$R="edx";
-$P="edi";
-$tot="esi";
-$tmp1="eax";
-$tmp2="ebx";
-$tmp3="ebp";
-
-&des_encrypt("BF_encrypt",1);
-&des_encrypt("BF_decrypt",0);
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
-
-&asm_finish();
-
-&file_end();
-
-sub des_encrypt
-	{
-	local($name,$enc)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	&comment("Load the 2 words");
-	&mov("eax",&wparam(0));
-	&mov($L,&DWP(0,"eax","",0));
-	&mov($R,&DWP(4,"eax","",0));
-
-	&comment("");
-	&comment("P pointer, s and enc flag");
-	&mov($P,&wparam(1));
-
-	&xor(	$tmp1,	$tmp1);
-	&xor(	$tmp2,	$tmp2);
-
-	# encrypting part
-
-	if ($enc)
-		{
-		&xor($L,&DWP(0,$P,"",0));
-		for ($i=0; $i<$BF_ROUNDS; $i+=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
-
-			&comment("");
-			&comment("Round ".sprintf("%d",$i+1));
-			&BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
-			}
-		&xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-
-		&mov("eax",&wparam(0));
-		&mov(&DWP(0,"eax","",0),$R);
-		&mov(&DWP(4,"eax","",0),$L);
-		&function_end_A($name);
-		}
-	else
-		{
-		&xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-		for ($i=$BF_ROUNDS; $i>0; $i-=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
-			&comment("");
-			&comment("Round ".sprintf("%d",$i-1));
-			&BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
-			}
-		&xor($R,&DWP(0,$P,"",0));
-
-		&mov("eax",&wparam(0));
-		&mov(&DWP(0,"eax","",0),$R);
-		&mov(&DWP(4,"eax","",0),$L);
-		&function_end_A($name);
-		}
-
-	&function_end_B($name);
-	}
-
-sub BF_ENCRYPT
-	{
-	local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
-
-	&rotr(	$R,		16);
-	&mov(	$tot,		&DWP(&n2a($i*4),$P,"",0));
-
-	&movb(	&LB($tmp1),	&HB($R));
-	&movb(	&LB($tmp2),	&LB($R));
-
-	&rotr(	$R,		16);
-	&xor(	$L,		$tot);
-
-	&mov(	$tot,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
-	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
-
-	&movb(	&LB($tmp1),	&HB($R));
-	&movb(	&LB($tmp2),	&LB($R));
-
-	&add(	$tot,		$tmp3);
-	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
-
-	&xor(	$tot,		$tmp1);
-	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
-
-	&add(	$tot,		$tmp3);
-	&xor(	$tmp1,		$tmp1);
-
-	&xor(	$L,		$tot);					
-	# delay
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
diff --git a/crypto/openssl/crypto/bf/asm/readme b/crypto/openssl/crypto/bf/asm/readme
deleted file mode 100644
index 2385fa3812cf..000000000000
--- a/crypto/openssl/crypto/bf/asm/readme
+++ /dev/null
@@ -1,10 +0,0 @@
-There are blowfish assembler generation scripts.
-bf-586.pl version is for the pentium and
-bf-686.pl is my original version, which is faster on the pentium pro.
-
-When using a bf-586.pl, the pentium pro/II is %8 slower than using
-bf-686.pl.  When using a bf-686.pl, the pentium is %16 slower
-than bf-586.pl
-
-So the default is bf-586.pl
-
diff --git a/crypto/openssl/crypto/bf/bf_cbc.c b/crypto/openssl/crypto/bf/bf_cbc.c
deleted file mode 100644
index f949629dc676..000000000000
--- a/crypto/openssl/crypto/bf/bf_cbc.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* crypto/bf/bf_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-	{
-	register BF_LONG tin0,tin1;
-	register BF_LONG tout0,tout1,xor0,xor1;
-	register long l=length;
-	BF_LONG tin[2];
-
-	if (encrypt)
-		{
-		n2l(ivec,tout0);
-		n2l(ivec,tout1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,ivec);
-		l2n(tout1,ivec);
-		}
-	else
-		{
-		n2l(ivec,xor0);
-		n2l(ivec,xor1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,ivec);
-		l2n(xor1,ivec);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/bf/bf_cfb64.c b/crypto/openssl/crypto/bf/bf_cfb64.c
deleted file mode 100644
index 6451c8d407f7..000000000000
--- a/crypto/openssl/crypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/bf/bf_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
-	{
-	register BF_LONG v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	BF_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/bf/bf_ecb.c b/crypto/openssl/crypto/bf/bf_ecb.c
deleted file mode 100644
index 341991636f4a..000000000000
--- a/crypto/openssl/crypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/bf/bf_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include <openssl/opensslv.h>
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
-
-const char *BF_options(void)
-	{
-#ifdef BF_PTR
-	return("blowfish(ptr)");
-#elif defined(BF_PTR2)
-	return("blowfish(ptr2)");
-#else
-	return("blowfish(idx)");
-#endif
-	}
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	     const BF_KEY *key, int encrypt)
-	{
-	BF_LONG l,d[2];
-
-	n2l(in,l); d[0]=l;
-	n2l(in,l); d[1]=l;
-	if (encrypt)
-		BF_encrypt(d,key);
-	else
-		BF_decrypt(d,key);
-	l=d[0]; l2n(l,out);
-	l=d[1]; l2n(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/bf/bf_enc.c b/crypto/openssl/crypto/bf/bf_enc.c
deleted file mode 100644
index b380acf95940..000000000000
--- a/crypto/openssl/crypto/bf/bf_enc.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* crypto/bf/bf_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
-#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
-to modify the code.
-#endif
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key)
-	{
-#ifndef BF_PTR2
-	register BF_LONG l,r;
-    const register BF_LONG *p,*s;
-
-	p=key->P;
-	s= &(key->S[0]);
-	l=data[0];
-	r=data[1];
-
-	l^=p[0];
-	BF_ENC(r,l,s,p[ 1]);
-	BF_ENC(l,r,s,p[ 2]);
-	BF_ENC(r,l,s,p[ 3]);
-	BF_ENC(l,r,s,p[ 4]);
-	BF_ENC(r,l,s,p[ 5]);
-	BF_ENC(l,r,s,p[ 6]);
-	BF_ENC(r,l,s,p[ 7]);
-	BF_ENC(l,r,s,p[ 8]);
-	BF_ENC(r,l,s,p[ 9]);
-	BF_ENC(l,r,s,p[10]);
-	BF_ENC(r,l,s,p[11]);
-	BF_ENC(l,r,s,p[12]);
-	BF_ENC(r,l,s,p[13]);
-	BF_ENC(l,r,s,p[14]);
-	BF_ENC(r,l,s,p[15]);
-	BF_ENC(l,r,s,p[16]);
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,s,p[17]);
-	BF_ENC(l,r,s,p[18]);
-	BF_ENC(r,l,s,p[19]);
-	BF_ENC(l,r,s,p[20]);
-#endif
-	r^=p[BF_ROUNDS+1];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#else
-	register BF_LONG l,r,t,*k;
-
-	l=data[0];
-	r=data[1];
-	k=(BF_LONG*)key;
-
-	l^=k[0];
-	BF_ENC(r,l,k, 1);
-	BF_ENC(l,r,k, 2);
-	BF_ENC(r,l,k, 3);
-	BF_ENC(l,r,k, 4);
-	BF_ENC(r,l,k, 5);
-	BF_ENC(l,r,k, 6);
-	BF_ENC(r,l,k, 7);
-	BF_ENC(l,r,k, 8);
-	BF_ENC(r,l,k, 9);
-	BF_ENC(l,r,k,10);
-	BF_ENC(r,l,k,11);
-	BF_ENC(l,r,k,12);
-	BF_ENC(r,l,k,13);
-	BF_ENC(l,r,k,14);
-	BF_ENC(r,l,k,15);
-	BF_ENC(l,r,k,16);
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,k,17);
-	BF_ENC(l,r,k,18);
-	BF_ENC(r,l,k,19);
-	BF_ENC(l,r,k,20);
-#endif
-	r^=k[BF_ROUNDS+1];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#endif
-	}
-
-#ifndef BF_DEFAULT_OPTIONS
-
-void BF_decrypt(BF_LONG *data, const BF_KEY *key)
-	{
-#ifndef BF_PTR2
-	register BF_LONG l,r;
-    const register BF_LONG *p,*s;
-
-	p=key->P;
-	s= &(key->S[0]);
-	l=data[0];
-	r=data[1];
-
-	l^=p[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,s,p[20]);
-	BF_ENC(l,r,s,p[19]);
-	BF_ENC(r,l,s,p[18]);
-	BF_ENC(l,r,s,p[17]);
-#endif
-	BF_ENC(r,l,s,p[16]);
-	BF_ENC(l,r,s,p[15]);
-	BF_ENC(r,l,s,p[14]);
-	BF_ENC(l,r,s,p[13]);
-	BF_ENC(r,l,s,p[12]);
-	BF_ENC(l,r,s,p[11]);
-	BF_ENC(r,l,s,p[10]);
-	BF_ENC(l,r,s,p[ 9]);
-	BF_ENC(r,l,s,p[ 8]);
-	BF_ENC(l,r,s,p[ 7]);
-	BF_ENC(r,l,s,p[ 6]);
-	BF_ENC(l,r,s,p[ 5]);
-	BF_ENC(r,l,s,p[ 4]);
-	BF_ENC(l,r,s,p[ 3]);
-	BF_ENC(r,l,s,p[ 2]);
-	BF_ENC(l,r,s,p[ 1]);
-	r^=p[0];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#else
-	register BF_LONG l,r,t,*k;
-
-	l=data[0];
-	r=data[1];
-	k=(BF_LONG *)key;
-
-	l^=k[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,k,20);
-	BF_ENC(l,r,k,19);
-	BF_ENC(r,l,k,18);
-	BF_ENC(l,r,k,17);
-#endif
-	BF_ENC(r,l,k,16);
-	BF_ENC(l,r,k,15);
-	BF_ENC(r,l,k,14);
-	BF_ENC(l,r,k,13);
-	BF_ENC(r,l,k,12);
-	BF_ENC(l,r,k,11);
-	BF_ENC(r,l,k,10);
-	BF_ENC(l,r,k, 9);
-	BF_ENC(r,l,k, 8);
-	BF_ENC(l,r,k, 7);
-	BF_ENC(r,l,k, 6);
-	BF_ENC(l,r,k, 5);
-	BF_ENC(r,l,k, 4);
-	BF_ENC(l,r,k, 3);
-	BF_ENC(r,l,k, 2);
-	BF_ENC(l,r,k, 1);
-	r^=k[0];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#endif
-	}
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-	{
-	register BF_LONG tin0,tin1;
-	register BF_LONG tout0,tout1,xor0,xor1;
-	register long l=length;
-	BF_LONG tin[2];
-
-	if (encrypt)
-		{
-		n2l(ivec,tout0);
-		n2l(ivec,tout1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,ivec);
-		l2n(tout1,ivec);
-		}
-	else
-		{
-		n2l(ivec,xor0);
-		n2l(ivec,xor1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,ivec);
-		l2n(xor1,ivec);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/bf/bf_locl.h b/crypto/openssl/crypto/bf/bf_locl.h
deleted file mode 100644
index cc7c3ec99221..000000000000
--- a/crypto/openssl/crypto/bf/bf_locl.h
+++ /dev/null
@@ -1,219 +0,0 @@
-/* crypto/bf/bf_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BF_LOCL_H
-#define HEADER_BF_LOCL_H
-#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* This is actually a big endian algorithm, the most significant byte
- * is used to lookup array 0 */
-
-#if defined(BF_PTR2)
-
-/*
- * This is basically a special Intel version. Point is that Intel
- * doesn't have many registers, but offers a reach choice of addressing
- * modes. So we spare some registers by directly traversing BF_KEY
- * structure and hiring the most decorated addressing mode. The code
- * generated by EGCS is *perfectly* competitive with assembler
- * implementation!
- */
-#define BF_ENC(LL,R,KEY,Pi) (\
-	LL^=KEY[Pi], \
-	t=  KEY[BF_ROUNDS+2 +   0 + ((R>>24)&0xFF)], \
-	t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
-	t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
-	t+= KEY[BF_ROUNDS+2 + 768 + ((R    )&0xFF)], \
-	LL^=t \
-	)
-
-#elif defined(BF_PTR)
-
-#ifndef BF_LONG_LOG2
-#define BF_LONG_LOG2  2       /* default to BF_LONG being 32 bits */
-#endif
-#define BF_M  (0xFF<<BF_LONG_LOG2)
-#define BF_0  (24-BF_LONG_LOG2)
-#define BF_1  (16-BF_LONG_LOG2)
-#define BF_2  ( 8-BF_LONG_LOG2)
-#define BF_3  BF_LONG_LOG2 /* left shift */
-
-/*
- * This is normally very good on RISC platforms where normally you
- * have to explicitly "multiply" array index by sizeof(BF_LONG)
- * in order to calculate the effective address. This implementation
- * excuses CPU from this extra work. Power[PC] uses should have most
- * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
- * rlwinm. So let'em double-check if their compiler does it.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
-	LL^=P, \
-	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
-		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
-		*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
-		*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
-	)
-#else
-
-/*
- * This is a *generic* version. Seem to perform best on platforms that
- * offer explicit support for extraction of 8-bit nibbles preferably
- * complemented with "multiplying" of array index by sizeof(BF_LONG).
- * For the moment of this writing the list comprises Alpha CPU featuring
- * extbl and s[48]addq instructions.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
-	LL^=P, \
-	LL^=(((	S[       ((int)(R>>24)&0xff)] + \
-		S[0x0100+((int)(R>>16)&0xff)])^ \
-		S[0x0200+((int)(R>> 8)&0xff)])+ \
-		S[0x0300+((int)(R    )&0xff)])&0xffffffffL \
-	)
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/bf/bf_ofb64.c b/crypto/openssl/crypto/bf/bf_ofb64.c
deleted file mode 100644
index f2a9ff6e417d..000000000000
--- a/crypto/openssl/crypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/bf/bf_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int *num)
-	{
-	register BF_LONG v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned char d[8];
-	register char *dp;
-	BF_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			BF_encrypt((BF_LONG *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/bf/bf_opts.c b/crypto/openssl/crypto/bf/bf_opts.c
deleted file mode 100644
index 171dada2cabb..000000000000
--- a/crypto/openssl/crypto/bf/bf_opts.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/* crypto/bf/bf_opts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
- * This is for machines with 64k code segment size restrictions. */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/blowfish.h>
-
-#define BF_DEFAULT_OPTIONS
-
-#undef BF_ENC
-#define BF_encrypt  BF_encrypt_normal
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-
-#define BF_PTR
-#undef BF_PTR2
-#undef BF_ENC
-#undef BF_encrypt
-#define BF_encrypt  BF_encrypt_ptr
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-
-#undef BF_PTR
-#define BF_PTR2
-#undef BF_ENC
-#undef BF_encrypt
-#define BF_encrypt  BF_encrypt_ptr2
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-#ifdef SIGALRM
-#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-	
-#define time_it(func,name,index) \
-	print_name(name); \
-	Time_F(START); \
-	for (count=0,run=1; COND(cb); count+=4) \
-		{ \
-		unsigned long d[2]; \
-		func(d,&sch); \
-		func(d,&sch); \
-		func(d,&sch); \
-		func(d,&sch); \
-		} \
-	tm[index]=Time_F(STOP); \
-	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-	tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-		tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static char key[16]={	0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-				0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	BF_KEY sch;
-	double d,tm[16],max=0;
-	int rank[16];
-	char *str[16];
-	int max_idx=0,i,num=0,j;
-#ifndef SIGALARM
-	long ca,cb,cc,cd,ce;
-#endif
-
-	for (i=0; i<12; i++)
-		{
-		tm[i]=0.0;
-		rank[i]=0;
-		}
-
-#ifndef TIMES
-	fprintf(stderr,"To get the most accurate results, try to run this\n");
-	fprintf(stderr,"program when this computer is idle.\n");
-#endif
-
-	BF_set_key(&sch,16,key);
-
-#ifndef SIGALRM
-	fprintf(stderr,"First we calculate the approximate speed ...\n");
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			BF_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count;
-	cb=count*3;
-	cc=count*3*8/BUFSIZE+1;
-	cd=count*8/BUFSIZE+1;
-
-	ce=count/20+1;
-#define COND(d) (count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c) (run)
-#define COUNT(d) (count)
-        signal(SIGALRM,sig_done);
-        alarm(10);
-#endif
-
-	time_it(BF_encrypt_normal,	"BF_encrypt_normal ", 0);
-	time_it(BF_encrypt_ptr,		"BF_encrypt_ptr    ", 1);
-	time_it(BF_encrypt_ptr2,	"BF_encrypt_ptr2   ", 2);
-	num+=3;
-
-	str[0]="<nothing>";
-	print_it("BF_encrypt_normal ",0);
-	max=tm[0];
-	max_idx=0;
-	str[1]="ptr      ";
-	print_it("BF_encrypt_ptr ",1);
-	if (max < tm[1]) { max=tm[1]; max_idx=1; }
-	str[2]="ptr2     ";
-	print_it("BF_encrypt_ptr2 ",2);
-	if (max < tm[2]) { max=tm[2]; max_idx=2; }
-
-	printf("options    BF ecb/s\n");
-	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
-	d=tm[max_idx];
-	tm[max_idx]= -2.0;
-	max= -1.0;
-	for (;;)
-		{
-		for (i=0; i<3; i++)
-			{
-			if (max < tm[i]) { max=tm[i]; j=i; }
-			}
-		if (max < 0.0) break;
-		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
-		tm[j]= -2.0;
-		max= -1.0;
-		}
-
-	switch (max_idx)
-		{
-	case 0:
-		printf("-DBF_DEFAULT_OPTIONS\n");
-		break;
-	case 1:
-		printf("-DBF_PTR\n");
-		break;
-	case 2:
-		printf("-DBF_PTR2\n");
-		break;
-		}
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/bf/bf_pi.h b/crypto/openssl/crypto/bf/bf_pi.h
deleted file mode 100644
index 9949513c6821..000000000000
--- a/crypto/openssl/crypto/bf/bf_pi.h
+++ /dev/null
@@ -1,325 +0,0 @@
-/* crypto/bf/bf_pi.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const BF_KEY bf_init= {
-	{
-	0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
-	0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
-	0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
-	0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
-	0x9216d5d9L, 0x8979fb1b
-	},{
-	0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, 
-	0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, 
-	0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, 
-	0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, 
-	0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, 
-	0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, 
-	0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, 
-	0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, 
-	0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, 
-	0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, 
-	0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, 
-	0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, 
-	0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, 
-	0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, 
-	0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, 
-	0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, 
-	0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, 
-	0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, 
-	0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, 
-	0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, 
-	0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, 
-	0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, 
-	0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, 
-	0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, 
-	0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, 
-	0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, 
-	0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, 
-	0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, 
-	0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, 
-	0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, 
-	0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, 
-	0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, 
-	0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, 
-	0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, 
-	0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, 
-	0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, 
-	0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, 
-	0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, 
-	0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, 
-	0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, 
-	0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, 
-	0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, 
-	0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, 
-	0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, 
-	0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, 
-	0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, 
-	0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, 
-	0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, 
-	0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, 
-	0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, 
-	0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, 
-	0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, 
-	0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, 
-	0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, 
-	0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, 
-	0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, 
-	0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, 
-	0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, 
-	0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, 
-	0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, 
-	0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, 
-	0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, 
-	0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, 
-	0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, 
-	0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, 
-	0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, 
-	0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, 
-	0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, 
-	0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, 
-	0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, 
-	0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, 
-	0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, 
-	0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, 
-	0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, 
-	0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, 
-	0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, 
-	0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, 
-	0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, 
-	0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, 
-	0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, 
-	0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, 
-	0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, 
-	0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, 
-	0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, 
-	0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, 
-	0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, 
-	0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, 
-	0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, 
-	0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, 
-	0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, 
-	0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, 
-	0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, 
-	0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, 
-	0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, 
-	0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, 
-	0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, 
-	0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, 
-	0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, 
-	0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, 
-	0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, 
-	0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, 
-	0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, 
-	0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, 
-	0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, 
-	0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, 
-	0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, 
-	0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, 
-	0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, 
-	0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, 
-	0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, 
-	0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, 
-	0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, 
-	0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, 
-	0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, 
-	0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, 
-	0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, 
-	0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, 
-	0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, 
-	0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, 
-	0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, 
-	0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, 
-	0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, 
-	0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, 
-	0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, 
-	0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, 
-	0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, 
-	0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, 
-	0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, 
-	0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, 
-	0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, 
-	0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, 
-	0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, 
-	0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, 
-	0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, 
-	0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, 
-	0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, 
-	0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, 
-	0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, 
-	0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, 
-	0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, 
-	0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, 
-	0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, 
-	0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, 
-	0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, 
-	0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, 
-	0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, 
-	0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, 
-	0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, 
-	0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, 
-	0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, 
-	0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, 
-	0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, 
-	0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, 
-	0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, 
-	0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, 
-	0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, 
-	0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, 
-	0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, 
-	0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, 
-	0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, 
-	0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, 
-	0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, 
-	0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, 
-	0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, 
-	0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, 
-	0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, 
-	0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, 
-	0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, 
-	0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, 
-	0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, 
-	0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, 
-	0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, 
-	0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, 
-	0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, 
-	0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, 
-	0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, 
-	0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, 
-	0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, 
-	0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, 
-	0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, 
-	0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, 
-	0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, 
-	0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, 
-	0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, 
-	0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, 
-	0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, 
-	0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, 
-	0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, 
-	0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, 
-	0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, 
-	0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, 
-	0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, 
-	0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, 
-	0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, 
-	0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, 
-	0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, 
-	0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, 
-	0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, 
-	0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, 
-	0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, 
-	0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, 
-	0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, 
-	0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, 
-	0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, 
-	0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, 
-	0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, 
-	0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, 
-	0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, 
-	0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, 
-	0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, 
-	0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, 
-	0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, 
-	0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, 
-	0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, 
-	0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, 
-	0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, 
-	0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, 
-	0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, 
-	0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, 
-	0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, 
-	0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, 
-	0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, 
-	0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, 
-	0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, 
-	0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, 
-	0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, 
-	0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, 
-	0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, 
-	0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, 
-	0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, 
-	0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, 
-	0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, 
-	0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, 
-	0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, 
-	0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, 
-	0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, 
-	0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, 
-	0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, 
-	0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, 
-	0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, 
-	0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, 
-	0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, 
-	0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, 
-	0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, 
-	0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, 
-	0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, 
-	0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, 
-	0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, 
-	0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, 
-	0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, 
-	0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, 
-	0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, 
-	0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, 
-	0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, 
-	0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, 
-	0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, 
-	}
-	};
-
diff --git a/crypto/openssl/crypto/bf/bf_skey.c b/crypto/openssl/crypto/bf/bf_skey.c
deleted file mode 100644
index 3673cdee6e26..000000000000
--- a/crypto/openssl/crypto/bf/bf_skey.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/bf/bf_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include "bf_pi.h"
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
-	{
-	int i;
-	BF_LONG *p,ri,in[2];
-	const unsigned char *d,*end;
-
-
-	memcpy(key,&bf_init,sizeof(BF_KEY));
-	p=key->P;
-
-	if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
-
-	d=data;
-	end= &(data[len]);
-	for (i=0; i<(BF_ROUNDS+2); i++)
-		{
-		ri= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		p[i]^=ri;
-		}
-
-	in[0]=0L;
-	in[1]=0L;
-	for (i=0; i<(BF_ROUNDS+2); i+=2)
-		{
-		BF_encrypt(in,key);
-		p[i  ]=in[0];
-		p[i+1]=in[1];
-		}
-
-	p=key->S;
-	for (i=0; i<4*256; i+=2)
-		{
-		BF_encrypt(in,key);
-		p[i  ]=in[0];
-		p[i+1]=in[1];
-		}
-	}
-
diff --git a/crypto/openssl/crypto/bf/bfs.cpp b/crypto/openssl/crypto/bf/bfs.cpp
deleted file mode 100644
index d74c45776078..000000000000
--- a/crypto/openssl/crypto/bf/bfs.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/blowfish.h>
-
-void main(int argc,char *argv[])
-	{
-	BF_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			BF_encrypt(&data[0],&key);
-			GetTSC(s1);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e2);
-			BF_encrypt(&data[0],&key);
-			}
-
-		printf("blowfish %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/bf/bfspeed.c b/crypto/openssl/crypto/bf/bfspeed.c
deleted file mode 100644
index f346af64f308..000000000000
--- a/crypto/openssl/crypto/bf/bfspeed.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/* crypto/bf/bfspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/blowfish.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	BF_KEY sch;
-	double a,b,c,d;
-#ifndef SIGALRM
-	long ca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	BF_set_key(&sch,16,key);
-	count=10;
-	do	{
-		long i;
-		BF_LONG data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			BF_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/512;
-	cb=count;
-	cc=count*8/BUFSIZE+1;
-	printf("Doing BF_set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing BF_set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		BF_set_key(&sch,16,key);
-		BF_set_key(&sch,16,key);
-		BF_set_key(&sch,16,key);
-		BF_set_key(&sch,16,key);
-		}
-	d=Time_F(STOP);
-	printf("%ld BF_set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing BF_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing BF_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count+=4)
-		{
-		BF_LONG data[2];
-
-		BF_encrypt(data,&sch);
-		BF_encrypt(data,&sch);
-		BF_encrypt(data,&sch);
-		BF_encrypt(data,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld BF_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		BF_cbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&(key[0]),BF_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("Blowfish set_key       per sec = %12.3f (%9.3fuS)\n",a,1.0e6/a);
-	printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n",b,8.0e6/b);
-	printf("Blowfish cbc     bytes per sec = %12.3f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/bf/bftest.c b/crypto/openssl/crypto/bf/bftest.c
deleted file mode 100644
index 24d526b14bdb..000000000000
--- a/crypto/openssl/crypto/bf/bftest.c
+++ /dev/null
@@ -1,536 +0,0 @@
-/* crypto/bf/bftest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
- * RC2 modes, more of the code will be uncommented. */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_BF
-int main(int argc, char *argv[])
-{
-    printf("No BF support\n");
-    return(0);
-}
-#else
-#include <openssl/blowfish.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-static char *bf_key[2]={
-	"abcdefghijklmnopqrstuvwxyz",
-	"Who is John Galt?"
-	};
-
-/* big endian */
-static BF_LONG bf_plain[2][2]={
-	{0x424c4f57L,0x46495348L},
-	{0xfedcba98L,0x76543210L}
-	};
-
-static BF_LONG bf_cipher[2][2]={
-	{0x324ed0feL,0xf413a203L},
-	{0xcc91732bL,0x8022f684L}
-	};
-/************/
-
-/* Lets use the DES test vectors :-) */
-#define NUM_TESTS 34
-static unsigned char ecb_data[NUM_TESTS][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
-	{0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
-	{0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
-	{0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
-	{0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
-	{0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
-	{0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
-	{0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
-	{0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
-	{0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
-	{0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
-	{0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
-	{0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
-	{0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
-	{0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
-	{0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
-	{0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
-	{0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
-	{0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
-	{0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
-	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
-	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
-
-static unsigned char plain_data[NUM_TESTS][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
-	{0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
-	{0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
-	{0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
-	{0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
-	{0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
-	{0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
-	{0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
-	{0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
-	{0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
-	{0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
-	{0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
-	{0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
-	{0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
-	{0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
-	{0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
-	{0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
-	{0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
-	{0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
-
-static unsigned char cipher_data[NUM_TESTS][8]={
-	{0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
-	{0x51,0x86,0x6F,0xD5,0xB8,0x5E,0xCB,0x8A},
-	{0x7D,0x85,0x6F,0x9A,0x61,0x30,0x63,0xF2},
-	{0x24,0x66,0xDD,0x87,0x8B,0x96,0x3C,0x9D},
-	{0x61,0xF9,0xC3,0x80,0x22,0x81,0xB0,0x96},
-	{0x7D,0x0C,0xC6,0x30,0xAF,0xDA,0x1E,0xC7},
-	{0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
-	{0x0A,0xCE,0xAB,0x0F,0xC6,0xA0,0xA2,0x8D},
-	{0x59,0xC6,0x82,0x45,0xEB,0x05,0x28,0x2B},
-	{0xB1,0xB8,0xCC,0x0B,0x25,0x0F,0x09,0xA0},
-	{0x17,0x30,0xE5,0x77,0x8B,0xEA,0x1D,0xA4},
-	{0xA2,0x5E,0x78,0x56,0xCF,0x26,0x51,0xEB},
-	{0x35,0x38,0x82,0xB1,0x09,0xCE,0x8F,0x1A},
-	{0x48,0xF4,0xD0,0x88,0x4C,0x37,0x99,0x18},
-	{0x43,0x21,0x93,0xB7,0x89,0x51,0xFC,0x98},
-	{0x13,0xF0,0x41,0x54,0xD6,0x9D,0x1A,0xE5},
-	{0x2E,0xED,0xDA,0x93,0xFF,0xD3,0x9C,0x79},
-	{0xD8,0x87,0xE0,0x39,0x3C,0x2D,0xA6,0xE3},
-	{0x5F,0x99,0xD0,0x4F,0x5B,0x16,0x39,0x69},
-	{0x4A,0x05,0x7A,0x3B,0x24,0xD3,0x97,0x7B},
-	{0x45,0x20,0x31,0xC1,0xE4,0xFA,0xDA,0x8E},
-	{0x75,0x55,0xAE,0x39,0xF5,0x9B,0x87,0xBD},
-	{0x53,0xC5,0x5F,0x9C,0xB4,0x9F,0xC0,0x19},
-	{0x7A,0x8E,0x7B,0xFA,0x93,0x7E,0x89,0xA3},
-	{0xCF,0x9C,0x5D,0x7A,0x49,0x86,0xAD,0xB5},
-	{0xD1,0xAB,0xB2,0x90,0x65,0x8B,0xC7,0x78},
-	{0x55,0xCB,0x37,0x74,0xD1,0x3E,0xF2,0x01},
-	{0xFA,0x34,0xEC,0x48,0x47,0xB2,0x68,0xB2},
-	{0xA7,0x90,0x79,0x51,0x08,0xEA,0x3C,0xAE},
-	{0xC3,0x9E,0x07,0x2D,0x9F,0xAC,0x63,0x1D},
-	{0x01,0x49,0x33,0xE0,0xCD,0xAF,0xF6,0xE4},
-	{0xF2,0x1E,0x9A,0x77,0xB7,0x1C,0x49,0xBC},
-	{0x24,0x59,0x46,0x88,0x57,0x54,0x36,0x9A},
-	{0x6B,0x5C,0x5A,0x9C,0x5D,0x9E,0x0A,0x5A},
-	};
-
-static unsigned char cbc_key [16]={
-	0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
-	0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
-static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-static char cbc_data[40]="7654321 Now is the time for ";
-static unsigned char cbc_ok[32]={
-	0x6B,0x77,0xB4,0xD6,0x30,0x06,0xDE,0xE6,
-	0x05,0xB1,0x56,0xE2,0x74,0x03,0x97,0x93,
-	0x58,0xDE,0xB9,0xE7,0x15,0x46,0x16,0xD9,
-	0x59,0xF1,0x65,0x2B,0xD5,0xFF,0x92,0xCC};
-
-static unsigned char cfb64_ok[]={
-	0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
-	0xF2,0x6E,0xCF,0x6D,0x2E,0xB9,0xE7,0x6E,
-	0x3D,0xA3,0xDE,0x04,0xD1,0x51,0x72,0x00,
-	0x51,0x9D,0x57,0xA6,0xC3};
-
-static unsigned char ofb64_ok[]={
-	0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
-	0x62,0xB3,0x43,0xCC,0x5B,0x65,0x58,0x73,
-	0x10,0xDD,0x90,0x8D,0x0C,0x24,0x1B,0x22,
-	0x63,0xC2,0xCF,0x80,0xDA};
-
-#define KEY_TEST_NUM	25
-static unsigned char key_test[KEY_TEST_NUM]={
-	0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
-	0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
-	0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
-	0x88};
-
-static unsigned char key_data[8]=
-	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
-
-static unsigned char key_out[KEY_TEST_NUM][8]={
-	{0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E},
-	{0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6},
-	{0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3},
-	{0xBE,0x1E,0x63,0x94,0x08,0x64,0x0F,0x05},
-	{0xB3,0x9E,0x44,0x48,0x1B,0xDB,0x1E,0x6E},
-	{0x94,0x57,0xAA,0x83,0xB1,0x92,0x8C,0x0D},
-	{0x8B,0xB7,0x70,0x32,0xF9,0x60,0x62,0x9D},
-	{0xE8,0x7A,0x24,0x4E,0x2C,0xC8,0x5E,0x82},
-	{0x15,0x75,0x0E,0x7A,0x4F,0x4E,0xC5,0x77},
-	{0x12,0x2B,0xA7,0x0B,0x3A,0xB6,0x4A,0xE0},
-	{0x3A,0x83,0x3C,0x9A,0xFF,0xC5,0x37,0xF6},
-	{0x94,0x09,0xDA,0x87,0xA9,0x0F,0x6B,0xF2},
-	{0x88,0x4F,0x80,0x62,0x50,0x60,0xB8,0xB4},
-	{0x1F,0x85,0x03,0x1C,0x19,0xE1,0x19,0x68},
-	{0x79,0xD9,0x37,0x3A,0x71,0x4C,0xA3,0x4F},
-	{0x93,0x14,0x28,0x87,0xEE,0x3B,0xE1,0x5C},
-	{0x03,0x42,0x9E,0x83,0x8C,0xE2,0xD1,0x4B},
-	{0xA4,0x29,0x9E,0x27,0x46,0x9F,0xF6,0x7B},
-	{0xAF,0xD5,0xAE,0xD1,0xC1,0xBC,0x96,0xA8},
-	{0x10,0x85,0x1C,0x0E,0x38,0x58,0xDA,0x9F},
-	{0xE6,0xF5,0x1E,0xD7,0x9B,0x9D,0xB2,0x1F},
-	{0x64,0xA6,0xE1,0x4A,0xFD,0x36,0xB4,0x6F},
-	{0x80,0xC7,0xD7,0xD4,0x5A,0x54,0x79,0xAD},
-	{0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80},
-	};
-
-static int test(void );
-static int print_test_data(void );
-int main(int argc, char *argv[])
-	{
-	int ret;
-
-	if (argc > 1)
-		ret=print_test_data();
-	else
-		ret=test();
-
-	EXIT(ret);
-	return(0);
-	}
-
-static int print_test_data(void)
-	{
-	unsigned int i,j;
-
-	printf("ecb test data\n");
-	printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
-	for (i=0; i<NUM_TESTS; i++)
-		{
-		for (j=0; j<8; j++)
-			printf("%02X",ecb_data[i][j]);
-		printf("\t");
-		for (j=0; j<8; j++)
-			printf("%02X",plain_data[i][j]);
-		printf("\t");
-		for (j=0; j<8; j++)
-			printf("%02X",cipher_data[i][j]);
-		printf("\n");
-		}
-
-	printf("set_key test data\n");
-	printf("data[8]= ");
-	for (j=0; j<8; j++)
-		printf("%02X",key_data[j]);
-	printf("\n");
-	for (i=0; i<KEY_TEST_NUM-1; i++)
-		{
-		printf("c=");
-		for (j=0; j<8; j++)
-			printf("%02X",key_out[i][j]);
-		printf(" k[%2u]=",i+1);
-		for (j=0; j<i+1; j++)
-			printf("%02X",key_test[j]);
-		printf("\n");
-		}
-
-	printf("\nchaining mode test data\n");
-	printf("key[16]   = ");
-	for (j=0; j<16; j++)
-		printf("%02X",cbc_key[j]);
-	printf("\niv[8]     = ");
-	for (j=0; j<8; j++)
-		printf("%02X",cbc_iv[j]);
-	printf("\ndata[%d]  = '%s'",(int)strlen(cbc_data)+1,cbc_data);
-	printf("\ndata[%d]  = ",(int)strlen(cbc_data)+1);
-	for (j=0; j<strlen(cbc_data)+1; j++)
-		printf("%02X",cbc_data[j]);
-	printf("\n");
-	printf("cbc cipher text\n");
-	printf("cipher[%d]= ",32);
-	for (j=0; j<32; j++)
-		printf("%02X",cbc_ok[j]);
-	printf("\n");
-
-	printf("cfb64 cipher text\n");
-	printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
-	for (j=0; j<strlen(cbc_data)+1; j++)
-		printf("%02X",cfb64_ok[j]);
-	printf("\n");
-
-	printf("ofb64 cipher text\n");
-	printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
-	for (j=0; j<strlen(cbc_data)+1; j++)
-		printf("%02X",ofb64_ok[j]);
-	printf("\n");
-	return(0);
-	}
-
-static int test(void)
-	{
-	unsigned char cbc_in[40],cbc_out[40],iv[8];
-	int i,n,err=0;
-	BF_KEY key;
-	BF_LONG data[2]; 
-	unsigned char out[8]; 
-	BF_LONG len;
-
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
-#endif
-
-	printf("testing blowfish in raw ecb mode\n");
-	for (n=0; n<2; n++)
-		{
-#ifdef CHARSET_EBCDIC
-		ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
-#endif
-		BF_set_key(&key,strlen(bf_key[n]),(unsigned char *)bf_key[n]);
-
-		data[0]=bf_plain[n][0];
-		data[1]=bf_plain[n][1];
-		BF_encrypt(data,&key);
-		if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
-			{
-			printf("BF_encrypt error encrypting\n");
-			printf("got     :");
-			for (i=0; i<2; i++)
-				printf("%08lX ",(unsigned long)data[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<2; i++)
-				printf("%08lX ",(unsigned long)bf_cipher[n][i]);
-			err=1;
-			printf("\n");
-			}
-
-		BF_decrypt(&(data[0]),&key);
-		if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
-			{
-			printf("BF_encrypt error decrypting\n");
-			printf("got     :");
-			for (i=0; i<2; i++)
-				printf("%08lX ",(unsigned long)data[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<2; i++)
-				printf("%08lX ",(unsigned long)bf_plain[n][i]);
-			printf("\n");
-			err=1;
-			}
-		}
-
-	printf("testing blowfish in ecb mode\n");
-
-	for (n=0; n<NUM_TESTS; n++)
-		{
-		BF_set_key(&key,8,ecb_data[n]);
-
-		BF_ecb_encrypt(&(plain_data[n][0]),out,&key,BF_ENCRYPT);
-		if (memcmp(&(cipher_data[n][0]),out,8) != 0)
-			{
-			printf("BF_ecb_encrypt blowfish error encrypting\n");
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",out[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",cipher_data[n][i]);
-			err=1;
-			printf("\n");
-			}
-
-		BF_ecb_encrypt(out,out,&key,BF_DECRYPT);
-		if (memcmp(&(plain_data[n][0]),out,8) != 0)
-			{
-			printf("BF_ecb_encrypt error decrypting\n");
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",out[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",plain_data[n][i]);
-			printf("\n");
-			err=1;
-			}
-		}
-
-	printf("testing blowfish set_key\n");
-	for (n=1; n<KEY_TEST_NUM; n++)
-		{
-		BF_set_key(&key,n,key_test);
-		BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT);
-		/* mips-sgi-irix6.5-gcc  vv  -mabi=64 bug workaround */
-		if (memcmp(out,&(key_out[i=n-1][0]),8) != 0)
-			{
-			printf("blowfish setkey error\n");
-			err=1;
-			}
-		}
-
-	printf("testing blowfish in cbc mode\n");
-	len=strlen(cbc_data)+1;
-
-	BF_set_key(&key,16,cbc_key);
-	memset(cbc_in,0,sizeof cbc_in);
-	memset(cbc_out,0,sizeof cbc_out);
-	memcpy(iv,cbc_iv,sizeof iv);
-	BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
-		&key,iv,BF_ENCRYPT);
-	if (memcmp(cbc_out,cbc_ok,32) != 0)
-		{
-		err=1;
-		printf("BF_cbc_encrypt encrypt error\n");
-		for (i=0; i<32; i++) printf("0x%02X,",cbc_out[i]);
-		}
-	memcpy(iv,cbc_iv,8);
-	BF_cbc_encrypt(cbc_out,cbc_in,len,
-		&key,iv,BF_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
-		{
-		printf("BF_cbc_encrypt decrypt error\n");
-		err=1;
-		}
-
-	printf("testing blowfish in cfb64 mode\n");
-
-	BF_set_key(&key,16,cbc_key);
-	memset(cbc_in,0,40);
-	memset(cbc_out,0,40);
-	memcpy(iv,cbc_iv,8);
-	n=0;
-	BF_cfb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,
-		&key,iv,&n,BF_ENCRYPT);
-	BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]),&(cbc_out[13]),len-13,
-		&key,iv,&n,BF_ENCRYPT);
-	if (memcmp(cbc_out,cfb64_ok,(int)len) != 0)
-		{
-		err=1;
-		printf("BF_cfb64_encrypt encrypt error\n");
-		for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
-		}
-	n=0;
-	memcpy(iv,cbc_iv,8);
-	BF_cfb64_encrypt(cbc_out,cbc_in,17,
-		&key,iv,&n,BF_DECRYPT);
-	BF_cfb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,
-		&key,iv,&n,BF_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,(int)len) != 0)
-		{
-		printf("BF_cfb64_encrypt decrypt error\n");
-		err=1;
-		}
-
-	printf("testing blowfish in ofb64\n");
-
-	BF_set_key(&key,16,cbc_key);
-	memset(cbc_in,0,40);
-	memset(cbc_out,0,40);
-	memcpy(iv,cbc_iv,8);
-	n=0;
-	BF_ofb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,&key,iv,&n);
-	BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]),
-		&(cbc_out[13]),len-13,&key,iv,&n);
-	if (memcmp(cbc_out,ofb64_ok,(int)len) != 0)
-		{
-		err=1;
-		printf("BF_ofb64_encrypt encrypt error\n");
-		for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
-		}
-	n=0;
-	memcpy(iv,cbc_iv,8);
-	BF_ofb64_encrypt(cbc_out,cbc_in,17,&key,iv,&n);
-	BF_ofb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,&key,iv,&n);
-	if (memcmp(cbc_in,cbc_data,(int)len) != 0)
-		{
-		printf("BF_ofb64_encrypt decrypt error\n");
-		err=1;
-		}
-
-	return(err);
-	}
-#endif
diff --git a/crypto/openssl/crypto/bf/blowfish.h b/crypto/openssl/crypto/bf/blowfish.h
deleted file mode 100644
index cd49e85ab29a..000000000000
--- a/crypto/openssl/crypto/bf/blowfish.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-#define HEADER_BLOWFISH_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_BF
-#error BF is disabled.
-#endif
-
-#define BF_ENCRYPT	1
-#define BF_DECRYPT	0
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! BF_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define BF_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define BF_LONG unsigned long
-#define BF_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *					<appro@fy.chalmers.se>
- */
-#else
-#define BF_LONG unsigned int
-#endif
-
-#define BF_ROUNDS	16
-#define BF_BLOCK	8
-
-typedef struct bf_key_st
-	{
-	BF_LONG P[BF_ROUNDS+2];
-	BF_LONG S[4*256];
-	} BF_KEY;
-
- 
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data,const BF_KEY *key);
-void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/bio/Makefile.save b/crypto/openssl/crypto/bio/Makefile.save
deleted file mode 100644
index 00caa9f7eb17..000000000000
--- a/crypto/openssl/crypto/bio/Makefile.save
+++ /dev/null
@@ -1,244 +0,0 @@
-#
-# SSLeay/crypto/bio/Makefile
-#
-
-DIR=	bio
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= bio_lib.c bio_cb.c bio_err.c \
-	bss_mem.c bss_null.c bss_fd.c \
-	bss_file.c bss_sock.c bss_conn.c \
-	bf_null.c bf_buff.c b_print.c b_dump.c \
-	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
-#	bf_lbuf.c
-LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
-	bss_mem.o bss_null.o bss_fd.o \
-	bss_file.o bss_sock.o bss_conn.o \
-	bf_null.o bf_buff.o b_print.o b_dump.o \
-	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
-#	bf_lbuf.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bio.h
-HEADER=	bss_file.c $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER); \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-b_dump.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-b_dump.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_dump.o: ../cryptlib.h
-b_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-b_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_print.o: ../cryptlib.h
-b_sock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-b_sock.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_sock.o: ../cryptlib.h
-bf_buff.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bf_buff.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bf_buff.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bf_buff.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bf_buff.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bf_buff.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bf_buff.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bf_buff.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bf_buff.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bf_buff.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bf_buff.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_buff.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bf_buff.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bf_buff.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bf_nbio.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bf_nbio.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bf_nbio.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bf_nbio.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bf_nbio.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bf_nbio.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bf_nbio.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bf_nbio.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bf_nbio.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bf_nbio.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bf_nbio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-bf_nbio.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bf_nbio.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bf_nbio.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_nbio.o: ../cryptlib.h
-bf_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bf_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bf_null.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bf_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bf_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bf_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bf_null.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bf_null.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bf_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bf_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bf_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bf_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bf_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_cb.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_cb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_cb.o: ../cryptlib.h
-bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bio_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_lib.o: ../cryptlib.h
-bss_acpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_acpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_acpt.o: ../cryptlib.h
-bss_bio.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bss_bio.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_bio.o: ../../include/openssl/symhacks.h
-bss_conn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_conn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_conn.o: ../cryptlib.h
-bss_fd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_fd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_fd.o: ../cryptlib.h bss_sock.c
-bss_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_file.o: ../cryptlib.h
-bss_log.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_log.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_log.o: ../cryptlib.h
-bss_mem.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_mem.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_mem.o: ../cryptlib.h
-bss_null.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_null.o: ../cryptlib.h
-bss_sock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bss_sock.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_sock.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/bio/Makefile.ssl b/crypto/openssl/crypto/bio/Makefile.ssl
deleted file mode 100644
index 141a03ae1d21..000000000000
--- a/crypto/openssl/crypto/bio/Makefile.ssl
+++ /dev/null
@@ -1,216 +0,0 @@
-#
-# SSLeay/crypto/bio/Makefile
-#
-
-DIR=	bio
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= bio_lib.c bio_cb.c bio_err.c \
-	bss_mem.c bss_null.c bss_fd.c \
-	bss_file.c bss_sock.c bss_conn.c \
-	bf_null.c bf_buff.c b_print.c b_dump.c \
-	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
-#	bf_lbuf.c
-LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
-	bss_mem.o bss_null.o bss_fd.o \
-	bss_file.o bss_sock.o bss_conn.o \
-	bf_null.o bf_buff.o b_print.o b_dump.o \
-	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
-#	bf_lbuf.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bio.h
-HEADER=	bss_file.c $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER); \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-b_dump.o: ../../e_os.h ../../include/openssl/bio.h
-b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_dump.o: ../cryptlib.h b_dump.c
-b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_print.o: ../cryptlib.h b_print.c
-b_sock.o: ../../e_os.h ../../include/openssl/bio.h
-b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_sock.o: ../cryptlib.h b_sock.c
-bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
-bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_buff.o: ../cryptlib.h bf_buff.c
-bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
-bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_nbio.o: ../cryptlib.h bf_nbio.c
-bf_null.o: ../../e_os.h ../../include/openssl/bio.h
-bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_null.o: ../cryptlib.h bf_null.c
-bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
-bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_cb.o: ../cryptlib.h bio_cb.c
-bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_err.o: bio_err.c
-bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
-bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_lib.o: ../cryptlib.h bio_lib.c
-bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
-bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_acpt.o: ../cryptlib.h bss_acpt.c
-bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
-bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c
-bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
-bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_conn.o: ../cryptlib.h bss_conn.c
-bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
-bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_fd.o: ../cryptlib.h bss_fd.c
-bss_file.o: ../../e_os.h ../../include/openssl/bio.h
-bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_file.o: ../cryptlib.h bss_file.c
-bss_log.o: ../../e_os.h ../../include/openssl/bio.h
-bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_log.o: ../cryptlib.h bss_log.c
-bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
-bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_mem.o: ../cryptlib.h bss_mem.c
-bss_null.o: ../../e_os.h ../../include/openssl/bio.h
-bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_null.o: ../cryptlib.h bss_null.c
-bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
-bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_sock.o: ../cryptlib.h bss_sock.c
diff --git a/crypto/openssl/crypto/bio/b_dump.c b/crypto/openssl/crypto/bio/b_dump.c
deleted file mode 100644
index 8397cfab6a2c..000000000000
--- a/crypto/openssl/crypto/bio/b_dump.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/bio/b_dump.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#define TRUNCATE
-#define DUMP_WIDTH	16
-#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
-
-int BIO_dump(BIO *bio, const char *s, int len)
-	{
-	return BIO_dump_indent(bio, s, len, 0);
-	}
-
-int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
-	{
-	int ret=0;
-	char buf[288+1],tmp[20],str[128+1];
-	int i,j,rows,trunc;
-	unsigned char ch;
-	int dump_width;
-	
-	trunc=0;
-	
-#ifdef TRUNCATE
-	for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) 
-		trunc++;
-#endif
-
-	if (indent < 0)
-		indent = 0;
-	if (indent)
-		{
-		if (indent > 128) indent=128;
-		memset(str,' ',indent);
-		}
-	str[indent]='\0';
-	
-	dump_width=DUMP_WIDTH_LESS_INDENT(indent);
-	rows=(len/dump_width);
-	if ((rows*dump_width)<len)
-		rows++;
-	for(i=0;i<rows;i++)
-		{
-		buf[0]='\0';	/* start with empty string */
-		strcpy(buf,str);
-		sprintf(tmp,"%04x - ",i*dump_width);
-		strcat(buf,tmp);
-		for(j=0;j<dump_width;j++)
-			{
-			if (((i*dump_width)+j)>=len)
-				{
-				strcat(buf,"   ");
-				}
-			else
-				{
-				ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
-				sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
-				strcat(buf,tmp);
-				}
-			}
-		strcat(buf,"  ");
-		for(j=0;j<dump_width;j++)
-			{
-			if (((i*dump_width)+j)>=len)
-				break;
-			ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
-#ifndef CHARSET_EBCDIC
-			sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
-#else
-			sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
-				? os_toebcdic[ch]
-				: '.');
-#endif
-			strcat(buf,tmp);
-			}
-		strcat(buf,"\n");
-		/* if this is the last call then update the ddt_dump thing so that
-		 * we will move the selection point in the debug window 
-		 */
-		ret+=BIO_write(bio,(char *)buf,strlen(buf));
-		}
-#ifdef TRUNCATE
-	if (trunc > 0)
-		{
-		sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc);
-		ret+=BIO_write(bio,(char *)buf,strlen(buf));
-		}
-#endif
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/bio/b_print.c b/crypto/openssl/crypto/bio/b_print.c
deleted file mode 100644
index 3f5d6a74bf0c..000000000000
--- a/crypto/openssl/crypto/bio/b_print.c
+++ /dev/null
@@ -1,829 +0,0 @@
-/* crypto/bio/b_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* disable assert() unless BIO_DEBUG has been defined */
-#ifndef BIO_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/* 
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <assert.h>
-#include <limits.h>
-#include "cryptlib.h"
-#ifndef NO_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <openssl/bn.h>         /* To get BN_LLONG properly defined */
-#include <openssl/bio.h>
-
-#ifdef BN_LLONG
-# ifndef HAVE_LONG_LONG
-#  define HAVE_LONG_LONG 1
-# endif
-#endif
-
-/***************************************************************************/
-
-/*
- * Copyright Patrick Powell 1995
- * This code is based on code written by Patrick Powell <papowell@astart.com>
- * It may be used for any purpose as long as this notice remains intact
- * on all source code distributions.
- */
-
-/*
- * This code contains numerious changes and enhancements which were
- * made by lots of contributors over the last years to Patrick Powell's
- * original code:
- *
- * o Patrick Powell <papowell@astart.com>      (1995)
- * o Brandon Long <blong@fiction.net>          (1996, for Mutt)
- * o Thomas Roessler <roessler@guug.de>        (1998, for Mutt)
- * o Michael Elkins <me@cs.hmc.edu>            (1998, for Mutt)
- * o Andrew Tridgell <tridge@samba.org>        (1998, for Samba)
- * o Luke Mewburn <lukem@netbsd.org>           (1999, for LukemFTP)
- * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
- * o ...                                       (for OpenSSL)
- */
-
-#ifdef HAVE_LONG_DOUBLE
-#define LDOUBLE long double
-#else
-#define LDOUBLE double
-#endif
-
-#if HAVE_LONG_LONG
-# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-# define LLONG _int64
-# else
-# define LLONG long long
-# endif
-#else
-#define LLONG long
-#endif
-
-static void fmtstr     (char **, char **, size_t *, size_t *,
-			const char *, int, int, int);
-static void fmtint     (char **, char **, size_t *, size_t *,
-			LLONG, int, int, int, int);
-static void fmtfp      (char **, char **, size_t *, size_t *,
-			LDOUBLE, int, int, int);
-static void doapr_outch (char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
-		  size_t *maxlen, size_t *retlen, int *truncated,
-		  const char *format, va_list args);
-
-/* format read states */
-#define DP_S_DEFAULT    0
-#define DP_S_FLAGS      1
-#define DP_S_MIN        2
-#define DP_S_DOT        3
-#define DP_S_MAX        4
-#define DP_S_MOD        5
-#define DP_S_CONV       6
-#define DP_S_DONE       7
-
-/* format flags - Bits */
-#define DP_F_MINUS      (1 << 0)
-#define DP_F_PLUS       (1 << 1)
-#define DP_F_SPACE      (1 << 2)
-#define DP_F_NUM        (1 << 3)
-#define DP_F_ZERO       (1 << 4)
-#define DP_F_UP         (1 << 5)
-#define DP_F_UNSIGNED   (1 << 6)
-
-/* conversion flags */
-#define DP_C_SHORT      1
-#define DP_C_LONG       2
-#define DP_C_LDOUBLE    3
-#define DP_C_LLONG      4
-
-/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static void
-_dopr(
-    char **sbuffer,
-    char **buffer,
-    size_t *maxlen,
-    size_t *retlen,
-    int *truncated,
-    const char *format,
-    va_list args)
-{
-    char ch;
-    LLONG value;
-    LDOUBLE fvalue;
-    char *strvalue;
-    int min;
-    int max;
-    int state;
-    int flags;
-    int cflags;
-    size_t currlen;
-
-    state = DP_S_DEFAULT;
-    flags = currlen = cflags = min = 0;
-    max = -1;
-    ch = *format++;
-
-    while (state != DP_S_DONE) {
-        if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
-            state = DP_S_DONE;
-
-        switch (state) {
-        case DP_S_DEFAULT:
-            if (ch == '%')
-                state = DP_S_FLAGS;
-            else
-                doapr_outch(sbuffer,buffer, &currlen, maxlen, ch);
-            ch = *format++;
-            break;
-        case DP_S_FLAGS:
-            switch (ch) {
-            case '-':
-                flags |= DP_F_MINUS;
-                ch = *format++;
-                break;
-            case '+':
-                flags |= DP_F_PLUS;
-                ch = *format++;
-                break;
-            case ' ':
-                flags |= DP_F_SPACE;
-                ch = *format++;
-                break;
-            case '#':
-                flags |= DP_F_NUM;
-                ch = *format++;
-                break;
-            case '0':
-                flags |= DP_F_ZERO;
-                ch = *format++;
-                break;
-            default:
-                state = DP_S_MIN;
-                break;
-            }
-            break;
-        case DP_S_MIN:
-            if (isdigit((unsigned char)ch)) {
-                min = 10 * min + char_to_int(ch);
-                ch = *format++;
-            } else if (ch == '*') {
-                min = va_arg(args, int);
-                ch = *format++;
-                state = DP_S_DOT;
-            } else
-                state = DP_S_DOT;
-            break;
-        case DP_S_DOT:
-            if (ch == '.') {
-                state = DP_S_MAX;
-                ch = *format++;
-            } else
-                state = DP_S_MOD;
-            break;
-        case DP_S_MAX:
-            if (isdigit((unsigned char)ch)) {
-                if (max < 0)
-                    max = 0;
-                max = 10 * max + char_to_int(ch);
-                ch = *format++;
-            } else if (ch == '*') {
-                max = va_arg(args, int);
-                ch = *format++;
-                state = DP_S_MOD;
-            } else
-                state = DP_S_MOD;
-            break;
-        case DP_S_MOD:
-            switch (ch) {
-            case 'h':
-                cflags = DP_C_SHORT;
-                ch = *format++;
-                break;
-            case 'l':
-                if (*format == 'l') {
-                    cflags = DP_C_LLONG;
-                    format++;
-                } else
-                    cflags = DP_C_LONG;
-                ch = *format++;
-                break;
-            case 'q':
-                cflags = DP_C_LLONG;
-                ch = *format++;
-                break;
-            case 'L':
-                cflags = DP_C_LDOUBLE;
-                ch = *format++;
-                break;
-            default:
-                break;
-            }
-            state = DP_S_CONV;
-            break;
-        case DP_S_CONV:
-            switch (ch) {
-            case 'd':
-            case 'i':
-                switch (cflags) {
-                case DP_C_SHORT:
-                    value = (short int)va_arg(args, int);
-                    break;
-                case DP_C_LONG:
-                    value = va_arg(args, long int);
-                    break;
-                case DP_C_LLONG:
-                    value = va_arg(args, LLONG);
-                    break;
-                default:
-                    value = va_arg(args, int);
-                    break;
-                }
-                fmtint(sbuffer, buffer, &currlen, maxlen,
-                       value, 10, min, max, flags);
-                break;
-            case 'X':
-                flags |= DP_F_UP;
-                /* FALLTHROUGH */
-            case 'x':
-            case 'o':
-            case 'u':
-                flags |= DP_F_UNSIGNED;
-                switch (cflags) {
-                case DP_C_SHORT:
-                    value = (unsigned short int)va_arg(args, unsigned int);
-                    break;
-                case DP_C_LONG:
-                    value = (LLONG) va_arg(args,
-                        unsigned long int);
-                    break;
-                case DP_C_LLONG:
-                    value = va_arg(args, unsigned LLONG);
-                    break;
-                default:
-                    value = (LLONG) va_arg(args,
-                        unsigned int);
-                    break;
-                }
-                fmtint(sbuffer, buffer, &currlen, maxlen, value,
-                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
-                       min, max, flags);
-                break;
-            case 'f':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                fmtfp(sbuffer, buffer, &currlen, maxlen,
-                      fvalue, min, max, flags);
-                break;
-            case 'E':
-                flags |= DP_F_UP;
-            case 'e':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                break;
-            case 'G':
-                flags |= DP_F_UP;
-            case 'g':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                break;
-            case 'c':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen,
-                    va_arg(args, int));
-                break;
-            case 's':
-                strvalue = va_arg(args, char *);
-                if (max < 0) {
-		    if (buffer)
-			max = INT_MAX;
-		    else
-			max = *maxlen;
-		}
-                fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
-                       flags, min, max);
-                break;
-            case 'p':
-                value = (long)va_arg(args, void *);
-                fmtint(sbuffer, buffer, &currlen, maxlen,
-                    value, 16, min, max, flags);
-                break;
-            case 'n': /* XXX */
-                if (cflags == DP_C_SHORT) {
-                    short int *num;
-                    num = va_arg(args, short int *);
-                    *num = currlen;
-                } else if (cflags == DP_C_LONG) { /* XXX */
-                    long int *num;
-                    num = va_arg(args, long int *);
-                    *num = (long int) currlen;
-                } else if (cflags == DP_C_LLONG) { /* XXX */
-                    LLONG *num;
-                    num = va_arg(args, LLONG *);
-                    *num = (LLONG) currlen;
-                } else {
-                    int    *num;
-                    num = va_arg(args, int *);
-                    *num = currlen;
-                }
-                break;
-            case '%':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
-                break;
-            case 'w':
-                /* not supported yet, treat as next char */
-                ch = *format++;
-                break;
-            default:
-                /* unknown, skip */
-                break;
-            }
-            ch = *format++;
-            state = DP_S_DEFAULT;
-            flags = cflags = min = 0;
-            max = -1;
-            break;
-        case DP_S_DONE:
-            break;
-        default:
-            break;
-        }
-    }
-    *truncated = (currlen > *maxlen - 1);
-    if (*truncated)
-        currlen = *maxlen - 1;
-    doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
-    *retlen = currlen - 1;
-    return;
-}
-
-static void
-fmtstr(
-    char **sbuffer,
-    char **buffer,
-    size_t *currlen,
-    size_t *maxlen,
-    const char *value,
-    int flags,
-    int min,
-    int max)
-{
-    int padlen, strln;
-    int cnt = 0;
-
-    if (value == 0)
-        value = "<NULL>";
-    for (strln = 0; value[strln]; ++strln)
-        ;
-    padlen = min - strln;
-    if (padlen < 0)
-        padlen = 0;
-    if (flags & DP_F_MINUS)
-        padlen = -padlen;
-
-    while ((padlen > 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --padlen;
-        ++cnt;
-    }
-    while (*value && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
-        ++cnt;
-    }
-    while ((padlen < 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++padlen;
-        ++cnt;
-    }
-}
-
-static void
-fmtint(
-    char **sbuffer,
-    char **buffer,
-    size_t *currlen,
-    size_t *maxlen,
-    LLONG value,
-    int base,
-    int min,
-    int max,
-    int flags)
-{
-    int signvalue = 0;
-    unsigned LLONG uvalue;
-    char convert[DECIMAL_SIZE(value)+1];
-    int place = 0;
-    int spadlen = 0;
-    int zpadlen = 0;
-    int caps = 0;
-
-    if (max < 0)
-        max = 0;
-    uvalue = value;
-    if (!(flags & DP_F_UNSIGNED)) {
-        if (value < 0) {
-            signvalue = '-';
-            uvalue = -value;
-        } else if (flags & DP_F_PLUS)
-            signvalue = '+';
-        else if (flags & DP_F_SPACE)
-            signvalue = ' ';
-    }
-    if (flags & DP_F_UP)
-        caps = 1;
-    do {
-        convert[place++] =
-            (caps ? "0123456789ABCDEF" : "0123456789abcdef")
-            [uvalue % (unsigned) base];
-        uvalue = (uvalue / (unsigned) base);
-    } while (uvalue && (place < sizeof convert));
-    if (place == sizeof convert)
-        place--;
-    convert[place] = 0;
-
-    zpadlen = max - place;
-    spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
-    if (zpadlen < 0)
-        zpadlen = 0;
-    if (spadlen < 0)
-        spadlen = 0;
-    if (flags & DP_F_ZERO) {
-        zpadlen = OSSL_MAX(zpadlen, spadlen);
-        spadlen = 0;
-    }
-    if (flags & DP_F_MINUS)
-        spadlen = -spadlen;
-
-    /* spaces */
-    while (spadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --spadlen;
-    }
-
-    /* sign */
-    if (signvalue)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
-    /* zeros */
-    if (zpadlen > 0) {
-        while (zpadlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-            --zpadlen;
-        }
-    }
-    /* digits */
-    while (place > 0)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
-
-    /* left justified spaces */
-    while (spadlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++spadlen;
-    }
-    return;
-}
-
-static LDOUBLE
-abs_val(LDOUBLE value)
-{
-    LDOUBLE result = value;
-    if (value < 0)
-        result = -value;
-    return result;
-}
-
-static LDOUBLE
-pow10(int exp)
-{
-    LDOUBLE result = 1;
-    while (exp) {
-        result *= 10;
-        exp--;
-    }
-    return result;
-}
-
-static long
-roundv(LDOUBLE value)
-{
-    long intpart;
-    intpart = (long) value;
-    value = value - intpart;
-    if (value >= 0.5)
-        intpart++;
-    return intpart;
-}
-
-static void
-fmtfp(
-    char **sbuffer,
-    char **buffer,
-    size_t *currlen,
-    size_t *maxlen,
-    LDOUBLE fvalue,
-    int min,
-    int max,
-    int flags)
-{
-    int signvalue = 0;
-    LDOUBLE ufvalue;
-    char iconvert[20];
-    char fconvert[20];
-    int iplace = 0;
-    int fplace = 0;
-    int padlen = 0;
-    int zpadlen = 0;
-    int caps = 0;
-    long intpart;
-    long fracpart;
-
-    if (max < 0)
-        max = 6;
-    ufvalue = abs_val(fvalue);
-    if (fvalue < 0)
-        signvalue = '-';
-    else if (flags & DP_F_PLUS)
-        signvalue = '+';
-    else if (flags & DP_F_SPACE)
-        signvalue = ' ';
-
-    intpart = (long)ufvalue;
-
-    /* sorry, we only support 9 digits past the decimal because of our
-       conversion method */
-    if (max > 9)
-        max = 9;
-
-    /* we "cheat" by converting the fractional part to integer by
-       multiplying by a factor of 10 */
-    fracpart = roundv((pow10(max)) * (ufvalue - intpart));
-
-    if (fracpart >= pow10(max)) {
-        intpart++;
-        fracpart -= (long)pow10(max);
-    }
-
-    /* convert integer part */
-    do {
-        iconvert[iplace++] =
-            (caps ? "0123456789ABCDEF"
-              : "0123456789abcdef")[intpart % 10];
-        intpart = (intpart / 10);
-    } while (intpart && (iplace < sizeof iplace));
-    if (iplace == sizeof iplace)
-        iplace--;
-    iconvert[iplace] = 0;
-
-    /* convert fractional part */
-    do {
-        fconvert[fplace++] =
-            (caps ? "0123456789ABCDEF"
-              : "0123456789abcdef")[fracpart % 10];
-        fracpart = (fracpart / 10);
-    } while (fplace < max);
-    if (fplace == sizeof fplace)
-        fplace--;
-    fconvert[fplace] = 0;
-
-    /* -1 for decimal point, another -1 if we are printing a sign */
-    padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
-    zpadlen = max - fplace;
-    if (zpadlen < 0)
-        zpadlen = 0;
-    if (padlen < 0)
-        padlen = 0;
-    if (flags & DP_F_MINUS)
-        padlen = -padlen;
-
-    if ((flags & DP_F_ZERO) && (padlen > 0)) {
-        if (signvalue) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-            --padlen;
-            signvalue = 0;
-        }
-        while (padlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-            --padlen;
-        }
-    }
-    while (padlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --padlen;
-    }
-    if (signvalue)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
-    while (iplace > 0)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
-
-    /*
-     * Decimal point. This should probably use locale to find the correct
-     * char to print out.
-     */
-    if (max > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
-
-        while (fplace > 0)
-            doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
-    }
-    while (zpadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-        --zpadlen;
-    }
-
-    while (padlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++padlen;
-    }
-}
-
-static void
-doapr_outch(
-    char **sbuffer,
-    char **buffer,
-    size_t *currlen,
-    size_t *maxlen,
-    int c)
-{
-    /* If we haven't at least one buffer, someone has doe a big booboo */
-    assert(*sbuffer != NULL || buffer != NULL);
-
-    if (buffer) {
-	while (*currlen >= *maxlen) {
-	    if (*buffer == NULL) {
-		if (*maxlen == 0)
-		    *maxlen = 1024;
-		*buffer = OPENSSL_malloc(*maxlen);
-		if (*currlen > 0) {
-		    assert(*sbuffer != NULL);
-		    memcpy(*buffer, *sbuffer, *currlen);
-		}
-		*sbuffer = NULL;
-	    } else {
-		*maxlen += 1024;
-		*buffer = OPENSSL_realloc(*buffer, *maxlen);
-	    }
-	}
-	/* What to do if *buffer is NULL? */
-	assert(*sbuffer != NULL || *buffer != NULL);
-    }
-
-    if (*currlen < *maxlen) {
-	if (*sbuffer)
-	    (*sbuffer)[(*currlen)++] = (char)c;
-	else
-	    (*buffer)[(*currlen)++] = (char)c;
-    }
-
-    return;
-}
-
-/***************************************************************************/
-
-int BIO_printf (BIO *bio, const char *format, ...)
-	{
-	va_list args;
-	int ret;
-
-	va_start(args, format);
-
-	ret = BIO_vprintf(bio, format, args);
-
-	va_end(args);
-	return(ret);
-	}
-
-int BIO_vprintf (BIO *bio, const char *format, va_list args)
-	{
-	int ret;
-	size_t retlen;
-	char hugebuf[1024*2];	/* Was previously 10k, which is unreasonable
-				   in small-stack environments, like threads
-				   or DOS programs. */
-	char *hugebufp = hugebuf;
-	size_t hugebufsize = sizeof(hugebuf);
-	char *dynbuf = NULL;
-	int ignored;
-
-	dynbuf = NULL;
-	CRYPTO_push_info("doapr()");
-	_dopr(&hugebufp, &dynbuf, &hugebufsize,
-		&retlen, &ignored, format, args);
-	if (dynbuf)
-		{
-		ret=BIO_write(bio, dynbuf, (int)retlen);
-		OPENSSL_free(dynbuf);
-		}
-	else
-		{
-		ret=BIO_write(bio, hugebuf, (int)retlen);
-		}
-	CRYPTO_pop_info();
-	return(ret);
-	}
-
-/* As snprintf is not available everywhere, we provide our own implementation.
- * This function has nothing to do with BIOs, but it's closely related
- * to BIO_printf, and we need *some* name prefix ...
- * (XXX  the function should be renamed, but to what?) */
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-	{
-	va_list args;
-	int ret;
-
-	va_start(args, format);
-
-	ret = BIO_vsnprintf(buf, n, format, args);
-
-	va_end(args);
-	return(ret);
-	}
-
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-	{
-	size_t retlen;
-	int truncated;
-
-	_dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
-
-	if (truncated)
-		/* In case of truncation, return -1 like traditional snprintf.
-		 * (Current drafts for ISO/IEC 9899 say snprintf should return
-		 * the number of characters that would have been written,
-		 * had the buffer been large enough.) */
-		return -1;
-	else
-		return (retlen <= INT_MAX) ? retlen : -1;
-	}
diff --git a/crypto/openssl/crypto/bio/b_sock.c b/crypto/openssl/crypto/bio/b_sock.c
deleted file mode 100644
index 601a14f37c5b..000000000000
--- a/crypto/openssl/crypto/bio/b_sock.c
+++ /dev/null
@@ -1,752 +0,0 @@
-/* crypto/bio/b_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SOCK
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#ifdef SO_MAXCONN
-#define MAX_LISTEN  SO_MAXCONN
-#elif defined(SOMAXCONN)
-#define MAX_LISTEN  SOMAXCONN
-#else
-#define MAX_LISTEN  32
-#endif
-
-#ifdef OPENSSL_SYS_WINDOWS
-static int wsa_init_done=0;
-#endif
-
-#if 0
-static unsigned long BIO_ghbn_hits=0L;
-static unsigned long BIO_ghbn_miss=0L;
-
-#define GHBN_NUM	4
-static struct ghbn_cache_st
-	{
-	char name[129];
-	struct hostent *ent;
-	unsigned long order;
-	} ghbn_cache[GHBN_NUM];
-#endif
-
-static int get_ip(const char *str,unsigned char *ip);
-#if 0
-static void ghbn_free(struct hostent *a);
-static struct hostent *ghbn_dup(struct hostent *a);
-#endif
-int BIO_get_host_ip(const char *str, unsigned char *ip)
-	{
-	int i;
-	int err = 1;
-	int locked = 0;
-	struct hostent *he;
-
-	i=get_ip(str,ip);
-	if (i < 0)
-		{
-		BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
-		goto err;
-		}
-
-	/* At this point, we have something that is most probably correct
-	   in some way, so let's init the socket. */
-	if (BIO_sock_init() != 1)
-		return 0; /* don't generate another error code here */
-
-	/* If the string actually contained an IP address, we need not do
-	   anything more */
-	if (i > 0) return(1);
-
-	/* do a gethostbyname */
-	CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-	locked = 1;
-	he=BIO_gethostbyname(str);
-	if (he == NULL)
-		{
-		BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
-		goto err;
-		}
-
-	/* cast to short because of win16 winsock definition */
-	if ((short)he->h_addrtype != AF_INET)
-		{
-		BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
-		goto err;
-		}
-	for (i=0; i<4; i++)
-		ip[i]=he->h_addr_list[0][i];
-	err = 0;
-
- err:
-	if (locked)
-		CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-	if (err)
-		{
-		ERR_add_error_data(2,"host=",str);
-		return 0;
-		}
-	else
-		return 1;
-	}
-
-int BIO_get_port(const char *str, unsigned short *port_ptr)
-	{
-	int i;
-	struct servent *s;
-
-	if (str == NULL)
-		{
-		BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
-		return(0);
-		}
-	i=atoi(str);
-	if (i != 0)
-		*port_ptr=(unsigned short)i;
-	else
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
-		/* Note: under VMS with SOCKETSHR, it seems like the first
-		 * parameter is 'char *', instead of 'const char *'
-		 */
- 		s=getservbyname(
-#ifndef CONST_STRICT
-		    (char *)
-#endif
-		    str,"tcp");
-		if(s != NULL)
-			*port_ptr=ntohs((unsigned short)s->s_port);
-		CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
-		if(s == NULL)
-			{
-			if (strcmp(str,"http") == 0)
-				*port_ptr=80;
-			else if (strcmp(str,"telnet") == 0)
-				*port_ptr=23;
-			else if (strcmp(str,"socks") == 0)
-				*port_ptr=1080;
-			else if (strcmp(str,"https") == 0)
-				*port_ptr=443;
-			else if (strcmp(str,"ssl") == 0)
-				*port_ptr=443;
-			else if (strcmp(str,"ftp") == 0)
-				*port_ptr=21;
-			else if (strcmp(str,"gopher") == 0)
-				*port_ptr=70;
-#if 0
-			else if (strcmp(str,"wais") == 0)
-				*port_ptr=21;
-#endif
-			else
-				{
-				SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error());
-				ERR_add_error_data(3,"service='",str,"'");
-				return(0);
-				}
-			}
-		}
-	return(1);
-	}
-
-int BIO_sock_error(int sock)
-	{
-	int j,i;
-	int size;
-		 
-	size=sizeof(int);
-	/* Note: under Windows the third parameter is of type (char *)
-	 * whereas under other systems it is (void *) if you don't have
-	 * a cast it will choke the compiler: if you do have a cast then
-	 * you can either go for (char *) or (void *).
-	 */
-	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(void *)&j,(void *)&size);
-	if (i < 0)
-		return(1);
-	else
-		return(j);
-	}
-
-#if 0
-long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
-	{
-	int i;
-	char **p;
-
-	switch (cmd)
-		{
-	case BIO_GHBN_CTRL_HITS:
-		return(BIO_ghbn_hits);
-		/* break; */
-	case BIO_GHBN_CTRL_MISSES:
-		return(BIO_ghbn_miss);
-		/* break; */
-	case BIO_GHBN_CTRL_CACHE_SIZE:
-		return(GHBN_NUM);
-		/* break; */
-	case BIO_GHBN_CTRL_GET_ENTRY:
-		if ((iarg >= 0) && (iarg <GHBN_NUM) &&
-			(ghbn_cache[iarg].order > 0))
-			{
-			p=(char **)parg;
-			if (p == NULL) return(0);
-			*p=ghbn_cache[iarg].name;
-			ghbn_cache[iarg].name[128]='\0';
-			return(1);
-			}
-		return(0);
-		/* break; */
-	case BIO_GHBN_CTRL_FLUSH:
-		for (i=0; i<GHBN_NUM; i++)
-			ghbn_cache[i].order=0;
-		break;
-	default:
-		return(0);
-		}
-	return(1);
-	}
-#endif
-
-#if 0
-static struct hostent *ghbn_dup(struct hostent *a)
-	{
-	struct hostent *ret;
-	int i,j;
-
-	MemCheck_off();
-	ret=(struct hostent *)OPENSSL_malloc(sizeof(struct hostent));
-	if (ret == NULL) return(NULL);
-	memset(ret,0,sizeof(struct hostent));
-
-	for (i=0; a->h_aliases[i] != NULL; i++)
-		;
-	i++;
-	ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *));
-	if (ret->h_aliases == NULL)
-		goto err;
-	memset(ret->h_aliases, 0, i*sizeof(char *));
-
-	for (i=0; a->h_addr_list[i] != NULL; i++)
-		;
-	i++;
-	ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *));
-	if (ret->h_addr_list == NULL)
-		goto err;
-	memset(ret->h_addr_list, 0, i*sizeof(char *));
-
-	j=strlen(a->h_name)+1;
-	if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err;
-	memcpy((char *)ret->h_name,a->h_name,j);
-	for (i=0; a->h_aliases[i] != NULL; i++)
-		{
-		j=strlen(a->h_aliases[i])+1;
-		if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err;
-		memcpy(ret->h_aliases[i],a->h_aliases[i],j);
-		}
-	ret->h_length=a->h_length;
-	ret->h_addrtype=a->h_addrtype;
-	for (i=0; a->h_addr_list[i] != NULL; i++)
-		{
-		if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL)
-			goto err;
-		memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
-		}
-	if (0)
-		{
-err:	
-		if (ret != NULL)
-			ghbn_free(ret);
-		ret=NULL;
-		}
-	MemCheck_on();
-	return(ret);
-	}
-
-static void ghbn_free(struct hostent *a)
-	{
-	int i;
-
-	if(a == NULL)
-	    return;
-
-	if (a->h_aliases != NULL)
-		{
-		for (i=0; a->h_aliases[i] != NULL; i++)
-			OPENSSL_free(a->h_aliases[i]);
-		OPENSSL_free(a->h_aliases);
-		}
-	if (a->h_addr_list != NULL)
-		{
-		for (i=0; a->h_addr_list[i] != NULL; i++)
-			OPENSSL_free(a->h_addr_list[i]);
-		OPENSSL_free(a->h_addr_list);
-		}
-	if (a->h_name != NULL) OPENSSL_free(a->h_name);
-	OPENSSL_free(a);
-	}
-
-#endif
-
-struct hostent *BIO_gethostbyname(const char *name)
-	{
-#if 1
-	/* Caching gethostbyname() results forever is wrong,
-	 * so we have to let the true gethostbyname() worry about this */
-	return gethostbyname(name);
-#else
-	struct hostent *ret;
-	int i,lowi=0,j;
-	unsigned long low= (unsigned long)-1;
-
-
-#  if 0
-	/* It doesn't make sense to use locking here: The function interface
-	 * is not thread-safe, because threads can never be sure when
-	 * some other thread destroys the data they were given a pointer to.
-	 */
-	CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-#  endif
-	j=strlen(name);
-	if (j < 128)
-		{
-		for (i=0; i<GHBN_NUM; i++)
-			{
-			if (low > ghbn_cache[i].order)
-				{
-				low=ghbn_cache[i].order;
-				lowi=i;
-				}
-			if (ghbn_cache[i].order > 0)
-				{
-				if (strncmp(name,ghbn_cache[i].name,128) == 0)
-					break;
-				}
-			}
-		}
-	else
-		i=GHBN_NUM;
-
-	if (i == GHBN_NUM) /* no hit*/
-		{
-		BIO_ghbn_miss++;
-		/* Note: under VMS with SOCKETSHR, it seems like the first
-		 * parameter is 'char *', instead of 'const char *'
-		 */
-		ret=gethostbyname(
-#  ifndef CONST_STRICT
-		    (char *)
-#  endif
-		    name);
-
-		if (ret == NULL)
-			goto end;
-		if (j > 128) /* too big to cache */
-			{
-#  if 0
-			/* If we were trying to make this function thread-safe (which
-			 * is bound to fail), we'd have to give up in this case
-			 * (or allocate more memory). */
-			ret = NULL;
-#  endif
-			goto end;
-			}
-
-		/* else add to cache */
-		if (ghbn_cache[lowi].ent != NULL)
-			ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */
-		ghbn_cache[lowi].name[0] = '\0';
-
-		if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL)
-			{
-			BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE);
-			goto end;
-			}
-		strncpy(ghbn_cache[lowi].name,name,128);
-		ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
-		}
-	else
-		{
-		BIO_ghbn_hits++;
-		ret= ghbn_cache[i].ent;
-		ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
-		}
-end:
-#  if 0
-	CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-#  endif
-	return(ret);
-#endif
-	}
-
-
-int BIO_sock_init(void)
-	{
-#ifdef OPENSSL_SYS_WINDOWS
-	static struct WSAData wsa_state;
-
-	if (!wsa_init_done)
-		{
-		int err;
-	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-#endif
-		wsa_init_done=1;
-		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
-			{
-			err=WSAGetLastError();
-			SYSerr(SYS_F_WSASTARTUP,err);
-			BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
-			return(-1);
-			}
-		}
-#endif /* OPENSSL_SYS_WINDOWS */
-#ifdef WATT32
-	extern int _watt_do_exit;
-	_watt_do_exit = 0;    /* don't make sock_init() call exit() */
-	if (sock_init())
-		return (-1);
-#endif
-	return(1);
-	}
-
-void BIO_sock_cleanup(void)
-	{
-#ifdef OPENSSL_SYS_WINDOWS
-	if (wsa_init_done)
-		{
-		wsa_init_done=0;
-#ifndef OPENSSL_SYS_WINCE
-		WSACancelBlockingCall();
-#endif
-		WSACleanup();
-		}
-#endif
-	}
-
-#if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
-
-int BIO_socket_ioctl(int fd, long type, void *arg)
-	{
-	int i;
-
-#ifdef __DJGPP__
-	i=ioctlsocket(fd,type,(char *)arg);
-#else
-	i=ioctlsocket(fd,type,arg);
-#endif /* __DJGPP__ */
-	if (i < 0)
-		SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
-	return(i);
-	}
-#endif /* __VMS_VER */
-
-/* The reason I have implemented this instead of using sscanf is because
- * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
-static int get_ip(const char *str, unsigned char ip[4])
-	{
-	unsigned int tmp[4];
-	int num=0,c,ok=0;
-
-	tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
-
-	for (;;)
-		{
-		c= *(str++);
-		if ((c >= '0') && (c <= '9'))
-			{
-			ok=1;
-			tmp[num]=tmp[num]*10+c-'0';
-			if (tmp[num] > 255) return(0);
-			}
-		else if (c == '.')
-			{
-			if (!ok) return(-1);
-			if (num == 3) return(0);
-			num++;
-			ok=0;
-			}
-		else if (c == '\0' && (num == 3) && ok)
-			break;
-		else
-			return(0);
-		}
-	ip[0]=tmp[0];
-	ip[1]=tmp[1];
-	ip[2]=tmp[2];
-	ip[3]=tmp[3];
-	return(1);
-	}
-
-int BIO_get_accept_socket(char *host, int bind_mode)
-	{
-	int ret=0;
-	struct sockaddr_in server,client;
-	int s=INVALID_SOCKET,cs;
-	unsigned char ip[4];
-	unsigned short port;
-	char *str=NULL,*e;
-	const char *h,*p;
-	unsigned long l;
-	int err_num;
-
-	if (BIO_sock_init() != 1) return(INVALID_SOCKET);
-
-	if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
-
-	h=p=NULL;
-	h=str;
-	for (e=str; *e; e++)
-		{
-		if (*e == ':')
-			{
-			p= &(e[1]);
-			*e='\0';
-			}
-		else if (*e == '/')
-			{
-			*e='\0';
-			break;
-			}
-		}
-
-	if (p == NULL)
-		{
-		p=h;
-		h="*";
-		}
-
-	if (!BIO_get_port(p,&port)) goto err;
-
-	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons(port);
-
-	if (strcmp(h,"*") == 0)
-		server.sin_addr.s_addr=INADDR_ANY;
-	else
-		{
-                if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
-		l=(unsigned long)
-			((unsigned long)ip[0]<<24L)|
-			((unsigned long)ip[1]<<16L)|
-			((unsigned long)ip[2]<< 8L)|
-			((unsigned long)ip[3]);
-		server.sin_addr.s_addr=htonl(l);
-		}
-
-again:
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-	if (s == INVALID_SOCKET)
-		{
-		SYSerr(SYS_F_SOCKET,get_last_socket_error());
-		ERR_add_error_data(3,"port='",host,"'");
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET);
-		goto err;
-		}
-
-#ifdef SO_REUSEADDR
-	if (bind_mode == BIO_BIND_REUSEADDR)
-		{
-		int i=1;
-
-		ret=setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&i,sizeof(i));
-		bind_mode=BIO_BIND_NORMAL;
-		}
-#endif
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-		{
-#ifdef SO_REUSEADDR
-		err_num=get_last_socket_error();
-		if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
-			(err_num == EADDRINUSE))
-			{
-			memcpy((char *)&client,(char *)&server,sizeof(server));
-			if (strcmp(h,"*") == 0)
-				client.sin_addr.s_addr=htonl(0x7F000001);
-			cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-			if (cs != INVALID_SOCKET)
-				{
-				int ii;
-				ii=connect(cs,(struct sockaddr *)&client,
-					sizeof(client));
-				closesocket(cs);
-				if (ii == INVALID_SOCKET)
-					{
-					bind_mode=BIO_BIND_REUSEADDR;
-					closesocket(s);
-					goto again;
-					}
-				/* else error */
-				}
-			/* else error */
-			}
-#endif
-		SYSerr(SYS_F_BIND,err_num);
-		ERR_add_error_data(3,"port='",host,"'");
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
-		goto err;
-		}
-	if (listen(s,MAX_LISTEN) == -1)
-		{
-		SYSerr(SYS_F_BIND,get_last_socket_error());
-		ERR_add_error_data(3,"port='",host,"'");
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
-		goto err;
-		}
-	ret=1;
-err:
-	if (str != NULL) OPENSSL_free(str);
-	if ((ret == 0) && (s != INVALID_SOCKET))
-		{
-		closesocket(s);
-		s= INVALID_SOCKET;
-		}
-	return(s);
-	}
-
-int BIO_accept(int sock, char **addr)
-	{
-	int ret=INVALID_SOCKET;
-	static struct sockaddr_in from;
-	unsigned long l;
-	unsigned short port;
-	int len;
-	char *p;
-
-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	ret=accept(sock,(struct sockaddr *)&from,(void *)&len);
-	if (ret == INVALID_SOCKET)
-		{
-		if(BIO_sock_should_retry(ret)) return -2;
-		SYSerr(SYS_F_ACCEPT,get_last_socket_error());
-		BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
-		goto end;
-		}
-
-	if (addr == NULL) goto end;
-
-	l=ntohl(from.sin_addr.s_addr);
-	port=ntohs(from.sin_port);
-	if (*addr == NULL)
-		{
-		if ((p=OPENSSL_malloc(24)) == NULL)
-			{
-			BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
-			goto end;
-			}
-		*addr=p;
-		}
-	sprintf(*addr,"%d.%d.%d.%d:%d",
-		(unsigned char)(l>>24L)&0xff,
-		(unsigned char)(l>>16L)&0xff,
-		(unsigned char)(l>> 8L)&0xff,
-		(unsigned char)(l     )&0xff,
-		port);
-end:
-	return(ret);
-	}
-
-int BIO_set_tcp_ndelay(int s, int on)
-	{
-	int ret=0;
-#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
-	int opt;
-
-#ifdef SOL_TCP
-	opt=SOL_TCP;
-#else
-#ifdef IPPROTO_TCP
-	opt=IPPROTO_TCP;
-#endif
-#endif
-	
-	ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
-#endif
-	return(ret == 0);
-	}
-#endif
-
-int BIO_socket_nbio(int s, int mode)
-	{
-	int ret= -1;
-	int l;
-
-	l=mode;
-#ifdef FIONBIO
-	ret=BIO_socket_ioctl(s,FIONBIO,&l);
-#endif
-	return(ret == 0);
-	}
diff --git a/crypto/openssl/crypto/bio/bf_buff.c b/crypto/openssl/crypto/bio/bf_buff.c
deleted file mode 100644
index 1cecd7057956..000000000000
--- a/crypto/openssl/crypto/bio/bf_buff.c
+++ /dev/null
@@ -1,510 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int buffer_write(BIO *h, const char *buf,int num);
-static int buffer_read(BIO *h, char *buf, int size);
-static int buffer_puts(BIO *h, const char *str);
-static int buffer_gets(BIO *h, char *str, int size);
-static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int buffer_new(BIO *h);
-static int buffer_free(BIO *data);
-static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define DEFAULT_BUFFER_SIZE	4096
-
-static BIO_METHOD methods_buffer=
-	{
-	BIO_TYPE_BUFFER,
-	"buffer",
-	buffer_write,
-	buffer_read,
-	buffer_puts,
-	buffer_gets,
-	buffer_ctrl,
-	buffer_new,
-	buffer_free,
-	buffer_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_buffer(void)
-	{
-	return(&methods_buffer);
-	}
-
-static int buffer_new(BIO *bi)
-	{
-	BIO_F_BUFFER_CTX *ctx;
-
-	ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
-	if (ctx == NULL) return(0);
-	ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
-	if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); }
-	ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
-	if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); }
-	ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
-	ctx->obuf_size=DEFAULT_BUFFER_SIZE;
-	ctx->ibuf_len=0;
-	ctx->ibuf_off=0;
-	ctx->obuf_len=0;
-	ctx->obuf_off=0;
-
-	bi->init=1;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int buffer_free(BIO *a)
-	{
-	BIO_F_BUFFER_CTX *b;
-
-	if (a == NULL) return(0);
-	b=(BIO_F_BUFFER_CTX *)a->ptr;
-	if (b->ibuf != NULL) OPENSSL_free(b->ibuf);
-	if (b->obuf != NULL) OPENSSL_free(b->obuf);
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int buffer_read(BIO *b, char *out, int outl)
-	{
-	int i,num=0;
-	BIO_F_BUFFER_CTX *ctx;
-
-	if (out == NULL) return(0);
-	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-	num=0;
-	BIO_clear_retry_flags(b);
-
-start:
-	i=ctx->ibuf_len;
-	/* If there is stuff left over, grab it */
-	if (i != 0)
-		{
-		if (i > outl) i=outl;
-		memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
-		ctx->ibuf_off+=i;
-		ctx->ibuf_len-=i;
-		num+=i;
-		if (outl == i)  return(num);
-		outl-=i;
-		out+=i;
-		}
-
-	/* We may have done a partial read. try to do more.
-	 * We have nothing in the buffer.
-	 * If we get an error and have read some data, just return it
-	 * and let them retry to get the error again.
-	 * copy direct to parent address space */
-	if (outl > ctx->ibuf_size)
-		{
-		for (;;)
-			{
-			i=BIO_read(b->next_bio,out,outl);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-			num+=i;
-			if (outl == i) return(num);
-			out+=i;
-			outl-=i;
-			}
-		}
-	/* else */
-
-	/* we are going to be doing some buffering */
-	i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
-	if (i <= 0)
-		{
-		BIO_copy_next_retry(b);
-		if (i < 0) return((num > 0)?num:i);
-		if (i == 0) return(num);
-		}
-	ctx->ibuf_off=0;
-	ctx->ibuf_len=i;
-
-	/* Lets re-read using ourselves :-) */
-	goto start;
-	}
-
-static int buffer_write(BIO *b, const char *in, int inl)
-	{
-	int i,num=0;
-	BIO_F_BUFFER_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	BIO_clear_retry_flags(b);
-start:
-	i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
-	/* add to buffer and return */
-	if (i >= inl)
-		{
-		memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
-		ctx->obuf_len+=inl;
-		return(num+inl);
-		}
-	/* else */
-	/* stuff already in buffer, so add to it first, then flush */
-	if (ctx->obuf_len != 0)
-		{
-		if (i > 0) /* lets fill it up if we can */
-			{
-			memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
-			in+=i;
-			inl-=i;
-			num+=i;
-			ctx->obuf_len+=i;
-			}
-		/* we now have a full buffer needing flushing */
-		for (;;)
-			{
-			i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
-				ctx->obuf_len);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-			ctx->obuf_off+=i;
-			ctx->obuf_len-=i;
-			if (ctx->obuf_len == 0) break;
-			}
-		}
-	/* we only get here if the buffer has been flushed and we
-	 * still have stuff to write */
-	ctx->obuf_off=0;
-
-	/* we now have inl bytes to write */
-	while (inl >= ctx->obuf_size)
-		{
-		i=BIO_write(b->next_bio,in,inl);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			if (i < 0) return((num > 0)?num:i);
-			if (i == 0) return(num);
-			}
-		num+=i;
-		in+=i;
-		inl-=i;
-		if (inl == 0) return(num);
-		}
-
-	/* copy the rest into the buffer since we have only a small 
-	 * amount left */
-	goto start;
-	}
-
-static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	BIO_F_BUFFER_CTX *ctx;
-	long ret=1;
-	char *p1,*p2;
-	int r,i,*ip;
-	int ibs,obs;
-
-	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->ibuf_off=0;
-		ctx->ibuf_len=0;
-		ctx->obuf_off=0;
-		ctx->obuf_len=0;
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_INFO:
-		ret=(long)ctx->obuf_len;
-		break;
-	case BIO_C_GET_BUFF_NUM_LINES:
-		ret=0;
-		p1=ctx->ibuf;
-		for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
-			{
-			if (p1[i] == '\n') ret++;
-			}
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=(long)ctx->obuf_len;
-		if (ret == 0)
-			{
-			if (b->next_bio == NULL) return(0);
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			}
-		break;
-	case BIO_CTRL_PENDING:
-		ret=(long)ctx->ibuf_len;
-		if (ret == 0)
-			{
-			if (b->next_bio == NULL) return(0);
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			}
-		break;
-	case BIO_C_SET_BUFF_READ_DATA:
-		if (num > ctx->ibuf_size)
-			{
-			p1=OPENSSL_malloc((int)num);
-			if (p1 == NULL) goto malloc_error;
-			if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf);
-			ctx->ibuf=p1;
-			}
-		ctx->ibuf_off=0;
-		ctx->ibuf_len=(int)num;
-		memcpy(ctx->ibuf,ptr,(int)num);
-		ret=1;
-		break;
-	case BIO_C_SET_BUFF_SIZE:
-		if (ptr != NULL)
-			{
-			ip=(int *)ptr;
-			if (*ip == 0)
-				{
-				ibs=(int)num;
-				obs=ctx->obuf_size;
-				}
-			else /* if (*ip == 1) */
-				{
-				ibs=ctx->ibuf_size;
-				obs=(int)num;
-				}
-			}
-		else
-			{
-			ibs=(int)num;
-			obs=(int)num;
-			}
-		p1=ctx->ibuf;
-		p2=ctx->obuf;
-		if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
-			{
-			p1=(char *)OPENSSL_malloc((int)num);
-			if (p1 == NULL) goto malloc_error;
-			}
-		if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
-			{
-			p2=(char *)OPENSSL_malloc((int)num);
-			if (p2 == NULL)
-				{
-				if (p1 != ctx->ibuf) OPENSSL_free(p1);
-				goto malloc_error;
-				}
-			}
-		if (ctx->ibuf != p1)
-			{
-			OPENSSL_free(ctx->ibuf);
-			ctx->ibuf=p1;
-			ctx->ibuf_off=0;
-			ctx->ibuf_len=0;
-			ctx->ibuf_size=ibs;
-			}
-		if (ctx->obuf != p2)
-			{
-			OPENSSL_free(ctx->obuf);
-			ctx->obuf=p2;
-			ctx->obuf_off=0;
-			ctx->obuf_len=0;
-			ctx->obuf_size=obs;
-			}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		if (b->next_bio == NULL) return(0);
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (b->next_bio == NULL) return(0);
-		if (ctx->obuf_len <= 0)
-			{
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			break;
-			}
-
-		for (;;)
-			{
-			BIO_clear_retry_flags(b);
-			if (ctx->obuf_len > ctx->obuf_off)
-				{
-				r=BIO_write(b->next_bio,
-					&(ctx->obuf[ctx->obuf_off]),
-					ctx->obuf_len-ctx->obuf_off);
-#if 0
-fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
-#endif
-				BIO_copy_next_retry(b);
-				if (r <= 0) return((long)r);
-				ctx->obuf_off+=r;
-				}
-			else
-				{
-				ctx->obuf_len=0;
-				ctx->obuf_off=0;
-				ret=1;
-				break;
-				}
-			}
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		if (	!BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
-			!BIO_set_write_buffer_size(dbio,ctx->obuf_size))
-			ret=0;
-		break;
-	default:
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-malloc_error:
-	BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int buffer_gets(BIO *b, char *buf, int size)
-	{
-	BIO_F_BUFFER_CTX *ctx;
-	int num=0,i,flag;
-	char *p;
-
-	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-	size--; /* reserve space for a '\0' */
-	BIO_clear_retry_flags(b);
-
-	for (;;)
-		{
-		if (ctx->ibuf_len > 0)
-			{
-			p= &(ctx->ibuf[ctx->ibuf_off]);
-			flag=0;
-			for (i=0; (i<ctx->ibuf_len) && (i<size); i++)
-				{
-				*(buf++)=p[i];
-				if (p[i] == '\n')
-					{
-					flag=1;
-					i++;
-					break;
-					}
-				}
-			num+=i;
-			size-=i;
-			ctx->ibuf_len-=i;
-			ctx->ibuf_off+=i;
-			if (flag || size == 0)
-				{
-				*buf='\0';
-				return(num);
-				}
-			}
-		else	/* read another chunk */
-			{
-			i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-			ctx->ibuf_len=i;
-			ctx->ibuf_off=0;
-			}
-		}
-	}
-
-static int buffer_puts(BIO *b, const char *str)
-	{
-	return(buffer_write(b,str,strlen(str)));
-	}
-
diff --git a/crypto/openssl/crypto/bio/bf_lbuf.c b/crypto/openssl/crypto/bio/bf_lbuf.c
deleted file mode 100644
index ec0f7eb0b7ee..000000000000
--- a/crypto/openssl/crypto/bio/bf_lbuf.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int linebuffer_write(BIO *h, const char *buf,int num);
-static int linebuffer_read(BIO *h, char *buf, int size);
-static int linebuffer_puts(BIO *h, const char *str);
-static int linebuffer_gets(BIO *h, char *str, int size);
-static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int linebuffer_new(BIO *h);
-static int linebuffer_free(BIO *data);
-static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-/* A 10k maximum should be enough for most purposes */
-#define DEFAULT_LINEBUFFER_SIZE	1024*10
-
-/* #define DEBUG */
-
-static BIO_METHOD methods_linebuffer=
-	{
-	BIO_TYPE_LINEBUFFER,
-	"linebuffer",
-	linebuffer_write,
-	linebuffer_read,
-	linebuffer_puts,
-	linebuffer_gets,
-	linebuffer_ctrl,
-	linebuffer_new,
-	linebuffer_free,
-	linebuffer_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_linebuffer(void)
-	{
-	return(&methods_linebuffer);
-	}
-
-typedef struct bio_linebuffer_ctx_struct
-	{
-	char *obuf;		/* the output char array */
-	int obuf_size;		/* how big is the output buffer */
-	int obuf_len;		/* how many bytes are in it */
-	} BIO_LINEBUFFER_CTX;
-
-static int linebuffer_new(BIO *bi)
-	{
-	BIO_LINEBUFFER_CTX *ctx;
-
-	ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
-	if (ctx == NULL) return(0);
-	ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
-	if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); }
-	ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE;
-	ctx->obuf_len=0;
-
-	bi->init=1;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int linebuffer_free(BIO *a)
-	{
-	BIO_LINEBUFFER_CTX *b;
-
-	if (a == NULL) return(0);
-	b=(BIO_LINEBUFFER_CTX *)a->ptr;
-	if (b->obuf != NULL) OPENSSL_free(b->obuf);
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int linebuffer_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
- 
-	if (out == NULL) return(0);
-	if (b->next_bio == NULL) return(0);
-	ret=BIO_read(b->next_bio,out,outl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int linebuffer_write(BIO *b, const char *in, int inl)
-	{
-	int i,num=0,foundnl;
-	BIO_LINEBUFFER_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	BIO_clear_retry_flags(b);
-
-	do
-		{
-		const char *p;
-
-		for(p = in; p < in + inl && *p != '\n'; p++)
-			;
-		if (*p == '\n')
-			{
-			p++;
-			foundnl = 1;
-			}
-		else
-			foundnl = 0;
-
-		/* If a NL was found and we already have text in the save
-		   buffer, concatenate them and write */
-		while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
-			&& ctx->obuf_len > 0)
-			{
-			int orig_olen = ctx->obuf_len;
-			
-			i = ctx->obuf_size - ctx->obuf_len;
-			if (p - in > 0)
-				{
-				if (i >= p - in)
-					{
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-						in,p - in);
-					ctx->obuf_len += p - in;
-					inl -= p - in;
-					num += p - in;
-					in = p;
-					}
-				else
-					{
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-						in,i);
-					ctx->obuf_len += i;
-					inl -= i;
-					in += i;
-					num += i;
-					}
-				}
-
-#if 0
-BIO_write(b->next_bio, "<*<", 3);
-#endif
-			i=BIO_write(b->next_bio,
-				ctx->obuf, ctx->obuf_len);
-			if (i <= 0)
-				{
-				ctx->obuf_len = orig_olen;
-				BIO_copy_next_retry(b);
-
-#if 0
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-#if 0
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-			if (i < ctx->obuf_len)
-				memmove(ctx->obuf, ctx->obuf + i,
-					ctx->obuf_len - i);
-			ctx->obuf_len-=i;
-			}
-
-		/* Now that the save buffer is emptied, let's write the input
-		   buffer if a NL was found and there is anything to write. */
-		if ((foundnl || p - in > ctx->obuf_size) && p - in > 0)
-			{
-#if 0
-BIO_write(b->next_bio, "<*<", 3);
-#endif
-			i=BIO_write(b->next_bio,in,p - in);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-#if 0
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-#if 0
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-			num+=i;
-			in+=i;
-			inl-=i;
-			}
-		}
-	while(foundnl && inl > 0);
-	/* We've written as much as we can.  The rest of the input buffer, if
-	   any, is text that doesn't and with a NL and therefore needs to be
-	   saved for the next trip. */
-	if (inl > 0)
-		{
-		memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
-		ctx->obuf_len += inl;
-		num += inl;
-		}
-	return num;
-	}
-
-static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	BIO_LINEBUFFER_CTX *ctx;
-	long ret=1;
-	char *p;
-	int r;
-	int obs;
-
-	ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->obuf_len=0;
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_INFO:
-		ret=(long)ctx->obuf_len;
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=(long)ctx->obuf_len;
-		if (ret == 0)
-			{
-			if (b->next_bio == NULL) return(0);
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			}
-		break;
-	case BIO_C_SET_BUFF_SIZE:
-		obs=(int)num;
-		p=ctx->obuf;
-		if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size))
-			{
-			p=(char *)OPENSSL_malloc((int)num);
-			if (p == NULL)
-				goto malloc_error;
-			}
-		if (ctx->obuf != p)
-			{
-			if (ctx->obuf_len > obs)
-				{
-				ctx->obuf_len = obs;
-				}
-			memcpy(p, ctx->obuf, ctx->obuf_len);
-			OPENSSL_free(ctx->obuf);
-			ctx->obuf=p;
-			ctx->obuf_size=obs;
-			}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		if (b->next_bio == NULL) return(0);
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (b->next_bio == NULL) return(0);
-		if (ctx->obuf_len <= 0)
-			{
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			break;
-			}
-
-		for (;;)
-			{
-			BIO_clear_retry_flags(b);
-			if (ctx->obuf_len > 0)
-				{
-				r=BIO_write(b->next_bio,
-					ctx->obuf, ctx->obuf_len);
-#if 0
-fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r);
-#endif
-				BIO_copy_next_retry(b);
-				if (r <= 0) return((long)r);
-				if (r < ctx->obuf_len)
-					memmove(ctx->obuf, ctx->obuf + r,
-						ctx->obuf_len - r);
-				ctx->obuf_len-=r;
-				}
-			else
-				{
-				ctx->obuf_len=0;
-				ret=1;
-				break;
-				}
-			}
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		if (	!BIO_set_write_buffer_size(dbio,ctx->obuf_size))
-			ret=0;
-		break;
-	default:
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-malloc_error:
-	BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int linebuffer_gets(BIO *b, char *buf, int size)
-	{
-	if (b->next_bio == NULL) return(0);
-	return(BIO_gets(b->next_bio,buf,size));
-	}
-
-static int linebuffer_puts(BIO *b, const char *str)
-	{
-	return(linebuffer_write(b,str,strlen(str)));
-	}
-
diff --git a/crypto/openssl/crypto/bio/bf_nbio.c b/crypto/openssl/crypto/bio/bf_nbio.c
deleted file mode 100644
index 1ce2bfacc060..000000000000
--- a/crypto/openssl/crypto/bio/bf_nbio.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* crypto/bio/bf_nbio.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nbiof_write(BIO *h,const char *buf,int num);
-static int nbiof_read(BIO *h,char *buf,int size);
-static int nbiof_puts(BIO *h,const char *str);
-static int nbiof_gets(BIO *h,char *str,int size);
-static long nbiof_ctrl(BIO *h,int cmd,long arg1,void *arg2);
-static int nbiof_new(BIO *h);
-static int nbiof_free(BIO *data);
-static long nbiof_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-typedef struct nbio_test_st
-	{
-	/* only set if we sent a 'should retry' error */
-	int lrn;
-	int lwn;
-	} NBIO_TEST;
-
-static BIO_METHOD methods_nbiof=
-	{
-	BIO_TYPE_NBIO_TEST,
-	"non-blocking IO test filter",
-	nbiof_write,
-	nbiof_read,
-	nbiof_puts,
-	nbiof_gets,
-	nbiof_ctrl,
-	nbiof_new,
-	nbiof_free,
-	nbiof_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_nbio_test(void)
-	{
-	return(&methods_nbiof);
-	}
-
-static int nbiof_new(BIO *bi)
-	{
-	NBIO_TEST *nt;
-
-	if (!(nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) return(0);
-	nt->lrn= -1;
-	nt->lwn= -1;
-	bi->ptr=(char *)nt;
-	bi->init=1;
-	bi->flags=0;
-	return(1);
-	}
-
-static int nbiof_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	if (a->ptr != NULL)
-		OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int nbiof_read(BIO *b, char *out, int outl)
-	{
-	NBIO_TEST *nt;
-	int ret=0;
-#if 0
-	int num;
-	unsigned char n;
-#endif
-
-	if (out == NULL) return(0);
-	if (b->next_bio == NULL) return(0);
-	nt=(NBIO_TEST *)b->ptr;
-
-	BIO_clear_retry_flags(b);
-#if 0
-	RAND_pseudo_bytes(&n,1);
-	num=(n&0x07);
-
-	if (outl > num) outl=num;
-
-	if (num == 0)
-		{
-		ret= -1;
-		BIO_set_retry_read(b);
-		}
-	else
-#endif
-		{
-		ret=BIO_read(b->next_bio,out,outl);
-		if (ret < 0)
-			BIO_copy_next_retry(b);
-		}
-	return(ret);
-	}
-
-static int nbiof_write(BIO *b, const char *in, int inl)
-	{
-	NBIO_TEST *nt;
-	int ret=0;
-	int num;
-	unsigned char n;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	if (b->next_bio == NULL) return(0);
-	nt=(NBIO_TEST *)b->ptr;
-
-	BIO_clear_retry_flags(b);
-
-#if 1
-	if (nt->lwn > 0)
-		{
-		num=nt->lwn;
-		nt->lwn=0;
-		}
-	else
-		{
-		RAND_pseudo_bytes(&n,1);
-		num=(n&7);
-		}
-
-	if (inl > num) inl=num;
-
-	if (num == 0)
-		{
-		ret= -1;
-		BIO_set_retry_write(b);
-		}
-	else
-#endif
-		{
-		ret=BIO_write(b->next_bio,in,inl);
-		if (ret < 0)
-			{
-			BIO_copy_next_retry(b);
-			nt->lwn=inl;
-			}
-		}
-	return(ret);
-	}
-
-static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-        case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_DUP:
-		ret=0L;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int nbiof_gets(BIO *bp, char *buf, int size)
-	{
-	if (bp->next_bio == NULL) return(0);
-	return(BIO_gets(bp->next_bio,buf,size));
-	}
-
-
-static int nbiof_puts(BIO *bp, const char *str)
-	{
-	if (bp->next_bio == NULL) return(0);
-	return(BIO_puts(bp->next_bio,str));
-	}
-
-
diff --git a/crypto/openssl/crypto/bio/bf_null.c b/crypto/openssl/crypto/bio/bf_null.c
deleted file mode 100644
index c1bf39a904f4..000000000000
--- a/crypto/openssl/crypto/bio/bf_null.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/* crypto/bio/bf_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nullf_write(BIO *h, const char *buf, int num);
-static int nullf_read(BIO *h, char *buf, int size);
-static int nullf_puts(BIO *h, const char *str);
-static int nullf_gets(BIO *h, char *str, int size);
-static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nullf_new(BIO *h);
-static int nullf_free(BIO *data);
-static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static BIO_METHOD methods_nullf=
-	{
-	BIO_TYPE_NULL_FILTER,
-	"NULL filter",
-	nullf_write,
-	nullf_read,
-	nullf_puts,
-	nullf_gets,
-	nullf_ctrl,
-	nullf_new,
-	nullf_free,
-	nullf_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_null(void)
-	{
-	return(&methods_nullf);
-	}
-
-static int nullf_new(BIO *bi)
-	{
-	bi->init=1;
-	bi->ptr=NULL;
-	bi->flags=0;
-	return(1);
-	}
-
-static int nullf_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-/*	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;*/
-	return(1);
-	}
-	
-static int nullf_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
- 
-	if (out == NULL) return(0);
-	if (b->next_bio == NULL) return(0);
-	ret=BIO_read(b->next_bio,out,outl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int nullf_write(BIO *b, const char *in, int inl)
-	{
-	int ret=0;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	if (b->next_bio == NULL) return(0);
-	ret=BIO_write(b->next_bio,in,inl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret;
-
-	if (b->next_bio == NULL) return(0);
-	switch(cmd)
-		{
-        case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_DUP:
-		ret=0L;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		}
-	return(ret);
-	}
-
-static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int nullf_gets(BIO *bp, char *buf, int size)
-	{
-	if (bp->next_bio == NULL) return(0);
-	return(BIO_gets(bp->next_bio,buf,size));
-	}
-
-
-static int nullf_puts(BIO *bp, const char *str)
-	{
-	if (bp->next_bio == NULL) return(0);
-	return(BIO_puts(bp->next_bio,str));
-	}
-
-
diff --git a/crypto/openssl/crypto/bio/bio.h b/crypto/openssl/crypto/bio/bio.h
deleted file mode 100644
index fbbc16d00c52..000000000000
--- a/crypto/openssl/crypto/bio/bio.h
+++ /dev/null
@@ -1,694 +0,0 @@
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-#define HEADER_BIO_H
-
-#ifndef OPENSSL_NO_FP_API
-# include <stdio.h>
-#endif
-#include <stdarg.h>
-
-#include <openssl/crypto.h>
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-#define BIO_TYPE_NONE		0
-#define BIO_TYPE_MEM		(1|0x0400)
-#define BIO_TYPE_FILE		(2|0x0400)
-
-#define BIO_TYPE_FD		(4|0x0400|0x0100)
-#define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
-#define BIO_TYPE_NULL		(6|0x0400)
-#define BIO_TYPE_SSL		(7|0x0200)
-#define BIO_TYPE_MD		(8|0x0200)		/* passive filter */
-#define BIO_TYPE_BUFFER		(9|0x0200)		/* filter */
-#define BIO_TYPE_CIPHER		(10|0x0200)		/* filter */
-#define BIO_TYPE_BASE64		(11|0x0200)		/* filter */
-#define BIO_TYPE_CONNECT	(12|0x0400|0x0100)	/* socket - connect */
-#define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)	/* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT	(14|0x0200)		/* client proxy BIO */
-#define BIO_TYPE_PROXY_SERVER	(15|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NBIO_TEST	(16|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NULL_FILTER	(17|0x0200)
-#define BIO_TYPE_BER		(18|0x0200)		/* BER -> bin filter */
-#define BIO_TYPE_BIO		(19|0x0400)		/* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER	(20|0x0200)		/* filter */
-
-#define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
-#define BIO_TYPE_FILTER		0x0200
-#define BIO_TYPE_SOURCE_SINK	0x0400
-
-/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
-#define BIO_NOCLOSE		0x00
-#define BIO_CLOSE		0x01
-
-/* These are used in the following macros and are passed to
- * BIO_ctrl() */
-#define BIO_CTRL_RESET		1  /* opt - rewind/zero etc */
-#define BIO_CTRL_EOF		2  /* opt - are we at the eof */
-#define BIO_CTRL_INFO		3  /* opt - extra tit-bits */
-#define BIO_CTRL_SET		4  /* man - set the 'IO' type */
-#define BIO_CTRL_GET		5  /* man - get the 'IO' type */
-#define BIO_CTRL_PUSH		6  /* opt - internal, used to signify change */
-#define BIO_CTRL_POP		7  /* opt - internal, used to signify change */
-#define BIO_CTRL_GET_CLOSE	8  /* man - set the 'close' on free */
-#define BIO_CTRL_SET_CLOSE	9  /* man - set the 'close' on free */
-#define BIO_CTRL_PENDING	10  /* opt - is their more data buffered */
-#define BIO_CTRL_FLUSH		11  /* opt - 'flush' buffered output */
-#define BIO_CTRL_DUP		12  /* man - extra stuff for 'duped' BIO */
-#define BIO_CTRL_WPENDING	13  /* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-#define BIO_CTRL_SET_CALLBACK	14  /* opt - set callback function */
-#define BIO_CTRL_GET_CALLBACK	15  /* opt - set callback function */
-
-#define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
-
-/* modifiers */
-#define BIO_FP_READ		0x02
-#define BIO_FP_WRITE		0x04
-#define BIO_FP_APPEND		0x08
-#define BIO_FP_TEXT		0x10
-
-#define BIO_FLAGS_READ		0x01
-#define BIO_FLAGS_WRITE		0x02
-#define BIO_FLAGS_IO_SPECIAL	0x04
-#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-#define BIO_FLAGS_SHOULD_RETRY	0x08
-
-/* Used in BIO_gethostbyname() */
-#define BIO_GHBN_CTRL_HITS		1
-#define BIO_GHBN_CTRL_MISSES		2
-#define BIO_GHBN_CTRL_CACHE_SIZE	3
-#define BIO_GHBN_CTRL_GET_ENTRY		4
-#define BIO_GHBN_CTRL_FLUSH		5
-
-/* Mostly used in the SSL BIO */
-/* Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP	0x40
- */
-
-#define BIO_FLAGS_BASE64_NO_NL	0x100
-
-/* This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-#define BIO_FLAGS_MEM_RDONLY	0x200
-
-#define BIO_set_flags(b,f) ((b)->flags|=(f))
-#define BIO_get_flags(b) ((b)->flags)
-#define BIO_set_retry_special(b) \
-		((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_read(b) \
-		((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_write(b) \
-		((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
-#define BIO_clear_retry_flags(b) \
-		((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_get_retry_flags(b) \
-		((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
-#define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
-#define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
-
-/* The next three are used in conjunction with the
- * BIO_should_io_special() condition.  After this returns true,
- * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO 
- * stack and return the 'reason' for the special and the offending BIO.
- * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
-/* Returned from the SSL bio when the certificate retrieval code had an error */
-#define BIO_RR_SSL_X509_LOOKUP		0x01
-/* Returned from the connect BIO when a connect would have blocked */
-#define BIO_RR_CONNECT			0x02
-/* Returned from the accept BIO when an accept would have blocked */
-#define BIO_RR_ACCEPT			0x03
-
-/* These are passed by the BIO callback */
-#define BIO_CB_FREE	0x01
-#define BIO_CB_READ	0x02
-#define BIO_CB_WRITE	0x03
-#define BIO_CB_PUTS	0x04
-#define BIO_CB_GETS	0x05
-#define BIO_CB_CTRL	0x06
-
-/* The callback is called before and after the underling operation,
- * The BIO_CB_RETURN flag indicates if it is after the call */
-#define BIO_CB_RETURN	0x80
-#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-#define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
-#define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
-
-#define BIO_set_callback(b,cb)		((b)->callback=(cb))
-#define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
-#define BIO_get_callback_arg(b)		((b)->cb_arg)
-#define BIO_get_callback(b)		((b)->callback)
-#define BIO_method_name(b)		((b)->method->name)
-#define BIO_method_type(b)		((b)->method->type)
-
-typedef struct bio_st BIO;
-
-typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
-
-#ifndef OPENSSL_SYS_WIN16
-typedef struct bio_method_st
-	{
-	int type;
-	const char *name;
-	int (*bwrite)(BIO *, const char *, int);
-	int (*bread)(BIO *, char *, int);
-	int (*bputs)(BIO *, const char *);
-	int (*bgets)(BIO *, char *, int);
-	long (*ctrl)(BIO *, int, long, void *);
-	int (*create)(BIO *);
-	int (*destroy)(BIO *);
-        long (*callback_ctrl)(BIO *, int, bio_info_cb *);
-	} BIO_METHOD;
-#else
-typedef struct bio_method_st
-	{
-	int type;
-	const char *name;
-	int (_far *bwrite)();
-	int (_far *bread)();
-	int (_far *bputs)();
-	int (_far *bgets)();
-	long (_far *ctrl)();
-	int (_far *create)();
-	int (_far *destroy)();
-	long (_far *callback_ctrl)();
-	} BIO_METHOD;
-#endif
-
-struct bio_st
-	{
-	BIO_METHOD *method;
-	/* bio, mode, argp, argi, argl, ret */
-	long (*callback)(struct bio_st *,int,const char *,int, long,long);
-	char *cb_arg; /* first argument for the callback */
-
-	int init;
-	int shutdown;
-	int flags;	/* extra storage */
-	int retry_reason;
-	int num;
-	void *ptr;
-	struct bio_st *next_bio;	/* used by filter BIOs */
-	struct bio_st *prev_bio;	/* used by filter BIOs */
-	int references;
-	unsigned long num_read;
-	unsigned long num_write;
-
-	CRYPTO_EX_DATA ex_data;
-	};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct
-	{
-	/* BIO *bio; */ /* this is now in the BIO struct */
-	int ibuf_size;	/* how big is the input buffer */
-	int obuf_size;	/* how big is the output buffer */
-
-	char *ibuf;		/* the char array */
-	int ibuf_len;		/* how many bytes are in it */
-	int ibuf_off;		/* write/read offset */
-
-	char *obuf;		/* the char array */
-	int obuf_len;		/* how many bytes are in it */
-	int obuf_off;		/* write/read offset */
-	} BIO_F_BUFFER_CTX;
-
-/* connect BIO stuff */
-#define BIO_CONN_S_BEFORE		1
-#define BIO_CONN_S_GET_IP		2
-#define BIO_CONN_S_GET_PORT		3
-#define BIO_CONN_S_CREATE_SOCKET	4
-#define BIO_CONN_S_CONNECT		5
-#define BIO_CONN_S_OK			6
-#define BIO_CONN_S_BLOCKED_CONNECT	7
-#define BIO_CONN_S_NBIO			8
-/*#define BIO_CONN_get_param_hostname	BIO_ctrl */
-
-#define BIO_C_SET_CONNECT			100
-#define BIO_C_DO_STATE_MACHINE			101
-#define BIO_C_SET_NBIO				102
-#define BIO_C_SET_PROXY_PARAM			103
-#define BIO_C_SET_FD				104
-#define BIO_C_GET_FD				105
-#define BIO_C_SET_FILE_PTR			106
-#define BIO_C_GET_FILE_PTR			107
-#define BIO_C_SET_FILENAME			108
-#define BIO_C_SET_SSL				109
-#define BIO_C_GET_SSL				110
-#define BIO_C_SET_MD				111
-#define BIO_C_GET_MD				112
-#define BIO_C_GET_CIPHER_STATUS			113
-#define BIO_C_SET_BUF_MEM			114
-#define BIO_C_GET_BUF_MEM_PTR			115
-#define BIO_C_GET_BUFF_NUM_LINES		116
-#define BIO_C_SET_BUFF_SIZE			117
-#define BIO_C_SET_ACCEPT			118
-#define BIO_C_SSL_MODE				119
-#define BIO_C_GET_MD_CTX			120
-#define BIO_C_GET_PROXY_PARAM			121
-#define BIO_C_SET_BUFF_READ_DATA		122 /* data to read first */
-#define BIO_C_GET_CONNECT			123
-#define BIO_C_GET_ACCEPT			124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES		125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES		126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT	127
-#define BIO_C_FILE_SEEK				128
-#define BIO_C_GET_CIPHER_CTX			129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN		130/*return end of input value*/
-#define BIO_C_SET_BIND_MODE			131
-#define BIO_C_GET_BIND_MODE			132
-#define BIO_C_FILE_TELL				133
-#define BIO_C_GET_SOCKS				134
-#define BIO_C_SET_SOCKS				135
-
-#define BIO_C_SET_WRITE_BUF_SIZE		136/* for BIO_s_bio */
-#define BIO_C_GET_WRITE_BUF_SIZE		137
-#define BIO_C_MAKE_BIO_PAIR			138
-#define BIO_C_DESTROY_BIO_PAIR			139
-#define BIO_C_GET_WRITE_GUARANTEE		140
-#define BIO_C_GET_READ_REQUEST			141
-#define BIO_C_SHUTDOWN_WR			142
-#define BIO_C_NREAD0				143
-#define BIO_C_NREAD				144
-#define BIO_C_NWRITE0				145
-#define BIO_C_NWRITE				146
-#define BIO_C_RESET_READ_REQUEST		147
-
-
-#define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,arg)
-#define BIO_get_app_data(s)		BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-#define BIO_set_conn_ip(b,ip)	  BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-#define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-#define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-#define BIO_get_conn_ip(b) 		 BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3)
-
-
-#define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-#define BIO_get_accept_port(b)	BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
-#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-#define BIO_BIND_NORMAL			0
-#define BIO_BIND_REUSEADDR_IF_UNUSED	1
-#define BIO_BIND_REUSEADDR		2
-#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-#define BIO_do_connect(b)	BIO_do_handshake(b)
-#define BIO_do_accept(b)	BIO_do_handshake(b)
-#define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-#define BIO_set_url(b,url)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-#define BIO_set_proxies(b,p)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-#define BIO_get_url(b,url)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-#define BIO_get_no_connect_return(b)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-#define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-#define BIO_get_fd(b,c)		BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-#define BIO_set_fp(b,fp,c)	BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-#define BIO_get_fp(b,fpp)	BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-#define BIO_seek(b,ofs)	(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-#define BIO_tell(b)	(int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/* name is cast to lose const, but might be better to route through a function
-   so we can do it safely */
-#ifdef CONST_STRICT
-/* If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b,const char *name);
-#else
-#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ,(char *)name)
-#endif
-#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_WRITE,name)
-#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_APPEND,name)
-#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/* WARNING WARNING, this ups the reference count on the read bio of the
- * SSL structure.  This is because the ssl read BIO is now pointed to by
- * the next_bio field in the bio.  So when you free the BIO, make sure
- * you are doing a BIO_free_all() to catch the underlying BIO. */
-#define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-#define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-#define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-#define BIO_set_ssl_renegotiate_bytes(b,num) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-#define BIO_get_num_renegotiates(b) \
-	BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md)	BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-#define BIO_get_mem_data(b,pp)	BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-#define BIO_set_mem_buf(b,bm,c)	BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-#define BIO_get_mem_ptr(b,pp)	BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-#define BIO_set_mem_eof_return(b,v) \
-				BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-#define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-#define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-#define BIO_reset(b)		(int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-#define BIO_eof(b)		(int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-#define BIO_set_close(b,c)	(int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-#define BIO_get_close(b)	(int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-#define BIO_pending(b)		(int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-#define BIO_wpending(b)		(int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-#define BIO_flush(b)		(int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
-						   cbp)
-#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-#define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-#define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio,int idx,void *data);
-void *BIO_get_ex_data(BIO *bio,int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-# ifndef OPENSSL_NO_FP_API
-#  if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
-BIO_METHOD *BIO_s_file_internal(void);
-BIO *BIO_new_file_internal(char *filename, char *mode);
-BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
-#    define BIO_s_file	BIO_s_file_internal
-#    define BIO_new_file	BIO_new_file_internal
-#    define BIO_new_fp	BIO_new_fp_internal
-#  else /* FP_API */
-BIO_METHOD *BIO_s_file(void );
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-#    define BIO_s_file_internal		BIO_s_file
-#    define BIO_new_file_internal	BIO_new_file
-#    define BIO_new_fp_internal		BIO_s_file
-#  endif /* FP_API */
-# endif
-BIO *	BIO_new(BIO_METHOD *type);
-int	BIO_set(BIO *a,BIO_METHOD *type);
-int	BIO_free(BIO *a);
-void	BIO_vfree(BIO *a);
-int	BIO_read(BIO *b, void *data, int len);
-int	BIO_gets(BIO *bp,char *buf, int size);
-int	BIO_write(BIO *b, const void *data, int len);
-int	BIO_puts(BIO *bp,const char *buf);
-int	BIO_indent(BIO *b,int indent,int max);
-long	BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
-char *	BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
-long	BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-BIO *	BIO_push(BIO *b,BIO *append);
-BIO *	BIO_pop(BIO *b);
-void	BIO_free_all(BIO *a);
-BIO *	BIO_find_type(BIO *b,int bio_type);
-BIO *	BIO_next(BIO *b);
-BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
-int	BIO_get_retry_reason(BIO *bio);
-BIO *	BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-#ifndef OPENSSL_SYS_WIN16
-long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
-	long argl,long ret);
-#else
-long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
-	long argl,long ret);
-#endif
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-#ifndef OPENSSL_SYS_OS2
-BIO_METHOD *BIO_s_log(void);
-#endif
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-#ifdef OPENSSL_SYS_VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-#endif
-BIO_METHOD *BIO_f_nbio_test(void);
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump(BIO *b,const char *bytes,int len);
-int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
-
-struct hostent *BIO_gethostbyname(const char *name);
-/* We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- *     struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd,int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port,int mode);
-int BIO_accept(int sock,char **ip_port);
-int BIO_sock_init(void );
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock,int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
-	BIO **bio2, size_t writebuf2);
-/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
- * Size 0 uses default value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
-
-int BIO_printf(BIO *bio, const char *format, ...);
-int BIO_vprintf(BIO *bio, const char *format, va_list args);
-int BIO_snprintf(char *buf, size_t n, const char *format, ...);
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-#define BIO_F_ACPT_STATE				 100
-#define BIO_F_BIO_ACCEPT				 101
-#define BIO_F_BIO_BER_GET_HEADER			 102
-#define BIO_F_BIO_CTRL					 103
-#define BIO_F_BIO_GETHOSTBYNAME				 120
-#define BIO_F_BIO_GETS					 104
-#define BIO_F_BIO_GET_ACCEPT_SOCKET			 105
-#define BIO_F_BIO_GET_HOST_IP				 106
-#define BIO_F_BIO_GET_PORT				 107
-#define BIO_F_BIO_MAKE_PAIR				 121
-#define BIO_F_BIO_NEW					 108
-#define BIO_F_BIO_NEW_FILE				 109
-#define BIO_F_BIO_NEW_MEM_BUF				 126
-#define BIO_F_BIO_NREAD					 123
-#define BIO_F_BIO_NREAD0				 124
-#define BIO_F_BIO_NWRITE				 125
-#define BIO_F_BIO_NWRITE0				 122
-#define BIO_F_BIO_PUTS					 110
-#define BIO_F_BIO_READ					 111
-#define BIO_F_BIO_SOCK_INIT				 112
-#define BIO_F_BIO_WRITE					 113
-#define BIO_F_BUFFER_CTRL				 114
-#define BIO_F_CONN_CTRL					 127
-#define BIO_F_CONN_STATE				 115
-#define BIO_F_FILE_CTRL					 116
-#define BIO_F_FILE_READ					 130
-#define BIO_F_LINEBUFFER_CTRL				 129
-#define BIO_F_MEM_READ					 128
-#define BIO_F_MEM_WRITE					 117
-#define BIO_F_SSL_NEW					 118
-#define BIO_F_WSASTARTUP				 119
-
-/* Reason codes. */
-#define BIO_R_ACCEPT_ERROR				 100
-#define BIO_R_BAD_FOPEN_MODE				 101
-#define BIO_R_BAD_HOSTNAME_LOOKUP			 102
-#define BIO_R_BROKEN_PIPE				 124
-#define BIO_R_CONNECT_ERROR				 103
-#define BIO_R_EOF_ON_MEMORY_BIO				 127
-#define BIO_R_ERROR_SETTING_NBIO			 104
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET	 105
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
-#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
-#define BIO_R_INVALID_ARGUMENT				 125
-#define BIO_R_INVALID_IP_ADDRESS			 108
-#define BIO_R_IN_USE					 123
-#define BIO_R_KEEPALIVE					 109
-#define BIO_R_NBIO_CONNECT_ERROR			 110
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 111
-#define BIO_R_NO_HOSTNAME_SPECIFIED			 112
-#define BIO_R_NO_PORT_DEFINED				 113
-#define BIO_R_NO_PORT_SPECIFIED				 114
-#define BIO_R_NO_SUCH_FILE				 128
-#define BIO_R_NULL_PARAMETER				 115
-#define BIO_R_TAG_MISMATCH				 116
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 117
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 118
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 119
-#define BIO_R_UNINITIALIZED				 120
-#define BIO_R_UNSUPPORTED_METHOD			 121
-#define BIO_R_WRITE_TO_READ_ONLY_BIO			 126
-#define BIO_R_WSASTARTUP				 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/bio/bio_cb.c b/crypto/openssl/crypto/bio/bio_cb.c
deleted file mode 100644
index 0ffa4d21367f..000000000000
--- a/crypto/openssl/crypto/bio/bio_cb.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/bio/bio_cb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
-	     int argi, long argl, long ret)
-	{
-	BIO *b;
-	MS_STATIC char buf[256];
-	char *p;
-	long r=1;
-
-	if (BIO_CB_RETURN & cmd)
-		r=ret;
-
-	sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
-	p= &(buf[14]);
-	switch (cmd)
-		{
-	case BIO_CB_FREE:
-		sprintf(p,"Free - %s\n",bio->method->name);
-		break;
-	case BIO_CB_READ:
-		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
-		else
-			sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
-		break;
-	case BIO_CB_WRITE:
-		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
-		else
-			sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
-		break;
-	case BIO_CB_PUTS:
-		sprintf(p,"puts() - %s\n",bio->method->name);
-		break;
-	case BIO_CB_GETS:
-		sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
-		break;
-	case BIO_CB_CTRL:
-		sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
-		break;
-	case BIO_CB_RETURN|BIO_CB_READ:
-		sprintf(p,"read return %ld\n",ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_WRITE:
-		sprintf(p,"write return %ld\n",ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_GETS:
-		sprintf(p,"gets return %ld\n",ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_PUTS:
-		sprintf(p,"puts return %ld\n",ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_CTRL:
-		sprintf(p,"ctrl return %ld\n",ret);
-		break;
-	default:
-		sprintf(p,"bio callback - unknown type (%d)\n",cmd);
-		break;
-		}
-
-	b=(BIO *)bio->cb_arg;
-	if (b != NULL)
-		BIO_write(b,buf,strlen(buf));
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-	else
-		fputs(buf,stderr);
-#endif
-	return(r);
-	}
diff --git a/crypto/openssl/crypto/bio/bio_err.c b/crypto/openssl/crypto/bio/bio_err.c
deleted file mode 100644
index 68a119d895e8..000000000000
--- a/crypto/openssl/crypto/bio/bio_err.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/bio/bio_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA BIO_str_functs[]=
-	{
-{ERR_PACK(0,BIO_F_ACPT_STATE,0),	"ACPT_STATE"},
-{ERR_PACK(0,BIO_F_BIO_ACCEPT,0),	"BIO_accept"},
-{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0),	"BIO_BER_GET_HEADER"},
-{ERR_PACK(0,BIO_F_BIO_CTRL,0),	"BIO_ctrl"},
-{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0),	"BIO_gethostbyname"},
-{ERR_PACK(0,BIO_F_BIO_GETS,0),	"BIO_gets"},
-{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0),	"BIO_get_accept_socket"},
-{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0),	"BIO_get_host_ip"},
-{ERR_PACK(0,BIO_F_BIO_GET_PORT,0),	"BIO_get_port"},
-{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0),	"BIO_MAKE_PAIR"},
-{ERR_PACK(0,BIO_F_BIO_NEW,0),	"BIO_new"},
-{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0),	"BIO_new_file"},
-{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0),	"BIO_new_mem_buf"},
-{ERR_PACK(0,BIO_F_BIO_NREAD,0),	"BIO_nread"},
-{ERR_PACK(0,BIO_F_BIO_NREAD0,0),	"BIO_nread0"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE,0),	"BIO_nwrite"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE0,0),	"BIO_nwrite0"},
-{ERR_PACK(0,BIO_F_BIO_PUTS,0),	"BIO_puts"},
-{ERR_PACK(0,BIO_F_BIO_READ,0),	"BIO_read"},
-{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0),	"BIO_sock_init"},
-{ERR_PACK(0,BIO_F_BIO_WRITE,0),	"BIO_write"},
-{ERR_PACK(0,BIO_F_BUFFER_CTRL,0),	"BUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_CTRL,0),	"CONN_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
-{ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
-{ERR_PACK(0,BIO_F_FILE_READ,0),	"FILE_READ"},
-{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0),	"LINEBUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_MEM_READ,0),	"MEM_READ"},
-{ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
-{ERR_PACK(0,BIO_F_SSL_NEW,0),	"SSL_new"},
-{ERR_PACK(0,BIO_F_WSASTARTUP,0),	"WSASTARTUP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA BIO_str_reasons[]=
-	{
-{BIO_R_ACCEPT_ERROR                      ,"accept error"},
-{BIO_R_BAD_FOPEN_MODE                    ,"bad fopen mode"},
-{BIO_R_BAD_HOSTNAME_LOOKUP               ,"bad hostname lookup"},
-{BIO_R_BROKEN_PIPE                       ,"broken pipe"},
-{BIO_R_CONNECT_ERROR                     ,"connect error"},
-{BIO_R_EOF_ON_MEMORY_BIO                 ,"EOF on memory BIO"},
-{BIO_R_ERROR_SETTING_NBIO                ,"error setting nbio"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
-{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
-{BIO_R_INVALID_ARGUMENT                  ,"invalid argument"},
-{BIO_R_INVALID_IP_ADDRESS                ,"invalid ip address"},
-{BIO_R_IN_USE                            ,"in use"},
-{BIO_R_KEEPALIVE                         ,"keepalive"},
-{BIO_R_NBIO_CONNECT_ERROR                ,"nbio connect error"},
-{BIO_R_NO_ACCEPT_PORT_SPECIFIED          ,"no accept port specified"},
-{BIO_R_NO_HOSTNAME_SPECIFIED             ,"no hostname specified"},
-{BIO_R_NO_PORT_DEFINED                   ,"no port defined"},
-{BIO_R_NO_PORT_SPECIFIED                 ,"no port specified"},
-{BIO_R_NO_SUCH_FILE                      ,"no such file"},
-{BIO_R_NULL_PARAMETER                    ,"null parameter"},
-{BIO_R_TAG_MISMATCH                      ,"tag mismatch"},
-{BIO_R_UNABLE_TO_BIND_SOCKET             ,"unable to bind socket"},
-{BIO_R_UNABLE_TO_CREATE_SOCKET           ,"unable to create socket"},
-{BIO_R_UNABLE_TO_LISTEN_SOCKET           ,"unable to listen socket"},
-{BIO_R_UNINITIALIZED                     ,"uninitialized"},
-{BIO_R_UNSUPPORTED_METHOD                ,"unsupported method"},
-{BIO_R_WRITE_TO_READ_ONLY_BIO            ,"write to read only BIO"},
-{BIO_R_WSASTARTUP                        ,"WSAStartup"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_BIO_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
-		ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/bio/bio_lib.c b/crypto/openssl/crypto/bio/bio_lib.c
deleted file mode 100644
index 692c8fb5c653..000000000000
--- a/crypto/openssl/crypto/bio/bio_lib.c
+++ /dev/null
@@ -1,556 +0,0 @@
-/* crypto/bio/bio_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/stack.h>
-
-BIO *BIO_new(BIO_METHOD *method)
-	{
-	BIO *ret=NULL;
-
-	ret=(BIO *)OPENSSL_malloc(sizeof(BIO));
-	if (ret == NULL)
-		{
-		BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	if (!BIO_set(ret,method))
-		{
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
-
-int BIO_set(BIO *bio, BIO_METHOD *method)
-	{
-	bio->method=method;
-	bio->callback=NULL;
-	bio->cb_arg=NULL;
-	bio->init=0;
-	bio->shutdown=1;
-	bio->flags=0;
-	bio->retry_reason=0;
-	bio->num=0;
-	bio->ptr=NULL;
-	bio->prev_bio=NULL;
-	bio->next_bio=NULL;
-	bio->references=1;
-	bio->num_read=0L;
-	bio->num_write=0L;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
-	if (method->create != NULL)
-		if (!method->create(bio))
-			{
-			CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio,
-					&bio->ex_data);
-			return(0);
-			}
-	return(1);
-	}
-
-int BIO_free(BIO *a)
-	{
-	int ret=0,i;
-
-	if (a == NULL) return(0);
-
-	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
-#ifdef REF_PRINT
-	REF_PRINT("BIO",a);
-#endif
-	if (i > 0) return(1);
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"BIO_free, bad reference count\n");
-		abort();
-		}
-#endif
-	if ((a->callback != NULL) &&
-		((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
-			return(i);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
-
-	if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
-	ret=a->method->destroy(a);
-	OPENSSL_free(a);
-	return(1);
-	}
-
-void BIO_vfree(BIO *a)
-    { BIO_free(a); }
-
-int BIO_read(BIO *b, void *out, int outl)
-	{
-	int i;
-	long (*cb)();
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
-		{
-		BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	cb=b->callback;
-	if ((cb != NULL) &&
-		((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
-			return(i);
-
-	if (!b->init)
-		{
-		BIOerr(BIO_F_BIO_READ,BIO_R_UNINITIALIZED);
-		return(-2);
-		}
-
-	i=b->method->bread(b,out,outl);
-
-	if (i > 0) b->num_read+=(unsigned long)i;
-
-	if (cb != NULL)
-		i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
-			0L,(long)i);
-	return(i);
-	}
-
-int BIO_write(BIO *b, const void *in, int inl)
-	{
-	int i;
-	long (*cb)();
-
-	if (b == NULL)
-		return(0);
-
-	cb=b->callback;
-	if ((b->method == NULL) || (b->method->bwrite == NULL))
-		{
-		BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	if ((cb != NULL) &&
-		((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
-			return(i);
-
-	if (!b->init)
-		{
-		BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITIALIZED);
-		return(-2);
-		}
-
-	i=b->method->bwrite(b,in,inl);
-
-	if (i > 0) b->num_write+=(unsigned long)i;
-
-	if (cb != NULL)
-		i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
-			0L,(long)i);
-	return(i);
-	}
-
-int BIO_puts(BIO *b, const char *in)
-	{
-	int i;
-	long (*cb)();
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
-		{
-		BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	cb=b->callback;
-
-	if ((cb != NULL) &&
-		((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
-			return(i);
-
-	if (!b->init)
-		{
-		BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITIALIZED);
-		return(-2);
-		}
-
-	i=b->method->bputs(b,in);
-
-	if (i > 0) b->num_write+=(unsigned long)i;
-
-	if (cb != NULL)
-		i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
-			0L,(long)i);
-	return(i);
-	}
-
-int BIO_gets(BIO *b, char *in, int inl)
-	{
-	int i;
-	long (*cb)();
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
-		{
-		BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	cb=b->callback;
-
-	if ((cb != NULL) &&
-		((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
-			return(i);
-
-	if (!b->init)
-		{
-		BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITIALIZED);
-		return(-2);
-		}
-
-	i=b->method->bgets(b,in,inl);
-
-	if (cb != NULL)
-		i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
-			0L,(long)i);
-	return(i);
-	}
-
-int BIO_indent(BIO *b,int indent,int max)
-	{
-	if(indent < 0)
-		indent=0;
-	if(indent > max)
-		indent=max;
-	while(indent--)
-		if(BIO_puts(b," ") != 1)
-			return 0;
-	return 1;
-	}
-
-long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
-	{
-	int i;
-
-	i=iarg;
-	return(BIO_ctrl(b,cmd,larg,(char *)&i));
-	}
-
-char *BIO_ptr_ctrl(BIO *b, int cmd, long larg)
-	{
-	char *p=NULL;
-
-	if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0)
-		return(NULL);
-	else
-		return(p);
-	}
-
-long BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
-	{
-	long ret;
-	long (*cb)();
-
-	if (b == NULL) return(0);
-
-	if ((b->method == NULL) || (b->method->ctrl == NULL))
-		{
-		BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	cb=b->callback;
-
-	if ((cb != NULL) &&
-		((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
-		return(ret);
-
-	ret=b->method->ctrl(b,cmd,larg,parg);
-
-	if (cb != NULL)
-		ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
-			larg,ret);
-	return(ret);
-	}
-
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long))
-	{
-	long ret;
-	long (*cb)();
-
-	if (b == NULL) return(0);
-
-	if ((b->method == NULL) || (b->method->callback_ctrl == NULL))
-		{
-		BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
-		return(-2);
-		}
-
-	cb=b->callback;
-
-	if ((cb != NULL) &&
-		((ret=cb(b,BIO_CB_CTRL,(void *)&fp,cmd,0,1L)) <= 0))
-		return(ret);
-
-	ret=b->method->callback_ctrl(b,cmd,fp);
-
-	if (cb != NULL)
-		ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,(void *)&fp,cmd,
-			0,ret);
-	return(ret);
-	}
-
-/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros
- * do; but those macros have inappropriate return type, and for interfacing
- * from other programming languages, C macros aren't much of a help anyway. */
-size_t BIO_ctrl_pending(BIO *bio)
-	{
-	return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
-	}
-
-size_t BIO_ctrl_wpending(BIO *bio)
-	{
-	return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
-	}
-
-
-/* put the 'bio' on the end of b's list of operators */
-BIO *BIO_push(BIO *b, BIO *bio)
-	{
-	BIO *lb;
-
-	if (b == NULL) return(bio);
-	lb=b;
-	while (lb->next_bio != NULL)
-		lb=lb->next_bio;
-	lb->next_bio=bio;
-	if (bio != NULL)
-		bio->prev_bio=lb;
-	/* called to do internal processing */
-	BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
-	return(b);
-	}
-
-/* Remove the first and return the rest */
-BIO *BIO_pop(BIO *b)
-	{
-	BIO *ret;
-
-	if (b == NULL) return(NULL);
-	ret=b->next_bio;
-
-	BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
-
-	if (b->prev_bio != NULL)
-		b->prev_bio->next_bio=b->next_bio;
-	if (b->next_bio != NULL)
-		b->next_bio->prev_bio=b->prev_bio;
-
-	b->next_bio=NULL;
-	b->prev_bio=NULL;
-	return(ret);
-	}
-
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason)
-	{
-	BIO *b,*last;
-
-	b=last=bio;
-	for (;;)
-		{
-		if (!BIO_should_retry(b)) break;
-		last=b;
-		b=b->next_bio;
-		if (b == NULL) break;
-		}
-	if (reason != NULL) *reason=last->retry_reason;
-	return(last);
-	}
-
-int BIO_get_retry_reason(BIO *bio)
-	{
-	return(bio->retry_reason);
-	}
-
-BIO *BIO_find_type(BIO *bio, int type)
-	{
-	int mt,mask;
-
-	if(!bio) return NULL;
-	mask=type&0xff;
-	do	{
-		if (bio->method != NULL)
-			{
-			mt=bio->method->type;
-
-			if (!mask)
-				{
-				if (mt & type) return(bio);
-				}
-			else if (mt == type)
-				return(bio);
-			}
-		bio=bio->next_bio;
-		} while (bio != NULL);
-	return(NULL);
-	}
-
-BIO *BIO_next(BIO *b)
-	{
-	if(!b) return NULL;
-	return b->next_bio;
-	}
-
-void BIO_free_all(BIO *bio)
-	{
-	BIO *b;
-	int ref;
-
-	while (bio != NULL)
-		{
-		b=bio;
-		ref=b->references;
-		bio=bio->next_bio;
-		BIO_free(b);
-		/* Since ref count > 1, don't free anyone else. */
-		if (ref > 1) break;
-		}
-	}
-
-BIO *BIO_dup_chain(BIO *in)
-	{
-	BIO *ret=NULL,*eoc=NULL,*bio,*new;
-
-	for (bio=in; bio != NULL; bio=bio->next_bio)
-		{
-		if ((new=BIO_new(bio->method)) == NULL) goto err;
-		new->callback=bio->callback;
-		new->cb_arg=bio->cb_arg;
-		new->init=bio->init;
-		new->shutdown=bio->shutdown;
-		new->flags=bio->flags;
-
-		/* This will let SSL_s_sock() work with stdin/stdout */
-		new->num=bio->num;
-
-		if (!BIO_dup_state(bio,(char *)new))
-			{
-			BIO_free(new);
-			goto err;
-			}
-
-		/* copy app data */
-		if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new->ex_data,
-					&bio->ex_data))
-			goto err;
-
-		if (ret == NULL)
-			{
-			eoc=new;
-			ret=eoc;
-			}
-		else
-			{
-			BIO_push(eoc,new);
-			eoc=new;
-			}
-		}
-	return(ret);
-err:
-	if (ret != NULL)
-		BIO_free(ret);
-	return(NULL);	
-	}
-
-void BIO_copy_next_retry(BIO *b)
-	{
-	BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
-	b->retry_reason=b->next_bio->retry_reason;
-	}
-
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp,
-				new_func, dup_func, free_func);
-	}
-
-int BIO_set_ex_data(BIO *bio, int idx, void *data)
-	{
-	return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data));
-	}
-
-void *BIO_get_ex_data(BIO *bio, int idx)
-	{
-	return(CRYPTO_get_ex_data(&(bio->ex_data),idx));
-	}
-
-unsigned long BIO_number_read(BIO *bio)
-{
-	if(bio) return bio->num_read;
-	return 0;
-}
-
-unsigned long BIO_number_written(BIO *bio)
-{
-	if(bio) return bio->num_write;
-	return 0;
-}
-
-IMPLEMENT_STACK_OF(BIO)
diff --git a/crypto/openssl/crypto/bio/bss_acpt.c b/crypto/openssl/crypto/bio/bss_acpt.c
deleted file mode 100644
index 8ea1db158b8b..000000000000
--- a/crypto/openssl/crypto/bio/bss_acpt.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* crypto/bio/bss_acpt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SOCK
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-typedef struct bio_accept_st
-	{
-	int state;
-	char *param_addr;
-
-	int accept_sock;
-	int accept_nbio;
-
-	char *addr;
-	int nbio;
-	/* If 0, it means normal, if 1, do a connect on bind failure,
-	 * and if there is no-one listening, bind with SO_REUSEADDR.
-	 * If 2, always use SO_REUSEADDR. */
-	int bind_mode;
-	BIO *bio_chain;
-	} BIO_ACCEPT;
-
-static int acpt_write(BIO *h, const char *buf, int num);
-static int acpt_read(BIO *h, char *buf, int size);
-static int acpt_puts(BIO *h, const char *str);
-static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int acpt_new(BIO *h);
-static int acpt_free(BIO *data);
-static int acpt_state(BIO *b, BIO_ACCEPT *c);
-static void acpt_close_socket(BIO *data);
-BIO_ACCEPT *BIO_ACCEPT_new(void );
-void BIO_ACCEPT_free(BIO_ACCEPT *a);
-
-#define ACPT_S_BEFORE			1
-#define ACPT_S_GET_ACCEPT_SOCKET	2
-#define ACPT_S_OK			3
-
-static BIO_METHOD methods_acceptp=
-	{
-	BIO_TYPE_ACCEPT,
-	"socket accept",
-	acpt_write,
-	acpt_read,
-	acpt_puts,
-	NULL, /* connect_gets, */
-	acpt_ctrl,
-	acpt_new,
-	acpt_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_accept(void)
-	{
-	return(&methods_acceptp);
-	}
-
-static int acpt_new(BIO *bi)
-	{
-	BIO_ACCEPT *ba;
-
-	bi->init=0;
-	bi->num=INVALID_SOCKET;
-	bi->flags=0;
-	if ((ba=BIO_ACCEPT_new()) == NULL)
-		return(0);
-	bi->ptr=(char *)ba;
-	ba->state=ACPT_S_BEFORE;
-	bi->shutdown=1;
-	return(1);
-	}
-
-BIO_ACCEPT *BIO_ACCEPT_new(void)
-	{
-	BIO_ACCEPT *ret;
-
-	if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
-		return(NULL);
-
-	memset(ret,0,sizeof(BIO_ACCEPT));
-	ret->accept_sock=INVALID_SOCKET;
-	ret->bind_mode=BIO_BIND_NORMAL;
-	return(ret);
-	}
-
-void BIO_ACCEPT_free(BIO_ACCEPT *a)
-	{
-	if(a == NULL)
-	    return;
-
-	if (a->param_addr != NULL) OPENSSL_free(a->param_addr);
-	if (a->addr != NULL) OPENSSL_free(a->addr);
-	if (a->bio_chain != NULL) BIO_free(a->bio_chain);
-	OPENSSL_free(a);
-	}
-
-static void acpt_close_socket(BIO *bio)
-	{
-	BIO_ACCEPT *c;
-
-	c=(BIO_ACCEPT *)bio->ptr;
-	if (c->accept_sock != INVALID_SOCKET)
-		{
-		shutdown(c->accept_sock,2);
-		closesocket(c->accept_sock);
-		c->accept_sock=INVALID_SOCKET;
-		bio->num=INVALID_SOCKET;
-		}
-	}
-
-static int acpt_free(BIO *a)
-	{
-	BIO_ACCEPT *data;
-
-	if (a == NULL) return(0);
-	data=(BIO_ACCEPT *)a->ptr;
-	 
-	if (a->shutdown)
-		{
-		acpt_close_socket(a);
-		BIO_ACCEPT_free(data);
-		a->ptr=NULL;
-		a->flags=0;
-		a->init=0;
-		}
-	return(1);
-	}
-	
-static int acpt_state(BIO *b, BIO_ACCEPT *c)
-	{
-	BIO *bio=NULL,*dbio;
-	int s= -1;
-	int i;
-
-again:
-	switch (c->state)
-		{
-	case ACPT_S_BEFORE:
-		if (c->param_addr == NULL)
-			{
-			BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
-			return(-1);
-			}
-		s=BIO_get_accept_socket(c->param_addr,c->bind_mode);
-		if (s == INVALID_SOCKET)
-			return(-1);
-
-		if (c->accept_nbio)
-			{
-			if (!BIO_socket_nbio(s,1))
-				{
-				closesocket(s);
-				BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
-				return(-1);
-				}
-			}
-		c->accept_sock=s;
-		b->num=s;
-		c->state=ACPT_S_GET_ACCEPT_SOCKET;
-		return(1);
-		/* break; */
-	case ACPT_S_GET_ACCEPT_SOCKET:
-		if (b->next_bio != NULL)
-			{
-			c->state=ACPT_S_OK;
-			goto again;
-			}
-		BIO_clear_retry_flags(b);
-		b->retry_reason=0;
-		i=BIO_accept(c->accept_sock,&(c->addr));
-
-		/* -2 return means we should retry */
-		if(i == -2)
-			{
-			BIO_set_retry_special(b);
-			b->retry_reason=BIO_RR_ACCEPT;
-			return -1;
-			}
-
-		if (i < 0) return(i);
-
-		bio=BIO_new_socket(i,BIO_CLOSE);
-		if (bio == NULL) goto err;
-
-		BIO_set_callback(bio,BIO_get_callback(b));
-		BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
-
-		if (c->nbio)
-			{
-			if (!BIO_socket_nbio(i,1))
-				{
-				BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
-				goto err;
-				}
-			}
-
-		/* If the accept BIO has an bio_chain, we dup it and
-		 * put the new socket at the end. */
-		if (c->bio_chain != NULL)
-			{
-			if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
-				goto err;
-			if (!BIO_push(dbio,bio)) goto err;
-			bio=dbio;
-			}
-		if (BIO_push(b,bio) == NULL) goto err;
-
-		c->state=ACPT_S_OK;
-		return(1);
-err:
-		if (bio != NULL)
-			BIO_free(bio);
-		else if (s >= 0)
-			closesocket(s);
-		return(0);
-		/* break; */
-	case ACPT_S_OK:
-		if (b->next_bio == NULL)
-			{
-			c->state=ACPT_S_GET_ACCEPT_SOCKET;
-			goto again;
-			}
-		return(1);
-		/* break; */
-	default:	
-		return(0);
-		/* break; */
-		}
-
-	}
-
-static int acpt_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
-	BIO_ACCEPT *data;
-
-	BIO_clear_retry_flags(b);
-	data=(BIO_ACCEPT *)b->ptr;
-
-	while (b->next_bio == NULL)
-		{
-		ret=acpt_state(b,data);
-		if (ret <= 0) return(ret);
-		}
-
-	ret=BIO_read(b->next_bio,out,outl);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int acpt_write(BIO *b, const char *in, int inl)
-	{
-	int ret;
-	BIO_ACCEPT *data;
-
-	BIO_clear_retry_flags(b);
-	data=(BIO_ACCEPT *)b->ptr;
-
-	while (b->next_bio == NULL)
-		{
-		ret=acpt_state(b,data);
-		if (ret <= 0) return(ret);
-		}
-
-	ret=BIO_write(b->next_bio,in,inl);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	int *ip;
-	long ret=1;
-	BIO_ACCEPT *data;
-	char **pp;
-
-	data=(BIO_ACCEPT *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ret=0;
-		data->state=ACPT_S_BEFORE;
-		acpt_close_socket(b);
-		b->flags=0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		/* use this one to start the connection */
-		ret=(long)acpt_state(b,data);
-		break;
-	case BIO_C_SET_ACCEPT:
-		if (ptr != NULL)
-			{
-			if (num == 0)
-				{
-				b->init=1;
-				if (data->param_addr != NULL)
-					OPENSSL_free(data->param_addr);
-				data->param_addr=BUF_strdup(ptr);
-				}
-			else if (num == 1)
-				{
-				data->accept_nbio=(ptr != NULL);
-				}
-			else if (num == 2)
-				{
-				if (data->bio_chain != NULL)
-					BIO_free(data->bio_chain);
-				data->bio_chain=(BIO *)ptr;
-				}
-			}
-		break;
-	case BIO_C_SET_NBIO:
-		data->nbio=(int)num;
-		break;
-	case BIO_C_SET_FD:
-		b->init=1;
-		b->num= *((int *)ptr);
-		data->accept_sock=b->num;
-		data->state=ACPT_S_GET_ACCEPT_SOCKET;
-		b->shutdown=(int)num;
-		b->init=1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init)
-			{
-			ip=(int *)ptr;
-			if (ip != NULL)
-				*ip=data->accept_sock;
-			ret=data->accept_sock;
-			}
-		else
-			ret= -1;
-		break;
-	case BIO_C_GET_ACCEPT:
-		if (b->init)
-			{
-			if (ptr != NULL)
-				{
-				pp=(char **)ptr;
-				*pp=data->param_addr;
-				}
-			else
-				ret= -1;
-			}
-		else
-			ret= -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret=0;
-		break;
-	case BIO_CTRL_FLUSH:
-		break;
-	case BIO_C_SET_BIND_MODE:
-		data->bind_mode=(int)num;
-		break;
-	case BIO_C_GET_BIND_MODE:
-		ret=(long)data->bind_mode;
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-/*		if (data->param_port) EAY EAY
-			BIO_set_port(dbio,data->param_port);
-		if (data->param_hostname)
-			BIO_set_hostname(dbio,data->param_hostname);
-		BIO_set_nbio(dbio,data->nbio); */
-		break;
-
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int acpt_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=acpt_write(bp,str,n);
-	return(ret);
-	}
-
-BIO *BIO_new_accept(char *str)
-	{
-	BIO *ret;
-
-	ret=BIO_new(BIO_s_accept());
-	if (ret == NULL) return(NULL);
-	if (BIO_set_accept_port(ret,str))
-		return(ret);
-	else
-		{
-		BIO_free(ret);
-		return(NULL);
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/bio/bss_bio.c b/crypto/openssl/crypto/bio/bss_bio.c
deleted file mode 100644
index aa58dab046b2..000000000000
--- a/crypto/openssl/crypto/bio/bss_bio.c
+++ /dev/null
@@ -1,871 +0,0 @@
-/* crypto/bio/bss_bio.c  -*- Mode: C; c-file-style: "eay" -*- */
-
-/* Special method for a BIO where the other endpoint is also a BIO
- * of this kind, handled by the same thread (i.e. the "peer" is actually
- * ourselves, wearing a different hat).
- * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces
- * for which no specific BIO method is available.
- * See ssl/ssltest.c for some hints on how this can be used. */
-
-/* BIO_DEBUG implies BIO_PAIR_DEBUG */
-#ifdef BIO_DEBUG
-# ifndef BIO_PAIR_DEBUG
-#  define BIO_PAIR_DEBUG
-# endif
-#endif
-
-/* disable assert() unless BIO_PAIR_DEBUG has been defined */
-#ifndef BIO_PAIR_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#include "e_os.h"
-
-/* VxWorks defines SSIZE_MAX with an empty value causing compile errors */
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef SSIZE_MAX
-#endif
-#ifndef SSIZE_MAX
-# define SSIZE_MAX INT_MAX
-#endif
-
-static int bio_new(BIO *bio);
-static int bio_free(BIO *bio);
-static int bio_read(BIO *bio, char *buf, int size);
-static int bio_write(BIO *bio, const char *buf, int num);
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
-static int bio_puts(BIO *bio, const char *str);
-
-static int bio_make_pair(BIO *bio1, BIO *bio2);
-static void bio_destroy_pair(BIO *bio);
-
-static BIO_METHOD methods_biop =
-{
-	BIO_TYPE_BIO,
-	"BIO pair",
-	bio_write,
-	bio_read,
-	bio_puts,
-	NULL /* no bio_gets */,
-	bio_ctrl,
-	bio_new,
-	bio_free,
-	NULL /* no bio_callback_ctrl */
-};
-
-BIO_METHOD *BIO_s_bio(void)
-	{
-	return &methods_biop;
-	}
-
-struct bio_bio_st
-{
-	BIO *peer;     /* NULL if buf == NULL.
-	                * If peer != NULL, then peer->ptr is also a bio_bio_st,
-	                * and its "peer" member points back to us.
-	                * peer != NULL iff init != 0 in the BIO. */
-	
-	/* This is for what we write (i.e. reading uses peer's struct): */
-	int closed;     /* valid iff peer != NULL */
-	size_t len;     /* valid iff buf != NULL; 0 if peer == NULL */
-	size_t offset;  /* valid iff buf != NULL; 0 if len == 0 */
-	size_t size;
-	char *buf;      /* "size" elements (if != NULL) */
-
-	size_t request; /* valid iff peer != NULL; 0 if len != 0,
-	                 * otherwise set by peer to number of bytes
-	                 * it (unsuccessfully) tried to read,
-	                 * never more than buffer space (size-len) warrants. */
-};
-
-static int bio_new(BIO *bio)
-	{
-	struct bio_bio_st *b;
-	
-	b = OPENSSL_malloc(sizeof *b);
-	if (b == NULL)
-		return 0;
-
-	b->peer = NULL;
-	b->size = 17*1024; /* enough for one TLS record (just a default) */
-	b->buf = NULL;
-
-	bio->ptr = b;
-	return 1;
-	}
-
-
-static int bio_free(BIO *bio)
-	{
-	struct bio_bio_st *b;
-
-	if (bio == NULL)
-		return 0;
-	b = bio->ptr;
-
-	assert(b != NULL);
-
-	if (b->peer)
-		bio_destroy_pair(bio);
-	
-	if (b->buf != NULL)
-		{
-		OPENSSL_free(b->buf);
-		}
-
-	OPENSSL_free(b);
-
-	return 1;
-	}
-
-
-
-static int bio_read(BIO *bio, char *buf, int size_)
-	{
-	size_t size = size_;
-	size_t rest;
-	struct bio_bio_st *b, *peer_b;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-
-	b = bio->ptr;
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	peer_b = b->peer->ptr;
-	assert(peer_b != NULL);
-	assert(peer_b->buf != NULL);
-
-	peer_b->request = 0; /* will be set in "retry_read" situation */
-
-	if (buf == NULL || size == 0)
-		return 0;
-
-	if (peer_b->len == 0)
-		{
-		if (peer_b->closed)
-			return 0; /* writer has closed, and no data is left */
-		else
-			{
-			BIO_set_retry_read(bio); /* buffer is empty */
-			if (size <= peer_b->size)
-				peer_b->request = size;
-			else
-				/* don't ask for more than the peer can
-				 * deliver in one write */
-				peer_b->request = peer_b->size;
-			return -1;
-			}
-		}
-
-	/* we can read */
-	if (peer_b->len < size)
-		size = peer_b->len;
-
-	/* now read "size" bytes */
-	
-	rest = size;
-	
-	assert(rest > 0);
-	do /* one or two iterations */
-		{
-		size_t chunk;
-		
-		assert(rest <= peer_b->len);
-		if (peer_b->offset + rest <= peer_b->size)
-			chunk = rest;
-		else
-			/* wrap around ring buffer */
-			chunk = peer_b->size - peer_b->offset;
-		assert(peer_b->offset + chunk <= peer_b->size);
-		
-		memcpy(buf, peer_b->buf + peer_b->offset, chunk);
-		
-		peer_b->len -= chunk;
-		if (peer_b->len)
-			{
-			peer_b->offset += chunk;
-			assert(peer_b->offset <= peer_b->size);
-			if (peer_b->offset == peer_b->size)
-				peer_b->offset = 0;
-			buf += chunk;
-			}
-		else
-			{
-			/* buffer now empty, no need to advance "buf" */
-			assert(chunk == rest);
-			peer_b->offset = 0;
-			}
-		rest -= chunk;
-		}
-	while (rest);
-	
-	return size;
-	}
-
-/* non-copying interface: provide pointer to available data in buffer
- *    bio_nread0:  return number of available bytes
- *    bio_nread:   also advance index
- * (example usage:  bio_nread0(), read from buffer, bio_nread()
- *  or just         bio_nread(), read from buffer)
- */
-/* WARNING: The non-copying interface is largely untested as of yet
- * and may contain bugs. */
-static ssize_t bio_nread0(BIO *bio, char **buf)
-	{
-	struct bio_bio_st *b, *peer_b;
-	ssize_t num;
-	
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-	
-	b = bio->ptr;
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	peer_b = b->peer->ptr;
-	assert(peer_b != NULL);
-	assert(peer_b->buf != NULL);
-	
-	peer_b->request = 0;
-	
-	if (peer_b->len == 0)
-		{
-		char dummy;
-		
-		/* avoid code duplication -- nothing available for reading */
-		return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
-		}
-
-	num = peer_b->len;
-	if (peer_b->size < peer_b->offset + num)
-		/* no ring buffer wrap-around for non-copying interface */
-		num = peer_b->size - peer_b->offset;
-	assert(num > 0);
-
-	if (buf != NULL)
-		*buf = peer_b->buf + peer_b->offset;
-	return num;
-	}
-
-static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
-	{
-	struct bio_bio_st *b, *peer_b;
-	ssize_t num, available;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
-
-	available = bio_nread0(bio, buf);
-	if (num > available)
-		num = available;
-	if (num <= 0)
-		return num;
-
-	b = bio->ptr;
-	peer_b = b->peer->ptr;
-
-	peer_b->len -= num;
-	if (peer_b->len) 
-		{
-		peer_b->offset += num;
-		assert(peer_b->offset <= peer_b->size);
-		if (peer_b->offset == peer_b->size)
-			peer_b->offset = 0;
-		}
-	else
-		peer_b->offset = 0;
-
-	return num;
-	}
-
-
-static int bio_write(BIO *bio, const char *buf, int num_)
-	{
-	size_t num = num_;
-	size_t rest;
-	struct bio_bio_st *b;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init || buf == NULL || num == 0)
-		return 0;
-
-	b = bio->ptr;		
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	assert(b->buf != NULL);
-
-	b->request = 0;
-	if (b->closed)
-		{
-		/* we already closed */
-		BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
-		return -1;
-		}
-
-	assert(b->len <= b->size);
-
-	if (b->len == b->size)
-		{
-		BIO_set_retry_write(bio); /* buffer is full */
-		return -1;
-		}
-
-	/* we can write */
-	if (num > b->size - b->len)
-		num = b->size - b->len;
-	
-	/* now write "num" bytes */
-
-	rest = num;
-	
-	assert(rest > 0);
-	do /* one or two iterations */
-		{
-		size_t write_offset;
-		size_t chunk;
-
-		assert(b->len + rest <= b->size);
-
-		write_offset = b->offset + b->len;
-		if (write_offset >= b->size)
-			write_offset -= b->size;
-		/* b->buf[write_offset] is the first byte we can write to. */
-
-		if (write_offset + rest <= b->size)
-			chunk = rest;
-		else
-			/* wrap around ring buffer */
-			chunk = b->size - write_offset;
-		
-		memcpy(b->buf + write_offset, buf, chunk);
-		
-		b->len += chunk;
-
-		assert(b->len <= b->size);
-		
-		rest -= chunk;
-		buf += chunk;
-		}
-	while (rest);
-
-	return num;
-	}
-
-/* non-copying interface: provide pointer to region to write to
- *   bio_nwrite0:  check how much space is available
- *   bio_nwrite:   also increase length
- * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
- *  or just         bio_nwrite(), write to buffer)
- */
-static ssize_t bio_nwrite0(BIO *bio, char **buf)
-	{
-	struct bio_bio_st *b;
-	size_t num;
-	size_t write_offset;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-
-	b = bio->ptr;		
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	assert(b->buf != NULL);
-
-	b->request = 0;
-	if (b->closed)
-		{
-		BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
-		return -1;
-		}
-
-	assert(b->len <= b->size);
-
-	if (b->len == b->size)
-		{
-		BIO_set_retry_write(bio);
-		return -1;
-		}
-
-	num = b->size - b->len;
-	write_offset = b->offset + b->len;
-	if (write_offset >= b->size)
-		write_offset -= b->size;
-	if (write_offset + num > b->size)
-		/* no ring buffer wrap-around for non-copying interface
-		 * (to fulfil the promise by BIO_ctrl_get_write_guarantee,
-		 * BIO_nwrite may have to be called twice) */
-		num = b->size - write_offset;
-
-	if (buf != NULL)
-		*buf = b->buf + write_offset;
-	assert(write_offset + num <= b->size);
-
-	return num;
-	}
-
-static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
-	{
-	struct bio_bio_st *b;
-	ssize_t num, space;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
-
-	space = bio_nwrite0(bio, buf);
-	if (num > space)
-		num = space;
-	if (num <= 0)
-		return num;
-	b = bio->ptr;
-	assert(b != NULL);
-	b->len += num;
-	assert(b->len <= b->size);
-
-	return num;
-	}
-
-
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
-	{
-	long ret;
-	struct bio_bio_st *b = bio->ptr;
-	
-	assert(b != NULL);
-
-	switch (cmd)
-		{
-	/* specific CTRL codes */
-
-	case BIO_C_SET_WRITE_BUF_SIZE:
-		if (b->peer)
-			{
-			BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
-			ret = 0;
-			}
-		else if (num == 0)
-			{
-			BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
-			ret = 0;
-			}
-		else
-			{
-			size_t new_size = num;
-
-			if (b->size != new_size)
-				{
-				if (b->buf) 
-					{
-					OPENSSL_free(b->buf);
-					b->buf = NULL;
-					}
-				b->size = new_size;
-				}
-			ret = 1;
-			}
-		break;
-
-	case BIO_C_GET_WRITE_BUF_SIZE:
-		ret = (long) b->size;
-		break;
-
-	case BIO_C_MAKE_BIO_PAIR:
-		{
-		BIO *other_bio = ptr;
-		
-		if (bio_make_pair(bio, other_bio))
-			ret = 1;
-		else
-			ret = 0;
-		}
-		break;
-		
-	case BIO_C_DESTROY_BIO_PAIR:
-		/* Effects both BIOs in the pair -- call just once!
-		 * Or let BIO_free(bio1); BIO_free(bio2); do the job. */
-		bio_destroy_pair(bio);
-		ret = 1;
-		break;
-
-	case BIO_C_GET_WRITE_GUARANTEE:
-		/* How many bytes can the caller feed to the next write
-		 * without having to keep any? */
-		if (b->peer == NULL || b->closed)
-			ret = 0;
-		else
-			ret = (long) b->size - b->len;
-		break;
-
-	case BIO_C_GET_READ_REQUEST:
-		/* If the peer unsuccessfully tried to read, how many bytes
-		 * were requested?  (As with BIO_CTRL_PENDING, that number
-		 * can usually be treated as boolean.) */
-		ret = (long) b->request;
-		break;
-
-	case BIO_C_RESET_READ_REQUEST:
-		/* Reset request.  (Can be useful after read attempts
-		 * at the other side that are meant to be non-blocking,
-		 * e.g. when probing SSL_read to see if any data is
-		 * available.) */
-		b->request = 0;
-		ret = 1;
-		break;
-
-	case BIO_C_SHUTDOWN_WR:
-		/* similar to shutdown(..., SHUT_WR) */
-		b->closed = 1;
-		ret = 1;
-		break;
-
-	case BIO_C_NREAD0:
-		/* prepare for non-copying read */
-		ret = (long) bio_nread0(bio, ptr);
-		break;
-		
-	case BIO_C_NREAD:
-		/* non-copying read */
-		ret = (long) bio_nread(bio, ptr, (size_t) num);
-		break;
-		
-	case BIO_C_NWRITE0:
-		/* prepare for non-copying write */
-		ret = (long) bio_nwrite0(bio, ptr);
-		break;
-
-	case BIO_C_NWRITE:
-		/* non-copying write */
-		ret = (long) bio_nwrite(bio, ptr, (size_t) num);
-		break;
-		
-
-	/* standard CTRL codes follow */
-
-	case BIO_CTRL_RESET:
-		if (b->buf != NULL)
-			{
-			b->len = 0;
-			b->offset = 0;
-			}
-		ret = 0;
-		break;		
-
-	case BIO_CTRL_GET_CLOSE:
-		ret = bio->shutdown;
-		break;
-
-	case BIO_CTRL_SET_CLOSE:
-		bio->shutdown = (int) num;
-		ret = 1;
-		break;
-
-	case BIO_CTRL_PENDING:
-		if (b->peer != NULL)
-			{
-			struct bio_bio_st *peer_b = b->peer->ptr;
-			
-			ret = (long) peer_b->len;
-			}
-		else
-			ret = 0;
-		break;
-
-	case BIO_CTRL_WPENDING:
-		if (b->buf != NULL)
-			ret = (long) b->len;
-		else
-			ret = 0;
-		break;
-
-	case BIO_CTRL_DUP:
-		/* See BIO_dup_chain for circumstances we have to expect. */
-		{
-		BIO *other_bio = ptr;
-		struct bio_bio_st *other_b;
-		
-		assert(other_bio != NULL);
-		other_b = other_bio->ptr;
-		assert(other_b != NULL);
-		
-		assert(other_b->buf == NULL); /* other_bio is always fresh */
-
-		other_b->size = b->size;
-		}
-
-		ret = 1;
-		break;
-
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-
-	case BIO_CTRL_EOF:
-		{
-		BIO *other_bio = ptr;
-		
-		if (other_bio)
-			{
-			struct bio_bio_st *other_b = other_bio->ptr;
-			
-			assert(other_b != NULL);
-			ret = other_b->len == 0 && other_b->closed;
-			}
-		else
-			ret = 1;
-		}
-		break;
-
-	default:
-		ret = 0;
-		}
-	return ret;
-	}
-
-static int bio_puts(BIO *bio, const char *str)
-	{
-	return bio_write(bio, str, strlen(str));
-	}
-
-
-static int bio_make_pair(BIO *bio1, BIO *bio2)
-	{
-	struct bio_bio_st *b1, *b2;
-
-	assert(bio1 != NULL);
-	assert(bio2 != NULL);
-
-	b1 = bio1->ptr;
-	b2 = bio2->ptr;
-	
-	if (b1->peer != NULL || b2->peer != NULL)
-		{
-		BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
-		return 0;
-		}
-	
-	if (b1->buf == NULL)
-		{
-		b1->buf = OPENSSL_malloc(b1->size);
-		if (b1->buf == NULL)
-			{
-			BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-			return 0;
-			}
-		b1->len = 0;
-		b1->offset = 0;
-		}
-	
-	if (b2->buf == NULL)
-		{
-		b2->buf = OPENSSL_malloc(b2->size);
-		if (b2->buf == NULL)
-			{
-			BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-			return 0;
-			}
-		b2->len = 0;
-		b2->offset = 0;
-		}
-	
-	b1->peer = bio2;
-	b1->closed = 0;
-	b1->request = 0;
-	b2->peer = bio1;
-	b2->closed = 0;
-	b2->request = 0;
-
-	bio1->init = 1;
-	bio2->init = 1;
-
-	return 1;
-	}
-
-static void bio_destroy_pair(BIO *bio)
-	{
-	struct bio_bio_st *b = bio->ptr;
-
-	if (b != NULL)
-		{
-		BIO *peer_bio = b->peer;
-
-		if (peer_bio != NULL)
-			{
-			struct bio_bio_st *peer_b = peer_bio->ptr;
-
-			assert(peer_b != NULL);
-			assert(peer_b->peer == bio);
-
-			peer_b->peer = NULL;
-			peer_bio->init = 0;
-			assert(peer_b->buf != NULL);
-			peer_b->len = 0;
-			peer_b->offset = 0;
-			
-			b->peer = NULL;
-			bio->init = 0;
-			assert(b->buf != NULL);
-			b->len = 0;
-			b->offset = 0;
-			}
-		}
-	}
- 
-
-/* Exported convenience functions */
-int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
-	BIO **bio2_p, size_t writebuf2)
-	 {
-	 BIO *bio1 = NULL, *bio2 = NULL;
-	 long r;
-	 int ret = 0;
-
-	 bio1 = BIO_new(BIO_s_bio());
-	 if (bio1 == NULL)
-		 goto err;
-	 bio2 = BIO_new(BIO_s_bio());
-	 if (bio2 == NULL)
-		 goto err;
-
-	 if (writebuf1)
-		 {
-		 r = BIO_set_write_buf_size(bio1, writebuf1);
-		 if (!r)
-			 goto err;
-		 }
-	 if (writebuf2)
-		 {
-		 r = BIO_set_write_buf_size(bio2, writebuf2);
-		 if (!r)
-			 goto err;
-		 }
-
-	 r = BIO_make_bio_pair(bio1, bio2);
-	 if (!r)
-		 goto err;
-	 ret = 1;
-
- err:
-	 if (ret == 0)
-		 {
-		 if (bio1)
-			 {
-			 BIO_free(bio1);
-			 bio1 = NULL;
-			 }
-		 if (bio2)
-			 {
-			 BIO_free(bio2);
-			 bio2 = NULL;
-			 }
-		 }
-
-	 *bio1_p = bio1;
-	 *bio2_p = bio2;
-	 return ret;
-	 }
-
-size_t BIO_ctrl_get_write_guarantee(BIO *bio)
-	{
-	return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
-	}
-
-size_t BIO_ctrl_get_read_request(BIO *bio)
-	{
-	return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
-	}
-
-int BIO_ctrl_reset_read_request(BIO *bio)
-	{
-	return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
-	}
-
-
-/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
- * (conceivably some other BIOs could allow non-copying reads and writes too.)
- */
-int BIO_nread0(BIO *bio, char **buf)
-	{
-	long ret;
-
-	if (!bio->init)
-		{
-		BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
-		return -2;
-		}
-
-	ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
-	if (ret > INT_MAX)
-		return INT_MAX;
-	else
-		return (int) ret;
-	}
-
-int BIO_nread(BIO *bio, char **buf, int num)
-	{
-	int ret;
-
-	if (!bio->init)
-		{
-		BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
-		return -2;
-		}
-
-	ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf);
-	if (ret > 0)
-		bio->num_read += ret;
-	return ret;
-	}
-
-int BIO_nwrite0(BIO *bio, char **buf)
-	{
-	long ret;
-
-	if (!bio->init)
-		{
-		BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
-		return -2;
-		}
-
-	ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
-	if (ret > INT_MAX)
-		return INT_MAX;
-	else
-		return (int) ret;
-	}
-
-int BIO_nwrite(BIO *bio, char **buf, int num)
-	{
-	int ret;
-
-	if (!bio->init)
-		{
-		BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
-		return -2;
-		}
-
-	ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
-	if (ret > 0)
-		bio->num_read += ret;
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/bio/bss_conn.c b/crypto/openssl/crypto/bio/bss_conn.c
deleted file mode 100644
index 743db6ff94a0..000000000000
--- a/crypto/openssl/crypto/bio/bss_conn.c
+++ /dev/null
@@ -1,652 +0,0 @@
-/* crypto/bio/bss_conn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SOCK
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-
-typedef struct bio_connect_st
-	{
-	int state;
-
-	char *param_hostname;
-	char *param_port;
-	int nbio;
-
-	unsigned char ip[4];
-	unsigned short port;
-
-	struct sockaddr_in them;
-
-	/* int socket; this will be kept in bio->num so that it is
-	 * compatible with the bss_sock bio */ 
-
-	/* called when the connection is initially made
-	 *  callback(BIO,state,ret);  The callback should return
-	 * 'ret'.  state is for compatibility with the ssl info_callback */
-	int (*info_callback)(const BIO *bio,int state,int ret);
-	} BIO_CONNECT;
-
-static int conn_write(BIO *h, const char *buf, int num);
-static int conn_read(BIO *h, char *buf, int size);
-static int conn_puts(BIO *h, const char *str);
-static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int conn_new(BIO *h);
-static int conn_free(BIO *data);
-static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
-
-static int conn_state(BIO *b, BIO_CONNECT *c);
-static void conn_close_socket(BIO *data);
-BIO_CONNECT *BIO_CONNECT_new(void );
-void BIO_CONNECT_free(BIO_CONNECT *a);
-
-static BIO_METHOD methods_connectp=
-	{
-	BIO_TYPE_CONNECT,
-	"socket connect",
-	conn_write,
-	conn_read,
-	conn_puts,
-	NULL, /* connect_gets, */
-	conn_ctrl,
-	conn_new,
-	conn_free,
-	conn_callback_ctrl,
-	};
-
-static int conn_state(BIO *b, BIO_CONNECT *c)
-	{
-	int ret= -1,i;
-	unsigned long l;
-	char *p,*q;
-	int (*cb)()=NULL;
-
-	if (c->info_callback != NULL)
-		cb=c->info_callback;
-
-	for (;;)
-		{
-		switch (c->state)
-			{
-		case BIO_CONN_S_BEFORE:
-			p=c->param_hostname;
-			if (p == NULL)
-				{
-				BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTNAME_SPECIFIED);
-				goto exit_loop;
-				}
-			for ( ; *p != '\0'; p++)
-				{
-				if ((*p == ':') || (*p == '/')) break;
-				}
-
-			i= *p;
-			if ((i == ':') || (i == '/'))
-				{
-
-				*(p++)='\0';
-				if (i == ':')
-					{
-					for (q=p; *q; q++)
-						if (*q == '/')
-							{
-							*q='\0';
-							break;
-							}
-					if (c->param_port != NULL)
-						OPENSSL_free(c->param_port);
-					c->param_port=BUF_strdup(p);
-					}
-				}
-
-			if (c->param_port == NULL)
-				{
-				BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
-				ERR_add_error_data(2,"host=",c->param_hostname);
-				goto exit_loop;
-				}
-			c->state=BIO_CONN_S_GET_IP;
-			break;
-
-		case BIO_CONN_S_GET_IP:
-			if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
-				goto exit_loop;
-			c->state=BIO_CONN_S_GET_PORT;
-			break;
-
-		case BIO_CONN_S_GET_PORT:
-			if (c->param_port == NULL)
-				{
-				/* abort(); */
-				goto exit_loop;
-				}
-			else if (BIO_get_port(c->param_port,&c->port) <= 0)
-				goto exit_loop;
-			c->state=BIO_CONN_S_CREATE_SOCKET;
-			break;
-
-		case BIO_CONN_S_CREATE_SOCKET:
-			/* now setup address */
-			memset((char *)&c->them,0,sizeof(c->them));
-			c->them.sin_family=AF_INET;
-			c->them.sin_port=htons((unsigned short)c->port);
-			l=(unsigned long)
-				((unsigned long)c->ip[0]<<24L)|
-				((unsigned long)c->ip[1]<<16L)|
-				((unsigned long)c->ip[2]<< 8L)|
-				((unsigned long)c->ip[3]);
-			c->them.sin_addr.s_addr=htonl(l);
-			c->state=BIO_CONN_S_CREATE_SOCKET;
-
-			ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-			if (ret == INVALID_SOCKET)
-				{
-				SYSerr(SYS_F_SOCKET,get_last_socket_error());
-				ERR_add_error_data(4,"host=",c->param_hostname,
-					":",c->param_port);
-				BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
-				goto exit_loop;
-				}
-			b->num=ret;
-			c->state=BIO_CONN_S_NBIO;
-			break;
-
-		case BIO_CONN_S_NBIO:
-			if (c->nbio)
-				{
-				if (!BIO_socket_nbio(b->num,1))
-					{
-					BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
-					ERR_add_error_data(4,"host=",
-						c->param_hostname,
-						":",c->param_port);
-					goto exit_loop;
-					}
-				}
-			c->state=BIO_CONN_S_CONNECT;
-
-#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
-			i=1;
-			i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-			if (i < 0)
-				{
-				SYSerr(SYS_F_SOCKET,get_last_socket_error());
-				ERR_add_error_data(4,"host=",c->param_hostname,
-					":",c->param_port);
-				BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE);
-				goto exit_loop;
-				}
-#endif
-			break;
-
-		case BIO_CONN_S_CONNECT:
-			BIO_clear_retry_flags(b);
-			ret=connect(b->num,
-				(struct sockaddr *)&c->them,
-				sizeof(c->them));
-			b->retry_reason=0;
-			if (ret < 0)
-				{
-				if (BIO_sock_should_retry(ret))
-					{
-					BIO_set_retry_special(b);
-					c->state=BIO_CONN_S_BLOCKED_CONNECT;
-					b->retry_reason=BIO_RR_CONNECT;
-					}
-				else
-					{
-					SYSerr(SYS_F_CONNECT,get_last_socket_error());
-					ERR_add_error_data(4,"host=",
-						c->param_hostname,
-						":",c->param_port);
-					BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
-					}
-				goto exit_loop;
-				}
-			else
-				c->state=BIO_CONN_S_OK;
-			break;
-
-		case BIO_CONN_S_BLOCKED_CONNECT:
-			i=BIO_sock_error(b->num);
-			if (i)
-				{
-				BIO_clear_retry_flags(b);
-				SYSerr(SYS_F_CONNECT,i);
-				ERR_add_error_data(4,"host=",
-					c->param_hostname,
-					":",c->param_port);
-				BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
-				ret=0;
-				goto exit_loop;
-				}
-			else
-				c->state=BIO_CONN_S_OK;
-			break;
-
-		case BIO_CONN_S_OK:
-			ret=1;
-			goto exit_loop;
-		default:
-			/* abort(); */
-			goto exit_loop;
-			}
-
-		if (cb != NULL)
-			{
-			if (!(ret=cb((BIO *)b,c->state,ret)))
-				goto end;
-			}
-		}
-
-	/* Loop does not exit */
-exit_loop:
-	if (cb != NULL)
-		ret=cb((BIO *)b,c->state,ret);
-end:
-	return(ret);
-	}
-
-BIO_CONNECT *BIO_CONNECT_new(void)
-	{
-	BIO_CONNECT *ret;
-
-	if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
-		return(NULL);
-	ret->state=BIO_CONN_S_BEFORE;
-	ret->param_hostname=NULL;
-	ret->param_port=NULL;
-	ret->info_callback=NULL;
-	ret->nbio=0;
-	ret->ip[0]=0;
-	ret->ip[1]=0;
-	ret->ip[2]=0;
-	ret->ip[3]=0;
-	ret->port=0;
-	memset((char *)&ret->them,0,sizeof(ret->them));
-	return(ret);
-	}
-
-void BIO_CONNECT_free(BIO_CONNECT *a)
-	{
-	if(a == NULL)
-	    return;
-
-	if (a->param_hostname != NULL)
-		OPENSSL_free(a->param_hostname);
-	if (a->param_port != NULL)
-		OPENSSL_free(a->param_port);
-	OPENSSL_free(a);
-	}
-
-BIO_METHOD *BIO_s_connect(void)
-	{
-	return(&methods_connectp);
-	}
-
-static int conn_new(BIO *bi)
-	{
-	bi->init=0;
-	bi->num=INVALID_SOCKET;
-	bi->flags=0;
-	if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
-		return(0);
-	else
-		return(1);
-	}
-
-static void conn_close_socket(BIO *bio)
-	{
-	BIO_CONNECT *c;
-
-	c=(BIO_CONNECT *)bio->ptr;
-	if (bio->num != INVALID_SOCKET)
-		{
-		/* Only do a shutdown if things were established */
-		if (c->state == BIO_CONN_S_OK)
-			shutdown(bio->num,2);
-		closesocket(bio->num);
-		bio->num=INVALID_SOCKET;
-		}
-	}
-
-static int conn_free(BIO *a)
-	{
-	BIO_CONNECT *data;
-
-	if (a == NULL) return(0);
-	data=(BIO_CONNECT *)a->ptr;
-	 
-	if (a->shutdown)
-		{
-		conn_close_socket(a);
-		BIO_CONNECT_free(data);
-		a->ptr=NULL;
-		a->flags=0;
-		a->init=0;
-		}
-	return(1);
-	}
-	
-static int conn_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
-	BIO_CONNECT *data;
-
-	data=(BIO_CONNECT *)b->ptr;
-	if (data->state != BIO_CONN_S_OK)
-		{
-		ret=conn_state(b,data);
-		if (ret <= 0)
-				return(ret);
-		}
-
-	if (out != NULL)
-		{
-		clear_socket_error();
-		ret=readsocket(b->num,out,outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0)
-			{
-			if (BIO_sock_should_retry(ret))
-				BIO_set_retry_read(b);
-			}
-		}
-	return(ret);
-	}
-
-static int conn_write(BIO *b, const char *in, int inl)
-	{
-	int ret;
-	BIO_CONNECT *data;
-
-	data=(BIO_CONNECT *)b->ptr;
-	if (data->state != BIO_CONN_S_OK)
-		{
-		ret=conn_state(b,data);
-		if (ret <= 0) return(ret);
-		}
-
-	clear_socket_error();
-	ret=writesocket(b->num,in,inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0)
-		{
-		if (BIO_sock_should_retry(ret))
-			BIO_set_retry_write(b);
-		}
-	return(ret);
-	}
-
-static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	int *ip;
-	const char **pptr;
-	long ret=1;
-	BIO_CONNECT *data;
-
-	data=(BIO_CONNECT *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ret=0;
-		data->state=BIO_CONN_S_BEFORE;
-		conn_close_socket(b);
-		b->flags=0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		/* use this one to start the connection */
-		if (!data->state != BIO_CONN_S_OK)
-			ret=(long)conn_state(b,data);
-		else
-			ret=1;
-		break;
-	case BIO_C_GET_CONNECT:
-		if (ptr != NULL)
-			{
-			pptr=(const char **)ptr;
-			if (num == 0)
-				{
-				*pptr=data->param_hostname;
-
-				}
-			else if (num == 1)
-				{
-				*pptr=data->param_port;
-				}
-			else if (num == 2)
-				{
-				*pptr= (char *)&(data->ip[0]);
-				}
-			else if (num == 3)
-				{
-				*((int *)ptr)=data->port;
-				}
-			if ((!b->init) || (ptr == NULL))
-				*pptr="not initialized";
-			ret=1;
-			}
-		break;
-	case BIO_C_SET_CONNECT:
-		if (ptr != NULL)
-			{
-			b->init=1;
-			if (num == 0)
-				{
-				if (data->param_hostname != NULL)
-					OPENSSL_free(data->param_hostname);
-				data->param_hostname=BUF_strdup(ptr);
-				}
-			else if (num == 1)
-				{
-				if (data->param_port != NULL)
-					OPENSSL_free(data->param_port);
-				data->param_port=BUF_strdup(ptr);
-				}
-			else if (num == 2)
-				{
-				char buf[16];
-				unsigned char *p = ptr;
-
-				sprintf(buf,"%d.%d.%d.%d",
-					p[0],p[1],p[2],p[3]);
-				if (data->param_hostname != NULL)
-					OPENSSL_free(data->param_hostname);
-				data->param_hostname=BUF_strdup(buf);
-				memcpy(&(data->ip[0]),ptr,4);
-				}
-			else if (num == 3)
-				{
-				char buf[DECIMAL_SIZE(int)+1];
-
-				sprintf(buf,"%d",*(int *)ptr);
-				if (data->param_port != NULL)
-					OPENSSL_free(data->param_port);
-				data->param_port=BUF_strdup(buf);
-				data->port= *(int *)ptr;
-				}
-			}
-		break;
-	case BIO_C_SET_NBIO:
-		data->nbio=(int)num;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init)
-			{
-			ip=(int *)ptr;
-			if (ip != NULL)
-				*ip=b->num;
-			ret=b->num;
-			}
-		else
-			ret= -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret=0;
-		break;
-	case BIO_CTRL_FLUSH:
-		break;
-	case BIO_CTRL_DUP:
-		{
-		dbio=(BIO *)ptr;
-		if (data->param_port)
-			BIO_set_conn_port(dbio,data->param_port);
-		if (data->param_hostname)
-			BIO_set_conn_hostname(dbio,data->param_hostname);
-		BIO_set_nbio(dbio,data->nbio);
-		/* FIXME: the cast of the function seems unlikely to be a good idea */
-                (void)BIO_set_info_callback(dbio,(bio_info_cb *)data->info_callback);
-		}
-		break;
-	case BIO_CTRL_SET_CALLBACK:
-		{
-#if 0 /* FIXME: Should this be used?  -- Richard Levitte */
-		BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		ret = -1;
-#else
-		ret=0;
-#endif
-		}
-		break;
-	case BIO_CTRL_GET_CALLBACK:
-		{
-		int (**fptr)();
-
-		fptr=(int (**)())ptr;
-		*fptr=data->info_callback;
-		}
-		break;
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-	BIO_CONNECT *data;
-
-	data=(BIO_CONNECT *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_SET_CALLBACK:
-		{
-		data->info_callback=(int (*)(const struct bio_st *, int, int))fp;
-		}
-		break;
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int conn_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=conn_write(bp,str,n);
-	return(ret);
-	}
-
-BIO *BIO_new_connect(char *str)
-	{
-	BIO *ret;
-
-	ret=BIO_new(BIO_s_connect());
-	if (ret == NULL) return(NULL);
-	if (BIO_set_conn_hostname(ret,str))
-		return(ret);
-	else
-		{
-		BIO_free(ret);
-		return(NULL);
-		}
-	}
-
-#endif
-
diff --git a/crypto/openssl/crypto/bio/bss_fd.c b/crypto/openssl/crypto/bio/bss_fd.c
deleted file mode 100644
index 5e3e187de689..000000000000
--- a/crypto/openssl/crypto/bio/bss_fd.c
+++ /dev/null
@@ -1,282 +0,0 @@
-/* crypto/bio/bss_fd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int fd_write(BIO *h, const char *buf, int num);
-static int fd_read(BIO *h, char *buf, int size);
-static int fd_puts(BIO *h, const char *str);
-static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int fd_new(BIO *h);
-static int fd_free(BIO *data);
-int BIO_fd_should_retry(int s);
-
-static BIO_METHOD methods_fdp=
-	{
-	BIO_TYPE_FD,"file descriptor",
-	fd_write,
-	fd_read,
-	fd_puts,
-	NULL, /* fd_gets, */
-	fd_ctrl,
-	fd_new,
-	fd_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_fd(void)
-	{
-	return(&methods_fdp);
-	}
-
-BIO *BIO_new_fd(int fd,int close_flag)
-	{
-	BIO *ret;
-	ret=BIO_new(BIO_s_fd());
-	if (ret == NULL) return(NULL);
-	BIO_set_fd(ret,fd,close_flag);
-	return(ret);
-	}
-
-static int fd_new(BIO *bi)
-	{
-	bi->init=0;
-	bi->num=0;
-	bi->ptr=NULL;
-	bi->flags=0;
-	return(1);
-	}
-
-static int fd_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	if (a->shutdown)
-		{
-		if (a->init)
-			{
-			close(a->num);
-			}
-		a->init=0;
-		a->flags=0;
-		}
-	return(1);
-	}
-	
-static int fd_read(BIO *b, char *out,int outl)
-	{
-	int ret=0;
-
-	if (out != NULL)
-		{
-		clear_sys_error();
-		ret=read(b->num,out,outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0)
-			{
-			if (BIO_fd_should_retry(ret))
-				BIO_set_retry_read(b);
-			}
-		}
-	return(ret);
-	}
-
-static int fd_write(BIO *b, const char *in, int inl)
-	{
-	int ret;
-	clear_sys_error();
-	ret=write(b->num,in,inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0)
-		{
-		if (BIO_fd_should_retry(ret))
-			BIO_set_retry_write(b);
-		}
-	return(ret);
-	}
-
-static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-	int *ip;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		num=0;
-	case BIO_C_FILE_SEEK:
-		ret=(long)lseek(b->num,num,0);
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret=(long)lseek(b->num,0,1);
-		break;
-	case BIO_C_SET_FD:
-		fd_free(b);
-		b->num= *((int *)ptr);
-		b->shutdown=(int)num;
-		b->init=1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init)
-			{
-			ip=(int *)ptr;
-			if (ip != NULL) *ip=b->num;
-			ret=b->num;
-			}
-		else
-			ret= -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret=0;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret=1;
-		break;
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int fd_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=fd_write(bp,str,n);
-	return(ret);
-	}
-
-int BIO_fd_should_retry(int i)
-	{
-	int err;
-
-	if ((i == 0) || (i == -1))
-		{
-		err=get_last_sys_error();
-
-#if defined(OPENSSL_SYS_WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */
-		if ((i == -1) && (err == 0))
-			return(1);
-#endif
-
-		return(BIO_fd_non_fatal_error(err));
-		}
-	return(0);
-	}
-
-int BIO_fd_non_fatal_error(int err)
-	{
-	switch (err)
-		{
-
-#ifdef EWOULDBLOCK
-# ifdef WSAEWOULDBLOCK
-#  if WSAEWOULDBLOCK != EWOULDBLOCK
-	case EWOULDBLOCK:
-#  endif
-# else
-	case EWOULDBLOCK:
-# endif
-#endif
-
-#if defined(ENOTCONN)
-	case ENOTCONN:
-#endif
-
-#ifdef EINTR
-	case EINTR:
-#endif
-
-#ifdef EAGAIN
-#if EWOULDBLOCK != EAGAIN
-	case EAGAIN:
-# endif
-#endif
-
-#ifdef EPROTO
-	case EPROTO:
-#endif
-
-#ifdef EINPROGRESS
-	case EINPROGRESS:
-#endif
-
-#ifdef EALREADY
-	case EALREADY:
-#endif
-		return(1);
-		/* break; */
-	default:
-		break;
-		}
-	return(0);
-	}
diff --git a/crypto/openssl/crypto/bio/bss_file.c b/crypto/openssl/crypto/bio/bss_file.c
deleted file mode 100644
index a66600c1a34c..000000000000
--- a/crypto/openssl/crypto/bio/bss_file.c
+++ /dev/null
@@ -1,324 +0,0 @@
-/* crypto/bio/bss_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * 03-Dec-1997	rdenny@dc3.com  Fix bug preventing use of stdin/stdout
- *		with binary data (e.g. asn1parse -inform DER < xxx) under
- *		Windows
- */
-
-#ifndef HEADER_BSS_FILE_C
-#define HEADER_BSS_FILE_C
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-#if !defined(OPENSSL_NO_STDIO)
-
-static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
-static int MS_CALLBACK file_puts(BIO *h, const char *str);
-static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
-static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK file_new(BIO *h);
-static int MS_CALLBACK file_free(BIO *data);
-static BIO_METHOD methods_filep=
-	{
-	BIO_TYPE_FILE,
-	"FILE pointer",
-	file_write,
-	file_read,
-	file_puts,
-	file_gets,
-	file_ctrl,
-	file_new,
-	file_free,
-	NULL,
-	};
-
-BIO *BIO_new_file(const char *filename, const char *mode)
-	{
-	BIO *ret;
-	FILE *file;
-
-	if ((file=fopen(filename,mode)) == NULL)
-		{
-		SYSerr(SYS_F_FOPEN,get_last_sys_error());
-		ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
-		if (errno == ENOENT)
-			BIOerr(BIO_F_BIO_NEW_FILE,BIO_R_NO_SUCH_FILE);
-		else
-			BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
-		return(NULL);
-		}
-	if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
-		return(NULL);
-
-	BIO_set_fp(ret,file,BIO_CLOSE);
-	return(ret);
-	}
-
-BIO *BIO_new_fp(FILE *stream, int close_flag)
-	{
-	BIO *ret;
-
-	if ((ret=BIO_new(BIO_s_file())) == NULL)
-		return(NULL);
-
-	BIO_set_fp(ret,stream,close_flag);
-	return(ret);
-	}
-
-BIO_METHOD *BIO_s_file(void)
-	{
-	return(&methods_filep);
-	}
-
-static int MS_CALLBACK file_new(BIO *bi)
-	{
-	bi->init=0;
-	bi->num=0;
-	bi->ptr=NULL;
-	return(1);
-	}
-
-static int MS_CALLBACK file_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	if (a->shutdown)
-		{
-		if ((a->init) && (a->ptr != NULL))
-			{
-			fclose((FILE *)a->ptr);
-			a->ptr=NULL;
-			}
-		a->init=0;
-		}
-	return(1);
-	}
-	
-static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
-
-	if (b->init && (out != NULL))
-		{
-		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
-		if(ret == 0 && ferror((FILE *)b->ptr))
-			{
-			SYSerr(SYS_F_FREAD,get_last_sys_error());
-			BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB);
-			ret=-1;
-			}
-		}
-	return(ret);
-	}
-
-static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
-	{
-	int ret=0;
-
-	if (b->init && (in != NULL))
-		{
-		if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
-			ret=inl;
-		/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
-		/* according to Tim Hudson <tjh@cryptsoft.com>, the commented
-		 * out version above can cause 'inl' write calls under
-		 * some stupid stdio implementations (VMS) */
-		}
-	return(ret);
-	}
-
-static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-	FILE *fp=(FILE *)b->ptr;
-	FILE **fpp;
-	char p[4];
-
-	switch (cmd)
-		{
-	case BIO_C_FILE_SEEK:
-	case BIO_CTRL_RESET:
-		ret=(long)fseek(fp,num,0);
-		break;
-	case BIO_CTRL_EOF:
-		ret=(long)feof(fp);
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret=ftell(fp);
-		break;
-	case BIO_C_SET_FILE_PTR:
-		file_free(b);
-		b->shutdown=(int)num&BIO_CLOSE;
-		b->ptr=(char *)ptr;
-		b->init=1;
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS)
-		/* Set correct text/binary mode */
-		if (num & BIO_FP_TEXT)
-			_setmode(fileno((FILE *)ptr),_O_TEXT);
-		else
-			_setmode(fileno((FILE *)ptr),_O_BINARY);
-#elif defined(OPENSSL_SYS_OS2)
-		if (num & BIO_FP_TEXT)
-			setmode(fileno((FILE *)ptr), O_TEXT);
-		else
-			setmode(fileno((FILE *)ptr), O_BINARY);
-#endif
-		break;
-	case BIO_C_SET_FILENAME:
-		file_free(b);
-		b->shutdown=(int)num&BIO_CLOSE;
-		if (num & BIO_FP_APPEND)
-			{
-			if (num & BIO_FP_READ)
-				strcpy(p,"a+");
-			else	strcpy(p,"a");
-			}
-		else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-			strcpy(p,"r+");
-		else if (num & BIO_FP_WRITE)
-			strcpy(p,"w");
-		else if (num & BIO_FP_READ)
-			strcpy(p,"r");
-		else
-			{
-			BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
-			ret=0;
-			break;
-			}
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2)
-		if (!(num & BIO_FP_TEXT))
-			strcat(p,"b");
-		else
-			strcat(p,"t");
-#endif
-		fp=fopen(ptr,p);
-		if (fp == NULL)
-			{
-			SYSerr(SYS_F_FOPEN,get_last_sys_error());
-			ERR_add_error_data(5,"fopen('",ptr,"','",p,"')");
-			BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
-			ret=0;
-			break;
-			}
-		b->ptr=(char *)fp;
-		b->init=1;
-		break;
-	case BIO_C_GET_FILE_PTR:
-		/* the ptr parameter is actually a FILE ** in this case. */
-		if (ptr != NULL)
-			{
-			fpp=(FILE **)ptr;
-			*fpp=(FILE *)b->ptr;
-			}
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=(long)b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_FLUSH:
-		fflush((FILE *)b->ptr);
-		break;
-	case BIO_CTRL_DUP:
-		ret=1;
-		break;
-
-	case BIO_CTRL_WPENDING:
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_PUSH:
-	case BIO_CTRL_POP:
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
-	{
-	int ret=0;
-
-	buf[0]='\0';
-	fgets(buf,size,(FILE *)bp->ptr);
-	if (buf[0] != '\0')
-		ret=strlen(buf);
-	return(ret);
-	}
-
-static int MS_CALLBACK file_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=file_write(bp,str,n);
-	return(ret);
-	}
-
-#endif /* OPENSSL_NO_STDIO */
-
-#endif /* HEADER_BSS_FILE_C */
-
-
diff --git a/crypto/openssl/crypto/bio/bss_log.c b/crypto/openssl/crypto/bio/bss_log.c
deleted file mode 100644
index 1eb678cac095..000000000000
--- a/crypto/openssl/crypto/bio/bss_log.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/* crypto/bio/bss_log.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-	Why BIO_s_log?
-
-	BIO_s_log is useful for system daemons (or services under NT).
-	It is one-way BIO, it sends all stuff to syslogd (on system that
-	commonly use that), or event log (on NT), or OPCOM (on OpenVMS).
-
-*/
-
-
-#include <stdio.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-
-#if defined(OPENSSL_SYS_WINCE)
-#elif defined(OPENSSL_SYS_WIN32)
-#  include <process.h>
-#elif defined(OPENSSL_SYS_VMS)
-#  include <opcdef.h>
-#  include <descrip.h>
-#  include <lib$routines.h>
-#  include <starlet.h>
-#elif defined(__ultrix)
-#  include <sys/syslog.h>
-#elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG)
-#  include <syslog.h>
-#endif
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#ifndef NO_SYSLOG
-
-#if defined(OPENSSL_SYS_WIN32)
-#define LOG_EMERG	0
-#define LOG_ALERT	1
-#define LOG_CRIT	2
-#define LOG_ERR		3
-#define LOG_WARNING	4
-#define LOG_NOTICE	5
-#define LOG_INFO	6
-#define LOG_DEBUG	7
-
-#define LOG_DAEMON	(3<<3)
-#elif defined(OPENSSL_SYS_VMS)
-/* On VMS, we don't really care about these, but we need them to compile */
-#define LOG_EMERG	0
-#define LOG_ALERT	1
-#define LOG_CRIT	2
-#define LOG_ERR		3
-#define LOG_WARNING	4
-#define LOG_NOTICE	5
-#define LOG_INFO	6
-#define LOG_DEBUG	7
-
-#define LOG_DAEMON	OPC$M_NM_NTWORK
-#endif
-
-static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK slg_puts(BIO *h, const char *str);
-static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK slg_new(BIO *h);
-static int MS_CALLBACK slg_free(BIO *data);
-static void xopenlog(BIO* bp, char* name, int level);
-static void xsyslog(BIO* bp, int priority, const char* string);
-static void xcloselog(BIO* bp);
-#ifdef OPENSSL_SYS_WIN32
-LONG	(WINAPI *go_for_advapi)()	= RegOpenKeyEx;
-HANDLE	(WINAPI *register_event_source)()	= NULL;
-BOOL	(WINAPI *deregister_event_source)()	= NULL;
-BOOL	(WINAPI *report_event)()	= NULL;
-#define DL_PROC(m,f)	(GetProcAddress( m, f ))
-#ifdef UNICODE
-#define DL_PROC_X(m,f) DL_PROC( m, f "W" )
-#else
-#define DL_PROC_X(m,f) DL_PROC( m, f "A" )
-#endif
-#endif
-
-static BIO_METHOD methods_slg=
-	{
-	BIO_TYPE_MEM,"syslog",
-	slg_write,
-	NULL,
-	slg_puts,
-	NULL,
-	slg_ctrl,
-	slg_new,
-	slg_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_log(void)
-	{
-	return(&methods_slg);
-	}
-
-static int MS_CALLBACK slg_new(BIO *bi)
-	{
-	bi->init=1;
-	bi->num=0;
-	bi->ptr=NULL;
-	xopenlog(bi, "application", LOG_DAEMON);
-	return(1);
-	}
-
-static int MS_CALLBACK slg_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	xcloselog(a);
-	return(1);
-	}
-	
-static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
-	{
-	int ret= inl;
-	char* buf;
-	char* pp;
-	int priority, i;
-	static struct
-		{
-		int strl;
-		char str[10];
-		int log_level;
-		}
-	mapping[] =
-		{
-		{ 6, "PANIC ", LOG_EMERG },
-		{ 6, "EMERG ", LOG_EMERG },
-		{ 4, "EMR ", LOG_EMERG },
-		{ 6, "ALERT ", LOG_ALERT },
-		{ 4, "ALR ", LOG_ALERT },
-		{ 5, "CRIT ", LOG_CRIT },
-		{ 4, "CRI ", LOG_CRIT },
-		{ 6, "ERROR ", LOG_ERR },
-		{ 4, "ERR ", LOG_ERR },
-		{ 8, "WARNING ", LOG_WARNING },
-		{ 5, "WARN ", LOG_WARNING },
-		{ 4, "WAR ", LOG_WARNING },
-		{ 7, "NOTICE ", LOG_NOTICE },
-		{ 5, "NOTE ", LOG_NOTICE },
-		{ 4, "NOT ", LOG_NOTICE },
-		{ 5, "INFO ", LOG_INFO },
-		{ 4, "INF ", LOG_INFO },
-		{ 6, "DEBUG ", LOG_DEBUG },
-		{ 4, "DBG ", LOG_DEBUG },
-		{ 0, "", LOG_ERR } /* The default */
-		};
-
-	if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){
-		return(0);
-	}
-	strncpy(buf, in, inl);
-	buf[inl]= '\0';
-
-	i = 0;
-	while(strncmp(buf, mapping[i].str, mapping[i].strl) != 0) i++;
-	priority = mapping[i].log_level;
-	pp = buf + mapping[i].strl;
-
-	xsyslog(b, priority, pp);
-
-	OPENSSL_free(buf);
-	return(ret);
-	}
-
-static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	switch (cmd)
-		{
-	case BIO_CTRL_SET:
-		xcloselog(b);
-		xopenlog(b, ptr, num);
-		break;
-	default:
-		break;
-		}
-	return(0);
-	}
-
-static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=slg_write(bp,str,n);
-	return(ret);
-	}
-
-#if defined(OPENSSL_SYS_WIN32)
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
-	if ( !register_event_source )
-		{
-		HANDLE	advapi;
-		if ( !(advapi = GetModuleHandle("advapi32")) )
-			return;
-		register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi,
-			"RegisterEventSource" );
-		deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi,
-			"DeregisterEventSource");
-		report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi,
-			"ReportEvent" );
-		if ( !(register_event_source && deregister_event_source &&
-				report_event) )
-			{
-			register_event_source = NULL;
-			deregister_event_source = NULL;
-			report_event = NULL;
-			return;
-			}
-		}
-	bp->ptr= (char *)register_event_source(NULL, name);
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	LPCSTR lpszStrings[2];
-	WORD evtype= EVENTLOG_ERROR_TYPE;
-	int pid = _getpid();
-	char pidbuf[DECIMAL_SIZE(pid)+4];
-
-	switch (priority)
-		{
-	case LOG_EMERG:
-	case LOG_ALERT:
-	case LOG_CRIT:
-	case LOG_ERR:
-		evtype = EVENTLOG_ERROR_TYPE;
-		break;
-	case LOG_WARNING:
-		evtype = EVENTLOG_WARNING_TYPE;
-		break;
-	case LOG_NOTICE:
-	case LOG_INFO:
-	case LOG_DEBUG:
-		evtype = EVENTLOG_INFORMATION_TYPE;
-		break;
-	default:		/* Should never happen, but set it
-				   as error anyway. */
-		evtype = EVENTLOG_ERROR_TYPE;
-		break;
-		}
-
-	sprintf(pidbuf, "[%d] ", pid);
-	lpszStrings[0] = pidbuf;
-	lpszStrings[1] = string;
-
-	if(report_event && bp->ptr)
-		report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
-				lpszStrings, NULL);
-}
-	
-static void xcloselog(BIO* bp)
-{
-	if(deregister_event_source && bp->ptr)
-		deregister_event_source((HANDLE)(bp->ptr));
-	bp->ptr= NULL;
-}
-
-#elif defined(OPENSSL_SYS_VMS)
-
-static int VMS_OPC_target = LOG_DAEMON;
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
-	VMS_OPC_target = level; 
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	struct dsc$descriptor_s opc_dsc;
-	struct opcdef *opcdef_p;
-	char buf[10240];
-	unsigned int len;
-        struct dsc$descriptor_s buf_dsc;
-	$DESCRIPTOR(fao_cmd, "!AZ: !AZ");
-	char *priority_tag;
-
-	switch (priority)
-	  {
-	  case LOG_EMERG: priority_tag = "Emergency"; break;
-	  case LOG_ALERT: priority_tag = "Alert"; break;
-	  case LOG_CRIT: priority_tag = "Critical"; break;
-	  case LOG_ERR: priority_tag = "Error"; break;
-	  case LOG_WARNING: priority_tag = "Warning"; break;
-	  case LOG_NOTICE: priority_tag = "Notice"; break;
-	  case LOG_INFO: priority_tag = "Info"; break;
-	  case LOG_DEBUG: priority_tag = "DEBUG"; break;
-	  }
-
-	buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-	buf_dsc.dsc$b_class = DSC$K_CLASS_S;
-	buf_dsc.dsc$a_pointer = buf;
-	buf_dsc.dsc$w_length = sizeof(buf) - 1;
-
-	lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
-
-	/* we know there's an 8 byte header.  That's documented */
-	opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len);
-	opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
-	memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
-	opcdef_p->opc$l_ms_rqstid = 0;
-	memcpy(&opcdef_p->opc$l_ms_text, buf, len);
-
-	opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-	opc_dsc.dsc$b_class = DSC$K_CLASS_S;
-	opc_dsc.dsc$a_pointer = (char *)opcdef_p;
-	opc_dsc.dsc$w_length = len + 8;
-
-	sys$sndopr(opc_dsc, 0);
-
-	OPENSSL_free(opcdef_p);
-}
-
-static void xcloselog(BIO* bp)
-{
-}
-
-#else /* Unix/Watt32 */
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
-#ifdef WATT32   /* djgpp/DOS */
-	openlog(name, LOG_PID|LOG_CONS|LOG_NDELAY, level);
-#else
-	openlog(name, LOG_PID|LOG_CONS, level);
-#endif
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	syslog(priority, "%s", string);
-}
-
-static void xcloselog(BIO* bp)
-{
-	closelog();
-}
-
-#endif /* Unix */
-
-#endif /* NO_SYSLOG */
diff --git a/crypto/openssl/crypto/bio/bss_mem.c b/crypto/openssl/crypto/bio/bss_mem.c
deleted file mode 100644
index a4edb711aec1..000000000000
--- a/crypto/openssl/crypto/bio/bss_mem.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/* crypto/bio/bss_mem.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int mem_write(BIO *h, const char *buf, int num);
-static int mem_read(BIO *h, char *buf, int size);
-static int mem_puts(BIO *h, const char *str);
-static int mem_gets(BIO *h, char *str, int size);
-static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int mem_new(BIO *h);
-static int mem_free(BIO *data);
-static BIO_METHOD mem_method=
-	{
-	BIO_TYPE_MEM,
-	"memory buffer",
-	mem_write,
-	mem_read,
-	mem_puts,
-	mem_gets,
-	mem_ctrl,
-	mem_new,
-	mem_free,
-	NULL,
-	};
-
-/* bio->num is used to hold the value to return on 'empty', if it is
- * 0, should_retry is not set */
-
-BIO_METHOD *BIO_s_mem(void)
-	{
-	return(&mem_method);
-	}
-
-BIO *BIO_new_mem_buf(void *buf, int len)
-{
-	BIO *ret;
-	BUF_MEM *b;
-	if (!buf) {
-		BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER);
-		return NULL;
-	}
-	if(len == -1) len = strlen(buf);
-	if(!(ret = BIO_new(BIO_s_mem())) ) return NULL;
-	b = (BUF_MEM *)ret->ptr;
-	b->data = buf;
-	b->length = len;
-	b->max = len;
-	ret->flags |= BIO_FLAGS_MEM_RDONLY;
-	/* Since this is static data retrying wont help */
-	ret->num = 0;
-	return ret;
-}
-
-static int mem_new(BIO *bi)
-	{
-	BUF_MEM *b;
-
-	if ((b=BUF_MEM_new()) == NULL)
-		return(0);
-	bi->shutdown=1;
-	bi->init=1;
-	bi->num= -1;
-	bi->ptr=(char *)b;
-	return(1);
-	}
-
-static int mem_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	if (a->shutdown)
-		{
-		if ((a->init) && (a->ptr != NULL))
-			{
-			BUF_MEM *b;
-			b = (BUF_MEM *)a->ptr;
-			if(a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL;
-			BUF_MEM_free(b);
-			a->ptr=NULL;
-			}
-		}
-	return(1);
-	}
-	
-static int mem_read(BIO *b, char *out, int outl)
-	{
-	int ret= -1;
-	BUF_MEM *bm;
-	int i;
-	char *from,*to;
-
-	bm=(BUF_MEM *)b->ptr;
-	BIO_clear_retry_flags(b);
-	ret=(outl > bm->length)?bm->length:outl;
-	if ((out != NULL) && (ret > 0)) {
-		memcpy(out,bm->data,ret);
-		bm->length-=ret;
-		/* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
-		if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret;
-		else {
-			from=(char *)&(bm->data[ret]);
-			to=(char *)&(bm->data[0]);
-			for (i=0; i<bm->length; i++)
-				to[i]=from[i];
-		}
-	} else if (bm->length == 0)
-		{
-		ret = b->num;
-		if (ret != 0)
-			BIO_set_retry_read(b);
-		}
-	return(ret);
-	}
-
-static int mem_write(BIO *b, const char *in, int inl)
-	{
-	int ret= -1;
-	int blen;
-	BUF_MEM *bm;
-
-	bm=(BUF_MEM *)b->ptr;
-	if (in == NULL)
-		{
-		BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
-		goto end;
-		}
-
-	if(b->flags & BIO_FLAGS_MEM_RDONLY) {
-		BIOerr(BIO_F_MEM_WRITE,BIO_R_WRITE_TO_READ_ONLY_BIO);
-		goto end;
-	}
-
-	BIO_clear_retry_flags(b);
-	blen=bm->length;
-	if (BUF_MEM_grow_clean(bm,blen+inl) != (blen+inl))
-		goto end;
-	memcpy(&(bm->data[blen]),in,inl);
-	ret=inl;
-end:
-	return(ret);
-	}
-
-static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-	char **pptr;
-
-	BUF_MEM *bm=(BUF_MEM *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		if (bm->data != NULL)
-			{
-			/* For read only case reset to the start again */
-			if(b->flags & BIO_FLAGS_MEM_RDONLY) 
-				{
-				bm->data -= bm->max - bm->length;
-				bm->length = bm->max;
-				}
-			else
-				{
-				memset(bm->data,0,bm->max);
-				bm->length=0;
-				}
-			}
-		break;
-	case BIO_CTRL_EOF:
-		ret=(long)(bm->length == 0);
-		break;
-	case BIO_C_SET_BUF_MEM_EOF_RETURN:
-		b->num=(int)num;
-		break;
-	case BIO_CTRL_INFO:
-		ret=(long)bm->length;
-		if (ptr != NULL)
-			{
-			pptr=(char **)ptr;
-			*pptr=(char *)&(bm->data[0]);
-			}
-		break;
-	case BIO_C_SET_BUF_MEM:
-		mem_free(b);
-		b->shutdown=(int)num;
-		b->ptr=ptr;
-		break;
-	case BIO_C_GET_BUF_MEM_PTR:
-		if (ptr != NULL)
-			{
-			pptr=(char **)ptr;
-			*pptr=(char *)bm;
-			}
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=(long)b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-
-	case BIO_CTRL_WPENDING:
-		ret=0L;
-		break;
-	case BIO_CTRL_PENDING:
-		ret=(long)bm->length;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret=1;
-		break;
-	case BIO_CTRL_PUSH:
-	case BIO_CTRL_POP:
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int mem_gets(BIO *bp, char *buf, int size)
-	{
-	int i,j;
-	int ret= -1;
-	char *p;
-	BUF_MEM *bm=(BUF_MEM *)bp->ptr;
-
-	BIO_clear_retry_flags(bp);
-	j=bm->length;
-	if (j <= 0)
-		{
-		*buf='\0';
-		return 0;
-		}
-	p=bm->data;
-	for (i=0; i<j; i++)
-		{
-		if (p[i] == '\n') break;
-		}
-	if (i == j)
-		{
-		BIO_set_retry_read(bp);
-		/* return(-1);  change the semantics 0.6.6a */ 
-		}
-	else
-		i++;
-	/* i is the max to copy */
-	if ((size-1) < i) i=size-1;
-	i=mem_read(bp,buf,i);
-	if (i > 0) buf[i]='\0';
-	ret=i;
-	return(ret);
-	}
-
-static int mem_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=mem_write(bp,str,n);
-	/* memory semantics is that it will always work */
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/bio/bss_null.c b/crypto/openssl/crypto/bio/bss_null.c
deleted file mode 100644
index 46b73339dff8..000000000000
--- a/crypto/openssl/crypto/bio/bss_null.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/bio/bss_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int null_write(BIO *h, const char *buf, int num);
-static int null_read(BIO *h, char *buf, int size);
-static int null_puts(BIO *h, const char *str);
-static int null_gets(BIO *h, char *str, int size);
-static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int null_new(BIO *h);
-static int null_free(BIO *data);
-static BIO_METHOD null_method=
-	{
-	BIO_TYPE_NULL,
-	"NULL",
-	null_write,
-	null_read,
-	null_puts,
-	null_gets,
-	null_ctrl,
-	null_new,
-	null_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_null(void)
-	{
-	return(&null_method);
-	}
-
-static int null_new(BIO *bi)
-	{
-	bi->init=1;
-	bi->num=0;
-	bi->ptr=(NULL);
-	return(1);
-	}
-
-static int null_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	return(1);
-	}
-	
-static int null_read(BIO *b, char *out, int outl)
-	{
-	return(0);
-	}
-
-static int null_write(BIO *b, const char *in, int inl)
-	{
-	return(inl);
-	}
-
-static long null_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-	case BIO_CTRL_EOF:
-	case BIO_CTRL_SET:
-	case BIO_CTRL_SET_CLOSE:
-	case BIO_CTRL_FLUSH:
-	case BIO_CTRL_DUP:
-		ret=1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-	case BIO_CTRL_INFO:
-	case BIO_CTRL_GET:
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int null_gets(BIO *bp, char *buf, int size)
-	{
-	return(0);
-	}
-
-static int null_puts(BIO *bp, const char *str)
-	{
-	if (str == NULL) return(0);
-	return(strlen(str));
-	}
-
diff --git a/crypto/openssl/crypto/bio/bss_rtcp.c b/crypto/openssl/crypto/bio/bss_rtcp.c
deleted file mode 100644
index 7dae48556406..000000000000
--- a/crypto/openssl/crypto/bio/bss_rtcp.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* crypto/bio/bss_rtcp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
- * Date:   22-JUL-1996
- * Revised: 25-SEP-1997		Update for 0.8.1, BIO_CTRL_SET -> BIO_C_SET_FD
- */
-/* VMS */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#include <iodef.h>		/* VMS IO$_ definitions */
-#include <starlet.h>
-
-typedef unsigned short io_channel;
-/*************************************************************************/
-struct io_status { short status, count; long flags; };
-
-struct rpc_msg {		/* Should have member alignment inhibited */
-   char channel;		/* 'A'-app data. 'R'-remote client 'G'-global */
-   char function;		/* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
-   unsigned short int length;	/* Amount of data returned or max to return */
-   char data[4092];		/* variable data */
-};
-#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
-
-struct rpc_ctx {
-    int filled, pos;
-    struct rpc_msg msg;
-};
-
-static int rtcp_write(BIO *h,const char *buf,int num);
-static int rtcp_read(BIO *h,char *buf,int size);
-static int rtcp_puts(BIO *h,const char *str);
-static int rtcp_gets(BIO *h,char *str,int size);
-static long rtcp_ctrl(BIO *h,int cmd,long arg1,void *arg2);
-static int rtcp_new(BIO *h);
-static int rtcp_free(BIO *data);
-
-static BIO_METHOD rtcp_method=
-	{
-	BIO_TYPE_FD,
-	"RTCP",
-	rtcp_write,
-	rtcp_read,
-	rtcp_puts,
-	rtcp_gets,
-	rtcp_ctrl,
-	rtcp_new,
-	rtcp_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_rtcp(void)
-	{
-	return(&rtcp_method);
-	}
-/*****************************************************************************/
-/* Decnet I/O routines.
- */
-
-#ifdef __DECC
-#pragma message save
-#pragma message disable DOLLARID
-#endif
-
-static int get ( io_channel chan, char *buffer, int maxlen, int *length )
-{
-    int status;
-    struct io_status iosb;
-    status = sys$qiow ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
-	buffer, maxlen, 0, 0, 0, 0 );
-    if ( (status&1) == 1 ) status = iosb.status;
-    if ( (status&1) == 1 ) *length = iosb.count;
-    return status;
-}
-
-static int put ( io_channel chan, char *buffer, int length )
-{
-    int status;
-    struct io_status iosb;
-    status = sys$qiow ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
-	buffer, length, 0, 0, 0, 0 );
-    if ( (status&1) == 1 ) status = iosb.status;
-    return status;
-}
-
-#ifdef __DECC
-#pragma message restore
-#endif
-
-/***************************************************************************/
-
-static int rtcp_new(BIO *bi)
-{
-    struct rpc_ctx *ctx;
-	bi->init=1;
-	bi->num=0;
-	bi->flags = 0;
-	bi->ptr=OPENSSL_malloc(sizeof(struct rpc_ctx));
-	ctx = (struct rpc_ctx *) bi->ptr;
-	ctx->filled = 0;
-	ctx->pos = 0;
-	return(1);
-}
-
-static int rtcp_free(BIO *a)
-{
-	if (a == NULL) return(0);
-	if ( a->ptr ) OPENSSL_free ( a->ptr );
-	a->ptr = NULL;
-	return(1);
-}
-	
-static int rtcp_read(BIO *b, char *out, int outl)
-{
-    int status, length;
-    struct rpc_ctx *ctx;
-    /*
-     * read data, return existing.
-     */
-    ctx = (struct rpc_ctx *) b->ptr;
-    if ( ctx->pos < ctx->filled ) {
-	length = ctx->filled - ctx->pos;
-	if ( length > outl ) length = outl;
-	memmove ( out, &ctx->msg.data[ctx->pos], length );
-	ctx->pos += length;
-	return length;
-    }
-    /*
-     * Requst more data from R channel.
-     */
-    ctx->msg.channel = 'R';
-    ctx->msg.function = 'G';
-    ctx->msg.length = sizeof(ctx->msg.data);
-    status = put ( b->num, (char *) &ctx->msg, RPC_HDR_SIZE );
-    if ( (status&1) == 0 ) {
-	return -1;
-    }
-    /*
-     * Read.
-     */
-    ctx->pos = ctx->filled = 0;
-    status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
-    if ( (status&1) == 0 ) length = -1;
-    if ( ctx->msg.channel != 'R' || ctx->msg.function != 'C' ) {
-	length = -1;
-    }
-    ctx->filled = length - RPC_HDR_SIZE;
-    
-    if ( ctx->pos < ctx->filled ) {
-	length = ctx->filled - ctx->pos;
-	if ( length > outl ) length = outl;
-	memmove ( out, ctx->msg.data, length );
-	ctx->pos += length;
-	return length;
-    }
-
-    return length;
-}
-
-static int rtcp_write(BIO *b, const char *in, int inl)
-{
-    int status, i, segment, length;
-    struct rpc_ctx *ctx;
-    /*
-     * Output data, send in chunks no larger that sizeof(ctx->msg.data).
-     */
-    ctx = (struct rpc_ctx *) b->ptr;
-    for ( i = 0; i < inl; i += segment ) {
-	segment = inl - i;
-	if ( segment > sizeof(ctx->msg.data) ) segment = sizeof(ctx->msg.data);
-	ctx->msg.channel = 'R';
-	ctx->msg.function = 'P';
-	ctx->msg.length = segment;
-	memmove ( ctx->msg.data, &in[i], segment );
-	status = put ( b->num, (char *) &ctx->msg, segment + RPC_HDR_SIZE );
-	if ((status&1) == 0 ) { i = -1; break; }
-
-	status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
-	if ( ((status&1) == 0) || (length < RPC_HDR_SIZE) ) { i = -1; break; }
-	if ( (ctx->msg.channel != 'R') || (ctx->msg.function != 'C') ) {
-	   printf("unexpected response when confirming put %c %c\n",
-		ctx->msg.channel, ctx->msg.function );
-
-	}
-    }
-    return(i);
-}
-
-static long rtcp_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-	case BIO_CTRL_EOF:
-		ret = 1;
-		break;
-	case BIO_C_SET_FD:
-		b->num = num;
-		ret = 1;
-	 	break;
-	case BIO_CTRL_SET_CLOSE:
-	case BIO_CTRL_FLUSH:
-	case BIO_CTRL_DUP:
-		ret=1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-	case BIO_CTRL_INFO:
-	case BIO_CTRL_GET:
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int rtcp_gets(BIO *bp, char *buf, int size)
-	{
-	return(0);
-	}
-
-static int rtcp_puts(BIO *bp, const char *str)
-{
-    int length;
-    if (str == NULL) return(0);
-    length = strlen ( str );
-    if ( length == 0 ) return (0);
-    return rtcp_write ( bp,str, length );
-}
-
diff --git a/crypto/openssl/crypto/bio/bss_sock.c b/crypto/openssl/crypto/bio/bss_sock.c
deleted file mode 100644
index 2c1c405ec7e8..000000000000
--- a/crypto/openssl/crypto/bio/bss_sock.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/* crypto/bio/bss_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SOCK
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef WATT32
-#define sock_write SockWrite  /* Watt-32 uses same names */
-#define sock_read  SockRead
-#define sock_puts  SockPuts
-#endif
-
-static int sock_write(BIO *h, const char *buf, int num);
-static int sock_read(BIO *h, char *buf, int size);
-static int sock_puts(BIO *h, const char *str);
-static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int sock_new(BIO *h);
-static int sock_free(BIO *data);
-int BIO_sock_should_retry(int s);
-
-static BIO_METHOD methods_sockp=
-	{
-	BIO_TYPE_SOCKET,
-	"socket",
-	sock_write,
-	sock_read,
-	sock_puts,
-	NULL, /* sock_gets, */
-	sock_ctrl,
-	sock_new,
-	sock_free,
-	NULL,
-	};
-
-BIO_METHOD *BIO_s_socket(void)
-	{
-	return(&methods_sockp);
-	}
-
-BIO *BIO_new_socket(int fd, int close_flag)
-	{
-	BIO *ret;
-
-	ret=BIO_new(BIO_s_socket());
-	if (ret == NULL) return(NULL);
-	BIO_set_fd(ret,fd,close_flag);
-	return(ret);
-	}
-
-static int sock_new(BIO *bi)
-	{
-	bi->init=0;
-	bi->num=0;
-	bi->ptr=NULL;
-	bi->flags=0;
-	return(1);
-	}
-
-static int sock_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	if (a->shutdown)
-		{
-		if (a->init)
-			{
-			SHUTDOWN2(a->num);
-			}
-		a->init=0;
-		a->flags=0;
-		}
-	return(1);
-	}
-	
-static int sock_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
-
-	if (out != NULL)
-		{
-		clear_socket_error();
-		ret=readsocket(b->num,out,outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0)
-			{
-			if (BIO_sock_should_retry(ret))
-				BIO_set_retry_read(b);
-			}
-		}
-	return(ret);
-	}
-
-static int sock_write(BIO *b, const char *in, int inl)
-	{
-	int ret;
-	
-	clear_socket_error();
-	ret=writesocket(b->num,in,inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0)
-		{
-		if (BIO_sock_should_retry(ret))
-			BIO_set_retry_write(b);
-		}
-	return(ret);
-	}
-
-static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	long ret=1;
-	int *ip;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		num=0;
-	case BIO_C_FILE_SEEK:
-		ret=0;
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret=0;
-		break;
-	case BIO_C_SET_FD:
-		sock_free(b);
-		b->num= *((int *)ptr);
-		b->shutdown=(int)num;
-		b->init=1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init)
-			{
-			ip=(int *)ptr;
-			if (ip != NULL) *ip=b->num;
-			ret=b->num;
-			}
-		else
-			ret= -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret=0;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret=1;
-		break;
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int sock_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=sock_write(bp,str,n);
-	return(ret);
-	}
-
-int BIO_sock_should_retry(int i)
-	{
-	int err;
-
-	if ((i == 0) || (i == -1))
-		{
-		err=get_last_socket_error();
-
-#if defined(OPENSSL_SYS_WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */
-		if ((i == -1) && (err == 0))
-			return(1);
-#endif
-
-		return(BIO_sock_non_fatal_error(err));
-		}
-	return(0);
-	}
-
-int BIO_sock_non_fatal_error(int err)
-	{
-	switch (err)
-		{
-#if defined(OPENSSL_SYS_WINDOWS)
-# if defined(WSAEWOULDBLOCK)
-	case WSAEWOULDBLOCK:
-# endif
-
-# if 0 /* This appears to always be an error */
-#  if defined(WSAENOTCONN)
-	case WSAENOTCONN:
-#  endif
-# endif
-#endif
-
-#ifdef EWOULDBLOCK
-# ifdef WSAEWOULDBLOCK
-#  if WSAEWOULDBLOCK != EWOULDBLOCK
-	case EWOULDBLOCK:
-#  endif
-# else
-	case EWOULDBLOCK:
-# endif
-#endif
-
-#if defined(ENOTCONN)
-	case ENOTCONN:
-#endif
-
-#ifdef EINTR
-	case EINTR:
-#endif
-
-#ifdef EAGAIN
-#if EWOULDBLOCK != EAGAIN
-	case EAGAIN:
-# endif
-#endif
-
-#ifdef EPROTO
-	case EPROTO:
-#endif
-
-#ifdef EINPROGRESS
-	case EINPROGRESS:
-#endif
-
-#ifdef EALREADY
-	case EALREADY:
-#endif
-		return(1);
-		/* break; */
-	default:
-		break;
-		}
-	return(0);
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/Makefile.save b/crypto/openssl/crypto/bn/Makefile.save
deleted file mode 100644
index ad36267e2698..000000000000
--- a/crypto/openssl/crypto/bn/Makefile.save
+++ /dev/null
@@ -1,313 +0,0 @@
-#
-# SSLeay/crypto/bn/Makefile
-#
-
-DIR=	bn
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BN_ASM=		bn_asm.o
-# or use
-#BN_ASM=	bn86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAGS=$(CFLAGS)
-
-GENERAL=Makefile
-TEST=bntest.c exptest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \
-	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
-	bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \
-	bn_mpi.c bn_exp2.c
-
-LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o \
-	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
-	bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \
-	bn_mpi.o bn_exp2.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bn.h
-HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-bn_prime.h: bn_prime.pl
-	$(PERL) bn_prime.pl >bn_prime.h
-
-divtest: divtest.c ../../libcrypto.a
-	cc -I../../include divtest.c -o divtest ../../libcrypto.a
-
-bnbug: bnbug.c ../../libcrypto.a top
-	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/bn86-elf.o: asm/bn86unix.cpp
-	$(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o
-
-asm/co86-elf.o: asm/co86unix.cpp
-	$(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o
-
-# solaris
-asm/bn86-sol.o: asm/bn86unix.cpp
-	$(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s
-	as -o asm/bn86-sol.o asm/bn86-sol.s
-	rm -f asm/bn86-sol.s
-
-asm/co86-sol.o: asm/co86unix.cpp
-	$(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s
-	as -o asm/co86-sol.o asm/co86-sol.s
-	rm -f asm/co86-sol.s
-
-# a.out
-asm/bn86-out.o: asm/bn86unix.cpp
-	$(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
-
-asm/co86-out.o: asm/co86unix.cpp
-	$(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o
-
-# bsdi
-asm/bn86bsdi.o: asm/bn86unix.cpp
-	$(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o
-
-asm/co86bsdi.o: asm/co86unix.cpp
-	$(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
-
-asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
-
-asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
-
-asm/sparcv8.o: asm/sparcv8.S
-
-asm/sparcv8plus.o: asm/sparcv8plus.S
-
-# Old GNU assembler doesn't understand V9 instructions, so we
-# hire /usr/ccs/bin/as to do the job. Note that option is called
-# *-gcc27, but even gcc 2>=8 users may experience similar problem
-# if they didn't bother to upgrade GNU assembler. Such users should
-# not choose this option, but be adviced to *remove* GNU assembler
-# or upgrade it.
-asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
-	$(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
-		/usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-exptest:
-	rm -f exptest
-	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
-
-div:
-	rm -f a.out
-	gcc -I.. -g div.c ../../libcrypto.a
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bn_add.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_add.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_add.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_asm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_asm.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_asm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_asm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_blind.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_blind.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_blind.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_blind.o: ../../include/openssl/opensslconf.h
-bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_blind.o: ../cryptlib.h bn_lcl.h
-bn_ctx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_ctx.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_ctx.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_ctx.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bn_div.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_div.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_div.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_div.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
-bn_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_exp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_exp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_exp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_exp2.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_exp2.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_exp2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_gcd.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gcd.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_gcd.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_gcd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mont.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_mont.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_mpi.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mpi.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_mpi.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_mpi.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_mul.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mul.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_mul.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_mul.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_prime.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_prime.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_prime.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_prime.o: ../../include/openssl/opensslconf.h
-bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-bn_prime.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_prime.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_prime.h
-bn_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_print.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_print.o: ../../include/openssl/opensslconf.h
-bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_print.o: ../cryptlib.h bn_lcl.h
-bn_rand.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_rand.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_rand.o: ../cryptlib.h bn_lcl.h
-bn_recp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_recp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_recp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_recp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_shift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_shift.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_shift.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_shift.o: ../../include/openssl/opensslconf.h
-bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_shift.o: ../cryptlib.h bn_lcl.h
-bn_sqr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_sqr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_sqr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
-bn_word.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_word.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bn_word.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_word.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h
diff --git a/crypto/openssl/crypto/bn/Makefile.ssl b/crypto/openssl/crypto/bn/Makefile.ssl
deleted file mode 100644
index c1547a8e6d06..000000000000
--- a/crypto/openssl/crypto/bn/Makefile.ssl
+++ /dev/null
@@ -1,322 +0,0 @@
-#
-# SSLeay/crypto/bn/Makefile
-#
-
-DIR=	bn
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BN_ASM=		bn_asm.o
-# or use
-#BN_ASM=	bn86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=bntest.c exptest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
-	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
-	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
-	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
-
-LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
-	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
-	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
-	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bn.h
-HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-bn_prime.h: bn_prime.pl
-	$(PERL) bn_prime.pl >bn_prime.h
-
-divtest: divtest.c ../../libcrypto.a
-	cc -I../../include divtest.c -o divtest ../../libcrypto.a
-
-bnbug: bnbug.c ../../libcrypto.a top
-	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/bn86-elf.s:	asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s)
-
-asm/co86-elf.s:	asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s)
-
-# a.out
-asm/bn86-out.o: asm/bn86unix.cpp
-	$(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
-
-asm/co86-out.o: asm/co86unix.cpp
-	$(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o
-
-# bsdi
-asm/bn86bsdi.o: asm/bn86unix.cpp
-	$(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o
-
-asm/co86bsdi.o: asm/co86unix.cpp
-	$(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
-
-asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
-
-asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
-
-asm/sparcv8.o: asm/sparcv8.S
-
-asm/sparcv8plus.o: asm/sparcv8plus.S
-
-# Old GNU assembler doesn't understand V9 instructions, so we
-# hire /usr/ccs/bin/as to do the job. Note that option is called
-# *-gcc27, but even gcc 2>=8 users may experience similar problem
-# if they didn't bother to upgrade GNU assembler. Such users should
-# not choose this option, but be adviced to *remove* GNU assembler
-# or upgrade it.
-asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
-	$(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
-		/usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
-
-
-asm/ia64.o:	asm/ia64.S
-
-# Some compiler drivers (most notably HP-UX and Intel C++) don't
-# understand .S extension:-( I wish I could pipe output from cc -E,
-# but it's too compiler driver/ABI dependent to cover with a single
-# rule...	<appro@fy.chalmers.se>
-asm/ia64-cpp.o:	asm/ia64.S
-	$(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s &&	\
-	$(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s;	\
-	rm -f /tmp/ia64.$$$$.s
-
-asm/x86_64-gcc.o: asm/x86_64-gcc.c
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-exptest:
-	rm -f exptest
-	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
-
-div:
-	rm -f a.out
-	gcc -I.. -g div.c ../../libcrypto.a
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h
-bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h
-bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h
-bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h
-bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h
-bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_err.o: ../../include/openssl/symhacks.h bn_err.c
-bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h
-bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h
-bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h
-bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h
-bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c
-bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c
-bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c
-bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c
-bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c
-bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
-bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c
-bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
-bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c
-bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c
-bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c
-bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c
-bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
diff --git a/crypto/openssl/crypto/bn/asm/README b/crypto/openssl/crypto/bn/asm/README
deleted file mode 100644
index b0f3a68a06ab..000000000000
--- a/crypto/openssl/crypto/bn/asm/README
+++ /dev/null
@@ -1,27 +0,0 @@
-<OBSOLETE>
-
-All assember in this directory are just version of the file
-crypto/bn/bn_asm.c.
-
-Quite a few of these files are just the assember output from gcc since on 
-quite a few machines they are 2 times faster than the system compiler.
-
-For the x86, I have hand written assember because of the bad job all
-compilers seem to do on it.  This normally gives a 2 time speed up in the RSA
-routines.
-
-For the DEC alpha, I also hand wrote the assember (except the division which
-is just the output from the C compiler pasted on the end of the file).
-On the 2 alpha C compilers I had access to, it was not possible to do
-64b x 64b -> 128b calculations (both long and the long long data types
-were 64 bits).  So the hand assember gives access to the 128 bit result and
-a 2 times speedup :-).
-
-There are 3 versions of assember for the HP PA-RISC.
-
-pa-risc.s is the origional one which works fine and generated using gcc :-)
-
-pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
-by Chris Ruemmler from HP (with some help from the HP C compiler).
-
-</OBSOLETE>
diff --git a/crypto/openssl/crypto/bn/asm/alpha.s b/crypto/openssl/crypto/bn/asm/alpha.s
deleted file mode 100644
index 555ff0b92d1c..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.s
+++ /dev/null
@@ -1,3199 +0,0 @@
- # DEC Alpha assember
- # The bn_div_words is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch@ceddec.com for sending me the gcc output for
- # bn_div_words.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed.  I've done modification to help
- # improve this.  Also, normally, a ld instruction will not be available
- # for about 3 cycles.
-	.file	1 "bn_asm.c"
-	.set noat
-gcc2_compiled.:
-__gnu_compiled_c:
-	.text
-	.align 3
-	.globl bn_mul_add_words
-	.ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$0
-	blt	$18,$43		# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	ldq	$1,0($16)	# 1 1
-	.align 3
-$42:
-	mulq	$20,$19,$5	# 1 2 1	######
-	ldq	$21,8($17)	# 2 1
-	ldq	$2,8($16)	# 2 1
-	umulh	$20,$19,$20	# 1 2	######
-	ldq	$27,16($17)	# 3 1
-	ldq	$3,16($16)	# 3 1
-	mulq	$21,$19,$6	# 2 2 1	######
-	 ldq	$28,24($17)	# 4 1
-	addq	$1,$5,$1	# 1 2 2
-	 ldq	$4,24($16)	# 4 1
-	umulh	$21,$19,$21	# 2 2	######
-	 cmpult	$1,$5,$22	# 1 2 3 1
-	addq	$20,$22,$20	# 1 3 1
-	 addq	$1,$0,$1	# 1 2 3 1
-	mulq	$27,$19,$7	# 3 2 1	######
-	 cmpult	$1,$0,$0	# 1 2 3 2
-	addq	$2,$6,$2	# 2 2 2
-	 addq	$20,$0,$0	# 1 3 2 
-	cmpult	$2,$6,$23	# 2 2 3 1
-	 addq	$21,$23,$21	# 2 3 1
-	umulh	$27,$19,$27	# 3 2	######
-	 addq	$2,$0,$2	# 2 2 3 1
-	cmpult	$2,$0,$0	# 2 2 3 2
-	 subq	$18,4,$18
-	mulq	$28,$19,$8	# 4 2 1	######
-	 addq	$21,$0,$0	# 2 3 2 
-	addq	$3,$7,$3	# 3 2 2
-	 addq	$16,32,$16
-	cmpult	$3,$7,$24	# 3 2 3 1
-	 stq	$1,-32($16)	# 1 2 4
-	umulh	$28,$19,$28	# 4 2	######
-	 addq	$27,$24,$27	# 3 3 1
-	addq	$3,$0,$3	# 3 2 3 1
-	 stq	$2,-24($16)	# 2 2 4
-	cmpult	$3,$0,$0	# 3 2 3 2
-	 stq	$3,-16($16)	# 3 2 4
-	addq	$4,$8,$4	# 4 2 2
-	 addq	$27,$0,$0	# 3 3 2 
-	cmpult	$4,$8,$25	# 4 2 3 1
-	 addq	$17,32,$17
-	addq	$28,$25,$28	# 4 3 1
-	 addq	$4,$0,$4	# 4 2 3 1
-	cmpult	$4,$0,$0	# 4 2 3 2
-	 stq	$4,-8($16)	# 4 2 4
-	addq	$28,$0,$0	# 4 3 2 
-	 blt	$18,$43
-
-	ldq	$20,0($17)	# 1 1
-	ldq	$1,0($16)	# 1 1
-
-	br	$42
-
-	.align 4
-$45:
-	ldq	$20,0($17)	# 4 1
-	ldq	$1,0($16)	# 4 1
-	mulq	$20,$19,$5	# 4 2 1
-	subq	$18,1,$18
-	addq	$16,8,$16
-	addq	$17,8,$17
-	umulh	$20,$19,$20	# 4 2
-	addq	$1,$5,$1	# 4 2 2
-	cmpult	$1,$5,$22	# 4 2 3 1
-	addq	$20,$22,$20	# 4 3 1
-	addq	$1,$0,$1	# 4 2 3 1
-	cmpult	$1,$0,$0	# 4 2 3 2
-	addq	$20,$0,$0	# 4 3 2 
-	stq	$1,-8($16)	# 4 2 4
-	bgt	$18,$45
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$43:
-	addq	$18,4,$18
-	bgt	$18,$45		# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_add_words
-	.align 3
-	.globl bn_mul_words
-	.ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$0
-	blt	$18,$143	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	.align 3
-$142:
-
-	mulq	$20,$19,$5	# 1 2 1	#####
-	 ldq	$21,8($17)	# 2 1
-	 ldq	$27,16($17)	# 3 1
-	umulh	$20,$19,$20	# 1 2	#####
-	 ldq	$28,24($17)	# 4 1
-	mulq	$21,$19,$6	# 2 2 1	#####
-	 addq	$5,$0,$5	# 1 2 3 1
-	subq	$18,4,$18
-	 cmpult	$5,$0,$0	# 1 2 3 2
-	umulh	$21,$19,$21	# 2 2	#####
-	 addq	$20,$0,$0	# 1 3 2 
-	addq	$17,32,$17
-	 addq	$6,$0,$6	# 2 2 3 1
-	mulq	$27,$19,$7	# 3 2 1	#####
-	 cmpult	$6,$0,$0	# 2 2 3 2
-	addq	$21,$0,$0	# 2 3 2 
-	 addq	$16,32,$16
-	umulh	$27,$19,$27	# 3 2	#####
-	 stq	$5,-32($16)	# 1 2 4
-	mulq	$28,$19,$8	# 4 2 1	#####
-	 addq	$7,$0,$7	# 3 2 3 1
-	stq	$6,-24($16)	# 2 2 4
-	 cmpult	$7,$0,$0	# 3 2 3 2
-	umulh	$28,$19,$28	# 4 2	#####
-	 addq	$27,$0,$0	# 3 3 2 
-	stq	$7,-16($16)	# 3 2 4
-	 addq	$8,$0,$8	# 4 2 3 1
-	cmpult	$8,$0,$0	# 4 2 3 2
-
-	addq	$28,$0,$0	# 4 3 2 
-
-	stq	$8,-8($16)	# 4 2 4
-
-	blt	$18,$143
-
-	ldq	$20,0($17)	# 1 1
-
-	br	$142
-
-	.align 4
-$145:
-	ldq	$20,0($17)	# 4 1
-	mulq	$20,$19,$5	# 4 2 1
-	subq	$18,1,$18
-	umulh	$20,$19,$20	# 4 2
-	addq	$5,$0,$5	# 4 2 3 1
-	 addq	$16,8,$16
-	cmpult	$5,$0,$0	# 4 2 3 2
-	 addq	$17,8,$17
-	addq	$20,$0,$0	# 4 3 2 
-	stq	$5,-8($16)	# 4 2 4
-
-	bgt	$18,$145
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$143:
-	addq	$18,4,$18
-	bgt	$18,$145	# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_words
-	.align 3
-	.globl bn_sqr_words
-	.ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$18,4,$18
-	blt	$18,$543	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	.align 3
-$542:
-	mulq	$20,$20,$5		######
-	 ldq	$21,8($17)	# 1 1
-	subq	$18,4
- 	umulh	$20,$20,$1		######
-	ldq	$27,16($17)	# 1 1
-	mulq	$21,$21,$6		######
-	ldq	$28,24($17)	# 1 1
-	stq	$5,0($16)	# r[0]
- 	umulh	$21,$21,$2		######
-	stq	$1,8($16)	# r[1]
-	mulq	$27,$27,$7		######
-	stq	$6,16($16)	# r[0]
- 	umulh	$27,$27,$3		######
-	stq	$2,24($16)	# r[1]
-	mulq	$28,$28,$8		######
-	stq	$7,32($16)	# r[0]
- 	umulh	$28,$28,$4		######
-	stq	$3,40($16)	# r[1]
-
- 	addq	$16,64,$16
- 	addq	$17,32,$17
-	stq	$8,-16($16)	# r[0]
-	stq	$4,-8($16)	# r[1]
-
-	blt	$18,$543
-	ldq	$20,0($17)	# 1 1
- 	br 	$542
-
-$442:
-	ldq	$20,0($17)   # a[0]
-	mulq	$20,$20,$5  # a[0]*w low part       r2
-	addq	$16,16,$16
-	addq	$17,8,$17
-	subq	$18,1,$18
-        umulh	$20,$20,$1  # a[0]*w high part       r3
-	stq	$5,-16($16)   # r[0]
-        stq	$1,-8($16)   # r[1]
-
-	bgt	$18,$442
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$543:
-	addq	$18,4,$18
-	bgt	$18,$442	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_sqr_words
-
-	.align 3
-	.globl bn_add_words
-	.ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,4,$19
-	bis	$31,$31,$0	# carry = 0
-	blt	$19,$900
-	ldq	$5,0($17)	# a[0]
-	ldq	$1,0($18)	# b[1]
-	.align 3
-$901:
-	addq	$1,$5,$1	# r=a+b;
-	 ldq	$6,8($17)	# a[1]
-	cmpult	$1,$5,$22	# did we overflow?
-	 ldq	$2,8($18)	# b[1]
-	addq	$1,$0,$1	# c+= overflow
-	 ldq	$7,16($17)	# a[2]
-	cmpult	$1,$0,$0	# overflow?
-	 ldq	$3,16($18)	# b[2]
-	addq	$0,$22,$0
-	 ldq	$8,24($17)	# a[3]
-	addq	$2,$6,$2	# r=a+b;
-	 ldq	$4,24($18)	# b[3]
-	cmpult	$2,$6,$23	# did we overflow?
-	 addq	$3,$7,$3	# r=a+b;
-	addq	$2,$0,$2	# c+= overflow
-	 cmpult	$3,$7,$24	# did we overflow?
-	cmpult	$2,$0,$0	# overflow?
-	 addq	$4,$8,$4	# r=a+b;
-	addq	$0,$23,$0
-	 cmpult	$4,$8,$25	# did we overflow?
-	addq	$3,$0,$3	# c+= overflow
-	 stq	$1,0($16)	# r[0]=c
-	cmpult	$3,$0,$0	# overflow?
-	 stq	$2,8($16)	# r[1]=c
-	addq	$0,$24,$0
-	 stq	$3,16($16)	# r[2]=c
-	addq	$4,$0,$4	# c+= overflow
-	 subq	$19,4,$19	# loop--
-	cmpult	$4,$0,$0	# overflow?
-	 addq	$17,32,$17	# a++
-	addq	$0,$25,$0
-	 stq	$4,24($16)	# r[3]=c
-	addq	$18,32,$18	# b++
-	 addq	$16,32,$16	# r++
-
-	blt	$19,$900
-	 ldq	$5,0($17)	# a[0]
-	ldq	$1,0($18)	# b[1]
-	 br	$901
-	.align 4
-$945:
-	ldq	$5,0($17)	# a[0]
-	 ldq	$1,0($18)	# b[1]
-	addq	$1,$5,$1	# r=a+b;
-	 subq	$19,1,$19	# loop--
-	addq	$1,$0,$1	# c+= overflow
-	 addq	$17,8,$17	# a++
-	cmpult	$1,$5,$22	# did we overflow?
-	 cmpult	$1,$0,$0	# overflow?
-	addq	$18,8,$18	# b++
-	 stq	$1,0($16)	# r[0]=c
-	addq	$0,$22,$0
-	 addq	$16,8,$16	# r++
-
-	bgt	$19,$945
-	ret	$31,($26),1	# else exit
-
-$900:
-	addq	$19,4,$19
-	bgt	$19,$945	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_add_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
-	.align 3
-	.globl bn_div_words
-	.ent bn_div_words
-bn_div_words:
-	ldgp $29,0($27)
-bn_div_words..ng:
-	lda $30,-48($30)
-	.frame $30,48,$26,0
-	stq $26,0($30)
-	stq $9,8($30)
-	stq $10,16($30)
-	stq $11,24($30)
-	stq $12,32($30)
-	stq $13,40($30)
-	.mask 0x4003e00,-48
-	.prologue 1
-	bis $16,$16,$9
-	bis $17,$17,$10
-	bis $18,$18,$11
-	bis $31,$31,$13
-	bis $31,2,$12
-	bne $11,$119
-	lda $0,-1
-	br $31,$136
-	.align 4
-$119:
-	bis $11,$11,$16
-	jsr $26,BN_num_bits_word
-	ldgp $29,0($26)
-	subq $0,64,$1
-	beq $1,$120
-	bis $31,1,$1
-	sll $1,$0,$1
-	cmpule $9,$1,$1
-	bne $1,$120
- #	lda $16,_IO_stderr_
- #	lda $17,$C32
- #	bis $0,$0,$18
- #	jsr $26,fprintf
- #	ldgp $29,0($26)
-	jsr $26,abort
-	ldgp $29,0($26)
-	.align 4
-$120:
-	bis $31,64,$3
-	cmpult $9,$11,$2
-	subq $3,$0,$1
-	addl $1,$31,$0
-	subq $9,$11,$1
-	cmoveq $2,$1,$9
-	beq $0,$122
-	zapnot $0,15,$2
-	subq $3,$0,$1
-	sll $11,$2,$11
-	sll $9,$2,$3
-	srl $10,$1,$1
-	sll $10,$2,$10
-	bis $3,$1,$9
-$122:
-	srl $11,32,$5
-	zapnot $11,15,$6
-	lda $7,-1
-	.align 5
-$123:
-	srl $9,32,$1
-	subq $1,$5,$1
-	bne $1,$126
-	zapnot $7,15,$27
-	br $31,$127
-	.align 4
-$126:
-	bis $9,$9,$24
-	bis $5,$5,$25
-	divqu $24,$25,$27
-$127:
-	srl $10,32,$4
-	.align 5
-$128:
-	mulq $27,$5,$1
-	subq $9,$1,$3
-	zapnot $3,240,$1
-	bne $1,$129
-	mulq $6,$27,$2
-	sll $3,32,$1
-	addq $1,$4,$1
-	cmpule $2,$1,$2
-	bne $2,$129
-	subq $27,1,$27
-	br $31,$128
-	.align 4
-$129:
-	mulq $27,$6,$1
-	mulq $27,$5,$4
-	srl $1,32,$3
-	sll $1,32,$1
-	addq $4,$3,$4
-	cmpult $10,$1,$2
-	subq $10,$1,$10
-	addq $2,$4,$2
-	cmpult $9,$2,$1
-	bis $2,$2,$4
-	beq $1,$134
-	addq $9,$11,$9
-	subq $27,1,$27
-$134:
-	subl $12,1,$12
-	subq $9,$4,$9
-	beq $12,$124
-	sll $27,32,$13
-	sll $9,32,$2
-	srl $10,32,$1
-	sll $10,32,$10
-	bis $2,$1,$9
-	br $31,$123
-	.align 4
-$124:
-	bis $13,$27,$0
-$136:
-	ldq $26,0($30)
-	ldq $9,8($30)
-	ldq $10,16($30)
-	ldq $11,24($30)
-	ldq $12,32($30)
-	ldq $13,40($30)
-	addq $30,48,$30
-	ret $31,($26),1
-	.end bn_div_words
-
-	.set noat
-	.text
-	.align 3
-	.globl bn_sub_words
-	.ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,	4,	$19
-	bis	$31,	$31,	$0
-	blt	$19,	$100
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-$101:
-	ldq	$3,	8($17)
-	cmpult	$1,	$2,	$4
-	ldq	$5,	8($18)
-	subq	$1,	$2,	$1
-	ldq	$6,	16($17)
-	cmpult	$1,	$0,	$2
-	ldq	$7,	16($18)
-	subq	$1,	$0,	$23
-	ldq	$8,	24($17)
-	addq	$2,	$4,	$0
-	cmpult	$3,	$5,	$24
-	subq	$3,	$5,	$3
-	ldq	$22,	24($18)
-	cmpult	$3,	$0,	$5
-	subq	$3,	$0,	$25
-	addq	$5,	$24,	$0
-	cmpult	$6,	$7,	$27
-	subq	$6,	$7,	$6
-	stq	$23,	0($16)
-	cmpult	$6,	$0,	$7
-	subq	$6,	$0,	$28
-	addq	$7,	$27,	$0
-	cmpult	$8,	$22,	$21
-	subq	$8,	$22,	$8
-	stq	$25,	8($16)
-	cmpult	$8,	$0,	$22
-	subq	$8,	$0,	$20
-	addq	$22,	$21,	$0
-	stq	$28,	16($16)
-	subq	$19,	4,	$19
-	stq	$20,	24($16)
-	addq	$17,	32,	$17
-	addq	$18,	32,	$18
-	addq	$16,	32,	$16
-	blt	$19,	$100
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-	br	$101
-$102:
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-	cmpult	$1,	$2,	$27
-	subq	$1,	$2,	$1
-	cmpult	$1,	$0,	$2
-	subq	$1,	$0,	$1
-	stq	$1,	0($16)
-	addq	$2,	$27,	$0
-	addq	$17,	8,	$17
-	addq	$18,	8,	$18
-	addq	$16,	8,	$16
-	subq	$19,	1,	$19
-	bgt	$19,	$102
-	ret	$31,($26),1
-$100:
-	addq	$19,	4,	$19
-	bgt	$19,	$102
-$103:
-	ret	$31,($26),1
-	.end bn_sub_words
-	.text
-	.align 3
-	.globl bn_mul_comba4
-	.ent bn_mul_comba4
-bn_mul_comba4:
-bn_mul_comba4..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	ldq	$0,	0($17)
-	ldq	$1,	0($18)
-	ldq	$2,	8($17)
-	ldq	$3,	8($18)
-	ldq	$4,	16($17)
-	ldq	$5,	16($18)
-	ldq	$6,	24($17)
-	ldq	$7,	24($18)
-	bis	$31,	$31,	$23
-	mulq	$0,	$1,	$8
-	umulh	$0,	$1,	$22
-	stq	$8,	0($16)
-	bis	$31,	$31,	$8
-	mulq	$0,	$3,	$24
-	umulh	$0,	$3,	$25
-	addq	$22,	$24,	$22
-	cmpult	$22,	$24,	$27
-	addq	$27,	$25,	$25
-	addq	$23,	$25,	$23
-	cmpult	$23,	$25,	$28
-	addq	$8,	$28,	$8
-	mulq	$2,	$1,	$21
-	umulh	$2,	$1,	$20
-	addq	$22,	$21,	$22
-	cmpult	$22,	$21,	$19
-	addq	$19,	$20,	$20
-	addq	$23,	$20,	$23
-	cmpult	$23,	$20,	$17
-	addq	$8,	$17,	$8
-	stq	$22,	8($16)
-	bis	$31,	$31,	$22
-	mulq	$2,	$3,	$18
-	umulh	$2,	$3,	$24
-	addq	$23,	$18,	$23
-	cmpult	$23,	$18,	$27
-	addq	$27,	$24,	$24
-	addq	$8,	$24,	$8
-	cmpult	$8,	$24,	$25
-	addq	$22,	$25,	$22
-	mulq	$0,	$5,	$28
-	umulh	$0,	$5,	$21
-	addq	$23,	$28,	$23
-	cmpult	$23,	$28,	$19
-	addq	$19,	$21,	$21
-	addq	$8,	$21,	$8
-	cmpult	$8,	$21,	$20
-	addq	$22,	$20,	$22
-	mulq	$4,	$1,	$17
-	umulh	$4,	$1,	$18
-	addq	$23,	$17,	$23
-	cmpult	$23,	$17,	$27
-	addq	$27,	$18,	$18
-	addq	$8,	$18,	$8
-	cmpult	$8,	$18,	$24
-	addq	$22,	$24,	$22
-	stq	$23,	16($16)
-	bis	$31,	$31,	$23
-	mulq	$0,	$7,	$25
-	umulh	$0,	$7,	$28
-	addq	$8,	$25,	$8
-	cmpult	$8,	$25,	$19
-	addq	$19,	$28,	$28
-	addq	$22,	$28,	$22
-	cmpult	$22,	$28,	$21
-	addq	$23,	$21,	$23
-	mulq	$2,	$5,	$20
-	umulh	$2,	$5,	$17
-	addq	$8,	$20,	$8
-	cmpult	$8,	$20,	$27
-	addq	$27,	$17,	$17
-	addq	$22,	$17,	$22
-	cmpult	$22,	$17,	$18
-	addq	$23,	$18,	$23
-	mulq	$4,	$3,	$24
-	umulh	$4,	$3,	$25
-	addq	$8,	$24,	$8
-	cmpult	$8,	$24,	$19
-	addq	$19,	$25,	$25
-	addq	$22,	$25,	$22
-	cmpult	$22,	$25,	$28
-	addq	$23,	$28,	$23
-	mulq	$6,	$1,	$21
-	umulh	$6,	$1,	$0
-	addq	$8,	$21,	$8
-	cmpult	$8,	$21,	$20
-	addq	$20,	$0,	$0
-	addq	$22,	$0,	$22
-	cmpult	$22,	$0,	$27
-	addq	$23,	$27,	$23
-	stq	$8,	24($16)
-	bis	$31,	$31,	$8
-	mulq	$2,	$7,	$17
-	umulh	$2,	$7,	$18
-	addq	$22,	$17,	$22
-	cmpult	$22,	$17,	$24
-	addq	$24,	$18,	$18
-	addq	$23,	$18,	$23
-	cmpult	$23,	$18,	$19
-	addq	$8,	$19,	$8
-	mulq	$4,	$5,	$25
-	umulh	$4,	$5,	$28
-	addq	$22,	$25,	$22
-	cmpult	$22,	$25,	$21
-	addq	$21,	$28,	$28
-	addq	$23,	$28,	$23
-	cmpult	$23,	$28,	$20
-	addq	$8,	$20,	$8
-	mulq	$6,	$3,	$0
-	umulh	$6,	$3,	$27
-	addq	$22,	$0,	$22
-	cmpult	$22,	$0,	$1
-	addq	$1,	$27,	$27
-	addq	$23,	$27,	$23
-	cmpult	$23,	$27,	$17
-	addq	$8,	$17,	$8
-	stq	$22,	32($16)
-	bis	$31,	$31,	$22
-	mulq	$4,	$7,	$24
-	umulh	$4,	$7,	$18
-	addq	$23,	$24,	$23
-	cmpult	$23,	$24,	$19
-	addq	$19,	$18,	$18
-	addq	$8,	$18,	$8
-	cmpult	$8,	$18,	$2
-	addq	$22,	$2,	$22
-	mulq	$6,	$5,	$25
-	umulh	$6,	$5,	$21
-	addq	$23,	$25,	$23
-	cmpult	$23,	$25,	$28
-	addq	$28,	$21,	$21
-	addq	$8,	$21,	$8
-	cmpult	$8,	$21,	$20
-	addq	$22,	$20,	$22
-	stq	$23,	40($16)
-	bis	$31,	$31,	$23
-	mulq	$6,	$7,	$0
-	umulh	$6,	$7,	$1
-	addq	$8,	$0,	$8
-	cmpult	$8,	$0,	$27
-	addq	$27,	$1,	$1
-	addq	$22,	$1,	$22
-	cmpult	$22,	$1,	$17
-	addq	$23,	$17,	$23
-	stq	$8,	48($16)
-	stq	$22,	56($16)
-	ret	$31,($26),1
-	.end bn_mul_comba4
-	.text
-	.align 3
-	.globl bn_mul_comba8
-	.ent bn_mul_comba8
-bn_mul_comba8:
-bn_mul_comba8..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-	zapnot	$1,	15,	$7
-	srl	$2,	32,	$8
-	mulq	$8,	$7,	$22
-	srl	$1,	32,	$6
-	zapnot	$2,	15,	$5
-	mulq	$5,	$6,	$4
-	mulq	$7,	$5,	$24
-	addq	$22,	$4,	$22
-	cmpult	$22,	$4,	$1
-	mulq	$6,	$8,	$3
-	beq	$1,	$173
-	bis	$31,	1,	$1
-	sll	$1,	32,	$1
-	addq	$3,	$1,	$3
-$173:
-	sll	$22,	32,	$4
-	addq	$24,	$4,	$24
-	stq	$24,	0($16)
-	ldq	$2,	0($17)
-	ldq	$1,	8($18)
-	zapnot	$2,	15,	$7
-	srl	$1,	32,	$8
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$2,	32,	$6
-	mulq	$5,	$6,	$23
-	mulq	$6,	$8,	$6
-	srl	$22,	32,	$1
-	cmpult	$24,	$4,	$2
-	addq	$3,	$1,	$3
-	addq	$2,	$3,	$22
-	addq	$25,	$23,	$25
-	cmpult	$25,	$23,	$1
-	bis	$31,	1,	$2
-	beq	$1,	$177
-	sll	$2,	32,	$1
-	addq	$6,	$1,	$6
-$177:
-	sll	$25,	32,	$23
-	ldq	$1,	0($18)
-	addq	$0,	$23,	$0
-	bis	$0,	$0,	$7
-	ldq	$3,	8($17)
-	addq	$22,	$7,	$22
-	srl	$1,	32,	$8
-	cmpult	$22,	$7,	$4
-	zapnot	$3,	15,	$7
-	mulq	$8,	$7,	$28
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$25,	32,	$1
-	cmpult	$0,	$23,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$4,	$6,	$24
-	srl	$3,	32,	$6
-	mulq	$5,	$6,	$2
-	mulq	$6,	$8,	$6
-	addq	$28,	$2,	$28
-	cmpult	$28,	$2,	$1
-	bis	$31,	1,	$2
-	beq	$1,	$181
-	sll	$2,	32,	$1
-	addq	$6,	$1,	$6
-$181:
-	sll	$28,	32,	$2
-	addq	$21,	$2,	$21
-	bis	$21,	$21,	$7
-	addq	$22,	$7,	$22
-	stq	$22,	8($16)
-	ldq	$3,	16($17)
-	ldq	$1,	0($18)
-	cmpult	$22,	$7,	$4
-	zapnot	$3,	15,	$7
-	srl	$1,	32,	$8
-	mulq	$8,	$7,	$22
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$20
-	srl	$28,	32,	$1
-	cmpult	$21,	$2,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$4,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$23
-	srl	$3,	32,	$6
-	mulq	$5,	$6,	$2
-	mulq	$6,	$8,	$6
-	addq	$22,	$2,	$22
-	cmpult	$22,	$2,	$1
-	bis	$31,	1,	$2
-	beq	$1,	$185
-	sll	$2,	32,	$1
-	addq	$6,	$1,	$6
-$185:
-	sll	$22,	32,	$2
-	ldq	$1,	8($18)
-	addq	$20,	$2,	$20
-	bis	$20,	$20,	$7
-	ldq	$4,	8($17)
-	addq	$24,	$7,	$24
-	srl	$1,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$22,	32,	$1
-	cmpult	$20,	$2,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$22
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$21
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$189
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$189:
-	sll	$25,	32,	$5
-	ldq	$2,	16($18)
-	addq	$0,	$5,	$0
-	bis	$0,	$0,	$7
-	ldq	$4,	0($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$0,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$193
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$193:
-	sll	$28,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$24,	$7,	$24
-	stq	$24,	16($16)
-	ldq	$4,	0($17)
-	ldq	$5,	24($18)
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$24
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$0,	$24,	$0
-	cmpult	$0,	$24,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$197
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$197:
-	sll	$0,	32,	$24
-	ldq	$1,	16($18)
-	addq	$2,	$24,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	8($17)
-	addq	$23,	$7,	$23
-	srl	$1,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$0,	32,	$1
-	cmpult	$2,	$24,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$24
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$20
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$201
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$201:
-	sll	$25,	32,	$5
-	ldq	$2,	8($18)
-	addq	$21,	$5,	$21
-	bis	$21,	$21,	$7
-	ldq	$4,	16($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$21,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$205
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$205:
-	sll	$28,	32,	$25
-	ldq	$2,	0($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$209
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$209:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$23,	$7,	$23
-	stq	$23,	24($16)
-	ldq	$4,	32($17)
-	ldq	$5,	0($18)
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$23
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$28,	$23,	$28
-	cmpult	$28,	$23,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$213
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$213:
-	sll	$28,	32,	$23
-	ldq	$1,	8($18)
-	addq	$2,	$23,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	24($17)
-	addq	$22,	$7,	$22
-	srl	$1,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$23,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$23
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$21
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$217
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$217:
-	sll	$25,	32,	$5
-	ldq	$2,	16($18)
-	addq	$0,	$5,	$0
-	bis	$0,	$0,	$7
-	ldq	$4,	16($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$0,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$221
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$221:
-	sll	$28,	32,	$25
-	ldq	$2,	24($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	8($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$225
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$225:
-	sll	$0,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	0($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$229
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$229:
-	sll	$28,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$22,	$7,	$22
-	stq	$22,	32($16)
-	ldq	$4,	0($17)
-	ldq	$5,	40($18)
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$22
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$0,	$22,	$0
-	cmpult	$0,	$22,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$233
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$233:
-	sll	$0,	32,	$22
-	ldq	$1,	32($18)
-	addq	$2,	$22,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	8($17)
-	addq	$24,	$7,	$24
-	srl	$1,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$0,	32,	$1
-	cmpult	$2,	$22,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$22
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$20
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$237
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$237:
-	sll	$25,	32,	$5
-	ldq	$2,	24($18)
-	addq	$21,	$5,	$21
-	bis	$21,	$21,	$7
-	ldq	$4,	16($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$21,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$241
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$241:
-	sll	$28,	32,	$25
-	ldq	$2,	16($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$245
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$245:
-	sll	$0,	32,	$25
-	ldq	$2,	8($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	32($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$249
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$249:
-	sll	$28,	32,	$25
-	ldq	$2,	0($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	40($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$253
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$253:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$24,	$7,	$24
-	stq	$24,	40($16)
-	ldq	$4,	48($17)
-	ldq	$5,	0($18)
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$24
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$28,	$24,	$28
-	cmpult	$28,	$24,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$257
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$257:
-	sll	$28,	32,	$24
-	ldq	$1,	8($18)
-	addq	$2,	$24,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	40($17)
-	addq	$23,	$7,	$23
-	srl	$1,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$24,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$24
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$21
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$261
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$261:
-	sll	$25,	32,	$5
-	ldq	$2,	16($18)
-	addq	$0,	$5,	$0
-	bis	$0,	$0,	$7
-	ldq	$4,	32($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$0,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$265
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$265:
-	sll	$28,	32,	$25
-	ldq	$2,	24($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$269
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$269:
-	sll	$0,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	16($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$273
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$273:
-	sll	$28,	32,	$25
-	ldq	$2,	40($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	8($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$277
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$277:
-	sll	$0,	32,	$25
-	ldq	$2,	48($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	0($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$281
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$281:
-	sll	$28,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$23,	$7,	$23
-	stq	$23,	48($16)
-	ldq	$4,	0($17)
-	ldq	$5,	56($18)
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$23
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$0,	$23,	$0
-	cmpult	$0,	$23,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$285
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$285:
-	sll	$0,	32,	$23
-	ldq	$1,	48($18)
-	addq	$2,	$23,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	8($17)
-	addq	$22,	$7,	$22
-	srl	$1,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$0,	32,	$1
-	cmpult	$2,	$23,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$23
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$20
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$289
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$289:
-	sll	$25,	32,	$5
-	ldq	$2,	40($18)
-	addq	$21,	$5,	$21
-	bis	$21,	$21,	$7
-	ldq	$4,	16($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$21,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$293
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$293:
-	sll	$28,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$297
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$297:
-	sll	$0,	32,	$25
-	ldq	$2,	24($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	32($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$301
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$301:
-	sll	$28,	32,	$25
-	ldq	$2,	16($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	40($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$305
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$305:
-	sll	$0,	32,	$25
-	ldq	$2,	8($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	48($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$309
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$309:
-	sll	$28,	32,	$25
-	ldq	$2,	0($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	56($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$313
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$313:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$22,	$7,	$22
-	stq	$22,	56($16)
-	ldq	$4,	56($17)
-	ldq	$5,	8($18)
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$22
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$28,	$22,	$28
-	cmpult	$28,	$22,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$317
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$317:
-	sll	$28,	32,	$22
-	ldq	$1,	16($18)
-	addq	$2,	$22,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	48($17)
-	addq	$24,	$7,	$24
-	srl	$1,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$22,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$22
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$21
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$321
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$321:
-	sll	$25,	32,	$5
-	ldq	$2,	24($18)
-	addq	$0,	$5,	$0
-	bis	$0,	$0,	$7
-	ldq	$4,	40($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$0,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$325
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$325:
-	sll	$28,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	32($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$329
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$329:
-	sll	$0,	32,	$25
-	ldq	$2,	40($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$333
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$333:
-	sll	$28,	32,	$25
-	ldq	$2,	48($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	16($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$337
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$337:
-	sll	$0,	32,	$25
-	ldq	$2,	56($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	8($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$341
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$341:
-	sll	$28,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$24,	$7,	$24
-	stq	$24,	64($16)
-	ldq	$4,	16($17)
-	ldq	$5,	56($18)
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$24
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$0,	$24,	$0
-	cmpult	$0,	$24,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$345
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$345:
-	sll	$0,	32,	$24
-	ldq	$1,	48($18)
-	addq	$2,	$24,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	24($17)
-	addq	$23,	$7,	$23
-	srl	$1,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$0,	32,	$1
-	cmpult	$2,	$24,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$24
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$20
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$349
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$349:
-	sll	$25,	32,	$5
-	ldq	$2,	40($18)
-	addq	$21,	$5,	$21
-	bis	$21,	$21,	$7
-	ldq	$4,	32($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$21,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$353
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$353:
-	sll	$28,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	40($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$357
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$357:
-	sll	$0,	32,	$25
-	ldq	$2,	24($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	48($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$361
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$361:
-	sll	$28,	32,	$25
-	ldq	$2,	16($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	56($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$365
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$365:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$23,	$7,	$23
-	stq	$23,	72($16)
-	ldq	$4,	56($17)
-	ldq	$5,	24($18)
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$23
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$28,	$23,	$28
-	cmpult	$28,	$23,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$369
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$369:
-	sll	$28,	32,	$23
-	ldq	$1,	32($18)
-	addq	$2,	$23,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	48($17)
-	addq	$22,	$7,	$22
-	srl	$1,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$23,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$23
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$21
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$373
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$373:
-	sll	$25,	32,	$5
-	ldq	$2,	40($18)
-	addq	$0,	$5,	$0
-	bis	$0,	$0,	$7
-	ldq	$4,	40($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$0,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$377
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$377:
-	sll	$28,	32,	$25
-	ldq	$2,	48($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	32($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$23,	$23
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$381
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$381:
-	sll	$0,	32,	$25
-	ldq	$2,	56($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	24($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$385
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$385:
-	sll	$28,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$22,	$7,	$22
-	stq	$22,	80($16)
-	ldq	$4,	32($17)
-	ldq	$5,	56($18)
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$22
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$0,	$22,	$0
-	cmpult	$0,	$22,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$389
-	sll	$21,	32,	$1
-	addq	$6,	$1,	$6
-$389:
-	sll	$0,	32,	$22
-	ldq	$1,	48($18)
-	addq	$2,	$22,	$2
-	bis	$2,	$2,	$7
-	ldq	$4,	40($17)
-	addq	$24,	$7,	$24
-	srl	$1,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$25
-	zapnot	$1,	15,	$5
-	mulq	$7,	$5,	$21
-	srl	$0,	32,	$1
-	cmpult	$2,	$22,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$22
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$5
-	bis	$31,	1,	$20
-	addq	$25,	$5,	$25
-	cmpult	$25,	$5,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$393
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$393:
-	sll	$25,	32,	$5
-	ldq	$2,	40($18)
-	addq	$21,	$5,	$21
-	bis	$21,	$21,	$7
-	ldq	$4,	48($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$25,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$21,	$5,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$397
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$397:
-	sll	$28,	32,	$25
-	ldq	$2,	32($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	56($17)
-	addq	$24,	$7,	$24
-	srl	$2,	32,	$8
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$21
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$22,	$22
-	addq	$21,	$25,	$21
-	cmpult	$21,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$401
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$401:
-	sll	$21,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$24,	$7,	$24
-	stq	$24,	88($16)
-	ldq	$4,	56($17)
-	ldq	$5,	40($18)
-	cmpult	$24,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$0
-	srl	$21,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$23,	$6,	$23
-	cmpult	$23,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$24
-	mulq	$7,	$5,	$5
-	addq	$1,	$22,	$22
-	addq	$0,	$24,	$0
-	cmpult	$0,	$24,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$405
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$405:
-	sll	$0,	32,	$24
-	ldq	$2,	48($18)
-	addq	$5,	$24,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	48($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$24,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$24
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$5
-	addq	$28,	$25,	$28
-	cmpult	$28,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$409
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$409:
-	sll	$28,	32,	$25
-	ldq	$2,	56($18)
-	addq	$5,	$25,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	40($17)
-	addq	$23,	$7,	$23
-	srl	$2,	32,	$8
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$25,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$1,	$24,	$24
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$413
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$413:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$23,	$7,	$23
-	stq	$23,	96($16)
-	ldq	$4,	48($17)
-	ldq	$5,	56($18)
-	cmpult	$23,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$22,	$6,	$22
-	cmpult	$22,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$23
-	mulq	$7,	$5,	$5
-	addq	$1,	$24,	$24
-	addq	$28,	$23,	$28
-	cmpult	$28,	$23,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$417
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$417:
-	sll	$28,	32,	$23
-	ldq	$2,	48($18)
-	addq	$5,	$23,	$5
-	bis	$5,	$5,	$7
-	ldq	$4,	56($17)
-	addq	$22,	$7,	$22
-	srl	$2,	32,	$8
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	mulq	$8,	$7,	$0
-	srl	$28,	32,	$1
-	addq	$6,	$1,	$6
-	cmpult	$5,	$23,	$1
-	zapnot	$2,	15,	$5
-	addq	$1,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$23
-	srl	$4,	32,	$6
-	mulq	$5,	$6,	$25
-	mulq	$7,	$5,	$2
-	addq	$0,	$25,	$0
-	cmpult	$0,	$25,	$1
-	mulq	$6,	$8,	$6
-	beq	$1,	$421
-	sll	$20,	32,	$1
-	addq	$6,	$1,	$6
-$421:
-	sll	$0,	32,	$25
-	addq	$2,	$25,	$2
-	bis	$2,	$2,	$7
-	addq	$22,	$7,	$22
-	stq	$22,	104($16)
-	ldq	$4,	56($17)
-	ldq	$5,	56($18)
-	cmpult	$22,	$7,	$3
-	zapnot	$4,	15,	$7
-	srl	$5,	32,	$8
-	mulq	$8,	$7,	$28
-	srl	$0,	32,	$1
-	cmpult	$2,	$25,	$2
-	addq	$6,	$1,	$6
-	addq	$2,	$6,	$6
-	addq	$3,	$6,	$6
-	addq	$24,	$6,	$24
-	cmpult	$24,	$6,	$1
-	srl	$4,	32,	$6
-	zapnot	$5,	15,	$5
-	mulq	$5,	$6,	$22
-	mulq	$7,	$5,	$2
-	addq	$1,	$23,	$23
-	addq	$28,	$22,	$28
-	cmpult	$28,	$22,	$1
-	mulq	$6,	$8,	$3
-	beq	$1,	$425
-	sll	$20,	32,	$1
-	addq	$3,	$1,	$3
-$425:
-	sll	$28,	32,	$22
-	srl	$28,	32,	$1
-	addq	$2,	$22,	$2
-	addq	$3,	$1,	$3
-	bis	$2,	$2,	$7
-	addq	$24,	$7,	$24
-	cmpult	$7,	$22,	$1
-	cmpult	$24,	$7,	$2
-	addq	$1,	$3,	$6
-	addq	$2,	$6,	$6
-	stq	$24,	112($16)
-	addq	$23,	$6,	$23
-	stq	$23,	120($16)
-	ret	$31,	($26),	1
-	.end bn_mul_comba8
-	.text
-	.align 3
-	.globl bn_sqr_comba4
-	.ent bn_sqr_comba4
-bn_sqr_comba4:
-bn_sqr_comba4..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	ldq	$0,	0($17)
-	ldq	$1,	8($17)
-	ldq	$2,	16($17)
-	ldq	$3,	24($17)
-	bis	$31,	$31,	$6
-	mulq	$0,	$0,	$4
-	umulh	$0,	$0,	$5
-	stq	$4,	0($16)
-	bis	$31,	$31,	$4
-	mulq	$0,	$1,	$7
-	umulh	$0,	$1,	$8
-	cmplt	$7,	$31,	$22
-	cmplt	$8,	$31,	$23
-	addq	$7,	$7,	$7
-	addq	$8,	$8,	$8
-	addq	$8,	$22,	$8
-	addq	$4,	$23,	$4
-	addq	$5,	$7,	$5
-	addq	$6,	$8,	$6
-	cmpult	$5,	$7,	$24
-	cmpult	$6,	$8,	$25
-	addq	$6,	$24,	$6
-	addq	$4,	$25,	$4
-	stq	$5,	8($16)
-	bis	$31,	$31,	$5
-	mulq	$1,	$1,	$27
-	umulh	$1,	$1,	$28
-	addq	$6,	$27,	$6
-	addq	$4,	$28,	$4
-	cmpult	$6,	$27,	$21
-	cmpult	$4,	$28,	$20
-	addq	$4,	$21,	$4
-	addq	$5,	$20,	$5
-	mulq	$2,	$0,	$19
-	umulh	$2,	$0,	$18
-	cmplt	$19,	$31,	$17
-	cmplt	$18,	$31,	$22
-	addq	$19,	$19,	$19
-	addq	$18,	$18,	$18
-	addq	$18,	$17,	$18
-	addq	$5,	$22,	$5
-	addq	$6,	$19,	$6
-	addq	$4,	$18,	$4
-	cmpult	$6,	$19,	$23
-	cmpult	$4,	$18,	$7
-	addq	$4,	$23,	$4
-	addq	$5,	$7,	$5
-	stq	$6,	16($16)
-	bis	$31,	$31,	$6
-	mulq	$3,	$0,	$8
-	umulh	$3,	$0,	$24
-	cmplt	$8,	$31,	$25
-	cmplt	$24,	$31,	$27
-	addq	$8,	$8,	$8
-	addq	$24,	$24,	$24
-	addq	$24,	$25,	$24
-	addq	$6,	$27,	$6
-	addq	$4,	$8,	$4
-	addq	$5,	$24,	$5
-	cmpult	$4,	$8,	$28
-	cmpult	$5,	$24,	$21
-	addq	$5,	$28,	$5
-	addq	$6,	$21,	$6
-	mulq	$2,	$1,	$20
-	umulh	$2,	$1,	$17
-	cmplt	$20,	$31,	$22
-	cmplt	$17,	$31,	$19
-	addq	$20,	$20,	$20
-	addq	$17,	$17,	$17
-	addq	$17,	$22,	$17
-	addq	$6,	$19,	$6
-	addq	$4,	$20,	$4
-	addq	$5,	$17,	$5
-	cmpult	$4,	$20,	$18
-	cmpult	$5,	$17,	$23
-	addq	$5,	$18,	$5
-	addq	$6,	$23,	$6
-	stq	$4,	24($16)
-	bis	$31,	$31,	$4
-	mulq	$2,	$2,	$7
-	umulh	$2,	$2,	$25
-	addq	$5,	$7,	$5
-	addq	$6,	$25,	$6
-	cmpult	$5,	$7,	$27
-	cmpult	$6,	$25,	$8
-	addq	$6,	$27,	$6
-	addq	$4,	$8,	$4
-	mulq	$3,	$1,	$24
-	umulh	$3,	$1,	$28
-	cmplt	$24,	$31,	$21
-	cmplt	$28,	$31,	$22
-	addq	$24,	$24,	$24
-	addq	$28,	$28,	$28
-	addq	$28,	$21,	$28
-	addq	$4,	$22,	$4
-	addq	$5,	$24,	$5
-	addq	$6,	$28,	$6
-	cmpult	$5,	$24,	$19
-	cmpult	$6,	$28,	$20
-	addq	$6,	$19,	$6
-	addq	$4,	$20,	$4
-	stq	$5,	32($16)
-	bis	$31,	$31,	$5
-	mulq	$3,	$2,	$17
-	umulh	$3,	$2,	$18
-	cmplt	$17,	$31,	$23
-	cmplt	$18,	$31,	$7
-	addq	$17,	$17,	$17
-	addq	$18,	$18,	$18
-	addq	$18,	$23,	$18
-	addq	$5,	$7,	$5
-	addq	$6,	$17,	$6
-	addq	$4,	$18,	$4
-	cmpult	$6,	$17,	$25
-	cmpult	$4,	$18,	$27
-	addq	$4,	$25,	$4
-	addq	$5,	$27,	$5
-	stq	$6,	40($16)
-	bis	$31,	$31,	$6
-	mulq	$3,	$3,	$8
-	umulh	$3,	$3,	$21
-	addq	$4,	$8,	$4
-	addq	$5,	$21,	$5
-	cmpult	$4,	$8,	$22
-	cmpult	$5,	$21,	$24
-	addq	$5,	$22,	$5
-	addq	$6,	$24,	$6
-	stq	$4,	48($16)
-	stq	$5,	56($16)
-	ret	$31,($26),1
-	.end bn_sqr_comba4
-	.text
-	.align 3
-	.globl bn_sqr_comba8
-	.ent bn_sqr_comba8
-bn_sqr_comba8:
-bn_sqr_comba8..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	ldq	$0,	0($17)
-	ldq	$1,	8($17)
-	ldq	$2,	16($17)
-	ldq	$3,	24($17)
-	ldq	$4,	32($17)
-	ldq	$5,	40($17)
-	ldq	$6,	48($17)
-	ldq	$7,	56($17)
-	bis	$31,	$31,	$23
-	mulq	$0,	$0,	$8
-	umulh	$0,	$0,	$22
-	stq	$8,	0($16)
-	bis	$31,	$31,	$8
-	mulq	$1,	$0,	$24
-	umulh	$1,	$0,	$25
-	cmplt	$24,	$31,	$27
-	cmplt	$25,	$31,	$28
-	addq	$24,	$24,	$24
-	addq	$25,	$25,	$25
-	addq	$25,	$27,	$25
-	addq	$8,	$28,	$8
-	addq	$22,	$24,	$22
-	addq	$23,	$25,	$23
-	cmpult	$22,	$24,	$21
-	cmpult	$23,	$25,	$20
-	addq	$23,	$21,	$23
-	addq	$8,	$20,	$8
-	stq	$22,	8($16)
-	bis	$31,	$31,	$22
-	mulq	$1,	$1,	$19
-	umulh	$1,	$1,	$18
-	addq	$23,	$19,	$23
-	addq	$8,	$18,	$8
-	cmpult	$23,	$19,	$17
-	cmpult	$8,	$18,	$27
-	addq	$8,	$17,	$8
-	addq	$22,	$27,	$22
-	mulq	$2,	$0,	$28
-	umulh	$2,	$0,	$24
-	cmplt	$28,	$31,	$25
-	cmplt	$24,	$31,	$21
-	addq	$28,	$28,	$28
-	addq	$24,	$24,	$24
-	addq	$24,	$25,	$24
-	addq	$22,	$21,	$22
-	addq	$23,	$28,	$23
-	addq	$8,	$24,	$8
-	cmpult	$23,	$28,	$20
-	cmpult	$8,	$24,	$19
-	addq	$8,	$20,	$8
-	addq	$22,	$19,	$22
-	stq	$23,	16($16)
-	bis	$31,	$31,	$23
-	mulq	$2,	$1,	$18
-	umulh	$2,	$1,	$17
-	cmplt	$18,	$31,	$27
-	cmplt	$17,	$31,	$25
-	addq	$18,	$18,	$18
-	addq	$17,	$17,	$17
-	addq	$17,	$27,	$17
-	addq	$23,	$25,	$23
-	addq	$8,	$18,	$8
-	addq	$22,	$17,	$22
-	cmpult	$8,	$18,	$21
-	cmpult	$22,	$17,	$28
-	addq	$22,	$21,	$22
-	addq	$23,	$28,	$23
-	mulq	$3,	$0,	$24
-	umulh	$3,	$0,	$20
-	cmplt	$24,	$31,	$19
-	cmplt	$20,	$31,	$27
-	addq	$24,	$24,	$24
-	addq	$20,	$20,	$20
-	addq	$20,	$19,	$20
-	addq	$23,	$27,	$23
-	addq	$8,	$24,	$8
-	addq	$22,	$20,	$22
-	cmpult	$8,	$24,	$25
-	cmpult	$22,	$20,	$18
-	addq	$22,	$25,	$22
-	addq	$23,	$18,	$23
-	stq	$8,	24($16)
-	bis	$31,	$31,	$8
-	mulq	$2,	$2,	$17
-	umulh	$2,	$2,	$21
-	addq	$22,	$17,	$22
-	addq	$23,	$21,	$23
-	cmpult	$22,	$17,	$28
-	cmpult	$23,	$21,	$19
-	addq	$23,	$28,	$23
-	addq	$8,	$19,	$8
-	mulq	$3,	$1,	$27
-	umulh	$3,	$1,	$24
-	cmplt	$27,	$31,	$20
-	cmplt	$24,	$31,	$25
-	addq	$27,	$27,	$27
-	addq	$24,	$24,	$24
-	addq	$24,	$20,	$24
-	addq	$8,	$25,	$8
-	addq	$22,	$27,	$22
-	addq	$23,	$24,	$23
-	cmpult	$22,	$27,	$18
-	cmpult	$23,	$24,	$17
-	addq	$23,	$18,	$23
-	addq	$8,	$17,	$8
-	mulq	$4,	$0,	$21
-	umulh	$4,	$0,	$28
-	cmplt	$21,	$31,	$19
-	cmplt	$28,	$31,	$20
-	addq	$21,	$21,	$21
-	addq	$28,	$28,	$28
-	addq	$28,	$19,	$28
-	addq	$8,	$20,	$8
-	addq	$22,	$21,	$22
-	addq	$23,	$28,	$23
-	cmpult	$22,	$21,	$25
-	cmpult	$23,	$28,	$27
-	addq	$23,	$25,	$23
-	addq	$8,	$27,	$8
-	stq	$22,	32($16)
-	bis	$31,	$31,	$22
-	mulq	$3,	$2,	$24
-	umulh	$3,	$2,	$18
-	cmplt	$24,	$31,	$17
-	cmplt	$18,	$31,	$19
-	addq	$24,	$24,	$24
-	addq	$18,	$18,	$18
-	addq	$18,	$17,	$18
-	addq	$22,	$19,	$22
-	addq	$23,	$24,	$23
-	addq	$8,	$18,	$8
-	cmpult	$23,	$24,	$20
-	cmpult	$8,	$18,	$21
-	addq	$8,	$20,	$8
-	addq	$22,	$21,	$22
-	mulq	$4,	$1,	$28
-	umulh	$4,	$1,	$25
-	cmplt	$28,	$31,	$27
-	cmplt	$25,	$31,	$17
-	addq	$28,	$28,	$28
-	addq	$25,	$25,	$25
-	addq	$25,	$27,	$25
-	addq	$22,	$17,	$22
-	addq	$23,	$28,	$23
-	addq	$8,	$25,	$8
-	cmpult	$23,	$28,	$19
-	cmpult	$8,	$25,	$24
-	addq	$8,	$19,	$8
-	addq	$22,	$24,	$22
-	mulq	$5,	$0,	$18
-	umulh	$5,	$0,	$20
-	cmplt	$18,	$31,	$21
-	cmplt	$20,	$31,	$27
-	addq	$18,	$18,	$18
-	addq	$20,	$20,	$20
-	addq	$20,	$21,	$20
-	addq	$22,	$27,	$22
-	addq	$23,	$18,	$23
-	addq	$8,	$20,	$8
-	cmpult	$23,	$18,	$17
-	cmpult	$8,	$20,	$28
-	addq	$8,	$17,	$8
-	addq	$22,	$28,	$22
-	stq	$23,	40($16)
-	bis	$31,	$31,	$23
-	mulq	$3,	$3,	$25
-	umulh	$3,	$3,	$19
-	addq	$8,	$25,	$8
-	addq	$22,	$19,	$22
-	cmpult	$8,	$25,	$24
-	cmpult	$22,	$19,	$21
-	addq	$22,	$24,	$22
-	addq	$23,	$21,	$23
-	mulq	$4,	$2,	$27
-	umulh	$4,	$2,	$18
-	cmplt	$27,	$31,	$20
-	cmplt	$18,	$31,	$17
-	addq	$27,	$27,	$27
-	addq	$18,	$18,	$18
-	addq	$18,	$20,	$18
-	addq	$23,	$17,	$23
-	addq	$8,	$27,	$8
-	addq	$22,	$18,	$22
-	cmpult	$8,	$27,	$28
-	cmpult	$22,	$18,	$25
-	addq	$22,	$28,	$22
-	addq	$23,	$25,	$23
-	mulq	$5,	$1,	$19
-	umulh	$5,	$1,	$24
-	cmplt	$19,	$31,	$21
-	cmplt	$24,	$31,	$20
-	addq	$19,	$19,	$19
-	addq	$24,	$24,	$24
-	addq	$24,	$21,	$24
-	addq	$23,	$20,	$23
-	addq	$8,	$19,	$8
-	addq	$22,	$24,	$22
-	cmpult	$8,	$19,	$17
-	cmpult	$22,	$24,	$27
-	addq	$22,	$17,	$22
-	addq	$23,	$27,	$23
-	mulq	$6,	$0,	$18
-	umulh	$6,	$0,	$28
-	cmplt	$18,	$31,	$25
-	cmplt	$28,	$31,	$21
-	addq	$18,	$18,	$18
-	addq	$28,	$28,	$28
-	addq	$28,	$25,	$28
-	addq	$23,	$21,	$23
-	addq	$8,	$18,	$8
-	addq	$22,	$28,	$22
-	cmpult	$8,	$18,	$20
-	cmpult	$22,	$28,	$19
-	addq	$22,	$20,	$22
-	addq	$23,	$19,	$23
-	stq	$8,	48($16)
-	bis	$31,	$31,	$8
-	mulq	$4,	$3,	$24
-	umulh	$4,	$3,	$17
-	cmplt	$24,	$31,	$27
-	cmplt	$17,	$31,	$25
-	addq	$24,	$24,	$24
-	addq	$17,	$17,	$17
-	addq	$17,	$27,	$17
-	addq	$8,	$25,	$8
-	addq	$22,	$24,	$22
-	addq	$23,	$17,	$23
-	cmpult	$22,	$24,	$21
-	cmpult	$23,	$17,	$18
-	addq	$23,	$21,	$23
-	addq	$8,	$18,	$8
-	mulq	$5,	$2,	$28
-	umulh	$5,	$2,	$20
-	cmplt	$28,	$31,	$19
-	cmplt	$20,	$31,	$27
-	addq	$28,	$28,	$28
-	addq	$20,	$20,	$20
-	addq	$20,	$19,	$20
-	addq	$8,	$27,	$8
-	addq	$22,	$28,	$22
-	addq	$23,	$20,	$23
-	cmpult	$22,	$28,	$25
-	cmpult	$23,	$20,	$24
-	addq	$23,	$25,	$23
-	addq	$8,	$24,	$8
-	mulq	$6,	$1,	$17
-	umulh	$6,	$1,	$21
-	cmplt	$17,	$31,	$18
-	cmplt	$21,	$31,	$19
-	addq	$17,	$17,	$17
-	addq	$21,	$21,	$21
-	addq	$21,	$18,	$21
-	addq	$8,	$19,	$8
-	addq	$22,	$17,	$22
-	addq	$23,	$21,	$23
-	cmpult	$22,	$17,	$27
-	cmpult	$23,	$21,	$28
-	addq	$23,	$27,	$23
-	addq	$8,	$28,	$8
-	mulq	$7,	$0,	$20
-	umulh	$7,	$0,	$25
-	cmplt	$20,	$31,	$24
-	cmplt	$25,	$31,	$18
-	addq	$20,	$20,	$20
-	addq	$25,	$25,	$25
-	addq	$25,	$24,	$25
-	addq	$8,	$18,	$8
-	addq	$22,	$20,	$22
-	addq	$23,	$25,	$23
-	cmpult	$22,	$20,	$19
-	cmpult	$23,	$25,	$17
-	addq	$23,	$19,	$23
-	addq	$8,	$17,	$8
-	stq	$22,	56($16)
-	bis	$31,	$31,	$22
-	mulq	$4,	$4,	$21
-	umulh	$4,	$4,	$27
-	addq	$23,	$21,	$23
-	addq	$8,	$27,	$8
-	cmpult	$23,	$21,	$28
-	cmpult	$8,	$27,	$24
-	addq	$8,	$28,	$8
-	addq	$22,	$24,	$22
-	mulq	$5,	$3,	$18
-	umulh	$5,	$3,	$20
-	cmplt	$18,	$31,	$25
-	cmplt	$20,	$31,	$19
-	addq	$18,	$18,	$18
-	addq	$20,	$20,	$20
-	addq	$20,	$25,	$20
-	addq	$22,	$19,	$22
-	addq	$23,	$18,	$23
-	addq	$8,	$20,	$8
-	cmpult	$23,	$18,	$17
-	cmpult	$8,	$20,	$21
-	addq	$8,	$17,	$8
-	addq	$22,	$21,	$22
-	mulq	$6,	$2,	$27
-	umulh	$6,	$2,	$28
-	cmplt	$27,	$31,	$24
-	cmplt	$28,	$31,	$25
-	addq	$27,	$27,	$27
-	addq	$28,	$28,	$28
-	addq	$28,	$24,	$28
-	addq	$22,	$25,	$22
-	addq	$23,	$27,	$23
-	addq	$8,	$28,	$8
-	cmpult	$23,	$27,	$19
-	cmpult	$8,	$28,	$18
-	addq	$8,	$19,	$8
-	addq	$22,	$18,	$22
-	mulq	$7,	$1,	$20
-	umulh	$7,	$1,	$17
-	cmplt	$20,	$31,	$21
-	cmplt	$17,	$31,	$24
-	addq	$20,	$20,	$20
-	addq	$17,	$17,	$17
-	addq	$17,	$21,	$17
-	addq	$22,	$24,	$22
-	addq	$23,	$20,	$23
-	addq	$8,	$17,	$8
-	cmpult	$23,	$20,	$25
-	cmpult	$8,	$17,	$27
-	addq	$8,	$25,	$8
-	addq	$22,	$27,	$22
-	stq	$23,	64($16)
-	bis	$31,	$31,	$23
-	mulq	$5,	$4,	$28
-	umulh	$5,	$4,	$19
-	cmplt	$28,	$31,	$18
-	cmplt	$19,	$31,	$21
-	addq	$28,	$28,	$28
-	addq	$19,	$19,	$19
-	addq	$19,	$18,	$19
-	addq	$23,	$21,	$23
-	addq	$8,	$28,	$8
-	addq	$22,	$19,	$22
-	cmpult	$8,	$28,	$24
-	cmpult	$22,	$19,	$20
-	addq	$22,	$24,	$22
-	addq	$23,	$20,	$23
-	mulq	$6,	$3,	$17
-	umulh	$6,	$3,	$25
-	cmplt	$17,	$31,	$27
-	cmplt	$25,	$31,	$18
-	addq	$17,	$17,	$17
-	addq	$25,	$25,	$25
-	addq	$25,	$27,	$25
-	addq	$23,	$18,	$23
-	addq	$8,	$17,	$8
-	addq	$22,	$25,	$22
-	cmpult	$8,	$17,	$21
-	cmpult	$22,	$25,	$28
-	addq	$22,	$21,	$22
-	addq	$23,	$28,	$23
-	mulq	$7,	$2,	$19
-	umulh	$7,	$2,	$24
-	cmplt	$19,	$31,	$20
-	cmplt	$24,	$31,	$27
-	addq	$19,	$19,	$19
-	addq	$24,	$24,	$24
-	addq	$24,	$20,	$24
-	addq	$23,	$27,	$23
-	addq	$8,	$19,	$8
-	addq	$22,	$24,	$22
-	cmpult	$8,	$19,	$18
-	cmpult	$22,	$24,	$17
-	addq	$22,	$18,	$22
-	addq	$23,	$17,	$23
-	stq	$8,	72($16)
-	bis	$31,	$31,	$8
-	mulq	$5,	$5,	$25
-	umulh	$5,	$5,	$21
-	addq	$22,	$25,	$22
-	addq	$23,	$21,	$23
-	cmpult	$22,	$25,	$28
-	cmpult	$23,	$21,	$20
-	addq	$23,	$28,	$23
-	addq	$8,	$20,	$8
-	mulq	$6,	$4,	$27
-	umulh	$6,	$4,	$19
-	cmplt	$27,	$31,	$24
-	cmplt	$19,	$31,	$18
-	addq	$27,	$27,	$27
-	addq	$19,	$19,	$19
-	addq	$19,	$24,	$19
-	addq	$8,	$18,	$8
-	addq	$22,	$27,	$22
-	addq	$23,	$19,	$23
-	cmpult	$22,	$27,	$17
-	cmpult	$23,	$19,	$25
-	addq	$23,	$17,	$23
-	addq	$8,	$25,	$8
-	mulq	$7,	$3,	$21
-	umulh	$7,	$3,	$28
-	cmplt	$21,	$31,	$20
-	cmplt	$28,	$31,	$24
-	addq	$21,	$21,	$21
-	addq	$28,	$28,	$28
-	addq	$28,	$20,	$28
-	addq	$8,	$24,	$8
-	addq	$22,	$21,	$22
-	addq	$23,	$28,	$23
-	cmpult	$22,	$21,	$18
-	cmpult	$23,	$28,	$27
-	addq	$23,	$18,	$23
-	addq	$8,	$27,	$8
-	stq	$22,	80($16)
-	bis	$31,	$31,	$22
-	mulq	$6,	$5,	$19
-	umulh	$6,	$5,	$17
-	cmplt	$19,	$31,	$25
-	cmplt	$17,	$31,	$20
-	addq	$19,	$19,	$19
-	addq	$17,	$17,	$17
-	addq	$17,	$25,	$17
-	addq	$22,	$20,	$22
-	addq	$23,	$19,	$23
-	addq	$8,	$17,	$8
-	cmpult	$23,	$19,	$24
-	cmpult	$8,	$17,	$21
-	addq	$8,	$24,	$8
-	addq	$22,	$21,	$22
-	mulq	$7,	$4,	$28
-	umulh	$7,	$4,	$18
-	cmplt	$28,	$31,	$27
-	cmplt	$18,	$31,	$25
-	addq	$28,	$28,	$28
-	addq	$18,	$18,	$18
-	addq	$18,	$27,	$18
-	addq	$22,	$25,	$22
-	addq	$23,	$28,	$23
-	addq	$8,	$18,	$8
-	cmpult	$23,	$28,	$20
-	cmpult	$8,	$18,	$19
-	addq	$8,	$20,	$8
-	addq	$22,	$19,	$22
-	stq	$23,	88($16)
-	bis	$31,	$31,	$23
-	mulq	$6,	$6,	$17
-	umulh	$6,	$6,	$24
-	addq	$8,	$17,	$8
-	addq	$22,	$24,	$22
-	cmpult	$8,	$17,	$21
-	cmpult	$22,	$24,	$27
-	addq	$22,	$21,	$22
-	addq	$23,	$27,	$23
-	mulq	$7,	$5,	$25
-	umulh	$7,	$5,	$28
-	cmplt	$25,	$31,	$18
-	cmplt	$28,	$31,	$20
-	addq	$25,	$25,	$25
-	addq	$28,	$28,	$28
-	addq	$28,	$18,	$28
-	addq	$23,	$20,	$23
-	addq	$8,	$25,	$8
-	addq	$22,	$28,	$22
-	cmpult	$8,	$25,	$19
-	cmpult	$22,	$28,	$17
-	addq	$22,	$19,	$22
-	addq	$23,	$17,	$23
-	stq	$8,	96($16)
-	bis	$31,	$31,	$8
-	mulq	$7,	$6,	$24
-	umulh	$7,	$6,	$21
-	cmplt	$24,	$31,	$27
-	cmplt	$21,	$31,	$18
-	addq	$24,	$24,	$24
-	addq	$21,	$21,	$21
-	addq	$21,	$27,	$21
-	addq	$8,	$18,	$8
-	addq	$22,	$24,	$22
-	addq	$23,	$21,	$23
-	cmpult	$22,	$24,	$20
-	cmpult	$23,	$21,	$25
-	addq	$23,	$20,	$23
-	addq	$8,	$25,	$8
-	stq	$22,	104($16)
-	bis	$31,	$31,	$22
-	mulq	$7,	$7,	$28
-	umulh	$7,	$7,	$19
-	addq	$23,	$28,	$23
-	addq	$8,	$19,	$8
-	cmpult	$23,	$28,	$17
-	cmpult	$8,	$19,	$27
-	addq	$8,	$17,	$8
-	addq	$22,	$27,	$22
-	stq	$23,	112($16)
-	stq	$8,	120($16)
-	ret	$31,($26),1
-	.end bn_sqr_comba8
diff --git a/crypto/openssl/crypto/bn/asm/alpha.s.works b/crypto/openssl/crypto/bn/asm/alpha.s.works
deleted file mode 100644
index ee6c58780998..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.s.works
+++ /dev/null
@@ -1,533 +0,0 @@
-
- # DEC Alpha assember
- # The bn_div64 is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch@ceddec.com for sending me the gcc output for
- # bn_div64.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed.  I've done modification to help
- # improve this.  Also, normally, a ld instruction will not be available
- # for about 3 cycles.
-	.file	1 "bn_asm.c"
-	.set noat
-gcc2_compiled.:
-__gnu_compiled_c:
-	.text
-	.align 3
-	.globl bn_mul_add_words
-	.ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$0
-	blt	$18,$43		# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	ldq	$1,0($16)	# 1 1
-	.align 3
-$42:
-	mulq	$20,$19,$5	# 1 2 1	######
-	ldq	$21,8($17)	# 2 1
-	ldq	$2,8($16)	# 2 1
-	umulh	$20,$19,$20	# 1 2	######
-	ldq	$27,16($17)	# 3 1
-	ldq	$3,16($16)	# 3 1
-	mulq	$21,$19,$6	# 2 2 1	######
-	 ldq	$28,24($17)	# 4 1
-	addq	$1,$5,$1	# 1 2 2
-	 ldq	$4,24($16)	# 4 1
-	umulh	$21,$19,$21	# 2 2	######
-	 cmpult	$1,$5,$22	# 1 2 3 1
-	addq	$20,$22,$20	# 1 3 1
-	 addq	$1,$0,$1	# 1 2 3 1
-	mulq	$27,$19,$7	# 3 2 1	######
-	 cmpult	$1,$0,$0	# 1 2 3 2
-	addq	$2,$6,$2	# 2 2 2
-	 addq	$20,$0,$0	# 1 3 2 
-	cmpult	$2,$6,$23	# 2 2 3 1
-	 addq	$21,$23,$21	# 2 3 1
-	umulh	$27,$19,$27	# 3 2	######
-	 addq	$2,$0,$2	# 2 2 3 1
-	cmpult	$2,$0,$0	# 2 2 3 2
-	 subq	$18,4,$18
-	mulq	$28,$19,$8	# 4 2 1	######
-	 addq	$21,$0,$0	# 2 3 2 
-	addq	$3,$7,$3	# 3 2 2
-	 addq	$16,32,$16
-	cmpult	$3,$7,$24	# 3 2 3 1
-	 stq	$1,-32($16)	# 1 2 4
-	umulh	$28,$19,$28	# 4 2	######
-	 addq	$27,$24,$27	# 3 3 1
-	addq	$3,$0,$3	# 3 2 3 1
-	 stq	$2,-24($16)	# 2 2 4
-	cmpult	$3,$0,$0	# 3 2 3 2
-	 stq	$3,-16($16)	# 3 2 4
-	addq	$4,$8,$4	# 4 2 2
-	 addq	$27,$0,$0	# 3 3 2 
-	cmpult	$4,$8,$25	# 4 2 3 1
-	 addq	$17,32,$17
-	addq	$28,$25,$28	# 4 3 1
-	 addq	$4,$0,$4	# 4 2 3 1
-	cmpult	$4,$0,$0	# 4 2 3 2
-	 stq	$4,-8($16)	# 4 2 4
-	addq	$28,$0,$0	# 4 3 2 
-	 blt	$18,$43
-
-	ldq	$20,0($17)	# 1 1
-	ldq	$1,0($16)	# 1 1
-
-	br	$42
-
-	.align 4
-$45:
-	ldq	$20,0($17)	# 4 1
-	ldq	$1,0($16)	# 4 1
-	mulq	$20,$19,$5	# 4 2 1
-	subq	$18,1,$18
-	addq	$16,8,$16
-	addq	$17,8,$17
-	umulh	$20,$19,$20	# 4 2
-	addq	$1,$5,$1	# 4 2 2
-	cmpult	$1,$5,$22	# 4 2 3 1
-	addq	$20,$22,$20	# 4 3 1
-	addq	$1,$0,$1	# 4 2 3 1
-	cmpult	$1,$0,$0	# 4 2 3 2
-	addq	$20,$0,$0	# 4 3 2 
-	stq	$1,-8($16)	# 4 2 4
-	bgt	$18,$45
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$43:
-	addq	$18,4,$18
-	bgt	$18,$45		# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_add_words
-	.align 3
-	.globl bn_mul_words
-	.ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$0
-	blt	$18,$143	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	.align 3
-$142:
-
-	mulq	$20,$19,$5	# 1 2 1	#####
-	 ldq	$21,8($17)	# 2 1
-	 ldq	$27,16($17)	# 3 1
-	umulh	$20,$19,$20	# 1 2	#####
-	 ldq	$28,24($17)	# 4 1
-	mulq	$21,$19,$6	# 2 2 1	#####
-	 addq	$5,$0,$5	# 1 2 3 1
-	subq	$18,4,$18
-	 cmpult	$5,$0,$0	# 1 2 3 2
-	umulh	$21,$19,$21	# 2 2	#####
-	 addq	$20,$0,$0	# 1 3 2 
-	addq	$17,32,$17
-	 addq	$6,$0,$6	# 2 2 3 1
-	mulq	$27,$19,$7	# 3 2 1	#####
-	 cmpult	$6,$0,$0	# 2 2 3 2
-	addq	$21,$0,$0	# 2 3 2 
-	 addq	$16,32,$16
-	umulh	$27,$19,$27	# 3 2	#####
-	 stq	$5,-32($16)	# 1 2 4
-	mulq	$28,$19,$8	# 4 2 1	#####
-	 addq	$7,$0,$7	# 3 2 3 1
-	stq	$6,-24($16)	# 2 2 4
-	 cmpult	$7,$0,$0	# 3 2 3 2
-	umulh	$28,$19,$28	# 4 2	#####
-	 addq	$27,$0,$0	# 3 3 2 
-	stq	$7,-16($16)	# 3 2 4
-	 addq	$8,$0,$8	# 4 2 3 1
-	cmpult	$8,$0,$0	# 4 2 3 2
-
-	addq	$28,$0,$0	# 4 3 2 
-
-	stq	$8,-8($16)	# 4 2 4
-
-	blt	$18,$143
-
-	ldq	$20,0($17)	# 1 1
-
-	br	$142
-
-	.align 4
-$145:
-	ldq	$20,0($17)	# 4 1
-	mulq	$20,$19,$5	# 4 2 1
-	subq	$18,1,$18
-	umulh	$20,$19,$20	# 4 2
-	addq	$5,$0,$5	# 4 2 3 1
-	 addq	$16,8,$16
-	cmpult	$5,$0,$0	# 4 2 3 2
-	 addq	$17,8,$17
-	addq	$20,$0,$0	# 4 3 2 
-	stq	$5,-8($16)	# 4 2 4
-
-	bgt	$18,$145
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$143:
-	addq	$18,4,$18
-	bgt	$18,$145	# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_words
-	.align 3
-	.globl bn_sqr_words
-	.ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$18,4,$18
-	blt	$18,$543	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$20,0($17)	# 1 1
-	.align 3
-$542:
-	mulq	$20,$20,$5		######
-	 ldq	$21,8($17)	# 1 1
-	subq	$18,4
- 	umulh	$20,$20,$1		######
-	ldq	$27,16($17)	# 1 1
-	mulq	$21,$21,$6		######
-	ldq	$28,24($17)	# 1 1
-	stq	$5,0($16)	# r[0]
- 	umulh	$21,$21,$2		######
-	stq	$1,8($16)	# r[1]
-	mulq	$27,$27,$7		######
-	stq	$6,16($16)	# r[0]
- 	umulh	$27,$27,$3		######
-	stq	$2,24($16)	# r[1]
-	mulq	$28,$28,$8		######
-	stq	$7,32($16)	# r[0]
- 	umulh	$28,$28,$4		######
-	stq	$3,40($16)	# r[1]
-
- 	addq	$16,64,$16
- 	addq	$17,32,$17
-	stq	$8,-16($16)	# r[0]
-	stq	$4,-8($16)	# r[1]
-
-	blt	$18,$543
-	ldq	$20,0($17)	# 1 1
- 	br 	$542
-
-$442:
-	ldq	$20,0($17)   # a[0]
-	mulq	$20,$20,$5  # a[0]*w low part       r2
-	addq	$16,16,$16
-	addq	$17,8,$17
-	subq	$18,1,$18
-        umulh	$20,$20,$1  # a[0]*w high part       r3
-	stq	$5,-16($16)   # r[0]
-        stq	$1,-8($16)   # r[1]
-
-	bgt	$18,$442
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$543:
-	addq	$18,4,$18
-	bgt	$18,$442	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_sqr_words
-
-	.align 3
-	.globl bn_add_words
-	.ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,4,$19
-	bis	$31,$31,$0	# carry = 0
-	blt	$19,$900
-	ldq	$5,0($17)	# a[0]
-	ldq	$1,0($18)	# b[1]
-	.align 3
-$901:
-	addq	$1,$5,$1	# r=a+b;
-	 ldq	$6,8($17)	# a[1]
-	cmpult	$1,$5,$22	# did we overflow?
-	 ldq	$2,8($18)	# b[1]
-	addq	$1,$0,$1	# c+= overflow
-	 ldq	$7,16($17)	# a[2]
-	cmpult	$1,$0,$0	# overflow?
-	 ldq	$3,16($18)	# b[2]
-	addq	$0,$22,$0
-	 ldq	$8,24($17)	# a[3]
-	addq	$2,$6,$2	# r=a+b;
-	 ldq	$4,24($18)	# b[3]
-	cmpult	$2,$6,$23	# did we overflow?
-	 addq	$3,$7,$3	# r=a+b;
-	addq	$2,$0,$2	# c+= overflow
-	 cmpult	$3,$7,$24	# did we overflow?
-	cmpult	$2,$0,$0	# overflow?
-	 addq	$4,$8,$4	# r=a+b;
-	addq	$0,$23,$0
-	 cmpult	$4,$8,$25	# did we overflow?
-	addq	$3,$0,$3	# c+= overflow
-	 stq	$1,0($16)	# r[0]=c
-	cmpult	$3,$0,$0	# overflow?
-	 stq	$2,8($16)	# r[1]=c
-	addq	$0,$24,$0
-	 stq	$3,16($16)	# r[2]=c
-	addq	$4,$0,$4	# c+= overflow
-	 subq	$19,4,$19	# loop--
-	cmpult	$4,$0,$0	# overflow?
-	 addq	$17,32,$17	# a++
-	addq	$0,$25,$0
-	 stq	$4,24($16)	# r[3]=c
-	addq	$18,32,$18	# b++
-	 addq	$16,32,$16	# r++
-
-	blt	$19,$900
-	 ldq	$5,0($17)	# a[0]
-	ldq	$1,0($18)	# b[1]
-	 br	$901
-	.align 4
-$945:
-	ldq	$5,0($17)	# a[0]
-	 ldq	$1,0($18)	# b[1]
-	addq	$1,$5,$1	# r=a+b;
-	 subq	$19,1,$19	# loop--
-	addq	$1,$0,$1	# c+= overflow
-	 addq	$17,8,$17	# a++
-	cmpult	$1,$5,$22	# did we overflow?
-	 cmpult	$1,$0,$0	# overflow?
-	addq	$18,8,$18	# b++
-	 stq	$1,0($16)	# r[0]=c
-	addq	$0,$22,$0
-	 addq	$16,8,$16	# r++
-
-	bgt	$19,$945
-	ret	$31,($26),1	# else exit
-
-$900:
-	addq	$19,4,$19
-	bgt	$19,$945	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_add_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
-	.align 3
-	.globl bn_div64
-	.ent bn_div64
-bn_div64:
-	ldgp $29,0($27)
-bn_div64..ng:
-	lda $30,-48($30)
-	.frame $30,48,$26,0
-	stq $26,0($30)
-	stq $9,8($30)
-	stq $10,16($30)
-	stq $11,24($30)
-	stq $12,32($30)
-	stq $13,40($30)
-	.mask 0x4003e00,-48
-	.prologue 1
-	bis $16,$16,$9
-	bis $17,$17,$10
-	bis $18,$18,$11
-	bis $31,$31,$13
-	bis $31,2,$12
-	bne $11,$119
-	lda $0,-1
-	br $31,$136
-	.align 4
-$119:
-	bis $11,$11,$16
-	jsr $26,BN_num_bits_word
-	ldgp $29,0($26)
-	subq $0,64,$1
-	beq $1,$120
-	bis $31,1,$1
-	sll $1,$0,$1
-	cmpule $9,$1,$1
-	bne $1,$120
- #	lda $16,_IO_stderr_
- #	lda $17,$C32
- #	bis $0,$0,$18
- #	jsr $26,fprintf
- #	ldgp $29,0($26)
-	jsr $26,abort
-	ldgp $29,0($26)
-	.align 4
-$120:
-	bis $31,64,$3
-	cmpult $9,$11,$2
-	subq $3,$0,$1
-	addl $1,$31,$0
-	subq $9,$11,$1
-	cmoveq $2,$1,$9
-	beq $0,$122
-	zapnot $0,15,$2
-	subq $3,$0,$1
-	sll $11,$2,$11
-	sll $9,$2,$3
-	srl $10,$1,$1
-	sll $10,$2,$10
-	bis $3,$1,$9
-$122:
-	srl $11,32,$5
-	zapnot $11,15,$6
-	lda $7,-1
-	.align 5
-$123:
-	srl $9,32,$1
-	subq $1,$5,$1
-	bne $1,$126
-	zapnot $7,15,$27
-	br $31,$127
-	.align 4
-$126:
-	bis $9,$9,$24
-	bis $5,$5,$25
-	divqu $24,$25,$27
-$127:
-	srl $10,32,$4
-	.align 5
-$128:
-	mulq $27,$5,$1
-	subq $9,$1,$3
-	zapnot $3,240,$1
-	bne $1,$129
-	mulq $6,$27,$2
-	sll $3,32,$1
-	addq $1,$4,$1
-	cmpule $2,$1,$2
-	bne $2,$129
-	subq $27,1,$27
-	br $31,$128
-	.align 4
-$129:
-	mulq $27,$6,$1
-	mulq $27,$5,$4
-	srl $1,32,$3
-	sll $1,32,$1
-	addq $4,$3,$4
-	cmpult $10,$1,$2
-	subq $10,$1,$10
-	addq $2,$4,$2
-	cmpult $9,$2,$1
-	bis $2,$2,$4
-	beq $1,$134
-	addq $9,$11,$9
-	subq $27,1,$27
-$134:
-	subl $12,1,$12
-	subq $9,$4,$9
-	beq $12,$124
-	sll $27,32,$13
-	sll $9,32,$2
-	srl $10,32,$1
-	sll $10,32,$10
-	bis $2,$1,$9
-	br $31,$123
-	.align 4
-$124:
-	bis $13,$27,$0
-$136:
-	ldq $26,0($30)
-	ldq $9,8($30)
-	ldq $10,16($30)
-	ldq $11,24($30)
-	ldq $12,32($30)
-	ldq $13,40($30)
-	addq $30,48,$30
-	ret $31,($26),1
-	.end bn_div64
-
-	.set noat
-	.text
-	.align 3
-	.globl bn_sub_words
-	.ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,	4,	$19
-	bis	$31,	$31,	$0
-	blt	$19,	$100
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-$101:
-	ldq	$3,	8($17)
-	cmpult	$1,	$2,	$4
-	ldq	$5,	8($18)
-	subq	$1,	$2,	$1
-	ldq	$6,	16($17)
-	cmpult	$1,	$0,	$2
-	ldq	$7,	16($18)
-	subq	$1,	$0,	$23
-	ldq	$8,	24($17)
-	addq	$2,	$4,	$0
-	cmpult	$3,	$5,	$24
-	subq	$3,	$5,	$3
-	ldq	$22,	24($18)
-	cmpult	$3,	$0,	$5
-	subq	$3,	$0,	$25
-	addq	$5,	$24,	$0
-	cmpult	$6,	$7,	$27
-	subq	$6,	$7,	$6
-	stq	$23,	0($16)
-	cmpult	$6,	$0,	$7
-	subq	$6,	$0,	$28
-	addq	$7,	$27,	$0
-	cmpult	$8,	$22,	$21
-	subq	$8,	$22,	$8
-	stq	$25,	8($16)
-	cmpult	$8,	$0,	$22
-	subq	$8,	$0,	$20
-	addq	$22,	$21,	$0
-	stq	$28,	16($16)
-	subq	$19,	4,	$19
-	stq	$20,	24($16)
-	addq	$17,	32,	$17
-	addq	$18,	32,	$18
-	addq	$16,	32,	$16
-	blt	$19,	$100
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-	br	$101
-$102:
-	ldq	$1,	0($17)
-	ldq	$2,	0($18)
-	cmpult	$1,	$2,	$27
-	subq	$1,	$2,	$1
-	cmpult	$1,	$0,	$2
-	subq	$1,	$0,	$1
-	stq	$1,	0($16)
-	addq	$2,	$27,	$0
-	addq	$17,	8,	$17
-	addq	$18,	8,	$18
-	addq	$16,	8,	$16
-	subq	$19,	1,	$19
-	bgt	$19,	$102
-	ret	$31,($26),1
-$100:
-	addq	$19,	4,	$19
-	bgt	$19,	$102
-$103:
-	ret	$31,($26),1
-	.end bn_sub_words
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/add.pl b/crypto/openssl/crypto/bn/asm/alpha.works/add.pl
deleted file mode 100644
index 4dc76e6b69f7..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/add.pl
+++ /dev/null
@@ -1,119 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_add_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-	$count=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&br(&label("finish"));
-	&blt($count,&label("finish"));
-
-	($a0,$b0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($b0,&QWPw(0,$bp));
-
-##########################################################
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
-	($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-	($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
-	($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);
-	&add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	&add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	&add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	&add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	&add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	&add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	&add($o3,$cc,$o3);
-	&cmpult($o3,$cc,$cc);
-	&add($cc,$t3,$cc);	&FR($t3);
-
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-
-	&sub($count,4,$count);	# count-=4
-	&add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	&add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-##################################################
-	# Do the last 0..3 words
-
-	($t0,$o0)=&NR(2);
-	&set_label("last_loop");
-
-	&ld($a0,&QWPw(0,$ap));	# get a
-	&ld($b0,&QWPw(0,$bp));	# get b
-
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);	# will we borrow?
-	&add($o0,$cc,$o0);	# will we borrow?
-	&cmpult($o0,$cc,$cc);	# will we borrow?
-	&add($cc,$t0,$cc);	# add the borrows
-	&st($o0,&QWPw(0,$rp));	# save
-
-	&add($ap,$QWS,$ap);
-	&add($bp,$QWS,$bp);
-	&add($rp,$QWS,$rp);
-	&sub($count,1,$count);
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&FR($o0,$t0,$a0,$b0);
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/div.pl b/crypto/openssl/crypto/bn/asm/alpha.works/div.pl
deleted file mode 100644
index 7ec144377fa6..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/div.pl
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/usr/local/bin/perl
-
-sub bn_div64
-	{
-	local($data)=<<'EOF';
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
-        .set noreorder
-	.set volatile
-	.align 3
-	.globl bn_div64
-	.ent bn_div64
-bn_div64:
-	ldgp $29,0($27)
-bn_div64..ng:
-	lda $30,-48($30)
-	.frame $30,48,$26,0
-	stq $26,0($30)
-	stq $9,8($30)
-	stq $10,16($30)
-	stq $11,24($30)
-	stq $12,32($30)
-	stq $13,40($30)
-	.mask 0x4003e00,-48
-	.prologue 1
-	bis $16,$16,$9
-	bis $17,$17,$10
-	bis $18,$18,$11
-	bis $31,$31,$13
-	bis $31,2,$12
-	bne $11,$9119
-	lda $0,-1
-	br $31,$9136
-	.align 4
-$9119:
-	bis $11,$11,$16
-	jsr $26,BN_num_bits_word
-	ldgp $29,0($26)
-	subq $0,64,$1
-	beq $1,$9120
-	bis $31,1,$1
-	sll $1,$0,$1
-	cmpule $9,$1,$1
-	bne $1,$9120
- #	lda $16,_IO_stderr_
- #	lda $17,$C32
- #	bis $0,$0,$18
- #	jsr $26,fprintf
- #	ldgp $29,0($26)
-	jsr $26,abort
-	ldgp $29,0($26)
-	.align 4
-$9120:
-	bis $31,64,$3
-	cmpult $9,$11,$2
-	subq $3,$0,$1
-	addl $1,$31,$0
-	subq $9,$11,$1
-	cmoveq $2,$1,$9
-	beq $0,$9122
-	zapnot $0,15,$2
-	subq $3,$0,$1
-	sll $11,$2,$11
-	sll $9,$2,$3
-	srl $10,$1,$1
-	sll $10,$2,$10
-	bis $3,$1,$9
-$9122:
-	srl $11,32,$5
-	zapnot $11,15,$6
-	lda $7,-1
-	.align 5
-$9123:
-	srl $9,32,$1
-	subq $1,$5,$1
-	bne $1,$9126
-	zapnot $7,15,$27
-	br $31,$9127
-	.align 4
-$9126:
-	bis $9,$9,$24
-	bis $5,$5,$25
-	divqu $24,$25,$27
-$9127:
-	srl $10,32,$4
-	.align 5
-$9128:
-	mulq $27,$5,$1
-	subq $9,$1,$3
-	zapnot $3,240,$1
-	bne $1,$9129
-	mulq $6,$27,$2
-	sll $3,32,$1
-	addq $1,$4,$1
-	cmpule $2,$1,$2
-	bne $2,$9129
-	subq $27,1,$27
-	br $31,$9128
-	.align 4
-$9129:
-	mulq $27,$6,$1
-	mulq $27,$5,$4
-	srl $1,32,$3
-	sll $1,32,$1
-	addq $4,$3,$4
-	cmpult $10,$1,$2
-	subq $10,$1,$10
-	addq $2,$4,$2
-	cmpult $9,$2,$1
-	bis $2,$2,$4
-	beq $1,$9134
-	addq $9,$11,$9
-	subq $27,1,$27
-$9134:
-	subl $12,1,$12
-	subq $9,$4,$9
-	beq $12,$9124
-	sll $27,32,$13
-	sll $9,32,$2
-	srl $10,32,$1
-	sll $10,32,$10
-	bis $2,$1,$9
-	br $31,$9123
-	.align 4
-$9124:
-	bis $13,$27,$0
-$9136:
-	ldq $26,0($30)
-	ldq $9,8($30)
-	ldq $10,16($30)
-	ldq $11,24($30)
-	ldq $12,32($30)
-	ldq $13,40($30)
-	addq $30,48,$30
-	ret $31,($26),1
-	.end bn_div64
-EOF
-	&asm_add($data);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/mul.pl b/crypto/openssl/crypto/bn/asm/alpha.works/mul.pl
deleted file mode 100644
index b182bae4520b..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/mul.pl
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-	$word=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&br(&label("finish"));
-	&blt($count,&label("finish"));
-
-	($a0,$r0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
-	($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-	($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
-	($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);
-	&add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	&add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	&add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	&add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	&add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	&add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	&add($o3,$cc,$o3);
-	&cmpult($o3,$cc,$cc);
-	&add($cc,$t3,$cc);	&FR($t3);
-
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-
-	&sub($count,4,$count);	# count-=4
-	&add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	&add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-EOF
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	&mul($a0,$word,($l0)=&NR(1));
-	 &add($ap,$QWS,$ap);
-	&muh($a0,$word,($h0)=&NR(1));	&FR($a0);
-	&add($l0,$cc,$l0);
-	 &add($rp,$QWS,$rp);
-	 &sub($count,1,$count);
-	&cmpult($l0,$cc,$cc);
-	&st($l0,&QWPw(-1,$rp));		&FR($l0);
-	&add($h0,$cc,$cc);		&FR($h0);
-
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/mul_add.pl b/crypto/openssl/crypto/bn/asm/alpha.works/mul_add.pl
deleted file mode 100644
index e37f6315fbc8..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/mul_add.pl
+++ /dev/null
@@ -1,120 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-	$word=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&br(&label("finish"));
-	&blt($count,&label("finish"));
-
-	($a0,$r0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
-	($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-	($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
-	($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);
-	&add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	&add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	&add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	&add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	&add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	&add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	&add($o3,$cc,$o3);
-	&cmpult($o3,$cc,$cc);
-	&add($cc,$t3,$cc);	&FR($t3);
-
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-
-	&sub($count,4,$count);	# count-=4
-	&add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	&add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-EOF
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	&ld(($r0)=&NR(1),&QWPw(0,$rp));	# get b
-	&mul($a0,$word,($l0)=&NR(1));
-	 &sub($count,1,$count);
-	 &add($ap,$QWS,$ap);
-	&muh($a0,$word,($h0)=&NR(1));	&FR($a0);
-	&add($r0,$l0,$r0);
-	 &add($rp,$QWS,$rp);
-	&cmpult($r0,$l0,($t0)=&NR(1));	&FR($l0);
-	 &add($r0,$cc,$r0);
-	&add($h0,$t0,$h0);		&FR($t0);
-	 &cmpult($r0,$cc,$cc);
-	&st($r0,&QWPw(-1,$rp));		&FR($r0);
-	 &add($h0,$cc,$cc);		&FR($h0);
-
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.pl b/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.pl
deleted file mode 100644
index 5efd20128140..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.pl
+++ /dev/null
@@ -1,213 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub mul_add_c
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&add($t1,$h1,$h1);		&FR($t1);
-	&add($c1,$h1,$c1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub bn_mul_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&mul($a[0],$b[0],($r00)=&NR(1));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&muh($a[0],$b[0],($r01)=&NR(1));
-	&FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
-	&mul($a[0],$b[1],($r02)=&NR(1));
-
-	($R,$H1,$H2)=&NR(3);
-
-	&st($r00,&QWPw(0,$rp));	&FR($r00);
-
-	&mov("zero",$R);
-	&mul($a[1],$b[0],($r03)=&NR(1));
-
-	&mov("zero",$H1);
-	&mov("zero",$H0);
-	 &add($R,$r01,$R);
-	&muh($a[0],$b[1],($r04)=&NR(1));
-	 &cmpult($R,$r01,($t01)=&NR(1));	&FR($r01);
-	 &add($R,$r02,$R);
-	 &add($H1,$t01,$H1)			&FR($t01);
-	&muh($a[1],$b[0],($r05)=&NR(1));
-	 &cmpult($R,$r02,($t02)=&NR(1));	&FR($r02);
-	 &add($R,$r03,$R);
-	 &add($H2,$t02,$H2)			&FR($t02);
-	&mul($a[0],$b[2],($r06)=&NR(1));
-	 &cmpult($R,$r03,($t03)=&NR(1));	&FR($r03);
-	 &add($H1,$t03,$H1)			&FR($t03);
-	&st($R,&QWPw(1,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r04,$R);
-	&mov("zero",$H2);
-	&mul($a[1],$b[1],($r07)=&NR(1));
-	 &cmpult($R,$r04,($t04)=&NR(1));	&FR($r04);
-	 &add($R,$r05,$R);
-	 &add($H1,$t04,$H1)			&FR($t04);
-	&mul($a[2],$b[0],($r08)=&NR(1));
-	 &cmpult($R,$r05,($t05)=&NR(1));	&FR($r05);
-	 &add($R,$r01,$R);
-	 &add($H2,$t05,$H2)			&FR($t05);
-	&muh($a[0],$b[2],($r09)=&NR(1));
-	 &cmpult($R,$r06,($t06)=&NR(1));	&FR($r06);
-	 &add($R,$r07,$R);
-	 &add($H1,$t06,$H1)			&FR($t06);
-	&muh($a[1],$b[1],($r10)=&NR(1));
-	 &cmpult($R,$r07,($t07)=&NR(1));	&FR($r07);
-	 &add($R,$r08,$R);
-	 &add($H2,$t07,$H2)			&FR($t07);
-	&muh($a[2],$b[0],($r11)=&NR(1));
-	 &cmpult($R,$r08,($t08)=&NR(1));	&FR($r08);
-	 &add($H1,$t08,$H1)			&FR($t08);
-	&st($R,&QWPw(2,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r09,$R);
-	&mov("zero",$H2);
-	&mul($a[0],$b[3],($r12)=&NR(1));
-	 &cmpult($R,$r09,($t09)=&NR(1));	&FR($r09);
-	 &add($R,$r10,$R);
-	 &add($H1,$t09,$H1)			&FR($t09);
-	&mul($a[1],$b[2],($r13)=&NR(1));
-	 &cmpult($R,$r10,($t10)=&NR(1));	&FR($r10);
-	 &add($R,$r11,$R);
-	 &add($H1,$t10,$H1)			&FR($t10);
-	&mul($a[2],$b[1],($r14)=&NR(1));
-	 &cmpult($R,$r11,($t11)=&NR(1));	&FR($r11);
-	 &add($R,$r12,$R);
-	 &add($H1,$t11,$H1)			&FR($t11);
-	&mul($a[3],$b[0],($r15)=&NR(1));
-	 &cmpult($R,$r12,($t12)=&NR(1));	&FR($r12);
-	 &add($R,$r13,$R);
-	 &add($H1,$t12,$H1)			&FR($t12);
-	&muh($a[0],$b[3],($r16)=&NR(1));
-	 &cmpult($R,$r13,($t13)=&NR(1));	&FR($r13);
-	 &add($R,$r14,$R);
-	 &add($H1,$t13,$H1)			&FR($t13);
-	&muh($a[1],$b[2],($r17)=&NR(1));
-	 &cmpult($R,$r14,($t14)=&NR(1));	&FR($r14);
-	 &add($R,$r15,$R);
-	 &add($H1,$t14,$H1)			&FR($t14);
-	&muh($a[2],$b[1],($r18)=&NR(1));
-	 &cmpult($R,$r15,($t15)=&NR(1));	&FR($r15);
-	 &add($H1,$t15,$H1)			&FR($t15);
-	&st($R,&QWPw(3,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r16,$R);
-	&mov("zero",$H2);
-	&muh($a[3],$b[0],($r19)=&NR(1));
-	 &cmpult($R,$r16,($t16)=&NR(1));	&FR($r16);
-	 &add($R,$r17,$R);
-	 &add($H1,$t16,$H1)			&FR($t16);
-	&mul($a[1],$b[3],($r20)=&NR(1));
-	 &cmpult($R,$r17,($t17)=&NR(1));	&FR($r17);
-	 &add($R,$r18,$R);
-	 &add($H1,$t17,$H1)			&FR($t17);
-	&mul($a[2],$b[2],($r21)=&NR(1));
-	 &cmpult($R,$r18,($t18)=&NR(1));	&FR($r18);
-	 &add($R,$r19,$R);
-	 &add($H1,$t18,$H1)			&FR($t18);
-	&mul($a[3],$b[1],($r22)=&NR(1));
-	 &cmpult($R,$r19,($t19)=&NR(1));	&FR($r19);
-	 &add($R,$r20,$R);
-	 &add($H1,$t19,$H1)			&FR($t19);
-	&muh($a[1],$b[3],($r23)=&NR(1));
-	 &cmpult($R,$r20,($t20)=&NR(1));	&FR($r20);
-	 &add($R,$r21,$R);
-	 &add($H1,$t20,$H1)			&FR($t20);
-	&muh($a[2],$b[2],($r24)=&NR(1));
-	 &cmpult($R,$r21,($t21)=&NR(1));	&FR($r21);
-	 &add($R,$r22,$R);
-	 &add($H1,$t21,$H1)			&FR($t21);
-	&muh($a[3],$b[1],($r25)=&NR(1));
-	 &cmpult($R,$r22,($t22)=&NR(1));	&FR($r22);
-	 &add($H1,$t22,$H1)			&FR($t22);
-	&st($R,&QWPw(4,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r23,$R);
-	&mov("zero",$H2);
-	&mul($a[2],$b[3],($r26)=&NR(1));
-	 &cmpult($R,$r23,($t23)=&NR(1));	&FR($r23);
-	 &add($R,$r24,$R);
-	 &add($H1,$t23,$H1)			&FR($t23);
-	&mul($a[3],$b[2],($r27)=&NR(1));
-	 &cmpult($R,$r24,($t24)=&NR(1));	&FR($r24);
-	 &add($R,$r25,$R);
-	 &add($H1,$t24,$H1)			&FR($t24);
-	&muh($a[2],$b[3],($r28)=&NR(1));
-	 &cmpult($R,$r25,($t25)=&NR(1));	&FR($r25);
-	 &add($R,$r26,$R);
-	 &add($H1,$t25,$H1)			&FR($t25);
-	&muh($a[3],$b[2],($r29)=&NR(1));
-	 &cmpult($R,$r26,($t26)=&NR(1));	&FR($r26);
-	 &add($R,$r27,$R);
-	 &add($H1,$t26,$H1)			&FR($t26);
-	&mul($a[3],$b[3],($r30)=&NR(1));
-	 &cmpult($R,$r27,($t27)=&NR(1));	&FR($r27);
-	 &add($H1,$t27,$H1)			&FR($t27);
-	&st($R,&QWPw(5,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r28,$R);
-	&mov("zero",$H2);
-	&muh($a[3],$b[3],($r31)=&NR(1));
-	 &cmpult($R,$r28,($t28)=&NR(1));	&FR($r28);
-	 &add($R,$r29,$R);
-	 &add($H1,$t28,$H1)			&FR($t28);
-	############
-	 &cmpult($R,$r29,($t29)=&NR(1));	&FR($r29);
-	 &add($R,$r30,$R);
-	 &add($H1,$t29,$H1)			&FR($t29);
-        ############
-	 &cmpult($R,$r30,($t30)=&NR(1));	&FR($r30);
-	 &add($H1,$t30,$H1)			&FR($t30);
-	&st($R,&QWPw(6,$rp));
-	&add($H1,$H2,$R);
-
-	 &add($R,$r31,$R);			&FR($r31);
-	&st($R,&QWPw(7,$rp));
-
-	&FR($R,$H1,$H2);
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.works.pl b/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.works.pl
deleted file mode 100644
index 79d86dd25cd1..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.works.pl
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub mul_add_c
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-print STDERR "count=$cnt\n"; $cnt++;
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&add($t1,$h1,$h1);		&FR($t1);
-	&add($c1,$h1,$c1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub bn_mul_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));	&FR($ap);
-	&ld(($b[3])=&NR(1),&QWPw(3,$bp));	&FR($bp);
-
-	($c0,$c1,$c2)=&NR(3);
-	&mov("zero",$c2);
-	&mul($a[0],$b[0],$c0);
-	&muh($a[0],$b[0],$c1);
-	&st($c0,&QWPw(0,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[0],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[3],$c0,$c1,$c2);	&FR($a[0]);
-	&mul_add_c($a[1],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[0],$c0,$c1,$c2);	&FR($b[0]);
-	&st($c0,&QWPw(3,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[3],$c0,$c1,$c2);	&FR($a[1]);
-	&mul_add_c($a[2],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[1],$c0,$c1,$c2);	&FR($b[1]);
-	&st($c0,&QWPw(4,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[2],$b[3],$c0,$c1,$c2);	&FR($a[2]);
-	&mul_add_c($a[3],$b[2],$c0,$c1,$c2);	&FR($b[2]);
-	&st($c0,&QWPw(5,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[3],$b[3],$c0,$c1,$c2);	&FR($a[3],$b[3]);
-	&st($c0,&QWPw(6,$rp));
-	&st($c1,&QWPw(7,$rp));
-
-	&FR($c0,$c1,$c2);
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c8.pl b/crypto/openssl/crypto/bn/asm/alpha.works/mul_c8.pl
deleted file mode 100644
index 525ca7494b73..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/mul_c8.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_comba8
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&stack_push(2);
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&st($reg_s0,&swtmp(0)); &FR($reg_s0);
-	&st($reg_s1,&swtmp(1)); &FR($reg_s1);
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&ld(($b[3])=&NR(1),&QWPw(3,$bp));
-	&ld(($a[4])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[4])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[5])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[5])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[6])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[6])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[7])=&NR(1),&QWPw(1,$ap));	&FR($ap);
-	&ld(($b[7])=&NR(1),&QWPw(1,$bp));	&FR($bp);
-
-	($c0,$c1,$c2)=&NR(3);
-	&mov("zero",$c2);
-	&mul($a[0],$b[0],$c0);
-	&muh($a[0],$b[0],$c1);
-	&st($c0,&QWPw(0,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[7],$c0,$c1,$c2);	&FR($a[0]);
-	&mul_add_c($a[1],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[0],$c0,$c1,$c2);	&FR($b[0]);
-	&st($c0,&QWPw(7,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[7],$c0,$c1,$c2);	&FR($a[1]);
-	&mul_add_c($a[2],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[1],$c0,$c1,$c2);	&FR($b[1]);
-	&st($c0,&QWPw(8,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[2],$b[7],$c0,$c1,$c2);	&FR($a[2]);
-	&mul_add_c($a[3],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[2],$c0,$c1,$c2);	&FR($b[2]);
-	&st($c0,&QWPw(9,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[3],$b[7],$c0,$c1,$c2);	&FR($a[3]);
-	&mul_add_c($a[4],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[3],$c0,$c1,$c2);	&FR($b[3]);
-	&st($c0,&QWPw(10,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[4],$b[7],$c0,$c1,$c2);	&FR($a[4]);
-	&mul_add_c($a[5],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[4],$c0,$c1,$c2);	&FR($b[4]);
-	&st($c0,&QWPw(11,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[5],$b[7],$c0,$c1,$c2);	&FR($a[5]);
-	&mul_add_c($a[6],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[5],$c0,$c1,$c2);	&FR($b[5]);
-	&st($c0,&QWPw(12,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[6],$b[7],$c0,$c1,$c2);	&FR($a[6]);
-	&mul_add_c($a[7],$b[6],$c0,$c1,$c2);	&FR($b[6]);
-	&st($c0,&QWPw(13,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[7],$b[7],$c0,$c1,$c2);	&FR($a[7],$b[7]);
-	&st($c0,&QWPw(14,$rp));
-	&st($c1,&QWPw(15,$rp));
-
-	&FR($c0,$c1,$c2);
-
-	&ld($reg_s0,&swtmp(0));
-	&ld($reg_s1,&swtmp(1));
-	&stack_pop(2);
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/sqr.pl b/crypto/openssl/crypto/bn/asm/alpha.works/sqr.pl
deleted file mode 100644
index a55b696906e1..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/sqr.pl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(3);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&br(&label("finish"));
-	&blt($count,&label("finish"));
-
-	($a0,$r0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
-	($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-	($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
-	($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);
-	&add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	&add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	&add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	&add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	&add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	&add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	&add($o3,$cc,$o3);
-	&cmpult($o3,$cc,$cc);
-	&add($cc,$t3,$cc);	&FR($t3);
-
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-
-	&sub($count,4,$count);	# count-=4
-	&add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	&add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-EOF
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	&mul($a0,$a0,($l0)=&NR(1));
-	 &add($ap,$QWS,$ap);
-	 &add($rp,2*$QWS,$rp);
-	 &sub($count,1,$count);
-	&muh($a0,$a0,($h0)=&NR(1));	&FR($a0);
-	&st($l0,&QWPw(-2,$rp));		&FR($l0);
-	&st($h0,&QWPw(-1,$rp));		&FR($h0);
-
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c4.pl b/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c4.pl
deleted file mode 100644
index bf33f5b50372..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c4.pl
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub sqr_add_c
-	{
-	local($a,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$a,($l1)=&NR(1));
-	&muh($a,$a,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&add($c1,$h1,$c1);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c1,$t1,$c1);		&FR($t1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub sqr_add_c2
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&cmplt($l1,"zero",($lc1)=&NR(1));
-	&cmplt($h1,"zero",($hc1)=&NR(1));
-	&add($l1,$l1,$l1);
-	&add($h1,$h1,$h1);
-	&add($h1,$lc1,$h1);		&FR($lc1);
-	&add($c2,$hc1,$c2);		&FR($hc1);
-
-	&add($c0,$l1,$c0);
-	&add($c1,$h1,$c1);
-	&cmpult($c0,$l1,($lc1)=&NR(1));	&FR($l1);
-	&cmpult($c1,$h1,($hc1)=&NR(1));	&FR($h1);
-
-	&add($c1,$lc1,$c1);		&FR($lc1);
-	&add($c2,$hc1,$c2);		&FR($hc1);
-	}
-
-
-sub bn_sqr_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(2);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-        &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
-
-	($c0,$c1,$c2)=&NR(3);
-
-	&mov("zero",$c2);
-	&mul($a[0],$a[0],$c0);
-	&muh($a[0],$a[0],$c1);
-	&st($c0,&QWPw(0,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[3],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));
-	&st($c1,&QWPw(7,$rp));
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c8.pl b/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c8.pl
deleted file mode 100644
index b4afe085f1c9..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/sqr_c8.pl
+++ /dev/null
@@ -1,132 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_sqr_comba8
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(2);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&ld(($a[4])=&NR(1),&QWPw(4,$ap));
-	&ld(($a[5])=&NR(1),&QWPw(5,$ap));
-	&ld(($a[6])=&NR(1),&QWPw(6,$ap));
-        &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
-
-	($c0,$c1,$c2)=&NR(3);
-
-	&mov("zero",$c2);
-	&mul($a[0],$a[0],$c0);
-	&muh($a[0],$a[0],$c1);
-	&st($c0,&QWPw(0,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(7,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(8,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
-	&st($c0,&QWPw(9,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[5],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
-	&st($c0,&QWPw(10,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
-	&st($c0,&QWPw(11,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[6],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
-	&st($c0,&QWPw(12,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
-	&st($c0,&QWPw(13,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[7],$c0,$c1,$c2);
-	&st($c0,&QWPw(14,$rp));
-	&st($c1,&QWPw(15,$rp));
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha.works/sub.pl b/crypto/openssl/crypto/bn/asm/alpha.works/sub.pl
deleted file mode 100644
index d998da5c21a2..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha.works/sub.pl
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-	$count=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&blt($count,&label("finish"));
-
-	($a0,$b0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($b0,&QWPw(0,$bp));
-
-##########################################################
-	&set_label("loop");
-
-	($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
-	&ld($a1,&QWPw(1,$ap));
-	 &cmpult($a0,$b0,$tmp);	# will we borrow?
-	&ld($b1,&QWPw(1,$bp));
-	 &sub($a0,$b0,$a0);		# do the subtract
-	&ld($a2,&QWPw(2,$ap));
-	 &cmpult($a0,$cc,$b0);	# will we borrow?
-	&ld($b2,&QWPw(2,$bp));
-	 &sub($a0,$cc,$o0);	# will we borrow?
-	&ld($a3,&QWPw(3,$ap));
-	 &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
-
-	&cmpult($a1,$b1,$t1);	# will we borrow?
-	 &sub($a1,$b1,$a1);	# do the subtract
-	&ld($b3,&QWPw(3,$bp));
-	 &cmpult($a1,$cc,$b1);	# will we borrow?
-	&sub($a1,$cc,$o1);	# will we borrow?
-	 &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
-	
-	&cmpult($a2,$b2,$tmp);	# will we borrow?
-	 &sub($a2,$b2,$a2);		# do the subtract
-	&st($o0,&QWPw(0,$rp));	&FR($o0); # save
-	 &cmpult($a2,$cc,$b2);	# will we borrow?
-	&sub($a2,$cc,$o2);	# will we borrow?
-	 &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
-
-	&cmpult($a3,$b3,$t3);	# will we borrow?
-	 &sub($a3,$b3,$a3);	# do the subtract
-	&st($o1,&QWPw(1,$rp)); &FR($o1);
-	 &cmpult($a3,$cc,$b3);	# will we borrow?
-	&sub($a3,$cc,$o3);	# will we borrow?
-	 &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
-
-	&st($o2,&QWPw(2,$rp));	&FR($o2);
-	 &sub($count,4,$count);	# count-=4
-	&st($o3,&QWPw(3,$rp));	&FR($o3);
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	 &add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld($a0,&QWPw(0,$ap));	# get a
-	 &ld($b0,&QWPw(0,$bp));	# get b
-	&cmpult($a0,$b0,$tmp);	# will we borrow?
-	&sub($a0,$b0,$a0);	# do the subtract
-	&cmpult($a0,$cc,$b0);	# will we borrow?
-	&sub($a0,$cc,$a0);	# will we borrow?
-	&st($a0,&QWPw(0,$rp));	# save
-	&add($b0,$tmp,$cc);	# add the borrows
-
-	&add($ap,$QWS,$ap);
-	&add($bp,$QWS,$bp);
-	&add($rp,$QWS,$rp);
-	&sub($count,1,$count);
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&FR($a0,$b0);
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/add.pl b/crypto/openssl/crypto/bn/asm/alpha/add.pl
deleted file mode 100644
index 13bf51642816..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/add.pl
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_add_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-	$count=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	 &mov("zero",$cc);
-	&blt($count,&label("finish"));
-
-	($a0,$b0)=&NR(2);
-
-##########################################################
-	&set_label("loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));
-	 &ld(($b0)=&NR(1),&QWPw(0,$bp));
-	&ld(($a1)=&NR(1),&QWPw(1,$ap));
-	 &ld(($b1)=&NR(1),&QWPw(1,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	 &ld(($a2)=&NR(1),&QWPw(2,$ap));
-	&cmpult($o0,$b0,$t0);
-	 &add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	 &ld(($b2)=&NR(1),&QWPw(2,$bp));
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	 &add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	 &add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	 &ld(($a3)=&NR(1),&QWPw(3,$ap));
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	 &add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	 &add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	 &ld(($b3)=&NR(1),&QWPw(3,$bp));
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	 &add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	 &add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	 &add($o3,$cc,$o3);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	 &cmpult($o3,$cc,$cc);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-	 &add($cc,$t3,$cc);	&FR($t3);
-
-
-	&sub($count,4,$count);	# count-=4
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	 &add($rp,4*$QWS,$rp);	# count+=4
-
-	###
-	 &bge($count,&label("loop"));
-	###
-	&br(&label("finish"));
-##################################################
-	# Do the last 0..3 words
-
-	($t0,$o0)=&NR(2);
-	&set_label("last_loop");
-
-	&ld($a0,&QWPw(0,$ap));	# get a
-	 &ld($b0,&QWPw(0,$bp));	# get b
-	&add($ap,$QWS,$ap);
-	 &add($bp,$QWS,$bp);
-	&add($a0,$b0,$o0); 
-	 &sub($count,1,$count);
-	&cmpult($o0,$b0,$t0);	# will we borrow?
-	 &add($o0,$cc,$o0);	# will we borrow?
-	&cmpult($o0,$cc,$cc);	# will we borrow?
-	 &add($rp,$QWS,$rp);
-	&st($o0,&QWPw(-1,$rp));	# save
-	 &add($cc,$t0,$cc);	# add the borrows
-
-	###
-	 &bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	 &bgt($count,&label("last_loop"));
-
-	&FR($o0,$t0,$a0,$b0);
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/div.pl b/crypto/openssl/crypto/bn/asm/alpha/div.pl
deleted file mode 100644
index e9e680897aae..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/div.pl
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/usr/local/bin/perl
-
-sub bn_div_words
-	{
-	local($data)=<<'EOF';
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
-        .set noreorder
-	.set volatile
-	.align 3
-	.globl bn_div_words
-	.ent bn_div_words
-bn_div_words
-	ldgp $29,0($27)
-bn_div_words.ng:
-	lda $30,-48($30)
-	.frame $30,48,$26,0
-	stq $26,0($30)
-	stq $9,8($30)
-	stq $10,16($30)
-	stq $11,24($30)
-	stq $12,32($30)
-	stq $13,40($30)
-	.mask 0x4003e00,-48
-	.prologue 1
-	bis $16,$16,$9
-	bis $17,$17,$10
-	bis $18,$18,$11
-	bis $31,$31,$13
-	bis $31,2,$12
-	bne $11,$9119
-	lda $0,-1
-	br $31,$9136
-	.align 4
-$9119:
-	bis $11,$11,$16
-	jsr $26,BN_num_bits_word
-	ldgp $29,0($26)
-	subq $0,64,$1
-	beq $1,$9120
-	bis $31,1,$1
-	sll $1,$0,$1
-	cmpule $9,$1,$1
-	bne $1,$9120
- #	lda $16,_IO_stderr_
- #	lda $17,$C32
- #	bis $0,$0,$18
- #	jsr $26,fprintf
- #	ldgp $29,0($26)
-	jsr $26,abort
-	ldgp $29,0($26)
-	.align 4
-$9120:
-	bis $31,64,$3
-	cmpult $9,$11,$2
-	subq $3,$0,$1
-	addl $1,$31,$0
-	subq $9,$11,$1
-	cmoveq $2,$1,$9
-	beq $0,$9122
-	zapnot $0,15,$2
-	subq $3,$0,$1
-	sll $11,$2,$11
-	sll $9,$2,$3
-	srl $10,$1,$1
-	sll $10,$2,$10
-	bis $3,$1,$9
-$9122:
-	srl $11,32,$5
-	zapnot $11,15,$6
-	lda $7,-1
-	.align 5
-$9123:
-	srl $9,32,$1
-	subq $1,$5,$1
-	bne $1,$9126
-	zapnot $7,15,$27
-	br $31,$9127
-	.align 4
-$9126:
-	bis $9,$9,$24
-	bis $5,$5,$25
-	divqu $24,$25,$27
-$9127:
-	srl $10,32,$4
-	.align 5
-$9128:
-	mulq $27,$5,$1
-	subq $9,$1,$3
-	zapnot $3,240,$1
-	bne $1,$9129
-	mulq $6,$27,$2
-	sll $3,32,$1
-	addq $1,$4,$1
-	cmpule $2,$1,$2
-	bne $2,$9129
-	subq $27,1,$27
-	br $31,$9128
-	.align 4
-$9129:
-	mulq $27,$6,$1
-	mulq $27,$5,$4
-	srl $1,32,$3
-	sll $1,32,$1
-	addq $4,$3,$4
-	cmpult $10,$1,$2
-	subq $10,$1,$10
-	addq $2,$4,$2
-	cmpult $9,$2,$1
-	bis $2,$2,$4
-	beq $1,$9134
-	addq $9,$11,$9
-	subq $27,1,$27
-$9134:
-	subl $12,1,$12
-	subq $9,$4,$9
-	beq $12,$9124
-	sll $27,32,$13
-	sll $9,32,$2
-	srl $10,32,$1
-	sll $10,32,$10
-	bis $2,$1,$9
-	br $31,$9123
-	.align 4
-$9124:
-	bis $13,$27,$0
-$9136:
-	ldq $26,0($30)
-	ldq $9,8($30)
-	ldq $10,16($30)
-	ldq $11,24($30)
-	ldq $12,32($30)
-	ldq $13,40($30)
-	addq $30,48,$30
-	ret $31,($26),1
-	.end bn_div_words
-EOF
-	&asm_add($data);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/mul.pl b/crypto/openssl/crypto/bn/asm/alpha/mul.pl
deleted file mode 100644
index 76c926566c7f..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/mul.pl
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-	$word=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	 &mov("zero",$cc);
-	###
-	 &blt($count,&label("finish"));
-
-	($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
-
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	 ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-
-	&muh($a0,$word,($h0)=&NR(1));	&FR($a0);
-	 ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	 						### wait 8
-	&mul($a0,$word,($l0)=&NR(1));	&FR($a0);
-	 						### wait 8
-	&muh($a1,$word,($h1)=&NR(1));	&FR($a1);
-	 &add($l0,$cc,$l0);				### wait 8
-	&mul($a1,$word,($l1)=&NR(1));	&FR($a1);
-	 &cmpult($l0,$cc,$cc);				### wait 8
-	&muh($a2,$word,($h2)=&NR(1));	&FR($a2);
-	 &add($h0,$cc,$cc);	&FR($h0); 		### wait 8
-	&mul($a2,$word,($l2)=&NR(1));	&FR($a2);
-	 &add($l1,$cc,$l1);				### wait 8
-	&st($l0,&QWPw(0,$rp));		&FR($l0);
-	 &cmpult($l1,$cc,$cc);				### wait 8
-	&muh($a3,$word,($h3)=&NR(1));	&FR($a3);
-	 &add($h1,$cc,$cc);		&FR($h1);
-	&mul($a3,$word,($l3)=&NR(1));	&FR($a3);
-	 &add($l2,$cc,$l2);
-	&st($l1,&QWPw(1,$rp));		&FR($l1);
-	 &cmpult($l2,$cc,$cc);
-	&add($h2,$cc,$cc);		&FR($h2);
-	 &sub($count,4,$count);	# count-=4
-	&st($l2,&QWPw(2,$rp));		&FR($l2);
-	 &add($l3,$cc,$l3);
-	&cmpult($l3,$cc,$cc);
-	 &add($bp,4*$QWS,$bp);	# count+=4
-	&add($h3,$cc,$cc);		&FR($h3);
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&st($l3,&QWPw(3,$rp));		&FR($l3);
-	 &add($rp,4*$QWS,$rp);	# count+=4
-	###
-	 &blt($count,&label("finish"));
-	 ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
-	&br(&label("finish"));
-##################################################
-
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	 ###
-	###
-	 ###
-	&muh($a0,$word,($h0)=&NR(1));
-	 ### Wait 8 for next mul issue
-	&mul($a0,$word,($l0)=&NR(1)); &FR($a0)
-	 &add($ap,$QWS,$ap);
-	### Loose 12 until result is available
-	&add($rp,$QWS,$rp);
-	 &sub($count,1,$count);
-	&add($l0,$cc,$l0);
-	 ###
-	&st($l0,&QWPw(-1,$rp));		&FR($l0);
-	 &cmpult($l0,$cc,$cc);
-	&add($h0,$cc,$cc);		&FR($h0);
-	 &bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/mul_add.pl b/crypto/openssl/crypto/bn/asm/alpha/mul_add.pl
deleted file mode 100644
index 0d6df69bc4b0..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/mul_add.pl
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-	$word=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	 &mov("zero",$cc);
-	###
-	 &blt($count,&label("finish"));
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));
-
-$a=<<'EOF';
-##########################################################
-	&set_label("loop");
-
-	&ld(($r0)=&NR(1),&QWPw(0,$rp));
-	 &ld(($a1)=&NR(1),&QWPw(1,$ap));
-	&muh($a0,$word,($h0)=&NR(1));
-	 &ld(($r1)=&NR(1),&QWPw(1,$rp));
-	&ld(($a2)=&NR(1),&QWPw(2,$ap));
-	 ###
-	&mul($a0,$word,($l0)=&NR(1));	&FR($a0);
-	 &ld(($r2)=&NR(1),&QWPw(2,$rp));
-	&muh($a1,$word,($h1)=&NR(1));
-	 &ld(($a3)=&NR(1),&QWPw(3,$ap));
-	&mul($a1,$word,($l1)=&NR(1));	&FR($a1);
-	 &ld(($r3)=&NR(1),&QWPw(3,$rp));
-	&add($r0,$l0,$r0);
-	 &add($r1,$l1,$r1);
-	&cmpult($r0,$l0,($t0)=&NR(1));	&FR($l0);
-	 &cmpult($r1,$l1,($t1)=&NR(1));	&FR($l1);
-	&muh($a2,$word,($h2)=&NR(1));
-	 &add($r0,$cc,$r0);
-	&add($h0,$t0,$h0);		&FR($t0);
-	 &cmpult($r0,$cc,$cc);
-	&add($h1,$t1,$h1);		&FR($t1);
-	 &add($h0,$cc,$cc);		&FR($h0);
-	&mul($a2,$word,($l2)=&NR(1));	&FR($a2);
-	 &add($r1,$cc,$r1);
-	&cmpult($r1,$cc,$cc);
-	 &add($r2,$l2,$r2);
-	&add($h1,$cc,$cc);		&FR($h1);
-	 &cmpult($r2,$l2,($t2)=&NR(1));	&FR($l2);
-	&muh($a3,$word,($h3)=&NR(1));
-	 &add($r2,$cc,$r2);
-	&st($r0,&QWPw(0,$rp)); &FR($r0);
-	 &add($h2,$t2,$h2);		&FR($t2);
-	&st($r1,&QWPw(1,$rp)); &FR($r1);
-	 &cmpult($r2,$cc,$cc);
-	&mul($a3,$word,($l3)=&NR(1));	&FR($a3);
-	 &add($h2,$cc,$cc);		&FR($h2);
-	&st($r2,&QWPw(2,$rp)); &FR($r2);
-	 &sub($count,4,$count);	# count-=4
-	 &add($rp,4*$QWS,$rp);	# count+=4
-	&add($r3,$l3,$r3);
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&cmpult($r3,$l3,($t3)=&NR(1));	&FR($l3);
-	 &add($r3,$cc,$r3);
-	&add($h3,$t3,$h3);		&FR($t3);
-	 &cmpult($r3,$cc,$cc);
-	&st($r3,&QWPw(-1,$rp)); &FR($r3);
-	 &add($h3,$cc,$cc);		&FR($h3);
-
-	###
-	 &blt($count,&label("finish"));
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));
-	 &br(&label("loop"));
-EOF
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	 &ld(($r0)=&NR(1),&QWPw(0,$rp));	# get b
-	###
-	 ###
-	&muh($a0,$word,($h0)=&NR(1));	&FR($a0);
-	 ### wait 8
-	&mul($a0,$word,($l0)=&NR(1));	&FR($a0);
-	 &add($rp,$QWS,$rp);
-	&add($ap,$QWS,$ap);
-	 &sub($count,1,$count);
-	### wait 3 until l0 is available
-	&add($r0,$l0,$r0);
-	 ###
-	&cmpult($r0,$l0,($t0)=&NR(1));	&FR($l0);
-	 &add($r0,$cc,$r0);
-	&add($h0,$t0,$h0);		&FR($t0);
-	 &cmpult($r0,$cc,$cc);
-	&add($h0,$cc,$cc);		&FR($h0);
-
-	&st($r0,&QWPw(-1,$rp));		&FR($r0);
-	 &bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	 &bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/mul_c4.pl b/crypto/openssl/crypto/bn/asm/alpha/mul_c4.pl
deleted file mode 100644
index 9cc876ded4ae..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/mul_c4.pl
+++ /dev/null
@@ -1,215 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-# upto
-
-sub mul_add_c
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&add($t1,$h1,$h1);		&FR($t1);
-	&add($c1,$h1,$c1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub bn_mul_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&mul($a[0],$b[0],($r00)=&NR(1));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&muh($a[0],$b[0],($r01)=&NR(1));
-	&FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
-	&mul($a[0],$b[1],($r02)=&NR(1));
-
-	($R,$H1,$H2)=&NR(3);
-
-	&st($r00,&QWPw(0,$rp));	&FR($r00);
-
-	&mov("zero",$R);
-	&mul($a[1],$b[0],($r03)=&NR(1));
-
-	&mov("zero",$H1);
-	&mov("zero",$H0);
-	 &add($R,$r01,$R);
-	&muh($a[0],$b[1],($r04)=&NR(1));
-	 &cmpult($R,$r01,($t01)=&NR(1));	&FR($r01);
-	 &add($R,$r02,$R);
-	 &add($H1,$t01,$H1)			&FR($t01);
-	&muh($a[1],$b[0],($r05)=&NR(1));
-	 &cmpult($R,$r02,($t02)=&NR(1));	&FR($r02);
-	 &add($R,$r03,$R);
-	 &add($H2,$t02,$H2)			&FR($t02);
-	&mul($a[0],$b[2],($r06)=&NR(1));
-	 &cmpult($R,$r03,($t03)=&NR(1));	&FR($r03);
-	 &add($H1,$t03,$H1)			&FR($t03);
-	&st($R,&QWPw(1,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r04,$R);
-	&mov("zero",$H2);
-	&mul($a[1],$b[1],($r07)=&NR(1));
-	 &cmpult($R,$r04,($t04)=&NR(1));	&FR($r04);
-	 &add($R,$r05,$R);
-	 &add($H1,$t04,$H1)			&FR($t04);
-	&mul($a[2],$b[0],($r08)=&NR(1));
-	 &cmpult($R,$r05,($t05)=&NR(1));	&FR($r05);
-	 &add($R,$r01,$R);
-	 &add($H2,$t05,$H2)			&FR($t05);
-	&muh($a[0],$b[2],($r09)=&NR(1));
-	 &cmpult($R,$r06,($t06)=&NR(1));	&FR($r06);
-	 &add($R,$r07,$R);
-	 &add($H1,$t06,$H1)			&FR($t06);
-	&muh($a[1],$b[1],($r10)=&NR(1));
-	 &cmpult($R,$r07,($t07)=&NR(1));	&FR($r07);
-	 &add($R,$r08,$R);
-	 &add($H2,$t07,$H2)			&FR($t07);
-	&muh($a[2],$b[0],($r11)=&NR(1));
-	 &cmpult($R,$r08,($t08)=&NR(1));	&FR($r08);
-	 &add($H1,$t08,$H1)			&FR($t08);
-	&st($R,&QWPw(2,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r09,$R);
-	&mov("zero",$H2);
-	&mul($a[0],$b[3],($r12)=&NR(1));
-	 &cmpult($R,$r09,($t09)=&NR(1));	&FR($r09);
-	 &add($R,$r10,$R);
-	 &add($H1,$t09,$H1)			&FR($t09);
-	&mul($a[1],$b[2],($r13)=&NR(1));
-	 &cmpult($R,$r10,($t10)=&NR(1));	&FR($r10);
-	 &add($R,$r11,$R);
-	 &add($H1,$t10,$H1)			&FR($t10);
-	&mul($a[2],$b[1],($r14)=&NR(1));
-	 &cmpult($R,$r11,($t11)=&NR(1));	&FR($r11);
-	 &add($R,$r12,$R);
-	 &add($H1,$t11,$H1)			&FR($t11);
-	&mul($a[3],$b[0],($r15)=&NR(1));
-	 &cmpult($R,$r12,($t12)=&NR(1));	&FR($r12);
-	 &add($R,$r13,$R);
-	 &add($H1,$t12,$H1)			&FR($t12);
-	&muh($a[0],$b[3],($r16)=&NR(1));
-	 &cmpult($R,$r13,($t13)=&NR(1));	&FR($r13);
-	 &add($R,$r14,$R);
-	 &add($H1,$t13,$H1)			&FR($t13);
-	&muh($a[1],$b[2],($r17)=&NR(1));
-	 &cmpult($R,$r14,($t14)=&NR(1));	&FR($r14);
-	 &add($R,$r15,$R);
-	 &add($H1,$t14,$H1)			&FR($t14);
-	&muh($a[2],$b[1],($r18)=&NR(1));
-	 &cmpult($R,$r15,($t15)=&NR(1));	&FR($r15);
-	 &add($H1,$t15,$H1)			&FR($t15);
-	&st($R,&QWPw(3,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r16,$R);
-	&mov("zero",$H2);
-	&muh($a[3],$b[0],($r19)=&NR(1));
-	 &cmpult($R,$r16,($t16)=&NR(1));	&FR($r16);
-	 &add($R,$r17,$R);
-	 &add($H1,$t16,$H1)			&FR($t16);
-	&mul($a[1],$b[3],($r20)=&NR(1));
-	 &cmpult($R,$r17,($t17)=&NR(1));	&FR($r17);
-	 &add($R,$r18,$R);
-	 &add($H1,$t17,$H1)			&FR($t17);
-	&mul($a[2],$b[2],($r21)=&NR(1));
-	 &cmpult($R,$r18,($t18)=&NR(1));	&FR($r18);
-	 &add($R,$r19,$R);
-	 &add($H1,$t18,$H1)			&FR($t18);
-	&mul($a[3],$b[1],($r22)=&NR(1));
-	 &cmpult($R,$r19,($t19)=&NR(1));	&FR($r19);
-	 &add($R,$r20,$R);
-	 &add($H1,$t19,$H1)			&FR($t19);
-	&muh($a[1],$b[3],($r23)=&NR(1));
-	 &cmpult($R,$r20,($t20)=&NR(1));	&FR($r20);
-	 &add($R,$r21,$R);
-	 &add($H1,$t20,$H1)			&FR($t20);
-	&muh($a[2],$b[2],($r24)=&NR(1));
-	 &cmpult($R,$r21,($t21)=&NR(1));	&FR($r21);
-	 &add($R,$r22,$R);
-	 &add($H1,$t21,$H1)			&FR($t21);
-	&muh($a[3],$b[1],($r25)=&NR(1));
-	 &cmpult($R,$r22,($t22)=&NR(1));	&FR($r22);
-	 &add($H1,$t22,$H1)			&FR($t22);
-	&st($R,&QWPw(4,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r23,$R);
-	&mov("zero",$H2);
-	&mul($a[2],$b[3],($r26)=&NR(1));
-	 &cmpult($R,$r23,($t23)=&NR(1));	&FR($r23);
-	 &add($R,$r24,$R);
-	 &add($H1,$t23,$H1)			&FR($t23);
-	&mul($a[3],$b[2],($r27)=&NR(1));
-	 &cmpult($R,$r24,($t24)=&NR(1));	&FR($r24);
-	 &add($R,$r25,$R);
-	 &add($H1,$t24,$H1)			&FR($t24);
-	&muh($a[2],$b[3],($r28)=&NR(1));
-	 &cmpult($R,$r25,($t25)=&NR(1));	&FR($r25);
-	 &add($R,$r26,$R);
-	 &add($H1,$t25,$H1)			&FR($t25);
-	&muh($a[3],$b[2],($r29)=&NR(1));
-	 &cmpult($R,$r26,($t26)=&NR(1));	&FR($r26);
-	 &add($R,$r27,$R);
-	 &add($H1,$t26,$H1)			&FR($t26);
-	&mul($a[3],$b[3],($r30)=&NR(1));
-	 &cmpult($R,$r27,($t27)=&NR(1));	&FR($r27);
-	 &add($H1,$t27,$H1)			&FR($t27);
-	&st($R,&QWPw(5,$rp));
-	&add($H1,$H2,$R);
-
-	&mov("zero",$H1);
-	 &add($R,$r28,$R);
-	&mov("zero",$H2);
-	&muh($a[3],$b[3],($r31)=&NR(1));
-	 &cmpult($R,$r28,($t28)=&NR(1));	&FR($r28);
-	 &add($R,$r29,$R);
-	 &add($H1,$t28,$H1)			&FR($t28);
-	############
-	 &cmpult($R,$r29,($t29)=&NR(1));	&FR($r29);
-	 &add($R,$r30,$R);
-	 &add($H1,$t29,$H1)			&FR($t29);
-        ############
-	 &cmpult($R,$r30,($t30)=&NR(1));	&FR($r30);
-	 &add($H1,$t30,$H1)			&FR($t30);
-	&st($R,&QWPw(6,$rp));
-	&add($H1,$H2,$R);
-
-	 &add($R,$r31,$R);			&FR($r31);
-	&st($R,&QWPw(7,$rp));
-
-	&FR($R,$H1,$H2);
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/mul_c4.works.pl b/crypto/openssl/crypto/bn/asm/alpha/mul_c4.works.pl
deleted file mode 100644
index 79d86dd25cd1..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/mul_c4.works.pl
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub mul_add_c
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-print STDERR "count=$cnt\n"; $cnt++;
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&add($t1,$h1,$h1);		&FR($t1);
-	&add($c1,$h1,$c1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub bn_mul_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));	&FR($ap);
-	&ld(($b[3])=&NR(1),&QWPw(3,$bp));	&FR($bp);
-
-	($c0,$c1,$c2)=&NR(3);
-	&mov("zero",$c2);
-	&mul($a[0],$b[0],$c0);
-	&muh($a[0],$b[0],$c1);
-	&st($c0,&QWPw(0,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[0],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[3],$c0,$c1,$c2);	&FR($a[0]);
-	&mul_add_c($a[1],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[0],$c0,$c1,$c2);	&FR($b[0]);
-	&st($c0,&QWPw(3,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[3],$c0,$c1,$c2);	&FR($a[1]);
-	&mul_add_c($a[2],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[1],$c0,$c1,$c2);	&FR($b[1]);
-	&st($c0,&QWPw(4,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[2],$b[3],$c0,$c1,$c2);	&FR($a[2]);
-	&mul_add_c($a[3],$b[2],$c0,$c1,$c2);	&FR($b[2]);
-	&st($c0,&QWPw(5,$rp));			&FR($c0); ($c0)=&NR($c0);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[3],$b[3],$c0,$c1,$c2);	&FR($a[3],$b[3]);
-	&st($c0,&QWPw(6,$rp));
-	&st($c1,&QWPw(7,$rp));
-
-	&FR($c0,$c1,$c2);
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/mul_c8.pl b/crypto/openssl/crypto/bn/asm/alpha/mul_c8.pl
deleted file mode 100644
index 525ca7494b73..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/mul_c8.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_mul_comba8
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(3);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&stack_push(2);
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($b[0])=&NR(1),&QWPw(0,$bp));
-	&st($reg_s0,&swtmp(0)); &FR($reg_s0);
-	&st($reg_s1,&swtmp(1)); &FR($reg_s1);
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[1])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($b[2])=&NR(1),&QWPw(2,$bp));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&ld(($b[3])=&NR(1),&QWPw(3,$bp));
-	&ld(($a[4])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[4])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[5])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[5])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[6])=&NR(1),&QWPw(1,$ap));
-	&ld(($b[6])=&NR(1),&QWPw(1,$bp));
-	&ld(($a[7])=&NR(1),&QWPw(1,$ap));	&FR($ap);
-	&ld(($b[7])=&NR(1),&QWPw(1,$bp));	&FR($bp);
-
-	($c0,$c1,$c2)=&NR(3);
-	&mov("zero",$c2);
-	&mul($a[0],$b[0],$c0);
-	&muh($a[0],$b[0],$c1);
-	&st($c0,&QWPw(0,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[1],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[0],$b[7],$c0,$c1,$c2);	&FR($a[0]);
-	&mul_add_c($a[1],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[2],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[1],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[0],$c0,$c1,$c2);	&FR($b[0]);
-	&st($c0,&QWPw(7,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[1],$b[7],$c0,$c1,$c2);	&FR($a[1]);
-	&mul_add_c($a[2],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[3],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[2],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[1],$c0,$c1,$c2);	&FR($b[1]);
-	&st($c0,&QWPw(8,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[2],$b[7],$c0,$c1,$c2);	&FR($a[2]);
-	&mul_add_c($a[3],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[4],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[3],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[2],$c0,$c1,$c2);	&FR($b[2]);
-	&st($c0,&QWPw(9,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[3],$b[7],$c0,$c1,$c2);	&FR($a[3]);
-	&mul_add_c($a[4],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[5],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[4],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[3],$c0,$c1,$c2);	&FR($b[3]);
-	&st($c0,&QWPw(10,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[4],$b[7],$c0,$c1,$c2);	&FR($a[4]);
-	&mul_add_c($a[5],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[6],$b[5],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[4],$c0,$c1,$c2);	&FR($b[4]);
-	&st($c0,&QWPw(11,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[5],$b[7],$c0,$c1,$c2);	&FR($a[5]);
-	&mul_add_c($a[6],$b[6],$c0,$c1,$c2);
-	&mul_add_c($a[7],$b[5],$c0,$c1,$c2);	&FR($b[5]);
-	&st($c0,&QWPw(12,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[6],$b[7],$c0,$c1,$c2);	&FR($a[6]);
-	&mul_add_c($a[7],$b[6],$c0,$c1,$c2);	&FR($b[6]);
-	&st($c0,&QWPw(13,$rp));			&FR($c0); ($c0)=&NR(1);
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&mul_add_c($a[7],$b[7],$c0,$c1,$c2);	&FR($a[7],$b[7]);
-	&st($c0,&QWPw(14,$rp));
-	&st($c1,&QWPw(15,$rp));
-
-	&FR($c0,$c1,$c2);
-
-	&ld($reg_s0,&swtmp(0));
-	&ld($reg_s1,&swtmp(1));
-	&stack_pop(2);
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/sqr.pl b/crypto/openssl/crypto/bn/asm/alpha/sqr.pl
deleted file mode 100644
index a55b696906e1..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/sqr.pl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r,$couny);
-
-	&init_pool(3);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$count=&wparam(2);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&br(&label("finish"));
-	&blt($count,&label("finish"));
-
-	($a0,$r0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
-	&set_label("loop");
-
-	($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
-	($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
-	($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-	($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
-	($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
-	($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
-	($o0,$t0)=&NR(2);
-	&add($a0,$b0,$o0); 
-	&cmpult($o0,$b0,$t0);
-	&add($o0,$cc,$o0);
-	&cmpult($o0,$cc,$cc);
-	&add($cc,$t0,$cc);	&FR($t0);
-
-	($t1,$o1)=&NR(2);
-
-	&add($a1,$b1,$o1);	&FR($a1);
-	&cmpult($o1,$b1,$t1);	&FR($b1);
-	&add($o1,$cc,$o1);
-	&cmpult($o1,$cc,$cc);
-	&add($cc,$t1,$cc);	&FR($t1);
-
-	($t2,$o2)=&NR(2);
-
-	&add($a2,$b2,$o2);	&FR($a2);
-	&cmpult($o2,$b2,$t2);	&FR($b2);
-	&add($o2,$cc,$o2);
-	&cmpult($o2,$cc,$cc);
-	&add($cc,$t2,$cc);	&FR($t2);
-
-	($t3,$o3)=&NR(2);
-
-	&add($a3,$b3,$o3);	&FR($a3);
-	&cmpult($o3,$b3,$t3);	&FR($b3);
-	&add($o3,$cc,$o3);
-	&cmpult($o3,$cc,$cc);
-	&add($cc,$t3,$cc);	&FR($t3);
-
-	&st($o0,&QWPw(0,$rp)); &FR($o0);
-	&st($o1,&QWPw(0,$rp)); &FR($o1);
-	&st($o2,&QWPw(0,$rp)); &FR($o2);
-	&st($o3,&QWPw(0,$rp)); &FR($o3);
-
-	&sub($count,4,$count);	# count-=4
-	&add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	&add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-EOF
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld(($a0)=&NR(1),&QWPw(0,$ap));	# get a
-	&mul($a0,$a0,($l0)=&NR(1));
-	 &add($ap,$QWS,$ap);
-	 &add($rp,2*$QWS,$rp);
-	 &sub($count,1,$count);
-	&muh($a0,$a0,($h0)=&NR(1));	&FR($a0);
-	&st($l0,&QWPw(-2,$rp));		&FR($l0);
-	&st($h0,&QWPw(-1,$rp));		&FR($h0);
-
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/sqr_c4.pl b/crypto/openssl/crypto/bn/asm/alpha/sqr_c4.pl
deleted file mode 100644
index bf33f5b50372..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/sqr_c4.pl
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub sqr_add_c
-	{
-	local($a,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$a,($l1)=&NR(1));
-	&muh($a,$a,($h1)=&NR(1));
-	&add($c0,$l1,$c0);
-	&add($c1,$h1,$c1);
-	&cmpult($c0,$l1,($t1)=&NR(1));	&FR($l1);
-	&cmpult($c1,$h1,($t2)=&NR(1));	&FR($h1);
-	&add($c1,$t1,$c1);		&FR($t1);
-	&add($c2,$t2,$c2);		&FR($t2);
-	}
-
-sub sqr_add_c2
-	{
-	local($a,$b,$c0,$c1,$c2)=@_;
-	local($l1,$h1,$t1,$t2);
-
-	&mul($a,$b,($l1)=&NR(1));
-	&muh($a,$b,($h1)=&NR(1));
-	&cmplt($l1,"zero",($lc1)=&NR(1));
-	&cmplt($h1,"zero",($hc1)=&NR(1));
-	&add($l1,$l1,$l1);
-	&add($h1,$h1,$h1);
-	&add($h1,$lc1,$h1);		&FR($lc1);
-	&add($c2,$hc1,$c2);		&FR($hc1);
-
-	&add($c0,$l1,$c0);
-	&add($c1,$h1,$c1);
-	&cmpult($c0,$l1,($lc1)=&NR(1));	&FR($l1);
-	&cmpult($c1,$h1,($hc1)=&NR(1));	&FR($h1);
-
-	&add($c1,$lc1,$c1);		&FR($lc1);
-	&add($c2,$hc1,$c2);		&FR($hc1);
-	}
-
-
-sub bn_sqr_comba4
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(2);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-        &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
-
-	($c0,$c1,$c2)=&NR(3);
-
-	&mov("zero",$c2);
-	&mul($a[0],$a[0],$c0);
-	&muh($a[0],$a[0],$c1);
-	&st($c0,&QWPw(0,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[3],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));
-	&st($c1,&QWPw(7,$rp));
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/sqr_c8.pl b/crypto/openssl/crypto/bn/asm/alpha/sqr_c8.pl
deleted file mode 100644
index b4afe085f1c9..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/sqr_c8.pl
+++ /dev/null
@@ -1,132 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember 
-
-sub bn_sqr_comba8
-	{
-	local($name)=@_;
-	local(@a,@b,$r,$c0,$c1,$c2);
-
-	$cnt=1;
-	&init_pool(2);
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-
-	&function_begin($name,"");
-
-	&comment("");
-
-	&ld(($a[0])=&NR(1),&QWPw(0,$ap));
-	&ld(($a[1])=&NR(1),&QWPw(1,$ap));
-	&ld(($a[2])=&NR(1),&QWPw(2,$ap));
-	&ld(($a[3])=&NR(1),&QWPw(3,$ap));
-	&ld(($a[4])=&NR(1),&QWPw(4,$ap));
-	&ld(($a[5])=&NR(1),&QWPw(5,$ap));
-	&ld(($a[6])=&NR(1),&QWPw(6,$ap));
-        &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
-
-	($c0,$c1,$c2)=&NR(3);
-
-	&mov("zero",$c2);
-	&mul($a[0],$a[0],$c0);
-	&muh($a[0],$a[0],$c1);
-	&st($c0,&QWPw(0,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(1,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(2,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(3,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(4,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(5,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(6,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
-	&st($c0,&QWPw(7,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
-	&st($c0,&QWPw(8,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
-	&st($c0,&QWPw(9,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[5],$c0,$c1,$c2);
-	&sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
-	&st($c0,&QWPw(10,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
-	&st($c0,&QWPw(11,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[6],$c0,$c1,$c2);
-	&sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
-	&st($c0,&QWPw(12,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
-	&st($c0,&QWPw(13,$rp));
-	($c0,$c1,$c2)=($c1,$c2,$c0);
-	&mov("zero",$c2);
-
-	&sqr_add_c($a[7],$c0,$c1,$c2);
-	&st($c0,&QWPw(14,$rp));
-	&st($c1,&QWPw(15,$rp));
-
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/alpha/sub.pl b/crypto/openssl/crypto/bn/asm/alpha/sub.pl
deleted file mode 100644
index d998da5c21a2..000000000000
--- a/crypto/openssl/crypto/bn/asm/alpha/sub.pl
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r);
-
-	&init_pool(4);
-	($cc)=GR("r0");
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-	$count=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&blt($count,&label("finish"));
-
-	($a0,$b0)=&NR(2);
-	&ld($a0,&QWPw(0,$ap));
-	&ld($b0,&QWPw(0,$bp));
-
-##########################################################
-	&set_label("loop");
-
-	($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
-	&ld($a1,&QWPw(1,$ap));
-	 &cmpult($a0,$b0,$tmp);	# will we borrow?
-	&ld($b1,&QWPw(1,$bp));
-	 &sub($a0,$b0,$a0);		# do the subtract
-	&ld($a2,&QWPw(2,$ap));
-	 &cmpult($a0,$cc,$b0);	# will we borrow?
-	&ld($b2,&QWPw(2,$bp));
-	 &sub($a0,$cc,$o0);	# will we borrow?
-	&ld($a3,&QWPw(3,$ap));
-	 &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
-
-	&cmpult($a1,$b1,$t1);	# will we borrow?
-	 &sub($a1,$b1,$a1);	# do the subtract
-	&ld($b3,&QWPw(3,$bp));
-	 &cmpult($a1,$cc,$b1);	# will we borrow?
-	&sub($a1,$cc,$o1);	# will we borrow?
-	 &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
-	
-	&cmpult($a2,$b2,$tmp);	# will we borrow?
-	 &sub($a2,$b2,$a2);		# do the subtract
-	&st($o0,&QWPw(0,$rp));	&FR($o0); # save
-	 &cmpult($a2,$cc,$b2);	# will we borrow?
-	&sub($a2,$cc,$o2);	# will we borrow?
-	 &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
-
-	&cmpult($a3,$b3,$t3);	# will we borrow?
-	 &sub($a3,$b3,$a3);	# do the subtract
-	&st($o1,&QWPw(1,$rp)); &FR($o1);
-	 &cmpult($a3,$cc,$b3);	# will we borrow?
-	&sub($a3,$cc,$o3);	# will we borrow?
-	 &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
-
-	&st($o2,&QWPw(2,$rp));	&FR($o2);
-	 &sub($count,4,$count);	# count-=4
-	&st($o3,&QWPw(3,$rp));	&FR($o3);
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	 &add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld($a0,&QWPw(0,$ap));	# get a
-	 &ld($b0,&QWPw(0,$bp));	# get b
-	&cmpult($a0,$b0,$tmp);	# will we borrow?
-	&sub($a0,$b0,$a0);	# do the subtract
-	&cmpult($a0,$cc,$b0);	# will we borrow?
-	&sub($a0,$cc,$a0);	# will we borrow?
-	&st($a0,&QWPw(0,$rp));	# save
-	&add($b0,$tmp,$cc);	# add the borrows
-
-	&add($ap,$QWS,$ap);
-	&add($bp,$QWS,$bp);
-	&add($rp,$QWS,$rp);
-	&sub($count,1,$count);
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&FR($a0,$b0);
-	&set_label("end");
-	&function_end($name);
-
-	&fin_pool;
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/bn-586.pl b/crypto/openssl/crypto/bn/asm/bn-586.pl
deleted file mode 100644
index 33f61259201a..000000000000
--- a/crypto/openssl/crypto/bn/asm/bn-586.pl
+++ /dev/null
@@ -1,593 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_sub_part_words("bn_sub_part_words");
-
-&asm_finish();
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ebp";
-	$r="edi";
-	$c="esi";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-
-	&mov("ecx",&wparam(2));	#
-	&mov($a,&wparam(1));	#
-
-	&and("ecx",0xfffffff8);	# num / 8
-	&mov($w,&wparam(3));	#
-
-	&push("ecx");		# Up the stack for a tmp variable
-
-	&jz(&label("maw_finish"));
-
-	&set_label("maw_loop",0);
-
-	&mov(&swtmp(0),"ecx");	#
-
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);		# L(t)+= *r
-		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);		# L(t)+=c
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&mov("ecx",&swtmp(0));	#
-	&add($a,32);
-	&add($r,32);
-	&sub("ecx",8);
-	&jnz(&label("maw_loop"));
-
-	&set_label("maw_finish",0);
-	&mov("ecx",&wparam(2));	# get num
-	&and("ecx",7);
-	&jnz(&label("maw_finish2"));	# helps branch prediction
-	&jmp(&label("maw_end"));
-
-	&set_label("maw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);
-		&adc("edx",0);			# H(t)+=carry
-		 &dec("ecx") if ($i != 7-1);
-		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
-		 &mov($c,"edx");			# c=  H(t);
-		&jz(&label("maw_end")) if ($i != 7-1);
-		}
-	&set_label("maw_end",0);
-	&mov("eax",$c);
-
-	&pop("ecx");	# clear variable from
-
-	&function_end($name);
-	}
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ecx";
-	$r="edi";
-	$c="esi";
-	$num="ebp";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-	&mov($w,&wparam(3));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("mw_finish"));
-
-	&set_label("mw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jz(&label("mw_finish"));
-	&jmp(&label("mw_loop"));
-
-	&set_label("mw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jnz(&label("mw_finish2"));
-	&jmp(&label("mw_end"));
-
-	&set_label("mw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		 &dec($num) if ($i != 7-1);
-		&jz(&label("mw_end")) if ($i != 7-1);
-		}
-	&set_label("mw_end",0);
-	&mov("eax",$c);
-
-	&function_end($name);
-	}
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$r="esi";
-	$a="edi";
-	$num="ebx";
-
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("sw_finish"));
-
-	&set_label("sw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-		&mov("eax",&DWP($i,$a,"",0)); 	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*2,$r,"",0),"eax");	#
-		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,64);
-	&sub($num,8);
-	&jnz(&label("sw_loop"));
-
-	&set_label("sw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jz(&label("sw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov("eax",&DWP($i*4,$a,"",0));	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*8,$r,"",0),"eax");	#
-		 &dec($num) if ($i != 7-1);
-		&mov(&DWP($i*8+4,$r,"",0),"edx");
-		 &jz(&label("sw_end")) if ($i != 7-1);
-		}
-	&set_label("sw_end",0);
-
-	&function_end($name);
-	}
-
-sub bn_div_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-	&mov("edx",&wparam(0));	#
-	&mov("eax",&wparam(1));	#
-	&mov("ebx",&wparam(2));	#
-	&div("ebx");
-	&function_end($name);
-	}
-
-sub bn_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-sub bn_sub_part_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP(0,$a,"",0));	# *a
-		 &mov($tmp2,&DWP(0,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		&mov(&DWP(0,$r,"",0),$tmp1);	# *r
-		&add($a, 4);
-		&add($b, 4);
-		&add($r, 4);
-		 &dec($num) if ($i != 6);
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-	&cmp(&wparam(4),0);
-	&je(&label("pw_end"));
-
-	&mov($num,&wparam(4));	# get dl
-	&cmp($num,0);
-	&je(&label("pw_end"));
-	&jge(&label("pw_pos"));
-
-	&comment("pw_neg");
-	&mov($tmp2,0);
-	&sub($tmp2,$num);
-	&mov($num,$tmp2);
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("pw_neg_finish"));
-
-	&set_label("pw_neg_loop",0);
-	for ($i=0; $i<8; $i++)
-	{
-	    &comment("dl<0 Round $i");
-
-	    &mov($tmp1,0);
-	    &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-	    &sub($tmp1,$c);
-	    &mov($c,0);
-	    &adc($c,$c);
-	    &sub($tmp1,$tmp2);
-	    &adc($c,0);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-	}
-	    
-	&comment("");
-	&add($b,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_neg_loop"));
-	    
-	&set_label("pw_neg_finish",0);
-	&mov($tmp2,&wparam(4));	# get dl
-	&mov($num,0);
-	&sub($num,$tmp2);
-	&and($num,7);
-	&jz(&label("pw_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &comment("dl<0 Tail Round $i");
-	    &mov($tmp1,0);
-	    &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-	    &sub($tmp1,$c);
-	    &mov($c,0);
-	    &adc($c,$c);
-	    &sub($tmp1,$tmp2);
-	    &adc($c,0);
-	    &dec($num) if ($i != 6);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jz(&label("pw_end")) if ($i != 6);
-	}
-
-	&jmp(&label("pw_end"));
-	
-	&set_label("pw_pos",0);
-	
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("pw_pos_finish"));
-
-	&set_label("pw_pos_loop",0);
-
-	for ($i=0; $i<8; $i++)
-	{
-	    &comment("dl>0 Round $i");
-
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &sub($tmp1,$c);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jnc(&label("pw_nc".$i));
-	}
-	    
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_pos_loop"));
-	    
-	&set_label("pw_pos_finish",0);
-	&mov($num,&wparam(4));	# get dl
-	&and($num,7);
-	&jz(&label("pw_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &comment("dl>0 Tail Round $i");
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &sub($tmp1,$c);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jnc(&label("pw_tail_nc".$i));
-	    &dec($num) if ($i != 6);
-	    &jz(&label("pw_end")) if ($i != 6);
-	}
-	&mov($c,1);
-	&jmp(&label("pw_end"));
-
-	&set_label("pw_nc_loop",0);
-	for ($i=0; $i<8; $i++)
-	{
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &set_label("pw_nc".$i,0);
-	}
-	    
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_nc_loop"));
-	    
-	&mov($num,&wparam(4));	# get dl
-	&and($num,7);
-	&jz(&label("pw_nc_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &set_label("pw_tail_nc".$i,0);
-	    &dec($num) if ($i != 6);
-	    &jz(&label("pw_nc_end")) if ($i != 6);
-	}
-
-	&set_label("pw_nc_end",0);
-	&mov($c,0);
-
-	&set_label("pw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
diff --git a/crypto/openssl/crypto/bn/asm/bn-alpha.pl b/crypto/openssl/crypto/bn/asm/bn-alpha.pl
deleted file mode 100644
index 302edf237678..000000000000
--- a/crypto/openssl/crypto/bn/asm/bn-alpha.pl
+++ /dev/null
@@ -1,571 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-$d=&data();
-$d =~ s/CC/0/g;
-$d =~ s/R1/1/g;
-$d =~ s/R2/2/g;
-$d =~ s/R3/3/g;
-$d =~ s/R4/4/g;
-$d =~ s/L1/5/g;
-$d =~ s/L2/6/g;
-$d =~ s/L3/7/g;
-$d =~ s/L4/8/g;
-$d =~ s/O1/22/g;
-$d =~ s/O2/23/g;
-$d =~ s/O3/24/g;
-$d =~ s/O4/25/g;
-$d =~ s/A1/20/g;
-$d =~ s/A2/21/g;
-$d =~ s/A3/27/g;
-$d =~ s/A4/28/g;
-if (0){
-}
-
-print $d;
-
-sub data
-	{
-	local($data)=<<'EOF';
-
- # DEC Alpha assember
- # The bn_div_words is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch@ceddec.com for sending me the gcc output for
- # bn_div_words.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed.  I've done modification to help
- # improve this.  Also, normally, a ld instruction will not be available
- # for about 3 cycles.
-	.file	1 "bn_asm.c"
-	.set noat
-gcc2_compiled.:
-__gnu_compiled_c:
-	.text
-	.align 3
-	.globl bn_mul_add_words
-	.ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$CC
-	blt	$18,$43		# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$A1,0($17)	# 1 1
-	ldq	$R1,0($16)	# 1 1
-	.align 3
-$42:
-	mulq	$A1,$19,$L1	# 1 2 1	######
-	ldq	$A2,8($17)	# 2 1
-	ldq	$R2,8($16)	# 2 1
-	umulh	$A1,$19,$A1	# 1 2	######
-	ldq	$A3,16($17)	# 3 1
-	ldq	$R3,16($16)	# 3 1
-	mulq	$A2,$19,$L2	# 2 2 1	######
-	 ldq	$A4,24($17)	# 4 1
-	addq	$R1,$L1,$R1	# 1 2 2
-	 ldq	$R4,24($16)	# 4 1
-	umulh	$A2,$19,$A2	# 2 2	######
-	 cmpult	$R1,$L1,$O1	# 1 2 3 1
-	addq	$A1,$O1,$A1	# 1 3 1
-	 addq	$R1,$CC,$R1	# 1 2 3 1
-	mulq	$A3,$19,$L3	# 3 2 1	######
-	 cmpult	$R1,$CC,$CC	# 1 2 3 2
-	addq	$R2,$L2,$R2	# 2 2 2
-	 addq	$A1,$CC,$CC	# 1 3 2 
-	cmpult	$R2,$L2,$O2	# 2 2 3 1
-	 addq	$A2,$O2,$A2	# 2 3 1
-	umulh	$A3,$19,$A3	# 3 2	######
-	 addq	$R2,$CC,$R2	# 2 2 3 1
-	cmpult	$R2,$CC,$CC	# 2 2 3 2
-	 subq	$18,4,$18
-	mulq	$A4,$19,$L4	# 4 2 1	######
-	 addq	$A2,$CC,$CC	# 2 3 2 
-	addq	$R3,$L3,$R3	# 3 2 2
-	 addq	$16,32,$16
-	cmpult	$R3,$L3,$O3	# 3 2 3 1
-	 stq	$R1,-32($16)	# 1 2 4
-	umulh	$A4,$19,$A4	# 4 2	######
-	 addq	$A3,$O3,$A3	# 3 3 1
-	addq	$R3,$CC,$R3	# 3 2 3 1
-	 stq	$R2,-24($16)	# 2 2 4
-	cmpult	$R3,$CC,$CC	# 3 2 3 2
-	 stq	$R3,-16($16)	# 3 2 4
-	addq	$R4,$L4,$R4	# 4 2 2
-	 addq	$A3,$CC,$CC	# 3 3 2 
-	cmpult	$R4,$L4,$O4	# 4 2 3 1
-	 addq	$17,32,$17
-	addq	$A4,$O4,$A4	# 4 3 1
-	 addq	$R4,$CC,$R4	# 4 2 3 1
-	cmpult	$R4,$CC,$CC	# 4 2 3 2
-	 stq	$R4,-8($16)	# 4 2 4
-	addq	$A4,$CC,$CC	# 4 3 2 
-	 blt	$18,$43
-
-	ldq	$A1,0($17)	# 1 1
-	ldq	$R1,0($16)	# 1 1
-
-	br	$42
-
-	.align 4
-$45:
-	ldq	$A1,0($17)	# 4 1
-	ldq	$R1,0($16)	# 4 1
-	mulq	$A1,$19,$L1	# 4 2 1
-	subq	$18,1,$18
-	addq	$16,8,$16
-	addq	$17,8,$17
-	umulh	$A1,$19,$A1	# 4 2
-	addq	$R1,$L1,$R1	# 4 2 2
-	cmpult	$R1,$L1,$O1	# 4 2 3 1
-	addq	$A1,$O1,$A1	# 4 3 1
-	addq	$R1,$CC,$R1	# 4 2 3 1
-	cmpult	$R1,$CC,$CC	# 4 2 3 2
-	addq	$A1,$CC,$CC	# 4 3 2 
-	stq	$R1,-8($16)	# 4 2 4
-	bgt	$18,$45
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$43:
-	addq	$18,4,$18
-	bgt	$18,$45		# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_add_words
-	.align 3
-	.globl bn_mul_words
-	.ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-	.align 5
-	subq	$18,4,$18
-	bis	$31,$31,$CC
-	blt	$18,$143	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$A1,0($17)	# 1 1
-	.align 3
-$142:
-
-	mulq	$A1,$19,$L1	# 1 2 1	#####
-	 ldq	$A2,8($17)	# 2 1
-	 ldq	$A3,16($17)	# 3 1
-	umulh	$A1,$19,$A1	# 1 2	#####
-	 ldq	$A4,24($17)	# 4 1
-	mulq	$A2,$19,$L2	# 2 2 1	#####
-	 addq	$L1,$CC,$L1	# 1 2 3 1
-	subq	$18,4,$18
-	 cmpult	$L1,$CC,$CC	# 1 2 3 2
-	umulh	$A2,$19,$A2	# 2 2	#####
-	 addq	$A1,$CC,$CC	# 1 3 2 
-	addq	$17,32,$17
-	 addq	$L2,$CC,$L2	# 2 2 3 1
-	mulq	$A3,$19,$L3	# 3 2 1	#####
-	 cmpult	$L2,$CC,$CC	# 2 2 3 2
-	addq	$A2,$CC,$CC	# 2 3 2 
-	 addq	$16,32,$16
-	umulh	$A3,$19,$A3	# 3 2	#####
-	 stq	$L1,-32($16)	# 1 2 4
-	mulq	$A4,$19,$L4	# 4 2 1	#####
-	 addq	$L3,$CC,$L3	# 3 2 3 1
-	stq	$L2,-24($16)	# 2 2 4
-	 cmpult	$L3,$CC,$CC	# 3 2 3 2
-	umulh	$A4,$19,$A4	# 4 2	#####
-	 addq	$A3,$CC,$CC	# 3 3 2 
-	stq	$L3,-16($16)	# 3 2 4
-	 addq	$L4,$CC,$L4	# 4 2 3 1
-	cmpult	$L4,$CC,$CC	# 4 2 3 2
-
-	addq	$A4,$CC,$CC	# 4 3 2 
-
-	stq	$L4,-8($16)	# 4 2 4
-
-	blt	$18,$143
-
-	ldq	$A1,0($17)	# 1 1
-
-	br	$142
-
-	.align 4
-$145:
-	ldq	$A1,0($17)	# 4 1
-	mulq	$A1,$19,$L1	# 4 2 1
-	subq	$18,1,$18
-	umulh	$A1,$19,$A1	# 4 2
-	addq	$L1,$CC,$L1	# 4 2 3 1
-	 addq	$16,8,$16
-	cmpult	$L1,$CC,$CC	# 4 2 3 2
-	 addq	$17,8,$17
-	addq	$A1,$CC,$CC	# 4 3 2 
-	stq	$L1,-8($16)	# 4 2 4
-
-	bgt	$18,$145
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$143:
-	addq	$18,4,$18
-	bgt	$18,$145	# goto tail code
-	ret	$31,($26),1	# else exit
-
-	.end bn_mul_words
-	.align 3
-	.globl bn_sqr_words
-	.ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$18,4,$18
-	blt	$18,$543	# if we are -1, -2, -3 or -4 goto tail code
-	ldq	$A1,0($17)	# 1 1
-	.align 3
-$542:
-	mulq	$A1,$A1,$L1		######
-	 ldq	$A2,8($17)	# 1 1
-	subq	$18,4
- 	umulh	$A1,$A1,$R1		######
-	ldq	$A3,16($17)	# 1 1
-	mulq	$A2,$A2,$L2		######
-	ldq	$A4,24($17)	# 1 1
-	stq	$L1,0($16)	# r[0]
- 	umulh	$A2,$A2,$R2		######
-	stq	$R1,8($16)	# r[1]
-	mulq	$A3,$A3,$L3		######
-	stq	$L2,16($16)	# r[0]
- 	umulh	$A3,$A3,$R3		######
-	stq	$R2,24($16)	# r[1]
-	mulq	$A4,$A4,$L4		######
-	stq	$L3,32($16)	# r[0]
- 	umulh	$A4,$A4,$R4		######
-	stq	$R3,40($16)	# r[1]
-
- 	addq	$16,64,$16
- 	addq	$17,32,$17
-	stq	$L4,-16($16)	# r[0]
-	stq	$R4,-8($16)	# r[1]
-
-	blt	$18,$543
-	ldq	$A1,0($17)	# 1 1
- 	br 	$542
-
-$442:
-	ldq	$A1,0($17)   # a[0]
-	mulq	$A1,$A1,$L1  # a[0]*w low part       r2
-	addq	$16,16,$16
-	addq	$17,8,$17
-	subq	$18,1,$18
-        umulh	$A1,$A1,$R1  # a[0]*w high part       r3
-	stq	$L1,-16($16)   # r[0]
-        stq	$R1,-8($16)   # r[1]
-
-	bgt	$18,$442
-	ret	$31,($26),1	# else exit
-
-	.align 4
-$543:
-	addq	$18,4,$18
-	bgt	$18,$442	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_sqr_words
-
-	.align 3
-	.globl bn_add_words
-	.ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,4,$19
-	bis	$31,$31,$CC	# carry = 0
-	blt	$19,$900
-	ldq	$L1,0($17)	# a[0]
-	ldq	$R1,0($18)	# b[1]
-	.align 3
-$901:
-	addq	$R1,$L1,$R1	# r=a+b;
-	 ldq	$L2,8($17)	# a[1]
-	cmpult	$R1,$L1,$O1	# did we overflow?
-	 ldq	$R2,8($18)	# b[1]
-	addq	$R1,$CC,$R1	# c+= overflow
-	 ldq	$L3,16($17)	# a[2]
-	cmpult	$R1,$CC,$CC	# overflow?
-	 ldq	$R3,16($18)	# b[2]
-	addq	$CC,$O1,$CC
-	 ldq	$L4,24($17)	# a[3]
-	addq	$R2,$L2,$R2	# r=a+b;
-	 ldq	$R4,24($18)	# b[3]
-	cmpult	$R2,$L2,$O2	# did we overflow?
-	 addq	$R3,$L3,$R3	# r=a+b;
-	addq	$R2,$CC,$R2	# c+= overflow
-	 cmpult	$R3,$L3,$O3	# did we overflow?
-	cmpult	$R2,$CC,$CC	# overflow?
-	 addq	$R4,$L4,$R4	# r=a+b;
-	addq	$CC,$O2,$CC
-	 cmpult	$R4,$L4,$O4	# did we overflow?
-	addq	$R3,$CC,$R3	# c+= overflow
-	 stq	$R1,0($16)	# r[0]=c
-	cmpult	$R3,$CC,$CC	# overflow?
-	 stq	$R2,8($16)	# r[1]=c
-	addq	$CC,$O3,$CC
-	 stq	$R3,16($16)	# r[2]=c
-	addq	$R4,$CC,$R4	# c+= overflow
-	 subq	$19,4,$19	# loop--
-	cmpult	$R4,$CC,$CC	# overflow?
-	 addq	$17,32,$17	# a++
-	addq	$CC,$O4,$CC
-	 stq	$R4,24($16)	# r[3]=c
-	addq	$18,32,$18	# b++
-	 addq	$16,32,$16	# r++
-
-	blt	$19,$900
-	 ldq	$L1,0($17)	# a[0]
-	ldq	$R1,0($18)	# b[1]
-	 br	$901
-	.align 4
-$945:
-	ldq	$L1,0($17)	# a[0]
-	 ldq	$R1,0($18)	# b[1]
-	addq	$R1,$L1,$R1	# r=a+b;
-	 subq	$19,1,$19	# loop--
-	addq	$R1,$CC,$R1	# c+= overflow
-	 addq	$17,8,$17	# a++
-	cmpult	$R1,$L1,$O1	# did we overflow?
-	 cmpult	$R1,$CC,$CC	# overflow?
-	addq	$18,8,$18	# b++
-	 stq	$R1,0($16)	# r[0]=c
-	addq	$CC,$O1,$CC
-	 addq	$16,8,$16	# r++
-
-	bgt	$19,$945
-	ret	$31,($26),1	# else exit
-
-$900:
-	addq	$19,4,$19
-	bgt	$19,$945	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_add_words
-
-	.align 3
-	.globl bn_sub_words
-	.ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
-	.frame $30,0,$26,0
-	.prologue 0
-
-	subq	$19,4,$19
-	bis	$31,$31,$CC	# carry = 0
- br	$800
-	blt	$19,$800
-	ldq	$L1,0($17)	# a[0]
-	ldq	$R1,0($18)	# b[1]
-	.align 3
-$801:
-	addq	$R1,$L1,$R1	# r=a+b;
-	 ldq	$L2,8($17)	# a[1]
-	cmpult	$R1,$L1,$O1	# did we overflow?
-	 ldq	$R2,8($18)	# b[1]
-	addq	$R1,$CC,$R1	# c+= overflow
-	 ldq	$L3,16($17)	# a[2]
-	cmpult	$R1,$CC,$CC	# overflow?
-	 ldq	$R3,16($18)	# b[2]
-	addq	$CC,$O1,$CC
-	 ldq	$L4,24($17)	# a[3]
-	addq	$R2,$L2,$R2	# r=a+b;
-	 ldq	$R4,24($18)	# b[3]
-	cmpult	$R2,$L2,$O2	# did we overflow?
-	 addq	$R3,$L3,$R3	# r=a+b;
-	addq	$R2,$CC,$R2	# c+= overflow
-	 cmpult	$R3,$L3,$O3	# did we overflow?
-	cmpult	$R2,$CC,$CC	# overflow?
-	 addq	$R4,$L4,$R4	# r=a+b;
-	addq	$CC,$O2,$CC
-	 cmpult	$R4,$L4,$O4	# did we overflow?
-	addq	$R3,$CC,$R3	# c+= overflow
-	 stq	$R1,0($16)	# r[0]=c
-	cmpult	$R3,$CC,$CC	# overflow?
-	 stq	$R2,8($16)	# r[1]=c
-	addq	$CC,$O3,$CC
-	 stq	$R3,16($16)	# r[2]=c
-	addq	$R4,$CC,$R4	# c+= overflow
-	 subq	$19,4,$19	# loop--
-	cmpult	$R4,$CC,$CC	# overflow?
-	 addq	$17,32,$17	# a++
-	addq	$CC,$O4,$CC
-	 stq	$R4,24($16)	# r[3]=c
-	addq	$18,32,$18	# b++
-	 addq	$16,32,$16	# r++
-
-	blt	$19,$800
-	 ldq	$L1,0($17)	# a[0]
-	ldq	$R1,0($18)	# b[1]
-	 br	$801
-	.align 4
-$845:
-	ldq	$L1,0($17)	# a[0]
-	 ldq	$R1,0($18)	# b[1]
-	cmpult	$L1,$R1,$O1	# will we borrow?
-	 subq	$L1,$R1,$R1	# r=a-b;
-	subq	$19,1,$19	# loop--
-	 cmpult  $R1,$CC,$O2	# will we borrow?
-	subq	$R1,$CC,$R1	# c+= overflow
-	 addq	$17,8,$17	# a++
-	addq	$18,8,$18	# b++
-	 stq	$R1,0($16)	# r[0]=c
-	addq	$O2,$O1,$CC
-	 addq	$16,8,$16	# r++
-
-	bgt	$19,$845
-	ret	$31,($26),1	# else exit
-
-$800:
-	addq	$19,4,$19
-	bgt	$19,$845	# goto tail code
-	ret	$31,($26),1	# else exit
-	.end bn_sub_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
-	.align 3
-	.globl bn_div_words
-	.ent bn_div_words
-bn_div_words:
-	ldgp $29,0($27)
-bn_div_words..ng:
-	lda $30,-48($30)
-	.frame $30,48,$26,0
-	stq $26,0($30)
-	stq $9,8($30)
-	stq $10,16($30)
-	stq $11,24($30)
-	stq $12,32($30)
-	stq $13,40($30)
-	.mask 0x4003e00,-48
-	.prologue 1
-	bis $16,$16,$9
-	bis $17,$17,$10
-	bis $18,$18,$11
-	bis $31,$31,$13
-	bis $31,2,$12
-	bne $11,$119
-	lda $0,-1
-	br $31,$136
-	.align 4
-$119:
-	bis $11,$11,$16
-	jsr $26,BN_num_bits_word
-	ldgp $29,0($26)
-	subq $0,64,$1
-	beq $1,$120
-	bis $31,1,$1
-	sll $1,$0,$1
-	cmpule $9,$1,$1
-	bne $1,$120
- #	lda $16,_IO_stderr_
- #	lda $17,$C32
- #	bis $0,$0,$18
- #	jsr $26,fprintf
- #	ldgp $29,0($26)
-	jsr $26,abort
-	ldgp $29,0($26)
-	.align 4
-$120:
-	bis $31,64,$3
-	cmpult $9,$11,$2
-	subq $3,$0,$1
-	addl $1,$31,$0
-	subq $9,$11,$1
-	cmoveq $2,$1,$9
-	beq $0,$122
-	zapnot $0,15,$2
-	subq $3,$0,$1
-	sll $11,$2,$11
-	sll $9,$2,$3
-	srl $10,$1,$1
-	sll $10,$2,$10
-	bis $3,$1,$9
-$122:
-	srl $11,32,$5
-	zapnot $11,15,$6
-	lda $7,-1
-	.align 5
-$123:
-	srl $9,32,$1
-	subq $1,$5,$1
-	bne $1,$126
-	zapnot $7,15,$27
-	br $31,$127
-	.align 4
-$126:
-	bis $9,$9,$24
-	bis $5,$5,$25
-	divqu $24,$25,$27
-$127:
-	srl $10,32,$4
-	.align 5
-$128:
-	mulq $27,$5,$1
-	subq $9,$1,$3
-	zapnot $3,240,$1
-	bne $1,$129
-	mulq $6,$27,$2
-	sll $3,32,$1
-	addq $1,$4,$1
-	cmpule $2,$1,$2
-	bne $2,$129
-	subq $27,1,$27
-	br $31,$128
-	.align 4
-$129:
-	mulq $27,$6,$1
-	mulq $27,$5,$4
-	srl $1,32,$3
-	sll $1,32,$1
-	addq $4,$3,$4
-	cmpult $10,$1,$2
-	subq $10,$1,$10
-	addq $2,$4,$2
-	cmpult $9,$2,$1
-	bis $2,$2,$4
-	beq $1,$134
-	addq $9,$11,$9
-	subq $27,1,$27
-$134:
-	subl $12,1,$12
-	subq $9,$4,$9
-	beq $12,$124
-	sll $27,32,$13
-	sll $9,32,$2
-	srl $10,32,$1
-	sll $10,32,$10
-	bis $2,$1,$9
-	br $31,$123
-	.align 4
-$124:
-	bis $13,$27,$0
-$136:
-	ldq $26,0($30)
-	ldq $9,8($30)
-	ldq $10,16($30)
-	ldq $11,24($30)
-	ldq $12,32($30)
-	ldq $13,40($30)
-	addq $30,48,$30
-	ret $31,($26),1
-	.end bn_div_words
-EOF
-	return($data);
-	}
-
diff --git a/crypto/openssl/crypto/bn/asm/ca.pl b/crypto/openssl/crypto/bn/asm/ca.pl
deleted file mode 100644
index c1ce67a6b4d5..000000000000
--- a/crypto/openssl/crypto/bn/asm/ca.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "alpha.pl";
-require "alpha/mul_add.pl";
-require "alpha/mul.pl";
-require "alpha/sqr.pl";
-require "alpha/add.pl";
-require "alpha/sub.pl";
-require "alpha/mul_c8.pl";
-require "alpha/mul_c4.pl";
-require "alpha/sqr_c4.pl";
-require "alpha/sqr_c8.pl";
-require "alpha/div.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_mul_add_words("bn_mul_add_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_div_words("bn_div_words");
-&bn_mul_comba8("bn_mul_comba8");
-&bn_mul_comba4("bn_mul_comba4");
-&bn_sqr_comba4("bn_sqr_comba4");
-&bn_sqr_comba8("bn_sqr_comba8");
-
-&asm_finish();
-
diff --git a/crypto/openssl/crypto/bn/asm/co-586.pl b/crypto/openssl/crypto/bn/asm/co-586.pl
deleted file mode 100644
index 5d962cb957d3..000000000000
--- a/crypto/openssl/crypto/bn/asm/co-586.pl
+++ /dev/null
@@ -1,286 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
-sub mul_add_c
-	{
-	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("mul a[$ai]*b[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	&mul("edx");
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
-	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
-	}
-
-sub sqr_add_c
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
-	}
-
-sub sqr_add_c2
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$a,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add("eax","eax");
-	 ###
-	&adc("edx","edx");
-	 ###
-	&adc($c2,0);
-	 &add($c0,"eax");
-	&adc($c1,"edx");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
-	&adc($c2,0);
-	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
-	 ###
-	}
-
-sub bn_mul_comba
-	{
-	local($name,$num)=@_;
-	local($a,$b,$c0,$c1,$c2);
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$b="edi";
-	
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	&push("esi");
-	 &mov($a,&wparam(1));
-	&push("edi");
-	 &mov($b,&wparam(2));
-	&push("ebp");
-	 &push("ebx");
-
-	&xor($c0,$c0);
-	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
-	&xor($c1,$c1);
-	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("################## Calculate word $i"); 
-
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($j+1) == $end)
-				{
-				$v=1;
-				$v=2 if (($i+1) == $tot);
-				}
-			else
-				{ $v=0; }
-			if (($j+1) != $end)
-				{
-				$na=($ai-1);
-				$nb=($bi+1);
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
-			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				# &mov("eax",&wparam(0));
-				# &mov(&DWP($i*4,"eax","",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&comment("save r[$i]");
-	# &mov("eax",&wparam(0));
-	&mov(&DWP($i*4,"eax","",0),$c0);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-sub bn_sqr_comba
-	{
-	local($name,$num)=@_;
-	local($r,$a,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$r="edi";
-
-	&push("esi");
-	 &push("edi");
-	&push("ebp");
-	 &push("ebx");
-	&mov($r,&wparam(0));
-	 &mov($a,&wparam(1));
-	&xor($c0,$c0);
-	 &xor($c1,$c1);
-	&mov("eax",&DWP(0,$a,"",0)); # load the first word
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("############### Calculate word $i");
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($ai-1) < ($bi+1))
-				{
-				$v=1;
-				$v=2 if ($i+1) == $tot;
-				}
-			else
-				{ $v=0; }
-			if (!$v)
-				{
-				$na=$ai-1;
-				$nb=$bi+1;
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-			if ($ai == $bi)
-				{
-				&sqr_add_c($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			else
-				{
-				&sqr_add_c2($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				#&mov(&DWP($i*4,$r,"",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				last;
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&mov(&DWP($i*4,$r,"",0),$c0);
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
diff --git a/crypto/openssl/crypto/bn/asm/co-alpha.pl b/crypto/openssl/crypto/bn/asm/co-alpha.pl
deleted file mode 100644
index 67dad3e3d5fb..000000000000
--- a/crypto/openssl/crypto/bn/asm/co-alpha.pl
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "alpha.pl";
-
-&asm_init($ARGV[0],$0);
-
-print &bn_sub_words("bn_sub_words");
-
-&asm_finish();
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-	local($cc,$a,$b,$r);
-
-	$cc="r0";
-	$a0="r1"; $b0="r5"; $r0="r9";  $tmp="r13";
-	$a1="r2"; $b1="r6"; $r1="r10"; $t1="r14";
-	$a2="r3"; $b2="r7"; $r2="r11";
-	$a3="r4"; $b3="r8"; $r3="r12"; $t3="r15";
-
-	$rp=&wparam(0);
-	$ap=&wparam(1);
-	$bp=&wparam(2);
-	$count=&wparam(3);
-
-	&function_begin($name,"");
-
-	&comment("");
-	&sub($count,4,$count);
-	&mov("zero",$cc);
-	&blt($count,&label("finish"));
-
-	&ld($a0,&QWPw(0,$ap));
-	&ld($b0,&QWPw(0,$bp));
-
-##########################################################
-	&set_label("loop");
-
-	&ld($a1,&QWPw(1,$ap));
-	 &cmpult($a0,$b0,$tmp);	# will we borrow?
-	&ld($b1,&QWPw(1,$bp));
-	 &sub($a0,$b0,$a0);		# do the subtract
-	&ld($a2,&QWPw(2,$ap));
-	 &cmpult($a0,$cc,$b0);	# will we borrow?
-	&ld($b2,&QWPw(2,$bp));
-	 &sub($a0,$cc,$a0);	# will we borrow?
-	&ld($a3,&QWPw(3,$ap));
-	 &add($b0,$tmp,$cc);	# add the borrows
-
-	&cmpult($a1,$b1,$t1);	# will we borrow?
-	 &sub($a1,$b1,$a1);	# do the subtract
-	&ld($b3,&QWPw(3,$bp));
-	 &cmpult($a1,$cc,$b1);	# will we borrow?
-	&sub($a1,$cc,$a1);	# will we borrow?
-	 &add($b1,$t1,$cc);	# add the borrows
-
-	&cmpult($a2,$b2,$tmp);	# will we borrow?
-	 &sub($a2,$b2,$a2);		# do the subtract
-	&st($a0,&QWPw(0,$rp));	# save
-	 &cmpult($a2,$cc,$b2);	# will we borrow?
-	&sub($a2,$cc,$a2);	# will we borrow?
-	 &add($b2,$tmp,$cc);	# add the borrows
-
-	&cmpult($a3,$b3,$t3);	# will we borrow?
-	 &sub($a3,$b3,$a3);		# do the subtract
-	&st($a1,&QWPw(1,$rp));	# save
-	 &cmpult($a3,$cc,$b3);	# will we borrow?
-	&sub($a3,$cc,$a3);	# will we borrow?
-	 &add($b3,$t3,$cc);	# add the borrows
-
-	&st($a2,&QWPw(2,$rp));	# save
-	 &sub($count,4,$count);	# count-=4
-	&st($a3,&QWPw(3,$rp));	# save
-	 &add($ap,4*$QWS,$ap);	# count+=4
-	&add($bp,4*$QWS,$bp);	# count+=4
-	 &add($rp,4*$QWS,$rp);	# count+=4
-
-	&blt($count,&label("finish"));
-	&ld($a0,&QWPw(0,$ap));
-	 &ld($b0,&QWPw(0,$bp));
-	&br(&label("loop"));
-##################################################
-	# Do the last 0..3 words
-
-	&set_label("last_loop");
-
-	&ld($a0,&QWPw(0,$ap));	# get a
-	 &ld($b0,&QWPw(0,$bp));	# get b
-	&cmpult($a0,$b0,$tmp);	# will we borrow?
-	&sub($a0,$b0,$a0);	# do the subtract
-	&cmpult($a0,$cc,$b0);	# will we borrow?
-	&sub($a0,$cc,$a0);	# will we borrow?
-	&st($a0,&QWPw(0,$rp));	# save
-	&add($b0,$tmp,$cc);	# add the borrows
-
-	&add($ap,$QWS,$ap);
-	&add($bp,$QWS,$bp);
-	&add($rp,$QWS,$rp);
-	&sub($count,1,$count);
-	&bgt($count,&label("last_loop"));
-	&function_end_A($name);
-
-######################################################
-	&set_label("finish");
-	&add($count,4,$count);
-	&bgt($count,&label("last_loop"));
-
-	&set_label("end");
-	&function_end($name);
-	}
-
diff --git a/crypto/openssl/crypto/bn/asm/ia64.S b/crypto/openssl/crypto/bn/asm/ia64.S
deleted file mode 100644
index 7dfda8556603..000000000000
--- a/crypto/openssl/crypto/bn/asm/ia64.S
+++ /dev/null
@@ -1,1605 +0,0 @@
-.explicit
-.text
-.ident	"ia64.S, Version 2.0"
-.ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-//
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project.
-//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
-// ====================================================================
-//
-// Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is
-// different from Itanium to this module viewpoint. Most notably, is it
-// "wider" than Itanium? Can you experience loop scalability as
-// discussed in commentary sections? Not really:-( Itanium2 has 6
-// integer ALU ports, i.e. it's 2 ports wider, but it's not enough to
-// spin twice as fast, as I need 8 IALU ports. Amount of floating point
-// ports is the same, i.e. 2, while I need 4. In other words, to this
-// module Itanium2 remains effectively as "wide" as Itanium. Yet it's
-// essentially different in respect to this module, and a re-tune was
-// required. Well, because some intruction latencies has changed. Most
-// noticeably those intensively used:
-//
-//			Itanium	Itanium2
-//	ldf8		9	6		L2 hit
-//	ld8		2	1		L1 hit
-//	getf		2	5
-//	xma[->getf]	7[+1]	4[+0]
-//	add[->st8]	1[+1]	1[+0]
-//
-// What does it mean? You might ratiocinate that the original code
-// should run just faster... Because sum of latencies is smaller...
-// Wrong! Note that getf latency increased. This means that if a loop is
-// scheduled for lower latency (and they are), then it will suffer from
-// stall condition and the code will therefore turn anti-scalable, e.g.
-// original bn_mul_words spun at 5*n or 2.5 times slower than expected
-// on Itanium2! What to do? Reschedule loops for Itanium2? But then
-// Itanium would exhibit anti-scalability. So I've chosen to reschedule
-// for worst latency for every instruction aiming for best *all-round*
-// performance.  
-
-// Q.	How much faster does it get?
-// A.	Here is the output from 'openssl speed rsa dsa' for vanilla
-//	0.9.6a compiled with gcc version 2.96 20000731 (Red Hat
-//	Linux 7.1 2.96-81):
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0036s   0.0003s    275.3   2999.2
-//	rsa 1024 bits   0.0203s   0.0011s     49.3    894.1
-//	rsa 2048 bits   0.1331s   0.0040s      7.5    250.9
-//	rsa 4096 bits   0.9270s   0.0147s      1.1     68.1
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0035s   0.0043s    288.3    234.8
-//	dsa 1024 bits   0.0111s   0.0135s     90.0     74.2
-//
-//	And here is similar output but for this assembler
-//	implementation:-)
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0021s   0.0001s    549.4   9638.5
-//	rsa 1024 bits   0.0055s   0.0002s    183.8   4481.1
-//	rsa 2048 bits   0.0244s   0.0006s     41.4   1726.3
-//	rsa 4096 bits   0.1295s   0.0018s      7.7    561.5
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0012s   0.0013s    891.9    756.6
-//	dsa 1024 bits   0.0023s   0.0028s    440.4    376.2
-//	
-//	Yes, you may argue that it's not fair comparison as it's
-//	possible to craft the C implementation with BN_UMULT_HIGH
-//	inline assembler macro. But of course! Here is the output
-//	with the macro:
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0020s   0.0002s    495.0   6561.0
-//	rsa 1024 bits   0.0086s   0.0004s    116.2   2235.7
-//	rsa 2048 bits   0.0519s   0.0015s     19.3    667.3
-//	rsa 4096 bits   0.3464s   0.0053s      2.9    187.7
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0016s   0.0020s    613.1    510.5
-//	dsa 1024 bits   0.0045s   0.0054s    221.0    183.9
-//
-//	My code is still way faster, huh:-) And I believe that even
-//	higher performance can be achieved. Note that as keys get
-//	longer, performance gain is larger. Why? According to the
-//	profiler there is another player in the field, namely
-//	BN_from_montgomery consuming larger and larger portion of CPU
-//	time as keysize decreases. I therefore consider putting effort
-//	to assembler implementation of the following routine:
-//
-//	void bn_mul_add_mont (BN_ULONG *rp,BN_ULONG *np,int nl,BN_ULONG n0)
-//	{
-//	int      i,j;
-//	BN_ULONG v;
-//
-//	for (i=0; i<nl; i++)
-//		{
-//		v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
-//		nrp++;
-//		rp++;
-//		if (((nrp[-1]+=v)&BN_MASK2) < v)
-//			for (j=0; ((++nrp[j])&BN_MASK2) == 0; j++) ;
-//		}
-//	}
-//
-//	It might as well be beneficial to implement even combaX
-//	variants, as it appears as it can literally unleash the
-//	performance (see comment section to bn_mul_comba8 below).
-//
-//	And finally for your reference the output for 0.9.6a compiled
-//	with SGIcc version 0.01.0-12 (keep in mind that for the moment
-//	of this writing it's not possible to convince SGIcc to use
-//	BN_UMULT_HIGH inline assembler macro, yet the code is fast,
-//	i.e. for a compiler generated one:-):
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0022s   0.0002s    452.7   5894.3
-//	rsa 1024 bits   0.0097s   0.0005s    102.7   2002.9
-//	rsa 2048 bits   0.0578s   0.0017s     17.3    600.2
-//	rsa 4096 bits   0.3838s   0.0061s      2.6    164.5
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0018s   0.0022s    547.3    459.6
-//	dsa 1024 bits   0.0051s   0.0062s    196.6    161.3
-//
-//	Oh! Benchmarks were performed on 733MHz Lion-class Itanium
-//	system running Redhat Linux 7.1 (very special thanks to Ray
-//	McCaffity of Williams Communications for providing an account).
-//
-// Q.	What's the heck with 'rum 1<<5' at the end of every function?
-// A.	Well, by clearing the "upper FP registers written" bit of the
-//	User Mask I want to excuse the kernel from preserving upper
-//	(f32-f128) FP register bank over process context switch, thus
-//	minimizing bus bandwidth consumption during the switch (i.e.
-//	after PKI opration completes and the program is off doing
-//	something else like bulk symmetric encryption). Having said
-//	this, I also want to point out that it might be good idea
-//	to compile the whole toolkit (as well as majority of the
-//	programs for that matter) with -mfixed-range=f32-f127 command
-//	line option. No, it doesn't prevent the compiler from writing
-//	to upper bank, but at least discourages to do so. If you don't
-//	like the idea you have the option to compile the module with
-//	-Drum=nop.m in command line.
-//
-
-#if 1
-//
-// bn_[add|sub]_words routines.
-//
-// Loops are spinning in 2*(n+5) ticks on Itanuim (provided that the
-// data reside in L1 cache, i.e. 2 ticks away). It's possible to
-// compress the epilogue and get down to 2*n+6, but at the cost of
-// scalability (the neat feature of this implementation is that it
-// shall automagically spin in n+5 on "wider" IA-64 implementations:-)
-// I consider that the epilogue is short enough as it is to trade tiny
-// performance loss on Itanium for scalability.
-//
-// BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
-//
-.global	bn_add_words#
-.proc	bn_add_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_add_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,4,12,0,16
-	cmp4.le		p6,p0=r35,r0	};;
-{ .mfb;	mov		r8=r0			// return value
-(p6)	br.ret.spnt.many	b0	};;
-
-	.save	ar.lc,r3
-{ .mib;	sub		r10=r35,r0,1
-	mov		r3=ar.lc
-	brp.loop.imp	.L_bn_add_words_ctop,.L_bn_add_words_cend-16
-					}
-	.body
-{ .mib;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r14=0,r32		// rp
-#else
-	mov		r14=r32			// rp
-#endif
-	mov		r9=pr		};;
-{ .mii;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r15=0,r33		// ap
-#else
-	mov		r15=r33			// ap
-#endif
-	mov		ar.lc=r10
-	mov		ar.ec=6		}
-{ .mib;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r16=0,r34		// bp
-#else
-	mov		r16=r34			// bp
-#endif
-	mov		pr.rot=1<<16	};;
-
-.L_bn_add_words_ctop:
-{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
-	(p18)	add		r39=r37,r34
-	(p19)	cmp.ltu.unc	p56,p0=r40,r38	}
-{ .mfb;	(p0)	nop.m		0x0
-	(p0)	nop.f		0x0
-	(p0)	nop.b		0x0		}
-{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
-	(p58)	cmp.eq.or	p57,p0=-1,r41	  // (p20)
-	(p58)	add		r41=1,r41	} // (p20)
-{ .mfb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
-	(p0)	nop.f		0x0
-	br.ctop.sptk	.L_bn_add_words_ctop	};;
-.L_bn_add_words_cend:
-
-{ .mii;
-(p59)	add		r8=1,r8		// return value
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mbb;	nop.b		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_add_words#
-
-//
-// BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
-//
-.global	bn_sub_words#
-.proc	bn_sub_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_sub_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,4,12,0,16
-	cmp4.le		p6,p0=r35,r0	};;
-{ .mfb;	mov		r8=r0			// return value
-(p6)	br.ret.spnt.many	b0	};;
-
-	.save	ar.lc,r3
-{ .mib;	sub		r10=r35,r0,1
-	mov		r3=ar.lc
-	brp.loop.imp	.L_bn_sub_words_ctop,.L_bn_sub_words_cend-16
-					}
-	.body
-{ .mib;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r14=0,r32		// rp
-#else
-	mov		r14=r32			// rp
-#endif
-	mov		r9=pr		};;
-{ .mii;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r15=0,r33		// ap
-#else
-	mov		r15=r33			// ap
-#endif
-	mov		ar.lc=r10
-	mov		ar.ec=6		}
-{ .mib;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r16=0,r34		// bp
-#else
-	mov		r16=r34			// bp
-#endif
-	mov		pr.rot=1<<16	};;
-
-.L_bn_sub_words_ctop:
-{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
-	(p18)	sub		r39=r37,r34
-	(p19)	cmp.gtu.unc	p56,p0=r40,r38	}
-{ .mfb;	(p0)	nop.m		0x0
-	(p0)	nop.f		0x0
-	(p0)	nop.b		0x0		}
-{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
-	(p58)	cmp.eq.or	p57,p0=0,r41	  // (p20)
-	(p58)	add		r41=-1,r41	} // (p20)
-{ .mbb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
-	(p0)	nop.b		0x0
-	br.ctop.sptk	.L_bn_sub_words_ctop	};;
-.L_bn_sub_words_cend:
-
-{ .mii;
-(p59)	add		r8=1,r8		// return value
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mbb;	nop.b		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_sub_words#
-#endif
-
-#if 0
-#define XMA_TEMPTATION
-#endif
-
-#if 1
-//
-// BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-//
-.global	bn_mul_words#
-.proc	bn_mul_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_mul_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-#ifdef XMA_TEMPTATION
-{ .mfi;	alloc		r2=ar.pfs,4,0,0,0	};;
-#else
-{ .mfi;	alloc		r2=ar.pfs,4,12,0,16	};;
-#endif
-{ .mib;	mov		r8=r0			// return value
-	cmp4.le		p6,p0=r34,r0
-(p6)	br.ret.spnt.many	b0		};;
-
-	.save	ar.lc,r3
-{ .mii;	sub	r10=r34,r0,1
-	mov	r3=ar.lc
-	mov	r9=pr			};;
-
-	.body
-{ .mib;	setf.sig	f8=r35	// w
-	mov		pr.rot=0x800001<<16
-			// ------^----- serves as (p50) at first (p27)
-	brp.loop.imp	.L_bn_mul_words_ctop,.L_bn_mul_words_cend-16
-					}
-
-#ifndef XMA_TEMPTATION
-
-{ .mii;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r14=0,r32	// rp
-	addp4		r15=0,r33	// ap
-#else
-	mov		r14=r32		// rp
-	mov		r15=r33		// ap
-#endif
-	mov		ar.lc=r10	}
-{ .mii;	mov		r40=0	// serves as r35 at first (p27)
-	mov		ar.ec=13	};;
-
-// This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium
-// L2 cache (i.e. 9 ticks away) as floating point load/store instructions
-// bypass L1 cache and L2 latency is actually best-case scenario for
-// ldf8. The loop is not scalable and shall run in 2*(n+12) even on
-// "wider" IA-64 implementations. It's a trade-off here. n+24 loop
-// would give us ~5% in *overall* performance improvement on "wider"
-// IA-64, but would hurt Itanium for about same because of longer
-// epilogue. As it's a matter of few percents in either case I've
-// chosen to trade the scalability for development time (you can see
-// this very instruction sequence in bn_mul_add_words loop which in
-// turn is scalable).
-.L_bn_mul_words_ctop:
-{ .mfi;	(p25)	getf.sig	r36=f52			// low
-	(p21)	xmpy.lu		f48=f37,f8
-	(p28)	cmp.ltu		p54,p50=r41,r39	}
-{ .mfi;	(p16)	ldf8		f32=[r15],8
-	(p21)	xmpy.hu		f40=f37,f8
-	(p0)	nop.i		0x0		};;
-{ .mii;	(p25)	getf.sig	r32=f44			// high
-	.pred.rel	"mutex",p50,p54
-	(p50)	add		r40=r38,r35		// (p27)
-	(p54)	add		r40=r38,r35,1	}	// (p27)
-{ .mfb;	(p28)	st8		[r14]=r41,8
-	(p0)	nop.f		0x0
-	br.ctop.sptk	.L_bn_mul_words_ctop	};;
-.L_bn_mul_words_cend:
-
-{ .mii;	nop.m		0x0
-.pred.rel	"mutex",p51,p55
-(p51)	add		r8=r36,r0
-(p55)	add		r8=r36,r0,1	}
-{ .mfb;	nop.m	0x0
-	nop.f	0x0
-	nop.b	0x0			}
-
-#else	// XMA_TEMPTATION
-
-	setf.sig	f37=r0	// serves as carry at (p18) tick
-	mov		ar.lc=r10
-	mov		ar.ec=5;;
-
-// Most of you examining this code very likely wonder why in the name
-// of Intel the following loop is commented out? Indeed, it looks so
-// neat that you find it hard to believe that it's something wrong
-// with it, right? The catch is that every iteration depends on the
-// result from previous one and the latter isn't available instantly.
-// The loop therefore spins at the latency of xma minus 1, or in other
-// words at 6*(n+4) ticks:-( Compare to the "production" loop above
-// that runs in 2*(n+11) where the low latency problem is worked around
-// by moving the dependency to one-tick latent interger ALU. Note that
-// "distance" between ldf8 and xma is not latency of ldf8, but the
-// *difference* between xma and ldf8 latencies.
-.L_bn_mul_words_ctop:
-{ .mfi;	(p16)	ldf8		f32=[r33],8
-	(p18)	xma.hu		f38=f34,f8,f39	}
-{ .mfb;	(p20)	stf8		[r32]=f37,8
-	(p18)	xma.lu		f35=f34,f8,f39
-	br.ctop.sptk	.L_bn_mul_words_ctop	};;
-.L_bn_mul_words_cend:
-
-	getf.sig	r8=f41		// the return value
-
-#endif	// XMA_TEMPTATION
-
-{ .mii;	nop.m		0x0
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mfb;	rum		1<<5		// clear um.mfh
-	nop.f		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_words#
-#endif
-
-#if 1
-//
-// BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-//
-.global	bn_mul_add_words#
-.proc	bn_mul_add_words#
-.align	64
-//.skip	0	// makes the loop split at 64-byte boundary
-bn_mul_add_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,4,12,0,16
-	cmp4.le		p6,p0=r34,r0	};;
-{ .mfb;	mov		r8=r0			// return value
-(p6)	br.ret.spnt.many	b0	};;
-
-	.save	ar.lc,r3
-{ .mii;	sub	r10=r34,r0,1
-	mov	r3=ar.lc
-	mov	r9=pr			};;
-
-	.body
-{ .mib;	setf.sig	f8=r35	// w
-	mov		pr.rot=0x800001<<16
-			// ------^----- serves as (p50) at first (p27)
-	brp.loop.imp	.L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16
-					}
-{ .mii;
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r14=0,r32	// rp
-	addp4		r15=0,r33	// ap
-#else
-	mov		r14=r32		// rp
-	mov		r15=r33		// ap
-#endif
-	mov		ar.lc=r10	}
-{ .mii;	mov		r40=0	// serves as r35 at first (p27)
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-	addp4		r18=0,r32	// rp copy
-#else
-	mov		r18=r32		// rp copy
-#endif
-	mov		ar.ec=15	};;
-
-// This loop spins in 3*(n+14) ticks on Itanium and should spin in
-// 2*(n+14) on "wider" IA-64 implementations (to be verified with new
-// µ-architecture manuals as they become available). As usual it's
-// possible to compress the epilogue, down to 10 in this case, at the
-// cost of scalability. Compressed (and therefore non-scalable) loop
-// running at 3*(n+11) would buy you ~10% on Itanium but take ~35%
-// from "wider" IA-64 so let it be scalable! Special attention was
-// paid for having the loop body split at 64-byte boundary. ld8 is
-// scheduled for L1 cache as the data is more than likely there.
-// Indeed, bn_mul_words has put it there a moment ago:-)
-.L_bn_mul_add_words_ctop:
-{ .mfi;	(p25)	getf.sig	r36=f52			// low
-	(p21)	xmpy.lu		f48=f37,f8
-	(p28)	cmp.ltu		p54,p50=r41,r39	}
-{ .mfi;	(p16)	ldf8		f32=[r15],8
-	(p21)	xmpy.hu		f40=f37,f8
-	(p28)	add		r45=r45,r41	};;
-{ .mii;	(p25)	getf.sig	r32=f44			// high
-	.pred.rel	"mutex",p50,p54
-	(p50)	add		r40=r38,r35		// (p27)
-	(p54)	add		r40=r38,r35,1	}	// (p27)
-{ .mfb;	(p28)	cmp.ltu.unc	p60,p0=r45,r41
-	(p0)	nop.f		0x0
-	(p0)	nop.b		0x0		}
-{ .mii;	(p27)	ld8		r44=[r18],8
-	(p62)	cmp.eq.or	p61,p0=-1,r46
-	(p62)	add		r46=1,r46	}
-{ .mfb;	(p30)	st8		[r14]=r47,8
-	(p0)	nop.f		0x0
-	br.ctop.sptk	.L_bn_mul_add_words_ctop};;
-.L_bn_mul_add_words_cend:
-
-{ .mii;	nop.m		0x0
-.pred.rel	"mutex",p53,p57
-(p53)	add		r8=r38,r0
-(p57)	add		r8=r38,r0,1	}
-{ .mfb;	nop.m	0x0
-	nop.f	0x0
-	nop.b	0x0			};;
-{ .mii;
-(p63)	add		r8=1,r8
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mfb;	rum		1<<5		// clear um.mfh
-	nop.f		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_add_words#
-#endif
-
-#if 1
-//
-// void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-//
-.global	bn_sqr_words#
-.proc	bn_sqr_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary 
-bn_sqr_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,3,0,0,0
-	sxt4		r34=r34		};;
-{ .mii;	cmp.le		p6,p0=r34,r0
-	mov		r8=r0		}	// return value
-{ .mfb;	nop.f		0x0
-(p6)	br.ret.spnt.many	b0	};;
-
-	.save	ar.lc,r3
-{ .mii;	sub	r10=r34,r0,1
-	mov	r3=ar.lc
-	mov	r9=pr			};;
-
-	.body
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-{ .mii; addp4		r32=0,r32
-	addp4		r33=0,r33	};;
-#endif
-{ .mib;
-	mov		pr.rot=1<<16
-	brp.loop.imp	.L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16
-					}
-{ .mii;	add		r34=8,r32
-	mov		ar.lc=r10
-	mov		ar.ec=18	};;
-
-// 2*(n+17) on Itanium, (n+17) on "wider" IA-64 implementations. It's
-// possible to compress the epilogue (I'm getting tired to write this
-// comment over and over) and get down to 2*n+16 at the cost of
-// scalability. The decision will very likely be reconsidered after the
-// benchmark program is profiled. I.e. if perfomance gain on Itanium
-// will appear larger than loss on "wider" IA-64, then the loop should
-// be explicitely split and the epilogue compressed.
-.L_bn_sqr_words_ctop:
-{ .mfi;	(p16)	ldf8		f32=[r33],8
-	(p25)	xmpy.lu		f42=f41,f41
-	(p0)	nop.i		0x0		}
-{ .mib;	(p33)	stf8		[r32]=f50,16
-	(p0)	nop.i		0x0
-	(p0)	nop.b		0x0		}
-{ .mfi;	(p0)	nop.m		0x0
-	(p25)	xmpy.hu		f52=f41,f41
-	(p0)	nop.i		0x0		}
-{ .mib;	(p33)	stf8		[r34]=f60,16
-	(p0)	nop.i		0x0
-	br.ctop.sptk	.L_bn_sqr_words_ctop	};;
-.L_bn_sqr_words_cend:
-
-{ .mii;	nop.m		0x0
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mfb;	rum		1<<5		// clear um.mfh
-	nop.f		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_sqr_words#
-#endif
-
-#if 1
-// Apparently we win nothing by implementing special bn_sqr_comba8.
-// Yes, it is possible to reduce the number of multiplications by
-// almost factor of two, but then the amount of additions would
-// increase by factor of two (as we would have to perform those
-// otherwise performed by xma ourselves). Normally we would trade
-// anyway as multiplications are way more expensive, but not this
-// time... Multiplication kernel is fully pipelined and as we drain
-// one 128-bit multiplication result per clock cycle multiplications
-// are effectively as inexpensive as additions. Special implementation
-// might become of interest for "wider" IA-64 implementation as you'll
-// be able to get through the multiplication phase faster (there won't
-// be any stall issues as discussed in the commentary section below and
-// you therefore will be able to employ all 4 FP units)... But these
-// Itanium days it's simply too hard to justify the effort so I just
-// drop down to bn_mul_comba8 code:-)
-//
-// void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-//
-.global	bn_sqr_comba8#
-.proc	bn_sqr_comba8#
-.align	64
-bn_sqr_comba8:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-	addp4	r33=0,r33
-	addp4	r32=0,r32		};;
-{ .mii;
-#else
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-#endif
-	mov	r34=r33
-	add	r14=8,r33		};;
-	.body
-{ .mii;	add	r17=8,r34
-	add	r15=16,r33
-	add	r18=16,r34		}
-{ .mfb;	add	r16=24,r33
-	br	.L_cheat_entry_point8	};;
-.endp	bn_sqr_comba8#
-#endif
-
-#if 1
-// I've estimated this routine to run in ~120 ticks, but in reality
-// (i.e. according to ar.itc) it takes ~160 ticks. Are those extra
-// cycles consumed for instructions fetch? Or did I misinterpret some
-// clause in Itanium µ-architecture manual? Comments are welcomed and
-// highly appreciated.
-//
-// However! It should be noted that even 160 ticks is darn good result
-// as it's over 10 (yes, ten, spelled as t-e-n) times faster than the
-// C version (compiled with gcc with inline assembler). I really
-// kicked compiler's butt here, didn't I? Yeah! This brings us to the
-// following statement. It's damn shame that this routine isn't called
-// very often nowadays! According to the profiler most CPU time is
-// consumed by bn_mul_add_words called from BN_from_montgomery. In
-// order to estimate what we're missing, I've compared the performance
-// of this routine against "traditional" implementation, i.e. against
-// following routine:
-//
-// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-// {	r[ 8]=bn_mul_words(    &(r[0]),a,8,b[0]);
-//	r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
-//	r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
-//	r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
-//	r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
-//	r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
-//	r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
-//	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
-// }
-//
-// The one below is over 8 times faster than the one above:-( Even
-// more reasons to "combafy" bn_mul_add_mont...
-//
-// And yes, this routine really made me wish there were an optimizing
-// assembler! It also feels like it deserves a dedication.
-//
-//	To my wife for being there and to my kids...
-//
-// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-//
-#define	carry1	r14
-#define	carry2	r15
-#define	carry3	r34
-.global	bn_mul_comba8#
-.proc	bn_mul_comba8#
-.align	64
-bn_mul_comba8:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-{ .mii;	alloc	r2=ar.pfs,3,0,0,0
-	addp4	r33=0,r33
-	addp4	r34=0,r34		};;
-{ .mii;	addp4	r32=0,r32
-#else
-{ .mii;	alloc   r2=ar.pfs,3,0,0,0
-#endif
-	add	r14=8,r33
-	add	r17=8,r34		}
-	.body
-{ .mii;	add	r15=16,r33
-	add	r18=16,r34
-	add	r16=24,r33		}
-.L_cheat_entry_point8:
-{ .mmi;	add	r19=24,r34
-
-	ldf8	f32=[r33],32		};;
-
-{ .mmi;	ldf8	f120=[r34],32
-	ldf8	f121=[r17],32		}
-{ .mmi;	ldf8	f122=[r18],32
-	ldf8	f123=[r19],32		};;
-{ .mmi;	ldf8	f124=[r34]
-	ldf8	f125=[r17]		}
-{ .mmi;	ldf8	f126=[r18]
-	ldf8	f127=[r19]		}
-
-{ .mmi;	ldf8	f33=[r14],32
-	ldf8	f34=[r15],32		}
-{ .mmi;	ldf8	f35=[r16],32;;
-	ldf8	f36=[r33]		}
-{ .mmi;	ldf8	f37=[r14]
-	ldf8	f38=[r15]		}
-{ .mfi;	ldf8	f39=[r16]
-// -------\ Entering multiplier's heaven /-------
-// ------------\                    /------------
-// -----------------\          /-----------------
-// ----------------------\/----------------------
-		xma.hu	f41=f32,f120,f0		}
-{ .mfi;		xma.lu	f40=f32,f120,f0		};; // (*)
-{ .mfi;		xma.hu	f51=f32,f121,f0		}
-{ .mfi;		xma.lu	f50=f32,f121,f0		};;
-{ .mfi;		xma.hu	f61=f32,f122,f0		}
-{ .mfi;		xma.lu	f60=f32,f122,f0		};;
-{ .mfi;		xma.hu	f71=f32,f123,f0		}
-{ .mfi;		xma.lu	f70=f32,f123,f0		};;
-{ .mfi;		xma.hu	f81=f32,f124,f0		}
-{ .mfi;		xma.lu	f80=f32,f124,f0		};;
-{ .mfi;		xma.hu	f91=f32,f125,f0		}
-{ .mfi;		xma.lu	f90=f32,f125,f0		};;
-{ .mfi;		xma.hu	f101=f32,f126,f0	}
-{ .mfi;		xma.lu	f100=f32,f126,f0	};;
-{ .mfi;		xma.hu	f111=f32,f127,f0	}
-{ .mfi;		xma.lu	f110=f32,f127,f0	};;//
-// (*)	You can argue that splitting at every second bundle would
-//	prevent "wider" IA-64 implementations from achieving the peak
-//	performance. Well, not really... The catch is that if you
-//	intend to keep 4 FP units busy by splitting at every fourth
-//	bundle and thus perform these 16 multiplications in 4 ticks,
-//	the first bundle *below* would stall because the result from
-//	the first xma bundle *above* won't be available for another 3
-//	ticks (if not more, being an optimist, I assume that "wider"
-//	implementation will have same latency:-). This stall will hold
-//	you back and the performance would be as if every second bundle
-//	were split *anyway*...
-{ .mfi;	getf.sig	r16=f40
-		xma.hu	f42=f33,f120,f41
-	add		r33=8,r32		}
-{ .mfi;		xma.lu	f41=f33,f120,f41	};;
-{ .mfi;	getf.sig	r24=f50
-		xma.hu	f52=f33,f121,f51	}
-{ .mfi;		xma.lu	f51=f33,f121,f51	};;
-{ .mfi;	st8		[r32]=r16,16
-		xma.hu	f62=f33,f122,f61	}
-{ .mfi;		xma.lu	f61=f33,f122,f61	};;
-{ .mfi;		xma.hu	f72=f33,f123,f71	}
-{ .mfi;		xma.lu	f71=f33,f123,f71	};;
-{ .mfi;		xma.hu	f82=f33,f124,f81	}
-{ .mfi;		xma.lu	f81=f33,f124,f81	};;
-{ .mfi;		xma.hu	f92=f33,f125,f91	}
-{ .mfi;		xma.lu	f91=f33,f125,f91	};;
-{ .mfi;		xma.hu	f102=f33,f126,f101	}
-{ .mfi;		xma.lu	f101=f33,f126,f101	};;
-{ .mfi;		xma.hu	f112=f33,f127,f111	}
-{ .mfi;		xma.lu	f111=f33,f127,f111	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r25=f41
-		xma.hu	f43=f34,f120,f42	}
-{ .mfi;		xma.lu	f42=f34,f120,f42	};;
-{ .mfi;	getf.sig	r16=f60
-		xma.hu	f53=f34,f121,f52	}
-{ .mfi;		xma.lu	f52=f34,f121,f52	};;
-{ .mfi;	getf.sig	r17=f51
-		xma.hu	f63=f34,f122,f62
-	add		r25=r25,r24		}
-{ .mfi;		xma.lu	f62=f34,f122,f62
-	mov		carry1=0		};;
-{ .mfi;	cmp.ltu		p6,p0=r25,r24
-		xma.hu	f73=f34,f123,f72	}
-{ .mfi;		xma.lu	f72=f34,f123,f72	};;
-{ .mfi;	st8		[r33]=r25,16
-		xma.hu	f83=f34,f124,f82
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f82=f34,f124,f82	};;
-{ .mfi;		xma.hu	f93=f34,f125,f92	}
-{ .mfi;		xma.lu	f92=f34,f125,f92	};;
-{ .mfi;		xma.hu	f103=f34,f126,f102	}
-{ .mfi;		xma.lu	f102=f34,f126,f102	};;
-{ .mfi;		xma.hu	f113=f34,f127,f112	}
-{ .mfi;		xma.lu	f112=f34,f127,f112	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r18=f42
-		xma.hu	f44=f35,f120,f43
-	add		r17=r17,r16		}
-{ .mfi;		xma.lu	f43=f35,f120,f43	};;
-{ .mfi;	getf.sig	r24=f70
-		xma.hu	f54=f35,f121,f53	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f53=f35,f121,f53	};;
-{ .mfi;	getf.sig	r25=f61
-		xma.hu	f64=f35,f122,f63
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;	add		r18=r18,r17
-		xma.lu	f63=f35,f122,f63	};;
-{ .mfi;	getf.sig	r26=f52
-		xma.hu	f74=f35,f123,f73
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f73=f35,f123,f73
-	add		r18=r18,carry1		};;
-{ .mfi;
-		xma.hu	f84=f35,f124,f83
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,carry1
-		xma.lu	f83=f35,f124,f83	};;
-{ .mfi;	st8		[r32]=r18,16
-		xma.hu	f94=f35,f125,f93
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f93=f35,f125,f93	};;
-{ .mfi;		xma.hu	f104=f35,f126,f103	}
-{ .mfi;		xma.lu	f103=f35,f126,f103	};;
-{ .mfi;		xma.hu	f114=f35,f127,f113	}
-{ .mfi;	mov		carry1=0
-		xma.lu	f113=f35,f127,f113
-	add		r25=r25,r24		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r27=f43
-		xma.hu	f45=f36,f120,f44
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f44=f36,f120,f44	
-	add		r26=r26,r25		};;
-{ .mfi;	getf.sig	r16=f80
-		xma.hu	f55=f36,f121,f54
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f54=f36,f121,f54	};;
-{ .mfi;	getf.sig	r17=f71
-		xma.hu	f65=f36,f122,f64
-	cmp.ltu		p6,p0=r26,r25		}
-{ .mfi;		xma.lu	f64=f36,f122,f64
-	add		r27=r27,r26		};;
-{ .mfi;	getf.sig	r18=f62
-		xma.hu	f75=f36,f123,f74
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r27,r26
-		xma.lu	f74=f36,f123,f74
-	add		r27=r27,carry2		};;
-{ .mfi;	getf.sig	r19=f53
-		xma.hu	f85=f36,f124,f84
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f84=f36,f124,f84
-	cmp.ltu		p6,p0=r27,carry2	};;
-{ .mfi;	st8		[r33]=r27,16
-		xma.hu	f95=f36,f125,f94
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f94=f36,f125,f94	};;
-{ .mfi;		xma.hu	f105=f36,f126,f104	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f104=f36,f126,f104
-	add		r17=r17,r16		};;
-{ .mfi;		xma.hu	f115=f36,f127,f114
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f114=f36,f127,f114
-	add		r18=r18,r17		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r20=f44
-		xma.hu	f46=f37,f120,f45
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f45=f37,f120,f45
-	add		r19=r19,r18		};;
-{ .mfi;	getf.sig	r24=f90
-		xma.hu	f56=f37,f121,f55	}
-{ .mfi;		xma.lu	f55=f37,f121,f55	};;
-{ .mfi;	getf.sig	r25=f81
-		xma.hu	f66=f37,f122,f65
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r19,r18
-		xma.lu	f65=f37,f122,f65
-	add		r20=r20,r19		};;
-{ .mfi;	getf.sig	r26=f72
-		xma.hu	f76=f37,f123,f75
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r20,r19
-		xma.lu	f75=f37,f123,f75
-	add		r20=r20,carry1		};;
-{ .mfi;	getf.sig	r27=f63
-		xma.hu	f86=f37,f124,f85
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f85=f37,f124,f85
-	cmp.ltu		p7,p0=r20,carry1	};;
-{ .mfi;	getf.sig	r28=f54
-		xma.hu	f96=f37,f125,f95
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	st8		[r32]=r20,16
-		xma.lu	f95=f37,f125,f95	};;
-{ .mfi;		xma.hu	f106=f37,f126,f105	}
-{ .mfi;	mov		carry1=0
-		xma.lu	f105=f37,f126,f105
-	add		r25=r25,r24		};;
-{ .mfi;		xma.hu	f116=f37,f127,f115
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f115=f37,f127,f115
-	add		r26=r26,r25		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r29=f45
-		xma.hu	f47=f38,f120,f46
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r26,r25
-		xma.lu	f46=f38,f120,f46
-	add		r27=r27,r26		};;
-{ .mfi;	getf.sig	r16=f100
-		xma.hu	f57=f38,f121,f56
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r27,r26
-		xma.lu	f56=f38,f121,f56
-	add		r28=r28,r27		};;
-{ .mfi;	getf.sig	r17=f91
-		xma.hu	f67=f38,f122,f66
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r28,r27
-		xma.lu	f66=f38,f122,f66
-	add		r29=r29,r28		};;
-{ .mfi;	getf.sig	r18=f82
-		xma.hu	f77=f38,f123,f76
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r29,r28
-		xma.lu	f76=f38,f123,f76
-	add		r29=r29,carry2		};;
-{ .mfi;	getf.sig	r19=f73
-		xma.hu	f87=f38,f124,f86
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f86=f38,f124,f86
-	cmp.ltu		p6,p0=r29,carry2	};;
-{ .mfi;	getf.sig	r20=f64
-		xma.hu	f97=f38,f125,f96
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	st8		[r33]=r29,16
-		xma.lu	f96=f38,f125,f96	};;
-{ .mfi;	getf.sig	r21=f55
-		xma.hu	f107=f38,f126,f106	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f106=f38,f126,f106
-	add		r17=r17,r16		};;
-{ .mfi;		xma.hu	f117=f38,f127,f116
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f116=f38,f127,f116
-	add		r18=r18,r17		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r22=f46
-		xma.hu	f48=f39,f120,f47
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f47=f39,f120,f47
-	add		r19=r19,r18		};;
-{ .mfi;	getf.sig	r24=f110
-		xma.hu	f58=f39,f121,f57
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r19,r18
-		xma.lu	f57=f39,f121,f57
-	add		r20=r20,r19		};;
-{ .mfi;	getf.sig	r25=f101
-		xma.hu	f68=f39,f122,f67
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r20,r19
-		xma.lu	f67=f39,f122,f67
-	add		r21=r21,r20		};;
-{ .mfi;	getf.sig	r26=f92
-		xma.hu	f78=f39,f123,f77
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r21,r20
-		xma.lu	f77=f39,f123,f77
-	add		r22=r22,r21		};;
-{ .mfi;	getf.sig	r27=f83
-		xma.hu	f88=f39,f124,f87
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r22,r21
-		xma.lu	f87=f39,f124,f87
-	add		r22=r22,carry1		};;
-{ .mfi;	getf.sig	r28=f74
-		xma.hu	f98=f39,f125,f97
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f97=f39,f125,f97
-	cmp.ltu		p7,p0=r22,carry1	};;
-{ .mfi;	getf.sig	r29=f65
-		xma.hu	f108=f39,f126,f107
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	st8		[r32]=r22,16
-		xma.lu	f107=f39,f126,f107	};;
-{ .mfi;	getf.sig	r30=f56
-		xma.hu	f118=f39,f127,f117	}
-{ .mfi;		xma.lu	f117=f39,f127,f117	};;//
-//-------------------------------------------------//
-// Leaving muliplier's heaven... Quite a ride, huh?
-
-{ .mii;	getf.sig	r31=f47
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r16=f111
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r17=f102	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mii;		getf.sig	r18=f93
-		add		r17=r17,r16
-		mov		carry3=0	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r29=r29,r28		};;
-{ .mii;		getf.sig	r19=f84
-		cmp.ltu		p7,p0=r17,r16	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r29,r28
-	add		r30=r30,r29		};;
-{ .mii;		getf.sig	r20=f75
-		add		r18=r18,r17	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,r29
-	add		r31=r31,r30		};;
-{ .mfb;		getf.sig	r21=f66		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	}
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r31,r30
-	add		r31=r31,carry2		};;
-{ .mfb;		getf.sig	r22=f57		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r19,r18
-		add		r20=r20,r19	}
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r31,carry2	};;
-{ .mfb;		getf.sig	r23=f48		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r20,r19
-		add		r21=r21,r20	}
-{ .mii;
-(p6)	add		carry1=1,carry1		}
-{ .mfb;	st8		[r33]=r31,16		};;
-
-{ .mfb;	getf.sig	r24=f112		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r21,r20
-		add		r22=r22,r21	};;
-{ .mfb;	getf.sig	r25=f103		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r22,r21
-		add		r23=r23,r22	};;
-{ .mfb;	getf.sig	r26=f94			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r23,r22
-		add		r23=r23,carry1	};;
-{ .mfb;	getf.sig	r27=f85			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p8=r23,carry1};;
-{ .mii;	getf.sig	r28=f76
-	add		r25=r25,r24
-	mov		carry1=0		}
-{ .mii;		st8		[r32]=r23,16
-	(p7)	add		carry2=1,carry3
-	(p8)	add		carry2=0,carry3	};;
-
-{ .mfb;	nop.m	0x0				}
-{ .mii;	getf.sig	r29=f67
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;	getf.sig	r30=f58			}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;		getf.sig	r16=f113	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mfb;		getf.sig	r17=f104	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r29=r29,r28		};;
-{ .mfb;		getf.sig	r18=f95		}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r29,r28
-	add		r30=r30,r29		};;
-{ .mii;		getf.sig	r19=f86
-		add		r17=r17,r16
-		mov		carry3=0	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,r29
-	add		r30=r30,carry2		};;
-{ .mii;		getf.sig	r20=f77
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,carry2	};;
-{ .mfb;		getf.sig	r21=f68		}
-{ .mii;	st8		[r33]=r30,16
-(p6)	add		carry1=1,carry1		};;
-
-{ .mfb;	getf.sig	r24=f114		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mfb;	getf.sig	r25=f105		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r19,r18
-		add		r20=r20,r19	};;
-{ .mfb;	getf.sig	r26=f96			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r20,r19
-		add		r21=r21,r20	};;
-{ .mfb;	getf.sig	r27=f87			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r21,r20
-		add		r21=r21,carry1	};;
-{ .mib;	getf.sig	r28=f78			
-	add		r25=r25,r24		}
-{ .mib;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p8=r21,carry1};;
-{ .mii;		st8		[r32]=r21,16
-	(p7)	add		carry2=1,carry3
-	(p8)	add		carry2=0,carry3	}
-
-{ .mii;	mov		carry1=0
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r16=f115	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;		getf.sig	r17=f106	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mfb;		getf.sig	r18=f97		}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r28=r28,carry2		};;
-{ .mib;		getf.sig	r19=f88
-		add		r17=r17,r16	}
-{ .mib;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,carry2	};;
-{ .mii;	st8		[r33]=r28,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;		mov		carry2=0
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	};;
-{ .mfb;	getf.sig	r24=f116		}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mfb;	getf.sig	r25=f107		}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,r18
-		add		r19=r19,carry1	};;
-{ .mfb;	getf.sig	r26=f98			}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,carry1};;
-{ .mii;		st8		[r32]=r19,16
-	(p7)	add		carry2=1,carry2	}
-
-{ .mfb;	add		r25=r25,r24		};;
-
-{ .mfb;		getf.sig	r16=f117	}
-{ .mii;	mov		carry1=0
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r17=f108	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r26=r26,carry2		};;
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,carry2	};;
-{ .mii;	st8		[r33]=r26,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mfb;		add		r17=r17,r16	};;
-{ .mfb;	getf.sig	r24=f118		}
-{ .mii;		mov		carry2=0
-		cmp.ltu		p7,p0=r17,r16
-		add		r17=r17,carry1	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r17,carry1};;
-{ .mii;		st8		[r32]=r17
-	(p7)	add		carry2=1,carry2	};;
-{ .mfb;	add		r24=r24,carry2		};;
-{ .mib;	st8		[r33]=r24		}
-
-{ .mib;	rum		1<<5		// clear um.mfh
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_comba8#
-#undef	carry3
-#undef	carry2
-#undef	carry1
-#endif
-
-#if 1
-// It's possible to make it faster (see comment to bn_sqr_comba8), but
-// I reckon it doesn't worth the effort. Basically because the routine
-// (actually both of them) practically never called... So I just play
-// same trick as with bn_sqr_comba8.
-//
-// void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-//
-.global	bn_sqr_comba4#
-.proc	bn_sqr_comba4#
-.align	64
-bn_sqr_comba4:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-{ .mii;	alloc   r2=ar.pfs,2,1,0,0
-	addp4	r32=0,r32
-	addp4	r33=0,r33		};;
-{ .mii;
-#else
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-#endif
-	mov	r34=r33
-	add	r14=8,r33		};;
-	.body
-{ .mii;	add	r17=8,r34
-	add	r15=16,r33
-	add	r18=16,r34		}
-{ .mfb;	add	r16=24,r33
-	br	.L_cheat_entry_point4	};;
-.endp	bn_sqr_comba4#
-#endif
-
-#if 1
-// Runs in ~115 cycles and ~4.5 times faster than C. Well, whatever...
-//
-// void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-//
-#define	carry1	r14
-#define	carry2	r15
-.global	bn_mul_comba4#
-.proc	bn_mul_comba4#
-.align	64
-bn_mul_comba4:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && defined(_ILP32)
-{ .mii;	alloc   r2=ar.pfs,3,0,0,0
-	addp4	r33=0,r33
-	addp4	r34=0,r34		};;
-{ .mii;	addp4	r32=0,r32
-#else
-{ .mii;	alloc	r2=ar.pfs,3,0,0,0
-#endif
-	add	r14=8,r33
-	add	r17=8,r34		}
-	.body
-{ .mii;	add	r15=16,r33
-	add	r18=16,r34
-	add	r16=24,r33		};;
-.L_cheat_entry_point4:
-{ .mmi;	add	r19=24,r34
-
-	ldf8	f32=[r33]		}
-
-{ .mmi;	ldf8	f120=[r34]
-	ldf8	f121=[r17]		};;
-{ .mmi;	ldf8	f122=[r18]
-	ldf8	f123=[r19]		}
-
-{ .mmi;	ldf8	f33=[r14]
-	ldf8	f34=[r15]		}
-{ .mfi;	ldf8	f35=[r16]
-
-		xma.hu	f41=f32,f120,f0		}
-{ .mfi;		xma.lu	f40=f32,f120,f0		};;
-{ .mfi;		xma.hu	f51=f32,f121,f0		}
-{ .mfi;		xma.lu	f50=f32,f121,f0		};;
-{ .mfi;		xma.hu	f61=f32,f122,f0		}
-{ .mfi;		xma.lu	f60=f32,f122,f0		};;
-{ .mfi;		xma.hu	f71=f32,f123,f0		}
-{ .mfi;		xma.lu	f70=f32,f123,f0		};;//
-// Major stall takes place here, and 3 more places below. Result from
-// first xma is not available for another 3 ticks.
-{ .mfi;	getf.sig	r16=f40
-		xma.hu	f42=f33,f120,f41
-	add		r33=8,r32		}
-{ .mfi;		xma.lu	f41=f33,f120,f41	};;
-{ .mfi;	getf.sig	r24=f50
-		xma.hu	f52=f33,f121,f51	}
-{ .mfi;		xma.lu	f51=f33,f121,f51	};;
-{ .mfi;	st8		[r32]=r16,16
-		xma.hu	f62=f33,f122,f61	}
-{ .mfi;		xma.lu	f61=f33,f122,f61	};;
-{ .mfi;		xma.hu	f72=f33,f123,f71	}
-{ .mfi;		xma.lu	f71=f33,f123,f71	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r25=f41
-		xma.hu	f43=f34,f120,f42	}
-{ .mfi;		xma.lu	f42=f34,f120,f42	};;
-{ .mfi;	getf.sig	r16=f60
-		xma.hu	f53=f34,f121,f52	}
-{ .mfi;		xma.lu	f52=f34,f121,f52	};;
-{ .mfi;	getf.sig	r17=f51
-		xma.hu	f63=f34,f122,f62
-	add		r25=r25,r24		}
-{ .mfi;	mov		carry1=0
-		xma.lu	f62=f34,f122,f62	};;
-{ .mfi;	st8		[r33]=r25,16
-		xma.hu	f73=f34,f123,f72
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f72=f34,f123,f72	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r18=f42
-		xma.hu	f44=f35,f120,f43
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	add		r17=r17,r16
-		xma.lu	f43=f35,f120,f43
-	mov		carry2=0		};;
-{ .mfi;	getf.sig	r24=f70
-		xma.hu	f54=f35,f121,f53
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f53=f35,f121,f53	};;
-{ .mfi;	getf.sig	r25=f61
-		xma.hu	f64=f35,f122,f63
-	add		r18=r18,r17		}
-{ .mfi;		xma.lu	f63=f35,f122,f63
-(p7)	add		carry2=1,carry2		};;
-{ .mfi;	getf.sig	r26=f52
-		xma.hu	f74=f35,f123,f73
-	cmp.ltu		p7,p0=r18,r17		}
-{ .mfi;		xma.lu	f73=f35,f123,f73
-	add		r18=r18,carry1		};;
-//-------------------------------------------------//
-{ .mii;	st8		[r32]=r18,16
-(p7)	add		carry2=1,carry2
-	cmp.ltu		p7,p0=r18,carry1	};;
-
-{ .mfi;	getf.sig	r27=f43	// last major stall
-(p7)	add		carry2=1,carry2		};;
-{ .mii;		getf.sig	r16=f71
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r17=f62	
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r27=r27,carry2		};;
-{ .mii;		getf.sig	r18=f53
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,carry2	};;
-{ .mfi;	st8		[r33]=r27,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;		getf.sig	r19=f44
-		add		r17=r17,r16
-		mov		carry2=0	};;
-{ .mii;	getf.sig	r24=f72
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,r18
-		add		r19=r19,carry1	};;
-{ .mii;	getf.sig	r25=f63
-	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,carry1};;
-{ .mii;		st8		[r32]=r19,16
-	(p7)	add		carry2=1,carry2	}
-
-{ .mii;	getf.sig	r26=f54
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r16=f73
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r26=r26,carry2		};;
-{ .mii;		getf.sig	r17=f64
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,carry2	};;
-{ .mii;	st8		[r33]=r26,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;	getf.sig	r24=f74
-		add		r17=r17,r16	
-		mov		carry2=0	};;
-{ .mii;		cmp.ltu		p7,p0=r17,r16
-		add		r17=r17,carry1	};;
-
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r17,carry1};;
-{ .mii;		st8		[r32]=r17,16
-	(p7)	add		carry2=1,carry2	};;
-
-{ .mii;	add		r24=r24,carry2		};;
-{ .mii;	st8		[r33]=r24		}
-
-{ .mib;	rum		1<<5		// clear um.mfh
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_comba4#
-#undef	carry2
-#undef	carry1
-#endif
-
-#if 1
-//
-// BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-//
-// In the nutshell it's a port of my MIPS III/IV implementation.
-//
-#define	AT	r14
-#define	H	r16
-#define	HH	r20
-#define	L	r17
-#define	D	r18
-#define	DH	r22
-#define	I	r21
-
-#if 0
-// Some preprocessors (most notably HP-UX) apper to be allergic to
-// macros enclosed to parenthesis as these three will be.
-#define	cont	p16
-#define	break	p0	// p20
-#define	equ	p24
-#else
-cont=p16
-break=p0
-equ=p24
-#endif
-
-.global	abort#
-.global	bn_div_words#
-.proc	bn_div_words#
-.align	64
-bn_div_words:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-	.save	b0,r3
-{ .mii;	alloc		r2=ar.pfs,3,5,0,8
-	mov		r3=b0
-	mov		r10=pr		};;
-{ .mmb;	cmp.eq		p6,p0=r34,r0
-	mov		r8=-1
-(p6)	br.ret.spnt.many	b0	};;
-
-	.body
-{ .mii;	mov		H=r32		// save h
-	mov		ar.ec=0		// don't rotate at exit
-	mov		pr.rot=0	}
-{ .mii;	mov		L=r33		// save l
-	mov		r36=r0		};;
-
-.L_divw_shift:	// -vv- note signed comparison
-{ .mfi;	(p0)	cmp.lt		p16,p0=r0,r34	// d
-	(p0)	shladd		r33=r34,1,r0	}
-{ .mfb;	(p0)	add		r35=1,r36
-	(p0)	nop.f		0x0
-(p16)	br.wtop.dpnt		.L_divw_shift	};;
-
-{ .mii;	mov		D=r34
-	shr.u		DH=r34,32
-	sub		r35=64,r36		};;
-{ .mii;	setf.sig	f7=DH
-	shr.u		AT=H,r35
-	mov		I=r36			};;
-{ .mib;	cmp.ne		p6,p0=r0,AT
-	shl		H=H,r36
-(p6)	br.call.spnt.clr	b0=abort	};;	// overflow, die...
-
-{ .mfi;	fcvt.xuf.s1	f7=f7
-	shr.u		AT=L,r35		};;
-{ .mii;	shl		L=L,r36
-	or		H=H,AT			};;
-
-{ .mii;	nop.m		0x0
-	cmp.leu		p6,p0=D,H;;
-(p6)	sub		H=H,D			}
-
-{ .mlx;	setf.sig	f14=D
-	movl		AT=0xffffffff		};;
-///////////////////////////////////////////////////////////
-{ .mii;	setf.sig	f6=H
-	shr.u		HH=H,32;;
-	cmp.eq		p6,p7=HH,DH		};;
-{ .mfb;
-(p6)	setf.sig	f8=AT
-(p7)	fcvt.xuf.s1	f6=f6
-(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
-
-{ .mfi;	getf.sig	r33=f8				// q
-	xmpy.lu		f9=f8,f14		}
-{ .mfi;	xmpy.hu		f10=f8,f14
-	shrp		H=H,L,32		};;
-
-{ .mmi;	getf.sig	r35=f9				// tl
-	getf.sig	r31=f10			};;	// th
-
-.L_divw_1st_iter:
-{ .mii;	(p0)	add		r32=-1,r33
-	(p0)	cmp.eq		equ,cont=HH,r31		};;
-{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
-	(p0)	sub		r34=r35,D
-	(equ)	cmp.leu		break,cont=r35,H	};;
-{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
-	(p8)	add		r31=-1,r31
-(cont)	br.wtop.spnt		.L_divw_1st_iter	};;
-///////////////////////////////////////////////////////////
-{ .mii;	sub		H=H,r35
-	shl		r8=r33,32
-	shl		L=L,32			};;
-///////////////////////////////////////////////////////////
-{ .mii;	setf.sig	f6=H
-	shr.u		HH=H,32;;
-	cmp.eq		p6,p7=HH,DH		};;
-{ .mfb;
-(p6)	setf.sig	f8=AT
-(p7)	fcvt.xuf.s1	f6=f6
-(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
-
-{ .mfi;	getf.sig	r33=f8				// q
-	xmpy.lu		f9=f8,f14		}
-{ .mfi;	xmpy.hu		f10=f8,f14
-	shrp		H=H,L,32		};;
-
-{ .mmi;	getf.sig	r35=f9				// tl
-	getf.sig	r31=f10			};;	// th
-
-.L_divw_2nd_iter:
-{ .mii;	(p0)	add		r32=-1,r33
-	(p0)	cmp.eq		equ,cont=HH,r31		};;
-{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
-	(p0)	sub		r34=r35,D
-	(equ)	cmp.leu		break,cont=r35,H	};;
-{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
-	(p8)	add		r31=-1,r31
-(cont)	br.wtop.spnt		.L_divw_2nd_iter	};;
-///////////////////////////////////////////////////////////
-{ .mii;	sub	H=H,r35
-	or	r8=r8,r33
-	mov	ar.pfs=r2		};;
-{ .mii;	shr.u	r9=H,I			// remainder if anybody wants it
-	mov	pr=r10,0x1ffff		}
-{ .mfb;	br.ret.sptk.many	b0	};;
-
-// Unsigned 64 by 32 (well, by 64 for the moment) bit integer division
-// procedure.
-//
-// inputs:	f6 = (double)a, f7 = (double)b
-// output:	f8 = (int)(a/b)
-// clobbered:	f8,f9,f10,f11,pred
-pred=p15
-// This procedure is essentially Intel code and therefore is
-// copyrighted to Intel Corporation (I suppose...). It's sligtly
-// modified for specific needs.
-.align	32
-.skip	16
-.L_udiv64_32_b6:
-	frcpa.s1	f8,pred=f6,f7;;		// [0]  y0 = 1 / b
-
-(pred)	fnma.s1		f9=f7,f8,f1		// [5]  e0 = 1 - b * y0
-(pred)	fmpy.s1		f10=f6,f8;;		// [5]  q0 = a * y0
-(pred)	fmpy.s1		f11=f9,f9		// [10] e1 = e0 * e0
-(pred)	fma.s1		f10=f9,f10,f10;;	// [10] q1 = q0 + e0 * q0
-(pred)	fma.s1		f8=f9,f8,f8	//;;	// [15] y1 = y0 + e0 * y0
-(pred)	fma.s1		f9=f11,f10,f10;;	// [15] q2 = q1 + e1 * q1
-(pred)	fma.s1		f8=f11,f8,f8	//;;	// [20] y2 = y1 + e1 * y1
-(pred)	fnma.s1		f10=f7,f9,f6;;		// [20] r2 = a - b * q2
-(pred)	fma.s1		f8=f10,f8,f9;;		// [25] q3 = q2 + r2 * y2
-
-	fcvt.fxu.trunc.s1	f8=f8		// [30] q = trunc(q3)
-	br.ret.sptk.many	b6;;
-.endp	bn_div_words#
-#endif
diff --git a/crypto/openssl/crypto/bn/asm/mips1.s b/crypto/openssl/crypto/bn/asm/mips1.s
deleted file mode 100644
index 44fa1254c763..000000000000
--- a/crypto/openssl/crypto/bn/asm/mips1.s
+++ /dev/null
@@ -1,539 +0,0 @@
-/* This assember is for R2000/R3000 machines, or higher ones that do
- * no want to do any 64 bit arithmatic.
- * Make sure that the SSLeay bignum library is compiled with 
- * THIRTY_TWO_BIT set.
- * This must either be compiled with the system CC, or, if you use GNU gas,
- * cc -E mips1.s|gas -o mips1.o
- */
-	.set	reorder
-	.set	noat
-
-#define R1	$1
-#define CC	$2
-#define	R2	$3
-#define R3	$8
-#define R4	$9
-#define L1	$10
-#define L2 	$11
-#define L3	$12
-#define L4 	$13
-#define H1 	$14
-#define H2	$15
-#define H3	$24
-#define H4	$25
-
-#define P1	$4
-#define P2	$5
-#define P3	$6
-#define P4	$7
-
-	.align	2
-	.ent	bn_mul_add_words
-	.globl	bn_mul_add_words
-.text
-bn_mul_add_words:
-	.frame	$sp,0,$31
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-
-	#blt	P3,4,$lab34
-	
-	subu	R1,P3,4
-	move	CC,$0
-	bltz	R1,$lab34
-$lab2:	
-	lw	R1,0(P1)
-	 lw	L1,0(P2)
-	lw	R2,4(P1)
-	 lw	L2,4(P2)
-	lw	R3,8(P1)
-	 lw	L3,8(P2)
-	lw	R4,12(P1)
-	 lw	L4,12(P2)
-	multu	L1,P4
-	 addu	R1,R1,CC
-	mflo	L1
-	 sltu	CC,R1,CC
-	addu	R1,R1,L1
-	 mfhi	H1
-	sltu	L1,R1,L1
-	 sw	R1,0(P1)
-	addu	CC,CC,L1
-	 multu	L2,P4
-	addu	CC,H1,CC
-	mflo	L2
-	 addu	R2,R2,CC
-	sltu	CC,R2,CC
-	 mfhi	H2
-	addu	R2,R2,L2
-	 addu	P2,P2,16
-	sltu	L2,R2,L2
-	 sw	R2,4(P1)
-	addu	CC,CC,L2
-	 multu	L3,P4
-	addu	CC,H2,CC
-	mflo	L3
-	 addu	R3,R3,CC
-	sltu	CC,R3,CC
-	 mfhi	H3
-	addu	R3,R3,L3
-	 addu	P1,P1,16
-	sltu	L3,R3,L3
-	 sw	R3,-8(P1)
-	addu	CC,CC,L3
-	 multu	L4,P4
-	addu	CC,H3,CC
-	mflo	L4
-	 addu	R4,R4,CC
-	sltu	CC,R4,CC
-	 mfhi	H4
-	addu	R4,R4,L4
-	 subu	P3,P3,4
-	sltu	L4,R4,L4
-	addu	CC,CC,L4
-	addu	CC,H4,CC
-
-	subu	R1,P3,4
-	sw	R4,-4(P1)	# delay slot
-	bgez	R1,$lab2
-
-	bleu	P3,0,$lab3
-	.align	2
-$lab33: 
-	lw	L1,0(P2)
-	 lw	R1,0(P1)
-	multu	L1,P4
-	 addu	R1,R1,CC
-	sltu	CC,R1,CC
-	 addu	P1,P1,4
-	mflo	L1
-	 mfhi	H1
-	addu	R1,R1,L1
-	 addu	P2,P2,4
-	sltu	L1,R1,L1
-	 subu	P3,P3,1
-	addu	CC,CC,L1
-	 sw	R1,-4(P1)
-	addu	CC,H1,CC
-	 bgtz	P3,$lab33
-	j	$31
-	.align	2
-$lab3:
-	j	$31
-	.align	2
-$lab34:
-	bgt	P3,0,$lab33
-	j	$31
-	.end	bn_mul_add_words
-
-	.align	2
-	# Program Unit: bn_mul_words
-	.ent	bn_mul_words
-	.globl	bn_mul_words
-.text
-bn_mul_words:
-	.frame	$sp,0,$31
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	
-	subu	P3,P3,4
-	move	CC,$0
-	bltz	P3,$lab45
-$lab44:	
-	lw	L1,0(P2)
-	 lw	L2,4(P2)
-	lw	L3,8(P2)
-	 lw	L4,12(P2)
-	multu	L1,P4
-	 subu	P3,P3,4
-	mflo	L1
-	 mfhi	H1
-	addu	L1,L1,CC
-	 multu	L2,P4
-	sltu	CC,L1,CC
-	 sw	L1,0(P1)
-	addu	CC,H1,CC
-	 mflo	L2
-	mfhi	H2
-	 addu	L2,L2,CC
-	multu	L3,P4
-	 sltu	CC,L2,CC
-	sw	L2,4(P1)
-	 addu	CC,H2,CC
-	mflo	L3
-	 mfhi	H3
-	addu	L3,L3,CC
-	 multu	L4,P4
-	sltu	CC,L3,CC
-	 sw	L3,8(P1)
-	addu	CC,H3,CC
-	 mflo	L4
-	mfhi	H4
-	 addu	L4,L4,CC
-	addu	P1,P1,16
-	 sltu	CC,L4,CC
-	addu	P2,P2,16
-	 addu	CC,H4,CC
-	sw	L4,-4(P1)
-
-	bgez	P3,$lab44
-	b	$lab45
-$lab46:
-	lw	L1,0(P2)
-	 addu	P1,P1,4
-	multu	L1,P4
-	 addu	P2,P2,4
-	mflo	L1
-	 mfhi	H1
-	addu	L1,L1,CC
-	 subu	P3,P3,1
-	sltu	CC,L1,CC
-	 sw	L1,-4(P1)
-	addu	CC,H1,CC
-	 bgtz	P3,$lab46
-	j	$31
-$lab45:
-	addu	P3,P3,4
-	bgtz	P3,$lab46
-	j	$31
-	.align	2
-	.end	bn_mul_words
-
-	# Program Unit: bn_sqr_words
-	.ent	bn_sqr_words
-	.globl	bn_sqr_words
-.text
-bn_sqr_words:
-	.frame	$sp,0,$31
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	
-	subu	P3,P3,4
-	bltz	P3,$lab55
-$lab54:
-	lw	L1,0(P2)
-	 lw	L2,4(P2)
-	lw	L3,8(P2)
-	 lw	L4,12(P2)
-
-	multu	L1,L1
-	 subu	P3,P3,4
-	mflo	L1
-	 mfhi	H1
-	sw	L1,0(P1)
-	 sw	H1,4(P1)
-
-	multu	L2,L2
-	 addu	P1,P1,32
-	mflo	L2
-	 mfhi	H2
-	sw	L2,-24(P1)
-	 sw	H2,-20(P1)
-
-	multu	L3,L3
-	 addu	P2,P2,16
-	mflo	L3
-	 mfhi	H3
-	sw	L3,-16(P1)
-	 sw	H3,-12(P1)
-
-	multu	L4,L4
-
-	mflo	L4
-	 mfhi	H4
-	sw	L4,-8(P1)
-	 sw	H4,-4(P1)
-
-	bgtz	P3,$lab54
-	b	$lab55
-$lab56:	
-	lw	L1,0(P2)
-	addu	P1,P1,8
-	multu	L1,L1
-	addu	P2,P2,4
-	subu	P3,P3,1
-	mflo	L1
-	mfhi	H1
-	sw	L1,-8(P1)
-	sw	H1,-4(P1)
-
-	bgtz	P3,$lab56
-	j	$31
-$lab55:
-	addu	P3,P3,4
-	bgtz	P3,$lab56
-	j	$31
-	.align	2
-	.end	bn_sqr_words
-
-	# Program Unit: bn_add_words
-	.ent	bn_add_words
-	.globl	bn_add_words
-.text
-bn_add_words: 	 # 0x590
-	.frame	$sp,0,$31
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	
-	subu	P4,P4,4
-	move	CC,$0
-	bltz	P4,$lab65
-$lab64:	
-	lw	L1,0(P2)
-	lw	R1,0(P3)
-	lw	L2,4(P2)
-	lw	R2,4(P3)
-
-	addu	L1,L1,CC
-	 lw	L3,8(P2)
-	sltu	CC,L1,CC
-	 addu	L1,L1,R1
-	sltu	R1,L1,R1
-	 lw	R3,8(P3)
-	addu	CC,CC,R1
-	 lw	L4,12(P2)
-
-	addu	L2,L2,CC
-	 lw	R4,12(P3)
-	sltu	CC,L2,CC
-	 addu	L2,L2,R2
-	sltu	R2,L2,R2
-	 sw	L1,0(P1)
-	addu	CC,CC,R2
-	 addu	P1,P1,16
-	addu	L3,L3,CC
-	 sw	L2,-12(P1)
- 
-	sltu	CC,L3,CC
-	 addu	L3,L3,R3
-	sltu	R3,L3,R3
-	 addu	P2,P2,16
-	addu	CC,CC,R3
-
-	addu	L4,L4,CC
-	 addu	P3,P3,16
-	sltu	CC,L4,CC
-	 addu	L4,L4,R4
-	subu	P4,P4,4
-	 sltu	R4,L4,R4
-	sw	L3,-8(P1)
-	 addu	CC,CC,R4
-	sw	L4,-4(P1)
-
-	bgtz	P4,$lab64
-	b	$lab65
-$lab66:
-	lw	L1,0(P2)
-	 lw	R1,0(P3)
-	addu	L1,L1,CC
-	 addu	P1,P1,4
-	sltu	CC,L1,CC
-	 addu	P2,P2,4
-	addu	P3,P3,4
-	 addu	L1,L1,R1
-	subu	P4,P4,1
-	 sltu	R1,L1,R1
-	sw	L1,-4(P1)
-	 addu	CC,CC,R1
-
-	bgtz	P4,$lab66
-	j	$31
-$lab65:
-	addu	P4,P4,4
-	bgtz	P4,$lab66
-	j	$31
-	.end	bn_add_words
-
-	# Program Unit: bn_div64
-	.set	at
-	.set	reorder
-	.text	
-	.align	2
-	.globl	bn_div64
- # 321		{
-	.ent	bn_div64 2
-bn_div64:
-	subu	$sp, 64
-	sw	$31, 56($sp)
-	sw	$16, 48($sp)
-	.mask	0x80010000, -56
-	.frame	$sp, 64, $31
-	move	$9, $4
-	move	$12, $5
-	move	$16, $6
- # 322		BN_ULONG dh,dl,q,ret=0,th,tl,t;
-	move	$31, $0
- # 323		int i,count=2;
-	li	$13, 2
- # 324	
- # 325		if (d == 0) return(BN_MASK2);
-	bne	$16, 0, $80
-	li	$2, -1
-	b	$93
-$80:
- # 326	
- # 327		i=BN_num_bits_word(d);
-	move	$4, $16
-	sw	$31, 16($sp)
-	sw	$9, 24($sp)
-	sw	$12, 32($sp)
-	sw	$13, 40($sp)
-	.livereg	0x800ff0e,0xfff
-	jal	BN_num_bits_word
-	li	$4, 32
-	lw	$31, 16($sp)
-	lw	$9, 24($sp)
-	lw	$12, 32($sp)
-	lw	$13, 40($sp)
-	move	$3, $2
- # 328		if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
-	beq	$2, $4, $81
-	li	$14, 1
-	sll	$15, $14, $2
-	bleu	$9, $15, $81
- # 329			{
- # 330	#if !defined(NO_STDIO) && !defined(WIN16)
- # 331			fprintf(stderr,"Division would overflow (%d)\n",i);
- # 332	#endif
- # 333			abort();
-	sw	$3, 8($sp)
-	sw	$9, 24($sp)
-	sw	$12, 32($sp)
-	sw	$13, 40($sp)
-	sw	$31, 26($sp)
-	.livereg	0xff0e,0xfff
-	jal	abort
-	lw	$3, 8($sp)
-	li	$4, 32
-	lw	$9, 24($sp)
-	lw	$12, 32($sp)
-	lw	$13, 40($sp)
-	lw	$31, 26($sp)
- # 334			}
-$81:
- # 335		i=BN_BITS2-i;
-	subu	$3, $4, $3
- # 336		if (h >= d) h-=d;
-	bltu	$9, $16, $82
-	subu	$9, $9, $16
-$82:
- # 337	
- # 338		if (i)
-	beq	$3, 0, $83
- # 339			{
- # 340			d<<=i;
-	sll	$16, $16, $3
- # 341			h=(h<<i)|(l>>(BN_BITS2-i));
-	sll	$24, $9, $3
-	subu	$25, $4, $3
-	srl	$14, $12, $25
-	or	$9, $24, $14
- # 342			l<<=i;
-	sll	$12, $12, $3
- # 343			}
-$83:
- # 344		dh=(d&BN_MASK2h)>>BN_BITS4;
- # 345		dl=(d&BN_MASK2l);
-	and	$8, $16, -65536
-	srl	$8, $8, 16
-	and	$10, $16, 65535
-	li	$6, -65536
-$84:
- # 346		for (;;)
- # 347			{
- # 348			if ((h>>BN_BITS4) == dh)
-	srl	$15, $9, 16
-	bne	$8, $15, $85
- # 349				q=BN_MASK2l;
-	li	$5, 65535
-	b	$86
-$85:
- # 350			else
- # 351				q=h/dh;
-	divu	$5, $9, $8
-$86:
- # 352	
- # 353			for (;;)
- # 354				{
- # 355				t=(h-q*dh);
-	mul	$4, $5, $8
-	subu	$2, $9, $4
-	move	$3, $2
- # 356				if ((t&BN_MASK2h) ||
- # 357					((dl*q) <= (
- # 358						(t<<BN_BITS4)+
- # 359						((l&BN_MASK2h)>>BN_BITS4))))
-	and	$25, $2, $6
-	bne	$25, $0, $87
-	mul	$24, $10, $5
-	sll	$14, $3, 16
-	and	$15, $12, $6
-	srl	$25, $15, 16
-	addu	$15, $14, $25
-	bgtu	$24, $15, $88
-$87:
- # 360					break;
-	mul	$3, $10, $5
-	b	$89
-$88:
- # 361				q--;
-	addu	$5, $5, -1
- # 362				}
-	b	$86
-$89:
- # 363			th=q*dh;
- # 364			tl=q*dl;
- # 365			t=(tl>>BN_BITS4);
- # 366			tl=(tl<<BN_BITS4)&BN_MASK2h;
-	sll	$14, $3, 16
-	and	$2, $14, $6
-	move	$11, $2
- # 367			th+=t;
-	srl	$25, $3, 16
-	addu	$7, $4, $25
- # 368	
- # 369			if (l < tl) th++;
-	bgeu	$12, $2, $90
-	addu	$7, $7, 1
-$90:
- # 370			l-=tl;
-	subu	$12, $12, $11
- # 371			if (h < th)
-	bgeu	$9, $7, $91
- # 372				{
- # 373				h+=d;
-	addu	$9, $9, $16
- # 374				q--;
-	addu	$5, $5, -1
- # 375				}
-$91:
- # 376			h-=th;
-	subu	$9, $9, $7
- # 377	
- # 378			if (--count == 0) break;
-	addu	$13, $13, -1
-	beq	$13, 0, $92
- # 379	
- # 380			ret=q<<BN_BITS4;
-	sll	$31, $5, 16
- # 381			h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
-	sll	$24, $9, 16
-	srl	$15, $12, 16
-	or	$9, $24, $15
- # 382			l=(l&BN_MASK2l)<<BN_BITS4;
-	and	$12, $12, 65535
-	sll	$12, $12, 16
- # 383			}
-	b	$84
-$92:
- # 384		ret|=q;
-	or	$31, $31, $5
- # 385		return(ret);
-	move	$2, $31
-$93:
-	lw	$16, 48($sp)
-	lw	$31, 56($sp)
-	addu	$sp, 64
-	j	$31
-	.end	bn_div64
-
diff --git a/crypto/openssl/crypto/bn/asm/mips3.s b/crypto/openssl/crypto/bn/asm/mips3.s
deleted file mode 100644
index dca4105c7db1..000000000000
--- a/crypto/openssl/crypto/bn/asm/mips3.s
+++ /dev/null
@@ -1,2201 +0,0 @@
-.rdata
-.asciiz	"mips3.s, Version 1.1"
-.asciiz	"MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to the OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * The module is designed to work with either of the "new" MIPS ABI(5),
- * namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
- * IRIX 5.x not only because it doesn't support new ABIs but also
- * because 5.x kernels put R4x00 CPU into 32-bit mode and all those
- * 64-bit instructions (daddu, dmultu, etc.) found below gonna only
- * cause illegal instruction exception:-(
- *
- * In addition the code depends on preprocessor flags set up by MIPSpro
- * compiler driver (either as or cc) and therefore (probably?) can't be
- * compiled by the GNU assembler. GNU C driver manages fine though...
- * I mean as long as -mmips-as is specified or is the default option,
- * because then it simply invokes /usr/bin/as which in turn takes
- * perfect care of the preprocessor definitions. Another neat feature
- * offered by the MIPSpro assembler is an optimization pass. This gave
- * me the opportunity to have the code looking more regular as all those
- * architecture dependent instruction rescheduling details were left to
- * the assembler. Cool, huh?
- *
- * Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
- * goes way over 3 times faster!
- *
- *					<appro@fy.chalmers.se>
- */
-#include <asm.h>
-#include <regdef.h>
-
-#if _MIPS_ISA>=4
-#define	MOVNZ(cond,dst,src)	\
-	movn	dst,src,cond
-#else
-#define	MOVNZ(cond,dst,src)	\
-	.set	noreorder;	\
-	bnezl	cond,.+8;	\
-	move	dst,src;	\
-	.set	reorder
-#endif
-
-.text
-
-.set	noat
-.set	reorder
-
-#define	MINUS4	v1
-
-.align	5
-LEAF(bn_mul_add_words)
-	.set	noreorder
-	bgtzl	a2,.L_bn_mul_add_words_proceed
-	ld	t0,0(a1)
-	jr	ra
-	move	v0,zero
-	.set	reorder
-
-.L_bn_mul_add_words_proceed:
-	li	MINUS4,-4
-	and	ta0,a2,MINUS4
-	move	v0,zero
-	beqz	ta0,.L_bn_mul_add_words_tail
-
-.L_bn_mul_add_words_loop:
-	dmultu	t0,a3
-	ld	t1,0(a0)
-	ld	t2,8(a1)
-	ld	t3,8(a0)
-	ld	ta0,16(a1)
-	ld	ta1,16(a0)
-	daddu	t1,v0
-	sltu	v0,t1,v0	/* All manuals say it "compares 32-bit
-				 * values", but it seems to work fine
-				 * even on 64-bit registers. */
-	mflo	AT
-	mfhi	t0
-	daddu	t1,AT
-	daddu	v0,t0
-	sltu	AT,t1,AT
-	sd	t1,0(a0)
-	daddu	v0,AT
-
-	dmultu	t2,a3
-	ld	ta2,24(a1)
-	ld	ta3,24(a0)
-	daddu	t3,v0
-	sltu	v0,t3,v0
-	mflo	AT
-	mfhi	t2
-	daddu	t3,AT
-	daddu	v0,t2
-	sltu	AT,t3,AT
-	sd	t3,8(a0)
-	daddu	v0,AT
-
-	dmultu	ta0,a3
-	subu	a2,4
-	PTR_ADD	a0,32
-	PTR_ADD	a1,32
-	daddu	ta1,v0
-	sltu	v0,ta1,v0
-	mflo	AT
-	mfhi	ta0
-	daddu	ta1,AT
-	daddu	v0,ta0
-	sltu	AT,ta1,AT
-	sd	ta1,-16(a0)
-	daddu	v0,AT
-
-
-	dmultu	ta2,a3
-	and	ta0,a2,MINUS4
-	daddu	ta3,v0
-	sltu	v0,ta3,v0
-	mflo	AT
-	mfhi	ta2
-	daddu	ta3,AT
-	daddu	v0,ta2
-	sltu	AT,ta3,AT
-	sd	ta3,-8(a0)
-	daddu	v0,AT
-	.set	noreorder
-	bgtzl	ta0,.L_bn_mul_add_words_loop
-	ld	t0,0(a1)
-
-	bnezl	a2,.L_bn_mul_add_words_tail
-	ld	t0,0(a1)
-	.set	reorder
-
-.L_bn_mul_add_words_return:
-	jr	ra
-
-.L_bn_mul_add_words_tail:
-	dmultu	t0,a3
-	ld	t1,0(a0)
-	subu	a2,1
-	daddu	t1,v0
-	sltu	v0,t1,v0
-	mflo	AT
-	mfhi	t0
-	daddu	t1,AT
-	daddu	v0,t0
-	sltu	AT,t1,AT
-	sd	t1,0(a0)
-	daddu	v0,AT
-	beqz	a2,.L_bn_mul_add_words_return
-
-	ld	t0,8(a1)
-	dmultu	t0,a3
-	ld	t1,8(a0)
-	subu	a2,1
-	daddu	t1,v0
-	sltu	v0,t1,v0
-	mflo	AT
-	mfhi	t0
-	daddu	t1,AT
-	daddu	v0,t0
-	sltu	AT,t1,AT
-	sd	t1,8(a0)
-	daddu	v0,AT
-	beqz	a2,.L_bn_mul_add_words_return
-
-	ld	t0,16(a1)
-	dmultu	t0,a3
-	ld	t1,16(a0)
-	daddu	t1,v0
-	sltu	v0,t1,v0
-	mflo	AT
-	mfhi	t0
-	daddu	t1,AT
-	daddu	v0,t0
-	sltu	AT,t1,AT
-	sd	t1,16(a0)
-	daddu	v0,AT
-	jr	ra
-END(bn_mul_add_words)
-
-.align	5
-LEAF(bn_mul_words)
-	.set	noreorder
-	bgtzl	a2,.L_bn_mul_words_proceed
-	ld	t0,0(a1)
-	jr	ra
-	move	v0,zero
-	.set	reorder
-
-.L_bn_mul_words_proceed:
-	li	MINUS4,-4
-	and	ta0,a2,MINUS4
-	move	v0,zero
-	beqz	ta0,.L_bn_mul_words_tail
-
-.L_bn_mul_words_loop:
-	dmultu	t0,a3
-	ld	t2,8(a1)
-	ld	ta0,16(a1)
-	ld	ta2,24(a1)
-	mflo	AT
-	mfhi	t0
-	daddu	v0,AT
-	sltu	t1,v0,AT
-	sd	v0,0(a0)
-	daddu	v0,t1,t0
-
-	dmultu	t2,a3
-	subu	a2,4
-	PTR_ADD	a0,32
-	PTR_ADD	a1,32
-	mflo	AT
-	mfhi	t2
-	daddu	v0,AT
-	sltu	t3,v0,AT
-	sd	v0,-24(a0)
-	daddu	v0,t3,t2
-
-	dmultu	ta0,a3
-	mflo	AT
-	mfhi	ta0
-	daddu	v0,AT
-	sltu	ta1,v0,AT
-	sd	v0,-16(a0)
-	daddu	v0,ta1,ta0
-
-
-	dmultu	ta2,a3
-	and	ta0,a2,MINUS4
-	mflo	AT
-	mfhi	ta2
-	daddu	v0,AT
-	sltu	ta3,v0,AT
-	sd	v0,-8(a0)
-	daddu	v0,ta3,ta2
-	.set	noreorder
-	bgtzl	ta0,.L_bn_mul_words_loop
-	ld	t0,0(a1)
-
-	bnezl	a2,.L_bn_mul_words_tail
-	ld	t0,0(a1)
-	.set	reorder
-
-.L_bn_mul_words_return:
-	jr	ra
-
-.L_bn_mul_words_tail:
-	dmultu	t0,a3
-	subu	a2,1
-	mflo	AT
-	mfhi	t0
-	daddu	v0,AT
-	sltu	t1,v0,AT
-	sd	v0,0(a0)
-	daddu	v0,t1,t0
-	beqz	a2,.L_bn_mul_words_return
-
-	ld	t0,8(a1)
-	dmultu	t0,a3
-	subu	a2,1
-	mflo	AT
-	mfhi	t0
-	daddu	v0,AT
-	sltu	t1,v0,AT
-	sd	v0,8(a0)
-	daddu	v0,t1,t0
-	beqz	a2,.L_bn_mul_words_return
-
-	ld	t0,16(a1)
-	dmultu	t0,a3
-	mflo	AT
-	mfhi	t0
-	daddu	v0,AT
-	sltu	t1,v0,AT
-	sd	v0,16(a0)
-	daddu	v0,t1,t0
-	jr	ra
-END(bn_mul_words)
-
-.align	5
-LEAF(bn_sqr_words)
-	.set	noreorder
-	bgtzl	a2,.L_bn_sqr_words_proceed
-	ld	t0,0(a1)
-	jr	ra
-	move	v0,zero
-	.set	reorder
-
-.L_bn_sqr_words_proceed:
-	li	MINUS4,-4
-	and	ta0,a2,MINUS4
-	move	v0,zero
-	beqz	ta0,.L_bn_sqr_words_tail
-
-.L_bn_sqr_words_loop:
-	dmultu	t0,t0
-	ld	t2,8(a1)
-	ld	ta0,16(a1)
-	ld	ta2,24(a1)
-	mflo	t1
-	mfhi	t0
-	sd	t1,0(a0)
-	sd	t0,8(a0)
-
-	dmultu	t2,t2
-	subu	a2,4
-	PTR_ADD	a0,64
-	PTR_ADD	a1,32
-	mflo	t3
-	mfhi	t2
-	sd	t3,-48(a0)
-	sd	t2,-40(a0)
-
-	dmultu	ta0,ta0
-	mflo	ta1
-	mfhi	ta0
-	sd	ta1,-32(a0)
-	sd	ta0,-24(a0)
-
-
-	dmultu	ta2,ta2
-	and	ta0,a2,MINUS4
-	mflo	ta3
-	mfhi	ta2
-	sd	ta3,-16(a0)
-	sd	ta2,-8(a0)
-
-	.set	noreorder
-	bgtzl	ta0,.L_bn_sqr_words_loop
-	ld	t0,0(a1)
-
-	bnezl	a2,.L_bn_sqr_words_tail
-	ld	t0,0(a1)
-	.set	reorder
-
-.L_bn_sqr_words_return:
-	move	v0,zero
-	jr	ra
-
-.L_bn_sqr_words_tail:
-	dmultu	t0,t0
-	subu	a2,1
-	mflo	t1
-	mfhi	t0
-	sd	t1,0(a0)
-	sd	t0,8(a0)
-	beqz	a2,.L_bn_sqr_words_return
-
-	ld	t0,8(a1)
-	dmultu	t0,t0
-	subu	a2,1
-	mflo	t1
-	mfhi	t0
-	sd	t1,16(a0)
-	sd	t0,24(a0)
-	beqz	a2,.L_bn_sqr_words_return
-
-	ld	t0,16(a1)
-	dmultu	t0,t0
-	mflo	t1
-	mfhi	t0
-	sd	t1,32(a0)
-	sd	t0,40(a0)
-	jr	ra
-END(bn_sqr_words)
-
-.align	5
-LEAF(bn_add_words)
-	.set	noreorder
-	bgtzl	a3,.L_bn_add_words_proceed
-	ld	t0,0(a1)
-	jr	ra
-	move	v0,zero
-	.set	reorder
-
-.L_bn_add_words_proceed:
-	li	MINUS4,-4
-	and	AT,a3,MINUS4
-	move	v0,zero
-	beqz	AT,.L_bn_add_words_tail
-
-.L_bn_add_words_loop:
-	ld	ta0,0(a2)
-	subu	a3,4
-	ld	t1,8(a1)
-	and	AT,a3,MINUS4
-	ld	t2,16(a1)
-	PTR_ADD	a2,32
-	ld	t3,24(a1)
-	PTR_ADD	a0,32
-	ld	ta1,-24(a2)
-	PTR_ADD	a1,32
-	ld	ta2,-16(a2)
-	ld	ta3,-8(a2)
-	daddu	ta0,t0
-	sltu	t8,ta0,t0
-	daddu	t0,ta0,v0
-	sltu	v0,t0,ta0
-	sd	t0,-32(a0)
-	daddu	v0,t8
-
-	daddu	ta1,t1
-	sltu	t9,ta1,t1
-	daddu	t1,ta1,v0
-	sltu	v0,t1,ta1
-	sd	t1,-24(a0)
-	daddu	v0,t9
-
-	daddu	ta2,t2
-	sltu	t8,ta2,t2
-	daddu	t2,ta2,v0
-	sltu	v0,t2,ta2
-	sd	t2,-16(a0)
-	daddu	v0,t8
-	
-	daddu	ta3,t3
-	sltu	t9,ta3,t3
-	daddu	t3,ta3,v0
-	sltu	v0,t3,ta3
-	sd	t3,-8(a0)
-	daddu	v0,t9
-	
-	.set	noreorder
-	bgtzl	AT,.L_bn_add_words_loop
-	ld	t0,0(a1)
-
-	bnezl	a3,.L_bn_add_words_tail
-	ld	t0,0(a1)
-	.set	reorder
-
-.L_bn_add_words_return:
-	jr	ra
-
-.L_bn_add_words_tail:
-	ld	ta0,0(a2)
-	daddu	ta0,t0
-	subu	a3,1
-	sltu	t8,ta0,t0
-	daddu	t0,ta0,v0
-	sltu	v0,t0,ta0
-	sd	t0,0(a0)
-	daddu	v0,t8
-	beqz	a3,.L_bn_add_words_return
-
-	ld	t1,8(a1)
-	ld	ta1,8(a2)
-	daddu	ta1,t1
-	subu	a3,1
-	sltu	t9,ta1,t1
-	daddu	t1,ta1,v0
-	sltu	v0,t1,ta1
-	sd	t1,8(a0)
-	daddu	v0,t9
-	beqz	a3,.L_bn_add_words_return
-
-	ld	t2,16(a1)
-	ld	ta2,16(a2)
-	daddu	ta2,t2
-	sltu	t8,ta2,t2
-	daddu	t2,ta2,v0
-	sltu	v0,t2,ta2
-	sd	t2,16(a0)
-	daddu	v0,t8
-	jr	ra
-END(bn_add_words)
-
-.align	5
-LEAF(bn_sub_words)
-	.set	noreorder
-	bgtzl	a3,.L_bn_sub_words_proceed
-	ld	t0,0(a1)
-	jr	ra
-	move	v0,zero
-	.set	reorder
-
-.L_bn_sub_words_proceed:
-	li	MINUS4,-4
-	and	AT,a3,MINUS4
-	move	v0,zero
-	beqz	AT,.L_bn_sub_words_tail
-
-.L_bn_sub_words_loop:
-	ld	ta0,0(a2)
-	subu	a3,4
-	ld	t1,8(a1)
-	and	AT,a3,MINUS4
-	ld	t2,16(a1)
-	PTR_ADD	a2,32
-	ld	t3,24(a1)
-	PTR_ADD	a0,32
-	ld	ta1,-24(a2)
-	PTR_ADD	a1,32
-	ld	ta2,-16(a2)
-	ld	ta3,-8(a2)
-	sltu	t8,t0,ta0
-	dsubu	t0,ta0
-	dsubu	ta0,t0,v0
-	sd	ta0,-32(a0)
-	MOVNZ	(t0,v0,t8)
-
-	sltu	t9,t1,ta1
-	dsubu	t1,ta1
-	dsubu	ta1,t1,v0
-	sd	ta1,-24(a0)
-	MOVNZ	(t1,v0,t9)
-
-
-	sltu	t8,t2,ta2
-	dsubu	t2,ta2
-	dsubu	ta2,t2,v0
-	sd	ta2,-16(a0)
-	MOVNZ	(t2,v0,t8)
-
-	sltu	t9,t3,ta3
-	dsubu	t3,ta3
-	dsubu	ta3,t3,v0
-	sd	ta3,-8(a0)
-	MOVNZ	(t3,v0,t9)
-
-	.set	noreorder
-	bgtzl	AT,.L_bn_sub_words_loop
-	ld	t0,0(a1)
-
-	bnezl	a3,.L_bn_sub_words_tail
-	ld	t0,0(a1)
-	.set	reorder
-
-.L_bn_sub_words_return:
-	jr	ra
-
-.L_bn_sub_words_tail:
-	ld	ta0,0(a2)
-	subu	a3,1
-	sltu	t8,t0,ta0
-	dsubu	t0,ta0
-	dsubu	ta0,t0,v0
-	MOVNZ	(t0,v0,t8)
-	sd	ta0,0(a0)
-	beqz	a3,.L_bn_sub_words_return
-
-	ld	t1,8(a1)
-	subu	a3,1
-	ld	ta1,8(a2)
-	sltu	t9,t1,ta1
-	dsubu	t1,ta1
-	dsubu	ta1,t1,v0
-	MOVNZ	(t1,v0,t9)
-	sd	ta1,8(a0)
-	beqz	a3,.L_bn_sub_words_return
-
-	ld	t2,16(a1)
-	ld	ta2,16(a2)
-	sltu	t8,t2,ta2
-	dsubu	t2,ta2
-	dsubu	ta2,t2,v0
-	MOVNZ	(t2,v0,t8)
-	sd	ta2,16(a0)
-	jr	ra
-END(bn_sub_words)
-
-#undef	MINUS4
-
-.align 5
-LEAF(bn_div_3_words)
-	.set	reorder
-	move	a3,a0		/* we know that bn_div_words doesn't
-				 * touch a3, ta2, ta3 and preserves a2
-				 * so that we can save two arguments
-				 * and return address in registers
-				 * instead of stack:-)
-				 */
-	ld	a0,(a3)
-	move	ta2,a1
-	ld	a1,-8(a3)
-	bne	a0,a2,.L_bn_div_3_words_proceed
-	li	v0,-1
-	jr	ra
-.L_bn_div_3_words_proceed:
-	move	ta3,ra
-	bal	bn_div_words
-	move	ra,ta3
-	dmultu	ta2,v0
-	ld	t2,-16(a3)
-	move	ta0,zero
-	mfhi	t1
-	mflo	t0
-	sltu	t8,t1,v1
-.L_bn_div_3_words_inner_loop:
-	bnez	t8,.L_bn_div_3_words_inner_loop_done
-	sgeu	AT,t2,t0
-	seq	t9,t1,v1
-	and	AT,t9
-	sltu	t3,t0,ta2
-	daddu	v1,a2
-	dsubu	t1,t3
-	dsubu	t0,ta2
-	sltu	t8,t1,v1
-	sltu	ta0,v1,a2
-	or	t8,ta0
-	.set	noreorder
-	beqzl	AT,.L_bn_div_3_words_inner_loop
-	dsubu	v0,1
-	.set	reorder
-.L_bn_div_3_words_inner_loop_done:
-	jr	ra
-END(bn_div_3_words)
-
-.align	5
-LEAF(bn_div_words)
-	.set	noreorder
-	bnezl	a2,.L_bn_div_words_proceed
-	move	v1,zero
-	jr	ra
-	li	v0,-1		/* I'd rather signal div-by-zero
-				 * which can be done with 'break 7' */
-
-.L_bn_div_words_proceed:
-	bltz	a2,.L_bn_div_words_body
-	move	t9,v1
-	dsll	a2,1
-	bgtz	a2,.-4
-	addu	t9,1
-
-	.set	reorder
-	negu	t1,t9
-	li	t2,-1
-	dsll	t2,t1
-	and	t2,a0
-	dsrl	AT,a1,t1
-	.set	noreorder
-	bnezl	t2,.+8
-	break	6		/* signal overflow */
-	.set	reorder
-	dsll	a0,t9
-	dsll	a1,t9
-	or	a0,AT
-
-#define	QT	ta0
-#define	HH	ta1
-#define	DH	v1
-.L_bn_div_words_body:
-	dsrl	DH,a2,32
-	sgeu	AT,a0,a2
-	.set	noreorder
-	bnezl	AT,.+8
-	dsubu	a0,a2
-	.set	reorder
-
-	li	QT,-1
-	dsrl	HH,a0,32
-	dsrl	QT,32	/* q=0xffffffff */
-	beq	DH,HH,.L_bn_div_words_skip_div1
-	ddivu	zero,a0,DH
-	mflo	QT
-.L_bn_div_words_skip_div1:
-	dmultu	a2,QT
-	dsll	t3,a0,32
-	dsrl	AT,a1,32
-	or	t3,AT
-	mflo	t0
-	mfhi	t1
-.L_bn_div_words_inner_loop1:
-	sltu	t2,t3,t0
-	seq	t8,HH,t1
-	sltu	AT,HH,t1
-	and	t2,t8
-	sltu	v0,t0,a2
-	or	AT,t2
-	.set	noreorder
-	beqz	AT,.L_bn_div_words_inner_loop1_done
-	dsubu	t1,v0
-	dsubu	t0,a2
-	b	.L_bn_div_words_inner_loop1
-	dsubu	QT,1
-	.set	reorder
-.L_bn_div_words_inner_loop1_done:
-
-	dsll	a1,32
-	dsubu	a0,t3,t0
-	dsll	v0,QT,32
-
-	li	QT,-1
-	dsrl	HH,a0,32
-	dsrl	QT,32	/* q=0xffffffff */
-	beq	DH,HH,.L_bn_div_words_skip_div2
-	ddivu	zero,a0,DH
-	mflo	QT
-.L_bn_div_words_skip_div2:
-#undef	DH
-	dmultu	a2,QT
-	dsll	t3,a0,32
-	dsrl	AT,a1,32
-	or	t3,AT
-	mflo	t0
-	mfhi	t1
-.L_bn_div_words_inner_loop2:
-	sltu	t2,t3,t0
-	seq	t8,HH,t1
-	sltu	AT,HH,t1
-	and	t2,t8
-	sltu	v1,t0,a2
-	or	AT,t2
-	.set	noreorder
-	beqz	AT,.L_bn_div_words_inner_loop2_done
-	dsubu	t1,v1
-	dsubu	t0,a2
-	b	.L_bn_div_words_inner_loop2
-	dsubu	QT,1
-	.set	reorder
-.L_bn_div_words_inner_loop2_done:	
-#undef	HH
-
-	dsubu	a0,t3,t0
-	or	v0,QT
-	dsrl	v1,a0,t9	/* v1 contains remainder if anybody wants it */
-	dsrl	a2,t9		/* restore a2 */
-	jr	ra
-#undef	QT
-END(bn_div_words)
-
-#define	a_0	t0
-#define	a_1	t1
-#define	a_2	t2
-#define	a_3	t3
-#define	b_0	ta0
-#define	b_1	ta1
-#define	b_2	ta2
-#define	b_3	ta3
-
-#define	a_4	s0
-#define	a_5	s2
-#define	a_6	s4
-#define	a_7	a1	/* once we load a[7] we don't need a anymore */
-#define	b_4	s1
-#define	b_5	s3
-#define	b_6	s5
-#define	b_7	a2	/* once we load b[7] we don't need b anymore */
-
-#define	t_1	t8
-#define	t_2	t9
-
-#define	c_1	v0
-#define	c_2	v1
-#define	c_3	a3
-
-#define	FRAME_SIZE	48
-
-.align	5
-LEAF(bn_mul_comba8)
-	.set	noreorder
-	PTR_SUB	sp,FRAME_SIZE
-	.frame	sp,64,ra
-	.set	reorder
-	ld	a_0,0(a1)	/* If compiled with -mips3 option on
-				 * R5000 box assembler barks on this
-				 * line with "shouldn't have mult/div
-				 * as last instruction in bb (R10K
-				 * bug)" warning. If anybody out there
-				 * has a clue about how to circumvent
-				 * this do send me a note.
-				 *		<appro@fy.chalmers.se>
-				 */
-	ld	b_0,0(a2)
-	ld	a_1,8(a1)
-	ld	a_2,16(a1)
-	ld	a_3,24(a1)
-	ld	b_1,8(a2)
-	ld	b_2,16(a2)
-	ld	b_3,24(a2)
-	dmultu	a_0,b_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
-	sd	s0,0(sp)
-	sd	s1,8(sp)
-	sd	s2,16(sp)
-	sd	s3,24(sp)
-	sd	s4,32(sp)
-	sd	s5,40(sp)
-	mflo	c_1
-	mfhi	c_2
-
-	dmultu	a_0,b_1		/* mul_add_c(a[0],b[1],c2,c3,c1); */
-	ld	a_4,32(a1)
-	ld	a_5,40(a1)
-	ld	a_6,48(a1)
-	ld	a_7,56(a1)
-	ld	b_4,32(a2)
-	ld	b_5,40(a2)
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	c_3,t_2,AT
-	dmultu	a_1,b_0		/* mul_add_c(a[1],b[0],c2,c3,c1); */
-	ld	b_6,48(a2)
-	ld	b_7,56(a2)
-	sd	c_1,0(a0)	/* r[0]=c1; */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	sd	c_2,8(a0)	/* r[1]=c2; */
-
-	dmultu	a_2,b_0		/* mul_add_c(a[2],b[0],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	dmultu	a_1,b_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_0,b_2		/* mul_add_c(a[0],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,16(a0)	/* r[2]=c3; */
-
-	dmultu	a_0,b_3		/* mul_add_c(a[0],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
-	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_3,b_0		/* mul_add_c(a[3],b[0],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,24(a0)	/* r[3]=c1; */
-
-	dmultu	a_4,b_0		/* mul_add_c(a[4],b[0],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	dmultu	a_3,b_1		/* mul_add_c(a[3],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_1,b_3		/* mul_add_c(a[1],b[3],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_0,b_4		/* mul_add_c(a[0],b[4],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,32(a0)	/* r[4]=c2; */
-
-	dmultu	a_0,b_5		/* mul_add_c(a[0],b[5],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_1,b_4		/* mul_add_c(a[1],b[4],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_2,b_3		/* mul_add_c(a[2],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_3,b_2		/* mul_add_c(a[3],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_4,b_1		/* mul_add_c(a[4],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_5,b_0		/* mul_add_c(a[5],b[0],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,40(a0)	/* r[5]=c3; */
-
-	dmultu	a_6,b_0		/* mul_add_c(a[6],b[0],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
-	dmultu	a_5,b_1		/* mul_add_c(a[5],b[1],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_4,b_2		/* mul_add_c(a[4],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_3,b_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_2,b_4		/* mul_add_c(a[2],b[4],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_1,b_5		/* mul_add_c(a[1],b[5],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_0,b_6		/* mul_add_c(a[0],b[6],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,48(a0)	/* r[6]=c1; */
-
-	dmultu	a_0,b_7		/* mul_add_c(a[0],b[7],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	dmultu	a_1,b_6		/* mul_add_c(a[1],b[6],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_2,b_5		/* mul_add_c(a[2],b[5],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_3,b_4		/* mul_add_c(a[3],b[4],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_4,b_3		/* mul_add_c(a[4],b[3],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_5,b_2		/* mul_add_c(a[5],b[2],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_6,b_1		/* mul_add_c(a[6],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_7,b_0		/* mul_add_c(a[7],b[0],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,56(a0)	/* r[7]=c2; */
-
-	dmultu	a_7,b_1		/* mul_add_c(a[7],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_6,b_2		/* mul_add_c(a[6],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_5,b_3		/* mul_add_c(a[5],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_4,b_4		/* mul_add_c(a[4],b[4],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_3,b_5		/* mul_add_c(a[3],b[5],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_2,b_6		/* mul_add_c(a[2],b[6],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_1,b_7		/* mul_add_c(a[1],b[7],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,64(a0)	/* r[8]=c3; */
-
-	dmultu	a_2,b_7		/* mul_add_c(a[2],b[7],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
-	dmultu	a_3,b_6		/* mul_add_c(a[3],b[6],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_4,b_5		/* mul_add_c(a[4],b[5],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_5,b_4		/* mul_add_c(a[5],b[4],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_6,b_3		/* mul_add_c(a[6],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_7,b_2		/* mul_add_c(a[7],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,72(a0)	/* r[9]=c1; */
-
-	dmultu	a_7,b_3		/* mul_add_c(a[7],b[3],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	dmultu	a_6,b_4		/* mul_add_c(a[6],b[4],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_5,b_5		/* mul_add_c(a[5],b[5],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_4,b_6		/* mul_add_c(a[4],b[6],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_3,b_7		/* mul_add_c(a[3],b[7],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,80(a0)	/* r[10]=c2; */
-
-	dmultu	a_4,b_7		/* mul_add_c(a[4],b[7],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_5,b_6		/* mul_add_c(a[5],b[6],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_6,b_5		/* mul_add_c(a[6],b[5],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_7,b_4		/* mul_add_c(a[7],b[4],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,88(a0)	/* r[11]=c3; */
-
-	dmultu	a_7,b_5		/* mul_add_c(a[7],b[5],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
-	dmultu	a_6,b_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_5,b_7		/* mul_add_c(a[5],b[7],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,96(a0)	/* r[12]=c1; */
-
-	dmultu	a_6,b_7		/* mul_add_c(a[6],b[7],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	dmultu	a_7,b_6		/* mul_add_c(a[7],b[6],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,104(a0)	/* r[13]=c2; */
-
-	dmultu	a_7,b_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
-	ld	s0,0(sp)
-	ld	s1,8(sp)
-	ld	s2,16(sp)
-	ld	s3,24(sp)
-	ld	s4,32(sp)
-	ld	s5,40(sp)
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sd	c_3,112(a0)	/* r[14]=c3; */
-	sd	c_1,120(a0)	/* r[15]=c1; */
-
-	PTR_ADD	sp,FRAME_SIZE
-
-	jr	ra
-END(bn_mul_comba8)
-
-.align	5
-LEAF(bn_mul_comba4)
-	.set	reorder
-	ld	a_0,0(a1)
-	ld	b_0,0(a2)
-	ld	a_1,8(a1)
-	ld	a_2,16(a1)
-	dmultu	a_0,b_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
-	ld	a_3,24(a1)
-	ld	b_1,8(a2)
-	ld	b_2,16(a2)
-	ld	b_3,24(a2)
-	mflo	c_1
-	mfhi	c_2
-	sd	c_1,0(a0)
-
-	dmultu	a_0,b_1		/* mul_add_c(a[0],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	c_3,t_2,AT
-	dmultu	a_1,b_0		/* mul_add_c(a[1],b[0],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	sd	c_2,8(a0)
-
-	dmultu	a_2,b_0		/* mul_add_c(a[2],b[0],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	dmultu	a_1,b_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_0,b_2		/* mul_add_c(a[0],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,16(a0)
-
-	dmultu	a_0,b_3		/* mul_add_c(a[0],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
-	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_3,b_0		/* mul_add_c(a[3],b[0],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,24(a0)
-
-	dmultu	a_3,b_1		/* mul_add_c(a[3],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
-	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_1,b_3		/* mul_add_c(a[1],b[3],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,32(a0)
-
-	dmultu	a_2,b_3		/* mul_add_c(a[2],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
-	dmultu	a_3,b_2		/* mul_add_c(a[3],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,40(a0)
-
-	dmultu	a_3,b_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sd	c_1,48(a0)
-	sd	c_2,56(a0)
-
-	jr	ra
-END(bn_mul_comba4)
-
-#undef	a_4
-#undef	a_5
-#undef	a_6
-#undef	a_7
-#define	a_4	b_0
-#define	a_5	b_1
-#define	a_6	b_2
-#define	a_7	b_3
-
-.align	5
-LEAF(bn_sqr_comba8)
-	.set	reorder
-	ld	a_0,0(a1)
-	ld	a_1,8(a1)
-	ld	a_2,16(a1)
-	ld	a_3,24(a1)
-
-	dmultu	a_0,a_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
-	ld	a_4,32(a1)
-	ld	a_5,40(a1)
-	ld	a_6,48(a1)
-	ld	a_7,56(a1)
-	mflo	c_1
-	mfhi	c_2
-	sd	c_1,0(a0)
-
-	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	c_3,t_2,AT
-	sd	c_2,8(a0)
-
-	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,16(a0)
-
-	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_3,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_1,a_2		/* mul_add_c2(a[1],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,24(a0)
-
-	dmultu	a_4,a_0		/* mul_add_c2(a[4],b[0],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_1,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_2,a_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,32(a0)
-
-	dmultu	a_0,a_5		/* mul_add_c2(a[0],b[5],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_1,a_4		/* mul_add_c2(a[1],b[4],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_2,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_2,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,40(a0)
-
-	dmultu	a_6,a_0		/* mul_add_c2(a[6],b[0],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_3,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_5,a_1		/* mul_add_c2(a[5],b[1],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_4,a_2		/* mul_add_c2(a[4],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_3,a_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,48(a0)
-
-	dmultu	a_0,a_7		/* mul_add_c2(a[0],b[7],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_1,a_6		/* mul_add_c2(a[1],b[6],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_1,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_2,a_5		/* mul_add_c2(a[2],b[5],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_1,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_3,a_4		/* mul_add_c2(a[3],b[4],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_1,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,56(a0)
-
-	dmultu	a_7,a_1		/* mul_add_c2(a[7],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_6,a_2		/* mul_add_c2(a[6],b[2],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_2,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_5,a_3		/* mul_add_c2(a[5],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_2,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_4,a_4		/* mul_add_c(a[4],b[4],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,64(a0)
-
-	dmultu	a_2,a_7		/* mul_add_c2(a[2],b[7],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_3,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_3,a_6		/* mul_add_c2(a[3],b[6],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_4,a_5		/* mul_add_c2(a[4],b[5],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,72(a0)
-
-	dmultu	a_7,a_3		/* mul_add_c2(a[7],b[3],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_6,a_4		/* mul_add_c2(a[6],b[4],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_1,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_5,a_5		/* mul_add_c(a[5],b[5],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,80(a0)
-
-	dmultu	a_4,a_7		/* mul_add_c2(a[4],b[7],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_5,a_6		/* mul_add_c2(a[5],b[6],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_2,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,88(a0)
-
-	dmultu	a_7,a_5		/* mul_add_c2(a[7],b[5],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_3,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_6,a_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,96(a0)
-
-	dmultu	a_6,a_7		/* mul_add_c2(a[6],b[7],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,104(a0)
-
-	dmultu	a_7,a_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sd	c_3,112(a0)
-	sd	c_1,120(a0)
-
-	jr	ra
-END(bn_sqr_comba8)
-
-.align	5
-LEAF(bn_sqr_comba4)
-	.set	reorder
-	ld	a_0,0(a1)
-	ld	a_1,8(a1)
-	ld	a_2,16(a1)
-	ld	a_3,24(a1)
-	dmultu	a_0,a_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
-	mflo	c_1
-	mfhi	c_2
-	sd	c_1,0(a0)
-
-	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	c_3,t_2,AT
-	sd	c_2,8(a0)
-
-	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,16(a0)
-
-	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_3,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	dmultu	a_1,a_2		/* mul_add_c(a2[1],b[2],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	slt	AT,t_2,zero
-	daddu	c_3,AT
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sltu	AT,c_2,t_2
-	daddu	c_3,AT
-	sd	c_1,24(a0)
-
-	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_1,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	dmultu	a_2,a_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	AT,c_3,t_2
-	daddu	c_1,AT
-	sd	c_2,32(a0)
-
-	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
-	mflo	t_1
-	mfhi	t_2
-	slt	c_2,t_2,zero
-	dsll	t_2,1
-	slt	a2,t_1,zero
-	daddu	t_2,a2
-	dsll	t_1,1
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	t_2,AT
-	daddu	c_1,t_2
-	sltu	AT,c_1,t_2
-	daddu	c_2,AT
-	sd	c_3,40(a0)
-
-	dmultu	a_3,a_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
-	mflo	t_1
-	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	t_2,AT
-	daddu	c_2,t_2
-	sd	c_1,48(a0)
-	sd	c_2,56(a0)
-
-	jr	ra
-END(bn_sqr_comba4)
diff --git a/crypto/openssl/crypto/bn/asm/pa-risc.s b/crypto/openssl/crypto/bn/asm/pa-risc.s
deleted file mode 100644
index 775130a1912e..000000000000
--- a/crypto/openssl/crypto/bn/asm/pa-risc.s
+++ /dev/null
@@ -1,710 +0,0 @@
-	.SPACE $PRIVATE$
-	.SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
-	.SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
-	.SPACE $TEXT$
-	.SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
-	.SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
-	.IMPORT $global$,DATA
-	.IMPORT $$dyncall,MILLICODE
-; gcc_compiled.:
-	.SPACE $TEXT$
-	.SUBSPA $CODE$
-
-	.align 4
-	.EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_add_words
-	.PROC
-	.CALLINFO FRAME=0,CALLS,SAVE_RP
-	.ENTRY
-	stw %r2,-20(0,%r30)
-	ldi 0,%r28
-	extru %r23,31,16,%r2
-	stw %r2,-16(0,%r30)
-	extru %r23,15,16,%r23
-	ldil L'65536,%r31
-	fldws -16(0,%r30),%fr11R
-	stw %r23,-16(0,%r30)
-	ldo 12(%r25),%r29
-	ldo 12(%r26),%r23
-	fldws -16(0,%r30),%fr11L
-L$0002
-	ldw 0(0,%r25),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0005
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi 1,%r19,%r19
-	ldw 0(0,%r26),%r28
-	addl %r20,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0003
-	stw %r20,0(0,%r26)
-	ldw -8(0,%r29),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0010
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi 1,%r19,%r19
-	ldw -8(0,%r23),%r28
-	addl %r20,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0003
-	stw %r20,-8(0,%r23)
-	ldw -4(0,%r29),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0015
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi 1,%r19,%r19
-	ldw -4(0,%r23),%r28
-	addl %r20,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0003
-	stw %r20,-4(0,%r23)
-	ldw 0(0,%r29),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0020
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi 1,%r19,%r19
-	ldw 0(0,%r23),%r28
-	addl %r20,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0003
-	stw %r20,0(0,%r23)
-	ldo 16(%r29),%r29
-	ldo 16(%r25),%r25
-	ldo 16(%r23),%r23
-	bl L$0002,0
-	ldo 16(%r26),%r26
-L$0003
-	ldw -20(0,%r30),%r2
-	bv,n 0(%r2)
-	.EXIT
-	.PROCEND
-	.align 4
-	.EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_words
-	.PROC
-	.CALLINFO FRAME=0,CALLS,SAVE_RP
-	.ENTRY
-	stw %r2,-20(0,%r30)
-	ldi 0,%r28
-	extru %r23,31,16,%r2
-	stw %r2,-16(0,%r30)
-	extru %r23,15,16,%r23
-	ldil L'65536,%r31
-	fldws -16(0,%r30),%fr11R
-	stw %r23,-16(0,%r30)
-	ldo 12(%r26),%r29
-	ldo 12(%r25),%r23
-	fldws -16(0,%r30),%fr11L
-L$0026
-	ldw 0(0,%r25),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0029
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0027
-	stw %r20,0(0,%r26)
-	ldw -8(0,%r23),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0033
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0027
-	stw %r20,-8(0,%r29)
-	ldw -4(0,%r23),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0037
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0027
-	stw %r20,-4(0,%r29)
-	ldw 0(0,%r23),%r19
-	extru %r19,31,16,%r20
-	stw %r20,-16(0,%r30)
-	extru %r19,15,16,%r19
-	fldws -16(0,%r30),%fr22L
-	stw %r19,-16(0,%r30)
-	xmpyu %fr22L,%fr11R,%fr8
-	fldws -16(0,%r30),%fr22L
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr11R,%fr22L,%fr10
-	ldw -16(0,%r30),%r2
-	stw %r20,-16(0,%r30)
-	xmpyu %fr22L,%fr11L,%fr9
-	fldws -16(0,%r30),%fr22L
-	fstws %fr10R,-16(0,%r30)
-	copy %r2,%r22
-	ldw -16(0,%r30),%r2
-	fstws %fr9R,-16(0,%r30)
-	xmpyu %fr11L,%fr22L,%fr8
-	copy %r2,%r19
-	ldw -16(0,%r30),%r2
-	fstws %fr8R,-16(0,%r30)
-	copy %r2,%r20
-	ldw -16(0,%r30),%r2
-	addl %r2,%r19,%r21
-	comclr,<<= %r19,%r21,0
-	addl %r20,%r31,%r20
-L$0041
-	extru %r21,15,16,%r19
-	addl %r20,%r19,%r20
-	zdep %r21,15,16,%r19
-	addl %r22,%r19,%r22
-	comclr,<<= %r19,%r22,0
-	addi,tr 1,%r20,%r19
-	copy %r20,%r19
-	addl %r22,%r28,%r20
-	comclr,<<= %r28,%r20,0
-	addi,tr 1,%r19,%r28
-	copy %r19,%r28
-	addib,= -1,%r24,L$0027
-	stw %r20,0(0,%r29)
-	ldo 16(%r23),%r23
-	ldo 16(%r25),%r25
-	ldo 16(%r29),%r29
-	bl L$0026,0
-	ldo 16(%r26),%r26
-L$0027
-	ldw -20(0,%r30),%r2
-	bv,n 0(%r2)
-	.EXIT
-	.PROCEND
-	.align 4
-	.EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
-bn_sqr_words
-	.PROC
-	.CALLINFO FRAME=0,NO_CALLS
-	.ENTRY
-	ldo 28(%r26),%r23
-	ldo 12(%r25),%r28
-L$0046
-	ldw 0(0,%r25),%r21
-	extru %r21,31,16,%r22
-	stw %r22,-16(0,%r30)
-	extru %r21,15,16,%r21
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	stw %r22,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	stw %r21,-16(0,%r30)
-	copy %r29,%r19
-	xmpyu %fr10L,%fr10R,%fr8
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	fstws %fr8R,-16(0,%r30)
-	extru %r19,16,17,%r20
-	zdep %r19,14,15,%r19
-	ldw -16(0,%r30),%r29
-	xmpyu %fr10L,%fr10R,%fr9
-	addl %r29,%r19,%r22
-	stw %r22,0(0,%r26)
-	fstws %fr9R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	addl %r29,%r20,%r21
-	comclr,<<= %r19,%r22,0
-	addi 1,%r21,%r21
-	addib,= -1,%r24,L$0057
-	stw %r21,-24(0,%r23)
-	ldw -8(0,%r28),%r21
-	extru %r21,31,16,%r22
-	stw %r22,-16(0,%r30)
-	extru %r21,15,16,%r21
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	stw %r22,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	stw %r21,-16(0,%r30)
-	copy %r29,%r19
-	xmpyu %fr10L,%fr10R,%fr8
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	fstws %fr8R,-16(0,%r30)
-	extru %r19,16,17,%r20
-	zdep %r19,14,15,%r19
-	ldw -16(0,%r30),%r29
-	xmpyu %fr10L,%fr10R,%fr9
-	addl %r29,%r19,%r22
-	stw %r22,-20(0,%r23)
-	fstws %fr9R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	addl %r29,%r20,%r21
-	comclr,<<= %r19,%r22,0
-	addi 1,%r21,%r21
-	addib,= -1,%r24,L$0057
-	stw %r21,-16(0,%r23)
-	ldw -4(0,%r28),%r21
-	extru %r21,31,16,%r22
-	stw %r22,-16(0,%r30)
-	extru %r21,15,16,%r21
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	stw %r22,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	stw %r21,-16(0,%r30)
-	copy %r29,%r19
-	xmpyu %fr10L,%fr10R,%fr8
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	fstws %fr8R,-16(0,%r30)
-	extru %r19,16,17,%r20
-	zdep %r19,14,15,%r19
-	ldw -16(0,%r30),%r29
-	xmpyu %fr10L,%fr10R,%fr9
-	addl %r29,%r19,%r22
-	stw %r22,-12(0,%r23)
-	fstws %fr9R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	addl %r29,%r20,%r21
-	comclr,<<= %r19,%r22,0
-	addi 1,%r21,%r21
-	addib,= -1,%r24,L$0057
-	stw %r21,-8(0,%r23)
-	ldw 0(0,%r28),%r21
-	extru %r21,31,16,%r22
-	stw %r22,-16(0,%r30)
-	extru %r21,15,16,%r21
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	stw %r22,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	stw %r21,-16(0,%r30)
-	copy %r29,%r19
-	xmpyu %fr10L,%fr10R,%fr8
-	fldws -16(0,%r30),%fr10L
-	stw %r21,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	fstws %fr8R,-16(0,%r30)
-	extru %r19,16,17,%r20
-	zdep %r19,14,15,%r19
-	ldw -16(0,%r30),%r29
-	xmpyu %fr10L,%fr10R,%fr9
-	addl %r29,%r19,%r22
-	stw %r22,-4(0,%r23)
-	fstws %fr9R,-16(0,%r30)
-	ldw -16(0,%r30),%r29
-	addl %r29,%r20,%r21
-	comclr,<<= %r19,%r22,0
-	addi 1,%r21,%r21
-	addib,= -1,%r24,L$0057
-	stw %r21,0(0,%r23)
-	ldo 16(%r28),%r28
-	ldo 16(%r25),%r25
-	ldo 32(%r23),%r23
-	bl L$0046,0
-	ldo 32(%r26),%r26
-L$0057
-	bv,n 0(%r2)
-	.EXIT
-	.PROCEND
-	.IMPORT BN_num_bits_word,CODE
-	.IMPORT fprintf,CODE
-	.IMPORT __iob,DATA
-	.SPACE $TEXT$
-	.SUBSPA $LIT$
-
-	.align 4
-L$C0000
-	.STRING "Division would overflow\x0a\x00"
-	.IMPORT abort,CODE
-	.SPACE $TEXT$
-	.SUBSPA $CODE$
-
-	.align 4
-	.EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
-bn_div64
-	.PROC
-	.CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
-	.ENTRY
-	stw %r2,-20(0,%r30)
-	stwm %r8,128(0,%r30)
-	stw %r7,-124(0,%r30)
-	stw %r4,-112(0,%r30)
-	stw %r3,-108(0,%r30)
-	copy %r26,%r3
-	copy %r25,%r4
-	stw %r6,-120(0,%r30)
-	ldi 0,%r7
-	stw %r5,-116(0,%r30)
-	movb,<> %r24,%r5,L$0059
-	ldi 2,%r6
-	bl L$0076,0
-	ldi -1,%r28
-L$0059
-	.CALL ARGW0=GR
-	bl BN_num_bits_word,%r2
-	copy %r5,%r26
-	ldi 32,%r19
-	comb,= %r19,%r28,L$0060
-	subi 31,%r28,%r19
-	mtsar %r19
-	zvdepi 1,32,%r19
-	comb,>>= %r19,%r3,L$0060
-	addil LR'__iob-$global$+32,%r27
-	ldo RR'__iob-$global$+32(%r1),%r26
-	ldil LR'L$C0000,%r25
-	.CALL ARGW0=GR,ARGW1=GR
-	bl fprintf,%r2
-	ldo RR'L$C0000(%r25),%r25
-	.CALL 
-	bl abort,%r2
-	nop
-L$0060
-	comb,>> %r5,%r3,L$0061
-	subi 32,%r28,%r28
-	sub %r3,%r5,%r3
-L$0061
-	comib,= 0,%r28,L$0062
-	subi 31,%r28,%r19
-	mtsar %r19
-	zvdep %r5,32,%r5
-	zvdep %r3,32,%r21
-	subi 32,%r28,%r20
-	mtsar %r20
-	vshd 0,%r4,%r20
-	or %r21,%r20,%r3
-	mtsar %r19
-	zvdep %r4,32,%r4
-L$0062
-	extru %r5,15,16,%r23
-	extru %r5,31,16,%r28
-L$0063
-	extru %r3,15,16,%r19
-	comb,<> %r23,%r19,L$0066
-	copy %r3,%r26
-	bl L$0067,0
-	zdepi -1,31,16,%r29
-L$0066
-	.IMPORT $$divU,MILLICODE
-	bl $$divU,%r31
-	copy %r23,%r25
-L$0067
-	stw %r29,-16(0,%r30)
-	fldws -16(0,%r30),%fr10L
-	stw %r28,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	stw %r23,-16(0,%r30)
-	xmpyu %fr10L,%fr10R,%fr8
-	fldws -16(0,%r30),%fr10R
-	fstws %fr8R,-16(0,%r30)
-	xmpyu %fr10L,%fr10R,%fr9
-	ldw -16(0,%r30),%r8
-	fstws %fr9R,-16(0,%r30)
-	copy %r8,%r22
-	ldw -16(0,%r30),%r8
-	extru %r4,15,16,%r24
-	copy %r8,%r21
-L$0068
-	sub %r3,%r21,%r20
-	copy %r20,%r19
-	depi 0,31,16,%r19
-	comib,<> 0,%r19,L$0069
-	zdep %r20,15,16,%r19
-	addl %r19,%r24,%r19
-	comb,>>= %r19,%r22,L$0069
-	sub %r22,%r28,%r22
-	sub %r21,%r23,%r21
-	bl L$0068,0
-	ldo -1(%r29),%r29
-L$0069
-	stw %r29,-16(0,%r30)
-	fldws -16(0,%r30),%fr10L
-	stw %r28,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	ldw -16(0,%r30),%r8
-	stw %r23,-16(0,%r30)
-	fldws -16(0,%r30),%fr10R
-	copy %r8,%r19
-	xmpyu %fr10L,%fr10R,%fr8
-	fstws %fr8R,-16(0,%r30)
-	extru %r19,15,16,%r20
-	ldw -16(0,%r30),%r8
-	zdep %r19,15,16,%r19
-	addl %r8,%r20,%r20
-	comclr,<<= %r19,%r4,0
-	addi 1,%r20,%r20
-	comb,<<= %r20,%r3,L$0074
-	sub %r4,%r19,%r4
-	addl %r3,%r5,%r3
-	ldo -1(%r29),%r29
-L$0074
-	addib,= -1,%r6,L$0064
-	sub %r3,%r20,%r3
-	zdep %r29,15,16,%r7
-	shd %r3,%r4,16,%r3
-	bl L$0063,0
-	zdep %r4,15,16,%r4
-L$0064
-	or %r7,%r29,%r28
-L$0076
-	ldw -148(0,%r30),%r2
-	ldw -124(0,%r30),%r7
-	ldw -120(0,%r30),%r6
-	ldw -116(0,%r30),%r5
-	ldw -112(0,%r30),%r4
-	ldw -108(0,%r30),%r3
-	bv 0(%r2)
-	ldwm -128(0,%r30),%r8
-	.EXIT
-	.PROCEND
diff --git a/crypto/openssl/crypto/bn/asm/pa-risc2.s b/crypto/openssl/crypto/bn/asm/pa-risc2.s
deleted file mode 100644
index f3b16290eb04..000000000000
--- a/crypto/openssl/crypto/bn/asm/pa-risc2.s
+++ /dev/null
@@ -1,1618 +0,0 @@
-;
-; PA-RISC 2.0 implementation of bn_asm code, based on the
-; 64-bit version of the code.  This code is effectively the
-; same as the 64-bit version except the register model is
-; slightly different given all values must be 32-bit between
-; function calls.  Thus the 64-bit return values are returned
-; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit
-;
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/  for more details on the PA-RISC
-; architecture.  Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
-	.level	2.0N
-	.space	$TEXT$
-	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 32-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers 
-;
-;    "caller save" registers: fr4-fr11, fr22-fr31
-;    "callee save" registers: fr12-fr21
-;    "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-;     value zero             :  r0
-;     "caller save" registers: r1,r19-r26
-;     "callee save" registers: r3-r18
-;     return register        :  r2  (rp)
-;     return values          ; r28,r29  (ret0,ret1)
-;     Stack pointer          ; r30  (sp) 
-;     millicode return ptr   ; r31  (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr       .reg %r26
-a_ptr       .reg %r25
-b_ptr       .reg %r24
-num         .reg %r24
-n           .reg %r23
-
-;
-; Note that the "w" argument for bn_mul_add_words and bn_mul_words
-; is passed on the stack at a delta of -56 from the top of stack
-; as the routine is entered.
-;
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r23
-high_mask    .reg %r22    ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
-;								int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg3 = num
-; -56(sp) =  w
-;
-; Local register definitions
-;
-
-fm1          .reg %fr22
-fm           .reg %fr23
-ht_temp      .reg %fr24
-ht_temp_1    .reg %fr25
-lt_temp      .reg %fr26
-lt_temp_1    .reg %fr27
-fm1_1        .reg %fr28
-fm_1         .reg %fr29
-
-fw_h         .reg %fr7L
-fw_l         .reg %fr7R
-fw           .reg %fr7
-
-fht_0        .reg %fr8L
-flt_0        .reg %fr8R
-t_float_0    .reg %fr8
-
-fht_1        .reg %fr9L
-flt_1        .reg %fr9R
-t_float_1    .reg %fr9
-
-tmp_0        .reg %r31
-tmp_1        .reg %r21
-m_0          .reg %r20 
-m_1          .reg %r19 
-ht_0         .reg %r1  
-ht_1         .reg %r3
-lt_0         .reg %r4
-lt_1         .reg %r5
-m1_0         .reg %r6 
-m1_1         .reg %r7 
-rp_val       .reg %r8
-rp_val_1     .reg %r9
-
-bn_mul_add_words
-	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
-	.proc
-	.callinfo frame=128
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP                         ; Needed to make the loop 16-byte aligned
-	NOP                         ; needed to make the loop 16-byte aligned
-
-    STD     %r5,16(%sp)         ; save r5  
-	NOP
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-
-    STD     %r8,40(%sp)         ; save r8  
-    STD     %r9,48(%sp)         ; save r9  
-    COPY    %r0,%ret1           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-
-    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
-	LDO     128(%sp),%sp        ; bump stack
-
-	;
-	; The loop is unrolled twice, so if there is only 1 number
-    ; then go straight to the cleanup code.
-	;
-	CMPIB,= 1,num,bn_mul_add_words_single_top
-	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_add_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val          ; rp[0]
-    LDD     8(r_ptr),rp_val_1        ; rp[1]
-
-    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
-    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
-    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
-
-    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
-    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
-    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
-    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
-
-    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
-    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
-    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
-
-    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
-    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
-
-    LDD     -8(%sp),m_0              ; m[0] 
-    LDD     -40(%sp),m_1             ; m[1]
-    LDD     -16(%sp),m1_0            ; m1[0]
-    LDD     -48(%sp),m1_1            ; m1[1]
-
-    LDD     -24(%sp),ht_0            ; ht[0]
-    LDD     -56(%sp),ht_1            ; ht[1]
-    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
-    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
-
-    LDD     -32(%sp),lt_0            
-    LDD     -64(%sp),lt_1            
-    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
-    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
-
-    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
-    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
-    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
-    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
-
-    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
-    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
-    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
-    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
-
-    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-
-    ADD    %ret1,lt_0,lt_0           ; lt[0] = lt[0] + c;
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
-    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-
-	LDO    -2(num),num               ; num = num - 2;
-    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
-
-    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
-    ADD,DC  ht_1,%r0,%ret1           ; ht[1]++
-    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
-
-    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
-	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
-    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
-
-    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_add_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val           ; rp[0]
-    LDO     8(a_ptr),a_ptr            ; a_ptr++
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              ; m1 = temp1 
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     %ret1,tmp_0,lt_0          ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
-    ADD,DC  ht_0,%r0,%ret1            ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_add_words_exit
-    .EXIT
-	
-    EXTRD,U %ret1,31,32,%ret0         ; for 32-bit, return in ret0/ret1
-    LDD     -80(%sp),%r9              ; restore r9  
-    LDD     -88(%sp),%r8              ; restore r8  
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg3 = num
-; w on stack at -56(sp)
-
-bn_mul_words
-	.proc
-	.callinfo frame=128
-    .entry
-	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-    COPY    %r0,%ret1           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-
-    CMPIB,>= 0,num,bn_mul_words_exit
-	LDO     128(%sp),%sp    ; bump stack
-
-	;
-	; See if only 1 word to do, thus just do cleanup
-	;
-	CMPIB,= 1,num,bn_mul_words_single_top
-	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
-
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
-
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
-
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
-
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
-    LDD     -8(%sp),m_0               
-    LDD     -40(%sp),m_1              
-
-    LDD    -16(%sp),m1_0              
-    LDD    -48(%sp),m1_1              
-    LDD     -24(%sp),ht_0             
-    LDD     -56(%sp),ht_1             
-
-    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
-    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
-    LDD     -32(%sp),lt_0             
-    LDD     -64(%sp),lt_1             
-
-    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
-    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
-    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    ADD    %ret1,lt_0,lt_0            ; lt = lt + c (ret1);
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     lt_1,8(r_ptr)             ; rp[1] = lt
-
-	COPY    ht_1,%ret1                ; carry = ht
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_mul_words_unroll2
-    LDO     16(r_ptr),r_ptr           ; rp++
-
-    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     %ret1,lt_0,lt_0           ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    COPY    ht_0,%ret1                ; copy carry
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_words_exit
-    .EXIT
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    CMPIB,>= 0,num,bn_sqr_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; If only 1, the goto straight to cleanup
-	;
-	CMPIB,= 1,num,bn_sqr_words_single_top
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-
-bn_sqr_words_unroll2
-    FLDD    0(a_ptr),t_float_0        ; a[0]
-    FLDD    8(a_ptr),t_float_1        ; a[1]
-    XMPYU   fht_0,flt_0,fm            ; m[0]
-    XMPYU   fht_1,flt_1,fm_1          ; m[1]
-
-    FSTD    fm,-24(%sp)               ; store m[0]
-    FSTD    fm_1,-56(%sp)             ; store m[1]
-    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
-    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
-
-    FSTD    lt_temp,-16(%sp)          ; store lt[0]
-    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
-    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
-    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
-
-    FSTD    ht_temp,-8(%sp)           ; store ht[0]
-    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
-    LDD     -24(%sp),m_0             
-    LDD     -56(%sp),m_1              
-
-    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
-    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
-    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
-
-    LDD     -16(%sp),lt_0        
-    LDD     -48(%sp),lt_1        
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
-    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
-
-    LDD     -8(%sp),ht_0            
-    LDD     -40(%sp),ht_1           
-    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
-    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
-
-    ADD     lt_0,m_0,lt_0             ; lt = lt+m
-    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
-
-    ADD     lt_1,m_1,lt_1             ; lt = lt+m
-    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
-    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
-    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
-
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_sqr_words_unroll2
-    LDO     32(r_ptr),r_ptr           ; rp += 4
-
-    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_sqr_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,flt_0,fm            ; m
-    FSTD    fm,-24(%sp)               ; store m
-
-    XMPYU   flt_0,flt_0,lt_temp       ; lt
-    FSTD    lt_temp,-16(%sp)          ; store lt
-
-    XMPYU   fht_0,fht_0,ht_temp       ; ht
-    FSTD    ht_temp,-8(%sp)           ; store ht
-
-    LDD     -24(%sp),m_0              ; load m
-    AND     m_0,high_mask,tmp_0       ; m & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
-    LDD     -16(%sp),lt_0             ; lt
-
-    LDD     -8(%sp),ht_0              ; ht
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
-    ADD     m_0,lt_0,lt_0             ; lt = lt+m
-    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht
-
-bn_sqr_words_exit
-    .EXIT
-    LDD     -112(%sp),%r5       ; restore r5  
-    LDD     -120(%sp),%r4       ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3 
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t  .reg %r22
-b  .reg %r21
-l  .reg %r20
-
-bn_add_words
-	.proc
-    .entry
-	.callinfo
-	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    CMPIB,>= 0,n,bn_add_words_exit
-    COPY    %r0,%ret1           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_add_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_add_words_unroll2
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-	ADD     t,%ret1,t                    ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1                ; set c to carry
-	ADD     t,b,l                        ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1              ; c+= carry
-	STD     l,0(r_ptr)
-
-	LDD     8(a_ptr),t
-	LDD     8(b_ptr),b
-	ADD     t,%ret1,t                     ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1                 ; set c to carry
-	ADD     t,b,l                         ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1               ; c+= carry
-	STD     l,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_add_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-
-	ADD     t,%ret1,t                 ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1             ; set c to carry (could use CMPCLR??)
-	ADD     t,b,l                     ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1           ; c+= carry
-	STD     l,0(r_ptr)
-
-bn_add_words_exit
-    .EXIT
-    BVE     (%rp)
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t1       .reg %r22
-t2       .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
-	.proc
-	.callinfo 
-	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    CMPIB,>=  0,n,bn_sub_words_exit
-    COPY    %r0,%ret1           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_sub_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_sub_words_unroll2
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1  ; t3 = t3- c; 
-
-	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-	STD     sub_tmp1,0(r_ptr)
-
-	LDD     8(a_ptr),t1
-	LDD     8(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-	STD     sub_tmp1,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_sub_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-
-	STD     sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
-    .EXIT
-    BVE     (%rp)
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just output from the HP C compiler.  
-;
-;------------------------------------------------------------------------------
-bn_div_words
-	.PROC
-	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
-	.IMPORT	BN_num_bits_word,CODE
-	;--- not PIC	.IMPORT	__iob,DATA
-	;--- not PIC	.IMPORT	fprintf,CODE
-	.IMPORT	abort,CODE
-	.IMPORT	$$div2U,MILLICODE
-	.CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
-        .ENTRY
-        STW     %r2,-20(%r30)   ;offset 0x8ec
-        STW,MA  %r3,192(%r30)   ;offset 0x8f0
-        STW     %r4,-188(%r30)  ;offset 0x8f4
-        DEPD    %r5,31,32,%r6   ;offset 0x8f8
-        STD     %r6,-184(%r30)  ;offset 0x8fc
-        DEPD    %r7,31,32,%r8   ;offset 0x900
-        STD     %r8,-176(%r30)  ;offset 0x904
-        STW     %r9,-168(%r30)  ;offset 0x908
-        LDD     -248(%r30),%r3  ;offset 0x90c
-        COPY    %r26,%r4        ;offset 0x910
-        COPY    %r24,%r5        ;offset 0x914
-        DEPD    %r25,31,32,%r4  ;offset 0x918
-        CMPB,*<>        %r3,%r0,$0006000C       ;offset 0x91c
-        DEPD    %r23,31,32,%r5  ;offset 0x920
-        MOVIB,TR        -1,%r29,$00060002       ;offset 0x924
-        EXTRD,U %r29,31,32,%r28 ;offset 0x928
-$0006002A
-        LDO     -1(%r29),%r29   ;offset 0x92c
-        SUB     %r23,%r7,%r23   ;offset 0x930
-$00060024
-        SUB     %r4,%r31,%r25   ;offset 0x934
-        AND     %r25,%r19,%r26  ;offset 0x938
-        CMPB,*<>,N      %r0,%r26,$00060046      ;offset 0x93c
-        DEPD,Z  %r25,31,32,%r20 ;offset 0x940
-        OR      %r20,%r24,%r21  ;offset 0x944
-        CMPB,*<<,N      %r21,%r23,$0006002A     ;offset 0x948
-        SUB     %r31,%r2,%r31   ;offset 0x94c
-$00060046
-$0006002E
-        DEPD,Z  %r23,31,32,%r25 ;offset 0x950
-        EXTRD,U %r23,31,32,%r26 ;offset 0x954
-        AND     %r25,%r19,%r24  ;offset 0x958
-        ADD,L   %r31,%r26,%r31  ;offset 0x95c
-        CMPCLR,*>>=     %r5,%r24,%r0    ;offset 0x960
-        LDO     1(%r31),%r31    ;offset 0x964
-$00060032
-        CMPB,*<<=,N     %r31,%r4,$00060036      ;offset 0x968
-        LDO     -1(%r29),%r29   ;offset 0x96c
-        ADD,L   %r4,%r3,%r4     ;offset 0x970
-$00060036
-        ADDIB,=,N       -1,%r8,$D0      ;offset 0x974
-        SUB     %r5,%r24,%r28   ;offset 0x978
-$0006003A
-        SUB     %r4,%r31,%r24   ;offset 0x97c
-        SHRPD   %r24,%r28,32,%r4        ;offset 0x980
-        DEPD,Z  %r29,31,32,%r9  ;offset 0x984
-        DEPD,Z  %r28,31,32,%r5  ;offset 0x988
-$0006001C
-        EXTRD,U %r4,31,32,%r31  ;offset 0x98c
-        CMPB,*<>,N      %r31,%r2,$00060020      ;offset 0x990
-        MOVB,TR %r6,%r29,$D1    ;offset 0x994
-        STD     %r29,-152(%r30) ;offset 0x998
-$0006000C
-        EXTRD,U %r3,31,32,%r25  ;offset 0x99c
-        COPY    %r3,%r26        ;offset 0x9a0
-        EXTRD,U %r3,31,32,%r9   ;offset 0x9a4
-        EXTRD,U %r4,31,32,%r8   ;offset 0x9a8
-        .CALL   ARGW0=GR,ARGW1=GR,RTNVAL=GR     ;in=25,26;out=28;
-        B,L     BN_num_bits_word,%r2    ;offset 0x9ac
-        EXTRD,U %r5,31,32,%r7   ;offset 0x9b0
-        LDI     64,%r20 ;offset 0x9b4
-        DEPD    %r7,31,32,%r5   ;offset 0x9b8
-        DEPD    %r8,31,32,%r4   ;offset 0x9bc
-        DEPD    %r9,31,32,%r3   ;offset 0x9c0
-        CMPB,=  %r28,%r20,$00060012     ;offset 0x9c4
-        COPY    %r28,%r24       ;offset 0x9c8
-        MTSARCM %r24    ;offset 0x9cc
-        DEPDI,Z -1,%sar,1,%r19  ;offset 0x9d0
-        CMPB,*>>,N      %r4,%r19,$D2    ;offset 0x9d4
-$00060012
-        SUBI    64,%r24,%r31    ;offset 0x9d8
-        CMPCLR,*<<      %r4,%r3,%r0     ;offset 0x9dc
-        SUB     %r4,%r3,%r4     ;offset 0x9e0
-$00060016
-        CMPB,=  %r31,%r0,$0006001A      ;offset 0x9e4
-        COPY    %r0,%r9 ;offset 0x9e8
-        MTSARCM %r31    ;offset 0x9ec
-        DEPD,Z  %r3,%sar,64,%r3 ;offset 0x9f0
-        SUBI    64,%r31,%r26    ;offset 0x9f4
-        MTSAR   %r26    ;offset 0x9f8
-        SHRPD   %r4,%r5,%sar,%r4        ;offset 0x9fc
-        MTSARCM %r31    ;offset 0xa00
-        DEPD,Z  %r5,%sar,64,%r5 ;offset 0xa04
-$0006001A
-        DEPDI,Z -1,31,32,%r19   ;offset 0xa08
-        AND     %r3,%r19,%r29   ;offset 0xa0c
-        EXTRD,U %r29,31,32,%r2  ;offset 0xa10
-        DEPDI,Z -1,63,32,%r6    ;offset 0xa14
-        MOVIB,TR        2,%r8,$0006001C ;offset 0xa18
-        EXTRD,U %r3,63,32,%r7   ;offset 0xa1c
-$D2
-        ;--- not PIC	ADDIL   LR'__iob-$global$,%r27,%r1      ;offset 0xa20
-        ;--- not PIC	LDIL    LR'C$7,%r21     ;offset 0xa24
-        ;--- not PIC	LDO     RR'__iob-$global$+32(%r1),%r26  ;offset 0xa28
-        ;--- not PIC	.CALL   ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR    ;in=24,25,26;out=28;
-        ;--- not PIC	B,L     fprintf,%r2     ;offset 0xa2c
-        ;--- not PIC	LDO     RR'C$7(%r21),%r25       ;offset 0xa30
-        .CALL           ;
-        B,L     abort,%r2       ;offset 0xa34
-        NOP             ;offset 0xa38
-        B       $D3     ;offset 0xa3c
-        LDW     -212(%r30),%r2  ;offset 0xa40
-$00060020
-        COPY    %r4,%r26        ;offset 0xa44
-        EXTRD,U %r4,31,32,%r25  ;offset 0xa48
-        COPY    %r2,%r24        ;offset 0xa4c
-        .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
-        B,L     $$div2U,%r31    ;offset 0xa50
-        EXTRD,U %r2,31,32,%r23  ;offset 0xa54
-        DEPD    %r28,31,32,%r29 ;offset 0xa58
-$00060022
-        STD     %r29,-152(%r30) ;offset 0xa5c
-$D1
-        AND     %r5,%r19,%r24   ;offset 0xa60
-        EXTRD,U %r24,31,32,%r24 ;offset 0xa64
-        STW     %r2,-160(%r30)  ;offset 0xa68
-        STW     %r7,-128(%r30)  ;offset 0xa6c
-        FLDD    -152(%r30),%fr4 ;offset 0xa70
-        FLDD    -152(%r30),%fr7 ;offset 0xa74
-        FLDW    -160(%r30),%fr8L        ;offset 0xa78
-        FLDW    -128(%r30),%fr5L        ;offset 0xa7c
-        XMPYU   %fr8L,%fr7L,%fr10       ;offset 0xa80
-        FSTD    %fr10,-136(%r30)        ;offset 0xa84
-        XMPYU   %fr8L,%fr7R,%fr22       ;offset 0xa88
-        FSTD    %fr22,-144(%r30)        ;offset 0xa8c
-        XMPYU   %fr5L,%fr4L,%fr11       ;offset 0xa90
-        XMPYU   %fr5L,%fr4R,%fr23       ;offset 0xa94
-        FSTD    %fr11,-112(%r30)        ;offset 0xa98
-        FSTD    %fr23,-120(%r30)        ;offset 0xa9c
-        LDD     -136(%r30),%r28 ;offset 0xaa0
-        DEPD,Z  %r28,31,32,%r31 ;offset 0xaa4
-        LDD     -144(%r30),%r20 ;offset 0xaa8
-        ADD,L   %r20,%r31,%r31  ;offset 0xaac
-        LDD     -112(%r30),%r22 ;offset 0xab0
-        DEPD,Z  %r22,31,32,%r22 ;offset 0xab4
-        LDD     -120(%r30),%r21 ;offset 0xab8
-        B       $00060024       ;offset 0xabc
-        ADD,L   %r21,%r22,%r23  ;offset 0xac0
-$D0
-        OR      %r9,%r29,%r29   ;offset 0xac4
-$00060040
-        EXTRD,U %r29,31,32,%r28 ;offset 0xac8
-$00060002
-$L2
-        LDW     -212(%r30),%r2  ;offset 0xacc
-$D3
-        LDW     -168(%r30),%r9  ;offset 0xad0
-        LDD     -176(%r30),%r8  ;offset 0xad4
-        EXTRD,U %r8,31,32,%r7   ;offset 0xad8
-        LDD     -184(%r30),%r6  ;offset 0xadc
-        EXTRD,U %r6,31,32,%r5   ;offset 0xae0
-        LDW     -188(%r30),%r4  ;offset 0xae4
-        BVE     (%r2)   ;offset 0xae8
-        .EXIT
-        LDW,MB  -192(%r30),%r3  ;offset 0xaec
-	.PROCEND	;in=23,25;out=28,29;fpin=105,107;
-
-
-
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate.  The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-; 
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers 
-; 
-;
-; Floating point registers to use to save values that
-; are manipulated.  These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0        .reg %fr22
-a0L       .reg %fr22L
-a0R       .reg %fr22R
-
-a1        .reg %fr23
-a1L       .reg %fr23L
-a1R       .reg %fr23R
-
-a2        .reg %fr24
-a2L       .reg %fr24L
-a2R       .reg %fr24R
-
-a3        .reg %fr25
-a3L       .reg %fr25L
-a3R       .reg %fr25R
-
-a4        .reg %fr26
-a4L       .reg %fr26L
-a4R       .reg %fr26R
-
-a5        .reg %fr27
-a5L       .reg %fr27L
-a5R       .reg %fr27R
-
-a6        .reg %fr28
-a6L       .reg %fr28L
-a6R       .reg %fr28R
-
-a7        .reg %fr29
-a7L       .reg %fr29L
-a7R       .reg %fr29R
-
-b0        .reg %fr30
-b0L       .reg %fr30L
-b0R       .reg %fr30R
-
-b1        .reg %fr31
-b1L       .reg %fr31L
-b1R       .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1    .reg %fr4
-ftemp2    .reg %fr5
-ftemp3    .reg %fr6
-ftemp4    .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2        .reg %fr8
-b2L       .reg %fr8L
-b2R       .reg %fr8R
-
-b3        .reg %fr9
-b3L       .reg %fr9L
-b3R       .reg %fr9R
-
-b4        .reg %fr10
-b4L       .reg %fr10L
-b4R       .reg %fr10R
-
-b5        .reg %fr11
-b5L       .reg %fr11L
-b5R       .reg %fr11R
-
-b6        .reg %fr12
-b6L       .reg %fr12L
-b6R       .reg %fr12R
-
-b7        .reg %fr13
-b7L       .reg %fr13L
-b7R       .reg %fr13R
-
-c1           .reg %r21   ; only reg
-temp1        .reg %r20   ; only reg
-temp2        .reg %r19   ; only reg
-temp3        .reg %r31   ; only reg
-
-m1           .reg %r28   
-c2           .reg %r23   
-high_one     .reg %r1
-ht           .reg %r6
-lt           .reg %r5
-m            .reg %r4
-c3           .reg %r3
-
-SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
-    XMPYU   A0L,A0R,ftemp1       ; m
-    FSTD    ftemp1,-24(%sp)      ; store m
-
-    XMPYU   A0R,A0R,ftemp2       ; lt
-    FSTD    ftemp2,-16(%sp)      ; store lt
-
-    XMPYU   A0L,A0L,ftemp3       ; ht
-    FSTD    ftemp3,-8(%sp)       ; store ht
-
-    LDD     -24(%sp),m           ; load m
-    AND     m,high_mask,temp2    ; m & Mask
-    DEPD,Z  m,30,31,temp3        ; m << 32+1
-    LDD     -16(%sp),lt          ; lt
-
-    LDD     -8(%sp),ht           ; ht
-    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
-    ADD     temp3,lt,lt          ; lt = lt+m
-    ADD,L   ht,temp1,ht          ; ht += temp1
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C1,lt,C1             ; c1=c1+lt
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C2,ht,C2             ; c2=c2+ht
-    ADD,DC  C3,%r0,C3            ; c3++
-.endm
-
-SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
-    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)         ;
-    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)          ;
-    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)         ;
-
-    LDD     -8(%sp),m               ; r21 = m
-    LDD     -16(%sp),m1             ; r19 = m1
-    ADD,L   m,m1,m                  ; m+m1
-
-    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
-    LDD     -24(%sp),ht             ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
-    ADD,L   ht,high_one,ht          ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1           ; m >> 32
-    LDD     -32(%sp),lt             ; lt
-    ADD,L   ht,temp1,ht             ; ht+= m>>32
-    ADD     lt,temp3,lt             ; lt = lt+m1
-    ADD,DC  ht,%r0,ht               ; ht++
-
-    ADD     ht,ht,ht                ; ht=ht+ht;
-    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
-
-    ADD     lt,lt,lt                ; lt=lt+lt;
-    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
-
-    ADD     C1,lt,C1                ; c1=c1+lt
-    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
-    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2                ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
-	.PROC
-	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .ENTRY
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
-	STD     c2,32(r_ptr)          ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
-	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)          ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
-	STD     c1,48(r_ptr)          ; r[6] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
-	STD     c2,56(r_ptr)          ; r[7] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
-	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
-	STD     c3,64(r_ptr)          ; r[8] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
-	STD     c1,72(r_ptr)          ; r[9] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a5L,a5R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
-	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
-	STD     c2,80(r_ptr)          ; r[10] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
-	STD     c3,88(r_ptr)          ; r[11] = c3;
-	COPY    %r0,c3
-	
-	SQR_ADD_C a6L,a6R,c1,c2,c3
-	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
-	STD     c1,96(r_ptr)          ; r[12] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
-	STD     c2,104(r_ptr)         ; r[13] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a7L,a7R,c3,c1,c2
-	STD     c3, 112(r_ptr)       ; r[14] = c3
-	STD     c1, 120(r_ptr)       ; r[15] = c1
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
-	STD     c2,32(r_ptr)           ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)           ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	STD     c1,48(r_ptr)           ; r[6] = c1;
-	STD     c2,56(r_ptr)           ; r[7] = c2;
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
-    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)       ;
-    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)        ;
-    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)       ;
-
-    LDD     -8(%sp),m             ; r21 = m
-    LDD     -16(%sp),m1           ; r19 = m1
-    ADD,L   m,m1,m                ; m+m1
-
-    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
-    LDD     -24(%sp),ht           ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
-    ADD,L   ht,high_one,ht        ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1         ; m >> 32
-    LDD     -32(%sp),lt           ; lt
-    ADD,L   ht,temp1,ht           ; ht+= m>>32
-    ADD     lt,temp3,lt           ; lt = lt+m1
-    ADD,DC  ht,%r0,ht             ; ht++
-
-    ADD     C1,lt,C1              ; c1=c1+lt
-    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2              ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-    FLDD     32(a_ptr),a4       
-    FLDD     40(a_ptr),a5       
-    FLDD     48(a_ptr),a6       
-    FLDD     56(a_ptr),a7       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-    FLDD     32(b_ptr),b4       
-    FLDD     40(b_ptr),b5       
-    FLDD     48(b_ptr),b6       
-    FLDD     56(b_ptr),b7       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	COPY      %r0,c1
-	
-	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
-	STD       c2,56(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
-	STD       c3,64(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
-	STD       c1,72(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
-	STD       c2,80(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
-	STD       c3,88(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
-	STD       c1,96(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
-	STD       c2,104(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
-	STD       c3,112(r_ptr)
-	STD       c1,120(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	STD       c2,56(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;--- not PIC	.SPACE	$TEXT$
-;--- not PIC	.SUBSPA	$CODE$
-;--- not PIC	.SPACE	$PRIVATE$,SORT=16
-;--- not PIC	.IMPORT	$global$,DATA
-;--- not PIC	.SPACE	$TEXT$
-;--- not PIC	.SUBSPA	$CODE$
-;--- not PIC	.SUBSPA	$LIT$,ACCESS=0x2c
-;--- not PIC	C$7
-;--- not PIC	.ALIGN	8
-;--- not PIC	.STRINGZ	"Division would overflow (%d)\n"
-	.END
diff --git a/crypto/openssl/crypto/bn/asm/pa-risc2W.s b/crypto/openssl/crypto/bn/asm/pa-risc2W.s
deleted file mode 100644
index a99545754d18..000000000000
--- a/crypto/openssl/crypto/bn/asm/pa-risc2W.s
+++ /dev/null
@@ -1,1605 +0,0 @@
-;
-; PA-RISC 64-bit implementation of bn_asm code
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/  for more details on the PA-RISC
-; architecture.  Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
-	.level	2.0W
-	.space	$TEXT$
-	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 64-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers 
-;
-;    "caller save" registers: fr4-fr11, fr22-fr31
-;    "callee save" registers: fr12-fr21
-;    "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-;     value zero             :  r0
-;     "caller save" registers: r1,r19-r26
-;     "callee save" registers: r3-r18
-;     return register        :  r2  (rp)
-;     return values          ; r28  (ret0,ret1)
-;     Stack pointer          ; r30  (sp) 
-;     global data pointer    ; r27  (dp)
-;     argument pointer       ; r29  (ap)
-;     millicode return ptr   ; r31  (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr       .reg %r26
-a_ptr       .reg %r25
-b_ptr       .reg %r24
-num         .reg %r24
-w           .reg %r23
-n           .reg %r23
-
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r29
-high_mask    .reg %r22    ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
-;								int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = num
-; arg3 = w
-;
-; Local register definitions
-;
-
-fm1          .reg %fr22
-fm           .reg %fr23
-ht_temp      .reg %fr24
-ht_temp_1    .reg %fr25
-lt_temp      .reg %fr26
-lt_temp_1    .reg %fr27
-fm1_1        .reg %fr28
-fm_1         .reg %fr29
-
-fw_h         .reg %fr7L
-fw_l         .reg %fr7R
-fw           .reg %fr7
-
-fht_0        .reg %fr8L
-flt_0        .reg %fr8R
-t_float_0    .reg %fr8
-
-fht_1        .reg %fr9L
-flt_1        .reg %fr9R
-t_float_1    .reg %fr9
-
-tmp_0        .reg %r31
-tmp_1        .reg %r21
-m_0          .reg %r20 
-m_1          .reg %r19 
-ht_0         .reg %r1  
-ht_1         .reg %r3
-lt_0         .reg %r4
-lt_1         .reg %r5
-m1_0         .reg %r6 
-m1_1         .reg %r7 
-rp_val       .reg %r8
-rp_val_1     .reg %r9
-
-bn_mul_add_words
-	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
-	.proc
-	.callinfo frame=128
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP                         ; Needed to make the loop 16-byte aligned
-	NOP                         ; Needed to make the loop 16-byte aligned
-
-    STD     %r5,16(%sp)         ; save r5  
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-    STD     %r8,40(%sp)         ; save r8  
-
-    STD     %r9,48(%sp)         ; save r9  
-    COPY    %r0,%ret0           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-	STD     w,56(%sp)           ; store w on stack
-
-    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; The loop is unrolled twice, so if there is only 1 number
-    ; then go straight to the cleanup code.
-	;
-	CMPIB,= 1,num,bn_mul_add_words_single_top
-	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_add_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val          ; rp[0]
-    LDD     8(r_ptr),rp_val_1        ; rp[1]
-
-    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
-    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
-    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
-
-    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
-    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
-    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
-    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
-
-    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
-    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
-    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
-
-    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
-    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
-
-    LDD     -8(%sp),m_0              ; m[0] 
-    LDD     -40(%sp),m_1             ; m[1]
-    LDD     -16(%sp),m1_0            ; m1[0]
-    LDD     -48(%sp),m1_1            ; m1[1]
-
-    LDD     -24(%sp),ht_0            ; ht[0]
-    LDD     -56(%sp),ht_1            ; ht[1]
-    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
-    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
-
-    LDD     -32(%sp),lt_0            
-    LDD     -64(%sp),lt_1            
-    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
-    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
-
-    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
-    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
-    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
-    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
-
-    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
-    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
-    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
-    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
-
-    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-
-    ADD    %ret0,lt_0,lt_0           ; lt[0] = lt[0] + c;
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
-    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-
-	LDO    -2(num),num               ; num = num - 2;
-    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
-
-    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
-    ADD,DC  ht_1,%r0,%ret0           ; ht[1]++
-    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
-
-    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
-	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
-    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
-
-    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_add_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val           ; rp[0]
-    LDO     8(a_ptr),a_ptr            ; a_ptr++
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              ; m1 = temp1 
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     %ret0,tmp_0,lt_0          ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
-    ADD,DC  ht_0,%r0,%ret0            ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_add_words_exit
-    .EXIT
-    LDD     -80(%sp),%r9              ; restore r9  
-    LDD     -88(%sp),%r8              ; restore r8  
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-; arg3 = w
-
-bn_mul_words
-	.proc
-	.callinfo frame=128
-    .entry
-	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-    STD     %r5,16(%sp)         ; save r5  
-    STD     %r6,24(%sp)         ; save r6  
-
-    STD     %r7,32(%sp)         ; save r7  
-    COPY    %r0,%ret0           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-	STD     w,56(%sp)           ; w on stack
-
-    CMPIB,>= 0,num,bn_mul_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; See if only 1 word to do, thus just do cleanup
-	;
-	CMPIB,= 1,num,bn_mul_words_single_top
-	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
-
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
-
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
-
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
-
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
-    LDD     -8(%sp),m_0               
-    LDD     -40(%sp),m_1              
-
-    LDD    -16(%sp),m1_0              
-    LDD    -48(%sp),m1_1              
-    LDD     -24(%sp),ht_0             
-    LDD     -56(%sp),ht_1             
-
-    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
-    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
-    LDD     -32(%sp),lt_0             
-    LDD     -64(%sp),lt_1             
-
-    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
-    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
-    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    ADD    %ret0,lt_0,lt_0            ; lt = lt + c (ret0);
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     lt_1,8(r_ptr)             ; rp[1] = lt
-
-	COPY    ht_1,%ret0                ; carry = ht
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_mul_words_unroll2
-    LDO     16(r_ptr),r_ptr           ; rp++
-
-    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     %ret0,lt_0,lt_0           ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    COPY    ht_0,%ret0                ; copy carry
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_words_exit
-    .EXIT
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    CMPIB,>= 0,num,bn_sqr_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; If only 1, the goto straight to cleanup
-	;
-	CMPIB,= 1,num,bn_sqr_words_single_top
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-
-bn_sqr_words_unroll2
-    FLDD    0(a_ptr),t_float_0        ; a[0]
-    FLDD    8(a_ptr),t_float_1        ; a[1]
-    XMPYU   fht_0,flt_0,fm            ; m[0]
-    XMPYU   fht_1,flt_1,fm_1          ; m[1]
-
-    FSTD    fm,-24(%sp)               ; store m[0]
-    FSTD    fm_1,-56(%sp)             ; store m[1]
-    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
-    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
-
-    FSTD    lt_temp,-16(%sp)          ; store lt[0]
-    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
-    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
-    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
-
-    FSTD    ht_temp,-8(%sp)           ; store ht[0]
-    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
-    LDD     -24(%sp),m_0             
-    LDD     -56(%sp),m_1              
-
-    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
-    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
-    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
-
-    LDD     -16(%sp),lt_0        
-    LDD     -48(%sp),lt_1        
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
-    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
-
-    LDD     -8(%sp),ht_0            
-    LDD     -40(%sp),ht_1           
-    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
-    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
-
-    ADD     lt_0,m_0,lt_0             ; lt = lt+m
-    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
-
-    ADD     lt_1,m_1,lt_1             ; lt = lt+m
-    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
-    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
-    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
-
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_sqr_words_unroll2
-    LDO     32(r_ptr),r_ptr           ; rp += 4
-
-    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_sqr_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,flt_0,fm            ; m
-    FSTD    fm,-24(%sp)               ; store m
-
-    XMPYU   flt_0,flt_0,lt_temp       ; lt
-    FSTD    lt_temp,-16(%sp)          ; store lt
-
-    XMPYU   fht_0,fht_0,ht_temp       ; ht
-    FSTD    ht_temp,-8(%sp)           ; store ht
-
-    LDD     -24(%sp),m_0              ; load m
-    AND     m_0,high_mask,tmp_0       ; m & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
-    LDD     -16(%sp),lt_0             ; lt
-
-    LDD     -8(%sp),ht_0              ; ht
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
-    ADD     m_0,lt_0,lt_0             ; lt = lt+m
-    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht
-
-bn_sqr_words_exit
-    .EXIT
-    LDD     -112(%sp),%r5       ; restore r5  
-    LDD     -120(%sp),%r4       ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3 
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t  .reg %r22
-b  .reg %r21
-l  .reg %r20
-
-bn_add_words
-	.proc
-    .entry
-	.callinfo
-	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    CMPIB,>= 0,n,bn_add_words_exit
-    COPY    %r0,%ret0           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_add_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_add_words_unroll2
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-	ADD     t,%ret0,t                    ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0                ; set c to carry
-	ADD     t,b,l                        ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0              ; c+= carry
-	STD     l,0(r_ptr)
-
-	LDD     8(a_ptr),t
-	LDD     8(b_ptr),b
-	ADD     t,%ret0,t                     ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0                 ; set c to carry
-	ADD     t,b,l                         ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0               ; c+= carry
-	STD     l,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_add_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-
-	ADD     t,%ret0,t                 ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0             ; set c to carry (could use CMPCLR??)
-	ADD     t,b,l                     ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0           ; c+= carry
-	STD     l,0(r_ptr)
-
-bn_add_words_exit
-    .EXIT
-    BVE     (%rp)
-	NOP
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t1       .reg %r22
-t2       .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
-	.proc
-	.callinfo 
-	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    CMPIB,>=  0,n,bn_sub_words_exit
-    COPY    %r0,%ret0           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_sub_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_sub_words_unroll2
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1  ; t3 = t3- c; 
-
-	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-	STD     sub_tmp1,0(r_ptr)
-
-	LDD     8(a_ptr),t1
-	LDD     8(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-	STD     sub_tmp1,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_sub_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-
-	STD     sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
-    .EXIT
-    BVE     (%rp)
-	NOP
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just modified assembly from the compiler, thus the
-; lack of variable names.
-;
-;------------------------------------------------------------------------------
-bn_div_words
-	.proc
-	.callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.IMPORT	BN_num_bits_word,CODE,NO_RELOCATION
-	.IMPORT	__iob,DATA
-	.IMPORT	fprintf,CODE,NO_RELOCATION
-	.IMPORT	abort,CODE,NO_RELOCATION
-	.IMPORT	$$div2U,MILLICODE
-    .entry
-    STD     %r2,-16(%r30)   
-    STD,MA  %r3,352(%r30)   
-    STD     %r4,-344(%r30)  
-    STD     %r5,-336(%r30)  
-    STD     %r6,-328(%r30)  
-    STD     %r7,-320(%r30)  
-    STD     %r8,-312(%r30)  
-    STD     %r9,-304(%r30)  
-    STD     %r10,-296(%r30)
-
-    STD     %r27,-288(%r30)             ; save gp
-
-    COPY    %r24,%r3           ; save d 
-    COPY    %r26,%r4           ; save h (high 64-bits)
-    LDO      -1(%r0),%ret0     ; return -1 by default	
-
-    CMPB,*=  %r0,%arg2,$D3     ; if (d == 0)
-    COPY    %r25,%r5           ; save l (low 64-bits)
-
-    LDO     -48(%r30),%r29     ; create ap 
-    .CALL   ;in=26,29;out=28;
-    B,L     BN_num_bits_word,%r2 
-    COPY    %r3,%r26        
-    LDD     -288(%r30),%r27    ; restore gp 
-    LDI     64,%r21 
-
-    CMPB,=  %r21,%ret0,$00000012   ;if (i == 64) (forward) 
-    COPY    %ret0,%r24             ; i   
-    MTSARCM %r24    
-    DEPDI,Z -1,%sar,1,%r29  
-    CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<<i) (forward) 
-
-$00000012
-    SUBI    64,%r24,%r31                       ; i = 64 - i;
-    CMPCLR,*<< %r4,%r3,%r0                     ; if (h >= d)
-    SUB     %r4,%r3,%r4                        ; h -= d
-    CMPB,=  %r31,%r0,$0000001A                 ; if (i)
-    COPY    %r0,%r10                           ; ret = 0
-    MTSARCM %r31                               ; i to shift
-    DEPD,Z  %r3,%sar,64,%r3                    ; d <<= i;
-    SUBI    64,%r31,%r19                       ; 64 - i; redundent
-    MTSAR   %r19                               ; (64 -i) to shift
-    SHRPD   %r4,%r5,%sar,%r4                   ; l>> (64-i)
-    MTSARCM %r31                               ; i to shift
-    DEPD,Z  %r5,%sar,64,%r5                    ; l <<= i;
-
-$0000001A
-    DEPDI,Z -1,31,32,%r19                      
-    EXTRD,U %r3,31,32,%r6                      ; dh=(d&0xfff)>>32
-    EXTRD,U %r3,63,32,%r8                      ; dl = d&0xffffff
-    LDO     2(%r0),%r9
-    STD    %r3,-280(%r30)                      ; "d" to stack
-
-$0000001C
-    DEPDI,Z -1,63,32,%r29                      ; 
-    EXTRD,U %r4,31,32,%r31                     ; h >> 32
-    CMPB,*=,N  %r31,%r6,$D2     	       ; if ((h>>32) != dh)(forward) div
-    COPY    %r4,%r26       
-    EXTRD,U %r4,31,32,%r25 
-    COPY    %r6,%r24      
-    .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
-    B,L     $$div2U,%r2     
-    EXTRD,U %r6,31,32,%r23  
-    DEPD    %r28,31,32,%r29 
-$D2
-    STD     %r29,-272(%r30)                   ; q
-    AND     %r5,%r19,%r24                   ; t & 0xffffffff00000000;
-    EXTRD,U %r24,31,32,%r24                 ; ??? 
-    FLDD    -272(%r30),%fr7                 ; q
-    FLDD    -280(%r30),%fr8                 ; d
-    XMPYU   %fr8L,%fr7L,%fr10  
-    FSTD    %fr10,-256(%r30)   
-    XMPYU   %fr8L,%fr7R,%fr22  
-    FSTD    %fr22,-264(%r30)   
-    XMPYU   %fr8R,%fr7L,%fr11 
-    XMPYU   %fr8R,%fr7R,%fr23
-    FSTD    %fr11,-232(%r30)
-    FSTD    %fr23,-240(%r30)
-    LDD     -256(%r30),%r28
-    DEPD,Z  %r28,31,32,%r2 
-    LDD     -264(%r30),%r20
-    ADD,L   %r20,%r2,%r31   
-    LDD     -232(%r30),%r22 
-    DEPD,Z  %r22,31,32,%r22 
-    LDD     -240(%r30),%r21 
-    B       $00000024       ; enter loop  
-    ADD,L   %r21,%r22,%r23 
-
-$0000002A
-    LDO     -1(%r29),%r29   
-    SUB     %r23,%r8,%r23   
-$00000024
-    SUB     %r4,%r31,%r25   
-    AND     %r25,%r19,%r26  
-    CMPB,*<>,N      %r0,%r26,$00000046  ; (forward)
-    DEPD,Z  %r25,31,32,%r20 
-    OR      %r20,%r24,%r21  
-    CMPB,*<<,N  %r21,%r23,$0000002A ;(backward) 
-    SUB     %r31,%r6,%r31   
-;-------------Break path---------------------
-
-$00000046
-    DEPD,Z  %r23,31,32,%r25              ;tl
-    EXTRD,U %r23,31,32,%r26              ;t
-    AND     %r25,%r19,%r24               ;tl = (tl<<32)&0xfffffff0000000L
-    ADD,L   %r31,%r26,%r31               ;th += t; 
-    CMPCLR,*>>=     %r5,%r24,%r0         ;if (l<tl)
-    LDO     1(%r31),%r31                 ; th++;
-    CMPB,*<<=,N     %r31,%r4,$00000036   ;if (n < th) (forward)
-    LDO     -1(%r29),%r29                ;q--; 
-    ADD,L   %r4,%r3,%r4                  ;h += d;
-$00000036
-    ADDIB,=,N       -1,%r9,$D1 ;if (--count == 0) break (forward) 
-    SUB     %r5,%r24,%r28                ; l -= tl;
-    SUB     %r4,%r31,%r24                ; h -= th;
-    SHRPD   %r24,%r28,32,%r4             ; h = ((h<<32)|(l>>32));
-    DEPD,Z  %r29,31,32,%r10              ; ret = q<<32
-    b      $0000001C
-    DEPD,Z  %r28,31,32,%r5               ; l = l << 32 
-
-$D1
-    OR      %r10,%r29,%r28           ; ret |= q
-$D3
-    LDD     -368(%r30),%r2  
-$D0
-    LDD     -296(%r30),%r10 
-    LDD     -304(%r30),%r9  
-    LDD     -312(%r30),%r8  
-    LDD     -320(%r30),%r7  
-    LDD     -328(%r30),%r6  
-    LDD     -336(%r30),%r5  
-    LDD     -344(%r30),%r4  
-    BVE     (%r2)   
-        .EXIT
-    LDD,MB  -352(%r30),%r3 
-
-bn_div_err_case
-    MFIA    %r6     
-    ADDIL   L'bn_div_words-bn_div_err_case,%r6,%r1 
-    LDO     R'bn_div_words-bn_div_err_case(%r1),%r6  
-    ADDIL   LT'__iob,%r27,%r1       
-    LDD     RT'__iob(%r1),%r26      
-    ADDIL   L'C$4-bn_div_words,%r6,%r1    
-    LDO     R'C$4-bn_div_words(%r1),%r25  
-    LDO     64(%r26),%r26   
-    .CALL           ;in=24,25,26,29;out=28;
-    B,L     fprintf,%r2    
-    LDO     -48(%r30),%r29 
-    LDD     -288(%r30),%r27
-    .CALL           ;in=29;
-    B,L     abort,%r2      
-    LDO     -48(%r30),%r29 
-    LDD     -288(%r30),%r27
-    B       $D0         
-    LDD     -368(%r30),%r2  
-	.PROCEND	;in=24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate.  The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-; 
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers 
-; 
-;
-; Floating point registers to use to save values that
-; are manipulated.  These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0        .reg %fr22
-a0L       .reg %fr22L
-a0R       .reg %fr22R
-
-a1        .reg %fr23
-a1L       .reg %fr23L
-a1R       .reg %fr23R
-
-a2        .reg %fr24
-a2L       .reg %fr24L
-a2R       .reg %fr24R
-
-a3        .reg %fr25
-a3L       .reg %fr25L
-a3R       .reg %fr25R
-
-a4        .reg %fr26
-a4L       .reg %fr26L
-a4R       .reg %fr26R
-
-a5        .reg %fr27
-a5L       .reg %fr27L
-a5R       .reg %fr27R
-
-a6        .reg %fr28
-a6L       .reg %fr28L
-a6R       .reg %fr28R
-
-a7        .reg %fr29
-a7L       .reg %fr29L
-a7R       .reg %fr29R
-
-b0        .reg %fr30
-b0L       .reg %fr30L
-b0R       .reg %fr30R
-
-b1        .reg %fr31
-b1L       .reg %fr31L
-b1R       .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1    .reg %fr4
-ftemp2    .reg %fr5
-ftemp3    .reg %fr6
-ftemp4    .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2        .reg %fr8
-b2L       .reg %fr8L
-b2R       .reg %fr8R
-
-b3        .reg %fr9
-b3L       .reg %fr9L
-b3R       .reg %fr9R
-
-b4        .reg %fr10
-b4L       .reg %fr10L
-b4R       .reg %fr10R
-
-b5        .reg %fr11
-b5L       .reg %fr11L
-b5R       .reg %fr11R
-
-b6        .reg %fr12
-b6L       .reg %fr12L
-b6R       .reg %fr12R
-
-b7        .reg %fr13
-b7L       .reg %fr13L
-b7R       .reg %fr13R
-
-c1           .reg %r21   ; only reg
-temp1        .reg %r20   ; only reg
-temp2        .reg %r19   ; only reg
-temp3        .reg %r31   ; only reg
-
-m1           .reg %r28   
-c2           .reg %r23   
-high_one     .reg %r1
-ht           .reg %r6
-lt           .reg %r5
-m            .reg %r4
-c3           .reg %r3
-
-SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
-    XMPYU   A0L,A0R,ftemp1       ; m
-    FSTD    ftemp1,-24(%sp)      ; store m
-
-    XMPYU   A0R,A0R,ftemp2       ; lt
-    FSTD    ftemp2,-16(%sp)      ; store lt
-
-    XMPYU   A0L,A0L,ftemp3       ; ht
-    FSTD    ftemp3,-8(%sp)       ; store ht
-
-    LDD     -24(%sp),m           ; load m
-    AND     m,high_mask,temp2    ; m & Mask
-    DEPD,Z  m,30,31,temp3        ; m << 32+1
-    LDD     -16(%sp),lt          ; lt
-
-    LDD     -8(%sp),ht           ; ht
-    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
-    ADD     temp3,lt,lt          ; lt = lt+m
-    ADD,L   ht,temp1,ht          ; ht += temp1
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C1,lt,C1             ; c1=c1+lt
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C2,ht,C2             ; c2=c2+ht
-    ADD,DC  C3,%r0,C3            ; c3++
-.endm
-
-SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
-    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)         ;
-    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)          ;
-    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)         ;
-
-    LDD     -8(%sp),m               ; r21 = m
-    LDD     -16(%sp),m1             ; r19 = m1
-    ADD,L   m,m1,m                  ; m+m1
-
-    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
-    LDD     -24(%sp),ht             ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
-    ADD,L   ht,high_one,ht          ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1           ; m >> 32
-    LDD     -32(%sp),lt             ; lt
-    ADD,L   ht,temp1,ht             ; ht+= m>>32
-    ADD     lt,temp3,lt             ; lt = lt+m1
-    ADD,DC  ht,%r0,ht               ; ht++
-
-    ADD     ht,ht,ht                ; ht=ht+ht;
-    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
-
-    ADD     lt,lt,lt                ; lt=lt+lt;
-    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
-
-    ADD     C1,lt,C1                ; c1=c1+lt
-    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
-    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2                ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
-	.PROC
-	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .ENTRY
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
-	STD     c2,32(r_ptr)          ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
-	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)          ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
-	STD     c1,48(r_ptr)          ; r[6] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
-	STD     c2,56(r_ptr)          ; r[7] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
-	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
-	STD     c3,64(r_ptr)          ; r[8] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
-	STD     c1,72(r_ptr)          ; r[9] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a5L,a5R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
-	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
-	STD     c2,80(r_ptr)          ; r[10] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
-	STD     c3,88(r_ptr)          ; r[11] = c3;
-	COPY    %r0,c3
-	
-	SQR_ADD_C a6L,a6R,c1,c2,c3
-	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
-	STD     c1,96(r_ptr)          ; r[12] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
-	STD     c2,104(r_ptr)         ; r[13] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a7L,a7R,c3,c1,c2
-	STD     c3, 112(r_ptr)       ; r[14] = c3
-	STD     c1, 120(r_ptr)       ; r[15] = c1
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
-	STD     c2,32(r_ptr)           ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)           ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	STD     c1,48(r_ptr)           ; r[6] = c1;
-	STD     c2,56(r_ptr)           ; r[7] = c2;
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
-    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)       ;
-    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)        ;
-    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)       ;
-
-    LDD     -8(%sp),m             ; r21 = m
-    LDD     -16(%sp),m1           ; r19 = m1
-    ADD,L   m,m1,m                ; m+m1
-
-    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
-    LDD     -24(%sp),ht           ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
-    ADD,L   ht,high_one,ht        ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1         ; m >> 32
-    LDD     -32(%sp),lt           ; lt
-    ADD,L   ht,temp1,ht           ; ht+= m>>32
-    ADD     lt,temp3,lt           ; lt = lt+m1
-    ADD,DC  ht,%r0,ht             ; ht++
-
-    ADD     C1,lt,C1              ; c1=c1+lt
-    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2              ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-    FLDD     32(a_ptr),a4       
-    FLDD     40(a_ptr),a5       
-    FLDD     48(a_ptr),a6       
-    FLDD     56(a_ptr),a7       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-    FLDD     32(b_ptr),b4       
-    FLDD     40(b_ptr),b5       
-    FLDD     48(b_ptr),b6       
-    FLDD     56(b_ptr),b7       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	COPY      %r0,c1
-	
-	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
-	STD       c2,56(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
-	STD       c3,64(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
-	STD       c1,72(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
-	STD       c2,80(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
-	STD       c3,88(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
-	STD       c1,96(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
-	STD       c2,104(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
-	STD       c3,112(r_ptr)
-	STD       c1,120(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	STD       c2,56(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-	.SPACE	$TEXT$
-	.SUBSPA	$CODE$
-	.SPACE	$PRIVATE$,SORT=16
-	.IMPORT	$global$,DATA
-	.SPACE	$TEXT$
-	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,ACCESS=0x2c
-C$4
-	.ALIGN	8
-	.STRINGZ	"Division would overflow (%d)\n"
-	.END
diff --git a/crypto/openssl/crypto/bn/asm/r3000.s b/crypto/openssl/crypto/bn/asm/r3000.s
deleted file mode 100644
index e95269afa381..000000000000
--- a/crypto/openssl/crypto/bn/asm/r3000.s
+++ /dev/null
@@ -1,646 +0,0 @@
-	.file	1 "../bn_mulw.c"
-	.set	nobopt
-	.option pic2
-
- # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
-
- # Cc1 defaults:
- # -mabicalls
-
- # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
- # -quiet -dumpbase -O2 -o
-
-gcc2_compiled.:
-__gnu_compiled_c:
-	.rdata
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
-	.byte	0x24,0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
-	.byte	0x24,0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
-	.byte	0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
-	.byte	0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
-	.byte	0x24,0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
-	.byte	0x24,0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
-	.byte	0x24,0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
-	.byte	0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
-	.byte	0x0
-
-	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
-	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
-	.byte	0x0
-	.text
-	.align	2
-	.globl	bn_mul_add_words
-	.ent	bn_mul_add_words
-bn_mul_add_words:
-	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	.set	noreorder
-	.cpload	$25
-	.set	reorder
-	move	$12,$4
-	move	$14,$5
-	move	$9,$6
-	move	$13,$7
-	move	$8,$0
-	addu	$10,$12,12
-	addu	$11,$14,12
-$L2:
-	lw	$6,0($14)
-	#nop
-	multu	$13,$6
-	mfhi	$6
-	mflo	$7
-	#nop
-	move	$5,$8
-	move	$4,$0
-	lw	$3,0($12)
-	addu	$9,$9,-1
-	move	$2,$0
-	addu	$7,$7,$3
-	sltu	$8,$7,$3
-	addu	$6,$6,$2
-	addu	$6,$6,$8
-	addu	$7,$7,$5
-	sltu	$2,$7,$5
-	addu	$6,$6,$4
-	addu	$6,$6,$2
-	srl	$3,$6,0
-	move	$2,$0
-	move	$8,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$9,$0,$L3
-	sw	$7,0($12)
-	.set	macro
-	.set	reorder
-
-	lw	$6,-8($11)
-	#nop
-	multu	$13,$6
-	mfhi	$6
-	mflo	$7
-	#nop
-	move	$5,$8
-	move	$4,$0
-	lw	$3,-8($10)
-	addu	$9,$9,-1
-	move	$2,$0
-	addu	$7,$7,$3
-	sltu	$8,$7,$3
-	addu	$6,$6,$2
-	addu	$6,$6,$8
-	addu	$7,$7,$5
-	sltu	$2,$7,$5
-	addu	$6,$6,$4
-	addu	$6,$6,$2
-	srl	$3,$6,0
-	move	$2,$0
-	move	$8,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$9,$0,$L3
-	sw	$7,-8($10)
-	.set	macro
-	.set	reorder
-
-	lw	$6,-4($11)
-	#nop
-	multu	$13,$6
-	mfhi	$6
-	mflo	$7
-	#nop
-	move	$5,$8
-	move	$4,$0
-	lw	$3,-4($10)
-	addu	$9,$9,-1
-	move	$2,$0
-	addu	$7,$7,$3
-	sltu	$8,$7,$3
-	addu	$6,$6,$2
-	addu	$6,$6,$8
-	addu	$7,$7,$5
-	sltu	$2,$7,$5
-	addu	$6,$6,$4
-	addu	$6,$6,$2
-	srl	$3,$6,0
-	move	$2,$0
-	move	$8,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$9,$0,$L3
-	sw	$7,-4($10)
-	.set	macro
-	.set	reorder
-
-	lw	$6,0($11)
-	#nop
-	multu	$13,$6
-	mfhi	$6
-	mflo	$7
-	#nop
-	move	$5,$8
-	move	$4,$0
-	lw	$3,0($10)
-	addu	$9,$9,-1
-	move	$2,$0
-	addu	$7,$7,$3
-	sltu	$8,$7,$3
-	addu	$6,$6,$2
-	addu	$6,$6,$8
-	addu	$7,$7,$5
-	sltu	$2,$7,$5
-	addu	$6,$6,$4
-	addu	$6,$6,$2
-	srl	$3,$6,0
-	move	$2,$0
-	move	$8,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$9,$0,$L3
-	sw	$7,0($10)
-	.set	macro
-	.set	reorder
-
-	addu	$11,$11,16
-	addu	$14,$14,16
-	addu	$10,$10,16
-	.set	noreorder
-	.set	nomacro
-	j	$L2
-	addu	$12,$12,16
-	.set	macro
-	.set	reorder
-
-$L3:
-	.set	noreorder
-	.set	nomacro
-	j	$31
-	move	$2,$8
-	.set	macro
-	.set	reorder
-
-	.end	bn_mul_add_words
-	.align	2
-	.globl	bn_mul_words
-	.ent	bn_mul_words
-bn_mul_words:
-	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	.set	noreorder
-	.cpload	$25
-	.set	reorder
-	move	$11,$4
-	move	$12,$5
-	move	$8,$6
-	move	$6,$0
-	addu	$10,$11,12
-	addu	$9,$12,12
-$L10:
-	lw	$4,0($12)
-	#nop
-	multu	$7,$4
-	mfhi	$4
-	mflo	$5
-	#nop
-	move	$3,$6
-	move	$2,$0
-	addu	$8,$8,-1
-	addu	$5,$5,$3
-	sltu	$6,$5,$3
-	addu	$4,$4,$2
-	addu	$4,$4,$6
-	srl	$3,$4,0
-	move	$2,$0
-	move	$6,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$8,$0,$L11
-	sw	$5,0($11)
-	.set	macro
-	.set	reorder
-
-	lw	$4,-8($9)
-	#nop
-	multu	$7,$4
-	mfhi	$4
-	mflo	$5
-	#nop
-	move	$3,$6
-	move	$2,$0
-	addu	$8,$8,-1
-	addu	$5,$5,$3
-	sltu	$6,$5,$3
-	addu	$4,$4,$2
-	addu	$4,$4,$6
-	srl	$3,$4,0
-	move	$2,$0
-	move	$6,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$8,$0,$L11
-	sw	$5,-8($10)
-	.set	macro
-	.set	reorder
-
-	lw	$4,-4($9)
-	#nop
-	multu	$7,$4
-	mfhi	$4
-	mflo	$5
-	#nop
-	move	$3,$6
-	move	$2,$0
-	addu	$8,$8,-1
-	addu	$5,$5,$3
-	sltu	$6,$5,$3
-	addu	$4,$4,$2
-	addu	$4,$4,$6
-	srl	$3,$4,0
-	move	$2,$0
-	move	$6,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$8,$0,$L11
-	sw	$5,-4($10)
-	.set	macro
-	.set	reorder
-
-	lw	$4,0($9)
-	#nop
-	multu	$7,$4
-	mfhi	$4
-	mflo	$5
-	#nop
-	move	$3,$6
-	move	$2,$0
-	addu	$8,$8,-1
-	addu	$5,$5,$3
-	sltu	$6,$5,$3
-	addu	$4,$4,$2
-	addu	$4,$4,$6
-	srl	$3,$4,0
-	move	$2,$0
-	move	$6,$3
-	.set	noreorder
-	.set	nomacro
-	beq	$8,$0,$L11
-	sw	$5,0($10)
-	.set	macro
-	.set	reorder
-
-	addu	$9,$9,16
-	addu	$12,$12,16
-	addu	$10,$10,16
-	.set	noreorder
-	.set	nomacro
-	j	$L10
-	addu	$11,$11,16
-	.set	macro
-	.set	reorder
-
-$L11:
-	.set	noreorder
-	.set	nomacro
-	j	$31
-	move	$2,$6
-	.set	macro
-	.set	reorder
-
-	.end	bn_mul_words
-	.align	2
-	.globl	bn_sqr_words
-	.ent	bn_sqr_words
-bn_sqr_words:
-	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
-	.mask	0x00000000,0
-	.fmask	0x00000000,0
-	.set	noreorder
-	.cpload	$25
-	.set	reorder
-	move	$9,$4
-	addu	$7,$9,28
-	addu	$8,$5,12
-$L18:
-	lw	$2,0($5)
-	#nop
-	multu	$2,$2
-	mfhi	$2
-	mflo	$3
-	#nop
-	addu	$6,$6,-1
-	sw	$3,0($9)
-	srl	$3,$2,0
-	move	$2,$0
-	.set	noreorder
-	.set	nomacro
-	beq	$6,$0,$L19
-	sw	$3,-24($7)
-	.set	macro
-	.set	reorder
-
-	lw	$2,-8($8)
-	#nop
-	multu	$2,$2
-	mfhi	$2
-	mflo	$3
-	#nop
-	addu	$6,$6,-1
-	sw	$3,-20($7)
-	srl	$3,$2,0
-	move	$2,$0
-	.set	noreorder
-	.set	nomacro
-	beq	$6,$0,$L19
-	sw	$3,-16($7)
-	.set	macro
-	.set	reorder
-
-	lw	$2,-4($8)
-	#nop
-	multu	$2,$2
-	mfhi	$2
-	mflo	$3
-	#nop
-	addu	$6,$6,-1
-	sw	$3,-12($7)
-	srl	$3,$2,0
-	move	$2,$0
-	.set	noreorder
-	.set	nomacro
-	beq	$6,$0,$L19
-	sw	$3,-8($7)
-	.set	macro
-	.set	reorder
-
-	lw	$2,0($8)
-	#nop
-	multu	$2,$2
-	mfhi	$2
-	mflo	$3
-	#nop
-	addu	$6,$6,-1
-	sw	$3,-4($7)
-	srl	$3,$2,0
-	move	$2,$0
-	.set	noreorder
-	.set	nomacro
-	beq	$6,$0,$L19
-	sw	$3,0($7)
-	.set	macro
-	.set	reorder
-
-	addu	$8,$8,16
-	addu	$5,$5,16
-	addu	$7,$7,32
-	.set	noreorder
-	.set	nomacro
-	j	$L18
-	addu	$9,$9,32
-	.set	macro
-	.set	reorder
-
-$L19:
-	j	$31
-	.end	bn_sqr_words
-	.rdata
-	.align	2
-$LC0:
-
-	.byte	0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
-	.byte	0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
-	.byte	0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
-	.byte	0x0
-	.text
-	.align	2
-	.globl	bn_div64
-	.ent	bn_div64
-bn_div64:
-	.frame	$sp,56,$31		# vars= 0, regs= 7/0, args= 16, extra= 8
-	.mask	0x901f0000,-8
-	.fmask	0x00000000,0
-	.set	noreorder
-	.cpload	$25
-	.set	reorder
-	subu	$sp,$sp,56
-	.cprestore 16
-	sw	$16,24($sp)
-	move	$16,$4
-	sw	$17,28($sp)
-	move	$17,$5
-	sw	$18,32($sp)
-	move	$18,$6
-	sw	$20,40($sp)
-	move	$20,$0
-	sw	$19,36($sp)
-	li	$19,0x00000002		# 2
-	sw	$31,48($sp)
-	.set	noreorder
-	.set	nomacro
-	bne	$18,$0,$L26
-	sw	$28,44($sp)
-	.set	macro
-	.set	reorder
-
-	.set	noreorder
-	.set	nomacro
-	j	$L43
-	li	$2,-1			# 0xffffffff
-	.set	macro
-	.set	reorder
-
-$L26:
-	move	$4,$18
-	jal	BN_num_bits_word
-	move	$4,$2
-	li	$2,0x00000020		# 32
-	.set	noreorder
-	.set	nomacro
-	beq	$4,$2,$L27
-	li	$2,0x00000001		# 1
-	.set	macro
-	.set	reorder
-
-	sll	$2,$2,$4
-	sltu	$2,$2,$16
-	.set	noreorder
-	.set	nomacro
-	beq	$2,$0,$L44
-	li	$5,0x00000020		# 32
-	.set	macro
-	.set	reorder
-
-	la	$4,__iob+32
-	la	$5,$LC0
-	jal	fprintf
-	jal	abort
-$L27:
-	li	$5,0x00000020		# 32
-$L44:
-	sltu	$2,$16,$18
-	.set	noreorder
-	.set	nomacro
-	bne	$2,$0,$L28
-	subu	$4,$5,$4
-	.set	macro
-	.set	reorder
-
-	subu	$16,$16,$18
-$L28:
-	.set	noreorder
-	.set	nomacro
-	beq	$4,$0,$L29
-	li	$10,-65536			# 0xffff0000
-	.set	macro
-	.set	reorder
-
-	sll	$18,$18,$4
-	sll	$3,$16,$4
-	subu	$2,$5,$4
-	srl	$2,$17,$2
-	or	$16,$3,$2
-	sll	$17,$17,$4
-$L29:
-	srl	$7,$18,16
-	andi	$9,$18,0xffff
-$L30:
-	srl	$2,$16,16
-	.set	noreorder
-	.set	nomacro
-	beq	$2,$7,$L34
-	li	$6,0x0000ffff		# 65535
-	.set	macro
-	.set	reorder
-
-	divu	$6,$16,$7
-$L34:
-	mult	$6,$9
-	mflo	$5
-	#nop
-	#nop
-	mult	$6,$7
-	and	$2,$17,$10
-	srl	$8,$2,16
-	mflo	$4
-$L35:
-	subu	$3,$16,$4
-	and	$2,$3,$10
-	.set	noreorder
-	.set	nomacro
-	bne	$2,$0,$L36
-	sll	$2,$3,16
-	.set	macro
-	.set	reorder
-
-	addu	$2,$2,$8
-	sltu	$2,$2,$5
-	.set	noreorder
-	.set	nomacro
-	beq	$2,$0,$L36
-	subu	$5,$5,$9
-	.set	macro
-	.set	reorder
-
-	subu	$4,$4,$7
-	.set	noreorder
-	.set	nomacro
-	j	$L35
-	addu	$6,$6,-1
-	.set	macro
-	.set	reorder
-
-$L36:
-	mult	$6,$7
-	mflo	$5
-	#nop
-	#nop
-	mult	$6,$9
-	mflo	$4
-	#nop
-	#nop
-	srl	$3,$4,16
-	sll	$2,$4,16
-	and	$4,$2,$10
-	sltu	$2,$17,$4
-	.set	noreorder
-	.set	nomacro
-	beq	$2,$0,$L40
-	addu	$5,$5,$3
-	.set	macro
-	.set	reorder
-
-	addu	$5,$5,1
-$L40:
-	sltu	$2,$16,$5
-	.set	noreorder
-	.set	nomacro
-	beq	$2,$0,$L41
-	subu	$17,$17,$4
-	.set	macro
-	.set	reorder
-
-	addu	$16,$16,$18
-	addu	$6,$6,-1
-$L41:
-	addu	$19,$19,-1
-	.set	noreorder
-	.set	nomacro
-	beq	$19,$0,$L31
-	subu	$16,$16,$5
-	.set	macro
-	.set	reorder
-
-	sll	$20,$6,16
-	sll	$3,$16,16
-	srl	$2,$17,16
-	or	$16,$3,$2
-	.set	noreorder
-	.set	nomacro
-	j	$L30
-	sll	$17,$17,16
-	.set	macro
-	.set	reorder
-
-$L31:
-	or	$2,$20,$6
-$L43:
-	lw	$31,48($sp)
-	lw	$20,40($sp)
-	lw	$19,36($sp)
-	lw	$18,32($sp)
-	lw	$17,28($sp)
-	lw	$16,24($sp)
-	addu	$sp,$sp,56
-	j	$31
-	.end	bn_div64
-
-	.globl abort .text
-	.globl fprintf .text
-	.globl BN_num_bits_word .text
diff --git a/crypto/openssl/crypto/bn/asm/sparcv8.S b/crypto/openssl/crypto/bn/asm/sparcv8.S
deleted file mode 100644
index 88c5dc480a76..000000000000
--- a/crypto/openssl/crypto/bn/asm/sparcv8.S
+++ /dev/null
@@ -1,1458 +0,0 @@
-.ident	"sparcv8.s, Version 1.4"
-.ident	"SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * See bn_asm.sparc.v8plus.S for more details.
- */
-
-/*
- * Revision history.
- *
- * 1.1	- new loop unrolling model(*);
- * 1.2	- made gas friendly;
- * 1.3	- fixed problem with /usr/ccs/lib/cpp;
- * 1.4	- some retunes;
- *
- * (*)	see bn_asm.sparc.v8plus.S for details
- */
-
-.section	".text",#alloc,#execinstr
-.file		"bn_asm.sparc.v8.S"
-
-.align	32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
-	cmp	%o2,0
-	bg,a	.L_bn_mul_add_words_proceed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_add_words_proceed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_mul_add_words_tail
-	clr	%o5
-
-.L_bn_mul_add_words_loop:
-	ld	[%o0],%o4
-	ld	[%o1+4],%g3
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0]
-	addx	%g1,0,%o5
-
-	ld	[%o0+4],%o4
-	ld	[%o1+8],%g2
-	umul	%o3,%g3,%g3
-	dec	4,%o2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g3,%o4
-	st	%o4,[%o0+4]
-	addx	%g1,0,%o5
-
-	ld	[%o0+8],%o4
-	ld	[%o1+12],%g3
-	umul	%o3,%g2,%g2
-	inc	16,%o1
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0+8]
-	addx	%g1,0,%o5
-
-	ld	[%o0+12],%o4
-	umul	%o3,%g3,%g3
-	inc	16,%o0
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g3,%o4
-	st	%o4,[%o0-4]
-	addx	%g1,0,%o5
-	andcc	%o2,-4,%g0
-	bnz,a	.L_bn_mul_add_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	bnz,a	.L_bn_mul_add_words_tail
-	ld	[%o1],%g2
-.L_bn_mul_add_words_return:
-	retl
-	mov	%o5,%o0
-	nop
-
-.L_bn_mul_add_words_tail:
-	ld	[%o0],%o4
-	umul	%o3,%g2,%g2
-	addcc	%o4,%o5,%o4
-	rd	%y,%g1
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_add_words_return
-	st	%o4,[%o0]
-
-	ld	[%o1+4],%g2
-	ld	[%o0+4],%o4
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_add_words_return
-	st	%o4,[%o0+4]
-
-	ld	[%o1+8],%g2
-	ld	[%o0+8],%o4
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0+8]
-	retl
-	addx	%g1,0,%o0
-
-.type	bn_mul_add_words,#function
-.size	bn_mul_add_words,(.-bn_mul_add_words)
-
-.align	32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
-	cmp	%o2,0
-	bg,a	.L_bn_mul_words_proceeed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_words_proceeed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_mul_words_tail
-	clr	%o5
-
-.L_bn_mul_words_loop:
-	ld	[%o1+4],%g3
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	st	%g2,[%o0]
-
-	ld	[%o1+8],%g2
-	umul	%o3,%g3,%g3
-	addcc	%g3,%o5,%g3
-	rd	%y,%g1
-	dec	4,%o2
-	addx	%g1,0,%o5
-	st	%g3,[%o0+4]
-
-	ld	[%o1+12],%g3
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	inc	16,%o1
-	st	%g2,[%o0+8]
-	addx	%g1,0,%o5
-
-	umul	%o3,%g3,%g3
-	addcc	%g3,%o5,%g3
-	rd	%y,%g1
-	inc	16,%o0
-	addx	%g1,0,%o5
-	st	%g3,[%o0-4]
-	andcc	%o2,-4,%g0
-	nop
-	bnz,a	.L_bn_mul_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	bnz,a	.L_bn_mul_words_tail
-	ld	[%o1],%g2
-.L_bn_mul_words_return:
-	retl
-	mov	%o5,%o0
-	nop
-
-.L_bn_mul_words_tail:
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_words_return
-	st	%g2,[%o0]
-	nop
-
-	ld	[%o1+4],%g2
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_words_return
-	st	%g2,[%o0+4]
-
-	ld	[%o1+8],%g2
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	st	%g2,[%o0+8]
-	retl
-	addx	%g1,0,%o0
-
-.type	bn_mul_words,#function
-.size	bn_mul_words,(.-bn_mul_words)
-
-.align  32
-.global	bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
-	cmp	%o2,0
-	bg,a	.L_bn_sqr_words_proceeed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_proceeed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_sqr_words_tail
-	clr	%o5
-
-.L_bn_sqr_words_loop:
-	ld	[%o1+4],%g3
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0]
-	rd	%y,%o5
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%g2
-	umul	%g3,%g3,%o4
-	dec	4,%o2
-	st	%o4,[%o0+8]
-	rd	%y,%o5
-	st	%o5,[%o0+12]
-	nop
-
-	ld	[%o1+12],%g3
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+16]
-	rd	%y,%o5
-	inc	16,%o1
-	st	%o5,[%o0+20]
-
-	umul	%g3,%g3,%o4
-	inc	32,%o0
-	st	%o4,[%o0-8]
-	rd	%y,%o5
-	st	%o5,[%o0-4]
-	andcc	%o2,-4,%g2
-	bnz,a	.L_bn_sqr_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	nop
-	bnz,a	.L_bn_sqr_words_tail
-	ld	[%o1],%g2
-.L_bn_sqr_words_return:
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_tail:
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0]
-	deccc	%o2
-	rd	%y,%o5
-	bz	.L_bn_sqr_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+4],%g2
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+8]
-	deccc	%o2
-	rd	%y,%o5
-	nop
-	bz	.L_bn_sqr_words_return
-	st	%o5,[%o0+12]
-
-	ld	[%o1+8],%g2
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+16]
-	rd	%y,%o5
-	st	%o5,[%o0+20]
-	retl
-	clr	%o0
-
-.type	bn_sqr_words,#function
-.size	bn_sqr_words,(.-bn_sqr_words)
-
-.align	32
-
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
-	wr	%o0,%y
-	udiv	%o1,%o2,%o0
-	retl
-	nop
-
-.type	bn_div_words,#function
-.size	bn_div_words,(.-bn_div_words)
-
-.align	32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
-	cmp	%o3,0
-	bg,a	.L_bn_add_words_proceed
-	ld	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_add_words_proceed:
-	andcc	%o3,-4,%g0
-	bz	.L_bn_add_words_tail
-	clr	%g1
-	ba	.L_bn_add_words_warn_loop
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_add_words_loop:
-	ld	[%o1],%o4
-.L_bn_add_words_warn_loop:
-	ld	[%o2],%o5
-	ld	[%o1+4],%g3
-	ld	[%o2+4],%g4
-	dec	4,%o3
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0]
-
-	ld	[%o1+8],%o4
-	ld	[%o2+8],%o5
-	inc	16,%o1
-	addxcc	%g3,%g4,%g3
-	st	%g3,[%o0+4]
-	
-	ld	[%o1-4],%g3
-	ld	[%o2+12],%g4
-	inc	16,%o2
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0+8]
-
-	inc	16,%o0
-	addxcc	%g3,%g4,%g3
-	st	%g3,[%o0-4]
-	addx	%g0,0,%g1
-	andcc	%o3,-4,%g0
-	bnz,a	.L_bn_add_words_loop
-	addcc	%g1,-1,%g0
-
-	tst	%o3
-	bnz,a	.L_bn_add_words_tail
-	ld	[%o1],%o4
-.L_bn_add_words_return:
-	retl
-	mov	%g1,%o0
-
-.L_bn_add_words_tail:
-	addcc	%g1,-1,%g0
-	ld	[%o2],%o5
-	addxcc	%o5,%o4,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_add_words_return
-	st	%o5,[%o0]
-
-	ld	[%o1+4],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+4],%o5
-	addxcc	%o5,%o4,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_add_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+8],%o5
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0+8]
-	retl
-	addx	%g0,0,%o0
-
-.type	bn_add_words,#function
-.size	bn_add_words,(.-bn_add_words)
-
-.align	32
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
-	cmp	%o3,0
-	bg,a	.L_bn_sub_words_proceed
-	ld	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_sub_words_proceed:
-	andcc	%o3,-4,%g0
-	bz	.L_bn_sub_words_tail
-	clr	%g1
-	ba	.L_bn_sub_words_warm_loop
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_sub_words_loop:
-	ld	[%o1],%o4
-.L_bn_sub_words_warm_loop:
-	ld	[%o2],%o5
-	ld	[%o1+4],%g3
-	ld	[%o2+4],%g4
-	dec	4,%o3
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0]
-
-	ld	[%o1+8],%o4
-	ld	[%o2+8],%o5
-	inc	16,%o1
-	subxcc	%g3,%g4,%g4
-	st	%g4,[%o0+4]
-	
-	ld	[%o1-4],%g3
-	ld	[%o2+12],%g4
-	inc	16,%o2
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0+8]
-
-	inc	16,%o0
-	subxcc	%g3,%g4,%g4
-	st	%g4,[%o0-4]
-	addx	%g0,0,%g1
-	andcc	%o3,-4,%g0
-	bnz,a	.L_bn_sub_words_loop
-	addcc	%g1,-1,%g0
-
-	tst	%o3
-	nop
-	bnz,a	.L_bn_sub_words_tail
-	ld	[%o1],%o4
-.L_bn_sub_words_return:
-	retl
-	mov	%g1,%o0
-
-.L_bn_sub_words_tail:
-	addcc	%g1,-1,%g0
-	ld	[%o2],%o5
-	subxcc	%o4,%o5,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_sub_words_return
-	st	%o5,[%o0]
-	nop
-
-	ld	[%o1+4],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+4],%o5
-	subxcc	%o4,%o5,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_sub_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+8],%o5
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0+8]
-	retl
-	addx	%g0,0,%o0
-
-.type	bn_sub_words,#function
-.size	bn_sub_words,(.-bn_sub_words)
-
-#define FRAME_SIZE	-96
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1	%o0
-#define	t_2	%o1
-#define c_1	%o2
-#define c_2	%o3
-#define c_3	%o4
-
-#define ap(I)	[%i1+4*I]
-#define bp(I)	[%i2+4*I]
-#define rp(I)	[%i0+4*I]
-
-#define	a_0	%l0
-#define	a_1	%l1
-#define	a_2	%l2
-#define	a_3	%l3
-#define	a_4	%l4
-#define	a_5	%l5
-#define	a_6	%l6
-#define	a_7	%l7
-
-#define	b_0	%i3
-#define	b_1	%i4
-#define	b_2	%i5
-#define	b_3	%o5
-#define	b_4	%g1
-#define	b_5	%g2
-#define	b_6	%g3
-#define	b_7	%g4
-
-.align	32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	bp(0),b_0
-	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
-	ld	bp(1),b_1
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
-	ld	ap(1),a_1
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	ld	ap(2),a_2
-	umul	a_1,b_0,t_1	!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(1)	!r[1]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	ld	bp(2),b_2
-	umul	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	ld	bp(3),b_3
-	addx	c_2,%g0,c_2	!=
-	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	ld	ap(3),a_3
-	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	ld	ap(4),a_4
-	umul	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	ld	bp(4),b_4
-	umul	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	ld	bp(5),b_5
-	umul	a_0,b_4,t_1	!=!mul_add_c(a[0],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_2,b_3,t_1	!=!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	ld	ap(5),a_5
-	umul	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	ld	ap(6),a_6
-	addx	c_2,%g0,c_2	!=
-	umul	a_5,b_0,t_1	!mul_add_c(a[5],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(5)	!r[5]=c3;
-
-	umul	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,b_2,t_1	!mul_add_c(a[4],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_2,b_4,t_1	!mul_add_c(a[2],b[4],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	ld	bp(6),b_6
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	ld	bp(7),b_7
-	umul	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	st	c_1,rp(6)	!r[6]=c1;
-	addx	c_3,%g0,c_3	!=
-
-	umul	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	umul	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_3,b_4,t_1	!=!mul_add_c(a[3],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	ld	ap(7),a_7
-	umul	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_7,b_0,t_1	!mul_add_c(a[7],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	st	c_2,rp(7)	!r[7]=c2;
-
-	umul	a_7,b_1,t_1	!mul_add_c(a[7],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_6,b_2,t_1	!=!mul_add_c(a[6],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	umul	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_2,b_6,t_1	!=!mul_add_c(a[2],b[6],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!
-	addx	c_2,%g0,c_2
-	st	c_3,rp(8)	!r[8]=c3;
-
-	umul	a_2,b_7,t_1	!mul_add_c(a[2],b[7],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_3,b_6,t_1	!=!mul_add_c(a[3],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	umul	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_7,b_2,t_1	!=!mul_add_c(a[7],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(9)	!r[9]=c1;
-
-	umul	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_5,b_5,t_1	!=!mul_add_c(a[5],b[5],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(10)	!r[10]=c2;
-
-	umul	a_4,b_7,t_1	!=!mul_add_c(a[4],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	umul	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	umul	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(11)	!r[11]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	umul	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	st	c_1,rp(12)	!r[12]=c1;
-	addx	c_3,%g0,c_3	!=
-
-	umul	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	umul	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(13)	!r[13]=c2;
-
-	umul	a_7,b_7,t_1	!=!mul_add_c(a[7],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	nop			!=
-	st	c_3,rp(14)	!r[14]=c3;
-	st	c_1,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba8,#function
-.size	bn_mul_comba8,(.-bn_mul_comba8)
-
-.align	32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	bp(0),b_0
-	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
-	ld	bp(1),b_1
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
-	ld	ap(1),a_1
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1
-	ld	ap(2),a_2
-	umul	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(1)	!r[1]=c2;
-
-	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	ld	bp(2),b_2
-	umul	a_1,b_1,t_1	!=!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	bp(3),b_3
-	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,b_3,t_1	!=!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3	!=
-	umul	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	ld	ap(3),a_3
-	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_1,b_3,t_1	!=!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(5)	!r[5]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	st	c_1,rp(6)	!r[6]=c1;
-	st	c_2,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba4,#function
-.size	bn_mul_comba4,(.-bn_mul_comba4)
-
-.align	32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	ap(1),a_1
-	umul	a_0,a_0,c_1	!=!sqr_add_c(a,0,c1,c2,c3);
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	ld	ap(2),a_2
-	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1	!=
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(1)	!r[1]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	ap(3),a_3
-	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,a_3,t_1	!=!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3	!=
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	ld	ap(4),a_4
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	ld	ap(5),a_5
-	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(4)	!r[4]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	ap(6),a_6
-	umul	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(5)	!r[5]=c3;
-
-	umul	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	ld	ap(7),a_7
-	umul	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(6)	!r[6]=c1;
-
-	umul	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	st	c_2,rp(7)	!r[7]=c2;
-
-	umul	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(8)	!r[8]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(9)	!r[9]=c1;
-
-	umul	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(10)	!r[10]=c2;
-
-	umul	a_4,a_7,t_1	!=!sqr_add_c2(a,7,4,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_5,a_6,t_1	!=!sqr_add_c2(a,6,5,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(11)	!r[11]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	st	c_1,rp(12)	!r[12]=c1;
-
-	umul	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2	!=
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(13)	!r[13]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	st	c_3,rp(14)	!r[14]=c3;
-	st	c_1,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba8,#function
-.size	bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align	32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	umul	a_0,a_0,c_1	!sqr_add_c(a,0,c1,c2,c3);
-	ld	ap(1),a_1	!=
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	ld	ap(2),a_2
-	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1	!=
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(1)	!r[1]=c2;
-
-	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	ld	ap(3),a_3
-	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(2)	!r[2]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_2,a_3,t_1	!=!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(5)	!r[5]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	st	c_1,rp(6)	!r[6]=c1;
-	st	c_2,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba4,#function
-.size	bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align	32
diff --git a/crypto/openssl/crypto/bn/asm/sparcv8plus.S b/crypto/openssl/crypto/bn/asm/sparcv8plus.S
deleted file mode 100644
index 0074dfdb750e..000000000000
--- a/crypto/openssl/crypto/bn/asm/sparcv8plus.S
+++ /dev/null
@@ -1,1535 +0,0 @@
-.ident	"sparcv8plus.s, Version 1.4"
-.ident	"SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * Questions-n-answers.
- *
- * Q. How to compile?
- * A. With SC4.x/SC5.x:
- *
- *	cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- *    and with gcc:
- *
- *	gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- *    or if above fails (it does if you have gas installed):
- *
- *	gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
- *
- *    Quick-n-dirty way to fuse the module into the library.
- *    Provided that the library is already configured and built
- *    (in 0.9.2 case with no-asm option):
- *
- *	# cd crypto/bn
- *	# cp /some/place/bn_asm.sparc.v8plus.S .
- *	# cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *	# make
- *	# cd ../..
- *	# make; make test
- *
- *    Quick-n-dirty way to get rid of it:
- *
- *	# cd crypto/bn
- *	# touch bn_asm.c
- *	# make
- *	# cd ../..
- *	# make; make test
- *
- * Q. V8plus achitecture? What kind of beast is that?
- * A. Well, it's rather a programming model than an architecture...
- *    It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
- *    special conditions, namely when kernel doesn't preserve upper
- *    32 bits of otherwise 64-bit registers during a context switch.
- *
- * Q. Why just UltraSPARC? What about SuperSPARC?
- * A. Original release did target UltraSPARC only. Now SuperSPARC
- *    version is provided along. Both version share bn_*comba[48]
- *    implementations (see comment later in code for explanation).
- *    But what's so special about this UltraSPARC implementation?
- *    Why didn't I let compiler do the job? Trouble is that most of
- *    available compilers (well, SC5.0 is the only exception) don't
- *    attempt to take advantage of UltraSPARC's 64-bitness under
- *    32-bit kernels even though it's perfectly possible (see next
- *    question).
- *
- * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
- *    doesn't work?
- * A. You can't adress *all* registers as 64-bit wide:-( The catch is
- *    that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
- *    preserved if you're in a leaf function, i.e. such never calling
- *    any other functions. All functions in this module are leaf and
- *    10 registers is a handful. And as a matter of fact none-"comba"
- *    routines don't require even that much and I could even afford to
- *    not allocate own stack frame for 'em:-)
- *
- * Q. What about 64-bit kernels?
- * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
- *    under evaluation and development...
- *
- * Q. What about shared libraries?
- * A. What about 'em? Kidding again:-) Code does *not* contain any
- *    code position dependencies and it's safe to include it into
- *    shared library as is.
- *
- * Q. How much faster does it go?
- * A. Do you have a good benchmark? In either case below is what I
- *    experience with crypto/bn/expspeed.c test program:
- *
- *	v8plus module on U10/300MHz against bn_asm.c compiled with:
- *
- *	cc-5.0 -xarch=v8plus -xO5 -xdepend	+7-12%
- *	cc-4.2 -xarch=v8plus -xO5 -xdepend	+25-35%
- *	egcs-1.1.2 -mcpu=ultrasparc -O3		+35-45%
- *
- *	v8 module on SS10/60MHz against bn_asm.c compiled with:
- *
- *	cc-5.0 -xarch=v8 -xO5 -xdepend		+7-10%
- *	cc-4.2 -xarch=v8 -xO5 -xdepend		+10%
- *	egcs-1.1.2 -mv8 -O3			+35-45%
- *
- *    As you can see it's damn hard to beat the new Sun C compiler
- *    and it's in first place GNU C users who will appreciate this
- *    assembler implementation:-)	
- */
-
-/*
- * Revision history.
- *
- * 1.0	- initial release;
- * 1.1	- new loop unrolling model(*);
- *	- some more fine tuning;
- * 1.2	- made gas friendly;
- *	- updates to documentation concerning v9;
- *	- new performance comparison matrix;
- * 1.3	- fixed problem with /usr/ccs/lib/cpp;
- * 1.4	- native V9 bn_*_comba[48] implementation (15% more efficient)
- *	  resulting in slight overall performance kick;
- *	- some retunes;
- *	- support for GNU as added;
- *
- * (*)	Originally unrolled loop looked like this:
- *	    for (;;) {
- *		op(p+0); if (--n==0) break;
- *		op(p+1); if (--n==0) break;
- *		op(p+2); if (--n==0) break;
- *		op(p+3); if (--n==0) break;
- *		p+=4;
- *	    }
- *	I unroll according to following:
- *	    while (n&~3) {
- *		op(p+0); op(p+1); op(p+2); op(p+3);
- *		p+=4; n=-4;
- *	    }
- *	    if (n) {
- *		op(p+0); if (--n==0) return;
- *		op(p+2); if (--n==0) return;
- *		op(p+3); return;
- *	    }
- */
-
-/*
- * GNU assembler can't stand stuw:-(
- */
-#define stuw st
-
-.section	".text",#alloc,#execinstr
-.file		"bn_asm.sparc.v8plus.S"
-
-.align	32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
-	brgz,a	%o2,.L_bn_mul_add_words_proceed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_add_words_proceed:
-	srl	%o3,%g0,%o3	! clruw	%o3
-	andcc	%o2,-4,%g0
-	bz,pn	%icc,.L_bn_mul_add_words_tail
-	clr	%o5
-
-.L_bn_mul_add_words_loop:	! wow! 32 aligned!
-	lduw	[%o0],%g1
-	lduw	[%o1+4],%g3
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	nop
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+4],%g1
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g3,%g3
-	add	%g1,%o5,%o4
-	dec	4,%o2
-	add	%o4,%g3,%o4
-	stuw	%o4,[%o0+4]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+8],%g1
-	lduw	[%o1+12],%g3
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	inc	16,%o1
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+12],%g1
-	mulx	%o3,%g3,%g3
-	add	%g1,%o5,%o4
-	inc	16,%o0
-	add	%o4,%g3,%o4
-	andcc	%o2,-4,%g0
-	stuw	%o4,[%o0-4]
-	srlx	%o4,32,%o5
-	bnz,a,pt	%icc,.L_bn_mul_add_words_loop
-	lduw	[%o1],%g2
-
-	brnz,a,pn	%o2,.L_bn_mul_add_words_tail
-	lduw	[%o1],%g2
-.L_bn_mul_add_words_return:
-	retl
-	mov	%o5,%o0
-
-.L_bn_mul_add_words_tail:
-	lduw	[%o0],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	dec	%o2
-	add	%o4,%g2,%o4
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_add_words_return
-	stuw	%o4,[%o0]
-
-	lduw	[%o1+4],%g2
-	lduw	[%o0+4],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	dec	%o2
-	add	%o4,%g2,%o4
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_add_words_return
-	stuw	%o4,[%o0+4]
-
-	lduw	[%o1+8],%g2
-	lduw	[%o0+8],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0+8]
-	retl
-	srlx	%o4,32,%o0
-
-.type	bn_mul_add_words,#function
-.size	bn_mul_add_words,(.-bn_mul_add_words)
-
-.align	32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
-	brgz,a	%o2,.L_bn_mul_words_proceeed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_words_proceeed:
-	srl	%o3,%g0,%o3	! clruw	%o3
-	andcc	%o2,-4,%g0
-	bz,pn	%icc,.L_bn_mul_words_tail
-	clr	%o5
-
-.L_bn_mul_words_loop:		! wow! 32 aligned!
-	lduw	[%o1+4],%g3
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	nop
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g3,%g3
-	add	%g3,%o5,%o4
-	dec	4,%o2
-	stuw	%o4,[%o0+4]
-	srlx	%o4,32,%o5
-
-	lduw	[%o1+12],%g3
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	inc	16,%o1
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-
-	mulx	%o3,%g3,%g3
-	add	%g3,%o5,%o4
-	inc	16,%o0
-	stuw	%o4,[%o0-4]
-	srlx	%o4,32,%o5
-	andcc	%o2,-4,%g0
-	bnz,a,pt	%icc,.L_bn_mul_words_loop
-	lduw	[%o1],%g2
-	nop
-	nop
-
-	brnz,a,pn	%o2,.L_bn_mul_words_tail
-	lduw	[%o1],%g2
-.L_bn_mul_words_return:
-	retl
-	mov	%o5,%o0
-
-.L_bn_mul_words_tail:
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	dec	%o2
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_words_return
-	stuw	%o4,[%o0]
-
-	lduw	[%o1+4],%g2
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	dec	%o2
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_words_return
-	stuw	%o4,[%o0+4]
-
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	stuw	%o4,[%o0+8]
-	retl
-	srlx	%o4,32,%o0
-
-.type	bn_mul_words,#function
-.size	bn_mul_words,(.-bn_mul_words)
-
-.align  32
-.global	bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
-	brgz,a	%o2,.L_bn_sqr_words_proceeed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_proceeed:
-	andcc	%o2,-4,%g0
-	nop
-	bz,pn	%icc,.L_bn_sqr_words_tail
-	nop
-
-.L_bn_sqr_words_loop:		! wow! 32 aligned!
-	lduw	[%o1+4],%g3
-	mulx	%g2,%g2,%o4
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-	stuw	%o5,[%o0+4]
-	nop
-
-	lduw	[%o1+8],%g2
-	mulx	%g3,%g3,%o4
-	dec	4,%o2
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-	stuw	%o5,[%o0+12]
-
-	lduw	[%o1+12],%g3
-	mulx	%g2,%g2,%o4
-	srlx	%o4,32,%o5
-	stuw	%o4,[%o0+16]
-	inc	16,%o1
-	stuw	%o5,[%o0+20]
-
-	mulx	%g3,%g3,%o4
-	inc	32,%o0
-	stuw	%o4,[%o0-8]
-	srlx	%o4,32,%o5
-	andcc	%o2,-4,%g2
-	stuw	%o5,[%o0-4]
-	bnz,a,pt	%icc,.L_bn_sqr_words_loop
-	lduw	[%o1],%g2
-	nop
-
-	brnz,a,pn	%o2,.L_bn_sqr_words_tail
-	lduw	[%o1],%g2
-.L_bn_sqr_words_return:
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_tail:
-	mulx	%g2,%g2,%o4
-	dec	%o2
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_sqr_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+4],%g2
-	mulx	%g2,%g2,%o4
-	dec	%o2
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_sqr_words_return
-	stuw	%o5,[%o0+12]
-
-	lduw	[%o1+8],%g2
-	mulx	%g2,%g2,%o4
-	srlx	%o4,32,%o5
-	stuw	%o4,[%o0+16]
-	stuw	%o5,[%o0+20]
-	retl
-	clr	%o0
-
-.type	bn_sqr_words,#function
-.size	bn_sqr_words,(.-bn_sqr_words)
-
-.align	32
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
-	sllx	%o0,32,%o0
-	or	%o0,%o1,%o0
-	udivx	%o0,%o2,%o0
-	retl
-	srl	%o0,%g0,%o0	! clruw	%o0
-
-.type	bn_div_words,#function
-.size	bn_div_words,(.-bn_div_words)
-
-.align	32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
-	brgz,a	%o3,.L_bn_add_words_proceed
-	lduw	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_add_words_proceed:
-	andcc	%o3,-4,%g0
-	bz,pn	%icc,.L_bn_add_words_tail
-	addcc	%g0,0,%g0	! clear carry flag
-	nop
-
-.L_bn_add_words_loop:		! wow! 32 aligned!
-	dec	4,%o3
-	lduw	[%o2],%o5
-	lduw	[%o1+4],%g1
-	lduw	[%o2+4],%g2
-	lduw	[%o1+8],%g3
-	lduw	[%o2+8],%g4
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+12],%o4
-	lduw	[%o2+12],%o5
-	inc	16,%o1
-	addccc	%g1,%g2,%g1
-	stuw	%g1,[%o0+4]
-	
-	inc	16,%o2
-	addccc	%g3,%g4,%g3
-	stuw	%g3,[%o0+8]
-
-	inc	16,%o0
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0-4]
-	and	%o3,-4,%g1
-	brnz,a,pt	%g1,.L_bn_add_words_loop
-	lduw	[%o1],%o4
-
-	brnz,a,pn	%o3,.L_bn_add_words_tail
-	lduw	[%o1],%o4
-.L_bn_add_words_return:
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-	nop
-
-.L_bn_add_words_tail:
-	lduw	[%o2],%o5
-	dec	%o3
-	addccc	%o5,%o4,%o5
-	brz,pt	%o3,.L_bn_add_words_return
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+4],%o4
-	lduw	[%o2+4],%o5
-	dec	%o3
-	addccc	%o5,%o4,%o5
-	brz,pt	%o3,.L_bn_add_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+8],%o4
-	lduw	[%o2+8],%o5
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0+8]
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-
-.type	bn_add_words,#function
-.size	bn_add_words,(.-bn_add_words)
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
-	brgz,a	%o3,.L_bn_sub_words_proceed
-	lduw	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_sub_words_proceed:
-	andcc	%o3,-4,%g0
-	bz,pn	%icc,.L_bn_sub_words_tail
-	addcc	%g0,0,%g0	! clear carry flag
-	nop
-
-.L_bn_sub_words_loop:		! wow! 32 aligned!
-	dec	4,%o3
-	lduw	[%o2],%o5
-	lduw	[%o1+4],%g1
-	lduw	[%o2+4],%g2
-	lduw	[%o1+8],%g3
-	lduw	[%o2+8],%g4
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+12],%o4
-	lduw	[%o2+12],%o5
-	inc	16,%o1
-	subccc	%g1,%g2,%g2
-	stuw	%g2,[%o0+4]
-
-	inc	16,%o2
-	subccc	%g3,%g4,%g4
-	stuw	%g4,[%o0+8]
-
-	inc	16,%o0
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0-4]
-	and	%o3,-4,%g1
-	brnz,a,pt	%g1,.L_bn_sub_words_loop
-	lduw	[%o1],%o4
-
-	brnz,a,pn	%o3,.L_bn_sub_words_tail
-	lduw	[%o1],%o4
-.L_bn_sub_words_return:
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-	nop
-
-.L_bn_sub_words_tail:		! wow! 32 aligned!
-	lduw	[%o2],%o5
-	dec	%o3
-	subccc	%o4,%o5,%o5
-	brz,pt	%o3,.L_bn_sub_words_return
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+4],%o4
-	lduw	[%o2+4],%o5
-	dec	%o3
-	subccc	%o4,%o5,%o5
-	brz,pt	%o3,.L_bn_sub_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+8],%o4
-	lduw	[%o2+8],%o5
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0+8]
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-
-.type	bn_sub_words,#function
-.size	bn_sub_words,(.-bn_sub_words)
-
-/*
- * Code below depends on the fact that upper parts of the %l0-%l7
- * and %i0-%i7 are zeroed by kernel after context switch. In
- * previous versions this comment stated that "the trouble is that
- * it's not feasible to implement the mumbo-jumbo in less V9
- * instructions:-(" which apparently isn't true thanks to
- * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
- * results not from the shorter code, but from elimination of
- * multicycle none-pairable 'rd %y,%rd' instructions.
- *
- *							Andy.
- */
-
-#define FRAME_SIZE	-96
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1	%o0
-#define	t_2	%o1
-#define c_12	%o2
-#define c_3	%o3
-
-#define ap(I)	[%i1+4*I]
-#define bp(I)	[%i2+4*I]
-#define rp(I)	[%i0+4*I]
-
-#define	a_0	%l0
-#define	a_1	%l1
-#define	a_2	%l2
-#define	a_3	%l3
-#define	a_4	%l4
-#define	a_5	%l5
-#define	a_6	%l6
-#define	a_7	%l7
-
-#define	b_0	%i3
-#define	b_1	%i4
-#define	b_2	%i5
-#define	b_3	%o4
-#define	b_4	%o5
-#define	b_5	%o7
-#define	b_6	%g1
-#define	b_7	%g4
-
-.align	32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	bp(0),b_0	!=
-	lduw	bp(1),b_1
-	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!=!r[0]=c1;
-
-	lduw	ap(1),a_1
-	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(2),a_2
-	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(2),b_2	!=
-	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(3),b_3
-	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(4),a_4
-	mulx	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_1,t_1	!=!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(4),b_4	!=
-	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(5),b_5
-	mulx	a_0,b_4,t_1	!mul_add_c(a[0],b[4],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(5),a_5
-	mulx	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(6),a_6
-	mulx	a_5,b_0,t_1	!=!mul_add_c(a[5],b[0],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,b_2,t_1	!=!mul_add_c(a[4],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_3,t_1	!=!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_4,t_1	!=!mul_add_c(a[2],b[4],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(6),b_6	!=
-	mulx	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(7),b_7
-	mulx	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_4,t_1	!mul_add_c(a[3],b[4],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(7),a_7
-	mulx	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_7,b_0,t_1	!=!mul_add_c(a[7],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(7)	!r[7]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,b_1,t_1	!=!mul_add_c(a[7],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_6,b_2,t_1	!mul_add_c(a[6],b[2],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_2,b_6,t_1	!mul_add_c(a[2],b[6],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(8)	!r[8]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_7,t_1	!=!mul_add_c(a[2],b[7],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_3,b_6,t_1	!mul_add_c(a[3],b[6],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_2,t_1	!mul_add_c(a[7],b[2],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(9)	!r[9]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_5,t_1	!mul_add_c(a[5],b[5],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(10)	!r[10]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_4,b_7,t_1	!mul_add_c(a[4],b[7],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(11)	!r[11]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(12)	!r[12]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	st	t_1,rp(13)	!r[13]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_7,t_1	!mul_add_c(a[7],b[7],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(14)	!r[14]=c3;
-	stuw	c_12,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0	!=
-
-.type	bn_mul_comba8,#function
-.size	bn_mul_comba8,(.-bn_mul_comba8)
-
-.align	32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	lduw	ap(0),a_0
-	mov	1,t_2
-	lduw	bp(0),b_0
-	sllx	t_2,32,t_2	!=
-	lduw	bp(1),b_1
-	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!=!r[0]=c1;
-
-	lduw	ap(1),a_1
-	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(2),a_2
-	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(2),b_2	!=
-	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(3),b_3
-	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(3)	!=!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!=!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!=!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(6)	!r[6]=c1;
-	stuw	c_12,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba4,#function
-.size	bn_mul_comba4,(.-bn_mul_comba4)
-
-.align	32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	ap(1),a_1
-	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!r[0]=c1;
-
-	lduw	ap(2),a_2
-	mulx	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(4),a_4
-	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	st	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(5),a_5
-	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(6),a_6
-	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(7),a_7
-	mulx	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(7)	!r[7]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(8)	!r[8]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(9)	!r[9]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(10)	!r[10]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,a_7,t_1	!sqr_add_c2(a,7,4,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_6,t_1	!sqr_add_c2(a,6,5,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(11)	!r[11]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(12)	!r[12]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(13)	!r[13]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(14)	!r[14]=c3;
-	stuw	c_12,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba8,#function
-.size	bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align	32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	ap(1),a_1
-	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!r[0]=c1;
-
-	lduw	ap(2),a_2
-	mulx	a_0,a_1,t_1	!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	stuw	c_12,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba4,#function
-.size	bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align	32
diff --git a/crypto/openssl/crypto/bn/asm/x86.pl b/crypto/openssl/crypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb2747..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
diff --git a/crypto/openssl/crypto/bn/asm/x86/add.pl b/crypto/openssl/crypto/bn/asm/x86/add.pl
deleted file mode 100644
index 0b5cf583e37f..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/comba.pl b/crypto/openssl/crypto/bn/asm/x86/comba.pl
deleted file mode 100644
index 22912536293d..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub mul_add_c
-	{
-	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("mul a[$ai]*b[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	&mul("edx");
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
-	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
-	}
-
-sub sqr_add_c
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
-	}
-
-sub sqr_add_c2
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$a,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add("eax","eax");
-	 ###
-	&adc("edx","edx");
-	 ###
-	&adc($c2,0);
-	 &add($c0,"eax");
-	&adc($c1,"edx");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
-	&adc($c2,0);
-	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
-	 ###
-	}
-
-sub bn_mul_comba
-	{
-	local($name,$num)=@_;
-	local($a,$b,$c0,$c1,$c2);
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$b="edi";
-	
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	&push("esi");
-	 &mov($a,&wparam(1));
-	&push("edi");
-	 &mov($b,&wparam(2));
-	&push("ebp");
-	 &push("ebx");
-
-	&xor($c0,$c0);
-	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
-	&xor($c1,$c1);
-	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("################## Calculate word $i"); 
-
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($j+1) == $end)
-				{
-				$v=1;
-				$v=2 if (($i+1) == $tot);
-				}
-			else
-				{ $v=0; }
-			if (($j+1) != $end)
-				{
-				$na=($ai-1);
-				$nb=($bi+1);
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
-			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				# &mov("eax",&wparam(0));
-				# &mov(&DWP($i*4,"eax","",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&comment("save r[$i]");
-	# &mov("eax",&wparam(0));
-	&mov(&DWP($i*4,"eax","",0),$c0);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-sub bn_sqr_comba
-	{
-	local($name,$num)=@_;
-	local($r,$a,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$r="edi";
-
-	&push("esi");
-	 &push("edi");
-	&push("ebp");
-	 &push("ebx");
-	&mov($r,&wparam(0));
-	 &mov($a,&wparam(1));
-	&xor($c0,$c0);
-	 &xor($c1,$c1);
-	&mov("eax",&DWP(0,$a,"",0)); # load the first word
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("############### Calculate word $i");
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($ai-1) < ($bi+1))
-				{
-				$v=1;
-				$v=2 if ($i+1) == $tot;
-				}
-			else
-				{ $v=0; }
-			if (!$v)
-				{
-				$na=$ai-1;
-				$nb=$bi+1;
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-			if ($ai == $bi)
-				{
-				&sqr_add_c($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			else
-				{
-				&sqr_add_c2($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				#&mov(&DWP($i*4,$r,"",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				last;
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&mov(&DWP($i*4,$r,"",0),$c0);
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/div.pl b/crypto/openssl/crypto/bn/asm/x86/div.pl
deleted file mode 100644
index 0e90152caa95..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_div_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-	&mov("edx",&wparam(0));	#
-	&mov("eax",&wparam(1));	#
-	&mov("ebx",&wparam(2));	#
-	&div("ebx");
-	&function_end($name);
-	}
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/f b/crypto/openssl/crypto/bn/asm/x86/f
deleted file mode 100644
index 22e411222431..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/f
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
diff --git a/crypto/openssl/crypto/bn/asm/x86/mul.pl b/crypto/openssl/crypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 674cb9b05512..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ecx";
-	$r="edi";
-	$c="esi";
-	$num="ebp";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-	&mov($w,&wparam(3));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("mw_finish"));
-
-	&set_label("mw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jz(&label("mw_finish"));
-	&jmp(&label("mw_loop"));
-
-	&set_label("mw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jnz(&label("mw_finish2"));
-	&jmp(&label("mw_end"));
-
-	&set_label("mw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		 &dec($num) if ($i != 7-1);
-		&jz(&label("mw_end")) if ($i != 7-1);
-		}
-	&set_label("mw_end",0);
-	&mov("eax",$c);
-
-	&function_end($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/mul_add.pl b/crypto/openssl/crypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 61830d3a906a..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ebp";
-	$r="edi";
-	$c="esi";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-
-	&mov("ecx",&wparam(2));	#
-	&mov($a,&wparam(1));	#
-
-	&and("ecx",0xfffffff8);	# num / 8
-	&mov($w,&wparam(3));	#
-
-	&push("ecx");		# Up the stack for a tmp variable
-
-	&jz(&label("maw_finish"));
-
-	&set_label("maw_loop",0);
-
-	&mov(&swtmp(0),"ecx");	#
-
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);		# L(t)+= *r
-		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);		# L(t)+=c
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&mov("ecx",&swtmp(0));	#
-	&add($a,32);
-	&add($r,32);
-	&sub("ecx",8);
-	&jnz(&label("maw_loop"));
-
-	&set_label("maw_finish",0);
-	&mov("ecx",&wparam(2));	# get num
-	&and("ecx",7);
-	&jnz(&label("maw_finish2"));	# helps branch prediction
-	&jmp(&label("maw_end"));
-
-	&set_label("maw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);
-		&adc("edx",0);			# H(t)+=carry
-		 &dec("ecx") if ($i != 7-1);
-		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
-		 &mov($c,"edx");			# c=  H(t);
-		&jz(&label("maw_end")) if ($i != 7-1);
-		}
-	&set_label("maw_end",0);
-	&mov("eax",$c);
-
-	&pop("ecx");	# clear variable from
-
-	&function_end($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/sqr.pl b/crypto/openssl/crypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 1f90993cf689..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$r="esi";
-	$a="edi";
-	$num="ebx";
-
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("sw_finish"));
-
-	&set_label("sw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-		&mov("eax",&DWP($i,$a,"",0)); 	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*2,$r,"",0),"eax");	#
-		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,64);
-	&sub($num,8);
-	&jnz(&label("sw_loop"));
-
-	&set_label("sw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jz(&label("sw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov("eax",&DWP($i*4,$a,"",0));	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*8,$r,"",0),"eax");	#
-		 &dec($num) if ($i != 7-1);
-		&mov(&DWP($i*8+4,$r,"",0),"edx");
-		 &jz(&label("sw_end")) if ($i != 7-1);
-		}
-	&set_label("sw_end",0);
-
-	&function_end($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86/sub.pl b/crypto/openssl/crypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 837b0e1b078d..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-1;
diff --git a/crypto/openssl/crypto/bn/asm/x86_64-gcc.c b/crypto/openssl/crypto/bn/asm/x86_64-gcc.c
deleted file mode 100644
index b97b394661aa..000000000000
--- a/crypto/openssl/crypto/bn/asm/x86_64-gcc.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/*
- * x86_64 BIGNUM accelerator version 0.1, December 2002.
- *
- * Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- *
- * Q. Version 0.1? It doesn't sound like Andy, he used to assign real
- *    versions, like 1.0...
- * A. Well, that's because this code is basically a quick-n-dirty
- *    proof-of-concept hack. As you can see it's implemented with
- *    inline assembler, which means that you're bound to GCC and that
- *    there must be a room for fine-tuning.
- *
- * Q. Why inline assembler?
- * A. x86_64 features own ABI I'm not familiar with. Which is why
- *    I decided to let the compiler take care of subroutine
- *    prologue/epilogue as well as register allocation.
- *
- * Q. How much faster does it get?
- * A. Unfortunately people sitting on x86_64 hardware are prohibited
- *    to disclose the performance numbers, so they (SuSE labs to be
- *    specific) wouldn't tell me. However! Very similar coding technique
- *    (reaching out for 128-bit result from 64x64-bit multiplication)
- *    results in >3 times performance improvement on MIPS and I see no
- *    reason why gain on x86_64 would be so much different:-)
- */
-
-#define BN_ULONG unsigned long
-
-/*
- * "m"(a), "+m"(r)	is the way to favor DirectPath µ-code;
- * "g"(0)		let the compiler to decide where does it
- *			want to keep the value of zero;
- */
-#define mul_add(r,a,word,carry) do {	\
-	register BN_ULONG high,low;	\
-	asm ("mulq %3"			\
-		: "=a"(low),"=d"(high)	\
-		: "a"(word),"m"(a)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(carry),"+d"(high)\
-		: "a"(low),"g"(0)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+m"(r),"+d"(high)	\
-		: "r"(carry),"g"(0)	\
-		: "cc");		\
-	carry=high;			\
-	} while (0)
-
-#define mul(r,a,word,carry) do {	\
-	register BN_ULONG high,low;	\
-	asm ("mulq %3"			\
-		: "=a"(low),"=d"(high)	\
-		: "a"(word),"g"(a)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(carry),"+d"(high)\
-		: "a"(low),"g"(0)	\
-		: "cc");		\
-	(r)=carry, carry=high;		\
-	} while (0)
-
-#define sqr(r0,r1,a)			\
-	asm ("mulq %2"			\
-		: "=a"(r0),"=d"(r1)	\
-		: "a"(a)		\
-		: "cc");
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul_add(rp[0],ap[0],w,c1);
-		mul_add(rp[1],ap[1],w,c1);
-		mul_add(rp[2],ap[2],w,c1);
-		mul_add(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
-		mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
-		mul_add(rp[2],ap[2],w,c1); return c1;
-		}
-	
-	return(c1);
-	} 
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul(rp[0],ap[0],w,c1);
-		mul(rp[1],ap[1],w,c1);
-		mul(rp[2],ap[2],w,c1);
-		mul(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
-		mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
-		mul(rp[2],ap[2],w,c1);
-		}
-	return(c1);
-	} 
-
-void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
-        {
-	if (n <= 0) return;
-
-	while (n&~3)
-		{
-		sqr(r[0],r[1],a[0]);
-		sqr(r[2],r[3],a[1]);
-		sqr(r[4],r[5],a[2]);
-		sqr(r[6],r[7],a[3]);
-		a+=4; r+=8; n-=4;
-		}
-	if (n)
-		{
-		sqr(r[0],r[1],a[0]); if (--n == 0) return;
-		sqr(r[2],r[3],a[1]); if (--n == 0) return;
-		sqr(r[4],r[5],a[2]);
-		}
-	}
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{	BN_ULONG ret,waste;
-
-	asm ("divq	%3"
-		: "=a"(ret),"=d"(waste)
-		: "a"(l),"d"(h),"g"(d)
-		: "cc");
-
-	return ret;
-}
-
-BN_ULONG bn_add_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
-{ BN_ULONG ret,i;
-
-	if (n <= 0) return 0;
-
-	asm (
-	"	subq	%2,%2		\n"
-	".align 16			\n"
-	"1:	movq	(%4,%2,8),%0	\n"
-	"	adcq	(%5,%2,8),%0	\n"
-	"	movq	%0,(%3,%2,8)	\n"
-	"	leaq	1(%2),%2	\n"
-	"	loop	1b		\n"
-	"	sbbq	%0,%0		\n"
-		: "+a"(ret),"+c"(n),"+r"(i)
-		: "r"(rp),"r"(ap),"r"(bp)
-		: "cc"
-	);
-
-  return ret&1;
-}
-
-#ifndef SIMICS
-BN_ULONG bn_sub_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
-{ BN_ULONG ret,i;
-
-	if (n <= 0) return 0;
-
-	asm (
-	"	subq	%2,%2		\n"
-	".align 16			\n"
-	"1:	movq	(%4,%2,8),%0	\n"
-	"	sbbq	(%5,%2,8),%0	\n"
-	"	movq	%0,(%3,%2,8)	\n"
-	"	leaq	1(%2),%2	\n"
-	"	loop	1b		\n"
-	"	sbbq	%0,%0		\n"
-		: "+a"(ret),"+c"(n),"+r"(i)
-		: "r"(rp),"r"(ap),"r"(bp)
-		: "cc"
-	);
-
-  return ret&1;
-}
-#else
-/* Simics 1.4<7 has buggy sbbq:-( */
-#define BN_MASK2 0xffffffffffffffffL
-BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-        {
-	BN_ULONG t1,t2;
-	int c=0;
-
-	if (n <= 0) return((BN_ULONG)0);
-
-	for (;;)
-		{
-		t1=a[0]; t2=b[0];
-		r[0]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[1]; t2=b[1];
-		r[1]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[2]; t2=b[2];
-		r[2]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[3]; t2=b[3];
-		r[3]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
-		}
-	return(c);
-	}
-#endif
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
-
-#if 0
-/* original macros are kept for reference purposes */
-#define mul_add_c(a,b,c0,c1,c2) {	\
-	BN_ULONG ta=(a),tb=(b);		\
-	t1 = ta * tb;			\
-	t2 = BN_UMULT_HIGH(ta,tb);	\
-	c0 += t1; t2 += (c0<t1)?1:0;	\
-	c1 += t2; c2 += (c1<t2)?1:0;	\
-	}
-
-#define mul_add_c2(a,b,c0,c1,c2) {	\
-	BN_ULONG ta=(a),tb=(b),t0;	\
-	t1 = BN_UMULT_HIGH(ta,tb);	\
-	t0 = ta * tb;			\
-	t2 = t1+t1; c2 += (t2<t1)?1:0;	\
-	t1 = t0+t0; t2 += (t1<t0)?1:0;	\
-	c0 += t1; t2 += (c0<t1)?1:0;	\
-	c1 += t2; c2 += (c1<t2)?1:0;	\
-	}
-#else
-#define mul_add_c(a,b,c0,c1,c2)	do {	\
-	asm ("mulq %3"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a),"m"(b)		\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c0),"+d"(t2)	\
-		: "a"(t1),"g"(0)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c1),"+r"(c2)	\
-		: "d"(t2),"g"(0)	\
-		: "cc");		\
-	} while (0)
-
-#define sqr_add_c(a,i,c0,c1,c2)	do {	\
-	asm ("mulq %2"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a[i])		\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c0),"+d"(t2)	\
-		: "a"(t1),"g"(0)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c1),"+r"(c2)	\
-		: "d"(t2),"g"(0)	\
-		: "cc");		\
-	} while (0)
-
-#define mul_add_c2(a,b,c0,c1,c2) do {	\
-	asm ("mulq %3"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a),"m"(b)		\
-		: "cc");		\
-	asm ("addq %0,%0; adcq %2,%1"	\
-		: "+d"(t2),"+r"(c2)	\
-		: "g"(0)		\
-		: "cc");		\
-	asm ("addq %0,%0; adcq %2,%1"	\
-		: "+a"(t1),"+d"(t2)	\
-		: "g"(0)		\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c0),"+d"(t2)	\
-		: "a"(t1),"g"(0)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(c1),"+r"(c2)	\
-		: "d"(t2),"g"(0)	\
-		: "cc");		\
-	} while (0)
-#endif
-
-#define sqr_add_c2(a,i,j,c0,c1,c2)	\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	BN_ULONG bl,bh;
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[4],b[0],c2,c3,c1);
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	mul_add_c(a[0],b[4],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[0],b[5],c3,c1,c2);
-	mul_add_c(a[1],b[4],c3,c1,c2);
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	mul_add_c(a[4],b[1],c3,c1,c2);
-	mul_add_c(a[5],b[0],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[6],b[0],c1,c2,c3);
-	mul_add_c(a[5],b[1],c1,c2,c3);
-	mul_add_c(a[4],b[2],c1,c2,c3);
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	mul_add_c(a[2],b[4],c1,c2,c3);
-	mul_add_c(a[1],b[5],c1,c2,c3);
-	mul_add_c(a[0],b[6],c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	mul_add_c(a[0],b[7],c2,c3,c1);
-	mul_add_c(a[1],b[6],c2,c3,c1);
-	mul_add_c(a[2],b[5],c2,c3,c1);
-	mul_add_c(a[3],b[4],c2,c3,c1);
-	mul_add_c(a[4],b[3],c2,c3,c1);
-	mul_add_c(a[5],b[2],c2,c3,c1);
-	mul_add_c(a[6],b[1],c2,c3,c1);
-	mul_add_c(a[7],b[0],c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	mul_add_c(a[7],b[1],c3,c1,c2);
-	mul_add_c(a[6],b[2],c3,c1,c2);
-	mul_add_c(a[5],b[3],c3,c1,c2);
-	mul_add_c(a[4],b[4],c3,c1,c2);
-	mul_add_c(a[3],b[5],c3,c1,c2);
-	mul_add_c(a[2],b[6],c3,c1,c2);
-	mul_add_c(a[1],b[7],c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	mul_add_c(a[2],b[7],c1,c2,c3);
-	mul_add_c(a[3],b[6],c1,c2,c3);
-	mul_add_c(a[4],b[5],c1,c2,c3);
-	mul_add_c(a[5],b[4],c1,c2,c3);
-	mul_add_c(a[6],b[3],c1,c2,c3);
-	mul_add_c(a[7],b[2],c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	mul_add_c(a[7],b[3],c2,c3,c1);
-	mul_add_c(a[6],b[4],c2,c3,c1);
-	mul_add_c(a[5],b[5],c2,c3,c1);
-	mul_add_c(a[4],b[6],c2,c3,c1);
-	mul_add_c(a[3],b[7],c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	mul_add_c(a[4],b[7],c3,c1,c2);
-	mul_add_c(a[5],b[6],c3,c1,c2);
-	mul_add_c(a[6],b[5],c3,c1,c2);
-	mul_add_c(a[7],b[4],c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	mul_add_c(a[7],b[5],c1,c2,c3);
-	mul_add_c(a[6],b[6],c1,c2,c3);
-	mul_add_c(a[5],b[7],c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	mul_add_c(a[6],b[7],c2,c3,c1);
-	mul_add_c(a[7],b[6],c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	mul_add_c(a[7],b[7],c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	BN_ULONG bl,bh;
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-	{
-	BN_ULONG bl,bh;
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	sqr_add_c2(a,4,0,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,5,0,c3,c1,c2);
-	sqr_add_c2(a,4,1,c3,c1,c2);
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	sqr_add_c2(a,4,2,c1,c2,c3);
-	sqr_add_c2(a,5,1,c1,c2,c3);
-	sqr_add_c2(a,6,0,c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	sqr_add_c2(a,7,0,c2,c3,c1);
-	sqr_add_c2(a,6,1,c2,c3,c1);
-	sqr_add_c2(a,5,2,c2,c3,c1);
-	sqr_add_c2(a,4,3,c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	sqr_add_c(a,4,c3,c1,c2);
-	sqr_add_c2(a,5,3,c3,c1,c2);
-	sqr_add_c2(a,6,2,c3,c1,c2);
-	sqr_add_c2(a,7,1,c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	sqr_add_c2(a,7,2,c1,c2,c3);
-	sqr_add_c2(a,6,3,c1,c2,c3);
-	sqr_add_c2(a,5,4,c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	sqr_add_c(a,5,c2,c3,c1);
-	sqr_add_c2(a,6,4,c2,c3,c1);
-	sqr_add_c2(a,7,3,c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	sqr_add_c2(a,7,4,c3,c1,c2);
-	sqr_add_c2(a,6,5,c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	sqr_add_c(a,6,c1,c2,c3);
-	sqr_add_c2(a,7,5,c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	sqr_add_c2(a,7,6,c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	sqr_add_c(a,7,c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-	{
-	BN_ULONG bl,bh;
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
diff --git a/crypto/openssl/crypto/bn/bn.h b/crypto/openssl/crypto/bn/bn.h
deleted file mode 100644
index b40682f83182..000000000000
--- a/crypto/openssl/crypto/bn/bn.h
+++ /dev/null
@@ -1,547 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BN_H
-#define HEADER_BN_H
-
-#include <openssl/e_os2.h>
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h> /* FILE */
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-#undef BN_LLONG /* experimental, so far... */
-#endif
-
-#define BN_MUL_COMBA
-#define BN_SQR_COMBA
-#define BN_RECURSION
-
-/* This next option uses the C libraries (2 word)/(1 word) function.
- * If it is not defined, I use my C version (which is slower).
- * The reason for this flag is that when the particular C compiler
- * library routine is used, and the library is linked with a different
- * compiler, the library is missing.  This mostly happens when the
- * library is built with gcc and then linked using normal cc.  This would
- * be a common occurrence because gcc normally produces code that is
- * 2 times faster than system compilers for the big number stuff.
- * For machines with only one compiler (or shared libraries), this should
- * be on.  Again this in only really a problem on machines
- * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
-    defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-#  define BN_DIV2W
-# endif
-#endif
-
-/* assuming long is 64bit - this is the DEC Alpha
- * unsigned long long is only 64 bits :-(, don't define
- * BN_LLONG for the DEC Alpha */
-#ifdef SIXTY_FOUR_BIT_LONG
-#define BN_ULLONG	unsigned long long
-#define BN_ULONG	unsigned long
-#define BN_LONG		long
-#define BN_BITS		128
-#define BN_BYTES	8
-#define BN_BITS2	64
-#define BN_BITS4	32
-#define BN_MASK		(0xffffffffffffffffffffffffffffffffLL)
-#define BN_MASK2	(0xffffffffffffffffL)
-#define BN_MASK2l	(0xffffffffL)
-#define BN_MASK2h	(0xffffffff00000000L)
-#define BN_MASK2h1	(0xffffffff80000000L)
-#define BN_TBIT		(0x8000000000000000L)
-#define BN_DEC_CONV	(10000000000000000000UL)
-#define BN_DEC_FMT1	"%lu"
-#define BN_DEC_FMT2	"%019lu"
-#define BN_DEC_NUM	19
-#endif
-
-/* This is where the long long data type is 64 bits, but long is 32.
- * For machines where there are 64bit registers, this is the mode to use.
- * IRIX, on R4000 and above should use this mode, along with the relevant
- * assembler code :-).  Do NOT define BN_LLONG.
- */
-#ifdef SIXTY_FOUR_BIT
-#undef BN_LLONG
-#undef BN_ULLONG
-#define BN_ULONG	unsigned long long
-#define BN_LONG		long long
-#define BN_BITS		128
-#define BN_BYTES	8
-#define BN_BITS2	64
-#define BN_BITS4	32
-#define BN_MASK2	(0xffffffffffffffffLL)
-#define BN_MASK2l	(0xffffffffL)
-#define BN_MASK2h	(0xffffffff00000000LL)
-#define BN_MASK2h1	(0xffffffff80000000LL)
-#define BN_TBIT		(0x8000000000000000LL)
-#define BN_DEC_CONV	(10000000000000000000ULL)
-#define BN_DEC_FMT1	"%llu"
-#define BN_DEC_FMT2	"%019llu"
-#define BN_DEC_NUM	19
-#endif
-
-#ifdef THIRTY_TWO_BIT
-#if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-#define BN_ULLONG	unsigned _int64
-#else
-#define BN_ULLONG	unsigned long long
-#endif
-#define BN_ULONG	unsigned long
-#define BN_LONG		long
-#define BN_BITS		64
-#define BN_BYTES	4
-#define BN_BITS2	32
-#define BN_BITS4	16
-#ifdef OPENSSL_SYS_WIN32
-/* VC++ doesn't like the LL suffix */
-#define BN_MASK		(0xffffffffffffffffL)
-#else
-#define BN_MASK		(0xffffffffffffffffLL)
-#endif
-#define BN_MASK2	(0xffffffffL)
-#define BN_MASK2l	(0xffff)
-#define BN_MASK2h1	(0xffff8000L)
-#define BN_MASK2h	(0xffff0000L)
-#define BN_TBIT		(0x80000000L)
-#define BN_DEC_CONV	(1000000000L)
-#define BN_DEC_FMT1	"%lu"
-#define BN_DEC_FMT2	"%09lu"
-#define BN_DEC_NUM	9
-#endif
-
-#ifdef SIXTEEN_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG	unsigned long
-#define BN_ULONG	unsigned short
-#define BN_LONG		short
-#define BN_BITS		32
-#define BN_BYTES	2
-#define BN_BITS2	16
-#define BN_BITS4	8
-#define BN_MASK		(0xffffffff)
-#define BN_MASK2	(0xffff)
-#define BN_MASK2l	(0xff)
-#define BN_MASK2h1	(0xff80)
-#define BN_MASK2h	(0xff00)
-#define BN_TBIT		(0x8000)
-#define BN_DEC_CONV	(100000)
-#define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%05u"
-#define BN_DEC_NUM	5
-#endif
-
-#ifdef EIGHT_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG	unsigned short
-#define BN_ULONG	unsigned char
-#define BN_LONG		char
-#define BN_BITS		16
-#define BN_BYTES	1
-#define BN_BITS2	8
-#define BN_BITS4	4
-#define BN_MASK		(0xffff)
-#define BN_MASK2	(0xff)
-#define BN_MASK2l	(0xf)
-#define BN_MASK2h1	(0xf8)
-#define BN_MASK2h	(0xf0)
-#define BN_TBIT		(0x80)
-#define BN_DEC_CONV	(100)
-#define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%02u"
-#define BN_DEC_NUM	2
-#endif
-
-#define BN_DEFAULT_BITS	1280
-
-#ifdef BIGNUM
-#undef BIGNUM
-#endif
-
-#define BN_FLG_MALLOCED		0x01
-#define BN_FLG_STATIC_DATA	0x02
-#define BN_FLG_FREE		0x8000	/* used for debuging */
-#define BN_set_flags(b,n)	((b)->flags|=(n))
-#define BN_get_flags(b,n)	((b)->flags&(n))
-
-typedef struct bignum_st
-	{
-	BN_ULONG *d;	/* Pointer to an array of 'BN_BITS2' bit chunks. */
-	int top;	/* Index of last used d +1. */
-	/* The next are internal book keeping for bn_expand. */
-	int dmax;	/* Size of the d array. */
-	int neg;	/* one if the number is negative */
-	int flags;
-	} BIGNUM;
-
-/* Used for temp variables (declaration hidden in bn_lcl.h) */
-typedef struct bignum_ctx BN_CTX;
-
-typedef struct bn_blinding_st
-	{
-	int init;
-	BIGNUM *A;
-	BIGNUM *Ai;
-	BIGNUM *mod; /* just a reference */
-	} BN_BLINDING;
-
-/* Used for montgomery multiplication */
-typedef struct bn_mont_ctx_st
-	{
-	int ri;        /* number of bits in R */
-	BIGNUM RR;     /* used to convert to montgomery form */
-	BIGNUM N;      /* The modulus */
-	BIGNUM Ni;     /* R*(1/R mod N) - N*Ni = 1
-	                * (Ni is only stored for bignum algorithm) */
-	BN_ULONG n0;   /* least significant word of Ni */
-	int flags;
-	} BN_MONT_CTX;
-
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
- */
-typedef struct bn_recp_ctx_st
-	{
-	BIGNUM N;	/* the divisor */
-	BIGNUM Nr;	/* the reciprocal */
-	int num_bits;
-	int shift;
-	int flags;
-	} BN_RECP_CTX;
-
-#define BN_prime_checks 0 /* default: select number of iterations
-			     based on the size of the number */
-
-/* number of Miller-Rabin iterations for an error rate  of less than 2^-80
- * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
- * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
- * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ?  2 : \
-                                (b) >=  850 ?  3 : \
-                                (b) >=  650 ?  4 : \
-                                (b) >=  550 ?  5 : \
-                                (b) >=  450 ?  6 : \
-                                (b) >=  400 ?  7 : \
-                                (b) >=  350 ?  8 : \
-                                (b) >=  300 ?  9 : \
-                                (b) >=  250 ? 12 : \
-                                (b) >=  200 ? 15 : \
-                                (b) >=  150 ? 18 : \
-                                /* b >= 100 */ 27)
-
-#define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word does not work reliably for w == 0 */
-#define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
-#define BN_is_zero(a)       (((a)->top == 0) || BN_abs_is_word(a,0))
-#define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w)     ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \
-                                   BN_is_zero((a)))
-#define BN_is_odd(a)	    (((a)->top > 0) && ((a)->d[0] & 1))
-
-#define BN_one(a)	(BN_set_word((a),1))
-#define BN_zero(a)	(BN_set_word((a),0))
-
-/*#define BN_ascii2bn(a)	BN_hex2bn(a) */
-/*#define BN_bn2ascii(a)	BN_bn2hex(a) */
-
-const BIGNUM *BN_value_one(void);
-char *	BN_options(void);
-BN_CTX *BN_CTX_new(void);
-void	BN_CTX_init(BN_CTX *c);
-void	BN_CTX_free(BN_CTX *c);
-void	BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void	BN_CTX_end(BN_CTX *ctx);
-int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int	BN_rand_range(BIGNUM *rnd, BIGNUM *range);
-int	BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
-int	BN_num_bits(const BIGNUM *a);
-int	BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void	BN_init(BIGNUM *);
-void	BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void	BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
-int	BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret);
-int	BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int	BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int	BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx);
-
-int	BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-	BN_CTX *ctx);
-#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int	BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int	BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int	BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int	BN_mul_word(BIGNUM *a, BN_ULONG w);
-int	BN_add_word(BIGNUM *a, BN_ULONG w);
-int	BN_sub_word(BIGNUM *a, BN_ULONG w);
-int	BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int	BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void	BN_free(BIGNUM *a);
-int	BN_is_bit_set(const BIGNUM *a, int n);
-int	BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int	BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx);
-
-int	BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m,BN_CTX *ctx);
-int	BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int	BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int	BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
-	const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m,
-	BN_CTX *ctx,BN_MONT_CTX *m_ctx);
-int	BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m,BN_CTX *ctx);
-
-int	BN_mask_bits(BIGNUM *a,int n);
-#ifndef OPENSSL_NO_FP_API
-int	BN_print_fp(FILE *fp, const BIGNUM *a);
-#endif
-#ifdef HEADER_BIO_H
-int	BN_print(BIO *fp, const BIGNUM *a);
-#else
-int	BN_print(void *fp, const BIGNUM *a);
-#endif
-int	BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int	BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void	BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int	BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int	BN_set_bit(BIGNUM *a, int n);
-int	BN_clear_bit(BIGNUM *a, int n);
-char *	BN_bn2hex(const BIGNUM *a);
-char *	BN_bn2dec(const BIGNUM *a);
-int 	BN_hex2bn(BIGNUM **a, const char *str);
-int 	BN_dec2bn(BIGNUM **a, const char *str);
-int	BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
-int	BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
-	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
-	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
-BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
-	const BIGNUM *add, const BIGNUM *rem,
-	void (*callback)(int,int,void *),void *cb_arg);
-int	BN_is_prime(const BIGNUM *p,int nchecks,
-	void (*callback)(int,int,void *),
-	BN_CTX *ctx,void *cb_arg);
-int	BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
-	void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
-	int do_trial_division);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void );
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
-	BN_MONT_CTX *mont, BN_CTX *ctx);
-#define BN_to_montgomery(r,a,mont,ctx)	BN_mod_mul_montgomery(\
-	(r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
-	BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
-
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-
-void BN_set_params(int mul,int high,int low,int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-
-void	BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void	BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int	BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
-int	BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-	BN_RECP_CTX *recp,BN_CTX *ctx);
-int	BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx);
-int	BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-
-/* library internal functions */
-
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
-	(a):bn_expand2((a),(bits)/BN_BITS2+1))
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words);
-
-#define bn_fix_top(a) \
-        { \
-        BN_ULONG *ftl; \
-	if ((a)->top > 0) \
-		{ \
-		for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
-		if (*(ftl--)) break; \
-		} \
-	}
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void     bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-
-#ifdef BN_DEBUG
-void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n);
-# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
-   fprintf(stderr,"\n");}
-# define bn_dump(a,n) bn_dump1(stderr,#a,a,n);
-#else
-# define bn_print(a)
-# define bn_dump(a,b)
-#endif
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-#define BN_F_BN_BLINDING_CONVERT			 100
-#define BN_F_BN_BLINDING_INVERT				 101
-#define BN_F_BN_BLINDING_NEW				 102
-#define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
-#define BN_F_BN_BN2HEX					 105
-#define BN_F_BN_CTX_GET					 116
-#define BN_F_BN_CTX_NEW					 106
-#define BN_F_BN_DIV					 107
-#define BN_F_BN_EXPAND2					 108
-#define BN_F_BN_EXPAND_INTERNAL				 120
-#define BN_F_BN_MOD_EXP2_MONT				 118
-#define BN_F_BN_MOD_EXP_MONT				 109
-#define BN_F_BN_MOD_EXP_MONT_WORD			 117
-#define BN_F_BN_MOD_INVERSE				 110
-#define BN_F_BN_MOD_LSHIFT_QUICK			 119
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
-#define BN_F_BN_MOD_SQRT				 121
-#define BN_F_BN_MPI2BN					 112
-#define BN_F_BN_NEW					 113
-#define BN_F_BN_RAND					 114
-#define BN_F_BN_RAND_RANGE				 122
-#define BN_F_BN_USUB					 115
-
-/* Reason codes. */
-#define BN_R_ARG2_LT_ARG3				 100
-#define BN_R_BAD_RECIPROCAL				 101
-#define BN_R_BIGNUM_TOO_LONG				 114
-#define BN_R_CALLED_WITH_EVEN_MODULUS			 102
-#define BN_R_DIV_BY_ZERO				 103
-#define BN_R_ENCODING_ERROR				 104
-#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA		 105
-#define BN_R_INPUT_NOT_REDUCED				 110
-#define BN_R_INVALID_LENGTH				 106
-#define BN_R_INVALID_RANGE				 115
-#define BN_R_NOT_A_SQUARE				 111
-#define BN_R_NOT_INITIALIZED				 107
-#define BN_R_NO_INVERSE					 108
-#define BN_R_P_IS_NOT_PRIME				 112
-#define BN_R_TOO_MANY_ITERATIONS			 113
-#define BN_R_TOO_MANY_TEMPORARY_VARIABLES		 109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/bn/bn.mul b/crypto/openssl/crypto/bn/bn.mul
deleted file mode 100644
index 9728870d38ae..000000000000
--- a/crypto/openssl/crypto/bn/bn.mul
+++ /dev/null
@@ -1,19 +0,0 @@
-We need
-
-* bn_mul_comba8
-* bn_mul_comba4
-* bn_mul_normal
-* bn_mul_recursive
-
-* bn_sqr_comba8
-* bn_sqr_comba4
-bn_sqr_normal -> BN_sqr
-* bn_sqr_recursive
-
-* bn_mul_low_recursive
-* bn_mul_low_normal
-* bn_mul_high
-
-* bn_mul_part_recursive	# symetric but not power of 2
-
-bn_mul_asymetric_recursive # uneven, but do the chop up.
diff --git a/crypto/openssl/crypto/bn/bn_add.c b/crypto/openssl/crypto/bn/bn_add.c
deleted file mode 100644
index 6cba07e9f670..000000000000
--- a/crypto/openssl/crypto/bn/bn_add.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/* crypto/bn/bn_add.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r can == a or b */
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-	{
-	const BIGNUM *tmp;
-	int a_neg = a->neg;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/*  a +  b	a+b
-	 *  a + -b	a-b
-	 * -a +  b	b-a
-	 * -a + -b	-(a+b)
-	 */
-	if (a_neg ^ b->neg)
-		{
-		/* only one is negative */
-		if (a_neg)
-			{ tmp=a; a=b; b=tmp; }
-
-		/* we are now a - b */
-
-		if (BN_ucmp(a,b) < 0)
-			{
-			if (!BN_usub(r,b,a)) return(0);
-			r->neg=1;
-			}
-		else
-			{
-			if (!BN_usub(r,a,b)) return(0);
-			r->neg=0;
-			}
-		return(1);
-		}
-
-	if (!BN_uadd(r,a,b)) return(0);
-	if (a_neg) /* both are neg */
-		r->neg=1;
-	else
-		r->neg=0;
-	return(1);
-	}
-
-/* unsigned add of b to a, r must be large enough */
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-	{
-	register int i;
-	int max,min;
-	BN_ULONG *ap,*bp,*rp,carry,t1;
-	const BIGNUM *tmp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->top < b->top)
-		{ tmp=a; a=b; b=tmp; }
-	max=a->top;
-	min=b->top;
-
-	if (bn_wexpand(r,max+1) == NULL)
-		return(0);
-
-	r->top=max;
-
-
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-	carry=0;
-
-	carry=bn_add_words(rp,ap,bp,min);
-	rp+=min;
-	ap+=min;
-	bp+=min;
-	i=min;
-
-	if (carry)
-		{
-		while (i < max)
-			{
-			i++;
-			t1= *(ap++);
-			if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
-				{
-				carry=0;
-				break;
-				}
-			}
-		if ((i >= max) && carry)
-			{
-			*(rp++)=1;
-			r->top++;
-			}
-		}
-	if (rp != ap)
-		{
-		for (; i<max; i++)
-			*(rp++)= *(ap++);
-		}
-	/* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
-	r->neg = 0;
-	return(1);
-	}
-
-/* unsigned subtraction of b from a, a must be larger than b. */
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-	{
-	int max,min;
-	register BN_ULONG t1,t2,*ap,*bp,*rp;
-	int i,carry;
-#if defined(IRIX_CC_BUG) && !defined(LINT)
-	int dummy;
-#endif
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->top < b->top) /* hmm... should not be happening */
-		{
-		BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3);
-		return(0);
-		}
-
-	max=a->top;
-	min=b->top;
-	if (bn_wexpand(r,max) == NULL) return(0);
-
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-
-#if 1
-	carry=0;
-	for (i=0; i<min; i++)
-		{
-		t1= *(ap++);
-		t2= *(bp++);
-		if (carry)
-			{
-			carry=(t1 <= t2);
-			t1=(t1-t2-1)&BN_MASK2;
-			}
-		else
-			{
-			carry=(t1 < t2);
-			t1=(t1-t2)&BN_MASK2;
-			}
-#if defined(IRIX_CC_BUG) && !defined(LINT)
-		dummy=t1;
-#endif
-		*(rp++)=t1&BN_MASK2;
-		}
-#else
-	carry=bn_sub_words(rp,ap,bp,min);
-	ap+=min;
-	bp+=min;
-	rp+=min;
-	i=min;
-#endif
-	if (carry) /* subtracted */
-		{
-		while (i < max)
-			{
-			i++;
-			t1= *(ap++);
-			t2=(t1-1)&BN_MASK2;
-			*(rp++)=t2;
-			if (t1 > t2) break;
-			}
-		}
-#if 0
-	memcpy(rp,ap,sizeof(*rp)*(max-i));
-#else
-	if (rp != ap)
-		{
-		for (;;)
-			{
-			if (i++ >= max) break;
-			rp[0]=ap[0];
-			if (i++ >= max) break;
-			rp[1]=ap[1];
-			if (i++ >= max) break;
-			rp[2]=ap[2];
-			if (i++ >= max) break;
-			rp[3]=ap[3];
-			rp+=4;
-			ap+=4;
-			}
-		}
-#endif
-
-	r->top=max;
-	r->neg=0;
-	bn_fix_top(r);
-	return(1);
-	}
-
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-	{
-	int max;
-	int add=0,neg=0;
-	const BIGNUM *tmp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/*  a -  b	a-b
-	 *  a - -b	a+b
-	 * -a -  b	-(a+b)
-	 * -a - -b	b-a
-	 */
-	if (a->neg)
-		{
-		if (b->neg)
-			{ tmp=a; a=b; b=tmp; }
-		else
-			{ add=1; neg=1; }
-		}
-	else
-		{
-		if (b->neg) { add=1; neg=0; }
-		}
-
-	if (add)
-		{
-		if (!BN_uadd(r,a,b)) return(0);
-		r->neg=neg;
-		return(1);
-		}
-
-	/* We are actually doing a - b :-) */
-
-	max=(a->top > b->top)?a->top:b->top;
-	if (bn_wexpand(r,max) == NULL) return(0);
-	if (BN_ucmp(a,b) < 0)
-		{
-		if (!BN_usub(r,b,a)) return(0);
-		r->neg=1;
-		}
-	else
-		{
-		if (!BN_usub(r,a,b)) return(0);
-		r->neg=0;
-		}
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_asm.c b/crypto/openssl/crypto/bn/bn_asm.c
deleted file mode 100644
index be8aa3ffc5a4..000000000000
--- a/crypto/openssl/crypto/bn/bn_asm.c
+++ /dev/null
@@ -1,832 +0,0 @@
-/* crypto/bn/bn_asm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	assert(num >= 0);
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul_add(rp[0],ap[0],w,c1);
-		mul_add(rp[1],ap[1],w,c1);
-		mul_add(rp[2],ap[2],w,c1);
-		mul_add(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
-		mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
-		mul_add(rp[2],ap[2],w,c1); return c1;
-		}
-	
-	return(c1);
-	} 
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	assert(num >= 0);
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul(rp[0],ap[0],w,c1);
-		mul(rp[1],ap[1],w,c1);
-		mul(rp[2],ap[2],w,c1);
-		mul(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
-		mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
-		mul(rp[2],ap[2],w,c1);
-		}
-	return(c1);
-	} 
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-        {
-	assert(n >= 0);
-	if (n <= 0) return;
-	while (n&~3)
-		{
-		sqr(r[0],r[1],a[0]);
-		sqr(r[2],r[3],a[1]);
-		sqr(r[4],r[5],a[2]);
-		sqr(r[6],r[7],a[3]);
-		a+=4; r+=8; n-=4;
-		}
-	if (n)
-		{
-		sqr(r[0],r[1],a[0]); if (--n == 0) return;
-		sqr(r[2],r[3],a[1]); if (--n == 0) return;
-		sqr(r[4],r[5],a[2]);
-		}
-	}
-
-#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c=0;
-	BN_ULONG bl,bh;
-
-	assert(num >= 0);
-	if (num <= 0) return((BN_ULONG)0);
-
-	bl=LBITS(w);
-	bh=HBITS(w);
-
-	for (;;)
-		{
-		mul_add(rp[0],ap[0],bl,bh,c);
-		if (--num == 0) break;
-		mul_add(rp[1],ap[1],bl,bh,c);
-		if (--num == 0) break;
-		mul_add(rp[2],ap[2],bl,bh,c);
-		if (--num == 0) break;
-		mul_add(rp[3],ap[3],bl,bh,c);
-		if (--num == 0) break;
-		ap+=4;
-		rp+=4;
-		}
-	return(c);
-	} 
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG carry=0;
-	BN_ULONG bl,bh;
-
-	assert(num >= 0);
-	if (num <= 0) return((BN_ULONG)0);
-
-	bl=LBITS(w);
-	bh=HBITS(w);
-
-	for (;;)
-		{
-		mul(rp[0],ap[0],bl,bh,carry);
-		if (--num == 0) break;
-		mul(rp[1],ap[1],bl,bh,carry);
-		if (--num == 0) break;
-		mul(rp[2],ap[2],bl,bh,carry);
-		if (--num == 0) break;
-		mul(rp[3],ap[3],bl,bh,carry);
-		if (--num == 0) break;
-		ap+=4;
-		rp+=4;
-		}
-	return(carry);
-	} 
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-        {
-	assert(n >= 0);
-	if (n <= 0) return;
-	for (;;)
-		{
-		sqr64(r[0],r[1],a[0]);
-		if (--n == 0) break;
-
-		sqr64(r[2],r[3],a[1]);
-		if (--n == 0) break;
-
-		sqr64(r[4],r[5],a[2]);
-		if (--n == 0) break;
-
-		sqr64(r[6],r[7],a[3]);
-		if (--n == 0) break;
-
-		a+=4;
-		r+=8;
-		}
-	}
-
-#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-#if defined(BN_LLONG) && defined(BN_DIV2W)
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-	{
-	return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
-	}
-
-#else
-
-/* Divide h,l by d and return the result. */
-/* I need to test this some more :-( */
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-	{
-	BN_ULONG dh,dl,q,ret=0,th,tl,t;
-	int i,count=2;
-
-	if (d == 0) return(BN_MASK2);
-
-	i=BN_num_bits_word(d);
-	assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i));
-
-	i=BN_BITS2-i;
-	if (h >= d) h-=d;
-
-	if (i)
-		{
-		d<<=i;
-		h=(h<<i)|(l>>(BN_BITS2-i));
-		l<<=i;
-		}
-	dh=(d&BN_MASK2h)>>BN_BITS4;
-	dl=(d&BN_MASK2l);
-	for (;;)
-		{
-		if ((h>>BN_BITS4) == dh)
-			q=BN_MASK2l;
-		else
-			q=h/dh;
-
-		th=q*dh;
-		tl=dl*q;
-		for (;;)
-			{
-			t=h-th;
-			if ((t&BN_MASK2h) ||
-				((tl) <= (
-					(t<<BN_BITS4)|
-					((l&BN_MASK2h)>>BN_BITS4))))
-				break;
-			q--;
-			th-=dh;
-			tl-=dl;
-			}
-		t=(tl>>BN_BITS4);
-		tl=(tl<<BN_BITS4)&BN_MASK2h;
-		th+=t;
-
-		if (l < tl) th++;
-		l-=tl;
-		if (h < th)
-			{
-			h+=d;
-			q--;
-			}
-		h-=th;
-
-		if (--count == 0) break;
-
-		ret=q<<BN_BITS4;
-		h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
-		l=(l&BN_MASK2l)<<BN_BITS4;
-		}
-	ret|=q;
-	return(ret);
-	}
-#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
-
-#ifdef BN_LLONG
-BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-        {
-	BN_ULLONG ll=0;
-
-	assert(n >= 0);
-	if (n <= 0) return((BN_ULONG)0);
-
-	for (;;)
-		{
-		ll+=(BN_ULLONG)a[0]+b[0];
-		r[0]=(BN_ULONG)ll&BN_MASK2;
-		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
-		ll+=(BN_ULLONG)a[1]+b[1];
-		r[1]=(BN_ULONG)ll&BN_MASK2;
-		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
-		ll+=(BN_ULLONG)a[2]+b[2];
-		r[2]=(BN_ULONG)ll&BN_MASK2;
-		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
-		ll+=(BN_ULLONG)a[3]+b[3];
-		r[3]=(BN_ULONG)ll&BN_MASK2;
-		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
-		}
-	return((BN_ULONG)ll);
-	}
-#else /* !BN_LLONG */
-BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-        {
-	BN_ULONG c,l,t;
-
-	assert(n >= 0);
-	if (n <= 0) return((BN_ULONG)0);
-
-	c=0;
-	for (;;)
-		{
-		t=a[0];
-		t=(t+c)&BN_MASK2;
-		c=(t < c);
-		l=(t+b[0])&BN_MASK2;
-		c+=(l < t);
-		r[0]=l;
-		if (--n <= 0) break;
-
-		t=a[1];
-		t=(t+c)&BN_MASK2;
-		c=(t < c);
-		l=(t+b[1])&BN_MASK2;
-		c+=(l < t);
-		r[1]=l;
-		if (--n <= 0) break;
-
-		t=a[2];
-		t=(t+c)&BN_MASK2;
-		c=(t < c);
-		l=(t+b[2])&BN_MASK2;
-		c+=(l < t);
-		r[2]=l;
-		if (--n <= 0) break;
-
-		t=a[3];
-		t=(t+c)&BN_MASK2;
-		c=(t < c);
-		l=(t+b[3])&BN_MASK2;
-		c+=(l < t);
-		r[3]=l;
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
-		}
-	return((BN_ULONG)c);
-	}
-#endif /* !BN_LLONG */
-
-BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-        {
-	BN_ULONG t1,t2;
-	int c=0;
-
-	assert(n >= 0);
-	if (n <= 0) return((BN_ULONG)0);
-
-	for (;;)
-		{
-		t1=a[0]; t2=b[0];
-		r[0]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[1]; t2=b[1];
-		r[1]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[2]; t2=b[2];
-		r[2]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		t1=a[3]; t2=b[3];
-		r[3]=(t1-t2-c)&BN_MASK2;
-		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
-		}
-	return(c);
-	}
-
-#ifdef BN_MUL_COMBA
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	tt=(t+t)&BN_MASK; \
-	if (tt < t) c2++; \
-	t1=(BN_ULONG)Lw(tt); \
-	t2=(BN_ULONG)Hw(tt); \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	t=(BN_ULLONG)a[i]*a[i]; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#elif defined(BN_UMULT_HIGH)
-
-#define mul_add_c(a,b,c0,c1,c2)	{	\
-	BN_ULONG ta=(a),tb=(b);		\
-	t1 = ta * tb;			\
-	t2 = BN_UMULT_HIGH(ta,tb);	\
-	c0 += t1; t2 += (c0<t1)?1:0;	\
-	c1 += t2; c2 += (c1<t2)?1:0;	\
-	}
-
-#define mul_add_c2(a,b,c0,c1,c2) {	\
-	BN_ULONG ta=(a),tb=(b),t0;	\
-	t1 = BN_UMULT_HIGH(ta,tb);	\
-	t0 = ta * tb;			\
-	t2 = t1+t1; c2 += (t2<t1)?1:0;	\
-	t1 = t0+t0; t2 += (t1<t0)?1:0;	\
-	c0 += t1; t2 += (c0<t1)?1:0;	\
-	c1 += t2; c2 += (c1<t2)?1:0;	\
-	}
-
-#define sqr_add_c(a,i,c0,c1,c2)	{	\
-	BN_ULONG ta=(a)[i];		\
-	t1 = ta * ta;			\
-	t2 = BN_UMULT_HIGH(ta,ta);	\
-	c0 += t1; t2 += (c0<t1)?1:0;	\
-	c1 += t2; c2 += (c1<t2)?1:0;	\
-	}
-
-#define sqr_add_c2(a,i,j,c0,c1,c2)	\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#else /* !BN_LLONG */
-#define mul_add_c(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	if (t2 & BN_TBIT) c2++; \
-	t2=(t2+t2)&BN_MASK2; \
-	if (t1 & BN_TBIT) t2++; \
-	t1=(t1+t1)&BN_MASK2; \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	sqr64(t1,t2,(a)[i]); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif /* !BN_LLONG */
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[4],b[0],c2,c3,c1);
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	mul_add_c(a[0],b[4],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[0],b[5],c3,c1,c2);
-	mul_add_c(a[1],b[4],c3,c1,c2);
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	mul_add_c(a[4],b[1],c3,c1,c2);
-	mul_add_c(a[5],b[0],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[6],b[0],c1,c2,c3);
-	mul_add_c(a[5],b[1],c1,c2,c3);
-	mul_add_c(a[4],b[2],c1,c2,c3);
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	mul_add_c(a[2],b[4],c1,c2,c3);
-	mul_add_c(a[1],b[5],c1,c2,c3);
-	mul_add_c(a[0],b[6],c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	mul_add_c(a[0],b[7],c2,c3,c1);
-	mul_add_c(a[1],b[6],c2,c3,c1);
-	mul_add_c(a[2],b[5],c2,c3,c1);
-	mul_add_c(a[3],b[4],c2,c3,c1);
-	mul_add_c(a[4],b[3],c2,c3,c1);
-	mul_add_c(a[5],b[2],c2,c3,c1);
-	mul_add_c(a[6],b[1],c2,c3,c1);
-	mul_add_c(a[7],b[0],c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	mul_add_c(a[7],b[1],c3,c1,c2);
-	mul_add_c(a[6],b[2],c3,c1,c2);
-	mul_add_c(a[5],b[3],c3,c1,c2);
-	mul_add_c(a[4],b[4],c3,c1,c2);
-	mul_add_c(a[3],b[5],c3,c1,c2);
-	mul_add_c(a[2],b[6],c3,c1,c2);
-	mul_add_c(a[1],b[7],c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	mul_add_c(a[2],b[7],c1,c2,c3);
-	mul_add_c(a[3],b[6],c1,c2,c3);
-	mul_add_c(a[4],b[5],c1,c2,c3);
-	mul_add_c(a[5],b[4],c1,c2,c3);
-	mul_add_c(a[6],b[3],c1,c2,c3);
-	mul_add_c(a[7],b[2],c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	mul_add_c(a[7],b[3],c2,c3,c1);
-	mul_add_c(a[6],b[4],c2,c3,c1);
-	mul_add_c(a[5],b[5],c2,c3,c1);
-	mul_add_c(a[4],b[6],c2,c3,c1);
-	mul_add_c(a[3],b[7],c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	mul_add_c(a[4],b[7],c3,c1,c2);
-	mul_add_c(a[5],b[6],c3,c1,c2);
-	mul_add_c(a[6],b[5],c3,c1,c2);
-	mul_add_c(a[7],b[4],c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	mul_add_c(a[7],b[5],c1,c2,c3);
-	mul_add_c(a[6],b[6],c1,c2,c3);
-	mul_add_c(a[5],b[7],c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	mul_add_c(a[6],b[7],c2,c3,c1);
-	mul_add_c(a[7],b[6],c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	mul_add_c(a[7],b[7],c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	sqr_add_c2(a,4,0,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,5,0,c3,c1,c2);
-	sqr_add_c2(a,4,1,c3,c1,c2);
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	sqr_add_c2(a,4,2,c1,c2,c3);
-	sqr_add_c2(a,5,1,c1,c2,c3);
-	sqr_add_c2(a,6,0,c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	sqr_add_c2(a,7,0,c2,c3,c1);
-	sqr_add_c2(a,6,1,c2,c3,c1);
-	sqr_add_c2(a,5,2,c2,c3,c1);
-	sqr_add_c2(a,4,3,c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	sqr_add_c(a,4,c3,c1,c2);
-	sqr_add_c2(a,5,3,c3,c1,c2);
-	sqr_add_c2(a,6,2,c3,c1,c2);
-	sqr_add_c2(a,7,1,c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	sqr_add_c2(a,7,2,c1,c2,c3);
-	sqr_add_c2(a,6,3,c1,c2,c3);
-	sqr_add_c2(a,5,4,c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	sqr_add_c(a,5,c2,c3,c1);
-	sqr_add_c2(a,6,4,c2,c3,c1);
-	sqr_add_c2(a,7,3,c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	sqr_add_c2(a,7,4,c3,c1,c2);
-	sqr_add_c2(a,6,5,c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	sqr_add_c(a,6,c1,c2,c3);
-	sqr_add_c2(a,7,5,c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	sqr_add_c2(a,7,6,c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	sqr_add_c(a,7,c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-#else /* !BN_MUL_COMBA */
-
-/* hmm... is it faster just to do a multiply? */
-#undef bn_sqr_comba4
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-	{
-	BN_ULONG t[8];
-	bn_sqr_normal(r,a,4,t);
-	}
-
-#undef bn_sqr_comba8
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-	{
-	BN_ULONG t[16];
-	bn_sqr_normal(r,a,8,t);
-	}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	r[4]=bn_mul_words(    &(r[0]),a,4,b[0]);
-	r[5]=bn_mul_add_words(&(r[1]),a,4,b[1]);
-	r[6]=bn_mul_add_words(&(r[2]),a,4,b[2]);
-	r[7]=bn_mul_add_words(&(r[3]),a,4,b[3]);
-	}
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	r[ 8]=bn_mul_words(    &(r[0]),a,8,b[0]);
-	r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
-	r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
-	r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
-	r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
-	r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
-	r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
-	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
-	}
-
-#endif /* !BN_MUL_COMBA */
diff --git a/crypto/openssl/crypto/bn/bn_blind.c b/crypto/openssl/crypto/bn/bn_blind.c
deleted file mode 100644
index 2d287e6d1bb1..000000000000
--- a/crypto/openssl/crypto/bn/bn_blind.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/bn/bn_blind.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
-	{
-	BN_BLINDING *ret=NULL;
-
-	bn_check_top(Ai);
-	bn_check_top(mod);
-
-	if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL)
-		{
-		BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	memset(ret,0,sizeof(BN_BLINDING));
-	if ((ret->A=BN_new()) == NULL) goto err;
-	if ((ret->Ai=BN_new()) == NULL) goto err;
-	if (!BN_copy(ret->A,A)) goto err;
-	if (!BN_copy(ret->Ai,Ai)) goto err;
-	ret->mod=mod;
-	return(ret);
-err:
-	if (ret != NULL) BN_BLINDING_free(ret);
-	return(NULL);
-	}
-
-void BN_BLINDING_free(BN_BLINDING *r)
-	{
-	if(r == NULL)
-	    return;
-
-	if (r->A  != NULL) BN_free(r->A );
-	if (r->Ai != NULL) BN_free(r->Ai);
-	OPENSSL_free(r);
-	}
-
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
-	{
-	int ret=0;
-
-	if ((b->A == NULL) || (b->Ai == NULL))
-		{
-		BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
-		goto err;
-		}
-		
-	if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
-	if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
-
-	ret=1;
-err:
-	return(ret);
-	}
-
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-	{
-	bn_check_top(n);
-
-	if ((b->A == NULL) || (b->Ai == NULL))
-		{
-		BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
-		return(0);
-		}
-	return(BN_mod_mul(n,n,b->A,b->mod,ctx));
-	}
-
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-	{
-	int ret;
-
-	bn_check_top(n);
-	if ((b->A == NULL) || (b->Ai == NULL))
-		{
-		BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
-		return(0);
-		}
-	if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
-		{
-		if (!BN_BLINDING_update(b,ctx))
-			return(0);
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_comba.c b/crypto/openssl/crypto/bn/bn_comba.c
deleted file mode 100644
index 7ad09b4a6df9..000000000000
--- a/crypto/openssl/crypto/bn/bn_comba.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* crypto/bn/bn_comba.c */
-#include <stdio.h>
-#include "bn_lcl.h"
-/* Auto generated from crypto/bn/comba.pl
- */
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t=(BN_ULLONG)a*b; \
-	tt=(t+t)&BN_MASK; \
-	if (tt < t) c2++; \
-	t1=(BN_ULONG)Lw(tt); \
-	t2=(BN_ULONG)Hw(tt); \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	t=(BN_ULLONG)a[i]*a[i]; \
-	t1=(BN_ULONG)Lw(t); \
-	t2=(BN_ULONG)Hw(t); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#else
-#define mul_add_c(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
-	t1=LBITS(a); t2=HBITS(a); \
-	bl=LBITS(b); bh=HBITS(b); \
-	mul64(t1,t2,bl,bh); \
-	if (t2 & BN_TBIT) c2++; \
-	t2=(t2+t2)&BN_MASK2; \
-	if (t1 & BN_TBIT) t2++; \
-	t1=(t1+t1)&BN_MASK2; \
-	c0=(c0+t1)&BN_MASK2;  \
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
-	sqr64(t1,t2,(a)[i]); \
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif
-
-void bn_mul_comba88(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_mul_comba44(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_sqr_comba88(BN_ULONG *r,BN_ULONG *a);
-void bn_sqr_comba44(BN_ULONG *r,BN_ULONG *a);
-
-void bn_mul_comba88(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[4],b[0],c2,c3,c1);
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	mul_add_c(a[0],b[4],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[0],b[5],c3,c1,c2);
-	mul_add_c(a[1],b[4],c3,c1,c2);
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	mul_add_c(a[4],b[1],c3,c1,c2);
-	mul_add_c(a[5],b[0],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[6],b[0],c1,c2,c3);
-	mul_add_c(a[5],b[1],c1,c2,c3);
-	mul_add_c(a[4],b[2],c1,c2,c3);
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	mul_add_c(a[2],b[4],c1,c2,c3);
-	mul_add_c(a[1],b[5],c1,c2,c3);
-	mul_add_c(a[0],b[6],c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	mul_add_c(a[0],b[7],c2,c3,c1);
-	mul_add_c(a[1],b[6],c2,c3,c1);
-	mul_add_c(a[2],b[5],c2,c3,c1);
-	mul_add_c(a[3],b[4],c2,c3,c1);
-	mul_add_c(a[4],b[3],c2,c3,c1);
-	mul_add_c(a[5],b[2],c2,c3,c1);
-	mul_add_c(a[6],b[1],c2,c3,c1);
-	mul_add_c(a[7],b[0],c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	mul_add_c(a[7],b[1],c3,c1,c2);
-	mul_add_c(a[6],b[2],c3,c1,c2);
-	mul_add_c(a[5],b[3],c3,c1,c2);
-	mul_add_c(a[4],b[4],c3,c1,c2);
-	mul_add_c(a[3],b[5],c3,c1,c2);
-	mul_add_c(a[2],b[6],c3,c1,c2);
-	mul_add_c(a[1],b[7],c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	mul_add_c(a[2],b[7],c1,c2,c3);
-	mul_add_c(a[3],b[6],c1,c2,c3);
-	mul_add_c(a[4],b[5],c1,c2,c3);
-	mul_add_c(a[5],b[4],c1,c2,c3);
-	mul_add_c(a[6],b[3],c1,c2,c3);
-	mul_add_c(a[7],b[2],c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	mul_add_c(a[7],b[3],c2,c3,c1);
-	mul_add_c(a[6],b[4],c2,c3,c1);
-	mul_add_c(a[5],b[5],c2,c3,c1);
-	mul_add_c(a[4],b[6],c2,c3,c1);
-	mul_add_c(a[3],b[7],c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	mul_add_c(a[4],b[7],c3,c1,c2);
-	mul_add_c(a[5],b[6],c3,c1,c2);
-	mul_add_c(a[6],b[5],c3,c1,c2);
-	mul_add_c(a[7],b[4],c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	mul_add_c(a[7],b[5],c1,c2,c3);
-	mul_add_c(a[6],b[6],c1,c2,c3);
-	mul_add_c(a[5],b[7],c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	mul_add_c(a[6],b[7],c2,c3,c1);
-	mul_add_c(a[7],b[6],c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	mul_add_c(a[7],b[7],c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_mul_comba44(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-
-void bn_sqr_comba88(BN_ULONG *r, BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	sqr_add_c2(a,4,0,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,5,0,c3,c1,c2);
-	sqr_add_c2(a,4,1,c3,c1,c2);
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	sqr_add_c2(a,4,2,c1,c2,c3);
-	sqr_add_c2(a,5,1,c1,c2,c3);
-	sqr_add_c2(a,6,0,c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	sqr_add_c2(a,7,0,c2,c3,c1);
-	sqr_add_c2(a,6,1,c2,c3,c1);
-	sqr_add_c2(a,5,2,c2,c3,c1);
-	sqr_add_c2(a,4,3,c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	sqr_add_c(a,4,c3,c1,c2);
-	sqr_add_c2(a,5,3,c3,c1,c2);
-	sqr_add_c2(a,6,2,c3,c1,c2);
-	sqr_add_c2(a,7,1,c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	sqr_add_c2(a,7,2,c1,c2,c3);
-	sqr_add_c2(a,6,3,c1,c2,c3);
-	sqr_add_c2(a,5,4,c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	sqr_add_c(a,5,c2,c3,c1);
-	sqr_add_c2(a,6,4,c2,c3,c1);
-	sqr_add_c2(a,7,3,c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	sqr_add_c2(a,7,4,c3,c1,c2);
-	sqr_add_c2(a,6,5,c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	sqr_add_c(a,6,c1,c2,c3);
-	sqr_add_c2(a,7,5,c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	sqr_add_c2(a,7,6,c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	sqr_add_c(a,7,c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_sqr_comba44(BN_ULONG *r, BN_ULONG *a)
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
diff --git a/crypto/openssl/crypto/bn/bn_ctx.c b/crypto/openssl/crypto/bn/bn_ctx.c
deleted file mode 100644
index 7daf19eb8436..000000000000
--- a/crypto/openssl/crypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* crypto/bn/bn_ctx.c */
-/* Written by Ulf Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef BN_CTX_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-
-BN_CTX *BN_CTX_new(void)
-	{
-	BN_CTX *ret;
-
-	ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
-	if (ret == NULL)
-		{
-		BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-
-	BN_CTX_init(ret);
-	ret->flags=BN_FLG_MALLOCED;
-	return(ret);
-	}
-
-void BN_CTX_init(BN_CTX *ctx)
-	{
-#if 0 /* explicit version */
-	int i;
-	ctx->tos = 0;
-	ctx->flags = 0;
-	ctx->depth = 0;
-	ctx->too_many = 0;
-	for (i = 0; i < BN_CTX_NUM; i++)
-		BN_init(&(ctx->bn[i]));
-#else
-	memset(ctx, 0, sizeof *ctx);
-#endif
-	}
-
-void BN_CTX_free(BN_CTX *ctx)
-	{
-	int i;
-
-	if (ctx == NULL) return;
-	assert(ctx->depth == 0);
-
-	for (i=0; i < BN_CTX_NUM; i++)
-		BN_clear_free(&(ctx->bn[i]));
-	if (ctx->flags & BN_FLG_MALLOCED)
-		OPENSSL_free(ctx);
-	}
-
-void BN_CTX_start(BN_CTX *ctx)
-	{
-	if (ctx->depth < BN_CTX_NUM_POS)
-		ctx->pos[ctx->depth] = ctx->tos;
-	ctx->depth++;
-	}
-
-
-BIGNUM *BN_CTX_get(BN_CTX *ctx)
-	{
-	/* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically,
-	 * make sure that if BN_CTX_get fails once it will return NULL again
-	 * until BN_CTX_end is called.  (This is so that callers have to check
-	 * only the last return value.)
-	 */
-	if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
-		{
-		if (!ctx->too_many)
-			{
-			BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-			/* disable error code until BN_CTX_end is called: */
-			ctx->too_many = 1;
-			}
-		return NULL;
-		}
-	return (&(ctx->bn[ctx->tos++]));
-	}
-
-void BN_CTX_end(BN_CTX *ctx)
-	{
-	if (ctx == NULL) return;
-	assert(ctx->depth > 0);
-	if (ctx->depth == 0)
-		/* should never happen, but we can tolerate it if not in
-		 * debug mode (could be a 'goto err' in the calling function
-		 * before BN_CTX_start was reached) */
-		BN_CTX_start(ctx);
-
-	ctx->too_many = 0;
-	ctx->depth--;
-	if (ctx->depth < BN_CTX_NUM_POS)
-		ctx->tos = ctx->pos[ctx->depth];
-	}
diff --git a/crypto/openssl/crypto/bn/bn_div.c b/crypto/openssl/crypto/bn/bn_div.c
deleted file mode 100644
index 580d1201bc25..000000000000
--- a/crypto/openssl/crypto/bn/bn_div.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/bn/bn_div.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-
-/* The old slow way */
-#if 0
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-	   BN_CTX *ctx)
-	{
-	int i,nm,nd;
-	int ret = 0;
-	BIGNUM *D;
-
-	bn_check_top(m);
-	bn_check_top(d);
-	if (BN_is_zero(d))
-		{
-		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
-		return(0);
-		}
-
-	if (BN_ucmp(m,d) < 0)
-		{
-		if (rem != NULL)
-			{ if (BN_copy(rem,m) == NULL) return(0); }
-		if (dv != NULL) BN_zero(dv);
-		return(1);
-		}
-
-	BN_CTX_start(ctx);
-	D = BN_CTX_get(ctx);
-	if (dv == NULL) dv = BN_CTX_get(ctx);
-	if (rem == NULL) rem = BN_CTX_get(ctx);
-	if (D == NULL || dv == NULL || rem == NULL)
-		goto end;
-
-	nd=BN_num_bits(d);
-	nm=BN_num_bits(m);
-	if (BN_copy(D,d) == NULL) goto end;
-	if (BN_copy(rem,m) == NULL) goto end;
-
-	/* The next 2 are needed so we can do a dv->d[0]|=1 later
-	 * since BN_lshift1 will only work once there is a value :-) */
-	BN_zero(dv);
-	bn_wexpand(dv,1);
-	dv->top=1;
-
-	if (!BN_lshift(D,D,nm-nd)) goto end;
-	for (i=nm-nd; i>=0; i--)
-		{
-		if (!BN_lshift1(dv,dv)) goto end;
-		if (BN_ucmp(rem,D) >= 0)
-			{
-			dv->d[0]|=1;
-			if (!BN_usub(rem,rem,D)) goto end;
-			}
-/* CAN IMPROVE (and have now :=) */
-		if (!BN_rshift1(D,D)) goto end;
-		}
-	rem->neg=BN_is_zero(rem)?0:m->neg;
-	dv->neg=m->neg^d->neg;
-	ret = 1;
- end:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-#else
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) \
-    && !defined(PEDANTIC) && !defined(BN_DIV3W)
-# if defined(__GNUC__) && __GNUC__>=2
-#  if defined(__i386) || defined (__i386__)
-   /*
-    * There were two reasons for implementing this template:
-    * - GNU C generates a call to a function (__udivdi3 to be exact)
-    *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
-    *   understand why...);
-    * - divl doesn't only calculate quotient, but also leaves
-    *   remainder in %edx which we can definitely use here:-)
-    *
-    *					<appro@fy.chalmers.se>
-    */
-#  define bn_div_words(n0,n1,d0)		\
-	({  asm volatile (			\
-		"divl	%4"			\
-		: "=a"(q), "=d"(rem)		\
-		: "a"(n1), "d"(n0), "g"(d0)	\
-		: "cc");			\
-	    q;					\
-	})
-#  define REMAINDER_IS_ALREADY_CALCULATED
-#  elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
-   /*
-    * Same story here, but it's 128-bit by 64-bit division. Wow!
-    *					<appro@fy.chalmers.se>
-    */
-#  define bn_div_words(n0,n1,d0)		\
-	({  asm volatile (			\
-		"divq	%4"			\
-		: "=a"(q), "=d"(rem)		\
-		: "a"(n1), "d"(n0), "g"(d0)	\
-		: "cc");			\
-	    q;					\
-	})
-#  define REMAINDER_IS_ALREADY_CALCULATED
-#  endif /* __<cpu> */
-# endif /* __GNUC__ */
-#endif /* OPENSSL_NO_ASM */
-
-
-/* BN_div computes  dv := num / divisor,  rounding towards zero, and sets up
- * rm  such that  dv*divisor + rm = num  holds.
- * Thus:
- *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
- *     rm->neg == num->neg                 (unless the remainder is zero)
- * If 'dv' or 'rm' is NULL, the respective value is not returned.
- */
-int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
-	   BN_CTX *ctx)
-	{
-	int norm_shift,i,j,loop;
-	BIGNUM *tmp,wnum,*snum,*sdiv,*res;
-	BN_ULONG *resp,*wnump;
-	BN_ULONG d0,d1;
-	int num_n,div_n;
-
-	bn_check_top(num);
-	bn_check_top(divisor);
-
-	if (BN_is_zero(divisor))
-		{
-		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
-		return(0);
-		}
-
-	if (BN_ucmp(num,divisor) < 0)
-		{
-		if (rm != NULL)
-			{ if (BN_copy(rm,num) == NULL) return(0); }
-		if (dv != NULL) BN_zero(dv);
-		return(1);
-		}
-
-	BN_CTX_start(ctx);
-	tmp=BN_CTX_get(ctx);
-	snum=BN_CTX_get(ctx);
-	sdiv=BN_CTX_get(ctx);
-	if (dv == NULL)
-		res=BN_CTX_get(ctx);
-	else	res=dv;
-	if (sdiv == NULL || res == NULL) goto err;
-	tmp->neg=0;
-
-	/* First we normalise the numbers */
-	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
-	if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
-	sdiv->neg=0;
-	norm_shift+=BN_BITS2;
-	if (!(BN_lshift(snum,num,norm_shift))) goto err;
-	snum->neg=0;
-	div_n=sdiv->top;
-	num_n=snum->top;
-	loop=num_n-div_n;
-
-	/* Lets setup a 'window' into snum
-	 * This is the part that corresponds to the current
-	 * 'area' being divided */
-	BN_init(&wnum);
-	wnum.d=	 &(snum->d[loop]);
-	wnum.top= div_n;
-	wnum.dmax= snum->dmax+1; /* a bit of a lie */
-
-	/* Get the top 2 words of sdiv */
-	/* i=sdiv->top; */
-	d0=sdiv->d[div_n-1];
-	d1=(div_n == 1)?0:sdiv->d[div_n-2];
-
-	/* pointer to the 'top' of snum */
-	wnump= &(snum->d[num_n-1]);
-
-	/* Setup to 'res' */
-	res->neg= (num->neg^divisor->neg);
-	if (!bn_wexpand(res,(loop+1))) goto err;
-	res->top=loop;
-	resp= &(res->d[loop-1]);
-
-	/* space for temp */
-	if (!bn_wexpand(tmp,(div_n+1))) goto err;
-
-	if (BN_ucmp(&wnum,sdiv) >= 0)
-		{
-		if (!BN_usub(&wnum,&wnum,sdiv)) goto err;
-		*resp=1;
-		res->d[res->top-1]=1;
-		}
-	else
-		res->top--;
-	if (res->top == 0)
-		res->neg = 0;
-	resp--;
-
-	for (i=0; i<loop-1; i++)
-		{
-		BN_ULONG q,l0;
-#if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
-		BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
-		q=bn_div_3_words(wnump,d1,d0);
-#else
-		BN_ULONG n0,n1,rem=0;
-
-		n0=wnump[0];
-		n1=wnump[-1];
-		if (n0 == d0)
-			q=BN_MASK2;
-		else 			/* n0 < d0 */
-			{
-#ifdef BN_LLONG
-			BN_ULLONG t2;
-
-#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
-			q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
-#else
-			q=bn_div_words(n0,n1,d0);
-#ifdef BN_DEBUG_LEVITTE
-			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n",
-				n0, n1, d0, q);
-#endif
-#endif
-
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
-			/*
-			 * rem doesn't have to be BN_ULLONG. The least we
-			 * know it's less that d0, isn't it?
-			 */
-			rem=(n1-q*d0)&BN_MASK2;
-#endif
-			t2=(BN_ULLONG)d1*q;
-
-			for (;;)
-				{
-				if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
-					break;
-				q--;
-				rem += d0;
-				if (rem < d0) break; /* don't let rem overflow */
-				t2 -= d1;
-				}
-#else /* !BN_LLONG */
-			BN_ULONG t2l,t2h,ql,qh;
-
-			q=bn_div_words(n0,n1,d0);
-#ifdef BN_DEBUG_LEVITTE
-			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n",
-				n0, n1, d0, q);
-#endif
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
-			rem=(n1-q*d0)&BN_MASK2;
-#endif
-
-#if defined(BN_UMULT_LOHI)
-			BN_UMULT_LOHI(t2l,t2h,d1,q);
-#elif defined(BN_UMULT_HIGH)
-			t2l = d1 * q;
-			t2h = BN_UMULT_HIGH(d1,q);
-#else
-			t2l=LBITS(d1); t2h=HBITS(d1);
-			ql =LBITS(q);  qh =HBITS(q);
-			mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
-#endif
-
-			for (;;)
-				{
-				if ((t2h < rem) ||
-					((t2h == rem) && (t2l <= wnump[-2])))
-					break;
-				q--;
-				rem += d0;
-				if (rem < d0) break; /* don't let rem overflow */
-				if (t2l < d1) t2h--; t2l -= d1;
-				}
-#endif /* !BN_LLONG */
-			}
-#endif /* !BN_DIV3W */
-
-		l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
-		wnum.d--; wnum.top++;
-		tmp->d[div_n]=l0;
-		for (j=div_n+1; j>0; j--)
-			if (tmp->d[j-1]) break;
-		tmp->top=j;
-
-		j=wnum.top;
-		if (!BN_sub(&wnum,&wnum,tmp)) goto err;
-
-		snum->top=snum->top+wnum.top-j;
-
-		if (wnum.neg)
-			{
-			q--;
-			j=wnum.top;
-			if (!BN_add(&wnum,&wnum,sdiv)) goto err;
-			snum->top+=wnum.top-j;
-			}
-		*(resp--)=q;
-		wnump--;
-		}
-	if (rm != NULL)
-		{
-		/* Keep a copy of the neg flag in num because if rm==num
-		 * BN_rshift() will overwrite it.
-		 */
-		int neg = num->neg;
-		BN_rshift(rm,snum,norm_shift);
-		if (!BN_is_zero(rm))
-			rm->neg = neg;
-		}
-	BN_CTX_end(ctx);
-	return(1);
-err:
-	BN_CTX_end(ctx);
-	return(0);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/bn/bn_err.c b/crypto/openssl/crypto/bn/bn_err.c
deleted file mode 100644
index fb84ee96d8d2..000000000000
--- a/crypto/openssl/crypto/bn/bn_err.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/bn/bn_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA BN_str_functs[]=
-	{
-{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0),	"BN_BLINDING_convert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0),	"BN_BLINDING_invert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0),	"BN_BLINDING_new"},
-{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0),	"BN_BLINDING_update"},
-{ERR_PACK(0,BN_F_BN_BN2DEC,0),	"BN_bn2dec"},
-{ERR_PACK(0,BN_F_BN_BN2HEX,0),	"BN_bn2hex"},
-{ERR_PACK(0,BN_F_BN_CTX_GET,0),	"BN_CTX_get"},
-{ERR_PACK(0,BN_F_BN_CTX_NEW,0),	"BN_CTX_new"},
-{ERR_PACK(0,BN_F_BN_DIV,0),	"BN_div"},
-{ERR_PACK(0,BN_F_BN_EXPAND2,0),	"bn_expand2"},
-{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0),	"BN_EXPAND_INTERNAL"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0),	"BN_mod_exp2_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0),	"BN_mod_exp_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0),	"BN_mod_exp_mont_word"},
-{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0),	"BN_mod_inverse"},
-{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0),	"BN_mod_lshift_quick"},
-{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0),	"BN_mod_mul_reciprocal"},
-{ERR_PACK(0,BN_F_BN_MOD_SQRT,0),	"BN_mod_sqrt"},
-{ERR_PACK(0,BN_F_BN_MPI2BN,0),	"BN_mpi2bn"},
-{ERR_PACK(0,BN_F_BN_NEW,0),	"BN_new"},
-{ERR_PACK(0,BN_F_BN_RAND,0),	"BN_rand"},
-{ERR_PACK(0,BN_F_BN_RAND_RANGE,0),	"BN_rand_range"},
-{ERR_PACK(0,BN_F_BN_USUB,0),	"BN_usub"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA BN_str_reasons[]=
-	{
-{BN_R_ARG2_LT_ARG3                       ,"arg2 lt arg3"},
-{BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
-{BN_R_BIGNUM_TOO_LONG                    ,"bignum too long"},
-{BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
-{BN_R_DIV_BY_ZERO                        ,"div by zero"},
-{BN_R_ENCODING_ERROR                     ,"encoding error"},
-{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA       ,"expand on static bignum data"},
-{BN_R_INPUT_NOT_REDUCED                  ,"input not reduced"},
-{BN_R_INVALID_LENGTH                     ,"invalid length"},
-{BN_R_INVALID_RANGE                      ,"invalid range"},
-{BN_R_NOT_A_SQUARE                       ,"not a square"},
-{BN_R_NOT_INITIALIZED                    ,"not initialized"},
-{BN_R_NO_INVERSE                         ,"no inverse"},
-{BN_R_P_IS_NOT_PRIME                     ,"p is not prime"},
-{BN_R_TOO_MANY_ITERATIONS                ,"too many iterations"},
-{BN_R_TOO_MANY_TEMPORARY_VARIABLES       ,"too many temporary variables"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_BN_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BN,BN_str_functs);
-		ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/bn/bn_exp.c b/crypto/openssl/crypto/bn/bn_exp.c
deleted file mode 100644
index afdfd580fb43..000000000000
--- a/crypto/openssl/crypto/bn/bn_exp.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define TABLE_SIZE	32
-
-/* this one works - simple but works */
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-	{
-	int i,bits,ret=0;
-	BIGNUM *v,*rr;
-
-	BN_CTX_start(ctx);
-	if ((r == a) || (r == p))
-		rr = BN_CTX_get(ctx);
-	else
-		rr = r;
-	if ((v = BN_CTX_get(ctx)) == NULL) goto err;
-
-	if (BN_copy(v,a) == NULL) goto err;
-	bits=BN_num_bits(p);
-
-	if (BN_is_odd(p))
-		{ if (BN_copy(rr,a) == NULL) goto err; }
-	else	{ if (!BN_one(rr)) goto err; }
-
-	for (i=1; i<bits; i++)
-		{
-		if (!BN_sqr(v,v,ctx)) goto err;
-		if (BN_is_bit_set(p,i))
-			{
-			if (!BN_mul(rr,rr,v,ctx)) goto err;
-			}
-		}
-	ret=1;
-err:
-	if (r != rr) BN_copy(r,rr);
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-	       BN_CTX *ctx)
-	{
-	int ret;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	bn_check_top(m);
-
-	/* For even modulus  m = 2^k*m_odd,  it might make sense to compute
-	 * a^p mod m_odd  and  a^p mod 2^k  separately (with Montgomery
-	 * exponentiation for the odd part), using appropriate exponent
-	 * reductions, and combine the results using the CRT.
-	 *
-	 * For now, we use Montgomery only if the modulus is odd; otherwise,
-	 * exponentiation using the reciprocal-based quick remaindering
-	 * algorithm is used.
-	 *
-	 * (Timing obtained with expspeed.c [computations  a^p mod m
-	 * where  a, p, m  are of the same length: 256, 512, 1024, 2048,
-	 * 4096, 8192 bits], compared to the running time of the
-	 * standard algorithm:
-	 *
-	 *   BN_mod_exp_mont   33 .. 40 %  [AMD K6-2, Linux, debug configuration]
-         *                     55 .. 77 %  [UltraSparc processor, but
-	 *                                  debug-solaris-sparcv8-gcc conf.]
-	 * 
-	 *   BN_mod_exp_recp   50 .. 70 %  [AMD K6-2, Linux, debug configuration]
-	 *                     62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
-	 *
-	 * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
-	 * at 2048 and more bits, but at 512 and 1024 bits, it was
-	 * slower even than the standard algorithm!
-	 *
-	 * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
-	 * should be obtained when the new Montgomery reduction code
-	 * has been integrated into OpenSSL.)
-	 */
-
-#define MONT_MUL_MOD
-#define MONT_EXP_WORD
-#define RECP_MUL_MOD
-
-#ifdef MONT_MUL_MOD
-	/* I have finally been able to take out this pre-condition of
-	 * the top bit being set.  It was caused by an error in BN_div
-	 * with negatives.  There was also another problem when for a^b%m
-	 * a >= m.  eay 07-May-97 */
-/*	if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
-
-	if (BN_is_odd(m))
-		{
-#  ifdef MONT_EXP_WORD
-		if (a->top == 1 && !a->neg)
-			{
-			BN_ULONG A = a->d[0];
-			ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
-			}
-		else
-#  endif
-			ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL);
-		}
-	else
-#endif
-#ifdef RECP_MUL_MOD
-		{ ret=BN_mod_exp_recp(r,a,p,m,ctx); }
-#else
-		{ ret=BN_mod_exp_simple(r,a,p,m,ctx); }
-#endif
-
-	return(ret);
-	}
-
-
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		    const BIGNUM *m, BN_CTX *ctx)
-	{
-	int i,j,bits,ret=0,wstart,wend,window,wvalue;
-	int start=1,ts=0;
-	BIGNUM *aa;
-	BIGNUM val[TABLE_SIZE];
-	BN_RECP_CTX recp;
-
-	bits=BN_num_bits(p);
-
-	if (bits == 0)
-		{
-		ret = BN_one(r);
-		return ret;
-		}
-
-	BN_CTX_start(ctx);
-	if ((aa = BN_CTX_get(ctx)) == NULL) goto err;
-
-	BN_RECP_CTX_init(&recp);
-	if (m->neg)
-		{
-		/* ignore sign of 'm' */
-		if (!BN_copy(aa, m)) goto err;
-		aa->neg = 0;
-		if (BN_RECP_CTX_set(&recp,aa,ctx) <= 0) goto err;
-		}
-	else
-		{
-		if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err;
-		}
-
-	BN_init(&(val[0]));
-	ts=1;
-
-	if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err;		/* 1 */
-	if (BN_is_zero(&(val[0])))
-		{
-		ret = BN_zero(r);
-		goto err;
-		}
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1)
-		{
-		if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx))
-			goto err;				/* 2 */
-		j=1<<(window-1);
-		for (i=1; i<j; i++)
-			{
-			BN_init(&val[i]);
-			if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx))
-				goto err;
-			}
-		ts=i;
-		}
-		
-	start=1;	/* This is used to avoid multiplication etc
-			 * when there is only the value '1' in the
-			 * buffer. */
-	wvalue=0;	/* The 'value' of the window */
-	wstart=bits-1;	/* The top bit of the window */
-	wend=0;		/* The bottom bit of the window */
-
-	if (!BN_one(r)) goto err;
-
-	for (;;)
-		{
-		if (BN_is_bit_set(p,wstart) == 0)
-			{
-			if (!start)
-				if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
-				goto err;
-			if (wstart == 0) break;
-			wstart--;
-			continue;
-			}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j=wstart;
-		wvalue=1;
-		wend=0;
-		for (i=1; i<window; i++)
-			{
-			if (wstart-i < 0) break;
-			if (BN_is_bit_set(p,wstart-i))
-				{
-				wvalue<<=(i-wend);
-				wvalue|=1;
-				wend=i;
-				}
-			}
-
-		/* wend is the size of the current window */
-		j=wend+1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i=0; i<j; i++)
-				{
-				if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
-					goto err;
-				}
-		
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart-=wend+1;
-		wvalue=0;
-		start=0;
-		if (wstart < 0) break;
-		}
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	for (i=0; i<ts; i++)
-		BN_clear_free(&(val[i]));
-	BN_RECP_CTX_free(&recp);
-	return(ret);
-	}
-
-
-int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-		    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	int i,j,bits,ret=0,wstart,wend,window,wvalue;
-	int start=1,ts=0;
-	BIGNUM *d,*r;
-	const BIGNUM *aa;
-	BIGNUM val[TABLE_SIZE];
-	BN_MONT_CTX *mont=NULL;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	bn_check_top(m);
-
-	if (!(m->d[0] & 1))
-		{
-		BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
-		return(0);
-		}
-	bits=BN_num_bits(p);
-	if (bits == 0)
-		{
-		ret = BN_one(rr);
-		return ret;
-		}
-
-	BN_CTX_start(ctx);
-	d = BN_CTX_get(ctx);
-	r = BN_CTX_get(ctx);
-	if (d == NULL || r == NULL) goto err;
-
-	/* If this is not done, things will break in the montgomery
-	 * part */
-
-	if (in_mont != NULL)
-		mont=in_mont;
-	else
-		{
-		if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-		if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
-		}
-
-	BN_init(&val[0]);
-	ts=1;
-	if (a->neg || BN_ucmp(a,m) >= 0)
-		{
-		if (!BN_nnmod(&(val[0]),a,m,ctx))
-			goto err;
-		aa= &(val[0]);
-		}
-	else
-		aa=a;
-	if (BN_is_zero(aa))
-		{
-		ret = BN_zero(rr);
-		goto err;
-		}
-	if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1)
-		{
-		if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */
-		j=1<<(window-1);
-		for (i=1; i<j; i++)
-			{
-			BN_init(&(val[i]));
-			if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx))
-				goto err;
-			}
-		ts=i;
-		}
-
-	start=1;	/* This is used to avoid multiplication etc
-			 * when there is only the value '1' in the
-			 * buffer. */
-	wvalue=0;	/* The 'value' of the window */
-	wstart=bits-1;	/* The top bit of the window */
-	wend=0;		/* The bottom bit of the window */
-
-	if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
-	for (;;)
-		{
-		if (BN_is_bit_set(p,wstart) == 0)
-			{
-			if (!start)
-				{
-				if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
-				goto err;
-				}
-			if (wstart == 0) break;
-			wstart--;
-			continue;
-			}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j=wstart;
-		wvalue=1;
-		wend=0;
-		for (i=1; i<window; i++)
-			{
-			if (wstart-i < 0) break;
-			if (BN_is_bit_set(p,wstart-i))
-				{
-				wvalue<<=(i-wend);
-				wvalue|=1;
-				wend=i;
-				}
-			}
-
-		/* wend is the size of the current window */
-		j=wend+1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i=0; i<j; i++)
-				{
-				if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
-					goto err;
-				}
-		
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart-=wend+1;
-		wvalue=0;
-		start=0;
-		if (wstart < 0) break;
-		}
-	if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
-	ret=1;
-err:
-	if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	for (i=0; i<ts; i++)
-		BN_clear_free(&(val[i]));
-	return(ret);
-	}
-
-int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BN_MONT_CTX *mont = NULL;
-	int b, bits, ret=0;
-	int r_is_one;
-	BN_ULONG w, next_w;
-	BIGNUM *d, *r, *t;
-	BIGNUM *swap_tmp;
-#define BN_MOD_MUL_WORD(r, w, m) \
-		(BN_mul_word(r, (w)) && \
-		(/* BN_ucmp(r, (m)) < 0 ? 1 :*/  \
-			(BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
-		/* BN_MOD_MUL_WORD is only used with 'w' large,
-		 * so the BN_ucmp test is probably more overhead
-		 * than always using BN_mod (which uses BN_copy if
-		 * a similar test returns true). */
-		/* We can use BN_mod and do not need BN_nnmod because our
-		 * accumulator is never negative (the result of BN_mod does
-		 * not depend on the sign of the modulus).
-		 */
-#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
-		(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-
-	bn_check_top(p);
-	bn_check_top(m);
-
-	if (m->top == 0 || !(m->d[0] & 1))
-		{
-		BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS);
-		return(0);
-		}
-	if (m->top == 1)
-		a %= m->d[0]; /* make sure that 'a' is reduced */
-
-	bits = BN_num_bits(p);
-	if (bits == 0)
-		{
-		ret = BN_one(rr);
-		return ret;
-		}
-	if (a == 0)
-		{
-		ret = BN_zero(rr);
-		return ret;
-		}
-
-	BN_CTX_start(ctx);
-	d = BN_CTX_get(ctx);
-	r = BN_CTX_get(ctx);
-	t = BN_CTX_get(ctx);
-	if (d == NULL || r == NULL || t == NULL) goto err;
-
-	if (in_mont != NULL)
-		mont=in_mont;
-	else
-		{
-		if ((mont = BN_MONT_CTX_new()) == NULL) goto err;
-		if (!BN_MONT_CTX_set(mont, m, ctx)) goto err;
-		}
-
-	r_is_one = 1; /* except for Montgomery factor */
-
-	/* bits-1 >= 0 */
-
-	/* The result is accumulated in the product r*w. */
-	w = a; /* bit 'bits-1' of 'p' is always set */
-	for (b = bits-2; b >= 0; b--)
-		{
-		/* First, square r*w. */
-		next_w = w*w;
-		if ((next_w/w) != w) /* overflow */
-			{
-			if (r_is_one)
-				{
-				if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
-				r_is_one = 0;
-				}
-			else
-				{
-				if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
-				}
-			next_w = 1;
-			}
-		w = next_w;
-		if (!r_is_one)
-			{
-			if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) goto err;
-			}
-
-		/* Second, multiply r*w by 'a' if exponent bit is set. */
-		if (BN_is_bit_set(p, b))
-			{
-			next_w = w*a;
-			if ((next_w/a) != w) /* overflow */
-				{
-				if (r_is_one)
-					{
-					if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
-					r_is_one = 0;
-					}
-				else
-					{
-					if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
-					}
-				next_w = a;
-				}
-			w = next_w;
-			}
-		}
-
-	/* Finally, set r:=r*w. */
-	if (w != 1)
-		{
-		if (r_is_one)
-			{
-			if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
-			r_is_one = 0;
-			}
-		else
-			{
-			if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
-			}
-		}
-
-	if (r_is_one) /* can happen only if a == 1*/
-		{
-		if (!BN_one(rr)) goto err;
-		}
-	else
-		{
-		if (!BN_from_montgomery(rr, r, mont, ctx)) goto err;
-		}
-	ret = 1;
-err:
-	if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-
-/* The old fallback, simple version :-) */
-int BN_mod_exp_simple(BIGNUM *r,
-	const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-	BN_CTX *ctx)
-	{
-	int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0;
-	int start=1;
-	BIGNUM *d;
-	BIGNUM val[TABLE_SIZE];
-
-	bits=BN_num_bits(p);
-
-	if (bits == 0)
-		{
-		ret = BN_one(r);
-		return ret;
-		}
-
-	BN_CTX_start(ctx);
-	if ((d = BN_CTX_get(ctx)) == NULL) goto err;
-
-	BN_init(&(val[0]));
-	ts=1;
-	if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err;		/* 1 */
-	if (BN_is_zero(&(val[0])))
-		{
-		ret = BN_zero(r);
-		goto err;
-		}
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1)
-		{
-		if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx))
-			goto err;				/* 2 */
-		j=1<<(window-1);
-		for (i=1; i<j; i++)
-			{
-			BN_init(&(val[i]));
-			if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx))
-				goto err;
-			}
-		ts=i;
-		}
-
-	start=1;	/* This is used to avoid multiplication etc
-			 * when there is only the value '1' in the
-			 * buffer. */
-	wvalue=0;	/* The 'value' of the window */
-	wstart=bits-1;	/* The top bit of the window */
-	wend=0;		/* The bottom bit of the window */
-
-	if (!BN_one(r)) goto err;
-
-	for (;;)
-		{
-		if (BN_is_bit_set(p,wstart) == 0)
-			{
-			if (!start)
-				if (!BN_mod_mul(r,r,r,m,ctx))
-				goto err;
-			if (wstart == 0) break;
-			wstart--;
-			continue;
-			}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j=wstart;
-		wvalue=1;
-		wend=0;
-		for (i=1; i<window; i++)
-			{
-			if (wstart-i < 0) break;
-			if (BN_is_bit_set(p,wstart-i))
-				{
-				wvalue<<=(i-wend);
-				wvalue|=1;
-				wend=i;
-				}
-			}
-
-		/* wend is the size of the current window */
-		j=wend+1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i=0; i<j; i++)
-				{
-				if (!BN_mod_mul(r,r,r,m,ctx))
-					goto err;
-				}
-		
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart-=wend+1;
-		wvalue=0;
-		start=0;
-		if (wstart < 0) break;
-		}
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	for (i=0; i<ts; i++)
-		BN_clear_free(&(val[i]));
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_exp2.c b/crypto/openssl/crypto/bn/bn_exp2.c
deleted file mode 100644
index 73ccd58a83aa..000000000000
--- a/crypto/openssl/crypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* crypto/bn/bn_exp2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define TABLE_SIZE	32
-
-int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
-	const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
-	BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2;
-	int r_is_one=1,ts1=0,ts2=0;
-	BIGNUM *d,*r;
-	const BIGNUM *a_mod_m;
-	BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE];
-	BN_MONT_CTX *mont=NULL;
-
-	bn_check_top(a1);
-	bn_check_top(p1);
-	bn_check_top(a2);
-	bn_check_top(p2);
-	bn_check_top(m);
-
-	if (!(m->d[0] & 1))
-		{
-		BNerr(BN_F_BN_MOD_EXP2_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
-		return(0);
-		}
-	bits1=BN_num_bits(p1);
-	bits2=BN_num_bits(p2);
-	if ((bits1 == 0) && (bits2 == 0))
-		{
-		ret = BN_one(rr);
-		return ret;
-		}
-	
-	bits=(bits1 > bits2)?bits1:bits2;
-
-	BN_CTX_start(ctx);
-	d = BN_CTX_get(ctx);
-	r = BN_CTX_get(ctx);
-	if (d == NULL || r == NULL) goto err;
-
-	if (in_mont != NULL)
-		mont=in_mont;
-	else
-		{
-		if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-		if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
-		}
-
-	window1 = BN_window_bits_for_exponent_size(bits1);
-	window2 = BN_window_bits_for_exponent_size(bits2);
-
-	/*
-	 * Build table for a1:   val1[i] := a1^(2*i + 1) mod m  for i = 0 .. 2^(window1-1)
-	 */
-	BN_init(&val1[0]);
-	ts1=1;
-	if (a1->neg || BN_ucmp(a1,m) >= 0)
-		{
-		if (!BN_mod(&(val1[0]),a1,m,ctx))
-			goto err;
-		a_mod_m = &(val1[0]);
-		}
-	else
-		a_mod_m = a1;
-	if (BN_is_zero(a_mod_m))
-		{
-		ret = BN_zero(rr);
-		goto err;
-		}
-
-	if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err;
-	if (window1 > 1)
-		{
-		if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err;
-
-		j=1<<(window1-1);
-		for (i=1; i<j; i++)
-			{
-			BN_init(&(val1[i]));
-			if (!BN_mod_mul_montgomery(&(val1[i]),&(val1[i-1]),d,mont,ctx))
-				goto err;
-			}
-		ts1=i;
-		}
-
-
-	/*
-	 * Build table for a2:   val2[i] := a2^(2*i + 1) mod m  for i = 0 .. 2^(window2-1)
-	 */
-	BN_init(&val2[0]);
-	ts2=1;
-	if (a2->neg || BN_ucmp(a2,m) >= 0)
-		{
-		if (!BN_mod(&(val2[0]),a2,m,ctx))
-			goto err;
-		a_mod_m = &(val2[0]);
-		}
-	else
-		a_mod_m = a2;
-	if (BN_is_zero(a_mod_m))
-		{
-		ret = BN_zero(rr);
-		goto err;
-		}
-	if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err;
-	if (window2 > 1)
-		{
-		if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err;
-
-		j=1<<(window2-1);
-		for (i=1; i<j; i++)
-			{
-			BN_init(&(val2[i]));
-			if (!BN_mod_mul_montgomery(&(val2[i]),&(val2[i-1]),d,mont,ctx))
-				goto err;
-			}
-		ts2=i;
-		}
-
-
-	/* Now compute the power product, using independent windows. */
-	r_is_one=1;
-	wvalue1=0;  /* The 'value' of the first window */
-	wvalue2=0;  /* The 'value' of the second window */
-	wpos1=0;    /* If wvalue1 > 0, the bottom bit of the first window */
-	wpos2=0;    /* If wvalue2 > 0, the bottom bit of the second window */
-
-	if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
-	for (b=bits-1; b>=0; b--)
-		{
-		if (!r_is_one)
-			{
-			if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
-				goto err;
-			}
-		
-		if (!wvalue1)
-			if (BN_is_bit_set(p1, b))
-				{
-				/* consider bits b-window1+1 .. b for this window */
-				i = b-window1+1;
-				while (!BN_is_bit_set(p1, i)) /* works for i<0 */
-					i++;
-				wpos1 = i;
-				wvalue1 = 1;
-				for (i = b-1; i >= wpos1; i--)
-					{
-					wvalue1 <<= 1;
-					if (BN_is_bit_set(p1, i))
-						wvalue1++;
-					}
-				}
-		
-		if (!wvalue2)
-			if (BN_is_bit_set(p2, b))
-				{
-				/* consider bits b-window2+1 .. b for this window */
-				i = b-window2+1;
-				while (!BN_is_bit_set(p2, i))
-					i++;
-				wpos2 = i;
-				wvalue2 = 1;
-				for (i = b-1; i >= wpos2; i--)
-					{
-					wvalue2 <<= 1;
-					if (BN_is_bit_set(p2, i))
-						wvalue2++;
-					}
-				}
-
-		if (wvalue1 && b == wpos1)
-			{
-			/* wvalue1 is odd and < 2^window1 */
-			if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx))
-				goto err;
-			wvalue1 = 0;
-			r_is_one = 0;
-			}
-		
-		if (wvalue2 && b == wpos2)
-			{
-			/* wvalue2 is odd and < 2^window2 */
-			if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx))
-				goto err;
-			wvalue2 = 0;
-			r_is_one = 0;
-			}
-		}
-	BN_from_montgomery(rr,r,mont,ctx);
-	ret=1;
-err:
-	if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	for (i=0; i<ts1; i++)
-		BN_clear_free(&(val1[i]));
-	for (i=0; i<ts2; i++)
-		BN_clear_free(&(val2[i]));
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_gcd.c b/crypto/openssl/crypto/bn/bn_gcd.c
deleted file mode 100644
index 7649f63fd22a..000000000000
--- a/crypto/openssl/crypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,490 +0,0 @@
-/* crypto/bn/bn_gcd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
-
-int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*t;
-	int ret=0;
-
-	bn_check_top(in_a);
-	bn_check_top(in_b);
-
-	BN_CTX_start(ctx);
-	a = BN_CTX_get(ctx);
-	b = BN_CTX_get(ctx);
-	if (a == NULL || b == NULL) goto err;
-
-	if (BN_copy(a,in_a) == NULL) goto err;
-	if (BN_copy(b,in_b) == NULL) goto err;
-	a->neg = 0;
-	b->neg = 0;
-
-	if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
-	t=euclid(a,b);
-	if (t == NULL) goto err;
-
-	if (BN_copy(r,t) == NULL) goto err;
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
-	{
-	BIGNUM *t;
-	int shifts=0;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/* 0 <= b <= a */
-	while (!BN_is_zero(b))
-		{
-		/* 0 < b <= a */
-
-		if (BN_is_odd(a))
-			{
-			if (BN_is_odd(b))
-				{
-				if (!BN_sub(a,a,b)) goto err;
-				if (!BN_rshift1(a,a)) goto err;
-				if (BN_cmp(a,b) < 0)
-					{ t=a; a=b; b=t; }
-				}
-			else		/* a odd - b even */
-				{
-				if (!BN_rshift1(b,b)) goto err;
-				if (BN_cmp(a,b) < 0)
-					{ t=a; a=b; b=t; }
-				}
-			}
-		else			/* a is even */
-			{
-			if (BN_is_odd(b))
-				{
-				if (!BN_rshift1(a,a)) goto err;
-				if (BN_cmp(a,b) < 0)
-					{ t=a; a=b; b=t; }
-				}
-			else		/* a even - b even */
-				{
-				if (!BN_rshift1(a,a)) goto err;
-				if (!BN_rshift1(b,b)) goto err;
-				shifts++;
-				}
-			}
-		/* 0 <= b <= a */
-		}
-
-	if (shifts)
-		{
-		if (!BN_lshift(a,a,shifts)) goto err;
-		}
-	return(a);
-err:
-	return(NULL);
-	}
-
-
-/* solves ax == 1 (mod n) */
-BIGNUM *BN_mod_inverse(BIGNUM *in,
-	const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
-	{
-	BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL;
-	BIGNUM *ret=NULL;
-	int sign;
-
-	bn_check_top(a);
-	bn_check_top(n);
-
-	BN_CTX_start(ctx);
-	A = BN_CTX_get(ctx);
-	B = BN_CTX_get(ctx);
-	X = BN_CTX_get(ctx);
-	D = BN_CTX_get(ctx);
-	M = BN_CTX_get(ctx);
-	Y = BN_CTX_get(ctx);
-	T = BN_CTX_get(ctx);
-	if (T == NULL) goto err;
-
-	if (in == NULL)
-		R=BN_new();
-	else
-		R=in;
-	if (R == NULL) goto err;
-
-	BN_one(X);
-	BN_zero(Y);
-	if (BN_copy(B,a) == NULL) goto err;
-	if (BN_copy(A,n) == NULL) goto err;
-	A->neg = 0;
-	if (B->neg || (BN_ucmp(B, A) >= 0))
-		{
-		if (!BN_nnmod(B, B, A, ctx)) goto err;
-		}
-	sign = -1;
-	/* From  B = a mod |n|,  A = |n|  it follows that
-	 *
-	 *      0 <= B < A,
-	 *     -sign*X*a  ==  B   (mod |n|),
-	 *      sign*Y*a  ==  A   (mod |n|).
-	 */
-
-	if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048)))
-		{
-		/* Binary inversion algorithm; requires odd modulus.
-		 * This is faster than the general algorithm if the modulus
-		 * is sufficiently small (about 400 .. 500 bits on 32-bit
-		 * sytems, but much more on 64-bit systems) */
-		int shift;
-		
-		while (!BN_is_zero(B))
-			{
-			/*
-			 *      0 < B < |n|,
-			 *      0 < A <= |n|,
-			 * (1) -sign*X*a  ==  B   (mod |n|),
-			 * (2)  sign*Y*a  ==  A   (mod |n|)
-			 */
-
-			/* Now divide  B  by the maximum possible power of two in the integers,
-			 * and divide  X  by the same value mod |n|.
-			 * When we're done, (1) still holds. */
-			shift = 0;
-			while (!BN_is_bit_set(B, shift)) /* note that 0 < B */
-				{
-				shift++;
-				
-				if (BN_is_odd(X))
-					{
-					if (!BN_uadd(X, X, n)) goto err;
-					}
-				/* now X is even, so we can easily divide it by two */
-				if (!BN_rshift1(X, X)) goto err;
-				}
-			if (shift > 0)
-				{
-				if (!BN_rshift(B, B, shift)) goto err;
-				}
-
-
-			/* Same for  A  and  Y.  Afterwards, (2) still holds. */
-			shift = 0;
-			while (!BN_is_bit_set(A, shift)) /* note that 0 < A */
-				{
-				shift++;
-				
-				if (BN_is_odd(Y))
-					{
-					if (!BN_uadd(Y, Y, n)) goto err;
-					}
-				/* now Y is even */
-				if (!BN_rshift1(Y, Y)) goto err;
-				}
-			if (shift > 0)
-				{
-				if (!BN_rshift(A, A, shift)) goto err;
-				}
-
-			
-			/* We still have (1) and (2).
-			 * Both  A  and  B  are odd.
-			 * The following computations ensure that
-			 *
-			 *     0 <= B < |n|,
-			 *      0 < A < |n|,
-			 * (1) -sign*X*a  ==  B   (mod |n|),
-			 * (2)  sign*Y*a  ==  A   (mod |n|),
-			 *
-			 * and that either  A  or  B  is even in the next iteration.
-			 */
-			if (BN_ucmp(B, A) >= 0)
-				{
-				/* -sign*(X + Y)*a == B - A  (mod |n|) */
-				if (!BN_uadd(X, X, Y)) goto err;
-				/* NB: we could use BN_mod_add_quick(X, X, Y, n), but that
-				 * actually makes the algorithm slower */
-				if (!BN_usub(B, B, A)) goto err;
-				}
-			else
-				{
-				/*  sign*(X + Y)*a == A - B  (mod |n|) */
-				if (!BN_uadd(Y, Y, X)) goto err;
-				/* as above, BN_mod_add_quick(Y, Y, X, n) would slow things down */
-				if (!BN_usub(A, A, B)) goto err;
-				}
-			}
-		}
-	else
-		{
-		/* general inversion algorithm */
-
-		while (!BN_is_zero(B))
-			{
-			BIGNUM *tmp;
-			
-			/*
-			 *      0 < B < A,
-			 * (*) -sign*X*a  ==  B   (mod |n|),
-			 *      sign*Y*a  ==  A   (mod |n|)
-			 */
-			
-			/* (D, M) := (A/B, A%B) ... */
-			if (BN_num_bits(A) == BN_num_bits(B))
-				{
-				if (!BN_one(D)) goto err;
-				if (!BN_sub(M,A,B)) goto err;
-				}
-			else if (BN_num_bits(A) == BN_num_bits(B) + 1)
-				{
-				/* A/B is 1, 2, or 3 */
-				if (!BN_lshift1(T,B)) goto err;
-				if (BN_ucmp(A,T) < 0)
-					{
-					/* A < 2*B, so D=1 */
-					if (!BN_one(D)) goto err;
-					if (!BN_sub(M,A,B)) goto err;
-					}
-				else
-					{
-					/* A >= 2*B, so D=2 or D=3 */
-					if (!BN_sub(M,A,T)) goto err;
-					if (!BN_add(D,T,B)) goto err; /* use D (:= 3*B) as temp */
-					if (BN_ucmp(A,D) < 0)
-						{
-						/* A < 3*B, so D=2 */
-						if (!BN_set_word(D,2)) goto err;
-						/* M (= A - 2*B) already has the correct value */
-						}
-					else
-						{
-						/* only D=3 remains */
-						if (!BN_set_word(D,3)) goto err;
-						/* currently  M = A - 2*B,  but we need  M = A - 3*B */
-						if (!BN_sub(M,M,B)) goto err;
-						}
-					}
-				}
-			else
-				{
-				if (!BN_div(D,M,A,B,ctx)) goto err;
-				}
-			
-			/* Now
-			 *      A = D*B + M;
-			 * thus we have
-			 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
-			 */
-			
-			tmp=A; /* keep the BIGNUM object, the value does not matter */
-			
-			/* (A, B) := (B, A mod B) ... */
-			A=B;
-			B=M;
-			/* ... so we have  0 <= B < A  again */
-			
-			/* Since the former  M  is now  B  and the former  B  is now  A,
-			 * (**) translates into
-			 *       sign*Y*a  ==  D*A + B    (mod |n|),
-			 * i.e.
-			 *       sign*Y*a - D*A  ==  B    (mod |n|).
-			 * Similarly, (*) translates into
-			 *      -sign*X*a  ==  A          (mod |n|).
-			 *
-			 * Thus,
-			 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
-			 * i.e.
-			 *        sign*(Y + D*X)*a  ==  B  (mod |n|).
-			 *
-			 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
-			 *      -sign*X*a  ==  B   (mod |n|),
-			 *       sign*Y*a  ==  A   (mod |n|).
-			 * Note that  X  and  Y  stay non-negative all the time.
-			 */
-			
-			/* most of the time D is very small, so we can optimize tmp := D*X+Y */
-			if (BN_is_one(D))
-				{
-				if (!BN_add(tmp,X,Y)) goto err;
-				}
-			else
-				{
-				if (BN_is_word(D,2))
-					{
-					if (!BN_lshift1(tmp,X)) goto err;
-					}
-				else if (BN_is_word(D,4))
-					{
-					if (!BN_lshift(tmp,X,2)) goto err;
-					}
-				else if (D->top == 1)
-					{
-					if (!BN_copy(tmp,X)) goto err;
-					if (!BN_mul_word(tmp,D->d[0])) goto err;
-					}
-				else
-					{
-					if (!BN_mul(tmp,D,X,ctx)) goto err;
-					}
-				if (!BN_add(tmp,tmp,Y)) goto err;
-				}
-			
-			M=Y; /* keep the BIGNUM object, the value does not matter */
-			Y=X;
-			X=tmp;
-			sign = -sign;
-			}
-		}
-		
-	/*
-	 * The while loop (Euclid's algorithm) ends when
-	 *      A == gcd(a,n);
-	 * we have
-	 *       sign*Y*a  ==  A  (mod |n|),
-	 * where  Y  is non-negative.
-	 */
-
-	if (sign < 0)
-		{
-		if (!BN_sub(Y,n,Y)) goto err;
-		}
-	/* Now  Y*a  ==  A  (mod |n|).  */
-	
-
-	if (BN_is_one(A))
-		{
-		/* Y*a == 1  (mod |n|) */
-		if (!Y->neg && BN_ucmp(Y,n) < 0)
-			{
-			if (!BN_copy(R,Y)) goto err;
-			}
-		else
-			{
-			if (!BN_nnmod(R,Y,n,ctx)) goto err;
-			}
-		}
-	else
-		{
-		BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
-		goto err;
-		}
-	ret=R;
-err:
-	if ((ret == NULL) && (in == NULL)) BN_free(R);
-	BN_CTX_end(ctx);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_kron.c b/crypto/openssl/crypto/bn/bn_kron.c
deleted file mode 100644
index 49f75594aed0..000000000000
--- a/crypto/openssl/crypto/bn/bn_kron.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* crypto/bn/bn_kron.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "bn_lcl.h"
-
-
-/* least significant word */
-#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
-
-/* Returns -2 for errors because both -1 and 0 are valid results. */
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	int i;
-	int ret = -2; /* avoid 'uninitialized' warning */
-	int err = 0;
-	BIGNUM *A, *B, *tmp;
-	/* In 'tab', only odd-indexed entries are relevant:
-	 * For any odd BIGNUM n,
-	 *     tab[BN_lsw(n) & 7]
-	 * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
-	 * Note that the sign of n does not matter.
-	 */
-	static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1};
-
-	BN_CTX_start(ctx);
-	A = BN_CTX_get(ctx);
-	B = BN_CTX_get(ctx);
-	if (B == NULL) goto end;
-	
-	err = !BN_copy(A, a);
-	if (err) goto end;
-	err = !BN_copy(B, b);
-	if (err) goto end;
-
-	/*
-	 * Kronecker symbol, imlemented according to Henri Cohen,
-	 * "A Course in Computational Algebraic Number Theory"
-	 * (algorithm 1.4.10).
-	 */
-
-	/* Cohen's step 1: */
-
-	if (BN_is_zero(B))
-		{
-		ret = BN_abs_is_word(A, 1);
-		goto end;
- 		}
-	
-	/* Cohen's step 2: */
-
-	if (!BN_is_odd(A) && !BN_is_odd(B))
-		{
-		ret = 0;
-		goto end;
-		}
-
-	/* now  B  is non-zero */
-	i = 0;
-	while (!BN_is_bit_set(B, i))
-		i++;
-	err = !BN_rshift(B, B, i);
-	if (err) goto end;
-	if (i & 1)
-		{
-		/* i is odd */
-		/* (thus  B  was even, thus  A  must be odd!)  */
-
-		/* set 'ret' to $(-1)^{(A^2-1)/8}$ */
-		ret = tab[BN_lsw(A) & 7];
-		}
-	else
-		{
-		/* i is even */
-		ret = 1;
-		}
-	
-	if (B->neg)
-		{
-		B->neg = 0;
-		if (A->neg)
-			ret = -ret;
-		}
-
-	/* now  B  is positive and odd, so what remains to be done is
-	 * to compute the Jacobi symbol  (A/B)  and multiply it by 'ret' */
-
-	while (1)
-		{
-		/* Cohen's step 3: */
-
-		/*  B  is positive and odd */
-
-		if (BN_is_zero(A))
-			{
-			ret = BN_is_one(B) ? ret : 0;
-			goto end;
-			}
-
-		/* now  A  is non-zero */
-		i = 0;
-		while (!BN_is_bit_set(A, i))
-			i++;
-		err = !BN_rshift(A, A, i);
-		if (err) goto end;
-		if (i & 1)
-			{
-			/* i is odd */
-			/* multiply 'ret' by  $(-1)^{(B^2-1)/8}$ */
-			ret = ret * tab[BN_lsw(B) & 7];
-			}
-	
-		/* Cohen's step 4: */
-		/* multiply 'ret' by  $(-1)^{(A-1)(B-1)/4}$ */
-		if ((A->neg ? ~BN_lsw(A) : BN_lsw(A)) & BN_lsw(B) & 2)
-			ret = -ret;
-		
-		/* (A, B) := (B mod |A|, |A|) */
-		err = !BN_nnmod(B, B, A, ctx);
-		if (err) goto end;
-		tmp = A; A = B; B = tmp;
-		tmp->neg = 0;
-		}
-	
- end:
-	BN_CTX_end(ctx);
-	if (err)
-		return -2;
-	else
-		return ret;
-	}
diff --git a/crypto/openssl/crypto/bn/bn_lcl.h b/crypto/openssl/crypto/bn/bn_lcl.h
deleted file mode 100644
index 5614bc6164cf..000000000000
--- a/crypto/openssl/crypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,454 +0,0 @@
-/* crypto/bn/bn_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_BN_LCL_H
-#define HEADER_BN_LCL_H
-
-#include <openssl/bn.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-/* Used for temp variables */
-#define BN_CTX_NUM	32
-#define BN_CTX_NUM_POS	12
-struct bignum_ctx
-	{
-	int tos;
-	BIGNUM bn[BN_CTX_NUM];
-	int flags;
-	int depth;
-	int pos[BN_CTX_NUM_POS];
-	int too_many;
-	} /* BN_CTX */;
-
-
-/*
- * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
- *
- *
- * For window size 'w' (w >= 2) and a random 'b' bits exponent,
- * the number of multiplications is a constant plus on average
- *
- *    2^(w-1) + (b-w)/(w+1);
- *
- * here  2^(w-1)  is for precomputing the table (we actually need
- * entries only for windows that have the lowest bit set), and
- * (b-w)/(w+1)  is an approximation for the expected number of
- * w-bit windows, not counting the first one.
- *
- * Thus we should use
- *
- *    w >= 6  if        b > 671
- *     w = 5  if  671 > b > 239
- *     w = 4  if  239 > b >  79
- *     w = 3  if   79 > b >  23
- *    w <= 2  if   23 > b
- *
- * (with draws in between).  Very small exponents are often selected
- * with low Hamming weight, so we use  w = 1  for b <= 23.
- */
-#if 1
-#define BN_window_bits_for_exponent_size(b) \
-		((b) > 671 ? 6 : \
-		 (b) > 239 ? 5 : \
-		 (b) >  79 ? 4 : \
-		 (b) >  23 ? 3 : 1)
-#else
-/* Old SSLeay/OpenSSL table.
- * Maximum window size was 5, so this table differs for b==1024;
- * but it coincides for other interesting values (b==160, b==512).
- */
-#define BN_window_bits_for_exponent_size(b) \
-		((b) > 255 ? 5 : \
-		 (b) > 127 ? 4 : \
-		 (b) >  17 ? 3 : 1)
-#endif	 
-
-
-
-/* Pentium pro 16,16,16,32,64 */
-/* Alpha       16,16,16,16.64 */
-#define BN_MULL_SIZE_NORMAL			(16) /* 32 */
-#define BN_MUL_RECURSIVE_SIZE_NORMAL		(16) /* 32 less than */
-#define BN_SQR_RECURSIVE_SIZE_NORMAL		(16) /* 32 */
-#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL	(32) /* 32 */
-#define BN_MONT_CTX_SET_SIZE_WORD		(64) /* 32 */
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-/*
- * BN_UMULT_HIGH section.
- *
- * No, I'm not trying to overwhelm you when stating that the
- * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
- * you to be impressed when I say that if the compiler doesn't
- * support 2*N integer type, then you have to replace every N*N
- * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
- * and additions which unavoidably results in severe performance
- * penalties. Of course provided that the hardware is capable of
- * producing 2*N result... That's when you normally start
- * considering assembler implementation. However! It should be
- * pointed out that some CPUs (most notably Alpha, PowerPC and
- * upcoming IA-64 family:-) provide *separate* instruction
- * calculating the upper half of the product placing the result
- * into a general purpose register. Now *if* the compiler supports
- * inline assembler, then it's not impossible to implement the
- * "bignum" routines (and have the compiler optimize 'em)
- * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
- * macro is about:-)
- *
- *					<appro@fy.chalmers.se>
- */
-# if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
-#  if defined(__DECC)
-#   include <c_asm.h>
-#   define BN_UMULT_HIGH(a,b)	(BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-#  elif defined(__GNUC__)
-#   define BN_UMULT_HIGH(a,b)	({	\
-	register BN_ULONG ret;		\
-	asm ("umulh	%1,%2,%0"	\
-	     : "=r"(ret)		\
-	     : "r"(a), "r"(b));		\
-	ret;			})
-#  endif	/* compiler */
-# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-#  if defined(__GNUC__)
-#   define BN_UMULT_HIGH(a,b)	({	\
-	register BN_ULONG ret;		\
-	asm ("mulhdu	%0,%1,%2"	\
-	     : "=r"(ret)		\
-	     : "r"(a), "r"(b));		\
-	ret;			})
-#  endif	/* compiler */
-# elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
-#  if defined(__GNUC__)
-#   define BN_UMULT_HIGH(a,b)	({	\
-	register BN_ULONG ret,discard;	\
-	asm ("mulq	%3"		\
-	     : "=a"(discard),"=d"(ret)	\
-	     : "a"(a), "g"(b)		\
-	     : "cc");			\
-	ret;			})
-#   define BN_UMULT_LOHI(low,high,a,b)	\
-	asm ("mulq	%3"		\
-		: "=a"(low),"=d"(high)	\
-		: "a"(a),"g"(b)		\
-		: "cc");
-#  endif
-# endif		/* cpu */
-#endif		/* OPENSSL_NO_ASM */
-
-/*************************************************************
- * Using the long long type
- */
-#define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
-#define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
-
-/* This is used for internal error checking and is not normally used */
-#ifdef BN_DEBUG
-# include <assert.h>
-# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax);
-#else
-# define bn_check_top(a)
-#endif
-
-/* This macro is to add extra stuff for development checking */
-#ifdef BN_DEBUG
-#define	bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA))
-#else
-#define	bn_set_max(r)
-#endif
-
-/* These macros are used to 'take' a section of a bignum for read only use */
-#define bn_set_low(r,a,n) \
-	{ \
-	(r)->top=((a)->top > (n))?(n):(a)->top; \
-	(r)->d=(a)->d; \
-	(r)->neg=(a)->neg; \
-	(r)->flags|=BN_FLG_STATIC_DATA; \
-	bn_set_max(r); \
-	}
-
-#define bn_set_high(r,a,n) \
-	{ \
-	if ((a)->top > (n)) \
-		{ \
-		(r)->top=(a)->top-n; \
-		(r)->d= &((a)->d[n]); \
-		} \
-	else \
-		(r)->top=0; \
-	(r)->neg=(a)->neg; \
-	(r)->flags|=BN_FLG_STATIC_DATA; \
-	bn_set_max(r); \
-	}
-
-#ifdef BN_LLONG
-#define mul_add(r,a,w,c) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)w * (a) + (r) + (c); \
-	(r)= Lw(t); \
-	(c)= Hw(t); \
-	}
-
-#define mul(r,a,w,c) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)w * (a) + (c); \
-	(r)= Lw(t); \
-	(c)= Hw(t); \
-	}
-
-#define sqr(r0,r1,a) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)(a)*(a); \
-	(r0)=Lw(t); \
-	(r1)=Hw(t); \
-	}
-
-#elif defined(BN_UMULT_HIGH)
-#define mul_add(r,a,w,c) {		\
-	BN_ULONG high,low,ret,tmp=(a);	\
-	ret =  (r);			\
-	high=  BN_UMULT_HIGH(w,tmp);	\
-	ret += (c);			\
-	low =  (w) * tmp;		\
-	(c) =  (ret<(c))?1:0;		\
-	(c) += high;			\
-	ret += low;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define mul(r,a,w,c)	{		\
-	BN_ULONG high,low,ret,ta=(a);	\
-	low =  (w) * ta;		\
-	high=  BN_UMULT_HIGH(w,ta);	\
-	ret =  low + (c);		\
-	(c) =  high;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define sqr(r0,r1,a)	{		\
-	BN_ULONG tmp=(a);		\
-	(r0) = tmp * tmp;		\
-	(r1) = BN_UMULT_HIGH(tmp,tmp);	\
-	}
-
-#else
-/*************************************************************
- * No long long type
- */
-
-#define LBITS(a)	((a)&BN_MASK2l)
-#define HBITS(a)	(((a)>>BN_BITS4)&BN_MASK2l)
-#define	L2HBITS(a)	(((a)<<BN_BITS4)&BN_MASK2)
-
-#define LLBITS(a)	((a)&BN_MASKl)
-#define LHBITS(a)	(((a)>>BN_BITS2)&BN_MASKl)
-#define	LL2HBITS(a)	((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
-
-#define mul64(l,h,bl,bh) \
-	{ \
-	BN_ULONG m,m1,lt,ht; \
- \
-	lt=l; \
-	ht=h; \
-	m =(bh)*(lt); \
-	lt=(bl)*(lt); \
-	m1=(bl)*(ht); \
-	ht =(bh)*(ht); \
-	m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
-	ht+=HBITS(m); \
-	m1=L2HBITS(m); \
-	lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
-	(l)=lt; \
-	(h)=ht; \
-	}
-
-#define sqr64(lo,ho,in) \
-	{ \
-	BN_ULONG l,h,m; \
- \
-	h=(in); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	m =(l)*(h); \
-	l*=l; \
-	h*=h; \
-	h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
-	m =(m&BN_MASK2l)<<(BN_BITS4+1); \
-	l=(l+m)&BN_MASK2; if (l < m) h++; \
-	(lo)=l; \
-	(ho)=h; \
-	}
-
-#define mul_add(r,a,bl,bh,c) { \
-	BN_ULONG l,h; \
- \
-	h= (a); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	mul64(l,h,(bl),(bh)); \
- \
-	/* non-multiply part */ \
-	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-	(c)=(r); \
-	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-	(c)=h&BN_MASK2; \
-	(r)=l; \
-	}
-
-#define mul(r,a,bl,bh,c) { \
-	BN_ULONG l,h; \
- \
-	h= (a); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	mul64(l,h,(bl),(bh)); \
- \
-	/* non-multiply part */ \
-	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
-	(c)=h&BN_MASK2; \
-	(r)=l&BN_MASK2; \
-	}
-#endif /* !BN_LLONG */
-
-void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
-void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
-void bn_sqr_comba8(BN_ULONG *r,const BN_ULONG *a);
-void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a);
-int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n);
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
-	int cl, int dl);
-#if 0
-/* bn_mul.c rollback <appro> */
-void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
-	int dna,int dnb,BN_ULONG *t);
-void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
-	int n,int tna,int tnb,BN_ULONG *t);
-#endif
-void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
-void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
-void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
-	BN_ULONG *t);
-void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
-	BN_ULONG *t);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/bn/bn_lib.c b/crypto/openssl/crypto/bn/bn_lib.c
deleted file mode 100644
index fa0ff485ade4..000000000000
--- a/crypto/openssl/crypto/bn/bn_lib.c
+++ /dev/null
@@ -1,824 +0,0 @@
-/* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
-
-/* For a 32 bit machine
- * 2 -   4 ==  128
- * 3 -   8 ==  256
- * 4 -  16 ==  512
- * 5 -  32 == 1024
- * 6 -  64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits=0;
-static int bn_limit_num=8;        /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low=0;
-static int bn_limit_num_low=8;    /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high=0;
-static int bn_limit_num_high=8;   /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont=0;
-static int bn_limit_num_mont=8;   /* (1<<bn_limit_bits_mont) */
-
-void BN_set_params(int mult, int high, int low, int mont)
-	{
-	if (mult >= 0)
-		{
-		if (mult > (sizeof(int)*8)-1)
-			mult=sizeof(int)*8-1;
-		bn_limit_bits=mult;
-		bn_limit_num=1<<mult;
-		}
-	if (high >= 0)
-		{
-		if (high > (sizeof(int)*8)-1)
-			high=sizeof(int)*8-1;
-		bn_limit_bits_high=high;
-		bn_limit_num_high=1<<high;
-		}
-	if (low >= 0)
-		{
-		if (low > (sizeof(int)*8)-1)
-			low=sizeof(int)*8-1;
-		bn_limit_bits_low=low;
-		bn_limit_num_low=1<<low;
-		}
-	if (mont >= 0)
-		{
-		if (mont > (sizeof(int)*8)-1)
-			mont=sizeof(int)*8-1;
-		bn_limit_bits_mont=mont;
-		bn_limit_num_mont=1<<mont;
-		}
-	}
-
-int BN_get_params(int which)
-	{
-	if      (which == 0) return(bn_limit_bits);
-	else if (which == 1) return(bn_limit_bits_high);
-	else if (which == 2) return(bn_limit_bits_low);
-	else if (which == 3) return(bn_limit_bits_mont);
-	else return(0);
-	}
-
-const BIGNUM *BN_value_one(void)
-	{
-	static BN_ULONG data_one=1L;
-	static BIGNUM const_one={&data_one,1,1,0};
-
-	return(&const_one);
-	}
-
-char *BN_options(void)
-	{
-	static int init=0;
-	static char data[16];
-
-	if (!init)
-		{
-		init++;
-#ifdef BN_LLONG
-		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
-			(int)sizeof(BN_ULONG)*8);
-#else
-		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
-			(int)sizeof(BN_ULONG)*8);
-#endif
-		}
-	return(data);
-	}
-
-int BN_num_bits_word(BN_ULONG l)
-	{
-	static const char bits[256]={
-		0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
-		5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
-		6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
-		6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
-		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
-		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
-		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
-		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
-		};
-
-#if defined(SIXTY_FOUR_BIT_LONG)
-	if (l & 0xffffffff00000000L)
-		{
-		if (l & 0xffff000000000000L)
-			{
-			if (l & 0xff00000000000000L)
-				{
-				return(bits[(int)(l>>56)]+56);
-				}
-			else	return(bits[(int)(l>>48)]+48);
-			}
-		else
-			{
-			if (l & 0x0000ff0000000000L)
-				{
-				return(bits[(int)(l>>40)]+40);
-				}
-			else	return(bits[(int)(l>>32)]+32);
-			}
-		}
-	else
-#else
-#ifdef SIXTY_FOUR_BIT
-	if (l & 0xffffffff00000000LL)
-		{
-		if (l & 0xffff000000000000LL)
-			{
-			if (l & 0xff00000000000000LL)
-				{
-				return(bits[(int)(l>>56)]+56);
-				}
-			else	return(bits[(int)(l>>48)]+48);
-			}
-		else
-			{
-			if (l & 0x0000ff0000000000LL)
-				{
-				return(bits[(int)(l>>40)]+40);
-				}
-			else	return(bits[(int)(l>>32)]+32);
-			}
-		}
-	else
-#endif
-#endif
-		{
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-		if (l & 0xffff0000L)
-			{
-			if (l & 0xff000000L)
-				return(bits[(int)(l>>24L)]+24);
-			else	return(bits[(int)(l>>16L)]+16);
-			}
-		else
-#endif
-			{
-#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-			if (l & 0xff00L)
-				return(bits[(int)(l>>8)]+8);
-			else	
-#endif
-				return(bits[(int)(l   )]  );
-			}
-		}
-	}
-
-int BN_num_bits(const BIGNUM *a)
-	{
-	BN_ULONG l;
-	int i;
-
-	bn_check_top(a);
-
-	if (a->top == 0) return(0);
-	l=a->d[a->top-1];
-	assert(l != 0);
-	i=(a->top-1)*BN_BITS2;
-	return(i+BN_num_bits_word(l));
-	}
-
-void BN_clear_free(BIGNUM *a)
-	{
-	int i;
-
-	if (a == NULL) return;
-	if (a->d != NULL)
-		{
-		OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
-		if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
-			OPENSSL_free(a->d);
-		}
-	i=BN_get_flags(a,BN_FLG_MALLOCED);
-	OPENSSL_cleanse(a,sizeof(BIGNUM));
-	if (i)
-		OPENSSL_free(a);
-	}
-
-void BN_free(BIGNUM *a)
-	{
-	if (a == NULL) return;
-	if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
-		OPENSSL_free(a->d);
-	a->flags|=BN_FLG_FREE; /* REMOVE? */
-	if (a->flags & BN_FLG_MALLOCED)
-		OPENSSL_free(a);
-	}
-
-void BN_init(BIGNUM *a)
-	{
-	memset(a,0,sizeof(BIGNUM));
-	}
-
-BIGNUM *BN_new(void)
-	{
-	BIGNUM *ret;
-
-	if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL)
-		{
-		BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->flags=BN_FLG_MALLOCED;
-	ret->top=0;
-	ret->neg=0;
-	ret->dmax=0;
-	ret->d=NULL;
-	return(ret);
-	}
-
-/* This is used both by bn_expand2() and bn_dup_expand() */
-/* The caller MUST check that words > b->dmax before calling this */
-static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
-	{
-	BN_ULONG *A,*a = NULL;
-	const BN_ULONG *B;
-	int i;
-
-	if (words > (INT_MAX/(4*BN_BITS2)))
-		{
-		BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);
-		return NULL;
-		}
-
-	bn_check_top(b);	
-	if (BN_get_flags(b,BN_FLG_STATIC_DATA))
-		{
-		BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
-		return(NULL);
-		}
-	a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1));
-	if (A == NULL)
-		{
-		BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-#if 1
-	B=b->d;
-	/* Check if the previous number needs to be copied */
-	if (B != NULL)
-		{
-		for (i=b->top>>2; i>0; i--,A+=4,B+=4)
-			{
-			/*
-			 * The fact that the loop is unrolled
-			 * 4-wise is a tribute to Intel. It's
-			 * the one that doesn't have enough
-			 * registers to accomodate more data.
-			 * I'd unroll it 8-wise otherwise:-)
-			 *
-			 *		<appro@fy.chalmers.se>
-			 */
-			BN_ULONG a0,a1,a2,a3;
-			a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
-			A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
-			}
-		switch (b->top&3)
-			{
-		case 3:	A[2]=B[2];
-		case 2:	A[1]=B[1];
-		case 1:	A[0]=B[0];
-		case 0: /* workaround for ultrix cc: without 'case 0', the optimizer does
-		         * the switch table by doing a=top&3; a--; goto jump_table[a];
-		         * which fails for top== 0 */
-			;
-			}
-		}
-
-	/* Now need to zero any data between b->top and b->max */
-	/* XXX Why? */
-
-	A= &(a[b->top]);
-	for (i=(words - b->top)>>3; i>0; i--,A+=8)
-		{
-		A[0]=0; A[1]=0; A[2]=0; A[3]=0;
-		A[4]=0; A[5]=0; A[6]=0; A[7]=0;
-		}
-	for (i=(words - b->top)&7; i>0; i--,A++)
-		A[0]=0;
-#else
-	memset(A,0,sizeof(BN_ULONG)*(words+1));
-	memcpy(A,b->d,sizeof(b->d[0])*b->top);
-#endif
-		
-	return(a);
-	}
-
-/* This is an internal function that can be used instead of bn_expand2()
- * when there is a need to copy BIGNUMs instead of only expanding the
- * data part, while still expanding them.
- * Especially useful when needing to expand BIGNUMs that are declared
- * 'const' and should therefore not be changed.
- * The reason to use this instead of a BN_dup() followed by a bn_expand2()
- * is memory allocation overhead.  A BN_dup() followed by a bn_expand2()
- * will allocate new memory for the BIGNUM data twice, and free it once,
- * while bn_dup_expand() makes sure allocation is made only once.
- */
-
-BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
-	{
-	BIGNUM *r = NULL;
-
-	/* This function does not work if
-	 *      words <= b->dmax && top < words
-	 * because BN_dup() does not preserve 'dmax'!
-	 * (But bn_dup_expand() is not used anywhere yet.)
-	 */
-	
-	if (words > b->dmax)
-		{
-		BN_ULONG *a = bn_expand_internal(b, words);
-
-		if (a)
-			{
-			r = BN_new();
-			if (r)
-				{
-				r->top = b->top;
-				r->dmax = words;
-				r->neg = b->neg;
-				r->d = a;
-				}
-			else
-				{
-				/* r == NULL, BN_new failure */
-				OPENSSL_free(a);
-				}
-			}
-		/* If a == NULL, there was an error in allocation in
-		   bn_expand_internal(), and NULL should be returned */
-		}
-	else
-		{
-		r = BN_dup(b);
-		}
-
-	return r;
-	}
-
-/* This is an internal function that should not be used in applications.
- * It ensures that 'b' has enough room for a 'words' word number number.
- * It is mostly used by the various BIGNUM routines. If there is an error,
- * NULL is returned. If not, 'b' is returned. */
-
-BIGNUM *bn_expand2(BIGNUM *b, int words)
-	{
-	if (words > b->dmax)
-		{
-		BN_ULONG *a = bn_expand_internal(b, words);
-
-		if (a)
-			{
-			if (b->d)
-				OPENSSL_free(b->d);
-			b->d=a;
-			b->dmax=words;
-			}
-		else
-			b = NULL;
-		}
-	return b;
-	}
-
-BIGNUM *BN_dup(const BIGNUM *a)
-	{
-	BIGNUM *r, *t;
-
-	if (a == NULL) return NULL;
-
-	bn_check_top(a);
-
-	t = BN_new();
-	if (t == NULL) return(NULL);
-	r = BN_copy(t, a);
-	/* now  r == t || r == NULL */
-	if (r == NULL)
-		BN_free(t);
-	return r;
-	}
-
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
-	{
-	int i;
-	BN_ULONG *A;
-	const BN_ULONG *B;
-
-	bn_check_top(b);
-
-	if (a == b) return(a);
-	if (bn_wexpand(a,b->top) == NULL) return(NULL);
-
-#if 1
-	A=a->d;
-	B=b->d;
-	for (i=b->top>>2; i>0; i--,A+=4,B+=4)
-		{
-		BN_ULONG a0,a1,a2,a3;
-		a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
-		A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
-		}
-	switch (b->top&3)
-		{
-		case 3: A[2]=B[2];
-		case 2: A[1]=B[1];
-		case 1: A[0]=B[0];
-		case 0: ; /* ultrix cc workaround, see comments in bn_expand_internal */
-		}
-#else
-	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
-#endif
-
-/*	memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
-	a->top=b->top;
-	if ((a->top == 0) && (a->d != NULL))
-		a->d[0]=0;
-	a->neg=b->neg;
-	return(a);
-	}
-
-void BN_swap(BIGNUM *a, BIGNUM *b)
-	{
-	int flags_old_a, flags_old_b;
-	BN_ULONG *tmp_d;
-	int tmp_top, tmp_dmax, tmp_neg;
-	
-	flags_old_a = a->flags;
-	flags_old_b = b->flags;
-
-	tmp_d = a->d;
-	tmp_top = a->top;
-	tmp_dmax = a->dmax;
-	tmp_neg = a->neg;
-	
-	a->d = b->d;
-	a->top = b->top;
-	a->dmax = b->dmax;
-	a->neg = b->neg;
-	
-	b->d = tmp_d;
-	b->top = tmp_top;
-	b->dmax = tmp_dmax;
-	b->neg = tmp_neg;
-	
-	a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
-	b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
-	}
-
-
-void BN_clear(BIGNUM *a)
-	{
-	if (a->d != NULL)
-		memset(a->d,0,a->dmax*sizeof(a->d[0]));
-	a->top=0;
-	a->neg=0;
-	}
-
-BN_ULONG BN_get_word(const BIGNUM *a)
-	{
-	int i,n;
-	BN_ULONG ret=0;
-
-	n=BN_num_bytes(a);
-	if (n > sizeof(BN_ULONG))
-		return(BN_MASK2);
-	for (i=a->top-1; i>=0; i--)
-		{
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
-		ret<<=BN_BITS4; /* stops the compiler complaining */
-		ret<<=BN_BITS4;
-#else
-		ret=0;
-#endif
-		ret|=a->d[i];
-		}
-	return(ret);
-	}
-
-int BN_set_word(BIGNUM *a, BN_ULONG w)
-	{
-	int i,n;
-	if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);
-
-	n=sizeof(BN_ULONG)/BN_BYTES;
-	a->neg=0;
-	a->top=0;
-	a->d[0]=(BN_ULONG)w&BN_MASK2;
-	if (a->d[0] != 0) a->top=1;
-	for (i=1; i<n; i++)
-		{
-		/* the following is done instead of
-		 * w>>=BN_BITS2 so compilers don't complain
-		 * on builds where sizeof(long) == BN_TYPES */
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
-		w>>=BN_BITS4;
-		w>>=BN_BITS4;
-#else
-		w=0;
-#endif
-		a->d[i]=(BN_ULONG)w&BN_MASK2;
-		if (a->d[i] != 0) a->top=i+1;
-		}
-	return(1);
-	}
-
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
-	{
-	unsigned int i,m;
-	unsigned int n;
-	BN_ULONG l;
-
-	if (ret == NULL) ret=BN_new();
-	if (ret == NULL) return(NULL);
-	l=0;
-	n=len;
-	if (n == 0)
-		{
-		ret->top=0;
-		return(ret);
-		}
-	if (bn_expand(ret,(int)(n+2)*8) == NULL)
-		return(NULL);
-	i=((n-1)/BN_BYTES)+1;
-	m=((n-1)%(BN_BYTES));
-	ret->top=i;
-	ret->neg=0;
-	while (n-- > 0)
-		{
-		l=(l<<8L)| *(s++);
-		if (m-- == 0)
-			{
-			ret->d[--i]=l;
-			l=0;
-			m=BN_BYTES-1;
-			}
-		}
-	/* need to call this due to clear byte at top if avoiding
-	 * having the top bit set (-ve number) */
-	bn_fix_top(ret);
-	return(ret);
-	}
-
-/* ignore negative */
-int BN_bn2bin(const BIGNUM *a, unsigned char *to)
-	{
-	int n,i;
-	BN_ULONG l;
-
-	n=i=BN_num_bytes(a);
-	while (i-- > 0)
-		{
-		l=a->d[i/BN_BYTES];
-		*(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
-		}
-	return(n);
-	}
-
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
-	{
-	int i;
-	BN_ULONG t1,t2,*ap,*bp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	i=a->top-b->top;
-	if (i != 0) return(i);
-	ap=a->d;
-	bp=b->d;
-	for (i=a->top-1; i>=0; i--)
-		{
-		t1= ap[i];
-		t2= bp[i];
-		if (t1 != t2)
-			return(t1 > t2?1:-1);
-		}
-	return(0);
-	}
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b)
-	{
-	int i;
-	int gt,lt;
-	BN_ULONG t1,t2;
-
-	if ((a == NULL) || (b == NULL))
-		{
-		if (a != NULL)
-			return(-1);
-		else if (b != NULL)
-			return(1);
-		else
-			return(0);
-		}
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->neg != b->neg)
-		{
-		if (a->neg)
-			return(-1);
-		else	return(1);
-		}
-	if (a->neg == 0)
-		{ gt=1; lt= -1; }
-	else	{ gt= -1; lt=1; }
-
-	if (a->top > b->top) return(gt);
-	if (a->top < b->top) return(lt);
-	for (i=a->top-1; i>=0; i--)
-		{
-		t1=a->d[i];
-		t2=b->d[i];
-		if (t1 > t2) return(gt);
-		if (t1 < t2) return(lt);
-		}
-	return(0);
-	}
-
-int BN_set_bit(BIGNUM *a, int n)
-	{
-	int i,j,k;
-
-	i=n/BN_BITS2;
-	j=n%BN_BITS2;
-	if (a->top <= i)
-		{
-		if (bn_wexpand(a,i+1) == NULL) return(0);
-		for(k=a->top; k<i+1; k++)
-			a->d[k]=0;
-		a->top=i+1;
-		}
-
-	a->d[i]|=(((BN_ULONG)1)<<j);
-	return(1);
-	}
-
-int BN_clear_bit(BIGNUM *a, int n)
-	{
-	int i,j;
-
-	i=n/BN_BITS2;
-	j=n%BN_BITS2;
-	if (a->top <= i) return(0);
-
-	a->d[i]&=(~(((BN_ULONG)1)<<j));
-	bn_fix_top(a);
-	return(1);
-	}
-
-int BN_is_bit_set(const BIGNUM *a, int n)
-	{
-	int i,j;
-
-	if (n < 0) return(0);
-	i=n/BN_BITS2;
-	j=n%BN_BITS2;
-	if (a->top <= i) return(0);
-	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
-	}
-
-int BN_mask_bits(BIGNUM *a, int n)
-	{
-	int b,w;
-
-	w=n/BN_BITS2;
-	b=n%BN_BITS2;
-	if (w >= a->top) return(0);
-	if (b == 0)
-		a->top=w;
-	else
-		{
-		a->top=w+1;
-		a->d[w]&= ~(BN_MASK2<<b);
-		}
-	bn_fix_top(a);
-	return(1);
-	}
-
-int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
-	{
-	int i;
-	BN_ULONG aa,bb;
-
-	aa=a[n-1];
-	bb=b[n-1];
-	if (aa != bb) return((aa > bb)?1:-1);
-	for (i=n-2; i>=0; i--)
-		{
-		aa=a[i];
-		bb=b[i];
-		if (aa != bb) return((aa > bb)?1:-1);
-		}
-	return(0);
-	}
-
-/* Here follows a specialised variants of bn_cmp_words().  It has the
-   property of performing the operation on arrays of different sizes.
-   The sizes of those arrays is expressed through cl, which is the
-   common length ( basicall, min(len(a),len(b)) ), and dl, which is the
-   delta between the two lengths, calculated as len(a)-len(b).
-   All lengths are the number of BN_ULONGs...  */
-
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
-	int cl, int dl)
-	{
-	int n,i;
-	n = cl-1;
-
-	if (dl < 0)
-		{
-		for (i=dl; i<0; i++)
-			{
-			if (b[n-i] != 0)
-				return -1; /* a < b */
-			}
-		}
-	if (dl > 0)
-		{
-		for (i=dl; i>0; i--)
-			{
-			if (a[n+i] != 0)
-				return 1; /* a > b */
-			}
-		}
-	return bn_cmp_words(a,b,cl);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_mod.c b/crypto/openssl/crypto/bn/bn_mod.c
deleted file mode 100644
index 5cf82480d7ba..000000000000
--- a/crypto/openssl/crypto/bn/bn_mod.c
+++ /dev/null
@@ -1,296 +0,0 @@
-/* crypto/bn/bn_mod.c */
-/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-
-#if 0 /* now just a #define */
-int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-	{
-	return(BN_div(NULL,rem,m,d,ctx));
-	/* note that  rem->neg == m->neg  (unless the remainder is zero) */
-	}
-#endif
-
-
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-	{
-	/* like BN_mod, but returns non-negative remainder
-	 * (i.e.,  0 <= r < |d|  always holds) */
-
-	if (!(BN_mod(r,m,d,ctx)))
-		return 0;
-	if (!r->neg)
-		return 1;
-	/* now   -|d| < r < 0,  so we have to set  r := r + |d| */
-	return (d->neg ? BN_sub : BN_add)(r, r, d);
-}
-
-
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
-	{
-	if (!BN_add(r, a, b)) return 0;
-	return BN_nnmod(r, r, m, ctx);
-	}
-
-
-/* BN_mod_add variant that may be used if both  a  and  b  are non-negative
- * and less than  m */
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m)
-	{
-	if (!BN_add(r, a, b)) return 0;
-	if (BN_ucmp(r, m) >= 0)
-		return BN_usub(r, r, m);
-	return 1;
-	}
-
-
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
-	{
-	if (!BN_sub(r, a, b)) return 0;
-	return BN_nnmod(r, r, m, ctx);
-	}
-
-
-/* BN_mod_sub variant that may be used if both  a  and  b  are non-negative
- * and less than  m */
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m)
-	{
-	if (!BN_sub(r, a, b)) return 0;
-	if (r->neg)
-		return BN_add(r, r, m);
-	return 1;
-	}
-
-
-/* slow but works */
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-	BN_CTX *ctx)
-	{
-	BIGNUM *t;
-	int ret=0;
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(m);
-
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) == NULL) goto err;
-	if (a == b)
-		{ if (!BN_sqr(t,a,ctx)) goto err; }
-	else
-		{ if (!BN_mul(t,a,b,ctx)) goto err; }
-	if (!BN_nnmod(r,t,m,ctx)) goto err;
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-	{
-	if (!BN_sqr(r, a, ctx)) return 0;
-	/* r->neg == 0,  thus we don't need BN_nnmod */
-	return BN_mod(r, r, m, ctx);
-	}
-
-
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-	{
-	if (!BN_lshift1(r, a)) return 0;
-	return BN_nnmod(r, r, m, ctx);
-	}
-
-
-/* BN_mod_lshift1 variant that may be used if  a  is non-negative
- * and less than  m */
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m)
-	{
-	if (!BN_lshift1(r, a)) return 0;
-	if (BN_cmp(r, m) >= 0)
-		return BN_sub(r, r, m);
-	return 1;
-	}
-
-
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx)
-	{
-	BIGNUM *abs_m = NULL;
-	int ret;
-
-	if (!BN_nnmod(r, a, m, ctx)) return 0;
-
-	if (m->neg)
-		{
-		abs_m = BN_dup(m);
-		if (abs_m == NULL) return 0;
-		abs_m->neg = 0;
-		}
-	
-	ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
-
-	if (abs_m)
-		BN_free(abs_m);
-	return ret;
-	}
-
-
-/* BN_mod_lshift variant that may be used if  a  is non-negative
- * and less than  m */
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m)
-	{
-	if (r != a)
-		{
-		if (BN_copy(r, a) == NULL) return 0;
-		}
-
-	while (n > 0)
-		{
-		int max_shift;
-		
-		/* 0 < r < m */
-		max_shift = BN_num_bits(m) - BN_num_bits(r);
-		/* max_shift >= 0 */
-
-		if (max_shift < 0)
-			{
-			BNerr(BN_F_BN_MOD_LSHIFT_QUICK, BN_R_INPUT_NOT_REDUCED);
-			return 0;
-			}
-
-		if (max_shift > n)
-			max_shift = n;
-
-		if (max_shift)
-			{
-			if (!BN_lshift(r, r, max_shift)) return 0;
-			n -= max_shift;
-			}
-		else
-			{
-			if (!BN_lshift1(r, r)) return 0;
-			--n;
-			}
-
-		/* BN_num_bits(r) <= BN_num_bits(m) */
-
-		if (BN_cmp(r, m) >= 0) 
-			{
-			if (!BN_sub(r, r, m)) return 0;
-			}
-		}
-	
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/bn/bn_mont.c b/crypto/openssl/crypto/bn/bn_mont.c
deleted file mode 100644
index c9ebdbaabeb9..000000000000
--- a/crypto/openssl/crypto/bn/bn_mont.c
+++ /dev/null
@@ -1,349 +0,0 @@
-/* crypto/bn/bn_mont.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Details about Montgomery multiplication algorithms can be found at
- * http://security.ece.orst.edu/publications.html, e.g.
- * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
- * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define MONT_WORD /* use the faster word-based algorithm */
-
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-			  BN_MONT_CTX *mont, BN_CTX *ctx)
-	{
-	BIGNUM *tmp;
-	int ret=0;
-
-	BN_CTX_start(ctx);
-	tmp = BN_CTX_get(ctx);
-	if (tmp == NULL) goto err;
-
-	bn_check_top(tmp);
-	if (a == b)
-		{
-		if (!BN_sqr(tmp,a,ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mul(tmp,a,b,ctx)) goto err;
-		}
-	/* reduce from aRR to aR */
-	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
-	     BN_CTX *ctx)
-	{
-	int retn=0;
-
-#ifdef MONT_WORD
-	BIGNUM *n,*r;
-	BN_ULONG *ap,*np,*rp,n0,v,*nrp;
-	int al,nl,max,i,x,ri;
-
-	BN_CTX_start(ctx);
-	if ((r = BN_CTX_get(ctx)) == NULL) goto err;
-
-	if (!BN_copy(r,a)) goto err;
-	n= &(mont->N);
-
-	ap=a->d;
-	/* mont->ri is the size of mont->N in bits (rounded up
-	   to the word size) */
-	al=ri=mont->ri/BN_BITS2;
-	
-	nl=n->top;
-	if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
-
-	max=(nl+al+1); /* allow for overflow (no?) XXX */
-	if (bn_wexpand(r,max) == NULL) goto err;
-	if (bn_wexpand(ret,max) == NULL) goto err;
-
-	r->neg=a->neg^n->neg;
-	np=n->d;
-	rp=r->d;
-	nrp= &(r->d[nl]);
-
-	/* clear the top words of T */
-#if 1
-	for (i=r->top; i<max; i++) /* memset? XXX */
-		r->d[i]=0;
-#else
-	memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); 
-#endif
-
-	r->top=max;
-	n0=mont->n0;
-
-#ifdef BN_COUNT
-	fprintf(stderr,"word BN_from_montgomery %d * %d\n",nl,nl);
-#endif
-	for (i=0; i<nl; i++)
-		{
-#ifdef __TANDEM
-                {
-                   long long t1;
-                   long long t2;
-                   long long t3;
-                   t1 = rp[0] * (n0 & 0177777);
-                   t2 = 037777600000l;
-                   t2 = n0 & t2;
-                   t3 = rp[0] & 0177777;
-                   t2 = (t3 * t2) & BN_MASK2;
-                   t1 = t1 + t2;
-                   v=bn_mul_add_words(rp,np,nl,(BN_ULONG) t1);
-                }
-#else
-		v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
-#endif
-		nrp++;
-		rp++;
-		if (((nrp[-1]+=v)&BN_MASK2) >= v)
-			continue;
-		else
-			{
-			if (((++nrp[0])&BN_MASK2) != 0) continue;
-			if (((++nrp[1])&BN_MASK2) != 0) continue;
-			for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ;
-			}
-		}
-	bn_fix_top(r);
-	
-	/* mont->ri will be a multiple of the word size */
-#if 0
-	BN_rshift(ret,r,mont->ri);
-#else
-	ret->neg = r->neg;
-	x=ri;
-	rp=ret->d;
-	ap= &(r->d[x]);
-	if (r->top < x)
-		al=0;
-	else
-		al=r->top-x;
-	ret->top=al;
-	al-=4;
-	for (i=0; i<al; i+=4)
-		{
-		BN_ULONG t1,t2,t3,t4;
-		
-		t1=ap[i+0];
-		t2=ap[i+1];
-		t3=ap[i+2];
-		t4=ap[i+3];
-		rp[i+0]=t1;
-		rp[i+1]=t2;
-		rp[i+2]=t3;
-		rp[i+3]=t4;
-		}
-	al+=4;
-	for (; i<al; i++)
-		rp[i]=ap[i];
-#endif
-#else /* !MONT_WORD */ 
-	BIGNUM *t1,*t2;
-
-	BN_CTX_start(ctx);
-	t1 = BN_CTX_get(ctx);
-	t2 = BN_CTX_get(ctx);
-	if (t1 == NULL || t2 == NULL) goto err;
-	
-	if (!BN_copy(t1,a)) goto err;
-	BN_mask_bits(t1,mont->ri);
-
-	if (!BN_mul(t2,t1,&mont->Ni,ctx)) goto err;
-	BN_mask_bits(t2,mont->ri);
-
-	if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
-	if (!BN_add(t2,a,t1)) goto err;
-	if (!BN_rshift(ret,t2,mont->ri)) goto err;
-#endif /* MONT_WORD */
-
-	if (BN_ucmp(ret, &(mont->N)) >= 0)
-		{
-		if (!BN_usub(ret,ret,&(mont->N))) goto err;
-		}
-	retn=1;
- err:
-	BN_CTX_end(ctx);
-	return(retn);
-	}
-
-BN_MONT_CTX *BN_MONT_CTX_new(void)
-	{
-	BN_MONT_CTX *ret;
-
-	if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
-		return(NULL);
-
-	BN_MONT_CTX_init(ret);
-	ret->flags=BN_FLG_MALLOCED;
-	return(ret);
-	}
-
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
-	{
-	ctx->ri=0;
-	BN_init(&(ctx->RR));
-	BN_init(&(ctx->N));
-	BN_init(&(ctx->Ni));
-	ctx->flags=0;
-	}
-
-void BN_MONT_CTX_free(BN_MONT_CTX *mont)
-	{
-	if(mont == NULL)
-	    return;
-
-	BN_free(&(mont->RR));
-	BN_free(&(mont->N));
-	BN_free(&(mont->Ni));
-	if (mont->flags & BN_FLG_MALLOCED)
-		OPENSSL_free(mont);
-	}
-
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
-	{
-	BIGNUM Ri,*R;
-
-	BN_init(&Ri);
-	R= &(mont->RR);					/* grab RR as a temp */
-	BN_copy(&(mont->N),mod);			/* Set N */
-	mont->N.neg = 0;
-
-#ifdef MONT_WORD
-		{
-		BIGNUM tmod;
-		BN_ULONG buf[2];
-
-		mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-		if (!(BN_zero(R))) goto err;
-		if (!(BN_set_bit(R,BN_BITS2))) goto err;	/* R */
-
-		buf[0]=mod->d[0]; /* tmod = N mod word size */
-		buf[1]=0;
-		tmod.d=buf;
-		tmod.top=1;
-		tmod.dmax=2;
-		tmod.neg=0;
-							/* Ri = R^-1 mod N*/
-		if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL)
-			goto err;
-		if (!BN_lshift(&Ri,&Ri,BN_BITS2)) goto err; /* R*Ri */
-		if (!BN_is_zero(&Ri))
-			{
-			if (!BN_sub_word(&Ri,1)) goto err;
-			}
-		else /* if N mod word size == 1 */
-			{
-			if (!BN_set_word(&Ri,BN_MASK2)) goto err;  /* Ri-- (mod word size) */
-			}
-		if (!BN_div(&Ri,NULL,&Ri,&tmod,ctx)) goto err;
-		/* Ni = (R*Ri-1)/N,
-		 * keep only least significant word: */
-		mont->n0 = (Ri.top > 0) ? Ri.d[0] : 0;
-		BN_free(&Ri);
-		}
-#else /* !MONT_WORD */
-		{ /* bignum version */
-		mont->ri=BN_num_bits(&mont->N);
-		if (!BN_zero(R)) goto err;
-		if (!BN_set_bit(R,mont->ri)) goto err;  /* R = 2^ri */
-		                                        /* Ri = R^-1 mod N*/
-		if ((BN_mod_inverse(&Ri,R,&mont->N,ctx)) == NULL)
-			goto err;
-		if (!BN_lshift(&Ri,&Ri,mont->ri)) goto err; /* R*Ri */
-		if (!BN_sub_word(&Ri,1)) goto err;
-							/* Ni = (R*Ri-1) / N */
-		if (!BN_div(&(mont->Ni),NULL,&Ri,&mont->N,ctx)) goto err;
-		BN_free(&Ri);
-		}
-#endif
-
-	/* setup RR for conversions */
-	if (!BN_zero(&(mont->RR))) goto err;
-	if (!BN_set_bit(&(mont->RR),mont->ri*2)) goto err;
-	if (!BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx)) goto err;
-
-	return(1);
-err:
-	return(0);
-	}
-
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
-	{
-	if (to == from) return(to);
-
-	if (!BN_copy(&(to->RR),&(from->RR))) return NULL;
-	if (!BN_copy(&(to->N),&(from->N))) return NULL;
-	if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL;
-	to->ri=from->ri;
-	to->n0=from->n0;
-	return(to);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_mpi.c b/crypto/openssl/crypto/bn/bn_mpi.c
deleted file mode 100644
index 05fa9d1e9a5c..000000000000
--- a/crypto/openssl/crypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/bn/bn_mpi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
-	{
-	int bits;
-	int num=0;
-	int ext=0;
-	long l;
-
-	bits=BN_num_bits(a);
-	num=(bits+7)/8;
-	if (bits > 0)
-		{
-		ext=((bits & 0x07) == 0);
-		}
-	if (d == NULL)
-		return(num+4+ext);
-
-	l=num+ext;
-	d[0]=(unsigned char)(l>>24)&0xff;
-	d[1]=(unsigned char)(l>>16)&0xff;
-	d[2]=(unsigned char)(l>> 8)&0xff;
-	d[3]=(unsigned char)(l    )&0xff;
-	if (ext) d[4]=0;
-	num=BN_bn2bin(a,&(d[4+ext]));
-	if (a->neg)
-		d[4]|=0x80;
-	return(num+4+ext);
-	}
-
-BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
-	{
-	long len;
-	int neg=0;
-
-	if (n < 4)
-		{
-		BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
-		return(NULL);
-		}
-	len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3];
-	if ((len+4) != n)
-		{
-		BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
-		return(NULL);
-		}
-
-	if (a == NULL) a=BN_new();
-	if (a == NULL) return(NULL);
-
-	if (len == 0)
-		{
-		a->neg=0;
-		a->top=0;
-		return(a);
-		}
-	d+=4;
-	if ((*d) & 0x80)
-		neg=1;
-	if (BN_bin2bn(d,(int)len,a) == NULL)
-		return(NULL);
-	a->neg=neg;
-	if (neg)
-		{
-		BN_clear_bit(a,BN_num_bits(a)-1);
-		}
-	return(a);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_mul.c b/crypto/openssl/crypto/bn/bn_mul.c
deleted file mode 100644
index cb93ac335692..000000000000
--- a/crypto/openssl/crypto/bn/bn_mul.c
+++ /dev/null
@@ -1,802 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#ifdef BN_RECURSION
-/* Karatsuba recursive multiplication algorithm
- * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
-
-/* r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2,c1,c2;
-	unsigned int neg,zero;
-	BN_ULONG ln,lo,*p;
-
-# ifdef BN_COUNT
-	printf(" bn_mul_recursive %d * %d\n",n2,n2);
-# endif
-# ifdef BN_MUL_COMBA
-#  if 0
-	if (n2 == 4)
-		{
-		bn_mul_comba4(r,a,b);
-		return;
-		}
-#  endif
-	if (n2 == 8)
-		{
-		bn_mul_comba8(r,a,b);
-		return; 
-		}
-# endif /* BN_MUL_COMBA */
-	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
-		{
-		/* This should not happen */
-		bn_mul_normal(r,a,n2,b,n2);
-		return;
-		}
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),b,n);
-	zero=neg=0;
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),&(b[n]),b,      n); /* + */
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(t,      a,      &(a[n]),n); /* + */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(t,      a,      &(a[n]),n);
-		bn_sub_words(&(t[n]),&(b[n]),b,      n);
-		break;
-		}
-
-# ifdef BN_MUL_COMBA
-	if (n == 4)
-		{
-		if (!zero)
-			bn_mul_comba4(&(t[n2]),t,&(t[n]));
-		else
-			memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-		
-		bn_mul_comba4(r,a,b);
-		bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n]));
-		}
-	else if (n == 8)
-		{
-		if (!zero)
-			bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		else
-			memset(&(t[n2]),0,16*sizeof(BN_ULONG));
-		
-		bn_mul_comba8(r,a,b);
-		bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
-		}
-	else
-# endif /* BN_MUL_COMBA */
-		{
-		p= &(t[n2*2]);
-		if (!zero)
-			bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		else
-			memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
-		bn_mul_recursive(r,a,b,n,p);
-		bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
-	if (neg) /* if t[32] is negative */
-		{
-		c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
-		}
-	else
-		{
-		/* Might have a carry */
-		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < (BN_ULONG)c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
-	     int n, BN_ULONG *t)
-	{
-	int i,j,n2=n*2;
-	unsigned int c1,c2,neg,zero;
-	BN_ULONG ln,lo,*p;
-
-# ifdef BN_COUNT
-	printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
-# endif
-	if (n < 8)
-		{
-		i=tn+n;
-		bn_mul_normal(r,a,i,b,i);
-		return;
-		}
-
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),b,n);
-	zero=neg=0;
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		break;
-	case -3:
-		zero=1;
-		/* break; */
-	case -2:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),&(b[n]),b,      n); /* + */
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		/* break; */
-	case 2:
-		bn_sub_words(t,      a,      &(a[n]),n); /* + */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		/* break; */
-	case 4:
-		bn_sub_words(t,      a,      &(a[n]),n);
-		bn_sub_words(&(t[n]),&(b[n]),b,      n);
-		break;
-		}
-		/* The zero case isn't yet implemented here. The speedup
-		   would probably be negligible. */
-# if 0
-	if (n == 4)
-		{
-		bn_mul_comba4(&(t[n2]),t,&(t[n]));
-		bn_mul_comba4(r,a,b);
-		bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
-		memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
-		}
-	else
-# endif
-	if (n == 8)
-		{
-		bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		bn_mul_comba8(r,a,b);
-		bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
-		memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		bn_mul_recursive(r,a,b,n,p);
-		i=n/2;
-		/* If there is only a bottom half to the number,
-		 * just do it */
-		j=tn-i;
-		if (j == 0)
-			{
-			bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
-			memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
-			}
-		else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
-				{
-				bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
-					j,i,p);
-				memset(&(r[n2+tn*2]),0,
-					sizeof(BN_ULONG)*(n2-tn*2));
-				}
-		else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
-			{
-			memset(&(r[n2]),0,sizeof(BN_ULONG)*n2);
-			if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL)
-				{
-				bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
-				}
-			else
-				{
-				for (;;)
-					{
-					i/=2;
-					if (i < tn)
-						{
-						bn_mul_part_recursive(&(r[n2]),
-							&(a[n]),&(b[n]),
-							tn-i,i,p);
-						break;
-						}
-					else if (i == tn)
-						{
-						bn_mul_recursive(&(r[n2]),
-							&(a[n]),&(b[n]),
-							i,p);
-						break;
-						}
-					}
-				}
-			}
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
-	if (neg) /* if t[32] is negative */
-		{
-		c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
-		}
-	else
-		{
-		/* Might have a carry */
-		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2;
-
-# ifdef BN_COUNT
-	printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
-# endif
-
-	bn_mul_recursive(r,a,b,n,&(t[0]));
-	if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		}
-	else
-		{
-		bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
-		bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
-		}
-	}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-	     BN_ULONG *t)
-	{
-	int i,n;
-	int c1,c2;
-	int neg,oneg,zero;
-	BN_ULONG ll,lc,*lp,*mp;
-
-# ifdef BN_COUNT
-	printf(" bn_mul_high %d * %d\n",n2,n2);
-# endif
-	n=n2/2;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	neg=zero=0;
-	c1=bn_cmp_words(&(a[0]),&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),&(b[0]),n);
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		break;
-		}
-		
-	oneg=neg;
-	/* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
-	/* r[10] = (a[1]*b[1]) */
-# ifdef BN_MUL_COMBA
-	if (n == 8)
-		{
-		bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
-		bn_mul_comba8(r,&(a[n]),&(b[n]));
-		}
-	else
-# endif
-		{
-		bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
-		bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
-		}
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
-	 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2+n]);
-		c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
-		}
-	else
-		{
-		c1=0;
-		lp= &(r[0]);
-		}
-
-	if (neg)
-		neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
-	else
-		{
-		bn_add_words(&(t[n2]),lp,&(t[0]),n);
-		neg=0;
-		}
-
-	if (l != NULL)
-		{
-		bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		mp= &(t[n2]);
-		for (i=0; i<n; i++)
-			lp[i]=((~mp[i])+1)&BN_MASK2;
-		}
-
-	/* s[0] = low(al*bl)
-	 * t[3] = high(al*bl)
-	 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
-	 * r[10] = (a[1]*b[1])
-	 */
-	/* R[10] = al*bl
-	 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
-	 * R[32] = ah*bh
-	 */
-	/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
-	 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
-	 * R[3]=r[1]+(carry/borrow)
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2]);
-		c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		c1=0;
-		}
-	c1+=(int)(bn_add_words(&(t[n2]),lp,  &(r[0]),n));
-	if (oneg)
-		c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
-	else
-		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
-
-	c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
-	c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
-	if (oneg)
-		c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
-	else
-		c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
-	
-	if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
-		{
-		i=0;
-		if (c1 > 0)
-			{
-			lc=c1;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c1;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	if (c2 != 0) /* Add starting at r[1] */
-		{
-		i=n;
-		if (c2 > 0)
-			{
-			lc=c2;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c2;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	}
-#endif /* BN_RECURSION */
-
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	int top,al,bl;
-	BIGNUM *rr;
-	int ret = 0;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-	int i;
-#endif
-#ifdef BN_RECURSION
-	BIGNUM *t;
-	int j,k;
-#endif
-
-#ifdef BN_COUNT
-	printf("BN_mul %d * %d\n",a->top,b->top);
-#endif
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(r);
-
-	al=a->top;
-	bl=b->top;
-
-	if ((al == 0) || (bl == 0))
-		{
-		if (!BN_zero(r)) goto err;
-		return(1);
-		}
-	top=al+bl;
-
-	BN_CTX_start(ctx);
-	if ((r == a) || (r == b))
-		{
-		if ((rr = BN_CTX_get(ctx)) == NULL) goto err;
-		}
-	else
-		rr = r;
-	rr->neg=a->neg^b->neg;
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-	i = al-bl;
-#endif
-#ifdef BN_MUL_COMBA
-	if (i == 0)
-		{
-# if 0
-		if (al == 4)
-			{
-			if (bn_wexpand(rr,8) == NULL) goto err;
-			rr->top=8;
-			bn_mul_comba4(rr->d,a->d,b->d);
-			goto end;
-			}
-# endif
-		if (al == 8)
-			{
-			if (bn_wexpand(rr,16) == NULL) goto err;
-			rr->top=16;
-			bn_mul_comba8(rr->d,a->d,b->d);
-			goto end;
-			}
-		}
-#endif /* BN_MUL_COMBA */
-#ifdef BN_RECURSION
-	if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
-		{
-		if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA) && bl<b->dmax)
-			{
-#if 0	/* tribute to const-ification, bl<b->dmax above covers for this */
-			if (bn_wexpand(b,al) == NULL) goto err;
-#endif
-			b->d[bl]=0;
-			bl++;
-			i--;
-			}
-		else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA) && al<a->dmax)
-			{
-#if 0	/* tribute to const-ification, al<a->dmax above covers for this */
-			if (bn_wexpand(a,bl) == NULL) goto err;
-#endif
-			a->d[al]=0;
-			al++;
-			i++;
-			}
-		if (i == 0)
-			{
-			/* symmetric and > 4 */
-			/* 16 or larger */
-			j=BN_num_bits_word((BN_ULONG)al);
-			j=1<<(j-1);
-			k=j+j;
-			t = BN_CTX_get(ctx);
-			if (al == j) /* exact multiple */
-				{
-				if (bn_wexpand(t,k*2) == NULL) goto err;
-				if (bn_wexpand(rr,k*2) == NULL) goto err;
-				bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
-				rr->top=top;
-				goto end;
-				}
-#if 0	/* tribute to const-ification, rsa/dsa performance is not affected */
-			else
-				{
-				if (bn_wexpand(a,k) == NULL ) goto err;
-				if (bn_wexpand(b,k) == NULL ) goto err;
-				if (bn_wexpand(t,k*4) == NULL ) goto err;
-				if (bn_wexpand(rr,k*4) == NULL ) goto err;
-				for (i=a->top; i<k; i++)
-					a->d[i]=0;
-				for (i=b->top; i<k; i++)
-					b->d[i]=0;
-				bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
-				}
-			rr->top=top;
-			goto end;
-#endif
-			}
-		}
-#endif /* BN_RECURSION */
-	if (bn_wexpand(rr,top) == NULL) goto err;
-	rr->top=top;
-	bn_mul_normal(rr->d,a->d,al,b->d,bl);
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-end:
-#endif
-	bn_fix_top(rr);
-	if (r != rr) BN_copy(r,rr);
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
-	{
-	BN_ULONG *rr;
-
-#ifdef BN_COUNT
-	printf(" bn_mul_normal %d * %d\n",na,nb);
-#endif
-
-	if (na < nb)
-		{
-		int itmp;
-		BN_ULONG *ltmp;
-
-		itmp=na; na=nb; nb=itmp;
-		ltmp=a;   a=b;   b=ltmp;
-
-		}
-	rr= &(r[na]);
-	rr[0]=bn_mul_words(r,a,na,b[0]);
-
-	for (;;)
-		{
-		if (--nb <= 0) return;
-		rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
-		if (--nb <= 0) return;
-		rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
-		if (--nb <= 0) return;
-		rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
-		if (--nb <= 0) return;
-		rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
-		rr+=4;
-		r+=4;
-		b+=4;
-		}
-	}
-
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-	{
-#ifdef BN_COUNT
-	printf(" bn_mul_low_normal %d * %d\n",n,n);
-#endif
-	bn_mul_words(r,a,n,b[0]);
-
-	for (;;)
-		{
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[1]),a,n,b[1]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[2]),a,n,b[2]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[3]),a,n,b[3]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[4]),a,n,b[4]);
-		r+=4;
-		b+=4;
-		}
-	}
diff --git a/crypto/openssl/crypto/bn/bn_opts.c b/crypto/openssl/crypto/bn/bn_opts.c
deleted file mode 100644
index 381be529b2f6..000000000000
--- a/crypto/openssl/crypto/bn/bn_opts.c
+++ /dev/null
@@ -1,324 +0,0 @@
-/* crypto/bn/expspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/tmdiff.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-#define DEFAULT_SIZE	512
-#define DEFAULT_TIME	3
-
-int verbose=1;
-
-typedef struct parms_st
-	{
-	char *name;
-	void (*func)();
-	BIGNUM r;
-	BIGNUM a;
-	BIGNUM b;
-	BIGNUM c;
-	BIGNUM low;
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
-	int w;
-	} PARMS;
-
-void do_mul_exp(int num,PARMS *p);
-void do_mul(int num,PARMS *p);
-void do_sqr(int num,PARMS *p);
-void do_mul_low(int num,PARMS *p);
-void do_mul_high(int num,PARMS *p);
-void do_from_montgomery(int num,PARMS *p);
-int time_it(int sec, PARMS *p);
-void do_it(int sec, PARMS *p);
-
-#define P_EXP	1
-#define P_MUL	2
-#define P_SQR	3
-#define P_MULL	4
-#define P_MULH	5
-#define P_MRED	6
-
-int main(int argc, char **argv)
-	{
-	PARMS p;
-	BN_MONT_CTX *mont;
-	int size=0,num;
-	char *name;
-	int type=P_EXP;
-
-	mont=BN_MONT_CTX_new();
-	p.mont=NULL;
-	p.ctx=BN_CTX_new();
-	BN_init(&p.r);
-	BN_init(&p.a);
-	BN_init(&p.b);
-	BN_init(&p.c);
-	BN_init(&p.low);
-	p.w=0;
-
-	for (;;)
-		{
-		if (argc > 1)
-			{
-			if (argv[1][0] == '-')
-				{
-				switch(argv[1][1])
-					{
-				case 'e': type=P_EXP; break;
-				case 'm': type=P_MUL; break;
-				case 's': type=P_SQR; break;
-				case 'l': type=P_MULL; break;
-				case 'h': type=P_MULH; break;
-				case 'r': type=P_MRED; break;
-				default:
-					fprintf(stderr,"options: -[emslhr]\n");
-					exit(1);
-					}
-				}
-			else
-				{
-				size=atoi(argv[1]);
-				}
-			argc--;
-			argv++;
-			}
-		else
-			break;
-		}
-	if (size == 0)
-		size=DEFAULT_SIZE;
-
-	printf("bit size:%5d\n",size);
-
-	BN_rand(&p.a,size,1,0);
-	BN_rand(&p.b,size,1,0);
-	BN_rand(&p.c,size,1,1);
-	BN_mod(&p.a,&p.a,&p.c,p.ctx);
-	BN_mod(&p.b,&p.b,&p.c,p.ctx);
-	p.w=(p.a.top+1)/2;
-
-	BN_mul(&p.low,&p.a,&p.b,p.ctx);
-	p.low.top=p.a.top;
-	
-	switch(type)
-		{
-	case P_EXP:
-		p.name="r=a^b%c";
-		p.func=do_mul_exp;
-		p.mont=mont;
-		break;
-	case P_MUL:
-		p.name="r=a*b";
-		p.func=do_mul;
-		break;
-	case P_SQR:
-		p.name="r=a*a";
-		p.func=do_sqr;
-		break;
-	case P_MULL:
-		p.name="r=low(a*b)";
-		p.func=do_mul_low;
-		break;
-	case P_MULH:
-		p.name="r=high(a*b)";
-		p.func=do_mul_high;
-		break;
-	case P_MRED:
-		p.name="r=montgomery_reduction(a)";
-		p.func=do_from_montgomery;
-		p.mont=mont;
-		break;
-	default:
-		fprintf(stderr,"options: -[emslhr]\n");
-		exit(1);
-		}
-
-	num=time_it(DEFAULT_TIME,&p);
-	do_it(num,&p);
-	}
-
-void do_it(int num, PARMS *p)
-	{
-	char *start,*end;
-	int i,j,number;
-	double d;
-
-	start=ms_time_new();
-	end=ms_time_new();
-
-	number=BN_num_bits_word((BN_ULONG)BN_num_bits(&(p->c)))-
-		BN_num_bits_word(BN_BITS2)+2;
-	for (i=number-1; i >=0; i--)
-		{
-		if (i == 1) continue;
-		BN_set_params(i,i,i,1);
-		if (p->mont != NULL)
-			BN_MONT_CTX_set(p->mont,&(p->c),p->ctx);
-
-		printf("Timing %5d (%2d bit) %2d %2d %2d %2d :",
-			(1<<i)*BN_BITS2,i,
-				BN_get_params(0),
-				BN_get_params(1),
-				BN_get_params(2),
-				BN_get_params(3));
-		fflush(stdout);
-
-		ms_time_get(start);
-		p->func(num,p);
-		ms_time_get(end);
-		d=ms_time_diff(start,end);
-		printf("%6.6f sec, or %d in %.4f seconds\n",
-			(double)d/num,num,d);
-		}
-	}
-
-int time_it(int sec, PARMS *p)
-	{
-	char *start,*end;
-	int i,j;
-	double d;
-
-	if (p->mont != NULL)
-		BN_MONT_CTX_set(p->mont,&(p->c),p->ctx);
-
-	start=ms_time_new();
-	end=ms_time_new();
-
-	i=1;
-	for (;;)
-		{
-		if (verbose)
-			printf("timing %s for %d interations\n",p->name,i);
-
-		ms_time_get(start);
-		p->func(i,p);
-		ms_time_get(end);
-		d=ms_time_diff(start,end);
-
-		if 	(d < 0.01) i*=100;
-		else if (d < 0.1 ) i*=10;
-		else if (d > (double)sec) break;
-		else
-			{
-			i=(int)(1.0*i*sec/d);
-			break;
-			}
-		}
-	if (verbose)
-		printf("using %d interations\n",i);
-	return(i);
-	}
-
-void do_mul_exp(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mod_exp_mont(&(p->r),&(p->a),&(p->b),&(p->c),
-			p->ctx,p->mont);
-	}
-
-void do_mul(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mul(&(p->r),&(p->a),&(p->b),p->ctx);
-	}
-
-void do_sqr(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-			BN_sqr(&(p->r),&(p->a),p->ctx);
-	}
-
-void do_mul_low(int num, PARMS *p)
-	{
-	int i;
-	
-	for (i=0; i<num; i++)
-		BN_mul_low(&(p->r),&(p->a),&(p->b),p->w,p->ctx);
-	}
-
-void do_mul_high(int num, PARMS *p)
-	{
-	int i;
-
-	for (i=0; i<num; i++)
-		BN_mul_low(&(p->r),&(p->a),&(p->b),&(p->low),p->w,p->ctx);
-	}
-
-void do_from_montgomery(int num, PARMS *p)
-	{
-	int i;
-	
-	for (i=0; i<num; i++)
-		BN_from_montgomery(&(p->r),&(p->a),p->mont,p->ctx);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bn_prime.c b/crypto/openssl/crypto/bn/bn_prime.c
deleted file mode 100644
index e072d9255c4c..000000000000
--- a/crypto/openssl/crypto/bn/bn_prime.c
+++ /dev/null
@@ -1,466 +0,0 @@
-/* crypto/bn/bn_prime.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-/* The quick sieve algorithm approach to weeding out primes is
- * Philip Zimmermann's, as implemented in PGP.  I have had a read of
- * his comments and implemented my own version.
- */
-#include "bn_prime.h"
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
-	const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits);
-static int probable_prime_dh(BIGNUM *rnd, int bits,
-	const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
-	const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
-
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
-	const BIGNUM *add, const BIGNUM *rem,
-	void (*callback)(int,int,void *), void *cb_arg)
-	{
-	BIGNUM *rnd=NULL;
-	BIGNUM t;
-	int found=0;
-	int i,j,c1=0;
-	BN_CTX *ctx;
-	int checks = BN_prime_checks_for_size(bits);
-
-	BN_init(&t);
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	if (ret == NULL)
-		{
-		if ((rnd=BN_new()) == NULL) goto err;
-		}
-	else
-		rnd=ret;
-loop: 
-	/* make a random number and set the top and bottom bits */
-	if (add == NULL)
-		{
-		if (!probable_prime(rnd,bits)) goto err;
-		}
-	else
-		{
-		if (safe)
-			{
-			if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx))
-				 goto err;
-			}
-		else
-			{
-			if (!probable_prime_dh(rnd,bits,add,rem,ctx))
-				goto err;
-			}
-		}
-	/* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
-	if (callback != NULL) callback(0,c1++,cb_arg);
-
-	if (!safe)
-		{
-		i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0);
-		if (i == -1) goto err;
-		if (i == 0) goto loop;
-		}
-	else
-		{
-		/* for "safe prime" generation,
-		 * check that (p-1)/2 is prime.
-		 * Since a prime is odd, We just
-		 * need to divide by 2 */
-		if (!BN_rshift1(&t,rnd)) goto err;
-
-		for (i=0; i<checks; i++)
-			{
-			j=BN_is_prime_fasttest(rnd,1,callback,ctx,cb_arg,0);
-			if (j == -1) goto err;
-			if (j == 0) goto loop;
-
-			j=BN_is_prime_fasttest(&t,1,callback,ctx,cb_arg,0);
-			if (j == -1) goto err;
-			if (j == 0) goto loop;
-
-			if (callback != NULL) callback(2,c1-1,cb_arg);
-			/* We have a safe prime test pass */
-			}
-		}
-	/* we have a prime :-) */
-	found = 1;
-err:
-	if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd);
-	BN_free(&t);
-	if (ctx != NULL) BN_CTX_free(ctx);
-	return(found ? rnd : NULL);
-	}
-
-int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *),
-	BN_CTX *ctx_passed, void *cb_arg)
-	{
-	return BN_is_prime_fasttest(a, checks, callback, ctx_passed, cb_arg, 0);
-	}
-
-int BN_is_prime_fasttest(const BIGNUM *a, int checks,
-		void (*callback)(int,int,void *),
-		BN_CTX *ctx_passed, void *cb_arg,
-		int do_trial_division)
-	{
-	int i, j, ret = -1;
-	int k;
-	BN_CTX *ctx = NULL;
-	BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
-	BN_MONT_CTX *mont = NULL;
-	const BIGNUM *A = NULL;
-
-	if (BN_cmp(a, BN_value_one()) <= 0)
-		return 0;
-	
-	if (checks == BN_prime_checks)
-		checks = BN_prime_checks_for_size(BN_num_bits(a));
-
-	/* first look for small factors */
-	if (!BN_is_odd(a))
-		return 0;
-	if (do_trial_division)
-		{
-		for (i = 1; i < NUMPRIMES; i++)
-			if (BN_mod_word(a, primes[i]) == 0) 
-				return 0;
-		if (callback != NULL) callback(1, -1, cb_arg);
-		}
-
-	if (ctx_passed != NULL)
-		ctx = ctx_passed;
-	else
-		if ((ctx=BN_CTX_new()) == NULL)
-			goto err;
-	BN_CTX_start(ctx);
-
-	/* A := abs(a) */
-	if (a->neg)
-		{
-		BIGNUM *t;
-		if ((t = BN_CTX_get(ctx)) == NULL) goto err;
-		BN_copy(t, a);
-		t->neg = 0;
-		A = t;
-		}
-	else
-		A = a;
-	A1 = BN_CTX_get(ctx);
-	A1_odd = BN_CTX_get(ctx);
-	check = BN_CTX_get(ctx);
-	if (check == NULL) goto err;
-
-	/* compute A1 := A - 1 */
-	if (!BN_copy(A1, A))
-		goto err;
-	if (!BN_sub_word(A1, 1))
-		goto err;
-	if (BN_is_zero(A1))
-		{
-		ret = 0;
-		goto err;
-		}
-
-	/* write  A1  as  A1_odd * 2^k */
-	k = 1;
-	while (!BN_is_bit_set(A1, k))
-		k++;
-	if (!BN_rshift(A1_odd, A1, k))
-		goto err;
-
-	/* Montgomery setup for computations mod A */
-	mont = BN_MONT_CTX_new();
-	if (mont == NULL)
-		goto err;
-	if (!BN_MONT_CTX_set(mont, A, ctx))
-		goto err;
-	
-	for (i = 0; i < checks; i++)
-		{
-		if (!BN_pseudo_rand_range(check, A1))
-			goto err;
-		if (!BN_add_word(check, 1))
-			goto err;
-		/* now 1 <= check < A */
-
-		j = witness(check, A, A1, A1_odd, k, ctx, mont);
-		if (j == -1) goto err;
-		if (j)
-			{
-			ret=0;
-			goto err;
-			}
-		if (callback != NULL) callback(1,i,cb_arg);
-		}
-	ret=1;
-err:
-	if (ctx != NULL)
-		{
-		BN_CTX_end(ctx);
-		if (ctx_passed == NULL)
-			BN_CTX_free(ctx);
-		}
-	if (mont != NULL)
-		BN_MONT_CTX_free(mont);
-
-	return(ret);
-	}
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
-	const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont)
-	{
-	if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
-		return -1;
-	if (BN_is_one(w))
-		return 0; /* probably prime */
-	if (BN_cmp(w, a1) == 0)
-		return 0; /* w == -1 (mod a),  'a' is probably prime */
-	while (--k)
-		{
-		if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
-			return -1;
-		if (BN_is_one(w))
-			return 1; /* 'a' is composite, otherwise a previous 'w' would
-			           * have been == -1 (mod 'a') */
-		if (BN_cmp(w, a1) == 0)
-			return 0; /* w == -1 (mod a), 'a' is probably prime */
-		}
-	/* If we get here, 'w' is the (a-1)/2-th power of the original 'w',
-	 * and it is neither -1 nor +1 -- so 'a' cannot be prime */
-	return 1;
-	}
-
-static int probable_prime(BIGNUM *rnd, int bits)
-	{
-	int i;
-	BN_ULONG mods[NUMPRIMES];
-	BN_ULONG delta,d;
-
-again:
-	if (!BN_rand(rnd,bits,1,1)) return(0);
-	/* we now have a random number 'rand' to test. */
-	for (i=1; i<NUMPRIMES; i++)
-		mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
-	delta=0;
-	loop: for (i=1; i<NUMPRIMES; i++)
-		{
-		/* check that rnd is not a prime and also
-		 * that gcd(rnd-1,primes) == 1 (except for 2) */
-		if (((mods[i]+delta)%primes[i]) <= 1)
-			{
-			d=delta;
-			delta+=2;
-			/* perhaps need to check for overflow of
-			 * delta (but delta can be up to 2^32)
-			 * 21-May-98 eay - added overflow check */
-			if (delta < d) goto again;
-			goto loop;
-			}
-		}
-	if (!BN_add_word(rnd,delta)) return(0);
-	return(1);
-	}
-
-static int probable_prime_dh(BIGNUM *rnd, int bits,
-	const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx)
-	{
-	int i,ret=0;
-	BIGNUM *t1;
-
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL) goto err;
-
-	if (!BN_rand(rnd,bits,0,1)) goto err;
-
-	/* we need ((rnd-rem) % add) == 0 */
-
-	if (!BN_mod(t1,rnd,add,ctx)) goto err;
-	if (!BN_sub(rnd,rnd,t1)) goto err;
-	if (rem == NULL)
-		{ if (!BN_add_word(rnd,1)) goto err; }
-	else
-		{ if (!BN_add(rnd,rnd,rem)) goto err; }
-
-	/* we now have a random number 'rand' to test. */
-
-	loop: for (i=1; i<NUMPRIMES; i++)
-		{
-		/* check that rnd is a prime */
-		if (BN_mod_word(rnd,(BN_ULONG)primes[i]) <= 1)
-			{
-			if (!BN_add(rnd,rnd,add)) goto err;
-			goto loop;
-			}
-		}
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
-	const BIGNUM *rem, BN_CTX *ctx)
-	{
-	int i,ret=0;
-	BIGNUM *t1,*qadd,*q;
-
-	bits--;
-	BN_CTX_start(ctx);
-	t1 = BN_CTX_get(ctx);
-	q = BN_CTX_get(ctx);
-	qadd = BN_CTX_get(ctx);
-	if (qadd == NULL) goto err;
-
-	if (!BN_rshift1(qadd,padd)) goto err;
-		
-	if (!BN_rand(q,bits,0,1)) goto err;
-
-	/* we need ((rnd-rem) % add) == 0 */
-	if (!BN_mod(t1,q,qadd,ctx)) goto err;
-	if (!BN_sub(q,q,t1)) goto err;
-	if (rem == NULL)
-		{ if (!BN_add_word(q,1)) goto err; }
-	else
-		{
-		if (!BN_rshift1(t1,rem)) goto err;
-		if (!BN_add(q,q,t1)) goto err;
-		}
-
-	/* we now have a random number 'rand' to test. */
-	if (!BN_lshift1(p,q)) goto err;
-	if (!BN_add_word(p,1)) goto err;
-
-	loop: for (i=1; i<NUMPRIMES; i++)
-		{
-		/* check that p and q are prime */
-		/* check that for p and q
-		 * gcd(p-1,primes) == 1 (except for 2) */
-		if (	(BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
-			(BN_mod_word(q,(BN_ULONG)primes[i]) == 0))
-			{
-			if (!BN_add(p,p,padd)) goto err;
-			if (!BN_add(q,q,qadd)) goto err;
-			goto loop;
-			}
-		}
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_prime.h b/crypto/openssl/crypto/bn/bn_prime.h
deleted file mode 100644
index b7cf9a9bfe12..000000000000
--- a/crypto/openssl/crypto/bn/bn_prime.h
+++ /dev/null
@@ -1,325 +0,0 @@
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef EIGHT_BIT
-#define NUMPRIMES 2048
-#else
-#define NUMPRIMES 54
-#endif
-static const unsigned int primes[NUMPRIMES]=
-	{
-	   2,   3,   5,   7,  11,  13,  17,  19,
-	  23,  29,  31,  37,  41,  43,  47,  53,
-	  59,  61,  67,  71,  73,  79,  83,  89,
-	  97, 101, 103, 107, 109, 113, 127, 131,
-	 137, 139, 149, 151, 157, 163, 167, 173,
-	 179, 181, 191, 193, 197, 199, 211, 223,
-	 227, 229, 233, 239, 241, 251,
-#ifndef EIGHT_BIT
-	 257, 263,
-	 269, 271, 277, 281, 283, 293, 307, 311,
-	 313, 317, 331, 337, 347, 349, 353, 359,
-	 367, 373, 379, 383, 389, 397, 401, 409,
-	 419, 421, 431, 433, 439, 443, 449, 457,
-	 461, 463, 467, 479, 487, 491, 499, 503,
-	 509, 521, 523, 541, 547, 557, 563, 569,
-	 571, 577, 587, 593, 599, 601, 607, 613,
-	 617, 619, 631, 641, 643, 647, 653, 659,
-	 661, 673, 677, 683, 691, 701, 709, 719,
-	 727, 733, 739, 743, 751, 757, 761, 769,
-	 773, 787, 797, 809, 811, 821, 823, 827,
-	 829, 839, 853, 857, 859, 863, 877, 881,
-	 883, 887, 907, 911, 919, 929, 937, 941,
-	 947, 953, 967, 971, 977, 983, 991, 997,
-	1009,1013,1019,1021,1031,1033,1039,1049,
-	1051,1061,1063,1069,1087,1091,1093,1097,
-	1103,1109,1117,1123,1129,1151,1153,1163,
-	1171,1181,1187,1193,1201,1213,1217,1223,
-	1229,1231,1237,1249,1259,1277,1279,1283,
-	1289,1291,1297,1301,1303,1307,1319,1321,
-	1327,1361,1367,1373,1381,1399,1409,1423,
-	1427,1429,1433,1439,1447,1451,1453,1459,
-	1471,1481,1483,1487,1489,1493,1499,1511,
-	1523,1531,1543,1549,1553,1559,1567,1571,
-	1579,1583,1597,1601,1607,1609,1613,1619,
-	1621,1627,1637,1657,1663,1667,1669,1693,
-	1697,1699,1709,1721,1723,1733,1741,1747,
-	1753,1759,1777,1783,1787,1789,1801,1811,
-	1823,1831,1847,1861,1867,1871,1873,1877,
-	1879,1889,1901,1907,1913,1931,1933,1949,
-	1951,1973,1979,1987,1993,1997,1999,2003,
-	2011,2017,2027,2029,2039,2053,2063,2069,
-	2081,2083,2087,2089,2099,2111,2113,2129,
-	2131,2137,2141,2143,2153,2161,2179,2203,
-	2207,2213,2221,2237,2239,2243,2251,2267,
-	2269,2273,2281,2287,2293,2297,2309,2311,
-	2333,2339,2341,2347,2351,2357,2371,2377,
-	2381,2383,2389,2393,2399,2411,2417,2423,
-	2437,2441,2447,2459,2467,2473,2477,2503,
-	2521,2531,2539,2543,2549,2551,2557,2579,
-	2591,2593,2609,2617,2621,2633,2647,2657,
-	2659,2663,2671,2677,2683,2687,2689,2693,
-	2699,2707,2711,2713,2719,2729,2731,2741,
-	2749,2753,2767,2777,2789,2791,2797,2801,
-	2803,2819,2833,2837,2843,2851,2857,2861,
-	2879,2887,2897,2903,2909,2917,2927,2939,
-	2953,2957,2963,2969,2971,2999,3001,3011,
-	3019,3023,3037,3041,3049,3061,3067,3079,
-	3083,3089,3109,3119,3121,3137,3163,3167,
-	3169,3181,3187,3191,3203,3209,3217,3221,
-	3229,3251,3253,3257,3259,3271,3299,3301,
-	3307,3313,3319,3323,3329,3331,3343,3347,
-	3359,3361,3371,3373,3389,3391,3407,3413,
-	3433,3449,3457,3461,3463,3467,3469,3491,
-	3499,3511,3517,3527,3529,3533,3539,3541,
-	3547,3557,3559,3571,3581,3583,3593,3607,
-	3613,3617,3623,3631,3637,3643,3659,3671,
-	3673,3677,3691,3697,3701,3709,3719,3727,
-	3733,3739,3761,3767,3769,3779,3793,3797,
-	3803,3821,3823,3833,3847,3851,3853,3863,
-	3877,3881,3889,3907,3911,3917,3919,3923,
-	3929,3931,3943,3947,3967,3989,4001,4003,
-	4007,4013,4019,4021,4027,4049,4051,4057,
-	4073,4079,4091,4093,4099,4111,4127,4129,
-	4133,4139,4153,4157,4159,4177,4201,4211,
-	4217,4219,4229,4231,4241,4243,4253,4259,
-	4261,4271,4273,4283,4289,4297,4327,4337,
-	4339,4349,4357,4363,4373,4391,4397,4409,
-	4421,4423,4441,4447,4451,4457,4463,4481,
-	4483,4493,4507,4513,4517,4519,4523,4547,
-	4549,4561,4567,4583,4591,4597,4603,4621,
-	4637,4639,4643,4649,4651,4657,4663,4673,
-	4679,4691,4703,4721,4723,4729,4733,4751,
-	4759,4783,4787,4789,4793,4799,4801,4813,
-	4817,4831,4861,4871,4877,4889,4903,4909,
-	4919,4931,4933,4937,4943,4951,4957,4967,
-	4969,4973,4987,4993,4999,5003,5009,5011,
-	5021,5023,5039,5051,5059,5077,5081,5087,
-	5099,5101,5107,5113,5119,5147,5153,5167,
-	5171,5179,5189,5197,5209,5227,5231,5233,
-	5237,5261,5273,5279,5281,5297,5303,5309,
-	5323,5333,5347,5351,5381,5387,5393,5399,
-	5407,5413,5417,5419,5431,5437,5441,5443,
-	5449,5471,5477,5479,5483,5501,5503,5507,
-	5519,5521,5527,5531,5557,5563,5569,5573,
-	5581,5591,5623,5639,5641,5647,5651,5653,
-	5657,5659,5669,5683,5689,5693,5701,5711,
-	5717,5737,5741,5743,5749,5779,5783,5791,
-	5801,5807,5813,5821,5827,5839,5843,5849,
-	5851,5857,5861,5867,5869,5879,5881,5897,
-	5903,5923,5927,5939,5953,5981,5987,6007,
-	6011,6029,6037,6043,6047,6053,6067,6073,
-	6079,6089,6091,6101,6113,6121,6131,6133,
-	6143,6151,6163,6173,6197,6199,6203,6211,
-	6217,6221,6229,6247,6257,6263,6269,6271,
-	6277,6287,6299,6301,6311,6317,6323,6329,
-	6337,6343,6353,6359,6361,6367,6373,6379,
-	6389,6397,6421,6427,6449,6451,6469,6473,
-	6481,6491,6521,6529,6547,6551,6553,6563,
-	6569,6571,6577,6581,6599,6607,6619,6637,
-	6653,6659,6661,6673,6679,6689,6691,6701,
-	6703,6709,6719,6733,6737,6761,6763,6779,
-	6781,6791,6793,6803,6823,6827,6829,6833,
-	6841,6857,6863,6869,6871,6883,6899,6907,
-	6911,6917,6947,6949,6959,6961,6967,6971,
-	6977,6983,6991,6997,7001,7013,7019,7027,
-	7039,7043,7057,7069,7079,7103,7109,7121,
-	7127,7129,7151,7159,7177,7187,7193,7207,
-	7211,7213,7219,7229,7237,7243,7247,7253,
-	7283,7297,7307,7309,7321,7331,7333,7349,
-	7351,7369,7393,7411,7417,7433,7451,7457,
-	7459,7477,7481,7487,7489,7499,7507,7517,
-	7523,7529,7537,7541,7547,7549,7559,7561,
-	7573,7577,7583,7589,7591,7603,7607,7621,
-	7639,7643,7649,7669,7673,7681,7687,7691,
-	7699,7703,7717,7723,7727,7741,7753,7757,
-	7759,7789,7793,7817,7823,7829,7841,7853,
-	7867,7873,7877,7879,7883,7901,7907,7919,
-	7927,7933,7937,7949,7951,7963,7993,8009,
-	8011,8017,8039,8053,8059,8069,8081,8087,
-	8089,8093,8101,8111,8117,8123,8147,8161,
-	8167,8171,8179,8191,8209,8219,8221,8231,
-	8233,8237,8243,8263,8269,8273,8287,8291,
-	8293,8297,8311,8317,8329,8353,8363,8369,
-	8377,8387,8389,8419,8423,8429,8431,8443,
-	8447,8461,8467,8501,8513,8521,8527,8537,
-	8539,8543,8563,8573,8581,8597,8599,8609,
-	8623,8627,8629,8641,8647,8663,8669,8677,
-	8681,8689,8693,8699,8707,8713,8719,8731,
-	8737,8741,8747,8753,8761,8779,8783,8803,
-	8807,8819,8821,8831,8837,8839,8849,8861,
-	8863,8867,8887,8893,8923,8929,8933,8941,
-	8951,8963,8969,8971,8999,9001,9007,9011,
-	9013,9029,9041,9043,9049,9059,9067,9091,
-	9103,9109,9127,9133,9137,9151,9157,9161,
-	9173,9181,9187,9199,9203,9209,9221,9227,
-	9239,9241,9257,9277,9281,9283,9293,9311,
-	9319,9323,9337,9341,9343,9349,9371,9377,
-	9391,9397,9403,9413,9419,9421,9431,9433,
-	9437,9439,9461,9463,9467,9473,9479,9491,
-	9497,9511,9521,9533,9539,9547,9551,9587,
-	9601,9613,9619,9623,9629,9631,9643,9649,
-	9661,9677,9679,9689,9697,9719,9721,9733,
-	9739,9743,9749,9767,9769,9781,9787,9791,
-	9803,9811,9817,9829,9833,9839,9851,9857,
-	9859,9871,9883,9887,9901,9907,9923,9929,
-	9931,9941,9949,9967,9973,10007,10009,10037,
-	10039,10061,10067,10069,10079,10091,10093,10099,
-	10103,10111,10133,10139,10141,10151,10159,10163,
-	10169,10177,10181,10193,10211,10223,10243,10247,
-	10253,10259,10267,10271,10273,10289,10301,10303,
-	10313,10321,10331,10333,10337,10343,10357,10369,
-	10391,10399,10427,10429,10433,10453,10457,10459,
-	10463,10477,10487,10499,10501,10513,10529,10531,
-	10559,10567,10589,10597,10601,10607,10613,10627,
-	10631,10639,10651,10657,10663,10667,10687,10691,
-	10709,10711,10723,10729,10733,10739,10753,10771,
-	10781,10789,10799,10831,10837,10847,10853,10859,
-	10861,10867,10883,10889,10891,10903,10909,10937,
-	10939,10949,10957,10973,10979,10987,10993,11003,
-	11027,11047,11057,11059,11069,11071,11083,11087,
-	11093,11113,11117,11119,11131,11149,11159,11161,
-	11171,11173,11177,11197,11213,11239,11243,11251,
-	11257,11261,11273,11279,11287,11299,11311,11317,
-	11321,11329,11351,11353,11369,11383,11393,11399,
-	11411,11423,11437,11443,11447,11467,11471,11483,
-	11489,11491,11497,11503,11519,11527,11549,11551,
-	11579,11587,11593,11597,11617,11621,11633,11657,
-	11677,11681,11689,11699,11701,11717,11719,11731,
-	11743,11777,11779,11783,11789,11801,11807,11813,
-	11821,11827,11831,11833,11839,11863,11867,11887,
-	11897,11903,11909,11923,11927,11933,11939,11941,
-	11953,11959,11969,11971,11981,11987,12007,12011,
-	12037,12041,12043,12049,12071,12073,12097,12101,
-	12107,12109,12113,12119,12143,12149,12157,12161,
-	12163,12197,12203,12211,12227,12239,12241,12251,
-	12253,12263,12269,12277,12281,12289,12301,12323,
-	12329,12343,12347,12373,12377,12379,12391,12401,
-	12409,12413,12421,12433,12437,12451,12457,12473,
-	12479,12487,12491,12497,12503,12511,12517,12527,
-	12539,12541,12547,12553,12569,12577,12583,12589,
-	12601,12611,12613,12619,12637,12641,12647,12653,
-	12659,12671,12689,12697,12703,12713,12721,12739,
-	12743,12757,12763,12781,12791,12799,12809,12821,
-	12823,12829,12841,12853,12889,12893,12899,12907,
-	12911,12917,12919,12923,12941,12953,12959,12967,
-	12973,12979,12983,13001,13003,13007,13009,13033,
-	13037,13043,13049,13063,13093,13099,13103,13109,
-	13121,13127,13147,13151,13159,13163,13171,13177,
-	13183,13187,13217,13219,13229,13241,13249,13259,
-	13267,13291,13297,13309,13313,13327,13331,13337,
-	13339,13367,13381,13397,13399,13411,13417,13421,
-	13441,13451,13457,13463,13469,13477,13487,13499,
-	13513,13523,13537,13553,13567,13577,13591,13597,
-	13613,13619,13627,13633,13649,13669,13679,13681,
-	13687,13691,13693,13697,13709,13711,13721,13723,
-	13729,13751,13757,13759,13763,13781,13789,13799,
-	13807,13829,13831,13841,13859,13873,13877,13879,
-	13883,13901,13903,13907,13913,13921,13931,13933,
-	13963,13967,13997,13999,14009,14011,14029,14033,
-	14051,14057,14071,14081,14083,14087,14107,14143,
-	14149,14153,14159,14173,14177,14197,14207,14221,
-	14243,14249,14251,14281,14293,14303,14321,14323,
-	14327,14341,14347,14369,14387,14389,14401,14407,
-	14411,14419,14423,14431,14437,14447,14449,14461,
-	14479,14489,14503,14519,14533,14537,14543,14549,
-	14551,14557,14561,14563,14591,14593,14621,14627,
-	14629,14633,14639,14653,14657,14669,14683,14699,
-	14713,14717,14723,14731,14737,14741,14747,14753,
-	14759,14767,14771,14779,14783,14797,14813,14821,
-	14827,14831,14843,14851,14867,14869,14879,14887,
-	14891,14897,14923,14929,14939,14947,14951,14957,
-	14969,14983,15013,15017,15031,15053,15061,15073,
-	15077,15083,15091,15101,15107,15121,15131,15137,
-	15139,15149,15161,15173,15187,15193,15199,15217,
-	15227,15233,15241,15259,15263,15269,15271,15277,
-	15287,15289,15299,15307,15313,15319,15329,15331,
-	15349,15359,15361,15373,15377,15383,15391,15401,
-	15413,15427,15439,15443,15451,15461,15467,15473,
-	15493,15497,15511,15527,15541,15551,15559,15569,
-	15581,15583,15601,15607,15619,15629,15641,15643,
-	15647,15649,15661,15667,15671,15679,15683,15727,
-	15731,15733,15737,15739,15749,15761,15767,15773,
-	15787,15791,15797,15803,15809,15817,15823,15859,
-	15877,15881,15887,15889,15901,15907,15913,15919,
-	15923,15937,15959,15971,15973,15991,16001,16007,
-	16033,16057,16061,16063,16067,16069,16073,16087,
-	16091,16097,16103,16111,16127,16139,16141,16183,
-	16187,16189,16193,16217,16223,16229,16231,16249,
-	16253,16267,16273,16301,16319,16333,16339,16349,
-	16361,16363,16369,16381,16411,16417,16421,16427,
-	16433,16447,16451,16453,16477,16481,16487,16493,
-	16519,16529,16547,16553,16561,16567,16573,16603,
-	16607,16619,16631,16633,16649,16651,16657,16661,
-	16673,16691,16693,16699,16703,16729,16741,16747,
-	16759,16763,16787,16811,16823,16829,16831,16843,
-	16871,16879,16883,16889,16901,16903,16921,16927,
-	16931,16937,16943,16963,16979,16981,16987,16993,
-	17011,17021,17027,17029,17033,17041,17047,17053,
-	17077,17093,17099,17107,17117,17123,17137,17159,
-	17167,17183,17189,17191,17203,17207,17209,17231,
-	17239,17257,17291,17293,17299,17317,17321,17327,
-	17333,17341,17351,17359,17377,17383,17387,17389,
-	17393,17401,17417,17419,17431,17443,17449,17467,
-	17471,17477,17483,17489,17491,17497,17509,17519,
-	17539,17551,17569,17573,17579,17581,17597,17599,
-	17609,17623,17627,17657,17659,17669,17681,17683,
-	17707,17713,17729,17737,17747,17749,17761,17783,
-	17789,17791,17807,17827,17837,17839,17851,17863,
-#endif
-	};
diff --git a/crypto/openssl/crypto/bn/bn_prime.pl b/crypto/openssl/crypto/bn/bn_prime.pl
deleted file mode 100644
index 9fc376548652..000000000000
--- a/crypto/openssl/crypto/bn/bn_prime.pl
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/usr/local/bin/perl
-# bn_prime.pl
-
-$num=2048;
-$num=$ARGV[0] if ($#ARGV >= 0);
-
-push(@primes,2);
-$p=1;
-loop: while ($#primes < $num-1)
-	{
-	$p+=2;
-	$s=int(sqrt($p));
-
-	for ($i=0; $primes[$i]<=$s; $i++)
-		{
-		next loop if (($p%$primes[$i]) == 0);
-		}
-	push(@primes,$p);
-	}
-
-# print <<"EOF";
-# /* Auto generated by bn_prime.pl */
-# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
-#  * All rights reserved.
-#  * Copyright remains Eric Young's, and as such any Copyright notices in
-#  * the code are not to be removed.
-#  * See the COPYRIGHT file in the SSLeay distribution for more details.
-#  */
-# 
-# EOF
-
-print <<\EOF;
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-EOF
-
-for ($i=0; $i <= $#primes; $i++)
-	{
-	if ($primes[$i] > 256)
-		{
-		$eight=$i;
-		last;
-		}
-	}
-
-printf "#ifndef EIGHT_BIT\n";
-printf "#define NUMPRIMES %d\n",$num;
-printf "#else\n";
-printf "#define NUMPRIMES %d\n",$eight;
-printf "#endif\n";
-print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
-$init=0;
-for ($i=0; $i <= $#primes; $i++)
-	{
-	printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
-	printf("\n\t") if (($i%8) == 0) && ($i != 0);
-	printf("%4d,",$primes[$i]);
-	}
-print "\n#endif\n\t};\n";
-
-
diff --git a/crypto/openssl/crypto/bn/bn_print.c b/crypto/openssl/crypto/bn/bn_print.c
deleted file mode 100644
index 5f46b1826c03..000000000000
--- a/crypto/openssl/crypto/bn/bn_print.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
-static const char *Hex="0123456789ABCDEF";
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2hex(const BIGNUM *a)
-	{
-	int i,j,v,z=0;
-	char *buf;
-	char *p;
-
-	buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2);
-	if (buf == NULL)
-		{
-		BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=buf;
-	if (a->neg) *(p++)='-';
-	if (a->top == 0) *(p++)='0';
-	for (i=a->top-1; i >=0; i--)
-		{
-		for (j=BN_BITS2-8; j >= 0; j-=8)
-			{
-			/* strip leading zeros */
-			v=((int)(a->d[i]>>(long)j))&0xff;
-			if (z || (v != 0))
-				{
-				*(p++)=Hex[v>>4];
-				*(p++)=Hex[v&0x0f];
-				z=1;
-				}
-			}
-		}
-	*p='\0';
-err:
-	return(buf);
-	}
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2dec(const BIGNUM *a)
-	{
-	int i=0,num;
-	char *buf=NULL;
-	char *p;
-	BIGNUM *t=NULL;
-	BN_ULONG *bn_data=NULL,*lp;
-
-	i=BN_num_bits(a)*3;
-	num=(i/10+i/1000+3)+1;
-	bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
-	buf=(char *)OPENSSL_malloc(num+3);
-	if ((buf == NULL) || (bn_data == NULL))
-		{
-		BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	if ((t=BN_dup(a)) == NULL) goto err;
-
-	p=buf;
-	lp=bn_data;
-	if (t->neg) *(p++)='-';
-	if (t->top == 0)
-		{
-		*(p++)='0';
-		*(p++)='\0';
-		}
-	else
-		{
-		i=0;
-		while (!BN_is_zero(t))
-			{
-			*lp=BN_div_word(t,BN_DEC_CONV);
-			lp++;
-			}
-		lp--;
-		/* We now have a series of blocks, BN_DEC_NUM chars
-		 * in length, where the last one needs truncation.
-		 * The blocks need to be reversed in order. */
-		sprintf(p,BN_DEC_FMT1,*lp);
-		while (*p) p++;
-		while (lp != bn_data)
-			{
-			lp--;
-			sprintf(p,BN_DEC_FMT2,*lp);
-			while (*p) p++;
-			}
-		}
-err:
-	if (bn_data != NULL) OPENSSL_free(bn_data);
-	if (t != NULL) BN_free(t);
-	return(buf);
-	}
-
-int BN_hex2bn(BIGNUM **bn, const char *a)
-	{
-	BIGNUM *ret=NULL;
-	BN_ULONG l=0;
-	int neg=0,h,m,i,j,k,c;
-	int num;
-
-	if ((a == NULL) || (*a == '\0')) return(0);
-
-	if (*a == '-') { neg=1; a++; }
-
-	for (i=0; isxdigit((unsigned char) a[i]); i++)
-		;
-
-	num=i+neg;
-	if (bn == NULL) return(num);
-
-	/* a is the start of the hex digits, and it is 'i' long */
-	if (*bn == NULL)
-		{
-		if ((ret=BN_new()) == NULL) return(0);
-		}
-	else
-		{
-		ret= *bn;
-		BN_zero(ret);
-		}
-
-	/* i is the number of hex digests; */
-	if (bn_expand(ret,i*4) == NULL) goto err;
-
-	j=i; /* least significant 'hex' */
-	m=0;
-	h=0;
-	while (j > 0)
-		{
-		m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
-		l=0;
-		for (;;)
-			{
-			c=a[j-m];
-			if ((c >= '0') && (c <= '9')) k=c-'0';
-			else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
-			else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
-			else k=0; /* paranoia */
-			l=(l<<4)|k;
-
-			if (--m <= 0)
-				{
-				ret->d[h++]=l;
-				break;
-				}
-			}
-		j-=(BN_BYTES*2);
-		}
-	ret->top=h;
-	bn_fix_top(ret);
-	ret->neg=neg;
-
-	*bn=ret;
-	return(num);
-err:
-	if (*bn == NULL) BN_free(ret);
-	return(0);
-	}
-
-int BN_dec2bn(BIGNUM **bn, const char *a)
-	{
-	BIGNUM *ret=NULL;
-	BN_ULONG l=0;
-	int neg=0,i,j;
-	int num;
-
-	if ((a == NULL) || (*a == '\0')) return(0);
-	if (*a == '-') { neg=1; a++; }
-
-	for (i=0; isdigit((unsigned char) a[i]); i++)
-		;
-
-	num=i+neg;
-	if (bn == NULL) return(num);
-
-	/* a is the start of the digits, and it is 'i' long.
-	 * We chop it into BN_DEC_NUM digits at a time */
-	if (*bn == NULL)
-		{
-		if ((ret=BN_new()) == NULL) return(0);
-		}
-	else
-		{
-		ret= *bn;
-		BN_zero(ret);
-		}
-
-	/* i is the number of digests, a bit of an over expand; */
-	if (bn_expand(ret,i*4) == NULL) goto err;
-
-	j=BN_DEC_NUM-(i%BN_DEC_NUM);
-	if (j == BN_DEC_NUM) j=0;
-	l=0;
-	while (*a)
-		{
-		l*=10;
-		l+= *a-'0';
-		a++;
-		if (++j == BN_DEC_NUM)
-			{
-			BN_mul_word(ret,BN_DEC_CONV);
-			BN_add_word(ret,l);
-			l=0;
-			j=0;
-			}
-		}
-	ret->neg=neg;
-
-	bn_fix_top(ret);
-	*bn=ret;
-	return(num);
-err:
-	if (*bn == NULL) BN_free(ret);
-	return(0);
-	}
-
-#ifndef OPENSSL_NO_BIO
-#ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		return(0);
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=BN_print(b,a);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int BN_print(BIO *bp, const BIGNUM *a)
-	{
-	int i,j,v,z=0;
-	int ret=0;
-
-	if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
-	if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
-	for (i=a->top-1; i >=0; i--)
-		{
-		for (j=BN_BITS2-4; j >= 0; j-=4)
-			{
-			/* strip leading zeros */
-			v=((int)(a->d[i]>>(long)j))&0x0f;
-			if (z || (v != 0))
-				{
-				if (BIO_write(bp,&(Hex[v]),1) != 1)
-					goto end;
-				z=1;
-				}
-			}
-		}
-	ret=1;
-end:
-	return(ret);
-	}
-#endif
-
-#ifdef BN_DEBUG
-void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n)
-	{
-	int i;
-	fprintf(o, "%s=", a);
-	for (i=n-1;i>=0;i--)
-		fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */
-	fprintf(o, "\n");
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/bn_rand.c b/crypto/openssl/crypto/bn/bn_rand.c
deleted file mode 100644
index 893c9d2af9ec..000000000000
--- a/crypto/openssl/crypto/bn/bn_rand.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
-	{
-	unsigned char *buf=NULL;
-	int ret=0,bit,bytes,mask;
-	time_t tim;
-
-	if (bits == 0)
-		{
-		BN_zero(rnd);
-		return 1;
-		}
-
-	bytes=(bits+7)/8;
-	bit=(bits-1)%8;
-	mask=0xff<<(bit+1);
-
-	buf=(unsigned char *)OPENSSL_malloc(bytes);
-	if (buf == NULL)
-		{
-		BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	/* make a random number and set the top and bottom bits */
-	time(&tim);
-	RAND_add(&tim,sizeof(tim),0);
-
-	if (pseudorand)
-		{
-		if (RAND_pseudo_bytes(buf, bytes) == -1)
-			goto err;
-		}
-	else
-		{
-		if (RAND_bytes(buf, bytes) <= 0)
-			goto err;
-		}
-
-#if 1
-	if (pseudorand == 2)
-		{
-		/* generate patterns that are more likely to trigger BN
-		   library bugs */
-		int i;
-		unsigned char c;
-
-		for (i = 0; i < bytes; i++)
-			{
-			RAND_pseudo_bytes(&c, 1);
-			if (c >= 128 && i > 0)
-				buf[i] = buf[i-1];
-			else if (c < 42)
-				buf[i] = 0;
-			else if (c < 84)
-				buf[i] = 255;
-			}
-		}
-#endif
-
-	if (top != -1)
-		{
-		if (top)
-			{
-			if (bit == 0)
-				{
-				buf[0]=1;
-				buf[1]|=0x80;
-				}
-			else
-				{
-				buf[0]|=(3<<(bit-1));
-				}
-			}
-		else
-			{
-			buf[0]|=(1<<bit);
-			}
-		}
-	buf[0] &= ~mask;
-	if (bottom) /* set bottom bit if requested */
-		buf[bytes-1]|=1;
-	if (!BN_bin2bn(buf,bytes,rnd)) goto err;
-	ret=1;
-err:
-	if (buf != NULL)
-		{
-		OPENSSL_cleanse(buf,bytes);
-		OPENSSL_free(buf);
-		}
-	return(ret);
-	}
-
-int     BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
-	{
-	return bnrand(0, rnd, bits, top, bottom);
-	}
-
-int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
-	{
-	return bnrand(1, rnd, bits, top, bottom);
-	}
-
-#if 1
-int     BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
-	{
-	return bnrand(2, rnd, bits, top, bottom);
-	}
-#endif
-
-
-/* random number r:  0 <= r < range */
-static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
-	{
-	int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
-	int n;
-
-	if (range->neg || BN_is_zero(range))
-		{
-		BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
-		return 0;
-		}
-
-	n = BN_num_bits(range); /* n > 0 */
-
-	/* BN_is_bit_set(range, n - 1) always holds */
-
-	if (n == 1)
-		{
-		if (!BN_zero(r)) return 0;
-		}
-	else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
-		{
-		/* range = 100..._2,
-		 * so  3*range (= 11..._2)  is exactly one bit longer than  range */
-		do
-			{
-			if (!bn_rand(r, n + 1, -1, 0)) return 0;
-			/* If  r < 3*range,  use  r := r MOD range
-			 * (which is either  r, r - range,  or  r - 2*range).
-			 * Otherwise, iterate once more.
-			 * Since  3*range = 11..._2, each iteration succeeds with
-			 * probability >= .75. */
-			if (BN_cmp(r ,range) >= 0)
-				{
-				if (!BN_sub(r, r, range)) return 0;
-				if (BN_cmp(r, range) >= 0)
-					if (!BN_sub(r, r, range)) return 0;
-				}
-			}
-		while (BN_cmp(r, range) >= 0);
-		}
-	else
-		{
-		do
-			{
-			/* range = 11..._2  or  range = 101..._2 */
-			if (!bn_rand(r, n, -1, 0)) return 0;
-			}
-		while (BN_cmp(r, range) >= 0);
-		}
-
-	return 1;
-	}
-
-
-int	BN_rand_range(BIGNUM *r, BIGNUM *range)
-	{
-	return bn_rand_range(0, r, range);
-	}
-
-int	BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
-	{
-	return bn_rand_range(1, r, range);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_recp.c b/crypto/openssl/crypto/bn/bn_recp.c
deleted file mode 100644
index ef5fdd470808..000000000000
--- a/crypto/openssl/crypto/bn/bn_recp.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp)
-	{
-	BN_init(&(recp->N));
-	BN_init(&(recp->Nr));
-	recp->num_bits=0;
-	recp->flags=0;
-	}
-
-BN_RECP_CTX *BN_RECP_CTX_new(void)
-	{
-	BN_RECP_CTX *ret;
-
-	if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
-		return(NULL);
-
-	BN_RECP_CTX_init(ret);
-	ret->flags=BN_FLG_MALLOCED;
-	return(ret);
-	}
-
-void BN_RECP_CTX_free(BN_RECP_CTX *recp)
-	{
-	if(recp == NULL)
-	    return;
-
-	BN_free(&(recp->N));
-	BN_free(&(recp->Nr));
-	if (recp->flags & BN_FLG_MALLOCED)
-		OPENSSL_free(recp);
-	}
-
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
-	{
-	if (!BN_copy(&(recp->N),d)) return 0;
-	if (!BN_zero(&(recp->Nr))) return 0;
-	recp->num_bits=BN_num_bits(d);
-	recp->shift=0;
-	return(1);
-	}
-
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-	BN_RECP_CTX *recp, BN_CTX *ctx)
-	{
-	int ret=0;
-	BIGNUM *a;
-	const BIGNUM *ca;
-
-	BN_CTX_start(ctx);
-	if ((a = BN_CTX_get(ctx)) == NULL) goto err;
-	if (y != NULL)
-		{
-		if (x == y)
-			{ if (!BN_sqr(a,x,ctx)) goto err; }
-		else
-			{ if (!BN_mul(a,x,y,ctx)) goto err; }
-		ca = a;
-		}
-	else
-		ca=x; /* Just do the mod */
-
-	ret = BN_div_recp(NULL,r,ca,recp,ctx);
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-	BN_RECP_CTX *recp, BN_CTX *ctx)
-	{
-	int i,j,ret=0;
-	BIGNUM *a,*b,*d,*r;
-
-	BN_CTX_start(ctx);
-	a=BN_CTX_get(ctx);
-	b=BN_CTX_get(ctx);
-	if (dv != NULL)
-		d=dv;
-	else
-		d=BN_CTX_get(ctx);
-	if (rem != NULL)
-		r=rem;
-	else
-		r=BN_CTX_get(ctx);
-	if (a == NULL || b == NULL || d == NULL || r == NULL) goto err;
-
-	if (BN_ucmp(m,&(recp->N)) < 0)
-		{
-		if (!BN_zero(d)) return 0;
-		if (!BN_copy(r,m)) return 0;
-		BN_CTX_end(ctx);
-		return(1);
-		}
-
-	/* We want the remainder
-	 * Given input of ABCDEF / ab
-	 * we need multiply ABCDEF by 3 digests of the reciprocal of ab
-	 *
-	 */
-
-	/* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
-	i=BN_num_bits(m);
-	j=recp->num_bits<<1;
-	if (j>i) i=j;
-
-	/* Nr := round(2^i / N) */
-	if (i != recp->shift)
-		recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N),
-			i,ctx); /* BN_reciprocal returns i, or -1 for an error */
-	if (recp->shift == -1) goto err;
-
-	/* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
-	 *    = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
-	 *   <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
-	 *    = |m/N|
-	 */
-	if (!BN_rshift(a,m,recp->num_bits)) goto err;
-	if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err;
-	if (!BN_rshift(d,b,i-recp->num_bits)) goto err;
-	d->neg=0;
-
-	if (!BN_mul(b,&(recp->N),d,ctx)) goto err;
-	if (!BN_usub(r,m,b)) goto err;
-	r->neg=0;
-
-#if 1
-	j=0;
-	while (BN_ucmp(r,&(recp->N)) >= 0)
-		{
-		if (j++ > 2)
-			{
-			BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
-			goto err;
-			}
-		if (!BN_usub(r,r,&(recp->N))) goto err;
-		if (!BN_add_word(d,1)) goto err;
-		}
-#endif
-
-	r->neg=BN_is_zero(r)?0:m->neg;
-	d->neg=m->neg^recp->N.neg;
-	ret=1;
-err:
-	BN_CTX_end(ctx);
-	return(ret);
-	} 
-
-/* len is the expected size of the result
- * We actually calculate with an extra word of precision, so
- * we can do faster division if the remainder is not required.
- */
-/* r := 2^len / m */
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
-	{
-	int ret= -1;
-	BIGNUM t;
-
-	BN_init(&t);
-
-	if (!BN_zero(&t)) goto err;
-	if (!BN_set_bit(&t,len)) goto err;
-
-	if (!BN_div(r,NULL,&t,m,ctx)) goto err;
-
-	ret=len;
-err:
-	BN_free(&t);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_shift.c b/crypto/openssl/crypto/bn/bn_shift.c
deleted file mode 100644
index 70f785ea185b..000000000000
--- a/crypto/openssl/crypto/bn/bn_shift.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* crypto/bn/bn_shift.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_lshift1(BIGNUM *r, const BIGNUM *a)
-	{
-	register BN_ULONG *ap,*rp,t,c;
-	int i;
-
-	if (r != a)
-		{
-		r->neg=a->neg;
-		if (bn_wexpand(r,a->top+1) == NULL) return(0);
-		r->top=a->top;
-		}
-	else
-		{
-		if (bn_wexpand(r,a->top+1) == NULL) return(0);
-		}
-	ap=a->d;
-	rp=r->d;
-	c=0;
-	for (i=0; i<a->top; i++)
-		{
-		t= *(ap++);
-		*(rp++)=((t<<1)|c)&BN_MASK2;
-		c=(t & BN_TBIT)?1:0;
-		}
-	if (c)
-		{
-		*rp=1;
-		r->top++;
-		}
-	return(1);
-	}
-
-int BN_rshift1(BIGNUM *r, const BIGNUM *a)
-	{
-	BN_ULONG *ap,*rp,t,c;
-	int i;
-
-	if (BN_is_zero(a))
-		{
-		BN_zero(r);
-		return(1);
-		}
-	if (a != r)
-		{
-		if (bn_wexpand(r,a->top) == NULL) return(0);
-		r->top=a->top;
-		r->neg=a->neg;
-		}
-	ap=a->d;
-	rp=r->d;
-	c=0;
-	for (i=a->top-1; i>=0; i--)
-		{
-		t=ap[i];
-		rp[i]=((t>>1)&BN_MASK2)|c;
-		c=(t&1)?BN_TBIT:0;
-		}
-	bn_fix_top(r);
-	return(1);
-	}
-
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
-	{
-	int i,nw,lb,rb;
-	BN_ULONG *t,*f;
-	BN_ULONG l;
-
-	r->neg=a->neg;
-	nw=n/BN_BITS2;
-	if (bn_wexpand(r,a->top+nw+1) == NULL) return(0);
-	lb=n%BN_BITS2;
-	rb=BN_BITS2-lb;
-	f=a->d;
-	t=r->d;
-	t[a->top+nw]=0;
-	if (lb == 0)
-		for (i=a->top-1; i>=0; i--)
-			t[nw+i]=f[i];
-	else
-		for (i=a->top-1; i>=0; i--)
-			{
-			l=f[i];
-			t[nw+i+1]|=(l>>rb)&BN_MASK2;
-			t[nw+i]=(l<<lb)&BN_MASK2;
-			}
-	memset(t,0,nw*sizeof(t[0]));
-/*	for (i=0; i<nw; i++)
-		t[i]=0;*/
-	r->top=a->top+nw+1;
-	bn_fix_top(r);
-	return(1);
-	}
-
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
-	{
-	int i,j,nw,lb,rb;
-	BN_ULONG *t,*f;
-	BN_ULONG l,tmp;
-
-	nw=n/BN_BITS2;
-	rb=n%BN_BITS2;
-	lb=BN_BITS2-rb;
-	if (nw > a->top || a->top == 0)
-		{
-		BN_zero(r);
-		return(1);
-		}
-	if (r != a)
-		{
-		r->neg=a->neg;
-		if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
-		}
-	else
-		{
-		if (n == 0)
-			return 1; /* or the copying loop will go berserk */
-		}
-
-	f= &(a->d[nw]);
-	t=r->d;
-	j=a->top-nw;
-	r->top=j;
-
-	if (rb == 0)
-		{
-		for (i=j+1; i > 0; i--)
-			*(t++)= *(f++);
-		}
-	else
-		{
-		l= *(f++);
-		for (i=1; i<j; i++)
-			{
-			tmp =(l>>rb)&BN_MASK2;
-			l= *(f++);
-			*(t++) =(tmp|(l<<lb))&BN_MASK2;
-			}
-		*(t++) =(l>>rb)&BN_MASK2;
-		}
-	*t=0;
-	bn_fix_top(r);
-	return(1);
-	}
diff --git a/crypto/openssl/crypto/bn/bn_sqr.c b/crypto/openssl/crypto/bn/bn_sqr.c
deleted file mode 100644
index c1d0cca438dc..000000000000
--- a/crypto/openssl/crypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/* crypto/bn/bn_sqr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r must not be a */
-/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-	{
-	int max,al;
-	int ret = 0;
-	BIGNUM *tmp,*rr;
-
-#ifdef BN_COUNT
-	fprintf(stderr,"BN_sqr %d * %d\n",a->top,a->top);
-#endif
-	bn_check_top(a);
-
-	al=a->top;
-	if (al <= 0)
-		{
-		r->top=0;
-		return(1);
-		}
-
-	BN_CTX_start(ctx);
-	rr=(a != r) ? r : BN_CTX_get(ctx);
-	tmp=BN_CTX_get(ctx);
-	if (tmp == NULL) goto err;
-
-	max=(al+al);
-	if (bn_wexpand(rr,max+1) == NULL) goto err;
-
-	if (al == 4)
-		{
-#ifndef BN_SQR_COMBA
-		BN_ULONG t[8];
-		bn_sqr_normal(rr->d,a->d,4,t);
-#else
-		bn_sqr_comba4(rr->d,a->d);
-#endif
-		}
-	else if (al == 8)
-		{
-#ifndef BN_SQR_COMBA
-		BN_ULONG t[16];
-		bn_sqr_normal(rr->d,a->d,8,t);
-#else
-		bn_sqr_comba8(rr->d,a->d);
-#endif
-		}
-	else 
-		{
-#if defined(BN_RECURSION)
-		if (al < BN_SQR_RECURSIVE_SIZE_NORMAL)
-			{
-			BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2];
-			bn_sqr_normal(rr->d,a->d,al,t);
-			}
-		else
-			{
-			int j,k;
-
-			j=BN_num_bits_word((BN_ULONG)al);
-			j=1<<(j-1);
-			k=j+j;
-			if (al == j)
-				{
-				if (bn_wexpand(tmp,k*2) == NULL) goto err;
-				bn_sqr_recursive(rr->d,a->d,al,tmp->d);
-				}
-			else
-				{
-				if (bn_wexpand(tmp,max) == NULL) goto err;
-				bn_sqr_normal(rr->d,a->d,al,tmp->d);
-				}
-			}
-#else
-		if (bn_wexpand(tmp,max) == NULL) goto err;
-		bn_sqr_normal(rr->d,a->d,al,tmp->d);
-#endif
-		}
-
-	rr->top=max;
-	rr->neg=0;
-	if ((max > 0) && (rr->d[max-1] == 0)) rr->top--;
-	if (rr != r) BN_copy(r,rr);
-	ret = 1;
- err:
-	BN_CTX_end(ctx);
-	return(ret);
-	}
-
-/* tmp must have 2*n words */
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
-	{
-	int i,j,max;
-	const BN_ULONG *ap;
-	BN_ULONG *rp;
-
-	max=n*2;
-	ap=a;
-	rp=r;
-	rp[0]=rp[max-1]=0;
-	rp++;
-	j=n;
-
-	if (--j > 0)
-		{
-		ap++;
-		rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
-		rp+=2;
-		}
-
-	for (i=n-2; i>0; i--)
-		{
-		j--;
-		ap++;
-		rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
-		rp+=2;
-		}
-
-	bn_add_words(r,r,r,max);
-
-	/* There will not be a carry */
-
-	bn_sqr_words(tmp,a,n);
-
-	bn_add_words(r,r,tmp,max);
-	}
-
-#ifdef BN_RECURSION
-/* r is 2*n words in size,
- * a and b are both n words in size.    (There's not actually a 'b' here ...)
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
-	{
-	int n=n2/2;
-	int zero,c1;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-	fprintf(stderr," bn_sqr_recursive %d * %d\n",n2,n2);
-#endif
-	if (n2 == 4)
-		{
-#ifndef BN_SQR_COMBA
-		bn_sqr_normal(r,a,4,t);
-#else
-		bn_sqr_comba4(r,a);
-#endif
-		return;
-		}
-	else if (n2 == 8)
-		{
-#ifndef BN_SQR_COMBA
-		bn_sqr_normal(r,a,8,t);
-#else
-		bn_sqr_comba8(r,a);
-#endif
-		return;
-		}
-	if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_sqr_normal(r,a,n2,t);
-		return;
-		}
-	/* r=(a[0]-a[1])*(a[1]-a[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	zero=0;
-	if (c1 > 0)
-		bn_sub_words(t,a,&(a[n]),n);
-	else if (c1 < 0)
-		bn_sub_words(t,&(a[n]),a,n);
-	else
-		zero=1;
-
-	/* The result will always be negative unless it is zero */
-	p= &(t[n2*2]);
-
-	if (!zero)
-		bn_sqr_recursive(&(t[n2]),t,n,p);
-	else
-		memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
-	bn_sqr_recursive(r,a,n,p);
-	bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
-	/* t[32] is negative */
-	c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
-	 * r[10] holds (a[0]*a[0])
-	 * r[32] holds (a[1]*a[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < (BN_ULONG)c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/bn_sqrt.c b/crypto/openssl/crypto/bn/bn_sqrt.c
deleted file mode 100644
index e2a1105dc838..000000000000
--- a/crypto/openssl/crypto/bn/bn_sqrt.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/bn/bn_mod.c */
-/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * and Bodo Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-
-BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) 
-/* Returns 'ret' such that
- *      ret^2 == a (mod p),
- * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
- * in Algebraic Computational Number Theory", algorithm 1.5.1).
- * 'p' must be prime!
- * If 'a' is not a square, this is not necessarily detected by
- * the algorithms; a bogus result must be expected in this case.
- */
-	{
-	BIGNUM *ret = in;
-	int err = 1;
-	int r;
-	BIGNUM *b, *q, *t, *x, *y;
-	int e, i, j;
-	
-	if (!BN_is_odd(p) || BN_abs_is_word(p, 1))
-		{
-		if (BN_abs_is_word(p, 2))
-			{
-			if (ret == NULL)
-				ret = BN_new();
-			if (ret == NULL)
-				goto end;
-			if (!BN_set_word(ret, BN_is_bit_set(a, 0)))
-				{
-				BN_free(ret);
-				return NULL;
-				}
-			return ret;
-			}
-
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-		return(NULL);
-		}
-
-	if (BN_is_zero(a) || BN_is_one(a))
-		{
-		if (ret == NULL)
-			ret = BN_new();
-		if (ret == NULL)
-			goto end;
-		if (!BN_set_word(ret, BN_is_one(a)))
-			{
-			BN_free(ret);
-			return NULL;
-			}
-		return ret;
-		}
-
-#if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */
-	r = BN_kronecker(a, p, ctx);
-	if (r < -1) return NULL;
-	if (r == -1)
-		{
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-		return(NULL);
-		}
-#endif
-
-	BN_CTX_start(ctx);
-	b = BN_CTX_get(ctx);
-	q = BN_CTX_get(ctx);
-	t = BN_CTX_get(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	if (y == NULL) goto end;
-	
-	if (ret == NULL)
-		ret = BN_new();
-	if (ret == NULL) goto end;
-
-	/* now write  |p| - 1  as  2^e*q  where  q  is odd */
-	e = 1;
-	while (!BN_is_bit_set(p, e))
-		e++;
-	/* we'll set  q  later (if needed) */
-
-	if (e == 1)
-		{
-		/* The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
-		 * modulo  (|p|-1)/2,  and square roots can be computed
-		 * directly by modular exponentiation.
-		 * We have
-		 *     2 * (|p|+1)/4 == 1   (mod (|p|-1)/2),
-		 * so we can use exponent  (|p|+1)/4,  i.e.  (|p|-3)/4 + 1.
-		 */
-		if (!BN_rshift(q, p, 2)) goto end;
-		q->neg = 0;
-		if (!BN_add_word(q, 1)) goto end;
-		if (!BN_mod_exp(ret, a, q, p, ctx)) goto end;
-		err = 0;
-		goto end;
-		}
-	
-	if (e == 2)
-		{
-		/* |p| == 5  (mod 8)
-		 *
-		 * In this case  2  is always a non-square since
-		 * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
-		 * So if  a  really is a square, then  2*a  is a non-square.
-		 * Thus for
-		 *      b := (2*a)^((|p|-5)/8),
-		 *      i := (2*a)*b^2
-		 * we have
-		 *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
-		 *         = (2*a)^((p-1)/2)
-		 *         = -1;
-		 * so if we set
-		 *      x := a*b*(i-1),
-		 * then
-		 *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
-		 *         = a^2 * b^2 * (-2*i)
-		 *         = a*(-i)*(2*a*b^2)
-		 *         = a*(-i)*i
-		 *         = a.
-		 *
-		 * (This is due to A.O.L. Atkin, 
-		 * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
-		 * November 1992.)
-		 */
-
-		/* make sure that  a  is reduced modulo p */
-		if (a->neg || BN_ucmp(a, p) >= 0)
-			{
-			if (!BN_nnmod(x, a, p, ctx)) goto end;
-			a = x; /* use x as temporary variable */
-			}
-
-		/* t := 2*a */
-		if (!BN_mod_lshift1_quick(t, a, p)) goto end;
-
-		/* b := (2*a)^((|p|-5)/8) */
-		if (!BN_rshift(q, p, 3)) goto end;
-		q->neg = 0;
-		if (!BN_mod_exp(b, t, q, p, ctx)) goto end;
-
-		/* y := b^2 */
-		if (!BN_mod_sqr(y, b, p, ctx)) goto end;
-
-		/* t := (2*a)*b^2 - 1*/
-		if (!BN_mod_mul(t, t, y, p, ctx)) goto end;
-		if (!BN_sub_word(t, 1)) goto end;
-
-		/* x = a*b*t */
-		if (!BN_mod_mul(x, a, b, p, ctx)) goto end;
-		if (!BN_mod_mul(x, x, t, p, ctx)) goto end;
-
-		if (!BN_copy(ret, x)) goto end;
-		err = 0;
-		goto end;
-		}
-	
-	/* e > 2, so we really have to use the Tonelli/Shanks algorithm.
-	 * First, find some  y  that is not a square. */
-	if (!BN_copy(q, p)) goto end; /* use 'q' as temp */
-	q->neg = 0;
-	i = 2;
-	do
-		{
-		/* For efficiency, try small numbers first;
-		 * if this fails, try random numbers.
-		 */
-		if (i < 22)
-			{
-			if (!BN_set_word(y, i)) goto end;
-			}
-		else
-			{
-			if (!BN_pseudo_rand(y, BN_num_bits(p), 0, 0)) goto end;
-			if (BN_ucmp(y, p) >= 0)
-				{
-				if (!(p->neg ? BN_add : BN_sub)(y, y, p)) goto end;
-				}
-			/* now 0 <= y < |p| */
-			if (BN_is_zero(y))
-				if (!BN_set_word(y, i)) goto end;
-			}
-		
-		r = BN_kronecker(y, q, ctx); /* here 'q' is |p| */
-		if (r < -1) goto end;
-		if (r == 0)
-			{
-			/* m divides p */
-			BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-			goto end;
-			}
-		}
-	while (r == 1 && ++i < 82);
-	
-	if (r != -1)
-		{
-		/* Many rounds and still no non-square -- this is more likely
-		 * a bug than just bad luck.
-		 * Even if  p  is not prime, we should have found some  y
-		 * such that r == -1.
-		 */
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_TOO_MANY_ITERATIONS);
-		goto end;
-		}
-
-	/* Here's our actual 'q': */
-	if (!BN_rshift(q, q, e)) goto end;
-
-	/* Now that we have some non-square, we can find an element
-	 * of order  2^e  by computing its q'th power. */
-	if (!BN_mod_exp(y, y, q, p, ctx)) goto end;
-	if (BN_is_one(y))
-		{
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-		goto end;
-		}
-
-	/* Now we know that (if  p  is indeed prime) there is an integer
-	 * k,  0 <= k < 2^e,  such that
-	 *
-	 *      a^q * y^k == 1   (mod p).
-	 *
-	 * As  a^q  is a square and  y  is not,  k  must be even.
-	 * q+1  is even, too, so there is an element
-	 *
-	 *     X := a^((q+1)/2) * y^(k/2),
-	 *
-	 * and it satisfies
-	 *
-	 *     X^2 = a^q * a     * y^k
-	 *         = a,
-	 *
-	 * so it is the square root that we are looking for.
-	 */
-	
-	/* t := (q-1)/2  (note that  q  is odd) */
-	if (!BN_rshift1(t, q)) goto end;
-	
-	/* x := a^((q-1)/2) */
-	if (BN_is_zero(t)) /* special case: p = 2^e + 1 */
-		{
-		if (!BN_nnmod(t, a, p, ctx)) goto end;
-		if (BN_is_zero(t))
-			{
-			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
-			err = 0;
-			goto end;
-			}
-		else
-			if (!BN_one(x)) goto end;
-		}
-	else
-		{
-		if (!BN_mod_exp(x, a, t, p, ctx)) goto end;
-		if (BN_is_zero(x))
-			{
-			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
-			err = 0;
-			goto end;
-			}
-		}
-
-	/* b := a*x^2  (= a^q) */
-	if (!BN_mod_sqr(b, x, p, ctx)) goto end;
-	if (!BN_mod_mul(b, b, a, p, ctx)) goto end;
-	
-	/* x := a*x    (= a^((q+1)/2)) */
-	if (!BN_mod_mul(x, x, a, p, ctx)) goto end;
-
-	while (1)
-		{
-		/* Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
-		 * where  E  refers to the original value of  e,  which we
-		 * don't keep in a variable),  and  x  is  a^((q+1)/2) * y^(k/2).
-		 *
-		 * We have  a*b = x^2,
-		 *    y^2^(e-1) = -1,
-		 *    b^2^(e-1) = 1.
-		 */
-
-		if (BN_is_one(b))
-			{
-			if (!BN_copy(ret, x)) goto end;
-			err = 0;
-			goto end;
-			}
-
-
-		/* find smallest  i  such that  b^(2^i) = 1 */
-		i = 1;
-		if (!BN_mod_sqr(t, b, p, ctx)) goto end;
-		while (!BN_is_one(t))
-			{
-			i++;
-			if (i == e)
-				{
-				BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-				goto end;
-				}
-			if (!BN_mod_mul(t, t, t, p, ctx)) goto end;
-			}
-		
-
-		/* t := y^2^(e - i - 1) */
-		if (!BN_copy(t, y)) goto end;
-		for (j = e - i - 1; j > 0; j--)
-			{
-			if (!BN_mod_sqr(t, t, p, ctx)) goto end;
-			}
-		if (!BN_mod_mul(y, t, t, p, ctx)) goto end;
-		if (!BN_mod_mul(x, x, t, p, ctx)) goto end;
-		if (!BN_mod_mul(b, b, y, p, ctx)) goto end;
-		e = i;
-		}
-
- end:
-	if (err)
-		{
-		if (ret != NULL && ret != in)
-			{
-			BN_clear_free(ret);
-			}
-		ret = NULL;
-		}
-	BN_CTX_end(ctx);
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/bn/bn_word.c b/crypto/openssl/crypto/bn/bn_word.c
deleted file mode 100644
index 988e0ca7b37f..000000000000
--- a/crypto/openssl/crypto/bn/bn_word.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/* crypto/bn/bn_word.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
-	{
-#ifndef BN_LLONG
-	BN_ULONG ret=0;
-#else
-	BN_ULLONG ret=0;
-#endif
-	int i;
-
-	w&=BN_MASK2;
-	for (i=a->top-1; i>=0; i--)
-		{
-#ifndef BN_LLONG
-		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%w;
-		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%w;
-#else
-		ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
-			(BN_ULLONG)w);
-#endif
-		}
-	return((BN_ULONG)ret);
-	}
-
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
-	{
-	BN_ULONG ret;
-	int i;
-
-	if (a->top == 0) return(0);
-	ret=0;
-	w&=BN_MASK2;
-	for (i=a->top-1; i>=0; i--)
-		{
-		BN_ULONG l,d;
-		
-		l=a->d[i];
-		d=bn_div_words(ret,l,w);
-		ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
-		a->d[i]=d;
-		}
-	if ((a->top > 0) && (a->d[a->top-1] == 0))
-		a->top--;
-	return(ret);
-	}
-
-int BN_add_word(BIGNUM *a, BN_ULONG w)
-	{
-	BN_ULONG l;
-	int i;
-
-	if (a->neg)
-		{
-		a->neg=0;
-		i=BN_sub_word(a,w);
-		if (!BN_is_zero(a))
-			a->neg=!(a->neg);
-		return(i);
-		}
-	w&=BN_MASK2;
-	if (bn_wexpand(a,a->top+1) == NULL) return(0);
-	i=0;
-	for (;;)
-		{
-		if (i >= a->top)
-			l=w;
-		else
-			l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
-		a->d[i]=l;
-		if (w > l)
-			w=1;
-		else
-			break;
-		i++;
-		}
-	if (i >= a->top)
-		a->top++;
-	return(1);
-	}
-
-int BN_sub_word(BIGNUM *a, BN_ULONG w)
-	{
-	int i;
-
-	if (BN_is_zero(a) || a->neg)
-		{
-		a->neg=0;
-		i=BN_add_word(a,w);
-		a->neg=1;
-		return(i);
-		}
-
-	w&=BN_MASK2;
-	if ((a->top == 1) && (a->d[0] < w))
-		{
-		a->d[0]=w-a->d[0];
-		a->neg=1;
-		return(1);
-		}
-	i=0;
-	for (;;)
-		{
-		if (a->d[i] >= w)
-			{
-			a->d[i]-=w;
-			break;
-			}
-		else
-			{
-			a->d[i]=(a->d[i]-w)&BN_MASK2;
-			i++;
-			w=1;
-			}
-		}
-	if ((a->d[i] == 0) && (i == (a->top-1)))
-		a->top--;
-	return(1);
-	}
-
-int BN_mul_word(BIGNUM *a, BN_ULONG w)
-	{
-	BN_ULONG ll;
-
-	w&=BN_MASK2;
-	if (a->top)
-		{
-		if (w == 0)
-			BN_zero(a);
-		else
-			{
-			ll=bn_mul_words(a->d,a->d,a->top,w);
-			if (ll)
-				{
-				if (bn_wexpand(a,a->top+1) == NULL) return(0);
-				a->d[a->top++]=ll;
-				}
-			}
-		}
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/bn/bnspeed.c b/crypto/openssl/crypto/bn/bnspeed.c
deleted file mode 100644
index b554ac8cf857..000000000000
--- a/crypto/openssl/crypto/bn/bnspeed.c
+++ /dev/null
@@ -1,233 +0,0 @@
-/* unused */
-
-/* crypto/bn/bnspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM	1000000
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE	((long)1024*8)
-int run=0;
-
-static double Time_F(int s);
-#define START	0
-#define STOP	1
-
-static double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret < 1e-3)?1e-3:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret < 0.001)?0.001:ret);
-		}
-#endif
-	}
-
-#define NUM_SIZES	5
-static int sizes[NUM_SIZES]={128,256,512,1024,2048};
-/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
-
-void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx); 
-
-int main(int argc, char **argv)
-	{
-	BN_CTX *ctx;
-	BIGNUM a,b,c;
-
-	ctx=BN_CTX_new();
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-
-	do_mul(&a,&b,&c,ctx);
-	}
-
-void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-	{
-	int i,j,k;
-	double tm;
-	long num;
-
-	for (i=0; i<NUM_SIZES; i++)
-		{
-		num=BASENUM;
-		if (i) num/=(i*3);
-		BN_rand(a,sizes[i],1,0);
-		for (j=i; j<NUM_SIZES; j++)
-			{
-			BN_rand(b,sizes[j],1,0);
-			Time_F(START);
-			for (k=0; k<num; k++)
-				BN_mul(r,b,a,ctx);
-			tm=Time_F(STOP);
-			printf("mul %4d x %4d -> %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num);
-			}
-		}
-
-	for (i=0; i<NUM_SIZES; i++)
-		{
-		num=BASENUM;
-		if (i) num/=(i*3);
-		BN_rand(a,sizes[i],1,0);
-		Time_F(START);
-		for (k=0; k<num; k++)
-			BN_sqr(r,a,ctx);
-		tm=Time_F(STOP);
-		printf("sqr %4d x %4d -> %8.3fms\n",sizes[i],sizes[i],tm*1000.0/num);
-		}
-
-	for (i=0; i<NUM_SIZES; i++)
-		{
-		num=BASENUM/10;
-		if (i) num/=(i*3);
-		BN_rand(a,sizes[i]-1,1,0);
-		for (j=i; j<NUM_SIZES; j++)
-			{
-			BN_rand(b,sizes[j],1,0);
-			Time_F(START);
-			for (k=0; k<100000; k++)
-				BN_div(r, NULL, b, a,ctx);
-			tm=Time_F(STOP);
-			printf("div %4d / %4d -> %8.3fms\n",sizes[j],sizes[i]-1,tm*1000.0/num);
-			}
-		}
-	}
-
diff --git a/crypto/openssl/crypto/bn/bntest.c b/crypto/openssl/crypto/bn/bntest.c
deleted file mode 100644
index 3aae9451deaf..000000000000
--- a/crypto/openssl/crypto/bn/bntest.c
+++ /dev/null
@@ -1,1243 +0,0 @@
-/* crypto/bn/bntest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-#ifdef OPENSSL_SYS_WINDOWS
-#include "../bio/bss_file.c"
-#endif
-
-const int num0 = 100; /* number of tests */
-const int num1 = 50;  /* additional tests for some functions */
-const int num2 = 5;   /* number of tests for slow functions */
-
-int test_add(BIO *bp);
-int test_sub(BIO *bp);
-int test_lshift1(BIO *bp);
-int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
-int test_rshift1(BIO *bp);
-int test_rshift(BIO *bp,BN_CTX *ctx);
-int test_div(BIO *bp,BN_CTX *ctx);
-int test_div_recp(BIO *bp,BN_CTX *ctx);
-int test_mul(BIO *bp);
-int test_sqr(BIO *bp,BN_CTX *ctx);
-int test_mont(BIO *bp,BN_CTX *ctx);
-int test_mod(BIO *bp,BN_CTX *ctx);
-int test_mod_mul(BIO *bp,BN_CTX *ctx);
-int test_mod_exp(BIO *bp,BN_CTX *ctx);
-int test_exp(BIO *bp,BN_CTX *ctx);
-int test_kron(BIO *bp,BN_CTX *ctx);
-int test_sqrt(BIO *bp,BN_CTX *ctx);
-int rand_neg(void);
-static int results=0;
-
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#include "bss_file.c"
-#endif
-
-static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
-"\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-static void message(BIO *out, char *m)
-	{
-	fprintf(stderr, "test %s\n", m);
-	BIO_puts(out, "print \"test ");
-	BIO_puts(out, m);
-	BIO_puts(out, "\\n\"\n");
-	}
-
-int main(int argc, char *argv[])
-	{
-	BN_CTX *ctx;
-	BIO *out;
-	char *outfile=NULL;
-
-	results = 0;
-
-	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-results") == 0)
-			results=1;
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) break;
-			outfile= *(++argv);
-			}
-		argc--;
-		argv++;
-		}
-
-
-	ctx=BN_CTX_new();
-	if (ctx == NULL) EXIT(1);
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) EXIT(1);
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-		}
-	else
-		{
-		if (!BIO_write_filename(out,outfile))
-			{
-			perror(outfile);
-			EXIT(1);
-			}
-		}
-
-	if (!results)
-		BIO_puts(out,"obase=16\nibase=16\n");
-
-	message(out,"BN_add");
-	if (!test_add(out)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_sub");
-	if (!test_sub(out)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_lshift1");
-	if (!test_lshift1(out)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_lshift (fixed)");
-	if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
-	    goto err;
-	BIO_flush(out);
-
-	message(out,"BN_lshift");
-	if (!test_lshift(out,ctx,NULL)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_rshift1");
-	if (!test_rshift1(out)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_rshift");
-	if (!test_rshift(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_sqr");
-	if (!test_sqr(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mul");
-	if (!test_mul(out)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_div");
-	if (!test_div(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_div_recp");
-	if (!test_div_recp(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mod");
-	if (!test_mod(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mod_mul");
-	if (!test_mod_mul(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mont");
-	if (!test_mont(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mod_exp");
-	if (!test_mod_exp(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_exp");
-	if (!test_exp(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_kronecker");
-	if (!test_kron(out,ctx)) goto err;
-	BIO_flush(out);
-
-	message(out,"BN_mod_sqrt");
-	if (!test_sqrt(out,ctx)) goto err;
-	BIO_flush(out);
-
-	BN_CTX_free(ctx);
-	BIO_free(out);
-
-/**/
-	EXIT(0);
-err:
-	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
-	                      * the failure, see test_bn in test/Makefile.ssl*/
-	BIO_flush(out);
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	EXIT(1);
-	return(1);
-	}
-
-int test_add(BIO *bp)
-	{
-	BIGNUM a,b,c;
-	int i;
-
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-
-	BN_bntest_rand(&a,512,0,0);
-	for (i=0; i<num0; i++)
-		{
-		BN_bntest_rand(&b,450+i,0,0);
-		a.neg=rand_neg();
-		b.neg=rand_neg();
-		BN_add(&c,&a,&b);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," + ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		a.neg=!a.neg;
-		b.neg=!b.neg;
-		BN_add(&c,&c,&b);
-		BN_add(&c,&c,&a);
-		if(!BN_is_zero(&c))
-		    {
-		    fprintf(stderr,"Add test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	return(1);
-	}
-
-int test_sub(BIO *bp)
-	{
-	BIGNUM a,b,c;
-	int i;
-
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-
-	for (i=0; i<num0+num1; i++)
-		{
-		if (i < num1)
-			{
-			BN_bntest_rand(&a,512,0,0);
-			BN_copy(&b,&a);
-			if (BN_set_bit(&a,i)==0) return(0);
-			BN_add_word(&b,i);
-			}
-		else
-			{
-			BN_bntest_rand(&b,400+i-num1,0,0);
-			a.neg=rand_neg();
-			b.neg=rand_neg();
-			}
-		BN_sub(&c,&a,&b);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," - ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		BN_add(&c,&c,&b);
-		BN_sub(&c,&c,&a);
-		if(!BN_is_zero(&c))
-		    {
-		    fprintf(stderr,"Subtract test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	return(1);
-	}
-
-int test_div(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM a,b,c,d,e;
-	int i;
-
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-	BN_init(&d);
-	BN_init(&e);
-
-	for (i=0; i<num0+num1; i++)
-		{
-		if (i < num1)
-			{
-			BN_bntest_rand(&a,400,0,0);
-			BN_copy(&b,&a);
-			BN_lshift(&a,&a,i);
-			BN_add_word(&a,i);
-			}
-		else
-			BN_bntest_rand(&b,50+3*(i-num1),0,0);
-		a.neg=rand_neg();
-		b.neg=rand_neg();
-		BN_div(&d,&c,&a,&b,ctx);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," / ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&d);
-			BIO_puts(bp,"\n");
-
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," % ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		BN_mul(&e,&d,&b,ctx);
-		BN_add(&d,&e,&c);
-		BN_sub(&d,&d,&a);
-		if(!BN_is_zero(&d))
-		    {
-		    fprintf(stderr,"Division test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	BN_free(&d);
-	BN_free(&e);
-	return(1);
-	}
-
-int test_div_recp(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM a,b,c,d,e;
-	BN_RECP_CTX recp;
-	int i;
-
-	BN_RECP_CTX_init(&recp);
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-	BN_init(&d);
-	BN_init(&e);
-
-	for (i=0; i<num0+num1; i++)
-		{
-		if (i < num1)
-			{
-			BN_bntest_rand(&a,400,0,0);
-			BN_copy(&b,&a);
-			BN_lshift(&a,&a,i);
-			BN_add_word(&a,i);
-			}
-		else
-			BN_bntest_rand(&b,50+3*(i-num1),0,0);
-		a.neg=rand_neg();
-		b.neg=rand_neg();
-		BN_RECP_CTX_set(&recp,&b,ctx);
-		BN_div_recp(&d,&c,&a,&recp,ctx);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," / ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&d);
-			BIO_puts(bp,"\n");
-
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," % ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		BN_mul(&e,&d,&b,ctx);
-		BN_add(&d,&e,&c);
-		BN_sub(&d,&d,&a);
-		if(!BN_is_zero(&d))
-		    {
-		    fprintf(stderr,"Reciprocal division test failed!\n");
-		    fprintf(stderr,"a=");
-		    BN_print_fp(stderr,&a);
-		    fprintf(stderr,"\nb=");
-		    BN_print_fp(stderr,&b);
-		    fprintf(stderr,"\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	BN_free(&d);
-	BN_free(&e);
-	BN_RECP_CTX_free(&recp);
-	return(1);
-	}
-
-int test_mul(BIO *bp)
-	{
-	BIGNUM a,b,c,d,e;
-	int i;
-	BN_CTX *ctx;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL) EXIT(1);
-	
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-	BN_init(&d);
-	BN_init(&e);
-
-	for (i=0; i<num0+num1; i++)
-		{
-		if (i <= num1)
-			{
-			BN_bntest_rand(&a,100,0,0);
-			BN_bntest_rand(&b,100,0,0);
-			}
-		else
-			BN_bntest_rand(&b,i-num1,0,0);
-		a.neg=rand_neg();
-		b.neg=rand_neg();
-		BN_mul(&c,&a,&b,ctx);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," * ");
-				BN_print(bp,&b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		BN_div(&d,&e,&c,&a,ctx);
-		BN_sub(&d,&d,&b);
-		if(!BN_is_zero(&d) || !BN_is_zero(&e))
-		    {
-		    fprintf(stderr,"Multiplication test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	BN_free(&d);
-	BN_free(&e);
-	BN_CTX_free(ctx);
-	return(1);
-	}
-
-int test_sqr(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM a,c,d,e;
-	int i;
-
-	BN_init(&a);
-	BN_init(&c);
-	BN_init(&d);
-	BN_init(&e);
-
-	for (i=0; i<num0; i++)
-		{
-		BN_bntest_rand(&a,40+i*10,0,0);
-		a.neg=rand_neg();
-		BN_sqr(&c,&a,ctx);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,&a);
-				BIO_puts(bp," * ");
-				BN_print(bp,&a);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&c);
-			BIO_puts(bp,"\n");
-			}
-		BN_div(&d,&e,&c,&a,ctx);
-		BN_sub(&d,&d,&a);
-		if(!BN_is_zero(&d) || !BN_is_zero(&e))
-		    {
-		    fprintf(stderr,"Square test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(&a);
-	BN_free(&c);
-	BN_free(&d);
-	BN_free(&e);
-	return(1);
-	}
-
-int test_mont(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM a,b,c,d,A,B;
-	BIGNUM n;
-	int i;
-	BN_MONT_CTX *mont;
-
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-	BN_init(&d);
-	BN_init(&A);
-	BN_init(&B);
-	BN_init(&n);
-
-	mont=BN_MONT_CTX_new();
-
-	BN_bntest_rand(&a,100,0,0); /**/
-	BN_bntest_rand(&b,100,0,0); /**/
-	for (i=0; i<num2; i++)
-		{
-		int bits = (200*(i+1))/num2;
-
-		if (bits == 0)
-			continue;
-		BN_bntest_rand(&n,bits,0,1);
-		BN_MONT_CTX_set(mont,&n,ctx);
-
-		BN_nnmod(&a,&a,&n,ctx);
-		BN_nnmod(&b,&b,&n,ctx);
-
-		BN_to_montgomery(&A,&a,mont,ctx);
-		BN_to_montgomery(&B,&b,mont,ctx);
-
-		BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/
-		BN_from_montgomery(&A,&c,mont,ctx);/**/
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-#ifdef undef
-fprintf(stderr,"%d * %d %% %d\n",
-BN_num_bits(&a),
-BN_num_bits(&b),
-BN_num_bits(mont->N));
-#endif
-				BN_print(bp,&a);
-				BIO_puts(bp," * ");
-				BN_print(bp,&b);
-				BIO_puts(bp," % ");
-				BN_print(bp,&(mont->N));
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,&A);
-			BIO_puts(bp,"\n");
-			}
-		BN_mod_mul(&d,&a,&b,&n,ctx);
-		BN_sub(&d,&d,&A);
-		if(!BN_is_zero(&d))
-		    {
-		    fprintf(stderr,"Montgomery multiplication test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_MONT_CTX_free(mont);
-	BN_free(&a);
-	BN_free(&b);
-	BN_free(&c);
-	BN_free(&d);
-	BN_free(&A);
-	BN_free(&B);
-	BN_free(&n);
-	return(1);
-	}
-
-int test_mod(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*c,*d,*e;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-	d=BN_new();
-	e=BN_new();
-
-	BN_bntest_rand(a,1024,0,0); /**/
-	for (i=0; i<num0; i++)
-		{
-		BN_bntest_rand(b,450+i*10,0,0); /**/
-		a->neg=rand_neg();
-		b->neg=rand_neg();
-		BN_mod(c,a,b,ctx);/**/
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," % ");
-				BN_print(bp,b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,c);
-			BIO_puts(bp,"\n");
-			}
-		BN_div(d,e,a,b,ctx);
-		BN_sub(e,e,c);
-		if(!BN_is_zero(e))
-		    {
-		    fprintf(stderr,"Modulo test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	BN_free(d);
-	BN_free(e);
-	return(1);
-	}
-
-int test_mod_mul(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*c,*d,*e;
-	int i,j;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-	d=BN_new();
-	e=BN_new();
-
-	for (j=0; j<3; j++) {
-	BN_bntest_rand(c,1024,0,0); /**/
-	for (i=0; i<num0; i++)
-		{
-		BN_bntest_rand(a,475+i*10,0,0); /**/
-		BN_bntest_rand(b,425+i*11,0,0); /**/
-		a->neg=rand_neg();
-		b->neg=rand_neg();
-		if (!BN_mod_mul(e,a,b,c,ctx))
-			{
-			unsigned long l;
-
-			while ((l=ERR_get_error()))
-				fprintf(stderr,"ERROR:%s\n",
-					ERR_error_string(l,NULL));
-			EXIT(1);
-			}
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," * ");
-				BN_print(bp,b);
-				BIO_puts(bp," % ");
-				BN_print(bp,c);
-				if ((a->neg ^ b->neg) && !BN_is_zero(e))
-					{
-					/* If  (a*b) % c  is negative,  c  must be added
-					 * in order to obtain the normalized remainder
-					 * (new with OpenSSL 0.9.7, previous versions of
-					 * BN_mod_mul could generate negative results)
-					 */
-					BIO_puts(bp," + ");
-					BN_print(bp,c);
-					}
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,e);
-			BIO_puts(bp,"\n");
-			}
-		BN_mul(d,a,b,ctx);
-		BN_sub(d,d,e);
-		BN_div(a,b,d,c,ctx);
-		if(!BN_is_zero(b))
-		    {
-		    fprintf(stderr,"Modulo multiply test failed!\n");
-		    ERR_print_errors_fp(stderr);
-		    return 0;
-		    }
-		}
-	}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	BN_free(d);
-	BN_free(e);
-	return(1);
-	}
-
-int test_mod_exp(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*c,*d,*e;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-	d=BN_new();
-	e=BN_new();
-
-	BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
-	for (i=0; i<num2; i++)
-		{
-		BN_bntest_rand(a,20+i*5,0,0); /**/
-		BN_bntest_rand(b,2+i,0,0); /**/
-
-		if (!BN_mod_exp(d,a,b,c,ctx))
-			return(00);
-
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," ^ ");
-				BN_print(bp,b);
-				BIO_puts(bp," % ");
-				BN_print(bp,c);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,d);
-			BIO_puts(bp,"\n");
-			}
-		BN_exp(e,a,b,ctx);
-		BN_sub(e,e,d);
-		BN_div(a,b,e,c,ctx);
-		if(!BN_is_zero(b))
-		    {
-		    fprintf(stderr,"Modulo exponentiation test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	BN_free(d);
-	BN_free(e);
-	return(1);
-	}
-
-int test_exp(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*d,*e,*one;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	d=BN_new();
-	e=BN_new();
-	one=BN_new();
-	BN_one(one);
-
-	for (i=0; i<num2; i++)
-		{
-		BN_bntest_rand(a,20+i*5,0,0); /**/
-		BN_bntest_rand(b,2+i,0,0); /**/
-
-		if (!BN_exp(d,a,b,ctx))
-			return(00);
-
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," ^ ");
-				BN_print(bp,b);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,d);
-			BIO_puts(bp,"\n");
-			}
-		BN_one(e);
-		for( ; !BN_is_zero(b) ; BN_sub(b,b,one))
-		    BN_mul(e,e,a,ctx);
-		BN_sub(e,e,d);
-		if(!BN_is_zero(e))
-		    {
-		    fprintf(stderr,"Exponentiation test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(d);
-	BN_free(e);
-	BN_free(one);
-	return(1);
-	}
-
-static void genprime_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	putc(c, stderr);
-	fflush(stderr);
-	(void)n;
-	(void)arg;
-	}
-
-int test_kron(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*r,*t;
-	int i;
-	int legendre, kronecker;
-	int ret = 0;
-
-	a = BN_new();
-	b = BN_new();
-	r = BN_new();
-	t = BN_new();
-	if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
-	
-	/* We test BN_kronecker(a, b, ctx) just for  b  odd (Jacobi symbol).
-	 * In this case we know that if  b  is prime, then BN_kronecker(a, b, ctx)
-	 * is congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol).
-	 * So we generate a random prime  b  and compare these values
-	 * for a number of random  a's.  (That is, we run the Solovay-Strassen
-	 * primality test to confirm that  b  is prime, except that we
-	 * don't want to test whether  b  is prime but whether BN_kronecker
-	 * works.) */
-
-	if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err;
-	b->neg = rand_neg();
-	putc('\n', stderr);
-
-	for (i = 0; i < num0; i++)
-		{
-		if (!BN_bntest_rand(a, 512, 0, 0)) goto err;
-		a->neg = rand_neg();
-
-		/* t := (|b|-1)/2  (note that b is odd) */
-		if (!BN_copy(t, b)) goto err;
-		t->neg = 0;
-		if (!BN_sub_word(t, 1)) goto err;
-		if (!BN_rshift1(t, t)) goto err;
-		/* r := a^t mod b */
-		b->neg=0;
-		
-		if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err;
-		b->neg=1;
-
-		if (BN_is_word(r, 1))
-			legendre = 1;
-		else if (BN_is_zero(r))
-			legendre = 0;
-		else
-			{
-			if (!BN_add_word(r, 1)) goto err;
-			if (0 != BN_ucmp(r, b))
-				{
-				fprintf(stderr, "Legendre symbol computation failed\n");
-				goto err;
-				}
-			legendre = -1;
-			}
-		
-		kronecker = BN_kronecker(a, b, ctx);
-		if (kronecker < -1) goto err;
-		/* we actually need BN_kronecker(a, |b|) */
-		if (a->neg && b->neg)
-			kronecker = -kronecker;
-		
-		if (legendre != kronecker)
-			{
-			fprintf(stderr, "legendre != kronecker; a = ");
-			BN_print_fp(stderr, a);
-			fprintf(stderr, ", b = ");
-			BN_print_fp(stderr, b);
-			fprintf(stderr, "\n");
-			goto err;
-			}
-
-		putc('.', stderr);
-		fflush(stderr);
-		}
-
-	putc('\n', stderr);
-	fflush(stderr);
-	ret = 1;
- err:
-	if (a != NULL) BN_free(a);
-	if (b != NULL) BN_free(b);
-	if (r != NULL) BN_free(r);
-	if (t != NULL) BN_free(t);
-	return ret;
-	}
-
-int test_sqrt(BIO *bp, BN_CTX *ctx)
-	{
-	BIGNUM *a,*p,*r;
-	int i, j;
-	int ret = 0;
-
-	a = BN_new();
-	p = BN_new();
-	r = BN_new();
-	if (a == NULL || p == NULL || r == NULL) goto err;
-	
-	for (i = 0; i < 16; i++)
-		{
-		if (i < 8)
-			{
-			unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
-			
-			if (!BN_set_word(p, primes[i])) goto err;
-			}
-		else
-			{
-			if (!BN_set_word(a, 32)) goto err;
-			if (!BN_set_word(r, 2*i + 1)) goto err;
-		
-			if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err;
-			putc('\n', stderr);
-			}
-		p->neg = rand_neg();
-
-		for (j = 0; j < num2; j++)
-			{
-			/* construct 'a' such that it is a square modulo p,
-			 * but in general not a proper square and not reduced modulo p */
-			if (!BN_bntest_rand(r, 256, 0, 3)) goto err;
-			if (!BN_nnmod(r, r, p, ctx)) goto err;
-			if (!BN_mod_sqr(r, r, p, ctx)) goto err;
-			if (!BN_bntest_rand(a, 256, 0, 3)) goto err;
-			if (!BN_nnmod(a, a, p, ctx)) goto err;
-			if (!BN_mod_sqr(a, a, p, ctx)) goto err;
-			if (!BN_mul(a, a, r, ctx)) goto err;
-			if (rand_neg())
-				if (!BN_sub(a, a, p)) goto err;
-
-			if (!BN_mod_sqrt(r, a, p, ctx)) goto err;
-			if (!BN_mod_sqr(r, r, p, ctx)) goto err;
-
-			if (!BN_nnmod(a, a, p, ctx)) goto err;
-
-			if (BN_cmp(a, r) != 0)
-				{
-				fprintf(stderr, "BN_mod_sqrt failed: a = ");
-				BN_print_fp(stderr, a);
-				fprintf(stderr, ", r = ");
-				BN_print_fp(stderr, r);
-				fprintf(stderr, ", p = ");
-				BN_print_fp(stderr, p);
-				fprintf(stderr, "\n");
-				goto err;
-				}
-
-			putc('.', stderr);
-			fflush(stderr);
-			}
-		
-		putc('\n', stderr);
-		fflush(stderr);
-		}
-	ret = 1;
- err:
-	if (a != NULL) BN_free(a);
-	if (p != NULL) BN_free(p);
-	if (r != NULL) BN_free(r);
-	return ret;
-	}
-
-int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
-	{
-	BIGNUM *a,*b,*c,*d;
-	int i;
-
-	b=BN_new();
-	c=BN_new();
-	d=BN_new();
-	BN_one(c);
-
-	if(a_)
-	    a=a_;
-	else
-	    {
-	    a=BN_new();
-	    BN_bntest_rand(a,200,0,0); /**/
-	    a->neg=rand_neg();
-	    }
-	for (i=0; i<num0; i++)
-		{
-		BN_lshift(b,a,i+1);
-		BN_add(c,c,c);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," * ");
-				BN_print(bp,c);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,b);
-			BIO_puts(bp,"\n");
-			}
-		BN_mul(d,a,c,ctx);
-		BN_sub(d,d,b);
-		if(!BN_is_zero(d))
-		    {
-		    fprintf(stderr,"Left shift test failed!\n");
-		    fprintf(stderr,"a=");
-		    BN_print_fp(stderr,a);
-		    fprintf(stderr,"\nb=");
-		    BN_print_fp(stderr,b);
-		    fprintf(stderr,"\nc=");
-		    BN_print_fp(stderr,c);
-		    fprintf(stderr,"\nd=");
-		    BN_print_fp(stderr,d);
-		    fprintf(stderr,"\n");
-		    return 0;
-		    }
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	BN_free(d);
-	return(1);
-	}
-
-int test_lshift1(BIO *bp)
-	{
-	BIGNUM *a,*b,*c;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-
-	BN_bntest_rand(a,200,0,0); /**/
-	a->neg=rand_neg();
-	for (i=0; i<num0; i++)
-		{
-		BN_lshift1(b,a);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," * 2");
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,b);
-			BIO_puts(bp,"\n");
-			}
-		BN_add(c,a,a);
-		BN_sub(a,b,c);
-		if(!BN_is_zero(a))
-		    {
-		    fprintf(stderr,"Left shift one test failed!\n");
-		    return 0;
-		    }
-		
-		BN_copy(a,b);
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	return(1);
-	}
-
-int test_rshift(BIO *bp,BN_CTX *ctx)
-	{
-	BIGNUM *a,*b,*c,*d,*e;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-	d=BN_new();
-	e=BN_new();
-	BN_one(c);
-
-	BN_bntest_rand(a,200,0,0); /**/
-	a->neg=rand_neg();
-	for (i=0; i<num0; i++)
-		{
-		BN_rshift(b,a,i+1);
-		BN_add(c,c,c);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," / ");
-				BN_print(bp,c);
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,b);
-			BIO_puts(bp,"\n");
-			}
-		BN_div(d,e,a,c,ctx);
-		BN_sub(d,d,b);
-		if(!BN_is_zero(d))
-		    {
-		    fprintf(stderr,"Right shift test failed!\n");
-		    return 0;
-		    }
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	BN_free(d);
-	BN_free(e);
-	return(1);
-	}
-
-int test_rshift1(BIO *bp)
-	{
-	BIGNUM *a,*b,*c;
-	int i;
-
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-
-	BN_bntest_rand(a,200,0,0); /**/
-	a->neg=rand_neg();
-	for (i=0; i<num0; i++)
-		{
-		BN_rshift1(b,a);
-		if (bp != NULL)
-			{
-			if (!results)
-				{
-				BN_print(bp,a);
-				BIO_puts(bp," / 2");
-				BIO_puts(bp," - ");
-				}
-			BN_print(bp,b);
-			BIO_puts(bp,"\n");
-			}
-		BN_sub(c,a,b);
-		BN_sub(c,c,b);
-		if(!BN_is_zero(c) && !BN_abs_is_word(c, 1))
-		    {
-		    fprintf(stderr,"Right shift one test failed!\n");
-		    return 0;
-		    }
-		BN_copy(a,b);
-		}
-	BN_free(a);
-	BN_free(b);
-	BN_free(c);
-	return(1);
-	}
-
-int rand_neg(void)
-	{
-	static unsigned int neg=0;
-	static int sign[8]={0,0,0,1,1,0,1,1};
-
-	return(sign[(neg++)%8]);
-	}
diff --git a/crypto/openssl/crypto/bn/comba.pl b/crypto/openssl/crypto/bn/comba.pl
deleted file mode 100644
index 211a8b45c786..000000000000
--- a/crypto/openssl/crypto/bn/comba.pl
+++ /dev/null
@@ -1,285 +0,0 @@
-#!/usr/local/bin/perl
-
-$num=8;
-$num2=8/2;
-
-print <<"EOF";
-/* crypto/bn/bn_comba.c */
-#include <stdio.h>
-#include "bn_lcl.h"
-/* Auto generated from crypto/bn/comba.pl
- */
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \\
-	t=(BN_ULLONG)a*b; \\
-	t1=(BN_ULONG)Lw(t); \\
-	t2=(BN_ULONG)Hw(t); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \\
-	t=(BN_ULLONG)a*b; \\
-	tt=(t+t)&BN_MASK; \\
-	if (tt < t) c2++; \\
-	t1=(BN_ULONG)Lw(tt); \\
-	t2=(BN_ULONG)Hw(tt); \\
-	c0=(c0+t1)&BN_MASK2;  \\
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \\
-	t=(BN_ULLONG)a[i]*a[i]; \\
-	t1=(BN_ULONG)Lw(t); \\
-	t2=(BN_ULONG)Hw(t); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#else
-#define mul_add_c(a,b,c0,c1,c2) \\
-	t1=LBITS(a); t2=HBITS(a); \\
-	bl=LBITS(b); bh=HBITS(b); \\
-	mul64(t1,t2,bl,bh); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \\
-	t1=LBITS(a); t2=HBITS(a); \\
-	bl=LBITS(b); bh=HBITS(b); \\
-	mul64(t1,t2,bl,bh); \\
-	if (t2 & BN_TBIT) c2++; \\
-	t2=(t2+t2)&BN_MASK2; \\
-	if (t1 & BN_TBIT) t2++; \\
-	t1=(t1+t1)&BN_MASK2; \\
-	c0=(c0+t1)&BN_MASK2;  \\
-	if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \\
-	sqr64(t1,t2,(a)[i]); \\
-	c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \\
-	c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif
-
-void bn_mul_comba${num}(r,a,b)
-BN_ULONG *r,*a,*b;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_mul("r","a","b",$num,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_mul_comba${num2}(r,a,b)
-BN_ULONG *r,*a,*b;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_mul("r","a","b",$num2,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_sqr_comba${num}(r,a)
-BN_ULONG *r,*a;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_sqr("r","a",$num,"c1","c2","c3");
-printf <<"EOF";
-	}
-
-void bn_sqr_comba${num2}(r,a)
-BN_ULONG *r,*a;
-	{
-#ifdef BN_LLONG
-	BN_ULLONG t,tt;
-#else
-	BN_ULONG bl,bh;
-#endif
-	BN_ULONG t1,t2;
-	BN_ULONG c1,c2,c3;
-
-EOF
-$ret=&combas_sqr("r","a",$num2,"c1","c2","c3");
-printf <<"EOF";
-	}
-EOF
-
-sub bn_str
-	{
-	local($var,$val)=@_;
-	print "\t$var=$val;\n";
-	}
-
-sub bn_ary
-	{
-	local($var,$idx)=@_;
-	return("${var}[$idx]");
-	}
-
-sub bn_clr
-	{
-	local($var)=@_;
-
-	print "\t$var=0;\n";
-	}
-
-sub bn_mad
-	{
-	local($a,$b,$c0,$c1,$c2,$num)=@_;
-
-	if ($num == 2)
-		{ printf("\tmul_add_c2($a,$b,$c0,$c1,$c2);\n"); }
-	else
-		{ printf("\tmul_add_c($a,$b,$c0,$c1,$c2);\n"); }
-	}
-
-sub bn_sad
-	{
-	local($a,$i,$j,$c0,$c1,$c2,$num)=@_;
-
-	if ($num == 2)
-		{ printf("\tsqr_add_c2($a,$i,$j,$c0,$c1,$c2);\n"); }
-	else
-		{ printf("\tsqr_add_c($a,$i,$c0,$c1,$c2);\n"); }
-	}
-
-sub combas_mul
-	{
-	local($r,$a,$b,$num,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-	&bn_clr($c0);
-	&bn_clr($c1);
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-		@numa=@numb=();
-
-#print "($as $ae) ($bs $be) $bs -> $end [$i $num]\n";
-		for ($j=$bs; $j<$end; $j++)
-			{
-			push(@numa,$ai);
-			push(@numb,$bi);
-			$ai--;
-			$bi++;
-			}
-
-		if ($i & 1)
-			{
-			@numa=reverse(@numa);
-			@numb=reverse(@numb);
-			}
-
-		&bn_clr($c2);
-		for ($j=0; $j<=$#numa; $j++)
-			{
-			&bn_mad(&bn_ary($a,$numa[$j]),
-				&bn_ary($b,$numb[$j]),$c0,$c1,$c2,1);
-			}
-		&bn_str(&bn_ary($r,$i),$c0);
-		($c0,$c1,$c2)=($c1,$c2,$c0);
-
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&bn_str(&bn_ary($r,$i),$c0);
-	}
-
-sub combas_sqr
-	{
-	local($r,$a,$num,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	$b=$a;
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-	&bn_clr($c0);
-	&bn_clr($c1);
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-		@numa=@numb=();
-
-#print "($as $ae) ($bs $be) $bs -> $end [$i $num]\n";
-		for ($j=$bs; $j<$end; $j++)
-			{
-			push(@numa,$ai);
-			push(@numb,$bi);
-			$ai--;
-			$bi++;
-			last if ($ai < $bi);
-			}
-		if (!($i & 1))
-			{
-			@numa=reverse(@numa);
-			@numb=reverse(@numb);
-			}
-
-		&bn_clr($c2);
-		for ($j=0; $j <= $#numa; $j++)
-			{
-			if ($numa[$j] == $numb[$j])
-				{&bn_sad($a,$numa[$j],$numb[$j],$c0,$c1,$c2,1);}
-			else
-				{&bn_sad($a,$numa[$j],$numb[$j],$c0,$c1,$c2,2);}
-			}
-		&bn_str(&bn_ary($r,$i),$c0);
-		($c0,$c1,$c2)=($c1,$c2,$c0);
-
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&bn_str(&bn_ary($r,$i),$c0);
-	}
diff --git a/crypto/openssl/crypto/bn/d.c b/crypto/openssl/crypto/bn/d.c
deleted file mode 100644
index ced2291b2555..000000000000
--- a/crypto/openssl/crypto/bn/d.c
+++ /dev/null
@@ -1,72 +0,0 @@
-#include <stdio.h>
-#include <openssl/bio.h>
-#include "bn_lcl.h"
-
-#define SIZE_A (100*4+4)
-#define SIZE_B (13*4)
-
-main(argc,argv)
-int argc;
-char *argv[];
-	{
-	BN_CTX ctx;
-	BN_RECP_CTX recp;
-	BIGNUM a,b,dd,d,r,rr,t,l;
-	int i;
-
-	MemCheck_start();
-	MemCheck_on();
-	BN_CTX_init(&ctx);
-	BN_RECP_CTX_init(&recp);
-
-	BN_init(&r);
-	BN_init(&rr);
-	BN_init(&d);
-	BN_init(&dd);
-	BN_init(&a);
-	BN_init(&b);
-
-	{
-	BN_rand(&a,SIZE_A,0,0);
-	BN_rand(&b,SIZE_B,0,0);
-
-	a.neg=1;
-	BN_RECP_CTX_set(&recp,&b,&ctx);
-
-	BN_print_fp(stdout,&a); printf(" a\n");
-	BN_print_fp(stdout,&b); printf(" b\n");
-
-	BN_print_fp(stdout,&recp.N); printf(" N\n");
-	BN_print_fp(stdout,&recp.Nr); printf(" Nr num_bits=%d\n",recp.num_bits);
-
-	BN_div_recp(&r,&d,&a,&recp,&ctx);
-
-for (i=0; i<300; i++)
-	BN_div(&rr,&dd,&a,&b,&ctx);
-
-	BN_print_fp(stdout,&r); printf(" div recp\n");
-	BN_print_fp(stdout,&rr); printf(" div\n");
-	BN_print_fp(stdout,&d); printf(" rem recp\n");
-	BN_print_fp(stdout,&dd); printf(" rem\n");
-	}
-	BN_CTX_free(&ctx);
-	BN_RECP_CTX_free(&recp);
-
-	BN_free(&r);
-	BN_free(&rr);
-	BN_free(&d);
-	BN_free(&dd);
-	BN_free(&a);
-	BN_free(&b);
-
-	{
-	BIO *out;
-
-	if ((out=BIO_new(BIO_s_file())) != NULL)
-		BIO_set_fp(out,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-        CRYPTO_mem_leaks(out);
-	BIO_free(out);
-	}
-
-	}
diff --git a/crypto/openssl/crypto/bn/divtest.c b/crypto/openssl/crypto/bn/divtest.c
deleted file mode 100644
index d3fc688f3357..000000000000
--- a/crypto/openssl/crypto/bn/divtest.c
+++ /dev/null
@@ -1,41 +0,0 @@
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-
-static int Rand(n)
-{
-    unsigned char x[2];
-    RAND_pseudo_bytes(x,2);
-    return (x[0] + 2*x[1]);
-}
-
-static void bug(char *m, BIGNUM *a, BIGNUM *b)
-{
-    printf("%s!\na=",m);
-    BN_print_fp(stdout, a);
-    printf("\nb=");
-    BN_print_fp(stdout, b);
-    printf("\n");
-    fflush(stdout);
-}
-
-main()
-{
-    BIGNUM *a=BN_new(), *b=BN_new(), *c=BN_new(), *d=BN_new(),
-	*C=BN_new(), *D=BN_new();
-    BN_RECP_CTX *recp=BN_RECP_CTX_new();
-    BN_CTX *ctx=BN_CTX_new();
-
-    for(;;) {
-	BN_pseudo_rand(a,Rand(),0,0);
-	BN_pseudo_rand(b,Rand(),0,0);
-	if (BN_is_zero(b)) continue;
-
-	BN_RECP_CTX_set(recp,b,ctx);
-	if (BN_div(C,D,a,b,ctx) != 1)
-	    bug("BN_div failed",a,b);
-	if (BN_div_recp(c,d,a,recp,ctx) != 1)
-	    bug("BN_div_recp failed",a,b);
-	else if (BN_cmp(c,C) != 0 || BN_cmp(c,C) != 0)
-	    bug("mismatch",a,b);
-    }
-}
diff --git a/crypto/openssl/crypto/bn/exp.c b/crypto/openssl/crypto/bn/exp.c
deleted file mode 100644
index 4865b0ef742b..000000000000
--- a/crypto/openssl/crypto/bn/exp.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* unused */
-
-#include <stdio.h>
-#include <openssl/tmdiff.h>
-#include "bn_lcl.h"
-
-#define SIZE	256
-#define NUM	(8*8*8)
-#define MOD	(8*8*8*8*8)
-
-main(argc,argv)
-int argc;
-char *argv[];
-	{
-	BN_CTX ctx;
-	BIGNUM a,b,c,r,rr,t,l;
-	int j,i,size=SIZE,num=NUM,mod=MOD;
-	char *start,*end;
-	BN_MONT_CTX mont;
-	double d,md;
-
-	BN_MONT_CTX_init(&mont);
-	BN_CTX_init(&ctx);
-	BN_init(&a);
-	BN_init(&b);
-	BN_init(&c);
-	BN_init(&r);
-
-	start=ms_time_new();
-	end=ms_time_new();
-	while (size <= 1024*8)
-		{
-		BN_rand(&a,size,0,0);
-		BN_rand(&b,size,1,0);
-		BN_rand(&c,size,0,1);
-
-		BN_mod(&a,&a,&c,&ctx);
-
-		ms_time_get(start);
-		for (i=0; i<10; i++)
-			BN_MONT_CTX_set(&mont,&c,&ctx);
-		ms_time_get(end);
-		md=ms_time_diff(start,end);
-
-		ms_time_get(start);
-		for (i=0; i<num; i++)
-			{
-			/* bn_mull(&r,&a,&b,&ctx); */
-			/* BN_sqr(&r,&a,&ctx); */
-			BN_mod_exp_mont(&r,&a,&b,&c,&ctx,&mont);
-			}
-		ms_time_get(end);
-		d=ms_time_diff(start,end)/* *50/33 */;
-		printf("%5d bit:%6.2f %6d %6.4f %4d m_set(%5.4f)\n",size,
-			d,num,d/num,(int)((d/num)*mod),md/10.0);
-		num/=8;
-		mod/=8;
-		if (num <= 0) num=1;
-		size*=2;
-		}
-
-	}
diff --git a/crypto/openssl/crypto/bn/expspeed.c b/crypto/openssl/crypto/bn/expspeed.c
deleted file mode 100644
index 07a1bcf51cfc..000000000000
--- a/crypto/openssl/crypto/bn/expspeed.c
+++ /dev/null
@@ -1,353 +0,0 @@
-/* unused */
-
-/* crypto/bn/expspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM	5000
-#define NUM_START 0
-
-
-/* determine timings for modexp, modmul, modsqr, gcd, Kronecker symbol,
- * modular inverse, or modular square roots */
-#define TEST_EXP
-#undef TEST_MUL
-#undef TEST_SQR
-#undef TEST_GCD
-#undef TEST_KRON
-#undef TEST_INV
-#undef TEST_SQRT
-#define P_MOD_64 9 /* least significant 6 bits for prime to be used for BN_sqrt timings */
-
-#if defined(TEST_EXP) + defined(TEST_MUL) + defined(TEST_SQR) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1
-#  error "choose one test"
-#endif
-
-#if defined(TEST_INV) || defined(TEST_SQRT)
-#  define C_PRIME
-static void genprime_cb(int p, int n, void *arg);
-#endif
-
-
-
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE	((long)1024*8)
-int run=0;
-
-static double Time_F(int s);
-#define START	0
-#define STOP	1
-
-static double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret < 1e-3)?1e-3:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret < 0.001)?0.001:ret);
-		}
-#endif
-	}
-
-#define NUM_SIZES	7
-#if NUM_START > NUM_SIZES
-#   error "NUM_START > NUM_SIZES"
-#endif
-static int sizes[NUM_SIZES]={128,256,512,1024,2048,4096,8192};
-static int mul_c[NUM_SIZES]={8*8*8*8*8*8,8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1};
-/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
-
-#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
-
-void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx); 
-
-int main(int argc, char **argv)
-	{
-	BN_CTX *ctx;
-	BIGNUM *a,*b,*c,*r;
-
-#if 1
-	if (!CRYPTO_set_mem_debug_functions(0,0,0,0,0))
-		abort();
-#endif
-
-	ctx=BN_CTX_new();
-	a=BN_new();
-	b=BN_new();
-	c=BN_new();
-	r=BN_new();
-
-	while (!RAND_status())
-		/* not enough bits */
-		RAND_SEED("I demand a manual recount!");
-
-	do_mul_exp(r,a,b,c,ctx);
-	return 0;
-	}
-
-void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
-	{
-	int i,k;
-	double tm;
-	long num;
-
-	num=BASENUM;
-	for (i=NUM_START; i<NUM_SIZES; i++)
-		{
-#ifdef C_PRIME
-#  ifdef TEST_SQRT
-		if (!BN_set_word(a, 64)) goto err;
-		if (!BN_set_word(b, P_MOD_64)) goto err;
-#    define ADD a
-#    define REM b
-#  else
-#    define ADD NULL
-#    define REM NULL
-#  endif
-		if (!BN_generate_prime(c,sizes[i],0,ADD,REM,genprime_cb,NULL)) goto err;
-		putc('\n', stderr);
-		fflush(stderr);
-#endif
-
-		for (k=0; k<num; k++)
-			{
-			if (k%50 == 0) /* Average over num/50 different choices of random numbers. */
-				{
-				if (!BN_pseudo_rand(a,sizes[i],1,0)) goto err;
-
-				if (!BN_pseudo_rand(b,sizes[i],1,0)) goto err;
-
-#ifndef C_PRIME
-				if (!BN_pseudo_rand(c,sizes[i],1,1)) goto err;
-#endif
-
-#ifdef TEST_SQRT				
-				if (!BN_mod_sqr(a,a,c,ctx)) goto err;
-				if (!BN_mod_sqr(b,b,c,ctx)) goto err;
-#else
-				if (!BN_nnmod(a,a,c,ctx)) goto err;
-				if (!BN_nnmod(b,b,c,ctx)) goto err;
-#endif
-
-				if (k == 0)
-					Time_F(START);
-				}
-
-#if defined(TEST_EXP)
-			if (!BN_mod_exp(r,a,b,c,ctx)) goto err;
-#elif defined(TEST_MUL)
-			{
-			int i = 0;
-			for (i = 0; i < 50; i++)
-				if (!BN_mod_mul(r,a,b,c,ctx)) goto err;
-			}
-#elif defined(TEST_SQR)
-			{
-			int i = 0;
-			for (i = 0; i < 50; i++)
-				{
-				if (!BN_mod_sqr(r,a,c,ctx)) goto err;
-				if (!BN_mod_sqr(r,b,c,ctx)) goto err;
-				}
-			}
-#elif defined(TEST_GCD)
-			if (!BN_gcd(r,a,b,ctx)) goto err;
-			if (!BN_gcd(r,b,c,ctx)) goto err;
-			if (!BN_gcd(r,c,a,ctx)) goto err;
-#elif defined(TEST_KRON)
-			if (-2 == BN_kronecker(a,b,ctx)) goto err;
-			if (-2 == BN_kronecker(b,c,ctx)) goto err;
-			if (-2 == BN_kronecker(c,a,ctx)) goto err;
-#elif defined(TEST_INV)
-			if (!BN_mod_inverse(r,a,c,ctx)) goto err;
-			if (!BN_mod_inverse(r,b,c,ctx)) goto err;
-#else /* TEST_SQRT */
-			if (!BN_mod_sqrt(r,a,c,ctx)) goto err;
-			if (!BN_mod_sqrt(r,b,c,ctx)) goto err;
-#endif
-			}
-		tm=Time_F(STOP);
-		printf(
-#if defined(TEST_EXP)
-			"modexp %4d ^ %4d %% %4d"
-#elif defined(TEST_MUL)
-			"50*modmul %4d %4d %4d"
-#elif defined(TEST_SQR)
-			"100*modsqr %4d %4d %4d"
-#elif defined(TEST_GCD)
-			"3*gcd %4d %4d %4d"
-#elif defined(TEST_KRON)
-			"3*kronecker %4d %4d %4d"
-#elif defined(TEST_INV)
-			"2*inv %4d %4d mod %4d"
-#else /* TEST_SQRT */
-			"2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
-#endif
-			" -> %8.3fms %5.1f (%ld)\n",
-#ifdef TEST_SQRT
-			P_MOD_64,
-#endif
-			sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num, num);
-		num/=7;
-		if (num <= 0) num=1;
-		}
-	return;
-
- err:
-	ERR_print_errors_fp(stderr);
-	}
-
-
-#ifdef C_PRIME
-static void genprime_cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	putc(c, stderr);
-	fflush(stderr);
-	(void)n;
-	(void)arg;
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/exptest.c b/crypto/openssl/crypto/bn/exptest.c
deleted file mode 100644
index 621e6a9eeeb5..000000000000
--- a/crypto/openssl/crypto/bn/exptest.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* crypto/bn/exptest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_SYS_WINDOWS
-#include "../bio/bss_file.c"
-#endif
-
-#define NUM_BITS	(BN_BITS*2)
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-	{
-	BN_CTX *ctx;
-	BIO *out=NULL;
-	int i,ret;
-	unsigned char c;
-	BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m;
-
-	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
-	                                       * even check its return value
-	                                       * (which we should) */
-
-	ERR_load_BN_strings();
-
-	ctx=BN_CTX_new();
-	if (ctx == NULL) EXIT(1);
-	r_mont=BN_new();
-	r_recp=BN_new();
-	r_simple=BN_new();
-	a=BN_new();
-	b=BN_new();
-	m=BN_new();
-	if (	(r_mont == NULL) || (r_recp == NULL) ||
-		(a == NULL) || (b == NULL))
-		goto err;
-
-	out=BIO_new(BIO_s_file());
-
-	if (out == NULL) EXIT(1);
-	BIO_set_fp(out,stdout,BIO_NOCLOSE);
-
-	for (i=0; i<200; i++)
-		{
-		RAND_bytes(&c,1);
-		c=(c%BN_BITS)-BN_BITS2;
-		BN_rand(a,NUM_BITS+c,0,0);
-
-		RAND_bytes(&c,1);
-		c=(c%BN_BITS)-BN_BITS2;
-		BN_rand(b,NUM_BITS+c,0,0);
-
-		RAND_bytes(&c,1);
-		c=(c%BN_BITS)-BN_BITS2;
-		BN_rand(m,NUM_BITS+c,0,1);
-
-		BN_mod(a,a,m,ctx);
-		BN_mod(b,b,m,ctx);
-
-		ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
-		if (ret <= 0)
-			{
-			printf("BN_mod_exp_mont() problems\n");
-			ERR_print_errors(out);
-			EXIT(1);
-			}
-
-		ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
-		if (ret <= 0)
-			{
-			printf("BN_mod_exp_recp() problems\n");
-			ERR_print_errors(out);
-			EXIT(1);
-			}
-
-		ret=BN_mod_exp_simple(r_simple,a,b,m,ctx);
-		if (ret <= 0)
-			{
-			printf("BN_mod_exp_simple() problems\n");
-			ERR_print_errors(out);
-			EXIT(1);
-			}
-
-		if (BN_cmp(r_simple, r_mont) == 0
-		    && BN_cmp(r_simple,r_recp) == 0)
-			{
-			printf(".");
-			fflush(stdout);
-			}
-		else
-		  	{
-			if (BN_cmp(r_simple,r_mont) != 0)
-				printf("\nsimple and mont results differ\n");
-			if (BN_cmp(r_simple,r_recp) != 0)
-				printf("\nsimple and recp results differ\n");
-
-			printf("a (%3d) = ",BN_num_bits(a));   BN_print(out,a);
-			printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
-			printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
-			printf("\nsimple   =");	BN_print(out,r_simple);
-			printf("\nrecp     =");	BN_print(out,r_recp);
-			printf("\nmont     ="); BN_print(out,r_mont);
-			printf("\n");
-			EXIT(1);
-			}
-		}
-	BN_free(r_mont);
-	BN_free(r_recp);
-	BN_free(r_simple);
-	BN_free(a);
-	BN_free(b);
-	BN_free(m);
-	BN_CTX_free(ctx);
-	ERR_remove_state(0);
-	CRYPTO_mem_leaks(out);
-	BIO_free(out);
-	printf(" done\n");
-	EXIT(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors(out);
-	EXIT(1);
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/bn/new b/crypto/openssl/crypto/bn/new
deleted file mode 100644
index 285d506f1997..000000000000
--- a/crypto/openssl/crypto/bn/new
+++ /dev/null
@@ -1,23 +0,0 @@
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new();
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp,BIGNUM *div,BN_CTX *ctx);
-
-int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
-	BN_RECP_CTX *recp,BN_CTX *ctx);
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_recp(BIGNUM *rem, BIGNUM *m, BIGNUM *d,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_mul_recp(BIGNUM *ret,BIGNUM *a,BIGNUM *b,BIGNUM *m
-
-int BN_mod_exp_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *p,
-	BN_MONT_CTX *m_ctx,BN_CTX *ctx);
-int BN_mod_exp2_montgomery(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2,
-                BIGNUM *p2,BN_MONT_CTX *m_ctx,BN_CTX *ctx);
-
-
-bn_div64 -> bn_div_words
-
-
diff --git a/crypto/openssl/crypto/bn/old/b_sqr.c b/crypto/openssl/crypto/bn/old/b_sqr.c
deleted file mode 100644
index 715cb1c8abbd..000000000000
--- a/crypto/openssl/crypto/bn/old/b_sqr.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static int bn_mm(BIGNUM *m,BIGNUM *A,BIGNUM *B, BIGNUM *sk,BN_CTX *ctx);
-
-/* r must be different to a and b */
-/* int BN_mmul(r, a, b) */
-int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b)
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-#ifdef BN_MUL_DEBUG
-printf("BN_mul(%d,%d)\n",a->top,b->top);
-#endif
-
-	if (	(bn_limit_bits > 0) &&
-		(bl > bn_limit_num) && (al > bn_limit_num))
-		{
-		n=(BN_num_bits_word(al|bl)-bn_limit_bits);
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm(r,a,b,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->top=max;
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-
-	rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-	rp++;
-	for (i=1; i<bl; i++)
-		{
-		rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-		rp++;
-		}
-	if ((max > 0) && (r->d[max-1] == 0)) r->top--;
-	return(1);
-	}
-
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm(BIGNUM *m, BIGNUM *A, BIGNUM *B, BIGNUM *sk, BN_CTX *ctx)
-	{
-	int n,num,sqr=0;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-#ifdef BN_MUL_DEBUG
-printf("bn_mm(%d,%d)\n",A->top,B->top);
-#endif
-
-	if (A == B) sqr=1;
-	num=(an>bn)?an:bn;
-	n=(num+1)/2;
-	/* Are going to now chop things into 'num' word chunks. */
-
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	bn_set_low (&al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low (&bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	if (num <= (bn_limit_num+bn_limit_num))
-		{
-		BN_mul(m,&ahal,&blbh);
-		if (sqr)
-			{
-			BN_sqr(&ahal,&al,ctx);
-			BN_sqr(&blbh,&ah,ctx);
-			}
-		else
-			{
-			BN_mul(&ahal,&al,&bl);
-			BN_mul(&blbh,&ah,&bh);
-			}
-		}
-	else
-		{
-		bn_mm(m,&ahal,&blbh,&(sk[2]),ctx);
-		bn_mm(&ahal,&al,&bl,&(sk[2]),ctx);
-		bn_mm(&blbh,&ah,&bh,&(sk[2]),ctx);
-		}
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,n*BN_BITS2);
-	BN_lshift(&blbh,&blbh,n*BN_BITS2*2);
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-#undef ahal	(sk[0])
-#undef blbh	(sk[1])
-
-#include "bn_low.c"
-#include "bn_high.c"
diff --git a/crypto/openssl/crypto/bn/old/bn_com.c b/crypto/openssl/crypto/bn/old/bn_com.c
deleted file mode 100644
index 7666b2304c84..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_com.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* crypto/bn/bn_mulw.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#ifdef BN_LLONG 
-
-ab
-12
-   a2 b2
-a1 b1
-
-abc
-123
-      a3 b3 c3
-   a2 b2 c2
-a1 b1 c1
-
-abcd
-1234
-         a4 b4 c4 d4
-      a3 b3 c3 d3
-   a2 b2 c2 d2
-a1 b1 c1 d1
-
-abcde
-01234
-               a5 b5 c5 d5 e5
-            a4 b4 c4 d4 e4
-         a3 b3 c3 d3 e3
-      a2 b2 c2 d2 e2
-   a1 b1 c1 d1 e1
-a0 b0 c0 d0 e0
diff --git a/crypto/openssl/crypto/bn/old/bn_high.c b/crypto/openssl/crypto/bn/old/bn_high.c
deleted file mode 100644
index 763bcb605b3a..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_high.c
+++ /dev/null
@@ -1,135 +0,0 @@
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#undef BN_MUL_HIGH_DEBUG
-
-#ifdef BN_MUL_HIGH_DEBUG
-#define debug_BN_print(a,b,c) BN_print_fp(a,b); printf(c);
-#else
-#define debug_BN_print(a,b,c)
-#endif
-
-int BN_mul_high(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *low, int words);
-
-#undef t1
-#undef t2
-
-int BN_mul_high(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *low, int words)
-	{
-	int w2,borrow=0,full=0;
-	BIGNUM t1,t2,t3,h,ah,al,bh,bl,m,s0,s1;
-	BN_ULONG ul1,ul2;
-	
-	BN_mul(r,a,b);
-	BN_rshift(r,r,words*BN_BITS2);
-	return(1);
-
-	w2=(words+1)/2;
-
-#ifdef BN_MUL_HIGH_DEBUG
-fprintf(stdout,"words=%d w2=%d\n",words,w2);
-#endif
-debug_BN_print(stdout,a," a\n");
-debug_BN_print(stdout,b," b\n");
-debug_BN_print(stdout,low," low\n");
-	BN_init(&al); BN_init(&ah);
-	BN_init(&bl); BN_init(&bh);
-	BN_init(&t1); BN_init(&t2); BN_init(&t3);
-	BN_init(&s0); BN_init(&s1);
-	BN_init(&h); BN_init(&m);
-
-	bn_set_low (&al,a,w2);
-	bn_set_high(&ah,a,w2);
-	bn_set_low (&bl,b,w2);
-	bn_set_high(&bh,b,w2);
-
-	bn_set_low(&s0,low,w2);
-	bn_set_high(&s1,low,w2);
-
-debug_BN_print(stdout,&al," al\n");
-debug_BN_print(stdout,&ah," ah\n");
-debug_BN_print(stdout,&bl," bl\n");
-debug_BN_print(stdout,&bh," bh\n");
-debug_BN_print(stdout,&s0," s0\n");
-debug_BN_print(stdout,&s1," s1\n");
-
-	/* Calculate (al-ah)*(bh-bl) */
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-
-	/* Calculate ah*bh */
-	BN_mul(&h,&ah,&bh);
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+(al-ah)*(bh-bl)+s0)
-	 */
-	BN_add(&m,&m,&h);
-	BN_add(&t2,&m,&s0);
-
-debug_BN_print(stdout,&t2," middle value\n");
-
-	/* Quick and dirty mask off of high words */
-	if (w2 < t2.top) t2.top=w2;
-#if 0
-	bn_set_low(&t3,&t2,w2);
-#endif
-
-debug_BN_print(stdout,&t2," low middle value\n");
-	BN_sub(&t1,&s1,&t2);
-
-	if (t1.neg)
-		{
-debug_BN_print(stdout,&t1," before\n");
-		BN_zero(&t2);
-		BN_set_bit(&t2,w2*BN_BITS2);
-		BN_add(&t1,&t2,&t1);
-		/* BN_mask_bits(&t1,w2*BN_BITS2); */
-		/* if (words < t1.top) t1.top=words; */
-debug_BN_print(stdout,&t1," after\n");
-		borrow=1;
-		}
-
-/* XXXXX SPEED THIS UP */
-	/* al*bl == high(al*bl)<<words+s0 */
-	BN_lshift(&t1,&t1,w2*BN_BITS2);
-	BN_add(&t1,&t1,&s0);
-	if (w2*2 < t1.top) t1.top=w2*2; /* This should not happen? */
-	
-	/* We now have
-	 * al*bl			- t1
-	 * (al-ah)*(bh-bl)+ah*bh	- m
-	 * ah*bh			- h
-	 */
-#if 0
-	BN_add(&m,&m,&t1);
-debug_BN_print(stdout,&t1," s10\n");
-debug_BN_print(stdout,&m," s21\n");
-debug_BN_print(stdout,&h," s32\n");
-	BN_lshift(&m,&m,w2*BN_BITS2);
-	BN_lshift(&h,&h,w2*2*BN_BITS2);
-	BN_add(r,&m,&t1);
-	BN_add(r,r,&h);
-	BN_rshift(r,r,w2*2*BN_BITS2);
-#else
-	BN_add(&m,&m,&t1); 		/* Do a cmp then +1 if needed? */
-	bn_set_high(&t3,&t1,w2);
-	BN_add(&m,&m,&t3);
-	bn_set_high(&t3,&m,w2);
-	BN_add(r,&h,&t3);
-#endif
-
-#ifdef BN_MUL_HIGH_DEBUG
-printf("carry=%d\n",borrow);
-#endif
-debug_BN_print(stdout,r," ret\n");
-	BN_free(&t1); BN_free(&t2);
-	BN_free(&m); BN_free(&h);
-	return(1);
-	}
-
-
-
diff --git a/crypto/openssl/crypto/bn/old/bn_ka.c b/crypto/openssl/crypto/bn/old/bn_ka.c
deleted file mode 100644
index 378c94dc5a7c..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_ka.c
+++ /dev/null
@@ -1,567 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <strings.h>
-#include "bn_lcl.h"
-
-/* r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calulate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2;
-	int neg,zero,c1,c2;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_mul_recursive %d * %d\n",n2,n2);
-#endif
-	if (n2 <= 8)
-		{
-		if (n2 == 8)
-			bn_mul_comba8(r,a,b);
-		else
-			bn_mul_normal(r,a,n2,b,n2);
-		return;
-		}
-
-	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
-		{
-		/* This should not happen */
-		/*abort(); */
-		bn_mul_normal(r,a,n2,b,n2);
-		return;
-		}
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),b,n);
-	zero=neg=0;
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(t,      &(a[n]),a,      n); /* - */
-		bn_sub_words(&(t[n]),&(b[n]),b,      n); /* + */
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(t,      a,      &(a[n]),n); /* + */
-		bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(t,      a,      &(a[n]),n);
-		bn_sub_words(&(t[n]),&(b[n]),b,      n);
-		break;
-		}
-
-	if (n == 8)
-		{
-		if (!zero)
-			bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		else
-			memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-		
-		bn_mul_comba8(r,a,b);
-		bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		if (!zero)
-			bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		else
-			memset(&(t[n2]),0,n*sizeof(BN_ULONG));
-		bn_mul_recursive(r,a,b,n,p);
-		bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-
-	if (neg) /* if t[32] is negative */
-		{
-		c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-		}
-	else
-		{
-		/* Might have a carry */
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),t,n2);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
-	     int n, BN_ULONG *t)
-	{
-	int n2=n*2,i,j;
-	int c1;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
-#endif
-	if (n < 8)
-		{
-		i=tn+n;
-		bn_mul_normal(r,a,i,b,i);
-		return;
-		}
-
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	bn_sub_words(t,      a,      &(a[n]),n); /* + */
-	bn_sub_words(&(t[n]),b,      &(b[n]),n); /* - */
-
-	if (n == 8)
-		{
-		bn_mul_comba8(&(t[n2]),t,&(t[n]));
-		bn_mul_comba8(r,a,b);
-		bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
-		memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
-		bn_mul_recursive(r,a,b,n,p);
-		i=n/2;
-		/* If there is only a bottom half to the number,
-		 * just do it */
-		j=tn-i;
-		if (j == 0)
-			{
-			bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
-			memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
-			}
-		else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
-				{
-				bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
-					j,i,p);
-				memset(&(r[n2+tn*2]),0,
-					sizeof(BN_ULONG)*(n2-tn*2));
-				}
-		else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
-			{
-			memset(&(r[n2]),0,sizeof(BN_ULONG)*(tn*2));
-			for (;;)
-				{
-				i/=2;
-				if (i < tn)
-					{
-					bn_mul_part_recursive(&(r[n2]),
-						&(a[n]),&(b[n]),
-						tn-i,i,p);
-					break;
-					}
-				else if (i == tn)
-					{
-					bn_mul_recursive(&(r[n2]),
-						&(a[n]),&(b[n]),
-						i,p);
-					break;
-					}
-				}
-			}
-		}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-/* r is 2*n words in size,
- * a and b are both n words in size.
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calulate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t)
-	{
-	int n=n2/2;
-	int zero,c1;
-	BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_sqr_recursive %d * %d\n",n2,n2);
-#endif
-	if (n2 == 4)
-		{
-		bn_sqr_comba4(r,a);
-		return;
-		}
-	else if (n2 == 8)
-		{
-		bn_sqr_comba8(r,a);
-		return;
-		}
-	if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_sqr_normal(r,a,n2,t);
-		return;
-		abort();
-		}
-	/* r=(a[0]-a[1])*(a[1]-a[0]) */
-	c1=bn_cmp_words(a,&(a[n]),n);
-	zero=0;
-	if (c1 > 0)
-		bn_sub_words(t,a,&(a[n]),n);
-	else if (c1 < 0)
-		bn_sub_words(t,&(a[n]),a,n);
-	else
-		zero=1;
-
-	/* The result will always be negative unless it is zero */
-
-	if (n == 8)
-		{
-		if (!zero)
-			bn_sqr_comba8(&(t[n2]),t);
-		else
-			memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-		
-		bn_sqr_comba8(r,a);
-		bn_sqr_comba8(&(r[n2]),&(a[n]));
-		}
-	else
-		{
-		p= &(t[n2*2]);
-		if (!zero)
-			bn_sqr_recursive(&(t[n2]),t,n,p);
-		else
-			memset(&(t[n2]),0,n*sizeof(BN_ULONG));
-		bn_sqr_recursive(r,a,n,p);
-		bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
-		}
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1=bn_add_words(t,r,&(r[n2]),n2);
-
-	/* t[32] is negative */
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
-	 * r[10] holds (a[0]*a[0])
-	 * r[32] holds (a[1]*a[1])
-	 * c1 holds the carry bits
-	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
-	if (c1)
-		{
-		p= &(r[n+n2]);
-		lo= *p;
-		ln=(lo+c1)&BN_MASK2;
-		*p=ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < c1)
-			{
-			do	{
-				p++;
-				lo= *p;
-				ln=(lo+1)&BN_MASK2;
-				*p=ln;
-				} while (ln == 0);
-			}
-		}
-	}
-
-#if 1
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-	     BN_ULONG *t)
-	{
-	int n=n2/2;
-
-#ifdef BN_COUNT
-printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
-#endif
-
-	bn_mul_recursive(r,a,b,n,&(t[0]));
-	if (n > BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
-		{
-		bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		}
-	else
-		{
-		bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
-		bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
-		bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
-		}
-	}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-	     BN_ULONG *t)
-	{
-	int j,i,n,c1,c2;
-	int neg,oneg,zero;
-	BN_ULONG ll,lc,*lp,*mp;
-
-#ifdef BN_COUNT
-printf(" bn_mul_high %d * %d\n",n2,n2);
-#endif
-	n=(n2+1)/2;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	neg=zero=0;
-	c1=bn_cmp_words(&(a[0]),&(a[n]),n);
-	c2=bn_cmp_words(&(b[n]),&(b[0]),n);
-	switch (c1*3+c2)
-		{
-	case -4:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		break;
-	case -3:
-		zero=1;
-		break;
-	case -2:
-		bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		neg=1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero=1;
-		break;
-	case 2:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
-		neg=1;
-		break;
-	case 3:
-		zero=1;
-		break;
-	case 4:
-		bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
-		bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
-		break;
-		}
-		
-	oneg=neg;
-	/* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
-	bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
-	/* r[10] = (a[1]*b[1]) */
-	bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
-	 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2+n]);
-		c1=bn_add_words(lp,&(r[0]),&(l[0]),n);
-		}
-	else
-		{
-		c1=0;
-		lp= &(r[0]);
-		}
-
-	if (neg)
-		neg=bn_sub_words(&(t[n2]),lp,&(t[0]),n);
-	else
-		{
-		bn_add_words(&(t[n2]),lp,&(t[0]),n);
-		neg=0;
-		}
-
-	if (l != NULL)
-		{
-		bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		mp= &(t[n2]);
-		for (i=0; i<n; i++)
-			lp[i]=((~mp[i])+1)&BN_MASK2;
-		}
-
-	/* s[0] = low(al*bl)
-	 * t[3] = high(al*bl)
-	 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
-	 * r[10] = (a[1]*b[1])
-	 */
-	/* R[10] = al*bl
-	 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
-	 * R[32] = ah*bh
-	 */
-	/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
-	 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
-	 * R[3]=r[1]+(carry/borrow)
-	 */
-	if (l != NULL)
-		{
-		lp= &(t[n2]);
-		c1= bn_add_words(lp,&(t[n2+n]),&(l[0]),n);
-		}
-	else
-		{
-		lp= &(t[n2+n]);
-		c1=0;
-		}
-	c1+=bn_add_words(&(t[n2]),lp,  &(r[0]),n);
-	if (oneg)
-		c1-=bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n);
-	else
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n);
-
-	c2 =bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n);
-	c2+=bn_add_words(&(r[0]),&(r[0]),&(r[n]),n);
-	if (oneg)
-		c2-=bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n);
-	else
-		c2+=bn_add_words(&(r[0]),&(r[0]),&(t[n]),n);
-	
-	if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
-		{
-		i=0;
-		if (c1 > 0)
-			{
-			lc=c1;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c1;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	if (c2 != 0) /* Add starting at r[1] */
-		{
-		i=n;
-		if (c2 > 0)
-			{
-			lc=c2;
-			do	{
-				ll=(r[i]+lc)&BN_MASK2;
-				r[i++]=ll;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		else
-			{
-			lc= -c2;
-			do	{
-				ll=r[i];
-				r[i++]=(ll-lc)&BN_MASK2;
-				lc=(lc > ll);
-				} while (lc);
-			}
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/old/bn_low.c b/crypto/openssl/crypto/bn/old/bn_low.c
deleted file mode 100644
index cbc406751c09..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_low.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static int bn_mm_low(BIGNUM *m,BIGNUM *A,BIGNUM *B, int num,
-		BIGNUM *sk,BN_CTX *ctx);
-int BN_mul_low(BIGNUM *r, BIGNUM *a, BIGNUM *b,int words);
-
-/* r must be different to a and b */
-int BN_mul_low(BIGNUM *r, BIGNUM *a, BIGNUM *b, int num)
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int j,i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-#ifdef BN_MUL_DEBUG
-printf("BN_mul_low(%d,%d,%d)\n",a->top,b->top,num);
-#endif
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-
-	if ((bn_limit_bits_low > 0) && (num > bn_limit_num_low))
-		{
-		n=BN_num_bits_word(num*2)-bn_limit_bits_low;
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm_low(r,a,b,num,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-	r->top=(max > num)?num:max;
-
-	rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-	rp++;
-	j=bl;
-	for (i=1; i<j; i++)
-		{
-		if (al >= num--)
-			{
-			al--;
-			if (al <= 0) break;
-			}
-		rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-		rp++;
-		}
-	
-	while ((r->top > 0) && (r->d[r->top-1] == 0))
-		r->top--;
-	return(1);
-	}
-
-
-#define t1	(sk[0])
-#define t2	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm_low(BIGNUM *m, BIGNUM *A, BIGNUM *B, int num, BIGNUM *sk,
-	     BN_CTX *ctx)
-	{
-	int n; /* ,sqr=0; */
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	bn_wexpand(m,num+3);
-	an=A->top;
-	bn=B->top;
-
-#ifdef BN_MUL_DEBUG
-printf("bn_mm_low(%d,%d,%d)\n",A->top,B->top,num);
-#endif
-
-	n=(num+1)/2;
-
-	BN_init(&ah); BN_init(&al); BN_init(&bh); BN_init(&bl);
-
-	bn_set_low( &al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low( &bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	if (num <= (bn_limit_num_low+bn_limit_num_low))
-		{
-		BN_mul(m,&al,&bl);
-		BN_mul_low(&t1,&al,&bh,n);
-		BN_mul_low(&t2,&ah,&bl,n);
-		}
-	else
-		{
-		bn_mm(m  ,&al,&bl,&(sk[2]),ctx);
-		bn_mm_low(&t1,&al,&bh,n,&(sk[2]),ctx);
-		bn_mm_low(&t2,&ah,&bl,n,&(sk[2]),ctx);
-		}
-
-	BN_add(&t1,&t1,&t2);
-
-	/* We will now do an evil hack instead of
-	 * BN_lshift(&t1,&t1,n*BN_BITS2);
-	 * BN_add(m,m,&t1);
-	 * BN_mask_bits(m,num*BN_BITS2);
-	 */
-	bn_set_high(&ah,m,n); ah.max=num+2;
-	BN_add(&ah,&ah,&t1);
-	m->top=num;
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-
-#undef t1	(sk[0])
-#undef t2	(sk[1])
diff --git a/crypto/openssl/crypto/bn/old/bn_m.c b/crypto/openssl/crypto/bn/old/bn_m.c
deleted file mode 100644
index 522beb02bca1..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_m.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/bn/bn_m.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-/*#include "cryptlib.h"*/
-#include "bn_lcl.h"
-
-#define limit_bits 5			/* 2^5, or 32 words */
-#define limit_num (1<<limit_bits)
-
-int BN_m(BIGNUM *r, BIGNUM *a, BIGNUM *b)
-	{
-	BIGNUM *sk;
-	int i,n;
-
-	n=(BN_num_bits_word(a->top|b->top)-limit_bits);
-	n*=2;
-	sk=(BIGNUM *)malloc(sizeof(BIGNUM)*n);
-	for (i=0; i<n; i++)
-		BN_init(&(sk[i]));
-
-	return(BN_mm(r,a,b,&(sk[0])));
-	}
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int BN_mm(BIGNUM *m, BIGNUM *A, BIGNUM *B, BIGNUM *sk)
-	{
-	int i,num,anum,bnum;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-	if ((an <= limit_num) || (bn <= limit_num))
-		{
-		return(BN_mul(m,A,B));
-		}
-
-	anum=(an>bn)?an:bn;
-	num=(anum)/2;
-
-	/* Are going to now chop things into 'num' word chunks. */
-	bnum=num*BN_BITS2;
-
-	BN_init(&ahal);
-	BN_init(&blbh);
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	al.top=num;
-	al.d=A->d;
-	ah.top=A->top-num;
-	ah.d= &(A->d[num]);
-
-	bl.top=num;
-	bl.d=B->d;
-	bh.top=B->top-num;
-	bh.d= &(B->d[num]);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	BN_mm(m,&ahal,&blbh,&(sk[2]));
-	BN_mm(&ahal,&al,&bl,&(sk[2]));
-	BN_mm(&blbh,&ah,&bh,&(sk[2]));
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,bnum);
-	BN_add(m,m,&ahal);
-
-	BN_lshift(&blbh,&blbh,bnum*2);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/bn/old/bn_mul.c.works b/crypto/openssl/crypto/bn/old/bn_mul.c.works
deleted file mode 100644
index 6d565d44a277..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_mul.c.works
+++ /dev/null
@@ -1,219 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int bn_mm(BIGNUM *m,BIGNUM *A,BIGNUM *B, BIGNUM *sk,BN_CTX *ctx);
-
-/* r must be different to a and b */
-int BN_mul(r, a, b)
-BIGNUM *r;
-BIGNUM *a;
-BIGNUM *b;
-	{
-	BN_ULONG *ap,*bp,*rp;
-	BIGNUM *sk;
-	int i,n,ret;
-	int max,al,bl;
-	BN_CTX ctx;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	al=a->top;
-	bl=b->top;
-	if ((al == 0) || (bl == 0))
-		{
-		r->top=0;
-		return(1);
-		}
-#ifdef BN_MUL_DEBUG
-printf("BN_mul(%d,%d)\n",a->top,b->top);
-#endif
-
-#ifdef BN_RECURSION
-	if (	(bn_limit_bits > 0) &&
-		(bl > bn_limit_num) && (al > bn_limit_num))
-		{
-		n=(BN_num_bits_word(al|bl)-bn_limit_bits);
-		n*=2;
-		sk=(BIGNUM *)Malloc(sizeof(BIGNUM)*n);
-		memset(sk,0,sizeof(BIGNUM)*n);
-		memset(&ctx,0,sizeof(ctx));
-
-		ret=bn_mm(r,a,b,&(sk[0]),&ctx);
-		for (i=0; i<n; i+=2)
-			{
-			BN_clear_free(&sk[i]);
-			BN_clear_free(&sk[i+1]);
-			}
-		Free(sk);
-		return(ret);
-		}
-#endif
-
-	max=(al+bl);
-	if (bn_wexpand(r,max) == NULL) return(0);
-	r->top=max;
-	r->neg=a->neg^b->neg;
-	ap=a->d;
-	bp=b->d;
-	rp=r->d;
-
-#ifdef BN_RECURSION
-	if ((al == bl) && (al == 8))
-		{
-		bn_mul_comba8(rp,ap,bp);
-		}
-	else
-#endif
-		{
-		rp[al]=bn_mul_words(rp,ap,al,*(bp++));
-		rp++;
-		for (i=1; i<bl; i++)
-			{
-			rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
-			rp++;
-			}
-		}
-	if ((max > 0) && (r->d[max-1] == 0)) r->top--;
-	return(1);
-	}
-
-#ifdef BN_RECURSION
-
-#define ahal	(sk[0])
-#define blbh	(sk[1])
-
-/* r must be different to a and b */
-int bn_mm(m, A, B, sk,ctx)
-BIGNUM *m,*A,*B;
-BIGNUM *sk;
-BN_CTX *ctx;
-	{
-	int n,num,sqr=0;
-	int an,bn;
-	BIGNUM ah,al,bh,bl;
-
-	an=A->top;
-	bn=B->top;
-#ifdef BN_MUL_DEBUG
-printf("bn_mm(%d,%d)\n",A->top,B->top);
-#endif
-
-	if (A == B) sqr=1;
-	num=(an>bn)?an:bn;
-	n=(num+1)/2;
-	/* Are going to now chop things into 'num' word chunks. */
-
-	BN_init(&ah);
-	BN_init(&al);
-	BN_init(&bh);
-	BN_init(&bl);
-
-	bn_set_low (&al,A,n);
-	bn_set_high(&ah,A,n);
-	bn_set_low (&bl,B,n);
-	bn_set_high(&bh,B,n);
-
-	BN_sub(&ahal,&ah,&al);
-	BN_sub(&blbh,&bl,&bh);
-
-	if (num <= (bn_limit_num+bn_limit_num))
-		{
-		BN_mul(m,&ahal,&blbh);
-		if (sqr)
-			{
-			BN_sqr(&ahal,&al,ctx);
-			BN_sqr(&blbh,&ah,ctx);
-			}
-		else
-			{
-			BN_mul(&ahal,&al,&bl);
-			BN_mul(&blbh,&ah,&bh);
-			}
-		}
-	else
-		{
-		bn_mm(m,&ahal,&blbh,&(sk[2]),ctx);
-		bn_mm(&ahal,&al,&bl,&(sk[2]),ctx);
-		bn_mm(&blbh,&ah,&bh,&(sk[2]),ctx);
-		}
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	BN_lshift(m,m,n*BN_BITS2);
-	BN_lshift(&blbh,&blbh,n*BN_BITS2*2);
-
-	BN_add(m,m,&ahal);
-	BN_add(m,m,&blbh);
-
-	m->neg=A->neg^B->neg;
-	return(1);
-	}
-#undef ahal	(sk[0])
-#undef blbh	(sk[1])
-
-#include "bn_low.c"
-#include "bn_high.c"
-#include "f.c"
-
-#endif
diff --git a/crypto/openssl/crypto/bn/old/bn_wmul.c b/crypto/openssl/crypto/bn/old/bn_wmul.c
deleted file mode 100644
index a467b2f17aa2..000000000000
--- a/crypto/openssl/crypto/bn/old/bn_wmul.c
+++ /dev/null
@@ -1,173 +0,0 @@
-#include <stdio.h>
-#include "bn_lcl.h"
-
-#if 1
-
-int bn_mull(BIGNUM *r,BIGNUM *a,BIGNUM *b, BN_CTX *ctx);
-
-int bn_mull(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-	{
-	int top,i,j,k,al,bl;
-	BIGNUM *t;
-
-#ifdef BN_COUNT
-printf("bn_mull %d * %d\n",a->top,b->top);
-#endif
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(r);
-
-	al=a->top;
-	bl=b->top;
-	r->neg=a->neg^b->neg;
-
-	top=al+bl;
-	if ((al < 4) || (bl < 4))
-		{
-		if (bn_wexpand(r,top) == NULL) return(0);
-		r->top=top;
-		bn_mul_normal(r->d,a->d,al,b->d,bl);
-		goto end;
-		}
-	else if (al == bl) /* A good start, they are the same size */
-		goto symetric;
-	else
-		{
-		i=(al-bl);
-		if ((i ==  1) && !BN_get_flags(b,BN_FLG_STATIC_DATA))
-			{
-			bn_wexpand(b,al);
-			b->d[bl]=0;
-			bl++;
-			goto symetric;
-			}
-		else if ((i ==  -1) && !BN_get_flags(a,BN_FLG_STATIC_DATA))
-			{
-			bn_wexpand(a,bl);
-			a->d[al]=0;
-			al++;
-			goto symetric;
-			}
-		}
-
-	/* asymetric and >= 4 */ 
-	if (bn_wexpand(r,top) == NULL) return(0);
-	r->top=top;
-	bn_mul_normal(r->d,a->d,al,b->d,bl);
-
-	if (0)
-		{
-		/* symetric and > 4 */
-symetric:
-		if (al == 4)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_comba4(r->d,a->d,b->d);
-			goto end;
-			}
-		if (al == 8)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_comba8(r->d,a->d,b->d);
-			goto end;
-			}
-		if (al <= BN_MULL_NORMAL_SIZE)
-			{
-			if (bn_wexpand(r,al*2) == NULL) return(0);
-			r->top=top;
-			bn_mul_normal(r->d,a->d,al,b->d,bl);
-			goto end;
-			}
-		/* 16 or larger */
-		j=BN_num_bits_word((BN_ULONG)al);
-		j=1<<(j-1);
-		k=j+j;
-		t= &(ctx->bn[ctx->tos]);
-		if (al == j) /* exact multiple */
-			{
-			bn_wexpand(t,k*2);
-			bn_wexpand(r,k*2);
-			bn_mul_recursive(r->d,a->d,b->d,al,t->d);
-			}
-		else
-			{
-			bn_wexpand(a,k);
-			bn_wexpand(b,k);
-			bn_wexpand(t,k*4);
-			bn_wexpand(r,k*4);
-			for (i=a->top; i<k; i++)
-				a->d[i]=0;
-			for (i=b->top; i<k; i++)
-				b->d[i]=0;
-			bn_mul_part_recursive(r->d,a->d,b->d,al-j,j,t->d);
-			}
-		r->top=top;
-		}
-end:
-	bn_fix_top(r);
-	return(1);
-	}
-#endif
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
-	{
-	BN_ULONG *rr;
-
-#ifdef BN_COUNT
-printf(" bn_mul_normal %d * %d\n",na,nb);
-#endif
-
-	if (na < nb)
-		{
-		int itmp;
-		BN_ULONG *ltmp;
-
-		itmp=na; na=nb; nb=itmp;
-		ltmp=a;   a=b;   b=ltmp;
-
-		}
-	rr= &(r[na]);
-	rr[0]=bn_mul_words(r,a,na,b[0]);
-
-	for (;;)
-		{
-		if (--nb <= 0) return;
-		rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
-		if (--nb <= 0) return;
-		rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
-		if (--nb <= 0) return;
-		rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
-		if (--nb <= 0) return;
-		rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
-		rr+=4;
-		r+=4;
-		b+=4;
-		}
-	}
-
-#if 1
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-	{
-#ifdef BN_COUNT
-printf(" bn_mul_low_normal %d * %d\n",n,n);
-#endif
-	bn_mul_words(r,a,n,b[0]);
-
-	for (;;)
-		{
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[1]),a,n,b[1]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[2]),a,n,b[2]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[3]),a,n,b[3]);
-		if (--n <= 0) return;
-		bn_mul_add_words(&(r[4]),a,n,b[4]);
-		r+=4;
-		b+=4;
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/bn/old/build b/crypto/openssl/crypto/bn/old/build
deleted file mode 100755
index 8cd99e5f179a..000000000000
--- a/crypto/openssl/crypto/bn/old/build
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-gcc -g -I../../include test.c -L../.. -lcrypto
diff --git a/crypto/openssl/crypto/bn/old/info b/crypto/openssl/crypto/bn/old/info
deleted file mode 100644
index 5ac99c3b2377..000000000000
--- a/crypto/openssl/crypto/bn/old/info
+++ /dev/null
@@ -1,22 +0,0 @@
-Given A1A0 * B1B0 == S3S2S1S0
-
-S0=     low(A0*B0)
-S1=     low( (A1-A0)*(B0-B1)) +low( A1*B1) +high(A0*B0)
-S2=     high((A1-A0)*(B0-B1)) +high(A1*B1) +low( A1*B1)
-S3=     high(A1*B1);
-
-Assume we know S1 and S0, and can calulate A1*B1 and high((A1-A0)*(B0-B1))
-
-k0=	S0 == low(A0*B0)
-k1=	S1
-k2=	low( A1*B1)
-k3=	high(A1*B1)
-k4=	high((A1-A0)*(B0-B1))
-
-k1=	low((A1-A0)*(B0-B1)) +k2 +high(A0*B0)
-S2=	k4 +k3 +k2
-S3=	k3
-
-S1-k2= low((A1-A0)*(B0-B1)) +high(A0*B0)
-
-We potentially have a carry or a borrow from S1
diff --git a/crypto/openssl/crypto/bn/old/test.works b/crypto/openssl/crypto/bn/old/test.works
deleted file mode 100644
index 127c7b415d88..000000000000
--- a/crypto/openssl/crypto/bn/old/test.works
+++ /dev/null
@@ -1,205 +0,0 @@
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define SIZE	128
-
-#define BN_MONT_CTX_set		bn_mcs
-#define BN_from_montgomery	bn_fm
-#define BN_mod_mul_montgomery	bn_mmm
-#undef BN_to_montgomery
-#define BN_to_montgomery(r,a,mont,ctx)	bn_mmm(\
-	r,a,(mont)->RR,(mont),ctx)
-
-main()
-	{
-	BIGNUM prime,a,b,r,A,B,R;
-	BN_MONT_CTX *mont;
-	BN_CTX *ctx;
-	int i;
-
-	ctx=BN_CTX_new();
-	BN_init(&prime);
-	BN_init(&a); BN_init(&b); BN_init(&r);
-	BN_init(&A); BN_init(&B); BN_init(&R);
-
-	BN_generate_prime(&prime,SIZE,0,NULL,NULL,NULL,NULL);
-	BN_rand(&A,SIZE,1,0);
-	BN_rand(&B,SIZE,1,0);
-	BN_mod(&A,&A,&prime,ctx);
-	BN_mod(&B,&B,&prime,ctx);
-
-	mont=BN_MONT_CTX_new();
-	BN_MONT_CTX_set(mont,&prime,ctx);
-
-	BN_to_montgomery(&a,&A,mont,ctx);
-	BN_to_montgomery(&b,&B,mont,ctx);
-
-	BN_mul(&r,&a,&b);
-	BN_print_fp(stdout,&r); printf("\n");
-	BN_from_montgomery(&r,&r,mont,ctx);
-	BN_print_fp(stdout,&r); printf("\n");
-	BN_from_montgomery(&r,&r,mont,ctx);
-	BN_print_fp(stdout,&r); printf("\n");
-
-	BN_mod_mul(&R,&A,&B,&prime,ctx);
-
-	BN_print_fp(stdout,&a); printf("\n");
-	BN_print_fp(stdout,&b); printf("\n");
-	BN_print_fp(stdout,&prime); printf("\n");
-	BN_print_fp(stdout,&r); printf("\n\n");
-
-	BN_print_fp(stdout,&A); printf("\n");
-	BN_print_fp(stdout,&B); printf("\n");
-	BN_print_fp(stdout,&prime); printf("\n");
-	BN_print_fp(stdout,&R); printf("\n\n");
-
-	BN_mul(&r,&a,&b);
-	BN_print_fp(stdout,&r); printf(" <- BA*DC\n");
-	BN_copy(&A,&r);
-	i=SIZE/2;
-	BN_mask_bits(&A,i*2);
-//	BN_print_fp(stdout,&A); printf(" <- low(BA*DC)\n");
-	bn_do_lower(&r,&a,&b,&A,i);
-//	BN_print_fp(stdout,&r); printf(" <- low(BA*DC)\n");
-	}
-
-int bn_mul_low(r,a,b,low,i)
-BIGNUM *r,*a,*b,*low;
-int i;
-	{
-	int w;
-	BIGNUM Kh,Km,t1,t2,h,ah,al,bh,bl,l,m,s0,s1;
-
-	BN_init(&Kh); BN_init(&Km); BN_init(&t1); BN_init(&t2); BN_init(&l);
-	BN_init(&ah); BN_init(&al); BN_init(&bh); BN_init(&bl); BN_init(&h);
-	BN_init(&m); BN_init(&s0); BN_init(&s1);
-
-	BN_copy(&al,a); BN_mask_bits(&al,i); BN_rshift(&ah,a,i);
-	BN_copy(&bl,b); BN_mask_bits(&bl,i); BN_rshift(&bh,b,i);
-
-
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-	BN_mul(&h,&ah,&bh);
-
-	BN_copy(&s0,low); BN_mask_bits(&s0,i);
-	BN_rshift(&s1,low,i);
-
-	BN_add(&t1,&h,&m);
-	BN_add(&t1,&t1,&s0);
-
-	BN_copy(&t2,&t1); BN_mask_bits(&t2,i);
-	BN_sub(&t1,&s1,&t2);
-	BN_lshift(&t1,&t1,i);
-	BN_add(&t1,&t1,&s0);
-	if (t1.neg)
-		{
-		BN_lshift(&t2,BN_value_one(),i*2);
-		BN_add(&t1,&t2,&t1);
-		BN_mask_bits(&t1,i*2);
-		}
-	
-	BN_free(&Kh); BN_free(&Km); BN_free(&t1); BN_free(&t2);
-	BN_free(&ah); BN_free(&al); BN_free(&bh); BN_free(&bl);
-	}
-
-int BN_mod_mul_montgomery(r,a,b,mont,ctx)
-BIGNUM *r,*a,*b;
-BN_MONT_CTX *mont;
-BN_CTX *ctx;
-	{
-	BIGNUM *tmp;
-
-        tmp= &(ctx->bn[ctx->tos++]);
-
-	if (a == b)
-		{
-		if (!BN_sqr(tmp,a,ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mul(tmp,a,b)) goto err;
-		}
-	/* reduce from aRR to aR */
-	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ctx->tos--;
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_from_montgomery(r,a,mont,ctx)
-BIGNUM *r;
-BIGNUM *a;
-BN_MONT_CTX *mont;
-BN_CTX *ctx;
-	{
-	BIGNUM z1;
-	BIGNUM *t1,*t2;
-	BN_ULONG *ap,*bp,*rp;
-	int j,i,bl,al;
-
-	BN_init(&z1);
-	t1= &(ctx->bn[ctx->tos]);
-	t2= &(ctx->bn[ctx->tos+1]);
-
-	if (!BN_copy(t1,a)) goto err;
-	/* can cheat */
-	BN_mask_bits(t1,mont->ri);
-	if (!BN_mul(t2,t1,mont->Ni)) goto err;
-	BN_mask_bits(t2,mont->ri);
-
-	if (!BN_mul(t1,t2,mont->N)) goto err;
-	if (!BN_add(t2,t1,a)) goto err;
-
-	/* At this point, t2 has the bottom ri bits set to zero.
-	 * This means that the bottom ri bits == the 1^ri minus the bottom
-	 * ri bits of a.
-	 * This means that only the bits above 'ri' in a need to be added,
-	 * and XXXXXXXXXXXXXXXXXXXXXXXX
-	 */
-BN_print_fp(stdout,t2); printf("\n");
-	BN_rshift(r,t2,mont->ri);
-
-	if (BN_ucmp(r,mont->N) >= 0)
-		bn_qsub(r,r,mont->N);
-
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_MONT_CTX_set(mont,mod,ctx)
-BN_MONT_CTX *mont;
-BIGNUM *mod;
-BN_CTX *ctx;
-	{
-	BIGNUM *Ri=NULL,*R=NULL;
-
-	if (mont->RR == NULL) mont->RR=BN_new();
-	if (mont->N == NULL)  mont->N=BN_new();
-
-	R=mont->RR;					/* grab RR as a temp */
-	BN_copy(mont->N,mod);				/* Set N */
-
-	mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-	BN_lshift(R,BN_value_one(),mont->ri);			/* R */
-	if ((Ri=BN_mod_inverse(NULL,R,mod,ctx)) == NULL) goto err;/* Ri */
-	BN_lshift(Ri,Ri,mont->ri);				/* R*Ri */
-	bn_qsub(Ri,Ri,BN_value_one());				/* R*Ri - 1 */
-	BN_div(Ri,NULL,Ri,mod,ctx);
-	if (mont->Ni != NULL) BN_free(mont->Ni);
-	mont->Ni=Ri;					/* Ni=(R*Ri-1)/N */
-
-	/* setup RR for conversions */
-	BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
-	BN_mod(mont->RR,mont->RR,mont->N,ctx);
-
-	return(1);
-err:
-	return(0);
-	}
-
-
diff --git a/crypto/openssl/crypto/bn/test.c b/crypto/openssl/crypto/bn/test.c
deleted file mode 100644
index a048b9f878d7..000000000000
--- a/crypto/openssl/crypto/bn/test.c
+++ /dev/null
@@ -1,241 +0,0 @@
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define SIZE	32
-
-#define BN_MONT_CTX_set		bn_mcs
-#define BN_from_montgomery	bn_fm
-#define BN_mod_mul_montgomery	bn_mmm
-#undef BN_to_montgomery
-#define BN_to_montgomery(r,a,mont,ctx)	bn_mmm(\
-	r,a,(mont)->RR,(mont),ctx)
-
-main()
-	{
-	BIGNUM prime,a,b,r,A,B,R;
-	BN_MONT_CTX *mont;
-	BN_CTX *ctx;
-	int i;
-
-	ctx=BN_CTX_new();
-	BN_init(&prime);
-	BN_init(&a); BN_init(&b); BN_init(&r);
-	BN_init(&A); BN_init(&B); BN_init(&R);
-
-	BN_generate_prime(&prime,SIZE,0,NULL,NULL,NULL,NULL);
-	BN_rand(&A,SIZE,1,0);
-	BN_rand(&B,SIZE,1,0);
-	BN_mod(&A,&A,&prime,ctx);
-	BN_mod(&B,&B,&prime,ctx);
-
-	i=A.top;
-	BN_mul(&R,&A,&B,ctx);
-	BN_mask_bits(&R,i*BN_BITS2);
-
-
-	BN_print_fp(stdout,&A); printf(" <- a\n");
-	BN_print_fp(stdout,&B); printf(" <- b\n");
-	BN_mul_high(&r,&A,&B,&R,i);
-	BN_print_fp(stdout,&r); printf(" <- high(BA*DC)\n");
-
-	BN_mask_bits(&A,i*32);
-	BN_mask_bits(&B,i*32);
-
-	BN_mul(&R,&A,&B);
-	BN_rshift(&R,&R,i*32);
-	BN_print_fp(stdout,&R); printf(" <- norm BA*DC\n");
-	BN_sub(&R,&R,&r);
-	BN_print_fp(stdout,&R); printf(" <- diff\n");
-	}
-
-#if 0
-int bn_mul_high(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *low, int words)
-	{
-	int i;
-	BIGNUM t1,t2,t3,h,ah,al,bh,bl,m,s0,s1;
-
-	BN_init(&al); BN_init(&ah);
-	BN_init(&bl); BN_init(&bh);
-	BN_init(&t1); BN_init(&t2); BN_init(&t3);
-	BN_init(&s0); BN_init(&s1);
-	BN_init(&h); BN_init(&m);
-
-	i=a->top;
-	if (i >= words)
-		{
-		al.top=words;
-		ah.top=a->top-words;
-		ah.d= &(a->d[ah.top]);
-		}
-	else
-		al.top=i;
-	al.d=a->d;
-
-	i=b->top;
-	if (i >= words)
-		{
-		bl.top=words;
-		bh.top=i-words;
-		bh.d= &(b->d[bh.top]);
-		}
-	else
-		bl.top=i;
-	bl.d=b->d;
-
-	i=low->top;
-	if (i >= words)
-		{
-		s0.top=words;
-		s1.top=i-words;
-		s1.d= &(low->d[s1.top]);
-		}
-	else
-		s0.top=i;
-	s0.d=low->d;
-
-al.max=al.top; ah.max=ah.top;
-bl.max=bl.top; bh.max=bh.top;
-s0.max=bl.top; s1.max=bh.top;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	BN_sub(&t1,&al,&ah);
-	BN_sub(&t2,&bh,&bl);
-	BN_mul(&m,&t1,&t2);
-
-	/* Calculate ah*bh */
-	BN_mul(&h,&ah,&bh);
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+(al-ah)*(bh-bl)+s0)
-	 */
-	BN_add(&m,&m,&h);
-	BN_add(&t2,&m,&s0);
-	/* Quick and dirty mask off of high words */
-	t3.d=t2.d;
-	t3.top=(t2.top > words)?words:t2.top;
-	t3.neg=t2.neg;
-t3.max=t3.top;
-/* BN_print_fp(stdout,&s1); printf(" s1\n"); */
-/* BN_print_fp(stdout,&t2); printf(" middle value\n"); */
-/* BN_print_fp(stdout,&t3); printf(" low middle value\n"); */
-	BN_sub(&t1,&s1,&t3);
-
-	if (t1.neg)
-		{
-/*printf("neg fixup\n"); BN_print_fp(stdout,&t1); printf(" before\n"); */
-		BN_lshift(&t2,BN_value_one(),words*32);
-		BN_add(&t1,&t2,&t1);
-		BN_mask_bits(&t1,words*32);
-/* BN_print_fp(stdout,&t1); printf(" after\n"); */
-		}
-	/* al*bl == high(al*bl)<<words+s0 */
-	BN_lshift(&t1,&t1,words*32);
-	BN_add(&t1,&t1,&s0);
-	
-	/* We now have
-	 * al*bl			- t1
-	 * (al-ah)*(bh-bl)+ah*bh	- m
-	 * ah*bh			- h
-	 */
-	BN_copy(r,&t1);
-	BN_mask_bits(r,words*32*2);
-
-	/*BN_lshift(&m,&m,words*/
-
-	BN_free(&t1); BN_free(&t2);
-	BN_free(&m); BN_free(&h);
-	}
-
-int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_MONT_CTX *mont,
-	     BN_CTX *ctx)
-	{
-	BIGNUM *tmp;
-
-        tmp= &(ctx->bn[ctx->tos++]);
-
-	if (a == b)
-		{
-		if (!BN_sqr(tmp,a,ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mul(tmp,a,b)) goto err;
-		}
-	/* reduce from aRR to aR */
-	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ctx->tos--;
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
-	{
-	BIGNUM z1;
-	BIGNUM *t1,*t2;
-	BN_ULONG *ap,*bp,*rp;
-	int j,i,bl,al;
-
-	BN_init(&z1);
-	t1= &(ctx->bn[ctx->tos]);
-	t2= &(ctx->bn[ctx->tos+1]);
-
-	if (!BN_copy(t1,a)) goto err;
-	/* can cheat */
-	BN_mask_bits(t1,mont->ri);
-	if (!BN_mul(t2,t1,mont->Ni)) goto err;
-	BN_mask_bits(t2,mont->ri);
-
-	if (!BN_mul(t1,t2,mont->N)) goto err;
-	if (!BN_add(t2,t1,a)) goto err;
-
-	/* At this point, t2 has the bottom ri bits set to zero.
-	 * This means that the bottom ri bits == the 1^ri minus the bottom
-	 * ri bits of a.
-	 * This means that only the bits above 'ri' in a need to be added,
-	 * and XXXXXXXXXXXXXXXXXXXXXXXX
-	 */
-BN_print_fp(stdout,t2); printf("\n");
-	BN_rshift(r,t2,mont->ri);
-
-	if (BN_ucmp(r,mont->N) >= 0)
-		BN_usub(r,r,mont->N);
-
-	return(1);
-err:
-	return(0);
-	}
-
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, BIGNUM *mod, BN_CTX *ctx)
-	{
-	BIGNUM *Ri=NULL,*R=NULL;
-
-	if (mont->RR == NULL) mont->RR=BN_new();
-	if (mont->N == NULL)  mont->N=BN_new();
-
-	R=mont->RR;					/* grab RR as a temp */
-	BN_copy(mont->N,mod);				/* Set N */
-
-	mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-	BN_lshift(R,BN_value_one(),mont->ri);			/* R */
-	if ((Ri=BN_mod_inverse(NULL,R,mod,ctx)) == NULL) goto err;/* Ri */
-	BN_lshift(Ri,Ri,mont->ri);				/* R*Ri */
-	BN_usub(Ri,Ri,BN_value_one());				/* R*Ri - 1 */
-	BN_div(Ri,NULL,Ri,mod,ctx);
-	if (mont->Ni != NULL) BN_free(mont->Ni);
-	mont->Ni=Ri;					/* Ni=(R*Ri-1)/N */
-
-	/* setup RR for conversions */
-	BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
-	BN_mod(mont->RR,mont->RR,mont->N,ctx);
-
-	return(1);
-err:
-	return(0);
-	}
-
-
-#endif
diff --git a/crypto/openssl/crypto/bn/todo b/crypto/openssl/crypto/bn/todo
deleted file mode 100644
index e47e381aea13..000000000000
--- a/crypto/openssl/crypto/bn/todo
+++ /dev/null
@@ -1,3 +0,0 @@
-Cache RECP_CTX values
-make the result argument independant of the inputs.
-split up the _exp_ functions
diff --git a/crypto/openssl/crypto/buffer/Makefile.save b/crypto/openssl/crypto/buffer/Makefile.save
deleted file mode 100644
index c088ec6b3c76..000000000000
--- a/crypto/openssl/crypto/buffer/Makefile.save
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# SSLeay/crypto/buffer/Makefile
-#
-
-DIR=	buffer
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= buffer.c buf_err.c
-LIBOBJ= buffer.o buf_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= buffer.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
-buf_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslv.h
-buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-buf_err.o: ../../include/openssl/symhacks.h
-buffer.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-buffer.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-buffer.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/buffer/Makefile.ssl b/crypto/openssl/crypto/buffer/Makefile.ssl
deleted file mode 100644
index e8b6c9693a94..000000000000
--- a/crypto/openssl/crypto/buffer/Makefile.ssl
+++ /dev/null
@@ -1,94 +0,0 @@
-#
-# SSLeay/crypto/buffer/Makefile
-#
-
-DIR=	buffer
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= buffer.c buf_err.c
-LIBOBJ= buffer.o buf_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= buffer.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-buf_err.o: ../../include/openssl/symhacks.h buf_err.c
-buffer.o: ../../e_os.h ../../include/openssl/bio.h
-buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-buffer.o: ../cryptlib.h buffer.c
diff --git a/crypto/openssl/crypto/buffer/buf_err.c b/crypto/openssl/crypto/buffer/buf_err.c
deleted file mode 100644
index 5eee653e14d0..000000000000
--- a/crypto/openssl/crypto/buffer/buf_err.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/buffer/buf_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA BUF_str_functs[]=
-	{
-{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),	"BUF_MEM_grow"},
-{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0),	"BUF_MEM_new"},
-{ERR_PACK(0,BUF_F_BUF_STRDUP,0),	"BUF_strdup"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA BUF_str_reasons[]=
-	{
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_BUF_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
-		ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/buffer/buffer.c b/crypto/openssl/crypto/buffer/buffer.c
deleted file mode 100644
index d96487e7dbd0..000000000000
--- a/crypto/openssl/crypto/buffer/buffer.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/* crypto/buffer/buffer.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-
-BUF_MEM *BUF_MEM_new(void)
-	{
-	BUF_MEM *ret;
-
-	ret=OPENSSL_malloc(sizeof(BUF_MEM));
-	if (ret == NULL)
-		{
-		BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->length=0;
-	ret->max=0;
-	ret->data=NULL;
-	return(ret);
-	}
-
-void BUF_MEM_free(BUF_MEM *a)
-	{
-	if(a == NULL)
-	    return;
-
-	if (a->data != NULL)
-		{
-		memset(a->data,0,(unsigned int)a->max);
-		OPENSSL_free(a->data);
-		}
-	OPENSSL_free(a);
-	}
-
-int BUF_MEM_grow(BUF_MEM *str, int len)
-	{
-	char *ret;
-	unsigned int n;
-
-	if (str->length >= len)
-		{
-		str->length=len;
-		return(len);
-		}
-	if (str->max >= len)
-		{
-		memset(&str->data[str->length],0,len-str->length);
-		str->length=len;
-		return(len);
-		}
-	n=(len+3)/3*4;
-	if (str->data == NULL)
-		ret=OPENSSL_malloc(n);
-	else
-		ret=OPENSSL_realloc(str->data,n);
-	if (ret == NULL)
-		{
-		BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
-		len=0;
-		}
-	else
-		{
-		str->data=ret;
-		str->max=n;
-		memset(&str->data[str->length],0,len-str->length);
-		str->length=len;
-		}
-	return(len);
-	}
-
-int BUF_MEM_grow_clean(BUF_MEM *str, int len)
-	{
-	char *ret;
-	unsigned int n;
-
-	if (str->length >= len)
-		{
-		memset(&str->data[len],0,str->length-len);
-		str->length=len;
-		return(len);
-		}
-	if (str->max >= len)
-		{
-		memset(&str->data[str->length],0,len-str->length);
-		str->length=len;
-		return(len);
-		}
-	n=(len+3)/3*4;
-	if (str->data == NULL)
-		ret=OPENSSL_malloc(n);
-	else
-		ret=OPENSSL_realloc_clean(str->data,str->max,n);
-	if (ret == NULL)
-		{
-		BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
-		len=0;
-		}
-	else
-		{
-		str->data=ret;
-		str->max=n;
-		memset(&str->data[str->length],0,len-str->length);
-		str->length=len;
-		}
-	return(len);
-	}
-
-char *BUF_strdup(const char *str)
-	{
-	char *ret;
-	int n;
-
-	if (str == NULL) return(NULL);
-
-	n=strlen(str);
-	ret=OPENSSL_malloc(n+1);
-	if (ret == NULL) 
-		{
-		BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	memcpy(ret,str,n+1);
-	return(ret);
-	}
-
-size_t BUF_strlcpy(char *dst, const char *src, size_t size)
-	{
-	size_t l = 0;
-	for(; size > 1 && *src; size--)
-		{
-		*dst++ = *src++;
-		l++;
-		}
-	if (size)
-		*dst = '\0';
-	return l + strlen(src);
-	}
-
-size_t BUF_strlcat(char *dst, const char *src, size_t size)
-	{
-	size_t l = 0;
-	for(; size > 0 && *dst; size--, dst++)
-		l++;
-	return l + BUF_strlcpy(dst, src, size);
-	}
diff --git a/crypto/openssl/crypto/buffer/buffer.h b/crypto/openssl/crypto/buffer/buffer.h
deleted file mode 100644
index 465dc34f3fea..000000000000
--- a/crypto/openssl/crypto/buffer/buffer.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-#define HEADER_BUFFER_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#include <stddef.h>
-#include <sys/types.h>
-
-typedef struct buf_mem_st
-	{
-	int length;	/* current number of bytes */
-	char *data;
-	int max;	/* size of buffer */
-	} BUF_MEM;
-
-BUF_MEM *BUF_MEM_new(void);
-void	BUF_MEM_free(BUF_MEM *a);
-int	BUF_MEM_grow(BUF_MEM *str, int len);
-int	BUF_MEM_grow_clean(BUF_MEM *str, int len);
-char *	BUF_strdup(const char *str);
-
-/* safe string functions */
-size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
-size_t BUF_strlcat(char *dst,const char *src,size_t siz);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BUF_strings(void);
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-#define BUF_F_BUF_MEM_GROW				 100
-#define BUF_F_BUF_MEM_NEW				 101
-#define BUF_F_BUF_STRDUP				 102
-
-/* Reason codes. */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/cast/Makefile.save b/crypto/openssl/crypto/cast/Makefile.save
deleted file mode 100644
index 0aa1cbc55a29..000000000000
--- a/crypto/openssl/crypto/cast/Makefile.save
+++ /dev/null
@@ -1,125 +0,0 @@
-#
-# SSLeay/crypto/cast/Makefile
-#
-
-DIR=	cast
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CAST_ENC=c_enc.o
-# or use
-#CAST_ENC=asm/cx86-elf.o
-#CAST_ENC=asm/cx86-out.o
-#CAST_ENC=asm/cx86-sol.o
-#CAST_ENC=asm/cx86bdsi.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=casttest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cast.h
-HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/cx86-elf.o: asm/cx86unix.cpp
-	$(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o
-
-# solaris
-asm/cx86-sol.o: asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
-
-# a.out
-asm/cx86-out.o: asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
-
-# bsdi
-asm/cx86bsdi.o: asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
-
-asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_cfb64.o: ../../include/openssl/cast.h ../../include/openssl/e_os.h
-c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_cfb64.o: cast_lcl.h
-c_ecb.o: ../../include/openssl/cast.h ../../include/openssl/e_os.h
-c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ecb.o: ../../include/openssl/opensslv.h cast_lcl.h
-c_enc.o: ../../include/openssl/cast.h ../../include/openssl/e_os.h
-c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_enc.o: cast_lcl.h
-c_ofb64.o: ../../include/openssl/cast.h ../../include/openssl/e_os.h
-c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ofb64.o: cast_lcl.h
-c_skey.o: ../../include/openssl/cast.h ../../include/openssl/e_os.h
-c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_skey.o: cast_lcl.h cast_s.h
diff --git a/crypto/openssl/crypto/cast/Makefile.ssl b/crypto/openssl/crypto/cast/Makefile.ssl
deleted file mode 100644
index 70c47bf8e695..000000000000
--- a/crypto/openssl/crypto/cast/Makefile.ssl
+++ /dev/null
@@ -1,119 +0,0 @@
-#
-# SSLeay/crypto/cast/Makefile
-#
-
-DIR=	cast
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CAST_ENC=c_enc.o
-# or use
-#CAST_ENC=asm/cx86-elf.o
-#CAST_ENC=asm/cx86-out.o
-#CAST_ENC=asm/cx86-sol.o
-#CAST_ENC=asm/cx86bdsi.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=casttest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cast.h
-HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s)
-
-# a.out
-asm/cx86-out.o: asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
-
-# bsdi
-asm/cx86bsdi.o: asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
-
-asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
-c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_cfb64.o: c_cfb64.c cast_lcl.h
-c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
-c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
-c_enc.o: ../../e_os.h ../../include/openssl/cast.h
-c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_enc.o: c_enc.c cast_lcl.h
-c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
-c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ofb64.o: c_ofb64.c cast_lcl.h
-c_skey.o: ../../e_os.h ../../include/openssl/cast.h
-c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/crypto/openssl/crypto/cast/Makefile.uni b/crypto/openssl/crypto/cast/Makefile.uni
deleted file mode 100644
index a5870897cfa4..000000000000
--- a/crypto/openssl/crypto/cast/Makefile.uni
+++ /dev/null
@@ -1,124 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# There are 3 possible performance options, experiment :-)
-#OPTS= -DBF_PTR
-#OPTS= -DBF_PTR2
-OPTS=
-
-DIR=    cast
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-CAST_ENC=c_enc.o
-# or use
-#CAST_ENC=asm/cx86-elf.o
-#CAST_ENC=asm/cx86-out.o
-#CAST_ENC=asm/cx86-sol.o
-#CAST_ENC=asm/cx86bdsi.o
-
-CFLAGS= $(OPTS) $(INCLUDES) $(CFLAG) -DFULL_TEST
-
-GENERAL=Makefile
-TEST=casttest
-APP1=cast_spd
-APP2=castopts
-APPS=$(APP1) $(APP2)
-
-LIB=libcast.a
-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cast.h
-HEADER= cast_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-# elf
-asm/cx86-elf.o: asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
-
-# solaris
-asm/cx86-sol.o: asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
-
-# a.out
-asm/cx86-out.o: asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
-
-# bsdi
-asm/cx86bsdi.o: asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
-
-asm/cx86unix.cpp:
-	(cd asm; perl cast-586.pl cpp >cx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APP1): $(APP1).c $(LIB)
-	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
-
-$(APP2): $(APP2).c $(LIB)
-	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-x86-elf:
-	$(MAKE) CAST_ENC="asm/cx86-elf.o" CFLAG="-DELF $(CFLAGS)" all
-
-x86-out:
-	$(MAKE) CAST_ENC="asm/cx86-out.o" CFLAG="-DOUT $(CFLAGS)" all
-
-x86-solaris:
-	$(MAKE) CAST_ENC="asm/cx86-sol.o" CFLAG="-DSOL $(CFLAGS)" all
-
-x86-bdsi:
-	$(MAKE) CAST_ENC="asm/cx86-bdsi.o" CFLAG="-DBDSI $(CFLAGS)" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/cast/asm/cast-586.pl b/crypto/openssl/crypto/cast/asm/cast-586.pl
deleted file mode 100644
index 6be0bfe57245..000000000000
--- a/crypto/openssl/crypto/cast/asm/cast-586.pl
+++ /dev/null
@@ -1,176 +0,0 @@
-#!/usr/local/bin/perl
-
-# define for pentium pro friendly version
-$ppro=1;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386");
-
-$CAST_ROUNDS=16;
-$L="edi";
-$R="esi";
-$K="ebp";
-$tmp1="ecx";
-$tmp2="ebx";
-$tmp3="eax";
-$tmp4="edx";
-$S1="CAST_S_table0";
-$S2="CAST_S_table1";
-$S3="CAST_S_table2";
-$S4="CAST_S_table3";
-
-@F1=("add","xor","sub");
-@F2=("xor","sub","add");
-@F3=("sub","add","xor");
-
-&CAST_encrypt("CAST_encrypt",1);
-&CAST_encrypt("CAST_decrypt",0);
-&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
-
-&asm_finish();
-
-sub CAST_encrypt {
-    local($name,$enc)=@_;
-
-    local($win_ex)=<<"EOF";
-EXTERN	_CAST_S_table0:DWORD
-EXTERN	_CAST_S_table1:DWORD
-EXTERN	_CAST_S_table2:DWORD
-EXTERN	_CAST_S_table3:DWORD
-EOF
-    &main::external_label(
-			  "CAST_S_table0",
-			  "CAST_S_table1",
-			  "CAST_S_table2",
-			  "CAST_S_table3",
-			  );
-
-    &function_begin_B($name,$win_ex);
-
-    &comment("");
-
-    &push("ebp");
-    &push("ebx");
-    &mov($tmp2,&wparam(0));
-    &mov($K,&wparam(1));
-    &push("esi");
-    &push("edi");
-
-    &comment("Load the 2 words");
-    &mov($L,&DWP(0,$tmp2,"",0));
-    &mov($R,&DWP(4,$tmp2,"",0));
-
-    &comment('Get short key flag');
-    &mov($tmp3,&DWP(128,$K,"",0));
-    if($enc) {
-	&push($tmp3);
-    } else {
-	&or($tmp3,$tmp3);
-	&jnz(&label('cast_dec_skip'));
-    }
-
-    &xor($tmp3,	$tmp3);
-
-    # encrypting part
-
-    if ($enc) {
-	&E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&comment('test short key flag');
-	&pop($tmp4);
-	&or($tmp4,$tmp4);
-	&jnz(&label('cast_enc_done'));
-	&E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-    } else {
-	&E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&set_label('cast_dec_skip');
-	&E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-    }
-
-    &set_label('cast_enc_done') if $enc;
-# Why the nop? - Ben 17/1/99
-    &nop();
-    &mov($tmp3,&wparam(0));
-    &mov(&DWP(4,$tmp3,"",0),$L);
-    &mov(&DWP(0,$tmp3,"",0),$R);
-    &function_end($name);
-}
-
-sub E_CAST {
-    local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_;
-    # Ri needs to have 16 pre added.
-
-    &comment("round $i");
-    &mov(	$tmp4,		&DWP($i*8,$K,"",1));
-
-    &mov(	$tmp1,		&DWP($i*8+4,$K,"",1));
-    &$OP1(	$tmp4,		$R);
-
-    &rotl(	$tmp4,		&LB($tmp1));
-
-    if ($ppro) {
-	&mov(	$tmp2,		$tmp4);		# B
-	&xor(	$tmp1,		$tmp1);
-	
-	&movb(	&LB($tmp1),	&HB($tmp4));	# A
-	&and(	$tmp2,		0xff);
-
-	&shr(	$tmp4,		16); 		#
-	&xor(	$tmp3,		$tmp3);
-    } else {
-	&mov(	$tmp2,		$tmp4);		# B
-	&movb(	&LB($tmp1),	&HB($tmp4));	# A	# BAD BAD BAD
-	
-	&shr(	$tmp4,		16); 		#
-	&and(	$tmp2,		0xff);
-    }
-
-    &movb(	&LB($tmp3),	&HB($tmp4));	# C	# BAD BAD BAD
-    &and(	$tmp4,		0xff);		# D
-
-    &mov(	$tmp1,		&DWP($S1,"",$tmp1,4));
-    &mov(	$tmp2,		&DWP($S2,"",$tmp2,4));
-
-    &$OP2(	$tmp1,		$tmp2);
-    &mov(	$tmp2,		&DWP($S3,"",$tmp3,4));
-
-    &$OP3(	$tmp1,		$tmp2);
-    &mov(	$tmp2,		&DWP($S4,"",$tmp4,4));
-
-    &$OP1(	$tmp1,		$tmp2);
-    # XXX
-
-    &xor(	$L,		$tmp1);
-    # XXX
-}
-
diff --git a/crypto/openssl/crypto/cast/asm/readme b/crypto/openssl/crypto/cast/asm/readme
deleted file mode 100644
index fbcd76289e26..000000000000
--- a/crypto/openssl/crypto/cast/asm/readme
+++ /dev/null
@@ -1,7 +0,0 @@
-There is a ppro flag in cast-586 which turns on/off
-generation of pentium pro/II friendly code
-
-This flag makes the inner loop one cycle longer, but generates 
-code that runs %30 faster on the pentium pro/II, while only %7 slower
-on the pentium.  By default, this flag is on.
-
diff --git a/crypto/openssl/crypto/cast/c_cfb64.c b/crypto/openssl/crypto/cast/c_cfb64.c
deleted file mode 100644
index 514c005c325f..000000000000
--- a/crypto/openssl/crypto/cast/c_cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/cast/c_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
-			int *num, int enc)
-	{
-	register CAST_LONG v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	CAST_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=ivec;
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				CAST_encrypt((CAST_LONG *)ti,schedule);
-				iv=ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				CAST_encrypt((CAST_LONG *)ti,schedule);
-				iv=ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/cast/c_ecb.c b/crypto/openssl/crypto/cast/c_ecb.c
deleted file mode 100644
index 0b3da9ad8717..000000000000
--- a/crypto/openssl/crypto/cast/c_ecb.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/cast/c_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include <openssl/opensslv.h>
-
-const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
-
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-		      CAST_KEY *ks, int enc)
-	{
-	CAST_LONG l,d[2];
-
-	n2l(in,l); d[0]=l;
-	n2l(in,l); d[1]=l;
-	if (enc)
-		CAST_encrypt(d,ks);
-	else
-		CAST_decrypt(d,ks);
-	l=d[0]; l2n(l,out);
-	l=d[1]; l2n(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/cast/c_enc.c b/crypto/openssl/crypto/cast/c_enc.c
deleted file mode 100644
index 0fe2cffeccff..000000000000
--- a/crypto/openssl/crypto/cast/c_enc.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/cast/c_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
-	{
-	register CAST_LONG l,r,*k,t;
-
-	k= &(key->data[0]);
-	l=data[0];
-	r=data[1];
-
-	E_CAST( 0,k,l,r,+,^,-);
-	E_CAST( 1,k,r,l,^,-,+);
-	E_CAST( 2,k,l,r,-,+,^);
-	E_CAST( 3,k,r,l,+,^,-);
-	E_CAST( 4,k,l,r,^,-,+);
-	E_CAST( 5,k,r,l,-,+,^);
-	E_CAST( 6,k,l,r,+,^,-);
-	E_CAST( 7,k,r,l,^,-,+);
-	E_CAST( 8,k,l,r,-,+,^);
-	E_CAST( 9,k,r,l,+,^,-);
-	E_CAST(10,k,l,r,^,-,+);
-	E_CAST(11,k,r,l,-,+,^);
-	if(!key->short_key)
-	    {
-	    E_CAST(12,k,l,r,+,^,-);
-	    E_CAST(13,k,r,l,^,-,+);
-	    E_CAST(14,k,l,r,-,+,^);
-	    E_CAST(15,k,r,l,+,^,-);
-	    }
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-	}
-
-void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
-	{
-	register CAST_LONG l,r,*k,t;
-
-	k= &(key->data[0]);
-	l=data[0];
-	r=data[1];
-
-	if(!key->short_key)
-	    {
-	    E_CAST(15,k,l,r,+,^,-);
-	    E_CAST(14,k,r,l,-,+,^);
-	    E_CAST(13,k,l,r,^,-,+);
-	    E_CAST(12,k,r,l,+,^,-);
-	    }
-	E_CAST(11,k,l,r,-,+,^);
-	E_CAST(10,k,r,l,^,-,+);
-	E_CAST( 9,k,l,r,+,^,-);
-	E_CAST( 8,k,r,l,-,+,^);
-	E_CAST( 7,k,l,r,^,-,+);
-	E_CAST( 6,k,r,l,+,^,-);
-	E_CAST( 5,k,l,r,-,+,^);
-	E_CAST( 4,k,r,l,^,-,+);
-	E_CAST( 3,k,l,r,+,^,-);
-	E_CAST( 2,k,r,l,-,+,^);
-	E_CAST( 1,k,l,r,^,-,+);
-	E_CAST( 0,k,r,l,+,^,-);
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-	}
-
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     CAST_KEY *ks, unsigned char *iv, int enc)
-	{
-	register CAST_LONG tin0,tin1;
-	register CAST_LONG tout0,tout1,xor0,xor1;
-	register long l=length;
-	CAST_LONG tin[2];
-
-	if (enc)
-		{
-		n2l(iv,tout0);
-		n2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_encrypt(tin,ks);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_encrypt(tin,ks);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,iv);
-		l2n(tout1,iv);
-		}
-	else
-		{
-		n2l(iv,xor0);
-		n2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,iv);
-		l2n(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/cast/c_ofb64.c b/crypto/openssl/crypto/cast/c_ofb64.c
deleted file mode 100644
index fd0469a62faa..000000000000
--- a/crypto/openssl/crypto/cast/c_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/cast/c_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
-			int *num)
-	{
-	register CAST_LONG v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned char d[8];
-	register char *dp;
-	CAST_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			CAST_encrypt((CAST_LONG *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/cast/c_skey.c b/crypto/openssl/crypto/cast/c_skey.c
deleted file mode 100644
index 76e40005c998..000000000000
--- a/crypto/openssl/crypto/cast/c_skey.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* crypto/cast/c_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include "cast_s.h"
-
-#define CAST_exp(l,A,a,n) \
-	A[n/4]=l; \
-	a[n+3]=(l    )&0xff; \
-	a[n+2]=(l>> 8)&0xff; \
-	a[n+1]=(l>>16)&0xff; \
-	a[n+0]=(l>>24)&0xff;
-
-#define S4 CAST_S_table4
-#define S5 CAST_S_table5
-#define S6 CAST_S_table6
-#define S7 CAST_S_table7
-
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
-	{
-	CAST_LONG x[16];
-	CAST_LONG z[16];
-	CAST_LONG k[32];
-	CAST_LONG X[4],Z[4];
-	CAST_LONG l,*K;
-	int i;
-
-	for (i=0; i<16; i++) x[i]=0;
-	if (len > 16) len=16;
-	for (i=0; i<len; i++)
-		x[i]=data[i];
-	if(len <= 10)
-	    key->short_key=1;
-	else
-	    key->short_key=0;
-
-	K= &k[0];
-	X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
-	X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
-	X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
-	X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
-
-	for (;;)
-		{
-	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
-	CAST_exp(l,Z,z, 0);
-	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
-	CAST_exp(l,Z,z, 4);
-	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
-	CAST_exp(l,Z,z, 8);
-	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
-	CAST_exp(l,Z,z,12);
-
-	K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
-	K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
-	K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
-	K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
-
-	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
-	CAST_exp(l,X,x, 0);
-	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
-	CAST_exp(l,X,x, 4);
-	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
-	CAST_exp(l,X,x, 8);
-	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
-	CAST_exp(l,X,x,12);
-
-	K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
-	K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
-	K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
-	K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
-
-	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
-	CAST_exp(l,Z,z, 0);
-	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
-	CAST_exp(l,Z,z, 4);
-	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
-	CAST_exp(l,Z,z, 8);
-	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
-	CAST_exp(l,Z,z,12);
-
-	K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
-	K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
-	K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
-	K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
-
-	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
-	CAST_exp(l,X,x, 0);
-	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
-	CAST_exp(l,X,x, 4);
-	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
-	CAST_exp(l,X,x, 8);
-	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
-	CAST_exp(l,X,x,12);
-
-	K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
-	K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
-	K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
-	K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
-	if (K != k)  break;
-	K+=16;
-		}
-
-	for (i=0; i<16; i++)
-		{
-		key->data[i*2]=k[i];
-		key->data[i*2+1]=((k[i+16])+16)&0x1f;
-		}
-	}
-
diff --git a/crypto/openssl/crypto/cast/cast.h b/crypto/openssl/crypto/cast/cast.h
deleted file mode 100644
index b28e4e4f3b3c..000000000000
--- a/crypto/openssl/crypto/cast/cast.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/cast/cast.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-#define HEADER_CAST_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_CAST
-#error CAST is disabled.
-#endif
-
-#define CAST_ENCRYPT	1
-#define CAST_DECRYPT	0
-
-#define CAST_LONG unsigned long
-
-#define CAST_BLOCK	8
-#define CAST_KEY_LENGTH	16
-
-typedef struct cast_key_st
-	{
-	CAST_LONG data[32];
-	int short_key;	/* Use reduced rounds for short key */
-	} CAST_KEY;
-
- 
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
-		      int enc);
-void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		      CAST_KEY *ks, unsigned char *iv, int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
-			int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
-			long length, CAST_KEY *schedule, unsigned char *ivec,
-			int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/cast/cast_lcl.h b/crypto/openssl/crypto/cast/cast_lcl.h
deleted file mode 100644
index 37f41cc6a4de..000000000000
--- a/crypto/openssl/crypto/cast/cast_lcl.h
+++ /dev/null
@@ -1,232 +0,0 @@
-/* crypto/cast/cast_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-
-#include "e_os.h"
-
-#ifdef OPENSSL_SYS_WIN32
-#include <stdlib.h>
-#endif
-
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
-#define ROTL(a,n)     (_lrotl(a,n))
-#else
-#define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
-#endif
-
-#define C_M    0x3fc
-#define C_0    22L
-#define C_1    14L
-#define C_2     6L
-#define C_3     2L /* left shift */
-
-/* The rotate has an extra 16 added to it to help the x86 asm */
-#if defined(CAST_PTR)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	int i; \
-	t=(key[n*2] OP1 R)&0xffffffffL; \
-	i=key[n*2+1]; \
-	t=ROTL(t,i); \
-	L^= (((((*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table0+((t>>C_2)&C_M)) OP2 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
-	}
-#elif defined(CAST_PTR2)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	int i; \
-	CAST_LONG u,v,w; \
-	w=(key[n*2] OP1 R)&0xffffffffL; \
-	i=key[n*2+1]; \
-	w=ROTL(w,i); \
-	u=w>>C_2; \
-	v=w<<C_3; \
-	u&=C_M; \
-	v&=C_M; \
-	t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
-	u=w>>C_0; \
-	t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
-	v=w>>C_1; \
-	u&=C_M; \
-	v&=C_M; \
-	t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
-	t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
-	L^=(t&0xffffffff); \
-	}
-#else
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	CAST_LONG a,b,c,d; \
-	t=(key[n*2] OP1 R)&0xffffffff; \
-	t=ROTL(t,(key[n*2+1])); \
-	a=CAST_S_table0[(t>> 8)&0xff]; \
-	b=CAST_S_table1[(t    )&0xff]; \
-	c=CAST_S_table2[(t>>24)&0xff]; \
-	d=CAST_S_table3[(t>>16)&0xff]; \
-	L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
-	}
-#endif
-
-OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];
diff --git a/crypto/openssl/crypto/cast/cast_s.h b/crypto/openssl/crypto/cast/cast_s.h
deleted file mode 100644
index c483fd5e43e1..000000000000
--- a/crypto/openssl/crypto/cast/cast_s.h
+++ /dev/null
@@ -1,585 +0,0 @@
-/* crypto/cast/cast_s.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={
-	0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
-	0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
-	0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
-	0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
-	0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
-	0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
-	0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
-	0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
-	0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
-	0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
-	0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
-	0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
-	0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
-	0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
-	0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
-	0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
-	0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
-	0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
-	0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
-	0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
-	0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
-	0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
-	0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
-	0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
-	0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
-	0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
-	0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
-	0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
-	0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
-	0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
-	0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
-	0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
-	0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
-	0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
-	0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
-	0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
-	0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
-	0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
-	0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
-	0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
-	0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
-	0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
-	0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
-	0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
-	0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
-	0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
-	0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
-	0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
-	0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
-	0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
-	0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
-	0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
-	0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
-	0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
-	0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
-	0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
-	0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
-	0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
-	0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
-	0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
-	0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
-	0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
-	0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
-	0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={
-	0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
-	0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
-	0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
-	0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
-	0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
-	0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
-	0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
-	0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
-	0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
-	0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
-	0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
-	0x62143154,0x0d554b63,0x5d681121,0xc866c359,
-	0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
-	0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
-	0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
-	0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
-	0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
-	0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
-	0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
-	0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
-	0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
-	0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
-	0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
-	0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
-	0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
-	0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
-	0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
-	0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
-	0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
-	0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
-	0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
-	0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
-	0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
-	0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
-	0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
-	0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
-	0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
-	0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
-	0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
-	0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
-	0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
-	0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
-	0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
-	0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
-	0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
-	0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
-	0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
-	0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
-	0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
-	0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
-	0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
-	0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
-	0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
-	0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
-	0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
-	0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
-	0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
-	0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
-	0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
-	0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
-	0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
-	0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
-	0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
-	0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={
-	0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
-	0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
-	0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
-	0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
-	0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
-	0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
-	0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
-	0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
-	0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
-	0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
-	0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
-	0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
-	0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
-	0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
-	0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
-	0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
-	0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
-	0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
-	0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
-	0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
-	0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
-	0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
-	0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
-	0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
-	0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
-	0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
-	0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
-	0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
-	0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
-	0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
-	0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
-	0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
-	0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
-	0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
-	0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
-	0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
-	0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
-	0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
-	0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
-	0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
-	0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
-	0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
-	0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
-	0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
-	0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
-	0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
-	0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
-	0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
-	0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
-	0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
-	0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
-	0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
-	0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
-	0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
-	0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
-	0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
-	0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
-	0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
-	0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
-	0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
-	0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
-	0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
-	0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
-	0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={
-	0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
-	0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
-	0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
-	0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
-	0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
-	0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
-	0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
-	0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
-	0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
-	0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
-	0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
-	0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
-	0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
-	0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
-	0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
-	0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
-	0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
-	0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
-	0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
-	0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
-	0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
-	0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
-	0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
-	0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
-	0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
-	0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
-	0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
-	0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
-	0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
-	0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
-	0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
-	0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
-	0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
-	0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
-	0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
-	0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
-	0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
-	0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
-	0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
-	0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
-	0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
-	0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
-	0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
-	0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
-	0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
-	0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
-	0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
-	0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
-	0x109873f6,0x00613096,0xc32d9521,0xada121ff,
-	0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
-	0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
-	0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
-	0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
-	0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
-	0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
-	0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
-	0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
-	0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
-	0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
-	0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
-	0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
-	0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
-	0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
-	0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={
-	0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
-	0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
-	0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
-	0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
-	0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
-	0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
-	0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
-	0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
-	0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
-	0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
-	0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
-	0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
-	0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
-	0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
-	0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
-	0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
-	0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
-	0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
-	0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
-	0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
-	0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
-	0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
-	0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
-	0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
-	0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
-	0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
-	0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
-	0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
-	0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
-	0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
-	0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
-	0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
-	0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
-	0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
-	0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
-	0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
-	0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
-	0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
-	0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
-	0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
-	0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
-	0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
-	0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
-	0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
-	0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
-	0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
-	0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
-	0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
-	0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
-	0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
-	0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
-	0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
-	0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
-	0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
-	0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
-	0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
-	0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
-	0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
-	0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
-	0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
-	0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
-	0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
-	0xe822fe15,0x88570983,0x750e6249,0xda627e55,
-	0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={
-	0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
-	0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
-	0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
-	0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
-	0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
-	0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
-	0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
-	0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
-	0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
-	0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
-	0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
-	0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
-	0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
-	0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
-	0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
-	0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
-	0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
-	0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
-	0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
-	0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
-	0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
-	0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
-	0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
-	0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
-	0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
-	0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
-	0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
-	0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
-	0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
-	0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
-	0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
-	0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
-	0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
-	0x20951063,0x4576698d,0xb6fad407,0x592af950,
-	0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
-	0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
-	0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
-	0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
-	0x7dede786,0xc39a3373,0x42410005,0x6a091751,
-	0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
-	0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
-	0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
-	0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
-	0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
-	0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
-	0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
-	0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
-	0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
-	0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
-	0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
-	0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
-	0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
-	0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
-	0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
-	0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
-	0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
-	0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
-	0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
-	0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
-	0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
-	0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
-	0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
-	0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
-	0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={
-	0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
-	0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
-	0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
-	0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
-	0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
-	0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
-	0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
-	0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
-	0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
-	0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
-	0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
-	0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
-	0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
-	0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
-	0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
-	0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
-	0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
-	0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
-	0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
-	0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
-	0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
-	0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
-	0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
-	0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
-	0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
-	0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
-	0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
-	0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
-	0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
-	0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
-	0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
-	0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
-	0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
-	0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
-	0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
-	0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
-	0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
-	0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
-	0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
-	0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
-	0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
-	0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
-	0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
-	0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
-	0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
-	0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
-	0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
-	0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
-	0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
-	0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
-	0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
-	0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
-	0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
-	0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
-	0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
-	0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
-	0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
-	0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
-	0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
-	0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
-	0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
-	0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
-	0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
-	0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
-	};
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={
-	0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
-	0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
-	0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
-	0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
-	0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
-	0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
-	0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
-	0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
-	0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
-	0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
-	0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
-	0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
-	0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
-	0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
-	0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
-	0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
-	0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
-	0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
-	0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
-	0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
-	0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
-	0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
-	0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
-	0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
-	0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
-	0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
-	0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
-	0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
-	0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
-	0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
-	0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
-	0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
-	0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
-	0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
-	0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
-	0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
-	0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
-	0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
-	0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
-	0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
-	0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
-	0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
-	0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
-	0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
-	0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
-	0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
-	0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
-	0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
-	0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
-	0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
-	0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
-	0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
-	0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
-	0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
-	0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
-	0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
-	0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
-	0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
-	0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
-	0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
-	0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
-	0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
-	0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
-	0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
-	};
diff --git a/crypto/openssl/crypto/cast/cast_spd.c b/crypto/openssl/crypto/cast/cast_spd.c
deleted file mode 100644
index 76abf50d9841..000000000000
--- a/crypto/openssl/crypto/cast/cast_spd.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* crypto/cast/cast_spd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/cast.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	CAST_KEY sch;
-	double a,b,c,d;
-#ifndef SIGALRM
-	long ca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	CAST_set_key(&sch,16,key);
-	count=10;
-	do	{
-		long i;
-		CAST_LONG data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			CAST_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/512;
-	cb=count;
-	cc=count*8/BUFSIZE+1;
-	printf("Doing CAST_set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing CAST_set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		CAST_set_key(&sch,16,key);
-		CAST_set_key(&sch,16,key);
-		CAST_set_key(&sch,16,key);
-		CAST_set_key(&sch,16,key);
-		}
-	d=Time_F(STOP);
-	printf("%ld cast set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing CAST_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing CAST_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count+=4)
-		{
-		CAST_LONG data[2];
-
-		CAST_encrypt(data,&sch);
-		CAST_encrypt(data,&sch);
-		CAST_encrypt(data,&sch);
-		CAST_encrypt(data,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld CAST_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		CAST_cbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&(key[0]),CAST_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("CAST set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
-	printf("CAST cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/cast/castopts.c b/crypto/openssl/crypto/cast/castopts.c
deleted file mode 100644
index 1b858d153bb9..000000000000
--- a/crypto/openssl/crypto/cast/castopts.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/* crypto/cast/castopts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
- * This is for machines with 64k code segment size restrictions. */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/cast.h>
-
-#define CAST_DEFAULT_OPTIONS
-
-#undef E_CAST
-#define CAST_encrypt  CAST_encrypt_normal
-#define CAST_decrypt  CAST_decrypt_normal
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_normal
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-
-#define CAST_PTR
-#undef CAST_PTR2
-#undef E_CAST
-#undef CAST_encrypt
-#undef CAST_decrypt
-#undef CAST_cbc_encrypt
-#define CAST_encrypt  CAST_encrypt_ptr
-#define CAST_decrypt  CAST_decrypt_ptr
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-
-#undef CAST_PTR
-#define CAST_PTR2
-#undef E_CAST
-#undef CAST_encrypt
-#undef CAST_decrypt
-#undef CAST_cbc_encrypt
-#define CAST_encrypt  CAST_encrypt_ptr2
-#define CAST_decrypt  CAST_decrypt_ptr2
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr2
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-#ifdef SIGALRM
-#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-	
-#define time_it(func,name,index) \
-	print_name(name); \
-	Time_F(START); \
-	for (count=0,run=1; COND(cb); count+=4) \
-		{ \
-		unsigned long d[2]; \
-		func(d,&sch); \
-		func(d,&sch); \
-		func(d,&sch); \
-		func(d,&sch); \
-		} \
-	tm[index]=Time_F(STOP); \
-	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-	tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-		tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static char key[16]={	0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-				0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	CAST_KEY sch;
-	double d,tm[16],max=0;
-	int rank[16];
-	char *str[16];
-	int max_idx=0,i,num=0,j;
-#ifndef SIGALARM
-	long ca,cb,cc,cd,ce;
-#endif
-
-	for (i=0; i<12; i++)
-		{
-		tm[i]=0.0;
-		rank[i]=0;
-		}
-
-#ifndef TIMES
-	fprintf(stderr,"To get the most accurate results, try to run this\n");
-	fprintf(stderr,"program when this computer is idle.\n");
-#endif
-
-	CAST_set_key(&sch,16,key);
-
-#ifndef SIGALRM
-	fprintf(stderr,"First we calculate the approximate speed ...\n");
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			CAST_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count;
-	cb=count*3;
-	cc=count*3*8/BUFSIZE+1;
-	cd=count*8/BUFSIZE+1;
-
-	ce=count/20+1;
-#define COND(d) (count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c) (run)
-#define COUNT(d) (count)
-        signal(SIGALRM,sig_done);
-        alarm(10);
-#endif
-
-	time_it(CAST_encrypt_normal,	"CAST_encrypt_normal ", 0);
-	time_it(CAST_encrypt_ptr,	"CAST_encrypt_ptr    ", 1);
-	time_it(CAST_encrypt_ptr2,	"CAST_encrypt_ptr2   ", 2);
-	num+=3;
-
-	str[0]="<nothing>";
-	print_it("CAST_encrypt_normal ",0);
-	max=tm[0];
-	max_idx=0;
-	str[1]="ptr      ";
-	print_it("CAST_encrypt_ptr ",1);
-	if (max < tm[1]) { max=tm[1]; max_idx=1; }
-	str[2]="ptr2     ";
-	print_it("CAST_encrypt_ptr2 ",2);
-	if (max < tm[2]) { max=tm[2]; max_idx=2; }
-
-	printf("options    CAST ecb/s\n");
-	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
-	d=tm[max_idx];
-	tm[max_idx]= -2.0;
-	max= -1.0;
-	for (;;)
-		{
-		for (i=0; i<3; i++)
-			{
-			if (max < tm[i]) { max=tm[i]; j=i; }
-			}
-		if (max < 0.0) break;
-		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
-		tm[j]= -2.0;
-		max= -1.0;
-		}
-
-	switch (max_idx)
-		{
-	case 0:
-		printf("-DCAST_DEFAULT_OPTIONS\n");
-		break;
-	case 1:
-		printf("-DCAST_PTR\n");
-		break;
-	case 2:
-		printf("-DCAST_PTR2\n");
-		break;
-		}
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/cast/casts.cpp b/crypto/openssl/crypto/cast/casts.cpp
deleted file mode 100644
index 8d7bd468d229..000000000000
--- a/crypto/openssl/crypto/cast/casts.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/cast.h>
-
-void main(int argc,char *argv[])
-	{
-	CAST_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
-
-	CAST_set_key(&key, 16,d);
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			CAST_encrypt(&data[0],&key);
-			GetTSC(s1);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e2);
-			CAST_encrypt(&data[0],&key);
-			}
-
-		printf("cast %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/cast/casttest.c b/crypto/openssl/crypto/cast/casttest.c
deleted file mode 100644
index 83e5a16c73f2..000000000000
--- a/crypto/openssl/crypto/cast/casttest.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* crypto/cast/casttest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_CAST
-int main(int argc, char *argv[])
-{
-    printf("No CAST support\n");
-    return(0);
-}
-#else
-#include <openssl/cast.h>
-
-#define FULL_TEST
-
-static unsigned char k[16]={
-	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
-	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A
-	};
-
-static unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
-
-static int k_len[3]={16,10,5};
-static unsigned char c[3][8]={
-	{0x23,0x8B,0x4F,0xE5,0x84,0x7E,0x44,0xB2},
-	{0xEB,0x6A,0x71,0x1A,0x2C,0x02,0x27,0x1B},
-	{0x7A,0xC8,0x16,0xD1,0x6E,0x9B,0x30,0x2E},
-	};
-static unsigned char out[80];
-
-static unsigned char in_a[16]={
-	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
-	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
-static unsigned char in_b[16]={
-	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
-	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
-
-static unsigned char c_a[16]={
-	0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6,
-	0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92};
-static unsigned char c_b[16]={
-	0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71,
-	0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E};
-
-#if 0
-char *text="Hello to all people out there";
-
-static unsigned char cfb_key[16]={
-	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
-	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
-	};
-static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
-static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
-#define CFB_TEST_SIZE 24
-static unsigned char plain[CFB_TEST_SIZE]=
-        {
-        0x4e,0x6f,0x77,0x20,0x69,0x73,
-        0x20,0x74,0x68,0x65,0x20,0x74,
-        0x69,0x6d,0x65,0x20,0x66,0x6f,
-        0x72,0x20,0x61,0x6c,0x6c,0x20
-        };
-static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
-	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
-	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
-	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
-
-/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
-	}; 
-#endif
-
-int main(int argc, char *argv[])
-    {
-#ifdef FULL_TEST
-    long l;
-    CAST_KEY key_b;
-#endif
-    int i,z,err=0;
-    CAST_KEY key;
-
-    for (z=0; z<3; z++)
-	{
-	CAST_set_key(&key,k_len[z],k);
-
-	CAST_ecb_encrypt(in,out,&key,CAST_ENCRYPT);
-	if (memcmp(out,&(c[z][0]),8) != 0)
-	    {
-	    printf("ecb cast error encrypting for keysize %d\n",k_len[z]*8);
-	    printf("got     :");
-	    for (i=0; i<8; i++)
-		printf("%02X ",out[i]);
-	    printf("\n");
-	    printf("expected:");
-	    for (i=0; i<8; i++)
-		printf("%02X ",c[z][i]);
-	    err=20;
-	    printf("\n");
-	    }
-
-	CAST_ecb_encrypt(out,out,&key,CAST_DECRYPT);
-	if (memcmp(out,in,8) != 0)
-	    {
-	    printf("ecb cast error decrypting for keysize %d\n",k_len[z]*8);
-	    printf("got     :");
-	    for (i=0; i<8; i++)
-		printf("%02X ",out[i]);
-	    printf("\n");
-	    printf("expected:");
-	    for (i=0; i<8; i++)
-		printf("%02X ",in[i]);
-	    printf("\n");
-	    err=3;
-	    }
-	}
-    if (err == 0)
-	printf("ecb cast5 ok\n");
-
-#ifdef FULL_TEST
-      {
-      unsigned char out_a[16],out_b[16];
-      static char *hex="0123456789ABCDEF";
-      
-      printf("This test will take some time....");
-      fflush(stdout);
-      memcpy(out_a,in_a,sizeof(in_a));
-      memcpy(out_b,in_b,sizeof(in_b));
-      i=1;
-
-      for (l=0; l<1000000L; l++)
-	  {
-	  CAST_set_key(&key_b,16,out_b);
-	  CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT);
-	  CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT);
-	  CAST_set_key(&key,16,out_a);
-	  CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT);
-	  CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT);
-	  if ((l & 0xffff) == 0xffff)
-	      {
-	      printf("%c",hex[i&0x0f]);
-	      fflush(stdout);
-	      i++;
-	      }
-	  }
-
-      if (	(memcmp(out_a,c_a,sizeof(c_a)) != 0) ||
-		(memcmp(out_b,c_b,sizeof(c_b)) != 0))
-	  {
-	  printf("\n");
-	  printf("Error\n");
-
-	  printf("A out =");
-	  for (i=0; i<16; i++) printf("%02X ",out_a[i]);
-	  printf("\nactual=");
-	  for (i=0; i<16; i++) printf("%02X ",c_a[i]);
-	  printf("\n");
-
-	  printf("B out =");
-	  for (i=0; i<16; i++) printf("%02X ",out_b[i]);
-	  printf("\nactual=");
-	  for (i=0; i<16; i++) printf("%02X ",c_b[i]);
-	  printf("\n");
-	  }
-      else
-	  printf(" ok\n");
-      }
-#endif
-
-    EXIT(err);
-    return(err);
-    }
-#endif
diff --git a/crypto/openssl/crypto/comp/Makefile.save b/crypto/openssl/crypto/comp/Makefile.save
deleted file mode 100644
index ba705c2a1c3c..000000000000
--- a/crypto/openssl/crypto/comp/Makefile.save
+++ /dev/null
@@ -1,102 +0,0 @@
-#
-# SSLeay/crypto/comp/Makefile
-#
-
-DIR=	comp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= comp_lib.c \
-	c_rle.c c_zlib.c
-
-LIBOBJ=	comp_lib.o \
-	c_rle.o c_zlib.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= comp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
-c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
-c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
-comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-comp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/comp/Makefile.ssl b/crypto/openssl/crypto/comp/Makefile.ssl
deleted file mode 100644
index f60c7a1afc7b..000000000000
--- a/crypto/openssl/crypto/comp/Makefile.ssl
+++ /dev/null
@@ -1,114 +0,0 @@
-#
-# SSLeay/crypto/comp/Makefile
-#
-
-DIR=	comp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= comp_lib.c comp_err.c \
-	c_rle.c c_zlib.c
-
-LIBOBJ=	comp_lib.o comp_err.o \
-	c_rle.o c_zlib.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= comp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c
-c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_zlib.o: c_zlib.c
-comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
-comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-comp_err.o: ../../include/openssl/opensslconf.h
-comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-comp_err.o: comp_err.c
-comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
-comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-comp_lib.o: ../../include/openssl/opensslconf.h
-comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/crypto/openssl/crypto/comp/c_rle.c b/crypto/openssl/crypto/comp/c_rle.c
deleted file mode 100644
index efd366fa2239..000000000000
--- a/crypto/openssl/crypto/comp/c_rle.c
+++ /dev/null
@@ -1,62 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
-	unsigned int olen, unsigned char *in, unsigned int ilen);
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
-	unsigned int olen, unsigned char *in, unsigned int ilen);
-
-static COMP_METHOD rle_method={
-	NID_rle_compression,
-	LN_rle_compression,
-	NULL,
-	NULL,
-	rle_compress_block,
-	rle_expand_block,
-	NULL,
-	NULL,
-	};
-
-COMP_METHOD *COMP_rle(void)
-	{
-	return(&rle_method);
-	}
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
-	     unsigned int olen, unsigned char *in, unsigned int ilen)
-	{
-	/* int i; */
-
-	if (olen < (ilen+1))
-		{
-		/* ZZZZZZZZZZZZZZZZZZZZZZ */
-		return(-1);
-		}
-
-	*(out++)=0;
-	memcpy(out,in,ilen);
-	return(ilen+1);
-	}
-
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
-	     unsigned int olen, unsigned char *in, unsigned int ilen)
-	{
-	int i;
-
-	if (olen < (ilen-1))
-		{
-		/* ZZZZZZZZZZZZZZZZZZZZZZ */
-		return(-1);
-		}
-
-	i= *(in++);
-	if (i == 0)
-		{
-		memcpy(out,in,ilen-1);
-		}
-	return(ilen-1);
-	}
-
diff --git a/crypto/openssl/crypto/comp/c_zlib.c b/crypto/openssl/crypto/comp/c_zlib.c
deleted file mode 100644
index 8c0876151ac7..000000000000
--- a/crypto/openssl/crypto/comp/c_zlib.c
+++ /dev/null
@@ -1,260 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_METHOD *COMP_zlib(void );
-
-static COMP_METHOD zlib_method_nozlib={
-	NID_undef,
-	"(undef)",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	};
-
-#ifndef ZLIB
-#undef ZLIB_SHARED
-#else
-
-#include <zlib.h>
-
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
-	unsigned int olen, unsigned char *in, unsigned int ilen);
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
-	unsigned int olen, unsigned char *in, unsigned int ilen);
-
-static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source,
-	uLong sourceLen);
-
-static COMP_METHOD zlib_method={
-	NID_zlib_compression,
-	LN_zlib_compression,
-	NULL,
-	NULL,
-	zlib_compress_block,
-	zlib_expand_block,
-	NULL,
-	NULL,
-	};
-
-/* 
- * When OpenSSL is built on Windows, we do not want to require that
- * the ZLIB.DLL be available in order for the OpenSSL DLLs to
- * work.  Therefore, all ZLIB routines are loaded at run time
- * and we do not link to a .LIB file.
- */
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-# include <windows.h>
-
-# define Z_CALLCONV _stdcall
-# define ZLIB_SHARED
-#else
-# define Z_CALLCONV
-#endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */
-
-#ifdef ZLIB_SHARED
-#include <openssl/dso.h>
-
-/* Prototypes for built in stubs */
-static int stub_compress(Bytef *dest,uLongf *destLen,
-	const Bytef *source, uLong sourceLen);
-static int stub_inflateEnd(z_streamp strm);
-static int stub_inflate(z_streamp strm, int flush);
-static int stub_inflateInit_(z_streamp strm, const char * version,
-	int stream_size);
-
-/* Function pointers */
-typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen,
-	const Bytef *source, uLong sourceLen);
-typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm);
-typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush);
-typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm,
-	const char * version, int stream_size);
-static compress_ft	p_compress=NULL;
-static inflateEnd_ft	p_inflateEnd=NULL;
-static inflate_ft	p_inflate=NULL;
-static inflateInit__ft	p_inflateInit_=NULL;
-
-static int zlib_loaded = 0;     /* only attempt to init func pts once */
-static DSO *zlib_dso = NULL;
-
-#define compress                stub_compress
-#define inflateEnd              stub_inflateEnd
-#define inflate                 stub_inflate
-#define inflateInit_            stub_inflateInit_
-#endif /* ZLIB_SHARED */
-
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
-	     unsigned int olen, unsigned char *in, unsigned int ilen)
-	{
-	unsigned long l;
-	int i;
-	int clear=1;
-
-	if (ilen > 128)
-		{
-		out[0]=1;
-		l=olen-1;
-		i=compress(&(out[1]),&l,in,(unsigned long)ilen);
-		if (i != Z_OK)
-			return(-1);
-		if (ilen > l)
-			{
-			clear=0;
-			l++;
-			}
-		}
-	if (clear)
-		{
-		out[0]=0;
-		memcpy(&(out[1]),in,ilen);
-		l=ilen+1;
-		}
-#ifdef DEBUG_ZLIB
-	fprintf(stderr,"compress(%4d)->%4d %s\n",
-		ilen,(int)l,(clear)?"clear":"zlib");
-#endif
-	return((int)l);
-	}
-
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
-	     unsigned int olen, unsigned char *in, unsigned int ilen)
-	{
-	unsigned long l;
-	int i;
-
-	if (in[0])
-		{
-		l=olen;
-		i=zz_uncompress(out,&l,&(in[1]),(unsigned long)ilen-1);
-		if (i != Z_OK)
-			return(-1);
-		}
-	else
-		{
-		memcpy(out,&(in[1]),ilen-1);
-		l=ilen-1;
-		}
-#ifdef DEBUG_ZLIB
-        fprintf(stderr,"expand  (%4d)->%4d %s\n",
-		ilen,(int)l,in[0]?"zlib":"clear");
-#endif
-	return((int)l);
-	}
-
-static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source,
-	     uLong sourceLen)
-{
-    z_stream stream;
-    int err;
-
-    stream.next_in = (Bytef*)source;
-    stream.avail_in = (uInt)sourceLen;
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-
-    stream.next_out = dest;
-    stream.avail_out = (uInt)*destLen;
-    if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
-    stream.zalloc = (alloc_func)0;
-    stream.zfree = (free_func)0;
-
-    err = inflateInit(&stream);
-    if (err != Z_OK) return err;
-
-    err = inflate(&stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        inflateEnd(&stream);
-        return err;
-    }
-    *destLen = stream.total_out;
-
-    err = inflateEnd(&stream);
-    return err;
-}
-
-#endif
-
-COMP_METHOD *COMP_zlib(void)
-	{
-	COMP_METHOD *meth = &zlib_method_nozlib;
-
-#ifdef ZLIB_SHARED
-	if (!zlib_loaded)
-		{
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-		zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
-#else
-		zlib_dso = DSO_load(NULL, "z", NULL, 0);
-#endif
-		if (zlib_dso != NULL)
-			{
-			p_compress
-				= (compress_ft) DSO_bind_func(zlib_dso,
-					"compress");
-			p_inflateEnd
-				= (inflateEnd_ft) DSO_bind_func(zlib_dso,
-					"inflateEnd");
-			p_inflate
-				= (inflate_ft) DSO_bind_func(zlib_dso,
-					"inflate");
-			p_inflateInit_
-				= (inflateInit__ft) DSO_bind_func(zlib_dso,
-					"inflateInit_");
-			zlib_loaded++;
-			}
-		}
-
-#endif
-#if defined(ZLIB) || defined(ZLIB_SHARED)
-	meth = &zlib_method;
-#endif
-
-	return(meth);
-	}
-
-#ifdef ZLIB_SHARED
-/* Stubs for each function to be dynamicly loaded */
-static int 
-stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen)
-	{
-	if (p_compress)
-		return(p_compress(dest,destLen,source,sourceLen));
-	else
-		return(Z_MEM_ERROR);
-	}
-
-static int
-stub_inflateEnd(z_streamp strm)
-	{
-	if ( p_inflateEnd )
-		return(p_inflateEnd(strm));
-	else
-		return(Z_MEM_ERROR);
-	}
-
-static int
-stub_inflate(z_streamp strm, int flush)
-	{
-	if ( p_inflate )
-		return(p_inflate(strm,flush));
-	else
-		return(Z_MEM_ERROR);
-	}
-
-static int
-stub_inflateInit_(z_streamp strm, const char * version, int stream_size)
-	{
-	if ( p_inflateInit_ )
-		return(p_inflateInit_(strm,version,stream_size));
-	else
-		return(Z_MEM_ERROR);
-	}
-
-#endif /* ZLIB_SHARED */
diff --git a/crypto/openssl/crypto/comp/comp.h b/crypto/openssl/crypto/comp/comp.h
deleted file mode 100644
index ab48b78ae971..000000000000
--- a/crypto/openssl/crypto/comp/comp.h
+++ /dev/null
@@ -1,59 +0,0 @@
-
-#ifndef HEADER_COMP_H
-#define HEADER_COMP_H
-
-#include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_method_st
-	{
-	int type;		/* NID for compression library */
-	const char *name;	/* A text string to identify the library */
-	int (*init)();
-	void (*finish)();
-	int (*compress)();
-	int (*expand)();
-	long (*ctrl)();
-	long (*callback_ctrl)();
-	} COMP_METHOD;
-
-typedef struct comp_ctx_st
-	{
-	COMP_METHOD *meth;
-	unsigned long compress_in;
-	unsigned long compress_out;
-	unsigned long expand_in;
-	unsigned long expand_out;
-
-	CRYPTO_EX_DATA	ex_data;
-	} COMP_CTX;
-
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void );
-COMP_METHOD *COMP_zlib(void );
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-
-/* Reason codes. */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/comp/comp_err.c b/crypto/openssl/crypto/comp/comp_err.c
deleted file mode 100644
index 1652b8c2c4a1..000000000000
--- a/crypto/openssl/crypto/comp/comp_err.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/comp/comp_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/comp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA COMP_str_functs[]=
-	{
-{0,NULL}
-	};
-
-static ERR_STRING_DATA COMP_str_reasons[]=
-	{
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_COMP_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_COMP,COMP_str_functs);
-		ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/comp/comp_lib.c b/crypto/openssl/crypto/comp/comp_lib.c
deleted file mode 100644
index beb98ce8ccc8..000000000000
--- a/crypto/openssl/crypto/comp/comp_lib.c
+++ /dev/null
@@ -1,78 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
-	{
-	COMP_CTX *ret;
-
-	if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL)
-		{
-		/* ZZZZZZZZZZZZZZZZ */
-		return(NULL);
-		}
-	memset(ret,0,sizeof(COMP_CTX));
-	ret->meth=meth;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-#if 0
-	else
-		CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
-#endif
-	return(ret);
-	}
-
-void COMP_CTX_free(COMP_CTX *ctx)
-	{
-	/* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */
-
-	if(ctx == NULL)
-	    return;
-
-	if (ctx->meth->finish != NULL)
-		ctx->meth->finish(ctx);
-
-	OPENSSL_free(ctx);
-	}
-
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	     unsigned char *in, int ilen)
-	{
-	int ret;
-	if (ctx->meth->compress == NULL)
-		{
-		/* ZZZZZZZZZZZZZZZZZ */
-		return(-1);
-		}
-	ret=ctx->meth->compress(ctx,out,olen,in,ilen);
-	if (ret > 0)
-		{
-		ctx->compress_in+=ilen;
-		ctx->compress_out+=ret;
-		}
-	return(ret);
-	}
-
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	     unsigned char *in, int ilen)
-	{
-	int ret;
-
-	if (ctx->meth->expand == NULL)
-		{
-		/* ZZZZZZZZZZZZZZZZZ */
-		return(-1);
-		}
-	ret=ctx->meth->expand(ctx,out,olen,in,ilen);
-	if (ret > 0)
-		{
-		ctx->expand_in+=ilen;
-		ctx->expand_out+=ret;
-		}
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/conf/Makefile.save b/crypto/openssl/crypto/conf/Makefile.save
deleted file mode 100644
index a96212252a0b..000000000000
--- a/crypto/openssl/crypto/conf/Makefile.save
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# SSLeay/crypto/conf/Makefile
-#
-
-DIR=	conf
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c
-
-LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= conf.h conf_api.h
-HEADER=	conf_def.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-conf_api.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_api.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_api.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-conf_def.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
-conf_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_def.o: conf_def.h
-conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-conf_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-conf_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-conf_lib.o: ../../include/openssl/opensslconf.h
-conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/conf/Makefile.ssl b/crypto/openssl/crypto/conf/Makefile.ssl
deleted file mode 100644
index 28b3f9ac0b55..000000000000
--- a/crypto/openssl/crypto/conf/Makefile.ssl
+++ /dev/null
@@ -1,183 +0,0 @@
-#
-# SSLeay/crypto/conf/Makefile
-#
-
-DIR=	conf
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
-	 conf_mall.c conf_sap.c
-
-LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
-	conf_mall.o conf_sap.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= conf.h conf_api.h
-HEADER=	conf_def.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-conf_api.o: ../../e_os.h ../../include/openssl/bio.h
-conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
-conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_api.o: conf_api.c
-conf_def.o: ../../e_os.h ../../include/openssl/bio.h
-conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_def.o: ../cryptlib.h conf_def.c conf_def.h
-conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-conf_err.o: ../../include/openssl/opensslconf.h
-conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_err.o: conf_err.c
-conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_lib.o: conf_lib.c
-conf_mall.o: ../../e_os.h ../../include/openssl/aes.h
-conf_mall.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-conf_mall.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_mall.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-conf_mall.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-conf_mall.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-conf_mall.o: ../../include/openssl/objects.h
-conf_mall.o: ../../include/openssl/opensslconf.h
-conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-conf_mall.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-conf_mall.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-conf_mall.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
-conf_mod.o: ../../e_os.h ../../include/openssl/aes.h
-conf_mod.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-conf_mod.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_mod.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_mod.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-conf_mod.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-conf_mod.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-conf_mod.o: ../../include/openssl/opensslconf.h
-conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-conf_mod.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-conf_mod.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-conf_mod.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-conf_mod.o: ../cryptlib.h conf_mod.c
-conf_sap.o: ../../e_os.h ../../include/openssl/aes.h
-conf_sap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-conf_sap.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_sap.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-conf_sap.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-conf_sap.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-conf_sap.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-conf_sap.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-conf_sap.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/crypto/openssl/crypto/conf/README b/crypto/openssl/crypto/conf/README
deleted file mode 100644
index ca58d0240f57..000000000000
--- a/crypto/openssl/crypto/conf/README
+++ /dev/null
@@ -1,78 +0,0 @@
-WARNING WARNING WARNING!!!
-
-This stuff is experimental, may change radically or be deleted altogether
-before OpenSSL 0.9.7 release. You have been warned!
-
-Configuration modules. These are a set of modules which can perform
-various configuration functions.
-
-Currently the routines should be called at most once when an application
-starts up: that is before it starts any threads.
-
-The routines read a configuration file set up like this:
-
------
-#default section
-openssl_init=init_section
-
-[init_section]
-
-module1=value1
-#Second instance of module1
-module1.1=valueX
-module2=value2
-module3=dso_literal
-module4=dso_section
-
-[dso_section]
-
-path=/some/path/to/some/dso.so
-other_stuff=other_value
-----
-
-When this file is loaded a configuration module with the specified
-string (module* in the above example) is looked up and its init
-function called as:
-
-int conf_init_func(CONF_IMODULE *md, CONF *cnf);
-
-The function can then take whatever action is appropriate, for example
-further lookups based on the value. Multiple instances of the same 
-config module can be loaded.
-
-When the application closes down the modules are cleaned up by calling
-an optional finish function:
-
-void conf_finish_func(CONF_IMODULE *md);
-
-The finish functions are called in reverse order: that is the last module
-loaded is the first one cleaned up.
-
-If no module exists with a given name then an attempt is made to load
-a DSO with the supplied name. This might mean that "module3" attempts
-to load a DSO called libmodule3.so or module3.dll for example. An explicit
-DSO name can be given by including a separate section as in the module4 example
-above.
-
-The DSO is expected to at least contain an initialization function:
-
-int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);
-
-and may also include a finish function:
-
-void OPENSSL_finish(CONF_IMODULE *md);
-
-Static modules can also be added using,
-
-int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc);
-
-where "name" is the name in the configuration file this function corresponds to.
-
-A set of builtin modules (currently only an ASN1 non functional test module) can be 
-added by calling OPENSSL_load_builtin_modules(). 
-
-The function OPENSSL_config() is intended as a simple configuration function that
-any application can call to perform various default configuration tasks. It uses the
-file openssl.cnf in the usual locations.
-
-
diff --git a/crypto/openssl/crypto/conf/cnf_save.c b/crypto/openssl/crypto/conf/cnf_save.c
deleted file mode 100644
index 1439487526b7..000000000000
--- a/crypto/openssl/crypto/conf/cnf_save.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/conf/cnf_save.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/conf.h>
-
-static void print_conf(CONF_VALUE *cv);
-static IMPLEMENT_LHASH_DOALL_FN(print_conf, CONF_VALUE *);
-
-main()
-	{
-	LHASH *conf;
-	long l;
-
-	conf=CONF_load(NULL,"../../apps/openssl.cnf",&l);
-	if (conf == NULL)
-		{
-		fprintf(stderr,"error loading config, line %ld\n",l);
-		exit(1);
-		}
-
-	lh_doall(conf,LHASH_DOALL_FN(print_conf));
-	}
-
-
-static void print_conf(CONF_VALUE *cv)
-	{
-	int i;
-	CONF_VALUE *v;
-	char *section;
-	char *name;
-	char *value;
-	STACK *s;
-
-	/* If it is a single entry, return */
-
-	if (cv->name != NULL) return;
-
-	printf("[ %s ]\n",cv->section);
-	s=(STACK *)cv->value;
-
-	for (i=0; i<sk_num(s); i++)
-		{
-		v=(CONF_VALUE *)sk_value(s,i);
-		section=(v->section == NULL)?"None":v->section;
-		name=(v->name == NULL)?"None":v->name;
-		value=(v->value == NULL)?"None":v->value;
-		printf("%s=%s\n",name,value);
-		}
-	printf("\n");
-	}
diff --git a/crypto/openssl/crypto/conf/conf.c b/crypto/openssl/crypto/conf/conf.c
deleted file mode 100644
index 3031fa3b4490..000000000000
--- a/crypto/openssl/crypto/conf/conf.c
+++ /dev/null
@@ -1,730 +0,0 @@
-/* crypto/conf/conf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#include "conf_lcl.h"
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf);
-static void value_free_stack(CONF_VALUE *a,LHASH *conf);
-static unsigned long hash(CONF_VALUE *v);
-static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b);
-static char *eat_ws(char *p);
-static char *eat_alpha_numeric(char *p);
-static void clear_comments(char *p);
-static int str_copy(LHASH *conf,char *section,char **to, char *from);
-static char *scan_quote(char *p);
-static CONF_VALUE *new_section(LHASH *conf,char *section);
-static CONF_VALUE *get_section(LHASH *conf,char *section);
-#define scan_esc(p)	((((p)[1] == '\0')?(p++):(p+=2)),p)
-
-const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
-
-
-LHASH *CONF_load(LHASH *h, const char *file, long *line)
-	{
-	LHASH *ltmp;
-	BIO *in=NULL;
-
-#ifdef VMS
-	in=BIO_new_file(file, "r");
-#else
-	in=BIO_new_file(file, "rb");
-#endif
-	if (in == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
-		return NULL;
-		}
-
-	ltmp = CONF_load_bio(h, in, line);
-	BIO_free(in);
-
-	return ltmp;
-}
-#ifndef NO_FP_API
-LHASH *CONF_load_fp(LHASH *h, FILE *in, long *line)
-{
-	BIO *btmp;
-	LHASH *ltmp;
-	if(!(btmp = BIO_new_fp(in, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
-		return NULL;
-	}
-	ltmp = CONF_load_bio(h, btmp, line);
-	BIO_free(btmp);
-	return ltmp;
-}
-#endif
-
-LHASH *CONF_load_bio(LHASH *h, BIO *in, long *line)
-	{
-	LHASH *ret=NULL;
-#define BUFSIZE	512
-	char btmp[16];
-	int bufnum=0,i,ii;
-	BUF_MEM *buff=NULL;
-	char *s,*p,*end;
-	int again,n;
-	long eline=0;
-	CONF_VALUE *v=NULL,*vv,*tv;
-	CONF_VALUE *sv=NULL;
-	char *section=NULL,*buf;
-	STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
-	char *start,*psection,*pname;
-
-	if ((buff=BUF_MEM_new()) == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
-		goto err;
-		}
-
-	section=(char *)Malloc(10);
-	if (section == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	strcpy(section,"default");
-
-	if (h == NULL)
-		{
-		if ((ret=lh_new(hash,cmp_conf)) == NULL)
-			{
-			CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	else
-		ret=h;
-
-	sv=new_section(ret,section);
-	if (sv == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-		goto err;
-		}
-	section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
-
-	bufnum=0;
-	for (;;)
-		{
-		again=0;
-		if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
-			{
-			CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
-			goto err;
-			}
-		p= &(buff->data[bufnum]);
-		*p='\0';
-		BIO_gets(in, p, BUFSIZE-1);
-		p[BUFSIZE-1]='\0';
-		ii=i=strlen(p);
-		if (i == 0) break;
-		while (i > 0)
-			{
-			if ((p[i-1] != '\r') && (p[i-1] != '\n'))
-				break;
-			else
-				i--;
-			}
-		/* we removed some trailing stuff so there is a new
-		 * line on the end. */
-		if (i == ii)
-			again=1; /* long line */
-		else
-			{
-			p[i]='\0';
-			eline++; /* another input line */
-			}
-
-		/* we now have a line with trailing \r\n removed */
-
-		/* i is the number of bytes */
-		bufnum+=i;
-
-		v=NULL;
-		/* check for line continuation */
-		if (bufnum >= 1)
-			{
-			/* If we have bytes and the last char '\\' and
-			 * second last char is not '\\' */
-			p= &(buff->data[bufnum-1]);
-			if (	IS_ESC(p[0]) &&
-				((bufnum <= 1) || !IS_ESC(p[-1])))
-				{
-				bufnum--;
-				again=1;
-				}
-			}
-		if (again) continue;
-		bufnum=0;
-		buf=buff->data;
-
-		clear_comments(buf);
-		n=strlen(buf);
-		s=eat_ws(buf);
-		if (IS_EOF(*s)) continue; /* blank line */
-		if (*s == '[')
-			{
-			char *ss;
-
-			s++;
-			start=eat_ws(s);
-			ss=start;
-again:
-			end=eat_alpha_numeric(ss);
-			p=eat_ws(end);
-			if (*p != ']')
-				{
-				if (*p != '\0')
-					{
-					ss=p;
-					goto again;
-					}
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
-				goto err;
-				}
-			*end='\0';
-			if (!str_copy(ret,NULL,&section,start)) goto err;
-			if ((sv=get_section(ret,section)) == NULL)
-				sv=new_section(ret,section);
-			if (sv == NULL)
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-				goto err;
-				}
-			section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
-			continue;
-			}
-		else
-			{
-			pname=s;
-			psection=NULL;
-			end=eat_alpha_numeric(s);
-			if ((end[0] == ':') && (end[1] == ':'))
-				{
-				*end='\0';
-				end+=2;
-				psection=pname;
-				pname=end;
-				end=eat_alpha_numeric(end);
-				}
-			p=eat_ws(end);
-			if (*p != '=')
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-						CONF_R_MISSING_EQUAL_SIGN);
-				goto err;
-				}
-			*end='\0';
-			p++;
-			start=eat_ws(p);
-			while (!IS_EOF(*p))
-				p++;
-			p--;
-			while ((p != start) && (IS_WS(*p)))
-				p--;
-			p++;
-			*p='\0';
-
-			if (!(v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))))
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			if (psection == NULL) psection=section;
-			v->name=(char *)Malloc(strlen(pname)+1);
-			v->value=NULL;
-			if (v->name == NULL)
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			strcpy(v->name,pname);
-			if (!str_copy(ret,psection,&(v->value),start)) goto err;
-
-			if (strcmp(psection,section) != 0)
-				{
-				if ((tv=get_section(ret,psection))
-					== NULL)
-					tv=new_section(ret,psection);
-				if (tv == NULL)
-					{
-					CONFerr(CONF_F_CONF_LOAD_BIO,
-					   CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-					goto err;
-					}
-				ts=(STACK_OF(CONF_VALUE) *)tv->value;
-				}
-			else
-				{
-				tv=sv;
-				ts=section_sk;
-				}
-			v->section=tv->section;	
-			if (!sk_CONF_VALUE_push(ts,v))
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			vv=(CONF_VALUE *)lh_insert(ret,v);
-			if (vv != NULL)
-				{
-				sk_CONF_VALUE_delete_ptr(ts,vv);
-				Free(vv->name);
-				Free(vv->value);
-				Free(vv);
-				}
-			v=NULL;
-			}
-		}
-	if (buff != NULL) BUF_MEM_free(buff);
-	if (section != NULL) Free(section);
-	return(ret);
-err:
-	if (buff != NULL) BUF_MEM_free(buff);
-	if (section != NULL) Free(section);
-	if (line != NULL) *line=eline;
-	sprintf(btmp,"%ld",eline);
-	ERR_add_error_data(2,"line ",btmp);
-	if ((h != ret) && (ret != NULL)) CONF_free(ret);
-	if (v != NULL)
-		{
-		if (v->name != NULL) Free(v->name);
-		if (v->value != NULL) Free(v->value);
-		if (v != NULL) Free(v);
-		}
-	return(NULL);
-	}
-
-char *CONF_get_string(LHASH *conf, char *section, char *name)
-	{
-	CONF_VALUE *v,vv;
-	char *p;
-
-	if (name == NULL) return(NULL);
-	if (conf != NULL)
-		{
-		if (section != NULL)
-			{
-			vv.name=name;
-			vv.section=section;
-			v=(CONF_VALUE *)lh_retrieve(conf,&vv);
-			if (v != NULL) return(v->value);
-			if (strcmp(section,"ENV") == 0)
-				{
-				p=Getenv(name);
-				if (p != NULL) return(p);
-				}
-			}
-		vv.section="default";
-		vv.name=name;
-		v=(CONF_VALUE *)lh_retrieve(conf,&vv);
-		if (v != NULL)
-			return(v->value);
-		else
-			return(NULL);
-		}
-	else
-		return(Getenv(name));
-	}
-
-static CONF_VALUE *get_section(LHASH *conf, char *section)
-	{
-	CONF_VALUE *v,vv;
-
-	if ((conf == NULL) || (section == NULL)) return(NULL);
-	vv.name=NULL;
-	vv.section=section;
-	v=(CONF_VALUE *)lh_retrieve(conf,&vv);
-	return(v);
-	}
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf, char *section)
-	{
-	CONF_VALUE *v;
-
-	v=get_section(conf,section);
-	if (v != NULL)
-		return((STACK_OF(CONF_VALUE) *)v->value);
-	else
-		return(NULL);
-	}
-
-long CONF_get_number(LHASH *conf, char *section, char *name)
-	{
-	char *str;
-	long ret=0;
-
-	str=CONF_get_string(conf,section,name);
-	if (str == NULL) return(0);
-	for (;;)
-		{
-		if (IS_NUMER(*str))
-			ret=ret*10+(*str -'0');
-		else
-			return(ret);
-		str++;
-		}
-	}
-
-void CONF_free(LHASH *conf)
-	{
-	if (conf == NULL) return;
-
-	conf->down_load=0; 	/* evil thing to make sure the 'Free()'
-				 * works as expected */
-	lh_doall_arg(conf,(void (*)())value_free_hash,conf);
-
-	/* We now have only 'section' entries in the hash table.
-	 * Due to problems with */
-
-	lh_doall_arg(conf,(void (*)())value_free_stack,conf);
-	lh_free(conf);
-	}
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf)
-	{
-	if (a->name != NULL)
-		{
-		a=(CONF_VALUE *)lh_delete(conf,a);
-		}
-	}
-
-static void value_free_stack(CONF_VALUE *a, LHASH *conf)
-	{
-	CONF_VALUE *vv;
-	STACK *sk;
-	int i;
-
-	if (a->name != NULL) return;
-
-	sk=(STACK *)a->value;
-	for (i=sk_num(sk)-1; i>=0; i--)
-		{
-		vv=(CONF_VALUE *)sk_value(sk,i);
-		Free(vv->value);
-		Free(vv->name);
-		Free(vv);
-		}
-	if (sk != NULL) sk_free(sk);
-	Free(a->section);
-	Free(a);
-	}
-
-static void clear_comments(char *p)
-	{
-	char *to;
-
-	to=p;
-	for (;;)
-		{
-		if (IS_COMMENT(*p))
-			{
-			*p='\0';
-			return;
-			}
-		if (IS_QUOTE(*p))
-			{
-			p=scan_quote(p);
-			continue;
-			}
-		if (IS_ESC(*p))
-			{
-			p=scan_esc(p);
-			continue;
-			}
-		if (IS_EOF(*p))
-			return;
-		else
-			p++;
-		}
-	}
-
-static int str_copy(LHASH *conf, char *section, char **pto, char *from)
-	{
-	int q,r,rr=0,to=0,len=0;
-	char *s,*e,*rp,*p,*rrp,*np,*cp,v;
-	BUF_MEM *buf;
-
-	if ((buf=BUF_MEM_new()) == NULL) return(0);
-
-	len=strlen(from)+1;
-	if (!BUF_MEM_grow(buf,len)) goto err;
-
-	for (;;)
-		{
-		if (IS_QUOTE(*from))
-			{
-			q= *from;
-			from++;
-			while ((*from != '\0') && (*from != q))
-				{
-				if (*from == '\\')
-					{
-					from++;
-					if (*from == '\0') break;
-					}
-				buf->data[to++]= *(from++);
-				}
-			}
-		else if (*from == '\\')
-			{
-			from++;
-			v= *(from++);
-			if (v == '\0') break;
-			else if (v == 'r') v='\r';
-			else if (v == 'n') v='\n';
-			else if (v == 'b') v='\b';
-			else if (v == 't') v='\t';
-			buf->data[to++]= v;
-			}
-		else if (*from == '\0')
-			break;
-		else if (*from == '$')
-			{
-			/* try to expand it */
-			rrp=NULL;
-			s= &(from[1]);
-			if (*s == '{')
-				q='}';
-			else if (*s == '(')
-				q=')';
-			else q=0;
-
-			if (q) s++;
-			cp=section;
-			e=np=s;
-			while (IS_ALPHA_NUMERIC(*e))
-				e++;
-			if ((e[0] == ':') && (e[1] == ':'))
-				{
-				cp=np;
-				rrp=e;
-				rr= *e;
-				*rrp='\0';
-				e+=2;
-				np=e;
-				while (IS_ALPHA_NUMERIC(*e))
-					e++;
-				}
-			r= *e;
-			*e='\0';
-			rp=e;
-			if (q)
-				{
-				if (r != q)
-					{
-					CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
-					goto err;
-					}
-				e++;
-				}
-			/* So at this point we have
-			 * ns which is the start of the name string which is
-			 *   '\0' terminated. 
-			 * cs which is the start of the section string which is
-			 *   '\0' terminated.
-			 * e is the 'next point after'.
-			 * r and s are the chars replaced by the '\0'
-			 * rp and sp is where 'r' and 's' came from.
-			 */
-			p=CONF_get_string(conf,cp,np);
-			if (rrp != NULL) *rrp=rr;
-			*rp=r;
-			if (p == NULL)
-				{
-				CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
-				goto err;
-				}
-			BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
-			while (*p)
-				buf->data[to++]= *(p++);
-			from=e;
-			}
-		else
-			buf->data[to++]= *(from++);
-		}
-	buf->data[to]='\0';
-	if (*pto != NULL) Free(*pto);
-	*pto=buf->data;
-	Free(buf);
-	return(1);
-err:
-	if (buf != NULL) BUF_MEM_free(buf);
-	return(0);
-	}
-
-static char *eat_ws(char *p)
-	{
-	while (IS_WS(*p) && (!IS_EOF(*p)))
-		p++;
-	return(p);
-	}
-
-static char *eat_alpha_numeric(char *p)
-	{
-	for (;;)
-		{
-		if (IS_ESC(*p))
-			{
-			p=scan_esc(p);
-			continue;
-			}
-		if (!IS_ALPHA_NUMERIC_PUNCT(*p))
-			return(p);
-		p++;
-		}
-	}
-
-static unsigned long hash(CONF_VALUE *v)
-	{
-	return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
-	}
-
-static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b)
-	{
-	int i;
-
-	if (a->section != b->section)
-		{
-		i=strcmp(a->section,b->section);
-		if (i) return(i);
-		}
-
-	if ((a->name != NULL) && (b->name != NULL))
-		{
-		i=strcmp(a->name,b->name);
-		return(i);
-		}
-	else if (a->name == b->name)
-		return(0);
-	else
-		return((a->name == NULL)?-1:1);
-	}
-
-static char *scan_quote(char *p)
-	{
-	int q= *p;
-
-	p++;
-	while (!(IS_EOF(*p)) && (*p != q))
-		{
-		if (IS_ESC(*p))
-			{
-			p++;
-			if (IS_EOF(*p)) return(p);
-			}
-		p++;
-		}
-	if (*p == q) p++;
-	return(p);
-	}
-
-static CONF_VALUE *new_section(LHASH *conf, char *section)
-	{
-	STACK *sk=NULL;
-	int ok=0,i;
-	CONF_VALUE *v=NULL,*vv;
-
-	if ((sk=sk_new_null()) == NULL)
-		goto err;
-	if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
-		goto err;
-	i=strlen(section)+1;
-	if ((v->section=(char *)Malloc(i)) == NULL)
-		goto err;
-
-	memcpy(v->section,section,i);
-	v->name=NULL;
-	v->value=(char *)sk;
-	
-	vv=(CONF_VALUE *)lh_insert(conf,v);
-	if (vv != NULL)
-		{
-#if !defined(NO_STDIO) && !defined(WIN16)
-		fprintf(stderr,"internal fault\n");
-#endif
-		abort();
-		}
-	ok=1;
-err:
-	if (!ok)
-		{
-		if (sk != NULL) sk_free(sk);
-		if (v != NULL) Free(v);
-		v=NULL;
-		}
-	return(v);
-	}
-
-IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/crypto/openssl/crypto/conf/conf.h b/crypto/openssl/crypto/conf/conf.h
deleted file mode 100644
index f4671442ab10..000000000000
--- a/crypto/openssl/crypto/conf/conf.h
+++ /dev/null
@@ -1,250 +0,0 @@
-/* crypto/conf/conf.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_H
-#define HEADER_CONF_H
-
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct
-	{
-	char *section;
-	char *name;
-	char *value;
-	} CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
-
-struct conf_st;
-typedef struct conf_st CONF;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st
-	{
-	const char *name;
-	CONF *(*create)(CONF_METHOD *meth);
-	int (*init)(CONF *conf);
-	int (*destroy)(CONF *conf);
-	int (*destroy_data)(CONF *conf);
-	int (*load_bio)(CONF *conf, BIO *bp, long *eline);
-	int (*dump)(const CONF *conf, BIO *bp);
-	int (*is_number)(const CONF *conf, char c);
-	int (*to_int)(const CONF *conf, char c);
-	int (*load)(CONF *conf, const char *name, long *eline);
-	};
-
-/* Module definitions */
-
-typedef struct conf_imodule_st CONF_IMODULE;
-typedef struct conf_module_st CONF_MODULE;
-
-/* DSO module function typedefs */
-typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func(CONF_IMODULE *md);
-
-#define	CONF_MFLAGS_IGNORE_ERRORS	0x1
-#define CONF_MFLAGS_IGNORE_RETURN_CODES	0x2
-#define CONF_MFLAGS_SILENT		0x4
-#define CONF_MFLAGS_NO_DSO		0x8
-#define CONF_MFLAGS_IGNORE_MISSING_FILE	0x10
-
-int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf,LHASH *hash);
-LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
-#ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
-#endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section);
-char *CONF_get_string(LHASH *conf,const char *group,const char *name);
-long CONF_get_number(LHASH *conf,const char *group,const char *name);
-void CONF_free(LHASH *conf);
-int CONF_dump_fp(LHASH *conf, FILE *out);
-int CONF_dump_bio(LHASH *conf, BIO *out);
-
-void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
-
-/* New conf code.  The semantics are different from the functions above.
-   If that wasn't the case, the above functions would have been replaced */
-
-struct conf_st
-	{
-	CONF_METHOD *meth;
-	void *meth_data;
-	LHASH *data;
-	};
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
-#if 0 /* Just to give you an idea of what I have in mind */
-CONF_METHOD *NCONF_XML(void);
-#endif
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf,const char *file,long *eline);
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
-#endif
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section);
-char *NCONF_get_string(const CONF *conf,const char *group,const char *name);
-int NCONF_get_number_e(const CONF *conf,const char *group,const char *name,
-		       long *result);
-int NCONF_dump_fp(const CONF *conf, FILE *out);
-int NCONF_dump_bio(const CONF *conf, BIO *out);
-
-#if 0 /* The following function has no error checking,
-	 and should therefore be avoided */
-long NCONF_get_number(CONF *conf,char *group,char *name);
-#else
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-#endif
-  
-/* Module functions */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-		      unsigned long flags);
-int CONF_modules_load_file(const char *filename, const char *appname,
-			   unsigned long flags);
-void CONF_modules_unload(int all);
-void CONF_modules_finish(void);
-void CONF_modules_free(void);
-int CONF_module_add(const char *name, conf_init_func *ifunc,
-		    conf_finish_func *ffunc);
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md);
-const char *CONF_imodule_get_value(const CONF_IMODULE *md);
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
-void *CONF_module_get_usr_data(CONF_MODULE *pmod);
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
-
-char *CONF_get1_default_config_file(void);
-
-int CONF_parse_list(const char *list, int sep, int nospc,
-	int (*list_cb)(const char *elem, int len, void *usr), void *arg);
-
-void OPENSSL_load_builtin_modules(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CONF_strings(void);
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-#define CONF_F_CONF_DUMP_FP				 104
-#define CONF_F_CONF_LOAD				 100
-#define CONF_F_CONF_LOAD_BIO				 102
-#define CONF_F_CONF_LOAD_FP				 103
-#define CONF_F_CONF_MODULES_LOAD			 116
-#define CONF_F_MODULE_INIT				 115
-#define CONF_F_MODULE_LOAD_DSO				 117
-#define CONF_F_MODULE_RUN				 118
-#define CONF_F_NCONF_DUMP_BIO				 105
-#define CONF_F_NCONF_DUMP_FP				 106
-#define CONF_F_NCONF_GET_NUMBER				 107
-#define CONF_F_NCONF_GET_NUMBER_E			 112
-#define CONF_F_NCONF_GET_SECTION			 108
-#define CONF_F_NCONF_GET_STRING				 109
-#define CONF_F_NCONF_LOAD				 113
-#define CONF_F_NCONF_LOAD_BIO				 110
-#define CONF_F_NCONF_LOAD_FP				 114
-#define CONF_F_NCONF_NEW				 111
-#define CONF_F_STR_COPY					 101
-
-/* Reason codes. */
-#define CONF_R_ERROR_LOADING_DSO			 110
-#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
-#define CONF_R_MISSING_EQUAL_SIGN			 101
-#define CONF_R_MISSING_FINISH_FUNCTION			 111
-#define CONF_R_MISSING_INIT_FUNCTION			 112
-#define CONF_R_MODULE_INITIALIZATION_ERROR		 109
-#define CONF_R_NO_CLOSE_BRACE				 102
-#define CONF_R_NO_CONF					 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE		 106
-#define CONF_R_NO_SECTION				 107
-#define CONF_R_NO_SUCH_FILE				 114
-#define CONF_R_NO_VALUE					 108
-#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
-#define CONF_R_UNKNOWN_MODULE_NAME			 113
-#define CONF_R_VARIABLE_HAS_NO_VALUE			 104
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/conf/conf_api.c b/crypto/openssl/crypto/conf/conf_api.c
deleted file mode 100644
index 0032baa7119b..000000000000
--- a/crypto/openssl/crypto/conf/conf_api.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* conf_api.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#ifndef CONF_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <string.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include "e_os.h"
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf);
-static void value_free_stack(CONF_VALUE *a,LHASH *conf);
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE *, LHASH *)
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_stack, CONF_VALUE *, LHASH *)
-/* We don't use function pointer casting or wrapper functions - but cast each
- * callback parameter inside the callback functions. */
-/* static unsigned long hash(CONF_VALUE *v); */
-static unsigned long hash(const void *v_void);
-/* static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); */
-static int cmp_conf(const void *a_void,const void *b_void);
-
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
-	{
-	CONF_VALUE *v,vv;
-
-	if ((conf == NULL) || (section == NULL)) return(NULL);
-	vv.name=NULL;
-	vv.section=(char *)section;
-	v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
-	return(v);
-	}
-
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-					       const char *section)
-	{
-	CONF_VALUE *v;
-
-	v=_CONF_get_section(conf,section);
-	if (v != NULL)
-		return((STACK_OF(CONF_VALUE) *)v->value);
-	else
-		return(NULL);
-	}
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
-	{
-	CONF_VALUE *v = NULL;
-	STACK_OF(CONF_VALUE) *ts;
-
-	ts = (STACK_OF(CONF_VALUE) *)section->value;
-
-	value->section=section->section;	
-	if (!sk_CONF_VALUE_push(ts,value))
-		{
-		return 0;
-		}
-
-	v = (CONF_VALUE *)lh_insert(conf->data, value);
-	if (v != NULL)
-		{
-		sk_CONF_VALUE_delete_ptr(ts,v);
-		OPENSSL_free(v->name);
-		OPENSSL_free(v->value);
-		OPENSSL_free(v);
-		}
-	return 1;
-	}
-
-char *_CONF_get_string(const CONF *conf, const char *section, const char *name)
-	{
-	CONF_VALUE *v,vv;
-	char *p;
-
-	if (name == NULL) return(NULL);
-	if (conf != NULL)
-		{
-		if (section != NULL)
-			{
-			vv.name=(char *)name;
-			vv.section=(char *)section;
-			v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
-			if (v != NULL) return(v->value);
-			if (strcmp(section,"ENV") == 0)
-				{
-				p=Getenv(name);
-				if (p != NULL) return(p);
-				}
-			}
-		vv.section="default";
-		vv.name=(char *)name;
-		v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
-		if (v != NULL)
-			return(v->value);
-		else
-			return(NULL);
-		}
-	else
-		return(Getenv(name));
-	}
-
-#if 0 /* There's no way to provide error checking with this function, so
-	 force implementors of the higher levels to get a string and read
-	 the number themselves. */
-long _CONF_get_number(CONF *conf, char *section, char *name)
-	{
-	char *str;
-	long ret=0;
-
-	str=_CONF_get_string(conf,section,name);
-	if (str == NULL) return(0);
-	for (;;)
-		{
-		if (conf->meth->is_number(conf, *str))
-			ret=ret*10+conf->meth->to_int(conf, *str);
-		else
-			return(ret);
-		str++;
-		}
-	}
-#endif
-
-int _CONF_new_data(CONF *conf)
-	{
-	if (conf == NULL)
-		{
-		return 0;
-		}
-	if (conf->data == NULL)
-		if ((conf->data = lh_new(hash, cmp_conf)) == NULL)
-			{
-			return 0;
-			}
-	return 1;
-	}
-
-void _CONF_free_data(CONF *conf)
-	{
-	if (conf == NULL || conf->data == NULL) return;
-
-	conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()'
-				  * works as expected */
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_hash),
-			conf->data);
-
-	/* We now have only 'section' entries in the hash table.
-	 * Due to problems with */
-
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_stack),
-			conf->data);
-	lh_free(conf->data);
-	}
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf)
-	{
-	if (a->name != NULL)
-		{
-		a=(CONF_VALUE *)lh_delete(conf,a);
-		}
-	}
-
-static void value_free_stack(CONF_VALUE *a, LHASH *conf)
-	{
-	CONF_VALUE *vv;
-	STACK *sk;
-	int i;
-
-	if (a->name != NULL) return;
-
-	sk=(STACK *)a->value;
-	for (i=sk_num(sk)-1; i>=0; i--)
-		{
-		vv=(CONF_VALUE *)sk_value(sk,i);
-		OPENSSL_free(vv->value);
-		OPENSSL_free(vv->name);
-		OPENSSL_free(vv);
-		}
-	if (sk != NULL) sk_free(sk);
-	OPENSSL_free(a->section);
-	OPENSSL_free(a);
-	}
-
-/* static unsigned long hash(CONF_VALUE *v) */
-static unsigned long hash(const void *v_void)
-	{
-	CONF_VALUE *v = (CONF_VALUE *)v_void;
-	return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
-	}
-
-/* static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b) */
-static int cmp_conf(const void *a_void,const  void *b_void)
-	{
-	int i;
-	CONF_VALUE *a = (CONF_VALUE *)a_void;
-	CONF_VALUE *b = (CONF_VALUE *)b_void;
-
-	if (a->section != b->section)
-		{
-		i=strcmp(a->section,b->section);
-		if (i) return(i);
-		}
-
-	if ((a->name != NULL) && (b->name != NULL))
-		{
-		i=strcmp(a->name,b->name);
-		return(i);
-		}
-	else if (a->name == b->name)
-		return(0);
-	else
-		return((a->name == NULL)?-1:1);
-	}
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
-	{
-	STACK *sk=NULL;
-	int ok=0,i;
-	CONF_VALUE *v=NULL,*vv;
-
-	if ((sk=sk_new_null()) == NULL)
-		goto err;
-	if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
-		goto err;
-	i=strlen(section)+1;
-	if ((v->section=(char *)OPENSSL_malloc(i)) == NULL)
-		goto err;
-
-	memcpy(v->section,section,i);
-	v->name=NULL;
-	v->value=(char *)sk;
-	
-	vv=(CONF_VALUE *)lh_insert(conf->data,v);
-	assert(vv == NULL);
-	ok=1;
-err:
-	if (!ok)
-		{
-		if (sk != NULL) sk_free(sk);
-		if (v != NULL) OPENSSL_free(v);
-		v=NULL;
-		}
-	return(v);
-	}
-
-IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/crypto/openssl/crypto/conf/conf_api.h b/crypto/openssl/crypto/conf/conf_api.h
deleted file mode 100644
index 87a954aff63b..000000000000
--- a/crypto/openssl/crypto/conf/conf_api.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* conf_api.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_API_H
-#define HEADER_CONF_API_H
-
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-					       const char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(const CONF *conf, const char *section,
-		       const char *name);
-long _CONF_get_number(const CONF *conf, const char *section, const char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/crypto/conf/conf_def.c b/crypto/openssl/crypto/conf/conf_def.c
deleted file mode 100644
index 57d2739ae0c8..000000000000
--- a/crypto/openssl/crypto/conf/conf_def.c
+++ /dev/null
@@ -1,740 +0,0 @@
-/* crypto/conf/conf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include "conf_def.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include "cryptlib.h"
-
-static char *eat_ws(CONF *conf, char *p);
-static char *eat_alpha_numeric(CONF *conf, char *p);
-static void clear_comments(CONF *conf, char *p);
-static int str_copy(CONF *conf,char *section,char **to, char *from);
-static char *scan_quote(CONF *conf, char *p);
-static char *scan_dquote(CONF *conf, char *p);
-#define scan_esc(conf,p)	(((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
-
-static CONF *def_create(CONF_METHOD *meth);
-static int def_init_default(CONF *conf);
-static int def_init_WIN32(CONF *conf);
-static int def_destroy(CONF *conf);
-static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, const char *name, long *eline);
-static int def_load_bio(CONF *conf, BIO *bp, long *eline);
-static int def_dump(const CONF *conf, BIO *bp);
-static int def_is_number(const CONF *conf, char c);
-static int def_to_int(const CONF *conf, char c);
-
-const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD default_method = {
-	"OpenSSL default",
-	def_create,
-	def_init_default,
-	def_destroy,
-	def_destroy_data,
-	def_load_bio,
-	def_dump,
-	def_is_number,
-	def_to_int,
-	def_load
-	};
-
-static CONF_METHOD WIN32_method = {
-	"WIN32",
-	def_create,
-	def_init_WIN32,
-	def_destroy,
-	def_destroy_data,
-	def_load_bio,
-	def_dump,
-	def_is_number,
-	def_to_int,
-	def_load
-	};
-
-CONF_METHOD *NCONF_default()
-	{
-	return &default_method;
-	}
-CONF_METHOD *NCONF_WIN32()
-	{
-	return &WIN32_method;
-	}
-
-static CONF *def_create(CONF_METHOD *meth)
-	{
-	CONF *ret;
-
-	ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
-	if (ret)
-		if (meth->init(ret) == 0)
-			{
-			OPENSSL_free(ret);
-			ret = NULL;
-			}
-	return ret;
-	}
-	
-static int def_init_default(CONF *conf)
-	{
-	if (conf == NULL)
-		return 0;
-
-	conf->meth = &default_method;
-	conf->meth_data = (void *)CONF_type_default;
-	conf->data = NULL;
-
-	return 1;
-	}
-
-static int def_init_WIN32(CONF *conf)
-	{
-	if (conf == NULL)
-		return 0;
-
-	conf->meth = &WIN32_method;
-	conf->meth_data = (void *)CONF_type_win32;
-	conf->data = NULL;
-
-	return 1;
-	}
-
-static int def_destroy(CONF *conf)
-	{
-	if (def_destroy_data(conf))
-		{
-		OPENSSL_free(conf);
-		return 1;
-		}
-	return 0;
-	}
-
-static int def_destroy_data(CONF *conf)
-	{
-	if (conf == NULL)
-		return 0;
-	_CONF_free_data(conf);
-	return 1;
-	}
-
-static int def_load(CONF *conf, const char *name, long *line)
-	{
-	int ret;
-	BIO *in=NULL;
-
-#ifdef OPENSSL_SYS_VMS
-	in=BIO_new_file(name, "r");
-#else
-	in=BIO_new_file(name, "rb");
-#endif
-	if (in == NULL)
-		{
-		if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
-			CONFerr(CONF_F_CONF_LOAD,CONF_R_NO_SUCH_FILE);
-		else
-			CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
-		return 0;
-		}
-
-	ret = def_load_bio(conf, in, line);
-	BIO_free(in);
-
-	return ret;
-	}
-
-static int def_load_bio(CONF *conf, BIO *in, long *line)
-	{
-/* The macro BUFSIZE conflicts with a system macro in VxWorks */
-#define CONFBUFSIZE	512
-	int bufnum=0,i,ii;
-	BUF_MEM *buff=NULL;
-	char *s,*p,*end;
-	int again,n;
-	long eline=0;
-	char btmp[DECIMAL_SIZE(eline)+1];
-	CONF_VALUE *v=NULL,*tv;
-	CONF_VALUE *sv=NULL;
-	char *section=NULL,*buf;
-	STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
-	char *start,*psection,*pname;
-	void *h = (void *)(conf->data);
-
-	if ((buff=BUF_MEM_new()) == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
-		goto err;
-		}
-
-	section=(char *)OPENSSL_malloc(10);
-	if (section == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	strcpy(section,"default");
-
-	if (_CONF_new_data(conf) == 0)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	sv=_CONF_new_section(conf,section);
-	if (sv == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-		goto err;
-		}
-	section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
-
-	bufnum=0;
-	again=0;
-	for (;;)
-		{
-		if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE))
-			{
-			CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
-			goto err;
-			}
-		p= &(buff->data[bufnum]);
-		*p='\0';
-		BIO_gets(in, p, CONFBUFSIZE-1);
-		p[CONFBUFSIZE-1]='\0';
-		ii=i=strlen(p);
-		if (i == 0 && !again) break;
-		again=0;
-		while (i > 0)
-			{
-			if ((p[i-1] != '\r') && (p[i-1] != '\n'))
-				break;
-			else
-				i--;
-			}
-		/* we removed some trailing stuff so there is a new
-		 * line on the end. */
-		if (ii && i == ii)
-			again=1; /* long line */
-		else
-			{
-			p[i]='\0';
-			eline++; /* another input line */
-			}
-
-		/* we now have a line with trailing \r\n removed */
-
-		/* i is the number of bytes */
-		bufnum+=i;
-
-		v=NULL;
-		/* check for line continuation */
-		if (bufnum >= 1)
-			{
-			/* If we have bytes and the last char '\\' and
-			 * second last char is not '\\' */
-			p= &(buff->data[bufnum-1]);
-			if (IS_ESC(conf,p[0]) &&
-				((bufnum <= 1) || !IS_ESC(conf,p[-1])))
-				{
-				bufnum--;
-				again=1;
-				}
-			}
-		if (again) continue;
-		bufnum=0;
-		buf=buff->data;
-
-		clear_comments(conf, buf);
-		n=strlen(buf);
-		s=eat_ws(conf, buf);
-		if (IS_EOF(conf,*s)) continue; /* blank line */
-		if (*s == '[')
-			{
-			char *ss;
-
-			s++;
-			start=eat_ws(conf, s);
-			ss=start;
-again:
-			end=eat_alpha_numeric(conf, ss);
-			p=eat_ws(conf, end);
-			if (*p != ']')
-				{
-				if (*p != '\0')
-					{
-					ss=p;
-					goto again;
-					}
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
-				goto err;
-				}
-			*end='\0';
-			if (!str_copy(conf,NULL,&section,start)) goto err;
-			if ((sv=_CONF_get_section(conf,section)) == NULL)
-				sv=_CONF_new_section(conf,section);
-			if (sv == NULL)
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-				goto err;
-				}
-			section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
-			continue;
-			}
-		else
-			{
-			pname=s;
-			psection=NULL;
-			end=eat_alpha_numeric(conf, s);
-			if ((end[0] == ':') && (end[1] == ':'))
-				{
-				*end='\0';
-				end+=2;
-				psection=pname;
-				pname=end;
-				end=eat_alpha_numeric(conf, end);
-				}
-			p=eat_ws(conf, end);
-			if (*p != '=')
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-						CONF_R_MISSING_EQUAL_SIGN);
-				goto err;
-				}
-			*end='\0';
-			p++;
-			start=eat_ws(conf, p);
-			while (!IS_EOF(conf,*p))
-				p++;
-			p--;
-			while ((p != start) && (IS_WS(conf,*p)))
-				p--;
-			p++;
-			*p='\0';
-
-			if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			if (psection == NULL) psection=section;
-			v->name=(char *)OPENSSL_malloc(strlen(pname)+1);
-			v->value=NULL;
-			if (v->name == NULL)
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			strcpy(v->name,pname);
-			if (!str_copy(conf,psection,&(v->value),start)) goto err;
-
-			if (strcmp(psection,section) != 0)
-				{
-				if ((tv=_CONF_get_section(conf,psection))
-					== NULL)
-					tv=_CONF_new_section(conf,psection);
-				if (tv == NULL)
-					{
-					CONFerr(CONF_F_CONF_LOAD_BIO,
-					   CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-					goto err;
-					}
-				ts=(STACK_OF(CONF_VALUE) *)tv->value;
-				}
-			else
-				{
-				tv=sv;
-				ts=section_sk;
-				}
-#if 1
-			if (_CONF_add_string(conf, tv, v) == 0)
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-#else
-			v->section=tv->section;	
-			if (!sk_CONF_VALUE_push(ts,v))
-				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
-							ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			vv=(CONF_VALUE *)lh_insert(conf->data,v);
-			if (vv != NULL)
-				{
-				sk_CONF_VALUE_delete_ptr(ts,vv);
-				OPENSSL_free(vv->name);
-				OPENSSL_free(vv->value);
-				OPENSSL_free(vv);
-				}
-#endif
-			v=NULL;
-			}
-		}
-	if (buff != NULL) BUF_MEM_free(buff);
-	if (section != NULL) OPENSSL_free(section);
-	return(1);
-err:
-	if (buff != NULL) BUF_MEM_free(buff);
-	if (section != NULL) OPENSSL_free(section);
-	if (line != NULL) *line=eline;
-	sprintf(btmp,"%ld",eline);
-	ERR_add_error_data(2,"line ",btmp);
-	if ((h != conf->data) && (conf->data != NULL))
-		{
-		CONF_free(conf->data);
-		conf->data=NULL;
-		}
-	if (v != NULL)
-		{
-		if (v->name != NULL) OPENSSL_free(v->name);
-		if (v->value != NULL) OPENSSL_free(v->value);
-		if (v != NULL) OPENSSL_free(v);
-		}
-	return(0);
-	}
-
-static void clear_comments(CONF *conf, char *p)
-	{
-	char *to;
-
-	to=p;
-	for (;;)
-		{
-		if (IS_FCOMMENT(conf,*p))
-			{
-			*p='\0';
-			return;
-			}
-		if (!IS_WS(conf,*p))
-			{
-			break;
-			}
-		p++;
-		}
-
-	for (;;)
-		{
-		if (IS_COMMENT(conf,*p))
-			{
-			*p='\0';
-			return;
-			}
-		if (IS_DQUOTE(conf,*p))
-			{
-			p=scan_dquote(conf, p);
-			continue;
-			}
-		if (IS_QUOTE(conf,*p))
-			{
-			p=scan_quote(conf, p);
-			continue;
-			}
-		if (IS_ESC(conf,*p))
-			{
-			p=scan_esc(conf,p);
-			continue;
-			}
-		if (IS_EOF(conf,*p))
-			return;
-		else
-			p++;
-		}
-	}
-
-static int str_copy(CONF *conf, char *section, char **pto, char *from)
-	{
-	int q,r,rr=0,to=0,len=0;
-	char *s,*e,*rp,*p,*rrp,*np,*cp,v;
-	BUF_MEM *buf;
-
-	if ((buf=BUF_MEM_new()) == NULL) return(0);
-
-	len=strlen(from)+1;
-	if (!BUF_MEM_grow(buf,len)) goto err;
-
-	for (;;)
-		{
-		if (IS_QUOTE(conf,*from))
-			{
-			q= *from;
-			from++;
-			while (!IS_EOF(conf,*from) && (*from != q))
-				{
-				if (IS_ESC(conf,*from))
-					{
-					from++;
-					if (IS_EOF(conf,*from)) break;
-					}
-				buf->data[to++]= *(from++);
-				}
-			if (*from == q) from++;
-			}
-		else if (IS_DQUOTE(conf,*from))
-			{
-			q= *from;
-			from++;
-			while (!IS_EOF(conf,*from))
-				{
-				if (*from == q)
-					{
-					if (*(from+1) == q)
-						{
-						from++;
-						}
-					else
-						{
-						break;
-						}
-					}
-				buf->data[to++]= *(from++);
-				}
-			if (*from == q) from++;
-			}
-		else if (IS_ESC(conf,*from))
-			{
-			from++;
-			v= *(from++);
-			if (IS_EOF(conf,v)) break;
-			else if (v == 'r') v='\r';
-			else if (v == 'n') v='\n';
-			else if (v == 'b') v='\b';
-			else if (v == 't') v='\t';
-			buf->data[to++]= v;
-			}
-		else if (IS_EOF(conf,*from))
-			break;
-		else if (*from == '$')
-			{
-			/* try to expand it */
-			rrp=NULL;
-			s= &(from[1]);
-			if (*s == '{')
-				q='}';
-			else if (*s == '(')
-				q=')';
-			else q=0;
-
-			if (q) s++;
-			cp=section;
-			e=np=s;
-			while (IS_ALPHA_NUMERIC(conf,*e))
-				e++;
-			if ((e[0] == ':') && (e[1] == ':'))
-				{
-				cp=np;
-				rrp=e;
-				rr= *e;
-				*rrp='\0';
-				e+=2;
-				np=e;
-				while (IS_ALPHA_NUMERIC(conf,*e))
-					e++;
-				}
-			r= *e;
-			*e='\0';
-			rp=e;
-			if (q)
-				{
-				if (r != q)
-					{
-					CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
-					goto err;
-					}
-				e++;
-				}
-			/* So at this point we have
-			 * ns which is the start of the name string which is
-			 *   '\0' terminated. 
-			 * cs which is the start of the section string which is
-			 *   '\0' terminated.
-			 * e is the 'next point after'.
-			 * r and s are the chars replaced by the '\0'
-			 * rp and sp is where 'r' and 's' came from.
-			 */
-			p=_CONF_get_string(conf,cp,np);
-			if (rrp != NULL) *rrp=rr;
-			*rp=r;
-			if (p == NULL)
-				{
-				CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
-				goto err;
-				}
-			BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from)));
-			while (*p)
-				buf->data[to++]= *(p++);
-			from=e;
-			}
-		else
-			buf->data[to++]= *(from++);
-		}
-	buf->data[to]='\0';
-	if (*pto != NULL) OPENSSL_free(*pto);
-	*pto=buf->data;
-	OPENSSL_free(buf);
-	return(1);
-err:
-	if (buf != NULL) BUF_MEM_free(buf);
-	return(0);
-	}
-
-static char *eat_ws(CONF *conf, char *p)
-	{
-	while (IS_WS(conf,*p) && (!IS_EOF(conf,*p)))
-		p++;
-	return(p);
-	}
-
-static char *eat_alpha_numeric(CONF *conf, char *p)
-	{
-	for (;;)
-		{
-		if (IS_ESC(conf,*p))
-			{
-			p=scan_esc(conf,p);
-			continue;
-			}
-		if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p))
-			return(p);
-		p++;
-		}
-	}
-
-static char *scan_quote(CONF *conf, char *p)
-	{
-	int q= *p;
-
-	p++;
-	while (!(IS_EOF(conf,*p)) && (*p != q))
-		{
-		if (IS_ESC(conf,*p))
-			{
-			p++;
-			if (IS_EOF(conf,*p)) return(p);
-			}
-		p++;
-		}
-	if (*p == q) p++;
-	return(p);
-	}
-
-
-static char *scan_dquote(CONF *conf, char *p)
-	{
-	int q= *p;
-
-	p++;
-	while (!(IS_EOF(conf,*p)))
-		{
-		if (*p == q)
-			{
-			if (*(p+1) == q)
-				{
-				p++;
-				}
-			else
-				{
-				break;
-				}
-			}
-		p++;
-		}
-	if (*p == q) p++;
-	return(p);
-	}
-
-static void dump_value(CONF_VALUE *a, BIO *out)
-	{
-	if (a->name)
-		BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
-	else
-		BIO_printf(out, "[[%s]]\n", a->section);
-	}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE *, BIO *)
-
-static int def_dump(const CONF *conf, BIO *out)
-	{
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), out);
-	return 1;
-	}
-
-static int def_is_number(const CONF *conf, char c)
-	{
-	return IS_NUMBER(conf,c);
-	}
-
-static int def_to_int(const CONF *conf, char c)
-	{
-	return c - '0';
-	}
-
diff --git a/crypto/openssl/crypto/conf/conf_def.h b/crypto/openssl/crypto/conf/conf_def.h
deleted file mode 100644
index 92a7d8ad77c9..000000000000
--- a/crypto/openssl/crypto/conf/conf_def.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
-   Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER		1
-#define CONF_UPPER		2
-#define CONF_LOWER		4
-#define CONF_UNDER		256
-#define CONF_PUNCTUATION	512
-#define CONF_WS			16
-#define CONF_ESC		32
-#define CONF_QUOTE		64
-#define CONF_DQUOTE		1024
-#define CONF_COMMENT		128
-#define CONF_FCOMMENT		2048
-#define CONF_EOF		8
-#define CONF_HIGHBIT		4096
-#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
-					CONF_PUNCTUATION)
-
-#define KEYTYPES(c)		((unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
-				(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-
-#else /*CHARSET_EBCDIC*/
-
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
-				(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
-#endif /*CHARSET_EBCDIC*/
-
-static unsigned short CONF_type_default[256]={
-	0x0008,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0000,0x0010,0x0010,0x0000,0x0000,0x0010,0x0000,0x0000,
-	0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0010,0x0200,0x0040,0x0080,0x0000,0x0200,0x0200,0x0040,
-	0x0000,0x0000,0x0200,0x0200,0x0200,0x0200,0x0200,0x0200,
-	0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,
-	0x0001,0x0001,0x0000,0x0200,0x0000,0x0000,0x0000,0x0200,
-	0x0200,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0000,0x0020,0x0000,0x0200,0x0100,
-	0x0040,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0000,0x0200,0x0000,0x0200,0x0000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	};
-
-static unsigned short CONF_type_win32[256]={
-	0x0008,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0000,0x0010,0x0010,0x0000,0x0000,0x0010,0x0000,0x0000,
-	0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
-	0x0010,0x0200,0x0400,0x0000,0x0000,0x0200,0x0200,0x0000,
-	0x0000,0x0000,0x0200,0x0200,0x0200,0x0200,0x0200,0x0200,
-	0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,0x0001,
-	0x0001,0x0001,0x0000,0x0A00,0x0000,0x0000,0x0000,0x0200,
-	0x0200,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,0x0002,
-	0x0002,0x0002,0x0002,0x0000,0x0000,0x0000,0x0200,0x0100,
-	0x0000,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,0x0004,
-	0x0004,0x0004,0x0004,0x0000,0x0200,0x0000,0x0200,0x0000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,0x1000,
-	};
-
diff --git a/crypto/openssl/crypto/conf/conf_err.c b/crypto/openssl/crypto/conf/conf_err.c
deleted file mode 100644
index ee07bfe9d932..000000000000
--- a/crypto/openssl/crypto/conf/conf_err.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* crypto/conf/conf_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CONF_str_functs[]=
-	{
-{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0),	"CONF_dump_fp"},
-{ERR_PACK(0,CONF_F_CONF_LOAD,0),	"CONF_load"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0),	"CONF_load_bio"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0),	"CONF_load_fp"},
-{ERR_PACK(0,CONF_F_CONF_MODULES_LOAD,0),	"CONF_modules_load"},
-{ERR_PACK(0,CONF_F_MODULE_INIT,0),	"MODULE_INIT"},
-{ERR_PACK(0,CONF_F_MODULE_LOAD_DSO,0),	"MODULE_LOAD_DSO"},
-{ERR_PACK(0,CONF_F_MODULE_RUN,0),	"MODULE_RUN"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0),	"NCONF_dump_bio"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0),	"NCONF_dump_fp"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0),	"NCONF_get_number"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER_E,0),	"NCONF_get_number_e"},
-{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0),	"NCONF_get_section"},
-{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0),	"NCONF_get_string"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD,0),	"NCONF_load"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0),	"NCONF_load_bio"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_FP,0),	"NCONF_load_fp"},
-{ERR_PACK(0,CONF_F_NCONF_NEW,0),	"NCONF_new"},
-{ERR_PACK(0,CONF_F_STR_COPY,0),	"STR_COPY"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA CONF_str_reasons[]=
-	{
-{CONF_R_ERROR_LOADING_DSO                ,"error loading dso"},
-{CONF_R_MISSING_CLOSE_SQUARE_BRACKET     ,"missing close square bracket"},
-{CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
-{CONF_R_MISSING_FINISH_FUNCTION          ,"missing finish function"},
-{CONF_R_MISSING_INIT_FUNCTION            ,"missing init function"},
-{CONF_R_MODULE_INITIALIZATION_ERROR      ,"module initialization error"},
-{CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
-{CONF_R_NO_CONF                          ,"no conf"},
-{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE  ,"no conf or environment variable"},
-{CONF_R_NO_SECTION                       ,"no section"},
-{CONF_R_NO_SUCH_FILE                     ,"no such file"},
-{CONF_R_NO_VALUE                         ,"no value"},
-{CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
-{CONF_R_UNKNOWN_MODULE_NAME              ,"unknown module name"},
-{CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_CONF_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
-		ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/conf/conf_lcl.h b/crypto/openssl/crypto/conf/conf_lcl.h
deleted file mode 100644
index f9a015df579e..000000000000
--- a/crypto/openssl/crypto/conf/conf_lcl.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/conf/conf_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define CONF_NUMBER		1
-#define CONF_UPPER		2
-#define CONF_LOWER		4
-#define CONF_UNDER		256
-#define CONF_PUNCTUATION	512
-#define CONF_WS			16
-#define CONF_ESC		32
-#define CONF_QUOTE		64
-#define CONF_COMMENT		128
-#define CONF_EOF		8
-#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
-					CONF_PUNCTUATION)
-
-#ifndef CHARSET_EBCDIC
-#define IS_COMMENT(a)		(CONF_COMMENT&(CONF_type[(a)&0x7f]))
-#define IS_EOF(a)		((a) == '\0')
-#define IS_ESC(a)		((a) == '\\')
-#define IS_NUMER(a)		(CONF_type[(a)&0x7f]&CONF_NUMBER)
-#define IS_WS(a)		(CONF_type[(a)&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(a)	(CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(a) \
-				(CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(a)		(CONF_type[(a)&0x7f]&CONF_QUOTE)
-
-#else /*CHARSET_EBCDIC*/
-
-#define IS_COMMENT(a)		(CONF_COMMENT&(CONF_type[os_toascii[a]&0x7f]))
-#define IS_EOF(a)		(os_toascii[a] == '\0')
-#define IS_ESC(a)		(os_toascii[a] == '\\')
-#define IS_NUMER(a)		(CONF_type[os_toascii[a]&0x7f]&CONF_NUMBER)
-#define IS_WS(a)		(CONF_type[os_toascii[a]&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(a)	(CONF_type[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(a) \
-				(CONF_type[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(a)		(CONF_type[os_toascii[a]&0x7f]&CONF_QUOTE)
-#endif /*CHARSET_EBCDIC*/
-
-static unsigned short CONF_type[128]={
-	0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
-	0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
-	0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
-	0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
-	0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040,
-	0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
-	0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
-	0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200,
-	0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
-	0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
-	0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
-	0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100,
-	0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
-	0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
-	0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
-	0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
-	};
-
diff --git a/crypto/openssl/crypto/conf/conf_lib.c b/crypto/openssl/crypto/conf/conf_lib.c
deleted file mode 100644
index 6a3cf109ddc5..000000000000
--- a/crypto/openssl/crypto/conf/conf_lib.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/* conf_lib.c */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include <openssl/lhash.h>
-
-const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD *default_CONF_method=NULL;
-
-/* Init a 'CONF' structure from an old LHASH */
-
-void CONF_set_nconf(CONF *conf, LHASH *hash)
-	{
-	if (default_CONF_method == NULL)
-		default_CONF_method = NCONF_default();
-
-	default_CONF_method->init(conf);
-	conf->data = hash;
-	}
-
-/* The following section contains the "CONF classic" functions,
-   rewritten in terms of the new CONF interface. */
-
-int CONF_set_default_method(CONF_METHOD *meth)
-	{
-	default_CONF_method = meth;
-	return 1;
-	}
-
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
-	{
-	LHASH *ltmp;
-	BIO *in=NULL;
-
-#ifdef OPENSSL_SYS_VMS
-	in=BIO_new_file(file, "r");
-#else
-	in=BIO_new_file(file, "rb");
-#endif
-	if (in == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
-		return NULL;
-		}
-
-	ltmp = CONF_load_bio(conf, in, eline);
-	BIO_free(in);
-
-	return ltmp;
-	}
-
-#ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
-	{
-	BIO *btmp;
-	LHASH *ltmp;
-	if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
-		return NULL;
-	}
-	ltmp = CONF_load_bio(conf, btmp, eline);
-	BIO_free(btmp);
-	return ltmp;
-	}
-#endif
-
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
-	{
-	CONF ctmp;
-	int ret;
-
-	CONF_set_nconf(&ctmp, conf);
-
-	ret = NCONF_load_bio(&ctmp, bp, eline);
-	if (ret)
-		return ctmp.data;
-	return NULL;
-	}
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section)
-	{
-	if (conf == NULL)
-		{
-		return NULL;
-		}
-	else
-		{
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		return NCONF_get_section(&ctmp, section);
-		}
-	}
-
-char *CONF_get_string(LHASH *conf,const char *group,const char *name)
-	{
-	if (conf == NULL)
-		{
-		return NCONF_get_string(NULL, group, name);
-		}
-	else
-		{
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		return NCONF_get_string(&ctmp, group, name);
-		}
-	}
-
-long CONF_get_number(LHASH *conf,const char *group,const char *name)
-	{
-	int status;
-	long result = 0;
-
-	if (conf == NULL)
-		{
-		status = NCONF_get_number_e(NULL, group, name, &result);
-		}
-	else
-		{
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		status = NCONF_get_number_e(&ctmp, group, name, &result);
-		}
-
-	if (status == 0)
-		{
-		/* This function does not believe in errors... */
-		ERR_get_error();
-		}
-	return result;
-	}
-
-void CONF_free(LHASH *conf)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	NCONF_free_data(&ctmp);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int CONF_dump_fp(LHASH *conf, FILE *out)
-	{
-	BIO *btmp;
-	int ret;
-
-	if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_CONF_DUMP_FP,ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = CONF_dump_bio(conf, btmp);
-	BIO_free(btmp);
-	return ret;
-	}
-#endif
-
-int CONF_dump_bio(LHASH *conf, BIO *out)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return NCONF_dump_bio(&ctmp, out);
-	}
-
-/* The following section contains the "New CONF" functions.  They are
-   completely centralised around a new CONF structure that may contain
-   basically anything, but at least a method pointer and a table of data.
-   These functions are also written in terms of the bridge functions used
-   by the "CONF classic" functions, for consistency.  */
-
-CONF *NCONF_new(CONF_METHOD *meth)
-	{
-	CONF *ret;
-
-	if (meth == NULL)
-		meth = NCONF_default();
-
-	ret = meth->create(meth);
-	if (ret == NULL)
-		{
-		CONFerr(CONF_F_NCONF_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-
-	return ret;
-	}
-
-void NCONF_free(CONF *conf)
-	{
-	if (conf == NULL)
-		return;
-	conf->meth->destroy(conf);
-	}
-
-void NCONF_free_data(CONF *conf)
-	{
-	if (conf == NULL)
-		return;
-	conf->meth->destroy_data(conf);
-	}
-
-int NCONF_load(CONF *conf, const char *file, long *eline)
-	{
-	if (conf == NULL)
-		{
-		CONFerr(CONF_F_NCONF_LOAD,CONF_R_NO_CONF);
-		return 0;
-		}
-
-	return conf->meth->load(conf, file, eline);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline)
-	{
-	BIO *btmp;
-	int ret;
-	if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE)))
-		{
-		CONFerr(CONF_F_NCONF_LOAD_FP,ERR_R_BUF_LIB);
-		return 0;
-		}
-	ret = NCONF_load_bio(conf, btmp, eline);
-	BIO_free(btmp);
-	return ret;
-	}
-#endif
-
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline)
-	{
-	if (conf == NULL)
-		{
-		CONFerr(CONF_F_NCONF_LOAD_BIO,CONF_R_NO_CONF);
-		return 0;
-		}
-
-	return conf->meth->load_bio(conf, bp, eline);
-	}
-
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section)
-	{
-	if (conf == NULL)
-		{
-		CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_CONF);
-		return NULL;
-		}
-
-	if (section == NULL)
-		{
-		CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
-		return NULL;
-		}
-
-	return _CONF_get_section_values(conf, section);
-	}
-
-char *NCONF_get_string(const CONF *conf,const char *group,const char *name)
-	{
-	char *s = _CONF_get_string(conf, group, name);
-
-        /* Since we may get a value from an environment variable even
-           if conf is NULL, let's check the value first */
-        if (s) return s;
-
-	if (conf == NULL)
-		{
-		CONFerr(CONF_F_NCONF_GET_STRING,
-                        CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
-		return NULL;
-		}
-	CONFerr(CONF_F_NCONF_GET_STRING,
-		CONF_R_NO_VALUE);
-	ERR_add_error_data(4,"group=",group," name=",name);
-	return NULL;
-	}
-
-int NCONF_get_number_e(const CONF *conf,const char *group,const char *name,
-		       long *result)
-	{
-	char *str;
-
-	if (result == NULL)
-		{
-		CONFerr(CONF_F_NCONF_GET_NUMBER_E,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-
-	str = NCONF_get_string(conf,group,name);
-
-	if (str == NULL)
-		return 0;
-
-	for (*result = 0;conf->meth->is_number(conf, *str);)
-		{
-		*result = (*result)*10 + conf->meth->to_int(conf, *str);
-		str++;
-		}
-
-	return 1;
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_dump_fp(const CONF *conf, FILE *out)
-	{
-	BIO *btmp;
-	int ret;
-	if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_NCONF_DUMP_FP,ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = NCONF_dump_bio(conf, btmp);
-	BIO_free(btmp);
-	return ret;
-	}
-#endif
-
-int NCONF_dump_bio(const CONF *conf, BIO *out)
-	{
-	if (conf == NULL)
-		{
-		CONFerr(CONF_F_NCONF_DUMP_BIO,CONF_R_NO_CONF);
-		return 0;
-		}
-
-	return conf->meth->dump(conf, out);
-	}
-
-
-/* This function should be avoided */
-#if 0
-long NCONF_get_number(CONF *conf,char *group,char *name)
-	{
-	int status;
-	long ret=0;
-
-	status = NCONF_get_number_e(conf, group, name, &ret);
-	if (status == 0)
-		{
-		/* This function does not believe in errors... */
-		ERR_get_error();
-		}
-	return ret;
-	}
-#endif
diff --git a/crypto/openssl/crypto/conf/conf_mall.c b/crypto/openssl/crypto/conf/conf_mall.c
deleted file mode 100644
index 4ba40cf44cc6..000000000000
--- a/crypto/openssl/crypto/conf/conf_mall.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* conf_mall.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* Load all OpenSSL builtin modules */
-
-void OPENSSL_load_builtin_modules(void)
-	{
-	/* Add builtin modules here */
-	ASN1_add_oid_module();
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_add_conf_module();
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/conf/conf_mod.c b/crypto/openssl/crypto/conf/conf_mod.c
deleted file mode 100644
index edcc08921c2f..000000000000
--- a/crypto/openssl/crypto/conf/conf_mod.c
+++ /dev/null
@@ -1,616 +0,0 @@
-/* conf_mod.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-
-
-#define DSO_mod_init_name "OPENSSL_init"
-#define DSO_mod_finish_name "OPENSSL_finish"
-
-
-/* This structure contains a data about supported modules.
- * entries in this table correspond to either dynamic or
- * static modules.
- */
-
-struct conf_module_st
-	{
-	/* DSO of this module or NULL if static */
-	DSO *dso;
-	/* Name of the module */
-	char *name;
-	/* Init function */
-	conf_init_func *init; 
-	/* Finish function */
-	conf_finish_func *finish;
-	/* Number of successfully initialized modules */
-	int links;
-	void *usr_data;
-	};
-
-
-/* This structure contains information about modules that have been
- * successfully initialized. There may be more than one entry for a
- * given module.
- */
-
-struct conf_imodule_st
-	{
-	CONF_MODULE *pmod;
-	char *name;
-	char *value;
-	unsigned long flags;
-	void *usr_data;
-	};
-
-static STACK_OF(CONF_MODULE) *supported_modules = NULL;
-static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
-
-static void module_free(CONF_MODULE *md);
-static void module_finish(CONF_IMODULE *imod);
-static int module_run(const CONF *cnf, char *name, char *value,
-					  unsigned long flags);
-static CONF_MODULE *module_add(DSO *dso, const char *name,
-			conf_init_func *ifunc, conf_finish_func *ffunc);
-static CONF_MODULE *module_find(char *name);
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
-					   const CONF *cnf);
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
-									unsigned long flags);
-
-/* Main function: load modules from a CONF structure */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-		      unsigned long flags)
-	{
-	STACK_OF(CONF_VALUE) *values;
-	CONF_VALUE *vl;
-	char *vsection;
-
-	int ret, i;
-
-	if (!cnf)
-		return 1;
-
-	if (appname == NULL)
-		appname = "openssl_conf";
-
-	vsection = NCONF_get_string(cnf, NULL, appname); 
-
-	if (!vsection)
-		{
-		ERR_clear_error();
-		return 1;
-		}
-
-	values = NCONF_get_section(cnf, vsection);
-
-	if (!values)
-		return 0;
-
-	for (i = 0; i < sk_CONF_VALUE_num(values); i++)
-		{
-		vl = sk_CONF_VALUE_value(values, i);
-		ret = module_run(cnf, vl->name, vl->value, flags);
-		if (ret <= 0)
-			if(!(flags & CONF_MFLAGS_IGNORE_ERRORS))
-				return ret;
-		}
-
-	return 1;
-
-	}
-
-int CONF_modules_load_file(const char *filename, const char *appname,
-			   unsigned long flags)
-	{
-	char *file = NULL;
-	CONF *conf = NULL;
-	int ret = 0;
-	conf = NCONF_new(NULL);
-	if (!conf)
-		goto err;
-
-	if (filename == NULL)
-		{
-		file = CONF_get1_default_config_file();
-		if (!file)
-			goto err;
-		}
-	else
-		file = (char *)filename;
-
-	if (NCONF_load(conf, file, NULL) <= 0)
-		{
-		if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
-		  (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE))
-			{
-			ERR_clear_error();
-			ret = 1;
-			}
-		goto err;
-		}
-
-	ret = CONF_modules_load(conf, appname, flags);
-
-	err:
-	if (filename == NULL)
-		OPENSSL_free(file);
-	NCONF_free(conf);
-
-	return ret;
-	}
-
-static int module_run(const CONF *cnf, char *name, char *value,
-		      unsigned long flags)
-	{
-	CONF_MODULE *md;
-	int ret;
-
-	md = module_find(name);
-
-	/* Module not found: try to load DSO */
-	if (!md && !(flags & CONF_MFLAGS_NO_DSO))
-		md = module_load_dso(cnf, name, value, flags);
-
-	if (!md)
-		{
-		if (!(flags & CONF_MFLAGS_SILENT))
-			{
-			CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
-			ERR_add_error_data(2, "module=", name);
-			}
-		return -1;
-		}
-
-	ret = module_init(md, name, value, cnf);
-
-	if (ret <= 0)
-		{
-		if (!(flags & CONF_MFLAGS_SILENT))
-			{
-			char rcode[DECIMAL_SIZE(ret)+1];
-			CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
-			sprintf(rcode, "%-8d", ret);
-			ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
-			}
-		}
-
-	return ret;
-	}
-
-/* Load a module from a DSO */
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
-				    unsigned long flags)
-	{
-	DSO *dso = NULL;
-	conf_init_func *ifunc;
-	conf_finish_func *ffunc;
-	char *path = NULL;
-	int errcode = 0;
-	CONF_MODULE *md;
-	/* Look for alternative path in module section */
-	path = NCONF_get_string(cnf, value, "path");
-	if (!path)
-		{
-		ERR_get_error();
-		path = name;
-		}
-	dso = DSO_load(NULL, path, NULL, 0);
-	if (!dso)
-		{
-		errcode = CONF_R_ERROR_LOADING_DSO;
-		goto err;
-		}
-        ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
-	if (!ifunc)
-		{
-		errcode = CONF_R_MISSING_INIT_FUNCTION;
-		goto err;
-		}
-        ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
-	/* All OK, add module */
-	md = module_add(dso, name, ifunc, ffunc);
-
-	if (!md)
-		goto err;
-
-	return md;
-
-	err:
-	if (dso)
-		DSO_free(dso);
-	CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
-	ERR_add_error_data(4, "module=", name, ", path=", path);
-	return NULL;
-	}
-
-/* add module to list */
-static CONF_MODULE *module_add(DSO *dso, const char *name,
-			       conf_init_func *ifunc, conf_finish_func *ffunc)
-	{
-	CONF_MODULE *tmod = NULL;
-	if (supported_modules == NULL)
-		supported_modules = sk_CONF_MODULE_new_null();
-	if (supported_modules == NULL)
-		return NULL;
-	tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
-	if (tmod == NULL)
-		return NULL;
-
-	tmod->dso = dso;
-	tmod->name = BUF_strdup(name);
-	tmod->init = ifunc;
-	tmod->finish = ffunc;
-	tmod->links = 0;
-
-	if (!sk_CONF_MODULE_push(supported_modules, tmod))
-		{
-		OPENSSL_free(tmod);
-		return NULL;
-		}
-
-	return tmod;
-	}
-
-/* Find a module from the list. We allow module names of the
- * form modname.XXXX to just search for modname to allow the
- * same module to be initialized more than once.
- */
-
-static CONF_MODULE *module_find(char *name)
-	{
-	CONF_MODULE *tmod;
-	int i, nchar;
-	char *p;
-	p = strrchr(name, '.');
-
-	if (p)
-		nchar = p - name;
-	else 
-		nchar = strlen(name);
-
-	for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++)
-		{
-		tmod = sk_CONF_MODULE_value(supported_modules, i);
-		if (!strncmp(tmod->name, name, nchar))
-			return tmod;
-		}
-
-	return NULL;
-
-	}
-
-/* initialize a module */
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
-		       const CONF *cnf)
-	{
-	int ret = 1;
-	int init_called = 0;
-	CONF_IMODULE *imod = NULL;
-
-	/* Otherwise add initialized module to list */
-	imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
-	if (!imod)
-		goto err;
-
-	imod->pmod = pmod;
-	imod->name = BUF_strdup(name);
-	imod->value = BUF_strdup(value);
-	imod->usr_data = NULL;
-
-	if (!imod->name || !imod->value)
-		goto memerr;
-
-	/* Try to initialize module */
-	if(pmod->init)
-		{
-		ret = pmod->init(imod, cnf);
-		init_called = 1;
-		/* Error occurred, exit */
-		if (ret <= 0)
-			goto err;
-		}
-
-	if (initialized_modules == NULL)
-		{
-		initialized_modules = sk_CONF_IMODULE_new_null();
-		if (!initialized_modules)
-			{
-			CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-
-	if (!sk_CONF_IMODULE_push(initialized_modules, imod))
-		{
-		CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	pmod->links++;
-
-	return ret;
-
-	err:
-
-	/* We've started the module so we'd better finish it */
-	if (pmod->finish && init_called)
-		pmod->finish(imod);
-
-	memerr:
-	if (imod)
-		{
-		if (imod->name)
-			OPENSSL_free(imod->name);
-		if (imod->value)
-			OPENSSL_free(imod->value);
-		OPENSSL_free(imod);
-		}
-
-	return -1;
-
-	}
-
-/* Unload any dynamic modules that have a link count of zero:
- * i.e. have no active initialized modules. If 'all' is set
- * then all modules are unloaded including static ones.
- */
-
-void CONF_modules_unload(int all)
-	{
-	int i;
-	CONF_MODULE *md;
-	CONF_modules_finish();
-	/* unload modules in reverse order */
-	for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--)
-		{
-		md = sk_CONF_MODULE_value(supported_modules, i);
-		/* If static or in use and 'all' not set ignore it */
-		if (((md->links > 0) || !md->dso) && !all)
-			continue;
-		/* Since we're working in reverse this is OK */
-		sk_CONF_MODULE_delete(supported_modules, i);
-		module_free(md);
-		}
-	if (sk_CONF_MODULE_num(supported_modules) == 0)
-		{
-		sk_CONF_MODULE_free(supported_modules);
-		supported_modules = NULL;
-		}
-	}
-
-/* unload a single module */
-static void module_free(CONF_MODULE *md)
-	{
-	if (md->dso)
-		DSO_free(md->dso);
-	OPENSSL_free(md->name);
-	OPENSSL_free(md);
-	}
-
-/* finish and free up all modules instances */
-
-void CONF_modules_finish(void)
-	{
-	CONF_IMODULE *imod;
-	while (sk_CONF_IMODULE_num(initialized_modules) > 0)
-		{
-		imod = sk_CONF_IMODULE_pop(initialized_modules);
-		module_finish(imod);
-		}
-	sk_CONF_IMODULE_free(initialized_modules);
-	initialized_modules = NULL;
-	}
-
-/* finish a module instance */
-
-static void module_finish(CONF_IMODULE *imod)
-	{
-	if (imod->pmod->finish)
-		imod->pmod->finish(imod);
-	imod->pmod->links--;
-	OPENSSL_free(imod->name);
-	OPENSSL_free(imod->value);
-	OPENSSL_free(imod);
-	}
-
-/* Add a static module to OpenSSL */
-
-int CONF_module_add(const char *name, conf_init_func *ifunc, 
-		    conf_finish_func *ffunc)
-	{
-	if (module_add(NULL, name, ifunc, ffunc))
-		return 1;
-	else
-		return 0;
-	}
-
-void CONF_modules_free(void)
-	{
-	CONF_modules_finish();
-	CONF_modules_unload(1);
-	}
-
-/* Utility functions */
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md)
-	{
-	return md->name;
-	}
-
-const char *CONF_imodule_get_value(const CONF_IMODULE *md)
-	{
-	return md->value;
-	}
-
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md)
-	{
-	return md->usr_data;
-	}
-
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
-	{
-	md->usr_data = usr_data;
-	}
-
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md)
-	{
-	return md->pmod;
-	}
-
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
-	{
-	return md->flags;
-	}
-
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
-	{
-	md->flags = flags;
-	}
-
-void *CONF_module_get_usr_data(CONF_MODULE *pmod)
-	{
-	return pmod->usr_data;
-	}
-
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
-	{
-	pmod->usr_data = usr_data;
-	}
-
-/* Return default config file name */
-
-char *CONF_get1_default_config_file(void)
-	{
-	char *file;
-	int len;
-
-	file = getenv("OPENSSL_CONF");
-	if (file) 
-		return BUF_strdup(file);
-
-	len = strlen(X509_get_default_cert_area());
-#ifndef OPENSSL_SYS_VMS
-	len++;
-#endif
-	len += strlen(OPENSSL_CONF);
-
-	file = OPENSSL_malloc(len + 1);
-
-	if (!file)
-		return NULL;
-	strcpy(file,X509_get_default_cert_area());
-#ifndef OPENSSL_SYS_VMS
-	strcat(file,"/");
-#endif
-	strcat(file,OPENSSL_CONF);
-
-	return file;
-	}
-
-/* This function takes a list separated by 'sep' and calls the
- * callback function giving the start and length of each member
- * optionally stripping leading and trailing whitespace. This can
- * be used to parse comma separated lists for example.
- */
-
-int CONF_parse_list(const char *list, int sep, int nospc,
-	int (*list_cb)(const char *elem, int len, void *usr), void *arg)
-	{
-	int ret;
-	const char *lstart, *tmpend, *p;
-	lstart = list;
-
-	for(;;)
-		{
-		if (nospc)
-			{
-			while(*lstart && isspace((unsigned char)*lstart))
-				lstart++;
-			}
-		p = strchr(lstart, sep);
-		if (p == lstart || !*lstart)
-			ret = list_cb(NULL, 0, arg);
-		else
-			{
-			if (p)
-				tmpend = p - 1;
-			else 
-				tmpend = lstart + strlen(lstart) - 1;
-			if (nospc)
-				{
-				while(isspace((unsigned char)*tmpend))
-					tmpend--;
-				}
-			ret = list_cb(lstart, tmpend - lstart + 1, arg);
-			}
-		if (ret <= 0)
-			return ret;
-		if (p == NULL)
-			return 1;
-		lstart = p + 1;
-		}
-	}
-
diff --git a/crypto/openssl/crypto/conf/conf_sap.c b/crypto/openssl/crypto/conf/conf_sap.c
deleted file mode 100644
index e15c2e55463a..000000000000
--- a/crypto/openssl/crypto/conf/conf_sap.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* conf_sap.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* This is the automatic configuration loader: it is called automatically by
- * OpenSSL when any of a number of standard initialisation functions are called,
- * unless this is overridden by calling OPENSSL_no_config()
- */
-
-static int openssl_configured = 0;
-
-void OPENSSL_config(const char *config_name)
-	{
-	if (openssl_configured)
-		return;
-
-	OPENSSL_load_builtin_modules();
-#ifndef OPENSSL_NO_ENGINE
-	/* Need to load ENGINEs */
-	ENGINE_load_builtin_engines();
-#endif
-	/* Add others here? */
-
-
-	ERR_clear_error();
-	if (CONF_modules_load_file(NULL, NULL,
-					CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0)
-		{
-		BIO *bio_err;
-		ERR_load_crypto_strings();
-		if ((bio_err=BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL)
-			{
-			BIO_printf(bio_err,"Auto configuration failed\n");
-			ERR_print_errors(bio_err);
-			BIO_free(bio_err);
-			}
-		exit(1);
-		}
-
-	return;
-	}
-
-void OPENSSL_no_config()
-	{
-	openssl_configured = 1;
-	}
diff --git a/crypto/openssl/crypto/conf/keysets.pl b/crypto/openssl/crypto/conf/keysets.pl
deleted file mode 100644
index 50ed67fa527c..000000000000
--- a/crypto/openssl/crypto/conf/keysets.pl
+++ /dev/null
@@ -1,185 +0,0 @@
-#!/usr/local/bin/perl
-
-$NUMBER=0x01;
-$UPPER=0x02;
-$LOWER=0x04;
-$UNDER=0x100;
-$PUNCTUATION=0x200;
-$WS=0x10;
-$ESC=0x20;
-$QUOTE=0x40;
-$DQUOTE=0x400;
-$COMMENT=0x80;
-$FCOMMENT=0x800;
-$EOF=0x08;
-$HIGHBIT=0x1000;
-
-foreach (0 .. 255)
-	{
-	$v=0;
-	$c=sprintf("%c",$_);
-	$v|=$NUMBER	if ($c =~ /[0-9]/);
-	$v|=$UPPER	if ($c =~ /[A-Z]/);
-	$v|=$LOWER	if ($c =~ /[a-z]/);
-	$v|=$UNDER	if ($c =~ /_/);
-	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
-	$v|=$WS		if ($c =~ /[ \t\r\n]/);
-	$v|=$ESC	if ($c =~ /\\/);
-	$v|=$QUOTE	if ($c =~ /['`"]/); # for emacs: "`'}/)
-	$v|=$COMMENT	if ($c =~ /\#/);
-	$v|=$EOF	if ($c =~ /\0/);
-	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
-
-	push(@V_def,$v);
-	}
-
-foreach (0 .. 255)
-	{
-	$v=0;
-	$c=sprintf("%c",$_);
-	$v|=$NUMBER	if ($c =~ /[0-9]/);
-	$v|=$UPPER	if ($c =~ /[A-Z]/);
-	$v|=$LOWER	if ($c =~ /[a-z]/);
-	$v|=$UNDER	if ($c =~ /_/);
-	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
-	$v|=$WS		if ($c =~ /[ \t\r\n]/);
-	$v|=$DQUOTE	if ($c =~ /["]/); # for emacs: "}/)
-	$v|=$FCOMMENT	if ($c =~ /;/);
-	$v|=$EOF	if ($c =~ /\0/);
-	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
-
-	push(@V_w32,$v);
-	}
-
-print <<"EOF";
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay\@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay\@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
-   Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER		$NUMBER
-#define CONF_UPPER		$UPPER
-#define CONF_LOWER		$LOWER
-#define CONF_UNDER		$UNDER
-#define CONF_PUNCTUATION	$PUNCTUATION
-#define CONF_WS			$WS
-#define CONF_ESC		$ESC
-#define CONF_QUOTE		$QUOTE
-#define CONF_DQUOTE		$DQUOTE
-#define CONF_COMMENT		$COMMENT
-#define CONF_FCOMMENT		$FCOMMENT
-#define CONF_EOF		$EOF
-#define CONF_HIGHBIT		$HIGHBIT
-#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
-					CONF_PUNCTUATION)
-
-#define KEYTYPES(c)		((unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
-				(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-
-#else /*CHARSET_EBCDIC*/
-
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
-				(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
-#endif /*CHARSET_EBCDIC*/
-
-EOF
-
-print "static unsigned short CONF_type_default[256]={";
-
-for ($i=0; $i<256; $i++)
-	{
-	print "\n\t" if ($i % 8) == 0;
-	printf "0x%04X,",$V_def[$i];
-	}
-
-print "\n\t};\n\n";
-
-print "static unsigned short CONF_type_win32[256]={";
-
-for ($i=0; $i<256; $i++)
-	{
-	print "\n\t" if ($i % 8) == 0;
-	printf "0x%04X,",$V_w32[$i];
-	}
-
-print "\n\t};\n\n";
diff --git a/crypto/openssl/crypto/conf/ssleay.cnf b/crypto/openssl/crypto/conf/ssleay.cnf
deleted file mode 100644
index ed33af601e1e..000000000000
--- a/crypto/openssl/crypto/conf/ssleay.cnf
+++ /dev/null
@@ -1,78 +0,0 @@
-#
-# This is a test configuration file for use in SSLeay etc...
-#
-
-init = 5
-in\#it1 =10
-init2='10'
-init3='10\''
-init4="10'"
-init5='='10\'' again'
-
-SSLeay::version = 0.5.0
-
-[genrsa]
-default_bits	= 512
-SSLEAY::version = 0.5.0
-
-[gendh]
-default_bits	= 512
-def_generator	= 2
-
-[s_client]
-cipher1		= DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
-cipher2		= 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
-cipher3		= "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
-cipher4		= DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
-
-[ default ]
-cert_dir	= $ENV::HOME/.ca_certs
-
-HOME		= /tmp/eay
-
-tmp_cert_dir	= $HOME/.ca_certs
-tmp2_cert_dir	= thisis$(HOME)stuff
-
-LOGNAME	= Eric Young (home=$HOME)
-
-[ special ]
-
-H=$HOME
-H=$default::HOME
-H=$ENV::HOME
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= $HOME/.rand
-
-[ req ]
-default_bits		= 512
-default_keyfile 	= privkey.pem
-
-Attribute_type_1	= countryName
-Attribute_text_1	= Country Name (2 letter code)
-Attribute_default_1	= AU
-
-Attribute_type_2	= stateOrProvinceName
-Attribute_text_2	= State or Province Name (full name)
-Attribute_default_2	= Queensland
-
-Attribute_type_3	= localityName
-Attribute_text_3	= Locality Name (eg, city)
-
-Attribute_type_4	= organizationName
-Attribute_text_4	= Organization Name (eg, company)
-Attribute_default_4	= Mincom Pty Ltd
-
-Attribute_type_5	= organizationalUnitName
-Attribute_text_5	= Organizational Unit Name (eg, section)
-Attribute_default_5	= TR
-
-Attribute_type_6	= commonName
-Attribute_text_6	= Common Name (eg, YOUR name)
-
-Attribute_type_7	= emailAddress
-Attribute_text_7	= Email Address
-
diff --git a/crypto/openssl/crypto/conf/test.c b/crypto/openssl/crypto/conf/test.c
deleted file mode 100644
index 7fab85053e4c..000000000000
--- a/crypto/openssl/crypto/conf/test.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/conf/test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-
-main()
-	{
-	LHASH *conf;
-	long eline;
-	char *s,*s2;
-
-#ifdef USE_WIN32
-	CONF_set_default_method(CONF_WIN32);
-#endif
-	conf=CONF_load(NULL,"ssleay.cnf",&eline);
-	if (conf == NULL)
-		{
-		ERR_load_crypto_strings();
-		printf("unable to load configuration, line %ld\n",eline);
-		ERR_print_errors_fp(stderr);
-		exit(1);
-		}
-	lh_stats(conf,stdout);
-	lh_node_stats(conf,stdout);
-	lh_node_usage_stats(conf,stdout);
-
-	s=CONF_get_string(conf,NULL,"init2");
-	printf("init2=%s\n",(s == NULL)?"NULL":s);
-
-	s=CONF_get_string(conf,NULL,"cipher1");
-	printf("cipher1=%s\n",(s == NULL)?"NULL":s);
-
-	s=CONF_get_string(conf,"s_client","cipher1");
-	printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s);
-
-	printf("---------------------------- DUMP ------------------------\n");
-	CONF_dump_fp(conf, stdout);
-
-	exit(0);
-	}
diff --git a/crypto/openssl/crypto/cpt_err.c b/crypto/openssl/crypto/cpt_err.c
deleted file mode 100644
index 1b4a1cb4d400..000000000000
--- a/crypto/openssl/crypto/cpt_err.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* crypto/cpt_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CRYPTO_str_functs[]=
-	{
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0),	"CRYPTO_get_ex_new_index"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0),	"CRYPTO_get_new_dynlockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0),	"CRYPTO_get_new_lockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0),	"CRYPTO_set_ex_data"},
-{ERR_PACK(0,CRYPTO_F_DEF_ADD_INDEX,0),	"DEF_ADD_INDEX"},
-{ERR_PACK(0,CRYPTO_F_DEF_GET_CLASS,0),	"DEF_GET_CLASS"},
-{ERR_PACK(0,CRYPTO_F_INT_DUP_EX_DATA,0),	"INT_DUP_EX_DATA"},
-{ERR_PACK(0,CRYPTO_F_INT_FREE_EX_DATA,0),	"INT_FREE_EX_DATA"},
-{ERR_PACK(0,CRYPTO_F_INT_NEW_EX_DATA,0),	"INT_NEW_EX_DATA"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA CRYPTO_str_reasons[]=
-	{
-{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK     ,"no dynlock create callback"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_CRYPTO_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
-		ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/cryptlib.c b/crypto/openssl/crypto/cryptlib.c
deleted file mode 100644
index 2924def2bb08..000000000000
--- a/crypto/openssl/crypto/cryptlib.c
+++ /dev/null
@@ -1,514 +0,0 @@
-/* crypto/cryptlib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/safestack.h>
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
-#endif
-
-DECLARE_STACK_OF(CRYPTO_dynlock)
-IMPLEMENT_STACK_OF(CRYPTO_dynlock)
-
-/* real #defines in crypto.h, keep these upto date */
-static const char* lock_names[CRYPTO_NUM_LOCKS] =
-	{
-	"<<ERROR>>",
-	"err",
-	"ex_data",
-	"x509",
-	"x509_info",
-	"x509_pkey",
-	"x509_crl",
-	"x509_req",
-	"dsa",
-	"rsa",
-	"evp_pkey",
-	"x509_store",
-	"ssl_ctx",
-	"ssl_cert",
-	"ssl_session",
-	"ssl_sess_cert",
-	"ssl",
-	"ssl_method",
-	"rand",
-	"rand2",
-	"debug_malloc",
-	"BIO",
-	"gethostbyname",
-	"getservbyname",
-	"readdir",
-	"RSA_blinding",
-	"dh",
-	"debug_malloc2",
-	"dso",
-	"dynlock",
-	"engine",
-	"ui",
-	"hwcrhk",		/* This is a HACK which will disappear in 0.9.8 */
-#if CRYPTO_NUM_LOCKS != 33
-# error "Inconsistency between crypto.h and cryptlib.c"
-#endif
-	};
-
-/* This is for applications to allocate new type names in the non-dynamic
-   array of lock names.  These are numbered with positive numbers.  */
-static STACK *app_locks=NULL;
-
-/* For applications that want a more dynamic way of handling threads, the
-   following stack is used.  These are externally numbered with negative
-   numbers.  */
-static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
-
-
-static void (MS_FAR *locking_callback)(int mode,int type,
-	const char *file,int line)=NULL;
-static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
-	int type,const char *file,int line)=NULL;
-static unsigned long (MS_FAR *id_callback)(void)=NULL;
-static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
-	(const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_lock_callback)(int mode,
-	struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
-	const char *file,int line)=NULL;
-
-int CRYPTO_get_new_lockid(char *name)
-	{
-	char *str;
-	int i;
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-	/* A hack to make Visual C++ 5.0 work correctly when linking as
-	 * a DLL using /MT. Without this, the application cannot use
-	 * and floating point printf's.
-	 * It also seems to be needed for Visual C 1.5 (win16) */
-	SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
-#endif
-
-	if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
-		{
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	if ((str=BUF_strdup(name)) == NULL)
-		{
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	i=sk_push(app_locks,str);
-	if (!i)
-		OPENSSL_free(str);
-	else
-		i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
-	return(i);
-	}
-
-int CRYPTO_num_locks(void)
-	{
-	return CRYPTO_NUM_LOCKS;
-	}
-
-int CRYPTO_get_new_dynlockid(void)
-	{
-	int i = 0;
-	CRYPTO_dynlock *pointer = NULL;
-
-	if (dynlock_create_callback == NULL)
-		{
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
-		return(0);
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-	if ((dyn_locks == NULL)
-		&& ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
-	if (pointer == NULL)
-		{
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	pointer->references = 1;
-	pointer->data = dynlock_create_callback(__FILE__,__LINE__);
-	if (pointer->data == NULL)
-		{
-		OPENSSL_free(pointer);
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-	/* First, try to find an existing empty slot */
-	i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
-	/* If there was none, push, thereby creating a new one */
-	if (i == -1)
-		/* Since sk_push() returns the number of items on the
-		   stack, not the location of the pushed item, we need
-		   to transform the returned number into a position,
-		   by decreasing it.  */
-		i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
-	else
-		/* If we found a place with a NULL pointer, put our pointer
-		   in it.  */
-		sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (i == -1)
-		{
-		dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
-		OPENSSL_free(pointer);
-		}
-	else
-		i += 1; /* to avoid 0 */
-	return -i;
-	}
-
-void CRYPTO_destroy_dynlockid(int i)
-	{
-	CRYPTO_dynlock *pointer = NULL;
-	if (i)
-		i = -i-1;
-	if (dynlock_destroy_callback == NULL)
-		return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-	if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-		return;
-		}
-	pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-	if (pointer != NULL)
-		{
-		--pointer->references;
-#ifdef REF_CHECK
-		if (pointer->references < 0)
-			{
-			fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
-			abort();
-			}
-		else
-#endif
-			if (pointer->references <= 0)
-				{
-				sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
-				}
-			else
-				pointer = NULL;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (pointer)
-		{
-		dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
-		OPENSSL_free(pointer);
-		}
-	}
-
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
-	{
-	CRYPTO_dynlock *pointer = NULL;
-	if (i)
-		i = -i-1;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-	if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
-		pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-	if (pointer)
-		pointer->references++;
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (pointer)
-		return pointer->data;
-	return NULL;
-	}
-
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
-	(const char *file,int line)
-	{
-	return(dynlock_create_callback);
-	}
-
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
-	struct CRYPTO_dynlock_value *l, const char *file,int line)
-	{
-	return(dynlock_lock_callback);
-	}
-
-void (*CRYPTO_get_dynlock_destroy_callback(void))
-	(struct CRYPTO_dynlock_value *l, const char *file,int line)
-	{
-	return(dynlock_destroy_callback);
-	}
-
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
-	(const char *file, int line))
-	{
-	dynlock_create_callback=func;
-	}
-
-void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
-	struct CRYPTO_dynlock_value *l, const char *file, int line))
-	{
-	dynlock_lock_callback=func;
-	}
-
-void CRYPTO_set_dynlock_destroy_callback(void (*func)
-	(struct CRYPTO_dynlock_value *l, const char *file, int line))
-	{
-	dynlock_destroy_callback=func;
-	}
-
-
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
-		int line)
-	{
-	return(locking_callback);
-	}
-
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
-					  const char *file,int line)
-	{
-	return(add_lock_callback);
-	}
-
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
-					      const char *file,int line))
-	{
-	locking_callback=func;
-	}
-
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
-					      const char *file,int line))
-	{
-	add_lock_callback=func;
-	}
-
-unsigned long (*CRYPTO_get_id_callback(void))(void)
-	{
-	return(id_callback);
-	}
-
-void CRYPTO_set_id_callback(unsigned long (*func)(void))
-	{
-	id_callback=func;
-	}
-
-unsigned long CRYPTO_thread_id(void)
-	{
-	unsigned long ret=0;
-
-	if (id_callback == NULL)
-		{
-#ifdef OPENSSL_SYS_WIN16
-		ret=(unsigned long)GetCurrentTask();
-#elif defined(OPENSSL_SYS_WIN32)
-		ret=(unsigned long)GetCurrentThreadId();
-#elif defined(GETPID_IS_MEANINGLESS)
-		ret=1L;
-#else
-		ret=(unsigned long)getpid();
-#endif
-		}
-	else
-		ret=id_callback();
-	return(ret);
-	}
-
-void CRYPTO_lock(int mode, int type, const char *file, int line)
-	{
-#ifdef LOCK_DEBUG
-		{
-		char *rw_text,*operation_text;
-
-		if (mode & CRYPTO_LOCK)
-			operation_text="lock  ";
-		else if (mode & CRYPTO_UNLOCK)
-			operation_text="unlock";
-		else
-			operation_text="ERROR ";
-
-		if (mode & CRYPTO_READ)
-			rw_text="r";
-		else if (mode & CRYPTO_WRITE)
-			rw_text="w";
-		else
-			rw_text="ERROR";
-
-		fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
-			CRYPTO_thread_id(), rw_text, operation_text,
-			CRYPTO_get_lock_name(type), file, line);
-		}
-#endif
-	if (type < 0)
-		{
-		if (dynlock_lock_callback != NULL)
-			{
-			struct CRYPTO_dynlock_value *pointer
-				= CRYPTO_get_dynlock_value(type);
-
-			OPENSSL_assert(pointer != NULL);
-
-			dynlock_lock_callback(mode, pointer, file, line);
-
-			CRYPTO_destroy_dynlockid(type);
-			}
-		}
-	else
-		if (locking_callback != NULL)
-			locking_callback(mode,type,file,line);
-	}
-
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
-	     int line)
-	{
-	int ret = 0;
-
-	if (add_lock_callback != NULL)
-		{
-#ifdef LOCK_DEBUG
-		int before= *pointer;
-#endif
-
-		ret=add_lock_callback(pointer,amount,type,file,line);
-#ifdef LOCK_DEBUG
-		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			CRYPTO_thread_id(),
-			before,amount,ret,
-			CRYPTO_get_lock_name(type),
-			file,line);
-#endif
-		}
-	else
-		{
-		CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
-
-		ret= *pointer+amount;
-#ifdef LOCK_DEBUG
-		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			CRYPTO_thread_id(),
-			*pointer,amount,ret,
-			CRYPTO_get_lock_name(type),
-			file,line);
-#endif
-		*pointer=ret;
-		CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
-		}
-	return(ret);
-	}
-
-const char *CRYPTO_get_lock_name(int type)
-	{
-	if (type < 0)
-		return("dynamic");
-	else if (type < CRYPTO_NUM_LOCKS)
-		return(lock_names[type]);
-	else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
-		return("ERROR");
-	else
-		return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
-	}
-
-#ifdef _DLL
-#ifdef OPENSSL_SYS_WIN32
-
-/* All we really need to do is remove the 'error' state when a thread
- * detaches */
-
-BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
-	     LPVOID lpvReserved)
-	{
-	switch(fdwReason)
-		{
-	case DLL_PROCESS_ATTACH:
-		break;
-	case DLL_THREAD_ATTACH:
-		break;
-	case DLL_THREAD_DETACH:
-		ERR_remove_state(0);
-		break;
-	case DLL_PROCESS_DETACH:
-		break;
-		}
-	return(TRUE);
-	}
-#endif
-
-#endif
-
-void OpenSSLDie(const char *file,int line,const char *assertion)
-	{
-	fprintf(stderr,
-		"%s(%d): OpenSSL internal error, assertion failed: %s\n",
-		file,line,assertion);
-	abort();
-	}
diff --git a/crypto/openssl/crypto/cryptlib.h b/crypto/openssl/crypto/cryptlib.h
deleted file mode 100644
index 0d6b9d59f0b1..000000000000
--- a/crypto/openssl/crypto/cryptlib.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/cryptlib.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTLIB_H
-#define HEADER_CRYPTLIB_H
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/buffer.h> 
-#include <openssl/bio.h> 
-#include <openssl/err.h>
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifndef OPENSSL_SYS_VMS
-#define X509_CERT_AREA		OPENSSLDIR
-#define X509_CERT_DIR		OPENSSLDIR "/certs"
-#define X509_CERT_FILE		OPENSSLDIR "/cert.pem"
-#define X509_PRIVATE_DIR	OPENSSLDIR "/private"
-#else
-#define X509_CERT_AREA		"SSLROOT:[000000]"
-#define X509_CERT_DIR		"SSLCERTS:"
-#define X509_CERT_FILE		"SSLCERTS:cert.pem"
-#define X509_PRIVATE_DIR        "SSLPRIVATE:"
-#endif
-
-#define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
-#define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
-
-/* size of string representations */
-#define DECIMAL_SIZE(type)	((sizeof(type)*8+2)/3+1)
-#define HEX_SIZE(type)		(sizeof(type)*2)
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/crypto.h b/crypto/openssl/crypto/crypto.h
deleted file mode 100644
index 273bc5e3f87d..000000000000
--- a/crypto/openssl/crypto/crypto.h
+++ /dev/null
@@ -1,462 +0,0 @@
-/* crypto/crypto.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTO_H
-#define HEADER_CRYPTO_H
-
-#include <stdlib.h>
-
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#endif
-
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/opensslv.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-/* Resolve problems on some operating systems with symbol names that clash
-   one way or another */
-#include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/* This is more to be used to check the correct DLL is being used
- * in the MS world. */
-#define SSLEAY_VERSION_NUMBER	OPENSSL_VERSION_NUMBER
-#define SSLEAY_VERSION		0
-/* #define SSLEAY_OPTIONS	1 no longer supported */
-#define SSLEAY_CFLAGS		2
-#define SSLEAY_BUILT_ON		3
-#define SSLEAY_PLATFORM		4
-#define SSLEAY_DIR		5
-
-/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
- * names in cryptlib.c
- */
-
-#define CRYPTO_LOCK_ERR			1
-#define CRYPTO_LOCK_EX_DATA		2
-#define CRYPTO_LOCK_X509		3
-#define CRYPTO_LOCK_X509_INFO		4
-#define CRYPTO_LOCK_X509_PKEY		5
-#define CRYPTO_LOCK_X509_CRL		6
-#define CRYPTO_LOCK_X509_REQ		7
-#define CRYPTO_LOCK_DSA			8
-#define CRYPTO_LOCK_RSA			9
-#define CRYPTO_LOCK_EVP_PKEY		10
-#define CRYPTO_LOCK_X509_STORE		11
-#define CRYPTO_LOCK_SSL_CTX		12
-#define CRYPTO_LOCK_SSL_CERT		13
-#define CRYPTO_LOCK_SSL_SESSION		14
-#define CRYPTO_LOCK_SSL_SESS_CERT	15
-#define CRYPTO_LOCK_SSL			16
-#define CRYPTO_LOCK_SSL_METHOD		17
-#define CRYPTO_LOCK_RAND		18
-#define CRYPTO_LOCK_RAND2		19
-#define CRYPTO_LOCK_MALLOC		20
-#define CRYPTO_LOCK_BIO			21
-#define CRYPTO_LOCK_GETHOSTBYNAME	22
-#define CRYPTO_LOCK_GETSERVBYNAME	23
-#define CRYPTO_LOCK_READDIR		24
-#define CRYPTO_LOCK_RSA_BLINDING	25
-#define CRYPTO_LOCK_DH			26
-#define CRYPTO_LOCK_MALLOC2		27
-#define CRYPTO_LOCK_DSO			28
-#define CRYPTO_LOCK_DYNLOCK		29
-#define CRYPTO_LOCK_ENGINE		30
-#define CRYPTO_LOCK_UI			31
-#define CRYPTO_LOCK_HWCRHK		32 /* This is a HACK which will disappear in 0.9.8 */
-#define CRYPTO_NUM_LOCKS		33
-
-#define CRYPTO_LOCK		1
-#define CRYPTO_UNLOCK		2
-#define CRYPTO_READ		4
-#define CRYPTO_WRITE		8
-
-#ifndef OPENSSL_NO_LOCKING
-#ifndef CRYPTO_w_lock
-#define CRYPTO_w_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_w_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_r_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_r_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_add(addr,amount,type)	\
-	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-#endif
-#else
-#define CRYPTO_w_lock(a)
-#define CRYPTO_w_unlock(a)
-#define CRYPTO_r_lock(a)
-#define CRYPTO_r_unlock(a)
-#define CRYPTO_add(a,b,c)	((*(a))+=(b))
-#endif
-
-/* Some applications as well as some parts of OpenSSL need to allocate
-   and deallocate locks in a dynamic fashion.  The following typedef
-   makes this possible in a type-safe manner.  */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct
-	{
-	int references;
-	struct CRYPTO_dynlock_value *data;
-	} CRYPTO_dynlock;
-
-
-/* The following can be used to detect memory leaks in the SSLeay library.
- * It used, it turns on malloc checking */
-
-#define CRYPTO_MEM_CHECK_OFF	0x0	/* an enume */
-#define CRYPTO_MEM_CHECK_ON	0x1	/* a bit */
-#define CRYPTO_MEM_CHECK_ENABLE	0x2	/* a bit */
-#define CRYPTO_MEM_CHECK_DISABLE 0x3	/* an enume */
-
-/* The following are bit values to turn on or off options connected to the
- * malloc checking functionality */
-
-/* Adds time to the memory checking information */
-#define V_CRYPTO_MDEBUG_TIME	0x1 /* a bit */
-/* Adds thread number to the memory checking information */
-#define V_CRYPTO_MDEBUG_THREAD	0x2 /* a bit */
-
-#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-typedef struct crypto_ex_data_st
-	{
-	STACK *sk;
-	int dummy; /* gcc is screwing up this data structure :-( */
-	} CRYPTO_EX_DATA;
-
-/* Called when a new object is created */
-typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-					int idx, long argl, void *argp);
-/* Called when an object is free()ed */
-typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-					int idx, long argl, void *argp);
-/* Called when we need to dup an object */
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 
-					int idx, long argl, void *argp);
-
-/* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
-
-typedef struct crypto_ex_data_func_st
-	{
-	long argl;	/* Arbitary long */
-	void *argp;	/* Arbitary void * */
-	CRYPTO_EX_new *new_func;
-	CRYPTO_EX_free *free_func;
-	CRYPTO_EX_dup *dup_func;
-	} CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-#define CRYPTO_EX_INDEX_BIO		0
-#define CRYPTO_EX_INDEX_SSL		1
-#define CRYPTO_EX_INDEX_SSL_CTX		2
-#define CRYPTO_EX_INDEX_SSL_SESSION	3
-#define CRYPTO_EX_INDEX_X509_STORE	4
-#define CRYPTO_EX_INDEX_X509_STORE_CTX	5
-#define CRYPTO_EX_INDEX_RSA		6
-#define CRYPTO_EX_INDEX_DSA		7
-#define CRYPTO_EX_INDEX_DH		8
-#define CRYPTO_EX_INDEX_ENGINE		9
-#define CRYPTO_EX_INDEX_X509		10
-#define CRYPTO_EX_INDEX_UI		11
-
-/* Dynamically assigned indexes start from this value (don't use directly, use
- * via CRYPTO_ex_data_new_class). */
-#define CRYPTO_EX_INDEX_USER		100
-
-
-/* This is the default callbacks, but we can have others as well:
- * this is needed in Win32 where the application malloc and the
- * library malloc may not be the same.
- */
-#define CRYPTO_malloc_init()	CRYPTO_set_mem_functions(\
-	malloc, realloc, free)
-
-#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-#  define CRYPTO_MDEBUG
-# endif
-#endif
-
-/* Set standard debugging functions (not done by default
- * unless CRYPTO_MDEBUG is defined) */
-#define CRYPTO_malloc_debug_init()	do {\
-	CRYPTO_set_mem_debug_functions(\
-		CRYPTO_dbg_malloc,\
-		CRYPTO_dbg_realloc,\
-		CRYPTO_dbg_free,\
-		CRYPTO_dbg_set_options,\
-		CRYPTO_dbg_get_options);\
-	} while(0)
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-#define MemCheck_stop()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-/* for library-internal use */
-#define MemCheck_on()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-#define MemCheck_off()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-#define is_MemCheck_on() CRYPTO_is_mem_check_on()
-
-#define OPENSSL_malloc(num)	CRYPTO_malloc((int)num,__FILE__,__LINE__)
-#define OPENSSL_realloc(addr,num) \
-	CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_realloc_clean(addr,old_num,num) \
-	CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
-#define OPENSSL_remalloc(addr,num) \
-	CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_freeFunc	CRYPTO_free
-#define OPENSSL_free(addr)	CRYPTO_free(addr)
-
-#define OPENSSL_malloc_locked(num) \
-	CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-int OPENSSL_issetugid(void);
-
-/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL	CRYPTO_EX_DATA_IMPL;
-/* Return an opaque pointer to the current "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
-/* Sets the "ex_data" implementation to be used (if it's not too late) */
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
-/* Get a new "ex_data" class, and return the corresponding "class_index" */
-int CRYPTO_ex_data_new_class(void);
-/* Within a given class, get/register a new index */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given
- * class (invokes whatever per-class callbacks are applicable) */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-		CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index
- * (relative to the class type involved) */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad,int idx);
-/* This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions. */
-void CRYPTO_cleanup_all_ex_data(void);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type,const char *file,int line);
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
-					      const char *file,int line));
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
-		int line);
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
-					      const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
-					  const char *file,int line);
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-unsigned long (*CRYPTO_get_id_callback(void))(void);
-unsigned long CRYPTO_thread_id(void);
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
-		    int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
-
-/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
- * call the latter last if you need different functions */
-int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
-int CRYPTO_set_mem_ex_functions(void *(*m)(size_t,const char *,int),
-                                void *(*r)(void *,size_t,const char *,int),
-                                void (*f)(void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t,const char *,int),
-                                       void (*free_func)(void *));
-int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
-				   void (*r)(void *,void *,int,const char *,int,int),
-				   void (*f)(void *,int),
-				   void (*so)(long),
-				   long (*go)(void));
-void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
-void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int),
-                                 void *(**r)(void *, size_t,const char *,int),
-                                 void (**f)(void *));
-void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t,const char *,int),
-                                        void (**f)(void *));
-void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
-				    void (**r)(void *,void *,int,const char *,int,int),
-				    void (**f)(void *,int),
-				    void (**so)(long),
-				    long (**go)(void));
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
-void *CRYPTO_malloc(int num, const char *file, int line);
-void CRYPTO_free(void *);
-void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
-void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
-			   int line);
-void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
-
-void OPENSSL_cleanse(void *ptr, size_t len);
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-#define CRYPTO_push_info(info) \
-        CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-
-/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations): */
-/* The last argument has the following significance:
- *
- * 0:	called before the actual memory allocation has taken place
- * 1:	called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_free(void *addr,int before_p);
-/* Tell the debugging code about options.  By default, the following values
- * apply:
- *
- * 0:                           Clear all options.
- * V_CRYPTO_MDEBUG_TIME (1):    Set the "Show Time" option.
- * V_CRYPTO_MDEBUG_THREAD (2):  Set the "Show Thread Number" option.
- * V_CRYPTO_MDEBUG_ALL (3):     1 + 2
- */
-void CRYPTO_dbg_set_options(long bits);
-long CRYPTO_dbg_get_options(void);
-
-
-#ifndef OPENSSL_NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *);
-#endif
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
-
-/* die if we have to */
-void OpenSSLDie(const char *file,int line,const char *assertion);
-#define OPENSSL_assert(e)	((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CRYPTO_strings(void);
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX		 100
-#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID		 103
-#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID			 101
-#define CRYPTO_F_CRYPTO_SET_EX_DATA			 102
-#define CRYPTO_F_DEF_ADD_INDEX				 104
-#define CRYPTO_F_DEF_GET_CLASS				 105
-#define CRYPTO_F_INT_DUP_EX_DATA			 106
-#define CRYPTO_F_INT_FREE_EX_DATA			 107
-#define CRYPTO_F_INT_NEW_EX_DATA			 108
-
-/* Reason codes. */
-#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK		 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/cversion.c b/crypto/openssl/crypto/cversion.c
deleted file mode 100644
index 8ecfba7b16ba..000000000000
--- a/crypto/openssl/crypto/cversion.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/cversion.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-
-#include "buildinf.h"
-
-const char *SSLeay_version(int t)
-	{
-	if (t == SSLEAY_VERSION)
-		return OPENSSL_VERSION_TEXT;
-	if (t == SSLEAY_BUILT_ON)
-		{
-#ifdef DATE
-		static char buf[sizeof(DATE)+11];
-
-		sprintf(buf,"built on: %s",DATE);
-		return(buf);
-#else
-		return("built on: date not available");
-#endif
-		}
-	if (t == SSLEAY_CFLAGS)
-		{
-#ifdef CFLAGS
-		static char buf[sizeof(CFLAGS)+11];
-
-		sprintf(buf,"compiler: %s",CFLAGS);
-		return(buf);
-#else
-		return("compiler: information not available");
-#endif
-		}
-	if (t == SSLEAY_PLATFORM)
-		{
-#ifdef PLATFORM
-		static char buf[sizeof(PLATFORM)+11];
-
-		sprintf(buf,"platform: %s", PLATFORM);
-		return(buf);
-#else
-		return("platform: information not available");
-#endif
-		}
-	if (t == SSLEAY_DIR)
-		{
-#ifdef OPENSSLDIR
-		return "OPENSSLDIR: \"" OPENSSLDIR "\"";
-#else
-		return "OPENSSLDIR: N/A";
-#endif
-		}
-	return("not available");
-	}
-
-unsigned long SSLeay(void)
-	{
-	return(SSLEAY_VERSION_NUMBER);
-	}
-
diff --git a/crypto/openssl/crypto/des/COPYRIGHT b/crypto/openssl/crypto/des/COPYRIGHT
deleted file mode 100644
index 5469e1e46996..000000000000
--- a/crypto/openssl/crypto/des/COPYRIGHT
+++ /dev/null
@@ -1,50 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-The implementation was written so as to conform with MIT's libdes.
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-If this package is used in a product, Eric Young should be given attribution
-as the author of that the SSL library.  This can be in the form of a textual
-message at program startup or in documentation (online or textual) provided
-with the package.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/crypto/openssl/crypto/des/DES.pm b/crypto/openssl/crypto/des/DES.pm
deleted file mode 100644
index 6a175b6ca4b0..000000000000
--- a/crypto/openssl/crypto/des/DES.pm
+++ /dev/null
@@ -1,19 +0,0 @@
-package DES;
-
-require Exporter;
-require DynaLoader;
-@ISA = qw(Exporter DynaLoader);
-# Items to export into callers namespace by default
-# (move infrequently used names to @EXPORT_OK below)
-@EXPORT = qw(
-);
-# Other items we are prepared to export if requested
-@EXPORT_OK = qw(
-crypt
-);
-
-# Preloaded methods go here.  Autoload methods go after __END__, and are
-# processed by the autosplit program.
-bootstrap DES;
-1;
-__END__
diff --git a/crypto/openssl/crypto/des/DES.pod b/crypto/openssl/crypto/des/DES.pod
deleted file mode 100644
index 8a739e7ca0d0..000000000000
--- a/crypto/openssl/crypto/des/DES.pod
+++ /dev/null
@@ -1,16 +0,0 @@
-crypt	<= 	crypt(buf,salt)
-key	<=	set_odd_parity(key)
-int	<=	is_weak_key(key)
-keysched<=	set_key(key)
-key	<=	ecb_encrypt(string8,ks,enc)
-key	<=	ecb3_encrypt(input,ks1,ks2,enc)
-string	<=	cbc_encrypt(input,ks,ivec,enc)			=> ivec 
-string	<=	cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,enc)	=> ivec1&ivec2 
-ck1,ck2	<=	cbc_cksum(input,ks,ivec)			=> ivec
-string	<=	pcbc_encrypt(input,ks,ivec,enc)			=> ivec 
-string	<=	ofb_encrypt(input,numbits,ks,ivec)		=> ivec
-string	<=	cfb_encrypt(input,numbits,ks,ivec,enc)		=> ivec
-key	<=	random_key()
-key	<=	string_to_key(string)
-key1,key2<=	string_to_2keys(string)
-
diff --git a/crypto/openssl/crypto/des/DES.xs b/crypto/openssl/crypto/des/DES.xs
deleted file mode 100644
index b8050b9edf8d..000000000000
--- a/crypto/openssl/crypto/des/DES.xs
+++ /dev/null
@@ -1,268 +0,0 @@
-#include "EXTERN.h"
-#include "perl.h"
-#include "XSUB.h"
-#include "des.h"
-
-#define deschar	char
-static STRLEN len;
-
-static int
-not_here(s)
-char *s;
-{
-    croak("%s not implemented on this architecture", s);
-    return -1;
-}
-
-MODULE = DES	PACKAGE = DES	PREFIX = des_
-
-char *
-des_crypt(buf,salt)
-	char *	buf
-	char *	salt
-
-void
-des_set_odd_parity(key)
-	des_cblock *	key
-PPCODE:
-	{
-	SV *s;
-
-	s=sv_newmortal();
-	sv_setpvn(s,(char *)key,8);
-	des_set_odd_parity((des_cblock *)SvPV(s,na));
-	PUSHs(s);
-	}
-
-int
-des_is_weak_key(key)
-	des_cblock *	key
-
-des_key_schedule
-des_set_key(key)
-	des_cblock *	key
-CODE:
-	des_set_key(key,RETVAL);
-OUTPUT:
-RETVAL
-
-des_cblock
-des_ecb_encrypt(input,ks,encrypt)
-	des_cblock *	input
-	des_key_schedule *	ks
-	int	encrypt
-CODE:
-	des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
-OUTPUT:
-RETVAL
-
-void
-des_cbc_encrypt(input,ks,ivec,encrypt)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	char *c;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec,encrypt);
-	sv_setpvn(ST(2),(char *)c[len-8],8);
-	PUSHs(s);
-	}
-
-void
-des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
-	char *	input
-	des_key_schedule *	ks1
-	des_key_schedule *	ks2
-	des_cblock *	ivec1
-	des_cblock *	ivec2
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
-		l,*ks1,*ks2,ivec1,ivec2,encrypt);
-	sv_setpvn(ST(3),(char *)ivec1,8);
-	sv_setpvn(ST(4),(char *)ivec2,8);
-	PUSHs(s);
-	}
-
-void
-des_cbc_cksum(input,ks,ivec)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-PPCODE:
-	{
-	SV *s1,*s2;
-	STRLEN len,l;
-	des_cblock c;
-	unsigned long i1,i2;
-
-	s1=sv_newmortal();
-	s2=sv_newmortal();
-	l=SvCUR(ST(0));
-	des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec);
-	i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
-	i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
-	sv_setiv(s1,i1);
-	sv_setiv(s2,i2);
-	sv_setpvn(ST(2),(char *)c,8);
-	PUSHs(s1);
-	PUSHs(s2);
-	}
-
-void
-des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
-	char *	input
-	int	numbits
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len;
-	char *c;
-
-	len=SvCUR(ST(0));
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
-		(int)numbits,(long)len,*ks,ivec,encrypt);
-	sv_setpvn(ST(3),(char *)ivec,8);
-	PUSHs(s);
-	}
-
-des_cblock *
-des_ecb3_encrypt(input,ks1,ks2,encrypt)
-	des_cblock *	input
-	des_key_schedule *	ks1
-	des_key_schedule *	ks2
-	int	encrypt
-CODE:
-	{
-	des_cblock c;
-
-	des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
-		*ks1,*ks2,encrypt);
-	RETVAL= &c;
-	}
-OUTPUT:
-RETVAL
-
-void
-des_ofb_encrypt(input,numbits,ks,ivec)
-	unsigned char *	input
-	int	numbits
-	des_key_schedule *	ks
-	des_cblock *	ivec
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	unsigned char *c;
-
-	len=SvCUR(ST(0));
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(unsigned char *)SvPV(s,na);
-	des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
-		numbits,len,*ks,ivec);
-	sv_setpvn(ST(3),(char *)ivec,8);
-	PUSHs(s);
-	}
-
-void
-des_pcbc_encrypt(input,ks,ivec,encrypt)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	char *c;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec,encrypt);
-	sv_setpvn(ST(2),(char *)c[len-8],8);
-	PUSHs(s);
-	}
-
-des_cblock *
-des_random_key()
-CODE:
-	{
-	des_cblock c;
-
-	des_random_key(c);
-	RETVAL=&c;
-	}
-OUTPUT:
-RETVAL
-
-des_cblock *
-des_string_to_key(str)
-char *	str
-CODE:
-	{
-	des_cblock c;
-
-	des_string_to_key(str,&c);
-	RETVAL=&c;
-	}
-OUTPUT:
-RETVAL
-
-void
-des_string_to_2keys(str)
-char *	str
-PPCODE:
-	{
-	des_cblock c1,c2;
-	SV *s1,*s2;
-
-	des_string_to_2keys(str,&c1,&c2);
-	EXTEND(sp,2);
-	s1=sv_newmortal();
-	sv_setpvn(s1,(char *)c1,8);
-	s2=sv_newmortal();
-	sv_setpvn(s2,(char *)c2,8);
-	PUSHs(s1);
-	PUSHs(s2);
-	}
diff --git a/crypto/openssl/crypto/des/FILES b/crypto/openssl/crypto/des/FILES
deleted file mode 100644
index 4c7ea2de7a06..000000000000
--- a/crypto/openssl/crypto/des/FILES
+++ /dev/null
@@ -1,96 +0,0 @@
-/* General stuff */
-COPYRIGHT	- Copyright info.
-MODES.DES	- A description of the features of the different modes of DES.
-FILES		- This file.
-INSTALL		- How to make things compile.
-Imakefile	- For use with kerberos.
-README		- What this package is.
-VERSION		- Which version this is and what was changed.
-KERBEROS	- Kerberos version 4 notes.
-Makefile.PL	- An old makefile to build with perl5, not current.
-Makefile.ssl	- The SSLeay makefile
-Makefile.uni	- The normal unix makefile.
-GNUmakefile	- The makefile for use with glibc.
-makefile.bc	- A Borland C makefile
-times		- Some outputs from 'speed' on some machines.
-vms.com		- For use when compiling under VMS
-
-/* My SunOS des(1) replacement */
-des.c		- des(1) source code.
-des.man		- des(1) manual.
-
-/* Testing and timing programs. */
-destest.c	- Source for libdes.a test program.
-speed.c		- Source for libdes.a timing program.
-rpw.c		- Source for libdes.a testing password reading routines.
-
-/* libdes.a source code */
-des_crypt.man	- libdes.a manual page.
-des.h		- Public libdes.a header file.
-ecb_enc.c	- des_ecb_encrypt() source, this contains the basic DES code.
-ecb3_enc.c	- des_ecb3_encrypt() source.
-cbc_ckm.c	- des_cbc_cksum() source.
-cbc_enc.c	- des_cbc_encrypt() source.
-ncbc_enc.c	- des_cbc_encrypt() that is 'normal' in that it copies
-		  the new iv values back in the passed iv vector.
-ede_enc.c	- des_ede3_cbc_encrypt() cbc mode des using triple DES.
-cbc3_enc.c	- des_3cbc_encrypt() source, don't use this function.
-cfb_enc.c	- des_cfb_encrypt() source.
-cfb64enc.c	- des_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher.
-cfb64ede.c	- des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-ofb_enc.c	- des_cfb_encrypt() source.
-ofb64_enc.c	- des_ofb_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher.
-ofb64ede.c	- des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-enc_read.c	- des_enc_read() source.
-enc_writ.c	- des_enc_write() source.
-pcbc_enc.c	- des_pcbc_encrypt() source.
-qud_cksm.c	- quad_cksum() source.
-rand_key.c	- des_random_key() source.
-read_pwd.c	- Source for des_read_password() plus related functions.
-set_key.c	- Source for des_set_key().
-str2key.c	- Covert a string of any length into a key.
-fcrypt.c	- A small, fast version of crypt(3).
-des_locl.h	- Internal libdes.a header file.
-podd.h		- Odd parity tables - used in des_set_key().
-sk.h		- Lookup tables used in des_set_key().
-spr.h		- What is left of the S tables - used in ecb_encrypt().
-des_ver.h	- header file for the external definition of the
-		  version string.
-des.doc		- SSLeay documentation for the library.
-
-/* The perl scripts - you can ignore these files they are only
- * included for the curious */
-des.pl		- des in perl anyone? des_set_key and des_ecb_encrypt
-		  both done in a perl library.
-testdes.pl	- Testing program for des.pl
-doIP		- Perl script used to develop IP xor/shift code.
-doPC1		- Perl script used to develop PC1 xor/shift code.
-doPC2		- Generates sk.h.
-PC1		- Output of doPC1 should be the same as output from PC1.
-PC2		- used in development of doPC2.
-shifts.pl	- Perl library used by my perl scripts.
-
-/* I started making a perl5 dynamic library for libdes
- * but did not fully finish, these files are part of that effort. */
-DES.pm
-DES.pod
-DES.xs
-t
-typemap
-
-/* The following are for use with sun RPC implementaions. */
-rpc_des.h
-rpc_enc.c
-
-/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
- * are not normally built into libdes due to machine specific routines
- * contained in them.  They are for use in the most recent incarnation of
- * export kerberos v 4 (eBones). */
-supp.c
-new_rkey.c
-
-
diff --git a/crypto/openssl/crypto/des/FILES0 b/crypto/openssl/crypto/des/FILES0
deleted file mode 100644
index 4c7ea2de7a06..000000000000
--- a/crypto/openssl/crypto/des/FILES0
+++ /dev/null
@@ -1,96 +0,0 @@
-/* General stuff */
-COPYRIGHT	- Copyright info.
-MODES.DES	- A description of the features of the different modes of DES.
-FILES		- This file.
-INSTALL		- How to make things compile.
-Imakefile	- For use with kerberos.
-README		- What this package is.
-VERSION		- Which version this is and what was changed.
-KERBEROS	- Kerberos version 4 notes.
-Makefile.PL	- An old makefile to build with perl5, not current.
-Makefile.ssl	- The SSLeay makefile
-Makefile.uni	- The normal unix makefile.
-GNUmakefile	- The makefile for use with glibc.
-makefile.bc	- A Borland C makefile
-times		- Some outputs from 'speed' on some machines.
-vms.com		- For use when compiling under VMS
-
-/* My SunOS des(1) replacement */
-des.c		- des(1) source code.
-des.man		- des(1) manual.
-
-/* Testing and timing programs. */
-destest.c	- Source for libdes.a test program.
-speed.c		- Source for libdes.a timing program.
-rpw.c		- Source for libdes.a testing password reading routines.
-
-/* libdes.a source code */
-des_crypt.man	- libdes.a manual page.
-des.h		- Public libdes.a header file.
-ecb_enc.c	- des_ecb_encrypt() source, this contains the basic DES code.
-ecb3_enc.c	- des_ecb3_encrypt() source.
-cbc_ckm.c	- des_cbc_cksum() source.
-cbc_enc.c	- des_cbc_encrypt() source.
-ncbc_enc.c	- des_cbc_encrypt() that is 'normal' in that it copies
-		  the new iv values back in the passed iv vector.
-ede_enc.c	- des_ede3_cbc_encrypt() cbc mode des using triple DES.
-cbc3_enc.c	- des_3cbc_encrypt() source, don't use this function.
-cfb_enc.c	- des_cfb_encrypt() source.
-cfb64enc.c	- des_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher.
-cfb64ede.c	- des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-ofb_enc.c	- des_cfb_encrypt() source.
-ofb64_enc.c	- des_ofb_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher.
-ofb64ede.c	- des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-enc_read.c	- des_enc_read() source.
-enc_writ.c	- des_enc_write() source.
-pcbc_enc.c	- des_pcbc_encrypt() source.
-qud_cksm.c	- quad_cksum() source.
-rand_key.c	- des_random_key() source.
-read_pwd.c	- Source for des_read_password() plus related functions.
-set_key.c	- Source for des_set_key().
-str2key.c	- Covert a string of any length into a key.
-fcrypt.c	- A small, fast version of crypt(3).
-des_locl.h	- Internal libdes.a header file.
-podd.h		- Odd parity tables - used in des_set_key().
-sk.h		- Lookup tables used in des_set_key().
-spr.h		- What is left of the S tables - used in ecb_encrypt().
-des_ver.h	- header file for the external definition of the
-		  version string.
-des.doc		- SSLeay documentation for the library.
-
-/* The perl scripts - you can ignore these files they are only
- * included for the curious */
-des.pl		- des in perl anyone? des_set_key and des_ecb_encrypt
-		  both done in a perl library.
-testdes.pl	- Testing program for des.pl
-doIP		- Perl script used to develop IP xor/shift code.
-doPC1		- Perl script used to develop PC1 xor/shift code.
-doPC2		- Generates sk.h.
-PC1		- Output of doPC1 should be the same as output from PC1.
-PC2		- used in development of doPC2.
-shifts.pl	- Perl library used by my perl scripts.
-
-/* I started making a perl5 dynamic library for libdes
- * but did not fully finish, these files are part of that effort. */
-DES.pm
-DES.pod
-DES.xs
-t
-typemap
-
-/* The following are for use with sun RPC implementaions. */
-rpc_des.h
-rpc_enc.c
-
-/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
- * are not normally built into libdes due to machine specific routines
- * contained in them.  They are for use in the most recent incarnation of
- * export kerberos v 4 (eBones). */
-supp.c
-new_rkey.c
-
-
diff --git a/crypto/openssl/crypto/des/INSTALL b/crypto/openssl/crypto/des/INSTALL
deleted file mode 100644
index 32457d775ca6..000000000000
--- a/crypto/openssl/crypto/des/INSTALL
+++ /dev/null
@@ -1,69 +0,0 @@
-Check the CC and CFLAGS lines in the makefile
-
-If your C library does not support the times(3) function, change the
-#define TIMES to
-#undef TIMES in speed.c
-If it does, check the HZ value for the times(3) function.
-If your system does not define CLK_TCK it will be assumed to
-be 100.0.
-
-If possible use gcc v 2.7.?
-Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
-In recent times, some system compilers give better performace.
-
-type 'make'
-
-run './destest' to check things are ok.
-run './rpw' to check the tty code for reading passwords works.
-run './speed' to see how fast those optimisations make the library run :-)
-run './des_opts' to determin the best compile time options.
-
-The output from des_opts should be put in the makefile options and des_enc.c
-should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
-For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
-and then you can use the 'DES_PTR' option.
-
-The file options.txt has the options listed for best speed on quite a
-few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
-turn on the relevent option in the Makefile
-
-There are some special Makefile targets that make life easier.
-make cc		- standard cc build
-make gcc	- standard gcc build
-make x86-elf	- x86 assembler (elf), linux-elf.
-make x86-out	- x86 assembler (a.out), FreeBSD
-make x86-solaris- x86 assembler
-make x86-bsdi	- x86 assembler (a.out with primative assembler).
-
-If at all possible use the assembler (for Windows NT/95, use
-asm/win32.obj to link with).  The x86 assembler is very very fast.
-
-A make install will by default install
-libdes.a      in /usr/local/lib/libdes.a
-des           in /usr/local/bin/des
-des_crypt.man in /usr/local/man/man3/des_crypt.3
-des.man       in /usr/local/man/man1/des.1
-des.h         in /usr/include/des.h
-
-des(1) should be compatible with sunOS's but I have been unable to
-test it.
-
-These routines should compile on MSDOS, most 32bit and 64bit version
-of Unix (BSD and SYSV) and VMS, without modification.
-The only problems should be #include files that are in the wrong places.
-
-These routines can be compiled under MSDOS.
-I have successfully encrypted files using des(1) under MSDOS and then
-decrypted the files on a SparcStation.
-I have been able to compile and test the routines with
-Microsoft C v 5.1 and Turbo C v 2.0.
-The code in this library is in no way optimised for the 16bit
-operation of MSDOS.
-
-When building for glibc, ignore all of the above and just unpack into
-glibc-1.??/des and then gmake as per normal.
-
-As a final note on performace.  Certain CPUs like sparcs and Alpha often give
-a %10 speed difference depending on the link order.  It is rather anoying
-when one program reports 'x' DES encrypts a second and another reports
-'x*0.9' the speed.
diff --git a/crypto/openssl/crypto/des/Imakefile b/crypto/openssl/crypto/des/Imakefile
deleted file mode 100644
index 1b9b5629e15d..000000000000
--- a/crypto/openssl/crypto/des/Imakefile
+++ /dev/null
@@ -1,35 +0,0 @@
-# This Imakefile has not been tested for a while but it should still
-# work when placed in the correct directory in the kerberos v 4 distribution
-
-SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
-        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
-        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
-	ecb3_enc.c ofb_enc.c ofb64enc.c
-
-OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
-	qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
-	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
-	ecb3_enc.o ofb_enc.o ofb64enc.o
-
-GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
-	vms.com KERBEROS
-DES=    des.c des.man
-TESTING=destest.c speed.c rpw.c
-LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
-
-PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
-
-SRCDIR=$(SRCTOP)/lib/des
-
-DBG= -O
-INCLUDE= -I$(SRCDIR)
-CC= cc
-
-library_obj_rule()
-
-install_library_target(des,$(OBJS),$(SRCS),)
-
-test(destest,libdes.a,)
-test(rpw,libdes.a,)
diff --git a/crypto/openssl/crypto/des/KERBEROS b/crypto/openssl/crypto/des/KERBEROS
deleted file mode 100644
index f401b10014ff..000000000000
--- a/crypto/openssl/crypto/des/KERBEROS
+++ /dev/null
@@ -1,41 +0,0 @@
- [ This is an old file, I don't know if it is true anymore
-   but I will leave the file here - eay 21/11/95 ]
-
-To use this library with Bones (kerberos without DES):
-1) Get my modified Bones - eBones.  It can be found on
-   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
-   and
-   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
-
-2) Unpack this library in src/lib/des, makeing sure it is version
-   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
-   from the version in comp.sources.misc volume 29 patchlevel2.
-   The primarily difference is that it should compile under kerberos :-).
-   It can be found at.
-   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
-
-Now do a normal kerberos build and things should work.
-
-One problem I found when I was build on my local sun.
----
-For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
-
-*** make_commands.c.orig	Fri Jul  3 04:18:35 1987
---- make_commands.c	Wed May 20 08:47:42 1992
-***************
-*** 98,104 ****
-       if (!rename(o_file, z_file)) {
-  	  if (!vfork()) {
-  	       chdir("/tmp");
-! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
-  		     z_file+5, 0);
-  	       perror("/bin/ld");
-  	       _exit(1);
---- 98,104 ----
-       if (!rename(o_file, z_file)) {
-  	  if (!vfork()) {
-  	       chdir("/tmp");
-! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
-  		     z_file+5, 0);
-  	       perror("/bin/ld");
-  	       _exit(1);
diff --git a/crypto/openssl/crypto/des/MODES.DES b/crypto/openssl/crypto/des/MODES.DES
deleted file mode 100644
index 0cbc44f51d28..000000000000
--- a/crypto/openssl/crypto/des/MODES.DES
+++ /dev/null
@@ -1,84 +0,0 @@
-Modes of DES
-Quite a bit of the following information has been taken from
-	AS 2805.5.2
-	Australian Standard
-	Electronic funds transfer - Requirements for interfaces,
-	Part 5.2: Modes of operation for an n-bit block cipher algorithm
-	Appendix A
-
-There are several different modes in which DES can be used, they are
-as follows.
-
-Electronic Codebook Mode (ECB) (des_ecb_encrypt())
-- 64 bits are enciphered at a time.
-- The order of the blocks can be rearranged without detection.
-- The same plaintext block always produces the same ciphertext block
-  (for the same key) making it vulnerable to a 'dictionary attack'.
-- An error will only affect one ciphertext block.
-
-Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
-- a multiple of 64 bits are enciphered at a time.
-- The CBC mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
-- The chaining operation makes the ciphertext blocks dependent on the
-  current and all preceding plaintext blocks and therefore blocks can not
-  be rearranged.
-- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
-- An error will affect the current and the following ciphertext blocks.
-
-Cipher Feedback Mode (CFB) (des_cfb_encrypt())
-- a number of bits (j) <= 64 are enciphered at a time.
-- The CFB mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
-- The chaining operation makes the ciphertext variables dependent on the
-  current and all preceding variables and therefore j-bit variables are
-  chained together and con not be rearranged.
-- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
-- The strength of the CFB mode depends on the size of k (maximal if
-  j == k).  In my implementation this is always the case.
-- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
-- Only multiples of j bits can be enciphered.
-- An error will affect the current and the following ciphertext variables.
-
-Output Feedback Mode (OFB) (des_ofb_encrypt())
-- a number of bits (j) <= 64 are enciphered at a time.
-- The OFB mode produces the same ciphertext whenever the same
-  plaintext enciphered using the same key and starting variable.  More
-  over, in the OFB mode the same key stream is produced when the same
-  key and start variable are used.  Consequently, for security reasons
-  a specific start variable should be used only once for a given key.
-- The absence of chaining makes the OFB more vulnerable to specific attacks.
-- The use of different start variables values prevents the same
-  plaintext enciphering to the same ciphertext, by producing different
-  key streams.
-- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
-- Only multiples of j bits can be enciphered.
-- OFB mode of operation does not extend ciphertext errors in the
-  resultant plaintext output.  Every bit error in the ciphertext causes
-  only one bit to be in error in the deciphered plaintext.
-- OFB mode is not self-synchronising.  If the two operation of
-  encipherment and decipherment get out of synchronism, the system needs
-  to be re-initialised.
-- Each re-initialisation should use a value of the start variable
-different from the start variable values used before with the same
-key.  The reason for this is that an identical bit stream would be
-produced each time from the same parameters.  This would be
-susceptible to a 'known plaintext' attack.
-
-Triple ECB Mode (des_ecb3_encrypt())
-- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
-- As for ECB encryption but increases the effective key length to 112 bits.
-- If both keys are the same it is equivalent to encrypting once with
-  just one key.
-
-Triple CBC Mode (des_3cbc_encrypt())
-- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
-- As for CBC encryption but increases the effective key length to 112 bits.
-- If both keys are the same it is equivalent to encrypting once with
-  just one key.
diff --git a/crypto/openssl/crypto/des/Makefile.PL b/crypto/openssl/crypto/des/Makefile.PL
deleted file mode 100644
index b54a24387cbc..000000000000
--- a/crypto/openssl/crypto/des/Makefile.PL
+++ /dev/null
@@ -1,14 +0,0 @@
-use ExtUtils::MakeMaker;
-# See lib/ExtUtils/MakeMaker.pm for details of how to influence
-# the contents of the Makefile being created.
-&writeMakefile(
-	'potential_libs' => '',   # e.g., '-lm' 
-	'INC' => '',     # e.g., '-I/usr/include/other' 
-	'DISTNAME' => 'DES',
-	'VERSION' => '0.1',
-	'DEFINE' => '-DPERL5',
-	'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
-	rand_key.o set_key.o str2key.o \
-	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
-	ecb3_enc.o ofb_enc.o cbc3_enc.o des_enc.o',
-	);
diff --git a/crypto/openssl/crypto/des/Makefile.lit b/crypto/openssl/crypto/des/Makefile.lit
deleted file mode 100644
index c09f6969da65..000000000000
--- a/crypto/openssl/crypto/des/Makefile.lit
+++ /dev/null
@@ -1,250 +0,0 @@
-# You must select the correct terminal control system to be used to
-# turn character echo off when reading passwords.  There a 5 systems
-# SGTTY   - the old BSD system
-# TERMIO  - most system V boxes
-# TERMIOS - SGI (ala IRIX).
-# VMS     - the DEC operating system
-# MSDOS   - we all know what it is :-)
-# read_pwd.c makes a reasonable guess at what is correct.
-
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# If you are on a DEC Alpha, edit des.h and change the DES_LONG
-# define to 'unsigned int'.  I have seen this give a %20 speedup.
-
-OPTS0= -DLIBDES_LIT -DRAND -DTERMIO #-DNOCONST
-
-# Version 1.94 has changed the strings_to_key function so that it is
-# now compatible with MITs when the string is longer than 8 characters.
-# If you wish to keep the old version, uncomment the following line.
-# This will affect the -E/-D options on des(1).
-#OPTS1= -DOLD_STR_TO_KEY
-
-# There are 4 possible performance options
-# -DDES_PTR
-# -DDES_RISC1
-# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
-# -DDES_UNROLL
-# after the initial build, run 'des_opts' to see which options are best
-# for your platform.  There are some listed in options.txt
-#OPTS2= -DDES_PTR 
-#OPTS3= -DDES_RISC1 # or DES_RISC2
-#OPTS4= -DDES_UNROLL
-
-OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-
-# Assember version of des_encrypt*().
-DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
-	xcbc_enc.o qud_cksm.o \
-	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
-	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
-	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
-
-GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
-	des.doc options.txt asm
-GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
-	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
-	des.org des_locl.org
-TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	rpw $(TESTING_LIT)
-TESTING_SRC_LIT=destest.c speed.c des_opts.c
-TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
-HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
-HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
-LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
-	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
-	rand_key.c rpc_enc.c  str2key.c  supp.c \
-	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
-
-PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-OBJ=	$(OBJ_LIT)
-GENERAL=$(GENERAL_LIT)
-TESTING=$(TESTING_LIT)
-TESTING_SRC=$(TESTING_SRC_LIT)
-HEADERS=$(HEADERS_LIT)
-LIBDES=	$(LIBDES_LIT)
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
-
-DLIB=	libdes.a
-
-all: $(DLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
-
-asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
-
-# solaris
-asm/dx86-sol.o: asm/dx86unix.cpp
-	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
-	as -o asm/dx86-sol.o asm/dx86-sol.s
-	rm -f asm/dx86-sol.s
-
-asm/yx86-sol.o: asm/yx86unix.cpp
-	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
-	as -o asm/yx86-sol.o asm/yx86-sol.s
-	rm -f asm/yx86-sol.s
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp:
-	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp:
-	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
-
-test:	all
-	./destest
-
-$(DLIB): $(OBJ)
-	/bin/rm -f $(DLIB)
-	ar cr $(DLIB) $(OBJ)
-	-if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
-	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
-	else exit 0; fi; fi
-
-des_opts: des_opts.o $(DLIB)
-	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
-
-destest: destest.o $(DLIB)
-	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
-
-rpw: rpw.o $(DLIB)
-	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
-
-speed: speed.o $(DLIB)
-	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
-
-des: des.o $(DLIB)
-	$(CC) $(CFLAGS) -o des des.o $(DLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBDES)
-
-tar_lit:
-	/bin/mv Makefile Makefile.tmp
-	/bin/cp Makefile.lit Makefile
-	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
-		$(GENERAL_LIT) $(TESTING_SRC_LIT)
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-tar:
-	tar chf libdes.tar $(ALL)
-
-shar:
-	shar $(ALL) >libdes.shar
-
-depend:
-	makedepend $(LIBDES) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install:
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(DLIB) $(INSTALLTOP)/lib; \
-	    if test -s /bin/ranlib; then \
-	        /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
-	    else \
-		if test -s /usr/bin/ranlib; then \
-		/usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
-	    fi; fi; \
-	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
-	    cp des.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
-	    if test -s /bin/ranlib; then \
-	      /bin/ranlib $(LIBDIR)/$(DLIB); \
-	    else \
-	      if test -s /usr/bin/ranlib; then \
-		/usr/bin/ranlib $(LIBDIR)/$(DLIB); \
-	      fi; \
-	    fi; \
-	    chmod 644 $(LIBDIR)/$(DLIB); \
-	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    cp des.h $(INCDIR)/des.h; \
-	    chmod 644 $(INCDIR)/des.h; \
-	fi
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/des/Makefile.save b/crypto/openssl/crypto/des/Makefile.save
deleted file mode 100644
index 28e58f4207ff..000000000000
--- a/crypto/openssl/crypto/des/Makefile.save
+++ /dev/null
@@ -1,212 +0,0 @@
-#
-# SSLeay/crypto/des/Makefile
-#
-
-DIR=	des
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=-I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-RANLIB=		ranlib
-DES_ENC=	des_enc.o fcrypt_b.o
-# or use
-#DES_ENC=	dx86-elf.o yx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=destest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
-	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
-	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
-	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
-	des_enc.c fcrypt_b.c read2pwd.c \
-	xcbc_enc.c \
-	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c
-
-LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
-	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
-	enc_read.o enc_writ.o ofb64enc.o \
-	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
-	${DES_ENC} read2pwd.o \
-	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o \
-	ede_cbcm_enc.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= des.h
-HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-des: des.o cbc3_enc.o lib
-	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
-
-# elf
-asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o
-
-asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o
-
-# solaris
-asm/dx86-sol.o: asm/dx86unix.cpp
-	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
-	as -o asm/dx86-sol.o asm/dx86-sol.s
-	rm -f asm/dx86-sol.s
-
-asm/yx86-sol.o: asm/yx86unix.cpp
-	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
-	as -o asm/yx86-sol.o asm/yx86-sol.s
-	rm -f asm/yx86-sol.s
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(TOP)/util/point.sh ../../perlasm asm/perlasm
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-cbc_cksm.o: ../../include/openssl/opensslconf.h des_locl.h
-cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-cbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h ncbc_enc.c
-cfb64ede.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-cfb64ede.o: ../../include/openssl/opensslconf.h des_locl.h
-cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-cfb64enc.o: ../../include/openssl/opensslconf.h des_locl.h
-cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-cfb_enc.o: ../../include/openssl/opensslconf.h des_locl.h
-des_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-des_enc.o: ../../include/openssl/opensslconf.h des_locl.h des_locl.h ncbc_enc.c
-ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ecb3_enc.o: ../../include/openssl/opensslconf.h des_locl.h
-ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecb_enc.o: des_locl.h spr.h
-ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ede_cbcm_enc.o: ../../include/openssl/opensslconf.h des_locl.h
-enc_read.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-enc_read.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-enc_read.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-enc_read.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-enc_read.o: ../../include/openssl/opensslconf.h
-enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-enc_read.o: ../cryptlib.h des_locl.h
-enc_writ.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-enc_writ.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-enc_writ.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-enc_writ.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-enc_writ.o: ../../include/openssl/opensslconf.h
-enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-enc_writ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-enc_writ.o: ../../include/openssl/symhacks.h ../cryptlib.h des_locl.h
-fcrypt.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-fcrypt.o: ../../include/openssl/opensslconf.h des_locl.h
-fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-fcrypt_b.o: ../../include/openssl/opensslconf.h des_locl.h
-ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ofb64ede.o: ../../include/openssl/opensslconf.h des_locl.h
-ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ofb64enc.o: ../../include/openssl/opensslconf.h des_locl.h
-ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-ofb_enc.o: ../../include/openssl/opensslconf.h des_locl.h
-pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-pcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h
-qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-qud_cksm.o: ../../include/openssl/opensslconf.h des_locl.h
-rand_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-rand_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
-read2pwd.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-read2pwd.o: ../../include/openssl/opensslconf.h des_locl.h
-read_pwd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-read_pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-read_pwd.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-read_pwd.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-read_pwd.o: ../../include/openssl/opensslconf.h
-read_pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-read_pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-read_pwd.o: ../cryptlib.h des_locl.h
-rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-rpc_enc.o: ../../include/openssl/opensslconf.h des_locl.h des_ver.h rpc_des.h
-set_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-set_key.o: ../../include/openssl/opensslconf.h des_locl.h
-str2key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-str2key.o: ../../include/openssl/opensslconf.h des_locl.h
-xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-xcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h
diff --git a/crypto/openssl/crypto/des/Makefile.ssl b/crypto/openssl/crypto/des/Makefile.ssl
deleted file mode 100644
index 548573f4b185..000000000000
--- a/crypto/openssl/crypto/des/Makefile.ssl
+++ /dev/null
@@ -1,314 +0,0 @@
-#
-# SSLeay/crypto/des/Makefile
-#
-
-DIR=	des
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=-I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-RANLIB=		ranlib
-DES_ENC=	des_enc.o fcrypt_b.o
-# or use
-#DES_ENC=	dx86-elf.o yx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=destest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
-	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
-	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
-	qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
-	des_enc.c fcrypt_b.c \
-	xcbc_enc.c \
-	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
-	read2pwd.c
-
-LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
-	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
-	enc_read.o enc_writ.o ofb64enc.o \
-	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
-	${DES_ENC} \
-	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
-	ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= des.h des_old.h
-HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-des: des.o cbc3_enc.o lib
-	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
-
-# elf
-asm/dx86-elf.s:	asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
-
-asm/yx86-elf.s:	asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cbc_cksm.o: ../../include/openssl/opensslconf.h
-cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cbc_cksm.o: cbc_cksm.c des_locl.h
-cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c
-cfb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb64ede.o: ../../include/openssl/opensslconf.h
-cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cfb64ede.o: cfb64ede.c des_locl.h
-cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb64enc.o: ../../include/openssl/opensslconf.h
-cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cfb64enc.o: cfb64enc.c des_locl.h
-cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
-des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c
-des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-des_old.o: ../../include/openssl/ui_compat.h des_old.c
-des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-des_old2.o: ../../include/openssl/opensslconf.h
-des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-des_old2.o: des_old2.c
-ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ecb3_enc.o: ../../include/openssl/opensslconf.h
-ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ecb3_enc.o: des_locl.h ecb3_enc.c
-ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
-ecb_enc.o: spr.h
-ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
-ede_cbcm_enc.o: ../../include/openssl/opensslv.h
-ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
-enc_read.o: ../../e_os.h ../../include/openssl/bio.h
-enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-enc_read.o: ../cryptlib.h des_locl.h enc_read.c
-enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
-enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
-fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c
-fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-fcrypt_b.o: ../../include/openssl/opensslconf.h
-fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-fcrypt_b.o: des_locl.h fcrypt_b.c
-ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ofb64ede.o: ../../include/openssl/opensslconf.h
-ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ofb64ede.o: des_locl.h ofb64ede.c
-ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ofb64enc.o: ../../include/openssl/opensslconf.h
-ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ofb64enc.o: des_locl.h ofb64enc.c
-ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c
-pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-pcbc_enc.o: ../../include/openssl/opensslconf.h
-pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pcbc_enc.o: des_locl.h pcbc_enc.c
-qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-qud_cksm.o: ../../include/openssl/opensslconf.h
-qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-qud_cksm.o: des_locl.h qud_cksm.c
-rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-rand_key.o: ../../include/openssl/opensslconf.h
-rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rand_key.o: rand_key.c
-read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-read2pwd.o: ../../include/openssl/opensslconf.h
-read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-read2pwd.o: read2pwd.c
-rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h
-rpc_enc.o: rpc_enc.c
-set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
-str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c
-xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-xcbc_enc.o: ../../include/openssl/opensslconf.h
-xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/crypto/openssl/crypto/des/Makefile.uni b/crypto/openssl/crypto/des/Makefile.uni
deleted file mode 100644
index ec19d75b81f4..000000000000
--- a/crypto/openssl/crypto/des/Makefile.uni
+++ /dev/null
@@ -1,251 +0,0 @@
-# You must select the correct terminal control system to be used to
-# turn character echo off when reading passwords.  There a 5 systems
-# SGTTY   - the old BSD system
-# TERMIO  - most system V boxes
-# TERMIOS - SGI (ala IRIX).
-# VMS     - the DEC operating system
-# MSDOS   - we all know what it is :-)
-# read_pwd.c makes a reasonable guess at what is correct.
-
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# If you are on a DEC Alpha, edit des.h and change the DES_LONG
-# define to 'unsigned int'.  I have seen this give a %20 speedup.
-
-OPTS0= -DRAND -DTERMIO #-DNOCONST
-
-# Version 1.94 has changed the strings_to_key function so that it is
-# now compatible with MITs when the string is longer than 8 characters.
-# If you wish to keep the old version, uncomment the following line.
-# This will affect the -E/-D options on des(1).
-#OPTS1= -DOLD_STR_TO_KEY
-
-# There are 4 possible performance options
-# -DDES_PTR
-# -DDES_RISC1
-# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
-# -DDES_UNROLL
-# after the initial build, run 'des_opts' to see which options are best
-# for your platform.  There are some listed in options.txt
-#OPTS2= -DDES_PTR 
-#OPTS3= -DDES_RISC1 # or DES_RISC2
-#OPTS4= -DDES_UNROLL
-
-OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-RANLIB=ranlib
-
-# Assember version of des_encrypt*().
-DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
-	xcbc_enc.o qud_cksm.o cbc3_enc.o \
-	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
-	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
-	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
-
-GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
-	des.doc options.txt asm
-GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
-	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
-	des.org des_locl.org
-TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	rpw des $(TESTING_LIT)
-TESTING_SRC_LIT=destest.c speed.c des_opts.c
-TESTING_SRC_FULL=rpw.c des.c $(TESTING_SRC_LIT)
-HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
-HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
-LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c cbc3_enc.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
-	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
-	rand_key.c rpc_enc.c  str2key.c  supp.c \
-	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
-
-PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-OBJ=	$(OBJ_FULL)
-GENERAL=$(GENERAL_FULL)
-TESTING=$(TESTING_FULL)
-TESTING_SRC=$(TESTING_SRC_FULL)
-HEADERS=$(HEADERS_FULL)
-LIBDES=	$(LIBDES_FULL)
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
-
-DLIB=	libdes.a
-
-all: $(DLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
-
-asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
-
-# solaris
-asm/dx86-sol.o: asm/dx86unix.cpp
-	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
-	as -o asm/dx86-sol.o asm/dx86-sol.s
-	rm -f asm/dx86-sol.s
-
-asm/yx86-sol.o: asm/yx86unix.cpp
-	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
-	as -o asm/yx86-sol.o asm/yx86-sol.s
-	rm -f asm/yx86-sol.s
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp:
-	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp:
-	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
-
-test:	all
-	./destest
-
-$(DLIB): $(OBJ)
-	/bin/rm -f $(DLIB)
-	ar cr $(DLIB) $(OBJ)
-	$(RANLIB) $(DLIB)
-
-des_opts: des_opts.o $(DLIB)
-	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
-
-destest: destest.o $(DLIB)
-	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
-
-rpw: rpw.o $(DLIB)
-	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
-
-speed: speed.o $(DLIB)
-	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
-
-des: des.o $(DLIB)
-	$(CC) $(CFLAGS) -o des des.o $(DLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBDES)
-
-tar_lit:
-	/bin/mv Makefile Makefile.tmp
-	/bin/cp Makefile.lit Makefile
-	for i in $(HEADERS_LIT) $(LIBDES_LIT) $(GENERAL_LIT) $(TESTING_SRC_LIT) ;\
-	do \
-		n="$$n des/$$i"; \
-	done; \
-	( cd .. ; tar chf - $$n )| gzip > libdes-l.tgz
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-tar:
-	mv Makefile Makefile.tmp
-	/bin/cp Makefile.uni Makefile
-	for i in $(ALL) ;\
-	do \
-		n="$$n des/$$i"; \
-	done; \
-	( cd .. ; tar chf - $$n )| gzip > libdes.tgz
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-shar:
-	shar $(ALL) >libdes.shar
-
-depend:
-	makedepend $(LIBDES) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install: des
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(DLIB) $(INSTALLTOP)/lib; \
-		$(RANLIB) $(DLIB); \
-	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
-	    cp des.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
-		$(RANLIB) $(DLIB); \
-	    chmod 644 $(LIBDIR)/$(DLIB); \
-	    cp des $(BINDIR)/des; \
-	    chmod 711 $(BINDIR)/des; \
-	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    cp des.h $(INCDIR)/des.h; \
-	    chmod 644 $(INCDIR)/des.h; \
-	fi
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/des/PC1 b/crypto/openssl/crypto/des/PC1
deleted file mode 100644
index efb8348b72d7..000000000000
--- a/crypto/openssl/crypto/des/PC1
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-@PC1=(  57,49,41,33,25,17, 9,
-	 1,58,50,42,34,26,18,
-	10, 2,59,51,43,35,27,
-	19,11, 3,60,52,44,36,
-	"-","-","-","-",
-	63,55,47,39,31,23,15,
-	 7,62,54,46,38,30,22,
-	14, 6,61,53,45,37,29,
-	21,13, 5,28,20,12, 4,
-	"-","-","-","-",
-	);
-
-foreach (@PC1)
-	{
-	if ($_ ne "-")
-		{
-		$_--;
-		$_=int($_/8)*8+7-($_%8);
-		printf "%2d  ",$_;
-		}
-	else
-		{ print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	print "\n" if ((($i) % 32) == 0);
-	}
-
diff --git a/crypto/openssl/crypto/des/PC2 b/crypto/openssl/crypto/des/PC2
deleted file mode 100644
index 2d560270ecd8..000000000000
--- a/crypto/openssl/crypto/des/PC2
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/usr/local/bin/perl
-
-@PC2_C=(14,17,11,24, 1, 5,
-	 3,28,15, 6,21,10,
-	23,19,12, 4,26, 8,
-	16, 7,27,20,13, 2,
-	);
-
-@PC2_D=(41,52,31,37,47,55,
-	30,40,51,45,33,48,
-	44,49,39,56,34,53,
-	46,42,50,36,29,32,
-	);
-
-foreach (@PC2_C) {
-	if ($_ ne "-")
-		{
-		$_--;
-		printf "%2d  ",$_; }
-	else { print "--  "; }
-	$C{$_}=1;
-	print "\n" if (((++$i) % 8) == 0);
-	}
-$i=0;
-print "\n";
-foreach (@PC2_D) {
-	if ($_ ne "-")
-		{
-		$_-=29;
-		printf "%2d  ",$_; }
-	else { print "--  "; }
-	$D{$_}=1;
-	print "\n" if (((++$i) % 8) == 0); }
-
-print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$C{$i};
-	if ($_ ne "-") {printf "%2d ",$_;}
-	else { print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	}
-print "\n";
-
-print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$D{$i};
-	if ($_ ne "-") {printf "%2d  ",$_;}
-	else { print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	}
-print "\n";
-sub numsort
-	{
-	$a-$b;
-	}
diff --git a/crypto/openssl/crypto/des/README b/crypto/openssl/crypto/des/README
deleted file mode 100644
index 621a5ab4676b..000000000000
--- a/crypto/openssl/crypto/des/README
+++ /dev/null
@@ -1,54 +0,0 @@
-
-		libdes, Version 4.01 10-Jan-97
-
-		Copyright (c) 1997, Eric Young
-			  All rights reserved.
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms specified in COPYRIGHT.
-    
---
-The primary ftp site for this library is
-ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
-libdes is now also shipped with SSLeay.  Primary ftp site of
-ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
-
-The best way to build this library is to build it as part of SSLeay.
-
-This kit builds a DES encryption library and a DES encryption program.
-It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
-triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
-implementation of crypt(3).
-It contains support routines to read keys from a terminal,
-generate a random key, generate a key from an arbitrary length string,
-read/write encrypted data from/to a file descriptor.
-
-The implementation was written so as to conform with the manual entry
-for the des_crypt(3) library routines from MIT's project Athena.
-
-destest should be run after compilation to test the des routines.
-rpw should be run after compilation to test the read password routines.
-The des program is a replacement for the sun des command.  I believe it
-conforms to the sun version.
-
-The Imakefile is setup for use in the kerberos distribution.
-
-These routines are best compiled with gcc or any other good
-optimising compiler.
-Just turn you optimiser up to the highest settings and run destest
-after the build to make sure everything works.
-
-I believe these routines are close to the fastest and most portable DES
-routines that use small lookup tables (4.5k) that are publicly available.
-The fcrypt routine is faster than ufc's fcrypt (when compiling with
-gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
-(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
-[ 10-Jan-97 and a function of an incorrect speed testing program in
-  ufc which gave much better test figures that reality ].
-
-It is worth noting that on sparc and Alpha CPUs, performance of the DES
-library can vary by upto %10 due to the positioning of files after application
-linkage.
-
-Eric Young (eay@cryptsoft.com)
-
diff --git a/crypto/openssl/crypto/des/VERSION b/crypto/openssl/crypto/des/VERSION
deleted file mode 100644
index c7d01542bc73..000000000000
--- a/crypto/openssl/crypto/des/VERSION
+++ /dev/null
@@ -1,412 +0,0 @@
-	Fixed the weak key values which were wrong :-(
-	Defining SIGACTION causes sigaction() to be used instead of signal().
-	SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
-	can cause problems.  This should hopefully not affect normal
-	applications.
-
-Version 4.04
-	Fixed a few tests in destest.  Also added x86 assember for
-	des_ncbc_encrypt() which is the standard cbc mode function.
-	This makes a very very large performace difference.
-	Ariel Glenn ariel@columbia.edu reports that the terminal
-	'turn echo off' can return (errno == EINVAL) under solaris
-	when redirection is used.  So I now catch that as well as ENOTTY.
-
-
-Version 4.03
-	Left a static out of enc_write.c, which caused to buffer to be
-	continiously malloc()ed.  Does anyone use these functions?  I keep
-	on feeling like removing them since I only had these in there
-	for a version of kerberised login.  Anyway, this was pointed out
-	by Theo de Raadt <deraadt@cvs.openbsd.org>
-	The 'n' bit ofb code was wrong, it was not shifting the shift
-	register. It worked correctly for n == 64.  Thanks to
-	Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
-
-Version 4.02
-	I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
-	when checking for weak keys which is wrong :-(, pointed out by
-	Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
-
-Version 4.01
-	Even faster inner loop in the DES assembler for x86 and a modification
-	for IP/FP which is faster on x86.  Both of these changes are
-	from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
-	changes make the assembler run %40 faster on a pentium.  This is just
-	a case of getting the instruction sequence 'just right'.
-	All credit to 'Svend' :-)
-	Quite a few special x86 'make' targets.
-	A libdes-l (lite) distribution.
-
-Version 4.00
-	After a bit of a pause, I'll up the major version number since this
-	is mostly a performace release.  I've added x86 assembler and
-	added more options for performance.  A %28 speedup for gcc 
-	on a pentium and the assembler is a %50 speedup.
-	MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
-	Run des_opts to work out which options should be used.
-	DES_RISC1/DES_RISC2 use alternative inner loops which use
-	more registers but should give speedups on any CPU that does
-	dual issue (pentium).  DES_UNROLL unrolls the inner loop,
-	which costs in code size.
-
-Version 3.26
-	I've finally removed one of the shifts in D_ENCRYPT.  This
-	meant I've changed the des_SPtrans table (spr.h), the set_key()
-	function and some things in des_enc.c.  This has definitly
-	made things faster :-).  I've known about this one for some
-	time but I've been too lazy to follow it up :-).
-	Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
-	instead of L^=((..)|(..)|(..)..  This should save a register at
-	least.
-	Assember for x86.  The file to replace is des_enc.c, which is replaced
-	by one of the assembler files found in asm.  Look at des/asm/readme
-	for more info.
-
-	/* Modification to fcrypt so it can be compiled to support
-	HPUX 10.x's long password format, define -DLONGCRYPT to use this.
-	Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
-
-	SIGWINCH case put in des_read_passwd() so the function does not
-	'exit' if this function is recieved.
-
-Version 3.25 17/07/96
-	Modified read_pwd.c so that stdin can be read if not a tty.
-	Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
-	des_init_random_number_generator() shortened due to VMS linker
-	limits.
-	Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
-	8 byte quantites xored before and after encryption.
-	des_xcbc_encryption() - the name is funny to preserve the des_
-	prefix on all functions.
-
-Version 3.24 20/04/96
-	The DES_PTR macro option checked and used by SSLeay configuration
-
-Version 3.23 11/04/96
-	Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
-	it gives a %20 speedup :-)
-	Fixed the problem with des.pl under perl5.  The patches were
-	sent by Ed Kubaitis (ejk@uiuc.edu).
-	if fcrypt.c, changed values to handle illegal salt values the way
-	normal crypt() implementations do.  Some programs apparently use
-	them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
-
-Version 3.22 29/11/95
-	Bug in des(1), an error with the uuencoding stuff when the
-	'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
-	for the patch.
-
-Version 3.21 22/11/95
-	After some emailing back and forth with 
-	Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
-	and in a future version I will probably put in some of the
-	optimisation he suggested for use with the DES_USE_PTR option.
-	Extra routines from Mark Murray <mark@grondar.za> for use in
-	freeBSD.  They mostly involve random number generation for use
-	with kerberos.  They involve evil machine specific system calls
-	etc so I would normally suggest pushing this stuff into the
-	application and/or using RAND_seed()/RAND_bytes() if you are
-	using this DES library as part of SSLeay.
-	Redone the read_pw() function so that it is cleaner and
-	supports termios, thanks to Sameer Parekh <sameer@c2.org>
-	for the initial patches for this.
-	Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
-	 done just to make things more consistent.
-	I have also now added triple DES versions of cfb and ofb.
-
-Version 3.20
-	Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
-	my des_random_seed() function was only copying 4 bytes of the
-	passed seed into the init structure.  It is now fixed to copy 8.
-	My own suggestion is to used something like MD5 :-)
-
-Version 3.19 
-	While looking at my code one day, I though, why do I keep on
-	calling des_encrypt(in,out,ks,enc) when every function that
-	calls it has in and out the same.  So I dropped the 'out'
-	parameter, people should not be using this function.
-
-Version 3.18 30/08/95
-	Fixed a few bit with the distribution and the filenames.
-	3.17 had been munged via a move to DOS and back again.
-	NO CODE CHANGES
-
-Version 3.17 14/07/95
-	Fixed ede3 cbc which I had broken in 3.16.  I have also
-	removed some unneeded variables in 7-8 of the routines.
-
-Version 3.16 26/06/95
-	Added des_encrypt2() which does not use IP/FP, used by triple
-	des routines.  Tweaked things a bit elsewhere. %13 speedup on
-	sparc and %6 on a R4400 for ede3 cbc mode.
-
-Version 3.15 06/06/95
-	Added des_ncbc_encrypt(), it is des_cbc mode except that it is
-	'normal' and copies the new iv value back over the top of the
-	passed parameter.
-	CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
-	the iv.  THIS WILL BREAK EXISTING CODE, but since this function
-	only new, I feel I can change it, not so with des_cbc_encrypt :-(.
-	I need to update the documentation.
-
-Version 3.14 31/05/95
-	New release upon the world, as part of my SSL implementation.
-	New copyright and usage stuff.  Basically free for all to use
-	as long as you say it came from me :-)
-
-Version 3.13 31/05/95
-	A fix in speed.c, if HZ is not defined, I set it to 100.0
-	which is reasonable for most unixes except SunOS 4.x.
-	I now have a #ifdef sun but timing for SunOS 4.x looked very
-	good :-(.  At my last job where I used SunOS 4.x, it was
-	defined to be 60.0 (look at the old INSTALL documentation), at
-	the last release had it changed to 100.0 since I now work with
-	Solaris2 and SVR4 boxes.
-	Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
-	one out.
-
-Version 3.12 08/05/95
-	As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
-	my D_ENCRYPT macro in crypt() had an un-necessary variable.
-	It has been removed.
-
-Version 3.11 03/05/95
-	Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
-	and one iv.  It is a standard and I needed it for my SSL code.
-	It makes more sense to use this for triple DES than
-	3cbc_encrypt().  I have also added (or should I say tested :-)
-	cfb64_encrypt() which is cfb64 but it will encrypt a partial
-	number of bytes - 3 bytes in 3 bytes out.  Again this is for
-	my SSL library, as a form of encryption to use with SSL
-	telnet.
-
-Version 3.10 22/03/95
-	Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
-	to cbc3_encrypt, the 2 iv values that were being returned to
-	be used in the next call were reversed :-(.
-	Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
-	this error.
-
-Version 3.09 01/02/95
-	Fixed des_random_key to far more random, it was rather feeble
-	with regards to picking the initial seed.  The problem was
-	pointed out by Olaf Kirch <okir@monad.swb.de>.
-
-Version 3.08 14/12/94
-	Added Makefile.PL so libdes can be built into perl5.
-	Changed des_locl.h so RAND is always defined.
-
-Version 3.07 05/12/94
-	Added GNUmake and stuff so the library can be build with
-	glibc.
-
-Version 3.06 30/08/94
-	Added rpc_enc.c which contains _des_crypt.  This is for use in
-	secure_rpc v 4.0
-	Finally fixed the cfb_enc problems.
-	Fixed a few parameter parsing bugs in des (-3 and -b), thanks
-	to Rob McMillan <R.McMillan@its.gu.edu.au>
-
-Version 3.05 21/04/94
-	for unsigned long l; gcc does not produce ((l>>34) == 0)
-	This causes bugs in cfb_enc.
-	Thanks to Hadmut Danisch <danisch@ira.uka.de>
-
-Version 3.04 20/04/94
-	Added a version number to des.c and libdes.a
-
-Version 3.03 12/01/94
-	Fixed a bug in non zero iv in 3cbc_enc.
-
-Version 3.02 29/10/93
-	I now work in a place where there are 6+ architectures and 14+
-	OS versions :-).
-	Fixed TERMIO definition so the most sys V boxes will work :-)
-
-Release upon comp.sources.misc
-Version 3.01 08/10/93
-	Added des_3cbc_encrypt()
-
-Version 3.00 07/10/93
-	Fixed up documentation.
-	quad_cksum definitely compatible with MIT's now.
-
-Version 2.30 24/08/93
-	Triple DES now defaults to triple cbc but can do triple ecb
-	 with the -b flag.
-	Fixed some MSDOS uuen/uudecoding problems, thanks to
-	Added prototypes.
-	
-Version 2.22 29/06/93
-	Fixed a bug in des_is_weak_key() which stopped it working :-(
-	thanks to engineering@MorningStar.Com.
-
-Version 2.21 03/06/93
-	des(1) with no arguments gives quite a bit of help.
-	Added -c (generate ckecksum) flag to des(1).
-	Added -3 (triple DES) flag to des(1).
-	Added cfb and ofb routines to the library.
-
-Version 2.20 11/03/93
-	Added -u (uuencode) flag to des(1).
-	I have been playing with byte order in quad_cksum to make it
-	 compatible with MIT's version.  All I can say is avid this
-	 function if possible since MIT's output is endian dependent.
-
-Version 2.12 14/10/92
-	Added MSDOS specific macro in ecb_encrypt which gives a %70
-	 speed up when the code is compiled with turbo C.
-
-Version 2.11 12/10/92
-	Speedup in set_key (recoding of PC-1)
-	 I now do it in 47 simple operations, down from 60.
-	 Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-	 for motivating me to look for a faster system :-)
-	 The speedup is probably less that 1% but it is still 13
-	 instructions less :-).
-
-Version 2.10 06/10/92
-	The code now works on the 64bit ETA10 and CRAY without modifications or
-	 #defines.  I believe the code should work on any machine that
-	 defines long, int or short to be 8 bytes long.
-	Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
-	 for helping me fix the code to run on 64bit machines (he had
-	 access to an ETA10).
-	Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
-	 for testing the routines on a CRAY.
-	read_password.c has been renamed to read_passwd.c
-	string_to_key.c has been renamed to string2key.c
-
-Version 2.00 14/09/92
-	Made mods so that the library should work on 64bit CPU's.
-	Removed all my uchar and ulong defs.  To many different
-	 versions of unix define them in their header files in too many
-	 different combinations :-)
-	IRIX - Sillicon Graphics mods (mostly in read_password.c).
-	 Thanks to Andrew Daviel (advax@erich.triumf.ca)
-
-Version 1.99 26/08/92
-	Fixed a bug or 2 in enc_read.c
-	Fixed a bug in enc_write.c
-	Fixed a pseudo bug in fcrypt.c (very obscure).
-
-Version 1.98 31/07/92
-	Support for the ETA10.  This is a strange machine that defines
-	longs and ints as 8 bytes and shorts as 4 bytes.
-	Since I do evil things with long * that assume that they are 4
-	bytes.  Look in the Makefile for the option to compile for
-	this machine.  quad_cksum appears to have problems but I
-	will don't have the time to fix it right now, and this is not
-	a function that uses DES and so will not effect the main uses
-	of the library.
-
-Version 1.97 20/05/92 eay
-	Fixed the Imakefile and made some changes to des.h to fix some
-	problems when building this package with Kerberos v 4.
-
-Version 1.96 18/05/92 eay
-	Fixed a small bug in string_to_key() where problems could
-	occur if des_check_key was set to true and the string
-	generated a weak key.
-
-Patch2 posted to comp.sources.misc
-Version 1.95 13/05/92 eay
-	Added an alternative version of the D_ENCRYPT macro in
-	ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
-	other will be faster.  This was inspired by 
-	Dana How <how@isl.stanford.edu>, and her pointers about doing the
-	*(ulong *)((uchar *)ptr+(value&0xfc))
-	vs
-	ptr[value&0x3f]
-	to stop the C compiler doing a <<2 to convert the long array index.
-
-Version 1.94 05/05/92 eay
-	Fixed an incompatibility between my string_to_key and the MIT
-	 version.  When the key is longer than 8 chars, I was wrapping
-	 with a different method.  To use the old version, define
-	 OLD_STR_TO_KEY in the makefile.  Thanks to
-	 viktor@newsu.shearson.com (Viktor Dukhovni).
-
-Version 1.93 28/04/92 eay
-	Fixed the VMS mods so that echo is now turned off in
-	 read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
-	MSDOS support added.  The routines can be compiled with
-	 Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
-
-Patch1 posted to comp.sources.misc
-Version 1.92 13/04/92 eay
-	Changed D_ENCRYPT so that the rotation of R occurs outside of
-	 the loop.  This required rotating all the longs in sp.h (now
-	 called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	speed.c has been changed so it will work without SIGALRM.  If
-	 times(3) is not present it will try to use ftime() instead.
-
-Version 1.91 08/04/92 eay
-	Added -E/-D options to des(1) so it can use string_to_key.
-	Added SVR4 mods suggested by witr@rwwa.COM
-	Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
-	anyone knows how to turn of tty echo in VMS please tell me or
-	implement it yourself :-).
-	Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
-	does not like IN/OUT being used.
-
-Libdes posted to comp.sources.misc
-Version 1.9 24/03/92 eay
-	Now contains a fast small crypt replacement.
-	Added des(1) command.
-	Added des_rw_mode so people can use cbc encryption with
-	enc_read and enc_write.
-
-Version 1.8 15/10/91 eay
-	Bug in cbc_cksum.
-	Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
-	one out.
-
-Version 1.7 24/09/91 eay
-	Fixed set_key :-)
-	set_key is 4 times faster and takes less space.
-	There are a few minor changes that could be made.
-
-Version 1.6 19/09/1991 eay
-	Finally go IP and FP finished.
-	Now I need to fix set_key.
-	This version is quite a bit faster that 1.51
-
-Version 1.52 15/06/1991 eay
-	20% speedup in ecb_encrypt by changing the E bit selection
-	to use 2 32bit words.  This also required modification of the
-	sp table.  There is still a way to speedup the IP and IP-1
-	(hints from outer@sq.com) still working on this one :-(.
-
-Version 1.51 07/06/1991 eay
-	Faster des_encrypt by loop unrolling
-	Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
-
-Version 1.50 28/05/1991 eay
-	Optimised the code a bit more for the sparc.  I have improved the
-	speed of the inner des_encrypt by speeding up the initial and
-	final permutations.
-
-Version 1.40 23/10/1990 eay
-	Fixed des_random_key, it did not produce a random key :-(
-
-Version 1.30  2/10/1990 eay
-	Have made des_quad_cksum the same as MIT's, the full package
-	should be compatible with MIT's
-	Have tested on a DECstation 3100
-	Still need to fix des_set_key (make it faster).
-	Does des_cbc_encrypts at 70.5k/sec on a 3100.
-
-Version 1.20 18/09/1990 eay
-	Fixed byte order dependencies.
-	Fixed (I hope) all the word alignment problems.
-	Speedup in des_ecb_encrypt.
-
-Version 1.10 11/09/1990 eay
-	Added des_enc_read and des_enc_write.
-	Still need to fix des_quad_cksum.
-	Still need to document des_enc_read and des_enc_write.
-
-Version 1.00 27/08/1990 eay
-
diff --git a/crypto/openssl/crypto/des/asm/crypt586.pl b/crypto/openssl/crypto/des/asm/crypt586.pl
deleted file mode 100644
index 1d04ed6def10..000000000000
--- a/crypto/openssl/crypto/des/asm/crypt586.pl
+++ /dev/null
@@ -1,208 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-# I've added the stuff needed for crypt() but I've not worried about making
-# things perfect.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"crypt586.pl");
-
-$L="edi";
-$R="esi";
-
-&external_label("DES_SPtrans");
-&fcrypt_body("fcrypt_body");
-&asm_finish();
-
-sub fcrypt_body
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
-
-	&comment("");
-	&comment("Load the 2 words");
-	$trans="ebp";
-
-	&xor(	$L,	$L);
-	&xor(	$R,	$R);
-
-	# PIC-ification:-)
-	&picmeup("edx","DES_SPtrans");
-	#if ($cpp)	{ &picmeup("edx","DES_SPtrans");   }
-	#else		{ &lea("edx",&DWP("DES_SPtrans")); }
-	&push("edx");	# becomes &swtmp(1)
-	#
-	&mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT
-
-	&push(&DWC(25)); # add a variable
-
-	&set_label("start");
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-	 &mov("ebx",	&swtmp(0));
-	&mov("eax",	$L);
-	 &dec("ebx");
-	&mov($L,	$R);
-	 &mov($R,	"eax");
-	&mov(&swtmp(0),	"ebx");
-	 &jnz(&label("start"));
-
-	&comment("");
-	&comment("FP");
-	&mov("edx",&wparam(0));
-
-	&FP_new($R,$L,"eax",3);
-	&mov(&DWP(0,"edx","",0),"eax");
-	&mov(&DWP(4,"edx","",0),$L);
-
-	&add("esp",8);	# remove variables
-
-	&function_end($name);
-	}
-
-sub D_ENCRYPT
-	{
-	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
-
-	&mov(	$u,		&wparam(2));			# 2
-	&mov(	$t,		$R);
-	&shr(	$t,		16);				# 1
-	&mov(	$tmp2,		&wparam(3));			# 2
-	&xor(	$t,		$R);				# 1
-
-	&and(	$u,		$t);				# 2
-	&and(	$t,		$tmp2);				# 2
-
-	&mov(	$tmp1,		$u);
-	&shl(	$tmp1,		16); 				# 1
-	&mov(	$tmp2,		$t);
-	&shl(	$tmp2,		16); 				# 1
-	&xor(	$u,		$tmp1);				# 2
-	&xor(	$t,		$tmp2);				# 2
-	&mov(	$tmp1,		&DWP(&n2a($S*4),$trans,"",0));	# 2
-	&xor(	$u,		$tmp1);
-	&mov(	$tmp2,		&DWP(&n2a(($S+1)*4),$trans,"",0));	# 2
-	&xor(	$u,		$R);
-	&xor(	$t,		$R);
-	&xor(	$t,		$tmp2);
-
-	&and(	$u,		"0xfcfcfcfc"	);		# 2
-	&xor(	$tmp1,		$tmp1);				# 1
-	&and(	$t,		"0xcfcfcfcf"	);		# 2
-	&xor(	$tmp2,		$tmp2);	
-	&movb(	&LB($tmp1),	&LB($u)	);
-	&movb(	&LB($tmp2),	&HB($u)	);
-	&rotr(	$t,		4		);
-	&mov(	$trans,		&swtmp(1));
-	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
-	&movb(	&LB($tmp1),	&LB($t)	);
-	&xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	&shr(	$u,		16);
-	&xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
-	&movb(	&LB($tmp1),	&HB($u)	);
-	&shr(	$t,		16);
-	&xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	&and(	$u,		"0xff"	);
-	&and(	$t,		"0xff"	);
-	&mov(	$tmp1,		&DWP("0x600",$trans,$tmp1,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x700",$trans,$tmp2,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x400",$trans,$u,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x500",$trans,$t,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$trans,		&wparam(1));
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask,$last)=@_;
-
-	&rotl(	$a,		$shift		) if ($shift != 0);
-	&mov(	$tt,		$a		);
-	&xor(	$a,		$b		);
-	&and(	$a,		$mask		);
-	if ($notlast eq $b)
-		{
-		&xor(	$b,		$a		);
-		&xor(	$tt,		$a		);
-		}
-	else
-		{
-		&xor(	$tt,		$a		);
-		&xor(	$b,		$a		);
-		}
-	&comment("");
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-	
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotr($tt,	3-$lr); }
-		else	{ &rotl($tt,	$lr-3); }
-		}
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotr($r,	2-$lr); }
-		else	{ &rotl($r,	$lr-2); }
-		}
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotl($r,	2-$lr); }
-		else	{ &rotr($r,	$lr-2); }
-		}
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotl($l,	3-$lr); }
-		else	{ &rotr($l,	$lr-3); }
-		}
-
-	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-	&rotr($tt	, 4);
-	}
-
diff --git a/crypto/openssl/crypto/des/asm/des-586.pl b/crypto/openssl/crypto/des/asm/des-586.pl
deleted file mode 100644
index b75d3c6b3a44..000000000000
--- a/crypto/openssl/crypto/des/asm/des-586.pl
+++ /dev/null
@@ -1,251 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-require "desboth.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-&asm_init($ARGV[0],"des-586.pl");
-
-$L="edi";
-$R="esi";
-
-&external_label("DES_SPtrans");
-&DES_encrypt("DES_encrypt1",1);
-&DES_encrypt("DES_encrypt2",0);
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
-&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
-
-&asm_finish();
-
-sub DES_encrypt
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin_B($name,"EXTRN   _DES_SPtrans:DWORD");
-
-	&push("esi");
-	&push("edi");
-
-	&comment("");
-	&comment("Load the 2 words");
-	$trans="ebp";
-
-	if ($do_ip)
-		{
-		&mov($R,&wparam(0));
-		 &xor(	"ecx",		"ecx"		);
-
-		&push("ebx");
-		&push("ebp");
-
-		&mov("eax",&DWP(0,$R,"",0));
-		 &mov("ebx",&wparam(2));	# get encrypt flag
-		&mov($L,&DWP(4,$R,"",0));
-		&comment("");
-		&comment("IP");
-		&IP_new("eax",$L,$R,3);
-		}
-	else
-		{
-		&mov("eax",&wparam(0));
-		 &xor(	"ecx",		"ecx"		);
-
-		&push("ebx");
-		&push("ebp");
-
-		&mov($R,&DWP(0,"eax","",0));
-		 &mov("ebx",&wparam(2));	# get encrypt flag
-		&rotl($R,3);
-		&mov($L,&DWP(4,"eax","",0));
-		&rotl($L,3);
-		}
-
-	# PIC-ification:-)
-	&picmeup($trans,"DES_SPtrans");
-	#if ($cpp)	{ &picmeup($trans,"DES_SPtrans");   }
-	#else		{ &lea($trans,&DWP("DES_SPtrans")); }
-
-	&mov(	"ecx",	&wparam(1)	);
-	&cmp("ebx","0");
-	&je(&label("start_decrypt"));
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-	&jmp(&label("end"));
-
-	&set_label("start_decrypt");
-
-	for ($i=15; $i>0; $i-=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-		&comment("");
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-
-	&set_label("end");
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("FP");
-		&mov("edx",&wparam(0));
-		&FP_new($L,$R,"eax",3);
-
-		&mov(&DWP(0,"edx","",0),"eax");
-		&mov(&DWP(4,"edx","",0),$R);
-		}
-	else
-		{
-		&comment("");
-		&comment("Fixup");
-		&rotr($L,3);		# r
-		 &mov("eax",&wparam(0));
-		&rotr($R,3);		# l
-		 &mov(&DWP(0,"eax","",0),$L);
-		 &mov(&DWP(4,"eax","",0),$R);
-		}
-
-	&pop("ebp");
-	&pop("ebx");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-
-	&function_end_B($name);
-	}
-
-sub D_ENCRYPT
-	{
-	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
-
-	 &mov(	$u,		&DWP(&n2a($S*4),$tmp2,"",0));
-	&xor(	$tmp1,		$tmp1);
-	 &mov(	$t,		&DWP(&n2a(($S+1)*4),$tmp2,"",0));
-	&xor(	$u,		$R);
-	&xor(	$tmp2,		$tmp2);
-	 &xor(	$t,		$R);
-	&and(	$u,		"0xfcfcfcfc"	);
-	 &and(	$t,		"0xcfcfcfcf"	);
-	&movb(	&LB($tmp1),	&LB($u)	);
-	 &movb(	&LB($tmp2),	&HB($u)	);
-	&rotr(	$t,		4		);
-	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
-	 &movb(	&LB($tmp1),	&LB($t)	);
-	 &xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
-	 &movb(	&LB($tmp2),	&HB($t)	);
-	&shr(	$u,		16);
-	 &xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
-	 &movb(	&LB($tmp1),	&HB($u)	);
-	&shr(	$t,		16);
-	 &xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	 &and(	$u,		"0xff"	);
-	&and(	$t,		"0xff"	);
-	 &xor(	$L,		&DWP("0x600",$trans,$tmp1,0));
-	 &xor(	$L,		&DWP("0x700",$trans,$tmp2,0));
-	&mov(	$tmp2,		&wparam(1)	);
-	 &xor(	$L,		&DWP("0x400",$trans,$u,0));
-	 &xor(	$L,		&DWP("0x500",$trans,$t,0));
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask,$last)=@_;
-
-	&rotl(	$a,		$shift		) if ($shift != 0);
-	&mov(	$tt,		$a		);
-	&xor(	$a,		$b		);
-	&and(	$a,		$mask		);
-	# This can never succeed, and besides it is difficult to see what the
-	# idea was - Ben 13 Feb 99
-	if (!$last eq $b)
-		{
-		&xor(	$b,		$a		);
-		&xor(	$tt,		$a		);
-		}
-	else
-		{
-		&xor(	$tt,		$a		);
-		&xor(	$b,		$a		);
-		}
-	&comment("");
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-	
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotr($tt,	3-$lr); }
-		else	{ &rotl($tt,	$lr-3); }
-		}
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotr($r,	2-$lr); }
-		else	{ &rotl($r,	$lr-2); }
-		}
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotl($r,	2-$lr); }
-		else	{ &rotr($r,	$lr-2); }
-		}
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotl($l,	3-$lr); }
-		else	{ &rotr($l,	$lr-3); }
-		}
-
-	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-	&rotr($tt	, 4);
-	}
-
diff --git a/crypto/openssl/crypto/des/asm/des686.pl b/crypto/openssl/crypto/des/asm/des686.pl
deleted file mode 100644
index d3ad5d5edd5f..000000000000
--- a/crypto/openssl/crypto/des/asm/des686.pl
+++ /dev/null
@@ -1,230 +0,0 @@
-#!/usr/local/bin/perl
-
-$prog="des686.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-# WILL NOT WORK ANYMORE WITH desboth.pl
-require "desboth.pl";
-
-if (	($ARGV[0] eq "elf"))
-	{ require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "a.out"))
-	{ $aout=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "sol"))
-	{ $sol=1; require "x86unix.pl"; }
-elsif ( ($ARGV[0] eq "cpp"))
-	{ $cpp=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "win32"))
-	{ require "x86ms.pl"; }
-else
-	{
-	print STDERR <<"EOF";
-Pick one target type from
-	elf	- linux, FreeBSD etc
-	a.out	- old linux
-	sol	- x86 solaris
-	cpp	- format so x86unix.cpp can be used
-	win32	- Windows 95/Windows NT
-EOF
-	exit(1);
-	}
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $prog");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of elf, a.out, Win32, or Solaris");
-&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
-&file("dx86xxxx");
-
-$L="edi";
-$R="esi";
-
-&DES_encrypt("DES_encrypt1",1);
-&DES_encrypt("DES_encrypt2",0);
-
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-
-&file_end();
-
-sub DES_encrypt
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
-
-	&comment("");
-	&comment("Load the 2 words");
-	&mov("eax",&wparam(0));
-	&mov($L,&DWP(0,"eax","",0));
-	&mov($R,&DWP(4,"eax","",0));
-
-	$ksp=&wparam(1);
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("IP");
-		&IP_new($L,$R,"eax");
-		}
-
-	&comment("");
-	&comment("fixup rotate");
-	&rotl($R,3);
-	&rotl($L,3);
-	&exch($L,$R);
-
-	&comment("");
-	&comment("load counter, key_schedule and enc flag");
-	&mov("eax",&wparam(2));	# get encrypt flag
-	&mov("ebp",&wparam(1));	# get ks
-	&cmp("eax","0");
-	&je(&label("start_decrypt"));
-
-	# encrypting part
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		}
-	&jmp(&label("end"));
-
-	&set_label("start_decrypt");
-
-	for ($i=15; $i>0; $i-=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		&comment("");
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		}
-
-	&set_label("end");
-
-	&comment("");
-	&comment("Fixup");
-	&rotr($L,3);		# r
-	&rotr($R,3);		# l
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("FP");
-		&FP_new($R,$L,"eax");
-		}
-
-	&mov("eax",&wparam(0));
-	&mov(&DWP(0,"eax","",0),$L);
-	&mov(&DWP(4,"eax","",0),$R);
-
-	&function_end($name);
-	}
-
-
-# The logic is to load R into 2 registers and operate on both at the same time.
-# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
-# while also masking the other copy and doing a lookup.  We then also accumulate the
-# L value in 2 registers then combine them at the end.
-sub D_ENCRYPT
-	{
-	local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
-
-	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));
-	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));
-	&xor(	$u,		$R		);
-	&xor(	$t,		$R		);
-	&rotr(	$t,		4		);
-
-	# the numbers at the end of the line are origional instruction order
-	&mov(	$tmp2,		$u		);			# 1 2
-	&mov(	$tmp1,		$t		);			# 1 1
-	&and(	$tmp2,		"0xfc"		);			# 1 4
-	&and(	$tmp1,		"0xfc"		);			# 1 3
-	&shr(	$t,		8		);			# 1 5
-	&xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));	# 1 7
-	&shr(	$u,		8		);			# 1 6
-	&mov(	$tmp1,		&DWP("      $desSP",$tmp2,"",0));	# 1 8
-
-	&mov(	$tmp2,		$u		);			# 2 2
-	&xor(	$L,		$tmp1		);			# 1 9
-	&and(	$tmp2,		"0xfc"		);			# 2 4
-	&mov(	$tmp1,		$t		);			# 2 1
-	&and(	$tmp1,		"0xfc"		);			# 2 3
-	&shr(	$t,		8		);			# 2 5
-	&xor(	$L,		&DWP("0x300+$desSP",$tmp1,"",0));	# 2 7
-	&shr(	$u,		8		);			# 2 6
-	&mov(	$tmp1,		&DWP("0x200+$desSP",$tmp2,"",0));	# 2 8
-	&mov(	$tmp2,		$u		);			# 3 2
-
-	&xor(	$L,		$tmp1		);			# 2 9
-	&and(	$tmp2,		"0xfc"		);			# 3 4
-
-	&mov(	$tmp1,		$t		);			# 3 1 
-	&shr(	$u,		8		);			# 3 6
-	&and(	$tmp1,		"0xfc"		);			# 3 3
-	&shr(	$t,		8		);			# 3 5
-	&xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));	# 3 7
-	&mov(	$tmp1,		&DWP("0x400+$desSP",$tmp2,"",0));	# 3 8
-
-	&and(	$t,		"0xfc"		);			# 4 1
-	&xor(	$L,		$tmp1		);			# 3 9
-
-	&and(	$u,		"0xfc"		);			# 4 2
-	&xor(	$L,		&DWP("0x700+$desSP",$t,"",0));		# 4 3
-	&xor(	$L,		&DWP("0x600+$desSP",$u,"",0));		# 4 4
-	}
-
-sub PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask)=@_;
-
-	&mov(	$tt,		$a		);
-	&shr(	$tt,		$shift		);
-	&xor(	$tt,		$b		);
-	&and(	$tt,		$mask		);
-	&xor(	$b,		$tt		);
-	&shl(	$tt,		$shift		);
-	&xor(	$a,		$tt		);
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
-	&PERM_OP($l,$r,$tt,16,"0x0000ffff");
-	&PERM_OP($r,$l,$tt, 2,"0x33333333");
-	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
-	&PERM_OP($r,$l,$tt, 1,"0x55555555");
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($l,$r,$tt, 1,"0x55555555");
-        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
-        &PERM_OP($l,$r,$tt, 2,"0x33333333");
-        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
-        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
diff --git a/crypto/openssl/crypto/des/asm/desboth.pl b/crypto/openssl/crypto/des/asm/desboth.pl
deleted file mode 100644
index eec00886e4c6..000000000000
--- a/crypto/openssl/crypto/des/asm/desboth.pl
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/usr/local/bin/perl
-
-$L="edi";
-$R="esi";
-
-sub DES_encrypt3
-	{
-	local($name,$enc)=@_;
-
-	&function_begin_B($name,"");
-	&push("ebx");
-	&mov("ebx",&wparam(0));
-
-	&push("ebp");
-	&push("esi");
-
-	&push("edi");
-
-	&comment("");
-	&comment("Load the data words");
-	&mov($L,&DWP(0,"ebx","",0));
-	&mov($R,&DWP(4,"ebx","",0));
-	&stack_push(3);
-
-	&comment("");
-	&comment("IP");
-	&IP_new($L,$R,"edx",0);
-
-	# put them back
-	
-	if ($enc)
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("eax",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("esi",&wparam(3));
-		}
-	else
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("esi",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("eax",&wparam(3));
-		}
-	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
-	&mov(&swtmp(1),	"eax");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-	&mov(&swtmp(2),	(DWC(($enc)?"0":"1")));
-	&mov(&swtmp(1),	"edi");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
-	&mov(&swtmp(1),	"esi");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-
-	&stack_pop(3);
-	&mov($L,&DWP(0,"ebx","",0));
-	&mov($R,&DWP(4,"ebx","",0));
-
-	&comment("");
-	&comment("FP");
-	&FP_new($L,$R,"eax",0);
-
-	&mov(&DWP(0,"ebx","",0),"eax");
-	&mov(&DWP(4,"ebx","",0),$R);
-
-	&pop("edi");
-	&pop("esi");
-	&pop("ebp");
-	&pop("ebx");
-	&ret();
-	&function_end_B($name);
-	}
-
-
diff --git a/crypto/openssl/crypto/des/asm/readme b/crypto/openssl/crypto/des/asm/readme
deleted file mode 100644
index 1beafe253b17..000000000000
--- a/crypto/openssl/crypto/des/asm/readme
+++ /dev/null
@@ -1,131 +0,0 @@
-First up, let me say I don't like writing in assembler.  It is not portable,
-dependant on the particular CPU architecture release and is generally a pig
-to debug and get right.  Having said that, the x86 architecture is probably
-the most important for speed due to number of boxes and since
-it appears to be the worst architecture to to get
-good C compilers for.  So due to this, I have lowered myself to do
-assembler for the inner DES routines in libdes :-).
-
-The file to implement in assembler is des_enc.c.  Replace the following
-4 functions
-des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-
-They encrypt/decrypt the 64 bits held in 'data' using
-the 'ks' key schedules.   The only difference between the 4 functions is that
-des_encrypt2() does not perform IP() or FP() on the data (this is an
-optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
-perform triple des.  The triple DES routines are in here because it does
-make a big difference to have them located near the des_encrypt2 function
-at link time..
-
-Now as we all know, there are lots of different operating systems running on
-x86 boxes, and unfortunately they normally try to make sure their assembler
-formating is not the same as the other peoples.
-The 4 main formats I know of are
-Microsoft	Windows 95/Windows NT
-Elf		Includes Linux and FreeBSD(?).
-a.out		The older Linux.
-Solaris		Same as Elf but different comments :-(.
-
-Now I was not overly keen to write 4 different copies of the same code,
-so I wrote a few perl routines to output the correct assembler, given
-a target assembler type.  This code is ugly and is just a hack.
-The libraries are x86unix.pl and x86ms.pl.
-des586.pl, des686.pl and des-som[23].pl are the programs to actually
-generate the assembler.
-
-So to generate elf assembler
-perl des-som3.pl elf >dx86-elf.s
-For Windows 95/NT
-perl des-som2.pl win32 >win32.asm
-
-[ update 4 Jan 1996 ]
-I have added another way to do things.
-perl des-som3.pl cpp >dx86-cpp.s
-generates a file that will be included by dx86unix.cpp when it is compiled.
-To build for elf, a.out, solaris, bsdi etc,
-cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
-cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
-cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
-This was done to cut down the number of files in the distribution.
-
-Now the ugly part.  I acquired my copy of Intels
-"Optimization's For Intel's 32-Bit Processors" and found a few interesting
-things.  First, the aim of the exersize is to 'extract' one byte at a time
-from a word and do an array lookup.  This involves getting the byte from
-the 4 locations in the word and moving it to a new word and doing the lookup.
-The most obvious way to do this is
-xor	eax,	eax				# clear word
-movb	al,	cl				# get low byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word
-movb	al,	ch				# get next byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word
-shr	ecx	16
-which seems ok.  For the pentium, this system appears to be the best.
-One has to do instruction interleaving to keep both functional units
-operating, but it is basically very efficient.
-
-Now the crunch.  When a full register is used after a partial write, eg.
-mov	al,	cl
-xor	edi,	DWORD PTR 0x100+des_SP[eax]
-386	- 1 cycle stall
-486	- 1 cycle stall
-586	- 0 cycle stall
-686	- at least 7 cycle stall (page 22 of the above mentioned document).
-
-So the technique that produces the best results on a pentium, according to
-the documentation, will produce hideous results on a pentium pro.
-
-To get around this, des686.pl will generate code that is not as fast on
-a pentium, should be very good on a pentium pro.
-mov	eax,	ecx				# copy word 
-shr	ecx,	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup
-mov	eax,	ecx				# get word
-shr	ecx	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup
-
-Due to the execution units in the pentium, this actually works quite well.
-For a pentium pro it should be very good.  This is the type of output
-Visual C++ generates.
-
-There is a third option.  instead of using
-mov	al,	ch
-which is bad on the pentium pro, one may be able to use
-movzx	eax,	ch
-which may not incur the partial write penalty.  On the pentium,
-this instruction takes 4 cycles so is not worth using but on the
-pentium pro it appears it may be worth while.  I need access to one to
-experiment :-).
-
-eric (20 Oct 1996)
-
-22 Nov 1996 - I have asked people to run the 2 different version on pentium
-pros and it appears that the intel documentation is wrong.  The
-mov al,bh is still faster on a pentium pro, so just use the des586.pl
-install des686.pl
-
-3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
-functions into des_enc.c because it does make a massive performance
-difference on some boxes to have the functions code located close to
-the des_encrypt2() function.
-
-9 Jan 1997 - des-som2.pl is now the correct perl script to use for
-pentiums.  It contains an inner loop from
-Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
-273,000 per second.  He had a previous version at 250,000 and the best
-I was able to get was 203,000.  The content has not changed, this is all
-due to instruction sequencing (and actual instructions choice) which is able
-to keep both functional units of the pentium going.
-We may have lost the ugly register usage restrictions when x86 went 32 bit
-but for the pentium it has been replaced by evil instruction ordering tricks.
-
-13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
-raw DES at 281,000 per second on a pentium 100.
-
diff --git a/crypto/openssl/crypto/des/cbc3_enc.c b/crypto/openssl/crypto/des/cbc3_enc.c
deleted file mode 100644
index b5db4e14f73e..000000000000
--- a/crypto/openssl/crypto/des/cbc3_enc.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/des/cbc3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* HAS BUGS! DON'T USE - this is only present for use in des.c */
-void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
-	     DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock *iv1,
-	     DES_cblock *iv2, int enc)
-	{
-	int off=((int)length-1)/8;
-	long l8=((length+7)/8)*8;
-	DES_cblock niv1,niv2;
-
-	if (enc == DES_ENCRYPT)
-		{
-		DES_cbc_encrypt((unsigned char*)input,
-				(unsigned char*)output,length,&ks1,iv1,enc);
-		if (length >= sizeof(DES_cblock))
-			memcpy(niv1,output[off],sizeof(DES_cblock));
-		DES_cbc_encrypt((unsigned char*)output,
-				(unsigned char*)output,l8,&ks2,iv1,!enc);
-		DES_cbc_encrypt((unsigned char*)output,
-				(unsigned char*)output,l8,&ks1,iv2,enc);
-		if (length >= sizeof(DES_cblock))
-			memcpy(niv2,output[off],sizeof(DES_cblock));
-		}
-	else
-		{
-		if (length >= sizeof(DES_cblock))
-			memcpy(niv2,input[off],sizeof(DES_cblock));
-		DES_cbc_encrypt((unsigned char*)input,
-				(unsigned char*)output,l8,&ks1,iv2,enc);
-		DES_cbc_encrypt((unsigned char*)output,
-				(unsigned char*)output,l8,&ks2,iv1,!enc);
-		if (length >= sizeof(DES_cblock))
-			memcpy(niv1,output[off],sizeof(DES_cblock));
-		DES_cbc_encrypt((unsigned char*)output,
-				(unsigned char*)output,length,&ks1,iv1,enc);
-		}
-	memcpy(*iv1,niv1,sizeof(DES_cblock));
-	memcpy(*iv2,niv2,sizeof(DES_cblock));
-	}
-
diff --git a/crypto/openssl/crypto/des/cbc_cksm.c b/crypto/openssl/crypto/des/cbc_cksm.c
deleted file mode 100644
index 09a7ba56aada..000000000000
--- a/crypto/openssl/crypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/des/cbc_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
-		       long length, DES_key_schedule *schedule,
-		       const_DES_cblock *ivec)
-	{
-	register DES_LONG tout0,tout1,tin0,tin1;
-	register long l=length;
-	DES_LONG tin[2];
-	unsigned char *out = &(*output)[0];
-	const unsigned char *iv = &(*ivec)[0];
-
-	c2l(iv,tout0);
-	c2l(iv,tout1);
-	for (; l>0; l-=8)
-		{
-		if (l >= 8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			}
-		else
-			c2ln(in,tin0,tin1,l);
-			
-		tin0^=tout0; tin[0]=tin0;
-		tin1^=tout1; tin[1]=tin1;
-		DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
-		/* fix 15/10/91 eay - thanks to keithr@sco.COM */
-		tout0=tin[0];
-		tout1=tin[1];
-		}
-	if (out != NULL)
-		{
-		l2c(tout0,out);
-		l2c(tout1,out);
-		}
-	tout0=tin0=tin1=tin[0]=tin[1]=0;
-	/*
-	  Transform the data in tout1 so that it will
-	  match the return value that the MIT Kerberos
-	  mit_des_cbc_cksum API returns.
-	*/
-	tout1 = ((tout1 >> 24L) & 0x000000FF)
-	      | ((tout1 >> 8L)  & 0x0000FF00)
-	      | ((tout1 << 8L)  & 0x00FF0000)
-	      | ((tout1 << 24L) & 0xFF000000);
-	return(tout1);
-	}
diff --git a/crypto/openssl/crypto/des/cbc_enc.c b/crypto/openssl/crypto/des/cbc_enc.c
deleted file mode 100644
index 677903ae4e32..000000000000
--- a/crypto/openssl/crypto/des/cbc_enc.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* crypto/des/cbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define CBC_ENC_C__DONT_UPDATE_IV
-
-#include "ncbc_enc.c" /* des_cbc_encrypt */
diff --git a/crypto/openssl/crypto/des/cfb64ede.c b/crypto/openssl/crypto/des/cfb64ede.c
deleted file mode 100644
index 60c1aa08db46..000000000000
--- a/crypto/openssl/crypto/des/cfb64ede.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* crypto/des/cfb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			    long length, DES_key_schedule *ks1,
-			    DES_key_schedule *ks2, DES_key_schedule *ks3,
-			    DES_cblock *ivec, int *num, int enc)
-	{
-	register DES_LONG v0,v1;
-	register long l=length;
-	register int n= *num;
-	DES_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=&(*ivec)[0];
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0);
-				c2l(iv,v1);
-
-				ti[0]=v0;
-				ti[1]=v1;
-				DES_encrypt3(ti,ks1,ks2,ks3);
-				v0=ti[0];
-				v1=ti[1];
-
-				iv = &(*ivec)[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				iv = &(*ivec)[0];
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0);
-				c2l(iv,v1);
-
-				ti[0]=v0;
-				ti[1]=v1;
-				DES_encrypt3(ti,ks1,ks2,ks3);
-				v0=ti[0];
-				v1=ti[1];
-
-				iv = &(*ivec)[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				iv = &(*ivec)[0];
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=c=cc=0;
-	*num=n;
-	}
-
-#ifdef undef /* MACRO */
-void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock (*ivec),
-	     int *num, int enc)
-	{
-	DES_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
-	}
-#endif
diff --git a/crypto/openssl/crypto/des/cfb64enc.c b/crypto/openssl/crypto/des/cfb64enc.c
deleted file mode 100644
index 5ec8683e402b..000000000000
--- a/crypto/openssl/crypto/des/cfb64enc.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/des/cfb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, DES_key_schedule *schedule,
-		       DES_cblock *ivec, int *num, int enc)
-	{
-	register DES_LONG v0,v1;
-	register long l=length;
-	register int n= *num;
-	DES_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv = &(*ivec)[0];
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				DES_encrypt1(ti,schedule,DES_ENCRYPT);
-				iv = &(*ivec)[0];
-				v0=ti[0]; l2c(v0,iv);
-				v0=ti[1]; l2c(v0,iv);
-				iv = &(*ivec)[0];
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				DES_encrypt1(ti,schedule,DES_ENCRYPT);
-				iv = &(*ivec)[0];
-				v0=ti[0]; l2c(v0,iv);
-				v0=ti[1]; l2c(v0,iv);
-				iv = &(*ivec)[0];
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/des/cfb_enc.c b/crypto/openssl/crypto/des/cfb_enc.c
deleted file mode 100644
index 17bf77ca9e38..000000000000
--- a/crypto/openssl/crypto/des/cfb_enc.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* crypto/des/cfb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second.  The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-		     long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc)
-	{
-	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
-	register DES_LONG mask0,mask1;
-	register unsigned long l=length;
-	register int num=numbits;
-	DES_LONG ti[2];
-	unsigned char *iv;
-
-	if (num > 64) return;
-	if (num > 32)
-		{
-		mask0=0xffffffffL;
-		if (num == 64)
-			mask1=mask0;
-		else	mask1=(1L<<(num-32))-1;
-		}
-	else
-		{
-		if (num == 32)
-			mask0=0xffffffffL;
-		else	mask0=(1L<<num)-1;
-		mask1=0x00000000L;
-		}
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	if (enc)
-		{
-		while (l >= n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			d0=(d0^ti[0])&mask0;
-			d1=(d1^ti[1])&mask1;
-			l2cn(d0,d1,out,n);
-			out+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (num == 32)
-				{ v0=v1; v1=d0; }
-			else if (num == 64)
-				{ v0=d0; v1=d1; }
-			else if (num > 32) /* && num != 64 */
-				{
-				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
-				}
-			else /* num < 32 */
-				{
-				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
-				}
-			}
-		}
-	else
-		{
-		while (l >= n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (num == 32)
-				{ v0=v1; v1=d0; }
-			else if (num == 64)
-				{ v0=d0; v1=d1; }
-			else if (num > 32) /* && num != 64 */
-				{
-				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
-				}
-			else /* num < 32 */
-				{
-				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
-				}
-			d0=(d0^ti[0])&mask0;
-			d1=(d1^ti[1])&mask1;
-			l2cn(d0,d1,out,n);
-			out+=n;
-			}
-		}
-	iv = &(*ivec)[0];
-	l2c(v0,iv);
-	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/des/des.c b/crypto/openssl/crypto/des/des.c
deleted file mode 100644
index 343135ff9ec5..000000000000
--- a/crypto/openssl/crypto/des/des.c
+++ /dev/null
@@ -1,932 +0,0 @@
-/* crypto/des/des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_SYS_MSDOS
-#ifndef OPENSSL_SYS_VMS
-#include OPENSSL_UNISTD
-#else /* OPENSSL_SYS_VMS */
-#ifdef __DECC
-#include <unistd.h>
-#else /* not __DECC */
-#include <math.h>
-#endif /* __DECC */
-#endif /* OPENSSL_SYS_VMS */
-#else /* OPENSSL_SYS_MSDOS */
-#include <io.h>
-#endif
-
-#include <time.h>
-#include "des_ver.h"
-
-#ifdef OPENSSL_SYS_VMS
-#include <types.h>
-#include <stat.h>
-#else
-#ifndef _IRIX
-#include <sys/types.h>
-#endif
-#include <sys/stat.h>
-#endif
-#include <openssl/des.h>
-#include <openssl/rand.h>
-#include <openssl/ui_compat.h>
-
-void usage(void);
-void doencryption(void);
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
-void uufwriteEnd(FILE *fp);
-int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
-int uuencode(unsigned char *in,int num,unsigned char *out);
-int uudecode(unsigned char *in,int num,unsigned char *out);
-void DES_3cbc_encrypt(DES_cblock *input,DES_cblock *output,long length,
-	DES_key_schedule sk1,DES_key_schedule sk2,
-	DES_cblock *ivec1,DES_cblock *ivec2,int enc);
-#ifdef OPENSSL_SYS_VMS
-#define EXIT(a) exit(a&0x10000000L)
-#else
-#define EXIT(a) exit(a)
-#endif
-
-#define BUFSIZE (8*1024)
-#define VERIFY  1
-#define KEYSIZ	8
-#define KEYSIZB 1024 /* should hit tty line limit first :-) */
-char key[KEYSIZB+1];
-int do_encrypt,longk=0;
-FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
-char uuname[200];
-unsigned char uubuf[50];
-int uubufnum=0;
-#define INUUBUFN	(45*100)
-#define OUTUUBUF	(65*100)
-unsigned char b[OUTUUBUF];
-unsigned char bb[300];
-DES_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
-char cksumname[200]="";
-
-int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
-
-int main(int argc, char **argv)
-	{
-	int i;
-	struct stat ins,outs;
-	char *p;
-	char *in=NULL,*out=NULL;
-
-	vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
-	error=0;
-	memset(key,0,sizeof(key));
-
-	for (i=1; i<argc; i++)
-		{
-		p=argv[i];
-		if ((p[0] == '-') && (p[1] != '\0'))
-			{
-			p++;
-			while (*p)
-				{
-				switch (*(p++))
-					{
-				case '3':
-					flag3=1;
-					longk=1;
-					break;
-				case 'c':
-					cflag=1;
-					strncpy(cksumname,p,200);
-					cksumname[sizeof(cksumname)-1]='\0';
-					p+=strlen(cksumname);
-					break;
-				case 'C':
-					cflag=1;
-					longk=1;
-					strncpy(cksumname,p,200);
-					cksumname[sizeof(cksumname)-1]='\0';
-					p+=strlen(cksumname);
-					break;
-				case 'e':
-					eflag=1;
-					break;
-				case 'v':
-					vflag=1;
-					break;
-				case 'E':
-					eflag=1;
-					longk=1;
-					break;
-				case 'd':
-					dflag=1;
-					break;
-				case 'D':
-					dflag=1;
-					longk=1;
-					break;
-				case 'b':
-					bflag=1;
-					break;
-				case 'f':
-					fflag=1;
-					break;
-				case 's':
-					sflag=1;
-					break;
-				case 'u':
-					uflag=1;
-					strncpy(uuname,p,200);
-					uuname[sizeof(uuname)-1]='\0';
-					p+=strlen(uuname);
-					break;
-				case 'h':
-					hflag=1;
-					break;
-				case 'k':
-					kflag=1;
-					if ((i+1) == argc)
-						{
-						fputs("must have a key with the -k option\n",stderr);
-						error=1;
-						}
-					else
-						{
-						int j;
-
-						i++;
-						strncpy(key,argv[i],KEYSIZB);
-						for (j=strlen(argv[i])-1; j>=0; j--)
-							argv[i][j]='\0';
-						}
-					break;
-				default:
-					fprintf(stderr,"'%c' unknown flag\n",p[-1]);
-					error=1;
-					break;
-					}
-				}
-			}
-		else
-			{
-			if (in == NULL)
-				in=argv[i];
-			else if (out == NULL)
-				out=argv[i];
-			else
-				error=1;
-			}
-		}
-	if (error) usage();
-	/* We either
-	 * do checksum or
-	 * do encrypt or
-	 * do decrypt or
-	 * do decrypt then ckecksum or
-	 * do checksum then encrypt
-	 */
-	if (((eflag+dflag) == 1) || cflag)
-		{
-		if (eflag) do_encrypt=DES_ENCRYPT;
-		if (dflag) do_encrypt=DES_DECRYPT;
-		}
-	else
-		{
-		if (vflag) 
-			{
-#ifndef _Windows			
-			fprintf(stderr,"des(1) built with %s\n",libdes_version);
-#endif			
-			EXIT(1);
-			}
-		else usage();
-		}
-
-#ifndef _Windows			
-	if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
-#endif			
-	if (	(in != NULL) &&
-		(out != NULL) &&
-#ifndef OPENSSL_SYS_MSDOS
-		(stat(in,&ins) != -1) &&
-		(stat(out,&outs) != -1) &&
-		(ins.st_dev == outs.st_dev) &&
-		(ins.st_ino == outs.st_ino))
-#else /* OPENSSL_SYS_MSDOS */
-		(strcmp(in,out) == 0))
-#endif
-			{
-			fputs("input and output file are the same\n",stderr);
-			EXIT(3);
-			}
-
-	if (!kflag)
-		if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
-			{
-			fputs("password error\n",stderr);
-			EXIT(2);
-			}
-
-	if (in == NULL)
-		DES_IN=stdin;
-	else if ((DES_IN=fopen(in,"r")) == NULL)
-		{
-		perror("opening input file");
-		EXIT(4);
-		}
-
-	CKSUM_OUT=stdout;
-	if (out == NULL)
-		{
-		DES_OUT=stdout;
-		CKSUM_OUT=stderr;
-		}
-	else if ((DES_OUT=fopen(out,"w")) == NULL)
-		{
-		perror("opening output file");
-		EXIT(5);
-		}
-
-#ifdef OPENSSL_SYS_MSDOS
-	/* This should set the file to binary mode. */
-	{
-#include <fcntl.h>
-	if (!(uflag && dflag))
-		setmode(fileno(DES_IN),O_BINARY);
-	if (!(uflag && eflag))
-		setmode(fileno(DES_OUT),O_BINARY);
-	}
-#endif
-
-	doencryption();
-	fclose(DES_IN);
-	fclose(DES_OUT);
-	EXIT(0);
-	}
-
-void usage(void)
-	{
-	char **u;
-	static const char *Usage[]={
-"des <options> [input-file [output-file]]",
-"options:",
-"-v         : des(1) version number",
-"-e         : encrypt using SunOS compatible user key to DES key conversion.",
-"-E         : encrypt ",
-"-d         : decrypt using SunOS compatible user key to DES key conversion.",
-"-D         : decrypt ",
-"-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
-"             DES key conversion and output to ckname (stdout default,",
-"             stderr if data being output on stdout).  The checksum is",
-"             generated before encryption and after decryption if used",
-"             in conjunction with -[eEdD].",
-"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
-"-k key     : use key 'key'",
-"-h         : the key that is entered will be a hexadecimal number",
-"             that is used directly as the des key",
-"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
-"             (uuname is the filename to put in the uuencode header).",
-"-b         : encrypt using DES in ecb encryption mode, the default is cbc mode.",
-"-3         : encrypt using triple DES encryption.  This uses 2 keys",
-"             generated from the input key.  If the input key is less",
-"             than 8 characters long, this is equivalent to normal",
-"             encryption.  Default is triple cbc, -b makes it triple ecb.",
-NULL
-};
-	for (u=(char **)Usage; *u; u++)
-		{
-		fputs(*u,stderr);
-		fputc('\n',stderr);
-		}
-
-	EXIT(1);
-	}
-
-void doencryption(void)
-	{
-#ifdef _LIBC
-	extern unsigned long time();
-#endif
-
-	register int i;
-	DES_key_schedule ks,ks2;
-	DES_cblock iv,iv2;
-	char *p;
-	int num=0,j,k,l,rem,ll,len,last,ex=0;
-	DES_cblock kk,k2;
-	FILE *O;
-	int Exit=0;
-#ifndef OPENSSL_SYS_MSDOS
-	static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
-#else
-	static unsigned char *buf=NULL,*obuf=NULL;
-
-	if (buf == NULL)
-		{
-		if (    (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) ||
-			((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL))
-			{
-			fputs("Not enough memory\n",stderr);
-			Exit=10;
-			goto problems;
-			}
-		}
-#endif
-
-	if (hflag)
-		{
-		j=(flag3?16:8);
-		p=key;
-		for (i=0; i<j; i++)
-			{
-			k=0;
-			if ((*p <= '9') && (*p >= '0'))
-				k=(*p-'0')<<4;
-			else if ((*p <= 'f') && (*p >= 'a'))
-				k=(*p-'a'+10)<<4;
-			else if ((*p <= 'F') && (*p >= 'A'))
-				k=(*p-'A'+10)<<4;
-			else
-				{
-				fputs("Bad hex key\n",stderr);
-				Exit=9;
-				goto problems;
-				}
-			p++;
-			if ((*p <= '9') && (*p >= '0'))
-				k|=(*p-'0');
-			else if ((*p <= 'f') && (*p >= 'a'))
-				k|=(*p-'a'+10);
-			else if ((*p <= 'F') && (*p >= 'A'))
-				k|=(*p-'A'+10);
-			else
-				{
-				fputs("Bad hex key\n",stderr);
-				Exit=9;
-				goto problems;
-				}
-			p++;
-			if (i < 8)
-				kk[i]=k;
-			else
-				k2[i-8]=k;
-			}
-		DES_set_key_unchecked(&k2,&ks2);
-		OPENSSL_cleanse(k2,sizeof(k2));
-		}
-	else if (longk || flag3)
-		{
-		if (flag3)
-			{
-			DES_string_to_2keys(key,&kk,&k2);
-			DES_set_key_unchecked(&k2,&ks2);
-			OPENSSL_cleanse(k2,sizeof(k2));
-			}
-		else
-			DES_string_to_key(key,&kk);
-		}
-	else
-		for (i=0; i<KEYSIZ; i++)
-			{
-			l=0;
-			k=key[i];
-			for (j=0; j<8; j++)
-				{
-				if (k&1) l++;
-				k>>=1;
-				}
-			if (l & 1)
-				kk[i]=key[i]&0x7f;
-			else
-				kk[i]=key[i]|0x80;
-			}
-
-	DES_set_key_unchecked(&kk,&ks);
-	OPENSSL_cleanse(key,sizeof(key));
-	OPENSSL_cleanse(kk,sizeof(kk));
-	/* woops - A bug that does not showup under unix :-( */
-	memset(iv,0,sizeof(iv));
-	memset(iv2,0,sizeof(iv2));
-
-	l=1;
-	rem=0;
-	/* first read */
-	if (eflag || (!dflag && cflag))
-		{
-		for (;;)
-			{
-			num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
-			l+=rem;
-			num+=rem;
-			if (l < 0)
-				{
-				perror("read error");
-				Exit=6;
-				goto problems;
-				}
-
-			rem=l%8;
-			len=l-rem;
-			if (feof(DES_IN))
-				{
-				for (i=7-rem; i>0; i--)
-					RAND_pseudo_bytes(buf + l++, 1);
-				buf[l++]=rem;
-				ex=1;
-				len+=rem;
-				}
-			else
-				l-=rem;
-
-			if (cflag)
-				{
-				DES_cbc_cksum(buf,&cksum,
-					(long)len,&ks,&cksum);
-				if (!eflag)
-					{
-					if (feof(DES_IN)) break;
-					else continue;
-					}
-				}
-
-			if (bflag && !flag3)
-				for (i=0; i<l; i+=8)
-					DES_ecb_encrypt(
-						(DES_cblock *)&(buf[i]),
-						(DES_cblock *)&(obuf[i]),
-						&ks,do_encrypt);
-			else if (flag3 && bflag)
-				for (i=0; i<l; i+=8)
-					DES_ecb2_encrypt(
-						(DES_cblock *)&(buf[i]),
-						(DES_cblock *)&(obuf[i]),
-						&ks,&ks2,do_encrypt);
-			else if (flag3 && !bflag)
-				{
-				char tmpbuf[8];
-
-				if (rem) memcpy(tmpbuf,&(buf[l]),
-					(unsigned int)rem);
-				DES_3cbc_encrypt(
-					(DES_cblock *)buf,(DES_cblock *)obuf,
-					(long)l,ks,ks2,&iv,
-					&iv2,do_encrypt);
-				if (rem) memcpy(&(buf[l]),tmpbuf,
-					(unsigned int)rem);
-				}
-			else
-				{
-				DES_cbc_encrypt(
-					buf,obuf,
-					(long)l,&ks,&iv,do_encrypt);
-				if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
-				}
-			if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
-
-			i=0;
-			while (i < l)
-				{
-				if (uflag)
-					j=uufwrite(obuf,1,(unsigned int)l-i,
-						DES_OUT);
-				else
-					j=fwrite(obuf,1,(unsigned int)l-i,
-						DES_OUT);
-				if (j == -1)
-					{
-					perror("Write error");
-					Exit=7;
-					goto problems;
-					}
-				i+=j;
-				}
-			if (feof(DES_IN))
-				{
-				if (uflag) uufwriteEnd(DES_OUT);
-				break;
-				}
-			}
-		}
-	else /* decrypt */
-		{
-		ex=1;
-		for (;;)
-			{
-			if (ex) {
-				if (uflag)
-					l=uufread(buf,1,BUFSIZE,DES_IN);
-				else
-					l=fread(buf,1,BUFSIZE,DES_IN);
-				ex=0;
-				rem=l%8;
-				l-=rem;
-				}
-			if (l < 0)
-				{
-				perror("read error");
-				Exit=6;
-				goto problems;
-				}
-
-			if (bflag && !flag3)
-				for (i=0; i<l; i+=8)
-					DES_ecb_encrypt(
-						(DES_cblock *)&(buf[i]),
-						(DES_cblock *)&(obuf[i]),
-						&ks,do_encrypt);
-			else if (flag3 && bflag)
-				for (i=0; i<l; i+=8)
-					DES_ecb2_encrypt(
-						(DES_cblock *)&(buf[i]),
-						(DES_cblock *)&(obuf[i]),
-						&ks,&ks2,do_encrypt);
-			else if (flag3 && !bflag)
-				{
-				DES_3cbc_encrypt(
-					(DES_cblock *)buf,(DES_cblock *)obuf,
-					(long)l,ks,ks2,&iv,
-					&iv2,do_encrypt);
-				}
-			else
-				{
-				DES_cbc_encrypt(
-					buf,obuf,
-				 	(long)l,&ks,&iv,do_encrypt);
-				if (l >= 8) memcpy(iv,&(buf[l-8]),8);
-				}
-
-			if (uflag)
-				ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
-			else
-				ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
-			ll+=rem;
-			rem=ll%8;
-			ll-=rem;
-			if (feof(DES_IN) && (ll == 0))
-				{
-				last=obuf[l-1];
-
-				if ((last > 7) || (last < 0))
-					{
-					fputs("The file was not decrypted correctly.\n",
-						stderr);
-					Exit=8;
-					last=0;
-					}
-				l=l-8+last;
-				}
-			i=0;
-			if (cflag) DES_cbc_cksum(obuf,
-				(DES_cblock *)cksum,(long)l/8*8,&ks,
-				(DES_cblock *)cksum);
-			while (i != l)
-				{
-				j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
-				if (j == -1)
-					{
-					perror("Write error");
-					Exit=7;
-					goto problems;
-					}
-				i+=j;
-				}
-			l=ll;
-			if ((l == 0) && feof(DES_IN)) break;
-			}
-		}
-	if (cflag)
-		{
-		l=0;
-		if (cksumname[0] != '\0')
-			{
-			if ((O=fopen(cksumname,"w")) != NULL)
-				{
-				CKSUM_OUT=O;
-				l=1;
-				}
-			}
-		for (i=0; i<8; i++)
-			fprintf(CKSUM_OUT,"%02X",cksum[i]);
-		fprintf(CKSUM_OUT,"\n");
-		if (l) fclose(CKSUM_OUT);
-		}
-problems:
-	OPENSSL_cleanse(buf,sizeof(buf));
-	OPENSSL_cleanse(obuf,sizeof(obuf));
-	OPENSSL_cleanse(&ks,sizeof(ks));
-	OPENSSL_cleanse(&ks2,sizeof(ks2));
-	OPENSSL_cleanse(iv,sizeof(iv));
-	OPENSSL_cleanse(iv2,sizeof(iv2));
-	OPENSSL_cleanse(kk,sizeof(kk));
-	OPENSSL_cleanse(k2,sizeof(k2));
-	OPENSSL_cleanse(uubuf,sizeof(uubuf));
-	OPENSSL_cleanse(b,sizeof(b));
-	OPENSSL_cleanse(bb,sizeof(bb));
-	OPENSSL_cleanse(cksum,sizeof(cksum));
-	if (Exit) EXIT(Exit);
-	}
-
-/*    We ignore this parameter but it should be > ~50 I believe    */
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
-	{
-	int i,j,left,rem,ret=num;
-	static int start=1;
-
-	if (start)
-		{
-		fprintf(fp,"begin 600 %s\n",
-			(uuname[0] == '\0')?"text.d":uuname);
-		start=0;
-		}
-
-	if (uubufnum)
-		{
-		if (uubufnum+num < 45)
-			{
-			memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
-			uubufnum+=num;
-			return(num);
-			}
-		else
-			{
-			i=45-uubufnum;
-			memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
-			j=uuencode((unsigned char *)uubuf,45,b);
-			fwrite(b,1,(unsigned int)j,fp);
-			uubufnum=0;
-			data+=i;
-			num-=i;
-			}
-		}
-
-	for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
-		{
-		j=uuencode(&(data[i]),INUUBUFN,b);
-		fwrite(b,1,(unsigned int)j,fp);
-		}
-	rem=(num-i)%45;
-	left=(num-i-rem);
-	if (left)
-		{
-		j=uuencode(&(data[i]),left,b);
-		fwrite(b,1,(unsigned int)j,fp);
-		i+=left;
-		}
-	if (i != num)
-		{
-		memcpy(uubuf,&(data[i]),(unsigned int)rem);
-		uubufnum=rem;
-		}
-	return(ret);
-	}
-
-void uufwriteEnd(FILE *fp)
-	{
-	int j;
-	static const char *end=" \nend\n";
-
-	if (uubufnum != 0)
-		{
-		uubuf[uubufnum]='\0';
-		uubuf[uubufnum+1]='\0';
-		uubuf[uubufnum+2]='\0';
-		j=uuencode(uubuf,uubufnum,b);
-		fwrite(b,1,(unsigned int)j,fp);
-		}
-	fwrite(end,1,strlen(end),fp);
-	}
-
-/* int size:  should always be > ~ 60; I actually ignore this parameter :-)    */
-int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
-	{
-	int i,j,tot;
-	static int done=0;
-	static int valid=0;
-	static int start=1;
-
-	if (start)
-		{
-		for (;;)
-			{
-			b[0]='\0';
-			fgets((char *)b,300,fp);
-			if (b[0] == '\0')
-				{
-				fprintf(stderr,"no 'begin' found in uuencoded input\n");
-				return(-1);
-				}
-			if (strncmp((char *)b,"begin ",6) == 0) break;
-			}
-		start=0;
-		}
-	if (done) return(0);
-	tot=0;
-	if (valid)
-		{
-		memcpy(out,bb,(unsigned int)valid);
-		tot=valid;
-		valid=0;
-		}
-	for (;;)
-		{
-		b[0]='\0';
-		fgets((char *)b,300,fp);
-		if (b[0] == '\0') break;
-		i=strlen((char *)b);
-		if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
-			{
-			done=1;
-			while (!feof(fp))
-				{
-				fgets((char *)b,300,fp);
-				}
-			break;
-			}
-		i=uudecode(b,i,bb);
-		if (i < 0) break;
-		if ((i+tot+8) > num)
-			{
-			/* num to copy to make it a multiple of 8 */
-			j=(num/8*8)-tot-8;
-			memcpy(&(out[tot]),bb,(unsigned int)j);
-			tot+=j;
-			memcpy(bb,&(bb[j]),(unsigned int)i-j);
-			valid=i-j;
-			break;
-			}
-		memcpy(&(out[tot]),bb,(unsigned int)i);
-		tot+=i;
-		}
-	return(tot);
-	}
-
-#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
-			 l|=((DES_LONG)(*((c)++)))<< 8, \
-		 	 l|=((DES_LONG)(*((c)++))))
-
-#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                    *((c)++)=(unsigned char)(((l)    )&0xff))
-
-
-int uuencode(unsigned char *in, int num, unsigned char *out)
-	{
-	int j,i,n,tot=0;
-	DES_LONG l;
-	register unsigned char *p;
-	p=out;
-
-	for (j=0; j<num; j+=45)
-		{
-		if (j+45 > num)
-			i=(num-j);
-		else	i=45;
-		*(p++)=i+' ';
-		for (n=0; n<i; n+=3)
-			{
-			ccc2l(in,l);
-			*(p++)=((l>>18)&0x3f)+' ';
-			*(p++)=((l>>12)&0x3f)+' ';
-			*(p++)=((l>> 6)&0x3f)+' ';
-			*(p++)=((l    )&0x3f)+' ';
-			tot+=4;
-			}
-		*(p++)='\n';
-		tot+=2;
-		}
-	*p='\0';
-	l=0;
-	return(tot);
-	}
-
-int uudecode(unsigned char *in, int num, unsigned char *out)
-	{
-	int j,i,k;
-	unsigned int n=0,space=0;
-	DES_LONG l;
-	DES_LONG w,x,y,z;
-	unsigned int blank=(unsigned int)'\n'-' ';
-
-	for (j=0; j<num; )
-		{
-		n= *(in++)-' ';
-		if (n == blank)
-			{
-			n=0;
-			in--;
-			}
-		if (n > 60)
-			{
-			fprintf(stderr,"uuencoded line length too long\n");
-			return(-1);
-			}
-		j++;
-
-		for (i=0; i<n; j+=4,i+=3)
-			{
-			/* the following is for cases where spaces are
-			 * removed from lines.
-			 */
-			if (space)
-				{
-				w=x=y=z=0;
-				}
-			else
-				{
-				w= *(in++)-' ';
-				x= *(in++)-' ';
-				y= *(in++)-' ';
-				z= *(in++)-' ';
-				}
-			if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
-				{
-				k=0;
-				if (w == blank) k=1;
-				if (x == blank) k=2;
-				if (y == blank) k=3;
-				if (z == blank) k=4;
-				space=1;
-				switch (k) {
-				case 1:	w=0; in--;
-				case 2: x=0; in--;
-				case 3: y=0; in--;
-				case 4: z=0; in--;
-					break;
-				case 0:
-					space=0;
-					fprintf(stderr,"bad uuencoded data values\n");
-					w=x=y=z=0;
-					return(-1);
-					break;
-					}
-				}
-			l=(w<<18)|(x<<12)|(y<< 6)|(z    );
-			l2ccc(l,out);
-			}
-		if (*(in++) != '\n')
-			{
-			fprintf(stderr,"missing nl in uuencoded line\n");
-			w=x=y=z=0;
-			return(-1);
-			}
-		j++;
-		}
-	*out='\0';
-	w=x=y=z=0;
-	return(n);
-	}
diff --git a/crypto/openssl/crypto/des/des.h b/crypto/openssl/crypto/des/des.h
deleted file mode 100644
index daaf239dbe54..000000000000
--- a/crypto/openssl/crypto/des/des.h
+++ /dev/null
@@ -1,240 +0,0 @@
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
-
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
-
-#include <openssl/opensslconf.h> /* DES_LONG */
-#include <openssl/e_os2.h>	/* OPENSSL_EXTERN */
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char DES_cblock[8];
-typedef /* const */ unsigned char const_DES_cblock[8];
-/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
- * and const_DES_cblock * are incompatible pointer types. */
-
-typedef struct DES_ks
-    {
-    union
-	{
-	DES_cblock cblock;
-	/* make sure things are correct size on machines with
-	 * 8 byte longs */
-	DES_LONG deslong[2];
-	} ks[16];
-    } DES_key_schedule;
-
-#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
-# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
-#  define OPENSSL_ENABLE_OLD_DES_SUPPORT
-# endif
-#endif
-
-#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
-# include <openssl/des_old.h>
-#endif
-
-#define DES_KEY_SZ 	(sizeof(DES_cblock))
-#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-
-#define DES_ENCRYPT	1
-#define DES_DECRYPT	0
-
-#define DES_CBC_MODE	0
-#define DES_PCBC_MODE	1
-
-#define DES_ecb2_encrypt(i,o,k1,k2,e) \
-	DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-OPENSSL_DECLARE_GLOBAL(int,DES_check_key);	/* defaults to false */
-#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
-OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode);	/* defaults to DES_PCBC_MODE */
-#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
-
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-		      DES_key_schedule *ks1,DES_key_schedule *ks2,
-		      DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
-		       long length,DES_key_schedule *schedule,
-		       const_DES_cblock *ivec);
-/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
-void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
-		     DES_key_schedule *ks,int enc);
-
-/* 	This is the DES encryption function that gets called by just about
-	every other DES routine in the library.  You should not use this
-	function except to implement 'modes' of DES.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.  The characters are loaded 'little endian'.
-	Data is a pointer to 2 unsigned long's and ks is the
-	DES_key_schedule to use.  enc, is non zero specifies encryption,
-	zero if decryption. */
-void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-/* 	This functions is the same as DES_encrypt1() except that the DES
-	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for DES_encrypt1(), you should not use this function.
-	It is used by the routines in the library that implement triple DES.
-	IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
-	as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
-void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
-			  long length,
-			  DES_key_schedule *ks1,DES_key_schedule *ks2,
-			  DES_key_schedule *ks3,DES_cblock *ivec,int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
-			   long length,
-			   DES_key_schedule *ks1,DES_key_schedule *ks2,
-			   DES_key_schedule *ks3,
-			   DES_cblock *ivec1,DES_cblock *ivec2,
-			   int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num,int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num);
-
-void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
-		       DES_cblock *out_white);
-
-int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
-		 DES_cblock *iv);
-int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
-		  DES_cblock *iv);
-char *DES_fcrypt(const char *buf,const char *salt, char *ret);
-char *DES_crypt(const char *buf,const char *salt);
-void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
-			long length,int out_count,DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
-/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
- * DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise. */
-int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_string_to_key(const char *str,DES_cblock *key);
-void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
-		       int enc);
-void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num);
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify);
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
-	int verify);
-
-#define DES_fixup_key_parity DES_set_odd_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/des/des.man b/crypto/openssl/crypto/des/des.man
deleted file mode 100644
index 7e06a1851a0d..000000000000
--- a/crypto/openssl/crypto/des/des.man
+++ /dev/null
@@ -1,186 +0,0 @@
-.TH DES 1 
-.SH NAME
-des - encrypt or decrypt data using Data Encryption Standard
-.SH SYNOPSIS
-.B des
-(
-.B \-e
-|
-.B \-E
-) | (
-.B \-d
-|
-.B \-D
-) | (
-.B \-\fR[\fPcC\fR][\fPckname\fR]\fP
-) |
-[
-.B \-b3hfs
-] [
-.B \-k
-.I key
-]
-] [
-.B \-u\fR[\fIuuname\fR]
-[
-.I input-file
-[
-.I output-file
-] ]
-.SH DESCRIPTION
-.B des
-encrypts and decrypts data using the
-Data Encryption Standard algorithm.
-One of
-.B \-e, \-E
-(for encrypt) or
-.B \-d, \-D
-(for decrypt) must be specified.
-It is also possible to use
-.B \-c
-or
-.B \-C
-in conjunction or instead of the a encrypt/decrypt option to generate
-a 16 character hexadecimal checksum, generated via the
-.I des_cbc_cksum.
-.LP
-Two standard encryption modes are supported by the
-.B des
-program, Cipher Block Chaining (the default) and Electronic Code Book
-(specified with
-.B \-b
-).
-.LP
-The key used for the DES
-algorithm is obtained by prompting the user unless the
-.B `\-k
-.I key'
-option is given.
-If the key is an argument to the
-.B des
-command, it is potentially visible to users executing
-.BR ps (1)
-or a derivative.  To minimise this possibility,
-.B des
-takes care to destroy the key argument immediately upon entry.
-If your shell keeps a history file be careful to make sure it is not
-world readable.
-.LP
-Since this program attempts to maintain compatability with sunOS's
-des(1) command, there are 2 different methods used to convert the user
-supplied key to a des key.
-Whenever and one or more of
-.B \-E, \-D, \-C
-or
-.B \-3
-options are used, the key conversion procedure will not be compatible
-with the sunOS des(1) version but will use all the user supplied
-character to generate the des key.
-.B des
-command reads from standard input unless
-.I input-file
-is specified and writes to standard output unless
-.I output-file
-is given.
-.SH OPTIONS
-.TP
-.B \-b
-Select ECB
-(eight bytes at a time) encryption mode.
-.TP
-.B \-3
-Encrypt using triple encryption.
-By default triple cbc encryption is used but if the
-.B \-b
-option is used then triple ecb encryption is performed.
-If the key is less than 8 characters long, the flag has no effect.
-.TP
-.B \-e
-Encrypt data using an 8 byte key in a manner compatible with sunOS
-des(1).
-.TP
-.B \-E
-Encrypt data using a key of nearly unlimited length (1024 bytes).
-This will product a more secure encryption.
-.TP
-.B \-d
-Decrypt data that was encrypted with the \-e option.
-.TP
-.B \-D
-Decrypt data that was encrypted with the \-E option.
-.TP
-.B \-c
-Generate a 16 character hexadecimal cbc checksum and output this to
-stderr.
-If a filename was specified after the
-.B \-c
-option, the checksum is output to that file.
-The checksum is generated using a key generated in a sunOS compatible
-manner.
-.TP
-.B \-C
-A cbc checksum is generated in the same manner as described for the
-.B \-c
-option but the DES key is generated in the same manner as used for the
-.B \-E
-and
-.B \-D
-options
-.TP
-.B \-f
-Does nothing - allowed for compatibility with sunOS des(1) command.
-.TP
-.B \-s
-Does nothing - allowed for compatibility with sunOS des(1) command.
-.TP
-.B "\-k \fIkey\fP"
-Use the encryption 
-.I key
-specified.
-.TP
-.B "\-h"
-The
-.I key
-is assumed to be a 16 character hexadecimal number.
-If the
-.B "\-3"
-option is used the key is assumed to be a 32 character hexadecimal
-number.
-.TP
-.B \-u
-This flag is used to read and write uuencoded files.  If decrypting,
-the input file is assumed to contain uuencoded, DES encrypted data.
-If encrypting, the characters following the -u are used as the name of
-the uuencoded file to embed in the begin line of the uuencoded
-output.  If there is no name specified after the -u, the name text.des
-will be embedded in the header.
-.SH SEE ALSO
-.B ps (1)
-.B des_crypt(3)
-.SH BUGS
-.LP
-The problem with using the
-.B -e
-option is the short key length.
-It would be better to use a real 56-bit key rather than an
-ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
-radically reduces the time necessary for a brute-force cryptographic attack.
-My attempt to remove this problem is to add an alternative text-key to
-DES-key function.  This alternative function (accessed via
-.B -E, -D, -S
-and
-.B -3
-)
-uses DES to help generate the key.
-.LP
-Be carefully when using the -u option.  Doing des -ud <filename> will
-not decrypt filename (the -u option will gobble the d option).
-.LP
-The VMS operating system operates in a world where files are always a
-multiple of 512 bytes.  This causes problems when encrypted data is
-send from unix to VMS since a 88 byte file will suddenly be padded
-with 424 null bytes.  To get around this problem, use the -u option
-to uuencode the data before it is send to the VMS system.
-.SH AUTHOR
-.LP
-Eric Young (eay@cryptsoft.com)
diff --git a/crypto/openssl/crypto/des/des.pl b/crypto/openssl/crypto/des/des.pl
deleted file mode 100644
index 8a3f7e3ed63a..000000000000
--- a/crypto/openssl/crypto/des/des.pl
+++ /dev/null
@@ -1,552 +0,0 @@
-#!/usr/local/bin/perl
-# des.pl - eric young 22/11/1991 eay@cryptsoft.com
-#
-# Copyright (C) 1993 Eric Young
-#
-# 11 April 1996 - patched to circumvent Perl 5 (through 5.002) problem
-#                 with sign-extension on right shift operations.
-#                 Ed Kubaitis - ejk@uiuc.edu
-#
-# eay - 92/08/31 - I think I have fixed all problems for 64bit
-# versions of perl but I could be wrong since I have not tested it yet :-).
-#
-# This is an implementation of DES in perl.
-# The two routines (des_set_key and des_ecb_encrypt)
-# take 8 byte objects as arguments.
-#
-# des_set_key takes an 8 byte string as a key and returns a key schedule
-# for use in calls to des_ecb_encrypt.
-# des_ecb_encrypt takes three arguments, the first is a key schedule
-# (make sure to pass it by reference with the *), the second is 1
-# to encrypt, 0 to decrypt.  The third argument is an 8 byte object
-# to encrypt.  The function returns an 8 byte object that has been
-# DES encrypted.
-#
-# example:
-# require 'des.pl'
-#
-# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
-# @ks=  &des_set_key($key);
-#
-# $outbytes= &des_ecb_encrypt(*ks,1,$data);
-# @enc =unpack("C8",$outbytes);
-#
-                 
-package des;
-
-eval("use integer;") if (int($]) > 4);
-
-# The following 8 arrays are used in des_set_key
-@skb0=(
-# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 
-0x00000000,0x00000010,0x20000000,0x20000010,
-0x00010000,0x00010010,0x20010000,0x20010010,
-0x00000800,0x00000810,0x20000800,0x20000810,
-0x00010800,0x00010810,0x20010800,0x20010810,
-0x00000020,0x00000030,0x20000020,0x20000030,
-0x00010020,0x00010030,0x20010020,0x20010030,
-0x00000820,0x00000830,0x20000820,0x20000830,
-0x00010820,0x00010830,0x20010820,0x20010830,
-0x00080000,0x00080010,0x20080000,0x20080010,
-0x00090000,0x00090010,0x20090000,0x20090010,
-0x00080800,0x00080810,0x20080800,0x20080810,
-0x00090800,0x00090810,0x20090800,0x20090810,
-0x00080020,0x00080030,0x20080020,0x20080030,
-0x00090020,0x00090030,0x20090020,0x20090030,
-0x00080820,0x00080830,0x20080820,0x20080830,
-0x00090820,0x00090830,0x20090820,0x20090830,
-);
-@skb1=(
-# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 
-0x00000000,0x02000000,0x00002000,0x02002000,
-0x00200000,0x02200000,0x00202000,0x02202000,
-0x00000004,0x02000004,0x00002004,0x02002004,
-0x00200004,0x02200004,0x00202004,0x02202004,
-0x00000400,0x02000400,0x00002400,0x02002400,
-0x00200400,0x02200400,0x00202400,0x02202400,
-0x00000404,0x02000404,0x00002404,0x02002404,
-0x00200404,0x02200404,0x00202404,0x02202404,
-0x10000000,0x12000000,0x10002000,0x12002000,
-0x10200000,0x12200000,0x10202000,0x12202000,
-0x10000004,0x12000004,0x10002004,0x12002004,
-0x10200004,0x12200004,0x10202004,0x12202004,
-0x10000400,0x12000400,0x10002400,0x12002400,
-0x10200400,0x12200400,0x10202400,0x12202400,
-0x10000404,0x12000404,0x10002404,0x12002404,
-0x10200404,0x12200404,0x10202404,0x12202404,
-);
-@skb2=(
-# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 
-0x00000000,0x00000001,0x00040000,0x00040001,
-0x01000000,0x01000001,0x01040000,0x01040001,
-0x00000002,0x00000003,0x00040002,0x00040003,
-0x01000002,0x01000003,0x01040002,0x01040003,
-0x00000200,0x00000201,0x00040200,0x00040201,
-0x01000200,0x01000201,0x01040200,0x01040201,
-0x00000202,0x00000203,0x00040202,0x00040203,
-0x01000202,0x01000203,0x01040202,0x01040203,
-0x08000000,0x08000001,0x08040000,0x08040001,
-0x09000000,0x09000001,0x09040000,0x09040001,
-0x08000002,0x08000003,0x08040002,0x08040003,
-0x09000002,0x09000003,0x09040002,0x09040003,
-0x08000200,0x08000201,0x08040200,0x08040201,
-0x09000200,0x09000201,0x09040200,0x09040201,
-0x08000202,0x08000203,0x08040202,0x08040203,
-0x09000202,0x09000203,0x09040202,0x09040203,
-);
-@skb3=(
-# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 
-0x00000000,0x00100000,0x00000100,0x00100100,
-0x00000008,0x00100008,0x00000108,0x00100108,
-0x00001000,0x00101000,0x00001100,0x00101100,
-0x00001008,0x00101008,0x00001108,0x00101108,
-0x04000000,0x04100000,0x04000100,0x04100100,
-0x04000008,0x04100008,0x04000108,0x04100108,
-0x04001000,0x04101000,0x04001100,0x04101100,
-0x04001008,0x04101008,0x04001108,0x04101108,
-0x00020000,0x00120000,0x00020100,0x00120100,
-0x00020008,0x00120008,0x00020108,0x00120108,
-0x00021000,0x00121000,0x00021100,0x00121100,
-0x00021008,0x00121008,0x00021108,0x00121108,
-0x04020000,0x04120000,0x04020100,0x04120100,
-0x04020008,0x04120008,0x04020108,0x04120108,
-0x04021000,0x04121000,0x04021100,0x04121100,
-0x04021008,0x04121008,0x04021108,0x04121108,
-);
-@skb4=(
-# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 
-0x00000000,0x10000000,0x00010000,0x10010000,
-0x00000004,0x10000004,0x00010004,0x10010004,
-0x20000000,0x30000000,0x20010000,0x30010000,
-0x20000004,0x30000004,0x20010004,0x30010004,
-0x00100000,0x10100000,0x00110000,0x10110000,
-0x00100004,0x10100004,0x00110004,0x10110004,
-0x20100000,0x30100000,0x20110000,0x30110000,
-0x20100004,0x30100004,0x20110004,0x30110004,
-0x00001000,0x10001000,0x00011000,0x10011000,
-0x00001004,0x10001004,0x00011004,0x10011004,
-0x20001000,0x30001000,0x20011000,0x30011000,
-0x20001004,0x30001004,0x20011004,0x30011004,
-0x00101000,0x10101000,0x00111000,0x10111000,
-0x00101004,0x10101004,0x00111004,0x10111004,
-0x20101000,0x30101000,0x20111000,0x30111000,
-0x20101004,0x30101004,0x20111004,0x30111004,
-);
-@skb5=(
-# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 
-0x00000000,0x08000000,0x00000008,0x08000008,
-0x00000400,0x08000400,0x00000408,0x08000408,
-0x00020000,0x08020000,0x00020008,0x08020008,
-0x00020400,0x08020400,0x00020408,0x08020408,
-0x00000001,0x08000001,0x00000009,0x08000009,
-0x00000401,0x08000401,0x00000409,0x08000409,
-0x00020001,0x08020001,0x00020009,0x08020009,
-0x00020401,0x08020401,0x00020409,0x08020409,
-0x02000000,0x0A000000,0x02000008,0x0A000008,
-0x02000400,0x0A000400,0x02000408,0x0A000408,
-0x02020000,0x0A020000,0x02020008,0x0A020008,
-0x02020400,0x0A020400,0x02020408,0x0A020408,
-0x02000001,0x0A000001,0x02000009,0x0A000009,
-0x02000401,0x0A000401,0x02000409,0x0A000409,
-0x02020001,0x0A020001,0x02020009,0x0A020009,
-0x02020401,0x0A020401,0x02020409,0x0A020409,
-);
-@skb6=(
-# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 
-0x00000000,0x00000100,0x00080000,0x00080100,
-0x01000000,0x01000100,0x01080000,0x01080100,
-0x00000010,0x00000110,0x00080010,0x00080110,
-0x01000010,0x01000110,0x01080010,0x01080110,
-0x00200000,0x00200100,0x00280000,0x00280100,
-0x01200000,0x01200100,0x01280000,0x01280100,
-0x00200010,0x00200110,0x00280010,0x00280110,
-0x01200010,0x01200110,0x01280010,0x01280110,
-0x00000200,0x00000300,0x00080200,0x00080300,
-0x01000200,0x01000300,0x01080200,0x01080300,
-0x00000210,0x00000310,0x00080210,0x00080310,
-0x01000210,0x01000310,0x01080210,0x01080310,
-0x00200200,0x00200300,0x00280200,0x00280300,
-0x01200200,0x01200300,0x01280200,0x01280300,
-0x00200210,0x00200310,0x00280210,0x00280310,
-0x01200210,0x01200310,0x01280210,0x01280310,
-);
-@skb7=(
-# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 
-0x00000000,0x04000000,0x00040000,0x04040000,
-0x00000002,0x04000002,0x00040002,0x04040002,
-0x00002000,0x04002000,0x00042000,0x04042000,
-0x00002002,0x04002002,0x00042002,0x04042002,
-0x00000020,0x04000020,0x00040020,0x04040020,
-0x00000022,0x04000022,0x00040022,0x04040022,
-0x00002020,0x04002020,0x00042020,0x04042020,
-0x00002022,0x04002022,0x00042022,0x04042022,
-0x00000800,0x04000800,0x00040800,0x04040800,
-0x00000802,0x04000802,0x00040802,0x04040802,
-0x00002800,0x04002800,0x00042800,0x04042800,
-0x00002802,0x04002802,0x00042802,0x04042802,
-0x00000820,0x04000820,0x00040820,0x04040820,
-0x00000822,0x04000822,0x00040822,0x04040822,
-0x00002820,0x04002820,0x00042820,0x04042820,
-0x00002822,0x04002822,0x00042822,0x04042822,
-);
-
-@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0);
-
-# used in ecb_encrypt
-@SP0=(
-0x00410100, 0x00010000, 0x40400000, 0x40410100,
-0x00400000, 0x40010100, 0x40010000, 0x40400000,
-0x40010100, 0x00410100, 0x00410000, 0x40000100,
-0x40400100, 0x00400000, 0x00000000, 0x40010000,
-0x00010000, 0x40000000, 0x00400100, 0x00010100,
-0x40410100, 0x00410000, 0x40000100, 0x00400100,
-0x40000000, 0x00000100, 0x00010100, 0x40410000,
-0x00000100, 0x40400100, 0x40410000, 0x00000000,
-0x00000000, 0x40410100, 0x00400100, 0x40010000,
-0x00410100, 0x00010000, 0x40000100, 0x00400100,
-0x40410000, 0x00000100, 0x00010100, 0x40400000,
-0x40010100, 0x40000000, 0x40400000, 0x00410000,
-0x40410100, 0x00010100, 0x00410000, 0x40400100,
-0x00400000, 0x40000100, 0x40010000, 0x00000000,
-0x00010000, 0x00400000, 0x40400100, 0x00410100,
-0x40000000, 0x40410000, 0x00000100, 0x40010100,
-);
-@SP1=(
-0x08021002, 0x00000000, 0x00021000, 0x08020000,
-0x08000002, 0x00001002, 0x08001000, 0x00021000,
-0x00001000, 0x08020002, 0x00000002, 0x08001000,
-0x00020002, 0x08021000, 0x08020000, 0x00000002,
-0x00020000, 0x08001002, 0x08020002, 0x00001000,
-0x00021002, 0x08000000, 0x00000000, 0x00020002,
-0x08001002, 0x00021002, 0x08021000, 0x08000002,
-0x08000000, 0x00020000, 0x00001002, 0x08021002,
-0x00020002, 0x08021000, 0x08001000, 0x00021002,
-0x08021002, 0x00020002, 0x08000002, 0x00000000,
-0x08000000, 0x00001002, 0x00020000, 0x08020002,
-0x00001000, 0x08000000, 0x00021002, 0x08001002,
-0x08021000, 0x00001000, 0x00000000, 0x08000002,
-0x00000002, 0x08021002, 0x00021000, 0x08020000,
-0x08020002, 0x00020000, 0x00001002, 0x08001000,
-0x08001002, 0x00000002, 0x08020000, 0x00021000,
-);
-@SP2=(
-0x20800000, 0x00808020, 0x00000020, 0x20800020,
-0x20008000, 0x00800000, 0x20800020, 0x00008020,
-0x00800020, 0x00008000, 0x00808000, 0x20000000,
-0x20808020, 0x20000020, 0x20000000, 0x20808000,
-0x00000000, 0x20008000, 0x00808020, 0x00000020,
-0x20000020, 0x20808020, 0x00008000, 0x20800000,
-0x20808000, 0x00800020, 0x20008020, 0x00808000,
-0x00008020, 0x00000000, 0x00800000, 0x20008020,
-0x00808020, 0x00000020, 0x20000000, 0x00008000,
-0x20000020, 0x20008000, 0x00808000, 0x20800020,
-0x00000000, 0x00808020, 0x00008020, 0x20808000,
-0x20008000, 0x00800000, 0x20808020, 0x20000000,
-0x20008020, 0x20800000, 0x00800000, 0x20808020,
-0x00008000, 0x00800020, 0x20800020, 0x00008020,
-0x00800020, 0x00000000, 0x20808000, 0x20000020,
-0x20800000, 0x20008020, 0x00000020, 0x00808000,
-);
-@SP3=(
-0x00080201, 0x02000200, 0x00000001, 0x02080201,
-0x00000000, 0x02080000, 0x02000201, 0x00080001,
-0x02080200, 0x02000001, 0x02000000, 0x00000201,
-0x02000001, 0x00080201, 0x00080000, 0x02000000,
-0x02080001, 0x00080200, 0x00000200, 0x00000001,
-0x00080200, 0x02000201, 0x02080000, 0x00000200,
-0x00000201, 0x00000000, 0x00080001, 0x02080200,
-0x02000200, 0x02080001, 0x02080201, 0x00080000,
-0x02080001, 0x00000201, 0x00080000, 0x02000001,
-0x00080200, 0x02000200, 0x00000001, 0x02080000,
-0x02000201, 0x00000000, 0x00000200, 0x00080001,
-0x00000000, 0x02080001, 0x02080200, 0x00000200,
-0x02000000, 0x02080201, 0x00080201, 0x00080000,
-0x02080201, 0x00000001, 0x02000200, 0x00080201,
-0x00080001, 0x00080200, 0x02080000, 0x02000201,
-0x00000201, 0x02000000, 0x02000001, 0x02080200,
-);
-@SP4=(
-0x01000000, 0x00002000, 0x00000080, 0x01002084,
-0x01002004, 0x01000080, 0x00002084, 0x01002000,
-0x00002000, 0x00000004, 0x01000004, 0x00002080,
-0x01000084, 0x01002004, 0x01002080, 0x00000000,
-0x00002080, 0x01000000, 0x00002004, 0x00000084,
-0x01000080, 0x00002084, 0x00000000, 0x01000004,
-0x00000004, 0x01000084, 0x01002084, 0x00002004,
-0x01002000, 0x00000080, 0x00000084, 0x01002080,
-0x01002080, 0x01000084, 0x00002004, 0x01002000,
-0x00002000, 0x00000004, 0x01000004, 0x01000080,
-0x01000000, 0x00002080, 0x01002084, 0x00000000,
-0x00002084, 0x01000000, 0x00000080, 0x00002004,
-0x01000084, 0x00000080, 0x00000000, 0x01002084,
-0x01002004, 0x01002080, 0x00000084, 0x00002000,
-0x00002080, 0x01002004, 0x01000080, 0x00000084,
-0x00000004, 0x00002084, 0x01002000, 0x01000004,
-);
-@SP5=(
-0x10000008, 0x00040008, 0x00000000, 0x10040400,
-0x00040008, 0x00000400, 0x10000408, 0x00040000,
-0x00000408, 0x10040408, 0x00040400, 0x10000000,
-0x10000400, 0x10000008, 0x10040000, 0x00040408,
-0x00040000, 0x10000408, 0x10040008, 0x00000000,
-0x00000400, 0x00000008, 0x10040400, 0x10040008,
-0x10040408, 0x10040000, 0x10000000, 0x00000408,
-0x00000008, 0x00040400, 0x00040408, 0x10000400,
-0x00000408, 0x10000000, 0x10000400, 0x00040408,
-0x10040400, 0x00040008, 0x00000000, 0x10000400,
-0x10000000, 0x00000400, 0x10040008, 0x00040000,
-0x00040008, 0x10040408, 0x00040400, 0x00000008,
-0x10040408, 0x00040400, 0x00040000, 0x10000408,
-0x10000008, 0x10040000, 0x00040408, 0x00000000,
-0x00000400, 0x10000008, 0x10000408, 0x10040400,
-0x10040000, 0x00000408, 0x00000008, 0x10040008,
-);
-@SP6=(
-0x00000800, 0x00000040, 0x00200040, 0x80200000,
-0x80200840, 0x80000800, 0x00000840, 0x00000000,
-0x00200000, 0x80200040, 0x80000040, 0x00200800,
-0x80000000, 0x00200840, 0x00200800, 0x80000040,
-0x80200040, 0x00000800, 0x80000800, 0x80200840,
-0x00000000, 0x00200040, 0x80200000, 0x00000840,
-0x80200800, 0x80000840, 0x00200840, 0x80000000,
-0x80000840, 0x80200800, 0x00000040, 0x00200000,
-0x80000840, 0x00200800, 0x80200800, 0x80000040,
-0x00000800, 0x00000040, 0x00200000, 0x80200800,
-0x80200040, 0x80000840, 0x00000840, 0x00000000,
-0x00000040, 0x80200000, 0x80000000, 0x00200040,
-0x00000000, 0x80200040, 0x00200040, 0x00000840,
-0x80000040, 0x00000800, 0x80200840, 0x00200000,
-0x00200840, 0x80000000, 0x80000800, 0x80200840,
-0x80200000, 0x00200840, 0x00200800, 0x80000800,
-);
-@SP7=(
-0x04100010, 0x04104000, 0x00004010, 0x00000000,
-0x04004000, 0x00100010, 0x04100000, 0x04104010,
-0x00000010, 0x04000000, 0x00104000, 0x00004010,
-0x00104010, 0x04004010, 0x04000010, 0x04100000,
-0x00004000, 0x00104010, 0x00100010, 0x04004000,
-0x04104010, 0x04000010, 0x00000000, 0x00104000,
-0x04000000, 0x00100000, 0x04004010, 0x04100010,
-0x00100000, 0x00004000, 0x04104000, 0x00000010,
-0x00100000, 0x00004000, 0x04000010, 0x04104010,
-0x00004010, 0x04000000, 0x00000000, 0x00104000,
-0x04100010, 0x04004010, 0x04004000, 0x00100010,
-0x04104000, 0x00000010, 0x00100010, 0x04004000,
-0x04104010, 0x00100000, 0x04100000, 0x04000010,
-0x00104000, 0x00004010, 0x04004010, 0x04100000,
-0x00000010, 0x04104000, 0x00104010, 0x00000000,
-0x04000000, 0x04100010, 0x00004000, 0x00104010,
-);
-
-sub main'des_set_key
-	{
-	local($param)=@_;
-	local(@key);
-	local($c,$d,$i,$s,$t);
-	local(@ks)=();
-
-	# Get the bytes in the order we want.
-	@key=unpack("C8",$param);
-
-	$c=	($key[0]    )|
-		($key[1]<< 8)|
-		($key[2]<<16)|
-		($key[3]<<24);
-	$d=	($key[4]    )|
-		($key[5]<< 8)|
-		($key[6]<<16)|
-		($key[7]<<24);
-
-	&doPC1(*c,*d);
-
-	for $i (@shifts2)
-		{
-		if ($i)
-			{
-			$c=($c>>2)|($c<<26);
-			$d=($d>>2)|($d<<26);
-			}
-		else
-			{
-			$c=($c>>1)|($c<<27);
-			$d=($d>>1)|($d<<27);
-			}
-		$c&=0x0fffffff;
-		$d&=0x0fffffff;
-		$s=	$skb0[ ($c    )&0x3f                 ]|
-			$skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]|
-			$skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]|
-			$skb3[(($c>>20)&0x01)|(($c>>21)&0x06) |
-					     (($c>>22)&0x38)];
-		$t=     $skb4[ ($d    )&0x3f                ]|
-			$skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]|
-			$skb6[ ($d>>15)&0x3f                 ]|
-			$skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)];
-		push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff);
-		$s=      (($s>>16)&0x0000ffff)|($t&0xffff0000) ;
-		push(@ks,(($s<<4)|(($s>>28)&0xf))&0xffffffff);
-		}
-	@ks;
-	}
-
-sub doPC1
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>>4)^$a)&0x0f0f0f0f;
-	$b^=($t<<4); $a^=$t;
-	# do $a first 
-	$t=(($a<<18)^$a)&0xcccc0000;
-	$a=$a^$t^(($t>>18)&0x00003fff);
-	$t=(($a<<17)^$a)&0xaaaa0000;
-	$a=$a^$t^(($t>>17)&0x00007fff);
-	$t=(($a<< 8)^$a)&0x00ff0000;
-	$a=$a^$t^(($t>> 8)&0x00ffffff);
-	$t=(($a<<17)^$a)&0xaaaa0000;
-	$a=$a^$t^(($t>>17)&0x00007fff);
-
-	# now do $b
-	$t=(($b<<24)^$b)&0xff000000;
-	$b=$b^$t^(($t>>24)&0x000000ff);
-	$t=(($b<< 8)^$b)&0x00ff0000;
-	$b=$b^$t^(($t>> 8)&0x00ffffff);
-	$t=(($b<<14)^$b)&0x33330000;
-	$b=$b^$t^(($t>>14)&0x0003ffff);
-	$b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55);
-	$b=(($b>>8)&0x00ffffff)|((($a&0xf0000000)>>4)&0x0fffffff);
-	$a&=0x0fffffff;
-	}
-
-sub doIP
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>> 4)^$a)&0x0f0f0f0f;
-	$b^=($t<< 4); $a^=$t;
-	$t=(($a>>16)^$b)&0x0000ffff;
-	$a^=($t<<16); $b^=$t;
-	$t=(($b>> 2)^$a)&0x33333333;
-	$b^=($t<< 2); $a^=$t;
-	$t=(($a>> 8)^$b)&0x00ff00ff;
-	$a^=($t<< 8); $b^=$t;
-	$t=(($b>> 1)^$a)&0x55555555;
-	$b^=($t<< 1); $a^=$t;
-	$t=$a;
-	$a=$b&0xffffffff;
-	$b=$t&0xffffffff;
-	}
-
-sub doFP
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>> 1)^$a)&0x55555555;
-	$b^=($t<< 1); $a^=$t;
-	$t=(($a>> 8)^$b)&0x00ff00ff;
-	$a^=($t<< 8); $b^=$t;
-	$t=(($b>> 2)^$a)&0x33333333;
-	$b^=($t<< 2); $a^=$t;
-	$t=(($a>>16)^$b)&0x0000ffff;
-	$a^=($t<<16); $b^=$t;
-	$t=(($b>> 4)^$a)&0x0f0f0f0f;
-	$b^=($t<< 4); $a^=$t;
-	$a&=0xffffffff;
-	$b&=0xffffffff;
-	}
-
-sub main'des_ecb_encrypt
-	{
-	local(*ks,$encrypt,$in)=@_;
-	local($l,$r,$i,$t,$u,@input);
-	
-	@input=unpack("C8",$in);
-	# Get the bytes in the order we want.
-	$l=	($input[0]    )|
-		($input[1]<< 8)|
-		($input[2]<<16)|
-		($input[3]<<24);
-	$r=	($input[4]    )|
-		($input[5]<< 8)|
-		($input[6]<<16)|
-		($input[7]<<24);
-
-	$l&=0xffffffff;
-	$r&=0xffffffff;
-	&doIP(*l,*r);
-	if ($encrypt)
-		{
-		for ($i=0; $i<32; $i+=4)
-			{
-			$t=((($r&0x7fffffff)<<1)|(($r>>31)&0x00000001));
-			$u=$t^$ks[$i  ];
-			$t=$t^$ks[$i+1];
-			$t2=(($t&0x0000000f)<<28);
-
-			$t=((($t>>4)&0x0fffffff)|(($t&0x0000000f)<<28));
-			$l^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-
-			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i+2];
-			$t=$t^$ks[$i+3];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$r^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-			}
-		}
-	else	
-		{
-		for ($i=30; $i>0; $i-=4)
-			{
-			$t=(($r<<1)|(($r>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i  ];
-			$t=$t^$ks[$i+1];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$l^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-
-			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i-2];
-			$t=$t^$ks[$i-1];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$r^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-			}
-		}
-	&doFP(*l,*r);
-	pack("C8",$l&0xff, 
-	          ($l>> 8)&0x00ffffff,
-	          ($l>>16)&0x0000ffff,
-		  ($l>>24)&0x000000ff,
-		  $r&0xff,
-	          ($r>> 8)&0x00ffffff,
-	          ($r>>16)&0x0000ffff,
-		  ($r>>24)&0x000000ff);
-	}
diff --git a/crypto/openssl/crypto/des/des.pod b/crypto/openssl/crypto/des/des.pod
deleted file mode 100644
index bf479e83d26b..000000000000
--- a/crypto/openssl/crypto/des/des.pod
+++ /dev/null
@@ -1,217 +0,0 @@
-=pod
-
-=head1 NAME
-
-des - encrypt or decrypt data using Data Encryption Standard
-
-=head1 SYNOPSIS
-
-B<des>
-(
-B<-e>
-|
-B<-E>
-) | (
-B<-d>
-|
-B<-D>
-) | (
-B<->[B<cC>][B<ckname>]
-) |
-[
-B<-b3hfs>
-] [
-B<-k>
-I<key>
-]
-] [
-B<-u>[I<uuname>]
-[
-I<input-file>
-[
-I<output-file>
-] ]
-
-=head1 NOTE
-
-This page describes the B<des> stand-alone program, not the B<openssl des>
-command.
-
-=head1 DESCRIPTION
-
-B<des>
-encrypts and decrypts data using the
-Data Encryption Standard algorithm.
-One of
-B<-e>, B<-E>
-(for encrypt) or
-B<-d>, B<-D>
-(for decrypt) must be specified.
-It is also possible to use
-B<-c>
-or
-B<-C>
-in conjunction or instead of the a encrypt/decrypt option to generate
-a 16 character hexadecimal checksum, generated via the
-I<des_cbc_cksum>.
-
-Two standard encryption modes are supported by the
-B<des>
-program, Cipher Block Chaining (the default) and Electronic Code Book
-(specified with
-B<-b>).
-
-The key used for the DES
-algorithm is obtained by prompting the user unless the
-B<-k>
-I<key>
-option is given.
-If the key is an argument to the
-B<des>
-command, it is potentially visible to users executing
-ps(1)
-or a derivative.  To minimise this possibility,
-B<des>
-takes care to destroy the key argument immediately upon entry.
-If your shell keeps a history file be careful to make sure it is not
-world readable.
-
-Since this program attempts to maintain compatibility with sunOS's
-des(1) command, there are 2 different methods used to convert the user
-supplied key to a des key.
-Whenever and one or more of
-B<-E>, B<-D>, B<-C>
-or
-B<-3>
-options are used, the key conversion procedure will not be compatible
-with the sunOS des(1) version but will use all the user supplied
-character to generate the des key.
-B<des>
-command reads from standard input unless
-I<input-file>
-is specified and writes to standard output unless
-I<output-file>
-is given.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-b>
-
-Select ECB
-(eight bytes at a time) encryption mode.
-
-=item B<-3>
-
-Encrypt using triple encryption.
-By default triple cbc encryption is used but if the
-B<-b>
-option is used then triple ECB encryption is performed.
-If the key is less than 8 characters long, the flag has no effect.
-
-=item B<-e>
-
-Encrypt data using an 8 byte key in a manner compatible with sunOS
-des(1).
-
-=item B<-E>
-
-Encrypt data using a key of nearly unlimited length (1024 bytes).
-This will product a more secure encryption.
-
-=item B<-d>
-
-Decrypt data that was encrypted with the B<-e> option.
-
-=item B<-D>
-
-Decrypt data that was encrypted with the B<-E> option.
-
-=item B<-c>
-
-Generate a 16 character hexadecimal cbc checksum and output this to
-stderr.
-If a filename was specified after the
-B<-c>
-option, the checksum is output to that file.
-The checksum is generated using a key generated in a sunOS compatible
-manner.
-
-=item B<-C>
-
-A cbc checksum is generated in the same manner as described for the
-B<-c>
-option but the DES key is generated in the same manner as used for the
-B<-E>
-and
-B<-D>
-options
-
-=item B<-f>
-
-Does nothing - allowed for compatibility with sunOS des(1) command.
-
-=item B<-s>
-
-Does nothing - allowed for compatibility with sunOS des(1) command.
-
-=item B<-k> I<key>
-
-Use the encryption 
-I<key>
-specified.
-
-=item B<-h>
-
-The
-I<key>
-is assumed to be a 16 character hexadecimal number.
-If the
-B<-3>
-option is used the key is assumed to be a 32 character hexadecimal
-number.
-
-=item B<-u>
-
-This flag is used to read and write uuencoded files.  If decrypting,
-the input file is assumed to contain uuencoded, DES encrypted data.
-If encrypting, the characters following the B<-u> are used as the name of
-the uuencoded file to embed in the begin line of the uuencoded
-output.  If there is no name specified after the B<-u>, the name text.des
-will be embedded in the header.
-
-=head1 SEE ALSO
-
-ps(1),
-L<des_crypt(3)|des_crypt(3)>
-
-=head1 BUGS
-
-The problem with using the
-B<-e>
-option is the short key length.
-It would be better to use a real 56-bit key rather than an
-ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
-radically reduces the time necessary for a brute-force cryptographic attack.
-My attempt to remove this problem is to add an alternative text-key to
-DES-key function.  This alternative function (accessed via
-B<-E>, B<-D>, B<-S>
-and
-B<-3>)
-uses DES to help generate the key.
-
-Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
-not decrypt filename (the B<-u> option will gobble the B<-d> option).
-
-The VMS operating system operates in a world where files are always a
-multiple of 512 bytes.  This causes problems when encrypted data is
-send from Unix to VMS since a 88 byte file will suddenly be padded
-with 424 null bytes.  To get around this problem, use the B<-u> option
-to uuencode the data before it is send to the VMS system.
-
-=head1 AUTHOR
-
-Eric Young (eay@cryptsoft.com)
-
-=cut
diff --git a/crypto/openssl/crypto/des/des3s.cpp b/crypto/openssl/crypto/des/des3s.cpp
deleted file mode 100644
index 02d527c057c2..000000000000
--- a/crypto/openssl/crypto/des/des3s.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key1,key2,key3;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(s1);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/des/des_crypt.man b/crypto/openssl/crypto/des/des_crypt.man
deleted file mode 100644
index 0ecc416877fe..000000000000
--- a/crypto/openssl/crypto/des/des_crypt.man
+++ /dev/null
@@ -1,508 +0,0 @@
-.TH DES_CRYPT 3 
-.SH NAME
-des_read_password, des_read_2password,
-des_string_to_key, des_string_to_2key, des_read_pw_string,
-des_random_key, des_set_key,
-des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
-des_3cbc_encrypt,
-des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
-des_cbc_cksum, des_quad_cksum,
-des_enc_read, des_enc_write, des_set_odd_parity,
-des_is_weak_key, crypt \- (non USA) DES encryption
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <des.h>
-.PP
-.B int des_read_password(key,prompt,verify)
-des_cblock *key;
-char *prompt;
-int verify;
-.PP
-.B int des_read_2password(key1,key2,prompt,verify)
-des_cblock *key1,*key2;
-char *prompt;
-int verify;
-.PP
-.B int des_string_to_key(str,key)
-char *str;
-des_cblock *key;
-.PP
-.B int des_string_to_2keys(str,key1,key2)
-char *str;
-des_cblock *key1,*key2;
-.PP
-.B int des_read_pw_string(buf,length,prompt,verify)
-char *buf;
-int length;
-char *prompt;
-int verify;
-.PP
-.B int des_random_key(key)
-des_cblock *key;
-.PP
-.B int des_set_key(key,schedule)
-des_cblock *key;
-des_key_schedule schedule;
-.PP
-.B int des_key_sched(key,schedule)
-des_cblock *key;
-des_key_schedule schedule;
-.PP
-.B int des_ecb_encrypt(input,output,schedule,encrypt)
-des_cblock *input;
-des_cblock *output;
-des_key_schedule schedule;
-int encrypt;
-.PP
-.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
-des_cblock *input;
-des_cblock *output;
-des_key_schedule ks1,ks2;
-int encrypt;
-.PP
-.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule sk1;
-des_key_schedule sk2;
-des_cblock *ivec1;
-des_cblock *ivec2;
-int encrypt;
-.PP
-.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
-unsigned char *input;
-unsigned char *output;
-int numbits;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
-unsigned char *input,*output;
-int numbits;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-.PP
-.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-.PP
-.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
-des_cblock *input;
-des_cblock *output;
-long length;
-int out_count;
-des_cblock *seed;
-.PP
-.B int des_check_key;
-.PP
-.B int des_enc_read(fd,buf,len,sched,iv)
-int fd;
-char *buf;
-int len;
-des_key_schedule sched;
-des_cblock *iv;
-.PP
-.B int des_enc_write(fd,buf,len,sched,iv)
-int fd;
-char *buf;
-int len;
-des_key_schedule sched;
-des_cblock *iv;
-.PP
-.B extern int des_rw_mode;
-.PP
-.B void des_set_odd_parity(key)
-des_cblock *key;
-.PP
-.B int des_is_weak_key(key)
-des_cblock *key;
-.PP
-.B char *crypt(passwd,salt)
-char *passwd;
-char *salt;
-.PP
-.fi
-.SH DESCRIPTION
-This library contains a fast implementation of the DES encryption
-algorithm.
-.PP
-There are two phases to the use of DES encryption.
-The first is the generation of a
-.I des_key_schedule
-from a key,
-the second is the actual encryption.
-A des key is of type
-.I des_cblock.
-This type is made from 8 characters with odd parity.
-The least significant bit in the character is the parity bit.
-The key schedule is an expanded form of the key; it is used to speed the
-encryption process.
-.PP
-.I des_read_password
-writes the string specified by prompt to the standard output,
-turns off echo and reads an input string from standard input
-until terminated with a newline.
-If verify is non-zero, it prompts and reads the input again and verifies
-that both entered passwords are the same.
-The entered string is converted into a des key by using the
-.I des_string_to_key
-routine.
-The new key is placed in the
-.I des_cblock
-that was passed (by reference) to the routine.
-If there were no errors,
-.I des_read_password
-returns 0,
--1 is returned if there was a terminal error and 1 is returned for
-any other error.
-.PP
-.I des_read_2password
-operates in the same way as
-.I des_read_password
-except that it generates 2 keys by using the
-.I des_string_to_2key
-function.
-.PP
-.I des_read_pw_string
-is called by
-.I des_read_password
-to read and verify a string from a terminal device.
-The string is returned in
-.I buf.
-The size of
-.I buf
-is passed to the routine via the
-.I length
-parameter.
-.PP
-.I des_string_to_key
-converts a string into a valid des key.
-.PP
-.I des_string_to_2key
-converts a string into 2 valid des keys.
-This routine is best suited for used to generate keys for use with
-.I des_ecb3_encrypt.
-.PP
-.I des_random_key
-returns a random key that is made of a combination of process id,
-time and an increasing counter.
-.PP
-Before a des key can be used it is converted into a
-.I des_key_schedule
-via the
-.I des_set_key
-routine.
-If the
-.I des_check_key
-flag is non-zero,
-.I des_set_key
-will check that the key passed is of odd parity and is not a week or
-semi-weak key.
-If the parity is wrong,
-then -1 is returned.
-If the key is a weak key,
-then -2 is returned.
-If an error is returned,
-the key schedule is not generated.
-.PP
-.I des_key_sched
-is another name for the
-.I des_set_key
-function.
-.PP
-The following routines mostly operate on an input and output stream of
-.I des_cblock's.
-.PP
-.I des_ecb_encrypt
-is the basic DES encryption routine that encrypts or decrypts a single 8-byte
-.I des_cblock
-in
-.I electronic code book
-mode.
-It always transforms the input data, pointed to by
-.I input,
-into the output data,
-pointed to by the
-.I output
-argument.
-If the
-.I encrypt
-argument is non-zero (DES_ENCRYPT),
-the
-.I input
-(cleartext) is encrypted in to the
-.I output
-(ciphertext) using the key_schedule specified by the
-.I schedule
-argument,
-previously set via
-.I des_set_key.
-If
-.I encrypt
-is zero (DES_DECRYPT),
-the
-.I input
-(now ciphertext)
-is decrypted into the
-.I output
-(now cleartext).
-Input and output may overlap.
-No meaningful value is returned.
-.PP
-.I des_ecb3_encrypt
-encrypts/decrypts the
-.I input
-block by using triple ecb DES encryption.
-This involves encrypting the input with 
-.I ks1,
-decryption with the key schedule
-.I ks2,
-and then encryption with the first again.
-This routine greatly reduces the chances of brute force breaking of
-DES and has the advantage of if
-.I ks1
-and
-.I ks2
-are the same, it is equivalent to just encryption using ecb mode and
-.I ks1
-as the key.
-.PP
-.I des_cbc_encrypt
-encrypts/decrypts using the
-.I cipher-block-chaining
-mode of DES.
-If the
-.I encrypt
-argument is non-zero,
-the routine cipher-block-chain encrypts the cleartext data pointed to by the
-.I input
-argument into the ciphertext pointed to by the
-.I output
-argument,
-using the key schedule provided by the
-.I schedule
-argument,
-and initialisation vector provided by the
-.I ivec
-argument.
-If the
-.I length
-argument is not an integral multiple of eight bytes, 
-the last block is copied to a temporary area and zero filled.
-The output is always
-an integral multiple of eight bytes.
-To make multiple cbc encrypt calls on a large amount of data appear to
-be one 
-.I des_cbc_encrypt
-call, the
-.I ivec
-of subsequent calls should be the last 8 bytes of the output.
-.PP
-.I des_3cbc_encrypt
-encrypts/decrypts the
-.I input
-block by using triple cbc DES encryption.
-This involves encrypting the input with key schedule
-.I ks1,
-decryption with the key schedule
-.I ks2,
-and then encryption with the first again.
-2 initialisation vectors are required,
-.I ivec1
-and
-.I ivec2.
-Unlike
-.I des_cbc_encrypt,
-these initialisation vectors are modified by the subroutine.
-This routine greatly reduces the chances of brute force breaking of
-DES and has the advantage of if
-.I ks1
-and
-.I ks2
-are the same, it is equivalent to just encryption using cbc mode and
-.I ks1
-as the key.
-.PP
-.I des_pcbc_encrypt
-encrypt/decrypts using a modified block chaining mode.
-It provides better error propagation characteristics than cbc
-encryption.
-.PP
-.I des_cfb_encrypt
-encrypt/decrypts using cipher feedback mode.  This method takes an
-array of characters as input and outputs and array of characters.  It
-does not require any padding to 8 character groups.  Note: the ivec
-variable is changed and the new changed value needs to be passed to
-the next call to this function.  Since this function runs a complete
-DES ecb encryption per numbits, this function is only suggested for
-use when sending small numbers of characters.
-.PP
-.I des_ofb_encrypt
-encrypt using output feedback mode.  This method takes an
-array of characters as input and outputs and array of characters.  It
-does not require any padding to 8 character groups.  Note: the ivec
-variable is changed and the new changed value needs to be passed to
-the next call to this function.  Since this function runs a complete
-DES ecb encryption per numbits, this function is only suggested for
-use when sending small numbers of characters.
-.PP
-.I des_cbc_cksum
-produces an 8 byte checksum based on the input stream (via cbc encryption).
-The last 4 bytes of the checksum is returned and the complete 8 bytes is
-placed in
-.I output.
-.PP
-.I des_quad_cksum
-returns a 4 byte checksum from the input bytes.
-The algorithm can be iterated over the input,
-depending on
-.I out_count,
-1, 2, 3 or 4 times.
-If
-.I output
-is non-NULL,
-the 8 bytes generated by each pass are written into
-.I output.
-.PP
-.I des_enc_write
-is used to write
-.I len
-bytes
-to file descriptor
-.I fd
-from buffer
-.I buf.
-The data is encrypted via
-.I pcbc_encrypt
-(default) using
-.I sched
-for the key and
-.I iv
-as a starting vector.
-The actual data send down
-.I fd
-consists of 4 bytes (in network byte order) containing the length of the
-following encrypted data.  The encrypted data then follows, padded with random
-data out to a multiple of 8 bytes.
-.PP
-.I des_enc_read
-is used to read
-.I len
-bytes
-from file descriptor
-.I fd
-into buffer
-.I buf.
-The data being read from
-.I fd
-is assumed to have come from
-.I des_enc_write
-and is decrypted using
-.I sched
-for the key schedule and
-.I iv
-for the initial vector.
-The
-.I des_enc_read/des_enc_write
-pair can be used to read/write to files, pipes and sockets.
-I have used them in implementing a version of rlogin in which all
-data is encrypted.
-.PP
-.I des_rw_mode
-is used to specify the encryption mode to use with 
-.I des_enc_read
-and 
-.I des_end_write.
-If set to
-.I DES_PCBC_MODE
-(the default), des_pcbc_encrypt is used.
-If set to
-.I DES_CBC_MODE
-des_cbc_encrypt is used.
-These two routines and the variable are not part of the normal MIT library.
-.PP
-.I des_set_odd_parity
-sets the parity of the passed
-.I key
-to odd.  This routine is not part of the standard MIT library.
-.PP
-.I des_is_weak_key
-returns 1 is the passed key is a weak key (pick again :-),
-0 if it is ok.
-This routine is not part of the standard MIT library.
-.PP
-.I crypt
-is a replacement for the normal system crypt.
-It is much faster than the system crypt.
-.PP
-.SH FILES
-/usr/include/des.h
-.br
-/usr/lib/libdes.a
-.PP
-The encryption routines have been tested on 16bit, 32bit and 64bit
-machines of various endian and even works under VMS.
-.PP
-.SH BUGS
-.PP
-If you think this manual is sparse,
-read the des_crypt(3) manual from the MIT kerberos (or bones outside
-of the USA) distribution.
-.PP
-.I des_cfb_encrypt
-and
-.I des_ofb_encrypt
-operates on input of 8 bits.  What this means is that if you set
-numbits to 12, and length to 2, the first 12 bits will come from the 1st
-input byte and the low half of the second input byte.  The second 12
-bits will have the low 8 bits taken from the 3rd input byte and the
-top 4 bits taken from the 4th input byte.  The same holds for output.
-This function has been implemented this way because most people will
-be using a multiple of 8 and because once you get into pulling bytes input
-bytes apart things get ugly!
-.PP
-.I des_read_pw_string
-is the most machine/OS dependent function and normally generates the
-most problems when porting this code.
-.PP
-.I des_string_to_key
-is probably different from the MIT version since there are lots
-of fun ways to implement one-way encryption of a text string.
-.PP
-The routines are optimised for 32 bit machines and so are not efficient
-on IBM PCs.
-.PP
-NOTE: extensive work has been done on this library since this document
-was origionally written.  Please try to read des.doc from the libdes
-distribution since it is far more upto date and documents more of the
-functions.  Libdes is now also being shipped as part of SSLeay, a
-general cryptographic library that amonst other things implements
-netscapes SSL protocoll.  The most recent version can be found in
-SSLeay distributions.
-.SH AUTHOR
-Eric Young (eay@cryptsoft.com)
diff --git a/crypto/openssl/crypto/des/des_enc.c b/crypto/openssl/crypto/des/des_enc.c
deleted file mode 100644
index 1c37ab96d3de..000000000000
--- a/crypto/openssl/crypto/des/des_enc.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/* crypto/des/des_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
-	{
-	register DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-	register int i;
-#endif
-	register DES_LONG *s;
-
-	r=data[0];
-	l=data[1];
-
-	IP(r,l);
-	/* Things have been modified so that the initial rotate is
-	 * done outside the loop.  This required the
-	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
-	 * One perl script later and things have a 5% speed up on a sparc2.
-	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	 * for pointing this out. */
-	/* clear the top bits on machines with 8byte longs */
-	/* shift left by 2 */
-	r=ROTATE(r,29)&0xffffffffL;
-	l=ROTATE(l,29)&0xffffffffL;
-
-	s=ks->ks->deslong;
-	/* I don't know if it is worth the effort of loop unrolling the
-	 * inner loop */
-	if (enc)
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#else
-		for (i=0; i<32; i+=8)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  3 */
-			D_ENCRYPT(r,l,i+6); /*  4 */
-			}
-#endif
-		}
-	else
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r,30); /* 16 */
-		D_ENCRYPT(r,l,28); /* 15 */
-		D_ENCRYPT(l,r,26); /* 14 */
-		D_ENCRYPT(r,l,24); /* 13 */
-		D_ENCRYPT(l,r,22); /* 12 */
-		D_ENCRYPT(r,l,20); /* 11 */
-		D_ENCRYPT(l,r,18); /* 10 */
-		D_ENCRYPT(r,l,16); /*  9 */
-		D_ENCRYPT(l,r,14); /*  8 */
-		D_ENCRYPT(r,l,12); /*  7 */
-		D_ENCRYPT(l,r,10); /*  6 */
-		D_ENCRYPT(r,l, 8); /*  5 */
-		D_ENCRYPT(l,r, 6); /*  4 */
-		D_ENCRYPT(r,l, 4); /*  3 */
-		D_ENCRYPT(l,r, 2); /*  2 */
-		D_ENCRYPT(r,l, 0); /*  1 */
-#else
-		for (i=30; i>0; i-=8)
-			{
-			D_ENCRYPT(l,r,i-0); /* 16 */
-			D_ENCRYPT(r,l,i-2); /* 15 */
-			D_ENCRYPT(l,r,i-4); /* 14 */
-			D_ENCRYPT(r,l,i-6); /* 13 */
-			}
-#endif
-		}
-
-	/* rotate and clear the top bits on machines with 8byte longs */
-	l=ROTATE(l,3)&0xffffffffL;
-	r=ROTATE(r,3)&0xffffffffL;
-
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	l=r=t=u=0;
-	}
-
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
-	{
-	register DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-	register int i;
-#endif
-	register DES_LONG *s;
-
-	r=data[0];
-	l=data[1];
-
-	/* Things have been modified so that the initial rotate is
-	 * done outside the loop.  This required the
-	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
-	 * One perl script later and things have a 5% speed up on a sparc2.
-	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	 * for pointing this out. */
-	/* clear the top bits on machines with 8byte longs */
-	r=ROTATE(r,29)&0xffffffffL;
-	l=ROTATE(l,29)&0xffffffffL;
-
-	s=ks->ks->deslong;
-	/* I don't know if it is worth the effort of loop unrolling the
-	 * inner loop */
-	if (enc)
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#else
-		for (i=0; i<32; i+=8)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  3 */
-			D_ENCRYPT(r,l,i+6); /*  4 */
-			}
-#endif
-		}
-	else
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r,30); /* 16 */
-		D_ENCRYPT(r,l,28); /* 15 */
-		D_ENCRYPT(l,r,26); /* 14 */
-		D_ENCRYPT(r,l,24); /* 13 */
-		D_ENCRYPT(l,r,22); /* 12 */
-		D_ENCRYPT(r,l,20); /* 11 */
-		D_ENCRYPT(l,r,18); /* 10 */
-		D_ENCRYPT(r,l,16); /*  9 */
-		D_ENCRYPT(l,r,14); /*  8 */
-		D_ENCRYPT(r,l,12); /*  7 */
-		D_ENCRYPT(l,r,10); /*  6 */
-		D_ENCRYPT(r,l, 8); /*  5 */
-		D_ENCRYPT(l,r, 6); /*  4 */
-		D_ENCRYPT(r,l, 4); /*  3 */
-		D_ENCRYPT(l,r, 2); /*  2 */
-		D_ENCRYPT(r,l, 0); /*  1 */
-#else
-		for (i=30; i>0; i-=8)
-			{
-			D_ENCRYPT(l,r,i-0); /* 16 */
-			D_ENCRYPT(r,l,i-2); /* 15 */
-			D_ENCRYPT(l,r,i-4); /* 14 */
-			D_ENCRYPT(r,l,i-6); /* 13 */
-			}
-#endif
-		}
-	/* rotate and clear the top bits on machines with 8byte longs */
-	data[0]=ROTATE(l,3)&0xffffffffL;
-	data[1]=ROTATE(r,3)&0xffffffffL;
-	l=r=t=u=0;
-	}
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3)
-	{
-	register DES_LONG l,r;
-
-	l=data[0];
-	r=data[1];
-	IP(l,r);
-	data[0]=l;
-	data[1]=r;
-	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
-	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
-	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
-	l=data[0];
-	r=data[1];
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	}
-
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3)
-	{
-	register DES_LONG l,r;
-
-	l=data[0];
-	r=data[1];
-	IP(l,r);
-	data[0]=l;
-	data[1]=r;
-	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
-	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
-	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
-	l=data[0];
-	r=data[1];
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	}
-
-#ifndef DES_DEFAULT_OPTIONS
-
-#undef CBC_ENC_C__DONT_UPDATE_IV
-#include "ncbc_enc.c" /* DES_ncbc_encrypt */
-
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
-			  long length, DES_key_schedule *ks1,
-			  DES_key_schedule *ks2, DES_key_schedule *ks3,
-			  DES_cblock *ivec, int enc)
-	{
-	register DES_LONG tin0,tin1;
-	register DES_LONG tout0,tout1,xor0,xor1;
-	register const unsigned char *in;
-	unsigned char *out;
-	register long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	in=input;
-	out=output;
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		register DES_LONG t0,t1;
-
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-
-			t0=tin0;
-			t1=tin1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			tout0^=xor0;
-			tout1^=xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=t0;
-			xor1=t1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			
-			t0=tin0;
-			t1=tin1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-		
-			tout0^=xor0;
-			tout1^=xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=t0;
-			xor1=t1;
-			}
-
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-#endif /* DES_DEFAULT_OPTIONS */
diff --git a/crypto/openssl/crypto/des/des_locl.h b/crypto/openssl/crypto/des/des_locl.h
deleted file mode 100644
index e44e8e98b250..000000000000
--- a/crypto/openssl/crypto/des/des_locl.h
+++ /dev/null
@@ -1,428 +0,0 @@
-/* crypto/des/des_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_LOCL_H
-#define HEADER_DES_LOCL_H
-
-#include <openssl/e_os2.h>
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-#ifndef OPENSSL_SYS_MSDOS
-#define OPENSSL_SYS_MSDOS
-#endif
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#ifndef OPENSSL_SYS_MSDOS
-#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
-#ifdef OPENSSL_UNISTD
-# include OPENSSL_UNISTD
-#else
-# include <unistd.h>
-#endif
-#include <math.h>
-#endif
-#endif
-#include <openssl/des.h>
-
-#ifdef OPENSSL_SYS_MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
-#include <stdlib.h>
-#include <errno.h>
-#include <time.h>
-#include <io.h>
-#endif
-
-#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
-#include <string.h>
-#endif
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#define ITERATIONS 16
-#define HALF_ITERATIONS 8
-
-/* used in des_read and des_write */
-#define MAXWRITE	(1024*16)
-#define BSIZE		(MAXWRITE+4)
-
-#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
-			 l|=((DES_LONG)(*((c)++)))<< 8L, \
-			 l|=((DES_LONG)(*((c)++)))<<16L, \
-			 l|=((DES_LONG)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
-			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
-			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
-			case 5: l2|=((DES_LONG)(*(--(c))));     \
-			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
-			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
-			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
-			case 1: l1|=((DES_LONG)(*(--(c))));     \
-				} \
-			}
-
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* replacements for htonl and ntohl since I have no idea what to do
- * when faced with machines with 8 byte longs. */
-#define HDRSIZE 4
-
-#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
-			 l|=((DES_LONG)(*((c)++)))<<16L, \
-			 l|=((DES_LONG)(*((c)++)))<< 8L, \
-			 l|=((DES_LONG)(*((c)++))))
-
-#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
-#define	ROTATE(a,n)	(_lrotr(a,n))
-#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#  define ROTATE(a,n)	({ register unsigned int ret;	\
-				asm ("rorl %1,%0"	\
-					: "=r"(ret)	\
-					: "I"(n),"0"(a)	\
-					: "cc");	\
-			   ret;				\
-			})
-# endif
-#endif
-#ifndef ROTATE
-#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
-#endif
-
-/* Don't worry about the LOAD_DATA() stuff, that is used by
- * fcrypt() to add it's little bit to the front */
-
-#ifdef DES_FCRYPT
-
-#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
-	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-	t=R^(R>>16L); \
-	u=t&E0; t&=E1; \
-	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
-	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-#else
-#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-	u=R^s[S  ]; \
-	t=R^s[S+1]
-#endif
-
-/* The changes to this macro may help or hinder, depending on the
- * compiler and the architecture.  gcc2 always seems to do well :-).
- * Inspired by Dana How <how@isl.stanford.edu>
- * DO NOT use the alternative version on machines with 8 byte longs.
- * It does not seem to work on the Alpha, even when DES_LONG is 4
- * bytes, probably an issue of accessing non-word aligned objects :-( */
-#ifdef DES_PTR
-
-/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
- * is no reason to not xor all the sub items together.  This potentially
- * saves a register since things can be xored directly into L */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) { \
-	unsigned int u1,u2,u3; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0xfc; \
-	u2&=0xfc; \
-	t=ROTATE(t,4); \
-	u>>=16L; \
-	LL^= *(const DES_LONG *)(des_SP      +u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-	u3=(int)(u>>8L); \
-	u1=(int)u&0xfc; \
-	u3&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
-	u2=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u2&=0xfc; \
-	t>>=16L; \
-	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-	u3=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u3&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) { \
-	unsigned int u1,u2,s1,s2; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0xfc; \
-	u2&=0xfc; \
-	t=ROTATE(t,4); \
-	LL^= *(const DES_LONG *)(des_SP      +u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-	s1=(int)(u>>16L); \
-	s2=(int)(u>>24L); \
-	s1&=0xfc; \
-	s2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
-	LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
-	u2=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-	s1=(int)(t>>16L); \
-	s2=(int)(t>>24L); \
-	s1&=0xfc; \
-	s2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
-	LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
-#endif
-#else
-#define D_ENCRYPT(LL,R,S) { \
-	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-	t=ROTATE(t,4); \
-	LL^= \
-	*(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
-#endif
-
-#else /* original version */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) {\
-	unsigned int u1,u2,u3; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u>>=2L; \
-	t=ROTATE(t,6); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u2&=0x3f; \
-	u>>=16L; \
-	LL^=DES_SPtrans[0][u1]; \
-	LL^=DES_SPtrans[2][u2]; \
-	u3=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u3&=0x3f; \
-	LL^=DES_SPtrans[4][u1]; \
-	LL^=DES_SPtrans[6][u3]; \
-	u2=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u2&=0x3f; \
-	t>>=16L; \
-	LL^=DES_SPtrans[1][u1]; \
-	LL^=DES_SPtrans[3][u2]; \
-	u3=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u3&=0x3f; \
-	LL^=DES_SPtrans[5][u1]; \
-	LL^=DES_SPtrans[7][u3]; }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) {\
-	unsigned int u1,u2,s1,s2; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u>>=2L; \
-	t=ROTATE(t,6); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u2&=0x3f; \
-	LL^=DES_SPtrans[0][u1]; \
-	LL^=DES_SPtrans[2][u2]; \
-	s1=(int)u>>16L; \
-	s2=(int)u>>24L; \
-	s1&=0x3f; \
-	s2&=0x3f; \
-	LL^=DES_SPtrans[4][s1]; \
-	LL^=DES_SPtrans[6][s2]; \
-	u2=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u2&=0x3f; \
-	LL^=DES_SPtrans[1][u1]; \
-	LL^=DES_SPtrans[3][u2]; \
-	s1=(int)t>>16; \
-	s2=(int)t>>24L; \
-	s1&=0x3f; \
-	s2&=0x3f; \
-	LL^=DES_SPtrans[5][s1]; \
-	LL^=DES_SPtrans[7][s2]; }
-#endif
-
-#else
-
-#define D_ENCRYPT(LL,R,S) {\
-	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-	t=ROTATE(t,4); \
-	LL^=\
-		DES_SPtrans[0][(u>> 2L)&0x3f]^ \
-		DES_SPtrans[2][(u>>10L)&0x3f]^ \
-		DES_SPtrans[4][(u>>18L)&0x3f]^ \
-		DES_SPtrans[6][(u>>26L)&0x3f]^ \
-		DES_SPtrans[1][(t>> 2L)&0x3f]^ \
-		DES_SPtrans[3][(t>>10L)&0x3f]^ \
-		DES_SPtrans[5][(t>>18L)&0x3f]^ \
-		DES_SPtrans[7][(t>>26L)&0x3f]; }
-#endif
-#endif
-
-	/* IP and FP
-	 * The problem is more of a geometric problem that random bit fiddling.
-	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
-	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
-	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
-	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
-
-	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
-	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
-	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
-	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
-
-	The output has been subject to swaps of the form
-	0 1 -> 3 1 but the odd and even bits have been put into
-	2 3    2 0
-	different words.  The main trick is to remember that
-	t=((l>>size)^r)&(mask);
-	r^=t;
-	l^=(t<<size);
-	can be used to swap and move bits between words.
-
-	So l =  0  1  2  3  r = 16 17 18 19
-	        4  5  6  7      20 21 22 23
-	        8  9 10 11      24 25 26 27
-	       12 13 14 15      28 29 30 31
-	becomes (for size == 2 and mask == 0x3333)
-	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
-		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
-		10^24 11^25 -- --        8  9 24 25      10 11 24 25
-		14^28 15^29 -- --       12 13 28 29      14 15 28 29
-
-	Thanks for hints from Richard Outerbridge - he told me IP&FP
-	could be done in 15 xor, 10 shifts and 5 ands.
-	When I finally started to think of the problem in 2D
-	I first got ~42 operations without xors.  When I remembered
-	how to use xors :-) I got it to its final state.
-	*/
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-	(b)^=(t),\
-	(a)^=((t)<<(n)))
-
-#define IP(l,r) \
-	{ \
-	register DES_LONG tt; \
-	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
-	PERM_OP(l,r,tt,16,0x0000ffffL); \
-	PERM_OP(r,l,tt, 2,0x33333333L); \
-	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
-	PERM_OP(r,l,tt, 1,0x55555555L); \
-	}
-
-#define FP(l,r) \
-	{ \
-	register DES_LONG tt; \
-	PERM_OP(l,r,tt, 1,0x55555555L); \
-	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
-	PERM_OP(l,r,tt, 2,0x33333333L); \
-	PERM_OP(r,l,tt,16,0x0000ffffL); \
-	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
-	}
-
-OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
-
-void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
-		 DES_LONG Eswap0, DES_LONG Eswap1);
-#endif
diff --git a/crypto/openssl/crypto/des/des_old.c b/crypto/openssl/crypto/des/des_old.c
deleted file mode 100644
index 7e4cd7180d18..000000000000
--- a/crypto/openssl/crypto/des/des_old.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with libdes.  OpenSSL now provides
- * functions where "des_" has been replaced with "DES_" in the names,
- * to make it possible to make incompatible changes that are needed
- * for C type security and other stuff.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will dissapear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-const char *_ossl_old_des_options(void)
-	{
-	return DES_options();
-	}
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	des_key_schedule ks1,des_key_schedule ks2,
-	des_key_schedule ks3, int enc)
-	{
-	DES_ecb3_encrypt((const_DES_cblock *)input, output,
-		(DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3, enc);
-	}
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
-	{
-	return DES_cbc_cksum((unsigned char *)input, output, length,
-		(DES_key_schedule *)schedule, ivec);
-	}
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
-	{
-	DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
-		length, (DES_key_schedule *)schedule, ivec, enc);
-	}
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
-	{
-	DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
-		length, (DES_key_schedule *)schedule, ivec, enc);
-	}
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	des_key_schedule schedule,_ossl_old_des_cblock *ivec,
-	_ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc)
-	{
-	DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
-		length, (DES_key_schedule *)schedule, ivec, inw, outw, enc);
-	}
-void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-	long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
-	{
-	DES_cfb_encrypt(in, out, numbits, length,
-		(DES_key_schedule *)schedule, ivec, enc);
-	}
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	des_key_schedule ks,int enc)
-	{
-	DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
-	}
-void _ossl_old_des_encrypt(DES_LONG *data,des_key_schedule ks, int enc)
-	{
-	DES_encrypt1(data, (DES_key_schedule *)ks, enc);
-	}
-void _ossl_old_des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc)
-	{
-	DES_encrypt2(data, (DES_key_schedule *)ks, enc);
-	}
-void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
-	des_key_schedule ks2, des_key_schedule ks3)
-	{
-	DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3);
-	}
-void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
-	des_key_schedule ks2, des_key_schedule ks3)
-	{
-	DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3);
-	}
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
-	long length, des_key_schedule ks1, des_key_schedule ks2, 
-	des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc)
-	{
-	DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
-		length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3, ivec, enc);
-	}
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, des_key_schedule ks1, des_key_schedule ks2,
-	des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc)
-	{
-	DES_ede3_cfb64_encrypt(in, out, length,
-		(DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3, ivec, num, enc);
-	}
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, des_key_schedule ks1, des_key_schedule ks2,
-	des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num)
-	{
-	DES_ede3_ofb64_encrypt(in, out, length,
-		(DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-		(DES_key_schedule *)ks3, ivec, num);
-	}
-
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
-	_ossl_old_des_cblock (*out_white))
-	{
-	DES_xwhite_in2out(des_key, in_white, out_white);
-	}
-
-int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
-	_ossl_old_des_cblock *iv)
-	{
-	return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
-	}
-int _ossl_old_des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
-	_ossl_old_des_cblock *iv)
-	{
-	return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
-	}
-char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret)
-	{
-	return DES_fcrypt(buf, salt, ret);
-	}
-char *_ossl_old_des_crypt(const char *buf,const char *salt)
-	{
-	return DES_crypt(buf, salt);
-	}
-char *_ossl_old_crypt(const char *buf,const char *salt)
-	{
-	return DES_crypt(buf, salt);
-	}
-void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
-	int numbits,long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
-	{
-	DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
-		ivec);
-	}
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
-	{
-	DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
-		length, (DES_key_schedule *)schedule, ivec, enc);
-	}
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,int out_count,_ossl_old_des_cblock *seed)
-	{
-	return DES_quad_cksum((unsigned char *)input, output, length,
-		out_count, seed);
-	}
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
-	{
-	RAND_seed(key, sizeof(_ossl_old_des_cblock));
-	}
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
-	{
-	DES_random_key((DES_cblock *)ret);
-	}
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
-				int verify)
-	{
-	return DES_read_password(key, prompt, verify);
-	}
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1, _ossl_old_des_cblock *key2,
-	const char *prompt, int verify)
-	{
-	return DES_read_2passwords(key1, key2, prompt, verify);
-	}
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
-	{
-	DES_set_odd_parity(key);
-	}
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
-	{
-	return DES_is_weak_key(key);
-	}
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,des_key_schedule schedule)
-	{
-	return DES_set_key(key, (DES_key_schedule *)schedule);
-	}
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,des_key_schedule schedule)
-	{
-	return DES_key_sched(key, (DES_key_schedule *)schedule);
-	}
-void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key)
-	{
-	DES_string_to_key(str, key);
-	}
-void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2)
-	{
-	DES_string_to_2keys(str, key1, key2);
-	}
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc)
-	{
-	DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
-		ivec, num, enc);
-	}
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num)
-	{
-	DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
-		ivec, num);
-	}
diff --git a/crypto/openssl/crypto/des/des_old.h b/crypto/openssl/crypto/des/des_old.h
deleted file mode 100644
index 1d840b474a64..000000000000
--- a/crypto/openssl/crypto/des/des_old.h
+++ /dev/null
@@ -1,441 +0,0 @@
-/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with openssl 0.9.6 and older as
- * well as libdes.  OpenSSL now provides functions where "des_" has
- * been replaced with "DES_" in the names, to make it possible to
- * make incompatible changes that are needed for C type security and
- * other stuff.
- *
- * This include files has two compatibility modes:
- *
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
- *     that is compatible with libdes and SSLeay.
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
- *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
- *
- * Note that these modes break earlier snapshots of OpenSSL, where
- * libdes compatibility was the only available mode or (later on) the
- * prefered compatibility mode.  However, after much consideration
- * (and more or less violent discussions with external parties), it
- * was concluded that OpenSSL should be compatible with earlier versions
- * of itself before anything else.  Also, in all honesty, libdes is
- * an old beast that shouldn't really be used any more.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will disappear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DES_H
-#define HEADER_DES_H
-
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
-
-#ifndef HEADER_NEW_DES_H
-#error You must include des.h, not des_old.h directly.
-#endif
-
-#ifdef _KERBEROS_DES_H
-#error <openssl/des_old.h> replaces <kerberos/des.h>.
-#endif
-
-#include <openssl/opensslconf.h> /* DES_LONG */
-#include <openssl/e_os2.h>	/* OPENSSL_EXTERN */
-#include <openssl/symhacks.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char _ossl_old_des_cblock[8];
-typedef struct _ossl_old_des_ks_struct
-	{
-	union	{
-		_ossl_old_des_cblock _;
-		/* make sure things are correct size on machines with
-		 * 8 byte longs */
-		DES_LONG pad[2];
-		} ks;
-	} _ossl_old_des_key_schedule[16];
-
-#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
-#define des_cblock DES_cblock
-#define const_des_cblock const_DES_cblock
-#define des_key_schedule DES_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-	DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-	DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
-	DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-	DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-	DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
-#define des_options()\
-	DES_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
-	DES_cbc_cksum((i),(o),(l),&(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
-	DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
-	DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-	DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-	DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
-	DES_ecb_encrypt((i),(o),&(k),(e))
-#define des_encrypt1(d,k,e)\
-	DES_encrypt1((d),&(k),(e))
-#define des_encrypt2(d,k,e)\
-	DES_encrypt2((d),&(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
-	DES_encrypt3((d),&(k1),&(k2),&(k3))
-#define des_decrypt3(d,k1,k2,k3)\
-	DES_decrypt3((d),&(k1),&(k2),&(k3))
-#define des_xwhite_in2out(k,i,o)\
-	DES_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
-	DES_enc_read((f),(b),(l),&(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
-	DES_enc_write((f),(b),(l),&(k),(iv))
-#define des_fcrypt(b,s,r)\
-	DES_fcrypt((b),(s),(r))
-#define des_crypt(b,s)\
-	DES_crypt((b),(s))
-#if 0
-#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
-#define crypt(b,s)\
-	DES_crypt((b),(s))
-#endif
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
-	DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
-	DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
-	DES_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
-	_ossl_096_des_random_seed((k))
-#define des_random_key(r)\
-	DES_random_key((r))
-#define des_read_password(k,p,v) \
-	DES_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
-	DES_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
-	DES_set_odd_parity((k))
-#define des_check_key_parity(k)\
-	DES_check_key_parity((k))
-#define des_is_weak_key(k)\
-	DES_is_weak_key((k))
-#define des_set_key(k,ks)\
-	DES_set_key((k),&(ks))
-#define des_key_sched(k,ks)\
-	DES_key_sched((k),&(ks))
-#define des_set_key_checked(k,ks)\
-	DES_set_key_checked((k),&(ks))
-#define des_set_key_unchecked(k,ks)\
-	DES_set_key_unchecked((k),&(ks))
-#define des_string_to_key(s,k)\
-	DES_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
-	DES_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-	DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-	DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-		
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
-	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#else /* libdes compatibility */
-/* Map all symbol names to _ossl_old_des_* form, so we avoid all
-   clashes with libdes */
-#define des_cblock _ossl_old_des_cblock
-#define des_key_schedule _ossl_old_des_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-	_ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-	_ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-	_ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-	_ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
-#define des_options()\
-	_ossl_old_des_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
-	_ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-	_ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-	_ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
-	_ossl_old_des_ecb_encrypt((i),(o),(k),(e))
-#define des_encrypt(d,k,e)\
-	_ossl_old_des_encrypt((d),(k),(e))
-#define des_encrypt2(d,k,e)\
-	_ossl_old_des_encrypt2((d),(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
-	_ossl_old_des_encrypt3((d),(k1),(k2),(k3))
-#define des_decrypt3(d,k1,k2,k3)\
-	_ossl_old_des_decrypt3((d),(k1),(k2),(k3))
-#define des_xwhite_in2out(k,i,o)\
-	_ossl_old_des_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
-	_ossl_old_des_enc_read((f),(b),(l),(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
-	_ossl_old_des_enc_write((f),(b),(l),(k),(iv))
-#define des_fcrypt(b,s,r)\
-	_ossl_old_des_fcrypt((b),(s),(r))
-#define des_crypt(b,s)\
-	_ossl_old_des_crypt((b),(s))
-#if 0
-#define crypt(b,s)\
-	_ossl_old_crypt((b),(s))
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
-	_ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
-	_ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
-	_ossl_old_des_random_seed((k))
-#define des_random_key(r)\
-	_ossl_old_des_random_key((r))
-#define des_read_password(k,p,v) \
-	_ossl_old_des_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
-	_ossl_old_des_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
-	_ossl_old_des_set_odd_parity((k))
-#define des_is_weak_key(k)\
-	_ossl_old_des_is_weak_key((k))
-#define des_set_key(k,ks)\
-	_ossl_old_des_set_key((k),(ks))
-#define des_key_sched(k,ks)\
-	_ossl_old_des_key_sched((k),(ks))
-#define des_string_to_key(s,k)\
-	_ossl_old_des_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
-	_ossl_old_des_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-	_ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-	_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-		
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
-	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#endif
-
-const char *_ossl_old_des_options(void);
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	_ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, int enc);
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
-	_ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
-void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-	long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	_ossl_old_des_key_schedule ks,int enc);
-void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-	_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-	_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, 
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
-
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
-	_ossl_old_des_cblock (*out_white));
-
-int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
-	_ossl_old_des_cblock *iv);
-int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
-	_ossl_old_des_cblock *iv);
-char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
-char *_ossl_old_des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(NeXT)
-char *_ossl_old_crypt(const char *buf,const char *salt);
-#endif
-void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
-	int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,int out_count,_ossl_old_des_cblock *seed);
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
-	const char *prompt,int verify);
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
-void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
-
-void _ossl_096_des_random_seed(des_cblock *key);
-
-/* The following definitions provide compatibility with the MIT Kerberos
- * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
-
-#define _KERBEROS_DES_H
-
-#define KRBDES_ENCRYPT DES_ENCRYPT
-#define KRBDES_DECRYPT DES_DECRYPT
-
-#ifdef KERBEROS
-#  define ENCRYPT DES_ENCRYPT
-#  define DECRYPT DES_DECRYPT
-#endif
-
-#ifndef NCOMPAT
-#  define C_Block des_cblock
-#  define Key_schedule des_key_schedule
-#  define KEY_SZ DES_KEY_SZ
-#  define string_to_key des_string_to_key
-#  define read_pw_string des_read_pw_string
-#  define random_key des_random_key
-#  define pcbc_encrypt des_pcbc_encrypt
-#  define set_key des_set_key
-#  define key_sched des_key_sched
-#  define ecb_encrypt des_ecb_encrypt
-#  define cbc_encrypt des_cbc_encrypt
-#  define ncbc_encrypt des_ncbc_encrypt
-#  define xcbc_encrypt des_xcbc_encrypt
-#  define cbc_cksum des_cbc_cksum
-#  define quad_cksum des_quad_cksum
-#  define check_parity des_check_key_parity
-#endif
-
-#define des_fixup_key_parity DES_fixup_key_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-/* for DES_read_pw_string et al */
-#include <openssl/ui_compat.h>
-
-#endif
diff --git a/crypto/openssl/crypto/des/des_old2.c b/crypto/openssl/crypto/des/des_old2.c
deleted file mode 100644
index c8fa3ee1352f..000000000000
--- a/crypto/openssl/crypto/des/des_old2.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with OpenSSL 0.9.6c.  OpenSSL now
- * provides functions where "des_" has been replaced with "DES_" in
- * the names, to make it possible to make incompatible changes that
- * are needed for C type security and other stuff.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will dissapear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#undef OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-void _ossl_096_des_random_seed(DES_cblock *key)
-	{
-	RAND_seed(key, sizeof(DES_cblock));
-	}
diff --git a/crypto/openssl/crypto/des/des_opts.c b/crypto/openssl/crypto/des/des_opts.c
deleted file mode 100644
index 79278b920eb0..000000000000
--- a/crypto/openssl/crypto/des/des_opts.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/* crypto/des/des_opts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
- * This is for machines with 64k code segment size restrictions. */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-#ifndef OPENSSL_SYS_MSDOS
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD
-#else
-#include <io.h>
-extern void exit();
-#endif
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/des.h>
-#include "spr.h"
-
-#define DES_DEFAULT_OPTIONS
-
-#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
-#define PART1
-#define PART2
-#define PART3
-#define PART4
-#endif
-
-#ifdef PART1
-
-#undef DES_UNROLL
-#undef DES_RISC1
-#undef DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#define DES_encrypt1 des_encrypt_u4_cisc_idx
-#define DES_encrypt2 des_encrypt2_u4_cisc_idx
-#define DES_encrypt3 des_encrypt3_u4_cisc_idx
-#define DES_decrypt3 des_decrypt3_u4_cisc_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#undef DES_RISC1
-#undef DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_cisc_idx
-#define DES_encrypt2 des_encrypt2_u16_cisc_idx
-#define DES_encrypt3 des_encrypt3_u16_cisc_idx
-#define DES_decrypt3 des_decrypt3_u16_cisc_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#undef DES_UNROLL
-#define DES_RISC1
-#undef DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u4_risc1_idx
-#define DES_encrypt2 des_encrypt2_u4_risc1_idx
-#define DES_encrypt3 des_encrypt3_u4_risc1_idx
-#define DES_decrypt3 des_decrypt3_u4_risc1_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#endif
-
-#ifdef PART2
-
-#undef DES_UNROLL
-#undef DES_RISC1
-#define DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u4_risc2_idx
-#define DES_encrypt2 des_encrypt2_u4_risc2_idx
-#define DES_encrypt3 des_encrypt3_u4_risc2_idx
-#define DES_decrypt3 des_decrypt3_u4_risc2_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#define DES_RISC1
-#undef DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_risc1_idx
-#define DES_encrypt2 des_encrypt2_u16_risc1_idx
-#define DES_encrypt3 des_encrypt3_u16_risc1_idx
-#define DES_decrypt3 des_decrypt3_u16_risc1_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#undef DES_RISC1
-#define DES_RISC2
-#undef DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_risc2_idx
-#define DES_encrypt2 des_encrypt2_u16_risc2_idx
-#define DES_encrypt3 des_encrypt3_u16_risc2_idx
-#define DES_decrypt3 des_decrypt3_u16_risc2_idx
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#endif
-
-#ifdef PART3
-
-#undef DES_UNROLL
-#undef DES_RISC1
-#undef DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u4_cisc_ptr
-#define DES_encrypt2 des_encrypt2_u4_cisc_ptr
-#define DES_encrypt3 des_encrypt3_u4_cisc_ptr
-#define DES_decrypt3 des_decrypt3_u4_cisc_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#undef DES_RISC1
-#undef DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_cisc_ptr
-#define DES_encrypt2 des_encrypt2_u16_cisc_ptr
-#define DES_encrypt3 des_encrypt3_u16_cisc_ptr
-#define DES_decrypt3 des_decrypt3_u16_cisc_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#undef DES_UNROLL
-#define DES_RISC1
-#undef DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u4_risc1_ptr
-#define DES_encrypt2 des_encrypt2_u4_risc1_ptr
-#define DES_encrypt3 des_encrypt3_u4_risc1_ptr
-#define DES_decrypt3 des_decrypt3_u4_risc1_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#endif
-
-#ifdef PART4
-
-#undef DES_UNROLL
-#undef DES_RISC1
-#define DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u4_risc2_ptr
-#define DES_encrypt2 des_encrypt2_u4_risc2_ptr
-#define DES_encrypt3 des_encrypt3_u4_risc2_ptr
-#define DES_decrypt3 des_decrypt3_u4_risc2_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#define DES_RISC1
-#undef DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_risc1_ptr
-#define DES_encrypt2 des_encrypt2_u16_risc1_ptr
-#define DES_encrypt3 des_encrypt3_u16_risc1_ptr
-#define DES_decrypt3 des_decrypt3_u16_risc1_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#define DES_UNROLL
-#undef DES_RISC1
-#define DES_RISC2
-#define DES_PTR
-#undef D_ENCRYPT
-#undef DES_encrypt1
-#undef DES_encrypt2
-#undef DES_encrypt3
-#undef DES_decrypt3
-#define DES_encrypt1 des_encrypt_u16_risc2_ptr
-#define DES_encrypt2 des_encrypt2_u16_risc2_ptr
-#define DES_encrypt3 des_encrypt3_u16_risc2_ptr
-#define DES_decrypt3 des_decrypt3_u16_risc2_ptr
-#undef HEADER_DES_LOCL_H
-#include "des_enc.c"
-
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-#ifdef SIGALRM
-#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-	
-#define time_it(func,name,index) \
-	print_name(name); \
-	Time_F(START); \
-	for (count=0,run=1; COND(cb); count++) \
-		{ \
-		unsigned long d[2]; \
-		func(d,&sch,DES_ENCRYPT); \
-		} \
-	tm[index]=Time_F(STOP); \
-	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-	tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-		tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-	static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	DES_key_schedule sch,sch2,sch3;
-	double d,tm[16],max=0;
-	int rank[16];
-	char *str[16];
-	int max_idx=0,i,num=0,j;
-#ifndef SIGALARM
-	long ca,cb,cc,cd,ce;
-#endif
-
-	for (i=0; i<12; i++)
-		{
-		tm[i]=0.0;
-		rank[i]=0;
-		}
-
-#ifndef TIMES
-	fprintf(stderr,"To get the most accurate results, try to run this\n");
-	fprintf(stderr,"program when this computer is idle.\n");
-#endif
-
-	DES_set_key_unchecked(&key,&sch);
-	DES_set_key_unchecked(&key2,&sch2);
-	DES_set_key_unchecked(&key3,&sch3);
-
-#ifndef SIGALRM
-	fprintf(stderr,"First we calculate the approximate speed ...\n");
-	DES_set_key_unchecked(&key,sch);
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			DES_encrypt1(data,&(sch[0]),DES_ENCRYPT);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count;
-	cb=count*3;
-	cc=count*3*8/BUFSIZE+1;
-	cd=count*8/BUFSIZE+1;
-
-	ce=count/20+1;
-#define COND(d) (count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c) (run)
-#define COUNT(d) (count)
-        signal(SIGALRM,sig_done);
-        alarm(10);
-#endif
-
-#ifdef PART1
-	time_it(des_encrypt_u4_cisc_idx,  "des_encrypt_u4_cisc_idx  ", 0);
-	time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
-	time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
-	num+=3;
-#endif
-#ifdef PART2
-	time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
-	time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
-	time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
-	num+=3;
-#endif
-#ifdef PART3
-	time_it(des_encrypt_u4_cisc_ptr,  "des_encrypt_u4_cisc_ptr  ", 6);
-	time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
-	time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
-	num+=3;
-#endif
-#ifdef PART4
-	time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
-	time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
-	time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
-	num+=3;
-#endif
-
-#ifdef PART1
-	str[0]=" 4  c i";
-	print_it("des_encrypt_u4_cisc_idx  ",0);
-	max=tm[0];
-	max_idx=0;
-	str[1]="16  c i";
-	print_it("des_encrypt_u16_cisc_idx ",1);
-	if (max < tm[1]) { max=tm[1]; max_idx=1; }
-	str[2]=" 4 r1 i";
-	print_it("des_encrypt_u4_risc1_idx ",2);
-	if (max < tm[2]) { max=tm[2]; max_idx=2; }
-#endif
-#ifdef PART2
-	str[3]="16 r1 i";
-	print_it("des_encrypt_u16_risc1_idx",3);
-	if (max < tm[3]) { max=tm[3]; max_idx=3; }
-	str[4]=" 4 r2 i";
-	print_it("des_encrypt_u4_risc2_idx ",4);
-	if (max < tm[4]) { max=tm[4]; max_idx=4; }
-	str[5]="16 r2 i";
-	print_it("des_encrypt_u16_risc2_idx",5);
-	if (max < tm[5]) { max=tm[5]; max_idx=5; }
-#endif
-#ifdef PART3
-	str[6]=" 4  c p";
-	print_it("des_encrypt_u4_cisc_ptr  ",6);
-	if (max < tm[6]) { max=tm[6]; max_idx=6; }
-	str[7]="16  c p";
-	print_it("des_encrypt_u16_cisc_ptr ",7);
-	if (max < tm[7]) { max=tm[7]; max_idx=7; }
-	str[8]=" 4 r1 p";
-	print_it("des_encrypt_u4_risc1_ptr ",8);
-	if (max < tm[8]) { max=tm[8]; max_idx=8; }
-#endif
-#ifdef PART4
-	str[9]="16 r1 p";
-	print_it("des_encrypt_u16_risc1_ptr",9);
-	if (max < tm[9]) { max=tm[9]; max_idx=9; }
-	str[10]=" 4 r2 p";
-	print_it("des_encrypt_u4_risc2_ptr ",10);
-	if (max < tm[10]) { max=tm[10]; max_idx=10; }
-	str[11]="16 r2 p";
-	print_it("des_encrypt_u16_risc2_ptr",11);
-	if (max < tm[11]) { max=tm[11]; max_idx=11; }
-#endif
-	printf("options    des ecb/s\n");
-	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
-	d=tm[max_idx];
-	tm[max_idx]= -2.0;
-	max= -1.0;
-	for (;;)
-		{
-		for (i=0; i<12; i++)
-			{
-			if (max < tm[i]) { max=tm[i]; j=i; }
-			}
-		if (max < 0.0) break;
-		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
-		tm[j]= -2.0;
-		max= -1.0;
-		}
-
-	switch (max_idx)
-		{
-	case 0:
-		printf("-DDES_DEFAULT_OPTIONS\n");
-		break;
-	case 1:
-		printf("-DDES_UNROLL\n");
-		break;
-	case 2:
-		printf("-DDES_RISC1\n");
-		break;
-	case 3:
-		printf("-DDES_UNROLL -DDES_RISC1\n");
-		break;
-	case 4:
-		printf("-DDES_RISC2\n");
-		break;
-	case 5:
-		printf("-DDES_UNROLL -DDES_RISC2\n");
-		break;
-	case 6:
-		printf("-DDES_PTR\n");
-		break;
-	case 7:
-		printf("-DDES_UNROLL -DDES_PTR\n");
-		break;
-	case 8:
-		printf("-DDES_RISC1 -DDES_PTR\n");
-		break;
-	case 9:
-		printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
-		break;
-	case 10:
-		printf("-DDES_RISC2 -DDES_PTR\n");
-		break;
-	case 11:
-		printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
-		break;
-		}
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/des/des_ver.h b/crypto/openssl/crypto/des/des_ver.h
deleted file mode 100644
index 379bbadda2a7..000000000000
--- a/crypto/openssl/crypto/des/des_ver.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/* crypto/des/des_ver.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-/* The following macros make sure the names are different from libdes names */
-#define DES_version OSSL_DES_version
-#define libdes_version OSSL_libdes_version
-
-OPENSSL_EXTERN const char *OSSL_DES_version;	/* SSLeay version string */
-OPENSSL_EXTERN const char *OSSL_libdes_version;	/* old libdes version string */
diff --git a/crypto/openssl/crypto/des/dess.cpp b/crypto/openssl/crypto/des/dess.cpp
deleted file mode 100644
index 5549bab90afb..000000000000
--- a/crypto/openssl/crypto/des/dess.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt1(&data[0],key,1);
-			GetTSC(s1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			GetTSC(e2);
-			des_encrypt1(&data[0],key,1);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/des/destest.c b/crypto/openssl/crypto/des/destest.c
deleted file mode 100644
index 687c00c79229..000000000000
--- a/crypto/openssl/crypto/des/destest.c
+++ /dev/null
@@ -1,948 +0,0 @@
-/* crypto/des/destest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/e_os2.h>
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WINDOWS)
-#ifndef OPENSSL_SYS_MSDOS
-#define OPENSSL_SYS_MSDOS
-#endif
-#endif
-
-#ifndef OPENSSL_SYS_MSDOS
-#if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
-#include OPENSSL_UNISTD
-#endif
-#else
-#include <io.h>
-#endif
-#include <string.h>
-
-#ifdef OPENSSL_NO_DES
-int main(int argc, char *argv[])
-{
-    printf("No DES support\n");
-    return(0);
-}
-#else
-#include <openssl/des.h>
-
-#define crypt(c,s) (des_crypt((c),(s)))
-
-/* tisk tisk - the test keys don't all have odd parity :-( */
-/* test data */
-#define NUM_TESTS 34
-static unsigned char key_data[NUM_TESTS][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
-	{0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
-	{0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
-	{0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
-	{0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
-	{0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
-	{0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
-	{0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
-	{0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
-	{0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
-	{0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
-	{0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
-	{0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
-	{0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
-	{0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
-	{0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
-	{0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
-	{0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
-	{0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
-	{0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
-	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
-	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
-
-static unsigned char plain_data[NUM_TESTS][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
-	{0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
-	{0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
-	{0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
-	{0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
-	{0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
-	{0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
-	{0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
-	{0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
-	{0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
-	{0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
-	{0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
-	{0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
-	{0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
-	{0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
-	{0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
-	{0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
-	{0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
-	{0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
-
-static unsigned char cipher_data[NUM_TESTS][8]={
-	{0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
-	{0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
-	{0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
-	{0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
-	{0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
-	{0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
-	{0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
-	{0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
-	{0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
-	{0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
-	{0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
-	{0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
-	{0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
-	{0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
-	{0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
-	{0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
-	{0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
-	{0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
-	{0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
-	{0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
-	{0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
-	{0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
-	{0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
-	{0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
-	{0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
-	{0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
-	{0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
-	{0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
-	{0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
-	{0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
-	{0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
-	{0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
-	{0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
-	{0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
-
-static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
-	{0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
-	{0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
-	{0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
-	{0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
-	{0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
-	{0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
-	{0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
-	{0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
-	{0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
-	{0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
-	{0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
-	{0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
-	{0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
-	{0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
-	{0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
-	{0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
-	{0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
-	{0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
-	{0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
-	{0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
-	{0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
-	{0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
-	{0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
-	{0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
-	{0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
-	{0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
-	{0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
-	{0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
-	{0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
-	{0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
-	{0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
-	{0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
-	{0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
-
-static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
-static unsigned char cbc2_key[8]={0xf1,0xe0,0xd3,0xc2,0xb5,0xa4,0x97,0x86};
-static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-static unsigned char cbc_iv  [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-/* Changed the following text constant to binary so it will work on ebcdic
- * machines :-) */
-/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
-static unsigned char cbc_data[40]={
-	0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
-	0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
-	0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
-	0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	};
-
-static unsigned char cbc_ok[32]={
-	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
-	0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
-	0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
-	0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
-
-#ifdef SCREW_THE_PARITY
-#error "SCREW_THE_PARITY is not ment to be defined."
-#error "Original vectors are preserved for reference only."
-static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
-static unsigned char xcbc_ok[32]={
-	0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
-	0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
-	0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
-	0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
-	};
-#else
-static unsigned char xcbc_ok[32]={
-	0x84,0x6B,0x29,0x14,0x85,0x1E,0x9A,0x29,
-	0x54,0x73,0x2F,0x8A,0xA0,0xA6,0x11,0xC1,
-	0x15,0xCD,0xC2,0xD7,0x95,0x1B,0x10,0x53,
-	0xA6,0x3C,0x5E,0x03,0xB2,0x1A,0xA3,0xC4,
-	};
-#endif
-
-static unsigned char cbc3_ok[32]={
-	0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
-	0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
-	0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
-	0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
-
-static unsigned char pcbc_ok[32]={
-	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
-	0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
-	0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
-	0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
-
-static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
-static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
-static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
-static unsigned char plain[24]=
-	{
-	0x4e,0x6f,0x77,0x20,0x69,0x73,
-	0x20,0x74,0x68,0x65,0x20,0x74,
-	0x69,0x6d,0x65,0x20,0x66,0x6f,
-	0x72,0x20,0x61,0x6c,0x6c,0x20
-	};
-static unsigned char cfb_cipher8[24]= {
-	0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
-	0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
-static unsigned char cfb_cipher16[24]={
-	0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
-	0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
-static unsigned char cfb_cipher32[24]={
-	0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
-	0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
-static unsigned char cfb_cipher48[24]={
-	0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
-	0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
-static unsigned char cfb_cipher64[24]={
-	0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
-	0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
-
-static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
-static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
-static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
-static unsigned char ofb_cipher[24]=
-	{
-	0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
-	0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
-	0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
-	};
-
-#if 0
-static DES_LONG cbc_cksum_ret=0xB462FEF7L;
-#else
-static DES_LONG cbc_cksum_ret=0xF7FE62B4L;
-#endif
-static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
-
-static char *pt(unsigned char *p);
-static int cfb_test(int bits, unsigned char *cfb_cipher);
-static int cfb64_test(unsigned char *cfb_cipher);
-static int ede_cfb64_test(unsigned char *cfb_cipher);
-int main(int argc, char *argv[])
-	{
-	int i,j,err=0;
-	des_cblock in,out,outin,iv3,iv2;
-	des_key_schedule ks,ks2,ks3;
-	unsigned char cbc_in[40];
-	unsigned char cbc_out[40];
-	DES_LONG cs;
-	unsigned char cret[8];
-#ifdef _CRAY
-        struct {
-            int a:32;
-            int b:32;
-        } lqret[2];
-#else
-        DES_LONG lqret[4];
-#endif
-	int num;
-	char *str;
-
-#ifndef OPENSSL_NO_DESCBCM
-	printf("Doing cbcm\n");
-	if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	memset(cbc_out,0,40);
-	memset(cbc_in,0,40);
-	i=strlen((char *)cbc_data)+1;
-	/* i=((i+7)/8)*8; */
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	memset(iv2,'\0',sizeof iv2);
-
-	DES_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,&ks,&ks2,&ks3,&iv3,&iv2,
-			      DES_ENCRYPT);
-	DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
-			      &iv3,&iv2,DES_ENCRYPT);
-	/*	if (memcmp(cbc_out,cbc3_ok,
-		(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
-		{
-		printf("des_ede3_cbc_encrypt encrypt error\n");
-		err=1;
-		}
-	*/
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	memset(iv2,'\0',sizeof iv2);
-	DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
-		{
-		int n;
-
-		printf("des_ede3_cbcm_encrypt decrypt error\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc_data[n]);
-		printf("\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc_in[n]);
-		printf("\n");
-		err=1;
-		}
-#endif
-
-	printf("Doing ecb\n");
-	for (i=0; i<NUM_TESTS; i++)
-		{
-		DES_set_key_unchecked(&key_data[i],&ks);
-		memcpy(in,plain_data[i],8);
-		memset(out,0,8);
-		memset(outin,0,8);
-		des_ecb_encrypt(&in,&out,ks,DES_ENCRYPT);
-		des_ecb_encrypt(&out,&outin,ks,DES_DECRYPT);
-
-		if (memcmp(out,cipher_data[i],8) != 0)
-			{
-			printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
-				i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
-				pt(out));
-			err=1;
-			}
-		if (memcmp(in,outin,8) != 0)
-			{
-			printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
-				i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
-			err=1;
-			}
-		}
-
-#ifndef LIBDES_LIT
-	printf("Doing ede ecb\n");
-	for (i=0; i<(NUM_TESTS-1); i++)
-		{
-		DES_set_key_unchecked(&key_data[i],&ks);
-		DES_set_key_unchecked(&key_data[i+1],&ks2);
-		DES_set_key_unchecked(&key_data[i+2],&ks3);
-		memcpy(in,plain_data[i],8);
-		memset(out,0,8);
-		memset(outin,0,8);
-		des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT);
-		des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT);
-
-		if (memcmp(out,cipher_ecb2[i],8) != 0)
-			{
-			printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
-				i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
-				pt(out));
-			err=1;
-			}
-		if (memcmp(in,outin,8) != 0)
-			{
-			printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
-				i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
-			err=1;
-			}
-		}
-#endif
-
-	printf("Doing cbc\n");
-	if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	memset(cbc_out,0,40);
-	memset(cbc_in,0,40);
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_ncbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
-			 &iv3,DES_ENCRYPT);
-	if (memcmp(cbc_out,cbc_ok,32) != 0)
-		{
-		printf("cbc_encrypt encrypt error\n");
-		err=1;
-		}
-
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_ncbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
-			 &iv3,DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
-		{
-		printf("cbc_encrypt decrypt error\n");
-		err=1;
-		}
-
-#ifndef LIBDES_LIT
-	printf("Doing desx cbc\n");
-	if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	memset(cbc_out,0,40);
-	memset(cbc_in,0,40);
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_xcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
-			 &iv3,&cbc2_key,&cbc3_key, DES_ENCRYPT);
-	if (memcmp(cbc_out,xcbc_ok,32) != 0)
-		{
-		printf("des_xcbc_encrypt encrypt error\n");
-		err=1;
-		}
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_xcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
-			 &iv3,&cbc2_key,&cbc3_key, DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
-		{
-		printf("des_xcbc_encrypt decrypt error\n");
-		err=1;
-		}
-#endif
-
-	printf("Doing ede cbc\n");
-	if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	memset(cbc_out,0,40);
-	memset(cbc_in,0,40);
-	i=strlen((char *)cbc_data)+1;
-	/* i=((i+7)/8)*8; */
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-
-	des_ede3_cbc_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3,
-			     DES_ENCRYPT);
-	des_ede3_cbc_encrypt(&(cbc_data[16]),&(cbc_out[16]),i-16,ks,ks2,ks3,
-			     &iv3,DES_ENCRYPT);
-	if (memcmp(cbc_out,cbc3_ok,
-		(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
-		{
-		int n;
-
-		printf("des_ede3_cbc_encrypt encrypt error\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc_out[n]);
-		printf("\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc3_ok[n]);
-		printf("\n");
-		err=1;
-		}
-
-	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
-		{
-		int n;
-
-		printf("des_ede3_cbc_encrypt decrypt error\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc_data[n]);
-		printf("\n");
-		for(n=0 ; n < i ; ++n)
-		    printf(" %02x",cbc_in[n]);
-		printf("\n");
-		err=1;
-		}
-
-#ifndef LIBDES_LIT
-	printf("Doing pcbc\n");
-	if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
-		{
-		printf("Key error %d\n",j);
-		err=1;
-		}
-	memset(cbc_out,0,40);
-	memset(cbc_in,0,40);
-	des_pcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
-			 &cbc_iv,DES_ENCRYPT);
-	if (memcmp(cbc_out,pcbc_ok,32) != 0)
-		{
-		printf("pcbc_encrypt encrypt error\n");
-		err=1;
-		}
-	des_pcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,&cbc_iv,
-			 DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
-		{
-		printf("pcbc_encrypt decrypt error\n");
-		err=1;
-		}
-
-	printf("Doing ");
-	printf("cfb8 ");
-	err+=cfb_test(8,cfb_cipher8);
-	printf("cfb16 ");
-	err+=cfb_test(16,cfb_cipher16);
-	printf("cfb32 ");
-	err+=cfb_test(32,cfb_cipher32);
-	printf("cfb48 ");
-	err+=cfb_test(48,cfb_cipher48);
-	printf("cfb64 ");
-	err+=cfb_test(64,cfb_cipher64);
-
-	printf("cfb64() ");
-	err+=cfb64_test(cfb_cipher64);
-
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	for (i=0; i<sizeof(plain); i++)
-		des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
-			8,1,ks,&cfb_tmp,DES_ENCRYPT);
-	if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
-		{
-		printf("cfb_encrypt small encrypt error\n");
-		err=1;
-		}
-
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	for (i=0; i<sizeof(plain); i++)
-		des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
-			8,1,ks,&cfb_tmp,DES_DECRYPT);
-	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
-		{
-		printf("cfb_encrypt small decrypt error\n");
-		err=1;
-		}
-
-	printf("ede_cfb64() ");
-	err+=ede_cfb64_test(cfb_cipher64);
-
-	printf("done\n");
-
-	printf("Doing ofb\n");
-	DES_set_key_checked(&ofb_key,&ks);
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	des_ofb_encrypt(plain,ofb_buf1,64,sizeof(plain)/8,ks,&ofb_tmp);
-	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
-		{
-		printf("ofb_encrypt encrypt error\n");
-printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
-ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
-ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
-printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
-ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
-ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
-		err=1;
-		}
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	des_ofb_encrypt(ofb_buf1,ofb_buf2,64,sizeof(ofb_buf1)/8,ks,&ofb_tmp);
-	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
-		{
-		printf("ofb_encrypt decrypt error\n");
-printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
-ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
-ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
-printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
-plain[8+0], plain[8+1], plain[8+2], plain[8+3],
-plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
-		err=1;
-		}
-
-	printf("Doing ofb64\n");
-	DES_set_key_checked(&ofb_key,&ks);
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	memset(ofb_buf1,0,sizeof(ofb_buf1));
-	memset(ofb_buf2,0,sizeof(ofb_buf1));
-	num=0;
-	for (i=0; i<sizeof(plain); i++)
-		{
-		des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,&ofb_tmp,
-				  &num);
-		}
-	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
-		{
-		printf("ofb64_encrypt encrypt error\n");
-		err=1;
-		}
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	num=0;
-	des_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,&ofb_tmp,
-			  &num);
-	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
-		{
-		printf("ofb64_encrypt decrypt error\n");
-		err=1;
-		}
-
-	printf("Doing ede_ofb64\n");
-	DES_set_key_checked(&ofb_key,&ks);
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	memset(ofb_buf1,0,sizeof(ofb_buf1));
-	memset(ofb_buf2,0,sizeof(ofb_buf1));
-	num=0;
-	for (i=0; i<sizeof(plain); i++)
-		{
-		des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,
-				       ks,&ofb_tmp,&num);
-		}
-	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
-		{
-		printf("ede_ofb64_encrypt encrypt error\n");
-		err=1;
-		}
-	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
-	num=0;
-	des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,ks,ks,
-			       &ofb_tmp,&num);
-	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
-		{
-		printf("ede_ofb64_encrypt decrypt error\n");
-		err=1;
-		}
-
-	printf("Doing cbc_cksum\n");
-	DES_set_key_checked(&cbc_key,&ks);
-	cs=des_cbc_cksum(cbc_data,&cret,strlen((char *)cbc_data),ks,&cbc_iv);
-	if (cs != cbc_cksum_ret)
-		{
-		printf("bad return value (%08lX), should be %08lX\n",
-			(unsigned long)cs,(unsigned long)cbc_cksum_ret);
-		err=1;
-		}
-	if (memcmp(cret,cbc_cksum_data,8) != 0)
-		{
-		printf("bad cbc_cksum block returned\n");
-		err=1;
-		}
-
-	printf("Doing quad_cksum\n");
-	cs=des_quad_cksum(cbc_data,(des_cblock *)lqret,
-		(long)strlen((char *)cbc_data),2,(des_cblock *)cbc_iv);
-	if (cs != 0x70d7a63aL)
-		{
-		printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
-			(unsigned long)cs);
-		err=1;
-		}
-#ifdef _CRAY
-	if (lqret[0].a != 0x327eba8dL)
-		{
-		printf("quad_cksum error, out[0] %08lx is not %08lx\n",
-			(unsigned long)lqret[0].a,0x327eba8dUL);
-		err=1;
-		}
-	if (lqret[0].b != 0x201a49ccL)
-		{
-		printf("quad_cksum error, out[1] %08lx is not %08lx\n",
-			(unsigned long)lqret[0].b,0x201a49ccUL);
-		err=1;
-		}
-	if (lqret[1].a != 0x70d7a63aL)
-		{
-		printf("quad_cksum error, out[2] %08lx is not %08lx\n",
-			(unsigned long)lqret[1].a,0x70d7a63aUL);
-		err=1;
-		}
-	if (lqret[1].b != 0x501c2c26L)
-		{
-		printf("quad_cksum error, out[3] %08lx is not %08lx\n",
-			(unsigned long)lqret[1].b,0x501c2c26UL);
-		err=1;
-		}
-#else
-	if (lqret[0] != 0x327eba8dL)
-		{
-		printf("quad_cksum error, out[0] %08lx is not %08lx\n",
-			(unsigned long)lqret[0],0x327eba8dUL);
-		err=1;
-		}
-	if (lqret[1] != 0x201a49ccL)
-		{
-		printf("quad_cksum error, out[1] %08lx is not %08lx\n",
-			(unsigned long)lqret[1],0x201a49ccUL);
-		err=1;
-		}
-	if (lqret[2] != 0x70d7a63aL)
-		{
-		printf("quad_cksum error, out[2] %08lx is not %08lx\n",
-			(unsigned long)lqret[2],0x70d7a63aUL);
-		err=1;
-		}
-	if (lqret[3] != 0x501c2c26L)
-		{
-		printf("quad_cksum error, out[3] %08lx is not %08lx\n",
-			(unsigned long)lqret[3],0x501c2c26UL);
-		err=1;
-		}
-#endif
-#endif
-
-	printf("input word alignment test");
-	for (i=0; i<4; i++)
-		{
-		printf(" %d",i);
-		des_ncbc_encrypt(&(cbc_out[i]),cbc_in,
-				 strlen((char *)cbc_data)+1,ks,
-				 &cbc_iv,DES_ENCRYPT);
-		}
-	printf("\noutput word alignment test");
-	for (i=0; i<4; i++)
-		{
-		printf(" %d",i);
-		des_ncbc_encrypt(cbc_out,&(cbc_in[i]),
-				 strlen((char *)cbc_data)+1,ks,
-				 &cbc_iv,DES_ENCRYPT);
-		}
-	printf("\n");
-	printf("fast crypt test ");
-	str=crypt("testing","ef");
-	if (strcmp("efGnQx2725bI2",str) != 0)
-		{
-		printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
-		err=1;
-		}
-	str=crypt("bca76;23","yA");
-	if (strcmp("yA1Rp/1hZXIJk",str) != 0)
-		{
-		printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
-		err=1;
-		}
-	printf("\n");
-	return(err);
-	}
-
-static char *pt(unsigned char *p)
-	{
-	static char bufs[10][20];
-	static int bnum=0;
-	char *ret;
-	int i;
-	static char *f="0123456789ABCDEF";
-
-	ret= &(bufs[bnum++][0]);
-	bnum%=10;
-	for (i=0; i<8; i++)
-		{
-		ret[i*2]=f[(p[i]>>4)&0xf];
-		ret[i*2+1]=f[p[i]&0xf];
-		}
-	ret[16]='\0';
-	return(ret);
-	}
-
-#ifndef LIBDES_LIT
-
-static int cfb_test(int bits, unsigned char *cfb_cipher)
-	{
-	des_key_schedule ks;
-	int i,err=0;
-
-	DES_set_key_checked(&cfb_key,&ks);
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	des_cfb_encrypt(plain,cfb_buf1,bits,sizeof(plain),ks,&cfb_tmp,
-			DES_ENCRYPT);
-	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("cfb_encrypt encrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf1[i])));
-		}
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,sizeof(plain),ks,&cfb_tmp,
-			DES_DECRYPT);
-	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("cfb_encrypt decrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf1[i])));
-		}
-	return(err);
-	}
-
-static int cfb64_test(unsigned char *cfb_cipher)
-	{
-	des_key_schedule ks;
-	int err=0,i,n;
-
-	DES_set_key_checked(&cfb_key,&ks);
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	n=0;
-	des_cfb64_encrypt(plain,cfb_buf1,12,ks,&cfb_tmp,&n,DES_ENCRYPT);
-	des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),sizeof(plain)-12,ks,
-			  &cfb_tmp,&n,DES_ENCRYPT);
-	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("cfb_encrypt encrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf1[i])));
-		}
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	n=0;
-	des_cfb64_encrypt(cfb_buf1,cfb_buf2,17,ks,&cfb_tmp,&n,DES_DECRYPT);
-	des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
-			  sizeof(plain)-17,ks,&cfb_tmp,&n,DES_DECRYPT);
-	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("cfb_encrypt decrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf2[i])));
-		}
-	return(err);
-	}
-
-static int ede_cfb64_test(unsigned char *cfb_cipher)
-	{
-	des_key_schedule ks;
-	int err=0,i,n;
-
-	DES_set_key_checked(&cfb_key,&ks);
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	n=0;
-	des_ede3_cfb64_encrypt(plain,cfb_buf1,12,ks,ks,ks,&cfb_tmp,&n,
-			       DES_ENCRYPT);
-	des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
-			       sizeof(plain)-12,ks,ks,ks,
-			       &cfb_tmp,&n,DES_ENCRYPT);
-	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("ede_cfb_encrypt encrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf1[i])));
-		}
-	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
-	n=0;
-	des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
-			       &cfb_tmp,&n,DES_DECRYPT);
-	des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
-			       sizeof(plain)-17,ks,ks,ks,
-			       &cfb_tmp,&n,DES_DECRYPT);
-	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
-		{
-		err=1;
-		printf("ede_cfb_encrypt decrypt error\n");
-		for (i=0; i<24; i+=8)
-			printf("%s\n",pt(&(cfb_buf2[i])));
-		}
-	return(err);
-	}
-
-#endif
-#endif
diff --git a/crypto/openssl/crypto/des/doIP b/crypto/openssl/crypto/des/doIP
deleted file mode 100644
index 18cf23130364..000000000000
--- a/crypto/openssl/crypto/des/doIP
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/local/bin/perl
-
-@l=(
-	 0, 1, 2, 3, 4, 5, 6, 7,
-	 8, 9,10,11,12,13,14,15,
-	16,17,18,19,20,21,22,23,
-	24,25,26,27,28,29,30,31
-	);
-@r=(
-	32,33,34,35,36,37,38,39,
-	40,41,42,43,44,45,46,47,
-	48,49,50,51,52,53,54,55,
-	56,57,58,59,60,61,62,63
-	);
-
-require 'shifts.pl';
-
-sub PERM_OP
-	{
-	local(*a,*b,*t,$n,$m)=@_;
-
-	@z=&shift(*a,-$n);
-	@z=&xor(*b,*z);
-	@z=&and(*z,$m);
-	@b=&xor(*b,*z);
-	@z=&shift(*z,$n);
-	@a=&xor(*a,*z);
-	}
-
-
-@L=@l;
-@R=@r;
-&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
-&PERM_OP(*L,*R,*T,16,0x0000ffff);
-&PERM_OP(*R,*L,*T,2,0x33333333);
-&PERM_OP(*L,*R,*T,8,0x00ff00ff);
-&PERM_OP(*R,*L,*T,1,0x55555555);
-	&printit(@L);
-	&printit(@R);
-&PERM_OP(*R,*L,*T,1,0x55555555);
-&PERM_OP(*L,*R,*T,8,0x00ff00ff);
-&PERM_OP(*R,*L,*T,2,0x33333333);
-&PERM_OP(*L,*R,*T,16,0x0000ffff);
-&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
-	&printit(@L);
-	&printit(@R);
diff --git a/crypto/openssl/crypto/des/doPC1 b/crypto/openssl/crypto/des/doPC1
deleted file mode 100644
index 096afd8c4614..000000000000
--- a/crypto/openssl/crypto/des/doPC1
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/usr/local/bin/perl
-
-@l=(
-	 0, 1, 2, 3, 4, 5, 6, 7,
-	 8, 9,10,11,12,13,14,15,
-	16,17,18,19,20,21,22,23,
-	24,25,26,27,28,29,30,31
-	);
-@r=(
-	32,33,34,35,36,37,38,39,
-	40,41,42,43,44,45,46,47,
-	48,49,50,51,52,53,54,55,
-	56,57,58,59,60,61,62,63
-	);
-
-require 'shifts.pl';
-
-sub PERM_OP
-	{
-	local(*a,*b,*t,$n,$m)=@_;
-
-	@z=&shift(*a,-$n);
-	@z=&xor(*b,*z);
-	@z=&and(*z,$m);
-	@b=&xor(*b,*z);
-	@z=&shift(*z,$n);
-	@a=&xor(*a,*z);
-	}
-
-sub HPERM_OP2
-	{
-	local(*a,*t,$n,$m)=@_;
-	local(@x,@y,$i);
-
-	@z=&shift(*a,16-$n);
-	@z=&xor(*a,*z);
-	@z=&and(*z,$m);
-	@a=&xor(*a,*z);
-	@z=&shift(*z,$n-16);
-	@a=&xor(*a,*z);
-	}
-
-sub HPERM_OP
-        {
-        local(*a,*t,$n,$m)=@_;
-        local(@x,@y,$i);
-
-        for ($i=0; $i<16; $i++)
-                {
-                $x[$i]=$a[$i];
-                $y[$i]=$a[16+$i];
-                }
-        @z=&shift(*x,-$n);
-        @z=&xor(*y,*z);
-        @z=&and(*z,$m);
-        @y=&xor(*y,*z);
-        @z=&shift(*z,$n);
-        @x=&xor(*x,*z);
-        for ($i=0; $i<16; $i++)
-                {
-                $a[$i]=$x[$i];
-                $a[16+$i]=$y[$i];
-                }
-        }
-
-@L=@l;
-@R=@r;
-
-	print "---\n"; &printit(@R);
-&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
-	print "---\n"; &printit(@R);
-&HPERM_OP2(*L,*T,-2,0xcccc0000);
-&HPERM_OP2(*R,*T,-2,0xcccc0000);
-	print "---\n"; &printit(@R);
-&PERM_OP(*R,*L,*T,1,0x55555555);
-	print "---\n"; &printit(@R);
-&PERM_OP(*L,*R,*T,8,0x00ff00ff);
-	print "---\n"; &printit(@R);
-&PERM_OP(*R,*L,*T,1,0x55555555);
-	print "---\n"; &printit(@R);
-#	&printit(@L);
-	&printit(@R);
-print <<"EOF";
-==============================
-63  55  47  39  31  23  15   7  
-62  54  46  38  30  22  14   6  
-61  53  45  37  29  21  13   5  
-60  52  44  36  --  --  --  --  
-
-57  49  41  33  25  17   9   1  
-58  50  42  34  26  18  10   2  
-59  51  43  35  27  19  11   3  
-28  20  12   4  --  --  --  --  
-EOF
-exit(1);
-@A=&and(*R,0x000000ff);
-@A=&shift(*A,16);
-@B=&and(*R,0x0000ff00);
-@C=&and(*R,0x00ff0000);
-@C=&shift(*C,-16);
-@D=&and(*L,0xf0000000);
-@D=&shift(*D,-4);
-@A=&or(*A,*B);
-@B=&or(*D,*C);
-@R=&or(*A,*B);
-@L=&and(*L,0x0fffffff);
-
-	&printit(@L);
-	&printit(@R);
-
diff --git a/crypto/openssl/crypto/des/doPC2 b/crypto/openssl/crypto/des/doPC2
deleted file mode 100644
index fa5cf74cf713..000000000000
--- a/crypto/openssl/crypto/des/doPC2
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/usr/local/bin/perl
-
-@PC2_C=(14,17,11,24, 1, 5,
-	 3,28,15, 6,21,10,
-	23,19,12, 4,26, 8,
-	16, 7,27,20,13, 2,
-	);
-
-@PC2_D=(41,52,31,37,47,55,
-	30,40,51,45,33,48,
-	44,49,39,56,34,53,
-	46,42,50,36,29,32,
-	);
-
-$i=0;
-foreach (@PC2_C) {
-	$_--;
-#	printf "%2d,",$_;
-	$C{$_}=$i;
-	++$i;
-#	print "\n" if ((($i) % 8) == 0);
-	}
-$i=0;
-#print "\n";
-foreach (@PC2_D) {
-	$_-=28;
-	$_--;
-#	printf "%2d,",$_;
-	$D{$_}=$i;
-	$i++;
-#	print "\n" if ((($i) % 8) == 0);
-	}
-
-#print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$C{$i};
-#	printf "%2d,",$_;
-	$i++;
-#	print "\n" if ((($i) % 8) == 0);
-	}
-#print "\n";
-
-#print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$D{$i};
-#	printf "%2d,",$_;
-	$i++;
-#	print "\n" if ((($i) % 8) == 0);
-	}
-#print "\n";
-
-print "static ulong skb[8][64]={\n";
-&doit("C",*C, 0, 1, 2, 3, 4, 5);
-&doit("C",*C, 6, 7, 9,10,11,12);
-&doit("C",*C,13,14,15,16,18,19);
-&doit("C",*C,20,22,23,25,26,27);
-
-&doit("D",*D, 0, 1, 2, 3, 4, 5);
-&doit("D",*D, 7, 8,10,11,12,13);
-&doit("D",*D,15,16,17,18,19,20);
-&doit("D",*D,21,22,23,24,26,27);
-print "};\n";
-
-sub doit
-	{
-	local($l,*A,@b)=@_;
-	local(@out);
-
-	printf("/* for $l bits (numbered as per FIPS 46) %d %d %d %d %d %d */\n",
-		$b[0]+1, $b[1]+1, $b[2]+1, $b[3]+1, $b[4]+1, $b[5]+1);
-	for ($i=0; $i<64; $i++)
-		{
-		$out[$i]=0;
-		$j=1;
-#print "\n";
-		for ($k=0; $k<6; $k++)
-			{
-			$l=$A{$b[$k]};
-#print"$l - ";
-			if ((1<<$k) & $i)
-				{
-				$ll=int($l/6)*8+($l%6);
-				$out[$i]|=1<<($ll);
-				}
-			}
-		$pp=$out[$i];
-		$pp=($pp&0xff0000ff)|   (($pp&0x00ff0000)>>8)|
-					(($pp&0x0000ff00)<<8);
-		printf("0x%08X,",$pp);
-		print "\n" if (($i+1) % 4 == 0);
-		}
-	}
diff --git a/crypto/openssl/crypto/des/ecb3_enc.c b/crypto/openssl/crypto/des/ecb3_enc.c
deleted file mode 100644
index c3437bc60621..000000000000
--- a/crypto/openssl/crypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/des/ecb3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-		      DES_key_schedule *ks1, DES_key_schedule *ks2,
-		      DES_key_schedule *ks3,
-	     int enc)
-	{
-	register DES_LONG l0,l1;
-	DES_LONG ll[2];
-	const unsigned char *in = &(*input)[0];
-	unsigned char *out = &(*output)[0];
-
-	c2l(in,l0);
-	c2l(in,l1);
-	ll[0]=l0;
-	ll[1]=l1;
-	if (enc)
-		DES_encrypt3(ll,ks1,ks2,ks3);
-	else
-		DES_decrypt3(ll,ks1,ks2,ks3);
-	l0=ll[0];
-	l1=ll[1];
-	l2c(l0,out);
-	l2c(l1,out);
-	}
diff --git a/crypto/openssl/crypto/des/ecb_enc.c b/crypto/openssl/crypto/des/ecb_enc.c
deleted file mode 100644
index 1b70f68806d9..000000000000
--- a/crypto/openssl/crypto/des/ecb_enc.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/des/ecb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "des_ver.h"
-#include "spr.h"
-#include <openssl/opensslv.h>
-
-OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
-OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
-
-const char *DES_options(void)
-	{
-	static int init=1;
-	static char buf[32];
-
-	if (init)
-		{
-		const char *ptr,*unroll,*risc,*size;
-
-#ifdef DES_PTR
-		ptr="ptr";
-#else
-		ptr="idx";
-#endif
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-		risc="risc1";
-#endif
-#ifdef DES_RISC2
-		risc="risc2";
-#endif
-#else
-		risc="cisc";
-#endif
-#ifdef DES_UNROLL
-		unroll="16";
-#else
-		unroll="4";
-#endif
-		if (sizeof(DES_LONG) != sizeof(long))
-			size="int";
-		else
-			size="long";
-		sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
-		init=0;
-		}
-	return(buf);
-	}
-		
-
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-		     DES_key_schedule *ks, int enc)
-	{
-	register DES_LONG l;
-	DES_LONG ll[2];
-	const unsigned char *in = &(*input)[0];
-	unsigned char *out = &(*output)[0];
-
-	c2l(in,l); ll[0]=l;
-	c2l(in,l); ll[1]=l;
-	DES_encrypt1(ll,ks,enc);
-	l=ll[0]; l2c(l,out);
-	l=ll[1]; l2c(l,out);
-	l=ll[0]=ll[1]=0;
-	}
diff --git a/crypto/openssl/crypto/des/ede_cbcm_enc.c b/crypto/openssl/crypto/des/ede_cbcm_enc.c
deleted file mode 100644
index fa45aa272ba5..000000000000
--- a/crypto/openssl/crypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* ede_cbcm_enc.c */
-/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
- * project 13 Feb 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-
-This is an implementation of Triple DES Cipher Block Chaining with Output
-Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
-
-Note that there is a known attack on this by Biham and Knudsen but it takes
-a lot of work:
-
-http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
-
-*/
-
-#ifndef OPENSSL_NO_DESCBCM
-#include "des_locl.h"
-
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
-	     long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-	     DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
-	     int enc)
-    {
-    register DES_LONG tin0,tin1;
-    register DES_LONG tout0,tout1,xor0,xor1,m0,m1;
-    register long l=length;
-    DES_LONG tin[2];
-    unsigned char *iv1,*iv2;
-
-    iv1 = &(*ivec1)[0];
-    iv2 = &(*ivec2)[0];
-
-    if (enc)
-	{
-	c2l(iv1,m0);
-	c2l(iv1,m1);
-	c2l(iv2,tout0);
-	c2l(iv2,tout1);
-	for (l-=8; l>=-7; l-=8)
-	    {
-	    tin[0]=m0;
-	    tin[1]=m1;
-	    DES_encrypt1(tin,ks3,1);
-	    m0=tin[0];
-	    m1=tin[1];
-
-	    if(l < 0)
-		{
-		c2ln(in,tin0,tin1,l+8);
-		}
-	    else
-		{
-		c2l(in,tin0);
-		c2l(in,tin1);
-		}
-	    tin0^=tout0;
-	    tin1^=tout1;
-
-	    tin[0]=tin0;
-	    tin[1]=tin1;
-	    DES_encrypt1(tin,ks1,1);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks2,0);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks1,1);
-	    tout0=tin[0];
-	    tout1=tin[1];
-
-	    l2c(tout0,out);
-	    l2c(tout1,out);
-	    }
-	iv1=&(*ivec1)[0];
-	l2c(m0,iv1);
-	l2c(m1,iv1);
-
-	iv2=&(*ivec2)[0];
-	l2c(tout0,iv2);
-	l2c(tout1,iv2);
-	}
-    else
-	{
-	register DES_LONG t0,t1;
-
-	c2l(iv1,m0);
-	c2l(iv1,m1);
-	c2l(iv2,xor0);
-	c2l(iv2,xor1);
-	for (l-=8; l>=-7; l-=8)
-	    {
-	    tin[0]=m0;
-	    tin[1]=m1;
-	    DES_encrypt1(tin,ks3,1);
-	    m0=tin[0];
-	    m1=tin[1];
-
-	    c2l(in,tin0);
-	    c2l(in,tin1);
-
-	    t0=tin0;
-	    t1=tin1;
-
-	    tin[0]=tin0;
-	    tin[1]=tin1;
-	    DES_encrypt1(tin,ks1,0);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks2,1);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks1,0);
-	    tout0=tin[0];
-	    tout1=tin[1];
-
-	    tout0^=xor0;
-	    tout1^=xor1;
-	    if(l < 0)
-		{
-		l2cn(tout0,tout1,out,l+8);
-		}
-	    else
-		{
-		l2c(tout0,out);
-		l2c(tout1,out);
-		}
-	    xor0=t0;
-	    xor1=t1;
-	    }
-
-	iv1=&(*ivec1)[0];
-	l2c(m0,iv1);
-	l2c(m1,iv1);
-
-	iv2=&(*ivec2)[0];
-	l2c(xor0,iv2);
-	l2c(xor1,iv2);
-	}
-    tin0=tin1=tout0=tout1=xor0=xor1=0;
-    tin[0]=tin[1]=0;
-    }
-#endif
diff --git a/crypto/openssl/crypto/des/enc_read.c b/crypto/openssl/crypto/des/enc_read.c
deleted file mode 100644
index c70fb686b8b0..000000000000
--- a/crypto/openssl/crypto/des/enc_read.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* crypto/des/enc_read.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-
-/* This has some uglies in it but it works - even over sockets. */
-/*extern int errno;*/
-OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE;
-
-
-/*
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- *
- *  -  This function uses an internal state and thus cannot be
- *     used on multiple files.
- */
-
-
-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-		 DES_cblock *iv)
-	{
-	/* data to be unencrypted */
-	int net_num=0;
-	static unsigned char *net=NULL;
-	/* extra unencrypted data 
-	 * for when a block of 100 comes in but is des_read one byte at
-	 * a time. */
-	static unsigned char *unnet=NULL;
-	static int unnet_start=0;
-	static int unnet_left=0;
-	static unsigned char *tmpbuf=NULL;
-	int i;
-	long num=0,rnum;
-	unsigned char *p;
-
-	if (tmpbuf == NULL)
-		{
-		tmpbuf=OPENSSL_malloc(BSIZE);
-		if (tmpbuf == NULL) return(-1);
-		}
-	if (net == NULL)
-		{
-		net=OPENSSL_malloc(BSIZE);
-		if (net == NULL) return(-1);
-		}
-	if (unnet == NULL)
-		{
-		unnet=OPENSSL_malloc(BSIZE);
-		if (unnet == NULL) return(-1);
-		}
-	/* left over data from last decrypt */
-	if (unnet_left != 0)
-		{
-		if (unnet_left < len)
-			{
-			/* we still still need more data but will return
-			 * with the number of bytes we have - should always
-			 * check the return value */
-			memcpy(buf,&(unnet[unnet_start]),
-			       unnet_left);
-			/* eay 26/08/92 I had the next 2 lines
-			 * reversed :-( */
-			i=unnet_left;
-			unnet_start=unnet_left=0;
-			}
-		else
-			{
-			memcpy(buf,&(unnet[unnet_start]),len);
-			unnet_start+=len;
-			unnet_left-=len;
-			i=len;
-			}
-		return(i);
-		}
-
-	/* We need to get more data. */
-	if (len > MAXWRITE) len=MAXWRITE;
-
-	/* first - get the length */
-	while (net_num < HDRSIZE) 
-		{
-		i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
-#ifdef EINTR
-		if ((i == -1) && (errno == EINTR)) continue;
-#endif
-		if (i <= 0) return(0);
-		net_num+=i;
-		}
-
-	/* we now have at net_num bytes in net */
-	p=net;
-	/* num=0;  */
-	n2l(p,num);
-	/* num should be rounded up to the next group of eight
-	 * we make sure that we have read a multiple of 8 bytes from the net.
-	 */
-	if ((num > MAXWRITE) || (num < 0)) /* error */
-		return(-1);
-	rnum=(num < 8)?8:((num+7)/8*8);
-
-	net_num=0;
-	while (net_num < rnum)
-		{
-		i=read(fd,(void *)&(net[net_num]),rnum-net_num);
-#ifdef EINTR
-		if ((i == -1) && (errno == EINTR)) continue;
-#endif
-		if (i <= 0) return(0);
-		net_num+=i;
-		}
-
-	/* Check if there will be data left over. */
-	if (len < num)
-		{
-		if (DES_rw_mode & DES_PCBC_MODE)
-			DES_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
-		else
-			DES_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
-		memcpy(buf,unnet,len);
-		unnet_start=len;
-		unnet_left=num-len;
-
-		/* The following line is done because we return num
-		 * as the number of bytes read. */
-		num=len;
-		}
-	else
-		{
-		/* >output is a multiple of 8 byes, if len < rnum
-		 * >we must be careful.  The user must be aware that this
-		 * >routine will write more bytes than he asked for.
-		 * >The length of the buffer must be correct.
-		 * FIXED - Should be ok now 18-9-90 - eay */
-		if (len < rnum)
-			{
-
-			if (DES_rw_mode & DES_PCBC_MODE)
-				DES_pcbc_encrypt(net,tmpbuf,num,sched,iv,
-						 DES_DECRYPT);
-			else
-				DES_cbc_encrypt(net,tmpbuf,num,sched,iv,
-						DES_DECRYPT);
-
-			/* eay 26/08/92 fix a bug that returned more
-			 * bytes than you asked for (returned len bytes :-( */
-			memcpy(buf,tmpbuf,num);
-			}
-		else
-			{
-			if (DES_rw_mode & DES_PCBC_MODE)
-				DES_pcbc_encrypt(net,buf,num,sched,iv,
-						 DES_DECRYPT);
-			else
-				DES_cbc_encrypt(net,buf,num,sched,iv,
-						DES_DECRYPT);
-			}
-		}
-	return num;
-	}
-
diff --git a/crypto/openssl/crypto/des/enc_writ.c b/crypto/openssl/crypto/des/enc_writ.c
deleted file mode 100644
index af5b8c2349bb..000000000000
--- a/crypto/openssl/crypto/des/enc_writ.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/* crypto/des/enc_writ.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <time.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-#include <openssl/rand.h>
-
-/*
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- */
-
-int DES_enc_write(int fd, const void *_buf, int len,
-		  DES_key_schedule *sched, DES_cblock *iv)
-	{
-#ifdef _LIBC
-	extern unsigned long time();
-	extern int write();
-#endif
-	const unsigned char *buf=_buf;
-	long rnum;
-	int i,j,k,outnum;
-	static unsigned char *outbuf=NULL;
-	unsigned char shortbuf[8];
-	unsigned char *p;
-	const unsigned char *cp;
-	static int start=1;
-
-	if (outbuf == NULL)
-		{
-		outbuf=OPENSSL_malloc(BSIZE+HDRSIZE);
-		if (outbuf == NULL) return(-1);
-		}
-	/* If we are sending less than 8 bytes, the same char will look
-	 * the same if we don't pad it out with random bytes */
-	if (start)
-		{
-		start=0;
-		}
-
-	/* lets recurse if we want to send the data in small chunks */
-	if (len > MAXWRITE)
-		{
-		j=0;
-		for (i=0; i<len; i+=k)
-			{
-			k=DES_enc_write(fd,&(buf[i]),
-				((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
-			if (k < 0)
-				return(k);
-			else
-				j+=k;
-			}
-		return(j);
-		}
-
-	/* write length first */
-	p=outbuf;
-	l2n(len,p);
-
-	/* pad short strings */
-	if (len < 8)
-		{
-		cp=shortbuf;
-		memcpy(shortbuf,buf,len);
-		RAND_pseudo_bytes(shortbuf+len, 8-len);
-		rnum=8;
-		}
-	else
-		{
-		cp=buf;
-		rnum=((len+7)/8*8); /* round up to nearest eight */
-		}
-
-	if (DES_rw_mode & DES_PCBC_MODE)
-		DES_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
-				 DES_ENCRYPT); 
-	else
-		DES_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
-				DES_ENCRYPT); 
-
-	/* output */
-	outnum=rnum+HDRSIZE;
-
-	for (j=0; j<outnum; j+=i)
-		{
-		/* eay 26/08/92 I was not doing writing from where we
-		 * got up to. */
-		i=write(fd,(void *)&(outbuf[j]),outnum-j);
-		if (i == -1)
-			{
-#ifdef EINTR
-			if (errno == EINTR)
-				i=0;
-			else
-#endif
-			        /* This is really a bad error - very bad
-				 * It will stuff-up both ends. */
-				return(-1);
-			}
-		}
-
-	return(len);
-	}
diff --git a/crypto/openssl/crypto/des/fcrypt.c b/crypto/openssl/crypto/des/fcrypt.c
deleted file mode 100644
index 2758c32656af..000000000000
--- a/crypto/openssl/crypto/des/fcrypt.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* NOCW */
-#include <stdio.h>
-#ifdef _OSD_POSIX
-#ifndef CHARSET_EBCDIC
-#define CHARSET_EBCDIC 1
-#endif
-#endif
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * Eric Young (eay@cryptsoft.com)
- */
-
-/* Modification by Jens Kupferschmidt (Cu)
- * I have included directive PARA for shared memory computers.
- * I have included a directive LONGCRYPT to using this routine to cipher
- * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
- * definition is the maximum of length of password and can changed. I have
- * defined 24.
- */
-
-#include "des_locl.h"
-
-/* Added more values to handle illegal salt values the way normal
- * crypt() implementations do.  The patch was sent by 
- * Bjorn Gronvall <bg@sics.se>
- */
-static unsigned const char con_salt[128]={
-0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
-0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
-0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
-0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
-0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
-0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
-0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
-0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
-0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
-0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
-0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
-0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
-0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
-0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
-0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
-0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
-};
-
-static unsigned const char cov_2char[64]={
-0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
-};
-
-void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
-		 DES_LONG Eswap0, DES_LONG Eswap1);
-
-char *DES_crypt(const char *buf, const char *salt)
-	{
-	static char buff[14];
-
-#ifndef CHARSET_EBCDIC
-	return(DES_fcrypt(buf,salt,buff));
-#else
-	char e_salt[2+1];
-	char e_buf[32+1];	/* replace 32 by 8 ? */
-	char *ret;
-
-	/* Copy at most 2 chars of salt */
-	if ((e_salt[0] = salt[0]) != '\0')
-	    e_salt[1] = salt[1];
-
-	/* Copy at most 32 chars of password */
-	strncpy (e_buf, buf, sizeof(e_buf));
-
-	/* Make sure we have a delimiter */
-	e_salt[sizeof(e_salt)-1] = e_buf[sizeof(e_buf)-1] = '\0';
-
-	/* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
-	ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
-
-	/* Convert the cleartext password to ASCII */
-	ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
-
-	/* Encrypt it (from/to ASCII) */
-	ret = DES_fcrypt(e_buf,e_salt,buff);
-
-	/* Convert the result back to EBCDIC */
-	ascii2ebcdic(ret, ret, strlen(ret));
-	
-	return ret;
-#endif
-	}
-
-
-char *DES_fcrypt(const char *buf, const char *salt, char *ret)
-	{
-	unsigned int i,j,x,y;
-	DES_LONG Eswap0,Eswap1;
-	DES_LONG out[2],ll;
-	DES_cblock key;
-	DES_key_schedule ks;
-	unsigned char bb[9];
-	unsigned char *b=bb;
-	unsigned char c,u;
-
-	/* eay 25/08/92
-	 * If you call crypt("pwd","*") as often happens when you
-	 * have * as the pwd field in /etc/passwd, the function
-	 * returns *\0XXXXXXXXX
-	 * The \0 makes the string look like * so the pwd "*" would
-	 * crypt to "*".  This was found when replacing the crypt in
-	 * our shared libraries.  People found that the disabled
-	 * accounts effectively had no passwd :-(. */
-#ifndef CHARSET_EBCDIC
-	x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
-	Eswap0=con_salt[x]<<2;
-	x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
-	Eswap1=con_salt[x]<<6;
-#else
-	x=ret[0]=((salt[0] == '\0')?os_toascii['A']:salt[0]);
-	Eswap0=con_salt[x]<<2;
-	x=ret[1]=((salt[1] == '\0')?os_toascii['A']:salt[1]);
-	Eswap1=con_salt[x]<<6;
-#endif
-
-/* EAY
-r=strlen(buf);
-r=(r+7)/8;
-*/
-	for (i=0; i<8; i++)
-		{
-		c= *(buf++);
-		if (!c) break;
-		key[i]=(c<<1);
-		}
-	for (; i<8; i++)
-		key[i]=0;
-
-	DES_set_key_unchecked(&key,&ks);
-	fcrypt_body(&(out[0]),&ks,Eswap0,Eswap1);
-
-	ll=out[0]; l2c(ll,b);
-	ll=out[1]; l2c(ll,b);
-	y=0;
-	u=0x80;
-	bb[8]=0;
-	for (i=2; i<13; i++)
-		{
-		c=0;
-		for (j=0; j<6; j++)
-			{
-			c<<=1;
-			if (bb[y] & u) c|=1;
-			u>>=1;
-			if (!u)
-				{
-				y++;
-				u=0x80;
-				}
-			}
-		ret[i]=cov_2char[c];
-		}
-	ret[13]='\0';
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/des/fcrypt_b.c b/crypto/openssl/crypto/des/fcrypt_b.c
deleted file mode 100644
index 1390138787ff..000000000000
--- a/crypto/openssl/crypto/des/fcrypt_b.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/des/fcrypt_b.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
- * Eric Young (eay@cryptsoft.com)
- */
-
-#define DES_FCRYPT
-#include "des_locl.h"
-#undef DES_FCRYPT
-
-#undef PERM_OP
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-	(b)^=(t),\
-	(a)^=((t)<<(n)))
-
-#undef HPERM_OP
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-	(a)=(a)^(t)^(t>>(16-(n))))\
-
-void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
-		 DES_LONG Eswap1)
-	{
-	register DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-	register DES_LONG *s;
-	register int j;
-	register DES_LONG E0,E1;
-
-	l=0;
-	r=0;
-
-	s=(DES_LONG *)ks;
-	E0=Eswap0;
-	E1=Eswap1;
-
-	for (j=0; j<25; j++)
-		{
-#ifndef DES_UNROLL
-		register int i;
-
-		for (i=0; i<32; i+=8)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  1 */
-			D_ENCRYPT(r,l,i+6); /*  2 */
-			}
-#else
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#endif
-
-		t=l;
-		l=r;
-		r=t;
-		}
-	l=ROTATE(l,3)&0xffffffffL;
-	r=ROTATE(r,3)&0xffffffffL;
-
-	PERM_OP(l,r,t, 1,0x55555555L);
-	PERM_OP(r,l,t, 8,0x00ff00ffL);
-	PERM_OP(l,r,t, 2,0x33333333L);
-	PERM_OP(r,l,t,16,0x0000ffffL);
-	PERM_OP(l,r,t, 4,0x0f0f0f0fL);
-
-	out[0]=r;
-	out[1]=l;
-	}
-
diff --git a/crypto/openssl/crypto/des/makefile.bc b/crypto/openssl/crypto/des/makefile.bc
deleted file mode 100644
index 1fe6d4915a91..000000000000
--- a/crypto/openssl/crypto/des/makefile.bc
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
-#
-#
-CC      = bcc
-TLIB    = tlib /0 /C
-# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
-OPTIMIZE= -3 -O2
-#WINDOWS= -W
-CFLAGS  = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
-LFLAGS  = -ml $(WINDOWS)
-
-.c.obj:
-	$(CC) $(CFLAGS) $*.c
-
-.obj.exe:
-	$(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib  
-
-all: $(LIB) destest.exe rpw.exe des.exe speed.exe
-
-# "make clean": use a directory containing only libdes .exe and .obj files...
-clean:
-	del *.exe
-	del *.obj
-	del libdes.lib
-	del libdes.rsp
-
-OBJS=   cbc_cksm.obj cbc_enc.obj  ecb_enc.obj  pcbc_enc.obj \
-	qud_cksm.obj rand_key.obj set_key.obj  str2key.obj \
-	enc_read.obj enc_writ.obj fcrypt.obj   cfb_enc.obj \
-	ecb3_enc.obj ofb_enc.obj  cbc3_enc.obj read_pwd.obj\
-	cfb64enc.obj ofb64enc.obj ede_enc.obj  cfb64ede.obj\
-	ofb64ede.obj supp.obj
-
-LIB=    libdes.lib
-
-$(LIB): $(OBJS)
-	del $(LIB)
-	makersp "+%s &\n" &&|
-	$(OBJS)
-|       >libdes.rsp
-	$(TLIB) libdes.lib @libdes.rsp,nul
-	del libdes.rsp
-
-destest.exe: destest.obj libdes.lib
-rpw.exe:     rpw.obj libdes.lib
-speed.exe:   speed.obj libdes.lib
-des.exe:     des.obj libdes.lib
-
-
diff --git a/crypto/openssl/crypto/des/ncbc_enc.c b/crypto/openssl/crypto/des/ncbc_enc.c
deleted file mode 100644
index fda23d522f3f..000000000000
--- a/crypto/openssl/crypto/des/ncbc_enc.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/des/ncbc_enc.c */
-/*
- * #included by:
- *    cbc_enc.c  (DES_cbc_encrypt)
- *    des_enc.c  (DES_ncbc_encrypt)
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-#ifdef CBC_ENC_C__DONT_UPDATE_IV
-void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-#else
-void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-#endif
-	{
-	register DES_LONG tin0,tin1;
-	register DES_LONG tout0,tout1,xor0,xor1;
-	register long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0; tin[0]=tin0;
-			tin1^=tout1; tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0; tin[0]=tin0;
-			tin1^=tout1; tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-#endif
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-			xor0=tin0;
-			xor1=tin1;
-#endif
-			}
-#ifndef CBC_ENC_C__DONT_UPDATE_IV 
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-#endif
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
diff --git a/crypto/openssl/crypto/des/ofb64ede.c b/crypto/openssl/crypto/des/ofb64ede.c
deleted file mode 100644
index 26bbf9a6a733..000000000000
--- a/crypto/openssl/crypto/des/ofb64ede.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/des/ofb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void DES_ede3_ofb64_encrypt(register const unsigned char *in,
-			    register unsigned char *out, long length,
-			    DES_key_schedule *k1, DES_key_schedule *k2,
-			    DES_key_schedule *k3, DES_cblock *ivec,
-			    int *num)
-	{
-	register DES_LONG v0,v1;
-	register int n= *num;
-	register long l=length;
-	DES_cblock d;
-	register char *dp;
-	DES_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			/* ti[0]=v0; */
-			/* ti[1]=v1; */
-			DES_encrypt3(ti,k1,k2,k3);
-			v0=ti[0];
-			v1=ti[1];
-
-			dp=(char *)d;
-			l2c(v0,dp);
-			l2c(v1,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-/*		v0=ti[0];
-		v1=ti[1];*/
-		iv = &(*ivec)[0];
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
-#ifdef undef /* MACRO */
-void DES_ede2_ofb64_encrypt(register unsigned char *in,
-	     register unsigned char *out, long length, DES_key_schedule k1,
-	     DES_key_schedule k2, DES_cblock (*ivec), int *num)
-	{
-	DES_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
-	}
-#endif
diff --git a/crypto/openssl/crypto/des/ofb64enc.c b/crypto/openssl/crypto/des/ofb64enc.c
deleted file mode 100644
index 8ca3d49dea16..000000000000
--- a/crypto/openssl/crypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/des/ofb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void DES_ofb64_encrypt(register const unsigned char *in,
-		       register unsigned char *out, long length,
-		       DES_key_schedule *schedule, DES_cblock *ivec, int *num)
-	{
-	register DES_LONG v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	DES_cblock d;
-	register unsigned char *dp;
-	DES_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			DES_encrypt1(ti,schedule,DES_ENCRYPT);
-			dp=d;
-			t=ti[0]; l2c(t,dp);
-			t=ti[1]; l2c(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv = &(*ivec)[0];
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/des/ofb_enc.c b/crypto/openssl/crypto/des/ofb_enc.c
deleted file mode 100644
index e887a3c6f4bd..000000000000
--- a/crypto/openssl/crypto/des/ofb_enc.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/des/ofb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second.  The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-		     long length, DES_key_schedule *schedule,
-		     DES_cblock *ivec)
-	{
-	register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
-	register DES_LONG mask0,mask1;
-	register long l=length;
-	register int num=numbits;
-	DES_LONG ti[2];
-	unsigned char *iv;
-
-	if (num > 64) return;
-	if (num > 32)
-		{
-		mask0=0xffffffffL;
-		if (num >= 64)
-			mask1=mask0;
-		else
-			mask1=(1L<<(num-32))-1;
-		}
-	else
-		{
-		if (num == 32)
-			mask0=0xffffffffL;
-		else
-			mask0=(1L<<num)-1;
-		mask1=0x00000000L;
-		}
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	while (l-- > 0)
-		{
-		ti[0]=v0;
-		ti[1]=v1;
-		DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-		vv0=ti[0];
-		vv1=ti[1];
-		c2ln(in,d0,d1,n);
-		in+=n;
-		d0=(d0^vv0)&mask0;
-		d1=(d1^vv1)&mask1;
-		l2cn(d0,d1,out,n);
-		out+=n;
-
-		if (num == 32)
-			{ v0=v1; v1=vv0; }
-		else if (num == 64)
-				{ v0=vv0; v1=vv1; }
-		else if (num > 32) /* && num != 64 */
-			{
-			v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
-			v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
-			}
-		else /* num < 32 */
-			{
-			v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-			v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
-			}
-		}
-	iv = &(*ivec)[0];
-	l2c(v0,iv);
-	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
-	}
-
diff --git a/crypto/openssl/crypto/des/options.txt b/crypto/openssl/crypto/des/options.txt
deleted file mode 100644
index 6e2b50f765e7..000000000000
--- a/crypto/openssl/crypto/des/options.txt
+++ /dev/null
@@ -1,39 +0,0 @@
-Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
-instead of the default 4.
-RISC1 and RISC2 are 2 alternatives for the inner loop and
-PTR means to use pointers arithmatic instead of arrays.
-
-FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler		577,000 4620k/s
-IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR	496,000 3968k/s
-solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]	459,400 3672k/s
-FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1	433,000 3468k/s
-solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 		380,000 3041k/s
-linux - pentium 100mhz - gcc 2.7.0 - assembler			281,000 2250k/s
-NT 4.0 - pentium 100mhz - VC 4.2 - assembler			281,000 2250k/s
-AIX 4.1? - PPC604 100mhz - cc - UNROLL 				275,000 2200k/s
-IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR		235,300 1882k/s
-IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR			233,700 1869k/s
-NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR		191,000 1528k/s
-DEC Alpha 165mhz??  - cc - RISC2 PTR [2]			181,000 1448k/s
-linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR		158,500 1268k/s
-HPUX 10 - 9000/887 - cc - UNROLL [3]	 			148,000	1190k/s
-solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL		123,600  989k/s
-IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR			101,000  808k/s
-DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL			 81,000  648k/s
-solaris 2.4 486 50mhz - gcc 2.6.3 - assembler			 65,000  522k/s
-HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR	 76,000	 608k/s
-solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2		 43,500  344k/s
-AIX - old slow one :-) - cc -					 39,000  312k/s
-
-Notes.
-[1] For the ultra sparc, SunC 4.0 
-    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
-    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
-    I'll record the higher since it is coming from the library but it
-    is all rather weird.
-[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
-[3] I was unable to get access to this machine when it was not heavily loaded.
-    As such, my timing program was never able to get more that %30 of the CPU.
-    This would cause the program to give much lower speed numbers because
-    it would be 'fighting' to stay in the cache with the other CPU burning
-    processes.
diff --git a/crypto/openssl/crypto/des/pcbc_enc.c b/crypto/openssl/crypto/des/pcbc_enc.c
deleted file mode 100644
index 17a40f9520f0..000000000000
--- a/crypto/openssl/crypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/des/pcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-		      long length, DES_key_schedule *schedule,
-		      DES_cblock *ivec, int enc)
-	{
-	register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
-	DES_LONG tin[2];
-	const unsigned char *in;
-	unsigned char *out,*iv;
-
-	in=input;
-	out=output;
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (; length>0; length-=8)
-			{
-			if (length >= 8)
-				{
-				c2l(in,sin0);
-				c2l(in,sin1);
-				}
-			else
-				c2ln(in,sin0,sin1,length);
-			tin[0]=sin0^xor0;
-			tin[1]=sin1^xor1;
-			DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
-			tout0=tin[0];
-			tout1=tin[1];
-			xor0=sin0^tout0;
-			xor1=sin1^tout1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		}
-	else
-		{
-		c2l(iv,xor0); c2l(iv,xor1);
-		for (; length>0; length-=8)
-			{
-			c2l(in,sin0);
-			c2l(in,sin1);
-			tin[0]=sin0;
-			tin[1]=sin1;
-			DES_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			if (length >= 8)
-				{
-				l2c(tout0,out);
-				l2c(tout1,out);
-				}
-			else
-				l2cn(tout0,tout1,out,length);
-			xor0=tout0^sin0;
-			xor1=tout1^sin1;
-			}
-		}
-	tin[0]=tin[1]=0;
-	sin0=sin1=xor0=xor1=tout0=tout1=0;
-	}
diff --git a/crypto/openssl/crypto/des/podd.h b/crypto/openssl/crypto/des/podd.h
deleted file mode 100644
index 1b2bfe08432e..000000000000
--- a/crypto/openssl/crypto/des/podd.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/des/podd.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const unsigned char odd_parity[256]={
-  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
- 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
- 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
- 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
- 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
- 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
- 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
diff --git a/crypto/openssl/crypto/des/qud_cksm.c b/crypto/openssl/crypto/des/qud_cksm.c
deleted file mode 100644
index dac201227e0d..000000000000
--- a/crypto/openssl/crypto/des/qud_cksm.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/des/qud_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* From "Message Authentication"  R.R. Jueneman, S.M. Matyas, C.H. Meyer
- * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
- * This module in only based on the code in this paper and is
- * almost definitely not the same as the MIT implementation.
- */
-#include "des_locl.h"
-
-/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
-#define Q_B0(a)	(((DES_LONG)(a)))
-#define Q_B1(a)	(((DES_LONG)(a))<<8)
-#define Q_B2(a)	(((DES_LONG)(a))<<16)
-#define Q_B3(a)	(((DES_LONG)(a))<<24)
-
-/* used to scramble things a bit */
-/* Got the value MIT uses via brute force :-) 2/10/90 eay */
-#define NOISE	((DES_LONG)83653421L)
-
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-	     long length, int out_count, DES_cblock *seed)
-	{
-	DES_LONG z0,z1,t0,t1;
-	int i;
-	long l;
-	const unsigned char *cp;
-#ifdef _CRAY
-	struct lp_st { int a:32; int b:32; } *lp;
-#else
-	DES_LONG *lp;
-#endif
-
-	if (out_count < 1) out_count=1;
-#ifdef _CRAY
-	lp = (struct lp_st *) &(output[0])[0];
-#else
-	lp = (DES_LONG *) &(output[0])[0];
-#endif
-
-	z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
-	z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
-
-	for (i=0; ((i<4)&&(i<out_count)); i++)
-		{
-		cp=input;
-		l=length;
-		while (l > 0)
-			{
-			if (l > 1)
-				{
-				t0= (DES_LONG)(*(cp++));
-				t0|=(DES_LONG)Q_B1(*(cp++));
-				l--;
-				}
-			else
-				t0= (DES_LONG)(*(cp++));
-			l--;
-			/* add */
-			t0+=z0;
-			t0&=0xffffffffL;
-			t1=z1;
-			/* square, well sort of square */
-			z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
-				&0xffffffffL)%0x7fffffffL; 
-			z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
-			}
-		if (lp != NULL)
-			{
-			/* The MIT library assumes that the checksum is
-			 * composed of 2*out_count 32 bit ints */
-#ifdef _CRAY
-			(*lp).a = z0;
-			(*lp).b = z1;
-			lp++;
-#else
-			*lp++ = z0;
-			*lp++ = z1;
-#endif
-			}
-		}
-	return(z0);
-	}
-
diff --git a/crypto/openssl/crypto/des/rand_key.c b/crypto/openssl/crypto/des/rand_key.c
deleted file mode 100644
index 239816556858..000000000000
--- a/crypto/openssl/crypto/des/rand_key.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* crypto/des/rand_key.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-int DES_random_key(DES_cblock *ret)
-	{
-	do
-		{
-		if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
-			return (0);
-		} while (DES_is_weak_key(ret));
-	DES_set_odd_parity(ret);
-	return (1);
-	}
diff --git a/crypto/openssl/crypto/des/read2pwd.c b/crypto/openssl/crypto/des/read2pwd.c
deleted file mode 100644
index 3a63c4016ccf..000000000000
--- a/crypto/openssl/crypto/des/read2pwd.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/des/read2pwd.c */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <string.h>
-#include <openssl/des.h>
-#include <openssl/ui.h>
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify)
-	{
-	int ok;
-	char buf[BUFSIZ],buff[BUFSIZ];
-
-	if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
-		DES_string_to_key(buf,key);
-	OPENSSL_cleanse(buf,BUFSIZ);
-	OPENSSL_cleanse(buff,BUFSIZ);
-	return(ok);
-	}
-
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
-	     int verify)
-	{
-	int ok;
-	char buf[BUFSIZ],buff[BUFSIZ];
-
-	if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
-		DES_string_to_2keys(buf,key1,key2);
-	OPENSSL_cleanse(buf,BUFSIZ);
-	OPENSSL_cleanse(buff,BUFSIZ);
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/des/read_pwd.c b/crypto/openssl/crypto/des/read_pwd.c
deleted file mode 100644
index ce5fa00a37a4..000000000000
--- a/crypto/openssl/crypto/des/read_pwd.c
+++ /dev/null
@@ -1,521 +0,0 @@
-/* crypto/des/read_pwd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32)
-#ifdef OPENSSL_UNISTD
-# include OPENSSL_UNISTD
-#else
-# include <unistd.h>
-#endif
-/* If unistd.h defines _POSIX_VERSION, we conclude that we
- * are on a POSIX system and have sigaction and termios. */
-#if defined(_POSIX_VERSION)
-
-# define SIGACTION
-# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-# define TERMIOS
-# endif
-
-#endif
-#endif
-
-/* #define SIGACTION */ /* Define this if you have sigaction() */
-
-#ifdef WIN16TTY
-#undef OPENSSL_SYS_WIN16
-#undef _WINDOWS
-#include <graph.h>
-#endif
-
-/* 06-Apr-92 Luke Brennan    Support for VMS */
-#include "des_locl.h"
-#include "cryptlib.h"
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <setjmp.h>
-#include <errno.h>
-
-#ifdef OPENSSL_SYS_VMS			/* prototypes for sys$whatever */
-#include <starlet.h>
-#ifdef __DECC
-#pragma message disable DOLLARID
-#endif
-#endif
-
-#ifdef WIN_CONSOLE_BUG
-#include <windows.h>
-#ifndef OPENSSL_SYS_WINCE
-#include <wincon.h>
-#endif
-#endif
-
-
-/* There are 5 types of terminal interface supported,
- * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
- */
-
-#if defined(__sgi) && !defined(TERMIOS)
-#define TERMIOS
-#undef  TERMIO
-#undef  SGTTY
-#endif
-
-#if defined(linux) && !defined(TERMIO)
-#undef  TERMIOS
-#define TERMIO
-#undef  SGTTY
-#endif
-
-#ifdef _LIBC
-#undef  TERMIOS
-#define TERMIO
-#undef  SGTTY
-#endif
-
-#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
-#undef  TERMIOS
-#undef  TERMIO
-#define SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-#undef TERMIOS
-#undef TERMIO
-#undef SGTTY
-#endif
-
-#ifdef TERMIOS
-#include <termios.h>
-#define TTY_STRUCT		struct termios
-#define TTY_FLAGS		c_lflag
-#define	TTY_get(tty,data)	tcgetattr(tty,data)
-#define TTY_set(tty,data)	tcsetattr(tty,TCSANOW,data)
-#endif
-
-#ifdef TERMIO
-#include <termio.h>
-#define TTY_STRUCT		struct termio
-#define TTY_FLAGS		c_lflag
-#define TTY_get(tty,data)	ioctl(tty,TCGETA,data)
-#define TTY_set(tty,data)	ioctl(tty,TCSETA,data)
-#endif
-
-#ifdef SGTTY
-#include <sgtty.h>
-#define TTY_STRUCT		struct sgttyb
-#define TTY_FLAGS		sg_flags
-#define TTY_get(tty,data)	ioctl(tty,TIOCGETP,data)
-#define TTY_set(tty,data)	ioctl(tty,TIOCSETP,data)
-#endif
-
-#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X)
-#include <sys/ioctl.h>
-#endif
-
-#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE)
-#include <conio.h>
-#define fgets(a,b,c) noecho_fgets(a,b,c)
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-#include <ssdef.h>
-#include <iodef.h>
-#include <ttdef.h>
-#include <descrip.h>
-struct IOSB {
-	short iosb$w_value;
-	short iosb$w_count;
-	long  iosb$l_info;
-	};
-#endif
-
-#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
-/*
- * This one needs work. As a matter of fact the code is unoperational
- * and this is only a trick to get it compiled.
- *					<appro@fy.chalmers.se>
- */
-#define TTY_STRUCT int
-#endif
-
-#ifndef NX509_SIG
-#define NX509_SIG 32
-#endif
-
-static void read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
-static int noecho_fgets(char *buf, int size, FILE *tty);
-#endif
-#ifdef SIGACTION
- static struct sigaction savsig[NX509_SIG];
-#else
-  static void (*savsig[NX509_SIG])(int );
-#endif
-static jmp_buf save;
-
-int des_read_pw_string(char *buf, int length, const char *prompt,
-	     int verify)
-	{
-	char buff[BUFSIZ];
-	int ret;
-
-	ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
-	OPENSSL_cleanse(buff,BUFSIZ);
-	return(ret);
-	}
-
-#ifdef OPENSSL_SYS_WINCE
-
-int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
-	{ 
-	memset(buf,0,size);
-	memset(buff,0,size);
-	return(0);
-	}
-
-#elif defined(OPENSSL_SYS_WIN16)
-
-int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
-	{ 
-	memset(buf,0,size);
-	memset(buff,0,size);
-	return(0);
-	}
-
-#else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
-
-static void read_till_nl(FILE *in)
-	{
-#define SIZE 4
-	char buf[SIZE+1];
-
-	do	{
-		fgets(buf,SIZE,in);
-		} while (strchr(buf,'\n') == NULL);
-	}
-
-
-/* return 0 if ok, 1 (or -1) otherwise */
-int des_read_pw(char *buf, char *buff, int size, const char *prompt,
-	     int verify)
-	{
-#ifdef OPENSSL_SYS_VMS
-	struct IOSB iosb;
-	$DESCRIPTOR(terminal,"TT");
-	long tty_orig[3], tty_new[3];
-	long status;
-	unsigned short channel = 0;
-#else
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-	TTY_STRUCT tty_orig,tty_new;
-#endif
-#endif
-	int number;
-	int ok;
-	/* statics are simply to avoid warnings about longjmp clobbering
-	   things */
-	static int ps;
-	int is_a_tty;
-	static FILE *tty;
-	char *p;
-
-	if (setjmp(save))
-		{
-		ok=0;
-		goto error;
-		}
-
-	number=5;
-	ok=0;
-	ps=0;
-	is_a_tty=1;
-	tty=NULL;
-
-#ifdef OPENSSL_SYS_MSDOS
-	if ((tty=fopen("con","r")) == NULL)
-		tty=stdin;
-#elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS)
-	tty=stdin;
-#else
-#ifndef OPENSSL_SYS_MPE
-	if ((tty=fopen("/dev/tty","r")) == NULL)
-#endif
-		tty=stdin;
-#endif
-
-#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
-	if (TTY_get(fileno(tty),&tty_orig) == -1)
-		{
-#ifdef ENOTTY
-		if (errno == ENOTTY)
-			is_a_tty=0;
-		else
-#endif
-#ifdef EINVAL
-		/* Ariel Glenn ariel@columbia.edu reports that solaris
-		 * can return EINVAL instead.  This should be ok */
-		if (errno == EINVAL)
-			is_a_tty=0;
-		else
-#endif
-			return(-1);
-		}
-	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
-#endif
-#ifdef OPENSSL_SYS_VMS
-	status = sys$assign(&terminal,&channel,0,0);
-	if (status != SS$_NORMAL)
-		return(-1);
-	status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
-	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-		return(-1);
-#endif
-
-	pushsig();
-	ps=1;
-
-#ifdef TTY_FLAGS
-	tty_new.TTY_FLAGS &= ~ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-	if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
-#ifdef OPENSSL_SYS_MPE 
-		; /* MPE lies -- echo really has been disabled */
-#else
-		return(-1);
-#endif
-#endif
-#ifdef OPENSSL_SYS_VMS
-	tty_new[0] = tty_orig[0];
-	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
-	tty_new[2] = tty_orig[2];
-	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
-	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-		return(-1);
-#endif
-	ps=2;
-
-	while ((!ok) && (number--))
-		{
-		fputs(prompt,stderr);
-		fflush(stderr);
-
-		buf[0]='\0';
-		fgets(buf,size,tty);
-		if (feof(tty)) goto error;
-		if (ferror(tty)) goto error;
-		if ((p=(char *)strchr(buf,'\n')) != NULL)
-			*p='\0';
-		else	read_till_nl(tty);
-		if (verify)
-			{
-			fprintf(stderr,"\nVerifying password - %s",prompt);
-			fflush(stderr);
-			buff[0]='\0';
-			fgets(buff,size,tty);
-			if (feof(tty)) goto error;
-			if ((p=(char *)strchr(buff,'\n')) != NULL)
-				*p='\0';
-			else	read_till_nl(tty);
-				
-			if (strcmp(buf,buff) != 0)
-				{
-				fprintf(stderr,"\nVerify failure");
-				fflush(stderr);
-				break;
-				/* continue; */
-				}
-			}
-		ok=1;
-		}
-
-error:
-	fprintf(stderr,"\n");
-#if 0
-	perror("fgets(tty)");
-#endif
-	/* What can we do if there is an error? */
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-	if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
-#endif
-#ifdef OPENSSL_SYS_VMS
-	if (ps >= 2)
-		status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0
-			,tty_orig,12,0,0,0,0);
-#endif
-	
-	if (ps >= 1) popsig();
-	if (stdin != tty) fclose(tty);
-#ifdef OPENSSL_SYS_VMS
-	status = sys$dassgn(channel);
-#endif
-	return(!ok);
-	}
-
-static void pushsig(void)
-	{
-	int i;
-#ifdef SIGACTION
-	struct sigaction sa;
-
-	memset(&sa,0,sizeof sa);
-	sa.sa_handler=recsig;
-#endif
-
-	for (i=1; i<NX509_SIG; i++)
-		{
-#ifdef SIGUSR1
-		if (i == SIGUSR1)
-			continue;
-#endif
-#ifdef SIGUSR2
-		if (i == SIGUSR2)
-			continue;
-#endif
-#ifdef SIGACTION
-		sigaction(i,&sa,&savsig[i]);
-#else
-		savsig[i]=signal(i,recsig);
-#endif
-		}
-
-#ifdef SIGWINCH
-	signal(SIGWINCH,SIG_DFL);
-#endif
-	}
-
-static void popsig(void)
-	{
-	int i;
-
-	for (i=1; i<NX509_SIG; i++)
-		{
-#ifdef SIGUSR1
-		if (i == SIGUSR1)
-			continue;
-#endif
-#ifdef SIGUSR2
-		if (i == SIGUSR2)
-			continue;
-#endif
-#ifdef SIGACTION
-		sigaction(i,&savsig[i],NULL);
-#else
-		signal(i,savsig[i]);
-#endif
-		}
-	}
-
-static void recsig(int i)
-	{
-	longjmp(save,1);
-#ifdef LINT
-	i=i;
-#endif
-	}
-
-#ifdef OPENSSL_SYS_MSDOS
-static int noecho_fgets(char *buf, int size, FILE *tty)
-	{
-	int i;
-	char *p;
-
-	p=buf;
-	for (;;)
-		{
-		if (size == 0)
-			{
-			*p='\0';
-			break;
-			}
-		size--;
-#ifdef WIN16TTY
-		i=_inchar();
-#else
-		i=getch();
-#endif
-		if (i == '\r') i='\n';
-		*(p++)=i;
-		if (i == '\n')
-			{
-			*p='\0';
-			break;
-			}
-		}
-#ifdef WIN_CONSOLE_BUG
-/* Win95 has several evil console bugs: one of these is that the
- * last character read using getch() is passed to the next read: this is
- * usually a CR so this can be trouble. No STDIO fix seems to work but
- * flushing the console appears to do the trick.
- */
-		{
-			HANDLE inh;
-			inh = GetStdHandle(STD_INPUT_HANDLE);
-			FlushConsoleInputBuffer(inh);
-		}
-#endif
-	return(strlen(buf));
-	}
-#endif
-#endif /* !OPENSSL_SYS_WINCE && !WIN16 */
diff --git a/crypto/openssl/crypto/des/rpc_des.h b/crypto/openssl/crypto/des/rpc_des.h
deleted file mode 100644
index 4cbb4d2dcdea..000000000000
--- a/crypto/openssl/crypto/des/rpc_des.h
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/des/rpc_des.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*  @(#)des.h	2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
-/*
- * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
- * unrestricted use provided that this legend is included on all tape
- * media and as a part of the software program in whole or part.  Users
- * may copy or modify Sun RPC without charge, but are not authorized
- * to license or distribute it to anyone else except as part of a product or
- * program developed by the user.
- * 
- * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
- * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
- * 
- * Sun RPC is provided with no support and without any obligation on the
- * part of Sun Microsystems, Inc. to assist in its use, correction,
- * modification or enhancement.
- * 
- * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
- * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
- * OR ANY PART THEREOF.
- * 
- * In no event will Sun Microsystems, Inc. be liable for any lost revenue
- * or profits or other special, indirect and consequential damages, even if
- * Sun has been advised of the possibility of such damages.
- * 
- * Sun Microsystems, Inc.
- * 2550 Garcia Avenue
- * Mountain View, California  94043
- */
-/*
- * Generic DES driver interface
- * Keep this file hardware independent!
- * Copyright (c) 1986 by Sun Microsystems, Inc.
- */
-
-#define DES_MAXLEN 	65536	/* maximum # of bytes to encrypt  */
-#define DES_QUICKLEN	16	/* maximum # of bytes to encrypt quickly */
-
-#ifdef HEADER_DES_H
-#undef ENCRYPT
-#undef DECRYPT
-#endif
-
-enum desdir { ENCRYPT, DECRYPT };
-enum desmode { CBC, ECB };
-
-/*
- * parameters to ioctl call
- */
-struct desparams {
-	unsigned char des_key[8];	/* key (with low bit parity) */
-	enum desdir des_dir;	/* direction */
-	enum desmode des_mode;	/* mode */
-	unsigned char des_ivec[8];	/* input vector */
-	unsigned des_len;	/* number of bytes to crypt */
-	union {
-		unsigned char UDES_data[DES_QUICKLEN];
-		unsigned char *UDES_buf;
-	} UDES;
-#	define des_data UDES.UDES_data	/* direct data here if quick */
-#	define des_buf	UDES.UDES_buf	/* otherwise, pointer to data */
-};
-
-/*
- * Encrypt an arbitrary sized buffer
- */
-#define	DESIOCBLOCK	_IOWR(d, 6, struct desparams)
-
-/* 
- * Encrypt of small amount of data, quickly
- */
-#define DESIOCQUICK	_IOWR(d, 7, struct desparams) 
-
diff --git a/crypto/openssl/crypto/des/rpc_enc.c b/crypto/openssl/crypto/des/rpc_enc.c
deleted file mode 100644
index d937d08da5ff..000000000000
--- a/crypto/openssl/crypto/des/rpc_enc.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/des/rpc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "rpc_des.h"
-#include "des_locl.h"
-#include "des_ver.h"
-
-int _des_crypt(char *buf,int len,struct desparams *desp);
-int _des_crypt(char *buf, int len, struct desparams *desp)
-	{
-	DES_key_schedule ks;
-	int enc;
-
-	DES_set_key_unchecked(&desp->des_key,&ks);
-	enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
-
-	if (desp->des_mode == CBC)
-		DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
-				(DES_cblock *)desp->UDES.UDES_buf,&ks,
-				enc);
-	else
-		{
-		DES_ncbc_encrypt(desp->UDES.UDES_buf,desp->UDES.UDES_buf,
-				len,&ks,&desp->des_ivec,enc);
-#ifdef undef
-		/* len will always be %8 if called from common_crypt
-		 * in secure_rpc.
-		 * Libdes's cbc encrypt does not copy back the iv,
-		 * so we have to do it here. */
-		/* It does now :-) eay 20/09/95 */
-
-		a=(char *)&(desp->UDES.UDES_buf[len-8]);
-		b=(char *)&(desp->des_ivec[0]);
-
-		*(a++)= *(b++); *(a++)= *(b++);
-		*(a++)= *(b++); *(a++)= *(b++);
-		*(a++)= *(b++); *(a++)= *(b++);
-		*(a++)= *(b++); *(a++)= *(b++);
-#endif
-		}
-	return(1);	
-	}
-
diff --git a/crypto/openssl/crypto/des/rpw.c b/crypto/openssl/crypto/des/rpw.c
deleted file mode 100644
index 8a9473c4f905..000000000000
--- a/crypto/openssl/crypto/des/rpw.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/des/rpw.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/des.h>
-
-int main(int argc, char *argv[])
-	{
-	DES_cblock k,k1;
-	int i;
-
-	printf("read passwd\n");
-	if ((i=des_read_password(&k,"Enter password:",0)) == 0)
-		{
-		printf("password = ");
-		for (i=0; i<8; i++)
-			printf("%02x ",k[i]);
-		}
-	else
-		printf("error %d\n",i);
-	printf("\n");
-	printf("read 2passwds and verify\n");
-	if ((i=des_read_2passwords(&k,&k1,
-		"Enter verified password:",1)) == 0)
-		{
-		printf("password1 = ");
-		for (i=0; i<8; i++)
-			printf("%02x ",k[i]);
-		printf("\n");
-		printf("password2 = ");
-		for (i=0; i<8; i++)
-			printf("%02x ",k1[i]);
-		printf("\n");
-		exit(1);
-		}
-	else
-		{
-		printf("error %d\n",i);
-		exit(0);
-		}
-#ifdef LINT
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/des/set_key.c b/crypto/openssl/crypto/des/set_key.c
deleted file mode 100644
index 143008ed9c50..000000000000
--- a/crypto/openssl/crypto/des/set_key.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/* crypto/des/set_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* set_key.c v 1.4 eay 24/9/91
- * 1.4 Speed up by 400% :-)
- * 1.3 added register declarations.
- * 1.2 unrolled make_key_sched a bit more
- * 1.1 added norm_expand_bits
- * 1.0 First working version
- */
-#include "des_locl.h"
-
-OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key);	/* defaults to false */
-
-static const unsigned char odd_parity[256]={
-  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
- 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
- 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
- 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
- 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
- 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
- 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
-
-void DES_set_odd_parity(DES_cblock *key)
-	{
-	int i;
-
-	for (i=0; i<DES_KEY_SZ; i++)
-		(*key)[i]=odd_parity[(*key)[i]];
-	}
-
-int DES_check_key_parity(const_DES_cblock *key)
-	{
-	int i;
-
-	for (i=0; i<DES_KEY_SZ; i++)
-		{
-		if ((*key)[i] != odd_parity[(*key)[i]])
-			return(0);
-		}
-	return(1);
-	}
-
-/* Weak and semi week keys as take from
- * %A D.W. Davies
- * %A W.L. Price
- * %T Security for Computer Networks
- * %I John Wiley & Sons
- * %D 1984
- * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
- * (and actual cblock values).
- */
-#define NUM_WEAK_KEY	16
-static DES_cblock weak_keys[NUM_WEAK_KEY]={
-	/* weak keys */
-	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
-	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
-	{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
-	/* semi-weak keys */
-	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
-	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
-	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
-	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
-	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
-	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
-	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
-	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
-	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
-	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
-	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
-
-int DES_is_weak_key(const_DES_cblock *key)
-	{
-	int i;
-
-	for (i=0; i<NUM_WEAK_KEY; i++)
-		/* Added == 0 to comparison, I obviously don't run
-		 * this section very often :-(, thanks to
-		 * engineering@MorningStar.Com for the fix
-		 * eay 93/06/29
-		 * Another problem, I was comparing only the first 4
-		 * bytes, 97/03/18 */
-		if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
-	return(0);
-	}
-
-/* NOW DEFINED IN des_local.h
- * See ecb_encrypt.c for a pseudo description of these macros. 
- * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- * 	(b)^=(t),\
- * 	(a)=((a)^((t)<<(n))))
- */
-
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-	(a)=(a)^(t)^(t>>(16-(n))))
-
-static const DES_LONG des_skb[8][64]={
-	{
-	/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-	0x00000000L,0x00000010L,0x20000000L,0x20000010L,
-	0x00010000L,0x00010010L,0x20010000L,0x20010010L,
-	0x00000800L,0x00000810L,0x20000800L,0x20000810L,
-	0x00010800L,0x00010810L,0x20010800L,0x20010810L,
-	0x00000020L,0x00000030L,0x20000020L,0x20000030L,
-	0x00010020L,0x00010030L,0x20010020L,0x20010030L,
-	0x00000820L,0x00000830L,0x20000820L,0x20000830L,
-	0x00010820L,0x00010830L,0x20010820L,0x20010830L,
-	0x00080000L,0x00080010L,0x20080000L,0x20080010L,
-	0x00090000L,0x00090010L,0x20090000L,0x20090010L,
-	0x00080800L,0x00080810L,0x20080800L,0x20080810L,
-	0x00090800L,0x00090810L,0x20090800L,0x20090810L,
-	0x00080020L,0x00080030L,0x20080020L,0x20080030L,
-	0x00090020L,0x00090030L,0x20090020L,0x20090030L,
-	0x00080820L,0x00080830L,0x20080820L,0x20080830L,
-	0x00090820L,0x00090830L,0x20090820L,0x20090830L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-	0x00000000L,0x02000000L,0x00002000L,0x02002000L,
-	0x00200000L,0x02200000L,0x00202000L,0x02202000L,
-	0x00000004L,0x02000004L,0x00002004L,0x02002004L,
-	0x00200004L,0x02200004L,0x00202004L,0x02202004L,
-	0x00000400L,0x02000400L,0x00002400L,0x02002400L,
-	0x00200400L,0x02200400L,0x00202400L,0x02202400L,
-	0x00000404L,0x02000404L,0x00002404L,0x02002404L,
-	0x00200404L,0x02200404L,0x00202404L,0x02202404L,
-	0x10000000L,0x12000000L,0x10002000L,0x12002000L,
-	0x10200000L,0x12200000L,0x10202000L,0x12202000L,
-	0x10000004L,0x12000004L,0x10002004L,0x12002004L,
-	0x10200004L,0x12200004L,0x10202004L,0x12202004L,
-	0x10000400L,0x12000400L,0x10002400L,0x12002400L,
-	0x10200400L,0x12200400L,0x10202400L,0x12202400L,
-	0x10000404L,0x12000404L,0x10002404L,0x12002404L,
-	0x10200404L,0x12200404L,0x10202404L,0x12202404L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-	0x00000000L,0x00000001L,0x00040000L,0x00040001L,
-	0x01000000L,0x01000001L,0x01040000L,0x01040001L,
-	0x00000002L,0x00000003L,0x00040002L,0x00040003L,
-	0x01000002L,0x01000003L,0x01040002L,0x01040003L,
-	0x00000200L,0x00000201L,0x00040200L,0x00040201L,
-	0x01000200L,0x01000201L,0x01040200L,0x01040201L,
-	0x00000202L,0x00000203L,0x00040202L,0x00040203L,
-	0x01000202L,0x01000203L,0x01040202L,0x01040203L,
-	0x08000000L,0x08000001L,0x08040000L,0x08040001L,
-	0x09000000L,0x09000001L,0x09040000L,0x09040001L,
-	0x08000002L,0x08000003L,0x08040002L,0x08040003L,
-	0x09000002L,0x09000003L,0x09040002L,0x09040003L,
-	0x08000200L,0x08000201L,0x08040200L,0x08040201L,
-	0x09000200L,0x09000201L,0x09040200L,0x09040201L,
-	0x08000202L,0x08000203L,0x08040202L,0x08040203L,
-	0x09000202L,0x09000203L,0x09040202L,0x09040203L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-	0x00000000L,0x00100000L,0x00000100L,0x00100100L,
-	0x00000008L,0x00100008L,0x00000108L,0x00100108L,
-	0x00001000L,0x00101000L,0x00001100L,0x00101100L,
-	0x00001008L,0x00101008L,0x00001108L,0x00101108L,
-	0x04000000L,0x04100000L,0x04000100L,0x04100100L,
-	0x04000008L,0x04100008L,0x04000108L,0x04100108L,
-	0x04001000L,0x04101000L,0x04001100L,0x04101100L,
-	0x04001008L,0x04101008L,0x04001108L,0x04101108L,
-	0x00020000L,0x00120000L,0x00020100L,0x00120100L,
-	0x00020008L,0x00120008L,0x00020108L,0x00120108L,
-	0x00021000L,0x00121000L,0x00021100L,0x00121100L,
-	0x00021008L,0x00121008L,0x00021108L,0x00121108L,
-	0x04020000L,0x04120000L,0x04020100L,0x04120100L,
-	0x04020008L,0x04120008L,0x04020108L,0x04120108L,
-	0x04021000L,0x04121000L,0x04021100L,0x04121100L,
-	0x04021008L,0x04121008L,0x04021108L,0x04121108L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-	0x00000000L,0x10000000L,0x00010000L,0x10010000L,
-	0x00000004L,0x10000004L,0x00010004L,0x10010004L,
-	0x20000000L,0x30000000L,0x20010000L,0x30010000L,
-	0x20000004L,0x30000004L,0x20010004L,0x30010004L,
-	0x00100000L,0x10100000L,0x00110000L,0x10110000L,
-	0x00100004L,0x10100004L,0x00110004L,0x10110004L,
-	0x20100000L,0x30100000L,0x20110000L,0x30110000L,
-	0x20100004L,0x30100004L,0x20110004L,0x30110004L,
-	0x00001000L,0x10001000L,0x00011000L,0x10011000L,
-	0x00001004L,0x10001004L,0x00011004L,0x10011004L,
-	0x20001000L,0x30001000L,0x20011000L,0x30011000L,
-	0x20001004L,0x30001004L,0x20011004L,0x30011004L,
-	0x00101000L,0x10101000L,0x00111000L,0x10111000L,
-	0x00101004L,0x10101004L,0x00111004L,0x10111004L,
-	0x20101000L,0x30101000L,0x20111000L,0x30111000L,
-	0x20101004L,0x30101004L,0x20111004L,0x30111004L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-	0x00000000L,0x08000000L,0x00000008L,0x08000008L,
-	0x00000400L,0x08000400L,0x00000408L,0x08000408L,
-	0x00020000L,0x08020000L,0x00020008L,0x08020008L,
-	0x00020400L,0x08020400L,0x00020408L,0x08020408L,
-	0x00000001L,0x08000001L,0x00000009L,0x08000009L,
-	0x00000401L,0x08000401L,0x00000409L,0x08000409L,
-	0x00020001L,0x08020001L,0x00020009L,0x08020009L,
-	0x00020401L,0x08020401L,0x00020409L,0x08020409L,
-	0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
-	0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
-	0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
-	0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
-	0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
-	0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
-	0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
-	0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-	0x00000000L,0x00000100L,0x00080000L,0x00080100L,
-	0x01000000L,0x01000100L,0x01080000L,0x01080100L,
-	0x00000010L,0x00000110L,0x00080010L,0x00080110L,
-	0x01000010L,0x01000110L,0x01080010L,0x01080110L,
-	0x00200000L,0x00200100L,0x00280000L,0x00280100L,
-	0x01200000L,0x01200100L,0x01280000L,0x01280100L,
-	0x00200010L,0x00200110L,0x00280010L,0x00280110L,
-	0x01200010L,0x01200110L,0x01280010L,0x01280110L,
-	0x00000200L,0x00000300L,0x00080200L,0x00080300L,
-	0x01000200L,0x01000300L,0x01080200L,0x01080300L,
-	0x00000210L,0x00000310L,0x00080210L,0x00080310L,
-	0x01000210L,0x01000310L,0x01080210L,0x01080310L,
-	0x00200200L,0x00200300L,0x00280200L,0x00280300L,
-	0x01200200L,0x01200300L,0x01280200L,0x01280300L,
-	0x00200210L,0x00200310L,0x00280210L,0x00280310L,
-	0x01200210L,0x01200310L,0x01280210L,0x01280310L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-	0x00000000L,0x04000000L,0x00040000L,0x04040000L,
-	0x00000002L,0x04000002L,0x00040002L,0x04040002L,
-	0x00002000L,0x04002000L,0x00042000L,0x04042000L,
-	0x00002002L,0x04002002L,0x00042002L,0x04042002L,
-	0x00000020L,0x04000020L,0x00040020L,0x04040020L,
-	0x00000022L,0x04000022L,0x00040022L,0x04040022L,
-	0x00002020L,0x04002020L,0x00042020L,0x04042020L,
-	0x00002022L,0x04002022L,0x00042022L,0x04042022L,
-	0x00000800L,0x04000800L,0x00040800L,0x04040800L,
-	0x00000802L,0x04000802L,0x00040802L,0x04040802L,
-	0x00002800L,0x04002800L,0x00042800L,0x04042800L,
-	0x00002802L,0x04002802L,0x00042802L,0x04042802L,
-	0x00000820L,0x04000820L,0x00040820L,0x04040820L,
-	0x00000822L,0x04000822L,0x00040822L,0x04040822L,
-	0x00002820L,0x04002820L,0x00042820L,0x04042820L,
-	0x00002822L,0x04002822L,0x00042822L,0x04042822L,
-	}};
-
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	if (DES_check_key)
-		{
-		return DES_set_key_checked(key, schedule);
-		}
-	else
-		{
-		DES_set_key_unchecked(key, schedule);
-		return 0;
-		}
-	}
-
-/* return 0 if key parity is odd (correct),
- * return -1 if key parity error,
- * return -2 if illegal weak key.
- */
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	if (!DES_check_key_parity(key))
-		return(-1);
-	if (DES_is_weak_key(key))
-		return(-2);
-	DES_set_key_unchecked(key, schedule);
-	return 0;
-	}
-
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
-	register DES_LONG c,d,t,s,t2;
-	register const unsigned char *in;
-	register DES_LONG *k;
-	register int i;
-
-#ifdef OPENBSD_DEV_CRYPTO
-	memcpy(schedule->key,key,sizeof schedule->key);
-	schedule->session=NULL;
-#endif
-	k = &schedule->ks->deslong[0];
-	in = &(*key)[0];
-
-	c2l(in,c);
-	c2l(in,d);
-
-	/* do PC1 in 47 simple operations :-)
-	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-	 * for the inspiration. :-) */
-	PERM_OP (d,c,t,4,0x0f0f0f0fL);
-	HPERM_OP(c,t,-2,0xcccc0000L);
-	HPERM_OP(d,t,-2,0xcccc0000L);
-	PERM_OP (d,c,t,1,0x55555555L);
-	PERM_OP (c,d,t,8,0x00ff00ffL);
-	PERM_OP (d,c,t,1,0x55555555L);
-	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
-		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
-	c&=0x0fffffffL;
-
-	for (i=0; i<ITERATIONS; i++)
-		{
-		if (shifts2[i])
-			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
-		else
-			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
-		c&=0x0fffffffL;
-		d&=0x0fffffffL;
-		/* could be a few less shifts but I am to lazy at this
-		 * point in time to investigate */
-		s=	des_skb[0][ (c    )&0x3f                ]|
-			des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
-			des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
-			des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
-						  ((c>>22L)&0x38)];
-		t=	des_skb[4][ (d    )&0x3f                ]|
-			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
-			des_skb[6][ (d>>15L)&0x3f                ]|
-			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
-
-		/* table contained 0213 4657 */
-		t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
-		*(k++)=ROTATE(t2,30)&0xffffffffL;
-
-		t2=((s>>16L)|(t&0xffff0000L));
-		*(k++)=ROTATE(t2,26)&0xffffffffL;
-		}
-	}
-
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	return(DES_set_key(key,schedule));
-	}
-/*
-#undef des_fixup_key_parity
-void des_fixup_key_parity(des_cblock *key)
-	{
-	des_set_odd_parity(key);
-	}
-*/
diff --git a/crypto/openssl/crypto/des/shifts.pl b/crypto/openssl/crypto/des/shifts.pl
deleted file mode 100644
index ba686d8ef51a..000000000000
--- a/crypto/openssl/crypto/des/shifts.pl
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/usr/local/bin/perl
-
-sub lab_shift
-	{
-	local(*a,$n)=@_;
-	local(@r,$i,$j,$k,$d,@z);
-
-	@r=&shift(*a,$n);
-	foreach $i (0 .. 31)
-		{
-		@z=split(/\^/,$r[$i]);
-		for ($j=0; $j <= $#z; $j++)
-			{
-			($d)=($z[$j] =~ /^(..)/);
-			($k)=($z[$j] =~ /\[(.*)\]$/);
-			$k.=",$n" if ($k ne "");
-			$k="$n"	  if ($k eq "");
-			$d="$d[$k]";
-			$z[$j]=$d;
-			}
-		$r[$i]=join('^',@z);
-		}
-	return(@r);
-	}
-
-sub shift
-	{
-	local(*a,$n)=@_;
-	local(@f);
-
-	if ($n > 0)
-		{
-		@f=&shiftl(*a,$n);
-		}
-	else
-		{
-		@f=&shiftr(*a,-$n);
-		}
-	return(@f);
-	}
-
-sub rotate
-	{
-	local(*a,$n)=@_;
-	local(@f);
-
-	if ($n > 0)
-		{ @f=&rotatel(*a,$n); }
-	else
-		{ @f=&rotater(*a,-$n); }
-	return(@f);
-	}
-
-sub rotater
-	{
-	local(*a,$n)=@_;
-	local(@f,@g);
-
-	@f=&shiftr(*a,$n);
-	@g=&shiftl(*a,32-$n);
-	$#f=31;
-	$#g=31;
-	return(&or(*f,*g));
-	}
-
-sub rotatel
-	{
-	local(*a,$n)=@_;
-	local(@f,@g);
-
-	@f=&shiftl(*a,$n);
-	@g=&shiftr(*a,32-$n);
-	$#f=31;
-	$#g=31;
-	return(&or(*f,*g));
-	}
-
-sub shiftr
-	{
-	local(*a,$n)=@_;
-	local(@r,$i);
-
-	$#r=31;
-	foreach $i (0 .. 31)
-		{
-		if (($i+$n) > 31)
-			{
-			$r[$i]="--";
-			}
-		else
-			{
-			$r[$i]=$a[$i+$n];
-			}
-		}
-	return(@r);
-	}
-
-sub shiftl
-	{
-	local(*a,$n)=@_;
-	local(@r,$i);
-
-	$#r=31;
-	foreach $i (0 .. 31)
-		{
-		if ($i < $n)
-			{
-			$r[$i]="--";
-			}
-		else
-			{
-			$r[$i]=$a[$i-$n];
-			}
-		}
-	return(@r);
-	}
-
-sub printit
-	{
-	local(@a)=@_;
-	local($i);
-
-	foreach $i (0 .. 31)
-		{
-		printf "%2s  ",$a[$i];
-		print "\n" if (($i%8) == 7);
-		}
-	print "\n";
-	}
-
-sub xor
-	{
-	local(*a,*b)=@_;
-	local(@r,$i);
-
-	$#r=31;
-	foreach $i (0 .. 31)
-		{
-		$r[$i]=&compress($a[$i].'^'.$b[$i]);
-#		$r[$i]=$a[$i]."^".$b[$i];
-		}
-	return(@r);
-	}
-
-sub and
-	{
-	local(*a,$m)=@_;
-	local(@r,$i);
-
-	$#r=31;
-	foreach $i (0 .. 31)
-		{
-		$r[$i]=(($m & (1<<$i))?($a[$i]):('--'));
-		}
-	return(@r);
-	}
-
-sub or
-	{
-	local(*a,*b)=@_;
-	local(@r,$i);
-
-	$#r=31;
-	foreach $i (0 .. 31)
-		{
-		$r[$i]='--'   if (($a[$i] eq '--') && ($b[$i] eq '--'));
-		$r[$i]=$a[$i] if (($a[$i] ne '--') && ($b[$i] eq '--'));
-		$r[$i]=$b[$i] if (($a[$i] eq '--') && ($b[$i] ne '--'));
-		$r[$i]='++'   if (($a[$i] ne '--') && ($b[$i] ne '--'));
-		}
-	return(@r);
-	}
-
-sub compress
-	{
-	local($s)=@_;
-	local($_,$i,@a,%a,$r);
-
-	$s =~ s/\^\^/\^/g;
-	$s =~ s/^\^//;
-	$s =~ s/\^$//;
-	@a=split(/\^/,$s);
-
-	while ($#a >= 0)
-		{
-		$_=shift(@a);
-		next unless /\d/;
-		$a{$_}++;
-		}
-	foreach $i (sort keys %a)
-		{
-		next if ($a{$i}%2 == 0);
-		$r.="$i^";
-		}
-	chop($r);
-	return($r);
-	}
-1;
diff --git a/crypto/openssl/crypto/des/sk.h b/crypto/openssl/crypto/des/sk.h
deleted file mode 100644
index f2ade88c7caa..000000000000
--- a/crypto/openssl/crypto/des/sk.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/* crypto/des/sk.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const DES_LONG des_skb[8][64]={
-{
-/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-0x00000000L,0x00000010L,0x20000000L,0x20000010L,
-0x00010000L,0x00010010L,0x20010000L,0x20010010L,
-0x00000800L,0x00000810L,0x20000800L,0x20000810L,
-0x00010800L,0x00010810L,0x20010800L,0x20010810L,
-0x00000020L,0x00000030L,0x20000020L,0x20000030L,
-0x00010020L,0x00010030L,0x20010020L,0x20010030L,
-0x00000820L,0x00000830L,0x20000820L,0x20000830L,
-0x00010820L,0x00010830L,0x20010820L,0x20010830L,
-0x00080000L,0x00080010L,0x20080000L,0x20080010L,
-0x00090000L,0x00090010L,0x20090000L,0x20090010L,
-0x00080800L,0x00080810L,0x20080800L,0x20080810L,
-0x00090800L,0x00090810L,0x20090800L,0x20090810L,
-0x00080020L,0x00080030L,0x20080020L,0x20080030L,
-0x00090020L,0x00090030L,0x20090020L,0x20090030L,
-0x00080820L,0x00080830L,0x20080820L,0x20080830L,
-0x00090820L,0x00090830L,0x20090820L,0x20090830L,
-},{
-/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-0x00000000L,0x02000000L,0x00002000L,0x02002000L,
-0x00200000L,0x02200000L,0x00202000L,0x02202000L,
-0x00000004L,0x02000004L,0x00002004L,0x02002004L,
-0x00200004L,0x02200004L,0x00202004L,0x02202004L,
-0x00000400L,0x02000400L,0x00002400L,0x02002400L,
-0x00200400L,0x02200400L,0x00202400L,0x02202400L,
-0x00000404L,0x02000404L,0x00002404L,0x02002404L,
-0x00200404L,0x02200404L,0x00202404L,0x02202404L,
-0x10000000L,0x12000000L,0x10002000L,0x12002000L,
-0x10200000L,0x12200000L,0x10202000L,0x12202000L,
-0x10000004L,0x12000004L,0x10002004L,0x12002004L,
-0x10200004L,0x12200004L,0x10202004L,0x12202004L,
-0x10000400L,0x12000400L,0x10002400L,0x12002400L,
-0x10200400L,0x12200400L,0x10202400L,0x12202400L,
-0x10000404L,0x12000404L,0x10002404L,0x12002404L,
-0x10200404L,0x12200404L,0x10202404L,0x12202404L,
-},{
-/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-0x00000000L,0x00000001L,0x00040000L,0x00040001L,
-0x01000000L,0x01000001L,0x01040000L,0x01040001L,
-0x00000002L,0x00000003L,0x00040002L,0x00040003L,
-0x01000002L,0x01000003L,0x01040002L,0x01040003L,
-0x00000200L,0x00000201L,0x00040200L,0x00040201L,
-0x01000200L,0x01000201L,0x01040200L,0x01040201L,
-0x00000202L,0x00000203L,0x00040202L,0x00040203L,
-0x01000202L,0x01000203L,0x01040202L,0x01040203L,
-0x08000000L,0x08000001L,0x08040000L,0x08040001L,
-0x09000000L,0x09000001L,0x09040000L,0x09040001L,
-0x08000002L,0x08000003L,0x08040002L,0x08040003L,
-0x09000002L,0x09000003L,0x09040002L,0x09040003L,
-0x08000200L,0x08000201L,0x08040200L,0x08040201L,
-0x09000200L,0x09000201L,0x09040200L,0x09040201L,
-0x08000202L,0x08000203L,0x08040202L,0x08040203L,
-0x09000202L,0x09000203L,0x09040202L,0x09040203L,
-},{
-/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-0x00000000L,0x00100000L,0x00000100L,0x00100100L,
-0x00000008L,0x00100008L,0x00000108L,0x00100108L,
-0x00001000L,0x00101000L,0x00001100L,0x00101100L,
-0x00001008L,0x00101008L,0x00001108L,0x00101108L,
-0x04000000L,0x04100000L,0x04000100L,0x04100100L,
-0x04000008L,0x04100008L,0x04000108L,0x04100108L,
-0x04001000L,0x04101000L,0x04001100L,0x04101100L,
-0x04001008L,0x04101008L,0x04001108L,0x04101108L,
-0x00020000L,0x00120000L,0x00020100L,0x00120100L,
-0x00020008L,0x00120008L,0x00020108L,0x00120108L,
-0x00021000L,0x00121000L,0x00021100L,0x00121100L,
-0x00021008L,0x00121008L,0x00021108L,0x00121108L,
-0x04020000L,0x04120000L,0x04020100L,0x04120100L,
-0x04020008L,0x04120008L,0x04020108L,0x04120108L,
-0x04021000L,0x04121000L,0x04021100L,0x04121100L,
-0x04021008L,0x04121008L,0x04021108L,0x04121108L,
-},{
-/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-0x00000000L,0x10000000L,0x00010000L,0x10010000L,
-0x00000004L,0x10000004L,0x00010004L,0x10010004L,
-0x20000000L,0x30000000L,0x20010000L,0x30010000L,
-0x20000004L,0x30000004L,0x20010004L,0x30010004L,
-0x00100000L,0x10100000L,0x00110000L,0x10110000L,
-0x00100004L,0x10100004L,0x00110004L,0x10110004L,
-0x20100000L,0x30100000L,0x20110000L,0x30110000L,
-0x20100004L,0x30100004L,0x20110004L,0x30110004L,
-0x00001000L,0x10001000L,0x00011000L,0x10011000L,
-0x00001004L,0x10001004L,0x00011004L,0x10011004L,
-0x20001000L,0x30001000L,0x20011000L,0x30011000L,
-0x20001004L,0x30001004L,0x20011004L,0x30011004L,
-0x00101000L,0x10101000L,0x00111000L,0x10111000L,
-0x00101004L,0x10101004L,0x00111004L,0x10111004L,
-0x20101000L,0x30101000L,0x20111000L,0x30111000L,
-0x20101004L,0x30101004L,0x20111004L,0x30111004L,
-},{
-/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-0x00000000L,0x08000000L,0x00000008L,0x08000008L,
-0x00000400L,0x08000400L,0x00000408L,0x08000408L,
-0x00020000L,0x08020000L,0x00020008L,0x08020008L,
-0x00020400L,0x08020400L,0x00020408L,0x08020408L,
-0x00000001L,0x08000001L,0x00000009L,0x08000009L,
-0x00000401L,0x08000401L,0x00000409L,0x08000409L,
-0x00020001L,0x08020001L,0x00020009L,0x08020009L,
-0x00020401L,0x08020401L,0x00020409L,0x08020409L,
-0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
-0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
-0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
-0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
-0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
-0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
-0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
-0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
-},{
-/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-0x00000000L,0x00000100L,0x00080000L,0x00080100L,
-0x01000000L,0x01000100L,0x01080000L,0x01080100L,
-0x00000010L,0x00000110L,0x00080010L,0x00080110L,
-0x01000010L,0x01000110L,0x01080010L,0x01080110L,
-0x00200000L,0x00200100L,0x00280000L,0x00280100L,
-0x01200000L,0x01200100L,0x01280000L,0x01280100L,
-0x00200010L,0x00200110L,0x00280010L,0x00280110L,
-0x01200010L,0x01200110L,0x01280010L,0x01280110L,
-0x00000200L,0x00000300L,0x00080200L,0x00080300L,
-0x01000200L,0x01000300L,0x01080200L,0x01080300L,
-0x00000210L,0x00000310L,0x00080210L,0x00080310L,
-0x01000210L,0x01000310L,0x01080210L,0x01080310L,
-0x00200200L,0x00200300L,0x00280200L,0x00280300L,
-0x01200200L,0x01200300L,0x01280200L,0x01280300L,
-0x00200210L,0x00200310L,0x00280210L,0x00280310L,
-0x01200210L,0x01200310L,0x01280210L,0x01280310L,
-},{
-/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-0x00000000L,0x04000000L,0x00040000L,0x04040000L,
-0x00000002L,0x04000002L,0x00040002L,0x04040002L,
-0x00002000L,0x04002000L,0x00042000L,0x04042000L,
-0x00002002L,0x04002002L,0x00042002L,0x04042002L,
-0x00000020L,0x04000020L,0x00040020L,0x04040020L,
-0x00000022L,0x04000022L,0x00040022L,0x04040022L,
-0x00002020L,0x04002020L,0x00042020L,0x04042020L,
-0x00002022L,0x04002022L,0x00042022L,0x04042022L,
-0x00000800L,0x04000800L,0x00040800L,0x04040800L,
-0x00000802L,0x04000802L,0x00040802L,0x04040802L,
-0x00002800L,0x04002800L,0x00042800L,0x04042800L,
-0x00002802L,0x04002802L,0x00042802L,0x04042802L,
-0x00000820L,0x04000820L,0x00040820L,0x04040820L,
-0x00000822L,0x04000822L,0x00040822L,0x04040822L,
-0x00002820L,0x04002820L,0x00042820L,0x04042820L,
-0x00002822L,0x04002822L,0x00042822L,0x04042822L,
-}};
diff --git a/crypto/openssl/crypto/des/speed.c b/crypto/openssl/crypto/des/speed.c
deleted file mode 100644
index 48fc1d49fc24..000000000000
--- a/crypto/openssl/crypto/des/speed.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* crypto/des/speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/des.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-#   define HZ	100.0
-#  else /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-	static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	DES_key_schedule sch,sch2,sch3;
-	double a,b,c,d,e;
-#ifndef SIGALRM
-	long ca,cb,cc,cd,ce;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-	DES_set_key_unchecked(&key2,&sch2);
-	DES_set_key_unchecked(&key3,&sch3);
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	DES_set_key_unchecked(&key,&sch);
-	count=10;
-	do	{
-		long i;
-		DES_LONG data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			DES_encrypt1(data,&sch,DES_ENCRYPT);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count;
-	cb=count*3;
-	cc=count*3*8/BUFSIZE+1;
-	cd=count*8/BUFSIZE+1;
-	ce=count/20+1;
-	printf("Doing set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count++)
-		DES_set_key_unchecked(&key,&sch);
-	d=Time_F(STOP);
-	printf("%ld set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing DES_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing DES_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count++)
-		{
-		DES_LONG data[2];
-
-		DES_encrypt1(data,&sch,DES_ENCRYPT);
-		}
-	d=Time_F(STOP);
-	printf("%ld DES_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&key,DES_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-#ifdef SIGALRM
-	printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cd); count++)
-		DES_ede3_cbc_encrypt(buf,buf,BUFSIZE,
-			&sch,
-			&sch2,
-			&sch3,
-			&key,
-			DES_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	d=((double)COUNT(cd)*BUFSIZE)/d;
-
-#ifdef SIGALRM
-	printf("Doing crypt for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing crypt %ld times\n",ce);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(ce); count++)
-		crypt("testing1","ef");
-	e=Time_F(STOP);
-	printf("%ld crypts in %.2f second\n",count,e);
-	e=((double)COUNT(ce))/e;
-
-	printf("set_key            per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
-	printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
-	printf("crypt              per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/des/spr.h b/crypto/openssl/crypto/des/spr.h
deleted file mode 100644
index b91936a5a536..000000000000
--- a/crypto/openssl/crypto/des/spr.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/* crypto/des/spr.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64]={
-{
-/* nibble 0 */
-0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-},{
-/* nibble 1 */
-0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-},{
-/* nibble 2 */
-0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-},{
-/* nibble 3 */
-0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-},{
-/* nibble 4 */
-0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-},{
-/* nibble 5 */
-0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-},{
-/* nibble 6 */
-0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-},{
-/* nibble 7 */
-0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-}};
diff --git a/crypto/openssl/crypto/des/str2key.c b/crypto/openssl/crypto/des/str2key.c
deleted file mode 100644
index 0373db469c9a..000000000000
--- a/crypto/openssl/crypto/des/str2key.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* crypto/des/str2key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_string_to_key(const char *str, DES_cblock *key)
-	{
-	DES_key_schedule ks;
-	int i,length;
-	register unsigned char j;
-
-	memset(key,0,8);
-	length=strlen(str);
-#ifdef OLD_STR_TO_KEY
-	for (i=0; i<length; i++)
-		(*key)[i%8]^=(str[i]<<1);
-#else /* MIT COMPATIBLE */
-	for (i=0; i<length; i++)
-		{
-		j=str[i];
-		if ((i%16) < 8)
-			(*key)[i%8]^=(j<<1);
-		else
-			{
-			/* Reverse the bit order 05/05/92 eay */
-			j=((j<<4)&0xf0)|((j>>4)&0x0f);
-			j=((j<<2)&0xcc)|((j>>2)&0x33);
-			j=((j<<1)&0xaa)|((j>>1)&0x55);
-			(*key)[7-(i%8)]^=j;
-			}
-		}
-#endif
-	DES_set_odd_parity(key);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key))
-	    (*key)[7] ^= 0xF0;
-	DES_set_key(key,&ks);
-#else
-	DES_set_key_unchecked(key,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
-	OPENSSL_cleanse(&ks,sizeof(ks));
-	DES_set_odd_parity(key);
-	}
-
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
-	{
-	DES_key_schedule ks;
-	int i,length;
-	register unsigned char j;
-
-	memset(key1,0,8);
-	memset(key2,0,8);
-	length=strlen(str);
-#ifdef OLD_STR_TO_KEY
-	if (length <= 8)
-		{
-		for (i=0; i<length; i++)
-			{
-			(*key2)[i]=(*key1)[i]=(str[i]<<1);
-			}
-		}
-	else
-		{
-		for (i=0; i<length; i++)
-			{
-			if ((i/8)&1)
-				(*key2)[i%8]^=(str[i]<<1);
-			else
-				(*key1)[i%8]^=(str[i]<<1);
-			}
-		}
-#else /* MIT COMPATIBLE */
-	for (i=0; i<length; i++)
-		{
-		j=str[i];
-		if ((i%32) < 16)
-			{
-			if ((i%16) < 8)
-				(*key1)[i%8]^=(j<<1);
-			else
-				(*key2)[i%8]^=(j<<1);
-			}
-		else
-			{
-			j=((j<<4)&0xf0)|((j>>4)&0x0f);
-			j=((j<<2)&0xcc)|((j>>2)&0x33);
-			j=((j<<1)&0xaa)|((j>>1)&0x55);
-			if ((i%16) < 8)
-				(*key1)[7-(i%8)]^=j;
-			else
-				(*key2)[7-(i%8)]^=j;
-			}
-		}
-	if (length <= 8) memcpy(key2,key1,8);
-#endif
-	DES_set_odd_parity(key1);
-	DES_set_odd_parity(key2);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key1))
-	    (*key1)[7] ^= 0xF0;
-	DES_set_key(key1,&ks);
-#else
-	DES_set_key_unchecked(key1,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key1,length,&ks,key1);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key2))
-	    (*key2)[7] ^= 0xF0;
-	DES_set_key(key2,&ks);
-#else
-	DES_set_key_unchecked(key2,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2);
-	OPENSSL_cleanse(&ks,sizeof(ks));
-	DES_set_odd_parity(key1);
-	DES_set_odd_parity(key2);
-	}
diff --git a/crypto/openssl/crypto/des/supp.c b/crypto/openssl/crypto/des/supp.c
deleted file mode 100644
index e51b36c91630..000000000000
--- a/crypto/openssl/crypto/des/supp.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/des/supp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Copyright (c) 1995
- *	Mark Murray.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by Mark Murray
- * 4. Neither the name of the author nor the names of any co-contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: supp.c,v 1.5 1999/05/16 12:25:45 bodo Exp $
- */
-
-#include <stdio.h>
-#include "des_locl.h"
-
-void des_cblock_print_file(const_des_cblock *cb, FILE *fp)
-{
-	int i;
-	const unsigned int *p = (const unsigned int *)cb;
-
-	fprintf(fp, " 0x { ");
-	for (i = 0; i < 8; i++) {
-		fprintf(fp, "%x", p[i]);
-		if (i != 7) fprintf(fp, ", ");
-	}
-	fprintf(fp, " }");
-}
diff --git a/crypto/openssl/crypto/des/t/test b/crypto/openssl/crypto/des/t/test
deleted file mode 100644
index 97acd0552e43..000000000000
--- a/crypto/openssl/crypto/des/t/test
+++ /dev/null
@@ -1,27 +0,0 @@
-#!./perl
-
-BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
-
-use DES;
-
-$key='00000000';
-$ks=DES::set_key($key);
-@a=split(//,$ks);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-
-
-$key=DES::random_key();
-print "($_)\n";
-@a=split(//,$key);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-$str="this is and again into the breach";
-($k1,$k2)=DES::string_to_2keys($str);
-@a=split(//,$k1);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-@a=split(//,$k2);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-
diff --git a/crypto/openssl/crypto/des/testdes.pl b/crypto/openssl/crypto/des/testdes.pl
deleted file mode 100644
index 01a165a963d1..000000000000
--- a/crypto/openssl/crypto/des/testdes.pl
+++ /dev/null
@@ -1,167 +0,0 @@
-#!/usr/local/bin/perl
-
-# des.pl tesing code
-
-require 'des.pl';
-
-$num_tests=34;
-@key_data=(
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
-	0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57,
-	0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E,
-	0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86,
-	0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
-	0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
-	0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE,
-	0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6,
-	0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE,
-	0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16,
-	0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F,
-	0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46,
-	0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E,
-	0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76,
-	0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07,
-	0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F,
-	0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7,
-	0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF,
-	0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6,
-	0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF,
-	0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
-	0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E,
-	0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
-	);
-
-@plain_data=(
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
-	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
-	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42,
-	0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA,
-	0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72,
-	0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A,
-	0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2,
-	0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A,
-	0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2,
-	0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A,
-	0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02,
-	0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A,
-	0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32,
-	0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA,
-	0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62,
-	0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2,
-	0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA,
-	0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92,
-	0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A,
-	0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2,
-	0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF);
-
-@cipher_data=(
-	0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
-	0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58,
-	0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B,
-	0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33,
-	0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D,
-	0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD,
-	0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
-	0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4,
-	0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B,
-	0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71,
-	0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A,
-	0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A,
-	0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95,
-	0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B,
-	0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09,
-	0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A,
-	0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F,
-	0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88,
-	0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77,
-	0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A,
-	0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56,
-	0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56,
-	0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56,
-	0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC,
-	0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A,
-	0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41,
-	0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93,
-	0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00,
-	0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06,
-	0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7,
-	0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51,
-	0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE,
-	0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D,
-	0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2);
-
-print "Doing ecb tests\n";
-for ($i=0; $i<$num_tests; $i++)
-	{
-	printf "Doing test $i\n";
-	$key =pack("C8",splice(@key_data   ,0,8));
-	$data=pack("C8",splice(@plain_data ,0,8));
-	$res =pack("C8",splice(@cipher_data,0,8));
-
-	@ks=  &des_set_key($key);
-	$out1= &des_ecb_encrypt(*ks,1,$data);
-	$out2= &des_ecb_encrypt(*ks,0,$out1);
-	$out3= &des_ecb_encrypt(*ks,0,$res);
-	&eprint("encryption failure",$res,$out1)
-		if ($out1 ne $res);
-	&eprint("encryption/decryption failure",$data,$out2)
-		if ($out2 ne $data);
-	&eprint("decryption failure",$data,$out3)
-		if ($data ne $out3);
-	}
-print "Done\n";
-
-print "doing speed test over 30 seconds\n";
-$SIG{'ALRM'}='done';
-sub done {$done=1;}
-$done=0;
-
-$count=0;
-$d=pack("C8",0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
-@ks=  &des_set_key($d);
-alarm(30);
-$start=(times)[0];
-while (!$done)
-	{
-	$count++;
-	$d=&des_ecb_encrypt(*ks,1,$d);
-	}
-$end=(times)[0];
-$t=$end-$start;
-printf "$count DESs in %.2f seconds is %.2f DESs/sec or %.2f bytes/sec\n",
-	1.0*$t,1.0*$count/$t,$count*8.0/$t;
-
-sub eprint
-	{
-	local($s,$c,$e)=@_;
-	local(@k);
-
-	@k=unpack("C8",$c);
-	printf "%02x%02x%02x%02x %02x%02x%02x%02x - ",unpack("C8",$c);
-	printf "%02x%02x%02x%02x %02x%02x%02x%02x :",unpack("C8",$e);
-	print " $s\n";
-	}
diff --git a/crypto/openssl/crypto/des/times/486-50.sol b/crypto/openssl/crypto/des/times/486-50.sol
deleted file mode 100644
index 0de62d6db31e..000000000000
--- a/crypto/openssl/crypto/des/times/486-50.sol
+++ /dev/null
@@ -1,16 +0,0 @@
-Solaris 2.4, 486 50mhz, gcc 2.6.3
-options    des ecb/s
-16 r2 i     43552.51 100.0%
-16 r1 i     43487.45  99.9%
-16  c p     43003.23  98.7%
-16 r2 p     42339.00  97.2%
-16  c i     41900.91  96.2%
-16 r1 p     41360.64  95.0%
- 4  c i     38728.48  88.9%
- 4  c p     38225.63  87.8%
- 4 r1 i     38085.79  87.4%
- 4 r2 i     37825.64  86.9%
- 4 r2 p     34611.00  79.5%
- 4 r1 p     31802.00  73.0%
--DDES_UNROLL -DDES_RISC2
-
diff --git a/crypto/openssl/crypto/des/times/586-100.lnx b/crypto/openssl/crypto/des/times/586-100.lnx
deleted file mode 100644
index 4323914a11bb..000000000000
--- a/crypto/openssl/crypto/des/times/586-100.lnx
+++ /dev/null
@@ -1,20 +0,0 @@
-Pentium 100
-Linux 2 kernel
-gcc 2.7.0 -O3 -fomit-frame-pointer
-No X server running, just a console, it makes the top speed jump from 151,000
-to 158,000 :-).
-options    des ecb/s
-assember   281000.00 177.1%
-16 r1 p    158667.40 100.0%
-16 r1 i    148471.70  93.6%
-16 r2 p    143961.80  90.7%
-16 r2 i    141689.20  89.3%
- 4 r1 i    140100.00  88.3%
- 4 r2 i    134049.40  84.5%
-16  c i    124145.20  78.2%
-16  c p    121584.20  76.6%
- 4  c i    118116.00  74.4%
- 4 r2 p    117977.90  74.4%
- 4  c p    114971.40  72.5%
- 4 r1 p    114578.40  72.2%
--DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/crypto/openssl/crypto/des/times/686-200.fre b/crypto/openssl/crypto/des/times/686-200.fre
deleted file mode 100644
index 7d83f6adee15..000000000000
--- a/crypto/openssl/crypto/des/times/686-200.fre
+++ /dev/null
@@ -1,18 +0,0 @@
-Pentium 100
-Free BSD 2.1.5 kernel
-gcc 2.7.2.2 -O3 -fomit-frame-pointer
-options    des ecb/s
-assember   578000.00 133.1%
-16 r2 i    434454.80 100.0%
-16 r1 i    433621.43  99.8%
-16 r2 p    431375.69  99.3%
- 4 r1 i    423722.30  97.5%
- 4 r2 i    422399.40  97.2%
-16 r1 p    421739.40  97.1%
-16  c i    399027.94  91.8%
-16  c p    372251.70  85.7%
- 4  c i    365118.35  84.0%
- 4  c p    352880.51  81.2%
- 4 r2 p    255104.90  58.7%
- 4 r1 p    251289.18  57.8%
--DDES_UNROLL -DDES_RISC2
diff --git a/crypto/openssl/crypto/des/times/aix.cc b/crypto/openssl/crypto/des/times/aix.cc
deleted file mode 100644
index d96b74e2cedd..000000000000
--- a/crypto/openssl/crypto/des/times/aix.cc
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Paco Garcia <pgarcia@cam.es>
-
-This machine is a Bull Estrella  Minitower Model MT604-100
-Processor        : PPC604 
-P.Speed          : 100Mhz 
-Data/Instr Cache :    16 K
-L2 Cache         :   256 K
-PCI BUS Speed    :    33 Mhz
-TransfRate PCI   :   132 MB/s
-Memory           :    96 MB
-
-options    des ecb/s       
- 4  c p    275118.61 100.0%
- 4  c i    273545.07  99.4%
- 4 r2 p    270441.02  98.3%
- 4 r1 p    253052.15  92.0%
- 4 r2 i    240842.97  87.5%
- 4 r1 i    240556.66  87.4%
-16  c i    224603.99  81.6%
-16  c p    224483.98  81.6%
-16 r2 p    215691.19  78.4%
-16 r1 p    208332.83  75.7%
-16 r1 i    199206.50  72.4%
-16 r2 i    198963.70  72.3%
--DDES_PTR
-
diff --git a/crypto/openssl/crypto/des/times/alpha.cc b/crypto/openssl/crypto/des/times/alpha.cc
deleted file mode 100644
index 95c17efae7e5..000000000000
--- a/crypto/openssl/crypto/des/times/alpha.cc
+++ /dev/null
@@ -1,18 +0,0 @@
-cc -O2
-DES_LONG is 'unsigned int'
-
-options    des ecb/s
- 4 r2 p    181146.14 100.0%
-16 r2 p    172102.94  95.0%
- 4 r2 i    165424.11  91.3%
-16  c p    160468.64  88.6%
- 4  c p    156653.59  86.5%
- 4  c i    155245.18  85.7%
- 4 r1 p    154729.68  85.4%
-16 r2 i    154137.69  85.1%
-16 r1 p    152357.96  84.1%
-16  c i    148743.91  82.1%
- 4 r1 i    146695.59  81.0%
-16 r1 i    144961.00  80.0%
--DDES_RISC2 -DDES_PTR
-
diff --git a/crypto/openssl/crypto/des/times/hpux.cc b/crypto/openssl/crypto/des/times/hpux.cc
deleted file mode 100644
index 3de856ddac5a..000000000000
--- a/crypto/openssl/crypto/des/times/hpux.cc
+++ /dev/null
@@ -1,17 +0,0 @@
-HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
-
-options    des ecb/s
-16  c i    149448.90 100.0%
- 4  c i    145861.79  97.6%
-16 r2 i    141710.96  94.8%
-16 r1 i    139455.33  93.3%
- 4 r2 i    138800.00  92.9%
- 4 r1 i    136692.65  91.5%
-16 r2 p    110228.17  73.8%
-16 r1 p    109397.07  73.2%
-16  c p    109209.89  73.1%
- 4  c p    108014.71  72.3%
- 4 r2 p    107873.88  72.2%
- 4 r1 p    107685.83  72.1%
--DDES_UNROLL
-
diff --git a/crypto/openssl/crypto/des/times/sparc.gcc b/crypto/openssl/crypto/des/times/sparc.gcc
deleted file mode 100644
index 8eaa04210406..000000000000
--- a/crypto/openssl/crypto/des/times/sparc.gcc
+++ /dev/null
@@ -1,17 +0,0 @@
-solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
-
-options    des ecb/s
-16  c i    124382.70 100.0%
- 4  c i    118884.68  95.6%
-16  c p    112261.20  90.3%
-16 r2 i    111777.10  89.9%
-16 r2 p    108896.30  87.5%
-16 r1 p    108791.59  87.5%
- 4  c p    107290.10  86.3%
- 4 r1 p    104583.80  84.1%
-16 r1 i    104206.20  83.8%
- 4 r2 p    103709.80  83.4%
- 4 r2 i     98306.43  79.0%
- 4 r1 i     91525.80  73.6%
--DDES_UNROLL
-      
diff --git a/crypto/openssl/crypto/des/times/usparc.cc b/crypto/openssl/crypto/des/times/usparc.cc
deleted file mode 100644
index f6ec8e8831d8..000000000000
--- a/crypto/openssl/crypto/des/times/usparc.cc
+++ /dev/null
@@ -1,31 +0,0 @@
-solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
-
-For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
-gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
-I belive the difference is tied up in optimisation that the compiler
-is able to perform when the code is 'inlined'.  For 'speed', the DES
-routines are being linked from a library.  I'll record the higher
-speed since if performance is everything, you can always inline
-'des_enc.c'.
-
-[ 16-Jan-06 - I've been playing with the
-  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
-  and while it makes the des_opts numbers much slower, it makes the
-  actual 'speed' numbers look better which is a realistic version of
-  using the libraries. ]
-
-options    des ecb/s
-16 r1 p    475516.90 100.0%
-16 r2 p    439388.10  92.4%
-16  c i    427001.40  89.8%
-16  c p    419516.50  88.2%
- 4 r2 p    409491.70  86.1%
- 4 r1 p    404266.90  85.0%
- 4  c p    398121.00  83.7%
- 4  c i    370588.40  77.9%
- 4 r1 i    362742.20  76.3%
-16 r2 i    331275.50  69.7%
-16 r1 i    324730.60  68.3%
- 4 r2 i     63535.10  13.4%	<-- very very weird, must be cache problems.
--DDES_UNROLL -DDES_RISC1 -DDES_PTR
-
diff --git a/crypto/openssl/crypto/des/typemap b/crypto/openssl/crypto/des/typemap
deleted file mode 100644
index a524f53634e7..000000000000
--- a/crypto/openssl/crypto/des/typemap
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# DES SECTION
-#
-deschar *	T_DESCHARP
-des_cblock *	T_CBLOCK
-des_cblock	T_CBLOCK
-des_key_schedule	T_SCHEDULE
-des_key_schedule *	T_SCHEDULE
-
-INPUT
-T_CBLOCK
-	$var=(des_cblock *)SvPV($arg,len);
-	if (len < DES_KEY_SZ)
-		{
-		croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
-		}
-
-T_SCHEDULE
-	$var=(des_key_schedule *)SvPV($arg,len);
-	if (len < DES_SCHEDULE_SZ)
-		{
-		croak(\"$var needs to be at least %u bytes long\",
-			DES_SCHEDULE_SZ);
-		}
-
-OUTPUT
-T_CBLOCK
-	sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
-
-T_SCHEDULE
-	sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
-
-T_DESCHARP
-	sv_setpvn($arg,(char *)$var,len);
diff --git a/crypto/openssl/crypto/des/xcbc_enc.c b/crypto/openssl/crypto/des/xcbc_enc.c
deleted file mode 100644
index 47246eb46649..000000000000
--- a/crypto/openssl/crypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* crypto/des/xcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* RSA's DESX */
-
-static unsigned char desx_white_in2out[256]={
-0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
-0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
-0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
-0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
-0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
-0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
-0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
-0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
-0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
-0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
-0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
-0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
-0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
-0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
-0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
-0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
-	};
-
-void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
-	     DES_cblock *out_white)
-	{
-	int out0,out1;
-	int i;
-	const unsigned char *key = &(*des_key)[0];
-	const unsigned char *in = &(*in_white)[0];
-	unsigned char *out = &(*out_white)[0];
-
-	out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
-	out0=out1=0;
-	for (i=0; i<8; i++)
-		{
-		out[i]=key[i]^desx_white_in2out[out0^out1];
-		out0=out1;
-		out1=(int)out[i&0x07];
-		}
-
-	out0=out[0];
-	out1=out[i];
-	for (i=0; i<8; i++)
-		{
-		out[i]=in[i]^desx_white_in2out[out0^out1];
-		out0=out1;
-		out1=(int)out[i&0x07];
-		}
-	}
-
-void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
-		      long length, DES_key_schedule *schedule,
-		      DES_cblock *ivec, const_DES_cblock *inw,
-		      const_DES_cblock *outw, int enc)
-	{
-	register DES_LONG tin0,tin1;
-	register DES_LONG tout0,tout1,xor0,xor1;
-	register DES_LONG inW0,inW1,outW0,outW1;
-	register const unsigned char *in2;
-	register long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	in2 = &(*inw)[0];
-	c2l(in2,inW0);
-	c2l(in2,inW1);
-	in2 = &(*outw)[0];
-	c2l(in2,outW0);
-	c2l(in2,outW1);
-
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0^inW0; tin[0]=tin0;
-			tin1^=tout1^inW1; tin[1]=tin1;
-			DES_encrypt1(tin,schedule,DES_ENCRYPT);
-			tout0=tin[0]^outW0; l2c(tout0,out);
-			tout1=tin[1]^outW1; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0^inW0; tin[0]=tin0;
-			tin1^=tout1^inW1; tin[1]=tin1;
-			DES_encrypt1(tin,schedule,DES_ENCRYPT);
-			tout0=tin[0]^outW0; l2c(tout0,out);
-			tout1=tin[1]^outW1; l2c(tout1,out);
-			}
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0^outW0;
-			c2l(in,tin1); tin[1]=tin1^outW1;
-			DES_encrypt1(tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0^inW0;
-			tout1=tin[1]^xor1^inW1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0^outW0;
-			c2l(in,tin1); tin[1]=tin1^outW1;
-			DES_encrypt1(tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0^inW0;
-			tout1=tin[1]^xor1^inW1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	inW0=inW1=outW0=outW1=0;
-	tin[0]=tin[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/dh/Makefile.save b/crypto/openssl/crypto/dh/Makefile.save
deleted file mode 100644
index ccee00eeca2c..000000000000
--- a/crypto/openssl/crypto/dh/Makefile.save
+++ /dev/null
@@ -1,119 +0,0 @@
-#
-# SSLeay/crypto/dh/Makefile
-#
-
-DIR=	dh
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= dhtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
-LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dh.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_check.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_check.o: ../cryptlib.h
-dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_err.o: ../../include/openssl/symhacks.h
-dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_gen.o: ../cryptlib.h
-dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_lib.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/dh/Makefile.ssl b/crypto/openssl/crypto/dh/Makefile.ssl
deleted file mode 100644
index ed47f85d0773..000000000000
--- a/crypto/openssl/crypto/dh/Makefile.ssl
+++ /dev/null
@@ -1,136 +0,0 @@
-#
-# SSLeay/crypto/dh/Makefile
-#
-
-DIR=	dh
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= dhtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
-LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dh.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
-dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_check.o: ../../include/openssl/opensslconf.h
-dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
-dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_err.o: ../../include/openssl/symhacks.h dh_err.c
-dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_gen.o: ../cryptlib.h dh_gen.c
-dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dh_key.o: ../cryptlib.h dh_key.c
-dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/crypto/openssl/crypto/dh/dh.h b/crypto/openssl/crypto/dh/dh.h
deleted file mode 100644
index 05851f84294c..000000000000
--- a/crypto/openssl/crypto/dh/dh.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-#define HEADER_DH_H
-
-#ifdef OPENSSL_NO_DH
-#error DH is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-	
-#define DH_FLAG_CACHE_MONT_P	0x01
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct dh_st DH;
-
-typedef struct dh_method {
-	const char *name;
-	/* Methods here */
-	int (*generate_key)(DH *dh);
-	int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-	int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
-				const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-
-	int (*init)(DH *dh);
-	int (*finish)(DH *dh);
-	int flags;
-	char *app_data;
-} DH_METHOD;
-
-struct dh_st
-	{
-	/* This first argument is used to pick up errors when
-	 * a DH is passed instead of a EVP_PKEY */
-	int pad;
-	int version;
-	BIGNUM *p;
-	BIGNUM *g;
-	long length; /* optional */
-	BIGNUM *pub_key;	/* g^x */
-	BIGNUM *priv_key;	/* x */
-
-	int flags;
-	char *method_mont_p;
-	/* Place holders if we want to do X9.42 DH */
-	BIGNUM *q;
-	BIGNUM *j;
-	unsigned char *seed;
-	int seedlen;
-	BIGNUM *counter;
-
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DH_METHOD *meth;
-	ENGINE *engine;
-	};
-
-#define DH_GENERATOR_2		2
-/* #define DH_GENERATOR_3	3 */
-#define DH_GENERATOR_5		5
-
-/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME		0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME	0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR	0x04
-#define DH_NOT_SUITABLE_GENERATOR	0x08
-
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
-   this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME	DH_CHECK_P_NOT_SAFE_PRIME
-
-#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
-		(char *(*)())d2i_DHparams,(char *)(x))
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-		(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
-		(char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
-#ifdef  __cplusplus
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
-		(unsigned char *)(x))
-#else
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
-		(unsigned char *)(x))
-#endif
-
-const DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-
-DH *	DH_new(void);
-void	DH_free(DH *dh);
-int	DH_up_ref(DH *dh);
-int	DH_size(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-DH *	DH_generate_parameters(int prime_len,int generator,
-		void (*callback)(int,int,void *),void *cb_arg);
-int	DH_check(const DH *dh,int *codes);
-int	DH_generate_key(DH *dh);
-int	DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH *	d2i_DHparams(DH **a,const unsigned char **pp, long length);
-int	i2d_DHparams(const DH *a,unsigned char **pp);
-#ifndef OPENSSL_NO_FP_API
-int	DHparams_print_fp(FILE *fp, const DH *x);
-#endif
-#ifndef OPENSSL_NO_BIO
-int	DHparams_print(BIO *bp, const DH *x);
-#else
-int	DHparams_print(char *bp, const DH *x);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-#define DH_F_DHPARAMS_PRINT				 100
-#define DH_F_DHPARAMS_PRINT_FP				 101
-#define DH_F_DH_COMPUTE_KEY				 102
-#define DH_F_DH_GENERATE_KEY				 103
-#define DH_F_DH_GENERATE_PARAMETERS			 104
-#define DH_F_DH_NEW_METHOD				 105
-
-/* Reason codes. */
-#define DH_R_BAD_GENERATOR				 101
-#define DH_R_NO_PRIVATE_VALUE				 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/dh/dh1024.pem b/crypto/openssl/crypto/dh/dh1024.pem
deleted file mode 100644
index 81d43f6a3eae..000000000000
--- a/crypto/openssl/crypto/dh/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
-/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
-/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
------END DH PARAMETERS-----
diff --git a/crypto/openssl/crypto/dh/dh192.pem b/crypto/openssl/crypto/dh/dh192.pem
deleted file mode 100644
index 521c07271d0d..000000000000
--- a/crypto/openssl/crypto/dh/dh192.pem
+++ /dev/null
@@ -1,3 +0,0 @@
------BEGIN DH PARAMETERS-----
-MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
------END DH PARAMETERS-----
diff --git a/crypto/openssl/crypto/dh/dh2048.pem b/crypto/openssl/crypto/dh/dh2048.pem
deleted file mode 100644
index 295460f5081e..000000000000
--- a/crypto/openssl/crypto/dh/dh2048.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
-AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
-z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
-pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
-aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
-Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
-8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
-SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
-gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
-yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
-a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
------END DH PARAMETERS-----
diff --git a/crypto/openssl/crypto/dh/dh4096.pem b/crypto/openssl/crypto/dh/dh4096.pem
deleted file mode 100644
index 390943a21dc4..000000000000
--- a/crypto/openssl/crypto/dh/dh4096.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
-vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
-TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
-bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
-rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
-EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
-bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
-W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
-ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
-NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
-jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
------END DH PARAMETERS-----
-
diff --git a/crypto/openssl/crypto/dh/dh512.pem b/crypto/openssl/crypto/dh/dh512.pem
deleted file mode 100644
index 0a4d863ebe27..000000000000
--- a/crypto/openssl/crypto/dh/dh512.pem
+++ /dev/null
@@ -1,4 +0,0 @@
------BEGIN DH PARAMETERS-----
-MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
-a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
------END DH PARAMETERS-----
diff --git a/crypto/openssl/crypto/dh/dh_asn1.c b/crypto/openssl/crypto/dh/dh_asn1.c
deleted file mode 100644
index 769b5b68c53f..000000000000
--- a/crypto/openssl/crypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* dh_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-
-/* Override the default free and new methods */
-static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)DH_new();
-		if(*pval) return 2;
-		return 0;
-	} else if(operation == ASN1_OP_FREE_PRE) {
-		DH_free((DH *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
-	ASN1_SIMPLE(DH, p, BIGNUM),
-	ASN1_SIMPLE(DH, g, BIGNUM),
-	ASN1_OPT(DH, length, ZLONG),
-} ASN1_SEQUENCE_END_cb(DH, DHparams)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/crypto/openssl/crypto/dh/dh_check.c b/crypto/openssl/crypto/dh/dh_check.c
deleted file mode 100644
index f0373f7d6878..000000000000
--- a/crypto/openssl/crypto/dh/dh_check.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/dh/dh_check.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/* Check that p is a safe prime and
- * if g is 2, 3 or 5, check that is is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
- */
-
-int DH_check(const DH *dh, int *ret)
-	{
-	int ok=0;
-	BN_CTX *ctx=NULL;
-	BN_ULONG l;
-	BIGNUM *q=NULL;
-
-	*ret=0;
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	q=BN_new();
-	if (q == NULL) goto err;
-
-	if (BN_is_word(dh->g,DH_GENERATOR_2))
-		{
-		l=BN_mod_word(dh->p,24);
-		if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
-		}
-#if 0
-	else if (BN_is_word(dh->g,DH_GENERATOR_3))
-		{
-		l=BN_mod_word(dh->p,12);
-		if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
-		}
-#endif
-	else if (BN_is_word(dh->g,DH_GENERATOR_5))
-		{
-		l=BN_mod_word(dh->p,10);
-		if ((l != 3) && (l != 7))
-			*ret|=DH_NOT_SUITABLE_GENERATOR;
-		}
-	else
-		*ret|=DH_UNABLE_TO_CHECK_GENERATOR;
-
-	if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
-		*ret|=DH_CHECK_P_NOT_PRIME;
-	else
-		{
-		if (!BN_rshift1(q,dh->p)) goto err;
-		if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
-			*ret|=DH_CHECK_P_NOT_SAFE_PRIME;
-		}
-	ok=1;
-err:
-	if (ctx != NULL) BN_CTX_free(ctx);
-	if (q != NULL) BN_free(q);
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/dh/dh_err.c b/crypto/openssl/crypto/dh/dh_err.c
deleted file mode 100644
index d837950aecb3..000000000000
--- a/crypto/openssl/crypto/dh/dh_err.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/dh/dh_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA DH_str_functs[]=
-	{
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),	"DHparams_print"},
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0),	"DHparams_print_fp"},
-{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0),	"DH_compute_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0),	"DH_generate_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0),	"DH_generate_parameters"},
-{ERR_PACK(0,DH_F_DH_NEW_METHOD,0),	"DH_new_method"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA DH_str_reasons[]=
-	{
-{DH_R_BAD_GENERATOR                      ,"bad generator"},
-{DH_R_NO_PRIVATE_VALUE                   ,"no private value"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_DH_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DH,DH_str_functs);
-		ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/dh/dh_gen.c b/crypto/openssl/crypto/dh/dh_gen.c
deleted file mode 100644
index 06f78b35ab71..000000000000
--- a/crypto/openssl/crypto/dh/dh_gen.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* crypto/dh/dh_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/* We generate DH parameters as follows
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
- *
- * Having said all that,
- * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
- *
- * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
- * special generators and for answering some of my questions.
- *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-/* Actually there is no reason to insist that 'generator' be a generator.
- * It's just as OK (and in some sense better) to use a generator of the
- * order-q subgroup.
- */
-DH *DH_generate_parameters(int prime_len, int generator,
-	     void (*callback)(int,int,void *), void *cb_arg)
-	{
-	BIGNUM *p=NULL,*t1,*t2;
-	DH *ret=NULL;
-	int g,ok= -1;
-	BN_CTX *ctx=NULL;
-
-	ret=DH_new();
-	if (ret == NULL) goto err;
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	BN_CTX_start(ctx);
-	t1 = BN_CTX_get(ctx);
-	t2 = BN_CTX_get(ctx);
-	if (t1 == NULL || t2 == NULL) goto err;
-	
-	if (generator <= 1)
-		{
-		DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
-		goto err;
-		}
-	if (generator == DH_GENERATOR_2)
-		{
-		if (!BN_set_word(t1,24)) goto err;
-		if (!BN_set_word(t2,11)) goto err;
-		g=2;
-		}
-#if 0 /* does not work for safe primes */
-	else if (generator == DH_GENERATOR_3)
-		{
-		if (!BN_set_word(t1,12)) goto err;
-		if (!BN_set_word(t2,5)) goto err;
-		g=3;
-		}
-#endif
-	else if (generator == DH_GENERATOR_5)
-		{
-		if (!BN_set_word(t1,10)) goto err;
-		if (!BN_set_word(t2,3)) goto err;
-		/* BN_set_word(t3,7); just have to miss
-		 * out on these ones :-( */
-		g=5;
-		}
-	else
-		{
-		/* in the general case, don't worry if 'generator' is a
-		 * generator or not: since we are using safe primes,
-		 * it will generate either an order-q or an order-2q group,
-		 * which both is OK */
-		if (!BN_set_word(t1,2)) goto err;
-		if (!BN_set_word(t2,1)) goto err;
-		g=generator;
-		}
-	
-	p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
-	if (p == NULL) goto err;
-	if (callback != NULL) callback(3,0,cb_arg);
-	ret->p=p;
-	ret->g=BN_new();
-	if (!BN_set_word(ret->g,g)) goto err;
-	ok=1;
-err:
-	if (ok == -1)
-		{
-		DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
-		ok=0;
-		}
-
-	if (ctx != NULL)
-		{
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-		}
-	if (!ok && (ret != NULL))
-		{
-		DH_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/dh/dh_key.c b/crypto/openssl/crypto/dh/dh_key.c
deleted file mode 100644
index 6ce65ed5f37c..000000000000
--- a/crypto/openssl/crypto/dh/dh_key.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* crypto/dh/dh_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static int generate_key(DH *dh);
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-			const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *m_ctx);
-static int dh_init(DH *dh);
-static int dh_finish(DH *dh);
-
-int DH_generate_key(DH *dh)
-	{
-	return dh->meth->generate_key(dh);
-	}
-
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-	{
-	return dh->meth->compute_key(key, pub_key, dh);
-	}
-
-static DH_METHOD dh_ossl = {
-"OpenSSL DH Method",
-generate_key,
-compute_key,
-dh_bn_mod_exp,
-dh_init,
-dh_finish,
-0,
-NULL
-};
-
-const DH_METHOD *DH_OpenSSL(void)
-{
-	return &dh_ossl;
-}
-
-static int generate_key(DH *dh)
-	{
-	int ok=0;
-	int generate_new_key=0;
-	unsigned l;
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
-	BIGNUM *pub_key=NULL,*priv_key=NULL;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL) goto err;
-
-	if (dh->priv_key == NULL)
-		{
-		priv_key=BN_new();
-		if (priv_key == NULL) goto err;
-		generate_new_key=1;
-		}
-	else
-		priv_key=dh->priv_key;
-
-	if (dh->pub_key == NULL)
-		{
-		pub_key=BN_new();
-		if (pub_key == NULL) goto err;
-		}
-	else
-		pub_key=dh->pub_key;
-
-	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
-		{
-		if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-				dh->p,ctx)) goto err;
-		}
-	mont=(BN_MONT_CTX *)dh->method_mont_p;
-
-	if (generate_new_key)
-		{
-		l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
-		if (!BN_rand(priv_key, l, 0, 0)) goto err;
-		}
-	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
-		goto err;
-		
-	dh->pub_key=pub_key;
-	dh->priv_key=priv_key;
-	ok=1;
-err:
-	if (ok != 1)
-		DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
-
-	if ((pub_key != NULL)  && (dh->pub_key == NULL))  BN_free(pub_key);
-	if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
-	BN_CTX_free(ctx);
-	return(ok);
-	}
-
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-	{
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
-	BIGNUM *tmp;
-	int ret= -1;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL) goto err;
-	BN_CTX_start(ctx);
-	tmp = BN_CTX_get(ctx);
-	
-	if (dh->priv_key == NULL)
-		{
-		DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
-		goto err;
-		}
-	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
-		{
-		if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-				dh->p,ctx)) goto err;
-		}
-
-	mont=(BN_MONT_CTX *)dh->method_mont_p;
-	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
-		{
-		DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
-		goto err;
-		}
-
-	ret=BN_bn2bin(tmp,key);
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	return(ret);
-	}
-
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-			const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *m_ctx)
-	{
-	if (a->top == 1)
-		{
-		BN_ULONG A = a->d[0];
-		return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
-		}
-	else
-		return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
-	}
-
-
-static int dh_init(DH *dh)
-	{
-	dh->flags |= DH_FLAG_CACHE_MONT_P;
-	return(1);
-	}
-
-static int dh_finish(DH *dh)
-	{
-	if(dh->method_mont_p)
-		BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
-	return(1);
-	}
diff --git a/crypto/openssl/crypto/dh/dh_lib.c b/crypto/openssl/crypto/dh/dh_lib.c
deleted file mode 100644
index 09965ee2ea80..000000000000
--- a/crypto/openssl/crypto/dh/dh_lib.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* crypto/dh/dh_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
-
-static const DH_METHOD *default_DH_method = NULL;
-
-void DH_set_default_method(const DH_METHOD *meth)
-	{
-	default_DH_method = meth;
-	}
-
-const DH_METHOD *DH_get_default_method(void)
-	{
-	if(!default_DH_method)
-		default_DH_method = DH_OpenSSL();
-	return default_DH_method;
-	}
-
-int DH_set_method(DH *dh, const DH_METHOD *meth)
-	{
-	/* NB: The caller is specifically setting a method, so it's not up to us
-	 * to deal with which ENGINE it comes from. */
-        const DH_METHOD *mtmp;
-        mtmp = dh->meth;
-        if (mtmp->finish) mtmp->finish(dh);
-#ifndef OPENSSL_NO_ENGINE
-	if (dh->engine)
-		{
-		ENGINE_finish(dh->engine);
-		dh->engine = NULL;
-		}
-#endif
-        dh->meth = meth;
-        if (meth->init) meth->init(dh);
-        return 1;
-	}
-
-DH *DH_new(void)
-	{
-	return DH_new_method(NULL);
-	}
-
-DH *DH_new_method(ENGINE *engine)
-	{
-	DH *ret;
-
-	ret=(DH *)OPENSSL_malloc(sizeof(DH));
-	if (ret == NULL)
-		{
-		DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-
-	ret->meth = DH_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-	if (engine)
-		{
-		if (!ENGINE_init(engine))
-			{
-			DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-			OPENSSL_free(ret);
-			return NULL;
-			}
-		ret->engine = engine;
-		}
-	else
-		ret->engine = ENGINE_get_default_DH();
-	if(ret->engine)
-		{
-		ret->meth = ENGINE_get_DH(ret->engine);
-		if(!ret->meth)
-			{
-			DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			OPENSSL_free(ret);
-			return NULL;
-			}
-		}
-#endif
-
-	ret->pad=0;
-	ret->version=0;
-	ret->p=NULL;
-	ret->g=NULL;
-	ret->length=0;
-	ret->pub_key=NULL;
-	ret->priv_key=NULL;
-	ret->q=NULL;
-	ret->j=NULL;
-	ret->seed = NULL;
-	ret->seedlen = 0;
-	ret->counter = NULL;
-	ret->method_mont_p=NULL;
-	ret->references = 1;
-	ret->flags=ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
-
-void DH_free(DH *r)
-	{
-	int i;
-	if(r == NULL) return;
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-	REF_PRINT("DH",r);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"DH_free, bad reference count\n");
-		abort();
-	}
-#endif
-
-	if (r->meth->finish)
-		r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
-
-	if (r->p != NULL) BN_clear_free(r->p);
-	if (r->g != NULL) BN_clear_free(r->g);
-	if (r->q != NULL) BN_clear_free(r->q);
-	if (r->j != NULL) BN_clear_free(r->j);
-	if (r->seed) OPENSSL_free(r->seed);
-	if (r->counter != NULL) BN_clear_free(r->counter);
-	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
-	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
-	OPENSSL_free(r);
-	}
-
-int DH_up_ref(DH *r)
-	{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-	REF_PRINT("DH",r);
-#endif
-#ifdef REF_CHECK
-	if (i < 2)
-		{
-		fprintf(stderr, "DH_up, bad reference count\n");
-		abort();
-		}
-#endif
-	return ((i > 1) ? 1 : 0);
-	}
-
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
-				new_func, dup_func, free_func);
-        }
-
-int DH_set_ex_data(DH *d, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
-	}
-
-void *DH_get_ex_data(DH *d, int idx)
-	{
-	return(CRYPTO_get_ex_data(&d->ex_data,idx));
-	}
-
-int DH_size(const DH *dh)
-	{
-	return(BN_num_bytes(dh->p));
-	}
diff --git a/crypto/openssl/crypto/dh/dhtest.c b/crypto/openssl/crypto/dh/dhtest.c
deleted file mode 100644
index 27237741da06..000000000000
--- a/crypto/openssl/crypto/dh/dhtest.c
+++ /dev/null
@@ -1,219 +0,0 @@
-/* crypto/dh/dhtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_SYS_WINDOWS
-#include "../bio/bss_file.c" 
-#endif
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#ifdef OPENSSL_NO_DH
-int main(int argc, char *argv[])
-{
-    printf("No DH support\n");
-    return(0);
-}
-#else
-#include <openssl/dh.h>
-
-#ifdef OPENSSL_SYS_WIN16
-#define MS_CALLBACK	_far _loadds
-#else
-#define MS_CALLBACK
-#endif
-
-static void MS_CALLBACK cb(int p, int n, void *arg);
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#include "bss_file.c"
-#endif
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-	{
-	DH *a;
-	DH *b=NULL;
-	char buf[12];
-	unsigned char *abuf=NULL,*bbuf=NULL;
-	int i,alen,blen,aout,bout,ret=1;
-	BIO *out;
-
-	CRYPTO_malloc_debug_init();
-	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-#ifdef OPENSSL_SYS_WIN32
-	CRYPTO_malloc_init();
-#endif
-
-	RAND_seed(rnd_seed, sizeof rnd_seed);
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) EXIT(1);
-	BIO_set_fp(out,stdout,BIO_NOCLOSE);
-
-	a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
-	if (a == NULL) goto err;
-
-	if (!DH_check(a, &i)) goto err;
-	if (i & DH_CHECK_P_NOT_PRIME)
-		BIO_puts(out, "p value is not prime\n");
-	if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-		BIO_puts(out, "p value is not a safe prime\n");
-	if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-		BIO_puts(out, "unable to check the generator value\n");
-	if (i & DH_NOT_SUITABLE_GENERATOR)
-		BIO_puts(out, "the g value is not a generator\n");
-
-	BIO_puts(out,"\np    =");
-	BN_print(out,a->p);
-	BIO_puts(out,"\ng    =");
-	BN_print(out,a->g);
-	BIO_puts(out,"\n");
-
-	b=DH_new();
-	if (b == NULL) goto err;
-
-	b->p=BN_dup(a->p);
-	b->g=BN_dup(a->g);
-	if ((b->p == NULL) || (b->g == NULL)) goto err;
-
-	if (!DH_generate_key(a)) goto err;
-	BIO_puts(out,"pri 1=");
-	BN_print(out,a->priv_key);
-	BIO_puts(out,"\npub 1=");
-	BN_print(out,a->pub_key);
-	BIO_puts(out,"\n");
-
-	if (!DH_generate_key(b)) goto err;
-	BIO_puts(out,"pri 2=");
-	BN_print(out,b->priv_key);
-	BIO_puts(out,"\npub 2=");
-	BN_print(out,b->pub_key);
-	BIO_puts(out,"\n");
-
-	alen=DH_size(a);
-	abuf=(unsigned char *)OPENSSL_malloc(alen);
-	aout=DH_compute_key(abuf,b->pub_key,a);
-
-	BIO_puts(out,"key1 =");
-	for (i=0; i<aout; i++)
-		{
-		sprintf(buf,"%02X",abuf[i]);
-		BIO_puts(out,buf);
-		}
-	BIO_puts(out,"\n");
-
-	blen=DH_size(b);
-	bbuf=(unsigned char *)OPENSSL_malloc(blen);
-	bout=DH_compute_key(bbuf,a->pub_key,b);
-
-	BIO_puts(out,"key2 =");
-	for (i=0; i<bout; i++)
-		{
-		sprintf(buf,"%02X",bbuf[i]);
-		BIO_puts(out,buf);
-		}
-	BIO_puts(out,"\n");
-	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
-		{
-		fprintf(stderr,"Error in DH routines\n");
-		ret=1;
-		}
-	else
-		ret=0;
-err:
-	ERR_print_errors_fp(stderr);
-
-	if (abuf != NULL) OPENSSL_free(abuf);
-	if (bbuf != NULL) OPENSSL_free(bbuf);
-	if(b != NULL) DH_free(b);
-	if(a != NULL) DH_free(a);
-	BIO_free(out);
-	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_state(0);
-	CRYPTO_mem_leaks_fp(stderr);
-	EXIT(ret);
-	return(ret);
-	}
-
-static void MS_CALLBACK cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#endif
diff --git a/crypto/openssl/crypto/dh/example b/crypto/openssl/crypto/dh/example
deleted file mode 100644
index 16a33d2910f1..000000000000
--- a/crypto/openssl/crypto/dh/example
+++ /dev/null
@@ -1,50 +0,0 @@
-From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
-Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
-  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
-Received: by minbne.mincom.oz.au id AA19958
-  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
-Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
-          Wed, 27 Sep 1995 19:13:05 +1000
-Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
-          Wed, 27 Sep 1995 04:48:46 -0400
-Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
-Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
-Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
-          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
-          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
-Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
-          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
-Date: Mon, 25 Sep 1995 17:50:51 -0700
-From: Phil Karn <karn@qualcomm.com>
-Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
-To: cypherpunks@toad.com, ipsec-dev@eit.com
-Subject: Primality verification needed
-Sender: owner-cypherpunks@toad.com
-Precedence: bulk
-Status: RO
-X-Status: 
-
-Hi. I've generated a 2047-bit "strong" prime number that I would like to
-use with Diffie-Hellman key exchange. I assert that not only is this number
-'p' prime, but so is (p-1)/2.
-
-I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
-1.3.2 to test this number. This function uses the Miller-Rabin primality test.
-However, to increase my confidence that this number really is a strong prime,
-I'd like to ask others to confirm it with other tests. Here's the number in hex:
-
-72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
-fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
-a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
-fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
-3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
-ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
-56a05180c3bec7ddd5ef6fe76b1f717b
-
-The generator, g, for this prime is 2.
-
-Thanks!
-
-Phil Karn
-
-
diff --git a/crypto/openssl/crypto/dh/generate b/crypto/openssl/crypto/dh/generate
deleted file mode 100644
index 5d407231df5b..000000000000
--- a/crypto/openssl/crypto/dh/generate
+++ /dev/null
@@ -1,65 +0,0 @@
-From: stewarts@ix.netcom.com (Bill Stewart)
-Newsgroups: sci.crypt
-Subject: Re: Diffie-Hellman key exchange
-Date: Wed, 11 Oct 1995 23:08:28 GMT
-Organization: Freelance Information Architect
-Lines: 32
-Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
-References: <458rhn$76m$1@mhadf.production.compuserve.com>
-NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
-X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
-X-Newsreader: Forte Free Agent 1.0.82
-
-Kent Briggs <72124.3234@CompuServe.COM> wrote:
-
->I have a copy of the 1976 IEEE article describing the
->Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
->looking for sources that give examples of secure a,q pairs and
->possible some source code that I could examine.
-
-q should be prime, and ideally should be a "strong prime",
-which means it's of the form 2n+1 where n is also prime.
-q also needs to be long enough to prevent the attacks LaMacchia and
-Odlyzko described (some variant on a factoring attack which generates
-a large pile of simultaneous equations and then solves them);
-long enough is about the same size as factoring, so 512 bits may not
-be secure enough for most applications.  (The 192 bits used by
-"secure NFS" was certainly not long enough.)
-
-a should be a generator for q, which means it needs to be
-relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
-work.  
-
-....
-
-Date: Tue, 26 Sep 1995 13:52:36 MST
-From: "Richard Schroeppel" <rcs@cs.arizona.edu>
-To: karn
-Cc: ho@cs.arizona.edu
-Subject: random large primes
-
-Since your prime is really random, proving it is hard.
-My personal limit on rigorously proved primes is ~350 digits.
-If you really want a proof, we should talk to Francois Morain,
-or the Australian group.
-
-If you want 2 to be a generator (mod P), then you need it
-to be a non-square.  If (P-1)/2 is also prime, then
-non-square == primitive-root for bases << P.
-
-In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
-If you want this, you should restrict your sieve accordingly.
-
-3 is a generator iff P = 5 (mod 12).
-
-5 is a generator iff P = 3 or 7 (mod 10).
-
-2 is perfectly usable as a base even if it's a non-generator, since
-it still covers half the space of possible residues.  And an
-eavesdropper can always determine the low-bit of your exponent for
-a generator anyway.
-
-Rich  rcs@cs.arizona.edu
-
-
-
diff --git a/crypto/openssl/crypto/dh/p1024.c b/crypto/openssl/crypto/dh/p1024.c
deleted file mode 100644
index 368ceca4eb06..000000000000
--- a/crypto/openssl/crypto/dh/p1024.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/dh/p1024.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
-	0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
-	0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
-	0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
-	0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
-	0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
-	0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
-	0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
-	0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
-	0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
-	0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
-	0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
-	0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
-	0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
-	0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
-	0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
-	};
-
-main()
-	{
-	DH *dh;
-
-	dh=DH_new();
-	dh->p=BN_bin2bn(data,sizeof(data),NULL);
-	dh->g=BN_new();
-	BN_set_word(dh->g,2);
-	PEM_write_DHparams(stdout,dh);
-	}
diff --git a/crypto/openssl/crypto/dh/p192.c b/crypto/openssl/crypto/dh/p192.c
deleted file mode 100644
index 7bdf40410eb0..000000000000
--- a/crypto/openssl/crypto/dh/p192.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/dh/p192.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[]={
-0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
-0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
-0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
-	};
-
-main()
-	{
-	DH *dh;
-
-	dh=DH_new();
-	dh->p=BN_bin2bn(data,sizeof(data),NULL);
-	dh->g=BN_new();
-	BN_set_word(dh->g,3);
-	PEM_write_DHparams(stdout,dh);
-	}
diff --git a/crypto/openssl/crypto/dh/p512.c b/crypto/openssl/crypto/dh/p512.c
deleted file mode 100644
index a9b6aa83f034..000000000000
--- a/crypto/openssl/crypto/dh/p512.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/dh/p512.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[]={
-0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
-0xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
-0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
-0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
-0x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
-0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
-0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
-0xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
-	};
-
-main()
-	{
-	DH *dh;
-
-	dh=DH_new();
-	dh->p=BN_bin2bn(data,sizeof(data),NULL);
-	dh->g=BN_new();
-	BN_set_word(dh->g,2);
-	PEM_write_DHparams(stdout,dh);
-	}
diff --git a/crypto/openssl/crypto/dsa/Makefile.save b/crypto/openssl/crypto/dsa/Makefile.save
deleted file mode 100644
index 1dfdb2d76922..000000000000
--- a/crypto/openssl/crypto/dsa/Makefile.save
+++ /dev/null
@@ -1,154 +0,0 @@
-#
-# SSLeay/crypto/dsa/Makefile
-#
-
-DIR=	dsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=dsatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
-	dsa_err.c dsa_ossl.c
-LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
-	dsa_err.o dsa_ossl.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_asn1.o: ../../include/openssl/opensslconf.h
-dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_asn1.o: ../cryptlib.h
-dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/err.h
-dsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_gen.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dsa_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_lib.o: ../cryptlib.h
-dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_sign.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dsa_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_vrf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_vrf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_vrf.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/dsa/Makefile.ssl b/crypto/openssl/crypto/dsa/Makefile.ssl
deleted file mode 100644
index 08e692dc2ddf..000000000000
--- a/crypto/openssl/crypto/dsa/Makefile.ssl
+++ /dev/null
@@ -1,177 +0,0 @@
-#
-# SSLeay/crypto/dsa/Makefile
-#
-
-DIR=	dsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=dsatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
-	dsa_err.c dsa_ossl.c
-LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
-	dsa_err.o dsa_ossl.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_asn1.o: ../../include/openssl/opensslconf.h
-dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
-dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_err.o: dsa_err.c
-dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h
-dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c
-dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_key.o: ../cryptlib.h dsa_key.c
-dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
-dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_ossl.o: ../../include/openssl/opensslconf.h
-dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dsa_ossl.o: ../cryptlib.h dsa_ossl.c
-dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_sign.o: ../../include/openssl/opensslconf.h
-dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dsa_sign.o: ../cryptlib.h dsa_sign.c
-dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/crypto/openssl/crypto/dsa/README b/crypto/openssl/crypto/dsa/README
deleted file mode 100644
index 6a7e9c170add..000000000000
--- a/crypto/openssl/crypto/dsa/README
+++ /dev/null
@@ -1,4 +0,0 @@
-The stuff in here is based on patches supplied to me by
-Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
-I have since modified a them a little but a debt of gratitude
-is due for doing the initial work.
diff --git a/crypto/openssl/crypto/dsa/dsa.h b/crypto/openssl/crypto/dsa/dsa.h
deleted file mode 100644
index 9b3baadf2c49..000000000000
--- a/crypto/openssl/crypto/dsa/dsa.h
+++ /dev/null
@@ -1,250 +0,0 @@
-/* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-#define HEADER_DSA_H
-
-#ifdef OPENSSL_NO_DSA
-#error DSA is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#define DSA_FLAG_CACHE_MONT_P	0x01
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct dsa_st DSA;
-
-typedef struct DSA_SIG_st
-	{
-	BIGNUM *r;
-	BIGNUM *s;
-	} DSA_SIG;
-
-typedef struct dsa_method {
-	const char *name;
-	DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-								BIGNUM **rp);
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-							DSA_SIG *sig, DSA *dsa);
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-			BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *in_mont);
-	int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(DSA *dsa);
-	int (*finish)(DSA *dsa);
-	int flags;
-	char *app_data;
-} DSA_METHOD;
-
-struct dsa_st
-	{
-	/* This first variable is used to pick up errors where
-	 * a DSA is passed instead of of a EVP_PKEY */
-	int pad;
-	long version;
-	int write_params;
-	BIGNUM *p;
-	BIGNUM *q;	/* == 20 */
-	BIGNUM *g;
-
-	BIGNUM *pub_key;  /* y public key */
-	BIGNUM *priv_key; /* x private key */
-
-	BIGNUM *kinv;	/* Signing pre-calc */
-	BIGNUM *r;	/* Signing pre-calc */
-
-	int flags;
-	/* Normally used to cache montgomery values */
-	char *method_mont_p;
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	};
-
-#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
-		(char *(*)())d2i_DSAparams,(char *)(x))
-#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
-		(unsigned char *)(x))
-
-
-DSA_SIG * DSA_SIG_new(void);
-void	DSA_SIG_free(DSA_SIG *a);
-int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
-int	DSA_do_verify(const unsigned char *dgst,int dgst_len,
-		      DSA_SIG *sig,DSA *dsa);
-
-const DSA_METHOD *DSA_OpenSSL(void);
-
-void	DSA_set_default_method(const DSA_METHOD *);
-const DSA_METHOD *DSA_get_default_method(void);
-int	DSA_set_method(DSA *dsa, const DSA_METHOD *);
-
-DSA *	DSA_new(void);
-DSA *	DSA_new_method(ENGINE *engine);
-void	DSA_free (DSA *r);
-/* "up" the DSA object's reference count */
-int	DSA_up_ref(DSA *r);
-int	DSA_size(const DSA *);
-	/* next 4 return -1 on error */
-int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int	DSA_sign(int type,const unsigned char *dgst,int dlen,
-		unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int	DSA_verify(int type,const unsigned char *dgst,int dgst_len,
-		const unsigned char *sigbuf, int siglen, DSA *dsa);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-DSA *	d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-DSA *	d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-DSA * 	d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-DSA *	DSA_generate_parameters(int bits,
-		unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret,void
-		(*callback)(int, int, void *),void *cb_arg);
-int	DSA_generate_key(DSA *a);
-int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-int	i2d_DSAparams(const DSA *a,unsigned char **pp);
-
-#ifndef OPENSSL_NO_BIO
-int	DSAparams_print(BIO *bp, const DSA *x);
-int	DSA_print(BIO *bp, const DSA *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int	DSAparams_print_fp(FILE *fp, const DSA *x);
-int	DSA_print_fp(FILE *bp, const DSA *x, int off);
-#endif
-
-#define DSS_prime_checks 50
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
- * 50 rounds of Rabin-Miller */
-#define DSA_is_prime(n, callback, cb_arg) \
-	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-#ifndef OPENSSL_NO_DH
-/* Convert DSA structure (key or just parameters) into DH structure
- * (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(const DSA *r);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSA_strings(void);
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-#define DSA_F_D2I_DSA_SIG				 110
-#define DSA_F_DSAPARAMS_PRINT				 100
-#define DSA_F_DSAPARAMS_PRINT_FP			 101
-#define DSA_F_DSA_DO_SIGN				 112
-#define DSA_F_DSA_DO_VERIFY				 113
-#define DSA_F_DSA_NEW_METHOD				 103
-#define DSA_F_DSA_PRINT					 104
-#define DSA_F_DSA_PRINT_FP				 105
-#define DSA_F_DSA_SIGN					 106
-#define DSA_F_DSA_SIGN_SETUP				 107
-#define DSA_F_DSA_SIG_NEW				 109
-#define DSA_F_DSA_VERIFY				 108
-#define DSA_F_I2D_DSA_SIG				 111
-#define DSA_F_SIG_CB					 114
-
-/* Reason codes. */
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
-#define DSA_R_MISSING_PARAMETERS			 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/dsa/dsa_asn1.c b/crypto/openssl/crypto/dsa/dsa_asn1.c
deleted file mode 100644
index 23fce555aa40..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* dsa_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Override the default new methods */
-static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_NEW_PRE) {
-		DSA_SIG *sig;
-		sig = OPENSSL_malloc(sizeof(DSA_SIG));
-		sig->r = NULL;
-		sig->s = NULL;
-		*pval = (ASN1_VALUE *)sig;
-		if(sig) return 2;
-		DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
-	ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
-	ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
-} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
-
-/* Override the default free and new methods */
-static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)DSA_new();
-		if(*pval) return 2;
-		return 0;
-	} else if(operation == ASN1_OP_FREE_PRE) {
-		DSA_free((DSA *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
-	ASN1_SIMPLE(DSA, version, LONG),
-	ASN1_SIMPLE(DSA, p, BIGNUM),
-	ASN1_SIMPLE(DSA, q, BIGNUM),
-	ASN1_SIMPLE(DSA, g, BIGNUM),
-	ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-	ASN1_SIMPLE(DSA, priv_key, BIGNUM)
-} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
-
-ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
-	ASN1_SIMPLE(DSA, p, BIGNUM),
-	ASN1_SIMPLE(DSA, q, BIGNUM),
-	ASN1_SIMPLE(DSA, g, BIGNUM),
-} ASN1_SEQUENCE_END_cb(DSA, DSAparams)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
-
-/* DSA public key is a bit trickier... its effectively a CHOICE type
- * decided by a field called write_params which can either write out
- * just the public key as an INTEGER or the parameters and public key
- * in a SEQUENCE
- */
-
-ASN1_SEQUENCE(dsa_pub_internal) = {
-	ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-	ASN1_SIMPLE(DSA, p, BIGNUM),
-	ASN1_SIMPLE(DSA, q, BIGNUM),
-	ASN1_SIMPLE(DSA, g, BIGNUM)
-} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal)
-
-ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
-	ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-	ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
-} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
diff --git a/crypto/openssl/crypto/dsa/dsa_err.c b/crypto/openssl/crypto/dsa/dsa_err.c
deleted file mode 100644
index 79aa4ff526c4..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/dsa/dsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA DSA_str_functs[]=
-	{
-{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0),	"d2i_DSA_SIG"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),	"DSAparams_print"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0),	"DSAparams_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0),	"DSA_do_sign"},
-{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0),	"DSA_do_verify"},
-{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0),	"DSA_new_method"},
-{ERR_PACK(0,DSA_F_DSA_PRINT,0),	"DSA_print"},
-{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0),	"DSA_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_SIGN,0),	"DSA_sign"},
-{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0),	"DSA_sign_setup"},
-{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0),	"DSA_SIG_new"},
-{ERR_PACK(0,DSA_F_DSA_VERIFY,0),	"DSA_verify"},
-{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0),	"i2d_DSA_SIG"},
-{ERR_PACK(0,DSA_F_SIG_CB,0),	"SIG_CB"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA DSA_str_reasons[]=
-	{
-{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
-{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_DSA_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
-		ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/dsa/dsa_gen.c b/crypto/openssl/crypto/dsa/dsa_gen.c
deleted file mode 100644
index dc9c24931033..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,296 +0,0 @@
-/* crypto/dsa/dsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/* Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
-#define HASH    EVP_sha()
-#else
-/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
- * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
- * FIPS PUB 180-1) */
-#define HASH    EVP_sha1()
-#endif 
-
-#ifndef OPENSSL_NO_SHA
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-DSA *DSA_generate_parameters(int bits,
-		unsigned char *seed_in, int seed_len,
-		int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *),
-		void *cb_arg)
-	{
-	int ok=0;
-	unsigned char seed[SHA_DIGEST_LENGTH];
-	unsigned char md[SHA_DIGEST_LENGTH];
-	unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
-	BIGNUM *r0,*W,*X,*c,*test;
-	BIGNUM *g=NULL,*q=NULL,*p=NULL;
-	BN_MONT_CTX *mont=NULL;
-	int k,n=0,i,b,m=0;
-	int counter=0;
-	int r=0;
-	BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
-	unsigned int h=2;
-	DSA *ret=NULL;
-
-	if (bits < 512) bits=512;
-	bits=(bits+63)/64*64;
-
-	if (seed_len < 20)
-		seed_in = NULL; /* seed buffer too small -- ignore */
-	if (seed_len > 20) 
-		seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
-		                * but our internal buffers are restricted to 160 bits*/
-	if ((seed_in != NULL) && (seed_len == 20))
-		memcpy(seed,seed_in,seed_len);
-
-	if ((ctx=BN_CTX_new()) == NULL) goto err;
-	if ((ctx2=BN_CTX_new()) == NULL) goto err;
-	if ((ctx3=BN_CTX_new()) == NULL) goto err;
-	if ((ret=DSA_new()) == NULL) goto err;
-
-	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-
-	BN_CTX_start(ctx2);
-	r0 = BN_CTX_get(ctx2);
-	g = BN_CTX_get(ctx2);
-	W = BN_CTX_get(ctx2);
-	q = BN_CTX_get(ctx2);
-	X = BN_CTX_get(ctx2);
-	c = BN_CTX_get(ctx2);
-	p = BN_CTX_get(ctx2);
-	test = BN_CTX_get(ctx2);
-
-	BN_lshift(test,BN_value_one(),bits-1);
-
-	for (;;)
-		{
-		for (;;) /* find q */
-			{
-			int seed_is_random;
-
-			/* step 1 */
-			if (callback != NULL) callback(0,m++,cb_arg);
-
-			if (!seed_len)
-				{
-				RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH);
-				seed_is_random = 1;
-				}
-			else
-				{
-				seed_is_random = 0;
-				seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
-				}
-			memcpy(buf,seed,SHA_DIGEST_LENGTH);
-			memcpy(buf2,seed,SHA_DIGEST_LENGTH);
-			/* precompute "SEED + 1" for step 7: */
-			for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
-				{
-				buf[i]++;
-				if (buf[i] != 0) break;
-				}
-
-			/* step 2 */
-			EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
-			EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL);
-			for (i=0; i<SHA_DIGEST_LENGTH; i++)
-				md[i]^=buf2[i];
-
-			/* step 3 */
-			md[0]|=0x80;
-			md[SHA_DIGEST_LENGTH-1]|=0x01;
-			if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
-
-			/* step 4 */
-			r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
-			if (r > 0)
-				break;
-			if (r != 0)
-				goto err;
-
-			/* do a callback call */
-			/* step 5 */
-			}
-
-		if (callback != NULL) callback(2,0,cb_arg);
-		if (callback != NULL) callback(3,0,cb_arg);
-
-		/* step 6 */
-		counter=0;
-		/* "offset = 2" */
-
-		n=(bits-1)/160;
-		b=(bits-1)-n*160;
-
-		for (;;)
-			{
-			if (callback != NULL && counter != 0)
-				callback(0,counter,cb_arg);
-
-			/* step 7 */
-			BN_zero(W);
-			/* now 'buf' contains "SEED + offset - 1" */
-			for (k=0; k<=n; k++)
-				{
-				/* obtain "SEED + offset + k" by incrementing: */
-				for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
-					{
-					buf[i]++;
-					if (buf[i] != 0) break;
-					}
-
-				EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
-
-				/* step 8 */
-				if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
-					goto err;
-				BN_lshift(r0,r0,160*k);
-				BN_add(W,W,r0);
-				}
-
-			/* more of step 8 */
-			BN_mask_bits(W,bits-1);
-			BN_copy(X,W); /* this should be ok */
-			BN_add(X,X,test); /* this should be ok */
-
-			/* step 9 */
-			BN_lshift1(r0,q);
-			BN_mod(c,X,r0,ctx);
-			BN_sub(r0,c,BN_value_one());
-			BN_sub(p,X,r0);
-
-			/* step 10 */
-			if (BN_cmp(p,test) >= 0)
-				{
-				/* step 11 */
-				r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
-				if (r > 0)
-						goto end; /* found it */
-				if (r != 0)
-					goto err;
-				}
-
-			/* step 13 */
-			counter++;
-			/* "offset = offset + n + 1" */
-
-			/* step 14 */
-			if (counter >= 4096) break;
-			}
-		}
-end:
-	if (callback != NULL) callback(2,1,cb_arg);
-
-	/* We now need to generate g */
-	/* Set r0=(p-1)/q */
-	BN_sub(test,p,BN_value_one());
-	BN_div(r0,NULL,test,q,ctx);
-
-	BN_set_word(test,h);
-	BN_MONT_CTX_set(mont,p,ctx);
-
-	for (;;)
-		{
-		/* g=test^r0%p */
-		BN_mod_exp_mont(g,test,r0,p,ctx,mont);
-		if (!BN_is_one(g)) break;
-		BN_add(test,test,BN_value_one());
-		h++;
-		}
-
-	if (callback != NULL) callback(3,1,cb_arg);
-
-	ok=1;
-err:
-	if (!ok)
-		{
-		if (ret != NULL) DSA_free(ret);
-		}
-	else
-		{
-		ret->p=BN_dup(p);
-		ret->q=BN_dup(q);
-		ret->g=BN_dup(g);
-		if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
-		if (counter_ret != NULL) *counter_ret=counter;
-		if (h_ret != NULL) *h_ret=h;
-		}
-	if (ctx != NULL) BN_CTX_free(ctx);
-	if (ctx2 != NULL)
-		{
-		BN_CTX_end(ctx2);
-		BN_CTX_free(ctx2);
-		}
-	if (ctx3 != NULL) BN_CTX_free(ctx3);
-	if (mont != NULL) BN_MONT_CTX_free(mont);
-	return(ok?ret:NULL);
-	}
-#endif
diff --git a/crypto/openssl/crypto/dsa/dsa_key.c b/crypto/openssl/crypto/dsa/dsa_key.c
deleted file mode 100644
index ef87c3e6372e..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/dsa/dsa_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SHA
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-
-int DSA_generate_key(DSA *dsa)
-	{
-	int ok=0;
-	BN_CTX *ctx=NULL;
-	BIGNUM *pub_key=NULL,*priv_key=NULL;
-
-	if ((ctx=BN_CTX_new()) == NULL) goto err;
-
-	if (dsa->priv_key == NULL)
-		{
-		if ((priv_key=BN_new()) == NULL) goto err;
-		}
-	else
-		priv_key=dsa->priv_key;
-
-	do
-		if (!BN_rand_range(priv_key,dsa->q)) goto err;
-	while (BN_is_zero(priv_key));
-
-	if (dsa->pub_key == NULL)
-		{
-		if ((pub_key=BN_new()) == NULL) goto err;
-		}
-	else
-		pub_key=dsa->pub_key;
-
-	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
-
-	dsa->priv_key=priv_key;
-	dsa->pub_key=pub_key;
-	ok=1;
-
-err:
-	if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
-	if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
-	if (ctx != NULL) BN_CTX_free(ctx);
-	return(ok);
-	}
-#endif
diff --git a/crypto/openssl/crypto/dsa/dsa_lib.c b/crypto/openssl/crypto/dsa/dsa_lib.c
deleted file mode 100644
index 4171af24c6cd..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* crypto/dsa/dsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
-
-static const DSA_METHOD *default_DSA_method = NULL;
-
-void DSA_set_default_method(const DSA_METHOD *meth)
-	{
-	default_DSA_method = meth;
-	}
-
-const DSA_METHOD *DSA_get_default_method(void)
-	{
-	if(!default_DSA_method)
-		default_DSA_method = DSA_OpenSSL();
-	return default_DSA_method;
-	}
-
-DSA *DSA_new(void)
-	{
-	return DSA_new_method(NULL);
-	}
-
-int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
-	{
-	/* NB: The caller is specifically setting a method, so it's not up to us
-	 * to deal with which ENGINE it comes from. */
-        const DSA_METHOD *mtmp;
-        mtmp = dsa->meth;
-        if (mtmp->finish) mtmp->finish(dsa);
-#ifndef OPENSSL_NO_ENGINE
-	if (dsa->engine)
-		{
-		ENGINE_finish(dsa->engine);
-		dsa->engine = NULL;
-		}
-#endif
-        dsa->meth = meth;
-        if (meth->init) meth->init(dsa);
-        return 1;
-	}
-
-DSA *DSA_new_method(ENGINE *engine)
-	{
-	DSA *ret;
-
-	ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
-	if (ret == NULL)
-		{
-		DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->meth = DSA_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-	if (engine)
-		{
-		if (!ENGINE_init(engine))
-			{
-			DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			OPENSSL_free(ret);
-			return NULL;
-			}
-		ret->engine = engine;
-		}
-	else
-		ret->engine = ENGINE_get_default_DSA();
-	if(ret->engine)
-		{
-		ret->meth = ENGINE_get_DSA(ret->engine);
-		if(!ret->meth)
-			{
-			DSAerr(DSA_F_DSA_NEW_METHOD,
-				ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			OPENSSL_free(ret);
-			return NULL;
-			}
-		}
-#endif
-
-	ret->pad=0;
-	ret->version=0;
-	ret->write_params=1;
-	ret->p=NULL;
-	ret->q=NULL;
-	ret->g=NULL;
-
-	ret->pub_key=NULL;
-	ret->priv_key=NULL;
-
-	ret->kinv=NULL;
-	ret->r=NULL;
-	ret->method_mont_p=NULL;
-
-	ret->references=1;
-	ret->flags=ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-	
-	return(ret);
-	}
-
-void DSA_free(DSA *r)
-	{
-	int i;
-
-	if (r == NULL) return;
-
-	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
-#ifdef REF_PRINT
-	REF_PRINT("DSA",r);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"DSA_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	if(r->meth->finish)
-		r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-	if(r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
-
-	if (r->p != NULL) BN_clear_free(r->p);
-	if (r->q != NULL) BN_clear_free(r->q);
-	if (r->g != NULL) BN_clear_free(r->g);
-	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
-	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
-	if (r->kinv != NULL) BN_clear_free(r->kinv);
-	if (r->r != NULL) BN_clear_free(r->r);
-	OPENSSL_free(r);
-	}
-
-int DSA_up_ref(DSA *r)
-	{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
-#ifdef REF_PRINT
-	REF_PRINT("DSA",r);
-#endif
-#ifdef REF_CHECK
-	if (i < 2)
-		{
-		fprintf(stderr, "DSA_up_ref, bad reference count\n");
-		abort();
-		}
-#endif
-	return ((i > 1) ? 1 : 0);
-	}
-
-int DSA_size(const DSA *r)
-	{
-	int ret,i;
-	ASN1_INTEGER bs;
-	unsigned char buf[4];	/* 4 bytes looks really small.
-				   However, i2d_ASN1_INTEGER() will not look
-				   beyond the first byte, as long as the second
-				   parameter is NULL. */
-
-	i=BN_num_bits(r->q);
-	bs.length=(i+7)/8;
-	bs.data=buf;
-	bs.type=V_ASN1_INTEGER;
-	/* If the top bit is set the asn1 encoding is 1 larger. */
-	buf[0]=0xff;	
-
-	i=i2d_ASN1_INTEGER(&bs,NULL);
-	i+=i; /* r and s */
-	ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
-	return(ret);
-	}
-
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
-				new_func, dup_func, free_func);
-        }
-
-int DSA_set_ex_data(DSA *d, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
-	}
-
-void *DSA_get_ex_data(DSA *d, int idx)
-	{
-	return(CRYPTO_get_ex_data(&d->ex_data,idx));
-	}
-
-#ifndef OPENSSL_NO_DH
-DH *DSA_dup_DH(const DSA *r)
-	{
-	/* DSA has p, q, g, optional pub_key, optional priv_key.
-	 * DH has p, optional length, g, optional pub_key, optional priv_key.
-	 */ 
-
-	DH *ret = NULL;
-
-	if (r == NULL)
-		goto err;
-	ret = DH_new();
-	if (ret == NULL)
-		goto err;
-	if (r->p != NULL) 
-		if ((ret->p = BN_dup(r->p)) == NULL)
-			goto err;
-	if (r->q != NULL)
-		ret->length = BN_num_bits(r->q);
-	if (r->g != NULL)
-		if ((ret->g = BN_dup(r->g)) == NULL)
-			goto err;
-	if (r->pub_key != NULL)
-		if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
-			goto err;
-	if (r->priv_key != NULL)
-		if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
-			goto err;
-
-	return ret;
-
- err:
-	if (ret != NULL)
-		DH_free(ret);
-	return NULL;
-	}
-#endif
diff --git a/crypto/openssl/crypto/dsa/dsa_ossl.c b/crypto/openssl/crypto/dsa/dsa_ossl.c
deleted file mode 100644
index 68d91dbe23bc..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_ossl.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* crypto/dsa/dsa_ossl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		  DSA *dsa);
-static int dsa_init(DSA *dsa);
-static int dsa_finish(DSA *dsa);
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-		BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *in_mont);
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx);
-
-static DSA_METHOD openssl_dsa_meth = {
-"OpenSSL DSA method",
-dsa_do_sign,
-dsa_sign_setup,
-dsa_do_verify,
-dsa_mod_exp,
-dsa_bn_mod_exp,
-dsa_init,
-dsa_finish,
-0,
-NULL
-};
-
-const DSA_METHOD *DSA_OpenSSL(void)
-{
-	return &openssl_dsa_meth;
-}
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-	{
-	BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
-	BIGNUM m;
-	BIGNUM xr;
-	BN_CTX *ctx=NULL;
-	int i,reason=ERR_R_BN_LIB;
-	DSA_SIG *ret=NULL;
-
-	BN_init(&m);
-	BN_init(&xr);
-
-	if (!dsa->p || !dsa->q || !dsa->g)
-		{
-		reason=DSA_R_MISSING_PARAMETERS;
-		goto err;
-		}
-
-	s=BN_new();
-	if (s == NULL) goto err;
-
-	i=BN_num_bytes(dsa->q); /* should be 20 */
-	if ((dlen > i) || (dlen > 50))
-		{
-		reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
-		goto err;
-		}
-
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-
-	if ((dsa->kinv == NULL) || (dsa->r == NULL))
-		{
-		if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
-		}
-	else
-		{
-		kinv=dsa->kinv;
-		dsa->kinv=NULL;
-		r=dsa->r;
-		dsa->r=NULL;
-		}
-
-	if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
-
-	/* Compute  s = inv(k) (m + xr) mod q */
-	if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
-	if (!BN_add(s, &xr, &m)) goto err;		/* s = m + xr */
-	if (BN_cmp(s,dsa->q) > 0)
-		BN_sub(s,s,dsa->q);
-	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
-
-	ret=DSA_SIG_new();
-	if (ret == NULL) goto err;
-	ret->r = r;
-	ret->s = s;
-	
-err:
-	if (!ret)
-		{
-		DSAerr(DSA_F_DSA_DO_SIGN,reason);
-		BN_free(r);
-		BN_free(s);
-		}
-	if (ctx != NULL) BN_CTX_free(ctx);
-	BN_clear_free(&m);
-	BN_clear_free(&xr);
-	if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
-	    BN_clear_free(kinv);
-	return(ret);
-	}
-
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-	{
-	BN_CTX *ctx;
-	BIGNUM k,*kinv=NULL,*r=NULL;
-	int ret=0;
-
-	if (!dsa->p || !dsa->q || !dsa->g)
-		{
-		DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
-		return 0;
-		}
-
-	BN_init(&k);
-
-	if (ctx_in == NULL)
-		{
-		if ((ctx=BN_CTX_new()) == NULL) goto err;
-		}
-	else
-		ctx=ctx_in;
-
-	if ((r=BN_new()) == NULL) goto err;
-	kinv=NULL;
-
-	/* Get random k */
-	do
-		if (!BN_rand_range(&k, dsa->q)) goto err;
-	while (BN_is_zero(&k));
-
-	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
-		{
-		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-				dsa->p,ctx)) goto err;
-		}
-
-	/* Compute r = (g^k mod p) mod q */
-	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
-		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
-	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
-
-	/* Compute  part of 's = inv(k) (m + xr) mod q' */
-	if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
-
-	if (*kinvp != NULL) BN_clear_free(*kinvp);
-	*kinvp=kinv;
-	kinv=NULL;
-	if (*rp != NULL) BN_clear_free(*rp);
-	*rp=r;
-	ret=1;
-err:
-	if (!ret)
-		{
-		DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
-		if (kinv != NULL) BN_clear_free(kinv);
-		if (r != NULL) BN_clear_free(r);
-		}
-	if (ctx_in == NULL) BN_CTX_free(ctx);
-	if (kinv != NULL) BN_clear_free(kinv);
-	BN_clear_free(&k);
-	return(ret);
-	}
-
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		  DSA *dsa)
-	{
-	BN_CTX *ctx;
-	BIGNUM u1,u2,t1;
-	BN_MONT_CTX *mont=NULL;
-	int ret = -1;
-	if (!dsa->p || !dsa->q || !dsa->g)
-		{
-		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS);
-		return -1;
-		}
-
-	BN_init(&u1);
-	BN_init(&u2);
-	BN_init(&t1);
-
-	if ((ctx=BN_CTX_new()) == NULL) goto err;
-
-	if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
-		{
-		ret = 0;
-		goto err;
-		}
-	if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
-		{
-		ret = 0;
-		goto err;
-		}
-
-	/* Calculate W = inv(S) mod Q
-	 * save W in u2 */
-	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
-
-	/* save M in u1 */
-	if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
-
-	/* u1 = M * w mod q */
-	if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
-
-	/* u2 = r * w mod q */
-	if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
-
-	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
-		{
-		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-				dsa->p,ctx)) goto err;
-		}
-	mont=(BN_MONT_CTX *)dsa->method_mont_p;
-
-#if 0
-	{
-	BIGNUM t2;
-
-	BN_init(&t2);
-	/* v = ( g^u1 * y^u2 mod p ) mod q */
-	/* let t1 = g ^ u1 mod p */
-	if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
-	/* let t2 = y ^ u2 mod p */
-	if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
-	/* let u1 = t1 * t2 mod p */
-	if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
-	BN_free(&t2);
-	}
-	/* let u1 = u1 mod q */
-	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
-#else
-	{
-	if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
-						dsa->p,ctx,mont)) goto err;
-	/* BN_copy(&u1,&t1); */
-	/* let u1 = u1 mod q */
-	if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
-	}
-#endif
-	/* V is now in u1.  If the signature is correct, it will be
-	 * equal to R. */
-	ret=(BN_ucmp(&u1, sig->r) == 0);
-
-	err:
-	if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
-	if (ctx != NULL) BN_CTX_free(ctx);
-	BN_free(&u1);
-	BN_free(&u2);
-	BN_free(&t1);
-	return(ret);
-	}
-
-static int dsa_init(DSA *dsa)
-{
-	dsa->flags|=DSA_FLAG_CACHE_MONT_P;
-	return(1);
-}
-
-static int dsa_finish(DSA *dsa)
-{
-	if(dsa->method_mont_p)
-		BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
-	return(1);
-}
-
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-		BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *in_mont)
-{
-	return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
-}
-	
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx)
-{
-	return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
diff --git a/crypto/openssl/crypto/dsa/dsa_sign.c b/crypto/openssl/crypto/dsa/dsa_sign.c
deleted file mode 100644
index 5cdc8ed8511b..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/dsa/dsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-	{
-	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
-	}
-
-int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-	     unsigned int *siglen, DSA *dsa)
-	{
-	DSA_SIG *s;
-	s=DSA_do_sign(dgst,dlen,dsa);
-	if (s == NULL)
-		{
-		*siglen=0;
-		return(0);
-		}
-	*siglen=i2d_DSA_SIG(s,&sig);
-	DSA_SIG_free(s);
-	return(1);
-	}
-
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-	{
-	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
-	}
-
diff --git a/crypto/openssl/crypto/dsa/dsa_vrf.c b/crypto/openssl/crypto/dsa/dsa_vrf.c
deleted file mode 100644
index fffb129f8f3b..000000000000
--- a/crypto/openssl/crypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* crypto/dsa/dsa_vrf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		  DSA *dsa)
-	{
-	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-	}
-
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-	     const unsigned char *sigbuf, int siglen, DSA *dsa)
-	{
-	DSA_SIG *s;
-	int ret=-1;
-
-	s = DSA_SIG_new();
-	if (s == NULL) return(ret);
-	if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
-	ret=DSA_do_verify(dgst,dgst_len,s,dsa);
-err:
-	DSA_SIG_free(s);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/dsa/dsagen.c b/crypto/openssl/crypto/dsa/dsagen.c
deleted file mode 100644
index 1b6a1cca0fec..000000000000
--- a/crypto/openssl/crypto/dsa/dsagen.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/dsa/dsagen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/dsa.h>
-
-#define TEST
-#define GENUINE_DSA
-
-#ifdef GENUINE_DSA
-#define LAST_VALUE 0xbd
-#else
-#define LAST_VALUE 0xd3
-#endif
-
-#ifdef TEST
-unsigned char seed[20]={
-	0xd5,0x01,0x4e,0x4b,
-	0x60,0xef,0x2b,0xa8,
-	0xb6,0x21,0x1b,0x40,
-	0x62,0xba,0x32,0x24,
-	0xe0,0x42,0x7d,LAST_VALUE};
-#endif
-
-int cb(int p, int n)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	printf("%c",c);
-	fflush(stdout);
-	}
-
-main()
-	{
-	int i;
-	BIGNUM *n;
-	BN_CTX *ctx;
-	unsigned char seed_buf[20];
-	DSA *dsa;
-	int counter,h;
-	BIO *bio_err=NULL;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	memcpy(seed_buf,seed,20);
-	dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
-
-	if (dsa == NULL)
-		DSA_print(bio_err,dsa,0);
-	}
-
diff --git a/crypto/openssl/crypto/dsa/dsatest.c b/crypto/openssl/crypto/dsa/dsatest.c
deleted file mode 100644
index d4d038ae6f1b..000000000000
--- a/crypto/openssl/crypto/dsa/dsatest.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/* crypto/dsa/dsatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include "../e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#ifdef OPENSSL_SYS_WINDOWS
-#include "../bio/bss_file.c"
-#endif
-
-#ifdef OPENSSL_NO_DSA
-int main(int argc, char *argv[])
-{
-    printf("No DSA support\n");
-    return(0);
-}
-#else
-#include <openssl/dsa.h>
-
-#ifdef OPENSSL_SYS_WIN16
-#define MS_CALLBACK     _far _loadds
-#else
-#define MS_CALLBACK
-#endif
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
-
-/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
- * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
-static unsigned char seed[20]={
-	0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
-	0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
-	};
-
-static unsigned char out_p[]={
-	0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
-	0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
-	0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
-	0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
-	0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
-	0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
-	0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
-	0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
-	};
-
-static unsigned char out_q[]={
-	0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
-	0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
-	0xda,0xce,0x91,0x5f,
-	};
-
-static unsigned char out_g[]={
-	0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
-	0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
-	0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
-	0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
-	0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
-	0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
-	0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
-	0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
-	};
-
-static const unsigned char str1[]="12345678901234567890";
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-static BIO *bio_err=NULL;
-
-int main(int argc, char **argv)
-	{
-	DSA *dsa=NULL;
-	int counter,ret=0,i,j;
-	unsigned char buf[256];
-	unsigned long h;
-	unsigned char sig[256];
-	unsigned int siglen;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	CRYPTO_malloc_debug_init();
-	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	ERR_load_crypto_strings();
-	RAND_seed(rnd_seed, sizeof rnd_seed);
-
-	BIO_printf(bio_err,"test generation of DSA parameters\n");
-
-	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
-
-	BIO_printf(bio_err,"seed\n");
-	for (i=0; i<20; i+=4)
-		{
-		BIO_printf(bio_err,"%02X%02X%02X%02X ",
-			seed[i],seed[i+1],seed[i+2],seed[i+3]);
-		}
-	BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
-		
-	if (dsa == NULL) goto end;
-	DSA_print(bio_err,dsa,0);
-	if (counter != 105) 
-		{
-		BIO_printf(bio_err,"counter should be 105\n");
-		goto end;
-		}
-	if (h != 2)
-		{
-		BIO_printf(bio_err,"h should be 2\n");
-		goto end;
-		}
-
-	i=BN_bn2bin(dsa->q,buf);
-	j=sizeof(out_q);
-	if ((i != j) || (memcmp(buf,out_q,i) != 0))
-		{
-		BIO_printf(bio_err,"q value is wrong\n");
-		goto end;
-		}
-
-	i=BN_bn2bin(dsa->p,buf);
-	j=sizeof(out_p);
-	if ((i != j) || (memcmp(buf,out_p,i) != 0))
-		{
-		BIO_printf(bio_err,"p value is wrong\n");
-		goto end;
-		}
-
-	i=BN_bn2bin(dsa->g,buf);
-	j=sizeof(out_g);
-	if ((i != j) || (memcmp(buf,out_g,i) != 0))
-		{
-		BIO_printf(bio_err,"g value is wrong\n");
-		goto end;
-		}
-	DSA_generate_key(dsa);
-	DSA_sign(0, str1, 20, sig, &siglen, dsa);
-	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
-		ret=1;
-end:
-	if (!ret)
-		ERR_print_errors(bio_err);
-	if (dsa != NULL) DSA_free(dsa);
-	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_state(0);
-	ERR_free_strings();
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL)
-		{
-		BIO_free(bio_err);
-		bio_err = NULL;
-		}
-	EXIT(!ret);
-	return(0);
-	}
-
-static int cb_exit(int ec)
-	{
-	EXIT(ec);
-	return(0);		/* To keep some compilers quiet */
-	}
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
-	{
-	char c='*';
-	static int ok=0,num=0;
-
-	if (p == 0) { c='.'; num++; };
-	if (p == 1) c='+';
-	if (p == 2) { c='*'; ok++; }
-	if (p == 3) c='\n';
-	BIO_write(arg,&c,1);
-	(void)BIO_flush(arg);
-
-	if (!ok && (p == 0) && (num > 1))
-		{
-		BIO_printf((BIO *)arg,"error in dsatest\n");
-		cb_exit(1);
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/dsa/fips186a.txt b/crypto/openssl/crypto/dsa/fips186a.txt
deleted file mode 100644
index 3a2e0a0d51a2..000000000000
--- a/crypto/openssl/crypto/dsa/fips186a.txt
+++ /dev/null
@@ -1,122 +0,0 @@
-The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
-examples.  This is an updated version that uses SHA-1 (FIPS 180-1)
-supplied to me by Wei Dai
---
-		     APPENDIX 5. EXAMPLE OF THE DSA
-
-
-This appendix is for informational purposes only and is not required to meet
-the standard.
-
-Let L = 512 (size of p).  The values in this example are expressed in
-hexadecimal notation.  The p and q given here were generated by the prime
-generation standard described in appendix 2 using the 160-bit SEED:
-
-          d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
-
-With this SEED, the algorithm found p and q when the counter was at 105.
-
-x was generated by the algorithm described in appendix 3, section 3.1, using
-the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
-
-XSEED =   
-
-	bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
-
-t =
-	67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
-
-x = G(t,XSEED) mod q
-
-k was generated by the algorithm described in appendix 3, section 3.2, using
-the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
-
-KSEED =
-
-	687a66d9 0648f993 867e121f 4ddf9ddb 01205584
-
-t =
-	EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
-
-k = G(t,KSEED) mod q
-
-Finally:
-
-h = 2
-
-p =
-	8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
-	cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
-	49693dfb f83724c2 ec0736ee 31c80291
-
-
-q =
-	c773218c 737ec8ee 993b4f2d ed30f48e dace915f
-
-
-g =
-	626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
-	3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
-	c42e9f6f 464b088c c572af53 e6d78802
-
-
-x =
-	2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
-
-
-k =
-	358dad57 1462710f 50e254cf 1a376b2b deaadfbf
-
-
-kinv = 
-
-	0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
-
-M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
-
-SHA(M) =  
-
-	a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
-
-
-y =
-
-	19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 
-	9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
-	858fba33 f44c0669 9630a76b 030ee333
-
-
-r =
-	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
-
-s =
-	41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
-
-
-w =
-	9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
-
-
-u1 =
-	bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
-
-
-u2 =
-	821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
-
-
-gu1 mod p =
-
-	51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
-	9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
-	6f96662a 1987a21b e4ec1071 010b6069
-
-
-yu2 mod p =
-
-	8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
-	5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 
-	c19441f4 22bf3c34 08aeba1f 0a4dbec7
-
-v =
-	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/crypto/openssl/crypto/dso/Makefile.save b/crypto/openssl/crypto/dso/Makefile.save
deleted file mode 100644
index 33630e0bbb25..000000000000
--- a/crypto/openssl/crypto/dso/Makefile.save
+++ /dev/null
@@ -1,141 +0,0 @@
-#
-# SSLeay/crypto/dso/Makefile
-#
-
-DIR=	dso
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
-	dso_openssl.c dso_win32.c dso_vms.c
-LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
-	dso_openssl.o dso_win32.o dso_vms.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dso.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dso_dl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_dl.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_dl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dso_dlfcn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_dlfcn.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_dlfcn.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dlfcn.o: ../../include/openssl/opensslconf.h
-dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_dlfcn.o: ../cryptlib.h
-dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-dso_err.o: ../../include/openssl/dso.h ../../include/openssl/err.h
-dso_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslv.h
-dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_err.o: ../../include/openssl/symhacks.h
-dso_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dso_null.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_null.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_null.o: ../../include/openssl/opensslconf.h
-dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_null.o: ../cryptlib.h
-dso_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_openssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_openssl.o: ../../include/openssl/opensslconf.h
-dso_openssl.o: ../../include/openssl/opensslv.h
-dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dso_vms.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_vms.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_vms.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dso_win32.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dso_win32.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-dso_win32.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_win32.o: ../../include/openssl/opensslconf.h
-dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_win32.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/dso/Makefile.ssl b/crypto/openssl/crypto/dso/Makefile.ssl
deleted file mode 100644
index 3d00363bb664..000000000000
--- a/crypto/openssl/crypto/dso/Makefile.ssl
+++ /dev/null
@@ -1,142 +0,0 @@
-#
-# SSLeay/crypto/dso/Makefile
-#
-
-DIR=	dso
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
-	dso_openssl.c dso_win32.c dso_vms.c
-LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
-	dso_openssl.o dso_win32.o dso_vms.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dso.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
-dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c
-dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
-dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dlfcn.o: ../../include/openssl/opensslconf.h
-dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c
-dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_err.o: ../../include/openssl/symhacks.h dso_err.c
-dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
-dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c
-dso_null.o: ../../e_os.h ../../include/openssl/bio.h
-dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_null.o: ../../include/openssl/opensslconf.h
-dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_null.o: ../cryptlib.h dso_null.c
-dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
-dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_openssl.o: ../../include/openssl/opensslconf.h
-dso_openssl.o: ../../include/openssl/opensslv.h
-dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
-dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
-dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c
-dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
-dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_win32.o: ../../include/openssl/opensslconf.h
-dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_win32.o: ../cryptlib.h dso_win32.c
diff --git a/crypto/openssl/crypto/dso/README b/crypto/openssl/crypto/dso/README
deleted file mode 100644
index d0bc9a89fbd4..000000000000
--- a/crypto/openssl/crypto/dso/README
+++ /dev/null
@@ -1,22 +0,0 @@
-NOTES
------
-
-I've checked out HPUX (well, version 11 at least) and shl_t is
-a pointer type so it's safe to use in the way it has been in
-dso_dl.c. On the other hand, HPUX11 support dlfcn too and
-according to their man page, prefer developers to move to that.
-I'll leave Richard's changes there as I guess dso_dl is needed
-for HPUX10.20.
-
-There is now a callback scheme in place where filename conversion can
-(a) be turned off altogether through the use of the
-    DSO_FLAG_NO_NAME_TRANSLATION flag,
-(b) be handled by default using the default DSO_METHOD's converter
-(c) overriden per-DSO by setting the override callback
-(d) a mix of (b) and (c) - eg. implement an override callback that;
-    (i) checks if we're win32 (if(strstr(dso->meth->name, "win32")....)
-        and if so, convert "blah" into "blah32.dll" (the default is
-	otherwise to make it "blah.dll").
-    (ii) default to the normal behaviour - we're not on win32, eg.
-         finish with (return dso->meth->dso_name_converter(dso,NULL)).
-
diff --git a/crypto/openssl/crypto/dso/dso.h b/crypto/openssl/crypto/dso/dso.h
deleted file mode 100644
index aa721f7febb6..000000000000
--- a/crypto/openssl/crypto/dso/dso.h
+++ /dev/null
@@ -1,322 +0,0 @@
-/* dso.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-#define HEADER_DSO_H
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-#define DSO_CTRL_GET_FLAGS	1
-#define DSO_CTRL_SET_FLAGS	2
-#define DSO_CTRL_OR_FLAGS	3
-
-/* By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the DSO
- * object (using DSO_set_name_converter()). This callback could even utilise
- * the DSO_METHOD's converter too if it only wants to override behaviour for
- * one or two possible DSO methods. However, the following flag can be set in a
- * DSO to prevent *any* native name-translation at all - eg. if the caller has
- * prompted the user for a path to a driver library so the filename should be
- * interpreted as-is. */
-#define DSO_FLAG_NO_NAME_TRANSLATION		0x01
-/* An extra flag to give if only the extension should be added as
- * translation.  This is obviously only of importance on Unix and
- * other operating systems where the translation also may prefix
- * the name with something, like 'lib', and ignored everywhere else.
- * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
- * at the same time. */
-#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY	0x02
-
-/* The following flag controls the translation of symbol names to upper
- * case.  This is currently only being implemented for OpenVMS.
- */
-#define DSO_FLAG_UPCASE_SYMBOL			0x10
-
-
-typedef void (*DSO_FUNC_TYPE)(void);
-
-typedef struct dso_st DSO;
-
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure pointer
- * (or NULL if they are to be used independantly of a DSO object) and a
- * filename to transform. They should either return NULL (if there is an error
- * condition) or a newly allocated string containing the transformed form that
- * the caller will need to free with OPENSSL_free() when done. */
-typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-
-typedef struct dso_meth_st
-	{
-	const char *name;
-	/* Loads a shared library, NB: new DSO_METHODs must ensure that a
-	 * successful load populates the loaded_filename field, and likewise a
-	 * successful unload OPENSSL_frees and NULLs it out. */
-	int (*dso_load)(DSO *dso);
-	/* Unloads a shared library */
-	int (*dso_unload)(DSO *dso);
-	/* Binds a variable */
-	void *(*dso_bind_var)(DSO *dso, const char *symname);
-	/* Binds a function - assumes a return type of DSO_FUNC_TYPE.
-	 * This should be cast to the real function prototype by the
-	 * caller. Platforms that don't have compatible representations
-	 * for different prototypes (this is possible within ANSI C)
-	 * are highly unlikely to have shared libraries at all, let
-	 * alone a DSO_METHOD implemented for them. */
-	DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
-
-/* I don't think this would actually be used in any circumstances. */
-#if 0
-	/* Unbinds a variable */
-	int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
-	/* Unbinds a function */
-	int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-#endif
-	/* The generic (yuck) "ctrl()" function. NB: Negative return
-	 * values (rather than zero) indicate errors. */
-	long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
-	/* The default DSO_METHOD-specific function for converting filenames to
-	 * a canonical native form. */
-	DSO_NAME_CONVERTER_FUNC dso_name_converter;
-
-	/* [De]Initialisation handlers. */
-	int (*init)(DSO *dso);
-	int (*finish)(DSO *dso);
-	} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st
-	{
-	DSO_METHOD *meth;
-	/* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
-	 * doesn't use anything but will need to cache the filename
-	 * for use in the dso_bind handler. All in all, let each
-	 * method control its own destiny. "Handles" and such go in
-	 * a STACK. */
-	STACK *meth_data;
-	int references;
-	int flags;
-	/* For use by applications etc ... use this for your bits'n'pieces,
-	 * don't touch meth_data! */
-	CRYPTO_EX_DATA ex_data;
-	/* If this callback function pointer is set to non-NULL, then it will
-	 * be used on DSO_load() in place of meth->dso_name_converter. NB: This
-	 * should normally set using DSO_set_name_converter(). */
-	DSO_NAME_CONVERTER_FUNC name_converter;
-	/* This is populated with (a copy of) the platform-independant
-	 * filename used for this DSO. */
-	char *filename;
-	/* This is populated with (a copy of) the translated filename by which
-	 * the DSO was actually loaded. It is NULL iff the DSO is not currently
-	 * loaded. NB: This is here because the filename translation process
-	 * may involve a callback being invoked more than once not only to
-	 * convert to a platform-specific form, but also to try different
-	 * filenames in the process of trying to perform a load. As such, this
-	 * variable can be used to indicate (a) whether this DSO structure
-	 * corresponds to a loaded library or not, and (b) the filename with
-	 * which it was actually loaded. */
-	char *loaded_filename;
-	};
-
-
-DSO *	DSO_new(void);
-DSO *	DSO_new_method(DSO_METHOD *method);
-int	DSO_free(DSO *dso);
-int	DSO_flags(DSO *dso);
-int	DSO_up_ref(DSO *dso);
-long	DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/* This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success. */
-int	DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-				DSO_NAME_CONVERTER_FUNC *oldcb);
-/* These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded. */
-const char *DSO_get_filename(DSO *dso);
-int	DSO_set_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
- * caller-created DSO_METHODs can do the same thing. A non-NULL return value
- * will need to be OPENSSL_free()'d. */
-char	*DSO_convert_filename(DSO *dso, const char *filename);
-/* If the DSO is currently loaded, this returns the filename that it was loaded
- * under, otherwise it returns NULL. So it is also useful as a test as to
- * whether the DSO is currently loaded. NB: This will not necessarily return
- * the same value as DSO_convert_filename(dso, dso->filename), because the
- * DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded. */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void	DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/* The all-singing all-dancing load function, you normally pass NULL
- * for the first and third parameters. Use DSO_up and DSO_free for
- * subsequent reference count handling. Any flags passed in will be set
- * in the constructed DSO after its init() function but before the
- * load operation. If 'dso' is non-NULL, 'flags' is ignored. */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/* This method is the default, but will beg, borrow, or steal whatever
- * method should be the default on any particular platform (including
- * DSO_METH_null() if necessary). */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/* This method is defined for all platforms - if a platform has no
- * DSO support then this will be the only method! */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
- * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/* If DSO_DL is defined, the standard dl.h-style functions (shl_load, 
- * shl_unload, shl_findsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-#define DSO_F_DLFCN_BIND_FUNC				 100
-#define DSO_F_DLFCN_BIND_VAR				 101
-#define DSO_F_DLFCN_LOAD				 102
-#define DSO_F_DLFCN_NAME_CONVERTER			 123
-#define DSO_F_DLFCN_UNLOAD				 103
-#define DSO_F_DL_BIND_FUNC				 104
-#define DSO_F_DL_BIND_VAR				 105
-#define DSO_F_DL_LOAD					 106
-#define DSO_F_DL_NAME_CONVERTER				 124
-#define DSO_F_DL_UNLOAD					 107
-#define DSO_F_DSO_BIND_FUNC				 108
-#define DSO_F_DSO_BIND_VAR				 109
-#define DSO_F_DSO_CONVERT_FILENAME			 126
-#define DSO_F_DSO_CTRL					 110
-#define DSO_F_DSO_FREE					 111
-#define DSO_F_DSO_GET_FILENAME				 127
-#define DSO_F_DSO_GET_LOADED_FILENAME			 128
-#define DSO_F_DSO_LOAD					 112
-#define DSO_F_DSO_NEW_METHOD				 113
-#define DSO_F_DSO_SET_FILENAME				 129
-#define DSO_F_DSO_SET_NAME_CONVERTER			 122
-#define DSO_F_DSO_UP_REF				 114
-#define DSO_F_VMS_BIND_VAR				 115
-#define DSO_F_VMS_LOAD					 116
-#define DSO_F_VMS_UNLOAD				 117
-#define DSO_F_WIN32_BIND_FUNC				 118
-#define DSO_F_WIN32_BIND_VAR				 119
-#define DSO_F_WIN32_LOAD				 120
-#define DSO_F_WIN32_NAME_CONVERTER			 125
-#define DSO_F_WIN32_UNLOAD				 121
-
-/* Reason codes. */
-#define DSO_R_CTRL_FAILED				 100
-#define DSO_R_DSO_ALREADY_LOADED			 110
-#define DSO_R_FILENAME_TOO_BIG				 101
-#define DSO_R_FINISH_FAILED				 102
-#define DSO_R_LOAD_FAILED				 103
-#define DSO_R_NAME_TRANSLATION_FAILED			 109
-#define DSO_R_NO_FILENAME				 111
-#define DSO_R_NULL_HANDLE				 104
-#define DSO_R_SET_FILENAME_FAILED			 112
-#define DSO_R_STACK_ERROR				 105
-#define DSO_R_SYM_FAILURE				 106
-#define DSO_R_UNLOAD_FAILED				 107
-#define DSO_R_UNSUPPORTED				 108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/dso/dso_dl.c b/crypto/openssl/crypto/dso/dso_dl.c
deleted file mode 100644
index 79d2cb4d8c8d..000000000000
--- a/crypto/openssl/crypto/dso/dso_dl.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* dso_dl.c */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DL
-DSO_METHOD *DSO_METHOD_dl(void)
-       {
-       return NULL;
-       }
-#else
-
-#include <dl.h>
-
-/* Part of the hack in "dl_load" ... */
-#define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dl_load(DSO *dso);
-static int dl_unload(DSO *dso);
-static void *dl_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
-#if 0
-static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
-static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int dl_init(DSO *dso);
-static int dl_finish(DSO *dso);
-static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
-#endif
-static char *dl_name_converter(DSO *dso, const char *filename);
-
-static DSO_METHOD dso_meth_dl = {
-	"OpenSSL 'dl' shared library method",
-	dl_load,
-	dl_unload,
-	dl_bind_var,
-	dl_bind_func,
-/* For now, "unbind" doesn't exist */
-#if 0
-	NULL, /* unbind_var */
-	NULL, /* unbind_func */
-#endif
-	NULL, /* ctrl */
-	dl_name_converter,
-	NULL, /* init */
-	NULL  /* finish */
-	};
-
-DSO_METHOD *DSO_METHOD_dl(void)
-	{
-	return(&dso_meth_dl);
-	}
-
-/* For this DSO_METHOD, our meth_data STACK will contain;
- * (i) the handle (shl_t) returned from shl_load().
- * NB: I checked on HPUX11 and shl_t is itself a pointer
- * type so the cast is safe.
- */
-
-static int dl_load(DSO *dso)
-	{
-	shl_t ptr = NULL;
-	/* We don't do any fancy retries or anything, just take the method's
-	 * (or DSO's if it has the callback set) best translation of the
-	 * platform-independant filename and try once with that. */
-	char *filename= DSO_convert_filename(dso, NULL);
-
-	if(filename == NULL)
-		{
-		DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
-		goto err;
-		}
-	ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
-		ERR_add_error_data(4, "filename(", filename, "): ",
-			strerror(errno));
-		goto err;
-		}
-	if(!sk_push(dso->meth_data, (char *)ptr))
-		{
-		DSOerr(DSO_F_DL_LOAD,DSO_R_STACK_ERROR);
-		goto err;
-		}
-	/* Success, stick the converted filename we've loaded under into the DSO
-	 * (it also serves as the indicator that we are currently loaded). */
-	dso->loaded_filename = filename;
-	return(1);
-err:
-	/* Cleanup! */
-	if(filename != NULL)
-		OPENSSL_free(filename);
-	if(ptr != NULL)
-		shl_unload(ptr);
-	return(0);
-	}
-
-static int dl_unload(DSO *dso)
-	{
-	shl_t ptr;
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DL_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		return(1);
-	/* Is this statement legal? */
-	ptr = (shl_t)sk_pop(dso->meth_data);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DL_UNLOAD,DSO_R_NULL_HANDLE);
-		/* Should push the value back onto the stack in
-		 * case of a retry. */
-		sk_push(dso->meth_data, (char *)ptr);
-		return(0);
-		}
-	shl_unload(ptr);
-	return(1);
-	}
-
-static void *dl_bind_var(DSO *dso, const char *symname)
-	{
-	shl_t ptr;
-	void *sym;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DL_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		{
-		DSOerr(DSO_F_DL_BIND_VAR,DSO_R_STACK_ERROR);
-		return(NULL);
-		}
-	ptr = (shl_t)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DL_BIND_VAR,DSO_R_NULL_HANDLE);
-		return(NULL);
-		}
-	if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0)
-		{
-		DSOerr(DSO_F_DL_BIND_VAR,DSO_R_SYM_FAILURE);
-		ERR_add_error_data(4, "symname(", symname, "): ",
-			strerror(errno));
-		return(NULL);
-		}
-	return(sym);
-	}
-
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
-	{
-	shl_t ptr;
-	void *sym;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DL_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		{
-		DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_STACK_ERROR);
-		return(NULL);
-		}
-	ptr = (shl_t)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_NULL_HANDLE);
-		return(NULL);
-		}
-	if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0)
-		{
-		DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_SYM_FAILURE);
-		ERR_add_error_data(4, "symname(", symname, "): ",
-			strerror(errno));
-		return(NULL);
-		}
-	return((DSO_FUNC_TYPE)sym);
-	}
-
-/* This function is identical to the one in dso_dlfcn.c, but as it is highly
- * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the
- * same time, there's no great duplicating the code. Figuring out an elegant 
- * way to share one copy of the code would be more difficult and would not
- * leave the implementations independant. */
-#if defined(__hpux)
-static const char extension[] = ".sl";
-#else
-static const char extension[] = ".so";
-#endif
-static char *dl_name_converter(DSO *dso, const char *filename)
-	{
-	char *translated;
-	int len, rsize, transform;
-
-	len = strlen(filename);
-	rsize = len + 1;
-	transform = (strstr(filename, "/") == NULL);
-		{
-		/* We will convert this to "%s.s?" or "lib%s.s?" */
-		rsize += strlen(extension);/* The length of ".s?" */
-		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			rsize += 3; /* The length of "lib" */
-		}
-	translated = OPENSSL_malloc(rsize);
-	if(translated == NULL)
-		{
-		DSOerr(DSO_F_DL_NAME_CONVERTER,
-				DSO_R_NAME_TRANSLATION_FAILED); 
-		return(NULL);   
-		}
-	if(transform)
-		{
-		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			sprintf(translated, "lib%s%s", filename, extension);
-		else
-			sprintf(translated, "%s%s", filename, extension);
-		}
-	else
-		sprintf(translated, "%s", filename);
-	return(translated);
-	}
-
-#endif /* DSO_DL */
diff --git a/crypto/openssl/crypto/dso/dso_dlfcn.c b/crypto/openssl/crypto/dso/dso_dlfcn.c
deleted file mode 100644
index 906b4703de71..000000000000
--- a/crypto/openssl/crypto/dso/dso_dlfcn.c
+++ /dev/null
@@ -1,289 +0,0 @@
-/* dso_dlfcn.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DLFCN
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-	{
-	return NULL;
-	}
-#else
-
-#ifdef HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
-
-/* Part of the hack in "dlfcn_load" ... */
-#define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dlfcn_load(DSO *dso);
-static int dlfcn_unload(DSO *dso);
-static void *dlfcn_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
-#if 0
-static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
-static int dlfcn_init(DSO *dso);
-static int dlfcn_finish(DSO *dso);
-static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
-#endif
-static char *dlfcn_name_converter(DSO *dso, const char *filename);
-
-static DSO_METHOD dso_meth_dlfcn = {
-	"OpenSSL 'dlfcn' shared library method",
-	dlfcn_load,
-	dlfcn_unload,
-	dlfcn_bind_var,
-	dlfcn_bind_func,
-/* For now, "unbind" doesn't exist */
-#if 0
-	NULL, /* unbind_var */
-	NULL, /* unbind_func */
-#endif
-	NULL, /* ctrl */
-	dlfcn_name_converter,
-	NULL, /* init */
-	NULL  /* finish */
-	};
-
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-	{
-	return(&dso_meth_dlfcn);
-	}
-
-/* Prior to using the dlopen() function, we should decide on the flag
- * we send. There's a few different ways of doing this and it's a
- * messy venn-diagram to match up which platforms support what. So
- * as we don't have autoconf yet, I'm implementing a hack that could
- * be hacked further relatively easily to deal with cases as we find
- * them. Initially this is to cope with OpenBSD. */
-#if defined(__OpenBSD__) || defined(__NetBSD__)
-#	ifdef DL_LAZY
-#		define DLOPEN_FLAG DL_LAZY
-#	else
-#		ifdef RTLD_NOW
-#			define DLOPEN_FLAG RTLD_NOW
-#		else
-#			define DLOPEN_FLAG 0
-#		endif
-#	endif
-#else
-#	define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
-#endif
-
-/* For this DSO_METHOD, our meth_data STACK will contain;
- * (i) the handle (void*) returned from dlopen().
- */
-
-static int dlfcn_load(DSO *dso)
-	{
-	void *ptr = NULL;
-	/* See applicable comments in dso_dl.c */
-	char *filename = DSO_convert_filename(dso, NULL);
-
-	if(filename == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME);
-		goto err;
-		}
-	ptr = dlopen(filename, DLOPEN_FLAG);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED);
-		ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
-		goto err;
-		}
-	if(!sk_push(dso->meth_data, (char *)ptr))
-		{
-		DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR);
-		goto err;
-		}
-	/* Success */
-	dso->loaded_filename = filename;
-	return(1);
-err:
-	/* Cleanup! */
-	if(filename != NULL)
-		OPENSSL_free(filename);
-	if(ptr != NULL)
-		dlclose(ptr);
-	return(0);
-}
-
-static int dlfcn_unload(DSO *dso)
-	{
-	void *ptr;
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		return(1);
-	ptr = (void *)sk_pop(dso->meth_data);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE);
-		/* Should push the value back onto the stack in
-		 * case of a retry. */
-		sk_push(dso->meth_data, (char *)ptr);
-		return(0);
-		}
-	/* For now I'm not aware of any errors associated with dlclose() */
-	dlclose(ptr);
-	return(1);
-	}
-
-static void *dlfcn_bind_var(DSO *dso, const char *symname)
-	{
-	void *ptr, *sym;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR);
-		return(NULL);
-		}
-	ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE);
-		return(NULL);
-		}
-	sym = dlsym(ptr, symname);
-	if(sym == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_SYM_FAILURE);
-		ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
-		return(NULL);
-		}
-	return(sym);
-	}
-
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
-	{
-	void *ptr;
-	DSO_FUNC_TYPE sym;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(sk_num(dso->meth_data) < 1)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR);
-		return(NULL);
-		}
-	ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-	if(ptr == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
-		return(NULL);
-		}
-	sym = (DSO_FUNC_TYPE)dlsym(ptr, symname);
-	if(sym == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
-		ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
-		return(NULL);
-		}
-	return(sym);
-	}
-
-static char *dlfcn_name_converter(DSO *dso, const char *filename)
-	{
-	char *translated;
-	int len, rsize, transform;
-
-	len = strlen(filename);
-	rsize = len + 1;
-	transform = (strstr(filename, "/") == NULL);
-	if(transform)
-		{
-		/* We will convert this to "%s.so" or "lib%s.so" */
-		rsize += 3;	/* The length of ".so" */
-		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			rsize += 3; /* The length of "lib" */
-		}
-	translated = OPENSSL_malloc(rsize);
-	if(translated == NULL)
-		{
-		DSOerr(DSO_F_DLFCN_NAME_CONVERTER,
-				DSO_R_NAME_TRANSLATION_FAILED);
-		return(NULL);
-		}
-	if(transform)
-		{
-		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			sprintf(translated, "lib%s.so", filename);
-		else
-			sprintf(translated, "%s.so", filename);
-		}
-	else
-		sprintf(translated, "%s", filename);
-	return(translated);
-	}
-
-#endif /* DSO_DLFCN */
diff --git a/crypto/openssl/crypto/dso/dso_err.c b/crypto/openssl/crypto/dso/dso_err.c
deleted file mode 100644
index cf452de1aa06..000000000000
--- a/crypto/openssl/crypto/dso/dso_err.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/dso/dso_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dso.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA DSO_str_functs[]=
-	{
-{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0),	"DLFCN_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0),	"DLFCN_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DLFCN_LOAD,0),	"DLFCN_LOAD"},
-{ERR_PACK(0,DSO_F_DLFCN_NAME_CONVERTER,0),	"DLFCN_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0),	"DLFCN_UNLOAD"},
-{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0),	"DL_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DL_BIND_VAR,0),	"DL_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DL_LOAD,0),	"DL_LOAD"},
-{ERR_PACK(0,DSO_F_DL_NAME_CONVERTER,0),	"DL_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_DL_UNLOAD,0),	"DL_UNLOAD"},
-{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0),	"DSO_bind_func"},
-{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0),	"DSO_bind_var"},
-{ERR_PACK(0,DSO_F_DSO_CONVERT_FILENAME,0),	"DSO_convert_filename"},
-{ERR_PACK(0,DSO_F_DSO_CTRL,0),	"DSO_ctrl"},
-{ERR_PACK(0,DSO_F_DSO_FREE,0),	"DSO_free"},
-{ERR_PACK(0,DSO_F_DSO_GET_FILENAME,0),	"DSO_get_filename"},
-{ERR_PACK(0,DSO_F_DSO_GET_LOADED_FILENAME,0),	"DSO_get_loaded_filename"},
-{ERR_PACK(0,DSO_F_DSO_LOAD,0),	"DSO_load"},
-{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0),	"DSO_new_method"},
-{ERR_PACK(0,DSO_F_DSO_SET_FILENAME,0),	"DSO_set_filename"},
-{ERR_PACK(0,DSO_F_DSO_SET_NAME_CONVERTER,0),	"DSO_set_name_converter"},
-{ERR_PACK(0,DSO_F_DSO_UP_REF,0),	"DSO_up_ref"},
-{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0),	"VMS_BIND_VAR"},
-{ERR_PACK(0,DSO_F_VMS_LOAD,0),	"VMS_LOAD"},
-{ERR_PACK(0,DSO_F_VMS_UNLOAD,0),	"VMS_UNLOAD"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0),	"WIN32_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0),	"WIN32_BIND_VAR"},
-{ERR_PACK(0,DSO_F_WIN32_LOAD,0),	"WIN32_LOAD"},
-{ERR_PACK(0,DSO_F_WIN32_NAME_CONVERTER,0),	"WIN32_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0),	"WIN32_UNLOAD"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA DSO_str_reasons[]=
-	{
-{DSO_R_CTRL_FAILED                       ,"control command failed"},
-{DSO_R_DSO_ALREADY_LOADED                ,"dso already loaded"},
-{DSO_R_FILENAME_TOO_BIG                  ,"filename too big"},
-{DSO_R_FINISH_FAILED                     ,"cleanup method function failed"},
-{DSO_R_LOAD_FAILED                       ,"could not load the shared library"},
-{DSO_R_NAME_TRANSLATION_FAILED           ,"name translation failed"},
-{DSO_R_NO_FILENAME                       ,"no filename"},
-{DSO_R_NULL_HANDLE                       ,"a null shared library handle was used"},
-{DSO_R_SET_FILENAME_FAILED               ,"set filename failed"},
-{DSO_R_STACK_ERROR                       ,"the meth_data stack is corrupt"},
-{DSO_R_SYM_FAILURE                       ,"could not bind to the requested symbol name"},
-{DSO_R_UNLOAD_FAILED                     ,"could not unload the shared library"},
-{DSO_R_UNSUPPORTED                       ,"functionality not supported"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_DSO_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DSO,DSO_str_functs);
-		ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/dso/dso_lib.c b/crypto/openssl/crypto/dso/dso_lib.c
deleted file mode 100644
index 556069b9b824..000000000000
--- a/crypto/openssl/crypto/dso/dso_lib.c
+++ /dev/null
@@ -1,439 +0,0 @@
-/* dso_lib.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD *default_DSO_meth = NULL;
-
-DSO *DSO_new(void)
-	{
-	return(DSO_new_method(NULL));
-	}
-
-void DSO_set_default_method(DSO_METHOD *meth)
-	{
-	default_DSO_meth = meth;
-	}
-
-DSO_METHOD *DSO_get_default_method(void)
-	{
-	return(default_DSO_meth);
-	}
-
-DSO_METHOD *DSO_get_method(DSO *dso)
-	{
-	return(dso->meth);
-	}
-
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
-	{
-	DSO_METHOD *mtmp;
-	mtmp = dso->meth;
-	dso->meth = meth;
-	return(mtmp);
-	}
-
-DSO *DSO_new_method(DSO_METHOD *meth)
-	{
-	DSO *ret;
-
-	if(default_DSO_meth == NULL)
-		/* We default to DSO_METH_openssl() which in turn defaults
-		 * to stealing the "best available" method. Will fallback
-		 * to DSO_METH_null() in the worst case. */
-		default_DSO_meth = DSO_METHOD_openssl();
-	ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
-	if(ret == NULL)
-		{
-		DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	memset(ret, 0, sizeof(DSO));
-	ret->meth_data = sk_new_null();
-	if(ret->meth_data == NULL)
-		{
-		/* sk_new doesn't generate any errors so we do */
-		DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-		OPENSSL_free(ret);
-		return(NULL);
-		}
-	if(meth == NULL)
-		ret->meth = default_DSO_meth;
-	else
-		ret->meth = meth;
-	ret->references = 1;
-	if((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
-
-int DSO_free(DSO *dso)
-	{
-        int i;
- 
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_FREE,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
- 
-	i=CRYPTO_add(&dso->references,-1,CRYPTO_LOCK_DSO);
-#ifdef REF_PRINT
-	REF_PRINT("DSO",dso);
-#endif
-	if(i > 0) return(1);
-#ifdef REF_CHECK
-	if(i < 0)
-		{
-		fprintf(stderr,"DSO_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	if((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso))
-		{
-		DSOerr(DSO_F_DSO_FREE,DSO_R_UNLOAD_FAILED);
-		return(0);
-		}
- 
-	if((dso->meth->finish != NULL) && !dso->meth->finish(dso))
-		{
-		DSOerr(DSO_F_DSO_FREE,DSO_R_FINISH_FAILED);
-		return(0);
-		}
-	
-	sk_free(dso->meth_data);
-	if(dso->filename != NULL)
-		OPENSSL_free(dso->filename);
-	if(dso->loaded_filename != NULL)
-		OPENSSL_free(dso->loaded_filename);
- 
-	OPENSSL_free(dso);
-	return(1);
-	}
-
-int DSO_flags(DSO *dso)
-	{
-	return((dso == NULL) ? 0 : dso->flags);
-	}
-
-
-int DSO_up_ref(DSO *dso)
-	{
-	if (dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_UP_REF,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-
-	CRYPTO_add(&dso->references,1,CRYPTO_LOCK_DSO);
-	return(1);
-	}
-
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
-	{
-	DSO *ret;
-	int allocated = 0;
-
-	if(dso == NULL)
-		{
-		ret = DSO_new_method(meth);
-		if(ret == NULL)
-			{
-			DSOerr(DSO_F_DSO_LOAD,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		allocated = 1;
-		/* Pass the provided flags to the new DSO object */
-		if(DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0)
-			{
-			DSOerr(DSO_F_DSO_LOAD,DSO_R_CTRL_FAILED);
-			goto err;
-			}
-		}
-	else
-		ret = dso;
-	/* Don't load if we're currently already loaded */
-	if(ret->filename != NULL)
-		{
-		DSOerr(DSO_F_DSO_LOAD,DSO_R_DSO_ALREADY_LOADED);
-		goto err;
-		}
-	/* filename can only be NULL if we were passed a dso that already has
-	 * one set. */
-	if(filename != NULL)
-		if(!DSO_set_filename(ret, filename))
-			{
-			DSOerr(DSO_F_DSO_LOAD,DSO_R_SET_FILENAME_FAILED);
-			goto err;
-			}
-	filename = ret->filename;
-	if(filename == NULL)
-		{
-		DSOerr(DSO_F_DSO_LOAD,DSO_R_NO_FILENAME);
-		goto err;
-		}
-	if(ret->meth->dso_load == NULL)
-		{
-		DSOerr(DSO_F_DSO_LOAD,DSO_R_UNSUPPORTED);
-		goto err;
-		}
-	if(!ret->meth->dso_load(ret))
-		{
-		DSOerr(DSO_F_DSO_LOAD,DSO_R_LOAD_FAILED);
-		goto err;
-		}
-	/* Load succeeded */
-	return(ret);
-err:
-	if(allocated)
-		DSO_free(ret);
-	return(NULL);
-	}
-
-void *DSO_bind_var(DSO *dso, const char *symname)
-	{
-	void *ret = NULL;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DSO_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(dso->meth->dso_bind_var == NULL)
-		{
-		DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_UNSUPPORTED);
-		return(NULL);
-		}
-	if((ret = dso->meth->dso_bind_var(dso, symname)) == NULL)
-		{
-		DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_SYM_FAILURE);
-		return(NULL);
-		}
-	/* Success */
-	return(ret);
-	}
-
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
-	{
-	DSO_FUNC_TYPE ret = NULL;
-
-	if((dso == NULL) || (symname == NULL))
-		{
-		DSOerr(DSO_F_DSO_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(dso->meth->dso_bind_func == NULL)
-		{
-		DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_UNSUPPORTED);
-		return(NULL);
-		}
-	if((ret = dso->meth->dso_bind_func(dso, symname)) == NULL)
-		{
-		DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_SYM_FAILURE);
-		return(NULL);
-		}
-	/* Success */
-	return(ret);
-	}
-
-/* I don't really like these *_ctrl functions very much to be perfectly
- * honest. For one thing, I think I have to return a negative value for
- * any error because possible DSO_ctrl() commands may return values
- * such as "size"s that can legitimately be zero (making the standard
- * "if(DSO_cmd(...))" form that works almost everywhere else fail at
- * odd times. I'd prefer "output" values to be passed by reference and
- * the return value as success/failure like usual ... but we conform
- * when we must... :-) */
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
-	{
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-		return(-1);
-		}
-	/* We should intercept certain generic commands and only pass control
-	 * to the method-specific ctrl() function if it's something we don't
-	 * handle. */
-	switch(cmd)
-		{
-	case DSO_CTRL_GET_FLAGS:
-		return dso->flags;
-	case DSO_CTRL_SET_FLAGS:
-		dso->flags = (int)larg;
-		return(0);
-	case DSO_CTRL_OR_FLAGS:
-		dso->flags |= (int)larg;
-		return(0);
-	default:
-		break;
-		}
-	if((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL))
-		{
-		DSOerr(DSO_F_DSO_CTRL,DSO_R_UNSUPPORTED);
-		return(-1);
-		}
-	return(dso->meth->dso_ctrl(dso,cmd,larg,parg));
-	}
-
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-			DSO_NAME_CONVERTER_FUNC *oldcb)
-	{
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_SET_NAME_CONVERTER,
-				ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if(oldcb)
-		*oldcb = dso->name_converter;
-	dso->name_converter = cb;
-	return(1);
-	}
-
-const char *DSO_get_filename(DSO *dso)
-	{
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_GET_FILENAME,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	return(dso->filename);
-	}
-
-int DSO_set_filename(DSO *dso, const char *filename)
-	{
-	char *copied;
-
-	if((dso == NULL) || (filename == NULL))
-		{
-		DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if(dso->loaded_filename)
-		{
-		DSOerr(DSO_F_DSO_SET_FILENAME,DSO_R_DSO_ALREADY_LOADED);
-		return(0);
-		}
-	/* We'll duplicate filename */
-	copied = OPENSSL_malloc(strlen(filename) + 1);
-	if(copied == NULL)
-		{
-		DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	strcpy(copied, filename);
-	if(dso->filename)
-		OPENSSL_free(dso->filename);
-	dso->filename = copied;
-	return(1);
-	}
-
-char *DSO_convert_filename(DSO *dso, const char *filename)
-	{
-	char *result = NULL;
-
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_CONVERT_FILENAME,ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	if(filename == NULL)
-		filename = dso->filename;
-	if(filename == NULL)
-		{
-		DSOerr(DSO_F_DSO_CONVERT_FILENAME,DSO_R_NO_FILENAME);
-		return(NULL);
-		}
-	if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0)
-		{
-		if(dso->name_converter != NULL)
-			result = dso->name_converter(dso, filename);
-		else if(dso->meth->dso_name_converter != NULL)
-			result = dso->meth->dso_name_converter(dso, filename);
-		}
-	if(result == NULL)
-		{
-		result = OPENSSL_malloc(strlen(filename) + 1);
-		if(result == NULL)
-			{
-			DSOerr(DSO_F_DSO_CONVERT_FILENAME,
-					ERR_R_MALLOC_FAILURE);
-			return(NULL);
-			}
-		strcpy(result, filename);
-		}
-	return(result);
-	}
-
-const char *DSO_get_loaded_filename(DSO *dso)
-	{
-	if(dso == NULL)
-		{
-		DSOerr(DSO_F_DSO_GET_LOADED_FILENAME,
-				ERR_R_PASSED_NULL_PARAMETER);
-		return(NULL);
-		}
-	return(dso->loaded_filename);
-	}
diff --git a/crypto/openssl/crypto/dso/dso_null.c b/crypto/openssl/crypto/dso/dso_null.c
deleted file mode 100644
index fa13a7cb0f18..000000000000
--- a/crypto/openssl/crypto/dso/dso_null.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* dso_null.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This "NULL" method is provided as the fallback for systems that have
- * no appropriate support for "shared-libraries". */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD dso_meth_null = {
-	"NULL shared library method",
-	NULL, /* load */
-	NULL, /* unload */
-	NULL, /* bind_var */
-	NULL, /* bind_func */
-/* For now, "unbind" doesn't exist */
-#if 0
-	NULL, /* unbind_var */
-	NULL, /* unbind_func */
-#endif
-	NULL, /* ctrl */
-	NULL, /* init */
-	NULL  /* finish */
-	};
-
-DSO_METHOD *DSO_METHOD_null(void)
-	{
-	return(&dso_meth_null);
-	}
-
diff --git a/crypto/openssl/crypto/dso/dso_openssl.c b/crypto/openssl/crypto/dso/dso_openssl.c
deleted file mode 100644
index a4395ebffeca..000000000000
--- a/crypto/openssl/crypto/dso/dso_openssl.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* dso_openssl.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-/* We just pinch the method from an appropriate "default" method. */
-
-DSO_METHOD *DSO_METHOD_openssl(void)
-	{
-#ifdef DEF_DSO_METHOD
-	return(DEF_DSO_METHOD());
-#elif defined(DSO_DLFCN)
-	return(DSO_METHOD_dlfcn());
-#elif defined(DSO_DL)
-	return(DSO_METHOD_dl());
-#elif defined(DSO_WIN32)
-	return(DSO_METHOD_win32());
-#elif defined(DSO_VMS)
-	return(DSO_METHOD_vms());
-#else
-	return(DSO_METHOD_null());
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/ebcdic.c b/crypto/openssl/crypto/ebcdic.c
deleted file mode 100644
index d1bece87f7d7..000000000000
--- a/crypto/openssl/crypto/ebcdic.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* crypto/ebcdic.c */
-
-#ifdef CHARSET_EBCDIC
-#include "ebcdic.h"
-/*      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>
- *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
- */
-
-#ifdef _OSD_POSIX
-/*
-    "BS2000 OSD" is a POSIX subsystem on a main frame.
-    It is made by Siemens AG, Germany, for their BS2000 mainframe machines.
-    Within the POSIX subsystem, the same character set was chosen as in
-    "native BS2000", namely EBCDIC. (EDF04)
-
-    The name "ASCII" in these routines is misleading: actually, conversion
-    is not between EBCDIC and ASCII, but EBCDIC(EDF04) and ISO-8859.1;
-    that means that (western european) national characters are preserved.
-
-    This table is identical to the one used by rsh/rcp/ftp and other POSIX tools.
-*/
-
-/* Here's the bijective ebcdic-to-ascii table: */
-const unsigned char os_toascii[256] = {
-/*00*/ 0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f,
-       0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /*................*/
-/*10*/ 0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97,
-       0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /*................*/
-/*20*/ 0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b,
-       0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /*................*/
-/*30*/ 0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04,
-       0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /*................*/
-/*40*/ 0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5,
-       0xe7, 0xf1, 0x60, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* .........`.<(+|*/
-/*50*/ 0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef,
-       0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x9f, /*&.........!$*);.*/
-/*60*/ 0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5,
-       0xc7, 0xd1, 0x5e, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /*-/........^,%_>?*/
-/*70*/ 0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf,
-       0xcc, 0xa8, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /*..........:#@'="*/
-/*80*/ 0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
-       0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /*.abcdefghi......*/
-/*90*/ 0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
-       0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /*.jklmnopqr......*/
-/*a0*/ 0xb5, 0xaf, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-       0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0xdd, 0xde, 0xae, /*..stuvwxyz......*/
-/*b0*/ 0xa2, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc,
-       0xbd, 0xbe, 0xac, 0x5b, 0x5c, 0x5d, 0xb4, 0xd7, /*...........[\]..*/
-/*c0*/ 0xf9, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-       0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /*.ABCDEFGHI......*/
-/*d0*/ 0xa6, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
-       0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xdb, 0xfa, 0xff, /*.JKLMNOPQR......*/
-/*e0*/ 0xd9, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
-       0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /*..STUVWXYZ......*/
-/*f0*/ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-       0x38, 0x39, 0xb3, 0x7b, 0xdc, 0x7d, 0xda, 0x7e  /*0123456789.{.}.~*/
-};
-
-
-/* The ascii-to-ebcdic table: */
-const unsigned char os_toebcdic[256] = {
-/*00*/  0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f,
-	0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,  /*................*/
-/*10*/  0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26,
-	0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f,  /*................*/
-/*20*/  0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d,
-	0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61,  /* !"#$%&'()*+,-./ */
-/*30*/  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
-	0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f,  /*0123456789:;<=>?*/
-/*40*/  0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
-	0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6,  /*@ABCDEFGHIJKLMNO*/
-/*50*/  0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6,
-	0xe7, 0xe8, 0xe9, 0xbb, 0xbc, 0xbd, 0x6a, 0x6d,  /*PQRSTUVWXYZ[\]^_*/
-/*60*/  0x4a, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-	0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96,  /*`abcdefghijklmno*/
-/*70*/  0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6,
-	0xa7, 0xa8, 0xa9, 0xfb, 0x4f, 0xfd, 0xff, 0x07,  /*pqrstuvwxyz{|}~.*/
-/*80*/  0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08,
-	0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14,  /*................*/
-/*90*/  0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17,
-	0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0x5f,  /*................*/
-/*a0*/  0x41, 0xaa, 0xb0, 0xb1, 0x9f, 0xb2, 0xd0, 0xb5,
-	0x79, 0xb4, 0x9a, 0x8a, 0xba, 0xca, 0xaf, 0xa1,  /*................*/
-/*b0*/  0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3,
-	0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab,  /*................*/
-/*c0*/  0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68,
-	0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77,  /*................*/
-/*d0*/  0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf,
-	0x80, 0xe0, 0xfe, 0xdd, 0xfc, 0xad, 0xae, 0x59,  /*................*/
-/*e0*/  0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48,
-	0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57,  /*................*/
-/*f0*/  0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1,
-	0x70, 0xc0, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf   /*................*/
-};
-
-#else  /*_OSD_POSIX*/
-
-/*
-This code does basic character mapping for IBM's TPF and OS/390 operating systems.
-It is a modified version of the BS2000 table.
-
-Bijective EBCDIC (character set IBM-1047) to US-ASCII table:
-This table is bijective - there are no ambigous or duplicate characters.
-*/
-const unsigned char os_toascii[256] = {
-    0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f, /* 00-0f:           */
-    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97, /* 10-1f:           */
-    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b, /* 20-2f:           */
-    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
-    0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04, /* 30-3f:           */
-    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
-    0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5, /* 40-4f:           */
-    0xe7, 0xf1, 0xa2, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /*  ...........<(+| */
-    0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef, /* 50-5f:           */
-    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x5e, /* &.........!$*);^ */
-    0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5, /* 60-6f:           */
-    0xc7, 0xd1, 0xa6, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /* -/.........,%_>? */
-    0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf, /* 70-7f:           */
-    0xcc, 0x60, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* .........`:#@'=" */
-    0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, /* 80-8f:           */
-    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
-    0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, /* 90-9f:           */
-    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
-    0xb5, 0x7e, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, /* a0-af:           */
-    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0x5b, 0xde, 0xae, /* .~stuvwxyz...[.. */
-    0xac, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc, /* b0-bf:           */
-    0xbd, 0xbe, 0xdd, 0xa8, 0xaf, 0x5d, 0xb4, 0xd7, /* .............].. */
-    0x7b, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, /* c0-cf:           */
-    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* {ABCDEFGHI...... */
-    0x7d, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, /* d0-df:           */
-    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xf9, 0xfa, 0xff, /* }JKLMNOPQR...... */
-    0x5c, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, /* e0-ef:           */
-    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* \.STUVWXYZ...... */
-    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* f0-ff:           */
-    0x38, 0x39, 0xb3, 0xdb, 0xdc, 0xd9, 0xda, 0x9f  /* 0123456789...... */
-};
-
-
-/*
-The US-ASCII to EBCDIC (character set IBM-1047) table:
-This table is bijective (no ambiguous or duplicate characters)
-*/
-const unsigned char os_toebcdic[256] = {
-    0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f, /* 00-0f:           */
-    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26, /* 10-1f:           */
-    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d, /* 20-2f:           */
-    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /*  !"#$%&'()*+,-./ */
-    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, /* 30-3f:           */
-    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
-    0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, /* 40-4f:           */
-    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
-    0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, /* 50-5f:           */
-    0xe7, 0xe8, 0xe9, 0xad, 0xe0, 0xbd, 0x5f, 0x6d, /* PQRSTUVWXYZ[\]^_ */
-    0x79, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, /* 60-6f:           */
-    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
-    0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, /* 70-7f:           */
-    0xa7, 0xa8, 0xa9, 0xc0, 0x4f, 0xd0, 0xa1, 0x07, /* pqrstuvwxyz{|}~. */
-    0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08, /* 80-8f:           */
-    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
-    0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17, /* 90-9f:           */
-    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0xff, /* ................ */
-    0x41, 0xaa, 0x4a, 0xb1, 0x9f, 0xb2, 0x6a, 0xb5, /* a0-af:           */
-    0xbb, 0xb4, 0x9a, 0x8a, 0xb0, 0xca, 0xaf, 0xbc, /* ................ */
-    0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3, /* b0-bf:           */
-    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
-    0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68, /* c0-cf:           */
-    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
-    0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf, /* d0-df:           */
-    0x80, 0xfd, 0xfe, 0xfb, 0xfc, 0xba, 0xae, 0x59, /* ................ */
-    0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48, /* e0-ef:           */
-    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
-    0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1, /* f0-ff:           */
-    0x70, 0xdd, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf  /* ................ */
-};
-#endif /*_OSD_POSIX*/
-
-/* Translate a memory block from EBCDIC (host charset) to ASCII (net charset)
- * dest and srce may be identical, or separate memory blocks, but
- * should not overlap. These functions intentionally have an interface
- * compatible to memcpy(3).
- */
-
-void *
-ebcdic2ascii(void *dest, const void *srce, size_t count)
-{
-    unsigned char *udest = dest;
-    const unsigned char *usrce = srce;
-
-    while (count-- != 0) {
-        *udest++ = os_toascii[*usrce++];
-    }
-
-    return dest;
-}
-
-void *
-ascii2ebcdic(void *dest, const void *srce, size_t count)
-{
-    unsigned char *udest = dest;
-    const unsigned char *usrce = srce;
-
-    while (count-- != 0) {
-        *udest++ = os_toebcdic[*usrce++];
-    }
-
-    return dest;
-}
-
-#else /*CHARSET_EBCDIC*/
-#include <openssl/e_os2.h>
-#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
-static void *dummy=&dummy;
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ebcdic.h b/crypto/openssl/crypto/ebcdic.h
deleted file mode 100644
index 6d65afcf9e75..000000000000
--- a/crypto/openssl/crypto/ebcdic.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/* crypto/ebcdic.h */
-
-#ifndef HEADER_EBCDIC_H
-#define HEADER_EBCDIC_H
-
-#include <sys/types.h>
-
-/* Avoid name clashes with other applications */
-#define os_toascii   _openssl_os_toascii
-#define os_toebcdic  _openssl_os_toebcdic
-#define ebcdic2ascii _openssl_ebcdic2ascii
-#define ascii2ebcdic _openssl_ascii2ebcdic
-
-extern const unsigned char os_toascii[256];
-extern const unsigned char os_toebcdic[256];
-void *ebcdic2ascii(void *dest, const void *srce, size_t count);
-void *ascii2ebcdic(void *dest, const void *srce, size_t count);
-
-#endif
diff --git a/crypto/openssl/crypto/ec/Makefile.ssl b/crypto/openssl/crypto/ec/Makefile.ssl
deleted file mode 100644
index c34a49c1b149..000000000000
--- a/crypto/openssl/crypto/ec/Makefile.ssl
+++ /dev/null
@@ -1,128 +0,0 @@
-#
-# crypto/ec/Makefile
-#
-
-DIR=	ec
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ectest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \
-	ec_err.c
-
-LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \
-	ec_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ec.h
-HEADER=	ec_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
-ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
-ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ec_err.o: ec_err.c
-ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ec_lib.o: ec_lcl.h ec_lib.c
-ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ec_mult.o: ec_lcl.h ec_mult.c
-ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecp_mont.o: ec_lcl.h ecp_mont.c
-ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
-ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
-ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
-ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c
-ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecp_smpl.o: ec_lcl.h ecp_smpl.c
diff --git a/crypto/openssl/crypto/ec/ec.h b/crypto/openssl/crypto/ec/ec.h
deleted file mode 100644
index 6d6a9b712732..000000000000
--- a/crypto/openssl/crypto/ec/ec.h
+++ /dev/null
@@ -1,243 +0,0 @@
-/* crypto/ec/ec.h */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_EC_H
-#define HEADER_EC_H
-
-#ifdef OPENSSL_NO_EC
-#error EC is disabled.
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-typedef enum {
-	/* values as defined in X9.62 (ECDSA) and elsewhere */
-	POINT_CONVERSION_COMPRESSED = 2,
-	POINT_CONVERSION_UNCOMPRESSED = 4,
-	POINT_CONVERSION_HYBRID = 6
-} point_conversion_form_t;
-
-
-typedef struct ec_method_st EC_METHOD;
-
-typedef struct ec_group_st
-	/*
-	 EC_METHOD *meth;
-	 -- field definition
-	 -- curve coefficients
-	 -- optional generator with associated information (order, cofactor)
-	 -- optional extra data (TODO: precomputed table for fast computation of multiples of generator)
-	*/
-	EC_GROUP;
-
-typedef struct ec_point_st EC_POINT;
-
-
-/* EC_METHODs for curves over GF(p).
- * EC_GFp_simple_method provides the basis for the optimized methods.
- */
-const EC_METHOD *EC_GFp_simple_method(void);
-const EC_METHOD *EC_GFp_mont_method(void);
-#if 0
-const EC_METHOD *EC_GFp_recp_method(void); /* TODO */
-const EC_METHOD *EC_GFp_nist_method(void); /* TODO */
-#endif
-
-
-EC_GROUP *EC_GROUP_new(const EC_METHOD *);
-void EC_GROUP_free(EC_GROUP *);
-void EC_GROUP_clear_free(EC_GROUP *);
-int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
-
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-	
-
-/* We don't have types for field specifications and field elements in general.
- * Otherwise we could declare
- *     int EC_GROUP_set_curve(EC_GROUP *, .....);
- */
-int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-
-/* EC_GROUP_new_GFp() calls EC_GROUP_new() and EC_GROUP_set_GFp()
- * after choosing an appropriate EC_METHOD */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-
-EC_POINT *EC_POINT_new(const EC_GROUP *);
-void EC_POINT_free(EC_POINT *);
-void EC_POINT_clear_free(EC_POINT *);
-int EC_POINT_copy(EC_POINT *, const EC_POINT *);
- 
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *);
-
-int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-
-size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *);
-int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *,
-        const unsigned char *buf, size_t len, BN_CTX *);
-
-int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-
-int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-
-int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-
-
-int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *);
-int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *);
-int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
-
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EC_strings(void);
-
-/* Error codes for the EC functions. */
-
-/* Function codes. */
-#define EC_F_COMPUTE_WNAF				 143
-#define EC_F_EC_GFP_MONT_FIELD_DECODE			 133
-#define EC_F_EC_GFP_MONT_FIELD_ENCODE			 134
-#define EC_F_EC_GFP_MONT_FIELD_MUL			 131
-#define EC_F_EC_GFP_MONT_FIELD_SQR			 132
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP		 100
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR		 101
-#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE			 102
-#define EC_F_EC_GFP_SIMPLE_OCT2POINT			 103
-#define EC_F_EC_GFP_SIMPLE_POINT2OCT			 104
-#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE		 137
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
-#define EC_F_EC_GROUP_COPY				 106
-#define EC_F_EC_GROUP_GET0_GENERATOR			 139
-#define EC_F_EC_GROUP_GET_COFACTOR			 140
-#define EC_F_EC_GROUP_GET_CURVE_GFP			 130
-#define EC_F_EC_GROUP_GET_ORDER				 141
-#define EC_F_EC_GROUP_NEW				 108
-#define EC_F_EC_GROUP_PRECOMPUTE_MULT			 142
-#define EC_F_EC_GROUP_SET_CURVE_GFP			 109
-#define EC_F_EC_GROUP_SET_EXTRA_DATA			 110
-#define EC_F_EC_GROUP_SET_GENERATOR			 111
-#define EC_F_EC_POINTS_MAKE_AFFINE			 136
-#define EC_F_EC_POINTS_MUL				 138
-#define EC_F_EC_POINT_ADD				 112
-#define EC_F_EC_POINT_CMP				 113
-#define EC_F_EC_POINT_COPY				 114
-#define EC_F_EC_POINT_DBL				 115
-#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP	 116
-#define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP	 117
-#define EC_F_EC_POINT_IS_AT_INFINITY			 118
-#define EC_F_EC_POINT_IS_ON_CURVE			 119
-#define EC_F_EC_POINT_MAKE_AFFINE			 120
-#define EC_F_EC_POINT_NEW				 121
-#define EC_F_EC_POINT_OCT2POINT				 122
-#define EC_F_EC_POINT_POINT2OCT				 123
-#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP	 124
-#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP	 125
-#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP	 126
-#define EC_F_EC_POINT_SET_TO_INFINITY			 127
-#define EC_F_GFP_MONT_GROUP_SET_CURVE_GFP		 135
-
-/* Reason codes. */
-#define EC_R_BUFFER_TOO_SMALL				 100
-#define EC_R_INCOMPATIBLE_OBJECTS			 101
-#define EC_R_INVALID_ARGUMENT				 112
-#define EC_R_INVALID_COMPRESSED_POINT			 110
-#define EC_R_INVALID_COMPRESSION_BIT			 109
-#define EC_R_INVALID_ENCODING				 102
-#define EC_R_INVALID_FIELD				 103
-#define EC_R_INVALID_FORM				 104
-#define EC_R_NOT_INITIALIZED				 111
-#define EC_R_POINT_AT_INFINITY				 106
-#define EC_R_POINT_IS_NOT_ON_CURVE			 107
-#define EC_R_SLOT_FULL					 108
-#define EC_R_UNDEFINED_GENERATOR			 113
-#define EC_R_UNKNOWN_ORDER				 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ec/ec_cvt.c b/crypto/openssl/crypto/ec/ec_cvt.c
deleted file mode 100644
index 45b0ec33a0ba..000000000000
--- a/crypto/openssl/crypto/ec/ec_cvt.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/ec/ec_cvt.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-
-
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	const EC_METHOD *meth;
-	EC_GROUP *ret;
-	
-	/* Finally, this will use EC_GFp_nist_method if 'p' is a special
-	 * prime with optimized modular arithmetics (for NIST curves)
-	 */
-	meth = EC_GFp_mont_method();
-	
-	ret = EC_GROUP_new(meth);
-	if (ret == NULL)
-		return NULL;
-
-	if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx))
-		{
-		EC_GROUP_clear_free(ret);
-		return NULL;
-		}
-
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/ec/ec_err.c b/crypto/openssl/crypto/ec/ec_err.c
deleted file mode 100644
index d37b6aba87fd..000000000000
--- a/crypto/openssl/crypto/ec/ec_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/ec/ec_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ec.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA EC_str_functs[]=
-	{
-{ERR_PACK(0,EC_F_COMPUTE_WNAF,0),	"COMPUTE_WNAF"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_DECODE,0),	"ec_GFp_mont_field_decode"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_ENCODE,0),	"ec_GFp_mont_field_encode"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_MUL,0),	"ec_GFp_mont_field_mul"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_SQR,0),	"ec_GFp_mont_field_sqr"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP,0),	"ec_GFp_simple_group_set_curve_GFp"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR,0),	"ec_GFp_simple_group_set_generator"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_MAKE_AFFINE,0),	"ec_GFp_simple_make_affine"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_OCT2POINT,0),	"ec_GFp_simple_oct2point"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT2OCT,0),	"ec_GFp_simple_point2oct"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE,0),	"ec_GFp_simple_points_make_affine"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP,0),	"ec_GFp_simple_point_get_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP,0),	"ec_GFp_simple_point_set_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP,0),	"ec_GFp_simple_set_compressed_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_GROUP_COPY,0),	"EC_GROUP_copy"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0),	"EC_GROUP_get0_generator"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0),	"EC_GROUP_get_cofactor"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0),	"EC_GROUP_get_curve_GFp"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0),	"EC_GROUP_get_order"},
-{ERR_PACK(0,EC_F_EC_GROUP_NEW,0),	"EC_GROUP_new"},
-{ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0),	"EC_GROUP_precompute_mult"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0),	"EC_GROUP_set_curve_GFp"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0),	"EC_GROUP_set_extra_data"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0),	"EC_GROUP_set_generator"},
-{ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0),	"EC_POINTs_make_affine"},
-{ERR_PACK(0,EC_F_EC_POINTS_MUL,0),	"EC_POINTs_mul"},
-{ERR_PACK(0,EC_F_EC_POINT_ADD,0),	"EC_POINT_add"},
-{ERR_PACK(0,EC_F_EC_POINT_CMP,0),	"EC_POINT_cmp"},
-{ERR_PACK(0,EC_F_EC_POINT_COPY,0),	"EC_POINT_copy"},
-{ERR_PACK(0,EC_F_EC_POINT_DBL,0),	"EC_POINT_dbl"},
-{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0),	"EC_POINT_get_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0),	"EC_POINT_get_Jprojective_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0),	"EC_POINT_is_at_infinity"},
-{ERR_PACK(0,EC_F_EC_POINT_IS_ON_CURVE,0),	"EC_POINT_is_on_curve"},
-{ERR_PACK(0,EC_F_EC_POINT_MAKE_AFFINE,0),	"EC_POINT_make_affine"},
-{ERR_PACK(0,EC_F_EC_POINT_NEW,0),	"EC_POINT_new"},
-{ERR_PACK(0,EC_F_EC_POINT_OCT2POINT,0),	"EC_POINT_oct2point"},
-{ERR_PACK(0,EC_F_EC_POINT_POINT2OCT,0),	"EC_POINT_point2oct"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,0),	"EC_POINT_set_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,0),	"EC_POINT_set_compressed_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,0),	"EC_POINT_set_Jprojective_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_TO_INFINITY,0),	"EC_POINT_set_to_infinity"},
-{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE_GFP,0),	"GFP_MONT_GROUP_SET_CURVE_GFP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA EC_str_reasons[]=
-	{
-{EC_R_BUFFER_TOO_SMALL                   ,"buffer too small"},
-{EC_R_INCOMPATIBLE_OBJECTS               ,"incompatible objects"},
-{EC_R_INVALID_ARGUMENT                   ,"invalid argument"},
-{EC_R_INVALID_COMPRESSED_POINT           ,"invalid compressed point"},
-{EC_R_INVALID_COMPRESSION_BIT            ,"invalid compression bit"},
-{EC_R_INVALID_ENCODING                   ,"invalid encoding"},
-{EC_R_INVALID_FIELD                      ,"invalid field"},
-{EC_R_INVALID_FORM                       ,"invalid form"},
-{EC_R_NOT_INITIALIZED                    ,"not initialized"},
-{EC_R_POINT_AT_INFINITY                  ,"point at infinity"},
-{EC_R_POINT_IS_NOT_ON_CURVE              ,"point is not on curve"},
-{EC_R_SLOT_FULL                          ,"slot full"},
-{EC_R_UNDEFINED_GENERATOR                ,"undefined generator"},
-{EC_R_UNKNOWN_ORDER                      ,"unknown order"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_EC_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_EC,EC_str_functs);
-		ERR_load_strings(ERR_LIB_EC,EC_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/ec/ec_lcl.h b/crypto/openssl/crypto/ec/ec_lcl.h
deleted file mode 100644
index cc4cf277550d..000000000000
--- a/crypto/openssl/crypto/ec/ec_lcl.h
+++ /dev/null
@@ -1,277 +0,0 @@
-/* crypto/ec/ec_lcl.h */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdlib.h>
-
-#include <openssl/ec.h>
-
-
-/* Structure details are not part of the exported interface,
- * so all this may change in future versions. */
-
-struct ec_method_st {
-	/* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */
-	int (*group_init)(EC_GROUP *);
-	void (*group_finish)(EC_GROUP *);
-	void (*group_clear_finish)(EC_GROUP *);
-	int (*group_copy)(EC_GROUP *, const EC_GROUP *);
-
-	/* used by EC_GROUP_set_curve_GFp and EC_GROUP_get_curve_GFp: */
-	int (*group_set_curve_GFp)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-	int (*group_get_curve_GFp)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-
-	/* used by EC_GROUP_set_generator, EC_GROUP_get0_generator,
-	 * EC_GROUP_get_order, EC_GROUP_get_cofactor:
-	 */
-	int (*group_set_generator)(EC_GROUP *, const EC_POINT *generator,
-	        const BIGNUM *order, const BIGNUM *cofactor);
-	EC_POINT *(*group_get0_generator)(const EC_GROUP *);
-	int (*group_get_order)(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-	int (*group_get_cofactor)(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-
-	/* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */
-	int (*point_init)(EC_POINT *);
-	void (*point_finish)(EC_POINT *);
-	void (*point_clear_finish)(EC_POINT *);
-	int (*point_copy)(EC_POINT *, const EC_POINT *);
-
-	/* used by EC_POINT_set_to_infinity,
-	 * EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_get_Jprojective_coordinates_GFp,
-	 * EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp,
-	 * EC_POINT_set_compressed_coordinates_GFp:
-	 */
-	int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *);
-	int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-	int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *,
-		BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-	int (*point_set_affine_coordinates_GFp)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-	int (*point_get_affine_coordinates_GFp)(const EC_GROUP *, const EC_POINT *,
-		BIGNUM *x, BIGNUM *y, BN_CTX *);
-	int (*point_set_compressed_coordinates_GFp)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, int y_bit, BN_CTX *);
-
-	/* used by EC_POINT_point2oct, EC_POINT_oct2point: */
-	size_t (*point2oct)(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-	        unsigned char *buf, size_t len, BN_CTX *);
-	int (*oct2point)(const EC_GROUP *, EC_POINT *,
-	        const unsigned char *buf, size_t len, BN_CTX *);
-
-	/* used by EC_POINT_add, EC_POINT_dbl, ECP_POINT_invert: */
-	int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-	int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-	int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
-
-	/* used by EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp: */
-	int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *);
-	int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-	int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-
-	/* used by EC_POINT_make_affine, EC_POINTs_make_affine: */
-	int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *);
-	int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-
-
-	/* internal functions */
-
-	/* 'field_mul' and 'field_sqr' can be used by 'add' and 'dbl' so that
-	 * the same implementations of point operations can be used with different
-	 * optimized implementations of expensive field operations: */
-	int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-	int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */
-	int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */
-	int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-} /* EC_METHOD */;
-
-
-struct ec_group_st {
-	const EC_METHOD *meth;
-
-	void *extra_data;
-	void *(*extra_data_dup_func)(void *);
-	void (*extra_data_free_func)(void *);
-	void (*extra_data_clear_free_func)(void *);
-
-	/* All members except 'meth' and 'extra_data...' are handled by
-	 * the method functions, even if they appear generic */
-	
-	BIGNUM field; /* Field specification.
-	               * For curves over GF(p), this is the modulus. */
-
-	BIGNUM a, b; /* Curve coefficients.
-	              * (Here the assumption is that BIGNUMs can be used
-	              * or abused for all kinds of fields, not just GF(p).)
-	              * For characteristic  > 3,  the curve is defined
-	              * by a Weierstrass equation of the form
-	              *     y^2 = x^3 + a*x + b.
-	              */
-	int a_is_minus3; /* enable optimized point arithmetics for special case */
-
-	EC_POINT *generator; /* optional */
-	BIGNUM order, cofactor;
-
-	void *field_data1; /* method-specific (e.g., Montgomery structure) */
-	void *field_data2; /* method-specific */
-} /* EC_GROUP */;
-
-
-/* Basically a 'mixin' for extra data, but available for EC_GROUPs only
- * (with visibility limited to 'package' level for now).
- * We use the function pointers as index for retrieval; this obviates
- * global ex_data-style index tables.
- * (Currently, we have one slot only, but is is possible to extend this
- * if necessary.) */
-int EC_GROUP_set_extra_data(EC_GROUP *, void *extra_data, void *(*extra_data_dup_func)(void *),
-	void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *));
-void *EC_GROUP_get_extra_data(const EC_GROUP *, void *(*extra_data_dup_func)(void *),
-	void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *));
-void EC_GROUP_free_extra_data(EC_GROUP *);
-void EC_GROUP_clear_free_extra_data(EC_GROUP *);
-
-
-
-struct ec_point_st {
-	const EC_METHOD *meth;
-
-	/* All members except 'meth' are handled by the method functions,
-	 * even if they appear generic */
-
-	BIGNUM X;
-	BIGNUM Y;
-	BIGNUM Z; /* Jacobian projective coordinates:
-	           * (X, Y, Z)  represents  (X/Z^2, Y/Z^3)  if  Z != 0 */
-	int Z_is_one; /* enable optimized point arithmetics for special case */
-} /* EC_POINT */;
-
-
-
-/* method functions in ecp_smpl.c */
-int ec_GFp_simple_group_init(EC_GROUP *);
-void ec_GFp_simple_group_finish(EC_GROUP *);
-void ec_GFp_simple_group_clear_finish(EC_GROUP *);
-int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_set_generator(EC_GROUP *, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *);
-int ec_GFp_simple_group_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-int ec_GFp_simple_point_init(EC_POINT *);
-void ec_GFp_simple_point_finish(EC_POINT *);
-void ec_GFp_simple_point_clear_finish(EC_POINT *);
-int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-	unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
-	const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
-/* method functions in ecp_mont.c */
-int ec_GFp_mont_group_init(EC_GROUP *);
-int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_mont_group_finish(EC_GROUP *);
-void ec_GFp_mont_group_clear_finish(EC_GROUP *);
-int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-
-
-/* method functions in ecp_recp.c */
-int ec_GFp_recp_group_init(EC_GROUP *);
-int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_recp_group_finish(EC_GROUP *);
-void ec_GFp_recp_group_clear_finish(EC_GROUP *);
-int ec_GFp_recp_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_recp_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_recp_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
-/* method functions in ecp_nist.c */
-int ec_GFp_nist_group_init(EC_GROUP *);
-int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_nist_group_finish(EC_GROUP *);
-void ec_GFp_nist_group_clear_finish(EC_GROUP *);
-int ec_GFp_nist_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
diff --git a/crypto/openssl/crypto/ec/ec_lib.c b/crypto/openssl/crypto/ec/ec_lib.c
deleted file mode 100644
index deb522060f2a..000000000000
--- a/crypto/openssl/crypto/ec/ec_lib.c
+++ /dev/null
@@ -1,656 +0,0 @@
-/* crypto/ec/ec_lib.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/opensslv.h>
-
-#include "ec_lcl.h"
-
-static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
-
-
-/* functions for EC_GROUP objects */
-
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
-	{
-	EC_GROUP *ret;
-
-	if (meth == NULL)
-		{
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-		}
-	if (meth->group_init == 0)
-		{
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return NULL;
-		}
-
-	ret = OPENSSL_malloc(sizeof *ret);
-	if (ret == NULL)
-		{
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-
-	ret->meth = meth;
-
-	ret->extra_data = NULL;
-	ret->extra_data_dup_func = 0;
-	ret->extra_data_free_func = 0;
-	ret->extra_data_clear_free_func = 0;
-	
-	if (!meth->group_init(ret))
-		{
-		OPENSSL_free(ret);
-		return NULL;
-		}
-	
-	return ret;
-	}
-
-
-void EC_GROUP_free(EC_GROUP *group)
-	{
-	if (!group) return;
-
-	if (group->meth->group_finish != 0)
-		group->meth->group_finish(group);
-
-	EC_GROUP_free_extra_data(group);
-
-	OPENSSL_free(group);
-	}
- 
-
-void EC_GROUP_clear_free(EC_GROUP *group)
-	{
-	if (!group) return;
-
-	if (group->meth->group_clear_finish != 0)
-		group->meth->group_clear_finish(group);
-	else if (group->meth != NULL && group->meth->group_finish != 0)
-		group->meth->group_finish(group);
-
-	EC_GROUP_clear_free_extra_data(group);
-
-	OPENSSL_cleanse(group, sizeof *group);
-	OPENSSL_free(group);
-	}
-
-
-int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
-	{
-	if (dest->meth->group_copy == 0)
-		{
-		ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (dest->meth != src->meth)
-		{
-		ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	if (dest == src)
-		return 1;
-	
-	EC_GROUP_clear_free_extra_data(dest);
-	if (src->extra_data_dup_func)
-		{
-		if (src->extra_data != NULL)
-			{
-			dest->extra_data = src->extra_data_dup_func(src->extra_data);
-			if (dest->extra_data == NULL)
-				return 0;
-			}
-
-		dest->extra_data_dup_func = src->extra_data_dup_func;
-		dest->extra_data_free_func = src->extra_data_free_func;
-		dest->extra_data_clear_free_func = src->extra_data_clear_free_func;
-		}
-
-	return dest->meth->group_copy(dest, src);
-	}
-
-
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)
-	{
-	return group->meth;
-	}
-
-
-int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	if (group->meth->group_set_curve_GFp == 0)
-		{
-		ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_set_curve_GFp(group, p, a, b, ctx);
-	}
-
-
-int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_curve_GFp == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_curve_GFp(group, p, a, b, ctx);
-	}
-
-
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor)
-	{
-	if (group->meth->group_set_generator == 0)
-		{
-		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_set_generator(group, generator, order, cofactor);
-	}
-
-
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
-	{
-	if (group->meth->group_get0_generator == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET0_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get0_generator(group);
-	}
-
-
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_order == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_ORDER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_order(group, order, ctx);
-	}
-
-
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_cofactor == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_COFACTOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_cofactor(group, cofactor, ctx);
-	}
-
-
-/* this has 'package' visibility */
-int EC_GROUP_set_extra_data(EC_GROUP *group, void *extra_data, void *(*extra_data_dup_func)(void *),
-	void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *))
-	{
-	if ((group->extra_data != NULL)
-		|| (group->extra_data_dup_func != 0)
-		|| (group->extra_data_free_func != 0)
-		|| (group->extra_data_clear_free_func != 0))
-		{
-		ECerr(EC_F_EC_GROUP_SET_EXTRA_DATA, EC_R_SLOT_FULL);
-		return 0;
-		}
-
-	group->extra_data = extra_data;
-	group->extra_data_dup_func = extra_data_dup_func;
-	group->extra_data_free_func = extra_data_free_func;
-	group->extra_data_clear_free_func = extra_data_clear_free_func;
-	return 1;
-	}
-
-
-/* this has 'package' visibility */
-void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func)(void *),
-	void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *))
-	{
-	if ((group->extra_data_dup_func != extra_data_dup_func)
-		|| (group->extra_data_free_func != extra_data_free_func)
-		|| (group->extra_data_clear_free_func != extra_data_clear_free_func))
-		{
-#if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */
-		ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA);
-#endif
-		return NULL;
-		}
-
-	return group->extra_data;
-	}
-
-
-/* this has 'package' visibility */
-void EC_GROUP_free_extra_data(EC_GROUP *group)
-	{
-	if (group->extra_data_free_func)
-		group->extra_data_free_func(group->extra_data);
-	group->extra_data = NULL;
-	group->extra_data_dup_func = 0;
-	group->extra_data_free_func = 0;
-	group->extra_data_clear_free_func = 0;
-	}
-
-
-/* this has 'package' visibility */
-void EC_GROUP_clear_free_extra_data(EC_GROUP *group)
-	{
-	if (group->extra_data_clear_free_func)
-		group->extra_data_clear_free_func(group->extra_data);
-	else if (group->extra_data_free_func)
-		group->extra_data_free_func(group->extra_data);
-	group->extra_data = NULL;
-	group->extra_data_dup_func = 0;
-	group->extra_data_free_func = 0;
-	group->extra_data_clear_free_func = 0;
-	}
-
-
-
-/* functions for EC_POINT objects */
-
-EC_POINT *EC_POINT_new(const EC_GROUP *group)
-	{
-	EC_POINT *ret;
-
-	if (group == NULL)
-		{
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-		}
-	if (group->meth->point_init == 0)
-		{
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return NULL;
-		}
-
-	ret = OPENSSL_malloc(sizeof *ret);
-	if (ret == NULL)
-		{
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-
-	ret->meth = group->meth;
-	
-	if (!ret->meth->point_init(ret))
-		{
-		OPENSSL_free(ret);
-		return NULL;
-		}
-	
-	return ret;
-	}
-
-
-void EC_POINT_free(EC_POINT *point)
-	{
-	if (!point) return;
-
-	if (point->meth->point_finish != 0)
-		point->meth->point_finish(point);
-	OPENSSL_free(point);
-	}
- 
-
-void EC_POINT_clear_free(EC_POINT *point)
-	{
-	if (!point) return;
-
-	if (point->meth->point_clear_finish != 0)
-		point->meth->point_clear_finish(point);
-	else if (point->meth != NULL && point->meth->point_finish != 0)
-		point->meth->point_finish(point);
-	OPENSSL_cleanse(point, sizeof *point);
-	OPENSSL_free(point);
-	}
-
-
-int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
-	{
-	if (dest->meth->point_copy == 0)
-		{
-		ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (dest->meth != src->meth)
-		{
-		ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	if (dest == src)
-		return 1;
-	return dest->meth->point_copy(dest, src);
-	}
-
-
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *point)
-	{
-	return point->meth;
-	}
-
-
-int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
-	{
-	if (group->meth->point_set_to_infinity == 0)
-		{
-		ECerr(EC_F_EC_POINT_SET_TO_INFINITY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_SET_TO_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_set_to_infinity(group, point);
-	}
-
-
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
-	{
-	if (group->meth->point_set_Jprojective_coordinates_GFp == 0)
-		{
-		ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, z, ctx);
-	}
-
-
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
-	{
-	if (group->meth->point_get_Jprojective_coordinates_GFp == 0)
-		{
-		ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_get_Jprojective_coordinates_GFp(group, point, x, y, z, ctx);
-	}
-
-
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
-	{
-	if (group->meth->point_set_affine_coordinates_GFp == 0)
-		{
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_set_affine_coordinates_GFp(group, point, x, y, ctx);
-	}
-
-
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
-	BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-	{
-	if (group->meth->point_get_affine_coordinates_GFp == 0)
-		{
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_get_affine_coordinates_GFp(group, point, x, y, ctx);
-	}
-
-
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx)
-	{
-	if (group->meth->point_set_compressed_coordinates_GFp == 0)
-		{
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx);
-	}
-
-
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *ctx)
-	{
-	if (group->meth->point2oct == 0)
-		{
-		ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point2oct(group, point, form, buf, len, ctx);
-	}
-
-
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
-        const unsigned char *buf, size_t len, BN_CTX *ctx)
-	{
-	if (group->meth->oct2point == 0)
-		{
-		ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->oct2point(group, point, buf, len, ctx);
-	}
-
-
-int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
-	{
-	if (group->meth->add == 0)
-		{
-		ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth))
-		{
-		ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->add(group, r, a, b, ctx);
-	}
-
-
-int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
-	{
-	if (group->meth->dbl == 0)
-		{
-		ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if ((group->meth != r->meth) || (r->meth != a->meth))
-		{
-		ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->dbl(group, r, a, ctx);
-	}
-
-
-int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
-	{
-	if (group->meth->dbl == 0)
-		{
-		ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != a->meth)
-		{
-		ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->invert(group, a, ctx);
-	}
-
-
-int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-	{
-	if (group->meth->is_at_infinity == 0)
-		{
-		ECerr(EC_F_EC_POINT_IS_AT_INFINITY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->is_at_infinity(group, point);
-	}
-
-
-int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
-	{
-	if (group->meth->is_on_curve == 0)
-		{
-		ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->is_on_curve(group, point, ctx);
-	}
-
-
-int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
-	{
-	if (group->meth->point_cmp == 0)
-		{
-		ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if ((group->meth != a->meth) || (a->meth != b->meth))
-		{
-		ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->point_cmp(group, a, b, ctx);
-	}
-
-
-int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-	{
-	if (group->meth->make_affine == 0)
-		{
-		ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	if (group->meth != point->meth)
-		{
-		ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-	return group->meth->make_affine(group, point, ctx);
-	}
-
-
-int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
-	{
-	size_t i;
-
-	if (group->meth->points_make_affine == 0)
-		{
-		ECerr(EC_F_EC_POINTS_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	for (i = 0; i < num; i++)
-		{
-		if (group->meth != points[i]->meth)
-			{
-			ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-			return 0;
-			}
-		}
-	return group->meth->points_make_affine(group, num, points, ctx);
-	}
diff --git a/crypto/openssl/crypto/ec/ec_mult.c b/crypto/openssl/crypto/ec/ec_mult.c
deleted file mode 100644
index 4dbc93112062..000000000000
--- a/crypto/openssl/crypto/ec/ec_mult.c
+++ /dev/null
@@ -1,484 +0,0 @@
-/* crypto/ec/ec_mult.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-
-/* TODO: optional precomputation of multiples of the generator */
-
-
-
-/*
- * wNAF-based interleaving multi-exponentation method
- * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>)
- */
-
-
-/* Determine the width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
- * This is an array  r[]  of values that are either zero or odd with an
- * absolute value less than  2^w  satisfying
- *     scalar = \sum_j r[j]*2^j
- * where at most one of any  w+1  consecutive digits is non-zero.
- */
-static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, BN_CTX *ctx)
-	{
-	BIGNUM *c;
-	int ok = 0;
-	signed char *r = NULL;
-	int sign = 1;
-	int bit, next_bit, mask;
-	size_t len = 0, j;
-	
-	BN_CTX_start(ctx);
-	c = BN_CTX_get(ctx);
-	if (c == NULL) goto err;
-	
-	if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */
-		{
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-	bit = 1 << w; /* at most 128 */
-	next_bit = bit << 1; /* at most 256 */
-	mask = next_bit - 1; /* at most 255 */
-
-	if (!BN_copy(c, scalar)) goto err;
-	if (c->neg)
-		{
-		sign = -1;
-		c->neg = 0;
-		}
-
-	len = BN_num_bits(c) + 1; /* wNAF may be one digit longer than binary representation */
-	r = OPENSSL_malloc(len);
-	if (r == NULL) goto err;
-
-	j = 0;
-	while (!BN_is_zero(c))
-		{
-		int u = 0;
-
-		if (BN_is_odd(c)) 
-			{
-			if (c->d == NULL || c->top == 0)
-				{
-				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			u = c->d[0] & mask;
-			if (u & bit)
-				{
-				u -= next_bit;
-				/* u < 0 */
-				if (!BN_add_word(c, -u)) goto err;
-				}
-			else
-				{
-				/* u > 0 */
-				if (!BN_sub_word(c, u)) goto err;
-				}
-
-			if (u <= -bit || u >= bit || !(u & 1) || c->neg)
-				{
-				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			}
-
-		r[j++] = sign * u;
-		
-		if (BN_is_odd(c))
-			{
-			ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		if (!BN_rshift1(c, c)) goto err;
-		}
-
-	if (j > len)
-		{
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-	len = j;
-	ok = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (!ok)
-		{
-		OPENSSL_free(r);
-		r = NULL;
-		}
-	if (ok)
-		*ret_len = len;
-	return r;
-	}
-
-
-/* TODO: table should be optimised for the wNAF-based implementation,
- *       sometimes smaller windows will give better performance
- *       (thus the boundaries should be increased)
- */
-#define EC_window_bits_for_scalar_size(b) \
-		((b) >= 2000 ? 6 : \
-		 (b) >=  800 ? 5 : \
-		 (b) >=  300 ? 4 : \
-		 (b) >=   70 ? 3 : \
-		 (b) >=   20 ? 2 : \
-		  1)
-
-/* Compute
- *      \sum scalars[i]*points[i],
- * also including
- *      scalar*generator
- * in the addition if scalar != NULL
- */
-int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-	size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	EC_POINT *generator = NULL;
-	EC_POINT *tmp = NULL;
-	size_t totalnum;
-	size_t i, j;
-	int k;
-	int r_is_inverted = 0;
-	int r_is_at_infinity = 1;
-	size_t *wsize = NULL; /* individual window sizes */
-	signed char **wNAF = NULL; /* individual wNAFs */
-	size_t *wNAF_len = NULL;
-	size_t max_len = 0;
-	size_t num_val;
-	EC_POINT **val = NULL; /* precomputation */
-	EC_POINT **v;
-	EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */
-	int ret = 0;
-	
-	if (group->meth != r->meth)
-		{
-		ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-		}
-
-	if ((scalar == NULL) && (num == 0))
-		{
-		return EC_POINT_set_to_infinity(group, r);
-		}
-
-	if (scalar != NULL)
-		{
-		generator = EC_GROUP_get0_generator(group);
-		if (generator == NULL)
-			{
-			ECerr(EC_F_EC_POINTS_MUL, EC_R_UNDEFINED_GENERATOR);
-			return 0;
-			}
-		}
-	
-	for (i = 0; i < num; i++)
-		{
-		if (group->meth != points[i]->meth)
-			{
-			ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-			return 0;
-			}
-		}
-
-	totalnum = num + (scalar != NULL);
-
-	wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
-	wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
-	wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]);
-	if (wNAF != NULL)
-		{
-		wNAF[0] = NULL; /* preliminary pivot */
-		}
-	if (wsize == NULL || wNAF_len == NULL || wNAF == NULL) goto err;
-
-	/* num_val := total number of points to precompute */
-	num_val = 0;
-	for (i = 0; i < totalnum; i++)
-		{
-		size_t bits;
-
-		bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
-		wsize[i] = EC_window_bits_for_scalar_size(bits);
-		num_val += 1u << (wsize[i] - 1);
-		}
-
-	/* all precomputed points go into a single array 'val',
-	 * 'val_sub[i]' is a pointer to the subarray for the i-th point */
-	val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
-	if (val == NULL) goto err;
-	val[num_val] = NULL; /* pivot element */
-
-	val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
-	if (val_sub == NULL) goto err;
-
-	/* allocate points for precomputation */
-	v = val;
-	for (i = 0; i < totalnum; i++)
-		{
-		val_sub[i] = v;
-		for (j = 0; j < (1u << (wsize[i] - 1)); j++)
-			{
-			*v = EC_POINT_new(group);
-			if (*v == NULL) goto err;
-			v++;
-			}
-		}
-	if (!(v == val + num_val))
-		{
-		ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			goto err;
-		}
-	
-	tmp = EC_POINT_new(group);
-	if (tmp == NULL) goto err;
-
-	/* prepare precomputed values:
-	 *    val_sub[i][0] :=     points[i]
-	 *    val_sub[i][1] := 3 * points[i]
-	 *    val_sub[i][2] := 5 * points[i]
-	 *    ...
-	 */
-	for (i = 0; i < totalnum; i++)
-		{
-		if (i < num)
-			{
-			if (!EC_POINT_copy(val_sub[i][0], points[i])) goto err;
-			}
-		else
-			{
-			if (!EC_POINT_copy(val_sub[i][0], generator)) goto err;
-			}
-
-		if (wsize[i] > 1)
-			{
-			if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) goto err;
-			for (j = 1; j < (1u << (wsize[i] - 1)); j++)
-				{
-				if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err;
-				}
-			}
-
-		wNAF[i + 1] = NULL; /* make sure we always have a pivot */
-		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i], ctx);
-		if (wNAF[i] == NULL) goto err;
-		if (wNAF_len[i] > max_len)
-			max_len = wNAF_len[i];
-		}
-
-#if 1 /* optional; EC_window_bits_for_scalar_size assumes we do this step */
-	if (!EC_POINTs_make_affine(group, num_val, val, ctx)) goto err;
-#endif
-
-	r_is_at_infinity = 1;
-
-	for (k = max_len - 1; k >= 0; k--)
-		{
-		if (!r_is_at_infinity)
-			{
-			if (!EC_POINT_dbl(group, r, r, ctx)) goto err;
-			}
-		
-		for (i = 0; i < totalnum; i++)
-			{
-			if (wNAF_len[i] > (size_t)k)
-				{
-				int digit = wNAF[i][k];
-				int is_neg;
-
-				if (digit) 
-					{
-					is_neg = digit < 0;
-
-					if (is_neg)
-						digit = -digit;
-
-					if (is_neg != r_is_inverted)
-						{
-						if (!r_is_at_infinity)
-							{
-							if (!EC_POINT_invert(group, r, ctx)) goto err;
-							}
-						r_is_inverted = !r_is_inverted;
-						}
-
-					/* digit > 0 */
-
-					if (r_is_at_infinity)
-						{
-						if (!EC_POINT_copy(r, val_sub[i][digit >> 1])) goto err;
-						r_is_at_infinity = 0;
-						}
-					else
-						{
-						if (!EC_POINT_add(group, r, r, val_sub[i][digit >> 1], ctx)) goto err;
-						}
-					}
-				}
-			}
-		}
-
-	if (r_is_at_infinity)
-		{
-		if (!EC_POINT_set_to_infinity(group, r)) goto err;
-		}
-	else
-		{
-		if (r_is_inverted)
-			if (!EC_POINT_invert(group, r, ctx)) goto err;
-		}
-	
-	ret = 1;
-
- err:
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	if (tmp != NULL)
-		EC_POINT_free(tmp);
-	if (wsize != NULL)
-		OPENSSL_free(wsize);
-	if (wNAF_len != NULL)
-		OPENSSL_free(wNAF_len);
-	if (wNAF != NULL)
-		{
-		signed char **w;
-		
-		for (w = wNAF; *w != NULL; w++)
-			OPENSSL_free(*w);
-		
-		OPENSSL_free(wNAF);
-		}
-	if (val != NULL)
-		{
-		for (v = val; *v != NULL; v++)
-			EC_POINT_clear_free(*v);
-
-		OPENSSL_free(val);
-		}
-	if (val_sub != NULL)
-		{
-		OPENSSL_free(val_sub);
-		}
-	return ret;
-	}
-
-
-int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx)
-	{
-	const EC_POINT *points[1];
-	const BIGNUM *scalars[1];
-
-	points[0] = point;
-	scalars[0] = p_scalar;
-
-	return EC_POINTs_mul(group, r, g_scalar, (point != NULL && p_scalar != NULL), points, scalars, ctx);
-	}
-
-
-int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-	{
-	const EC_POINT *generator;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *order;
-	int ret = 0;
-
-	generator = EC_GROUP_get0_generator(group);
-	if (generator == NULL)
-		{
-		ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);
-		return 0;
-		}
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-	
-	BN_CTX_start(ctx);
-	order = BN_CTX_get(ctx);
-	if (order == NULL) goto err;
-	
-	if (!EC_GROUP_get_order(group, order, ctx)) return 0;
-	if (BN_is_zero(order))
-		{
-		ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);
-		goto err;
-		}
-
-	/* TODO */
-
-	ret = 1;
-	
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/ec/ecp_mont.c b/crypto/openssl/crypto/ec/ecp_mont.c
deleted file mode 100644
index 7b30d4c38a7a..000000000000
--- a/crypto/openssl/crypto/ec/ecp_mont.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/* crypto/ec/ecp_mont.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-
-const EC_METHOD *EC_GFp_mont_method(void)
-	{
-	static const EC_METHOD ret = {
-		ec_GFp_mont_group_init,
-		ec_GFp_mont_group_finish,
-		ec_GFp_mont_group_clear_finish,
-		ec_GFp_mont_group_copy,
-		ec_GFp_mont_group_set_curve_GFp,
-		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
-		ec_GFp_simple_point_init,
-		ec_GFp_simple_point_finish,
-		ec_GFp_simple_point_clear_finish,
-		ec_GFp_simple_point_copy,
-		ec_GFp_simple_point_set_to_infinity,
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		ec_GFp_simple_point_set_affine_coordinates_GFp,
-		ec_GFp_simple_point_get_affine_coordinates_GFp,
-		ec_GFp_simple_set_compressed_coordinates_GFp,
-		ec_GFp_simple_point2oct,
-		ec_GFp_simple_oct2point,
-		ec_GFp_simple_add,
-		ec_GFp_simple_dbl,
-		ec_GFp_simple_invert,
-		ec_GFp_simple_is_at_infinity,
-		ec_GFp_simple_is_on_curve,
-		ec_GFp_simple_cmp,
-		ec_GFp_simple_make_affine,
-		ec_GFp_simple_points_make_affine,
-		ec_GFp_mont_field_mul,
-		ec_GFp_mont_field_sqr,
-		ec_GFp_mont_field_encode,
-		ec_GFp_mont_field_decode,
-		ec_GFp_mont_field_set_to_one };
-
-	return &ret;
-	}
-
-
-int ec_GFp_mont_group_init(EC_GROUP *group)
-	{
-	int ok;
-
-	ok = ec_GFp_simple_group_init(group);
-	group->field_data1 = NULL;
-	group->field_data2 = NULL;
-	return ok;
-	}
-
-
-int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	BN_MONT_CTX *mont = NULL;
-	BIGNUM *one = NULL;
-	int ret = 0;
-
-	if (group->field_data1 != NULL)
-		{
-		BN_MONT_CTX_free(group->field_data1);
-		group->field_data1 = NULL;
-		}
-	if (group->field_data2 != NULL)
-		{
-		BN_free(group->field_data2);
-		group->field_data2 = NULL;
-		}
-	
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	mont = BN_MONT_CTX_new();
-	if (mont == NULL) goto err;
-	if (!BN_MONT_CTX_set(mont, p, ctx))
-		{
-		ECerr(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP, ERR_R_BN_LIB);
-		goto err;
-		}
-	one = BN_new();
-	if (one == NULL) goto err;
-	if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err;
-
-	group->field_data1 = mont;
-	mont = NULL;
-	group->field_data2 = one;
-	one = NULL;
-
-	ret = ec_GFp_simple_group_set_curve_GFp(group, p, a, b, ctx);
-
-	if (!ret)
-		{
-		BN_MONT_CTX_free(group->field_data1);
-		group->field_data1 = NULL;
-		BN_free(group->field_data2);
-		group->field_data2 = NULL;
-		}
-
- err:
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	if (mont != NULL)
-		BN_MONT_CTX_free(mont);
-	return ret;
-	}
-
-
-void ec_GFp_mont_group_finish(EC_GROUP *group)
-	{
-	if (group->field_data1 != NULL)
-		{
-		BN_MONT_CTX_free(group->field_data1);
-		group->field_data1 = NULL;
-		}
-	if (group->field_data2 != NULL)
-		{
-		BN_free(group->field_data2);
-		group->field_data2 = NULL;
-		}
-	ec_GFp_simple_group_finish(group);
-	}
-
-
-void ec_GFp_mont_group_clear_finish(EC_GROUP *group)
-	{
-	if (group->field_data1 != NULL)
-		{
-		BN_MONT_CTX_free(group->field_data1);
-		group->field_data1 = NULL;
-		}
-	if (group->field_data2 != NULL)
-		{
-		BN_clear_free(group->field_data2);
-		group->field_data2 = NULL;
-		}
-	ec_GFp_simple_group_clear_finish(group);
-	}
-
-
-int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-	{
-	if (dest->field_data1 != NULL)
-		{
-		BN_MONT_CTX_free(dest->field_data1);
-		dest->field_data1 = NULL;
-		}
-	if (dest->field_data2 != NULL)
-		{
-		BN_clear_free(dest->field_data2);
-		dest->field_data2 = NULL;
-		}
-
-	if (!ec_GFp_simple_group_copy(dest, src)) return 0;
-
-	if (src->field_data1 != NULL)
-		{
-		dest->field_data1 = BN_MONT_CTX_new();
-		if (dest->field_data1 == NULL) return 0;
-		if (!BN_MONT_CTX_copy(dest->field_data1, src->field_data1)) goto err;
-		}
-	if (src->field_data2 != NULL)
-		{
-		dest->field_data2 = BN_dup(src->field_data2);
-		if (dest->field_data2 == NULL) goto err;
-		}
-
-	return 1;
-
- err:
-	if (dest->field_data1 != NULL)
-		{
-		BN_MONT_CTX_free(dest->field_data1);
-		dest->field_data1 = NULL;
-		}
-	return 0;	
-	}
-
-
-int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	if (group->field_data1 == NULL)
-		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_MUL, EC_R_NOT_INITIALIZED);
-		return 0;
-		}
-
-	return BN_mod_mul_montgomery(r, a, b, group->field_data1, ctx);
-	}
-
-
-int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-	{
-	if (group->field_data1 == NULL)
-		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_SQR, EC_R_NOT_INITIALIZED);
-		return 0;
-		}
-
-	return BN_mod_mul_montgomery(r, a, a, group->field_data1, ctx);
-	}
-
-
-int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-	{
-	if (group->field_data1 == NULL)
-		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_ENCODE, EC_R_NOT_INITIALIZED);
-		return 0;
-		}
-
-	return BN_to_montgomery(r, a, (BN_MONT_CTX *)group->field_data1, ctx);
-	}
-
-
-int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-	{
-	if (group->field_data1 == NULL)
-		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
-		return 0;
-		}
-
-	return BN_from_montgomery(r, a, group->field_data1, ctx);
-	}
-
-
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx)
-	{
-	if (group->field_data2 == NULL)
-		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
-		return 0;
-		}
-
-	if (!BN_copy(r, group->field_data2)) return 0;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/ec/ecp_nist.c b/crypto/openssl/crypto/ec/ecp_nist.c
deleted file mode 100644
index ed0774867545..000000000000
--- a/crypto/openssl/crypto/ec/ecp_nist.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/* crypto/ec/ecp_nist.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-
-#if 0
-const EC_METHOD *EC_GFp_nist_method(void)
-	{
-	static const EC_METHOD ret = {
-		ec_GFp_nist_group_init,
-		ec_GFp_nist_group_finish,
-		ec_GFp_nist_group_clear_finish,
-		ec_GFp_nist_group_copy,
-		ec_GFp_nist_group_set_curve_GFp,
-		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
-		ec_GFp_simple_point_init,
-		ec_GFp_simple_point_finish,
-		ec_GFp_simple_point_clear_finish,
-		ec_GFp_simple_point_copy,
-		ec_GFp_simple_point_set_to_infinity,
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		ec_GFp_simple_point_set_affine_coordinates_GFp,
-		ec_GFp_simple_point_get_affine_coordinates_GFp,
-		ec_GFp_simple_set_compressed_coordinates_GFp,
-		ec_GFp_simple_point2oct,
-		ec_GFp_simple_oct2point,
-		ec_GFp_simple_add,
-		ec_GFp_simple_dbl,
-		ec_GFp_simple_invert,
-		ec_GFp_simple_is_at_infinity,
-		ec_GFp_simple_is_on_curve,
-		ec_GFp_simple_cmp,
-		ec_GFp_simple_make_affine,
-		ec_GFp_simple_points_make_affine,
-		ec_GFp_nist_field_mul,
-		ec_GFp_nist_field_sqr,
-		0 /* field_encode */,
-		0 /* field_decode */,
-		0 /* field_set_to_one */ };
-
-	return &ret;
-	}
-#endif
-
-
-int ec_GFp_nist_group_init(EC_GROUP *group)
-	{
-	int ok;
-
-	ok = ec_GFp_simple_group_init(group);
-	group->field_data1 = NULL;
-	return ok;
-	}
-
-
-int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-void ec_GFp_nist_group_finish(EC_GROUP *group);
-/* TODO */
-
-
-void ec_GFp_nist_group_clear_finish(EC_GROUP *group);
-/* TODO */
-
-
-int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-/* TODO */
-
-
-int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/* TODO */
diff --git a/crypto/openssl/crypto/ec/ecp_recp.c b/crypto/openssl/crypto/ec/ecp_recp.c
deleted file mode 100644
index fec843b5c85b..000000000000
--- a/crypto/openssl/crypto/ec/ecp_recp.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/ec/ecp_recp.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-
-#if 0
-const EC_METHOD *EC_GFp_recp_method(void)
-	{
-	static const EC_METHOD ret = {
-		ec_GFp_recp_group_init,
-		ec_GFp_recp_group_finish,
-		ec_GFp_recp_group_clear_finish,
-		ec_GFp_recp_group_copy,
-		ec_GFp_recp_group_set_curve_GFp,
-		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
-		ec_GFp_simple_point_init,
-		ec_GFp_simple_point_finish,
-		ec_GFp_simple_point_clear_finish,
-		ec_GFp_simple_point_copy,
-		ec_GFp_simple_point_set_to_infinity,
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		ec_GFp_simple_point_set_affine_coordinates_GFp,
-		ec_GFp_simple_point_get_affine_coordinates_GFp,
-		ec_GFp_simple_set_compressed_coordinates_GFp,
-		ec_GFp_simple_point2oct,
-		ec_GFp_simple_oct2point,
-		ec_GFp_simple_add,
-		ec_GFp_simple_dbl,
-		ec_GFp_simple_invert,
-		ec_GFp_simple_is_at_infinity,
-		ec_GFp_simple_is_on_curve,
-		ec_GFp_simple_cmp,
-		ec_GFp_simple_make_affine,
-		ec_GFp_simple_points_make_affine,
-		ec_GFp_recp_field_mul,
-		ec_GFp_recp_field_sqr,
-		0 /* field_encode */,
-		0 /* field_decode */,
-		0 /* field_set_to_one */ };
-
-	return &ret;
-	}
-#endif
-
-int ec_GFp_recp_group_init(EC_GROUP *group)
-	{
-	int ok;
-
-	ok = ec_GFp_simple_group_init(group);
-	group->field_data1 = NULL;
-	return ok;
-	}
-
-
-int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-void ec_GFp_recp_group_finish(EC_GROUP *group);
-/* TODO */
-
-
-void ec_GFp_recp_group_clear_finish(EC_GROUP *group);
-/* TODO */
-
-
-int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-/* TODO */
-
-
-int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/* TODO */
diff --git a/crypto/openssl/crypto/ec/ecp_smpl.c b/crypto/openssl/crypto/ec/ecp_smpl.c
deleted file mode 100644
index 4666a052bfab..000000000000
--- a/crypto/openssl/crypto/ec/ecp_smpl.c
+++ /dev/null
@@ -1,1717 +0,0 @@
-/* crypto/ec/ecp_smpl.c */
-/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-
-const EC_METHOD *EC_GFp_simple_method(void)
-	{
-	static const EC_METHOD ret = {
-		ec_GFp_simple_group_init,
-		ec_GFp_simple_group_finish,
-		ec_GFp_simple_group_clear_finish,
-		ec_GFp_simple_group_copy,
-		ec_GFp_simple_group_set_curve_GFp,
-		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
-		ec_GFp_simple_point_init,
-		ec_GFp_simple_point_finish,
-		ec_GFp_simple_point_clear_finish,
-		ec_GFp_simple_point_copy,
-		ec_GFp_simple_point_set_to_infinity,
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		ec_GFp_simple_point_set_affine_coordinates_GFp,
-		ec_GFp_simple_point_get_affine_coordinates_GFp,
-		ec_GFp_simple_set_compressed_coordinates_GFp,
-		ec_GFp_simple_point2oct,
-		ec_GFp_simple_oct2point,
-		ec_GFp_simple_add,
-		ec_GFp_simple_dbl,
-		ec_GFp_simple_invert,
-		ec_GFp_simple_is_at_infinity,
-		ec_GFp_simple_is_on_curve,
-		ec_GFp_simple_cmp,
-		ec_GFp_simple_make_affine,
-		ec_GFp_simple_points_make_affine,
-		ec_GFp_simple_field_mul,
-		ec_GFp_simple_field_sqr,
-		0 /* field_encode */,
-		0 /* field_decode */,
-		0 /* field_set_to_one */ };
-
-	return &ret;
-	}
-
-
-int ec_GFp_simple_group_init(EC_GROUP *group)
-	{
-	BN_init(&group->field);
-	BN_init(&group->a);
-	BN_init(&group->b);
-	group->a_is_minus3 = 0;
-	group->generator = NULL;
-	BN_init(&group->order);
-	BN_init(&group->cofactor);
-	return 1;
-	}
-
-
-void ec_GFp_simple_group_finish(EC_GROUP *group)
-	{
-	BN_free(&group->field);
-	BN_free(&group->a);
-	BN_free(&group->b);
-	if (group->generator != NULL)
-		EC_POINT_free(group->generator);
-	BN_free(&group->order);
-	BN_free(&group->cofactor);
-	}
-
-
-void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
-	{
-	BN_clear_free(&group->field);
-	BN_clear_free(&group->a);
-	BN_clear_free(&group->b);
-	if (group->generator != NULL)
-		{
-		EC_POINT_clear_free(group->generator);
-		group->generator = NULL;
-		}
-	BN_clear_free(&group->order);
-	BN_clear_free(&group->cofactor);
-	}
-
-
-int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-	{
-	if (!BN_copy(&dest->field, &src->field)) return 0;
-	if (!BN_copy(&dest->a, &src->a)) return 0;
-	if (!BN_copy(&dest->b, &src->b)) return 0;
-
-	dest->a_is_minus3 = src->a_is_minus3;
-
-	if (src->generator != NULL)
-		{
-		if (dest->generator == NULL)
-			{
-			dest->generator = EC_POINT_new(dest);
-			if (dest->generator == NULL) return 0;
-			}
-		if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
-		}
-	else
-		{
-		/* src->generator == NULL */
-		if (dest->generator != NULL)
-			{
-			EC_POINT_clear_free(dest->generator);
-			dest->generator = NULL;
-			}
-		}
-
-	if (!BN_copy(&dest->order, &src->order)) return 0;
-	if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
-
-	return 1;
-	}
-
-
-int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group,
-	const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp_a;
-	
-	/* p must be a prime > 3 */
-	if (BN_num_bits(p) <= 2 || !BN_is_odd(p))
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP, EC_R_INVALID_FIELD);
-		return 0;
-		}
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	tmp_a = BN_CTX_get(ctx);
-	if (tmp_a == NULL) goto err;
-
-	/* group->field */
-	if (!BN_copy(&group->field, p)) goto err;
-	group->field.neg = 0;
-
-	/* group->a */
-	if (!BN_nnmod(tmp_a, a, p, ctx)) goto err;
-	if (group->meth->field_encode)
-		{ if (!group->meth->field_encode(group, &group->a, tmp_a, ctx)) goto err; }	
-	else
-		if (!BN_copy(&group->a, tmp_a)) goto err;
-	
-	/* group->b */
-	if (!BN_nnmod(&group->b, b, p, ctx)) goto err;
-	if (group->meth->field_encode)
-		if (!group->meth->field_encode(group, &group->b, &group->b, ctx)) goto err;
-	
-	/* group->a_is_minus3 */
-	if (!BN_add_word(tmp_a, 3)) goto err;
-	group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
-
-	ret = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-	{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	
-	if (p != NULL)
-		{
-		if (!BN_copy(p, &group->field)) return 0;
-		}
-
-	if (a != NULL || b != NULL)
-		{
-		if (group->meth->field_decode)
-			{
-			if (ctx == NULL)
-				{
-				ctx = new_ctx = BN_CTX_new();
-				if (ctx == NULL)
-					return 0;
-				}
-			if (a != NULL)
-				{
-				if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err;
-				}
-			if (b != NULL)
-				{
-				if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err;
-				}
-			}
-		else
-			{
-			if (a != NULL)
-				{
-				if (!BN_copy(a, &group->a)) goto err;
-				}
-			if (b != NULL)
-				{
-				if (!BN_copy(b, &group->b)) goto err;
-				}
-			}
-		}
-	
-	ret = 1;
-	
- err:
-	if (new_ctx)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-
-int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor)
-	{
-	if (generator == NULL)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
-		return 0   ;
-		}
-
-	if (group->generator == NULL)
-		{
-		group->generator = EC_POINT_new(group);
-		if (group->generator == NULL) return 0;
-		}
-	if (!EC_POINT_copy(group->generator, generator)) return 0;
-
-	if (order != NULL)
-		{ if (!BN_copy(&group->order, order)) return 0; }	
-	else
-		{ if (!BN_zero(&group->order)) return 0; }	
-
-	if (cofactor != NULL)
-		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
-	else
-		{ if (!BN_zero(&group->cofactor)) return 0; }	
-
-	return 1;
-	}
-
-
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group)
-	{
-	return group->generator;
-	}
-
-
-int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (!BN_copy(order, &group->order))
-		return 0;
-
-	return !BN_is_zero(&group->order);
-	}
-
-
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (!BN_copy(cofactor, &group->cofactor))
-		return 0;
-
-	return !BN_is_zero(&group->cofactor);
-	}
-
-
-int ec_GFp_simple_point_init(EC_POINT *point)
-	{
-	BN_init(&point->X);
-	BN_init(&point->Y);
-	BN_init(&point->Z);
-	point->Z_is_one = 0;
-
-	return 1;
-	}
-
-
-void ec_GFp_simple_point_finish(EC_POINT *point)
-	{
-	BN_free(&point->X);
-	BN_free(&point->Y);
-	BN_free(&point->Z);
-	}
-
-
-void ec_GFp_simple_point_clear_finish(EC_POINT *point)
-	{
-	BN_clear_free(&point->X);
-	BN_clear_free(&point->Y);
-	BN_clear_free(&point->Z);
-	point->Z_is_one = 0;
-	}
-
-
-int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
-	{
-	if (!BN_copy(&dest->X, &src->X)) return 0;
-	if (!BN_copy(&dest->Y, &src->Y)) return 0;
-	if (!BN_copy(&dest->Z, &src->Z)) return 0;
-	dest->Z_is_one = src->Z_is_one;
-
-	return 1;
-	}
-
-
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
-	{
-	point->Z_is_one = 0;
-	return (BN_zero(&point->Z));
-	}
-
-
-int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	int ret = 0;
-	
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	if (x != NULL)
-		{
-		if (!BN_nnmod(&point->X, x, &group->field, ctx)) goto err;
-		if (group->meth->field_encode)
-			{
-			if (!group->meth->field_encode(group, &point->X, &point->X, ctx)) goto err;
-			}
-		}
-	
-	if (y != NULL)
-		{
-		if (!BN_nnmod(&point->Y, y, &group->field, ctx)) goto err;
-		if (group->meth->field_encode)
-			{
-			if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx)) goto err;
-			}
-		}
-	
-	if (z != NULL)
-		{
-		int Z_is_one;
-
-		if (!BN_nnmod(&point->Z, z, &group->field, ctx)) goto err;
-		Z_is_one = BN_is_one(&point->Z);
-		if (group->meth->field_encode)
-			{
-			if (Z_is_one && (group->meth->field_set_to_one != 0))
-				{
-				if (!group->meth->field_set_to_one(group, &point->Z, ctx)) goto err;
-				}
-			else
-				{
-				if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx)) goto err;
-				}
-			}
-		point->Z_is_one = Z_is_one;
-		}
-	
-	ret = 1;
-	
- err:
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	int ret = 0;
-	
-	if (group->meth->field_decode != 0)
-		{
-		if (ctx == NULL)
-			{
-			ctx = new_ctx = BN_CTX_new();
-			if (ctx == NULL)
-				return 0;
-			}
-
-		if (x != NULL)
-			{
-			if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err;
-			}
-		if (y != NULL)
-			{
-			if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err;
-			}
-		if (z != NULL)
-			{
-			if (!group->meth->field_decode(group, z, &point->Z, ctx)) goto err;
-			}
-		}
-	else	
-		{
-		if (x != NULL)
-			{
-			if (!BN_copy(x, &point->X)) goto err;
-			}
-		if (y != NULL)
-			{
-			if (!BN_copy(y, &point->Y)) goto err;
-			}
-		if (z != NULL)
-			{
-			if (!BN_copy(z, &point->Z)) goto err;
-			}
-		}
-	
-	ret = 1;
-
- err:
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
-	{
-	if (x == NULL || y == NULL)
-		{
-		/* unlike for projective coordinates, we do not tolerate this */
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-
-	return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y, BN_value_one(), ctx);
-	}
-
-
-int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
-	BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *X, *Y, *Z, *Z_1, *Z_2, *Z_3;
-	const BIGNUM *X_, *Y_, *Z_;
-	int ret = 0;
-
-	if (EC_POINT_is_at_infinity(group, point))
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_POINT_AT_INFINITY);
-		return 0;
-		}
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	X = BN_CTX_get(ctx);
-	Y = BN_CTX_get(ctx);
-	Z = BN_CTX_get(ctx);
-	Z_1 = BN_CTX_get(ctx);
-	Z_2 = BN_CTX_get(ctx);
-	Z_3 = BN_CTX_get(ctx);
-	if (Z_3 == NULL) goto err;
-
-	/* transform  (X, Y, Z)  into  (x, y) := (X/Z^2, Y/Z^3) */
-	
-	if (group->meth->field_decode)
-		{
-		if (!group->meth->field_decode(group, X, &point->X, ctx)) goto err;
-		if (!group->meth->field_decode(group, Y, &point->Y, ctx)) goto err;
-		if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err;
-		X_ = X; Y_ = Y;	Z_ = Z;
-		}
-	else
-		{
-		X_ = &point->X;
-		Y_ = &point->Y;
-		Z_ = &point->Z;
-		}
-	
-	if (BN_is_one(Z_))
-		{
-		if (x != NULL)
-			{
-			if (!BN_copy(x, X_)) goto err;
-			}
-		if (y != NULL)
-			{
-			if (!BN_copy(y, Y_)) goto err;
-			}
-		}
-	else
-		{
-		if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx))
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_BN_LIB);
-			goto err;
-			}
-		
-		if (group->meth->field_encode == 0)
-			{
-			/* field_sqr works on standard representation */
-			if (!group->meth->field_sqr(group, Z_2, Z_1, ctx)) goto err;
-			}
-		else
-			{
-			if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx)) goto err;
-			}
-	
-		if (x != NULL)
-			{
-			if (group->meth->field_encode == 0)
-				{
-				/* field_mul works on standard representation */
-				if (!group->meth->field_mul(group, x, X_, Z_2, ctx)) goto err;
-				}
-			else
-				{
-				if (!BN_mod_mul(x, X_, Z_2, &group->field, ctx)) goto err;
-				}
-			}
-
-		if (y != NULL)
-			{
-			if (group->meth->field_encode == 0)
-				{
-				/* field_mul works on standard representation */
-				if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx)) goto err;
-				if (!group->meth->field_mul(group, y, Y_, Z_3, ctx)) goto err;
-				
-				}
-			else
-				{
-				if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err;
-				if (!BN_mod_mul(y, Y_, Z_3, &group->field, ctx)) goto err;
-				}
-			}
-		}
-
-	ret = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x_, int y_bit, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp1, *tmp2, *x, *y;
-	int ret = 0;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	y_bit = (y_bit != 0);
-
-	BN_CTX_start(ctx);
-	tmp1 = BN_CTX_get(ctx);
-	tmp2 = BN_CTX_get(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	if (y == NULL) goto err;
-
-	/* Recover y.  We have a Weierstrass equation
-	 *     y^2 = x^3 + a*x + b,
-	 * so  y  is one of the square roots of  x^3 + a*x + b.
-	 */
-
-	/* tmp1 := x^3 */
-	if (!BN_nnmod(x, x_, &group->field,ctx)) goto err;
-	if (group->meth->field_decode == 0)
-		{
-		/* field_{sqr,mul} work on standard representation */
-		if (!group->meth->field_sqr(group, tmp2, x_, ctx)) goto err;
-		if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_mod_sqr(tmp2, x_, &group->field, ctx)) goto err;
-		if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) goto err;
-		}
-	
-	/* tmp1 := tmp1 + a*x */
-	if (group->a_is_minus3)
-		{
-		if (!BN_mod_lshift1_quick(tmp2, x, &group->field)) goto err;
-		if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field)) goto err;
-		if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
-		}
-	else
-		{
-		if (group->meth->field_decode)
-			{
-			if (!group->meth->field_decode(group, tmp2, &group->a, ctx)) goto err;
-			if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) goto err;
-			}
-		else
-			{
-			/* field_mul works on standard representation */
-			if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) goto err;
-			}
-		
-		if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
-		}
-	
-	/* tmp1 := tmp1 + b */
-	if (group->meth->field_decode)
-		{
-		if (!group->meth->field_decode(group, tmp2, &group->b, ctx)) goto err;
-		if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
-		}
-	else
-		{
-		if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) goto err;
-		}
-	
-	if (!BN_mod_sqrt(y, tmp1, &group->field, ctx))
-		{
-		unsigned long err = ERR_peek_error();
-		
-		if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE)
-			{
-			(void)ERR_get_error();
-			ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT);
-			}
-		else
-			ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_BN_LIB);
-		goto err;
-		}
-	/* If tmp1 is not a square (i.e. there is no point on the curve with
-	 * our x), then y now is a nonsense value too */
-
-	if (y_bit != BN_is_odd(y))
-		{
-		if (BN_is_zero(y))
-			{
-			int kron;
-
-			kron = BN_kronecker(x, &group->field, ctx);
-			if (kron == -2) goto err;
-
-			if (kron == 1)
-				ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSION_BIT);
-			else
-				ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT);
-			goto err;
-			}
-		if (!BN_usub(y, &group->field, y)) goto err;
-		}
-	if (y_bit != BN_is_odd(y))
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-
-	if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-
-	ret = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
-	unsigned char *buf, size_t len, BN_CTX *ctx)
-	{
-	size_t ret;
-	BN_CTX *new_ctx = NULL;
-	int used_ctx = 0;
-	BIGNUM *x, *y;
-	size_t field_len, i, skip;
-
-	if ((form != POINT_CONVERSION_COMPRESSED)
-		&& (form != POINT_CONVERSION_UNCOMPRESSED)
-		&& (form != POINT_CONVERSION_HYBRID))
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
-		goto err;
-		}
-
-	if (EC_POINT_is_at_infinity(group, point))
-		{
-		/* encodes to a single 0 octet */
-		if (buf != NULL)
-			{
-			if (len < 1)
-				{
-				ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-				return 0;
-				}
-			buf[0] = 0;
-			}
-		return 1;
-		}
-
-
-	/* ret := required output buffer length */
-	field_len = BN_num_bytes(&group->field);
-	ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
-	/* if 'buf' is NULL, just return required length */
-	if (buf != NULL)
-		{
-		if (len < ret)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-			goto err;
-			}
-
-		if (ctx == NULL)
-			{
-			ctx = new_ctx = BN_CTX_new();
-			if (ctx == NULL)
-				return 0;
-			}
-
-		BN_CTX_start(ctx);
-		used_ctx = 1;
-		x = BN_CTX_get(ctx);
-		y = BN_CTX_get(ctx);
-		if (y == NULL) goto err;
-
-		if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-
-		if ((form == POINT_CONVERSION_COMPRESSED || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
-			buf[0] = form + 1;
-		else
-			buf[0] = form;
-	
-		i = 1;
-		
-		skip = field_len - BN_num_bytes(x);
-		if (skip > field_len)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		while (skip > 0)
-			{
-			buf[i++] = 0;
-			skip--;
-			}
-		skip = BN_bn2bin(x, buf + i);
-		i += skip;
-		if (i != 1 + field_len)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-
-		if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID)
-			{
-			skip = field_len - BN_num_bytes(y);
-			if (skip > field_len)
-				{
-				ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			while (skip > 0)
-				{
-				buf[i++] = 0;
-				skip--;
-				}
-			skip = BN_bn2bin(y, buf + i);
-			i += skip;
-			}
-
-		if (i != ret)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		}
-	
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-
- err:
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return 0;
-	}
-
-
-int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
-	const unsigned char *buf, size_t len, BN_CTX *ctx)
-	{
-	point_conversion_form_t form;
-	int y_bit;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	size_t field_len, enc_len;
-	int ret = 0;
-
-	if (len == 0)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
-		return 0;
-		}
-	form = buf[0];
-	y_bit = form & 1;
-	form = form & ~1;
-	if ((form != 0)	&& (form != POINT_CONVERSION_COMPRESSED)
-		&& (form != POINT_CONVERSION_UNCOMPRESSED)
-		&& (form != POINT_CONVERSION_HYBRID))
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-		}
-	if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-		}
-
-	if (form == 0)
-		{
-		if (len != 1)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			return 0;
-			}
-
-		return EC_POINT_set_to_infinity(group, point);
-		}
-	
-	field_len = BN_num_bytes(&group->field);
-	enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
-	if (len != enc_len)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-		}
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	if (y == NULL) goto err;
-
-	if (!BN_bin2bn(buf + 1, field_len, x)) goto err;
-	if (BN_ucmp(x, &group->field) >= 0)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		goto err;
-		}
-
-	if (form == POINT_CONVERSION_COMPRESSED)
-		{
-		if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx)) goto err;
-		}
-	else
-		{
-		if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err;
-		if (BN_ucmp(y, &group->field) >= 0)
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			goto err;
-			}
-		if (form == POINT_CONVERSION_HYBRID)
-			{
-			if (y_bit != BN_is_odd(y))
-				{
-				ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-				goto err;
-				}
-			}
-
-		if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-		}
-	
-	if (!EC_POINT_is_on_curve(group, point, ctx)) /* test required by X9.62 */
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-		}
-
-	ret = 1;
-	
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
-	{
-	int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6;
-	int ret = 0;
-	
-	if (a == b)
-		return EC_POINT_dbl(group, r, a, ctx);
-	if (EC_POINT_is_at_infinity(group, a))
-		return EC_POINT_copy(r, b);
-	if (EC_POINT_is_at_infinity(group, b))
-		return EC_POINT_copy(r, a);
-	
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	n0 = BN_CTX_get(ctx);
-	n1 = BN_CTX_get(ctx);
-	n2 = BN_CTX_get(ctx);
-	n3 = BN_CTX_get(ctx);
-	n4 = BN_CTX_get(ctx);
-	n5 = BN_CTX_get(ctx);
-	n6 = BN_CTX_get(ctx);
-	if (n6 == NULL) goto end;
-
-	/* Note that in this function we must not read components of 'a' or 'b'
-	 * once we have written the corresponding components of 'r'.
-	 * ('r' might be one of 'a' or 'b'.)
-	 */
-
-	/* n1, n2 */
-	if (b->Z_is_one)
-		{
-		if (!BN_copy(n1, &a->X)) goto end;
-		if (!BN_copy(n2, &a->Y)) goto end;
-		/* n1 = X_a */
-		/* n2 = Y_a */
-		}
-	else
-		{
-		if (!field_sqr(group, n0, &b->Z, ctx)) goto end;
-		if (!field_mul(group, n1, &a->X, n0, ctx)) goto end;
-		/* n1 = X_a * Z_b^2 */
-
-		if (!field_mul(group, n0, n0, &b->Z, ctx)) goto end;
-		if (!field_mul(group, n2, &a->Y, n0, ctx)) goto end;
-		/* n2 = Y_a * Z_b^3 */
-		}
-
-	/* n3, n4 */
-	if (a->Z_is_one)
-		{
-		if (!BN_copy(n3, &b->X)) goto end;
-		if (!BN_copy(n4, &b->Y)) goto end;
-		/* n3 = X_b */
-		/* n4 = Y_b */
-		}
-	else
-		{
-		if (!field_sqr(group, n0, &a->Z, ctx)) goto end;
-		if (!field_mul(group, n3, &b->X, n0, ctx)) goto end;
-		/* n3 = X_b * Z_a^2 */
-
-		if (!field_mul(group, n0, n0, &a->Z, ctx)) goto end;
-		if (!field_mul(group, n4, &b->Y, n0, ctx)) goto end;
-		/* n4 = Y_b * Z_a^3 */
-		}
-
-	/* n5, n6 */
-	if (!BN_mod_sub_quick(n5, n1, n3, p)) goto end;
-	if (!BN_mod_sub_quick(n6, n2, n4, p)) goto end;
-	/* n5 = n1 - n3 */
-	/* n6 = n2 - n4 */
-
-	if (BN_is_zero(n5))
-		{
-		if (BN_is_zero(n6))
-			{
-			/* a is the same point as b */
-			BN_CTX_end(ctx);
-			ret = EC_POINT_dbl(group, r, a, ctx);
-			ctx = NULL;
-			goto end;
-			}
-		else
-			{
-			/* a is the inverse of b */
-			if (!BN_zero(&r->Z)) goto end;
-			r->Z_is_one = 0;
-			ret = 1;
-			goto end;
-			}
-		}
-
-	/* 'n7', 'n8' */
-	if (!BN_mod_add_quick(n1, n1, n3, p)) goto end;
-	if (!BN_mod_add_quick(n2, n2, n4, p)) goto end;
-	/* 'n7' = n1 + n3 */
-	/* 'n8' = n2 + n4 */
-
-	/* Z_r */
-	if (a->Z_is_one && b->Z_is_one)
-		{
-		if (!BN_copy(&r->Z, n5)) goto end;
-		}
-	else
-		{
-		if (a->Z_is_one)
-			{ if (!BN_copy(n0, &b->Z)) goto end; }
-		else if (b->Z_is_one)
-			{ if (!BN_copy(n0, &a->Z)) goto end; }
-		else
-			{ if (!field_mul(group, n0, &a->Z, &b->Z, ctx)) goto end; }
-		if (!field_mul(group, &r->Z, n0, n5, ctx)) goto end;
-		}
-	r->Z_is_one = 0;
-	/* Z_r = Z_a * Z_b * n5 */
-
-	/* X_r */
-	if (!field_sqr(group, n0, n6, ctx)) goto end;
-	if (!field_sqr(group, n4, n5, ctx)) goto end;
-	if (!field_mul(group, n3, n1, n4, ctx)) goto end;
-	if (!BN_mod_sub_quick(&r->X, n0, n3, p)) goto end;
-	/* X_r = n6^2 - n5^2 * 'n7' */
-	
-	/* 'n9' */
-	if (!BN_mod_lshift1_quick(n0, &r->X, p)) goto end;
-	if (!BN_mod_sub_quick(n0, n3, n0, p)) goto end;
-	/* n9 = n5^2 * 'n7' - 2 * X_r */
-
-	/* Y_r */
-	if (!field_mul(group, n0, n0, n6, ctx)) goto end;
-	if (!field_mul(group, n5, n4, n5, ctx)) goto end; /* now n5 is n5^3 */
-	if (!field_mul(group, n1, n2, n5, ctx)) goto end;
-	if (!BN_mod_sub_quick(n0, n0, n1, p)) goto end;
-	if (BN_is_odd(n0))
-		if (!BN_add(n0, n0, p)) goto end;
-	/* now  0 <= n0 < 2*p,  and n0 is even */
-	if (!BN_rshift1(&r->Y, n0)) goto end;
-	/* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */
-
-	ret = 1;
-
- end:
-	if (ctx) /* otherwise we already called BN_CTX_end */
-		BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
-	{
-	int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *n0, *n1, *n2, *n3;
-	int ret = 0;
-	
-	if (EC_POINT_is_at_infinity(group, a))
-		{
-		if (!BN_zero(&r->Z)) return 0;
-		r->Z_is_one = 0;
-		return 1;
-		}
-
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	n0 = BN_CTX_get(ctx);
-	n1 = BN_CTX_get(ctx);
-	n2 = BN_CTX_get(ctx);
-	n3 = BN_CTX_get(ctx);
-	if (n3 == NULL) goto err;
-
-	/* Note that in this function we must not read components of 'a'
-	 * once we have written the corresponding components of 'r'.
-	 * ('r' might the same as 'a'.)
-	 */
-
-	/* n1 */
-	if (a->Z_is_one)
-		{
-		if (!field_sqr(group, n0, &a->X, ctx)) goto err;
-		if (!BN_mod_lshift1_quick(n1, n0, p)) goto err;
-		if (!BN_mod_add_quick(n0, n0, n1, p)) goto err;
-		if (!BN_mod_add_quick(n1, n0, &group->a, p)) goto err;
-		/* n1 = 3 * X_a^2 + a_curve */
-		}
-	else if (group->a_is_minus3)
-		{
-		if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
-		if (!BN_mod_add_quick(n0, &a->X, n1, p)) goto err;
-		if (!BN_mod_sub_quick(n2, &a->X, n1, p)) goto err;
-		if (!field_mul(group, n1, n0, n2, ctx)) goto err;
-		if (!BN_mod_lshift1_quick(n0, n1, p)) goto err;
-		if (!BN_mod_add_quick(n1, n0, n1, p)) goto err;
-		/* n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
-		 *    = 3 * X_a^2 - 3 * Z_a^4 */
-		}
-	else
-		{
-		if (!field_sqr(group, n0, &a->X, ctx)) goto err;
-		if (!BN_mod_lshift1_quick(n1, n0, p)) goto err;
-		if (!BN_mod_add_quick(n0, n0, n1, p)) goto err;
-		if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
-		if (!field_sqr(group, n1, n1, ctx)) goto err;
-		if (!field_mul(group, n1, n1, &group->a, ctx)) goto err;
-		if (!BN_mod_add_quick(n1, n1, n0, p)) goto err;
-		/* n1 = 3 * X_a^2 + a_curve * Z_a^4 */
-		}
-
-	/* Z_r */
-	if (a->Z_is_one)
-		{
-		if (!BN_copy(n0, &a->Y)) goto err;
-		}
-	else
-		{
-		if (!field_mul(group, n0, &a->Y, &a->Z, ctx)) goto err;
-		}
-	if (!BN_mod_lshift1_quick(&r->Z, n0, p)) goto err;
-	r->Z_is_one = 0;
-	/* Z_r = 2 * Y_a * Z_a */
-
-	/* n2 */
-	if (!field_sqr(group, n3, &a->Y, ctx)) goto err;
-	if (!field_mul(group, n2, &a->X, n3, ctx)) goto err;
-	if (!BN_mod_lshift_quick(n2, n2, 2, p)) goto err;
-	/* n2 = 4 * X_a * Y_a^2 */
-
-	/* X_r */
-	if (!BN_mod_lshift1_quick(n0, n2, p)) goto err;
-	if (!field_sqr(group, &r->X, n1, ctx)) goto err;
-	if (!BN_mod_sub_quick(&r->X, &r->X, n0, p)) goto err;
-	/* X_r = n1^2 - 2 * n2 */
-	
-	/* n3 */
-	if (!field_sqr(group, n0, n3, ctx)) goto err;
-	if (!BN_mod_lshift_quick(n3, n0, 3, p)) goto err;
-	/* n3 = 8 * Y_a^4 */
-	
-	/* Y_r */
-	if (!BN_mod_sub_quick(n0, n2, &r->X, p)) goto err;
-	if (!field_mul(group, n0, n1, n0, ctx)) goto err;
-	if (!BN_mod_sub_quick(&r->Y, n0, n3, p)) goto err;
-	/* Y_r = n1 * (n2 - X_r) - n3 */
-
-	ret = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-	{
-	if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
-		/* point is its own inverse */
-		return 1;
-	
-	return BN_usub(&point->Y, &group->field, &point->Y);
-	}
-
-
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-	{
-	return BN_is_zero(&point->Z);
-	}
-
-
-int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
-	{
-	int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *rh, *tmp1, *tmp2, *Z4, *Z6;
-	int ret = -1;
-
-	if (EC_POINT_is_at_infinity(group, point))
-		return 1;
-	
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-		}
-
-	BN_CTX_start(ctx);
-	rh = BN_CTX_get(ctx);
-	tmp1 = BN_CTX_get(ctx);
-	tmp2 = BN_CTX_get(ctx);
-	Z4 = BN_CTX_get(ctx);
-	Z6 = BN_CTX_get(ctx);
-	if (Z6 == NULL) goto err;
-
-	/* We have a curve defined by a Weierstrass equation
-	 *      y^2 = x^3 + a*x + b.
-	 * The point to consider is given in Jacobian projective coordinates
-	 * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
-	 * Substituting this and multiplying by  Z^6  transforms the above equation into
-	 *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
-	 * To test this, we add up the right-hand side in 'rh'.
-	 */
-
-	/* rh := X^3 */
-	if (!field_sqr(group, rh, &point->X, ctx)) goto err;
-	if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
-
-	if (!point->Z_is_one)
-		{
-		if (!field_sqr(group, tmp1, &point->Z, ctx)) goto err;
-		if (!field_sqr(group, Z4, tmp1, ctx)) goto err;
-		if (!field_mul(group, Z6, Z4, tmp1, ctx)) goto err;
-
-		/* rh := rh + a*X*Z^4 */
-		if (!field_mul(group, tmp1, &point->X, Z4, ctx)) goto err;
-		if (group->a_is_minus3)
-			{
-			if (!BN_mod_lshift1_quick(tmp2, tmp1, p)) goto err;
-			if (!BN_mod_add_quick(tmp2, tmp2, tmp1, p)) goto err;
-			if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err;
-			}
-		else
-			{
-			if (!field_mul(group, tmp2, tmp1, &group->a, ctx)) goto err;
-			if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err;
-			}
-
-		/* rh := rh + b*Z^6 */
-		if (!field_mul(group, tmp1, &group->b, Z6, ctx)) goto err;
-		if (!BN_mod_add_quick(rh, rh, tmp1, p)) goto err;
-		}
-	else
-		{
-		/* point->Z_is_one */
-
-		/* rh := rh + a*X */
-		if (group->a_is_minus3)
-			{
-			if (!BN_mod_lshift1_quick(tmp2, &point->X, p)) goto err;
-			if (!BN_mod_add_quick(tmp2, tmp2, &point->X, p)) goto err;
-			if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err;
-			}
-		else
-			{
-			if (!field_mul(group, tmp2, &point->X, &group->a, ctx)) goto err;
-			if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err;
-			}
-
-		/* rh := rh + b */
-		if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err;
-		}
-
-	/* 'lh' := Y^2 */
-	if (!field_sqr(group, tmp1, &point->Y, ctx)) goto err;
-
-	ret = (0 == BN_cmp(tmp1, rh));
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
-	{
-	/* return values:
-	 *  -1   error
-	 *   0   equal (in affine coordinates)
-	 *   1   not equal
-	 */
-
-	int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp1, *tmp2, *Za23, *Zb23;
-	const BIGNUM *tmp1_, *tmp2_;
-	int ret = -1;
-	
-	if (EC_POINT_is_at_infinity(group, a))
-		{
-		return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
-		}
-	
-	if (a->Z_is_one && b->Z_is_one)
-		{
-		return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-		}
-
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-		}
-
-	BN_CTX_start(ctx);
-	tmp1 = BN_CTX_get(ctx);
-	tmp2 = BN_CTX_get(ctx);
-	Za23 = BN_CTX_get(ctx);
-	Zb23 = BN_CTX_get(ctx);
-	if (Zb23 == NULL) goto end;
-
-	/* We have to decide whether
-	 *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
-	 * or equivalently, whether
-	 *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
-	 */
-
-	if (!b->Z_is_one)
-		{
-		if (!field_sqr(group, Zb23, &b->Z, ctx)) goto end;
-		if (!field_mul(group, tmp1, &a->X, Zb23, ctx)) goto end;
-		tmp1_ = tmp1;
-		}
-	else
-		tmp1_ = &a->X;
-	if (!a->Z_is_one)
-		{
-		if (!field_sqr(group, Za23, &a->Z, ctx)) goto end;
-		if (!field_mul(group, tmp2, &b->X, Za23, ctx)) goto end;
-		tmp2_ = tmp2;
-		}
-	else
-		tmp2_ = &b->X;
-	
-	/* compare  X_a*Z_b^2  with  X_b*Z_a^2 */
-	if (BN_cmp(tmp1_, tmp2_) != 0)
-		{
-		ret = 1; /* points differ */
-		goto end;
-		}
-
-
-	if (!b->Z_is_one)
-		{
-		if (!field_mul(group, Zb23, Zb23, &b->Z, ctx)) goto end;
-		if (!field_mul(group, tmp1, &a->Y, Zb23, ctx)) goto end;
-		/* tmp1_ = tmp1 */
-		}
-	else
-		tmp1_ = &a->Y;
-	if (!a->Z_is_one)
-		{
-		if (!field_mul(group, Za23, Za23, &a->Z, ctx)) goto end;
-		if (!field_mul(group, tmp2, &b->Y, Za23, ctx)) goto end;
-		/* tmp2_ = tmp2 */
-		}
-	else
-		tmp2_ = &b->Y;
-
-	/* compare  Y_a*Z_b^3  with  Y_b*Z_a^3 */
-	if (BN_cmp(tmp1_, tmp2_) != 0)
-		{
-		ret = 1; /* points differ */
-		goto end;
-		}
-
-	/* points are equal */
-	ret = 0;
-
- end:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	int ret = 0;
-
-	if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
-		return 1;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	if (y == NULL) goto err;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-	if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-	if (!point->Z_is_one)
-		{
-		ECerr(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE, ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-	
-	ret = 1;
-
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
-	}
-
-
-int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
-	{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp0, *tmp1;
-	size_t pow2 = 0;
-	BIGNUM **heap = NULL;
-	size_t i;
-	int ret = 0;
-
-	if (num == 0)
-		return 1;
-
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
-
-	BN_CTX_start(ctx);
-	tmp0 = BN_CTX_get(ctx);
-	tmp1 = BN_CTX_get(ctx);
-	if (tmp0  == NULL || tmp1 == NULL) goto err;
-
-	/* Before converting the individual points, compute inverses of all Z values.
-	 * Modular inversion is rather slow, but luckily we can do with a single
-	 * explicit inversion, plus about 3 multiplications per input value.
-	 */
-
-	pow2 = 1;
-	while (num > pow2)
-		pow2 <<= 1;
-	/* Now pow2 is the smallest power of 2 satifsying pow2 >= num.
-	 * We need twice that. */
-	pow2 <<= 1;
-
-	heap = OPENSSL_malloc(pow2 * sizeof heap[0]);
-	if (heap == NULL) goto err;
-	
-	/* The array is used as a binary tree, exactly as in heapsort:
-	 *
-	 *                               heap[1]
-	 *                 heap[2]                     heap[3]
-	 *          heap[4]       heap[5]       heap[6]       heap[7]
-	 *   heap[8]heap[9] heap[10]heap[11] heap[12]heap[13] heap[14] heap[15]
-	 *
-	 * We put the Z's in the last line;
-	 * then we set each other node to the product of its two child-nodes (where
-	 * empty or 0 entries are treated as ones);
-	 * then we invert heap[1];
-	 * then we invert each other node by replacing it by the product of its
-	 * parent (after inversion) and its sibling (before inversion).
-	 */
-	heap[0] = NULL;
-	for (i = pow2/2 - 1; i > 0; i--)
-		heap[i] = NULL;
-	for (i = 0; i < num; i++)
-		heap[pow2/2 + i] = &points[i]->Z;
-	for (i = pow2/2 + num; i < pow2; i++)
-		heap[i] = NULL;
-	
-	/* set each node to the product of its children */
-	for (i = pow2/2 - 1; i > 0; i--)
-		{
-		heap[i] = BN_new();
-		if (heap[i] == NULL) goto err;
-		
-		if (heap[2*i] != NULL)
-			{
-			if ((heap[2*i + 1] == NULL) || BN_is_zero(heap[2*i + 1]))
-				{
-				if (!BN_copy(heap[i], heap[2*i])) goto err;
-				}
-			else
-				{
-				if (BN_is_zero(heap[2*i]))
-					{
-					if (!BN_copy(heap[i], heap[2*i + 1])) goto err;
-					}
-				else
-					{
-					if (!group->meth->field_mul(group, heap[i],
-						heap[2*i], heap[2*i + 1], ctx)) goto err;
-					}
-				}
-			}
-		}
-
-	/* invert heap[1] */
-	if (!BN_is_zero(heap[1]))
-		{
-		if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx))
-			{
-			ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
-			goto err;
-			}
-		}
-	if (group->meth->field_encode != 0)
-		{
-		/* in the Montgomery case, we just turned  R*H  (representing H)
-		 * into  1/(R*H),  but we need  R*(1/H)  (representing 1/H);
-		 * i.e. we have need to multiply by the Montgomery factor twice */
-		if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
-		if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
-		}
-
-	/* set other heap[i]'s to their inverses */
-	for (i = 2; i < pow2/2 + num; i += 2)
-		{
-		/* i is even */
-		if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1]))
-			{
-			if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err;
-			if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err;
-			if (!BN_copy(heap[i], tmp0)) goto err;
-			if (!BN_copy(heap[i + 1], tmp1)) goto err;
-			}
-		else
-			{
-			if (!BN_copy(heap[i], heap[i/2])) goto err;
-			}
-		}
-
-	/* we have replaced all non-zero Z's by their inverses, now fix up all the points */
-	for (i = 0; i < num; i++)
-		{
-		EC_POINT *p = points[i];
-		
-		if (!BN_is_zero(&p->Z))
-			{
-			/* turn  (X, Y, 1/Z)  into  (X/Z^2, Y/Z^3, 1) */
-
-			if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err;
-			if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err;
-
-			if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err;
-			if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err;
-		
-			if (group->meth->field_set_to_one != 0)
-				{
-				if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err;
-				}
-			else
-				{
-				if (!BN_one(&p->Z)) goto err;
-				}
-			p->Z_is_one = 1;
-			}
-		}
-
-	ret = 1;
-		
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	if (heap != NULL)
-		{
-		/* heap[pow2/2] .. heap[pow2-1] have not been allocated locally! */
-		for (i = pow2/2 - 1; i > 0; i--)
-			{
-			if (heap[i] != NULL)
-				BN_clear_free(heap[i]);
-			}
-		OPENSSL_free(heap);
-		}
-	return ret;
-	}
-
-
-int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-	{
-	return BN_mod_mul(r, a, b, &group->field, ctx);
-	}
-
-
-int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-	{
-	return BN_mod_sqr(r, a, &group->field, ctx);
-	}
diff --git a/crypto/openssl/crypto/ec/ectest.c b/crypto/openssl/crypto/ec/ectest.c
deleted file mode 100644
index 345d3e428925..000000000000
--- a/crypto/openssl/crypto/ec/ectest.c
+++ /dev/null
@@ -1,643 +0,0 @@
-/* crypto/ec/ectest.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef FLAT_INC
-#include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
-#include <string.h>
-#include <time.h>
-
-
-#ifdef OPENSSL_NO_EC
-int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; }
-#else
-
-
-#include <openssl/ec.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-
-#define ABORT do { \
-	fflush(stdout); \
-	fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
-	ERR_print_errors_fp(stderr); \
-	EXIT(1); \
-} while (0)
-
-#if 0
-static void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
-	{
-	clock_t clck;
-	int i, j;
-	BIGNUM *s, *s0;
-	EC_POINT *P;
-		
-	s = BN_new();
-	s0 = BN_new();
-	if (s == NULL || s0 == NULL) ABORT;
-
-	if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT;
-	fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s));
-	if (!EC_GROUP_get_order(group, s, ctx)) ABORT;
-	fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s));
-	fflush(stdout);
-
-	P = EC_POINT_new(group);
-	if (P == NULL) ABORT;
-	EC_POINT_copy(P, EC_GROUP_get0_generator(group));
-
-	clck = clock();
-	for (i = 0; i < 10; i++)
-		{
-		if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT;
-		if (multi)
-			{
-			if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT;
-			}
-		for (j = 0; j < 10; j++)
-			{
-			if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT;
-			}
-		fprintf(stdout, ".");
-		fflush(stdout);
-		}
-	fprintf(stdout, "\n");
-	
-	clck = clock() - clck;
-
-#ifdef CLOCKS_PER_SEC
-	/* "To determine the time in seconds, the value returned
-	 * by the clock function should be divided by the value
-	 * of the macro CLOCKS_PER_SEC."
-	 *                                       -- ISO/IEC 9899 */
-#	define UNIT "s"
-#else
-	/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
-	 *                            -- cc on NeXTstep/OpenStep */
-#	define UNIT "units"
-#	define CLOCKS_PER_SEC 1
-#endif
-
-	fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
-		multi ? "s*P+t*Q operations" : "point multiplications",
-		(double)clck/CLOCKS_PER_SEC);
-	fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j));
-
-	EC_POINT_free(P);
-	BN_free(s);
-	BN_free(s0);
-	}
-#endif
-
-int main(int argc, char *argv[])
-	{	
-	BN_CTX *ctx = NULL;
-	BIGNUM *p, *a, *b;
-	EC_GROUP *group;
-	EC_GROUP *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL;
-	EC_POINT *P, *Q, *R;
-	BIGNUM *x, *y, *z;
-	unsigned char buf[100];
-	size_t i, len;
-	int k;
-	
-	/* enable memory leak checking unless explicitly disabled */
-	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
-		{
-		CRYPTO_malloc_debug_init();
-		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-		}
-	else
-		{
-		/* OPENSSL_DEBUG_MEMORY=off */
-		CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
-		}
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-	ERR_load_crypto_strings();
-
-#if 1 /* optional */
-	ctx = BN_CTX_new();
-	if (!ctx) ABORT;
-#endif
-
-	p = BN_new();
-	a = BN_new();
-	b = BN_new();
-	if (!p || !a || !b) ABORT;
-
-	if (!BN_hex2bn(&p, "17")) ABORT;
-	if (!BN_hex2bn(&a, "1")) ABORT;
-	if (!BN_hex2bn(&b, "1")) ABORT;
-	
-	group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use EC_GROUP_new_curve_GFp
-	                                             * so that the library gets to choose the EC_METHOD */
-	if (!group) ABORT;
-
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	{
-		EC_GROUP *tmp;
-		tmp = EC_GROUP_new(EC_GROUP_method_of(group));
-		if (!tmp) ABORT;
-		if (!EC_GROUP_copy(tmp, group));
-		EC_GROUP_free(group);
-		group = tmp;
-	}
-	
-	if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	fprintf(stdout, "Curve defined by Weierstrass equation\n     y^2 = x^3 + a*x + b  (mod 0x");
-	BN_print_fp(stdout, p);
-	fprintf(stdout, ")\n     a = 0x");
-	BN_print_fp(stdout, a);
-	fprintf(stdout, "\n     b = 0x");
-	BN_print_fp(stdout, b);
-	fprintf(stdout, "\n");
-
-	P = EC_POINT_new(group);
-	Q = EC_POINT_new(group);
-	R = EC_POINT_new(group);
-	if (!P || !Q || !R) ABORT;
-	
-	if (!EC_POINT_set_to_infinity(group, P)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, P)) ABORT;
-
-	buf[0] = 0;
-	if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT;
-
-	if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, P)) ABORT;
-
-	x = BN_new();
-	y = BN_new();
-	z = BN_new();
-	if (!x || !y || !z) ABORT;
-
-	if (!BN_hex2bn(&x, "D")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, Q, ctx))
-		{
-		if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) ABORT;
-		fprintf(stderr, "Point is not on curve: x = 0x");
-		BN_print_fp(stderr, x);
-		fprintf(stderr, ", y = 0x");
-		BN_print_fp(stderr, y);
-		fprintf(stderr, "\n");
-		ABORT;
-		}
-
-	fprintf(stdout, "A cyclic subgroup:\n");
-	k = 100;
-	do
-		{
-		if (k-- == 0) ABORT;
-
-		if (EC_POINT_is_at_infinity(group, P))
-			fprintf(stdout, "     point at infinity\n");
-		else
-			{
-			if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-
-			fprintf(stdout, "     x = 0x");
-			BN_print_fp(stdout, x);
-			fprintf(stdout, ", y = 0x");
-			BN_print_fp(stdout, y);
-			fprintf(stdout, "\n");
-			}
-		
-		if (!EC_POINT_copy(R, P)) ABORT;
-		if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT;
-
-#if 0 /* optional */
-		{
-			EC_POINT *points[3];
-		
-			points[0] = R;
-			points[1] = Q;
-			points[2] = P;
-			if (!EC_POINTs_make_affine(group, 2, points, ctx)) ABORT;
-		}
-#endif
-
-		}
-	while (!EC_POINT_is_at_infinity(group, P));
-
-	if (!EC_POINT_add(group, P, Q, R, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, P)) ABORT;
-
-	len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx);
-	if (len == 0) ABORT;
-	if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
-	if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
-	fprintf(stdout, "Generator as octect string, compressed form:\n     ");
-	for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
-	
-	len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx);
-	if (len == 0) ABORT;
-	if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
-	if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
-	fprintf(stdout, "\nGenerator as octect string, uncompressed form:\n     ");
-	for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
-	
-	len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx);
-	if (len == 0) ABORT;
-	if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
-	if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
-	fprintf(stdout, "\nGenerator as octect string, hybrid form:\n     ");
-	for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
-	
-	if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx)) ABORT;
-	fprintf(stdout, "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n     X = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, ", Y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, ", Z = 0x");
-	BN_print_fp(stdout, z);
-	fprintf(stdout, "\n");
-
-	if (!EC_POINT_invert(group, P, ctx)) ABORT;
-	if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
-
-
-	/* Curve P-192 (FIPS PUB 186-2, App. 6) */
-	
-	if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT;
-	if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
-	if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT;
-	if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT;
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) ABORT;
-	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-	fprintf(stdout, "\nNIST curve P-192 -- Generator:\n     x = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, "\n     y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, "\n");
-	/* G_y value taken from the standard: */
-	if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT;
-	if (0 != BN_cmp(y, z)) ABORT;
-	
-	fprintf(stdout, "verify group order ...");
-	fflush(stdout);
-	if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, ".");
-	fflush(stdout);
-	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, " ok\n");
-
-	if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
-	if (!EC_GROUP_copy(P_192, group)) ABORT;
-
-
-	/* Curve P-224 (FIPS PUB 186-2, App. 6) */
-	
-	if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT;
-	if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
-	if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT;
-	if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT;
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	if (!BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) ABORT;
-	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-	fprintf(stdout, "\nNIST curve P-224 -- Generator:\n     x = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, "\n     y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, "\n");
-	/* G_y value taken from the standard: */
-	if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT;
-	if (0 != BN_cmp(y, z)) ABORT;
-	
-	fprintf(stdout, "verify group order ...");
-	fflush(stdout);
-	if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, ".");
-	fflush(stdout);
-	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, " ok\n");
-
-	if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
-	if (!EC_GROUP_copy(P_224, group)) ABORT;
-
-
-	/* Curve P-256 (FIPS PUB 186-2, App. 6) */
-	
-	if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT;
-	if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
-	if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT;
-	if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT;
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
-		"84F3B9CAC2FC632551")) ABORT;
-	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-	fprintf(stdout, "\nNIST curve P-256 -- Generator:\n     x = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, "\n     y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, "\n");
-	/* G_y value taken from the standard: */
-	if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT;
-	if (0 != BN_cmp(y, z)) ABORT;
-	
-	fprintf(stdout, "verify group order ...");
-	fflush(stdout);
-	if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, ".");
-	fflush(stdout);
-	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, " ok\n");
-
-	if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
-	if (!EC_GROUP_copy(P_256, group)) ABORT;
-
-
-	/* Curve P-384 (FIPS PUB 186-2, App. 6) */
-	
-	if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT;
-	if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
-	if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT;
-	if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
-		"120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) ABORT;
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
-		"9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT;
-	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-	fprintf(stdout, "\nNIST curve P-384 -- Generator:\n     x = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, "\n     y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, "\n");
-	/* G_y value taken from the standard: */
-	if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
-		"7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT;
-	if (0 != BN_cmp(y, z)) ABORT;
-	
-	fprintf(stdout, "verify group order ...");
-	fflush(stdout);
-	if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, ".");
-	fflush(stdout);
-	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, " ok\n");
-
-	if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
-	if (!EC_GROUP_copy(P_384, group)) ABORT;
-
-
-	/* Curve P-521 (FIPS PUB 186-2, App. 6) */
-	
-	if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT;
-	if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
-	if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT;
-	if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
-		"315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
-		"DF883D2C34F1EF451FD46B503F00")) ABORT;
-	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
-
-	if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
-		"B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
-		"3C1856A429BF97E7E31C2E5BD66")) ABORT;
-	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-		"FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
-		"C9B8899C47AEBB6FB71E91386409")) ABORT;
-	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
-	fprintf(stdout, "\nNIST curve P-521 -- Generator:\n     x = 0x");
-	BN_print_fp(stdout, x);
-	fprintf(stdout, "\n     y = 0x");
-	BN_print_fp(stdout, y);
-	fprintf(stdout, "\n");
-	/* G_y value taken from the standard: */
-	if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
-		"B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
-		"7086A272C24088BE94769FD16650")) ABORT;
-	if (0 != BN_cmp(y, z)) ABORT;
-	
-	fprintf(stdout, "verify group order ...");
-	fflush(stdout);
-	if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, ".");
-	fflush(stdout);
-	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
-	if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
-	fprintf(stdout, " ok\n");
-
-	if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
-	if (!EC_GROUP_copy(P_521, group)) ABORT;
-
-
-	/* more tests using the last curve */
-
-	if (!EC_POINT_copy(Q, P)) ABORT;
-	if (EC_POINT_is_at_infinity(group, Q)) ABORT;
-	if (!EC_POINT_dbl(group, P, P, ctx)) ABORT;
-	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
-	if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */
-
-	if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT;
-	if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT;
-	if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */
-
-	{
-		const EC_POINT *points[3];
-		const BIGNUM *scalars[3];
-	
-		if (EC_POINT_is_at_infinity(group, Q)) ABORT;
-		points[0] = Q;
-		points[1] = Q;
-		points[2] = Q;
-
-		if (!BN_add(y, z, BN_value_one())) ABORT;
-		if (BN_is_odd(y)) ABORT;
-		if (!BN_rshift1(y, y)) ABORT;
-		scalars[0] = y; /* (group order + 1)/2,  so  y*Q + y*Q = Q */
-		scalars[1] = y;
-
-		fprintf(stdout, "combined multiplication ...");
-		fflush(stdout);
-
-		/* z is still the group order */
-		if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
-		if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT;
-		if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
-		if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT;
-
-		fprintf(stdout, ".");
-		fflush(stdout);
-
-		if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
-		if (!BN_add(z, z, y)) ABORT;
-		z->neg = 1;
-		scalars[0] = y;
-		scalars[1] = z; /* z = -(order + y) */
-
-		if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
-		if (!EC_POINT_is_at_infinity(group, P)) ABORT;
-
-		fprintf(stdout, ".");
-		fflush(stdout);
-
-		if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
-		if (!BN_add(z, x, y)) ABORT;
-		z->neg = 1;
-		scalars[0] = x;
-		scalars[1] = y;
-		scalars[2] = z; /* z = -(x+y) */
-
-		if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT;
-		if (!EC_POINT_is_at_infinity(group, P)) ABORT;
-
-		fprintf(stdout, " ok\n\n");
-	}
-
-
-#if 0
-	timings(P_192, 0, ctx);
-	timings(P_192, 1, ctx);
-	timings(P_224, 0, ctx);
-	timings(P_224, 1, ctx);
-	timings(P_256, 0, ctx);
-	timings(P_256, 1, ctx);
-	timings(P_384, 0, ctx);
-	timings(P_384, 1, ctx);
-	timings(P_521, 0, ctx);
-	timings(P_521, 1, ctx);
-#endif
-
-
-	if (ctx)
-		BN_CTX_free(ctx);
-	BN_free(p); BN_free(a);	BN_free(b);
-	EC_GROUP_free(group);
-	EC_POINT_free(P);
-	EC_POINT_free(Q);
-	EC_POINT_free(R);
-	BN_free(x); BN_free(y); BN_free(z);
-
-	if (P_192) EC_GROUP_free(P_192);
-	if (P_224) EC_GROUP_free(P_224);
-	if (P_256) EC_GROUP_free(P_256);
-	if (P_384) EC_GROUP_free(P_384);
-	if (P_521) EC_GROUP_free(P_521);
-
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_cleanup();
-#endif
-	CRYPTO_cleanup_all_ex_data();
-	ERR_free_strings();
-	ERR_remove_state(0);
-	CRYPTO_mem_leaks_fp(stderr);
-	
-	return 0;
-	}
-#endif
diff --git a/crypto/openssl/crypto/engine/Makefile.ssl b/crypto/openssl/crypto/engine/Makefile.ssl
deleted file mode 100644
index 847d6724000c..000000000000
--- a/crypto/openssl/crypto/engine/Makefile.ssl
+++ /dev/null
@@ -1,538 +0,0 @@
-#
-# OpenSSL/crypto/engine/Makefile
-#
-
-DIR=	engine
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= enginetest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
-	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
-	tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
-	eng_openssl.c eng_dyn.c eng_cnf.c \
-	hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
-	hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c
-LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
-	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
-	tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
-	eng_openssl.o eng_dyn.o eng_cnf.o \
-	hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
-	hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= engine.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-errors:
-	$(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \
-		-nostatic -staticloader -write hw_*.c
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h
-eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_cnf.o: ../cryptlib.h eng_cnf.c
-eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_ctrl.o: ../../include/openssl/opensslconf.h
-eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h
-eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
-eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_err.o: ../../include/openssl/ui.h eng_err.c
-eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
-eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_init.o: ../../include/openssl/opensslconf.h
-eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_init.o: ../cryptlib.h eng_init.c eng_int.h
-eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c
-eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_list.o: ../../include/openssl/opensslconf.h
-eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_list.o: ../cryptlib.h eng_int.h eng_list.c
-eng_openssl.o: ../../e_os.h ../../include/openssl/aes.h
-eng_openssl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_openssl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-eng_openssl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_openssl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-eng_openssl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-eng_openssl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_openssl.o: ../../include/openssl/opensslconf.h
-eng_openssl.o: ../../include/openssl/opensslv.h
-eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-eng_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_openssl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-eng_openssl.o: ../cryptlib.h eng_openssl.c
-eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_pkey.o: ../../include/openssl/opensslconf.h
-eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c
-eng_table.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-eng_table.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-eng_table.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-eng_table.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_table.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-eng_table.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-eng_table.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-eng_table.o: ../../include/openssl/objects.h
-eng_table.o: ../../include/openssl/opensslconf.h
-eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-eng_table.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-eng_table.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_table.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-eng_table.o: eng_int.h eng_table.c
-hw_4758_cca.o: ../../e_os.h ../../include/openssl/aes.h
-hw_4758_cca.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hw_4758_cca.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-hw_4758_cca.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-hw_4758_cca.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-hw_4758_cca.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-hw_4758_cca.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-hw_4758_cca.o: ../../include/openssl/opensslconf.h
-hw_4758_cca.o: ../../include/openssl/opensslv.h
-hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-hw_4758_cca.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-hw_4758_cca.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-hw_4758_cca.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-hw_4758_cca.o: ../cryptlib.h hw_4758_cca.c hw_4758_cca_err.c hw_4758_cca_err.h
-hw_4758_cca.o: vendor_defns/hw_4758_cca.h
-hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h
-hw_aep.o: vendor_defns/aep.h
-hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h
-hw_atalla.o: vendor_defns/atalla.h
-hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-hw_cryptodev.o: ../../include/openssl/objects.h
-hw_cryptodev.o: ../../include/openssl/opensslconf.h
-hw_cryptodev.o: ../../include/openssl/opensslv.h
-hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c
-hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h
-hw_cswift.o: vendor_defns/cswift.h
-hw_ncipher.o: ../../e_os.h ../../include/openssl/aes.h
-hw_ncipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hw_ncipher.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-hw_ncipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-hw_ncipher.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-hw_ncipher.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-hw_ncipher.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-hw_ncipher.o: ../../include/openssl/opensslconf.h
-hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-hw_ncipher.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-hw_ncipher.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_ncipher.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_ncipher.c
-hw_ncipher.o: hw_ncipher_err.c hw_ncipher_err.h vendor_defns/hwcryptohook.h
-hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h
-hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h
-hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-hw_sureware.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-hw_sureware.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-hw_sureware.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-hw_sureware.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-hw_sureware.o: ../../include/openssl/opensslconf.h
-hw_sureware.o: ../../include/openssl/opensslv.h
-hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-hw_sureware.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-hw_sureware.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-hw_sureware.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-hw_sureware.o: ../cryptlib.h eng_int.h engine.h hw_sureware.c hw_sureware_err.c
-hw_sureware.o: hw_sureware_err.h vendor_defns/sureware.h
-hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h
-hw_ubsec.o: vendor_defns/hw_ubsec.h
-tb_cipher.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_cipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_cipher.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_cipher.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_cipher.o: ../../include/openssl/objects.h
-tb_cipher.o: ../../include/openssl/opensslconf.h
-tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_cipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_cipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_cipher.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-tb_cipher.o: eng_int.h tb_cipher.c
-tb_dh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_dh.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_dh.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_dh.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_dh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_dh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_dh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h eng_int.h
-tb_dh.o: tb_dh.c
-tb_digest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_digest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_digest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_digest.o: ../../include/openssl/objects.h
-tb_digest.o: ../../include/openssl/opensslconf.h
-tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-tb_digest.o: eng_int.h tb_digest.c
-tb_dsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_dsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_dsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_dsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_dsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_dsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-tb_dsa.o: eng_int.h tb_dsa.c
-tb_rand.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_rand.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-tb_rand.o: eng_int.h tb_rand.c
-tb_rsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-tb_rsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-tb_rsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-tb_rsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-tb_rsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-tb_rsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_rsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-tb_rsa.o: eng_int.h tb_rsa.c
diff --git a/crypto/openssl/crypto/engine/README b/crypto/openssl/crypto/engine/README
deleted file mode 100644
index 6b69b70f576a..000000000000
--- a/crypto/openssl/crypto/engine/README
+++ /dev/null
@@ -1,211 +0,0 @@
-Notes: 2001-09-24
------------------
-
-This "description" (if one chooses to call it that) needed some major updating
-so here goes. This update addresses a change being made at the same time to
-OpenSSL, and it pretty much completely restructures the underlying mechanics of
-the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
-for masochists" document *and* a rather extensive commit log message. (I'd get
-lynched for sticking all this in CHANGES or the commit mails :-).
-
-ENGINE_TABLE underlies this restructuring, as described in the internal header
-"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
-tb_rsa.c, tb_dsa.c, etc.
-
-However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
-I'll mention a bit about that first. EVP_CIPHER (and most of this applies
-equally to EVP_MD for digests) is both a "method" and a algorithm/mode
-identifier that, in the current API, "lingers". These cipher description +
-implementation structures can be defined or obtained directly by applications,
-or can be loaded "en masse" into EVP storage so that they can be catalogued and
-searched in various ways, ie. two ways of encrypting with the "des_cbc"
-algorithm/mode pair are;
-
-(i) directly;
-     const EVP_CIPHER *cipher = EVP_des_cbc();
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
-
-(ii) indirectly; 
-     OpenSSL_add_all_ciphers();
-     cipher = EVP_get_cipherbyname("des_cbc");
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... etc ... ]
-
-The latter is more generally used because it also allows ciphers/digests to be
-looked up based on other identifiers which can be useful for automatic cipher
-selection, eg. in SSL/TLS, or by user-controllable configuration.
-
-The important point about this is that EVP_CIPHER definitions and structures are
-passed around with impunity and there is no safe way, without requiring massive
-rewrites of many applications, to assume that EVP_CIPHERs can be reference
-counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
-comes from can "safely" be destroyed. Unless of course the way of getting to
-such ciphers is via entirely distinct API calls that didn't exist before.
-However existing API usage cannot be made to understand when an EVP_CIPHER
-pointer, that has been passed to the caller, is no longer being used.
-
-The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
-into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
-ciphers simultaneously registers cipher *types* and cipher *implementations* -
-they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
-hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
-solution is necessarily that ENGINE-provided ciphers simply are not registered,
-stored, or exposed to the caller in the same manner as existing ciphers. This is
-especially necessary considering the fact ENGINE uses reference counts to allow
-for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
-callers in the current API, support no such controls.
-
-Another sticking point for integrating cipher support into ENGINE is linkage.
-Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
-they are available *because* they're part of a giant ENGINE called "openssl".
-Ie. all implementations *have* to come from an ENGINE, but we get round that by
-having a giant ENGINE with all the software support encapsulated. This creates
-linker hassles if nothing else - linking a 1-line application that calls 2 basic
-RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
-ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
-continue with this approach for EVP_CIPHER support (even if it *was* possible)
-we would lose our ability to link selectively by selectively loading certain
-implementations of certain functionality. Touching any part of any kind of
-crypto would result in massive static linkage of everything else. So the
-solution is to change the way ENGINE feeds existing "classes", ie. how the
-hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
-for EVP_CIPHER, and EVP_MD.
-
-The way this is now being done is by mostly reverting back to how things used to
-work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
-was previously replaced by an "ENGINE" pointer and all RSA code that required
-the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
-temporarily get and use the ENGINE's RSA implementation. Apart from being more
-efficient, switching back to each RSA having an RSA_METHOD pointer also allows
-us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
-for a fallback ENGINE that encapsulates default implementations - we can simply
-have our RSA structure pointing its RSA_METHOD pointer to the software
-implementation and have its ENGINE pointer set to NULL.
-
-A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
-turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
-and the existing EVP API functions that return "software" implementations and
-descriptions remain untouched. However, the storage takes more meaning in terms
-of "cipher description" and less meaning in terms of "implementation". When an
-EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
-begin en/decryption, the hooking to ENGINE comes into play. What happens is that
-cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
-reference) for any ENGINE that is registered to perform the algo/mode that the
-provided EVP_CIPHER structure represents. Under normal circumstances, that
-ENGINE code will return NULL because no ENGINEs will have had any cipher
-implementations *registered*. As such, a NULL ENGINE pointer is stored in the
-EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
-context and so is used as the implementation. Pretty much how things work now
-except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
-
-Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
-combination represented by the provided EVP_CIPHER, then a functional reference
-to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
-That functional reference will be stored in the context (and released on
-cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
-definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
-application will actually be replaced by an EVP_CIPHER from the registered
-ENGINE - it will support the same algorithm/mode as the original but will be a
-completely different implementation. Because this EVP_CIPHER isn't stored in the
-EVP storage, nor is it returned to applications from traditional API functions,
-there is no associated problem with it not having reference counts. And of
-course, when one of these "private" cipher implementations is hooked into
-EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
-reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
-safe.
-
-The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
-in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
-EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
-use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
-ENGINE_TABLE essentially provide linker-separation of the classes so that even
-if ENGINEs implement *all* possible algorithms, an application using only
-EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
-ENGINE code that is independant of class, and of course the ENGINE
-implementation that the application loaded. It will *not* however link any
-class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
-other APIs, such as the RSA/DSA/etc library code.
-
-ENGINE_TABLE is a little more complicated than may seem necessary but this is
-mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
-DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
-to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
-example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
-These nids provide the uniquenness of an algorithm/mode - and each nid will hash
-to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
-pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
-caching tricks such that requests on that 'nid' will be cached and all future
-requests will return immediately (well, at least with minimal operation) unless
-a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
-that an application could have support for 10 ENGINEs statically linked
-in, and the machine in question may not have any of the hardware those 10
-ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
-want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
-each of those 10 ENGINEs. Instead, the first such request will try to do that
-and will either return (and cache) a NULL ENGINE pointer or will return a
-functional reference to the first that successfully initialised. In the latter
-case it will also cache an extra functional reference to the ENGINE as a
-"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
-that is unset only if un/registration takes place on that pile. Ie. if
-implementations of "des_cbc" are added or removed. This behaviour can be
-tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
-ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
-try to initialise from the "pile" will be those that are already initialised
-(ie. it's simply an increment of the functional reference count, and no real
-"initialisation" will take place).
-
-RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
-difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
-actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
-not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
-necessarily interoperable and don't have different flavours, only different
-implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
-or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
-represents ENGINEs that implement the single "type" of RSA there is.
-
-Cleanup - the registration and unregistration may pose questions about how
-cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
-application or EVP_CIPHER code releases its last reference to an ENGINE, the
-ENGINE_PILE code may still have references and thus those ENGINEs will stay
-hooked in forever). The way this is handled is via "unregistration". With these
-new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
-is an algorithm-agnostic process. Even if initialised, it will not have
-registered any of its implementations (to do so would link all class "table"
-code despite the fact the application may use only ciphers, for example). This
-is deliberately a distinct step. Moreover, registration and unregistration has
-nothing to do with whether an ENGINE is *functional* or not (ie. you can even
-register an ENGINE and its implementations without it being operational, you may
-not even have the drivers to make it operate). What actually happens with
-respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
-functions. These functions are internal-only and each part of ENGINE code that
-could require cleanup will, upon performing its first allocation, register a
-callback with the "engine_cleanup" code. The other part of this that makes it
-tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
-initialised state. So if RSA code asks for an ENGINE and no ENGINE has
-registered an implementation, the code will simply return NULL and the tb_rsa.c
-state will be unchanged. Thus, no cleanup is required unless registration takes
-place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
-callbacks calling each in turn, and will then internally delete its own storage
-(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
-part of a gracefull restart and the application wants to cleanup all state then
-start again), the internal STACK storage will be freshly allocated. This is much
-the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
-initialised state, so only modification operations (not queries) will cause that
-code to have to register a cleanup.
-
-What else? The bignum callbacks and associated ENGINE functions have been
-removed for two obvious reasons; (i) there was no way to generalise them to the
-mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
-method, and (ii) because of (i), there was no meaningful way for library or
-application code to automatically hook and use ENGINE supplied bignum functions
-anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
-exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
-one and now certainly doesn't make sense in any generalised way. Some of the
-RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
-changes have now, as a consequence, been reverted back. This is because the
-hooking of ENGINE is now automatic (and passive, it can interally use a NULL
-ENGINE pointer to simply ignore ENGINE from then on).
-
-Hell, that should be enough for now ... comments welcome: geoff@openssl.org
-
diff --git a/crypto/openssl/crypto/engine/eng_all.c b/crypto/openssl/crypto/engine/eng_all.c
deleted file mode 100644
index 0f6992a40dbf..000000000000
--- a/crypto/openssl/crypto/engine/eng_all.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-void ENGINE_load_builtin_engines(void)
-	{
-	/* There's no longer any need for an "openssl" ENGINE unless, one day,
-	 * it is the *only* way for standard builtin implementations to be be
-	 * accessed (ie. it would be possible to statically link binaries with
-	 * *no* builtin implementations). */
-#if 0
-	ENGINE_load_openssl();
-#endif
-	ENGINE_load_dynamic();
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_CSWIFT
-	ENGINE_load_cswift();
-#endif
-#ifndef OPENSSL_NO_HW_NCIPHER
-	ENGINE_load_chil();
-#endif
-#ifndef OPENSSL_NO_HW_ATALLA
-	ENGINE_load_atalla();
-#endif
-#ifndef OPENSSL_NO_HW_NURON
-	ENGINE_load_nuron();
-#endif
-#ifndef OPENSSL_NO_HW_UBSEC
-	ENGINE_load_ubsec();
-#endif
-#ifndef OPENSSL_NO_HW_AEP
-	ENGINE_load_aep();
-#endif
-#ifndef OPENSSL_NO_HW_SUREWARE
-	ENGINE_load_sureware();
-#endif
-#ifndef OPENSSL_NO_HW_4758_CCA
-	ENGINE_load_4758cca();
-#endif
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
-	ENGINE_load_cryptodev();
-#endif
-#endif
-	}
-
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
-void ENGINE_setup_bsd_cryptodev(void) {
-	static int bsd_cryptodev_default_loaded = 0;
-	if (!bsd_cryptodev_default_loaded) {
-		ENGINE_load_cryptodev();
-		ENGINE_register_all_complete();
-	}
-	bsd_cryptodev_default_loaded=1;
-}
-#endif
diff --git a/crypto/openssl/crypto/engine/eng_cnf.c b/crypto/openssl/crypto/engine/eng_cnf.c
deleted file mode 100644
index cdf670901adc..000000000000
--- a/crypto/openssl/crypto/engine/eng_cnf.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/* eng_cnf.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/engine.h>
-
-/* #define ENGINE_CONF_DEBUG */
-
-/* ENGINE config module */
-
-static char *skip_dot(char *name)
-	{
-	char *p;
-	p = strchr(name, '.');
-	if (p)
-		return p + 1;
-	return name;
-	}
-
-static STACK_OF(ENGINE) *initialized_engines = NULL;
-
-static int int_engine_init(ENGINE *e)
-	{
-	if (!ENGINE_init(e))
-		return 0;
-	if (!initialized_engines)
-		initialized_engines = sk_ENGINE_new_null();
-	if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e))
-		{
-		ENGINE_finish(e);
-		return 0;
-		}
-	return 1;
-	}
-	
-
-static int int_engine_configure(char *name, char *value, const CONF *cnf)
-	{
-	int i;
-	int ret = 0;
-	long do_init = -1;
-	STACK_OF(CONF_VALUE) *ecmds;
-	CONF_VALUE *ecmd;
-	char *ctrlname, *ctrlvalue;
-	ENGINE *e = NULL;
-	name = skip_dot(name);
-#ifdef ENGINE_CONF_DEBUG
-	fprintf(stderr, "Configuring engine %s\n", name);
-#endif
-	/* Value is a section containing ENGINE commands */
-	ecmds = NCONF_get_section(cnf, value);
-
-	if (!ecmds)
-		{
-		ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR);
-		return 0;
-		}
-
-	for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++)
-		{
-		ecmd = sk_CONF_VALUE_value(ecmds, i);
-		ctrlname = skip_dot(ecmd->name);
-		ctrlvalue = ecmd->value;
-#ifdef ENGINE_CONF_DEBUG
-	fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue);
-#endif
-
-		/* First handle some special pseudo ctrls */
-
-		/* Override engine name to use */
-		if (!strcmp(ctrlname, "engine_id"))
-			name = ctrlvalue;
-		/* Load a dynamic ENGINE */
-		else if (!strcmp(ctrlname, "dynamic_path"))
-			{
-			e = ENGINE_by_id("dynamic");
-			if (!e)
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
-				goto err;
-			}
-		/* ... add other pseudos here ... */
-		else
-			{
-			/* At this point we need an ENGINE structural reference
-			 * if we don't already have one.
-			 */
-			if (!e)
-				{
-				e = ENGINE_by_id(name);
-				if (!e)
-					return 0;
-				}
-			/* Allow "EMPTY" to mean no value: this allows a valid
-			 * "value" to be passed to ctrls of type NO_INPUT
-		 	 */
-			if (!strcmp(ctrlvalue, "EMPTY"))
-				ctrlvalue = NULL;
-			else if (!strcmp(ctrlname, "init"))
-				{
-				if (!NCONF_get_number_e(cnf, value, "init", &do_init))
-					goto err;
-				if (do_init == 1)
-					{
-					if (!int_engine_init(e))
-						goto err;
-					}
-				else if (do_init != 0)
-					{
-					ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE);
-					goto err;
-					}
-				}
-			else if (!strcmp(ctrlname, "default_algorithms"))
-				{
-				if (!ENGINE_set_default_string(e, ctrlvalue))
-					goto err;
-				}
-			else if (!ENGINE_ctrl_cmd_string(e,
-					ctrlname, ctrlvalue, 0))
-				return 0;
-			}
-
-
-
-		}
-	if (e && (do_init == -1) && !int_engine_init(e))
-		goto err;
-	ret = 1;
-	err:
-	if (e)
-		ENGINE_free(e);
-	return ret;
-	}
-
-
-static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
-	{
-	STACK_OF(CONF_VALUE) *elist;
-	CONF_VALUE *cval;
-	int i;
-#ifdef ENGINE_CONF_DEBUG
-	fprintf(stderr, "Called engine module: name %s, value %s\n",
-			CONF_imodule_get_name(md), CONF_imodule_get_value(md));
-#endif
-	/* Value is a section containing ENGINEs to configure */
-	elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
-
-	if (!elist)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR);
-		return 0;
-		}
-
-	for (i = 0; i < sk_CONF_VALUE_num(elist); i++)
-		{
-		cval = sk_CONF_VALUE_value(elist, i);
-		if (!int_engine_configure(cval->name, cval->value, cnf))
-			return 0;
-		}
-
-	return 1;
-	}
-
-static void int_engine_module_finish(CONF_IMODULE *md)
-	{
-	ENGINE *e;
-	while ((e = sk_ENGINE_pop(initialized_engines)))
-		ENGINE_finish(e);
-	sk_ENGINE_free(initialized_engines);
-	initialized_engines = NULL;
-	}
-	
-
-void ENGINE_add_conf_module(void)
-	{
-	CONF_module_add("engines",
-			int_engine_module_init,
-			int_engine_module_finish);
-	}
diff --git a/crypto/openssl/crypto/engine/eng_ctrl.c b/crypto/openssl/crypto/engine/eng_ctrl.c
deleted file mode 100644
index ad3858395bed..000000000000
--- a/crypto/openssl/crypto/engine/eng_ctrl.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/engine/eng_ctrl.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-
-/* When querying a ENGINE-specific control command's 'description', this string
- * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
-static const char *int_no_description = "";
-
-/* These internal functions handle 'CMD'-related control commands when the
- * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
- * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
-
-static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
-	{
-	if((defn->cmd_num == 0) || (defn->cmd_name == NULL))
-		return 1;
-	return 0;
-	}
-
-static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
-	{
-	int idx = 0;
-	while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0))
-		{
-		idx++;
-		defn++;
-		}
-	if(int_ctrl_cmd_is_null(defn))
-		/* The given name wasn't found */
-		return -1;
-	return idx;
-	}
-
-static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
-	{
-	int idx = 0;
-	/* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
-	 * our searches don't need to take any longer than necessary. */
-	while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num))
-		{
-		idx++;
-		defn++;
-		}
-	if(defn->cmd_num == num)
-		return idx;
-	/* The given cmd_num wasn't found */
-	return -1;
-	}
-
-static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int idx;
-	char *s = (char *)p;
-	/* Take care of the easy one first (eg. it requires no searches) */
-	if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE)
-		{
-		if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
-			return 0;
-		return e->cmd_defns->cmd_num;
-		}
-	/* One or two commands require that "p" be a valid string buffer */
-	if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
-			(cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
-			(cmd == ENGINE_CTRL_GET_DESC_FROM_CMD))
-		{
-		if(s == NULL)
-			{
-			ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-				ERR_R_PASSED_NULL_PARAMETER);
-			return -1;
-			}
-		}
-	/* Now handle cmd_name -> cmd_num conversion */
-	if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME)
-		{
-		if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name(
-						e->cmd_defns, s)) < 0))
-			{
-			ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-				ENGINE_R_INVALID_CMD_NAME);
-			return -1;
-			}
-		return e->cmd_defns[idx].cmd_num;
-		}
-	/* For the rest of the commands, the 'long' argument must specify a
-	 * valie command number - so we need to conduct a search. */
-	if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
-					(unsigned int)i)) < 0))
-		{
-		ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-			ENGINE_R_INVALID_CMD_NUMBER);
-		return -1;
-		}
-	/* Now the logic splits depending on command type */
-	switch(cmd)
-		{
-	case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-		idx++;
-		if(int_ctrl_cmd_is_null(e->cmd_defns + idx))
-			/* end-of-list */
-			return 0;
-		else
-			return e->cmd_defns[idx].cmd_num;
-	case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-		return strlen(e->cmd_defns[idx].cmd_name);
-	case ENGINE_CTRL_GET_NAME_FROM_CMD:
-		return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
-	case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-		if(e->cmd_defns[idx].cmd_desc)
-			return strlen(e->cmd_defns[idx].cmd_desc);
-		return strlen(int_no_description);
-	case ENGINE_CTRL_GET_DESC_FROM_CMD:
-		if(e->cmd_defns[idx].cmd_desc)
-			return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
-		return sprintf(s, "%s", int_no_description);
-	case ENGINE_CTRL_GET_CMD_FLAGS:
-		return e->cmd_defns[idx].cmd_flags;
-		}
-	/* Shouldn't really be here ... */
-	ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR);
-	return -1;
-	}
-
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int ctrl_exists, ref_exists;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ref_exists = ((e->struct_ref > 0) ? 1 : 0);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
-	if(!ref_exists)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE);
-		return 0;
-		}
-	/* Intercept any "root-level" commands before trying to hand them on to
-	 * ctrl() handlers. */
-	switch(cmd)
-		{
-	case ENGINE_CTRL_HAS_CTRL_FUNCTION:
-		return ctrl_exists;
-	case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
-	case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-	case ENGINE_CTRL_GET_CMD_FROM_NAME:
-	case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-	case ENGINE_CTRL_GET_NAME_FROM_CMD:
-	case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-	case ENGINE_CTRL_GET_DESC_FROM_CMD:
-	case ENGINE_CTRL_GET_CMD_FLAGS:
-		if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
-			return int_ctrl_helper(e,cmd,i,p,f);
-		if(!ctrl_exists)
-			{
-			ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
-			/* For these cmd-related functions, failure is indicated
-			 * by a -1 return value (because 0 is used as a valid
-			 * return in some places). */
-			return -1;
-			}
-	default:
-		break;
-		}
-	/* Anything else requires a ctrl() handler to exist. */
-	if(!ctrl_exists)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
-		return 0;
-		}
-	return e->ctrl(e, cmd, i, p, f);
-	}
-
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
-	{
-	int flags;
-	if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
-			ENGINE_R_INVALID_CMD_NUMBER);
-		return 0;
-		}
-	if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
-			!(flags & ENGINE_CMD_FLAG_NUMERIC) &&
-			!(flags & ENGINE_CMD_FLAG_STRING))
-		return 0;
-	return 1;
-	}
-
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-        long i, void *p, void (*f)(), int cmd_optional)
-        {
-	int num;
-
-	if((e == NULL) || (cmd_name == NULL))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
-					ENGINE_CTRL_GET_CMD_FROM_NAME,
-					0, (void *)cmd_name, NULL)) <= 0))
-		{
-		/* If the command didn't *have* to be supported, we fake
-		 * success. This allows certain settings to be specified for
-		 * multiple ENGINEs and only require a change of ENGINE id
-		 * (without having to selectively apply settings). Eg. changing
-		 * from a hardware device back to the regular software ENGINE
-		 * without editing the config file, etc. */
-		if(cmd_optional)
-			{
-			ERR_clear_error();
-			return 1;
-			}
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
-			ENGINE_R_INVALID_CMD_NAME);
-		return 0;
-		}
-	/* Force the result of the control command to 0 or 1, for the reasons
-	 * mentioned before. */
-        if (ENGINE_ctrl(e, num, i, p, f))
-                return 1;
-        return 0;
-        }
-
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-				int cmd_optional)
-	{
-	int num, flags;
-	long l;
-	char *ptr;
-	if((e == NULL) || (cmd_name == NULL))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
-					ENGINE_CTRL_GET_CMD_FROM_NAME,
-					0, (void *)cmd_name, NULL)) <= 0))
-		{
-		/* If the command didn't *have* to be supported, we fake
-		 * success. This allows certain settings to be specified for
-		 * multiple ENGINEs and only require a change of ENGINE id
-		 * (without having to selectively apply settings). Eg. changing
-		 * from a hardware device back to the regular software ENGINE
-		 * without editing the config file, etc. */
-		if(cmd_optional)
-			{
-			ERR_clear_error();
-			return 1;
-			}
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_INVALID_CMD_NAME);
-		return 0;
-		}
-	if(!ENGINE_cmd_is_executable(e, num))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_CMD_NOT_EXECUTABLE);
-		return 0;
-		}
-	if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0)
-		{
-		/* Shouldn't happen, given that ENGINE_cmd_is_executable()
-		 * returned success. */
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_INTERNAL_LIST_ERROR);
-		return 0;
-		}
-	/* If the command takes no input, there must be no input. And vice
-	 * versa. */
-	if(flags & ENGINE_CMD_FLAG_NO_INPUT)
-		{
-		if(arg != NULL)
-			{
-			ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-				ENGINE_R_COMMAND_TAKES_NO_INPUT);
-			return 0;
-			}
-		/* We deliberately force the result of ENGINE_ctrl() to 0 or 1
-		 * rather than returning it as "return data". This is to ensure
-		 * usage of these commands is consistent across applications and
-		 * that certain applications don't understand it one way, and
-		 * others another. */
-		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
-			return 1;
-		return 0;
-		}
-	/* So, we require input */
-	if(arg == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_COMMAND_TAKES_INPUT);
-		return 0;
-		}
-	/* If it takes string input, that's easy */
-	if(flags & ENGINE_CMD_FLAG_STRING)
-		{
-		/* Same explanation as above */
-		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
-			return 1;
-		return 0;
-		}
-	/* If it doesn't take numeric either, then it is unsupported for use in
-	 * a config-setting situation, which is what this function is for. This
-	 * should never happen though, because ENGINE_cmd_is_executable() was
-	 * used. */
-	if(!(flags & ENGINE_CMD_FLAG_NUMERIC))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_INTERNAL_LIST_ERROR);
-		return 0;
-		}
-	l = strtol(arg, &ptr, 10);
-	if((arg == ptr) || (*ptr != '\0'))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
-		return 0;
-		}
-	/* Force the result of the control command to 0 or 1, for the reasons
-	 * mentioned before. */
-	if(ENGINE_ctrl(e, num, l, NULL, NULL))
-		return 1;
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_dyn.c b/crypto/openssl/crypto/engine/eng_dyn.c
deleted file mode 100644
index 4139a16e76dc..000000000000
--- a/crypto/openssl/crypto/engine/eng_dyn.c
+++ /dev/null
@@ -1,460 +0,0 @@
-/* crypto/engine/eng_dyn.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-#include <openssl/dso.h>
-
-/* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader
- * should implement the hook-up functions with the following prototypes. */
-
-/* Our ENGINE handlers */
-static int dynamic_init(ENGINE *e);
-static int dynamic_finish(ENGINE *e);
-static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-/* Predeclare our context type */
-typedef struct st_dynamic_data_ctx dynamic_data_ctx;
-/* The implementation for the important control command */
-static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx);
-
-#define DYNAMIC_CMD_SO_PATH		ENGINE_CMD_BASE
-#define DYNAMIC_CMD_NO_VCHECK		(ENGINE_CMD_BASE + 1)
-#define DYNAMIC_CMD_ID			(ENGINE_CMD_BASE + 2)
-#define DYNAMIC_CMD_LIST_ADD		(ENGINE_CMD_BASE + 3)
-#define DYNAMIC_CMD_LOAD		(ENGINE_CMD_BASE + 4)
-
-/* The constants used when creating the ENGINE */
-static const char *engine_dynamic_id = "dynamic";
-static const char *engine_dynamic_name = "Dynamic engine loading support";
-static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
-	{DYNAMIC_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the new ENGINE shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{DYNAMIC_CMD_NO_VCHECK,
-		"NO_VCHECK",
-		"Specifies to continue even if version checking fails (boolean)",
-		ENGINE_CMD_FLAG_NUMERIC},
-	{DYNAMIC_CMD_ID,
-		"ID",
-		"Specifies an ENGINE id name for loading",
-		ENGINE_CMD_FLAG_STRING},
-	{DYNAMIC_CMD_LIST_ADD,
-		"LIST_ADD",
-		"Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)",
-		ENGINE_CMD_FLAG_NUMERIC},
-	{DYNAMIC_CMD_LOAD,
-		"LOAD",
-		"Load up the ENGINE specified by other settings",
-		ENGINE_CMD_FLAG_NO_INPUT},
-	{0, NULL, NULL, 0}
-	};
-static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = {
-	{0, NULL, NULL, 0}
-	};
-
-/* Loading code stores state inside the ENGINE structure via the "ex_data"
- * element. We load all our state into a single structure and use that as a
- * single context in the "ex_data" stack. */
-struct st_dynamic_data_ctx
-	{
-	/* The DSO object we load that supplies the ENGINE code */
-	DSO *dynamic_dso;
-	/* The function pointer to the version checking shared library function */
-	dynamic_v_check_fn v_check;
-	/* The function pointer to the engine-binding shared library function */
-	dynamic_bind_engine bind_engine;
-	/* The default name/path for loading the shared library */
-	const char *DYNAMIC_LIBNAME;
-	/* Whether to continue loading on a version check failure */
-	int no_vcheck;
-	/* If non-NULL, stipulates the 'id' of the ENGINE to be loaded */
-	const char *engine_id;
-	/* If non-zero, a successfully loaded ENGINE should be added to the internal
-	 * ENGINE list. If 2, the add must succeed or the entire load should fail. */
-	int list_add_value;
-	/* The symbol name for the version checking function */
-	const char *DYNAMIC_F1;
-	/* The symbol name for the "initialise ENGINE structure" function */
-	const char *DYNAMIC_F2;
-	};
-
-/* This is the "ex_data" index we obtain and reserve for use with our context
- * structure. */
-static int dynamic_ex_data_idx = -1;
-
-/* Because our ex_data element may or may not get allocated depending on whether
- * a "first-use" occurs before the ENGINE is freed, we have a memory leak
- * problem to solve. We can't declare a "new" handler for the ex_data as we
- * don't want a dynamic_data_ctx in *all* ENGINE structures of all types (this
- * is a bug in the design of CRYPTO_EX_DATA). As such, we just declare a "free"
- * handler and that will get called if an ENGINE is being destroyed and there
- * was an ex_data element corresponding to our context type. */
-static void dynamic_data_ctx_free_func(void *parent, void *ptr,
-			CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
-	{
-	if(ptr)
-		{
-		dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
-		if(ctx->dynamic_dso)
-			DSO_free(ctx->dynamic_dso);
-		if(ctx->DYNAMIC_LIBNAME)
-			OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
-		if(ctx->engine_id)
-			OPENSSL_free((void*)ctx->engine_id);
-		OPENSSL_free(ctx);
-		}
-	}
-
-/* Construct the per-ENGINE context. We create it blindly and then use a lock to
- * check for a race - if so, all but one of the threads "racing" will have
- * wasted their time. The alternative involves creating everything inside the
- * lock which is far worse. */
-static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
-	{
-	dynamic_data_ctx *c;
-	c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
-	if(!c)
-		{
-		ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	memset(c, 0, sizeof(dynamic_data_ctx));
-	c->dynamic_dso = NULL;
-	c->v_check = NULL;
-	c->bind_engine = NULL;
-	c->DYNAMIC_LIBNAME = NULL;
-	c->no_vcheck = 0;
-	c->engine_id = NULL;
-	c->list_add_value = 0;
-	c->DYNAMIC_F1 = "v_check";
-	c->DYNAMIC_F2 = "bind_engine";
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
-				dynamic_ex_data_idx)) == NULL)
-		{
-		/* Good, we're the first */
-		ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
-		*ctx = c;
-		c = NULL;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* If we lost the race to set the context, c is non-NULL and *ctx is the
-	 * context of the thread that won. */
-	if(c)
-		OPENSSL_free(c);
-	return 1;
-	}
-
-/* This function retrieves the context structure from an ENGINE's "ex_data", or
- * if it doesn't exist yet, sets it up. */
-static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
-	{
-	dynamic_data_ctx *ctx;
-	if(dynamic_ex_data_idx < 0)
-		{
-		/* Create and register the ENGINE ex_data, and associate our
-		 * "free" function with it to ensure any allocated contexts get
-		 * freed when an ENGINE goes underground. */
-		int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL,
-					dynamic_data_ctx_free_func);
-		if(new_idx == -1)
-			{
-			ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX,ENGINE_R_NO_INDEX);
-			return NULL;
-			}
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		/* Avoid a race by checking again inside this lock */
-		if(dynamic_ex_data_idx < 0)
-			{
-			/* Good, someone didn't beat us to it */
-			dynamic_ex_data_idx = new_idx;
-			new_idx = -1;
-			}
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		/* In theory we could "give back" the index here if
-		 * (new_idx>-1), but it's not possible and wouldn't gain us much
-		 * if it were. */
-		}
-	ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx);
-	/* Check if the context needs to be created */
-	if((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx))
-		/* "set_data" will set errors if necessary */
-		return NULL;
-	return ctx;
-	}
-
-static ENGINE *engine_dynamic(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!ENGINE_set_id(ret, engine_dynamic_id) ||
-			!ENGINE_set_name(ret, engine_dynamic_name) ||
-			!ENGINE_set_init_function(ret, dynamic_init) ||
-			!ENGINE_set_finish_function(ret, dynamic_finish) ||
-			!ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
-			!ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
-			!ENGINE_set_cmd_defns(ret, dynamic_cmd_defns))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_dynamic(void)
-	{
-	ENGINE *toadd = engine_dynamic();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	/* If the "add" worked, it gets a structural reference. So either way,
-	 * we release our just-created reference. */
-	ENGINE_free(toadd);
-	/* If the "add" didn't work, it was probably a conflict because it was
-	 * already added (eg. someone calling ENGINE_load_blah then calling
-	 * ENGINE_load_builtin_engines() perhaps). */
-	ERR_clear_error();
-	}
-
-static int dynamic_init(ENGINE *e)
-	{
-	/* We always return failure - the "dyanamic" engine itself can't be used
-	 * for anything. */
-	return 0;
-	}
-
-static int dynamic_finish(ENGINE *e)
-	{
-	/* This should never be called on account of "dynamic_init" always
-	 * failing. */
-	return 0;
-	}
-
-static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	dynamic_data_ctx *ctx = dynamic_get_data_ctx(e);
-	int initialised;
-	
-	if(!ctx)
-		{
-		ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_NOT_LOADED);
-		return 0;
-		}
-	initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1);
-	/* All our control commands require the ENGINE to be uninitialised */
-	if(initialised)
-		{
-		ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
-			ENGINE_R_ALREADY_LOADED);
-		return 0;
-		}
-	switch(cmd)
-		{
-	case DYNAMIC_CMD_SO_PATH:
-		/* a NULL 'p' or a string of zero-length is the same thing */
-		if(p && (strlen((const char *)p) < 1))
-			p = NULL;
-		if(ctx->DYNAMIC_LIBNAME)
-			OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
-		if(p)
-			ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
-		else
-			ctx->DYNAMIC_LIBNAME = NULL;
-		return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
-	case DYNAMIC_CMD_NO_VCHECK:
-		ctx->no_vcheck = ((i == 0) ? 0 : 1);
-		return 1;
-	case DYNAMIC_CMD_ID:
-		/* a NULL 'p' or a string of zero-length is the same thing */
-		if(p && (strlen((const char *)p) < 1))
-			p = NULL;
-		if(ctx->engine_id)
-			OPENSSL_free((void*)ctx->engine_id);
-		if(p)
-			ctx->engine_id = BUF_strdup(p);
-		else
-			ctx->engine_id = NULL;
-		return (ctx->engine_id ? 1 : 0);
-	case DYNAMIC_CMD_LIST_ADD:
-		if((i < 0) || (i > 2))
-			{
-			ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
-				ENGINE_R_INVALID_ARGUMENT);
-			return 0;
-			}
-		ctx->list_add_value = (int)i;
-		return 1;
-	case DYNAMIC_CMD_LOAD:
-		return dynamic_load(e, ctx);
-	default:
-		break;
-		}
-	ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
-	{
-	ENGINE cpy;
-	dynamic_fns fns;
-
-	if(!ctx->DYNAMIC_LIBNAME || ((ctx->dynamic_dso = DSO_load(NULL,
-				ctx->DYNAMIC_LIBNAME, NULL, 0)) == NULL))
-		{
-		ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-			ENGINE_R_DSO_NOT_FOUND);
-		return 0;
-		}
-	/* We have to find a bind function otherwise it'll always end badly */
-	if(!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func(
-					ctx->dynamic_dso, ctx->DYNAMIC_F2)))
-		{
-		ctx->bind_engine = NULL;
-		DSO_free(ctx->dynamic_dso);
-		ctx->dynamic_dso = NULL;
-		ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-			ENGINE_R_DSO_FAILURE);
-		return 0;
-		}
-	/* Do we perform version checking? */
-	if(!ctx->no_vcheck)
-		{
-		unsigned long vcheck_res = 0;
-		/* Now we try to find a version checking function and decide how
-		 * to cope with failure if/when it fails. */
-		ctx->v_check = (dynamic_v_check_fn)DSO_bind_func(
-				ctx->dynamic_dso, ctx->DYNAMIC_F1);
-		if(ctx->v_check)
-			vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION);
-		/* We fail if the version checker veto'd the load *or* if it is
-		 * deferring to us (by returning its version) and we think it is
-		 * too old. */
-		if(vcheck_res < OSSL_DYNAMIC_OLDEST)
-			{
-			/* Fail */
-			ctx->bind_engine = NULL;
-			ctx->v_check = NULL;
-			DSO_free(ctx->dynamic_dso);
-			ctx->dynamic_dso = NULL;
-			ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-				ENGINE_R_VERSION_INCOMPATIBILITY);
-			return 0;
-			}
-		}
-	/* First binary copy the ENGINE structure so that we can roll back if
-	 * the hand-over fails */
-	memcpy(&cpy, e, sizeof(ENGINE));
-	/* Provide the ERR, "ex_data", memory, and locking callbacks so the
-	 * loaded library uses our state rather than its own. FIXME: As noted in
-	 * engine.h, much of this would be simplified if each area of code
-	 * provided its own "summary" structure of all related callbacks. It
-	 * would also increase opaqueness. */
-	fns.err_fns = ERR_get_implementation();
-	fns.ex_data_fns = CRYPTO_get_ex_data_implementation();
-	CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb,
-				&fns.mem_fns.realloc_cb,
-				&fns.mem_fns.free_cb);
-	fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback();
-	fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback();
-	fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback();
-	fns.lock_fns.dynlock_lock_cb = CRYPTO_get_dynlock_lock_callback();
-	fns.lock_fns.dynlock_destroy_cb = CRYPTO_get_dynlock_destroy_callback();
-	/* Now that we've loaded the dynamic engine, make sure no "dynamic"
-	 * ENGINE elements will show through. */
-	engine_set_all_null(e);
-
-	/* Try to bind the ENGINE onto our own ENGINE structure */
-	if(!ctx->bind_engine(e, ctx->engine_id, &fns))
-		{
-		ctx->bind_engine = NULL;
-		ctx->v_check = NULL;
-		DSO_free(ctx->dynamic_dso);
-		ctx->dynamic_dso = NULL;
-		ENGINEerr(ENGINE_F_DYNAMIC_LOAD,ENGINE_R_INIT_FAILED);
-		/* Copy the original ENGINE structure back */
-		memcpy(e, &cpy, sizeof(ENGINE));
-		return 0;
-		}
-	/* Do we try to add this ENGINE to the internal list too? */
-	if(ctx->list_add_value > 0)
-		{
-		if(!ENGINE_add(e))
-			{
-			/* Do we tolerate this or fail? */
-			if(ctx->list_add_value > 1)
-				{
-				/* Fail - NB: By this time, it's too late to
-				 * rollback, and trying to do so allows the
-				 * bind_engine() code to have created leaks. We
-				 * just have to fail where we are, after the
-				 * ENGINE has changed. */
-				ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-					ENGINE_R_CONFLICTING_ENGINE_ID);
-				return 0;
-				}
-			/* Tolerate */
-			ERR_clear_error();
-			}
-		}
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_err.c b/crypto/openssl/crypto/engine/eng_err.c
deleted file mode 100644
index 814d95ee3283..000000000000
--- a/crypto/openssl/crypto/engine/eng_err.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* crypto/engine/eng_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/engine.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ENGINE_str_functs[]=
-	{
-{ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0),	"DYNAMIC_CTRL"},
-{ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0),	"DYNAMIC_GET_DATA_CTX"},
-{ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0),	"DYNAMIC_LOAD"},
-{ERR_PACK(0,ENGINE_F_ENGINE_ADD,0),	"ENGINE_add"},
-{ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0),	"ENGINE_by_id"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,0),	"ENGINE_cmd_is_executable"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0),	"ENGINE_ctrl"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD,0),	"ENGINE_ctrl_cmd"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0),	"ENGINE_ctrl_cmd_string"},
-{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),	"ENGINE_finish"},
-{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),	"ENGINE_free"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0),	"ENGINE_get_cipher"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0),	"ENGINE_GET_DEFAULT_TYPE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0),	"ENGINE_get_digest"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0),	"ENGINE_get_next"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0),	"ENGINE_get_prev"},
-{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0),	"ENGINE_init"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LIST_ADD,0),	"ENGINE_LIST_ADD"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LIST_REMOVE,0),	"ENGINE_LIST_REMOVE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,0),	"ENGINE_load_private_key"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,0),	"ENGINE_load_public_key"},
-{ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0),	"ENGINE_MODULE_INIT"},
-{ERR_PACK(0,ENGINE_F_ENGINE_NEW,0),	"ENGINE_new"},
-{ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0),	"ENGINE_remove"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0),	"ENGINE_set_default_string"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0),	"ENGINE_SET_DEFAULT_TYPE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0),	"ENGINE_set_id"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),	"ENGINE_set_name"},
-{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0),	"ENGINE_TABLE_REGISTER"},
-{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),	"ENGINE_UNLOAD_KEY"},
-{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0),	"ENGINE_up_ref"},
-{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),	"INT_CTRL_HELPER"},
-{ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0),	"INT_ENGINE_CONFIGURE"},
-{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),	"LOG_MESSAGE"},
-{ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0),	"SET_DATA_CTX"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ENGINE_str_reasons[]=
-	{
-{ENGINE_R_ALREADY_LOADED                 ,"already loaded"},
-{ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER       ,"argument is not a number"},
-{ENGINE_R_CMD_NOT_EXECUTABLE             ,"cmd not executable"},
-{ENGINE_R_COMMAND_TAKES_INPUT            ,"command takes input"},
-{ENGINE_R_COMMAND_TAKES_NO_INPUT         ,"command takes no input"},
-{ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"},
-{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{ENGINE_R_DH_NOT_IMPLEMENTED             ,"dh not implemented"},
-{ENGINE_R_DSA_NOT_IMPLEMENTED            ,"dsa not implemented"},
-{ENGINE_R_DSO_FAILURE                    ,"DSO failure"},
-{ENGINE_R_DSO_NOT_FOUND                  ,"dso not found"},
-{ENGINE_R_ENGINES_SECTION_ERROR          ,"engines section error"},
-{ENGINE_R_ENGINE_IS_NOT_IN_LIST          ,"engine is not in the list"},
-{ENGINE_R_ENGINE_SECTION_ERROR           ,"engine section error"},
-{ENGINE_R_FAILED_LOADING_PRIVATE_KEY     ,"failed loading private key"},
-{ENGINE_R_FAILED_LOADING_PUBLIC_KEY      ,"failed loading public key"},
-{ENGINE_R_FINISH_FAILED                  ,"finish failed"},
-{ENGINE_R_GET_HANDLE_FAILED              ,"could not obtain hardware handle"},
-{ENGINE_R_ID_OR_NAME_MISSING             ,"'id' or 'name' missing"},
-{ENGINE_R_INIT_FAILED                    ,"init failed"},
-{ENGINE_R_INTERNAL_LIST_ERROR            ,"internal list error"},
-{ENGINE_R_INVALID_ARGUMENT               ,"invalid argument"},
-{ENGINE_R_INVALID_CMD_NAME               ,"invalid cmd name"},
-{ENGINE_R_INVALID_CMD_NUMBER             ,"invalid cmd number"},
-{ENGINE_R_INVALID_INIT_VALUE             ,"invalid init value"},
-{ENGINE_R_INVALID_STRING                 ,"invalid string"},
-{ENGINE_R_NOT_INITIALISED                ,"not initialised"},
-{ENGINE_R_NOT_LOADED                     ,"not loaded"},
-{ENGINE_R_NO_CONTROL_FUNCTION            ,"no control function"},
-{ENGINE_R_NO_INDEX                       ,"no index"},
-{ENGINE_R_NO_LOAD_FUNCTION               ,"no load function"},
-{ENGINE_R_NO_REFERENCE                   ,"no reference"},
-{ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"},
-{ENGINE_R_NO_UNLOAD_FUNCTION             ,"no unload function"},
-{ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"},
-{ENGINE_R_RSA_NOT_IMPLEMENTED            ,"rsa not implemented"},
-{ENGINE_R_UNIMPLEMENTED_CIPHER           ,"unimplemented cipher"},
-{ENGINE_R_UNIMPLEMENTED_DIGEST           ,"unimplemented digest"},
-{ENGINE_R_VERSION_INCOMPATIBILITY        ,"version incompatibility"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_ENGINE_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_functs);
-		ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/engine/eng_fat.c b/crypto/openssl/crypto/engine/eng_fat.c
deleted file mode 100644
index f7edb5ad32f0..000000000000
--- a/crypto/openssl/crypto/engine/eng_fat.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/* crypto/engine/eng_fat.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-#include <openssl/conf.h>
-
-int ENGINE_set_default(ENGINE *e, unsigned int flags)
-	{
-	if((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
-		return 0;
-	if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
-		return 0;
-#ifndef OPENSSL_NO_RSA
-	if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_DSA
-	if((flags & ENGINE_METHOD_DSA) & !ENGINE_set_default_DSA(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_DH
-	if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e))
-		return 0;
-#endif
-	if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e))
-		return 0;
-	return 1;
-	}
-
-/* Set default algorithms using a string */
-
-static int int_def_cb(const char *alg, int len, void *arg)
-	{
-	unsigned int *pflags = arg;
-	if (!strncmp(alg, "ALL", len))
-		*pflags |= ENGINE_METHOD_ALL;
-	else if (!strncmp(alg, "RSA", len))
-		*pflags |= ENGINE_METHOD_RSA;
-	else if (!strncmp(alg, "DSA", len))
-		*pflags |= ENGINE_METHOD_DSA;
-	else if (!strncmp(alg, "DH", len))
-		*pflags |= ENGINE_METHOD_DH;
-	else if (!strncmp(alg, "RAND", len))
-		*pflags |= ENGINE_METHOD_RAND;
-	else if (!strncmp(alg, "CIPHERS", len))
-		*pflags |= ENGINE_METHOD_CIPHERS;
-	else if (!strncmp(alg, "DIGESTS", len))
-		*pflags |= ENGINE_METHOD_DIGESTS;
-	else
-		return 0;
-	return 1;
-	}
-
-
-int ENGINE_set_default_string(ENGINE *e, const char *list)
-	{
-	unsigned int flags = 0;
-	if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
-					ENGINE_R_INVALID_STRING);
-		ERR_add_error_data(2, "str=",list);
-		return 0;
-		}
-	return ENGINE_set_default(e, flags);
-	}
-
-int ENGINE_register_complete(ENGINE *e)
-	{
-	ENGINE_register_ciphers(e);
-	ENGINE_register_digests(e);
-#ifndef OPENSSL_NO_RSA
-	ENGINE_register_RSA(e);
-#endif
-#ifndef OPENSSL_NO_DSA
-	ENGINE_register_DSA(e);
-#endif
-#ifndef OPENSSL_NO_DH
-	ENGINE_register_DH(e);
-#endif
-	ENGINE_register_RAND(e);
-	return 1;
-	}
-
-int ENGINE_register_all_complete(void)
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_complete(e);
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_init.c b/crypto/openssl/crypto/engine/eng_init.c
deleted file mode 100644
index 170c1791b305..000000000000
--- a/crypto/openssl/crypto/engine/eng_init.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/engine/eng_init.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-
-/* Initialise a engine type for use (or up its functional reference count
- * if it's already in use). This version is only used internally. */
-int engine_unlocked_init(ENGINE *e)
-	{
-	int to_return = 1;
-
-	if((e->funct_ref == 0) && e->init)
-		/* This is the first functional reference and the engine
-		 * requires initialisation so we do it now. */
-		to_return = e->init(e);
-	if(to_return)
-		{
-		/* OK, we return a functional reference which is also a
-		 * structural reference. */
-		e->struct_ref++;
-		e->funct_ref++;
-		engine_ref_debug(e, 0, 1)
-		engine_ref_debug(e, 1, 1)
-		}
-	return to_return;
-	}
-
-/* Free a functional reference to a engine type. This version is only used
- * internally. */
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
-	{
-	int to_return = 1;
-
-	/* Reduce the functional reference count here so if it's the terminating
-	 * case, we can release the lock safely and call the finish() handler
-	 * without risk of a race. We get a race if we leave the count until
-	 * after and something else is calling "finish" at the same time -
-	 * there's a chance that both threads will together take the count from
-	 * 2 to 0 without either calling finish(). */
-	e->funct_ref--;
-	engine_ref_debug(e, 1, -1);
-	if((e->funct_ref == 0) && e->finish)
-		{
-		if(unlock_for_handlers)
-			CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		to_return = e->finish(e);
-		if(unlock_for_handlers)
-			CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		if(!to_return)
-			return 0;
-		}
-#ifdef REF_CHECK
-	if(e->funct_ref < 0)
-		{
-		fprintf(stderr,"ENGINE_finish, bad functional reference count\n");
-		abort();
-		}
-#endif
-	/* Release the structural reference too */
-	if(!engine_free_util(e, 0))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
-		return 0;
-		}
-	return to_return;
-	}
-
-/* The API (locked) version of "init" */
-int ENGINE_init(ENGINE *e)
-	{
-	int ret;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_unlocked_init(e);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-	}
-
-/* The API (locked) version of "finish" */
-int ENGINE_finish(ENGINE *e)
-	{
-	int to_return = 1;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	to_return = engine_unlocked_finish(e, 1);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if(!to_return)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
-		return 0;
-		}
-	return to_return;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_int.h b/crypto/openssl/crypto/engine/eng_int.h
deleted file mode 100644
index 38335f99cdaa..000000000000
--- a/crypto/openssl/crypto/engine/eng_int.h
+++ /dev/null
@@ -1,185 +0,0 @@
-/* crypto/engine/eng_int.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ENGINE_INT_H
-#define HEADER_ENGINE_INT_H
-
-/* Take public definitions from engine.h */
-#include <openssl/engine.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* If we compile with this symbol defined, then both reference counts in the
- * ENGINE structure will be monitored with a line of output on stderr for each
- * change. This prints the engine's pointer address (truncated to unsigned int),
- * "struct" or "funct" to indicate the reference type, the before and after
- * reference count, and the file:line-number pair. The "engine_ref_debug"
- * statements must come *after* the change. */
-#ifdef ENGINE_REF_COUNT_DEBUG
-
-#define engine_ref_debug(e, isfunct, diff) \
-	fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
-		(unsigned int)(e), (isfunct ? "funct" : "struct"), \
-		((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
-		((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
-		(__FILE__), (__LINE__));
-
-#else
-
-#define engine_ref_debug(e, isfunct, diff)
-
-#endif
-
-/* Any code that will need cleanup operations should use these functions to
- * register callbacks. ENGINE_cleanup() will call all registered callbacks in
- * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
- * held (in "write" mode). */
-typedef void (ENGINE_CLEANUP_CB)(void);
-typedef struct st_engine_cleanup_item
-	{
-	ENGINE_CLEANUP_CB *cb;
-	} ENGINE_CLEANUP_ITEM;
-DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
-
-/* We need stacks of ENGINEs for use in eng_table.c */
-DECLARE_STACK_OF(ENGINE)
-
-/* If this symbol is defined then engine_table_select(), the function that is
- * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
- * functional references (etc), will display debugging summaries to stderr. */
-/* #define ENGINE_TABLE_DEBUG */
-
-/* This represents an implementation table. Dependent code should instantiate it
- * as a (ENGINE_TABLE *) pointer value set initially to NULL. */
-typedef struct st_engine_table ENGINE_TABLE;
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-		ENGINE *e, const int *nids, int num_nids, int setdefault);
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
-void engine_table_cleanup(ENGINE_TABLE **table);
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l);
-#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
-#endif
-
-/* Internal versions of API functions that have control over locking. These are
- * used between C files when functionality needs to be shared but the caller may
- * already be controlling of the CRYPTO_LOCK_ENGINE lock. */
-int engine_unlocked_init(ENGINE *e);
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
-int engine_free_util(ENGINE *e, int locked);
-
-/* This function will reset all "set"able values in an ENGINE to NULL. This
- * won't touch reference counts or ex_data, but is equivalent to calling all the
- * ENGINE_set_***() functions with a NULL value. */
-void engine_set_all_null(ENGINE *e);
-
-/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
- * in engine.h. */
-
-/* This is a structure for storing implementations of various crypto
- * algorithms and functions. */
-struct engine_st
-	{
-	const char *id;
-	const char *name;
-	const RSA_METHOD *rsa_meth;
-	const DSA_METHOD *dsa_meth;
-	const DH_METHOD *dh_meth;
-	const RAND_METHOD *rand_meth;
-	/* Cipher handling is via this callback */
-	ENGINE_CIPHERS_PTR ciphers;
-	/* Digest handling is via this callback */
-	ENGINE_DIGESTS_PTR digests;
-
-
-	ENGINE_GEN_INT_FUNC_PTR	destroy;
-
-	ENGINE_GEN_INT_FUNC_PTR init;
-	ENGINE_GEN_INT_FUNC_PTR finish;
-	ENGINE_CTRL_FUNC_PTR ctrl;
-	ENGINE_LOAD_KEY_PTR load_privkey;
-	ENGINE_LOAD_KEY_PTR load_pubkey;
-
-	const ENGINE_CMD_DEFN *cmd_defns;
-	int flags;
-	/* reference count on the structure itself */
-	int struct_ref;
-	/* reference count on usability of the engine type. NB: This
-	 * controls the loading and initialisation of any functionlity
-	 * required by this engine, whereas the previous count is
-	 * simply to cope with (de)allocation of this structure. Hence,
-	 * running_ref <= struct_ref at all times. */
-	int funct_ref;
-	/* A place to store per-ENGINE data */
-	CRYPTO_EX_DATA ex_data;
-	/* Used to maintain the linked-list of engines. */
-	struct engine_st *prev;
-	struct engine_st *next;
-	};
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_ENGINE_INT_H */
diff --git a/crypto/openssl/crypto/engine/eng_lib.c b/crypto/openssl/crypto/engine/eng_lib.c
deleted file mode 100644
index a66d0f08af26..000000000000
--- a/crypto/openssl/crypto/engine/eng_lib.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/* crypto/engine/eng_lib.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/rand.h> /* FIXME: This shouldn't be needed */
-#include <openssl/engine.h>
-
-/* The "new"/"free" stuff first */
-
-ENGINE *ENGINE_new(void)
-	{
-	ENGINE *ret;
-
-	ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
-	if(ret == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-	memset(ret, 0, sizeof(ENGINE));
-	ret->struct_ref = 1;
-	engine_ref_debug(ret, 0, 1)
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
-	return ret;
-	}
-
-/* Placed here (close proximity to ENGINE_new) so that modifications to the
- * elements of the ENGINE structure are more likely to be caught and changed
- * here. */
-void engine_set_all_null(ENGINE *e)
-	{
-	e->id = NULL;
-	e->name = NULL;
-	e->rsa_meth = NULL;
-	e->dsa_meth = NULL;
-	e->dh_meth = NULL;
-	e->rand_meth = NULL;
-	e->ciphers = NULL;
-	e->digests = NULL;
-	e->destroy = NULL;
-	e->init = NULL;
-	e->finish = NULL;
-	e->ctrl = NULL;
-	e->load_privkey = NULL;
-	e->load_pubkey = NULL;
-	e->cmd_defns = NULL;
-	e->flags = 0;
-	}
-
-int engine_free_util(ENGINE *e, int locked)
-	{
-	int i;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_FREE,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	if(locked)
-		i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE);
-	else
-		i = --e->struct_ref;
-	engine_ref_debug(e, 0, -1)
-	if (i > 0) return 1;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"ENGINE_free, bad structural reference count\n");
-		abort();
-		}
-#endif
-	/* Give the ENGINE a chance to do any structural cleanup corresponding
-	 * to allocation it did in its constructor (eg. unload error strings) */
-	if(e->destroy)
-		e->destroy(e);
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
-	OPENSSL_free(e);
-	return 1;
-	}
-
-int ENGINE_free(ENGINE *e)
-	{
-	return engine_free_util(e, 1);
-	}
-
-/* Cleanup stuff */
-
-/* ENGINE_cleanup() is coded such that anything that does work that will need
- * cleanup can register a "cleanup" callback here. That way we don't get linker
- * bloat by referring to all *possible* cleanups, but any linker bloat into code
- * "X" will cause X's cleanup function to end up here. */
-static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
-static int int_cleanup_check(int create)
-	{
-	if(cleanup_stack) return 1;
-	if(!create) return 0;
-	cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
-	return (cleanup_stack ? 1 : 0);
-	}
-static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
-	{
-	ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(
-					ENGINE_CLEANUP_ITEM));
-	if(!item) return NULL;
-	item->cb = cb;
-	return item;
-	}
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
-	{
-	ENGINE_CLEANUP_ITEM *item;
-	if(!int_cleanup_check(1)) return;
-	item = int_cleanup_item(cb);
-	if(item)
-		sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
-	}
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
-	{
-	ENGINE_CLEANUP_ITEM *item;
-	if(!int_cleanup_check(1)) return;
-	item = int_cleanup_item(cb);
-	if(item)
-		sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
-	}
-/* The API function that performs all cleanup */
-static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
-	{
-	(*(item->cb))();
-	OPENSSL_free(item);
-	}
-void ENGINE_cleanup(void)
-	{
-	if(int_cleanup_check(0))
-		{
-		sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
-			engine_cleanup_cb_free);
-		cleanup_stack = NULL;
-		}
-	/* FIXME: This should be handled (somehow) through RAND, eg. by it
-	 * registering a cleanup callback. */
-	RAND_set_rand_method(NULL);
-	}
-
-/* Now the "ex_data" support */
-
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
-			new_func, dup_func, free_func);
-	}
-
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&e->ex_data, idx, arg));
-	}
-
-void *ENGINE_get_ex_data(const ENGINE *e, int idx)
-	{
-	return(CRYPTO_get_ex_data(&e->ex_data, idx));
-	}
-
-/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
- * ENGINE structure itself. */
-
-int ENGINE_set_id(ENGINE *e, const char *id)
-	{
-	if(id == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_SET_ID,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	e->id = id;
-	return 1;
-	}
-
-int ENGINE_set_name(ENGINE *e, const char *name)
-	{
-	if(name == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	e->name = name;
-	return 1;
-	}
-
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
-	{
-	e->destroy = destroy_f;
-	return 1;
-	}
-
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
-	{
-	e->init = init_f;
-	return 1;
-	}
-
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
-	{
-	e->finish = finish_f;
-	return 1;
-	}
-
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
-	{
-	e->ctrl = ctrl_f;
-	return 1;
-	}
-
-int ENGINE_set_flags(ENGINE *e, int flags)
-	{
-	e->flags = flags;
-	return 1;
-	}
-
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
-	{
-	e->cmd_defns = defns;
-	return 1;
-	}
-
-const char *ENGINE_get_id(const ENGINE *e)
-	{
-	return e->id;
-	}
-
-const char *ENGINE_get_name(const ENGINE *e)
-	{
-	return e->name;
-	}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
-	{
-	return e->destroy;
-	}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
-	{
-	return e->init;
-	}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
-	{
-	return e->finish;
-	}
-
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
-	{
-	return e->ctrl;
-	}
-
-int ENGINE_get_flags(const ENGINE *e)
-	{
-	return e->flags;
-	}
-
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
-	{
-	return e->cmd_defns;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_list.c b/crypto/openssl/crypto/engine/eng_list.c
deleted file mode 100644
index 1cc3217f4cc1..000000000000
--- a/crypto/openssl/crypto/engine/eng_list.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/* crypto/engine/eng_list.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-
-/* The linked-list of pointers to engine types. engine_list_head
- * incorporates an implicit structural reference but engine_list_tail
- * does not - the latter is a computational niceity and only points
- * to something that is already pointed to by its predecessor in the
- * list (or engine_list_head itself). In the same way, the use of the
- * "prev" pointer in each ENGINE is to save excessive list iteration,
- * it doesn't correspond to an extra structural reference. Hence,
- * engine_list_head, and each non-null "next" pointer account for
- * the list itself assuming exactly 1 structural reference on each
- * list member. */
-static ENGINE *engine_list_head = NULL;
-static ENGINE *engine_list_tail = NULL;
-
-/* This cleanup function is only needed internally. If it should be called, we
- * register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
-
-static void engine_list_cleanup(void)
-	{
-	ENGINE *iterator = engine_list_head;
-
-	while(iterator != NULL)
-		{
-		ENGINE_remove(iterator);
-		iterator = engine_list_head;
-		}
-	return;
-	}
-
-/* These static functions starting with a lower case "engine_" always
- * take place when CRYPTO_LOCK_ENGINE has been locked up. */
-static int engine_list_add(ENGINE *e)
-	{
-	int conflict = 0;
-	ENGINE *iterator = NULL;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	iterator = engine_list_head;
-	while(iterator && !conflict)
-		{
-		conflict = (strcmp(iterator->id, e->id) == 0);
-		iterator = iterator->next;
-		}
-	if(conflict)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-			ENGINE_R_CONFLICTING_ENGINE_ID);
-		return 0;
-		}
-	if(engine_list_head == NULL)
-		{
-		/* We are adding to an empty list. */
-		if(engine_list_tail)
-			{
-			ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-				ENGINE_R_INTERNAL_LIST_ERROR);
-			return 0;
-			}
-		engine_list_head = e;
-		e->prev = NULL;
-		/* The first time the list allocates, we should register the
-		 * cleanup. */
-		engine_cleanup_add_last(engine_list_cleanup);
-		}
-	else
-		{
-		/* We are adding to the tail of an existing list. */
-		if((engine_list_tail == NULL) ||
-				(engine_list_tail->next != NULL))
-			{
-			ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-				ENGINE_R_INTERNAL_LIST_ERROR);
-			return 0;
-			}
-		engine_list_tail->next = e;
-		e->prev = engine_list_tail;
-		}
-	/* Having the engine in the list assumes a structural
-	 * reference. */
-	e->struct_ref++;
-	engine_ref_debug(e, 0, 1)
-	/* However it came to be, e is the last item in the list. */
-	engine_list_tail = e;
-	e->next = NULL;
-	return 1;
-	}
-
-static int engine_list_remove(ENGINE *e)
-	{
-	ENGINE *iterator;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	/* We need to check that e is in our linked list! */
-	iterator = engine_list_head;
-	while(iterator && (iterator != e))
-		iterator = iterator->next;
-	if(iterator == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
-			ENGINE_R_ENGINE_IS_NOT_IN_LIST);
-		return 0;
-		}
-	/* un-link e from the chain. */
-	if(e->next)
-		e->next->prev = e->prev;
-	if(e->prev)
-		e->prev->next = e->next;
-	/* Correct our head/tail if necessary. */
-	if(engine_list_head == e)
-		engine_list_head = e->next;
-	if(engine_list_tail == e)
-		engine_list_tail = e->prev;
-	engine_free_util(e, 0);
-	return 1;
-	}
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void)
-	{
-	ENGINE *ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_list_head;
-	if(ret)
-		{
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-	}
-
-ENGINE *ENGINE_get_last(void)
-	{
-	ENGINE *ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_list_tail;
-	if(ret)
-		{
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-	}
-
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e)
-	{
-	ENGINE *ret = NULL;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_GET_NEXT,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = e->next;
-	if(ret)
-		{
-		/* Return a valid structural refernce to the next ENGINE */
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Release the structural reference to the previous ENGINE */
-	ENGINE_free(e);
-	return ret;
-	}
-
-ENGINE *ENGINE_get_prev(ENGINE *e)
-	{
-	ENGINE *ret = NULL;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_GET_PREV,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = e->prev;
-	if(ret)
-		{
-		/* Return a valid structural reference to the next ENGINE */
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Release the structural reference to the previous ENGINE */
-	ENGINE_free(e);
-	return ret;
-	}
-
-/* Add another "ENGINE" type into the list. */
-int ENGINE_add(ENGINE *e)
-	{
-	int to_return = 1;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	if((e->id == NULL) || (e->name == NULL))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-			ENGINE_R_ID_OR_NAME_MISSING);
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(!engine_list_add(e))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-			ENGINE_R_INTERNAL_LIST_ERROR);
-		to_return = 0;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return to_return;
-	}
-
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e)
-	{
-	int to_return = 1;
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_REMOVE,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(!engine_list_remove(e))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_REMOVE,
-			ENGINE_R_INTERNAL_LIST_ERROR);
-		to_return = 0;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return to_return;
-	}
-
-static void engine_cpy(ENGINE *dest, const ENGINE *src)
-	{
-	dest->id = src->id;
-	dest->name = src->name;
-#ifndef OPENSSL_NO_RSA
-	dest->rsa_meth = src->rsa_meth;
-#endif
-#ifndef OPENSSL_NO_DSA
-	dest->dsa_meth = src->dsa_meth;
-#endif
-#ifndef OPENSSL_NO_DH
-	dest->dh_meth = src->dh_meth;
-#endif
-	dest->rand_meth = src->rand_meth;
-	dest->ciphers = src->ciphers;
-	dest->digests = src->digests;
-	dest->destroy = src->destroy;
-	dest->init = src->init;
-	dest->finish = src->finish;
-	dest->ctrl = src->ctrl;
-	dest->load_privkey = src->load_privkey;
-	dest->load_pubkey = src->load_pubkey;
-	dest->cmd_defns = src->cmd_defns;
-	dest->flags = src->flags;
-	}
-
-ENGINE *ENGINE_by_id(const char *id)
-	{
-	ENGINE *iterator;
-	if(id == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_BY_ID,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	iterator = engine_list_head;
-	while(iterator && (strcmp(id, iterator->id) != 0))
-		iterator = iterator->next;
-	if(iterator)
-		{
-		/* We need to return a structural reference. If this is an
-		 * ENGINE type that returns copies, make a duplicate - otherwise
-		 * increment the existing ENGINE's reference count. */
-		if(iterator->flags & ENGINE_FLAGS_BY_ID_COPY)
-			{
-			ENGINE *cp = ENGINE_new();
-			if(!cp)
-				iterator = NULL;
-			else
-				{
-				engine_cpy(cp, iterator);
-				iterator = cp;
-				}
-			}
-		else
-			{
-			iterator->struct_ref++;
-			engine_ref_debug(iterator, 0, 1)
-			}
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if(iterator == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_BY_ID,
-			ENGINE_R_NO_SUCH_ENGINE);
-		ERR_add_error_data(2, "id=", id);
-		}
-	return iterator;
-	}
-
-int ENGINE_up_ref(ENGINE *e)
-	{
-	if (e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_UP_REF,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_add(&e->struct_ref,1,CRYPTO_LOCK_ENGINE);
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_openssl.c b/crypto/openssl/crypto/engine/eng_openssl.c
deleted file mode 100644
index 54579eea2e67..000000000000
--- a/crypto/openssl/crypto/engine/eng_openssl.c
+++ /dev/null
@@ -1,361 +0,0 @@
-/* crypto/engine/eng_openssl.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/engine.h>
-#include <openssl/dso.h>
-#include <openssl/pem.h>
-#include <openssl/evp.h>
-
-/* This testing gunk is implemented (and explained) lower down. It also assumes
- * the application explicitly calls "ENGINE_load_openssl()" because this is no
- * longer automatic in ENGINE_load_builtin_engines(). */
-#define TEST_ENG_OPENSSL_RC4
-#define TEST_ENG_OPENSSL_PKEY
-/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
-/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
-#define TEST_ENG_OPENSSL_SHA
-/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
-/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
-/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
-/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
-
-/* Now check what of those algorithms are actually enabled */
-#ifdef OPENSSL_NO_RC4
-#undef TEST_ENG_OPENSSL_RC4
-#undef TEST_ENG_OPENSSL_RC4_OTHERS
-#undef TEST_ENG_OPENSSL_RC4_P_INIT
-#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
-#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
-#undef TEST_ENG_OPENSSL_SHA
-#undef TEST_ENG_OPENSSL_SHA_OTHERS
-#undef TEST_ENG_OPENSSL_SHA_P_INIT
-#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-#undef TEST_ENG_OPENSSL_SHA_P_FINAL 
-#endif
-
-#ifdef TEST_ENG_OPENSSL_RC4
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-				const int **nids, int nid);
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
-				const int **nids, int nid);
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-#endif
-
-/* The constants used when creating the ENGINE */
-static const char *engine_openssl_id = "openssl";
-static const char *engine_openssl_name = "Software engine support";
-
-/* This internal function is used by ENGINE_openssl() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-	if(!ENGINE_set_id(e, engine_openssl_id)
-			|| !ENGINE_set_name(e, engine_openssl_name)
-#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
-#ifndef OPENSSL_NO_RSA
-			|| !ENGINE_set_RSA(e, RSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DSA
-			|| !ENGINE_set_DSA(e, DSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DH
-			|| !ENGINE_set_DH(e, DH_get_default_method())
-#endif
-			|| !ENGINE_set_RAND(e, RAND_SSLeay())
-#ifdef TEST_ENG_OPENSSL_RC4
-			|| !ENGINE_set_ciphers(e, openssl_ciphers)
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-			|| !ENGINE_set_digests(e, openssl_digests)
-#endif
-#endif
-#ifdef TEST_ENG_OPENSSL_PKEY
-			|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
-#endif
-			)
-		return 0;
-	/* If we add errors to this ENGINE, ensure the error handling is setup here */
-	/* openssl_load_error_strings(); */
-	return 1;
-	}
-
-static ENGINE *engine_openssl(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_openssl(void)
-	{
-	ENGINE *toadd = engine_openssl();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	/* If the "add" worked, it gets a structural reference. So either way,
-	 * we release our just-created reference. */
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_openssl_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#ifdef TEST_ENG_OPENSSL_RC4
-/* This section of code compiles an "alternative implementation" of two modes of
- * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
- * should under normal circumstances go via this support rather than the default
- * EVP support. There are other symbols to tweak the testing;
- *    TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
- *        we're asked for a cipher we don't support (should not happen).
- *    TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
- *        the "init_key" handler is called.
- *    TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
- */
-#include <openssl/rc4.h>
-#define TEST_RC4_KEY_SIZE		16
-static int test_cipher_nids[] = {NID_rc4,NID_rc4_40};
-static int test_cipher_nids_number = 2;
-typedef struct {
-	unsigned char key[TEST_RC4_KEY_SIZE];
-	RC4_KEY ks;
-	} TEST_RC4_KEY;
-#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
-static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv, int enc)
-	{
-#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
-	fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
-#endif
-	memcpy(&test(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
-	RC4_set_key(&test(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
-		test(ctx)->key);
-	return 1;
-	}
-static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl)
-	{
-#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
-	fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
-#endif
-	RC4(&test(ctx)->ks,inl,in,out);
-	return 1;
-	}
-static const EVP_CIPHER test_r4_cipher=
-	{
-	NID_rc4,
-	1,TEST_RC4_KEY_SIZE,0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	test_rc4_init_key,
-	test_rc4_cipher,
-	NULL,
-	sizeof(TEST_RC4_KEY),
-	NULL,
-	NULL,
-	NULL
-	};
-static const EVP_CIPHER test_r4_40_cipher=
-	{
-	NID_rc4_40,
-	1,5 /* 40 bit */,0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	test_rc4_init_key,
-	test_rc4_cipher,
-	NULL,
-	sizeof(TEST_RC4_KEY),
-	NULL, 
-	NULL,
-	NULL
-	};
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-			const int **nids, int nid)
-	{
-	if(!cipher)
-		{
-		/* We are returning a list of supported nids */
-		*nids = test_cipher_nids;
-		return test_cipher_nids_number;
-		}
-	/* We are being asked for a specific cipher */
-	if(nid == NID_rc4)
-		*cipher = &test_r4_cipher;
-	else if(nid == NID_rc4_40)
-		*cipher = &test_r4_40_cipher;
-	else
-		{
-#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
-		fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
-				"nid %d\n", nid);
-#endif
-		*cipher = NULL;
-		return 0;
-		}
-	return 1;
-	}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_SHA
-/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-#include <openssl/sha.h>
-static int test_digest_nids[] = {NID_sha1};
-static int test_digest_nids_number = 1;
-static int test_sha1_init(EVP_MD_CTX *ctx)
-	{
-#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
-#endif
-	return SHA1_Init(ctx->md_data);
-	}
-static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{
-#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
-#endif
-	return SHA1_Update(ctx->md_data,data,count);
-	}
-static int test_sha1_final(EVP_MD_CTX *ctx,unsigned char *md)
-	{
-#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
-#endif
-	return SHA1_Final(md,ctx->md_data);
-	}
-static const EVP_MD test_sha_md=
-	{
-	NID_sha1,
-	NID_sha1WithRSAEncryption,
-	SHA_DIGEST_LENGTH,
-	0,
-	test_sha1_init,
-	test_sha1_update,
-	test_sha1_final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(SHA_CTX),
-	};
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
-			const int **nids, int nid)
-	{
-	if(!digest)
-		{
-		/* We are returning a list of supported nids */
-		*nids = test_digest_nids;
-		return test_digest_nids_number;
-		}
-	/* We are being asked for a specific digest */
-	if(nid == NID_sha1)
-		*digest = &test_sha_md;
-	else
-		{
-#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
-		fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
-				"nid %d\n", nid);
-#endif
-		*digest = NULL;
-		return 0;
-		}
-	return 1;
-	}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data)
-	{
-	BIO *in;
-	EVP_PKEY *key;
-	fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id);
-	in = BIO_new_file(key_id, "r");
-	if (!in)
-		return NULL;
-	key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
-	BIO_free(in);
-	return key;
-	}
-#endif
diff --git a/crypto/openssl/crypto/engine/eng_pkey.c b/crypto/openssl/crypto/engine/eng_pkey.c
deleted file mode 100644
index 8c69171511ec..000000000000
--- a/crypto/openssl/crypto/engine/eng_pkey.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/engine/eng_pkey.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include "eng_int.h"
-#include <openssl/engine.h>
-
-/* Basic get/set stuff */
-
-int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
-	{
-	e->load_privkey = loadpriv_f;
-	return 1;
-	}
-
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
-	{
-	e->load_pubkey = loadpub_f;
-	return 1;
-	}
-
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
-	{
-	return e->load_privkey;
-	}
-
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
-	{
-	return e->load_pubkey;
-	}
-
-/* API functions to load public/private keys */
-
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data)
-	{
-	EVP_PKEY *pkey;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(e->funct_ref == 0)
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-			ENGINE_R_NOT_INITIALISED);
-		return 0;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!e->load_privkey)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-			ENGINE_R_NO_LOAD_FUNCTION);
-		return 0;
-		}
-	pkey = e->load_privkey(e, key_id, ui_method, callback_data);
-	if (!pkey)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-			ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-		return 0;
-		}
-	return pkey;
-	}
-
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data)
-	{
-	EVP_PKEY *pkey;
-
-	if(e == NULL)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-			ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(e->funct_ref == 0)
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-			ENGINE_R_NOT_INITIALISED);
-		return 0;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!e->load_pubkey)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-			ENGINE_R_NO_LOAD_FUNCTION);
-		return 0;
-		}
-	pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
-	if (!pkey)
-		{
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-			ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-		return 0;
-		}
-	return pkey;
-	}
diff --git a/crypto/openssl/crypto/engine/eng_table.c b/crypto/openssl/crypto/engine/eng_table.c
deleted file mode 100644
index c69a84a8bf4c..000000000000
--- a/crypto/openssl/crypto/engine/eng_table.c
+++ /dev/null
@@ -1,361 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* This is the type of item in the 'implementation' table. Each 'nid' hashes to
- * a (potentially NULL) ENGINE_PILE structure which contains a stack of ENGINE*
- * pointers. These pointers aren't references, because they're inserted and
- * removed during ENGINE creation and ENGINE destruction. They point to ENGINEs
- * that *exist* (ie. have a structural reference count greater than zero) rather
- * than ENGINEs that are *functional*. Each pointer in those stacks are to
- * ENGINEs that implements the algorithm corresponding to each 'nid'. */
-
-/* The type of the items in the table */
-typedef struct st_engine_pile
-	{
-	/* The 'nid' of the algorithm/mode this ENGINE_PILE structure represents
-	 * */
-	int nid;
-	/* A stack of ENGINE pointers for ENGINEs that support this
-	 * algorithm/mode. In the event that 'funct' is NULL, the first entry in
-	 * this stack that initialises will be set as 'funct' and assumed as the
-	 * default for operations of this type. */
-	STACK_OF(ENGINE) *sk;
-	/* The default ENGINE to perform this algorithm/mode. */
-	ENGINE *funct;
-	/* This value optimises engine_table_select(). If it is called it sets
-	 * this value to 1. Any changes to this ENGINE_PILE resets it to zero.
-	 * As such, no ENGINE_init() thrashing is done unless ENGINEs
-	 * continually register (and/or unregister). */
-	int uptodate;
-	} ENGINE_PILE;
-
-/* The type of the hash table of ENGINE_PILE structures such that each are
- * unique and keyed by the 'nid' value. */
-struct st_engine_table
-	{
-	LHASH piles;
-	}; /* ENGINE_TABLE */
-
-/* This value stores global options controlling behaviour of (mostly) the
- * engine_table_select() function. It's a bitmask of flag values of the form
- * ENGINE_TABLE_FLAG_*** (as defined in engine.h) and is controlled by the
- * ENGINE_[get|set]_table_flags() function. */
-static unsigned int table_flags = 0;
-
-/* API function manipulating 'table_flags' */
-unsigned int ENGINE_get_table_flags(void)
-	{
-	return table_flags;
-	}
-void ENGINE_set_table_flags(unsigned int flags)
-	{
-	table_flags = flags;
-	}
-
-/* Internal functions for the "piles" hash table */
-static unsigned long engine_pile_hash(const ENGINE_PILE *c)
-	{
-	return c->nid;
-	}
-static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
-	{
-	return a->nid - b->nid;
-	}
-static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *)
-static int int_table_check(ENGINE_TABLE **t, int create)
-	{
-	LHASH *lh;
-	if(*t)
-		return 1;
-	if(!create)
-		return 0;
-	if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash),
-			LHASH_COMP_FN(engine_pile_cmp))) == NULL)
-		return 0;
-	*t = (ENGINE_TABLE *)lh;
-	return 1;
-	}
-
-/* Privately exposed (via eng_int.h) functions for adding and/or removing
- * ENGINEs from the implementation table */
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-		ENGINE *e, const int *nids, int num_nids, int setdefault)
-	{
-	int ret = 0, added = 0;
-	ENGINE_PILE tmplate, *fnd;
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(!(*table))
-		added = 1;
-	if(!int_table_check(table, 1))
-		goto end;
-	if(added)
-		/* The cleanup callback needs to be added */
-		engine_cleanup_add_first(cleanup);
-	while(num_nids--)
-		{
-		tmplate.nid = *nids;
-		fnd = lh_retrieve(&(*table)->piles, &tmplate);
-		if(!fnd)
-			{
-			fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
-			if(!fnd)
-				goto end;
-			fnd->uptodate = 1;
-			fnd->nid = *nids;
-			fnd->sk = sk_ENGINE_new_null();
-			if(!fnd->sk)
-				{
-				OPENSSL_free(fnd);
-				goto end;
-				}
-			fnd->funct= NULL;
-			lh_insert(&(*table)->piles, fnd);
-			}
-		/* A registration shouldn't add duplciate entries */
-		sk_ENGINE_delete_ptr(fnd->sk, e);
-		/* if 'setdefault', this ENGINE goes to the head of the list */
-		if(!sk_ENGINE_push(fnd->sk, e))
-			goto end;
-		/* "touch" this ENGINE_PILE */
-		fnd->uptodate = 0;
-		if(setdefault)
-			{
-			if(!engine_unlocked_init(e))
-				{
-				ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
-						ENGINE_R_INIT_FAILED);
-				goto end;
-				}
-			if(fnd->funct)
-				engine_unlocked_finish(fnd->funct, 0);
-			fnd->funct = e;
-			}
-		nids++;
-		}
-	ret = 1;
-end:
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-	}
-static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
-	{
-	int n;
-	/* Iterate the 'c->sk' stack removing any occurance of 'e' */
-	while((n = sk_ENGINE_find(pile->sk, e)) >= 0)
-		{
-		sk_ENGINE_delete(pile->sk, n);
-		/* "touch" this ENGINE_CIPHER */
-		pile->uptodate = 0;
-		}
-	if(pile->funct == e)
-		{
-		engine_unlocked_finish(e, 0);
-		pile->funct = NULL;
-		}
-	}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *)
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(int_table_check(table, 0))
-		lh_doall_arg(&(*table)->piles,
-			LHASH_DOALL_ARG_FN(int_unregister_cb), e);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	}
-
-static void int_cleanup_cb(ENGINE_PILE *p)
-	{
-	sk_ENGINE_free(p->sk);
-	if(p->funct)
-		engine_unlocked_finish(p->funct, 0);
-	OPENSSL_free(p);
-	}
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *)
-void engine_table_cleanup(ENGINE_TABLE **table)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if(*table)
-		{
-		lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb));
-		lh_free(&(*table)->piles);
-		*table = NULL;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given cipher 'nid' */
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid)
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
-#endif
-	{
-	ENGINE *ret = NULL;
-	ENGINE_PILE tmplate, *fnd=NULL;
-	int initres, loop = 0;
-
-	/* If 'engine_ciphers' is NULL, then it's absolutely *sure* that no
-	 * ENGINEs have registered any implementations! */
-	if(!(*table))
-		{
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
-			"registered for anything!\n", f, l, nid);
-#endif
-		return NULL;
-		}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	/* Check again inside the lock otherwise we could race against cleanup
-	 * operations. But don't worry about a fprintf(stderr). */
-	if(!int_table_check(table, 0))
-		goto end;
-	tmplate.nid = nid;
-	fnd = lh_retrieve(&(*table)->piles, &tmplate);
-	if(!fnd)
-		goto end;
-	if(fnd->funct && engine_unlocked_init(fnd->funct))
-		{
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-			"ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
-#endif
-		ret = fnd->funct;
-		goto end;
-		}
-	if(fnd->uptodate)
-		{
-		ret = fnd->funct;
-		goto end;
-		}
-trynext:
-	ret = sk_ENGINE_value(fnd->sk, loop++);
-	if(!ret)
-		{
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
-				"registered implementations would initialise\n",
-				f, l, nid);
-#endif
-		goto end;
-		}
-#if 0
-	/* Don't need to get a reference if we hold the lock. If the locking has
-	 * to change in future, that would be different ... */
-	ret->struct_ref++; engine_ref_debug(ret, 0, 1)
-#endif
-	/* Try and initialise the ENGINE if it's already functional *or* if the
-	 * ENGINE_TABLE_FLAG_NOINIT flag is not set. */
-	if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
-		initres = engine_unlocked_init(ret);
-	else
-		initres = 0;
-#if 0
-	/* Release the structural reference */
-	ret->struct_ref--; engine_ref_debug(ret, 0, -1);
-#endif
-	if(initres)
-		{
-		/* If we didn't have a default (functional reference) for this
-		 * 'nid' (or we had one but for whatever reason we're now
-		 * initialising a different one), use this opportunity to set
-		 * 'funct'. */
-		if((fnd->funct != ret) && engine_unlocked_init(ret))
-			{
-			/* If there was a previous default we release it. */
-			if(fnd->funct)
-				engine_unlocked_finish(fnd->funct, 0);
-			/* We got an extra functional reference for the
-			 * per-'nid' default */
-			fnd->funct = ret;
-#ifdef ENGINE_TABLE_DEBUG
-			fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
-				"setting default to '%s'\n", f, l, nid, ret->id);
-#endif
-			}
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-				"newly initialised '%s'\n", f, l, nid, ret->id);
-#endif
-		goto end;
-		}
-	goto trynext;
-end:
-	/* Whatever happened - we should "untouch" our uptodate file seeing as
-	 * we have tried our best to find a functional reference for 'nid'. If
-	 * it failed, it is unlikely to succeed again until some future
-	 * registrations (or unregistrations) have taken place that affect that
-	 * 'nid'. */
-	if(fnd)
-		fnd->uptodate = 1;
-#ifdef ENGINE_TABLE_DEBUG
-	if(ret)
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-				"ENGINE '%s'\n", f, l, nid, ret->id);
-	else
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-				"'no matching ENGINE'\n", f, l, nid);
-#endif
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Whatever happened, any failed init()s are not failures in this
-	 * context, so clear our error state. */
-	ERR_clear_error();
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/engine/engine.h b/crypto/openssl/crypto/engine/engine.h
deleted file mode 100644
index 8686879e1a33..000000000000
--- a/crypto/openssl/crypto/engine/engine.h
+++ /dev/null
@@ -1,722 +0,0 @@
-/* openssl/engine.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ENGINE_H
-#define HEADER_ENGINE_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ENGINE
-#error ENGINE is disabled.
-#endif
-
-#include <openssl/ossl_typ.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#include <openssl/rand.h>
-#include <openssl/ui.h>
-#include <openssl/symhacks.h>
-#include <openssl/err.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Fixups for missing algorithms */
-#ifdef OPENSSL_NO_RSA
-typedef void RSA_METHOD;
-#endif
-#ifdef OPENSSL_NO_DSA
-typedef void DSA_METHOD;
-#endif
-#ifdef OPENSSL_NO_DH
-typedef void DH_METHOD;
-#endif
-
-/* These flags are used to control combinations of algorithm (methods)
- * by bitwise "OR"ing. */
-#define ENGINE_METHOD_RSA		(unsigned int)0x0001
-#define ENGINE_METHOD_DSA		(unsigned int)0x0002
-#define ENGINE_METHOD_DH		(unsigned int)0x0004
-#define ENGINE_METHOD_RAND		(unsigned int)0x0008
-#define ENGINE_METHOD_CIPHERS		(unsigned int)0x0040
-#define ENGINE_METHOD_DIGESTS		(unsigned int)0x0080
-/* Obvious all-or-nothing cases. */
-#define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
-#define ENGINE_METHOD_NONE		(unsigned int)0x0000
-
-/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
- * internally to control registration of ENGINE implementations, and can be set
- * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
- * initialise registered ENGINEs if they are not already initialised. */
-#define ENGINE_TABLE_FLAG_NOINIT	(unsigned int)0x0001
-
-/* ENGINE flags that can be set by ENGINE_set_flags(). */
-/* #define ENGINE_FLAGS_MALLOCED	0x0001 */ /* Not used */
-
-/* This flag is for ENGINEs that wish to handle the various 'CMD'-related
- * control commands on their own. Without this flag, ENGINE_ctrl() handles these
- * control commands on behalf of the ENGINE using their "cmd_defns" data. */
-#define ENGINE_FLAGS_MANUAL_CMD_CTRL	(int)0x0002
-
-/* This flag is for ENGINEs who return new duplicate structures when found via
- * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()
- * commands are called in sequence as part of some stateful process like
- * key-generation setup and execution), it can set this flag - then each attempt
- * to obtain the ENGINE will result in it being copied into a new structure.
- * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments
- * the existing ENGINE's structural reference count. */
-#define ENGINE_FLAGS_BY_ID_COPY		(int)0x0004
-
-/* ENGINEs can support their own command types, and these flags are used in
- * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
- * command expects. Currently only numeric and string input is supported. If a
- * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,
- * then it is regarded as an "internal" control command - and not for use in
- * config setting situations. As such, they're not available to the
- * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to
- * this list of 'command types' should be reflected carefully in
- * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */
-
-/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
-/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to
- * ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_STRING		(unsigned int)0x0002
-/* Indicates that the control command takes *no* input. Ie. the control command
- * is unparameterised. */
-#define ENGINE_CMD_FLAG_NO_INPUT	(unsigned int)0x0004
-/* Indicates that the control command is internal. This control command won't
- * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
- * function. */
-#define ENGINE_CMD_FLAG_INTERNAL	(unsigned int)0x0008
-
-/* NB: These 3 control commands are deprecated and should not be used. ENGINEs
- * relying on these commands should compile conditional support for
- * compatibility (eg. if these symbols are defined) but should also migrate the
- * same functionality to their own ENGINE-specific control functions that can be
- * "discovered" by calling applications. The fact these control commands
- * wouldn't be "executable" (ie. usable by text-based config) doesn't change the
- * fact that application code can find and use them without requiring per-ENGINE
- * hacking. */
-
-/* These flags are used to tell the ctrl function what should be done.
- * All command numbers are shared between all engines, even if some don't
- * make sense to some engines.  In such a case, they do nothing but return
- * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
-#define ENGINE_CTRL_SET_LOGSTREAM		1
-#define ENGINE_CTRL_SET_PASSWORD_CALLBACK	2
-#define ENGINE_CTRL_HUP				3 /* Close and reinitialise any
-						     handles/connections etc. */
-#define ENGINE_CTRL_SET_USER_INTERFACE          4 /* Alternative to callback */
-#define ENGINE_CTRL_SET_CALLBACK_DATA           5 /* User-specific data, used
-                                                     when calling the password
-                                                     callback and the user
-                                                     interface */
-
-/* These control commands allow an application to deal with an arbitrary engine
- * in a dynamic way. Warn: Negative return values indicate errors FOR THESE
- * COMMANDS because zero is used to indicate 'end-of-list'. Other commands,
- * including ENGINE-specific command types, return zero for an error.
- *
- * An ENGINE can choose to implement these ctrl functions, and can internally
- * manage things however it chooses - it does so by setting the
- * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the
- * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns
- * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()
- * handler need only implement its own commands - the above "meta" commands will
- * be taken care of. */
-
-/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then
- * all the remaining control commands will return failure, so it is worth
- * checking this first if the caller is trying to "discover" the engine's
- * capabilities and doesn't want errors generated unnecessarily. */
-#define ENGINE_CTRL_HAS_CTRL_FUNCTION		10
-/* Returns a positive command number for the first command supported by the
- * engine. Returns zero if no ctrl commands are supported. */
-#define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
-/* The 'long' argument specifies a command implemented by the engine, and the
- * return value is the next command supported, or zero if there are no more. */
-#define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
-/* The 'void*' argument is a command name (cast from 'const char *'), and the
- * return value is the command that corresponds to it. */
-#define ENGINE_CTRL_GET_CMD_FROM_NAME		13
-/* The next two allow a command to be converted into its corresponding string
- * form. In each case, the 'long' argument supplies the command. In the NAME_LEN
- * case, the return value is the length of the command name (not counting a
- * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer
- * large enough, and it will be populated with the name of the command (WITH a
- * trailing EOL). */
-#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
-#define ENGINE_CTRL_GET_NAME_FROM_CMD		15
-/* The next two are similar but give a "short description" of a command. */
-#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
-#define ENGINE_CTRL_GET_DESC_FROM_CMD		17
-/* With this command, the return value is the OR'd combination of
- * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
- * engine-specific ctrl command expects. */
-#define ENGINE_CTRL_GET_CMD_FLAGS		18
-
-/* ENGINE implementations should start the numbering of their own control
- * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
-#define ENGINE_CMD_BASE		200
-
-/* NB: These 2 nCipher "chil" control commands are deprecated, and their
- * functionality is now available through ENGINE-specific control commands
- * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
- * commands should be migrated to the more general command handling before these
- * are removed. */
-
-/* Flags specific to the nCipher "chil" engine */
-#define ENGINE_CTRL_CHIL_SET_FORKCHECK		100
-	/* Depending on the value of the (long)i argument, this sets or
-	 * unsets the SimpleForkCheck flag in the CHIL API to enable or
-	 * disable checking and workarounds for applications that fork().
-	 */
-#define ENGINE_CTRL_CHIL_NO_LOCKING		101
-	/* This prevents the initialisation function from providing mutex
-	 * callbacks to the nCipher library. */
-
-/* If an ENGINE supports its own specific control commands and wishes the
- * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
- * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
- * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that
- * supports the stated commands (ie. the "cmd_num" entries as described by the
- * array). NB: The array must be ordered in increasing order of cmd_num.
- * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set
- * to zero and/or cmd_name set to NULL. */
-typedef struct ENGINE_CMD_DEFN_st
-	{
-	unsigned int cmd_num; /* The command number */
-	const char *cmd_name; /* The command name itself */
-	const char *cmd_desc; /* A short description of the command */
-	unsigned int cmd_flags; /* The input the command expects */
-	} ENGINE_CMD_DEFN;
-
-/* Generic function pointer */
-typedef int (*ENGINE_GEN_FUNC_PTR)();
-/* Generic function pointer taking no arguments */
-typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)());
-/* Generic load_key function pointer */
-typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
-	UI_METHOD *ui_method, void *callback_data);
-/* These callback types are for an ENGINE's handler for cipher and digest logic.
- * These handlers have these prototypes;
- *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- *   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
- * Looking at how to implement these handlers in the case of cipher support, if
- * the framework wants the EVP_CIPHER for 'nid', it will call;
- *   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
- * If the framework wants a list of supported 'nid's, it will call;
- *   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
- */
-/* Returns to a pointer to the array of supported cipher 'nid's. If the second
- * parameter is non-NULL it is set to the size of the returned array. */
-typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
-typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
-
-/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
- * structures where the pointers have a "structural reference". This means that
- * their reference is to allowed access to the structure but it does not imply
- * that the structure is functional. To simply increment or decrement the
- * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not
- * required when iterating using ENGINE_get_next as it will automatically
- * decrement the structural reference count of the "current" ENGINE and
- * increment the structural reference count of the ENGINE it returns (unless it
- * is NULL). */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-void ENGINE_load_openssl(void);
-void ENGINE_load_dynamic(void);
-void ENGINE_load_cswift(void);
-void ENGINE_load_chil(void);
-void ENGINE_load_atalla(void);
-void ENGINE_load_nuron(void);
-void ENGINE_load_ubsec(void);
-void ENGINE_load_aep(void);
-void ENGINE_load_sureware(void);
-void ENGINE_load_4758cca(void);
-void ENGINE_load_cryptodev(void);
-void ENGINE_load_builtin_engines(void);
-
-/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
- * "registry" handling. */
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
-
-/* Manage registration of ENGINEs per "table". For each type, there are 3
- * functions;
- *   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
- *   ENGINE_unregister_***(e) - unregister the implementation from 'e'
- *   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
- * Cleanup is automatically registered from each table when required, so
- * ENGINE_cleanup() will reverse any "register" operations. */
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-/* These functions register all support from the above categories. Note, use of
- * these functions can result in static linkage of code your application may not
- * need. If you only need a subset of functionality, consider using more
- * selective initialisation. */
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
-
-/* Send parametrised control commands to the engine. The possibilities to send
- * down an integer, a pointer to data or a function pointer are provided. Any of
- * the parameters may or may not be NULL, depending on the command number. In
- * actuality, this function only requires a structural (rather than functional)
- * reference to an engine, but many control commands may require the engine be
- * functional. The caller should be aware of trying commands that require an
- * operational ENGINE, and only use functional references in such situations. */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* This function tests if an ENGINE-specific command is usable as a "setting".
- * Eg. in an application's config file that gets processed through
- * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
- * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
-
-/* This function works like ENGINE_ctrl() with the exception of taking a
- * command name instead of a command number, and can handle optional commands.
- * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to
- * use the cmd_name and cmd_optional. */
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-        long i, void *p, void (*f)(), int cmd_optional);
-
-/* This function passes a command-name and argument to an ENGINE. The cmd_name
- * is converted to a command number and the control command is called using
- * 'arg' as an argument (unless the ENGINE doesn't support such a command, in
- * which case no control command is called). The command is checked for input
- * flags, and if necessary the argument will be converted to a numeric value. If
- * cmd_optional is non-zero, then if the ENGINE doesn't support the given
- * cmd_name the return value will be success anyway. This function is intended
- * for applications to use so that users (or config files) can supply
- * engine-specific config data to the ENGINE at run-time to control behaviour of
- * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()
- * functions that return data, deal with binary data, or that are otherwise
- * supposed to be used directly through ENGINE_ctrl() in application code. Any
- * "return" data from an ENGINE_ctrl() operation in this function will be lost -
- * the return value is interpreted as failure if the return value is zero,
- * success otherwise, and this function returns a boolean value as a result. In
- * other words, vendors of 'ENGINE'-enabled devices should write ENGINE
- * implementations with parameterisations that work in this scheme, so that
- * compliant ENGINE-based applications can work consistently with the same
- * configuration for the same ENGINE-enabled devices, across applications. */
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-				int cmd_optional);
-
-/* These functions are useful for manufacturing new ENGINE structures. They
- * don't address reference counting at all - one uses them to populate an ENGINE
- * structure with personalised implementations of things prior to using it
- * directly or adding it to the builtin ENGINE list in OpenSSL. These are also
- * here so that the ENGINE structure doesn't have to be exposed and break binary
- * compatibility! */
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-/* These functions (and the "get" function lower down) allow control over any
- * per-structure ENGINE data. */
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-
-/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
- * automatically ensures the list cleanup function is registered to be called
- * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
- * ENGINE_cleanup() will clean up after them. */
-void ENGINE_cleanup(void);
-
-/* These return values from within the ENGINE structure. These can be useful
- * with functional references as well as structural references - it depends
- * which you obtained. Using the result for functional purposes if you only
- * obtained a structural reference may be problematic! */
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
-/* FUNCTIONAL functions. These functions deal with ENGINE structures
- * that have (or will) be initialised for use. Broadly speaking, the
- * structural functions are useful for iterating the list of available
- * engine types, creating new engine types, and other "list" operations.
- * These functions actually deal with ENGINEs that are to be used. As
- * such these functions can fail (if applicable) when particular
- * engines are unavailable - eg. if a hardware accelerator is not
- * attached or not functioning correctly. Each ENGINE has 2 reference
- * counts; structural and functional. Every time a functional reference
- * is obtained or released, a corresponding structural reference is
- * automatically obtained or released too. */
-
-/* Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently
- * operational and cannot initialise. */
-int ENGINE_init(ENGINE *e);
-/* Free a functional reference to a engine type. This does not require
- * a corresponding call to ENGINE_free as it also releases a structural
- * reference. */
-int ENGINE_finish(ENGINE *e);
-
-/* The following functions handle keys that are stored in some secondary
- * location, handled by the engine.  The storage may be on a card or
- * whatever. */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-
-/* This returns a pointer for the current ENGINE structure that
- * is (by default) performing any RSA operations. The value returned
- * is an incremented reference, so it should be free'd (ENGINE_finish)
- * before it is discarded. */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-/* These functions can be used to get a functional reference to perform
- * ciphering or digesting corresponding to "nid". */
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-
-/* This sets a new default ENGINE structure for performing RSA
- * operations. If the result is non-zero (success) then the ENGINE
- * structure will have had its reference count up'd so the caller
- * should still free their own reference 'e'. */
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *list);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-
-/* The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
- * function, this function can result in unnecessary static linkage. If your
- * application requires only specific functionality, consider using more
- * selective functions. */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
-
-/* Deprecated functions ... */
-/* int ENGINE_clear_defaults(void); */
-
-/**************************/
-/* DYNAMIC ENGINE SUPPORT */
-/**************************/
-
-/* Binary/behaviour compatibility levels */
-#define OSSL_DYNAMIC_VERSION		(unsigned long)0x00010100
-/* Binary versions older than this are too old for us (whether we're a loader or
- * a loadee) */
-#define OSSL_DYNAMIC_OLDEST		(unsigned long)0x00010100
-
-/* When compiling an ENGINE entirely as an external shared library, loadable by
- * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
- * type provides the calling application's (or library's) error functionality
- * and memory management function pointers to the loaded library. These should
- * be used/set in the loaded library code so that the loading application's
- * 'state' will be used/changed in all operations. */
-typedef void *(*dyn_MEM_malloc_cb)(size_t);
-typedef void *(*dyn_MEM_realloc_cb)(void *, size_t);
-typedef void (*dyn_MEM_free_cb)(void *);
-typedef struct st_dynamic_MEM_fns {
-	dyn_MEM_malloc_cb			malloc_cb;
-	dyn_MEM_realloc_cb			realloc_cb;
-	dyn_MEM_free_cb				free_cb;
-	} dynamic_MEM_fns;
-/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
- * these types so we (and any other dependant code) can simplify a bit?? */
-typedef void (*dyn_lock_locking_cb)(int,int,const char *,int);
-typedef int (*dyn_lock_add_lock_cb)(int*,int,int,const char *,int);
-typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
-						const char *,int);
-typedef void (*dyn_dynlock_lock_cb)(int,struct CRYPTO_dynlock_value *,
-						const char *,int);
-typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *,
-						const char *,int);
-typedef struct st_dynamic_LOCK_fns {
-	dyn_lock_locking_cb			lock_locking_cb;
-	dyn_lock_add_lock_cb			lock_add_lock_cb;
-	dyn_dynlock_create_cb			dynlock_create_cb;
-	dyn_dynlock_lock_cb			dynlock_lock_cb;
-	dyn_dynlock_destroy_cb			dynlock_destroy_cb;
-	} dynamic_LOCK_fns;
-/* The top-level structure */
-typedef struct st_dynamic_fns {
-	const ERR_FNS				*err_fns;
-	const CRYPTO_EX_DATA_IMPL		*ex_data_fns;
-	dynamic_MEM_fns				mem_fns;
-	dynamic_LOCK_fns			lock_fns;
-	} dynamic_fns;
-
-/* The version checking function should be of this prototype. NB: The
- * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.
- * If this function returns zero, it indicates a (potential) version
- * incompatibility and the loaded library doesn't believe it can proceed.
- * Otherwise, the returned value is the (latest) version supported by the
- * loading library. The loader may still decide that the loaded code's version
- * is unsatisfactory and could veto the load. The function is expected to
- * be implemented with the symbol name "v_check", and a default implementation
- * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
-typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
-#define IMPLEMENT_DYNAMIC_CHECK_FN() \
-	unsigned long v_check(unsigned long v) { \
-		if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
-		return 0; }
-
-/* This function is passed the ENGINE structure to initialise with its own
- * function and command settings. It should not adjust the structural or
- * functional reference counts. If this function returns zero, (a) the load will
- * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the
- * structure, and (c) the shared library will be unloaded. So implementations
- * should do their own internal cleanup in failure circumstances otherwise they
- * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that
- * the loader is looking for. If this is NULL, the shared library can choose to
- * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared
- * library must initialise only an ENGINE matching the passed 'id'. The function
- * is expected to be implemented with the symbol name "bind_engine". A standard
- * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where
- * the parameter 'fn' is a callback function that populates the ENGINE structure
- * and returns an int value (zero for failure). 'fn' should have prototype;
- *    [static] int fn(ENGINE *e, const char *id); */
-typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
-				const dynamic_fns *fns);
-#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
-	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
-		if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
-			fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
-			return 0; \
-		CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
-		CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
-		CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
-		CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
-		CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
-		if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
-			return 0; \
-		if(!ERR_set_implementation(fns->err_fns)) return 0; \
-		if(!fn(e,id)) return 0; \
-		return 1; }
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ENGINE_strings(void);
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-#define ENGINE_F_DYNAMIC_CTRL				 180
-#define ENGINE_F_DYNAMIC_GET_DATA_CTX			 181
-#define ENGINE_F_DYNAMIC_LOAD				 182
-#define ENGINE_F_ENGINE_ADD				 105
-#define ENGINE_F_ENGINE_BY_ID				 106
-#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE		 170
-#define ENGINE_F_ENGINE_CTRL				 142
-#define ENGINE_F_ENGINE_CTRL_CMD			 178
-#define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171
-#define ENGINE_F_ENGINE_FINISH				 107
-#define ENGINE_F_ENGINE_FREE				 108
-#define ENGINE_F_ENGINE_GET_CIPHER			 185
-#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE		 177
-#define ENGINE_F_ENGINE_GET_DIGEST			 186
-#define ENGINE_F_ENGINE_GET_NEXT			 115
-#define ENGINE_F_ENGINE_GET_PREV			 116
-#define ENGINE_F_ENGINE_INIT				 119
-#define ENGINE_F_ENGINE_LIST_ADD			 120
-#define ENGINE_F_ENGINE_LIST_REMOVE			 121
-#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY		 150
-#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY			 151
-#define ENGINE_F_ENGINE_MODULE_INIT			 187
-#define ENGINE_F_ENGINE_NEW				 122
-#define ENGINE_F_ENGINE_REMOVE				 123
-#define ENGINE_F_ENGINE_SET_DEFAULT_STRING		 189
-#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE		 126
-#define ENGINE_F_ENGINE_SET_ID				 129
-#define ENGINE_F_ENGINE_SET_NAME			 130
-#define ENGINE_F_ENGINE_TABLE_REGISTER			 184
-#define ENGINE_F_ENGINE_UNLOAD_KEY			 152
-#define ENGINE_F_ENGINE_UP_REF				 190
-#define ENGINE_F_INT_CTRL_HELPER			 172
-#define ENGINE_F_INT_ENGINE_CONFIGURE			 188
-#define ENGINE_F_LOG_MESSAGE				 141
-#define ENGINE_F_SET_DATA_CTX				 183
-
-/* Reason codes. */
-#define ENGINE_R_ALREADY_LOADED				 100
-#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER		 133
-#define ENGINE_R_CMD_NOT_EXECUTABLE			 134
-#define ENGINE_R_COMMAND_TAKES_INPUT			 135
-#define ENGINE_R_COMMAND_TAKES_NO_INPUT			 136
-#define ENGINE_R_CONFLICTING_ENGINE_ID			 103
-#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119
-#define ENGINE_R_DH_NOT_IMPLEMENTED			 139
-#define ENGINE_R_DSA_NOT_IMPLEMENTED			 140
-#define ENGINE_R_DSO_FAILURE				 104
-#define ENGINE_R_DSO_NOT_FOUND				 132
-#define ENGINE_R_ENGINES_SECTION_ERROR			 148
-#define ENGINE_R_ENGINE_IS_NOT_IN_LIST			 105
-#define ENGINE_R_ENGINE_SECTION_ERROR			 149
-#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY		 128
-#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY		 129
-#define ENGINE_R_FINISH_FAILED				 106
-#define ENGINE_R_GET_HANDLE_FAILED			 107
-#define ENGINE_R_ID_OR_NAME_MISSING			 108
-#define ENGINE_R_INIT_FAILED				 109
-#define ENGINE_R_INTERNAL_LIST_ERROR			 110
-#define ENGINE_R_INVALID_ARGUMENT			 143
-#define ENGINE_R_INVALID_CMD_NAME			 137
-#define ENGINE_R_INVALID_CMD_NUMBER			 138
-#define ENGINE_R_INVALID_INIT_VALUE			 151
-#define ENGINE_R_INVALID_STRING				 150
-#define ENGINE_R_NOT_INITIALISED			 117
-#define ENGINE_R_NOT_LOADED				 112
-#define ENGINE_R_NO_CONTROL_FUNCTION			 120
-#define ENGINE_R_NO_INDEX				 144
-#define ENGINE_R_NO_LOAD_FUNCTION			 125
-#define ENGINE_R_NO_REFERENCE				 130
-#define ENGINE_R_NO_SUCH_ENGINE				 116
-#define ENGINE_R_NO_UNLOAD_FUNCTION			 126
-#define ENGINE_R_PROVIDE_PARAMETERS			 113
-#define ENGINE_R_RSA_NOT_IMPLEMENTED			 141
-#define ENGINE_R_UNIMPLEMENTED_CIPHER			 146
-#define ENGINE_R_UNIMPLEMENTED_DIGEST			 147
-#define ENGINE_R_VERSION_INCOMPATIBILITY		 145
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/enginetest.c b/crypto/openssl/crypto/engine/enginetest.c
deleted file mode 100644
index c2d0297392f1..000000000000
--- a/crypto/openssl/crypto/engine/enginetest.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/* crypto/engine/enginetest.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#ifdef OPENSSL_NO_ENGINE
-int main(int argc, char *argv[])
-{
-    printf("No ENGINE support\n");
-    return(0);
-}
-#else
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/engine.h>
-#include <openssl/err.h>
-
-static void display_engine_list()
-	{
-	ENGINE *h;
-	int loop;
-
-	h = ENGINE_get_first();
-	loop = 0;
-	printf("listing available engine types\n");
-	while(h)
-		{
-		printf("engine %i, id = \"%s\", name = \"%s\"\n",
-			loop++, ENGINE_get_id(h), ENGINE_get_name(h));
-		h = ENGINE_get_next(h);
-		}
-	printf("end of list\n");
-	/* ENGINE_get_first() increases the struct_ref counter, so we 
-           must call ENGINE_free() to decrease it again */
-	ENGINE_free(h);
-	}
-
-int main(int argc, char *argv[])
-	{
-	ENGINE *block[512];
-	char buf[256];
-	const char *id, *name;
-	ENGINE *ptr;
-	int loop;
-	int to_return = 1;
-	ENGINE *new_h1 = NULL;
-	ENGINE *new_h2 = NULL;
-	ENGINE *new_h3 = NULL;
-	ENGINE *new_h4 = NULL;
-
-	/* enable memory leak checking unless explicitly disabled */
-	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
-		{
-		CRYPTO_malloc_debug_init();
-		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-		}
-	else
-		{
-		/* OPENSSL_DEBUG_MEMORY=off */
-		CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
-		}
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-	ERR_load_crypto_strings();
-
-	memset(block, 0, 512 * sizeof(ENGINE *));
-	if(((new_h1 = ENGINE_new()) == NULL) ||
-			!ENGINE_set_id(new_h1, "test_id0") ||
-			!ENGINE_set_name(new_h1, "First test item") ||
-			((new_h2 = ENGINE_new()) == NULL) ||
-			!ENGINE_set_id(new_h2, "test_id1") ||
-			!ENGINE_set_name(new_h2, "Second test item") ||
-			((new_h3 = ENGINE_new()) == NULL) ||
-			!ENGINE_set_id(new_h3, "test_id2") ||
-			!ENGINE_set_name(new_h3, "Third test item") ||
-			((new_h4 = ENGINE_new()) == NULL) ||
-			!ENGINE_set_id(new_h4, "test_id3") ||
-			!ENGINE_set_name(new_h4, "Fourth test item"))
-		{
-		printf("Couldn't set up test ENGINE structures\n");
-		goto end;
-		}
-	printf("\nenginetest beginning\n\n");
-	display_engine_list();
-	if(!ENGINE_add(new_h1))
-		{
-		printf("Add failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	ptr = ENGINE_get_first();
-	if(!ENGINE_remove(ptr))
-		{
-		printf("Remove failed!\n");
-		goto end;
-		}
-	if (ptr)
-		ENGINE_free(ptr);
-	display_engine_list();
-	if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
-		{
-		printf("Add failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	if(!ENGINE_remove(new_h2))
-		{
-		printf("Remove failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	if(!ENGINE_add(new_h4))
-		{
-		printf("Add failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	if(ENGINE_add(new_h3))
-		{
-		printf("Add *should* have failed but didn't!\n");
-		goto end;
-		}
-	else
-		printf("Add that should fail did.\n");
-	ERR_clear_error();
-	if(ENGINE_remove(new_h2))
-		{
-		printf("Remove *should* have failed but didn't!\n");
-		goto end;
-		}
-	else
-		printf("Remove that should fail did.\n");
-	ERR_clear_error();
-	if(!ENGINE_remove(new_h3))
-		{
-		printf("Remove failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	if(!ENGINE_remove(new_h4))
-		{
-		printf("Remove failed!\n");
-		goto end;
-		}
-	display_engine_list();
-	/* Depending on whether there's any hardware support compiled
-	 * in, this remove may be destined to fail. */
-	ptr = ENGINE_get_first();
-	if(ptr)
-		if(!ENGINE_remove(ptr))
-			printf("Remove failed!i - probably no hardware "
-				"support present.\n");
-	if (ptr)
-		ENGINE_free(ptr);
-	display_engine_list();
-	if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
-		{
-		printf("Couldn't add and remove to an empty list!\n");
-		goto end;
-		}
-	else
-		printf("Successfully added and removed to an empty list!\n");
-	printf("About to beef up the engine-type list\n");
-	for(loop = 0; loop < 512; loop++)
-		{
-		sprintf(buf, "id%i", loop);
-		id = BUF_strdup(buf);
-		sprintf(buf, "Fake engine type %i", loop);
-		name = BUF_strdup(buf);
-		if(((block[loop] = ENGINE_new()) == NULL) ||
-				!ENGINE_set_id(block[loop], id) ||
-				!ENGINE_set_name(block[loop], name))
-			{
-			printf("Couldn't create block of ENGINE structures.\n"
-				"I'll probably also core-dump now, damn.\n");
-			goto end;
-			}
-		}
-	for(loop = 0; loop < 512; loop++)
-		{
-		if(!ENGINE_add(block[loop]))
-			{
-			printf("\nAdding stopped at %i, (%s,%s)\n",
-				loop, ENGINE_get_id(block[loop]),
-				ENGINE_get_name(block[loop]));
-			goto cleanup_loop;
-			}
-		else
-			printf("."); fflush(stdout);
-		}
-cleanup_loop:
-	printf("\nAbout to empty the engine-type list\n");
-	while((ptr = ENGINE_get_first()) != NULL)
-		{
-		if(!ENGINE_remove(ptr))
-			{
-			printf("\nRemove failed!\n");
-			goto end;
-			}
-		ENGINE_free(ptr);
-		printf("."); fflush(stdout);
-		}
-	for(loop = 0; loop < 512; loop++)
-		{
-		OPENSSL_free((void *)ENGINE_get_id(block[loop]));
-		OPENSSL_free((void *)ENGINE_get_name(block[loop]));
-		}
-	printf("\nTests completed happily\n");
-	to_return = 0;
-end:
-	if(to_return)
-		ERR_print_errors_fp(stderr);
-	if(new_h1) ENGINE_free(new_h1);
-	if(new_h2) ENGINE_free(new_h2);
-	if(new_h3) ENGINE_free(new_h3);
-	if(new_h4) ENGINE_free(new_h4);
-	for(loop = 0; loop < 512; loop++)
-		if(block[loop])
-			ENGINE_free(block[loop]);
-	ENGINE_cleanup();
-	CRYPTO_cleanup_all_ex_data();
-	ERR_free_strings();
-	ERR_remove_state(0);
-	CRYPTO_mem_leaks_fp(stderr);
-	return to_return;
-	}
-#endif
diff --git a/crypto/openssl/crypto/engine/hw.ec b/crypto/openssl/crypto/engine/hw.ec
deleted file mode 100644
index 5481a439183d..000000000000
--- a/crypto/openssl/crypto/engine/hw.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-L AEPHK		hw_aep_err.h			hw_aep_err.c
-L ATALLA	hw_atalla_err.h			hw_atalla_err.c
-L CSWIFT	hw_cswift_err.h			hw_cswift_err.c
-L HWCRHK	hw_ncipher_err.h		hw_ncipher_err.c
-L NURON		hw_nuron_err.h			hw_nuron_err.c
-L SUREWARE	hw_sureware_err.h		hw_sureware_err.c
-L UBSEC		hw_ubsec_err.h			hw_ubsec_err.c
-L CCA4758	hw_4758_cca_err.h		hw_4758_cca_err.c
diff --git a/crypto/openssl/crypto/engine/hw_4758_cca.c b/crypto/openssl/crypto/engine/hw_4758_cca.c
deleted file mode 100644
index 4f5ae8a46dc4..000000000000
--- a/crypto/openssl/crypto/engine/hw_4758_cca.c
+++ /dev/null
@@ -1,969 +0,0 @@
-/* Author: Maurice Gittens <maurice@gittens.nl>                       */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-/* #include <openssl/pem.h> */
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_4758_CCA
-
-#ifdef FLAT_INC
-#include "hw_4758_cca.h"
-#else
-#include "vendor_defns/hw_4758_cca.h"
-#endif
-
-#include "hw_4758_cca_err.c"
-
-static int ibm_4758_cca_destroy(ENGINE *e);
-static int ibm_4758_cca_init(ENGINE *e);
-static int ibm_4758_cca_finish(ENGINE *e);
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* rsa functions */
-/*---------------*/
-#ifndef OPENSSL_NO_RSA
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
-static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
-
-/* utility functions */
-/*-----------------------*/
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*,
-		UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*,
-		UI_METHOD *ui_method, void *callback_data);
-
-static int getModulusAndExponent(const unsigned char *token, long *exponentLength,
-		unsigned char *exponent, long *modulusLength,
-		long *modulusFieldLength, unsigned char *modulus);
-#endif
-
-/* RAND number functions */
-/*-----------------------*/
-static int cca_get_random_bytes(unsigned char*, int );
-static int cca_random_status(void);
-
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-		int idx,long argl, void *argp);
-
-/* Function pointers for CCA verbs */
-/*---------------------------------*/
-#ifndef OPENSSL_NO_RSA
-static F_KEYRECORDREAD keyRecordRead;
-static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
-static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
-static F_PUBLICKEYEXTRACT publicKeyExtract;
-static F_PKAENCRYPT pkaEncrypt;
-static F_PKADECRYPT pkaDecrypt;
-#endif
-static F_RANDOMNUMBERGENERATE randomNumberGenerate;
-
-/* static variables */
-/*------------------*/
-static const char *CCA4758_LIB_NAME = NULL;
-static const char *get_CCA4758_LIB_NAME(void)
-	{
-	if(CCA4758_LIB_NAME)
-		return CCA4758_LIB_NAME;
-	return CCA_LIB_NAME;
-	}
-static void free_CCA4758_LIB_NAME(void)
-	{
-	if(CCA4758_LIB_NAME)
-		OPENSSL_free((void*)CCA4758_LIB_NAME);
-	CCA4758_LIB_NAME = NULL;
-	}
-static long set_CCA4758_LIB_NAME(const char *name)
-	{
-	free_CCA4758_LIB_NAME();
-	return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-#ifndef OPENSSL_NO_RSA
-static const char* n_keyRecordRead = CSNDKRR;
-static const char* n_digitalSignatureGenerate = CSNDDSG;
-static const char* n_digitalSignatureVerify = CSNDDSV;
-static const char* n_publicKeyExtract = CSNDPKX;
-static const char* n_pkaEncrypt = CSNDPKE;
-static const char* n_pkaDecrypt = CSNDPKD;
-#endif
-static const char* n_randomNumberGenerate = CSNBRNG;
-
-static int hndidx = -1;
-static DSO *dso = NULL;
-
-/* openssl engine initialization structures */
-/*------------------------------------------*/
-
-#define CCA4758_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN	cca4758_cmd_defns[] = {
-	{CCA4758_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the '4758cca' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-static RSA_METHOD ibm_4758_cca_rsa =
-	{
-	"IBM 4758 CCA RSA method",
-	cca_rsa_pub_enc,
-	NULL,
-	NULL,
-	cca_rsa_priv_dec,
-	NULL, /*rsa_mod_exp,*/
-	NULL, /*mod_exp_mont,*/
-	NULL, /* init */
-	NULL, /* finish */
-	RSA_FLAG_SIGN_VER,	  /* flags */
-	NULL, /* app_data */
-	cca_rsa_sign, /* rsa_sign */
-	cca_rsa_verify  /* rsa_verify */
-	};
-#endif
-
-static RAND_METHOD ibm_4758_cca_rand =
-	{
-	/* "IBM 4758 RAND method", */
-	NULL, /* seed */
-	cca_get_random_bytes, /* get random bytes from the card */
-	NULL, /* cleanup */
-	NULL, /* add */
-	cca_get_random_bytes, /* pseudo rand */
-	cca_random_status, /* status */
-	};
-
-static const char *engine_4758_cca_id = "4758cca";
-static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support";
-
-/* engine implementation */
-/*-----------------------*/
-static int bind_helper(ENGINE *e)
-	{
-	if(!ENGINE_set_id(e, engine_4758_cca_id) ||
-			!ENGINE_set_name(e, engine_4758_cca_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
-#endif
-			!ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
-			!ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
-			!ENGINE_set_init_function(e, ibm_4758_cca_init) ||
-			!ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
-			!ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
-			!ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
-			!ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
-			!ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
-		return 0;
-	/* Ensure the error handling is set up */
-	ERR_load_CCA4758_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_4758_cca(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_4758cca(void)
-	{
-	ENGINE *e_4758 = engine_4758_cca();
-	if (!e_4758) return;
-	ENGINE_add(e_4758);
-	ENGINE_free(e_4758);
-	ERR_clear_error();   
-	}
-#endif
-
-static int ibm_4758_cca_destroy(ENGINE *e)
-	{
-	ERR_unload_CCA4758_strings();
-	free_CCA4758_LIB_NAME();
-	return 1;
-	}
-
-static int ibm_4758_cca_init(ENGINE *e)
-	{
-	if(dso)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_ALREADY_LOADED);
-		goto err;
-		}
-
-	dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
-	if(!dso)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
-		goto err;
-		}
-
-#ifndef OPENSSL_NO_RSA
-	if(!(keyRecordRead = (F_KEYRECORDREAD)
-				DSO_bind_func(dso, n_keyRecordRead)) ||
-			!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
-				DSO_bind_func(dso, n_randomNumberGenerate)) ||
-			!(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)
-				DSO_bind_func(dso, n_digitalSignatureGenerate)) ||
-			!(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)
-				DSO_bind_func(dso, n_digitalSignatureVerify)) ||
-			!(publicKeyExtract = (F_PUBLICKEYEXTRACT)
-				DSO_bind_func(dso, n_publicKeyExtract)) ||
-			!(pkaEncrypt = (F_PKAENCRYPT)
-				DSO_bind_func(dso, n_pkaEncrypt)) ||
-			!(pkaDecrypt = (F_PKADECRYPT)
-				DSO_bind_func(dso, n_pkaDecrypt)))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
-		goto err;
-		}
-#else
-	if(!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
-				DSO_bind_func(dso, n_randomNumberGenerate)))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
-		goto err;
-		}
-#endif
-
-	hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
-		NULL, NULL, cca_ex_free);
-
-	return 1;
-err:
-	if(dso)
-		DSO_free(dso);
-	dso = NULL;
-
-	keyRecordRead = (F_KEYRECORDREAD)0;
-	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
-	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
-	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
-	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
-	pkaEncrypt = (F_PKAENCRYPT)0;
-	pkaDecrypt = (F_PKADECRYPT)0;
-	return 0;
-	}
-
-static int ibm_4758_cca_finish(ENGINE *e)
-	{
-	free_CCA4758_LIB_NAME();
-	if(!dso)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
-				CCA4758_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(dso))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
-				CCA4758_R_UNIT_FAILURE);
-		return 0;
-		}
-	dso = NULL;
-	keyRecordRead = (F_KEYRECORDREAD)0;
-	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
-	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
-	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
-	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
-	pkaEncrypt = (F_PKAENCRYPT)0;
-	pkaDecrypt = (F_PKADECRYPT)0;
-	return 1;
-	}
-
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((dso == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case CCA4758_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
-					ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
-					CCA4758_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_CCA4758_LIB_NAME((const char *)p);
-	default:
-		break;
-		}
-	CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
-			CCA4758_R_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-#ifndef OPENSSL_NO_RSA
-
-#define MAX_CCA_PKA_TOKEN_SIZE 2500
-
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
-			UI_METHOD *ui_method, void *callback_data)
-	{
-	RSA *rtmp = NULL;
-	EVP_PKEY *res = NULL;
-	unsigned char* keyToken = NULL;
-	unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
-	long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-	long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-	long returnCode;
-	long reasonCode;
-	long exitDataLength = 0;
-	long ruleArrayLength = 0;
-	unsigned char exitData[8];
-	unsigned char ruleArray[8];
-	unsigned char keyLabel[64];
-	long keyLabelLength = strlen(key_id);
-	unsigned char modulus[256];
-	long modulusFieldLength = sizeof(modulus);
-	long modulusLength = 0;
-	unsigned char exponent[256];
-	long exponentLength = sizeof(exponent);
-
-	if (keyLabelLength > sizeof(keyLabel))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-		CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return NULL;
-		}
-
-	memset(keyLabel,' ', sizeof(keyLabel));
-	memcpy(keyLabel, key_id, keyLabelLength);
-
-	keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
-	if (!keyToken)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-				ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
-		exitData, &ruleArrayLength, ruleArray, keyLabel,
-		&keyTokenLength, keyToken+sizeof(long));
-
-	if (returnCode)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-		goto err;
-		}
-
-	publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
-		exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
-		keyToken+sizeof(long), &pubKeyTokenLength, pubKeyToken);
-
-	if (returnCode)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-		goto err;
-		}
-
-	if (!getModulusAndExponent(pubKeyToken, &exponentLength,
-			exponent, &modulusLength, &modulusFieldLength,
-			modulus))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-		goto err;
-		}
-
-	(*(long*)keyToken) = keyTokenLength;
-	rtmp = RSA_new_method(e);
-	RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-
-	rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
-	rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
-	rtmp->flags |= RSA_FLAG_EXT_PKEY;
-
-	res = EVP_PKEY_new();
-	EVP_PKEY_assign_RSA(res, rtmp);
-
-	return res;
-err:
-	if (keyToken)
-		OPENSSL_free(keyToken);
-	if (res)
-		EVP_PKEY_free(res);
-	if (rtmp)
-		RSA_free(rtmp);
-	return NULL;
-	}
-
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
-			UI_METHOD *ui_method, void *callback_data)
-	{
-	RSA *rtmp = NULL;
-	EVP_PKEY *res = NULL;
-	unsigned char* keyToken = NULL;
-	long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-	long returnCode;
-	long reasonCode;
-	long exitDataLength = 0;
-	long ruleArrayLength = 0;
-	unsigned char exitData[8];
-	unsigned char ruleArray[8];
-	unsigned char keyLabel[64];
-	long keyLabelLength = strlen(key_id);
-	unsigned char modulus[512];
-	long modulusFieldLength = sizeof(modulus);
-	long modulusLength = 0;
-	unsigned char exponent[512];
-	long exponentLength = sizeof(exponent);
-
-	if (keyLabelLength > sizeof(keyLabel))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return NULL;
-		}
-
-	memset(keyLabel,' ', sizeof(keyLabel));
-	memcpy(keyLabel, key_id, keyLabelLength);
-
-	keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
-	if (!keyToken)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,
-				ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
-		&ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
-		keyToken+sizeof(long));
-
-	if (returnCode)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-				ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength,
-			exponent, &modulusLength, &modulusFieldLength, modulus))
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
-			CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
-		goto err;
-		}
-
-	(*(long*)keyToken) = keyTokenLength;
-	rtmp = RSA_new_method(e);
-	RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-	rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
-	rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
-	rtmp->flags |= RSA_FLAG_EXT_PKEY;
-	res = EVP_PKEY_new();
-	EVP_PKEY_assign_RSA(res, rtmp);
-
-	return res;
-err:
-	if (keyToken)
-		OPENSSL_free(keyToken);
-	if (res)
-		EVP_PKEY_free(res);
-	if (rtmp)
-		RSA_free(rtmp);
-	return NULL;
-	}
-
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
-			unsigned char *to, RSA *rsa,int padding)
-	{
-	long returnCode;
-	long reasonCode;
-	long lflen = flen;
-	long exitDataLength = 0;
-	unsigned char exitData[8];
-	long ruleArrayLength = 1;
-	unsigned char ruleArray[8] = "PKCS-1.2";
-	long dataStructureLength = 0;
-	unsigned char dataStructure[8];
-	long outputLength = RSA_size(rsa);
-	long keyTokenLength;
-	unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-
-	keyTokenLength = *(long*)keyToken;
-	keyToken+=sizeof(long);
-
-	pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
-		&ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
-		&dataStructureLength, dataStructure, &keyTokenLength,
-		keyToken, &outputLength, to);
-
-	if (returnCode || reasonCode)
-		return -(returnCode << 16 | reasonCode);
-	return outputLength;
-	}
-
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
-			unsigned char *to, RSA *rsa,int padding)
-	{
-	long returnCode;
-	long reasonCode;
-	long lflen = flen;
-	long exitDataLength = 0;
-	unsigned char exitData[8];
-	long ruleArrayLength = 1;
-	unsigned char ruleArray[8] = "PKCS-1.2";
-	long dataStructureLength = 0;
-	unsigned char dataStructure[8];
-	long outputLength = RSA_size(rsa);
-	long keyTokenLength;
-	unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-
-	keyTokenLength = *(long*)keyToken;
-	keyToken+=sizeof(long);
-
-	pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
-		&ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
-		&dataStructureLength, dataStructure, &keyTokenLength,
-		keyToken, &outputLength, to);
-
-	return (returnCode | reasonCode) ? 0 : 1;
-	}
-
-#define SSL_SIG_LEN 36
-
-static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
-	{
-	long returnCode;
-	long reasonCode;
-	long lsiglen = siglen;
-	long exitDataLength = 0;
-	unsigned char exitData[8];
-	long ruleArrayLength = 1;
-	unsigned char ruleArray[8] = "PKCS-1.1";
-	long keyTokenLength;
-	unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-	long length = SSL_SIG_LEN;
-	long keyLength ;
-	unsigned char *hashBuffer = NULL;
-	X509_SIG sig;
-	ASN1_TYPE parameter;
-	X509_ALGOR algorithm;
-	ASN1_OCTET_STRING digest;
-
-	keyTokenLength = *(long*)keyToken;
-	keyToken+=sizeof(long);
-
-	if (type == NID_md5 || type == NID_sha1)
-		{
-		sig.algor = &algorithm;
-		algorithm.algorithm = OBJ_nid2obj(type);
-
-		if (!algorithm.algorithm)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-				CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
-			return 0;
-			}
-
-		if (!algorithm.algorithm->length)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-				CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
-			return 0;
-			}
-
-		parameter.type = V_ASN1_NULL;
-		parameter.value.ptr = NULL;
-		algorithm.parameter = &parameter;
-
-		sig.digest = &digest;
-		sig.digest->data = (unsigned char*)m;
-		sig.digest->length = m_len;
-
-		length = i2d_X509_SIG(&sig, NULL);
-		}
-
-	keyLength = RSA_size(rsa);
-
-	if (length - RSA_PKCS1_PADDING > keyLength)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return 0;
-		}
-
-	switch (type)
-		{
-		case NID_md5_sha1 :
-			if (m_len != SSL_SIG_LEN)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-				CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-				return 0;
-				}
-
-			hashBuffer = (unsigned char *)m;
-			length = m_len;
-			break;
-		case NID_md5 :
-			{
-			unsigned char *ptr;
-			ptr = hashBuffer = OPENSSL_malloc(
-					(unsigned int)keyLength+1);
-			if (!hashBuffer)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-						ERR_R_MALLOC_FAILURE);
-				return 0;
-				}
-
-			i2d_X509_SIG(&sig, &ptr);
-			}
-			break;
-		case NID_sha1 :
-			{
-			unsigned char *ptr;
-			ptr = hashBuffer = OPENSSL_malloc(
-					(unsigned int)keyLength+1);
-			if (!hashBuffer)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-						ERR_R_MALLOC_FAILURE);
-				return 0;
-				}
-			i2d_X509_SIG(&sig, &ptr);
-			}
-			break;
-		default:
-			return 0;
-		}
-
-	digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
-		exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
-		keyToken, &length, hashBuffer, &lsiglen, sigbuf);
-
-	if (type == NID_sha1 || type == NID_md5)
-		{
-		OPENSSL_cleanse(hashBuffer, keyLength+1);
-		OPENSSL_free(hashBuffer);
-		}
-
-	return ((returnCode || reasonCode) ? 0 : 1);
-	}
-
-#define SSL_SIG_LEN 36
-
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigret, unsigned int *siglen, const RSA *rsa)
-	{
-	long returnCode;
-	long reasonCode;
-	long exitDataLength = 0;
-	unsigned char exitData[8];
-	long ruleArrayLength = 1;
-	unsigned char ruleArray[8] = "PKCS-1.1";
-	long outputLength=256;
-	long outputBitLength;
-	long keyTokenLength;
-	unsigned char *hashBuffer = NULL;
-	unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-	long length = SSL_SIG_LEN;
-	long keyLength ;
-	X509_SIG sig;
-	ASN1_TYPE parameter;
-	X509_ALGOR algorithm;
-	ASN1_OCTET_STRING digest;
-
-	keyTokenLength = *(long*)keyToken;
-	keyToken+=sizeof(long);
-
-	if (type == NID_md5 || type == NID_sha1)
-		{
-		sig.algor = &algorithm;
-		algorithm.algorithm = OBJ_nid2obj(type);
-
-		if (!algorithm.algorithm)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
-				CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
-			return 0;
-			}
-
-		if (!algorithm.algorithm->length)
-			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
-				CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
-			return 0;
-			}
-
-		parameter.type = V_ASN1_NULL;
-		parameter.value.ptr = NULL;
-		algorithm.parameter = &parameter;
-
-		sig.digest = &digest;
-		sig.digest->data = (unsigned char*)m;
-		sig.digest->length = m_len;
-
-		length = i2d_X509_SIG(&sig, NULL);
-		}
-
-	keyLength = RSA_size(rsa);
-
-	if (length - RSA_PKCS1_PADDING > keyLength)
-		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
-			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return 0;
-		}
-
-	switch (type)
-		{
-		case NID_md5_sha1 :
-			if (m_len != SSL_SIG_LEN)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
-				CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-				return 0;
-				}
-			hashBuffer = (unsigned char*)m;
-			length = m_len;
-			break;
-		case NID_md5 :
-			{
-			unsigned char *ptr;
-			ptr = hashBuffer = OPENSSL_malloc(
-					(unsigned int)keyLength+1);
-			if (!hashBuffer)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-						ERR_R_MALLOC_FAILURE);
-				return 0;
-				}
-			i2d_X509_SIG(&sig, &ptr);
-			}
-			break;
-		case NID_sha1 :
-			{
-			unsigned char *ptr;
-			ptr = hashBuffer = OPENSSL_malloc(
-					(unsigned int)keyLength+1);
-			if (!hashBuffer)
-				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
-						ERR_R_MALLOC_FAILURE);
-				return 0;
-				}
-			i2d_X509_SIG(&sig, &ptr);
-			}
-			break;
-		default:
-			return 0;
-		}
-
-	digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
-		exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
-		keyToken, &length, hashBuffer, &outputLength, &outputBitLength,
-		sigret);
-
-	if (type == NID_sha1 || type == NID_md5)
-		{
-		OPENSSL_cleanse(hashBuffer, keyLength+1);
-		OPENSSL_free(hashBuffer);
-		}
-
-	*siglen = outputLength;
-
-	return ((returnCode || reasonCode) ? 0 : 1);
-	}
-
-static int getModulusAndExponent(const unsigned char*token, long *exponentLength,
-		unsigned char *exponent, long *modulusLength, long *modulusFieldLength,
-		unsigned char *modulus)
-	{
-	unsigned long len;
-
-	if (*token++ != (char)0x1E) /* internal PKA token? */
-		return 0;
-
-	if (*token++) /* token version must be zero */
-		return 0;
-
-	len = *token++;
-	len = len << 8;
-	len |= (unsigned char)*token++;
-
-	token += 4; /* skip reserved bytes */
-
-	if (*token++ == (char)0x04)
-		{
-		if (*token++) /* token version must be zero */
-			return 0;
-
-		len = *token++;
-		len = len << 8;
-		len |= (unsigned char)*token++;
-
-		token+=2; /* skip reserved section */
-
-		len = *token++;
-		len = len << 8;
-		len |= (unsigned char)*token++;
-
-		*exponentLength = len;
-
-		len = *token++;
-		len = len << 8;
-		len |= (unsigned char)*token++;
-
-		*modulusLength = len;
-
-		len = *token++;
-		len = len << 8;
-		len |= (unsigned char)*token++;
-
-		*modulusFieldLength = len;
-
-		memcpy(exponent, token, *exponentLength);
-		token+= *exponentLength;
-
-		memcpy(modulus, token, *modulusFieldLength);
-		return 1;
-		}
-	return 0;
-	}
-
-#endif /* OPENSSL_NO_RSA */
-
-static int cca_random_status(void)
-	{
-	return 1;
-	}
-
-static int cca_get_random_bytes(unsigned char* buf, int num)
-	{
-	long ret_code;
-	long reason_code;
-	long exit_data_length;
-	unsigned char exit_data[4];
-	unsigned char form[] = "RANDOM  ";
-	unsigned char rand_buf[8];
-
-	while(num >= sizeof(rand_buf))
-		{
-		randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
-			exit_data, form, rand_buf);
-		if (ret_code)
-			return 0;
-		num -= sizeof(rand_buf);
-		memcpy(buf, rand_buf, sizeof(rand_buf));
-		buf += sizeof(rand_buf);
-		}
-
-	if (num)
-		{
-		randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
-			form, rand_buf);
-		if (ret_code)
-			return 0;
-		memcpy(buf, rand_buf, num);
-		}
-
-	return 1;
-	}
-
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
-		long argl, void *argp)
-	{
-	if (item)
-		OPENSSL_free(item);
-	}
-
-/* Goo to handle building as a dynamic engine */
-#ifdef ENGINE_DYNAMIC_SUPPORT 
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_4758_cca_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_4758_CCA */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_4758_cca_err.c b/crypto/openssl/crypto/engine/hw_4758_cca_err.c
deleted file mode 100644
index 7ea5c63707bc..000000000000
--- a/crypto/openssl/crypto/engine/hw_4758_cca_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* hw_4758_cca_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_4758_cca_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CCA4758_str_functs[]=
-	{
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_CTRL,0),	"IBM_4758_CCA_CTRL"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_FINISH,0),	"IBM_4758_CCA_FINISH"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_INIT,0),	"IBM_4758_CCA_INIT"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,0),	"IBM_4758_CCA_LOAD_PRIVKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,0),	"IBM_4758_CCA_LOAD_PUBKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_SIGN,0),	"IBM_4758_CCA_SIGN"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_VERIFY,0),	"IBM_4758_CCA_VERIFY"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA CCA4758_str_reasons[]=
-	{
-{CCA4758_R_ALREADY_LOADED                ,"already loaded"},
-{CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD       ,"asn1 oid unknown for md"},
-{CCA4758_R_COMMAND_NOT_IMPLEMENTED       ,"command not implemented"},
-{CCA4758_R_DSO_FAILURE                   ,"dso failure"},
-{CCA4758_R_FAILED_LOADING_PRIVATE_KEY    ,"failed loading private key"},
-{CCA4758_R_FAILED_LOADING_PUBLIC_KEY     ,"failed loading public key"},
-{CCA4758_R_NOT_LOADED                    ,"not loaded"},
-{CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL   ,"size too large or too small"},
-{CCA4758_R_UNIT_FAILURE                  ,"unit failure"},
-{CCA4758_R_UNKNOWN_ALGORITHM_TYPE        ,"unknown algorithm type"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef CCA4758_LIB_NAME
-static ERR_STRING_DATA CCA4758_lib_name[]=
-        {
-{0	,CCA4758_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int CCA4758_lib_error_code=0;
-static int CCA4758_error_init=1;
-
-static void ERR_load_CCA4758_strings(void)
-	{
-	if (CCA4758_lib_error_code == 0)
-		CCA4758_lib_error_code=ERR_get_next_error_library();
-
-	if (CCA4758_error_init)
-		{
-		CCA4758_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_functs);
-		ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
-		CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code,0,0);
-		ERR_load_strings(0,CCA4758_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_CCA4758_strings(void)
-	{
-	if (CCA4758_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_functs);
-		ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
-		ERR_unload_strings(0,CCA4758_lib_name);
-#endif
-		CCA4758_error_init=1;
-		}
-	}
-
-static void ERR_CCA4758_error(int function, int reason, char *file, int line)
-	{
-	if (CCA4758_lib_error_code == 0)
-		CCA4758_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(CCA4758_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_4758_cca_err.h b/crypto/openssl/crypto/engine/hw_4758_cca_err.h
deleted file mode 100644
index 2fc563ab1170..000000000000
--- a/crypto/openssl/crypto/engine/hw_4758_cca_err.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CCA4758_ERR_H
-#define HEADER_CCA4758_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CCA4758_strings(void);
-static void ERR_unload_CCA4758_strings(void);
-static void ERR_CCA4758_error(int function, int reason, char *file, int line);
-#define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CCA4758 functions. */
-
-/* Function codes. */
-#define CCA4758_F_IBM_4758_CCA_CTRL			 100
-#define CCA4758_F_IBM_4758_CCA_FINISH			 101
-#define CCA4758_F_IBM_4758_CCA_INIT			 102
-#define CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY		 103
-#define CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY		 104
-#define CCA4758_F_IBM_4758_CCA_SIGN			 105
-#define CCA4758_F_IBM_4758_CCA_VERIFY			 106
-
-/* Reason codes. */
-#define CCA4758_R_ALREADY_LOADED			 100
-#define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD		 101
-#define CCA4758_R_COMMAND_NOT_IMPLEMENTED		 102
-#define CCA4758_R_DSO_FAILURE				 103
-#define CCA4758_R_FAILED_LOADING_PRIVATE_KEY		 104
-#define CCA4758_R_FAILED_LOADING_PUBLIC_KEY		 105
-#define CCA4758_R_NOT_LOADED				 106
-#define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 107
-#define CCA4758_R_UNIT_FAILURE				 108
-#define CCA4758_R_UNKNOWN_ALGORITHM_TYPE		 109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_aep.c b/crypto/openssl/crypto/engine/hw_aep.c
deleted file mode 100644
index 8b8380a582b4..000000000000
--- a/crypto/openssl/crypto/engine/hw_aep.c
+++ /dev/null
@@ -1,1119 +0,0 @@
-/* crypto/engine/hw_aep.c */
-/*
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <string.h>
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-#include <sys/types.h>
-#include <unistd.h>
-#else
-#include <process.h>
-typedef int pid_t;
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/buffer.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_AEP
-#ifdef FLAT_INC
-#include "aep.h"
-#else
-#include "vendor_defns/aep.h"
-#endif
-
-#define AEP_LIB_NAME "aep engine"
-#define FAIL_TO_SW 0x10101010
-
-#include "hw_aep_err.c"
-
-static int aep_init(ENGINE *e);
-static int aep_finish(ENGINE *e);
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int aep_destroy(ENGINE *e);
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
-
-/* BIGNUM stuff */
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx);
-
-static AEP_RV aep_mod_exp_crt(BIGNUM *r,const  BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1,
-	const BIGNUM *iqmp, BN_CTX *ctx);
-
-/* RSA stuff */
-#ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-/* DSA stuff */
-#ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-	BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-	BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-	const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-	BN_MONT_CTX *m_ctx);
-#endif
-
-/* DH stuff */
-/* This function is aliased to mod_exp (with the DH and mont dropped). */
-#ifndef OPENSSL_NO_DH
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-	const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* rand stuff   */
-#ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int num);
-static int aep_rand_status(void);
-#endif
-
-/* Bignum conversion stuff */
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize);
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
-	unsigned char* AEP_BigNum);
-static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
-	unsigned char* AEP_BigNum);
-
-/* The definitions for control commands specific to this engine */
-#define AEP_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN aep_cmd_defns[] =
-	{
-	{ AEP_CMD_SO_PATH,
-	  "SO_PATH",
-	  "Specifies the path to the 'aep' shared library",
-	  ENGINE_CMD_FLAG_STRING
-	},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD aep_rsa =
-	{
-	"Aep RSA method",
-	NULL,                /*rsa_pub_encrypt*/
-	NULL,                /*rsa_pub_decrypt*/
-	NULL,                /*rsa_priv_encrypt*/
-	NULL,                /*rsa_priv_encrypt*/
-	aep_rsa_mod_exp,     /*rsa_mod_exp*/
-	aep_mod_exp_mont,    /*bn_mod_exp*/
-	NULL,                /*init*/
-	NULL,                /*finish*/
-	0,                   /*flags*/
-	NULL,                /*app_data*/
-	NULL,                /*rsa_sign*/
-	NULL                 /*rsa_verify*/
-	};
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD aep_dsa =
-	{
-	"Aep DSA method",
-	NULL,                /* dsa_do_sign */
-	NULL,                /* dsa_sign_setup */
-	NULL,                /* dsa_do_verify */
-	aep_dsa_mod_exp,     /* dsa_mod_exp */
-	aep_mod_exp_dsa,     /* bn_mod_exp */
-	NULL,                /* init */
-	NULL,                /* finish */
-	0,                   /* flags */
-	NULL                 /* app_data */
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD aep_dh =
-	{
-	"Aep DH method",
-	NULL,
-	NULL,
-	aep_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-#ifdef AEPRAND
-/* our internal RAND_method that we provide pointers to  */
-static RAND_METHOD aep_random =
-	{
-	/*"AEP RAND method", */
-	NULL,
-	aep_rand,
-	NULL,
-	NULL,
-	aep_rand,
-	aep_rand_status,
-	};
-#endif
-
-/*Define an array of structures to hold connections*/
-static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
-
-/*Used to determine if this is a new process*/
-static pid_t    recorded_pid = 0;
-
-#ifdef AEPRAND
-static AEP_U8   rand_block[RAND_BLK_SIZE];
-static AEP_U32  rand_block_bytes = 0;
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_aep_id = "aep";
-static const char *engine_aep_name = "Aep hardware engine support";
-
-static int max_key_len = 2176;
-
-
-/* This internal function is used by ENGINE_aep() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_aep(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD  *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
-	const DSA_METHOD  *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD	  *meth3;
-#endif
-
-	if(!ENGINE_set_id(e, engine_aep_id) ||
-		!ENGINE_set_name(e, engine_aep_name) ||
-#ifndef OPENSSL_NO_RSA
-		!ENGINE_set_RSA(e, &aep_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-		!ENGINE_set_DSA(e, &aep_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-		!ENGINE_set_DH(e, &aep_dh) ||
-#endif
-#ifdef AEPRAND
-		!ENGINE_set_RAND(e, &aep_random) ||
-#endif
-		!ENGINE_set_init_function(e, aep_init) ||
-		!ENGINE_set_destroy_function(e, aep_destroy) ||
-		!ENGINE_set_finish_function(e, aep_finish) ||
-		!ENGINE_set_ctrl_function(e, aep_ctrl) ||
-		!ENGINE_set_cmd_defns(e, aep_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the aep-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */
-	meth1 = RSA_PKCS1_SSLeay();
-	aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-	aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-	aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-
-#ifndef OPENSSL_NO_DSA
-	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
-	 * bits. */
-	meth2 = DSA_OpenSSL();
-	aep_dsa.dsa_do_sign    = meth2->dsa_do_sign;
-	aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
-	aep_dsa.dsa_do_verify  = meth2->dsa_do_verify;
-
-	aep_dsa = *DSA_get_default_method(); 
-	aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; 
-	aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth3 = DH_OpenSSL();
-	aep_dh.generate_key = meth3->generate_key;
-	aep_dh.compute_key  = meth3->compute_key;
-	aep_dh.bn_mod_exp   = meth3->bn_mod_exp;
-#endif
-
-	/* Ensure the aep error handling is set up */
-	ERR_load_AEPHK_strings();
-
-	return 1;
-}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_helper(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_aep_id) != 0))
-		return 0;
-	if(!bind_aep(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
-static ENGINE *engine_aep(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_aep(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_aep(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_aep();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the Aep library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *aep_dso = NULL;
-
-/* These are the static string constants for the DSO file name and the function
- * symbol names to bind to. 
-*/
-static const char *AEP_LIBNAME = NULL;
-static const char *get_AEP_LIBNAME(void)
-	{
-	if(AEP_LIBNAME)
-		return AEP_LIBNAME;
-	return "aep";
-	}
-static void free_AEP_LIBNAME(void)
-	{
-	if(AEP_LIBNAME)
-		OPENSSL_free((void*)AEP_LIBNAME);
-	AEP_LIBNAME = NULL;
-	}
-static long set_AEP_LIBNAME(const char *name)
-	{
-	free_AEP_LIBNAME();
-	return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
-	}
-
-static const char *AEP_F1    = "AEP_ModExp";
-static const char *AEP_F2    = "AEP_ModExpCrt";
-#ifdef AEPRAND
-static const char *AEP_F3    = "AEP_GenRandom";
-#endif
-static const char *AEP_F4    = "AEP_Finalize";
-static const char *AEP_F5    = "AEP_Initialize";
-static const char *AEP_F6    = "AEP_OpenConnection";
-static const char *AEP_F7    = "AEP_SetBNCallBacks";
-static const char *AEP_F8    = "AEP_CloseConnection";
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static t_AEP_OpenConnection    *p_AEP_OpenConnection  = NULL;
-static t_AEP_CloseConnection   *p_AEP_CloseConnection = NULL;
-static t_AEP_ModExp            *p_AEP_ModExp          = NULL;
-static t_AEP_ModExpCrt         *p_AEP_ModExpCrt       = NULL;
-#ifdef AEPRAND
-static t_AEP_GenRandom         *p_AEP_GenRandom       = NULL;
-#endif
-static t_AEP_Initialize        *p_AEP_Initialize      = NULL;
-static t_AEP_Finalize          *p_AEP_Finalize        = NULL;
-static t_AEP_SetBNCallBacks    *p_AEP_SetBNCallBacks  = NULL;
-
-/* (de)initialisation functions. */
-static int aep_init(ENGINE *e)
-	{
-	t_AEP_ModExp          *p1;
-	t_AEP_ModExpCrt       *p2;
-#ifdef AEPRAND
-	t_AEP_GenRandom       *p3;
-#endif
-	t_AEP_Finalize        *p4;
-	t_AEP_Initialize      *p5;
-	t_AEP_OpenConnection  *p6;
-	t_AEP_SetBNCallBacks  *p7;
-	t_AEP_CloseConnection *p8;
-
-	int to_return = 0;
- 
-	if(aep_dso != NULL)
-		{
-		AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* Attempt to load libaep.so. */
-
-	aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
-  
-	if(aep_dso == NULL)
-		{
-		AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
-		goto err;
-		}
-
-	if(	!(p1 = (t_AEP_ModExp *)     DSO_bind_func( aep_dso,AEP_F1))  ||
-		!(p2 = (t_AEP_ModExpCrt*)   DSO_bind_func( aep_dso,AEP_F2))  ||
-#ifdef AEPRAND
-		!(p3 = (t_AEP_GenRandom*)   DSO_bind_func( aep_dso,AEP_F3))  ||
-#endif
-		!(p4 = (t_AEP_Finalize*)    DSO_bind_func( aep_dso,AEP_F4))  ||
-		!(p5 = (t_AEP_Initialize*)  DSO_bind_func( aep_dso,AEP_F5))  ||
-		!(p6 = (t_AEP_OpenConnection*) DSO_bind_func( aep_dso,AEP_F6))  ||
-		!(p7 = (t_AEP_SetBNCallBacks*) DSO_bind_func( aep_dso,AEP_F7))  ||
-		!(p8 = (t_AEP_CloseConnection*) DSO_bind_func( aep_dso,AEP_F8)))
-		{
-		AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
-		goto err;
-		}
-
-	/* Copy the pointers */
-  
-	p_AEP_ModExp           = p1;
-	p_AEP_ModExpCrt        = p2;
-#ifdef AEPRAND
-	p_AEP_GenRandom        = p3;
-#endif
-	p_AEP_Finalize         = p4;
-	p_AEP_Initialize       = p5;
-	p_AEP_OpenConnection   = p6;
-	p_AEP_SetBNCallBacks   = p7;
-	p_AEP_CloseConnection  = p8;
- 
-	to_return = 1;
- 
-	return to_return;
-
- err: 
-
-	if(aep_dso)
-		DSO_free(aep_dso);
-		
-	p_AEP_OpenConnection    = NULL;
-	p_AEP_ModExp            = NULL;
-	p_AEP_ModExpCrt         = NULL;
-#ifdef AEPRAND
-	p_AEP_GenRandom         = NULL;
-#endif
-	p_AEP_Initialize        = NULL;
-	p_AEP_Finalize          = NULL;
-	p_AEP_SetBNCallBacks    = NULL;
-	p_AEP_CloseConnection   = NULL;
-
-	return to_return;
-	}
-
-/* Destructor (complements the "ENGINE_aep()" constructor) */
-static int aep_destroy(ENGINE *e)
-	{
-	free_AEP_LIBNAME();
-	ERR_unload_AEPHK_strings();
-	return 1;
-	}
-
-static int aep_finish(ENGINE *e)
-	{
-	int to_return = 0, in_use;
-	AEP_RV rv;
-
-	if(aep_dso == NULL)
-		{
-		AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_NOT_LOADED);
-		goto err;
-		}
-
-	rv = aep_close_all_connections(0, &in_use);
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CLOSE_HANDLES_FAILED);
-		goto err;
-		}
-	if (in_use)
-		{
-		AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CONNECTIONS_IN_USE);
-		goto err;
-		}
-
-	rv = p_AEP_Finalize();
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_FINALIZE_FAILED);
-		goto err;
-		}
-
-	if(!DSO_free(aep_dso))
-		{
-		AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_UNIT_FAILURE);
-		goto err;
-		}
-
-	aep_dso = NULL;
-	p_AEP_CloseConnection   = NULL;
-	p_AEP_OpenConnection    = NULL;
-	p_AEP_ModExp            = NULL;
-	p_AEP_ModExpCrt         = NULL;
-#ifdef AEPRAND
-	p_AEP_GenRandom         = NULL;
-#endif
-	p_AEP_Initialize        = NULL;
-	p_AEP_Finalize          = NULL;
-	p_AEP_SetBNCallBacks    = NULL;
-
-	to_return = 1;
- err:
-	return to_return;
-	}
-
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((aep_dso == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case AEP_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			AEPHKerr(AEPHK_F_AEP_CTRL,
-				ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			AEPHKerr(AEPHK_F_AEP_CTRL,
-				AEPHK_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_AEP_LIBNAME((const char*)p);
-	default:
-		break;
-		}
-	AEPHKerr(AEPHK_F_AEP_CTRL,AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx)
-	{
-	int to_return = 0;
-	int 	r_len = 0;
-	AEP_CONNECTION_HNDL hConnection;
-	AEP_RV rv;
-	
-	r_len = BN_num_bits(m);
-
-	/* Perform in software if modulus is too large for hardware. */
-
-	if (r_len > max_key_len){
-		AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return BN_mod_exp(r, a, p, m, ctx);
-	} 
-
-	/*Grab a connection from the pool*/
-	rv = aep_get_connection(&hConnection);
-	if (rv != AEP_R_OK)
-		{     
-		AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_GET_HANDLE_FAILED);
-		return BN_mod_exp(r, a, p, m, ctx);
-		}
-
-	/*To the card with the mod exp*/
-	rv = p_AEP_ModExp(hConnection,(void*)a, (void*)p,(void*)m, (void*)r,NULL);
-
-	if (rv !=  AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_MOD_EXP_FAILED);
-		rv = aep_close_connection(hConnection);
-		return BN_mod_exp(r, a, p, m, ctx);
-		}
-
-	/*Return the connection to the pool*/
-	rv = aep_return_connection(hConnection);
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
-		goto err;
-		}
-
-	to_return = 1;
- err:
-	return to_return;
-	}
-	
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *q, const BIGNUM *dmp1,
-	const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx)
-	{
-	AEP_RV rv = AEP_R_OK;
-	AEP_CONNECTION_HNDL hConnection;
-
-	/*Grab a connection from the pool*/
-	rv = aep_get_connection(&hConnection);
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_GET_HANDLE_FAILED);
-		return FAIL_TO_SW;
-		}
-
-	/*To the card with the mod exp*/
-	rv = p_AEP_ModExpCrt(hConnection,(void*)a, (void*)p, (void*)q, (void*)dmp1,(void*)dmq1,
-		(void*)iqmp,(void*)r,NULL);
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_MOD_EXP_CRT_FAILED);
-		rv = aep_close_connection(hConnection);
-		return FAIL_TO_SW;
-		}
-
-	/*Return the connection to the pool*/
-	rv = aep_return_connection(hConnection);
-	if (rv != AEP_R_OK)
-		{
-		AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
-		goto err;
-		}
- 
- err:
-	return rv;
-	}
-	
-
-#ifdef AEPRAND
-static int aep_rand(unsigned char *buf,int len )
-	{
-	AEP_RV rv = AEP_R_OK;
-	AEP_CONNECTION_HNDL hConnection;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-	/*Can the request be serviced with what's already in the buffer?*/
-	if (len <= rand_block_bytes)
-		{
-		memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
-		rand_block_bytes -= len;
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-		}
-	else
-		/*If not the get another block of random bytes*/
-		{
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-		rv = aep_get_connection(&hConnection);
-		if (rv !=  AEP_R_OK)
-			{ 
-			AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_HANDLE_FAILED);             
-			goto err_nounlock;
-			}
-
-		if (len > RAND_BLK_SIZE)
-			{
-			rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
-			if (rv !=  AEP_R_OK)
-				{  
-				AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); 
-				goto err_nounlock;
-				}
-			}
-		else
-			{
-			CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-			rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2, &rand_block[0], NULL);
-			if (rv !=  AEP_R_OK)
-				{       
-				AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); 
-	      
-				goto err;
-				}
-
-			rand_block_bytes = RAND_BLK_SIZE;
-
-			memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
-			rand_block_bytes -= len;
-
-			CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-			}
-
-		rv = aep_return_connection(hConnection);
-		if (rv != AEP_R_OK)
-			{
-			AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
-	  
-			goto err_nounlock;
-			}
-		}
-  
-	return 1;
- err:
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- err_nounlock:
-	return 0;
-	}
-	
-static int aep_rand_status(void)
-{
-	return 1;
-}
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	BN_CTX *ctx = NULL;
-	int to_return = 0;
-	AEP_RV rv = AEP_R_OK;
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	if (!aep_dso)
-		{
-		AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED);
-		goto err;
-		}
-
-	/*See if we have all the necessary bits for a crt*/
-	if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp)
-		{
-		rv =  aep_mod_exp_crt(r0,I,rsa->p,rsa->q, rsa->dmp1,rsa->dmq1,rsa->iqmp,ctx);
-
-		if (rv == FAIL_TO_SW){
-			const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-			to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
-			goto err;
-		}
-		else if (rv != AEP_R_OK)
-			goto err;
-		}
-	else
-		{
-		if (!rsa->d || !rsa->n)
-			{
-			AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_MISSING_KEY_COMPONENTS);
-			goto err;
-			}
- 
-		rv = aep_mod_exp(r0,I,rsa->d,rsa->n,ctx);
-		if  (rv != AEP_R_OK)
-			goto err;
-	
-		}
-
-	to_return = 1;
-
- err:
-	if(ctx)
-		BN_CTX_free(ctx);
-	return to_return;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-	BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-	BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BIGNUM t;
-	int to_return = 0;
-	BN_init(&t);
-
-	/* let rr = a1 ^ p1 mod m */
-	if (!aep_mod_exp(rr,a1,p1,m,ctx)) goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!aep_mod_exp(&t,a2,p2,m,ctx)) goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
-	to_return = 1;
- end: 
-	BN_free(&t);
-	return to_return;
-	}
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-	const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-	BN_MONT_CTX *m_ctx)
-	{  
-	return aep_mod_exp(r, a, p, m, ctx); 
-	}
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return aep_mod_exp(r, a, p, m, ctx);
-	}
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-	const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-	BN_MONT_CTX *m_ctx)
-	{
-	return aep_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
-	{
-	int count;
-	AEP_RV rv = AEP_R_OK;
-
-	/*Get the current process id*/
-	pid_t curr_pid;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-	curr_pid = getpid();
-
-	/*Check if this is the first time this is being called from the current
-	  process*/
-	if (recorded_pid != curr_pid)
-		{
-		/*Remember our pid so we can check if we're in a new process*/
-		recorded_pid = curr_pid;
-
-		/*Call Finalize to make sure we have not inherited some data
-		  from a parent process*/
-		p_AEP_Finalize();
-     
-		/*Initialise the AEP API*/
-		rv = p_AEP_Initialize(NULL);
-
-		if (rv != AEP_R_OK)
-			{
-			AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_INIT_FAILURE);
-			recorded_pid = 0;
-			goto end;
-			}
-
-		/*Set the AEP big num call back functions*/
-		rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
-			&ConvertAEPBigNum);
-
-		if (rv != AEP_R_OK)
-			{
-			AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_SETBNCALLBACK_FAILURE);
-			recorded_pid = 0;
-			goto end;
-			}
-
-#ifdef AEPRAND
-		/*Reset the rand byte count*/
-		rand_block_bytes = 0;
-#endif
-
-		/*Init the structures*/
-		for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-			{
-			aep_app_conn_table[count].conn_state = NotConnected;
-			aep_app_conn_table[count].conn_hndl  = 0;
-			}
-
-		/*Open a connection*/
-		rv = p_AEP_OpenConnection(phConnection);
-
-		if (rv != AEP_R_OK)
-			{
-			AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
-			recorded_pid = 0;
-			goto end;
-			}
-
-		aep_app_conn_table[0].conn_state = InUse;
-		aep_app_conn_table[0].conn_hndl = *phConnection;
-		goto end;
-		}
-	/*Check the existing connections to see if we can find a free one*/
-	for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-		{
-		if (aep_app_conn_table[count].conn_state == Connected)
-			{
-			aep_app_conn_table[count].conn_state = InUse;
-			*phConnection = aep_app_conn_table[count].conn_hndl;
-			goto end;
-			}
-		}
-	/*If no connections available, we're going to have to try
-	  to open a new one*/
-	for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-		{
-		if (aep_app_conn_table[count].conn_state == NotConnected)
-			{
-			/*Open a connection*/
-			rv = p_AEP_OpenConnection(phConnection);
-
-			if (rv != AEP_R_OK)
-				{	      
-				AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
-				goto end;
-				}
-
-			aep_app_conn_table[count].conn_state = InUse;
-			aep_app_conn_table[count].conn_hndl = *phConnection;
-			goto end;
-			}
-		}
-	rv = AEP_R_GENERAL_ERROR;
- end:
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return rv;
-	}
-
-
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
-	{
-	int count;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-	/*Find the connection item that matches this connection handle*/
-	for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-		{
-		if (aep_app_conn_table[count].conn_hndl == hConnection)
-			{
-			aep_app_conn_table[count].conn_state = Connected;
-			break;
-			}
-		}
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
-	return AEP_R_OK;
-	}
-
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
-	{
-	int count;
-	AEP_RV rv = AEP_R_OK;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-	/*Find the connection item that matches this connection handle*/
-	for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-		{
-		if (aep_app_conn_table[count].conn_hndl == hConnection)
-			{
-			rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
-			if (rv != AEP_R_OK)
-				goto end;
-			aep_app_conn_table[count].conn_state = NotConnected;
-			aep_app_conn_table[count].conn_hndl  = 0;
-			break;
-			}
-		}
-
- end:
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return rv;
-	}
-
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
-	{
-	int count;
-	AEP_RV rv = AEP_R_OK;
-
-	*in_use = 0;
-	if (use_engine_lock) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
-		{
-		switch (aep_app_conn_table[count].conn_state)
-			{
-		case Connected:
-			rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
-			if (rv != AEP_R_OK)
-				goto end;
-			aep_app_conn_table[count].conn_state = NotConnected;
-			aep_app_conn_table[count].conn_hndl  = 0;
-			break;
-		case InUse:
-			(*in_use)++;
-			break;
-		case NotConnected:
-			break;
-			}
-		}
- end:
-	if (use_engine_lock) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return rv;
-	}
-
-/*BigNum call back functions, used to convert OpenSSL bignums into AEP bignums.
-  Note only 32bit Openssl build support*/
-
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize)
-	{
-	BIGNUM* bn;
-
-	/*Cast the ArbBigNum pointer to our BIGNUM struct*/
-	bn = (BIGNUM*) ArbBigNum;
-
-#ifdef SIXTY_FOUR_BIT_LONG
-	*BigNumSize = bn->top << 3;
-#else
-	/*Size of the bignum in bytes is equal to the bn->top (no of 32 bit
-	  words) multiplies by 4*/
-	*BigNumSize = bn->top << 2;
-#endif
-
-	return AEP_R_OK;
-	}
-
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
-	unsigned char* AEP_BigNum)
-	{
-	BIGNUM* bn;
-
-#ifndef SIXTY_FOUR_BIT_LONG
-	unsigned char* buf;
-	int i;
-#endif
-
-	/*Cast the ArbBigNum pointer to our BIGNUM struct*/
-	bn = (BIGNUM*) ArbBigNum;
-
-#ifdef SIXTY_FOUR_BIT_LONG
-  	memcpy(AEP_BigNum, bn->d, BigNumSize);
-#else
-	/*Must copy data into a (monotone) least significant byte first format
-	  performing endian conversion if necessary*/
-	for(i=0;i<bn->top;i++)
-		{
-		buf = (unsigned char*)&bn->d[i];
-
-		*((AEP_U32*)AEP_BigNum) = (AEP_U32)
-			((unsigned) buf[1] << 8 | buf[0]) |
-			((unsigned) buf[3] << 8 | buf[2])  << 16;
-
-		AEP_BigNum += 4;
-		}
-#endif
-
-	return AEP_R_OK;
-	}
-
-/*Turn an AEP Big Num back to a user big num*/
-static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
-	unsigned char* AEP_BigNum)
-	{
-	BIGNUM* bn;
-#ifndef SIXTY_FOUR_BIT_LONG
-	int i;
-#endif
-
-	bn = (BIGNUM*)ArbBigNum;
-
-	/*Expand the result bn so that it can hold our big num.
-	  Size is in bits*/
-	bn_expand(bn, (int)(BigNumSize << 3));
-
-#ifdef SIXTY_FOUR_BIT_LONG
-	bn->top = BigNumSize >> 3;
-	
-	if((BigNumSize & 7) != 0)
-		bn->top++;
-
-	memset(bn->d, 0, bn->top << 3);	
-
-	memcpy(bn->d, AEP_BigNum, BigNumSize);
-#else
-	bn->top = BigNumSize >> 2;
- 
-	for(i=0;i<bn->top;i++)
-		{
-		bn->d[i] = (AEP_U32)
-			((unsigned) AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 |
-			((unsigned) AEP_BigNum[1] << 8 | AEP_BigNum[0]);
-		AEP_BigNum += 4;
-		}
-#endif
-
-	return AEP_R_OK;
-}	
-	
-#endif /* !OPENSSL_NO_HW_AEP */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_aep_err.c b/crypto/openssl/crypto/engine/hw_aep_err.c
deleted file mode 100644
index 092f532946c3..000000000000
--- a/crypto/openssl/crypto/engine/hw_aep_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* hw_aep_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_aep_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA AEPHK_str_functs[]=
-	{
-{ERR_PACK(0,AEPHK_F_AEP_CTRL,0),	"AEP_CTRL"},
-{ERR_PACK(0,AEPHK_F_AEP_FINISH,0),	"AEP_FINISH"},
-{ERR_PACK(0,AEPHK_F_AEP_GET_CONNECTION,0),	"AEP_GET_CONNECTION"},
-{ERR_PACK(0,AEPHK_F_AEP_INIT,0),	"AEP_INIT"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP,0),	"AEP_MOD_EXP"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP_CRT,0),	"AEP_MOD_EXP_CRT"},
-{ERR_PACK(0,AEPHK_F_AEP_RAND,0),	"AEP_RAND"},
-{ERR_PACK(0,AEPHK_F_AEP_RSA_MOD_EXP,0),	"AEP_RSA_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA AEPHK_str_reasons[]=
-	{
-{AEPHK_R_ALREADY_LOADED                  ,"already loaded"},
-{AEPHK_R_CLOSE_HANDLES_FAILED            ,"close handles failed"},
-{AEPHK_R_CONNECTIONS_IN_USE              ,"connections in use"},
-{AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{AEPHK_R_FINALIZE_FAILED                 ,"finalize failed"},
-{AEPHK_R_GET_HANDLE_FAILED               ,"get handle failed"},
-{AEPHK_R_GET_RANDOM_FAILED               ,"get random failed"},
-{AEPHK_R_INIT_FAILURE                    ,"init failure"},
-{AEPHK_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
-{AEPHK_R_MOD_EXP_CRT_FAILED              ,"mod exp crt failed"},
-{AEPHK_R_MOD_EXP_FAILED                  ,"mod exp failed"},
-{AEPHK_R_NOT_LOADED                      ,"not loaded"},
-{AEPHK_R_OK                              ,"ok"},
-{AEPHK_R_RETURN_CONNECTION_FAILED        ,"return connection failed"},
-{AEPHK_R_SETBNCALLBACK_FAILURE           ,"setbncallback failure"},
-{AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
-{AEPHK_R_UNIT_FAILURE                    ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef AEPHK_LIB_NAME
-static ERR_STRING_DATA AEPHK_lib_name[]=
-        {
-{0	,AEPHK_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int AEPHK_lib_error_code=0;
-static int AEPHK_error_init=1;
-
-static void ERR_load_AEPHK_strings(void)
-	{
-	if (AEPHK_lib_error_code == 0)
-		AEPHK_lib_error_code=ERR_get_next_error_library();
-
-	if (AEPHK_error_init)
-		{
-		AEPHK_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_functs);
-		ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
-		AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code,0,0);
-		ERR_load_strings(0,AEPHK_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_AEPHK_strings(void)
-	{
-	if (AEPHK_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_functs);
-		ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
-		ERR_unload_strings(0,AEPHK_lib_name);
-#endif
-		AEPHK_error_init=1;
-		}
-	}
-
-static void ERR_AEPHK_error(int function, int reason, char *file, int line)
-	{
-	if (AEPHK_lib_error_code == 0)
-		AEPHK_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(AEPHK_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_aep_err.h b/crypto/openssl/crypto/engine/hw_aep_err.h
deleted file mode 100644
index 8fe4cf921f06..000000000000
--- a/crypto/openssl/crypto/engine/hw_aep_err.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_AEPHK_ERR_H
-#define HEADER_AEPHK_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_AEPHK_strings(void);
-static void ERR_unload_AEPHK_strings(void);
-static void ERR_AEPHK_error(int function, int reason, char *file, int line);
-#define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the AEPHK functions. */
-
-/* Function codes. */
-#define AEPHK_F_AEP_CTRL				 100
-#define AEPHK_F_AEP_FINISH				 101
-#define AEPHK_F_AEP_GET_CONNECTION			 102
-#define AEPHK_F_AEP_INIT				 103
-#define AEPHK_F_AEP_MOD_EXP				 104
-#define AEPHK_F_AEP_MOD_EXP_CRT				 105
-#define AEPHK_F_AEP_RAND				 106
-#define AEPHK_F_AEP_RSA_MOD_EXP				 107
-
-/* Reason codes. */
-#define AEPHK_R_ALREADY_LOADED				 100
-#define AEPHK_R_CLOSE_HANDLES_FAILED			 101
-#define AEPHK_R_CONNECTIONS_IN_USE			 102
-#define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
-#define AEPHK_R_FINALIZE_FAILED				 104
-#define AEPHK_R_GET_HANDLE_FAILED			 105
-#define AEPHK_R_GET_RANDOM_FAILED			 106
-#define AEPHK_R_INIT_FAILURE				 107
-#define AEPHK_R_MISSING_KEY_COMPONENTS			 108
-#define AEPHK_R_MOD_EXP_CRT_FAILED			 109
-#define AEPHK_R_MOD_EXP_FAILED				 110
-#define AEPHK_R_NOT_LOADED				 111
-#define AEPHK_R_OK					 112
-#define AEPHK_R_RETURN_CONNECTION_FAILED		 113
-#define AEPHK_R_SETBNCALLBACK_FAILURE			 114
-#define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 116
-#define AEPHK_R_UNIT_FAILURE				 115
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_atalla.c b/crypto/openssl/crypto/engine/hw_atalla.c
deleted file mode 100644
index e9eff9fad11e..000000000000
--- a/crypto/openssl/crypto/engine/hw_atalla.c
+++ /dev/null
@@ -1,594 +0,0 @@
-/* crypto/engine/hw_atalla.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_ATALLA
-
-#ifdef FLAT_INC
-#include "atalla.h"
-#else
-#include "vendor_defns/atalla.h"
-#endif
-
-#define ATALLA_LIB_NAME "atalla engine"
-#include "hw_atalla_err.c"
-
-static int atalla_destroy(ENGINE *e);
-static int atalla_init(ENGINE *e);
-static int atalla_finish(ENGINE *e);
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* BIGNUM stuff */
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx);
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* The definitions for control commands specific to this engine */
-#define ATALLA_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
-	{ATALLA_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the 'atasi' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD atalla_rsa =
-	{
-	"Atalla RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	atalla_rsa_mod_exp,
-	atalla_mod_exp_mont,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD atalla_dsa =
-	{
-	"Atalla DSA method",
-	NULL, /* dsa_do_sign */
-	NULL, /* dsa_sign_setup */
-	NULL, /* dsa_do_verify */
-	atalla_dsa_mod_exp, /* dsa_mod_exp */
-	atalla_mod_exp_dsa, /* bn_mod_exp */
-	NULL, /* init */
-	NULL, /* finish */
-	0, /* flags */
-	NULL /* app_data */
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD atalla_dh =
-	{
-	"Atalla DH method",
-	NULL,
-	NULL,
-	atalla_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_atalla_id = "atalla";
-static const char *engine_atalla_name = "Atalla hardware engine support";
-
-/* This internal function is used by ENGINE_atalla() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
-	const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth3;
-#endif
-	if(!ENGINE_set_id(e, engine_atalla_id) ||
-			!ENGINE_set_name(e, engine_atalla_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &atalla_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(e, &atalla_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &atalla_dh) ||
-#endif
-			!ENGINE_set_destroy_function(e, atalla_destroy) ||
-			!ENGINE_set_init_function(e, atalla_init) ||
-			!ENGINE_set_finish_function(e, atalla_finish) ||
-			!ENGINE_set_ctrl_function(e, atalla_ctrl) ||
-			!ENGINE_set_cmd_defns(e, atalla_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the atalla-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1 = RSA_PKCS1_SSLeay();
-	atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-	atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-	atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
-	 * bits. */
-	meth2 = DSA_OpenSSL();
-	atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
-	atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
-	atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth3 = DH_OpenSSL();
-	atalla_dh.generate_key = meth3->generate_key;
-	atalla_dh.compute_key = meth3->compute_key;
-#endif
-
-	/* Ensure the atalla error handling is set up */
-	ERR_load_ATALLA_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_atalla(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_atalla(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_atalla();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the Atalla library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *atalla_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
-static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
-static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL;
-
-/* These are the static string constants for the DSO file name and the function
- * symbol names to bind to. Regrettably, the DSO name on *nix appears to be
- * "atasi.so" rather than something more consistent like "libatasi.so". At the
- * time of writing, I'm not sure what the file name on win32 is but clearly
- * native name translation is not possible (eg libatasi.so on *nix, and
- * atasi.dll on win32). For the purposes of testing, I have created a symbollic
- * link called "libatasi.so" so that we can use native name-translation - a
- * better solution will be needed. */
-static const char *ATALLA_LIBNAME = NULL;
-static const char *get_ATALLA_LIBNAME(void)
-	{
-		if(ATALLA_LIBNAME)
-			return ATALLA_LIBNAME;
-		return "atasi";
-	}
-static void free_ATALLA_LIBNAME(void)
-	{
-		if(ATALLA_LIBNAME)
-			OPENSSL_free((void*)ATALLA_LIBNAME);
-		ATALLA_LIBNAME = NULL;
-	}
-static long set_ATALLA_LIBNAME(const char *name)
-	{
-	free_ATALLA_LIBNAME();
-	return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
-static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
-static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
-
-/* Destructor (complements the "ENGINE_atalla()" constructor) */
-static int atalla_destroy(ENGINE *e)
-	{
-	free_ATALLA_LIBNAME();
-	/* Unload the atalla error strings so any error state including our
-	 * functs or reasons won't lead to a segfault (they simply get displayed
-	 * without corresponding string data because none will be found). */
-	ERR_unload_ATALLA_strings();
-	return 1;
-	}
-
-/* (de)initialisation functions. */
-static int atalla_init(ENGINE *e)
-	{
-	tfnASI_GetHardwareConfig *p1;
-	tfnASI_RSAPrivateKeyOpFn *p2;
-	tfnASI_GetPerformanceStatistics *p3;
-	/* Not sure of the origin of this magic value, but Ben's code had it
-	 * and it seemed to have been working for a few people. :-) */
-	unsigned int config_buf[1024];
-
-	if(atalla_dso != NULL)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be
-	 * changed unfortunately because the Atalla drivers don't have
-	 * standard library names that can be platform-translated well. */
-	/* TODO: Work out how to actually map to the names the Atalla
-	 * drivers really use - for now a symbollic link needs to be
-	 * created on the host system from libatasi.so to atasi.so on
-	 * unix variants. */
-	atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
-	if(atalla_dso == NULL)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
-		goto err;
-		}
-	if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func(
-				atalla_dso, ATALLA_F1)) ||
-			!(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func(
-				atalla_dso, ATALLA_F2)) ||
-			!(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func(
-				atalla_dso, ATALLA_F3)))
-		{
-		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
-		goto err;
-		}
-	/* Copy the pointers */
-	p_Atalla_GetHardwareConfig = p1;
-	p_Atalla_RSAPrivateKeyOpFn = p2;
-	p_Atalla_GetPerformanceStatistics = p3;
-	/* Perform a basic test to see if there's actually any unit
-	 * running. */
-	if(p1(0L, config_buf) != 0)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE);
-		goto err;
-		}
-	/* Everything's fine. */
-	return 1;
-err:
-	if(atalla_dso)
-		DSO_free(atalla_dso);
-	p_Atalla_GetHardwareConfig = NULL;
-	p_Atalla_RSAPrivateKeyOpFn = NULL;
-	p_Atalla_GetPerformanceStatistics = NULL;
-	return 0;
-	}
-
-static int atalla_finish(ENGINE *e)
-	{
-	free_ATALLA_LIBNAME();
-	if(atalla_dso == NULL)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(atalla_dso))
-		{
-		ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE);
-		return 0;
-		}
-	atalla_dso = NULL;
-	p_Atalla_GetHardwareConfig = NULL;
-	p_Atalla_RSAPrivateKeyOpFn = NULL;
-	p_Atalla_GetPerformanceStatistics = NULL;
-	return 1;
-	}
-
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((atalla_dso == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case ATALLA_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_ATALLA_LIBNAME((const char *)p);
-	default:
-		break;
-		}
-	ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *ctx)
-	{
-	/* I need somewhere to store temporary serialised values for
-	 * use with the Atalla API calls. A neat cheat - I'll use
-	 * BIGNUMs from the BN_CTX but access their arrays directly as
-	 * byte arrays <grin>. This way I don't have to clean anything
-	 * up. */
-	BIGNUM *modulus;
-	BIGNUM *exponent;
-	BIGNUM *argument;
-	BIGNUM *result;
-	RSAPrivateKey keydata;
-	int to_return, numbytes;
-
-	modulus = exponent = argument = result = NULL;
-	to_return = 0; /* expect failure */
-
-	if(!atalla_dso)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED);
-		goto err;
-		}
-	/* Prepare the params */
-	BN_CTX_start(ctx);
-	modulus = BN_CTX_get(ctx);
-	exponent = BN_CTX_get(ctx);
-	argument = BN_CTX_get(ctx);
-	result = BN_CTX_get(ctx);
-	if (!result)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL);
-		goto err;
-		}
-	if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
-	   !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top))
-		{
-		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL);
-		goto err;
-		}
-	/* Prepare the key-data */
-	memset(&keydata, 0,sizeof keydata);
-	numbytes = BN_num_bytes(m);
-	memset(exponent->d, 0, numbytes);
-	memset(modulus->d, 0, numbytes);
-	BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
-	BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
-	keydata.privateExponent.data = (unsigned char *)exponent->d;
-	keydata.privateExponent.len = numbytes;
-	keydata.modulus.data = (unsigned char *)modulus->d;
-	keydata.modulus.len = numbytes;
-	/* Prepare the argument */
-	memset(argument->d, 0, numbytes);
-	memset(result->d, 0, numbytes);
-	BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
-	/* Perform the operation */
-	if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
-			(unsigned char *)argument->d,
-			keydata.modulus.len) != 0)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED);
-		goto err;
-		}
-	/* Convert the response */
-	BN_bin2bn((unsigned char *)result->d, numbytes, r);
-	to_return = 1;
-err:
-	BN_CTX_end(ctx);
-	return to_return;
-	}
-
-#ifndef OPENSSL_NO_RSA
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	BN_CTX *ctx = NULL;
-	int to_return = 0;
-
-	if(!atalla_dso)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED);
-		goto err;
-		}
-	if((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if(!rsa->d || !rsa->n)
-		{
-		ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS);
-		goto err;
-		}
-	to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
-err:
-	if(ctx)
-		BN_CTX_free(ctx);
-	return to_return;
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
- * (it doesn't have a CRT form for RSA), this function means that an
- * Atalla system running with a DSA server certificate can handshake
- * around 5 or 6 times faster/more than an equivalent system running with
- * RSA. Just check out the "signs" statistics from the RSA and DSA parts
- * of "openssl speed -engine atalla dsa1024 rsa1024". */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BIGNUM t;
-	int to_return = 0;
- 
-	BN_init(&t);
-	/* let rr = a1 ^ p1 mod m */
-	if (!atalla_mod_exp(rr,a1,p1,m,ctx)) goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!atalla_mod_exp(&t,a2,p2,m,ctx)) goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
-	to_return = 1;
-end:
-	BN_free(&t);
-	return to_return;
-	}
-
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx)
-	{
-	return atalla_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return atalla_mod_exp(r, a, p, m, ctx);
-	}
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return atalla_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_atalla_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_ATALLA */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_atalla_err.c b/crypto/openssl/crypto/engine/hw_atalla_err.c
deleted file mode 100644
index 1df9c4570c57..000000000000
--- a/crypto/openssl/crypto/engine/hw_atalla_err.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* hw_atalla_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_atalla_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ATALLA_str_functs[]=
-	{
-{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0),	"ATALLA_CTRL"},
-{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0),	"ATALLA_FINISH"},
-{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0),	"ATALLA_INIT"},
-{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0),	"ATALLA_MOD_EXP"},
-{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0),	"ATALLA_RSA_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ATALLA_str_reasons[]=
-	{
-{ATALLA_R_ALREADY_LOADED                 ,"already loaded"},
-{ATALLA_R_BN_CTX_FULL                    ,"bn ctx full"},
-{ATALLA_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
-{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{ATALLA_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{ATALLA_R_NOT_LOADED                     ,"not loaded"},
-{ATALLA_R_REQUEST_FAILED                 ,"request failed"},
-{ATALLA_R_UNIT_FAILURE                   ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef ATALLA_LIB_NAME
-static ERR_STRING_DATA ATALLA_lib_name[]=
-        {
-{0	,ATALLA_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int ATALLA_lib_error_code=0;
-static int ATALLA_error_init=1;
-
-static void ERR_load_ATALLA_strings(void)
-	{
-	if (ATALLA_lib_error_code == 0)
-		ATALLA_lib_error_code=ERR_get_next_error_library();
-
-	if (ATALLA_error_init)
-		{
-		ATALLA_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_functs);
-		ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
-		ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code,0,0);
-		ERR_load_strings(0,ATALLA_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_ATALLA_strings(void)
-	{
-	if (ATALLA_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_functs);
-		ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
-		ERR_unload_strings(0,ATALLA_lib_name);
-#endif
-		ATALLA_error_init=1;
-		}
-	}
-
-static void ERR_ATALLA_error(int function, int reason, char *file, int line)
-	{
-	if (ATALLA_lib_error_code == 0)
-		ATALLA_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(ATALLA_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_atalla_err.h b/crypto/openssl/crypto/engine/hw_atalla_err.h
deleted file mode 100644
index cdac052d8c98..000000000000
--- a/crypto/openssl/crypto/engine/hw_atalla_err.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ATALLA_ERR_H
-#define HEADER_ATALLA_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_ATALLA_strings(void);
-static void ERR_unload_ATALLA_strings(void);
-static void ERR_ATALLA_error(int function, int reason, char *file, int line);
-#define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the ATALLA functions. */
-
-/* Function codes. */
-#define ATALLA_F_ATALLA_CTRL				 100
-#define ATALLA_F_ATALLA_FINISH				 101
-#define ATALLA_F_ATALLA_INIT				 102
-#define ATALLA_F_ATALLA_MOD_EXP				 103
-#define ATALLA_F_ATALLA_RSA_MOD_EXP			 104
-
-/* Reason codes. */
-#define ATALLA_R_ALREADY_LOADED				 100
-#define ATALLA_R_BN_CTX_FULL				 101
-#define ATALLA_R_BN_EXPAND_FAIL				 102
-#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
-#define ATALLA_R_MISSING_KEY_COMPONENTS			 104
-#define ATALLA_R_NOT_LOADED				 105
-#define ATALLA_R_REQUEST_FAILED				 106
-#define ATALLA_R_UNIT_FAILURE				 107
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_cryptodev.c b/crypto/openssl/crypto/engine/hw_cryptodev.c
deleted file mode 100644
index 40af97ac248b..000000000000
--- a/crypto/openssl/crypto/engine/hw_cryptodev.c
+++ /dev/null
@@ -1,1132 +0,0 @@
-/*
- * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
- * Copyright (c) 2002 Theo de Raadt
- * Copyright (c) 2002 Markus Friedl
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the author nor the names of contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-
-#if (defined(__unix__) || defined(unix)) && !defined(USG)
-#include <sys/param.h>
-# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
-# define HAVE_CRYPTODEV
-# endif
-# if (OpenBSD >= 200110)
-# define HAVE_SYSLOG_R
-# endif
-#endif
-
-#ifndef HAVE_CRYPTODEV
-
-void
-ENGINE_load_cryptodev(void)
-{
-	/* This is a NOP on platforms without /dev/crypto */
-	return;
-}
-
-#else 
-
-#include <sys/types.h>
-#include <crypto/cryptodev.h>
-#include <sys/ioctl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <stdarg.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-
-struct dev_crypto_state {
-	struct session_op d_sess;
-	int d_fd;
-};
-
-static u_int32_t cryptodev_asymfeat = 0;
-
-static int get_asym_dev_crypto(void);
-static int open_dev_crypto(void);
-static int get_dev_crypto(void);
-static int cryptodev_max_iv(int cipher);
-static int cryptodev_key_length_valid(int cipher, int len);
-static int cipher_nid_to_cryptodev(int nid);
-static int get_cryptodev_ciphers(const int **cnids);
-static int get_cryptodev_digests(const int **cnids);
-static int cryptodev_usable_ciphers(const int **nids);
-static int cryptodev_usable_digests(const int **nids);
-static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, unsigned int inl);
-static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
-static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-    const int **nids, int nid);
-static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
-    const int **nids, int nid);
-static int bn2crparam(const BIGNUM *a, struct crparam *crp);
-static int crparam2bn(struct crparam *crp, BIGNUM *a);
-static void zapparams(struct crypt_kop *kop);
-static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
-    int slen, BIGNUM *s);
-
-static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
-    RSA *rsa);
-static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
-    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
-    BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
-    BN_CTX *ctx, BN_MONT_CTX *mont);
-static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
-    int dlen, DSA *dsa);
-static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
-    DSA_SIG *sig, DSA *dsa);
-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-    BN_MONT_CTX *m_ctx);
-static int cryptodev_dh_compute_key(unsigned char *key,
-    const BIGNUM *pub_key, DH *dh);
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
-    void (*f)());
-void ENGINE_load_cryptodev(void);
-
-static const ENGINE_CMD_DEFN cryptodev_defns[] = {
-	{ 0, NULL, NULL, 0 }
-};
-
-static struct {
-	int	id;
-	int	nid;
-	int	ivmax;
-	int	keylen;
-} ciphers[] = {
-	{ CRYPTO_DES_CBC,		NID_des_cbc,		8,	 8, },
-	{ CRYPTO_3DES_CBC,		NID_des_ede3_cbc,	8,	24, },
-	{ CRYPTO_AES_CBC,		NID_aes_128_cbc,	16,	16, },
-	{ CRYPTO_BLF_CBC,		NID_bf_cbc,		8,	16, },
-	{ CRYPTO_CAST_CBC,		NID_cast5_cbc,		8,	16, },
-	{ CRYPTO_SKIPJACK_CBC,		NID_undef,		0,	 0, },
-	{ 0,				NID_undef,		0,	 0, },
-};
-
-static struct {
-	int	id;
-	int	nid;
-} digests[] = {
-	{ CRYPTO_SHA1_HMAC,		NID_hmacWithSHA1,	},
-	{ CRYPTO_RIPEMD160_HMAC,	NID_ripemd160,		},
-	{ CRYPTO_MD5_KPDK,		NID_undef,		},
-	{ CRYPTO_SHA1_KPDK,		NID_undef,		},
-	{ CRYPTO_MD5,			NID_md5,		},
-	{ CRYPTO_SHA1,			NID_undef,		},
-	{ 0,				NID_undef,		},
-};
-
-/*
- * Return a fd if /dev/crypto seems usable, 0 otherwise.
- */
-static int
-open_dev_crypto(void)
-{
-	static int fd = -1;
-
-	if (fd == -1) {
-		if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
-			return (-1);
-		/* close on exec */
-		if (fcntl(fd, F_SETFD, 1) == -1) {
-			close(fd);
-			fd = -1;
-			return (-1);
-		}
-	}
-	return (fd);
-}
-
-static int
-get_dev_crypto(void)
-{
-	int fd, retfd;
-
-	if ((fd = open_dev_crypto()) == -1)
-		return (-1);
-	if (ioctl(fd, CRIOGET, &retfd) == -1)
-		return (-1);
-
-	/* close on exec */
-	if (fcntl(retfd, F_SETFD, 1) == -1) {
-		close(retfd);
-		return (-1);
-	}
-	return (retfd);
-}
-
-/* Caching version for asym operations */
-static int
-get_asym_dev_crypto(void)
-{
-	static int fd = -1;
-
-	if (fd == -1)
-		fd = get_dev_crypto();
-	return fd;
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card.
- */
-static int
-cryptodev_max_iv(int cipher)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].id == cipher)
-			return (ciphers[i].ivmax);
-	return (0);
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card. For now, fake it out - but most of these
- * for real devices should return 1 for the supported key
- * sizes the device can handle.
- */
-static int
-cryptodev_key_length_valid(int cipher, int len)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].id == cipher)
-			return (ciphers[i].keylen == len);
-	return (0);
-}
-
-/* convert libcrypto nids to cryptodev */
-static int
-cipher_nid_to_cryptodev(int nid)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].nid == nid)
-			return (ciphers[i].id);
-	return (0);
-}
-
-/*
- * Find out what ciphers /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_ciphers routine
- */
-static int
-get_cryptodev_ciphers(const int **cnids)
-{
-	static int nids[CRYPTO_ALGORITHM_MAX];
-	struct session_op sess;
-	int fd, i, count = 0;
-
-	if ((fd = get_dev_crypto()) < 0) {
-		*nids = NULL;
-		return (0);
-	}
-	memset(&sess, 0, sizeof(sess));
-	sess.key = (caddr_t)"123456781234567812345678";
-
-	for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
-		if (ciphers[i].nid == NID_undef)
-			continue;
-		sess.cipher = ciphers[i].id;
-		sess.keylen = ciphers[i].keylen;
-		sess.mac = 0;
-		if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
-		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
-			nids[count++] = ciphers[i].nid;
-	}
-	close(fd);
-
-	if (count > 0)
-		*cnids = nids;
-	else
-		*cnids = NULL;
-	return (count);
-}
-
-/*
- * Find out what digests /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_digests routine
- */
-static int
-get_cryptodev_digests(const int **cnids)
-{
-	static int nids[CRYPTO_ALGORITHM_MAX];
-	struct session_op sess;
-	int fd, i, count = 0;
-
-	if ((fd = get_dev_crypto()) < 0) {
-		*nids = NULL;
-		return (0);
-	}
-	memset(&sess, 0, sizeof(sess));
-	for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
-		if (digests[i].nid == NID_undef)
-			continue;
-		sess.mac = digests[i].id;
-		sess.cipher = 0;
-		if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
-		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
-			nids[count++] = digests[i].nid;
-	}
-	close(fd);
-
-	if (count > 0)
-		*cnids = nids;
-	else
-		*cnids = NULL;
-	return (count);
-}
-
-/*
- * Find the useable ciphers|digests from dev/crypto - this is the first
- * thing called by the engine init crud which determines what it
- * can use for ciphers from this engine. We want to return
- * only what we can do, anythine else is handled by software.
- *
- * If we can't initialize the device to do anything useful for
- * any reason, we want to return a NULL array, and 0 length,
- * which forces everything to be done is software. By putting
- * the initalization of the device in here, we ensure we can
- * use this engine as the default, and if for whatever reason
- * /dev/crypto won't do what we want it will just be done in
- * software
- *
- * This can (should) be greatly expanded to perhaps take into
- * account speed of the device, and what we want to do.
- * (although the disabling of particular alg's could be controlled
- * by the device driver with sysctl's.) - this is where we
- * want most of the decisions made about what we actually want
- * to use from /dev/crypto.
- */
-static int
-cryptodev_usable_ciphers(const int **nids)
-{
-	return (get_cryptodev_ciphers(nids));
-}
-
-static int
-cryptodev_usable_digests(const int **nids)
-{
-	/*
-	 * XXXX just disable all digests for now, because it sucks.
-	 * we need a better way to decide this - i.e. I may not
-	 * want digests on slow cards like hifn on fast machines,
-	 * but might want them on slow or loaded machines, etc.
-	 * will also want them when using crypto cards that don't
-	 * suck moose gonads - would be nice to be able to decide something
-	 * as reasonable default without having hackery that's card dependent.
-	 * of course, the default should probably be just do everything,
-	 * with perhaps a sysctl to turn algoritms off (or have them off
-	 * by default) on cards that generally suck like the hifn.
-	 */
-	*nids = NULL;
-	return (0);
-}
-
-static int
-cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, unsigned int inl)
-{
-	struct crypt_op cryp;
-	struct dev_crypto_state *state = ctx->cipher_data;
-	struct session_op *sess = &state->d_sess;
-	void *iiv;
-	unsigned char save_iv[EVP_MAX_IV_LENGTH];
-
-	if (state->d_fd < 0)
-		return (0);
-	if (!inl)
-		return (1);
-	if ((inl % ctx->cipher->block_size) != 0)
-		return (0);
-
-	memset(&cryp, 0, sizeof(cryp));
-
-	cryp.ses = sess->ses;
-	cryp.flags = 0;
-	cryp.len = inl;
-	cryp.src = (caddr_t) in;
-	cryp.dst = (caddr_t) out;
-	cryp.mac = 0;
-
-	cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-
-	if (ctx->cipher->iv_len) {
-		cryp.iv = (caddr_t) ctx->iv;
-		if (!ctx->encrypt) {
-			iiv = (void *) in + inl - ctx->cipher->iv_len;
-			memcpy(save_iv, iiv, ctx->cipher->iv_len);
-		}
-	} else
-		cryp.iv = NULL;
-
-	if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
-		/* XXX need better errror handling
-		 * this can fail for a number of different reasons.
-		 */
-		return (0);
-	}
-
-	if (ctx->cipher->iv_len) {
-		if (ctx->encrypt)
-			iiv = (void *) out + inl - ctx->cipher->iv_len;
-		else
-			iiv = save_iv;
-		memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
-	}
-	return (1);
-}
-
-static int
-cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	struct dev_crypto_state *state = ctx->cipher_data;
-	struct session_op *sess = &state->d_sess;
-	int cipher;
-
-	if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
-		return (0);
-
-	if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
-		return (0);
-
-	if (!cryptodev_key_length_valid(cipher, ctx->key_len))
-		return (0);
-
-	memset(sess, 0, sizeof(struct session_op));
-
-	if ((state->d_fd = get_dev_crypto()) < 0)
-		return (0);
-
-	sess->key = (unsigned char *)key;
-	sess->keylen = ctx->key_len;
-	sess->cipher = cipher;
-
-	if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
-		close(state->d_fd);
-		state->d_fd = -1;
-		return (0);
-	}
-	return (1);
-}
-
-/*
- * free anything we allocated earlier when initting a
- * session, and close the session.
- */
-static int
-cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
-{
-	int ret = 0;
-	struct dev_crypto_state *state = ctx->cipher_data;
-	struct session_op *sess = &state->d_sess;
-
-	if (state->d_fd < 0)
-		return (0);
-
-	/* XXX if this ioctl fails, someting's wrong. the invoker
-	 * may have called us with a bogus ctx, or we could
-	 * have a device that for whatever reason just doesn't
-	 * want to play ball - it's not clear what's right
-	 * here - should this be an error? should it just
-	 * increase a counter, hmm. For right now, we return
-	 * 0 - I don't believe that to be "right". we could
-	 * call the gorpy openssl lib error handlers that
-	 * print messages to users of the library. hmm..
-	 */
-
-	if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
-		ret = 0;
-	} else {
-		ret = 1;
-	}
-	close(state->d_fd);
-	state->d_fd = -1;
-
-	return (ret);
-}
-
-/*
- * libcrypto EVP stuff - this is how we get wired to EVP so the engine
- * gets called when libcrypto requests a cipher NID.
- */
-
-/* DES CBC EVP */
-const EVP_CIPHER cryptodev_des_cbc = {
-	NID_des_cbc,
-	8, 8, 8,
-	EVP_CIPH_CBC_MODE,
-	cryptodev_init_key,
-	cryptodev_cipher,
-	cryptodev_cleanup,
-	sizeof(struct dev_crypto_state),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-};
-
-/* 3DES CBC EVP */
-const EVP_CIPHER cryptodev_3des_cbc = {
-	NID_des_ede3_cbc,
-	8, 24, 8,
-	EVP_CIPH_CBC_MODE,
-	cryptodev_init_key,
-	cryptodev_cipher,
-	cryptodev_cleanup,
-	sizeof(struct dev_crypto_state),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-};
-
-const EVP_CIPHER cryptodev_bf_cbc = {
-	NID_bf_cbc,
-	8, 16, 8,
-	EVP_CIPH_CBC_MODE,
-	cryptodev_init_key,
-	cryptodev_cipher,
-	cryptodev_cleanup,
-	sizeof(struct dev_crypto_state),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-};
-
-const EVP_CIPHER cryptodev_cast_cbc = {
-	NID_cast5_cbc,
-	8, 16, 8,
-	EVP_CIPH_CBC_MODE,
-	cryptodev_init_key,
-	cryptodev_cipher,
-	cryptodev_cleanup,
-	sizeof(struct dev_crypto_state),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-};
-
-const EVP_CIPHER cryptodev_aes_cbc = {
-	NID_aes_128_cbc,
-	16, 16, 16,
-	EVP_CIPH_CBC_MODE,
-	cryptodev_init_key,
-	cryptodev_cipher,
-	cryptodev_cleanup,
-	sizeof(struct dev_crypto_state),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-};
-
-/*
- * Registered by the ENGINE when used to find out how to deal with
- * a particular NID in the ENGINE. this says what we'll do at the
- * top level - note, that list is restricted by what we answer with
- */
-static int
-cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-    const int **nids, int nid)
-{
-	if (!cipher)
-		return (cryptodev_usable_ciphers(nids));
-
-	switch (nid) {
-	case NID_des_ede3_cbc:
-		*cipher = &cryptodev_3des_cbc;
-		break;
-	case NID_des_cbc:
-		*cipher = &cryptodev_des_cbc;
-		break;
-	case NID_bf_cbc:
-		*cipher = &cryptodev_bf_cbc;
-		break;
-	case NID_cast5_cbc:
-		*cipher = &cryptodev_cast_cbc;
-		break;
-	case NID_aes_128_cbc:
-		*cipher = &cryptodev_aes_cbc;
-		break;
-	default:
-		*cipher = NULL;
-		break;
-	}
-	return (*cipher != NULL);
-}
-
-static int
-cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
-    const int **nids, int nid)
-{
-	if (!digest)
-		return (cryptodev_usable_digests(nids));
-
-	switch (nid) {
-	case NID_md5:
-		*digest = NULL; /* need to make a clean md5 critter */
-		break;
-	default:
-		*digest = NULL;
-		break;
-	}
-	return (*digest != NULL);
-}
-
-/*
- * Convert a BIGNUM to the representation that /dev/crypto needs.
- * Upon completion of use, the caller is responsible for freeing
- * crp->crp_p.
- */
-static int
-bn2crparam(const BIGNUM *a, struct crparam *crp)
-{
-	int i, j, k;
-	ssize_t words, bytes, bits;
-	u_char *b;
-
-	crp->crp_p = NULL;
-	crp->crp_nbits = 0;
-
-	bits = BN_num_bits(a);
-	bytes = (bits + 7) / 8;
-
-	b = malloc(bytes);
-	if (b == NULL)
-		return (1);
-
-	crp->crp_p = b;
-	crp->crp_nbits = bits;
-
-	for (i = 0, j = 0; i < a->top; i++) {
-		for (k = 0; k < BN_BITS2 / 8; k++) {
-			if ((j + k) >= bytes)
-				return (0);
-			b[j + k] = a->d[i] >> (k * 8);
-		}
-		j += BN_BITS2 / 8;
-	}
-	return (0);
-}
-
-/* Convert a /dev/crypto parameter to a BIGNUM */
-static int
-crparam2bn(struct crparam *crp, BIGNUM *a)
-{
-	u_int8_t *pd;
-	int i, bytes;
-
-	bytes = (crp->crp_nbits + 7) / 8;
-
-	if (bytes == 0)
-		return (-1);
-
-	if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
-		return (-1);
-
-	for (i = 0; i < bytes; i++)
-		pd[i] = crp->crp_p[bytes - i - 1];
-
-	BN_bin2bn(pd, bytes, a);
-	free(pd);
-
-	return (0);
-}
-
-static void
-zapparams(struct crypt_kop *kop)
-{
-	int i;
-
-	for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
-		if (kop->crk_param[i].crp_p)
-			free(kop->crk_param[i].crp_p);
-		kop->crk_param[i].crp_p = NULL;
-		kop->crk_param[i].crp_nbits = 0;
-	}
-}
-
-static int
-cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
-{
-	int fd, ret = -1;
-
-	if ((fd = get_asym_dev_crypto()) < 0)
-		return (ret);
-
-	if (r) {
-		kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
-		kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
-		kop->crk_oparams++;
-	}
-	if (s) {
-		kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char));
-		kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
-		kop->crk_oparams++;
-	}
-
-	if (ioctl(fd, CIOCKEY, kop) == 0) {
-		if (r)
-			crparam2bn(&kop->crk_param[kop->crk_iparams], r);
-		if (s)
-			crparam2bn(&kop->crk_param[kop->crk_iparams+1], s);
-		ret = 0;
-	}
-
-	return (ret);
-}
-
-static int
-cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-	struct crypt_kop kop;
-	int ret = 1;
-
-	/* Currently, we know we can do mod exp iff we can do any
-	 * asymmetric operations at all.
-	 */
-	if (cryptodev_asymfeat == 0) {
-		ret = BN_mod_exp(r, a, p, m, ctx);
-		return (ret);
-	}
-
-	memset(&kop, 0, sizeof kop);
-	kop.crk_op = CRK_MOD_EXP;
-
-	/* inputs: a^p % m */
-	if (bn2crparam(a, &kop.crk_param[0]))
-		goto err;
-	if (bn2crparam(p, &kop.crk_param[1]))
-		goto err;
-	if (bn2crparam(m, &kop.crk_param[2]))
-		goto err;
-	kop.crk_iparams = 3;
-
-	if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
-		const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-		ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
-	}
-err:
-	zapparams(&kop);
-	return (ret);
-}
-
-static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-{
-	int r;
-	BN_CTX *ctx;
-
-	ctx = BN_CTX_new();
-	r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
-	BN_CTX_free(ctx);
-	return (r);
-}
-
-static int
-cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-{
-	struct crypt_kop kop;
-	int ret = 1;
-
-	if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
-		/* XXX 0 means failure?? */
-		return (0);
-	}
-
-	memset(&kop, 0, sizeof kop);
-	kop.crk_op = CRK_MOD_EXP_CRT;
-	/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
-	if (bn2crparam(rsa->p, &kop.crk_param[0]))
-		goto err;
-	if (bn2crparam(rsa->q, &kop.crk_param[1]))
-		goto err;
-	if (bn2crparam(I, &kop.crk_param[2]))
-		goto err;
-	if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
-		goto err;
-	if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
-		goto err;
-	if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
-		goto err;
-	kop.crk_iparams = 6;
-
-	if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
-		const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-		ret = (*meth->rsa_mod_exp)(r0, I, rsa);
-	}
-err:
-	zapparams(&kop);
-	return (ret);
-}
-
-static RSA_METHOD cryptodev_rsa = {
-	"cryptodev RSA method",
-	NULL,				/* rsa_pub_enc */
-	NULL,				/* rsa_pub_dec */
-	NULL,				/* rsa_priv_enc */
-	NULL,				/* rsa_priv_dec */
-	NULL,
-	NULL,
-	NULL,				/* init */
-	NULL,				/* finish */
-	0,				/* flags */
-	NULL,				/* app_data */
-	NULL,				/* rsa_sign */
-	NULL				/* rsa_verify */
-};
-
-static int
-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-	return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
-    BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
-    BN_CTX *ctx, BN_MONT_CTX *mont)
-{
-	BIGNUM t2;
-	int ret = 0;
-
-	BN_init(&t2);
-
-	/* v = ( g^u1 * y^u2 mod p ) mod q */
-	/* let t1 = g ^ u1 mod p */
-	ret = 0;
-
-	if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont))
-		goto err;
-
-	/* let t2 = y ^ u2 mod p */
-	if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont))
-		goto err;
-	/* let u1 = t1 * t2 mod p */
-	if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx))
-		goto err;
-
-	BN_copy(t1,u1);
-
-	ret = 1;
-err:
-	BN_free(&t2);
-	return(ret);
-}
-
-static DSA_SIG *
-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-	struct crypt_kop kop;
-	BIGNUM *r = NULL, *s = NULL;
-	DSA_SIG *dsaret = NULL;
-
-	if ((r = BN_new()) == NULL)
-		goto err;
-	if ((s = BN_new()) == NULL) {
-		BN_free(r);
-		goto err;
-	}
-
-	printf("bar\n");
-	memset(&kop, 0, sizeof kop);
-	kop.crk_op = CRK_DSA_SIGN;
-
-	/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
-	kop.crk_param[0].crp_p = (caddr_t)dgst;
-	kop.crk_param[0].crp_nbits = dlen * 8;
-	if (bn2crparam(dsa->p, &kop.crk_param[1]))
-		goto err;
-	if (bn2crparam(dsa->q, &kop.crk_param[2]))
-		goto err;
-	if (bn2crparam(dsa->g, &kop.crk_param[3]))
-		goto err;
-	if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
-		goto err;
-	kop.crk_iparams = 5;
-
-	if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
-	    BN_num_bytes(dsa->q), s) == 0) {
-		dsaret = DSA_SIG_new();
-		dsaret->r = r;
-		dsaret->s = s;
-	} else {
-		const DSA_METHOD *meth = DSA_OpenSSL();
-		BN_free(r);
-		BN_free(s);
-		dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
-	}
-err:
-	kop.crk_param[0].crp_p = NULL;
-	zapparams(&kop);
-	return (dsaret);
-}
-
-static int
-cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
-    DSA_SIG *sig, DSA *dsa)
-{
-	struct crypt_kop kop;
-	int dsaret = 1;
-
-	memset(&kop, 0, sizeof kop);
-	kop.crk_op = CRK_DSA_VERIFY;
-
-	/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
-	kop.crk_param[0].crp_p = (caddr_t)dgst;
-	kop.crk_param[0].crp_nbits = dlen * 8;
-	if (bn2crparam(dsa->p, &kop.crk_param[1]))
-		goto err;
-	if (bn2crparam(dsa->q, &kop.crk_param[2]))
-		goto err;
-	if (bn2crparam(dsa->g, &kop.crk_param[3]))
-		goto err;
-	if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
-		goto err;
-	if (bn2crparam(sig->r, &kop.crk_param[5]))
-		goto err;
-	if (bn2crparam(sig->s, &kop.crk_param[6]))
-		goto err;
-	kop.crk_iparams = 7;
-
-	if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
-		dsaret = kop.crk_status;
-	} else {
-		const DSA_METHOD *meth = DSA_OpenSSL();
-
-		dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
-	}
-err:
-	kop.crk_param[0].crp_p = NULL;
-	zapparams(&kop);
-	return (dsaret);
-}
-
-static DSA_METHOD cryptodev_dsa = {
-	"cryptodev DSA method",
-	NULL,
-	NULL,				/* dsa_sign_setup */
-	NULL,
-	NULL,				/* dsa_mod_exp */
-	NULL,
-	NULL,				/* init */
-	NULL,				/* finish */
-	0,	/* flags */
-	NULL	/* app_data */
-};
-
-static int
-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-    BN_MONT_CTX *m_ctx)
-{
-	return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-	struct crypt_kop kop;
-	int dhret = 1;
-	int fd, keylen;
-
-	if ((fd = get_asym_dev_crypto()) < 0) {
-		const DH_METHOD *meth = DH_OpenSSL();
-
-		return ((meth->compute_key)(key, pub_key, dh));
-	}
-
-	keylen = BN_num_bits(dh->p);
-
-	memset(&kop, 0, sizeof kop);
-	kop.crk_op = CRK_DH_COMPUTE_KEY;
-
-	/* inputs: dh->priv_key pub_key dh->p key */
-	if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
-		goto err;
-	if (bn2crparam(pub_key, &kop.crk_param[1]))
-		goto err;
-	if (bn2crparam(dh->p, &kop.crk_param[2]))
-		goto err;
-	kop.crk_iparams = 3;
-
-	kop.crk_param[3].crp_p = key;
-	kop.crk_param[3].crp_nbits = keylen * 8;
-	kop.crk_oparams = 1;
-
-	if (ioctl(fd, CIOCKEY, &kop) == -1) {
-		const DH_METHOD *meth = DH_OpenSSL();
-
-		dhret = (meth->compute_key)(key, pub_key, dh);
-	}
-err:
-	kop.crk_param[3].crp_p = NULL;
-	zapparams(&kop);
-	return (dhret);
-}
-
-static DH_METHOD cryptodev_dh = {
-	"cryptodev DH method",
-	NULL,				/* cryptodev_dh_generate_key */
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	0,	/* flags */
-	NULL	/* app_data */
-};
-
-/*
- * ctrl right now is just a wrapper that doesn't do much
- * but I expect we'll want some options soon.
- */
-static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-{
-#ifdef HAVE_SYSLOG_R
-	struct syslog_data sd = SYSLOG_DATA_INIT;
-#endif
-
-	switch (cmd) {
-	default:
-#ifdef HAVE_SYSLOG_R
-		syslog_r(LOG_ERR, &sd,
-		    "cryptodev_ctrl: unknown command %d", cmd);
-#else
-		syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
-#endif
-		break;
-	}
-	return (1);
-}
-
-void
-ENGINE_load_cryptodev(void)
-{
-	ENGINE *engine = ENGINE_new();
-	int fd;
-
-	if (engine == NULL)
-		return;
-	if ((fd = get_dev_crypto()) < 0)
-		return;
-
-	/*
-	 * find out what asymmetric crypto algorithms we support
-	 */
-	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
-		close(fd);
-		return;
-	}
-	close(fd);
-
-	if (!ENGINE_set_id(engine, "cryptodev") ||
-	    !ENGINE_set_name(engine, "BSD cryptodev engine") ||
-	    !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
-	    !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
-	    !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
-	    !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
-		ENGINE_free(engine);
-		return;
-	}
-
-	if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
-		const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
-
-		cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
-		cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
-		cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
-		cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
-		cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
-		cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
-		if (cryptodev_asymfeat & CRF_MOD_EXP) {
-			cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
-			if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
-				cryptodev_rsa.rsa_mod_exp =
-				    cryptodev_rsa_mod_exp;
-			else
-				cryptodev_rsa.rsa_mod_exp =
-				    cryptodev_rsa_nocrt_mod_exp;
-		}
-	}
-
-	if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
-		const DSA_METHOD *meth = DSA_OpenSSL();
-
-		memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
-		if (cryptodev_asymfeat & CRF_DSA_SIGN)
-			cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
-		if (cryptodev_asymfeat & CRF_MOD_EXP) {
-			cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
-			cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
-		}
-		if (cryptodev_asymfeat & CRF_DSA_VERIFY)
-			cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
-	}
-
-	if (ENGINE_set_DH(engine, &cryptodev_dh)){
-		const DH_METHOD *dh_meth = DH_OpenSSL();
-
-		cryptodev_dh.generate_key = dh_meth->generate_key;
-		cryptodev_dh.compute_key = dh_meth->compute_key;
-		cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
-		if (cryptodev_asymfeat & CRF_MOD_EXP) {
-			cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
-			if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
-				cryptodev_dh.compute_key =
-				    cryptodev_dh_compute_key;
-		}
-	}
-
-	ENGINE_add(engine);
-	ENGINE_free(engine);
-	ERR_clear_error();
-}
-
-#endif /* HAVE_CRYPTODEV */
diff --git a/crypto/openssl/crypto/engine/hw_cswift.c b/crypto/openssl/crypto/engine/hw_cswift.c
deleted file mode 100644
index f128ee5a68d9..000000000000
--- a/crypto/openssl/crypto/engine/hw_cswift.c
+++ /dev/null
@@ -1,997 +0,0 @@
-/* crypto/engine/hw_cswift.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_CSWIFT
-
-/* Attribution notice: Rainbow have generously allowed me to reproduce
- * the necessary definitions here from their API. This means the support
- * can build independently of whether application builders have the
- * API or hardware. This will allow developers to easily produce software
- * that has latent hardware support for any users that have accelerators
- * installed, without the developers themselves needing anything extra.
- *
- * I have only clipped the parts from the CryptoSwift header files that
- * are (or seem) relevant to the CryptoSwift support code. This is
- * simply to keep the file sizes reasonable.
- * [Geoff]
- */
-#ifdef FLAT_INC
-#include "cswift.h"
-#else
-#include "vendor_defns/cswift.h"
-#endif
-
-#define CSWIFT_LIB_NAME "cswift engine"
-#include "hw_cswift_err.c"
-
-static int cswift_destroy(ENGINE *e);
-static int cswift_init(ENGINE *e);
-static int cswift_finish(ENGINE *e);
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* BIGNUM stuff */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx);
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
-		const BIGNUM *iqmp, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
-				DSA_SIG *sig, DSA *dsa);
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* RAND stuff */
-static int cswift_rand_bytes(unsigned char *buf, int num);
-static int cswift_rand_status(void);
-
-/* The definitions for control commands specific to this engine */
-#define CSWIFT_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
-	{CSWIFT_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the 'cswift' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD cswift_rsa =
-	{
-	"CryptoSwift RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	cswift_rsa_mod_exp,
-	cswift_mod_exp_mont,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD cswift_dsa =
-	{
-	"CryptoSwift DSA method",
-	cswift_dsa_sign,
-	NULL, /* dsa_sign_setup */
-	cswift_dsa_verify,
-	NULL, /* dsa_mod_exp */
-	NULL, /* bn_mod_exp */
-	NULL, /* init */
-	NULL, /* finish */
-	0, /* flags */
-	NULL /* app_data */
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD cswift_dh =
-	{
-	"CryptoSwift DH method",
-	NULL,
-	NULL,
-	cswift_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-static RAND_METHOD cswift_random =
-    {
-    /* "CryptoSwift RAND method", */
-    NULL,
-    cswift_rand_bytes,
-    NULL,
-    NULL,
-    cswift_rand_bytes,
-    cswift_rand_status,
-    };
-
-
-/* Constants used when creating the ENGINE */
-static const char *engine_cswift_id = "cswift";
-static const char *engine_cswift_name = "CryptoSwift hardware engine support";
-
-/* This internal function is used by ENGINE_cswift() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth2;
-#endif
-	if(!ENGINE_set_id(e, engine_cswift_id) ||
-			!ENGINE_set_name(e, engine_cswift_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &cswift_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(e, &cswift_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &cswift_dh) ||
-#endif
-			!ENGINE_set_RAND(e, &cswift_random) ||
-			!ENGINE_set_destroy_function(e, cswift_destroy) ||
-			!ENGINE_set_init_function(e, cswift_init) ||
-			!ENGINE_set_finish_function(e, cswift_finish) ||
-			!ENGINE_set_ctrl_function(e, cswift_ctrl) ||
-			!ENGINE_set_cmd_defns(e, cswift_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the cswift-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1 = RSA_PKCS1_SSLeay();
-	cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-	cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-	cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth2 = DH_OpenSSL();
-	cswift_dh.generate_key = meth2->generate_key;
-	cswift_dh.compute_key = meth2->compute_key;
-#endif
-
-	/* Ensure the cswift error handling is set up */
-	ERR_load_CSWIFT_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_cswift(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_cswift(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_cswift();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the CryptoSwift library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *cswift_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
-t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
-t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
-t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
-
-/* Used in the DSO operations. */
-static const char *CSWIFT_LIBNAME = NULL;
-static const char *get_CSWIFT_LIBNAME(void)
-	{
-	if(CSWIFT_LIBNAME)
-		return CSWIFT_LIBNAME;
-	return "swift";
-	}
-static void free_CSWIFT_LIBNAME(void)
-	{
-	if(CSWIFT_LIBNAME)
-		OPENSSL_free((void*)CSWIFT_LIBNAME);
-	CSWIFT_LIBNAME = NULL;
-	}
-static long set_CSWIFT_LIBNAME(const char *name)
-	{
-	free_CSWIFT_LIBNAME();
-	return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-static const char *CSWIFT_F1 = "swAcquireAccContext";
-static const char *CSWIFT_F2 = "swAttachKeyParam";
-static const char *CSWIFT_F3 = "swSimpleRequest";
-static const char *CSWIFT_F4 = "swReleaseAccContext";
-
-
-/* CryptoSwift library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there. */
-
-/* utility function to obtain a context */
-static int get_context(SW_CONTEXT_HANDLE *hac)
-	{
-        SW_STATUS status;
- 
-        status = p_CSwift_AcquireAccContext(hac);
-        if(status != SW_OK)
-                return 0;
-        return 1;
-	}
- 
-/* similarly to release one. */
-static void release_context(SW_CONTEXT_HANDLE hac)
-	{
-        p_CSwift_ReleaseAccContext(hac);
-	}
-
-/* Destructor (complements the "ENGINE_cswift()" constructor) */
-static int cswift_destroy(ENGINE *e)
-	{
-	free_CSWIFT_LIBNAME();
-	ERR_unload_CSWIFT_strings();
-	return 1;
-	}
-
-/* (de)initialisation functions. */
-static int cswift_init(ENGINE *e)
-	{
-        SW_CONTEXT_HANDLE hac;
-        t_swAcquireAccContext *p1;
-        t_swAttachKeyParam *p2;
-        t_swSimpleRequest *p3;
-        t_swReleaseAccContext *p4;
-
-	if(cswift_dso != NULL)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* Attempt to load libswift.so/swift.dll/whatever. */
-	cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
-	if(cswift_dso == NULL)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
-		goto err;
-		}
-	if(!(p1 = (t_swAcquireAccContext *)
-				DSO_bind_func(cswift_dso, CSWIFT_F1)) ||
-			!(p2 = (t_swAttachKeyParam *)
-				DSO_bind_func(cswift_dso, CSWIFT_F2)) ||
-			!(p3 = (t_swSimpleRequest *)
-				DSO_bind_func(cswift_dso, CSWIFT_F3)) ||
-			!(p4 = (t_swReleaseAccContext *)
-				DSO_bind_func(cswift_dso, CSWIFT_F4)))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
-		goto err;
-		}
-	/* Copy the pointers */
-	p_CSwift_AcquireAccContext = p1;
-	p_CSwift_AttachKeyParam = p2;
-	p_CSwift_SimpleRequest = p3;
-	p_CSwift_ReleaseAccContext = p4;
-	/* Try and get a context - if not, we may have a DSO but no
-	 * accelerator! */
-	if(!get_context(&hac))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE);
-		goto err;
-		}
-	release_context(hac);
-	/* Everything's fine. */
-	return 1;
-err:
-	if(cswift_dso)
-		DSO_free(cswift_dso);
-	p_CSwift_AcquireAccContext = NULL;
-	p_CSwift_AttachKeyParam = NULL;
-	p_CSwift_SimpleRequest = NULL;
-	p_CSwift_ReleaseAccContext = NULL;
-	return 0;
-	}
-
-static int cswift_finish(ENGINE *e)
-	{
-	free_CSWIFT_LIBNAME();
-	if(cswift_dso == NULL)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(cswift_dso))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE);
-		return 0;
-		}
-	cswift_dso = NULL;
-	p_CSwift_AcquireAccContext = NULL;
-	p_CSwift_AttachKeyParam = NULL;
-	p_CSwift_SimpleRequest = NULL;
-	p_CSwift_ReleaseAccContext = NULL;
-	return 1;
-	}
-
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((cswift_dso == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case CSWIFT_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_CSWIFT_LIBNAME((const char *)p);
-	default:
-		break;
-		}
-	CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-/* Un petit mod_exp */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *ctx)
-	{
-	/* I need somewhere to store temporary serialised values for
-	 * use with the CryptoSwift API calls. A neat cheat - I'll use
-	 * BIGNUMs from the BN_CTX but access their arrays directly as
-	 * byte arrays <grin>. This way I don't have to clean anything
-	 * up. */
-	BIGNUM *modulus;
-	BIGNUM *exponent;
-	BIGNUM *argument;
-	BIGNUM *result;
-	SW_STATUS sw_status;
-	SW_LARGENUMBER arg, res;
-	SW_PARAM sw_param;
-	SW_CONTEXT_HANDLE hac;
-	int to_return, acquired;
- 
-	modulus = exponent = argument = result = NULL;
-	to_return = 0; /* expect failure */
-	acquired = 0;
- 
-	if(!get_context(&hac))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE);
-		goto err;
-		}
-	acquired = 1;
-	/* Prepare the params */
-	BN_CTX_start(ctx);
-	modulus = BN_CTX_get(ctx);
-	exponent = BN_CTX_get(ctx);
-	argument = BN_CTX_get(ctx);
-	result = BN_CTX_get(ctx);
-	if(!result)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL);
-		goto err;
-		}
-	if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
-		!bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL);
-		goto err;
-		}
-	sw_param.type = SW_ALG_EXP;
-	sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
-		(unsigned char *)modulus->d);
-	sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
-	sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
-		(unsigned char *)exponent->d);
-	sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
-	/* Attach the key params */
-	sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-	switch(sw_status)
-		{
-	case SW_OK:
-		break;
-	case SW_ERR_INPUT_SIZE:
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE);
-		goto err;
-	default:
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		}
-		goto err;
-		}
-	/* Prepare the argument and response */
-	arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
-	arg.value = (unsigned char *)argument->d;
-	res.nbytes = BN_num_bytes(m);
-	memset(result->d, 0, res.nbytes);
-	res.value = (unsigned char *)result->d;
-	/* Perform the operation */
-	if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
-		&res, 1)) != SW_OK)
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		goto err;
-		}
-	/* Convert the response */
-	BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
-	to_return = 1;
-err:
-	if(acquired)
-		release_context(hac);
-	BN_CTX_end(ctx);
-	return to_return;
-	}
-
-/* Un petit mod_exp chinois */
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *q, const BIGNUM *dmp1,
-			const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
-	{
-	SW_STATUS sw_status;
-	SW_LARGENUMBER arg, res;
-	SW_PARAM sw_param;
-	SW_CONTEXT_HANDLE hac;
-	BIGNUM *rsa_p = NULL;
-	BIGNUM *rsa_q = NULL;
-	BIGNUM *rsa_dmp1 = NULL;
-	BIGNUM *rsa_dmq1 = NULL;
-	BIGNUM *rsa_iqmp = NULL;
-	BIGNUM *argument = NULL;
-	BIGNUM *result = NULL;
-	int to_return = 0; /* expect failure */
-	int acquired = 0;
- 
-	if(!get_context(&hac))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE);
-		goto err;
-		}
-	acquired = 1;
-	/* Prepare the params */
-	BN_CTX_start(ctx);
-	rsa_p = BN_CTX_get(ctx);
-	rsa_q = BN_CTX_get(ctx);
-	rsa_dmp1 = BN_CTX_get(ctx);
-	rsa_dmq1 = BN_CTX_get(ctx);
-	rsa_iqmp = BN_CTX_get(ctx);
-	argument = BN_CTX_get(ctx);
-	result = BN_CTX_get(ctx);
-	if(!result)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
-		goto err;
-		}
-	if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
-			!bn_wexpand(rsa_dmp1, dmp1->top) ||
-			!bn_wexpand(rsa_dmq1, dmq1->top) ||
-			!bn_wexpand(rsa_iqmp, iqmp->top) ||
-			!bn_wexpand(argument, a->top) ||
-			!bn_wexpand(result, p->top + q->top))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-		goto err;
-		}
-	sw_param.type = SW_ALG_CRT;
-	sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
-	sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
-	sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
-	sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
-	sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
-		(unsigned char *)rsa_dmp1->d);
-	sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
-	sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
-		(unsigned char *)rsa_dmq1->d);
-	sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
-	sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
-		(unsigned char *)rsa_iqmp->d);
-	sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
-	/* Attach the key params */
-	sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-	switch(sw_status)
-		{
-	case SW_OK:
-		break;
-	case SW_ERR_INPUT_SIZE:
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE);
-		goto err;
-	default:
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		}
-		goto err;
-		}
-	/* Prepare the argument and response */
-	arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
-	arg.value = (unsigned char *)argument->d;
-	res.nbytes = 2 * BN_num_bytes(p);
-	memset(result->d, 0, res.nbytes);
-	res.value = (unsigned char *)result->d;
-	/* Perform the operation */
-	if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
-		&res, 1)) != SW_OK)
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		goto err;
-		}
-	/* Convert the response */
-	BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
-	to_return = 1;
-err:
-	if(acquired)
-		release_context(hac);
-	BN_CTX_end(ctx);
-	return to_return;
-	}
- 
-#ifndef OPENSSL_NO_RSA
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	BN_CTX *ctx;
-	int to_return = 0;
-
-	if((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
-		goto err;
-		}
-	to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
-		rsa->dmq1, rsa->iqmp, ctx);
-err:
-	if(ctx)
-		BN_CTX_free(ctx);
-	return to_return;
-	}
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return cswift_mod_exp(r, a, p, m, ctx);
-	}
-
-#ifndef OPENSSL_NO_DSA
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-	{
-	SW_CONTEXT_HANDLE hac;
-	SW_PARAM sw_param;
-	SW_STATUS sw_status;
-	SW_LARGENUMBER arg, res;
-	unsigned char *ptr;
-	BN_CTX *ctx;
-	BIGNUM *dsa_p = NULL;
-	BIGNUM *dsa_q = NULL;
-	BIGNUM *dsa_g = NULL;
-	BIGNUM *dsa_key = NULL;
-	BIGNUM *result = NULL;
-	DSA_SIG *to_return = NULL;
-	int acquired = 0;
-
-	if((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if(!get_context(&hac))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE);
-		goto err;
-		}
-	acquired = 1;
-	/* Prepare the params */
-	BN_CTX_start(ctx);
-	dsa_p = BN_CTX_get(ctx);
-	dsa_q = BN_CTX_get(ctx);
-	dsa_g = BN_CTX_get(ctx);
-	dsa_key = BN_CTX_get(ctx);
-	result = BN_CTX_get(ctx);
-	if(!result)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL);
-		goto err;
-		}
-	if(!bn_wexpand(dsa_p, dsa->p->top) ||
-			!bn_wexpand(dsa_q, dsa->q->top) ||
-			!bn_wexpand(dsa_g, dsa->g->top) ||
-			!bn_wexpand(dsa_key, dsa->priv_key->top) ||
-			!bn_wexpand(result, dsa->p->top))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL);
-		goto err;
-		}
-	sw_param.type = SW_ALG_DSA;
-	sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
-				(unsigned char *)dsa_p->d);
-	sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
-	sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
-				(unsigned char *)dsa_q->d);
-	sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
-	sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
-				(unsigned char *)dsa_g->d);
-	sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
-	sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
-				(unsigned char *)dsa_key->d);
-	sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
-	/* Attach the key params */
-	sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-	switch(sw_status)
-		{
-	case SW_OK:
-		break;
-	case SW_ERR_INPUT_SIZE:
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE);
-		goto err;
-	default:
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		}
-		goto err;
-		}
-	/* Prepare the argument and response */
-	arg.nbytes = dlen;
-	arg.value = (unsigned char *)dgst;
-	res.nbytes = BN_num_bytes(dsa->p);
-	memset(result->d, 0, res.nbytes);
-	res.value = (unsigned char *)result->d;
-	/* Perform the operation */
-	sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
-		&res, 1);
-	if(sw_status != SW_OK)
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		goto err;
-		}
-	/* Convert the response */
-	ptr = (unsigned char *)result->d;
-	if((to_return = DSA_SIG_new()) == NULL)
-		goto err;
-	to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
-	to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
-
-err:
-	if(acquired)
-		release_context(hac);
-	if(ctx)
-		{
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-		}
-	return to_return;
-	}
-
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
-				DSA_SIG *sig, DSA *dsa)
-	{
-	SW_CONTEXT_HANDLE hac;
-	SW_PARAM sw_param;
-	SW_STATUS sw_status;
-	SW_LARGENUMBER arg[2], res;
-	unsigned long sig_result;
-	BN_CTX *ctx;
-	BIGNUM *dsa_p = NULL;
-	BIGNUM *dsa_q = NULL;
-	BIGNUM *dsa_g = NULL;
-	BIGNUM *dsa_key = NULL;
-	BIGNUM *argument = NULL;
-	int to_return = -1;
-	int acquired = 0;
-
-	if((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if(!get_context(&hac))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE);
-		goto err;
-		}
-	acquired = 1;
-	/* Prepare the params */
-	BN_CTX_start(ctx);
-	dsa_p = BN_CTX_get(ctx);
-	dsa_q = BN_CTX_get(ctx);
-	dsa_g = BN_CTX_get(ctx);
-	dsa_key = BN_CTX_get(ctx);
-	argument = BN_CTX_get(ctx);
-	if(!argument)
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL);
-		goto err;
-		}
-	if(!bn_wexpand(dsa_p, dsa->p->top) ||
-			!bn_wexpand(dsa_q, dsa->q->top) ||
-			!bn_wexpand(dsa_g, dsa->g->top) ||
-			!bn_wexpand(dsa_key, dsa->pub_key->top) ||
-			!bn_wexpand(argument, 40))
-		{
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL);
-		goto err;
-		}
-	sw_param.type = SW_ALG_DSA;
-	sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
-				(unsigned char *)dsa_p->d);
-	sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
-	sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
-				(unsigned char *)dsa_q->d);
-	sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
-	sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
-				(unsigned char *)dsa_g->d);
-	sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
-	sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
-				(unsigned char *)dsa_key->d);
-	sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
-	/* Attach the key params */
-	sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-	switch(sw_status)
-		{
-	case SW_OK:
-		break;
-	case SW_ERR_INPUT_SIZE:
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE);
-		goto err;
-	default:
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		}
-		goto err;
-		}
-	/* Prepare the argument and response */
-	arg[0].nbytes = dgst_len;
-	arg[0].value = (unsigned char *)dgst;
-	arg[1].nbytes = 40;
-	arg[1].value = (unsigned char *)argument->d;
-	memset(arg[1].value, 0, 40);
-	BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
-	BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
-	res.nbytes = 4; /* unsigned long */
-	res.value = (unsigned char *)(&sig_result);
-	/* Perform the operation */
-	sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
-		&res, 1);
-	if(sw_status != SW_OK)
-		{
-		char tmpbuf[DECIMAL_SIZE(sw_status)+1];
-		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
-		sprintf(tmpbuf, "%ld", sw_status);
-		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
-		goto err;
-		}
-	/* Convert the response */
-	to_return = ((sig_result == 0) ? 0 : 1);
-
-err:
-	if(acquired)
-		release_context(hac);
-	if(ctx)
-		{
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-		}
-	return to_return;
-	}
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return cswift_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-/* Random bytes are good */
-static int cswift_rand_bytes(unsigned char *buf, int num)
-{
-	SW_CONTEXT_HANDLE hac;
-	SW_STATUS swrc;
-	SW_LARGENUMBER largenum;
-	size_t nbytes = 0;
-	int acquired = 0;
-	int to_return = 0; /* assume failure */
-
-	if (!get_context(&hac))
-	{
-		CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
-		goto err;
-	}
-	acquired = 1;
-
-	while (nbytes < (size_t)num)
-	{
-		/* tell CryptoSwift how many bytes we want and where we want it.
-		 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
-		 *       - CryptoSwift can only do multiple of 32-bits. */
-		largenum.value = (SW_BYTE *) buf + nbytes;
-		if (4096 > num - nbytes)
-			largenum.nbytes = num - nbytes;
-		else
-			largenum.nbytes = 4096;
-
-		swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
-		if (swrc != SW_OK)
-		{
-			char tmpbuf[20];
-			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
-			sprintf(tmpbuf, "%ld", swrc);
-			ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-			goto err;
-		}
-
-		nbytes += largenum.nbytes;
-	}
-	to_return = 1;  /* success */
-
-err:
-	if (acquired)
-		release_context(hac);
-	return to_return;
-}
-
-static int cswift_rand_status(void)
-{
-	return 1;
-}
-
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_cswift_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_CSWIFT */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_cswift_err.c b/crypto/openssl/crypto/engine/hw_cswift_err.c
deleted file mode 100644
index 684f53bf27ec..000000000000
--- a/crypto/openssl/crypto/engine/hw_cswift_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* hw_cswift_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_cswift_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CSWIFT_str_functs[]=
-	{
-{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0),	"CSWIFT_CTRL"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0),	"CSWIFT_DSA_SIGN"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0),	"CSWIFT_DSA_VERIFY"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0),	"CSWIFT_FINISH"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0),	"CSWIFT_INIT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0),	"CSWIFT_MOD_EXP"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0),	"CSWIFT_MOD_EXP_CRT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0),	"CSWIFT_RSA_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA CSWIFT_str_reasons[]=
-	{
-{CSWIFT_R_ALREADY_LOADED                 ,"already loaded"},
-{CSWIFT_R_BAD_KEY_SIZE                   ,"bad key size"},
-{CSWIFT_R_BN_CTX_FULL                    ,"bn ctx full"},
-{CSWIFT_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
-{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{CSWIFT_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{CSWIFT_R_NOT_LOADED                     ,"not loaded"},
-{CSWIFT_R_REQUEST_FAILED                 ,"request failed"},
-{CSWIFT_R_UNIT_FAILURE                   ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-static ERR_STRING_DATA CSWIFT_lib_name[]=
-        {
-{0	,CSWIFT_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int CSWIFT_lib_error_code=0;
-static int CSWIFT_error_init=1;
-
-static void ERR_load_CSWIFT_strings(void)
-	{
-	if (CSWIFT_lib_error_code == 0)
-		CSWIFT_lib_error_code=ERR_get_next_error_library();
-
-	if (CSWIFT_error_init)
-		{
-		CSWIFT_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
-		ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-		CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code,0,0);
-		ERR_load_strings(0,CSWIFT_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_CSWIFT_strings(void)
-	{
-	if (CSWIFT_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
-		ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-		ERR_unload_strings(0,CSWIFT_lib_name);
-#endif
-		CSWIFT_error_init=1;
-		}
-	}
-
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
-	{
-	if (CSWIFT_lib_error_code == 0)
-		CSWIFT_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(CSWIFT_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_cswift_err.h b/crypto/openssl/crypto/engine/hw_cswift_err.h
deleted file mode 100644
index 7120c3216fb8..000000000000
--- a/crypto/openssl/crypto/engine/hw_cswift_err.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CSWIFT_ERR_H
-#define HEADER_CSWIFT_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CSWIFT_strings(void);
-static void ERR_unload_CSWIFT_strings(void);
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
-#define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CSWIFT functions. */
-
-/* Function codes. */
-#define CSWIFT_F_CSWIFT_CTRL				 100
-#define CSWIFT_F_CSWIFT_DSA_SIGN			 101
-#define CSWIFT_F_CSWIFT_DSA_VERIFY			 102
-#define CSWIFT_F_CSWIFT_FINISH				 103
-#define CSWIFT_F_CSWIFT_INIT				 104
-#define CSWIFT_F_CSWIFT_MOD_EXP				 105
-#define CSWIFT_F_CSWIFT_MOD_EXP_CRT			 106
-#define CSWIFT_F_CSWIFT_RSA_MOD_EXP			 107
-
-/* Reason codes. */
-#define CSWIFT_R_ALREADY_LOADED				 100
-#define CSWIFT_R_BAD_KEY_SIZE				 101
-#define CSWIFT_R_BN_CTX_FULL				 102
-#define CSWIFT_R_BN_EXPAND_FAIL				 103
-#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED		 104
-#define CSWIFT_R_MISSING_KEY_COMPONENTS			 105
-#define CSWIFT_R_NOT_LOADED				 106
-#define CSWIFT_R_REQUEST_FAILED				 107
-#define CSWIFT_R_UNIT_FAILURE				 108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_ncipher.c b/crypto/openssl/crypto/engine/hw_ncipher.c
deleted file mode 100644
index 0d1c6b8df0ef..000000000000
--- a/crypto/openssl/crypto/engine/hw_ncipher.c
+++ /dev/null
@@ -1,1388 +0,0 @@
-/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
- * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com)
- * for the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/ui.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_NCIPHER
-
-/* Attribution notice: nCipher have said several times that it's OK for
- * us to implement a general interface to their boxes, and recently declared
- * their HWCryptoHook to be public, and therefore available for us to use.
- * Thanks, nCipher.
- *
- * The hwcryptohook.h included here is from May 2000.
- * [Richard Levitte]
- */
-#ifdef FLAT_INC
-#include "hwcryptohook.h"
-#else
-#include "vendor_defns/hwcryptohook.h"
-#endif
-
-#define HWCRHK_LIB_NAME "hwcrhk engine"
-#include "hw_ncipher_err.c"
-
-static int hwcrhk_destroy(ENGINE *e);
-static int hwcrhk_init(ENGINE *e);
-static int hwcrhk_finish(ENGINE *e);
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 
-
-/* Functions to handle mutexes if have dynamic locks */
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*);
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);
-#if 1 /* This is a HACK which will disappear in 0.9.8 */
-/* Functions to handle mutexes if only have static locks */
-static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
-                                    HWCryptoHook_CallerContext *c);
-static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m);
-static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m);
-static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m);
-#endif
-
-/* BIGNUM stuff */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
-	const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* RAND stuff */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num);
-static int hwcrhk_rand_status(void);
-
-/* KM stuff */
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int ind,long argl, void *argp);
-
-/* Interaction stuff */
-static int hwcrhk_insert_card(const char *prompt_info,
-	const char *wrong_info,
-	HWCryptoHook_PassphraseContext *ppctx,
-	HWCryptoHook_CallerContext *cactx);
-static int hwcrhk_get_pass(const char *prompt_info,
-	int *len_io, char *buf,
-	HWCryptoHook_PassphraseContext *ppctx,
-	HWCryptoHook_CallerContext *cactx);
-static void hwcrhk_log_message(void *logstr, const char *message);
-
-/* The definitions for control commands specific to this engine */
-#define HWCRHK_CMD_SO_PATH		ENGINE_CMD_BASE
-#define HWCRHK_CMD_FORK_CHECK		(ENGINE_CMD_BASE + 1)
-#define HWCRHK_CMD_THREAD_LOCKING	(ENGINE_CMD_BASE + 2)
-#define HWCRHK_CMD_SET_USER_INTERFACE   (ENGINE_CMD_BASE + 3)
-#define HWCRHK_CMD_SET_CALLBACK_DATA    (ENGINE_CMD_BASE + 4)
-static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
-	{HWCRHK_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the 'hwcrhk' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{HWCRHK_CMD_FORK_CHECK,
-		"FORK_CHECK",
-		"Turns fork() checking on or off (boolean)",
-		ENGINE_CMD_FLAG_NUMERIC},
-	{HWCRHK_CMD_THREAD_LOCKING,
-		"THREAD_LOCKING",
-		"Turns thread-safe locking on or off (boolean)",
-		ENGINE_CMD_FLAG_NUMERIC},
-	{HWCRHK_CMD_SET_USER_INTERFACE,
-		"SET_USER_INTERFACE",
-		"Set the global user interface (internal)",
-		ENGINE_CMD_FLAG_INTERNAL},
-	{HWCRHK_CMD_SET_CALLBACK_DATA,
-		"SET_CALLBACK_DATA",
-		"Set the global user interface extra data (internal)",
-		ENGINE_CMD_FLAG_INTERNAL},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD hwcrhk_rsa =
-	{
-	"nCipher RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	hwcrhk_rsa_mod_exp,
-	hwcrhk_mod_exp_mont,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD hwcrhk_dh =
-	{
-	"nCipher DH method",
-	NULL,
-	NULL,
-	hwcrhk_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-static RAND_METHOD hwcrhk_rand =
-	{
-	/* "nCipher RAND method", */
-	NULL,
-	hwcrhk_rand_bytes,
-	NULL,
-	NULL,
-	hwcrhk_rand_bytes,
-	hwcrhk_rand_status,
-	};
-
-/* Constants used when creating the ENGINE */
-static const char *engine_hwcrhk_id = "chil";
-static const char *engine_hwcrhk_name = "nCipher hardware engine support";
-
-/* Internal stuff for HWCryptoHook */
-
-/* Some structures needed for proper use of thread locks */
-/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
-   into HWCryptoHook_Mutex */
-struct HWCryptoHook_MutexValue
-	{
-	int lockid;
-	};
-
-/* hwcryptohook.h has some typedefs that turn
-   struct HWCryptoHook_PassphraseContextValue
-   into HWCryptoHook_PassphraseContext */
-struct HWCryptoHook_PassphraseContextValue
-	{
-        UI_METHOD *ui_method;
-	void *callback_data;
-	};
-
-/* hwcryptohook.h has some typedefs that turn
-   struct HWCryptoHook_CallerContextValue
-   into HWCryptoHook_CallerContext */
-struct HWCryptoHook_CallerContextValue
-	{
-	pem_password_cb *password_callback; /* Deprecated!  Only present for
-                                               backward compatibility! */
-        UI_METHOD *ui_method;
-	void *callback_data;
-	};
-
-/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
-   BIGNUM's, so lets define a couple of conversion macros */
-#define BN2MPI(mp, bn) \
-    {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-#define MPI2BN(bn, mp) \
-    {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-
-static BIO *logstream = NULL;
-static int disable_mutex_callbacks = 0;
-
-/* One might wonder why these are needed, since one can pass down at least
-   a UI_METHOD and a pointer to callback data to the key-loading functions.
-   The thing is that the ModExp and RSAImmed functions can load keys as well,
-   if the data they get is in a special, nCipher-defined format (hint: if you
-   look at the private exponent of the RSA data as a string, you'll see this
-   string: "nCipher KM tool key id", followed by some bytes, followed a key
-   identity string, followed by more bytes.  This happens when you use "embed"
-   keys instead of "hwcrhk" keys).  Unfortunately, those functions do not take
-   any passphrase or caller context, and our functions can't really take any
-   callback data either.  Still, the "insert_card" and "get_passphrase"
-   callbacks may be called down the line, and will need to know what user
-   interface callbacks to call, and having callback data from the application
-   may be a nice thing as well, so we need to keep track of that globally. */
-static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
-
-/* Stuff to pass to the HWCryptoHook library */
-static HWCryptoHook_InitInfo hwcrhk_globals = {
-	HWCryptoHook_InitFlags_SimpleForkCheck,	/* Flags */
-	&logstream,		/* logstream */
-	sizeof(BN_ULONG),	/* limbsize */
-	0,			/* mslimb first: false for BNs */
-	-1,			/* msbyte first: use native */
-	0,			/* Max mutexes, 0 = no small limit */
-	0,			/* Max simultaneous, 0 = default */
-
-	/* The next few are mutex stuff: we write wrapper functions
-	   around the OS mutex functions.  We initialise them to 0
-	   here, and change that to actual function pointers in hwcrhk_init()
-	   if dynamic locks are supported (that is, if the application
-	   programmer has made sure of setting up callbacks bafore starting
-	   this engine) *and* if disable_mutex_callbacks hasn't been set by
-	   a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */
-	sizeof(HWCryptoHook_Mutex),
-	0,
-	0,
-	0,
-	0,
-
-	/* The next few are condvar stuff: we write wrapper functions
-	   round the OS functions.  Currently not implemented and not
-	   and absolute necessity even in threaded programs, therefore
-	   0'ed.  Will hopefully be implemented some day, since it
-	   enhances the efficiency of HWCryptoHook.  */
-	0, /* sizeof(HWCryptoHook_CondVar), */
-	0, /* hwcrhk_cv_init, */
-	0, /* hwcrhk_cv_wait, */
-	0, /* hwcrhk_cv_signal, */
-	0, /* hwcrhk_cv_broadcast, */
-	0, /* hwcrhk_cv_destroy, */
-
-	hwcrhk_get_pass,	/* pass phrase */
-	hwcrhk_insert_card,	/* insert a card */
-	hwcrhk_log_message	/* Log message */
-};
-
-
-/* Now, to our own code */
-
-/* This internal function is used by ENGINE_ncipher() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth2;
-#endif
-	if(!ENGINE_set_id(e, engine_hwcrhk_id) ||
-			!ENGINE_set_name(e, engine_hwcrhk_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &hwcrhk_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &hwcrhk_dh) ||
-#endif
-			!ENGINE_set_RAND(e, &hwcrhk_rand) ||
-			!ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
-			!ENGINE_set_init_function(e, hwcrhk_init) ||
-			!ENGINE_set_finish_function(e, hwcrhk_finish) ||
-			!ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
-			!ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
-			!ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
-			!ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the cswift-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1 = RSA_PKCS1_SSLeay();
-	hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-	hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-	hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth2 = DH_OpenSSL();
-	hwcrhk_dh.generate_key = meth2->generate_key;
-	hwcrhk_dh.compute_key = meth2->compute_key;
-#endif
-
-	/* Ensure the hwcrhk error handling is set up */
-	ERR_load_HWCRHK_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_ncipher(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_chil(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_ncipher();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the HWCryptoHook library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *hwcrhk_dso = NULL;
-static HWCryptoHook_ContextHandle hwcrhk_context = 0;
-#ifndef OPENSSL_NO_RSA
-static int hndidx_rsa = -1;    /* Index for KM handle.  Not really used yet. */
-#endif
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
-static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
-static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
-#endif
-static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
-#ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
-static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
-static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
-#endif
-static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
-
-/* Used in the DSO operations. */
-static const char *HWCRHK_LIBNAME = NULL;
-static void free_HWCRHK_LIBNAME(void)
-	{
-	if(HWCRHK_LIBNAME)
-		OPENSSL_free((void*)HWCRHK_LIBNAME);
-	HWCRHK_LIBNAME = NULL;
-	}
-static const char *get_HWCRHK_LIBNAME(void)
-	{
-	if(HWCRHK_LIBNAME)
-		return HWCRHK_LIBNAME;
-	return "nfhwcrhk";
-	}
-static long set_HWCRHK_LIBNAME(const char *name)
-	{
-	free_HWCRHK_LIBNAME();
-	return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
-static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
-static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
-#ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
-#endif
-static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
-#ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
-static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
-static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
-#endif
-static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
-
-/* HWCryptoHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there. */
-
-/* utility function to obtain a context */
-static int get_context(HWCryptoHook_ContextHandle *hac,
-        HWCryptoHook_CallerContext *cac)
-	{
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-
-        *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg,
-		cac);
-	if (!*hac)
-                return 0;
-        return 1;
-	}
- 
-/* similarly to release one. */
-static void release_context(HWCryptoHook_ContextHandle hac)
-	{
-	p_hwcrhk_Finish(hac);
-	}
-
-/* Destructor (complements the "ENGINE_ncipher()" constructor) */
-static int hwcrhk_destroy(ENGINE *e)
-	{
-	free_HWCRHK_LIBNAME();
-	ERR_unload_HWCRHK_strings();
-	return 1;
-	}
-
-/* (de)initialisation functions. */
-static int hwcrhk_init(ENGINE *e)
-	{
-	HWCryptoHook_Init_t *p1;
-	HWCryptoHook_Finish_t *p2;
-	HWCryptoHook_ModExp_t *p3;
-#ifndef OPENSSL_NO_RSA
-	HWCryptoHook_RSA_t *p4;
-	HWCryptoHook_RSALoadKey_t *p5;
-	HWCryptoHook_RSAGetPublicKey_t *p6;
-	HWCryptoHook_RSAUnloadKey_t *p7;
-#endif
-	HWCryptoHook_RandomBytes_t *p8;
-	HWCryptoHook_ModExpCRT_t *p9;
-
-	if(hwcrhk_dso != NULL)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
-	hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
-	if(hwcrhk_dso == NULL)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
-		goto err;
-		}
-	if(!(p1 = (HWCryptoHook_Init_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
-		!(p2 = (HWCryptoHook_Finish_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
-		!(p3 = (HWCryptoHook_ModExp_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
-#ifndef OPENSSL_NO_RSA
-		!(p4 = (HWCryptoHook_RSA_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
-		!(p5 = (HWCryptoHook_RSALoadKey_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
-		!(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
-		!(p7 = (HWCryptoHook_RSAUnloadKey_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
-#endif
-		!(p8 = (HWCryptoHook_RandomBytes_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
-		!(p9 = (HWCryptoHook_ModExpCRT_t *)
-			DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT)))
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
-		goto err;
-		}
-	/* Copy the pointers */
-	p_hwcrhk_Init = p1;
-	p_hwcrhk_Finish = p2;
-	p_hwcrhk_ModExp = p3;
-#ifndef OPENSSL_NO_RSA
-	p_hwcrhk_RSA = p4;
-	p_hwcrhk_RSALoadKey = p5;
-	p_hwcrhk_RSAGetPublicKey = p6;
-	p_hwcrhk_RSAUnloadKey = p7;
-#endif
-	p_hwcrhk_RandomBytes = p8;
-	p_hwcrhk_ModExpCRT = p9;
-
-	/* Check if the application decided to support dynamic locks,
-	   and if it does, use them. */
-	if (disable_mutex_callbacks == 0)
-		{
-		if (CRYPTO_get_dynlock_create_callback() != NULL &&
-			CRYPTO_get_dynlock_lock_callback() != NULL &&
-			CRYPTO_get_dynlock_destroy_callback() != NULL)
-			{
-			hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
-			hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
-			hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
-			hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
-			}
-		else if (CRYPTO_get_locking_callback() != NULL)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING);
-			ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
-#if 1 /* This is a HACK which will disappear in 0.9.8 */
-			hwcrhk_globals.maxmutexes    = 1; /* Only have one lock */
-			hwcrhk_globals.mutex_init    = hwcrhk_static_mutex_init;
-			hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock;
-			hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock;
-			hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy;
-#else
-			goto err;
-#endif
-			}
-		}
-
-	/* Try and get a context - if not, we may have a DSO but no
-	 * accelerator! */
-	if(!get_context(&hwcrhk_context, &password_context))
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE);
-		goto err;
-		}
-	/* Everything's fine. */
-#ifndef OPENSSL_NO_RSA
-	if (hndidx_rsa == -1)
-		hndidx_rsa = RSA_get_ex_new_index(0,
-			"nFast HWCryptoHook RSA key handle",
-			NULL, NULL, hwcrhk_ex_free);
-#endif
-	return 1;
-err:
-	if(hwcrhk_dso)
-		DSO_free(hwcrhk_dso);
-	hwcrhk_dso = NULL;
-	p_hwcrhk_Init = NULL;
-	p_hwcrhk_Finish = NULL;
-	p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
-	p_hwcrhk_RSA = NULL;
-	p_hwcrhk_RSALoadKey = NULL;
-	p_hwcrhk_RSAGetPublicKey = NULL;
-	p_hwcrhk_RSAUnloadKey = NULL;
-#endif
-	p_hwcrhk_ModExpCRT = NULL;
-	p_hwcrhk_RandomBytes = NULL;
-	return 0;
-	}
-
-static int hwcrhk_finish(ENGINE *e)
-	{
-	int to_return = 1;
-	free_HWCRHK_LIBNAME();
-	if(hwcrhk_dso == NULL)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
-		to_return = 0;
-		goto err;
-		}
-	release_context(hwcrhk_context);
-	if(!DSO_free(hwcrhk_dso))
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE);
-		to_return = 0;
-		goto err;
-		}
- err:
-	if (logstream)
-		BIO_free(logstream);
-	hwcrhk_dso = NULL;
-	p_hwcrhk_Init = NULL;
-	p_hwcrhk_Finish = NULL;
-	p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
-	p_hwcrhk_RSA = NULL;
-	p_hwcrhk_RSALoadKey = NULL;
-	p_hwcrhk_RSAGetPublicKey = NULL;
-	p_hwcrhk_RSAUnloadKey = NULL;
-#endif
-	p_hwcrhk_ModExpCRT = NULL;
-	p_hwcrhk_RandomBytes = NULL;
-	return to_return;
-	}
-
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int to_return = 1;
-
-	switch(cmd)
-		{
-	case HWCRHK_CMD_SO_PATH:
-		if(hwcrhk_dso)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED);
-			return 0;
-			}
-		if(p == NULL)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		return set_HWCRHK_LIBNAME((const char *)p);
-	case ENGINE_CTRL_SET_LOGSTREAM:
-		{
-		BIO *bio = (BIO *)p;
-
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		if (logstream)
-			{
-			BIO_free(logstream);
-			logstream = NULL;
-			}
-		if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
-			logstream = bio;
-		else
-			HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED);
-		}
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		password_context.password_callback = (pem_password_cb *)f;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	case ENGINE_CTRL_SET_USER_INTERFACE:
-	case HWCRHK_CMD_SET_USER_INTERFACE:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		password_context.ui_method = (UI_METHOD *)p;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	case ENGINE_CTRL_SET_CALLBACK_DATA:
-	case HWCRHK_CMD_SET_CALLBACK_DATA:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		password_context.callback_data = p;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	/* this enables or disables the "SimpleForkCheck" flag used in the
-	 * initialisation structure. */
-	case ENGINE_CTRL_CHIL_SET_FORKCHECK:
-	case HWCRHK_CMD_FORK_CHECK:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		if(i)
-			hwcrhk_globals.flags |=
-				HWCryptoHook_InitFlags_SimpleForkCheck;
-		else
-			hwcrhk_globals.flags &=
-				~HWCryptoHook_InitFlags_SimpleForkCheck;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	/* This will prevent the initialisation function from "installing"
-	 * the mutex-handling callbacks, even if they are available from
-	 * within the library (or were provided to the library from the
-	 * calling application). This is to remove any baggage for
-	 * applications not using multithreading. */
-	case ENGINE_CTRL_CHIL_NO_LOCKING:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		disable_mutex_callbacks = 1;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	case HWCRHK_CMD_THREAD_LOCKING:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		disable_mutex_callbacks = ((i == 0) ? 0 : 1);
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-
-	/* The command isn't understood by this engine */
-	default:
-		HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
-			HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-		to_return = 0;
-		break;
-		}
-
-	return to_return;
-	}
-
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data)
-	{
-#ifndef OPENSSL_NO_RSA
-	RSA *rtmp = NULL;
-#endif
-	EVP_PKEY *res = NULL;
-#ifndef OPENSSL_NO_RSA
-	HWCryptoHook_MPI e, n;
-	HWCryptoHook_RSAKeyHandle *hptr;
-#endif
-#if !defined(OPENSSL_NO_RSA)
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-#endif
-	HWCryptoHook_PassphraseContext ppctx;
-
-#if !defined(OPENSSL_NO_RSA)
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-#endif
-
-	if(!hwcrhk_context)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
-			HWCRHK_R_NOT_INITIALISED);
-		goto err;
-		}
-#ifndef OPENSSL_NO_RSA
-	hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
-	if (!hptr)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
-			ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-        ppctx.ui_method = ui_method;
-	ppctx.callback_data = callback_data;
-	if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
-		&rmsg, &ppctx))
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
-			HWCRHK_R_CHIL_ERROR);
-		ERR_add_error_data(1,rmsg.buf);
-		goto err;
-		}
-	if (!*hptr)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
-			HWCRHK_R_NO_KEY);
-		goto err;
-		}
-#endif
-#ifndef OPENSSL_NO_RSA
-	rtmp = RSA_new_method(eng);
-	RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
-	rtmp->e = BN_new();
-	rtmp->n = BN_new();
-	rtmp->flags |= RSA_FLAG_EXT_PKEY;
-	MPI2BN(rtmp->e, e);
-	MPI2BN(rtmp->n, n);
-	if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
-		!= HWCRYPTOHOOK_ERROR_MPISIZE)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR);
-		ERR_add_error_data(1,rmsg.buf);
-		goto err;
-		}
-
-	bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
-	bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
-	MPI2BN(rtmp->e, e);
-	MPI2BN(rtmp->n, n);
-
-	if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
-			HWCRHK_R_CHIL_ERROR);
-		ERR_add_error_data(1,rmsg.buf);
-		goto err;
-		}
-	rtmp->e->top = e.size / sizeof(BN_ULONG);
-	bn_fix_top(rtmp->e);
-	rtmp->n->top = n.size / sizeof(BN_ULONG);
-	bn_fix_top(rtmp->n);
-
-	res = EVP_PKEY_new();
-	EVP_PKEY_assign_RSA(res, rtmp);
-#endif
-
-        if (!res)
-                HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
-                        HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
-
-	return res;
- err:
-	if (res)
-		EVP_PKEY_free(res);
-#ifndef OPENSSL_NO_RSA
-	if (rtmp)
-		RSA_free(rtmp);
-#endif
-	return NULL;
-	}
-
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data)
-	{
-	EVP_PKEY *res = NULL;
-
-#ifndef OPENSSL_NO_RSA
-        res = hwcrhk_load_privkey(eng, key_id,
-                ui_method, callback_data);
-#endif
-
-	if (res)
-		switch(res->type)
-			{
-#ifndef OPENSSL_NO_RSA
-		case EVP_PKEY_RSA:
-			{
-			RSA *rsa = NULL;
-
-			CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
-			rsa = res->pkey.rsa;
-			res->pkey.rsa = RSA_new();
-			res->pkey.rsa->n = rsa->n;
-			res->pkey.rsa->e = rsa->e;
-			rsa->n = NULL;
-			rsa->e = NULL;
-			CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
-			RSA_free(rsa);
-			}
-			break;
-#endif
-		default:
-			HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
-				HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-			goto err;
-			}
-
-	return res;
- err:
-	if (res)
-		EVP_PKEY_free(res);
-	return NULL;
-	}
-
-/* A little mod_exp */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *ctx)
-	{
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-	/* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's,
-	   we use them directly, plus a little macro magic.  We only
-	   thing we need to make sure of is that enough space is allocated. */
-	HWCryptoHook_MPI m_a, m_p, m_n, m_r;
-	int to_return, ret;
- 
-	to_return = 0; /* expect failure */
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-
-	if(!hwcrhk_context)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
-		goto err;
-		}
-	/* Prepare the params */
-	bn_expand2(r, m->top);	/* Check for error !! */
-	BN2MPI(m_a, a);
-	BN2MPI(m_p, p);
-	BN2MPI(m_n, m);
-	MPI2BN(r, m_r);
-
-	/* Perform the operation */
-	ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
-
-	/* Convert the response */
-	r->top = m_r.size / sizeof(BN_ULONG);
-	bn_fix_top(r);
-
-	if (ret < 0)
-		{
-		/* FIXME: When this error is returned, HWCryptoHook is
-		   telling us that falling back to software computation
-		   might be a good thing. */
-		if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK);
-			}
-		else
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED);
-			}
-		ERR_add_error_data(1,rmsg.buf);
-		goto err;
-		}
-
-	to_return = 1;
-err:
-	return to_return;
-	}
-
-#ifndef OPENSSL_NO_RSA 
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
-	{
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-	HWCryptoHook_RSAKeyHandle *hptr;
-	int to_return = 0, ret;
-
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-
-	if(!hwcrhk_context)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
-		goto err;
-		}
-
-	/* This provides support for nForce keys.  Since that's opaque data
-	   all we do is provide a handle to the proper key and let HWCryptoHook
-	   take care of the rest. */
-	if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
-		!= NULL)
-		{
-		HWCryptoHook_MPI m_a, m_r;
-
-		if(!rsa->n)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-				HWCRHK_R_MISSING_KEY_COMPONENTS);
-			goto err;
-			}
-
-		/* Prepare the params */
-		bn_expand2(r, rsa->n->top); /* Check for error !! */
-		BN2MPI(m_a, I);
-		MPI2BN(r, m_r);
-
-		/* Perform the operation */
-		ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
-
-		/* Convert the response */
-		r->top = m_r.size / sizeof(BN_ULONG);
-		bn_fix_top(r);
-
-		if (ret < 0)
-			{
-			/* FIXME: When this error is returned, HWCryptoHook is
-			   telling us that falling back to software computation
-			   might be a good thing. */
-			if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
-				{
-				HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-					HWCRHK_R_REQUEST_FALLBACK);
-				}
-			else
-				{
-				HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-					HWCRHK_R_REQUEST_FAILED);
-				}
-			ERR_add_error_data(1,rmsg.buf);
-			goto err;
-			}
-		}
-	else
-		{
-		HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
-
-		if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-				HWCRHK_R_MISSING_KEY_COMPONENTS);
-			goto err;
-			}
-
-		/* Prepare the params */
-		bn_expand2(r, rsa->n->top); /* Check for error !! */
-		BN2MPI(m_a, I);
-		BN2MPI(m_p, rsa->p);
-		BN2MPI(m_q, rsa->q);
-		BN2MPI(m_dmp1, rsa->dmp1);
-		BN2MPI(m_dmq1, rsa->dmq1);
-		BN2MPI(m_iqmp, rsa->iqmp);
-		MPI2BN(r, m_r);
-
-		/* Perform the operation */
-		ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
-			m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
-
-		/* Convert the response */
-		r->top = m_r.size / sizeof(BN_ULONG);
-		bn_fix_top(r);
-
-		if (ret < 0)
-			{
-			/* FIXME: When this error is returned, HWCryptoHook is
-			   telling us that falling back to software computation
-			   might be a good thing. */
-			if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
-				{
-				HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-					HWCRHK_R_REQUEST_FALLBACK);
-				}
-			else
-				{
-				HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
-					HWCRHK_R_REQUEST_FAILED);
-				}
-			ERR_add_error_data(1,rmsg.buf);
-			goto err;
-			}
-		}
-	/* If we're here, we must be here with some semblance of success :-) */
-	to_return = 1;
-err:
-	return to_return;
-	}
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return hwcrhk_mod_exp(r, a, p, m, ctx);
-	}
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return hwcrhk_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-/* Random bytes are good */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num)
-	{
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-	int to_return = 0; /* assume failure */
-	int ret;
-
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-
-	if(!hwcrhk_context)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED);
-		goto err;
-		}
-
-	ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
-	if (ret < 0)
-		{
-		/* FIXME: When this error is returned, HWCryptoHook is
-		   telling us that falling back to software computation
-		   might be a good thing. */
-		if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
-				HWCRHK_R_REQUEST_FALLBACK);
-			}
-		else
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
-				HWCRHK_R_REQUEST_FAILED);
-			}
-		ERR_add_error_data(1,rmsg.buf);
-		goto err;
-		}
-	to_return = 1;
- err:
-	return to_return;
-	}
-
-static int hwcrhk_rand_status(void)
-	{
-	return 1;
-	}
-
-/* This cleans up an RSA KM key, called when ex_data is freed */
-
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int ind,long argl, void *argp)
-{
-	char tempbuf[1024];
-	HWCryptoHook_ErrMsgBuf rmsg;
-#ifndef OPENSSL_NO_RSA
-	HWCryptoHook_RSAKeyHandle *hptr;
-#endif
-#if !defined(OPENSSL_NO_RSA)
-	int ret;
-#endif
-
-	rmsg.buf = tempbuf;
-	rmsg.size = sizeof(tempbuf);
-
-#ifndef OPENSSL_NO_RSA
-	hptr = (HWCryptoHook_RSAKeyHandle *) item;
-	if(hptr)
-                {
-                ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
-                OPENSSL_free(hptr);
-                }
-#endif
-}
-
-/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
- * these just wrap the POSIX functions and add some logging.
- */
-
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt,
-	HWCryptoHook_CallerContext *cactx)
-	{
-	mt->lockid = CRYPTO_get_new_dynlockid();
-	if (mt->lockid == 0)
-		return 1; /* failure */
-	return 0; /* success */
-	}
-
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt)
-	{
-	CRYPTO_w_lock(mt->lockid);
-	return 0;
-	}
-
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
-	{
-	CRYPTO_w_unlock(mt->lockid);
-	}
-
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt)
-	{
-	CRYPTO_destroy_dynlockid(mt->lockid);
-	}
-
-/* Mutex upcalls to use if the application does not support dynamic locks */
-
-static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
-	HWCryptoHook_CallerContext *c)
-	{
-	return 0;
-	}
-static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK);
-	return 0;
-	}
-static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m)
-	{
-	CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK);
-	}
-static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m)
-	{
-	}
-
-static int hwcrhk_get_pass(const char *prompt_info,
-	int *len_io, char *buf,
-	HWCryptoHook_PassphraseContext *ppctx,
-	HWCryptoHook_CallerContext *cactx)
-	{
-	pem_password_cb *callback = NULL;
-	void *callback_data = NULL;
-        UI_METHOD *ui_method = NULL;
-
-        if (cactx)
-                {
-                if (cactx->ui_method)
-                        ui_method = cactx->ui_method;
-		if (cactx->password_callback)
-			callback = cactx->password_callback;
-		if (cactx->callback_data)
-			callback_data = cactx->callback_data;
-                }
-	if (ppctx)
-		{
-                if (ppctx->ui_method)
-                        {
-                        ui_method = ppctx->ui_method;
-                        callback = NULL;
-                        }
-		if (ppctx->callback_data)
-			callback_data = ppctx->callback_data;
-		}
-	if (callback == NULL && ui_method == NULL)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK);
-		return -1;
-		}
-
-        if (ui_method)
-                {
-                UI *ui = UI_new_method(ui_method);
-                if (ui)
-                        {
-                        int ok;
-                        char *prompt = UI_construct_prompt(ui,
-                                "pass phrase", prompt_info);
-
-                        ok = UI_add_input_string(ui,prompt,
-                                UI_INPUT_FLAG_DEFAULT_PWD,
-				buf,0,(*len_io) - 1);
-                        UI_add_user_data(ui, callback_data);
-			UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
-			if (ok >= 0)
-				do
-					{
-					ok=UI_process(ui);
-					}
-				while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
-                        if (ok >= 0)
-                                *len_io = strlen(buf);
-
-                        UI_free(ui);
-                        OPENSSL_free(prompt);
-                        }
-                }
-        else
-                {
-                *len_io = callback(buf, *len_io, 0, callback_data);
-                }
-	if(!*len_io)
-		return -1;
-	return 0;
-	}
-
-static int hwcrhk_insert_card(const char *prompt_info,
-		      const char *wrong_info,
-		      HWCryptoHook_PassphraseContext *ppctx,
-		      HWCryptoHook_CallerContext *cactx)
-        {
-        int ok = -1;
-        UI *ui;
-	void *callback_data = NULL;
-        UI_METHOD *ui_method = NULL;
-
-        if (cactx)
-                {
-                if (cactx->ui_method)
-                        ui_method = cactx->ui_method;
-		if (cactx->callback_data)
-			callback_data = cactx->callback_data;
-                }
-	if (ppctx)
-		{
-                if (ppctx->ui_method)
-                        ui_method = ppctx->ui_method;
-		if (ppctx->callback_data)
-			callback_data = ppctx->callback_data;
-		}
-	if (ui_method == NULL)
-		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD,
-			HWCRHK_R_NO_CALLBACK);
-		return -1;
-		}
-
-	ui = UI_new_method(ui_method);
-
-	if (ui)
-		{
-		char answer;
-		char buf[BUFSIZ];
-
-		if (wrong_info)
-			BIO_snprintf(buf, sizeof(buf)-1,
-				"Current card: \"%s\"\n", wrong_info);
-		ok = UI_dup_info_string(ui, buf);
-		if (ok >= 0 && prompt_info)
-			{
-			BIO_snprintf(buf, sizeof(buf)-1,
-				"Insert card \"%s\"", prompt_info);
-			ok = UI_dup_input_boolean(ui, buf,
-				"\n then hit <enter> or C<enter> to cancel\n",
-				"\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer);
-			}
-		UI_add_user_data(ui, callback_data);
-
-		if (ok >= 0)
-			ok = UI_process(ui);
-		UI_free(ui);
-
-		if (ok == -2 || (ok >= 0 && answer == 'C'))
-			ok = 1;
-		else if (ok < 0)
-			ok = -1;
-		else
-			ok = 0;
-		}
-	return ok;
-	}
-
-static void hwcrhk_log_message(void *logstr, const char *message)
-	{
-	BIO *lstream = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_BIO);
-	if (logstr)
-		lstream=*(BIO **)logstr;
-	if (lstream)
-		{
-		BIO_printf(lstream, "%s\n", message);
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
-	}
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */	   
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_hwcrhk_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_NCIPHER */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_ncipher_err.c b/crypto/openssl/crypto/engine/hw_ncipher_err.c
deleted file mode 100644
index 5bc94581b741..000000000000
--- a/crypto/openssl/crypto/engine/hw_ncipher_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* hw_ncipher_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_ncipher_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA HWCRHK_str_functs[]=
-	{
-{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0),	"HWCRHK_CTRL"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0),	"HWCRHK_FINISH"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0),	"HWCRHK_GET_PASS"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0),	"HWCRHK_INIT"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0),	"HWCRHK_INSERT_CARD"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0),	"HWCRHK_LOAD_PRIVKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0),	"HWCRHK_LOAD_PUBKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0),	"HWCRHK_MOD_EXP"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0),	"HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0),	"HWCRHK_RSA_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA HWCRHK_str_reasons[]=
-	{
-{HWCRHK_R_ALREADY_LOADED                 ,"already loaded"},
-{HWCRHK_R_BIO_WAS_FREED                  ,"bio was freed"},
-{HWCRHK_R_CHIL_ERROR                     ,"chil error"},
-{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{HWCRHK_R_DSO_FAILURE                    ,"dso failure"},
-{HWCRHK_R_DYNAMIC_LOCKING_MISSING        ,"dynamic locking missing"},
-{HWCRHK_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{HWCRHK_R_NOT_INITIALISED                ,"not initialised"},
-{HWCRHK_R_NOT_LOADED                     ,"not loaded"},
-{HWCRHK_R_NO_CALLBACK                    ,"no callback"},
-{HWCRHK_R_NO_KEY                         ,"no key"},
-{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
-{HWCRHK_R_REQUEST_FAILED                 ,"request failed"},
-{HWCRHK_R_REQUEST_FALLBACK               ,"request fallback"},
-{HWCRHK_R_UNIT_FAILURE                   ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef HWCRHK_LIB_NAME
-static ERR_STRING_DATA HWCRHK_lib_name[]=
-        {
-{0	,HWCRHK_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int HWCRHK_lib_error_code=0;
-static int HWCRHK_error_init=1;
-
-static void ERR_load_HWCRHK_strings(void)
-	{
-	if (HWCRHK_lib_error_code == 0)
-		HWCRHK_lib_error_code=ERR_get_next_error_library();
-
-	if (HWCRHK_error_init)
-		{
-		HWCRHK_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
-		ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
-		HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0);
-		ERR_load_strings(0,HWCRHK_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_HWCRHK_strings(void)
-	{
-	if (HWCRHK_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
-		ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
-		ERR_unload_strings(0,HWCRHK_lib_name);
-#endif
-		HWCRHK_error_init=1;
-		}
-	}
-
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
-	{
-	if (HWCRHK_lib_error_code == 0)
-		HWCRHK_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_ncipher_err.h b/crypto/openssl/crypto/engine/hw_ncipher_err.h
deleted file mode 100644
index d232d0231984..000000000000
--- a/crypto/openssl/crypto/engine/hw_ncipher_err.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_HWCRHK_ERR_H
-#define HEADER_HWCRHK_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_HWCRHK_strings(void);
-static void ERR_unload_HWCRHK_strings(void);
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
-#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the HWCRHK functions. */
-
-/* Function codes. */
-#define HWCRHK_F_HWCRHK_CTRL				 100
-#define HWCRHK_F_HWCRHK_FINISH				 101
-#define HWCRHK_F_HWCRHK_GET_PASS			 102
-#define HWCRHK_F_HWCRHK_INIT				 103
-#define HWCRHK_F_HWCRHK_INSERT_CARD			 104
-#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY			 105
-#define HWCRHK_F_HWCRHK_LOAD_PUBKEY			 106
-#define HWCRHK_F_HWCRHK_MOD_EXP				 107
-#define HWCRHK_F_HWCRHK_RAND_BYTES			 108
-#define HWCRHK_F_HWCRHK_RSA_MOD_EXP			 109
-
-/* Reason codes. */
-#define HWCRHK_R_ALREADY_LOADED				 100
-#define HWCRHK_R_BIO_WAS_FREED				 101
-#define HWCRHK_R_CHIL_ERROR				 102
-#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
-#define HWCRHK_R_DSO_FAILURE				 104
-#define HWCRHK_R_DYNAMIC_LOCKING_MISSING		 114
-#define HWCRHK_R_MISSING_KEY_COMPONENTS			 105
-#define HWCRHK_R_NOT_INITIALISED			 106
-#define HWCRHK_R_NOT_LOADED				 107
-#define HWCRHK_R_NO_CALLBACK				 108
-#define HWCRHK_R_NO_KEY					 109
-#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED	 110
-#define HWCRHK_R_REQUEST_FAILED				 111
-#define HWCRHK_R_REQUEST_FALLBACK			 112
-#define HWCRHK_R_UNIT_FAILURE				 113
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_nuron.c b/crypto/openssl/crypto/engine/hw_nuron.c
deleted file mode 100644
index fb9188bfe5be..000000000000
--- a/crypto/openssl/crypto/engine/hw_nuron.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/* crypto/engine/hw_nuron.c */
-/* Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
- * Thorpe's Atalla implementation.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_NURON
-
-#define NURON_LIB_NAME "nuron engine"
-#include "hw_nuron_err.c"
-
-static const char *NURON_LIBNAME = NULL;
-static const char *get_NURON_LIBNAME(void)
-	{
-	if(NURON_LIBNAME)
-		return NURON_LIBNAME;
-	return "nuronssl";
-	}
-static void free_NURON_LIBNAME(void)
-	{
-	if(NURON_LIBNAME)
-		OPENSSL_free((void*)NURON_LIBNAME);
-	NURON_LIBNAME = NULL;
-	}
-static long set_NURON_LIBNAME(const char *name)
-	{
-	free_NURON_LIBNAME();
-	return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-static const char *NURON_F1 = "nuron_mod_exp";
-
-/* The definitions for control commands specific to this engine */
-#define NURON_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
-	{NURON_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the 'nuronssl' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{0, NULL, NULL, 0}
-	};
-
-typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
-static tfnModExp *pfnModExp = NULL;
-
-static DSO *pvDSOHandle = NULL;
-
-static int nuron_destroy(ENGINE *e)
-	{
-	free_NURON_LIBNAME();
-	ERR_unload_NURON_strings();
-	return 1;
-	}
-
-static int nuron_init(ENGINE *e)
-	{
-	if(pvDSOHandle != NULL)
-		{
-		NURONerr(NURON_F_NURON_INIT,NURON_R_ALREADY_LOADED);
-		return 0;
-		}
-
-	pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
-		DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
-	if(!pvDSOHandle)
-		{
-		NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_NOT_FOUND);
-		return 0;
-		}
-
-	pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1);
-	if(!pfnModExp)
-		{
-		NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_FUNCTION_NOT_FOUND);
-		return 0;
-		}
-
-	return 1;
-	}
-
-static int nuron_finish(ENGINE *e)
-	{
-	free_NURON_LIBNAME();
-	if(pvDSOHandle == NULL)
-		{
-		NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(pvDSOHandle))
-		{
-		NURONerr(NURON_F_NURON_FINISH,NURON_R_DSO_FAILURE);
-		return 0;
-		}
-	pvDSOHandle=NULL;
-	pfnModExp=NULL;
-	return 1;
-	}
-
-static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case NURON_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			NURONerr(NURON_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_NURON_LIBNAME((const char *)p);
-	default:
-		break;
-		}
-	NURONerr(NURON_F_NURON_CTRL,NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-}
-
-static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
-			 const BIGNUM *m,BN_CTX *ctx)
-	{
-	if(!pvDSOHandle)
-		{
-		NURONerr(NURON_F_NURON_MOD_EXP,NURON_R_NOT_LOADED);
-		return 0;
-		}
-	return pfnModExp(r,a,p,m);
-	}
-
-#ifndef OPENSSL_NO_RSA
-static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
- * (it doesn't have a CRT form for RSA), this function means that an
- * Atalla system running with a DSA server certificate can handshake
- * around 5 or 6 times faster/more than an equivalent system running with
- * RSA. Just check out the "signs" statistics from the RSA and DSA parts
- * of "openssl speed -engine atalla dsa1024 rsa1024". */
-static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-			     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-			     BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BIGNUM t;
-	int to_return = 0;
- 
-	BN_init(&t);
-	/* let rr = a1 ^ p1 mod m */
-	if (!nuron_mod_exp(rr,a1,p1,m,ctx))
-		goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!nuron_mod_exp(&t,a2,p2,m,ctx))
-		goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx))
-		goto end;
-	to_return = 1;
-end:
-	BN_free(&t);
-	return to_return;
-	}
-
-
-static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-			     const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-			     BN_MONT_CTX *m_ctx)
-	{
-	return nuron_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return nuron_mod_exp(r, a, p, m, ctx);
-	}
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
-		const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return nuron_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA_METHOD nuron_rsa =
-	{
-	"Nuron RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	nuron_rsa_mod_exp,
-	nuron_mod_exp_mont,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static DSA_METHOD nuron_dsa =
-	{
-	"Nuron DSA method",
-	NULL, /* dsa_do_sign */
-	NULL, /* dsa_sign_setup */
-	NULL, /* dsa_do_verify */
-	nuron_dsa_mod_exp, /* dsa_mod_exp */
-	nuron_mod_exp_dsa, /* bn_mod_exp */
-	NULL, /* init */
-	NULL, /* finish */
-	0, /* flags */
-	NULL /* app_data */
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-static DH_METHOD nuron_dh =
-	{
-	"Nuron DH method",
-	NULL,
-	NULL,
-	nuron_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_nuron_id = "nuron";
-static const char *engine_nuron_name = "Nuron hardware engine support";
-
-/* This internal function is used by ENGINE_nuron() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
-	const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth3;
-#endif
-	if(!ENGINE_set_id(e, engine_nuron_id) ||
-			!ENGINE_set_name(e, engine_nuron_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &nuron_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(e, &nuron_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &nuron_dh) ||
-#endif
-			!ENGINE_set_destroy_function(e, nuron_destroy) ||
-			!ENGINE_set_init_function(e, nuron_init) ||
-			!ENGINE_set_finish_function(e, nuron_finish) ||
-			!ENGINE_set_ctrl_function(e, nuron_ctrl) ||
-			!ENGINE_set_cmd_defns(e, nuron_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the nuron-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1=RSA_PKCS1_SSLeay();
-	nuron_rsa.rsa_pub_enc=meth1->rsa_pub_enc;
-	nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec;
-	nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc;
-	nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
-	 * bits. */
-	meth2=DSA_OpenSSL();
-	nuron_dsa.dsa_do_sign=meth2->dsa_do_sign;
-	nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup;
-	nuron_dsa.dsa_do_verify=meth2->dsa_do_verify;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth3=DH_OpenSSL();
-	nuron_dh.generate_key=meth3->generate_key;
-	nuron_dh.compute_key=meth3->compute_key;
-#endif
-
-	/* Ensure the nuron error handling is set up */
-	ERR_load_NURON_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_nuron(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_nuron(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_nuron();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */	   
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_nuron_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_NURON */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_nuron_err.c b/crypto/openssl/crypto/engine/hw_nuron_err.c
deleted file mode 100644
index df9d7bde7669..000000000000
--- a/crypto/openssl/crypto/engine/hw_nuron_err.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* hw_nuron_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_nuron_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA NURON_str_functs[]=
-	{
-{ERR_PACK(0,NURON_F_NURON_CTRL,0),	"NURON_CTRL"},
-{ERR_PACK(0,NURON_F_NURON_FINISH,0),	"NURON_FINISH"},
-{ERR_PACK(0,NURON_F_NURON_INIT,0),	"NURON_INIT"},
-{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0),	"NURON_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA NURON_str_reasons[]=
-	{
-{NURON_R_ALREADY_LOADED                  ,"already loaded"},
-{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{NURON_R_DSO_FAILURE                     ,"dso failure"},
-{NURON_R_DSO_FUNCTION_NOT_FOUND          ,"dso function not found"},
-{NURON_R_DSO_NOT_FOUND                   ,"dso not found"},
-{NURON_R_NOT_LOADED                      ,"not loaded"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef NURON_LIB_NAME
-static ERR_STRING_DATA NURON_lib_name[]=
-        {
-{0	,NURON_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int NURON_lib_error_code=0;
-static int NURON_error_init=1;
-
-static void ERR_load_NURON_strings(void)
-	{
-	if (NURON_lib_error_code == 0)
-		NURON_lib_error_code=ERR_get_next_error_library();
-
-	if (NURON_error_init)
-		{
-		NURON_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(NURON_lib_error_code,NURON_str_functs);
-		ERR_load_strings(NURON_lib_error_code,NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
-		NURON_lib_name->error = ERR_PACK(NURON_lib_error_code,0,0);
-		ERR_load_strings(0,NURON_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_NURON_strings(void)
-	{
-	if (NURON_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(NURON_lib_error_code,NURON_str_functs);
-		ERR_unload_strings(NURON_lib_error_code,NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
-		ERR_unload_strings(0,NURON_lib_name);
-#endif
-		NURON_error_init=1;
-		}
-	}
-
-static void ERR_NURON_error(int function, int reason, char *file, int line)
-	{
-	if (NURON_lib_error_code == 0)
-		NURON_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(NURON_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_nuron_err.h b/crypto/openssl/crypto/engine/hw_nuron_err.h
deleted file mode 100644
index a56bfdf30398..000000000000
--- a/crypto/openssl/crypto/engine/hw_nuron_err.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_NURON_ERR_H
-#define HEADER_NURON_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_NURON_strings(void);
-static void ERR_unload_NURON_strings(void);
-static void ERR_NURON_error(int function, int reason, char *file, int line);
-#define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the NURON functions. */
-
-/* Function codes. */
-#define NURON_F_NURON_CTRL				 100
-#define NURON_F_NURON_FINISH				 101
-#define NURON_F_NURON_INIT				 102
-#define NURON_F_NURON_MOD_EXP				 103
-
-/* Reason codes. */
-#define NURON_R_ALREADY_LOADED				 100
-#define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED		 101
-#define NURON_R_DSO_FAILURE				 102
-#define NURON_R_DSO_FUNCTION_NOT_FOUND			 103
-#define NURON_R_DSO_NOT_FOUND				 104
-#define NURON_R_NOT_LOADED				 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_sureware.c b/crypto/openssl/crypto/engine/hw_sureware.c
deleted file mode 100644
index fca467e69013..000000000000
--- a/crypto/openssl/crypto/engine/hw_sureware.c
+++ /dev/null
@@ -1,1039 +0,0 @@
-/* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-* 
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions
-* are met:
-*
-* 1. Redistributions of source code must retain the above copyright
-*    notice, this list of conditions and the following disclaimer. 
-*
-* 2. Redistributions in binary form must reproduce the above copyright
-*    notice, this list of conditions and the following disclaimer in
-*    the documentation and/or other materials provided with the
-*    distribution.
-*
-* 3. All advertising materials mentioning features or use of this
-*    software must display the following acknowledgment:
-*    "This product includes software developed by the OpenSSL Project
-*    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-*
-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-*    endorse or promote products derived from this software without
-*    prior written permission. For written permission, please contact
-*    licensing@OpenSSL.org.
-*
-* 5. Products derived from this software may not be called "OpenSSL"
-*    nor may "OpenSSL" appear in their names without prior written
-*    permission of the OpenSSL Project.
-*
-* 6. Redistributions of any form whatsoever must retain the following
-*    acknowledgment:
-*    "This product includes software developed by the OpenSSL Project
-*    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-*
-* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-* Copyright@2001 Baltimore Technologies Ltd.
-* All right Reserved.
-*																								*	
-*		THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND																			*
-*		ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE					* 
-*		IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE				*
-*		ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE						*
-*		FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL				*
-*		DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS					*
-*		OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)					*
-*		HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT				*
-*		LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY				*
-*		OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF					*
-*		SUCH DAMAGE.																			*
-====================================================================*/
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include "eng_int.h"
-#include "engine.h"
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_SUREWARE
-
-#ifdef FLAT_INC
-#include "sureware.h"
-#else
-#include "vendor_defns/sureware.h"
-#endif
-
-#define SUREWARE_LIB_NAME "sureware engine"
-#include "hw_sureware_err.c"
-
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int surewarehk_destroy(ENGINE *e);
-static int surewarehk_init(ENGINE *e);
-static int surewarehk_finish(ENGINE *e);
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx);
-
-/* RSA stuff */
-static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
-			RSA *rsa,int padding);
-static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
-			    RSA *rsa,int padding);
-
-/* RAND stuff */
-static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static void surewarehk_rand_seed(const void *buf, int num);
-static void surewarehk_rand_add(const void *buf, int num, double entropy);
-
-/* KM stuff */
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int idx,long argl, void *argp);
-#if 0
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int idx,long argl, void *argp);
-#endif
-
-#ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-	return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD surewarehk_rsa =
-	{
-	"SureWare RSA method",
-	NULL, /* pub_enc*/
-	NULL, /* pub_dec*/
-	surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc*/
-	surewarehk_rsa_priv_dec, /* priv_dec*/
-	NULL, /*mod_exp*/
-	surewarehk_mod_exp_mont, /*mod_exp_mongomery*/
-	NULL, /* init*/
-	NULL, /* finish*/
-	0,	/* RSA flag*/
-	NULL, 
-	NULL, /* OpenSSL sign*/
-	NULL  /* OpenSSL verify*/
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-	const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-	return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-static DH_METHOD surewarehk_dh =
-	{
-	"SureWare DH method",
-	NULL,/*gen_key*/
-	NULL,/*agree,*/
-	surewarehk_modexp_dh, /*dh mod exp*/
-	NULL, /* init*/
-	NULL, /* finish*/
-	0,    /* flags*/
-	NULL 
-	};
-#endif
-
-static RAND_METHOD surewarehk_rand =
-	{
-	/* "SureWare RAND method", */
-	surewarehk_rand_seed,
-	surewarehk_rand_bytes,
-	NULL,/*cleanup*/
-	surewarehk_rand_add,
-	surewarehk_rand_bytes,
-	NULL,/*rand_status*/
-	};
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static	DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-	BIGNUM t;
-	int to_return = 0;
-	BN_init(&t);
-	/* let rr = a1 ^ p1 mod m */
-	if (!surewarehk_modexp(rr,a1,p1,m,ctx)) goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!surewarehk_modexp(&t,a2,p2,m,ctx)) goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
-	to_return = 1;
-end:
-	BN_free(&t);
-	return to_return;
-}
-
-static DSA_METHOD surewarehk_dsa =
-	{
-	 "SureWare DSA method", 
-	surewarehk_dsa_do_sign,
-	NULL,/*sign setup*/
-	NULL,/*verify,*/
-	surewarehk_dsa_mod_exp,/*mod exp*/
-	NULL,/*bn mod exp*/
-	NULL, /*init*/
-	NULL,/*finish*/
-	0,
-	NULL,
-	};
-#endif
-
-static const char *engine_sureware_id = "sureware";
-static const char *engine_sureware_name = "SureWare hardware engine support";
-
-/* Now, to our own code */
-
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-static int bind_sureware(ENGINE *e)
-{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
-	const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth3;
-#endif
-
-	if(!ENGINE_set_id(e, engine_sureware_id) ||
-	   !ENGINE_set_name(e, engine_sureware_name) ||
-#ifndef OPENSSL_NO_RSA
-	   !ENGINE_set_RSA(e, &surewarehk_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-	   !ENGINE_set_DSA(e, &surewarehk_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-	   !ENGINE_set_DH(e, &surewarehk_dh) ||
-#endif
-	   !ENGINE_set_RAND(e, &surewarehk_rand) ||
-	   !ENGINE_set_destroy_function(e, surewarehk_destroy) ||
-	   !ENGINE_set_init_function(e, surewarehk_init) ||
-	   !ENGINE_set_finish_function(e, surewarehk_finish) ||
-	   !ENGINE_set_ctrl_function(e, surewarehk_ctrl) ||
-	   !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||
-	   !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))
-	  return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the cswift-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1 = RSA_PKCS1_SSLeay();
-	if (meth1)
-	{
-		surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-		surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
-	 * bits. */
-	meth2 = DSA_OpenSSL();
-	if (meth2)
-	{
-		surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;
-	}
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* Much the same for Diffie-Hellman */
-	meth3 = DH_OpenSSL();
-	if (meth3)
-	{
-		surewarehk_dh.generate_key = meth3->generate_key;
-		surewarehk_dh.compute_key = meth3->compute_key;
-	}
-#endif
-
-	/* Ensure the sureware error handling is set up */
-	ERR_load_SUREWARE_strings();
-	return 1;
-}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_helper(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_sureware_id) != 0))
-		return 0;
-	if(!bind_sureware(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
-static ENGINE *engine_sureware(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_sureware(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_sureware(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_sureware();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the SureWareHook library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *surewarehk_dso = NULL;
-#ifndef OPENSSL_NO_RSA
-static int rsaHndidx = -1;	/* Index for KM handle.  Not really used yet. */
-#endif
-#ifndef OPENSSL_NO_DSA
-static int dsaHndidx = -1;	/* Index for KM handle.  Not really used yet. */
-#endif
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static SureWareHook_Init_t *p_surewarehk_Init = NULL;
-static SureWareHook_Finish_t *p_surewarehk_Finish = NULL;
-static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL;
-static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL;
-static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL;
-static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL;
-static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
-static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
-static SureWareHook_Free_t *p_surewarehk_Free=NULL;
-static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec=NULL;
-static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign=NULL;
-static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign=NULL;
-static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp=NULL;
-
-/* Used in the DSO operations. */
-static const char *surewarehk_LIBNAME = "SureWareHook";
-static const char *n_surewarehk_Init = "SureWareHook_Init";
-static const char *n_surewarehk_Finish = "SureWareHook_Finish";
-static const char *n_surewarehk_Rand_Bytes="SureWareHook_Rand_Bytes";
-static const char *n_surewarehk_Rand_Seed="SureWareHook_Rand_Seed";
-static const char *n_surewarehk_Load_Privkey="SureWareHook_Load_Privkey";
-static const char *n_surewarehk_Info_Pubkey="SureWareHook_Info_Pubkey";
-static const char *n_surewarehk_Load_Rsa_Pubkey="SureWareHook_Load_Rsa_Pubkey";
-static const char *n_surewarehk_Load_Dsa_Pubkey="SureWareHook_Load_Dsa_Pubkey";
-static const char *n_surewarehk_Free="SureWareHook_Free";
-static const char *n_surewarehk_Rsa_Priv_Dec="SureWareHook_Rsa_Priv_Dec";
-static const char *n_surewarehk_Rsa_Sign="SureWareHook_Rsa_Sign";
-static const char *n_surewarehk_Dsa_Sign="SureWareHook_Dsa_Sign";
-static const char *n_surewarehk_Mod_Exp="SureWareHook_Mod_Exp";
-static BIO *logstream = NULL;
-
-/* SureWareHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there. 
-*/
-static int threadsafe=1;
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-{
-	int to_return = 1;
-
-	switch(cmd)
-	{
-		case ENGINE_CTRL_SET_LOGSTREAM:
-		{
-			BIO *bio = (BIO *)p;
-			CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-			if (logstream)
-			{
-				BIO_free(logstream);
-				logstream = NULL;
-			}
-			if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
-				logstream = bio;
-			else
-				SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,SUREWARE_R_BIO_WAS_FREED);
-		}
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-	/* This will prevent the initialisation function from "installing"
-	 * the mutex-handling callbacks, even if they are available from
-	 * within the library (or were provided to the library from the
-	 * calling application). This is to remove any baggage for
-	 * applications not using multithreading. */
-	case ENGINE_CTRL_CHIL_NO_LOCKING:
-		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		threadsafe = 0;
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		break;
-
-	/* The command isn't understood by this engine */
-	default:
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
-			ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-		to_return = 0;
-		break;
-		}
-
-	return to_return;
-}
-
-/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
-static int surewarehk_destroy(ENGINE *e)
-{
-	ERR_unload_SUREWARE_strings();
-	return 1;
-}
-
-/* (de)initialisation functions. */
-static int surewarehk_init(ENGINE *e)
-{
-	char msg[64]="ENGINE_init";
-	SureWareHook_Init_t *p1=NULL;
-	SureWareHook_Finish_t *p2=NULL;
-	SureWareHook_Rand_Bytes_t *p3=NULL;
-	SureWareHook_Rand_Seed_t *p4=NULL;
-	SureWareHook_Load_Privkey_t *p5=NULL;
-	SureWareHook_Load_Rsa_Pubkey_t *p6=NULL;
-	SureWareHook_Free_t *p7=NULL;
-	SureWareHook_Rsa_Priv_Dec_t *p8=NULL;
-	SureWareHook_Rsa_Sign_t *p9=NULL;
-	SureWareHook_Dsa_Sign_t *p12=NULL;
-	SureWareHook_Info_Pubkey_t *p13=NULL;
-	SureWareHook_Load_Dsa_Pubkey_t *p14=NULL;
-	SureWareHook_Mod_Exp_t *p15=NULL;
-
-	if(surewarehk_dso != NULL)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_ALREADY_LOADED);
-		goto err;
-	}
-	/* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
-	surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
-	if(surewarehk_dso == NULL)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
-		goto err;
-	}
-	if(!(p1=(SureWareHook_Init_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Init)) ||
-	   !(p2=(SureWareHook_Finish_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Finish)) ||
-	   !(p3=(SureWareHook_Rand_Bytes_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Bytes)) ||
-	   !(p4=(SureWareHook_Rand_Seed_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Seed)) ||
-	   !(p5=(SureWareHook_Load_Privkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Privkey)) ||
-	   !(p6=(SureWareHook_Load_Rsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Rsa_Pubkey)) ||
-	   !(p7=(SureWareHook_Free_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) ||
-	   !(p8=(SureWareHook_Rsa_Priv_Dec_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Priv_Dec)) ||
-	   !(p9=(SureWareHook_Rsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Sign)) ||
-	   !(p12=(SureWareHook_Dsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Dsa_Sign)) ||
-	   !(p13=(SureWareHook_Info_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Info_Pubkey)) ||
-	   !(p14=(SureWareHook_Load_Dsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Dsa_Pubkey)) ||
-	   !(p15=(SureWareHook_Mod_Exp_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Mod_Exp)))
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
-		goto err;
-	}
-	/* Copy the pointers */
-	p_surewarehk_Init = p1;
-	p_surewarehk_Finish = p2;
-	p_surewarehk_Rand_Bytes = p3;
-	p_surewarehk_Rand_Seed = p4;
-	p_surewarehk_Load_Privkey = p5;
-	p_surewarehk_Load_Rsa_Pubkey = p6;
-	p_surewarehk_Free = p7;
-	p_surewarehk_Rsa_Priv_Dec = p8;
-	p_surewarehk_Rsa_Sign = p9;
-	p_surewarehk_Dsa_Sign = p12;
-	p_surewarehk_Info_Pubkey = p13;
-	p_surewarehk_Load_Dsa_Pubkey = p14;
-	p_surewarehk_Mod_Exp = p15;
-	/* Contact the hardware and initialises it. */
-	if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
-		goto err;
-	}
-	if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
-		goto err;
-	}
-	/* try to load the default private key, if failed does not return a failure but
-           wait for an explicit ENGINE_load_privakey */
-	surewarehk_load_privkey(e,NULL,NULL,NULL);
-
-	/* Everything's fine. */
-#ifndef OPENSSL_NO_RSA
-	if (rsaHndidx == -1)
-		rsaHndidx = RSA_get_ex_new_index(0,
-						"SureWareHook RSA key handle",
-						NULL, NULL, surewarehk_ex_free);
-#endif
-#ifndef OPENSSL_NO_DSA
-	if (dsaHndidx == -1)
-		dsaHndidx = DSA_get_ex_new_index(0,
-						"SureWareHook DSA key handle",
-						NULL, NULL, surewarehk_ex_free);
-#endif
-
-	return 1;
-err:
-	if(surewarehk_dso)
-		DSO_free(surewarehk_dso);
-	surewarehk_dso = NULL;
-	p_surewarehk_Init = NULL;
-	p_surewarehk_Finish = NULL;
-	p_surewarehk_Rand_Bytes = NULL;
-	p_surewarehk_Rand_Seed = NULL;
-	p_surewarehk_Load_Privkey = NULL;
-	p_surewarehk_Load_Rsa_Pubkey = NULL;
-	p_surewarehk_Free = NULL;
-	p_surewarehk_Rsa_Priv_Dec = NULL;
-	p_surewarehk_Rsa_Sign = NULL;
-	p_surewarehk_Dsa_Sign = NULL;
-	p_surewarehk_Info_Pubkey = NULL;
-	p_surewarehk_Load_Dsa_Pubkey = NULL;
-	p_surewarehk_Mod_Exp = NULL;
-	return 0;
-}
-
-static int surewarehk_finish(ENGINE *e)
-{
-	int to_return = 1;
-	if(surewarehk_dso == NULL)
-		{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_NOT_LOADED);
-		to_return = 0;
-		goto err;
-		}
-	p_surewarehk_Finish();
-	if(!DSO_free(surewarehk_dso))
-		{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_DSO_FAILURE);
-		to_return = 0;
-		goto err;
-		}
- err:
-	if (logstream)
-		BIO_free(logstream);
-	surewarehk_dso = NULL;
-	p_surewarehk_Init = NULL;
-	p_surewarehk_Finish = NULL;
-	p_surewarehk_Rand_Bytes = NULL;
-	p_surewarehk_Rand_Seed = NULL;
-	p_surewarehk_Load_Privkey = NULL;
-	p_surewarehk_Load_Rsa_Pubkey = NULL;
-	p_surewarehk_Free = NULL;
-	p_surewarehk_Rsa_Priv_Dec = NULL;
-	p_surewarehk_Rsa_Sign = NULL;
-	p_surewarehk_Dsa_Sign = NULL;
-	p_surewarehk_Info_Pubkey = NULL;
-	p_surewarehk_Load_Dsa_Pubkey = NULL;
-	p_surewarehk_Mod_Exp = NULL;
-	return to_return;
-}
-
-static void surewarehk_error_handling(char *const msg,int func,int ret)
-{
-	switch (ret)
-	{
-		case SUREWAREHOOK_ERROR_UNIT_FAILURE:
-			ENGINEerr(func,SUREWARE_R_UNIT_FAILURE);
-			break;
-		case SUREWAREHOOK_ERROR_FALLBACK:
-			ENGINEerr(func,SUREWARE_R_REQUEST_FALLBACK);
-			break;
-		case SUREWAREHOOK_ERROR_DATA_SIZE:
-			ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-			break;
-		case SUREWAREHOOK_ERROR_INVALID_PAD:
-			ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED);
-			break;
-		default:
-			ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
-			break;
-		case 1:/*nothing*/
-			msg[0]='\0';
-	}
-	if (*msg)
-	{
-		ERR_add_error_data(1,msg);
-		if (logstream)
-		{
-			CRYPTO_w_lock(CRYPTO_LOCK_BIO);
-			BIO_write(logstream, msg, strlen(msg));
-			CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
-		}
-	}
-}
-
-static int surewarehk_rand_bytes(unsigned char *buf, int num)
-{
-	int ret=0;
-	char msg[64]="ENGINE_rand_bytes";
-	if(!p_surewarehk_Rand_Bytes)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-	{
-		ret = p_surewarehk_Rand_Bytes(msg,buf, num);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_BYTES,ret);
-	}
-	return ret==1 ? 1 : 0;
-}
-
-static void surewarehk_rand_seed(const void *buf, int num)
-{
-	int ret=0;
-	char msg[64]="ENGINE_rand_seed";
-	if(!p_surewarehk_Rand_Seed)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-	{
-		ret = p_surewarehk_Rand_Seed(msg,buf, num);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret);
-	}
-}
-
-static void surewarehk_rand_add(const void *buf, int num, double entropy)
-{
-	surewarehk_rand_seed(buf,num);
-}
-
-static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
-{
-	EVP_PKEY *res = NULL;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsatmp = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
-	DSA *dsatmp=NULL;
-#endif
-	char msg[64]="sureware_load_public";
-	int ret=0;
-	if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
-		goto err;
-	}
-	switch (keytype)
-	{
-#ifndef OPENSSL_NO_RSA
-	case 1: /*RSA*/
-		/* set private external reference */
-		rsatmp = RSA_new_method(e);
-		RSA_set_ex_data(rsatmp,rsaHndidx,hptr);
-		rsatmp->flags |= RSA_FLAG_EXT_PKEY;
-
-		/* set public big nums*/
-		rsatmp->e = BN_new();
-		rsatmp->n = BN_new();
-		bn_expand2(rsatmp->e, el/sizeof(BN_ULONG));
-		bn_expand2(rsatmp->n, el/sizeof(BN_ULONG));
-		if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))|| 
-			!rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG)))
-			goto err;
-		ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
-						 (unsigned long *)rsatmp->n->d,
-						 (unsigned long *)rsatmp->e->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
-		if (ret!=1)
-		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-			goto err;
-		}
-		/* normalise pub e and pub n */
-		rsatmp->e->top=el/sizeof(BN_ULONG);
-		bn_fix_top(rsatmp->e);
-		rsatmp->n->top=el/sizeof(BN_ULONG);
-		bn_fix_top(rsatmp->n);
-		/* create an EVP object: engine + rsa key */
-		res = EVP_PKEY_new();
-		EVP_PKEY_assign_RSA(res, rsatmp);
-		break;
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	case 2:/*DSA*/
-		/* set private/public external reference */
-		dsatmp = DSA_new_method(e);
-		DSA_set_ex_data(dsatmp,dsaHndidx,hptr);
-		/*dsatmp->flags |= DSA_FLAG_EXT_PKEY;*/
-
-		/* set public key*/
-		dsatmp->pub_key = BN_new();
-		dsatmp->p = BN_new();
-		dsatmp->q = BN_new();
-		dsatmp->g = BN_new();
-		bn_expand2(dsatmp->pub_key, el/sizeof(BN_ULONG));
-		bn_expand2(dsatmp->p, el/sizeof(BN_ULONG));
-		bn_expand2(dsatmp->q, 20/sizeof(BN_ULONG));
-		bn_expand2(dsatmp->g, el/sizeof(BN_ULONG));
-		if (!dsatmp->pub_key || dsatmp->pub_key->dmax!=(int)(el/sizeof(BN_ULONG))|| 
-			!dsatmp->p || dsatmp->p->dmax!=(int)(el/sizeof(BN_ULONG)) ||
-			!dsatmp->q || dsatmp->q->dmax!=20/sizeof(BN_ULONG) ||
-			!dsatmp->g || dsatmp->g->dmax!=(int)(el/sizeof(BN_ULONG)))
-			goto err;
-
-		ret=p_surewarehk_Load_Dsa_Pubkey(msg,key_id,el,
-						 (unsigned long *)dsatmp->pub_key->d, 
-						 (unsigned long *)dsatmp->p->d,
-						 (unsigned long *)dsatmp->q->d,
-						 (unsigned long *)dsatmp->g->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
-		if (ret!=1)
-		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-			goto err;
-		}
-		/* set parameters */
-		/* normalise pubkey and parameters in case of */
-		dsatmp->pub_key->top=el/sizeof(BN_ULONG);
-		bn_fix_top(dsatmp->pub_key);
-		dsatmp->p->top=el/sizeof(BN_ULONG);
-		bn_fix_top(dsatmp->p);
-		dsatmp->q->top=20/sizeof(BN_ULONG);
-		bn_fix_top(dsatmp->q);
-		dsatmp->g->top=el/sizeof(BN_ULONG);
-		bn_fix_top(dsatmp->g);
-
-		/* create an EVP object: engine + rsa key */
-		res = EVP_PKEY_new();
-		EVP_PKEY_assign_DSA(res, dsatmp);
-		break;
-#endif
-
-	default:
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-		goto err;
-	}
-	return res;
- err:
-	if (res)
-		EVP_PKEY_free(res);
-#ifndef OPENSSL_NO_RSA
-	if (rsatmp)
-		RSA_free(rsatmp);
-#endif
-#ifndef OPENSSL_NO_DSA
-	if (dsatmp)
-		DSA_free(dsatmp);
-#endif
-	return NULL;
-}
-
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
-					 UI_METHOD *ui_method, void *callback_data)
-{
-	EVP_PKEY *res = NULL;
-	int ret=0;
-	unsigned long el=0;
-	char *hptr=NULL;
-	char keytype=0;
-	char msg[64]="ENGINE_load_privkey";
-
-	if(!p_surewarehk_Load_Privkey)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-	{
-		ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype);
-		if (ret!=1)
-		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-			ERR_add_error_data(1,msg);		
-		}
-		else
-			res=sureware_load_public(e,key_id,hptr,el,keytype);
-	}
-	return res;
-}
-
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
-					 UI_METHOD *ui_method, void *callback_data)
-{
-	EVP_PKEY *res = NULL;
-	int ret=0;
-	unsigned long el=0;
-	char *hptr=NULL;
-	char keytype=0;
-	char msg[64]="ENGINE_load_pubkey";
-
-	if(!p_surewarehk_Info_Pubkey)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-	{
-		/* call once to identify if DSA or RSA */
-		ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype);
-		if (ret!=1)
-		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-			ERR_add_error_data(1,msg);
-		}
-		else
-			res=sureware_load_public(e,key_id,hptr,el,keytype);
-	}
-	return res;
-}
-
-/* This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
-, called when ex_data is freed */
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int idx,long argl, void *argp)
-{
-	if(!p_surewarehk_Free)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-		p_surewarehk_Free((char *)item,0);
-}
-
-#if 0
-/* This cleans up an DH KM key (destroys the key into hardware), 
-called when ex_data is freed */
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-	int idx,long argl, void *argp)
-{
-	if(!p_surewarehk_Free)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-		p_surewarehk_Free((char *)item,1);
-}
-#endif
-
-/*
-* return number of decrypted bytes
-*/
-#ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
-			RSA *rsa,int padding)
-{
-	int ret=0,tlen;
-	char *buf=NULL,*hptr=NULL;
-	char msg[64]="ENGINE_rsa_priv_dec";
-	if (!p_surewarehk_Rsa_Priv_Dec)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ENGINE_R_NOT_INITIALISED);
-	}
-	/* extract ref to private key */
-	else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_MISSING_KEY_COMPONENTS);
-		goto err;
-	}
-	/* analyse what padding we can do into the hardware */
-	if (padding==RSA_PKCS1_PADDING)
-	{
-		/* do it one shot */
-		ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret);
-		if (ret!=1)
-			goto err;
-		ret=tlen;
-	}
-	else /* do with no padding into hardware */
-	{
-		ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_NO_PAD);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret);
-		if (ret!=1)
-			goto err;
-		/* intermediate buffer for padding */
-		if ((buf=OPENSSL_malloc(tlen)) == NULL)
-		{
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		memcpy(buf,to,tlen);/* transfert to into buf */
-		switch (padding) /* check padding in software */
-		{
-#ifndef OPENSSL_NO_SHA
-		case RSA_PKCS1_OAEP_PADDING:
-			ret=RSA_padding_check_PKCS1_OAEP(to,tlen,(unsigned char *)buf,tlen,tlen,NULL,0);
-			break;
-#endif
- 		case RSA_SSLV23_PADDING:
-			ret=RSA_padding_check_SSLv23(to,tlen,(unsigned char *)buf,flen,tlen);
-			break;
-		case RSA_NO_PADDING:
-			ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen);
-			break;
-		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE);
-			goto err;
-		}
-		if (ret < 0)
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED);
-	}
-err:
-	if (buf)
-	{
-		OPENSSL_cleanse(buf,tlen);
-		OPENSSL_free(buf);
-	}
-	return ret;
-}
-
-/*
-* Does what OpenSSL rsa_priv_enc does.
-*/
-static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
-			    RSA *rsa,int padding)
-{
-	int ret=0,tlen;
-	char *hptr=NULL;
-	char msg[64]="ENGINE_rsa_sign";
-	if (!p_surewarehk_Rsa_Sign)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED);
-	}
-	/* extract ref to private key */
-	else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS);
-	}
-	else
-	{
-		switch (padding)
-		{
-		case RSA_PKCS1_PADDING: /* do it in one shot */
-			ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret);
-			break;
-		case RSA_NO_PADDING:
-		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE);
-		}
-	}
-	return ret==1 ? tlen : ret;
-}
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* DSA sign and verify */
-static	DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *from, int flen, DSA *dsa)
-{
-	int ret=0;
-	char *hptr=NULL;
-	DSA_SIG *psign=NULL;
-	char msg[64]="ENGINE_dsa_do_sign";
-	if (!p_surewarehk_Dsa_Sign)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED);
-	}
-	/* extract ref to private key */
-	else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx)))
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
-	}
-	else
-	{
-		if((psign = DSA_SIG_new()) == NULL)
-		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		psign->r=BN_new();
-		psign->s=BN_new();
-		bn_expand2(psign->r, 20/sizeof(BN_ULONG));
-		bn_expand2(psign->s, 20/sizeof(BN_ULONG));
-		if (!psign->r || psign->r->dmax!=20/sizeof(BN_ULONG) ||
-			!psign->s || psign->s->dmax!=20/sizeof(BN_ULONG))
-			goto err;
-		ret=p_surewarehk_Dsa_Sign(msg,flen,from,
-					  (unsigned long *)psign->r->d,
-					  (unsigned long *)psign->s->d,
-					  hptr);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ret);
-	}
-	psign->r->top=20/sizeof(BN_ULONG);
-	bn_fix_top(psign->r);
-	psign->s->top=20/sizeof(BN_ULONG);
-	bn_fix_top(psign->s);
-
-err:	
-	if (psign)
-	{
-		DSA_SIG_free(psign);
-		psign=NULL;
-	}
-	return psign;
-}
-#endif
-
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			     const BIGNUM *m, BN_CTX *ctx)
-{
-	int ret=0;
-	char msg[64]="ENGINE_modexp";
-	if (!p_surewarehk_Mod_Exp)
-	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
-	}
-	else
-	{
-		bn_expand2(r,m->top);
-		if (r && r->dmax==m->top)
-		{
-			/* do it*/
-			ret=p_surewarehk_Mod_Exp(msg,
-						 m->top*sizeof(BN_ULONG),
-						 (unsigned long *)m->d,
-						 p->top*sizeof(BN_ULONG),
-						 (unsigned long *)p->d,
-						 a->top*sizeof(BN_ULONG),
-						 (unsigned long *)a->d,
-						 (unsigned long *)r->d);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret);
-			if (ret==1)
-			{
-				/* normalise result */
-				r->top=m->top;
-				bn_fix_top(r);
-			}
-		}
-	}
-	return ret;
-}
-#endif /* !OPENSSL_NO_HW_SureWare */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_sureware_err.c b/crypto/openssl/crypto/engine/hw_sureware_err.c
deleted file mode 100644
index 69955dadbb90..000000000000
--- a/crypto/openssl/crypto/engine/hw_sureware_err.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* hw_sureware_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_sureware_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA SUREWARE_str_functs[]=
-	{
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_CTRL,0),	"SUREWAREHK_CTRL"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,0),	"SUREWAREHK_DSA_DO_SIGN"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_EX_FREE,0),	"SUREWAREHK_EX_FREE"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_FINISH,0),	"SUREWAREHK_FINISH"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_INIT,0),	"SUREWAREHK_INIT"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,0),	"SUREWAREHK_LOAD_PRIVATE_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,0),	"SUREWAREHK_LOAD_PUBLIC_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_MOD_EXP,0),	"SUREWAREHK_MOD_EXP"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_BYTES,0),	"SUREWAREHK_RAND_BYTES"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_SEED,0),	"SUREWAREHK_RAND_SEED"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,0),	"SUREWAREHK_RSA_PRIV_DEC"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,0),	"SUREWAREHK_RSA_PRIV_ENC"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA SUREWARE_str_reasons[]=
-	{
-{SUREWARE_R_BIO_WAS_FREED                ,"bio was freed"},
-{SUREWARE_R_MISSING_KEY_COMPONENTS       ,"missing key components"},
-{SUREWARE_R_REQUEST_FAILED               ,"request failed"},
-{SUREWARE_R_REQUEST_FALLBACK             ,"request fallback"},
-{SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL  ,"size too large or too small"},
-{SUREWARE_R_UNIT_FAILURE                 ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-static ERR_STRING_DATA SUREWARE_lib_name[]=
-        {
-{0	,SUREWARE_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int SUREWARE_lib_error_code=0;
-static int SUREWARE_error_init=1;
-
-static void ERR_load_SUREWARE_strings(void)
-	{
-	if (SUREWARE_lib_error_code == 0)
-		SUREWARE_lib_error_code=ERR_get_next_error_library();
-
-	if (SUREWARE_error_init)
-		{
-		SUREWARE_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
-		ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-		SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code,0,0);
-		ERR_load_strings(0,SUREWARE_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_SUREWARE_strings(void)
-	{
-	if (SUREWARE_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
-		ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-		ERR_unload_strings(0,SUREWARE_lib_name);
-#endif
-		SUREWARE_error_init=1;
-		}
-	}
-
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
-	{
-	if (SUREWARE_lib_error_code == 0)
-		SUREWARE_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(SUREWARE_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_sureware_err.h b/crypto/openssl/crypto/engine/hw_sureware_err.h
deleted file mode 100644
index bc52af5e05d0..000000000000
--- a/crypto/openssl/crypto/engine/hw_sureware_err.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SUREWARE_ERR_H
-#define HEADER_SUREWARE_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_SUREWARE_strings(void);
-static void ERR_unload_SUREWARE_strings(void);
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line);
-#define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the SUREWARE functions. */
-
-/* Function codes. */
-#define SUREWARE_F_SUREWAREHK_CTRL			 100
-#define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN		 101
-#define SUREWARE_F_SUREWAREHK_EX_FREE			 102
-#define SUREWARE_F_SUREWAREHK_FINISH			 103
-#define SUREWARE_F_SUREWAREHK_INIT			 104
-#define SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY		 105
-#define SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY		 106
-#define SUREWARE_F_SUREWAREHK_MOD_EXP			 107
-#define SUREWARE_F_SUREWAREHK_RAND_BYTES		 108
-#define SUREWARE_F_SUREWAREHK_RAND_SEED			 109
-#define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC		 110
-#define SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC		 111
-
-/* Reason codes. */
-#define SUREWARE_R_BIO_WAS_FREED			 100
-#define SUREWARE_R_MISSING_KEY_COMPONENTS		 105
-#define SUREWARE_R_REQUEST_FAILED			 101
-#define SUREWARE_R_REQUEST_FALLBACK			 102
-#define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 103
-#define SUREWARE_R_UNIT_FAILURE				 104
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/hw_ubsec.c b/crypto/openssl/crypto/engine/hw_ubsec.c
deleted file mode 100644
index 6286dd851c61..000000000000
--- a/crypto/openssl/crypto/engine/hw_ubsec.c
+++ /dev/null
@@ -1,1061 +0,0 @@
-/* crypto/engine/hw_ubsec.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- *
- * Cloned shamelessly by Joe Tardo. 
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_UBSEC
-
-#ifdef FLAT_INC
-#include "hw_ubsec.h"
-#else
-#include "vendor_defns/hw_ubsec.h"
-#endif
-
-#define UBSEC_LIB_NAME "ubsec engine"
-#include "hw_ubsec_err.c"
-
-#define FAIL_TO_SOFTWARE -15
-
-static int ubsec_destroy(ENGINE *e);
-static int ubsec_init(ENGINE *e);
-static int ubsec_finish(ENGINE *e);
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx);
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *q, const BIGNUM *dp,
-			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#ifndef OPENSSL_NO_DSA
-#ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx);
-#endif
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
-                                DSA_SIG *sig, DSA *dsa);
-#endif
-#ifndef OPENSSL_NO_DH
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx);
-static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-static int ubsec_dh_generate_key(DH *dh);
-#endif
-
-#ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char *buf, int num);
-static int ubsec_rand_status(void);
-#endif
-
-#define UBSEC_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
-	{UBSEC_CMD_SO_PATH,
-		"SO_PATH",
-		"Specifies the path to the 'ubsec' shared library",
-		ENGINE_CMD_FLAG_STRING},
-	{0, NULL, NULL, 0}
-	};
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD ubsec_rsa =
-	{
-	"UBSEC RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	ubsec_rsa_mod_exp,
-	ubsec_mod_exp_mont,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD ubsec_dsa =
-	{
-	"UBSEC DSA method",
-	ubsec_dsa_do_sign, /* dsa_do_sign */
-	NULL, /* dsa_sign_setup */
-	ubsec_dsa_verify, /* dsa_do_verify */
-	NULL, /* ubsec_dsa_mod_exp */ /* dsa_mod_exp */
-	NULL, /* ubsec_mod_exp_dsa */ /* bn_mod_exp */
-	NULL, /* init */
-	NULL, /* finish */
-	0, /* flags */
-	NULL /* app_data */
-	};
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD ubsec_dh =
-	{
-	"UBSEC DH method",
-	ubsec_dh_generate_key,
-	ubsec_dh_compute_key,
-	ubsec_mod_exp_dh,
-	NULL,
-	NULL,
-	0,
-	NULL
-	};
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_ubsec_id = "ubsec";
-static const char *engine_ubsec_name = "UBSEC hardware engine support";
-
-/* This internal function is used by ENGINE_ubsec() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
-	{
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
-#ifndef HAVE_UBSEC_DH
-	const DH_METHOD *meth3;
-#endif /* HAVE_UBSEC_DH */
-#endif
-	if(!ENGINE_set_id(e, engine_ubsec_id) ||
-			!ENGINE_set_name(e, engine_ubsec_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &ubsec_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(e, &ubsec_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &ubsec_dh) ||
-#endif
-			!ENGINE_set_destroy_function(e, ubsec_destroy) ||
-			!ENGINE_set_init_function(e, ubsec_init) ||
-			!ENGINE_set_finish_function(e, ubsec_finish) ||
-			!ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
-			!ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
-		return 0;
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the Broadcom-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway! */ 
-	meth1 = RSA_PKCS1_SSLeay();
-	ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-	ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-	ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-	ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
-#ifndef HAVE_UBSEC_DH
-	/* Much the same for Diffie-Hellman */
-	meth3 = DH_OpenSSL();
-	ubsec_dh.generate_key = meth3->generate_key;
-	ubsec_dh.compute_key = meth3->compute_key;
-#endif /* HAVE_UBSEC_DH */
-#endif
-
-	/* Ensure the ubsec error handling is set up */
-	ERR_load_UBSEC_strings();
-	return 1;
-	}
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_ubsec(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_ubsec(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_ubsec();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the UBSEC library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-
-static DSO *ubsec_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-
-static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL;
-static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
-static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
-static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
-static t_UBSEC_diffie_hellman_generate_ioctl 
-	*p_UBSEC_diffie_hellman_generate_ioctl = NULL;
-static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
-static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
-static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
-static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
-static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
-static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL;
-
-static int max_key_len = 1024;  /* ??? */
-
-/* 
- * These are the static string constants for the DSO file name and the function
- * symbol names to bind to. 
- */
-
-static const char *UBSEC_LIBNAME = NULL;
-static const char *get_UBSEC_LIBNAME(void)
-	{
-	if(UBSEC_LIBNAME)
-		return UBSEC_LIBNAME;
-	return "ubsec";
-	}
-static void free_UBSEC_LIBNAME(void)
-	{
-	if(UBSEC_LIBNAME)
-		OPENSSL_free((void*)UBSEC_LIBNAME);
-	UBSEC_LIBNAME = NULL;
-	}
-static long set_UBSEC_LIBNAME(const char *name)
-	{
-	free_UBSEC_LIBNAME();
-	return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-	}
-static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
-static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
-static const char *UBSEC_F3 = "ubsec_open";
-static const char *UBSEC_F4 = "ubsec_close";
-#ifndef OPENSSL_NO_DH
-static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
-static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
-static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-static const char *UBSEC_F9 = "dsa_sign_ioctl";
-static const char *UBSEC_F10 = "dsa_verify_ioctl";
-#endif
-static const char *UBSEC_F11 = "math_accelerate_ioctl";
-static const char *UBSEC_F12 = "rng_ioctl";
-static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
-
-/* Destructor (complements the "ENGINE_ubsec()" constructor) */
-static int ubsec_destroy(ENGINE *e)
-	{
-	free_UBSEC_LIBNAME();
-	ERR_unload_UBSEC_strings();
-	return 1;
-	}
-
-/* (de)initialisation functions. */
-static int ubsec_init(ENGINE *e)
-	{
-	t_UBSEC_ubsec_bytes_to_bits *p1;
-	t_UBSEC_ubsec_bits_to_bytes *p2;
-	t_UBSEC_ubsec_open *p3;
-	t_UBSEC_ubsec_close *p4;
-#ifndef OPENSSL_NO_DH
-	t_UBSEC_diffie_hellman_generate_ioctl *p5;
-	t_UBSEC_diffie_hellman_agree_ioctl *p6;
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-	t_UBSEC_rsa_mod_exp_ioctl *p7;
-	t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-	t_UBSEC_dsa_sign_ioctl *p9;
-	t_UBSEC_dsa_verify_ioctl *p10;
-#endif
-	t_UBSEC_math_accelerate_ioctl *p11;
-	t_UBSEC_rng_ioctl *p12;
-        t_UBSEC_max_key_len_ioctl *p13;
-	int fd = 0;
-
-	if(ubsec_dso != NULL)
-		{
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* 
-	 * Attempt to load libubsec.so/ubsec.dll/whatever. 
-	 */
-	ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
-	if(ubsec_dso == NULL)
-		{
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
-		goto err;
-		}
-
-	if (
-	!(p1 = (t_UBSEC_ubsec_bytes_to_bits *) DSO_bind_func(ubsec_dso, UBSEC_F1)) ||
-	!(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) ||
-	!(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) ||
-	!(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) ||
-#ifndef OPENSSL_NO_DH
-	!(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F5)) ||
-	!(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F6)) ||
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-	!(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) ||
-	!(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) ||
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-	!(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) ||
-	!(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) ||
-#endif
-	!(p11 = (t_UBSEC_math_accelerate_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
-	!(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)) ||
-        !(p13 = (t_UBSEC_max_key_len_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F13)))
-		{
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
-		goto err;
-		}
-
-	/* Copy the pointers */
-	p_UBSEC_ubsec_bytes_to_bits = p1;
-	p_UBSEC_ubsec_bits_to_bytes = p2;
-	p_UBSEC_ubsec_open = p3;
-	p_UBSEC_ubsec_close = p4;
-#ifndef OPENSSL_NO_DH
-	p_UBSEC_diffie_hellman_generate_ioctl = p5;
-	p_UBSEC_diffie_hellman_agree_ioctl = p6;
-#endif
-#ifndef OPENSSL_NO_RSA
-	p_UBSEC_rsa_mod_exp_ioctl = p7;
-	p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
-#endif
-#ifndef OPENSSL_NO_DSA
-	p_UBSEC_dsa_sign_ioctl = p9;
-	p_UBSEC_dsa_verify_ioctl = p10;
-#endif
-	p_UBSEC_math_accelerate_ioctl = p11;
-	p_UBSEC_rng_ioctl = p12;
-        p_UBSEC_max_key_len_ioctl = p13;
-
-	/* Perform an open to see if there's actually any unit running. */
-	if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0) && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0))
-	{
-	   p_UBSEC_ubsec_close(fd);
-	   return 1;
-	}
-	else
-	{
-	  UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-	}
-
-err:
-	if(ubsec_dso)
-		DSO_free(ubsec_dso);
-	p_UBSEC_ubsec_bytes_to_bits = NULL;
-	p_UBSEC_ubsec_bits_to_bytes = NULL;
-	p_UBSEC_ubsec_open = NULL;
-	p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
-	p_UBSEC_diffie_hellman_generate_ioctl = NULL;
-	p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_RSA
-	p_UBSEC_rsa_mod_exp_ioctl = NULL;
-	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
-	p_UBSEC_dsa_sign_ioctl = NULL;
-	p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
-	p_UBSEC_math_accelerate_ioctl = NULL;
-	p_UBSEC_rng_ioctl = NULL;
-        p_UBSEC_max_key_len_ioctl = NULL;
-
-	return 0;
-	}
-
-static int ubsec_finish(ENGINE *e)
-	{
-	free_UBSEC_LIBNAME();
-	if(ubsec_dso == NULL)
-		{
-		UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(ubsec_dso))
-		{
-		UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
-		return 0;
-		}
-	ubsec_dso = NULL;
-	p_UBSEC_ubsec_bytes_to_bits = NULL;
-	p_UBSEC_ubsec_bits_to_bytes = NULL;
-	p_UBSEC_ubsec_open = NULL;
-	p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
-	p_UBSEC_diffie_hellman_generate_ioctl = NULL;
-	p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_RSA
-	p_UBSEC_rsa_mod_exp_ioctl = NULL;
-	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
-	p_UBSEC_dsa_sign_ioctl = NULL;
-	p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
-	p_UBSEC_math_accelerate_ioctl = NULL;
-	p_UBSEC_rng_ioctl = NULL;
-        p_UBSEC_max_key_len_ioctl = NULL;
-	return 1;
-	}
-
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((ubsec_dso == NULL) ? 0 : 1);
-	switch(cmd)
-		{
-	case UBSEC_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			UBSECerr(UBSEC_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
-			return 0;
-			}
-		return set_UBSEC_LIBNAME((const char *)p);
-	default:
-		break;
-		}
-	UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx)
-	{
-	int 	y_len = 0;
-	int 	fd;
-
-	if(ubsec_dso == NULL)
-	{
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
-		return 0;
-	}
-
-	/* Check if hardware can't handle this argument. */
-	y_len = BN_num_bits(m);
-	if (y_len > max_key_len) {
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-                return BN_mod_exp(r, a, p, m, ctx);
-	} 
-
-	if(!bn_wexpand(r, m->top))
-	{
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
-		return 0;
-	}
-	memset(r->d, 0, BN_num_bytes(m));
-
-	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
-		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                return BN_mod_exp(r, a, p, m, ctx);
-	}
-
-	if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a),
-		(unsigned char *)m->d, BN_num_bits(m), (unsigned char *)p->d, 
-		BN_num_bits(p), (unsigned char *)r->d, &y_len) != 0)
-	{
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-
-                return BN_mod_exp(r, a, p, m, ctx);
-	}
-
-	p_UBSEC_ubsec_close(fd);
-
-	r->top = (BN_num_bits(m)+BN_BITS2-1)/BN_BITS2;
-	return 1;
-	}
-
-#ifndef OPENSSL_NO_RSA
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	BN_CTX *ctx;
-	int to_return = 0;
-
-	if((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
-		{
-		UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
-		goto err;
-		}
-
-	to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
-		    rsa->dmq1, rsa->iqmp, ctx);
-	if (to_return == FAIL_TO_SOFTWARE)
-	{
-	  /*
-	   * Do in software as hardware failed.
-	   */
-	   const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-	   to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
-	}
-err:
-	if(ctx)
-		BN_CTX_free(ctx);
-	return to_return;
-	}
-#endif
-
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *q, const BIGNUM *dp,
-			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
-	{
-	int	y_len,
-		m_len,
-		fd;
-
-	m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
-	y_len = BN_num_bits(p) + BN_num_bits(q);
-
-	/* Check if hardware can't handle this argument. */
-	if (y_len > max_key_len) {
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-		return FAIL_TO_SOFTWARE;
-	} 
-
-	if (!bn_wexpand(r, p->top + q->top + 1)) {
-		UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
-		return 0;
-	}
-
-	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
-		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-		return FAIL_TO_SOFTWARE;
-	}
-
-	if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd,
-		(unsigned char *)a->d, BN_num_bits(a), 
-		(unsigned char *)qinv->d, BN_num_bits(qinv),
-		(unsigned char *)dp->d, BN_num_bits(dp),
-		(unsigned char *)p->d, BN_num_bits(p),
-		(unsigned char *)dq->d, BN_num_bits(dq),
-		(unsigned char *)q->d, BN_num_bits(q),
-		(unsigned char *)r->d,  &y_len) != 0) {
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-		return FAIL_TO_SOFTWARE;
-	}
-
-	p_UBSEC_ubsec_close(fd);
-
-	r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
-	return 1;
-}
-
-#ifndef OPENSSL_NO_DSA
-#ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BIGNUM t;
-	int to_return = 0;
- 
-	BN_init(&t);
-	/* let rr = a1 ^ p1 mod m */
-	if (!ubsec_mod_exp(rr,a1,p1,m,ctx)) goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!ubsec_mod_exp(&t,a2,p2,m,ctx)) goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
-	to_return = 1;
-end:
-	BN_free(&t);
-	return to_return;
-	}
-
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx)
-	{
-	return ubsec_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-#endif
-
-/*
- * This function is aliased to mod_exp (with the mont stuff dropped).
- */
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-        {
-	int ret = 0;
-
-#ifndef OPENSSL_NO_RSA
- 	/* Do in software if the key is too large for the hardware. */
-	if (BN_num_bits(m) > max_key_len)
-                {
-		const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-		ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
-                }
-        else
-#endif
-                {
-		ret = ubsec_mod_exp(r, a, p, m, ctx);
-                }
-	
-	return ret;
-        }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx)
-	{
-	return ubsec_mod_exp(r, a, p, m, ctx);
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-	{
-	DSA_SIG *to_return = NULL;
-	int s_len = 160, r_len = 160, d_len, fd;
-	BIGNUM m, *r=NULL, *s=NULL;
-
-	BN_init(&m);
-
-	s = BN_new();
-	r = BN_new();
-	if ((s == NULL) || (r==NULL))
-		goto err;
-
-	d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen);
-
-        if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) ||
-       	   (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
-		goto err;
-	}
-
-	if (BN_bin2bn(dgst,dlen,&m) == NULL) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
-		goto err;
-	} 
-
-	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
-                const DSA_METHOD *meth;
-		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                meth = DSA_OpenSSL();
-                to_return =  meth->dsa_do_sign(dgst, dlen, dsa);
-		goto err;
-	}
-
-	if (p_UBSEC_dsa_sign_ioctl(fd, 0, /* compute hash before signing */
-		(unsigned char *)dgst, d_len,
-		NULL, 0,  /* compute random value */
-		(unsigned char *)dsa->p->d, BN_num_bits(dsa->p), 
-		(unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
-		(unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
-		(unsigned char *)dsa->priv_key->d, BN_num_bits(dsa->priv_key),
-		(unsigned char *)r->d, &r_len,
-		(unsigned char *)s->d, &s_len ) != 0) {
-                const DSA_METHOD *meth;
-
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-                meth = DSA_OpenSSL();
-                to_return = meth->dsa_do_sign(dgst, dlen, dsa);
-
-		goto err;
-	}
-
-	p_UBSEC_ubsec_close(fd);
-
-	r->top = (160+BN_BITS2-1)/BN_BITS2;
-	s->top = (160+BN_BITS2-1)/BN_BITS2;
-
-	to_return = DSA_SIG_new();
-	if(to_return == NULL) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
-		goto err;
-	}
-
-	to_return->r = r;
-	to_return->s = s;
-
-err:
-	if (!to_return) {
-		if (r) BN_free(r);
-		if (s) BN_free(s);
-	}                                 
-	BN_clear_free(&m);
-	return to_return;
-}
-
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
-                                DSA_SIG *sig, DSA *dsa)
-	{
-	int v_len, d_len;
-	int to_return = 0;
-	int fd;
-	BIGNUM v;
-
-	BN_init(&v);
-
-	if(!bn_wexpand(&v, dsa->p->top)) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL);
-		goto err;
-	}
-
-	v_len = BN_num_bits(dsa->p);
-
-	d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);
-
-	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
-                const DSA_METHOD *meth;
-		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                meth = DSA_OpenSSL();
-                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-		goto err;
-	}
-
-	if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */
-		(unsigned char *)dgst, d_len,
-		(unsigned char *)dsa->p->d, BN_num_bits(dsa->p), 
-		(unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
-		(unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
-		(unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key),
-		(unsigned char *)sig->r->d, BN_num_bits(sig->r),
-		(unsigned char *)sig->s->d, BN_num_bits(sig->s),
-		(unsigned char *)v.d, &v_len) != 0) {
-                const DSA_METHOD *meth;
-		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-
-                meth = DSA_OpenSSL();
-                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-
-		goto err;
-	}
-
-	p_UBSEC_ubsec_close(fd);
-
-	to_return = 1;
-err:
-	BN_clear_free(&v);
-	return to_return;
-	}
-#endif
-
-#ifndef OPENSSL_NO_DH
-static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh)
-        {
-        int      ret      = -1,
-                 k_len,
-                 fd;
-
-        k_len = BN_num_bits(dh->p);
-
-        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
-                {
-                const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                meth = DH_OpenSSL();
-                ret = meth->compute_key(key, pub_key, dh);
-                goto err;
-                }
-
-        if (p_UBSEC_diffie_hellman_agree_ioctl(fd,
-                                               (unsigned char *)dh->priv_key->d, BN_num_bits(dh->priv_key),
-                                               (unsigned char *)pub_key->d, BN_num_bits(pub_key),
-                                               (unsigned char *)dh->p->d, BN_num_bits(dh->p),
-                                               key, &k_len) != 0)
-                {
-                /* Hardware's a no go, failover to software */
-                const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-
-                meth = DH_OpenSSL();
-                ret = meth->compute_key(key, pub_key, dh);
-
-                goto err;
-                }
-
-        p_UBSEC_ubsec_close(fd);
-
-        ret = p_UBSEC_ubsec_bits_to_bytes(k_len);
-err:
-        return ret;
-        }
-
-static int ubsec_dh_generate_key (DH *dh)
-        {
-        int      ret               = 0,
-                 random_bits       = 0,
-                 pub_key_len       = 0,
-                 priv_key_len      = 0,
-                 fd;
-        BIGNUM   *pub_key          = NULL;
-        BIGNUM   *priv_key         = NULL;
-
-        /* 
-         *  How many bits should Random x be? dh_key.c
-         *  sets the range from 0 to num_bits(modulus) ???
-         */
-
-        if (dh->priv_key == NULL)
-                {
-                priv_key = BN_new();
-                if (priv_key == NULL) goto err;
-                priv_key_len = BN_num_bits(dh->p);
-                bn_wexpand(priv_key, dh->p->top);
-                do
-                        if (!BN_rand_range(priv_key, dh->p)) goto err;
-                while (BN_is_zero(priv_key));
-                random_bits = BN_num_bits(priv_key);
-                }
-        else
-                {
-                priv_key = dh->priv_key;
-                }
-
-        if (dh->pub_key == NULL)
-                {
-                pub_key = BN_new();
-                pub_key_len = BN_num_bits(dh->p);
-                bn_wexpand(pub_key, dh->p->top);
-                if(pub_key == NULL) goto err;
-                }
-        else
-                {
-                pub_key = dh->pub_key;
-                }
-
-        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
-                {
-                const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                meth = DH_OpenSSL();
-                ret = meth->generate_key(dh);
-                goto err;
-                }
-
-        if (p_UBSEC_diffie_hellman_generate_ioctl(fd,
-                                                  (unsigned char *)priv_key->d, &priv_key_len,
-                                                  (unsigned char *)pub_key->d,  &pub_key_len,
-                                                  (unsigned char *)dh->g->d, BN_num_bits(dh->g),
-                                                  (unsigned char *)dh->p->d, BN_num_bits(dh->p),
-                                                  0, 0, random_bits) != 0)
-                {
-                /* Hardware's a no go, failover to software */
-                const DH_METHOD *meth;
-
-                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-
-                meth = DH_OpenSSL();
-                ret = meth->generate_key(dh);
-
-                goto err;
-                }
-
-        p_UBSEC_ubsec_close(fd);
-
-        dh->pub_key = pub_key;
-        dh->pub_key->top = (pub_key_len + BN_BITS2-1) / BN_BITS2;
-        dh->priv_key = priv_key;
-        dh->priv_key->top = (priv_key_len + BN_BITS2-1) / BN_BITS2;
-
-        ret = 1;
-err:
-        return ret;
-        }
-#endif
-
-#ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char * buf,
-                            int num)
-        {
-        int      ret      = 0,
-                 fd;
-
-        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
-                {
-                const RAND_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
-                num = p_UBSEC_ubsec_bits_to_bytes(num);
-                meth = RAND_SSLeay();
-                meth->seed(buf, num);
-                ret = meth->bytes(buf, num);
-                goto err;
-                }
-
-        num *= 8; /* bytes to bits */
-
-        if (p_UBSEC_rng_ioctl(fd,
-                              UBSEC_RNG_DIRECT,
-                              buf,
-                              &num) != 0)
-                {
-                /* Hardware's a no go, failover to software */
-                const RAND_METHOD *meth;
-
-                ENGINEerr(UBSEC_F_UBSEC_RNG_BYTES, UBSEC_R_REQUEST_FAILED);
-                p_UBSEC_ubsec_close(fd);
-
-                num = p_UBSEC_ubsec_bits_to_bytes(num);
-                meth = RAND_SSLeay();
-                meth->seed(buf, num);
-                ret = meth->bytes(buf, num);
-
-                goto err;
-                }
-
-        p_UBSEC_ubsec_close(fd);
-
-        ret = 1;
-err:
-        return(ret);
-        }
-
-
-static int ubsec_rand_status(void)
-	{
-	return 0;
-	}
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_ubsec_id) != 0))
-		return 0;
-	if(!bind_helper(e))
-		return 0;
-	return 1;
-	}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_UBSEC */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/crypto/engine/hw_ubsec_err.c b/crypto/openssl/crypto/engine/hw_ubsec_err.c
deleted file mode 100644
index d707331fc201..000000000000
--- a/crypto/openssl/crypto/engine/hw_ubsec_err.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* hw_ubsec_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_ubsec_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA UBSEC_str_functs[]=
-	{
-{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0),	"UBSEC_CTRL"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DH_COMPUTE_KEY,0),	"UBSEC_DH_COMPUTE_KEY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0),	"UBSEC_DSA_SIGN"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0),	"UBSEC_DSA_VERIFY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0),	"UBSEC_FINISH"},
-{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0),	"UBSEC_INIT"},
-{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0),	"UBSEC_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RNG_BYTES,0),	"UBSEC_RNG_BYTES"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0),	"UBSEC_RSA_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0),	"UBSEC_RSA_MOD_EXP_CRT"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA UBSEC_str_reasons[]=
-	{
-{UBSEC_R_ALREADY_LOADED                  ,"already loaded"},
-{UBSEC_R_BN_EXPAND_FAIL                  ,"bn expand fail"},
-{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{UBSEC_R_DSO_FAILURE                     ,"dso failure"},
-{UBSEC_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
-{UBSEC_R_NOT_LOADED                      ,"not loaded"},
-{UBSEC_R_REQUEST_FAILED                  ,"request failed"},
-{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
-{UBSEC_R_UNIT_FAILURE                    ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef UBSEC_LIB_NAME
-static ERR_STRING_DATA UBSEC_lib_name[]=
-        {
-{0	,UBSEC_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int UBSEC_lib_error_code=0;
-static int UBSEC_error_init=1;
-
-static void ERR_load_UBSEC_strings(void)
-	{
-	if (UBSEC_lib_error_code == 0)
-		UBSEC_lib_error_code=ERR_get_next_error_library();
-
-	if (UBSEC_error_init)
-		{
-		UBSEC_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_functs);
-		ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
-		UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code,0,0);
-		ERR_load_strings(0,UBSEC_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_UBSEC_strings(void)
-	{
-	if (UBSEC_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_functs);
-		ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
-		ERR_unload_strings(0,UBSEC_lib_name);
-#endif
-		UBSEC_error_init=1;
-		}
-	}
-
-static void ERR_UBSEC_error(int function, int reason, char *file, int line)
-	{
-	if (UBSEC_lib_error_code == 0)
-		UBSEC_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(UBSEC_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/crypto/engine/hw_ubsec_err.h b/crypto/openssl/crypto/engine/hw_ubsec_err.h
deleted file mode 100644
index 023d3be77116..000000000000
--- a/crypto/openssl/crypto/engine/hw_ubsec_err.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UBSEC_ERR_H
-#define HEADER_UBSEC_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_UBSEC_strings(void);
-static void ERR_unload_UBSEC_strings(void);
-static void ERR_UBSEC_error(int function, int reason, char *file, int line);
-#define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the UBSEC functions. */
-
-/* Function codes. */
-#define UBSEC_F_UBSEC_CTRL				 100
-#define UBSEC_F_UBSEC_DH_COMPUTE_KEY			 101
-#define UBSEC_F_UBSEC_DSA_SIGN				 102
-#define UBSEC_F_UBSEC_DSA_VERIFY			 103
-#define UBSEC_F_UBSEC_FINISH				 104
-#define UBSEC_F_UBSEC_INIT				 105
-#define UBSEC_F_UBSEC_MOD_EXP				 106
-#define UBSEC_F_UBSEC_RNG_BYTES				 107
-#define UBSEC_F_UBSEC_RSA_MOD_EXP			 108
-#define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT			 109
-
-/* Reason codes. */
-#define UBSEC_R_ALREADY_LOADED				 100
-#define UBSEC_R_BN_EXPAND_FAIL				 101
-#define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED		 102
-#define UBSEC_R_DSO_FAILURE				 103
-#define UBSEC_R_MISSING_KEY_COMPONENTS			 104
-#define UBSEC_R_NOT_LOADED				 105
-#define UBSEC_R_REQUEST_FAILED				 106
-#define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 107
-#define UBSEC_R_UNIT_FAILURE				 108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/engine/tb_cipher.c b/crypto/openssl/crypto/engine/tb_cipher.c
deleted file mode 100644
index 50b3cec1fa59..000000000000
--- a/crypto/openssl/crypto/engine/tb_cipher.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that
- * is used by EVP to hook in cipher code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_CIPHER_DEBUG */
-
-static ENGINE_TABLE *cipher_table = NULL;
-
-void ENGINE_unregister_ciphers(ENGINE *e)
-	{
-	engine_table_unregister(&cipher_table, e);
-	}
-
-static void engine_unregister_all_ciphers(void)
-	{
-	engine_table_cleanup(&cipher_table);
-	}
-
-int ENGINE_register_ciphers(ENGINE *e)
-	{
-	if(e->ciphers)
-		{
-		const int *nids;
-		int num_nids = e->ciphers(e, NULL, &nids, 0);
-		if(num_nids > 0)
-			return engine_table_register(&cipher_table,
-					engine_unregister_all_ciphers, e, nids,
-					num_nids, 0);
-		}
-	return 1;
-	}
-
-void ENGINE_register_all_ciphers()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_ciphers(e);
-	}
-
-int ENGINE_set_default_ciphers(ENGINE *e)
-	{
-	if(e->ciphers)
-		{
-		const int *nids;
-		int num_nids = e->ciphers(e, NULL, &nids, 0);
-		if(num_nids > 0)
-			return engine_table_register(&cipher_table,
-					engine_unregister_all_ciphers, e, nids,
-					num_nids, 1);
-		}
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given cipher 'nid' */
-ENGINE *ENGINE_get_cipher_engine(int nid)
-	{
-	return engine_table_select(&cipher_table, nid);
-	}
-
-/* Obtains a cipher implementation from an ENGINE functional reference */
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid)
-	{
-	const EVP_CIPHER *ret;
-	ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
-	if(!fn || !fn(e, &ret, NULL, nid))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER,
-				ENGINE_R_UNIMPLEMENTED_CIPHER);
-		return NULL;
-		}
-	return ret;
-	}
-
-/* Gets the cipher callback from an ENGINE structure */
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e)
-	{
-	return e->ciphers;
-	}
-
-/* Sets the cipher callback in an ENGINE structure */
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
-	{
-	e->ciphers = f;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/tb_dh.c b/crypto/openssl/crypto/engine/tb_dh.c
deleted file mode 100644
index e290e1702b27..000000000000
--- a/crypto/openssl/crypto/engine/tb_dh.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
- * used by DH to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DH_DEBUG */
-
-static ENGINE_TABLE *dh_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_DH(ENGINE *e)
-	{
-	engine_table_unregister(&dh_table, e);
-	}
-
-static void engine_unregister_all_DH(void)
-	{
-	engine_table_cleanup(&dh_table);
-	}
-
-int ENGINE_register_DH(ENGINE *e)
-	{
-	if(e->dh_meth)
-		return engine_table_register(&dh_table,
-				engine_unregister_all_DH, e, &dummy_nid, 1, 0);
-	return 1;
-	}
-
-void ENGINE_register_all_DH()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_DH(e);
-	}
-
-int ENGINE_set_default_DH(ENGINE *e)
-	{
-	if(e->dh_meth)
-		return engine_table_register(&dh_table,
-				engine_unregister_all_DH, e, &dummy_nid, 1, 1);
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *ENGINE_get_default_DH(void)
-	{
-	return engine_table_select(&dh_table, dummy_nid);
-	}
-
-/* Obtains an DH implementation from an ENGINE functional reference */
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
-	{
-	return e->dh_meth;
-	}
-
-/* Sets an DH implementation in an ENGINE structure */
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
-	{
-	e->dh_meth = dh_meth;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/tb_digest.c b/crypto/openssl/crypto/engine/tb_digest.c
deleted file mode 100644
index e82d2a17c9c3..000000000000
--- a/crypto/openssl/crypto/engine/tb_digest.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_digest_engine(), the function that
- * is used by EVP to hook in digest code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DIGEST_DEBUG */
-
-static ENGINE_TABLE *digest_table = NULL;
-
-void ENGINE_unregister_digests(ENGINE *e)
-	{
-	engine_table_unregister(&digest_table, e);
-	}
-
-static void engine_unregister_all_digests(void)
-	{
-	engine_table_cleanup(&digest_table);
-	}
-
-int ENGINE_register_digests(ENGINE *e)
-	{
-	if(e->digests)
-		{
-		const int *nids;
-		int num_nids = e->digests(e, NULL, &nids, 0);
-		if(num_nids > 0)
-			return engine_table_register(&digest_table,
-					engine_unregister_all_digests, e, nids,
-					num_nids, 0);
-		}
-	return 1;
-	}
-
-void ENGINE_register_all_digests()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_digests(e);
-	}
-
-int ENGINE_set_default_digests(ENGINE *e)
-	{
-	if(e->digests)
-		{
-		const int *nids;
-		int num_nids = e->digests(e, NULL, &nids, 0);
-		if(num_nids > 0)
-			return engine_table_register(&digest_table,
-					engine_unregister_all_digests, e, nids,
-					num_nids, 1);
-		}
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given digest 'nid' */
-ENGINE *ENGINE_get_digest_engine(int nid)
-	{
-	return engine_table_select(&digest_table, nid);
-	}
-
-/* Obtains a digest implementation from an ENGINE functional reference */
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid)
-	{
-	const EVP_MD *ret;
-	ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
-	if(!fn || !fn(e, &ret, NULL, nid))
-		{
-		ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST,
-				ENGINE_R_UNIMPLEMENTED_DIGEST);
-		return NULL;
-		}
-	return ret;
-	}
-
-/* Gets the digest callback from an ENGINE structure */
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e)
-	{
-	return e->digests;
-	}
-
-/* Sets the digest callback in an ENGINE structure */
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
-	{
-	e->digests = f;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/tb_dsa.c b/crypto/openssl/crypto/engine/tb_dsa.c
deleted file mode 100644
index 80170591f201..000000000000
--- a/crypto/openssl/crypto/engine/tb_dsa.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
- * used by DSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DSA_DEBUG */
-
-static ENGINE_TABLE *dsa_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_DSA(ENGINE *e)
-	{
-	engine_table_unregister(&dsa_table, e);
-	}
-
-static void engine_unregister_all_DSA(void)
-	{
-	engine_table_cleanup(&dsa_table);
-	}
-
-int ENGINE_register_DSA(ENGINE *e)
-	{
-	if(e->dsa_meth)
-		return engine_table_register(&dsa_table,
-				engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
-	return 1;
-	}
-
-void ENGINE_register_all_DSA()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_DSA(e);
-	}
-
-int ENGINE_set_default_DSA(ENGINE *e)
-	{
-	if(e->dsa_meth)
-		return engine_table_register(&dsa_table,
-				engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *ENGINE_get_default_DSA(void)
-	{
-	return engine_table_select(&dsa_table, dummy_nid);
-	}
-
-/* Obtains an DSA implementation from an ENGINE functional reference */
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
-	{
-	return e->dsa_meth;
-	}
-
-/* Sets an DSA implementation in an ENGINE structure */
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
-	{
-	e->dsa_meth = dsa_meth;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/tb_rand.c b/crypto/openssl/crypto/engine/tb_rand.c
deleted file mode 100644
index 69b67111bc64..000000000000
--- a/crypto/openssl/crypto/engine/tb_rand.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
- * used by RAND to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RAND_DEBUG */
-
-static ENGINE_TABLE *rand_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_RAND(ENGINE *e)
-	{
-	engine_table_unregister(&rand_table, e);
-	}
-
-static void engine_unregister_all_RAND(void)
-	{
-	engine_table_cleanup(&rand_table);
-	}
-
-int ENGINE_register_RAND(ENGINE *e)
-	{
-	if(e->rand_meth)
-		return engine_table_register(&rand_table,
-				engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
-	return 1;
-	}
-
-void ENGINE_register_all_RAND()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_RAND(e);
-	}
-
-int ENGINE_set_default_RAND(ENGINE *e)
-	{
-	if(e->rand_meth)
-		return engine_table_register(&rand_table,
-				engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *ENGINE_get_default_RAND(void)
-	{
-	return engine_table_select(&rand_table, dummy_nid);
-	}
-
-/* Obtains an RAND implementation from an ENGINE functional reference */
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
-	{
-	return e->rand_meth;
-	}
-
-/* Sets an RAND implementation in an ENGINE structure */
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
-	{
-	e->rand_meth = rand_meth;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/tb_rsa.c b/crypto/openssl/crypto/engine/tb_rsa.c
deleted file mode 100644
index fee4867f5209..000000000000
--- a/crypto/openssl/crypto/engine/tb_rsa.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
- * used by RSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RSA_DEBUG */
-
-static ENGINE_TABLE *rsa_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_RSA(ENGINE *e)
-	{
-	engine_table_unregister(&rsa_table, e);
-	}
-
-static void engine_unregister_all_RSA(void)
-	{
-	engine_table_cleanup(&rsa_table);
-	}
-
-int ENGINE_register_RSA(ENGINE *e)
-	{
-	if(e->rsa_meth)
-		return engine_table_register(&rsa_table,
-				engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
-	return 1;
-	}
-
-void ENGINE_register_all_RSA()
-	{
-	ENGINE *e;
-
-	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
-		ENGINE_register_RSA(e);
-	}
-
-int ENGINE_set_default_RSA(ENGINE *e)
-	{
-	if(e->rsa_meth)
-		return engine_table_register(&rsa_table,
-				engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
-	return 1;
-	}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *ENGINE_get_default_RSA(void)
-	{
-	return engine_table_select(&rsa_table, dummy_nid);
-	}
-
-/* Obtains an RSA implementation from an ENGINE functional reference */
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
-	{
-	return e->rsa_meth;
-	}
-
-/* Sets an RSA implementation in an ENGINE structure */
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
-	{
-	e->rsa_meth = rsa_meth;
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/engine/vendor_defns/aep.h b/crypto/openssl/crypto/engine/vendor_defns/aep.h
deleted file mode 100644
index 2b2792d2d6ff..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/aep.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/* This header declares the necessary definitions for using the exponentiation
- * acceleration capabilities, and rnd number generation of the AEP card. 
- *
- */
-
-/*
- *
- * Some AEP defines
- *
- */
-
-/*Successful return value*/
-#define AEP_R_OK                                0x00000000
-
-/*Miscelleanous unsuccessful return value*/
-#define AEP_R_GENERAL_ERROR                     0x10000001
-
-/*Insufficient host memory*/
-#define AEP_R_HOST_MEMORY                       0x10000002
-
-#define AEP_R_FUNCTION_FAILED                   0x10000006
-
-/*Invalid arguments in function call*/
-#define AEP_R_ARGUMENTS_BAD                     0x10020000
-
-#define AEP_R_NO_TARGET_RESOURCES				0x10030000
-
-/*Error occuring on socket operation*/
-#define AEP_R_SOCKERROR							0x10000010
-
-/*Socket has been closed from the other end*/
-#define AEP_R_SOCKEOF							0x10000011
-
-/*Invalid handles*/
-#define AEP_R_CONNECTION_HANDLE_INVALID         0x100000B3
-
-#define AEP_R_TRANSACTION_HANDLE_INVALID		0x10040000
-
-/*Transaction has not yet returned from accelerator*/
-#define AEP_R_TRANSACTION_NOT_READY				0x00010000
-
-/*There is already a thread waiting on this transaction*/
-#define AEP_R_TRANSACTION_CLAIMED				0x10050000
-
-/*The transaction timed out*/
-#define AEP_R_TIMED_OUT							0x10060000
-
-#define AEP_R_FXN_NOT_IMPLEMENTED				0x10070000
-
-#define AEP_R_TARGET_ERROR						0x10080000
-
-/*Error in the AEP daemon process*/
-#define AEP_R_DAEMON_ERROR						0x10090000
-
-/*Invalid ctx id*/
-#define AEP_R_INVALID_CTX_ID					0x10009000
-
-#define AEP_R_NO_KEY_MANAGER					0x1000a000
-
-/*Error obtaining a mutex*/
-#define AEP_R_MUTEX_BAD                         0x000001A0
-
-/*Fxn call before AEP_Initialise ot after AEP_Finialise*/
-#define AEP_R_AEPAPI_NOT_INITIALIZED			0x10000190
-
-/*AEP_Initialise has already been called*/
-#define AEP_R_AEPAPI_ALREADY_INITIALIZED		0x10000191
-
-/*Maximum number of connections to daemon reached*/
-#define AEP_R_NO_MORE_CONNECTION_HNDLS			0x10000200
-
-/*
- *
- * Some AEP Type definitions
- *
- */
-
-/* an unsigned 8-bit value */
-typedef unsigned char				AEP_U8;
-
-/* an unsigned 8-bit character */
-typedef char					AEP_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef AEP_U8					AEP_BBOOL;
-
-/*Unsigned value, at least 16 bits long*/
-typedef unsigned short				AEP_U16;
-
-/* an unsigned value, at least 32 bits long */
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned int				AEP_U32;
-#else
-typedef unsigned long				AEP_U32;
-#endif
-
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned long				AEP_U64;
-#else
-typedef struct { unsigned long l1, l2; }	AEP_U64;
-#endif
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef AEP_U32			AEP_FLAGS;
-
-typedef AEP_U8	    	*AEP_U8_PTR;
-typedef AEP_CHAR    	*AEP_CHAR_PTR;
-typedef AEP_U32			*AEP_U32_PTR;
-typedef AEP_U64			*AEP_U64_PTR;
-typedef void        	*AEP_VOID_PTR;
-
-/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
-typedef AEP_VOID_PTR 	*AEP_VOID_PTR_PTR;
-
-/*Used to identify an AEP connection handle*/
-typedef AEP_U32					AEP_CONNECTION_HNDL;
-
-/*Pointer to an AEP connection handle*/
-typedef AEP_CONNECTION_HNDL 	*AEP_CONNECTION_HNDL_PTR;
-
-/*Used by an application (in conjunction with the apps process id) to 
-identify an individual transaction*/
-typedef AEP_U32					AEP_TRANSACTION_ID;
-
-/*Pointer to an applications transaction identifier*/
-typedef AEP_TRANSACTION_ID 		*AEP_TRANSACTION_ID_PTR;
-
-/*Return value type*/
-typedef AEP_U32					AEP_RV;
-
-#define MAX_PROCESS_CONNECTIONS 256
-
-#define RAND_BLK_SIZE 1024
-
-typedef enum{
-        NotConnected=   0,
-        Connected=              1,
-        InUse=                  2
-} AEP_CONNECTION_STATE;
-
-
-typedef struct AEP_CONNECTION_ENTRY{
-        AEP_CONNECTION_STATE    conn_state;
-        AEP_CONNECTION_HNDL     conn_hndl;
-} AEP_CONNECTION_ENTRY;
-
-
-typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
-typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
-
-typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
-			    AEP_VOID_PTR pA, AEP_VOID_PTR pP,
-			    AEP_VOID_PTR pN,
-			    AEP_VOID_PTR pResult,
-			    AEP_TRANSACTION_ID* pidTransID);
-
-typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
-			       AEP_VOID_PTR pA, AEP_VOID_PTR pP,
-			       AEP_VOID_PTR pQ,
-			       AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
-			       AEP_VOID_PTR pIqmp,
-			       AEP_VOID_PTR pResult,
-			       AEP_TRANSACTION_ID* pidTransID);
-
-#ifdef AEPRAND
-typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
-			       AEP_U32 Len,
-			       AEP_U32 Type,
-			       AEP_VOID_PTR pResult,
-			       AEP_TRANSACTION_ID* pidTransID);
-#endif
-
-typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
-typedef AEP_RV t_AEP_Finalize();
-typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(),
-				    AEP_RV (*MakeAEPBigNumFunc)(),
-				    AEP_RV (*ConverAEPBigNumFunc)());
-
diff --git a/crypto/openssl/crypto/engine/vendor_defns/atalla.h b/crypto/openssl/crypto/engine/vendor_defns/atalla.h
deleted file mode 100644
index 149970d44147..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/atalla.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* This header declares the necessary definitions for using the exponentiation
- * acceleration capabilities of Atalla cards. The only cryptographic operation
- * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that
- * defines an "RSA private key". However, it is really only performing a
- * regular mod_exp using the supplied modulus and exponent - no CRT form is
- * being used. Hence, it is a generic mod_exp function in disguise, and we use
- * it as such.
- *
- * Thanks to the people at Atalla for letting me know these definitions are
- * fine and that they can be reproduced here.
- *
- * Geoff.
- */
-
-typedef struct ItemStr
-	{
-	unsigned char *data;
-	int len;
-	} Item;
-
-typedef struct RSAPrivateKeyStr
-	{
-	void *reserved;
-	Item version;
-	Item modulus;
-	Item publicExponent;
-	Item privateExponent;
-	Item prime[2];
-	Item exponent[2];
-	Item coefficient;
-	} RSAPrivateKey;
-
-/* Predeclare the function pointer types that we dynamically load from the DSO.
- * These use the same names and form that Ben's original support code had (in
- * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style
- * somewhere along the way!
- */
-
-typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
-					unsigned int *ret_buf);
-
-typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
-
-typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
-					unsigned char *output,
-					unsigned char *input,
-					unsigned int modulus_len);
-
diff --git a/crypto/openssl/crypto/engine/vendor_defns/cswift.h b/crypto/openssl/crypto/engine/vendor_defns/cswift.h
deleted file mode 100644
index 60079326bbbf..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/cswift.h
+++ /dev/null
@@ -1,234 +0,0 @@
-/* Attribution notice: Rainbow have generously allowed me to reproduce
- * the necessary definitions here from their API. This means the support
- * can build independently of whether application builders have the
- * API or hardware. This will allow developers to easily produce software
- * that has latent hardware support for any users that have accelertors
- * installed, without the developers themselves needing anything extra.
- *
- * I have only clipped the parts from the CryptoSwift header files that
- * are (or seem) relevant to the CryptoSwift support code. This is
- * simply to keep the file sizes reasonable.
- * [Geoff]
- */
-
-
-/* NB: These type widths do *not* seem right in general, in particular
- * they're not terribly friendly to 64-bit architectures (unsigned long)
- * will be 64-bit on IA-64 for a start. I'm leaving these alone as they
- * agree with Rainbow's API and this will only be called into question
- * on platforms with Rainbow support anyway! ;-) */
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-typedef long              SW_STATUS;              /* status           */
-typedef unsigned char     SW_BYTE;                /* 8 bit byte       */
-typedef unsigned short    SW_U16;                 /* 16 bit number    */
-#if defined(_IRIX)
-#include <sgidefs.h>
-typedef __uint32_t        SW_U32;
-#else
-typedef unsigned long     SW_U32;                 /* 32 bit integer   */
-#endif
- 
-#if defined(OPENSSL_SYS_WIN32)
-  typedef struct _SW_U64 {
-      SW_U32 low32;
-      SW_U32 high32;
-  } SW_U64;                                         /* 64 bit integer   */
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
-  typedef longlong SW_U64
-#else /* Unix variants */
-  typedef struct _SW_U64 {
-      SW_U32 low32;
-      SW_U32 high32;
-  } SW_U64;                                         /* 64 bit integer   */
-#endif
-
-/* status codes */
-#define SW_OK                 (0L)
-#define SW_ERR_BASE           (-10000L)
-#define SW_ERR_NO_CARD        (SW_ERR_BASE-1) /* The Card is not present   */
-#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered  */
-                                              /*    up yet                 */
-#define SW_ERR_TIME_OUT       (SW_ERR_BASE-3) /* Execution of a command    */
-                                              /*    time out               */
-#define SW_ERR_NO_EXECUTE     (SW_ERR_BASE-4) /* The Card failed to        */
-                                              /*    execute the command    */
-#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is     */
-                                              /*    NULL                   */
-#define SW_ERR_INPUT_SIZE     (SW_ERR_BASE-6) /* size is invalid, too      */
-                                              /*    small, too large.      */
-#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT    */
-                                              /*    handle                 */
-#define SW_ERR_PENDING        (SW_ERR_BASE-8) /* A request is already out- */
-                                              /*    standing at this       */
-                                              /*    context handle         */
-#define SW_ERR_AVAILABLE      (SW_ERR_BASE-9) /* A result is available.    */
-#define SW_ERR_NO_PENDING     (SW_ERR_BASE-10)/* No request is pending.    */
-#define SW_ERR_NO_MEMORY      (SW_ERR_BASE-11)/* Not enough memory         */
-#define SW_ERR_BAD_ALGORITHM  (SW_ERR_BASE-12)/* Invalid algorithm type    */
-                                              /*    in SW_PARAM structure  */
-#define SW_ERR_MISSING_KEY    (SW_ERR_BASE-13)/* No key is associated with */
-                                              /*    context.               */
-                                              /*    swAttachKeyParam() is  */
-                                              /*    not called.            */
-#define SW_ERR_KEY_CMD_MISMATCH \
-                              (SW_ERR_BASE-14)/* Cannot perform requested  */
-                                              /*    SW_COMMAND_CODE since  */
-                                              /*    key attached via       */
-                                              /*    swAttachKeyParam()     */
-                                              /*    cannot be used for this*/
-                                              /*    SW_COMMAND_CODE.       */
-#define SW_ERR_NOT_IMPLEMENTED \
-                              (SW_ERR_BASE-15)/* Not implemented           */
-#define SW_ERR_BAD_COMMAND    (SW_ERR_BASE-16)/* Bad command code          */
-#define SW_ERR_BAD_ITEM_SIZE  (SW_ERR_BASE-17)/* too small or too large in */
-                                              /*    the "initems" or       */
-                                              /*    "outitems".            */
-#define SW_ERR_BAD_ACCNUM     (SW_ERR_BASE-18)/* Bad accelerator number    */
-#define SW_ERR_SELFTEST_FAIL  (SW_ERR_BASE-19)/* At least one of the self  */
-                                              /*    test fail, look at the */
-                                              /*    selfTestBitmap in      */
-                                              /*    SW_ACCELERATOR_INFO for*/
-                                              /*    details.               */
-#define SW_ERR_MISALIGN       (SW_ERR_BASE-20)/* Certain alogrithms require*/
-                                              /*    key materials aligned  */
-                                              /*    in certain order, e.g. */
-                                              /*    128 bit for CRT        */
-#define SW_ERR_OUTPUT_NULL_PTR \
-                              (SW_ERR_BASE-21)/* a required pointer is     */
-                                              /*    NULL                   */
-#define SW_ERR_OUTPUT_SIZE \
-                              (SW_ERR_BASE-22)/* size is invalid, too      */
-                                              /*    small, too large.      */
-#define SW_ERR_FIRMWARE_CHECKSUM \
-                              (SW_ERR_BASE-23)/* firmware checksum mismatch*/
-                                              /*    download failed.       */
-#define SW_ERR_UNKNOWN_FIRMWARE \
-                              (SW_ERR_BASE-24)/* unknown firmware error    */
-#define SW_ERR_INTERRUPT      (SW_ERR_BASE-25)/* request is abort when     */
-                                              /*    it's waiting to be     */
-                                              /*    completed.             */
-#define SW_ERR_NVWRITE_FAIL   (SW_ERR_BASE-26)/* error in writing to Non-  */
-                                              /*    volatile memory        */
-#define SW_ERR_NVWRITE_RANGE  (SW_ERR_BASE-27)/* out of range error in     */
-                                              /*    writing to NV memory   */
-#define SW_ERR_RNG_ERROR      (SW_ERR_BASE-28)/* Random Number Generation  */
-                                              /*    failure                */
-#define SW_ERR_DSS_FAILURE    (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/
-#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math   */
-                                              /*    calculations           */
-#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on -   */
-                                              /*    board memory           */
-#define SW_ERR_FIRMWARE_VERSION \
-                              (SW_ERR_BASE-32)/* Wrong version in firmware */
-                                              /*    update                 */
-#define SW_ERR_ZERO_WORKING_ACCELERATOR \
-                              (SW_ERR_BASE-44)/* All accelerators are bad  */
-
-
-  /* algorithm type */
-#define SW_ALG_CRT          1
-#define SW_ALG_EXP          2
-#define SW_ALG_DSA          3
-#define SW_ALG_NVDATA       4
-
-  /* command code */
-#define SW_CMD_MODEXP_CRT   1 /* perform Modular Exponentiation using  */
-                              /*  Chinese Remainder Theorem (CRT)      */
-#define SW_CMD_MODEXP       2 /* perform Modular Exponentiation        */
-#define SW_CMD_DSS_SIGN     3 /* perform DSS sign                      */
-#define SW_CMD_DSS_VERIFY   4 /* perform DSS verify                    */
-#define SW_CMD_RAND         5 /* perform random number generation      */
-#define SW_CMD_NVREAD       6 /* perform read to nonvolatile RAM       */
-#define SW_CMD_NVWRITE      7 /* perform write to nonvolatile RAM      */
-
-typedef SW_U32            SW_ALGTYPE;             /* alogrithm type   */
-typedef SW_U32            SW_STATE;               /* state            */
-typedef SW_U32            SW_COMMAND_CODE;        /* command code     */
-typedef SW_U32            SW_COMMAND_BITMAP[4];   /* bitmap           */
-
-typedef struct _SW_LARGENUMBER {
-    SW_U32    nbytes;       /* number of bytes in the buffer "value"  */
-    SW_BYTE*  value;        /* the large integer as a string of       */
-                            /*   bytes in network (big endian) order  */
-} SW_LARGENUMBER;               
-
-#if defined(OPENSSL_SYS_WIN32)
-    #include <windows.h>
-    typedef HANDLE          SW_OSHANDLE;          /* handle to kernel object */
-    #define SW_OS_INVALID_HANDLE  INVALID_HANDLE_VALUE
-    #define SW_CALLCONV _stdcall
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
-    /* async callback mechanisms */
-    /* swiftCallbackLevel */
-    #define SW_MAC_CALLBACK_LEVEL_NO         0		
-    #define SW_MAC_CALLBACK_LEVEL_HARDWARE   1	/* from the hardware ISR */
-    #define SW_MAC_CALLBACK_LEVEL_SECONDARY  2	/* as secondary ISR */
-    typedef int             SW_MAC_CALLBACK_LEVEL;
-    typedef int             SW_OSHANDLE;
-    #define SW_OS_INVALID_HANDLE  (-1)
-    #define SW_CALLCONV
-#else /* Unix variants */
-    typedef int             SW_OSHANDLE;          /* handle to driver */
-    #define SW_OS_INVALID_HANDLE  (-1)
-    #define SW_CALLCONV
-#endif 
-
-typedef struct _SW_CRT {
-    SW_LARGENUMBER  p;      /* prime number p                         */
-    SW_LARGENUMBER  q;      /* prime number q                         */
-    SW_LARGENUMBER  dmp1;   /* exponent1                              */
-    SW_LARGENUMBER  dmq1;   /* exponent2                              */
-    SW_LARGENUMBER  iqmp;   /* CRT coefficient                        */
-} SW_CRT;
-
-typedef struct _SW_EXP {
-    SW_LARGENUMBER  modulus; /* modulus                                */
-    SW_LARGENUMBER  exponent;/* exponent                               */
-} SW_EXP;
-
-typedef struct _SW_DSA {
-    SW_LARGENUMBER  p;      /*                                        */
-    SW_LARGENUMBER  q;      /*                                        */
-    SW_LARGENUMBER  g;      /*                                        */
-    SW_LARGENUMBER  key;    /* private/public key                     */
-} SW_DSA;
-
-typedef struct _SW_NVDATA {
-    SW_U32 accnum;          /* accelerator board number               */
-    SW_U32 offset;          /* offset in byte                         */
-} SW_NVDATA;
-
-typedef struct _SW_PARAM {
-    SW_ALGTYPE    type;     /* type of the alogrithm                  */
-    union {
-        SW_CRT    crt;
-        SW_EXP    exp;
-        SW_DSA    dsa;
-        SW_NVDATA nvdata;
-    } up;
-} SW_PARAM;
-
-typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
-
-
-/* Now the OpenSSL bits, these function types are the for the function
- * pointers that will bound into the Rainbow shared libraries. */
-typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac);
-typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
-                                                SW_PARAM *key_params);
-typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
-                                                SW_COMMAND_CODE cmd,
-                				SW_LARGENUMBER pin[],
-                                		SW_U32 pin_count,
-                                                SW_LARGENUMBER pout[],
-                				SW_U32 pout_count);
-typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
-
diff --git a/crypto/openssl/crypto/engine/vendor_defns/hw_4758_cca.h b/crypto/openssl/crypto/engine/vendor_defns/hw_4758_cca.h
deleted file mode 100644
index 296636e81a8b..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/hw_4758_cca.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/**********************************************************************/
-/*                                                                    */
-/*  Prototypes of the CCA verbs used by the 4758 CCA openssl driver   */
-/*                                                                    */
-/*  Maurice Gittens <maurice@gittens.nl>                              */
-/*                                                                    */
-/**********************************************************************/
-
-#ifndef __HW_4758_CCA__
-#define __HW_4758_CCA__
-
-/*
- *  Only WIN32 support for now
- */
-#if defined(WIN32)
-
-  #define CCA_LIB_NAME "CSUNSAPI"
-
-  #define CSNDPKX   "CSNDPKX_32"
-  #define CSNDKRR   "CSNDKRR_32"
-  #define CSNDPKE   "CSNDPKE_32"
-  #define CSNDPKD   "CSNDPKD_32"
-  #define CSNDDSV   "CSNDDSV_32"
-  #define CSNDDSG   "CSNDDSG_32"
-  #define CSNBRNG   "CSNBRNG_32"
-
-  #define SECURITYAPI __stdcall
-#else
-    /* Fixme!!         
-      Find out the values of these constants for other platforms.
-    */
-  #define CCA_LIB_NAME "CSUNSAPI"
-
-  #define CSNDPKX   "CSNDPKX"
-  #define CSNDKRR   "CSNDKRR"
-  #define CSNDPKE   "CSNDPKE"
-  #define CSNDPKD   "CSNDPKD"
-  #define CSNDDSV   "CSNDDSV"
-  #define CSNDDSG   "CSNDDSG"
-  #define CSNBRNG   "CSNBRNG"
-
-  #define SECURITYAPI
-#endif
-
-/*
- * security API prototypes
- */
-
-/* PKA Key Record Read */
-typedef void (SECURITYAPI *F_KEYRECORDREAD)
-             (long          * return_code,
-              long          * reason_code,
-              long          * exit_data_length,
-              unsigned char * exit_data,
-              long          * rule_array_count,
-              unsigned char * rule_array,
-              unsigned char * key_label,
-              long          * key_token_length,
-              unsigned char * key_token);
-
-/* Random Number Generate */
-typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE)
-             (long          * return_code,
-              long          * reason_code,
-              long          * exit_data_length,
-              unsigned char * exit_data,
-              unsigned char * form,
-              unsigned char * random_number);
-
-/* Digital Signature Generate */
-typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE)
-             (long          * return_code,
-              long          * reason_code,
-              long          * exit_data_length,
-              unsigned char * exit_data,
-              long          * rule_array_count,
-              unsigned char * rule_array,
-              long          * PKA_private_key_id_length,
-              unsigned char * PKA_private_key_id,
-              long          * hash_length,
-              unsigned char * hash,
-              long          * signature_field_length,
-              long          * signature_bit_length,
-              unsigned char * signature_field);
-
-/* Digital Signature Verify */
-typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)(
-              long          * return_code,
-              long          * reason_code,
-              long          * exit_data_length,
-              unsigned char * exit_data,
-              long          * rule_array_count,
-              unsigned char * rule_array,
-              long          * PKA_public_key_id_length,
-              unsigned char * PKA_public_key_id,
-              long          * hash_length,
-              unsigned char * hash,
-              long          * signature_field_length,
-              unsigned char * signature_field);
-
-/* PKA Public Key Extract */
-typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)(
-              long          * return_code,
-              long          * reason_code,
-              long          * exit_data_length,
-              unsigned char * exit_data,
-              long          * rule_array_count,
-              unsigned char * rule_array,
-              long          * source_key_identifier_length,
-              unsigned char * source_key_identifier,
-              long          * target_key_token_length,
-              unsigned char * target_key_token);
-
-/* PKA Encrypt */
-typedef void   (SECURITYAPI *F_PKAENCRYPT)
-               (long          *  return_code,
-                 long          *  reason_code,
-                 long          *  exit_data_length,
-                 unsigned char *  exit_data,
-                 long          *  rule_array_count,
-                 unsigned char *  rule_array,
-                 long          *  key_value_length,
-                 unsigned char *  key_value,
-                 long          *  data_struct_length,
-                 unsigned char *  data_struct,
-                 long          *  RSA_public_key_length,
-                 unsigned char *  RSA_public_key,
-                 long          *  RSA_encipher_length,
-                 unsigned char *  RSA_encipher );
-
-/* PKA Decrypt */
-typedef void    (SECURITYAPI *F_PKADECRYPT)
-                (long          *  return_code,
-                 long          *  reason_code,
-                 long          *  exit_data_length,
-                 unsigned char *  exit_data,
-                 long          *  rule_array_count,
-                 unsigned char *  rule_array,
-                 long          *  enciphered_key_length,
-                 unsigned char *  enciphered_key,
-                 long          *  data_struct_length,
-                 unsigned char *  data_struct,
-                 long          *  RSA_private_key_length,
-                 unsigned char *  RSA_private_key,
-                 long          *  key_value_length,
-                 unsigned char *  key_value    );
-
-
-#endif
diff --git a/crypto/openssl/crypto/engine/vendor_defns/hw_ubsec.h b/crypto/openssl/crypto/engine/vendor_defns/hw_ubsec.h
deleted file mode 100644
index b6619d40f2fa..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/hw_ubsec.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/******************************************************************************
- *
- *  Copyright 2000
- *  Broadcom Corporation
- *  16215 Alton Parkway
- *  PO Box 57013
- *  Irvine CA 92619-7013
- *
- *****************************************************************************/
-/* 
- * Broadcom Corporation uBSec SDK 
- */
-/*
- * Character device header file.
- */
-/*
- * Revision History:
- *
- * October 2000 JTT Created.
- */
-
-#define MAX_PUBLIC_KEY_BITS (1024)
-#define MAX_PUBLIC_KEY_BYTES (1024/8)
-#define SHA_BIT_SIZE  (160)
-#define MAX_CRYPTO_KEY_LENGTH 24
-#define MAX_MAC_KEY_LENGTH 64
-#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")
-#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")
-
-/* Math command types. */
-#define UBSEC_MATH_MODADD 0x0001
-#define UBSEC_MATH_MODSUB 0x0002
-#define UBSEC_MATH_MODMUL 0x0004
-#define UBSEC_MATH_MODEXP 0x0008
-#define UBSEC_MATH_MODREM 0x0010
-#define UBSEC_MATH_MODINV 0x0020
-
-typedef long ubsec_MathCommand_t;
-typedef long ubsec_RNGCommand_t;
-
-typedef struct ubsec_crypto_context_s {
-	unsigned int	flags;
-	unsigned char	crypto[MAX_CRYPTO_KEY_LENGTH];
-	unsigned char 	auth[MAX_MAC_KEY_LENGTH];
-} ubsec_crypto_context_t, *ubsec_crypto_context_p;
-
-/* 
- * Predeclare the function pointer types that we dynamically load from the DSO.
- */
-
-typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);
-
-typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);
-
-typedef int t_UBSEC_ubsec_open(unsigned char *device);
-
-typedef int t_UBSEC_ubsec_close(int fd);
-
-typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd,
-	unsigned char *x, int *x_len, unsigned char *y, int *y_len, 
-	unsigned char *g, int g_len, unsigned char *m, int m_len,
-	unsigned char *userX, int userX_len, int random_bits);
-
-typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd,
-	unsigned char *x, int x_len, unsigned char *y, int y_len, 
-	unsigned char *m, int m_len, unsigned char *k, int *k_len);
-
-typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd,
-	unsigned char *x, int x_len, unsigned char *m, int m_len,
-	unsigned char *e, int e_len, unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd,
-	unsigned char *x, int x_len, unsigned char *qinv, int qinv_len,
-	unsigned char *edq, int edq_len, unsigned char *q, int q_len,
-	unsigned char *edp, int edp_len, unsigned char *p, int p_len,
-	unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_dsa_sign_ioctl (int fd,
-	int hash, unsigned char *data, int data_len, 
-	unsigned char *rndom, int random_len, 
-	unsigned char *p, int p_len, unsigned char *q, int q_len,
-	unsigned char *g, int g_len, unsigned char *key, int key_len,
-	unsigned char *r, int *r_len, unsigned char *s, int *s_len);
-
-typedef int t_UBSEC_dsa_verify_ioctl (int fd,
-	int hash, unsigned char *data, int data_len,
-	unsigned char *p, int p_len, unsigned char *q, int q_len,
-	unsigned char *g, int g_len, unsigned char *key, int key_len,
-	unsigned char *r, int r_len, unsigned char *s, int s_len,
-	unsigned char *v, int *v_len);
-
-typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,
-	unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len, 
-	unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len,
-	unsigned char *Result, int *Result_len);
-
-typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,
-	unsigned char *Result, int *Result_len);
-
-typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len);
diff --git a/crypto/openssl/crypto/engine/vendor_defns/hwcryptohook.h b/crypto/openssl/crypto/engine/vendor_defns/hwcryptohook.h
deleted file mode 100644
index 39224bc30f06..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/hwcryptohook.h
+++ /dev/null
@@ -1,486 +0,0 @@
-/*
- * ModExp / RSA (with/without KM) plugin API
- *
- * The application will load a dynamic library which
- * exports entrypoint(s) defined in this file.
- *
- * This set of entrypoints provides only a multithreaded,
- * synchronous-within-each-thread, facility.
- *
- *
- * This file is Copyright 1998-2000 nCipher Corporation Limited.
- *
- * Redistribution and use in source and binary forms, with opr without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the copyright notice,
- *    this list of conditions, and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above
- *    copyright notice, this list of conditions, and the following
- *    disclaimer, in the documentation and/or other materials provided
- *    with the distribution
- *
- * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
- * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
- * damages arising directly or indirectly from this file, its use or
- * this licence.  Without prejudice to the generality of the
- * foregoing: all liability shall be excluded for direct, indirect,
- * special, incidental, consequential or other damages or any loss of
- * profits, business, revenue goodwill or anticipated savings;
- * liability shall be excluded even if nCipher or anyone else has been
- * advised of the possibility of damage.  In any event, if the
- * exclusion of liability is not effective, the liability of nCipher
- * or any author or distributor shall be limited to the lesser of the
- * price paid and 1,000 pounds sterling. This licence only fails to
- * exclude or limit liability for death or personal injury arising out
- * of negligence, and only to the extent that such an exclusion or
- * limitation is not effective.
- *
- * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
- * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
- * limited to, any implied warranties of merchantability, fitness for
- * a particular purpose, satisfactory quality, and/or non-infringement
- * of any third party rights.
- *
- * US Government use: This software and documentation is Commercial
- * Computer Software and Computer Software Documentation, as defined in
- * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
- * Noncommercial Computer Software and Noncommercial Computer Software
- * Documentation."  Use, duplication or disclosure by the Government is
- * subject to the terms and conditions specified here.
- *
- * By using or distributing this file you will be accepting these
- * terms and conditions, including the limitation of liability and
- * lack of warranty.  If you do not wish to accept these terms and
- * conditions, DO NOT USE THE FILE.
- *
- *
- * The actual dynamically loadable plugin, and the library files for
- * static linking, which are also provided in some distributions, are
- * not covered by the licence described above.  You should have
- * received a separate licence with terms and conditions for these
- * library files; if you received the library files without a licence,
- * please contact nCipher.
- *
- *
- * $Id: hwcryptohook.h,v 1.3 2001/07/04 12:26:39 ben Exp $
- */
-
-#ifndef HWCRYPTOHOOK_H
-#define HWCRYPTOHOOK_H
-
-#include <sys/types.h>
-#include <stdio.h>
-
-#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
-#define HWCRYPTOHOOK_DECLARE_APPTYPES 1
-#endif
-
-#define HWCRYPTOHOOK_ERROR_FAILED   -1
-#define HWCRYPTOHOOK_ERROR_FALLBACK -2
-#define HWCRYPTOHOOK_ERROR_MPISIZE  -3
-
-#if HWCRYPTOHOOK_DECLARE_APPTYPES
-
-/* These structs are defined by the application and opaque to the
- * crypto plugin.  The application may define these as it sees fit.
- * Default declarations are provided here, but the application may
- *  #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
- * to prevent these declarations, and instead provide its own
- * declarations of these types.  (Pointers to them must still be
- * ordinary pointers to structs or unions, or the resulting combined
- * program will have a type inconsistency.)
- */
-typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
-typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
-typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext;
-typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
-
-#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
-
-/* These next two structs are opaque to the application.  The crypto
- * plugin will return pointers to them; the caller simply manipulates
- * the pointers.
- */
-typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
-typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
-
-typedef struct {
-  char *buf;
-  size_t size;
-} HWCryptoHook_ErrMsgBuf;
-/* Used for error reporting.  When a HWCryptoHook function fails it
- * will return a sentinel value (0 for pointer-valued functions, or a
- * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
- * integer-valued ones).  It will, if an ErrMsgBuf is passed, also put
- * an error message there.
- * 
- * size is the size of the buffer, and will not be modified.  If you
- * pass 0 for size you must pass 0 for buf, and nothing will be
- * recorded (just as if you passed 0 for the struct pointer).
- * Messages written to the buffer will always be null-terminated, even
- * when truncated to fit within size bytes.
- *
- * The contents of the buffer are not defined if there is no error.
- */
-
-typedef struct HWCryptoHook_MPIStruct {
-  unsigned char *buf;
-  size_t size;
-} HWCryptoHook_MPI;
-/* When one of these is returned, a pointer is passed to the function.
- * At call, size is the space available.  Afterwards it is updated to
- * be set to the actual length (which may be more than the space available,
- * if there was not enough room and the result was truncated).
- * buf (the pointer) is not updated.
- *
- * size is in bytes and may be zero at call or return, but must be a
- * multiple of the limb size.  Zero limbs at the MS end are not
- * permitted.
- */
-
-#define HWCryptoHook_InitFlags_FallbackModExp    0x0002UL
-#define HWCryptoHook_InitFlags_FallbackRSAImmed  0x0004UL
-/* Enable requesting fallback to software in case of problems with the
- * hardware support.  This indicates to the crypto provider that the
- * application is prepared to fall back to software operation if the
- * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
- * Without this flag those calls will never return
- * HWCRYPTOHOOK_ERROR_FALLBACK.  The flag will also cause the crypto
- * provider to avoid repeatedly attempting to contact dead hardware
- * within a short interval, if appropriate.
- */
-
-#define HWCryptoHook_InitFlags_SimpleForkCheck   0x0010UL
-/* Without _SimpleForkCheck the library is allowed to assume that the
- * application will not fork and call the library in the child(ren).
- *
- * When it is specified, this is allowed.  However, after a fork
- * neither parent nor child may unload any loaded keys or call
- * _Finish.  Instead, they should call exit (or die with a signal)
- * without calling _Finish.  After all the children have died the
- * parent may unload keys or call _Finish.
- *
- * This flag only has any effect on UN*X platforms.
- */
-
-typedef struct {
-  unsigned long flags;
-  void *logstream; /* usually a FILE*.  See below. */
-
-  size_t limbsize; /* bignum format - size of radix type, must be power of 2 */
-  int mslimbfirst; /* 0 or 1 */
-  int msbytefirst; /* 0 or 1; -1 = native */
-
-  /* All the callback functions should return 0 on success, or a
-   * nonzero integer (whose value will be visible in the error message
-   * put in the buffer passed to the call).
-   *
-   * If a callback is not available pass a null function pointer.
-   *
-   * The callbacks may not call down again into the crypto plugin.
-   */
-  
-  /* For thread-safety.  Set everything to 0 if you promise only to be
-   * singlethreaded.  maxsimultaneous is the number of calls to
-   * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA.  If you don't know what to
-   * put there then say 0 and the hook library will use a default.
-   *
-   * maxmutexes is a small limit on the number of simultaneous mutexes
-   * which will be requested by the library.  If there is no small
-   * limit, set it to 0.  If the crypto plugin cannot create the
-   * advertised number of mutexes the calls to its functions may fail.
-   * If a low number of mutexes is advertised the plugin will try to
-   * do the best it can.  Making larger numbers of mutexes available
-   * may improve performance and parallelism by reducing contention
-   * over critical sections.  Unavailability of any mutexes, implying
-   * single-threaded operation, should be indicated by the setting
-   * mutex_init et al to 0.
-   */
-  int maxmutexes;
-  int maxsimultaneous;
-  size_t mutexsize;
-  int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx);
-  int (*mutex_acquire)(HWCryptoHook_Mutex*);
-  void (*mutex_release)(HWCryptoHook_Mutex*);
-  void (*mutex_destroy)(HWCryptoHook_Mutex*);
-
-  /* For greater efficiency, can use condition vars internally for
-   * synchronisation.  In this case maxsimultaneous is ignored, but
-   * the other mutex stuff must be available.  In singlethreaded
-   * programs, set everything to 0.
-   */
-  size_t condvarsize;
-  int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx);
-  int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*);
-  void (*condvar_signal)(HWCryptoHook_CondVar*);
-  void (*condvar_broadcast)(HWCryptoHook_CondVar*);
-  void (*condvar_destroy)(HWCryptoHook_CondVar*);
-  
-  /* The semantics of acquiring and releasing mutexes and broadcasting
-   * and waiting on condition variables are expected to be those from
-   * POSIX threads (pthreads).  The mutexes may be (in pthread-speak)
-   * fast mutexes, recursive mutexes, or nonrecursive ones.
-   * 
-   * The _release/_signal/_broadcast and _destroy functions must
-   * always succeed when given a valid argument; if they are given an
-   * invalid argument then the program (crypto plugin + application)
-   * has an internal error, and they should abort the program.
-   */
-
-  int (*getpassphrase)(const char *prompt_info,
-                       int *len_io, char *buf,
-                       HWCryptoHook_PassphraseContext *ppctx,
-                       HWCryptoHook_CallerContext *cactx);
-  /* Passphrases and the prompt_info, if they contain high-bit-set
-   * characters, are UTF-8.  The prompt_info may be a null pointer if
-   * no prompt information is available (it should not be an empty
-   * string).  It will not contain text like `enter passphrase';
-   * instead it might say something like `Operator Card for John
-   * Smith' or `SmartCard in nFast Module #1, Slot #1'.
-   *
-   * buf points to a buffer in which to return the passphrase; on
-   * entry *len_io is the length of the buffer.  It should be updated
-   * by the callback.  The returned passphrase should not be
-   * null-terminated by the callback.
-   */
-  
-  int (*getphystoken)(const char *prompt_info,
-                      const char *wrong_info,
-                      HWCryptoHook_PassphraseContext *ppctx,
-                      HWCryptoHook_CallerContext *cactx);
-  /* Requests that the human user physically insert a different
-   * smartcard, DataKey, etc.  The plugin should check whether the
-   * currently inserted token(s) are appropriate, and if they are it
-   * should not make this call.
-   *
-   * prompt_info is as before.  wrong_info is a description of the
-   * currently inserted token(s) so that the user is told what
-   * something is.  wrong_info, like prompt_info, may be null, but
-   * should not be an empty string.  Its contents should be
-   * syntactically similar to that of prompt_info. 
-   */
-  
-  /* Note that a single LoadKey operation might cause several calls to
-   * getpassphrase and/or requestphystoken.  If requestphystoken is
-   * not provided (ie, a null pointer is passed) then the plugin may
-   * not support loading keys for which authorisation by several cards
-   * is required.  If getpassphrase is not provided then cards with
-   * passphrases may not be supported.
-   *
-   * getpassphrase and getphystoken do not need to check that the
-   * passphrase has been entered correctly or the correct token
-   * inserted; the crypto plugin will do that.  If this is not the
-   * case then the crypto plugin is responsible for calling these
-   * routines again as appropriate until the correct token(s) and
-   * passphrase(s) are supplied as required, or until any retry limits
-   * implemented by the crypto plugin are reached.
-   *
-   * In either case, the application must allow the user to say `no'
-   * or `cancel' to indicate that they do not know the passphrase or
-   * have the appropriate token; this should cause the callback to
-   * return nonzero indicating error.
-   */
-
-  void (*logmessage)(void *logstream, const char *message);
-  /* A log message will be generated at least every time something goes
-   * wrong and an ErrMsgBuf is filled in (or would be if one was
-   * provided).  Other diagnostic information may be written there too,
-   * including more detailed reasons for errors which are reported in an
-   * ErrMsgBuf.
-   *
-   * When a log message is generated, this callback is called.  It
-   * should write a message to the relevant logging arrangements.
-   *
-   * The message string passed will be null-terminated and may be of arbitrary
-   * length.  It will not be prefixed by the time and date, nor by the
-   * name of the library that is generating it - if this is required,
-   * the logmessage callback must do it.  The message will not have a
-   * trailing newline (though it may contain internal newlines).
-   *
-   * If a null pointer is passed for logmessage a default function is
-   * used.  The default function treats logstream as a FILE* which has
-   * been converted to a void*.  If logstream is 0 it does nothing.
-   * Otherwise it prepends the date and time and library name and
-   * writes the message to logstream.  Each line will be prefixed by a
-   * descriptive string containing the date, time and identity of the
-   * crypto plugin.  Errors on the logstream are not reported
-   * anywhere, and the default function doesn't flush the stream, so
-   * the application must set the buffering how it wants it.
-   *
-   * The crypto plugin may also provide a facility to have copies of
-   * log messages sent elsewhere, and or for adjusting the verbosity
-   * of the log messages; any such facilities will be configured by
-   * external means.
-   */
-
-} HWCryptoHook_InitInfo;
-
-typedef
-HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo,
-                                               size_t initinfosize,
-                                               const HWCryptoHook_ErrMsgBuf *errors,
-                                               HWCryptoHook_CallerContext *cactx);
-extern HWCryptoHook_Init_t HWCryptoHook_Init;
-
-/* Caller should set initinfosize to the size of the HWCryptoHook struct,
- * so it can be extended later.
- *
- * On success, a message for display or logging by the server,
- * including the name and version number of the plugin, will be filled
- * in into *errors; on failure *errors is used for error handling, as
- * usual.
- */
-
-/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
- * on most failures.  HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
- * the output MPI buffer(s) was too small; the sizes of all have been
- * set to the desired size (and for those where the buffer was large
- * enough, the value may have been copied in), and no error message
- * has been recorded.
- *
- * You may pass 0 for the errors struct.  In any case, unless you set
- * _NoStderr at init time then messages may be reported to stderr.
- */
-
-/* The RSAImmed* functions (and key managed RSA) only work with
- * modules which have an RSA patent licence - currently that means KM
- * units; the ModExp* ones work with all modules, so you need a patent
- * licence in the software in the US.  They are otherwise identical.
- */
-
-typedef
-void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
-extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
-/* You must not have any calls going or keys loaded when you call this. */
-
-typedef
-int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
-                               unsigned char *buf, size_t len,
-                               const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
-
-typedef
-int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
-                          HWCryptoHook_MPI a,
-                          HWCryptoHook_MPI p,
-                          HWCryptoHook_MPI n,
-                          HWCryptoHook_MPI *r,
-                          const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
-
-typedef
-int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
-                               HWCryptoHook_MPI m,
-                               HWCryptoHook_MPI e,
-                               HWCryptoHook_MPI n,
-                               HWCryptoHook_MPI *r,
-                               const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
-
-typedef
-int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
-                             HWCryptoHook_MPI a,
-                             HWCryptoHook_MPI p,
-                             HWCryptoHook_MPI q,
-                             HWCryptoHook_MPI dmp1,
-                             HWCryptoHook_MPI dmq1,
-                             HWCryptoHook_MPI iqmp,
-                             HWCryptoHook_MPI *r,
-                             const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
-
-typedef
-int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
-                                HWCryptoHook_MPI m,
-                                HWCryptoHook_MPI p,
-                                HWCryptoHook_MPI q,
-                                HWCryptoHook_MPI dmp1,
-                                HWCryptoHook_MPI dmq1,
-                                HWCryptoHook_MPI iqmp,
-                                HWCryptoHook_MPI *r,
-                                const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
-
-/* The RSAImmed* and ModExp* functions may return E_FAILED or
- * E_FALLBACK for failure.
- *
- * E_FAILED means the failure is permanent and definite and there
- *    should be no attempt to fall back to software.  (Eg, for some
- *    applications, which support only the acceleration-only
- *    functions, the `key material' may actually be an encoded key
- *    identifier, and doing the operation in software would give wrong
- *    answers.)
- *
- * E_FALLBACK means that doing the computation in software would seem
- *    reasonable.  If an application pays attention to this and is
- *    able to fall back, it should also set the Fallback init flags.
- */
-
-typedef
-int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
-                              const char *key_ident,
-                              HWCryptoHook_RSAKeyHandle *keyhandle_r,
-                              const HWCryptoHook_ErrMsgBuf *errors,
-                              HWCryptoHook_PassphraseContext *ppctx);
-extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
-/* The key_ident is a null-terminated string configured by the
- * user via the application's usual configuration mechanisms.
- * It is provided to the user by the crypto provider's key management
- * system.  The user must be able to enter at least any string of between
- * 1 and 1023 characters inclusive, consisting of printable 7-bit
- * ASCII characters.  The provider should avoid using
- * any characters except alphanumerics and the punctuation
- * characters  _ - + . / @ ~  (the user is expected to be able
- * to enter these without quoting).  The string may be case-sensitive.
- * The application may allow the user to enter other NULL-terminated strings,
- * and the provider must cope (returning an error if the string is not
- * valid).
- *
- * If the key does not exist, no error is recorded and 0 is returned;
- * keyhandle_r will be set to 0 instead of to a key handle.
- */
-
-typedef
-int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
-                                   HWCryptoHook_MPI *n,
-                                   HWCryptoHook_MPI *e,
-                                   const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
-/* The crypto plugin will not store certificates.
- *
- * Although this function for acquiring the public key value is
- * provided, it is not the purpose of this API to deal fully with the
- * handling of the public key.
- *
- * It is expected that the crypto supplier's key generation program
- * will provide general facilities for producing X.509
- * self-certificates and certificate requests in PEM format.  These
- * will be given to the user so that they can configure them in the
- * application, send them to CAs, or whatever.
- *
- * In case this kind of certificate handling is not appropriate, the
- * crypto supplier's key generation program should be able to be
- * configured not to generate such a self-certificate or certificate
- * request.  Then the application will need to do all of this, and
- * will need to store and handle the public key and certificates
- * itself.
- */
-
-typedef
-int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
-                                const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
-/* Might fail due to locking problems, or other serious internal problems. */
-
-typedef
-int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
-                       HWCryptoHook_RSAKeyHandle k,
-                       HWCryptoHook_MPI *r,
-                       const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
-/* RSA private key operation (sign or decrypt) - raw, unpadded. */
-
-#endif /*HWCRYPTOHOOK_H*/
diff --git a/crypto/openssl/crypto/engine/vendor_defns/sureware.h b/crypto/openssl/crypto/engine/vendor_defns/sureware.h
deleted file mode 100644
index 1d3789219df9..000000000000
--- a/crypto/openssl/crypto/engine/vendor_defns/sureware.h
+++ /dev/null
@@ -1,239 +0,0 @@
-/*
-* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-* Copyright@2001 Baltimore Technologies Ltd.
-*																								*	
-*		THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND																			*
-*		ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE					* 
-*		IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE				*
-*		ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE						*
-*		FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL				*
-*		DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS					*
-*		OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)					*
-*		HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT				*
-*		LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY				*
-*		OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF					*
-*		SUCH DAMAGE.																			*
-*
-* 
-*/
-#ifdef WIN32
-#define SW_EXPORT	__declspec ( dllexport )
-#else
-#define SW_EXPORT
-#endif
-
-/*
-*	List of exposed SureWare errors
-*/
-#define SUREWAREHOOK_ERROR_FAILED		-1
-#define SUREWAREHOOK_ERROR_FALLBACK		-2
-#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
-#define SUREWAREHOOK_ERROR_DATA_SIZE -4
-#define SUREWAREHOOK_ERROR_INVALID_PAD -5
-/*
-* -----------------WARNING-----------------------------------
-* In all the following functions:
-* msg is a string with at least 24 bytes free.
-* A 24 bytes string will be concatenated to the existing content of msg. 
-*/
-/*
-*	SureWare Initialisation function
-*	in param threadsafe, if !=0, thread safe enabled
-*	return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
-*/
-typedef int SureWareHook_Init_t(char*const msg,int threadsafe);
-extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
-/*
-*	SureWare Finish function
-*/
-typedef void SureWareHook_Finish_t();
-extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
-/*
-*	 PRE_CONDITION:
-*		DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
-*/
-/*
-*	SureWare RAND Bytes function
-*	In case of failure, the content of buf is unpredictable.
-*	return 1 if success
-*			SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	in/out param buf : a num bytes long buffer where random bytes will be put
-*	in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Bytes_t(char*const msg,unsigned char *buf, int num);
-extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
-
-/*
-*	SureWare RAND Seed function
-*	Adds some seed to the Hardware Random Number Generator
-*	return 1 if success
-*			SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	in param buf : the seed to add into the HRNG
-*	in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Seed_t(char*const msg,const void *buf, int num);
-extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
-
-/*
-*	SureWare Load Private Key function
-*	return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*	No hardware is contact for this function.
-*
-*	in param key_id :the name of the private protected key file without the extension
-						".sws"
-*	out param hptr : a pointer to a buffer allocated by SureWare_Hook
-*	out param num: the effective key length in bytes
-*	out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Load_Privkey_t(char*const msg,const char *key_id,char **hptr,unsigned long *num,char *keytype);
-extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
-
-/*
-*	SureWare Info Public Key function
-*	return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*	No hardware is contact for this function.
-*
-*	in param key_id :the name of the private protected key file without the extension
-						".swp"
-*	out param hptr : a pointer to a buffer allocated by SureWare_Hook
-*	out param num: the effective key length in bytes
-*	out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Info_Pubkey_t(char*const msg,const char *key_id,unsigned long *num,
-										char *keytype);
-extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
-
-/*
-*	SureWare Load Public Key function
-*	return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*	No hardware is contact for this function.
-*
-*	in param key_id :the name of the public protected key file without the extension
-						".swp"
-*	in param num : the bytes size of n and e
-*	out param n: where to write modulus in bn format
-*	out param e: where to write exponent in bn format
-*/
-typedef int SureWareHook_Load_Rsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
-										unsigned long *n, unsigned long *e);
-extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
-
-/*
-*	SureWare Load DSA Public Key function
-*	return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*	No hardware is contact for this function.
-*
-*	in param key_id :the name of the public protected key file without the extension
-						".swp"
-*	in param num : the bytes size of n and e
-*	out param pub: where to write pub key in bn format
-*	out param p: where to write prime in bn format
-*	out param q: where to write sunprime (length 20 bytes) in bn format
-*	out param g: where to write base in bn format
-*/
-typedef int SureWareHook_Load_Dsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
-										unsigned long *pub, unsigned long *p,unsigned long*q,
-										unsigned long *g);
-extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
-
-/*
-*	SureWare Free function
-*	Destroy the key into the hardware if destroy==1
-*/
-typedef void SureWareHook_Free_t(char *p,int destroy);
-extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
-
-#define SUREWARE_PKCS1_PAD 1
-#define SUREWARE_ISO9796_PAD 2
-#define SUREWARE_NO_PAD 0
-/*
-* SureWare RSA Private Decryption
-* return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	in param flen : byte size of from and to
-*	in param from : encrypted data buffer, should be a not-null valid pointer
-*	out param tlen: byte size of decrypted data, if error, unexpected value
-*	out param to : decrypted data buffer, should be a not-null valid pointer
-*   in param prsa: a protected key pointer, should be a not-null valid pointer
-*   int padding: padding id as follow
-*					SUREWARE_PKCS1_PAD
-*					SUREWARE_NO_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Priv_Dec_t(char*const msg,int flen,unsigned char *from,
-										int *tlen,unsigned char *to,
-										char *prsa,int padding);
-extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
-/*
-* SureWare RSA Signature
-* return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	in param flen : byte size of from and to
-*	in param from : encrypted data buffer, should be a not-null valid pointer
-*	out param tlen: byte size of decrypted data, if error, unexpected value
-*	out param to : decrypted data buffer, should be a not-null valid pointer
-*   in param prsa: a protected key pointer, should be a not-null valid pointer
-*   int padding: padding id as follow
-*					SUREWARE_PKCS1_PAD
-*					SUREWARE_ISO9796_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Sign_t(char*const msg,int flen,unsigned char *from,
-										int *tlen,unsigned char *to,
-										char *prsa,int padding);
-extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
-/*
-* SureWare DSA Signature
-* return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	in param flen : byte size of from and to
-*	in param from : encrypted data buffer, should be a not-null valid pointer
-*	out param to : decrypted data buffer, should be a 40bytes valid pointer
-*   in param pdsa: a protected key pointer, should be a not-null valid pointer
-*
-*/
-typedef int SureWareHook_Dsa_Sign_t(char*const msg,int flen,const unsigned char *from,
-										unsigned long *r,unsigned long *s,char *pdsa);
-extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
-
-
-/*
-* SureWare Mod Exp
-* return 1 if success
-*			SureWareHOOK_ERROR_FAILED if error while processing
-*			SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*			SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*	mod and res are mlen bytes long.
-*	exp is elen bytes long
-*	data is dlen bytes long
-*	mlen,elen and dlen are all multiple of sizeof(unsigned long)
-*/
-typedef int SureWareHook_Mod_Exp_t(char*const msg,int mlen,const unsigned long *mod,
-									int elen,const unsigned long *exp,
-									int dlen,unsigned long *data,
-									unsigned long *res);
-extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;
-
diff --git a/crypto/openssl/crypto/err/Makefile.save b/crypto/openssl/crypto/err/Makefile.save
deleted file mode 100644
index 42b9faa559f1..000000000000
--- a/crypto/openssl/crypto/err/Makefile.save
+++ /dev/null
@@ -1,116 +0,0 @@
-#
-# SSLeay/crypto/err/Makefile
-#
-
-DIR=	err
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=err.c err_all.c err_prn.c
-LIBOBJ=err.o err_all.o err_prn.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= err.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err.o: ../cryptlib.h
-err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-err_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-err_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-err_all.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-err_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-err_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-err_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-err_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-err_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-err_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-err_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-err_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err_prn.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/err/Makefile.ssl b/crypto/openssl/crypto/err/Makefile.ssl
deleted file mode 100644
index 390bde1f1680..000000000000
--- a/crypto/openssl/crypto/err/Makefile.ssl
+++ /dev/null
@@ -1,119 +0,0 @@
-#
-# SSLeay/crypto/err/Makefile
-#
-
-DIR=	err
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=err.c err_all.c err_prn.c
-LIBOBJ=err.o err_all.o err_prn.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= err.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
-err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c
-err_all.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-err_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-err_all.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-err_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-err_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-err_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-err_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-err_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h
-err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-err_all.o: ../../include/openssl/x509v3.h err_all.c
-err_prn.o: ../../e_os.h ../../include/openssl/bio.h
-err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err_prn.o: ../cryptlib.h err_prn.c
diff --git a/crypto/openssl/crypto/err/err.c b/crypto/openssl/crypto/err/err.c
deleted file mode 100644
index b873270c049a..000000000000
--- a/crypto/openssl/crypto/err/err.c
+++ /dev/null
@@ -1,1035 +0,0 @@
-/* crypto/err/err.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <string.h>
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-static void err_load_strings(int lib, ERR_STRING_DATA *str);
-
-static void ERR_STATE_free(ERR_STATE *s);
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ERR_str_libraries[]=
-	{
-{ERR_PACK(ERR_LIB_NONE,0,0)		,"unknown library"},
-{ERR_PACK(ERR_LIB_SYS,0,0)		,"system library"},
-{ERR_PACK(ERR_LIB_BN,0,0)		,"bignum routines"},
-{ERR_PACK(ERR_LIB_RSA,0,0)		,"rsa routines"},
-{ERR_PACK(ERR_LIB_DH,0,0)		,"Diffie-Hellman routines"},
-{ERR_PACK(ERR_LIB_EVP,0,0)		,"digital envelope routines"},
-{ERR_PACK(ERR_LIB_BUF,0,0)		,"memory buffer routines"},
-{ERR_PACK(ERR_LIB_OBJ,0,0)		,"object identifier routines"},
-{ERR_PACK(ERR_LIB_PEM,0,0)		,"PEM routines"},
-{ERR_PACK(ERR_LIB_DSA,0,0)		,"dsa routines"},
-{ERR_PACK(ERR_LIB_X509,0,0)		,"x509 certificate routines"},
-{ERR_PACK(ERR_LIB_ASN1,0,0)		,"asn1 encoding routines"},
-{ERR_PACK(ERR_LIB_CONF,0,0)		,"configuration file routines"},
-{ERR_PACK(ERR_LIB_CRYPTO,0,0)		,"common libcrypto routines"},
-{ERR_PACK(ERR_LIB_EC,0,0)		,"elliptic curve routines"},
-{ERR_PACK(ERR_LIB_SSL,0,0)		,"SSL routines"},
-{ERR_PACK(ERR_LIB_BIO,0,0)		,"BIO routines"},
-{ERR_PACK(ERR_LIB_PKCS7,0,0)		,"PKCS7 routines"},
-{ERR_PACK(ERR_LIB_X509V3,0,0)		,"X509 V3 routines"},
-{ERR_PACK(ERR_LIB_PKCS12,0,0)		,"PKCS12 routines"},
-{ERR_PACK(ERR_LIB_RAND,0,0)		,"random number generator"},
-{ERR_PACK(ERR_LIB_DSO,0,0)		,"DSO support routines"},
-{ERR_PACK(ERR_LIB_ENGINE,0,0)		,"engine routines"},
-{ERR_PACK(ERR_LIB_OCSP,0,0)		,"OCSP routines"},
-{0,NULL},
-	};
-
-static ERR_STRING_DATA ERR_str_functs[]=
-	{
-	{ERR_PACK(0,SYS_F_FOPEN,0),     	"fopen"},
-	{ERR_PACK(0,SYS_F_CONNECT,0),		"connect"},
-	{ERR_PACK(0,SYS_F_GETSERVBYNAME,0),	"getservbyname"},
-	{ERR_PACK(0,SYS_F_SOCKET,0),		"socket"}, 
-	{ERR_PACK(0,SYS_F_IOCTLSOCKET,0),	"ioctlsocket"},
-	{ERR_PACK(0,SYS_F_BIND,0),		"bind"},
-	{ERR_PACK(0,SYS_F_LISTEN,0),		"listen"},
-	{ERR_PACK(0,SYS_F_ACCEPT,0),		"accept"},
-#ifdef OPENSSL_SYS_WINDOWS
-	{ERR_PACK(0,SYS_F_WSASTARTUP,0),	"WSAstartup"},
-#endif
-	{ERR_PACK(0,SYS_F_OPENDIR,0),		"opendir"},
-	{ERR_PACK(0,SYS_F_FREAD,0),		"fread"},
-	{0,NULL},
-	};
-
-static ERR_STRING_DATA ERR_str_reasons[]=
-	{
-{ERR_R_SYS_LIB				,"system lib"},
-{ERR_R_BN_LIB				,"BN lib"},
-{ERR_R_RSA_LIB				,"RSA lib"},
-{ERR_R_DH_LIB				,"DH lib"},
-{ERR_R_EVP_LIB				,"EVP lib"},
-{ERR_R_BUF_LIB				,"BUF lib"},
-{ERR_R_OBJ_LIB				,"OBJ lib"},
-{ERR_R_PEM_LIB				,"PEM lib"},
-{ERR_R_DSA_LIB				,"DSA lib"},
-{ERR_R_X509_LIB				,"X509 lib"},
-{ERR_R_ASN1_LIB				,"ASN1 lib"},
-{ERR_R_CONF_LIB				,"CONF lib"},
-{ERR_R_CRYPTO_LIB			,"CRYPTO lib"},
-{ERR_R_EC_LIB				,"EC lib"},
-{ERR_R_SSL_LIB				,"SSL lib"},
-{ERR_R_BIO_LIB				,"BIO lib"},
-{ERR_R_PKCS7_LIB			,"PKCS7 lib"},
-{ERR_R_X509V3_LIB			,"X509V3 lib"},
-{ERR_R_PKCS12_LIB			,"PKCS12 lib"},
-{ERR_R_RAND_LIB				,"RAND lib"},
-{ERR_R_DSO_LIB				,"DSO lib"},
-{ERR_R_ENGINE_LIB			,"ENGINE lib"},
-{ERR_R_OCSP_LIB				,"OCSP lib"},
-
-{ERR_R_NESTED_ASN1_ERROR		,"nested asn1 error"},
-{ERR_R_BAD_ASN1_OBJECT_HEADER		,"bad asn1 object header"},
-{ERR_R_BAD_GET_ASN1_OBJECT_CALL		,"bad get asn1 object call"},
-{ERR_R_EXPECTING_AN_ASN1_SEQUENCE	,"expecting an asn1 sequence"},
-{ERR_R_ASN1_LENGTH_MISMATCH		,"asn1 length mismatch"},
-{ERR_R_MISSING_ASN1_EOS			,"missing asn1 eos"},
-
-{ERR_R_FATAL                            ,"fatal"},
-{ERR_R_MALLOC_FAILURE			,"malloc failure"},
-{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	,"called a function you should not call"},
-{ERR_R_PASSED_NULL_PARAMETER		,"passed a null parameter"},
-{ERR_R_INTERNAL_ERROR			,"internal error"},
-
-{0,NULL},
-	};
-#endif
-
-
-/* Define the predeclared (but externally opaque) "ERR_FNS" type */
-struct st_ERR_FNS
-	{
-	/* Works on the "error_hash" string table */
-	LHASH *(*cb_err_get)(int create);
-	void (*cb_err_del)(void);
-	ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *);
-	ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *);
-	ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *);
-	/* Works on the "thread_hash" error-state table */
-	LHASH *(*cb_thread_get)(int create);
-	ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *);
-	ERR_STATE *(*cb_thread_set_item)(ERR_STATE *);
-	void (*cb_thread_del_item)(const ERR_STATE *);
-	/* Returns the next available error "library" numbers */
-	int (*cb_get_next_lib)(void);
-	};
-
-/* Predeclarations of the "err_defaults" functions */
-static LHASH *int_err_get(int create);
-static void int_err_del(void);
-static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
-static LHASH *int_thread_get(int create);
-static ERR_STATE *int_thread_get_item(const ERR_STATE *);
-static ERR_STATE *int_thread_set_item(ERR_STATE *);
-static void int_thread_del_item(const ERR_STATE *);
-static int int_err_get_next_lib(void);
-/* The static ERR_FNS table using these defaults functions */
-static const ERR_FNS err_defaults =
-	{
-	int_err_get,
-	int_err_del,
-	int_err_get_item,
-	int_err_set_item,
-	int_err_del_item,
-	int_thread_get,
-	int_thread_get_item,
-	int_thread_set_item,
-	int_thread_del_item,
-	int_err_get_next_lib
-	};
-
-/* The replacable table of ERR_FNS functions we use at run-time */
-static const ERR_FNS *err_fns = NULL;
-
-/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */
-#define ERRFN(a) err_fns->cb_##a
-
-/* The internal state used by "err_defaults" - as such, the setting, reading,
- * creating, and deleting of this data should only be permitted via the
- * "err_defaults" functions. This way, a linked module can completely defer all
- * ERR state operation (together with requisite locking) to the implementations
- * and state in the loading application. */
-static LHASH *int_error_hash = NULL;
-static LHASH *int_thread_hash = NULL;
-static int int_err_library_number= ERR_LIB_USER;
-
-/* Internal function that checks whether "err_fns" is set and if not, sets it to
- * the defaults. */
-static void err_fns_check(void)
-	{
-	if (err_fns) return;
-	
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!err_fns)
-		err_fns = &err_defaults;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	}
-
-/* API functions to get or set the underlying ERR functions. */
-
-const ERR_FNS *ERR_get_implementation(void)
-	{
-	err_fns_check();
-	return err_fns;
-	}
-
-int ERR_set_implementation(const ERR_FNS *fns)
-	{
-	int ret = 0;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	/* It's too late if 'err_fns' is non-NULL. BTW: not much point setting
-	 * an error is there?! */
-	if (!err_fns)
-		{
-		err_fns = fns;
-		ret = 1;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	return ret;
-	}
-
-/* These are the callbacks provided to "lh_new()" when creating the LHASH tables
- * internal to the "err_defaults" implementation. */
-
-/* static unsigned long err_hash(ERR_STRING_DATA *a); */
-static unsigned long err_hash(const void *a_void);
-/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */
-static int err_cmp(const void *a_void, const void *b_void);
-/* static unsigned long pid_hash(ERR_STATE *pid); */
-static unsigned long pid_hash(const void *pid_void);
-/* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */
-static int pid_cmp(const void *a_void,const void *pid_void);
-static unsigned long get_error_values(int inc,int top,const char **file,int *line,
-				      const char **data,int *flags);
-
-/* The internal functions used in the "err_defaults" implementation */
-
-static LHASH *int_err_get(int create)
-	{
-	LHASH *ret = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!int_error_hash && create)
-		{
-		CRYPTO_push_info("int_err_get (err.c)");
-		int_error_hash = lh_new(err_hash, err_cmp);
-		CRYPTO_pop_info();
-		}
-	if (int_error_hash)
-		ret = int_error_hash;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return ret;
-	}
-
-static void int_err_del(void)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (int_error_hash)
-		{
-		lh_free(int_error_hash);
-		int_error_hash = NULL;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	}
-
-static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
-	{
-	ERR_STRING_DATA *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_retrieve(hash, d);
-	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-	}
-
-static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
-	{
-	ERR_STRING_DATA *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(1);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_insert(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-	}
-
-static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
-	{
-	ERR_STRING_DATA *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_delete(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-	}
-
-static LHASH *int_thread_get(int create)
-	{
-	LHASH *ret = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!int_thread_hash && create)
-		{
-		CRYPTO_push_info("int_thread_get (err.c)");
-		int_thread_hash = lh_new(pid_hash, pid_cmp);
-		CRYPTO_pop_info();
-		}
-	if (int_thread_hash)
-		ret = int_thread_hash;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	return ret;
-	}
-
-static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
-	{
-	ERR_STATE *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_retrieve(hash, d);
-	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-	}
-
-static ERR_STATE *int_thread_set_item(ERR_STATE *d)
-	{
-	ERR_STATE *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(1);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_insert(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-	}
-
-static void int_thread_del_item(const ERR_STATE *d)
-	{
-	ERR_STATE *p;
-	LHASH *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(0);
-	if (!hash)
-		return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_delete(hash, d);
-	/* make sure we don't leak memory */
-	if (int_thread_hash && (lh_num_items(int_thread_hash) == 0))
-		{
-		lh_free(int_thread_hash);
-		int_thread_hash = NULL;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	if (p)
-		ERR_STATE_free(p);
-	}
-
-static int int_err_get_next_lib(void)
-	{
-	int ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	ret = int_err_library_number++;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return ret;
-	}
-
-
-#ifndef OPENSSL_NO_ERR
-#define NUM_SYS_STR_REASONS 127
-#define LEN_SYS_STR_REASON 32
-
-static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-/* SYS_str_reasons is filled with copies of strerror() results at
- * initialization.
- * 'errno' values up to 127 should cover all usual errors,
- * others will be displayed numerically by ERR_error_string.
- * It is crucial that we have something for each reason code
- * that occurs in ERR_str_reasons, or bogus reason strings
- * will be returned for SYSerr(), which always gets an errno
- * value and never one of those 'standard' reason codes. */
-
-static void build_SYS_str_reasons()
-	{
-	/* OPENSSL_malloc cannot be used here, use static storage instead */
-	static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
-	int i;
-	static int init = 1;
-
-	if (!init) return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-
-	for (i = 1; i <= NUM_SYS_STR_REASONS; i++)
-		{
-		ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
-
-		str->error = (unsigned long)i;
-		if (str->string == NULL)
-			{
-			char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
-			char *src = strerror(i);
-			if (src != NULL)
-				{
-				strncpy(*dest, src, sizeof *dest);
-				(*dest)[sizeof *dest - 1] = '\0';
-				str->string = *dest;
-				}
-			}
-		if (str->string == NULL)
-			str->string = "unknown";
-		}
-
-	/* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL},
-	 * as required by ERR_load_strings. */
-
-	init = 0;
-	
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	}
-#endif
-
-#define err_clear_data(p,i) \
-	if (((p)->err_data[i] != NULL) && \
-		(p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
-		{  \
-		OPENSSL_free((p)->err_data[i]); \
-		(p)->err_data[i]=NULL; \
-		} \
-	(p)->err_data_flags[i]=0;
-
-static void ERR_STATE_free(ERR_STATE *s)
-	{
-	int i;
-
-	if (s == NULL)
-	    return;
-
-	for (i=0; i<ERR_NUM_ERRORS; i++)
-		{
-		err_clear_data(s,i);
-		}
-	OPENSSL_free(s);
-	}
-
-void ERR_load_ERR_strings(void)
-	{
-	err_fns_check();
-#ifndef OPENSSL_NO_ERR
-	err_load_strings(0,ERR_str_libraries);
-	err_load_strings(0,ERR_str_reasons);
-	err_load_strings(ERR_LIB_SYS,ERR_str_functs);
-	build_SYS_str_reasons();
-	err_load_strings(ERR_LIB_SYS,SYS_str_reasons);
-#endif
-	}
-
-static void err_load_strings(int lib, ERR_STRING_DATA *str)
-	{
-	while (str->error)
-		{
-		str->error|=ERR_PACK(lib,0,0);
-		ERRFN(err_set_item)(str);
-		str++;
-		}
-	}
-
-void ERR_load_strings(int lib, ERR_STRING_DATA *str)
-	{
-	ERR_load_ERR_strings();
-	err_load_strings(lib, str);
-	}
-
-void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
-	{
-	while (str->error)
-		{
-		str->error|=ERR_PACK(lib,0,0);
-		ERRFN(err_del_item)(str);
-		str++;
-		}
-	}
-
-void ERR_free_strings(void)
-	{
-	err_fns_check();
-	ERRFN(err_del)();
-	}
-
-/********************************************************/
-
-void ERR_put_error(int lib, int func, int reason, const char *file,
-	     int line)
-	{
-	ERR_STATE *es;
-
-#ifdef _OSD_POSIX
-	/* In the BS2000-OSD POSIX subsystem, the compiler generates
-	 * path names in the form "*POSIX(/etc/passwd)".
-	 * This dirty hack strips them to something sensible.
-	 * @@@ We shouldn't modify a const string, though.
-	 */
-	if (strncmp(file,"*POSIX(", sizeof("*POSIX(")-1) == 0) {
-		char *end;
-
-		/* Skip the "*POSIX(" prefix */
-		file += sizeof("*POSIX(")-1;
-		end = &file[strlen(file)-1];
-		if (*end == ')')
-			*end = '\0';
-		/* Optional: use the basename of the path only. */
-		if ((end = strrchr(file, '/')) != NULL)
-			file = &end[1];
-	}
-#endif
-	es=ERR_get_state();
-
-	es->top=(es->top+1)%ERR_NUM_ERRORS;
-	if (es->top == es->bottom)
-		es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
-	es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
-	es->err_file[es->top]=file;
-	es->err_line[es->top]=line;
-	err_clear_data(es,es->top);
-	}
-
-void ERR_clear_error(void)
-	{
-	int i;
-	ERR_STATE *es;
-
-	es=ERR_get_state();
-
-	for (i=0; i<ERR_NUM_ERRORS; i++)
-		{
-		es->err_buffer[i]=0;
-		err_clear_data(es,i);
-		es->err_file[i]=NULL;
-		es->err_line[i]= -1;
-		}
-	es->top=es->bottom=0;
-	}
-
-
-unsigned long ERR_get_error(void)
-	{ return(get_error_values(1,0,NULL,NULL,NULL,NULL)); }
-
-unsigned long ERR_get_error_line(const char **file,
-	     int *line)
-	{ return(get_error_values(1,0,file,line,NULL,NULL)); }
-
-unsigned long ERR_get_error_line_data(const char **file, int *line,
-	     const char **data, int *flags)
-	{ return(get_error_values(1,0,file,line,data,flags)); }
-
-
-unsigned long ERR_peek_error(void)
-	{ return(get_error_values(0,0,NULL,NULL,NULL,NULL)); }
-
-unsigned long ERR_peek_error_line(const char **file, int *line)
-	{ return(get_error_values(0,0,file,line,NULL,NULL)); }
-
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
-	     const char **data, int *flags)
-	{ return(get_error_values(0,0,file,line,data,flags)); }
-
-
-unsigned long ERR_peek_last_error(void)
-	{ return(get_error_values(0,1,NULL,NULL,NULL,NULL)); }
-
-unsigned long ERR_peek_last_error_line(const char **file, int *line)
-	{ return(get_error_values(0,1,file,line,NULL,NULL)); }
-
-unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-	     const char **data, int *flags)
-	{ return(get_error_values(0,1,file,line,data,flags)); }
-
-
-static unsigned long get_error_values(int inc, int top, const char **file, int *line,
-	     const char **data, int *flags)
-	{	
-	int i=0;
-	ERR_STATE *es;
-	unsigned long ret;
-
-	es=ERR_get_state();
-
-	if (inc && top)
-		{
-		if (file) *file = "";
-		if (line) *line = 0;
-		if (data) *data = "";
-		if (flags) *flags = 0;
-			
-		return ERR_R_INTERNAL_ERROR;
-		}
-
-	if (es->bottom == es->top) return 0;
-	if (top)
-		i=es->top;			 /* last error */
-	else
-		i=(es->bottom+1)%ERR_NUM_ERRORS; /* first error */
-
-	ret=es->err_buffer[i];
-	if (inc)
-		{
-		es->bottom=i;
-		es->err_buffer[i]=0;
-		}
-
-	if ((file != NULL) && (line != NULL))
-		{
-		if (es->err_file[i] == NULL)
-			{
-			*file="NA";
-			if (line != NULL) *line=0;
-			}
-		else
-			{
-			*file=es->err_file[i];
-			if (line != NULL) *line=es->err_line[i];
-			}
-		}
-
-	if (data == NULL)
-		{
-		if (inc)
-			{
-			err_clear_data(es, i);
-			}
-		}
-	else
-		{
-		if (es->err_data[i] == NULL)
-			{
-			*data="";
-			if (flags != NULL) *flags=0;
-			}
-		else
-			{
-			*data=es->err_data[i];
-			if (flags != NULL) *flags=es->err_data_flags[i];
-			}
-		}
-	return ret;
-	}
-
-void ERR_error_string_n(unsigned long e, char *buf, size_t len)
-	{
-	char lsbuf[64], fsbuf[64], rsbuf[64];
-	const char *ls,*fs,*rs;
-	unsigned long l,f,r;
-
-	l=ERR_GET_LIB(e);
-	f=ERR_GET_FUNC(e);
-	r=ERR_GET_REASON(e);
-
-	ls=ERR_lib_error_string(e);
-	fs=ERR_func_error_string(e);
-	rs=ERR_reason_error_string(e);
-
-	if (ls == NULL) 
-		BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
-	if (fs == NULL)
-		BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
-	if (rs == NULL)
-		BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
-
-	BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, 
-		fs?fs:fsbuf, rs?rs:rsbuf);
-	if (strlen(buf) == len-1)
-		{
-		/* output may be truncated; make sure we always have 5 
-		 * colon-separated fields, i.e. 4 colons ... */
-#define NUM_COLONS 4
-		if (len > NUM_COLONS) /* ... if possible */
-			{
-			int i;
-			char *s = buf;
-			
-			for (i = 0; i < NUM_COLONS; i++)
-				{
-				char *colon = strchr(s, ':');
-				if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i)
-					{
-					/* set colon no. i at last possible position
-					 * (buf[len-1] is the terminating 0)*/
-					colon = &buf[len-1] - NUM_COLONS + i;
-					*colon = ':';
-					}
-				s = colon + 1;
-				}
-			}
-		}
-	}
-
-/* BAD for multi-threading: uses a local buffer if ret == NULL */
-/* ERR_error_string_n should be used instead for ret != NULL
- * as ERR_error_string cannot know how large the buffer is */
-char *ERR_error_string(unsigned long e, char *ret)
-	{
-	static char buf[256];
-
-	if (ret == NULL) ret=buf;
-	ERR_error_string_n(e, ret, 256);
-
-	return ret;
-	}
-
-LHASH *ERR_get_string_table(void)
-	{
-	err_fns_check();
-	return ERRFN(err_get)(0);
-	}
-
-LHASH *ERR_get_err_state_table(void)
-	{
-	err_fns_check();
-	return ERRFN(thread_get)(0);
-	}
-
-const char *ERR_lib_error_string(unsigned long e)
-	{
-	ERR_STRING_DATA d,*p;
-	unsigned long l;
-
-	err_fns_check();
-	l=ERR_GET_LIB(e);
-	d.error=ERR_PACK(l,0,0);
-	p=ERRFN(err_get_item)(&d);
-	return((p == NULL)?NULL:p->string);
-	}
-
-const char *ERR_func_error_string(unsigned long e)
-	{
-	ERR_STRING_DATA d,*p;
-	unsigned long l,f;
-
-	err_fns_check();
-	l=ERR_GET_LIB(e);
-	f=ERR_GET_FUNC(e);
-	d.error=ERR_PACK(l,f,0);
-	p=ERRFN(err_get_item)(&d);
-	return((p == NULL)?NULL:p->string);
-	}
-
-const char *ERR_reason_error_string(unsigned long e)
-	{
-	ERR_STRING_DATA d,*p=NULL;
-	unsigned long l,r;
-
-	err_fns_check();
-	l=ERR_GET_LIB(e);
-	r=ERR_GET_REASON(e);
-	d.error=ERR_PACK(l,0,r);
-	p=ERRFN(err_get_item)(&d);
-	if (!p)
-		{
-		d.error=ERR_PACK(0,0,r);
-		p=ERRFN(err_get_item)(&d);
-		}
-	return((p == NULL)?NULL:p->string);
-	}
-
-/* static unsigned long err_hash(ERR_STRING_DATA *a) */
-static unsigned long err_hash(const void *a_void)
-	{
-	unsigned long ret,l;
-
-	l=((ERR_STRING_DATA *)a_void)->error;
-	ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
-	return(ret^ret%19*13);
-	}
-
-/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */
-static int err_cmp(const void *a_void, const void *b_void)
-	{
-	return((int)(((ERR_STRING_DATA *)a_void)->error -
-			((ERR_STRING_DATA *)b_void)->error));
-	}
-
-/* static unsigned long pid_hash(ERR_STATE *a) */
-static unsigned long pid_hash(const void *a_void)
-	{
-	return(((ERR_STATE *)a_void)->pid*13);
-	}
-
-/* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */
-static int pid_cmp(const void *a_void, const void *b_void)
-	{
-	return((int)((long)((ERR_STATE *)a_void)->pid -
-			(long)((ERR_STATE *)b_void)->pid));
-	}
-
-void ERR_remove_state(unsigned long pid)
-	{
-	ERR_STATE tmp;
-
-	err_fns_check();
-	if (pid == 0)
-		pid=(unsigned long)CRYPTO_thread_id();
-	tmp.pid=pid;
-	/* thread_del_item automatically destroys the LHASH if the number of
-	 * items reaches zero. */
-	ERRFN(thread_del_item)(&tmp);
-	}
-
-ERR_STATE *ERR_get_state(void)
-	{
-	static ERR_STATE fallback;
-	ERR_STATE *ret,tmp,*tmpp=NULL;
-	int i;
-	unsigned long pid;
-
-	err_fns_check();
-	pid=(unsigned long)CRYPTO_thread_id();
-	tmp.pid=pid;
-	ret=ERRFN(thread_get_item)(&tmp);
-
-	/* ret == the error state, if NULL, make a new one */
-	if (ret == NULL)
-		{
-		ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
-		if (ret == NULL) return(&fallback);
-		ret->pid=pid;
-		ret->top=0;
-		ret->bottom=0;
-		for (i=0; i<ERR_NUM_ERRORS; i++)
-			{
-			ret->err_data[i]=NULL;
-			ret->err_data_flags[i]=0;
-			}
-		tmpp = ERRFN(thread_set_item)(ret);
-		/* To check if insertion failed, do a get. */
-		if (ERRFN(thread_get_item)(ret) != ret)
-			{
-			ERR_STATE_free(ret); /* could not insert it */
-			return(&fallback);
-			}
-		/* If a race occured in this function and we came second, tmpp
-		 * is the first one that we just replaced. */
-		if (tmpp)
-			ERR_STATE_free(tmpp);
-		}
-	return ret;
-	}
-
-int ERR_get_next_error_library(void)
-	{
-	err_fns_check();
-	return ERRFN(get_next_lib)();
-	}
-
-void ERR_set_error_data(char *data, int flags)
-	{
-	ERR_STATE *es;
-	int i;
-
-	es=ERR_get_state();
-
-	i=es->top;
-	if (i == 0)
-		i=ERR_NUM_ERRORS-1;
-
-	err_clear_data(es,i);
-	es->err_data[i]=data;
-	es->err_data_flags[i]=flags;
-	}
-
-void ERR_add_error_data(int num, ...)
-	{
-	va_list args;
-	int i,n,s;
-	char *str,*p,*a;
-
-	s=80;
-	str=OPENSSL_malloc(s+1);
-	if (str == NULL) return;
-	str[0]='\0';
-
-	va_start(args, num);
-	n=0;
-	for (i=0; i<num; i++)
-		{
-		a=va_arg(args, char*);
-		/* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */
-		if (a != NULL)
-			{
-			n+=strlen(a);
-			if (n > s)
-				{
-				s=n+20;
-				p=OPENSSL_realloc(str,s+1);
-				if (p == NULL)
-					{
-					OPENSSL_free(str);
-					goto err;
-					}
-				else
-					str=p;
-				}
-			strcat(str,a);
-			}
-		}
-	ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
-
-err:
-	va_end(args);
-	}
diff --git a/crypto/openssl/crypto/err/err.h b/crypto/openssl/crypto/err/err.h
deleted file mode 100644
index 988ef81aa0dc..000000000000
--- a/crypto/openssl/crypto/err/err.h
+++ /dev/null
@@ -1,298 +0,0 @@
-/* crypto/err/err.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ERR_H
-#define HEADER_ERR_H
-
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#include <stdlib.h>
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_LHASH
-#include <openssl/lhash.h>
-#endif
-
-#ifdef	__cplusplus
-extern "C" {
-#endif
-
-#ifndef OPENSSL_NO_ERR
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,d,e)
-#else
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,NULL,0)
-#endif
-
-#include <errno.h>
-
-#define ERR_TXT_MALLOCED	0x01
-#define ERR_TXT_STRING		0x02
-
-#define ERR_NUM_ERRORS	16
-typedef struct err_state_st
-	{
-	unsigned long pid;
-	unsigned long err_buffer[ERR_NUM_ERRORS];
-	char *err_data[ERR_NUM_ERRORS];
-	int err_data_flags[ERR_NUM_ERRORS];
-	const char *err_file[ERR_NUM_ERRORS];
-	int err_line[ERR_NUM_ERRORS];
-	int top,bottom;
-	} ERR_STATE;
-
-/* library */
-#define ERR_LIB_NONE		1
-#define ERR_LIB_SYS		2
-#define ERR_LIB_BN		3
-#define ERR_LIB_RSA		4
-#define ERR_LIB_DH		5
-#define ERR_LIB_EVP		6
-#define ERR_LIB_BUF		7
-#define ERR_LIB_OBJ		8
-#define ERR_LIB_PEM		9
-#define ERR_LIB_DSA		10
-#define ERR_LIB_X509		11
-/* #define ERR_LIB_METH         12 */
-#define ERR_LIB_ASN1		13
-#define ERR_LIB_CONF		14
-#define ERR_LIB_CRYPTO		15
-#define ERR_LIB_EC		16
-#define ERR_LIB_SSL		20
-/* #define ERR_LIB_SSL23        21 */
-/* #define ERR_LIB_SSL2         22 */
-/* #define ERR_LIB_SSL3         23 */
-/* #define ERR_LIB_RSAREF       30 */
-/* #define ERR_LIB_PROXY        31 */
-#define ERR_LIB_BIO		32
-#define ERR_LIB_PKCS7		33
-#define ERR_LIB_X509V3		34
-#define ERR_LIB_PKCS12		35
-#define ERR_LIB_RAND		36
-#define ERR_LIB_DSO		37
-#define ERR_LIB_ENGINE		38
-#define ERR_LIB_OCSP            39
-#define ERR_LIB_UI              40
-#define ERR_LIB_COMP            41
-
-#define ERR_LIB_USER		128
-
-#define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
-#define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
-#define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
-#define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
-#define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
-#define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
-#define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
-#define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
-#define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
-#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
-#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
-#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
-#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
-#define ECerr(f,r)   ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
-#define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
-#define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
-#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
-#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
-#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
-#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
-#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
-#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
-#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
-#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
-
-/* Borland C seems too stupid to be able to shift and do longs in
- * the pre-processor :-( */
-#define ERR_PACK(l,f,r)		(((((unsigned long)l)&0xffL)*0x1000000)| \
-				((((unsigned long)f)&0xfffL)*0x1000)| \
-				((((unsigned long)r)&0xfffL)))
-#define ERR_GET_LIB(l)		(int)((((unsigned long)l)>>24L)&0xffL)
-#define ERR_GET_FUNC(l)		(int)((((unsigned long)l)>>12L)&0xfffL)
-#define ERR_GET_REASON(l)	(int)((l)&0xfffL)
-#define ERR_FATAL_ERROR(l)	(int)((l)&ERR_R_FATAL)
-
-
-/* OS functions */
-#define SYS_F_FOPEN		1
-#define SYS_F_CONNECT		2
-#define SYS_F_GETSERVBYNAME	3
-#define SYS_F_SOCKET		4
-#define SYS_F_IOCTLSOCKET	5
-#define SYS_F_BIND		6
-#define SYS_F_LISTEN		7
-#define SYS_F_ACCEPT		8
-#define SYS_F_WSASTARTUP	9 /* Winsock stuff */
-#define SYS_F_OPENDIR		10
-#define SYS_F_FREAD		11
-
-
-/* reasons */
-#define ERR_R_SYS_LIB	ERR_LIB_SYS       /* 2 */
-#define ERR_R_BN_LIB	ERR_LIB_BN        /* 3 */
-#define ERR_R_RSA_LIB	ERR_LIB_RSA       /* 4 */
-#define ERR_R_DH_LIB	ERR_LIB_DH        /* 5 */
-#define ERR_R_EVP_LIB	ERR_LIB_EVP       /* 6 */
-#define ERR_R_BUF_LIB	ERR_LIB_BUF       /* 7 */
-#define ERR_R_OBJ_LIB	ERR_LIB_OBJ       /* 8 */
-#define ERR_R_PEM_LIB	ERR_LIB_PEM       /* 9 */
-#define ERR_R_DSA_LIB	ERR_LIB_DSA      /* 10 */
-#define ERR_R_X509_LIB	ERR_LIB_X509     /* 11 */
-#define ERR_R_ASN1_LIB	ERR_LIB_ASN1     /* 13 */
-#define ERR_R_CONF_LIB	ERR_LIB_CONF     /* 14 */
-#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO  /* 15 */
-#define ERR_R_EC_LIB	ERR_LIB_EC       /* 16 */
-#define ERR_R_SSL_LIB	ERR_LIB_SSL      /* 20 */
-#define ERR_R_BIO_LIB	ERR_LIB_BIO      /* 32 */
-#define ERR_R_PKCS7_LIB	ERR_LIB_PKCS7    /* 33 */
-#define ERR_R_X509V3_LIB ERR_LIB_X509V3  /* 34 */
-#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12  /* 35 */
-#define ERR_R_RAND_LIB	ERR_LIB_RAND     /* 36 */
-#define ERR_R_DSO_LIB	ERR_LIB_DSO      /* 37 */
-#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE  /* 38 */
-#define ERR_R_OCSP_LIB  ERR_LIB_OCSP     /* 39 */
-#define ERR_R_UI_LIB    ERR_LIB_UI       /* 40 */
-#define ERR_R_COMP_LIB	ERR_LIB_COMP     /* 41 */
-
-#define ERR_R_NESTED_ASN1_ERROR			58
-#define ERR_R_BAD_ASN1_OBJECT_HEADER		59
-#define ERR_R_BAD_GET_ASN1_OBJECT_CALL		60
-#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE	61
-#define ERR_R_ASN1_LENGTH_MISMATCH		62
-#define ERR_R_MISSING_ASN1_EOS			63
-
-/* fatal error */
-#define ERR_R_FATAL				64
-#define	ERR_R_MALLOC_FAILURE			(1|ERR_R_FATAL)
-#define	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	(2|ERR_R_FATAL)
-#define	ERR_R_PASSED_NULL_PARAMETER		(3|ERR_R_FATAL)
-#define	ERR_R_INTERNAL_ERROR			(4|ERR_R_FATAL)
-
-/* 99 is the maximum possible ERR_R_... code, higher values
- * are reserved for the individual libraries */
-
-
-typedef struct ERR_string_data_st
-	{
-	unsigned long error;
-	const char *string;
-	} ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func,int reason,const char *file,int line);
-void ERR_set_error_data(char *data,int flags);
-
-unsigned long ERR_get_error(void);
-unsigned long ERR_get_error_line(const char **file,int *line);
-unsigned long ERR_get_error_line_data(const char **file,int *line,
-				      const char **data, int *flags);
-unsigned long ERR_peek_error(void);
-unsigned long ERR_peek_error_line(const char **file,int *line);
-unsigned long ERR_peek_error_line_data(const char **file,int *line,
-				       const char **data,int *flags);
-unsigned long ERR_peek_last_error(void);
-unsigned long ERR_peek_last_error_line(const char **file,int *line);
-unsigned long ERR_peek_last_error_line_data(const char **file,int *line,
-				       const char **data,int *flags);
-void ERR_clear_error(void );
-char *ERR_error_string(unsigned long e,char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
-			 void *u);
-#ifndef OPENSSL_NO_FP_API
-void ERR_print_errors_fp(FILE *fp);
-#endif
-#ifndef OPENSSL_NO_BIO
-void ERR_print_errors(BIO *bp);
-void ERR_add_error_data(int num, ...);
-#endif
-void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_state(unsigned long pid); /* if zero we look it up */
-ERR_STATE *ERR_get_state(void);
-
-#ifndef OPENSSL_NO_LHASH
-LHASH *ERR_get_string_table(void);
-LHASH *ERR_get_err_state_table(void);
-#endif
-
-int ERR_get_next_error_library(void);
-
-/* This opaque type encapsulates the low-level error-state functions */
-typedef struct st_ERR_FNS ERR_FNS;
-/* An application can use this function and provide the return value to loaded
- * modules that should use the application's ERR state/functionality */
-const ERR_FNS *ERR_get_implementation(void);
-/* A loaded module should call this function prior to any ERR operations using
- * the application's "ERR_FNS". */
-int ERR_set_implementation(const ERR_FNS *fns);
-
-#ifdef	__cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/err/err_all.c b/crypto/openssl/crypto/err/err_all.c
deleted file mode 100644
index dc505d9d9d48..000000000000
--- a/crypto/openssl/crypto/err/err_all.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/err/err_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem2.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/conf.h>
-#include <openssl/pkcs12.h>
-#include <openssl/rand.h>
-#include <openssl/dso.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-
-void ERR_load_crypto_strings(void)
-	{
-	static int done=0;
-
-	if (done) return;
-	done=1;
-#ifndef OPENSSL_NO_ERR
-	ERR_load_ERR_strings(); /* include error strings for SYSerr */
-	ERR_load_BN_strings();
-#ifndef OPENSSL_NO_RSA
-	ERR_load_RSA_strings();
-#endif
-#ifndef OPENSSL_NO_DH
-	ERR_load_DH_strings();
-#endif
-	ERR_load_EVP_strings();
-	ERR_load_BUF_strings();
-	ERR_load_OBJ_strings();
-	ERR_load_PEM_strings();
-#ifndef OPENSSL_NO_DSA
-	ERR_load_DSA_strings();
-#endif
-	ERR_load_X509_strings();
-	ERR_load_ASN1_strings();
-	ERR_load_CONF_strings();
-	ERR_load_CRYPTO_strings();
-#ifndef OPENSSL_NO_EC
-	ERR_load_EC_strings();
-#endif
-	/* skip ERR_load_SSL_strings() because it is not in this library */
-	ERR_load_BIO_strings();
-	ERR_load_PKCS7_strings();	
-	ERR_load_X509V3_strings();
-	ERR_load_PKCS12_strings();
-	ERR_load_RAND_strings();
-	ERR_load_DSO_strings();
-#ifndef OPENSSL_NO_ENGINE
-	ERR_load_ENGINE_strings();
-#endif
-	ERR_load_OCSP_strings();
-	ERR_load_UI_strings();
-#endif
-	}
diff --git a/crypto/openssl/crypto/err/err_prn.c b/crypto/openssl/crypto/err/err_prn.c
deleted file mode 100644
index 81e34bd6ce7a..000000000000
--- a/crypto/openssl/crypto/err/err_prn.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/err/err_prn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
-			 void *u)
-	{
-	unsigned long l;
-	char buf[256];
-	char buf2[4096];
-	const char *file,*data;
-	int line,flags;
-	unsigned long es;
-
-	es=CRYPTO_thread_id();
-	while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
-		{
-		ERR_error_string_n(l, buf, sizeof buf);
-		BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
-			file, line, (flags & ERR_TXT_STRING) ? data : "");
-		cb(buf2, strlen(buf2), u);
-		}
-	}
-
-#ifndef OPENSSL_NO_FP_API
-static int print_fp(const char *str, size_t len, void *fp)
-	{
-	return fprintf((FILE *)fp, "%s", str);
-	}
-void ERR_print_errors_fp(FILE *fp)
-	{
-	ERR_print_errors_cb(print_fp, fp);
-	}
-#endif
-
-static int print_bio(const char *str, size_t len, void *bp)
-	{
-	return BIO_write((BIO *)bp, str, len);
-	}
-void ERR_print_errors(BIO *bp)
-	{
-	ERR_print_errors_cb(print_bio, bp);
-	}
-
-	
diff --git a/crypto/openssl/crypto/err/openssl.ec b/crypto/openssl/crypto/err/openssl.ec
deleted file mode 100644
index 29a69dfdd434..000000000000
--- a/crypto/openssl/crypto/err/openssl.ec
+++ /dev/null
@@ -1,81 +0,0 @@
-# crypto/err/openssl.ec
-
-# configuration file for util/mkerr.pl
-
-# files that may have to be rewritten by util/mkerr.pl
-L ERR		NONE				NONE
-L BN		crypto/bn/bn.h			crypto/bn/bn_err.c
-L RSA		crypto/rsa/rsa.h		crypto/rsa/rsa_err.c
-L DH		crypto/dh/dh.h			crypto/dh/dh_err.c
-L EVP		crypto/evp/evp.h		crypto/evp/evp_err.c
-L BUF		crypto/buffer/buffer.h		crypto/buffer/buf_err.c
-L OBJ		crypto/objects/objects.h	crypto/objects/obj_err.c
-L PEM		crypto/pem/pem.h		crypto/pem/pem_err.c
-L DSA		crypto/dsa/dsa.h		crypto/dsa/dsa_err.c
-L X509		crypto/x509/x509.h		crypto/x509/x509_err.c
-L ASN1		crypto/asn1/asn1.h		crypto/asn1/asn1_err.c
-L CONF		crypto/conf/conf.h		crypto/conf/conf_err.c
-L CRYPTO	crypto/crypto.h			crypto/cpt_err.c
-L EC		crypto/ec/ec.h			crypto/ec/ec_err.c
-L SSL		ssl/ssl.h			ssl/ssl_err.c
-L BIO		crypto/bio/bio.h		crypto/bio/bio_err.c
-L PKCS7		crypto/pkcs7/pkcs7.h		crypto/pkcs7/pkcs7err.c
-L X509V3	crypto/x509v3/x509v3.h		crypto/x509v3/v3err.c
-L PKCS12	crypto/pkcs12/pkcs12.h		crypto/pkcs12/pk12err.c
-L RAND		crypto/rand/rand.h		crypto/rand/rand_err.c
-L DSO		crypto/dso/dso.h		crypto/dso/dso_err.c
-L ENGINE	crypto/engine/engine.h		crypto/engine/eng_err.c
-L OCSP		crypto/ocsp/ocsp.h		crypto/ocsp/ocsp_err.c
-L UI		crypto/ui/ui.h			crypto/ui/ui_err.c
-
-# additional header files to be scanned for function names
-L NONE		crypto/x509/x509_vfy.h		NONE
-L NONE		crypto/ec/ec_lcl.h		NONE
-
-
-F RSAREF_F_RSA_BN2BIN
-F RSAREF_F_RSA_PRIVATE_DECRYPT
-F RSAREF_F_RSA_PRIVATE_ENCRYPT
-F RSAREF_F_RSA_PUBLIC_DECRYPT
-F RSAREF_F_RSA_PUBLIC_ENCRYPT
-#F SSL_F_CLIENT_CERTIFICATE
-
-R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		1010
-R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		1020
-R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED		1021
-R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		1022
-R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE	1030
-R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		1040
-R SSL_R_SSLV3_ALERT_NO_CERTIFICATE		1041
-R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		1042
-R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	1043
-R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		1044
-R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		1045
-R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		1046
-R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		1047
-R SSL_R_TLSV1_ALERT_UNKNOWN_CA			1048
-R SSL_R_TLSV1_ALERT_ACCESS_DENIED		1049
-R SSL_R_TLSV1_ALERT_DECODE_ERROR		1050
-R SSL_R_TLSV1_ALERT_DECRYPT_ERROR		1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		1060
-R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		1070
-R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY	1071
-R SSL_R_TLSV1_ALERT_INTERNAL_ERROR		1080
-R SSL_R_TLSV1_ALERT_USER_CANCELLED		1090
-R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		1100
-
-R RSAREF_R_CONTENT_ENCODING			0x0400
-R RSAREF_R_DATA					0x0401
-R RSAREF_R_DIGEST_ALGORITHM			0x0402
-R RSAREF_R_ENCODING				0x0403
-R RSAREF_R_KEY					0x0404
-R RSAREF_R_KEY_ENCODING				0x0405
-R RSAREF_R_LEN					0x0406
-R RSAREF_R_MODULUS_LEN				0x0407
-R RSAREF_R_NEED_RANDOM				0x0408
-R RSAREF_R_PRIVATE_KEY				0x0409
-R RSAREF_R_PUBLIC_KEY				0x040a
-R RSAREF_R_SIGNATURE				0x040b
-R RSAREF_R_SIGNATURE_ENCODING			0x040c
-R RSAREF_R_ENCRYPTION_ALGORITHM			0x040d
-
diff --git a/crypto/openssl/crypto/evp/Makefile.save b/crypto/openssl/crypto/evp/Makefile.save
deleted file mode 100644
index fb9945db1684..000000000000
--- a/crypto/openssl/crypto/evp/Makefile.save
+++ /dev/null
@@ -1,917 +0,0 @@
-#
-# SSLeay/crypto/evp/Makefile
-#
-
-DIR=	evp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
-	e_des.c e_bf.c e_idea.c e_des3.c \
-	e_rc4.c names.c \
-	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
-	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
-	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
-	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
-	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
-	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
-	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
-
-LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
-	e_des.o e_bf.o e_idea.o e_des3.o \
-	e_rc4.o names.o \
-	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
-	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
-	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
-	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
-	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
-	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
-	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= evp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_b64.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_b64.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_b64.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_b64.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_b64.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_md.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_md.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_md.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_md.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_md.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_md.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_ok.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_ok.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_ok.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_ok.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_ok.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_ok.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_ok.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_ok.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_ok.o: ../cryptlib.h
-c_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h
-c_allc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_allc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_allc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_allc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_allc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_allc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-c_alld.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_alld.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_alld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_alld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_alld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_alld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-digest.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-digest.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_bf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_bf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_bf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_bf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_bf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_cast.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_cast.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_cast.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_cast.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_cast.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_cast.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_des.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_des.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_des.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_des.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_des.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_des.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_des.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_des3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_des3.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des3.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_des3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_des3.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_des3.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_des3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des3.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_idea.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_idea.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_idea.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_idea.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_idea.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_idea.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_idea.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_null.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_null.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_null.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_rc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_rc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_rc4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc4.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc4.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_rc4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc4.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc4.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_rc5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc5.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_rc5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_xcbc_d.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_xcbc_d.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_xcbc_d.o: ../../include/openssl/opensslconf.h
-e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
-e_xcbc_d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-e_xcbc_d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-e_xcbc_d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_xcbc_d.o: ../cryptlib.h
-encode.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-encode.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-encode.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-encode.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-encode.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-encode.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-encode.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-encode.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-encode.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-encode.o: ../../include/openssl/symhacks.h ../cryptlib.h
-evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-evp_err.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_err.o: ../../include/openssl/symhacks.h
-evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-evp_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_key.o: ../cryptlib.h
-evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
-evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_pbe.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_pbe.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-evp_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pbe.o: ../cryptlib.h
-evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pkey.o: ../../include/openssl/opensslconf.h
-evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-evp_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-evp_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pkey.o: ../cryptlib.h
-m_dss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_dss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_dss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_dss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss.o: ../cryptlib.h
-m_dss1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_dss1.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss1.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_dss1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_dss1.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss1.o: ../cryptlib.h
-m_md2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md2.o: ../cryptlib.h
-m_md4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md4.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md4.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md4.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md4.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md4.o: ../cryptlib.h
-m_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md5.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md5.o: ../cryptlib.h
-m_mdc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_mdc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_mdc2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_mdc2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_mdc2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_mdc2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_mdc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_mdc2.o: ../cryptlib.h
-m_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_null.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_null.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_null.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_null.o: ../cryptlib.h
-m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_ripemd.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_ripemd.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ripemd.o: ../../include/openssl/opensslconf.h
-m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-m_ripemd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-m_ripemd.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-m_sha.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_sha.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_sha.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_sha.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h
-m_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_sha1.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha1.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_sha1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_sha1.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha1.o: ../cryptlib.h
-names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-names.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-names.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-names.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-names.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-names.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-names.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-names.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-names.o: ../cryptlib.h
-p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p5_crpt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p5_crpt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p5_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_crpt.o: ../cryptlib.h
-p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p5_crpt2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p5_crpt2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
-p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p5_crpt2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p5_crpt2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p5_crpt2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_dec.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_dec.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_dec.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_dec.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_dec.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_dec.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_dec.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_open.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_open.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_open.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_open.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_open.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_open.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_open.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_open.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_open.o: ../cryptlib.h
-p_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_seal.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_sign.o: ../cryptlib.h
-p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_verify.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_verify.o: ../../include/openssl/opensslconf.h
-p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_verify.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
diff --git a/crypto/openssl/crypto/evp/Makefile.ssl b/crypto/openssl/crypto/evp/Makefile.ssl
deleted file mode 100644
index 94f61b38ec1d..000000000000
--- a/crypto/openssl/crypto/evp/Makefile.ssl
+++ /dev/null
@@ -1,1060 +0,0 @@
-#
-# SSLeay/crypto/evp/Makefile
-#
-
-DIR=	evp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=evp_test.c
-TESTDATA=evptests.txt
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
-	e_des.c e_bf.c e_idea.c e_des3.c \
-	e_rc4.c e_aes.c names.c \
-	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
-	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
-	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
-	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
-	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
-	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
-	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
-
-LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
-	e_des.o e_bf.o e_idea.o e_des3.o \
-	e_rc4.o e_aes.o names.o \
-	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
-	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
-	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
-	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
-	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
-	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
-	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= evp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TESTDATA)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_b64.o: ../../e_os.h ../../include/openssl/aes.h
-bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_b64.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-bio_b64.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-bio_b64.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bio_b64.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_b64.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-bio_b64.o: ../cryptlib.h bio_b64.c
-bio_enc.o: ../../e_os.h ../../include/openssl/aes.h
-bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-bio_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-bio_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bio_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-bio_enc.o: ../cryptlib.h bio_enc.c
-bio_md.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-bio_md.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-bio_md.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-bio_md.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_md.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-bio_md.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-bio_md.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_md.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-bio_md.o: ../../include/openssl/ui_compat.h ../cryptlib.h bio_md.c
-bio_ok.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-bio_ok.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-bio_ok.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-bio_ok.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-bio_ok.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-bio_ok.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_ok.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-bio_ok.o: ../cryptlib.h bio_ok.c
-c_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-c_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-c_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-c_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-c_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-c_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-c_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-c_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-c_all.o: ../../include/openssl/ui_compat.h ../cryptlib.h c_all.c
-c_allc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-c_allc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-c_allc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-c_allc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-c_allc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-c_allc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-c_allc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-c_allc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
-c_alld.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-c_alld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-c_alld.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-c_alld.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-c_alld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-c_alld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-c_alld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-c_alld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
-digest.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-digest.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-digest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-digest.o: ../../include/openssl/ui_compat.h ../cryptlib.h digest.c
-e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_aes.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_aes.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_aes.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_aes.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_aes.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_aes.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_aes.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_aes.c
-e_aes.o: evp_locl.h
-e_bf.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_bf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_bf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_bf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_bf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_bf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_bf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_bf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_bf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_bf.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_bf.c evp_locl.h
-e_cast.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_cast.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_cast.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_cast.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_cast.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_cast.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_cast.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_cast.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_cast.c evp_locl.h
-e_des.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_des.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_des.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_des.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_des.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_des.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
-e_des3.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_des3.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_des3.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_des3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_des3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
-e_idea.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_idea.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_idea.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_idea.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_idea.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_idea.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_idea.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_idea.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_idea.c evp_locl.h
-e_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_null.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_null.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_null.c
-e_rc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_rc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_rc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_rc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_rc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_rc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_rc2.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc2.c evp_locl.h
-e_rc4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_rc4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_rc4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_rc4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_rc4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_rc4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c
-e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-e_rc5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-e_rc5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-e_rc5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-e_rc5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_rc5.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc5.c evp_locl.h
-e_xcbc_d.o: ../../e_os.h ../../include/openssl/aes.h
-e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-e_xcbc_d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_xcbc_d.o: ../../include/openssl/opensslconf.h
-e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_xcbc_d.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_xcbc_d.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
-encode.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-encode.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-encode.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-encode.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-encode.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-encode.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-encode.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-encode.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-encode.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-encode.o: ../../include/openssl/ui_compat.h ../cryptlib.h encode.c
-evp_acnf.o: ../../e_os.h ../../include/openssl/aes.h
-evp_acnf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_acnf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-evp_acnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_acnf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_acnf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_acnf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_acnf.o: ../../include/openssl/opensslconf.h
-evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_acnf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-evp_acnf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_acnf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_acnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_acnf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-evp_acnf.o: ../cryptlib.h evp_acnf.c
-evp_enc.o: ../../e_os.h ../../include/openssl/aes.h
-evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-evp_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-evp_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-evp_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
-evp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-evp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-evp_err.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
-evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-evp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-evp_err.o: evp_err.c
-evp_key.o: ../../e_os.h ../../include/openssl/aes.h
-evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-evp_key.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
-evp_lib.o: ../../e_os.h ../../include/openssl/aes.h
-evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-evp_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-evp_lib.o: ../cryptlib.h evp_lib.c
-evp_pbe.o: ../../e_os.h ../../include/openssl/aes.h
-evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_pbe.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_pbe.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-evp_pbe.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
-evp_pkey.o: ../../e_os.h ../../include/openssl/aes.h
-evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pkey.o: ../../include/openssl/opensslconf.h
-evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-evp_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-evp_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
-m_dss.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_dss.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_dss.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_dss.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_dss.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_dss.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_dss.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss.o: ../cryptlib.h m_dss.c
-m_dss1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_dss1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_dss1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_dss1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_dss1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_dss1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss1.o: ../cryptlib.h m_dss1.c
-m_md2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_md2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_md2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_md2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_md2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_md2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_md2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md2.o: ../cryptlib.h m_md2.c
-m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_md4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_md4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_md4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_md4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_md4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md4.o: ../cryptlib.h m_md4.c
-m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_md5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_md5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_md5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_md5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_md5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md5.o: ../cryptlib.h m_md5.c
-m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_mdc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_mdc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_mdc2.o: ../cryptlib.h m_mdc2.c
-m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_null.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_null.o: ../cryptlib.h m_null.c
-m_ripemd.o: ../../e_os.h ../../include/openssl/aes.h
-m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_ripemd.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-m_ripemd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ripemd.o: ../../include/openssl/opensslconf.h
-m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_ripemd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_ripemd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_ripemd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_ripemd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_ripemd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_ripemd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_ripemd.o: ../cryptlib.h m_ripemd.c
-m_sha.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_sha.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_sha.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_sha.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_sha.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_sha.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_sha.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h m_sha.c
-m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-m_sha1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-m_sha1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_sha1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-m_sha1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha1.o: ../cryptlib.h m_sha1.c
-names.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-names.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-names.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-names.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-names.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-names.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-names.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-names.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-names.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-names.o: ../cryptlib.h names.c
-p5_crpt.o: ../../e_os.h ../../include/openssl/aes.h
-p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p5_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p5_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p5_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p5_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
-p5_crpt2.o: ../../e_os.h ../../include/openssl/aes.h
-p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p5_crpt2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p5_crpt2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
-p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p5_crpt2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_crpt2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_crpt2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_crpt2.o: ../cryptlib.h p5_crpt2.c
-p_dec.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_dec.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_dec.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_dec.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_dec.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_dec.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_dec.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p_dec.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
-p_enc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p_enc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
-p_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-p_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c
-p_open.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_open.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_open.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_open.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_open.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_open.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_open.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_open.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_open.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_open.o: ../cryptlib.h p_open.c
-p_seal.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_seal.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_seal.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_seal.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_seal.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_seal.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_seal.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
-p_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_sign.o: ../cryptlib.h p_sign.c
-p_verify.o: ../../e_os.h ../../include/openssl/aes.h
-p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_verify.o: ../../include/openssl/opensslconf.h
-p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_verify.o: ../cryptlib.h p_verify.c
diff --git a/crypto/openssl/crypto/evp/bio_b64.c b/crypto/openssl/crypto/evp/bio_b64.c
deleted file mode 100644
index 6e550f6a430e..000000000000
--- a/crypto/openssl/crypto/evp/bio_b64.c
+++ /dev/null
@@ -1,549 +0,0 @@
-/* crypto/evp/bio_b64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int b64_write(BIO *h, const char *buf, int num);
-static int b64_read(BIO *h, char *buf, int size);
-/*static int b64_puts(BIO *h, const char *str); */
-/*static int b64_gets(BIO *h, char *str, int size); */
-static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int b64_new(BIO *h);
-static int b64_free(BIO *data);
-static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-#define B64_BLOCK_SIZE	1024
-#define B64_BLOCK_SIZE2	768
-#define B64_NONE	0
-#define B64_ENCODE	1
-#define B64_DECODE	2
-
-typedef struct b64_struct
-	{
-	/*BIO *bio; moved to the BIO structure */
-	int buf_len;
-	int buf_off;
-	int tmp_len;		/* used to find the start when decoding */
-	int tmp_nl;		/* If true, scan until '\n' */
-	int encode;
-	int start;		/* have we started decoding yet? */
-	int cont;		/* <= 0 when finished */
-	EVP_ENCODE_CTX base64;
-	char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
-	char tmp[B64_BLOCK_SIZE];
-	} BIO_B64_CTX;
-
-static BIO_METHOD methods_b64=
-	{
-	BIO_TYPE_BASE64,"base64 encoding",
-	b64_write,
-	b64_read,
-	NULL, /* b64_puts, */
-	NULL, /* b64_gets, */
-	b64_ctrl,
-	b64_new,
-	b64_free,
-	b64_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_base64(void)
-	{
-	return(&methods_b64);
-	}
-
-static int b64_new(BIO *bi)
-	{
-	BIO_B64_CTX *ctx;
-
-	ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
-	if (ctx == NULL) return(0);
-
-	ctx->buf_len=0;
-	ctx->tmp_len=0;
-	ctx->tmp_nl=0;
-	ctx->buf_off=0;
-	ctx->cont=1;
-	ctx->start=1;
-	ctx->encode=0;
-
-	bi->init=1;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int b64_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int b64_read(BIO *b, char *out, int outl)
-	{
-	int ret=0,i,ii,j,k,x,n,num,ret_code=0;
-	BIO_B64_CTX *ctx;
-	unsigned char *p,*q;
-
-	if (out == NULL) return(0);
-	ctx=(BIO_B64_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	if (ctx->encode != B64_DECODE)
-		{
-		ctx->encode=B64_DECODE;
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		ctx->tmp_len=0;
-		EVP_DecodeInit(&(ctx->base64));
-		}
-
-	/* First check if there are bytes decoded/encoded */
-	if (ctx->buf_len > 0)
-		{
-		i=ctx->buf_len-ctx->buf_off;
-		if (i > outl) i=outl;
-		OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf);
-		memcpy(out,&(ctx->buf[ctx->buf_off]),i);
-		ret=i;
-		out+=i;
-		outl-=i;
-		ctx->buf_off+=i;
-		if (ctx->buf_len == ctx->buf_off)
-			{
-			ctx->buf_len=0;
-			ctx->buf_off=0;
-			}
-		}
-
-	/* At this point, we have room of outl bytes and an empty
-	 * buffer, so we should read in some more. */
-
-	ret_code=0;
-	while (outl > 0)
-		{
-		if (ctx->cont <= 0) break;
-
-		i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
-			B64_BLOCK_SIZE-ctx->tmp_len);
-
-		if (i <= 0)
-			{
-			ret_code=i;
-
-			/* Should be continue next time we are called? */
-			if (!BIO_should_retry(b->next_bio))
-				ctx->cont=i;
-			/* else we should continue when called again */
-			break;
-			}
-		i+=ctx->tmp_len;
-
-		/* We need to scan, a line at a time until we
-		 * have a valid line if we are starting. */
-		if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
-			{
-			/* ctx->start=1; */
-			ctx->tmp_len=0;
-			}
-		else if (ctx->start)
-			{
-			q=p=(unsigned char *)ctx->tmp;
-			for (j=0; j<i; j++)
-				{
-				if (*(q++) != '\n') continue;
-
-				/* due to a previous very long line,
-				 * we need to keep on scanning for a '\n'
-				 * before we even start looking for
-				 * base64 encoded stuff. */
-				if (ctx->tmp_nl)
-					{
-					p=q;
-					ctx->tmp_nl=0;
-					continue;
-					}
-
-				k=EVP_DecodeUpdate(&(ctx->base64),
-					(unsigned char *)ctx->buf,
-					&num,p,q-p);
-				if ((k <= 0) && (num == 0) && (ctx->start))
-					EVP_DecodeInit(&ctx->base64);
-				else 
-					{
-					if (p != (unsigned char *)
-						&(ctx->tmp[0]))
-						{
-						i-=(p- (unsigned char *)
-							&(ctx->tmp[0]));
-						for (x=0; x < i; x++)
-							ctx->tmp[x]=p[x];
-						}
-					EVP_DecodeInit(&ctx->base64);
-					ctx->start=0;
-					break;
-					}
-				p=q;
-				}
-
-			/* we fell off the end without starting */
-			if (j == i)
-				{
-				/* Is this is one long chunk?, if so, keep on
-				 * reading until a new line. */
-				if (p == (unsigned char *)&(ctx->tmp[0]))
-					{
-					ctx->tmp_nl=1;
-					ctx->tmp_len=0;
-					}
-				else if (p != q) /* finished on a '\n' */
-					{
-					n=q-p;
-					for (ii=0; ii<n; ii++)
-						ctx->tmp[ii]=p[ii];
-					ctx->tmp_len=n;
-					}
-				/* else finished on a '\n' */
-				continue;
-				}
-			else
-				ctx->tmp_len=0;
-			}
-
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
-			{
-			int z,jj;
-
-			jj=(i>>2)<<2;
-			z=EVP_DecodeBlock((unsigned char *)ctx->buf,
-				(unsigned char *)ctx->tmp,jj);
-			if (jj > 2)
-				{
-				if (ctx->tmp[jj-1] == '=')
-					{
-					z--;
-					if (ctx->tmp[jj-2] == '=')
-						z--;
-					}
-				}
-			/* z is now number of output bytes and jj is the
-			 * number consumed */
-			if (jj != i)
-				{
-				memcpy((unsigned char *)ctx->tmp,
-					(unsigned char *)&(ctx->tmp[jj]),i-jj);
-				ctx->tmp_len=i-jj;
-				}
-			ctx->buf_len=0;
-			if (z > 0)
-				{
-				ctx->buf_len=z;
-				i=1;
-				}
-			else
-				i=z;
-			}
-		else
-			{
-			i=EVP_DecodeUpdate(&(ctx->base64),
-				(unsigned char *)ctx->buf,&ctx->buf_len,
-				(unsigned char *)ctx->tmp,i);
-			}
-		ctx->cont=i;
-		ctx->buf_off=0;
-		if (i < 0)
-			{
-			ret_code=0;
-			ctx->buf_len=0;
-			break;
-			}
-
-		if (ctx->buf_len <= outl)
-			i=ctx->buf_len;
-		else
-			i=outl;
-
-		memcpy(out,ctx->buf,i);
-		ret+=i;
-		ctx->buf_off=i;
-		if (ctx->buf_off == ctx->buf_len)
-			{
-			ctx->buf_len=0;
-			ctx->buf_off=0;
-			}
-		outl-=i;
-		out+=i;
-		}
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return((ret == 0)?ret_code:ret);
-	}
-
-static int b64_write(BIO *b, const char *in, int inl)
-	{
-	int ret=inl,n,i;
-	BIO_B64_CTX *ctx;
-
-	ctx=(BIO_B64_CTX *)b->ptr;
-	BIO_clear_retry_flags(b);
-
-	if (ctx->encode != B64_ENCODE)
-		{
-		ctx->encode=B64_ENCODE;
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		ctx->tmp_len=0;
-		EVP_EncodeInit(&(ctx->base64));
-		}
-
-	n=ctx->buf_len-ctx->buf_off;
-	while (n > 0)
-		{
-		i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			return(i);
-			}
-		ctx->buf_off+=i;
-		n-=i;
-		}
-	/* at this point all pending data has been written */
-	ctx->buf_off=0;
-	ctx->buf_len=0;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-
-	while (inl > 0)
-		{
-		n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
-
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
-			{
-			if (ctx->tmp_len > 0)
-				{
-				n=3-ctx->tmp_len;
-				/* There's a teoretical possibility for this */
-				if (n > inl) 
-					n=inl;
-				memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
-				ctx->tmp_len+=n;
-				if (ctx->tmp_len < 3)
-					break;
-				ctx->buf_len=EVP_EncodeBlock(
-					(unsigned char *)ctx->buf,
-					(unsigned char *)ctx->tmp,
-					ctx->tmp_len);
-				/* Since we're now done using the temporary
-				   buffer, the length should be 0'd */
-				ctx->tmp_len=0;
-				}
-			else
-				{
-				if (n < 3)
-					{
-					memcpy(&(ctx->tmp[0]),in,n);
-					ctx->tmp_len=n;
-					break;
-					}
-				n-=n%3;
-				ctx->buf_len=EVP_EncodeBlock(
-					(unsigned char *)ctx->buf,
-					(unsigned char *)in,n);
-				}
-			}
-		else
-			{
-			EVP_EncodeUpdate(&(ctx->base64),
-				(unsigned char *)ctx->buf,&ctx->buf_len,
-				(unsigned char *)in,n);
-			}
-		inl-=n;
-		in+=n;
-
-		ctx->buf_off=0;
-		n=ctx->buf_len;
-		while (n > 0)
-			{
-			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				return((ret == 0)?i:ret);
-				}
-			n-=i;
-			ctx->buf_off+=i;
-			}
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		}
-	return(ret);
-	}
-
-static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO_B64_CTX *ctx;
-	long ret=1;
-	int i;
-
-	ctx=(BIO_B64_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->cont=1;
-		ctx->start=1;
-		ctx->encode=B64_NONE;
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret=1;
-		else
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_WPENDING: /* More to write in buffer */
-		ret=ctx->buf_len-ctx->buf_off;
-		if ((ret == 0) && (ctx->encode != B64_NONE)
-			&& (ctx->base64.num != 0))
-			ret=1;
-		else if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-		ret=ctx->buf_len-ctx->buf_off;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-again:
-		while (ctx->buf_len != ctx->buf_off)
-			{
-			i=b64_write(b,NULL,0);
-			if (i < 0)
-				{
-				ret=i;
-				break;
-				}
-			}
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
-			{
-			if (ctx->tmp_len != 0)
-				{
-				ctx->buf_len=EVP_EncodeBlock(
-					(unsigned char *)ctx->buf,
-					(unsigned char *)ctx->tmp,
-					ctx->tmp_len);
-				ctx->buf_off=0;
-				ctx->tmp_len=0;
-				goto again;
-				}
-			}
-		else if (ctx->encode != B64_NONE && ctx->base64.num != 0)
-			{
-			ctx->buf_off=0;
-			EVP_EncodeFinal(&(ctx->base64),
-				(unsigned char *)ctx->buf,
-				&(ctx->buf_len));
-			/* push out the bytes */
-			goto again;
-			}
-		/* Finally flush the underlying BIO */
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_DUP:
-		break;
-	case BIO_CTRL_INFO:
-	case BIO_CTRL_GET:
-	case BIO_CTRL_SET:
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/evp/bio_enc.c b/crypto/openssl/crypto/evp/bio_enc.c
deleted file mode 100644
index 510e1bc8a4c2..000000000000
--- a/crypto/openssl/crypto/evp/bio_enc.c
+++ /dev/null
@@ -1,429 +0,0 @@
-/* crypto/evp/bio_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int enc_write(BIO *h, const char *buf, int num);
-static int enc_read(BIO *h, char *buf, int size);
-/*static int enc_puts(BIO *h, const char *str); */
-/*static int enc_gets(BIO *h, char *str, int size); */
-static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int enc_new(BIO *h);
-static int enc_free(BIO *data);
-static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
-#define ENC_BLOCK_SIZE	(1024*4)
-#define BUF_OFFSET	EVP_MAX_BLOCK_LENGTH
-
-typedef struct enc_struct
-	{
-	int buf_len;
-	int buf_off;
-	int cont;		/* <= 0 when finished */
-	int finished;
-	int ok;			/* bad decrypt */
-	EVP_CIPHER_CTX cipher;
-	/* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
-	 * can return up to a block more data than is presented to it
-	 */
-	char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
-	} BIO_ENC_CTX;
-
-static BIO_METHOD methods_enc=
-	{
-	BIO_TYPE_CIPHER,"cipher",
-	enc_write,
-	enc_read,
-	NULL, /* enc_puts, */
-	NULL, /* enc_gets, */
-	enc_ctrl,
-	enc_new,
-	enc_free,
-	enc_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_cipher(void)
-	{
-	return(&methods_enc);
-	}
-
-static int enc_new(BIO *bi)
-	{
-	BIO_ENC_CTX *ctx;
-
-	ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
-	if (ctx == NULL) return(0);
-	EVP_CIPHER_CTX_init(&ctx->cipher);
-
-	ctx->buf_len=0;
-	ctx->buf_off=0;
-	ctx->cont=1;
-	ctx->finished=0;
-	ctx->ok=1;
-
-	bi->init=0;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int enc_free(BIO *a)
-	{
-	BIO_ENC_CTX *b;
-
-	if (a == NULL) return(0);
-	b=(BIO_ENC_CTX *)a->ptr;
-	EVP_CIPHER_CTX_cleanup(&(b->cipher));
-	OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int enc_read(BIO *b, char *out, int outl)
-	{
-	int ret=0,i;
-	BIO_ENC_CTX *ctx;
-
-	if (out == NULL) return(0);
-	ctx=(BIO_ENC_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	/* First check if there are bytes decoded/encoded */
-	if (ctx->buf_len > 0)
-		{
-		i=ctx->buf_len-ctx->buf_off;
-		if (i > outl) i=outl;
-		memcpy(out,&(ctx->buf[ctx->buf_off]),i);
-		ret=i;
-		out+=i;
-		outl-=i;
-		ctx->buf_off+=i;
-		if (ctx->buf_len == ctx->buf_off)
-			{
-			ctx->buf_len=0;
-			ctx->buf_off=0;
-			}
-		}
-
-	/* At this point, we have room of outl bytes and an empty
-	 * buffer, so we should read in some more. */
-
-	while (outl > 0)
-		{
-		if (ctx->cont <= 0) break;
-
-		/* read in at IV offset, read the EVP_Cipher
-		 * documentation about why */
-		i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
-
-		if (i <= 0)
-			{
-			/* Should be continue next time we are called? */
-			if (!BIO_should_retry(b->next_bio))
-				{
-				ctx->cont=i;
-				i=EVP_CipherFinal_ex(&(ctx->cipher),
-					(unsigned char *)ctx->buf,
-					&(ctx->buf_len));
-				ctx->ok=i;
-				ctx->buf_off=0;
-				}
-			else 
-				{
-				ret=(ret == 0)?i:ret;
-				break;
-				}
-			}
-		else
-			{
-			EVP_CipherUpdate(&(ctx->cipher),
-				(unsigned char *)ctx->buf,&ctx->buf_len,
-				(unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
-			ctx->cont=1;
-			/* Note: it is possible for EVP_CipherUpdate to
-			 * decrypt zero bytes because this is or looks like
-			 * the final block: if this happens we should retry
-			 * and either read more data or decrypt the final
-			 * block
-			 */
-			if(ctx->buf_len == 0) continue;
-			}
-
-		if (ctx->buf_len <= outl)
-			i=ctx->buf_len;
-		else
-			i=outl;
-		if (i <= 0) break;
-		memcpy(out,ctx->buf,i);
-		ret+=i;
-		ctx->buf_off=i;
-		outl-=i;
-		out+=i;
-		}
-
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return((ret == 0)?ctx->cont:ret);
-	}
-
-static int enc_write(BIO *b, const char *in, int inl)
-	{
-	int ret=0,n,i;
-	BIO_ENC_CTX *ctx;
-
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	ret=inl;
-
-	BIO_clear_retry_flags(b);
-	n=ctx->buf_len-ctx->buf_off;
-	while (n > 0)
-		{
-		i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			return(i);
-			}
-		ctx->buf_off+=i;
-		n-=i;
-		}
-	/* at this point all pending data has been written */
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-
-	ctx->buf_off=0;
-	while (inl > 0)
-		{
-		n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
-		EVP_CipherUpdate(&(ctx->cipher),
-			(unsigned char *)ctx->buf,&ctx->buf_len,
-			(unsigned char *)in,n);
-		inl-=n;
-		in+=n;
-
-		ctx->buf_off=0;
-		n=ctx->buf_len;
-		while (n > 0)
-			{
-			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				return(i);
-				}
-			n-=i;
-			ctx->buf_off+=i;
-			}
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		}
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	BIO_ENC_CTX *ctx,*dctx;
-	long ret=1;
-	int i;
-	EVP_CIPHER_CTX **c_ctx;
-
-	ctx=(BIO_ENC_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->ok=1;
-		ctx->finished=0;
-		EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
-			ctx->cipher.encrypt);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret=1;
-		else
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=ctx->buf_len-ctx->buf_off;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-		ret=ctx->buf_len-ctx->buf_off;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-again:
-		while (ctx->buf_len != ctx->buf_off)
-			{
-			i=enc_write(b,NULL,0);
-			if (i < 0)
-				{
-				ret=i;
-				break;
-				}
-			}
-
-		if (!ctx->finished)
-			{
-			ctx->finished=1;
-			ctx->buf_off=0;
-			ret=EVP_CipherFinal_ex(&(ctx->cipher),
-				(unsigned char *)ctx->buf,
-				&(ctx->buf_len));
-			ctx->ok=(int)ret;
-			if (ret <= 0) break;
-
-			/* push out the bytes */
-			goto again;
-			}
-		
-		/* Finally flush the underlying BIO */
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_C_GET_CIPHER_STATUS:
-		ret=(long)ctx->ok;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_C_GET_CIPHER_CTX:
-		c_ctx=(EVP_CIPHER_CTX **)ptr;
-		(*c_ctx)= &(ctx->cipher);
-		b->init=1;
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		dctx=(BIO_ENC_CTX *)dbio->ptr;
-		memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
-		dbio->init=1;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-/*
-void BIO_set_cipher_ctx(b,c)
-BIO *b;
-EVP_CIPHER_ctx *c;
-	{
-	if (b == NULL) return;
-
-	if ((b->callback != NULL) &&
-		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
-
-	b->init=1;
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
-	
-	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
-	}
-*/
-
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
-	     unsigned char *i, int e)
-	{
-	BIO_ENC_CTX *ctx;
-
-	if (b == NULL) return;
-
-	if ((b->callback != NULL) &&
-		(b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
-
-	b->init=1;
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
-	
-	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
-	}
-
diff --git a/crypto/openssl/crypto/evp/bio_md.c b/crypto/openssl/crypto/evp/bio_md.c
deleted file mode 100644
index c632dfb20227..000000000000
--- a/crypto/openssl/crypto/evp/bio_md.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* crypto/evp/bio_md.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int md_write(BIO *h, char const *buf, int num);
-static int md_read(BIO *h, char *buf, int size);
-/*static int md_puts(BIO *h, const char *str); */
-static int md_gets(BIO *h, char *str, int size);
-static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int md_new(BIO *h);
-static int md_free(BIO *data);
-static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-
-static BIO_METHOD methods_md=
-	{
-	BIO_TYPE_MD,"message digest",
-	md_write,
-	md_read,
-	NULL, /* md_puts, */
-	md_gets,
-	md_ctrl,
-	md_new,
-	md_free,
-	md_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_md(void)
-	{
-	return(&methods_md);
-	}
-
-static int md_new(BIO *bi)
-	{
-	EVP_MD_CTX *ctx;
-
-	ctx=EVP_MD_CTX_create();
-	if (ctx == NULL) return(0);
-
-	bi->init=0;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int md_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	EVP_MD_CTX_destroy(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int md_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
-	EVP_MD_CTX *ctx;
-
-	if (out == NULL) return(0);
-	ctx=b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	ret=BIO_read(b->next_bio,out,outl);
-	if (b->init)
-		{
-		if (ret > 0)
-			{
-			EVP_DigestUpdate(ctx,(unsigned char *)out,
-				(unsigned int)ret);
-			}
-		}
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int md_write(BIO *b, const char *in, int inl)
-	{
-	int ret=0;
-	EVP_MD_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	ctx=b->ptr;
-
-	if ((ctx != NULL) && (b->next_bio != NULL))
-		ret=BIO_write(b->next_bio,in,inl);
-	if (b->init)
-		{
-		if (ret > 0)
-			{
-			EVP_DigestUpdate(ctx,(unsigned char *)in,
-				(unsigned int)ret);
-			}
-		}
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	EVP_MD_CTX *ctx,*dctx,**pctx;
-	const EVP_MD **ppmd;
-	EVP_MD *md;
-	long ret=1;
-	BIO *dbio;
-
-	ctx=b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		if (b->init)
-			EVP_DigestInit_ex(ctx,ctx->digest, NULL);
-		else
-			ret=0;
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_C_GET_MD:
-		if (b->init)
-			{
-			ppmd=ptr;
-			*ppmd=ctx->digest;
-			}
-		else
-			ret=0;
-		break;
-	case BIO_C_GET_MD_CTX:
-		if (b->init)
-			{
-			pctx=ptr;
-			*pctx=ctx;
-			}
-		else
-			ret=0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_C_SET_MD:
-		md=ptr;
-		EVP_DigestInit_ex(ctx,md, NULL);
-		b->init=1;
-		break;
-	case BIO_CTRL_DUP:
-		dbio=ptr;
-		dctx=dbio->ptr;
-		EVP_MD_CTX_copy_ex(dctx,ctx);
-		b->init=1;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int md_gets(BIO *bp, char *buf, int size)
-	{
-	EVP_MD_CTX *ctx;
-	unsigned int ret;
-
-
-	ctx=bp->ptr;
-	if (size < ctx->digest->md_size)
-		return(0);
-	EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret);
-	return((int)ret);
-	}
-
-/*
-static int md_puts(bp,str)
-BIO *bp;
-char *str;
-	{
-	return(-1);
-	}
-*/
-
diff --git a/crypto/openssl/crypto/evp/bio_ok.c b/crypto/openssl/crypto/evp/bio_ok.c
deleted file mode 100644
index 530ab937cea7..000000000000
--- a/crypto/openssl/crypto/evp/bio_ok.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/* crypto/evp/bio_ok.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
-	From: Arne Ansper <arne@cyber.ee>
-
-	Why BIO_f_reliable?
-
-	I wrote function which took BIO* as argument, read data from it
-	and processed it. Then I wanted to store the input file in 
-	encrypted form. OK I pushed BIO_f_cipher to the BIO stack
-	and everything was OK. BUT if user types wrong password 
-	BIO_f_cipher outputs only garbage and my function crashes. Yes
-	I can and I should fix my function, but BIO_f_cipher is 
-	easy way to add encryption support to many existing applications
-	and it's hard to debug and fix them all. 
-
-	So I wanted another BIO which would catch the incorrect passwords and
-	file damages which cause garbage on BIO_f_cipher's output. 
-
-	The easy way is to push the BIO_f_md and save the checksum at 
-	the end of the file. However there are several problems with this
-	approach:
-
-	1) you must somehow separate checksum from actual data. 
-	2) you need lot's of memory when reading the file, because you 
-	must read to the end of the file and verify the checksum before
-	letting the application to read the data. 
-	
-	BIO_f_reliable tries to solve both problems, so that you can 
-	read and write arbitrary long streams using only fixed amount
-	of memory.
-
-	BIO_f_reliable splits data stream into blocks. Each block is prefixed
-	with it's length and suffixed with it's digest. So you need only 
-	several Kbytes of memory to buffer single block before verifying 
-	it's digest. 
-
-	BIO_f_reliable goes further and adds several important capabilities:
-
-	1) the digest of the block is computed over the whole stream 
-	-- so nobody can rearrange the blocks or remove or replace them.
-
-	2) to detect invalid passwords right at the start BIO_f_reliable 
-	adds special prefix to the stream. In order to avoid known plain-text
-	attacks this prefix is generated as follows:
-
-		*) digest is initialized with random seed instead of 
-		standardized one.
-		*) same seed is written to ouput
-		*) well-known text is then hashed and the output 
-		of the digest is also written to output.
-
-	reader can now read the seed from stream, hash the same string
-	and then compare the digest output.
-
-	Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I 
-	initially wrote and tested this code on x86 machine and wrote the
-	digests out in machine-dependent order :( There are people using
-	this code and I cannot change this easily without making existing
-	data files unreadable.
-
-*/
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-
-static int ok_write(BIO *h, const char *buf, int num);
-static int ok_read(BIO *h, char *buf, int size);
-static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ok_new(BIO *h);
-static int ok_free(BIO *data);
-static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static void sig_out(BIO* b);
-static void sig_in(BIO* b);
-static void block_out(BIO* b);
-static void block_in(BIO* b);
-#define OK_BLOCK_SIZE	(1024*4)
-#define OK_BLOCK_BLOCK	4
-#define IOBS		(OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
-#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
-
-#ifndef L_ENDIAN
-#define swapem(x) \
-	((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \
-			     (((unsigned long int)(x) & 0x0000ff00U) <<  8) | \
-			     (((unsigned long int)(x) & 0x00ff0000U) >>  8) | \
-			     (((unsigned long int)(x) & 0xff000000U) >> 24)))
-#else
-#define swapem(x) (x)
-#endif
-
-typedef struct ok_struct
-	{
-	int buf_len;
-	int buf_off;
-	int buf_len_save;
-	int buf_off_save;
-	int cont;		/* <= 0 when finished */
-	int finished;
-	EVP_MD_CTX md;
-	int blockout;		/* output block is ready */ 
-	int sigio;		/* must process signature */
-	unsigned char buf[IOBS];
-	} BIO_OK_CTX;
-
-static BIO_METHOD methods_ok=
-	{
-	BIO_TYPE_CIPHER,"reliable",
-	ok_write,
-	ok_read,
-	NULL, /* ok_puts, */
-	NULL, /* ok_gets, */
-	ok_ctrl,
-	ok_new,
-	ok_free,
-	ok_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_reliable(void)
-	{
-	return(&methods_ok);
-	}
-
-static int ok_new(BIO *bi)
-	{
-	BIO_OK_CTX *ctx;
-
-	ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
-	if (ctx == NULL) return(0);
-
-	ctx->buf_len=0;
-	ctx->buf_off=0;
-	ctx->buf_len_save=0;
-	ctx->buf_off_save=0;
-	ctx->cont=1;
-	ctx->finished=0;
-	ctx->blockout= 0;
-	ctx->sigio=1;
-
-	EVP_MD_CTX_init(&ctx->md);
-
-	bi->init=0;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int ok_free(BIO *a)
-	{
-	if (a == NULL) return(0);
-	EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
-	OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX));
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int ok_read(BIO *b, char *out, int outl)
-	{
-	int ret=0,i,n;
-	BIO_OK_CTX *ctx;
-
-	if (out == NULL) return(0);
-	ctx=(BIO_OK_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
-
-	while(outl > 0)
-		{
-
-		/* copy clean bytes to output buffer */
-		if (ctx->blockout)
-			{
-			i=ctx->buf_len-ctx->buf_off;
-			if (i > outl) i=outl;
-			memcpy(out,&(ctx->buf[ctx->buf_off]),i);
-			ret+=i;
-			out+=i;
-			outl-=i;
-			ctx->buf_off+=i;
-
-			/* all clean bytes are out */
-			if (ctx->buf_len == ctx->buf_off)
-				{
-				ctx->buf_off=0;
-
-				/* copy start of the next block into proper place */
-				if(ctx->buf_len_save- ctx->buf_off_save > 0)
-					{
-					ctx->buf_len= ctx->buf_len_save- ctx->buf_off_save;
-					memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
-							ctx->buf_len);
-					}
-				else
-					{
-					ctx->buf_len=0;
-					}
-				ctx->blockout= 0;
-				}
-			}
-	
-		/* output buffer full -- cancel */
-		if (outl == 0) break;
-
-		/* no clean bytes in buffer -- fill it */
-		n=IOBS- ctx->buf_len;
-		i=BIO_read(b->next_bio,&(ctx->buf[ctx->buf_len]),n);
-
-		if (i <= 0) break;	/* nothing new */
-
-		ctx->buf_len+= i;
-
-		/* no signature yet -- check if we got one */
-		if (ctx->sigio == 1) sig_in(b);
-
-		/* signature ok -- check if we got block */
-		if (ctx->sigio == 0) block_in(b);
-
-		/* invalid block -- cancel */
-		if (ctx->cont <= 0) break;
-
-		}
-
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int ok_write(BIO *b, const char *in, int inl)
-	{
-	int ret=0,n,i;
-	BIO_OK_CTX *ctx;
-
-	ctx=(BIO_OK_CTX *)b->ptr;
-	ret=inl;
-
-	if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
-
-	if(ctx->sigio) sig_out(b);
-
-	do{
-		BIO_clear_retry_flags(b);
-		n=ctx->buf_len-ctx->buf_off;
-		while (ctx->blockout && n > 0)
-			{
-			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				if(!BIO_should_retry(b))
-					ctx->cont= 0;
-				return(i);
-				}
-			ctx->buf_off+=i;
-			n-=i;
-			}
-
-		/* at this point all pending data has been written */
-		ctx->blockout= 0;
-		if (ctx->buf_len == ctx->buf_off)
-			{
-			ctx->buf_len=OK_BLOCK_BLOCK;
-			ctx->buf_off=0;
-			}
-	
-		if ((in == NULL) || (inl <= 0)) return(0);
-
-		n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? 
-				OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl;
-
-		memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n);
-		ctx->buf_len+= n;
-		inl-=n;
-		in+=n;
-
-		if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
-			{
-			block_out(b);
-			}
-	}while(inl > 0);
-
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO_OK_CTX *ctx;
-	EVP_MD *md;
-	const EVP_MD **ppmd;
-	long ret=1;
-	int i;
-
-	ctx=b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		ctx->buf_len_save=0;
-		ctx->buf_off_save=0;
-		ctx->cont=1;
-		ctx->finished=0;
-		ctx->blockout= 0;
-		ctx->sigio=1;
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret=1;
-		else
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-	case BIO_CTRL_WPENDING: /* More to read in buffer */
-		ret=ctx->blockout ? ctx->buf_len-ctx->buf_off : 0;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-		if(ctx->blockout == 0)
-			block_out(b);
-
-		while (ctx->blockout)
-			{
-			i=ok_write(b,NULL,0);
-			if (i < 0)
-				{
-				ret=i;
-				break;
-				}
-			}
-
-		ctx->finished=1;
-		ctx->buf_off=ctx->buf_len=0;
-		ctx->cont=(int)ret;
-		
-		/* Finally flush the underlying BIO */
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_INFO:
-		ret=(long)ctx->cont;
-		break;
-	case BIO_C_SET_MD:
-		md=ptr;
-		EVP_DigestInit_ex(&ctx->md, md, NULL);
-		b->init=1;
-		break;
-	case BIO_C_GET_MD:
-		if (b->init)
-			{
-			ppmd=ptr;
-			*ppmd=ctx->md.digest;
-			}
-		else
-			ret=0;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static void longswap(void *_ptr, int len)
-{
-#ifndef L_ENDIAN
-	int i;
-	char *ptr=_ptr;
-
-	for(i= 0;i < len;i+= 4){
-		*((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i])));
-	}
-#endif
-}
-
-static void sig_out(BIO* b)
-	{
-	BIO_OK_CTX *ctx;
-	EVP_MD_CTX *md;
-
-	ctx=b->ptr;
-	md=&ctx->md;
-
-	if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
-
-	EVP_DigestInit_ex(md, md->digest, NULL);
-	/* FIXME: there's absolutely no guarantee this makes any sense at all,
-	 * particularly now EVP_MD_CTX has been restructured.
-	 */
-	RAND_pseudo_bytes(md->md_data, md->digest->md_size);
-	memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
-	longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
-	ctx->buf_len+= md->digest->md_size;
-
-	EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-	EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
-	ctx->buf_len+= md->digest->md_size;
-	ctx->blockout= 1;
-	ctx->sigio= 0;
-	}
-
-static void sig_in(BIO* b)
-	{
-	BIO_OK_CTX *ctx;
-	EVP_MD_CTX *md;
-	unsigned char tmp[EVP_MAX_MD_SIZE];
-	int ret= 0;
-
-	ctx=b->ptr;
-	md=&ctx->md;
-
-	if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return;
-
-	EVP_DigestInit_ex(md, md->digest, NULL);
-	memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
-	longswap(md->md_data, md->digest->md_size);
-	ctx->buf_off+= md->digest->md_size;
-
-	EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-	EVP_DigestFinal_ex(md, tmp, NULL);
-	ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
-	ctx->buf_off+= md->digest->md_size;
-	if(ret == 1)
-		{
-		ctx->sigio= 0;
-		if(ctx->buf_len != ctx->buf_off)
-			{
-			memmove(ctx->buf, &(ctx->buf[ctx->buf_off]), ctx->buf_len- ctx->buf_off);
-			}
-		ctx->buf_len-= ctx->buf_off;
-		ctx->buf_off= 0;
-		}
-	else
-		{
-		ctx->cont= 0;
-		}
-	}
-
-static void block_out(BIO* b)
-	{
-	BIO_OK_CTX *ctx;
-	EVP_MD_CTX *md;
-	unsigned long tl;
-
-	ctx=b->ptr;
-	md=&ctx->md;
-
-	tl= ctx->buf_len- OK_BLOCK_BLOCK;
-	tl= swapem(tl);
-	memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
-	tl= swapem(tl);
-	EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-	EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
-	ctx->buf_len+= md->digest->md_size;
-	ctx->blockout= 1;
-	}
-
-static void block_in(BIO* b)
-	{
-	BIO_OK_CTX *ctx;
-	EVP_MD_CTX *md;
-	long tl= 0;
-	unsigned char tmp[EVP_MAX_MD_SIZE];
-
-	ctx=b->ptr;
-	md=&ctx->md;
-
-	memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK);
-	tl= swapem(tl);
-	if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
- 
-	EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-	EVP_DigestFinal_ex(md, tmp, NULL);
-	if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
-		{
-		/* there might be parts from next block lurking around ! */
-		ctx->buf_off_save= tl+ OK_BLOCK_BLOCK+ md->digest->md_size;
-		ctx->buf_len_save= ctx->buf_len;
-		ctx->buf_off= OK_BLOCK_BLOCK;
-		ctx->buf_len= tl+ OK_BLOCK_BLOCK;
-		ctx->blockout= 1;
-		}
-	else
-		{
-		ctx->cont= 0;
-		}
-	}
-
diff --git a/crypto/openssl/crypto/evp/c_all.c b/crypto/openssl/crypto/evp/c_all.c
deleted file mode 100644
index af3dd261629a..000000000000
--- a/crypto/openssl/crypto/evp/c_all.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* crypto/evp/c_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-#if 0
-#undef OpenSSL_add_all_algorithms
-
-void OpenSSL_add_all_algorithms(void)
-	{
-	OPENSSL_add_all_algorithms_noconf();
-	}
-#endif
-
-void OPENSSL_add_all_algorithms_noconf(void)
-	{
-	OpenSSL_add_all_ciphers();
-	OpenSSL_add_all_digests();
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
-	ENGINE_setup_bsd_cryptodev();
-#endif
-	}
diff --git a/crypto/openssl/crypto/evp/c_allc.c b/crypto/openssl/crypto/evp/c_allc.c
deleted file mode 100644
index 341a958fd472..000000000000
--- a/crypto/openssl/crypto/evp/c_allc.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* crypto/evp/c_allc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/objects.h>
-
-void OpenSSL_add_all_ciphers(void)
-	{
-
-#ifndef OPENSSL_NO_DES
-	EVP_add_cipher(EVP_des_cfb());
-	EVP_add_cipher(EVP_des_ede_cfb());
-	EVP_add_cipher(EVP_des_ede3_cfb());
-
-	EVP_add_cipher(EVP_des_ofb());
-	EVP_add_cipher(EVP_des_ede_ofb());
-	EVP_add_cipher(EVP_des_ede3_ofb());
-
-	EVP_add_cipher(EVP_desx_cbc());
-	EVP_add_cipher_alias(SN_desx_cbc,"DESX");
-	EVP_add_cipher_alias(SN_desx_cbc,"desx");
-
-	EVP_add_cipher(EVP_des_cbc());
-	EVP_add_cipher_alias(SN_des_cbc,"DES");
-	EVP_add_cipher_alias(SN_des_cbc,"des");
-	EVP_add_cipher(EVP_des_ede_cbc());
-	EVP_add_cipher(EVP_des_ede3_cbc());
-	EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
-	EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
-
-	EVP_add_cipher(EVP_des_ecb());
-	EVP_add_cipher(EVP_des_ede());
-	EVP_add_cipher(EVP_des_ede3());
-#endif
-
-#ifndef OPENSSL_NO_RC4
-	EVP_add_cipher(EVP_rc4());
-	EVP_add_cipher(EVP_rc4_40());
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-	EVP_add_cipher(EVP_idea_ecb());
-	EVP_add_cipher(EVP_idea_cfb());
-	EVP_add_cipher(EVP_idea_ofb());
-	EVP_add_cipher(EVP_idea_cbc());
-	EVP_add_cipher_alias(SN_idea_cbc,"IDEA");
-	EVP_add_cipher_alias(SN_idea_cbc,"idea");
-#endif
-
-#ifndef OPENSSL_NO_RC2
-	EVP_add_cipher(EVP_rc2_ecb());
-	EVP_add_cipher(EVP_rc2_cfb());
-	EVP_add_cipher(EVP_rc2_ofb());
-	EVP_add_cipher(EVP_rc2_cbc());
-	EVP_add_cipher(EVP_rc2_40_cbc());
-	EVP_add_cipher(EVP_rc2_64_cbc());
-	EVP_add_cipher_alias(SN_rc2_cbc,"RC2");
-	EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
-#endif
-
-#ifndef OPENSSL_NO_BF
-	EVP_add_cipher(EVP_bf_ecb());
-	EVP_add_cipher(EVP_bf_cfb());
-	EVP_add_cipher(EVP_bf_ofb());
-	EVP_add_cipher(EVP_bf_cbc());
-	EVP_add_cipher_alias(SN_bf_cbc,"BF");
-	EVP_add_cipher_alias(SN_bf_cbc,"bf");
-	EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
-#endif
-
-#ifndef OPENSSL_NO_CAST
-	EVP_add_cipher(EVP_cast5_ecb());
-	EVP_add_cipher(EVP_cast5_cfb());
-	EVP_add_cipher(EVP_cast5_ofb());
-	EVP_add_cipher(EVP_cast5_cbc());
-	EVP_add_cipher_alias(SN_cast5_cbc,"CAST");
-	EVP_add_cipher_alias(SN_cast5_cbc,"cast");
-	EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");
-	EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
-#endif
-
-#ifndef OPENSSL_NO_RC5
-	EVP_add_cipher(EVP_rc5_32_12_16_ecb());
-	EVP_add_cipher(EVP_rc5_32_12_16_cfb());
-	EVP_add_cipher(EVP_rc5_32_12_16_ofb());
-	EVP_add_cipher(EVP_rc5_32_12_16_cbc());
-	EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
-	EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
-#endif
-
-#ifndef OPENSSL_NO_AES
-	EVP_add_cipher(EVP_aes_128_ecb());
-	EVP_add_cipher(EVP_aes_128_cbc());
-	EVP_add_cipher(EVP_aes_128_cfb());
-	EVP_add_cipher(EVP_aes_128_ofb());
-#if 0
-	EVP_add_cipher(EVP_aes_128_ctr());
-#endif
-	EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
-	EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
-	EVP_add_cipher(EVP_aes_192_ecb());
-	EVP_add_cipher(EVP_aes_192_cbc());
-	EVP_add_cipher(EVP_aes_192_cfb());
-	EVP_add_cipher(EVP_aes_192_ofb());
-#if 0
-	EVP_add_cipher(EVP_aes_192_ctr());
-#endif
-	EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
-	EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
-	EVP_add_cipher(EVP_aes_256_ecb());
-	EVP_add_cipher(EVP_aes_256_cbc());
-	EVP_add_cipher(EVP_aes_256_cfb());
-	EVP_add_cipher(EVP_aes_256_ofb());
-#if 0
-	EVP_add_cipher(EVP_aes_256_ctr());
-#endif
-	EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
-	EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
-#endif
-	PKCS12_PBE_add();
-	PKCS5_PBE_add();
-	}
diff --git a/crypto/openssl/crypto/evp/c_alld.c b/crypto/openssl/crypto/evp/c_alld.c
deleted file mode 100644
index be91cdb03731..000000000000
--- a/crypto/openssl/crypto/evp/c_alld.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/evp/c_alld.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/objects.h>
-
-void OpenSSL_add_all_digests(void)
-	{
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
-#endif
-#ifndef OPENSSL_NO_MD4
-	EVP_add_digest(EVP_md4());
-#endif
-#ifndef OPENSSL_NO_MD5
-	EVP_add_digest(EVP_md5());
-	EVP_add_digest_alias(SN_md5,"ssl2-md5");
-	EVP_add_digest_alias(SN_md5,"ssl3-md5");
-#endif
-#ifndef OPENSSL_NO_SHA
-	EVP_add_digest(EVP_sha());
-#ifndef OPENSSL_NO_DSA
-	EVP_add_digest(EVP_dss());
-#endif
-#endif
-#ifndef OPENSSL_NO_SHA
-	EVP_add_digest(EVP_sha1());
-	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
-	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-#ifndef OPENSSL_NO_DSA
-	EVP_add_digest(EVP_dss1());
-	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
-	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
-	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
-#endif
-#endif
-#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-	EVP_add_digest(EVP_mdc2());
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-	EVP_add_digest(EVP_ripemd160());
-	EVP_add_digest_alias(SN_ripemd160,"ripemd");
-	EVP_add_digest_alias(SN_ripemd160,"rmd160");
-#endif
-	}
diff --git a/crypto/openssl/crypto/evp/digest.c b/crypto/openssl/crypto/evp/digest.c
deleted file mode 100644
index 5b2104ac120f..000000000000
--- a/crypto/openssl/crypto/evp/digest.c
+++ /dev/null
@@ -1,325 +0,0 @@
-/* crypto/evp/digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
-	{
-	memset(ctx,'\0',sizeof *ctx);
-	}
-
-EVP_MD_CTX *EVP_MD_CTX_create(void)
-	{
-	EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
-
-	EVP_MD_CTX_init(ctx);
-
-	return ctx;
-	}
-
-int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
-	{
-	EVP_MD_CTX_init(ctx);
-	return EVP_DigestInit_ex(ctx, type, NULL);
-	}
-
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
-	{
-	EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unecessary. */
-	if (ctx->engine && ctx->digest && (!type ||
-			(type && (type->type == ctx->digest->type))))
-		goto skip_to_init;
-	if (type)
-		{
-		/* Ensure an ENGINE left lying around from last time is cleared
-		 * (the previous check attempted to avoid this if the same
-		 * ENGINE and EVP_MD could be used). */
-		if(ctx->engine)
-			ENGINE_finish(ctx->engine);
-		if(impl)
-			{
-			if (!ENGINE_init(impl))
-				{
-				EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
-				return 0;
-				}
-			}
-		else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_digest_engine(type->type);
-		if(impl)
-			{
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-			if(!d)
-				{
-				/* Same comment from evp_enc.c */
-				EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
-				return 0;
-				}
-			/* We'll use the ENGINE's private digest definition */
-			type = d;
-			/* Store the ENGINE functional reference so we know
-			 * 'type' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-			}
-		else
-			ctx->engine = NULL;
-		}
-	else
-#endif
-	if(!ctx->digest)
-		{
-		EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
-		return 0;
-		}
-	if (ctx->digest != type)
-		{
-		if (ctx->digest && ctx->digest->ctx_size)
-			OPENSSL_free(ctx->md_data);
-		ctx->digest=type;
-		if (type->ctx_size)
-			ctx->md_data=OPENSSL_malloc(type->ctx_size);
-		}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
-	return ctx->digest->init(ctx);
-	}
-
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
-	     unsigned int count)
-	{
-	return ctx->digest->update(ctx,data,(unsigned long)count);
-	}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-	{
-	int ret;
-	ret = EVP_DigestFinal_ex(ctx, md, size);
-	EVP_MD_CTX_cleanup(ctx);
-	return ret;
-	}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-	{
-	int ret;
-
-	OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
-	ret=ctx->digest->final(ctx,md);
-	if (size != NULL)
-		*size=ctx->digest->md_size;
-	if (ctx->digest->cleanup)
-		{
-		ctx->digest->cleanup(ctx);
-		EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
-		}
-	memset(ctx->md_data,0,ctx->digest->ctx_size);
-	return ret;
-	}
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-	{
-	EVP_MD_CTX_init(out);
-	return EVP_MD_CTX_copy_ex(out, in);
-	}
-
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-	{
-	if ((in == NULL) || (in->digest == NULL))
-		{
-		EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
-		return 0;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a digest context using an ENGINE */
-	if (in->engine && !ENGINE_init(in->engine))
-		{
-		EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
-		return 0;
-		}
-#endif
-
-	EVP_MD_CTX_cleanup(out);
-	memcpy(out,in,sizeof *out);
-
-	if (out->digest->ctx_size)
-		{
-		out->md_data=OPENSSL_malloc(out->digest->ctx_size);
-		memcpy(out->md_data,in->md_data,out->digest->ctx_size);
-		}
-	
-	if (out->digest->copy)
-		return out->digest->copy(out,in);
-	
-	return 1;
-	}
-
-int EVP_Digest(void *data, unsigned int count,
-		unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
-	{
-	EVP_MD_CTX ctx;
-	int ret;
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
-	ret=EVP_DigestInit_ex(&ctx, type, impl)
-	  && EVP_DigestUpdate(&ctx, data, count)
-	  && EVP_DigestFinal_ex(&ctx, md, size);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return ret;
-	}
-
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
-	{
-	EVP_MD_CTX_cleanup(ctx);
-	OPENSSL_free(ctx);
-	}
-
-/* This call frees resources associated with the context */
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
-	{
-	/* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
-	 * because sometimes only copies of the context are ever finalised.
-	 */
-	if (ctx->digest && ctx->digest->cleanup
-	    && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
-		ctx->digest->cleanup(ctx);
-	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
-		{
-		OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
-		OPENSSL_free(ctx->md_data);
-		}
-#ifndef OPENSSL_NO_ENGINE
-	if(ctx->engine)
-		/* The EVP_MD we used belongs to an ENGINE, release the
-		 * functional reference we held for this reason. */
-		ENGINE_finish(ctx->engine);
-#endif
-	memset(ctx,'\0',sizeof *ctx);
-
-	return 1;
-	}
diff --git a/crypto/openssl/crypto/evp/e_aes.c b/crypto/openssl/crypto/evp/e_aes.c
deleted file mode 100644
index fe8bcda631f2..000000000000
--- a/crypto/openssl/crypto/evp/e_aes.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef OPENSSL_NO_AES
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <string.h>
-#include <openssl/aes.h>
-#include "evp_locl.h"
-
-static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-					const unsigned char *iv, int enc);
-
-typedef struct
-	{
-	AES_KEY ks;
-	} EVP_AES_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_AES_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
-		       NID_aes_128, 16, 16, 16, 128,
-		       0, aes_init_key, NULL, 
-		       EVP_CIPHER_set_asn1_iv,
-		       EVP_CIPHER_get_asn1_iv,
-		       NULL)
-IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
-		       NID_aes_192, 16, 24, 16, 128,
-		       0, aes_init_key, NULL, 
-		       EVP_CIPHER_set_asn1_iv,
-		       EVP_CIPHER_get_asn1_iv,
-		       NULL)
-IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
-		       NID_aes_256, 16, 32, 16, 128,
-		       0, aes_init_key, NULL, 
-		       EVP_CIPHER_set_asn1_iv,
-		       EVP_CIPHER_get_asn1_iv,
-		       NULL)
-
-static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		   const unsigned char *iv, int enc) {
-
-	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
-	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
-	    || enc) 
-		AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
-	else
-		AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
-
-	return 1;
-}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_bf.c b/crypto/openssl/crypto/evp/e_bf.c
deleted file mode 100644
index e74337567b51..000000000000
--- a/crypto/openssl/crypto/evp/e_bf.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/evp/e_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include "evp_locl.h"
-#include <openssl/objects.h>
-#include <openssl/blowfish.h>
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		       const unsigned char *iv, int enc);
-
-typedef struct
-	{
-	BF_KEY ks;
-	} EVP_BF_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_BF_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
-			EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL, 
-			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-	
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		       const unsigned char *iv, int enc)
-	{
-	BF_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cast.c b/crypto/openssl/crypto/evp/e_cast.c
deleted file mode 100644
index 3400fef187fb..000000000000
--- a/crypto/openssl/crypto/evp/e_cast.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* crypto/evp/e_cast.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/cast.h>
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			 const unsigned char *iv,int enc);
-
-typedef struct
-	{
-	CAST_KEY ks;
-	} EVP_CAST_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_CAST_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY, 
-			NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
-			EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
-			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-			
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			 const unsigned char *iv, int enc)
-	{
-	CAST_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_3d.c b/crypto/openssl/crypto/evp/e_cbc_3d.c
deleted file mode 100644
index 5d16b865c58e..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_3d.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* crypto/evp/e_cbc_3d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_cbc_ede_cipher2=
-	{
-	NID_des_ede_cbc,
-	8,16,8,
-	des_cbc_ede_init_key,
-	des_cbc_ede_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-static EVP_CIPHER d_cbc_ede_cipher3=
-	{
-	NID_des_ede3_cbc,
-	8,24,8,
-	des_cbc_ede3_init_key,
-	des_cbc_ede_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_ede_cbc(void)
-	{
-	return(&d_cbc_ede_cipher2);
-	}
-
-EVP_CIPHER *EVP_des_ede3_cbc(void)
-	{
-	return(&d_cbc_ede_cipher3);
-	}
-	
-static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		memcpy( (char *)ctx->c.des_ede.ks3,
-			(char *)ctx->c.des_ede.ks1,
-			sizeof(ctx->c.des_ede.ks1));
-		}
-	}
-
-static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
-		}
-	}
-
-static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_ede3_cbc_encrypt(in,out,inl, ctx->c.des_ede.ks1,
-		ctx->c.des_ede.ks2,ctx->c.des_ede.ks3,
-		(des_cblock *) &(ctx->iv[0]),
-		ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_bf.c b/crypto/openssl/crypto/evp/e_cbc_bf.c
deleted file mode 100644
index 9bcba3c516bb..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_bf.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/evp/e_cbc_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER bfish_cbc_cipher=
-	{
-	NID_bf_cbc,
-	8,EVP_BLOWFISH_KEY_SIZE,8,
-	bf_cbc_init_key,
-	bf_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_bf_cbc(void)
-	{
-	return(&bfish_cbc_cipher);
-	}
-	
-static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
-	}
-
-static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	BF_cbc_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.bf_ks),&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_c.c b/crypto/openssl/crypto/evp/e_cbc_c.c
deleted file mode 100644
index 6845b0b44c91..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_c.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/evp/e_cbc_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER cast5_cbc_cipher=
-	{
-	NID_cast5_cbc,
-	8,EVP_CAST5_KEY_SIZE,8,
-	cast_cbc_init_key,
-	cast_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_cast5_cbc(void)
-	{
-	return(&cast5_cbc_cipher);
-	}
-	
-static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
-	}
-
-static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	CAST_cbc_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.cast_ks),&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_d.c b/crypto/openssl/crypto/evp/e_cbc_d.c
deleted file mode 100644
index 5b4e5b8601e8..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_d.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/evp/e_cbc_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_cbc_cipher=
-	{
-	NID_des_cbc,
-	8,8,8,
-	des_cbc_init_key,
-	des_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_cbc(void)
-	{
-	return(&d_cbc_cipher);
-	}
-	
-static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		des_set_key_unchecked(deskey,ctx->c.des_ks);
-	}
-
-static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_ncbc_encrypt(in,out,inl,ctx->c.des_ks,
-		(des_cblock *)&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_i.c b/crypto/openssl/crypto/evp/e_cbc_i.c
deleted file mode 100644
index 34b44aa21f1b..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_i.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/evp/e_cbc_i.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void idea_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER i_cbc_cipher=
-	{
-	NID_idea_cbc,
-	8,16,8,
-	idea_cbc_init_key,
-	idea_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_idea_cbc(void)
-	{
-	return(&i_cbc_cipher);
-	}
-	
-static void idea_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		{
-		if (enc)
-			idea_set_encrypt_key(key,&(ctx->c.idea_ks));
-		else
-			{
-			IDEA_KEY_SCHEDULE tmp;
-
-			idea_set_encrypt_key(key,&tmp);
-			idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
-			memset((unsigned char *)&tmp,0,
-				sizeof(IDEA_KEY_SCHEDULE));
-			}
-		}
-	}
-
-static void idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	idea_cbc_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.idea_ks),&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_r2.c b/crypto/openssl/crypto/evp/e_cbc_r2.c
deleted file mode 100644
index 9dfada4ea642..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_r2.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/evp/e_cbc_r2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static int rc2_meth_to_magic(const EVP_CIPHER *e);
-static EVP_CIPHER *rc2_magic_to_meth(int i);
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-#define RC2_40_MAGIC	0xa0
-#define RC2_64_MAGIC	0x78
-#define RC2_128_MAGIC	0x3a
-
-static EVP_CIPHER r2_cbc_cipher=
-	{
-	NID_rc2_cbc,
-	8,EVP_RC2_KEY_SIZE,8,
-	rc2_cbc_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	};
-
-static EVP_CIPHER r2_64_cbc_cipher=
-	{
-	NID_rc2_64_cbc,
-	8,8 /* 64 bit */,8,
-	rc2_cbc_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	};
-
-static EVP_CIPHER r2_40_cbc_cipher=
-	{
-	NID_rc2_40_cbc,
-	8,5 /* 40 bit */,8,
-	rc2_cbc_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	};
-
-EVP_CIPHER *EVP_rc2_cbc(void)
-	{
-	return(&r2_cbc_cipher);
-	}
-
-EVP_CIPHER *EVP_rc2_64_cbc(void)
-	{
-	return(&r2_64_cbc_cipher);
-	}
-
-EVP_CIPHER *EVP_rc2_40_cbc(void)
-	{
-	return(&r2_40_cbc_cipher);
-	}
-	
-static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
-			key,EVP_CIPHER_CTX_key_length(ctx)*8);
-	}
-
-static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC2_cbc_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.rc2_ks),&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-
-static int rc2_meth_to_magic(const EVP_CIPHER *e)
-	{
-	int i;
-
-	i=EVP_CIPHER_key_length(e);
-	if 	(i == 16) return(RC2_128_MAGIC);
-	else if (i == 8)  return(RC2_64_MAGIC);
-	else if (i == 5)  return(RC2_40_MAGIC);
-	else return(0);
-	}
-
-static EVP_CIPHER *rc2_magic_to_meth(int i)
-	{
-	if      (i == RC2_128_MAGIC) return(EVP_rc2_cbc());
-	else if (i == RC2_64_MAGIC)  return(EVP_rc2_64_cbc());
-	else if (i == RC2_40_MAGIC)  return(EVP_rc2_40_cbc());
-	else
-		{
-		EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
-		return(NULL);
-		}
-	}
-
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	long num=0;
-	int i=0,l;
-	EVP_CIPHER *e;
-
-	if (type != NULL)
-		{
-		l=EVP_CIPHER_CTX_iv_length(c);
-		i=ASN1_TYPE_get_int_octetstring(type,&num,c->oiv,l);
-		if (i != l)
-			return(-1);
-		else if (i > 0)
-			memcpy(c->iv,c->oiv,l);
-		e=rc2_magic_to_meth((int)num);
-		if (e == NULL)
-			return(-1);
-		if (e != EVP_CIPHER_CTX_cipher(c))
-			{
-			EVP_CIPHER_CTX_cipher(c)=e;
-			rc2_cbc_init_key(c,NULL,NULL,1);
-			}
-		}
-	return(i);
-	}
-
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	long num;
-	int i=0,j;
-
-	if (type != NULL)
-		{
-		num=rc2_meth_to_magic(EVP_CIPHER_CTX_cipher(c));
-		j=EVP_CIPHER_CTX_iv_length(c);
-		i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
-		}
-	return(i);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cbc_r5.c b/crypto/openssl/crypto/evp/e_cbc_r5.c
deleted file mode 100644
index cea3fe333ad3..000000000000
--- a/crypto/openssl/crypto/evp/e_cbc_r5.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/evp/e_cbc_r5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC5
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void r_32_12_16_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER rc5_32_12_16_cbc_cipher=
-	{
-	NID_rc5_cbc,
-	8,EVP_RC5_32_12_16_KEY_SIZE,8,
-	r_32_12_16_cbc_init_key,
-	r_32_12_16_cbc_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
-	{
-	return(&rc5_32_12_16_cbc_cipher);
-	}
-	
-static void r_32_12_16_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,
-			key,RC5_12_ROUNDS);
-	}
-
-static void r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC5_32_cbc_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.rc5_ks),&(ctx->iv[0]),
-		ctx->encrypt);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_3d.c b/crypto/openssl/crypto/evp/e_cfb_3d.c
deleted file mode 100644
index b364bd4e318d..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_3d.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* crypto/evp/e_cfb_3d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_ede_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede3_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_ede_cfb_cipher2=
-	{
-	NID_des_ede_cfb64,
-	1,16,8,
-	des_ede_cfb_init_key,
-	des_ede_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-static EVP_CIPHER d_ede3_cfb_cipher3=
-	{
-	NID_des_ede3_cfb64,
-	1,24,8,
-	des_ede3_cfb_init_key,
-	des_ede_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_ede_cfb(void)
-	{
-	return(&d_ede_cfb_cipher2);
-	}
-
-EVP_CIPHER *EVP_des_ede3_cfb(void)
-	{
-	return(&d_ede3_cfb_cipher3);
-	}
-	
-static void des_ede_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		memcpy( (char *)ctx->c.des_ede.ks3,
-			(char *)ctx->c.des_ede.ks1,
-			sizeof(ctx->c.des_ede.ks1));
-		}
-	}
-
-static void des_ede3_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
-		}
-	}
-
-static void des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_ede3_cfb64_encrypt(in,out,(long)inl,
-			       ctx->c.des_ede.ks1,
-			       ctx->c.des_ede.ks2,
-			       ctx->c.des_ede.ks3,
-			       (des_cblock*)&(ctx->iv[0]),
-			       &ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_bf.c b/crypto/openssl/crypto/evp/e_cfb_bf.c
deleted file mode 100644
index 63e1e624ea20..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_bf.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/evp/e_cfb_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void bf_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void bf_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER bfish_cfb_cipher=
-	{
-	NID_bf_cfb64,
-	1,EVP_BLOWFISH_KEY_SIZE,8,
-	bf_cfb_init_key,
-	bf_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_bf_cfb(void)
-	{
-	return(&bfish_cfb_cipher);
-	}
-	
-static void bf_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
-	}
-
-static void bf_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	BF_cfb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.bf_ks),
-		&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_c.c b/crypto/openssl/crypto/evp/e_cfb_c.c
deleted file mode 100644
index f04bac034b31..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_c.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/evp/e_cfb_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void cast_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void cast_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER cast5_cfb_cipher=
-	{
-	NID_cast5_cfb64,
-	1,EVP_CAST5_KEY_SIZE,8,
-	cast_cfb_init_key,
-	cast_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_cast5_cfb(void)
-	{
-	return(&cast5_cfb_cipher);
-	}
-	
-static void cast_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
-	}
-
-static void cast_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	CAST_cfb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.cast_ks),
-		&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_d.c b/crypto/openssl/crypto/evp/e_cfb_d.c
deleted file mode 100644
index 9e1714bd15da..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_d.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/evp/e_cfb_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#ifndef NO_DES
-static void des_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_cfb_cipher=
-	{
-	NID_des_cfb64,
-	1,8,8,
-	des_cfb_init_key,
-	des_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_cfb(void)
-	{
-	return(&d_cfb_cipher);
-	}
-	
-static void des_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		des_set_key_unchecked(deskey,ctx->c.des_ks);
-	}
-
-static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_cfb64_encrypt(
-		in,out,
-		(long)inl, ctx->c.des_ks,
-		(des_cblock *)&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_i.c b/crypto/openssl/crypto/evp/e_cfb_i.c
deleted file mode 100644
index 31c76c6dac08..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_i.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/evp/e_cfb_i.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void idea_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void idea_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER i_cfb_cipher=
-	{
-	NID_idea_cfb64,
-	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
-	idea_cfb_init_key,
-	idea_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_idea_cfb(void)
-	{
-	return(&i_cfb_cipher);
-	}
-
-static void idea_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		idea_set_encrypt_key(key,&(ctx->c.idea_ks));
-	}
-
-static void idea_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	idea_cfb64_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.idea_ks),&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_r2.c b/crypto/openssl/crypto/evp/e_cfb_r2.c
deleted file mode 100644
index 32dd77eb7cc3..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_r2.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/evp/e_cfb_r2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc2_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc2_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER r2_cfb_cipher=
-	{
-	NID_rc2_cfb64,
-	1,EVP_RC2_KEY_SIZE,8,
-	rc2_cfb_init_key,
-	rc2_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_rc2_cfb(void)
-	{
-	return(&r2_cfb_cipher);
-	}
-	
-static void rc2_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
-			key,EVP_CIPHER_CTX_key_length(ctx)*8);
-	}
-
-static void rc2_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC2_cfb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.rc2_ks),
-		&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_cfb_r5.c b/crypto/openssl/crypto/evp/e_cfb_r5.c
deleted file mode 100644
index 8e797289467a..000000000000
--- a/crypto/openssl/crypto/evp/e_cfb_r5.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/evp/e_cfb_r5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC5
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc5_32_12_16_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc5_32_12_16_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER rc5_cfb_cipher=
-	{
-	NID_rc5_cfb64,
-	1,EVP_RC5_32_12_16_KEY_SIZE,8,
-	rc5_32_12_16_cfb_init_key,
-	rc5_32_12_16_cfb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
-	{
-	return(&rc5_cfb_cipher);
-	}
-	
-static void rc5_32_12_16_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
-			RC5_12_ROUNDS);
-	}
-
-static void rc5_32_12_16_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC5_32_cfb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.rc5_ks),
-		&(ctx->iv[0]),
-		&ctx->num,ctx->encrypt);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_des.c b/crypto/openssl/crypto/evp/e_des.c
deleted file mode 100644
index 105266a4b364..000000000000
--- a/crypto/openssl/crypto/evp/e_des.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/evp/e_des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/des.h>
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv, int enc);
-
-/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-		DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
-	return 1;
-}
-
-static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
-{
-	DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num);
-	return 1;
-}
-
-static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
-{
-	DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
-			 (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
-{
-	DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
-			  (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-	return 1;
-}
-
-BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
-			0, des_init_key, NULL,
-			EVP_CIPHER_set_asn1_iv,
-			EVP_CIPHER_get_asn1_iv,
-			NULL)
-
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv, int enc)
-	{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(deskey,ctx->cipher_data);
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_des3.c b/crypto/openssl/crypto/evp/e_des3.c
deleted file mode 100644
index 077860e7b61f..000000000000
--- a/crypto/openssl/crypto/evp/e_des3.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/* crypto/evp/e_des3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/des.h>
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			    const unsigned char *iv,int enc);
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			     const unsigned char *iv,int enc);
-
-typedef struct
-    {
-    DES_key_schedule ks1;/* key schedule */
-    DES_key_schedule ks2;/* key schedule (for ede) */
-    DES_key_schedule ks3;/* key schedule (for ede3) */
-    } DES_EDE_KEY;
-
-#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
-
-/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-		DES_ecb3_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), 
-				 &data(ctx)->ks1, &data(ctx)->ks2,
-				 &data(ctx)->ks3,
-				 ctx->encrypt);
-	return 1;
-}
-
-static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
-{
-	DES_ede3_ofb64_encrypt(in, out, (long)inl,
-			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-			       (DES_cblock *)ctx->iv, &ctx->num);
-	return 1;
-}
-
-static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
-{
-#ifdef KSSL_DEBUG
-	{
-        int i;
-        char *cp;
-	printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
-	printf("\t iv= ");
-        for(i=0;i<8;i++)
-                printf("%02X",ctx->iv[i]);
-	printf("\n");
-	}
-#endif    /* KSSL_DEBUG */
-	DES_ede3_cbc_encrypt(in, out, (long)inl,
-			     &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-			     (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
-{
-	DES_ede3_cfb64_encrypt(in, out, (long)inl, 
-			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-			       (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-	return 1;
-}
-
-BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
-			0, des_ede_init_key, NULL, 
-			EVP_CIPHER_set_asn1_iv,
-			EVP_CIPHER_get_asn1_iv,
-			NULL)
-
-#define des_ede3_cfb_cipher des_ede_cfb_cipher
-#define des_ede3_ofb_cipher des_ede_ofb_cipher
-#define des_ede3_cbc_cipher des_ede_cbc_cipher
-#define des_ede3_ecb_cipher des_ede_ecb_cipher
-
-BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
-			0, des_ede3_init_key, NULL, 
-			EVP_CIPHER_set_asn1_iv,
-			EVP_CIPHER_get_asn1_iv,
-			NULL)
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			    const unsigned char *iv, int enc)
-	{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
-	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
-	memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
-	       sizeof(data(ctx)->ks1));
-	return 1;
-	}
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			     const unsigned char *iv, int enc)
-	{
-	DES_cblock *deskey = (DES_cblock *)key;
-#ifdef KSSL_DEBUG
-	{
-        int i;
-        printf("des_ede3_init_key(ctx=%lx)\n", ctx);
-	printf("\tKEY= ");
-        for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
-	printf("\t IV= ");
-        for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
-	}
-#endif	/* KSSL_DEBUG */
-
-	DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
-	DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
-	DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
-
-	return 1;
-	}
-
-const EVP_CIPHER *EVP_des_ede(void)
-{
-	return &des_ede_ecb;
-}
-
-const EVP_CIPHER *EVP_des_ede3(void)
-{
-	return &des_ede3_ecb;
-}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_dsa.c b/crypto/openssl/crypto/evp/e_dsa.c
deleted file mode 100644
index b96f2738b3ee..000000000000
--- a/crypto/openssl/crypto/evp/e_dsa.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* crypto/evp/e_dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_PKEY_METHOD dss_method=
-	{
-	DSA_sign,
-	DSA_verify,
-	{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
-	};
-
diff --git a/crypto/openssl/crypto/evp/e_ecb_3d.c b/crypto/openssl/crypto/evp/e_ecb_3d.c
deleted file mode 100644
index 806e971d3698..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_3d.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/evp/e_ecb_3d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_ede_cipher2=
-	{
-	NID_des_ede,
-	8,16,0,
-	des_ede_init_key,
-	des_ede_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	NULL,
-	NULL,
-	};
-
-static EVP_CIPHER d_ede3_cipher3=
-	{
-	NID_des_ede3,
-	8,24,0,
-	des_ede3_init_key,
-	des_ede_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	NULL,
-	};
-
-EVP_CIPHER *EVP_des_ede(void)
-	{
-	return(&d_ede_cipher2);
-	}
-
-EVP_CIPHER *EVP_des_ede3(void)
-	{
-	return(&d_ede3_cipher3);
-	}
-
-static void des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		memcpy( (char *)ctx->c.des_ede.ks3,
-			(char *)ctx->c.des_ede.ks1,
-			sizeof(ctx->c.des_ede.ks1));
-		}
-	}
-
-static void des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
-		}
-	}
-
-static void des_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-	des_cblock *output   /* = (des_cblock *)out */;
-	des_cblock *input    /* = (des_cblock *)in */;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		output = (des_cblock *)(out + i);
-		input = (des_cblock *)(in + i);
-
-		des_ecb3_encrypt(input,output,
-			ctx->c.des_ede.ks1,
-			ctx->c.des_ede.ks2,
-			ctx->c.des_ede.ks3,
-			ctx->encrypt);
-
-		/* output++; */
-		/* input++; */
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_bf.c b/crypto/openssl/crypto/evp/e_ecb_bf.c
deleted file mode 100644
index 334736d253bb..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_bf.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/evp/e_ecb_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void bf_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER bfish_ecb_cipher=
-	{
-	NID_bf_ecb,
-	8,EVP_BLOWFISH_KEY_SIZE,0,
-	bf_ecb_init_key,
-	bf_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_bf_ecb(void)
-	{
-	return(&bfish_ecb_cipher);
-	}
-	
-static void bf_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
-	}
-
-static void bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		BF_ecb_encrypt(
-			&(in[i]),&(out[i]),
-			&(ctx->c.bf_ks),ctx->encrypt);
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_c.c b/crypto/openssl/crypto/evp/e_ecb_c.c
deleted file mode 100644
index ad14e203cbc5..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_c.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/evp/e_ecb_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void cast_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void cast_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER cast5_ecb_cipher=
-	{
-	NID_cast5_ecb,
-	8,EVP_CAST5_KEY_SIZE,0,
-	cast_ecb_init_key,
-	cast_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_cast5_ecb(void)
-	{
-	return(&cast5_ecb_cipher);
-	}
-	
-static void cast_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (key != NULL)
-		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
-	}
-
-static void cast_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		CAST_ecb_encrypt(
-			&(in[i]),&(out[i]),
-			&(ctx->c.cast_ks),ctx->encrypt);
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_d.c b/crypto/openssl/crypto/evp/e_ecb_d.c
deleted file mode 100644
index c11bef55efc1..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_d.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/evp/e_ecb_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_ecb_cipher=
-	{
-	NID_des_ecb,
-	8,8,0,
-	des_ecb_init_key,
-	des_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_des_ecb(void)
-	{
-	return(&d_ecb_cipher);
-	}
-	
-static void des_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	if (deskey != NULL)
-		des_set_key_unchecked(deskey,ctx->c.des_ks);
-	}
-
-static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-	des_cblock *output  /* = (des_cblock *)out */;
-	des_cblock *input   /* = (des_cblock *)in */; 
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		/* Either this ... */
-		output = (des_cblock *)(out + i);
-		input = (des_cblock *)(in + i);
-
-		des_ecb_encrypt(input,output,ctx->c.des_ks,ctx->encrypt);
-
-		/* ... or this. */
-		/* output++; */
-		/* input++; */
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_i.c b/crypto/openssl/crypto/evp/e_ecb_i.c
deleted file mode 100644
index 50a3da1bbaae..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_i.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/evp/e_ecb_i.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void idea_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER i_ecb_cipher=
-	{
-	NID_idea_ecb,
-	8,16,0,
-	idea_ecb_init_key,
-	idea_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_idea_ecb(void)
-	{
-	return(&i_ecb_cipher);
-	}
-	
-static void idea_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (key != NULL)
-		{
-		if (enc)
-			idea_set_encrypt_key(key,&(ctx->c.idea_ks));
-		else
-			{
-			IDEA_KEY_SCHEDULE tmp;
-
-			idea_set_encrypt_key(key,&tmp);
-			idea_set_decrypt_key(&tmp, &(ctx->c.idea_ks));
-			memset((unsigned char *)&tmp,0,
-				sizeof(IDEA_KEY_SCHEDULE));
-			}
-		}
-	}
-
-static void idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		idea_ecb_encrypt(
-			&(in[i]),&(out[i]),&(ctx->c.idea_ks));
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_r2.c b/crypto/openssl/crypto/evp/e_ecb_r2.c
deleted file mode 100644
index 3c2330130d39..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_r2.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/evp/e_ecb_r2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc2_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER r2_ecb_cipher=
-	{
-	NID_rc2_ecb,
-	8,EVP_RC2_KEY_SIZE,0,
-	rc2_ecb_init_key,
-	rc2_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_rc2_ecb(void)
-	{
-	return(&r2_ecb_cipher);
-	}
-	
-static void rc2_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
-			key,EVP_CIPHER_CTX_key_length(ctx)*8);
-	}
-
-static void rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		RC2_ecb_encrypt(
-			&(in[i]),&(out[i]),
-			&(ctx->c.rc2_ks),ctx->encrypt);
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ecb_r5.c b/crypto/openssl/crypto/evp/e_ecb_r5.c
deleted file mode 100644
index ef43ce34bf9a..000000000000
--- a/crypto/openssl/crypto/evp/e_ecb_r5.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/evp/e_ecb_r5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC5
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc5_32_12_16_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc5_32_12_16_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER rc5_ecb_cipher=
-	{
-	NID_rc5_ecb,
-	8,EVP_RC5_32_12_16_KEY_SIZE,0,
-	rc5_32_12_16_ecb_init_key,
-	rc5_32_12_16_ecb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
-	NULL,
-	NULL,
-	};
-
-EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
-	{
-	return(&rc5_ecb_cipher);
-	}
-	
-static void rc5_32_12_16_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	if (key != NULL)
-		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
-			RC5_12_ROUNDS);
-	}
-
-static void rc5_32_12_16_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	unsigned int i;
-
-	if (inl < 8) return;
-	inl-=8;
-	for (i=0; i<=inl; i+=8)
-		{
-		RC5_32_ecb_encrypt(
-			&(in[i]),&(out[i]),
-			&(ctx->c.rc5_ks),ctx->encrypt);
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_idea.c b/crypto/openssl/crypto/evp/e_idea.c
deleted file mode 100644
index b9efa75ae7c8..000000000000
--- a/crypto/openssl/crypto/evp/e_idea.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/evp/e_idea.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/idea.h>
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			 const unsigned char *iv,int enc);
-
-/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
- * case 
- */
-
-static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-		idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
-	return 1;
-}
-
-/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
-
-typedef struct
-	{
-	IDEA_KEY_SCHEDULE ks;
-	} EVP_IDEA_KEY;
-
-BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
-BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
-BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
-
-BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
-			0, idea_init_key, NULL, 
-			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			 const unsigned char *iv, int enc)
-	{
-	if(!enc) {
-		if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
-		else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
-	}
-	if (enc) idea_set_encrypt_key(key,ctx->cipher_data);
-	else
-		{
-		IDEA_KEY_SCHEDULE tmp;
-
-		idea_set_encrypt_key(key,&tmp);
-		idea_set_decrypt_key(&tmp,ctx->cipher_data);
-		OPENSSL_cleanse((unsigned char *)&tmp,
-				sizeof(IDEA_KEY_SCHEDULE));
-		}
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_null.c b/crypto/openssl/crypto/evp/e_null.c
deleted file mode 100644
index 2420d7e5af80..000000000000
--- a/crypto/openssl/crypto/evp/e_null.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/evp/e_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv,int enc);
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl);
-static const EVP_CIPHER n_cipher=
-	{
-	NID_undef,
-	1,0,0,
-	0,
-	null_init_key,
-	null_cipher,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-	};
-
-const EVP_CIPHER *EVP_enc_null(void)
-	{
-	return(&n_cipher);
-	}
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	     const unsigned char *iv, int enc)
-	{
-	/*	memset(&(ctx->c),0,sizeof(ctx->c));*/
-	return 1;
-	}
-
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     const unsigned char *in, unsigned int inl)
-	{
-	if (in != out)
-		memcpy((char *)out,(char *)in,(int)inl);
-	return 1;
-	}
-
diff --git a/crypto/openssl/crypto/evp/e_ofb_3d.c b/crypto/openssl/crypto/evp/e_ofb_3d.c
deleted file mode 100644
index d1a33e2ecd50..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_3d.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/evp/e_ofb_3d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_ede_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede3_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_ede_ofb_cipher2=
-	{
-	NID_des_ede_ofb64,
-	1,16,8,
-	des_ede_ofb_init_key,
-	des_ede_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-static EVP_CIPHER d_ede3_ofb_cipher3=
-	{
-	NID_des_ede3_ofb64,
-	1,24,8,
-	des_ede3_ofb_init_key,
-	des_ede_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
-	EVP_CIPHER_set_asn1_iv,
-        EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_ede_ofb(void)
-	{
-	return(&d_ede_ofb_cipher2);
-	}
-
-EVP_CIPHER *EVP_des_ede3_ofb(void)
-	{
-	return(&d_ede3_ofb_cipher3);
-	}
-	
-static void des_ede_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		memcpy( (char *)ctx->c.des_ede.ks3,
-			(char *)ctx->c.des_ede.ks1,
-			sizeof(ctx->c.des_ede.ks1));
-		}
-	}
-
-static void des_ede3_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		{
-		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
-		}
-	}
-
-static void des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_ede3_ofb64_encrypt(in,out,inl,ctx->c.des_ede.ks1,
-			       ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
-			       (des_cblock *)&(ctx->iv[0]),&ctx->num);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_bf.c b/crypto/openssl/crypto/evp/e_ofb_bf.c
deleted file mode 100644
index c82154b54908..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_bf.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/evp/e_ofb_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void bf_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER bfish_ofb_cipher=
-	{
-	NID_bf_ofb64,
-	1,EVP_BLOWFISH_KEY_SIZE,8,
-	bf_ofb_init_key,
-	bf_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_bf_ofb(void)
-	{
-	return(&bfish_ofb_cipher);
-	}
-	
-static void bf_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
-	}
-
-static void bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	BF_ofb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.bf_ks),
-		&(ctx->iv[0]),
-		&ctx->num);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_c.c b/crypto/openssl/crypto/evp/e_ofb_c.c
deleted file mode 100644
index 971043de4c46..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_c.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/evp/e_ofb_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void cast_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void cast_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER cast5_ofb_cipher=
-	{
-	NID_cast5_ofb64,
-	1,EVP_CAST5_KEY_SIZE,8,
-	cast_ofb_init_key,
-	cast_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_cast5_ofb(void)
-	{
-	return(&cast5_ofb_cipher);
-	}
-	
-static void cast_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
-	}
-
-static void cast_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	CAST_ofb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.cast_ks),
-		&(ctx->iv[0]),
-		&ctx->num);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_d.c b/crypto/openssl/crypto/evp/e_ofb_d.c
deleted file mode 100644
index d51ce230f4d8..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_d.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/evp/e_ofb_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void des_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_ofb_cipher=
-	{
-	NID_des_ofb64,
-	1,8,8,
-	des_ofb_init_key,
-	des_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_des_ofb(void)
-	{
-	return(&d_ofb_cipher);
-	}
-	
-static void des_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	des_cblock *deskey = (des_cblock *)key;
-
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (deskey != NULL)
-		des_set_key_unchecked(deskey,ctx->c.des_ks);
-	}
-
-static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	des_ofb64_encrypt(in,out,inl,ctx->c.des_ks,
-		(des_cblock *)&(ctx->iv[0]),&ctx->num);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_i.c b/crypto/openssl/crypto/evp/e_ofb_i.c
deleted file mode 100644
index 389206ef3611..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_i.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/evp/e_ofb_i.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void idea_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER i_ofb_cipher=
-	{
-	NID_idea_ofb64,
-	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
-	idea_ofb_init_key,
-	idea_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_idea_ofb(void)
-	{
-	return(&i_ofb_cipher);
-	}
-	
-static void idea_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		idea_set_encrypt_key(key,&(ctx->c.idea_ks));
-	}
-
-static void idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	idea_ofb64_encrypt(
-		in,out,(long)inl,
-		&(ctx->c.idea_ks),&(ctx->iv[0]),
-		&ctx->num);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_r2.c b/crypto/openssl/crypto/evp/e_ofb_r2.c
deleted file mode 100644
index 60ae3d4507a4..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_r2.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/evp/e_ofb_r2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc2_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER r2_ofb_cipher=
-	{
-	NID_rc2_ofb64,
-	1,EVP_RC2_KEY_SIZE,8,
-	rc2_ofb_init_key,
-	rc2_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_rc2_ofb(void)
-	{
-	return(&r2_ofb_cipher);
-	}
-	
-static void rc2_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
-			key,EVP_CIPHER_CTX_key_length(ctx)*8);
-	}
-
-static void rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC2_ofb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.rc2_ks),
-		&(ctx->iv[0]),
-		&ctx->num);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_ofb_r5.c b/crypto/openssl/crypto/evp/e_ofb_r5.c
deleted file mode 100644
index 30136824eb7d..000000000000
--- a/crypto/openssl/crypto/evp/e_ofb_r5.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/evp/e_ofb_r5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC5
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static void rc5_32_12_16_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
-static void rc5_32_12_16_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
-static EVP_CIPHER rc5_ofb_cipher=
-	{
-	NID_rc5_ofb64,
-	1,EVP_RC5_32_12_16_KEY_SIZE,8,
-	rc5_32_12_16_ofb_init_key,
-	rc5_32_12_16_ofb_cipher,
-	NULL,
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	};
-
-EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)
-	{
-	return(&rc5_ofb_cipher);
-	}
-	
-static void rc5_32_12_16_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
-	{
-	ctx->num=0;
-
-	if (iv != NULL)
-		memcpy(&(ctx->oiv[0]),iv,8);
-	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
-	if (key != NULL)
-		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
-			RC5_12_ROUNDS);
-	}
-
-static void rc5_32_12_16_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
-	{
-	RC5_32_ofb64_encrypt(
-		in,out,
-		(long)inl, &(ctx->c.rc5_ks),
-		&(ctx->iv[0]),
-		&ctx->num);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_rc2.c b/crypto/openssl/crypto/evp/e_rc2.c
deleted file mode 100644
index d42cbfd17ec7..000000000000
--- a/crypto/openssl/crypto/evp/e_rc2.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/* crypto/evp/e_rc2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/rc2.h>
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv,int enc);
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
-static int rc2_magic_to_meth(int i);
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct
-	{
-	int key_bits;	/* effective key bits */
-	RC2_KEY ks;	/* key schedule */
-	} EVP_RC2_KEY;
-
-#define data(ctx)	((EVP_RC2_KEY *)(ctx)->cipher_data)
-
-IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
-			8,
-			RC2_KEY_LENGTH, 8, 64,
-			EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-			rc2_init_key, NULL,
-			rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, 
-			rc2_ctrl)
-
-#define RC2_40_MAGIC	0xa0
-#define RC2_64_MAGIC	0x78
-#define RC2_128_MAGIC	0x3a
-
-static const EVP_CIPHER r2_64_cbc_cipher=
-	{
-	NID_rc2_64_cbc,
-	8,8 /* 64 bit */,8,
-	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-	rc2_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_RC2_KEY),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	rc2_ctrl,
-	NULL
-	};
-
-static const EVP_CIPHER r2_40_cbc_cipher=
-	{
-	NID_rc2_40_cbc,
-	8,5 /* 40 bit */,8,
-	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-	rc2_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_RC2_KEY),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	rc2_ctrl,
-	NULL
-	};
-
-const EVP_CIPHER *EVP_rc2_64_cbc(void)
-	{
-	return(&r2_64_cbc_cipher);
-	}
-
-const EVP_CIPHER *EVP_rc2_40_cbc(void)
-	{
-	return(&r2_40_cbc_cipher);
-	}
-	
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv, int enc)
-	{
-	RC2_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
-		    key,data(ctx)->key_bits);
-	return 1;
-	}
-
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
-	{
-	int i;
-
-	EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
-	if 	(i == 128) return(RC2_128_MAGIC);
-	else if (i == 64)  return(RC2_64_MAGIC);
-	else if (i == 40)  return(RC2_40_MAGIC);
-	else return(0);
-	}
-
-static int rc2_magic_to_meth(int i)
-	{
-	if      (i == RC2_128_MAGIC) return 128;
-	else if (i == RC2_64_MAGIC)  return 64;
-	else if (i == RC2_40_MAGIC)  return 40;
-	else
-		{
-		EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
-		return(0);
-		}
-	}
-
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	long num=0;
-	int i=0,l;
-	int key_bits;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-
-	if (type != NULL)
-		{
-		l=EVP_CIPHER_CTX_iv_length(c);
-		OPENSSL_assert(l <= sizeof iv);
-		i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
-		if (i != l)
-			return(-1);
-		key_bits =rc2_magic_to_meth((int)num);
-		if (!key_bits)
-			return(-1);
-		if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
-		EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-		EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
-		}
-	return(i);
-	}
-
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	long num;
-	int i=0,j;
-
-	if (type != NULL)
-		{
-		num=rc2_meth_to_magic(c);
-		j=EVP_CIPHER_CTX_iv_length(c);
-		i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
-		}
-	return(i);
-	}
-
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-	{
-	switch(type)
-		{
-	case EVP_CTRL_INIT:
-		data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
-		return 1;
-
-	case EVP_CTRL_GET_RC2_KEY_BITS:
-		*(int *)ptr = data(c)->key_bits;
-		return 1;
-			
-	case EVP_CTRL_SET_RC2_KEY_BITS:
-		if(arg > 0)
-			{
-			data(c)->key_bits = arg;
-			return 1;
-			}
-		return 0;
-
-	default:
-		return -1;
-		}
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_rc4.c b/crypto/openssl/crypto/evp/e_rc4.c
deleted file mode 100644
index d58f507837bd..000000000000
--- a/crypto/openssl/crypto/evp/e_rc4.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/evp/e_rc4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RC4
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rc4.h>
-
-/* FIXME: surely this is available elsewhere? */
-#define EVP_RC4_KEY_SIZE		16
-
-typedef struct
-    {
-    RC4_KEY ks;	/* working key */
-    } EVP_RC4_KEY;
-
-#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv,int enc);
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl);
-static const EVP_CIPHER r4_cipher=
-	{
-	NID_rc4,
-	1,EVP_RC4_KEY_SIZE,0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	rc4_init_key,
-	rc4_cipher,
-	NULL,
-	sizeof(EVP_RC4_KEY),
-	NULL,
-	NULL,
-	NULL
-	};
-
-static const EVP_CIPHER r4_40_cipher=
-	{
-	NID_rc4_40,
-	1,5 /* 40 bit */,0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	rc4_init_key,
-	rc4_cipher,
-	NULL,
-	sizeof(EVP_RC4_KEY),
-	NULL, 
-	NULL,
-	NULL
-	};
-
-const EVP_CIPHER *EVP_rc4(void)
-	{
-	return(&r4_cipher);
-	}
-
-const EVP_CIPHER *EVP_rc4_40(void)
-	{
-	return(&r4_40_cipher);
-	}
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			const unsigned char *iv, int enc)
-	{
-	RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
-		    key);
-	return 1;
-	}
-
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl)
-	{
-	RC4(&data(ctx)->ks,inl,in,out);
-	return 1;
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/e_rc5.c b/crypto/openssl/crypto/evp/e_rc5.c
deleted file mode 100644
index 3c7713b18163..000000000000
--- a/crypto/openssl/crypto/evp/e_rc5.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/evp/e_rc5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RC5
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-#include <openssl/rc5.h>
-
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			       const unsigned char *iv,int enc);
-static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct
-	{
-	int rounds;	/* number of rounds */
-	RC5_32_KEY ks;	/* key schedule */
-	} EVP_RC5_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_RC5_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5,
-		       8, RC5_32_KEY_LENGTH, 8, 64,
-		       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-		       r_32_12_16_init_key, NULL,
-		       NULL, NULL, rc5_ctrl)
-
-static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-	{
-	switch(type)
-		{
-	case EVP_CTRL_INIT:
-		data(c)->rounds = RC5_12_ROUNDS;
-		return 1;
-
-	case EVP_CTRL_GET_RC5_ROUNDS:
-		*(int *)ptr = data(c)->rounds;
-		return 1;
-			
-	case EVP_CTRL_SET_RC5_ROUNDS:
-		switch(arg)
-			{
-		case RC5_8_ROUNDS:
-		case RC5_12_ROUNDS:
-		case RC5_16_ROUNDS:
-			data(c)->rounds = arg;
-			return 1;
-
-		default:
-			EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
-			return 0;
-			}
-
-	default:
-		return -1;
-		}
-	}
-
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			       const unsigned char *iv, int enc)
-	{
-	RC5_32_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
-		       key,data(ctx)->rounds);
-	return 1;
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/evp/e_xcbc_d.c b/crypto/openssl/crypto/evp/e_xcbc_d.c
deleted file mode 100644
index a6f849e93d01..000000000000
--- a/crypto/openssl/crypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/evp/e_xcbc_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/des.h>
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			     const unsigned char *iv,int enc);
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl);
-
-
-typedef struct
-    {
-    DES_key_schedule ks;/* key schedule */
-    DES_cblock inw;
-    DES_cblock outw;
-    } DESX_CBC_KEY;
-
-#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
-
-static const EVP_CIPHER d_xcbc_cipher=
-	{
-	NID_desx_cbc,
-	8,24,8,
-	EVP_CIPH_CBC_MODE,
-	desx_cbc_init_key,
-	desx_cbc_cipher,
-	NULL,
-	sizeof(DESX_CBC_KEY),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL
-	};
-
-const EVP_CIPHER *EVP_desx_cbc(void)
-	{
-	return(&d_xcbc_cipher);
-	}
-	
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-			     const unsigned char *iv, int enc)
-	{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(deskey,&data(ctx)->ks);
-	memcpy(&data(ctx)->inw[0],&key[8],8);
-	memcpy(&data(ctx)->outw[0],&key[16],8);
-
-	return 1;
-	}
-
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
-	{
-	DES_xcbc_encrypt(in,out,inl,&data(ctx)->ks,
-			 (DES_cblock *)&(ctx->iv[0]),
-			 &data(ctx)->inw,
-			 &data(ctx)->outw,
-			 ctx->encrypt);
-	return 1;
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/encode.c b/crypto/openssl/crypto/evp/encode.c
deleted file mode 100644
index 08209357ce0a..000000000000
--- a/crypto/openssl/crypto/evp/encode.c
+++ /dev/null
@@ -1,446 +0,0 @@
-/* crypto/evp/encode.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-#ifndef CHARSET_EBCDIC
-#define conv_bin2ascii(a)	(data_bin2ascii[(a)&0x3f])
-#define conv_ascii2bin(a)	(data_ascii2bin[(a)&0x7f])
-#else
-/* We assume that PEM encoded files are EBCDIC files
- * (i.e., printable text files). Convert them here while decoding.
- * When encoding, output is EBCDIC (text) format again.
- * (No need for conversion in the conv_bin2ascii macro, as the
- * underlying textstring data_bin2ascii[] is already EBCDIC)
- */
-#define conv_bin2ascii(a)	(data_bin2ascii[(a)&0x3f])
-#define conv_ascii2bin(a)	(data_ascii2bin[os_toascii[a]&0x7f])
-#endif
-
-/* 64 char lines
- * pad input with 0
- * left over chars are set to =
- * 1 byte  => xx==
- * 2 bytes => xxx=
- * 3 bytes => xxxx
- */
-#define BIN_PER_LINE    (64/4*3)
-#define CHUNKS_PER_LINE (64/4)
-#define CHAR_PER_LINE   (64+1)
-
-static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
-abcdefghijklmnopqrstuvwxyz0123456789+/";
-
-/* 0xF0 is a EOLN
- * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
- * 0xF2 is EOF
- * 0xE0 is ignore at start of line.
- * 0xFF is error
- */
-
-#define B64_EOLN		0xF0
-#define B64_CR			0xF1
-#define B64_EOF			0xF2
-#define B64_WS			0xE0
-#define B64_ERROR       	0xFF
-#define B64_NOT_BASE64(a)	(((a)|0x13) == 0xF3)
-
-static unsigned char data_ascii2bin[128]={
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
-	0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
-	0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
-	0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
-	0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
-	0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
-	0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
-	0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
-	0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
-	0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
-	};
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
-	{
-	ctx->length=48;
-	ctx->num=0;
-	ctx->line_num=0;
-	}
-
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-	     unsigned char *in, int inl)
-	{
-	int i,j;
-	unsigned int total=0;
-
-	*outl=0;
-	if (inl == 0) return;
-	OPENSSL_assert(ctx->length <= sizeof ctx->enc_data);
-	if ((ctx->num+inl) < ctx->length)
-		{
-		memcpy(&(ctx->enc_data[ctx->num]),in,inl);
-		ctx->num+=inl;
-		return;
-		}
-	if (ctx->num != 0)
-		{
-		i=ctx->length-ctx->num;
-		memcpy(&(ctx->enc_data[ctx->num]),in,i);
-		in+=i;
-		inl-=i;
-		j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
-		ctx->num=0;
-		out+=j;
-		*(out++)='\n';
-		*out='\0';
-		total=j+1;
-		}
-	while (inl >= ctx->length)
-		{
-		j=EVP_EncodeBlock(out,in,ctx->length);
-		in+=ctx->length;
-		inl-=ctx->length;
-		out+=j;
-		*(out++)='\n';
-		*out='\0';
-		total+=j+1;
-		}
-	if (inl != 0)
-		memcpy(&(ctx->enc_data[0]),in,inl);
-	ctx->num=inl;
-	*outl=total;
-	}
-
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-	{
-	unsigned int ret=0;
-
-	if (ctx->num != 0)
-		{
-		ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
-		out[ret++]='\n';
-		out[ret]='\0';
-		ctx->num=0;
-		}
-	*outl=ret;
-	}
-
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
-	{
-	int i,ret=0;
-	unsigned long l;
-
-	for (i=dlen; i > 0; i-=3)
-		{
-		if (i >= 3)
-			{
-			l=	(((unsigned long)f[0])<<16L)|
-				(((unsigned long)f[1])<< 8L)|f[2];
-			*(t++)=conv_bin2ascii(l>>18L);
-			*(t++)=conv_bin2ascii(l>>12L);
-			*(t++)=conv_bin2ascii(l>> 6L);
-			*(t++)=conv_bin2ascii(l     );
-			}
-		else
-			{
-			l=((unsigned long)f[0])<<16L;
-			if (i == 2) l|=((unsigned long)f[1]<<8L);
-
-			*(t++)=conv_bin2ascii(l>>18L);
-			*(t++)=conv_bin2ascii(l>>12L);
-			*(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
-			*(t++)='=';
-			}
-		ret+=4;
-		f+=3;
-		}
-
-	*t='\0';
-	return(ret);
-	}
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
-	{
-	ctx->length=30;
-	ctx->num=0;
-	ctx->line_num=0;
-	ctx->expect_nl=0;
-	}
-
-/* -1 for error
- *  0 for last line
- *  1 for full line
- */
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-	     unsigned char *in, int inl)
-	{
-	int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
-	unsigned char *d;
-
-	n=ctx->num;
-	d=ctx->enc_data;
-	ln=ctx->line_num;
-	exp_nl=ctx->expect_nl;
-
-	/* last line of input. */
-	if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
-		{ rv=0; goto end; }
-		
-	/* We parse the input data */
-	for (i=0; i<inl; i++)
-		{
-		/* If the current line is > 80 characters, scream alot */
-		if (ln >= 80) { rv= -1; goto end; }
-
-		/* Get char and put it into the buffer */
-		tmp= *(in++);
-		v=conv_ascii2bin(tmp);
-		/* only save the good data :-) */
-		if (!B64_NOT_BASE64(v))
-			{
-			OPENSSL_assert(n < sizeof ctx->enc_data);
-			d[n++]=tmp;
-			ln++;
-			}
-		else if (v == B64_ERROR)
-			{
-			rv= -1;
-			goto end;
-			}
-
-		/* have we seen a '=' which is 'definitly' the last
-		 * input line.  seof will point to the character that
-		 * holds it. and eof will hold how many characters to
-		 * chop off. */
-		if (tmp == '=')
-			{
-			if (seof == -1) seof=n;
-			eof++;
-			}
-
-		if (v == B64_CR)
-			{
-			ln = 0;
-			if (exp_nl)
-				continue;
-			}
-
-		/* eoln */
-		if (v == B64_EOLN)
-			{
-			ln=0;
-			if (exp_nl)
-				{
-				exp_nl=0;
-				continue;
-				}
-			}
-		exp_nl=0;
-
-		/* If we are at the end of input and it looks like a
-		 * line, process it. */
-		if (((i+1) == inl) && (((n&3) == 0) || eof))
-			{
-			v=B64_EOF;
-			/* In case things were given us in really small
-			   records (so two '=' were given in separate
-			   updates), eof may contain the incorrect number
-			   of ending bytes to skip, so let's redo the count */
-			eof = 0;
-			if (d[n-1] == '=') eof++;
-			if (d[n-2] == '=') eof++;
-			/* There will never be more than two '=' */
-			}
-
-		if ((v == B64_EOF) || (n >= 64))
-			{
-			/* This is needed to work correctly on 64 byte input
-			 * lines.  We process the line and then need to
-			 * accept the '\n' */
-			if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
-			tmp2=v;
-			if (n > 0)
-				{
-				v=EVP_DecodeBlock(out,d,n);
-				if (v < 0) { rv=0; goto end; }
-				n=0;
-				ret+=(v-eof);
-				}
-			else
-				{
-				eof=1;
-				v=0;
-				}
-
-			/* This is the case where we have had a short
-			 * but valid input line */
-			if ((v < ctx->length) && eof)
-				{
-				rv=0;
-				goto end;
-				}
-			else
-				ctx->length=v;
-
-			if (seof >= 0) { rv=0; goto end; }
-			out+=v;
-			}
-		}
-	rv=1;
-end:
-	*outl=ret;
-	ctx->num=n;
-	ctx->line_num=ln;
-	ctx->expect_nl=exp_nl;
-	return(rv);
-	}
-
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
-	{
-	int i,ret=0,a,b,c,d;
-	unsigned long l;
-
-	/* trim white space from the start of the line. */
-	while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
-		{
-		f++;
-		n--;
-		}
-
-	/* strip off stuff at the end of the line
-	 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
-	while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
-		n--;
-
-	if (n%4 != 0) return(-1);
-
-	for (i=0; i<n; i+=4)
-		{
-		a=conv_ascii2bin(*(f++));
-		b=conv_ascii2bin(*(f++));
-		c=conv_ascii2bin(*(f++));
-		d=conv_ascii2bin(*(f++));
-		if (	(a & 0x80) || (b & 0x80) ||
-			(c & 0x80) || (d & 0x80))
-			return(-1);
-		l=(	(((unsigned long)a)<<18L)|
-			(((unsigned long)b)<<12L)|
-			(((unsigned long)c)<< 6L)|
-			(((unsigned long)d)     ));
-		*(t++)=(unsigned char)(l>>16L)&0xff;
-		*(t++)=(unsigned char)(l>> 8L)&0xff;
-		*(t++)=(unsigned char)(l     )&0xff;
-		ret+=3;
-		}
-	return(ret);
-	}
-
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int i;
-
-	*outl=0;
-	if (ctx->num != 0)
-		{
-		i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
-		if (i < 0) return(-1);
-		ctx->num=0;
-		*outl=i;
-		return(1);
-		}
-	else
-		return(1);
-	}
-
-#ifdef undef
-int EVP_DecodeValid(unsigned char *buf, int len)
-	{
-	int i,num=0,bad=0;
-
-	if (len == 0) return(-1);
-	while (conv_ascii2bin(*buf) == B64_WS)
-		{
-		buf++;
-		len--;
-		if (len == 0) return(-1);
-		}
-
-	for (i=len; i >= 4; i-=4)
-		{
-		if (	(conv_ascii2bin(buf[0]) >= 0x40) ||
-			(conv_ascii2bin(buf[1]) >= 0x40) ||
-			(conv_ascii2bin(buf[2]) >= 0x40) ||
-			(conv_ascii2bin(buf[3]) >= 0x40))
-			return(-1);
-		buf+=4;
-		num+=1+(buf[2] != '=')+(buf[3] != '=');
-		}
-	if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
-		return(num);
-	if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
-		(conv_ascii2bin(buf[0]) == B64_EOLN))
-		return(num);
-	return(1);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h
deleted file mode 100644
index 45a25f968d9f..000000000000
--- a/crypto/openssl/crypto/evp/evp.h
+++ /dev/null
@@ -1,900 +0,0 @@
-/* crypto/evp/evp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ENVELOPE_H
-#define HEADER_ENVELOPE_H
-
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-#else
-# define OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-# undef OPENSSL_ALGORITHM_DEFINES
-#endif
-
-#include <openssl/ossl_typ.h>
-
-#include <openssl/symhacks.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_MD2
-#include <openssl/md2.h>
-#endif
-#ifndef OPENSSL_NO_MD4
-#include <openssl/md4.h>
-#endif
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
-#ifndef OPENSSL_NO_SHA
-#include <openssl/sha.h>
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-#include <openssl/ripemd.h>
-#endif
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef OPENSSL_NO_RC2
-#include <openssl/rc2.h>
-#endif
-#ifndef OPENSSL_NO_RC5
-#include <openssl/rc5.h>
-#endif
-#ifndef OPENSSL_NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef OPENSSL_NO_CAST
-#include <openssl/cast.h>
-#endif
-#ifndef OPENSSL_NO_IDEA
-#include <openssl/idea.h>
-#endif
-#ifndef OPENSSL_NO_MDC2
-#include <openssl/mdc2.h>
-#endif
-#ifndef OPENSSL_NO_AES
-#include <openssl/aes.h>
-#endif
-
-/*
-#define EVP_RC2_KEY_SIZE		16
-#define EVP_RC4_KEY_SIZE		16
-#define EVP_BLOWFISH_KEY_SIZE		16
-#define EVP_CAST5_KEY_SIZE		16
-#define EVP_RC5_32_12_16_KEY_SIZE	16
-*/
-#define EVP_MAX_MD_SIZE			(16+20) /* The SSLv3 md5+sha1 type */
-#define EVP_MAX_KEY_LENGTH		32
-#define EVP_MAX_IV_LENGTH		16
-#define EVP_MAX_BLOCK_LENGTH		32
-
-#define PKCS5_SALT_LEN			8
-/* Default PKCS#5 iteration count */
-#define PKCS5_DEFAULT_ITER		2048
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-
-#include <openssl/objects.h>
-
-#define EVP_PK_RSA	0x0001
-#define EVP_PK_DSA	0x0002
-#define EVP_PK_DH	0x0004
-#define EVP_PKT_SIGN	0x0010
-#define EVP_PKT_ENC	0x0020
-#define EVP_PKT_EXCH	0x0040
-#define EVP_PKS_RSA	0x0100
-#define EVP_PKS_DSA	0x0200
-#define EVP_PKT_EXP	0x1000 /* <= 512 bit key */
-
-#define EVP_PKEY_NONE	NID_undef
-#define EVP_PKEY_RSA	NID_rsaEncryption
-#define EVP_PKEY_RSA2	NID_rsa
-#define EVP_PKEY_DSA	NID_dsa
-#define EVP_PKEY_DSA1	NID_dsa_2
-#define EVP_PKEY_DSA2	NID_dsaWithSHA
-#define EVP_PKEY_DSA3	NID_dsaWithSHA1
-#define EVP_PKEY_DSA4	NID_dsaWithSHA1_2
-#define EVP_PKEY_DH	NID_dhKeyAgreement
-
-#ifdef	__cplusplus
-extern "C" {
-#endif
-
-/* Type needs to be a bit field
- * Sub-type needs to be for variations on the method, as in, can it do
- * arbitrary encryption.... */
-struct evp_pkey_st
-	{
-	int type;
-	int save_type;
-	int references;
-	union	{
-		char *ptr;
-#ifndef OPENSSL_NO_RSA
-		struct rsa_st *rsa;	/* RSA */
-#endif
-#ifndef OPENSSL_NO_DSA
-		struct dsa_st *dsa;	/* DSA */
-#endif
-#ifndef OPENSSL_NO_DH
-		struct dh_st *dh;	/* DH */
-#endif
-		} pkey;
-	int save_parameters;
-	STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-	} /* EVP_PKEY */;
-
-#define EVP_PKEY_MO_SIGN	0x0001
-#define EVP_PKEY_MO_VERIFY	0x0002
-#define EVP_PKEY_MO_ENCRYPT	0x0004
-#define EVP_PKEY_MO_DECRYPT	0x0008
-
-#if 0
-/* This structure is required to tie the message digest and signing together.
- * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
- * oid, md and pkey.
- * This is required because for various smart-card perform the digest and
- * signing/verification on-board.  To handle this case, the specific
- * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
- * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
- * This can either be software or a token to provide the required low level
- * routines.
- */
-typedef struct evp_pkey_md_st
-	{
-	int oid;
-	EVP_MD *md;
-	EVP_PKEY_METHOD *pkey;
-	} EVP_PKEY_MD;
-
-#define EVP_rsa_md2() \
-		EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_md2())
-#define EVP_rsa_md5() \
-		EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_md5())
-#define EVP_rsa_sha0() \
-		EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_sha())
-#define EVP_rsa_sha1() \
-		EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_sha1())
-#define EVP_rsa_ripemd160() \
-		EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
-			EVP_rsa_pkcs1(),EVP_ripemd160())
-#define EVP_rsa_mdc2() \
-		EVP_PKEY_MD_add(NID_mdc2WithRSA,\
-			EVP_rsa_octet_string(),EVP_mdc2())
-#define EVP_dsa_sha() \
-		EVP_PKEY_MD_add(NID_dsaWithSHA,\
-			EVP_dsa(),EVP_sha())
-#define EVP_dsa_sha1() \
-		EVP_PKEY_MD_add(NID_dsaWithSHA1,\
-			EVP_dsa(),EVP_sha1())
-
-typedef struct evp_pkey_method_st
-	{
-	char *name;
-	int flags;
-	int type;		/* RSA, DSA, an SSLeay specific constant */
-	int oid;		/* For the pub-key type */
-	int encrypt_oid;	/* pub/priv key encryption */
-
-	int (*sign)();
-	int (*verify)();
-	struct	{
-		int (*set)();	/* get and/or set the underlying type */
-		int (*get)();
-		int (*encrypt)();
-		int (*decrypt)();
-		int (*i2d)();
-		int (*d2i)();
-		int (*dup)();
-		} pub,priv;
-	int (*set_asn1_parameters)();
-	int (*get_asn1_parameters)();
-	} EVP_PKEY_METHOD;
-#endif
-
-#ifndef EVP_MD
-struct env_md_st
-	{
-	int type;
-	int pkey_type;
-	int md_size;
-	unsigned long flags;
-	int (*init)(EVP_MD_CTX *ctx);
-	int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count);
-	int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
-	int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
-	int (*cleanup)(EVP_MD_CTX *ctx);
-
-	/* FIXME: prototype these some day */
-	int (*sign)();
-	int (*verify)();
-	int required_pkey_type[5]; /*EVP_PKEY_xxx */
-	int block_size;
-	int ctx_size; /* how big does the ctx->md_data need to be */
-	} /* EVP_MD */;
-
-#define EVP_MD_FLAG_ONESHOT	0x0001 /* digest can only handle a single
-					* block */
-
-#define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
-
-#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_DSA_method	DSA_sign,DSA_verify, \
-				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
-					EVP_PKEY_DSA4,0}
-#else
-#define EVP_PKEY_DSA_method	EVP_PKEY_NULL_method
-#endif
-
-#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_RSA_method	RSA_sign,RSA_verify, \
-				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
-				RSA_sign_ASN1_OCTET_STRING, \
-				RSA_verify_ASN1_OCTET_STRING, \
-				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#else
-#define EVP_PKEY_RSA_method	EVP_PKEY_NULL_method
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#endif
-
-#endif /* !EVP_MD */
-
-struct env_md_ctx_st
-	{
-	const EVP_MD *digest;
-	ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
-	unsigned long flags;
-	void *md_data;
-	} /* EVP_MD_CTX */;
-
-/* values for EVP_MD_CTX flags */
-
-#define EVP_MD_CTX_FLAG_ONESHOT		0x0001 /* digest update will be called
-						* once only */
-#define EVP_MD_CTX_FLAG_CLEANED		0x0002 /* context has already been
-						* cleaned */
-
-struct evp_cipher_st
-	{
-	int nid;
-	int block_size;
-	int key_len;		/* Default value for variable length ciphers */
-	int iv_len;
-	unsigned long flags;	/* Various flags */
-	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		    const unsigned char *iv, int enc);	/* init key */
-	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
-	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
-	int ctx_size;		/* how big ctx->cipher_data needs to be */
-	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
-	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
-	int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
-	void *app_data;		/* Application data */
-	} /* EVP_CIPHER */;
-
-/* Values for cipher flags */
-
-/* Modes for ciphers */
-
-#define		EVP_CIPH_STREAM_CIPHER		0x0
-#define		EVP_CIPH_ECB_MODE		0x1
-#define		EVP_CIPH_CBC_MODE		0x2
-#define		EVP_CIPH_CFB_MODE		0x3
-#define		EVP_CIPH_OFB_MODE		0x4
-#define 	EVP_CIPH_MODE			0x7
-/* Set if variable length cipher */
-#define 	EVP_CIPH_VARIABLE_LENGTH	0x8
-/* Set if the iv handling should be done by the cipher itself */
-#define 	EVP_CIPH_CUSTOM_IV		0x10
-/* Set if the cipher's init() function should be called if key is NULL */
-#define 	EVP_CIPH_ALWAYS_CALL_INIT	0x20
-/* Call ctrl() to init cipher parameters */
-#define 	EVP_CIPH_CTRL_INIT		0x40
-/* Don't use standard key length function */
-#define 	EVP_CIPH_CUSTOM_KEY_LENGTH	0x80
-/* Don't use standard block padding */
-#define 	EVP_CIPH_NO_PADDING		0x100
-
-/* ctrl() values */
-
-#define		EVP_CTRL_INIT			0x0
-#define 	EVP_CTRL_SET_KEY_LENGTH		0x1
-#define 	EVP_CTRL_GET_RC2_KEY_BITS	0x2
-#define 	EVP_CTRL_SET_RC2_KEY_BITS	0x3
-#define 	EVP_CTRL_GET_RC5_ROUNDS		0x4
-#define 	EVP_CTRL_SET_RC5_ROUNDS		0x5
-
-typedef struct evp_cipher_info_st
-	{
-	const EVP_CIPHER *cipher;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-	} EVP_CIPHER_INFO;
-
-struct evp_cipher_ctx_st
-	{
-	const EVP_CIPHER *cipher;
-	ENGINE *engine;	/* functional reference if 'cipher' is ENGINE-provided */
-	int encrypt;		/* encrypt or decrypt */
-	int buf_len;		/* number we have left */
-
-	unsigned char  oiv[EVP_MAX_IV_LENGTH];	/* original iv */
-	unsigned char  iv[EVP_MAX_IV_LENGTH];	/* working iv */
-	unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
-	int num;				/* used by cfb/ofb mode */
-
-	void *app_data;		/* application stuff */
-	int key_len;		/* May change for variable length cipher */
-	unsigned long flags;	/* Various flags */
-	void *cipher_data; /* per EVP data */
-	int final_used;
-	int block_mask;
-	unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
-	} /* EVP_CIPHER_CTX */;
-
-typedef struct evp_Encode_Ctx_st
-	{
-	int num;	/* number saved in a partial encode/decode */
-	int length;	/* The length is either the output line length
-			 * (in input bytes) or the shortest input line
-			 * length that is ok.  Once decoding begins,
-			 * the length is adjusted up each time a longer
-			 * line is decoded */
-	unsigned char enc_data[80];	/* data to encode */
-	int line_num;	/* number read on current line */
-	int expect_nl;
-	} EVP_ENCODE_CTX;
-
-/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-		ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                const EVP_MD *md, int en_de);
-
-#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
-					(char *)(rsa))
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
-					(char *)(dsa))
-#endif
-
-#ifndef OPENSSL_NO_DH
-#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
-					(char *)(dh))
-#endif
-
-/* Add some extra combinations */
-#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
-#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
-#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
-#define EVP_MD_type(e)			((e)->type)
-#define EVP_MD_nid(e)			EVP_MD_type(e)
-#define EVP_MD_name(e)			OBJ_nid2sn(EVP_MD_nid(e))
-#define EVP_MD_pkey_type(e)		((e)->pkey_type)
-#define EVP_MD_size(e)			((e)->md_size)
-#define EVP_MD_block_size(e)		((e)->block_size)
-
-#define EVP_MD_CTX_md(e)		((e)->digest)
-#define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
-#define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
-#define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
-
-#define EVP_CIPHER_nid(e)		((e)->nid)
-#define EVP_CIPHER_name(e)		OBJ_nid2sn(EVP_CIPHER_nid(e))
-#define EVP_CIPHER_block_size(e)	((e)->block_size)
-#define EVP_CIPHER_key_length(e)	((e)->key_len)
-#define EVP_CIPHER_iv_length(e)		((e)->iv_len)
-#define EVP_CIPHER_flags(e)		((e)->flags)
-#define EVP_CIPHER_mode(e)		(((e)->flags) & EVP_CIPH_MODE)
-
-#define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
-#define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
-#define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
-#define EVP_CIPHER_CTX_key_length(e)	((e)->key_len)
-#define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
-#define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
-#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
-#define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-#define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
-#define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
-
-#define EVP_ENCODE_LENGTH(l)	(((l+2)/3*4)+(l/48+1)*2+80)
-#define EVP_DECODE_LENGTH(l)	((l+3)/4*3+80)
-
-#define EVP_SignInit_ex(a,b,c)		EVP_DigestInit_ex(a,b,c)
-#define EVP_SignInit(a,b)		EVP_DigestInit(a,b)
-#define EVP_SignUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-#define	EVP_VerifyInit_ex(a,b,c)	EVP_DigestInit_ex(a,b,c)
-#define	EVP_VerifyInit(a,b)		EVP_DigestInit(a,b)
-#define	EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-#define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
-#define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)	
-
-#ifdef CONST_STRICT
-void BIO_set_md(BIO *,const EVP_MD *md);
-#else
-# define BIO_set_md(b,md)		BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
-#endif
-#define BIO_get_md(b,mdp)		BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
-#define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
-#define BIO_get_cipher_status(b)	BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
-#define BIO_get_cipher_ctx(b,c_pp)	BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
-
-#define	EVP_Cipher(c,o,i,l)	(c)->cipher->do_cipher((c),(o),(i),(l))
-
-#define EVP_add_cipher_alias(n,alias) \
-	OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_add_digest_alias(n,alias) \
-	OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_delete_cipher_alias(alias) \
-	OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
-#define EVP_delete_digest_alias(alias) \
-	OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
-void	EVP_MD_CTX_init(EVP_MD_CTX *ctx);
-int	EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
-EVP_MD_CTX *EVP_MD_CTX_create(void);
-void	EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
-#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
-int	EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
-int	EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
-			 unsigned int cnt);
-int	EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-int	EVP_Digest(void *data, unsigned int count,
-		unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
-
-int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-int	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-
-int	EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
-void	EVP_set_pw_prompt(char *prompt);
-char *	EVP_get_pw_prompt(void);
-
-int	EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
-		const unsigned char *salt, const unsigned char *data,
-		int datal, int count, unsigned char *key,unsigned char *iv);
-
-int	EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
-		const unsigned char *key, const unsigned char *iv);
-int	EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
-		const unsigned char *key, const unsigned char *iv);
-int	EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		int *outl, const unsigned char *in, int inl);
-int	EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-int	EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int	EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
-		const unsigned char *key, const unsigned char *iv);
-int	EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
-		const unsigned char *key, const unsigned char *iv);
-int	EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		int *outl, const unsigned char *in, int inl);
-int	EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int	EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int	EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
-		       const unsigned char *key,const unsigned char *iv,
-		       int enc);
-int	EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
-		       const unsigned char *key,const unsigned char *iv,
-		       int enc);
-int	EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		int *outl, const unsigned char *in, int inl);
-int	EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int	EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int	EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
-		EVP_PKEY *pkey);
-
-int	EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
-		unsigned int siglen,EVP_PKEY *pkey);
-
-int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek,
-		int ekl,unsigned char *iv,EVP_PKEY *priv);
-int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int	EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
-		int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
-int	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
-
-void	EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void	EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
-		int *outl,unsigned char *in,int inl);
-void	EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
-int	EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void	EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int	EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
-		unsigned char *in, int inl);
-int	EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
-		char *out, int *outl);
-int	EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-
-#ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_md(void);
-BIO_METHOD *BIO_f_base64(void);
-BIO_METHOD *BIO_f_cipher(void);
-BIO_METHOD *BIO_f_reliable(void);
-void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
-	unsigned char *i, int enc);
-#endif
-
-const EVP_MD *EVP_md_null(void);
-#ifndef OPENSSL_NO_MD2
-const EVP_MD *EVP_md2(void);
-#endif
-#ifndef OPENSSL_NO_MD4
-const EVP_MD *EVP_md4(void);
-#endif
-#ifndef OPENSSL_NO_MD5
-const EVP_MD *EVP_md5(void);
-#endif
-#ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha(void);
-const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss(void);
-const EVP_MD *EVP_dss1(void);
-#endif
-#ifndef OPENSSL_NO_MDC2
-const EVP_MD *EVP_mdc2(void);
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-const EVP_MD *EVP_ripemd160(void);
-#endif
-const EVP_CIPHER *EVP_enc_null(void);		/* does nothing :-) */
-#ifndef OPENSSL_NO_DES
-const EVP_CIPHER *EVP_des_ecb(void);
-const EVP_CIPHER *EVP_des_ede(void);
-const EVP_CIPHER *EVP_des_ede3(void);
-const EVP_CIPHER *EVP_des_ede_ecb(void);
-const EVP_CIPHER *EVP_des_ede3_ecb(void);
-const EVP_CIPHER *EVP_des_cfb(void);
-const EVP_CIPHER *EVP_des_ede_cfb(void);
-const EVP_CIPHER *EVP_des_ede3_cfb(void);
-const EVP_CIPHER *EVP_des_ofb(void);
-const EVP_CIPHER *EVP_des_ede_ofb(void);
-const EVP_CIPHER *EVP_des_ede3_ofb(void);
-const EVP_CIPHER *EVP_des_cbc(void);
-const EVP_CIPHER *EVP_des_ede_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_desx_cbc(void);
-/* This should now be supported through the dev_crypto ENGINE. But also, why are
- * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
-#if 0
-# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
-const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_dev_crypto_rc4(void);
-const EVP_MD *EVP_dev_crypto_md5(void);
-# endif
-#endif
-#endif
-#ifndef OPENSSL_NO_RC4
-const EVP_CIPHER *EVP_rc4(void);
-const EVP_CIPHER *EVP_rc4_40(void);
-#endif
-#ifndef OPENSSL_NO_IDEA
-const EVP_CIPHER *EVP_idea_ecb(void);
-const EVP_CIPHER *EVP_idea_cfb(void);
-const EVP_CIPHER *EVP_idea_ofb(void);
-const EVP_CIPHER *EVP_idea_cbc(void);
-#endif
-#ifndef OPENSSL_NO_RC2
-const EVP_CIPHER *EVP_rc2_ecb(void);
-const EVP_CIPHER *EVP_rc2_cbc(void);
-const EVP_CIPHER *EVP_rc2_40_cbc(void);
-const EVP_CIPHER *EVP_rc2_64_cbc(void);
-const EVP_CIPHER *EVP_rc2_cfb(void);
-const EVP_CIPHER *EVP_rc2_ofb(void);
-#endif
-#ifndef OPENSSL_NO_BF
-const EVP_CIPHER *EVP_bf_ecb(void);
-const EVP_CIPHER *EVP_bf_cbc(void);
-const EVP_CIPHER *EVP_bf_cfb(void);
-const EVP_CIPHER *EVP_bf_ofb(void);
-#endif
-#ifndef OPENSSL_NO_CAST
-const EVP_CIPHER *EVP_cast5_ecb(void);
-const EVP_CIPHER *EVP_cast5_cbc(void);
-const EVP_CIPHER *EVP_cast5_cfb(void);
-const EVP_CIPHER *EVP_cast5_ofb(void);
-#endif
-#ifndef OPENSSL_NO_RC5
-const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
-#endif
-#ifndef OPENSSL_NO_AES
-const EVP_CIPHER *EVP_aes_128_ecb(void);
-const EVP_CIPHER *EVP_aes_128_cbc(void);
-const EVP_CIPHER *EVP_aes_128_cfb(void);
-const EVP_CIPHER *EVP_aes_128_ofb(void);
-#if 0
-const EVP_CIPHER *EVP_aes_128_ctr(void);
-#endif
-const EVP_CIPHER *EVP_aes_192_ecb(void);
-const EVP_CIPHER *EVP_aes_192_cbc(void);
-const EVP_CIPHER *EVP_aes_192_cfb(void);
-const EVP_CIPHER *EVP_aes_192_ofb(void);
-#if 0
-const EVP_CIPHER *EVP_aes_192_ctr(void);
-#endif
-const EVP_CIPHER *EVP_aes_256_ecb(void);
-const EVP_CIPHER *EVP_aes_256_cbc(void);
-const EVP_CIPHER *EVP_aes_256_cfb(void);
-const EVP_CIPHER *EVP_aes_256_ofb(void);
-#if 0
-const EVP_CIPHER *EVP_aes_256_ctr(void);
-#endif
-#endif
-
-void OPENSSL_add_all_algorithms_noconf(void);
-void OPENSSL_add_all_algorithms_conf(void);
-
-#ifdef OPENSSL_LOAD_CONF
-#define OpenSSL_add_all_algorithms() \
-		OPENSSL_add_all_algorithms_conf()
-#else
-#define OpenSSL_add_all_algorithms() \
-		OPENSSL_add_all_algorithms_noconf()
-#endif
-
-void OpenSSL_add_all_ciphers(void);
-void OpenSSL_add_all_digests(void);
-#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
-#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
-#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
-
-int EVP_add_cipher(const EVP_CIPHER *cipher);
-int EVP_add_digest(const EVP_MD *digest);
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
-const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
-
-int		EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
-			int enc_key_len,EVP_PKEY *private_key);
-int		EVP_PKEY_encrypt(unsigned char *enc_key,
-			unsigned char *key,int key_len,EVP_PKEY *pub_key);
-int		EVP_PKEY_type(int type);
-int		EVP_PKEY_bits(EVP_PKEY *pkey);
-int		EVP_PKEY_size(EVP_PKEY *pkey);
-int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
-
-#ifndef OPENSSL_NO_RSA
-struct rsa_st;
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,struct rsa_st *key);
-struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_DSA
-struct dsa_st;
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,struct dsa_st *key);
-struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_DH
-struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
-struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-#endif
-
-
-EVP_PKEY *	EVP_PKEY_new(void);
-void		EVP_PKEY_free(EVP_PKEY *pkey);
-EVP_PKEY *	d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
-			long length);
-int		i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
-
-EVP_PKEY *	d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
-			long length);
-EVP_PKEY *	d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
-			long length);
-int		i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
-
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
-/* calls methods */
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* These are used by EVP_CIPHER methods */
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
-
-/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-			 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
-			 int en_de);
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-			   unsigned char *salt, int saltlen, int iter,
-			   int keylen, unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-			 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
-			 int en_de);
-
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-	     ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-		    EVP_PBE_KEYGEN *keygen);
-void EVP_PBE_cleanup(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EVP_strings(void);
-
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-#define EVP_F_D2I_PKEY					 100
-#define EVP_F_EVP_CIPHERINIT				 123
-#define EVP_F_EVP_CIPHER_CTX_CTRL			 124
-#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH		 122
-#define EVP_F_EVP_DECRYPTFINAL				 101
-#define EVP_F_EVP_DIGESTINIT				 128
-#define EVP_F_EVP_ENCRYPTFINAL				 127
-#define EVP_F_EVP_MD_CTX_COPY				 110
-#define EVP_F_EVP_OPENINIT				 102
-#define EVP_F_EVP_PBE_ALG_ADD				 115
-#define EVP_F_EVP_PBE_CIPHERINIT			 116
-#define EVP_F_EVP_PKCS82PKEY				 111
-#define EVP_F_EVP_PKCS8_SET_BROKEN			 112
-#define EVP_F_EVP_PKEY2PKCS8				 113
-#define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
-#define EVP_F_EVP_PKEY_DECRYPT				 104
-#define EVP_F_EVP_PKEY_ENCRYPT				 105
-#define EVP_F_EVP_PKEY_GET1_DH				 119
-#define EVP_F_EVP_PKEY_GET1_DSA				 120
-#define EVP_F_EVP_PKEY_GET1_RSA				 121
-#define EVP_F_EVP_PKEY_NEW				 106
-#define EVP_F_EVP_RIJNDAEL				 126
-#define EVP_F_EVP_SIGNFINAL				 107
-#define EVP_F_EVP_VERIFYFINAL				 108
-#define EVP_F_PKCS5_PBE_KEYIVGEN			 117
-#define EVP_F_PKCS5_V2_PBE_KEYIVGEN			 118
-#define EVP_F_RC2_MAGIC_TO_METH				 109
-#define EVP_F_RC5_CTRL					 125
-
-/* Reason codes. */
-#define EVP_R_BAD_BLOCK_LENGTH				 136
-#define EVP_R_BAD_DECRYPT				 100
-#define EVP_R_BAD_KEY_LENGTH				 137
-#define EVP_R_BN_DECODE_ERROR				 112
-#define EVP_R_BN_PUBKEY_ERROR				 113
-#define EVP_R_CIPHER_PARAMETER_ERROR			 122
-#define EVP_R_CTRL_NOT_IMPLEMENTED			 132
-#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED		 133
-#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH		 138
-#define EVP_R_DECODE_ERROR				 114
-#define EVP_R_DIFFERENT_KEY_TYPES			 101
-#define EVP_R_ENCODE_ERROR				 115
-#define EVP_R_EVP_PBE_CIPHERINIT_ERROR			 119
-#define EVP_R_EXPECTING_AN_RSA_KEY			 127
-#define EVP_R_EXPECTING_A_DH_KEY			 128
-#define EVP_R_EXPECTING_A_DSA_KEY			 129
-#define EVP_R_INITIALIZATION_ERROR			 134
-#define EVP_R_INPUT_NOT_INITIALIZED			 111
-#define EVP_R_INVALID_KEY_LENGTH			 130
-#define EVP_R_IV_TOO_LARGE				 102
-#define EVP_R_KEYGEN_FAILURE				 120
-#define EVP_R_MISSING_PARAMETERS			 103
-#define EVP_R_NO_CIPHER_SET				 131
-#define EVP_R_NO_DIGEST_SET				 139
-#define EVP_R_NO_DSA_PARAMETERS				 116
-#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED		 104
-#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED		 105
-#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE			 117
-#define EVP_R_PUBLIC_KEY_NOT_RSA			 106
-#define EVP_R_UNKNOWN_PBE_ALGORITHM			 121
-#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS		 135
-#define EVP_R_UNSUPPORTED_CIPHER			 107
-#define EVP_R_UNSUPPORTED_KEYLENGTH			 123
-#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION	 124
-#define EVP_R_UNSUPPORTED_KEY_SIZE			 108
-#define EVP_R_UNSUPPORTED_PRF				 125
-#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM		 118
-#define EVP_R_UNSUPPORTED_SALT_TYPE			 126
-#define EVP_R_WRONG_FINAL_BLOCK_LENGTH			 109
-#define EVP_R_WRONG_PUBLIC_KEY_TYPE			 110
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/evp/evp_acnf.c b/crypto/openssl/crypto/evp/evp_acnf.c
deleted file mode 100644
index 54c073ca444c..000000000000
--- a/crypto/openssl/crypto/evp/evp_acnf.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* evp_acnf.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/conf.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-
-/* Load all algorithms and configure OpenSSL.
- * This function is called automatically when
- * OPENSSL_LOAD_CONF is set.
- */
-
-void OPENSSL_add_all_algorithms_conf(void)
-	{
-	OPENSSL_add_all_algorithms_noconf();
-	OPENSSL_config(NULL);
-	}
diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c
deleted file mode 100644
index be0758a87965..000000000000
--- a/crypto/openssl/crypto/evp/evp_enc.c
+++ /dev/null
@@ -1,521 +0,0 @@
-/* crypto/evp/evp_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include "evp_locl.h"
-
-const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
-	{
-	memset(ctx,0,sizeof(EVP_CIPHER_CTX));
-	/* ctx->cipher=NULL; */
-	}
-
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-	     const unsigned char *key, const unsigned char *iv, int enc)
-	{
-	if (cipher)
-		EVP_CIPHER_CTX_init(ctx);
-	return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
-	}
-
-int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
-	     const unsigned char *key, const unsigned char *iv, int enc)
-	{
-	if (enc == -1)
-		enc = ctx->encrypt;
-	else
-		{
-		if (enc)
-			enc = 1;
-		ctx->encrypt = enc;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unecessary. */
-	if (ctx->engine && ctx->cipher && (!cipher ||
-			(cipher && (cipher->nid == ctx->cipher->nid))))
-		goto skip_to_init;
-#endif
-	if (cipher)
-		{
-		/* Ensure a context left lying around from last time is cleared
-		 * (the previous check attempted to avoid this if the same
-		 * ENGINE and EVP_CIPHER could be used). */
-		EVP_CIPHER_CTX_cleanup(ctx);
-
-		/* Restore encrypt field: it is zeroed by cleanup */
-		ctx->encrypt = enc;
-#ifndef OPENSSL_NO_ENGINE
-		if(impl)
-			{
-			if (!ENGINE_init(impl))
-				{
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
-				return 0;
-				}
-			}
-		else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_cipher_engine(cipher->nid);
-		if(impl)
-			{
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
-			if(!c)
-				{
-				/* One positive side-effect of US's export
-				 * control history, is that we should at least
-				 * be able to avoid using US mispellings of
-				 * "initialisation"? */
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
-				return 0;
-				}
-			/* We'll use the ENGINE's private cipher definition */
-			cipher = c;
-			/* Store the ENGINE functional reference so we know
-			 * 'cipher' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-			}
-		else
-			ctx->engine = NULL;
-#endif
-
-		ctx->cipher=cipher;
-		ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
-		ctx->key_len = cipher->key_len;
-		ctx->flags = 0;
-		if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
-			{
-			if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
-				{
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
-				return 0;
-				}
-			}
-		}
-	else if(!ctx->cipher)
-		{
-		EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
-		return 0;
-		}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
-	/* we assume block size is a power of 2 in *cryptUpdate */
-	OPENSSL_assert(ctx->cipher->block_size == 1
-	    || ctx->cipher->block_size == 8
-	    || ctx->cipher->block_size == 16);
-
-	if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
-		switch(EVP_CIPHER_CTX_mode(ctx)) {
-
-			case EVP_CIPH_STREAM_CIPHER:
-			case EVP_CIPH_ECB_MODE:
-			break;
-
-			case EVP_CIPH_CFB_MODE:
-			case EVP_CIPH_OFB_MODE:
-
-			ctx->num = 0;
-
-			case EVP_CIPH_CBC_MODE:
-
-			OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv);
-			if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-			memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
-			break;
-
-			default:
-			return 0;
-			break;
-		}
-	}
-
-	if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
-		if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
-	}
-	ctx->buf_len=0;
-	ctx->final_used=0;
-	ctx->block_mask=ctx->cipher->block_size-1;
-	return 1;
-	}
-
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-	     const unsigned char *in, int inl)
-	{
-	if (ctx->encrypt)
-		return EVP_EncryptUpdate(ctx,out,outl,in,inl);
-	else	return EVP_DecryptUpdate(ctx,out,outl,in,inl);
-	}
-
-int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	if (ctx->encrypt)
-		return EVP_EncryptFinal_ex(ctx,out,outl);
-	else	return EVP_DecryptFinal_ex(ctx,out,outl);
-	}
-
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	if (ctx->encrypt)
-		return EVP_EncryptFinal(ctx,out,outl);
-	else	return EVP_DecryptFinal(ctx,out,outl);
-	}
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-	     const unsigned char *key, const unsigned char *iv)
-	{
-	return EVP_CipherInit(ctx, cipher, key, iv, 1);
-	}
-
-int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
-		const unsigned char *key, const unsigned char *iv)
-	{
-	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
-	}
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-	     const unsigned char *key, const unsigned char *iv)
-	{
-	return EVP_CipherInit(ctx, cipher, key, iv, 0);
-	}
-
-int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
-	     const unsigned char *key, const unsigned char *iv)
-	{
-	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
-	}
-
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-	     const unsigned char *in, int inl)
-	{
-	int i,j,bl;
-
-	OPENSSL_assert(inl > 0);
-	if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
-		{
-		if(ctx->cipher->do_cipher(ctx,out,in,inl))
-			{
-			*outl=inl;
-			return 1;
-			}
-		else
-			{
-			*outl=0;
-			return 0;
-			}
-		}
-	i=ctx->buf_len;
-	bl=ctx->cipher->block_size;
-	OPENSSL_assert(bl <= sizeof ctx->buf);
-	if (i != 0)
-		{
-		if (i+inl < bl)
-			{
-			memcpy(&(ctx->buf[i]),in,inl);
-			ctx->buf_len+=inl;
-			*outl=0;
-			return 1;
-			}
-		else
-			{
-			j=bl-i;
-			memcpy(&(ctx->buf[i]),in,j);
-			if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
-			inl-=j;
-			in+=j;
-			out+=bl;
-			*outl=bl;
-			}
-		}
-	else
-		*outl = 0;
-	i=inl&(bl-1);
-	inl-=i;
-	if (inl > 0)
-		{
-		if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
-		*outl+=inl;
-		}
-
-	if (i != 0)
-		memcpy(ctx->buf,&(in[inl]),i);
-	ctx->buf_len=i;
-	return 1;
-	}
-
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int ret;
-	ret = EVP_EncryptFinal_ex(ctx, out, outl);
-	return ret;
-	}
-
-int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int i,n,b,bl,ret;
-
-	b=ctx->cipher->block_size;
-	OPENSSL_assert(b <= sizeof ctx->buf);
-	if (b == 1)
-		{
-		*outl=0;
-		return 1;
-		}
-	bl=ctx->buf_len;
-	if (ctx->flags & EVP_CIPH_NO_PADDING)
-		{
-		if(bl)
-			{
-			EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-			return 0;
-			}
-		*outl = 0;
-		return 1;
-		}
-
-	n=b-bl;
-	for (i=bl; i<b; i++)
-		ctx->buf[i]=n;
-	ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
-
-
-	if(ret)
-		*outl=b;
-
-	return ret;
-	}
-
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-	     const unsigned char *in, int inl)
-	{
-	int b, fix_len;
-
-	if (inl == 0)
-		{
-		*outl=0;
-		return 1;
-		}
-
-	if (ctx->flags & EVP_CIPH_NO_PADDING)
-		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-
-	b=ctx->cipher->block_size;
-	OPENSSL_assert(b <= sizeof ctx->final);
-
-	if(ctx->final_used)
-		{
-		memcpy(out,ctx->final,b);
-		out+=b;
-		fix_len = 1;
-		}
-	else
-		fix_len = 0;
-
-
-	if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
-		return 0;
-
-	/* if we have 'decrypted' a multiple of block size, make sure
-	 * we have a copy of this last block */
-	if (b > 1 && !ctx->buf_len)
-		{
-		*outl-=b;
-		ctx->final_used=1;
-		memcpy(ctx->final,&out[*outl],b);
-		}
-	else
-		ctx->final_used = 0;
-
-	if (fix_len)
-		*outl += b;
-		
-	return 1;
-	}
-
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int ret;
-	ret = EVP_DecryptFinal_ex(ctx, out, outl);
-	return ret;
-	}
-
-int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int i,b;
-	int n;
-
-	*outl=0;
-	b=ctx->cipher->block_size;
-	if (ctx->flags & EVP_CIPH_NO_PADDING)
-		{
-		if(ctx->buf_len)
-			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-			return 0;
-			}
-		*outl = 0;
-		return 1;
-		}
-	if (b > 1)
-		{
-		if (ctx->buf_len || !ctx->final_used)
-			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
-			return(0);
-			}
-		OPENSSL_assert(b <= sizeof ctx->final);
-		n=ctx->final[b-1];
-		if (n > b)
-			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
-			return(0);
-			}
-		for (i=0; i<n; i++)
-			{
-			if (ctx->final[--b] != n)
-				{
-				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
-				return(0);
-				}
-			}
-		n=ctx->cipher->block_size-n;
-		for (i=0; i<n; i++)
-			out[i]=ctx->final[i];
-		*outl=n;
-		}
-	else
-		*outl=0;
-	return(1);
-	}
-
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
-	{
-	if (c->cipher != NULL)
-		{
-		if(c->cipher->cleanup && !c->cipher->cleanup(c))
-			return 0;
-		/* Cleanse cipher context data */
-		if (c->cipher_data)
-			OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
-		}
-	if (c->cipher_data)
-		OPENSSL_free(c->cipher_data);
-#ifndef OPENSSL_NO_ENGINE
-	if (c->engine)
-		/* The EVP_CIPHER we used belongs to an ENGINE, release the
-		 * functional reference we held for this reason. */
-		ENGINE_finish(c->engine);
-#endif
-	memset(c,0,sizeof(EVP_CIPHER_CTX));
-	return 1;
-	}
-
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
-	{
-	if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) 
-		return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
-	if(c->key_len == keylen) return 1;
-	if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
-		{
-		c->key_len = keylen;
-		return 1;
-		}
-	EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
-	return 0;
-	}
-
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
-	{
-	if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
-	else ctx->flags |= EVP_CIPH_NO_PADDING;
-	return 1;
-	}
-
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-	int ret;
-	if(!ctx->cipher) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
-		return 0;
-	}
-
-	if(!ctx->cipher->ctrl) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
-		return 0;
-	}
-
-	ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
-	if(ret == -1) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return ret;
-}
diff --git a/crypto/openssl/crypto/evp/evp_err.c b/crypto/openssl/crypto/evp/evp_err.c
deleted file mode 100644
index 3a23d21c217e..000000000000
--- a/crypto/openssl/crypto/evp/evp_err.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/* crypto/evp/evp_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA EVP_str_functs[]=
-	{
-{ERR_PACK(0,EVP_F_D2I_PKEY,0),	"D2I_PKEY"},
-{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0),	"EVP_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0),	"EVP_CIPHER_CTX_ctrl"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0),	"EVP_CIPHER_CTX_set_key_length"},
-{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),	"EVP_DecryptFinal"},
-{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0),	"EVP_DigestInit"},
-{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0),	"EVP_EncryptFinal"},
-{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0),	"EVP_MD_CTX_copy"},
-{ERR_PACK(0,EVP_F_EVP_OPENINIT,0),	"EVP_OpenInit"},
-{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0),	"EVP_PBE_alg_add"},
-{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0),	"EVP_PBE_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0),	"EVP_PKCS82PKEY"},
-{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0),	"EVP_PKCS8_SET_BROKEN"},
-{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0),	"EVP_PKEY2PKCS8"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),	"EVP_PKEY_copy_parameters"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0),	"EVP_PKEY_decrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0),	"EVP_PKEY_encrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0),	"EVP_PKEY_get1_DH"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0),	"EVP_PKEY_get1_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0),	"EVP_PKEY_get1_RSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),	"EVP_PKEY_new"},
-{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0),	"EVP_RIJNDAEL"},
-{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),	"EVP_SignFinal"},
-{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),	"EVP_VerifyFinal"},
-{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0),	"PKCS5_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0),	"PKCS5_v2_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0),	"RC2_MAGIC_TO_METH"},
-{ERR_PACK(0,EVP_F_RC5_CTRL,0),	"RC5_CTRL"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA EVP_str_reasons[]=
-	{
-{EVP_R_BAD_BLOCK_LENGTH                  ,"bad block length"},
-{EVP_R_BAD_DECRYPT                       ,"bad decrypt"},
-{EVP_R_BAD_KEY_LENGTH                    ,"bad key length"},
-{EVP_R_BN_DECODE_ERROR                   ,"bn decode error"},
-{EVP_R_BN_PUBKEY_ERROR                   ,"bn pubkey error"},
-{EVP_R_CIPHER_PARAMETER_ERROR            ,"cipher parameter error"},
-{EVP_R_CTRL_NOT_IMPLEMENTED              ,"ctrl not implemented"},
-{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED    ,"ctrl operation not implemented"},
-{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
-{EVP_R_DECODE_ERROR                      ,"decode error"},
-{EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
-{EVP_R_ENCODE_ERROR                      ,"encode error"},
-{EVP_R_EVP_PBE_CIPHERINIT_ERROR          ,"evp pbe cipherinit error"},
-{EVP_R_EXPECTING_AN_RSA_KEY              ,"expecting an rsa key"},
-{EVP_R_EXPECTING_A_DH_KEY                ,"expecting a dh key"},
-{EVP_R_EXPECTING_A_DSA_KEY               ,"expecting a dsa key"},
-{EVP_R_INITIALIZATION_ERROR              ,"initialization error"},
-{EVP_R_INPUT_NOT_INITIALIZED             ,"input not initialized"},
-{EVP_R_INVALID_KEY_LENGTH                ,"invalid key length"},
-{EVP_R_IV_TOO_LARGE                      ,"iv too large"},
-{EVP_R_KEYGEN_FAILURE                    ,"keygen failure"},
-{EVP_R_MISSING_PARAMETERS                ,"missing parameters"},
-{EVP_R_NO_CIPHER_SET                     ,"no cipher set"},
-{EVP_R_NO_DIGEST_SET                     ,"no digest set"},
-{EVP_R_NO_DSA_PARAMETERS                 ,"no dsa parameters"},
-{EVP_R_NO_SIGN_FUNCTION_CONFIGURED       ,"no sign function configured"},
-{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED     ,"no verify function configured"},
-{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE         ,"pkcs8 unknown broken type"},
-{EVP_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
-{EVP_R_UNKNOWN_PBE_ALGORITHM             ,"unknown pbe algorithm"},
-{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS       ,"unsuported number of rounds"},
-{EVP_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{EVP_R_UNSUPPORTED_KEYLENGTH             ,"unsupported keylength"},
-{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
-{EVP_R_UNSUPPORTED_KEY_SIZE              ,"unsupported key size"},
-{EVP_R_UNSUPPORTED_PRF                   ,"unsupported prf"},
-{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
-{EVP_R_UNSUPPORTED_SALT_TYPE             ,"unsupported salt type"},
-{EVP_R_WRONG_FINAL_BLOCK_LENGTH          ,"wrong final block length"},
-{EVP_R_WRONG_PUBLIC_KEY_TYPE             ,"wrong public key type"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_EVP_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
-		ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/evp/evp_key.c b/crypto/openssl/crypto/evp/evp_key.c
deleted file mode 100644
index 5f387a94d321..000000000000
--- a/crypto/openssl/crypto/evp/evp_key.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* crypto/evp/evp_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/ui.h>
-
-/* should be init to zeros. */
-static char prompt_string[80];
-
-void EVP_set_pw_prompt(char *prompt)
-	{
-	if (prompt == NULL)
-		prompt_string[0]='\0';
-	else
-		{
-		strncpy(prompt_string,prompt,79);
-		prompt_string[79]='\0';
-		}
-	}
-
-char *EVP_get_pw_prompt(void)
-	{
-	if (prompt_string[0] == '\0')
-		return(NULL);
-	else
-		return(prompt_string);
-	}
-
-/* For historical reasons, the standard function for reading passwords is
- * in the DES library -- if someone ever wants to disable DES,
- * this function will fail */
-int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
-	{
-	int ret;
-	char buff[BUFSIZ];
-	UI *ui;
-
-	if ((prompt == NULL) && (prompt_string[0] != '\0'))
-		prompt=prompt_string;
-	ui = UI_new();
-	UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
-	if (verify)
-		UI_add_verify_string(ui,prompt,0,
-			buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
-	ret = UI_process(ui);
-	UI_free(ui);
-	OPENSSL_cleanse(buff,BUFSIZ);
-	return ret;
-	}
-
-int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 
-	     const unsigned char *salt, const unsigned char *data, int datal,
-	     int count, unsigned char *key, unsigned char *iv)
-	{
-	EVP_MD_CTX c;
-	unsigned char md_buf[EVP_MAX_MD_SIZE];
-	int niv,nkey,addmd=0;
-	unsigned int mds=0,i;
-
-	nkey=type->key_len;
-	niv=type->iv_len;
-	OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
-	OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
-
-	if (data == NULL) return(nkey);
-
-	EVP_MD_CTX_init(&c);
-	for (;;)
-		{
-		EVP_DigestInit_ex(&c,md, NULL);
-		if (addmd++)
-			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-		EVP_DigestUpdate(&c,data,datal);
-		if (salt != NULL)
-			EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
-		EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
-
-		for (i=1; i<(unsigned int)count; i++)
-			{
-			EVP_DigestInit_ex(&c,md, NULL);
-			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-			EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
-			}
-		i=0;
-		if (nkey)
-			{
-			for (;;)
-				{
-				if (nkey == 0) break;
-				if (i == mds) break;
-				if (key != NULL)
-					*(key++)=md_buf[i];
-				nkey--;
-				i++;
-				}
-			}
-		if (niv && (i != mds))
-			{
-			for (;;)
-				{
-				if (niv == 0) break;
-				if (i == mds) break;
-				if (iv != NULL)
-					*(iv++)=md_buf[i];
-				niv--;
-				i++;
-				}
-			}
-		if ((nkey == 0) && (niv == 0)) break;
-		}
-	EVP_MD_CTX_cleanup(&c);
-	OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
-	return(type->key_len);
-	}
-
diff --git a/crypto/openssl/crypto/evp/evp_lib.c b/crypto/openssl/crypto/evp/evp_lib.c
deleted file mode 100644
index 52a3b287bee5..000000000000
--- a/crypto/openssl/crypto/evp/evp_lib.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/evp/evp_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	int ret;
-
-	if (c->cipher->set_asn1_parameters != NULL)
-		ret=c->cipher->set_asn1_parameters(c,type);
-	else
-		ret=1;
-	return(ret);
-	}
-
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	int ret;
-
-	if (c->cipher->get_asn1_parameters != NULL)
-		ret=c->cipher->get_asn1_parameters(c,type);
-	else
-		ret=1;
-	return(ret);
-	}
-
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	int i=0,l;
-
-	if (type != NULL) 
-		{
-		l=EVP_CIPHER_CTX_iv_length(c);
-		OPENSSL_assert(l <= sizeof c->iv);
-		i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
-		if (i != l)
-			return(-1);
-		else if (i > 0)
-			memcpy(c->iv,c->oiv,l);
-		}
-	return(i);
-	}
-
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-	{
-	int i=0,j;
-
-	if (type != NULL)
-		{
-		j=EVP_CIPHER_CTX_iv_length(c);
-		OPENSSL_assert(j <= sizeof c->iv);
-		i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
-		}
-	return(i);
-	}
-
-/* Convert the various cipher NIDs and dummies to a proper OID NID */
-int EVP_CIPHER_type(const EVP_CIPHER *ctx)
-{
-	int nid;
-	ASN1_OBJECT *otmp;
-	nid = EVP_CIPHER_nid(ctx);
-
-	switch(nid) {
-
-		case NID_rc2_cbc:
-		case NID_rc2_64_cbc:
-		case NID_rc2_40_cbc:
-
-		return NID_rc2_cbc;
-
-		case NID_rc4:
-		case NID_rc4_40:
-
-		return NID_rc4;
-
-		default:
-		/* Check it has an OID and it is valid */
-		otmp = OBJ_nid2obj(nid);
-		if(!otmp || !otmp->data) nid = NID_undef;
-		ASN1_OBJECT_free(otmp);
-		return nid;
-	}
-}
-
diff --git a/crypto/openssl/crypto/evp/evp_locl.h b/crypto/openssl/crypto/evp/evp_locl.h
deleted file mode 100644
index 4d81a3bf4c57..000000000000
--- a/crypto/openssl/crypto/evp/evp_locl.h
+++ /dev/null
@@ -1,227 +0,0 @@
-/* evp_locl.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Macros to code block cipher wrappers */
-
-/* Wrapper functions for each cipher mode */
-
-#define BLOCK_CIPHER_ecb_loop() \
-	unsigned int i, bl; \
-	bl = ctx->cipher->block_size;\
-	if(inl < bl) return 1;\
-	inl -= bl; \
-	for(i=0; i <= inl; i+=bl) \
-
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
-	BLOCK_CIPHER_ecb_loop() \
-		cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
-	cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
-	cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
-	cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-	BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-	BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
-
-#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
-			  key_len, iv_len, flags, init_key, cleanup, \
-			  set_asn1, get_asn1, ctrl) \
-static const EVP_CIPHER cname##_##mode = { \
-	nid##_##nmode, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_##MODE##_MODE, \
-	init_key, \
-	cname##_##mode##_cipher, \
-	cleanup, \
-	sizeof(kstruct), \
-	set_asn1, get_asn1,\
-	ctrl, \
-	NULL \
-}; \
-const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
-
-#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
-			     iv_len, flags, init_key, cleanup, set_asn1, \
-			     get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
-		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
-			     iv_len, cbits, flags, init_key, cleanup, \
-			     set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cfb##cbits, cfb, CFB, kstruct, nid, 1, \
-		  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-		  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
-			     iv_len, cbits, flags, init_key, cleanup, \
-			     set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
-		  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-		  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
-			     iv_len, flags, init_key, cleanup, set_asn1, \
-			     get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
-		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-			  nid, block_size, key_len, iv_len, cbits, flags, \
-			  init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
-		     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
-		     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-
-/*
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-				nid, block_size, key_len, iv_len, flags,\
-				 init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static const EVP_CIPHER cname##_cbc = {\
-	nid##_cbc, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_CBC_MODE,\
-	init_key,\
-	cname##_cbc_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl, \
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static const EVP_CIPHER cname##_cfb = {\
-	nid##_cfb64, 1, key_len, iv_len, \
-	flags | EVP_CIPH_CFB_MODE,\
-	init_key,\
-	cname##_cfb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static const EVP_CIPHER cname##_ofb = {\
-	nid##_ofb64, 1, key_len, iv_len, \
-	flags | EVP_CIPH_OFB_MODE,\
-	init_key,\
-	cname##_ofb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static const EVP_CIPHER cname##_ecb = {\
-	nid##_ecb, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_ECB_MODE,\
-	init_key,\
-	cname##_ecb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-*/
-
-#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
-			       block_size, key_len, iv_len, cbits, \
-			       flags, init_key, \
-			       cleanup, set_asn1, get_asn1, ctrl) \
-	BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
-			  cbits, flags, init_key, cleanup, set_asn1, \
-			  get_asn1, ctrl)
-
-#define EVP_C_DATA(kstruct, ctx)	((kstruct *)(ctx)->cipher_data)
diff --git a/crypto/openssl/crypto/evp/evp_pbe.c b/crypto/openssl/crypto/evp/evp_pbe.c
deleted file mode 100644
index 0da88fdcffe2..000000000000
--- a/crypto/openssl/crypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* evp_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/* Password based encryption (PBE) functions */
-
-static STACK *pbe_algs;
-
-/* Setup a cipher context from a PBE algorithm */
-
-typedef struct {
-int pbe_nid;
-const EVP_CIPHER *cipher;
-const EVP_MD *md;
-EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
-
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-	     ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
-{
-
-	EVP_PBE_CTL *pbetmp, pbelu;
-	int i;
-	pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
-	if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
-	else i = -1;
-
-	if (i == -1) {
-		char obj_tmp[80];
-		EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
-		if (!pbe_obj) strcpy (obj_tmp, "NULL");
-		else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
-		ERR_add_error_data(2, "TYPE=", obj_tmp);
-		return 0;
-	}
-	if(!pass) passlen = 0;
-	else if (passlen == -1) passlen = strlen(pass);
-	pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
-	i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
-						 pbetmp->md, en_de);
-	if (!i) {
-		EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
-		return 0;
-	}
-	return 1;	
-}
-
-static int pbe_cmp(const char * const *a, const char * const *b)
-{
-	EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a,  **pbe2 = (EVP_PBE_CTL **)b;
-	return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
-}
-
-/* Add a PBE algorithm */
-
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-	     EVP_PBE_KEYGEN *keygen)
-{
-	EVP_PBE_CTL *pbe_tmp;
-	if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
-	if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
-		EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	pbe_tmp->pbe_nid = nid;
-	pbe_tmp->cipher = cipher;
-	pbe_tmp->md = md;
-	pbe_tmp->keygen = keygen;
-	sk_push (pbe_algs, (char *)pbe_tmp);
-	return 1;
-}
-
-void EVP_PBE_cleanup(void)
-{
-	sk_pop_free(pbe_algs, OPENSSL_freeFunc);
-	pbe_algs = NULL;
-}
diff --git a/crypto/openssl/crypto/evp/evp_pkey.c b/crypto/openssl/crypto/evp/evp_pkey.c
deleted file mode 100644
index 34b5b1d21ccb..000000000000
--- a/crypto/openssl/crypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,412 +0,0 @@
-/* evp_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-#endif
-
-/* Extract a private key from a PKCS8 structure */
-
-EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
-{
-	EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa = NULL;
-	ASN1_INTEGER *privkey;
-	ASN1_TYPE *t1, *t2, *param = NULL;
-	STACK_OF(ASN1_TYPE) *ndsa = NULL;
-	BN_CTX *ctx = NULL;
-	int plen;
-#endif
-	X509_ALGOR *a;
-	unsigned char *p;
-	const unsigned char *cp;
-	int pkeylen;
-	char obj_tmp[80];
-
-	if(p8->pkey->type == V_ASN1_OCTET_STRING) {
-		p8->broken = PKCS8_OK;
-		p = p8->pkey->value.octet_string->data;
-		pkeylen = p8->pkey->value.octet_string->length;
-	} else {
-		p8->broken = PKCS8_NO_OCTET;
-		p = p8->pkey->value.sequence->data;
-		pkeylen = p8->pkey->value.sequence->length;
-	}
-	if (!(pkey = EVP_PKEY_new())) {
-		EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	a = p8->pkeyalg;
-	switch (OBJ_obj2nid(a->algorithm))
-	{
-#ifndef OPENSSL_NO_RSA
-		case NID_rsaEncryption:
-		cp = p;
-		if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			return NULL;
-		}
-		EVP_PKEY_assign_RSA (pkey, rsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-		case NID_dsa:
-		/* PKCS#8 DSA is weird: you just get a private key integer
-	         * and parameters in the AlgorithmIdentifier the pubkey must
-		 * be recalculated.
-		 */
-	
-		/* Check for broken DSA PKCS#8, UGH! */
-		if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
-		    if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 
-							  d2i_ASN1_TYPE,
-							  ASN1_TYPE_free))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    /* Handle Two broken types:
-		     * SEQUENCE {parameters, priv_key}
-		     * SEQUENCE {pub_key, priv_key}
-		     */
-
-		    t1 = sk_ASN1_TYPE_value(ndsa, 0);
-		    t2 = sk_ASN1_TYPE_value(ndsa, 1);
-		    if(t1->type == V_ASN1_SEQUENCE) {
-			p8->broken = PKCS8_EMBEDDED_PARAM;
-			param = t1;
-		    } else if(a->parameter->type == V_ASN1_SEQUENCE) {
-			p8->broken = PKCS8_NS_DB;
-			param = a->parameter;
-		    } else {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-
-		    if(t2->type != V_ASN1_INTEGER) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    privkey = t2->value.integer;
-		} else {
-			if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
-				EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-				goto dsaerr;
-			}
-			param = p8->pkeyalg->parameter;
-		}
-		if (!param || (param->type != V_ASN1_SEQUENCE)) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		}
-		cp = p = param->value.sequence->data;
-		plen = param->value.sequence->length;
-		if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		}
-		/* We have parameters now set private key */
-		if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
-			goto dsaerr;
-		}
-		/* Calculate public key (ouch!) */
-		if (!(dsa->pub_key = BN_new())) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
-			goto dsaerr;
-		}
-		if (!(ctx = BN_CTX_new())) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
-			goto dsaerr;
-		}
-			
-		if (!BN_mod_exp(dsa->pub_key, dsa->g,
-						 dsa->priv_key, dsa->p, ctx)) {
-			
-			EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
-			goto dsaerr;
-		}
-
-		EVP_PKEY_assign_DSA(pkey, dsa);
-		BN_CTX_free (ctx);
-		if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		else ASN1_INTEGER_free(privkey);
-		break;
-		dsaerr:
-		BN_CTX_free (ctx);
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		DSA_free(dsa);
-		EVP_PKEY_free(pkey);
-		return NULL;
-		break;
-#endif
-		default:
-		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		if (!a->algorithm) strcpy (obj_tmp, "NULL");
-		else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
-		ERR_add_error_data(2, "TYPE=", obj_tmp);
-		EVP_PKEY_free (pkey);
-		return NULL;
-	}
-	return pkey;
-}
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
-{
-	return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
-}
-
-/* Turn a private key into a PKCS8 structure */
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-
-	if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {	
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p8->broken = broken;
-	ASN1_INTEGER_set (p8->version, 0);
-	if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return NULL;
-	}
-	p8->pkey->type = V_ASN1_OCTET_STRING;
-	switch (EVP_PKEY_type(pkey->type)) {
-#ifndef OPENSSL_NO_RSA
-		case EVP_PKEY_RSA:
-
-		if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
-
-		p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
-		p8->pkeyalg->parameter->type = V_ASN1_NULL;
-		if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
-					 &p8->pkey->value.octet_string)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			PKCS8_PRIV_KEY_INFO_free (p8);
-			return NULL;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-		case EVP_PKEY_DSA:
-		if(!dsa_pkey2pkcs8(p8, pkey)) {
-			PKCS8_PRIV_KEY_INFO_free (p8);
-			return NULL;
-		}
-
-		break;
-#endif
-		default:
-		EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return NULL;
-	}
-	RAND_add(p8->pkey->value.octet_string->data,
-		 p8->pkey->value.octet_string->length, 0);
-	return p8;
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
-{
-	switch (broken) {
-
-		case PKCS8_OK:
-		p8->broken = PKCS8_OK;
-		return p8;
-		break;
-
-		case PKCS8_NO_OCTET:
-		p8->broken = PKCS8_NO_OCTET;
-		p8->pkey->type = V_ASN1_SEQUENCE;
-		return p8;
-		break;
-
-		default:
-		EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
-		return NULL;
-		break;
-		
-	}
-}
-
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
-{
-	ASN1_STRING *params;
-	ASN1_INTEGER *prkey;
-	ASN1_TYPE *ttmp;
-	STACK_OF(ASN1_TYPE) *ndsa;
-	unsigned char *p, *q;
-	int len;
-
-	p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
-	len = i2d_DSAparams (pkey->pkey.dsa, NULL);
-	if (!(p = OPENSSL_malloc(len))) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return 0;
-	}
-	q = p;
-	i2d_DSAparams (pkey->pkey.dsa, &q);
-	params = ASN1_STRING_new();
-	ASN1_STRING_set(params, p, len);
-	OPENSSL_free(p);
-	/* Get private key into integer */
-	if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
-		return 0;
-	}
-
-	switch(p8->broken) {
-
-		case PKCS8_OK:
-		case PKCS8_NO_OCTET:
-
-		if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
-					 &p8->pkey->value.octet_string)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			M_ASN1_INTEGER_free (prkey);
-			return 0;
-		}
-
-		M_ASN1_INTEGER_free (prkey);
-		p8->pkeyalg->parameter->value.sequence = params;
-		p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-
-		break;
-
-		case PKCS8_NS_DB:
-
-		p8->pkeyalg->parameter->value.sequence = params;
-		p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-		ndsa = sk_ASN1_TYPE_new_null();
-		ttmp = ASN1_TYPE_new();
-		if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
-			PKCS8_PRIV_KEY_INFO_free(p8);
-			return 0;
-		}
-		ttmp->type = V_ASN1_INTEGER;
-		sk_ASN1_TYPE_push(ndsa, ttmp);
-
-		ttmp = ASN1_TYPE_new();
-		ttmp->value.integer = prkey;
-		ttmp->type = V_ASN1_INTEGER;
-		sk_ASN1_TYPE_push(ndsa, ttmp);
-
-		p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
-
-		if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
-					 &p8->pkey->value.octet_string->data,
-					 &p8->pkey->value.octet_string->length)) {
-
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-			M_ASN1_INTEGER_free(prkey);
-			return 0;
-		}
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		break;
-
-		case PKCS8_EMBEDDED_PARAM:
-
-		p8->pkeyalg->parameter->type = V_ASN1_NULL;
-		ndsa = sk_ASN1_TYPE_new_null();
-		ttmp = ASN1_TYPE_new();
-		ttmp->value.sequence = params;
-		ttmp->type = V_ASN1_SEQUENCE;
-		sk_ASN1_TYPE_push(ndsa, ttmp);
-
-		ttmp = ASN1_TYPE_new();
-		ttmp->value.integer = prkey;
-		ttmp->type = V_ASN1_INTEGER;
-		sk_ASN1_TYPE_push(ndsa, ttmp);
-
-		p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
-
-		if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
-					 &p8->pkey->value.octet_string->data,
-					 &p8->pkey->value.octet_string->length)) {
-
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-			M_ASN1_INTEGER_free (prkey);
-			return 0;
-		}
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		break;
-	}
-	return 1;
-}
-#endif
diff --git a/crypto/openssl/crypto/evp/evp_test.c b/crypto/openssl/crypto/evp/evp_test.c
deleted file mode 100644
index 28460173f7ef..000000000000
--- a/crypto/openssl/crypto/evp/evp_test.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/* Written by Ben Laurie, 2001 */
-/*
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/conf.h>
-
-static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
-    {
-    int n=0;
-
-    fprintf(f,"%s",title);
-    for( ; n < l ; ++n)
-	{
-	if((n%16) == 0)
-	    fprintf(f,"\n%04x",n);
-	fprintf(f," %02x",s[n]);
-	}
-    fprintf(f,"\n");
-    }
-
-static int convert(unsigned char *s)
-    {
-    unsigned char *d;
-
-    for(d=s ; *s ; s+=2,++d)
-	{
-	unsigned int n;
-
-	if(!s[1])
-	    {
-	    fprintf(stderr,"Odd number of hex digits!");
-	    EXIT(4);
-	    }
-	sscanf((char *)s,"%2x",&n);
-	*d=(unsigned char)n;
-	}
-    return s-d;
-    }
-
-static char *sstrsep(char **string, const char *delim)
-    {
-    char isdelim[256];
-    char *token = *string;
-
-    if (**string == 0)
-        return NULL;
-
-    memset(isdelim, 0, 256);
-    isdelim[0] = 1;
-
-    while (*delim)
-        {
-        isdelim[(unsigned char)(*delim)] = 1;
-        delim++;
-        }
-
-    while (!isdelim[(unsigned char)(**string)])
-        {
-        (*string)++;
-        }
-
-    if (**string)
-        {
-        **string = 0;
-        (*string)++;
-        }
-
-    return token;
-    }
-
-static unsigned char *ustrsep(char **p,const char *sep)
-    { return (unsigned char *)sstrsep(p,sep); }
-
-static int test1_exit(int ec)
-	{
-	EXIT(ec);
-	return(0);		/* To keep some compilers quiet */
-	}
-
-static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
-		  const unsigned char *iv,int in,
-		  const unsigned char *plaintext,int pn,
-		  const unsigned char *ciphertext,int cn,
-		  int encdec)
-    {
-    EVP_CIPHER_CTX ctx;
-    unsigned char out[4096];
-    int outl,outl2;
-
-    printf("Testing cipher %s%s\n",EVP_CIPHER_name(c),
-	   (encdec == 1 ? "(encrypt)" : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)")));
-    hexdump(stdout,"Key",key,kn);
-    if(in)
-	hexdump(stdout,"IV",iv,in);
-    hexdump(stdout,"Plaintext",plaintext,pn);
-    hexdump(stdout,"Ciphertext",ciphertext,cn);
-    
-    if(kn != c->key_len)
-	{
-	fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
-		c->key_len);
-	test1_exit(5);
-	}
-    EVP_CIPHER_CTX_init(&ctx);
-    if (encdec != 0)
-        {
-	if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
-	    {
-	    fprintf(stderr,"EncryptInit failed\n");
-	    test1_exit(10);
-	    }
-	EVP_CIPHER_CTX_set_padding(&ctx,0);
-
-	if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
-	    {
-	    fprintf(stderr,"Encrypt failed\n");
-	    test1_exit(6);
-	    }
-	if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
-	    {
-	    fprintf(stderr,"EncryptFinal failed\n");
-	    test1_exit(7);
-	    }
-
-	if(outl+outl2 != cn)
-	    {
-	    fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
-		    outl+outl2,cn);
-	    test1_exit(8);
-	    }
-
-	if(memcmp(out,ciphertext,cn))
-	    {
-	    fprintf(stderr,"Ciphertext mismatch\n");
-	    hexdump(stderr,"Got",out,cn);
-	    hexdump(stderr,"Expected",ciphertext,cn);
-	    test1_exit(9);
-	    }
-	}
-
-    if (encdec <= 0)
-        {
-	if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
-	    {
-	    fprintf(stderr,"DecryptInit failed\n");
-	    test1_exit(11);
-	    }
-	EVP_CIPHER_CTX_set_padding(&ctx,0);
-
-	if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn))
-	    {
-	    fprintf(stderr,"Decrypt failed\n");
-	    test1_exit(6);
-	    }
-	if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
-	    {
-	    fprintf(stderr,"DecryptFinal failed\n");
-	    test1_exit(7);
-	    }
-
-	if(outl+outl2 != cn)
-	    {
-	    fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
-		    outl+outl2,cn);
-	    test1_exit(8);
-	    }
-
-	if(memcmp(out,plaintext,cn))
-	    {
-	    fprintf(stderr,"Plaintext mismatch\n");
-	    hexdump(stderr,"Got",out,cn);
-	    hexdump(stderr,"Expected",plaintext,cn);
-	    test1_exit(9);
-	    }
-	}
-
-    EVP_CIPHER_CTX_cleanup(&ctx);
-
-    printf("\n");
-    }
-
-static int test_cipher(const char *cipher,const unsigned char *key,int kn,
-		       const unsigned char *iv,int in,
-		       const unsigned char *plaintext,int pn,
-		       const unsigned char *ciphertext,int cn,
-		       int encdec)
-    {
-    const EVP_CIPHER *c;
-
-    c=EVP_get_cipherbyname(cipher);
-    if(!c)
-	return 0;
-
-    test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec);
-
-    return 1;
-    }
-
-static int test_digest(const char *digest,
-		       const unsigned char *plaintext,int pn,
-		       const unsigned char *ciphertext, unsigned int cn)
-    {
-    const EVP_MD *d;
-    EVP_MD_CTX ctx;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    unsigned int mdn;
-
-    d=EVP_get_digestbyname(digest);
-    if(!d)
-	return 0;
-
-    printf("Testing digest %s\n",EVP_MD_name(d));
-    hexdump(stdout,"Plaintext",plaintext,pn);
-    hexdump(stdout,"Digest",ciphertext,cn);
-
-    EVP_MD_CTX_init(&ctx);
-    if(!EVP_DigestInit_ex(&ctx,d, NULL))
-	{
-	fprintf(stderr,"DigestInit failed\n");
-	EXIT(100);
-	}
-    if(!EVP_DigestUpdate(&ctx,plaintext,pn))
-	{
-	fprintf(stderr,"DigestUpdate failed\n");
-	EXIT(101);
-	}
-    if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
-	{
-	fprintf(stderr,"DigestFinal failed\n");
-	EXIT(101);
-	}
-    EVP_MD_CTX_cleanup(&ctx);
-
-    if(mdn != cn)
-	{
-	fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
-	EXIT(102);
-	}
-
-    if(memcmp(md,ciphertext,cn))
-	{
-	fprintf(stderr,"Digest mismatch\n");
-	hexdump(stderr,"Got",md,cn);
-	hexdump(stderr,"Expected",ciphertext,cn);
-	EXIT(103);
-	}
-
-    printf("\n");
-
-    EVP_MD_CTX_cleanup(&ctx);
-
-    return 1;
-    }
-
-int main(int argc,char **argv)
-    {
-    const char *szTestFile;
-    FILE *f;
-
-    if(argc != 2)
-	{
-	fprintf(stderr,"%s <test file>\n",argv[0]);
-	EXIT(1);
-	}
-    CRYPTO_malloc_debug_init();
-    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-    szTestFile=argv[1];
-
-    f=fopen(szTestFile,"r");
-    if(!f)
-	{
-	perror(szTestFile);
-	EXIT(2);
-	}
-
-    /* Load up the software EVP_CIPHER and EVP_MD definitions */
-    OpenSSL_add_all_ciphers();
-    OpenSSL_add_all_digests();
-#ifndef OPENSSL_NO_ENGINE
-    /* Load all compiled-in ENGINEs */
-    ENGINE_load_builtin_engines();
-#endif
-#if 0
-    OPENSSL_config();
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    /* Register all available ENGINE implementations of ciphers and digests.
-     * This could perhaps be changed to "ENGINE_register_all_complete()"? */
-    ENGINE_register_all_ciphers();
-    ENGINE_register_all_digests();
-    /* If we add command-line options, this statement should be switchable.
-     * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
-     * they weren't already initialised. */
-    /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
-#endif
-
-    for( ; ; )
-	{
-	char line[4096];
-	char *p;
-	char *cipher;
-	unsigned char *iv,*key,*plaintext,*ciphertext;
-	int encdec;
-	int kn,in,pn,cn;
-
-	if(!fgets((char *)line,sizeof line,f))
-	    break;
-	if(line[0] == '#' || line[0] == '\n')
-	    continue;
-	p=line;
-	cipher=sstrsep(&p,":");	
-	key=ustrsep(&p,":");
-	iv=ustrsep(&p,":");
-	plaintext=ustrsep(&p,":");
-	ciphertext=ustrsep(&p,":");
-	if (p[-1] == '\n') {
-	    p[-1] = '\0';
-	    encdec = -1;
-	} else {
-	    encdec = atoi(sstrsep(&p,"\n"));
-	}
-	      
-
-	kn=convert(key);
-	in=convert(iv);
-	pn=convert(plaintext);
-	cn=convert(ciphertext);
-
-	if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec)
-	   && !test_digest(cipher,plaintext,pn,ciphertext,cn))
-	    {
-	    fprintf(stderr,"Can't find %s\n",cipher);
-	    EXIT(3);
-	    }
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-    ENGINE_cleanup();
-#endif
-    EVP_cleanup();
-    CRYPTO_cleanup_all_ex_data();
-    ERR_remove_state(0);
-    ERR_free_strings();
-    CRYPTO_mem_leaks_fp(stderr);
-
-    return 0;
-    }
diff --git a/crypto/openssl/crypto/evp/evptests.txt b/crypto/openssl/crypto/evp/evptests.txt
deleted file mode 100644
index 80bd9c7765cb..000000000000
--- a/crypto/openssl/crypto/evp/evptests.txt
+++ /dev/null
@@ -1,183 +0,0 @@
-#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
-#digest:::input:output
-
-# SHA(1) tests (from shatest.c)
-SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
-
-# MD5 tests (from md5test.c)
-MD5::::d41d8cd98f00b204e9800998ecf8427e
-MD5:::61:0cc175b9c0f1b6a831c399e269772661
-MD5:::616263:900150983cd24fb0d6963f7d28e17f72
-MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
-MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
-MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
-MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
-
-# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1
-
-# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
-
-# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1
-
-# AES 128 ECB tests (from NIST test vectors, encrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
-
-# AES 128 ECB tests (from NIST test vectors, decrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
-
-# AES 192 ECB tests (from NIST test vectors, decrypt)
-
-#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
-
-# AES 256 ECB tests (from NIST test vectors, decrypt)
-
-#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
-
-# AES 128 CBC tests (from NIST test vectors, encrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
-
-# AES 192 CBC tests (from NIST test vectors, encrypt)
-
-#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
-
-# AES 256 CBC tests (from NIST test vectors, encrypt)
-
-#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
-
-# AES 128 CBC tests (from NIST test vectors, decrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
-
-# AES tests from NIST document SP800-38A
-# For all ECB encrypts and decrypts, the transformed sequence is
-#   AES-bits-ECB:key::plaintext:ciphertext:encdec
-# ECB-AES128.Encrypt and ECB-AES128.Decrypt
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4
-# ECB-AES192.Encrypt and ECB-AES192.Decrypt 
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E
-# ECB-AES256.Encrypt and ECB-AES256.Decrypt 
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7
-# For all CBC encrypts and decrypts, the transformed sequence is
-#   AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-AES128.Encrypt and CBC-AES128.Decrypt 
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7
-# CBC-AES192.Encrypt and CBC-AES192.Decrypt 
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
-# CBC-AES256.Encrypt and CBC-AES256.Decrypt 
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B
-# We don't support CFB{1,8}-AESxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-#   AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-AES128.Encrypt 
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1
-# CFB128-AES128.Decrypt 
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0
-# CFB128-AES192.Encrypt
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1
-# CFB128-AES192.Decrypt
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0
-# CFB128-AES256.Encrypt 
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1
-# CFB128-AES256.Decrypt 
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0
-# For all OFB encrypts and decrypts, the transformed sequence is
-#   AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-AES128.Encrypt 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 
-# OFB-AES128.Decrypt 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0
-# OFB-AES192.Encrypt 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 
-# OFB-AES192.Decrypt 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 
-# OFB-AES256.Encrypt 
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1
-# OFB-AES256.Decrypt 
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
-
-# DES ECB tests (from destest)
-
-DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
-DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
-DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
-DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
-DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
-DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
-DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
-
-# DESX-CBC tests (from destest)
-DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
-
-# DES EDE3 CBC tests (from destest)
-DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
-
-# RC4 tests (from rc4test)
-RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
-RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
-RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
-RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
-RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
-RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
diff --git a/crypto/openssl/crypto/evp/m_dss.c b/crypto/openssl/crypto/evp/m_dss.c
deleted file mode 100644
index beb8d7fc5c93..000000000000
--- a/crypto/openssl/crypto/evp/m_dss.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/evp/m_dss.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_SHA
-static int init(EVP_MD_CTX *ctx)
-	{ return SHA1_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return SHA1_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return SHA1_Final(md,ctx->md_data); }
-
-static const EVP_MD dsa_md=
-	{
-	NID_dsaWithSHA,
-	NID_dsaWithSHA,
-	SHA_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_DSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(SHA_CTX),
-	};
-
-const EVP_MD *EVP_dss(void)
-	{
-	return(&dsa_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_dss1.c b/crypto/openssl/crypto/evp/m_dss1.c
deleted file mode 100644
index f5668ebda0a0..000000000000
--- a/crypto/openssl/crypto/evp/m_dss1.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SHA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return SHA1_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return SHA1_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return SHA1_Final(md,ctx->md_data); }
-
-static const EVP_MD dss1_md=
-	{
-	NID_dsa,
-	NID_dsaWithSHA1,
-	SHA_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_DSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(SHA_CTX),
-	};
-
-const EVP_MD *EVP_dss1(void)
-	{
-	return(&dss1_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_md2.c b/crypto/openssl/crypto/evp/m_md2.c
deleted file mode 100644
index 50914c83b3af..000000000000
--- a/crypto/openssl/crypto/evp/m_md2.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/evp/m_md2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_MD2
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/md2.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return MD2_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return MD2_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return MD2_Final(md,ctx->md_data); }
-
-static const EVP_MD md2_md=
-	{
-	NID_md2,
-	NID_md2WithRSAEncryption,
-	MD2_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	MD2_BLOCK,
-	sizeof(EVP_MD *)+sizeof(MD2_CTX),
-	};
-
-const EVP_MD *EVP_md2(void)
-	{
-	return(&md2_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_md4.c b/crypto/openssl/crypto/evp/m_md4.c
deleted file mode 100644
index e19b6637546c..000000000000
--- a/crypto/openssl/crypto/evp/m_md4.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/evp/m_md4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_MD4
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/md4.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return MD4_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return MD4_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return MD4_Final(md,ctx->md_data); }
-
-static const EVP_MD md4_md=
-	{
-	NID_md4,
-	NID_md4WithRSAEncryption,
-	MD4_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	MD4_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(MD4_CTX),
-	};
-
-const EVP_MD *EVP_md4(void)
-	{
-	return(&md4_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_md5.c b/crypto/openssl/crypto/evp/m_md5.c
deleted file mode 100644
index b00a03e048b6..000000000000
--- a/crypto/openssl/crypto/evp/m_md5.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/evp/m_md5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_MD5
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/md5.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return MD5_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return MD5_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return MD5_Final(md,ctx->md_data); }
-
-static const EVP_MD md5_md=
-	{
-	NID_md5,
-	NID_md5WithRSAEncryption,
-	MD5_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	MD5_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(MD5_CTX),
-	};
-
-const EVP_MD *EVP_md5(void)
-	{
-	return(&md5_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_mdc2.c b/crypto/openssl/crypto/evp/m_mdc2.c
deleted file mode 100644
index 9f6467c93143..000000000000
--- a/crypto/openssl/crypto/evp/m_mdc2.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/evp/m_mdc2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_MDC2
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/mdc2.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return MDC2_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return MDC2_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return MDC2_Final(md,ctx->md_data); }
-
-static const EVP_MD mdc2_md=
-	{
-	NID_mdc2,
-	NID_mdc2WithRSA,
-	MDC2_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
-	MDC2_BLOCK,
-	sizeof(EVP_MD *)+sizeof(MDC2_CTX),
-	};
-
-const EVP_MD *EVP_mdc2(void)
-	{
-	return(&mdc2_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_null.c b/crypto/openssl/crypto/evp/m_null.c
deleted file mode 100644
index f6f0a1d2c05f..000000000000
--- a/crypto/openssl/crypto/evp/m_null.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/evp/m_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return 1; }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return 1; }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return 1; }
-
-static const EVP_MD null_md=
-	{
-	NID_undef,
-	NID_undef,
-	0,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_NULL_method,
-	0,
-	sizeof(EVP_MD *),
-	};
-
-const EVP_MD *EVP_md_null(void)
-	{
-	return(&null_md);
-	}
-
-
diff --git a/crypto/openssl/crypto/evp/m_ripemd.c b/crypto/openssl/crypto/evp/m_ripemd.c
deleted file mode 100644
index 64725528dcc0..000000000000
--- a/crypto/openssl/crypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/evp/m_ripemd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RIPEMD
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/ripemd.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return RIPEMD160_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return RIPEMD160_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return RIPEMD160_Final(md,ctx->md_data); }
-
-static const EVP_MD ripemd160_md=
-	{
-	NID_ripemd160,
-	NID_ripemd160WithRSA,
-	RIPEMD160_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	RIPEMD160_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
-	};
-
-const EVP_MD *EVP_ripemd160(void)
-	{
-	return(&ripemd160_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_sha.c b/crypto/openssl/crypto/evp/m_sha.c
deleted file mode 100644
index 10697c7ed382..000000000000
--- a/crypto/openssl/crypto/evp/m_sha.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/evp/m_sha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SHA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return SHA_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return SHA_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return SHA_Final(md,ctx->md_data); }
-
-static const EVP_MD sha_md=
-	{
-	NID_sha,
-	NID_shaWithRSAEncryption,
-	SHA_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(SHA_CTX),
-	};
-
-const EVP_MD *EVP_sha(void)
-	{
-	return(&sha_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/m_sha1.c b/crypto/openssl/crypto/evp/m_sha1.c
deleted file mode 100644
index d6be3502f0a2..000000000000
--- a/crypto/openssl/crypto/evp/m_sha1.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/evp/m_sha1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_SHA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-	{ return SHA1_Init(ctx->md_data); }
-
-static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-	{ return SHA1_Update(ctx->md_data,data,count); }
-
-static int final(EVP_MD_CTX *ctx,unsigned char *md)
-	{ return SHA1_Final(md,ctx->md_data); }
-
-static const EVP_MD sha1_md=
-	{
-	NID_sha1,
-	NID_sha1WithRSAEncryption,
-	SHA_DIGEST_LENGTH,
-	0,
-	init,
-	update,
-	final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *)+sizeof(SHA_CTX),
-	};
-
-const EVP_MD *EVP_sha1(void)
-	{
-	return(&sha1_md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/evp/names.c b/crypto/openssl/crypto/evp/names.c
deleted file mode 100644
index eb9f4329cd4d..000000000000
--- a/crypto/openssl/crypto/evp/names.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/evp/names.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_add_cipher(const EVP_CIPHER *c)
-	{
-	int r;
-
-	r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
-	if (r == 0) return(0);
-	r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
-	return(r);
-	}
-
-int EVP_add_digest(const EVP_MD *md)
-	{
-	int r;
-	const char *name;
-
-	name=OBJ_nid2sn(md->type);
-	r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md);
-	if (r == 0) return(0);
-	r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md);
-	if (r == 0) return(0);
-
-	if (md->type != md->pkey_type)
-		{
-		r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
-			OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
-		if (r == 0) return(0);
-		r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
-			OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
-		}
-	return(r);
-	}
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
-	{
-	const EVP_CIPHER *cp;
-
-	cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
-	return(cp);
-	}
-
-const EVP_MD *EVP_get_digestbyname(const char *name)
-	{
-	const EVP_MD *cp;
-
-	cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
-	return(cp);
-	}
-
-void EVP_cleanup(void)
-	{
-	OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
-	OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
-	/* The above calls will only clean out the contents of the name
-	   hash table, but not the hash table itself.  The following line
-	   does that part.  -- Richard Levitte */
-	OBJ_NAME_cleanup(-1);
-
-	EVP_PBE_cleanup();
-	}
diff --git a/crypto/openssl/crypto/evp/openbsd_hw.c b/crypto/openssl/crypto/evp/openbsd_hw.c
deleted file mode 100644
index 3831a5731e9c..000000000000
--- a/crypto/openssl/crypto/evp/openbsd_hw.c
+++ /dev/null
@@ -1,446 +0,0 @@
-/* Written by Ben Laurie, 2001 */
-/*
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include "evp_locl.h"
-
-/* This stuff should now all be supported through
- * crypto/engine/hw_openbsd_dev_crypto.c unless I botched it up */
-static void *dummy=&dummy;
-
-#if 0
-
-/* check flag after OpenSSL headers to ensure make depend works */
-#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
-
-#include <fcntl.h>
-#include <stdio.h>
-#include <errno.h>
-#include <sys/ioctl.h>
-#include <crypto/cryptodev.h>
-#include <unistd.h>
-#include <assert.h>
-
-/* longest key supported in hardware */
-#define MAX_HW_KEY	24
-#define MAX_HW_IV	8
-
-#define MD5_DIGEST_LENGTH	16
-#define MD5_CBLOCK		64
-
-static int fd;
-static int dev_failed;
-
-typedef struct session_op session_op;
-
-#define CDATA(ctx) EVP_C_DATA(session_op,ctx)
-
-static void err(const char *str)
-    {
-    fprintf(stderr,"%s: errno %d\n",str,errno);
-    }
-
-static int dev_crypto_init(session_op *ses)
-    {
-    if(dev_failed)
-	return 0;
-    if(!fd)
-	{
-	int cryptodev_fd;
-
-        if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
-	    {
-	    err("/dev/crypto");
-	    dev_failed=1;
-	    return 0;
-	    }
-        if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
-	    {
-	    err("CRIOGET failed");
-	    close(cryptodev_fd);
-	    dev_failed=1;
-	    return 0;
-	    }
-	close(cryptodev_fd);
-	}
-    assert(ses);
-    memset(ses,'\0',sizeof *ses);
-
-    return 1;
-    }
-
-static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
-    {
-    if(ioctl(fd,CIOCFSESSION,&CDATA(ctx)->ses) == -1)
-	err("CIOCFSESSION failed");
-
-    OPENSSL_free(CDATA(ctx)->key);
-
-    return 1;
-    }
-
-static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
-			       const unsigned char *key,int klen)
-    {
-    if(!dev_crypto_init(CDATA(ctx)))
-	return 0;
-
-    CDATA(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);
-
-    assert(ctx->cipher->iv_len <= MAX_HW_IV);
-
-    memcpy(CDATA(ctx)->key,key,klen);
-    
-    CDATA(ctx)->cipher=cipher;
-    CDATA(ctx)->keylen=klen;
-
-    if (ioctl(fd,CIOCGSESSION,CDATA(ctx)) == -1)
-	{
-	err("CIOCGSESSION failed");
-	return 0;
-	}
-    return 1;
-    }
-
-static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
-			     const unsigned char *in,unsigned int inl)
-    {
-    struct crypt_op cryp;
-    unsigned char lb[MAX_HW_IV];
-
-    if(!inl)
-	return 1;
-
-    assert(CDATA(ctx));
-    assert(!dev_failed);
-
-    memset(&cryp,'\0',sizeof cryp);
-    cryp.ses=CDATA(ctx)->ses;
-    cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-    cryp.flags=0;
-    cryp.len=inl;
-    assert((inl&(ctx->cipher->block_size-1)) == 0);
-    cryp.src=(caddr_t)in;
-    cryp.dst=(caddr_t)out;
-    cryp.mac=0;
-    if(ctx->cipher->iv_len)
-	cryp.iv=(caddr_t)ctx->iv;
-
-    if(!ctx->encrypt)
-	memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
-
-    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
-	{
-	if(errno == EINVAL) /* buffers are misaligned */
-	    {
-	    unsigned int cinl=0;
-	    char *cin=NULL;
-	    char *cout=NULL;
-
-	    /* NB: this can only make cinl != inl with stream ciphers */
-	    cinl=(inl+3)/4*4;
-
-	    if(((unsigned long)in&3) || cinl != inl)
-		{
-		cin=OPENSSL_malloc(cinl);
-		memcpy(cin,in,inl);
-		cryp.src=cin;
-		}
-
-	    if(((unsigned long)out&3) || cinl != inl)
-		{
-		cout=OPENSSL_malloc(cinl);
-		cryp.dst=cout;
-		}
-
-	    cryp.len=cinl;
-
-	    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
-		{
-		err("CIOCCRYPT(2) failed");
-		printf("src=%p dst=%p\n",cryp.src,cryp.dst);
-		abort();
-		return 0;
-		}
-		
-	    if(cout)
-		{
-		memcpy(out,cout,inl);
-		OPENSSL_free(cout);
-		}
-	    if(cin)
-		OPENSSL_free(cin);
-	    }
-	else 
-	    {	    
-	    err("CIOCCRYPT failed");
-	    abort();
-	    return 0;
-	    }
-	}
-
-    if(ctx->encrypt)
-	memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
-    else
-	memcpy(ctx->iv,lb,ctx->cipher->iv_len);
-
-    return 1;
-    }
-
-static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
-					const unsigned char *key,
-					const unsigned char *iv, int enc)
-    { return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }
-
-#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
-
-BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
-		     0, dev_crypto_des_ede3_init_key,
-		     dev_crypto_cleanup, 
-		     EVP_CIPHER_set_asn1_iv,
-		     EVP_CIPHER_get_asn1_iv,
-		     NULL)
-
-static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
-					const unsigned char *key,
-					const unsigned char *iv, int enc)
-    { return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }
-
-static const EVP_CIPHER r4_cipher=
-    {
-    NID_rc4,
-    1,16,0,	/* FIXME: key should be up to 256 bytes */
-    EVP_CIPH_VARIABLE_LENGTH,
-    dev_crypto_rc4_init_key,
-    dev_crypto_cipher,
-    dev_crypto_cleanup,
-    sizeof(session_op),
-    NULL,
-    NULL,
-    NULL
-    };
-
-const EVP_CIPHER *EVP_dev_crypto_rc4(void)
-    { return &r4_cipher; }
-
-typedef struct
-    {
-    session_op sess;
-    char *data;
-    int len;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    } MD_DATA;
-
-static int dev_crypto_init_digest(MD_DATA *md_data,int mac)
-    {
-    if(!dev_crypto_init(&md_data->sess))
-	return 0;
-
-    md_data->len=0;
-    md_data->data=NULL;
-
-    md_data->sess.mac=mac;
-
-    if (ioctl(fd,CIOCGSESSION,&md_data->sess) == -1)
-	{
-	err("CIOCGSESSION failed");
-	return 0;
-	}
-    return 1;
-    }
-
-static int dev_crypto_cleanup_digest(MD_DATA *md_data)
-    {
-    if (ioctl(fd,CIOCFSESSION,&md_data->sess.ses) == -1)
-	{
-	err("CIOCFSESSION failed");
-	return 0;
-	}
-
-    return 1;
-    }
-
-/* FIXME: if device can do chained MACs, then don't accumulate */
-/* FIXME: move accumulation to the framework */
-static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
-    { return dev_crypto_init_digest(ctx->md_data,CRYPTO_MD5); }
-
-static int do_digest(int ses,unsigned char *md,const void *data,int len)
-    {
-    struct crypt_op cryp;
-    static unsigned char md5zero[16]=
-	{
-	0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,
-	0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e
-	};
-
-    /* some cards can't do zero length */
-    if(!len)
-	{
-	memcpy(md,md5zero,16);
-	return 1;
-	}
-
-    memset(&cryp,'\0',sizeof cryp);
-    cryp.ses=ses;
-    cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
-    cryp.len=len;
-    cryp.src=(caddr_t)data;
-    cryp.dst=(caddr_t)data; // FIXME!!!
-    cryp.mac=(caddr_t)md;
-
-    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
-	{
-	if(errno == EINVAL) /* buffer is misaligned */
-	    {
-	    char *dcopy;
-
-	    dcopy=OPENSSL_malloc(len);
-	    memcpy(dcopy,data,len);
-	    cryp.src=dcopy;
-	    cryp.dst=cryp.src; // FIXME!!!
-
-	    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
-		{
-		err("CIOCCRYPT(MAC2) failed");
-		abort();
-		return 0;
-		}
-	    OPENSSL_free(dcopy);
-	    }
-	else
-	    {
-	    err("CIOCCRYPT(MAC) failed");
-	    abort();
-	    return 0;
-	    }
-	}
-    //    printf("done\n");
-
-    return 1;
-    }
-
-static int dev_crypto_md5_update(EVP_MD_CTX *ctx,const void *data,
-				 unsigned long len)
-    {
-    MD_DATA *md_data=ctx->md_data;
-
-    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
-	return do_digest(md_data->sess.ses,md_data->md,data,len);
-
-    md_data->data=OPENSSL_realloc(md_data->data,md_data->len+len);
-    memcpy(md_data->data+md_data->len,data,len);
-    md_data->len+=len;
-
-    return 1;
-    }	
-
-static int dev_crypto_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
-    {
-    int ret;
-    MD_DATA *md_data=ctx->md_data;
-
-    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
-	{
-	memcpy(md,md_data->md,MD5_DIGEST_LENGTH);
-	ret=1;
-	}
-    else
-	{
-	ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len);
-	OPENSSL_free(md_data->data);
-	md_data->data=NULL;
-	md_data->len=0;
-	}
-
-    return ret;
-    }
-
-static int dev_crypto_md5_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
-    {
-    const MD_DATA *from_md=from->md_data;
-    MD_DATA *to_md=to->md_data;
-
-    // How do we copy sessions?
-    assert(from->digest->flags&EVP_MD_FLAG_ONESHOT);
-
-    to_md->data=OPENSSL_malloc(from_md->len);
-    memcpy(to_md->data,from_md->data,from_md->len);
-
-    return 1;
-    }
-
-static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
-    {
-    return dev_crypto_cleanup_digest(ctx->md_data);
-    }
-
-static const EVP_MD md5_md=
-    {
-    NID_md5,
-    NID_md5WithRSAEncryption,
-    MD5_DIGEST_LENGTH,
-    EVP_MD_FLAG_ONESHOT,	// XXX: set according to device info...
-    dev_crypto_md5_init,
-    dev_crypto_md5_update,
-    dev_crypto_md5_final,
-    dev_crypto_md5_copy,
-    dev_crypto_md5_cleanup,
-    EVP_PKEY_RSA_method,
-    MD5_CBLOCK,
-    sizeof(MD_DATA),
-    };
-
-const EVP_MD *EVP_dev_crypto_md5(void)
-    { return &md5_md; }
-
-#endif
-#endif
diff --git a/crypto/openssl/crypto/evp/p5_crpt.c b/crypto/openssl/crypto/evp/p5_crpt.c
deleted file mode 100644
index a1874e83b252..000000000000
--- a/crypto/openssl/crypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* p5_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-
-/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
- */
-
-void PKCS5_PBE_add(void)
-{
-#ifndef OPENSSL_NO_DES
-#  ifndef OPENSSL_NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#endif
-#ifndef OPENSSL_NO_RC2
-#  ifndef OPENSSL_NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#endif
-#ifndef OPENSSL_NO_HMAC
-EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
-#endif
-}
-
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
-			 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
-			 int en_de)
-{
-	EVP_MD_CTX ctx;
-	unsigned char md_tmp[EVP_MAX_MD_SIZE];
-	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-	int i;
-	PBEPARAM *pbe;
-	int saltlen, iter;
-	unsigned char *salt, *pbuf;
-
-	/* Extract useful info from parameter */
-	pbuf = param->value.sequence->data;
-	if (!param || (param->type != V_ASN1_SEQUENCE) ||
-	   !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
-		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	if (!pbe->iter) iter = 1;
-	else iter = ASN1_INTEGER_get (pbe->iter);
-	salt = pbe->salt->data;
-	saltlen = pbe->salt->length;
-
-	if(!pass) passlen = 0;
-	else if(passlen == -1) passlen = strlen(pass);
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_DigestInit_ex(&ctx, md, NULL);
-	EVP_DigestUpdate(&ctx, pass, passlen);
-	EVP_DigestUpdate(&ctx, salt, saltlen);
-	PBEPARAM_free(pbe);
-	EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
-	for (i = 1; i < iter; i++) {
-		EVP_DigestInit_ex(&ctx, md, NULL);
-		EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
-		EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
-	}
-	EVP_MD_CTX_cleanup(&ctx);
-	OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp);
-	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
-	OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
-	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
-						 EVP_CIPHER_iv_length(cipher));
-	EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
-	OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
-	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
-	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
-	return 1;
-}
diff --git a/crypto/openssl/crypto/evp/p5_crpt2.c b/crypto/openssl/crypto/evp/p5_crpt2.c
deleted file mode 100644
index 1f94e1ef88b2..000000000000
--- a/crypto/openssl/crypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* p5_crpt2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-
-/* set this to print out info about the keygen algorithm */
-/* #define DEBUG_PKCS5V2 */
-
-#ifdef DEBUG_PKCS5V2
-	static void h__dump (const unsigned char *p, int len);
-#endif
-
-/* This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2 using the only currently defined function HMAC
- * with SHA1. Verified against test vectors posted by Peter Gutmann
- * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
- */
-
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-			   unsigned char *salt, int saltlen, int iter,
-			   int keylen, unsigned char *out)
-{
-	unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
-	int cplen, j, k, tkeylen;
-	unsigned long i = 1;
-	HMAC_CTX hctx;
-
-	HMAC_CTX_init(&hctx);
-	p = out;
-	tkeylen = keylen;
-	if(!pass) passlen = 0;
-	else if(passlen == -1) passlen = strlen(pass);
-	while(tkeylen) {
-		if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
-		else cplen = tkeylen;
-		/* We are unlikely to ever use more than 256 blocks (5120 bits!)
-		 * but just in case...
-		 */
-		itmp[0] = (unsigned char)((i >> 24) & 0xff);
-		itmp[1] = (unsigned char)((i >> 16) & 0xff);
-		itmp[2] = (unsigned char)((i >> 8) & 0xff);
-		itmp[3] = (unsigned char)(i & 0xff);
-		HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
-		HMAC_Update(&hctx, salt, saltlen);
-		HMAC_Update(&hctx, itmp, 4);
-		HMAC_Final(&hctx, digtmp, NULL);
-		memcpy(p, digtmp, cplen);
-		for(j = 1; j < iter; j++) {
-			HMAC(EVP_sha1(), pass, passlen,
-				 digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
-			for(k = 0; k < cplen; k++) p[k] ^= digtmp[k];
-		}
-		tkeylen-= cplen;
-		i++;
-		p+= cplen;
-	}
-	HMAC_CTX_cleanup(&hctx);
-#ifdef DEBUG_PKCS5V2
-	fprintf(stderr, "Password:\n");
-	h__dump (pass, passlen);
-	fprintf(stderr, "Salt:\n");
-	h__dump (salt, saltlen);
-	fprintf(stderr, "Iteration count %d\n", iter);
-	fprintf(stderr, "Key:\n");
-	h__dump (out, keylen);
-#endif
-	return 1;
-}
-
-#ifdef DO_TEST
-main()
-{
-	unsigned char out[4];
-	unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
-	PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
-	fprintf(stderr, "Out %02X %02X %02X %02X\n",
-					 out[0], out[1], out[2], out[3]);
-}
-
-#endif
-
-/* Now the key derivation function itself. This is a bit evil because
- * it has to check the ASN1 parameters are valid: and there are quite a
- * few of them...
- */
-
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                         ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
-                         int en_de)
-{
-	unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
-	int saltlen, keylen, iter, plen;
-	PBE2PARAM *pbe2 = NULL;
-	const EVP_CIPHER *cipher;
-	PBKDF2PARAM *kdf = NULL;
-
-	pbuf = param->value.sequence->data;
-	plen = param->value.sequence->length;
-	if(!param || (param->type != V_ASN1_SEQUENCE) ||
-				   !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	/* See if we recognise the key derivation function */
-
-	if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-				EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
-		goto err;
-	}
-
-	/* lets see if we recognise the encryption algorithm.
-	 */
-
-	cipher = EVP_get_cipherbyname(
-			OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm)));
-
-	if(!cipher) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-						EVP_R_UNSUPPORTED_CIPHER);
-		goto err;
-	}
-
-	/* Fixup cipher based on AlgorithmIdentifier */
-	EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
-	if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-					EVP_R_CIPHER_PARAMETER_ERROR);
-		goto err;
-	}
-	keylen = EVP_CIPHER_CTX_key_length(ctx);
-	OPENSSL_assert(keylen <= sizeof key);
-
-	/* Now decode key derivation function */
-
-	pbuf = pbe2->keyfunc->parameter->value.sequence->data;
-	plen = pbe2->keyfunc->parameter->value.sequence->length;
-	if(!pbe2->keyfunc->parameter ||
-		 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
-				!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-		goto err;
-	}
-
-	PBE2PARAM_free(pbe2);
-	pbe2 = NULL;
-
-	/* Now check the parameters of the kdf */
-
-	if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-						EVP_R_UNSUPPORTED_KEYLENGTH);
-		goto err;
-	}
-
-	if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
-		goto err;
-	}
-
-	if(kdf->salt->type != V_ASN1_OCTET_STRING) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-						EVP_R_UNSUPPORTED_SALT_TYPE);
-		goto err;
-	}
-
-	/* it seems that its all OK */
-	salt = kdf->salt->value.octet_string->data;
-	saltlen = kdf->salt->value.octet_string->length;
-	iter = ASN1_INTEGER_get(kdf->iter);
-	PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
-	EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
-	OPENSSL_cleanse(key, keylen);
-	PBKDF2PARAM_free(kdf);
-	return 1;
-
-	err:
-	PBE2PARAM_free(pbe2);
-	PBKDF2PARAM_free(kdf);
-	return 0;
-}
-
-#ifdef DEBUG_PKCS5V2
-static void h__dump (const unsigned char *p, int len)
-{
-        for (; len --; p++) fprintf(stderr, "%02X ", *p);
-        fprintf(stderr, "\n");
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/evp/p_dec.c b/crypto/openssl/crypto/evp/p_dec.c
deleted file mode 100644
index 8af620400e28..000000000000
--- a/crypto/openssl/crypto/evp/p_dec.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/evp/p_dec.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,
-	     EVP_PKEY *priv)
-	{
-	int ret= -1;
-	
-#ifndef OPENSSL_NO_RSA
-	if (priv->type != EVP_PKEY_RSA)
-		{
-#endif
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-		goto err;
-                }
-
-	ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
-err:
-#endif
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/evp/p_enc.c b/crypto/openssl/crypto/evp/p_enc.c
deleted file mode 100644
index 656883b9968c..000000000000
--- a/crypto/openssl/crypto/evp/p_enc.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* crypto/evp/p_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len,
-	     EVP_PKEY *pubk)
-	{
-	int ret=0;
-	
-#ifndef OPENSSL_NO_RSA
-	if (pubk->type != EVP_PKEY_RSA)
-		{
-#endif
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-		goto err;
-		}
-	ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
-err:
-#endif
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/evp/p_lib.c b/crypto/openssl/crypto/evp/p_lib.c
deleted file mode 100644
index 215b94292aae..000000000000
--- a/crypto/openssl/crypto/evp/p_lib.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* crypto/evp/p_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-static void EVP_PKEY_free_it(EVP_PKEY *x);
-
-int EVP_PKEY_bits(EVP_PKEY *pkey)
-	{
-#ifndef OPENSSL_NO_RSA
-	if (pkey->type == EVP_PKEY_RSA)
-		return(BN_num_bits(pkey->pkey.rsa->n));
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		return(BN_num_bits(pkey->pkey.dsa->p));
-#endif
-	return(0);
-	}
-
-int EVP_PKEY_size(EVP_PKEY *pkey)
-	{
-	if (pkey == NULL)
-		return(0);
-#ifndef OPENSSL_NO_RSA
-	if (pkey->type == EVP_PKEY_RSA)
-		return(RSA_size(pkey->pkey.rsa));
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		return(DSA_size(pkey->pkey.dsa));
-#endif
-	return(0);
-	}
-
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
-	{
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA)
-		{
-		int ret=pkey->save_parameters;
-
-		if (mode >= 0)
-			pkey->save_parameters=mode;
-		return(ret);
-		}
-#endif
-	return(0);
-	}
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
-	{
-	if (to->type != from->type)
-		{
-		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
-		goto err;
-		}
-
-	if (EVP_PKEY_missing_parameters(from))
-		{
-		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
-		goto err;
-		}
-#ifndef OPENSSL_NO_DSA
-	if (to->type == EVP_PKEY_DSA)
-		{
-		BIGNUM *a;
-
-		if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
-		if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
-		to->pkey.dsa->p=a;
-
-		if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
-		if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
-		to->pkey.dsa->q=a;
-
-		if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
-		if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
-		to->pkey.dsa->g=a;
-		}
-#endif
-	return(1);
-err:
-	return(0);
-	}
-
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
-	{
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA)
-		{
-		DSA *dsa;
-
-		dsa=pkey->pkey.dsa;
-		if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
-			return(1);
-		}
-#endif
-	return(0);
-	}
-
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
-	{
-#ifndef OPENSSL_NO_DSA
-	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
-		{
-		if (	BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
-			BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
-			BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
-			return(0);
-		else
-			return(1);
-		}
-#endif
-	return(-1);
-	}
-
-EVP_PKEY *EVP_PKEY_new(void)
-	{
-	EVP_PKEY *ret;
-
-	ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
-	if (ret == NULL)
-		{
-		EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	ret->type=EVP_PKEY_NONE;
-	ret->references=1;
-	ret->pkey.ptr=NULL;
-	ret->attributes=NULL;
-	ret->save_parameters=1;
-	return(ret);
-	}
-
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
-	{
-	if (pkey == NULL) return(0);
-	if (pkey->pkey.ptr != NULL)
-		EVP_PKEY_free_it(pkey);
-	pkey->type=EVP_PKEY_type(type);
-	pkey->save_type=type;
-	pkey->pkey.ptr=key;
-	return(key != NULL);
-	}
-
-#ifndef OPENSSL_NO_RSA
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
-{
-	int ret = EVP_PKEY_assign_RSA(pkey, key);
-	if(ret)
-		RSA_up_ref(key);
-	return ret;
-}
-
-RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
-	{
-	if(pkey->type != EVP_PKEY_RSA) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
-		return NULL;
-	}
-	RSA_up_ref(pkey->pkey.rsa);
-	return pkey->pkey.rsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
-{
-	int ret = EVP_PKEY_assign_DSA(pkey, key);
-	if(ret)
-		DSA_up_ref(key);
-	return ret;
-}
-
-DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
-	{
-	if(pkey->type != EVP_PKEY_DSA) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
-		return NULL;
-	}
-	DSA_up_ref(pkey->pkey.dsa);
-	return pkey->pkey.dsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
-{
-	int ret = EVP_PKEY_assign_DH(pkey, key);
-	if(ret)
-		DH_up_ref(key);
-	return ret;
-}
-
-DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
-	{
-	if(pkey->type != EVP_PKEY_DH) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
-		return NULL;
-	}
-	DH_up_ref(pkey->pkey.dh);
-	return pkey->pkey.dh;
-}
-#endif
-
-int EVP_PKEY_type(int type)
-	{
-	switch (type)
-		{
-	case EVP_PKEY_RSA:
-	case EVP_PKEY_RSA2:
-		return(EVP_PKEY_RSA);
-	case EVP_PKEY_DSA:
-	case EVP_PKEY_DSA1:
-	case EVP_PKEY_DSA2:
-	case EVP_PKEY_DSA3:
-	case EVP_PKEY_DSA4:
-		return(EVP_PKEY_DSA);
-	case EVP_PKEY_DH:
-		return(EVP_PKEY_DH);
-	default:
-		return(NID_undef);
-		}
-	}
-
-void EVP_PKEY_free(EVP_PKEY *x)
-	{
-	int i;
-
-	if (x == NULL) return;
-
-	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-	REF_PRINT("EVP_PKEY",x);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
-		abort();
-		}
-#endif
-	EVP_PKEY_free_it(x);
-	OPENSSL_free(x);
-	}
-
-static void EVP_PKEY_free_it(EVP_PKEY *x)
-	{
-	switch (x->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-	case EVP_PKEY_RSA2:
-		RSA_free(x->pkey.rsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-	case EVP_PKEY_DSA2:
-	case EVP_PKEY_DSA3:
-	case EVP_PKEY_DSA4:
-		DSA_free(x->pkey.dsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case EVP_PKEY_DH:
-		DH_free(x->pkey.dh);
-		break;
-#endif
-		}
-	}
-
diff --git a/crypto/openssl/crypto/evp/p_open.c b/crypto/openssl/crypto/evp/p_open.c
deleted file mode 100644
index 5a933d1cda38..000000000000
--- a/crypto/openssl/crypto/evp/p_open.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/evp/p_open.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,
-	     int ekl, unsigned char *iv, EVP_PKEY *priv)
-	{
-	unsigned char *key=NULL;
-	int i,size=0,ret=0;
-
-	if(type) {	
-		EVP_CIPHER_CTX_init(ctx);
-		if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
-	}
-
-	if(!priv) return 1;
-
-	if (priv->type != EVP_PKEY_RSA)
-		{
-		EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
-		goto err;
-                }
-
-	size=RSA_size(priv->pkey.rsa);
-	key=(unsigned char *)OPENSSL_malloc(size+2);
-	if (key == NULL)
-		{
-		/* ERROR */
-		EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	i=EVP_PKEY_decrypt(key,ek,ekl,priv);
-	if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
-		{
-		/* ERROR */
-		goto err;
-		}
-	if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
-
-	ret=1;
-err:
-	if (key != NULL) OPENSSL_cleanse(key,size);
-	OPENSSL_free(key);
-	return(ret);
-	}
-
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int i;
-
-	i=EVP_DecryptFinal_ex(ctx,out,outl);
-	EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
-	return(i);
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# ifdef PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/evp/p_seal.c b/crypto/openssl/crypto/evp/p_seal.c
deleted file mode 100644
index 37e547fe7276..000000000000
--- a/crypto/openssl/crypto/evp/p_seal.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/evp/p_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
-	     int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
-	{
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int i;
-	
-	if(type) {
-		EVP_CIPHER_CTX_init(ctx);
-		if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
-	}
-	if ((npubk <= 0) || !pubk)
-		return 1;
-	if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
-		return 0;
-	if (EVP_CIPHER_CTX_iv_length(ctx))
-		RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
-
-	if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
-
-	for (i=0; i<npubk; i++)
-		{
-		ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
-			pubk[i]);
-		if (ekl[i] <= 0) return(-1);
-		}
-	return(npubk);
-	}
-
-/* MACRO
-void EVP_SealUpdate(ctx,out,outl,in,inl)
-EVP_CIPHER_CTX *ctx;
-unsigned char *out;
-int *outl;
-unsigned char *in;
-int inl;
-	{
-	EVP_EncryptUpdate(ctx,out,outl,in,inl);
-	}
-*/
-
-int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-	{
-	int i;
-	i = EVP_EncryptFinal_ex(ctx,out,outl);
-	EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
-	return i;
-	}
diff --git a/crypto/openssl/crypto/evp/p_sign.c b/crypto/openssl/crypto/evp/p_sign.c
deleted file mode 100644
index e4ae5906f557..000000000000
--- a/crypto/openssl/crypto/evp/p_sign.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/evp/p_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifdef undef
-void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
-	{
-	EVP_DigestInit_ex(ctx,type);
-	}
-
-void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
-	     unsigned int count)
-	{
-	EVP_DigestUpdate(ctx,data,count);
-	}
-#endif
-
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
-	     EVP_PKEY *pkey)
-	{
-	unsigned char m[EVP_MAX_MD_SIZE];
-	unsigned int m_len;
-	int i,ok=0,v;
-	MS_STATIC EVP_MD_CTX tmp_ctx;
-
-	*siglen=0;
-	EVP_MD_CTX_init(&tmp_ctx);
-	EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);   
-	EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
-	EVP_MD_CTX_cleanup(&tmp_ctx);
-	for (i=0; i<4; i++)
-		{
-		v=ctx->digest->required_pkey_type[i];
-		if (v == 0) break;
-		if (pkey->type == v)
-			{
-			ok=1;
-			break;
-			}
-		}
-	if (!ok)
-		{
-		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
-		return(0);
-		}
-	if (ctx->digest->sign == NULL)
-		{
-		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
-		return(0);
-		}
-	return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
-		pkey->pkey.ptr));
-	}
-
diff --git a/crypto/openssl/crypto/evp/p_verify.c b/crypto/openssl/crypto/evp/p_verify.c
deleted file mode 100644
index d854d743a5e7..000000000000
--- a/crypto/openssl/crypto/evp/p_verify.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/evp/p_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf,
-	     unsigned int siglen, EVP_PKEY *pkey)
-	{
-	unsigned char m[EVP_MAX_MD_SIZE];
-	unsigned int m_len;
-	int i,ok=0,v;
-	MS_STATIC EVP_MD_CTX tmp_ctx;
-
-	for (i=0; i<4; i++)
-		{
-		v=ctx->digest->required_pkey_type[i];
-		if (v == 0) break;
-		if (pkey->type == v)
-			{
-			ok=1;
-			break;
-			}
-		}
-	if (!ok)
-		{
-		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
-		return(-1);
-		}
-	EVP_MD_CTX_init(&tmp_ctx);
-	EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);     
-	EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
-	EVP_MD_CTX_cleanup(&tmp_ctx);
-        if (ctx->digest->verify == NULL)
-                {
-		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
-		return(0);
-		}
-
-	return(ctx->digest->verify(ctx->digest->type,m,m_len,
-		sigbuf,siglen,pkey->pkey.ptr));
-	}
-
diff --git a/crypto/openssl/crypto/ex_data.c b/crypto/openssl/crypto/ex_data.c
deleted file mode 100644
index 5b2e345c27b7..000000000000
--- a/crypto/openssl/crypto/ex_data.c
+++ /dev/null
@@ -1,636 +0,0 @@
-/* crypto/ex_data.c */
-
-/*
- * Overhaul notes;
- *
- * This code is now *mostly* thread-safe. It is now easier to understand in what
- * ways it is safe and in what ways it is not, which is an improvement. Firstly,
- * all per-class stacks and index-counters for ex_data are stored in the same
- * global LHASH table (keyed by class). This hash table uses locking for all
- * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
- * called when no other threads can possibly race against it (even if it was
- * locked, the race would mean it's possible the hash table might have been
- * recreated after the cleanup). As classes can only be added to the hash table,
- * and within each class, the stack of methods can only be incremented, the
- * locking mechanics are simpler than they would otherwise be. For example, the
- * new/dup/free ex_data functions will lock the hash table, copy the method
- * pointers it needs from the relevant class, then unlock the hash table before
- * actually applying those method pointers to the task of the new/dup/free
- * operations. As they can't be removed from the method-stack, only
- * supplemented, there's no race conditions associated with using them outside
- * the lock. The get/set_ex_data functions are not locked because they do not
- * involve this global state at all - they operate directly with a previously
- * obtained per-class method index and a particular "ex_data" variable. These
- * variables are usually instantiated per-context (eg. each RSA structure has
- * one) so locking on read/write access to that variable can be locked locally
- * if required (eg. using the "RSA" lock to synchronise access to a
- * per-RSA-structure ex_data variable if required).
- * [Geoff]
- */
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include "cryptlib.h"
-
-/* What an "implementation of ex_data functionality" looks like */
-struct st_CRYPTO_EX_DATA_IMPL
-	{
-	/*********************/
-	/* GLOBAL OPERATIONS */
-	/* Return a new class index */
-	int (*cb_new_class)(void);
-	/* Cleanup all state used by the implementation */
-	void (*cb_cleanup)(void);
-	/************************/
-	/* PER-CLASS OPERATIONS */
-	/* Get a new method index within a class */
-	int (*cb_get_new_index)(int class_index, long argl, void *argp,
-			CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-			CRYPTO_EX_free *free_func);
-	/* Initialise a new CRYPTO_EX_DATA of a given class */
-	int (*cb_new_ex_data)(int class_index, void *obj,
-			CRYPTO_EX_DATA *ad);
-	/* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
-	int (*cb_dup_ex_data)(int class_index, CRYPTO_EX_DATA *to,
-			CRYPTO_EX_DATA *from);
-	/* Cleanup a CRYPTO_EX_DATA of a given class */
-	void (*cb_free_ex_data)(int class_index, void *obj,
-			CRYPTO_EX_DATA *ad);
-	};
-
-/* The implementation we use at run-time */
-static const CRYPTO_EX_DATA_IMPL *impl = NULL;
-
-/* To call "impl" functions, use this macro rather than referring to 'impl' directly, eg.
- * EX_IMPL(get_new_index)(...); */
-#define EX_IMPL(a) impl->cb_##a
-
-/* Predeclare the "default" ex_data implementation */
-static int int_new_class(void);
-static void int_cleanup(void);
-static int int_get_new_index(int class_index, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-static int int_new_ex_data(int class_index, void *obj,
-		CRYPTO_EX_DATA *ad);
-static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-		CRYPTO_EX_DATA *from);
-static void int_free_ex_data(int class_index, void *obj,
-		CRYPTO_EX_DATA *ad);
-static CRYPTO_EX_DATA_IMPL impl_default =
-	{
-	int_new_class,
-	int_cleanup,
-	int_get_new_index,
-	int_new_ex_data,
-	int_dup_ex_data,
-	int_free_ex_data
-	};
-
-/* Internal function that checks whether "impl" is set and if not, sets it to
- * the default. */
-static void impl_check(void)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if(!impl)
-		impl = &impl_default;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	}
-/* A macro wrapper for impl_check that first uses a non-locked test before
- * invoking the function (which checks again inside a lock). */
-#define IMPL_CHECK if(!impl) impl_check();
-
-/* API functions to get/set the "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void)
-	{
-	IMPL_CHECK
-	return impl;
-	}
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i)
-	{
-	int toret = 0;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if(!impl)
-		{
-		impl = i;
-		toret = 1;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-	}
-
-/****************************************************************************/
-/* Interal (default) implementation of "ex_data" support. API functions are
- * further down. */
-
-/* The type that represents what each "class" used to implement locally. A STACK
- * of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is the global
- * value representing the class that is used to distinguish these items. */
-typedef struct st_ex_class_item {
-	int class_index;
-	STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
-	int meth_num;
-} EX_CLASS_ITEM;
-
-/* When assigning new class indexes, this is our counter */
-static int ex_class = CRYPTO_EX_INDEX_USER;
-
-/* The global hash table of EX_CLASS_ITEM items */
-static LHASH *ex_data = NULL;
-
-/* The callbacks required in the "ex_data" hash table */
-static unsigned long ex_hash_cb(const void *a_void)
-	{
-	return ((const EX_CLASS_ITEM *)a_void)->class_index;
-	}
-static int ex_cmp_cb(const void *a_void, const void *b_void)
-	{
-	return (((const EX_CLASS_ITEM *)a_void)->class_index -
-		((const EX_CLASS_ITEM *)b_void)->class_index);
-	}
-
-/* Internal functions used by the "impl_default" implementation to access the
- * state */
-
-static int ex_data_check(void)
-	{
-	int toret = 1;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if(!ex_data && ((ex_data = lh_new(ex_hash_cb, ex_cmp_cb)) == NULL))
-		toret = 0;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-	}
-/* This macros helps reduce the locking from repeated checks because the
- * ex_data_check() function checks ex_data again inside a lock. */
-#define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
-
-/* This "inner" callback is used by the callback function that follows it */
-static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs)
-	{
-	OPENSSL_free(funcs);
-	}
-
-/* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
- * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do
- * any locking. */
-static void def_cleanup_cb(const void *a_void)
-	{
-	EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void;
-	sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb);
-	OPENSSL_free(item);
-	}
-
-/* Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to a
- * given class. Handles locking. */
-static EX_CLASS_ITEM *def_get_class(int class_index)
-	{
-	EX_CLASS_ITEM d, *p, *gen;
-	EX_DATA_CHECK(return NULL;)
-	d.class_index = class_index;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	p = lh_retrieve(ex_data, &d);
-	if(!p)
-		{
-		gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
-		if(gen)
-			{
-			gen->class_index = class_index;
-			gen->meth_num = 0;
-			gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null();
-			if(!gen->meth)
-				OPENSSL_free(gen);
-			else
-				{
-				/* Because we're inside the ex_data lock, the
-				 * return value from the insert will be NULL */
-				lh_insert(ex_data, gen);
-				p = gen;
-				}
-			}
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	if(!p)
-		CRYPTOerr(CRYPTO_F_DEF_GET_CLASS,ERR_R_MALLOC_FAILURE);
-	return p;
-	}
-
-/* Add a new method to the given EX_CLASS_ITEM and return the corresponding
- * index (or -1 for error). Handles locking. */
-static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func)
-	{
-	int toret = -1;
-	CRYPTO_EX_DATA_FUNCS *a = (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(
-					sizeof(CRYPTO_EX_DATA_FUNCS));
-	if(!a)
-		{
-		CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX,ERR_R_MALLOC_FAILURE);
-		return -1;
-		}
-	a->argl=argl;
-	a->argp=argp;
-	a->new_func=new_func;
-	a->dup_func=dup_func;
-	a->free_func=free_func;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	while (sk_CRYPTO_EX_DATA_FUNCS_num(item->meth) <= item->meth_num)
-		{
-		if (!sk_CRYPTO_EX_DATA_FUNCS_push(item->meth, NULL))
-			{
-			CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX,ERR_R_MALLOC_FAILURE);
-			OPENSSL_free(a);
-			goto err;
-			}
-		}
-	toret = item->meth_num++;
-	sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
-err:
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-	}
-
-/**************************************************************/
-/* The functions in the default CRYPTO_EX_DATA_IMPL structure */
-
-static int int_new_class(void)
-	{
-	int toret;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	toret = ex_class++;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-	}
-
-static void int_cleanup(void)
-	{
-	EX_DATA_CHECK(return;)
-	lh_doall(ex_data, def_cleanup_cb);
-	lh_free(ex_data);
-	ex_data = NULL;
-	impl = NULL;
-	}
-
-static int int_get_new_index(int class_index, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func)
-	{
-	EX_CLASS_ITEM *item = def_get_class(class_index);
-	if(!item)
-		return -1;
-	return def_add_index(item, argl, argp, new_func, dup_func, free_func);
-	}
-
-/* Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries in
- * the lock, then using them outside the lock. NB: Thread-safety only applies to
- * the global "ex_data" state (ie. class definitions), not thread-safe on 'ad'
- * itself. */
-static int int_new_ex_data(int class_index, void *obj,
-		CRYPTO_EX_DATA *ad)
-	{
-	int mx,i;
-	void *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	EX_CLASS_ITEM *item = def_get_class(class_index);
-	if(!item)
-		/* error is already set */
-		return 0;
-	ad->sk = NULL;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	if(mx > 0)
-		{
-		storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if(!storage)
-			goto skip;
-		for(i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth,i);
-		}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if((mx > 0) && !storage)
-		{
-		CRYPTOerr(CRYPTO_F_INT_NEW_EX_DATA,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	for(i = 0; i < mx; i++)
-		{
-		if(storage[i] && storage[i]->new_func)
-			{
-			ptr = CRYPTO_get_ex_data(ad, i);
-			storage[i]->new_func(obj,ptr,ad,i,
-				storage[i]->argl,storage[i]->argp);
-			}
-		}
-	if(storage)
-		OPENSSL_free(storage);
-	return 1;
-	}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-		CRYPTO_EX_DATA *from)
-	{
-	int mx, j, i;
-	char *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	EX_CLASS_ITEM *item;
-	if(!from->sk)
-		/* 'to' should be "blank" which *is* just like 'from' */
-		return 1;
-	if((item = def_get_class(class_index)) == NULL)
-		return 0;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	j = sk_num(from->sk);
-	if(j < mx)
-		mx = j;
-	if(mx > 0)
-		{
-		storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if(!storage)
-			goto skip;
-		for(i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth,i);
-		}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if((mx > 0) && !storage)
-		{
-		CRYPTOerr(CRYPTO_F_INT_DUP_EX_DATA,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	for(i = 0; i < mx; i++)
-		{
-		ptr = CRYPTO_get_ex_data(from, i);
-		if(storage[i] && storage[i]->dup_func)
-			storage[i]->dup_func(to,from,&ptr,i,
-				storage[i]->argl,storage[i]->argp);
-		CRYPTO_set_ex_data(to,i,ptr);
-		}
-	if(storage)
-		OPENSSL_free(storage);
-	return 1;
-	}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static void int_free_ex_data(int class_index, void *obj,
-		CRYPTO_EX_DATA *ad)
-	{
-	int mx,i;
-	EX_CLASS_ITEM *item;
-	void *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	if((item = def_get_class(class_index)) == NULL)
-		return;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	if(mx > 0)
-		{
-		storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if(!storage)
-			goto skip;
-		for(i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth,i);
-		}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if((mx > 0) && !storage)
-		{
-		CRYPTOerr(CRYPTO_F_INT_FREE_EX_DATA,ERR_R_MALLOC_FAILURE);
-		return;
-		}
-	for(i = 0; i < mx; i++)
-		{
-		if(storage[i] && storage[i]->free_func)
-			{
-			ptr = CRYPTO_get_ex_data(ad,i);
-			storage[i]->free_func(obj,ptr,ad,i,
-				storage[i]->argl,storage[i]->argp);
-			}
-		}
-	if(storage)
-		OPENSSL_free(storage);
-	if(ad->sk)
-		{
-		sk_free(ad->sk);
-		ad->sk=NULL;
-		}
-	}
-
-/********************************************************************/
-/* API functions that defer all "state" operations to the "ex_data"
- * implementation we have set. */
-
-/* Obtain an index for a new class (not the same as getting a new index within
- * an existing class - this is actually getting a new *class*) */
-int CRYPTO_ex_data_new_class(void)
-	{
-	IMPL_CHECK
-	return EX_IMPL(new_class)();
-	}
-
-/* Release all "ex_data" state to prevent memory leaks. This can't be made
- * thread-safe without overhauling a lot of stuff, and shouldn't really be
- * called under potential race-conditions anyway (it's for program shutdown
- * after all). */
-void CRYPTO_cleanup_all_ex_data(void)
-	{
-	IMPL_CHECK
-	EX_IMPL(cleanup)();
-	}
-
-/* Inside an existing class, get/register a new index. */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func)
-	{
-	int ret = -1;
-
-	IMPL_CHECK
-	ret = EX_IMPL(get_new_index)(class_index,
-			argl, argp, new_func, dup_func, free_func);
-	return ret;
-	}
-
-/* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
- * calling new() callbacks for each index in the class used by this variable */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-	{
-	IMPL_CHECK
-	return EX_IMPL(new_ex_data)(class_index, obj, ad);
-	}
-
-/* Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks for
- * each index in the class used by this variable */
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-	     CRYPTO_EX_DATA *from)
-	{
-	IMPL_CHECK
-	return EX_IMPL(dup_ex_data)(class_index, to, from);
-	}
-
-/* Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
- * each index in the class used by this variable */
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-	{
-	IMPL_CHECK
-	EX_IMPL(free_ex_data)(class_index, obj, ad);
-	}
-
-/* For a given CRYPTO_EX_DATA variable, set the value corresponding to a
- * particular index in the class used by this variable */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
-	{
-	int i;
-
-	if (ad->sk == NULL)
-		{
-		if ((ad->sk=sk_new_null()) == NULL)
-			{
-			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		}
-	i=sk_num(ad->sk);
-
-	while (i <= idx)
-		{
-		if (!sk_push(ad->sk,NULL))
-			{
-			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		i++;
-		}
-	sk_set(ad->sk,idx,val);
-	return(1);
-	}
-
-/* For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
- * particular index in the class used by this variable */
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
-	{
-	if (ad->sk == NULL)
-		return(0);
-	else if (idx >= sk_num(ad->sk))
-		return(0);
-	else
-		return(sk_value(ad->sk,idx));
-	}
-
-IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/crypto/openssl/crypto/hmac/Makefile.save b/crypto/openssl/crypto/hmac/Makefile.save
deleted file mode 100644
index ed3c8c64d1ca..000000000000
--- a/crypto/openssl/crypto/hmac/Makefile.save
+++ /dev/null
@@ -1,96 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	hmac
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=hmactest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=hmac.c
-LIBOBJ=hmac.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= hmac.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-hmac.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hmac.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-hmac.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-hmac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-hmac.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
-hmac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
-hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/hmac/Makefile.ssl b/crypto/openssl/crypto/hmac/Makefile.ssl
deleted file mode 100644
index d48df0597e02..000000000000
--- a/crypto/openssl/crypto/hmac/Makefile.ssl
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	hmac
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=hmactest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=hmac.c
-LIBOBJ=hmac.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= hmac.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-hmac.o: ../cryptlib.h hmac.c
diff --git a/crypto/openssl/crypto/hmac/hmac.c b/crypto/openssl/crypto/hmac/hmac.c
deleted file mode 100644
index 4c91f919d56d..000000000000
--- a/crypto/openssl/crypto/hmac/hmac.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* crypto/hmac/hmac.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/hmac.h>
-#include "cryptlib.h"
-
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-		  const EVP_MD *md, ENGINE *impl)
-	{
-	int i,j,reset=0;
-	unsigned char pad[HMAC_MAX_MD_CBLOCK];
-
-	if (md != NULL)
-		{
-		reset=1;
-		ctx->md=md;
-		}
-	else
-		md=ctx->md;
-
-	if (key != NULL)
-		{
-		reset=1;
-		j=EVP_MD_block_size(md);
-		OPENSSL_assert(j <= sizeof ctx->key);
-		if (j < len)
-			{
-			EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
-			EVP_DigestUpdate(&ctx->md_ctx,key,len);
-			EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
-				&ctx->key_length);
-			}
-		else
-			{
-			OPENSSL_assert(len <= sizeof ctx->key);
-			memcpy(ctx->key,key,len);
-			ctx->key_length=len;
-			}
-		if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
-			memset(&ctx->key[ctx->key_length], 0,
-				HMAC_MAX_MD_CBLOCK - ctx->key_length);
-		}
-
-	if (reset)	
-		{
-		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
-			pad[i]=0x36^ctx->key[i];
-		EVP_DigestInit_ex(&ctx->i_ctx,md, impl);
-		EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
-
-		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
-			pad[i]=0x5c^ctx->key[i];
-		EVP_DigestInit_ex(&ctx->o_ctx,md, impl);
-		EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
-		}
-	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx);
-	}
-
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-	       const EVP_MD *md)
-	{
-	if(key && md)
-	    HMAC_CTX_init(ctx);
-	HMAC_Init_ex(ctx,key,len,md, NULL);
-	}
-
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
-	{
-	EVP_DigestUpdate(&ctx->md_ctx,data,len);
-	}
-
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
-	{
-	int j;
-	unsigned int i;
-	unsigned char buf[EVP_MAX_MD_SIZE];
-
-	j=EVP_MD_block_size(ctx->md);
-
-	EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
-	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
-	EVP_DigestUpdate(&ctx->md_ctx,buf,i);
-	EVP_DigestFinal_ex(&ctx->md_ctx,md,len);
-	}
-
-void HMAC_CTX_init(HMAC_CTX *ctx)
-	{
-	EVP_MD_CTX_init(&ctx->i_ctx);
-	EVP_MD_CTX_init(&ctx->o_ctx);
-	EVP_MD_CTX_init(&ctx->md_ctx);
-	}
-
-void HMAC_CTX_cleanup(HMAC_CTX *ctx)
-	{
-	EVP_MD_CTX_cleanup(&ctx->i_ctx);
-	EVP_MD_CTX_cleanup(&ctx->o_ctx);
-	EVP_MD_CTX_cleanup(&ctx->md_ctx);
-	memset(ctx,0,sizeof *ctx);
-	}
-
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-		    const unsigned char *d, int n, unsigned char *md,
-		    unsigned int *md_len)
-	{
-	HMAC_CTX c;
-	static unsigned char m[EVP_MAX_MD_SIZE];
-
-	if (md == NULL) md=m;
-	HMAC_CTX_init(&c);
-	HMAC_Init(&c,key,key_len,evp_md);
-	HMAC_Update(&c,d,n);
-	HMAC_Final(&c,md,md_len);
-	HMAC_CTX_cleanup(&c);
-	return(md);
-	}
-
diff --git a/crypto/openssl/crypto/hmac/hmac.h b/crypto/openssl/crypto/hmac/hmac.h
deleted file mode 100644
index 0364a1fcbd93..000000000000
--- a/crypto/openssl/crypto/hmac/hmac.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/hmac/hmac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-#define HEADER_HMAC_H
-
-#ifdef OPENSSL_NO_HMAC
-#error HMAC is disabled.
-#endif
-
-#include <openssl/evp.h>
-
-#define HMAC_MAX_MD_CBLOCK	64
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st
-	{
-	const EVP_MD *md;
-	EVP_MD_CTX md_ctx;
-	EVP_MD_CTX i_ctx;
-	EVP_MD_CTX o_ctx;
-	unsigned int key_length;
-	unsigned char key[HMAC_MAX_MD_CBLOCK];
-	} HMAC_CTX;
-
-#define HMAC_size(e)	(EVP_MD_size((e)->md))
-
-
-void HMAC_CTX_init(HMAC_CTX *ctx);
-void HMAC_CTX_cleanup(HMAC_CTX *ctx);
-
-#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
-
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-	       const EVP_MD *md); /* deprecated */
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-		  const EVP_MD *md, ENGINE *impl);
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-		    const unsigned char *d, int n, unsigned char *md,
-		    unsigned int *md_len);
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/hmac/hmactest.c b/crypto/openssl/crypto/hmac/hmactest.c
deleted file mode 100644
index 1b906b81afb7..000000000000
--- a/crypto/openssl/crypto/hmac/hmactest.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* crypto/hmac/hmactest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_HMAC
-int main(int argc, char *argv[])
-{
-    printf("No HMAC support\n");
-    return(0);
-}
-#else
-#include <openssl/hmac.h>
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-#ifndef OPENSSL_NO_MD5
-static struct test_st
-	{
-	unsigned char key[16];
-	int key_len;
-	unsigned char data[64];
-	int data_len;
-	unsigned char *digest;
-	} test[4]={
-	{	"",
-		0,
-		"More text test vectors to stuff up EBCDIC machines :-)",
-		54,
-		(unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
-	},{	{0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
-		 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,},
-		16,
-		"Hi There",
-		8,
-		(unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
-	},{	"Jefe",
-		4,
-		"what do ya want for nothing?",
-		28,
-		(unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
-	},{
-		{0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,
-		 0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,},
-		16,
-		{0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
-		 0xdd,0xdd},
-		50,
-		(unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
-	},
-	};
-#endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-#ifndef OPENSSL_NO_MD5
-	int i;
-	char *p;
-#endif
-	int err=0;
-
-#ifdef OPENSSL_NO_MD5
-	printf("test skipped: MD5 disabled\n");
-#else
-
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
-	ebcdic2ascii(test[1].data, test[1].data, test[1].data_len);
-	ebcdic2ascii(test[2].key,  test[2].key,  test[2].key_len);
-	ebcdic2ascii(test[2].data, test[2].data, test[2].data_len);
-#endif
-
-	for (i=0; i<4; i++)
-		{
-		p=pt(HMAC(EVP_md5(),
-			test[i].key, test[i].key_len,
-			test[i].data, test[i].data_len,
-			NULL,NULL));
-
-		if (strcmp(p,(char *)test[i].digest) != 0)
-			{
-			printf("error calculating HMAC on %d entry'\n",i);
-			printf("got %s instead of %s\n",p,test[i].digest);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		}
-#endif /* OPENSSL_NO_MD5 */
-	EXIT(err);
-	return(0);
-	}
-
-#ifndef OPENSSL_NO_MD5
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<MD5_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/idea/Makefile.save b/crypto/openssl/crypto/idea/Makefile.save
deleted file mode 100644
index d29bcd687460..000000000000
--- a/crypto/openssl/crypto/idea/Makefile.save
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/idea/Makefile
-#
-
-DIR=	idea
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ideatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
-LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= idea.h
-HEADER=	idea_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cbc.o: idea_lcl.h
-i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cfb64.o: idea_lcl.h
-i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ecb.o: ../../include/openssl/opensslv.h idea_lcl.h
-i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ofb64.o: idea_lcl.h
-i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_skey.o: idea_lcl.h
diff --git a/crypto/openssl/crypto/idea/Makefile.ssl b/crypto/openssl/crypto/idea/Makefile.ssl
deleted file mode 100644
index ca4b76fc2f4a..000000000000
--- a/crypto/openssl/crypto/idea/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/idea/Makefile
-#
-
-DIR=	idea
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ideatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
-LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= idea.h
-HEADER=	idea_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cbc.o: i_cbc.c idea_lcl.h
-i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cfb64.o: i_cfb64.c idea_lcl.h
-i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
-i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ofb64.o: i_ofb64.c idea_lcl.h
-i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_skey.o: i_skey.c idea_lcl.h
diff --git a/crypto/openssl/crypto/idea/Makefile.uni b/crypto/openssl/crypto/idea/Makefile.uni
deleted file mode 100644
index c83339ad6d45..000000000000
--- a/crypto/openssl/crypto/idea/Makefile.uni
+++ /dev/null
@@ -1,73 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-
-DIR=    cast
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-IDEA_ENC=i_cbc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ideatest
-APPS=idea_spd
-
-LIB=libidea.a
-LIBSRC=i_skey.c i_ecb.c i_cbc.c i_cfb64.c i_ofb64.c
-LIBOBJ=i_skey.o i_ecb.o $(IDEA_ENC) i_cfb64.o i_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= idea.h
-HEADER= idea_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/idea/i_cbc.c b/crypto/openssl/crypto/idea/i_cbc.c
deleted file mode 100644
index ecb9cb8b8367..000000000000
--- a/crypto/openssl/crypto/idea/i_cbc.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* crypto/idea/i_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt)
-	{
-	register unsigned long tin0,tin1;
-	register unsigned long tout0,tout1,xor0,xor1;
-	register long l=length;
-	unsigned long tin[2];
-
-	if (encrypt)
-		{
-		n2l(iv,tout0);
-		n2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]; l2n(tout0,out);
-			tout1=tin[1]; l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]; l2n(tout0,out);
-			tout1=tin[1]; l2n(tout1,out);
-			}
-		l2n(tout0,iv);
-		l2n(tout1,iv);
-		}
-	else
-		{
-		n2l(iv,xor0);
-		n2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0); tin[0]=tin0;
-			n2l(in,tin1); tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0); tin[0]=tin0;
-			n2l(in,tin1); tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,iv);
-		l2n(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-void idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key)
-	{
-	register IDEA_INT *p;
-	register unsigned long x1,x2,x3,x4,t0,t1,ul;
-
-	x2=d[0];
-	x1=(x2>>16);
-	x4=d[1];
-	x3=(x4>>16);
-
-	p= &(key->data[0][0]);
-
-	E_IDEA(0);
-	E_IDEA(1);
-	E_IDEA(2);
-	E_IDEA(3);
-	E_IDEA(4);
-	E_IDEA(5);
-	E_IDEA(6);
-	E_IDEA(7);
-
-	x1&=0xffff;
-	idea_mul(x1,x1,*p,ul); p++;
-
-	t0= x3+ *(p++);
-	t1= x2+ *(p++);
-
-	x4&=0xffff;
-	idea_mul(x4,x4,*p,ul);
-
-	d[0]=(t0&0xffff)|((x1&0xffff)<<16);
-	d[1]=(x4&0xffff)|((t1&0xffff)<<16);
-	}
diff --git a/crypto/openssl/crypto/idea/i_cfb64.c b/crypto/openssl/crypto/idea/i_cfb64.c
deleted file mode 100644
index 66d49d520eb3..000000000000
--- a/crypto/openssl/crypto/idea/i_cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/idea/i_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, IDEA_KEY_SCHEDULE *schedule,
-			unsigned char *ivec, int *num, int encrypt)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned long ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				idea_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				idea_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/idea/i_ecb.c b/crypto/openssl/crypto/idea/i_ecb.c
deleted file mode 100644
index fb613db595c4..000000000000
--- a/crypto/openssl/crypto/idea/i_ecb.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/idea/i_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-#include <openssl/opensslv.h>
-
-const char *IDEA_version="IDEA" OPENSSL_VERSION_PTEXT;
-
-const char *idea_options(void)
-	{
-	if (sizeof(short) != sizeof(IDEA_INT))
-		return("idea(int)");
-	else
-		return("idea(short)");
-	}
-
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	     IDEA_KEY_SCHEDULE *ks)
-	{
-	unsigned long l0,l1,d[2];
-
-	n2l(in,l0); d[0]=l0;
-	n2l(in,l1); d[1]=l1;
-	idea_encrypt(d,ks);
-	l0=d[0]; l2n(l0,out);
-	l1=d[1]; l2n(l1,out);
-	l0=l1=d[0]=d[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/idea/i_ofb64.c b/crypto/openssl/crypto/idea/i_ofb64.c
deleted file mode 100644
index e749e88e34ae..000000000000
--- a/crypto/openssl/crypto/idea/i_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/idea/i_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, IDEA_KEY_SCHEDULE *schedule,
-			unsigned char *ivec, int *num)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned char d[8];
-	register char *dp;
-	unsigned long ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			idea_encrypt((unsigned long *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/idea/i_skey.c b/crypto/openssl/crypto/idea/i_skey.c
deleted file mode 100644
index 1c95bc9c7b88..000000000000
--- a/crypto/openssl/crypto/idea/i_skey.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* crypto/idea/i_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-static IDEA_INT inverse(unsigned int xin);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
-	{
-	int i;
-	register IDEA_INT *kt,*kf,r0,r1,r2;
-
-	kt= &(ks->data[0][0]);
-	n2s(key,kt[0]); n2s(key,kt[1]); n2s(key,kt[2]); n2s(key,kt[3]);
-	n2s(key,kt[4]); n2s(key,kt[5]); n2s(key,kt[6]); n2s(key,kt[7]);
-
-	kf=kt;
-	kt+=8;
-	for (i=0; i<6; i++)
-		{
-		r2= kf[1];
-		r1= kf[2];
-		*(kt++)= ((r2<<9) | (r1>>7))&0xffff;
-		r0= kf[3];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[4];
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		r0= kf[5];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[6];
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		r0= kf[7];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[0];
-		if (i >= 5) break;
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		*(kt++)= ((r1<<9) | (r2>>7))&0xffff;
-		kf+=8;
-		}
-	}
-
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
-	{
-	int r;
-	register IDEA_INT *fp,*tp,t;
-
-	tp= &(dk->data[0][0]);
-	fp= &(ek->data[8][0]);
-	for (r=0; r<9; r++)
-		{
-		*(tp++)=inverse(fp[0]);
-		*(tp++)=((int)(0x10000L-fp[2])&0xffff);
-		*(tp++)=((int)(0x10000L-fp[1])&0xffff);
-		*(tp++)=inverse(fp[3]);
-		if (r == 8) break;
-		fp-=6;
-		*(tp++)=fp[4];
-		*(tp++)=fp[5];
-		}
-
-	tp= &(dk->data[0][0]);
-	t=tp[1];
-	tp[1]=tp[2];
-	tp[2]=t;
-
-	t=tp[49];
-	tp[49]=tp[50];
-	tp[50]=t;
-	}
-
-/* taken directly from the 'paper' I'll have a look at it later */
-static IDEA_INT inverse(unsigned int xin)
-	{
-	long n1,n2,q,r,b1,b2,t;
-
-	if (xin == 0)
-		b2=0;
-	else
-		{
-		n1=0x10001;
-		n2=xin;
-		b2=1;
-		b1=0;
-
-		do	{
-			r=(n1%n2);
-			q=(n1-r)/n2;
-			if (r == 0)
-				{ if (b2 < 0) b2=0x10001+b2; }
-			else
-				{
-				n1=n2;
-				n2=r;
-				t=b2;
-				b2=b1-q*b2;
-				b1=t;
-				}
-			} while (r != 0);
-		}
-	return((IDEA_INT)b2);
-	}
diff --git a/crypto/openssl/crypto/idea/idea.h b/crypto/openssl/crypto/idea/idea.h
deleted file mode 100644
index 67132414ee7b..000000000000
--- a/crypto/openssl/crypto/idea/idea.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/idea/idea.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-#define HEADER_IDEA_H
-
-#ifdef OPENSSL_NO_IDEA
-#error IDEA is disabled.
-#endif
-
-#define IDEA_ENCRYPT	1
-#define IDEA_DECRYPT	0
-
-#include <openssl/opensslconf.h> /* IDEA_INT */
-#define IDEA_BLOCK	8
-#define IDEA_KEY_LENGTH	16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st
-	{
-	IDEA_INT data[9][6];
-	} IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-	int *num,int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/idea/idea_lcl.h b/crypto/openssl/crypto/idea/idea_lcl.h
deleted file mode 100644
index 463aa36ce9c0..000000000000
--- a/crypto/openssl/crypto/idea/idea_lcl.h
+++ /dev/null
@@ -1,215 +0,0 @@
-/* crypto/idea/idea_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* The new form of this macro (check if the a*b == 0) was suggested by 
- * Colin Plumb <colin@nyx10.cs.du.edu> */
-/* Removal of the inner if from from Wei Dai 24/4/96 */
-#define idea_mul(r,a,b,ul) \
-ul=(unsigned long)a*b; \
-if (ul != 0) \
-	{ \
-	r=(ul&0xffff)-(ul>>16); \
-	r-=((r)>>16); \
-	} \
-else \
-	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
-
-#ifdef undef
-#define idea_mul(r,a,b,ul,sl) \
-if (a == 0) r=(0x10001-b)&0xffff; \
-else if (b == 0) r=(0x10001-a)&0xffff; \
-else	{ \
-	ul=(unsigned long)a*b; \
-	sl=(ul&0xffff)-(ul>>16); \
-	if (sl <= 0) sl+=0x10001; \
-	r=sl; \
-	} 
-#endif
-
-/*  7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
- * for pointing out that I was assuming little endian
- * byte order for all quantities what idea
- * actually used bigendian.  No where in the spec does it mention
- * this, it is all in terms of 16 bit numbers and even the example
- * does not use byte streams for the input example :-(.
- * If you byte swap each pair of input, keys and iv, the functions
- * would produce the output as the old version :-(.
- */
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#undef s2n
-#define s2n(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-#undef n2s
-#define n2s(c,l)	(l =((IDEA_INT)(*((c)++)))<< 8L, \
-			 l|=((IDEA_INT)(*((c)++)))      )
-
-#ifdef undef
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-				} \
-			}
-
-#undef c2s
-#define c2s(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L)
-
-#undef s2c
-#define s2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))     , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-#endif
-
-#define E_IDEA(num) \
-	x1&=0xffff; \
-	idea_mul(x1,x1,*p,ul); p++; \
-	x2+= *(p++); \
-	x3+= *(p++); \
-	x4&=0xffff; \
-	idea_mul(x4,x4,*p,ul); p++; \
-	t0=(x1^x3)&0xffff; \
-	idea_mul(t0,t0,*p,ul); p++; \
-	t1=(t0+(x2^x4))&0xffff; \
-	idea_mul(t1,t1,*p,ul); p++; \
-	t0+=t1; \
-	x1^=t1; \
-	x4^=t0; \
-	ul=x2^t0; /* do the swap to x3 */ \
-	x2=x3^t1; \
-	x3=ul;
-
diff --git a/crypto/openssl/crypto/idea/idea_spd.c b/crypto/openssl/crypto/idea/idea_spd.c
deleted file mode 100644
index 48ffaff5209c..000000000000
--- a/crypto/openssl/crypto/idea/idea_spd.c
+++ /dev/null
@@ -1,296 +0,0 @@
-/* crypto/idea/idea_spd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/idea.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	IDEA_KEY_SCHEDULE sch;
-	double a,aa,b,c,d;
-#ifndef SIGALRM
-	long ca,cca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	idea_set_encrypt_key(key,&sch);
-	count=10;
-	do	{
-		long i;
-		IDEA_INT data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			idea_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/4;
-	cca=count/200;
-	cb=count;
-	cc=count*8/BUFSIZE+1;
-	printf("idea_set_encrypt_key %ld times\n",ca);
-#define COND(d)	(count <= (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing idea_set_encrypt_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		idea_set_encrypt_key(key,&sch);
-		idea_set_encrypt_key(key,&sch);
-		idea_set_encrypt_key(key,&sch);
-		idea_set_encrypt_key(key,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld idea idea_set_encrypt_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing idea_set_decrypt_key for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing idea_set_decrypt_key %ld times\n",cca);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(cca); count+=4)
-		{
-		idea_set_decrypt_key(&sch,&sch);
-		idea_set_decrypt_key(&sch,&sch);
-		idea_set_decrypt_key(&sch,&sch);
-		idea_set_decrypt_key(&sch,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld idea idea_set_decrypt_key's in %.2f seconds\n",count,d);
-	aa=((double)COUNT(cca))/d;
-
-#ifdef SIGALRM
-	printf("Doing idea_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing idea_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count+=4)
-		{
-		unsigned long data[2];
-
-		idea_encrypt(data,&sch);
-		idea_encrypt(data,&sch);
-		idea_encrypt(data,&sch);
-		idea_encrypt(data,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld idea_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing idea_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing idea_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		idea_cbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&(key[0]),IDEA_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld idea_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("IDEA set_encrypt_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("IDEA set_decrypt_key per sec = %12.2f (%9.3fuS)\n",aa,1.0e6/aa);
-	printf("IDEA raw ecb bytes   per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
-	printf("IDEA cbc     bytes   per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/idea/ideatest.c b/crypto/openssl/crypto/idea/ideatest.c
deleted file mode 100644
index 98f805d72a59..000000000000
--- a/crypto/openssl/crypto/idea/ideatest.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* crypto/idea/ideatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_IDEA
-int main(int argc, char *argv[])
-{
-    printf("No IDEA support\n");
-    return(0);
-}
-#else
-#include <openssl/idea.h>
-
-unsigned char k[16]={
-	0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
-	0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
-
-unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
-unsigned char  c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
-unsigned char out[80];
-
-char *text="Hello to all people out there";
-
-static unsigned char cfb_key[16]={
-	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
-	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
-	};
-static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
-static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
-#define CFB_TEST_SIZE 24
-static unsigned char plain[CFB_TEST_SIZE]=
-        {
-        0x4e,0x6f,0x77,0x20,0x69,0x73,
-        0x20,0x74,0x68,0x65,0x20,0x74,
-        0x69,0x6d,0x65,0x20,0x66,0x6f,
-        0x72,0x20,0x61,0x6c,0x6c,0x20
-        };
-static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
-	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
-	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
-	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
-
-/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
-	}; 
-
-static int cfb64_test(unsigned char *cfb_cipher);
-static char *pt(unsigned char *p);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	IDEA_KEY_SCHEDULE key,dkey; 
-	unsigned char iv[8];
-
-	idea_set_encrypt_key(k,&key);
-	idea_ecb_encrypt(in,out,&key);
-	if (memcmp(out,c,8) != 0)
-		{
-		printf("ecb idea error encrypting\n");
-		printf("got     :");
-		for (i=0; i<8; i++)
-			printf("%02X ",out[i]);
-		printf("\n");
-		printf("expected:");
-		for (i=0; i<8; i++)
-			printf("%02X ",c[i]);
-		err=20;
-		printf("\n");
-		}
-
-	idea_set_decrypt_key(&key,&dkey);
-	idea_ecb_encrypt(c,out,&dkey);
-	if (memcmp(out,in,8) != 0)
-		{
-		printf("ecb idea error decrypting\n");
-		printf("got     :");
-		for (i=0; i<8; i++)
-			printf("%02X ",out[i]);
-		printf("\n");
-		printf("expected:");
-		for (i=0; i<8; i++)
-			printf("%02X ",in[i]);
-		printf("\n");
-		err=3;
-		}
-
-	if (err == 0) printf("ecb idea ok\n");
-
-	memcpy(iv,k,8);
-	idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
-	memcpy(iv,k,8);
-	idea_cbc_encrypt(out,out,8,&dkey,iv,0);
-	idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
-	if (memcmp(text,out,strlen(text)+1) != 0)
-		{
-		printf("cbc idea bad\n");
-		err=4;
-		}
-	else
-		printf("cbc idea ok\n");
-
-	printf("cfb64 idea ");
-	if (cfb64_test(cfb_cipher64))
-		{
-		printf("bad\n");
-		err=5;
-		}
-	else
-		printf("ok\n");
-
-	EXIT(err);
-	return(err);
-	}
-
-static int cfb64_test(unsigned char *cfb_cipher)
-        {
-        IDEA_KEY_SCHEDULE eks,dks;
-        int err=0,i,n;
-
-        idea_set_encrypt_key(cfb_key,&eks);
-        idea_set_decrypt_key(&eks,&dks);
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
-                (long)CFB_TEST_SIZE-12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb64_encrypt encrypt error\n");
-                for (i=0; i<CFB_TEST_SIZE; i+=8)
-                        printf("%s\n",pt(&(cfb_buf1[i])));
-                }
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
-                (long)CFB_TEST_SIZE-17,&dks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb_encrypt decrypt error\n");
-                for (i=0; i<24; i+=8)
-                        printf("%s\n",pt(&(cfb_buf2[i])));
-                }
-        return(err);
-        }
-
-static char *pt(unsigned char *p)
-	{
-	static char bufs[10][20];
-	static int bnum=0;
-	char *ret;
-	int i;
-	static char *f="0123456789ABCDEF";
-
-	ret= &(bufs[bnum++][0]);
-	bnum%=10;
-	for (i=0; i<8; i++)
-		{
-		ret[i*2]=f[(p[i]>>4)&0xf];
-		ret[i*2+1]=f[p[i]&0xf];
-		}
-	ret[16]='\0';
-	return(ret);
-	}
-#endif
diff --git a/crypto/openssl/crypto/idea/version b/crypto/openssl/crypto/idea/version
deleted file mode 100644
index 3f2229379549..000000000000
--- a/crypto/openssl/crypto/idea/version
+++ /dev/null
@@ -1,12 +0,0 @@
-1.1 07/12/95 - eay
-	Many thanks to Rhys Weatherley <rweather@us.oracle.com>
-	for pointing out that I was assuming little endian byte
-	order for all quantities what idea actually used
-	bigendian.  No where in the spec does it mention
-	this, it is all in terms of 16 bit numbers and even the example
-	does not use byte streams for the input example :-(.
-	If you byte swap each pair of input, keys and iv, the functions
-	would produce the output as the old version :-(.
-
-1.0 ??/??/95 - eay
-	First version.
diff --git a/crypto/openssl/crypto/krb5/Makefile.ssl b/crypto/openssl/crypto/krb5/Makefile.ssl
deleted file mode 100644
index 7136d7a4023c..000000000000
--- a/crypto/openssl/crypto/krb5/Makefile.ssl
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# OpenSSL/krb5/Makefile.ssl
-#
-
-DIR=	krb5
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= krb5_asn.c
-
-LIBOBJ= krb5_asn.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= krb5_asn.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile ;
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-krb5_asn.o: ../../include/openssl/krb5_asn.h
-krb5_asn.o: ../../include/openssl/opensslconf.h
-krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/crypto/openssl/crypto/krb5/krb5_asn.c b/crypto/openssl/crypto/krb5/krb5_asn.c
deleted file mode 100644
index 1fb741d2a0d7..000000000000
--- a/crypto/openssl/crypto/krb5/krb5_asn.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* krb5_asn.c */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
-** using ocsp/{*.h,*asn*.c} as a starting point
-*/
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/krb5_asn.h>
-
-
-ASN1_SEQUENCE(KRB5_ENCDATA) = {
-	ASN1_EXP(KRB5_ENCDATA, etype,		ASN1_INTEGER,	  0),
-	ASN1_EXP_OPT(KRB5_ENCDATA, kvno,	ASN1_INTEGER,	  1),
-	ASN1_EXP(KRB5_ENCDATA, cipher,		ASN1_OCTET_STRING,2)
-} ASN1_SEQUENCE_END(KRB5_ENCDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCDATA)
-
-
-ASN1_SEQUENCE(KRB5_PRINCNAME) = {
-	ASN1_EXP(KRB5_PRINCNAME, nametype,	ASN1_INTEGER,	  0),
-	ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1)
-} ASN1_SEQUENCE_END(KRB5_PRINCNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-
-
-/* [APPLICATION 1] = 0x61 */
-ASN1_SEQUENCE(KRB5_TKTBODY) = {
-	ASN1_EXP(KRB5_TKTBODY, tktvno,		ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_TKTBODY, realm, 		ASN1_GENERALSTRING, 1),
-	ASN1_EXP(KRB5_TKTBODY, sname,		KRB5_PRINCNAME,	  2),
-	ASN1_EXP(KRB5_TKTBODY, encdata,		KRB5_ENCDATA,	  3)
-} ASN1_SEQUENCE_END(KRB5_TKTBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_TKTBODY)
-
-
-ASN1_ITEM_TEMPLATE(KRB5_TICKET) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1,
-			KRB5_TICKET, KRB5_TKTBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_TICKET)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_TICKET)
-
-
-/* [APPLICATION 14] = 0x6e */
-ASN1_SEQUENCE(KRB5_APREQBODY) = {
-	ASN1_EXP(KRB5_APREQBODY, pvno,		ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_APREQBODY, msgtype,	ASN1_INTEGER,	  1),
-	ASN1_EXP(KRB5_APREQBODY, apoptions,	ASN1_BIT_STRING,  2),
-	ASN1_EXP(KRB5_APREQBODY, ticket, 	KRB5_TICKET,	  3),
-	ASN1_EXP(KRB5_APREQBODY, authenticator,	KRB5_ENCDATA,	  4),
-} ASN1_SEQUENCE_END(KRB5_APREQBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQBODY)
-
-ASN1_ITEM_TEMPLATE(KRB5_APREQ) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14,
-			KRB5_APREQ, KRB5_APREQBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_APREQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQ)
-
-
-/*  Authenticator stuff 	*/
-
-ASN1_SEQUENCE(KRB5_CHECKSUM) = {
-	ASN1_EXP(KRB5_CHECKSUM, ctype,		ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_CHECKSUM, checksum,	ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_CHECKSUM)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-
-
-ASN1_SEQUENCE(KRB5_ENCKEY) = {
-	ASN1_EXP(KRB5_ENCKEY,	ktype,		ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_ENCKEY,	keyvalue,	ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_ENCKEY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCKEY)
-
-
-/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */
-ASN1_SEQUENCE(KRB5_AUTHDATA) = {
-	ASN1_EXP(KRB5_AUTHDATA,	adtype,		ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_AUTHDATA,	addata, 	ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_AUTHDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-
-
-/* [APPLICATION 2] = 0x62 */
-ASN1_SEQUENCE(KRB5_AUTHENTBODY) = {
-	ASN1_EXP(KRB5_AUTHENTBODY,	avno,	ASN1_INTEGER,	  0),
-	ASN1_EXP(KRB5_AUTHENTBODY,	crealm,	ASN1_GENERALSTRING, 1),
-	ASN1_EXP(KRB5_AUTHENTBODY,	cname,	KRB5_PRINCNAME,	  2),
-	ASN1_EXP_OPT(KRB5_AUTHENTBODY,	cksum,	KRB5_CHECKSUM,	  3),
-	ASN1_EXP(KRB5_AUTHENTBODY,	cusec,	ASN1_INTEGER,	  4),
-	ASN1_EXP(KRB5_AUTHENTBODY,	ctime,	ASN1_GENERALIZEDTIME, 5),
-	ASN1_EXP_OPT(KRB5_AUTHENTBODY,	subkey,	KRB5_ENCKEY,	  6),
-	ASN1_EXP_OPT(KRB5_AUTHENTBODY,	seqnum,	ASN1_INTEGER,	  7),
-	ASN1_EXP_SEQUENCE_OF_OPT
-		    (KRB5_AUTHENTBODY,	authorization,	KRB5_AUTHDATA, 8),
-} ASN1_SEQUENCE_END(KRB5_AUTHENTBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-
-ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2,
-			KRB5_AUTHENT, KRB5_AUTHENTBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_AUTHENT)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
diff --git a/crypto/openssl/crypto/krb5/krb5_asn.h b/crypto/openssl/crypto/krb5/krb5_asn.h
deleted file mode 100644
index 3329477b0717..000000000000
--- a/crypto/openssl/crypto/krb5/krb5_asn.h
+++ /dev/null
@@ -1,256 +0,0 @@
-/* krb5_asn.h */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
-** using ocsp/{*.h,*asn*.c} as a starting point
-*/
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_KRB5_ASN_H
-#define HEADER_KRB5_ASN_H
-
-/*
-#include <krb5.h>
-*/
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-/*	ASN.1 from Kerberos RFC 1510
-*/
-
-/*	EncryptedData ::=   SEQUENCE {
-**		etype[0]                      INTEGER, -- EncryptionType
-**		kvno[1]                       INTEGER OPTIONAL,
-**		cipher[2]                     OCTET STRING -- ciphertext
-**	}
-*/
-typedef	struct	krb5_encdata_st
-	{
-	ASN1_INTEGER			*etype;
-	ASN1_INTEGER			*kvno;
-	ASN1_OCTET_STRING		*cipher;
-	}	KRB5_ENCDATA;
-
-DECLARE_STACK_OF(KRB5_ENCDATA)
-
-/*	PrincipalName ::=   SEQUENCE {
-**		name-type[0]                  INTEGER,
-**		name-string[1]                SEQUENCE OF GeneralString
-**	}
-*/
-typedef	struct	krb5_princname_st
-	{
-	ASN1_INTEGER			*nametype;
-	STACK_OF(ASN1_GENERALSTRING)	*namestring;
-	}	KRB5_PRINCNAME;
-
-DECLARE_STACK_OF(KRB5_PRINCNAME)
-
-
-/*	Ticket ::=	[APPLICATION 1] SEQUENCE {
-**		tkt-vno[0]                    INTEGER,
-**		realm[1]                      Realm,
-**		sname[2]                      PrincipalName,
-**		enc-part[3]                   EncryptedData
-**	}
-*/
-typedef	struct	krb5_tktbody_st
-	{
-	ASN1_INTEGER			*tktvno;
-	ASN1_GENERALSTRING		*realm;
-	KRB5_PRINCNAME			*sname;
-	KRB5_ENCDATA			*encdata;
-	}	KRB5_TKTBODY;
-
-typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
-DECLARE_STACK_OF(KRB5_TKTBODY)
-
-
-/*	AP-REQ ::=      [APPLICATION 14] SEQUENCE {
-**		pvno[0]                       INTEGER,
-**		msg-type[1]                   INTEGER,
-**		ap-options[2]                 APOptions,
-**		ticket[3]                     Ticket,
-**		authenticator[4]              EncryptedData
-**	}
-**
-**	APOptions ::=   BIT STRING {
-**		reserved(0), use-session-key(1), mutual-required(2) }
-*/
-typedef	struct	krb5_ap_req_st
-	{
-	ASN1_INTEGER			*pvno;
-	ASN1_INTEGER			*msgtype;
-	ASN1_BIT_STRING			*apoptions;
-	KRB5_TICKET			*ticket;
-	KRB5_ENCDATA			*authenticator;
-	}	KRB5_APREQBODY;
-
-typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
-DECLARE_STACK_OF(KRB5_APREQBODY)
-
-
-/*	Authenticator Stuff	*/
-
-
-/*	Checksum ::=   SEQUENCE {
-**		cksumtype[0]                  INTEGER,
-**		checksum[1]                   OCTET STRING
-**	}
-*/
-typedef	struct	krb5_checksum_st
-	{
-	ASN1_INTEGER			*ctype;
-	ASN1_OCTET_STRING		*checksum;
-	}	KRB5_CHECKSUM;
-
-DECLARE_STACK_OF(KRB5_CHECKSUM)
-
-
-/*	EncryptionKey ::=   SEQUENCE {
-**		keytype[0]                    INTEGER,
-**		keyvalue[1]                   OCTET STRING
-**	}
-*/
-typedef struct  krb5_encryptionkey_st
-	{
-	ASN1_INTEGER			*ktype;
-	ASN1_OCTET_STRING		*keyvalue;
-	}	KRB5_ENCKEY;
-
-DECLARE_STACK_OF(KRB5_ENCKEY)
-
-
-/*	AuthorizationData ::=   SEQUENCE OF SEQUENCE {
-**		ad-type[0]                    INTEGER,
-**              ad-data[1]                    OCTET STRING
-**	}
-*/
-typedef struct	krb5_authorization_st
-	{
-	ASN1_INTEGER			*adtype;
-	ASN1_OCTET_STRING		*addata;
-	}	KRB5_AUTHDATA;
-
-DECLARE_STACK_OF(KRB5_AUTHDATA)
-
-			
-/*	-- Unencrypted authenticator
-**	Authenticator ::=    [APPLICATION 2] SEQUENCE    {
-**		authenticator-vno[0]          INTEGER,
-**		crealm[1]                     Realm,
-**		cname[2]                      PrincipalName,
-**		cksum[3]                      Checksum OPTIONAL,
-**		cusec[4]                      INTEGER,
-**		ctime[5]                      KerberosTime,
-**		subkey[6]                     EncryptionKey OPTIONAL,
-**		seq-number[7]                 INTEGER OPTIONAL,
-**		authorization-data[8]         AuthorizationData OPTIONAL
-**	}
-*/
-typedef struct	krb5_authenticator_st
-	{
-	ASN1_INTEGER			*avno;
-	ASN1_GENERALSTRING		*crealm;
-	KRB5_PRINCNAME			*cname;
-	KRB5_CHECKSUM			*cksum;
-	ASN1_INTEGER			*cusec;
-	ASN1_GENERALIZEDTIME		*ctime;
-	KRB5_ENCKEY			*subkey;
-	ASN1_INTEGER			*seqnum;
-	KRB5_AUTHDATA			*authorization;
-	}	KRB5_AUTHENTBODY;
-
-typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
-DECLARE_STACK_OF(KRB5_AUTHENTBODY)
-
-
-/*  DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
-**	type *name##_new(void);
-**	void name##_free(type *a);
-**	DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
-**	 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
-**	  type *d2i_##name(type **a, unsigned char **in, long len);
-**	  int i2d_##name(type *a, unsigned char **out);
-**	  DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
-*/
-
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
-
-DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/crypto/lhash/Makefile.save b/crypto/openssl/crypto/lhash/Makefile.save
deleted file mode 100644
index 60bb6b12e406..000000000000
--- a/crypto/openssl/crypto/lhash/Makefile.save
+++ /dev/null
@@ -1,92 +0,0 @@
-#
-# SSLeay/crypto/lhash/Makefile
-#
-
-DIR=	lhash
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=lhash.c lh_stats.c
-LIBOBJ=lhash.o lh_stats.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= lhash.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-lh_stats.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-lh_stats.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-lh_stats.o: ../cryptlib.h
-lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-lhash.o: ../../include/openssl/lhash.h ../../include/openssl/opensslv.h
-lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-lhash.o: ../../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/lhash/Makefile.ssl b/crypto/openssl/crypto/lhash/Makefile.ssl
deleted file mode 100644
index 1902e4a8998d..000000000000
--- a/crypto/openssl/crypto/lhash/Makefile.ssl
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# SSLeay/crypto/lhash/Makefile
-#
-
-DIR=	lhash
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=lhash.c lh_stats.c
-LIBOBJ=lhash.o lh_stats.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= lhash.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
-lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-lh_stats.o: ../cryptlib.h lh_stats.c
-lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
-lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-lhash.o: ../../include/openssl/symhacks.h lhash.c
diff --git a/crypto/openssl/crypto/lhash/lh_stats.c b/crypto/openssl/crypto/lhash/lh_stats.c
deleted file mode 100644
index 5aa7766aa61b..000000000000
--- a/crypto/openssl/crypto/lhash/lh_stats.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/* crypto/lhash/lh_stats.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-/* If you wish to build this outside of SSLeay, remove the following lines
- * and things should work as expected */
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/lhash.h>
-
-#ifdef OPENSSL_NO_BIO
-
-void lh_stats(LHASH *lh, FILE *out)
-	{
-	fprintf(out,"num_items             = %lu\n",lh->num_items);
-	fprintf(out,"num_nodes             = %u\n",lh->num_nodes);
-	fprintf(out,"num_alloc_nodes       = %u\n",lh->num_alloc_nodes);
-	fprintf(out,"num_expands           = %lu\n",lh->num_expands);
-	fprintf(out,"num_expand_reallocs   = %lu\n",lh->num_expand_reallocs);
-	fprintf(out,"num_contracts         = %lu\n",lh->num_contracts);
-	fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
-	fprintf(out,"num_hash_calls        = %lu\n",lh->num_hash_calls);
-	fprintf(out,"num_comp_calls        = %lu\n",lh->num_comp_calls);
-	fprintf(out,"num_insert            = %lu\n",lh->num_insert);
-	fprintf(out,"num_replace           = %lu\n",lh->num_replace);
-	fprintf(out,"num_delete            = %lu\n",lh->num_delete);
-	fprintf(out,"num_no_delete         = %lu\n",lh->num_no_delete);
-	fprintf(out,"num_retrieve          = %lu\n",lh->num_retrieve);
-	fprintf(out,"num_retrieve_miss     = %lu\n",lh->num_retrieve_miss);
-	fprintf(out,"num_hash_comps        = %lu\n",lh->num_hash_comps);
-#if 0
-	fprintf(out,"p                     = %u\n",lh->p);
-	fprintf(out,"pmax                  = %u\n",lh->pmax);
-	fprintf(out,"up_load               = %lu\n",lh->up_load);
-	fprintf(out,"down_load             = %lu\n",lh->down_load);
-#endif
-	}
-
-void lh_node_stats(LHASH *lh, FILE *out)
-	{
-	LHASH_NODE *n;
-	unsigned int i,num;
-
-	for (i=0; i<lh->num_nodes; i++)
-		{
-		for (n=lh->b[i],num=0; n != NULL; n=n->next)
-			num++;
-		fprintf(out,"node %6u -> %3u\n",i,num);
-		}
-	}
-
-void lh_node_usage_stats(LHASH *lh, FILE *out)
-	{
-	LHASH_NODE *n;
-	unsigned long num;
-	unsigned int i;
-	unsigned long total=0,n_used=0;
-
-	for (i=0; i<lh->num_nodes; i++)
-		{
-		for (n=lh->b[i],num=0; n != NULL; n=n->next)
-			num++;
-		if (num != 0)
-			{
-			n_used++;
-			total+=num;
-			}
-		}
-	fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
-	fprintf(out,"%lu items\n",total);
-	if (n_used == 0) return;
-	fprintf(out,"load %d.%02d  actual load %d.%02d\n",
-		(int)(total/lh->num_nodes),
-		(int)((total%lh->num_nodes)*100/lh->num_nodes),
-		(int)(total/n_used),
-		(int)((total%n_used)*100/n_used));
-	}
-
-#else
-
-#ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *fp)
-	{
-	BIO *bp;
-
-	bp=BIO_new(BIO_s_file());
-	if (bp == NULL) goto end;
-	BIO_set_fp(bp,fp,BIO_NOCLOSE);
-	lh_stats_bio(lh,bp);
-	BIO_free(bp);
-end:;
-	}
-
-void lh_node_stats(const LHASH *lh, FILE *fp)
-	{
-	BIO *bp;
-
-	bp=BIO_new(BIO_s_file());
-	if (bp == NULL) goto end;
-	BIO_set_fp(bp,fp,BIO_NOCLOSE);
-	lh_node_stats_bio(lh,bp);
-	BIO_free(bp);
-end:;
-	}
-
-void lh_node_usage_stats(const LHASH *lh, FILE *fp)
-	{
-	BIO *bp;
-
-	bp=BIO_new(BIO_s_file());
-	if (bp == NULL) goto end;
-	BIO_set_fp(bp,fp,BIO_NOCLOSE);
-	lh_node_usage_stats_bio(lh,bp);
-	BIO_free(bp);
-end:;
-	}
-
-#endif
-
-void lh_stats_bio(const LHASH *lh, BIO *out)
-	{
-	BIO_printf(out,"num_items             = %lu\n",lh->num_items);
-	BIO_printf(out,"num_nodes             = %u\n",lh->num_nodes);
-	BIO_printf(out,"num_alloc_nodes       = %u\n",lh->num_alloc_nodes);
-	BIO_printf(out,"num_expands           = %lu\n",lh->num_expands);
-	BIO_printf(out,"num_expand_reallocs   = %lu\n",
-		   lh->num_expand_reallocs);
-	BIO_printf(out,"num_contracts         = %lu\n",lh->num_contracts);
-	BIO_printf(out,"num_contract_reallocs = %lu\n",
-		   lh->num_contract_reallocs);
-	BIO_printf(out,"num_hash_calls        = %lu\n",lh->num_hash_calls);
-	BIO_printf(out,"num_comp_calls        = %lu\n",lh->num_comp_calls);
-	BIO_printf(out,"num_insert            = %lu\n",lh->num_insert);
-	BIO_printf(out,"num_replace           = %lu\n",lh->num_replace);
-	BIO_printf(out,"num_delete            = %lu\n",lh->num_delete);
-	BIO_printf(out,"num_no_delete         = %lu\n",lh->num_no_delete);
-	BIO_printf(out,"num_retrieve          = %lu\n",lh->num_retrieve);
-	BIO_printf(out,"num_retrieve_miss     = %lu\n",lh->num_retrieve_miss);
-	BIO_printf(out,"num_hash_comps        = %lu\n",lh->num_hash_comps);
-#if 0
-	BIO_printf(out,"p                     = %u\n",lh->p);
-	BIO_printf(out,"pmax                  = %u\n",lh->pmax);
-	BIO_printf(out,"up_load               = %lu\n",lh->up_load);
-	BIO_printf(out,"down_load             = %lu\n",lh->down_load);
-#endif
-	}
-
-void lh_node_stats_bio(const LHASH *lh, BIO *out)
-	{
-	LHASH_NODE *n;
-	unsigned int i,num;
-
-	for (i=0; i<lh->num_nodes; i++)
-		{
-		for (n=lh->b[i],num=0; n != NULL; n=n->next)
-			num++;
-		BIO_printf(out,"node %6u -> %3u\n",i,num);
-		}
-	}
-
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out)
-	{
-	LHASH_NODE *n;
-	unsigned long num;
-	unsigned int i;
-	unsigned long total=0,n_used=0;
-
-	for (i=0; i<lh->num_nodes; i++)
-		{
-		for (n=lh->b[i],num=0; n != NULL; n=n->next)
-			num++;
-		if (num != 0)
-			{
-			n_used++;
-			total+=num;
-			}
-		}
-	BIO_printf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
-	BIO_printf(out,"%lu items\n",total);
-	if (n_used == 0) return;
-	BIO_printf(out,"load %d.%02d  actual load %d.%02d\n",
-		   (int)(total/lh->num_nodes),
-		   (int)((total%lh->num_nodes)*100/lh->num_nodes),
-		   (int)(total/n_used),
-		   (int)((total%n_used)*100/n_used));
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/lhash/lh_test.c b/crypto/openssl/crypto/lhash/lh_test.c
deleted file mode 100644
index 85700c859bf3..000000000000
--- a/crypto/openssl/crypto/lhash/lh_test.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/lhash/lh_test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/lhash.h>
-
-main()
-	{
-	LHASH *conf;
-	char buf[256];
-	int i;
-
-	conf=lh_new(lh_strhash,strcmp);
-	for (;;)
-		{
-		char *p;
-
-		buf[0]='\0';
-		fgets(buf,256,stdin);
-		if (buf[0] == '\0') break;
-		i=strlen(buf);
-		p=OPENSSL_malloc(i+1);
-		memcpy(p,buf,i+1);
-		lh_insert(conf,p);
-		}
-
-	lh_node_stats(conf,stdout);
-	lh_stats(conf,stdout);
-	lh_node_usage_stats(conf,stdout);
-	exit(0);
-	}
diff --git a/crypto/openssl/crypto/lhash/lhash.c b/crypto/openssl/crypto/lhash/lhash.c
deleted file mode 100644
index 0a16fcf27d58..000000000000
--- a/crypto/openssl/crypto/lhash/lhash.c
+++ /dev/null
@@ -1,470 +0,0 @@
-/* crypto/lhash/lhash.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Code for dynamic hash table routines
- * Author - Eric Young v 2.0
- *
- * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
- *	     present. eay 18-Jun-98
- *
- * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
- *
- * 2.0 eay - Fixed a bug that occurred when using lh_delete
- *	     from inside lh_doall().  As entries were deleted,
- *	     the 'table' was 'contract()ed', making some entries
- *	     jump from the end of the table to the start, there by
- *	     skipping the lh_doall() processing. eay - 4/12/95
- *
- * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
- *	     were not being free()ed. 21/11/95
- *
- * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
- *	     19/09/95
- *
- * 1.7 eay - Removed the fputs() for realloc failures - the code
- *           should silently tolerate them.  I have also fixed things
- *           lint complained about 04/05/95
- *
- * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
- *
- * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
- *
- * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
- *
- * 1.3 eay - Fixed a few lint problems 19/3/1991
- *
- * 1.2 eay - Fixed lh_doall problem 13/3/1991
- *
- * 1.1 eay - Added lh_doall
- *
- * 1.0 eay - First version
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
-
-#undef MIN_NODES 
-#define MIN_NODES	16
-#define UP_LOAD		(2*LH_LOAD_MULT) /* load times 256  (default 2) */
-#define DOWN_LOAD	(LH_LOAD_MULT)   /* load times 256  (default 1) */
-
-static void expand(LHASH *lh);
-static void contract(LHASH *lh);
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash);
-
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
-	{
-	LHASH *ret;
-	int i;
-
-	if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL)
-		goto err0;
-	if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
-		goto err1;
-	for (i=0; i<MIN_NODES; i++)
-		ret->b[i]=NULL;
-	ret->comp=((c == NULL)?(LHASH_COMP_FN_TYPE)strcmp:c);
-	ret->hash=((h == NULL)?(LHASH_HASH_FN_TYPE)lh_strhash:h);
-	ret->num_nodes=MIN_NODES/2;
-	ret->num_alloc_nodes=MIN_NODES;
-	ret->p=0;
-	ret->pmax=MIN_NODES/2;
-	ret->up_load=UP_LOAD;
-	ret->down_load=DOWN_LOAD;
-	ret->num_items=0;
-
-	ret->num_expands=0;
-	ret->num_expand_reallocs=0;
-	ret->num_contracts=0;
-	ret->num_contract_reallocs=0;
-	ret->num_hash_calls=0;
-	ret->num_comp_calls=0;
-	ret->num_insert=0;
-	ret->num_replace=0;
-	ret->num_delete=0;
-	ret->num_no_delete=0;
-	ret->num_retrieve=0;
-	ret->num_retrieve_miss=0;
-	ret->num_hash_comps=0;
-
-	ret->error=0;
-	return(ret);
-err1:
-	OPENSSL_free(ret);
-err0:
-	return(NULL);
-	}
-
-void lh_free(LHASH *lh)
-	{
-	unsigned int i;
-	LHASH_NODE *n,*nn;
-
-	if (lh == NULL)
-	    return;
-
-	for (i=0; i<lh->num_nodes; i++)
-		{
-		n=lh->b[i];
-		while (n != NULL)
-			{
-			nn=n->next;
-			OPENSSL_free(n);
-			n=nn;
-			}
-		}
-	OPENSSL_free(lh->b);
-	OPENSSL_free(lh);
-	}
-
-void *lh_insert(LHASH *lh, const void *data)
-	{
-	unsigned long hash;
-	LHASH_NODE *nn,**rn;
-	const void *ret;
-
-	lh->error=0;
-	if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
-		expand(lh);
-
-	rn=getrn(lh,data,&hash);
-
-	if (*rn == NULL)
-		{
-		if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL)
-			{
-			lh->error++;
-			return(NULL);
-			}
-		nn->data=data;
-		nn->next=NULL;
-#ifndef OPENSSL_NO_HASH_COMP
-		nn->hash=hash;
-#endif
-		*rn=nn;
-		ret=NULL;
-		lh->num_insert++;
-		lh->num_items++;
-		}
-	else /* replace same key */
-		{
-		ret= (*rn)->data;
-		(*rn)->data=data;
-		lh->num_replace++;
-		}
-	return((void *)ret);
-	}
-
-void *lh_delete(LHASH *lh, const void *data)
-	{
-	unsigned long hash;
-	LHASH_NODE *nn,**rn;
-	const void *ret;
-
-	lh->error=0;
-	rn=getrn(lh,data,&hash);
-
-	if (*rn == NULL)
-		{
-		lh->num_no_delete++;
-		return(NULL);
-		}
-	else
-		{
-		nn= *rn;
-		*rn=nn->next;
-		ret=nn->data;
-		OPENSSL_free(nn);
-		lh->num_delete++;
-		}
-
-	lh->num_items--;
-	if ((lh->num_nodes > MIN_NODES) &&
-		(lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
-		contract(lh);
-
-	return((void *)ret);
-	}
-
-void *lh_retrieve(LHASH *lh, const void *data)
-	{
-	unsigned long hash;
-	LHASH_NODE **rn;
-	const void *ret;
-
-	lh->error=0;
-	rn=getrn(lh,data,&hash);
-
-	if (*rn == NULL)
-		{
-		lh->num_retrieve_miss++;
-		return(NULL);
-		}
-	else
-		{
-		ret= (*rn)->data;
-		lh->num_retrieve++;
-		}
-	return((void *)ret);
-	}
-
-static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
-			  LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
-	{
-	int i;
-	LHASH_NODE *a,*n;
-
-	/* reverse the order so we search from 'top to bottom'
-	 * We were having memory leaks otherwise */
-	for (i=lh->num_nodes-1; i>=0; i--)
-		{
-		a=lh->b[i];
-		while (a != NULL)
-			{
-			/* 28/05/91 - eay - n added so items can be deleted
-			 * via lh_doall */
-			n=a->next;
-			if(use_arg)
-				func_arg(a->data,arg);
-			else
-				func(a->data);
-			a=n;
-			}
-		}
-	}
-
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func)
-	{
-	doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
-	}
-
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
-	{
-	doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
-	}
-
-static void expand(LHASH *lh)
-	{
-	LHASH_NODE **n,**n1,**n2,*np;
-	unsigned int p,i,j;
-	unsigned long hash,nni;
-
-	lh->num_nodes++;
-	lh->num_expands++;
-	p=(int)lh->p++;
-	n1= &(lh->b[p]);
-	n2= &(lh->b[p+(int)lh->pmax]);
-	*n2=NULL;        /* 27/07/92 - eay - undefined pointer bug */
-	nni=lh->num_alloc_nodes;
-	
-	for (np= *n1; np != NULL; )
-		{
-#ifndef OPENSSL_NO_HASH_COMP
-		hash=np->hash;
-#else
-		hash=lh->hash(np->data);
-		lh->num_hash_calls++;
-#endif
-		if ((hash%nni) != p)
-			{ /* move it */
-			*n1= (*n1)->next;
-			np->next= *n2;
-			*n2=np;
-			}
-		else
-			n1= &((*n1)->next);
-		np= *n1;
-		}
-
-	if ((lh->p) >= lh->pmax)
-		{
-		j=(int)lh->num_alloc_nodes*2;
-		n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
-			(unsigned int)sizeof(LHASH_NODE *)*j);
-		if (n == NULL)
-			{
-/*			fputs("realloc error in lhash",stderr); */
-			lh->error++;
-			lh->p=0;
-			return;
-			}
-		/* else */
-		for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
-			n[i]=NULL;			  /* 02/03/92 eay */
-		lh->pmax=lh->num_alloc_nodes;
-		lh->num_alloc_nodes=j;
-		lh->num_expand_reallocs++;
-		lh->p=0;
-		lh->b=n;
-		}
-	}
-
-static void contract(LHASH *lh)
-	{
-	LHASH_NODE **n,*n1,*np;
-
-	np=lh->b[lh->p+lh->pmax-1];
-	lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
-	if (lh->p == 0)
-		{
-		n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
-			(unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
-		if (n == NULL)
-			{
-/*			fputs("realloc error in lhash",stderr); */
-			lh->error++;
-			return;
-			}
-		lh->num_contract_reallocs++;
-		lh->num_alloc_nodes/=2;
-		lh->pmax/=2;
-		lh->p=lh->pmax-1;
-		lh->b=n;
-		}
-	else
-		lh->p--;
-
-	lh->num_nodes--;
-	lh->num_contracts++;
-
-	n1=lh->b[(int)lh->p];
-	if (n1 == NULL)
-		lh->b[(int)lh->p]=np;
-	else
-		{
-		while (n1->next != NULL)
-			n1=n1->next;
-		n1->next=np;
-		}
-	}
-
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash)
-	{
-	LHASH_NODE **ret,*n1;
-	unsigned long hash,nn;
-	int (*cf)();
-
-	hash=(*(lh->hash))(data);
-	lh->num_hash_calls++;
-	*rhash=hash;
-
-	nn=hash%lh->pmax;
-	if (nn < lh->p)
-		nn=hash%lh->num_alloc_nodes;
-
-	cf=lh->comp;
-	ret= &(lh->b[(int)nn]);
-	for (n1= *ret; n1 != NULL; n1=n1->next)
-		{
-#ifndef OPENSSL_NO_HASH_COMP
-		lh->num_hash_comps++;
-		if (n1->hash != hash)
-			{
-			ret= &(n1->next);
-			continue;
-			}
-#endif
-		lh->num_comp_calls++;
-		if(cf(n1->data,data) == 0)
-			break;
-		ret= &(n1->next);
-		}
-	return(ret);
-	}
-
-/* The following hash seems to work very well on normal text strings
- * no collisions on /usr/dict/words and it distributes on %2^n quite
- * well, not as good as MD5, but still good.
- */
-unsigned long lh_strhash(const char *c)
-	{
-	unsigned long ret=0;
-	long n;
-	unsigned long v;
-	int r;
-
-	if ((c == NULL) || (*c == '\0'))
-		return(ret);
-/*
-	unsigned char b[16];
-	MD5(c,strlen(c),b);
-	return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); 
-*/
-
-	n=0x100;
-	while (*c)
-		{
-		v=n|(*c);
-		n+=0x100;
-		r= (int)((v>>2)^v)&0x0f;
-		ret=(ret<<r)|(ret>>(32-r));
-		ret&=0xFFFFFFFFL;
-		ret^=v*v;
-		c++;
-		}
-	return((ret>>16)^ret);
-	}
-
-unsigned long lh_num_items(const LHASH *lh)
-	{
-	return lh ? lh->num_items : 0;
-	}
diff --git a/crypto/openssl/crypto/lhash/lhash.h b/crypto/openssl/crypto/lhash/lhash.h
deleted file mode 100644
index dee8207333bc..000000000000
--- a/crypto/openssl/crypto/lhash/lhash.h
+++ /dev/null
@@ -1,199 +0,0 @@
-/* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-#define HEADER_LHASH_H
-
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st
-	{
-	const void *data;
-	struct lhash_node_st *next;
-#ifndef OPENSSL_NO_HASH_COMP
-	unsigned long hash;
-#endif
-	} LHASH_NODE;
-
-typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
-typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
-typedef void (*LHASH_DOALL_FN_TYPE)(const void *);
-typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, void *);
-
-/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks.
- * This way, callbacks can be provided to LHASH structures without function
- * pointer casting and the macro-defined callbacks provide per-variable casting
- * before deferring to the underlying type-specific callbacks. NB: It is
- * possible to place a "static" in front of both the DECLARE and IMPLEMENT
- * macros if the functions are strictly internal. */
-
-/* First: "hash" functions */
-#define DECLARE_LHASH_HASH_FN(f_name,o_type) \
-	unsigned long f_name##_LHASH_HASH(const void *);
-#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
-	unsigned long f_name##_LHASH_HASH(const void *arg) { \
-		o_type a = (o_type)arg; \
-		return f_name(a); }
-#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
-
-/* Second: "compare" functions */
-#define DECLARE_LHASH_COMP_FN(f_name,o_type) \
-	int f_name##_LHASH_COMP(const void *, const void *);
-#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
-	int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-		o_type a = (o_type)arg1; \
-		o_type b = (o_type)arg2; \
-		return f_name(a,b); }
-#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
-
-/* Third: "doall" functions */
-#define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
-	void f_name##_LHASH_DOALL(const void *);
-#define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
-	void f_name##_LHASH_DOALL(const void *arg) { \
-		o_type a = (o_type)arg; \
-		f_name(a); }
-#define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
-
-/* Fourth: "doall_arg" functions */
-#define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-	void f_name##_LHASH_DOALL_ARG(const void *, void *);
-#define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-	void f_name##_LHASH_DOALL_ARG(const void *arg1, void *arg2) { \
-		o_type a = (o_type)arg1; \
-		a_type b = (a_type)arg2; \
-		f_name(a,b); }
-#define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
-
-typedef struct lhash_st
-	{
-	LHASH_NODE **b;
-	LHASH_COMP_FN_TYPE comp;
-	LHASH_HASH_FN_TYPE hash;
-	unsigned int num_nodes;
-	unsigned int num_alloc_nodes;
-	unsigned int p;
-	unsigned int pmax;
-	unsigned long up_load; /* load times 256 */
-	unsigned long down_load; /* load times 256 */
-	unsigned long num_items;
-
-	unsigned long num_expands;
-	unsigned long num_expand_reallocs;
-	unsigned long num_contracts;
-	unsigned long num_contract_reallocs;
-	unsigned long num_hash_calls;
-	unsigned long num_comp_calls;
-	unsigned long num_insert;
-	unsigned long num_replace;
-	unsigned long num_delete;
-	unsigned long num_no_delete;
-	unsigned long num_retrieve;
-	unsigned long num_retrieve_miss;
-	unsigned long num_hash_comps;
-
-	int error;
-	} LHASH;
-
-#define LH_LOAD_MULT	256
-
-/* Indicates a malloc() error in the last call, this is only bad
- * in lh_insert(). */
-#define lh_error(lh)	((lh)->error)
-
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(LHASH *lh);
-void *lh_insert(LHASH *lh, const void *data);
-void *lh_delete(LHASH *lh, const void *data);
-void *lh_retrieve(LHASH *lh, const void *data);
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const LHASH *lh);
-
-#ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *out);
-void lh_node_stats(const LHASH *lh, FILE *out);
-void lh_node_usage_stats(const LHASH *lh, FILE *out);
-#endif
-
-#ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out);
-#endif
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/crypto/openssl/crypto/lhash/num.pl b/crypto/openssl/crypto/lhash/num.pl
deleted file mode 100644
index 30fedf9cd5ad..000000000000
--- a/crypto/openssl/crypto/lhash/num.pl
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/usr/local/bin/perl
-
-#node     10 ->   4
-
-while (<>)
-	{
-	next unless /^node/;
-	chop;
-	@a=split;
-	$num{$a[3]}++;
-	}
-
-@a=sort {$a <=> $b } keys %num;
-foreach (0 .. $a[$#a])
-	{
-	printf "%4d:%4d\n",$_,$num{$_};
-	}
diff --git a/crypto/openssl/crypto/md2/Makefile.save b/crypto/openssl/crypto/md2/Makefile.save
deleted file mode 100644
index 8b382c35ff44..000000000000
--- a/crypto/openssl/crypto/md2/Makefile.save
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	md
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md2_dgst.c md2_one.c
-LIBOBJ=md2_dgst.o md2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
-md2_dgst.o: ../../include/openssl/opensslv.h
-md2_one.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-md2_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h
diff --git a/crypto/openssl/crypto/md2/Makefile.ssl b/crypto/openssl/crypto/md2/Makefile.ssl
deleted file mode 100644
index e5b3265a442e..000000000000
--- a/crypto/openssl/crypto/md2/Makefile.ssl
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	md2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md2_dgst.c md2_one.c
-LIBOBJ=md2_dgst.o md2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
-md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md2_dgst.o: md2_dgst.c
-md2_one.o: ../../e_os.h ../../include/openssl/bio.h
-md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c
diff --git a/crypto/openssl/crypto/md2/md2.c b/crypto/openssl/crypto/md2/md2.c
deleted file mode 100644
index f4d6f62264b3..000000000000
--- a/crypto/openssl/crypto/md2/md2.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/md2/md2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md2.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-void exit(int);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("MD2(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	return(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	MD2_CTX c;
-	unsigned char md[MD2_DIGEST_LENGTH];
-	int fd,i;
-	static unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	MD2_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,BUFSIZE);
-		if (i <= 0) break;
-		MD2_Update(&c,buf,(unsigned long)i);
-		}
-	MD2_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<MD2_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
diff --git a/crypto/openssl/crypto/md2/md2.h b/crypto/openssl/crypto/md2/md2.h
deleted file mode 100644
index ad9241455caf..000000000000
--- a/crypto/openssl/crypto/md2/md2.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/* crypto/md/md2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD2_H
-#define HEADER_MD2_H
-
-#ifdef OPENSSL_NO_MD2
-#error MD2 is disabled.
-#endif
-
-#define MD2_DIGEST_LENGTH	16
-#define MD2_BLOCK       	16
-#include <openssl/opensslconf.h> /* MD2_INT */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct MD2state_st
-	{
-	int num;
-	unsigned char data[MD2_BLOCK];
-	MD2_INT cksm[MD2_BLOCK];
-	MD2_INT state[MD2_BLOCK];
-	} MD2_CTX;
-
-const char *MD2_options(void);
-int MD2_Init(MD2_CTX *c);
-int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
-int MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/md2/md2_dgst.c b/crypto/openssl/crypto/md2/md2_dgst.c
deleted file mode 100644
index ecb64f0ec40d..000000000000
--- a/crypto/openssl/crypto/md2/md2_dgst.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* crypto/md2/md2_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/md2.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
-
-/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
- */
-
-#define UCHAR	unsigned char
-
-static void md2_block(MD2_CTX *c, const unsigned char *d);
-/* The magic S table - I have converted it to hex since it is
- * basically just a random byte string. */
-static MD2_INT S[256]={
-	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
-	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
-	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
-	0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
-	0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
-	0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
-	0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
-	0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
-	0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
-	0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
-	0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
-	0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
-	0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
-	0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
-	0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
-	0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
-	0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
-	0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
-	0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
-	0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
-	0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
-	0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
-	0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
-	0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
-	0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
-	0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
-	0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
-	0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
-	0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
-	0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
-	0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
-	0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
-	};
-
-const char *MD2_options(void)
-	{
-	if (sizeof(MD2_INT) == 1)
-		return("md2(char)");
-	else
-		return("md2(int)");
-	}
-
-int MD2_Init(MD2_CTX *c)
-	{
-	c->num=0;
-	memset(c->state,0,sizeof c->state);
-	memset(c->cksm,0,sizeof c->cksm);
-	memset(c->data,0,sizeof c->data);
-	return 1;
-	}
-
-int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len)
-	{
-	register UCHAR *p;
-
-	if (len == 0) return 1;
-
-	p=c->data;
-	if (c->num != 0)
-		{
-		if ((c->num+len) >= MD2_BLOCK)
-			{
-			memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
-			md2_block(c,c->data);
-			data+=(MD2_BLOCK - c->num);
-			len-=(MD2_BLOCK - c->num);
-			c->num=0;
-			/* drop through and do the rest */
-			}
-		else
-			{
-			memcpy(&(p[c->num]),data,(int)len);
-			/* data+=len; */
-			c->num+=(int)len;
-			return 1;
-			}
-		}
-	/* we now can process the input data in blocks of MD2_BLOCK
-	 * chars and save the leftovers to c->data. */
-	while (len >= MD2_BLOCK)
-		{
-		md2_block(c,data);
-		data+=MD2_BLOCK;
-		len-=MD2_BLOCK;
-		}
-	memcpy(p,data,(int)len);
-	c->num=(int)len;
-	return 1;
-	}
-
-static void md2_block(MD2_CTX *c, const unsigned char *d)
-	{
-	register MD2_INT t,*sp1,*sp2;
-	register int i,j;
-	MD2_INT state[48];
-
-	sp1=c->state;
-	sp2=c->cksm;
-	j=sp2[MD2_BLOCK-1];
-	for (i=0; i<16; i++)
-		{
-		state[i]=sp1[i];
-		state[i+16]=t=d[i];
-		state[i+32]=(t^sp1[i]);
-		j=sp2[i]^=S[t^j];
-		}
-	t=0;
-	for (i=0; i<18; i++)
-		{
-		for (j=0; j<48; j+=8)
-			{
-			t= state[j+ 0]^=S[t];
-			t= state[j+ 1]^=S[t];
-			t= state[j+ 2]^=S[t];
-			t= state[j+ 3]^=S[t];
-			t= state[j+ 4]^=S[t];
-			t= state[j+ 5]^=S[t];
-			t= state[j+ 6]^=S[t];
-			t= state[j+ 7]^=S[t];
-			}
-		t=(t+i)&0xff;
-		}
-	memcpy(sp1,state,16*sizeof(MD2_INT));
-	OPENSSL_cleanse(state,48*sizeof(MD2_INT));
-	}
-
-int MD2_Final(unsigned char *md, MD2_CTX *c)
-	{
-	int i,v;
-	register UCHAR *cp;
-	register MD2_INT *p1,*p2;
-
-	cp=c->data;
-	p1=c->state;
-	p2=c->cksm;
-	v=MD2_BLOCK-c->num;
-	for (i=c->num; i<MD2_BLOCK; i++)
-		cp[i]=(UCHAR)v;
-
-	md2_block(c,cp);
-
-	for (i=0; i<MD2_BLOCK; i++)
-		cp[i]=(UCHAR)p2[i];
-	md2_block(c,cp);
-
-	for (i=0; i<16; i++)
-		md[i]=(UCHAR)(p1[i]&0xff);
-	memset((char *)&c,0,sizeof(c));
-	return 1;
-	}
-
diff --git a/crypto/openssl/crypto/md2/md2_one.c b/crypto/openssl/crypto/md2/md2_one.c
deleted file mode 100644
index 835160ef56d1..000000000000
--- a/crypto/openssl/crypto/md2/md2_one.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* crypto/md2/md2_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/md2.h>
-
-/* This is a separate file so that #defines in cryptlib.h can
- * map my MD functions to different names */
-
-unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	MD2_CTX c;
-	static unsigned char m[MD2_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	MD2_Init(&c);
-#ifndef CHARSET_EBCDIC
-	MD2_Update(&c,d,n);
-#else
-	{
-		char temp[1024];
-		unsigned long chunk;
-
-		while (n > 0)
-		{
-			chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-			ebcdic2ascii(temp, d, chunk);
-			MD2_Update(&c,temp,chunk);
-			n -= chunk;
-			d += chunk;
-		}
-	}
-#endif
-	MD2_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));	/* Security consideration */
-	return(md);
-	}
diff --git a/crypto/openssl/crypto/md2/md2test.c b/crypto/openssl/crypto/md2/md2test.c
deleted file mode 100644
index 901d0a7d8ea6..000000000000
--- a/crypto/openssl/crypto/md2/md2test.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/md2/md2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/md2.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD2
-int main(int argc, char *argv[])
-{
-    printf("No MD2 support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-static char *test[]={
-	"",
-	"a",
-	"abc",
-	"message digest",
-	"abcdefghijklmnopqrstuvwxyz",
-	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
-	NULL,
-	};
-
-static char *ret[]={
-	"8350e5a3e24c153df2275c9f80692773",
-	"32ec01ec4a6dac72c0ab96fb34c0b5d1",
-	"da853b0d3f88d99b30283a69e6ded6bb",
-	"ab4f496bfb2a530b219ff33031fe06b0",
-	"4e8ddff3650292ab5a4108c3aa47940b",
-	"da33def2a42df13975352846c30338cd",
-	"d5976f79d83d3a0dc9806c3c66f3efd8",
-	};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	char **P,**R;
-	char *p;
-	unsigned char md[MD2_DIGEST_LENGTH];
-
-	P=test;
-	R=ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL);
-		p=pt(md);
-		if (strcmp(p,*R) != 0)
-			{
-			printf("error calculating MD2 on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-	EXIT(err);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<MD2_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/md32_common.h b/crypto/openssl/crypto/md32_common.h
deleted file mode 100644
index 573850b12289..000000000000
--- a/crypto/openssl/crypto/md32_common.h
+++ /dev/null
@@ -1,637 +0,0 @@
-/* crypto/md32_common.h */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- *	this macro defines byte order of input stream.
- * HASH_CBLOCK
- *	size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- *	has to be at lest 32 bit wide, if it's wider, then
- *	HASH_LONG_LOG2 *has to* be defined along
- * HASH_CTX
- *	context structure that at least contains following
- *	members:
- *		typedef struct {
- *			...
- *			HASH_LONG	Nl,Nh;
- *			HASH_LONG	data[HASH_LBLOCK];
- *			int		num;
- *			...
- *			} HASH_CTX;
- * HASH_UPDATE
- *	name of "Update" function, implemented here.
- * HASH_TRANSFORM
- *	name of "Transform" function, implemented here.
- * HASH_FINAL
- *	name of "Final" function, implemented here.
- * HASH_BLOCK_HOST_ORDER
- *	name of "block" function treating *aligned* input message
- *	in host byte order, implemented externally.
- * HASH_BLOCK_DATA_ORDER
- *	name of "block" function treating *unaligned* input message
- *	in original (data) byte order, implemented externally (it
- *	actually is optional if data and host are of the same
- *	"endianess").
- * HASH_MAKE_STRING
- *	macro convering context variables to an ASCII hash string.
- *
- * Optional macros:
- *
- * B_ENDIAN or L_ENDIAN
- *	defines host byte-order.
- * HASH_LONG_LOG2
- *	defaults to 2 if not states otherwise.
- * HASH_LBLOCK
- *	assumed to be HASH_CBLOCK/4 if not stated otherwise.
- * HASH_BLOCK_DATA_ORDER_ALIGNED
- *	alternative "block" function capable of treating
- *	aligned input message in original (data) order,
- *	implemented externally.
- *
- * MD5 example:
- *
- *	#define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- *	#define HASH_LONG		MD5_LONG
- *	#define HASH_LONG_LOG2		MD5_LONG_LOG2
- *	#define HASH_CTX		MD5_CTX
- *	#define HASH_CBLOCK		MD5_CBLOCK
- *	#define HASH_LBLOCK		MD5_LBLOCK
- *	#define HASH_UPDATE		MD5_Update
- *	#define HASH_TRANSFORM		MD5_Transform
- *	#define HASH_FINAL		MD5_Final
- *	#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
- *	#define HASH_BLOCK_DATA_ORDER	md5_block_data_order
- *
- *					<appro@fy.chalmers.se>
- */
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-#error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-#error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-#error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-#error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-#error "HASH_TRANSFORM must be defined!"
-#endif
-#ifndef HASH_FINAL
-#error "HASH_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_HOST_ORDER
-#error "HASH_BLOCK_HOST_ORDER must be defined!"
-#endif
-
-#if 0
-/*
- * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
- * isn't defined.
- */
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-#endif
-
-#ifndef HASH_LBLOCK
-#define HASH_LBLOCK	(HASH_CBLOCK/4)
-#endif
-
-#ifndef HASH_LONG_LOG2
-#define HASH_LONG_LOG2	2
-#endif
-
-/*
- * Engage compiler specific rotate intrinsic function if available.
- */
-#undef ROTATE
-#ifndef PEDANTIC
-# if 0 /* defined(_MSC_VER) */
-#  define ROTATE(a,n)	_lrotl(a,n)
-# elif defined(__MWERKS__)
-#  if defined(__POWERPC__)
-#   define ROTATE(a,n)	__rlwinm(a,n,0,31)
-#  elif defined(__MC68K__)
-    /* Motorola specific tweak. <appro@fy.chalmers.se> */
-#   define ROTATE(a,n)	( n<24 ? __rol(a,n) : __ror(a,32-n) )
-#  else
-#   define ROTATE(a,n)	__rol(a,n)
-#  endif
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-  /*
-   * Some GNU C inline assembler templates. Note that these are
-   * rotates by *constant* number of bits! But that's exactly
-   * what we need here...
-   *
-   * 					<appro@fy.chalmers.se>
-   */
-#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   define ROTATE(a,n)	({ register unsigned int ret;	\
-				asm (			\
-				"roll %1,%0"		\
-				: "=r"(ret)		\
-				: "I"(n), "0"(a)	\
-				: "cc");		\
-			   ret;				\
-			})
-#  elif defined(__powerpc) || defined(__ppc)
-#   define ROTATE(a,n)	({ register unsigned int ret;	\
-				asm (			\
-				"rlwinm %0,%1,%2,0,31"	\
-				: "=r"(ret)		\
-				: "r"(a), "I"(n));	\
-			   ret;				\
-			})
-#  endif
-# endif
-
-/*
- * Engage compiler specific "fetch in reverse byte order"
- * intrinsic function if available.
- */
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-  /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */
-#  if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY)
-#   define BE_FETCH32(a)	({ register unsigned int l=(a);\
-				asm (			\
-				"bswapl %0"		\
-				: "=r"(l) : "0"(l));	\
-			  l;				\
-			})
-#  elif defined(__powerpc)
-#   define LE_FETCH32(a)	({ register unsigned int l;	\
-				asm (			\
-				"lwbrx %0,0,%1"		\
-				: "=r"(l)		\
-				: "r"(a));		\
-			   l;				\
-			})
-
-#  elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
-#  define LE_FETCH32(a)	({ register unsigned int l;		\
-				asm (				\
-				"lda [%1]#ASI_PRIMARY_LITTLE,%0"\
-				: "=r"(l)			\
-				: "r"(a));			\
-			   l;					\
-			})
-#  endif
-# endif
-#endif /* PEDANTIC */
-
-#if HASH_LONG_LOG2==2	/* Engage only if sizeof(HASH_LONG)== 4 */
-/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
-#ifdef ROTATE
-/* 5 instructions with rotate instruction, else 9 */
-#define REVERSE_FETCH32(a,l)	(					\
-		l=*(const HASH_LONG *)(a),				\
-		((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24)))	\
-				)
-#else
-/* 6 instructions with rotate instruction, else 8 */
-#define REVERSE_FETCH32(a,l)	(				\
-		l=*(const HASH_LONG *)(a),			\
-		l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)),	\
-		ROTATE(l,16)					\
-				)
-/*
- * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
- * It's rewritten as above for two reasons:
- *	- RISCs aren't good at long constants and have to explicitely
- *	  compose 'em with several (well, usually 2) instructions in a
- *	  register before performing the actual operation and (as you
- *	  already realized:-) having same constant should inspire the
- *	  compiler to permanently allocate the only register for it;
- *	- most modern CPUs have two ALUs, but usually only one has
- *	  circuitry for shifts:-( this minor tweak inspires compiler
- *	  to schedule shift instructions in a better way...
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
-#endif
-
-#ifndef ROTATE
-#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-#endif
-
-/*
- * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
- * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
- * and host are of the same "endianess". It's possible to mask
- * this with blank #define HASH_BLOCK_DATA_ORDER though...
- *
- *				<appro@fy.chalmers.se>
- */
-#if defined(B_ENDIAN)
-#  if defined(DATA_ORDER_IS_BIG_ENDIAN)
-#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
-#    endif
-#  elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#    ifndef HOST_FETCH32
-#      ifdef LE_FETCH32
-#        define HOST_FETCH32(p,l)	LE_FETCH32(p)
-#      elif defined(REVERSE_FETCH32)
-#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
-#      endif
-#    endif
-#  endif
-#elif defined(L_ENDIAN)
-#  if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
-#    endif
-#  elif defined(DATA_ORDER_IS_BIG_ENDIAN)
-#    ifndef HOST_FETCH32
-#      ifdef BE_FETCH32
-#        define HOST_FETCH32(p,l)	BE_FETCH32(p)
-#      elif defined(REVERSE_FETCH32)
-#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
-#      endif
-#    endif
-#  endif
-#endif
-
-#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-#endif
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))<<24),		\
-			 l|=(((unsigned long)(*((c)++)))<<16),		\
-			 l|=(((unsigned long)(*((c)++)))<< 8),		\
-			 l|=(((unsigned long)(*((c)++)))    ),		\
-			 l)
-#define HOST_p_c2l(c,l,n)	{					\
-			switch (n) {					\
-			case 0: l =((unsigned long)(*((c)++)))<<24;	\
-			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
-			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
-			case 3: l|=((unsigned long)(*((c)++)));		\
-				} }
-#define HOST_p_c2l_p(c,l,sc,len) {					\
-			switch (sc) {					\
-			case 0: l =((unsigned long)(*((c)++)))<<24;	\
-				if (--len == 0) break;			\
-			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
-				if (--len == 0) break;			\
-			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
-				} }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n)	{					\
-			l=0; (c)+=n;					\
-			switch (n) {					\
-			case 3: l =((unsigned long)(*(--(c))))<< 8;	\
-			case 2: l|=((unsigned long)(*(--(c))))<<16;	\
-			case 1: l|=((unsigned long)(*(--(c))))<<24;	\
-				} }
-#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)    )&0xff),	\
-			 l)
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ),		\
-			 l|=(((unsigned long)(*((c)++)))<< 8),		\
-			 l|=(((unsigned long)(*((c)++)))<<16),		\
-			 l|=(((unsigned long)(*((c)++)))<<24),		\
-			 l)
-#define HOST_p_c2l(c,l,n)	{					\
-			switch (n) {					\
-			case 0: l =((unsigned long)(*((c)++)));		\
-			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
-			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
-			case 3: l|=((unsigned long)(*((c)++)))<<24;	\
-				} }
-#define HOST_p_c2l_p(c,l,sc,len) {					\
-			switch (sc) {					\
-			case 0: l =((unsigned long)(*((c)++)));		\
-				if (--len == 0) break;			\
-			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
-				if (--len == 0) break;			\
-			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
-				} }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n)	{					\
-			l=0; (c)+=n;					\
-			switch (n) {					\
-			case 3: l =((unsigned long)(*(--(c))))<<16;	\
-			case 2: l|=((unsigned long)(*(--(c))))<< 8;	\
-			case 1: l|=((unsigned long)(*(--(c))));		\
-				} }
-#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>>24)&0xff),	\
-			 l)
-
-#endif
-
-/*
- * Time for some action:-)
- */
-
-int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len)
-	{
-	const unsigned char *data=data_;
-	register HASH_LONG * p;
-	register unsigned long l;
-	int sw,sc,ew,ec;
-
-	if (len==0) return 1;
-
-	l=(c->Nl+(len<<3))&0xffffffffL;
-	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
-	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
-	if (l < c->Nl) /* overflow */
-		c->Nh++;
-	c->Nh+=(len>>29);
-	c->Nl=l;
-
-	if (c->num != 0)
-		{
-		p=c->data;
-		sw=c->num>>2;
-		sc=c->num&0x03;
-
-		if ((c->num+len) >= HASH_CBLOCK)
-			{
-			l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
-			for (; sw<HASH_LBLOCK; sw++)
-				{
-				HOST_c2l(data,l); p[sw]=l;
-				}
-			HASH_BLOCK_HOST_ORDER (c,p,1);
-			len-=(HASH_CBLOCK-c->num);
-			c->num=0;
-			/* drop through and do the rest */
-			}
-		else
-			{
-			c->num+=len;
-			if ((sc+len) < 4) /* ugly, add char's to a word */
-				{
-				l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
-				}
-			else
-				{
-				ew=(c->num>>2);
-				ec=(c->num&0x03);
-				if (sc)
-					l=p[sw];
-				HOST_p_c2l(data,l,sc);
-				p[sw++]=l;
-				for (; sw < ew; sw++)
-					{
-					HOST_c2l(data,l); p[sw]=l;
-					}
-				if (ec)
-					{
-					HOST_c2l_p(data,l,ec); p[sw]=l;
-					}
-				}
-			return 1;
-			}
-		}
-
-	sw=len/HASH_CBLOCK;
-	if (sw > 0)
-		{
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-		/*
-		 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
-		 * only if sizeof(HASH_LONG)==4.
-		 */
-		if ((((unsigned long)data)%4) == 0)
-			{
-			/* data is properly aligned so that we can cast it: */
-			HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw);
-			sw*=HASH_CBLOCK;
-			data+=sw;
-			len-=sw;
-			}
-		else
-#if !defined(HASH_BLOCK_DATA_ORDER)
-			while (sw--)
-				{
-				memcpy (p=c->data,data,HASH_CBLOCK);
-				HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
-				data+=HASH_CBLOCK;
-				len-=HASH_CBLOCK;
-				}
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
-			{
-			HASH_BLOCK_DATA_ORDER(c,data,sw);
-			sw*=HASH_CBLOCK;
-			data+=sw;
-			len-=sw;
-			}
-#endif
-		}
-
-	if (len!=0)
-		{
-		p = c->data;
-		c->num = len;
-		ew=len>>2;	/* words to copy */
-		ec=len&0x03;
-		for (; ew; ew--,p++)
-			{
-			HOST_c2l(data,l); *p=l;
-			}
-		HOST_c2l_p(data,l,ec);
-		*p=l;
-		}
-	return 1;
-	}
-
-
-void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
-	{
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-	if ((((unsigned long)data)%4) == 0)
-		/* data is properly aligned so that we can cast it: */
-		HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1);
-	else
-#if !defined(HASH_BLOCK_DATA_ORDER)
-		{
-		memcpy (c->data,data,HASH_CBLOCK);
-		HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
-		}
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
-	HASH_BLOCK_DATA_ORDER (c,data,1);
-#endif
-	}
-
-
-int HASH_FINAL (unsigned char *md, HASH_CTX *c)
-	{
-	register HASH_LONG *p;
-	register unsigned long l;
-	register int i,j;
-	static const unsigned char end[4]={0x80,0x00,0x00,0x00};
-	const unsigned char *cp=end;
-
-	/* c->num should definitly have room for at least one more byte. */
-	p=c->data;
-	i=c->num>>2;
-	j=c->num&0x03;
-
-#if 0
-	/* purify often complains about the following line as an
-	 * Uninitialized Memory Read.  While this can be true, the
-	 * following p_c2l macro will reset l when that case is true.
-	 * This is because j&0x03 contains the number of 'valid' bytes
-	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
-	 * occur but this is also the only time p_c2l will do
-	 * l= *(cp++) instead of l|= *(cp++)
-	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
-	 * 'potential bug' */
-#ifdef PURIFY
-	if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
-#endif
-	l=p[i];
-#else
-	l = (j==0) ? 0 : p[i];
-#endif
-	HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
-
-	if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
-		{
-		if (i<HASH_LBLOCK) p[i]=0;
-		HASH_BLOCK_HOST_ORDER (c,p,1);
-		i=0;
-		}
-	for (; i<(HASH_LBLOCK-2); i++)
-		p[i]=0;
-
-#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
-	p[HASH_LBLOCK-2]=c->Nh;
-	p[HASH_LBLOCK-1]=c->Nl;
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-	p[HASH_LBLOCK-2]=c->Nl;
-	p[HASH_LBLOCK-1]=c->Nh;
-#endif
-	HASH_BLOCK_HOST_ORDER (c,p,1);
-
-#ifndef HASH_MAKE_STRING
-#error "HASH_MAKE_STRING must be defined!"
-#else
-	HASH_MAKE_STRING(c,md);
-#endif
-
-	c->num=0;
-	/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
-	 * but I'm not worried :-)
-	OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
-	 */
-	return 1;
-	}
-
-#ifndef MD32_REG_T
-#define MD32_REG_T long
-/*
- * This comment was originaly written for MD5, which is why it
- * discusses A-D. But it basically applies to all 32-bit digests,
- * which is why it was moved to common header file.
- *
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents* 
- * performance degradation.
- *				<appro@fy.chalmers.se>
- * Apparently there're LP64 compilers that generate better
- * code if A-D are declared int. Most notably GCC-x86_64
- * generates better code.
- *				<appro@fy.chalmers.se>
- */
-#endif
diff --git a/crypto/openssl/crypto/md4/Makefile.save b/crypto/openssl/crypto/md4/Makefile.save
deleted file mode 100644
index bc38badb0a2b..000000000000
--- a/crypto/openssl/crypto/md4/Makefile.save
+++ /dev/null
@@ -1,85 +0,0 @@
-#
-# SSLeay/crypto/md4/Makefile
-#
-
-DIR=    md4
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md4test.c
-APPS=md4.c
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md4_dgst.c md4_one.c
-LIBOBJ=md4_dgst.o md4_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md4.h
-HEADER= md4_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
-md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_locl.h
-md4_one.o: ../../include/openssl/md4.h
diff --git a/crypto/openssl/crypto/md4/Makefile.ssl b/crypto/openssl/crypto/md4/Makefile.ssl
deleted file mode 100644
index 4d2d7369e621..000000000000
--- a/crypto/openssl/crypto/md4/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/md4/Makefile
-#
-
-DIR=    md4
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md4test.c
-APPS=md4.c
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md4_dgst.c md4_one.c
-LIBOBJ=md4_dgst.o md4_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md4.h
-HEADER= md4_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
-md4_dgst.o: ../../include/openssl/opensslconf.h
-md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c
-md4_dgst.o: md4_locl.h
-md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
-md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md4_one.o: md4_one.c
diff --git a/crypto/openssl/crypto/md4/md4.c b/crypto/openssl/crypto/md4/md4.c
deleted file mode 100644
index 141415ad4df6..000000000000
--- a/crypto/openssl/crypto/md4/md4.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/md4/md4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md4.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("MD4(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	MD4_CTX c;
-	unsigned char md[MD4_DIGEST_LENGTH];
-	int fd;
-	int i;
-	static unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	MD4_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,sizeof buf);
-		if (i <= 0) break;
-		MD4_Update(&c,buf,(unsigned long)i);
-		}
-	MD4_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<MD4_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
-
diff --git a/crypto/openssl/crypto/md4/md4.h b/crypto/openssl/crypto/md4/md4.h
deleted file mode 100644
index 7a7b23682f8d..000000000000
--- a/crypto/openssl/crypto/md4/md4.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/md4/md4.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD4_H
-#define HEADER_MD4_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MD4
-#error MD4 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD4_LONG_LOG2 has to be defined along.			   !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define MD4_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define MD4_LONG unsigned long
-#define MD4_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *					<appro@fy.chalmers.se>
- */
-#else
-#define MD4_LONG unsigned int
-#endif
-
-#define MD4_CBLOCK	64
-#define MD4_LBLOCK	(MD4_CBLOCK/4)
-#define MD4_DIGEST_LENGTH 16
-
-typedef struct MD4state_st
-	{
-	MD4_LONG A,B,C,D;
-	MD4_LONG Nl,Nh;
-	MD4_LONG data[MD4_LBLOCK];
-	int num;
-	} MD4_CTX;
-
-int MD4_Init(MD4_CTX *c);
-int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
-int MD4_Final(unsigned char *md, MD4_CTX *c);
-unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
-void MD4_Transform(MD4_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/md4/md4_dgst.c b/crypto/openssl/crypto/md4/md4_dgst.c
deleted file mode 100644
index 7afb7185b68a..000000000000
--- a/crypto/openssl/crypto/md4/md4_dgst.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/* crypto/md4/md4_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md4_locl.h"
-#include <openssl/opensslv.h>
-
-const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
-
-/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-int MD4_Init(MD4_CTX *c)
-	{
-	c->A=INIT_DATA_A;
-	c->B=INIT_DATA_B;
-	c->C=INIT_DATA_C;
-	c->D=INIT_DATA_D;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
-	return 1;
-	}
-
-#ifndef md4_block_host_order
-void md4_block_host_order (MD4_CTX *c, const void *data, int num)
-	{
-	const MD4_LONG *X=data;
-	register unsigned MD32_REG_T A,B,C,D;
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;X+=HASH_LBLOCK)
-		{
-	/* Round 0 */
-	R0(A,B,C,D,X[ 0], 3,0);
-	R0(D,A,B,C,X[ 1], 7,0);
-	R0(C,D,A,B,X[ 2],11,0);
-	R0(B,C,D,A,X[ 3],19,0);
-	R0(A,B,C,D,X[ 4], 3,0);
-	R0(D,A,B,C,X[ 5], 7,0);
-	R0(C,D,A,B,X[ 6],11,0);
-	R0(B,C,D,A,X[ 7],19,0);
-	R0(A,B,C,D,X[ 8], 3,0);
-	R0(D,A,B,C,X[ 9], 7,0);
-	R0(C,D,A,B,X[10],11,0);
-	R0(B,C,D,A,X[11],19,0);
-	R0(A,B,C,D,X[12], 3,0);
-	R0(D,A,B,C,X[13], 7,0);
-	R0(C,D,A,B,X[14],11,0);
-	R0(B,C,D,A,X[15],19,0);
-	/* Round 1 */
-	R1(A,B,C,D,X[ 0], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 4], 5,0x5A827999L);
-	R1(C,D,A,B,X[ 8], 9,0x5A827999L);
-	R1(B,C,D,A,X[12],13,0x5A827999L);
-	R1(A,B,C,D,X[ 1], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 5], 5,0x5A827999L);
-	R1(C,D,A,B,X[ 9], 9,0x5A827999L);
-	R1(B,C,D,A,X[13],13,0x5A827999L);
-	R1(A,B,C,D,X[ 2], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 6], 5,0x5A827999L);
-	R1(C,D,A,B,X[10], 9,0x5A827999L);
-	R1(B,C,D,A,X[14],13,0x5A827999L);
-	R1(A,B,C,D,X[ 3], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 7], 5,0x5A827999L);
-	R1(C,D,A,B,X[11], 9,0x5A827999L);
-	R1(B,C,D,A,X[15],13,0x5A827999L);
-	/* Round 2 */
-	R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[12],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[14],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[13],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[15],15,0x6ED9EBA1);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
-#ifndef md4_block_data_order
-#ifdef X
-#undef X
-#endif
-void md4_block_data_order (MD4_CTX *c, const void *data_, int num)
-	{
-	const unsigned char *data=data_;
-	register unsigned MD32_REG_T A,B,C,D,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	MD4_LONG XX[MD4_LBLOCK];
-# define X(i)	XX[i]
-#endif
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;)
-		{
-	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-	/* Round 0 */
-	R0(A,B,C,D,X( 0), 3,0);	HOST_c2l(data,l); X( 2)=l;
-	R0(D,A,B,C,X( 1), 7,0);	HOST_c2l(data,l); X( 3)=l;
-	R0(C,D,A,B,X( 2),11,0);	HOST_c2l(data,l); X( 4)=l;
-	R0(B,C,D,A,X( 3),19,0);	HOST_c2l(data,l); X( 5)=l;
-	R0(A,B,C,D,X( 4), 3,0);	HOST_c2l(data,l); X( 6)=l;
-	R0(D,A,B,C,X( 5), 7,0);	HOST_c2l(data,l); X( 7)=l;
-	R0(C,D,A,B,X( 6),11,0);	HOST_c2l(data,l); X( 8)=l;
-	R0(B,C,D,A,X( 7),19,0);	HOST_c2l(data,l); X( 9)=l;
-	R0(A,B,C,D,X( 8), 3,0);	HOST_c2l(data,l); X(10)=l;
-	R0(D,A,B,C,X( 9), 7,0);	HOST_c2l(data,l); X(11)=l;
-	R0(C,D,A,B,X(10),11,0);	HOST_c2l(data,l); X(12)=l;
-	R0(B,C,D,A,X(11),19,0);	HOST_c2l(data,l); X(13)=l;
-	R0(A,B,C,D,X(12), 3,0);	HOST_c2l(data,l); X(14)=l;
-	R0(D,A,B,C,X(13), 7,0);	HOST_c2l(data,l); X(15)=l;
-	R0(C,D,A,B,X(14),11,0);
-	R0(B,C,D,A,X(15),19,0);
-	/* Round 1 */
-	R1(A,B,C,D,X( 0), 3,0x5A827999L);
-	R1(D,A,B,C,X( 4), 5,0x5A827999L);
-	R1(C,D,A,B,X( 8), 9,0x5A827999L);
-	R1(B,C,D,A,X(12),13,0x5A827999L);
-	R1(A,B,C,D,X( 1), 3,0x5A827999L);
-	R1(D,A,B,C,X( 5), 5,0x5A827999L);
-	R1(C,D,A,B,X( 9), 9,0x5A827999L);
-	R1(B,C,D,A,X(13),13,0x5A827999L);
-	R1(A,B,C,D,X( 2), 3,0x5A827999L);
-	R1(D,A,B,C,X( 6), 5,0x5A827999L);
-	R1(C,D,A,B,X(10), 9,0x5A827999L);
-	R1(B,C,D,A,X(14),13,0x5A827999L);
-	R1(A,B,C,D,X( 3), 3,0x5A827999L);
-	R1(D,A,B,C,X( 7), 5,0x5A827999L);
-	R1(C,D,A,B,X(11), 9,0x5A827999L);
-	R1(B,C,D,A,X(15),13,0x5A827999L);
-	/* Round 2 */
-	R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
-#ifdef undef
-int printit(unsigned long *l)
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/md4/md4_locl.h b/crypto/openssl/crypto/md4/md4_locl.h
deleted file mode 100644
index a8d31d7a73f5..000000000000
--- a/crypto/openssl/crypto/md4/md4_locl.h
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/md4/md4_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md4.h>
-
-#ifndef MD4_LONG_LOG2
-#define MD4_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-void md4_block_host_order (MD4_CTX *c, const void *p,int num);
-void md4_block_data_order (MD4_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- *				<appro@fy.chalmers.se>
- */
-#define md4_block_data_order md4_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG		MD4_LONG
-#define HASH_LONG_LOG2		MD4_LONG_LOG2
-#define HASH_CTX		MD4_CTX
-#define HASH_CBLOCK		MD4_CBLOCK
-#define HASH_LBLOCK		MD4_LBLOCK
-#define HASH_UPDATE		MD4_Update
-#define HASH_TRANSFORM		MD4_Transform
-#define HASH_FINAL		MD4_Final
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	} while (0)
-#define HASH_BLOCK_HOST_ORDER	md4_block_host_order
-#if !defined(L_ENDIAN) || defined(md4_block_data_order)
-#define	HASH_BLOCK_DATA_ORDER	md4_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md4_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
-
-#include "md32_common.h"
-
-/*
-#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
-#define	G(x,y,z)	(((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below.  Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d)	(((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define	H(b,c,d)	((b) ^ (c) ^ (d))
-
-#define R0(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+F((b),(c),(d))); \
-	a=ROTATE(a,s); };
-
-#define R1(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+G((b),(c),(d))); \
-	a=ROTATE(a,s); };\
-
-#define R2(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+H((b),(c),(d))); \
-	a=ROTATE(a,s); };
diff --git a/crypto/openssl/crypto/md4/md4_one.c b/crypto/openssl/crypto/md4/md4_one.c
deleted file mode 100644
index 00565507e4bb..000000000000
--- a/crypto/openssl/crypto/md4/md4_one.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/md4/md4_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md4.h>
-#include <openssl/crypto.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	MD4_CTX c;
-	static unsigned char m[MD4_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	MD4_Init(&c);
-#ifndef CHARSET_EBCDIC
-	MD4_Update(&c,d,n);
-#else
-	{
-		char temp[1024];
-		unsigned long chunk;
-
-		while (n > 0)
-		{
-			chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-			ebcdic2ascii(temp, d, chunk);
-			MD4_Update(&c,temp,chunk);
-			n -= chunk;
-			d += chunk;
-		}
-	}
-#endif
-	MD4_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
-	return(md);
-	}
-
diff --git a/crypto/openssl/crypto/md4/md4s.cpp b/crypto/openssl/crypto/md4/md4s.cpp
deleted file mode 100644
index c0ec97fc9f9b..000000000000
--- a/crypto/openssl/crypto/md4/md4s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md4.h>
-
-extern "C" {
-void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD4_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md4_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md4_block_x86(&ctx,buffer,num);
-			}
-		printf("md4 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/crypto/md4/md4test.c b/crypto/openssl/crypto/md4/md4test.c
deleted file mode 100644
index 21a77d96f711..000000000000
--- a/crypto/openssl/crypto/md4/md4test.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* crypto/md4/md4test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD4
-int main(int argc, char *argv[])
-{
-    printf("No MD4 support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-#include <openssl/md4.h>
-
-static char *test[]={
-	"",
-	"a",
-	"abc",
-	"message digest",
-	"abcdefghijklmnopqrstuvwxyz",
-	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
-	NULL,
-	};
-
-static char *ret[]={
-"31d6cfe0d16ae931b73c59d7e0c089c0",
-"bde52cb31de33e46245e05fbdbd6fb24",
-"a448017aaf21d8525fc10ae87aa6729d",
-"d9130a8164549fe818874806e1c7014b",
-"d79e1c308aa5bbcdeea8ed63df412da9",
-"043f8582f241db351ce627e153e7f0e4",
-"e33b4ddc9c38f2199c3e7b164fcc0536",
-};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	unsigned char **P,**R;
-	char *p;
-	unsigned char md[MD4_DIGEST_LENGTH];
-
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
-		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
-			{
-			printf("error calculating MD4 on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-	EXIT(err);
-	return(0);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<MD4_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/md5/Makefile.save b/crypto/openssl/crypto/md5/Makefile.save
deleted file mode 100644
index e5ec4a21ae33..000000000000
--- a/crypto/openssl/crypto/md5/Makefile.save
+++ /dev/null
@@ -1,134 +0,0 @@
-#
-# SSLeay/crypto/md5/Makefile
-#
-
-DIR=    md5
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-MD5_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-# We let the C compiler driver to take care of .s files. This is done in
-# order to be excused from maintaining a separate set of architecture
-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
-# gcc, then the driver will automatically translate it to -xarch=v8plus
-# and pass it down to assembler.
-AS=$(CC) -c
-ASFLAGS=$(CFLAGS)
-
-GENERAL=Makefile
-TEST=md5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md5_dgst.c md5_one.c
-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/mx86-elf.o: asm/mx86unix.cpp
-	$(CPP) -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o
-
-# solaris
-asm/mx86-sol.o: asm/mx86unix.cpp
-	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
-	as -o asm/mx86-sol.o asm/mx86-sol.s
-	rm -f asm/mx86-sol.s
-
-# a.out
-asm/mx86-out.o: asm/mx86unix.cpp
-	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
-
-# bsdi
-asm/mx86bsdi.o: asm/mx86unix.cpp
-	$(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o
-
-asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp)
-
-asm/md5-sparcv8plus.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o asm/md5-sparcv8plus.o asm/md5-sparcv9.S
-
-# Old GNU assembler doesn't understand V9 instructions, so we
-# hire /usr/ccs/bin/as to do the job. Note that option is called
-# *-gcc27, but even gcc 2>=8 users may experience similar problem
-# if they didn't bother to upgrade GNU assembler. Such users should
-# not choose this option, but be adviced to *remove* GNU assembler
-# or upgrade it.
-asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \
-		/usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o
-
-asm/md5-sparcv9.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o asm/md5-sparcv9.o asm/md5-sparcv9.S
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
-md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_locl.h
-md5_one.o: ../../include/openssl/md5.h
diff --git a/crypto/openssl/crypto/md5/Makefile.ssl b/crypto/openssl/crypto/md5/Makefile.ssl
deleted file mode 100644
index 56cab5d882ba..000000000000
--- a/crypto/openssl/crypto/md5/Makefile.ssl
+++ /dev/null
@@ -1,126 +0,0 @@
-#
-# SSLeay/crypto/md5/Makefile
-#
-
-DIR=    md5
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-MD5_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md5_dgst.c md5_one.c
-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s)
-
-# a.out
-asm/mx86-out.o: asm/mx86unix.cpp
-	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
-
-# bsdi
-asm/mx86bsdi.o: asm/mx86unix.cpp
-	$(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o
-
-asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp)
-
-asm/md5-sparcv8plus.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o asm/md5-sparcv8plus.o asm/md5-sparcv9.S
-
-# Old GNU assembler doesn't understand V9 instructions, so we
-# hire /usr/ccs/bin/as to do the job. Note that option is called
-# *-gcc27, but even gcc 2>=8 users may experience similar problem
-# if they didn't bother to upgrade GNU assembler. Such users should
-# not choose this option, but be adviced to *remove* GNU assembler
-# or upgrade it.
-asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \
-		/usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o
-
-asm/md5-sparcv9.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o asm/md5-sparcv9.o asm/md5-sparcv9.S
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h
-md5_dgst.o: ../../include/openssl/opensslconf.h
-md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
-md5_dgst.o: md5_locl.h
-md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
-md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md5_one.o: md5_one.c
diff --git a/crypto/openssl/crypto/md5/Makefile.uni b/crypto/openssl/crypto/md5/Makefile.uni
deleted file mode 100644
index d21c72f3ea0d..000000000000
--- a/crypto/openssl/crypto/md5/Makefile.uni
+++ /dev/null
@@ -1,110 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=    md5
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-MD5_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md5test
-APPS=md5
-
-LIB=libmd5.a
-LIBSRC=md5_dgst.c md5_one.c
-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-# elf
-asm/mx86-elf.o: asm/mx86unix.cpp
-	$(CPP) -DELF asm/mx86unix.cpp | as -o asm/mx86-elf.o
-
-# solaris
-asm/mx86-sol.o: asm/mx86unix.cpp
-	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
-	as -o asm/mx86-sol.o asm/mx86-sol.s
-	rm -f asm/mx86-sol.s
-
-# a.out
-asm/mx86-out.o: asm/mx86unix.cpp
-	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
-
-# bsdi
-asm/mx86bsdi.o: asm/mx86unix.cpp
-	$(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o
-
-asm/mx86unix.cpp:
-	(cd asm; perl md5-586.pl cpp >mx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) MD5_ASM_OBJ="" CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) MD5_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-x86-elf:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-elf.o" CFLAG="-DELF -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-out:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-out.o" CFLAG="-DOUT -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-solaris:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-sol.o" CFLAG="-DSOL -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-bdsi:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-bdsi.o" CFLAG="-DBDSI -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/md5/asm/md5-586.pl b/crypto/openssl/crypto/md5/asm/md5-586.pl
deleted file mode 100644
index 5fc6a205ce00..000000000000
--- a/crypto/openssl/crypto/md5/asm/md5-586.pl
+++ /dev/null
@@ -1,306 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X);
-# version, non-normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="eax";
-$B="ebx";
-$C="ecx";
-$D="edx";
-$tmp1="edi";
-$tmp2="ebp";
-$X="esi";
-
-# What we need to load into $tmp for the next round
-%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
-@xo=(
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,	# R0
- 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12,	# R1
- 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2,	# R2
- 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9,	# R3
- );
-
-&md5_block("md5_block_asm_host_order");
-&asm_finish();
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
-	return($n{$p});
-	}
-
-sub R0
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&mov($tmp1,$C)  if $pos < 0;
-	&mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one 
-
-	# body proper
-
-	&comment("R0 $ki");
-	&xor($tmp1,$d); # F function - part 2
-
-	&and($tmp1,$b); # F function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$d); # F function - part 4
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# next tmp1 for R0
-	&mov($tmp1,&Np($c)) if $pos == 1;	# next tmp1 for R1
-
-	&rotl($a,$s);
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
-	&add($a,$b);
-	}
-
-sub R1
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&comment("R1 $ki");
-
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$b); # G function - part 2
-	&and($tmp1,$d); # G function - part 3
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-	&xor($tmp1,$c);			# G function - part 4
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# G function - part 1
-	&mov($tmp1,&Np($c)) if $pos == 1;	# G function - part 1
-
-	&rotl($a,$s);
-
-	&add($a,$b);
-	}
-
-sub R2
-	{
-	local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-	# This one is different, only 3 logical operations
-
-if (($n & 1) == 0)
-	{
-	&comment("R2 $ki");
-	# make sure to do 'D' first, not 'B', else we clash with
-	# the last add from the previous round.
-
-	&xor($tmp1,$d); # H function - part 2
-
-	&xor($tmp1,$b); # H function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&add($a,$tmp1);
-
-	&rotl($a,$s);
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
-	&mov($tmp1,&Np($c));
-	}
-else
-	{
-	&comment("R2 $ki");
-	# make sure to do 'D' first, not 'B', else we clash with
-	# the last add from the previous round.
-
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&add($b,$c);			# MOVED FORWARD
-	&xor($tmp1,$d); # H function - part 2
-
-	&xor($tmp1,$b); # H function - part 3
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# H function - part 1
-	&mov($tmp1,-1) if $pos == 1;		# I function - part 1
-
-	&rotl($a,$s);
-
-	&add($a,$b);
-	}
-	}
-
-sub R3
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&comment("R3 $ki");
-
-	# &not($tmp1)
-	&xor($tmp1,$d) if $pos < 0; 	# I function - part 2
-
-	&or($tmp1,$b);				# I function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$c); 			# I function - part 4
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0))	if $pos != 2; # load X/k value
-	&mov($tmp2,&wparam(0)) if $pos == 2;
-
-	&add($a,$tmp1);
-	&mov($tmp1,-1) if $pos < 1;	# H function - part 1
-	&add($K,64) if $pos >=1 && !$normal;
-
-	&rotl($a,$s);
-
-	&xor($tmp1,&Np($d)) if $pos <= 0; 	# I function - part = first time
-	&mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
-	&add($a,$b);
-	}
-
-
-sub md5_block
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"",3);
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-
-	&push("esi");
-	 &push("edi");
-	&mov($tmp1,	&wparam(0)); # edi
-	 &mov($X,	&wparam(1)); # esi
-	&mov($C,	&wparam(2));
-	 &push("ebp");
-	&shl($C,	6);
-	&push("ebx");
-	 &add($C,	$X); # offset we end at
-	&sub($C,	64);
-	 &mov($A,	&DWP( 0,$tmp1,"",0));
-	&push($C);	# Put on the TOS
-	 &mov($B,	&DWP( 4,$tmp1,"",0));
-	&mov($C,	&DWP( 8,$tmp1,"",0));
-	 &mov($D,	&DWP(12,$tmp1,"",0));
-
-	&set_label("start") unless $normal;
-	&comment("");
-	&comment("R0 section");
-
-	&R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
-	&R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
-	&R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
-	&R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
-	&R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
-	&R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
-	&R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
-	&R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
-	&R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
-	&R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
-	&R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
-	&R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
-	&R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
-	&R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
-	&R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
-	&R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
-
-	&comment("");
-	&comment("R1 section");
-	&R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
-	&R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
-	&R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
-	&R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
-	&R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
-	&R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
-	&R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
-	&R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
-	&R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
-	&R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
-	&R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
-	&R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
-	&R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
-	&R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
-	&R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
-	&R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
-
-	&comment("");
-	&comment("R2 section");
-	&R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
-	&R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
-	&R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
-	&R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
-	&R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
-	&R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
-	&R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
-	&R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
-	&R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
-	&R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
-	&R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
-	&R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
-	&R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
-	&R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
-	&R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
-	&R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
-
-	&comment("");
-	&comment("R3 section");
-	&R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
-	&R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
-	&R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
-	&R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
-	&R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
-	&R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
-	&R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
-	&R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
-	&R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
-	&R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
-	&R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
-	&R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
-	&R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
-	&R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
-	&R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
-	&R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
-
-	# &mov($tmp2,&wparam(0));	# done in the last R3
-	# &mov($tmp1,	&DWP( 0,$tmp2,"",0)); # done is the last R3
-
-	&add($A,$tmp1);
-	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));
-
-	&add($B,$tmp1);
-	&mov($tmp1,	&DWP( 8,$tmp2,"",0));
-
-	&add($C,$tmp1);
-	&mov($tmp1,	&DWP(12,$tmp2,"",0));
-
-	&add($D,$tmp1);
-	&mov(&DWP( 0,$tmp2,"",0),$A);
-
-	&mov(&DWP( 4,$tmp2,"",0),$B);
-	&mov($tmp1,&swtmp(0)) unless $normal;
-
-	&mov(&DWP( 8,$tmp2,"",0),$C);
-	 &mov(&DWP(12,$tmp2,"",0),$D);
-
-	&cmp($tmp1,$X) unless $normal;			# check count
-	 &jge(&label("start")) unless $normal;
-
-	&pop("eax"); # pop the temp variable off the stack
-	 &pop("ebx");
-	&pop("ebp");
-	 &pop("edi");
-	&pop("esi");
-	 &ret();
-	&function_end_B($name);
-	}
-
diff --git a/crypto/openssl/crypto/md5/asm/md5-sparcv9.S b/crypto/openssl/crypto/md5/asm/md5-sparcv9.S
deleted file mode 100644
index a599ed5660bc..000000000000
--- a/crypto/openssl/crypto/md5/asm/md5-sparcv9.S
+++ /dev/null
@@ -1,1029 +0,0 @@
-.ident	"md5-sparcv9.S, Version 1.0"
-.ident	"SPARC V9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-.file	"md5-sparcv9.S"
-
-/*
- * ====================================================================
- * Copyright (c) 1999 Andy Polyakov <appro@fy.chalmers.se>.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted as long as above copyright notices are retained. Warranty
- * of any kind is (of course:-) disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contribution to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is an
- * assembler implementation of MD5 block hash function. I've hand-coded
- * this for the sole reason to reach UltraSPARC-specific "load in
- * little-endian byte order" instruction. This gives up to 15%
- * performance improvement for cases when input message is aligned at
- * 32 bits boundary. The module was tested under both 32 *and* 64 bit
- * kernels. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * To compile with SC4.x/SC5.x:
- *
- *	cc -xarch=v[9|8plus] -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \
- *		-c md5-sparcv9.S
- *
- * and with gcc:
- *
- *	gcc -mcpu=ultrasparc -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \
- *		-c md5-sparcv9.S
- *
- * or if above fails (it does if you have gas):
- *
- *	gcc -E -DULTRASPARC -DMD5_BLOCK_DATA_ORDER md5_block.sparc.S | \
- *		as -xarch=v8plus /dev/fd/0 -o md5-sparcv9.o
- */
-
-#define	A	%o0
-#define B	%o1
-#define	C	%o2
-#define	D	%o3
-#define	T1	%o4
-#define	T2	%o5
-
-#define	R0	%l0
-#define	R1	%l1
-#define	R2	%l2
-#define	R3	%l3
-#define	R4	%l4
-#define	R5	%l5
-#define	R6	%l6
-#define	R7	%l7
-#define	R8	%i3
-#define	R9	%i4
-#define	R10	%i5
-#define	R11	%g1
-#define R12	%g2
-#define	R13	%g3
-#define RX	%g4
-
-#define Aptr	%i0+0
-#define Bptr	%i0+4
-#define Cptr	%i0+8
-#define Dptr	%i0+12
-
-#define Aval	R5	/* those not used at the end of the last round */
-#define Bval	R6
-#define Cval	R7
-#define Dval	R8
-
-#if defined(MD5_BLOCK_DATA_ORDER)
-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
-#  define	LOAD			lda
-#  define	X(i)			[%i1+i*4]%asi
-#  define	md5_block		md5_block_asm_data_order_aligned
-#  define	ASI_PRIMARY_LITTLE	0x88
-# else
-#  error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
-# endif
-#else
-# define	LOAD			ld
-# define	X(i)			[%i1+i*4]
-# define	md5_block		md5_block_asm_host_order
-#endif
-
-.section        ".text",#alloc,#execinstr
-
-#if defined(__SUNPRO_C) && defined(__sparcv9)
-  /* They've said -xarch=v9 at command line */
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME	-192
-#elif defined(__GNUC__) && defined(__arch64__)
-  /* They've said -m64 at command line */
-  .register     %g2,#scratch
-  .register     %g3,#scratch
-# define        FRAME   -192
-#else
-# define	FRAME	-96
-#endif
-
-.align  32
-
-.global md5_block
-md5_block:
-	save	%sp,FRAME,%sp
-
-	ld	[Dptr],D
-	ld	[Cptr],C
-	ld	[Bptr],B
-	ld	[Aptr],A
-#ifdef ASI_PRIMARY_LITTLE
-	rd	%asi,%o7	! How dare I? Well, I just do:-)
-	wr	%g0,ASI_PRIMARY_LITTLE,%asi
-#endif
-	LOAD	X(0),R0
-
-.Lmd5_block_loop:
-
-!!!!!!!!Round 0
-
-	xor	C,D,T1
-	sethi	%hi(0xd76aa478),T2
-	and	T1,B,T1
-	or	T2,%lo(0xd76aa478),T2	!=
-	xor	T1,D,T1
-	add	T1,R0,T1
-	LOAD	X(1),R1
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0xe8c7b756),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0xe8c7b756),T2
-	xor	T1,C,T1
-	LOAD	X(2),R2
-	add	T1,R1,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0x242070db),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0x242070db),T2
-	xor	T1,B,T1
-	add	T1,R2,T1		!=
-	LOAD	X(3),R3
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0xc1bdceee),T2
-	and	T1,C,T1
-	or	T2,%lo(0xc1bdceee),T2
-	xor	T1,A,T1			!=
-	add	T1,R3,T1
-	LOAD	X(4),R4
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0xf57c0faf),T2
-	and	T1,B,T1
-	or	T2,%lo(0xf57c0faf),T2	!=
-	xor	T1,D,T1
-	add	T1,R4,T1
-	LOAD	X(5),R5
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0x4787c62a),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x4787c62a),T2
-	xor	T1,C,T1
-	LOAD	X(6),R6
-	add	T1,R5,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xa8304613),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xa8304613),T2
-	xor	T1,B,T1
-	add	T1,R6,T1		!=
-	LOAD	X(7),R7
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0xfd469501),T2
-	and	T1,C,T1
-	or	T2,%lo(0xfd469501),T2
-	xor	T1,A,T1			!=
-	add	T1,R7,T1
-	LOAD	X(8),R8
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0x698098d8),T2
-	and	T1,B,T1
-	or	T2,%lo(0x698098d8),T2	!=
-	xor	T1,D,T1
-	add	T1,R8,T1
-	LOAD	X(9),R9
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0x8b44f7af),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x8b44f7af),T2
-	xor	T1,C,T1
-	LOAD	X(10),R10
-	add	T1,R9,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xffff5bb1),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xffff5bb1),T2
-	xor	T1,B,T1
-	add	T1,R10,T1		!=
-	LOAD	X(11),R11
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0x895cd7be),T2
-	and	T1,C,T1
-	or	T2,%lo(0x895cd7be),T2
-	xor	T1,A,T1			!=
-	add	T1,R11,T1
-	LOAD	X(12),R12
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0x6b901122),T2
-	and	T1,B,T1
-	or	T2,%lo(0x6b901122),T2	!=
-	xor	T1,D,T1
-	add	T1,R12,T1
-	LOAD	X(13),R13
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0xfd987193),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0xfd987193),T2
-	xor	T1,C,T1
-	LOAD	X(14),RX
-	add	T1,R13,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xa679438e),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xa679438e),T2
-	xor	T1,B,T1
-	add	T1,RX,T1		!=
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0x49b40821),T2
-	and	T1,C,T1
-	or	T2,%lo(0x49b40821),T2
-	xor	T1,A,T1			!=
-	add	T1,RX,T1
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,22,T2			!=
-	srl	B,32-22,B
-	or	B,T2,B
-	add	B,C,B
-
-!!!!!!!!Round 1
-
-	xor	B,C,T1			!=
-	sethi	%hi(0xf61e2562),T2
-	and	T1,D,T1
-	or	T2,%lo(0xf61e2562),T2
-	xor	T1,C,T1			!=
-	add	T1,R1,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,5,T2			!=
-	srl	A,32-5,A
-	or	A,T2,A
-	add	A,B,A
-
-	xor	A,B,T1			!=
-	sethi	%hi(0xc040b340),T2
-	and	T1,C,T1
-	or	T2,%lo(0xc040b340),T2
-	xor	T1,B,T1			!=
-	add	T1,R6,T1
-	!pre-LOADed	X(11),R11
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,9,T2			!=
-	srl	D,32-9,D
-	or	D,T2,D
-	add	D,A,D
-
-	xor	D,A,T1			!=
-	sethi	%hi(0x265e5a51),T2
-	and	T1,B,T1
-	or	T2,%lo(0x265e5a51),T2
-	xor	T1,A,T1			!=
-	add	T1,R11,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,14,T2			!=
-	srl	C,32-14,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xe9b6c7aa),T2
-	and	T1,A,T1
-	or	T2,%lo(0xe9b6c7aa),T2
-	xor	T1,D,T1			!=
-	add	T1,R0,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,20,T2			!=
-	srl	B,32-20,B
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1			!=
-	sethi	%hi(0xd62f105d),T2
-	and	T1,D,T1
-	or	T2,%lo(0xd62f105d),T2
-	xor	T1,C,T1			!=
-	add	T1,R5,T1
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,5,T2			!=
-	srl	A,32-5,A
-	or	A,T2,A
-	add	A,B,A
-
-	xor	A,B,T1			!=
-	sethi	%hi(0x02441453),T2
-	and	T1,C,T1
-	or	T2,%lo(0x02441453),T2
-	xor	T1,B,T1			!=
-	add	T1,R10,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xd8a1e681),T2
-	and	T1,B,T1
-	or	T2,%lo(0xd8a1e681),T2	!=
-	xor	T1,A,T1
-	add	T1,RX,T1
-	!pre-LOADed	X(4),R4
-	add	T1,T2,T1
-	add	C,T1,C			!=
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C
-	add	C,D,C			!=
-
-	xor	C,D,T1
-	sethi	%hi(0xe7d3fbc8),T2
-	and	T1,A,T1
-	or	T2,%lo(0xe7d3fbc8),T2	!=
-	xor	T1,D,T1
-	add	T1,R4,T1
-	!pre-LOADed	X(9),R9
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	xor	B,C,T1
-	sethi	%hi(0x21e1cde6),T2
-	and	T1,D,T1
-	or	T2,%lo(0x21e1cde6),T2	!=
-	xor	T1,C,T1
-	add	T1,R9,T1
-	LOAD	X(14),RX
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,5,T2
-	srl	A,32-5,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xc33707d6),T2
-	and	T1,C,T1			!=
-	or	T2,%lo(0xc33707d6),T2
-	xor	T1,B,T1
-	add	T1,RX,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0xf4d50d87),T2
-	and	T1,B,T1			!=
-	or	T2,%lo(0xf4d50d87),T2
-	xor	T1,A,T1
-	add	T1,R3,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	xor	C,D,T1
-	sethi	%hi(0x455a14ed),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x455a14ed),T2
-	xor	T1,D,T1
-	add	T1,R8,T1
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1		!=
-	add	B,T1,B
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B			!=
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xa9e3e905),T2
-	and	T1,D,T1			!=
-	or	T2,%lo(0xa9e3e905),T2
-	xor	T1,C,T1
-	add	T1,R13,T1
-	!pre-LOADed	X(2),R2
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,5,T2
-	srl	A,32-5,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xfcefa3f8),T2
-	and	T1,C,T1			!=
-	or	T2,%lo(0xfcefa3f8),T2
-	xor	T1,B,T1
-	add	T1,R2,T1
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0x676f02d9),T2
-	and	T1,B,T1			!=
-	or	T2,%lo(0x676f02d9),T2
-	xor	T1,A,T1
-	add	T1,R7,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	xor	C,D,T1
-	sethi	%hi(0x8d2a4c8a),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x8d2a4c8a),T2
-	xor	T1,D,T1
-	add	T1,R12,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1		!=
-	add	B,T1,B
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B			!=
-	add	B,C,B
-
-!!!!!!!!Round 2
-
-	xor	B,C,T1
-	sethi	%hi(0xfffa3942),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0xfffa3942),T2
-	add	T1,R5,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1
-	add	A,T1,A			!=
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A
-	add	A,B,A			!=
-
-	xor	A,B,T1
-	sethi	%hi(0x8771f681),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x8771f681),T2	!=
-	add	T1,R8,T1
-	!pre-LOADed	X(11),R11
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,11,T2			!=
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D
-
-	xor	D,A,T1			!=
-	sethi	%hi(0x6d9d6122),T2
-	xor	T1,B,T1
-	or	T2,%lo(0x6d9d6122),T2
-	add	T1,R11,T1		!=
-	LOAD	X(14),RX
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xfde5380c),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xfde5380c),T2
-	add	T1,RX,T1		!=
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xa4beea44),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xa4beea44),T2
-	add	T1,R1,T1
-	!pre-LOADed	X(4),R4
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0x4bdecfa9),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0x4bdecfa9),T2
-	add	T1,R4,T1
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xf6bb4b60),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xf6bb4b60),T2	!=
-	add	T1,R7,T1
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xbebfbc70),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xbebfbc70),T2
-	add	T1,R10,T1		!=
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0x289b7ec6),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0x289b7ec6),T2
-	add	T1,R13,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xeaa127fa),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0xeaa127fa),T2
-	add	T1,R0,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xd4ef3085),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xd4ef3085),T2	!=
-	add	T1,R3,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0x04881d05),T2
-	xor	T1,A,T1
-	or	T2,%lo(0x04881d05),T2
-	add	T1,R6,T1		!=
-	!pre-LOADed	X(9),R9
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xd9d4d039),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xd9d4d039),T2
-	add	T1,R9,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xe6db99e5),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0xe6db99e5),T2
-	add	T1,R12,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0x1fa27cf8),T2
-	xor	T1,B,T1			!=
-	or	T2,%lo(0x1fa27cf8),T2
-	add	T1,RX,T1
-	!pre-LOADed	X(2),R2
-	add	T1,T2,T1
-	add	C,T1,C			!=
-	sll	C,16,T2
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C			!=
-
-	xor	C,D,T1
-	sethi	%hi(0xc4ac5665),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xc4ac5665),T2	!=
-	add	T1,R2,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2			!=
-	srl	B,32-23,B
-	or	B,T2,B
-	add	B,C,B
-
-!!!!!!!!Round 3
-
-	orn	B,D,T1			!=
-	sethi	%hi(0xf4292244),T2
-	xor	T1,C,T1
-	or	T2,%lo(0xf4292244),T2
-	add	T1,R0,T1		!=
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2
-	srl	A,32-6,A		!=
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1
-	sethi	%hi(0x432aff97),T2	!=
-	xor	T1,B,T1
-	or	T2,%lo(0x432aff97),T2
-	LOAD	X(14),RX
-	add	T1,R7,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0xab9423a7),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0xab9423a7),T2
-	add	T1,RX,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0xfc93a039),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0xfc93a039),T2
-	add	T1,R5,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,21,T2
-	srl	B,32-21,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	orn	B,D,T1
-	sethi	%hi(0x655b59c3),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x655b59c3),T2	!=
-	add	T1,R12,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2			!=
-	srl	A,32-6,A
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1			!=
-	sethi	%hi(0x8f0ccc92),T2
-	xor	T1,B,T1
-	or	T2,%lo(0x8f0ccc92),T2
-	add	T1,R3,T1		!=
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0xffeff47d),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0xffeff47d),T2
-	add	T1,R10,T1
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0x85845dd1),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0x85845dd1),T2
-	add	T1,R1,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,21,T2
-	srl	B,32-21,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	orn	B,D,T1
-	sethi	%hi(0x6fa87e4f),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x6fa87e4f),T2	!=
-	add	T1,R8,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	A,T1,A			!=
-	sll	A,6,T2
-	srl	A,32-6,A
-	or	A,T2,A
-	add	A,B,A			!=
-
-	orn	A,C,T1
-	sethi	%hi(0xfe2ce6e0),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xfe2ce6e0),T2	!=
-	add	T1,RX,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2			!=
-	srl	D,32-10,D
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1			!=
-	sethi	%hi(0xa3014314),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xa3014314),T2
-	add	T1,R6,T1		!=
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C		!=
-	or	C,T2,C
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0x4e0811a1),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0x4e0811a1),T2
-	!pre-LOADed	X(4),R4
-	 ld	 [Aptr],Aval
-	add	T1,R13,T1		!=
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,21,T2
-	srl	B,32-21,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	orn	B,D,T1
-	sethi	%hi(0xf7537e82),T2	!=
-	xor	T1,C,T1
-	or	T2,%lo(0xf7537e82),T2
-	!pre-LOADed	X(11),R11
-	 ld	 [Dptr],Dval
-	add	T1,R4,T1		!=
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2
-	srl	A,32-6,A		!=
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1
-	sethi	%hi(0xbd3af235),T2	!=
-	xor	T1,B,T1
-	or	T2,%lo(0xbd3af235),T2
-	!pre-LOADed	X(2),R2
-	 ld	 [Cptr],Cval
-	add	T1,R11,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0x2ad7d2bb),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0x2ad7d2bb),T2
-	!pre-LOADed	X(9),R9
-	 ld	 [Bptr],Bval
-	add	T1,R2,T1		!=
-	 add	 Aval,A,Aval
-	add	T1,T2,T1
-	 st	 Aval,[Aptr]
-	add	C,T1,C			!=
-	sll	C,15,T2
-	 add	 Dval,D,Dval
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	 st	 Dval,[Dptr]
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0xeb86d391),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xeb86d391),T2
-	add	T1,R9,T1
-	!pre-LOADed	X(0),R0
-	 mov	 Aval,A			!=
-	add	T1,T2,T1
-	 mov	 Dval,D
-	add	B,T1,B
-	sll	B,21,T2			!=
-	 add	 Cval,C,Cval
-	srl	B,32-21,B
-	 st	 Cval,[Cptr]
-	or	B,T2,B			!=
-	add	B,C,B
-
-	deccc	%i2
-	mov	Cval,C
-	add	B,Bval,B		!=
-	inc	64,%i1
-	nop
-	st	B,[Bptr]
-	nop				!=
-
-#ifdef	OPENSSL_SYSNAME_ULTRASPARC
-	bg,a,pt	%icc,.Lmd5_block_loop
-#else
-	bg,a	.Lmd5_block_loop
-#endif
-	LOAD	X(0),R0
-
-#ifdef ASI_PRIMARY_LITTLE
-	wr	%g0,%o7,%asi
-#endif
-	ret
-	restore	%g0,0,%o0
-
-.type	md5_block,#function
-.size	md5_block,(.-md5_block)
diff --git a/crypto/openssl/crypto/md5/md5.c b/crypto/openssl/crypto/md5/md5.c
deleted file mode 100644
index 563733abc506..000000000000
--- a/crypto/openssl/crypto/md5/md5.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/md5/md5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md5.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("MD5(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	MD5_CTX c;
-	unsigned char md[MD5_DIGEST_LENGTH];
-	int fd;
-	int i;
-	static unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	MD5_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,BUFSIZE);
-		if (i <= 0) break;
-		MD5_Update(&c,buf,(unsigned long)i);
-		}
-	MD5_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<MD5_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
-
diff --git a/crypto/openssl/crypto/md5/md5.h b/crypto/openssl/crypto/md5/md5.h
deleted file mode 100644
index a252e0211543..000000000000
--- a/crypto/openssl/crypto/md5/md5.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/md5/md5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD5_H
-#define HEADER_MD5_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MD5
-#error MD5 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD5_LONG_LOG2 has to be defined along.			   !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define MD5_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define MD5_LONG unsigned long
-#define MD5_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *					<appro@fy.chalmers.se>
- */
-#else
-#define MD5_LONG unsigned int
-#endif
-
-#define MD5_CBLOCK	64
-#define MD5_LBLOCK	(MD5_CBLOCK/4)
-#define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st
-	{
-	MD5_LONG A,B,C,D;
-	MD5_LONG Nl,Nh;
-	MD5_LONG data[MD5_LBLOCK];
-	int num;
-	} MD5_CTX;
-
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/md5/md5_dgst.c b/crypto/openssl/crypto/md5/md5_dgst.c
deleted file mode 100644
index 9c7abc36972e..000000000000
--- a/crypto/openssl/crypto/md5/md5_dgst.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/* crypto/md5/md5_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md5_locl.h"
-#include <openssl/opensslv.h>
-
-const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
-
-/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-int MD5_Init(MD5_CTX *c)
-	{
-	c->A=INIT_DATA_A;
-	c->B=INIT_DATA_B;
-	c->C=INIT_DATA_C;
-	c->D=INIT_DATA_D;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
-	return 1;
-	}
-
-#ifndef md5_block_host_order
-void md5_block_host_order (MD5_CTX *c, const void *data, int num)
-	{
-	const MD5_LONG *X=data;
-	register unsigned MD32_REG_T A,B,C,D;
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;X+=HASH_LBLOCK)
-		{
-	/* Round 0 */
-	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
-	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
-	R0(C,D,A,B,X[ 2],17,0x242070dbL);
-	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
-	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
-	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
-	R0(C,D,A,B,X[ 6],17,0xa8304613L);
-	R0(B,C,D,A,X[ 7],22,0xfd469501L);
-	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
-	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
-	R0(C,D,A,B,X[10],17,0xffff5bb1L);
-	R0(B,C,D,A,X[11],22,0x895cd7beL);
-	R0(A,B,C,D,X[12], 7,0x6b901122L);
-	R0(D,A,B,C,X[13],12,0xfd987193L);
-	R0(C,D,A,B,X[14],17,0xa679438eL);
-	R0(B,C,D,A,X[15],22,0x49b40821L);
-	/* Round 1 */
-	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
-	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
-	R1(C,D,A,B,X[11],14,0x265e5a51L);
-	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
-	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
-	R1(D,A,B,C,X[10], 9,0x02441453L);
-	R1(C,D,A,B,X[15],14,0xd8a1e681L);
-	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
-	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
-	R1(D,A,B,C,X[14], 9,0xc33707d6L);
-	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
-	R1(B,C,D,A,X[ 8],20,0x455a14edL);
-	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
-	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
-	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
-	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
-	/* Round 2 */
-	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
-	R2(D,A,B,C,X[ 8],11,0x8771f681L);
-	R2(C,D,A,B,X[11],16,0x6d9d6122L);
-	R2(B,C,D,A,X[14],23,0xfde5380cL);
-	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
-	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
-	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
-	R2(B,C,D,A,X[10],23,0xbebfbc70L);
-	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
-	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
-	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
-	R2(B,C,D,A,X[ 6],23,0x04881d05L);
-	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
-	R2(D,A,B,C,X[12],11,0xe6db99e5L);
-	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
-	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
-	/* Round 3 */
-	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
-	R3(D,A,B,C,X[ 7],10,0x432aff97L);
-	R3(C,D,A,B,X[14],15,0xab9423a7L);
-	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
-	R3(A,B,C,D,X[12], 6,0x655b59c3L);
-	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
-	R3(C,D,A,B,X[10],15,0xffeff47dL);
-	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
-	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
-	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
-	R3(C,D,A,B,X[ 6],15,0xa3014314L);
-	R3(B,C,D,A,X[13],21,0x4e0811a1L);
-	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
-	R3(D,A,B,C,X[11],10,0xbd3af235L);
-	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
-	R3(B,C,D,A,X[ 9],21,0xeb86d391L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
-#ifndef md5_block_data_order
-#ifdef X
-#undef X
-#endif
-void md5_block_data_order (MD5_CTX *c, const void *data_, int num)
-	{
-	const unsigned char *data=data_;
-	register unsigned MD32_REG_T A,B,C,D,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	MD5_LONG XX[MD5_LBLOCK];
-# define X(i)	XX[i]
-#endif
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;)
-		{
-	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-	/* Round 0 */
-	R0(A,B,C,D,X( 0), 7,0xd76aa478L);	HOST_c2l(data,l); X( 2)=l;
-	R0(D,A,B,C,X( 1),12,0xe8c7b756L);	HOST_c2l(data,l); X( 3)=l;
-	R0(C,D,A,B,X( 2),17,0x242070dbL);	HOST_c2l(data,l); X( 4)=l;
-	R0(B,C,D,A,X( 3),22,0xc1bdceeeL);	HOST_c2l(data,l); X( 5)=l;
-	R0(A,B,C,D,X( 4), 7,0xf57c0fafL);	HOST_c2l(data,l); X( 6)=l;
-	R0(D,A,B,C,X( 5),12,0x4787c62aL);	HOST_c2l(data,l); X( 7)=l;
-	R0(C,D,A,B,X( 6),17,0xa8304613L);	HOST_c2l(data,l); X( 8)=l;
-	R0(B,C,D,A,X( 7),22,0xfd469501L);	HOST_c2l(data,l); X( 9)=l;
-	R0(A,B,C,D,X( 8), 7,0x698098d8L);	HOST_c2l(data,l); X(10)=l;
-	R0(D,A,B,C,X( 9),12,0x8b44f7afL);	HOST_c2l(data,l); X(11)=l;
-	R0(C,D,A,B,X(10),17,0xffff5bb1L);	HOST_c2l(data,l); X(12)=l;
-	R0(B,C,D,A,X(11),22,0x895cd7beL);	HOST_c2l(data,l); X(13)=l;
-	R0(A,B,C,D,X(12), 7,0x6b901122L);	HOST_c2l(data,l); X(14)=l;
-	R0(D,A,B,C,X(13),12,0xfd987193L);	HOST_c2l(data,l); X(15)=l;
-	R0(C,D,A,B,X(14),17,0xa679438eL);
-	R0(B,C,D,A,X(15),22,0x49b40821L);
-	/* Round 1 */
-	R1(A,B,C,D,X( 1), 5,0xf61e2562L);
-	R1(D,A,B,C,X( 6), 9,0xc040b340L);
-	R1(C,D,A,B,X(11),14,0x265e5a51L);
-	R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
-	R1(A,B,C,D,X( 5), 5,0xd62f105dL);
-	R1(D,A,B,C,X(10), 9,0x02441453L);
-	R1(C,D,A,B,X(15),14,0xd8a1e681L);
-	R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
-	R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
-	R1(D,A,B,C,X(14), 9,0xc33707d6L);
-	R1(C,D,A,B,X( 3),14,0xf4d50d87L);
-	R1(B,C,D,A,X( 8),20,0x455a14edL);
-	R1(A,B,C,D,X(13), 5,0xa9e3e905L);
-	R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
-	R1(C,D,A,B,X( 7),14,0x676f02d9L);
-	R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
-	/* Round 2 */
-	R2(A,B,C,D,X( 5), 4,0xfffa3942L);
-	R2(D,A,B,C,X( 8),11,0x8771f681L);
-	R2(C,D,A,B,X(11),16,0x6d9d6122L);
-	R2(B,C,D,A,X(14),23,0xfde5380cL);
-	R2(A,B,C,D,X( 1), 4,0xa4beea44L);
-	R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
-	R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
-	R2(B,C,D,A,X(10),23,0xbebfbc70L);
-	R2(A,B,C,D,X(13), 4,0x289b7ec6L);
-	R2(D,A,B,C,X( 0),11,0xeaa127faL);
-	R2(C,D,A,B,X( 3),16,0xd4ef3085L);
-	R2(B,C,D,A,X( 6),23,0x04881d05L);
-	R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
-	R2(D,A,B,C,X(12),11,0xe6db99e5L);
-	R2(C,D,A,B,X(15),16,0x1fa27cf8L);
-	R2(B,C,D,A,X( 2),23,0xc4ac5665L);
-	/* Round 3 */
-	R3(A,B,C,D,X( 0), 6,0xf4292244L);
-	R3(D,A,B,C,X( 7),10,0x432aff97L);
-	R3(C,D,A,B,X(14),15,0xab9423a7L);
-	R3(B,C,D,A,X( 5),21,0xfc93a039L);
-	R3(A,B,C,D,X(12), 6,0x655b59c3L);
-	R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
-	R3(C,D,A,B,X(10),15,0xffeff47dL);
-	R3(B,C,D,A,X( 1),21,0x85845dd1L);
-	R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
-	R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
-	R3(C,D,A,B,X( 6),15,0xa3014314L);
-	R3(B,C,D,A,X(13),21,0x4e0811a1L);
-	R3(A,B,C,D,X( 4), 6,0xf7537e82L);
-	R3(D,A,B,C,X(11),10,0xbd3af235L);
-	R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
-	R3(B,C,D,A,X( 9),21,0xeb86d391L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
-#ifdef undef
-int printit(unsigned long *l)
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/md5/md5_locl.h b/crypto/openssl/crypto/md5/md5_locl.h
deleted file mode 100644
index 9e360da732ab..000000000000
--- a/crypto/openssl/crypto/md5/md5_locl.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/* crypto/md5/md5_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/e_os2.h>
-#include <openssl/md5.h>
-
-#ifndef MD5_LONG_LOG2
-#define MD5_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-#ifdef MD5_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define md5_block_host_order md5_block_asm_host_order
-# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
-   void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num);
-#  define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
-# endif
-#endif
-
-void md5_block_host_order (MD5_CTX *c, const void *p,int num);
-void md5_block_data_order (MD5_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- *				<appro@fy.chalmers.se>
- */
-#define md5_block_data_order md5_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG		MD5_LONG
-#define HASH_LONG_LOG2		MD5_LONG_LOG2
-#define HASH_CTX		MD5_CTX
-#define HASH_CBLOCK		MD5_CBLOCK
-#define HASH_LBLOCK		MD5_LBLOCK
-#define HASH_UPDATE		MD5_Update
-#define HASH_TRANSFORM		MD5_Transform
-#define HASH_FINAL		MD5_Final
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	} while (0)
-#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
-#if !defined(L_ENDIAN) || defined(md5_block_data_order)
-#define	HASH_BLOCK_DATA_ORDER	md5_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md5_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
-
-#include "md32_common.h"
-
-/*
-#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
-#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below.  Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
-#define	G(b,c,d)	((((b) ^ (c)) & (d)) ^ (c))
-#define	H(b,c,d)	((b) ^ (c) ^ (d))
-#define	I(b,c,d)	(((~(d)) | (b)) ^ (c))
-
-#define R0(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+F((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+G((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+H((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+I((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
diff --git a/crypto/openssl/crypto/md5/md5_one.c b/crypto/openssl/crypto/md5/md5_one.c
deleted file mode 100644
index c5dd2d81db49..000000000000
--- a/crypto/openssl/crypto/md5/md5_one.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/md5/md5_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md5.h>
-#include <openssl/crypto.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	MD5_CTX c;
-	static unsigned char m[MD5_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	MD5_Init(&c);
-#ifndef CHARSET_EBCDIC
-	MD5_Update(&c,d,n);
-#else
-	{
-		char temp[1024];
-		unsigned long chunk;
-
-		while (n > 0)
-		{
-			chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-			ebcdic2ascii(temp, d, chunk);
-			MD5_Update(&c,temp,chunk);
-			n -= chunk;
-			d += chunk;
-		}
-	}
-#endif
-	MD5_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
-	return(md);
-	}
-
diff --git a/crypto/openssl/crypto/md5/md5s.cpp b/crypto/openssl/crypto/md5/md5s.cpp
deleted file mode 100644
index dd343fd4e6ed..000000000000
--- a/crypto/openssl/crypto/md5/md5s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md5.h>
-
-extern "C" {
-void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD5_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md5_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md5_block_x86(&ctx,buffer,num);
-			}
-		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/crypto/md5/md5test.c b/crypto/openssl/crypto/md5/md5test.c
deleted file mode 100644
index bfd62629ed28..000000000000
--- a/crypto/openssl/crypto/md5/md5test.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* crypto/md5/md5test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_MD5
-int main(int argc, char *argv[])
-{
-    printf("No MD5 support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-static char *test[]={
-	"",
-	"a",
-	"abc",
-	"message digest",
-	"abcdefghijklmnopqrstuvwxyz",
-	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
-	NULL,
-	};
-
-static char *ret[]={
-	"d41d8cd98f00b204e9800998ecf8427e",
-	"0cc175b9c0f1b6a831c399e269772661",
-	"900150983cd24fb0d6963f7d28e17f72",
-	"f96b697d7cb7938d525a2f31aaf161d0",
-	"c3fcd3d76192e4007dfb496cca67e13b",
-	"d174ab98d277d9f5a5611c2c9f419d9f",
-	"57edf4a22be3c955ac49da2e2107b67a",
-	};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	unsigned char **P,**R;
-	char *p;
-	unsigned char md[MD5_DIGEST_LENGTH];
-
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL);
-		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
-			{
-			printf("error calculating MD5 on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-	EXIT(err);
-	return(0);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<MD5_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/mdc2/Makefile.save b/crypto/openssl/crypto/mdc2/Makefile.save
deleted file mode 100644
index 4b1b3e36961a..000000000000
--- a/crypto/openssl/crypto/mdc2/Makefile.save
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/mdc2/Makefile
-#
-
-DIR=	mdc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= mdc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=mdc2dgst.c mdc2_one.c
-LIBOBJ=mdc2dgst.o mdc2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= mdc2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-mdc2_one.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-mdc2_one.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-mdc2_one.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-mdc2_one.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-mdc2_one.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
-mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2_one.o: ../cryptlib.h
-mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
diff --git a/crypto/openssl/crypto/mdc2/Makefile.ssl b/crypto/openssl/crypto/mdc2/Makefile.ssl
deleted file mode 100644
index 387d7f8cd895..000000000000
--- a/crypto/openssl/crypto/mdc2/Makefile.ssl
+++ /dev/null
@@ -1,98 +0,0 @@
-#
-# SSLeay/crypto/mdc2/Makefile
-#
-
-DIR=	mdc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= mdc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=mdc2dgst.c mdc2_one.c
-LIBOBJ=mdc2dgst.o mdc2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= mdc2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
-mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
-mdc2_one.o: ../../include/openssl/opensslconf.h
-mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-mdc2_one.o: ../cryptlib.h mdc2_one.c
-mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
-mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-mdc2dgst.o: mdc2dgst.c
diff --git a/crypto/openssl/crypto/mdc2/mdc2.h b/crypto/openssl/crypto/mdc2/mdc2.h
deleted file mode 100644
index 793a8a0f13fb..000000000000
--- a/crypto/openssl/crypto/mdc2/mdc2.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/mdc2/mdc2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MDC2_H
-#define HEADER_MDC2_H
-
-#include <openssl/des.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MDC2
-#error MDC2 is disabled.
-#endif
-
-#define MDC2_BLOCK              8
-#define MDC2_DIGEST_LENGTH      16
- 
-typedef struct mdc2_ctx_st
-	{
-	int num;
-	unsigned char data[MDC2_BLOCK];
-	DES_cblock h,hh;
-	int pad_type; /* either 1 or 2, default 1 */
-	} MDC2_CTX;
-
-
-int MDC2_Init(MDC2_CTX *c);
-int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len);
-int MDC2_Final(unsigned char *md, MDC2_CTX *c);
-unsigned char *MDC2(const unsigned char *d, unsigned long n,
-	unsigned char *md);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/crypto/openssl/crypto/mdc2/mdc2_one.c b/crypto/openssl/crypto/mdc2/mdc2_one.c
deleted file mode 100644
index 37f06c8d77cf..000000000000
--- a/crypto/openssl/crypto/mdc2/mdc2_one.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/mdc2/mdc2_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/mdc2.h>
-
-unsigned char *MDC2(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	MDC2_CTX c;
-	static unsigned char m[MDC2_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	MDC2_Init(&c);
-	MDC2_Update(&c,d,n);
-        MDC2_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
-	return(md);
-	}
-
diff --git a/crypto/openssl/crypto/mdc2/mdc2dgst.c b/crypto/openssl/crypto/mdc2/mdc2dgst.c
deleted file mode 100644
index 32daa9b0da35..000000000000
--- a/crypto/openssl/crypto/mdc2/mdc2dgst.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* crypto/mdc2/mdc2dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/des.h>
-#include <openssl/mdc2.h>
-
-#undef c2l
-#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
-			 l|=((DES_LONG)(*((c)++)))<< 8L, \
-			 l|=((DES_LONG)(*((c)++)))<<16L, \
-			 l|=((DES_LONG)(*((c)++)))<<24L)
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			*((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len);
-int MDC2_Init(MDC2_CTX *c)
-	{
-	c->num=0;
-	c->pad_type=1;
-	memset(&(c->h[0]),0x52,MDC2_BLOCK);
-	memset(&(c->hh[0]),0x25,MDC2_BLOCK);
-	return 1;
-	}
-
-int MDC2_Update(MDC2_CTX *c, const unsigned char *in, unsigned long len)
-	{
-	int i,j;
-
-	i=c->num;
-	if (i != 0)
-		{
-		if (i+len < MDC2_BLOCK)
-			{
-			/* partial block */
-			memcpy(&(c->data[i]),in,(int)len);
-			c->num+=(int)len;
-			return 1;
-			}
-		else
-			{
-			/* filled one */
-			j=MDC2_BLOCK-i;
-			memcpy(&(c->data[i]),in,j);
-			len-=j;
-			in+=j;
-			c->num=0;
-			mdc2_body(c,&(c->data[0]),MDC2_BLOCK);
-			}
-		}
-	i=(int)(len&(unsigned long)~(MDC2_BLOCK-1));
-	if (i > 0) mdc2_body(c,in,i);
-	j=(int)len-i;
-	if (j > 0)
-		{
-		memcpy(&(c->data[0]),&(in[i]),j);
-		c->num=j;
-		}
-	return 1;
-	}
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len)
-	{
-	register DES_LONG tin0,tin1;
-	register DES_LONG ttin0,ttin1;
-	DES_LONG d[2],dd[2];
-	DES_key_schedule k;
-	unsigned char *p;
-	unsigned int i;
-
-	for (i=0; i<len; i+=8)
-		{
-		c2l(in,tin0); d[0]=dd[0]=tin0;
-		c2l(in,tin1); d[1]=dd[1]=tin1;
-		c->h[0]=(c->h[0]&0x9f)|0x40;
-		c->hh[0]=(c->hh[0]&0x9f)|0x20;
-
-		DES_set_odd_parity(&c->h);
-		DES_set_key_unchecked(&c->h,&k);
-		DES_encrypt1(d,&k,1);
-
-		DES_set_odd_parity(&c->hh);
-		DES_set_key_unchecked(&c->hh,&k);
-		DES_encrypt1(dd,&k,1);
-
-		ttin0=tin0^dd[0];
-		ttin1=tin1^dd[1];
-		tin0^=d[0];
-		tin1^=d[1];
-
-		p=c->h;
-		l2c(tin0,p);
-		l2c(ttin1,p);
-		p=c->hh;
-		l2c(ttin0,p);
-		l2c(tin1,p);
-		}
-	}
-
-int MDC2_Final(unsigned char *md, MDC2_CTX *c)
-	{
-	int i,j;
-
-	i=c->num;
-	j=c->pad_type;
-	if ((i > 0) || (j == 2))
-		{
-		if (j == 2)
-			c->data[i++]=0x80;
-		memset(&(c->data[i]),0,MDC2_BLOCK-i);
-		mdc2_body(c,c->data,MDC2_BLOCK);
-		}
-	memcpy(md,(char *)c->h,MDC2_BLOCK);
-	memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK);
-	return 1;
-	}
-
-#undef TEST
-
-#ifdef TEST
-main()
-	{
-	unsigned char md[MDC2_DIGEST_LENGTH];
-	int i;
-	MDC2_CTX c;
-	static char *text="Now is the time for all ";
-
-	MDC2_Init(&c);
-	MDC2_Update(&c,text,strlen(text));
-	MDC2_Final(&(md[0]),&c);
-
-	for (i=0; i<MDC2_DIGEST_LENGTH; i++)
-		printf("%02X",md[i]);
-	printf("\n");
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/mdc2/mdc2test.c b/crypto/openssl/crypto/mdc2/mdc2test.c
deleted file mode 100644
index c9abe99d9280..000000000000
--- a/crypto/openssl/crypto/mdc2/mdc2test.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/* crypto/mdc2/mdc2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#if defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_MDC2)
-#define OPENSSL_NO_MDC2
-#endif
-
-#ifdef OPENSSL_NO_MDC2
-int main(int argc, char *argv[])
-{
-    printf("No MDC2 support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-#include <openssl/mdc2.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-static unsigned char pad1[16]={
-	0x42,0xE5,0x0C,0xD2,0x24,0xBA,0xCE,0xBA,
-	0x76,0x0B,0xDD,0x2B,0xD4,0x09,0x28,0x1A
-	};
-
-static unsigned char pad2[16]={
-	0x2E,0x46,0x79,0xB5,0xAD,0xD9,0xCA,0x75,
-	0x35,0xD8,0x7A,0xFE,0xAB,0x33,0xBE,0xE2
-	};
-
-int main(int argc, char *argv[])
-	{
-	int ret=0;
-	unsigned char md[MDC2_DIGEST_LENGTH];
-	int i;
-	EVP_MD_CTX c;
-	static char *text="Now is the time for all ";
-
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(text,text,strlen(text));
-#endif
-
-	EVP_MD_CTX_init(&c);
-	EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
-	EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
-	EVP_DigestFinal_ex(&c,&(md[0]),NULL);
-
-	if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
-		{
-		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
-			printf("%02X",md[i]);
-		printf(" <- generated\n");
-		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
-			printf("%02X",pad1[i]);
-		printf(" <- correct\n");
-		ret=1;
-		}
-	else
-		printf("pad1 - ok\n");
-
-	EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
-	/* FIXME: use a ctl function? */
-	((MDC2_CTX *)c.md_data)->pad_type=2;
-	EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
-	EVP_DigestFinal_ex(&c,&(md[0]),NULL);
-
-	if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
-		{
-		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
-			printf("%02X",md[i]);
-		printf(" <- generated\n");
-		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
-			printf("%02X",pad2[i]);
-		printf(" <- correct\n");
-		ret=1;
-		}
-	else
-		printf("pad2 - ok\n");
-
-	EVP_MD_CTX_cleanup(&c);
-	EXIT(ret);
-	return(ret);
-	}
-#endif
diff --git a/crypto/openssl/crypto/mem.c b/crypto/openssl/crypto/mem.c
deleted file mode 100644
index 29df7d35b248..000000000000
--- a/crypto/openssl/crypto/mem.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* crypto/mem.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-
-
-static int allow_customize = 1;      /* we provide flexible functions for */
-static int allow_customize_debug = 1;/* exchanging memory-related functions at
-                                      * run-time, but this must be done
-                                      * before any blocks are actually
-                                      * allocated; or we'll run into huge
-                                      * problems when malloc/free pairs
-                                      * don't match etc. */
-
-
-
-/* the following pointers may be changed as long as 'allow_customize' is set */
-
-static void *(*malloc_func)(size_t)         = malloc;
-static void *default_malloc_ex(size_t num, const char *file, int line)
-	{ return malloc_func(num); }
-static void *(*malloc_ex_func)(size_t, const char *file, int line)
-        = default_malloc_ex;
-
-static void *(*realloc_func)(void *, size_t)= realloc;
-static void *default_realloc_ex(void *str, size_t num,
-        const char *file, int line)
-	{ return realloc_func(str,num); }
-static void *(*realloc_ex_func)(void *, size_t, const char *file, int line)
-        = default_realloc_ex;
-
-static void (*free_func)(void *)            = free;
-
-static void *(*malloc_locked_func)(size_t)  = malloc;
-static void *default_malloc_locked_ex(size_t num, const char *file, int line)
-	{ return malloc_locked_func(num); }
-static void *(*malloc_locked_ex_func)(size_t, const char *file, int line)
-        = default_malloc_locked_ex;
-
-static void (*free_locked_func)(void *)     = free;
-
-
-
-/* may be changed as long as 'allow_customize_debug' is set */
-/* XXX use correct function pointer types */
-#ifdef CRYPTO_MDEBUG
-/* use default functions from mem_dbg.c */
-static void (*malloc_debug_func)(void *,int,const char *,int,int)
-	= CRYPTO_dbg_malloc;
-static void (*realloc_debug_func)(void *,void *,int,const char *,int,int)
-	= CRYPTO_dbg_realloc;
-static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free;
-static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options;
-static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options;
-#else
-/* applications can use CRYPTO_malloc_debug_init() to select above case
- * at run-time */
-static void (*malloc_debug_func)(void *,int,const char *,int,int) = NULL;
-static void (*realloc_debug_func)(void *,void *,int,const char *,int,int)
-	= NULL;
-static void (*free_debug_func)(void *,int) = NULL;
-static void (*set_debug_options_func)(long) = NULL;
-static long (*get_debug_options_func)(void) = NULL;
-#endif
-
-
-int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t),
-	void (*f)(void *))
-	{
-	if (!allow_customize)
-		return 0;
-	if ((m == 0) || (r == 0) || (f == 0))
-		return 0;
-	malloc_func=m; malloc_ex_func=default_malloc_ex;
-	realloc_func=r; realloc_ex_func=default_realloc_ex;
-	free_func=f;
-	malloc_locked_func=m; malloc_locked_ex_func=default_malloc_locked_ex;
-	free_locked_func=f;
-	return 1;
-	}
-
-int CRYPTO_set_mem_ex_functions(
-        void *(*m)(size_t,const char *,int),
-        void *(*r)(void *, size_t,const char *,int),
-	void (*f)(void *))
-	{
-	if (!allow_customize)
-		return 0;
-	if ((m == 0) || (r == 0) || (f == 0))
-		return 0;
-	malloc_func=0; malloc_ex_func=m;
-	realloc_func=0; realloc_ex_func=r;
-	free_func=f;
-	malloc_locked_func=0; malloc_locked_ex_func=m;
-	free_locked_func=f;
-	return 1;
-	}
-
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*f)(void *))
-	{
-	if (!allow_customize)
-		return 0;
-	if ((m == NULL) || (f == NULL))
-		return 0;
-	malloc_locked_func=m; malloc_locked_ex_func=default_malloc_locked_ex;
-	free_locked_func=f;
-	return 1;
-	}
-
-int CRYPTO_set_locked_mem_ex_functions(
-        void *(*m)(size_t,const char *,int),
-        void (*f)(void *))
-	{
-	if (!allow_customize)
-		return 0;
-	if ((m == NULL) || (f == NULL))
-		return 0;
-	malloc_locked_func=0; malloc_locked_ex_func=m;
-	free_func=f;
-	return 1;
-	}
-
-int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
-				   void (*r)(void *,void *,int,const char *,int,int),
-				   void (*f)(void *,int),
-				   void (*so)(long),
-				   long (*go)(void))
-	{
-	if (!allow_customize_debug)
-		return 0;
-	malloc_debug_func=m;
-	realloc_debug_func=r;
-	free_debug_func=f;
-	set_debug_options_func=so;
-	get_debug_options_func=go;
-	return 1;
-	}
-
-
-void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
-	void (**f)(void *))
-	{
-	if (m != NULL) *m = (malloc_ex_func == default_malloc_ex) ? 
-	                     malloc_func : 0;
-	if (r != NULL) *r = (realloc_ex_func == default_realloc_ex) ? 
-	                     realloc_func : 0;
-	if (f != NULL) *f=free_func;
-	}
-
-void CRYPTO_get_mem_ex_functions(
-        void *(**m)(size_t,const char *,int),
-        void *(**r)(void *, size_t,const char *,int),
-	void (**f)(void *))
-	{
-	if (m != NULL) *m = (malloc_ex_func != default_malloc_ex) ?
-	                    malloc_ex_func : 0;
-	if (r != NULL) *r = (realloc_ex_func != default_realloc_ex) ?
-	                    realloc_ex_func : 0;
-	if (f != NULL) *f=free_func;
-	}
-
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *))
-	{
-	if (m != NULL) *m = (malloc_locked_ex_func == default_malloc_locked_ex) ? 
-	                     malloc_locked_func : 0;
-	if (f != NULL) *f=free_locked_func;
-	}
-
-void CRYPTO_get_locked_mem_ex_functions(
-        void *(**m)(size_t,const char *,int),
-        void (**f)(void *))
-	{
-	if (m != NULL) *m = (malloc_locked_ex_func != default_malloc_locked_ex) ?
-	                    malloc_locked_ex_func : 0;
-	if (f != NULL) *f=free_locked_func;
-	}
-
-void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
-				    void (**r)(void *,void *,int,const char *,int,int),
-				    void (**f)(void *,int),
-				    void (**so)(long),
-				    long (**go)(void))
-	{
-	if (m != NULL) *m=malloc_debug_func;
-	if (r != NULL) *r=realloc_debug_func;
-	if (f != NULL) *f=free_debug_func;
-	if (so != NULL) *so=set_debug_options_func;
-	if (go != NULL) *go=get_debug_options_func;
-	}
-
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line)
-	{
-	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
-
-	if (num < 0) return NULL;
-
-	allow_customize = 0;
-	if (malloc_debug_func != NULL)
-		{
-		allow_customize_debug = 0;
-		malloc_debug_func(NULL, num, file, line, 0);
-		}
-	ret = malloc_locked_ex_func(num,file,line);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
-#endif
-	if (malloc_debug_func != NULL)
-		malloc_debug_func(ret, num, file, line, 1);
-
-        /* Create a dependency on the value of 'cleanse_ctr' so our memory
-         * sanitisation function can't be optimised out. NB: We only do
-         * this for >2Kb so the overhead doesn't bother us. */
-        if(ret && (num > 2048))
-		((unsigned char *)ret)[0] = cleanse_ctr;
-
-	return ret;
-	}
-
-void CRYPTO_free_locked(void *str)
-	{
-	if (free_debug_func != NULL)
-		free_debug_func(str, 0);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
-#endif
-	free_locked_func(str);
-	if (free_debug_func != NULL)
-		free_debug_func(NULL, 1);
-	}
-
-void *CRYPTO_malloc(int num, const char *file, int line)
-	{
-	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
-
-	if (num < 0) return NULL;
-
-	allow_customize = 0;
-	if (malloc_debug_func != NULL)
-		{
-		allow_customize_debug = 0;
-		malloc_debug_func(NULL, num, file, line, 0);
-		}
-	ret = malloc_ex_func(num,file,line);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
-#endif
-	if (malloc_debug_func != NULL)
-		malloc_debug_func(ret, num, file, line, 1);
-
-        /* Create a dependency on the value of 'cleanse_ctr' so our memory
-         * sanitisation function can't be optimised out. NB: We only do
-         * this for >2Kb so the overhead doesn't bother us. */
-        if(ret && (num > 2048))
-                ((unsigned char *)ret)[0] = cleanse_ctr;
-
-	return ret;
-	}
-
-void *CRYPTO_realloc(void *str, int num, const char *file, int line)
-	{
-	void *ret = NULL;
-
-	if (str == NULL)
-		return CRYPTO_malloc(num, file, line);
-
- 	if (num < 0) return NULL;
- 
-	if (realloc_debug_func != NULL)
-		realloc_debug_func(str, NULL, num, file, line, 0);
-	ret = realloc_ex_func(str,num,file,line);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str, ret, num);
-#endif
-	if (realloc_debug_func != NULL)
-		realloc_debug_func(str, ret, num, file, line, 1);
-
-	return ret;
-	}
-
-void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
-			   int line)
-	{
-	void *ret = NULL;
-
-	if (str == NULL)
-		return CRYPTO_malloc(num, file, line);
- 
- 	if (num < 0) return NULL;
- 
-	if (realloc_debug_func != NULL)
-		realloc_debug_func(str, NULL, num, file, line, 0);
-	ret=malloc_ex_func(num,file,line);
-	if(ret)
-		memcpy(ret,str,old_len);
-	OPENSSL_cleanse(str,old_len);
-	free_func(str);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str, ret, num);
-#endif
-	if (realloc_debug_func != NULL)
-		realloc_debug_func(str, ret, num, file, line, 1);
-
-	return ret;
-	}
-
-void CRYPTO_free(void *str)
-	{
-	if (free_debug_func != NULL)
-		free_debug_func(str, 0);
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
-#endif
-	free_func(str);
-	if (free_debug_func != NULL)
-		free_debug_func(NULL, 1);
-	}
-
-void *CRYPTO_remalloc(void *a, int num, const char *file, int line)
-	{
-	if (a != NULL) OPENSSL_free(a);
-	a=(char *)OPENSSL_malloc(num);
-	return(a);
-	}
-
-void CRYPTO_set_mem_debug_options(long bits)
-	{
-	if (set_debug_options_func != NULL)
-		set_debug_options_func(bits);
-	}
-
-long CRYPTO_get_mem_debug_options(void)
-	{
-	if (get_debug_options_func != NULL)
-		return get_debug_options_func();
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/mem_clr.c b/crypto/openssl/crypto/mem_clr.c
deleted file mode 100644
index e4b7f540b0bd..000000000000
--- a/crypto/openssl/crypto/mem_clr.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/crypto.h>
-
-unsigned char cleanse_ctr = 0;
-
-void OPENSSL_cleanse(void *ptr, size_t len)
-	{
-	unsigned char *p = ptr;
-	size_t loop = len;
-	while(loop--)
-		{
-		*(p++) = cleanse_ctr;
-		cleanse_ctr += (17 + (unsigned char)((int)p & 0xF));
-		}
-	if(memchr(ptr, cleanse_ctr, len))
-		cleanse_ctr += 63;
-	}
diff --git a/crypto/openssl/crypto/mem_dbg.c b/crypto/openssl/crypto/mem_dbg.c
deleted file mode 100644
index 57bd08f65d92..000000000000
--- a/crypto/openssl/crypto/mem_dbg.c
+++ /dev/null
@@ -1,784 +0,0 @@
-/* crypto/mem_dbg.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>	
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include "cryptlib.h"
-
-static int mh_mode=CRYPTO_MEM_CHECK_OFF;
-/* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE
- * when the application asks for it (usually after library initialisation
- * for which no book-keeping is desired).
- *
- * State CRYPTO_MEM_CHECK_ON exists only temporarily when the library
- * thinks that certain allocations should not be checked (e.g. the data
- * structures used for memory checking).  It is not suitable as an initial
- * state: the library will unexpectedly enable memory checking when it
- * executes one of those sections that want to disable checking
- * temporarily.
- *
- * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever.
- */
-
-static unsigned long order = 0; /* number of memory requests */
-static LHASH *mh=NULL; /* hash-table of memory requests (address as key);
-                        * access requires MALLOC2 lock */
-
-
-typedef struct app_mem_info_st
-/* For application-defined information (static C-string `info')
- * to be displayed in memory leak list.
- * Each thread has its own stack.  For applications, there is
- *   CRYPTO_push_info("...")     to push an entry,
- *   CRYPTO_pop_info()           to pop an entry,
- *   CRYPTO_remove_all_info()    to pop all entries.
- */
-	{	
-	unsigned long thread;
-	const char *file;
-	int line;
-	const char *info;
-	struct app_mem_info_st *next; /* tail of thread's stack */
-	int references;
-	} APP_INFO;
-
-static void app_info_free(APP_INFO *);
-
-static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's
-                          * that are at the top of their thread's stack
-                          * (with `thread' as key);
-                          * access requires MALLOC2 lock */
-
-typedef struct mem_st
-/* memory-block description */
-	{
-	void *addr;
-	int num;
-	const char *file;
-	int line;
-	unsigned long thread;
-	unsigned long order;
-	time_t time;
-	APP_INFO *app_info;
-	} MEM;
-
-static long options =             /* extra information to be recorded */
-#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL)
-	V_CRYPTO_MDEBUG_TIME |
-#endif
-#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL)
-	V_CRYPTO_MDEBUG_THREAD |
-#endif
-	0;
-
-
-static unsigned int num_disable = 0; /* num_disable > 0
-                                      *     iff
-                                      * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE)
-                                      */
-static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
-                                            * CRYPTO_LOCK_MALLOC2 is locked
-                                            * exactly in this case (by the
-                                            * thread named in disabling_thread).
-                                            */
-
-static void app_info_free(APP_INFO *inf)
-	{
-	if (--(inf->references) <= 0)
-		{
-		if (inf->next != NULL)
-			{
-			app_info_free(inf->next);
-			}
-		OPENSSL_free(inf);
-		}
-	}
-
-int CRYPTO_mem_ctrl(int mode)
-	{
-	int ret=mh_mode;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-	switch (mode)
-		{
-	/* for applications (not to be called while multiple threads
-	 * use the library): */
-	case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */
-		mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE;
-		num_disable = 0;
-		break;
-	case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
-		mh_mode = 0;
-		num_disable = 0; /* should be true *before* MemCheck_stop is used,
-		                    or there'll be a lot of confusion */
-		break;
-
-	/* switch off temporarily (for library-internal use): */
-	case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
-		if (mh_mode & CRYPTO_MEM_CHECK_ON)
-			{
-			if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */
-				{
-				/* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while
-				 * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if
-				 * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release
-				 * it because we block entry to this function).
-				 * Give them a chance, first, and then claim the locks in
-				 * appropriate order (long-time lock first).
-				 */
-				CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-				/* Note that after we have waited for CRYPTO_LOCK_MALLOC2
-				 * and CRYPTO_LOCK_MALLOC, we'll still be in the right
-				 * "case" and "if" branch because MemCheck_start and
-				 * MemCheck_stop may never be used while there are multiple
-				 * OpenSSL threads. */
-				CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-				CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-				mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
-				disabling_thread=CRYPTO_thread_id();
-				}
-			num_disable++;
-			}
-		break;
-	case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
-		if (mh_mode & CRYPTO_MEM_CHECK_ON)
-			{
-			if (num_disable) /* always true, or something is going wrong */
-				{
-				num_disable--;
-				if (num_disable == 0)
-					{
-					mh_mode|=CRYPTO_MEM_CHECK_ENABLE;
-					CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
-					}
-				}
-			}
-		break;
-
-	default:
-		break;
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-	return(ret);
-	}
-
-int CRYPTO_is_mem_check_on(void)
-	{
-	int ret = 0;
-
-	if (mh_mode & CRYPTO_MEM_CHECK_ON)
-		{
-		CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
-
-		ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
-			|| (disabling_thread != CRYPTO_thread_id());
-
-		CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
-		}
-	return(ret);
-	}	
-
-
-void CRYPTO_dbg_set_options(long bits)
-	{
-	options = bits;
-	}
-
-long CRYPTO_dbg_get_options(void)
-	{
-	return options;
-	}
-
-/* static int mem_cmp(MEM *a, MEM *b) */
-static int mem_cmp(const void *a_void, const void *b_void)
-	{
-	return((const char *)((const MEM *)a_void)->addr
-		- (const char *)((const MEM *)b_void)->addr);
-	}
-
-/* static unsigned long mem_hash(MEM *a) */
-static unsigned long mem_hash(const void *a_void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)((const MEM *)a_void)->addr;
-
-	ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
-	return(ret);
-	}
-
-/* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */
-static int app_info_cmp(const void *a_void, const void *b_void)
-	{
-	return(((const APP_INFO *)a_void)->thread
-		!= ((const APP_INFO *)b_void)->thread);
-	}
-
-/* static unsigned long app_info_hash(APP_INFO *a) */
-static unsigned long app_info_hash(const void *a_void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)((const APP_INFO *)a_void)->thread;
-
-	ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
-	return(ret);
-	}
-
-static APP_INFO *pop_info(void)
-	{
-	APP_INFO tmp;
-	APP_INFO *ret = NULL;
-
-	if (amih != NULL)
-		{
-		tmp.thread=CRYPTO_thread_id();
-		if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL)
-			{
-			APP_INFO *next=ret->next;
-
-			if (next != NULL)
-				{
-				next->references++;
-				lh_insert(amih,(char *)next);
-				}
-#ifdef LEVITTE_DEBUG_MEM
-			if (ret->thread != tmp.thread)
-				{
-				fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-					ret->thread, tmp.thread);
-				abort();
-				}
-#endif
-			if (--(ret->references) <= 0)
-				{
-				ret->next = NULL;
-				if (next != NULL)
-					next->references--;
-				OPENSSL_free(ret);
-				}
-			}
-		}
-	return(ret);
-	}
-
-int CRYPTO_push_info_(const char *info, const char *file, int line)
-	{
-	APP_INFO *ami, *amim;
-	int ret=0;
-
-	if (is_MemCheck_on())
-		{
-		MemCheck_off(); /* obtain MALLOC2 lock */
-
-		if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL)
-			{
-			ret=0;
-			goto err;
-			}
-		if (amih == NULL)
-			{
-			if ((amih=lh_new(app_info_hash, app_info_cmp)) == NULL)
-				{
-				OPENSSL_free(ami);
-				ret=0;
-				goto err;
-				}
-			}
-
-		ami->thread=CRYPTO_thread_id();
-		ami->file=file;
-		ami->line=line;
-		ami->info=info;
-		ami->references=1;
-		ami->next=NULL;
-
-		if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL)
-			{
-#ifdef LEVITTE_DEBUG_MEM
-			if (ami->thread != amim->thread)
-				{
-				fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-					amim->thread, ami->thread);
-				abort();
-				}
-#endif
-			ami->next=amim;
-			}
- err:
-		MemCheck_on(); /* release MALLOC2 lock */
-		}
-
-	return(ret);
-	}
-
-int CRYPTO_pop_info(void)
-	{
-	int ret=0;
-
-	if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */
-		{
-		MemCheck_off(); /* obtain MALLOC2 lock */
-
-		ret=(pop_info() != NULL);
-
-		MemCheck_on(); /* release MALLOC2 lock */
-		}
-	return(ret);
-	}
-
-int CRYPTO_remove_all_info(void)
-	{
-	int ret=0;
-
-	if (is_MemCheck_on()) /* _must_ be true */
-		{
-		MemCheck_off(); /* obtain MALLOC2 lock */
-
-		while(pop_info() != NULL)
-			ret++;
-
-		MemCheck_on(); /* release MALLOC2 lock */
-		}
-	return(ret);
-	}
-
-
-static unsigned long break_order_num=0;
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
-	int before_p)
-	{
-	MEM *m,*mm;
-	APP_INFO tmp,*amim;
-
-	switch(before_p & 127)
-		{
-	case 0:
-		break;
-	case 1:
-		if (addr == NULL)
-			break;
-
-		if (is_MemCheck_on())
-			{
-			MemCheck_off(); /* make sure we hold MALLOC2 lock */
-			if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL)
-				{
-				OPENSSL_free(addr);
-				MemCheck_on(); /* release MALLOC2 lock
-				                * if num_disabled drops to 0 */
-				return;
-				}
-			if (mh == NULL)
-				{
-				if ((mh=lh_new(mem_hash, mem_cmp)) == NULL)
-					{
-					OPENSSL_free(addr);
-					OPENSSL_free(m);
-					addr=NULL;
-					goto err;
-					}
-				}
-
-			m->addr=addr;
-			m->file=file;
-			m->line=line;
-			m->num=num;
-			if (options & V_CRYPTO_MDEBUG_THREAD)
-				m->thread=CRYPTO_thread_id();
-			else
-				m->thread=0;
-
-			if (order == break_order_num)
-				{
-				/* BREAK HERE */
-				m->order=order;
-				}
-			m->order=order++;
-#ifdef LEVITTE_DEBUG_MEM
-			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n",
-				m->order,
-				(before_p & 128) ? '*' : '+',
-				m->addr, m->num);
-#endif
-			if (options & V_CRYPTO_MDEBUG_TIME)
-				m->time=time(NULL);
-			else
-				m->time=0;
-
-			tmp.thread=CRYPTO_thread_id();
-			m->app_info=NULL;
-			if (amih != NULL
-				&& (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL)
-				{
-				m->app_info = amim;
-				amim->references++;
-				}
-
-			if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
-				{
-				/* Not good, but don't sweat it */
-				if (mm->app_info != NULL)
-					{
-					mm->app_info->references--;
-					}
-				OPENSSL_free(mm);
-				}
-		err:
-			MemCheck_on(); /* release MALLOC2 lock
-			                * if num_disabled drops to 0 */
-			}
-		break;
-		}
-	return;
-	}
-
-void CRYPTO_dbg_free(void *addr, int before_p)
-	{
-	MEM m,*mp;
-
-	switch(before_p)
-		{
-	case 0:
-		if (addr == NULL)
-			break;
-
-		if (is_MemCheck_on() && (mh != NULL))
-			{
-			MemCheck_off(); /* make sure we hold MALLOC2 lock */
-
-			m.addr=addr;
-			mp=(MEM *)lh_delete(mh,(char *)&m);
-			if (mp != NULL)
-				{
-#ifdef LEVITTE_DEBUG_MEM
-			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n",
-				mp->order, mp->addr, mp->num);
-#endif
-				if (mp->app_info != NULL)
-					app_info_free(mp->app_info);
-				OPENSSL_free(mp);
-				}
-
-			MemCheck_on(); /* release MALLOC2 lock
-			                * if num_disabled drops to 0 */
-			}
-		break;
-	case 1:
-		break;
-		}
-	}
-
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
-	const char *file, int line, int before_p)
-	{
-	MEM m,*mp;
-
-#ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n",
-		addr1, addr2, num, file, line, before_p);
-#endif
-
-	switch(before_p)
-		{
-	case 0:
-		break;
-	case 1:
-		if (addr2 == NULL)
-			break;
-
-		if (addr1 == NULL)
-			{
-			CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p);
-			break;
-			}
-
-		if (is_MemCheck_on())
-			{
-			MemCheck_off(); /* make sure we hold MALLOC2 lock */
-
-			m.addr=addr1;
-			mp=(MEM *)lh_delete(mh,(char *)&m);
-			if (mp != NULL)
-				{
-#ifdef LEVITTE_DEBUG_MEM
-				fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n",
-					mp->order,
-					mp->addr, mp->num,
-					addr2, num);
-#endif
-				mp->addr=addr2;
-				mp->num=num;
-				lh_insert(mh,(char *)mp);
-				}
-
-			MemCheck_on(); /* release MALLOC2 lock
-			                * if num_disabled drops to 0 */
-			}
-		break;
-		}
-	return;
-	}
-
-
-typedef struct mem_leak_st
-	{
-	BIO *bio;
-	int chunks;
-	long bytes;
-	} MEM_LEAK;
-
-static void print_leak(const MEM *m, MEM_LEAK *l)
-	{
-	char buf[1024];
-	char *bufp = buf;
-	APP_INFO *amip;
-	int ami_cnt;
-	struct tm *lcl = NULL;
-	unsigned long ti;
-
-	if(m->addr == (char *)l->bio)
-	    return;
-
-	if (options & V_CRYPTO_MDEBUG_TIME)
-		{
-		lcl = localtime(&m->time);
-	
-		sprintf(bufp, "[%02d:%02d:%02d] ",
-			lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
-		bufp += strlen(bufp);
-		}
-
-	sprintf(bufp, "%5lu file=%s, line=%d, ",
-		m->order,m->file,m->line);
-	bufp += strlen(bufp);
-
-	if (options & V_CRYPTO_MDEBUG_THREAD)
-		{
-		sprintf(bufp, "thread=%lu, ", m->thread);
-		bufp += strlen(bufp);
-		}
-
-	sprintf(bufp, "number=%d, address=%08lX\n",
-		m->num,(unsigned long)m->addr);
-	bufp += strlen(bufp);
-
-	BIO_puts(l->bio,buf);
-	
-	l->chunks++;
-	l->bytes+=m->num;
-
-	amip=m->app_info;
-	ami_cnt=0;
-	if (!amip)
-		return;
-	ti=amip->thread;
-	
-	do
-		{
-		int buf_len;
-		int info_len;
-
-		ami_cnt++;
-		memset(buf,'>',ami_cnt);
-		sprintf(buf + ami_cnt,
-			" thread=%lu, file=%s, line=%d, info=\"",
-			amip->thread, amip->file, amip->line);
-		buf_len=strlen(buf);
-		info_len=strlen(amip->info);
-		if (128 - buf_len - 3 < info_len)
-			{
-			memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
-			buf_len = 128 - 3;
-			}
-		else
-			{
-			strcpy(buf + buf_len, amip->info);
-			buf_len = strlen(buf);
-			}
-		sprintf(buf + buf_len, "\"\n");
-		
-		BIO_puts(l->bio,buf);
-
-		amip = amip->next;
-		}
-	while(amip && amip->thread == ti);
-		
-#ifdef LEVITTE_DEBUG_MEM
-	if (amip)
-		{
-		fprintf(stderr, "Thread switch detected in backtrace!!!!\n");
-		abort();
-		}
-#endif
-	}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *)
-
-void CRYPTO_mem_leaks(BIO *b)
-	{
-	MEM_LEAK ml;
-
-	if (mh == NULL && amih == NULL)
-		return;
-
-	MemCheck_off(); /* obtain MALLOC2 lock */
-
-	ml.bio=b;
-	ml.bytes=0;
-	ml.chunks=0;
-	if (mh != NULL)
-		lh_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak),
-				(char *)&ml);
-	if (ml.chunks != 0)
-		{
-		BIO_printf(b,"%ld bytes leaked in %d chunks\n",
-			   ml.bytes,ml.chunks);
-		}
-	else
-		{
-		/* Make sure that, if we found no leaks, memory-leak debugging itself
-		 * does not introduce memory leaks (which might irritate
-		 * external debugging tools).
-		 * (When someone enables leak checking, but does not call
-		 * this function, we declare it to be their fault.)
-		 *
-		 * XXX    This should be in CRYPTO_mem_leaks_cb,
-		 * and CRYPTO_mem_leaks should be implemented by
-		 * using CRYPTO_mem_leaks_cb.
-		 * (Also their should be a variant of lh_doall_arg
-		 * that takes a function pointer instead of a void *;
-		 * this would obviate the ugly and illegal
-		 * void_fn_to_char kludge in CRYPTO_mem_leaks_cb.
-		 * Otherwise the code police will come and get us.)
-		 */
-		int old_mh_mode;
-
-		CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-
-		/* avoid deadlock when lh_free() uses CRYPTO_dbg_free(),
-		 * which uses CRYPTO_is_mem_check_on */
-		old_mh_mode = mh_mode;
-		mh_mode = CRYPTO_MEM_CHECK_OFF;
-
-		if (mh != NULL)
-			{
-			lh_free(mh);
-			mh = NULL;
-			}
-		if (amih != NULL)
-			{
-			if (lh_num_items(amih) == 0) 
-				{
-				lh_free(amih);
-				amih = NULL;
-				}
-			}
-
-		mh_mode = old_mh_mode;
-		CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-		}
-	MemCheck_on(); /* release MALLOC2 lock */
-	}
-
-#ifndef OPENSSL_NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *fp)
-	{
-	BIO *b;
-
-	if (mh == NULL) return;
-	/* Need to turn off memory checking when allocated BIOs ... especially
-	 * as we're creating them at a time when we're trying to check we've not
-	 * left anything un-free()'d!! */
-	MemCheck_off();
-	b = BIO_new(BIO_s_file());
-	MemCheck_on();
-	if(!b) return;
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	CRYPTO_mem_leaks(b);
-	BIO_free(b);
-	}
-#endif
-
-
-
-/* FIXME: We really don't allow much to the callback.  For example, it has
-   no chance of reaching the info stack for the item it processes.  Should
-   it really be this way?  -- Richard Levitte */
-/* NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside crypto.h
- * If this code is restructured, remove the callback type if it is no longer
- * needed. -- Geoff Thorpe */
-static void cb_leak(const MEM *m, CRYPTO_MEM_LEAK_CB **cb)
-	{
-	(**cb)(m->order,m->file,m->line,m->num,m->addr);
-	}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM *, CRYPTO_MEM_LEAK_CB **)
-
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
-	{
-	if (mh == NULL) return;
-	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-	lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb);
-	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
-	}
diff --git a/crypto/openssl/crypto/o_time.c b/crypto/openssl/crypto/o_time.c
deleted file mode 100644
index ca5f3ea48e0a..000000000000
--- a/crypto/openssl/crypto/o_time.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* crypto/o_time.c -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/e_os2.h>
-#include <string.h>
-#include "o_time.h"
-
-#ifdef OPENSSL_SYS_VMS
-# include <libdtdef.h>
-# include <lib$routines.h>
-# include <lnmdef.h>
-# include <starlet.h>
-# include <descrip.h>
-# include <stdlib.h>
-#endif
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
-	{
-	struct tm *ts = NULL;
-
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && !defined(__CYGWIN32__) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX)
-	/* should return &data, but doesn't on some systems,
-	   so we don't even look at the return value */
-	gmtime_r(timer,result);
-	ts = result;
-#elif !defined(OPENSSL_SYS_VMS)
-	ts = gmtime(timer);
-	if (ts != NULL)
-		memcpy(result, ts, sizeof(struct tm));
-	ts = result;
-#endif
-#ifdef OPENSSL_SYS_VMS
-	if (ts == NULL)
-		{
-		static $DESCRIPTOR(tabnam,"LNM$DCL_LOGICAL");
-		static $DESCRIPTOR(lognam,"SYS$TIMEZONE_DIFFERENTIAL");
-		char logvalue[256];
-		unsigned int reslen = 0;
-		struct {
-			short buflen;
-			short code;
-			void *bufaddr;
-			unsigned int *reslen;
-		} itemlist[] = {
-			{ 0, LNM$_STRING, 0, 0 },
-			{ 0, 0, 0, 0 },
-		};
-		int status;
-		time_t t;
-
-		/* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
-		itemlist[0].buflen = sizeof(logvalue);
-		itemlist[0].bufaddr = logvalue;
-		itemlist[0].reslen = &reslen;
-		status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
-		if (!(status & 1))
-			return NULL;
-		logvalue[reslen] = '\0';
-
-		/* Get the numerical value of the equivalence string */
-		status = atoi(logvalue);
-
-		/* and use it to move time to GMT */
-		t = *timer - status;
-
-		/* then convert the result to the time structure */
-#ifndef OPENSSL_THREADS
-		ts=(struct tm *)localtime(&t);
-#else
-		/* Since there was no gmtime_r() to do this stuff for us,
-		   we have to do it the hard way. */
-		{
-		/* The VMS epoch is the astronomical Smithsonian date,
-		   if I remember correctly, which is November 17, 1858.
-		   Furthermore, time is measure in thenths of microseconds
-		   and stored in quadwords (64 bit integers).  unix_epoch
-		   below is January 1st 1970 expressed as a VMS time.  The
-		   following code was used to get this number:
-
-		   #include <stdio.h>
-		   #include <stdlib.h>
-		   #include <lib$routines.h>
-		   #include <starlet.h>
-
-		   main()
-		   {
-		     unsigned long systime[2];
-		     unsigned short epoch_values[7] =
-		       { 1970, 1, 1, 0, 0, 0, 0 };
-
-		     lib$cvt_vectim(epoch_values, systime);
-
-		     printf("%u %u", systime[0], systime[1]);
-		   }
-		*/
-		unsigned long unix_epoch[2] = { 1273708544, 8164711 };
-		unsigned long deltatime[2];
-		unsigned long systime[2];
-		struct vms_vectime
-			{
-			short year, month, day, hour, minute, second,
-				centi_second;
-			} time_values;
-		long operation;
-
-		/* Turn the number of seconds since January 1st 1970 to
-		   an internal delta time.
-		   Note that lib$cvt_to_internal_time() will assume
-		   that t is signed, and will therefore break on 32-bit
-		   systems some time in 2038.
-		*/
-		operation = LIB$K_DELTA_SECONDS;
-		status = lib$cvt_to_internal_time(&operation,
-			&t, deltatime);
-
-		/* Add the delta time with the Unix epoch and we have
-		   the current UTC time in internal format */
-		status = lib$add_times(unix_epoch, deltatime, systime);
-
-		/* Turn the internal time into a time vector */
-		status = sys$numtim(&time_values, systime);
-
-		/* Fill in the struct tm with the result */
-		result->tm_sec = time_values.second;
-		result->tm_min = time_values.minute;
-		result->tm_hour = time_values.hour;
-		result->tm_mday = time_values.day;
-		result->tm_mon = time_values.month - 1;
-		result->tm_year = time_values.year - 1900;
-
-		operation = LIB$K_DAY_OF_WEEK;
-		status = lib$cvt_from_internal_time(&operation,
-			&result->tm_wday, systime);
-		result->tm_wday %= 7;
-
-		operation = LIB$K_DAY_OF_YEAR;
-		status = lib$cvt_from_internal_time(&operation,
-			&result->tm_yday, systime);
-		result->tm_yday--;
-
-		result->tm_isdst = 0; /* There's no way to know... */
-
-		ts = result;
-#endif
-		}
-		}
-#endif
-	return ts;
-	}	
diff --git a/crypto/openssl/crypto/o_time.h b/crypto/openssl/crypto/o_time.h
deleted file mode 100644
index e66044626d1f..000000000000
--- a/crypto/openssl/crypto/o_time.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/* crypto/o_time.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_TIME_H
-#define HEADER_O_TIME_H
-
-#include <time.h>
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
-
-#endif
diff --git a/crypto/openssl/crypto/objects/Makefile.save b/crypto/openssl/crypto/objects/Makefile.save
deleted file mode 100644
index 1b43d8027b84..000000000000
--- a/crypto/openssl/crypto/objects/Makefile.save
+++ /dev/null
@@ -1,112 +0,0 @@
-#
-# SSLeay/crypto/objects/Makefile
-#
-
-DIR=	objects
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c
-LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= objects.h obj_mac.h
-HEADER=	$(EXHEADER) obj_dat.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	obj_dat.h lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-o_names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-o_names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-o_names.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_dat.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-obj_dat.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-obj_dat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-obj_dat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_dat.o: ../cryptlib.h obj_dat.h
-obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-obj_err.o: ../../include/openssl/symhacks.h
-obj_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-obj_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_lib.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/objects/Makefile.ssl b/crypto/openssl/crypto/objects/Makefile.ssl
deleted file mode 100644
index 1f5d213495b9..000000000000
--- a/crypto/openssl/crypto/objects/Makefile.ssl
+++ /dev/null
@@ -1,123 +0,0 @@
-#
-# SSLeay/crypto/objects/Makefile
-#
-
-DIR=	objects
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-PERL=		perl
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c
-LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= objects.h obj_mac.h
-HEADER=	$(EXHEADER) obj_dat.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	obj_dat.h lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-obj_dat.h: obj_dat.pl obj_mac.h
-	$(PERL) obj_dat.pl obj_mac.h obj_dat.h
-
-# objects.pl both reads and writes obj_mac.num
-obj_mac.h: objects.pl objects.txt obj_mac.num
-	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
-o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-o_names.o: o_names.c
-obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
-obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
-obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-obj_err.o: ../../include/openssl/symhacks.h obj_err.c
-obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c
diff --git a/crypto/openssl/crypto/objects/o_names.c b/crypto/openssl/crypto/objects/o_names.c
deleted file mode 100644
index b4453b4a9875..000000000000
--- a/crypto/openssl/crypto/objects/o_names.c
+++ /dev/null
@@ -1,364 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/safestack.h>
-#include <openssl/e_os2.h>
-
-/* Later versions of DEC C has started to add lnkage information to certain
- * functions, which makes it tricky to use them as values to regular function
- * pointers.  One way is to define a macro that takes care of casting them
- * correctly.
- */
-#ifdef OPENSSL_SYS_VMS_DECC
-# define OPENSSL_strcmp (int (*)(const char *,const char *))strcmp
-#else
-# define OPENSSL_strcmp strcmp
-#endif
-
-/* I use the ex_data stuff to manage the identifiers for the obj_name_types
- * that applications may define.  I only really use the free function field.
- */
-static LHASH *names_lh=NULL;
-static int names_type_num=OBJ_NAME_TYPE_NUM;
-
-typedef struct name_funcs_st
-	{
-	unsigned long (*hash_func)(const char *name);
-	int (*cmp_func)(const char *a,const char *b);
-	void (*free_func)(const char *, int, const char *);
-	} NAME_FUNCS;
-
-DECLARE_STACK_OF(NAME_FUNCS)
-IMPLEMENT_STACK_OF(NAME_FUNCS)
-
-static STACK_OF(NAME_FUNCS) *name_funcs_stack;
-
-/* The LHASH callbacks now use the raw "void *" prototypes and do per-variable
- * casting in the functions. This prevents function pointer casting without the
- * need for macro-generated wrapper functions. */
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a); */
-static unsigned long obj_name_hash(const void *a_void);
-/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
-static int obj_name_cmp(const void *a_void,const void *b_void);
-
-int OBJ_NAME_init(void)
-	{
-	if (names_lh != NULL) return(1);
-	MemCheck_off();
-	names_lh=lh_new(obj_name_hash, obj_name_cmp);
-	MemCheck_on();
-	return(names_lh != NULL);
-	}
-
-int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
-	int (*cmp_func)(const char *, const char *),
-	void (*free_func)(const char *, int, const char *))
-	{
-	int ret;
-	int i;
-	NAME_FUNCS *name_funcs;
-
-	if (name_funcs_stack == NULL)
-		{
-		MemCheck_off();
-		name_funcs_stack=sk_NAME_FUNCS_new_null();
-		MemCheck_on();
-		}
-	if ((name_funcs_stack == NULL))
-		{
-		/* ERROR */
-		return(0);
-		}
-	ret=names_type_num;
-	names_type_num++;
-	for (i=sk_NAME_FUNCS_num(name_funcs_stack); i<names_type_num; i++)
-		{
-		MemCheck_off();
-		name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
-		MemCheck_on();
-		if (!name_funcs) return(0);
-		name_funcs->hash_func = lh_strhash;
-		name_funcs->cmp_func = OPENSSL_strcmp;
-		name_funcs->free_func = 0; /* NULL is often declared to
-						* ((void *)0), which according
-						* to Compaq C is not really
-						* compatible with a function
-						* pointer.	-- Richard Levitte*/
-		MemCheck_off();
-		sk_NAME_FUNCS_push(name_funcs_stack,name_funcs);
-		MemCheck_on();
-		}
-	name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
-	if (hash_func != NULL)
-		name_funcs->hash_func = hash_func;
-	if (cmp_func != NULL)
-		name_funcs->cmp_func = cmp_func;
-	if (free_func != NULL)
-		name_funcs->free_func = free_func;
-	return(ret);
-	}
-
-/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */
-static int obj_name_cmp(const void *a_void, const void *b_void)
-	{
-	int ret;
-	OBJ_NAME *a = (OBJ_NAME *)a_void;
-	OBJ_NAME *b = (OBJ_NAME *)b_void;
-
-	ret=a->type-b->type;
-	if (ret == 0)
-		{
-		if ((name_funcs_stack != NULL)
-			&& (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
-			{
-			ret=sk_NAME_FUNCS_value(name_funcs_stack,
-				a->type)->cmp_func(a->name,b->name);
-			}
-		else
-			ret=strcmp(a->name,b->name);
-		}
-	return(ret);
-	}
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a) */
-static unsigned long obj_name_hash(const void *a_void)
-	{
-	unsigned long ret;
-	OBJ_NAME *a = (OBJ_NAME *)a_void;
-
-	if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
-		{
-		ret=sk_NAME_FUNCS_value(name_funcs_stack,
-			a->type)->hash_func(a->name);
-		}
-	else
-		{
-		ret=lh_strhash(a->name);
-		}
-	ret^=a->type;
-	return(ret);
-	}
-
-const char *OBJ_NAME_get(const char *name, int type)
-	{
-	OBJ_NAME on,*ret;
-	int num=0,alias;
-
-	if (name == NULL) return(NULL);
-	if ((names_lh == NULL) && !OBJ_NAME_init()) return(NULL);
-
-	alias=type&OBJ_NAME_ALIAS;
-	type&= ~OBJ_NAME_ALIAS;
-
-	on.name=name;
-	on.type=type;
-
-	for (;;)
-	{
-		ret=(OBJ_NAME *)lh_retrieve(names_lh,&on);
-		if (ret == NULL) return(NULL);
-		if ((ret->alias) && !alias)
-			{
-			if (++num > 10) return(NULL);
-			on.name=ret->data;
-			}
-		else
-			{
-			return(ret->data);
-			}
-		}
-	}
-
-int OBJ_NAME_add(const char *name, int type, const char *data)
-	{
-	OBJ_NAME *onp,*ret;
-	int alias;
-
-	if ((names_lh == NULL) && !OBJ_NAME_init()) return(0);
-
-	alias=type&OBJ_NAME_ALIAS;
-	type&= ~OBJ_NAME_ALIAS;
-
-	onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
-	if (onp == NULL)
-		{
-		/* ERROR */
-		return(0);
-		}
-
-	onp->name=name;
-	onp->alias=alias;
-	onp->type=type;
-	onp->data=data;
-
-	ret=(OBJ_NAME *)lh_insert(names_lh,onp);
-	if (ret != NULL)
-		{
-		/* free things */
-		if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
-			{
-			/* XXX: I'm not sure I understand why the free
-			 * function should get three arguments...
-			 * -- Richard Levitte
-			 */
-			sk_NAME_FUNCS_value(name_funcs_stack,
-				ret->type)->free_func(ret->name,ret->type,ret->data);
-			}
-		OPENSSL_free(ret);
-		}
-	else
-		{
-		if (lh_error(names_lh))
-			{
-			/* ERROR */
-			return(0);
-			}
-		}
-	return(1);
-	}
-
-int OBJ_NAME_remove(const char *name, int type)
-	{
-	OBJ_NAME on,*ret;
-
-	if (names_lh == NULL) return(0);
-
-	type&= ~OBJ_NAME_ALIAS;
-	on.name=name;
-	on.type=type;
-	ret=(OBJ_NAME *)lh_delete(names_lh,&on);
-	if (ret != NULL)
-		{
-		/* free things */
-		if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
-			{
-			/* XXX: I'm not sure I understand why the free
-			 * function should get three arguments...
-			 * -- Richard Levitte
-			 */
-			sk_NAME_FUNCS_value(name_funcs_stack,
-				ret->type)->free_func(ret->name,ret->type,ret->data);
-			}
-		OPENSSL_free(ret);
-		return(1);
-		}
-	else
-		return(0);
-	}
-
-struct doall
-	{
-	int type;
-	void (*fn)(const OBJ_NAME *,void *arg);
-	void *arg;
-	};
-
-static void do_all_fn(const OBJ_NAME *name,struct doall *d)
-	{
-	if(name->type == d->type)
-		d->fn(name,d->arg);
-	}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME *, struct doall *)
-
-void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg)
-	{
-	struct doall d;
-
-	d.type=type;
-	d.fn=fn;
-	d.arg=arg;
-
-	lh_doall_arg(names_lh,LHASH_DOALL_ARG_FN(do_all_fn),&d);
-	}
-
-struct doall_sorted
-	{
-	int type;
-	int n;
-	const OBJ_NAME **names;
-	};
-
-static void do_all_sorted_fn(const OBJ_NAME *name,void *d_)
-	{
-	struct doall_sorted *d=d_;
-
-	if(name->type != d->type)
-		return;
-
-	d->names[d->n++]=name;
-	}
-
-static int do_all_sorted_cmp(const void *n1_,const void *n2_)
-	{
-	const OBJ_NAME * const *n1=n1_;
-	const OBJ_NAME * const *n2=n2_;
-
-	return strcmp((*n1)->name,(*n2)->name);
-	}
-
-void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg),
-				void *arg)
-	{
-	struct doall_sorted d;
-	int n;
-
-	d.type=type;
-	d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names);
-	d.n=0;
-	OBJ_NAME_do_all(type,do_all_sorted_fn,&d);
-
-	qsort((void *)d.names,d.n,sizeof *d.names,do_all_sorted_cmp);
-
-	for(n=0 ; n < d.n ; ++n)
-		fn(d.names[n],arg);
-
-	OPENSSL_free((void *)d.names);
-	}
-
-static int free_type;
-
-static void names_lh_free(OBJ_NAME *onp)
-{
-	if(onp == NULL)
-		return;
-
-	if ((free_type < 0) || (free_type == onp->type))
-		{
-		OBJ_NAME_remove(onp->name,onp->type);
-		}
-	}
-
-static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME *)
-
-static void name_funcs_free(NAME_FUNCS *ptr)
-	{
-	OPENSSL_free(ptr);
-	}
-
-void OBJ_NAME_cleanup(int type)
-	{
-	unsigned long down_load;
-
-	if (names_lh == NULL) return;
-
-	free_type=type;
-	down_load=names_lh->down_load;
-	names_lh->down_load=0;
-
-	lh_doall(names_lh,LHASH_DOALL_FN(names_lh_free));
-	if (type < 0)
-		{
-		lh_free(names_lh);
-		sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free);
-		names_lh=NULL;
-		name_funcs_stack = NULL;
-		}
-	else
-		names_lh->down_load=down_load;
-	}
-
diff --git a/crypto/openssl/crypto/objects/obj_dat.c b/crypto/openssl/crypto/objects/obj_dat.c
deleted file mode 100644
index 5d983e3ed472..000000000000
--- a/crypto/openssl/crypto/objects/obj_dat.c
+++ /dev/null
@@ -1,666 +0,0 @@
-/* crypto/objects/obj_dat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-/* obj_dat.h is generated from objects.h by obj_dat.pl */
-#ifndef OPENSSL_NO_OBJECT
-#include "obj_dat.h"
-#else
-/* You will have to load all the objects needed manually in the application */
-#define NUM_NID 0
-#define NUM_SN 0
-#define NUM_LN 0
-#define NUM_OBJ 0
-static unsigned char lvalues[1];
-static ASN1_OBJECT nid_objs[1];
-static ASN1_OBJECT *sn_objs[1];
-static ASN1_OBJECT *ln_objs[1];
-static ASN1_OBJECT *obj_objs[1];
-#endif
-
-static int sn_cmp(const void *a, const void *b);
-static int ln_cmp(const void *a, const void *b);
-static int obj_cmp(const void *a, const void *b);
-#define ADDED_DATA	0
-#define ADDED_SNAME	1
-#define ADDED_LNAME	2
-#define ADDED_NID	3
-
-typedef struct added_obj_st
-	{
-	int type;
-	ASN1_OBJECT *obj;
-	} ADDED_OBJ;
-
-static int new_nid=NUM_NID;
-static LHASH *added=NULL;
-
-static int sn_cmp(const void *a, const void *b)
-	{
-	const ASN1_OBJECT * const *ap = a, * const *bp = b;
-	return(strcmp((*ap)->sn,(*bp)->sn));
-	}
-
-static int ln_cmp(const void *a, const void *b)
-	{ 
-	const ASN1_OBJECT * const *ap = a, * const *bp = b;
-	return(strcmp((*ap)->ln,(*bp)->ln));
-	}
-
-/* static unsigned long add_hash(ADDED_OBJ *ca) */
-static unsigned long add_hash(const void *ca_void)
-	{
-	const ASN1_OBJECT *a;
-	int i;
-	unsigned long ret=0;
-	unsigned char *p;
-	ADDED_OBJ *ca = (ADDED_OBJ *)ca_void;
-
-	a=ca->obj;
-	switch (ca->type)
-		{
-	case ADDED_DATA:
-		ret=a->length<<20L;
-		p=(unsigned char *)a->data;
-		for (i=0; i<a->length; i++)
-			ret^=p[i]<<((i*3)%24);
-		break;
-	case ADDED_SNAME:
-		ret=lh_strhash(a->sn);
-		break;
-	case ADDED_LNAME:
-		ret=lh_strhash(a->ln);
-		break;
-	case ADDED_NID:
-		ret=a->nid;
-		break;
-	default:
-		/* abort(); */
-		return 0;
-		}
-	ret&=0x3fffffffL;
-	ret|=ca->type<<30L;
-	return(ret);
-	}
-
-/* static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) */
-static int add_cmp(const void *ca_void, const void *cb_void)
-	{
-	ASN1_OBJECT *a,*b;
-	int i;
-	ADDED_OBJ *ca = (ADDED_OBJ *)ca_void;
-	ADDED_OBJ *cb = (ADDED_OBJ *)cb_void;
-
-	i=ca->type-cb->type;
-	if (i) return(i);
-	a=ca->obj;
-	b=cb->obj;
-	switch (ca->type)
-		{
-	case ADDED_DATA:
-		i=(a->length - b->length);
-		if (i) return(i);
-		return(memcmp(a->data,b->data,a->length));
-	case ADDED_SNAME:
-		if (a->sn == NULL) return(-1);
-		else if (b->sn == NULL) return(1);
-		else return(strcmp(a->sn,b->sn));
-	case ADDED_LNAME:
-		if (a->ln == NULL) return(-1);
-		else if (b->ln == NULL) return(1);
-		else return(strcmp(a->ln,b->ln));
-	case ADDED_NID:
-		return(a->nid-b->nid);
-	default:
-		/* abort(); */
-		return 0;
-		}
-	}
-
-static int init_added(void)
-	{
-	if (added != NULL) return(1);
-	added=lh_new(add_hash,add_cmp);
-	return(added != NULL);
-	}
-
-static void cleanup1(ADDED_OBJ *a)
-	{
-	a->obj->nid=0;
-	a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
-	                ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
-			ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-	}
-
-static void cleanup2(ADDED_OBJ *a)
-	{ a->obj->nid++; }
-
-static void cleanup3(ADDED_OBJ *a)
-	{
-	if (--a->obj->nid == 0)
-		ASN1_OBJECT_free(a->obj);
-	OPENSSL_free(a);
-	}
-
-static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ *)
-
-void OBJ_cleanup(void)
-	{
-	if (added == NULL) return;
-	added->down_load=0;
-	lh_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */
-	lh_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */
-	lh_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */
-	lh_free(added);
-	added=NULL;
-	}
-
-int OBJ_new_nid(int num)
-	{
-	int i;
-
-	i=new_nid;
-	new_nid+=num;
-	return(i);
-	}
-
-int OBJ_add_object(const ASN1_OBJECT *obj)
-	{
-	ASN1_OBJECT *o;
-	ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop;
-	int i;
-
-	if (added == NULL)
-		if (!init_added()) return(0);
-	if ((o=OBJ_dup(obj)) == NULL) goto err;
-	if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err;
-	if ((o->length != 0) && (obj->data != NULL))
-		ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
-	if (o->sn != NULL)
-		ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
-	if (o->ln != NULL)
-		ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
-
-	for (i=ADDED_DATA; i<=ADDED_NID; i++)
-		{
-		if (ao[i] != NULL)
-			{
-			ao[i]->type=i;
-			ao[i]->obj=o;
-			aop=(ADDED_OBJ *)lh_insert(added,ao[i]);
-			/* memory leak, buit should not normally matter */
-			if (aop != NULL)
-				OPENSSL_free(aop);
-			}
-		}
-	o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
-			ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-
-	return(o->nid);
-err:
-	for (i=ADDED_DATA; i<=ADDED_NID; i++)
-		if (ao[i] != NULL) OPENSSL_free(ao[i]);
-	if (o != NULL) OPENSSL_free(o);
-	return(NID_undef);
-	}
-
-ASN1_OBJECT *OBJ_nid2obj(int n)
-	{
-	ADDED_OBJ ad,*adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID))
-		{
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
-			{
-			OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		return((ASN1_OBJECT *)&(nid_objs[n]));
-		}
-	else if (added == NULL)
-		return(NULL);
-	else
-		{
-		ad.type=ADDED_NID;
-		ad.obj= &ob;
-		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL)
-			return(adp->obj);
-		else
-			{
-			OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		}
-	}
-
-const char *OBJ_nid2sn(int n)
-	{
-	ADDED_OBJ ad,*adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID))
-		{
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
-			{
-			OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		return(nid_objs[n].sn);
-		}
-	else if (added == NULL)
-		return(NULL);
-	else
-		{
-		ad.type=ADDED_NID;
-		ad.obj= &ob;
-		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL)
-			return(adp->obj->sn);
-		else
-			{
-			OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		}
-	}
-
-const char *OBJ_nid2ln(int n)
-	{
-	ADDED_OBJ ad,*adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID))
-		{
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
-			{
-			OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		return(nid_objs[n].ln);
-		}
-	else if (added == NULL)
-		return(NULL);
-	else
-		{
-		ad.type=ADDED_NID;
-		ad.obj= &ob;
-		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL)
-			return(adp->obj->ln);
-		else
-			{
-			OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
-			return(NULL);
-			}
-		}
-	}
-
-int OBJ_obj2nid(const ASN1_OBJECT *a)
-	{
-	ASN1_OBJECT **op;
-	ADDED_OBJ ad,*adp;
-
-	if (a == NULL)
-		return(NID_undef);
-	if (a->nid != 0)
-		return(a->nid);
-
-	if (added != NULL)
-		{
-		ad.type=ADDED_DATA;
-		ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL) return (adp->obj->nid);
-		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
-		sizeof(ASN1_OBJECT *),obj_cmp);
-	if (op == NULL)
-		return(NID_undef);
-	return((*op)->nid);
-	}
-
-/* Convert an object name into an ASN1_OBJECT
- * if "noname" is not set then search for short and long names first.
- * This will convert the "dotted" form into an object: unlike OBJ_txt2nid
- * it can be used with any objects, not just registered ones.
- */
-
-ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
-	{
-	int nid = NID_undef;
-	ASN1_OBJECT *op=NULL;
-	unsigned char *buf,*p;
-	int i, j;
-
-	if(!no_name) {
-		if( ((nid = OBJ_sn2nid(s)) != NID_undef) ||
-			((nid = OBJ_ln2nid(s)) != NID_undef) ) 
-					return OBJ_nid2obj(nid);
-	}
-
-	/* Work out size of content octets */
-	i=a2d_ASN1_OBJECT(NULL,0,s,-1);
-	if (i <= 0) {
-		/* Clear the error */
-		ERR_get_error();
-		return NULL;
-	}
-	/* Work out total size */
-	j = ASN1_object_size(0,i,V_ASN1_OBJECT);
-
-	if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL;
-
-	p = buf;
-	/* Write out tag+length */
-	ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
-	/* Write out contents */
-	a2d_ASN1_OBJECT(p,i,s,-1);
-	
-	p=buf;
-	op=d2i_ASN1_OBJECT(NULL,&p,j);
-	OPENSSL_free(buf);
-	return op;
-	}
-
-int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
-{
-	int i,idx=0,n=0,len,nid;
-	unsigned long l;
-	unsigned char *p;
-	const char *s;
-	char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
-
-	if (buf_len <= 0) return(0);
-
-	if ((a == NULL) || (a->data == NULL)) {
-		buf[0]='\0';
-		return(0);
-	}
-
-	if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) {
-		len=a->length;
-		p=a->data;
-
-		idx=0;
-		l=0;
-		while (idx < a->length) {
-			l|=(p[idx]&0x7f);
-			if (!(p[idx] & 0x80)) break;
-			l<<=7L;
-			idx++;
-		}
-		idx++;
-		i=(int)(l/40);
-		if (i > 2) i=2;
-		l-=(long)(i*40);
-
-		sprintf(tbuf,"%d.%lu",i,l);
-		i=strlen(tbuf);
-		BUF_strlcpy(buf,tbuf,buf_len);
-		buf_len-=i;
-		buf+=i;
-		n+=i;
-
-		l=0;
-		for (; idx<len; idx++) {
-			l|=p[idx]&0x7f;
-			if (!(p[idx] & 0x80)) {
-				sprintf(tbuf,".%lu",l);
-				i=strlen(tbuf);
-				if (buf_len > 0)
-					BUF_strlcpy(buf,tbuf,buf_len);
-				buf_len-=i;
-				buf+=i;
-				n+=i;
-				l=0;
-			}
-			l<<=7L;
-		}
-	} else {
-		s=OBJ_nid2ln(nid);
-		if (s == NULL)
-			s=OBJ_nid2sn(nid);
-		BUF_strlcpy(buf,s,buf_len);
-		n=strlen(s);
-	}
-	return(n);
-}
-
-int OBJ_txt2nid(const char *s)
-{
-	ASN1_OBJECT *obj;
-	int nid;
-	obj = OBJ_txt2obj(s, 0);
-	nid = OBJ_obj2nid(obj);
-	ASN1_OBJECT_free(obj);
-	return nid;
-}
-
-int OBJ_ln2nid(const char *s)
-	{
-	ASN1_OBJECT o,*oo= &o,**op;
-	ADDED_OBJ ad,*adp;
-
-	o.ln=s;
-	if (added != NULL)
-		{
-		ad.type=ADDED_LNAME;
-		ad.obj= &o;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL) return (adp->obj->nid);
-		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
-		sizeof(ASN1_OBJECT *),ln_cmp);
-	if (op == NULL) return(NID_undef);
-	return((*op)->nid);
-	}
-
-int OBJ_sn2nid(const char *s)
-	{
-	ASN1_OBJECT o,*oo= &o,**op;
-	ADDED_OBJ ad,*adp;
-
-	o.sn=s;
-	if (added != NULL)
-		{
-		ad.type=ADDED_SNAME;
-		ad.obj= &o;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
-		if (adp != NULL) return (adp->obj->nid);
-		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
-		sizeof(ASN1_OBJECT *),sn_cmp);
-	if (op == NULL) return(NID_undef);
-	return((*op)->nid);
-	}
-
-static int obj_cmp(const void *ap, const void *bp)
-	{
-	int j;
-	ASN1_OBJECT *a= *(ASN1_OBJECT **)ap;
-	ASN1_OBJECT *b= *(ASN1_OBJECT **)bp;
-
-	j=(a->length - b->length);
-        if (j) return(j);
-	return(memcmp(a->data,b->data,a->length));
-        }
-
-const char *OBJ_bsearch(const char *key, const char *base, int num, int size,
-	int (*cmp)(const void *, const void *))
-	{
-	int l,h,i,c;
-	const char *p;
-
-	if (num == 0) return(NULL);
-	l=0;
-	h=num;
-	while (l < h)
-		{
-		i=(l+h)/2;
-		p= &(base[i*size]);
-		c=(*cmp)(key,p);
-		if (c < 0)
-			h=i;
-		else if (c > 0)
-			l=i+1;
-		else
-			return(p);
-		}
-#ifdef CHARSET_EBCDIC
-/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and
- * I don't have perl (yet), we revert to a *LINEAR* search
- * when the object wasn't found in the binary search.
- */
-	for (i=0; i<num; ++i) {
-		p= &(base[i*size]);
-		if ((*cmp)(key,p) == 0)
-			return p;
-	}
-#endif
-	return(NULL);
-	}
-
-int OBJ_create_objects(BIO *in)
-	{
-	MS_STATIC char buf[512];
-	int i,num=0;
-	char *o,*s,*l=NULL;
-
-	for (;;)
-		{
-		s=o=NULL;
-		i=BIO_gets(in,buf,512);
-		if (i <= 0) return(num);
-		buf[i-1]='\0';
-		if (!isalnum((unsigned char)buf[0])) return(num);
-		o=s=buf;
-		while (isdigit((unsigned char)*s) || (*s == '.'))
-			s++;
-		if (*s != '\0')
-			{
-			*(s++)='\0';
-			while (isspace((unsigned char)*s))
-				s++;
-			if (*s == '\0')
-				s=NULL;
-			else
-				{
-				l=s;
-				while ((*l != '\0') && !isspace((unsigned char)*l))
-					l++;
-				if (*l != '\0')
-					{
-					*(l++)='\0';
-					while (isspace((unsigned char)*l))
-						l++;
-					if (*l == '\0') l=NULL;
-					}
-				else
-					l=NULL;
-				}
-			}
-		else
-			s=NULL;
-		if ((o == NULL) || (*o == '\0')) return(num);
-		if (!OBJ_create(o,s,l)) return(num);
-		num++;
-		}
-	/* return(num); */
-	}
-
-int OBJ_create(const char *oid, const char *sn, const char *ln)
-	{
-	int ok=0;
-	ASN1_OBJECT *op=NULL;
-	unsigned char *buf;
-	int i;
-
-	i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
-	if (i <= 0) return(0);
-
-	if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL)
-		{
-		OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
-		return(0);
-		}
-	i=a2d_ASN1_OBJECT(buf,i,oid,-1);
-	if (i == 0)
-		goto err;
-	op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
-	if (op == NULL) 
-		goto err;
-	ok=OBJ_add_object(op);
-err:
-	ASN1_OBJECT_free(op);
-	OPENSSL_free(buf);
-	return(ok);
-	}
-
diff --git a/crypto/openssl/crypto/objects/obj_dat.h b/crypto/openssl/crypto/objects/obj_dat.h
deleted file mode 100644
index 969b18a34196..000000000000
--- a/crypto/openssl/crypto/objects/obj_dat.h
+++ /dev/null
@@ -1,3644 +0,0 @@
-/* crypto/objects/obj_dat.h */
-
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl obj_mac.h obj_dat.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NUM_NID 650
-#define NUM_SN 643
-#define NUM_LN 643
-#define NUM_OBJ 617
-
-static unsigned char lvalues[4455]={
-0x00,                                        /* [  0] OBJ_undef */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 14] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05,     /* [ 22] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04,     /* [ 30] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */
-0x55,                                        /* [ 83] OBJ_X500 */
-0x55,0x04,                                   /* [ 84] OBJ_X509 */
-0x55,0x04,0x03,                              /* [ 86] OBJ_commonName */
-0x55,0x04,0x06,                              /* [ 89] OBJ_countryName */
-0x55,0x04,0x07,                              /* [ 92] OBJ_localityName */
-0x55,0x04,0x08,                              /* [ 95] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A,                              /* [ 98] OBJ_organizationName */
-0x55,0x04,0x0B,                              /* [101] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01,                         /* [104] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,     /* [108] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,     /* [170] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06,                    /* [187] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09,                    /* [192] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07,                    /* [197] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11,                    /* [202] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [218] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12,                    /* [226] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F,                    /* [231] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07,     /* [236] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08,                    /* [244] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,     /* [249] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,          /* [338] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,     /* [345] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,     /* [353] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A,                    /* [361] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D,                    /* [375] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C,                    /* [380] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B,                    /* [403] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
-0x55,0x1D,                                   /* [489] OBJ_id_ce */
-0x55,0x1D,0x0E,                              /* [491] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F,                              /* [494] OBJ_key_usage */
-0x55,0x1D,0x10,                              /* [497] OBJ_private_key_usage_period */
-0x55,0x1D,0x11,                              /* [500] OBJ_subject_alt_name */
-0x55,0x1D,0x12,                              /* [503] OBJ_issuer_alt_name */
-0x55,0x1D,0x13,                              /* [506] OBJ_basic_constraints */
-0x55,0x1D,0x14,                              /* [509] OBJ_crl_number */
-0x55,0x1D,0x20,                              /* [512] OBJ_certificate_policies */
-0x55,0x1D,0x23,                              /* [515] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65,                         /* [527] OBJ_mdc2 */
-0x55,0x08,0x03,0x64,                         /* [531] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A,                              /* [535] OBJ_givenName */
-0x55,0x04,0x04,                              /* [538] OBJ_surname */
-0x55,0x04,0x2B,                              /* [541] OBJ_initials */
-0x55,0x1D,0x1F,                              /* [544] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03,                    /* [547] OBJ_md5WithRSA */
-0x55,0x04,0x05,                              /* [552] OBJ_serialNumber */
-0x55,0x04,0x0C,                              /* [555] OBJ_title */
-0x55,0x04,0x0D,                              /* [558] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03,          /* [579] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D,                    /* [586] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01,          /* [591] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01,                    /* [598] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02,               /* [603] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [609] OBJ_rc5_cbc */
-0x29,0x01,0x01,0x85,0x1A,0x01,               /* [617] OBJ_rle_compression */
-0x29,0x01,0x01,0x85,0x1A,0x02,               /* [623] OBJ_zlib_compression */
-0x55,0x1D,0x25,                              /* [629] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07,               /* [632] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [638] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [645] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [653] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [661] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [669] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [677] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */
-0x55,0x1D,0x1B,                              /* [744] OBJ_delta_crl */
-0x55,0x1D,0x15,                              /* [747] OBJ_crl_reason */
-0x55,0x1D,0x18,                              /* [750] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01,                    /* [753] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [950] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [958] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [966] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */
-0x55,0x04,0x29,                              /* [1029] OBJ_name */
-0x55,0x04,0x2E,                              /* [1032] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1035] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1042] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1049] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1057] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1065] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1073] OBJ_OCSP_sign */
-0x28,                                        /* [1081] OBJ_iso */
-0x2A,                                        /* [1082] OBJ_member_body */
-0x2A,0x86,0x48,                              /* [1083] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38,                    /* [1086] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1091] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1097] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1105] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1863] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1871] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1878] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1885] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1892] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1899] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1906] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1913] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1920] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1927] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1934] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1941] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1948] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1956] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1964] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1972] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1980] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1988] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [1996] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2004] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2012] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2020] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2028] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2036] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2044] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2052] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2060] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2068] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2076] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2084] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2092] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2100] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2108] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2116] OBJ_sbqp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2124] OBJ_sbqp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2132] OBJ_sbqp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2140] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2148] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2156] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2164] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2172] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2180] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2188] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2196] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2204] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2212] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2220] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2228] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2236] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2244] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2252] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2260] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2268] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2276] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2284] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2292] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2300] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2308] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2388] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2396] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2412] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2420] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2428] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2436] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2444] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2452] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2460] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2468] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2476] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2484] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2492] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2500] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2508] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2516] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2524] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2532] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2540] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2548] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2556] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2564] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2572] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2580] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2588] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2596] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2604] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2612] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2620] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2628] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2636] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2644] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2652] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2660] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2676] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2684] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2692] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2700] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2708] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02,                         /* [2815] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B,                    /* [2819] OBJ_rsaSignature */
-0x55,0x08,                                   /* [2824] OBJ_X500algorithms */
-0x2B,                                        /* [2826] OBJ_org */
-0x2B,0x06,                                   /* [2827] OBJ_dod */
-0x2B,0x06,0x01,                              /* [2829] OBJ_iana */
-0x2B,0x06,0x01,0x01,                         /* [2832] OBJ_Directory */
-0x2B,0x06,0x01,0x02,                         /* [2836] OBJ_Management */
-0x2B,0x06,0x01,0x03,                         /* [2840] OBJ_Experimental */
-0x2B,0x06,0x01,0x04,                         /* [2844] OBJ_Private */
-0x2B,0x06,0x01,0x05,                         /* [2848] OBJ_Security */
-0x2B,0x06,0x01,0x06,                         /* [2852] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07,                         /* [2856] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01,                    /* [2860] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */
-0x50,                                        /* [2894] OBJ_joint_iso_ccitt */
-0x55,0x01,0x05,                              /* [2895] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37,                         /* [2898] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2911] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2919] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2927] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48,                              /* [2935] OBJ_role */
-0x55,0x1D,0x24,                              /* [2938] OBJ_policy_constraints */
-0x55,0x1D,0x37,                              /* [2941] OBJ_target_information */
-0x55,0x1D,0x38,                              /* [2944] OBJ_no_rev_avail */
-0x00,                                        /* [2947] OBJ_ccitt */
-0x2A,0x86,0x48,0xCE,0x3D,                    /* [2948] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2953] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2960] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2967] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2974] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2982] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2990] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [2998] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3006] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3014] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3022] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3030] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17,                              /* [3154] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3157] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3164] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3171] OBJ_hold_instruction_reject */
-0x09,                                        /* [3178] OBJ_data */
-0x09,0x92,0x26,                              /* [3179] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3182] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3189] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */
-0x55,0x04,0x2D,                              /* [3843] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01,                    /* [3846] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3851] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3857] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3863] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3870] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C,                              /* [3877] OBJ_generationQualifier */
-0x55,0x04,0x41,                              /* [3880] OBJ_pseudonym */
-0x67,0x2A,                                   /* [3883] OBJ_id_set */
-0x67,0x2A,0x00,                              /* [3885] OBJ_set_ctype */
-0x67,0x2A,0x01,                              /* [3888] OBJ_set_msgExt */
-0x67,0x2A,0x03,                              /* [3891] OBJ_set_attr */
-0x67,0x2A,0x05,                              /* [3894] OBJ_set_policy */
-0x67,0x2A,0x07,                              /* [3897] OBJ_set_certExt */
-0x67,0x2A,0x08,                              /* [3900] OBJ_set_brand */
-0x67,0x2A,0x00,0x00,                         /* [3903] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01,                         /* [3907] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02,                         /* [3911] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03,                         /* [3915] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04,                         /* [3919] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05,                         /* [3923] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06,                         /* [3927] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07,                         /* [3931] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08,                         /* [3935] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09,                         /* [3939] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A,                         /* [3943] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B,                         /* [3947] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C,                         /* [3951] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D,                         /* [3955] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E,                         /* [3959] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10,                         /* [3963] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11,                         /* [3967] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12,                         /* [3971] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13,                         /* [3975] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14,                         /* [3979] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15,                         /* [3983] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16,                         /* [3987] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17,                         /* [3991] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18,                         /* [3995] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19,                         /* [3999] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A,                         /* [4003] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B,                         /* [4007] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C,                         /* [4011] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D,                         /* [4015] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E,                         /* [4019] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F,                         /* [4023] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20,                         /* [4027] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21,                         /* [4031] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22,                         /* [4035] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23,                         /* [4039] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24,                         /* [4043] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25,                         /* [4047] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26,                         /* [4051] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27,                         /* [4055] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28,                         /* [4059] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29,                         /* [4063] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A,                         /* [4067] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B,                         /* [4071] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C,                         /* [4075] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D,                         /* [4079] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E,                         /* [4083] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F,                         /* [4087] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30,                         /* [4091] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31,                         /* [4095] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32,                         /* [4099] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33,                         /* [4103] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34,                         /* [4107] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35,                         /* [4111] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36,                         /* [4115] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37,                         /* [4119] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38,                         /* [4123] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39,                         /* [4127] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A,                         /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B,                         /* [4135] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C,                         /* [4139] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D,                         /* [4143] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E,                         /* [4147] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F,                         /* [4151] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40,                         /* [4155] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41,                         /* [4159] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42,                         /* [4163] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43,                         /* [4167] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44,                         /* [4171] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45,                         /* [4175] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46,                         /* [4179] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47,                         /* [4183] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48,                         /* [4187] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49,                         /* [4191] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A,                         /* [4195] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B,                         /* [4199] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C,                         /* [4203] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D,                         /* [4207] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E,                         /* [4211] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F,                         /* [4215] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50,                         /* [4219] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51,                         /* [4223] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52,                         /* [4227] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01,                         /* [4231] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03,                         /* [4235] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04,                         /* [4239] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05,                         /* [4243] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07,                         /* [4247] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08,                         /* [4251] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00,                         /* [4255] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00,                         /* [4259] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01,                         /* [4263] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02,                         /* [4267] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03,                         /* [4271] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04,                         /* [4275] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05,                         /* [4279] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06,                         /* [4283] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07,                         /* [4287] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08,                         /* [4291] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09,                         /* [4295] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A,                         /* [4299] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B,                         /* [4303] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00,                         /* [4307] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01,                         /* [4311] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02,                         /* [4315] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03,                         /* [4319] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00,                    /* [4323] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01,                    /* [4328] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01,                    /* [4333] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02,                    /* [4338] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03,                    /* [4343] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04,                    /* [4348] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05,                    /* [4353] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4358] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4364] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4370] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4376] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4382] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01,                         /* [4388] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E,                         /* [4392] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22,                         /* [4396] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23,                         /* [4400] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04,                         /* [4404] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05,                         /* [4408] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B,                    /* [4412] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4417] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */
-};
-
-static ASN1_OBJECT nid_objs[NUM_NID]={
-{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[14]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[22]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0},
-{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
-	&(lvalues[47]),0},
-{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
-	&(lvalues[56]),0},
-{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
-	&(lvalues[65]),0},
-{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
-	&(lvalues[74]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0},
-{"X509","X509",NID_X509,2,&(lvalues[84]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[86]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[89]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[92]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0},
-{"OU","organizationalUnitName",NID_organizationalUnitName,3,
-	&(lvalues[101]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0},
-{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
-	&(lvalues[125]),0},
-{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
-	&(lvalues[134]),0},
-{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
-	NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0},
-{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
-	&(lvalues[152]),0},
-{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
-	&(lvalues[161]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0},
-{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
-	&(lvalues[178]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
-{"SHA","sha",NID_sha,5,&(lvalues[226]),0},
-{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
-	&(lvalues[231]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
-{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
-	&(lvalues[257]),0},
-{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
-	&(lvalues[266]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0},
-{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
-	&(lvalues[284]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0},
-{"countersignature","countersignature",NID_pkcs9_countersignature,9,
-	&(lvalues[302]),0},
-{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
-	9,&(lvalues[311]),0},
-{"unstructuredAddress","unstructuredAddress",
-	NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0},
-{"extendedCertificateAttributes","extendedCertificateAttributes",
-	NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0},
-{"Netscape","Netscape Communications Corp.",NID_netscape,7,
-	&(lvalues[338]),0},
-{"nsCertExt","Netscape Certificate Extension",
-	NID_netscape_cert_extension,8,&(lvalues[345]),0},
-{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
-	&(lvalues[353]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
-{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
-	&(lvalues[366]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0},
-{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
-	9,&(lvalues[385]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0},
-{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
-	&(lvalues[408]),0},
-{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
-	&(lvalues[417]),0},
-{"nsRevocationUrl","Netscape Revocation Url",
-	NID_netscape_revocation_url,9,&(lvalues[426]),0},
-{"nsCaRevocationUrl","Netscape CA Revocation Url",
-	NID_netscape_ca_revocation_url,9,&(lvalues[435]),0},
-{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
-	&(lvalues[444]),0},
-{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
-	9,&(lvalues[453]),0},
-{"nsSslServerName","Netscape SSL Server Name",
-	NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
-{"nsCertSequence","Netscape Certificate Sequence",
-	NID_netscape_cert_sequence,9,&(lvalues[480]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
-{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
-	NID_subject_key_identifier,3,&(lvalues[491]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
-{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
-	NID_private_key_usage_period,3,&(lvalues[497]),0},
-{"subjectAltName","X509v3 Subject Alternative Name",
-	NID_subject_alt_name,3,&(lvalues[500]),0},
-{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
-	3,&(lvalues[503]),0},
-{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
-	3,&(lvalues[506]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
-{"certificatePolicies","X509v3 Certificate Policies",
-	NID_certificate_policies,3,&(lvalues[512]),0},
-{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
-	NID_authority_key_identifier,3,&(lvalues[515]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
-{"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
-{"SN","surname",NID_surname,3,&(lvalues[538]),0},
-{"initials","initials",NID_initials,3,&(lvalues[541]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"crlDistributionPoints","X509v3 CRL Distribution Points",
-	NID_crl_distribution_points,3,&(lvalues[544]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0},
-{"title","title",NID_title,3,&(lvalues[555]),0},
-{"description","description",NID_description,3,&(lvalues[558]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
-{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
-	NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
-	&(lvalues[603]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
-{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0},
-{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0},
-{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
-	&(lvalues[629]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0},
-{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
-	&(lvalues[645]),0},
-{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
-	&(lvalues[653]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0},
-{"emailProtection","E-mail Protection",NID_email_protect,8,
-	&(lvalues[669]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0},
-{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
-	&(lvalues[685]),0},
-{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
-	&(lvalues[695]),0},
-{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
-	&(lvalues[705]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0},
-{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
-	&(lvalues[725]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0},
-{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
-	&(lvalues[744]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0},
-{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
-	&(lvalues[750]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0},
-{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
-	NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0},
-{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
-	NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0},
-{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0},
-{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0},
-{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
-	NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0},
-{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
-	NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0},
-{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
-	11,&(lvalues[829]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0},
-{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
-	&(lvalues[873]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0},
-{"x509Certificate","x509Certificate",NID_x509Certificate,10,
-	&(lvalues[902]),0},
-{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
-	&(lvalues[912]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0},
-{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
-	&(lvalues[966]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
-	&(lvalues[974]),0},
-{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
-	&(lvalues[983]),0},
-{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
-	&(lvalues[992]),0},
-{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
-	&(lvalues[1001]),0},
-{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
-	&(lvalues[1010]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0},
-{"name","name",NID_name,3,&(lvalues[1029]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0},
-{"authorityInfoAccess","Authority Information Access",NID_info_access,
-	8,&(lvalues[1049]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0},
-{"ISO","iso",NID_iso,1,&(lvalues[1081]),0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0},
-{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
-	&(lvalues[1192]),0},
-{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
-	&(lvalues[1203]),0},
-{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
-	&(lvalues[1214]),0},
-{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
-	11,&(lvalues[1225]),0},
-{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
-	NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0},
-{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
-	NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0},
-{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
-	NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0},
-{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
-	NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0},
-{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
-	11,&(lvalues[1280]),0},
-{"id-smime-ct-authData","id-smime-ct-authData",
-	NID_id_smime_ct_authData,11,&(lvalues[1291]),0},
-{"id-smime-ct-publishCert","id-smime-ct-publishCert",
-	NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0},
-{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
-	11,&(lvalues[1313]),0},
-{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
-	11,&(lvalues[1324]),0},
-{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
-	NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0},
-{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
-	NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0},
-{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
-	NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0},
-{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
-	NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0},
-{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
-	NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0},
-{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
-	NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0},
-{"id-smime-aa-contentHint","id-smime-aa-contentHint",
-	NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0},
-{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
-	NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0},
-{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
-	NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0},
-{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
-	NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0},
-{"id-smime-aa-macValue","id-smime-aa-macValue",
-	NID_id_smime_aa_macValue,11,&(lvalues[1445]),0},
-{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
-	NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0},
-{"id-smime-aa-contentReference","id-smime-aa-contentReference",
-	NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0},
-{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
-	NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0},
-{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
-	NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0},
-{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
-	NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0},
-{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
-	NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0},
-{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
-	NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0},
-{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
-	NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0},
-{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
-	NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0},
-{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
-	NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0},
-{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
-	NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0},
-{"id-smime-aa-ets-contentTimestamp",
-	"id-smime-aa-ets-contentTimestamp",
-	NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0},
-{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
-	NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0},
-{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
-	NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0},
-{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
-	NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0},
-{"id-smime-aa-ets-revocationValues",
-	"id-smime-aa-ets-revocationValues",
-	NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0},
-{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
-	NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0},
-{"id-smime-aa-ets-certCRLTimestamp",
-	"id-smime-aa-ets-certCRLTimestamp",
-	NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0},
-{"id-smime-aa-ets-archiveTimeStamp",
-	"id-smime-aa-ets-archiveTimeStamp",
-	NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0},
-{"id-smime-aa-signatureType","id-smime-aa-signatureType",
-	NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0},
-{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
-	NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0},
-{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
-	NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0},
-{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
-	NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0},
-{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
-	NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0},
-{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
-	NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0},
-{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
-	&(lvalues[1731]),0},
-{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
-	NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0},
-{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
-	NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0},
-{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
-	&(lvalues[1764]),0},
-{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
-	NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0},
-{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
-	NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0},
-{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
-	NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0},
-{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
-	NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0},
-{"id-smime-cti-ets-proofOfDelivery",
-	"id-smime-cti-ets-proofOfDelivery",
-	NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0},
-{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
-	NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0},
-{"id-smime-cti-ets-proofOfApproval",
-	"id-smime-cti-ets-proofOfApproval",
-	NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0},
-{"id-smime-cti-ets-proofOfCreation",
-	"id-smime-cti-ets-proofOfCreation",
-	NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1863]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0},
-{"id-pkix1-explicit-88","id-pkix1-explicit-88",
-	NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0},
-{"id-pkix1-implicit-88","id-pkix1-implicit-88",
-	NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0},
-{"id-pkix1-explicit-93","id-pkix1-explicit-93",
-	NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0},
-{"id-pkix1-implicit-93","id-pkix1-implicit-93",
-	NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0},
-{"id-mod-kea-profile-88","id-mod-kea-profile-88",
-	NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0},
-{"id-mod-kea-profile-93","id-mod-kea-profile-93",
-	NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0},
-{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
-	NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0},
-{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
-	NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0},
-{"id-mod-attribute-cert","id-mod-attribute-cert",
-	NID_id_mod_attribute_cert,8,&(lvalues[2036]),0},
-{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
-	NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0},
-{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
-	&(lvalues[2068]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0},
-{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
-	&(lvalues[2092]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
-{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8,
-	&(lvalues[2116]),0},
-{"sbqp-autonomousSysNum","sbqp-autonomousSysNum",
-	NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0},
-{"sbqp-routerIdentifier","sbqp-routerIdentifier",
-	NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
-	&(lvalues[2148]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0},
-{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
-	8,&(lvalues[2180]),0},
-{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
-	NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0},
-{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
-	NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0},
-{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
-	NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0},
-{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
-	NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0},
-{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
-	&(lvalues[2220]),0},
-{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
-	NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0},
-{"id-it-subscriptionRequest","id-it-subscriptionRequest",
-	NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0},
-{"id-it-subscriptionResponse","id-it-subscriptionResponse",
-	NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0},
-{"id-it-keyPairParamReq","id-it-keyPairParamReq",
-	NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0},
-{"id-it-keyPairParamRep","id-it-keyPairParamRep",
-	NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0},
-{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
-	8,&(lvalues[2268]),0},
-{"id-it-implicitConfirm","id-it-implicitConfirm",
-	NID_id_it_implicitConfirm,8,&(lvalues[2276]),0},
-{"id-it-confirmWaitTime","id-it-confirmWaitTime",
-	NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0},
-{"id-it-origPKIMessage","id-it-origPKIMessage",
-	NID_id_it_origPKIMessage,8,&(lvalues[2292]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0},
-{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
-	9,&(lvalues[2316]),0},
-{"id-regCtrl-authenticator","id-regCtrl-authenticator",
-	NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0},
-{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
-	NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0},
-{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
-	NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0},
-{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
-	NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0},
-{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
-	NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0},
-{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
-	NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0},
-{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
-	&(lvalues[2379]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0},
-{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
-	&(lvalues[2396]),0},
-{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
-	NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0},
-{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
-	&(lvalues[2420]),0},
-{"id-cmc-identification","id-cmc-identification",
-	NID_id_cmc_identification,8,&(lvalues[2428]),0},
-{"id-cmc-identityProof","id-cmc-identityProof",
-	NID_id_cmc_identityProof,8,&(lvalues[2436]),0},
-{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
-	&(lvalues[2444]),0},
-{"id-cmc-transactionId","id-cmc-transactionId",
-	NID_id_cmc_transactionId,8,&(lvalues[2452]),0},
-{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
-	&(lvalues[2460]),0},
-{"id-cmc-recipientNonce","id-cmc-recipientNonce",
-	NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0},
-{"id-cmc-addExtensions","id-cmc-addExtensions",
-	NID_id_cmc_addExtensions,8,&(lvalues[2476]),0},
-{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
-	8,&(lvalues[2484]),0},
-{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
-	8,&(lvalues[2492]),0},
-{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
-	NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0},
-{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
-	&(lvalues[2508]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0},
-{"id-cmc-revokeRequest","id-cmc-revokeRequest",
-	NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0},
-{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
-	&(lvalues[2532]),0},
-{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
-	8,&(lvalues[2540]),0},
-{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
-	8,&(lvalues[2548]),0},
-{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
-	NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0},
-{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
-	NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0},
-{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
-	NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0},
-{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
-	&(lvalues[2580]),0},
-{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
-	&(lvalues[2588]),0},
-{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
-	8,&(lvalues[2596]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0},
-{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
-	NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0},
-{"id-pda-countryOfResidence","id-pda-countryOfResidence",
-	NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0},
-{"id-aca-authenticationInfo","id-aca-authenticationInfo",
-	NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0},
-{"id-aca-accessIdentity","id-aca-accessIdentity",
-	NID_id_aca_accessIdentity,8,&(lvalues[2636]),0},
-{"id-aca-chargingIdentity","id-aca-chargingIdentity",
-	NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0},
-{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
-	NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0},
-{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
-	&(lvalues[2684]),0},
-{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
-	&(lvalues[2692]),0},
-{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
-	&(lvalues[2700]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0},
-{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
-	&(lvalues[2716]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0},
-{"acceptableResponses","Acceptable OCSP Responses",
-	NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0},
-{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
-	9,&(lvalues[2761]),0},
-{"serviceLocator","OCSP Service Locator",
-	NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0},
-{"extendedStatus","Extended OCSP Status",
-	NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0},
-{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
-	&(lvalues[2806]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0},
-{"X500algorithms","directory services - algorithms",
-	NID_X500algorithms,2,&(lvalues[2824]),0},
-{"ORG","org",NID_org,1,&(lvalues[2826]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2827]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2829]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0},
-{"private","Private",NID_Private,4,&(lvalues[2844]),0},
-{"security","Security",NID_Security,4,&(lvalues[2848]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0},
-{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1,
-	&(lvalues[2894]),0},
-{"selected-attribute-types","Selected Attribute Types",
-	NID_selected_attribute_types,3,&(lvalues[2895]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0},
-{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
-	&(lvalues[2902]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0},
-{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
-	&(lvalues[2919]),0},
-{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
-	&(lvalues[2927]),0},
-{"role","role",NID_role,3,&(lvalues[2935]),0},
-{"policyConstraints","X509v3 Policy Constraints",
-	NID_policy_constraints,3,&(lvalues[2938]),0},
-{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
-	&(lvalues[2941]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
-	&(lvalues[2944]),0},
-{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0},
-{"characteristic-two-field","characteristic-two-field",
-	NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0},
-{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
-	&(lvalues[2967]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0},
-{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
-	&(lvalues[3030]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0},
-{"holdInstructionCode","Hold Instruction Code",
-	NID_hold_instruction_code,3,&(lvalues[3154]),0},
-{"holdInstructionNone","Hold Instruction None",
-	NID_hold_instruction_none,7,&(lvalues[3157]),0},
-{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
-	NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0},
-{"holdInstructionReject","Hold Instruction Reject",
-	NID_hold_instruction_reject,7,&(lvalues[3171]),0},
-{"data","data",NID_data,1,&(lvalues[3178]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3179]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0},
-{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
-	&(lvalues[3197]),0},
-{"pilotAttributeSyntax","pilotAttributeSyntax",
-	NID_pilotAttributeSyntax,9,&(lvalues[3206]),0},
-{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
-	&(lvalues[3215]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0},
-{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
-	&(lvalues[3233]),0},
-{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
-	NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0},
-{"account","account",NID_account,10,&(lvalues[3273]),0},
-{"document","document",NID_document,10,&(lvalues[3283]),0},
-{"room","room",NID_room,10,&(lvalues[3293]),0},
-{"documentSeries","documentSeries",NID_documentSeries,10,
-	&(lvalues[3303]),0},
-{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
-	&(lvalues[3313]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0},
-{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
-	10,&(lvalues[3333]),0},
-{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
-	&(lvalues[3343]),0},
-{"simpleSecurityObject","simpleSecurityObject",
-	NID_simpleSecurityObject,10,&(lvalues[3353]),0},
-{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
-	&(lvalues[3363]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0},
-{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
-	10,&(lvalues[3383]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3393]),0},
-{"textEncodedORAddress","textEncodedORAddress",
-	NID_textEncodedORAddress,10,&(lvalues[3403]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0},
-{"info","info",NID_info,10,&(lvalues[3423]),0},
-{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
-	&(lvalues[3433]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3453]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0},
-{"host","host",NID_host,10,&(lvalues[3473]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3483]),0},
-{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
-	&(lvalues[3493]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0},
-{"documentVersion","documentVersion",NID_documentVersion,10,
-	&(lvalues[3513]),0},
-{"documentAuthor","documentAuthor",NID_documentAuthor,10,
-	&(lvalues[3523]),0},
-{"documentLocation","documentLocation",NID_documentLocation,10,
-	&(lvalues[3533]),0},
-{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
-	10,&(lvalues[3543]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0},
-{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
-	&(lvalues[3573]),0},
-{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
-	&(lvalues[3583]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0},
-{"pilotAttributeType27","pilotAttributeType27",
-	NID_pilotAttributeType27,10,&(lvalues[3603]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0},
-{"associatedDomain","associatedDomain",NID_associatedDomain,10,
-	&(lvalues[3653]),0},
-{"associatedName","associatedName",NID_associatedName,10,
-	&(lvalues[3663]),0},
-{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
-	&(lvalues[3673]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0},
-{"mobileTelephoneNumber","mobileTelephoneNumber",
-	NID_mobileTelephoneNumber,10,&(lvalues[3693]),0},
-{"pagerTelephoneNumber","pagerTelephoneNumber",
-	NID_pagerTelephoneNumber,10,&(lvalues[3703]),0},
-{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
-	10,&(lvalues[3713]),0},
-{"organizationalStatus","organizationalStatus",
-	NID_organizationalStatus,10,&(lvalues[3723]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0},
-{"mailPreferenceOption","mailPreferenceOption",
-	NID_mailPreferenceOption,10,&(lvalues[3743]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0},
-{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
-	&(lvalues[3773]),0},
-{"subtreeMinimumQuality","subtreeMinimumQuality",
-	NID_subtreeMinimumQuality,10,&(lvalues[3783]),0},
-{"subtreeMaximumQuality","subtreeMaximumQuality",
-	NID_subtreeMaximumQuality,10,&(lvalues[3793]),0},
-{"personalSignature","personalSignature",NID_personalSignature,10,
-	&(lvalues[3803]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3823]),0},
-{"documentPublisher","documentPublisher",NID_documentPublisher,10,
-	&(lvalues[3833]),0},
-{"x500UniqueIdentifier","x500UniqueIdentifier",
-	NID_x500UniqueIdentifier,3,&(lvalues[3843]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0},
-{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
-	&(lvalues[3851]),0},
-{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
-	&(lvalues[3857]),0},
-{"id-hex-partial-message","id-hex-partial-message",
-	NID_id_hex_partial_message,7,&(lvalues[3863]),0},
-{"id-hex-multipart-message","id-hex-multipart-message",
-	NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
-{"generationQualifier","generationQualifier",NID_generationQualifier,
-	3,&(lvalues[3877]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"id-set","Secure Electronic Transactions",NID_id_set,2,
-	&(lvalues[3883]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
-{"set-certExt","certificate extensions",NID_set_certExt,3,
-	&(lvalues[3897]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
-{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
-	&(lvalues[3907]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
-{"setct-PIDataUnsigned","setct-PIDataUnsigned",
-	NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
-{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
-	&(lvalues[3931]),0},
-{"setct-AuthResBaggage","setct-AuthResBaggage",
-	NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
-{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
-	NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
-{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
-	NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
-{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
-	&(lvalues[3947]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
-	&(lvalues[3951]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
-{"setct-PResData","setct-PResData",NID_setct_PResData,4,
-	&(lvalues[3959]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
-	&(lvalues[3963]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
-	&(lvalues[3967]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
-	&(lvalues[3971]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
-	&(lvalues[3975]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
-	&(lvalues[3979]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
-	&(lvalues[3983]),0},
-{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
-	NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
-{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
-	4,&(lvalues[3991]),0},
-{"setct-AuthRevResData","setct-AuthRevResData",
-	NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
-{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
-	4,&(lvalues[3999]),0},
-{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
-	&(lvalues[4003]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
-	&(lvalues[4007]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
-	&(lvalues[4011]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
-	&(lvalues[4015]),0},
-{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
-	4,&(lvalues[4019]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
-	4,&(lvalues[4023]),0},
-{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
-	&(lvalues[4027]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
-	&(lvalues[4031]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
-	&(lvalues[4035]),0},
-{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
-	4,&(lvalues[4039]),0},
-{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
-	NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
-{"setct-CredRevResData","setct-CredRevResData",
-	NID_setct_CredRevResData,4,&(lvalues[4047]),0},
-{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
-	&(lvalues[4051]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
-	&(lvalues[4055]),0},
-{"setct-BatchAdminReqData","setct-BatchAdminReqData",
-	NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
-{"setct-BatchAdminResData","setct-BatchAdminResData",
-	NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
-{"setct-CardCInitResTBS","setct-CardCInitResTBS",
-	NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
-{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
-	NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
-{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
-	4,&(lvalues[4075]),0},
-{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
-	&(lvalues[4079]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
-	&(lvalues[4083]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
-	&(lvalues[4087]),0},
-{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
-	4,&(lvalues[4091]),0},
-{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
-	&(lvalues[4095]),0},
-{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
-	NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
-{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
-	4,&(lvalues[4103]),0},
-{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
-	&(lvalues[4107]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
-	&(lvalues[4111]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
-	&(lvalues[4115]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
-	&(lvalues[4119]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
-	&(lvalues[4123]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
-	&(lvalues[4127]),0},
-{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
-	NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
-{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
-	4,&(lvalues[4135]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
-	4,&(lvalues[4139]),0},
-{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
-	NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
-{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
-	&(lvalues[4147]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
-	&(lvalues[4151]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
-	&(lvalues[4155]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
-	&(lvalues[4159]),0},
-{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
-	4,&(lvalues[4163]),0},
-{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
-	&(lvalues[4167]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
-	&(lvalues[4171]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
-	&(lvalues[4175]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
-	&(lvalues[4179]),0},
-{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
-	4,&(lvalues[4183]),0},
-{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
-	NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
-{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
-	4,&(lvalues[4191]),0},
-{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
-	NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
-{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
-	NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
-{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
-	4,&(lvalues[4203]),0},
-{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
-	&(lvalues[4207]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
-	&(lvalues[4211]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
-	&(lvalues[4215]),0},
-{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
-	NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
-{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
-	NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
-{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
-	NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
-{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
-	&(lvalues[4231]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
-	&(lvalues[4235]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
-	&(lvalues[4239]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
-{"setext-cv","additional verification",NID_setext_cv,4,
-	&(lvalues[4251]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
-	&(lvalues[4255]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
-	&(lvalues[4259]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
-	&(lvalues[4263]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
-	&(lvalues[4267]),0},
-{"setCext-cCertRequired","setCext-cCertRequired",
-	NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
-{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
-	&(lvalues[4275]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
-	&(lvalues[4279]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
-	&(lvalues[4283]),0},
-{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
-	NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
-{"setCext-TokenIdentifier","setCext-TokenIdentifier",
-	NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
-{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
-	&(lvalues[4295]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
-	&(lvalues[4299]),0},
-{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
-	NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
-{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
-	4,&(lvalues[4311]),0},
-{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
-	&(lvalues[4315]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
-	&(lvalues[4319]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
-	&(lvalues[4323]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
-{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
-	&(lvalues[4333]),0},
-{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
-	NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
-{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
-	&(lvalues[4343]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
-	&(lvalues[4348]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
-	&(lvalues[4353]),0},
-{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
-	6,&(lvalues[4358]),0},
-{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
-	&(lvalues[4364]),0},
-{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
-	&(lvalues[4370]),0},
-{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
-	&(lvalues[4376]),0},
-{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
-	6,&(lvalues[4382]),0},
-{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
-	&(lvalues[4388]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
-	&(lvalues[4392]),0},
-{"set-brand-AmericanExpress","set-brand-AmericanExpress",
-	NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
-{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
-	&(lvalues[4404]),0},
-{"set-brand-MasterCard","set-brand-MasterCard",
-	NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
-{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
-	&(lvalues[4412]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
-{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
-	NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{NULL,NULL,NID_undef,0,NULL},
-{NULL,NULL,NID_undef,0,NULL},
-{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
-	10,&(lvalues[4434]),0},
-{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
-	&(lvalues[4444]),0},
-};
-
-static ASN1_OBJECT *sn_objs[NUM_SN]={
-&(nid_objs[364]),/* "AD_DVCS" */
-&(nid_objs[419]),/* "AES-128-CBC" */
-&(nid_objs[421]),/* "AES-128-CFB" */
-&(nid_objs[418]),/* "AES-128-ECB" */
-&(nid_objs[420]),/* "AES-128-OFB" */
-&(nid_objs[423]),/* "AES-192-CBC" */
-&(nid_objs[425]),/* "AES-192-CFB" */
-&(nid_objs[422]),/* "AES-192-ECB" */
-&(nid_objs[424]),/* "AES-192-OFB" */
-&(nid_objs[427]),/* "AES-256-CBC" */
-&(nid_objs[429]),/* "AES-256-CFB" */
-&(nid_objs[426]),/* "AES-256-ECB" */
-&(nid_objs[428]),/* "AES-256-OFB" */
-&(nid_objs[91]),/* "BF-CBC" */
-&(nid_objs[93]),/* "BF-CFB" */
-&(nid_objs[92]),/* "BF-ECB" */
-&(nid_objs[94]),/* "BF-OFB" */
-&(nid_objs[14]),/* "C" */
-&(nid_objs[108]),/* "CAST5-CBC" */
-&(nid_objs[110]),/* "CAST5-CFB" */
-&(nid_objs[109]),/* "CAST5-ECB" */
-&(nid_objs[111]),/* "CAST5-OFB" */
-&(nid_objs[404]),/* "CCITT" */
-&(nid_objs[13]),/* "CN" */
-&(nid_objs[141]),/* "CRLReason" */
-&(nid_objs[417]),/* "CSPName" */
-&(nid_objs[367]),/* "CrlID" */
-&(nid_objs[391]),/* "DC" */
-&(nid_objs[31]),/* "DES-CBC" */
-&(nid_objs[643]),/* "DES-CDMF" */
-&(nid_objs[30]),/* "DES-CFB" */
-&(nid_objs[29]),/* "DES-ECB" */
-&(nid_objs[32]),/* "DES-EDE" */
-&(nid_objs[43]),/* "DES-EDE-CBC" */
-&(nid_objs[60]),/* "DES-EDE-CFB" */
-&(nid_objs[62]),/* "DES-EDE-OFB" */
-&(nid_objs[33]),/* "DES-EDE3" */
-&(nid_objs[44]),/* "DES-EDE3-CBC" */
-&(nid_objs[61]),/* "DES-EDE3-CFB" */
-&(nid_objs[63]),/* "DES-EDE3-OFB" */
-&(nid_objs[45]),/* "DES-OFB" */
-&(nid_objs[80]),/* "DESX-CBC" */
-&(nid_objs[380]),/* "DOD" */
-&(nid_objs[116]),/* "DSA" */
-&(nid_objs[66]),/* "DSA-SHA" */
-&(nid_objs[113]),/* "DSA-SHA1" */
-&(nid_objs[70]),/* "DSA-SHA1-old" */
-&(nid_objs[67]),/* "DSA-old" */
-&(nid_objs[297]),/* "DVCS" */
-&(nid_objs[99]),/* "GN" */
-&(nid_objs[381]),/* "IANA" */
-&(nid_objs[34]),/* "IDEA-CBC" */
-&(nid_objs[35]),/* "IDEA-CFB" */
-&(nid_objs[36]),/* "IDEA-ECB" */
-&(nid_objs[46]),/* "IDEA-OFB" */
-&(nid_objs[181]),/* "ISO" */
-&(nid_objs[183]),/* "ISO-US" */
-&(nid_objs[393]),/* "JOINT-ISO-CCITT" */
-&(nid_objs[15]),/* "L" */
-&(nid_objs[ 3]),/* "MD2" */
-&(nid_objs[257]),/* "MD4" */
-&(nid_objs[ 4]),/* "MD5" */
-&(nid_objs[114]),/* "MD5-SHA1" */
-&(nid_objs[95]),/* "MDC2" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[57]),/* "Netscape" */
-&(nid_objs[366]),/* "Nonce" */
-&(nid_objs[17]),/* "O" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[180]),/* "OCSPSigning" */
-&(nid_objs[379]),/* "ORG" */
-&(nid_objs[18]),/* "OU" */
-&(nid_objs[ 9]),/* "PBE-MD2-DES" */
-&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
-&(nid_objs[10]),/* "PBE-MD5-DES" */
-&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
-&(nid_objs[147]),/* "PBE-SHA1-2DES" */
-&(nid_objs[146]),/* "PBE-SHA1-3DES" */
-&(nid_objs[170]),/* "PBE-SHA1-DES" */
-&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
-&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
-&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
-&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
-&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[98]),/* "RC2-40-CBC" */
-&(nid_objs[166]),/* "RC2-64-CBC" */
-&(nid_objs[37]),/* "RC2-CBC" */
-&(nid_objs[39]),/* "RC2-CFB" */
-&(nid_objs[38]),/* "RC2-ECB" */
-&(nid_objs[40]),/* "RC2-OFB" */
-&(nid_objs[ 5]),/* "RC4" */
-&(nid_objs[97]),/* "RC4-40" */
-&(nid_objs[120]),/* "RC5-CBC" */
-&(nid_objs[122]),/* "RC5-CFB" */
-&(nid_objs[121]),/* "RC5-ECB" */
-&(nid_objs[123]),/* "RC5-OFB" */
-&(nid_objs[117]),/* "RIPEMD160" */
-&(nid_objs[124]),/* "RLE" */
-&(nid_objs[19]),/* "RSA" */
-&(nid_objs[ 7]),/* "RSA-MD2" */
-&(nid_objs[396]),/* "RSA-MD4" */
-&(nid_objs[ 8]),/* "RSA-MD5" */
-&(nid_objs[96]),/* "RSA-MDC2" */
-&(nid_objs[104]),/* "RSA-NP-MD5" */
-&(nid_objs[119]),/* "RSA-RIPEMD160" */
-&(nid_objs[42]),/* "RSA-SHA" */
-&(nid_objs[65]),/* "RSA-SHA1" */
-&(nid_objs[115]),/* "RSA-SHA1-2" */
-&(nid_objs[41]),/* "SHA" */
-&(nid_objs[64]),/* "SHA1" */
-&(nid_objs[188]),/* "SMIME" */
-&(nid_objs[167]),/* "SMIME-CAPS" */
-&(nid_objs[100]),/* "SN" */
-&(nid_objs[16]),/* "ST" */
-&(nid_objs[143]),/* "SXNetID" */
-&(nid_objs[458]),/* "UID" */
-&(nid_objs[ 0]),/* "UNDEF" */
-&(nid_objs[11]),/* "X500" */
-&(nid_objs[378]),/* "X500algorithms" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[184]),/* "X9-57" */
-&(nid_objs[185]),/* "X9cm" */
-&(nid_objs[125]),/* "ZLIB" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[368]),/* "acceptableResponses" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[363]),/* "ad_timestamping" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[405]),/* "ansi-X9-62" */
-&(nid_objs[370]),/* "archiveCutoff" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[177]),/* "authorityInfoAccess" */
-&(nid_objs[90]),/* "authorityKeyIdentifier" */
-&(nid_objs[87]),/* "basicConstraints" */
-&(nid_objs[365]),/* "basicOCSPResponse" */
-&(nid_objs[285]),/* "biometricInfo" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[179]),/* "caIssuers" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[89]),/* "certificatePolicies" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[130]),/* "clientAuth" */
-&(nid_objs[131]),/* "codeSigning" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[103]),/* "crlDistributionPoints" */
-&(nid_objs[88]),/* "crlNumber" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcobject" */
-&(nid_objs[140]),/* "deltaCRL" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[382]),/* "directory" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[392]),/* "domain" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[132]),/* "emailProtection" */
-&(nid_objs[389]),/* "enterprises" */
-&(nid_objs[384]),/* "experimental" */
-&(nid_objs[172]),/* "extReq" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[126]),/* "extendedKeyUsage" */
-&(nid_objs[372]),/* "extendedStatus" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[432]),/* "holdInstructionCallIssuer" */
-&(nid_objs[430]),/* "holdInstructionCode" */
-&(nid_objs[431]),/* "holdInstructionNone" */
-&(nid_objs[433]),/* "holdInstructionReject" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[164]),/* "id-qt-cps" */
-&(nid_objs[165]),/* "id-qt-unotice" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[512]),/* "id-set" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[142]),/* "invalidityDate" */
-&(nid_objs[294]),/* "ipsecEndSystem" */
-&(nid_objs[295]),/* "ipsecTunnel" */
-&(nid_objs[296]),/* "ipsecUser" */
-&(nid_objs[86]),/* "issuerAltName" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[83]),/* "keyUsage" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[460]),/* "mail" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[182]),/* "member-body" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[383]),/* "mgmt" */
-&(nid_objs[504]),/* "mime-mhs" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[136]),/* "msCTLSign" */
-&(nid_objs[135]),/* "msCodeCom" */
-&(nid_objs[134]),/* "msCodeInd" */
-&(nid_objs[138]),/* "msEFS" */
-&(nid_objs[171]),/* "msExtReq" */
-&(nid_objs[137]),/* "msSGC" */
-&(nid_objs[648]),/* "msSmartcardLogin" */
-&(nid_objs[649]),/* "msUPN" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[369]),/* "noCheck" */
-&(nid_objs[403]),/* "noRevAvail" */
-&(nid_objs[72]),/* "nsBaseUrl" */
-&(nid_objs[76]),/* "nsCaPolicyUrl" */
-&(nid_objs[74]),/* "nsCaRevocationUrl" */
-&(nid_objs[58]),/* "nsCertExt" */
-&(nid_objs[79]),/* "nsCertSequence" */
-&(nid_objs[71]),/* "nsCertType" */
-&(nid_objs[78]),/* "nsComment" */
-&(nid_objs[59]),/* "nsDataType" */
-&(nid_objs[75]),/* "nsRenewalUrl" */
-&(nid_objs[73]),/* "nsRevocationUrl" */
-&(nid_objs[139]),/* "nsSGC" */
-&(nid_objs[77]),/* "nsSslServerName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[ 2]),/* "pkcs" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[401]),/* "policyConstraints" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[385]),/* "private" */
-&(nid_objs[84]),/* "privateKeyUsagePeriod" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[ 1]),/* "rsadsi" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbqp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[386]),/* "security" */
-&(nid_objs[394]),/* "selected-attribute-types" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[129]),/* "serverAuth" */
-&(nid_objs[371]),/* "serviceLocator" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[517]),/* "set-certExt" */
-&(nid_objs[513]),/* "set-ctype" */
-&(nid_objs[514]),/* "set-msgExt" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
-&(nid_objs[623]),/* "setAttr-IssCap" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[621]),/* "setAttr-PGWYcap" */
-&(nid_objs[635]),/* "setAttr-SecDevSig" */
-&(nid_objs[632]),/* "setAttr-T2Enc" */
-&(nid_objs[633]),/* "setAttr-T2cleartxt" */
-&(nid_objs[634]),/* "setAttr-TokICCsig" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[606]),/* "setext-cv" */
-&(nid_objs[601]),/* "setext-genCrypt" */
-&(nid_objs[602]),/* "setext-miAuth" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[387]),/* "snmpv2" */
-&(nid_objs[85]),/* "subjectAltName" */
-&(nid_objs[398]),/* "subjectInfoAccess" */
-&(nid_objs[82]),/* "subjectKeyIdentifier" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[402]),/* "targetInformation" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[133]),/* "timeStamping" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[375]),/* "trustRoot" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-};
-
-static ASN1_OBJECT *ln_objs[NUM_LN]={
-&(nid_objs[363]),/* "AD Time Stamping" */
-&(nid_objs[405]),/* "ANSI X9.62" */
-&(nid_objs[368]),/* "Acceptable OCSP Responses" */
-&(nid_objs[177]),/* "Authority Information Access" */
-&(nid_objs[365]),/* "Basic OCSP Response" */
-&(nid_objs[285]),/* "Biometric Info" */
-&(nid_objs[179]),/* "CA Issuers" */
-&(nid_objs[131]),/* "Code Signing" */
-&(nid_objs[382]),/* "Directory" */
-&(nid_objs[392]),/* "Domain" */
-&(nid_objs[132]),/* "E-mail Protection" */
-&(nid_objs[389]),/* "Enterprises" */
-&(nid_objs[384]),/* "Experimental" */
-&(nid_objs[372]),/* "Extended OCSP Status" */
-&(nid_objs[172]),/* "Extension Request" */
-&(nid_objs[432]),/* "Hold Instruction Call Issuer" */
-&(nid_objs[430]),/* "Hold Instruction Code" */
-&(nid_objs[431]),/* "Hold Instruction None" */
-&(nid_objs[433]),/* "Hold Instruction Reject" */
-&(nid_objs[634]),/* "ICC or token signature" */
-&(nid_objs[294]),/* "IPSec End System" */
-&(nid_objs[295]),/* "IPSec Tunnel" */
-&(nid_objs[296]),/* "IPSec User" */
-&(nid_objs[182]),/* "ISO Member Body" */
-&(nid_objs[183]),/* "ISO US Member Body" */
-&(nid_objs[142]),/* "Invalidity Date" */
-&(nid_objs[504]),/* "MIME MHS" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[383]),/* "Management" */
-&(nid_objs[417]),/* "Microsoft CSP Name" */
-&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
-&(nid_objs[138]),/* "Microsoft Encrypted File System" */
-&(nid_objs[171]),/* "Microsoft Extension Request" */
-&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
-&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
-&(nid_objs[648]),/* "Microsoft Smartcardlogin" */
-&(nid_objs[136]),/* "Microsoft Trust List Signing" */
-&(nid_objs[649]),/* "Microsoft Universal Principal Name" */
-&(nid_objs[72]),/* "Netscape Base Url" */
-&(nid_objs[76]),/* "Netscape CA Policy Url" */
-&(nid_objs[74]),/* "Netscape CA Revocation Url" */
-&(nid_objs[71]),/* "Netscape Cert Type" */
-&(nid_objs[58]),/* "Netscape Certificate Extension" */
-&(nid_objs[79]),/* "Netscape Certificate Sequence" */
-&(nid_objs[78]),/* "Netscape Comment" */
-&(nid_objs[57]),/* "Netscape Communications Corp." */
-&(nid_objs[59]),/* "Netscape Data Type" */
-&(nid_objs[75]),/* "Netscape Renewal Url" */
-&(nid_objs[73]),/* "Netscape Revocation Url" */
-&(nid_objs[77]),/* "Netscape SSL Server Name" */
-&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[370]),/* "OCSP Archive Cutoff" */
-&(nid_objs[367]),/* "OCSP CRL ID" */
-&(nid_objs[369]),/* "OCSP No Check" */
-&(nid_objs[366]),/* "OCSP Nonce" */
-&(nid_objs[371]),/* "OCSP Service Locator" */
-&(nid_objs[180]),/* "OCSP Signing" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[164]),/* "Policy Qualifier CPS" */
-&(nid_objs[165]),/* "Policy Qualifier User Notice" */
-&(nid_objs[385]),/* "Private" */
-&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
-&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
-&(nid_objs[188]),/* "S/MIME" */
-&(nid_objs[167]),/* "S/MIME Capabilities" */
-&(nid_objs[387]),/* "SNMPv2" */
-&(nid_objs[512]),/* "Secure Electronic Transactions" */
-&(nid_objs[386]),/* "Security" */
-&(nid_objs[394]),/* "Selected Attribute Types" */
-&(nid_objs[143]),/* "Strong Extranet ID" */
-&(nid_objs[398]),/* "Subject Information Access" */
-&(nid_objs[130]),/* "TLS Web Client Authentication" */
-&(nid_objs[129]),/* "TLS Web Server Authentication" */
-&(nid_objs[133]),/* "Time Stamping" */
-&(nid_objs[375]),/* "Trust Root" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[402]),/* "X509v3 AC Targeting" */
-&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
-&(nid_objs[87]),/* "X509v3 Basic Constraints" */
-&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
-&(nid_objs[88]),/* "X509v3 CRL Number" */
-&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
-&(nid_objs[89]),/* "X509v3 Certificate Policies" */
-&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
-&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
-&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
-&(nid_objs[83]),/* "X509v3 Key Usage" */
-&(nid_objs[403]),/* "X509v3 No Revocation Available" */
-&(nid_objs[401]),/* "X509v3 Policy Constraints" */
-&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
-&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
-&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
-&(nid_objs[184]),/* "X9.57" */
-&(nid_objs[185]),/* "X9.57 CM ?" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[364]),/* "ad dvcs" */
-&(nid_objs[606]),/* "additional verification" */
-&(nid_objs[419]),/* "aes-128-cbc" */
-&(nid_objs[421]),/* "aes-128-cfb" */
-&(nid_objs[418]),/* "aes-128-ecb" */
-&(nid_objs[420]),/* "aes-128-ofb" */
-&(nid_objs[423]),/* "aes-192-cbc" */
-&(nid_objs[425]),/* "aes-192-cfb" */
-&(nid_objs[422]),/* "aes-192-ecb" */
-&(nid_objs[424]),/* "aes-192-ofb" */
-&(nid_objs[427]),/* "aes-256-cbc" */
-&(nid_objs[429]),/* "aes-256-cfb" */
-&(nid_objs[426]),/* "aes-256-ecb" */
-&(nid_objs[428]),/* "aes-256-ofb" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[91]),/* "bf-cbc" */
-&(nid_objs[93]),/* "bf-cfb" */
-&(nid_objs[92]),/* "bf-ecb" */
-&(nid_objs[94]),/* "bf-ofb" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[108]),/* "cast5-cbc" */
-&(nid_objs[110]),/* "cast5-cfb" */
-&(nid_objs[109]),/* "cast5-ecb" */
-&(nid_objs[111]),/* "cast5-ofb" */
-&(nid_objs[404]),/* "ccitt" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[517]),/* "certificate extensions" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[633]),/* "cleartext track 2" */
-&(nid_objs[13]),/* "commonName" */
-&(nid_objs[513]),/* "content types" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[14]),/* "countryName" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcObject" */
-&(nid_objs[31]),/* "des-cbc" */
-&(nid_objs[643]),/* "des-cdmf" */
-&(nid_objs[30]),/* "des-cfb" */
-&(nid_objs[29]),/* "des-ecb" */
-&(nid_objs[32]),/* "des-ede" */
-&(nid_objs[43]),/* "des-ede-cbc" */
-&(nid_objs[60]),/* "des-ede-cfb" */
-&(nid_objs[62]),/* "des-ede-ofb" */
-&(nid_objs[33]),/* "des-ede3" */
-&(nid_objs[44]),/* "des-ede3-cbc" */
-&(nid_objs[61]),/* "des-ede3-cfb" */
-&(nid_objs[63]),/* "des-ede3-ofb" */
-&(nid_objs[45]),/* "des-ofb" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[80]),/* "desx-cbc" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[11]),/* "directory services (X.500)" */
-&(nid_objs[378]),/* "directory services - algorithms" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[380]),/* "dod" */
-&(nid_objs[391]),/* "domainComponent" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[116]),/* "dsaEncryption" */
-&(nid_objs[67]),/* "dsaEncryption-old" */
-&(nid_objs[66]),/* "dsaWithSHA" */
-&(nid_objs[113]),/* "dsaWithSHA1" */
-&(nid_objs[70]),/* "dsaWithSHA1-old" */
-&(nid_objs[297]),/* "dvcs" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[632]),/* "encrypted track 2" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[631]),/* "generate cryptogram" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[601]),/* "generic cryptogram" */
-&(nid_objs[99]),/* "givenName" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[381]),/* "iana" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[34]),/* "idea-cbc" */
-&(nid_objs[35]),/* "idea-cfb" */
-&(nid_objs[36]),/* "idea-ecb" */
-&(nid_objs[46]),/* "idea-ofb" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[181]),/* "iso" */
-&(nid_objs[623]),/* "issuer capabilities" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[393]),/* "joint-iso-ccitt" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[15]),/* "localityName" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[ 3]),/* "md2" */
-&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
-&(nid_objs[257]),/* "md4" */
-&(nid_objs[396]),/* "md4WithRSAEncryption" */
-&(nid_objs[ 4]),/* "md5" */
-&(nid_objs[114]),/* "md5-sha1" */
-&(nid_objs[104]),/* "md5WithRSA" */
-&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
-&(nid_objs[95]),/* "mdc2" */
-&(nid_objs[96]),/* "mdc2WithRSA" */
-&(nid_objs[602]),/* "merchant initiated auth" */
-&(nid_objs[514]),/* "message extensions" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[379]),/* "org" */
-&(nid_objs[17]),/* "organizationName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[18]),/* "organizationalUnitName" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[621]),/* "payment gateway capabilities" */
-&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
-&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
-&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
-&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
-&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
-&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
-&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
-&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
-&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[98]),/* "rc2-40-cbc" */
-&(nid_objs[166]),/* "rc2-64-cbc" */
-&(nid_objs[37]),/* "rc2-cbc" */
-&(nid_objs[39]),/* "rc2-cfb" */
-&(nid_objs[38]),/* "rc2-ecb" */
-&(nid_objs[40]),/* "rc2-ofb" */
-&(nid_objs[ 5]),/* "rc4" */
-&(nid_objs[97]),/* "rc4-40" */
-&(nid_objs[120]),/* "rc5-cbc" */
-&(nid_objs[122]),/* "rc5-cfb" */
-&(nid_objs[121]),/* "rc5-ecb" */
-&(nid_objs[123]),/* "rc5-ofb" */
-&(nid_objs[460]),/* "rfc822Mailbox" */
-&(nid_objs[117]),/* "ripemd160" */
-&(nid_objs[119]),/* "ripemd160WithRSA" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[19]),/* "rsa" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[124]),/* "run length compression" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbqp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[635]),/* "secure device signature" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[41]),/* "sha" */
-&(nid_objs[64]),/* "sha1" */
-&(nid_objs[115]),/* "sha1WithRSA" */
-&(nid_objs[65]),/* "sha1WithRSAEncryption" */
-&(nid_objs[42]),/* "shaWithRSAEncryption" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[16]),/* "stateOrProvinceName" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[100]),/* "surname" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[ 0]),/* "undefined" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[458]),/* "userId" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-&(nid_objs[125]),/* "zlib compression" */
-};
-
-static ASN1_OBJECT *obj_objs[NUM_OBJ]={
-&(nid_objs[ 0]),/* OBJ_undef                        0 */
-&(nid_objs[404]),/* OBJ_ccitt                        0 */
-&(nid_objs[434]),/* OBJ_data                         0 9 */
-&(nid_objs[181]),/* OBJ_iso                          1 */
-&(nid_objs[182]),/* OBJ_member_body                  1 2 */
-&(nid_objs[379]),/* OBJ_org                          1 3 */
-&(nid_objs[393]),/* OBJ_joint_iso_ccitt              2 */
-&(nid_objs[11]),/* OBJ_X500                         2 5 */
-&(nid_objs[380]),/* OBJ_dod                          1 3 6 */
-&(nid_objs[12]),/* OBJ_X509                         2 5 4 */
-&(nid_objs[378]),/* OBJ_X500algorithms               2 5 8 */
-&(nid_objs[81]),/* OBJ_id_ce                        2 5 29 */
-&(nid_objs[512]),/* OBJ_id_set                       2 23 42 */
-&(nid_objs[435]),/* OBJ_pss                          0 9 2342 */
-&(nid_objs[183]),/* OBJ_ISO_US                       1 2 840 */
-&(nid_objs[381]),/* OBJ_iana                         1 3 6 1 */
-&(nid_objs[394]),/* OBJ_selected_attribute_types     2 5 1 5 */
-&(nid_objs[13]),/* OBJ_commonName                   2 5 4 3 */
-&(nid_objs[100]),/* OBJ_surname                      2 5 4 4 */
-&(nid_objs[105]),/* OBJ_serialNumber                 2 5 4 5 */
-&(nid_objs[14]),/* OBJ_countryName                  2 5 4 6 */
-&(nid_objs[15]),/* OBJ_localityName                 2 5 4 7 */
-&(nid_objs[16]),/* OBJ_stateOrProvinceName          2 5 4 8 */
-&(nid_objs[17]),/* OBJ_organizationName             2 5 4 10 */
-&(nid_objs[18]),/* OBJ_organizationalUnitName       2 5 4 11 */
-&(nid_objs[106]),/* OBJ_title                        2 5 4 12 */
-&(nid_objs[107]),/* OBJ_description                  2 5 4 13 */
-&(nid_objs[173]),/* OBJ_name                         2 5 4 41 */
-&(nid_objs[99]),/* OBJ_givenName                    2 5 4 42 */
-&(nid_objs[101]),/* OBJ_initials                     2 5 4 43 */
-&(nid_objs[509]),/* OBJ_generationQualifier          2 5 4 44 */
-&(nid_objs[503]),/* OBJ_x500UniqueIdentifier         2 5 4 45 */
-&(nid_objs[174]),/* OBJ_dnQualifier                  2 5 4 46 */
-&(nid_objs[510]),/* OBJ_pseudonym                    2 5 4 65 */
-&(nid_objs[400]),/* OBJ_role                         2 5 4 72 */
-&(nid_objs[82]),/* OBJ_subject_key_identifier       2 5 29 14 */
-&(nid_objs[83]),/* OBJ_key_usage                    2 5 29 15 */
-&(nid_objs[84]),/* OBJ_private_key_usage_period     2 5 29 16 */
-&(nid_objs[85]),/* OBJ_subject_alt_name             2 5 29 17 */
-&(nid_objs[86]),/* OBJ_issuer_alt_name              2 5 29 18 */
-&(nid_objs[87]),/* OBJ_basic_constraints            2 5 29 19 */
-&(nid_objs[88]),/* OBJ_crl_number                   2 5 29 20 */
-&(nid_objs[141]),/* OBJ_crl_reason                   2 5 29 21 */
-&(nid_objs[430]),/* OBJ_hold_instruction_code        2 5 29 23 */
-&(nid_objs[142]),/* OBJ_invalidity_date              2 5 29 24 */
-&(nid_objs[140]),/* OBJ_delta_crl                    2 5 29 27 */
-&(nid_objs[103]),/* OBJ_crl_distribution_points      2 5 29 31 */
-&(nid_objs[89]),/* OBJ_certificate_policies         2 5 29 32 */
-&(nid_objs[90]),/* OBJ_authority_key_identifier     2 5 29 35 */
-&(nid_objs[401]),/* OBJ_policy_constraints           2 5 29 36 */
-&(nid_objs[126]),/* OBJ_ext_key_usage                2 5 29 37 */
-&(nid_objs[402]),/* OBJ_target_information           2 5 29 55 */
-&(nid_objs[403]),/* OBJ_no_rev_avail                 2 5 29 56 */
-&(nid_objs[513]),/* OBJ_set_ctype                    2 23 42 0 */
-&(nid_objs[514]),/* OBJ_set_msgExt                   2 23 42 1 */
-&(nid_objs[515]),/* OBJ_set_attr                     2 23 42 3 */
-&(nid_objs[516]),/* OBJ_set_policy                   2 23 42 5 */
-&(nid_objs[517]),/* OBJ_set_certExt                  2 23 42 7 */
-&(nid_objs[518]),/* OBJ_set_brand                    2 23 42 8 */
-&(nid_objs[382]),/* OBJ_Directory                    1 3 6 1 1 */
-&(nid_objs[383]),/* OBJ_Management                   1 3 6 1 2 */
-&(nid_objs[384]),/* OBJ_Experimental                 1 3 6 1 3 */
-&(nid_objs[385]),/* OBJ_Private                      1 3 6 1 4 */
-&(nid_objs[386]),/* OBJ_Security                     1 3 6 1 5 */
-&(nid_objs[387]),/* OBJ_SNMPv2                       1 3 6 1 6 */
-&(nid_objs[388]),/* OBJ_Mail                         1 3 6 1 7 */
-&(nid_objs[376]),/* OBJ_algorithm                    1 3 14 3 2 */
-&(nid_objs[395]),/* OBJ_clearance                    2 5 1 5 55 */
-&(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
-&(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
-&(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
-&(nid_objs[519]),/* OBJ_setct_PANData                2 23 42 0 0 */
-&(nid_objs[520]),/* OBJ_setct_PANToken               2 23 42 0 1 */
-&(nid_objs[521]),/* OBJ_setct_PANOnly                2 23 42 0 2 */
-&(nid_objs[522]),/* OBJ_setct_OIData                 2 23 42 0 3 */
-&(nid_objs[523]),/* OBJ_setct_PI                     2 23 42 0 4 */
-&(nid_objs[524]),/* OBJ_setct_PIData                 2 23 42 0 5 */
-&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
-&(nid_objs[526]),/* OBJ_setct_HODInput               2 23 42 0 7 */
-&(nid_objs[527]),/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
-&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
-&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
-&(nid_objs[530]),/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
-&(nid_objs[531]),/* OBJ_setct_PInitResData           2 23 42 0 12 */
-&(nid_objs[532]),/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
-&(nid_objs[533]),/* OBJ_setct_PResData               2 23 42 0 14 */
-&(nid_objs[534]),/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
-&(nid_objs[535]),/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
-&(nid_objs[536]),/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
-&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
-&(nid_objs[538]),/* OBJ_setct_CapTokenData           2 23 42 0 20 */
-&(nid_objs[539]),/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
-&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
-&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
-&(nid_objs[542]),/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
-&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
-&(nid_objs[544]),/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
-&(nid_objs[545]),/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
-&(nid_objs[546]),/* OBJ_setct_CapResData             2 23 42 0 28 */
-&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
-&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
-&(nid_objs[549]),/* OBJ_setct_CapRevResData          2 23 42 0 31 */
-&(nid_objs[550]),/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
-&(nid_objs[551]),/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
-&(nid_objs[552]),/* OBJ_setct_CredResData            2 23 42 0 34 */
-&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
-&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
-&(nid_objs[555]),/* OBJ_setct_CredRevResData         2 23 42 0 37 */
-&(nid_objs[556]),/* OBJ_setct_PCertReqData           2 23 42 0 38 */
-&(nid_objs[557]),/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
-&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
-&(nid_objs[559]),/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
-&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
-&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
-&(nid_objs[562]),/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
-&(nid_objs[563]),/* OBJ_setct_CertReqData            2 23 42 0 45 */
-&(nid_objs[564]),/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
-&(nid_objs[565]),/* OBJ_setct_CertResData            2 23 42 0 47 */
-&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
-&(nid_objs[567]),/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
-&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
-&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
-&(nid_objs[570]),/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
-&(nid_objs[571]),/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
-&(nid_objs[572]),/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
-&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
-&(nid_objs[574]),/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
-&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
-&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
-&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
-&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
-&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
-&(nid_objs[580]),/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
-&(nid_objs[581]),/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
-&(nid_objs[582]),/* OBJ_setct_CapResTBE              2 23 42 0 64 */
-&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
-&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
-&(nid_objs[585]),/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
-&(nid_objs[586]),/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
-&(nid_objs[587]),/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
-&(nid_objs[588]),/* OBJ_setct_CredResTBE             2 23 42 0 70 */
-&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
-&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
-&(nid_objs[591]),/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
-&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
-&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
-&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
-&(nid_objs[595]),/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
-&(nid_objs[596]),/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
-&(nid_objs[597]),/* OBJ_setct_CertResTBE             2 23 42 0 79 */
-&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
-&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
-&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
-&(nid_objs[601]),/* OBJ_setext_genCrypt              2 23 42 1 1 */
-&(nid_objs[602]),/* OBJ_setext_miAuth                2 23 42 1 3 */
-&(nid_objs[603]),/* OBJ_setext_pinSecure             2 23 42 1 4 */
-&(nid_objs[604]),/* OBJ_setext_pinAny                2 23 42 1 5 */
-&(nid_objs[605]),/* OBJ_setext_track2                2 23 42 1 7 */
-&(nid_objs[606]),/* OBJ_setext_cv                    2 23 42 1 8 */
-&(nid_objs[620]),/* OBJ_setAttr_Cert                 2 23 42 3 0 */
-&(nid_objs[621]),/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
-&(nid_objs[622]),/* OBJ_setAttr_TokenType            2 23 42 3 2 */
-&(nid_objs[623]),/* OBJ_setAttr_IssCap               2 23 42 3 3 */
-&(nid_objs[607]),/* OBJ_set_policy_root              2 23 42 5 0 */
-&(nid_objs[608]),/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
-&(nid_objs[609]),/* OBJ_setCext_certType             2 23 42 7 1 */
-&(nid_objs[610]),/* OBJ_setCext_merchData            2 23 42 7 2 */
-&(nid_objs[611]),/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
-&(nid_objs[612]),/* OBJ_setCext_tunneling            2 23 42 7 4 */
-&(nid_objs[613]),/* OBJ_setCext_setExt               2 23 42 7 5 */
-&(nid_objs[614]),/* OBJ_setCext_setQualf             2 23 42 7 6 */
-&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
-&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
-&(nid_objs[617]),/* OBJ_setCext_Track2Data           2 23 42 7 9 */
-&(nid_objs[618]),/* OBJ_setCext_TokenType            2 23 42 7 10 */
-&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
-&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
-&(nid_objs[640]),/* OBJ_set_brand_Visa               2 23 42 8 4 */
-&(nid_objs[641]),/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
-&(nid_objs[637]),/* OBJ_set_brand_Diners             2 23 42 8 30 */
-&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
-&(nid_objs[639]),/* OBJ_set_brand_JCB                2 23 42 8 35 */
-&(nid_objs[184]),/* OBJ_X9_57                        1 2 840 10040 */
-&(nid_objs[405]),/* OBJ_ansi_X9_62                   1 2 840 10045 */
-&(nid_objs[389]),/* OBJ_Enterprises                  1 3 6 1 4 1 */
-&(nid_objs[504]),/* OBJ_mime_mhs                     1 3 6 1 7 1 */
-&(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
-&(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
-&(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
-&(nid_objs[45]),/* OBJ_des_ofb64                    1 3 14 3 2 8 */
-&(nid_objs[30]),/* OBJ_des_cfb64                    1 3 14 3 2 9 */
-&(nid_objs[377]),/* OBJ_rsaSignature                 1 3 14 3 2 11 */
-&(nid_objs[67]),/* OBJ_dsa_2                        1 3 14 3 2 12 */
-&(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
-&(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
-&(nid_objs[32]),/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
-&(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
-&(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
-&(nid_objs[70]),/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
-&(nid_objs[115]),/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
-&(nid_objs[117]),/* OBJ_ripemd160                    1 3 36 3 2 1 */
-&(nid_objs[143]),/* OBJ_sxnet                        1 3 101 1 4 1 */
-&(nid_objs[624]),/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
-&(nid_objs[625]),/* OBJ_set_addPolicy                2 23 42 3 0 1 */
-&(nid_objs[626]),/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
-&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
-&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
-&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
-&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
-&(nid_objs[642]),/* OBJ_set_brand_Novus              2 23 42 8 6011 */
-&(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666 1 */
-&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666 2 */
-&(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
-&(nid_objs[185]),/* OBJ_X9cm                         1 2 840 10040 4 */
-&(nid_objs[127]),/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
-&(nid_objs[505]),/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
-&(nid_objs[506]),/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
-&(nid_objs[119]),/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
-&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
-&(nid_objs[632]),/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
-&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
-&(nid_objs[634]),/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
-&(nid_objs[635]),/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
-&(nid_objs[436]),/* OBJ_ucl                          0 9 2342 19200300 */
-&(nid_objs[ 2]),/* OBJ_pkcs                         1 2 840 113549 1 */
-&(nid_objs[431]),/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
-&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-&(nid_objs[433]),/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
-&(nid_objs[116]),/* OBJ_dsa                          1 2 840 10040 4 1 */
-&(nid_objs[113]),/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
-&(nid_objs[406]),/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
-&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
-&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
-&(nid_objs[258]),/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
-&(nid_objs[175]),/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
-&(nid_objs[259]),/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
-&(nid_objs[128]),/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
-&(nid_objs[260]),/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
-&(nid_objs[261]),/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
-&(nid_objs[262]),/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
-&(nid_objs[263]),/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
-&(nid_objs[264]),/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
-&(nid_objs[265]),/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
-&(nid_objs[266]),/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
-&(nid_objs[267]),/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
-&(nid_objs[268]),/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
-&(nid_objs[176]),/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
-&(nid_objs[507]),/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
-&(nid_objs[508]),/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
-&(nid_objs[57]),/* OBJ_netscape                     2 16 840 1 113730 */
-&(nid_objs[437]),/* OBJ_pilot                        0 9 2342 19200300 100 */
-&(nid_objs[186]),/* OBJ_pkcs1                        1 2 840 113549 1 1 */
-&(nid_objs[27]),/* OBJ_pkcs3                        1 2 840 113549 1 3 */
-&(nid_objs[187]),/* OBJ_pkcs5                        1 2 840 113549 1 5 */
-&(nid_objs[20]),/* OBJ_pkcs7                        1 2 840 113549 1 7 */
-&(nid_objs[47]),/* OBJ_pkcs9                        1 2 840 113549 1 9 */
-&(nid_objs[ 3]),/* OBJ_md2                          1 2 840 113549 2 2 */
-&(nid_objs[257]),/* OBJ_md4                          1 2 840 113549 2 4 */
-&(nid_objs[ 4]),/* OBJ_md5                          1 2 840 113549 2 5 */
-&(nid_objs[163]),/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
-&(nid_objs[37]),/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
-&(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
-&(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
-&(nid_objs[120]),/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
-&(nid_objs[643]),/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
-&(nid_objs[409]),/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
-&(nid_objs[410]),/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
-&(nid_objs[411]),/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
-&(nid_objs[412]),/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
-&(nid_objs[413]),/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
-&(nid_objs[414]),/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
-&(nid_objs[415]),/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
-&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
-&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
-&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
-&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
-&(nid_objs[273]),/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
-&(nid_objs[274]),/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
-&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
-&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
-&(nid_objs[277]),/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
-&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
-&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
-&(nid_objs[280]),/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
-&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
-&(nid_objs[282]),/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
-&(nid_objs[283]),/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
-&(nid_objs[284]),/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
-&(nid_objs[177]),/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
-&(nid_objs[285]),/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
-&(nid_objs[286]),/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
-&(nid_objs[287]),/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
-&(nid_objs[288]),/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
-&(nid_objs[289]),/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
-&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
-&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
-&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
-&(nid_objs[397]),/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
-&(nid_objs[398]),/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
-&(nid_objs[164]),/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
-&(nid_objs[165]),/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
-&(nid_objs[293]),/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
-&(nid_objs[129]),/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
-&(nid_objs[130]),/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
-&(nid_objs[131]),/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
-&(nid_objs[132]),/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
-&(nid_objs[294]),/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
-&(nid_objs[295]),/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
-&(nid_objs[296]),/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
-&(nid_objs[133]),/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
-&(nid_objs[180]),/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
-&(nid_objs[297]),/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
-&(nid_objs[298]),/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
-&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
-&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
-&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
-&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
-&(nid_objs[303]),/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
-&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
-&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
-&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
-&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
-&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
-&(nid_objs[309]),/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
-&(nid_objs[310]),/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
-&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
-&(nid_objs[312]),/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
-&(nid_objs[313]),/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
-&(nid_objs[314]),/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
-&(nid_objs[323]),/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
-&(nid_objs[324]),/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
-&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
-&(nid_objs[326]),/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
-&(nid_objs[327]),/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
-&(nid_objs[328]),/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
-&(nid_objs[329]),/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
-&(nid_objs[330]),/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
-&(nid_objs[331]),/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
-&(nid_objs[332]),/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
-&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
-&(nid_objs[334]),/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
-&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
-&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
-&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
-&(nid_objs[338]),/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
-&(nid_objs[339]),/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
-&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
-&(nid_objs[341]),/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
-&(nid_objs[342]),/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
-&(nid_objs[343]),/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
-&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
-&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
-&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-&(nid_objs[347]),/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
-&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
-&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
-&(nid_objs[351]),/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
-&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
-&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
-&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
-&(nid_objs[355]),/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
-&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
-&(nid_objs[357]),/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
-&(nid_objs[358]),/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
-&(nid_objs[399]),/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
-&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
-&(nid_objs[360]),/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
-&(nid_objs[361]),/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
-&(nid_objs[362]),/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
-&(nid_objs[178]),/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
-&(nid_objs[179]),/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
-&(nid_objs[363]),/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
-&(nid_objs[364]),/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
-&(nid_objs[58]),/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
-&(nid_objs[59]),/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
-&(nid_objs[438]),/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
-&(nid_objs[439]),/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
-&(nid_objs[440]),/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
-&(nid_objs[441]),/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
-&(nid_objs[108]),/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
-&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
-&(nid_objs[ 6]),/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
-&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
-&(nid_objs[396]),/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
-&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
-&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
-&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
-&(nid_objs[28]),/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
-&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
-&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
-&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
-&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
-&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
-&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
-&(nid_objs[69]),/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
-&(nid_objs[161]),/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
-&(nid_objs[162]),/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
-&(nid_objs[21]),/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
-&(nid_objs[22]),/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
-&(nid_objs[23]),/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
-&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
-&(nid_objs[25]),/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
-&(nid_objs[26]),/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
-&(nid_objs[48]),/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
-&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
-&(nid_objs[50]),/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
-&(nid_objs[51]),/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
-&(nid_objs[52]),/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
-&(nid_objs[53]),/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
-&(nid_objs[54]),/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
-&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
-&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
-&(nid_objs[172]),/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
-&(nid_objs[167]),/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
-&(nid_objs[188]),/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
-&(nid_objs[156]),/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
-&(nid_objs[157]),/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
-&(nid_objs[417]),/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
-&(nid_objs[390]),/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
-&(nid_objs[91]),/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
-&(nid_objs[315]),/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
-&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
-&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
-&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
-&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
-&(nid_objs[322]),/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
-&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
-&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
-&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
-&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
-&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
-&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
-&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
-&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
-&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
-&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
-&(nid_objs[418]),/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
-&(nid_objs[419]),/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
-&(nid_objs[420]),/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
-&(nid_objs[421]),/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
-&(nid_objs[422]),/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
-&(nid_objs[423]),/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
-&(nid_objs[424]),/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
-&(nid_objs[425]),/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
-&(nid_objs[426]),/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
-&(nid_objs[427]),/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
-&(nid_objs[428]),/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
-&(nid_objs[429]),/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
-&(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
-&(nid_objs[72]),/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
-&(nid_objs[73]),/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
-&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
-&(nid_objs[75]),/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
-&(nid_objs[76]),/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
-&(nid_objs[77]),/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
-&(nid_objs[78]),/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
-&(nid_objs[79]),/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
-&(nid_objs[139]),/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
-&(nid_objs[458]),/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
-&(nid_objs[459]),/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
-&(nid_objs[460]),/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
-&(nid_objs[461]),/* OBJ_info                         0 9 2342 19200300 100 1 4 */
-&(nid_objs[462]),/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
-&(nid_objs[463]),/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
-&(nid_objs[464]),/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
-&(nid_objs[465]),/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
-&(nid_objs[466]),/* OBJ_host                         0 9 2342 19200300 100 1 9 */
-&(nid_objs[467]),/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
-&(nid_objs[468]),/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
-&(nid_objs[469]),/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
-&(nid_objs[470]),/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
-&(nid_objs[471]),/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
-&(nid_objs[472]),/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
-&(nid_objs[473]),/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
-&(nid_objs[474]),/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
-&(nid_objs[475]),/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
-&(nid_objs[476]),/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
-&(nid_objs[477]),/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
-&(nid_objs[391]),/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
-&(nid_objs[478]),/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
-&(nid_objs[479]),/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
-&(nid_objs[480]),/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
-&(nid_objs[481]),/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
-&(nid_objs[482]),/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
-&(nid_objs[483]),/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
-&(nid_objs[484]),/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
-&(nid_objs[485]),/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
-&(nid_objs[486]),/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
-&(nid_objs[487]),/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
-&(nid_objs[488]),/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
-&(nid_objs[489]),/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
-&(nid_objs[490]),/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
-&(nid_objs[491]),/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
-&(nid_objs[492]),/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
-&(nid_objs[493]),/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
-&(nid_objs[494]),/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
-&(nid_objs[495]),/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
-&(nid_objs[496]),/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
-&(nid_objs[497]),/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
-&(nid_objs[498]),/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
-&(nid_objs[499]),/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
-&(nid_objs[500]),/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
-&(nid_objs[501]),/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
-&(nid_objs[502]),/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
-&(nid_objs[442]),/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
-&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
-&(nid_objs[444]),/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
-&(nid_objs[445]),/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
-&(nid_objs[446]),/* OBJ_account                      0 9 2342 19200300 100 4 5 */
-&(nid_objs[447]),/* OBJ_document                     0 9 2342 19200300 100 4 6 */
-&(nid_objs[448]),/* OBJ_room                         0 9 2342 19200300 100 4 7 */
-&(nid_objs[449]),/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
-&(nid_objs[392]),/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
-&(nid_objs[450]),/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
-&(nid_objs[451]),/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
-&(nid_objs[452]),/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
-&(nid_objs[453]),/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
-&(nid_objs[454]),/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
-&(nid_objs[455]),/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
-&(nid_objs[456]),/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
-&(nid_objs[457]),/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
-&(nid_objs[189]),/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
-&(nid_objs[190]),/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
-&(nid_objs[191]),/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
-&(nid_objs[192]),/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
-&(nid_objs[193]),/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
-&(nid_objs[194]),/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
-&(nid_objs[195]),/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
-&(nid_objs[158]),/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
-&(nid_objs[159]),/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
-&(nid_objs[160]),/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
-&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
-&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
-&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
-&(nid_objs[171]),/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
-&(nid_objs[134]),/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
-&(nid_objs[135]),/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
-&(nid_objs[136]),/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
-&(nid_objs[137]),/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
-&(nid_objs[138]),/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
-&(nid_objs[648]),/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
-&(nid_objs[649]),/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
-&(nid_objs[196]),/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
-&(nid_objs[197]),/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
-&(nid_objs[198]),/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
-&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
-&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-&(nid_objs[204]),/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
-&(nid_objs[205]),/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
-&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
-&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
-&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
-&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
-&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
-&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
-&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
-&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
-&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
-&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
-&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-&(nid_objs[219]),/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
-&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
-&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
-&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
-&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
-&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
-&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
-&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
-&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
-&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
-&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
-&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
-&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
-&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
-&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
-&(nid_objs[248]),/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
-&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
-&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-&(nid_objs[150]),/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
-&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
-&(nid_objs[152]),/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
-&(nid_objs[153]),/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
-&(nid_objs[154]),/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
-&(nid_objs[155]),/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
-&(nid_objs[34]),/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
-};
-
diff --git a/crypto/openssl/crypto/objects/obj_dat.pl b/crypto/openssl/crypto/objects/obj_dat.pl
deleted file mode 100644
index 5dfb84ea0045..000000000000
--- a/crypto/openssl/crypto/objects/obj_dat.pl
+++ /dev/null
@@ -1,303 +0,0 @@
-#!/usr/local/bin/perl
-
-sub obj_cmp
-	{
-	local(@a,@b,$_,$r);
-
-	$A=$obj_len{$obj{$nid{$a}}};
-	$B=$obj_len{$obj{$nid{$b}}};
-
-	$r=($A-$B);
-	return($r) if $r != 0;
-
-	$A=$obj_der{$obj{$nid{$a}}};
-	$B=$obj_der{$obj{$nid{$b}}};
-
-	return($A cmp $B);
-	}
-
-sub expand_obj
-	{
-	local(*v)=@_;
-	local($k,$d);
-	local($i);
-
-	do	{
-		$i=0;
-		foreach $k (keys %v)
-			{
-			if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
-				{ $i++; }
-			}
-		} while($i);
-	foreach $k (keys %v)
-		{
-		@a=split(/,/,$v{$k});
-		$objn{$k}=$#a+1;
-		}
-	return(%objn);
-	}
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-
-while (<IN>)
-	{
-	next unless /^\#define\s+(\S+)\s+(.*)$/;
-	$v=$1;
-	$d=$2;
-	$d =~ s/^\"//;
-	$d =~ s/\"$//;
-	if ($v =~ /^SN_(.*)$/)
-		{
-		if(defined $snames{$d})
-			{
-			print "WARNING: Duplicate short name \"$d\"\n";
-			}
-		else 
-			{ $snames{$d} = "X"; }
-		$sn{$1}=$d;
-		}
-	elsif ($v =~ /^LN_(.*)$/)
-		{
-		if(defined $lnames{$d})
-			{
-			print "WARNING: Duplicate long name \"$d\"\n";
-			}
-		else 
-			{ $lnames{$d} = "X"; }
-		$ln{$1}=$d;
-		}
-	elsif ($v =~ /^NID_(.*)$/)
-		{ $nid{$d}=$1; }
-	elsif ($v =~ /^OBJ_(.*)$/)
-		{
-		$obj{$1}=$v;
-		$objd{$v}=$d;
-		}
-	}
-close IN;
-
-%ob=&expand_obj(*objd);
-
-@a=sort { $a <=> $b } keys %nid;
-$n=$a[$#a]+1;
-
-@lvalues=();
-$lvalues=0;
-
-for ($i=0; $i<$n; $i++)
-	{
-	if (!defined($nid{$i}))
-		{
-		push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
-		}
-	else
-		{
-		$sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
-		$ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
-
-		if ($sn eq "NULL") {
-			$sn=$ln;
-			$sn{$nid{$i}} = $ln;
-		}
-
-		if ($ln eq "NULL") {
-			$ln=$sn;
-			$ln{$nid{$i}} = $sn;
-		}
-			
-		$out ="{";
-		$out.="\"$sn\"";
-		$out.=","."\"$ln\"";
-		$out.=",NID_$nid{$i},";
-		if (defined($obj{$nid{$i}}))
-			{
-			$v=$objd{$obj{$nid{$i}}};
-			$v =~ s/L//g;
-			$v =~ s/,/ /g;
-			$r=&der_it($v);
-			$z="";
-			$length=0;
-			foreach (unpack("C*",$r))
-				{
-				$z.=sprintf("0x%02X,",$_);
-				$length++;
-				}
-			$obj_der{$obj{$nid{$i}}}=$z;
-			$obj_len{$obj{$nid{$i}}}=$length;
-
-			push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
-				$z,$lvalues,$obj{$nid{$i}}));
-			$out.="$length,&(lvalues[$lvalues]),0";
-			$lvalues+=$length;
-			}
-		else
-			{
-			$out.="0,NULL";
-			}
-		$out.="},\n";
-		push(@out,$out);
-		}
-	}
-
-@a=grep(defined($sn{$nid{$_}}),0 .. $n);
-foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
-	{
-	push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_));
-	}
-
-@a=grep(defined($ln{$nid{$_}}),0 .. $n);
-foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
-	{
-	push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_));
-	}
-
-@a=grep(defined($obj{$nid{$_}}),0 .. $n);
-foreach (sort obj_cmp @a)
-	{
-	$m=$obj{$nid{$_}};
-	$v=$objd{$m};
-	$v =~ s/L//g;
-	$v =~ s/,/ /g;
-	push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
-	}
-
-print OUT <<'EOF';
-/* crypto/objects/obj_dat.h */
-
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl obj_mac.h obj_dat.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-EOF
-
-printf OUT "#define NUM_NID %d\n",$n;
-printf OUT "#define NUM_SN %d\n",$#sn+1;
-printf OUT "#define NUM_LN %d\n",$#ln+1;
-printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-
-printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1;
-print OUT @lvalues;
-print OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
-foreach (@out)
-	{
-	if (length($_) > 75)
-		{
-		$out="";
-		foreach (split(/,/))
-			{
-			$t=$out.$_.",";
-			if (length($t) > 70)
-				{
-				print OUT "$out\n";
-				$t="\t$_,";
-				}
-			$out=$t;
-			}
-		chop $out;
-		print OUT "$out";
-		}
-	else
-		{ print OUT $_; }
-	}
-print  OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
-print  OUT @sn;
-print  OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
-print  OUT @ln;
-print  OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
-print  OUT @ob;
-print  OUT "};\n\n";
-
-close OUT;
-
-sub der_it
-	{
-	local($v)=@_;
-	local(@a,$i,$ret,@r);
-
-	@a=split(/\s+/,$v);
-	$ret.=pack("C*",$a[0]*40+$a[1]);
-	shift @a;
-	shift @a;
-	foreach (@a)
-		{
-		@r=();
-		$t=0;
-		while ($_ >= 128)
-			{
-			$x=$_%128;
-			$_/=128;
-			push(@r,((($t++)?0x80:0)|$x));
-			}
-		push(@r,((($t++)?0x80:0)|$_));
-		$ret.=pack("C*",reverse(@r));
-		}
-	return($ret);
-	}
diff --git a/crypto/openssl/crypto/objects/obj_err.c b/crypto/openssl/crypto/objects/obj_err.c
deleted file mode 100644
index 80ab6855af34..000000000000
--- a/crypto/openssl/crypto/objects/obj_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/objects/obj_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA OBJ_str_functs[]=
-	{
-{ERR_PACK(0,OBJ_F_OBJ_CREATE,0),	"OBJ_create"},
-{ERR_PACK(0,OBJ_F_OBJ_DUP,0),	"OBJ_dup"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0),	"OBJ_nid2ln"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0),	"OBJ_nid2obj"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0),	"OBJ_nid2sn"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA OBJ_str_reasons[]=
-	{
-{OBJ_R_MALLOC_FAILURE                    ,"malloc failure"},
-{OBJ_R_UNKNOWN_NID                       ,"unknown nid"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_OBJ_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
-		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/objects/obj_lib.c b/crypto/openssl/crypto/objects/obj_lib.c
deleted file mode 100644
index b0b0f2ff24b2..000000000000
--- a/crypto/openssl/crypto/objects/obj_lib.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/objects/obj_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
-	{
-	ASN1_OBJECT *r;
-	int i;
-	char *ln=NULL;
-
-	if (o == NULL) return(NULL);
-	if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
-		return((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of
-					     duplication is this??? */
-
-	r=ASN1_OBJECT_new();
-	if (r == NULL)
-		{
-		OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
-		return(NULL);
-		}
-	r->data=OPENSSL_malloc(o->length);
-	if (r->data == NULL)
-		goto err;
-	memcpy(r->data,o->data,o->length);
-	r->length=o->length;
-	r->nid=o->nid;
-	r->ln=r->sn=NULL;
-	if (o->ln != NULL)
-		{
-		i=strlen(o->ln)+1;
-		r->ln=ln=OPENSSL_malloc(i);
-		if (r->ln == NULL) goto err;
-		memcpy(ln,o->ln,i);
-		}
-
-	if (o->sn != NULL)
-		{
-		char *s;
-
-		i=strlen(o->sn)+1;
-		r->sn=s=OPENSSL_malloc(i);
-		if (r->sn == NULL) goto err;
-		memcpy(s,o->sn,i);
-		}
-	r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
-		ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-	return(r);
-err:
-	OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
-	if (r != NULL)
-		{
-		if (ln != NULL) OPENSSL_free(ln);
-		if (r->data != NULL) OPENSSL_free(r->data);
-		OPENSSL_free(r);
-		}
-	return(NULL);
-	}
-
-int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
-	{
-	int ret;
-
-	ret=(a->length-b->length);
-	if (ret) return(ret);
-	return(memcmp(a->data,b->data,a->length));
-	}
diff --git a/crypto/openssl/crypto/objects/obj_mac.h b/crypto/openssl/crypto/objects/obj_mac.h
deleted file mode 100644
index 7645012298ec..000000000000
--- a/crypto/openssl/crypto/objects/obj_mac.h
+++ /dev/null
@@ -1,2868 +0,0 @@
-/* crypto/objects/obj_mac.h */
-
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef			"UNDEF"
-#define LN_undef			"undefined"
-#define NID_undef			0
-#define OBJ_undef			0L
-
-#define SN_ccitt		"CCITT"
-#define LN_ccitt		"ccitt"
-#define NID_ccitt		404
-#define OBJ_ccitt		0L
-
-#define SN_iso		"ISO"
-#define LN_iso		"iso"
-#define NID_iso		181
-#define OBJ_iso		1L
-
-#define SN_joint_iso_ccitt		"JOINT-ISO-CCITT"
-#define LN_joint_iso_ccitt		"joint-iso-ccitt"
-#define NID_joint_iso_ccitt		393
-#define OBJ_joint_iso_ccitt		2L
-
-#define SN_member_body		"member-body"
-#define LN_member_body		"ISO Member Body"
-#define NID_member_body		182
-#define OBJ_member_body		OBJ_iso,2L
-
-#define SN_selected_attribute_types		"selected-attribute-types"
-#define LN_selected_attribute_types		"Selected Attribute Types"
-#define NID_selected_attribute_types		394
-#define OBJ_selected_attribute_types		OBJ_joint_iso_ccitt,5L,1L,5L
-
-#define SN_clearance		"clearance"
-#define NID_clearance		395
-#define OBJ_clearance		OBJ_selected_attribute_types,55L
-
-#define SN_ISO_US		"ISO-US"
-#define LN_ISO_US		"ISO US Member Body"
-#define NID_ISO_US		183
-#define OBJ_ISO_US		OBJ_member_body,840L
-
-#define SN_X9_57		"X9-57"
-#define LN_X9_57		"X9.57"
-#define NID_X9_57		184
-#define OBJ_X9_57		OBJ_ISO_US,10040L
-
-#define SN_X9cm		"X9cm"
-#define LN_X9cm		"X9.57 CM ?"
-#define NID_X9cm		185
-#define OBJ_X9cm		OBJ_X9_57,4L
-
-#define SN_dsa		"DSA"
-#define LN_dsa		"dsaEncryption"
-#define NID_dsa		116
-#define OBJ_dsa		OBJ_X9cm,1L
-
-#define SN_dsaWithSHA1		"DSA-SHA1"
-#define LN_dsaWithSHA1		"dsaWithSHA1"
-#define NID_dsaWithSHA1		113
-#define OBJ_dsaWithSHA1		OBJ_X9cm,3L
-
-#define SN_ansi_X9_62		"ansi-X9-62"
-#define LN_ansi_X9_62		"ANSI X9.62"
-#define NID_ansi_X9_62		405
-#define OBJ_ansi_X9_62		OBJ_ISO_US,10045L
-
-#define OBJ_X9_62_id_fieldType		OBJ_ansi_X9_62,1L
-
-#define SN_X9_62_prime_field		"prime-field"
-#define NID_X9_62_prime_field		406
-#define OBJ_X9_62_prime_field		OBJ_X9_62_id_fieldType,1L
-
-#define SN_X9_62_characteristic_two_field		"characteristic-two-field"
-#define NID_X9_62_characteristic_two_field		407
-#define OBJ_X9_62_characteristic_two_field		OBJ_X9_62_id_fieldType,2L
-
-#define OBJ_X9_62_id_publicKeyType		OBJ_ansi_X9_62,2L
-
-#define SN_X9_62_id_ecPublicKey		"id-ecPublicKey"
-#define NID_X9_62_id_ecPublicKey		408
-#define OBJ_X9_62_id_ecPublicKey		OBJ_X9_62_id_publicKeyType,1L
-
-#define OBJ_X9_62_ellipticCurve		OBJ_ansi_X9_62,3L
-
-#define OBJ_X9_62_c_TwoCurve		OBJ_X9_62_ellipticCurve,0L
-
-#define OBJ_X9_62_primeCurve		OBJ_X9_62_ellipticCurve,1L
-
-#define SN_X9_62_prime192v1		"prime192v1"
-#define NID_X9_62_prime192v1		409
-#define OBJ_X9_62_prime192v1		OBJ_X9_62_primeCurve,1L
-
-#define SN_X9_62_prime192v2		"prime192v2"
-#define NID_X9_62_prime192v2		410
-#define OBJ_X9_62_prime192v2		OBJ_X9_62_primeCurve,2L
-
-#define SN_X9_62_prime192v3		"prime192v3"
-#define NID_X9_62_prime192v3		411
-#define OBJ_X9_62_prime192v3		OBJ_X9_62_primeCurve,3L
-
-#define SN_X9_62_prime239v1		"prime239v1"
-#define NID_X9_62_prime239v1		412
-#define OBJ_X9_62_prime239v1		OBJ_X9_62_primeCurve,4L
-
-#define SN_X9_62_prime239v2		"prime239v2"
-#define NID_X9_62_prime239v2		413
-#define OBJ_X9_62_prime239v2		OBJ_X9_62_primeCurve,5L
-
-#define SN_X9_62_prime239v3		"prime239v3"
-#define NID_X9_62_prime239v3		414
-#define OBJ_X9_62_prime239v3		OBJ_X9_62_primeCurve,6L
-
-#define SN_X9_62_prime256v1		"prime256v1"
-#define NID_X9_62_prime256v1		415
-#define OBJ_X9_62_prime256v1		OBJ_X9_62_primeCurve,7L
-
-#define OBJ_X9_62_id_ecSigType		OBJ_ansi_X9_62,4L
-
-#define SN_ecdsa_with_SHA1		"ecdsa-with-SHA1"
-#define NID_ecdsa_with_SHA1		416
-#define OBJ_ecdsa_with_SHA1		OBJ_X9_62_id_ecSigType,1L
-
-#define SN_cast5_cbc		"CAST5-CBC"
-#define LN_cast5_cbc		"cast5-cbc"
-#define NID_cast5_cbc		108
-#define OBJ_cast5_cbc		OBJ_ISO_US,113533L,7L,66L,10L
-
-#define SN_cast5_ecb		"CAST5-ECB"
-#define LN_cast5_ecb		"cast5-ecb"
-#define NID_cast5_ecb		109
-
-#define SN_cast5_cfb64		"CAST5-CFB"
-#define LN_cast5_cfb64		"cast5-cfb"
-#define NID_cast5_cfb64		110
-
-#define SN_cast5_ofb64		"CAST5-OFB"
-#define LN_cast5_ofb64		"cast5-ofb"
-#define NID_cast5_ofb64		111
-
-#define LN_pbeWithMD5AndCast5_CBC		"pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC		112
-#define OBJ_pbeWithMD5AndCast5_CBC		OBJ_ISO_US,113533L,7L,66L,12L
-
-#define SN_rsadsi		"rsadsi"
-#define LN_rsadsi		"RSA Data Security, Inc."
-#define NID_rsadsi		1
-#define OBJ_rsadsi		OBJ_ISO_US,113549L
-
-#define SN_pkcs		"pkcs"
-#define LN_pkcs		"RSA Data Security, Inc. PKCS"
-#define NID_pkcs		2
-#define OBJ_pkcs		OBJ_rsadsi,1L
-
-#define SN_pkcs1		"pkcs1"
-#define NID_pkcs1		186
-#define OBJ_pkcs1		OBJ_pkcs,1L
-
-#define LN_rsaEncryption		"rsaEncryption"
-#define NID_rsaEncryption		6
-#define OBJ_rsaEncryption		OBJ_pkcs1,1L
-
-#define SN_md2WithRSAEncryption		"RSA-MD2"
-#define LN_md2WithRSAEncryption		"md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption		7
-#define OBJ_md2WithRSAEncryption		OBJ_pkcs1,2L
-
-#define SN_md4WithRSAEncryption		"RSA-MD4"
-#define LN_md4WithRSAEncryption		"md4WithRSAEncryption"
-#define NID_md4WithRSAEncryption		396
-#define OBJ_md4WithRSAEncryption		OBJ_pkcs1,3L
-
-#define SN_md5WithRSAEncryption		"RSA-MD5"
-#define LN_md5WithRSAEncryption		"md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption		8
-#define OBJ_md5WithRSAEncryption		OBJ_pkcs1,4L
-
-#define SN_sha1WithRSAEncryption		"RSA-SHA1"
-#define LN_sha1WithRSAEncryption		"sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption		65
-#define OBJ_sha1WithRSAEncryption		OBJ_pkcs1,5L
-
-#define SN_pkcs3		"pkcs3"
-#define NID_pkcs3		27
-#define OBJ_pkcs3		OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement		"dhKeyAgreement"
-#define NID_dhKeyAgreement		28
-#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
-
-#define SN_pkcs5		"pkcs5"
-#define NID_pkcs5		187
-#define OBJ_pkcs5		OBJ_pkcs,5L
-
-#define SN_pbeWithMD2AndDES_CBC		"PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC		"pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC		9
-#define OBJ_pbeWithMD2AndDES_CBC		OBJ_pkcs5,1L
-
-#define SN_pbeWithMD5AndDES_CBC		"PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC		"pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC		10
-#define OBJ_pbeWithMD5AndDES_CBC		OBJ_pkcs5,3L
-
-#define SN_pbeWithMD2AndRC2_CBC		"PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC		"pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC		168
-#define OBJ_pbeWithMD2AndRC2_CBC		OBJ_pkcs5,4L
-
-#define SN_pbeWithMD5AndRC2_CBC		"PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC		"pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC		169
-#define OBJ_pbeWithMD5AndRC2_CBC		OBJ_pkcs5,6L
-
-#define SN_pbeWithSHA1AndDES_CBC		"PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC		"pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC		170
-#define OBJ_pbeWithSHA1AndDES_CBC		OBJ_pkcs5,10L
-
-#define SN_pbeWithSHA1AndRC2_CBC		"PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC		"pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC		68
-#define OBJ_pbeWithSHA1AndRC2_CBC		OBJ_pkcs5,11L
-
-#define LN_id_pbkdf2		"PBKDF2"
-#define NID_id_pbkdf2		69
-#define OBJ_id_pbkdf2		OBJ_pkcs5,12L
-
-#define LN_pbes2		"PBES2"
-#define NID_pbes2		161
-#define OBJ_pbes2		OBJ_pkcs5,13L
-
-#define LN_pbmac1		"PBMAC1"
-#define NID_pbmac1		162
-#define OBJ_pbmac1		OBJ_pkcs5,14L
-
-#define SN_pkcs7		"pkcs7"
-#define NID_pkcs7		20
-#define OBJ_pkcs7		OBJ_pkcs,7L
-
-#define LN_pkcs7_data		"pkcs7-data"
-#define NID_pkcs7_data		21
-#define OBJ_pkcs7_data		OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed		"pkcs7-signedData"
-#define NID_pkcs7_signed		22
-#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped		"pkcs7-envelopedData"
-#define NID_pkcs7_enveloped		23
-#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped		"pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped		24
-#define OBJ_pkcs7_signedAndEnveloped		OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest		"pkcs7-digestData"
-#define NID_pkcs7_digest		25
-#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted		"pkcs7-encryptedData"
-#define NID_pkcs7_encrypted		26
-#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
-
-#define SN_pkcs9		"pkcs9"
-#define NID_pkcs9		47
-#define OBJ_pkcs9		OBJ_pkcs,9L
-
-#define LN_pkcs9_emailAddress		"emailAddress"
-#define NID_pkcs9_emailAddress		48
-#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName		"unstructuredName"
-#define NID_pkcs9_unstructuredName		49
-#define OBJ_pkcs9_unstructuredName		OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType		"contentType"
-#define NID_pkcs9_contentType		50
-#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest		"messageDigest"
-#define NID_pkcs9_messageDigest		51
-#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime		"signingTime"
-#define NID_pkcs9_signingTime		52
-#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature		"countersignature"
-#define NID_pkcs9_countersignature		53
-#define OBJ_pkcs9_countersignature		OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword		"challengePassword"
-#define NID_pkcs9_challengePassword		54
-#define OBJ_pkcs9_challengePassword		OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress		"unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress		55
-#define OBJ_pkcs9_unstructuredAddress		OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes		"extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes		56
-#define OBJ_pkcs9_extCertAttributes		OBJ_pkcs9,9L
-
-#define SN_ext_req		"extReq"
-#define LN_ext_req		"Extension Request"
-#define NID_ext_req		172
-#define OBJ_ext_req		OBJ_pkcs9,14L
-
-#define SN_SMIMECapabilities		"SMIME-CAPS"
-#define LN_SMIMECapabilities		"S/MIME Capabilities"
-#define NID_SMIMECapabilities		167
-#define OBJ_SMIMECapabilities		OBJ_pkcs9,15L
-
-#define SN_SMIME		"SMIME"
-#define LN_SMIME		"S/MIME"
-#define NID_SMIME		188
-#define OBJ_SMIME		OBJ_pkcs9,16L
-
-#define SN_id_smime_mod		"id-smime-mod"
-#define NID_id_smime_mod		189
-#define OBJ_id_smime_mod		OBJ_SMIME,0L
-
-#define SN_id_smime_ct		"id-smime-ct"
-#define NID_id_smime_ct		190
-#define OBJ_id_smime_ct		OBJ_SMIME,1L
-
-#define SN_id_smime_aa		"id-smime-aa"
-#define NID_id_smime_aa		191
-#define OBJ_id_smime_aa		OBJ_SMIME,2L
-
-#define SN_id_smime_alg		"id-smime-alg"
-#define NID_id_smime_alg		192
-#define OBJ_id_smime_alg		OBJ_SMIME,3L
-
-#define SN_id_smime_cd		"id-smime-cd"
-#define NID_id_smime_cd		193
-#define OBJ_id_smime_cd		OBJ_SMIME,4L
-
-#define SN_id_smime_spq		"id-smime-spq"
-#define NID_id_smime_spq		194
-#define OBJ_id_smime_spq		OBJ_SMIME,5L
-
-#define SN_id_smime_cti		"id-smime-cti"
-#define NID_id_smime_cti		195
-#define OBJ_id_smime_cti		OBJ_SMIME,6L
-
-#define SN_id_smime_mod_cms		"id-smime-mod-cms"
-#define NID_id_smime_mod_cms		196
-#define OBJ_id_smime_mod_cms		OBJ_id_smime_mod,1L
-
-#define SN_id_smime_mod_ess		"id-smime-mod-ess"
-#define NID_id_smime_mod_ess		197
-#define OBJ_id_smime_mod_ess		OBJ_id_smime_mod,2L
-
-#define SN_id_smime_mod_oid		"id-smime-mod-oid"
-#define NID_id_smime_mod_oid		198
-#define OBJ_id_smime_mod_oid		OBJ_id_smime_mod,3L
-
-#define SN_id_smime_mod_msg_v3		"id-smime-mod-msg-v3"
-#define NID_id_smime_mod_msg_v3		199
-#define OBJ_id_smime_mod_msg_v3		OBJ_id_smime_mod,4L
-
-#define SN_id_smime_mod_ets_eSignature_88		"id-smime-mod-ets-eSignature-88"
-#define NID_id_smime_mod_ets_eSignature_88		200
-#define OBJ_id_smime_mod_ets_eSignature_88		OBJ_id_smime_mod,5L
-
-#define SN_id_smime_mod_ets_eSignature_97		"id-smime-mod-ets-eSignature-97"
-#define NID_id_smime_mod_ets_eSignature_97		201
-#define OBJ_id_smime_mod_ets_eSignature_97		OBJ_id_smime_mod,6L
-
-#define SN_id_smime_mod_ets_eSigPolicy_88		"id-smime-mod-ets-eSigPolicy-88"
-#define NID_id_smime_mod_ets_eSigPolicy_88		202
-#define OBJ_id_smime_mod_ets_eSigPolicy_88		OBJ_id_smime_mod,7L
-
-#define SN_id_smime_mod_ets_eSigPolicy_97		"id-smime-mod-ets-eSigPolicy-97"
-#define NID_id_smime_mod_ets_eSigPolicy_97		203
-#define OBJ_id_smime_mod_ets_eSigPolicy_97		OBJ_id_smime_mod,8L
-
-#define SN_id_smime_ct_receipt		"id-smime-ct-receipt"
-#define NID_id_smime_ct_receipt		204
-#define OBJ_id_smime_ct_receipt		OBJ_id_smime_ct,1L
-
-#define SN_id_smime_ct_authData		"id-smime-ct-authData"
-#define NID_id_smime_ct_authData		205
-#define OBJ_id_smime_ct_authData		OBJ_id_smime_ct,2L
-
-#define SN_id_smime_ct_publishCert		"id-smime-ct-publishCert"
-#define NID_id_smime_ct_publishCert		206
-#define OBJ_id_smime_ct_publishCert		OBJ_id_smime_ct,3L
-
-#define SN_id_smime_ct_TSTInfo		"id-smime-ct-TSTInfo"
-#define NID_id_smime_ct_TSTInfo		207
-#define OBJ_id_smime_ct_TSTInfo		OBJ_id_smime_ct,4L
-
-#define SN_id_smime_ct_TDTInfo		"id-smime-ct-TDTInfo"
-#define NID_id_smime_ct_TDTInfo		208
-#define OBJ_id_smime_ct_TDTInfo		OBJ_id_smime_ct,5L
-
-#define SN_id_smime_ct_contentInfo		"id-smime-ct-contentInfo"
-#define NID_id_smime_ct_contentInfo		209
-#define OBJ_id_smime_ct_contentInfo		OBJ_id_smime_ct,6L
-
-#define SN_id_smime_ct_DVCSRequestData		"id-smime-ct-DVCSRequestData"
-#define NID_id_smime_ct_DVCSRequestData		210
-#define OBJ_id_smime_ct_DVCSRequestData		OBJ_id_smime_ct,7L
-
-#define SN_id_smime_ct_DVCSResponseData		"id-smime-ct-DVCSResponseData"
-#define NID_id_smime_ct_DVCSResponseData		211
-#define OBJ_id_smime_ct_DVCSResponseData		OBJ_id_smime_ct,8L
-
-#define SN_id_smime_aa_receiptRequest		"id-smime-aa-receiptRequest"
-#define NID_id_smime_aa_receiptRequest		212
-#define OBJ_id_smime_aa_receiptRequest		OBJ_id_smime_aa,1L
-
-#define SN_id_smime_aa_securityLabel		"id-smime-aa-securityLabel"
-#define NID_id_smime_aa_securityLabel		213
-#define OBJ_id_smime_aa_securityLabel		OBJ_id_smime_aa,2L
-
-#define SN_id_smime_aa_mlExpandHistory		"id-smime-aa-mlExpandHistory"
-#define NID_id_smime_aa_mlExpandHistory		214
-#define OBJ_id_smime_aa_mlExpandHistory		OBJ_id_smime_aa,3L
-
-#define SN_id_smime_aa_contentHint		"id-smime-aa-contentHint"
-#define NID_id_smime_aa_contentHint		215
-#define OBJ_id_smime_aa_contentHint		OBJ_id_smime_aa,4L
-
-#define SN_id_smime_aa_msgSigDigest		"id-smime-aa-msgSigDigest"
-#define NID_id_smime_aa_msgSigDigest		216
-#define OBJ_id_smime_aa_msgSigDigest		OBJ_id_smime_aa,5L
-
-#define SN_id_smime_aa_encapContentType		"id-smime-aa-encapContentType"
-#define NID_id_smime_aa_encapContentType		217
-#define OBJ_id_smime_aa_encapContentType		OBJ_id_smime_aa,6L
-
-#define SN_id_smime_aa_contentIdentifier		"id-smime-aa-contentIdentifier"
-#define NID_id_smime_aa_contentIdentifier		218
-#define OBJ_id_smime_aa_contentIdentifier		OBJ_id_smime_aa,7L
-
-#define SN_id_smime_aa_macValue		"id-smime-aa-macValue"
-#define NID_id_smime_aa_macValue		219
-#define OBJ_id_smime_aa_macValue		OBJ_id_smime_aa,8L
-
-#define SN_id_smime_aa_equivalentLabels		"id-smime-aa-equivalentLabels"
-#define NID_id_smime_aa_equivalentLabels		220
-#define OBJ_id_smime_aa_equivalentLabels		OBJ_id_smime_aa,9L
-
-#define SN_id_smime_aa_contentReference		"id-smime-aa-contentReference"
-#define NID_id_smime_aa_contentReference		221
-#define OBJ_id_smime_aa_contentReference		OBJ_id_smime_aa,10L
-
-#define SN_id_smime_aa_encrypKeyPref		"id-smime-aa-encrypKeyPref"
-#define NID_id_smime_aa_encrypKeyPref		222
-#define OBJ_id_smime_aa_encrypKeyPref		OBJ_id_smime_aa,11L
-
-#define SN_id_smime_aa_signingCertificate		"id-smime-aa-signingCertificate"
-#define NID_id_smime_aa_signingCertificate		223
-#define OBJ_id_smime_aa_signingCertificate		OBJ_id_smime_aa,12L
-
-#define SN_id_smime_aa_smimeEncryptCerts		"id-smime-aa-smimeEncryptCerts"
-#define NID_id_smime_aa_smimeEncryptCerts		224
-#define OBJ_id_smime_aa_smimeEncryptCerts		OBJ_id_smime_aa,13L
-
-#define SN_id_smime_aa_timeStampToken		"id-smime-aa-timeStampToken"
-#define NID_id_smime_aa_timeStampToken		225
-#define OBJ_id_smime_aa_timeStampToken		OBJ_id_smime_aa,14L
-
-#define SN_id_smime_aa_ets_sigPolicyId		"id-smime-aa-ets-sigPolicyId"
-#define NID_id_smime_aa_ets_sigPolicyId		226
-#define OBJ_id_smime_aa_ets_sigPolicyId		OBJ_id_smime_aa,15L
-
-#define SN_id_smime_aa_ets_commitmentType		"id-smime-aa-ets-commitmentType"
-#define NID_id_smime_aa_ets_commitmentType		227
-#define OBJ_id_smime_aa_ets_commitmentType		OBJ_id_smime_aa,16L
-
-#define SN_id_smime_aa_ets_signerLocation		"id-smime-aa-ets-signerLocation"
-#define NID_id_smime_aa_ets_signerLocation		228
-#define OBJ_id_smime_aa_ets_signerLocation		OBJ_id_smime_aa,17L
-
-#define SN_id_smime_aa_ets_signerAttr		"id-smime-aa-ets-signerAttr"
-#define NID_id_smime_aa_ets_signerAttr		229
-#define OBJ_id_smime_aa_ets_signerAttr		OBJ_id_smime_aa,18L
-
-#define SN_id_smime_aa_ets_otherSigCert		"id-smime-aa-ets-otherSigCert"
-#define NID_id_smime_aa_ets_otherSigCert		230
-#define OBJ_id_smime_aa_ets_otherSigCert		OBJ_id_smime_aa,19L
-
-#define SN_id_smime_aa_ets_contentTimestamp		"id-smime-aa-ets-contentTimestamp"
-#define NID_id_smime_aa_ets_contentTimestamp		231
-#define OBJ_id_smime_aa_ets_contentTimestamp		OBJ_id_smime_aa,20L
-
-#define SN_id_smime_aa_ets_CertificateRefs		"id-smime-aa-ets-CertificateRefs"
-#define NID_id_smime_aa_ets_CertificateRefs		232
-#define OBJ_id_smime_aa_ets_CertificateRefs		OBJ_id_smime_aa,21L
-
-#define SN_id_smime_aa_ets_RevocationRefs		"id-smime-aa-ets-RevocationRefs"
-#define NID_id_smime_aa_ets_RevocationRefs		233
-#define OBJ_id_smime_aa_ets_RevocationRefs		OBJ_id_smime_aa,22L
-
-#define SN_id_smime_aa_ets_certValues		"id-smime-aa-ets-certValues"
-#define NID_id_smime_aa_ets_certValues		234
-#define OBJ_id_smime_aa_ets_certValues		OBJ_id_smime_aa,23L
-
-#define SN_id_smime_aa_ets_revocationValues		"id-smime-aa-ets-revocationValues"
-#define NID_id_smime_aa_ets_revocationValues		235
-#define OBJ_id_smime_aa_ets_revocationValues		OBJ_id_smime_aa,24L
-
-#define SN_id_smime_aa_ets_escTimeStamp		"id-smime-aa-ets-escTimeStamp"
-#define NID_id_smime_aa_ets_escTimeStamp		236
-#define OBJ_id_smime_aa_ets_escTimeStamp		OBJ_id_smime_aa,25L
-
-#define SN_id_smime_aa_ets_certCRLTimestamp		"id-smime-aa-ets-certCRLTimestamp"
-#define NID_id_smime_aa_ets_certCRLTimestamp		237
-#define OBJ_id_smime_aa_ets_certCRLTimestamp		OBJ_id_smime_aa,26L
-
-#define SN_id_smime_aa_ets_archiveTimeStamp		"id-smime-aa-ets-archiveTimeStamp"
-#define NID_id_smime_aa_ets_archiveTimeStamp		238
-#define OBJ_id_smime_aa_ets_archiveTimeStamp		OBJ_id_smime_aa,27L
-
-#define SN_id_smime_aa_signatureType		"id-smime-aa-signatureType"
-#define NID_id_smime_aa_signatureType		239
-#define OBJ_id_smime_aa_signatureType		OBJ_id_smime_aa,28L
-
-#define SN_id_smime_aa_dvcs_dvc		"id-smime-aa-dvcs-dvc"
-#define NID_id_smime_aa_dvcs_dvc		240
-#define OBJ_id_smime_aa_dvcs_dvc		OBJ_id_smime_aa,29L
-
-#define SN_id_smime_alg_ESDHwith3DES		"id-smime-alg-ESDHwith3DES"
-#define NID_id_smime_alg_ESDHwith3DES		241
-#define OBJ_id_smime_alg_ESDHwith3DES		OBJ_id_smime_alg,1L
-
-#define SN_id_smime_alg_ESDHwithRC2		"id-smime-alg-ESDHwithRC2"
-#define NID_id_smime_alg_ESDHwithRC2		242
-#define OBJ_id_smime_alg_ESDHwithRC2		OBJ_id_smime_alg,2L
-
-#define SN_id_smime_alg_3DESwrap		"id-smime-alg-3DESwrap"
-#define NID_id_smime_alg_3DESwrap		243
-#define OBJ_id_smime_alg_3DESwrap		OBJ_id_smime_alg,3L
-
-#define SN_id_smime_alg_RC2wrap		"id-smime-alg-RC2wrap"
-#define NID_id_smime_alg_RC2wrap		244
-#define OBJ_id_smime_alg_RC2wrap		OBJ_id_smime_alg,4L
-
-#define SN_id_smime_alg_ESDH		"id-smime-alg-ESDH"
-#define NID_id_smime_alg_ESDH		245
-#define OBJ_id_smime_alg_ESDH		OBJ_id_smime_alg,5L
-
-#define SN_id_smime_alg_CMS3DESwrap		"id-smime-alg-CMS3DESwrap"
-#define NID_id_smime_alg_CMS3DESwrap		246
-#define OBJ_id_smime_alg_CMS3DESwrap		OBJ_id_smime_alg,6L
-
-#define SN_id_smime_alg_CMSRC2wrap		"id-smime-alg-CMSRC2wrap"
-#define NID_id_smime_alg_CMSRC2wrap		247
-#define OBJ_id_smime_alg_CMSRC2wrap		OBJ_id_smime_alg,7L
-
-#define SN_id_smime_cd_ldap		"id-smime-cd-ldap"
-#define NID_id_smime_cd_ldap		248
-#define OBJ_id_smime_cd_ldap		OBJ_id_smime_cd,1L
-
-#define SN_id_smime_spq_ets_sqt_uri		"id-smime-spq-ets-sqt-uri"
-#define NID_id_smime_spq_ets_sqt_uri		249
-#define OBJ_id_smime_spq_ets_sqt_uri		OBJ_id_smime_spq,1L
-
-#define SN_id_smime_spq_ets_sqt_unotice		"id-smime-spq-ets-sqt-unotice"
-#define NID_id_smime_spq_ets_sqt_unotice		250
-#define OBJ_id_smime_spq_ets_sqt_unotice		OBJ_id_smime_spq,2L
-
-#define SN_id_smime_cti_ets_proofOfOrigin		"id-smime-cti-ets-proofOfOrigin"
-#define NID_id_smime_cti_ets_proofOfOrigin		251
-#define OBJ_id_smime_cti_ets_proofOfOrigin		OBJ_id_smime_cti,1L
-
-#define SN_id_smime_cti_ets_proofOfReceipt		"id-smime-cti-ets-proofOfReceipt"
-#define NID_id_smime_cti_ets_proofOfReceipt		252
-#define OBJ_id_smime_cti_ets_proofOfReceipt		OBJ_id_smime_cti,2L
-
-#define SN_id_smime_cti_ets_proofOfDelivery		"id-smime-cti-ets-proofOfDelivery"
-#define NID_id_smime_cti_ets_proofOfDelivery		253
-#define OBJ_id_smime_cti_ets_proofOfDelivery		OBJ_id_smime_cti,3L
-
-#define SN_id_smime_cti_ets_proofOfSender		"id-smime-cti-ets-proofOfSender"
-#define NID_id_smime_cti_ets_proofOfSender		254
-#define OBJ_id_smime_cti_ets_proofOfSender		OBJ_id_smime_cti,4L
-
-#define SN_id_smime_cti_ets_proofOfApproval		"id-smime-cti-ets-proofOfApproval"
-#define NID_id_smime_cti_ets_proofOfApproval		255
-#define OBJ_id_smime_cti_ets_proofOfApproval		OBJ_id_smime_cti,5L
-
-#define SN_id_smime_cti_ets_proofOfCreation		"id-smime-cti-ets-proofOfCreation"
-#define NID_id_smime_cti_ets_proofOfCreation		256
-#define OBJ_id_smime_cti_ets_proofOfCreation		OBJ_id_smime_cti,6L
-
-#define LN_friendlyName		"friendlyName"
-#define NID_friendlyName		156
-#define OBJ_friendlyName		OBJ_pkcs9,20L
-
-#define LN_localKeyID		"localKeyID"
-#define NID_localKeyID		157
-#define OBJ_localKeyID		OBJ_pkcs9,21L
-
-#define SN_ms_csp_name		"CSPName"
-#define LN_ms_csp_name		"Microsoft CSP Name"
-#define NID_ms_csp_name		417
-#define OBJ_ms_csp_name		1L,3L,6L,1L,4L,1L,311L,17L,1L
-
-#define OBJ_certTypes		OBJ_pkcs9,22L
-
-#define LN_x509Certificate		"x509Certificate"
-#define NID_x509Certificate		158
-#define OBJ_x509Certificate		OBJ_certTypes,1L
-
-#define LN_sdsiCertificate		"sdsiCertificate"
-#define NID_sdsiCertificate		159
-#define OBJ_sdsiCertificate		OBJ_certTypes,2L
-
-#define OBJ_crlTypes		OBJ_pkcs9,23L
-
-#define LN_x509Crl		"x509Crl"
-#define NID_x509Crl		160
-#define OBJ_x509Crl		OBJ_crlTypes,1L
-
-#define OBJ_pkcs12		OBJ_pkcs,12L
-
-#define OBJ_pkcs12_pbeids		OBJ_pkcs12,1L
-
-#define SN_pbe_WithSHA1And128BitRC4		"PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4		"pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4		144
-#define OBJ_pbe_WithSHA1And128BitRC4		OBJ_pkcs12_pbeids,1L
-
-#define SN_pbe_WithSHA1And40BitRC4		"PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4		"pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4		145
-#define OBJ_pbe_WithSHA1And40BitRC4		OBJ_pkcs12_pbeids,2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC		"PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC		"pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC		146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC		OBJ_pkcs12_pbeids,3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC		"PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC		"pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC		147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC		OBJ_pkcs12_pbeids,4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC		"PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC		"pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC		148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC		OBJ_pkcs12_pbeids,5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC		"PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC		"pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC		149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC		OBJ_pkcs12_pbeids,6L
-
-#define OBJ_pkcs12_Version1		OBJ_pkcs12,10L
-
-#define OBJ_pkcs12_BagIds		OBJ_pkcs12_Version1,1L
-
-#define LN_keyBag		"keyBag"
-#define NID_keyBag		150
-#define OBJ_keyBag		OBJ_pkcs12_BagIds,1L
-
-#define LN_pkcs8ShroudedKeyBag		"pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag		151
-#define OBJ_pkcs8ShroudedKeyBag		OBJ_pkcs12_BagIds,2L
-
-#define LN_certBag		"certBag"
-#define NID_certBag		152
-#define OBJ_certBag		OBJ_pkcs12_BagIds,3L
-
-#define LN_crlBag		"crlBag"
-#define NID_crlBag		153
-#define OBJ_crlBag		OBJ_pkcs12_BagIds,4L
-
-#define LN_secretBag		"secretBag"
-#define NID_secretBag		154
-#define OBJ_secretBag		OBJ_pkcs12_BagIds,5L
-
-#define LN_safeContentsBag		"safeContentsBag"
-#define NID_safeContentsBag		155
-#define OBJ_safeContentsBag		OBJ_pkcs12_BagIds,6L
-
-#define SN_md2		"MD2"
-#define LN_md2		"md2"
-#define NID_md2		3
-#define OBJ_md2		OBJ_rsadsi,2L,2L
-
-#define SN_md4		"MD4"
-#define LN_md4		"md4"
-#define NID_md4		257
-#define OBJ_md4		OBJ_rsadsi,2L,4L
-
-#define SN_md5		"MD5"
-#define LN_md5		"md5"
-#define NID_md5		4
-#define OBJ_md5		OBJ_rsadsi,2L,5L
-
-#define SN_md5_sha1		"MD5-SHA1"
-#define LN_md5_sha1		"md5-sha1"
-#define NID_md5_sha1		114
-
-#define LN_hmacWithSHA1		"hmacWithSHA1"
-#define NID_hmacWithSHA1		163
-#define OBJ_hmacWithSHA1		OBJ_rsadsi,2L,7L
-
-#define SN_rc2_cbc		"RC2-CBC"
-#define LN_rc2_cbc		"rc2-cbc"
-#define NID_rc2_cbc		37
-#define OBJ_rc2_cbc		OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb		"RC2-ECB"
-#define LN_rc2_ecb		"rc2-ecb"
-#define NID_rc2_ecb		38
-
-#define SN_rc2_cfb64		"RC2-CFB"
-#define LN_rc2_cfb64		"rc2-cfb"
-#define NID_rc2_cfb64		39
-
-#define SN_rc2_ofb64		"RC2-OFB"
-#define LN_rc2_ofb64		"rc2-ofb"
-#define NID_rc2_ofb64		40
-
-#define SN_rc2_40_cbc		"RC2-40-CBC"
-#define LN_rc2_40_cbc		"rc2-40-cbc"
-#define NID_rc2_40_cbc		98
-
-#define SN_rc2_64_cbc		"RC2-64-CBC"
-#define LN_rc2_64_cbc		"rc2-64-cbc"
-#define NID_rc2_64_cbc		166
-
-#define SN_rc4		"RC4"
-#define LN_rc4		"rc4"
-#define NID_rc4		5
-#define OBJ_rc4		OBJ_rsadsi,3L,4L
-
-#define SN_rc4_40		"RC4-40"
-#define LN_rc4_40		"rc4-40"
-#define NID_rc4_40		97
-
-#define SN_des_ede3_cbc		"DES-EDE3-CBC"
-#define LN_des_ede3_cbc		"des-ede3-cbc"
-#define NID_des_ede3_cbc		44
-#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
-
-#define SN_rc5_cbc		"RC5-CBC"
-#define LN_rc5_cbc		"rc5-cbc"
-#define NID_rc5_cbc		120
-#define OBJ_rc5_cbc		OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb		"RC5-ECB"
-#define LN_rc5_ecb		"rc5-ecb"
-#define NID_rc5_ecb		121
-
-#define SN_rc5_cfb64		"RC5-CFB"
-#define LN_rc5_cfb64		"rc5-cfb"
-#define NID_rc5_cfb64		122
-
-#define SN_rc5_ofb64		"RC5-OFB"
-#define LN_rc5_ofb64		"rc5-ofb"
-#define NID_rc5_ofb64		123
-
-#define SN_ms_ext_req		"msExtReq"
-#define LN_ms_ext_req		"Microsoft Extension Request"
-#define NID_ms_ext_req		171
-#define OBJ_ms_ext_req		1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define SN_ms_code_ind		"msCodeInd"
-#define LN_ms_code_ind		"Microsoft Individual Code Signing"
-#define NID_ms_code_ind		134
-#define OBJ_ms_code_ind		1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com		"msCodeCom"
-#define LN_ms_code_com		"Microsoft Commercial Code Signing"
-#define NID_ms_code_com		135
-#define OBJ_ms_code_com		1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign		"msCTLSign"
-#define LN_ms_ctl_sign		"Microsoft Trust List Signing"
-#define NID_ms_ctl_sign		136
-#define OBJ_ms_ctl_sign		1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc		"msSGC"
-#define LN_ms_sgc		"Microsoft Server Gated Crypto"
-#define NID_ms_sgc		137
-#define OBJ_ms_sgc		1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs		"msEFS"
-#define LN_ms_efs		"Microsoft Encrypted File System"
-#define NID_ms_efs		138
-#define OBJ_ms_efs		1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-#define SN_ms_smartcard_login		"msSmartcardLogin"
-#define LN_ms_smartcard_login		"Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login		648
-#define OBJ_ms_smartcard_login		1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
-
-#define SN_ms_upn		"msUPN"
-#define LN_ms_upn		"Microsoft Universal Principal Name"
-#define NID_ms_upn		649
-#define OBJ_ms_upn		1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
-
-#define SN_idea_cbc		"IDEA-CBC"
-#define LN_idea_cbc		"idea-cbc"
-#define NID_idea_cbc		34
-#define OBJ_idea_cbc		1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_ecb		"IDEA-ECB"
-#define LN_idea_ecb		"idea-ecb"
-#define NID_idea_ecb		36
-
-#define SN_idea_cfb64		"IDEA-CFB"
-#define LN_idea_cfb64		"idea-cfb"
-#define NID_idea_cfb64		35
-
-#define SN_idea_ofb64		"IDEA-OFB"
-#define LN_idea_ofb64		"idea-ofb"
-#define NID_idea_ofb64		46
-
-#define SN_bf_cbc		"BF-CBC"
-#define LN_bf_cbc		"bf-cbc"
-#define NID_bf_cbc		91
-#define OBJ_bf_cbc		1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb		"BF-ECB"
-#define LN_bf_ecb		"bf-ecb"
-#define NID_bf_ecb		92
-
-#define SN_bf_cfb64		"BF-CFB"
-#define LN_bf_cfb64		"bf-cfb"
-#define NID_bf_cfb64		93
-
-#define SN_bf_ofb64		"BF-OFB"
-#define LN_bf_ofb64		"bf-ofb"
-#define NID_bf_ofb64		94
-
-#define SN_id_pkix		"PKIX"
-#define NID_id_pkix		127
-#define OBJ_id_pkix		1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_pkix_mod		"id-pkix-mod"
-#define NID_id_pkix_mod		258
-#define OBJ_id_pkix_mod		OBJ_id_pkix,0L
-
-#define SN_id_pe		"id-pe"
-#define NID_id_pe		175
-#define OBJ_id_pe		OBJ_id_pkix,1L
-
-#define SN_id_qt		"id-qt"
-#define NID_id_qt		259
-#define OBJ_id_qt		OBJ_id_pkix,2L
-
-#define SN_id_kp		"id-kp"
-#define NID_id_kp		128
-#define OBJ_id_kp		OBJ_id_pkix,3L
-
-#define SN_id_it		"id-it"
-#define NID_id_it		260
-#define OBJ_id_it		OBJ_id_pkix,4L
-
-#define SN_id_pkip		"id-pkip"
-#define NID_id_pkip		261
-#define OBJ_id_pkip		OBJ_id_pkix,5L
-
-#define SN_id_alg		"id-alg"
-#define NID_id_alg		262
-#define OBJ_id_alg		OBJ_id_pkix,6L
-
-#define SN_id_cmc		"id-cmc"
-#define NID_id_cmc		263
-#define OBJ_id_cmc		OBJ_id_pkix,7L
-
-#define SN_id_on		"id-on"
-#define NID_id_on		264
-#define OBJ_id_on		OBJ_id_pkix,8L
-
-#define SN_id_pda		"id-pda"
-#define NID_id_pda		265
-#define OBJ_id_pda		OBJ_id_pkix,9L
-
-#define SN_id_aca		"id-aca"
-#define NID_id_aca		266
-#define OBJ_id_aca		OBJ_id_pkix,10L
-
-#define SN_id_qcs		"id-qcs"
-#define NID_id_qcs		267
-#define OBJ_id_qcs		OBJ_id_pkix,11L
-
-#define SN_id_cct		"id-cct"
-#define NID_id_cct		268
-#define OBJ_id_cct		OBJ_id_pkix,12L
-
-#define SN_id_ad		"id-ad"
-#define NID_id_ad		176
-#define OBJ_id_ad		OBJ_id_pkix,48L
-
-#define SN_id_pkix1_explicit_88		"id-pkix1-explicit-88"
-#define NID_id_pkix1_explicit_88		269
-#define OBJ_id_pkix1_explicit_88		OBJ_id_pkix_mod,1L
-
-#define SN_id_pkix1_implicit_88		"id-pkix1-implicit-88"
-#define NID_id_pkix1_implicit_88		270
-#define OBJ_id_pkix1_implicit_88		OBJ_id_pkix_mod,2L
-
-#define SN_id_pkix1_explicit_93		"id-pkix1-explicit-93"
-#define NID_id_pkix1_explicit_93		271
-#define OBJ_id_pkix1_explicit_93		OBJ_id_pkix_mod,3L
-
-#define SN_id_pkix1_implicit_93		"id-pkix1-implicit-93"
-#define NID_id_pkix1_implicit_93		272
-#define OBJ_id_pkix1_implicit_93		OBJ_id_pkix_mod,4L
-
-#define SN_id_mod_crmf		"id-mod-crmf"
-#define NID_id_mod_crmf		273
-#define OBJ_id_mod_crmf		OBJ_id_pkix_mod,5L
-
-#define SN_id_mod_cmc		"id-mod-cmc"
-#define NID_id_mod_cmc		274
-#define OBJ_id_mod_cmc		OBJ_id_pkix_mod,6L
-
-#define SN_id_mod_kea_profile_88		"id-mod-kea-profile-88"
-#define NID_id_mod_kea_profile_88		275
-#define OBJ_id_mod_kea_profile_88		OBJ_id_pkix_mod,7L
-
-#define SN_id_mod_kea_profile_93		"id-mod-kea-profile-93"
-#define NID_id_mod_kea_profile_93		276
-#define OBJ_id_mod_kea_profile_93		OBJ_id_pkix_mod,8L
-
-#define SN_id_mod_cmp		"id-mod-cmp"
-#define NID_id_mod_cmp		277
-#define OBJ_id_mod_cmp		OBJ_id_pkix_mod,9L
-
-#define SN_id_mod_qualified_cert_88		"id-mod-qualified-cert-88"
-#define NID_id_mod_qualified_cert_88		278
-#define OBJ_id_mod_qualified_cert_88		OBJ_id_pkix_mod,10L
-
-#define SN_id_mod_qualified_cert_93		"id-mod-qualified-cert-93"
-#define NID_id_mod_qualified_cert_93		279
-#define OBJ_id_mod_qualified_cert_93		OBJ_id_pkix_mod,11L
-
-#define SN_id_mod_attribute_cert		"id-mod-attribute-cert"
-#define NID_id_mod_attribute_cert		280
-#define OBJ_id_mod_attribute_cert		OBJ_id_pkix_mod,12L
-
-#define SN_id_mod_timestamp_protocol		"id-mod-timestamp-protocol"
-#define NID_id_mod_timestamp_protocol		281
-#define OBJ_id_mod_timestamp_protocol		OBJ_id_pkix_mod,13L
-
-#define SN_id_mod_ocsp		"id-mod-ocsp"
-#define NID_id_mod_ocsp		282
-#define OBJ_id_mod_ocsp		OBJ_id_pkix_mod,14L
-
-#define SN_id_mod_dvcs		"id-mod-dvcs"
-#define NID_id_mod_dvcs		283
-#define OBJ_id_mod_dvcs		OBJ_id_pkix_mod,15L
-
-#define SN_id_mod_cmp2000		"id-mod-cmp2000"
-#define NID_id_mod_cmp2000		284
-#define OBJ_id_mod_cmp2000		OBJ_id_pkix_mod,16L
-
-#define SN_info_access		"authorityInfoAccess"
-#define LN_info_access		"Authority Information Access"
-#define NID_info_access		177
-#define OBJ_info_access		OBJ_id_pe,1L
-
-#define SN_biometricInfo		"biometricInfo"
-#define LN_biometricInfo		"Biometric Info"
-#define NID_biometricInfo		285
-#define OBJ_biometricInfo		OBJ_id_pe,2L
-
-#define SN_qcStatements		"qcStatements"
-#define NID_qcStatements		286
-#define OBJ_qcStatements		OBJ_id_pe,3L
-
-#define SN_ac_auditEntity		"ac-auditEntity"
-#define NID_ac_auditEntity		287
-#define OBJ_ac_auditEntity		OBJ_id_pe,4L
-
-#define SN_ac_targeting		"ac-targeting"
-#define NID_ac_targeting		288
-#define OBJ_ac_targeting		OBJ_id_pe,5L
-
-#define SN_aaControls		"aaControls"
-#define NID_aaControls		289
-#define OBJ_aaControls		OBJ_id_pe,6L
-
-#define SN_sbqp_ipAddrBlock		"sbqp-ipAddrBlock"
-#define NID_sbqp_ipAddrBlock		290
-#define OBJ_sbqp_ipAddrBlock		OBJ_id_pe,7L
-
-#define SN_sbqp_autonomousSysNum		"sbqp-autonomousSysNum"
-#define NID_sbqp_autonomousSysNum		291
-#define OBJ_sbqp_autonomousSysNum		OBJ_id_pe,8L
-
-#define SN_sbqp_routerIdentifier		"sbqp-routerIdentifier"
-#define NID_sbqp_routerIdentifier		292
-#define OBJ_sbqp_routerIdentifier		OBJ_id_pe,9L
-
-#define SN_ac_proxying		"ac-proxying"
-#define NID_ac_proxying		397
-#define OBJ_ac_proxying		OBJ_id_pe,10L
-
-#define SN_sinfo_access		"subjectInfoAccess"
-#define LN_sinfo_access		"Subject Information Access"
-#define NID_sinfo_access		398
-#define OBJ_sinfo_access		OBJ_id_pe,11L
-
-#define SN_id_qt_cps		"id-qt-cps"
-#define LN_id_qt_cps		"Policy Qualifier CPS"
-#define NID_id_qt_cps		164
-#define OBJ_id_qt_cps		OBJ_id_qt,1L
-
-#define SN_id_qt_unotice		"id-qt-unotice"
-#define LN_id_qt_unotice		"Policy Qualifier User Notice"
-#define NID_id_qt_unotice		165
-#define OBJ_id_qt_unotice		OBJ_id_qt,2L
-
-#define SN_textNotice		"textNotice"
-#define NID_textNotice		293
-#define OBJ_textNotice		OBJ_id_qt,3L
-
-#define SN_server_auth		"serverAuth"
-#define LN_server_auth		"TLS Web Server Authentication"
-#define NID_server_auth		129
-#define OBJ_server_auth		OBJ_id_kp,1L
-
-#define SN_client_auth		"clientAuth"
-#define LN_client_auth		"TLS Web Client Authentication"
-#define NID_client_auth		130
-#define OBJ_client_auth		OBJ_id_kp,2L
-
-#define SN_code_sign		"codeSigning"
-#define LN_code_sign		"Code Signing"
-#define NID_code_sign		131
-#define OBJ_code_sign		OBJ_id_kp,3L
-
-#define SN_email_protect		"emailProtection"
-#define LN_email_protect		"E-mail Protection"
-#define NID_email_protect		132
-#define OBJ_email_protect		OBJ_id_kp,4L
-
-#define SN_ipsecEndSystem		"ipsecEndSystem"
-#define LN_ipsecEndSystem		"IPSec End System"
-#define NID_ipsecEndSystem		294
-#define OBJ_ipsecEndSystem		OBJ_id_kp,5L
-
-#define SN_ipsecTunnel		"ipsecTunnel"
-#define LN_ipsecTunnel		"IPSec Tunnel"
-#define NID_ipsecTunnel		295
-#define OBJ_ipsecTunnel		OBJ_id_kp,6L
-
-#define SN_ipsecUser		"ipsecUser"
-#define LN_ipsecUser		"IPSec User"
-#define NID_ipsecUser		296
-#define OBJ_ipsecUser		OBJ_id_kp,7L
-
-#define SN_time_stamp		"timeStamping"
-#define LN_time_stamp		"Time Stamping"
-#define NID_time_stamp		133
-#define OBJ_time_stamp		OBJ_id_kp,8L
-
-#define SN_OCSP_sign		"OCSPSigning"
-#define LN_OCSP_sign		"OCSP Signing"
-#define NID_OCSP_sign		180
-#define OBJ_OCSP_sign		OBJ_id_kp,9L
-
-#define SN_dvcs		"DVCS"
-#define LN_dvcs		"dvcs"
-#define NID_dvcs		297
-#define OBJ_dvcs		OBJ_id_kp,10L
-
-#define SN_id_it_caProtEncCert		"id-it-caProtEncCert"
-#define NID_id_it_caProtEncCert		298
-#define OBJ_id_it_caProtEncCert		OBJ_id_it,1L
-
-#define SN_id_it_signKeyPairTypes		"id-it-signKeyPairTypes"
-#define NID_id_it_signKeyPairTypes		299
-#define OBJ_id_it_signKeyPairTypes		OBJ_id_it,2L
-
-#define SN_id_it_encKeyPairTypes		"id-it-encKeyPairTypes"
-#define NID_id_it_encKeyPairTypes		300
-#define OBJ_id_it_encKeyPairTypes		OBJ_id_it,3L
-
-#define SN_id_it_preferredSymmAlg		"id-it-preferredSymmAlg"
-#define NID_id_it_preferredSymmAlg		301
-#define OBJ_id_it_preferredSymmAlg		OBJ_id_it,4L
-
-#define SN_id_it_caKeyUpdateInfo		"id-it-caKeyUpdateInfo"
-#define NID_id_it_caKeyUpdateInfo		302
-#define OBJ_id_it_caKeyUpdateInfo		OBJ_id_it,5L
-
-#define SN_id_it_currentCRL		"id-it-currentCRL"
-#define NID_id_it_currentCRL		303
-#define OBJ_id_it_currentCRL		OBJ_id_it,6L
-
-#define SN_id_it_unsupportedOIDs		"id-it-unsupportedOIDs"
-#define NID_id_it_unsupportedOIDs		304
-#define OBJ_id_it_unsupportedOIDs		OBJ_id_it,7L
-
-#define SN_id_it_subscriptionRequest		"id-it-subscriptionRequest"
-#define NID_id_it_subscriptionRequest		305
-#define OBJ_id_it_subscriptionRequest		OBJ_id_it,8L
-
-#define SN_id_it_subscriptionResponse		"id-it-subscriptionResponse"
-#define NID_id_it_subscriptionResponse		306
-#define OBJ_id_it_subscriptionResponse		OBJ_id_it,9L
-
-#define SN_id_it_keyPairParamReq		"id-it-keyPairParamReq"
-#define NID_id_it_keyPairParamReq		307
-#define OBJ_id_it_keyPairParamReq		OBJ_id_it,10L
-
-#define SN_id_it_keyPairParamRep		"id-it-keyPairParamRep"
-#define NID_id_it_keyPairParamRep		308
-#define OBJ_id_it_keyPairParamRep		OBJ_id_it,11L
-
-#define SN_id_it_revPassphrase		"id-it-revPassphrase"
-#define NID_id_it_revPassphrase		309
-#define OBJ_id_it_revPassphrase		OBJ_id_it,12L
-
-#define SN_id_it_implicitConfirm		"id-it-implicitConfirm"
-#define NID_id_it_implicitConfirm		310
-#define OBJ_id_it_implicitConfirm		OBJ_id_it,13L
-
-#define SN_id_it_confirmWaitTime		"id-it-confirmWaitTime"
-#define NID_id_it_confirmWaitTime		311
-#define OBJ_id_it_confirmWaitTime		OBJ_id_it,14L
-
-#define SN_id_it_origPKIMessage		"id-it-origPKIMessage"
-#define NID_id_it_origPKIMessage		312
-#define OBJ_id_it_origPKIMessage		OBJ_id_it,15L
-
-#define SN_id_regCtrl		"id-regCtrl"
-#define NID_id_regCtrl		313
-#define OBJ_id_regCtrl		OBJ_id_pkip,1L
-
-#define SN_id_regInfo		"id-regInfo"
-#define NID_id_regInfo		314
-#define OBJ_id_regInfo		OBJ_id_pkip,2L
-
-#define SN_id_regCtrl_regToken		"id-regCtrl-regToken"
-#define NID_id_regCtrl_regToken		315
-#define OBJ_id_regCtrl_regToken		OBJ_id_regCtrl,1L
-
-#define SN_id_regCtrl_authenticator		"id-regCtrl-authenticator"
-#define NID_id_regCtrl_authenticator		316
-#define OBJ_id_regCtrl_authenticator		OBJ_id_regCtrl,2L
-
-#define SN_id_regCtrl_pkiPublicationInfo		"id-regCtrl-pkiPublicationInfo"
-#define NID_id_regCtrl_pkiPublicationInfo		317
-#define OBJ_id_regCtrl_pkiPublicationInfo		OBJ_id_regCtrl,3L
-
-#define SN_id_regCtrl_pkiArchiveOptions		"id-regCtrl-pkiArchiveOptions"
-#define NID_id_regCtrl_pkiArchiveOptions		318
-#define OBJ_id_regCtrl_pkiArchiveOptions		OBJ_id_regCtrl,4L
-
-#define SN_id_regCtrl_oldCertID		"id-regCtrl-oldCertID"
-#define NID_id_regCtrl_oldCertID		319
-#define OBJ_id_regCtrl_oldCertID		OBJ_id_regCtrl,5L
-
-#define SN_id_regCtrl_protocolEncrKey		"id-regCtrl-protocolEncrKey"
-#define NID_id_regCtrl_protocolEncrKey		320
-#define OBJ_id_regCtrl_protocolEncrKey		OBJ_id_regCtrl,6L
-
-#define SN_id_regInfo_utf8Pairs		"id-regInfo-utf8Pairs"
-#define NID_id_regInfo_utf8Pairs		321
-#define OBJ_id_regInfo_utf8Pairs		OBJ_id_regInfo,1L
-
-#define SN_id_regInfo_certReq		"id-regInfo-certReq"
-#define NID_id_regInfo_certReq		322
-#define OBJ_id_regInfo_certReq		OBJ_id_regInfo,2L
-
-#define SN_id_alg_des40		"id-alg-des40"
-#define NID_id_alg_des40		323
-#define OBJ_id_alg_des40		OBJ_id_alg,1L
-
-#define SN_id_alg_noSignature		"id-alg-noSignature"
-#define NID_id_alg_noSignature		324
-#define OBJ_id_alg_noSignature		OBJ_id_alg,2L
-
-#define SN_id_alg_dh_sig_hmac_sha1		"id-alg-dh-sig-hmac-sha1"
-#define NID_id_alg_dh_sig_hmac_sha1		325
-#define OBJ_id_alg_dh_sig_hmac_sha1		OBJ_id_alg,3L
-
-#define SN_id_alg_dh_pop		"id-alg-dh-pop"
-#define NID_id_alg_dh_pop		326
-#define OBJ_id_alg_dh_pop		OBJ_id_alg,4L
-
-#define SN_id_cmc_statusInfo		"id-cmc-statusInfo"
-#define NID_id_cmc_statusInfo		327
-#define OBJ_id_cmc_statusInfo		OBJ_id_cmc,1L
-
-#define SN_id_cmc_identification		"id-cmc-identification"
-#define NID_id_cmc_identification		328
-#define OBJ_id_cmc_identification		OBJ_id_cmc,2L
-
-#define SN_id_cmc_identityProof		"id-cmc-identityProof"
-#define NID_id_cmc_identityProof		329
-#define OBJ_id_cmc_identityProof		OBJ_id_cmc,3L
-
-#define SN_id_cmc_dataReturn		"id-cmc-dataReturn"
-#define NID_id_cmc_dataReturn		330
-#define OBJ_id_cmc_dataReturn		OBJ_id_cmc,4L
-
-#define SN_id_cmc_transactionId		"id-cmc-transactionId"
-#define NID_id_cmc_transactionId		331
-#define OBJ_id_cmc_transactionId		OBJ_id_cmc,5L
-
-#define SN_id_cmc_senderNonce		"id-cmc-senderNonce"
-#define NID_id_cmc_senderNonce		332
-#define OBJ_id_cmc_senderNonce		OBJ_id_cmc,6L
-
-#define SN_id_cmc_recipientNonce		"id-cmc-recipientNonce"
-#define NID_id_cmc_recipientNonce		333
-#define OBJ_id_cmc_recipientNonce		OBJ_id_cmc,7L
-
-#define SN_id_cmc_addExtensions		"id-cmc-addExtensions"
-#define NID_id_cmc_addExtensions		334
-#define OBJ_id_cmc_addExtensions		OBJ_id_cmc,8L
-
-#define SN_id_cmc_encryptedPOP		"id-cmc-encryptedPOP"
-#define NID_id_cmc_encryptedPOP		335
-#define OBJ_id_cmc_encryptedPOP		OBJ_id_cmc,9L
-
-#define SN_id_cmc_decryptedPOP		"id-cmc-decryptedPOP"
-#define NID_id_cmc_decryptedPOP		336
-#define OBJ_id_cmc_decryptedPOP		OBJ_id_cmc,10L
-
-#define SN_id_cmc_lraPOPWitness		"id-cmc-lraPOPWitness"
-#define NID_id_cmc_lraPOPWitness		337
-#define OBJ_id_cmc_lraPOPWitness		OBJ_id_cmc,11L
-
-#define SN_id_cmc_getCert		"id-cmc-getCert"
-#define NID_id_cmc_getCert		338
-#define OBJ_id_cmc_getCert		OBJ_id_cmc,15L
-
-#define SN_id_cmc_getCRL		"id-cmc-getCRL"
-#define NID_id_cmc_getCRL		339
-#define OBJ_id_cmc_getCRL		OBJ_id_cmc,16L
-
-#define SN_id_cmc_revokeRequest		"id-cmc-revokeRequest"
-#define NID_id_cmc_revokeRequest		340
-#define OBJ_id_cmc_revokeRequest		OBJ_id_cmc,17L
-
-#define SN_id_cmc_regInfo		"id-cmc-regInfo"
-#define NID_id_cmc_regInfo		341
-#define OBJ_id_cmc_regInfo		OBJ_id_cmc,18L
-
-#define SN_id_cmc_responseInfo		"id-cmc-responseInfo"
-#define NID_id_cmc_responseInfo		342
-#define OBJ_id_cmc_responseInfo		OBJ_id_cmc,19L
-
-#define SN_id_cmc_queryPending		"id-cmc-queryPending"
-#define NID_id_cmc_queryPending		343
-#define OBJ_id_cmc_queryPending		OBJ_id_cmc,21L
-
-#define SN_id_cmc_popLinkRandom		"id-cmc-popLinkRandom"
-#define NID_id_cmc_popLinkRandom		344
-#define OBJ_id_cmc_popLinkRandom		OBJ_id_cmc,22L
-
-#define SN_id_cmc_popLinkWitness		"id-cmc-popLinkWitness"
-#define NID_id_cmc_popLinkWitness		345
-#define OBJ_id_cmc_popLinkWitness		OBJ_id_cmc,23L
-
-#define SN_id_cmc_confirmCertAcceptance		"id-cmc-confirmCertAcceptance"
-#define NID_id_cmc_confirmCertAcceptance		346
-#define OBJ_id_cmc_confirmCertAcceptance		OBJ_id_cmc,24L
-
-#define SN_id_on_personalData		"id-on-personalData"
-#define NID_id_on_personalData		347
-#define OBJ_id_on_personalData		OBJ_id_on,1L
-
-#define SN_id_pda_dateOfBirth		"id-pda-dateOfBirth"
-#define NID_id_pda_dateOfBirth		348
-#define OBJ_id_pda_dateOfBirth		OBJ_id_pda,1L
-
-#define SN_id_pda_placeOfBirth		"id-pda-placeOfBirth"
-#define NID_id_pda_placeOfBirth		349
-#define OBJ_id_pda_placeOfBirth		OBJ_id_pda,2L
-
-#define SN_id_pda_gender		"id-pda-gender"
-#define NID_id_pda_gender		351
-#define OBJ_id_pda_gender		OBJ_id_pda,3L
-
-#define SN_id_pda_countryOfCitizenship		"id-pda-countryOfCitizenship"
-#define NID_id_pda_countryOfCitizenship		352
-#define OBJ_id_pda_countryOfCitizenship		OBJ_id_pda,4L
-
-#define SN_id_pda_countryOfResidence		"id-pda-countryOfResidence"
-#define NID_id_pda_countryOfResidence		353
-#define OBJ_id_pda_countryOfResidence		OBJ_id_pda,5L
-
-#define SN_id_aca_authenticationInfo		"id-aca-authenticationInfo"
-#define NID_id_aca_authenticationInfo		354
-#define OBJ_id_aca_authenticationInfo		OBJ_id_aca,1L
-
-#define SN_id_aca_accessIdentity		"id-aca-accessIdentity"
-#define NID_id_aca_accessIdentity		355
-#define OBJ_id_aca_accessIdentity		OBJ_id_aca,2L
-
-#define SN_id_aca_chargingIdentity		"id-aca-chargingIdentity"
-#define NID_id_aca_chargingIdentity		356
-#define OBJ_id_aca_chargingIdentity		OBJ_id_aca,3L
-
-#define SN_id_aca_group		"id-aca-group"
-#define NID_id_aca_group		357
-#define OBJ_id_aca_group		OBJ_id_aca,4L
-
-#define SN_id_aca_role		"id-aca-role"
-#define NID_id_aca_role		358
-#define OBJ_id_aca_role		OBJ_id_aca,5L
-
-#define SN_id_aca_encAttrs		"id-aca-encAttrs"
-#define NID_id_aca_encAttrs		399
-#define OBJ_id_aca_encAttrs		OBJ_id_aca,6L
-
-#define SN_id_qcs_pkixQCSyntax_v1		"id-qcs-pkixQCSyntax-v1"
-#define NID_id_qcs_pkixQCSyntax_v1		359
-#define OBJ_id_qcs_pkixQCSyntax_v1		OBJ_id_qcs,1L
-
-#define SN_id_cct_crs		"id-cct-crs"
-#define NID_id_cct_crs		360
-#define OBJ_id_cct_crs		OBJ_id_cct,1L
-
-#define SN_id_cct_PKIData		"id-cct-PKIData"
-#define NID_id_cct_PKIData		361
-#define OBJ_id_cct_PKIData		OBJ_id_cct,2L
-
-#define SN_id_cct_PKIResponse		"id-cct-PKIResponse"
-#define NID_id_cct_PKIResponse		362
-#define OBJ_id_cct_PKIResponse		OBJ_id_cct,3L
-
-#define SN_ad_OCSP		"OCSP"
-#define LN_ad_OCSP		"OCSP"
-#define NID_ad_OCSP		178
-#define OBJ_ad_OCSP		OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers		"caIssuers"
-#define LN_ad_ca_issuers		"CA Issuers"
-#define NID_ad_ca_issuers		179
-#define OBJ_ad_ca_issuers		OBJ_id_ad,2L
-
-#define SN_ad_timeStamping		"ad_timestamping"
-#define LN_ad_timeStamping		"AD Time Stamping"
-#define NID_ad_timeStamping		363
-#define OBJ_ad_timeStamping		OBJ_id_ad,3L
-
-#define SN_ad_dvcs		"AD_DVCS"
-#define LN_ad_dvcs		"ad dvcs"
-#define NID_ad_dvcs		364
-#define OBJ_ad_dvcs		OBJ_id_ad,4L
-
-#define OBJ_id_pkix_OCSP		OBJ_ad_OCSP
-
-#define SN_id_pkix_OCSP_basic		"basicOCSPResponse"
-#define LN_id_pkix_OCSP_basic		"Basic OCSP Response"
-#define NID_id_pkix_OCSP_basic		365
-#define OBJ_id_pkix_OCSP_basic		OBJ_id_pkix_OCSP,1L
-
-#define SN_id_pkix_OCSP_Nonce		"Nonce"
-#define LN_id_pkix_OCSP_Nonce		"OCSP Nonce"
-#define NID_id_pkix_OCSP_Nonce		366
-#define OBJ_id_pkix_OCSP_Nonce		OBJ_id_pkix_OCSP,2L
-
-#define SN_id_pkix_OCSP_CrlID		"CrlID"
-#define LN_id_pkix_OCSP_CrlID		"OCSP CRL ID"
-#define NID_id_pkix_OCSP_CrlID		367
-#define OBJ_id_pkix_OCSP_CrlID		OBJ_id_pkix_OCSP,3L
-
-#define SN_id_pkix_OCSP_acceptableResponses		"acceptableResponses"
-#define LN_id_pkix_OCSP_acceptableResponses		"Acceptable OCSP Responses"
-#define NID_id_pkix_OCSP_acceptableResponses		368
-#define OBJ_id_pkix_OCSP_acceptableResponses		OBJ_id_pkix_OCSP,4L
-
-#define SN_id_pkix_OCSP_noCheck		"noCheck"
-#define LN_id_pkix_OCSP_noCheck		"OCSP No Check"
-#define NID_id_pkix_OCSP_noCheck		369
-#define OBJ_id_pkix_OCSP_noCheck		OBJ_id_pkix_OCSP,5L
-
-#define SN_id_pkix_OCSP_archiveCutoff		"archiveCutoff"
-#define LN_id_pkix_OCSP_archiveCutoff		"OCSP Archive Cutoff"
-#define NID_id_pkix_OCSP_archiveCutoff		370
-#define OBJ_id_pkix_OCSP_archiveCutoff		OBJ_id_pkix_OCSP,6L
-
-#define SN_id_pkix_OCSP_serviceLocator		"serviceLocator"
-#define LN_id_pkix_OCSP_serviceLocator		"OCSP Service Locator"
-#define NID_id_pkix_OCSP_serviceLocator		371
-#define OBJ_id_pkix_OCSP_serviceLocator		OBJ_id_pkix_OCSP,7L
-
-#define SN_id_pkix_OCSP_extendedStatus		"extendedStatus"
-#define LN_id_pkix_OCSP_extendedStatus		"Extended OCSP Status"
-#define NID_id_pkix_OCSP_extendedStatus		372
-#define OBJ_id_pkix_OCSP_extendedStatus		OBJ_id_pkix_OCSP,8L
-
-#define SN_id_pkix_OCSP_valid		"valid"
-#define NID_id_pkix_OCSP_valid		373
-#define OBJ_id_pkix_OCSP_valid		OBJ_id_pkix_OCSP,9L
-
-#define SN_id_pkix_OCSP_path		"path"
-#define NID_id_pkix_OCSP_path		374
-#define OBJ_id_pkix_OCSP_path		OBJ_id_pkix_OCSP,10L
-
-#define SN_id_pkix_OCSP_trustRoot		"trustRoot"
-#define LN_id_pkix_OCSP_trustRoot		"Trust Root"
-#define NID_id_pkix_OCSP_trustRoot		375
-#define OBJ_id_pkix_OCSP_trustRoot		OBJ_id_pkix_OCSP,11L
-
-#define SN_algorithm		"algorithm"
-#define LN_algorithm		"algorithm"
-#define NID_algorithm		376
-#define OBJ_algorithm		1L,3L,14L,3L,2L
-
-#define SN_md5WithRSA		"RSA-NP-MD5"
-#define LN_md5WithRSA		"md5WithRSA"
-#define NID_md5WithRSA		104
-#define OBJ_md5WithRSA		OBJ_algorithm,3L
-
-#define SN_des_ecb		"DES-ECB"
-#define LN_des_ecb		"des-ecb"
-#define NID_des_ecb		29
-#define OBJ_des_ecb		OBJ_algorithm,6L
-
-#define SN_des_cbc		"DES-CBC"
-#define LN_des_cbc		"des-cbc"
-#define NID_des_cbc		31
-#define OBJ_des_cbc		OBJ_algorithm,7L
-
-#define SN_des_ofb64		"DES-OFB"
-#define LN_des_ofb64		"des-ofb"
-#define NID_des_ofb64		45
-#define OBJ_des_ofb64		OBJ_algorithm,8L
-
-#define SN_des_cfb64		"DES-CFB"
-#define LN_des_cfb64		"des-cfb"
-#define NID_des_cfb64		30
-#define OBJ_des_cfb64		OBJ_algorithm,9L
-
-#define SN_rsaSignature		"rsaSignature"
-#define NID_rsaSignature		377
-#define OBJ_rsaSignature		OBJ_algorithm,11L
-
-#define SN_dsa_2		"DSA-old"
-#define LN_dsa_2		"dsaEncryption-old"
-#define NID_dsa_2		67
-#define OBJ_dsa_2		OBJ_algorithm,12L
-
-#define SN_dsaWithSHA		"DSA-SHA"
-#define LN_dsaWithSHA		"dsaWithSHA"
-#define NID_dsaWithSHA		66
-#define OBJ_dsaWithSHA		OBJ_algorithm,13L
-
-#define SN_shaWithRSAEncryption		"RSA-SHA"
-#define LN_shaWithRSAEncryption		"shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption		42
-#define OBJ_shaWithRSAEncryption		OBJ_algorithm,15L
-
-#define SN_des_ede_ecb		"DES-EDE"
-#define LN_des_ede_ecb		"des-ede"
-#define NID_des_ede_ecb		32
-#define OBJ_des_ede_ecb		OBJ_algorithm,17L
-
-#define SN_des_ede3_ecb		"DES-EDE3"
-#define LN_des_ede3_ecb		"des-ede3"
-#define NID_des_ede3_ecb		33
-
-#define SN_des_ede_cbc		"DES-EDE-CBC"
-#define LN_des_ede_cbc		"des-ede-cbc"
-#define NID_des_ede_cbc		43
-
-#define SN_des_ede_cfb64		"DES-EDE-CFB"
-#define LN_des_ede_cfb64		"des-ede-cfb"
-#define NID_des_ede_cfb64		60
-
-#define SN_des_ede3_cfb64		"DES-EDE3-CFB"
-#define LN_des_ede3_cfb64		"des-ede3-cfb"
-#define NID_des_ede3_cfb64		61
-
-#define SN_des_ede_ofb64		"DES-EDE-OFB"
-#define LN_des_ede_ofb64		"des-ede-ofb"
-#define NID_des_ede_ofb64		62
-
-#define SN_des_ede3_ofb64		"DES-EDE3-OFB"
-#define LN_des_ede3_ofb64		"des-ede3-ofb"
-#define NID_des_ede3_ofb64		63
-
-#define SN_desx_cbc		"DESX-CBC"
-#define LN_desx_cbc		"desx-cbc"
-#define NID_desx_cbc		80
-
-#define SN_sha		"SHA"
-#define LN_sha		"sha"
-#define NID_sha		41
-#define OBJ_sha		OBJ_algorithm,18L
-
-#define SN_sha1		"SHA1"
-#define LN_sha1		"sha1"
-#define NID_sha1		64
-#define OBJ_sha1		OBJ_algorithm,26L
-
-#define SN_dsaWithSHA1_2		"DSA-SHA1-old"
-#define LN_dsaWithSHA1_2		"dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2		70
-#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
-
-#define SN_sha1WithRSA		"RSA-SHA1-2"
-#define LN_sha1WithRSA		"sha1WithRSA"
-#define NID_sha1WithRSA		115
-#define OBJ_sha1WithRSA		OBJ_algorithm,29L
-
-#define SN_ripemd160		"RIPEMD160"
-#define LN_ripemd160		"ripemd160"
-#define NID_ripemd160		117
-#define OBJ_ripemd160		1L,3L,36L,3L,2L,1L
-
-#define SN_ripemd160WithRSA		"RSA-RIPEMD160"
-#define LN_ripemd160WithRSA		"ripemd160WithRSA"
-#define NID_ripemd160WithRSA		119
-#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
-
-#define SN_sxnet		"SXNetID"
-#define LN_sxnet		"Strong Extranet ID"
-#define NID_sxnet		143
-#define OBJ_sxnet		1L,3L,101L,1L,4L,1L
-
-#define SN_X500		"X500"
-#define LN_X500		"directory services (X.500)"
-#define NID_X500		11
-#define OBJ_X500		2L,5L
-
-#define SN_X509		"X509"
-#define NID_X509		12
-#define OBJ_X509		OBJ_X500,4L
-
-#define SN_commonName		"CN"
-#define LN_commonName		"commonName"
-#define NID_commonName		13
-#define OBJ_commonName		OBJ_X509,3L
-
-#define SN_surname		"SN"
-#define LN_surname		"surname"
-#define NID_surname		100
-#define OBJ_surname		OBJ_X509,4L
-
-#define LN_serialNumber		"serialNumber"
-#define NID_serialNumber		105
-#define OBJ_serialNumber		OBJ_X509,5L
-
-#define SN_countryName		"C"
-#define LN_countryName		"countryName"
-#define NID_countryName		14
-#define OBJ_countryName		OBJ_X509,6L
-
-#define SN_localityName		"L"
-#define LN_localityName		"localityName"
-#define NID_localityName		15
-#define OBJ_localityName		OBJ_X509,7L
-
-#define SN_stateOrProvinceName		"ST"
-#define LN_stateOrProvinceName		"stateOrProvinceName"
-#define NID_stateOrProvinceName		16
-#define OBJ_stateOrProvinceName		OBJ_X509,8L
-
-#define SN_organizationName		"O"
-#define LN_organizationName		"organizationName"
-#define NID_organizationName		17
-#define OBJ_organizationName		OBJ_X509,10L
-
-#define SN_organizationalUnitName		"OU"
-#define LN_organizationalUnitName		"organizationalUnitName"
-#define NID_organizationalUnitName		18
-#define OBJ_organizationalUnitName		OBJ_X509,11L
-
-#define LN_title		"title"
-#define NID_title		106
-#define OBJ_title		OBJ_X509,12L
-
-#define LN_description		"description"
-#define NID_description		107
-#define OBJ_description		OBJ_X509,13L
-
-#define SN_name		"name"
-#define LN_name		"name"
-#define NID_name		173
-#define OBJ_name		OBJ_X509,41L
-
-#define SN_givenName		"GN"
-#define LN_givenName		"givenName"
-#define NID_givenName		99
-#define OBJ_givenName		OBJ_X509,42L
-
-#define LN_initials		"initials"
-#define NID_initials		101
-#define OBJ_initials		OBJ_X509,43L
-
-#define LN_generationQualifier		"generationQualifier"
-#define NID_generationQualifier		509
-#define OBJ_generationQualifier		OBJ_X509,44L
-
-#define LN_x500UniqueIdentifier		"x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier		503
-#define OBJ_x500UniqueIdentifier		OBJ_X509,45L
-
-#define SN_dnQualifier		"dnQualifier"
-#define LN_dnQualifier		"dnQualifier"
-#define NID_dnQualifier		174
-#define OBJ_dnQualifier		OBJ_X509,46L
-
-#define LN_pseudonym		"pseudonym"
-#define NID_pseudonym		510
-#define OBJ_pseudonym		OBJ_X509,65L
-
-#define SN_role		"role"
-#define LN_role		"role"
-#define NID_role		400
-#define OBJ_role		OBJ_X509,72L
-
-#define SN_X500algorithms		"X500algorithms"
-#define LN_X500algorithms		"directory services - algorithms"
-#define NID_X500algorithms		378
-#define OBJ_X500algorithms		OBJ_X500,8L
-
-#define SN_rsa		"RSA"
-#define LN_rsa		"rsa"
-#define NID_rsa		19
-#define OBJ_rsa		OBJ_X500algorithms,1L,1L
-
-#define SN_mdc2WithRSA		"RSA-MDC2"
-#define LN_mdc2WithRSA		"mdc2WithRSA"
-#define NID_mdc2WithRSA		96
-#define OBJ_mdc2WithRSA		OBJ_X500algorithms,3L,100L
-
-#define SN_mdc2		"MDC2"
-#define LN_mdc2		"mdc2"
-#define NID_mdc2		95
-#define OBJ_mdc2		OBJ_X500algorithms,3L,101L
-
-#define SN_id_ce		"id-ce"
-#define NID_id_ce		81
-#define OBJ_id_ce		OBJ_X500,29L
-
-#define SN_subject_key_identifier		"subjectKeyIdentifier"
-#define LN_subject_key_identifier		"X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier		82
-#define OBJ_subject_key_identifier		OBJ_id_ce,14L
-
-#define SN_key_usage		"keyUsage"
-#define LN_key_usage		"X509v3 Key Usage"
-#define NID_key_usage		83
-#define OBJ_key_usage		OBJ_id_ce,15L
-
-#define SN_private_key_usage_period		"privateKeyUsagePeriod"
-#define LN_private_key_usage_period		"X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period		84
-#define OBJ_private_key_usage_period		OBJ_id_ce,16L
-
-#define SN_subject_alt_name		"subjectAltName"
-#define LN_subject_alt_name		"X509v3 Subject Alternative Name"
-#define NID_subject_alt_name		85
-#define OBJ_subject_alt_name		OBJ_id_ce,17L
-
-#define SN_issuer_alt_name		"issuerAltName"
-#define LN_issuer_alt_name		"X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name		86
-#define OBJ_issuer_alt_name		OBJ_id_ce,18L
-
-#define SN_basic_constraints		"basicConstraints"
-#define LN_basic_constraints		"X509v3 Basic Constraints"
-#define NID_basic_constraints		87
-#define OBJ_basic_constraints		OBJ_id_ce,19L
-
-#define SN_crl_number		"crlNumber"
-#define LN_crl_number		"X509v3 CRL Number"
-#define NID_crl_number		88
-#define OBJ_crl_number		OBJ_id_ce,20L
-
-#define SN_crl_reason		"CRLReason"
-#define LN_crl_reason		"X509v3 CRL Reason Code"
-#define NID_crl_reason		141
-#define OBJ_crl_reason		OBJ_id_ce,21L
-
-#define SN_invalidity_date		"invalidityDate"
-#define LN_invalidity_date		"Invalidity Date"
-#define NID_invalidity_date		142
-#define OBJ_invalidity_date		OBJ_id_ce,24L
-
-#define SN_delta_crl		"deltaCRL"
-#define LN_delta_crl		"X509v3 Delta CRL Indicator"
-#define NID_delta_crl		140
-#define OBJ_delta_crl		OBJ_id_ce,27L
-
-#define SN_crl_distribution_points		"crlDistributionPoints"
-#define LN_crl_distribution_points		"X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points		103
-#define OBJ_crl_distribution_points		OBJ_id_ce,31L
-
-#define SN_certificate_policies		"certificatePolicies"
-#define LN_certificate_policies		"X509v3 Certificate Policies"
-#define NID_certificate_policies		89
-#define OBJ_certificate_policies		OBJ_id_ce,32L
-
-#define SN_authority_key_identifier		"authorityKeyIdentifier"
-#define LN_authority_key_identifier		"X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier		90
-#define OBJ_authority_key_identifier		OBJ_id_ce,35L
-
-#define SN_policy_constraints		"policyConstraints"
-#define LN_policy_constraints		"X509v3 Policy Constraints"
-#define NID_policy_constraints		401
-#define OBJ_policy_constraints		OBJ_id_ce,36L
-
-#define SN_ext_key_usage		"extendedKeyUsage"
-#define LN_ext_key_usage		"X509v3 Extended Key Usage"
-#define NID_ext_key_usage		126
-#define OBJ_ext_key_usage		OBJ_id_ce,37L
-
-#define SN_target_information		"targetInformation"
-#define LN_target_information		"X509v3 AC Targeting"
-#define NID_target_information		402
-#define OBJ_target_information		OBJ_id_ce,55L
-
-#define SN_no_rev_avail		"noRevAvail"
-#define LN_no_rev_avail		"X509v3 No Revocation Available"
-#define NID_no_rev_avail		403
-#define OBJ_no_rev_avail		OBJ_id_ce,56L
-
-#define SN_netscape		"Netscape"
-#define LN_netscape		"Netscape Communications Corp."
-#define NID_netscape		57
-#define OBJ_netscape		2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension		"nsCertExt"
-#define LN_netscape_cert_extension		"Netscape Certificate Extension"
-#define NID_netscape_cert_extension		58
-#define OBJ_netscape_cert_extension		OBJ_netscape,1L
-
-#define SN_netscape_data_type		"nsDataType"
-#define LN_netscape_data_type		"Netscape Data Type"
-#define NID_netscape_data_type		59
-#define OBJ_netscape_data_type		OBJ_netscape,2L
-
-#define SN_netscape_cert_type		"nsCertType"
-#define LN_netscape_cert_type		"Netscape Cert Type"
-#define NID_netscape_cert_type		71
-#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url		"nsBaseUrl"
-#define LN_netscape_base_url		"Netscape Base Url"
-#define NID_netscape_base_url		72
-#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url		"nsRevocationUrl"
-#define LN_netscape_revocation_url		"Netscape Revocation Url"
-#define NID_netscape_revocation_url		73
-#define OBJ_netscape_revocation_url		OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url		"nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url		"Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url		74
-#define OBJ_netscape_ca_revocation_url		OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url		"nsRenewalUrl"
-#define LN_netscape_renewal_url		"Netscape Renewal Url"
-#define NID_netscape_renewal_url		75
-#define OBJ_netscape_renewal_url		OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url		"nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url		"Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url		76
-#define OBJ_netscape_ca_policy_url		OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name		"nsSslServerName"
-#define LN_netscape_ssl_server_name		"Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name		77
-#define OBJ_netscape_ssl_server_name		OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment		"nsComment"
-#define LN_netscape_comment		"Netscape Comment"
-#define NID_netscape_comment		78
-#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence		"nsCertSequence"
-#define LN_netscape_cert_sequence		"Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence		79
-#define OBJ_netscape_cert_sequence		OBJ_netscape_data_type,5L
-
-#define SN_ns_sgc		"nsSGC"
-#define LN_ns_sgc		"Netscape Server Gated Crypto"
-#define NID_ns_sgc		139
-#define OBJ_ns_sgc		OBJ_netscape,4L,1L
-
-#define SN_org		"ORG"
-#define LN_org		"org"
-#define NID_org		379
-#define OBJ_org		OBJ_iso,3L
-
-#define SN_dod		"DOD"
-#define LN_dod		"dod"
-#define NID_dod		380
-#define OBJ_dod		OBJ_org,6L
-
-#define SN_iana		"IANA"
-#define LN_iana		"iana"
-#define NID_iana		381
-#define OBJ_iana		OBJ_dod,1L
-
-#define OBJ_internet		OBJ_iana
-
-#define SN_Directory		"directory"
-#define LN_Directory		"Directory"
-#define NID_Directory		382
-#define OBJ_Directory		OBJ_internet,1L
-
-#define SN_Management		"mgmt"
-#define LN_Management		"Management"
-#define NID_Management		383
-#define OBJ_Management		OBJ_internet,2L
-
-#define SN_Experimental		"experimental"
-#define LN_Experimental		"Experimental"
-#define NID_Experimental		384
-#define OBJ_Experimental		OBJ_internet,3L
-
-#define SN_Private		"private"
-#define LN_Private		"Private"
-#define NID_Private		385
-#define OBJ_Private		OBJ_internet,4L
-
-#define SN_Security		"security"
-#define LN_Security		"Security"
-#define NID_Security		386
-#define OBJ_Security		OBJ_internet,5L
-
-#define SN_SNMPv2		"snmpv2"
-#define LN_SNMPv2		"SNMPv2"
-#define NID_SNMPv2		387
-#define OBJ_SNMPv2		OBJ_internet,6L
-
-#define LN_Mail		"Mail"
-#define NID_Mail		388
-#define OBJ_Mail		OBJ_internet,7L
-
-#define SN_Enterprises		"enterprises"
-#define LN_Enterprises		"Enterprises"
-#define NID_Enterprises		389
-#define OBJ_Enterprises		OBJ_Private,1L
-
-#define SN_dcObject		"dcobject"
-#define LN_dcObject		"dcObject"
-#define NID_dcObject		390
-#define OBJ_dcObject		OBJ_Enterprises,1466L,344L
-
-#define SN_mime_mhs		"mime-mhs"
-#define LN_mime_mhs		"MIME MHS"
-#define NID_mime_mhs		504
-#define OBJ_mime_mhs		OBJ_Mail,1L
-
-#define SN_mime_mhs_headings		"mime-mhs-headings"
-#define LN_mime_mhs_headings		"mime-mhs-headings"
-#define NID_mime_mhs_headings		505
-#define OBJ_mime_mhs_headings		OBJ_mime_mhs,1L
-
-#define SN_mime_mhs_bodies		"mime-mhs-bodies"
-#define LN_mime_mhs_bodies		"mime-mhs-bodies"
-#define NID_mime_mhs_bodies		506
-#define OBJ_mime_mhs_bodies		OBJ_mime_mhs,2L
-
-#define SN_id_hex_partial_message		"id-hex-partial-message"
-#define LN_id_hex_partial_message		"id-hex-partial-message"
-#define NID_id_hex_partial_message		507
-#define OBJ_id_hex_partial_message		OBJ_mime_mhs_headings,1L
-
-#define SN_id_hex_multipart_message		"id-hex-multipart-message"
-#define LN_id_hex_multipart_message		"id-hex-multipart-message"
-#define NID_id_hex_multipart_message		508
-#define OBJ_id_hex_multipart_message		OBJ_mime_mhs_headings,2L
-
-#define SN_rle_compression		"RLE"
-#define LN_rle_compression		"run length compression"
-#define NID_rle_compression		124
-#define OBJ_rle_compression		1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression		"ZLIB"
-#define LN_zlib_compression		"zlib compression"
-#define NID_zlib_compression		125
-#define OBJ_zlib_compression		1L,1L,1L,1L,666L,2L
-
-#define OBJ_csor		2L,16L,840L,1L,101L,3L
-
-#define OBJ_nistAlgorithms		OBJ_csor,4L
-
-#define OBJ_aes		OBJ_nistAlgorithms,1L
-
-#define SN_aes_128_ecb		"AES-128-ECB"
-#define LN_aes_128_ecb		"aes-128-ecb"
-#define NID_aes_128_ecb		418
-#define OBJ_aes_128_ecb		OBJ_aes,1L
-
-#define SN_aes_128_cbc		"AES-128-CBC"
-#define LN_aes_128_cbc		"aes-128-cbc"
-#define NID_aes_128_cbc		419
-#define OBJ_aes_128_cbc		OBJ_aes,2L
-
-#define SN_aes_128_ofb128		"AES-128-OFB"
-#define LN_aes_128_ofb128		"aes-128-ofb"
-#define NID_aes_128_ofb128		420
-#define OBJ_aes_128_ofb128		OBJ_aes,3L
-
-#define SN_aes_128_cfb128		"AES-128-CFB"
-#define LN_aes_128_cfb128		"aes-128-cfb"
-#define NID_aes_128_cfb128		421
-#define OBJ_aes_128_cfb128		OBJ_aes,4L
-
-#define SN_aes_192_ecb		"AES-192-ECB"
-#define LN_aes_192_ecb		"aes-192-ecb"
-#define NID_aes_192_ecb		422
-#define OBJ_aes_192_ecb		OBJ_aes,21L
-
-#define SN_aes_192_cbc		"AES-192-CBC"
-#define LN_aes_192_cbc		"aes-192-cbc"
-#define NID_aes_192_cbc		423
-#define OBJ_aes_192_cbc		OBJ_aes,22L
-
-#define SN_aes_192_ofb128		"AES-192-OFB"
-#define LN_aes_192_ofb128		"aes-192-ofb"
-#define NID_aes_192_ofb128		424
-#define OBJ_aes_192_ofb128		OBJ_aes,23L
-
-#define SN_aes_192_cfb128		"AES-192-CFB"
-#define LN_aes_192_cfb128		"aes-192-cfb"
-#define NID_aes_192_cfb128		425
-#define OBJ_aes_192_cfb128		OBJ_aes,24L
-
-#define SN_aes_256_ecb		"AES-256-ECB"
-#define LN_aes_256_ecb		"aes-256-ecb"
-#define NID_aes_256_ecb		426
-#define OBJ_aes_256_ecb		OBJ_aes,41L
-
-#define SN_aes_256_cbc		"AES-256-CBC"
-#define LN_aes_256_cbc		"aes-256-cbc"
-#define NID_aes_256_cbc		427
-#define OBJ_aes_256_cbc		OBJ_aes,42L
-
-#define SN_aes_256_ofb128		"AES-256-OFB"
-#define LN_aes_256_ofb128		"aes-256-ofb"
-#define NID_aes_256_ofb128		428
-#define OBJ_aes_256_ofb128		OBJ_aes,43L
-
-#define SN_aes_256_cfb128		"AES-256-CFB"
-#define LN_aes_256_cfb128		"aes-256-cfb"
-#define NID_aes_256_cfb128		429
-#define OBJ_aes_256_cfb128		OBJ_aes,44L
-
-#define SN_hold_instruction_code		"holdInstructionCode"
-#define LN_hold_instruction_code		"Hold Instruction Code"
-#define NID_hold_instruction_code		430
-#define OBJ_hold_instruction_code		OBJ_id_ce,23L
-
-#define OBJ_holdInstruction		OBJ_X9_57,2L
-
-#define SN_hold_instruction_none		"holdInstructionNone"
-#define LN_hold_instruction_none		"Hold Instruction None"
-#define NID_hold_instruction_none		431
-#define OBJ_hold_instruction_none		OBJ_holdInstruction,1L
-
-#define SN_hold_instruction_call_issuer		"holdInstructionCallIssuer"
-#define LN_hold_instruction_call_issuer		"Hold Instruction Call Issuer"
-#define NID_hold_instruction_call_issuer		432
-#define OBJ_hold_instruction_call_issuer		OBJ_holdInstruction,2L
-
-#define SN_hold_instruction_reject		"holdInstructionReject"
-#define LN_hold_instruction_reject		"Hold Instruction Reject"
-#define NID_hold_instruction_reject		433
-#define OBJ_hold_instruction_reject		OBJ_holdInstruction,3L
-
-#define SN_data		"data"
-#define NID_data		434
-#define OBJ_data		OBJ_ccitt,9L
-
-#define SN_pss		"pss"
-#define NID_pss		435
-#define OBJ_pss		OBJ_data,2342L
-
-#define SN_ucl		"ucl"
-#define NID_ucl		436
-#define OBJ_ucl		OBJ_pss,19200300L
-
-#define SN_pilot		"pilot"
-#define NID_pilot		437
-#define OBJ_pilot		OBJ_ucl,100L
-
-#define LN_pilotAttributeType		"pilotAttributeType"
-#define NID_pilotAttributeType		438
-#define OBJ_pilotAttributeType		OBJ_pilot,1L
-
-#define LN_pilotAttributeSyntax		"pilotAttributeSyntax"
-#define NID_pilotAttributeSyntax		439
-#define OBJ_pilotAttributeSyntax		OBJ_pilot,3L
-
-#define LN_pilotObjectClass		"pilotObjectClass"
-#define NID_pilotObjectClass		440
-#define OBJ_pilotObjectClass		OBJ_pilot,4L
-
-#define LN_pilotGroups		"pilotGroups"
-#define NID_pilotGroups		441
-#define OBJ_pilotGroups		OBJ_pilot,10L
-
-#define LN_iA5StringSyntax		"iA5StringSyntax"
-#define NID_iA5StringSyntax		442
-#define OBJ_iA5StringSyntax		OBJ_pilotAttributeSyntax,4L
-
-#define LN_caseIgnoreIA5StringSyntax		"caseIgnoreIA5StringSyntax"
-#define NID_caseIgnoreIA5StringSyntax		443
-#define OBJ_caseIgnoreIA5StringSyntax		OBJ_pilotAttributeSyntax,5L
-
-#define LN_pilotObject		"pilotObject"
-#define NID_pilotObject		444
-#define OBJ_pilotObject		OBJ_pilotObjectClass,3L
-
-#define LN_pilotPerson		"pilotPerson"
-#define NID_pilotPerson		445
-#define OBJ_pilotPerson		OBJ_pilotObjectClass,4L
-
-#define SN_account		"account"
-#define NID_account		446
-#define OBJ_account		OBJ_pilotObjectClass,5L
-
-#define SN_document		"document"
-#define NID_document		447
-#define OBJ_document		OBJ_pilotObjectClass,6L
-
-#define SN_room		"room"
-#define NID_room		448
-#define OBJ_room		OBJ_pilotObjectClass,7L
-
-#define LN_documentSeries		"documentSeries"
-#define NID_documentSeries		449
-#define OBJ_documentSeries		OBJ_pilotObjectClass,9L
-
-#define SN_Domain		"domain"
-#define LN_Domain		"Domain"
-#define NID_Domain		392
-#define OBJ_Domain		OBJ_pilotObjectClass,13L
-
-#define LN_rFC822localPart		"rFC822localPart"
-#define NID_rFC822localPart		450
-#define OBJ_rFC822localPart		OBJ_pilotObjectClass,14L
-
-#define LN_dNSDomain		"dNSDomain"
-#define NID_dNSDomain		451
-#define OBJ_dNSDomain		OBJ_pilotObjectClass,15L
-
-#define LN_domainRelatedObject		"domainRelatedObject"
-#define NID_domainRelatedObject		452
-#define OBJ_domainRelatedObject		OBJ_pilotObjectClass,17L
-
-#define LN_friendlyCountry		"friendlyCountry"
-#define NID_friendlyCountry		453
-#define OBJ_friendlyCountry		OBJ_pilotObjectClass,18L
-
-#define LN_simpleSecurityObject		"simpleSecurityObject"
-#define NID_simpleSecurityObject		454
-#define OBJ_simpleSecurityObject		OBJ_pilotObjectClass,19L
-
-#define LN_pilotOrganization		"pilotOrganization"
-#define NID_pilotOrganization		455
-#define OBJ_pilotOrganization		OBJ_pilotObjectClass,20L
-
-#define LN_pilotDSA		"pilotDSA"
-#define NID_pilotDSA		456
-#define OBJ_pilotDSA		OBJ_pilotObjectClass,21L
-
-#define LN_qualityLabelledData		"qualityLabelledData"
-#define NID_qualityLabelledData		457
-#define OBJ_qualityLabelledData		OBJ_pilotObjectClass,22L
-
-#define SN_userId		"UID"
-#define LN_userId		"userId"
-#define NID_userId		458
-#define OBJ_userId		OBJ_pilotAttributeType,1L
-
-#define LN_textEncodedORAddress		"textEncodedORAddress"
-#define NID_textEncodedORAddress		459
-#define OBJ_textEncodedORAddress		OBJ_pilotAttributeType,2L
-
-#define SN_rfc822Mailbox		"mail"
-#define LN_rfc822Mailbox		"rfc822Mailbox"
-#define NID_rfc822Mailbox		460
-#define OBJ_rfc822Mailbox		OBJ_pilotAttributeType,3L
-
-#define SN_info		"info"
-#define NID_info		461
-#define OBJ_info		OBJ_pilotAttributeType,4L
-
-#define LN_favouriteDrink		"favouriteDrink"
-#define NID_favouriteDrink		462
-#define OBJ_favouriteDrink		OBJ_pilotAttributeType,5L
-
-#define LN_roomNumber		"roomNumber"
-#define NID_roomNumber		463
-#define OBJ_roomNumber		OBJ_pilotAttributeType,6L
-
-#define SN_photo		"photo"
-#define NID_photo		464
-#define OBJ_photo		OBJ_pilotAttributeType,7L
-
-#define LN_userClass		"userClass"
-#define NID_userClass		465
-#define OBJ_userClass		OBJ_pilotAttributeType,8L
-
-#define SN_host		"host"
-#define NID_host		466
-#define OBJ_host		OBJ_pilotAttributeType,9L
-
-#define SN_manager		"manager"
-#define NID_manager		467
-#define OBJ_manager		OBJ_pilotAttributeType,10L
-
-#define LN_documentIdentifier		"documentIdentifier"
-#define NID_documentIdentifier		468
-#define OBJ_documentIdentifier		OBJ_pilotAttributeType,11L
-
-#define LN_documentTitle		"documentTitle"
-#define NID_documentTitle		469
-#define OBJ_documentTitle		OBJ_pilotAttributeType,12L
-
-#define LN_documentVersion		"documentVersion"
-#define NID_documentVersion		470
-#define OBJ_documentVersion		OBJ_pilotAttributeType,13L
-
-#define LN_documentAuthor		"documentAuthor"
-#define NID_documentAuthor		471
-#define OBJ_documentAuthor		OBJ_pilotAttributeType,14L
-
-#define LN_documentLocation		"documentLocation"
-#define NID_documentLocation		472
-#define OBJ_documentLocation		OBJ_pilotAttributeType,15L
-
-#define LN_homeTelephoneNumber		"homeTelephoneNumber"
-#define NID_homeTelephoneNumber		473
-#define OBJ_homeTelephoneNumber		OBJ_pilotAttributeType,20L
-
-#define SN_secretary		"secretary"
-#define NID_secretary		474
-#define OBJ_secretary		OBJ_pilotAttributeType,21L
-
-#define LN_otherMailbox		"otherMailbox"
-#define NID_otherMailbox		475
-#define OBJ_otherMailbox		OBJ_pilotAttributeType,22L
-
-#define LN_lastModifiedTime		"lastModifiedTime"
-#define NID_lastModifiedTime		476
-#define OBJ_lastModifiedTime		OBJ_pilotAttributeType,23L
-
-#define LN_lastModifiedBy		"lastModifiedBy"
-#define NID_lastModifiedBy		477
-#define OBJ_lastModifiedBy		OBJ_pilotAttributeType,24L
-
-#define SN_domainComponent		"DC"
-#define LN_domainComponent		"domainComponent"
-#define NID_domainComponent		391
-#define OBJ_domainComponent		OBJ_pilotAttributeType,25L
-
-#define LN_aRecord		"aRecord"
-#define NID_aRecord		478
-#define OBJ_aRecord		OBJ_pilotAttributeType,26L
-
-#define LN_pilotAttributeType27		"pilotAttributeType27"
-#define NID_pilotAttributeType27		479
-#define OBJ_pilotAttributeType27		OBJ_pilotAttributeType,27L
-
-#define LN_mXRecord		"mXRecord"
-#define NID_mXRecord		480
-#define OBJ_mXRecord		OBJ_pilotAttributeType,28L
-
-#define LN_nSRecord		"nSRecord"
-#define NID_nSRecord		481
-#define OBJ_nSRecord		OBJ_pilotAttributeType,29L
-
-#define LN_sOARecord		"sOARecord"
-#define NID_sOARecord		482
-#define OBJ_sOARecord		OBJ_pilotAttributeType,30L
-
-#define LN_cNAMERecord		"cNAMERecord"
-#define NID_cNAMERecord		483
-#define OBJ_cNAMERecord		OBJ_pilotAttributeType,31L
-
-#define LN_associatedDomain		"associatedDomain"
-#define NID_associatedDomain		484
-#define OBJ_associatedDomain		OBJ_pilotAttributeType,37L
-
-#define LN_associatedName		"associatedName"
-#define NID_associatedName		485
-#define OBJ_associatedName		OBJ_pilotAttributeType,38L
-
-#define LN_homePostalAddress		"homePostalAddress"
-#define NID_homePostalAddress		486
-#define OBJ_homePostalAddress		OBJ_pilotAttributeType,39L
-
-#define LN_personalTitle		"personalTitle"
-#define NID_personalTitle		487
-#define OBJ_personalTitle		OBJ_pilotAttributeType,40L
-
-#define LN_mobileTelephoneNumber		"mobileTelephoneNumber"
-#define NID_mobileTelephoneNumber		488
-#define OBJ_mobileTelephoneNumber		OBJ_pilotAttributeType,41L
-
-#define LN_pagerTelephoneNumber		"pagerTelephoneNumber"
-#define NID_pagerTelephoneNumber		489
-#define OBJ_pagerTelephoneNumber		OBJ_pilotAttributeType,42L
-
-#define LN_friendlyCountryName		"friendlyCountryName"
-#define NID_friendlyCountryName		490
-#define OBJ_friendlyCountryName		OBJ_pilotAttributeType,43L
-
-#define LN_organizationalStatus		"organizationalStatus"
-#define NID_organizationalStatus		491
-#define OBJ_organizationalStatus		OBJ_pilotAttributeType,45L
-
-#define LN_janetMailbox		"janetMailbox"
-#define NID_janetMailbox		492
-#define OBJ_janetMailbox		OBJ_pilotAttributeType,46L
-
-#define LN_mailPreferenceOption		"mailPreferenceOption"
-#define NID_mailPreferenceOption		493
-#define OBJ_mailPreferenceOption		OBJ_pilotAttributeType,47L
-
-#define LN_buildingName		"buildingName"
-#define NID_buildingName		494
-#define OBJ_buildingName		OBJ_pilotAttributeType,48L
-
-#define LN_dSAQuality		"dSAQuality"
-#define NID_dSAQuality		495
-#define OBJ_dSAQuality		OBJ_pilotAttributeType,49L
-
-#define LN_singleLevelQuality		"singleLevelQuality"
-#define NID_singleLevelQuality		496
-#define OBJ_singleLevelQuality		OBJ_pilotAttributeType,50L
-
-#define LN_subtreeMinimumQuality		"subtreeMinimumQuality"
-#define NID_subtreeMinimumQuality		497
-#define OBJ_subtreeMinimumQuality		OBJ_pilotAttributeType,51L
-
-#define LN_subtreeMaximumQuality		"subtreeMaximumQuality"
-#define NID_subtreeMaximumQuality		498
-#define OBJ_subtreeMaximumQuality		OBJ_pilotAttributeType,52L
-
-#define LN_personalSignature		"personalSignature"
-#define NID_personalSignature		499
-#define OBJ_personalSignature		OBJ_pilotAttributeType,53L
-
-#define LN_dITRedirect		"dITRedirect"
-#define NID_dITRedirect		500
-#define OBJ_dITRedirect		OBJ_pilotAttributeType,54L
-
-#define SN_audio		"audio"
-#define NID_audio		501
-#define OBJ_audio		OBJ_pilotAttributeType,55L
-
-#define LN_documentPublisher		"documentPublisher"
-#define NID_documentPublisher		502
-#define OBJ_documentPublisher		OBJ_pilotAttributeType,56L
-
-#define SN_id_set		"id-set"
-#define LN_id_set		"Secure Electronic Transactions"
-#define NID_id_set		512
-#define OBJ_id_set		2L,23L,42L
-
-#define SN_set_ctype		"set-ctype"
-#define LN_set_ctype		"content types"
-#define NID_set_ctype		513
-#define OBJ_set_ctype		OBJ_id_set,0L
-
-#define SN_set_msgExt		"set-msgExt"
-#define LN_set_msgExt		"message extensions"
-#define NID_set_msgExt		514
-#define OBJ_set_msgExt		OBJ_id_set,1L
-
-#define SN_set_attr		"set-attr"
-#define NID_set_attr		515
-#define OBJ_set_attr		OBJ_id_set,3L
-
-#define SN_set_policy		"set-policy"
-#define NID_set_policy		516
-#define OBJ_set_policy		OBJ_id_set,5L
-
-#define SN_set_certExt		"set-certExt"
-#define LN_set_certExt		"certificate extensions"
-#define NID_set_certExt		517
-#define OBJ_set_certExt		OBJ_id_set,7L
-
-#define SN_set_brand		"set-brand"
-#define NID_set_brand		518
-#define OBJ_set_brand		OBJ_id_set,8L
-
-#define SN_setct_PANData		"setct-PANData"
-#define NID_setct_PANData		519
-#define OBJ_setct_PANData		OBJ_set_ctype,0L
-
-#define SN_setct_PANToken		"setct-PANToken"
-#define NID_setct_PANToken		520
-#define OBJ_setct_PANToken		OBJ_set_ctype,1L
-
-#define SN_setct_PANOnly		"setct-PANOnly"
-#define NID_setct_PANOnly		521
-#define OBJ_setct_PANOnly		OBJ_set_ctype,2L
-
-#define SN_setct_OIData		"setct-OIData"
-#define NID_setct_OIData		522
-#define OBJ_setct_OIData		OBJ_set_ctype,3L
-
-#define SN_setct_PI		"setct-PI"
-#define NID_setct_PI		523
-#define OBJ_setct_PI		OBJ_set_ctype,4L
-
-#define SN_setct_PIData		"setct-PIData"
-#define NID_setct_PIData		524
-#define OBJ_setct_PIData		OBJ_set_ctype,5L
-
-#define SN_setct_PIDataUnsigned		"setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned		525
-#define OBJ_setct_PIDataUnsigned		OBJ_set_ctype,6L
-
-#define SN_setct_HODInput		"setct-HODInput"
-#define NID_setct_HODInput		526
-#define OBJ_setct_HODInput		OBJ_set_ctype,7L
-
-#define SN_setct_AuthResBaggage		"setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage		527
-#define OBJ_setct_AuthResBaggage		OBJ_set_ctype,8L
-
-#define SN_setct_AuthRevReqBaggage		"setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage		528
-#define OBJ_setct_AuthRevReqBaggage		OBJ_set_ctype,9L
-
-#define SN_setct_AuthRevResBaggage		"setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage		529
-#define OBJ_setct_AuthRevResBaggage		OBJ_set_ctype,10L
-
-#define SN_setct_CapTokenSeq		"setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq		530
-#define OBJ_setct_CapTokenSeq		OBJ_set_ctype,11L
-
-#define SN_setct_PInitResData		"setct-PInitResData"
-#define NID_setct_PInitResData		531
-#define OBJ_setct_PInitResData		OBJ_set_ctype,12L
-
-#define SN_setct_PI_TBS		"setct-PI-TBS"
-#define NID_setct_PI_TBS		532
-#define OBJ_setct_PI_TBS		OBJ_set_ctype,13L
-
-#define SN_setct_PResData		"setct-PResData"
-#define NID_setct_PResData		533
-#define OBJ_setct_PResData		OBJ_set_ctype,14L
-
-#define SN_setct_AuthReqTBS		"setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS		534
-#define OBJ_setct_AuthReqTBS		OBJ_set_ctype,16L
-
-#define SN_setct_AuthResTBS		"setct-AuthResTBS"
-#define NID_setct_AuthResTBS		535
-#define OBJ_setct_AuthResTBS		OBJ_set_ctype,17L
-
-#define SN_setct_AuthResTBSX		"setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX		536
-#define OBJ_setct_AuthResTBSX		OBJ_set_ctype,18L
-
-#define SN_setct_AuthTokenTBS		"setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS		537
-#define OBJ_setct_AuthTokenTBS		OBJ_set_ctype,19L
-
-#define SN_setct_CapTokenData		"setct-CapTokenData"
-#define NID_setct_CapTokenData		538
-#define OBJ_setct_CapTokenData		OBJ_set_ctype,20L
-
-#define SN_setct_CapTokenTBS		"setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS		539
-#define OBJ_setct_CapTokenTBS		OBJ_set_ctype,21L
-
-#define SN_setct_AcqCardCodeMsg		"setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg		540
-#define OBJ_setct_AcqCardCodeMsg		OBJ_set_ctype,22L
-
-#define SN_setct_AuthRevReqTBS		"setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS		541
-#define OBJ_setct_AuthRevReqTBS		OBJ_set_ctype,23L
-
-#define SN_setct_AuthRevResData		"setct-AuthRevResData"
-#define NID_setct_AuthRevResData		542
-#define OBJ_setct_AuthRevResData		OBJ_set_ctype,24L
-
-#define SN_setct_AuthRevResTBS		"setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS		543
-#define OBJ_setct_AuthRevResTBS		OBJ_set_ctype,25L
-
-#define SN_setct_CapReqTBS		"setct-CapReqTBS"
-#define NID_setct_CapReqTBS		544
-#define OBJ_setct_CapReqTBS		OBJ_set_ctype,26L
-
-#define SN_setct_CapReqTBSX		"setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX		545
-#define OBJ_setct_CapReqTBSX		OBJ_set_ctype,27L
-
-#define SN_setct_CapResData		"setct-CapResData"
-#define NID_setct_CapResData		546
-#define OBJ_setct_CapResData		OBJ_set_ctype,28L
-
-#define SN_setct_CapRevReqTBS		"setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS		547
-#define OBJ_setct_CapRevReqTBS		OBJ_set_ctype,29L
-
-#define SN_setct_CapRevReqTBSX		"setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX		548
-#define OBJ_setct_CapRevReqTBSX		OBJ_set_ctype,30L
-
-#define SN_setct_CapRevResData		"setct-CapRevResData"
-#define NID_setct_CapRevResData		549
-#define OBJ_setct_CapRevResData		OBJ_set_ctype,31L
-
-#define SN_setct_CredReqTBS		"setct-CredReqTBS"
-#define NID_setct_CredReqTBS		550
-#define OBJ_setct_CredReqTBS		OBJ_set_ctype,32L
-
-#define SN_setct_CredReqTBSX		"setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX		551
-#define OBJ_setct_CredReqTBSX		OBJ_set_ctype,33L
-
-#define SN_setct_CredResData		"setct-CredResData"
-#define NID_setct_CredResData		552
-#define OBJ_setct_CredResData		OBJ_set_ctype,34L
-
-#define SN_setct_CredRevReqTBS		"setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS		553
-#define OBJ_setct_CredRevReqTBS		OBJ_set_ctype,35L
-
-#define SN_setct_CredRevReqTBSX		"setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX		554
-#define OBJ_setct_CredRevReqTBSX		OBJ_set_ctype,36L
-
-#define SN_setct_CredRevResData		"setct-CredRevResData"
-#define NID_setct_CredRevResData		555
-#define OBJ_setct_CredRevResData		OBJ_set_ctype,37L
-
-#define SN_setct_PCertReqData		"setct-PCertReqData"
-#define NID_setct_PCertReqData		556
-#define OBJ_setct_PCertReqData		OBJ_set_ctype,38L
-
-#define SN_setct_PCertResTBS		"setct-PCertResTBS"
-#define NID_setct_PCertResTBS		557
-#define OBJ_setct_PCertResTBS		OBJ_set_ctype,39L
-
-#define SN_setct_BatchAdminReqData		"setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData		558
-#define OBJ_setct_BatchAdminReqData		OBJ_set_ctype,40L
-
-#define SN_setct_BatchAdminResData		"setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData		559
-#define OBJ_setct_BatchAdminResData		OBJ_set_ctype,41L
-
-#define SN_setct_CardCInitResTBS		"setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS		560
-#define OBJ_setct_CardCInitResTBS		OBJ_set_ctype,42L
-
-#define SN_setct_MeAqCInitResTBS		"setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS		561
-#define OBJ_setct_MeAqCInitResTBS		OBJ_set_ctype,43L
-
-#define SN_setct_RegFormResTBS		"setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS		562
-#define OBJ_setct_RegFormResTBS		OBJ_set_ctype,44L
-
-#define SN_setct_CertReqData		"setct-CertReqData"
-#define NID_setct_CertReqData		563
-#define OBJ_setct_CertReqData		OBJ_set_ctype,45L
-
-#define SN_setct_CertReqTBS		"setct-CertReqTBS"
-#define NID_setct_CertReqTBS		564
-#define OBJ_setct_CertReqTBS		OBJ_set_ctype,46L
-
-#define SN_setct_CertResData		"setct-CertResData"
-#define NID_setct_CertResData		565
-#define OBJ_setct_CertResData		OBJ_set_ctype,47L
-
-#define SN_setct_CertInqReqTBS		"setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS		566
-#define OBJ_setct_CertInqReqTBS		OBJ_set_ctype,48L
-
-#define SN_setct_ErrorTBS		"setct-ErrorTBS"
-#define NID_setct_ErrorTBS		567
-#define OBJ_setct_ErrorTBS		OBJ_set_ctype,49L
-
-#define SN_setct_PIDualSignedTBE		"setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE		568
-#define OBJ_setct_PIDualSignedTBE		OBJ_set_ctype,50L
-
-#define SN_setct_PIUnsignedTBE		"setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE		569
-#define OBJ_setct_PIUnsignedTBE		OBJ_set_ctype,51L
-
-#define SN_setct_AuthReqTBE		"setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE		570
-#define OBJ_setct_AuthReqTBE		OBJ_set_ctype,52L
-
-#define SN_setct_AuthResTBE		"setct-AuthResTBE"
-#define NID_setct_AuthResTBE		571
-#define OBJ_setct_AuthResTBE		OBJ_set_ctype,53L
-
-#define SN_setct_AuthResTBEX		"setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX		572
-#define OBJ_setct_AuthResTBEX		OBJ_set_ctype,54L
-
-#define SN_setct_AuthTokenTBE		"setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE		573
-#define OBJ_setct_AuthTokenTBE		OBJ_set_ctype,55L
-
-#define SN_setct_CapTokenTBE		"setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE		574
-#define OBJ_setct_CapTokenTBE		OBJ_set_ctype,56L
-
-#define SN_setct_CapTokenTBEX		"setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX		575
-#define OBJ_setct_CapTokenTBEX		OBJ_set_ctype,57L
-
-#define SN_setct_AcqCardCodeMsgTBE		"setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE		576
-#define OBJ_setct_AcqCardCodeMsgTBE		OBJ_set_ctype,58L
-
-#define SN_setct_AuthRevReqTBE		"setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE		577
-#define OBJ_setct_AuthRevReqTBE		OBJ_set_ctype,59L
-
-#define SN_setct_AuthRevResTBE		"setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE		578
-#define OBJ_setct_AuthRevResTBE		OBJ_set_ctype,60L
-
-#define SN_setct_AuthRevResTBEB		"setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB		579
-#define OBJ_setct_AuthRevResTBEB		OBJ_set_ctype,61L
-
-#define SN_setct_CapReqTBE		"setct-CapReqTBE"
-#define NID_setct_CapReqTBE		580
-#define OBJ_setct_CapReqTBE		OBJ_set_ctype,62L
-
-#define SN_setct_CapReqTBEX		"setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX		581
-#define OBJ_setct_CapReqTBEX		OBJ_set_ctype,63L
-
-#define SN_setct_CapResTBE		"setct-CapResTBE"
-#define NID_setct_CapResTBE		582
-#define OBJ_setct_CapResTBE		OBJ_set_ctype,64L
-
-#define SN_setct_CapRevReqTBE		"setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE		583
-#define OBJ_setct_CapRevReqTBE		OBJ_set_ctype,65L
-
-#define SN_setct_CapRevReqTBEX		"setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX		584
-#define OBJ_setct_CapRevReqTBEX		OBJ_set_ctype,66L
-
-#define SN_setct_CapRevResTBE		"setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE		585
-#define OBJ_setct_CapRevResTBE		OBJ_set_ctype,67L
-
-#define SN_setct_CredReqTBE		"setct-CredReqTBE"
-#define NID_setct_CredReqTBE		586
-#define OBJ_setct_CredReqTBE		OBJ_set_ctype,68L
-
-#define SN_setct_CredReqTBEX		"setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX		587
-#define OBJ_setct_CredReqTBEX		OBJ_set_ctype,69L
-
-#define SN_setct_CredResTBE		"setct-CredResTBE"
-#define NID_setct_CredResTBE		588
-#define OBJ_setct_CredResTBE		OBJ_set_ctype,70L
-
-#define SN_setct_CredRevReqTBE		"setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE		589
-#define OBJ_setct_CredRevReqTBE		OBJ_set_ctype,71L
-
-#define SN_setct_CredRevReqTBEX		"setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX		590
-#define OBJ_setct_CredRevReqTBEX		OBJ_set_ctype,72L
-
-#define SN_setct_CredRevResTBE		"setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE		591
-#define OBJ_setct_CredRevResTBE		OBJ_set_ctype,73L
-
-#define SN_setct_BatchAdminReqTBE		"setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE		592
-#define OBJ_setct_BatchAdminReqTBE		OBJ_set_ctype,74L
-
-#define SN_setct_BatchAdminResTBE		"setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE		593
-#define OBJ_setct_BatchAdminResTBE		OBJ_set_ctype,75L
-
-#define SN_setct_RegFormReqTBE		"setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE		594
-#define OBJ_setct_RegFormReqTBE		OBJ_set_ctype,76L
-
-#define SN_setct_CertReqTBE		"setct-CertReqTBE"
-#define NID_setct_CertReqTBE		595
-#define OBJ_setct_CertReqTBE		OBJ_set_ctype,77L
-
-#define SN_setct_CertReqTBEX		"setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX		596
-#define OBJ_setct_CertReqTBEX		OBJ_set_ctype,78L
-
-#define SN_setct_CertResTBE		"setct-CertResTBE"
-#define NID_setct_CertResTBE		597
-#define OBJ_setct_CertResTBE		OBJ_set_ctype,79L
-
-#define SN_setct_CRLNotificationTBS		"setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS		598
-#define OBJ_setct_CRLNotificationTBS		OBJ_set_ctype,80L
-
-#define SN_setct_CRLNotificationResTBS		"setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS		599
-#define OBJ_setct_CRLNotificationResTBS		OBJ_set_ctype,81L
-
-#define SN_setct_BCIDistributionTBS		"setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS		600
-#define OBJ_setct_BCIDistributionTBS		OBJ_set_ctype,82L
-
-#define SN_setext_genCrypt		"setext-genCrypt"
-#define LN_setext_genCrypt		"generic cryptogram"
-#define NID_setext_genCrypt		601
-#define OBJ_setext_genCrypt		OBJ_set_msgExt,1L
-
-#define SN_setext_miAuth		"setext-miAuth"
-#define LN_setext_miAuth		"merchant initiated auth"
-#define NID_setext_miAuth		602
-#define OBJ_setext_miAuth		OBJ_set_msgExt,3L
-
-#define SN_setext_pinSecure		"setext-pinSecure"
-#define NID_setext_pinSecure		603
-#define OBJ_setext_pinSecure		OBJ_set_msgExt,4L
-
-#define SN_setext_pinAny		"setext-pinAny"
-#define NID_setext_pinAny		604
-#define OBJ_setext_pinAny		OBJ_set_msgExt,5L
-
-#define SN_setext_track2		"setext-track2"
-#define NID_setext_track2		605
-#define OBJ_setext_track2		OBJ_set_msgExt,7L
-
-#define SN_setext_cv		"setext-cv"
-#define LN_setext_cv		"additional verification"
-#define NID_setext_cv		606
-#define OBJ_setext_cv		OBJ_set_msgExt,8L
-
-#define SN_set_policy_root		"set-policy-root"
-#define NID_set_policy_root		607
-#define OBJ_set_policy_root		OBJ_set_policy,0L
-
-#define SN_setCext_hashedRoot		"setCext-hashedRoot"
-#define NID_setCext_hashedRoot		608
-#define OBJ_setCext_hashedRoot		OBJ_set_certExt,0L
-
-#define SN_setCext_certType		"setCext-certType"
-#define NID_setCext_certType		609
-#define OBJ_setCext_certType		OBJ_set_certExt,1L
-
-#define SN_setCext_merchData		"setCext-merchData"
-#define NID_setCext_merchData		610
-#define OBJ_setCext_merchData		OBJ_set_certExt,2L
-
-#define SN_setCext_cCertRequired		"setCext-cCertRequired"
-#define NID_setCext_cCertRequired		611
-#define OBJ_setCext_cCertRequired		OBJ_set_certExt,3L
-
-#define SN_setCext_tunneling		"setCext-tunneling"
-#define NID_setCext_tunneling		612
-#define OBJ_setCext_tunneling		OBJ_set_certExt,4L
-
-#define SN_setCext_setExt		"setCext-setExt"
-#define NID_setCext_setExt		613
-#define OBJ_setCext_setExt		OBJ_set_certExt,5L
-
-#define SN_setCext_setQualf		"setCext-setQualf"
-#define NID_setCext_setQualf		614
-#define OBJ_setCext_setQualf		OBJ_set_certExt,6L
-
-#define SN_setCext_PGWYcapabilities		"setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities		615
-#define OBJ_setCext_PGWYcapabilities		OBJ_set_certExt,7L
-
-#define SN_setCext_TokenIdentifier		"setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier		616
-#define OBJ_setCext_TokenIdentifier		OBJ_set_certExt,8L
-
-#define SN_setCext_Track2Data		"setCext-Track2Data"
-#define NID_setCext_Track2Data		617
-#define OBJ_setCext_Track2Data		OBJ_set_certExt,9L
-
-#define SN_setCext_TokenType		"setCext-TokenType"
-#define NID_setCext_TokenType		618
-#define OBJ_setCext_TokenType		OBJ_set_certExt,10L
-
-#define SN_setCext_IssuerCapabilities		"setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities		619
-#define OBJ_setCext_IssuerCapabilities		OBJ_set_certExt,11L
-
-#define SN_setAttr_Cert		"setAttr-Cert"
-#define NID_setAttr_Cert		620
-#define OBJ_setAttr_Cert		OBJ_set_attr,0L
-
-#define SN_setAttr_PGWYcap		"setAttr-PGWYcap"
-#define LN_setAttr_PGWYcap		"payment gateway capabilities"
-#define NID_setAttr_PGWYcap		621
-#define OBJ_setAttr_PGWYcap		OBJ_set_attr,1L
-
-#define SN_setAttr_TokenType		"setAttr-TokenType"
-#define NID_setAttr_TokenType		622
-#define OBJ_setAttr_TokenType		OBJ_set_attr,2L
-
-#define SN_setAttr_IssCap		"setAttr-IssCap"
-#define LN_setAttr_IssCap		"issuer capabilities"
-#define NID_setAttr_IssCap		623
-#define OBJ_setAttr_IssCap		OBJ_set_attr,3L
-
-#define SN_set_rootKeyThumb		"set-rootKeyThumb"
-#define NID_set_rootKeyThumb		624
-#define OBJ_set_rootKeyThumb		OBJ_setAttr_Cert,0L
-
-#define SN_set_addPolicy		"set-addPolicy"
-#define NID_set_addPolicy		625
-#define OBJ_set_addPolicy		OBJ_setAttr_Cert,1L
-
-#define SN_setAttr_Token_EMV		"setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV		626
-#define OBJ_setAttr_Token_EMV		OBJ_setAttr_TokenType,1L
-
-#define SN_setAttr_Token_B0Prime		"setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime		627
-#define OBJ_setAttr_Token_B0Prime		OBJ_setAttr_TokenType,2L
-
-#define SN_setAttr_IssCap_CVM		"setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM		628
-#define OBJ_setAttr_IssCap_CVM		OBJ_setAttr_IssCap,3L
-
-#define SN_setAttr_IssCap_T2		"setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2		629
-#define OBJ_setAttr_IssCap_T2		OBJ_setAttr_IssCap,4L
-
-#define SN_setAttr_IssCap_Sig		"setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig		630
-#define OBJ_setAttr_IssCap_Sig		OBJ_setAttr_IssCap,5L
-
-#define SN_setAttr_GenCryptgrm		"setAttr-GenCryptgrm"
-#define LN_setAttr_GenCryptgrm		"generate cryptogram"
-#define NID_setAttr_GenCryptgrm		631
-#define OBJ_setAttr_GenCryptgrm		OBJ_setAttr_IssCap_CVM,1L
-
-#define SN_setAttr_T2Enc		"setAttr-T2Enc"
-#define LN_setAttr_T2Enc		"encrypted track 2"
-#define NID_setAttr_T2Enc		632
-#define OBJ_setAttr_T2Enc		OBJ_setAttr_IssCap_T2,1L
-
-#define SN_setAttr_T2cleartxt		"setAttr-T2cleartxt"
-#define LN_setAttr_T2cleartxt		"cleartext track 2"
-#define NID_setAttr_T2cleartxt		633
-#define OBJ_setAttr_T2cleartxt		OBJ_setAttr_IssCap_T2,2L
-
-#define SN_setAttr_TokICCsig		"setAttr-TokICCsig"
-#define LN_setAttr_TokICCsig		"ICC or token signature"
-#define NID_setAttr_TokICCsig		634
-#define OBJ_setAttr_TokICCsig		OBJ_setAttr_IssCap_Sig,1L
-
-#define SN_setAttr_SecDevSig		"setAttr-SecDevSig"
-#define LN_setAttr_SecDevSig		"secure device signature"
-#define NID_setAttr_SecDevSig		635
-#define OBJ_setAttr_SecDevSig		OBJ_setAttr_IssCap_Sig,2L
-
-#define SN_set_brand_IATA_ATA		"set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA		636
-#define OBJ_set_brand_IATA_ATA		OBJ_set_brand,1L
-
-#define SN_set_brand_Diners		"set-brand-Diners"
-#define NID_set_brand_Diners		637
-#define OBJ_set_brand_Diners		OBJ_set_brand,30L
-
-#define SN_set_brand_AmericanExpress		"set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress		638
-#define OBJ_set_brand_AmericanExpress		OBJ_set_brand,34L
-
-#define SN_set_brand_JCB		"set-brand-JCB"
-#define NID_set_brand_JCB		639
-#define OBJ_set_brand_JCB		OBJ_set_brand,35L
-
-#define SN_set_brand_Visa		"set-brand-Visa"
-#define NID_set_brand_Visa		640
-#define OBJ_set_brand_Visa		OBJ_set_brand,4L
-
-#define SN_set_brand_MasterCard		"set-brand-MasterCard"
-#define NID_set_brand_MasterCard		641
-#define OBJ_set_brand_MasterCard		OBJ_set_brand,5L
-
-#define SN_set_brand_Novus		"set-brand-Novus"
-#define NID_set_brand_Novus		642
-#define OBJ_set_brand_Novus		OBJ_set_brand,6011L
-
-#define SN_des_cdmf		"DES-CDMF"
-#define LN_des_cdmf		"des-cdmf"
-#define NID_des_cdmf		643
-#define OBJ_des_cdmf		OBJ_rsadsi,3L,10L
-
-#define SN_rsaOAEPEncryptionSET		"rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET		644
-#define OBJ_rsaOAEPEncryptionSET		OBJ_rsadsi,1L,1L,6L
-
diff --git a/crypto/openssl/crypto/objects/obj_mac.num b/crypto/openssl/crypto/objects/obj_mac.num
deleted file mode 100644
index 9838072b65c1..000000000000
--- a/crypto/openssl/crypto/objects/obj_mac.num
+++ /dev/null
@@ -1,649 +0,0 @@
-undef		0
-rsadsi		1
-pkcs		2
-md2		3
-md5		4
-rc4		5
-rsaEncryption		6
-md2WithRSAEncryption		7
-md5WithRSAEncryption		8
-pbeWithMD2AndDES_CBC		9
-pbeWithMD5AndDES_CBC		10
-X500		11
-X509		12
-commonName		13
-countryName		14
-localityName		15
-stateOrProvinceName		16
-organizationName		17
-organizationalUnitName		18
-rsa		19
-pkcs7		20
-pkcs7_data		21
-pkcs7_signed		22
-pkcs7_enveloped		23
-pkcs7_signedAndEnveloped		24
-pkcs7_digest		25
-pkcs7_encrypted		26
-pkcs3		27
-dhKeyAgreement		28
-des_ecb		29
-des_cfb64		30
-des_cbc		31
-des_ede_ecb		32
-des_ede3_ecb		33
-idea_cbc		34
-idea_cfb64		35
-idea_ecb		36
-rc2_cbc		37
-rc2_ecb		38
-rc2_cfb64		39
-rc2_ofb64		40
-sha		41
-shaWithRSAEncryption		42
-des_ede_cbc		43
-des_ede3_cbc		44
-des_ofb64		45
-idea_ofb64		46
-pkcs9		47
-pkcs9_emailAddress		48
-pkcs9_unstructuredName		49
-pkcs9_contentType		50
-pkcs9_messageDigest		51
-pkcs9_signingTime		52
-pkcs9_countersignature		53
-pkcs9_challengePassword		54
-pkcs9_unstructuredAddress		55
-pkcs9_extCertAttributes		56
-netscape		57
-netscape_cert_extension		58
-netscape_data_type		59
-des_ede_cfb64		60
-des_ede3_cfb64		61
-des_ede_ofb64		62
-des_ede3_ofb64		63
-sha1		64
-sha1WithRSAEncryption		65
-dsaWithSHA		66
-dsa_2		67
-pbeWithSHA1AndRC2_CBC		68
-id_pbkdf2		69
-dsaWithSHA1_2		70
-netscape_cert_type		71
-netscape_base_url		72
-netscape_revocation_url		73
-netscape_ca_revocation_url		74
-netscape_renewal_url		75
-netscape_ca_policy_url		76
-netscape_ssl_server_name		77
-netscape_comment		78
-netscape_cert_sequence		79
-desx_cbc		80
-id_ce		81
-subject_key_identifier		82
-key_usage		83
-private_key_usage_period		84
-subject_alt_name		85
-issuer_alt_name		86
-basic_constraints		87
-crl_number		88
-certificate_policies		89
-authority_key_identifier		90
-bf_cbc		91
-bf_ecb		92
-bf_cfb64		93
-bf_ofb64		94
-mdc2		95
-mdc2WithRSA		96
-rc4_40		97
-rc2_40_cbc		98
-givenName		99
-surname		100
-initials		101
-uniqueIdentifier		102
-crl_distribution_points		103
-md5WithRSA		104
-serialNumber		105
-title		106
-description		107
-cast5_cbc		108
-cast5_ecb		109
-cast5_cfb64		110
-cast5_ofb64		111
-pbeWithMD5AndCast5_CBC		112
-dsaWithSHA1		113
-md5_sha1		114
-sha1WithRSA		115
-dsa		116
-ripemd160		117
-ripemd160WithRSA		119
-rc5_cbc		120
-rc5_ecb		121
-rc5_cfb64		122
-rc5_ofb64		123
-rle_compression		124
-zlib_compression		125
-ext_key_usage		126
-id_pkix		127
-id_kp		128
-server_auth		129
-client_auth		130
-code_sign		131
-email_protect		132
-time_stamp		133
-ms_code_ind		134
-ms_code_com		135
-ms_ctl_sign		136
-ms_sgc		137
-ms_efs		138
-ns_sgc		139
-delta_crl		140
-crl_reason		141
-invalidity_date		142
-sxnet		143
-pbe_WithSHA1And128BitRC4		144
-pbe_WithSHA1And40BitRC4		145
-pbe_WithSHA1And3_Key_TripleDES_CBC		146
-pbe_WithSHA1And2_Key_TripleDES_CBC		147
-pbe_WithSHA1And128BitRC2_CBC		148
-pbe_WithSHA1And40BitRC2_CBC		149
-keyBag		150
-pkcs8ShroudedKeyBag		151
-certBag		152
-crlBag		153
-secretBag		154
-safeContentsBag		155
-friendlyName		156
-localKeyID		157
-x509Certificate		158
-sdsiCertificate		159
-x509Crl		160
-pbes2		161
-pbmac1		162
-hmacWithSHA1		163
-id_qt_cps		164
-id_qt_unotice		165
-rc2_64_cbc		166
-SMIMECapabilities		167
-pbeWithMD2AndRC2_CBC		168
-pbeWithMD5AndRC2_CBC		169
-pbeWithSHA1AndDES_CBC		170
-ms_ext_req		171
-ext_req		172
-name		173
-dnQualifier		174
-id_pe		175
-id_ad		176
-info_access		177
-ad_OCSP		178
-ad_ca_issuers		179
-OCSP_sign		180
-iso		181
-member_body		182
-ISO_US		183
-X9_57		184
-X9cm		185
-pkcs1		186
-pkcs5		187
-SMIME		188
-id_smime_mod		189
-id_smime_ct		190
-id_smime_aa		191
-id_smime_alg		192
-id_smime_cd		193
-id_smime_spq		194
-id_smime_cti		195
-id_smime_mod_cms		196
-id_smime_mod_ess		197
-id_smime_mod_oid		198
-id_smime_mod_msg_v3		199
-id_smime_mod_ets_eSignature_88		200
-id_smime_mod_ets_eSignature_97		201
-id_smime_mod_ets_eSigPolicy_88		202
-id_smime_mod_ets_eSigPolicy_97		203
-id_smime_ct_receipt		204
-id_smime_ct_authData		205
-id_smime_ct_publishCert		206
-id_smime_ct_TSTInfo		207
-id_smime_ct_TDTInfo		208
-id_smime_ct_contentInfo		209
-id_smime_ct_DVCSRequestData		210
-id_smime_ct_DVCSResponseData		211
-id_smime_aa_receiptRequest		212
-id_smime_aa_securityLabel		213
-id_smime_aa_mlExpandHistory		214
-id_smime_aa_contentHint		215
-id_smime_aa_msgSigDigest		216
-id_smime_aa_encapContentType		217
-id_smime_aa_contentIdentifier		218
-id_smime_aa_macValue		219
-id_smime_aa_equivalentLabels		220
-id_smime_aa_contentReference		221
-id_smime_aa_encrypKeyPref		222
-id_smime_aa_signingCertificate		223
-id_smime_aa_smimeEncryptCerts		224
-id_smime_aa_timeStampToken		225
-id_smime_aa_ets_sigPolicyId		226
-id_smime_aa_ets_commitmentType		227
-id_smime_aa_ets_signerLocation		228
-id_smime_aa_ets_signerAttr		229
-id_smime_aa_ets_otherSigCert		230
-id_smime_aa_ets_contentTimestamp		231
-id_smime_aa_ets_CertificateRefs		232
-id_smime_aa_ets_RevocationRefs		233
-id_smime_aa_ets_certValues		234
-id_smime_aa_ets_revocationValues		235
-id_smime_aa_ets_escTimeStamp		236
-id_smime_aa_ets_certCRLTimestamp		237
-id_smime_aa_ets_archiveTimeStamp		238
-id_smime_aa_signatureType		239
-id_smime_aa_dvcs_dvc		240
-id_smime_alg_ESDHwith3DES		241
-id_smime_alg_ESDHwithRC2		242
-id_smime_alg_3DESwrap		243
-id_smime_alg_RC2wrap		244
-id_smime_alg_ESDH		245
-id_smime_alg_CMS3DESwrap		246
-id_smime_alg_CMSRC2wrap		247
-id_smime_cd_ldap		248
-id_smime_spq_ets_sqt_uri		249
-id_smime_spq_ets_sqt_unotice		250
-id_smime_cti_ets_proofOfOrigin		251
-id_smime_cti_ets_proofOfReceipt		252
-id_smime_cti_ets_proofOfDelivery		253
-id_smime_cti_ets_proofOfSender		254
-id_smime_cti_ets_proofOfApproval		255
-id_smime_cti_ets_proofOfCreation		256
-md4		257
-id_pkix_mod		258
-id_qt		259
-id_it		260
-id_pkip		261
-id_alg		262
-id_cmc		263
-id_on		264
-id_pda		265
-id_aca		266
-id_qcs		267
-id_cct		268
-id_pkix1_explicit_88		269
-id_pkix1_implicit_88		270
-id_pkix1_explicit_93		271
-id_pkix1_implicit_93		272
-id_mod_crmf		273
-id_mod_cmc		274
-id_mod_kea_profile_88		275
-id_mod_kea_profile_93		276
-id_mod_cmp		277
-id_mod_qualified_cert_88		278
-id_mod_qualified_cert_93		279
-id_mod_attribute_cert		280
-id_mod_timestamp_protocol		281
-id_mod_ocsp		282
-id_mod_dvcs		283
-id_mod_cmp2000		284
-biometricInfo		285
-qcStatements		286
-ac_auditEntity		287
-ac_targeting		288
-aaControls		289
-sbqp_ipAddrBlock		290
-sbqp_autonomousSysNum		291
-sbqp_routerIdentifier		292
-textNotice		293
-ipsecEndSystem		294
-ipsecTunnel		295
-ipsecUser		296
-dvcs		297
-id_it_caProtEncCert		298
-id_it_signKeyPairTypes		299
-id_it_encKeyPairTypes		300
-id_it_preferredSymmAlg		301
-id_it_caKeyUpdateInfo		302
-id_it_currentCRL		303
-id_it_unsupportedOIDs		304
-id_it_subscriptionRequest		305
-id_it_subscriptionResponse		306
-id_it_keyPairParamReq		307
-id_it_keyPairParamRep		308
-id_it_revPassphrase		309
-id_it_implicitConfirm		310
-id_it_confirmWaitTime		311
-id_it_origPKIMessage		312
-id_regCtrl		313
-id_regInfo		314
-id_regCtrl_regToken		315
-id_regCtrl_authenticator		316
-id_regCtrl_pkiPublicationInfo		317
-id_regCtrl_pkiArchiveOptions		318
-id_regCtrl_oldCertID		319
-id_regCtrl_protocolEncrKey		320
-id_regInfo_utf8Pairs		321
-id_regInfo_certReq		322
-id_alg_des40		323
-id_alg_noSignature		324
-id_alg_dh_sig_hmac_sha1		325
-id_alg_dh_pop		326
-id_cmc_statusInfo		327
-id_cmc_identification		328
-id_cmc_identityProof		329
-id_cmc_dataReturn		330
-id_cmc_transactionId		331
-id_cmc_senderNonce		332
-id_cmc_recipientNonce		333
-id_cmc_addExtensions		334
-id_cmc_encryptedPOP		335
-id_cmc_decryptedPOP		336
-id_cmc_lraPOPWitness		337
-id_cmc_getCert		338
-id_cmc_getCRL		339
-id_cmc_revokeRequest		340
-id_cmc_regInfo		341
-id_cmc_responseInfo		342
-id_cmc_queryPending		343
-id_cmc_popLinkRandom		344
-id_cmc_popLinkWitness		345
-id_cmc_confirmCertAcceptance		346
-id_on_personalData		347
-id_pda_dateOfBirth		348
-id_pda_placeOfBirth		349
-id_pda_pseudonym		350
-id_pda_gender		351
-id_pda_countryOfCitizenship		352
-id_pda_countryOfResidence		353
-id_aca_authenticationInfo		354
-id_aca_accessIdentity		355
-id_aca_chargingIdentity		356
-id_aca_group		357
-id_aca_role		358
-id_qcs_pkixQCSyntax_v1		359
-id_cct_crs		360
-id_cct_PKIData		361
-id_cct_PKIResponse		362
-ad_timeStamping		363
-ad_dvcs		364
-id_pkix_OCSP_basic		365
-id_pkix_OCSP_Nonce		366
-id_pkix_OCSP_CrlID		367
-id_pkix_OCSP_acceptableResponses		368
-id_pkix_OCSP_noCheck		369
-id_pkix_OCSP_archiveCutoff		370
-id_pkix_OCSP_serviceLocator		371
-id_pkix_OCSP_extendedStatus		372
-id_pkix_OCSP_valid		373
-id_pkix_OCSP_path		374
-id_pkix_OCSP_trustRoot		375
-algorithm		376
-rsaSignature		377
-X500algorithms		378
-org		379
-dod		380
-iana		381
-Directory		382
-Management		383
-Experimental		384
-Private		385
-Security		386
-SNMPv2		387
-Mail		388
-Enterprises		389
-dcObject		390
-domainComponent		391
-Domain		392
-joint_iso_ccitt		393
-selected_attribute_types		394
-clearance		395
-md4WithRSAEncryption		396
-ac_proxying		397
-sinfo_access		398
-id_aca_encAttrs		399
-role		400
-policy_constraints		401
-target_information		402
-no_rev_avail		403
-ccitt		404
-ansi_X9_62		405
-X9_62_prime_field		406
-X9_62_characteristic_two_field		407
-X9_62_id_ecPublicKey		408
-X9_62_prime192v1		409
-X9_62_prime192v2		410
-X9_62_prime192v3		411
-X9_62_prime239v1		412
-X9_62_prime239v2		413
-X9_62_prime239v3		414
-X9_62_prime256v1		415
-ecdsa_with_SHA1		416
-ms_csp_name		417
-aes_128_ecb		418
-aes_128_cbc		419
-aes_128_ofb128		420
-aes_128_cfb128		421
-aes_192_ecb		422
-aes_192_cbc		423
-aes_192_ofb128		424
-aes_192_cfb128		425
-aes_256_ecb		426
-aes_256_cbc		427
-aes_256_ofb128		428
-aes_256_cfb128		429
-hold_instruction_code		430
-hold_instruction_none		431
-hold_instruction_call_issuer		432
-hold_instruction_reject		433
-data		434
-pss		435
-ucl		436
-pilot		437
-pilotAttributeType		438
-pilotAttributeSyntax		439
-pilotObjectClass		440
-pilotGroups		441
-iA5StringSyntax		442
-caseIgnoreIA5StringSyntax		443
-pilotObject		444
-pilotPerson		445
-account		446
-document		447
-room		448
-documentSeries		449
-rFC822localPart		450
-dNSDomain		451
-domainRelatedObject		452
-friendlyCountry		453
-simpleSecurityObject		454
-pilotOrganization		455
-pilotDSA		456
-qualityLabelledData		457
-userId		458
-textEncodedORAddress		459
-rfc822Mailbox		460
-info		461
-favouriteDrink		462
-roomNumber		463
-photo		464
-userClass		465
-host		466
-manager		467
-documentIdentifier		468
-documentTitle		469
-documentVersion		470
-documentAuthor		471
-documentLocation		472
-homeTelephoneNumber		473
-secretary		474
-otherMailbox		475
-lastModifiedTime		476
-lastModifiedBy		477
-aRecord		478
-pilotAttributeType27		479
-mXRecord		480
-nSRecord		481
-sOARecord		482
-cNAMERecord		483
-associatedDomain		484
-associatedName		485
-homePostalAddress		486
-personalTitle		487
-mobileTelephoneNumber		488
-pagerTelephoneNumber		489
-friendlyCountryName		490
-organizationalStatus		491
-janetMailbox		492
-mailPreferenceOption		493
-buildingName		494
-dSAQuality		495
-singleLevelQuality		496
-subtreeMinimumQuality		497
-subtreeMaximumQuality		498
-personalSignature		499
-dITRedirect		500
-audio		501
-documentPublisher		502
-x500UniqueIdentifier		503
-mime_mhs		504
-mime_mhs_headings		505
-mime_mhs_bodies		506
-id_hex_partial_message		507
-id_hex_multipart_message		508
-generationQualifier		509
-pseudonym		510
-InternationalRA		511
-id_set		512
-set_ctype		513
-set_msgExt		514
-set_attr		515
-set_policy		516
-set_certExt		517
-set_brand		518
-setct_PANData		519
-setct_PANToken		520
-setct_PANOnly		521
-setct_OIData		522
-setct_PI		523
-setct_PIData		524
-setct_PIDataUnsigned		525
-setct_HODInput		526
-setct_AuthResBaggage		527
-setct_AuthRevReqBaggage		528
-setct_AuthRevResBaggage		529
-setct_CapTokenSeq		530
-setct_PInitResData		531
-setct_PI_TBS		532
-setct_PResData		533
-setct_AuthReqTBS		534
-setct_AuthResTBS		535
-setct_AuthResTBSX		536
-setct_AuthTokenTBS		537
-setct_CapTokenData		538
-setct_CapTokenTBS		539
-setct_AcqCardCodeMsg		540
-setct_AuthRevReqTBS		541
-setct_AuthRevResData		542
-setct_AuthRevResTBS		543
-setct_CapReqTBS		544
-setct_CapReqTBSX		545
-setct_CapResData		546
-setct_CapRevReqTBS		547
-setct_CapRevReqTBSX		548
-setct_CapRevResData		549
-setct_CredReqTBS		550
-setct_CredReqTBSX		551
-setct_CredResData		552
-setct_CredRevReqTBS		553
-setct_CredRevReqTBSX		554
-setct_CredRevResData		555
-setct_PCertReqData		556
-setct_PCertResTBS		557
-setct_BatchAdminReqData		558
-setct_BatchAdminResData		559
-setct_CardCInitResTBS		560
-setct_MeAqCInitResTBS		561
-setct_RegFormResTBS		562
-setct_CertReqData		563
-setct_CertReqTBS		564
-setct_CertResData		565
-setct_CertInqReqTBS		566
-setct_ErrorTBS		567
-setct_PIDualSignedTBE		568
-setct_PIUnsignedTBE		569
-setct_AuthReqTBE		570
-setct_AuthResTBE		571
-setct_AuthResTBEX		572
-setct_AuthTokenTBE		573
-setct_CapTokenTBE		574
-setct_CapTokenTBEX		575
-setct_AcqCardCodeMsgTBE		576
-setct_AuthRevReqTBE		577
-setct_AuthRevResTBE		578
-setct_AuthRevResTBEB		579
-setct_CapReqTBE		580
-setct_CapReqTBEX		581
-setct_CapResTBE		582
-setct_CapRevReqTBE		583
-setct_CapRevReqTBEX		584
-setct_CapRevResTBE		585
-setct_CredReqTBE		586
-setct_CredReqTBEX		587
-setct_CredResTBE		588
-setct_CredRevReqTBE		589
-setct_CredRevReqTBEX		590
-setct_CredRevResTBE		591
-setct_BatchAdminReqTBE		592
-setct_BatchAdminResTBE		593
-setct_RegFormReqTBE		594
-setct_CertReqTBE		595
-setct_CertReqTBEX		596
-setct_CertResTBE		597
-setct_CRLNotificationTBS		598
-setct_CRLNotificationResTBS		599
-setct_BCIDistributionTBS		600
-setext_genCrypt		601
-setext_miAuth		602
-setext_pinSecure		603
-setext_pinAny		604
-setext_track2		605
-setext_cv		606
-set_policy_root		607
-setCext_hashedRoot		608
-setCext_certType		609
-setCext_merchData		610
-setCext_cCertRequired		611
-setCext_tunneling		612
-setCext_setExt		613
-setCext_setQualf		614
-setCext_PGWYcapabilities		615
-setCext_TokenIdentifier		616
-setCext_Track2Data		617
-setCext_TokenType		618
-setCext_IssuerCapabilities		619
-setAttr_Cert		620
-setAttr_PGWYcap		621
-setAttr_TokenType		622
-setAttr_IssCap		623
-set_rootKeyThumb		624
-set_addPolicy		625
-setAttr_Token_EMV		626
-setAttr_Token_B0Prime		627
-setAttr_IssCap_CVM		628
-setAttr_IssCap_T2		629
-setAttr_IssCap_Sig		630
-setAttr_GenCryptgrm		631
-setAttr_T2Enc		632
-setAttr_T2cleartxt		633
-setAttr_TokICCsig		634
-setAttr_SecDevSig		635
-set_brand_IATA_ATA		636
-set_brand_Diners		637
-set_brand_AmericanExpress		638
-set_brand_JCB		639
-set_brand_Visa		640
-set_brand_MasterCard		641
-set_brand_Novus		642
-des_cdmf		643
-rsaOAEPEncryptionSET		644
-itu_t		645
-joint_iso_itu_t		646
-international_organizations		647
-ms_smartcard_login		648
-ms_upn		649
diff --git a/crypto/openssl/crypto/objects/objects.README b/crypto/openssl/crypto/objects/objects.README
deleted file mode 100644
index 4d745508d830..000000000000
--- a/crypto/openssl/crypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
-objects.txt syntax
-------------------
-
-To cover all the naming hacks that were previously in objects.h needed some
-kind of hacks in objects.txt.
-
-The basic syntax for adding an object is as follows:
-
-	1 2 3 4		: shortName	: Long Name
-
-		If the long name doesn't contain spaces, or no short name
-		exists, the long name is used as basis for the base name
-		in C.  Otherwise, the short name is used.
-
-		The base name (let's call it 'base') will then be used to
-		create the C macros SN_base, LN_base, NID_base and OBJ_base.
-
-		Note that if the base name contains spaces, dashes or periods,
-		those will be converte to underscore.
-
-Then there are some extra commands:
-
-	!Alias foo 1 2 3 4
-
-		This juts makes a name foo for an OID.  The C macro
-		OBJ_foo will be created as a result.
-
-	!Cname foo
-
-		This makes sure that the name foo will be used as base name
-		in C.
-
-	!module foo
-	1 2 3 4		: shortName	: Long Name
-	!global
-
-		The !module command was meant to define a kind of modularity.
-		What it does is to make sure the module name is prepended
-		to the base name.  !global turns this off.  This construction
-		is not recursive.
-
-Lines starting with # are treated as comments, as well as any line starting
-with ! and not matching the commands above.
-
diff --git a/crypto/openssl/crypto/objects/objects.h b/crypto/openssl/crypto/objects/objects.h
deleted file mode 100644
index de1053281365..000000000000
--- a/crypto/openssl/crypto/objects/objects.h
+++ /dev/null
@@ -1,1042 +0,0 @@
-/* crypto/objects/objects.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_OBJECTS_H
-#define HEADER_OBJECTS_H
-
-#define USE_OBJ_MAC
-
-#ifdef USE_OBJ_MAC
-#include <openssl/obj_mac.h>
-#else
-#define SN_undef			"UNDEF"
-#define LN_undef			"undefined"
-#define NID_undef			0
-#define OBJ_undef			0L
-
-#define SN_Algorithm			"Algorithm"
-#define LN_algorithm			"algorithm"
-#define NID_algorithm			38
-#define OBJ_algorithm			1L,3L,14L,3L,2L
-
-#define LN_rsadsi			"rsadsi"
-#define NID_rsadsi			1
-#define OBJ_rsadsi			1L,2L,840L,113549L
-
-#define LN_pkcs				"pkcs"
-#define NID_pkcs			2
-#define OBJ_pkcs			OBJ_rsadsi,1L
-
-#define SN_md2				"MD2"
-#define LN_md2				"md2"
-#define NID_md2				3
-#define OBJ_md2				OBJ_rsadsi,2L,2L
-
-#define SN_md5				"MD5"
-#define LN_md5				"md5"
-#define NID_md5				4
-#define OBJ_md5				OBJ_rsadsi,2L,5L
-
-#define SN_rc4				"RC4"
-#define LN_rc4				"rc4"
-#define NID_rc4				5
-#define OBJ_rc4				OBJ_rsadsi,3L,4L
-
-#define LN_rsaEncryption		"rsaEncryption"
-#define NID_rsaEncryption		6
-#define OBJ_rsaEncryption		OBJ_pkcs,1L,1L
-
-#define SN_md2WithRSAEncryption		"RSA-MD2"
-#define LN_md2WithRSAEncryption		"md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption	7
-#define OBJ_md2WithRSAEncryption	OBJ_pkcs,1L,2L
-
-#define SN_md5WithRSAEncryption		"RSA-MD5"
-#define LN_md5WithRSAEncryption		"md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption	8
-#define OBJ_md5WithRSAEncryption	OBJ_pkcs,1L,4L
-
-#define SN_pbeWithMD2AndDES_CBC		"PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC		"pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC	9
-#define OBJ_pbeWithMD2AndDES_CBC	OBJ_pkcs,5L,1L
-
-#define SN_pbeWithMD5AndDES_CBC		"PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC		"pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC	10
-#define OBJ_pbeWithMD5AndDES_CBC	OBJ_pkcs,5L,3L
-
-#define LN_X500				"X500"
-#define NID_X500			11
-#define OBJ_X500			2L,5L
-
-#define LN_X509				"X509"
-#define NID_X509			12
-#define OBJ_X509			OBJ_X500,4L
-
-#define SN_commonName			"CN"
-#define LN_commonName			"commonName"
-#define NID_commonName			13
-#define OBJ_commonName			OBJ_X509,3L
-
-#define SN_countryName			"C"
-#define LN_countryName			"countryName"
-#define NID_countryName			14
-#define OBJ_countryName			OBJ_X509,6L
-
-#define SN_localityName			"L"
-#define LN_localityName			"localityName"
-#define NID_localityName		15
-#define OBJ_localityName		OBJ_X509,7L
-
-/* Postal Address? PA */
-
-/* should be "ST" (rfc1327) but MS uses 'S' */
-#define SN_stateOrProvinceName		"ST"
-#define LN_stateOrProvinceName		"stateOrProvinceName"
-#define NID_stateOrProvinceName		16
-#define OBJ_stateOrProvinceName		OBJ_X509,8L
-
-#define SN_organizationName		"O"
-#define LN_organizationName		"organizationName"
-#define NID_organizationName		17
-#define OBJ_organizationName		OBJ_X509,10L
-
-#define SN_organizationalUnitName	"OU"
-#define LN_organizationalUnitName	"organizationalUnitName"
-#define NID_organizationalUnitName	18
-#define OBJ_organizationalUnitName	OBJ_X509,11L
-
-#define SN_rsa				"RSA"
-#define LN_rsa				"rsa"
-#define NID_rsa				19
-#define OBJ_rsa				OBJ_X500,8L,1L,1L
-
-#define LN_pkcs7			"pkcs7"
-#define NID_pkcs7			20
-#define OBJ_pkcs7			OBJ_pkcs,7L
-
-#define LN_pkcs7_data			"pkcs7-data"
-#define NID_pkcs7_data			21
-#define OBJ_pkcs7_data			OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed			"pkcs7-signedData"
-#define NID_pkcs7_signed		22
-#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped		"pkcs7-envelopedData"
-#define NID_pkcs7_enveloped		23
-#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped	"pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped	24
-#define OBJ_pkcs7_signedAndEnveloped	OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest			"pkcs7-digestData"
-#define NID_pkcs7_digest		25
-#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted		"pkcs7-encryptedData"
-#define NID_pkcs7_encrypted		26
-#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
-
-#define LN_pkcs3			"pkcs3"
-#define NID_pkcs3			27
-#define OBJ_pkcs3			OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement		"dhKeyAgreement"
-#define NID_dhKeyAgreement		28
-#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
-
-#define SN_des_ecb			"DES-ECB"
-#define LN_des_ecb			"des-ecb"
-#define NID_des_ecb			29
-#define OBJ_des_ecb			OBJ_algorithm,6L
-
-#define SN_des_cfb64			"DES-CFB"
-#define LN_des_cfb64			"des-cfb"
-#define NID_des_cfb64			30
-/* IV + num */
-#define OBJ_des_cfb64			OBJ_algorithm,9L
-
-#define SN_des_cbc			"DES-CBC"
-#define LN_des_cbc			"des-cbc"
-#define NID_des_cbc			31
-/* IV */
-#define OBJ_des_cbc			OBJ_algorithm,7L
-
-#define SN_des_ede			"DES-EDE"
-#define LN_des_ede			"des-ede"
-#define NID_des_ede			32
-/* ?? */
-#define OBJ_des_ede			OBJ_algorithm,17L
-
-#define SN_des_ede3			"DES-EDE3"
-#define LN_des_ede3			"des-ede3"
-#define NID_des_ede3			33
-
-#define SN_idea_cbc			"IDEA-CBC"
-#define LN_idea_cbc			"idea-cbc"
-#define NID_idea_cbc			34
-#define OBJ_idea_cbc			1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_cfb64			"IDEA-CFB"
-#define LN_idea_cfb64			"idea-cfb"
-#define NID_idea_cfb64			35
-
-#define SN_idea_ecb			"IDEA-ECB"
-#define LN_idea_ecb			"idea-ecb"
-#define NID_idea_ecb			36
-
-#define SN_rc2_cbc			"RC2-CBC"
-#define LN_rc2_cbc			"rc2-cbc"
-#define NID_rc2_cbc			37
-#define OBJ_rc2_cbc			OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb			"RC2-ECB"
-#define LN_rc2_ecb			"rc2-ecb"
-#define NID_rc2_ecb			38
-
-#define SN_rc2_cfb64			"RC2-CFB"
-#define LN_rc2_cfb64			"rc2-cfb"
-#define NID_rc2_cfb64			39
-
-#define SN_rc2_ofb64			"RC2-OFB"
-#define LN_rc2_ofb64			"rc2-ofb"
-#define NID_rc2_ofb64			40
-
-#define SN_sha				"SHA"
-#define LN_sha				"sha"
-#define NID_sha				41
-#define OBJ_sha				OBJ_algorithm,18L
-
-#define SN_shaWithRSAEncryption		"RSA-SHA"
-#define LN_shaWithRSAEncryption		"shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption	42
-#define OBJ_shaWithRSAEncryption	OBJ_algorithm,15L
-
-#define SN_des_ede_cbc			"DES-EDE-CBC"
-#define LN_des_ede_cbc			"des-ede-cbc"
-#define NID_des_ede_cbc			43
-
-#define SN_des_ede3_cbc			"DES-EDE3-CBC"
-#define LN_des_ede3_cbc			"des-ede3-cbc"
-#define NID_des_ede3_cbc		44
-#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
-
-#define SN_des_ofb64			"DES-OFB"
-#define LN_des_ofb64			"des-ofb"
-#define NID_des_ofb64			45
-#define OBJ_des_ofb64			OBJ_algorithm,8L
-
-#define SN_idea_ofb64			"IDEA-OFB"
-#define LN_idea_ofb64			"idea-ofb"
-#define NID_idea_ofb64			46
-
-#define LN_pkcs9			"pkcs9"
-#define NID_pkcs9			47
-#define OBJ_pkcs9			OBJ_pkcs,9L
-
-#define SN_pkcs9_emailAddress		"Email"
-#define LN_pkcs9_emailAddress		"emailAddress"
-#define NID_pkcs9_emailAddress		48
-#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName	"unstructuredName"
-#define NID_pkcs9_unstructuredName	49
-#define OBJ_pkcs9_unstructuredName	OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType		"contentType"
-#define NID_pkcs9_contentType		50
-#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest		"messageDigest"
-#define NID_pkcs9_messageDigest		51
-#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime		"signingTime"
-#define NID_pkcs9_signingTime		52
-#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature	"countersignature"
-#define NID_pkcs9_countersignature	53
-#define OBJ_pkcs9_countersignature	OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword	"challengePassword"
-#define NID_pkcs9_challengePassword	54
-#define OBJ_pkcs9_challengePassword	OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress	"unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress	55
-#define OBJ_pkcs9_unstructuredAddress	OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes	"extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes	56
-#define OBJ_pkcs9_extCertAttributes	OBJ_pkcs9,9L
-
-#define SN_netscape			"Netscape"
-#define LN_netscape			"Netscape Communications Corp."
-#define NID_netscape			57
-#define OBJ_netscape			2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension	"nsCertExt"
-#define LN_netscape_cert_extension	"Netscape Certificate Extension"
-#define NID_netscape_cert_extension	58
-#define OBJ_netscape_cert_extension	OBJ_netscape,1L
-
-#define SN_netscape_data_type		"nsDataType"
-#define LN_netscape_data_type		"Netscape Data Type"
-#define NID_netscape_data_type		59
-#define OBJ_netscape_data_type		OBJ_netscape,2L
-
-#define SN_des_ede_cfb64		"DES-EDE-CFB"
-#define LN_des_ede_cfb64		"des-ede-cfb"
-#define NID_des_ede_cfb64		60
-
-#define SN_des_ede3_cfb64		"DES-EDE3-CFB"
-#define LN_des_ede3_cfb64		"des-ede3-cfb"
-#define NID_des_ede3_cfb64		61
-
-#define SN_des_ede_ofb64		"DES-EDE-OFB"
-#define LN_des_ede_ofb64		"des-ede-ofb"
-#define NID_des_ede_ofb64		62
-
-#define SN_des_ede3_ofb64		"DES-EDE3-OFB"
-#define LN_des_ede3_ofb64		"des-ede3-ofb"
-#define NID_des_ede3_ofb64		63
-
-/* I'm not sure about the object ID */
-#define SN_sha1				"SHA1"
-#define LN_sha1				"sha1"
-#define NID_sha1			64
-#define OBJ_sha1			OBJ_algorithm,26L
-/* 28 Jun 1996 - eay */
-/* #define OBJ_sha1			1L,3L,14L,2L,26L,05L <- wrong */
-
-#define SN_sha1WithRSAEncryption	"RSA-SHA1"
-#define LN_sha1WithRSAEncryption	"sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption	65
-#define OBJ_sha1WithRSAEncryption	OBJ_pkcs,1L,5L
-
-#define SN_dsaWithSHA			"DSA-SHA"
-#define LN_dsaWithSHA			"dsaWithSHA"
-#define NID_dsaWithSHA			66
-#define OBJ_dsaWithSHA			OBJ_algorithm,13L
-
-#define SN_dsa_2			"DSA-old"
-#define LN_dsa_2			"dsaEncryption-old"
-#define NID_dsa_2			67
-#define OBJ_dsa_2			OBJ_algorithm,12L
-
-/* proposed by microsoft to RSA */
-#define SN_pbeWithSHA1AndRC2_CBC	"PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC	"pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC	68
-#define OBJ_pbeWithSHA1AndRC2_CBC	OBJ_pkcs,5L,11L 
-
-/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now
- * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something
- * completely different.
- */
-#define LN_id_pbkdf2			"PBKDF2"
-#define NID_id_pbkdf2			69
-#define OBJ_id_pbkdf2			OBJ_pkcs,5L,12L 
-
-#define SN_dsaWithSHA1_2		"DSA-SHA1-old"
-#define LN_dsaWithSHA1_2		"dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2		70
-/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
-
-#define SN_netscape_cert_type		"nsCertType"
-#define LN_netscape_cert_type		"Netscape Cert Type"
-#define NID_netscape_cert_type		71
-#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url		"nsBaseUrl"
-#define LN_netscape_base_url		"Netscape Base Url"
-#define NID_netscape_base_url		72
-#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url	"nsRevocationUrl"
-#define LN_netscape_revocation_url	"Netscape Revocation Url"
-#define NID_netscape_revocation_url	73
-#define OBJ_netscape_revocation_url	OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url	"nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url	"Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url	74
-#define OBJ_netscape_ca_revocation_url	OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url		"nsRenewalUrl"
-#define LN_netscape_renewal_url		"Netscape Renewal Url"
-#define NID_netscape_renewal_url	75
-#define OBJ_netscape_renewal_url	OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url	"nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url	"Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url	76
-#define OBJ_netscape_ca_policy_url	OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name	"nsSslServerName"
-#define LN_netscape_ssl_server_name	"Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name	77
-#define OBJ_netscape_ssl_server_name	OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment		"nsComment"
-#define LN_netscape_comment		"Netscape Comment"
-#define NID_netscape_comment		78
-#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence	"nsCertSequence"
-#define LN_netscape_cert_sequence	"Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence	79
-#define OBJ_netscape_cert_sequence	OBJ_netscape_data_type,5L
-
-#define SN_desx_cbc			"DESX-CBC"
-#define LN_desx_cbc			"desx-cbc"
-#define NID_desx_cbc			80
-
-#define SN_id_ce			"id-ce"
-#define NID_id_ce			81
-#define OBJ_id_ce			2L,5L,29L
-
-#define SN_subject_key_identifier	"subjectKeyIdentifier"
-#define LN_subject_key_identifier	"X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier	82
-#define OBJ_subject_key_identifier	OBJ_id_ce,14L
-
-#define SN_key_usage			"keyUsage"
-#define LN_key_usage			"X509v3 Key Usage"
-#define NID_key_usage			83
-#define OBJ_key_usage			OBJ_id_ce,15L
-
-#define SN_private_key_usage_period	"privateKeyUsagePeriod"
-#define LN_private_key_usage_period	"X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period	84
-#define OBJ_private_key_usage_period	OBJ_id_ce,16L
-
-#define SN_subject_alt_name		"subjectAltName"
-#define LN_subject_alt_name		"X509v3 Subject Alternative Name"
-#define NID_subject_alt_name		85
-#define OBJ_subject_alt_name		OBJ_id_ce,17L
-
-#define SN_issuer_alt_name		"issuerAltName"
-#define LN_issuer_alt_name		"X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name		86
-#define OBJ_issuer_alt_name		OBJ_id_ce,18L
-
-#define SN_basic_constraints		"basicConstraints"
-#define LN_basic_constraints		"X509v3 Basic Constraints"
-#define NID_basic_constraints		87
-#define OBJ_basic_constraints		OBJ_id_ce,19L
-
-#define SN_crl_number			"crlNumber"
-#define LN_crl_number			"X509v3 CRL Number"
-#define NID_crl_number			88
-#define OBJ_crl_number			OBJ_id_ce,20L
-
-#define SN_certificate_policies		"certificatePolicies"
-#define LN_certificate_policies		"X509v3 Certificate Policies"
-#define NID_certificate_policies	89
-#define OBJ_certificate_policies	OBJ_id_ce,32L
-
-#define SN_authority_key_identifier	"authorityKeyIdentifier"
-#define LN_authority_key_identifier	"X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier	90
-#define OBJ_authority_key_identifier	OBJ_id_ce,35L
-
-#define SN_bf_cbc			"BF-CBC"
-#define LN_bf_cbc			"bf-cbc"
-#define NID_bf_cbc			91
-#define OBJ_bf_cbc			1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb			"BF-ECB"
-#define LN_bf_ecb			"bf-ecb"
-#define NID_bf_ecb			92
-
-#define SN_bf_cfb64			"BF-CFB"
-#define LN_bf_cfb64			"bf-cfb"
-#define NID_bf_cfb64			93
-
-#define SN_bf_ofb64			"BF-OFB"
-#define LN_bf_ofb64			"bf-ofb"
-#define NID_bf_ofb64			94
-
-#define SN_mdc2				"MDC2"
-#define LN_mdc2				"mdc2"
-#define NID_mdc2			95
-#define OBJ_mdc2			2L,5L,8L,3L,101L
-/* An alternative?			1L,3L,14L,3L,2L,19L */
-
-#define SN_mdc2WithRSA			"RSA-MDC2"
-#define LN_mdc2WithRSA			"mdc2withRSA"
-#define NID_mdc2WithRSA			96
-#define OBJ_mdc2WithRSA			2L,5L,8L,3L,100L
-
-#define SN_rc4_40			"RC4-40"
-#define LN_rc4_40			"rc4-40"
-#define NID_rc4_40			97
-
-#define SN_rc2_40_cbc			"RC2-40-CBC"
-#define LN_rc2_40_cbc			"rc2-40-cbc"
-#define NID_rc2_40_cbc			98
-
-#define SN_givenName			"G"
-#define LN_givenName			"givenName"
-#define NID_givenName			99
-#define OBJ_givenName			OBJ_X509,42L
-
-#define SN_surname			"S"
-#define LN_surname			"surname"
-#define NID_surname			100
-#define OBJ_surname			OBJ_X509,4L
-
-#define SN_initials			"I"
-#define LN_initials			"initials"
-#define NID_initials			101
-#define OBJ_initials			OBJ_X509,43L
-
-#define SN_uniqueIdentifier		"UID"
-#define LN_uniqueIdentifier		"uniqueIdentifier"
-#define NID_uniqueIdentifier		102
-#define OBJ_uniqueIdentifier		OBJ_X509,45L
-
-#define SN_crl_distribution_points	"crlDistributionPoints"
-#define LN_crl_distribution_points	"X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points	103
-#define OBJ_crl_distribution_points	OBJ_id_ce,31L
-
-#define SN_md5WithRSA			"RSA-NP-MD5"
-#define LN_md5WithRSA			"md5WithRSA"
-#define NID_md5WithRSA			104
-#define OBJ_md5WithRSA			OBJ_algorithm,3L
-
-#define SN_serialNumber			"SN"
-#define LN_serialNumber			"serialNumber"
-#define NID_serialNumber		105
-#define OBJ_serialNumber		OBJ_X509,5L
-
-#define SN_title			"T"
-#define LN_title			"title"
-#define NID_title			106
-#define OBJ_title			OBJ_X509,12L
-
-#define SN_description			"D"
-#define LN_description			"description"
-#define NID_description			107
-#define OBJ_description			OBJ_X509,13L
-
-/* CAST5 is CAST-128, I'm just sticking with the documentation */
-#define SN_cast5_cbc			"CAST5-CBC"
-#define LN_cast5_cbc			"cast5-cbc"
-#define NID_cast5_cbc			108
-#define OBJ_cast5_cbc			1L,2L,840L,113533L,7L,66L,10L
-
-#define SN_cast5_ecb			"CAST5-ECB"
-#define LN_cast5_ecb			"cast5-ecb"
-#define NID_cast5_ecb			109
-
-#define SN_cast5_cfb64			"CAST5-CFB"
-#define LN_cast5_cfb64			"cast5-cfb"
-#define NID_cast5_cfb64			110
-
-#define SN_cast5_ofb64			"CAST5-OFB"
-#define LN_cast5_ofb64			"cast5-ofb"
-#define NID_cast5_ofb64			111
-
-#define LN_pbeWithMD5AndCast5_CBC	"pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC	112
-#define OBJ_pbeWithMD5AndCast5_CBC	1L,2L,840L,113533L,7L,66L,12L
-
-/* This is one sun will soon be using :-(
- * id-dsa-with-sha1 ID  ::= {
- *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
- */
-#define SN_dsaWithSHA1			"DSA-SHA1"
-#define LN_dsaWithSHA1			"dsaWithSHA1"
-#define NID_dsaWithSHA1			113
-#define OBJ_dsaWithSHA1			1L,2L,840L,10040L,4L,3L
-
-#define NID_md5_sha1			114
-#define SN_md5_sha1			"MD5-SHA1"
-#define LN_md5_sha1			"md5-sha1"
-
-#define SN_sha1WithRSA			"RSA-SHA1-2"
-#define LN_sha1WithRSA			"sha1WithRSA"
-#define NID_sha1WithRSA			115
-#define OBJ_sha1WithRSA			OBJ_algorithm,29L
-
-#define SN_dsa				"DSA"
-#define LN_dsa				"dsaEncryption"
-#define NID_dsa				116
-#define OBJ_dsa				1L,2L,840L,10040L,4L,1L
-
-#define SN_ripemd160			"RIPEMD160"
-#define LN_ripemd160			"ripemd160"
-#define NID_ripemd160			117
-#define OBJ_ripemd160			1L,3L,36L,3L,2L,1L
-
-/* The name should actually be rsaSignatureWithripemd160, but I'm going
- * to continue using the convention I'm using with the other ciphers */
-#define SN_ripemd160WithRSA		"RSA-RIPEMD160"
-#define LN_ripemd160WithRSA		"ripemd160WithRSA"
-#define NID_ripemd160WithRSA		119
-#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
-
-/* Taken from rfc2040
- *  RC5_CBC_Parameters ::= SEQUENCE {
- *	version           INTEGER (v1_0(16)),
- *	rounds            INTEGER (8..127),
- *	blockSizeInBits   INTEGER (64, 128),
- *	iv                OCTET STRING OPTIONAL
- *	}
- */
-#define SN_rc5_cbc			"RC5-CBC"
-#define LN_rc5_cbc			"rc5-cbc"
-#define NID_rc5_cbc			120
-#define OBJ_rc5_cbc			OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb			"RC5-ECB"
-#define LN_rc5_ecb			"rc5-ecb"
-#define NID_rc5_ecb			121
-
-#define SN_rc5_cfb64			"RC5-CFB"
-#define LN_rc5_cfb64			"rc5-cfb"
-#define NID_rc5_cfb64			122
-
-#define SN_rc5_ofb64			"RC5-OFB"
-#define LN_rc5_ofb64			"rc5-ofb"
-#define NID_rc5_ofb64			123
-
-#define SN_rle_compression		"RLE"
-#define LN_rle_compression		"run length compression"
-#define NID_rle_compression		124
-#define OBJ_rle_compression		1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression		"ZLIB"
-#define LN_zlib_compression		"zlib compression"
-#define NID_zlib_compression		125
-#define OBJ_zlib_compression		1L,1L,1L,1L,666L,2L
-
-#define SN_ext_key_usage		"extendedKeyUsage"
-#define LN_ext_key_usage		"X509v3 Extended Key Usage"
-#define NID_ext_key_usage		126
-#define OBJ_ext_key_usage		OBJ_id_ce,37
-
-#define SN_id_pkix			"PKIX"
-#define NID_id_pkix			127
-#define OBJ_id_pkix			1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_kp			"id-kp"
-#define NID_id_kp			128
-#define OBJ_id_kp			OBJ_id_pkix,3L
-
-/* PKIX extended key usage OIDs */
-
-#define SN_server_auth			"serverAuth"
-#define LN_server_auth			"TLS Web Server Authentication"
-#define NID_server_auth			129
-#define OBJ_server_auth			OBJ_id_kp,1L
-
-#define SN_client_auth			"clientAuth"
-#define LN_client_auth			"TLS Web Client Authentication"
-#define NID_client_auth			130
-#define OBJ_client_auth			OBJ_id_kp,2L
-
-#define SN_code_sign			"codeSigning"
-#define LN_code_sign			"Code Signing"
-#define NID_code_sign			131
-#define OBJ_code_sign			OBJ_id_kp,3L
-
-#define SN_email_protect		"emailProtection"
-#define LN_email_protect		"E-mail Protection"
-#define NID_email_protect		132
-#define OBJ_email_protect		OBJ_id_kp,4L
-
-#define SN_time_stamp			"timeStamping"
-#define LN_time_stamp			"Time Stamping"
-#define NID_time_stamp			133
-#define OBJ_time_stamp			OBJ_id_kp,8L
-
-/* Additional extended key usage OIDs: Microsoft */
-
-#define SN_ms_code_ind			"msCodeInd"
-#define LN_ms_code_ind			"Microsoft Individual Code Signing"
-#define NID_ms_code_ind			134
-#define OBJ_ms_code_ind			1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com			"msCodeCom"
-#define LN_ms_code_com			"Microsoft Commercial Code Signing"
-#define NID_ms_code_com			135
-#define OBJ_ms_code_com			1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign			"msCTLSign"
-#define LN_ms_ctl_sign			"Microsoft Trust List Signing"
-#define NID_ms_ctl_sign			136
-#define OBJ_ms_ctl_sign			1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc			"msSGC"
-#define LN_ms_sgc			"Microsoft Server Gated Crypto"
-#define NID_ms_sgc			137
-#define OBJ_ms_sgc			1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs			"msEFS"
-#define LN_ms_efs			"Microsoft Encrypted File System"
-#define NID_ms_efs			138
-#define OBJ_ms_efs			1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-/* Additional usage: Netscape */
-
-#define SN_ns_sgc			"nsSGC"
-#define LN_ns_sgc			"Netscape Server Gated Crypto"
-#define NID_ns_sgc			139
-#define OBJ_ns_sgc			OBJ_netscape,4L,1L
-
-#define SN_delta_crl			"deltaCRL"
-#define LN_delta_crl			"X509v3 Delta CRL Indicator"
-#define NID_delta_crl			140
-#define OBJ_delta_crl			OBJ_id_ce,27L
-
-#define SN_crl_reason			"CRLReason"
-#define LN_crl_reason			"CRL Reason Code"
-#define NID_crl_reason			141
-#define OBJ_crl_reason			OBJ_id_ce,21L
-
-#define SN_invalidity_date		"invalidityDate"
-#define LN_invalidity_date		"Invalidity Date"
-#define NID_invalidity_date		142
-#define OBJ_invalidity_date		OBJ_id_ce,24L
-
-#define SN_sxnet			"SXNetID"
-#define LN_sxnet			"Strong Extranet ID"
-#define NID_sxnet			143
-#define OBJ_sxnet			1L,3L,101L,1L,4L,1L
-
-/* PKCS12 and related OBJECT IDENTIFIERS */
-
-#define OBJ_pkcs12			OBJ_pkcs,12L
-#define OBJ_pkcs12_pbeids		OBJ_pkcs12, 1
-
-#define SN_pbe_WithSHA1And128BitRC4	"PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4	"pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4	144
-#define OBJ_pbe_WithSHA1And128BitRC4	OBJ_pkcs12_pbeids, 1L
-
-#define SN_pbe_WithSHA1And40BitRC4	"PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4	"pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4	145
-#define OBJ_pbe_WithSHA1And40BitRC4	OBJ_pkcs12_pbeids, 2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC	"PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC	"pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC	146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC	OBJ_pkcs12_pbeids, 3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC	"PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC	"pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC	147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC	OBJ_pkcs12_pbeids, 4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC		"PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC		"pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC	148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC	OBJ_pkcs12_pbeids, 5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC	"PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC	"pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC	149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC	OBJ_pkcs12_pbeids, 6L
-
-#define OBJ_pkcs12_Version1	OBJ_pkcs12, 10L
-
-#define OBJ_pkcs12_BagIds	OBJ_pkcs12_Version1, 1L
-
-#define LN_keyBag		"keyBag"
-#define NID_keyBag		150
-#define OBJ_keyBag		OBJ_pkcs12_BagIds, 1L
-
-#define LN_pkcs8ShroudedKeyBag	"pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag	151
-#define OBJ_pkcs8ShroudedKeyBag	OBJ_pkcs12_BagIds, 2L
-
-#define LN_certBag		"certBag"
-#define NID_certBag		152
-#define OBJ_certBag		OBJ_pkcs12_BagIds, 3L
-
-#define LN_crlBag		"crlBag"
-#define NID_crlBag		153
-#define OBJ_crlBag		OBJ_pkcs12_BagIds, 4L
-
-#define LN_secretBag		"secretBag"
-#define NID_secretBag		154
-#define OBJ_secretBag		OBJ_pkcs12_BagIds, 5L
-
-#define LN_safeContentsBag	"safeContentsBag"
-#define NID_safeContentsBag	155
-#define OBJ_safeContentsBag	OBJ_pkcs12_BagIds, 6L
-
-#define LN_friendlyName		"friendlyName"
-#define	NID_friendlyName	156
-#define OBJ_friendlyName	OBJ_pkcs9, 20L
-
-#define LN_localKeyID		"localKeyID"
-#define	NID_localKeyID		157
-#define OBJ_localKeyID		OBJ_pkcs9, 21L
-
-#define OBJ_certTypes		OBJ_pkcs9, 22L
-
-#define LN_x509Certificate	"x509Certificate"
-#define	NID_x509Certificate	158
-#define OBJ_x509Certificate	OBJ_certTypes, 1L
-
-#define LN_sdsiCertificate	"sdsiCertificate"
-#define	NID_sdsiCertificate	159
-#define OBJ_sdsiCertificate	OBJ_certTypes, 2L
-
-#define OBJ_crlTypes		OBJ_pkcs9, 23L
-
-#define LN_x509Crl		"x509Crl"
-#define	NID_x509Crl		160
-#define OBJ_x509Crl		OBJ_crlTypes, 1L
-
-/* PKCS#5 v2 OIDs */
-
-#define LN_pbes2		"PBES2"
-#define NID_pbes2		161
-#define OBJ_pbes2		OBJ_pkcs,5L,13L
-
-#define LN_pbmac1		"PBMAC1"
-#define NID_pbmac1		162
-#define OBJ_pbmac1		OBJ_pkcs,5L,14L
-
-#define LN_hmacWithSHA1		"hmacWithSHA1"
-#define NID_hmacWithSHA1	163
-#define OBJ_hmacWithSHA1	OBJ_rsadsi,2L,7L
-
-/* Policy Qualifier Ids */
-
-#define LN_id_qt_cps		"Policy Qualifier CPS"
-#define SN_id_qt_cps		"id-qt-cps"
-#define NID_id_qt_cps		164
-#define OBJ_id_qt_cps		OBJ_id_pkix,2L,1L
-
-#define LN_id_qt_unotice	"Policy Qualifier User Notice"
-#define SN_id_qt_unotice	"id-qt-unotice"
-#define NID_id_qt_unotice	165
-#define OBJ_id_qt_unotice	OBJ_id_pkix,2L,2L
-
-#define SN_rc2_64_cbc			"RC2-64-CBC"
-#define LN_rc2_64_cbc			"rc2-64-cbc"
-#define NID_rc2_64_cbc			166
-
-#define SN_SMIMECapabilities		"SMIME-CAPS"
-#define LN_SMIMECapabilities		"S/MIME Capabilities"
-#define NID_SMIMECapabilities		167
-#define OBJ_SMIMECapabilities		OBJ_pkcs9,15L
-
-#define SN_pbeWithMD2AndRC2_CBC		"PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC		"pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC	168
-#define OBJ_pbeWithMD2AndRC2_CBC	OBJ_pkcs,5L,4L
-
-#define SN_pbeWithMD5AndRC2_CBC		"PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC		"pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC	169
-#define OBJ_pbeWithMD5AndRC2_CBC	OBJ_pkcs,5L,6L
-
-#define SN_pbeWithSHA1AndDES_CBC	"PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC	"pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC	170
-#define OBJ_pbeWithSHA1AndDES_CBC	OBJ_pkcs,5L,10L
-
-/* Extension request OIDs */
-
-#define LN_ms_ext_req			"Microsoft Extension Request"
-#define SN_ms_ext_req			"msExtReq"
-#define NID_ms_ext_req			171
-#define OBJ_ms_ext_req			1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define LN_ext_req			"Extension Request"
-#define SN_ext_req			"extReq"
-#define NID_ext_req			172
-#define OBJ_ext_req			OBJ_pkcs9,14L
-
-#define SN_name				"name"
-#define LN_name				"name"
-#define NID_name			173
-#define OBJ_name			OBJ_X509,41L
-
-#define SN_dnQualifier			"dnQualifier"
-#define LN_dnQualifier			"dnQualifier"
-#define NID_dnQualifier			174
-#define OBJ_dnQualifier			OBJ_X509,46L
-
-#define SN_id_pe			"id-pe"
-#define NID_id_pe			175
-#define OBJ_id_pe			OBJ_id_pkix,1L
-
-#define SN_id_ad			"id-ad"
-#define NID_id_ad			176
-#define OBJ_id_ad			OBJ_id_pkix,48L
-
-#define SN_info_access			"authorityInfoAccess"
-#define LN_info_access			"Authority Information Access"
-#define NID_info_access			177
-#define OBJ_info_access			OBJ_id_pe,1L
-
-#define SN_ad_OCSP			"OCSP"
-#define LN_ad_OCSP			"OCSP"
-#define NID_ad_OCSP			178
-#define OBJ_ad_OCSP			OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers		"caIssuers"
-#define LN_ad_ca_issuers		"CA Issuers"
-#define NID_ad_ca_issuers		179
-#define OBJ_ad_ca_issuers		OBJ_id_ad,2L
-
-#define SN_OCSP_sign			"OCSPSigning"
-#define LN_OCSP_sign			"OCSP Signing"
-#define NID_OCSP_sign			180
-#define OBJ_OCSP_sign			OBJ_id_kp,9L
-#endif /* USE_OBJ_MAC */
-
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-
-#define	OBJ_NAME_TYPE_UNDEF		0x00
-#define	OBJ_NAME_TYPE_MD_METH		0x01
-#define	OBJ_NAME_TYPE_CIPHER_METH	0x02
-#define	OBJ_NAME_TYPE_PKEY_METH		0x03
-#define	OBJ_NAME_TYPE_COMP_METH		0x04
-#define	OBJ_NAME_TYPE_NUM		0x05
-
-#define	OBJ_NAME_ALIAS		0x8000
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct obj_name_st
-	{
-	int type;
-	int alias;
-	const char *name;
-	const char *data;
-	} OBJ_NAME;
-
-#define		OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
-
-
-int OBJ_NAME_init(void);
-int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
-		       int (*cmp_func)(const char *, const char *),
-		       void (*free_func)(const char *, int, const char *));
-const char *OBJ_NAME_get(const char *name,int type);
-int OBJ_NAME_add(const char *name,int type,const char *data);
-int OBJ_NAME_remove(const char *name,int type);
-void OBJ_NAME_cleanup(int type); /* -1 for everything */
-void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),
-		     void *arg);
-void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg),
-			    void *arg);
-
-ASN1_OBJECT *	OBJ_dup(const ASN1_OBJECT *o);
-ASN1_OBJECT *	OBJ_nid2obj(int n);
-const char *	OBJ_nid2ln(int n);
-const char *	OBJ_nid2sn(int n);
-int		OBJ_obj2nid(const ASN1_OBJECT *o);
-ASN1_OBJECT *	OBJ_txt2obj(const char *s, int no_name);
-int	OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-int		OBJ_txt2nid(const char *s);
-int		OBJ_ln2nid(const char *s);
-int		OBJ_sn2nid(const char *s);
-int		OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
-const char *	OBJ_bsearch(const char *key,const char *base,int num,int size,
-	int (*cmp)(const void *, const void *));
-
-int		OBJ_new_nid(int num);
-int		OBJ_add_object(const ASN1_OBJECT *obj);
-int		OBJ_create(const char *oid,const char *sn,const char *ln);
-void		OBJ_cleanup(void );
-int		OBJ_create_objects(BIO *in);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OBJ_strings(void);
-
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-#define OBJ_F_OBJ_CREATE				 100
-#define OBJ_F_OBJ_DUP					 101
-#define OBJ_F_OBJ_NID2LN				 102
-#define OBJ_F_OBJ_NID2OBJ				 103
-#define OBJ_F_OBJ_NID2SN				 104
-
-/* Reason codes. */
-#define OBJ_R_MALLOC_FAILURE				 100
-#define OBJ_R_UNKNOWN_NID				 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/objects/objects.pl b/crypto/openssl/crypto/objects/objects.pl
deleted file mode 100644
index 76c06cc8f9a2..000000000000
--- a/crypto/openssl/crypto/objects/objects.pl
+++ /dev/null
@@ -1,229 +0,0 @@
-#!/usr/local/bin/perl
-
-open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
-$max_nid=0;
-$o=0;
-while(<NUMIN>)
-	{
-	chop;
-	$o++;
-	s/#.*$//;
-	next if /^\s*$/;
-	$_ = 'X'.$_;
-	($Cname,$mynum) = split;
-	$Cname =~ s/^X//;
-	if (defined($nidn{$mynum}))
-		{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
-	$nid{$Cname} = $mynum;
-	$nidn{$mynum} = $Cname;
-	$order{$mynum} = $o;
-	$max_nid = $mynum if $mynum > $max_nid;
-	}
-close NUMIN;
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-$Cname="";
-$o=0;
-while (<IN>)
-	{
-	chop;
-	$o++;
-        if (/^!module\s+(.*)$/)
-		{
-		$module = $1."-";
-		$module =~ s/\./_/g;
-		$module =~ s/-/_/g;
-		}
-        if (/^!global$/)
-		{ $module = ""; }
-	if (/^!Cname\s+(.*)$/)
-		{ $Cname = $1; }
-	if (/^!Alias\s+(.+?)\s+(.*)$/)
-		{
-		$Cname = $module.$1;
-		$myoid = $2;
-		$myoid = &process_oid($myoid);
-		$Cname =~ s/-/_/g;
-		$ordern{$o} = $Cname;
-		$order{$Cname} = $o;
-		$obj{$Cname} = $myoid;
-		$_ = "";
-		$Cname = "";
-		}
-	s/!.*$//;
-	s/#.*$//;
-	next if /^\s*$/;
-	($myoid,$mysn,$myln) = split ':';
-	$mysn =~ s/^\s*//;
-	$mysn =~ s/\s*$//;
-	$myln =~ s/^\s*//;
-	$myln =~ s/\s*$//;
-	$myoid =~ s/^\s*//;
-	$myoid =~ s/\s*$//;
-	if ($myoid ne "")
-		{
-		$myoid = &process_oid($myoid);
-		}
-
-	if ($Cname eq "" && !($myln =~ / /))
-		{
-		$Cname = $myln;
-		$Cname =~ s/\./_/g;
-		$Cname =~ s/-/_/g;
-		if ($Cname ne "" && defined($ln{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	if ($Cname eq "")
-		{
-		$Cname = $mysn;
-		$Cname =~ s/-/_/g;
-		if ($Cname ne "" && defined($sn{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	if ($Cname eq "")
-		{
-		$Cname = $myln;
-		$Cname =~ s/-/_/g;
-		$Cname =~ s/\./_/g;
-		$Cname =~ s/ /_/g;
-		if ($Cname ne "" && defined($ln{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	$Cname =~ s/\./_/g;
-	$Cname =~ s/-/_/g;
-	$Cname = $module.$Cname;
-	$ordern{$o} = $Cname;
-	$order{$Cname} = $o;
-	$sn{$Cname} = $mysn;
-	$ln{$Cname} = $myln;
-	$obj{$Cname} = $myoid;
-	if (!defined($nid{$Cname}))
-		{
-		$max_nid++;
-		$nid{$Cname} = $max_nid;
-		$nidn{$max_nid} = $Cname;
-		}
-	$Cname="";
-	}
-close IN;
-
-open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-foreach (sort { $a <=> $b } keys %nidn)
-	{
-	print NUMOUT $nidn{$_},"\t\t",$_,"\n";
-	}
-close NUMOUT;
-
-open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
-print OUT <<'EOF';
-/* crypto/objects/obj_mac.h */
-
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef			"UNDEF"
-#define LN_undef			"undefined"
-#define NID_undef			0
-#define OBJ_undef			0L
-
-EOF
-
-foreach (sort { $a <=> $b } keys %ordern)
-	{
-	$Cname=$ordern{$_};
-	print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
-	print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
-	print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
-	print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
-	print OUT "\n";
-	}
-
-close OUT;
-
-sub process_oid
-	{
-	local($oid)=@_;
-	local(@a,$oid_pref);
-
-	@a = split(/\s+/,$myoid);
-	$pref_oid = "";
-	$pref_sep = "";
-	if (!($a[0] =~ /^[0-9]+$/))
-		{
-		$a[0] =~ s/-/_/g;
-		if (!defined($obj{$a[0]}))
-			{ die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
-		$pref_oid = "OBJ_" . $a[0];
-		$pref_sep = ",";
-		shift @a;
-		}
-	$oids = join('L,',@a) . "L";
-	if ($oids ne "L")
-		{
-		$oids = $pref_oid . $pref_sep . $oids;
-		}
-	else
-		{
-		$oids = $pref_oid;
-		}
-	return($oids);
-	}
diff --git a/crypto/openssl/crypto/objects/objects.txt b/crypto/openssl/crypto/objects/objects.txt
deleted file mode 100644
index 3ba11f65ccff..000000000000
--- a/crypto/openssl/crypto/objects/objects.txt
+++ /dev/null
@@ -1,916 +0,0 @@
-0			: CCITT			: ccitt
-
-1			: ISO			: iso
-
-2			: JOINT-ISO-CCITT	: joint-iso-ccitt
-
-iso 2			: member-body		: ISO Member Body
-
-joint-iso-ccitt 5 1 5	: selected-attribute-types	: Selected Attribute Types
-
-selected-attribute-types 55	: clearance
-
-member-body 840		: ISO-US		: ISO US Member Body
-ISO-US 10040		: X9-57			: X9.57
-X9-57 4			: X9cm			: X9.57 CM ?
-
-!Cname dsa
-X9cm 1			: DSA			: dsaEncryption
-X9cm 3			: DSA-SHA1		: dsaWithSHA1
-
-
-ISO-US 10045		: ansi-X9-62		: ANSI X9.62
-!module X9-62
-!Alias id-fieldType ansi-X9-62 1
-X9-62_id-fieldType 1		: prime-field
-X9-62_id-fieldType 2		: characteristic-two-field
-# ... characteristic-two-field OID subtree
-!Alias id-publicKeyType ansi-X9-62 2
-X9-62_id-publicKeyType 1	: id-ecPublicKey
-!Alias ellipticCurve ansi-X9-62 3
-!Alias c-TwoCurve X9-62_ellipticCurve 0
-# ... characteristic 2 curve OIDs
-!Alias primeCurve X9-62_ellipticCurve 1
-X9-62_primeCurve 1	 	: prime192v1
-X9-62_primeCurve 2	 	: prime192v2
-X9-62_primeCurve 3	 	: prime192v3
-X9-62_primeCurve 4	 	: prime239v1
-X9-62_primeCurve 5	 	: prime239v2
-X9-62_primeCurve 6	 	: prime239v3
-X9-62_primeCurve 7	 	: prime256v1
-!Alias id-ecSigType ansi-X9-62 4
-!global
-X9-62_id-ecSigType 1		: ecdsa-with-SHA1
-
-
-
-ISO-US 113533 7 66 10	: CAST5-CBC		: cast5-cbc
-			: CAST5-ECB		: cast5-ecb
-!Cname cast5-cfb64
-			: CAST5-CFB		: cast5-cfb
-!Cname cast5-ofb64
-			: CAST5-OFB		: cast5-ofb
-!Cname pbeWithMD5AndCast5-CBC
-ISO-US 113533 7 66 12	:			: pbeWithMD5AndCast5CBC
-
-ISO-US 113549		: rsadsi		: RSA Data Security, Inc.
-
-rsadsi 1		: pkcs			: RSA Data Security, Inc. PKCS
-
-pkcs 1			: pkcs1
-pkcs1 1			:			: rsaEncryption
-pkcs1 2			: RSA-MD2		: md2WithRSAEncryption
-pkcs1 3			: RSA-MD4		: md4WithRSAEncryption
-pkcs1 4			: RSA-MD5		: md5WithRSAEncryption
-pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption
-
-pkcs 3			: pkcs3
-pkcs3 1			:			: dhKeyAgreement
-
-pkcs 5			: pkcs5
-pkcs5 1			: PBE-MD2-DES		: pbeWithMD2AndDES-CBC
-pkcs5 3			: PBE-MD5-DES		: pbeWithMD5AndDES-CBC
-pkcs5 4			: PBE-MD2-RC2-64	: pbeWithMD2AndRC2-CBC
-pkcs5 6			: PBE-MD5-RC2-64	: pbeWithMD5AndRC2-CBC
-pkcs5 10		: PBE-SHA1-DES		: pbeWithSHA1AndDES-CBC
-pkcs5 11		: PBE-SHA1-RC2-64	: pbeWithSHA1AndRC2-CBC
-!Cname id_pbkdf2
-pkcs5 12		:			: PBKDF2
-!Cname pbes2
-pkcs5 13		:			: PBES2
-!Cname pbmac1
-pkcs5 14		:			: PBMAC1
-
-pkcs 7			: pkcs7
-pkcs7 1			:			: pkcs7-data
-!Cname pkcs7-signed
-pkcs7 2			:			: pkcs7-signedData
-!Cname pkcs7-enveloped
-pkcs7 3			:			: pkcs7-envelopedData
-!Cname pkcs7-signedAndEnveloped
-pkcs7 4			:			: pkcs7-signedAndEnvelopedData
-!Cname pkcs7-digest
-pkcs7 5			:			: pkcs7-digestData
-!Cname pkcs7-encrypted
-pkcs7 6			:			: pkcs7-encryptedData
-
-pkcs 9			: pkcs9
-!module pkcs9
-pkcs9 1			: 			: emailAddress
-pkcs9 2			:			: unstructuredName
-pkcs9 3			:			: contentType
-pkcs9 4			:			: messageDigest
-pkcs9 5			:			: signingTime
-pkcs9 6			:			: countersignature
-pkcs9 7			:			: challengePassword
-pkcs9 8			:			: unstructuredAddress
-!Cname extCertAttributes
-pkcs9 9			:			: extendedCertificateAttributes
-!global
-
-!Cname ext-req
-pkcs9 14		: extReq		: Extension Request
-
-!Cname SMIMECapabilities
-pkcs9 15		: SMIME-CAPS		: S/MIME Capabilities
-
-# S/MIME
-!Cname SMIME
-pkcs9 16		: SMIME			: S/MIME
-SMIME 0			: id-smime-mod
-SMIME 1			: id-smime-ct
-SMIME 2			: id-smime-aa
-SMIME 3			: id-smime-alg
-SMIME 4			: id-smime-cd
-SMIME 5			: id-smime-spq
-SMIME 6			: id-smime-cti
-
-# S/MIME Modules
-id-smime-mod 1		: id-smime-mod-cms
-id-smime-mod 2		: id-smime-mod-ess
-id-smime-mod 3		: id-smime-mod-oid
-id-smime-mod 4		: id-smime-mod-msg-v3
-id-smime-mod 5		: id-smime-mod-ets-eSignature-88
-id-smime-mod 6		: id-smime-mod-ets-eSignature-97
-id-smime-mod 7		: id-smime-mod-ets-eSigPolicy-88
-id-smime-mod 8		: id-smime-mod-ets-eSigPolicy-97
-
-# S/MIME Content Types
-id-smime-ct 1		: id-smime-ct-receipt
-id-smime-ct 2		: id-smime-ct-authData
-id-smime-ct 3		: id-smime-ct-publishCert
-id-smime-ct 4		: id-smime-ct-TSTInfo
-id-smime-ct 5		: id-smime-ct-TDTInfo
-id-smime-ct 6		: id-smime-ct-contentInfo
-id-smime-ct 7		: id-smime-ct-DVCSRequestData
-id-smime-ct 8		: id-smime-ct-DVCSResponseData
-
-# S/MIME Attributes
-id-smime-aa 1		: id-smime-aa-receiptRequest
-id-smime-aa 2		: id-smime-aa-securityLabel
-id-smime-aa 3		: id-smime-aa-mlExpandHistory
-id-smime-aa 4		: id-smime-aa-contentHint
-id-smime-aa 5		: id-smime-aa-msgSigDigest
-# obsolete
-id-smime-aa 6		: id-smime-aa-encapContentType
-id-smime-aa 7		: id-smime-aa-contentIdentifier
-# obsolete
-id-smime-aa 8		: id-smime-aa-macValue
-id-smime-aa 9		: id-smime-aa-equivalentLabels
-id-smime-aa 10		: id-smime-aa-contentReference
-id-smime-aa 11		: id-smime-aa-encrypKeyPref
-id-smime-aa 12		: id-smime-aa-signingCertificate
-id-smime-aa 13		: id-smime-aa-smimeEncryptCerts
-id-smime-aa 14		: id-smime-aa-timeStampToken
-id-smime-aa 15		: id-smime-aa-ets-sigPolicyId
-id-smime-aa 16		: id-smime-aa-ets-commitmentType
-id-smime-aa 17		: id-smime-aa-ets-signerLocation
-id-smime-aa 18		: id-smime-aa-ets-signerAttr
-id-smime-aa 19		: id-smime-aa-ets-otherSigCert
-id-smime-aa 20		: id-smime-aa-ets-contentTimestamp
-id-smime-aa 21		: id-smime-aa-ets-CertificateRefs
-id-smime-aa 22		: id-smime-aa-ets-RevocationRefs
-id-smime-aa 23		: id-smime-aa-ets-certValues
-id-smime-aa 24		: id-smime-aa-ets-revocationValues
-id-smime-aa 25		: id-smime-aa-ets-escTimeStamp
-id-smime-aa 26		: id-smime-aa-ets-certCRLTimestamp
-id-smime-aa 27		: id-smime-aa-ets-archiveTimeStamp
-id-smime-aa 28		: id-smime-aa-signatureType
-id-smime-aa 29		: id-smime-aa-dvcs-dvc
-
-# S/MIME Algorithm Identifiers
-# obsolete
-id-smime-alg 1		: id-smime-alg-ESDHwith3DES
-# obsolete
-id-smime-alg 2		: id-smime-alg-ESDHwithRC2
-# obsolete
-id-smime-alg 3		: id-smime-alg-3DESwrap
-# obsolete
-id-smime-alg 4		: id-smime-alg-RC2wrap
-id-smime-alg 5		: id-smime-alg-ESDH
-id-smime-alg 6		: id-smime-alg-CMS3DESwrap
-id-smime-alg 7		: id-smime-alg-CMSRC2wrap
-
-# S/MIME Certificate Distribution
-id-smime-cd 1		: id-smime-cd-ldap
-
-# S/MIME Signature Policy Qualifier
-id-smime-spq 1		: id-smime-spq-ets-sqt-uri
-id-smime-spq 2		: id-smime-spq-ets-sqt-unotice
-
-# S/MIME Commitment Type Identifier
-id-smime-cti 1		: id-smime-cti-ets-proofOfOrigin
-id-smime-cti 2		: id-smime-cti-ets-proofOfReceipt
-id-smime-cti 3		: id-smime-cti-ets-proofOfDelivery
-id-smime-cti 4		: id-smime-cti-ets-proofOfSender
-id-smime-cti 5		: id-smime-cti-ets-proofOfApproval
-id-smime-cti 6		: id-smime-cti-ets-proofOfCreation
-
-pkcs9 20		:			: friendlyName
-pkcs9 21		:			: localKeyID
-!Cname ms-csp-name
-1 3 6 1 4 1 311 17 1	: CSPName		: Microsoft CSP Name
-!Alias certTypes pkcs9 22
-certTypes 1		:			: x509Certificate
-certTypes 2		:			: sdsiCertificate
-!Alias crlTypes pkcs9 23
-crlTypes 1		:			: x509Crl
-
-!Alias pkcs12 pkcs 12
-!Alias pkcs12-pbeids pkcs12 1
-
-!Cname pbe-WithSHA1And128BitRC4
-pkcs12-pbeids 1		: PBE-SHA1-RC4-128	: pbeWithSHA1And128BitRC4
-!Cname pbe-WithSHA1And40BitRC4
-pkcs12-pbeids 2		: PBE-SHA1-RC4-40	: pbeWithSHA1And40BitRC4
-!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
-pkcs12-pbeids 3		: PBE-SHA1-3DES		: pbeWithSHA1And3-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
-pkcs12-pbeids 4		: PBE-SHA1-2DES		: pbeWithSHA1And2-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And128BitRC2-CBC
-pkcs12-pbeids 5		: PBE-SHA1-RC2-128	: pbeWithSHA1And128BitRC2-CBC
-!Cname pbe-WithSHA1And40BitRC2-CBC
-pkcs12-pbeids 6		: PBE-SHA1-RC2-40	: pbeWithSHA1And40BitRC2-CBC
-
-!Alias pkcs12-Version1 pkcs12 10
-!Alias pkcs12-BagIds pkcs12-Version1 1
-pkcs12-BagIds 1		:			: keyBag
-pkcs12-BagIds 2		:			: pkcs8ShroudedKeyBag
-pkcs12-BagIds 3		:			: certBag
-pkcs12-BagIds 4		:			: crlBag
-pkcs12-BagIds 5		:			: secretBag
-pkcs12-BagIds 6		:			: safeContentsBag
-
-rsadsi 2 2		: MD2			: md2
-rsadsi 2 4		: MD4			: md4
-rsadsi 2 5		: MD5			: md5
-			: MD5-SHA1		: md5-sha1
-rsadsi 2 7		:			: hmacWithSHA1
-rsadsi 3 2		: RC2-CBC		: rc2-cbc
-			: RC2-ECB		: rc2-ecb
-!Cname rc2-cfb64
-			: RC2-CFB		: rc2-cfb
-!Cname rc2-ofb64
-			: RC2-OFB		: rc2-ofb
-			: RC2-40-CBC		: rc2-40-cbc
-			: RC2-64-CBC		: rc2-64-cbc
-rsadsi 3 4		: RC4			: rc4
-			: RC4-40		: rc4-40
-rsadsi 3 7		: DES-EDE3-CBC		: des-ede3-cbc
-rsadsi 3 8		: RC5-CBC		: rc5-cbc
-			: RC5-ECB		: rc5-ecb
-!Cname rc5-cfb64
-			: RC5-CFB		: rc5-cfb
-!Cname rc5-ofb64
-			: RC5-OFB		: rc5-ofb
-
-!Cname ms-ext-req
-1 3 6 1 4 1 311 2 1 14	: msExtReq		: Microsoft Extension Request
-!Cname ms-code-ind
-1 3 6 1 4 1 311 2 1 21	: msCodeInd		: Microsoft Individual Code Signing
-!Cname ms-code-com
-1 3 6 1 4 1 311 2 1 22	: msCodeCom		: Microsoft Commercial Code Signing
-!Cname ms-ctl-sign
-1 3 6 1 4 1 311 10 3 1	: msCTLSign		: Microsoft Trust List Signing
-!Cname ms-sgc
-1 3 6 1 4 1 311 10 3 3	: msSGC			: Microsoft Server Gated Crypto
-!Cname ms-efs
-1 3 6 1 4 1 311 10 3 4	: msEFS			: Microsoft Encrypted File System
-!Cname ms-smartcard-login
-1 3 6 1 4 1 311 20 2 2	: msSmartcardLogin	: Microsoft Smartcardlogin
-!Cname ms-upn
-1 3 6 1 4 1 311 20 2 3	: msUPN			: Microsoft Universal Principal Name
-
-1 3 6 1 4 1 188 7 1 1 2	: IDEA-CBC		: idea-cbc
-			: IDEA-ECB		: idea-ecb
-!Cname idea-cfb64
-			: IDEA-CFB		: idea-cfb
-!Cname idea-ofb64
-			: IDEA-OFB		: idea-ofb
-
-1 3 6 1 4 1 3029 1 2	: BF-CBC		: bf-cbc
-			: BF-ECB		: bf-ecb
-!Cname bf-cfb64
-			: BF-CFB		: bf-cfb
-!Cname bf-ofb64
-			: BF-OFB		: bf-ofb
-
-!Cname id-pkix
-1 3 6 1 5 5 7		: PKIX
-
-# PKIX Arcs
-id-pkix 0		: id-pkix-mod
-id-pkix 1		: id-pe
-id-pkix 2		: id-qt
-id-pkix 3		: id-kp
-id-pkix 4		: id-it
-id-pkix 5		: id-pkip
-id-pkix 6		: id-alg
-id-pkix 7		: id-cmc
-id-pkix 8		: id-on
-id-pkix 9		: id-pda
-id-pkix 10		: id-aca
-id-pkix 11		: id-qcs
-id-pkix 12		: id-cct
-id-pkix 48		: id-ad
-
-# PKIX Modules
-id-pkix-mod 1		: id-pkix1-explicit-88
-id-pkix-mod 2		: id-pkix1-implicit-88
-id-pkix-mod 3		: id-pkix1-explicit-93
-id-pkix-mod 4		: id-pkix1-implicit-93
-id-pkix-mod 5		: id-mod-crmf
-id-pkix-mod 6		: id-mod-cmc
-id-pkix-mod 7		: id-mod-kea-profile-88
-id-pkix-mod 8		: id-mod-kea-profile-93
-id-pkix-mod 9		: id-mod-cmp
-id-pkix-mod 10		: id-mod-qualified-cert-88
-id-pkix-mod 11		: id-mod-qualified-cert-93
-id-pkix-mod 12		: id-mod-attribute-cert
-id-pkix-mod 13		: id-mod-timestamp-protocol
-id-pkix-mod 14		: id-mod-ocsp
-id-pkix-mod 15		: id-mod-dvcs
-id-pkix-mod 16		: id-mod-cmp2000
-
-# PKIX Private Extensions
-!Cname info-access
-id-pe 1			: authorityInfoAccess	: Authority Information Access
-id-pe 2			: biometricInfo		: Biometric Info
-id-pe 3			: qcStatements
-id-pe 4			: ac-auditEntity
-id-pe 5			: ac-targeting
-id-pe 6			: aaControls
-id-pe 7			: sbqp-ipAddrBlock
-id-pe 8			: sbqp-autonomousSysNum
-id-pe 9			: sbqp-routerIdentifier
-id-pe 10		: ac-proxying
-!Cname sinfo-access
-id-pe 11		: subjectInfoAccess	: Subject Information Access
-
-# PKIX policyQualifiers for Internet policy qualifiers
-id-qt 1			: id-qt-cps		: Policy Qualifier CPS
-id-qt 2			: id-qt-unotice		: Policy Qualifier User Notice
-id-qt 3			: textNotice
-
-# PKIX key purpose identifiers
-!Cname server-auth
-id-kp 1			: serverAuth		: TLS Web Server Authentication
-!Cname client-auth
-id-kp 2			: clientAuth		: TLS Web Client Authentication
-!Cname code-sign
-id-kp 3			: codeSigning		: Code Signing
-!Cname email-protect
-id-kp 4			: emailProtection	: E-mail Protection
-id-kp 5			: ipsecEndSystem	: IPSec End System
-id-kp 6			: ipsecTunnel		: IPSec Tunnel
-id-kp 7			: ipsecUser		: IPSec User
-!Cname time-stamp
-id-kp 8			: timeStamping		: Time Stamping
-# From OCSP spec RFC2560
-!Cname OCSP-sign
-id-kp 9			: OCSPSigning		: OCSP Signing
-id-kp 10		: DVCS			: dvcs
-
-# CMP information types
-id-it 1			: id-it-caProtEncCert
-id-it 2			: id-it-signKeyPairTypes
-id-it 3			: id-it-encKeyPairTypes
-id-it 4			: id-it-preferredSymmAlg
-id-it 5			: id-it-caKeyUpdateInfo
-id-it 6			: id-it-currentCRL
-id-it 7			: id-it-unsupportedOIDs
-# obsolete
-id-it 8			: id-it-subscriptionRequest
-# obsolete
-id-it 9			: id-it-subscriptionResponse
-id-it 10		: id-it-keyPairParamReq
-id-it 11		: id-it-keyPairParamRep
-id-it 12		: id-it-revPassphrase
-id-it 13		: id-it-implicitConfirm
-id-it 14		: id-it-confirmWaitTime
-id-it 15		: id-it-origPKIMessage
-
-# CRMF registration
-id-pkip 1		: id-regCtrl
-id-pkip 2		: id-regInfo
-
-# CRMF registration controls
-id-regCtrl 1		: id-regCtrl-regToken
-id-regCtrl 2		: id-regCtrl-authenticator
-id-regCtrl 3		: id-regCtrl-pkiPublicationInfo
-id-regCtrl 4		: id-regCtrl-pkiArchiveOptions
-id-regCtrl 5		: id-regCtrl-oldCertID
-id-regCtrl 6		: id-regCtrl-protocolEncrKey
-
-# CRMF registration information
-id-regInfo 1		: id-regInfo-utf8Pairs
-id-regInfo 2		: id-regInfo-certReq
-
-# algorithms
-id-alg 1		: id-alg-des40
-id-alg 2		: id-alg-noSignature
-id-alg 3		: id-alg-dh-sig-hmac-sha1
-id-alg 4		: id-alg-dh-pop
-
-# CMC controls
-id-cmc 1		: id-cmc-statusInfo
-id-cmc 2		: id-cmc-identification
-id-cmc 3		: id-cmc-identityProof
-id-cmc 4		: id-cmc-dataReturn
-id-cmc 5		: id-cmc-transactionId
-id-cmc 6		: id-cmc-senderNonce
-id-cmc 7		: id-cmc-recipientNonce
-id-cmc 8		: id-cmc-addExtensions
-id-cmc 9		: id-cmc-encryptedPOP
-id-cmc 10		: id-cmc-decryptedPOP
-id-cmc 11		: id-cmc-lraPOPWitness
-id-cmc 15		: id-cmc-getCert
-id-cmc 16		: id-cmc-getCRL
-id-cmc 17		: id-cmc-revokeRequest
-id-cmc 18		: id-cmc-regInfo
-id-cmc 19		: id-cmc-responseInfo
-id-cmc 21		: id-cmc-queryPending
-id-cmc 22		: id-cmc-popLinkRandom
-id-cmc 23		: id-cmc-popLinkWitness
-id-cmc 24		: id-cmc-confirmCertAcceptance 
-
-# other names
-id-on 1			: id-on-personalData
-
-# personal data attributes
-id-pda 1		: id-pda-dateOfBirth
-id-pda 2		: id-pda-placeOfBirth
-id-pda 3		: id-pda-gender
-id-pda 4		: id-pda-countryOfCitizenship
-id-pda 5		: id-pda-countryOfResidence
-
-# attribute certificate attributes
-id-aca 1		: id-aca-authenticationInfo
-id-aca 2		: id-aca-accessIdentity
-id-aca 3		: id-aca-chargingIdentity
-id-aca 4		: id-aca-group
-# attention : the following seems to be obsolete, replace by 'role'
-id-aca 5		: id-aca-role
-id-aca 6		: id-aca-encAttrs
-
-# qualified certificate statements
-id-qcs 1		: id-qcs-pkixQCSyntax-v1
-
-# CMC content types
-id-cct 1		: id-cct-crs
-id-cct 2		: id-cct-PKIData
-id-cct 3		: id-cct-PKIResponse
-
-# access descriptors for authority info access extension
-!Cname ad-OCSP
-id-ad 1			: OCSP			: OCSP
-!Cname ad-ca-issuers
-id-ad 2			: caIssuers		: CA Issuers
-!Cname ad-timeStamping
-id-ad 3			: ad_timestamping	: AD Time Stamping
-!Cname ad-dvcs
-id-ad 4			: AD_DVCS		: ad dvcs
-
-
-!Alias id-pkix-OCSP ad-OCSP
-!module id-pkix-OCSP
-!Cname basic
-id-pkix-OCSP 1		: basicOCSPResponse	: Basic OCSP Response
-id-pkix-OCSP 2		: Nonce			: OCSP Nonce
-id-pkix-OCSP 3		: CrlID			: OCSP CRL ID
-id-pkix-OCSP 4		: acceptableResponses	: Acceptable OCSP Responses
-id-pkix-OCSP 5		: noCheck		: OCSP No Check
-id-pkix-OCSP 6		: archiveCutoff		: OCSP Archive Cutoff
-id-pkix-OCSP 7		: serviceLocator	: OCSP Service Locator
-id-pkix-OCSP 8		: extendedStatus	: Extended OCSP Status
-id-pkix-OCSP 9		: valid
-id-pkix-OCSP 10		: path
-id-pkix-OCSP 11		: trustRoot		: Trust Root
-!global
-
-1 3 14 3 2		: algorithm		: algorithm
-algorithm 3		: RSA-NP-MD5		: md5WithRSA
-algorithm 6		: DES-ECB		: des-ecb
-algorithm 7		: DES-CBC		: des-cbc
-!Cname des-ofb64
-algorithm 8		: DES-OFB		: des-ofb
-!Cname des-cfb64
-algorithm 9		: DES-CFB		: des-cfb
-algorithm 11		: rsaSignature
-!Cname dsa-2
-algorithm 12		: DSA-old		: dsaEncryption-old
-algorithm 13		: DSA-SHA		: dsaWithSHA
-algorithm 15		: RSA-SHA		: shaWithRSAEncryption
-!Cname des-ede-ecb
-algorithm 17		: DES-EDE		: des-ede
-!Cname des-ede3-ecb
-			: DES-EDE3		: des-ede3
-			: DES-EDE-CBC		: des-ede-cbc
-!Cname des-ede-cfb64
-			: DES-EDE-CFB		: des-ede-cfb
-!Cname des-ede3-cfb64
-			: DES-EDE3-CFB		: des-ede3-cfb
-!Cname des-ede-ofb64
-			: DES-EDE-OFB		: des-ede-ofb
-!Cname des-ede3-ofb64
-			: DES-EDE3-OFB		: des-ede3-ofb
-			: DESX-CBC		: desx-cbc
-algorithm 18		: SHA			: sha
-algorithm 26		: SHA1			: sha1
-!Cname dsaWithSHA1-2
-algorithm 27		: DSA-SHA1-old		: dsaWithSHA1-old
-algorithm 29		: RSA-SHA1-2		: sha1WithRSA
-
-1 3 36 3 2 1		: RIPEMD160		: ripemd160
-1 3 36 3 3 1 2		: RSA-RIPEMD160		: ripemd160WithRSA
-
-!Cname sxnet
-1 3 101 1 4 1		: SXNetID		: Strong Extranet ID
-
-2 5			: X500			: directory services (X.500)
-
-X500 4			: X509
-X509 3			: CN			: commonName
-X509 4			: SN			: surname
-X509 5			: 			: serialNumber
-X509 6			: C			: countryName
-X509 7			: L			: localityName
-X509 8			: ST			: stateOrProvinceName
-X509 10			: O			: organizationName
-X509 11			: OU			: organizationalUnitName
-X509 12			: 			: title
-X509 13			: 			: description
-X509 41			: name			: name
-X509 42			: GN			: givenName
-X509 43			: 			: initials
-X509 44			: 			: generationQualifier
-X509 45			: 			: x500UniqueIdentifier
-X509 46			: dnQualifier		: dnQualifier
-X509 65			:			: pseudonym
-X509 72			: role			: role
-
-X500 8			: X500algorithms	: directory services - algorithms
-X500algorithms 1 1	: RSA			: rsa
-X500algorithms 3 100	: RSA-MDC2		: mdc2WithRSA
-X500algorithms 3 101	: MDC2			: mdc2
-
-X500 29			: id-ce
-!Cname subject-key-identifier
-id-ce 14		: subjectKeyIdentifier	: X509v3 Subject Key Identifier
-!Cname key-usage
-id-ce 15		: keyUsage		: X509v3 Key Usage
-!Cname private-key-usage-period
-id-ce 16		: privateKeyUsagePeriod	: X509v3 Private Key Usage Period
-!Cname subject-alt-name
-id-ce 17		: subjectAltName	: X509v3 Subject Alternative Name
-!Cname issuer-alt-name
-id-ce 18		: issuerAltName		: X509v3 Issuer Alternative Name
-!Cname basic-constraints
-id-ce 19		: basicConstraints	: X509v3 Basic Constraints
-!Cname crl-number
-id-ce 20		: crlNumber		: X509v3 CRL Number
-!Cname crl-reason
-id-ce 21		: CRLReason		: X509v3 CRL Reason Code
-!Cname invalidity-date
-id-ce 24		: invalidityDate	: Invalidity Date
-!Cname delta-crl
-id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
-!Cname crl-distribution-points
-id-ce 31		: crlDistributionPoints	: X509v3 CRL Distribution Points
-!Cname certificate-policies
-id-ce 32		: certificatePolicies	: X509v3 Certificate Policies
-!Cname authority-key-identifier
-id-ce 35		: authorityKeyIdentifier : X509v3 Authority Key Identifier
-!Cname policy-constraints
-id-ce 36		: policyConstraints	: X509v3 Policy Constraints
-!Cname ext-key-usage
-id-ce 37		: extendedKeyUsage	: X509v3 Extended Key Usage
-!Cname target-information
-id-ce 55		: targetInformation	: X509v3 AC Targeting
-!Cname no-rev-avail
-id-ce 56		: noRevAvail		: X509v3 No Revocation Available
-
-!Cname netscape
-2 16 840 1 113730	: Netscape		: Netscape Communications Corp.
-!Cname netscape-cert-extension
-netscape 1		: nsCertExt		: Netscape Certificate Extension
-!Cname netscape-data-type
-netscape 2		: nsDataType		: Netscape Data Type
-!Cname netscape-cert-type
-netscape-cert-extension 1 : nsCertType		: Netscape Cert Type
-!Cname netscape-base-url
-netscape-cert-extension 2 : nsBaseUrl		: Netscape Base Url
-!Cname netscape-revocation-url
-netscape-cert-extension 3 : nsRevocationUrl	: Netscape Revocation Url
-!Cname netscape-ca-revocation-url
-netscape-cert-extension 4 : nsCaRevocationUrl	: Netscape CA Revocation Url
-!Cname netscape-renewal-url
-netscape-cert-extension 7 : nsRenewalUrl	: Netscape Renewal Url
-!Cname netscape-ca-policy-url
-netscape-cert-extension 8 : nsCaPolicyUrl	: Netscape CA Policy Url
-!Cname netscape-ssl-server-name
-netscape-cert-extension 12 : nsSslServerName	: Netscape SSL Server Name
-!Cname netscape-comment
-netscape-cert-extension 13 : nsComment		: Netscape Comment
-!Cname netscape-cert-sequence
-netscape-data-type 5	: nsCertSequence	: Netscape Certificate Sequence
-!Cname ns-sgc
-netscape 4 1		: nsSGC			: Netscape Server Gated Crypto
-
-# iso(1)
-iso 3			: ORG			: org
-org 6			: DOD			: dod
-dod 1			: IANA			: iana
-!Alias internet iana
-
-internet 1		: directory		: Directory
-internet 2		: mgmt			: Management
-internet 3		: experimental		: Experimental
-internet 4		: private		: Private
-internet 5		: security		: Security
-internet 6		: snmpv2		: SNMPv2
-# Documents refer to "internet 7" as "mail". This however leads to ambiguities
-# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
-# rfc822Mailbox. The short name is therefore here left out for a reason.
-# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
-# references are realized via long name "Mail" (with capital M).
-internet 7		:			: Mail
-
-Private 1		: enterprises		: Enterprises
-
-# RFC 2247
-Enterprises 1466 344	: dcobject		: dcObject
-
-# RFC 1495
-Mail 1			: mime-mhs		: MIME MHS
-mime-mhs 1		: mime-mhs-headings	: mime-mhs-headings
-mime-mhs 2		: mime-mhs-bodies	: mime-mhs-bodies
-mime-mhs-headings 1	: id-hex-partial-message : id-hex-partial-message
-mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
-
-# What the hell are these OIDs, really?
-!Cname rle-compression
-1 1 1 1 666 1		: RLE			: run length compression
-!Cname zlib-compression
-1 1 1 1 666 2		: ZLIB			: zlib compression
-
-# AES aka Rijndael
-
-!Alias csor 2 16 840 1 101 3
-!Alias nistAlgorithms csor 4
-!Alias aes nistAlgorithms 1
-
-aes 1			: AES-128-ECB		: aes-128-ecb
-aes 2			: AES-128-CBC		: aes-128-cbc
-!Cname aes-128-ofb128
-aes 3			: AES-128-OFB		: aes-128-ofb
-!Cname aes-128-cfb128
-aes 4			: AES-128-CFB		: aes-128-cfb
-
-aes 21			: AES-192-ECB		: aes-192-ecb
-aes 22			: AES-192-CBC		: aes-192-cbc
-!Cname aes-192-ofb128
-aes 23			: AES-192-OFB		: aes-192-ofb
-!Cname aes-192-cfb128
-aes 24			: AES-192-CFB		: aes-192-cfb
-
-aes 41			: AES-256-ECB		: aes-256-ecb
-aes 42			: AES-256-CBC		: aes-256-cbc
-!Cname aes-256-ofb128
-aes 43			: AES-256-OFB		: aes-256-ofb
-!Cname aes-256-cfb128
-aes 44			: AES-256-CFB		: aes-256-cfb
-
-# Hold instruction CRL entry extension
-!Cname hold-instruction-code
-id-ce 23		: holdInstructionCode	: Hold Instruction Code
-!Alias holdInstruction	X9-57 2
-!Cname hold-instruction-none
-holdInstruction 1	: holdInstructionNone	: Hold Instruction None
-!Cname hold-instruction-call-issuer
-holdInstruction 2	: holdInstructionCallIssuer : Hold Instruction Call Issuer
-!Cname hold-instruction-reject
-holdInstruction 3	: holdInstructionReject	: Hold Instruction Reject
-
-# OID's from CCITT.  Most of this is defined in RFC 1274.  A couple of
-# them are also mentioned in RFC 2247
-ccitt 9			: data
-data 2342		: pss
-pss 19200300		: ucl
-ucl 100			: pilot
-pilot 1			:			: pilotAttributeType
-pilot 3			:			: pilotAttributeSyntax
-pilot 4			:			: pilotObjectClass
-pilot 10		:			: pilotGroups
-pilotAttributeSyntax 4	:			: iA5StringSyntax
-pilotAttributeSyntax 5	:			: caseIgnoreIA5StringSyntax
-pilotObjectClass 3	:			: pilotObject
-pilotObjectClass 4	:			: pilotPerson
-pilotObjectClass 5	: account
-pilotObjectClass 6	: document
-pilotObjectClass 7	: room
-pilotObjectClass 9	:			: documentSeries
-pilotObjectClass 13	: domain		: Domain
-pilotObjectClass 14	:			: rFC822localPart
-pilotObjectClass 15	:			: dNSDomain
-pilotObjectClass 17	:			: domainRelatedObject
-pilotObjectClass 18	:			: friendlyCountry
-pilotObjectClass 19	:			: simpleSecurityObject
-pilotObjectClass 20	:			: pilotOrganization
-pilotObjectClass 21	:			: pilotDSA
-pilotObjectClass 22	:			: qualityLabelledData
-pilotAttributeType 1	: UID			: userId
-pilotAttributeType 2	:			: textEncodedORAddress
-pilotAttributeType 3	: mail			: rfc822Mailbox
-pilotAttributeType 4	: info
-pilotAttributeType 5	:			: favouriteDrink
-pilotAttributeType 6	:			: roomNumber
-pilotAttributeType 7	: photo
-pilotAttributeType 8	:			: userClass
-pilotAttributeType 9	: host
-pilotAttributeType 10	: manager
-pilotAttributeType 11	:			: documentIdentifier
-pilotAttributeType 12	:			: documentTitle
-pilotAttributeType 13	:			: documentVersion
-pilotAttributeType 14	:			: documentAuthor
-pilotAttributeType 15	:			: documentLocation
-pilotAttributeType 20	:			: homeTelephoneNumber
-pilotAttributeType 21	: secretary
-pilotAttributeType 22	:			: otherMailbox
-pilotAttributeType 23	:			: lastModifiedTime
-pilotAttributeType 24	:			: lastModifiedBy
-pilotAttributeType 25	: DC			: domainComponent
-pilotAttributeType 26	:			: aRecord
-pilotAttributeType 27	:			: pilotAttributeType27
-pilotAttributeType 28	:			: mXRecord
-pilotAttributeType 29	:			: nSRecord
-pilotAttributeType 30	:			: sOARecord
-pilotAttributeType 31	:			: cNAMERecord
-pilotAttributeType 37	:			: associatedDomain
-pilotAttributeType 38	:			: associatedName
-pilotAttributeType 39	:			: homePostalAddress
-pilotAttributeType 40	:			: personalTitle
-pilotAttributeType 41	:			: mobileTelephoneNumber
-pilotAttributeType 42	:			: pagerTelephoneNumber
-pilotAttributeType 43	:			: friendlyCountryName
-# The following clashes with 2.5.4.45, so commented away
-#pilotAttributeType 44	: uid			: uniqueIdentifier
-pilotAttributeType 45	:			: organizationalStatus
-pilotAttributeType 46	:			: janetMailbox
-pilotAttributeType 47	:			: mailPreferenceOption
-pilotAttributeType 48	:			: buildingName
-pilotAttributeType 49	:			: dSAQuality
-pilotAttributeType 50	:			: singleLevelQuality
-pilotAttributeType 51	:			: subtreeMinimumQuality
-pilotAttributeType 52	:			: subtreeMaximumQuality
-pilotAttributeType 53	:			: personalSignature
-pilotAttributeType 54	:			: dITRedirect
-pilotAttributeType 55	: audio
-pilotAttributeType 56	:			: documentPublisher
-
-2 23 42			: id-set		: Secure Electronic Transactions
-
-id-set 0		: set-ctype		: content types
-id-set 1		: set-msgExt		: message extensions
-id-set 3		: set-attr
-id-set 5		: set-policy
-id-set 7		: set-certExt		: certificate extensions
-id-set 8		: set-brand
-
-set-ctype 0		: setct-PANData
-set-ctype 1		: setct-PANToken
-set-ctype 2		: setct-PANOnly
-set-ctype 3		: setct-OIData
-set-ctype 4		: setct-PI
-set-ctype 5		: setct-PIData
-set-ctype 6		: setct-PIDataUnsigned
-set-ctype 7		: setct-HODInput
-set-ctype 8		: setct-AuthResBaggage
-set-ctype 9		: setct-AuthRevReqBaggage
-set-ctype 10		: setct-AuthRevResBaggage
-set-ctype 11		: setct-CapTokenSeq
-set-ctype 12		: setct-PInitResData
-set-ctype 13		: setct-PI-TBS
-set-ctype 14		: setct-PResData
-set-ctype 16		: setct-AuthReqTBS
-set-ctype 17		: setct-AuthResTBS
-set-ctype 18		: setct-AuthResTBSX
-set-ctype 19		: setct-AuthTokenTBS
-set-ctype 20		: setct-CapTokenData
-set-ctype 21		: setct-CapTokenTBS
-set-ctype 22		: setct-AcqCardCodeMsg
-set-ctype 23		: setct-AuthRevReqTBS
-set-ctype 24		: setct-AuthRevResData
-set-ctype 25		: setct-AuthRevResTBS
-set-ctype 26		: setct-CapReqTBS
-set-ctype 27		: setct-CapReqTBSX
-set-ctype 28		: setct-CapResData
-set-ctype 29		: setct-CapRevReqTBS
-set-ctype 30		: setct-CapRevReqTBSX
-set-ctype 31		: setct-CapRevResData
-set-ctype 32		: setct-CredReqTBS
-set-ctype 33		: setct-CredReqTBSX
-set-ctype 34		: setct-CredResData
-set-ctype 35		: setct-CredRevReqTBS
-set-ctype 36		: setct-CredRevReqTBSX
-set-ctype 37		: setct-CredRevResData
-set-ctype 38		: setct-PCertReqData
-set-ctype 39		: setct-PCertResTBS
-set-ctype 40		: setct-BatchAdminReqData
-set-ctype 41		: setct-BatchAdminResData
-set-ctype 42		: setct-CardCInitResTBS
-set-ctype 43		: setct-MeAqCInitResTBS
-set-ctype 44		: setct-RegFormResTBS
-set-ctype 45		: setct-CertReqData
-set-ctype 46		: setct-CertReqTBS
-set-ctype 47		: setct-CertResData
-set-ctype 48		: setct-CertInqReqTBS
-set-ctype 49		: setct-ErrorTBS
-set-ctype 50		: setct-PIDualSignedTBE
-set-ctype 51		: setct-PIUnsignedTBE
-set-ctype 52		: setct-AuthReqTBE
-set-ctype 53		: setct-AuthResTBE
-set-ctype 54		: setct-AuthResTBEX
-set-ctype 55		: setct-AuthTokenTBE
-set-ctype 56		: setct-CapTokenTBE
-set-ctype 57		: setct-CapTokenTBEX
-set-ctype 58		: setct-AcqCardCodeMsgTBE
-set-ctype 59		: setct-AuthRevReqTBE
-set-ctype 60		: setct-AuthRevResTBE
-set-ctype 61		: setct-AuthRevResTBEB
-set-ctype 62		: setct-CapReqTBE
-set-ctype 63		: setct-CapReqTBEX
-set-ctype 64		: setct-CapResTBE
-set-ctype 65		: setct-CapRevReqTBE
-set-ctype 66		: setct-CapRevReqTBEX
-set-ctype 67		: setct-CapRevResTBE
-set-ctype 68		: setct-CredReqTBE
-set-ctype 69		: setct-CredReqTBEX
-set-ctype 70		: setct-CredResTBE
-set-ctype 71		: setct-CredRevReqTBE
-set-ctype 72		: setct-CredRevReqTBEX
-set-ctype 73		: setct-CredRevResTBE
-set-ctype 74		: setct-BatchAdminReqTBE
-set-ctype 75		: setct-BatchAdminResTBE
-set-ctype 76		: setct-RegFormReqTBE
-set-ctype 77		: setct-CertReqTBE
-set-ctype 78		: setct-CertReqTBEX
-set-ctype 79		: setct-CertResTBE
-set-ctype 80		: setct-CRLNotificationTBS
-set-ctype 81		: setct-CRLNotificationResTBS
-set-ctype 82		: setct-BCIDistributionTBS
-
-set-msgExt 1		: setext-genCrypt	: generic cryptogram
-set-msgExt 3		: setext-miAuth		: merchant initiated auth
-set-msgExt 4		: setext-pinSecure
-set-msgExt 5		: setext-pinAny
-set-msgExt 7		: setext-track2
-set-msgExt 8		: setext-cv		: additional verification
-
-set-policy 0		: set-policy-root
-
-set-certExt 0		: setCext-hashedRoot
-set-certExt 1		: setCext-certType
-set-certExt 2		: setCext-merchData
-set-certExt 3		: setCext-cCertRequired
-set-certExt 4		: setCext-tunneling
-set-certExt 5		: setCext-setExt
-set-certExt 6		: setCext-setQualf
-set-certExt 7		: setCext-PGWYcapabilities
-set-certExt 8		: setCext-TokenIdentifier
-set-certExt 9		: setCext-Track2Data
-set-certExt 10		: setCext-TokenType
-set-certExt 11		: setCext-IssuerCapabilities
-
-set-attr 0		: setAttr-Cert
-set-attr 1		: setAttr-PGWYcap	: payment gateway capabilities
-set-attr 2		: setAttr-TokenType
-set-attr 3		: setAttr-IssCap	: issuer capabilities
-
-setAttr-Cert 0		: set-rootKeyThumb
-setAttr-Cert 1		: set-addPolicy
-
-setAttr-TokenType 1	: setAttr-Token-EMV
-setAttr-TokenType 2	: setAttr-Token-B0Prime
-
-setAttr-IssCap 3	: setAttr-IssCap-CVM
-setAttr-IssCap 4	: setAttr-IssCap-T2
-setAttr-IssCap 5	: setAttr-IssCap-Sig
-
-setAttr-IssCap-CVM 1	: setAttr-GenCryptgrm	: generate cryptogram
-setAttr-IssCap-T2 1	: setAttr-T2Enc		: encrypted track 2
-setAttr-IssCap-T2 2	: setAttr-T2cleartxt	: cleartext track 2
-
-setAttr-IssCap-Sig 1	: setAttr-TokICCsig	: ICC or token signature
-setAttr-IssCap-Sig 2	: setAttr-SecDevSig	: secure device signature
-
-set-brand 1		: set-brand-IATA-ATA
-set-brand 30		: set-brand-Diners
-set-brand 34		: set-brand-AmericanExpress
-set-brand 35		: set-brand-JCB
-set-brand 4		: set-brand-Visa
-set-brand 5		: set-brand-MasterCard
-set-brand 6011		: set-brand-Novus
-
-rsadsi 3 10		: DES-CDMF		: des-cdmf
-rsadsi 1 1 6		: rsaOAEPEncryptionSET
diff --git a/crypto/openssl/crypto/ocsp/Makefile.ssl b/crypto/openssl/crypto/ocsp/Makefile.ssl
deleted file mode 100644
index 8d5a85a55cae..000000000000
--- a/crypto/openssl/crypto/ocsp/Makefile.ssl
+++ /dev/null
@@ -1,293 +0,0 @@
-#
-# OpenSSL/ocsp/Makefile.ssl
-#
-
-DIR=	ocsp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
-	ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
-
-LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
-	ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ocsp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile ;
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ocsp_asn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-ocsp_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-ocsp_asn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ocsp_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
-ocsp_asn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-ocsp_asn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-ocsp_asn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-ocsp_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_asn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c
-ocsp_cl.o: ../../e_os.h ../../include/openssl/aes.h
-ocsp_cl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_cl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_cl.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ocsp_cl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-ocsp_cl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-ocsp_cl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-ocsp_cl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_cl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_cl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
-ocsp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-ocsp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ocsp_err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ocsp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-ocsp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-ocsp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-ocsp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-ocsp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c
-ocsp_ext.o: ../../e_os.h ../../include/openssl/aes.h
-ocsp_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ocsp_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-ocsp_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-ocsp_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_ext.o: ../../include/openssl/opensslconf.h
-ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-ocsp_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ocsp_ext.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_ext.o: ../cryptlib.h ocsp_ext.c
-ocsp_ht.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ocsp_ht.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ocsp_ht.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-ocsp_ht.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_ht.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-ocsp_ht.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-ocsp_ht.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-ocsp_ht.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_ht.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_ht.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c
-ocsp_lib.o: ../../e_os.h ../../include/openssl/aes.h
-ocsp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ocsp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-ocsp_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-ocsp_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_lib.o: ../../include/openssl/opensslconf.h
-ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-ocsp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ocsp_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_lib.o: ../cryptlib.h ocsp_lib.c
-ocsp_prn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-ocsp_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ocsp_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ocsp_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-ocsp_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-ocsp_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-ocsp_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-ocsp_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_prn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c
-ocsp_srv.o: ../../e_os.h ../../include/openssl/aes.h
-ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ocsp_srv.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-ocsp_srv.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-ocsp_srv.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_srv.o: ../../include/openssl/opensslconf.h
-ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_srv.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-ocsp_srv.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ocsp_srv.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_srv.o: ../cryptlib.h ocsp_srv.c
-ocsp_vfy.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-ocsp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ocsp_vfy.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ocsp_vfy.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-ocsp_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-ocsp_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-ocsp_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-ocsp_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-ocsp_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c
diff --git a/crypto/openssl/crypto/ocsp/ocsp.h b/crypto/openssl/crypto/ocsp/ocsp.h
deleted file mode 100644
index fab3c0318215..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp.h
+++ /dev/null
@@ -1,619 +0,0 @@
-/* ocsp.h */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OCSP_H
-#define HEADER_OCSP_H
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Various flags and values */
-
-#define OCSP_DEFAULT_NONCE_LENGTH	16
-
-#define OCSP_NOCERTS			0x1
-#define OCSP_NOINTERN			0x2
-#define OCSP_NOSIGS			0x4
-#define OCSP_NOCHAIN			0x8
-#define OCSP_NOVERIFY			0x10
-#define OCSP_NOEXPLICIT			0x20
-#define OCSP_NOCASIGN			0x40
-#define OCSP_NODELEGATED		0x80
-#define OCSP_NOCHECKS			0x100
-#define OCSP_TRUSTOTHER			0x200
-#define OCSP_RESPID_KEY			0x400
-#define OCSP_NOTIME			0x800
-
-/*   CertID ::= SEQUENCE {
- *       hashAlgorithm            AlgorithmIdentifier,
- *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
- *       issuerKeyHash      OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
- *       serialNumber       CertificateSerialNumber }
- */
-typedef struct ocsp_cert_id_st
-	{
-	X509_ALGOR *hashAlgorithm;
-	ASN1_OCTET_STRING *issuerNameHash;
-	ASN1_OCTET_STRING *issuerKeyHash;
-	ASN1_INTEGER *serialNumber;
-	} OCSP_CERTID;
-
-DECLARE_STACK_OF(OCSP_CERTID)
-
-/*   Request ::=     SEQUENCE {
- *       reqCert                    CertID,
- *       singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_one_request_st
-	{
-	OCSP_CERTID *reqCert;
-	STACK_OF(X509_EXTENSION) *singleRequestExtensions;
-	} OCSP_ONEREQ;
-
-DECLARE_STACK_OF(OCSP_ONEREQ)
-DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
-
-
-/*   TBSRequest      ::=     SEQUENCE {
- *       version             [0] EXPLICIT Version DEFAULT v1,
- *       requestorName       [1] EXPLICIT GeneralName OPTIONAL,
- *       requestList             SEQUENCE OF Request,
- *       requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_req_info_st
-	{
-	ASN1_INTEGER *version;
-	GENERAL_NAME *requestorName;
-	STACK_OF(OCSP_ONEREQ) *requestList;
-	STACK_OF(X509_EXTENSION) *requestExtensions;
-	} OCSP_REQINFO;
-
-/*   Signature       ::=     SEQUENCE {
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING,
- *       certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-typedef struct ocsp_signature_st
-	{
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_BIT_STRING *signature;
-	STACK_OF(X509) *certs;
-	} OCSP_SIGNATURE;
-
-/*   OCSPRequest     ::=     SEQUENCE {
- *       tbsRequest                  TBSRequest,
- *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
- */
-typedef struct ocsp_request_st
-	{
-	OCSP_REQINFO *tbsRequest;
-	OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
-	} OCSP_REQUEST;
-
-/*   OCSPResponseStatus ::= ENUMERATED {
- *       successful            (0),      --Response has valid confirmations
- *       malformedRequest      (1),      --Illegal confirmation request
- *       internalError         (2),      --Internal error in issuer
- *       tryLater              (3),      --Try again later
- *                                       --(4) is not used
- *       sigRequired           (5),      --Must sign the request
- *       unauthorized          (6)       --Request unauthorized
- *   }
- */
-#define OCSP_RESPONSE_STATUS_SUCCESSFUL          0
-#define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST     1
-#define OCSP_RESPONSE_STATUS_INTERNALERROR        2
-#define OCSP_RESPONSE_STATUS_TRYLATER             3
-#define OCSP_RESPONSE_STATUS_SIGREQUIRED          5
-#define OCSP_RESPONSE_STATUS_UNAUTHORIZED         6
-
-/*   ResponseBytes ::=       SEQUENCE {
- *       responseType   OBJECT IDENTIFIER,
- *       response       OCTET STRING }
- */
-typedef struct ocsp_resp_bytes_st
-	{
-	ASN1_OBJECT *responseType;
-	ASN1_OCTET_STRING *response;
-	} OCSP_RESPBYTES;
-
-/*   OCSPResponse ::= SEQUENCE {
- *      responseStatus         OCSPResponseStatus,
- *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
- */
-typedef struct ocsp_response_st
-	{
-	ASN1_ENUMERATED *responseStatus;
-	OCSP_RESPBYTES  *responseBytes;
-	} OCSP_RESPONSE;
-
-/*   ResponderID ::= CHOICE {
- *      byName   [1] Name,
- *      byKey    [2] KeyHash }
- */
-#define V_OCSP_RESPID_NAME 0
-#define V_OCSP_RESPID_KEY  1
-typedef struct ocsp_responder_id_st
-	{
-	int type;
-	union   {
-		X509_NAME* byName;
-        	ASN1_OCTET_STRING *byKey;
-		} value;
-	} OCSP_RESPID;
-/*   KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
- *                            --(excluding the tag and length fields)
- */
-
-/*   RevokedInfo ::= SEQUENCE {
- *       revocationTime              GeneralizedTime,
- *       revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
- */
-typedef struct ocsp_revoked_info_st
-	{
-	ASN1_GENERALIZEDTIME *revocationTime;
-	ASN1_ENUMERATED *revocationReason;
-	} OCSP_REVOKEDINFO;
-
-/*   CertStatus ::= CHOICE {
- *       good                [0]     IMPLICIT NULL,
- *       revoked             [1]     IMPLICIT RevokedInfo,
- *       unknown             [2]     IMPLICIT UnknownInfo }
- */
-#define V_OCSP_CERTSTATUS_GOOD    0
-#define V_OCSP_CERTSTATUS_REVOKED 1
-#define V_OCSP_CERTSTATUS_UNKNOWN 2
-typedef struct ocsp_cert_status_st
-	{
-	int type;
-	union	{
-		ASN1_NULL *good;
-		OCSP_REVOKEDINFO *revoked;
-		ASN1_NULL *unknown;
-		} value;
-	} OCSP_CERTSTATUS;
-
-/*   SingleResponse ::= SEQUENCE {
- *      certID                       CertID,
- *      certStatus                   CertStatus,
- *      thisUpdate                   GeneralizedTime,
- *      nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
- *      singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_single_response_st
-	{
-	OCSP_CERTID *certId;
-	OCSP_CERTSTATUS *certStatus;
-	ASN1_GENERALIZEDTIME *thisUpdate;
-	ASN1_GENERALIZEDTIME *nextUpdate;
-	STACK_OF(X509_EXTENSION) *singleExtensions;
-	} OCSP_SINGLERESP;
-
-DECLARE_STACK_OF(OCSP_SINGLERESP)
-DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
-
-/*   ResponseData ::= SEQUENCE {
- *      version              [0] EXPLICIT Version DEFAULT v1,
- *      responderID              ResponderID,
- *      producedAt               GeneralizedTime,
- *      responses                SEQUENCE OF SingleResponse,
- *      responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_response_data_st
-	{
-	ASN1_INTEGER *version;
-	OCSP_RESPID  *responderId;
-	ASN1_GENERALIZEDTIME *producedAt;
-	STACK_OF(OCSP_SINGLERESP) *responses;
-	STACK_OF(X509_EXTENSION) *responseExtensions;
-	} OCSP_RESPDATA;
-
-/*   BasicOCSPResponse       ::= SEQUENCE {
- *      tbsResponseData      ResponseData,
- *      signatureAlgorithm   AlgorithmIdentifier,
- *      signature            BIT STRING,
- *      certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-  /* Note 1:
-     The value for "signature" is specified in the OCSP rfc2560 as follows:
-     "The value for the signature SHALL be computed on the hash of the DER
-     encoding ResponseData."  This means that you must hash the DER-encoded
-     tbsResponseData, and then run it through a crypto-signing function, which
-     will (at least w/RSA) do a hash-'n'-private-encrypt operation.  This seems
-     a bit odd, but that's the spec.  Also note that the data structures do not
-     leave anywhere to independently specify the algorithm used for the initial
-     hash. So, we look at the signature-specification algorithm, and try to do
-     something intelligent.	-- Kathy Weinhold, CertCo */
-  /* Note 2:
-     It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open
-     for interpretation.  I've done tests against another responder, and found
-     that it doesn't do the double hashing that the RFC seems to say one
-     should.  Therefore, all relevant functions take a flag saying which
-     variant should be used.	-- Richard Levitte, OpenSSL team and CeloCom */
-typedef struct ocsp_basic_response_st
-	{
-	OCSP_RESPDATA *tbsResponseData;
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_BIT_STRING *signature;
-	STACK_OF(X509) *certs;
-	} OCSP_BASICRESP;
-
-/*
- *   CRLReason ::= ENUMERATED {
- *        unspecified             (0),
- *        keyCompromise           (1),
- *        cACompromise            (2),
- *        affiliationChanged      (3),
- *        superseded              (4),
- *        cessationOfOperation    (5),
- *        certificateHold         (6),
- *        removeFromCRL           (8) }
- */
-#define OCSP_REVOKED_STATUS_NOSTATUS               -1
-#define OCSP_REVOKED_STATUS_UNSPECIFIED             0
-#define OCSP_REVOKED_STATUS_KEYCOMPROMISE           1
-#define OCSP_REVOKED_STATUS_CACOMPROMISE            2
-#define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED      3
-#define OCSP_REVOKED_STATUS_SUPERSEDED              4
-#define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION    5
-#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD         6
-#define OCSP_REVOKED_STATUS_REMOVEFROMCRL           8
-
-/* CrlID ::= SEQUENCE {
- *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
- *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
- *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
- */
-typedef struct ocsp_crl_id_st
-        {
-	ASN1_IA5STRING *crlUrl;
-	ASN1_INTEGER *crlNum;
-	ASN1_GENERALIZEDTIME *crlTime;
-        } OCSP_CRLID;
-
-/* ServiceLocator ::= SEQUENCE {
- *      issuer    Name,
- *      locator   AuthorityInfoAccessSyntax OPTIONAL }
- */
-typedef struct ocsp_service_locator_st
-        {
-	X509_NAME* issuer;
-	STACK_OF(ACCESS_DESCRIPTION) *locator;
-        } OCSP_SERVICELOC;
- 
-#define PEM_STRING_OCSP_REQUEST	"OCSP REQUEST"
-#define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
-
-#define d2i_OCSP_REQUEST_bio(bp,p) (OCSP_REQUEST*)ASN1_d2i_bio((char*(*)()) \
-		OCSP_REQUEST_new,(char *(*)())d2i_OCSP_REQUEST, (bp),\
-		(unsigned char **)(p))
-
-#define d2i_OCSP_RESPONSE_bio(bp,p) (OCSP_RESPONSE*)ASN1_d2i_bio((char*(*)())\
-		OCSP_REQUEST_new,(char *(*)())d2i_OCSP_RESPONSE, (bp),\
-		(unsigned char **)(p))
-
-#define	PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
-     (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
-
-#define	PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
-     (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
-
-#define PEM_write_bio_OCSP_REQUEST(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
-			bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_bio_OCSP_RESPONSE(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
-			bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_RESPONSE,bp,\
-		(unsigned char *)o)
-
-#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_REQUEST,bp,\
-		(unsigned char *)o)
-
-#define OCSP_REQUEST_sign(o,pkey,md) \
-	ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
-		o->optionalSignature->signatureAlgorithm,NULL,\
-	        o->optionalSignature->signature,o->tbsRequest,pkey,md)
-
-#define OCSP_BASICRESP_sign(o,pkey,md,d) \
-	ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
-		o->signature,o->tbsResponseData,pkey,md)
-
-#define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
-        a->optionalSignature->signatureAlgorithm,\
-	a->optionalSignature->signature,a->tbsRequest,r)
-
-#define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
-	a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
-
-#define ASN1_BIT_STRING_digest(data,type,md,len) \
-	ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
-
-#define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\
-		(char *(*)())d2i_OCSP_CERTID,(char *)(cid))
-
-#define OCSP_CERTSTATUS_dup(cs)\
-                (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
-		(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, 
-			      X509_NAME *issuerName, 
-			      ASN1_BIT_STRING* issuerKey, 
-			      ASN1_INTEGER *serialNumber);
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
-
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
-int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
-
-int OCSP_request_sign(OCSP_REQUEST   *req,
-		      X509           *signer,
-		      EVP_PKEY       *key,
-		      const EVP_MD   *dgst,
-		      STACK_OF(X509) *certs,
-		      unsigned long flags);
-
-int OCSP_response_status(OCSP_RESPONSE *resp);
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
-
-int OCSP_resp_count(OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
-int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
-int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-				ASN1_GENERALIZEDTIME **revtime,
-				ASN1_GENERALIZEDTIME **thisupd,
-				ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-				int *reason,
-				ASN1_GENERALIZEDTIME **revtime,
-				ASN1_GENERALIZEDTIME **thisupd,
-				ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
-			ASN1_GENERALIZEDTIME *nextupd,
-			long sec, long maxsec);
-
-int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store, unsigned long flags);
-
-int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl);
-
-int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-
-int OCSP_request_onereq_count(OCSP_REQUEST *req);
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
-int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-			ASN1_OCTET_STRING **pikeyHash,
-			ASN1_INTEGER **pserial, OCSP_CERTID *cid);
-int OCSP_request_is_signed(OCSP_REQUEST *req);
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
-						OCSP_CERTID *cid,
-						int status, int reason,
-						ASN1_TIME *revtime,
-					ASN1_TIME *thisupd, ASN1_TIME *nextupd);
-int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
-int OCSP_basic_sign(OCSP_BASICRESP *brsp, 
-			X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
-			STACK_OF(X509) *certs, unsigned long flags);
-
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), 
-				char *data, STACK_OF(ASN1_OBJECT) *sk);
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
-
-X509_EXTENSION *OCSP_accept_responses_new(char **oids);
-
-X509_EXTENSION *OCSP_archive_cutoff_new(char* tim);
-
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls);
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx);
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
-							unsigned long flags);
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-							unsigned long flags);
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx);
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
-							unsigned long flags);
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx);
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
-							unsigned long flags);
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
-
-DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
-DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
-DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
-
-char *OCSP_response_status_str(long s);
-char *OCSP_cert_status_str(long s);
-char *OCSP_crl_reason_str(long s);
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags);
-
-int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OCSP_strings(void);
-
-/* Error codes for the OCSP functions. */
-
-/* Function codes. */
-#define OCSP_F_ASN1_STRING_ENCODE			 100
-#define OCSP_F_CERT_ID_NEW				 101
-#define OCSP_F_D2I_OCSP_NONCE				 102
-#define OCSP_F_OCSP_BASIC_ADD1_STATUS			 103
-#define OCSP_F_OCSP_BASIC_SIGN				 104
-#define OCSP_F_OCSP_BASIC_VERIFY			 105
-#define OCSP_F_OCSP_CHECK_DELEGATED			 106
-#define OCSP_F_OCSP_CHECK_IDS				 107
-#define OCSP_F_OCSP_CHECK_ISSUER			 108
-#define OCSP_F_OCSP_CHECK_VALIDITY			 115
-#define OCSP_F_OCSP_MATCH_ISSUERID			 109
-#define OCSP_F_OCSP_PARSE_URL				 114
-#define OCSP_F_OCSP_REQUEST_SIGN			 110
-#define OCSP_F_OCSP_REQUEST_VERIFY			 116
-#define OCSP_F_OCSP_RESPONSE_GET1_BASIC			 111
-#define OCSP_F_OCSP_SENDREQ_BIO				 112
-#define OCSP_F_REQUEST_VERIFY				 113
-
-/* Reason codes. */
-#define OCSP_R_BAD_DATA					 100
-#define OCSP_R_CERTIFICATE_VERIFY_ERROR			 101
-#define OCSP_R_DIGEST_ERR				 102
-#define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD		 122
-#define OCSP_R_ERROR_IN_THISUPDATE_FIELD		 123
-#define OCSP_R_ERROR_PARSING_URL			 121
-#define OCSP_R_MISSING_OCSPSIGNING_USAGE		 103
-#define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE		 124
-#define OCSP_R_NOT_BASIC_RESPONSE			 104
-#define OCSP_R_NO_CERTIFICATES_IN_CHAIN			 105
-#define OCSP_R_NO_CONTENT				 106
-#define OCSP_R_NO_PUBLIC_KEY				 107
-#define OCSP_R_NO_RESPONSE_DATA				 108
-#define OCSP_R_NO_REVOKED_TIME				 109
-#define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 110
-#define OCSP_R_REQUEST_NOT_SIGNED			 128
-#define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA	 111
-#define OCSP_R_ROOT_CA_NOT_TRUSTED			 112
-#define OCSP_R_SERVER_READ_ERROR			 113
-#define OCSP_R_SERVER_RESPONSE_ERROR			 114
-#define OCSP_R_SERVER_RESPONSE_PARSE_ERROR		 115
-#define OCSP_R_SERVER_WRITE_ERROR			 116
-#define OCSP_R_SIGNATURE_FAILURE			 117
-#define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND		 118
-#define OCSP_R_STATUS_EXPIRED				 125
-#define OCSP_R_STATUS_NOT_YET_VALID			 126
-#define OCSP_R_STATUS_TOO_OLD				 127
-#define OCSP_R_UNKNOWN_MESSAGE_DIGEST			 119
-#define OCSP_R_UNKNOWN_NID				 120
-#define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE		 129
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ocsp/ocsp_asn.c b/crypto/openssl/crypto/ocsp/ocsp_asn.c
deleted file mode 100644
index 6a3a360d5449..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_asn.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* ocsp_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/ocsp.h>
-
-ASN1_SEQUENCE(OCSP_SIGNATURE) = {
-	ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
-	ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
-	ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0)
-} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-
-ASN1_SEQUENCE(OCSP_CERTID) = {
-	ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
-	ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(OCSP_CERTID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
-
-ASN1_SEQUENCE(OCSP_ONEREQ) = {
-	ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
-	ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END(OCSP_ONEREQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
-
-ASN1_SEQUENCE(OCSP_REQINFO) = {
-	ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
-	ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
-	ASN1_SEQUENCE_OF(OCSP_REQINFO, requestList, OCSP_ONEREQ),
-	ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
-} ASN1_SEQUENCE_END(OCSP_REQINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
-
-ASN1_SEQUENCE(OCSP_REQUEST) = {
-	ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
-	ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
-} ASN1_SEQUENCE_END(OCSP_REQUEST)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
-
-/* OCSP_RESPONSE templates */
-
-ASN1_SEQUENCE(OCSP_RESPBYTES) = {
-	    ASN1_SIMPLE(OCSP_RESPBYTES, responseType, ASN1_OBJECT),
-	    ASN1_SIMPLE(OCSP_RESPBYTES, response, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(OCSP_RESPBYTES)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-
-ASN1_SEQUENCE(OCSP_RESPONSE) = {
-	ASN1_SIMPLE(OCSP_RESPONSE, responseStatus, ASN1_ENUMERATED),
-	ASN1_EXP_OPT(OCSP_RESPONSE, responseBytes, OCSP_RESPBYTES, 0)
-} ASN1_SEQUENCE_END(OCSP_RESPONSE)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE)
-
-ASN1_CHOICE(OCSP_RESPID) = {
-	   ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1),
-	   ASN1_EXP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2)
-} ASN1_CHOICE_END(OCSP_RESPID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID)
-
-ASN1_SEQUENCE(OCSP_REVOKEDINFO) = {
-	ASN1_SIMPLE(OCSP_REVOKEDINFO, revocationTime, ASN1_GENERALIZEDTIME),
-  	ASN1_EXP_OPT(OCSP_REVOKEDINFO, revocationReason, ASN1_ENUMERATED, 0)
-} ASN1_SEQUENCE_END(OCSP_REVOKEDINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-
-ASN1_CHOICE(OCSP_CERTSTATUS) = {
-	ASN1_IMP(OCSP_CERTSTATUS, value.good, ASN1_NULL, 0),
-	ASN1_IMP(OCSP_CERTSTATUS, value.revoked, OCSP_REVOKEDINFO, 1),
-	ASN1_IMP(OCSP_CERTSTATUS, value.unknown, ASN1_NULL, 2)
-} ASN1_CHOICE_END(OCSP_CERTSTATUS)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-
-ASN1_SEQUENCE(OCSP_SINGLERESP) = {
-	   ASN1_SIMPLE(OCSP_SINGLERESP, certId, OCSP_CERTID),
-	   ASN1_SIMPLE(OCSP_SINGLERESP, certStatus, OCSP_CERTSTATUS),
-	   ASN1_SIMPLE(OCSP_SINGLERESP, thisUpdate, ASN1_GENERALIZEDTIME),
-	   ASN1_EXP_OPT(OCSP_SINGLERESP, nextUpdate, ASN1_GENERALIZEDTIME, 0),
-	   ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SINGLERESP, singleExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(OCSP_SINGLERESP)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-
-ASN1_SEQUENCE(OCSP_RESPDATA) = {
-	   ASN1_EXP_OPT(OCSP_RESPDATA, version, ASN1_INTEGER, 0),
-	   ASN1_SIMPLE(OCSP_RESPDATA, responderId, OCSP_RESPID),
-	   ASN1_SIMPLE(OCSP_RESPDATA, producedAt, ASN1_GENERALIZEDTIME),
-	   ASN1_SEQUENCE_OF(OCSP_RESPDATA, responses, OCSP_SINGLERESP),
-	   ASN1_EXP_SEQUENCE_OF_OPT(OCSP_RESPDATA, responseExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(OCSP_RESPDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPDATA)
-
-ASN1_SEQUENCE(OCSP_BASICRESP) = {
-	   ASN1_SIMPLE(OCSP_BASICRESP, tbsResponseData, OCSP_RESPDATA),
-	   ASN1_SIMPLE(OCSP_BASICRESP, signatureAlgorithm, X509_ALGOR),
-	   ASN1_SIMPLE(OCSP_BASICRESP, signature, ASN1_BIT_STRING),
-	   ASN1_EXP_SEQUENCE_OF_OPT(OCSP_BASICRESP, certs, X509, 0)
-} ASN1_SEQUENCE_END(OCSP_BASICRESP)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_BASICRESP)
-
-ASN1_SEQUENCE(OCSP_CRLID) = {
-	   ASN1_EXP_OPT(OCSP_CRLID, crlUrl, ASN1_IA5STRING, 0),
-	   ASN1_EXP_OPT(OCSP_CRLID, crlNum, ASN1_INTEGER, 1),
-	   ASN1_EXP_OPT(OCSP_CRLID, crlTime, ASN1_GENERALIZEDTIME, 2)
-} ASN1_SEQUENCE_END(OCSP_CRLID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CRLID)
-
-ASN1_SEQUENCE(OCSP_SERVICELOC) = {
-	ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),
-	ASN1_SEQUENCE_OF_OPT(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)
-} ASN1_SEQUENCE_END(OCSP_SERVICELOC)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)
diff --git a/crypto/openssl/crypto/ocsp/ocsp_cl.c b/crypto/openssl/crypto/ocsp/ocsp_cl.c
deleted file mode 100755
index 9b3e6dd8ca22..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_cl.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/* ocsp_cl.c */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/* Utility functions related to sending OCSP requests and extracting
- * relevant information from the response.
- */
-
-/* Add an OCSP_CERTID to an OCSP request. Return new OCSP_ONEREQ 
- * pointer: useful if we want to add extensions.
- */
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
-        {
-	OCSP_ONEREQ *one = NULL;
-
-	if (!(one = OCSP_ONEREQ_new())) goto err;
-	if (one->reqCert) OCSP_CERTID_free(one->reqCert);
-	one->reqCert = cid;
-	if (req &&
-		!sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one))
-				goto err;
-	return one;
-err:
-	OCSP_ONEREQ_free(one);
-	return NULL;
-        }
-
-/* Set requestorName from an X509_NAME structure */
-
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
-	{
-	GENERAL_NAME *gen;
-	gen = GENERAL_NAME_new();
-	if (!X509_NAME_set(&gen->d.directoryName, nm))
-		{
-		GENERAL_NAME_free(gen);
-		return 0;
-		}
-	gen->type = GEN_DIRNAME;
-	if (req->tbsRequest->requestorName)
-		GENERAL_NAME_free(req->tbsRequest->requestorName);
-	req->tbsRequest->requestorName = gen;
-	return 1;
-	}
-	
-
-/* Add a certificate to an OCSP request */
-
-int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
-	{
-	OCSP_SIGNATURE *sig;
-	if (!req->optionalSignature)
-		req->optionalSignature = OCSP_SIGNATURE_new();
-	sig = req->optionalSignature;
-	if (!sig) return 0;
-	if (!cert) return 1;
-	if (!sig->certs && !(sig->certs = sk_X509_new_null()))
-		return 0;
-
-	if(!sk_X509_push(sig->certs, cert)) return 0;
-	CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-	return 1;
-	}
-
-/* Sign an OCSP request set the requestorName to the subjec
- * name of an optional signers certificate and include one
- * or more optional certificates in the request. Behaves
- * like PKCS7_sign().
- */
-
-int OCSP_request_sign(OCSP_REQUEST   *req,
-		      X509           *signer,
-		      EVP_PKEY       *key,
-		      const EVP_MD   *dgst,
-		      STACK_OF(X509) *certs,
-		      unsigned long flags)
-        {
-	int i;
-	OCSP_SIGNATURE *sig;
-	X509 *x;
-
-	if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
-			goto err;
-
-	if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new())) goto err;
-	if (!dgst) dgst = EVP_sha1();
-	if (key)
-		{
-		if (!X509_check_private_key(signer, key))
-			{
-			OCSPerr(OCSP_F_OCSP_REQUEST_SIGN, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-			goto err;
-			}
-		if (!OCSP_REQUEST_sign(req, key, dgst)) goto err;
-		}
-
-	if (!(flags & OCSP_NOCERTS))
-		{
-		if(!OCSP_request_add1_cert(req, signer)) goto err;
-		for (i = 0; i < sk_X509_num(certs); i++)
-			{
-			x = sk_X509_value(certs, i);
-			if (!OCSP_request_add1_cert(req, x)) goto err;
-			}
-		}
-
-	return 1;
-err:
-	OCSP_SIGNATURE_free(req->optionalSignature);
-	req->optionalSignature = NULL;
-	return 0;
-	}
-
-/* Get response status */
-
-int OCSP_response_status(OCSP_RESPONSE *resp)
-	{
-	return ASN1_ENUMERATED_get(resp->responseStatus);
-	}
-
-/* Extract basic response from OCSP_RESPONSE or NULL if
- * no basic response present.
- */
- 
-
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp)
-	{
-	OCSP_RESPBYTES *rb;
-	rb = resp->responseBytes;
-	if (!rb)
-		{
-		OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NO_RESPONSE_DATA);
-		return NULL;
-		}
-	if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic)
-		{
-		OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NOT_BASIC_RESPONSE);
-		return NULL;
-		}
-
-	return ASN1_item_unpack(rb->response, ASN1_ITEM_rptr(OCSP_BASICRESP));
-	}
-
-/* Return number of OCSP_SINGLERESP reponses present in
- * a basic response.
- */
-
-int OCSP_resp_count(OCSP_BASICRESP *bs)
-	{
-	if (!bs) return -1;
-	return sk_OCSP_SINGLERESP_num(bs->tbsResponseData->responses);
-	}
-
-/* Extract an OCSP_SINGLERESP response with a given index */
-
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx)
-	{
-	if (!bs) return NULL;
-	return sk_OCSP_SINGLERESP_value(bs->tbsResponseData->responses, idx);
-	}
-
-/* Look single response matching a given certificate ID */
-
-int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)
-	{
-	int i;
-	STACK_OF(OCSP_SINGLERESP) *sresp;
-	OCSP_SINGLERESP *single;
-	if (!bs) return -1;
-	if (last < 0) last = 0;
-	else last++;
-	sresp = bs->tbsResponseData->responses;
-	for (i = last; i < sk_OCSP_SINGLERESP_num(sresp); i++)
-		{
-		single = sk_OCSP_SINGLERESP_value(sresp, i);
-		if (!OCSP_id_cmp(id, single->certId)) return i;
-		}
-	return -1;
-	}
-
-/* Extract status information from an OCSP_SINGLERESP structure.
- * Note: the revtime and reason values are only set if the 
- * certificate status is revoked. Returns numerical value of
- * status.
- */
-
-int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-				ASN1_GENERALIZEDTIME **revtime,
-				ASN1_GENERALIZEDTIME **thisupd,
-				ASN1_GENERALIZEDTIME **nextupd)
-	{
-	int ret;
-	OCSP_CERTSTATUS *cst;
-	if(!single) return -1;
-	cst = single->certStatus;
-	ret = cst->type;
-	if (ret == V_OCSP_CERTSTATUS_REVOKED)
-		{
-		OCSP_REVOKEDINFO *rev = cst->value.revoked;
-		if (revtime) *revtime = rev->revocationTime;
-		if (reason) 
-			{
-			if(rev->revocationReason)
-				*reason = ASN1_ENUMERATED_get(rev->revocationReason);
-			else *reason = -1;
-			}
-		}
-	if(thisupd) *thisupd = single->thisUpdate;
-	if(nextupd) *nextupd = single->nextUpdate;
-	return ret;
-	}
-
-/* This function combines the previous ones: look up a certificate ID and
- * if found extract status information. Return 0 is successful.
- */
-
-int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-				int *reason,
-				ASN1_GENERALIZEDTIME **revtime,
-				ASN1_GENERALIZEDTIME **thisupd,
-				ASN1_GENERALIZEDTIME **nextupd)
-	{
-	int i;
-	OCSP_SINGLERESP *single;
-	i = OCSP_resp_find(bs, id, -1);
-	/* Maybe check for multiple responses and give an error? */
-	if(i < 0) return 0;
-	single = OCSP_resp_get0(bs, i);
-	i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd);
-	if(status) *status = i;
-	return 1;
-	}
-
-/* Check validity of thisUpdate and nextUpdate fields. It is possible that the request will
- * take a few seconds to process and/or the time wont be totally accurate. Therefore to avoid
- * rejecting otherwise valid time we allow the times to be within 'nsec' of the current time.
- * Also to avoid accepting very old responses without a nextUpdate field an optional maxage
- * parameter specifies the maximum age the thisUpdate field can be.
- */
-
-int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec)
-	{
-	int ret = 1;
-	time_t t_now, t_tmp;
-	time(&t_now);
-	/* Check thisUpdate is valid and not more than nsec in the future */
-	if (!ASN1_GENERALIZEDTIME_check(thisupd))
-		{
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_THISUPDATE_FIELD);
-		ret = 0;
-		}
-	else 
-		{
-			t_tmp = t_now + nsec;
-			if (X509_cmp_time(thisupd, &t_tmp) > 0)
-			{
-			OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_NOT_YET_VALID);
-			ret = 0;
-			}
-
-		/* If maxsec specified check thisUpdate is not more than maxsec in the past */
-		if (maxsec >= 0)
-			{
-			t_tmp = t_now - maxsec;
-			if (X509_cmp_time(thisupd, &t_tmp) < 0)
-				{
-				OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_TOO_OLD);
-				ret = 0;
-				}
-			}
-		}
-		
-
-	if (!nextupd) return ret;
-
-	/* Check nextUpdate is valid and not more than nsec in the past */
-	if (!ASN1_GENERALIZEDTIME_check(nextupd))
-		{
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD);
-		ret = 0;
-		}
-	else 
-		{
-		t_tmp = t_now - nsec;
-		if (X509_cmp_time(nextupd, &t_tmp) < 0)
-			{
-			OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_EXPIRED);
-			ret = 0;
-			}
-		}
-
-	/* Also don't allow nextUpdate to precede thisUpdate */
-	if (ASN1_STRING_cmp(nextupd, thisupd) < 0)
-		{
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE);
-		ret = 0;
-		}
-
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_err.c b/crypto/openssl/crypto/ocsp/ocsp_err.c
deleted file mode 100644
index 4c4d8306f8ab..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_err.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/ocsp/ocsp_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA OCSP_str_functs[]=
-	{
-{ERR_PACK(0,OCSP_F_ASN1_STRING_ENCODE,0),	"ASN1_STRING_encode"},
-{ERR_PACK(0,OCSP_F_CERT_ID_NEW,0),	"CERT_ID_NEW"},
-{ERR_PACK(0,OCSP_F_D2I_OCSP_NONCE,0),	"D2I_OCSP_NONCE"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_ADD1_STATUS,0),	"OCSP_basic_add1_status"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_SIGN,0),	"OCSP_basic_sign"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_VERIFY,0),	"OCSP_basic_verify"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_DELEGATED,0),	"OCSP_CHECK_DELEGATED"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_IDS,0),	"OCSP_CHECK_IDS"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_ISSUER,0),	"OCSP_CHECK_ISSUER"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_VALIDITY,0),	"OCSP_check_validity"},
-{ERR_PACK(0,OCSP_F_OCSP_MATCH_ISSUERID,0),	"OCSP_MATCH_ISSUERID"},
-{ERR_PACK(0,OCSP_F_OCSP_PARSE_URL,0),	"OCSP_parse_url"},
-{ERR_PACK(0,OCSP_F_OCSP_REQUEST_SIGN,0),	"OCSP_request_sign"},
-{ERR_PACK(0,OCSP_F_OCSP_REQUEST_VERIFY,0),	"OCSP_request_verify"},
-{ERR_PACK(0,OCSP_F_OCSP_RESPONSE_GET1_BASIC,0),	"OCSP_response_get1_basic"},
-{ERR_PACK(0,OCSP_F_OCSP_SENDREQ_BIO,0),	"OCSP_sendreq_bio"},
-{ERR_PACK(0,OCSP_F_REQUEST_VERIFY,0),	"REQUEST_VERIFY"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA OCSP_str_reasons[]=
-	{
-{OCSP_R_BAD_DATA                         ,"bad data"},
-{OCSP_R_CERTIFICATE_VERIFY_ERROR         ,"certificate verify error"},
-{OCSP_R_DIGEST_ERR                       ,"digest err"},
-{OCSP_R_ERROR_IN_NEXTUPDATE_FIELD        ,"error in nextupdate field"},
-{OCSP_R_ERROR_IN_THISUPDATE_FIELD        ,"error in thisupdate field"},
-{OCSP_R_ERROR_PARSING_URL                ,"error parsing url"},
-{OCSP_R_MISSING_OCSPSIGNING_USAGE        ,"missing ocspsigning usage"},
-{OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE     ,"nextupdate before thisupdate"},
-{OCSP_R_NOT_BASIC_RESPONSE               ,"not basic response"},
-{OCSP_R_NO_CERTIFICATES_IN_CHAIN         ,"no certificates in chain"},
-{OCSP_R_NO_CONTENT                       ,"no content"},
-{OCSP_R_NO_PUBLIC_KEY                    ,"no public key"},
-{OCSP_R_NO_RESPONSE_DATA                 ,"no response data"},
-{OCSP_R_NO_REVOKED_TIME                  ,"no revoked time"},
-{OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
-{OCSP_R_REQUEST_NOT_SIGNED               ,"request not signed"},
-{OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA,"response contains no revocation data"},
-{OCSP_R_ROOT_CA_NOT_TRUSTED              ,"root ca not trusted"},
-{OCSP_R_SERVER_READ_ERROR                ,"server read error"},
-{OCSP_R_SERVER_RESPONSE_ERROR            ,"server response error"},
-{OCSP_R_SERVER_RESPONSE_PARSE_ERROR      ,"server response parse error"},
-{OCSP_R_SERVER_WRITE_ERROR               ,"server write error"},
-{OCSP_R_SIGNATURE_FAILURE                ,"signature failure"},
-{OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND     ,"signer certificate not found"},
-{OCSP_R_STATUS_EXPIRED                   ,"status expired"},
-{OCSP_R_STATUS_NOT_YET_VALID             ,"status not yet valid"},
-{OCSP_R_STATUS_TOO_OLD                   ,"status too old"},
-{OCSP_R_UNKNOWN_MESSAGE_DIGEST           ,"unknown message digest"},
-{OCSP_R_UNKNOWN_NID                      ,"unknown nid"},
-{OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE   ,"unsupported requestorname type"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_OCSP_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_OCSP,OCSP_str_functs);
-		ERR_load_strings(ERR_LIB_OCSP,OCSP_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_ext.c b/crypto/openssl/crypto/ocsp/ocsp_ext.c
deleted file mode 100755
index d6c8899f58e0..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_ext.c
+++ /dev/null
@@ -1,528 +0,0 @@
-/* ocsp_ext.c */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/ocsp.h>
-#include <openssl/rand.h>
-#include <openssl/x509v3.h>
-
-/* Standard wrapper functions for extensions */
-
-/* OCSP request extensions */
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
-	{
-	return(X509v3_get_ext_count(x->tbsRequest->requestExtensions));
-	}
-
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->tbsRequest->requestExtensions,nid,lastpos));
-	}
-
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->tbsRequest->requestExtensions,obj,lastpos));
-	}
-
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->tbsRequest->requestExtensions,crit,lastpos));
-	}
-
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
-	{
-	return(X509v3_get_ext(x->tbsRequest->requestExtensions,loc));
-	}
-
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
-	{
-	return(X509v3_delete_ext(x->tbsRequest->requestExtensions,loc));
-	}
-
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
-	{
-	return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
-	}
-
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
-							unsigned long flags)
-	{
-	return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value, crit, flags);
-	}
-
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->tbsRequest->requestExtensions),ex,loc) != NULL);
-	}
-
-/* Single extensions */
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
-	{
-	return(X509v3_get_ext_count(x->singleRequestExtensions));
-	}
-
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->singleRequestExtensions,nid,lastpos));
-	}
-
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->singleRequestExtensions,obj,lastpos));
-	}
-
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->singleRequestExtensions,crit,lastpos));
-	}
-
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
-	{
-	return(X509v3_get_ext(x->singleRequestExtensions,loc));
-	}
-
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
-	{
-	return(X509v3_delete_ext(x->singleRequestExtensions,loc));
-	}
-
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
-	{
-	return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
-	}
-
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-							unsigned long flags)
-	{
-	return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit, flags);
-	}
-
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->singleRequestExtensions),ex,loc) != NULL);
-	}
-
-/* OCSP Basic response */
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
-	{
-	return(X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
-	}
-
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->tbsResponseData->responseExtensions,nid,lastpos));
-	}
-
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->tbsResponseData->responseExtensions,obj,lastpos));
-	}
-
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->tbsResponseData->responseExtensions,crit,lastpos));
-	}
-
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
-	{
-	return(X509v3_get_ext(x->tbsResponseData->responseExtensions,loc));
-	}
-
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
-	{
-	return(X509v3_delete_ext(x->tbsResponseData->responseExtensions,loc));
-	}
-
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx)
-	{
-	return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit, idx);
-	}
-
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
-							unsigned long flags)
-	{
-	return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid, value, crit, flags);
-	}
-
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->tbsResponseData->responseExtensions),ex,loc) != NULL);
-	}
-
-/* OCSP single response extensions */
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
-	{
-	return(X509v3_get_ext_count(x->singleExtensions));
-	}
-
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->singleExtensions,nid,lastpos));
-	}
-
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->singleExtensions,obj,lastpos));
-	}
-
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->singleExtensions,crit,lastpos));
-	}
-
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
-	{
-	return(X509v3_get_ext(x->singleExtensions,loc));
-	}
-
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
-	{
-	return(X509v3_delete_ext(x->singleExtensions,loc));
-	}
-
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx)
-	{
-	return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
-	}
-
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
-							unsigned long flags)
-	{
-	return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
-	}
-
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->singleExtensions),ex,loc) != NULL);
-	}
-
-/* also CRL Entry Extensions */
-
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), 
-				char *data, STACK_OF(ASN1_OBJECT) *sk)
-        {
-	int i;
-	unsigned char *p, *b = NULL;
-
-	if (data)
-	        {
-		if ((i=i2d(data,NULL)) <= 0) goto err;
-		if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i)))
-			goto err;
-	        if (i2d(data, &p) <= 0) goto err;
-		}
-	else if (sk)
-	        {
-		if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL,i2d,V_ASN1_SEQUENCE,
-				   V_ASN1_UNIVERSAL,IS_SEQUENCE))<=0) goto err;
-		if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i)))
-			goto err;
-		if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,i2d,V_ASN1_SEQUENCE,
-				 V_ASN1_UNIVERSAL,IS_SEQUENCE)<=0) goto err;
-		}
-	else
-		{
-		OCSPerr(OCSP_F_ASN1_STRING_ENCODE,OCSP_R_BAD_DATA);
-		goto err;
-		}
-	if (!s && !(s = ASN1_STRING_new())) goto err;
-	if (!(ASN1_STRING_set(s, b, i))) goto err;
-	OPENSSL_free(b);
-	return s;
-err:
-	if (b) OPENSSL_free(b);
-	return NULL;
-	}
-
-/* Nonce handling functions */
-
-/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
- * a random nonce will be generated.
- */
-
-static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len)
-	{
-	unsigned char *tmpval;
-	ASN1_OCTET_STRING os;
-	int ret = 0;
-	if (len <= 0) len = OCSP_DEFAULT_NONCE_LENGTH;
-	if (val) tmpval = val;
-	else
-		{
-		if (!(tmpval = OPENSSL_malloc(len))) goto err;
-		RAND_pseudo_bytes(tmpval, len);
-		}
-	os.data = tmpval;
-	os.length = len;
-	if(!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
-			&os, 0, X509V3_ADD_REPLACE))
-				goto err;
-	ret = 1;
-	err:
-	if(!val) OPENSSL_free(tmpval);
-	return ret;
-	}
-
-
-/* Add nonce to an OCSP request */
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
-	{
-	return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
-	}
-
-/* Same as above but for a response */
-
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
-	{
-	return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val, len);
-	}
-
-/* Check nonce validity in a request and response.
- * Return value reflects result:
- *  1: nonces present and equal.
- *  2: nonces both absent.
- *  3: nonce present in response only.
- *  0: nonces both present and not equal.
- * -1: nonce in request only.
- *
- *  For most responders clients can check return > 0.
- *  If responder doesn't handle nonces return != 0 may be
- *  necessary. return == 0 is always an error.
- */
-
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
-	{
-	/*
-	 * Since we are only interested in the presence or absence of
-	 * the nonce and comparing its value there is no need to use
-	 * the X509V3 routines: this way we can avoid them allocating an
-	 * ASN1_OCTET_STRING structure for the value which would be
-	 * freed immediately anyway.
-	 */
-
-	int req_idx, resp_idx;
-	X509_EXTENSION *req_ext, *resp_ext;
-	req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-	resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
-	/* Check both absent */
-	if((req_idx < 0) && (resp_idx < 0))
-		return 2;
-	/* Check in request only */
-	if((req_idx >= 0) && (resp_idx < 0))
-		return -1;
-	/* Check in response but not request */
-	if((req_idx < 0) && (resp_idx >= 0))
-		return 3;
-	/* Otherwise nonce in request and response so retrieve the extensions */
-	req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-	resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
-	if(ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
-		return 0;
-	return 1;
-	}
-
-/* Copy the nonce value (if any) from an OCSP request to 
- * a response.
- */
-
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
-	{
-	X509_EXTENSION *req_ext;
-	int req_idx;
-	/* Check for nonce in request */
-	req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-	/* If no nonce that's OK */
-	if (req_idx < 0) return 2;
-	req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-	return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
-	}
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
-        {
-	X509_EXTENSION *x = NULL;
-	OCSP_CRLID *cid = NULL;
-	
-	if (!(cid = OCSP_CRLID_new())) goto err;
-	if (url)
-	        {
-		if (!(cid->crlUrl = ASN1_IA5STRING_new())) goto err;
-		if (!(ASN1_STRING_set(cid->crlUrl, url, -1))) goto err;
-		}
-	if (n)
-	        {
-		if (!(cid->crlNum = ASN1_INTEGER_new())) goto err;
-		if (!(ASN1_INTEGER_set(cid->crlNum, *n))) goto err;
-		}
-	if (tim)
-	        {
-		if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new())) goto err;
-		if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) 
-		        goto err;
-		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_OCSP_CRLID,(char*)cid,NULL)))
-	        goto err;
-	OCSP_CRLID_free(cid);
-	return x;
-err:
-	if (x) X509_EXTENSION_free(x);
-	if (cid) OCSP_CRLID_free(cid);
-	return NULL;
-	}
-
-/*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
-X509_EXTENSION *OCSP_accept_responses_new(char **oids)
-        {
-	int nid;
-	STACK_OF(ASN1_OBJECT) *sk = NULL;
-	ASN1_OBJECT *o = NULL;
-        X509_EXTENSION *x = NULL;
-
-	if (!(sk = sk_ASN1_OBJECT_new_null())) goto err;
-	while (oids && *oids)
-	        {
-		if ((nid=OBJ_txt2nid(*oids))!=NID_undef&&(o=OBJ_nid2obj(nid))) 
-		        sk_ASN1_OBJECT_push(sk, o);
-		oids++;
-		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
-		goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_ASN1_OBJECT,NULL,sk)))
-	        goto err;
-	sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-	return x;
-err:
-	if (x) X509_EXTENSION_free(x);
-	if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-	return NULL;
-        }
-
-/*  ArchiveCutoff ::= GeneralizedTime */
-X509_EXTENSION *OCSP_archive_cutoff_new(char* tim)
-        {
-	X509_EXTENSION *x=NULL;
-	ASN1_GENERALIZEDTIME *gt = NULL;
-
-	if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;
-	if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_ASN1_GENERALIZEDTIME,
-				 (char*)gt,NULL))) goto err;
-	ASN1_GENERALIZEDTIME_free(gt);
-	return x;
-err:
-	if (gt) ASN1_GENERALIZEDTIME_free(gt);
-	if (x) X509_EXTENSION_free(x);
-	return NULL;
-	}
-
-/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
- * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value.  This
- * method forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
- */
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls)
-        {
-	X509_EXTENSION *x = NULL;
-	ASN1_IA5STRING *ia5 = NULL;
-	OCSP_SERVICELOC *sloc = NULL;
-	ACCESS_DESCRIPTION *ad = NULL;
-	
-	if (!(sloc = OCSP_SERVICELOC_new())) goto err;
-	if (!(sloc->issuer = X509_NAME_dup(issuer))) goto err;
-	if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null())) goto err;
-	while (urls && *urls)
-	        {
-		if (!(ad = ACCESS_DESCRIPTION_new())) goto err;
-		if (!(ad->method=OBJ_nid2obj(NID_ad_OCSP))) goto err;
-		if (!(ad->location = GENERAL_NAME_new())) goto err;
-	        if (!(ia5 = ASN1_IA5STRING_new())) goto err;
-		if (!ASN1_STRING_set((ASN1_STRING*)ia5, *urls, -1)) goto err;
-		ad->location->type = GEN_URI;
-		ad->location->d.ia5 = ia5;
-		if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;
-		urls++;
-		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) 
-	        goto err;
-	if (!(ASN1_STRING_encode(x->value, i2d_OCSP_SERVICELOC,
-				 (char*)sloc, NULL))) goto err;
-	OCSP_SERVICELOC_free(sloc);
-	return x;
-err:
-	if (x) X509_EXTENSION_free(x);
-	if (sloc) OCSP_SERVICELOC_free(sloc);
-	return NULL;
-	}
-
diff --git a/crypto/openssl/crypto/ocsp/ocsp_ht.c b/crypto/openssl/crypto/ocsp/ocsp_ht.c
deleted file mode 100644
index 357709a843c2..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_ht.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* ocsp_ht.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/asn1.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-#ifdef OPENSSL_SYS_SUNOS
-#define strtoul (unsigned long)strtol
-#endif /* OPENSSL_SYS_SUNOS */
-
-/* Quick and dirty HTTP OCSP request handler.
- * Could make this a bit cleverer by adding
- * support for non blocking BIOs and a few
- * other refinements.
- */
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req)
-{
-	BIO *mem = NULL;
-	char tmpbuf[1024];
-	OCSP_RESPONSE *resp = NULL;
-	char *p, *q, *r;
-	int len, retcode;
-	static char req_txt[] =
-"POST %s HTTP/1.0\r\n\
-Content-Type: application/ocsp-request\r\n\
-Content-Length: %d\r\n\r\n";
-
-	len = i2d_OCSP_REQUEST(req, NULL);
-	if(BIO_printf(b, req_txt, path, len) < 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);
-		goto err;
-	}
-	if(i2d_OCSP_REQUEST_bio(b, req) <= 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);
-		goto err;
-	}
-	if(!(mem = BIO_new(BIO_s_mem()))) goto err;
-	/* Copy response to a memory BIO: socket bios can't do gets! */
-	while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) {
-		if(len < 0) {
-			OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR);
-			goto err;
-		}
-		BIO_write(mem, tmpbuf, len);
-	}
-	if(BIO_gets(mem, tmpbuf, 512) <= 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
-	/* Parse the HTTP response. This will look like this:
-	 * "HTTP/1.0 200 OK". We need to obtain the numeric code and
-         * informational message.
-	 */
-
-	/* Skip to first white space (passed protocol info) */
-	for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue;
-	if(!*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
-	/* Skip past white space to start of response code */
-	while(*p && isspace((unsigned char)*p)) p++;
-	if(!*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
-	/* Find end of response code: first whitespace after start of code */
-	for(q = p; *q && !isspace((unsigned char)*q); q++) continue;
-	if(!*q) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
-	/* Set end of response code and start of message */ 
-	*q++ = 0;
-	/* Attempt to parse numeric code */
-	retcode = strtoul(p, &r, 10);
-	if(*r) goto err;
-	/* Skip over any leading white space in message */
-	while(*q && isspace((unsigned char)*q))  q++;
-	if(!*q) goto err;
-	/* Finally zap any trailing white space in message (include CRLF) */
-	/* We know q has a non white space character so this is OK */
-	for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0;
-	if(retcode != 200) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR);
-		ERR_add_error_data(4, "Code=", p, ",Reason=", q);
-		goto err;
-	}
-	/* Find blank line marking beginning of content */	
-	while(BIO_gets(mem, tmpbuf, 512) > 0)
-	{
-		for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue;
-		if(!*p) break;
-	}
-	if(*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT);
-		goto err;
-	}
-	if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	err:
-	BIO_free(mem);
-	return resp;
-}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_lib.c b/crypto/openssl/crypto/ocsp/ocsp_lib.c
deleted file mode 100755
index 3875af165c71..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_lib.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* ocsp_lib.c */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/* Convert a certificate and its issuer to an OCSP_CERTID */
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
-{
-	X509_NAME *iname;
-	ASN1_INTEGER *serial;
-	ASN1_BIT_STRING *ikey;
-#ifndef OPENSSL_NO_SHA1
-	if(!dgst) dgst = EVP_sha1();
-#endif
-	if (subject)
-		{
-		iname = X509_get_issuer_name(subject);
-		serial = X509_get_serialNumber(subject);
-		}
-	else
-		{
-		iname = X509_get_subject_name(issuer);
-		serial = NULL;
-		}
-	ikey = X509_get0_pubkey_bitstr(issuer);
-	return OCSP_cert_id_new(dgst, iname, ikey, serial);
-}
-
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, 
-			      X509_NAME *issuerName, 
-			      ASN1_BIT_STRING* issuerKey, 
-			      ASN1_INTEGER *serialNumber)
-        {
-	int nid;
-        unsigned int i;
-	X509_ALGOR *alg;
-	OCSP_CERTID *cid = NULL;
-	unsigned char md[EVP_MAX_MD_SIZE];
-
-	if (!(cid = OCSP_CERTID_new())) goto err;
-
-	alg = cid->hashAlgorithm;
-	if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm);
-	if ((nid = EVP_MD_type(dgst)) == NID_undef)
-	        {
-		OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_UNKNOWN_NID);
-		goto err;
-		}
-	if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err;
-	if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
-	alg->parameter->type=V_ASN1_NULL;
-
-	if (!X509_NAME_digest(issuerName, dgst, md, &i)) goto digerr;
-	if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err;
-
-	/* Calculate the issuerKey hash, excluding tag and length */
-	EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL);
-
-	if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
-
-	if (serialNumber)
-		{
-		ASN1_INTEGER_free(cid->serialNumber);
-		if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err;
-		}
-	return cid;
-digerr:
-	OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR);
-err:
-	if (cid) OCSP_CERTID_free(cid);
-	return NULL;
-	}
-
-int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-	{
-	int ret;
-	ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm);
-	if (ret) return ret;
-	ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash);
-	if (ret) return ret;
-	return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash);
-	}
-
-int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-	{
-	int ret;
-	ret = OCSP_id_issuer_cmp(a, b);
-	if (ret) return ret;
-	return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber);
-	}
-
-
-/* Parse a URL and split it up into host, port and path components and whether
- * it is SSL.
- */
-
-int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
-	{
-	char *p, *buf;
-
-	char *host, *port;
-
-	/* dup the buffer since we are going to mess with it */
-	buf = BUF_strdup(url);
-	if (!buf) goto mem_err;
-
-	*phost = NULL;
-	*pport = NULL;
-	*ppath = NULL;
-
-	/* Check for initial colon */
-	p = strchr(buf, ':');
-
-	if (!p) goto parse_err;
-
-	*(p++) = '\0';
-
-	if (!strcmp(buf, "http"))
-		{
-		*pssl = 0;
-		port = "80";
-		}
-	else if (!strcmp(buf, "https"))
-		{
-		*pssl = 1;
-		port = "443";
-		}
-	else
-		goto parse_err;
-
-	/* Check for double slash */
-	if ((p[0] != '/') || (p[1] != '/'))
-		goto parse_err;
-
-	p += 2;
-
-	host = p;
-
-	/* Check for trailing part of path */
-
-	p = strchr(p, '/');
-
-	if (!p) 
-		*ppath = BUF_strdup("/");
-	else
-		{
-		*ppath = BUF_strdup(p);
-		/* Set start of path to 0 so hostname is valid */
-		*p = '\0';
-		}
-
-	if (!*ppath) goto mem_err;
-
-	/* Look for optional ':' for port number */
-	if ((p = strchr(host, ':')))
-		{
-		*p = 0;
-		port = p + 1;
-		}
-	else
-		{
-		/* Not found: set default port */
-		if (*pssl) port = "443";
-		else port = "80";
-		}
-
-	*pport = BUF_strdup(port);
-	if (!*pport) goto mem_err;
-
-	*phost = BUF_strdup(host);
-
-	if (!*phost) goto mem_err;
-
-	OPENSSL_free(buf);
-
-	return 1;
-
-	mem_err:
-	OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
-	goto err;
-
-	parse_err:
-	OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
-
-
-	err:
-	if (*ppath) OPENSSL_free(*ppath);
-	if (*pport) OPENSSL_free(*pport);
-	if (*phost) OPENSSL_free(*phost);
-	return 0;
-
-	}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_prn.c b/crypto/openssl/crypto/ocsp/ocsp_prn.c
deleted file mode 100644
index 4b7bc2876958..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_prn.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* ocsp_prn.c */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was originally part of ocsp.c and was transfered to Richard
-   Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included
-   in OpenSSL or released as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-
-static int ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent)
-        {
-	BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
-	indent += 2;
-	BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
-	i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
-	BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
-	i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
-	BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
-	i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
-	BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
-	i2a_ASN1_INTEGER(bp, a->serialNumber);
-	BIO_printf(bp, "\n");
-	return 1;
-	}
-
-typedef struct
-	{
-	long t;
-	char *m;
-	} OCSP_TBLSTR;
-
-static char *table2string(long s, OCSP_TBLSTR *ts, int len)
-{
-	OCSP_TBLSTR *p;
-	for (p=ts; p < ts + len; p++)
-	        if (p->t == s)
-		         return p->m;
-	return "(UNKNOWN)";
-}
-
-char *OCSP_response_status_str(long s)
-        {
-	static OCSP_TBLSTR rstat_tbl[] = {
-	        { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" },
-	        { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" },
-	        { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" },
-	        { OCSP_RESPONSE_STATUS_TRYLATER, "trylater" },
-	        { OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired" },
-	        { OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized" } };
-	return table2string(s, rstat_tbl, 6);
-	} 
-
-char *OCSP_cert_status_str(long s)
-        {
-	static OCSP_TBLSTR cstat_tbl[] = {
-	        { V_OCSP_CERTSTATUS_GOOD, "good" },
-	        { V_OCSP_CERTSTATUS_REVOKED, "revoked" },
-	        { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" } };
-	return table2string(s, cstat_tbl, 3);
-	} 
-
-char *OCSP_crl_reason_str(long s)
-        {
-	OCSP_TBLSTR reason_tbl[] = {
-	  { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" },
-          { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" },
-          { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" },
-          { OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged" },
-          { OCSP_REVOKED_STATUS_SUPERSEDED, "superseded" },
-          { OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation" },
-          { OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold" },
-          { OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL" } };
-	return table2string(s, reason_tbl, 8);
-	} 
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)
-        {
-	int i;
-	long l;
-	OCSP_CERTID* cid = NULL;
-	OCSP_ONEREQ *one = NULL;
-	OCSP_REQINFO *inf = o->tbsRequest;
-	OCSP_SIGNATURE *sig = o->optionalSignature;
-
-	if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
-	l=ASN1_INTEGER_get(inf->version);
-	if (BIO_printf(bp,"    Version: %lu (0x%lx)",l+1,l) <= 0) goto err;
-	if (inf->requestorName != NULL)
-	        {
-		if (BIO_write(bp,"\n    Requestor Name: ",21) <= 0) 
-		        goto err;
-		GENERAL_NAME_print(bp, inf->requestorName);
-		}
-	if (BIO_write(bp,"\n    Requestor List:\n",21) <= 0) goto err;
-	for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
-	        {
-		one = sk_OCSP_ONEREQ_value(inf->requestList, i);
-		cid = one->reqCert;
-		ocsp_certid_print(bp, cid, 8);
-		if (!X509V3_extensions_print(bp,
-					"Request Single Extensions",
-					one->singleRequestExtensions, flags, 8))
-							goto err;
-		}
-	if (!X509V3_extensions_print(bp, "Request Extensions",
-			inf->requestExtensions, flags, 4))
-							goto err;
-	if (sig)
-	        {
-		X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
-		for (i=0; i<sk_X509_num(sig->certs); i++)
-			{
-			X509_print(bp, sk_X509_value(sig->certs,i));
-			PEM_write_bio_X509(bp,sk_X509_value(sig->certs,i));
-			}
-		}
-	return 1;
-err:
-	return 0;
-	}
-
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
-        {
-	int i, ret = 0;
-	long l;
-	unsigned char *p;
-	OCSP_CERTID *cid = NULL;
-	OCSP_BASICRESP *br = NULL;
-	OCSP_RESPID *rid = NULL;
-	OCSP_RESPDATA  *rd = NULL;
-	OCSP_CERTSTATUS *cst = NULL;
-	OCSP_REVOKEDINFO *rev = NULL;
-	OCSP_SINGLERESP *single = NULL;
-	OCSP_RESPBYTES *rb = o->responseBytes;
-
-	if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err;
-	l=ASN1_ENUMERATED_get(o->responseStatus);
-	if (BIO_printf(bp,"    OCSP Response Status: %s (0x%x)\n",
-		       OCSP_response_status_str(l), l) <= 0) goto err;
-	if (rb == NULL) return 1;
-        if (BIO_puts(bp,"    Response Type: ") <= 0)
-	        goto err;
-	if(i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
-	        goto err;
-	if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) 
-	        {
-		BIO_puts(bp," (unknown response type)\n");
-		return 1;
-		}
-
-	p = ASN1_STRING_data(rb->response);
-	i = ASN1_STRING_length(rb->response);
-	if (!(br = OCSP_response_get1_basic(o))) goto err;
-	rd = br->tbsResponseData;
-	l=ASN1_INTEGER_get(rd->version);
-	if (BIO_printf(bp,"\n    Version: %lu (0x%lx)\n",
-		       l+1,l) <= 0) goto err;
-	if (BIO_puts(bp,"    Responder Id: ") <= 0) goto err;
-
-	rid =  rd->responderId;
-	switch (rid->type)
-		{
-		case V_OCSP_RESPID_NAME:
-		        X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);
-		        break;
-		case V_OCSP_RESPID_KEY:
-		        i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);
-		        break;
-		}
-
-	if (BIO_printf(bp,"\n    Produced At: ")<=0) goto err;
-	if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt)) goto err;
-	if (BIO_printf(bp,"\n    Responses:\n") <= 0) goto err;
-	for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++)
-	        {
-		if (! sk_OCSP_SINGLERESP_value(rd->responses, i)) continue;
-		single = sk_OCSP_SINGLERESP_value(rd->responses, i);
-		cid = single->certId;
-		if(ocsp_certid_print(bp, cid, 4) <= 0) goto err;
-		cst = single->certStatus;
-		if (BIO_printf(bp,"    Cert Status: %s",
-			       OCSP_cert_status_str(cst->type)) <= 0)
-		        goto err;
-		if (cst->type == V_OCSP_CERTSTATUS_REVOKED)
-		        {
-		        rev = cst->value.revoked;
-			if (BIO_printf(bp, "\n    Revocation Time: ") <= 0) 
-			        goto err;
-			if (!ASN1_GENERALIZEDTIME_print(bp, 
-							rev->revocationTime)) 
-				goto err;
-			if (rev->revocationReason) 
-			        {
-				l=ASN1_ENUMERATED_get(rev->revocationReason);
-				if (BIO_printf(bp, 
-					 "\n    Revocation Reason: %s (0x%x)",
-					       OCSP_crl_reason_str(l), l) <= 0)
-				        goto err;
-				}
-			}
-		if (BIO_printf(bp,"\n    This Update: ") <= 0) goto err;
-		if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate)) 
-			goto err;
-		if (single->nextUpdate)
-		        {
-			if (BIO_printf(bp,"\n    Next Update: ") <= 0)goto err;
-			if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate))
-				goto err;
-			}
-		if (!BIO_write(bp,"\n",1)) goto err;
-		if (!X509V3_extensions_print(bp,
-					"Response Single Extensions",
-					single->singleExtensions, flags, 8))
-							goto err;
-		if (!BIO_write(bp,"\n",1)) goto err;
-		}
-	if (!X509V3_extensions_print(bp, "Response Extensions",
-					rd->responseExtensions, flags, 4))
-	if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)
-							goto err;
-
-	for (i=0; i<sk_X509_num(br->certs); i++)
-		{
-		X509_print(bp, sk_X509_value(br->certs,i));
-		PEM_write_bio_X509(bp,sk_X509_value(br->certs,i));
-		}
-
-	ret = 1;
-err:
-	OCSP_BASICRESP_free(br);
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_srv.c b/crypto/openssl/crypto/ocsp/ocsp_srv.c
deleted file mode 100755
index fffa134e7541..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_srv.c
+++ /dev/null
@@ -1,264 +0,0 @@
-/* ocsp_srv.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/* Utility functions related to sending OCSP responses and extracting
- * relevant information from the request.
- */
-
-int OCSP_request_onereq_count(OCSP_REQUEST *req)
-	{
-	return sk_OCSP_ONEREQ_num(req->tbsRequest->requestList);
-	}
-
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i)
-	{
-	return sk_OCSP_ONEREQ_value(req->tbsRequest->requestList, i);
-	}
-
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one)
-	{
-	return one->reqCert;
-	}
-
-int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-			ASN1_OCTET_STRING **pikeyHash,
-			ASN1_INTEGER **pserial, OCSP_CERTID *cid)
-	{
-	if (!cid) return 0;
-	if (pmd) *pmd = cid->hashAlgorithm->algorithm;
-	if(piNameHash) *piNameHash = cid->issuerNameHash;
-	if (pikeyHash) *pikeyHash = cid->issuerKeyHash;
-	if (pserial) *pserial = cid->serialNumber;
-	return 1;
-	}
-
-int OCSP_request_is_signed(OCSP_REQUEST *req)
-	{
-	if(req->optionalSignature) return 1;
-	return 0;
-	}
-
-/* Create an OCSP response and encode an optional basic response */
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs)
-        {
-        OCSP_RESPONSE *rsp = NULL;
-
-	if (!(rsp = OCSP_RESPONSE_new())) goto err;
-	if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status))) goto err;
-	if (!bs) return rsp;
-	if (!(rsp->responseBytes = OCSP_RESPBYTES_new())) goto err;
-	rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
-	if (!ASN1_item_pack(bs, ASN1_ITEM_rptr(OCSP_BASICRESP), &rsp->responseBytes->response))
-				goto err;
-	return rsp;
-err:
-	if (rsp) OCSP_RESPONSE_free(rsp);
-	return NULL;
-	}
-
-
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
-						OCSP_CERTID *cid,
-						int status, int reason,
-						ASN1_TIME *revtime,
-					ASN1_TIME *thisupd, ASN1_TIME *nextupd)
-	{
-	OCSP_SINGLERESP *single = NULL;
-	OCSP_CERTSTATUS *cs;
-	OCSP_REVOKEDINFO *ri;
-
-	if(!rsp->tbsResponseData->responses &&
-	    !(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null()))
-		goto err;
-
-	if (!(single = OCSP_SINGLERESP_new()))
-		goto err;
-
-
-
-	if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
-		goto err;
-	if (nextupd &&
-		!ASN1_TIME_to_generalizedtime(nextupd, &single->nextUpdate))
-		goto err;
-
-	OCSP_CERTID_free(single->certId);
-
-	if(!(single->certId = OCSP_CERTID_dup(cid)))
-		goto err;
-
-	cs = single->certStatus;
-	switch(cs->type = status)
-		{
-	case V_OCSP_CERTSTATUS_REVOKED:
-		if (!revtime)
-		        {
-		        OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS,OCSP_R_NO_REVOKED_TIME);
-			goto err;
-		        }
-		if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new())) goto err;
-		if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
-			goto err;	
-		if (reason != OCSP_REVOKED_STATUS_NOSTATUS)
-		        {
-			if (!(ri->revocationReason = ASN1_ENUMERATED_new())) 
-			        goto err;
-			if (!(ASN1_ENUMERATED_set(ri->revocationReason, 
-						  reason)))
-			        goto err;	
-			}
-		break;
-
-	case V_OCSP_CERTSTATUS_GOOD:
-		cs->value.good = ASN1_NULL_new();
-		break;
-
-	case V_OCSP_CERTSTATUS_UNKNOWN:
-		cs->value.unknown = ASN1_NULL_new();
-		break;
-
-	default:
-		goto err;
-
-		}
-	if (!(sk_OCSP_SINGLERESP_push(rsp->tbsResponseData->responses, single)))
-		goto err;
-	return single;
-err:
-	OCSP_SINGLERESP_free(single);
-	return NULL;
-	}
-
-/* Add a certificate to an OCSP request */
-
-int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
-	{
-	if (!resp->certs && !(resp->certs = sk_X509_new_null()))
-		return 0;
-
-	if(!sk_X509_push(resp->certs, cert)) return 0;
-	CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-	return 1;
-	}
-
-int OCSP_basic_sign(OCSP_BASICRESP *brsp, 
-			X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
-			STACK_OF(X509) *certs, unsigned long flags)
-        {
-	int i;
-	OCSP_RESPID *rid;
-
-	if (!X509_check_private_key(signer, key))
-		{
-		OCSPerr(OCSP_F_OCSP_BASIC_SIGN, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		goto err;
-		}
-
-	if(!(flags & OCSP_NOCERTS))
-		{
-		if(!OCSP_basic_add1_cert(brsp, signer))
-			goto err;
-		for (i = 0; i < sk_X509_num(certs); i++)
-			{
-			X509 *tmpcert = sk_X509_value(certs, i);
-			if(!OCSP_basic_add1_cert(brsp, tmpcert))
-				goto err;
-			}
-		}
-
-	rid = brsp->tbsResponseData->responderId;
-	if (flags & OCSP_RESPID_KEY)
-		{
-		unsigned char md[SHA_DIGEST_LENGTH];
-		X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
-		if (!(rid->value.byKey = ASN1_OCTET_STRING_new()))
-			goto err;
-		if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, SHA_DIGEST_LENGTH)))
-				goto err;
-		rid->type = V_OCSP_RESPID_KEY;
-		}
-	else
-		{
-		if (!X509_NAME_set(&rid->value.byName,
-					X509_get_subject_name(signer)))
-				goto err;
-		rid->type = V_OCSP_RESPID_NAME;
-		}
-
-	if (!(flags & OCSP_NOTIME) &&
-		!X509_gmtime_adj(brsp->tbsResponseData->producedAt, 0))
-		goto err;
-
-	/* Right now, I think that not doing double hashing is the right
-	   thing.	-- Richard Levitte */
-
-	if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0)) goto err;
-
-	return 1;
-err:
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/ocsp/ocsp_vfy.c b/crypto/openssl/crypto/ocsp/ocsp_vfy.c
deleted file mode 100644
index 1f5fda7ca310..000000000000
--- a/crypto/openssl/crypto/ocsp/ocsp_vfy.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/* ocsp_vfy.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <string.h>
-
-static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags);
-static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id);
-static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain, unsigned long flags);
-static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret);
-static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, STACK_OF(OCSP_SINGLERESP) *sresp);
-static int ocsp_check_delegated(X509 *x, int flags);
-static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags);
-
-/* Verify a basic response message */
-
-int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags)
-	{
-	X509 *signer, *x;
-	STACK_OF(X509) *chain = NULL;
-	X509_STORE_CTX ctx;
-	int i, ret = 0;
-	ret = ocsp_find_signer(&signer, bs, certs, st, flags);
-	if (!ret)
-		{
-		OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-		goto end;
-		}
-	if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-		flags |= OCSP_NOVERIFY;
-	if (!(flags & OCSP_NOSIGS))
-		{
-		EVP_PKEY *skey;
-		skey = X509_get_pubkey(signer);
-		ret = OCSP_BASICRESP_verify(bs, skey, 0);
-		EVP_PKEY_free(skey);
-		if(ret <= 0)
-			{
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
-			goto end;
-			}
-		}
-	if (!(flags & OCSP_NOVERIFY))
-		{
-		int init_res;
-		if(flags & OCSP_NOCHAIN)
-			init_res = X509_STORE_CTX_init(&ctx, st, signer, NULL);
-		else
-			init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
-		if(!init_res)
-			{
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB);
-			goto end;
-			}
-
-		X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-		ret = X509_verify_cert(&ctx);
-		chain = X509_STORE_CTX_get1_chain(&ctx);
-		X509_STORE_CTX_cleanup(&ctx);
-                if (ret <= 0)
-			{
-			i = X509_STORE_CTX_get_error(&ctx);	
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_add_error_data(2, "Verify error:",
-					X509_verify_cert_error_string(i));
-                        goto end;
-                	}
-		if(flags & OCSP_NOCHECKS)
-			{
-			ret = 1;
-			goto end;
-			}
-		/* At this point we have a valid certificate chain
-		 * need to verify it against the OCSP issuer criteria.
-		 */
-		ret = ocsp_check_issuer(bs, chain, flags);
-
-		/* If fatal error or valid match then finish */
-		if (ret != 0) goto end;
-
-		/* Easy case: explicitly trusted. Get root CA and
-		 * check for explicit trust
-		 */
-		if(flags & OCSP_NOEXPLICIT) goto end;
-
-		x = sk_X509_value(chain, sk_X509_num(chain) - 1);
-		if(X509_check_trust(x, NID_OCSP_sign, 0) != X509_TRUST_TRUSTED)
-			{
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_ROOT_CA_NOT_TRUSTED);
-			goto end;
-			}
-		ret = 1;
-		}
-
-
-
-	end:
-	if(chain) sk_X509_pop_free(chain, X509_free);
-	return ret;
-	}
-
-
-static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags)
-	{
-	X509 *signer;
-	OCSP_RESPID *rid = bs->tbsResponseData->responderId;
-	if ((signer = ocsp_find_signer_sk(certs, rid)))
-		{
-		*psigner = signer;
-		return 2;
-		}
-	if(!(flags & OCSP_NOINTERN) &&
-	    (signer = ocsp_find_signer_sk(bs->certs, rid)))
-		{
-		*psigner = signer;
-		return 1;
-		}
-	/* Maybe lookup from store if by subject name */
-
-	*psigner = NULL;
-	return 0;
-	}
-
-
-static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
-	{
-	int i;
-	unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
-	X509 *x;
-
-	/* Easy if lookup by name */
-	if (id->type == V_OCSP_RESPID_NAME)
-		return X509_find_by_subject(certs, id->value.byName);
-
-	/* Lookup by key hash */
-
-	/* If key hash isn't SHA1 length then forget it */
-	if (id->value.byKey->length != SHA_DIGEST_LENGTH) return NULL;
-	keyhash = id->value.byKey->data;
-	/* Calculate hash of each key and compare */
-	for (i = 0; i < sk_X509_num(certs); i++)
-		{
-		x = sk_X509_value(certs, i);
-		X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
-		if(!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
-			return x;
-		}
-	return NULL;
-	}
-
-
-static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain, unsigned long flags)
-	{
-	STACK_OF(OCSP_SINGLERESP) *sresp;
-	X509 *signer, *sca;
-	OCSP_CERTID *caid = NULL;
-	int i;
-	sresp = bs->tbsResponseData->responses;
-
-	if (sk_X509_num(chain) <= 0)
-		{
-		OCSPerr(OCSP_F_OCSP_CHECK_ISSUER, OCSP_R_NO_CERTIFICATES_IN_CHAIN);
-		return -1;
-		}
-
-	/* See if the issuer IDs match. */
-	i = ocsp_check_ids(sresp, &caid);
-
-	/* If ID mismatch or other error then return */
-	if (i <= 0) return i;
-
-	signer = sk_X509_value(chain, 0);
-	/* Check to see if OCSP responder CA matches request CA */
-	if (sk_X509_num(chain) > 1)
-		{
-		sca = sk_X509_value(chain, 1);
-		i = ocsp_match_issuerid(sca, caid, sresp);
-		if (i < 0) return i;
-		if (i)
-			{
-			/* We have a match, if extensions OK then success */
-			if (ocsp_check_delegated(signer, flags)) return 1;
-			return 0;
-			}
-		}
-
-	/* Otherwise check if OCSP request signed directly by request CA */
-	return ocsp_match_issuerid(signer, caid, sresp);
-	}
-
-
-/* Check the issuer certificate IDs for equality. If there is a mismatch with the same
- * algorithm then there's no point trying to match any certificates against the issuer.
- * If the issuer IDs all match then we just need to check equality against one of them.
- */
-	
-static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
-	{
-	OCSP_CERTID *tmpid, *cid;
-	int i, idcount;
-
-	idcount = sk_OCSP_SINGLERESP_num(sresp);
-	if (idcount <= 0)
-		{
-		OCSPerr(OCSP_F_OCSP_CHECK_IDS, OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA);
-		return -1;
-		}
-
-	cid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
-
-	*ret = NULL;
-
-	for (i = 1; i < idcount; i++)
-		{
-		tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
-		/* Check to see if IDs match */
-		if (OCSP_id_issuer_cmp(cid, tmpid))
-			{
-			/* If algoritm mismatch let caller deal with it */
-			if (OBJ_cmp(tmpid->hashAlgorithm->algorithm,
-					cid->hashAlgorithm->algorithm))
-					return 2;
-			/* Else mismatch */
-			return 0;
-			}
-		}
-
-	/* All IDs match: only need to check one ID */
-	*ret = cid;
-	return 1;
-	}
-
-
-static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
-			STACK_OF(OCSP_SINGLERESP) *sresp)
-	{
-	/* If only one ID to match then do it */
-	if(cid)
-		{
-		const EVP_MD *dgst;
-		X509_NAME *iname;
-		int mdlen;
-		unsigned char md[EVP_MAX_MD_SIZE];
-		if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm)))
-			{
-			OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID, OCSP_R_UNKNOWN_MESSAGE_DIGEST);
-			return -1;
-			}
-
-		mdlen = EVP_MD_size(dgst);
-		if ((cid->issuerNameHash->length != mdlen) ||
-		   (cid->issuerKeyHash->length != mdlen))
-			return 0;
-		iname = X509_get_subject_name(cert);
-		if (!X509_NAME_digest(iname, dgst, md, NULL))
-			return -1;
-		if (memcmp(md, cid->issuerNameHash->data, mdlen))
-			return 0;
-		X509_pubkey_digest(cert, EVP_sha1(), md, NULL);
-		if (memcmp(md, cid->issuerKeyHash->data, mdlen))
-			return 0;
-
-		return 1;
-
-		}
-	else
-		{
-		/* We have to match the whole lot */
-		int i, ret;
-		OCSP_CERTID *tmpid;
-		for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++)
-			{
-			tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
-			ret = ocsp_match_issuerid(cert, tmpid, NULL);
-			if (ret <= 0) return ret;
-			}
-		return 1;
-		}
-			
-	}
-
-static int ocsp_check_delegated(X509 *x, int flags)
-	{
-	X509_check_purpose(x, -1, 0);
-	if ((x->ex_flags & EXFLAG_XKUSAGE) &&
-	    (x->ex_xkusage & XKU_OCSP_SIGN))
-		return 1;
-	OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE);
-	return 0;
-	}
-
-/* Verify an OCSP request. This is fortunately much easier than OCSP
- * response verify. Just find the signers certificate and verify it
- * against a given trust value.
- */
-
-int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store, unsigned long flags)
-        {
-	X509 *signer;
-	X509_NAME *nm;
-	GENERAL_NAME *gen;
-	int ret;
-	X509_STORE_CTX ctx;
-	if (!req->optionalSignature) 
-		{
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_REQUEST_NOT_SIGNED);
-		return 0;
-		}
-	gen = req->tbsRequest->requestorName;
-	if (gen->type != GEN_DIRNAME)
-		{
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
-		return 0;
-		}
-	nm = gen->d.directoryName;
-	ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags);
-	if (ret <= 0)
-		{
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-		return 0;
-		}
-	if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-		flags |= OCSP_NOVERIFY;
-	if (!(flags & OCSP_NOSIGS))
-		{
-		EVP_PKEY *skey;
-		skey = X509_get_pubkey(signer);
-		ret = OCSP_REQUEST_verify(req, skey);
-		EVP_PKEY_free(skey);
-		if(ret <= 0)
-			{
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_SIGNATURE_FAILURE);
-			return 0;
-			}
-		}
-	if (!(flags & OCSP_NOVERIFY))
-		{
-		int init_res;
-		if(flags & OCSP_NOCHAIN)
-			init_res = X509_STORE_CTX_init(&ctx, store, signer, NULL);
-		else
-			init_res = X509_STORE_CTX_init(&ctx, store, signer,
-					req->optionalSignature->certs);
-		if(!init_res)
-			{
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,ERR_R_X509_LIB);
-			return 0;
-			}
-
-		X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-		X509_STORE_CTX_set_trust(&ctx, X509_TRUST_OCSP_REQUEST);
-		ret = X509_verify_cert(&ctx);
-		X509_STORE_CTX_cleanup(&ctx);
-                if (ret <= 0)
-			{
-			ret = X509_STORE_CTX_get_error(&ctx);	
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_add_error_data(2, "Verify error:",
-					X509_verify_cert_error_string(ret));
-                        return 0;
-                	}
-		}
-	return 1;
-        }
-
-static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm, STACK_OF(X509) *certs,
-				X509_STORE *st, unsigned long flags)
-	{
-	X509 *signer;
-	if(!(flags & OCSP_NOINTERN))
-		{
-		signer = X509_find_by_subject(req->optionalSignature->certs, nm);
-		*psigner = signer;
-		return 1;
-		}
-
-	signer = X509_find_by_subject(certs, nm);
-	if (signer)
-		{
-		*psigner = signer;
-		return 2;
-		}
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/opensslconf.h b/crypto/openssl/crypto/opensslconf.h
deleted file mode 100644
index 492041bc7cb5..000000000000
--- a/crypto/openssl/crypto/opensslconf.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
-   asks for it.  This is a transient feature that is provided for those
-   who haven't had the time to do the appropriate changes in their
-   applications.  */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-#  define NO_KRB5
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
-   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
-   even newer MIPS CPU's, but at the moment one size fits all for
-   optimization options.  Older Sparc's work better with only UNROLL, but
-   there's no way to tell at compile time what it is you're running on */
- 
-#if defined( sun )		/* Newer Sparc's */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#elif defined( __ultrix )	/* Older MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined( __osf1__ )	/* Alpha */
-#  define DES_PTR
-#  define DES_RISC2
-#elif defined ( _AIX )		/* RS6000 */
-  /* Unknown */
-#elif defined( __hpux )		/* HP-PA */
-  /* Unknown */
-#elif defined( __aux )		/* 68K */
-  /* Unknown */
-#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
-#  define DES_UNROLL
-#elif defined( __sgi )		/* Newer MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/crypto/openssl/crypto/opensslconf.h.in b/crypto/openssl/crypto/opensslconf.h.in
deleted file mode 100644
index 685e83b7a33f..000000000000
--- a/crypto/openssl/crypto/opensslconf.h.in
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/opensslconf.h.in */
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
-   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
-   even newer MIPS CPU's, but at the moment one size fits all for
-   optimization options.  Older Sparc's work better with only UNROLL, but
-   there's no way to tell at compile time what it is you're running on */
- 
-#if defined( sun )		/* Newer Sparc's */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#elif defined( __ultrix )	/* Older MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined( __osf1__ )	/* Alpha */
-#  define DES_PTR
-#  define DES_RISC2
-#elif defined ( _AIX )		/* RS6000 */
-  /* Unknown */
-#elif defined( __hpux )		/* HP-PA */
-  /* Unknown */
-#elif defined( __aux )		/* 68K */
-  /* Unknown */
-#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
-#  define DES_UNROLL
-#elif defined( __sgi )		/* Newer MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/crypto/openssl/crypto/opensslv.h b/crypto/openssl/crypto/opensslv.h
deleted file mode 100644
index 396ae7b3dced..000000000000
--- a/crypto/openssl/crypto/opensslv.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef HEADER_OPENSSLV_H
-#define HEADER_OPENSSLV_H
-
-/* Numeric release version identifier:
- * MNNFFPPS: major minor fix patch status
- * The status nibble has one of the values 0 for development, 1 to e for betas
- * 1 to 14, and f for release.  The patch level is exactly that.
- * For example:
- * 0.9.3-dev	  0x00903000
- * 0.9.3-beta1	  0x00903001
- * 0.9.3-beta2-dev 0x00903002
- * 0.9.3-beta2    0x00903002 (same as ...beta2-dev)
- * 0.9.3	  0x0090300f
- * 0.9.3a	  0x0090301f
- * 0.9.4 	  0x0090400f
- * 1.2.3z	  0x102031af
- *
- * For continuity reasons (because 0.9.5 is already out, and is coded
- * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
- * part is slightly different, by setting the highest bit.  This means
- * that 0.9.5a looks like this: 0x0090581f.  At 0.9.6, we can start
- * with 0x0090600S...
- *
- * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
- * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
- *  major minor fix final patch/beta)
- */
-#define OPENSSL_VERSION_NUMBER	0x0090701fL
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7a Feb 19 2003"
-#define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
-
-
-/* The macros below are to be used for shared library (.so, .dll, ...)
- * versioning.  That kind of versioning works a bit differently between
- * operating systems.  The most usual scheme is to set a major and a minor
- * number, and have the runtime loader check that the major number is equal
- * to what it was at application link time, while the minor number has to
- * be greater or equal to what it was at application link time.  With this
- * scheme, the version number is usually part of the file name, like this:
- *
- *	libcrypto.so.0.9
- *
- * Some unixen also make a softlink with the major verson number only:
- *
- *	libcrypto.so.0
- *
- * On Tru64 and IRIX 6.x it works a little bit differently.  There, the
- * shared library version is stored in the file, and is actually a series
- * of versions, separated by colons.  The rightmost version present in the
- * library when linking an application is stored in the application to be
- * matched at run time.  When the application is run, a check is done to
- * see if the library version stored in the application matches any of the
- * versions in the version string of the library itself.
- * This version string can be constructed in any way, depending on what
- * kind of matching is desired.  However, to implement the same scheme as
- * the one used in the other unixen, all compatible versions, from lowest
- * to highest, should be part of the string.  Consecutive builds would
- * give the following versions strings:
- *
- *	3.0
- *	3.0:3.1
- *	3.0:3.1:3.2
- *	4.0
- *	4.0:4.1
- *
- * Notice how version 4 is completely incompatible with version, and
- * therefore give the breach you can see.
- *
- * There may be other schemes as well that I haven't yet discovered.
- *
- * So, here's the way it works here: first of all, the library version
- * number doesn't need at all to match the overall OpenSSL version.
- * However, it's nice and more understandable if it actually does.
- * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
- * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
- * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
- * we need to keep a history of version numbers, which is done in the
- * macro SHLIB_VERSION_HISTORY.  The numbers are separated by colons and
- * should only keep the versions that are binary compatible with the current.
- */
-#define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "0.9.7"
-
-
-#endif /* HEADER_OPENSSLV_H */
diff --git a/crypto/openssl/crypto/ossl_typ.h b/crypto/openssl/crypto/ossl_typ.h
deleted file mode 100644
index 285fd0b1d977..000000000000
--- a/crypto/openssl/crypto/ossl_typ.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OPENSSL_TYPES_H
-#define HEADER_OPENSSL_TYPES_H
-
-#include <openssl/e_os2.h>
-
-#ifdef NO_ASN1_TYPEDEFS
-#define ASN1_INTEGER		ASN1_STRING
-#define ASN1_ENUMERATED		ASN1_STRING
-#define ASN1_BIT_STRING		ASN1_STRING
-#define ASN1_OCTET_STRING	ASN1_STRING
-#define ASN1_PRINTABLESTRING	ASN1_STRING
-#define ASN1_T61STRING		ASN1_STRING
-#define ASN1_IA5STRING		ASN1_STRING
-#define ASN1_UTCTIME		ASN1_STRING
-#define ASN1_GENERALIZEDTIME	ASN1_STRING
-#define ASN1_TIME		ASN1_STRING
-#define ASN1_GENERALSTRING	ASN1_STRING
-#define ASN1_UNIVERSALSTRING	ASN1_STRING
-#define ASN1_BMPSTRING		ASN1_STRING
-#define ASN1_VISIBLESTRING	ASN1_STRING
-#define ASN1_UTF8STRING		ASN1_STRING
-#define ASN1_BOOLEAN		int
-#define ASN1_NULL		int
-#else
-typedef struct asn1_string_st ASN1_INTEGER;
-typedef struct asn1_string_st ASN1_ENUMERATED;
-typedef struct asn1_string_st ASN1_BIT_STRING;
-typedef struct asn1_string_st ASN1_OCTET_STRING;
-typedef struct asn1_string_st ASN1_PRINTABLESTRING;
-typedef struct asn1_string_st ASN1_T61STRING;
-typedef struct asn1_string_st ASN1_IA5STRING;
-typedef struct asn1_string_st ASN1_GENERALSTRING;
-typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
-typedef struct asn1_string_st ASN1_BMPSTRING;
-typedef struct asn1_string_st ASN1_UTCTIME;
-typedef struct asn1_string_st ASN1_TIME;
-typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
-typedef struct asn1_string_st ASN1_VISIBLESTRING;
-typedef struct asn1_string_st ASN1_UTF8STRING;
-typedef int ASN1_BOOLEAN;
-typedef int ASN1_NULL;
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-#undef X509_NAME
-#undef PKCS7_ISSUER_AND_SERIAL
-#endif
-
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
-typedef struct env_md_st EVP_MD;
-typedef struct env_md_ctx_st EVP_MD_CTX;
-typedef struct evp_pkey_st EVP_PKEY;
-
-typedef struct x509_st X509;
-typedef struct X509_algor_st X509_ALGOR;
-typedef struct X509_crl_st X509_CRL;
-typedef struct X509_name_st X509_NAME;
-typedef struct x509_store_st X509_STORE;
-typedef struct x509_store_ctx_st X509_STORE_CTX;
-
-typedef struct engine_st ENGINE;
-
-  /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
-#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
-#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
-
-#endif /* def HEADER_OPENSSL_TYPES_H */
diff --git a/crypto/openssl/crypto/pem/Makefile.save b/crypto/openssl/crypto/pem/Makefile.save
deleted file mode 100644
index 111dbc1ae460..000000000000
--- a/crypto/openssl/crypto/pem/Makefile.save
+++ /dev/null
@@ -1,204 +0,0 @@
-#
-# SSLeay/crypto/pem/Makefile
-#
-
-DIR=	pem
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
-
-LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= pem.h pem2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links: $(EXHEADER)
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pem_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_all.o: ../cryptlib.h
-pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_err.o: ../../include/openssl/x509_vfy.h
-pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_info.o: ../../include/openssl/opensslconf.h
-pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pem_info.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pem_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_lib.o: ../cryptlib.h
-pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_seal.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_seal.o: ../../include/openssl/opensslconf.h
-pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pem_seal.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_seal.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pem_seal.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_seal.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_seal.o: ../cryptlib.h
-pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_sign.o: ../../include/openssl/opensslconf.h
-pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pem_sign.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pem_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_sign.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/pem/Makefile.ssl b/crypto/openssl/crypto/pem/Makefile.ssl
deleted file mode 100644
index 90eda931f73a..000000000000
--- a/crypto/openssl/crypto/pem/Makefile.ssl
+++ /dev/null
@@ -1,336 +0,0 @@
-#
-# SSLeay/crypto/pem/Makefile
-#
-
-DIR=	pem
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
-	pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
-
-LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
-	pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= pem.h pem2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links: $(EXHEADER)
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pem_all.o: ../../e_os.h ../../include/openssl/aes.h
-pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pem_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
-pem_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-pem_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-pem_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-pem_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pem_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_err.o: pem_err.c
-pem_info.o: ../../e_os.h ../../include/openssl/aes.h
-pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_info.o: ../../include/openssl/opensslconf.h
-pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pem_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_info.o: ../cryptlib.h pem_info.c
-pem_lib.o: ../../e_os.h ../../include/openssl/aes.h
-pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c
-pem_oth.o: ../../e_os.h ../../include/openssl/aes.h
-pem_oth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_oth.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_oth.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_oth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_oth.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_oth.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_oth.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pem_oth.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_oth.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_oth.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_oth.o: ../cryptlib.h pem_oth.c
-pem_pk8.o: ../../e_os.h ../../include/openssl/aes.h
-pem_pk8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_pk8.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_pk8.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_pk8.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_pk8.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_pk8.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_pk8.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_pk8.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_pk8.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pem_pk8.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
-pem_pkey.o: ../../e_os.h ../../include/openssl/aes.h
-pem_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_pkey.o: ../../include/openssl/opensslconf.h
-pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pem_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_pkey.o: ../cryptlib.h pem_pkey.c
-pem_seal.o: ../../e_os.h ../../include/openssl/aes.h
-pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_seal.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_seal.o: ../../include/openssl/opensslconf.h
-pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pem_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
-pem_sign.o: ../../e_os.h ../../include/openssl/aes.h
-pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_sign.o: ../../include/openssl/opensslconf.h
-pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pem_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pem_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c
-pem_x509.o: ../../e_os.h ../../include/openssl/aes.h
-pem_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_x509.o: ../../include/openssl/opensslconf.h
-pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pem_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_x509.o: ../cryptlib.h pem_x509.c
-pem_xaux.o: ../../e_os.h ../../include/openssl/aes.h
-pem_xaux.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_xaux.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_xaux.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pem_xaux.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_xaux.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pem_xaux.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pem_xaux.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_xaux.o: ../../include/openssl/opensslconf.h
-pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pem_xaux.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pem_xaux.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_xaux.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_xaux.o: ../cryptlib.h pem_xaux.c
diff --git a/crypto/openssl/crypto/pem/message b/crypto/openssl/crypto/pem/message
deleted file mode 100644
index e8bf9d759296..000000000000
--- a/crypto/openssl/crypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-Proc-Type: 4,ENCRYPTED
-Proc-Type: 4,MIC-ONLY
-Proc-Type: 4,MIC-CLEAR
-Content-Domain: RFC822
-DEK-Info: DES-CBC,0123456789abcdef
-Originator-Certificate
- xxxx
-Issuer-Certificate
- xxxx
-MIC-Info: RSA-MD5,RSA,
- xxxx
-
-
------END PRIVACY-ENHANCED MESSAGE-----
-
diff --git a/crypto/openssl/crypto/pem/pem.h b/crypto/openssl/crypto/pem/pem.h
deleted file mode 100644
index d330cbf9a328..000000000000
--- a/crypto/openssl/crypto/pem/pem.h
+++ /dev/null
@@ -1,672 +0,0 @@
-/* crypto/pem/pem.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-#define HEADER_PEM_H
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_STACK
-#include <openssl/stack.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem2.h>
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define PEM_BUFSIZE		1024
-
-#define PEM_OBJ_UNDEF		0
-#define PEM_OBJ_X509		1
-#define PEM_OBJ_X509_REQ	2
-#define PEM_OBJ_CRL		3
-#define PEM_OBJ_SSL_SESSION	4
-#define PEM_OBJ_PRIV_KEY	10
-#define PEM_OBJ_PRIV_RSA	11
-#define PEM_OBJ_PRIV_DSA	12
-#define PEM_OBJ_PRIV_DH		13
-#define PEM_OBJ_PUB_RSA		14
-#define PEM_OBJ_PUB_DSA		15
-#define PEM_OBJ_PUB_DH		16
-#define PEM_OBJ_DHPARAMS	17
-#define PEM_OBJ_DSAPARAMS	18
-#define PEM_OBJ_PRIV_RSA_PUBLIC	19
-
-#define PEM_ERROR		30
-#define PEM_DEK_DES_CBC         40
-#define PEM_DEK_IDEA_CBC        45
-#define PEM_DEK_DES_EDE         50
-#define PEM_DEK_DES_ECB         60
-#define PEM_DEK_RSA             70
-#define PEM_DEK_RSA_MD2         80
-#define PEM_DEK_RSA_MD5         90
-
-#define PEM_MD_MD2		NID_md2
-#define PEM_MD_MD5		NID_md5
-#define PEM_MD_SHA		NID_sha
-#define PEM_MD_MD2_RSA		NID_md2WithRSAEncryption
-#define PEM_MD_MD5_RSA		NID_md5WithRSAEncryption
-#define PEM_MD_SHA_RSA		NID_sha1WithRSAEncryption
-
-#define PEM_STRING_X509_OLD	"X509 CERTIFICATE"
-#define PEM_STRING_X509		"CERTIFICATE"
-#define PEM_STRING_X509_TRUSTED	"TRUSTED CERTIFICATE"
-#define PEM_STRING_X509_REQ_OLD	"NEW CERTIFICATE REQUEST"
-#define PEM_STRING_X509_REQ	"CERTIFICATE REQUEST"
-#define PEM_STRING_X509_CRL	"X509 CRL"
-#define PEM_STRING_EVP_PKEY	"ANY PRIVATE KEY"
-#define PEM_STRING_PUBLIC	"PUBLIC KEY"
-#define PEM_STRING_RSA		"RSA PRIVATE KEY"
-#define PEM_STRING_RSA_PUBLIC	"RSA PUBLIC KEY"
-#define PEM_STRING_DSA		"DSA PRIVATE KEY"
-#define PEM_STRING_DSA_PUBLIC	"DSA PUBLIC KEY"
-#define PEM_STRING_PKCS7	"PKCS7"
-#define PEM_STRING_PKCS8	"ENCRYPTED PRIVATE KEY"
-#define PEM_STRING_PKCS8INF	"PRIVATE KEY"
-#define PEM_STRING_DHPARAMS	"DH PARAMETERS"
-#define PEM_STRING_SSL_SESSION	"SSL SESSION PARAMETERS"
-#define PEM_STRING_DSAPARAMS	"DSA PARAMETERS"
-
-  /* Note that this structure is initialised by PEM_SealInit and cleaned up
-     by PEM_SealFinal (at least for now) */
-typedef struct PEM_Encode_Seal_st
-	{
-	EVP_ENCODE_CTX encode;
-	EVP_MD_CTX md;
-	EVP_CIPHER_CTX cipher;
-	} PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-#define PEM_TYPE_ENCRYPTED      10
-#define PEM_TYPE_MIC_ONLY       20
-#define PEM_TYPE_MIC_CLEAR      30
-#define PEM_TYPE_CLEAR		40
-
-typedef struct pem_recip_st
-	{
-	char *name;
-	X509_NAME *dn;
-
-	int cipher;
-	int key_enc;
-	/*	char iv[8]; unused and wrong size */
-	} PEM_USER;
-
-typedef struct pem_ctx_st
-	{
-	int type;		/* what type of object */
-
-	struct	{
-		int version;	
-		int mode;		
-		} proc_type;
-
-	char *domain;
-
-	struct	{
-		int cipher;
-	/* unused, and wrong size
-	   unsigned char iv[8]; */
-		} DEK_info;
-		
-	PEM_USER *originator;
-
-	int num_recipient;
-	PEM_USER **recipient;
-
-#ifndef OPENSSL_NO_STACK
-	STACK *x509_chain;	/* certificate chain */
-#else
-	char *x509_chain;	/* certificate chain */
-#endif
-	EVP_MD *md;		/* signature type */
-
-	int md_enc;		/* is the md encrypted or not? */
-	int md_len;		/* length of md_data */
-	char *md_data;		/* message digest, could be pkey encrypted */
-
-	EVP_CIPHER *dec;	/* date encryption cipher */
-	int key_len;		/* key length */
-	unsigned char *key;	/* key */
-	/* unused, and wrong size
-	   unsigned char iv[8]; */
-
-	
-	int  data_enc;		/* is the data encrypted */
-	int data_len;
-	unsigned char *data;
-	} PEM_CTX;
-
-/* These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either:
- * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
- */
-
-#ifdef OPENSSL_NO_FP_API
-
-#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
-#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
-#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
-
-#else
-
-#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\
-	cb,u)); \
-} \
-
-#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
-							 NULL,NULL,0,NULL,NULL)); \
-} 
-
-#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, \
-		  void *u) \
-	{ \
-	return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
-		(char *)x,enc,kstr,klen,cb,u)); \
-	}
-
-#endif
-
-#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
-							(char **)x,cb,u)); \
-}
-
-#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
-							 NULL,NULL,0,NULL,NULL)); \
-}
-
-#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
-	{ \
-	return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
-		(char *)x,enc,kstr,klen,cb,u)); \
-	}
-
-#define IMPLEMENT_PEM_write(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_fp(name, type, str, asn1) 
-
-#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) 
-
-#define IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_read_fp(name, type, str, asn1) 
-
-#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
-	IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_write(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
-	IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
-
-#define DECLARE_PEM_read_fp(name, type) /**/
-#define DECLARE_PEM_write_fp(name, type) /**/
-#define DECLARE_PEM_write_cb_fp(name, type) /**/
-
-#else
-
-#define DECLARE_PEM_read_fp(name, type) \
-	type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_fp(name, type) \
-	int PEM_write_##name(FILE *fp, type *x);
-
-#define DECLARE_PEM_write_cb_fp(name, type) \
-	int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#define DECLARE_PEM_read_bio(name, type) \
-	type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_bio(name, type) \
-	int PEM_write_bio_##name(BIO *bp, type *x);
-
-#define DECLARE_PEM_write_cb_bio(name, type) \
-	int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-#else
-
-#define DECLARE_PEM_read_bio(name, type) /**/
-#define DECLARE_PEM_write_bio(name, type) /**/
-#define DECLARE_PEM_write_cb_bio(name, type) /**/
-
-#endif
-
-#define DECLARE_PEM_write(name, type) \
-	DECLARE_PEM_write_bio(name, type) \
-	DECLARE_PEM_write_fp(name, type) 
-
-#define DECLARE_PEM_write_cb(name, type) \
-	DECLARE_PEM_write_cb_bio(name, type) \
-	DECLARE_PEM_write_cb_fp(name, type) 
-
-#define DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_read_bio(name, type) \
-	DECLARE_PEM_read_fp(name, type)
-
-#define DECLARE_PEM_rw(name, type) \
-	DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_write(name, type)
-
-#define DECLARE_PEM_rw_cb(name, type) \
-	DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_write_cb(name, type)
-
-#ifdef SSLEAY_MACROS
-
-#define PEM_write_SSL_SESSION(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
-			PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
-		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
-			NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_CRL(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
-			fp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
-			(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_RSAPublicKey(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
-			PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
-			(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_PrivateKey,\
-		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_PKCS7(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_DHparams(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
-			(char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
-                PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
-			PEM_STRING_X509,fp, \
-                        (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define	PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define	PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
-#define	PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
-#define	PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
-#define	PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
-#define	PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
-#define	PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
-#define	PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
-	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
-#define	PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
-	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
-#define	PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
-	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
-
-#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
-		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
-        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
-							(char **)x,cb,u)
-
-#define PEM_write_bio_SSL_SESSION(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
-			PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
-		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
-			NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_CRL(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
-			bp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_bio_RSAPublicKey(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
-			PEM_STRING_RSA_PUBLIC,\
-			bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
-		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_bio_PKCS7(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DHparams(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
-			bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DSAparams(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
-			PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
-                PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
-			PEM_STRING_X509,bp, \
-                        (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define	PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
-#define	PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
-#define	PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
-#define	PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
-
-#define	PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
-
-#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
-		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
-        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
-							(char **)x,cb,u)
-
-#endif
-
-#if 1
-/* "userdata": new with OpenSSL 0.9.4 */
-typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
-#else
-/* OpenSSL 0.9.3, 0.9.3a */
-typedef int pem_password_cb(char *buf, int size, int rwflag);
-#endif
-
-int	PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int	PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
-	pem_password_cb *callback,void *u);
-
-#ifndef OPENSSL_NO_BIO
-int	PEM_read_bio(BIO *bp, char **name, char **header,
-		unsigned char **data,long *len);
-int	PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
-		long len);
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
-	     pem_password_cb *cb, void *u);
-char *	PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
-		pem_password_cb *cb, void *u);
-int	PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
-			   const EVP_CIPHER *enc,unsigned char *kstr,int klen,
-			   pem_password_cb *cb, void *u);
-STACK_OF(X509_INFO) *	PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
-int	PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
-		unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
-#endif
-
-#ifndef OPENSSL_SYS_WIN16
-int	PEM_read(FILE *fp, char **name, char **header,
-		unsigned char **data,long *len);
-int	PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
-char *	PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
-	pem_password_cb *cb, void *u);
-int	PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
-		       const EVP_CIPHER *enc,unsigned char *kstr,int klen,
-		       pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) *	PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
-	pem_password_cb *cb, void *u);
-#endif
-
-int	PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
-		EVP_MD *md_type, unsigned char **ek, int *ekl,
-		unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-		unsigned char *in, int inl);
-int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
-		unsigned char *out, int *outl, EVP_PKEY *priv);
-
-void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void    PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
-int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-		unsigned int *siglen, EVP_PKEY *pkey);
-
-int	PEM_def_callback(char *buf, int num, int w, void *key);
-void	PEM_proc_type(char *buf, int type);
-void	PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-#ifndef SSLEAY_MACROS
-
-#include <openssl/symhacks.h>
-
-DECLARE_PEM_rw(X509, X509)
-
-DECLARE_PEM_rw(X509_AUX, X509)
-
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-
-DECLARE_PEM_rw(PKCS7, PKCS7)
-
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-
-#ifndef OPENSSL_NO_RSA
-
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-
-DECLARE_PEM_rw(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-
-DECLARE_PEM_rw(DSAparams, DSA)
-
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-DECLARE_PEM_rw(DHparams, DH)
-
-#endif
-
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
-                                  char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
-			      char *kstr,int klen, pem_password_cb *cd, void *u);
-
-#endif /* SSLEAY_MACROS */
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO			 120
-#define PEM_F_D2I_PKCS8PRIVATEKEY_FP			 121
-#define PEM_F_DEF_CALLBACK				 100
-#define PEM_F_LOAD_IV					 101
-#define PEM_F_PEM_ASN1_READ				 102
-#define PEM_F_PEM_ASN1_READ_BIO				 103
-#define PEM_F_PEM_ASN1_WRITE				 104
-#define PEM_F_PEM_ASN1_WRITE_BIO			 105
-#define PEM_F_PEM_DO_HEADER				 106
-#define PEM_F_PEM_F_DO_PK8KEY_FP			 122
-#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY		 118
-#define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
-#define PEM_F_PEM_READ					 108
-#define PEM_F_PEM_READ_BIO				 109
-#define PEM_F_PEM_SEALFINAL				 110
-#define PEM_F_PEM_SEALINIT				 111
-#define PEM_F_PEM_SIGNFINAL				 112
-#define PEM_F_PEM_WRITE					 113
-#define PEM_F_PEM_WRITE_BIO				 114
-#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY		 119
-#define PEM_F_PEM_X509_INFO_READ			 115
-#define PEM_F_PEM_X509_INFO_READ_BIO			 116
-#define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
-
-/* Reason codes. */
-#define PEM_R_BAD_BASE64_DECODE				 100
-#define PEM_R_BAD_DECRYPT				 101
-#define PEM_R_BAD_END_LINE				 102
-#define PEM_R_BAD_IV_CHARS				 103
-#define PEM_R_BAD_PASSWORD_READ				 104
-#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY		 115
-#define PEM_R_NOT_DEK_INFO				 105
-#define PEM_R_NOT_ENCRYPTED				 106
-#define PEM_R_NOT_PROC_TYPE				 107
-#define PEM_R_NO_START_LINE				 108
-#define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
-#define PEM_R_PUBLIC_KEY_NO_RSA				 110
-#define PEM_R_READ_KEY					 111
-#define PEM_R_SHORT_HEADER				 112
-#define PEM_R_UNSUPPORTED_CIPHER			 113
-#define PEM_R_UNSUPPORTED_ENCRYPTION			 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/pem/pem2.h b/crypto/openssl/crypto/pem/pem2.h
deleted file mode 100644
index f31790d69cb0..000000000000
--- a/crypto/openssl/crypto/pem/pem2.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This header only exists to break a circular dependency between pem and err
- * Ben 30 Jan 1999.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef HEADER_PEM_H
-void ERR_load_PEM_strings(void);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
diff --git a/crypto/openssl/crypto/pem/pem_all.c b/crypto/openssl/crypto/pem/pem_all.c
deleted file mode 100644
index e72b7134cec2..000000000000
--- a/crypto/openssl/crypto/pem/pem_all.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* crypto/pem/pem_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-#ifndef OPENSSL_NO_RSA
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
-#endif
-
-IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
-
-IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
-
-IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
-
-IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
-
-IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
-					PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
-
-
-#ifndef OPENSSL_NO_RSA
-
-/* We treat RSA or DSA private keys as a special case.
- *
- * For private keys we read in an EVP_PKEY structure with
- * PEM_read_bio_PrivateKey() and extract the relevant private
- * key: this means can handle "traditional" and PKCS#8 formats
- * transparently.
- */
-
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
-{
-	RSA *rtmp;
-	if(!key) return NULL;
-	rtmp = EVP_PKEY_get1_RSA(key);
-	EVP_PKEY_free(key);
-	if(!rtmp) return NULL;
-	if(rsa) {
-		RSA_free(*rsa);
-		*rsa = rtmp;
-	}
-	return rtmp;
-}
-
-RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
-								void *u)
-{
-	EVP_PKEY *pktmp;
-	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_rsa(pktmp, rsa);
-}
-
-#ifndef OPENSSL_NO_FP_API
-
-RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
-								void *u)
-{
-	EVP_PKEY *pktmp;
-	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_rsa(pktmp, rsa);
-}
-
-#endif
-
-IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
-IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
-IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
-{
-	DSA *dtmp;
-	if(!key) return NULL;
-	dtmp = EVP_PKEY_get1_DSA(key);
-	EVP_PKEY_free(key);
-	if(!dtmp) return NULL;
-	if(dsa) {
-		DSA_free(*dsa);
-		*dsa = dtmp;
-	}
-	return dtmp;
-}
-
-DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
-								void *u)
-{
-	EVP_PKEY *pktmp;
-	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);
-}
-
-IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
-IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
-
-#ifndef OPENSSL_NO_FP_API
-
-DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
-								void *u)
-{
-	EVP_PKEY *pktmp;
-	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);
-}
-
-#endif
-
-IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
-
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
-
-#endif
-
-
-/* The PrivateKey case is not that straightforward.
- *   IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
- * does not work, RSA and DSA keys have specific strings.
- * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
- * appropriate.)
- */
-IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
-
-IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
-
diff --git a/crypto/openssl/crypto/pem/pem_err.c b/crypto/openssl/crypto/pem/pem_err.c
deleted file mode 100644
index 3b39b84d66e1..000000000000
--- a/crypto/openssl/crypto/pem/pem_err.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/pem/pem_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA PEM_str_functs[]=
-	{
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0),	"d2i_PKCS8PrivateKey_bio"},
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0),	"d2i_PKCS8PrivateKey_fp"},
-{ERR_PACK(0,PEM_F_DEF_CALLBACK,0),	"DEF_CALLBACK"},
-{ERR_PACK(0,PEM_F_LOAD_IV,0),	"LOAD_IV"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0),	"PEM_ASN1_read"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0),	"PEM_ASN1_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0),	"PEM_ASN1_write"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0),	"PEM_ASN1_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0),	"PEM_do_header"},
-{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0),	"PEM_F_DO_PK8KEY_FP"},
-{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0),	"PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0),	"PEM_get_EVP_CIPHER_INFO"},
-{ERR_PACK(0,PEM_F_PEM_READ,0),	"PEM_read"},
-{ERR_PACK(0,PEM_F_PEM_READ_BIO,0),	"PEM_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0),	"PEM_SealFinal"},
-{ERR_PACK(0,PEM_F_PEM_SEALINIT,0),	"PEM_SealInit"},
-{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0),	"PEM_SignFinal"},
-{ERR_PACK(0,PEM_F_PEM_WRITE,0),	"PEM_write"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0),	"PEM_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0),	"PEM_write_bio_PKCS8PrivateKey"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0),	"PEM_X509_INFO_read"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0),	"PEM_X509_INFO_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0),	"PEM_X509_INFO_write_bio"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA PEM_str_reasons[]=
-	{
-{PEM_R_BAD_BASE64_DECODE                 ,"bad base64 decode"},
-{PEM_R_BAD_DECRYPT                       ,"bad decrypt"},
-{PEM_R_BAD_END_LINE                      ,"bad end line"},
-{PEM_R_BAD_IV_CHARS                      ,"bad iv chars"},
-{PEM_R_BAD_PASSWORD_READ                 ,"bad password read"},
-{PEM_R_ERROR_CONVERTING_PRIVATE_KEY      ,"error converting private key"},
-{PEM_R_NOT_DEK_INFO                      ,"not dek info"},
-{PEM_R_NOT_ENCRYPTED                     ,"not encrypted"},
-{PEM_R_NOT_PROC_TYPE                     ,"not proc type"},
-{PEM_R_NO_START_LINE                     ,"no start line"},
-{PEM_R_PROBLEMS_GETTING_PASSWORD         ,"problems getting password"},
-{PEM_R_PUBLIC_KEY_NO_RSA                 ,"public key no rsa"},
-{PEM_R_READ_KEY                          ,"read key"},
-{PEM_R_SHORT_HEADER                      ,"short header"},
-{PEM_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{PEM_R_UNSUPPORTED_ENCRYPTION            ,"unsupported encryption"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_PEM_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
-		ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/pem/pem_info.c b/crypto/openssl/crypto/pem/pem_info.c
deleted file mode 100644
index 9e4af29c9544..000000000000
--- a/crypto/openssl/crypto/pem/pem_info.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/* crypto/pem/pem_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef OPENSSL_NO_FP_API
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
-	{
-        BIO *b;
-        STACK_OF(X509_INFO) *ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
-        BIO_free(b);
-        return(ret);
-	}
-#endif
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
-	{
-	X509_INFO *xi=NULL;
-	char *name=NULL,*header=NULL,**pp;
-	unsigned char *data=NULL,*p;
-	long len,error=0;
-	int ok=0;
-	STACK_OF(X509_INFO) *ret=NULL;
-	unsigned int i,raw;
-	char *(*d2i)();
-
-	if (sk == NULL)
-		{
-		if ((ret=sk_X509_INFO_new_null()) == NULL)
-			{
-			PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	else
-		ret=sk;
-
-	if ((xi=X509_INFO_new()) == NULL) goto err;
-	for (;;)
-		{
-		raw=0;
-		i=PEM_read_bio(bp,&name,&header,&data,&len);
-		if (i == 0)
-			{
-			error=ERR_GET_REASON(ERR_peek_last_error());
-			if (error == PEM_R_NO_START_LINE)
-				{
-				ERR_clear_error();
-				break;
-				}
-			goto err;
-			}
-start:
-		if (	(strcmp(name,PEM_STRING_X509) == 0) ||
-			(strcmp(name,PEM_STRING_X509_OLD) == 0))
-			{
-			d2i=(char *(*)())d2i_X509;
-			if (xi->x509 != NULL)
-				{
-				if (!sk_X509_INFO_push(ret,xi)) goto err;
-				if ((xi=X509_INFO_new()) == NULL) goto err;
-				goto start;
-				}
-			pp=(char **)&(xi->x509);
-			}
-		else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
-			{
-			d2i=(char *(*)())d2i_X509_AUX;
-			if (xi->x509 != NULL)
-				{
-				if (!sk_X509_INFO_push(ret,xi)) goto err;
-				if ((xi=X509_INFO_new()) == NULL) goto err;
-				goto start;
-				}
-			pp=(char **)&(xi->x509);
-			}
-		else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
-			{
-			d2i=(char *(*)())d2i_X509_CRL;
-			if (xi->crl != NULL)
-				{
-				if (!sk_X509_INFO_push(ret,xi)) goto err;
-				if ((xi=X509_INFO_new()) == NULL) goto err;
-				goto start;
-				}
-			pp=(char **)&(xi->crl);
-			}
-		else
-#ifndef OPENSSL_NO_RSA
-			if (strcmp(name,PEM_STRING_RSA) == 0)
-			{
-			d2i=(char *(*)())d2i_RSAPrivateKey;
-			if (xi->x_pkey != NULL) 
-				{
-				if (!sk_X509_INFO_push(ret,xi)) goto err;
-				if ((xi=X509_INFO_new()) == NULL) goto err;
-				goto start;
-				}
-
-			xi->enc_data=NULL;
-			xi->enc_len=0;
-
-			xi->x_pkey=X509_PKEY_new();
-			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
-				goto err;
-			xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
-			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
-			if ((int)strlen(header) > 10) /* assume encrypted */
-				raw=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (strcmp(name,PEM_STRING_DSA) == 0)
-			{
-			d2i=(char *(*)())d2i_DSAPrivateKey;
-			if (xi->x_pkey != NULL) 
-				{
-				if (!sk_X509_INFO_push(ret,xi)) goto err;
-				if ((xi=X509_INFO_new()) == NULL) goto err;
-				goto start;
-				}
-
-			xi->enc_data=NULL;
-			xi->enc_len=0;
-
-			xi->x_pkey=X509_PKEY_new();
-			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
-				goto err;
-			xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
-			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
-			if ((int)strlen(header) > 10) /* assume encrypted */
-				raw=1;
-			}
-		else
-#endif
-			{
-			d2i=NULL;
-			pp=NULL;
-			}
-
-		if (d2i != NULL)
-			{
-			if (!raw)
-				{
-				EVP_CIPHER_INFO cipher;
-
-				if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
-					goto err;
-				if (!PEM_do_header(&cipher,data,&len,cb,u))
-					goto err;
-				p=data;
-				if (d2i(pp,&p,len) == NULL)
-					{
-					PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
-					goto err;
-					}
-				}
-			else
-				{ /* encrypted RSA data */
-				if (!PEM_get_EVP_CIPHER_INFO(header,
-					&xi->enc_cipher)) goto err;
-				xi->enc_data=(char *)data;
-				xi->enc_len=(int)len;
-				data=NULL;
-				}
-			}
-		else	{
-			/* unknown */
-			}
-		if (name != NULL) OPENSSL_free(name);
-		if (header != NULL) OPENSSL_free(header);
-		if (data != NULL) OPENSSL_free(data);
-		name=NULL;
-		header=NULL;
-		data=NULL;
-		}
-
-	/* if the last one hasn't been pushed yet and there is anything
-	 * in it then add it to the stack ... 
-	 */
-	if ((xi->x509 != NULL) || (xi->crl != NULL) ||
-		(xi->x_pkey != NULL) || (xi->enc_data != NULL))
-		{
-		if (!sk_X509_INFO_push(ret,xi)) goto err;
-		xi=NULL;
-		}
-	ok=1;
-err:
-	if (xi != NULL) X509_INFO_free(xi);
-	if (!ok)
-		{
-		for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
-			{
-			xi=sk_X509_INFO_value(ret,i);
-			X509_INFO_free(xi);
-			}
-		if (ret != sk) sk_X509_INFO_free(ret);
-		ret=NULL;
-		}
-		
-	if (name != NULL) OPENSSL_free(name);
-	if (header != NULL) OPENSSL_free(header);
-	if (data != NULL) OPENSSL_free(data);
-	return(ret);
-	}
-
-
-/* A TJH addition */
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-	{
-	EVP_CIPHER_CTX ctx;
-	int i,ret=0;
-	unsigned char *data=NULL;
-	const char *objstr=NULL;
-	char buf[PEM_BUFSIZE];
-	unsigned char *iv=NULL;
-	
-	if (enc != NULL)
-		{
-		objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
-		if (objstr == NULL)
-			{
-			PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-			goto err;
-			}
-		}
-
-	/* now for the fun part ... if we have a private key then 
-	 * we have to be able to handle a not-yet-decrypted key
-	 * being written out correctly ... if it is decrypted or
-	 * it is non-encrypted then we use the base code
-	 */
-	if (xi->x_pkey!=NULL)
-		{
-		if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
-			{
-			/* copy from weirdo names into more normal things */
-			iv=xi->enc_cipher.iv;
-			data=(unsigned char *)xi->enc_data;
-			i=xi->enc_len;
-
-			/* we take the encryption data from the
-			 * internal stuff rather than what the
-			 * user has passed us ... as we have to 
-			 * match exactly for some strange reason
-			 */
-			objstr=OBJ_nid2sn(
-				EVP_CIPHER_nid(xi->enc_cipher.cipher));
-			if (objstr == NULL)
-				{
-				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-				goto err;
-				}
-
-			/* create the right magic header stuff */
-			OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
-			buf[0]='\0';
-			PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-			PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
-
-			/* use the normal code to write things out */
-			i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
-			if (i <= 0) goto err;
-			}
-		else
-			{
-			/* Add DSA/DH */
-#ifndef OPENSSL_NO_RSA
-			/* normal optionally encrypted stuff */
-			if (PEM_write_bio_RSAPrivateKey(bp,
-				xi->x_pkey->dec_pkey->pkey.rsa,
-				enc,kstr,klen,cb,u)<=0)
-				goto err;
-#endif
-			}
-		}
-
-	/* if we have a certificate then write it out now */
-	if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
-		goto err;
-
-	/* we are ignoring anything else that is loaded into the X509_INFO
-	 * structure for the moment ... as I don't need it so I'm not
-	 * coding it here and Eric can do it when this makes it into the
-	 * base library --tjh
-	 */
-
-	ret=1;
-
-err:
-	OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
-	OPENSSL_cleanse(buf,PEM_BUFSIZE);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/pem/pem_lib.c b/crypto/openssl/crypto/pem/pem_lib.c
deleted file mode 100644
index 70b5446797e9..000000000000
--- a/crypto/openssl/crypto/pem/pem_lib.c
+++ /dev/null
@@ -1,766 +0,0 @@
-/* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-
-const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
-
-#define MIN_LENGTH	4
-
-static int load_iv(unsigned char **fromp,unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-
-int PEM_def_callback(char *buf, int num, int w, void *key)
-	{
-#ifdef OPENSSL_NO_FP_API
-	/* We should not ever call the default callback routine from
-	 * windows. */
-	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(-1);
-#else
-	int i,j;
-	const char *prompt;
-	if(key) {
-		i=strlen(key);
-		i=(i > num)?num:i;
-		memcpy(buf,key,i);
-		return(i);
-	}
-
-	prompt=EVP_get_pw_prompt();
-	if (prompt == NULL)
-		prompt="Enter PEM pass phrase:";
-
-	for (;;)
-		{
-		i=EVP_read_pw_string(buf,num,prompt,w);
-		if (i != 0)
-			{
-			PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
-			memset(buf,0,(unsigned int)num);
-			return(-1);
-			}
-		j=strlen(buf);
-		if (j < MIN_LENGTH)
-			{
-			fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
-			}
-		else
-			break;
-		}
-	return(j);
-#endif
-	}
-
-void PEM_proc_type(char *buf, int type)
-	{
-	const char *str;
-
-	if (type == PEM_TYPE_ENCRYPTED)
-		str="ENCRYPTED";
-	else if (type == PEM_TYPE_MIC_CLEAR)
-		str="MIC-CLEAR";
-	else if (type == PEM_TYPE_MIC_ONLY)
-		str="MIC-ONLY";
-	else
-		str="BAD-TYPE";
-		
-	strcat(buf,"Proc-Type: 4,");
-	strcat(buf,str);
-	strcat(buf,"\n");
-	}
-
-void PEM_dek_info(char *buf, const char *type, int len, char *str)
-	{
-	static const unsigned char map[17]="0123456789ABCDEF";
-	long i;
-	int j;
-
-	strcat(buf,"DEK-Info: ");
-	strcat(buf,type);
-	strcat(buf,",");
-	j=strlen(buf);
-	for (i=0; i<len; i++)
-		{
-		buf[j+i*2]  =map[(str[i]>>4)&0x0f];
-		buf[j+i*2+1]=map[(str[i]   )&0x0f];
-		}
-	buf[j+i*2]='\n';
-	buf[j+i*2+1]='\0';
-	}
-
-#ifndef OPENSSL_NO_FP_API
-char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
-	     pem_password_cb *cb, void *u)
-	{
-        BIO *b;
-        char *ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
-        BIO_free(b);
-        return(ret);
-	}
-#endif
-
-static int check_pem(const char *nm, const char *name)
-{
-	/* Normal matching nm and name */
-	if (!strcmp(nm,name)) return 1;
-
-	/* Make PEM_STRING_EVP_PKEY match any private key */
-
-	if(!strcmp(nm,PEM_STRING_PKCS8) &&
-		!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
-		 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_RSA) &&
-		!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_DSA) &&
-		 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	/* Permit older strings */
-
-	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
-		!strcmp(name,PEM_STRING_X509)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
-		!strcmp(name,PEM_STRING_X509_REQ)) return 1;
-
-	/* Allow normal certs to be read as trusted certs */
-	if(!strcmp(nm,PEM_STRING_X509) &&
-		!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
-		!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-
-	/* Some CAs use PKCS#7 with CERTIFICATE headers */
-	if(!strcmp(nm, PEM_STRING_X509) &&
-		!strcmp(name, PEM_STRING_PKCS7)) return 1;
-
-	return 0;
-}
-
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
-	     pem_password_cb *cb, void *u)
-	{
-	EVP_CIPHER_INFO cipher;
-	char *nm=NULL,*header=NULL;
-	unsigned char *data=NULL;
-	long len;
-	int ret = 0;
-
-	for (;;)
-		{
-		if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
-			if(ERR_GET_REASON(ERR_peek_error()) ==
-				PEM_R_NO_START_LINE)
-				ERR_add_error_data(2, "Expecting: ", name);
-			return 0;
-		}
-		if(check_pem(nm, name)) break;
-		OPENSSL_free(nm);
-		OPENSSL_free(header);
-		OPENSSL_free(data);
-		}
-	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
-	if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
-
-	*pdata = data;
-	*plen = len;
-
-	if (pnm)
-		*pnm = nm;
-
-	ret = 1;
-
-err:
-	if (!ret || !pnm) OPENSSL_free(nm);
-	OPENSSL_free(header);
-	if (!ret) OPENSSL_free(data);
-	return ret;
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
-	     const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-	     pem_password_cb *callback, void *u)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
-	     const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-	     pem_password_cb *callback, void *u)
-	{
-	EVP_CIPHER_CTX ctx;
-	int dsize=0,i,j,ret=0;
-	unsigned char *p,*data=NULL;
-	const char *objstr=NULL;
-	char buf[PEM_BUFSIZE];
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-	
-	if (enc != NULL)
-		{
-		objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
-		if (objstr == NULL)
-			{
-			PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-			goto err;
-			}
-		}
-
-	if ((dsize=i2d(x,NULL)) < 0)
-		{
-		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
-		dsize=0;
-		goto err;
-		}
-	/* dzise + 8 bytes are needed */
-	/* actually it needs the cipher block size extra... */
-	data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
-	if (data == NULL)
-		{
-		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=data;
-	i=i2d(x,&p);
-
-	if (enc != NULL)
-		{
-		if (kstr == NULL)
-			{
-			if (callback == NULL)
-				klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
-			else
-				klen=(*callback)(buf,PEM_BUFSIZE,1,u);
-			if (klen <= 0)
-				{
-				PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
-				goto err;
-				}
-#ifdef CHARSET_EBCDIC
-			/* Convert the pass phrase from EBCDIC */
-			ebcdic2ascii(buf, buf, klen);
-#endif
-			kstr=(unsigned char *)buf;
-			}
-		RAND_add(data,i,0);/* put in the RSA key. */
-		OPENSSL_assert(enc->iv_len <= sizeof iv);
-		if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
-			goto err;
-		/* The 'iv' is used as the iv and as a salt.  It is
-		 * NOT taken from the BytesToKey function */
-		EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
-
-		if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
-
-		OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
-
-		buf[0]='\0';
-		PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-		PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
-		/* k=strlen(buf); */
-
-		EVP_CIPHER_CTX_init(&ctx);
-		EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
-		EVP_EncryptUpdate(&ctx,data,&j,data,i);
-		EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		i+=j;
-		ret=1;
-		}
-	else
-		{
-		ret=1;
-		buf[0]='\0';
-		}
-	i=PEM_write_bio(bp,name,buf,data,i);
-	if (i <= 0) ret=0;
-err:
-	OPENSSL_cleanse(key,sizeof(key));
-	OPENSSL_cleanse(iv,sizeof(iv));
-	OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
-	OPENSSL_cleanse(buf,PEM_BUFSIZE);
-	if (data != NULL)
-		{
-		OPENSSL_cleanse(data,(unsigned int)dsize);
-		OPENSSL_free(data);
-		}
-	return(ret);
-	}
-
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
-	     pem_password_cb *callback,void *u)
-	{
-	int i,j,o,klen;
-	long len;
-	EVP_CIPHER_CTX ctx;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	char buf[PEM_BUFSIZE];
-
-	len= *plen;
-
-	if (cipher->cipher == NULL) return(1);
-	if (callback == NULL)
-		klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
-	else
-		klen=callback(buf,PEM_BUFSIZE,0,u);
-	if (klen <= 0)
-		{
-		PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
-		return(0);
-		}
-#ifdef CHARSET_EBCDIC
-	/* Convert the pass phrase from EBCDIC */
-	ebcdic2ascii(buf, buf, klen);
-#endif
-
-	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
-		(unsigned char *)buf,klen,1,key,NULL);
-
-	j=(int)len;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
-	EVP_DecryptUpdate(&ctx,data,&i,data,j);
-	o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	OPENSSL_cleanse((char *)buf,sizeof(buf));
-	OPENSSL_cleanse((char *)key,sizeof(key));
-	j+=i;
-	if (!o)
-		{
-		PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
-		return(0);
-		}
-	*plen=j;
-	return(1);
-	}
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-	{
-	int o;
-	const EVP_CIPHER *enc=NULL;
-	char *p,c;
-
-	cipher->cipher=NULL;
-	if ((header == NULL) || (*header == '\0') || (*header == '\n'))
-		return(1);
-	if (strncmp(header,"Proc-Type: ",11) != 0)
-		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
-	header+=11;
-	if (*header != '4') return(0); header++;
-	if (*header != ',') return(0); header++;
-	if (strncmp(header,"ENCRYPTED",9) != 0)
-		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
-	for (; (*header != '\n') && (*header != '\0'); header++)
-		;
-	if (*header == '\0')
-		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
-	header++;
-	if (strncmp(header,"DEK-Info: ",10) != 0)
-		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
-	header+=10;
-
-	p=header;
-	for (;;)
-		{
-		c= *header;
-#ifndef CHARSET_EBCDIC
-		if (!(	((c >= 'A') && (c <= 'Z')) || (c == '-') ||
-			((c >= '0') && (c <= '9'))))
-			break;
-#else
-		if (!(	isupper(c) || (c == '-') ||
-			isdigit(c)))
-			break;
-#endif
-		header++;
-		}
-	*header='\0';
-	o=OBJ_sn2nid(p);
-	cipher->cipher=enc=EVP_get_cipherbyname(p);
-	*header=c;
-	header++;
-
-	if (enc == NULL)
-		{
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
-		return(0);
-		}
-	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
-
-	return(1);
-	}
-
-static int load_iv(unsigned char **fromp, unsigned char *to, int num)
-	{
-	int v,i;
-	unsigned char *from;
-
-	from= *fromp;
-	for (i=0; i<num; i++) to[i]=0;
-	num*=2;
-	for (i=0; i<num; i++)
-		{
-		if ((*from >= '0') && (*from <= '9'))
-			v= *from-'0';
-		else if ((*from >= 'A') && (*from <= 'F'))
-			v= *from-'A'+10;
-		else if ((*from >= 'a') && (*from <= 'f'))
-			v= *from-'a'+10;
-		else
-			{
-			PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
-			return(0);
-			}
-		from++;
-		to[i/2]|=v<<(long)((!(i&1))*4);
-		}
-
-	*fromp=from;
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
-	     long len)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_write_bio(b, name, header, data,len);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
-	     long len)
-	{
-	int nlen,n,i,j,outl;
-	unsigned char *buf;
-	EVP_ENCODE_CTX ctx;
-	int reason=ERR_R_BUF_LIB;
-	
-	EVP_EncodeInit(&ctx);
-	nlen=strlen(name);
-
-	if (	(BIO_write(bp,"-----BEGIN ",11) != 11) ||
-		(BIO_write(bp,name,nlen) != nlen) ||
-		(BIO_write(bp,"-----\n",6) != 6))
-		goto err;
-		
-	i=strlen(header);
-	if (i > 0)
-		{
-		if (	(BIO_write(bp,header,i) != i) ||
-			(BIO_write(bp,"\n",1) != 1))
-			goto err;
-		}
-
-	buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8);
-	if (buf == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	i=j=0;
-	while (len > 0)
-		{
-		n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
-		EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
-		if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
-			goto err;
-		i+=outl;
-		len-=n;
-		j+=n;
-		}
-	EVP_EncodeFinal(&ctx,buf,&outl);
-	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
-	OPENSSL_free(buf);
-	if (	(BIO_write(bp,"-----END ",9) != 9) ||
-		(BIO_write(bp,name,nlen) != nlen) ||
-		(BIO_write(bp,"-----\n",6) != 6))
-		goto err;
-	return(i+outl);
-err:
-	PEMerr(PEM_F_PEM_WRITE_BIO,reason);
-	return(0);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
-	     long *len)
-        {
-        BIO *b;
-        int ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_read_bio(b, name, header, data,len);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-
-int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
-	     long *len)
-	{
-	EVP_ENCODE_CTX ctx;
-	int end=0,i,k,bl=0,hl=0,nohead=0;
-	char buf[256];
-	BUF_MEM *nameB;
-	BUF_MEM *headerB;
-	BUF_MEM *dataB,*tmpB;
-	
-	nameB=BUF_MEM_new();
-	headerB=BUF_MEM_new();
-	dataB=BUF_MEM_new();
-	if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
-		{
-		PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-
-	buf[254]='\0';
-	for (;;)
-		{
-		i=BIO_gets(bp,buf,254);
-
-		if (i <= 0)
-			{
-			PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
-			goto err;
-			}
-
-		while ((i >= 0) && (buf[i] <= ' ')) i--;
-		buf[++i]='\n'; buf[++i]='\0';
-
-		if (strncmp(buf,"-----BEGIN ",11) == 0)
-			{
-			i=strlen(&(buf[11]));
-
-			if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
-				continue;
-			if (!BUF_MEM_grow(nameB,i+9))
-				{
-				PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			memcpy(nameB->data,&(buf[11]),i-6);
-			nameB->data[i-6]='\0';
-			break;
-			}
-		}
-	hl=0;
-	if (!BUF_MEM_grow(headerB,256))
-		{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-	headerB->data[0]='\0';
-	for (;;)
-		{
-		i=BIO_gets(bp,buf,254);
-		if (i <= 0) break;
-
-		while ((i >= 0) && (buf[i] <= ' ')) i--;
-		buf[++i]='\n'; buf[++i]='\0';
-
-		if (buf[0] == '\n') break;
-		if (!BUF_MEM_grow(headerB,hl+i+9))
-			{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-		if (strncmp(buf,"-----END ",9) == 0)
-			{
-			nohead=1;
-			break;
-			}
-		memcpy(&(headerB->data[hl]),buf,i);
-		headerB->data[hl+i]='\0';
-		hl+=i;
-		}
-
-	bl=0;
-	if (!BUF_MEM_grow(dataB,1024))
-		{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-	dataB->data[0]='\0';
-	if (!nohead)
-		{
-		for (;;)
-			{
-			i=BIO_gets(bp,buf,254);
-			if (i <= 0) break;
-
-			while ((i >= 0) && (buf[i] <= ' ')) i--;
-			buf[++i]='\n'; buf[++i]='\0';
-
-			if (i != 65) end=1;
-			if (strncmp(buf,"-----END ",9) == 0)
-				break;
-			if (i > 65) break;
-			if (!BUF_MEM_grow_clean(dataB,i+bl+9))
-				{
-				PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			memcpy(&(dataB->data[bl]),buf,i);
-			dataB->data[bl+i]='\0';
-			bl+=i;
-			if (end)
-				{
-				buf[0]='\0';
-				i=BIO_gets(bp,buf,254);
-				if (i <= 0) break;
-
-				while ((i >= 0) && (buf[i] <= ' ')) i--;
-				buf[++i]='\n'; buf[++i]='\0';
-
-				break;
-				}
-			}
-		}
-	else
-		{
-		tmpB=headerB;
-		headerB=dataB;
-		dataB=tmpB;
-		bl=hl;
-		}
-	i=strlen(nameB->data);
-	if (	(strncmp(buf,"-----END ",9) != 0) ||
-		(strncmp(nameB->data,&(buf[9]),i) != 0) ||
-		(strncmp(&(buf[9+i]),"-----\n",6) != 0))
-		{
-		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
-		goto err;
-		}
-
-	EVP_DecodeInit(&ctx);
-	i=EVP_DecodeUpdate(&ctx,
-		(unsigned char *)dataB->data,&bl,
-		(unsigned char *)dataB->data,bl);
-	if (i < 0)
-		{
-		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
-		goto err;
-		}
-	i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
-	if (i < 0)
-		{
-		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
-		goto err;
-		}
-	bl+=k;
-
-	if (bl == 0) goto err;
-	*name=nameB->data;
-	*header=headerB->data;
-	*data=(unsigned char *)dataB->data;
-	*len=bl;
-	OPENSSL_free(nameB);
-	OPENSSL_free(headerB);
-	OPENSSL_free(dataB);
-	return(1);
-err:
-	BUF_MEM_free(nameB);
-	BUF_MEM_free(headerB);
-	BUF_MEM_free(dataB);
-	return(0);
-	}
diff --git a/crypto/openssl/crypto/pem/pem_oth.c b/crypto/openssl/crypto/pem/pem_oth.c
deleted file mode 100644
index 8d9064ea7c83..000000000000
--- a/crypto/openssl/crypto/pem/pem_oth.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/pem/pem_oth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-/* Handle 'other' PEMs: not private keys */
-
-char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
-	     pem_password_cb *cb, void *u)
-	{
-	unsigned char *p=NULL,*data=NULL;
-	long len;
-	char *ret=NULL;
-
-	if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u))
-		return NULL;
-	p = data;
-	ret=d2i(x,&p,len);
-	if (ret == NULL)
-		PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
-	OPENSSL_free(data);
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/pem/pem_pk8.c b/crypto/openssl/crypto/pem/pem_pk8.c
deleted file mode 100644
index db38a2a79de2..000000000000
--- a/crypto/openssl/crypto/pem/pem_pk8.c
+++ /dev/null
@@ -1,243 +0,0 @@
-/* crypto/pem/pem_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs12.h>
-#include <openssl/pem.h>
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
-				int nid, const EVP_CIPHER *enc,
-				char *kstr, int klen,
-				pem_password_cb *cb, void *u);
-static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
-				int nid, const EVP_CIPHER *enc,
-				char *kstr, int klen,
-				pem_password_cb *cb, void *u);
-
-/* These functions write a private key in PKCS#8 format: it is a "drop in"
- * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
- * is NULL then it uses the unencrypted private key form. The 'nid' versions
- * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
- */
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	X509_SIG *p8;
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	char buf[PEM_BUFSIZE];
-	int ret;
-	if(!(p8inf = EVP_PKEY2PKCS8(x))) {
-		PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
-					PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
-		return 0;
-	}
-	if(enc || (nid != -1)) {
-		if(!kstr) {
-			if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
-			else klen = cb(buf, PEM_BUFSIZE, 1, u);
-			if(klen <= 0) {
-				PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
-								PEM_R_READ_KEY);
-				PKCS8_PRIV_KEY_INFO_free(p8inf);
-				return 0;
-			}
-				
-			kstr = buf;
-		}
-		p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
-		if(kstr == buf) OPENSSL_cleanse(buf, klen);
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-		if(isder) ret = i2d_PKCS8_bio(bp, p8);
-		else ret = PEM_write_bio_PKCS8(bp, p8);
-		X509_SIG_free(p8);
-		return ret;
-	} else {
-		if(isder) ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-		else ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-		return ret;
-	}
-}
-
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
-	X509_SIG *p8 = NULL;
-	int klen;
-	EVP_PKEY *ret;
-	char psbuf[PEM_BUFSIZE];
-	p8 = d2i_PKCS8_bio(bp, NULL);
-	if(!p8) return NULL;
-	if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
-	else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
-	if (klen <= 0) {
-		PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
-		X509_SIG_free(p8);
-		return NULL;	
-	}
-	p8inf = PKCS8_decrypt(p8, psbuf, klen);
-	X509_SIG_free(p8);
-	if(!p8inf) return NULL;
-	ret = EVP_PKCS82PKEY(p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	if(!ret) return NULL;
-	if(x) {
-		if(*x) EVP_PKEY_free(*x);
-		*x = ret;
-	}
-	return ret;
-}
-
-#ifndef OPENSSL_NO_FP_API
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-			      char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u)
-{
-	BIO *bp;
-	int ret;
-	if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB);
-                return(0);
-	}
-	ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
-	BIO_free(bp);
-	return ret;
-}
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	BIO *bp;
-	EVP_PKEY *ret;
-	if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP,ERR_R_BUF_LIB);
-                return NULL;
-	}
-	ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
-	BIO_free(bp);
-	return ret;
-}
-
-#endif
-
-IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
-IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
-							 PKCS8_PRIV_KEY_INFO)
diff --git a/crypto/openssl/crypto/pem/pem_pkey.c b/crypto/openssl/crypto/pem/pem_pkey.c
deleted file mode 100644
index d96ecf694067..000000000000
--- a/crypto/openssl/crypto/pem/pem_pkey.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* crypto/pem/pem_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs12.h>
-#include <openssl/pem.h>
-
-
-EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-	{
-	char *nm=NULL;
-	unsigned char *p=NULL,*data=NULL;
-	long len;
-	EVP_PKEY *ret=NULL;
-
-	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
-		return NULL;
-	p = data;
-
-	if (strcmp(nm,PEM_STRING_RSA) == 0)
-		ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len);
-	else if (strcmp(nm,PEM_STRING_DSA) == 0)
-		ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
-	else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
-		PKCS8_PRIV_KEY_INFO *p8inf;
-		p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
-		if(!p8inf) goto p8err;
-		ret = EVP_PKCS82PKEY(p8inf);
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-	} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
-		PKCS8_PRIV_KEY_INFO *p8inf;
-		X509_SIG *p8;
-		int klen;
-		char psbuf[PEM_BUFSIZE];
-		p8 = d2i_X509_SIG(NULL, &p, len);
-		if(!p8) goto p8err;
-		if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
-		else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
-		if (klen <= 0) {
-			PEMerr(PEM_F_PEM_ASN1_READ_BIO,
-					PEM_R_BAD_PASSWORD_READ);
-			goto err;
-		}
-		p8inf = PKCS8_decrypt(p8, psbuf, klen);
-		X509_SIG_free(p8);
-		if(!p8inf) goto p8err;
-		ret = EVP_PKCS82PKEY(p8inf);
-		if(x) {
-			if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
-			*x = ret;
-		}
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-	}
-p8err:
-	if (ret == NULL)
-		PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
-err:
-	OPENSSL_free(nm);
-	OPENSSL_free(data);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-	{
-        BIO *b;
-        EVP_PKEY *ret;
-
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
-                return(0);
-		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_read_bio_PrivateKey(b,x,cb,u);
-        BIO_free(b);
-        return(ret);
-	}
-#endif
diff --git a/crypto/openssl/crypto/pem/pem_seal.c b/crypto/openssl/crypto/pem/pem_seal.c
deleted file mode 100644
index 56e08abd7053..000000000000
--- a/crypto/openssl/crypto/pem/pem_seal.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* crypto/pem/pem_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
-	     unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
-	     int npubk)
-	{
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int ret= -1;
-	int i,j,max=0;
-	char *s=NULL;
-
-	for (i=0; i<npubk; i++)
-		{
-		if (pubk[i]->type != EVP_PKEY_RSA)
-			{
-			PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
-			goto err;
-			}
-		j=RSA_size(pubk[i]->pkey.rsa);
-		if (j > max) max=j;
-		}
-	s=(char *)OPENSSL_malloc(max*2);
-	if (s == NULL)
-		{
-		PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	EVP_EncodeInit(&ctx->encode);
-
-	EVP_MD_CTX_init(&ctx->md);
-	EVP_SignInit(&ctx->md,md_type);
-
-	EVP_CIPHER_CTX_init(&ctx->cipher);
-	ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
-	if (!ret) goto err;
-
-	/* base64 encode the keys */
-	for (i=0; i<npubk; i++)
-		{
-		j=EVP_EncodeBlock((unsigned char *)s,ek[i],
-			RSA_size(pubk[i]->pkey.rsa));
-		ekl[i]=j;
-		memcpy(ek[i],s,j+1);
-		}
-
-	ret=npubk;
-err:
-	if (s != NULL) OPENSSL_free(s);
-	OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
-	return(ret);
-	}
-
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-	     unsigned char *in, int inl)
-	{
-	unsigned char buffer[1600];
-	int i,j;
-
-	*outl=0;
-	EVP_SignUpdate(&ctx->md,in,inl);
-	for (;;)
-		{
-		if (inl <= 0) break;
-		if (inl > 1200)
-			i=1200;
-		else
-			i=inl;
-		EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
-		EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
-		*outl+=j;
-		out+=j;
-		in+=i;
-		inl-=i;
-		}
-	}
-
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-	     unsigned char *out, int *outl, EVP_PKEY *priv)
-	{
-	unsigned char *s=NULL;
-	int ret=0,j;
-	unsigned int i;
-
-	if (priv->type != EVP_PKEY_RSA)
-		{
-		PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
-		goto err;
-		}
-	i=RSA_size(priv->pkey.rsa);
-	if (i < 100) i=100;
-	s=(unsigned char *)OPENSSL_malloc(i*2);
-	if (s == NULL)
-		{
-		PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
-	EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
-	*outl=j;
-	out+=j;
-	EVP_EncodeFinal(&ctx->encode,out,&j);
-	*outl+=j;
-
-	if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err;
-	*sigl=EVP_EncodeBlock(sig,s,i);
-
-	ret=1;
-err:
-	EVP_MD_CTX_cleanup(&ctx->md);
-	EVP_CIPHER_CTX_cleanup(&ctx->cipher);
-	if (s != NULL) OPENSSL_free(s);
-	return(ret);
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/crypto/pem/pem_sign.c b/crypto/openssl/crypto/pem/pem_sign.c
deleted file mode 100644
index c3b9808cb204..000000000000
--- a/crypto/openssl/crypto/pem/pem_sign.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* crypto/pem/pem_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
-	{
-	EVP_DigestInit_ex(ctx, type, NULL);
-	}
-
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
-	     unsigned int count)
-	{
-	EVP_DigestUpdate(ctx,data,count);
-	}
-
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
-	     EVP_PKEY *pkey)
-	{
-	unsigned char *m;
-	int i,ret=0;
-	unsigned int m_len;
-
-	m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2);
-	if (m == NULL)
-		{
-		PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
-
-	i=EVP_EncodeBlock(sigret,m,m_len);
-	*siglen=i;
-	ret=1;
-err:
-	/* ctx has been zeroed by EVP_SignFinal() */
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/pem/pem_x509.c b/crypto/openssl/crypto/pem/pem_x509.c
deleted file mode 100644
index 19f88d8d3a60..000000000000
--- a/crypto/openssl/crypto/pem/pem_x509.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* pem_x509.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
-
diff --git a/crypto/openssl/crypto/pem/pem_xaux.c b/crypto/openssl/crypto/pem/pem_xaux.c
deleted file mode 100644
index 2f579b542130..000000000000
--- a/crypto/openssl/crypto/pem/pem_xaux.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* pem_xaux.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
diff --git a/crypto/openssl/crypto/pem/pkcs7.lis b/crypto/openssl/crypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f5b..000000000000
--- a/crypto/openssl/crypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
-21     0:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
- 00     2:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
- 21    13:d=0 hl=2 l=  0 cons: cont: 00			# explicit tag
-  21    15:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-   00    17:d=0 hl=2 l=  1 prim: univ: INTEGER          # version 
-   20    20:d=0 hl=2 l=  0 cons: univ: SET               
-   21    22:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-    00    24:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
-    00    35:d=0 hl=2 l=  0 prim: univ: EOC               
-   21    37:d=0 hl=2 l=  0 cons: cont: 00               # cert tag
-    20    39:d=0 hl=4 l=545 cons: univ: SEQUENCE          
-    20   588:d=0 hl=4 l=524 cons: univ: SEQUENCE          
-    00  1116:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  1118:d=0 hl=2 l=  0 cons: cont: 01		# crl tag
-    20  1120:d=0 hl=4 l=653 cons: univ: SEQUENCE          
-    20  1777:d=0 hl=4 l=285 cons: univ: SEQUENCE          
-    00  2066:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  2068:d=0 hl=2 l=  0 cons: univ: SET              # signers 
-    00  2070:d=0 hl=2 l=  0 prim: univ: EOC               
-  00  2072:d=0 hl=2 l=  0 prim: univ: EOC               
- 00  2074:d=0 hl=2 l=  0 prim: univ: EOC               
-00  2076:d=0 hl=2 l=  0 prim: univ: EOC               
diff --git a/crypto/openssl/crypto/perlasm/alpha.pl b/crypto/openssl/crypto/perlasm/alpha.pl
deleted file mode 100644
index 3dac571743c4..000000000000
--- a/crypto/openssl/crypto/perlasm/alpha.pl
+++ /dev/null
@@ -1,434 +0,0 @@
-#!/usr/local/bin/perl
-
-package alpha;
-use Carp qw(croak cluck);
-
-$label="100";
-
-$n_debug=0;
-$smear_regs=1;
-$reg_alloc=1;
-
-$align="3";
-$com_start="#";
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels,@_); }
-
-# General registers
-
-%regs=(	'r0',	'$0',
-	'r1',	'$1',
-	'r2',	'$2',
-	'r3',	'$3',
-	'r4',	'$4',
-	'r5',	'$5',
-	'r6',	'$6',
-	'r7',	'$7',
-	'r8',	'$8',
-	'r9',	'$22',
-	'r10',	'$23',
-	'r11',	'$24',
-	'r12',	'$25',
-	'r13',	'$27',
-	'r14',	'$28',
-	'r15',	'$21', # argc == 5
-	'r16',	'$20', # argc == 4
-	'r17',	'$19', # argc == 3
-	'r18',	'$18', # argc == 2
-	'r19',	'$17', # argc == 1
-	'r20',	'$16', # argc == 0
-	'r21',	'$9',  # save 0
-	'r22',	'$10', # save 1
-	'r23',	'$11', # save 2
-	'r24',	'$12', # save 3
-	'r25',	'$13', # save 4
-	'r26',	'$14', # save 5
-
-	'a0',	'$16',
-	'a1',	'$17',
-	'a2',	'$18',
-	'a3',	'$19',
-	'a4',	'$20',
-	'a5',	'$21',
-
-	's0',	'$9',
-	's1',	'$10',
-	's2',	'$11',
-	's3',	'$12',
-	's4',	'$13',
-	's5',	'$14',
-	'zero',	'$31',
-	'sp',	'$30',
-	);
-
-$main'reg_s0="r21";
-$main'reg_s1="r22";
-$main'reg_s2="r23";
-$main'reg_s3="r24";
-$main'reg_s4="r25";
-$main'reg_s5="r26";
-
-@reg=(  '$0', '$1' ,'$2' ,'$3' ,'$4' ,'$5' ,'$6' ,'$7' ,'$8',
-	'$22','$23','$24','$25','$20','$21','$27','$28');
-
-
-sub main'sub	{ &out3("subq",@_); }
-sub main'add	{ &out3("addq",@_); }
-sub main'mov	{ &out3("bis",$_[0],$_[0],$_[1]); }
-sub main'or	{ &out3("bis",@_); }
-sub main'bis	{ &out3("bis",@_); }
-sub main'br	{ &out1("br",@_); }
-sub main'ld	{ &out2("ldq",@_); }
-sub main'st	{ &out2("stq",@_); }
-sub main'cmpult	{ &out3("cmpult",@_); }
-sub main'cmplt	{ &out3("cmplt",@_); }
-sub main'bgt	{ &out2("bgt",@_); }
-sub main'ble	{ &out2("ble",@_); }
-sub main'blt	{ &out2("blt",@_); }
-sub main'mul	{ &out3("mulq",@_); }
-sub main'muh	{ &out3("umulh",@_); }
-
-$main'QWS=8;
-
-sub main'asm_add
-	{
-	push(@out,@_);
-	}
-
-sub main'asm_finish
-	{
-	&main'file_end();
-	print &main'asm_get_output();
-	}
-
-sub main'asm_init
-	{
-	($type,$fn)=@_;
-	$filename=$fn;
-
-	&main'asm_init_output();
-	&main'comment("Don't even think of reading this code");
-	&main'comment("It was automatically generated by $filename");
-	&main'comment("Which is a perl program used to generate the alpha assember.");
-	&main'comment("eric <eay\@cryptsoft.com>");
-	&main'comment("");
-
-	$filename =~ s/\.pl$//;
-	&main'file($filename);
-	}
-
-sub conv
-	{
-	local($r)=@_;
-	local($v);
-
-	return($regs{$r}) if defined($regs{$r});
-	return($r);
-	}
-
-sub main'QWPw
-	{
-	local($off,$reg)=@_;
-
-	return(&main'QWP($off*8,$reg));
-	}
-
-sub main'QWP
-	{
-	local($off,$reg)=@_;
-
-	$ret="$off(".&conv($reg).")";
-	return($ret);
-	}
-
-sub out3
-	{
-	local($name,$p1,$p2,$p3)=@_;
-
-	$p1=&conv($p1);
-	$p2=&conv($p2);
-	$p3=&conv($p3);
-	push(@out,"\t$name\t");
-	$l=length($p1)+1;
-	push(@out,$p1.",");
-	$ll=3-($l+9)/8;
-	$tmp1=sprintf("\t" x $ll);
-	push(@out,$tmp1);
-
-	$l=length($p2)+1;
-	push(@out,$p2.",");
-	$ll=3-($l+9)/8;
-	$tmp1=sprintf("\t" x $ll);
-	push(@out,$tmp1);
-
-	push(@out,&conv($p3)."\n");
-	}
-
-sub out2
-	{
-	local($name,$p1,$p2,$p3)=@_;
-
-	$p1=&conv($p1);
-	$p2=&conv($p2);
-	push(@out,"\t$name\t");
-	$l=length($p1)+1;
-	push(@out,$p1.",");
-	$ll=3-($l+9)/8;
-	$tmp1=sprintf("\t" x $ll);
-	push(@out,$tmp1);
-
-	push(@out,&conv($p2)."\n");
-	}
-
-sub out1
-	{
-	local($name,$p1)=@_;
-
-	$p1=&conv($p1);
-	push(@out,"\t$name\t".$p1."\n");
-	}
-
-sub out0
-	{
-	push(@out,"\t$_[0]\n");
-	}
-
-sub main'file
-	{
-	local($file)=@_;
-
-	local($tmp)=<<"EOF";
- # DEC Alpha assember
- # Generated from perl scripts contains in SSLeay
-	.file	1 "$file.s"
-	.set noat
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_begin
-	{
-	local($func)=@_;
-
-print STDERR "$func\n";
-	local($tmp)=<<"EOF";
-	.text
-	.align $align
-	.globl $func
-	.ent $func
-${func}:
-${func}..ng:
-	.frame \$30,0,\$26,0
-	.prologue 0
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	}
-
-sub main'function_end
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	ret	\$31,(\$26),1
-	.end $func
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	ret	\$31,(\$26),1
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_end_B
-	{
-	local($func)=@_;
-
-	$func=$under.$func;
-
-	push(@out,"\t.end $func\n");
-	$stack=0;
-	%label=();
-	}
-
-sub main'wparam
-	{
-	local($num)=@_;
-
-	if ($num < 6)
-		{
-		$num=20-$num;
-		return("r$num");
-		}
-	else
-		{ return(&main'QWP($stack+$num*8,"sp")); }
-	}
-
-sub main'stack_push
-	{
-	local($num)=@_;
-	$stack+=$num*8;
-	&main'sub("sp",$num*8,"sp");
-	}
-
-sub main'stack_pop
-	{
-	local($num)=@_;
-	$stack-=$num*8;
-	&main'add("sp",$num*8,"sp");
-	}
-
-sub main'swtmp
-	{
-	return(&main'QWP(($_[0])*8,"sp"));
-	}
-
-# Should use swtmp, which is above sp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	local($num)=@_;
-#
-#	return(&main'QWP(-($num+1)*4,"esp","",0));
-#	}
-
-sub main'comment
-	{
-	foreach (@_)
-		{
-		if (/^\s*$/)
-			{ push(@out,"\n"); }
-		else
-			{ push(@out,"\t$com_start $_ $com_end\n"); }
-		}
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}=$label;
-		$label++;
-		}
-	return('$'.$label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}=$label;
-		$label++;
-		}
-#	push(@out,".align $align\n") if ($_[1] != 0);
-	push(@out,'$'."$label{$_[0]}:\n");
-	}
-
-sub main'file_end
-	{
-	}
-
-sub main'data_word
-	{
-	push(@out,"\t.long $_[0]\n");
-	}
-
-@pool_free=();
-@pool_taken=();
-$curr_num=0;
-$max=0;
-
-sub main'init_pool
-	{
-	local($args)=@_;
-	local($i);
-
-	@pool_free=();
-	for ($i=(14+(6-$args)); $i >= 0; $i--)
-		{
-		push(@pool_free,"r$i");
-		}
-	print STDERR "START :register pool:@pool_free\n";
-	$curr_num=$max=0;
-	}
-
-sub main'fin_pool
-	{
-	printf STDERR "END %2d:register pool:@pool_free\n",$max;
-	}
-
-sub main'GR
-	{
-	local($r)=@_;
-	local($i,@n,$_);
-
-	foreach (@pool_free)
-		{
-		if ($r ne $_)
-			{ push(@n,$_); }
-		else
-			{
-			$curr_num++;
-			$max=$curr_num if ($curr_num > $max);
-			}
-		}
-	@pool_free=@n;
-print STDERR "GR:@pool_free\n" if $reg_alloc;
-	return(@_);
-	}
-
-sub main'NR
-	{
-	local($num)=@_;
-	local(@ret);
-
-	$num=1 if $num == 0;
-	($#pool_free >= ($num-1)) || croak "out of registers: want $num, have @pool_free";
-	while ($num > 0)
-		{
-		push(@ret,pop @pool_free);
-		$curr_num++;
-		$max=$curr_num if ($curr_num > $max);
-		$num--
-		}
-	print STDERR "nr @ret\n" if $n_debug;
-print STDERR "NR:@pool_free\n" if $reg_alloc;
-	return(@ret);
-
-	}
-
-sub main'FR
-	{
-	local(@r)=@_;
-	local(@a,$v,$w);
-
-	print STDERR "fr @r\n" if $n_debug;
-#	cluck "fr @r";
-	for $w (@pool_free)
-		{
-		foreach $v (@r)
-			{
-			croak "double register free of $v (@pool_free)" if $w eq $v;
-			}
-		}
-	foreach $v (@r)
-		{
-		croak "bad argument to FR" if ($v !~ /^r\d+$/);
-		if ($smear_regs)
-			{ unshift(@pool_free,$v); }
-		else	{ push(@pool_free,$v); }
-		$curr_num--;
-		}
-print STDERR "FR:@pool_free\n" if $reg_alloc;
-	}
-1;
diff --git a/crypto/openssl/crypto/perlasm/cbc.pl b/crypto/openssl/crypto/perlasm/cbc.pl
deleted file mode 100644
index 22149c680ec3..000000000000
--- a/crypto/openssl/crypto/perlasm/cbc.pl
+++ /dev/null
@@ -1,349 +0,0 @@
-#!/usr/local/bin/perl
-
-# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-# des_cblock (*input);
-# des_cblock (*output);
-# long length;
-# des_key_schedule schedule;
-# des_cblock (*ivec);
-# int enc;
-#
-# calls 
-# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-#
-
-#&cbc("des_ncbc_encrypt","des_encrypt",0);
-#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
-#	1,4,5,3,5,-1);
-#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
-#	0,4,5,3,5,-1);
-#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
-#	0,6,7,3,4,5);
-#
-# When doing a cipher that needs bigendian order,
-# for encrypt, the iv is kept in bigendian form,
-# while for decrypt, it is kept in little endian.
-sub cbc
-	{
-	local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
-	# name is the function name
-	# enc_func and dec_func and the functions to call for encrypt/decrypt
-	# swap is true if byte order needs to be reversed
-	# iv_off is parameter number for the iv 
-	# enc_off is parameter number for the encrypt/decrypt flag
-	# p1,p2,p3 are the offsets for parameters to be passed to the
-	# underlying calls.
-
-	&function_begin_B($name,"");
-	&comment("");
-
-	$in="esi";
-	$out="edi";
-	$count="ebp";
-
-	&push("ebp");
-	&push("ebx");
-	&push("esi");
-	&push("edi");
-
-	$data_off=4;
-	$data_off+=4 if ($p1 > 0);
-	$data_off+=4 if ($p2 > 0);
-	$data_off+=4 if ($p3 > 0);
-
-	&mov($count,	&wparam(2));	# length
-
-	&comment("getting iv ptr from parameter $iv_off");
-	&mov("ebx",	&wparam($iv_off));	# Get iv ptr
-
-	&mov($in,	&DWP(0,"ebx","",0));#	iv[0]
-	&mov($out,	&DWP(4,"ebx","",0));#	iv[1]
-
-	&push($out);
-	&push($in);
-	&push($out);	# used in decrypt for iv[1]
-	&push($in);	# used in decrypt for iv[0]
-
-	&mov("ebx",	"esp");		# This is the address of tin[2]
-
-	&mov($in,	&wparam(0));	# in
-	&mov($out,	&wparam(1));	# out
-
-	# We have loaded them all, how lets push things
-	&comment("getting encrypt flag from parameter $enc_off");
-	&mov("ecx",	&wparam($enc_off));	# Get enc flag
-	if ($p3 > 0)
-		{
-		&comment("get and push parameter $p3");
-		if ($enc_off != $p3)
-			{ &mov("eax",	&wparam($p3)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	if ($p2 > 0)
-		{
-		&comment("get and push parameter $p2");
-		if ($enc_off != $p2)
-			{ &mov("eax",	&wparam($p2)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	if ($p1 > 0)
-		{
-		&comment("get and push parameter $p1");
-		if ($enc_off != $p1)
-			{ &mov("eax",	&wparam($p1)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	&push("ebx");		# push data/iv
-
-	&cmp("ecx",0);
-	&jz(&label("decrypt"));
-
-	&and($count,0xfffffff8);
-	&mov("eax",	&DWP($data_off,"esp","",0));	# load iv[0]
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	# load iv[1]
-
-	&jz(&label("encrypt_finish"));
-
-	#############################################################
-
-	&set_label("encrypt_loop");
-	# encrypt start 
-	# "eax" and "ebx" hold iv (or the last cipher text)
-
-	&mov("ecx",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("edx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&xor("eax",	"ecx");
-	&xor("ebx",	"edx");
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($enc_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP(0,$out,"",0),"eax");
-	&mov(&DWP(4,$out,"",0),"ebx");
-
-	# eax and ebx are the next iv.
-
-	&add($in,	8);
-	&add($out,	8);
-
-	&sub($count,	8);
-	&jnz(&label("encrypt_loop"));
-
-###################################################################3
-	&set_label("encrypt_finish");
-	&mov($count,	&wparam(2));	# length
-	&and($count,	7);
-	&jz(&label("finish"));
-	&call(&label("PIC_point"));
-&set_label("PIC_point");
-	&blindpop("edx");
-	&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
-	&mov($count,&DWP(0,"ecx",$count,4))
-	&add($count,"edx");
-	&xor("ecx","ecx");
-	&xor("edx","edx");
-	#&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
-	&jmp_ptr($count);
-
-&set_label("ej7");
-	&xor("edx",		"edx") if $ppro; # ppro friendly
-	&movb(&HB("edx"),	&BP(6,$in,"",0));
-	&shl("edx",8);
-&set_label("ej6");
-	&movb(&HB("edx"),	&BP(5,$in,"",0));
-&set_label("ej5");
-	&movb(&LB("edx"),	&BP(4,$in,"",0));
-&set_label("ej4");
-	&mov("ecx",		&DWP(0,$in,"",0));
-	&jmp(&label("ejend"));
-&set_label("ej3");
-	&movb(&HB("ecx"),	&BP(2,$in,"",0));
-	&xor("ecx",		"ecx") if $ppro; # ppro friendly
-	&shl("ecx",8);
-&set_label("ej2");
-	&movb(&HB("ecx"),	&BP(1,$in,"",0));
-&set_label("ej1");
-	&movb(&LB("ecx"),	&BP(0,$in,"",0));
-&set_label("ejend");
-
-	&xor("eax",	"ecx");
-	&xor("ebx",	"edx");
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($enc_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP(0,$out,"",0),"eax");
-	&mov(&DWP(4,$out,"",0),"ebx");
-
-	&jmp(&label("finish"));
-
-	#############################################################
-	#############################################################
-	&set_label("decrypt",1);
-	# decrypt start 
-	&and($count,0xfffffff8);
-	# The next 2 instructions are only for if the jz is taken
-	&mov("eax",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("ebx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-	&jz(&label("decrypt_finish"));
-
-	&set_label("decrypt_loop");
-	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($dec_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-
-	&xor("ecx",	"eax");
-	&xor("edx",	"ebx");
-
-	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
-	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
-
-	&mov(&DWP(0,$out,"",0),"ecx");
-	&mov(&DWP(4,$out,"",0),"edx");
-
-	&mov(&DWP($data_off+8,"esp","",0),	"eax");	# save iv
-	&mov(&DWP($data_off+12,"esp","",0),	"ebx");	#
-
-	&add($in,	8);
-	&add($out,	8);
-
-	&sub($count,	8);
-	&jnz(&label("decrypt_loop"));
-############################ ENDIT #######################3
-	&set_label("decrypt_finish");
-	&mov($count,	&wparam(2));	# length
-	&and($count,	7);
-	&jz(&label("finish"));
-
-	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($dec_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-
-	&xor("ecx",	"eax");
-	&xor("edx",	"ebx");
-
-	# this is for when we exit
-	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
-	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
-
-&set_label("dj7");
-	&rotr("edx",	16);
-	&movb(&BP(6,$out,"",0),	&LB("edx"));
-	&shr("edx",16);
-&set_label("dj6");
-	&movb(&BP(5,$out,"",0),	&HB("edx"));
-&set_label("dj5");
-	&movb(&BP(4,$out,"",0),	&LB("edx"));
-&set_label("dj4");
-	&mov(&DWP(0,$out,"",0),	"ecx");
-	&jmp(&label("djend"));
-&set_label("dj3");
-	&rotr("ecx",	16);
-	&movb(&BP(2,$out,"",0),	&LB("ecx"));
-	&shl("ecx",16);
-&set_label("dj2");
-	&movb(&BP(1,$in,"",0),	&HB("ecx"));
-&set_label("dj1");
-	&movb(&BP(0,$in,"",0),	&LB("ecx"));
-&set_label("djend");
-
-	# final iv is still in eax:ebx
-	&jmp(&label("finish"));
-
-
-############################ FINISH #######################3
-	&set_label("finish",1);
-	&mov("ecx",	&wparam($iv_off));	# Get iv ptr
-
-	#################################################
-	$total=16+4;
-	$total+=4 if ($p1 > 0);
-	$total+=4 if ($p2 > 0);
-	$total+=4 if ($p3 > 0);
-	&add("esp",$total);
-
-	&mov(&DWP(0,"ecx","",0),	"eax");	# save iv
-	&mov(&DWP(4,"ecx","",0),	"ebx");	# save iv
-
-	&function_end_A($name);
-
-	&set_label("cbc_enc_jmp_table",1);
-	&data_word("0");
-	&data_word(&label("ej1")."-".&label("PIC_point"));
-	&data_word(&label("ej2")."-".&label("PIC_point"));
-	&data_word(&label("ej3")."-".&label("PIC_point"));
-	&data_word(&label("ej4")."-".&label("PIC_point"));
-	&data_word(&label("ej5")."-".&label("PIC_point"));
-	&data_word(&label("ej6")."-".&label("PIC_point"));
-	&data_word(&label("ej7")."-".&label("PIC_point"));
-	# not used
-	#&set_label("cbc_dec_jmp_table",1);
-	#&data_word("0");
-	#&data_word(&label("dj1")."-".&label("PIC_point"));
-	#&data_word(&label("dj2")."-".&label("PIC_point"));
-	#&data_word(&label("dj3")."-".&label("PIC_point"));
-	#&data_word(&label("dj4")."-".&label("PIC_point"));
-	#&data_word(&label("dj5")."-".&label("PIC_point"));
-	#&data_word(&label("dj6")."-".&label("PIC_point"));
-	#&data_word(&label("dj7")."-".&label("PIC_point"));
-
-	&function_end_B($name);
-	
-	}
-
-1;
diff --git a/crypto/openssl/crypto/perlasm/readme b/crypto/openssl/crypto/perlasm/readme
deleted file mode 100644
index f02bbee75a1b..000000000000
--- a/crypto/openssl/crypto/perlasm/readme
+++ /dev/null
@@ -1,124 +0,0 @@
-The perl scripts in this directory are my 'hack' to generate
-multiple different assembler formats via the one origional script.
-
-The way to use this library is to start with adding the path to this directory
-and then include it.
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-The first thing we do is setup the file and type of assember
-
-&asm_init($ARGV[0],$0);
-
-The first argument is the 'type'.  Currently
-'cpp', 'sol', 'a.out', 'elf' or 'win32'.
-Argument 2 is the file name.
-
-The reciprocal function is
-&asm_finish() which should be called at the end.
-
-There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
-and x86unix.pl which is the unix (gas) version.
-
-Functions of interest are:
-&external_label("des_SPtrans");	declare and external variable
-&LB(reg);			Low byte for a register
-&HB(reg);			High byte for a register
-&BP(off,base,index,scale)	Byte pointer addressing
-&DWP(off,base,index,scale)	Word pointer addressing
-&stack_push(num)		Basically a 'sub esp, num*4' with extra
-&stack_pop(num)			inverse of stack_push
-&function_begin(name,extra)	Start a function with pushing of
-				edi, esi, ebx and ebp.  extra is extra win32
-				external info that may be required.
-&function_begin_B(name,extra)	Same as norma function_begin but no pushing.
-&function_end(name)		Call at end of function.
-&function_end_A(name)		Standard pop and ret, for use inside functions
-&function_end_B(name)		Call at end but with poping or 'ret'.
-&swtmp(num)			Address on stack temp word.
-&wparam(num)			Parameter number num, that was push
-				in C convention.  This all works over pushes
-				and pops.
-&comment("hello there")		Put in a comment.
-&label("loop")			Refer to a label, normally a jmp target.
-&set_label("loop")		Set a label at this point.
-&data_word(word)		Put in a word of data.
-
-So how does this all hold together?  Given
-
-int calc(int len, int *data)
-	{
-	int i,j=0;
-
-	for (i=0; i<len; i++)
-		{
-		j+=other(data[i]);
-		}
-	}
-
-So a very simple version of this function could be coded as
-
-	push(@INC,"perlasm","../../perlasm");
-	require "x86asm.pl";
-	
-	&asm_init($ARGV[0],"cacl.pl");
-
-	&external_label("other");
-
-	$tmp1=	"eax";
-	$j=	"edi";
-	$data=	"esi";
-	$i=	"ebp";
-
-	&comment("a simple function");
-	&function_begin("calc");
-	&mov(	$data,		&wparam(1)); # data
-	&xor(	$j,		$j);
-	&xor(	$i,		$i);
-
-	&set_label("loop");
-	&cmp(	$i,		&wparam(0));
-	&jge(	&label("end"));
-
-	&mov(	$tmp1,		&DWP(0,$data,$i,4));
-	&push(	$tmp1);
-	&call(	"other");
-	&add(	$j,		"eax");
-	&pop(	$tmp1);
-	&inc(	$i);
-	&jmp(	&label("loop"));
-
-	&set_label("end");
-	&mov(	"eax",		$j);
-
-	&function_end("calc");
-
-	&asm_finish();
-
-The above example is very very unoptimised but gives an idea of how
-things work.
-
-There is also a cbc mode function generator in cbc.pl
-
-&cbc(	$name,
-	$encrypt_function_name,
-	$decrypt_function_name,
-	$true_if_byte_swap_needed,
-	$parameter_number_for_iv,
-	$parameter_number_for_encrypt_flag,
-	$first_parameter_to_pass,
-	$second_parameter_to_pass,
-	$third_parameter_to_pass);
-
-So for example, given
-void BF_encrypt(BF_LONG *data,BF_KEY *key);
-void BF_decrypt(BF_LONG *data,BF_KEY *key);
-void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
-        BF_KEY *ks, unsigned char *iv, int enc);
-
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
-
-&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-
diff --git a/crypto/openssl/crypto/perlasm/x86asm.pl b/crypto/openssl/crypto/perlasm/x86asm.pl
deleted file mode 100644
index 1cb96e914ab6..000000000000
--- a/crypto/openssl/crypto/perlasm/x86asm.pl
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/usr/local/bin/perl
-
-# require 'x86asm.pl';
-# &asm_init("cpp","des-586.pl");
-# XXX
-# XXX
-# main'asm_finish
-
-sub main'asm_finish
-	{
-	&file_end();
-	&asm_finish_cpp() if $cpp;
-	print &asm_get_output();
-	}
-
-sub main'asm_init
-	{
-	($type,$fn,$i386)=@_;
-	$filename=$fn;
-
-	$elf=$cpp=$sol=$aout=$win32=$gaswin=0;
-	if (	($type eq "elf"))
-		{ $elf=1; require "x86unix.pl"; }
-	elsif (	($type eq "a.out"))
-		{ $aout=1; require "x86unix.pl"; }
-	elsif (	($type eq "gaswin"))
-		{ $gaswin=1; $aout=1; require "x86unix.pl"; }
-	elsif (	($type eq "sol"))
-		{ $sol=1; require "x86unix.pl"; }
-	elsif (	($type eq "cpp"))
-		{ $cpp=1; require "x86unix.pl"; }
-	elsif (	($type eq "win32"))
-		{ $win32=1; require "x86ms.pl"; }
-	elsif (	($type eq "win32n"))
-		{ $win32=1; require "x86nasm.pl"; }
-	else
-		{
-		print STDERR <<"EOF";
-Pick one target type from
-	elf	- linux, FreeBSD etc
-	a.out	- old linux
-	sol	- x86 solaris
-	cpp	- format so x86unix.cpp can be used
-	win32	- Windows 95/Windows NT
-	win32n	- Windows 95/Windows NT NASM format
-EOF
-		exit(1);
-		}
-
-	$pic=0;
-	for (@ARGV) {	$pic=1 if (/\-[fK]PIC/i);	}
-
-	&asm_init_output();
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $filename");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
-	$filename =~ s/\.pl$//;
-	&file($filename);
-	}
-
-sub asm_finish_cpp
-	{
-	return unless $cpp;
-
-	local($tmp,$i);
-	foreach $i (&get_labels())
-		{
-		$tmp.="#define $i _$i\n";
-		}
-	print <<"EOF";
-/* Run the C pre-processor over this file with one of the following defined
- * ELF - elf object files,
- * OUT - a.out object files,
- * BSDI - BSDI style a.out object files
- * SOL - Solaris style elf
- */
-
-#define TYPE(a,b)       .type   a,b
-#define SIZE(a,b)       .size   a,b
-
-#if defined(OUT) || (defined(BSDI) && !defined(ELF))
-$tmp
-#endif
-
-#ifdef OUT
-#define OK	1
-#define ALIGN	4
-#if defined(__CYGWIN__) || defined(__DJGPP__)
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)	.def a; .scl 2; .type 32; .endef
-#endif /* __CYGWIN || __DJGPP */
-#endif
-
-#if defined(BSDI) && !defined(ELF)
-#define OK              1
-#define ALIGN           4
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)
-#endif
-
-#if defined(ELF) || defined(SOL)
-#define OK              1
-#define ALIGN           16
-#endif
-
-#ifndef OK
-You need to define one of
-ELF - elf systems - linux-elf, NetBSD and DG-UX
-OUT - a.out systems - linux-a.out and FreeBSD
-SOL - solaris systems, which are elf with strange comment lines
-BSDI - a.out with a very primative version of as.
-#endif
-
-/* Let the Assembler begin :-) */
-EOF
-	}
-
-1;
diff --git a/crypto/openssl/crypto/perlasm/x86ms.pl b/crypto/openssl/crypto/perlasm/x86ms.pl
deleted file mode 100644
index 35f1a4ddb931..000000000000
--- a/crypto/openssl/crypto/perlasm/x86ms.pl
+++ /dev/null
@@ -1,376 +0,0 @@
-#!/usr/local/bin/perl
-
-package x86ms;
-
-$label="L000";
-
-%lb=(	'eax',	'al',
-	'ebx',	'bl',
-	'ecx',	'cl',
-	'edx',	'dl',
-	'ax',	'al',
-	'bx',	'bl',
-	'cx',	'cl',
-	'dx',	'dl',
-	);
-
-%hb=(	'eax',	'ah',
-	'ebx',	'bh',
-	'ecx',	'ch',
-	'edx',	'dh',
-	'ax',	'ah',
-	'bx',	'bh',
-	'cx',	'ch',
-	'dx',	'dh',
-	);
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels,@_); }
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'BP
-	{
-	&get_mem("BYTE",@_);
-	}
-
-sub main'DWP
-	{
-	&get_mem("DWORD",@_);
-	}
-
-sub main'BC
-	{
-	return @_;
-	}
-
-sub main'DWC
-	{
-	return @_;
-	}
-
-sub main'stack_push
-	{
-	local($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	local($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
-
-sub get_mem
-	{
-	local($size,$addr,$reg1,$reg2,$idx)=@_;
-	local($t,$post);
-	local($ret)="$size PTR ";
-
-	$addr =~ s/^\s+//;
-	if ($addr =~ /^(.+)\+(.+)$/)
-		{
-		$reg2=&conv($1);
-		$addr="_$2";
-		}
-	elsif ($addr =~ /^[_a-zA-Z]/)
-		{
-		$addr="_$addr";
-		}
-
-	if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
-
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	if (($addr ne "") && ($addr ne 0))
-		{
-		if ($addr !~ /^-/)
-			{ $ret.=$addr; }
-		else	{ $post=$addr; }
-		}
-	if ($reg2 ne "")
-		{
-		$t="";
-		$t="*$idx" if ($idx != 0);
-		$reg1="+".$reg1 if ("$reg1$post" ne "");
-		$ret.="[$reg2$t$reg1$post]";
-		}
-	else
-		{
-		$ret.="[$reg1$post]"
-		}
-	$ret =~ s/\[\]//;	# in case $addr was the only argument
-	return($ret);
-	}
-
-sub main'mov	{ &out2("mov",@_); }
-sub main'movb	{ &out2("mov",@_); }
-sub main'and	{ &out2("and",@_); }
-sub main'or	{ &out2("or",@_); }
-sub main'shl	{ &out2("shl",@_); }
-sub main'shr	{ &out2("shr",@_); }
-sub main'xor	{ &out2("xor",@_); }
-sub main'xorb	{ &out2("xor",@_); }
-sub main'add	{ &out2("add",@_); }
-sub main'adc	{ &out2("adc",@_); }
-sub main'sub	{ &out2("sub",@_); }
-sub main'rotl	{ &out2("rol",@_); }
-sub main'rotr	{ &out2("ror",@_); }
-sub main'exch	{ &out2("xchg",@_); }
-sub main'cmp	{ &out2("cmp",@_); }
-sub main'lea	{ &out2("lea",@_); }
-sub main'mul	{ &out1("mul",@_); }
-sub main'div	{ &out1("div",@_); }
-sub main'dec	{ &out1("dec",@_); }
-sub main'inc	{ &out1("inc",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-sub main'je	{ &out1("je",@_); }
-sub main'jle	{ &out1("jle",@_); }
-sub main'jz	{ &out1("jz",@_); }
-sub main'jge	{ &out1("jge",@_); }
-sub main'jl	{ &out1("jl",@_); }
-sub main'jb	{ &out1("jb",@_); }
-sub main'jc	{ &out1("jc",@_); }
-sub main'jnc	{ &out1("jnc",@_); }
-sub main'jnz	{ &out1("jnz",@_); }
-sub main'jne	{ &out1("jne",@_); }
-sub main'jno	{ &out1("jno",@_); }
-sub main'push	{ &out1("push",@_); $stack+=4; }
-sub main'pop	{ &out1("pop",@_); $stack-=4; }
-sub main'bswap	{ &out1("bswap",@_); &using486(); }
-sub main'not	{ &out1("not",@_); }
-sub main'call	{ &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); }
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-
-sub out2
-	{
-	local($name,$p1,$p2)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t");
-	$t=&conv($p1).",";
-	$l=length($t);
-	push(@out,$t);
-	$l=4-($l+9)/8;
-	push(@out,"\t" x $l);
-	push(@out,&conv($p2));
-	push(@out,"\n");
-	}
-
-sub out0
-	{
-	local($name)=@_;
-
-	push(@out,"\t$name\n");
-	}
-
-sub out1
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub conv
-	{
-	local($p)=@_;
-
-	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-	return $p;
-	}
-
-sub using486
-	{
-	return if $using486;
-	$using486++;
-	grep(s/\.386/\.486/,@out);
-	}
-
-sub main'file
-	{
-	local($file)=@_;
-
-	local($tmp)=<<"EOF";
-	TITLE	$file.asm
-        .386
-.model FLAT
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_begin
-	{
-	local($func,$extra)=@_;
-
-	push(@labels,$func);
-
-	local($tmp)=<<"EOF";
-_TEXT	SEGMENT
-PUBLIC	_$func
-$extra
-_$func PROC NEAR
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	local($func,$extra)=@_;
-
-	local($tmp)=<<"EOF";
-_TEXT	SEGMENT
-PUBLIC	_$func
-$extra
-_$func PROC NEAR
-EOF
-	push(@out,$tmp);
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_$func ENDP
-_TEXT	ENDS
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_B
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-_$func ENDP
-_TEXT	ENDS
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'file_end
-	{
-	push(@out,"END\n");
-	}
-
-sub main'wparam
-	{
-	local($num)=@_;
-
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
-
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
-
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	local($num)=@_;
-#
-#	return(&main'DWP(-(($num+1)*4),"esp","",0));
-#	}
-
-sub main'comment
-	{
-	foreach (@_)
-		{
-		push(@out,"\t; $_\n");
-		}
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	if((defined $_[2]) && ($_[2] == 1))
-		{
-		push(@out,"$label{$_[0]}::\n");
-		}
-	else
-		{
-		push(@out,"$label{$_[0]}:\n");
-		}
-	}
-
-sub main'data_word
-	{
-	push(@out,"\tDD\t$_[0]\n");
-	}
-
-sub out1p
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t ".&conv($p1)."\n");
-	}
-
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	&main'lea($dst,&main'DWP($sym));
-	}
-
-sub main'blindpop { &out1("pop",@_); }
diff --git a/crypto/openssl/crypto/perlasm/x86nasm.pl b/crypto/openssl/crypto/perlasm/x86nasm.pl
deleted file mode 100644
index f30b7466d45d..000000000000
--- a/crypto/openssl/crypto/perlasm/x86nasm.pl
+++ /dev/null
@@ -1,353 +0,0 @@
-#!/usr/local/bin/perl
-
-package x86nasm;
-
-$label="L000";
-
-%lb=(	'eax',	'al',
-	'ebx',	'bl',
-	'ecx',	'cl',
-	'edx',	'dl',
-	'ax',	'al',
-	'bx',	'bl',
-	'cx',	'cl',
-	'dx',	'dl',
-	);
-
-%hb=(	'eax',	'ah',
-	'ebx',	'bh',
-	'ecx',	'ch',
-	'edx',	'dh',
-	'ax',	'ah',
-	'bx',	'bh',
-	'cx',	'ch',
-	'dx',	'dh',
-	);
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-
-sub main'external_label
-{
-	push(@labels,@_);
-	foreach (@_) {
-		push(@out, "extern\t_$_\n");
-	}
-}
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'BP
-	{
-	&get_mem("BYTE",@_);
-	}
-
-sub main'DWP
-	{
-	&get_mem("DWORD",@_);
-	}
-
-sub main'BC
-	{
-	return "BYTE @_";
-	}
-
-sub main'DWC
-	{
-	return "DWORD @_";
-	}
-
-sub main'stack_push
-	{
-	my($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	my($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
-
-sub get_mem
-	{
-	my($size,$addr,$reg1,$reg2,$idx)=@_;
-	my($t,$post);
-	my($ret)="[";
-	$addr =~ s/^\s+//;
-	if ($addr =~ /^(.+)\+(.+)$/)
-		{
-		$reg2=&conv($1);
-		$addr="_$2";
-		}
-	elsif ($addr =~ /^[_a-zA-Z]/)
-		{
-		$addr="_$addr";
-		}
-
-	if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
-
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	if (($addr ne "") && ($addr ne 0))
-		{
-		if ($addr !~ /^-/)
-			{ $ret.="${addr}+"; }
-		else	{ $post=$addr; }
-		}
-	if ($reg2 ne "")
-		{
-		$t="";
-		$t="*$idx" if ($idx != 0);
-		$reg1="+".$reg1 if ("$reg1$post" ne "");
-		$ret.="$reg2$t$reg1$post]";
-		}
-	else
-		{
-		$ret.="$reg1$post]"
-		}
-	$ret =~ s/\+\]/]/; # in case $addr was the only argument
-	return($ret);
-	}
-
-sub main'mov	{ &out2("mov",@_); }
-sub main'movb	{ &out2("mov",@_); }
-sub main'and	{ &out2("and",@_); }
-sub main'or	{ &out2("or",@_); }
-sub main'shl	{ &out2("shl",@_); }
-sub main'shr	{ &out2("shr",@_); }
-sub main'xor	{ &out2("xor",@_); }
-sub main'xorb	{ &out2("xor",@_); }
-sub main'add	{ &out2("add",@_); }
-sub main'adc	{ &out2("adc",@_); }
-sub main'sub	{ &out2("sub",@_); }
-sub main'rotl	{ &out2("rol",@_); }
-sub main'rotr	{ &out2("ror",@_); }
-sub main'exch	{ &out2("xchg",@_); }
-sub main'cmp	{ &out2("cmp",@_); }
-sub main'lea	{ &out2("lea",@_); }
-sub main'mul	{ &out1("mul",@_); }
-sub main'div	{ &out1("div",@_); }
-sub main'dec	{ &out1("dec",@_); }
-sub main'inc	{ &out1("inc",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-
-# This is a bit of a kludge: declare all branches as NEAR.
-sub main'je	{ &out1("je NEAR",@_); }
-sub main'jle	{ &out1("jle NEAR",@_); }
-sub main'jz	{ &out1("jz NEAR",@_); }
-sub main'jge	{ &out1("jge NEAR",@_); }
-sub main'jl	{ &out1("jl NEAR",@_); }
-sub main'jb	{ &out1("jb NEAR",@_); }
-sub main'jc	{ &out1("jc NEAR",@_); }
-sub main'jnc	{ &out1("jnc NEAR",@_); }
-sub main'jnz	{ &out1("jnz NEAR",@_); }
-sub main'jne	{ &out1("jne NEAR",@_); }
-sub main'jno	{ &out1("jno NEAR",@_); }
-
-sub main'push	{ &out1("push",@_); $stack+=4; }
-sub main'pop	{ &out1("pop",@_); $stack-=4; }
-sub main'bswap	{ &out1("bswap",@_); &using486(); }
-sub main'not	{ &out1("not",@_); }
-sub main'call	{ &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); }
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-
-sub out2
-	{
-	my($name,$p1,$p2)=@_;
-	my($l,$t);
-
-	push(@out,"\t$name\t");
-	$t=&conv($p1).",";
-	$l=length($t);
-	push(@out,$t);
-	$l=4-($l+9)/8;
-	push(@out,"\t" x $l);
-	push(@out,&conv($p2));
-	push(@out,"\n");
-	}
-
-sub out0
-	{
-	my($name)=@_;
-
-	push(@out,"\t$name\n");
-	}
-
-sub out1
-	{
-	my($name,$p1)=@_;
-	my($l,$t);
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub conv
-	{
-	my($p)=@_;
-	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-	return $p;
-	}
-
-sub using486
-	{
-	return if $using486;
-	$using486++;
-	grep(s/\.386/\.486/,@out);
-	}
-
-sub main'file
-	{
-	push(@out, "segment .text use32\n");
-	}
-
-sub main'function_begin
-	{
-	my($func,$extra)=@_;
-
-	push(@labels,$func);
-	my($tmp)=<<"EOF";
-global	_$func
-_$func:
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	my($func,$extra)=@_;
-	my($tmp)=<<"EOF";
-global	_$func
-_$func:
-EOF
-	push(@out,$tmp);
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	my($func)=@_;
-
-	my($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_B
-	{
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	my($func)=@_;
-
-	my($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'file_end
-	{
-	}
-
-sub main'wparam
-	{
-	my($num)=@_;
-
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
-
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
-
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	my($num)=@_;
-#
-#	return(&main'DWP(-(($num+1)*4),"esp","",0));
-#	}
-
-sub main'comment
-	{
-	foreach (@_)
-		{
-		push(@out,"\t; $_\n");
-		}
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	push(@out,"$label{$_[0]}:\n");
-	}
-
-sub main'data_word
-	{
-	push(@out,"\tDD\t$_[0]\n");
-	}
-
-sub out1p
-	{
-	my($name,$p1)=@_;
-	my($l,$t);
-
-	push(@out,"\t$name\t ".&conv($p1)."\n");
-	}
-
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	&main'lea($dst,&main'DWP($sym));
-	}
-
-sub main'blindpop { &out1("pop",@_); }
diff --git a/crypto/openssl/crypto/perlasm/x86unix.pl b/crypto/openssl/crypto/perlasm/x86unix.pl
deleted file mode 100644
index 72bde061c563..000000000000
--- a/crypto/openssl/crypto/perlasm/x86unix.pl
+++ /dev/null
@@ -1,585 +0,0 @@
-#!/usr/local/bin/perl
-
-package x86unix;
-
-$label="L000";
-$const="";
-$constl=0;
-
-$align=($main'aout)?"4":"16";
-$under=($main'aout)?"_":"";
-$com_start=($main'sol)?"/":"#";
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels,@_); }
-
-if ($main'cpp)
-	{
-	$align="ALIGN";
-	$under="";
-	$com_start='/*';
-	$com_end='*/';
-	}
-
-%lb=(	'eax',	'%al',
-	'ebx',	'%bl',
-	'ecx',	'%cl',
-	'edx',	'%dl',
-	'ax',	'%al',
-	'bx',	'%bl',
-	'cx',	'%cl',
-	'dx',	'%dl',
-	);
-
-%hb=(	'eax',	'%ah',
-	'ebx',	'%bh',
-	'ecx',	'%ch',
-	'edx',	'%dh',
-	'ax',	'%ah',
-	'bx',	'%bh',
-	'cx',	'%ch',
-	'dx',	'%dh',
-	);
-
-%regs=(	'eax',	'%eax',
-	'ebx',	'%ebx',
-	'ecx',	'%ecx',
-	'edx',	'%edx',
-	'esi',	'%esi',
-	'edi',	'%edi',
-	'ebp',	'%ebp',
-	'esp',	'%esp',
-	);
-
-%reg_val=(
-	'eax',	0x00,
-	'ebx',	0x03,
-	'ecx',	0x01,
-	'edx',	0x02,
-	'esi',	0x06,
-	'edi',	0x07,
-	'ebp',	0x05,
-	'esp',	0x04,
-	);
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'DWP
-	{
-	local($addr,$reg1,$reg2,$idx)=@_;
-
-	$ret="";
-	$addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/;
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	$ret.=$addr if ($addr ne "") && ($addr ne 0);
-	if ($reg2 ne "")
-		{
-		if($idx ne "" && $idx != 0)
-		    { $ret.="($reg1,$reg2,$idx)"; }
-		else
-		    { $ret.="($reg1,$reg2)"; }
-	        }
-	elsif ($reg1 ne "")
-		{ $ret.="($reg1)" }
-	return($ret);
-	}
-
-sub main'BP
-	{
-	return(&main'DWP(@_));
-	}
-
-sub main'BC
-	{
-	return @_;
-	}
-
-sub main'DWC
-	{
-	return @_;
-	}
-
-#sub main'BP
-#	{
-#	local($addr,$reg1,$reg2,$idx)=@_;
-#
-#	$ret="";
-#
-#	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
-#	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-#	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-#	$ret.=$addr if ($addr ne "") && ($addr ne 0);
-#	if ($reg2 ne "")
-#		{ $ret.="($reg1,$reg2,$idx)"; }
-#	else
-#		{ $ret.="($reg1)" }
-#	return($ret);
-#	}
-
-sub main'mov	{ &out2("movl",@_); }
-sub main'movb	{ &out2("movb",@_); }
-sub main'and	{ &out2("andl",@_); }
-sub main'or	{ &out2("orl",@_); }
-sub main'shl	{ &out2("sall",@_); }
-sub main'shr	{ &out2("shrl",@_); }
-sub main'xor	{ &out2("xorl",@_); }
-sub main'xorb	{ &out2("xorb",@_); }
-sub main'add	{ &out2("addl",@_); }
-sub main'adc	{ &out2("adcl",@_); }
-sub main'sub	{ &out2("subl",@_); }
-sub main'rotl	{ &out2("roll",@_); }
-sub main'rotr	{ &out2("rorl",@_); }
-sub main'exch	{ &out2("xchg",@_); }
-sub main'cmp	{ &out2("cmpl",@_); }
-sub main'lea	{ &out2("leal",@_); }
-sub main'mul	{ &out1("mull",@_); }
-sub main'div	{ &out1("divl",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-sub main'je	{ &out1("je",@_); }
-sub main'jle	{ &out1("jle",@_); }
-sub main'jne	{ &out1("jne",@_); }
-sub main'jnz	{ &out1("jnz",@_); }
-sub main'jz	{ &out1("jz",@_); }
-sub main'jge	{ &out1("jge",@_); }
-sub main'jl	{ &out1("jl",@_); }
-sub main'jb	{ &out1("jb",@_); }
-sub main'jc	{ &out1("jc",@_); }
-sub main'jnc	{ &out1("jnc",@_); }
-sub main'jno	{ &out1("jno",@_); }
-sub main'dec	{ &out1("decl",@_); }
-sub main'inc	{ &out1("incl",@_); }
-sub main'push	{ &out1("pushl",@_); $stack+=4; }
-sub main'pop	{ &out1("popl",@_); $stack-=4; }
-sub main'pushf	{ &out0("pushf"); $stack+=4; }
-sub main'popf	{ &out0("popf"); $stack-=4; }
-sub main'not	{ &out1("notl",@_); }
-sub main'call	{ &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); }
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-
-# The bswapl instruction is new for the 486. Emulate if i386.
-sub main'bswap
-	{
-	if ($main'i386)
-		{
-		&main'comment("bswapl @_");
-		&main'exch(main'HB(@_),main'LB(@_));
-		&main'rotr(@_,16);
-		&main'exch(main'HB(@_),main'LB(@_));
-		}
-	else
-		{
-		&out1("bswapl",@_);
-		}
-	}
-
-sub out2
-	{
-	local($name,$p1,$p2)=@_;
-	local($l,$ll,$t);
-	local(%special)=(	"roll",0xD1C0,"rorl",0xD1C8,
-				"rcll",0xD1D0,"rcrl",0xD1D8,
-				"shll",0xD1E0,"shrl",0xD1E8,
-				"sarl",0xD1F8);
-	
-	if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1))
-		{
-		$op=$special{$name}|$reg_val{$p1};
-		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
-		$tmp2=sprintf(".byte %d\t",$op     &0xff);
-		push(@out,$tmp1);
-		push(@out,$tmp2);
-
-		$p2=&conv($p2);
-		$p1=&conv($p1);
-		&main'comment("$name $p2 $p1");
-		return;
-		}
-
-	push(@out,"\t$name\t");
-	$t=&conv($p2).",";
-	$l=length($t);
-	push(@out,$t);
-	$ll=4-($l+9)/8;
-	$tmp1=sprintf("\t" x $ll);
-	push(@out,$tmp1);
-	push(@out,&conv($p1)."\n");
-	}
-
-sub out1
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-	local(%special)=("bswapl",0x0FC8);
-
-	if ((defined($special{$name})) && defined($regs{$p1}))
-		{
-		$op=$special{$name}|$reg_val{$p1};
-		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
-		$tmp2=sprintf(".byte %d\t",$op     &0xff);
-		push(@out,$tmp1);
-		push(@out,$tmp2);
-
-		$p2=&conv($p2);
-		$p1=&conv($p1);
-		&main'comment("$name $p2 $p1");
-		return;
-		}
-
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub out1p
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t*".&conv($p1)."\n");
-	}
-
-sub out0
-	{
-	push(@out,"\t$_[0]\n");
-	}
-
-sub conv
-	{
-	local($p)=@_;
-
-#	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-
-	$p=$regs{$p} if (defined($regs{$p}));
-
-	$p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/;
-	$p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
-	return $p;
-	}
-
-sub main'file
-	{
-	local($file)=@_;
-
-	local($tmp)=<<"EOF";
-	.file	"$file.s"
-	.version	"01.01"
-gcc2_compiled.:
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_begin
-	{
-	local($func)=@_;
-
-	&main'external_label($func);
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-.text
-	.align $align
-.globl $func
-EOF
-	push(@out,$tmp);
-	if ($main'cpp)
-		{ $tmp=push(@out,"\tTYPE($func,\@function)\n"); }
-	elsif ($main'gaswin)
-		{ $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
-	else	{ $tmp=push(@out,"\t.type\t$func,\@function\n"); }
-	push(@out,"$func:\n");
-	$tmp=<<"EOF";
-	pushl	%ebp
-	pushl	%ebx
-	pushl	%esi
-	pushl	%edi
-
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	local($func,$extra)=@_;
-
-	&main'external_label($func);
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-.text
-	.align $align
-.globl $func
-EOF
-	push(@out,$tmp);
-	if ($main'cpp)
-		{ push(@out,"\tTYPE($func,\@function)\n"); }
-	elsif ($main'gaswin)
-		{ $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
-	else	{ push(@out,"\t.type	$func,\@function\n"); }
-	push(@out,"$func:\n");
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	local($func)=@_;
-
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-	popl	%edi
-	popl	%esi
-	popl	%ebx
-	popl	%ebp
-	ret
-.L_${func}_end:
-EOF
-	push(@out,$tmp);
-
-	if ($main'cpp)
-		{ push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); }
-	elsif ($main'gaswin)
-                { $tmp=push(@out,"\t.align 4\n"); }
-	else	{ push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); }
-	push(@out,".ident	\"$func\"\n");
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	popl	%edi
-	popl	%esi
-	popl	%ebx
-	popl	%ebp
-	ret
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_end_B
-	{
-	local($func)=@_;
-
-	$func=$under.$func;
-
-	push(@out,".L_${func}_end:\n");
-	if ($main'cpp)
-		{ push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); }
-        elsif ($main'gaswin)
-                { push(@out,"\t.align 4\n"); }
-	else	{ push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); }
-	push(@out,".ident	\"desasm.pl\"\n");
-	$stack=0;
-	%label=();
-	}
-
-sub main'wparam
-	{
-	local($num)=@_;
-
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
-
-sub main'stack_push
-	{
-	local($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	local($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
-
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
-
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	local($num)=@_;
-#
-#	return(&main'DWP(-($num+1)*4,"esp","",0));
-#	}
-
-sub main'comment
-	{
-	if ($main'elf)	# GNU and SVR4 as'es use different comment delimiters,
-		{	# so we just skip comments...
-		push(@out,"\n");
-		return;
-		}
-	foreach (@_)
-		{
-		if (/^\s*$/)
-			{ push(@out,"\n"); }
-		else
-			{ push(@out,"\t$com_start $_ $com_end\n"); }
-		}
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}=".${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}=".${label}${_[0]}";
-		$label++;
-		}
-	push(@out,".align $align\n") if ($_[1] != 0);
-	push(@out,"$label{$_[0]}:\n");
-	}
-
-sub main'file_end
-	{
-	if ($const ne "")
-		{
-		push(@out,".section .rodata\n");
-		push(@out,$const);
-		$const="";
-		}
-	}
-
-sub main'data_word
-	{
-	push(@out,"\t.long $_[0]\n");
-	}
-
-# debug output functions: puts, putx, printf
-
-sub main'puts
-	{
-	&pushvars();
-	&main'push('$Lstring' . ++$constl);
-	&main'call('puts');
-	$stack-=4;
-	&main'add("esp",4);
-	&popvars();
-
-	$const .= "Lstring$constl:\n\t.string \"@_[0]\"\n";
-	}
-
-sub main'putx
-	{
-	&pushvars();
-	&main'push($_[0]);
-	&main'push('$Lstring' . ++$constl);
-	&main'call('printf');
-	&main'add("esp",8);
-	$stack-=8;
-	&popvars();
-
-	$const .= "Lstring$constl:\n\t.string \"\%X\"\n";
-	}
-
-sub main'printf
-	{
-	$ostack = $stack;
-	&pushvars();
-	for ($i = @_ - 1; $i >= 0; $i--)
-		{
-		if ($i == 0) # change this to support %s format strings
-			{
-			&main'push('$Lstring' . ++$constl);
-			$const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n";
-			}
-		else
-			{
-			if ($_[$i] =~ /([0-9]*)\(%esp\)/)
-				{
-				&main'push(($1 + $stack - $ostack) . '(%esp)');
-				}
-			else
-				{
-				&main'push($_[$i]);
-				}
-			}
-		}
-	&main'call('printf');
-	$stack-=4*@_;
-	&main'add("esp",4*@_);
-	&popvars();
-	}
-
-sub pushvars
-	{
-	&main'pushf();
-	&main'push("edx");
-	&main'push("ecx");
-	&main'push("eax");
-	}
-
-sub popvars
-	{
-	&main'pop("eax");
-	&main'pop("ecx");
-	&main'pop("edx");
-	&main'popf();
-	}
-
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	if ($main'cpp)
-		{
-		local($tmp)=<<___;
-#if (defined(ELF) || defined(SOL)) && defined(PIC)
-	.align	8
-	call	1f
-1:	popl	$regs{$dst}
-	addl	\$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst}
-	movl	$sym\@GOT($regs{$dst}),$regs{$dst}
-#else
-	leal	$sym,$regs{$dst}
-#endif
-___
-		push(@out,$tmp);
-		}
-	elsif ($main'pic && ($main'elf || $main'aout))
-		{
-		push(@out,"\t.align\t8\n");
-		&main'call(&main'label("PIC_me_up"));
-		&main'set_label("PIC_me_up");
-		&main'blindpop($dst);
-		&main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-".
-				&main'label("PIC_me_up") . "]");
-		&main'mov($dst,&main'DWP($sym."\@GOT",$dst));
-		}
-	else
-		{
-		&main'lea($dst,&main'DWP($sym));
-		}
-	}
-
-sub main'blindpop { &out1("popl",@_); }
diff --git a/crypto/openssl/crypto/pkcs12/Makefile.save b/crypto/openssl/crypto/pkcs12/Makefile.save
deleted file mode 100644
index c92dd276398c..000000000000
--- a/crypto/openssl/crypto/pkcs12/Makefile.save
+++ /dev/null
@@ -1,400 +0,0 @@
-#
-# SSLeay/crypto/pkcs12/Makefile
-#
-
-DIR=	pkcs12
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \
-	p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c\
-	p12_sbag.c p12_utl.c p12_npas.c pk12err.c
-LIBOBJ= p12_add.o p12_attr.o p12_bags.o p12_crpt.o p12_crt.o p12_decr.o \
-	p12_init.o p12_key.o p12_kiss.o p12_lib.o p12_mac.o p12_mutl.o\
-	p12_sbag.o p12_utl.o p12_npas.o pk12err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs12.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_add.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_add.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_add.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_add.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_add.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_attr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_attr.o: ../../include/openssl/opensslconf.h
-p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_attr.o: ../cryptlib.h
-p12_bags.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_bags.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_bags.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_bags.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_bags.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_bags.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_bags.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_bags.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_bags.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_bags.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_bags.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_bags.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_bags.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_bags.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_bags.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_bags.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_bags.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_bags.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_bags.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_bags.o: ../cryptlib.h
-p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_crpt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_crpt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crpt.o: ../../include/openssl/opensslconf.h
-p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_crpt.o: ../cryptlib.h
-p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_crt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_crt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_crt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_crt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_crt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_decr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_decr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_decr.o: ../../include/openssl/opensslconf.h
-p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_decr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_decr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_decr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_decr.o: ../cryptlib.h
-p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_init.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_init.o: ../../include/openssl/opensslconf.h
-p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_init.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_init.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_init.o: ../cryptlib.h
-p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_kiss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_kiss.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_kiss.o: ../../include/openssl/opensslconf.h
-p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_kiss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_kiss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_kiss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_kiss.o: ../cryptlib.h
-p12_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_lib.o: ../cryptlib.h
-p12_mac.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_mac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_mac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_mac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_mac.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_mac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_mac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_mac.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_mac.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_mac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_mac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_mac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mac.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_mac.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_mac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_mac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_mac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_mac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_mac.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_mac.o: ../cryptlib.h
-p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_mutl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_mutl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
-p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_mutl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p12_mutl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_mutl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_mutl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_npas.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_npas.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-p12_npas.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-p12_npas.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_npas.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_npas.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_sbag.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_sbag.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_sbag.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_sbag.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_sbag.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_sbag.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_sbag.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_sbag.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_sbag.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_sbag.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_sbag.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_sbag.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_sbag.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_sbag.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_sbag.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_sbag.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_sbag.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_sbag.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../cryptlib.h
-p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_utl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk12err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk12err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk12err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk12err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
diff --git a/crypto/openssl/crypto/pkcs12/Makefile.ssl b/crypto/openssl/crypto/pkcs12/Makefile.ssl
deleted file mode 100644
index b4c564262cb3..000000000000
--- a/crypto/openssl/crypto/pkcs12/Makefile.ssl
+++ /dev/null
@@ -1,417 +0,0 @@
-#
-# SSLeay/crypto/pkcs12/Makefile
-#
-
-DIR=	pkcs12
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
-	p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
-	p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
-LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
-	p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
-	p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs12.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-p12_add.o: ../../e_os.h ../../include/openssl/aes.h
-p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_add.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_add.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_add.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_add.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_add.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_add.o: ../cryptlib.h p12_add.c
-p12_asn.o: ../../e_os.h ../../include/openssl/aes.h
-p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p12_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_asn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_asn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_asn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
-p12_attr.o: ../../e_os.h ../../include/openssl/aes.h
-p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_attr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_attr.o: ../../include/openssl/opensslconf.h
-p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_attr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c
-p12_crpt.o: ../../e_os.h ../../include/openssl/aes.h
-p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crpt.o: ../../include/openssl/opensslconf.h
-p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c
-p12_crt.o: ../../e_os.h ../../include/openssl/aes.h
-p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_crt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_crt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_crt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_crt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_crt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_crt.o: ../cryptlib.h p12_crt.c
-p12_decr.o: ../../e_os.h ../../include/openssl/aes.h
-p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_decr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_decr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_decr.o: ../../include/openssl/opensslconf.h
-p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_decr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_decr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_decr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c
-p12_init.o: ../../e_os.h ../../include/openssl/aes.h
-p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_init.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_init.o: ../../include/openssl/opensslconf.h
-p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_init.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_init.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_init.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c
-p12_key.o: ../../e_os.h ../../include/openssl/aes.h
-p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_key.o: ../cryptlib.h p12_key.c
-p12_kiss.o: ../../e_os.h ../../include/openssl/aes.h
-p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_kiss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_kiss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_kiss.o: ../../include/openssl/opensslconf.h
-p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_kiss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_kiss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_kiss.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c
-p12_mutl.o: ../../e_os.h ../../include/openssl/aes.h
-p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_mutl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_mutl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
-p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-p12_mutl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_mutl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_mutl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_mutl.o: ../cryptlib.h p12_mutl.c
-p12_npas.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-p12_npas.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_npas.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_npas.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_npas.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p12_npas.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-p12_npas.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c
-p12_p8d.o: ../../e_os.h ../../include/openssl/aes.h
-p12_p8d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_p8d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_p8d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_p8d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_p8d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_p8d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_p8d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_p8d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_p8d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_p8d.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_p8d.o: ../cryptlib.h p12_p8d.c
-p12_p8e.o: ../../e_os.h ../../include/openssl/aes.h
-p12_p8e.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_p8e.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_p8e.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_p8e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_p8e.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_p8e.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_p8e.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_p8e.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_p8e.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_p8e.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_p8e.o: ../cryptlib.h p12_p8e.c
-p12_utl.o: ../../e_os.h ../../include/openssl/aes.h
-p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p12_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-p12_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_utl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_utl.o: ../cryptlib.h p12_utl.c
-pk12err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-pk12err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-pk12err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-pk12err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pk12err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk12err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pk12err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/crypto/openssl/crypto/pkcs12/p12_add.c b/crypto/openssl/crypto/pkcs12/p12_add.c
deleted file mode 100644
index 1909f285065d..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_add.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* p12_add.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Pack an object into an OCTET STRING and turn into a safebag */
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1,
-	     int nid2)
-{
-	PKCS12_BAGS *bag;
-	PKCS12_SAFEBAG *safebag;
-	if (!(bag = PKCS12_BAGS_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	bag->type = OBJ_nid2obj(nid1);
-	if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if (!(safebag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	safebag->value.bag = bag;
-	safebag->type = OBJ_nid2obj(nid2);
-	return safebag;
-}
-
-/* Turn PKCS8 object into a keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-{
-	PKCS12_SAFEBAG *bag;
-	if (!(bag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	bag->type = OBJ_nid2obj(NID_keyBag);
-	bag->value.keybag = p8;
-	return bag;
-}
-
-/* Turn PKCS8 object into a shrouded keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-	     int passlen, unsigned char *salt, int saltlen, int iter,
-	     PKCS8_PRIV_KEY_INFO *p8)
-{
-	PKCS12_SAFEBAG *bag;
-
-	/* Set up the safe bag */
-	if (!(bag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
-	if (!(bag->value.shkeybag = 
-	  PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
-									 p8))) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	return bag;
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
-{
-	PKCS7 *p7;
-	if (!(p7 = PKCS7_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p7->type = OBJ_nid2obj(NID_pkcs7_data);
-	if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	
-	if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
-		return NULL;
-	}
-	return p7;
-}
-
-/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
-{
-	if(!PKCS7_type_is_data(p7)) return NULL;
-	return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
-
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-			      unsigned char *salt, int saltlen, int iter,
-			      STACK_OF(PKCS12_SAFEBAG) *bags)
-{
-	PKCS7 *p7;
-	X509_ALGOR *pbe;
-	if (!(p7 = PKCS7_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
-				PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
-		return NULL;
-	}
-	if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
-	p7->d.encrypted->enc_data->algorithm = pbe;
-	M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
-	if (!(p7->d.encrypted->enc_data->enc_data =
-	PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, passlen,
-				 bags, 1))) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
-		return NULL;
-	}
-
-	return p7;
-}
-
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)
-{
-	if(!PKCS7_type_is_encrypted(p7)) return NULL;
-	return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
-			           ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
-				   pass, passlen,
-			           p7->d.encrypted->enc_data->enc_data, 1);
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass,
-								int passlen)
-{
-	return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
-}
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) 
-{
-	if(ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
-		&p12->authsafes->d.data)) 
-			return 1;
-	return 0;
-}
-
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
-{
-	return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_asn.c b/crypto/openssl/crypto/pkcs12/p12_asn.c
deleted file mode 100644
index a3739fee1a6d..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_asn.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* p12_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 ASN1 module */
-
-ASN1_SEQUENCE(PKCS12) = {
-	ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS12, authsafes, PKCS7),
-	ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
-} ASN1_SEQUENCE_END(PKCS12)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
-
-ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
-	ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),
-	ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING),
-	ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PKCS12_MAC_DATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-
-ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS12_BAGS) = {
-	ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)),
-	ADB_ENTRY(NID_x509Crl, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)),
-	ADB_ENTRY(NID_sdsiCertificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)),
-} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL);
-
-ASN1_SEQUENCE(PKCS12_BAGS) = {
-	ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT),
-	ASN1_ADB_OBJECT(PKCS12_BAGS),
-} ASN1_SEQUENCE_END(PKCS12_BAGS)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS12_SAFEBAG) = {
-	ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)),
-	ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.shkeybag, X509_SIG, 0)),
-	ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)),
-	ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
-	ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
-	ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0))
-} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);
-
-ASN1_SEQUENCE(PKCS12_SAFEBAG) = {
-	ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT),
-	ASN1_ADB_OBJECT(PKCS12_SAFEBAG),
-	ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE)
-} ASN1_SEQUENCE_END(PKCS12_SAFEBAG)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-
-/* SEQUENCE OF SafeBag */
-ASN1_ITEM_TEMPLATE(PKCS12_SAFEBAGS) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_SAFEBAGS, PKCS12_SAFEBAG)
-ASN1_ITEM_TEMPLATE_END(PKCS12_SAFEBAGS)
-
-/* Authsafes: SEQUENCE OF PKCS7 */
-ASN1_ITEM_TEMPLATE(PKCS12_AUTHSAFES) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_AUTHSAFES, PKCS7)
-ASN1_ITEM_TEMPLATE_END(PKCS12_AUTHSAFES)
-
diff --git a/crypto/openssl/crypto/pkcs12/p12_attr.c b/crypto/openssl/crypto/pkcs12/p12_attr.c
deleted file mode 100644
index 026cf3826a70..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_attr.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* p12_attr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Add a local keyid to a safebag */
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
-	     int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
-				V_ASN1_OCTET_STRING, name, namelen))
-		return 1;
-	else 
-		return 0;
-}
-
-/* Add key usage to PKCS#8 structure */
-
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-{
-	unsigned char us_val;
-	us_val = (unsigned char) usage;
-	if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
-				V_ASN1_BIT_STRING, &us_val, 1))
-		return 1;
-	else
-		return 0;
-}
-
-/* Add a friendlyname to a safebag */
-
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
-				 int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-				MBSTRING_ASC, (unsigned char *)name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
-				 const unsigned char *name, int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-				MBSTRING_BMP, name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
-				 int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
-				MBSTRING_ASC, (unsigned char *)name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
-{
-	X509_ATTRIBUTE *attrib;
-	int i;
-	if (!attrs) return NULL;
-	for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) {
-		attrib = sk_X509_ATTRIBUTE_value (attrs, i);
-		if (OBJ_obj2nid (attrib->object) == attr_nid) {
-			if (sk_ASN1_TYPE_num (attrib->value.set))
-			    return sk_ASN1_TYPE_value(attrib->value.set, 0);
-			else return NULL;
-		}
-	}
-	return NULL;
-}
-
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
-{
-	ASN1_TYPE *atype;
-	if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL;
-	if (atype->type != V_ASN1_BMPSTRING) return NULL;
-	return uni2asc(atype->value.bmpstring->data,
-				 atype->value.bmpstring->length);
-}
-
diff --git a/crypto/openssl/crypto/pkcs12/p12_bags.c b/crypto/openssl/crypto/pkcs12/p12_bags.c
deleted file mode 100644
index 56547ef933f3..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_bags.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* p12_bags.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs12.h>
-
-int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp)
-{
-	int bagnid, v = 0;
-	M_ASN1_I2D_vars(a);
-	bagnid = OBJ_obj2nid (a->type);
-	M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
-	
-	switch (bagnid) {
-
-		case NID_x509Certificate:
-			M_ASN1_I2D_len_EXP_opt (a->value.x509cert,
-						 i2d_ASN1_OCTET_STRING, 0, v);
-		break;
-
-		case NID_x509Crl:
-			M_ASN1_I2D_len_EXP_opt (a->value.x509crl,
-						 i2d_ASN1_OCTET_STRING, 0, v);
-		break;
-
-		case NID_sdsiCertificate:
-			M_ASN1_I2D_len_EXP_opt (a->value.sdsicert,
-						 i2d_ASN1_IA5STRING, 0, v);
-		break;
-
-		default:
-			M_ASN1_I2D_len_EXP_opt (a->value.other,
-						 i2d_ASN1_TYPE, 0, v);
-		break;
-	}
-
-	M_ASN1_I2D_seq_total ();
-	
-	M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
-	
-	switch (bagnid) {
-
-		case NID_x509Certificate:
-			M_ASN1_I2D_put_EXP_opt (a->value.x509cert,
-						 i2d_ASN1_OCTET_STRING, 0, v);
-		break;
-
-		case NID_x509Crl:
-			M_ASN1_I2D_put_EXP_opt (a->value.x509crl,
-						 i2d_ASN1_OCTET_STRING, 0, v);
-		break;
-
-		case NID_sdsiCertificate:
-			M_ASN1_I2D_put_EXP_opt (a->value.sdsicert,
-						 i2d_ASN1_IA5STRING, 0, v);
-		break;
-
-		default:
-		M_ASN1_I2D_put_EXP_opt (a->value.other, i2d_ASN1_TYPE, 0, v);
-		break;
-	}
-	M_ASN1_I2D_finish();
-}
-
-PKCS12_BAGS *PKCS12_BAGS_new(void)
-{
-	PKCS12_BAGS *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, PKCS12_BAGS);
-	ret->type=NULL;
-	ret->value.other=NULL;
-	return (ret);
-	M_ASN1_New_Error(ASN1_F_PKCS12_BAGS_NEW);
-}
-
-PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp,
-	     long length)
-{
-	int bagnid;
-	M_ASN1_D2I_vars(a,PKCS12_BAGS *,PKCS12_BAGS_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
-	bagnid = OBJ_obj2nid (ret->type);
-	switch (bagnid) {
-
-		case NID_x509Certificate:
-			M_ASN1_D2I_get_EXP_opt (ret->value.x509cert,
-						 d2i_ASN1_OCTET_STRING, 0);
-		break;
-
-		case NID_x509Crl:
-			M_ASN1_D2I_get_EXP_opt (ret->value.x509crl,
-						 d2i_ASN1_OCTET_STRING, 0);
-		break;
-
-		case NID_sdsiCertificate:
-			M_ASN1_D2I_get_EXP_opt (ret->value.sdsicert,
-						 d2i_ASN1_IA5STRING, 0);
-		break;
-
-		default:
-			M_ASN1_D2I_get_EXP_opt (ret->value.other,
-							 d2i_ASN1_TYPE, 0);
-		break;
-	}
-
-	M_ASN1_D2I_Finish(a, PKCS12_BAGS_free, ASN1_F_D2I_PKCS12_BAGS);
-}
-
-void PKCS12_BAGS_free (PKCS12_BAGS *a)
-{
-	if (a == NULL) return;
-	switch (OBJ_obj2nid(a->type)) {
-
-		case NID_x509Certificate:
-			M_ASN1_OCTET_STRING_free (a->value.x509cert);
-		break;
-
-		case NID_x509Crl:
-			M_ASN1_OCTET_STRING_free (a->value.x509crl);
-		break;
-
-		case NID_sdsiCertificate:
-			M_ASN1_IA5STRING_free (a->value.sdsicert);
-		break;
-
-		default:
-			ASN1_TYPE_free (a->value.other);
-		break;
-	}
-
-	ASN1_OBJECT_free (a->type);
-	OPENSSL_free (a);
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_crpt.c b/crypto/openssl/crypto/pkcs12/p12_crpt.c
deleted file mode 100644
index 5e8958612b49..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_crpt.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* p12_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 specific PBE functions */
-
-void PKCS12_PBE_add(void)
-{
-#ifndef OPENSSL_NO_RC4
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),
-							 PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),
-							 PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_DES
-EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
-		 	EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 
-			EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_RC2
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),
-					EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
-					EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-}
-
-int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-		ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
-{
-	PBEPARAM *pbe;
-	int saltlen, iter;
-	unsigned char *salt, *pbuf;
-	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-
-	/* Extract useful info from parameter */
-	pbuf = param->value.sequence->data;
-	if (!param || (param->type != V_ASN1_SEQUENCE) ||
-	   !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
-		EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	if (!pbe->iter) iter = 1;
-	else iter = ASN1_INTEGER_get (pbe->iter);
-	salt = pbe->salt->data;
-	saltlen = pbe->salt->length;
-	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
-			     iter, EVP_CIPHER_key_length(cipher), key, md)) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR);
-		PBEPARAM_free(pbe);
-		return 0;
-	}
-	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,
-				iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR);
-		PBEPARAM_free(pbe);
-		return 0;
-	}
-	PBEPARAM_free(pbe);
-	EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
-	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
-	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
-	return 1;
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_crt.c b/crypto/openssl/crypto/pkcs12/p12_crt.c
deleted file mode 100644
index 4c36c643ce68..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_crt.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* p12_crt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-	     STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
-	     int keytype)
-{
-	PKCS12 *p12;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	STACK_OF(PKCS7) *safes;
-	PKCS12_SAFEBAG *bag;
-	PKCS8_PRIV_KEY_INFO *p8;
-	PKCS7 *authsafe;
-	X509 *tcert;
-	int i;
-	unsigned char keyid[EVP_MAX_MD_SIZE];
-	unsigned int keyidlen;
-
-	/* Set defaults */
-	if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
-	if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-	if(!iter) iter = PKCS12_DEFAULT_ITER;
-	if(!mac_iter) mac_iter = 1;
-
-	if(!pkey || !cert) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-
-	if(!X509_check_private_key(cert, pkey)) return NULL;
-
-	if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	/* Add user certificate */
-	if(!(bag = PKCS12_x5092certbag(cert))) return NULL;
-	if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL;
-	X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
-	if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL;
-
-	if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	
-	/* Add all other certificates */
-	if(ca) {
-		for(i = 0; i < sk_X509_num(ca); i++) {
-			tcert = sk_X509_value(ca, i);
-			if(!(bag = PKCS12_x5092certbag(tcert))) return NULL;
-			if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
-				PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-				return NULL;
-			}
-		}
-	}
-
-	/* Turn certbags into encrypted authsafe */
-	authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0,
-					  iter, bags);
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-
-	if (!authsafe) return NULL;
-
-	if(!(safes = sk_PKCS7_new_null ())
-	   || !sk_PKCS7_push(safes, authsafe)) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	/* Make a shrouded key bag */
-	if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL;
-	if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL;
-	bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8);
-	if(!bag) return NULL;
-	PKCS8_PRIV_KEY_INFO_free(p8);
-        if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL;
-	if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL;
-	if(!(bags = sk_PKCS12_SAFEBAG_new_null())
-	   || !sk_PKCS12_SAFEBAG_push (bags, bag)) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	/* Turn it into unencrypted safe bag */
-	if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL;
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	if(!sk_PKCS7_push(safes, authsafe)) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL;
-
-	if(!PKCS12_pack_authsafes (p12, safes)) return NULL;
-
-	sk_PKCS7_pop_free(safes, PKCS7_free);
-
-	if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL))
-	    return NULL;
-
-	return p12;
-
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_decr.c b/crypto/openssl/crypto/pkcs12/p12_decr.c
deleted file mode 100644
index b5684a83ba34..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/* p12_decr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Define this to dump decrypted output to files called DERnnn */
-/*#define DEBUG_DECRYPT*/
-
-
-/* Encrypt/Decrypt a buffer based on password and algor, result in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-	     int passlen, unsigned char *in, int inlen, unsigned char **data,
-	     int *datalen, int en_de)
-{
-	unsigned char *out;
-	int outlen, i;
-	EVP_CIPHER_CTX ctx;
-
-	EVP_CIPHER_CTX_init(&ctx);
-	/* Decrypt data */
-        if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
-					 algor->parameter, &ctx, en_de)) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
-		return NULL;
-	}
-
-	if(!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	EVP_CipherUpdate(&ctx, out, &i, in, inlen);
-	outlen = i;
-	if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
-		OPENSSL_free(out);
-		out = NULL;
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
-		goto err;
-	}
-	outlen += i;
-	if (datalen) *datalen = outlen;
-	if (data) *data = out;
-	err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return out;
-
-}
-
-/* Decrypt an OCTET STRING and decode ASN1 structure 
- * if zbuf set zero buffer after use.
- */
-
-void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-	     const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf)
-{
-	unsigned char *out, *p;
-	void *ret;
-	int outlen;
-
-	if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
-			       &out, &outlen, 0)) {
-		PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
-		return NULL;
-	}
-	p = out;
-#ifdef DEBUG_DECRYPT
-	{
-		FILE *op;
-
-		char fname[30];
-		static int fnm = 1;
-		sprintf(fname, "DER%d", fnm++);
-		op = fopen(fname, "wb");
-		fwrite (p, 1, outlen, op);
-		fclose(op);
-	}
-#endif
-	ret = ASN1_item_d2i(NULL, &p, outlen, it);
-	if (zbuf) OPENSSL_cleanse(out, outlen);
-	if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
-	OPENSSL_free(out);
-	return ret;
-}
-
-/* Encode ASN1 structure and encrypt, return OCTET STRING 
- * if zbuf set zero encoding.
- */
-
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it,
-				       const char *pass, int passlen,
-				       void *obj, int zbuf)
-{
-	ASN1_OCTET_STRING *oct;
-	unsigned char *in = NULL;
-	int inlen;
-	if (!(oct = M_ASN1_OCTET_STRING_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	inlen = ASN1_item_i2d(obj, &in, it);
-	if (!in) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
-		return NULL;
-	}
-	if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
-				 &oct->length, 1)) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
-		OPENSSL_free(in);
-		return NULL;
-	}
-	if (zbuf) OPENSSL_cleanse(in, inlen);
-	OPENSSL_free(in);
-	return oct;
-}
-
-IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/crypto/openssl/crypto/pkcs12/p12_init.c b/crypto/openssl/crypto/pkcs12/p12_init.c
deleted file mode 100644
index eb837a78cf7d..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_init.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* p12_init.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Initialise a PKCS12 structure to take data */
-
-PKCS12 *PKCS12_init (int mode)
-{
-	PKCS12 *pkcs12;
-	if (!(pkcs12 = PKCS12_new())) {
-		PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ASN1_INTEGER_set(pkcs12->version, 3);
-	pkcs12->authsafes->type = OBJ_nid2obj(mode);
-	switch (mode) {
-		case NID_pkcs7_data:
-			if (!(pkcs12->authsafes->d.data =
-				 M_ASN1_OCTET_STRING_new())) {
-			PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		break;
-		default:
-			PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE);
-			PKCS12_free(pkcs12);
-			return NULL;
-		break;
-	}
-		
-	return pkcs12;
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_key.c b/crypto/openssl/crypto/pkcs12/p12_key.c
deleted file mode 100644
index 9196a34b4a90..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_key.c
+++ /dev/null
@@ -1,206 +0,0 @@
-/* p12_key.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-
-/* Uncomment out this line to get debugging info about key generation */
-/*#define DEBUG_KEYGEN*/
-#ifdef DEBUG_KEYGEN
-#include <openssl/bio.h>
-extern BIO *bio_err;
-void h__dump (unsigned char *p, int len);
-#endif
-
-/* PKCS12 compatible key/IV generation */
-#ifndef min
-#define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
-
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-	     int saltlen, int id, int iter, int n, unsigned char *out,
-	     const EVP_MD *md_type)
-{
-	int ret;
-	unsigned char *unipass;
-	int uniplen;
-	if(!pass) {
-		unipass = NULL;
-		uniplen = 0;
-	} else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
-		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
-						 id, iter, n, out, md_type);
-	if(unipass) {
-		OPENSSL_cleanse(unipass, uniplen);	/* Clear password from memory */
-		OPENSSL_free(unipass);
-	}
-	return ret;
-}
-
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
-	     int saltlen, int id, int iter, int n, unsigned char *out,
-	     const EVP_MD *md_type)
-{
-	unsigned char *B, *D, *I, *p, *Ai;
-	int Slen, Plen, Ilen, Ijlen;
-	int i, j, u, v;
-	BIGNUM *Ij, *Bpl1;	/* These hold Ij and B + 1 */
-	EVP_MD_CTX ctx;
-#ifdef  DEBUG_KEYGEN
-	unsigned char *tmpout = out;
-	int tmpn = n;
-#endif
-
-#if 0
-	if (!pass) {
-		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-#endif
-
-	EVP_MD_CTX_init(&ctx);
-#ifdef  DEBUG_KEYGEN
-	fprintf(stderr, "KEYGEN DEBUG\n");
-	fprintf(stderr, "ID %d, ITER %d\n", id, iter);
-	fprintf(stderr, "Password (length %d):\n", passlen);
-	h__dump(pass, passlen);
-	fprintf(stderr, "Salt (length %d):\n", saltlen);
-	h__dump(salt, saltlen);
-#endif
-	v = EVP_MD_block_size (md_type);
-	u = EVP_MD_size (md_type);
-	D = OPENSSL_malloc (v);
-	Ai = OPENSSL_malloc (u);
-	B = OPENSSL_malloc (v + 1);
-	Slen = v * ((saltlen+v-1)/v);
-	if(passlen) Plen = v * ((passlen+v-1)/v);
-	else Plen = 0;
-	Ilen = Slen + Plen;
-	I = OPENSSL_malloc (Ilen);
-	Ij = BN_new();
-	Bpl1 = BN_new();
-	if (!D || !Ai || !B || !I || !Ij || !Bpl1) {
-		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	for (i = 0; i < v; i++) D[i] = id;
-	p = I;
-	for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
-	for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
-	for (;;) {
-		EVP_DigestInit_ex(&ctx, md_type, NULL);
-		EVP_DigestUpdate(&ctx, D, v);
-		EVP_DigestUpdate(&ctx, I, Ilen);
-		EVP_DigestFinal_ex(&ctx, Ai, NULL);
-		for (j = 1; j < iter; j++) {
-			EVP_DigestInit_ex(&ctx, md_type, NULL);
-			EVP_DigestUpdate(&ctx, Ai, u);
-			EVP_DigestFinal_ex(&ctx, Ai, NULL);
-		}
-		memcpy (out, Ai, min (n, u));
-		if (u >= n) {
-			OPENSSL_free (Ai);
-			OPENSSL_free (B);
-			OPENSSL_free (D);
-			OPENSSL_free (I);
-			BN_free (Ij);
-			BN_free (Bpl1);
-			EVP_MD_CTX_cleanup(&ctx);
-#ifdef DEBUG_KEYGEN
-			fprintf(stderr, "Output KEY (length %d)\n", tmpn);
-			h__dump(tmpout, tmpn);
-#endif
-			return 1;	
-		}
-		n -= u;
-		out += u;
-		for (j = 0; j < v; j++) B[j] = Ai[j % u];
-		/* Work out B + 1 first then can use B as tmp space */
-		BN_bin2bn (B, v, Bpl1);
-		BN_add_word (Bpl1, 1);
-		for (j = 0; j < Ilen ; j+=v) {
-			BN_bin2bn (I + j, v, Ij);
-			BN_add (Ij, Ij, Bpl1);
-			BN_bn2bin (Ij, B);
-			Ijlen = BN_num_bytes (Ij);
-			/* If more than 2^(v*8) - 1 cut off MSB */
-			if (Ijlen > v) {
-				BN_bn2bin (Ij, B);
-				memcpy (I + j, B + 1, v);
-#ifndef PKCS12_BROKEN_KEYGEN
-			/* If less than v bytes pad with zeroes */
-			} else if (Ijlen < v) {
-				memset(I + j, 0, v - Ijlen);
-				BN_bn2bin(Ij, I + j + v - Ijlen); 
-#endif
-			} else BN_bn2bin (Ij, I + j);
-		}
-	}
-}
-#ifdef DEBUG_KEYGEN
-void h__dump (unsigned char *p, int len)
-{
-	for (; len --; p++) fprintf(stderr, "%02X", *p);
-	fprintf(stderr, "\n");	
-}
-#endif
diff --git a/crypto/openssl/crypto/pkcs12/p12_kiss.c b/crypto/openssl/crypto/pkcs12/p12_kiss.c
deleted file mode 100644
index 885087ad00fd..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_kiss.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* p12_kiss.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Simplified PKCS#12 routines */
-
-static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
-		EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
-
-static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-		       int passlen, EVP_PKEY **pkey, X509 **cert,
-		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
-		       char *keymatch);
-
-static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-			EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
-			ASN1_OCTET_STRING **keyid, char *keymatch);
-
-/* Parse and decrypt a PKCS#12 structure returning user key, user cert
- * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
- * or it should point to a valid STACK structure. pkey and cert can be
- * passed unitialised.
- */
-
-int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-	     STACK_OF(X509) **ca)
-{
-
-	/* Check for NULL PKCS12 structure */
-
-	if(!p12) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-		return 0;
-	}
-
-	/* Allocate stack for ca certificates if needed */
-	if ((ca != NULL) && (*ca == NULL)) {
-		if (!(*ca = sk_X509_new_null())) {
-			PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-
-	if(pkey) *pkey = NULL;
-	if(cert) *cert = NULL;
-
-	/* Check the mac */
-
-	/* If password is zero length or NULL then try verifying both cases
-	 * to determine which password is correct. The reason for this is that
-	 * under PKCS#12 password based encryption no password and a zero length
-	 * password are two different things...
-	 */
-
-	if(!pass || !*pass) {
-		if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
-		else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
-		else {
-			PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
-			goto err;
-		}
-	} else if (!PKCS12_verify_mac(p12, pass, -1)) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
-		goto err;
-	}
-
-	if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
-		{
-		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
-		goto err;
-		}
-
-	return 1;
-
- err:
-
-	if (pkey && *pkey) EVP_PKEY_free(*pkey);
-	if (cert && *cert) X509_free(*cert);
-	if (ca) sk_X509_pop_free(*ca, X509_free);
-	return 0;
-
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
-	     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-{
-	STACK_OF(PKCS7) *asafes;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid;
-	PKCS7 *p7;
-	ASN1_OCTET_STRING *keyid = NULL;
-
-	char keymatch = 0;
-	if (!(asafes = PKCS12_unpack_authsafes (p12))) return 0;
-	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
-		p7 = sk_PKCS7_value (asafes, i);
-		bagnid = OBJ_obj2nid (p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
-		} else continue;
-		if (!bags) {
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-	    	if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
-							 &keyid, &keymatch)) {
-			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	}
-	sk_PKCS7_pop_free(asafes, PKCS7_free);
-	if (keyid) M_ASN1_OCTET_STRING_free(keyid);
-	return 1;
-}
-
-
-static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-		       int passlen, EVP_PKEY **pkey, X509 **cert,
-		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
-		       char *keymatch)
-{
-	int i;
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-		if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
-			 pass, passlen, pkey, cert, ca, keyid,
-							 keymatch)) return 0;
-	}
-	return 1;
-}
-
-#define MATCH_KEY  0x1
-#define MATCH_CERT 0x2
-#define MATCH_ALL  0x3
-
-static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-		      EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
-		      ASN1_OCTET_STRING **keyid,
-	     char *keymatch)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509 *x509;
-	ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
-	ASN1_TYPE *attrib;
-	ASN1_BMPSTRING *fname = NULL;
-
-	if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
-		fname = attrib->value.bmpstring;
-
-	if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
-		lkey = attrib->value.octet_string;
-		ckid = lkey;
-	}
-
-	/* Check for any local key id matching (if needed) */
-	if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
-		if (*keyid) {
-			if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
-		} else {
-			if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
-				PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE);
-				return 0;
-		    }
-		}
-	}
-	
-	switch (M_PKCS12_bag_type(bag))
-	{
-	case NID_keyBag:
-		if (!lkey || !pkey) return 1;	
-		if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
-		*keymatch |= MATCH_KEY;
-	break;
-
-	case NID_pkcs8ShroudedKeyBag:
-		if (!lkey || !pkey) return 1;	
-		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
-				return 0;
-		*pkey = EVP_PKCS82PKEY(p8);
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		if (!(*pkey)) return 0;
-		*keymatch |= MATCH_KEY;
-	break;
-
-	case NID_certBag:
-		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-								 return 1;
-		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
-		if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
-		if(fname) {
-			int len;
-			unsigned char *data;
-			len = ASN1_STRING_to_UTF8(&data, fname);
-			if(len > 0) {
-				X509_alias_set1(x509, data, len);
-				OPENSSL_free(data);
-			}
-		}
-
-
-		if (lkey) {
-			*keymatch |= MATCH_CERT;
-			if (cert) *cert = x509;
-			else X509_free(x509);
-		} else {
-			if(ca) sk_X509_push (*ca, x509);
-			else X509_free(x509);
-		}
-	break;
-
-	case NID_safeContentsBag:
-		return parse_bags(bag->value.safes, pass, passlen,
-			 		pkey, cert, ca, keyid, keymatch);
-	break;
-
-	default:
-		return 1;
-	break;
-	}
-	return 1;
-}
-
diff --git a/crypto/openssl/crypto/pkcs12/p12_lib.c b/crypto/openssl/crypto/pkcs12/p12_lib.c
deleted file mode 100644
index 7d464e3a32b1..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_lib.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* p12_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs12.h>
-
-int i2d_PKCS12(PKCS12 *a, unsigned char **pp)
-{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len (a->authsafes, i2d_PKCS7);
-	M_ASN1_I2D_len (a->mac, i2d_PKCS12_MAC_DATA);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put (a->authsafes, i2d_PKCS7);
-	M_ASN1_I2D_put (a->mac, i2d_PKCS12_MAC_DATA);
-
-	M_ASN1_I2D_finish();
-}
-
-PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length)
-{
-	M_ASN1_D2I_vars(a,PKCS12 *,PKCS12_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
-	M_ASN1_D2I_get (ret->authsafes, d2i_PKCS7);
-	M_ASN1_D2I_get_opt (ret->mac, d2i_PKCS12_MAC_DATA, V_ASN1_SEQUENCE);
-	M_ASN1_D2I_Finish(a, PKCS12_free, ASN1_F_D2I_PKCS12);
-}
-
-PKCS12 *PKCS12_new(void)
-{
-	PKCS12 *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, PKCS12);
-	ret->version=NULL;
-	ret->mac=NULL;
-	ret->authsafes=NULL;
-	return (ret);
-	M_ASN1_New_Error(ASN1_F_PKCS12_NEW);
-}
-
-void PKCS12_free (PKCS12 *a)
-{
-	if (a == NULL) return;
-	M_ASN1_INTEGER_free(a->version);
-	PKCS12_MAC_DATA_free (a->mac);
-	PKCS7_free (a->authsafes);
-	OPENSSL_free (a);
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_mac.c b/crypto/openssl/crypto/pkcs12/p12_mac.c
deleted file mode 100644
index fbd1eca24ff7..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_mac.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* p12_mac.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs12.h>
-
-int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp)
-{
-	M_ASN1_I2D_vars(a);
-	M_ASN1_I2D_len (a->dinfo, i2d_X509_SIG);
-	M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put (a->dinfo, i2d_X509_SIG);
-	M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
-	M_ASN1_I2D_finish();
-}
-
-PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void)
-{
-	PKCS12_MAC_DATA *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, PKCS12_MAC_DATA);
-	ret->dinfo = X509_SIG_new();
-	ret->salt = M_ASN1_OCTET_STRING_new();
-	ret->iter = NULL;
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_PKCS12_MAC_DATA_NEW);
-}
-
-PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp,
-	     long length)
-{
-	M_ASN1_D2I_vars(a,PKCS12_MAC_DATA *,PKCS12_MAC_DATA_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->dinfo, d2i_X509_SIG);
-	M_ASN1_D2I_get(ret->salt, d2i_ASN1_OCTET_STRING);
-	M_ASN1_D2I_get_opt(ret->iter, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
-	M_ASN1_D2I_Finish(a, PKCS12_MAC_DATA_free, ASN1_F_D2I_PKCS12_MAC_DATA);
-}
-
-void PKCS12_MAC_DATA_free (PKCS12_MAC_DATA *a)
-{
-	if (a == NULL) return;
-	X509_SIG_free (a->dinfo);
-	M_ASN1_OCTET_STRING_free(a->salt);
-	M_ASN1_INTEGER_free(a->iter);
-	OPENSSL_free (a);
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c
deleted file mode 100644
index 0fb67f74b8b2..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* p12_mutl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_HMAC
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/hmac.h>
-#include <openssl/rand.h>
-#include <openssl/pkcs12.h>
-
-/* Generate a MAC */
-int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
-		    unsigned char *mac, unsigned int *maclen)
-{
-	const EVP_MD *md_type;
-	HMAC_CTX hmac;
-	unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
-	int saltlen, iter;
-
-	salt = p12->mac->salt->data;
-	saltlen = p12->mac->salt->length;
-	if (!p12->mac->iter) iter = 1;
-	else iter = ASN1_INTEGER_get (p12->mac->iter);
-    	if(!(md_type =
-		 EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) {
-		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
-		return 0;
-	}
-	if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
-				 PKCS12_MAC_KEY_LENGTH, key, md_type)) {
-		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
-		return 0;
-	}
-	HMAC_CTX_init(&hmac);
-	HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);
-    	HMAC_Update(&hmac, p12->authsafes->d.data->data,
-					 p12->authsafes->d.data->length);
-    	HMAC_Final(&hmac, mac, maclen);
-    	HMAC_CTX_cleanup(&hmac);
-	return 1;
-}
-
-/* Verify the mac */
-int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
-{
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-	if(p12->mac == NULL) {
-		PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT);
-		return 0;
-	}
-	if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
-		PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR);
-		return 0;
-	}
-	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
-	|| memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0;
-	return 1;
-}
-
-/* Set a mac */
-
-int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen,
-	     unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type)
-{
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-
-	if (!md_type) md_type = EVP_sha1();
-	if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) ==
-				 	PKCS12_ERROR) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_SETUP_ERROR);
-		return 0;
-	}
-	if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_GENERATION_ERROR);
-		return 0;
-	}
-	if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR);
-						return 0;
-	}
-	return 1;
-}
-
-/* Set up a mac structure */
-int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
-	     const EVP_MD *md_type)
-{
-	if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR;
-	if (iter > 1) {
-		if(!(p12->mac->iter = M_ASN1_INTEGER_new())) {
-			PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		ASN1_INTEGER_set(p12->mac->iter, iter);
-	}
-	if (!saltlen) saltlen = PKCS12_SALT_LEN;
-	p12->mac->salt->length = saltlen;
-	if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) {
-		PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!salt) {
-		if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0)
-			return 0;
-	}
-	else memcpy (p12->mac->salt->data, salt, saltlen);
-	p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
-	if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
-		PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-	
-	return 1;
-}
-#endif
diff --git a/crypto/openssl/crypto/pkcs12/p12_npas.c b/crypto/openssl/crypto/pkcs12/p12_npas.c
deleted file mode 100644
index a549433eebb9..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_npas.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* p12_npas.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 password change routine */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
-			char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
-
-/* 
- * Change the password on a PKCS#12 structure.
- */
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
-{
-
-/* Check for NULL PKCS12 structure */
-
-if(!p12) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-	return 0;
-}
-
-/* Check the mac */
-
-if (!PKCS12_verify_mac(p12, oldpass, -1)) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE);
-	return 0;
-}
-
-if (!newpass_p12(p12, oldpass, newpass)) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR);
-	return 0;
-}
-
-return 1;
-
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
-{
-	STACK_OF(PKCS7) *asafes, *newsafes;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen;
-	PKCS7 *p7, *p7new;
-	ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-
-	if (!(asafes = PKCS12_unpack_authsafes(p12))) return 0;
-	if(!(newsafes = sk_PKCS7_new_null())) return 0;
-	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
-		p7 = sk_PKCS7_value(asafes, i);
-		bagnid = OBJ_obj2nid(p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
-			alg_get(p7->d.encrypted->enc_data->algorithm,
-				&pbe_nid, &pbe_iter, &pbe_saltlen);
-		} else continue;
-		if (!bags) {
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-	    	if (!newpass_bags(bags, oldpass, newpass)) {
-			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-		/* Repack bag in same form with new password */
-		if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags);
-		else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
-						 pbe_saltlen, pbe_iter, bags);
-		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-		if(!p7new) {
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-		sk_PKCS7_push(newsafes, p7new);
-	}
-	sk_PKCS7_pop_free(asafes, PKCS7_free);
-
-	/* Repack safe: save old safe in case of error */
-
-	p12_data_tmp = p12->authsafes->d.data;
-	if(!(p12->authsafes->d.data = ASN1_OCTET_STRING_new())) goto saferr;
-	if(!PKCS12_pack_authsafes(p12, newsafes)) goto saferr;
-
-	if(!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen)) goto saferr;
-	if(!(macnew = ASN1_OCTET_STRING_new())) goto saferr;
-	if(!ASN1_OCTET_STRING_set(macnew, mac, maclen)) goto saferr;
-	ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
-	p12->mac->dinfo->digest = macnew;
-	ASN1_OCTET_STRING_free(p12_data_tmp);
-
-	return 1;
-
-	saferr:
-	/* Restore old safe */
-	ASN1_OCTET_STRING_free(p12->authsafes->d.data);
-	ASN1_OCTET_STRING_free(macnew);
-	p12->authsafes->d.data = p12_data_tmp;
-	return 0;
-
-}
-
-
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
-			char *newpass)
-{
-	int i;
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-		if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i),
-				 oldpass, newpass))
-		    return 0;
-	}
-	return 1;
-}
-
-/* Change password of safebag: only needs handle shrouded keybags */
-
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509_SIG *p8new;
-	int p8_nid, p8_saltlen, p8_iter;
-
-	if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1;
-
-	if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1))) return 0;
-	alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen);
-	if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
-						     p8_iter, p8))) return 0;
-	X509_SIG_free(bag->value.shkeybag);
-	bag->value.shkeybag = p8new;
-	return 1;
-}
-
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
-{
-        PBEPARAM *pbe;
-        unsigned char *p;
-        p = alg->parameter->value.sequence->data;
-        pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
-        *pnid = OBJ_obj2nid(alg->algorithm);
-	*piter = ASN1_INTEGER_get(pbe->iter);
-	*psaltlen = pbe->salt->length;
-        PBEPARAM_free(pbe);
-        return 0;
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_p8d.c b/crypto/openssl/crypto/pkcs12/p12_p8d.c
deleted file mode 100644
index 3c6f377933c4..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_p8d.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* p12_p8d.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen)
-{
-	return PKCS12_item_decrypt_d2i(p8->algor, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass,
-					passlen, p8->digest, 1);
-}
-
diff --git a/crypto/openssl/crypto/pkcs12/p12_p8e.c b/crypto/openssl/crypto/pkcs12/p12_p8e.c
deleted file mode 100644
index 3d47956652a8..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_p8e.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* p12_p8e.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
-			 const char *pass, int passlen,
-			 unsigned char *salt, int saltlen, int iter,
-						PKCS8_PRIV_KEY_INFO *p8inf)
-{
-	X509_SIG *p8 = NULL;
-	X509_ALGOR *pbe;
-
-	if (!(p8 = X509_SIG_new())) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
-	else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
-	if(!pbe) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	X509_ALGOR_free(p8->algor);
-	p8->algor = pbe;
-	M_ASN1_OCTET_STRING_free(p8->digest);
-	p8->digest = PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
-					pass, passlen, p8inf, 1);
-	if(!p8->digest) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
-		goto err;
-	}
-
-	return p8;
-
-	err:
-	X509_SIG_free(p8);
-	return NULL;
-}
diff --git a/crypto/openssl/crypto/pkcs12/p12_sbag.c b/crypto/openssl/crypto/pkcs12/p12_sbag.c
deleted file mode 100644
index 64ac32ee6fdb..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_sbag.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/* p12_sbag.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs12.h>
-
-int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp)
-{
-	int bagnid, v = 0;
-	M_ASN1_I2D_vars(a);
-	bagnid = OBJ_obj2nid (a->type);
-	M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
-	
-	switch (bagnid) {
-
-		case NID_keyBag:
-			M_ASN1_I2D_len_EXP_opt (a->value.keybag,
-						 i2d_PKCS8_PRIV_KEY_INFO, 0, v);
-		break;
-
-		case NID_pkcs8ShroudedKeyBag:
-			M_ASN1_I2D_len_EXP_opt (a->value.shkeybag,
-						 i2d_X509_SIG, 0, v);
-		break;
-
-		case NID_safeContentsBag:
-			M_ASN1_I2D_len_EXP_SEQUENCE_opt_type
-			  (PKCS12_SAFEBAG, a->value.safes, i2d_PKCS12_SAFEBAG,
-			   0, V_ASN1_SEQUENCE, v);
-		break;
-
-		case NID_certBag:
-		case NID_crlBag:
-		case NID_secretBag:
-			M_ASN1_I2D_len_EXP_opt (a->value.bag,
-						 i2d_PKCS12_BAGS, 0, v);
-		break;
-
-		default:
-			M_ASN1_I2D_len_EXP_opt (a->value.other,
-						 i2d_ASN1_TYPE, 0, v);
-		break;
-	}
-
-	M_ASN1_I2D_len_SET_type (X509_ATTRIBUTE,a->attrib, i2d_X509_ATTRIBUTE);
-
-	M_ASN1_I2D_seq_total ();
-	
-	M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
-
-	switch (bagnid) {
-
-		case NID_keyBag:
-			M_ASN1_I2D_put_EXP_opt (a->value.keybag,
-						 i2d_PKCS8_PRIV_KEY_INFO, 0, v);
-		break;
-
-		case NID_pkcs8ShroudedKeyBag:
-			M_ASN1_I2D_put_EXP_opt (a->value.shkeybag,
-						 i2d_X509_SIG, 0, v);
-		break;
-
-		case NID_safeContentsBag:
-			M_ASN1_I2D_put_EXP_SEQUENCE_opt_type
-			  (PKCS12_SAFEBAG, a->value.safes, i2d_PKCS12_SAFEBAG,
-			   0, V_ASN1_SEQUENCE, v);
-		break;
-
-		case NID_certBag:
-		case NID_crlBag:
-		case NID_secretBag:
-			M_ASN1_I2D_put_EXP_opt (a->value.bag,
-						 i2d_PKCS12_BAGS, 0, v);
-		break;
-
-		default:
-			M_ASN1_I2D_put_EXP_opt (a->value.other,
-						 i2d_ASN1_TYPE, 0, v);
-		break;
-	}
-
-	M_ASN1_I2D_put_SET_type (X509_ATTRIBUTE, a->attrib, i2d_X509_ATTRIBUTE);
-
-	M_ASN1_I2D_finish();
-}
-
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void)
-{
-	PKCS12_SAFEBAG *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, PKCS12_SAFEBAG);
-	ret->type=NULL;
-	ret->value.other=NULL;
-	M_ASN1_New(ret->attrib, sk_X509_ATTRIBUTE_new_null);
-	ret->rest=NULL;
-	return (ret);
-	M_ASN1_New_Error(ASN1_F_PKCS12_SAFEBAG_NEW);
-}
-
-PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
-	     long length)
-{
-	int bagnid;
-	M_ASN1_D2I_vars(a,PKCS12_SAFEBAG *,PKCS12_SAFEBAG_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
-	bagnid = OBJ_obj2nid (ret->type);
-
-	switch (bagnid) {
-
-		case NID_keyBag:
-			M_ASN1_D2I_get_EXP_opt (ret->value.keybag,
-						 d2i_PKCS8_PRIV_KEY_INFO, 0);
-		break;
-
-		case NID_pkcs8ShroudedKeyBag:
-			M_ASN1_D2I_get_EXP_opt (ret->value.shkeybag,
-						 	d2i_X509_SIG, 0);
-		break;
-
-		case NID_safeContentsBag:
-			M_ASN1_D2I_get_EXP_set_opt_type
-			  (PKCS12_SAFEBAG, ret->value.safes,
-			   d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, 0,
-			   V_ASN1_SEQUENCE);
-		break;
-
-		case NID_certBag:
-		case NID_crlBag:
-		case NID_secretBag:
-			M_ASN1_D2I_get_EXP_opt (ret->value.bag,
-							 d2i_PKCS12_BAGS, 0);
-		break;
-
-		default:
-			M_ASN1_D2I_get_EXP_opt (ret->value.other,
-							 d2i_ASN1_TYPE, 0);
-		break;
-	}
-	M_ASN1_D2I_get_set_opt_type(X509_ATTRIBUTE,ret->attrib,
-				    d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free);
-	M_ASN1_D2I_Finish(a, PKCS12_SAFEBAG_free, ASN1_F_D2I_PKCS12_SAFEBAG);
-}
-
-void PKCS12_SAFEBAG_free (PKCS12_SAFEBAG *a)
-{
-	if (a == NULL) return;
-	switch (OBJ_obj2nid(a->type)) {
-
-		case NID_keyBag:
-			PKCS8_PRIV_KEY_INFO_free (a->value.keybag);
-		break;
-
-		case NID_pkcs8ShroudedKeyBag:
-			X509_SIG_free (a->value.shkeybag);
-		break;
-
-		case NID_certBag:
-		case NID_crlBag:
-		case NID_secretBag:
-			PKCS12_BAGS_free (a->value.bag);
-		break;
-
-		default:
-			ASN1_TYPE_free (a->value.other);
-		break;
-	}
-
-	ASN1_OBJECT_free (a->type);
-	sk_X509_ATTRIBUTE_pop_free (a->attrib, X509_ATTRIBUTE_free);
-	OPENSSL_free (a);
-}
-
-IMPLEMENT_STACK_OF(PKCS12_SAFEBAG)
-IMPLEMENT_ASN1_SET_OF(PKCS12_SAFEBAG)
-IMPLEMENT_PKCS12_STACK_OF(PKCS12_SAFEBAG)
diff --git a/crypto/openssl/crypto/pkcs12/p12_utl.c b/crypto/openssl/crypto/pkcs12/p12_utl.c
deleted file mode 100644
index 243ec76be95c..000000000000
--- a/crypto/openssl/crypto/pkcs12/p12_utl.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/* p12_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Cheap and nasty Unicode stuff */
-
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
-{
-	int ulen, i;
-	unsigned char *unitmp;
-	if (asclen == -1) asclen = strlen(asc);
-	ulen = asclen*2  + 2;
-	if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
-	for (i = 0; i < ulen - 2; i+=2) {
-		unitmp[i] = 0;
-		unitmp[i + 1] = asc[i>>1];
-	}
-	/* Make result double null terminated */
-	unitmp[ulen - 2] = 0;
-	unitmp[ulen - 1] = 0;
-	if (unilen) *unilen = ulen;
-	if (uni) *uni = unitmp;
-	return unitmp;
-}
-
-char *uni2asc(unsigned char *uni, int unilen)
-{
-	int asclen, i;
-	char *asctmp;
-	asclen = unilen / 2;
-	/* If no terminating zero allow for one */
-	if (!unilen || uni[unilen - 1]) asclen++;
-	uni++;
-	if (!(asctmp = OPENSSL_malloc(asclen))) return NULL;
-	for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];
-	asctmp[asclen - 1] = 0;
-	return asctmp;
-}
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-#ifndef OPENSSL_NO_FP_API
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
-{
-        return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509)
-{
-	return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
-			NID_x509Certificate, NID_certBag);
-}
-
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl)
-{
-	return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
-			NID_x509Crl, NID_crlBag);
-}
-
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
-{
-	if(M_PKCS12_bag_type(bag) != NID_certBag) return NULL;
-	if(M_PKCS12_cert_bag_type(bag) != NID_x509Certificate) return NULL;
-	return ASN1_item_unpack(bag->value.bag->value.octet, ASN1_ITEM_rptr(X509));
-}
-
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
-{
-	if(M_PKCS12_bag_type(bag) != NID_crlBag) return NULL;
-	if(M_PKCS12_cert_bag_type(bag) != NID_x509Crl) return NULL;
-	return ASN1_item_unpack(bag->value.bag->value.octet,
-							ASN1_ITEM_rptr(X509_CRL));
-}
diff --git a/crypto/openssl/crypto/pkcs12/pk12err.c b/crypto/openssl/crypto/pkcs12/pk12err.c
deleted file mode 100644
index 10ab80502c1b..000000000000
--- a/crypto/openssl/crypto/pkcs12/pk12err.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/pkcs12/pk12err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA PKCS12_str_functs[]=
-	{
-{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0),	"PARSE_BAGS"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0),	"PKCS12_ADD_FRIENDLYNAME"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0),	"PKCS12_add_friendlyname_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0),	"PKCS12_add_friendlyname_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0),	"PKCS12_add_localkeyid"},
-{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0),	"PKCS12_create"},
-{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0),	"PKCS12_decrypt_d2i"},
-{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0),	"PKCS12_gen_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0),	"PKCS12_i2d_encrypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0),	"PKCS12_init"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0),	"PKCS12_key_gen_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0),	"PKCS12_key_gen_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0),	"PKCS12_MAKE_KEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0),	"PKCS12_MAKE_SHKEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0),	"PKCS12_newpass"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0),	"PKCS12_pack_p7data"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0),	"PKCS12_pack_p7encdata"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0),	"PKCS12_pack_safebag"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0),	"PKCS12_parse"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0),	"PKCS12_pbe_crypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0),	"PKCS12_PBE_keyivgen"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0),	"PKCS12_setup_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0),	"PKCS12_set_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0),	"PKCS8_add_keyusage"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0),	"PKCS8_encrypt"},
-{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0),	"VERIFY_MAC"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA PKCS12_str_reasons[]=
-	{
-{PKCS12_R_CANT_PACK_STRUCTURE            ,"cant pack structure"},
-{PKCS12_R_DECODE_ERROR                   ,"decode error"},
-{PKCS12_R_ENCODE_ERROR                   ,"encode error"},
-{PKCS12_R_ENCRYPT_ERROR                  ,"encrypt error"},
-{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
-{PKCS12_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
-{PKCS12_R_INVALID_NULL_PKCS12_POINTER    ,"invalid null pkcs12 pointer"},
-{PKCS12_R_IV_GEN_ERROR                   ,"iv gen error"},
-{PKCS12_R_KEY_GEN_ERROR                  ,"key gen error"},
-{PKCS12_R_MAC_ABSENT                     ,"mac absent"},
-{PKCS12_R_MAC_GENERATION_ERROR           ,"mac generation error"},
-{PKCS12_R_MAC_SETUP_ERROR                ,"mac setup error"},
-{PKCS12_R_MAC_STRING_SET_ERROR           ,"mac string set error"},
-{PKCS12_R_MAC_VERIFY_ERROR               ,"mac verify error"},
-{PKCS12_R_MAC_VERIFY_FAILURE             ,"mac verify failure"},
-{PKCS12_R_PARSE_ERROR                    ,"parse error"},
-{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR  ,"pkcs12 algor cipherinit error"},
-{PKCS12_R_PKCS12_CIPHERFINAL_ERROR       ,"pkcs12 cipherfinal error"},
-{PKCS12_R_PKCS12_PBE_CRYPT_ERROR         ,"pkcs12 pbe crypt error"},
-{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM       ,"unknown digest algorithm"},
-{PKCS12_R_UNSUPPORTED_PKCS12_MODE        ,"unsupported pkcs12 mode"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_PKCS12_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs);
-		ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/pkcs12/pkcs12.h b/crypto/openssl/crypto/pkcs12/pkcs12.h
deleted file mode 100644
index dd338f266cc4..000000000000
--- a/crypto/openssl/crypto/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,320 +0,0 @@
-/* pkcs12.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-#define HEADER_PKCS12_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define PKCS12_KEY_ID	1
-#define PKCS12_IV_ID	2
-#define PKCS12_MAC_ID	3
-
-/* Default iteration count */
-#ifndef PKCS12_DEFAULT_ITER
-#define PKCS12_DEFAULT_ITER	PKCS5_DEFAULT_ITER
-#endif
-
-#define PKCS12_MAC_KEY_LENGTH 20
-
-#define PKCS12_SALT_LEN	8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*#define PBE_UNICODE*/
-
-#ifdef PBE_UNICODE
-#define PKCS12_key_gen PKCS12_key_gen_uni
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-#else
-#define PKCS12_key_gen PKCS12_key_gen_asc
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-#endif
-
-/* MS key usage constants */
-
-#define KEY_EX	0x10
-#define KEY_SIG 0x80
-
-typedef struct {
-X509_SIG *dinfo;
-ASN1_OCTET_STRING *salt;
-ASN1_INTEGER *iter;	/* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
-ASN1_INTEGER *version;
-PKCS12_MAC_DATA *mac;
-PKCS7 *authsafes;
-} PKCS12;
-
-PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct {
-ASN1_OBJECT *type;
-union {
-	struct pkcs12_bag_st *bag; /* secret, crl and certbag */
-	struct pkcs8_priv_key_info_st	*keybag; /* keybag */
-	X509_SIG *shkeybag; /* shrouded key bag */
-	STACK_OF(PKCS12_SAFEBAG) *safes;
-	ASN1_TYPE *other;
-}value;
-STACK_OF(X509_ATTRIBUTE) *attrib;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
-DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
-ASN1_OBJECT *type;
-union {
-	ASN1_OCTET_STRING *x509cert;
-	ASN1_OCTET_STRING *x509crl;
-	ASN1_OCTET_STRING *octet;
-	ASN1_IA5STRING *sdsicert;
-	ASN1_TYPE *other; /* Secret or other bag */
-}value;
-} PKCS12_BAGS;
-
-#define PKCS12_ERROR	0
-#define PKCS12_OK	1
-
-/* Compatibility macros */
-
-#define M_PKCS12_x5092certbag PKCS12_x5092certbag
-#define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
-
-#define M_PKCS12_certbag2x509 PKCS12_certbag2x509
-#define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl 
-
-#define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
-#define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
-#define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
-#define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
-
-#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
-#define M_PKCS8_decrypt PKCS8_decrypt
-
-#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
-#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
-#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-#define PKCS12_get_attr(bag, attr_nid) \
-			 PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-#define PKCS8_get_attr(p8, attr_nid) \
-		PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1,
-	     int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen);
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass,
-								int passlen);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, 
-			const char *pass, int passlen,
-			unsigned char *salt, int saltlen, int iter,
-			PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-				     int passlen, unsigned char *salt,
-				     int saltlen, int iter,
-				     PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-			     unsigned char *salt, int saltlen, int iter,
-			     STACK_OF(PKCS12_SAFEBAG) *bags);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen);
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
-				int namelen);
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
-				int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
-				int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-				int passlen, unsigned char *in, int inlen,
-				unsigned char **data, int *datalen, int en_de);
-void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-	     const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf);
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it,
-				       const char *pass, int passlen,
-				       void *obj, int zbuf);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-		       int saltlen, int id, int iter, int n,
-		       unsigned char *out, const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-			 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type,
-			 int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-			 unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
-		   unsigned char *salt, int saltlen, int iter,
-		   const EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
-					 int saltlen, const EVP_MD *md_type);
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
-char *uni2asc(unsigned char *uni, int unilen);
-
-DECLARE_ASN1_FUNCTIONS(PKCS12)
-DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
-
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-		 STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-			 STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
-						 int mac_iter, int keytype);
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-#define PKCS12_F_PARSE_BAGS				 103
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME		 100
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC		 127
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI		 102
-#define PKCS12_F_PKCS12_ADD_LOCALKEYID			 104
-#define PKCS12_F_PKCS12_CREATE				 105
-#define PKCS12_F_PKCS12_DECRYPT_D2I			 106
-#define PKCS12_F_PKCS12_GEN_MAC				 107
-#define PKCS12_F_PKCS12_I2D_ENCRYPT			 108
-#define PKCS12_F_PKCS12_INIT				 109
-#define PKCS12_F_PKCS12_KEY_GEN_ASC			 110
-#define PKCS12_F_PKCS12_KEY_GEN_UNI			 111
-#define PKCS12_F_PKCS12_MAKE_KEYBAG			 112
-#define PKCS12_F_PKCS12_MAKE_SHKEYBAG			 113
-#define PKCS12_F_PKCS12_NEWPASS				 128
-#define PKCS12_F_PKCS12_PACK_P7DATA			 114
-#define PKCS12_F_PKCS12_PACK_P7ENCDATA			 115
-#define PKCS12_F_PKCS12_PACK_SAFEBAG			 117
-#define PKCS12_F_PKCS12_PARSE				 118
-#define PKCS12_F_PKCS12_PBE_CRYPT			 119
-#define PKCS12_F_PKCS12_PBE_KEYIVGEN			 120
-#define PKCS12_F_PKCS12_SETUP_MAC			 122
-#define PKCS12_F_PKCS12_SET_MAC				 123
-#define PKCS12_F_PKCS8_ADD_KEYUSAGE			 124
-#define PKCS12_F_PKCS8_ENCRYPT				 125
-#define PKCS12_F_VERIFY_MAC				 126
-
-/* Reason codes. */
-#define PKCS12_R_CANT_PACK_STRUCTURE			 100
-#define PKCS12_R_DECODE_ERROR				 101
-#define PKCS12_R_ENCODE_ERROR				 102
-#define PKCS12_R_ENCRYPT_ERROR				 103
-#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE	 120
-#define PKCS12_R_INVALID_NULL_ARGUMENT			 104
-#define PKCS12_R_INVALID_NULL_PKCS12_POINTER		 105
-#define PKCS12_R_IV_GEN_ERROR				 106
-#define PKCS12_R_KEY_GEN_ERROR				 107
-#define PKCS12_R_MAC_ABSENT				 108
-#define PKCS12_R_MAC_GENERATION_ERROR			 109
-#define PKCS12_R_MAC_SETUP_ERROR			 110
-#define PKCS12_R_MAC_STRING_SET_ERROR			 111
-#define PKCS12_R_MAC_VERIFY_ERROR			 112
-#define PKCS12_R_MAC_VERIFY_FAILURE			 113
-#define PKCS12_R_PARSE_ERROR				 114
-#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR		 115
-#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR		 116
-#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR			 117
-#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM		 118
-#define PKCS12_R_UNSUPPORTED_PKCS12_MODE		 119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/pkcs7/Makefile.save b/crypto/openssl/crypto/pkcs7/Makefile.save
deleted file mode 100644
index 5e8a6808d357..000000000000
--- a/crypto/openssl/crypto/pkcs7/Makefile.save
+++ /dev/null
@@ -1,218 +0,0 @@
-#
-# SSLeay/crypto/pkcs7/Makefile
-#
-
-DIR=	pkcs7
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c pk7_mime.c
-LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o pk7_mime.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs7.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-testapps: enc dec sign verify
-
-enc: enc.o lib
-	$(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-dec: dec.o lib
-	$(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-sign: sign.o lib
-	$(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-verify: verify.o example.o lib
-	$(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pk7_attr.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pk7_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_attr.o: ../../include/openssl/x509_vfy.h
-pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-pk7_doit.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-pk7_doit.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_doit.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_doit.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_doit.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_doit.o: ../../include/openssl/opensslconf.h
-pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_doit.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pk7_doit.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_doit.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h
-pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk7_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_lib.o: ../cryptlib.h
-pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_mime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_mime.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_mime.o: ../../include/openssl/opensslconf.h
-pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_mime.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pk7_mime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_mime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_mime.o: ../cryptlib.h
-pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-pk7_smime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-pk7_smime.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_smime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_smime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_smime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_smime.o: ../../include/openssl/opensslconf.h
-pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_smime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_smime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_smime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pk7_smime.o: ../cryptlib.h
-pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pkcs7err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pkcs7err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pkcs7err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pkcs7err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pkcs7err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pkcs7err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pkcs7err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pkcs7err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pkcs7err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pkcs7err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pkcs7err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pkcs7err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pkcs7err.o: ../../include/openssl/x509_vfy.h
diff --git a/crypto/openssl/crypto/pkcs7/Makefile.ssl b/crypto/openssl/crypto/pkcs7/Makefile.ssl
deleted file mode 100644
index 69cddb04b8b3..000000000000
--- a/crypto/openssl/crypto/pkcs7/Makefile.ssl
+++ /dev/null
@@ -1,243 +0,0 @@
-#
-# SSLeay/crypto/pkcs7/Makefile
-#
-
-DIR=	pkcs7
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
-	pk7_mime.c
-LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
-	pk7_mime.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs7.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-testapps: enc dec sign verify
-
-enc: enc.o lib
-	$(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-dec: dec.o lib
-	$(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-sign: sign.o lib
-	$(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-verify: verify.o example.o lib
-	$(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pk7_asn1.o: ../../e_os.h ../../include/openssl/aes.h
-pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pk7_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk7_asn1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_asn1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_asn1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_asn1.o: ../cryptlib.h pk7_asn1.c
-pk7_attr.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-pk7_attr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-pk7_attr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk7_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_attr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_attr.o: pk7_attr.c
-pk7_doit.o: ../../e_os.h ../../include/openssl/aes.h
-pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pk7_doit.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_doit.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_doit.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pk7_doit.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_doit.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pk7_doit.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pk7_doit.o: ../cryptlib.h pk7_doit.c
-pk7_lib.o: ../../e_os.h ../../include/openssl/aes.h
-pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pk7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-pk7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pk7_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c
-pk7_mime.o: ../../e_os.h ../../include/openssl/aes.h
-pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_mime.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-pk7_mime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_mime.o: ../../include/openssl/opensslconf.h
-pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pk7_mime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_mime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-pk7_mime.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c
-pk7_smime.o: ../../e_os.h ../../include/openssl/aes.h
-pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pk7_smime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_smime.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_smime.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pk7_smime.o: ../../include/openssl/objects.h
-pk7_smime.o: ../../include/openssl/opensslconf.h
-pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk7_smime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_smime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_smime.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c
-pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pkcs7err.o: pkcs7err.c
diff --git a/crypto/openssl/crypto/pkcs7/README b/crypto/openssl/crypto/pkcs7/README
deleted file mode 100644
index 27001c69707c..000000000000
--- a/crypto/openssl/crypto/pkcs7/README
+++ /dev/null
@@ -1,5 +0,0 @@
-WARNING
-
-Everything in this directory is experimental and is subject to change.
-
-Do not rely on the stuff in here not changing in the next release
diff --git a/crypto/openssl/crypto/pkcs7/bio_ber.c b/crypto/openssl/crypto/pkcs7/bio_ber.c
deleted file mode 100644
index 895a91177be8..000000000000
--- a/crypto/openssl/crypto/pkcs7/bio_ber.c
+++ /dev/null
@@ -1,466 +0,0 @@
-/* crypto/evp/bio_ber.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int ber_write(BIO *h,char *buf,int num);
-static int ber_read(BIO *h,char *buf,int size);
-/*static int ber_puts(BIO *h,char *str); */
-/*static int ber_gets(BIO *h,char *str,int size); */
-static long ber_ctrl(BIO *h,int cmd,long arg1,char *arg2);
-static int ber_new(BIO *h);
-static int ber_free(BIO *data);
-static long ber_callback_ctrl(BIO *h,int cmd,void *(*fp)());
-#define BER_BUF_SIZE	(32)
-
-/* This is used to hold the state of the BER objects being read. */
-typedef struct ber_struct
-	{
-	int tag;
-	int class;
-	long length;
-	int inf;
-	int num_left;
-	int depth;
-	} BER_CTX;
-
-typedef struct bio_ber_struct
-	{
-	int tag;
-	int class;
-	long length;
-	int inf;
-
-	/* most of the following are used when doing non-blocking IO */
-	/* reading */
-	long num_left;	/* number of bytes still to read/write in block */
-	int depth;	/* used with indefinite encoding. */
-	int finished;	/* No more read data */
-
-	/* writting */ 
-	char *w_addr;
-	int w_offset;
-	int w_left;
-
-	int buf_len;
-	int buf_off;
-	unsigned char buf[BER_BUF_SIZE];
-	} BIO_BER_CTX;
-
-static BIO_METHOD methods_ber=
-	{
-	BIO_TYPE_CIPHER,"cipher",
-	ber_write,
-	ber_read,
-	NULL, /* ber_puts, */
-	NULL, /* ber_gets, */
-	ber_ctrl,
-	ber_new,
-	ber_free,
-	ber_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_ber(void)
-	{
-	return(&methods_ber);
-	}
-
-static int ber_new(BIO *bi)
-	{
-	BIO_BER_CTX *ctx;
-
-	ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX));
-	if (ctx == NULL) return(0);
-
-	memset((char *)ctx,0,sizeof(BIO_BER_CTX));
-
-	bi->init=0;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int ber_free(BIO *a)
-	{
-	BIO_BER_CTX *b;
-
-	if (a == NULL) return(0);
-	b=(BIO_BER_CTX *)a->ptr;
-	OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX));
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-
-int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx)
-	{
-	char buf[64];
-	int i,j,n;
-	int ret;
-	unsigned char *p;
-	unsigned long length
-	int tag;
-	int class;
-	long max;
-
-	BIO_clear_retry_flags(b);
-
-	/* Pack the buffer down if there is a hole at the front */
-	if (ctx->buf_off != 0)
-		{
-		p=ctx->buf;
-		j=ctx->buf_off;
-		n=ctx->buf_len-j;
-		for (i=0; i<n; i++)
-			{
-			p[0]=p[j];
-			p++;
-			}
-		ctx->buf_len-j;
-		ctx->buf_off=0;
-		}
-
-	/* If there is more room, read some more data */
-	i=BER_BUF_SIZE-ctx->buf_len;
-	if (i)
-		{
-		i=BIO_read(bio->next_bio,&(ctx->buf[ctx->buf_len]),i);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			return(i);
-			}
-		else
-			ctx->buf_len+=i;
-		}
-
-	max=ctx->buf_len;
-	p=ctx->buf;
-	ret=ASN1_get_object(&p,&length,&tag,&class,max);
-
-	if (ret & 0x80)
-		{
-		if ((ctx->buf_len < BER_BUF_SIZE) &&
-			(ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG))
-			{
-			ERR_get_error(); /* clear the error */
-			BIO_set_retry_read(b);
-			}
-		return(-1);
-		}
-
-	/* We have no error, we have a header, so make use of it */
-
-	if ((ctx->tag  >= 0) && (ctx->tag != tag))
-		{
-		BIOerr(BIO_F_BIO_BER_GET_HEADER,BIO_R_TAG_MISMATCH);
-		sprintf(buf,"tag=%d, got %d",ctx->tag,tag);
-		ERR_add_error_data(1,buf);
-		return(-1);
-		}
-	if (ret & 0x01)
-	if (ret & V_ASN1_CONSTRUCTED)
-	}
-	
-static int ber_read(BIO *b, char *out, int outl)
-	{
-	int ret=0,i,n;
-	BIO_BER_CTX *ctx;
-
-	BIO_clear_retry_flags(b);
-
-	if (out == NULL) return(0);
-	ctx=(BIO_BER_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	if (ctx->finished) return(0);
-
-again:
-	/* First see if we are half way through reading a block */
-	if (ctx->num_left > 0)
-		{
-		if (ctx->num_left < outl)
-			n=ctx->num_left;
-		else
-			n=outl;
-		i=BIO_read(b->next_bio,out,n);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			return(i);
-			}
-		ctx->num_left-=i;
-		outl-=i;
-		ret+=i;
-		if (ctx->num_left <= 0)
-			{
-			ctx->depth--;
-			if (ctx->depth <= 0)
-				ctx->finished=1;
-			}
-		if (outl <= 0)
-			return(ret);
-		else
-			goto again;
-		}
-	else	/* we need to read another BER header */
-		{
-		}
-	}
-
-static int ber_write(BIO *b, char *in, int inl)
-	{
-	int ret=0,n,i;
-	BIO_ENC_CTX *ctx;
-
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	ret=inl;
-
-	BIO_clear_retry_flags(b);
-	n=ctx->buf_len-ctx->buf_off;
-	while (n > 0)
-		{
-		i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-		if (i <= 0)
-			{
-			BIO_copy_next_retry(b);
-			return(i);
-			}
-		ctx->buf_off+=i;
-		n-=i;
-		}
-	/* at this point all pending data has been written */
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-
-	ctx->buf_off=0;
-	while (inl > 0)
-		{
-		n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
-		EVP_CipherUpdate(&(ctx->cipher),
-			(unsigned char *)ctx->buf,&ctx->buf_len,
-			(unsigned char *)in,n);
-		inl-=n;
-		in+=n;
-
-		ctx->buf_off=0;
-		n=ctx->buf_len;
-		while (n > 0)
-			{
-			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-				return(i);
-				}
-			n-=i;
-			ctx->buf_off+=i;
-			}
-		ctx->buf_len=0;
-		ctx->buf_off=0;
-		}
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static long ber_ctrl(BIO *b, int cmd, long num, char *ptr)
-	{
-	BIO *dbio;
-	BIO_ENC_CTX *ctx,*dctx;
-	long ret=1;
-	int i;
-
-	ctx=(BIO_ENC_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->ok=1;
-		ctx->finished=0;
-		EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
-			ctx->cipher.berrypt);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret=1;
-		else
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=ctx->buf_len-ctx->buf_off;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-		ret=ctx->buf_len-ctx->buf_off;
-		if (ret <= 0)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-again:
-		while (ctx->buf_len != ctx->buf_off)
-			{
-			i=ber_write(b,NULL,0);
-			if (i < 0)
-				{
-				ret=i;
-				break;
-				}
-			}
-
-		if (!ctx->finished)
-			{
-			ctx->finished=1;
-			ctx->buf_off=0;
-			ret=EVP_CipherFinal_ex(&(ctx->cipher),
-				(unsigned char *)ctx->buf,
-				&(ctx->buf_len));
-			ctx->ok=(int)ret;
-			if (ret <= 0) break;
-
-			/* push out the bytes */
-			goto again;
-			}
-		
-		/* Finally flush the underlying BIO */
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_C_GET_CIPHER_STATUS:
-		ret=(long)ctx->ok;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		dctx=(BIO_ENC_CTX *)dbio->ptr;
-		memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
-		dbio->init=1;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long ber_callback_ctrl(BIO *b, int cmd, void *(*fp)())
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-/*
-void BIO_set_cipher_ctx(b,c)
-BIO *b;
-EVP_CIPHER_ctx *c;
-	{
-	if (b == NULL) return;
-
-	if ((b->callback != NULL) &&
-		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
-
-	b->init=1;
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
-	
-	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
-	}
-*/
-
-void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i,
-	     int e)
-	{
-	BIO_ENC_CTX *ctx;
-
-	if (b == NULL) return;
-
-	if ((b->callback != NULL) &&
-		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
-
-	b->init=1;
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e);
-	
-	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
-	}
-
diff --git a/crypto/openssl/crypto/pkcs7/dec.c b/crypto/openssl/crypto/pkcs7/dec.c
deleted file mode 100644
index 6752ec568a91..000000000000
--- a/crypto/openssl/crypto/pkcs7/dec.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/* crypto/pkcs7/verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-
-int verify_callback(int ok, X509_STORE_CTX *ctx);
-
-BIO *bio_err=NULL;
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	char *keyfile=NULL;
-	BIO *in;
-	EVP_PKEY *pkey;
-	X509 *x509;
-	PKCS7 *p7;
-	PKCS7_SIGNER_INFO *si;
-	X509_STORE_CTX cert_ctx;
-	X509_STORE *cert_store=NULL;
-	BIO *data,*detached=NULL,*p7bio=NULL;
-	char buf[1024*4];
-	unsigned char *pp;
-	int i,printit=0;
-	STACK_OF(PKCS7_SIGNER_INFO) *sk;
-
-	OpenSSL_add_all_algorithms();
-	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	data=BIO_new(BIO_s_file());
-	pp=NULL;
-	while (argc > 1)
-		{
-		argc--;
-		argv++;
-		if (strcmp(argv[0],"-p") == 0)
-			{
-			printit=1;
-			}
-		else if ((strcmp(argv[0],"-k") == 0) && (argc >= 2)) {
-			keyfile = argv[1];
-			argc-=1;
-			argv+=1;
-		} else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
-			{
-			detached=BIO_new(BIO_s_file());
-			if (!BIO_read_filename(detached,argv[1]))
-				goto err;
-			argc-=1;
-			argv+=1;
-			}
-		else break;
-		}
-
-	 if (!BIO_read_filename(data,argv[0])) goto err; 
-
-	if(!keyfile) {
-		fprintf(stderr, "No private key file specified\n");
-		goto err;
-	}
-
-        if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err;
-        if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err;
-        BIO_reset(in);
-        if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL)
-		goto err;
-        BIO_free(in);
-
-	if (pp == NULL)
-		BIO_set_fp(data,stdin,BIO_NOCLOSE);
-
-
-	/* Load the PKCS7 object from a file */
-	if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err;
-
-
-
-	/* This stuff is being setup for certificate verification.
-	 * When using SSL, it could be replaced with a 
-	 * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
-	cert_store=X509_STORE_new();
-	X509_STORE_set_default_paths(cert_store);
-	X509_STORE_load_locations(cert_store,NULL,"../../certs");
-	X509_STORE_set_verify_cb_func(cert_store,verify_callback);
-
-	ERR_clear_error();
-
-	/* We need to process the data */
-	/* We cannot support detached encryption */
-	p7bio=PKCS7_dataDecode(p7,pkey,detached,x509);
-
-	if (p7bio == NULL)
-		{
-		printf("problems decoding\n");
-		goto err;
-		}
-
-	/* We now have to 'read' from p7bio to calculate digests etc. */
-	for (;;)
-		{
-		i=BIO_read(p7bio,buf,sizeof(buf));
-		/* print it? */
-		if (i <= 0) break;
-		fwrite(buf,1, i, stdout);
-		}
-
-	/* We can now verify signatures */
-	sk=PKCS7_get_signer_info(p7);
-	if (sk == NULL)
-		{
-		fprintf(stderr, "there are no signatures on this data\n");
-		}
-	else
-		{
-		/* Ok, first we need to, for each subject entry,
-		 * see if we can verify */
-		ERR_clear_error();
-		for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++)
-			{
-			si=sk_PKCS7_SIGNER_INFO_value(sk,i);
-			i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
-			if (i <= 0)
-				goto err;
-			else
-				fprintf(stderr,"Signature verified\n");
-			}
-		}
-	X509_STORE_free(cert_store);
-
-	exit(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	exit(1);
-	}
-
-/* should be X509 * but we can just have them as char *. */
-int verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	char buf[256];
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
-
-	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
-	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-		if (depth < 6)
-			{
-			ok=1;
-			X509_STORE_CTX_set_error(ctx,X509_V_OK);
-			}
-		else
-			{
-			ok=0;
-			X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
-			}
-		}
-	switch (ctx->error)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
-		BIO_printf(bio_err,"issuer= %s\n",buf);
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-		}
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/pkcs7/des.pem b/crypto/openssl/crypto/pkcs7/des.pem
deleted file mode 100644
index 62d1657e3e79..000000000000
--- a/crypto/openssl/crypto/pkcs7/des.pem
+++ /dev/null
@@ -1,15 +0,0 @@
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ
-/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw
-AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
-QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
-CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N
-WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
-oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL
-lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8
-5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA=
-
diff --git a/crypto/openssl/crypto/pkcs7/doc b/crypto/openssl/crypto/pkcs7/doc
deleted file mode 100644
index d2e8b7b2a3df..000000000000
--- a/crypto/openssl/crypto/pkcs7/doc
+++ /dev/null
@@ -1,24 +0,0 @@
-int PKCS7_set_content_type(PKCS7 *p7, int type);
-Call to set the type of PKCS7 object we are working on
-
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-	EVP_MD *dgst);
-Use this to setup a signer info
-There will also be functions to add signed and unsigned attributes.
-
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-Add a signer info to the content.
-
-int PKCS7_add_certificae(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-
-----
-
-p7=PKCS7_new();
-PKCS7_set_content_type(p7,NID_pkcs7_signed);
-
-signer=PKCS7_SINGNER_INFO_new();
-PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5());
-PKCS7_add_signer(py,signer);
-
-we are now setup.
diff --git a/crypto/openssl/crypto/pkcs7/enc.c b/crypto/openssl/crypto/pkcs7/enc.c
deleted file mode 100644
index 7417f8a4e00b..000000000000
--- a/crypto/openssl/crypto/pkcs7/enc.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* crypto/pkcs7/enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	X509 *x509;
-	PKCS7 *p7;
-	BIO *in;
-	BIO *data,*p7bio;
-	char buf[1024*4];
-	int i;
-	int nodetach=1;
-	char *keyfile = NULL;
-	const EVP_CIPHER *cipher=NULL;
-	STACK_OF(X509) *recips=NULL;
-
-	OpenSSL_add_all_algorithms();
-
-	data=BIO_new(BIO_s_file());
-	while(argc > 1)
-		{
-		if (strcmp(argv[1],"-nd") == 0)
-			{
-			nodetach=1;
-			argv++; argc--;
-			}
-		else if ((strcmp(argv[1],"-c") == 0) && (argc >= 2)) {
-			if(!(cipher = EVP_get_cipherbyname(argv[2]))) {
-				fprintf(stderr, "Unknown cipher %s\n", argv[2]);
-				goto err;
-			}
-			argc-=2;
-			argv+=2;
-		} else if ((strcmp(argv[1],"-k") == 0) && (argc >= 2)) {
-			keyfile = argv[2];
-			argc-=2;
-			argv+=2;
-			if (!(in=BIO_new_file(keyfile,"r"))) goto err;
-			if (!(x509=PEM_read_bio_X509(in,NULL,NULL,NULL)))
-				goto err;
-			if(!recips) recips = sk_X509_new_null();
-			sk_X509_push(recips, x509);
-			BIO_free(in);
-		} else break;
-	}
-
-	if(!recips) {
-		fprintf(stderr, "No recipients\n");
-		goto err;
-	}
-
-	if (!BIO_read_filename(data,argv[1])) goto err;
-
-	p7=PKCS7_new();
-#if 0
-	BIO_reset(in);
-	if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
-	BIO_free(in);
-	PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped);
-	 
-	if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
-	/* we may want to add more */
-	PKCS7_add_certificate(p7,x509);
-#else
-	PKCS7_set_type(p7,NID_pkcs7_enveloped);
-#endif
-	if(!cipher)	{
-#ifndef OPENSSL_NO_DES
-		cipher = EVP_des_ede3_cbc();
-#else
-		fprintf(stderr, "No cipher selected\n");
-		goto err;
-#endif
-	}
-
-	if (!PKCS7_set_cipher(p7,cipher)) goto err;
-	for(i = 0; i < sk_X509_num(recips); i++) {
-		if (!PKCS7_add_recipient(p7,sk_X509_value(recips, i))) goto err;
-	}
-	sk_X509_pop_free(recips, X509_free);
-
-	/* Set the content of the signed to 'data' */
-	/* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */
-
-	/* could be used, but not in this version :-)
-	if (!nodetach) PKCS7_set_detached(p7,1);
-	*/
-
-	if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
-
-	for (;;)
-		{
-		i=BIO_read(data,buf,sizeof(buf));
-		if (i <= 0) break;
-		BIO_write(p7bio,buf,i);
-		}
-	BIO_flush(p7bio);
-
-	if (!PKCS7_dataFinal(p7,p7bio)) goto err;
-	BIO_free(p7bio);
-
-	PEM_write_PKCS7(stdout,p7);
-	PKCS7_free(p7);
-
-	exit(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	exit(1);
-	}
-
diff --git a/crypto/openssl/crypto/pkcs7/es1.pem b/crypto/openssl/crypto/pkcs7/es1.pem
deleted file mode 100644
index 47112a238fd2..000000000000
--- a/crypto/openssl/crypto/pkcs7/es1.pem
+++ /dev/null
@@ -1,66 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqGSIb3DQEBAQUABEDWak0y/5XZJhQJeCLo
-KECcHXkTEbjzYkYNHIinbiPmRK4QbNfs9z2mA3z/c2ykQ4eAqFR2jyNrUMN/+I5XEiv6MIHw
-AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
-QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
-CSqGSIb3DQEBAQUABEAWg9+KgtCjc77Jdj1Ve4wGgHjVHbbSYEA1ZqKFDoi15vSr9hfpHmC4
-ycZzcRo16JkTfolefiHZzmyjVz94vSN6MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
-oAQI7X4Tk4mcbV6ggASBsHl1mCaJ3RhXWlNPCgCRU53d7M5x6TDZRkvwdtdvW96m1lupT03F
-XtonkBqk7oMkH7kGfs5/REQOPjx0QE2Ixmgt1W3szum82EZwA7pZNppcraK7W/odw/7bYZO+
-II3HPmRklE2N9qiu1LPaPUsnYogkO6SennyeL5tZ382vBweL/8pnG0qsbT1OBb65v+llnsjT
-pa1T/p+fIx/iJJGE6K9fYFokC6gXLQ6ozXRdOu5oBDB8mPCYYvAqKycidM/MrGGUkpEtS4f0
-lS31PwQi5YTim8Ig3/TOwVpPX32i46FTuEIEIMHkD/OvpfwCCzXUHHJnKnKUAUvIsSY3vGBs
-8ezpUDfBBBj9LHDy32hZ2tQilkDefP5VM2LLdrWgamYEgfiyITQvn08Ul5lQOQxbFKBheFq5
-otCCN4MR+w5eq12xQu6y+f9z0159ag2ru87D0lLtUtXXtCELbO1nUkT2sJ0k/iDs9TOXr6Cx
-go1XKYho83hlkXYiCteVizdAbgVGNsNRD4wtIdajsorET/LuJECgp11YeL9w1dlDB0HLEZfi
-XCsUphH4jGagba3hDeUSibnjSiJlN0ukfuQurBBbI2UkBAujiEAubKPn7C1FZJRSw6CPPX5t
-KEpmcqT1JNk6LO8Js6/1sCmmBh1VGCy1+EuTI9J1p7Dagf4nQ8cHitoCRpHuKZlFHnZyv7tw
-Rn/KOhHaYP2VzAh40gQIvKMAAWh9oFsEEIMwIoOmLwLH5wf+8QdbDhoECH8HwZt9a12dBAjL
-r4j2zlvtfgQIt7nmEM3wz1EECKlc3EIy1irCBBCAKINcermK3A+jI6ISN2RzBFA3dsh/xwMu
-l61aWMBBZzEz/SF92k6n35KZhCC0d6fIVC/1WMv0fnCwQ8oEDynSre216VEFiYKBaQLJe5o/
-mTAxC7Ht3goXnuc+i1FItOkLrgRI/wyvTICEn2WsNZiMADnGaee2bqPnUopo+VMGexJEtCPk
-l0ZNlDJGquPDkpUwaEtecVZzCNyVPYyyF4J/l8rmGDhDdYUIC8IKBEg/ip/E0BuubBLWVbv+
-HRl4QrnGpyCyeXRXXK603QP3sT1Zbbm1v5pI/loOhVHi724LmtXHSyp5qv9MDcxE1PoX10LY
-gBRtlwwESPeCF8bK5jk4xIQMhK5NMHj1Y1KQWTZ9NGITBL4hjRq2qp4Qk5GIpGgOVPopAuCo
-TIyPikpqBRNtLSPRSsDs6QPUPzWBh6JgxwRQblnDKKUkxUcnJiD4i9QtGa/ZabMn4KxtNOBL
-5JSh1nJkaLXCZY070131WWPAByLcd5TiXq8x84pmzV5NNk4tiMpoXhJNsx8e4rskQQlKd6ME
-SCe2eYDHKcKPX3WJbUzhrJSQ92/aWnI2iUY8WQ+kSNyiZ2QUjyuUg9Z66g/0d2STlvPOBHT/
-y5ODP2CwbcWX4QmCbUc9TT66fQRIrRVuwvtOfnUueyGgYhJ3HpAJfVaB/7kap5bj7Fi/azW4
-9JDfd1bC/W9h0Kyk7RO2gxvE0hIHc26mZJHTm9MNP5D328MnM2MdBEjKjQBtgrp+lFIii7MP
-nGHFTKUkG4WAIZJCf/CsT+p6/SW0qG71Me/YcSw5STB24j+a+HgMV8RVIeUlkP4z0IWWrSoB
-Gh4d/Z0EUMCVHs/HZ/bWgiyhtHpvuVAzidm8D81p1LJ5BQX5/5f/m+q5+fS/npL27dTEbNqs
-LSB6ij3MZAi7LwHWpTn9zWnDajCMEj9vlaV7mcKtHK5iBEg85agFi1h3MvicqLtoFe5hVv9T
-tG0j6CRkjkixPzivltlrf44KHv14gLM0XJxCGyq7vd3l8QYr3+9at0zNnX/yqTiBnsnE5dUE
-SIgrYuz87M2gi/ER9PcDoTtONH3+CkcqVy03q/Sj8cVWD/b1KgEhqnNOfc8Ak9PctyR/ItcR
-8Me5XVn1GJKkQJk4O29fxvgNoAQIrIESvUWGshAEQByXiFoFTDUByjTlgjcy77H1lrH+y3P/
-wAInJjJAut9kCNyGJV0PA4kdPB5USWltuO6t8gk4Pd2YBMl09zqUWkAEUCjFrtZ3mapjcGZI
-uQTASKR5LSjXoWxTT5gae/+64MerF/oCEeO3ehRTpjnPrsiRDo0rWIQTaj9+Nro8Z2xtWstw
-RnfoAHIxV1lEamPwjsceBEi2SD9hiifFeO5ECiVoaE1FdXUXhU+jwYAMx6jHWO9hMkYzS9pM
-Y3IyWR5ybtOjiQgkUdvRJPUPGf5DVVMPnymGX25aDh5PYpIESPbsM9akCpOOVuscywcUswmU
-o7dXvlB48WWCfg/al3BQKAZbn5ZXtWNwpUZkrEdHsrxAVv3rxRcdkT3Z1fzUbIuYkLJN200o
-WgRIJvn6RO8KEj7/HOg2sYuuM8nz1kR0TSgwX7/0y/7JfjBa0JIlP7o75sNJscE8oyoIMzuy
-Dvn6/U9g3BCDXn83A/s+ke60qn9gBFC6NAeLOlXal1YVWYhMQNOqCyUfAjiXBTawaysQb1Mk
-YgeNlF8xuEFcUQWIP+vNG7FJ5JPMaMRL4YEoaQ3sVFhYOERJR1cSb+8xt4QCYtBKQgRIUOmJ
-CHW5o1hXJWJiTkZK2qWFcEMzTINSj5EpYFySr8aVBjkRnI7vxegRT/+XZZXoYedQ3UNsnGI3
-DdkWii5VzX0PNF6C60pfBEiVpausYuX7Wjb3Lfm8cBj7GgN69i6Pm2gxtobVcmpo2nS4D714
-ePyhlX9n8kJ6QAcqWMRj22smDPrHVGNTizfzHBh5zNllK9gESJizILOWI327og3ZWp+qUht5
-kNDJCzMK7Z09UAy+h+vq0VTQuEo3FgLzVdqkJujjSL4Nx97lXg51AovrEn3nd4evydwcjKLX
-1wRIo72NaeWuUEQ+rt1SlCsOJ7k1ioJSqhrPOfvwcaFcb4beVet1JWiy4yvowTjLDGbUje2s
-xjrlVt4BJWI/uA6jbQsrxSe89ADZBAi5YAlR4qszeAQIXD3VSBVKbRUECNTtyvw9vvqXBAhb
-IZNn4H4cxgQI+XW7GkfL+ekECCCCg2reMyGDBAh1PYqkg3lw3gQQkNlggEPU+BH8eh7Gm7n7
-7AQIjC5EWbkil5cEEKcpuqwTWww/X89KnQAg8TcECJPomqHvrlZFBBiRSuIiHpmN+PaujXpv
-qZV2VhjkB2j09GEECOIdv8AVOJgKBAjlHgIqAD9jZQQIXHbs44+wogcEIGGqTACRJxrhMcMG
-X8drNjksIPt+snxTXUBIkTVpZWoABAh6unXPTyIr8QQgBF8xKoX27MWk7iTNmkSNZggZXa2a
-DWCGHSYLngbSOHIECD9XmO6VsvTgBAjfqB70CEW4WwQIVIBkbCocznUEEHB/zFXy/sR4OYHe
-UfbNPnIEEDWBB/NTCLMGE+o8BfyujcAECFik7GQnnF9VBBAhLXExQeWAofZNc6NtN7qZBCC1
-gVIS3ruTwKltmcrgx3heT3M8ZJhCfWa+6KzchnmKygQQ+1NL5sSzR4m/fdrqxHFyUAQYCT2x
-PamQr3wK3h0lyZER+4H0zPM86AhFBBC3CkmvL2vjflMfujnzPBVpBBge9rMbI5+0q9DLrTiT
-5F3AIgXLpD8PQWAECHkHVo6RomV3BAgMbi8E271UeAQIqtS8wnI3XngECG3TWmOMb3/iBEha
-y+mvCS6I3n3JfL8e1B5P4qX9/czJRaERLuKpGNjLiL4A+zxN0LZ0UHd0qfmJjwOTxAx3iJAC
-lGXX4nB9ATYPUT5EU+o1Y4sECN01pP6vWNIdBDAsiE0Ts8/9ltJlqX2B3AoOM4qOt9EaCjXf
-lB+aEmrhtjUwuZ6GqS5Ke7P6XnakTk4ECCLIMatNdootAAAAAAAAAAAAAA==
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/example.c b/crypto/openssl/crypto/pkcs7/example.c
deleted file mode 100644
index c993947cc378..000000000000
--- a/crypto/openssl/crypto/pkcs7/example.c
+++ /dev/null
@@ -1,329 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pkcs7.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int add_signed_time(PKCS7_SIGNER_INFO *si)
-	{
-	ASN1_UTCTIME *sign_time;
-
-	/* The last parameter is the amount to add/subtract from the current
-	 * time (in seconds) */
-	sign_time=X509_gmtime_adj(NULL,0);
-	PKCS7_add_signed_attribute(si,NID_pkcs9_signingTime,
-		V_ASN1_UTCTIME,(char *)sign_time);
-	return(1);
-	}
-
-ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si)
-	{
-	ASN1_TYPE *so;
-
-	so=PKCS7_get_signed_attribute(si,NID_pkcs9_signingTime);
-	if (so->type == V_ASN1_UTCTIME)
-	    return so->value.utctime;
-	return NULL;
-	}
-	
-static int signed_string_nid= -1;
-
-void add_signed_string(PKCS7_SIGNER_INFO *si, char *str)
-	{
-	ASN1_OCTET_STRING *os;
-
-	/* To a an object of OID 1.2.3.4.5, which is an octet string */
-	if (signed_string_nid == -1)
-		signed_string_nid=
-			OBJ_create("1.2.3.4.5","OID_example","Our example OID");
-	os=ASN1_OCTET_STRING_new();
-	ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str));
-	/* When we add, we do not free */
-	PKCS7_add_signed_attribute(si,signed_string_nid,
-		V_ASN1_OCTET_STRING,(char *)os);
-	}
-
-int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len)
-	{
-	ASN1_TYPE *so;
-	ASN1_OCTET_STRING *os;
-	int i;
-
-	if (signed_string_nid == -1)
-		signed_string_nid=
-			OBJ_create("1.2.3.4.5","OID_example","Our example OID");
-	/* To retrieve */
-	so=PKCS7_get_signed_attribute(si,signed_string_nid);
-	if (so != NULL)
-		{
-		if (so->type == V_ASN1_OCTET_STRING)
-			{
-			os=so->value.octet_string;
-			i=os->length;
-			if ((i+1) > len)
-				i=len-1;
-			memcpy(buf,os->data,i);
-			return(i);
-			}
-		}
-	return(0);
-	}
-
-static int signed_seq2string_nid= -1;
-/* ########################################### */
-int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2)
-	{
-	/* To add an object of OID 1.9.999, which is a sequence containing
-	 * 2 octet strings */
-	unsigned char *p;
-	ASN1_OCTET_STRING *os1,*os2;
-	ASN1_STRING *seq;
-	unsigned char *data;
-	int i,total;
-
-	if (signed_seq2string_nid == -1)
-		signed_seq2string_nid=
-			OBJ_create("1.9.9999","OID_example","Our example OID");
-
-	os1=ASN1_OCTET_STRING_new();
-	os2=ASN1_OCTET_STRING_new();
-	ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1));
-	ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1));
-	i =i2d_ASN1_OCTET_STRING(os1,NULL);
-	i+=i2d_ASN1_OCTET_STRING(os2,NULL);
-	total=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
-
-	data=malloc(total);
-	p=data;
-	ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-	i2d_ASN1_OCTET_STRING(os1,&p);
-	i2d_ASN1_OCTET_STRING(os2,&p);
-
-	seq=ASN1_STRING_new();
-	ASN1_STRING_set(seq,data,total);
-	free(data);
-	ASN1_OCTET_STRING_free(os1);
-	ASN1_OCTET_STRING_free(os2);
-
-	PKCS7_add_signed_attribute(si,signed_seq2string_nid,
-		V_ASN1_SEQUENCE,(char *)seq);
-	return(1);
-	}
-
-/* For this case, I will malloc the return strings */
-int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2)
-	{
-	ASN1_TYPE *so;
-
-	if (signed_seq2string_nid == -1)
-		signed_seq2string_nid=
-			OBJ_create("1.9.9999","OID_example","Our example OID");
-	/* To retrieve */
-	so=PKCS7_get_signed_attribute(si,signed_seq2string_nid);
-	if (so && (so->type == V_ASN1_SEQUENCE))
-		{
-		ASN1_CTX c;
-		ASN1_STRING *s;
-		long length;
-		ASN1_OCTET_STRING *os1,*os2;
-
-		s=so->value.sequence;
-		c.p=ASN1_STRING_data(s);
-		c.max=c.p+ASN1_STRING_length(s);
-		if (!asn1_GetSequence(&c,&length)) goto err;
-		/* Length is the length of the seqence */
-
-		c.q=c.p;
-		if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
-			goto err;
-		c.slen-=(c.p-c.q);
-
-		c.q=c.p;
-		if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
-			goto err;
-		c.slen-=(c.p-c.q);
-
-		if (!asn1_Finish(&c)) goto err;
-		*str1=malloc(os1->length+1);
-		*str2=malloc(os2->length+1);
-		memcpy(*str1,os1->data,os1->length);
-		memcpy(*str2,os2->data,os2->length);
-		(*str1)[os1->length]='\0';
-		(*str2)[os2->length]='\0';
-		ASN1_OCTET_STRING_free(os1);
-		ASN1_OCTET_STRING_free(os2);
-		return(1);
-		}
-err:
-	return(0);
-	}
-
-
-/* #######################################
- * THE OTHER WAY TO DO THINGS
- * #######################################
- */
-X509_ATTRIBUTE *create_time(void)
-	{
-	ASN1_UTCTIME *sign_time;
-	X509_ATTRIBUTE *ret;
-
-	/* The last parameter is the amount to add/subtract from the current
-	 * time (in seconds) */
-	sign_time=X509_gmtime_adj(NULL,0);
-	ret=X509_ATTRIBUTE_create(NID_pkcs9_signingTime,
-		V_ASN1_UTCTIME,(char *)sign_time);
-	return(ret);
-	}
-
-ASN1_UTCTIME *sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk)
-	{
-	ASN1_TYPE *so;
-	PKCS7_SIGNER_INFO si;
-
-	si.auth_attr=sk;
-	so=PKCS7_get_signed_attribute(&si,NID_pkcs9_signingTime);
-	if (so->type == V_ASN1_UTCTIME)
-	    return so->value.utctime;
-	return NULL;
-	}
-	
-X509_ATTRIBUTE *create_string(char *str)
-	{
-	ASN1_OCTET_STRING *os;
-	X509_ATTRIBUTE *ret;
-
-	/* To a an object of OID 1.2.3.4.5, which is an octet string */
-	if (signed_string_nid == -1)
-		signed_string_nid=
-			OBJ_create("1.2.3.4.5","OID_example","Our example OID");
-	os=ASN1_OCTET_STRING_new();
-	ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str));
-	/* When we add, we do not free */
-	ret=X509_ATTRIBUTE_create(signed_string_nid,
-		V_ASN1_OCTET_STRING,(char *)os);
-	return(ret);
-	}
-
-int sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len)
-	{
-	ASN1_TYPE *so;
-	ASN1_OCTET_STRING *os;
-	int i;
-	PKCS7_SIGNER_INFO si;
-
-	si.auth_attr=sk;
-
-	if (signed_string_nid == -1)
-		signed_string_nid=
-			OBJ_create("1.2.3.4.5","OID_example","Our example OID");
-	/* To retrieve */
-	so=PKCS7_get_signed_attribute(&si,signed_string_nid);
-	if (so != NULL)
-		{
-		if (so->type == V_ASN1_OCTET_STRING)
-			{
-			os=so->value.octet_string;
-			i=os->length;
-			if ((i+1) > len)
-				i=len-1;
-			memcpy(buf,os->data,i);
-			return(i);
-			}
-		}
-	return(0);
-	}
-
-X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2)
-	{
-	/* To add an object of OID 1.9.999, which is a sequence containing
-	 * 2 octet strings */
-	unsigned char *p;
-	ASN1_OCTET_STRING *os1,*os2;
-	ASN1_STRING *seq;
-	X509_ATTRIBUTE *ret;
-	unsigned char *data;
-	int i,total;
-
-	if (signed_seq2string_nid == -1)
-		signed_seq2string_nid=
-			OBJ_create("1.9.9999","OID_example","Our example OID");
-
-	os1=ASN1_OCTET_STRING_new();
-	os2=ASN1_OCTET_STRING_new();
-	ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1));
-	ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1));
-	i =i2d_ASN1_OCTET_STRING(os1,NULL);
-	i+=i2d_ASN1_OCTET_STRING(os2,NULL);
-	total=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
-
-	data=malloc(total);
-	p=data;
-	ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-	i2d_ASN1_OCTET_STRING(os1,&p);
-	i2d_ASN1_OCTET_STRING(os2,&p);
-
-	seq=ASN1_STRING_new();
-	ASN1_STRING_set(seq,data,total);
-	free(data);
-	ASN1_OCTET_STRING_free(os1);
-	ASN1_OCTET_STRING_free(os2);
-
-	ret=X509_ATTRIBUTE_create(signed_seq2string_nid,
-		V_ASN1_SEQUENCE,(char *)seq);
-	return(ret);
-	}
-
-/* For this case, I will malloc the return strings */
-int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2)
-	{
-	ASN1_TYPE *so;
-	PKCS7_SIGNER_INFO si;
-
-	if (signed_seq2string_nid == -1)
-		signed_seq2string_nid=
-			OBJ_create("1.9.9999","OID_example","Our example OID");
-
-	si.auth_attr=sk;
-	/* To retrieve */
-	so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid);
-	if (so->type == V_ASN1_SEQUENCE)
-		{
-		ASN1_CTX c;
-		ASN1_STRING *s;
-		long length;
-		ASN1_OCTET_STRING *os1,*os2;
-
-		s=so->value.sequence;
-		c.p=ASN1_STRING_data(s);
-		c.max=c.p+ASN1_STRING_length(s);
-		if (!asn1_GetSequence(&c,&length)) goto err;
-		/* Length is the length of the seqence */
-
-		c.q=c.p;
-		if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
-			goto err;
-		c.slen-=(c.p-c.q);
-
-		c.q=c.p;
-		if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
-			goto err;
-		c.slen-=(c.p-c.q);
-
-		if (!asn1_Finish(&c)) goto err;
-		*str1=malloc(os1->length+1);
-		*str2=malloc(os2->length+1);
-		memcpy(*str1,os1->data,os1->length);
-		memcpy(*str2,os2->data,os2->length);
-		(*str1)[os1->length]='\0';
-		(*str2)[os2->length]='\0';
-		ASN1_OCTET_STRING_free(os1);
-		ASN1_OCTET_STRING_free(os2);
-		return(1);
-		}
-err:
-	return(0);
-	}
-
-
diff --git a/crypto/openssl/crypto/pkcs7/example.h b/crypto/openssl/crypto/pkcs7/example.h
deleted file mode 100644
index 96167de188d6..000000000000
--- a/crypto/openssl/crypto/pkcs7/example.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-int add_signed_time(PKCS7_SIGNER_INFO *si);
-ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si);
-int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2);
diff --git a/crypto/openssl/crypto/pkcs7/info.pem b/crypto/openssl/crypto/pkcs7/info.pem
deleted file mode 100644
index 989baf87096a..000000000000
--- a/crypto/openssl/crypto/pkcs7/info.pem
+++ /dev/null
@@ -1,57 +0,0 @@
-issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
-subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
-serial :047D
-
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1149 (0x47d)
-        Signature Algorithm: md5withRSAEncryption
-        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
-        Validity
-            Not Before: May 13 05:40:58 1998 GMT
-            Not After : May 12 05:40:58 2000 GMT
-        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Modulus:
-                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
-                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
-                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
-                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
-                    e7:e7:0c:4d:0b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            Netscape Comment: 
-                Generated with SSLeay
-    Signature Algorithm: md5withRSAEncryption
-        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
-        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
-        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
-        50:74:ad:92:cb:4e:90:e5:fa:7d
-
------BEGIN CERTIFICATE-----
-MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
-MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
-ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
-IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
-NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
-aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
-9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
-lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
-hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
-UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
-4A3ZItobUHStkstOkOX6fQ==
------END CERTIFICATE-----
-
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
-mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
-fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
-zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
-p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
-bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
-IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/crypto/pkcs7/infokey.pem b/crypto/openssl/crypto/pkcs7/infokey.pem
deleted file mode 100644
index 1e2acc954d2a..000000000000
--- a/crypto/openssl/crypto/pkcs7/infokey.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
-mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
-fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
-zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
-p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
-bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
-IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/crypto/pkcs7/p7/a1 b/crypto/openssl/crypto/pkcs7/p7/a1
deleted file mode 100644
index 56ca94376265..000000000000
--- a/crypto/openssl/crypto/pkcs7/p7/a1
+++ /dev/null
@@ -1,2 +0,0 @@
-j,H>_æá_­DôzEîLœ	VJ³ß觬¤””E3ûáYäx%_Àk
-3ê)DLScñ8%ôM
\ No newline at end of file
diff --git a/crypto/openssl/crypto/pkcs7/p7/a2 b/crypto/openssl/crypto/pkcs7/p7/a2
deleted file mode 100644
index 23d8fb5e93b9..000000000000
--- a/crypto/openssl/crypto/pkcs7/p7/a2
+++ /dev/null
@@ -1 +0,0 @@
-k~@a”,NâM͹¼	
<O( KP—騠¤K²>­×U¿o_½
BqrmÎ?Ù t?t÷�Ï�éId2‰Š
\ No newline at end of file
diff --git a/crypto/openssl/crypto/pkcs7/p7/cert.p7c b/crypto/openssl/crypto/pkcs7/p7/cert.p7c
deleted file mode 100644
index 2b75ec05f7d8..000000000000
--- a/crypto/openssl/crypto/pkcs7/p7/cert.p7c
+++ /dev/null
diff --git a/crypto/openssl/crypto/pkcs7/p7/smime.p7m b/crypto/openssl/crypto/pkcs7/p7/smime.p7m
deleted file mode 100644
index 2b6e6f82ba3f..000000000000
--- a/crypto/openssl/crypto/pkcs7/p7/smime.p7m
+++ /dev/null
diff --git a/crypto/openssl/crypto/pkcs7/p7/smime.p7s b/crypto/openssl/crypto/pkcs7/p7/smime.p7s
deleted file mode 100644
index 2b5d4fb0e3b6..000000000000
--- a/crypto/openssl/crypto/pkcs7/p7/smime.p7s
+++ /dev/null
diff --git a/crypto/openssl/crypto/pkcs7/pk7_asn1.c b/crypto/openssl/crypto/pkcs7/pk7_asn1.c
deleted file mode 100644
index 46f0fc9375ba..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_asn1.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* pk7_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-/* PKCS#7 ASN1 module */
-
-/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
-
-ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS7) = {
-	ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)),
-	ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)),
-	ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)),
-	ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)),
-	ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)),
-	ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
-} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
-
-ASN1_SEQUENCE(PKCS7) = {
-	ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
-	ASN1_ADB_OBJECT(PKCS7)
-}ASN1_SEQUENCE_END(PKCS7)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
-IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7)
-
-ASN1_SEQUENCE(PKCS7_SIGNED) = {
-	ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
-	ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
-	ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
-	ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
-	ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
-	ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
-} ASN1_SEQUENCE_END(PKCS7_SIGNED)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_FREE_POST) {
-		PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
-		EVP_PKEY_free(si->pkey);
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = {
-	ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
-	ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR),
-	/* NB this should be a SET OF but we use a SEQUENCE OF so the
-	 * original order * is retained when the structure is reencoded.
-	 * Since the attributes are implicitly tagged this will not affect
-	 * the encoding.
-	 */
-	ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0),
-	ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR),
-	ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING),
-	ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1)
-} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-
-ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = {
-	ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME),
-	ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-ASN1_SEQUENCE(PKCS7_ENVELOPE) = {
-	ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER),
-	ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
-	ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT)
-} ASN1_SEQUENCE_END(PKCS7_ENVELOPE)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-
-/* Minor tweak to operation: free up X509 */
-static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_FREE_POST) {
-		PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
-		X509_free(ri->cert);
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = {
-	ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
-	ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR),
-	ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END_cb(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-
-ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = {
-	ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
-	ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
-	ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
-} ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-
-ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = {
-	ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER),
-	ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
-	ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR),
-	ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT),
-	ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
-	ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1),
-	ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO)
-} ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-
-ASN1_SEQUENCE(PKCS7_ENCRYPT) = {
-	ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT)
-} ASN1_SEQUENCE_END(PKCS7_ENCRYPT)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-
-ASN1_SEQUENCE(PKCS7_DIGEST) = {
-	ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER),
-	ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR),
-	ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7),
-	ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(PKCS7_DIGEST)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST)
-
-/* Specials for authenticated attributes */
-
-/* When signing attributes we want to reorder them to match the sorted
- * encoding.
- */
-
-ASN1_ITEM_TEMPLATE(PKCS7_ATTR_SIGN) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_SIGN)
-
-/* When verifying attributes we need to use the received order. So 
- * we use SEQUENCE OF and tag it to SET OF
- */
-
-ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-				V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY)
diff --git a/crypto/openssl/crypto/pkcs7/pk7_attr.c b/crypto/openssl/crypto/pkcs7/pk7_attr.c
deleted file mode 100644
index 5ff5a88b5cfc..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_attr.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* pk7_attr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
-{
-	ASN1_STRING *seq;
-	unsigned char *p, *pp;
-	int len;
-	len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR,
-				       V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL,
-				       IS_SEQUENCE);
-	if(!(pp=(unsigned char *)OPENSSL_malloc(len))) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p=pp;
-	i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE,
-				   V_ASN1_UNIVERSAL, IS_SEQUENCE);
-	if(!(seq = ASN1_STRING_new())) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if(!ASN1_STRING_set (seq, pp, len)) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	OPENSSL_free (pp);
-        return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
-							V_ASN1_SEQUENCE, seq);
-}
-
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
-{
-	ASN1_TYPE *cap;
-	unsigned char *p;
-	cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
-	if (!cap) return NULL;
-	p = cap->value.sequence->data;
-	return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
-					  cap->value.sequence->length,
-					  d2i_X509_ALGOR, X509_ALGOR_free,
-					  V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-/* Basic smime-capabilities OID and optional integer arg */
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-	X509_ALGOR *alg;
-
-	if(!(alg = X509_ALGOR_new())) {
-		PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_OBJECT_free(alg->algorithm);
-	alg->algorithm = OBJ_nid2obj (nid);
-	if (arg > 0) {
-		ASN1_INTEGER *nbit;
-		if(!(alg->parameter = ASN1_TYPE_new())) {
-			PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if(!(nbit = ASN1_INTEGER_new())) {
-			PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if(!ASN1_INTEGER_set (nbit, arg)) {
-			PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		alg->parameter->value.integer = nbit;
-		alg->parameter->type = V_ASN1_INTEGER;
-	}
-	sk_X509_ALGOR_push (sk, alg);
-	return 1;
-}
diff --git a/crypto/openssl/crypto/pkcs7/pk7_dgst.c b/crypto/openssl/crypto/pkcs7/pk7_dgst.c
deleted file mode 100644
index 90edfa5001fd..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_dgst.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* crypto/pkcs7/pk7_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-
diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c
deleted file mode 100644
index 0060a2ea3df2..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_doit.c
+++ /dev/null
@@ -1,979 +0,0 @@
-/* crypto/pkcs7/pk7_doit.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
-			 void *value);
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
-
-static int PKCS7_type_is_other(PKCS7* p7)
-	{
-	int isOther=1;
-	
-	int nid=OBJ_obj2nid(p7->type);
-
-	switch( nid )
-		{
-	case NID_pkcs7_data:
-	case NID_pkcs7_signed:
-	case NID_pkcs7_enveloped:
-	case NID_pkcs7_signedAndEnveloped:
-	case NID_pkcs7_digest:
-	case NID_pkcs7_encrypted:
-		isOther=0;
-		break;
-	default:
-		isOther=1;
-		}
-
-	return isOther;
-
-	}
-
-static int PKCS7_type_is_octet_string(PKCS7* p7)
-	{
-	if ( 0==PKCS7_type_is_other(p7) )
-		return 0;
-
-	return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
-	}
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
-	{
-	int i,j;
-	BIO *out=NULL,*btmp=NULL;
-	X509_ALGOR *xa;
-	const EVP_MD *evp_md;
-	const EVP_CIPHER *evp_cipher=NULL;
-	STACK_OF(X509_ALGOR) *md_sk=NULL;
-	STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
-	X509_ALGOR *xalg=NULL;
-	PKCS7_RECIP_INFO *ri=NULL;
-	EVP_PKEY *pkey;
-
-	i=OBJ_obj2nid(p7->type);
-	p7->state=PKCS7_S_HEADER;
-
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		md_sk=p7->d.sign->md_algs;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		rsk=p7->d.signed_and_enveloped->recipientinfo;
-		md_sk=p7->d.signed_and_enveloped->md_algs;
-		xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
-		evp_cipher=p7->d.signed_and_enveloped->enc_data->cipher;
-		if (evp_cipher == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-						PKCS7_R_CIPHER_NOT_INITIALIZED);
-			goto err;
-			}
-		break;
-	case NID_pkcs7_enveloped:
-		rsk=p7->d.enveloped->recipientinfo;
-		xalg=p7->d.enveloped->enc_data->algorithm;
-		evp_cipher=p7->d.enveloped->enc_data->cipher;
-		if (evp_cipher == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-						PKCS7_R_CIPHER_NOT_INITIALIZED);
-			goto err;
-			}
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-	        goto err;
-		}
-
-	if (md_sk != NULL)
-		{
-		for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
-			{
-			xa=sk_X509_ALGOR_value(md_sk,i);
-			if ((btmp=BIO_new(BIO_f_md())) == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
-				goto err;
-				}
-
-			j=OBJ_obj2nid(xa->algorithm);
-			evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
-			if (evp_md == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
-				goto err;
-				}
-
-			BIO_set_md(btmp,evp_md);
-			if (out == NULL)
-				out=btmp;
-			else
-				BIO_push(out,btmp);
-			btmp=NULL;
-			}
-		}
-
-	if (evp_cipher != NULL)
-		{
-		unsigned char key[EVP_MAX_KEY_LENGTH];
-		unsigned char iv[EVP_MAX_IV_LENGTH];
-		int keylen,ivlen;
-		int jj,max;
-		unsigned char *tmp;
-		EVP_CIPHER_CTX *ctx;
-
-		if ((btmp=BIO_new(BIO_f_cipher())) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
-			goto err;
-			}
-		BIO_get_cipher_ctx(btmp, &ctx);
-		keylen=EVP_CIPHER_key_length(evp_cipher);
-		ivlen=EVP_CIPHER_iv_length(evp_cipher);
-		if (RAND_bytes(key,keylen) <= 0)
-			goto err;
-		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
-		if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
-		EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, iv, 1);
-
-		if (ivlen > 0) {
-			if (xalg->parameter == NULL) 
-						xalg->parameter=ASN1_TYPE_new();
-			if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
-								       goto err;
-		}
-
-		/* Lets do the pub key stuff :-) */
-		max=0;
-		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
-			{
-			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			if (ri->cert == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
-				goto err;
-				}
-			pkey=X509_get_pubkey(ri->cert);
-			jj=EVP_PKEY_size(pkey);
-			EVP_PKEY_free(pkey);
-			if (max < jj) max=jj;
-			}
-		if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
-			{
-			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			pkey=X509_get_pubkey(ri->cert);
-			jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
-			EVP_PKEY_free(pkey);
-			if (jj <= 0)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB);
-				OPENSSL_free(tmp);
-				goto err;
-				}
-			M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
-			}
-		OPENSSL_free(tmp);
-		OPENSSL_cleanse(key, keylen);
-
-		if (out == NULL)
-			out=btmp;
-		else
-			BIO_push(out,btmp);
-		btmp=NULL;
-		}
-
-	if (bio == NULL) {
-		if (PKCS7_is_detached(p7))
-			bio=BIO_new(BIO_s_null());
-		else {
-			if (PKCS7_type_is_signed(p7) ) { 
-				if ( PKCS7_type_is_data(p7->d.sign->contents)) {
-					ASN1_OCTET_STRING *os;
-					os=p7->d.sign->contents->d.data;
-					if (os->length > 0)
-						bio = BIO_new_mem_buf(os->data, os->length);
-				}
-				else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
-					ASN1_OCTET_STRING *os;
-					os=p7->d.sign->contents->d.other->value.octet_string;
-					if (os->length > 0)
-						bio = BIO_new_mem_buf(os->data, os->length);
-				}
-			}
-			if(bio == NULL) {
-				bio=BIO_new(BIO_s_mem());
-				BIO_set_mem_eof_return(bio,0);
-			}
-		}
-	}
-	BIO_push(out,bio);
-	bio=NULL;
-	if (0)
-		{
-err:
-		if (out != NULL)
-			BIO_free_all(out);
-		if (btmp != NULL)
-			BIO_free_all(btmp);
-		out=NULL;
-		}
-	return(out);
-	}
-
-/* int */
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
-	{
-	int i,j;
-	BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL;
-	unsigned char *tmp=NULL;
-	X509_ALGOR *xa;
-	ASN1_OCTET_STRING *data_body=NULL;
-	const EVP_MD *evp_md;
-	const EVP_CIPHER *evp_cipher=NULL;
-	EVP_CIPHER_CTX *evp_ctx=NULL;
-	X509_ALGOR *enc_alg=NULL;
-	STACK_OF(X509_ALGOR) *md_sk=NULL;
-	STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
-	X509_ALGOR *xalg=NULL;
-	PKCS7_RECIP_INFO *ri=NULL;
-
-	i=OBJ_obj2nid(p7->type);
-	p7->state=PKCS7_S_HEADER;
-
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		data_body=p7->d.sign->contents->d.data;
-		md_sk=p7->d.sign->md_algs;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		rsk=p7->d.signed_and_enveloped->recipientinfo;
-		md_sk=p7->d.signed_and_enveloped->md_algs;
-		data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
-		enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
-		evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
-		if (evp_cipher == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-			goto err;
-			}
-		xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
-		break;
-	case NID_pkcs7_enveloped:
-		rsk=p7->d.enveloped->recipientinfo;
-		enc_alg=p7->d.enveloped->enc_data->algorithm;
-		data_body=p7->d.enveloped->enc_data->enc_data;
-		evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
-		if (evp_cipher == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-			goto err;
-			}
-		xalg=p7->d.enveloped->enc_data->algorithm;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-	        goto err;
-		}
-
-	/* We will be checking the signature */
-	if (md_sk != NULL)
-		{
-		for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
-			{
-			xa=sk_X509_ALGOR_value(md_sk,i);
-			if ((btmp=BIO_new(BIO_f_md())) == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
-				goto err;
-				}
-
-			j=OBJ_obj2nid(xa->algorithm);
-			evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
-			if (evp_md == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
-				goto err;
-				}
-
-			BIO_set_md(btmp,evp_md);
-			if (out == NULL)
-				out=btmp;
-			else
-				BIO_push(out,btmp);
-			btmp=NULL;
-			}
-		}
-
-	if (evp_cipher != NULL)
-		{
-#if 0
-		unsigned char key[EVP_MAX_KEY_LENGTH];
-		unsigned char iv[EVP_MAX_IV_LENGTH];
-		unsigned char *p;
-		int keylen,ivlen;
-		int max;
-		X509_OBJECT ret;
-#endif
-		int jj;
-
-		if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
-			goto err;
-			}
-
-		/* It was encrypted, we need to decrypt the secret key
-		 * with the private key */
-
-		/* Find the recipientInfo which matches the passed certificate
-		 * (if any)
-		 */
-
-		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,
-					pcert->cert_info->issuer) &&
-			     !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
-					ri->issuer_and_serial->serial)) break;
-			ri=NULL;
-		}
-		if (ri == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-				 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
-			goto err;
-		}
-
-		jj=EVP_PKEY_size(pkey);
-		tmp=(unsigned char *)OPENSSL_malloc(jj+10);
-		if (tmp == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-
-		jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key),
-			M_ASN1_STRING_length(ri->enc_key), pkey);
-		if (jj <= 0)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB);
-			goto err;
-			}
-
-		evp_ctx=NULL;
-		BIO_get_cipher_ctx(etmp,&evp_ctx);
-		EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0);
-		if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
-			goto err;
-
-		if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
-			/* Some S/MIME clients don't use the same key
-			 * and effective key length. The key length is
-			 * determined by the size of the decrypted RSA key.
-			 */
-			if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-					PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
-				goto err;
-				}
-		} 
-		EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0);
-
-		OPENSSL_cleanse(tmp,jj);
-
-		if (out == NULL)
-			out=etmp;
-		else
-			BIO_push(out,etmp);
-		etmp=NULL;
-		}
-
-#if 1
-	if (PKCS7_is_detached(p7) || (in_bio != NULL))
-		{
-		bio=in_bio;
-		}
-	else 
-		{
-#if 0
-		bio=BIO_new(BIO_s_mem());
-		/* We need to set this so that when we have read all
-		 * the data, the encrypt BIO, if present, will read
-		 * EOF and encode the last few bytes */
-		BIO_set_mem_eof_return(bio,0);
-
-		if (data_body->length > 0)
-			BIO_write(bio,(char *)data_body->data,data_body->length);
-#else
-		if (data_body->length > 0)
-		      bio = BIO_new_mem_buf(data_body->data,data_body->length);
-		else {
-			bio=BIO_new(BIO_s_mem());
-			BIO_set_mem_eof_return(bio,0);
-		}
-#endif
-		}
-	BIO_push(out,bio);
-	bio=NULL;
-#endif
-	if (0)
-		{
-err:
-		if (out != NULL) BIO_free_all(out);
-		if (btmp != NULL) BIO_free_all(btmp);
-		if (etmp != NULL) BIO_free_all(etmp);
-		if (bio != NULL) BIO_free_all(bio);
-		out=NULL;
-		}
-	if (tmp != NULL)
-		OPENSSL_free(tmp);
-	return(out);
-	}
-
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
-	{
-	int ret=0;
-	int i,j;
-	BIO *btmp;
-	BUF_MEM *buf_mem=NULL;
-	BUF_MEM *buf=NULL;
-	PKCS7_SIGNER_INFO *si;
-	EVP_MD_CTX *mdc,ctx_tmp;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL;
-	ASN1_OCTET_STRING *os=NULL;
-
-	EVP_MD_CTX_init(&ctx_tmp);
-	i=OBJ_obj2nid(p7->type);
-	p7->state=PKCS7_S_HEADER;
-
-	switch (i)
-		{
-	case NID_pkcs7_signedAndEnveloped:
-		/* XXXXXXXXXXXXXXXX */
-		si_sk=p7->d.signed_and_enveloped->signer_info;
-		os=M_ASN1_OCTET_STRING_new();
-		p7->d.signed_and_enveloped->enc_data->enc_data=os;
-		break;
-	case NID_pkcs7_enveloped:
-		/* XXXXXXXXXXXXXXXX */
-		os=M_ASN1_OCTET_STRING_new();
-		p7->d.enveloped->enc_data->enc_data=os;
-		break;
-	case NID_pkcs7_signed:
-		si_sk=p7->d.sign->signer_info;
-		os=p7->d.sign->contents->d.data;
-		/* If detached data then the content is excluded */
-		if(p7->detached) {
-			M_ASN1_OCTET_STRING_free(os);
-			p7->d.sign->contents->d.data = NULL;
-		}
-		break;
-		}
-
-	if (si_sk != NULL)
-		{
-		if ((buf=BUF_MEM_new()) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
-			goto err;
-			}
-		for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++)
-			{
-			si=sk_PKCS7_SIGNER_INFO_value(si_sk,i);
-			if (si->pkey == NULL) continue;
-
-			j=OBJ_obj2nid(si->digest_alg->algorithm);
-
-			btmp=bio;
-			for (;;)
-				{
-				if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) 
-					== NULL)
-					{
-					PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-					goto err;
-					}
-				BIO_get_md_ctx(btmp,&mdc);
-				if (mdc == NULL)
-					{
-					PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR);
-					goto err;
-					}
-				if (EVP_MD_CTX_type(mdc) == j)
-					break;
-				else
-					btmp=BIO_next(btmp);
-				}
-			
-			/* We now have the EVP_MD_CTX, lets do the
-			 * signing. */
-			EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
-			if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey)))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
-				goto err;
-				}
-
-			sk=si->auth_attr;
-
-			/* If there are attributes, we add the digest
-			 * attribute and only sign the attributes */
-			if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
-				{
-				unsigned char md_data[EVP_MAX_MD_SIZE], *abuf=NULL;
-				unsigned int md_len, alen;
-				ASN1_OCTET_STRING *digest;
-				ASN1_UTCTIME *sign_time;
-				const EVP_MD *md_tmp;
-
-				/* Add signing time if not already present */
-				if (!PKCS7_get_signed_attribute(si,
-							NID_pkcs9_signingTime))
-					{
-					sign_time=X509_gmtime_adj(NULL,0);
-					PKCS7_add_signed_attribute(si,
-						NID_pkcs9_signingTime,
-						V_ASN1_UTCTIME,sign_time);
-					}
-
-				/* Add digest */
-				md_tmp=EVP_MD_CTX_md(&ctx_tmp);
-				EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len);
-				digest=M_ASN1_OCTET_STRING_new();
-				M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
-				PKCS7_add_signed_attribute(si,
-					NID_pkcs9_messageDigest,
-					V_ASN1_OCTET_STRING,digest);
-
-				/* Now sign the attributes */
-				EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL);
-				alen = ASN1_item_i2d((ASN1_VALUE *)sk,&abuf,
-							ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
-				if(!abuf) goto err;
-				EVP_SignUpdate(&ctx_tmp,abuf,alen);
-				OPENSSL_free(abuf);
-				}
-
-#ifndef OPENSSL_NO_DSA
-			if (si->pkey->type == EVP_PKEY_DSA)
-				ctx_tmp.digest=EVP_dss1();
-#endif
-
-			if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
-				(unsigned int *)&buf->length,si->pkey))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB);
-				goto err;
-				}
-			if (!ASN1_STRING_set(si->enc_digest,
-				(unsigned char *)buf->data,buf->length))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB);
-				goto err;
-				}
-			}
-		}
-
-	if (!PKCS7_is_detached(p7))
-		{
-		btmp=BIO_find_type(bio,BIO_TYPE_MEM);
-		if (btmp == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
-			goto err;
-			}
-		BIO_get_mem_ptr(btmp,&buf_mem);
-		/* Mark the BIO read only then we can use its copy of the data
-		 * instead of making an extra copy.
-		 */
-		BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
-		BIO_set_mem_eof_return(btmp, 0);
-		os->data = (unsigned char *)buf_mem->data;
-		os->length = buf_mem->length;
-#if 0
-		M_ASN1_OCTET_STRING_set(os,
-			(unsigned char *)buf_mem->data,buf_mem->length);
-#endif
-		}
-	ret=1;
-err:
-	EVP_MD_CTX_cleanup(&ctx_tmp);
-	if (buf != NULL) BUF_MEM_free(buf);
-	return(ret);
-	}
-
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
-	     PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-	{
-	PKCS7_ISSUER_AND_SERIAL *ias;
-	int ret=0,i;
-	STACK_OF(X509) *cert;
-	X509 *x509;
-
-	if (PKCS7_type_is_signed(p7))
-		{
-		cert=p7->d.sign->cert;
-		}
-	else if (PKCS7_type_is_signedAndEnveloped(p7))
-		{
-		cert=p7->d.signed_and_enveloped->cert;
-		}
-	else
-		{
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE);
-		goto err;
-		}
-	/* XXXXXXXXXXXXXXXXXXXXXXX */
-	ias=si->issuer_and_serial;
-
-	x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial);
-
-	/* were we able to find the cert in passed to us */
-	if (x509 == NULL)
-		{
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
-		goto err;
-		}
-
-	/* Lets verify */
-	if(!X509_STORE_CTX_init(ctx,cert_store,x509,cert))
-		{
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
-		goto err;
-		}
-	X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
-	i=X509_verify_cert(ctx);
-	if (i <= 0) 
-		{
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
-		X509_STORE_CTX_cleanup(ctx);
-		goto err;
-		}
-	X509_STORE_CTX_cleanup(ctx);
-
-	return PKCS7_signatureVerify(bio, p7, si, x509);
-	err:
-	return ret;
-	}
-
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
-								X509 *x509)
-	{
-	ASN1_OCTET_STRING *os;
-	EVP_MD_CTX mdc_tmp,*mdc;
-	int ret=0,i;
-	int md_type;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	BIO *btmp;
-	EVP_PKEY *pkey;
-
-	EVP_MD_CTX_init(&mdc_tmp);
-
-	if (!PKCS7_type_is_signed(p7) && 
-				!PKCS7_type_is_signedAndEnveloped(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-						PKCS7_R_WRONG_PKCS7_TYPE);
-		goto err;
-	}
-
-	md_type=OBJ_obj2nid(si->digest_alg->algorithm);
-
-	btmp=bio;
-	for (;;)
-		{
-		if ((btmp == NULL) ||
-			((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
-			{
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-					PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-			goto err;
-			}
-		BIO_get_md_ctx(btmp,&mdc);
-		if (mdc == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-							ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		if (EVP_MD_CTX_type(mdc) == md_type)
-			break;
-		btmp=BIO_next(btmp);
-		}
-
-	/* mdc is the digest ctx that we want, unless there are attributes,
-	 * in which case the digest is the signed attributes */
-	EVP_MD_CTX_copy_ex(&mdc_tmp,mdc);
-
-	sk=si->auth_attr;
-	if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
-		{
-		unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
-                unsigned int md_len, alen;
-		ASN1_OCTET_STRING *message_digest;
-
-		EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
-		message_digest=PKCS7_digest_from_attributes(sk);
-		if (!message_digest)
-			{
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-					PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-			goto err;
-			}
-		if ((message_digest->length != (int)md_len) ||
-			(memcmp(message_digest->data,md_dat,md_len)))
-			{
-#if 0
-{
-int ii;
-for (ii=0; ii<message_digest->length; ii++)
-	printf("%02X",message_digest->data[ii]); printf(" sent\n");
-for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
-}
-#endif
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-							PKCS7_R_DIGEST_FAILURE);
-			ret= -1;
-			goto err;
-			}
-
-		EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL);
-
-		alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
-						ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
-		EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
-
-		OPENSSL_free(abuf);
-		}
-
-	os=si->enc_digest;
-	pkey = X509_get_pubkey(x509);
-	if (!pkey)
-		{
-		ret = -1;
-		goto err;
-		}
-#ifndef OPENSSL_NO_DSA
-	if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
-#endif
-
-	i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
-	EVP_PKEY_free(pkey);
-	if (i <= 0)
-		{
-		PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-						PKCS7_R_SIGNATURE_FAILURE);
-		ret= -1;
-		goto err;
-		}
-	else
-		ret=1;
-err:
-	EVP_MD_CTX_cleanup(&mdc_tmp);
-	return(ret);
-	}
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
-	{
-	STACK_OF(PKCS7_RECIP_INFO) *rsk;
-	PKCS7_RECIP_INFO *ri;
-	int i;
-
-	i=OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
-	rsk=p7->d.signed_and_enveloped->recipientinfo;
-	ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
-	if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
-	ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
-	return(ri->issuer_and_serial);
-	}
-
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
-	{
-	return(get_attribute(si->auth_attr,nid));
-	}
-
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
-	{
-	return(get_attribute(si->unauth_attr,nid));
-	}
-
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
-	{
-	int i;
-	X509_ATTRIBUTE *xa;
-	ASN1_OBJECT *o;
-
-	o=OBJ_nid2obj(nid);
-	if (!o || !sk) return(NULL);
-	for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
-		{
-		xa=sk_X509_ATTRIBUTE_value(sk,i);
-		if (OBJ_cmp(xa->object,o) == 0)
-			{
-			if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
-				return(sk_ASN1_TYPE_value(xa->value.set,0));
-			else
-				return(NULL);
-			}
-		}
-	return(NULL);
-	}
-
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
-{
-	ASN1_TYPE *astype;
-	if(!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL;
-	return astype->value.octet_string;
-}
-
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-				STACK_OF(X509_ATTRIBUTE) *sk)
-	{
-	int i;
-
-	if (p7si->auth_attr != NULL)
-		sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
-	p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
-	for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
-		{
-		if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
-			X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
-		    == NULL)
-			return(0);
-		}
-	return(1);
-	}
-
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
-	{
-	int i;
-
-	if (p7si->unauth_attr != NULL)
-		sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
-					   X509_ATTRIBUTE_free);
-	p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
-	for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
-		{
-		if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
-                        X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
-		    == NULL)
-			return(0);
-		}
-	return(1);
-	}
-
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-	     void *value)
-	{
-	return(add_attribute(&(p7si->auth_attr),nid,atrtype,value));
-	}
-
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-	     void *value)
-	{
-	return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value));
-	}
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
-			 void *value)
-	{
-	X509_ATTRIBUTE *attr=NULL;
-
-	if (*sk == NULL)
-		{
-		*sk = sk_X509_ATTRIBUTE_new_null();
-new_attrib:
-		attr=X509_ATTRIBUTE_create(nid,atrtype,value);
-		sk_X509_ATTRIBUTE_push(*sk,attr);
-		}
-	else
-		{
-		int i;
-
-		for (i=0; i<sk_X509_ATTRIBUTE_num(*sk); i++)
-			{
-			attr=sk_X509_ATTRIBUTE_value(*sk,i);
-			if (OBJ_obj2nid(attr->object) == nid)
-				{
-				X509_ATTRIBUTE_free(attr);
-				attr=X509_ATTRIBUTE_create(nid,atrtype,value);
-				sk_X509_ATTRIBUTE_set(*sk,i,attr);
-				goto end;
-				}
-			}
-		goto new_attrib;
-		}
-end:
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/pkcs7/pk7_enc.c b/crypto/openssl/crypto/pkcs7/pk7_enc.c
deleted file mode 100644
index acbb189c59af..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_enc.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* crypto/pkcs7/pk7_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-
-PKCS7_in_bio(PKCS7 *p7,BIO *in);
-PKCS7_out_bio(PKCS7 *p7,BIO *out);
-
-PKCS7_add_signer(PKCS7 *p7,X509 *cert,EVP_PKEY *key);
-PKCS7_cipher(PKCS7 *p7,EVP_CIPHER *cipher);
-
-PKCS7_Init(PKCS7 *p7);
-PKCS7_Update(PKCS7 *p7);
-PKCS7_Finish(PKCS7 *p7);
-
diff --git a/crypto/openssl/crypto/pkcs7/pk7_lib.c b/crypto/openssl/crypto/pkcs7/pk7_lib.c
deleted file mode 100644
index 985b07245cc7..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_lib.c
+++ /dev/null
@@ -1,484 +0,0 @@
-/* crypto/pkcs7/pk7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
-	{
-	int nid;
-	long ret;
-
-	nid=OBJ_obj2nid(p7->type);
-
-	switch (cmd)
-		{
-	case PKCS7_OP_SET_DETACHED_SIGNATURE:
-		if (nid == NID_pkcs7_signed)
-			{
-			ret=p7->detached=(int)larg;
-			if (ret && PKCS7_type_is_data(p7->d.sign->contents))
-					{
-					ASN1_OCTET_STRING *os;
-					os=p7->d.sign->contents->d.data;
-					ASN1_OCTET_STRING_free(os);
-					p7->d.sign->contents->d.data = NULL;
-					}
-			}
-		else
-			{
-			PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-			ret=0;
-			}
-		break;
-	case PKCS7_OP_GET_DETACHED_SIGNATURE:
-		if (nid == NID_pkcs7_signed)
-			{
-			if(!p7->d.sign  || !p7->d.sign->contents->d.ptr)
-				ret = 1;
-			else ret = 0;
-				
-			p7->detached = ret;
-			}
-		else
-			{
-			PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-			ret=0;
-			}
-			
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION);
-		ret=0;
-		}
-	return(ret);
-	}
-
-int PKCS7_content_new(PKCS7 *p7, int type)
-	{
-	PKCS7 *ret=NULL;
-
-	if ((ret=PKCS7_new()) == NULL) goto err;
-	if (!PKCS7_set_type(ret,type)) goto err;
-	if (!PKCS7_set_content(p7,ret)) goto err;
-
-	return(1);
-err:
-	if (ret != NULL) PKCS7_free(ret);
-	return(0);
-	}
-
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
-	{
-	int i;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		if (p7->d.sign->contents != NULL)
-			PKCS7_free(p7->d.sign->contents);
-		p7->d.sign->contents=p7_data;
-		break;
-	case NID_pkcs7_digest:
-	case NID_pkcs7_data:
-	case NID_pkcs7_enveloped:
-	case NID_pkcs7_signedAndEnveloped:
-	case NID_pkcs7_encrypted:
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int PKCS7_set_type(PKCS7 *p7, int type)
-	{
-	ASN1_OBJECT *obj;
-
-	/*PKCS7_content_free(p7);*/
-	obj=OBJ_nid2obj(type); /* will not fail */
-
-	switch (type)
-		{
-	case NID_pkcs7_signed:
-		p7->type=obj;
-		if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
-			goto err;
-		ASN1_INTEGER_set(p7->d.sign->version,1);
-		break;
-	case NID_pkcs7_data:
-		p7->type=obj;
-		if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL)
-			goto err;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		p7->type=obj;
-		if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
-			== NULL) goto err;
-		ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
-		p7->d.signed_and_enveloped->enc_data->content_type
-						= OBJ_nid2obj(NID_pkcs7_data);
-		break;
-	case NID_pkcs7_enveloped:
-		p7->type=obj;
-		if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
-			== NULL) goto err;
-		ASN1_INTEGER_set(p7->d.enveloped->version,0);
-		p7->d.enveloped->enc_data->content_type
-						= OBJ_nid2obj(NID_pkcs7_data);
-		break;
-	case NID_pkcs7_encrypted:
-		p7->type=obj;
-		if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
-			== NULL) goto err;
-		ASN1_INTEGER_set(p7->d.encrypted->version,0);
-		p7->d.encrypted->enc_data->content_type
-						= OBJ_nid2obj(NID_pkcs7_data);
-		break;
-
-	case NID_pkcs7_digest:
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
-	{
-	int i,j,nid;
-	X509_ALGOR *alg;
-	STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
-	STACK_OF(X509_ALGOR) *md_sk;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		signer_sk=	p7->d.sign->signer_info;
-		md_sk=		p7->d.sign->md_algs;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		signer_sk=	p7->d.signed_and_enveloped->signer_info;
-		md_sk=		p7->d.signed_and_enveloped->md_algs;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
-		return(0);
-		}
-
-	nid=OBJ_obj2nid(psi->digest_alg->algorithm);
-
-	/* If the digest is not currently listed, add it */
-	j=0;
-	for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
-		{
-		alg=sk_X509_ALGOR_value(md_sk,i);
-		if (OBJ_obj2nid(alg->algorithm) == nid)
-			{
-			j=1;
-			break;
-			}
-		}
-	if (!j) /* we need to add another algorithm */
-		{
-		if(!(alg=X509_ALGOR_new())
-			|| !(alg->parameter = ASN1_TYPE_new())) {
-			PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
-			return(0);
-		}
-		alg->algorithm=OBJ_nid2obj(nid);
-		alg->parameter->type = V_ASN1_NULL;
-		sk_X509_ALGOR_push(md_sk,alg);
-		}
-
-	sk_PKCS7_SIGNER_INFO_push(signer_sk,psi);
-	return(1);
-	}
-
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
-	{
-	int i;
-	STACK_OF(X509) **sk;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		sk= &(p7->d.sign->cert);
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		sk= &(p7->d.signed_and_enveloped->cert);
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
-		return(0);
-		}
-
-	if (*sk == NULL)
-		*sk=sk_X509_new_null();
-	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-	sk_X509_push(*sk,x509);
-	return(1);
-	}
-
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
-	{
-	int i;
-	STACK_OF(X509_CRL) **sk;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signed:
-		sk= &(p7->d.sign->crl);
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		sk= &(p7->d.signed_and_enveloped->crl);
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
-		return(0);
-		}
-
-	if (*sk == NULL)
-		*sk=sk_X509_CRL_new_null();
-
-	CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
-	sk_X509_CRL_push(*sk,crl);
-	return(1);
-	}
-
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-	     const EVP_MD *dgst)
-	{
-	char is_dsa;
-	if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
-	else is_dsa = 0;
-	/* We now need to add another PKCS7_SIGNER_INFO entry */
-	ASN1_INTEGER_set(p7i->version,1);
-	X509_NAME_set(&p7i->issuer_and_serial->issuer,
-		X509_get_issuer_name(x509));
-
-	/* because ASN1_INTEGER_set is used to set a 'long' we will do
-	 * things the ugly way. */
-	M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	p7i->issuer_and_serial->serial=
-		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
-
-	/* lets keep the pkey around for a while */
-	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	p7i->pkey=pkey;
-
-	/* Set the algorithms */
-	if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
-	else	
-		p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
-
-	if (p7i->digest_alg->parameter != NULL)
-		ASN1_TYPE_free(p7i->digest_alg->parameter);
-	if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL)
-		goto err;
-	p7i->digest_alg->parameter->type=V_ASN1_NULL;
-
-	p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type));
-
-	if (p7i->digest_enc_alg->parameter != NULL)
-		ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
-	if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
-	else {
-		if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
-			goto err;
-		p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
-	}
-
-	return(1);
-err:
-	return(0);
-	}
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
-	     const EVP_MD *dgst)
-	{
-	PKCS7_SIGNER_INFO *si;
-
-	if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
-	if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
-	if (!PKCS7_add_signer(p7,si)) goto err;
-	return(si);
-err:
-	return(NULL);
-	}
-
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
-	{
-	if (PKCS7_type_is_signed(p7))
-		{
-		return(p7->d.sign->signer_info);
-		}
-	else if (PKCS7_type_is_signedAndEnveloped(p7))
-		{
-		return(p7->d.signed_and_enveloped->signer_info);
-		}
-	else
-		return(NULL);
-	}
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
-	{
-	PKCS7_RECIP_INFO *ri;
-
-	if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
-	if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
-	if (!PKCS7_add_recipient_info(p7,ri)) goto err;
-	return(ri);
-err:
-	return(NULL);
-	}
-
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
-	{
-	int i;
-	STACK_OF(PKCS7_RECIP_INFO) *sk;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signedAndEnveloped:
-		sk=	p7->d.signed_and_enveloped->recipientinfo;
-		break;
-	case NID_pkcs7_enveloped:
-		sk=	p7->d.enveloped->recipientinfo;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
-		return(0);
-		}
-
-	sk_PKCS7_RECIP_INFO_push(sk,ri);
-	return(1);
-	}
-
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
-	{
-	ASN1_INTEGER_set(p7i->version,0);
-	X509_NAME_set(&p7i->issuer_and_serial->issuer,
-		X509_get_issuer_name(x509));
-
-	M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	p7i->issuer_and_serial->serial=
-		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
-
-	X509_ALGOR_free(p7i->key_enc_algor);
-	p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor);
-
-	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-	p7i->cert=x509;
-
-	return(1);
-	}
-
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-	{
-	if (PKCS7_type_is_signed(p7))
-		return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
-			si->issuer_and_serial->issuer,
-			si->issuer_and_serial->serial));
-	else
-		return(NULL);
-	}
-
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
-	{
-	int i;
-	ASN1_OBJECT *objtmp;
-	PKCS7_ENC_CONTENT *ec;
-
-	i=OBJ_obj2nid(p7->type);
-	switch (i)
-		{
-	case NID_pkcs7_signedAndEnveloped:
-		ec=p7->d.signed_and_enveloped->enc_data;
-		break;
-	case NID_pkcs7_enveloped:
-		ec=p7->d.enveloped->enc_data;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
-		return(0);
-		}
-
-	/* Check cipher OID exists and has data in it*/
-	i = EVP_CIPHER_type(cipher);
-	if(i == NID_undef) {
-		PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-		return(0);
-	}
-	objtmp = OBJ_nid2obj(i);
-
-	ec->cipher = cipher;
-	return 1;
-	}
-
diff --git a/crypto/openssl/crypto/pkcs7/pk7_mime.c b/crypto/openssl/crypto/pkcs7/pk7_mime.c
deleted file mode 100644
index 086d39427012..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_mime.c
+++ /dev/null
@@ -1,685 +0,0 @@
-/* pk7_mime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-
-/* MIME and related routines */
-
-/* MIME format structures
- * Note that all are translated to lower case apart from
- * parameter values. Quotes are stripped off
- */
-
-typedef struct {
-char *param_name;			/* Param name e.g. "micalg" */
-char *param_value;			/* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-IMPLEMENT_STACK_OF(MIME_PARAM)
-
-typedef struct {
-char *name;				/* Name of line e.g. "content-type" */
-char *value;				/* Value of line e.g. "text/plain" */
-STACK_OF(MIME_PARAM) *params;		/* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-IMPLEMENT_STACK_OF(MIME_HEADER)
-
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7);
-static PKCS7 *B64_read_PKCS7(BIO *bio);
-static char * strip_ends(char *name);
-static char * strip_start(char *name);
-static char * strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
-			const MIME_HEADER * const *b);
-static int mime_param_cmp(const MIME_PARAM * const *a,
-			const MIME_PARAM * const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int iscrlf(char c);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x) /* x */
-
-
-typedef void (*stkfree)();
-
-/* Base 64 read and write of PKCS#7 structure */
-
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7)
-{
-	BIO *b64;
-	if(!(b64 = BIO_new(BIO_f_base64()))) {
-		PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	bio = BIO_push(b64, bio);
-	i2d_PKCS7_bio(bio, p7);
-	BIO_flush(bio);
-	bio = BIO_pop(bio);
-	BIO_free(b64);
-	return 1;
-}
-
-static PKCS7 *B64_read_PKCS7(BIO *bio)
-{
-	BIO *b64;
-	PKCS7 *p7;
-	if(!(b64 = BIO_new(BIO_f_base64()))) {
-		PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	bio = BIO_push(b64, bio);
-	if(!(p7 = d2i_PKCS7_bio(bio, NULL))) 
-		PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR);
-	BIO_flush(bio);
-	bio = BIO_pop(bio);
-	BIO_free(b64);
-	return p7;
-}
-
-/* SMIME sender */
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
-{
-	char linebuf[MAX_SMLEN];
-	char bound[33], c;
-	int i;
-	if((flags & PKCS7_DETACHED) && data) {
-	/* We want multipart/signed */
-		/* Generate a random boundary */
-		RAND_pseudo_bytes((unsigned char *)bound, 32);
-		for(i = 0; i < 32; i++) {
-			c = bound[i] & 0xf;
-			if(c < 10) c += '0';
-			else c += 'A' - 10;
-			bound[i] = c;
-		}
-		bound[32] = 0;
-		BIO_printf(bio, "MIME-Version: 1.0\n");
-		BIO_printf(bio, "Content-Type: multipart/signed;");
-		BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";");
-		BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound);
-		BIO_printf(bio, "This is an S/MIME signed message\n\n");
-		/* Now write out the first part */
-		BIO_printf(bio, "------%s\n", bound);
-		if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");
-		while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) 
-						BIO_write(bio, linebuf, i);
-		BIO_printf(bio, "\n------%s\n", bound);
-
-		/* Headers for signature */
-
-		BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n");
-		BIO_printf(bio, "Content-Transfer-Encoding: base64\n");
-		BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n");
-		B64_write_PKCS7(bio, p7);
-		BIO_printf(bio,"\n------%s--\n\n", bound);
-		return 1;
-	}
-	/* MIME headers */
-	BIO_printf(bio, "MIME-Version: 1.0\n");
-	BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n");
-	BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n");
-	BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n");
-	B64_write_PKCS7(bio, p7);
-	BIO_printf(bio, "\n");
-	return 1;
-}
-
-/* SMIME reader: handle multipart/signed and opaque signing.
- * in multipart case the content is placed in a memory BIO
- * pointed to by "bcont". In opaque this is set to NULL
- */
-
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
-{
-	BIO *p7in;
-	STACK_OF(MIME_HEADER) *headers = NULL;
-	STACK_OF(BIO) *parts = NULL;
-	MIME_HEADER *hdr;
-	MIME_PARAM *prm;
-	PKCS7 *p7;
-	int ret;
-
-	if(bcont) *bcont = NULL;
-
-	if (!(headers = mime_parse_hdr(bio))) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR);
-		return NULL;
-	}
-
-	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE);
-		return NULL;
-	}
-
-	/* Handle multipart/signed */
-
-	if(!strcmp(hdr->value, "multipart/signed")) {
-		/* Split into two parts */
-		prm = mime_param_find(hdr, "boundary");
-		if(!prm || !prm->param_value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY);
-			return NULL;
-		}
-		ret = multi_split(bio, prm->param_value, &parts);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		if(!ret || (sk_BIO_num(parts) != 2) ) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Parse the signature piece */
-		p7in = sk_BIO_value(parts, 1);
-
-		if (!(headers = mime_parse_hdr(p7in))) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Get content type */
-
-		if(!(hdr = mime_hdr_find(headers, "content-type")) ||
-								 !hdr->value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE);
-			return NULL;
-		}
-
-		if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
-			strcmp(hdr->value, "application/pkcs7-signature")) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
-			ERR_add_error_data(2, "type: ", hdr->value);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		/* Read in PKCS#7 */
-		if(!(p7 = B64_read_PKCS7(p7in))) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		if(bcont) {
-			*bcont = sk_BIO_value(parts, 0);
-			BIO_free(p7in);
-			sk_BIO_free(parts);
-		} else sk_BIO_pop_free(parts, BIO_vfree);
-		return p7;
-	}
-		
-	/* OK, if not multipart/signed try opaque signature */
-
-	if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
-	    strcmp (hdr->value, "application/pkcs7-mime")) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE);
-		ERR_add_error_data(2, "type: ", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return NULL;
-	}
-
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	
-	if(!(p7 = B64_read_PKCS7(bio))) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR);
-		return NULL;
-	}
-	return p7;
-
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
-	char eol;
-	int len;
-	char linebuf[MAX_SMLEN];
-	if(flags & PKCS7_BINARY) {
-		while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
-						BIO_write(out, linebuf, len);
-		return 1;
-	}
-	if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
-	while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
-		eol = 0;
-		while(iscrlf(linebuf[len - 1])) {
-			len--;
-			eol = 1;
-		}	
-		BIO_write(out, linebuf, len);
-		if(eol) BIO_write(out, "\r\n", 2);
-	}
-	return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int SMIME_text(BIO *in, BIO *out)
-{
-	char iobuf[4096];
-	int len;
-	STACK_OF(MIME_HEADER) *headers;
-	MIME_HEADER *hdr;
-
-	if (!(headers = mime_parse_hdr(in))) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR);
-		return 0;
-	}
-	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	if (strcmp (hdr->value, "text/plain")) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE);
-		ERR_add_error_data(2, "type: ", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
-						BIO_write(out, iobuf, len);
-	return 1;
-}
-
-/* Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
-	char linebuf[MAX_SMLEN];
-	int len, blen;
-	BIO *bpart = NULL;
-	STACK_OF(BIO) *parts;
-	char state, part, first;
-
-	blen = strlen(bound);
-	part = 0;
-	state = 0;
-	first = 1;
-	parts = sk_BIO_new_null();
-	*ret = parts;
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-		state = mime_bound_check(linebuf, len, bound, blen);
-		if(state == 1) {
-			first = 1;
-			part++;
-		} else if(state == 2) {
-			sk_BIO_push(parts, bpart);
-			return 1;
-		} else if(part) {
-			if(first) {
-				first = 0;
-				if(bpart) sk_BIO_push(parts, bpart);
-				bpart = BIO_new(BIO_s_mem());
-				
-			} else BIO_write(bpart, "\r\n", 2);
-			/* Strip CR+LF from linebuf */
-			while(iscrlf(linebuf[len - 1])) len--;
-			BIO_write(bpart, linebuf, len);
-		}
-	}
-	return 0;
-}
-
-static int iscrlf(char c)
-{
-	if(c == '\r' || c == '\n') return 1;
-	return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID	0
-#define MIME_START	1
-#define MIME_TYPE	2
-#define MIME_NAME	3
-#define MIME_VALUE	4
-#define MIME_QUOTE	5
-#define MIME_COMMENT	6
-
-
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
-	char *p, *q, c;
-	char *ntmp;
-	char linebuf[MAX_SMLEN];
-	MIME_HEADER *mhdr = NULL;
-	STACK_OF(MIME_HEADER) *headers;
-	int len, state, save_state = 0;
-
-	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-	/* If whitespace at line start then continuation line */
-	if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
-	else state = MIME_START;
-	ntmp = NULL;
-	/* Go through all characters */
-	for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-
-	/* State machine to handle MIME headers
-	 * if this looks horrible that's because it *is*
-         */
-
-		switch(state) {
-			case MIME_START:
-			if(c == ':') {
-				state = MIME_TYPE;
-				*p = 0;
-				ntmp = strip_ends(q);
-				q = p + 1;
-			}
-			break;
-
-			case MIME_TYPE:
-			if(c == ';') {
-				mime_debug("Found End Value\n");
-				*p = 0;
-				mhdr = mime_hdr_new(ntmp, strip_ends(q));
-				sk_MIME_HEADER_push(headers, mhdr);
-				ntmp = NULL;
-				q = p + 1;
-				state = MIME_NAME;
-			} else if(c == '(') {
-				save_state = state;
-				state = MIME_COMMENT;
-			}
-			break;
-
-			case MIME_COMMENT:
-			if(c == ')') {
-				state = save_state;
-			}
-			break;
-
-			case MIME_NAME:
-			if(c == '=') {
-				state = MIME_VALUE;
-				*p = 0;
-				ntmp = strip_ends(q);
-				q = p + 1;
-			}
-			break ;
-
-			case MIME_VALUE:
-			if(c == ';') {
-				state = MIME_NAME;
-				*p = 0;
-				mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-				ntmp = NULL;
-				q = p + 1;
-			} else if (c == '"') {
-				mime_debug("Found Quote\n");
-				state = MIME_QUOTE;
-			} else if(c == '(') {
-				save_state = state;
-				state = MIME_COMMENT;
-			}
-			break;
-
-			case MIME_QUOTE:
-			if(c == '"') {
-				mime_debug("Found Match Quote\n");
-				state = MIME_VALUE;
-			}
-			break;
-		}
-	}
-
-	if(state == MIME_TYPE) {
-		mhdr = mime_hdr_new(ntmp, strip_ends(q));
-		sk_MIME_HEADER_push(headers, mhdr);
-	} else if(state == MIME_VALUE)
-			 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-	if(p == linebuf) break;	/* Blank line means end of headers */
-}
-
-return headers;
-
-}
-
-static char *strip_ends(char *name)
-{
-	return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *strip_start(char *name)
-{
-	char *p, c;
-	/* Look for first non white space or quote */
-	for(p = name; (c = *p) ;p++) {
-		if(c == '"') {
-			/* Next char is start of string if non null */
-			if(p[1]) return p + 1;
-			/* Else null string */
-			return NULL;
-		}
-		if(!isspace((unsigned char)c)) return p;
-	}
-	return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *strip_end(char *name)
-{
-	char *p, c;
-	if(!name) return NULL;
-	/* Look for first non white space or quote */
-	for(p = name + strlen(name) - 1; p >= name ;p--) {
-		c = *p;
-		if(c == '"') {
-			if(p - 1 == name) return NULL;
-			*p = 0;
-			return name;
-		}
-		if(isspace((unsigned char)c)) *p = 0;	
-		else return name;
-	}
-	return NULL;
-}
-
-static MIME_HEADER *mime_hdr_new(char *name, char *value)
-{
-	MIME_HEADER *mhdr;
-	char *tmpname, *tmpval, *p;
-	int c;
-	if(name) {
-		if(!(tmpname = BUF_strdup(name))) return NULL;
-		for(p = tmpname ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpname = NULL;
-	if(value) {
-		if(!(tmpval = BUF_strdup(value))) return NULL;
-		for(p = tmpval ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpval = NULL;
-	mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER));
-	if(!mhdr) return NULL;
-	mhdr->name = tmpname;
-	mhdr->value = tmpval;
-	if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL;
-	return mhdr;
-}
-		
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
-	char *tmpname, *tmpval, *p;
-	int c;
-	MIME_PARAM *mparam;
-	if(name) {
-		tmpname = BUF_strdup(name);
-		if(!tmpname) return 0;
-		for(p = tmpname ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpname = NULL;
-	if(value) {
-		tmpval = BUF_strdup(value);
-		if(!tmpval) return 0;
-	} else tmpval = NULL;
-	/* Parameter values are case sensitive so leave as is */
-	mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM));
-	if(!mparam) return 0;
-	mparam->param_name = tmpname;
-	mparam->param_value = tmpval;
-	sk_MIME_PARAM_push(mhdr->params, mparam);
-	return 1;
-}
-
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
-			const MIME_HEADER * const *b)
-{
-	return(strcmp((*a)->name, (*b)->name));
-}
-
-static int mime_param_cmp(const MIME_PARAM * const *a,
-			const MIME_PARAM * const *b)
-{
-	return(strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
-	MIME_HEADER htmp;
-	int idx;
-	htmp.name = name;
-	idx = sk_MIME_HEADER_find(hdrs, &htmp);
-	if(idx < 0) return NULL;
-	return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
-{
-	MIME_PARAM param;
-	int idx;
-	param.param_name = name;
-	idx = sk_MIME_PARAM_find(hdr->params, &param);
-	if(idx < 0) return NULL;
-	return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void mime_hdr_free(MIME_HEADER *hdr)
-{
-	if(hdr->name) OPENSSL_free(hdr->name);
-	if(hdr->value) OPENSSL_free(hdr->value);
-	if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
-	OPENSSL_free(hdr);
-}
-
-static void mime_param_free(MIME_PARAM *param)
-{
-	if(param->param_name) OPENSSL_free(param->param_name);
-	if(param->param_value) OPENSSL_free(param->param_value);
-	OPENSSL_free(param);
-}
-
-/* Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
-	if(linelen == -1) linelen = strlen(line);
-	if(blen == -1) blen = strlen(bound);
-	/* Quickly eliminate if line length too short */
-	if(blen + 2 > linelen) return 0;
-	/* Check for part boundary */
-	if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
-		if(!strncmp(line + blen + 2, "--", 2)) return 2;
-		else return 1;
-	}
-	return 0;
-}
diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c
deleted file mode 100644
index f0d071e2824a..000000000000
--- a/crypto/openssl/crypto/pkcs7/pk7_smime.c
+++ /dev/null
@@ -1,441 +0,0 @@
-/* pk7_smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Simple PKCS#7 processing functions */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-		  BIO *data, int flags)
-{
-	PKCS7 *p7;
-	PKCS7_SIGNER_INFO *si;
-	BIO *p7bio;
-	STACK_OF(X509_ALGOR) *smcap;
-	int i;
-
-	if(!X509_check_private_key(signcert, pkey)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-                return NULL;
-	}
-
-	if(!(p7 = PKCS7_new())) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	PKCS7_set_type(p7, NID_pkcs7_signed);
-
-	PKCS7_content_new(p7, NID_pkcs7_data);
-
-    	if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
-		return NULL;
-	}
-
-	if(!(flags & PKCS7_NOCERTS)) {
-		PKCS7_add_certificate(p7, signcert);
-		if(certs) for(i = 0; i < sk_X509_num(certs); i++)
-			PKCS7_add_certificate(p7, sk_X509_value(certs, i));
-	}
-
-	if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-
-	SMIME_crlf_copy(data, p7bio, flags);
-
-	if(!(flags & PKCS7_NOATTR)) {
-		PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-				V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
-		/* Add SMIMECapabilities */
-		if(!(flags & PKCS7_NOSMIMECAP))
-		{
-		if(!(smcap = sk_X509_ALGOR_new_null())) {
-			PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-#ifndef OPENSSL_NO_DES
-		PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
-#endif
-#ifndef OPENSSL_NO_RC2
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
-#endif
-#ifndef OPENSSL_NO_DES
-		PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
-#endif
-#ifndef OPENSSL_NO_RC2
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
-#endif
-		PKCS7_add_attrib_smimecap (si, smcap);
-		sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-		}
-	}
-
-	if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
-
-        if (!PKCS7_dataFinal(p7,p7bio)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
-		return NULL;
-	}
-
-        BIO_free_all(p7bio);
-	return p7;
-}
-
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
-					BIO *indata, BIO *out, int flags)
-{
-	STACK_OF(X509) *signers;
-	X509 *signer;
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-	PKCS7_SIGNER_INFO *si;
-	X509_STORE_CTX cert_ctx;
-	char buf[4096];
-	int i, j=0, k, ret = 0;
-	BIO *p7bio;
-	BIO *tmpout;
-
-	if(!p7) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if(!PKCS7_type_is_signed(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_WRONG_CONTENT_TYPE);
-		return 0;
-	}
-
-	/* Check for no data and no content: no data to verify signature */
-	if(PKCS7_get_detached(p7) && !indata) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_CONTENT);
-		return 0;
-	}
-#if 0
-	/* NB: this test commented out because some versions of Netscape
-	 * illegally include zero length content when signing data.
-	 */
-
-	/* Check for data and content: two sets of data */
-	if(!PKCS7_get_detached(p7) && indata) {
-				PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CONTENT_AND_DATA_PRESENT);
-		return 0;
-	}
-#endif
-
-	sinfos = PKCS7_get_signer_info(p7);
-
-	if(!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_SIGNATURES_ON_DATA);
-		return 0;
-	}
-
-
-	signers = PKCS7_get0_signers(p7, certs, flags);
-
-	if(!signers) return 0;
-
-	/* Now verify the certificates */
-
-	if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
-		signer = sk_X509_value (signers, k);
-		if (!(flags & PKCS7_NOCHAIN)) {
-			if(!X509_STORE_CTX_init(&cert_ctx, store, signer,
-							p7->d.sign->cert))
-				{
-				PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
-				sk_X509_free(signers);
-				return 0;
-				}
-			X509_STORE_CTX_set_purpose(&cert_ctx,
-						X509_PURPOSE_SMIME_SIGN);
-		} else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
-			sk_X509_free(signers);
-			return 0;
-		}
-		i = X509_verify_cert(&cert_ctx);
-		if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
-		X509_STORE_CTX_cleanup(&cert_ctx);
-		if (i <= 0) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_add_error_data(2, "Verify error:",
-					 X509_verify_cert_error_string(j));
-			sk_X509_free(signers);
-			return 0;
-		}
-		/* Check for revocation status here */
-	}
-
-	p7bio=PKCS7_dataInit(p7,indata);
-
-	if(flags & PKCS7_TEXT) {
-		if(!(tmpout = BIO_new(BIO_s_mem()))) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	} else tmpout = out;
-
-	/* We now have to 'read' from p7bio to calculate digests etc. */
-	for (;;)
-	{
-		i=BIO_read(p7bio,buf,sizeof(buf));
-		if (i <= 0) break;
-		if (tmpout) BIO_write(tmpout, buf, i);
-	}
-
-	if(flags & PKCS7_TEXT) {
-		if(!SMIME_text(tmpout, out)) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SMIME_TEXT_ERROR);
-			BIO_free(tmpout);
-			goto err;
-		}
-		BIO_free(tmpout);
-	}
-
-	/* Now Verify All Signatures */
-	if (!(flags & PKCS7_NOSIGS))
-	    for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
-		{
-		si=sk_PKCS7_SIGNER_INFO_value(sinfos,i);
-		signer = sk_X509_value (signers, i);
-		j=PKCS7_signatureVerify(p7bio,p7,si, signer);
-		if (j <= 0) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SIGNATURE_FAILURE);
-			goto err;
-		}
-	}
-
-	ret = 1;
-
-	err:
-
-	if(indata) BIO_pop(p7bio);
-	BIO_free_all(p7bio);
-	sk_X509_free(signers);
-
-	return ret;
-}
-
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
-{
-	STACK_OF(X509) *signers;
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-	PKCS7_SIGNER_INFO *si;
-	PKCS7_ISSUER_AND_SERIAL *ias;
-	X509 *signer;
-	int i;
-
-	if(!p7) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
-		return NULL;
-	}
-
-	if(!PKCS7_type_is_signed(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
-		return NULL;
-	}
-	if(!(signers = sk_X509_new_null())) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	/* Collect all the signers together */
-
-	sinfos = PKCS7_get_signer_info(p7);
-
-	if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS);
-		return 0;
-	}
-
-	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
-	{
-	    si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-	    ias = si->issuer_and_serial;
-	    signer = NULL;
-		/* If any certificates passed they take priority */
-	    if (certs) signer = X509_find_by_issuer_and_serial (certs,
-					 	ias->issuer, ias->serial);
-	    if (!signer && !(flags & PKCS7_NOINTERN)
-			&& p7->d.sign->cert) signer =
-		              X509_find_by_issuer_and_serial (p7->d.sign->cert,
-					      	ias->issuer, ias->serial);
-	    if (!signer) {
-			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
-			sk_X509_free(signers);
-			return 0;
-	    }
-
-	    sk_X509_push(signers, signer);
-	}
-	return signers;
-}
-
-
-/* Build a complete PKCS#7 enveloped data */
-
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-								int flags)
-{
-	PKCS7 *p7;
-	BIO *p7bio = NULL;
-	int i;
-	X509 *x509;
-	if(!(p7 = PKCS7_new())) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	PKCS7_set_type(p7, NID_pkcs7_enveloped);
-	if(!PKCS7_set_cipher(p7, cipher)) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER);
-		goto err;
-	}
-
-	for(i = 0; i < sk_X509_num(certs); i++) {
-		x509 = sk_X509_value(certs, i);
-		if(!PKCS7_add_recipient(p7, x509)) {
-			PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
-					PKCS7_R_ERROR_ADDING_RECIPIENT);
-			goto err;
-		}
-	}
-
-	if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	SMIME_crlf_copy(in, p7bio, flags);
-
-	BIO_flush(p7bio);
-
-        if (!PKCS7_dataFinal(p7,p7bio)) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR);
-		goto err;
-	}
-        BIO_free_all(p7bio);
-
-	return p7;
-
-	err:
-
-	BIO_free(p7bio);
-	PKCS7_free(p7);
-	return NULL;
-
-}
-
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
-{
-	BIO *tmpmem;
-	int ret, i;
-	char buf[4096];
-
-	if(!p7) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if(!PKCS7_type_is_enveloped(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_WRONG_CONTENT_TYPE);
-		return 0;
-	}
-
-	if(!X509_check_private_key(cert, pkey)) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT,
-				PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		return 0;
-	}
-
-	if(!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
-		return 0;
-	}
-
-	if (flags & PKCS7_TEXT) {
-		BIO *tmpbuf, *bread;
-		/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
-		if(!(tmpbuf = BIO_new(BIO_f_buffer()))) {
-			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if(!(bread = BIO_push(tmpbuf, tmpmem))) {
-			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		ret = SMIME_text(bread, data);
-		BIO_free_all(bread);
-		return ret;
-	} else {
-		for(;;) {
-			i = BIO_read(tmpmem, buf, sizeof(buf));
-			if(i <= 0) break;
-			BIO_write(data, buf, i);
-		}
-		BIO_free_all(tmpmem);
-		return 1;
-	}
-}
diff --git a/crypto/openssl/crypto/pkcs7/pkcs7.h b/crypto/openssl/crypto/pkcs7/pkcs7.h
deleted file mode 100644
index 5819700a8502..000000000000
--- a/crypto/openssl/crypto/pkcs7/pkcs7.h
+++ /dev/null
@@ -1,449 +0,0 @@
-/* crypto/pkcs7/pkcs7.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PKCS7_H
-#define HEADER_PKCS7_H
-
-#include <openssl/asn1.h>
-#include <openssl/bio.h>
-#include <openssl/e_os2.h>
-
-#include <openssl/symhacks.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-/* Under Win32 thes are defined in wincrypt.h */
-#undef PKCS7_ISSUER_AND_SERIAL
-#undef PKCS7_SIGNER_INFO
-#endif
-
-/*
-Encryption_ID		DES-CBC
-Digest_ID		MD5
-Digest_Encryption_ID	rsaEncryption
-Key_Encryption_ID	rsaEncryption
-*/
-
-typedef struct pkcs7_issuer_and_serial_st
-	{
-	X509_NAME *issuer;
-	ASN1_INTEGER *serial;
-	} PKCS7_ISSUER_AND_SERIAL;
-
-typedef struct pkcs7_signer_info_st
-	{
-	ASN1_INTEGER 			*version;	/* version 1 */
-	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
-	X509_ALGOR			*digest_alg;
-	STACK_OF(X509_ATTRIBUTE)	*auth_attr;	/* [ 0 ] */
-	X509_ALGOR			*digest_enc_alg;
-	ASN1_OCTET_STRING		*enc_digest;
-	STACK_OF(X509_ATTRIBUTE)	*unauth_attr;	/* [ 1 ] */
-
-	/* The private key to sign with */
-	EVP_PKEY			*pkey;
-	} PKCS7_SIGNER_INFO;
-
-DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
-
-typedef struct pkcs7_recip_info_st
-	{
-	ASN1_INTEGER			*version;	/* version 0 */
-	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
-	X509_ALGOR			*key_enc_algor;
-	ASN1_OCTET_STRING		*enc_key;
-	X509				*cert; /* get the pub-key from this */
-	} PKCS7_RECIP_INFO;
-
-DECLARE_STACK_OF(PKCS7_RECIP_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
-
-typedef struct pkcs7_signed_st
-	{
-	ASN1_INTEGER			*version;	/* version 1 */
-	STACK_OF(X509_ALGOR)		*md_algs;	/* md used */
-	STACK_OF(X509)			*cert;		/* [ 0 ] */
-	STACK_OF(X509_CRL)		*crl;		/* [ 1 ] */
-	STACK_OF(PKCS7_SIGNER_INFO)	*signer_info;
-
-	struct pkcs7_st			*contents;
-	} PKCS7_SIGNED;
-/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
- * How about merging the two */
-
-typedef struct pkcs7_enc_content_st
-	{
-	ASN1_OBJECT			*content_type;
-	X509_ALGOR			*algorithm;
-	ASN1_OCTET_STRING		*enc_data;	/* [ 0 ] */
-	const EVP_CIPHER		*cipher;
-	} PKCS7_ENC_CONTENT;
-
-typedef struct pkcs7_enveloped_st
-	{
-	ASN1_INTEGER			*version;	/* version 0 */
-	STACK_OF(PKCS7_RECIP_INFO)	*recipientinfo;
-	PKCS7_ENC_CONTENT		*enc_data;
-	} PKCS7_ENVELOPE;
-
-typedef struct pkcs7_signedandenveloped_st
-	{
-	ASN1_INTEGER			*version;	/* version 1 */
-	STACK_OF(X509_ALGOR)		*md_algs;	/* md used */
-	STACK_OF(X509)			*cert;		/* [ 0 ] */
-	STACK_OF(X509_CRL)		*crl;		/* [ 1 ] */
-	STACK_OF(PKCS7_SIGNER_INFO)	*signer_info;
-
-	PKCS7_ENC_CONTENT		*enc_data;
-	STACK_OF(PKCS7_RECIP_INFO)	*recipientinfo;
-	} PKCS7_SIGN_ENVELOPE;
-
-typedef struct pkcs7_digest_st
-	{
-	ASN1_INTEGER			*version;	/* version 0 */
-	X509_ALGOR			*md;		/* md used */
-	struct pkcs7_st 		*contents;
-	ASN1_OCTET_STRING		*digest;
-	} PKCS7_DIGEST;
-
-typedef struct pkcs7_encrypted_st
-	{
-	ASN1_INTEGER			*version;	/* version 0 */
-	PKCS7_ENC_CONTENT		*enc_data;
-	} PKCS7_ENCRYPT;
-
-typedef struct pkcs7_st
-	{
-	/* The following is non NULL if it contains ASN1 encoding of
-	 * this structure */
-	unsigned char *asn1;
-	long length;
-
-#define PKCS7_S_HEADER	0
-#define PKCS7_S_BODY	1
-#define PKCS7_S_TAIL	2
-	int state; /* used during processing */
-
-	int detached;
-
-	ASN1_OBJECT *type;
-	/* content as defined by the type */
-	/* all encryption/message digests are applied to the 'contents',
-	 * leaving out the 'type' field. */
-	union	{
-		char *ptr;
-
-		/* NID_pkcs7_data */
-		ASN1_OCTET_STRING *data;
-
-		/* NID_pkcs7_signed */
-		PKCS7_SIGNED *sign;
-
-		/* NID_pkcs7_enveloped */
-		PKCS7_ENVELOPE *enveloped;
-
-		/* NID_pkcs7_signedAndEnveloped */
-		PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
-
-		/* NID_pkcs7_digest */
-		PKCS7_DIGEST *digest;
-
-		/* NID_pkcs7_encrypted */
-		PKCS7_ENCRYPT *encrypted;
-
-		/* Anything else */
-		ASN1_TYPE *other;
-		} d;
-	} PKCS7;
-
-DECLARE_STACK_OF(PKCS7)
-DECLARE_ASN1_SET_OF(PKCS7)
-DECLARE_PKCS12_STACK_OF(PKCS7)
-
-#define PKCS7_OP_SET_DETACHED_SIGNATURE	1
-#define PKCS7_OP_GET_DETACHED_SIGNATURE	2
-
-#define PKCS7_get_signed_attributes(si)	((si)->auth_attr)
-#define PKCS7_get_attributes(si)	((si)->unauth_attr)
-
-#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
-#define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
-#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
-#define PKCS7_type_is_signedAndEnveloped(a) \
-		(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
-#define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-
-#define PKCS7_set_detached(p,v) \
-		PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
-#define PKCS7_get_detached(p) \
-		PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
-
-#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
-
-#ifdef SSLEAY_MACROS
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
-        ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
-	                (char *)data,md,len)
-#endif
-#endif
-
-/* S/MIME related flags */
-
-#define PKCS7_TEXT		0x1
-#define PKCS7_NOCERTS		0x2
-#define PKCS7_NOSIGS		0x4
-#define PKCS7_NOCHAIN		0x8
-#define PKCS7_NOINTERN		0x10
-#define PKCS7_NOVERIFY		0x20
-#define PKCS7_DETACHED		0x40
-#define PKCS7_BINARY		0x80
-#define PKCS7_NOATTR		0x100
-#define	PKCS7_NOSMIMECAP	0x200
-
-/* Flags: for compatibility with older code */
-
-#define SMIME_TEXT	PKCS7_TEXT
-#define SMIME_NOCERTS	PKCS7_NOCERTS
-#define SMIME_NOSIGS	PKCS7_NOSIGS
-#define SMIME_NOCHAIN	PKCS7_NOCHAIN
-#define SMIME_NOINTERN	PKCS7_NOINTERN
-#define SMIME_NOVERIFY	PKCS7_NOVERIFY
-#define SMIME_DETACHED	PKCS7_DETACHED
-#define SMIME_BINARY	PKCS7_BINARY
-#define SMIME_NOATTR	PKCS7_NOATTR
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-#ifndef SSLEAY_MACROS
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
-	unsigned char *md,unsigned int *len);
-#ifndef OPENSSL_NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
-int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
-#endif
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
-int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
-#endif
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-DECLARE_ASN1_FUNCTIONS(PKCS7)
-
-DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
-DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
-
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
-
-int PKCS7_set_type(PKCS7 *p7, int type);
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-	const EVP_MD *dgst);
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-int PKCS7_content_new(PKCS7 *p7, int nid);
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
-	BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); 
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
-								X509 *x509);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
-
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
-	EVP_PKEY *pkey, const EVP_MD *dgst);
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si,int nid,int type,
-	void *data);
-int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-	void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-				STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
-
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-							BIO *data, int flags);
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
-					BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-								int flags);
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
-			      STACK_OF(X509_ALGOR) *cap);
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS7_strings(void);
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-#define PKCS7_F_B64_READ_PKCS7				 120
-#define PKCS7_F_B64_WRITE_PKCS7				 121
-#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP		 118
-#define PKCS7_F_PKCS7_ADD_CERTIFICATE			 100
-#define PKCS7_F_PKCS7_ADD_CRL				 101
-#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO		 102
-#define PKCS7_F_PKCS7_ADD_SIGNER			 103
-#define PKCS7_F_PKCS7_CTRL				 104
-#define PKCS7_F_PKCS7_DATADECODE			 112
-#define PKCS7_F_PKCS7_DATAINIT				 105
-#define PKCS7_F_PKCS7_DATASIGN				 106
-#define PKCS7_F_PKCS7_DATAVERIFY			 107
-#define PKCS7_F_PKCS7_DECRYPT				 114
-#define PKCS7_F_PKCS7_ENCRYPT				 115
-#define PKCS7_F_PKCS7_GET0_SIGNERS			 124
-#define PKCS7_F_PKCS7_SET_CIPHER			 108
-#define PKCS7_F_PKCS7_SET_CONTENT			 109
-#define PKCS7_F_PKCS7_SET_TYPE				 110
-#define PKCS7_F_PKCS7_SIGN				 116
-#define PKCS7_F_PKCS7_SIGNATUREVERIFY			 113
-#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP			 119
-#define PKCS7_F_PKCS7_VERIFY				 117
-#define PKCS7_F_SMIME_READ_PKCS7			 122
-#define PKCS7_F_SMIME_TEXT				 123
-
-/* Reason codes. */
-#define PKCS7_R_CERTIFICATE_VERIFY_ERROR		 117
-#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER		 144
-#define PKCS7_R_CIPHER_NOT_INITIALIZED			 116
-#define PKCS7_R_CONTENT_AND_DATA_PRESENT		 118
-#define PKCS7_R_DECODE_ERROR				 130
-#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH		 100
-#define PKCS7_R_DECRYPT_ERROR				 119
-#define PKCS7_R_DIGEST_FAILURE				 101
-#define PKCS7_R_ERROR_ADDING_RECIPIENT			 120
-#define PKCS7_R_ERROR_SETTING_CIPHER			 121
-#define PKCS7_R_INVALID_MIME_TYPE			 131
-#define PKCS7_R_INVALID_NULL_POINTER			 143
-#define PKCS7_R_MIME_NO_CONTENT_TYPE			 132
-#define PKCS7_R_MIME_PARSE_ERROR			 133
-#define PKCS7_R_MIME_SIG_PARSE_ERROR			 134
-#define PKCS7_R_MISSING_CERIPEND_INFO			 103
-#define PKCS7_R_NO_CONTENT				 122
-#define PKCS7_R_NO_CONTENT_TYPE				 135
-#define PKCS7_R_NO_MULTIPART_BODY_FAILURE		 136
-#define PKCS7_R_NO_MULTIPART_BOUNDARY			 137
-#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE	 115
-#define PKCS7_R_NO_SIGNATURES_ON_DATA			 123
-#define PKCS7_R_NO_SIGNERS				 142
-#define PKCS7_R_NO_SIG_CONTENT_TYPE			 138
-#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE	 104
-#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR		 124
-#define PKCS7_R_PKCS7_DATAFINAL_ERROR			 125
-#define PKCS7_R_PKCS7_DATASIGN				 126
-#define PKCS7_R_PKCS7_PARSE_ERROR			 139
-#define PKCS7_R_PKCS7_SIG_PARSE_ERROR			 140
-#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 127
-#define PKCS7_R_SIGNATURE_FAILURE			 105
-#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND		 128
-#define PKCS7_R_SIG_INVALID_MIME_TYPE			 141
-#define PKCS7_R_SMIME_TEXT_ERROR			 129
-#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE		 106
-#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 107
-#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 108
-#define PKCS7_R_UNKNOWN_DIGEST_TYPE			 109
-#define PKCS7_R_UNKNOWN_OPERATION			 110
-#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE			 111
-#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 112
-#define PKCS7_R_WRONG_CONTENT_TYPE			 113
-#define PKCS7_R_WRONG_PKCS7_TYPE			 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/pkcs7/pkcs7err.c b/crypto/openssl/crypto/pkcs7/pkcs7err.c
deleted file mode 100644
index 5e51527a4075..000000000000
--- a/crypto/openssl/crypto/pkcs7/pkcs7err.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/* crypto/pkcs7/pkcs7err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs7.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA PKCS7_str_functs[]=
-	{
-{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0),	"B64_READ_PKCS7"},
-{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0),	"B64_WRITE_PKCS7"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0),	"PKCS7_add_attrib_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0),	"PKCS7_add_certificate"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0),	"PKCS7_add_crl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0),	"PKCS7_add_recipient_info"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),	"PKCS7_add_signer"},
-{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),	"PKCS7_ctrl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0),	"PKCS7_dataDecode"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),	"PKCS7_dataInit"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),	"PKCS7_DATASIGN"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0),	"PKCS7_decrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0),	"PKCS7_encrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0),	"PKCS7_get0_signers"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),	"PKCS7_set_cipher"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),	"PKCS7_set_type"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0),	"PKCS7_sign"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0),	"PKCS7_signatureVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0),	"PKCS7_simple_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0),	"PKCS7_verify"},
-{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0),	"SMIME_read_PKCS7"},
-{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0),	"SMIME_text"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA PKCS7_str_reasons[]=
-	{
-{PKCS7_R_CERTIFICATE_VERIFY_ERROR        ,"certificate verify error"},
-{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
-{PKCS7_R_CIPHER_NOT_INITIALIZED          ,"cipher not initialized"},
-{PKCS7_R_CONTENT_AND_DATA_PRESENT        ,"content and data present"},
-{PKCS7_R_DECODE_ERROR                    ,"decode error"},
-{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH   ,"decrypted key is wrong length"},
-{PKCS7_R_DECRYPT_ERROR                   ,"decrypt error"},
-{PKCS7_R_DIGEST_FAILURE                  ,"digest failure"},
-{PKCS7_R_ERROR_ADDING_RECIPIENT          ,"error adding recipient"},
-{PKCS7_R_ERROR_SETTING_CIPHER            ,"error setting cipher"},
-{PKCS7_R_INVALID_MIME_TYPE               ,"invalid mime type"},
-{PKCS7_R_INVALID_NULL_POINTER            ,"invalid null pointer"},
-{PKCS7_R_MIME_NO_CONTENT_TYPE            ,"mime no content type"},
-{PKCS7_R_MIME_PARSE_ERROR                ,"mime parse error"},
-{PKCS7_R_MIME_SIG_PARSE_ERROR            ,"mime sig parse error"},
-{PKCS7_R_MISSING_CERIPEND_INFO           ,"missing ceripend info"},
-{PKCS7_R_NO_CONTENT                      ,"no content"},
-{PKCS7_R_NO_CONTENT_TYPE                 ,"no content type"},
-{PKCS7_R_NO_MULTIPART_BODY_FAILURE       ,"no multipart body failure"},
-{PKCS7_R_NO_MULTIPART_BOUNDARY           ,"no multipart boundary"},
-{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"},
-{PKCS7_R_NO_SIGNATURES_ON_DATA           ,"no signatures on data"},
-{PKCS7_R_NO_SIGNERS                      ,"no signers"},
-{PKCS7_R_NO_SIG_CONTENT_TYPE             ,"no sig content type"},
-{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
-{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR       ,"pkcs7 add signature error"},
-{PKCS7_R_PKCS7_DATAFINAL_ERROR           ,"pkcs7 datafinal error"},
-{PKCS7_R_PKCS7_DATASIGN                  ,"pkcs7 datasign"},
-{PKCS7_R_PKCS7_PARSE_ERROR               ,"pkcs7 parse error"},
-{PKCS7_R_PKCS7_SIG_PARSE_ERROR           ,"pkcs7 sig parse error"},
-{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
-{PKCS7_R_SIGNATURE_FAILURE               ,"signature failure"},
-{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND    ,"signer certificate not found"},
-{PKCS7_R_SIG_INVALID_MIME_TYPE           ,"sig invalid mime type"},
-{PKCS7_R_SMIME_TEXT_ERROR                ,"smime text error"},
-{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE      ,"unable to find certificate"},
-{PKCS7_R_UNABLE_TO_FIND_MEM_BIO          ,"unable to find mem bio"},
-{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST   ,"unable to find message digest"},
-{PKCS7_R_UNKNOWN_DIGEST_TYPE             ,"unknown digest type"},
-{PKCS7_R_UNKNOWN_OPERATION               ,"unknown operation"},
-{PKCS7_R_UNSUPPORTED_CIPHER_TYPE         ,"unsupported cipher type"},
-{PKCS7_R_UNSUPPORTED_CONTENT_TYPE        ,"unsupported content type"},
-{PKCS7_R_WRONG_CONTENT_TYPE              ,"wrong content type"},
-{PKCS7_R_WRONG_PKCS7_TYPE                ,"wrong pkcs7 type"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_PKCS7_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
-		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/pkcs7/server.pem b/crypto/openssl/crypto/pkcs7/server.pem
deleted file mode 100644
index 750aac209468..000000000000
--- a/crypto/openssl/crypto/pkcs7/server.pem
+++ /dev/null
@@ -1,24 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
-MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
-Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
-mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
-xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
-irObpESxAZLySCmPPg==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/crypto/pkcs7/sign.c b/crypto/openssl/crypto/pkcs7/sign.c
deleted file mode 100644
index 8b59885f7ea1..000000000000
--- a/crypto/openssl/crypto/pkcs7/sign.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/pkcs7/sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	X509 *x509;
-	EVP_PKEY *pkey;
-	PKCS7 *p7;
-	PKCS7_SIGNER_INFO *si;
-	BIO *in;
-	BIO *data,*p7bio;
-	char buf[1024*4];
-	int i;
-	int nodetach=0;
-
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
-#endif
-#ifndef OPENSSL_NO_MD5
-	EVP_add_digest(EVP_md5());
-#endif
-#ifndef OPENSSL_NO_SHA1
-	EVP_add_digest(EVP_sha1());
-#endif
-#ifndef OPENSSL_NO_MDC2
-	EVP_add_digest(EVP_mdc2());
-#endif
-
-	data=BIO_new(BIO_s_file());
-again:
-	if (argc > 1)
-		{
-		if (strcmp(argv[1],"-nd") == 0)
-			{
-			nodetach=1;
-			argv++; argc--;
-			goto again;
-			}
-		if (!BIO_read_filename(data,argv[1]))
-			goto err;
-		}
-	else
-		BIO_set_fp(data,stdin,BIO_NOCLOSE);
-
-	if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
-	if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err;
-	BIO_reset(in);
-	if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) goto err;
-	BIO_free(in);
-
-	p7=PKCS7_new();
-	PKCS7_set_type(p7,NID_pkcs7_signed);
-	 
-	si=PKCS7_add_signature(p7,x509,pkey,EVP_sha1());
-	if (si == NULL) goto err;
-
-	/* If you do this then you get signing time automatically added */
-	PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT,
-						OBJ_nid2obj(NID_pkcs7_data));
-
-	/* we may want to add more */
-	PKCS7_add_certificate(p7,x509);
-
-	/* Set the content of the signed to 'data' */
-	PKCS7_content_new(p7,NID_pkcs7_data);
-
-	if (!nodetach)
-		PKCS7_set_detached(p7,1);
-
-	if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
-
-	for (;;)
-		{
-		i=BIO_read(data,buf,sizeof(buf));
-		if (i <= 0) break;
-		BIO_write(p7bio,buf,i);
-		}
-
-	if (!PKCS7_dataFinal(p7,p7bio)) goto err;
-	BIO_free(p7bio);
-
-	PEM_write_PKCS7(stdout,p7);
-	PKCS7_free(p7);
-
-	exit(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	exit(1);
-	}
-
diff --git a/crypto/openssl/crypto/pkcs7/t/3des.pem b/crypto/openssl/crypto/pkcs7/t/3des.pem
deleted file mode 100644
index b2b5081a10ec..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/3des.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ
-/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw
-AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
-QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
-CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N
-WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
-oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL
-lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8
-5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA=
------END PKCS7-----
-
diff --git a/crypto/openssl/crypto/pkcs7/t/3dess.pem b/crypto/openssl/crypto/pkcs7/t/3dess.pem
deleted file mode 100644
index 23f013516a51..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/3dess.pem
+++ /dev/null
@@ -1,32 +0,0 @@
------BEGIN PKCS7-----
-MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
-BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
-BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
-ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
-AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
-gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
-ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
-A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
-dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
-hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
-hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
-igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
-syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
-kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
-MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
-TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
-mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
-8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
-ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
-BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
-REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
-AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
-CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
-SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
-BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
-9CWR6g==
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/c.pem b/crypto/openssl/crypto/pkcs7/t/c.pem
deleted file mode 100644
index a4b55e321a5c..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/c.pem
+++ /dev/null
@@ -1,48 +0,0 @@
-issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
-subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
-serial :047D
-
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1149 (0x47d)
-        Signature Algorithm: md5withRSAEncryption
-        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
-        Validity
-            Not Before: May 13 05:40:58 1998 GMT
-            Not After : May 12 05:40:58 2000 GMT
-        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Modulus:
-                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
-                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
-                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
-                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
-                    e7:e7:0c:4d:0b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            Netscape Comment: 
-                Generated with SSLeay
-    Signature Algorithm: md5withRSAEncryption
-        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
-        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
-        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
-        50:74:ad:92:cb:4e:90:e5:fa:7d
-
------BEGIN CERTIFICATE-----
-MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
-MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
-ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
-IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
-NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
-aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
-9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
-lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
-hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
-UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
-4A3ZItobUHStkstOkOX6fQ==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/crypto/pkcs7/t/ff b/crypto/openssl/crypto/pkcs7/t/ff
deleted file mode 100644
index 23f013516a51..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/ff
+++ /dev/null
@@ -1,32 +0,0 @@
------BEGIN PKCS7-----
-MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
-BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
-BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
-ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
-AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
-gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
-ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
-A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
-dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
-hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
-hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
-igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
-syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
-kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
-MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
-TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
-mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
-8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
-ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
-BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
-REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
-AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
-CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
-SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
-BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
-9CWR6g==
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-e b/crypto/openssl/crypto/pkcs7/t/msie-e
deleted file mode 100644
index aafae69fc9d8..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-e
+++ /dev/null
@@ -1,20 +0,0 @@
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
-BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
-aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECMzu8y
-wQ/qZbO8cAGMRBF+mPruv3+Dvb9aWNZ2k8njUgqF6mcdhVB2MkGcsG3memRXJBixvMYWVkU3qK4Z
-VuKsMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
-BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
-SIb3DQEBAQUABEBcWwYFHJbJGhiztt7lzue3Lc9CH5WAbyR+2BZ3uv+JxZfRs1PuaWPOwRa0Vgs3
-YwSJoRfxQj2Gk0wFqG1qt6d1MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQI8vRlP/Nx
-2iSggASCAZhR5srxyspy7DfomRJ9ff8eMCtaNwEoEx7G25PZRonC57hBvGoScLtEPU3Wp9FEbPN7
-oJESeC+AqMTyTLNy8aQsyC5s53E9UkoIvg62ekYZBbXZqXsrxx4PhiiX3NH8GVh42phB0Chjw0nK
-HZeRDmxGY3Cmk+J+l0uVKxbNIfJIKOguLBnhqmnKH/PrnzDt591u0ULy2aTLqRm+4/1Yat/QPb6J
-eoKGwNPBbS9ogBdrCNCp9ZFg3Xar2AtQHzyTQIfYeH3SRQUpKmRm5U5o9p5emgEdT+ZfJm/J4tSH
-OmbgAFsbHQakA4MBZ4J5qfDJhOA2g5lWk1hIeu5Dn/AaLRZd0yz3oY0Ieo/erPWx/bCqtBzYbMe9
-qSFTedKlbc9EGe3opOTdBZVzK8KH3w3zsy5luxKdOUG59YYb5F1IZiWGiDyuo/HuacX+griu5LeD
-bEzOtZnko+TZXvWIko30fD79j3T4MRRhWXbgj2HKza+4vJ0mzcC/1+GPsJjAEAA/JgIEDU4w6/DI
-/HQHhLAO3G+9xKD7MvmrzkoAAAAAAAAAAAAA
-
-
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-e.pem b/crypto/openssl/crypto/pkcs7/t/msie-e.pem
deleted file mode 100644
index a2a5e24e7426..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-e.pem
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIIDkAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
-bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
-aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
-uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQIzO7zLBD+pls7xwAYxEEX6Y+u6/f4O9
-v1pY1naTyeNSCoXqZx2FUHYyQZywbeZ6ZFckGLG8xhZWRTeorhlW4qwwgfACAQAw
-gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
-GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
-QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFxbBgUclskaGLO23uXO57ctz0If
-lYBvJH7YFne6/4nFl9GzU+5pY87BFrRWCzdjBImhF/FCPYaTTAWobWq3p3UwggHD
-BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECPL0ZT/zcdokgIIBmFHmyvHK
-ynLsN+iZEn19/x4wK1o3ASgTHsbbk9lGicLnuEG8ahJwu0Q9Tdan0URs83ugkRJ4
-L4CoxPJMs3LxpCzILmzncT1SSgi+DrZ6RhkFtdmpeyvHHg+GKJfc0fwZWHjamEHQ
-KGPDScodl5EObEZjcKaT4n6XS5UrFs0h8kgo6C4sGeGqacof8+ufMO3n3W7RQvLZ
-pMupGb7j/Vhq39A9vol6gobA08FtL2iAF2sI0Kn1kWDddqvYC1AfPJNAh9h4fdJF
-BSkqZGblTmj2nl6aAR1P5l8mb8ni1Ic6ZuAAWxsdBqQDgwFngnmp8MmE4DaDmVaT
-WEh67kOf8BotFl3TLPehjQh6j96s9bH9sKq0HNhsx72pIVN50qVtz0QZ7eik5N0F
-lXMrwoffDfOzLmW7Ep05Qbn1hhvkXUhmJYaIPK6j8e5pxf6CuK7kt4NsTM61meSj
-5Nle9YiSjfR8Pv2PdPgxFGFZduCPYcrNr7i8nSbNwL/X4Y+wmMAQAD8mAgQNTjDr
-8Mj8dAeEsA7cb73EoPsy+avOSgAAAAA=
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-enc-01 b/crypto/openssl/crypto/pkcs7/t/msie-enc-01
deleted file mode 100644
index 2c93ab646268..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-enc-01
+++ /dev/null
@@ -1,62 +0,0 @@
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxgfMwgfACAQAwgZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0
-IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMT
-EkRFTU8gWkVSTyBWQUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKvMaW8xh6oF/X+CJivz
-IZV7yHxlp4O3NHQtWG0A8MOZB+CtKlU7/6g5e/a9Du/TOqxRMqtYRp63pa2Q/mM4IYMwgAYJ
-KoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAifz6RvzOPYlKCABIGwxtGA/FLBBRs1wbBP
-gDCbSG0yCwjJNsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrI
-pd8WiSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqrcWTm
-STSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sgQki4t2g4/Saq
-Kl4EMISgluk6swdND0tiHY7v5d6YR29ePCl2/STJ98eJpWkEEC22GNNvOy7ru/Rv2He4MgQg
-optd7sk9MMd9xhJppg7CcH/yDx//HrtgpOcWmn6VxpgECFqon4uXkQtIBIH4PaNclFn7/hLx
-Pw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5mYXfw+b81lh1kutxaPaV4YJ9
-ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/t
-Mnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVwNx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78Y
-M+NaIpIQ3On4DokJA2ZHtjBjZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3Te
-dvKJsbZuu0stErbvWcRy11I328l557EECAJT7d44OJ3rBBBj6bnnx6dDU2SRqp2CEoQaBAhK
-RBuyhNxkygQIOY9/NhwqAJAECOvX0Zd0DqgoBAjobPpMHhVV3gQQWLU2vEoZ51BwzxdzCmxO
-wwQI4oKfudaNqoAESKzBNAqv5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQ
-NUEM1dNU+EYslL4o3RoSHRjUgPU+2t9c0prS9A/bPARIEOP94PynaTNxwHi3VTK7SzuQmgzA
-4n942E9joSiqsQPlsKAb3sPUaLC3SuUxSjNBgfpvD0bmrA/5h+WZoYXvIogFpwjkSmnFBEie
-0lh5Ov1aRrvCw5/j3Q/W/4ZtN5U+aeVBJMtA8n0Mxd5kPxHbNVh4oGprZ6wEegV8ht3voyZa
-mZ5Cyxc8ffMYnM/JJI6/oEYEUEMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62r5HgNbdD
-FHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3PbfknszCEBEh4PdXYbbaR
-3AacN3Q5kYYmWsq3WW6xgrg0mmEGosGvwSQxBBuiXZrxScCa4ivEq05UZwyShePvKduOvnUE
-2zDO6IXFLZxhTZAESEm9/FovLgGAiJ7iMGmYvsISLJScwG4n+wrSaQNQXizs9N3ykys54wBN
-d/+BQ4F7pncHhDQ2Dyt5MekB8Y8iNOocUTFCu524vQRIaWCXmXP3vU7D21dp0XnAMzRQJ565
-JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6BFDK
-6CmKbnyyjOfE2iLGJmTFa905V2KrVDCmlEu/xyGMs80yTyZC+ySzM83FMVvLEQmSzcTNUZVp
-DfA1kNXbXkPouBXXT6g8r8JCRljaKKABmgRIlMheOJQRUUU4cgvhMreXPayhq5Ao4VMSCkA5
-hYRCBczm4Di/MMohF0SxIsdRY6gY9CPnrBXAsY6h1RbR7Tw0iQZmeXi52DCiBEj0by+SYMAa
-9z0CReIzl8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG
-955HlAoEQBOGJbcESCgd5XSirZ9Y3AbCfuKOqoMBvEUGn+w/pMaqnGvnr5FZhuBDKrhRXqtx
-QsxA//drGUxsrZOuSL/0+fbvo7n2h1Z8Ny86jOvVZAQIAjw2l1Yc5RAESNc9i3I8pKEOVQf/
-UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs/4n+Vu3SVYU3cAxo
-lUTiCGUSlARIF+TD57SI5+RI+MNtnD9rs4E1ml51YoHGWFj3UPriDmY0FKEwIgqtMXMY3fZ9
-Kq8d83bjDzxwbDX7WwR7KbSeJWT42pCz7kM+BEjjPsOnZHuusXT3x2rrsBnYtYsbt98mSFiS
-KzTtFmXfkOBbCQdit1P76QnYJ1aXMGs6zP6GypQTadK/zYWvlm38QkVwueaJ0woESKW2pqKA
-70h2UMDHOrpepU1lj0YMzmotDHSTU3L909VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1Yda
-KPmgsv62RWLYl80wXQRQwG0e/mgG75jp9lOhJdVXqcYbQpS9viwVaVkwH+69mu/bQI4gjoEs
-UYX6O71Re2z+cYhcm9UrK+DXuSFBXQOIlAFxKMW4B0apd6fU84FsZLMESOorXE5OE0A2B2ji
-J8QI0Exk4hUvWrMNJfUZwFyS7E05xV9ORuX1xmsKqkT4tVR5Nqln4vhvAY860VBoloz0CDkd
-8seSBEjeMgRI9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+
-F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCbBEjdlI1c+IQGA/IuTDMJYCuQ/v+8BG5ZeWVH
-icPZmXfRat9eFK1dGKAJef6+Tf9HPuDjSpDyffrifsp7Dc34lmm7GN1+ON3ZMtwEUNm6epb8
-1RKWjoI7jIKUV/M2p/0eeGSqs4b06KF/VR6dBwsJVL5DpnTsp3MV4j/CAOlRdSPZ5++tsKbM
-aplk+ceqQtpEFz1MYTtVV4+rlrWaBEA1okJyNZ5/tNOwM7B+XfOZ0xw+uyVi9v4byTZM2Qds
-J+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNedXPHtBAiBKX+Mdy3wFQQIqE9gVgvrFNUE
-CKKoTFoMGqnPBAjDPgLCklNfrwQI3Ek1vSq68w8ECBodu2FOZJVkBAgzwjfSr2N9WQQQTCoQ
-KkAbrS9tnjXn1I3+ZwQIrPx3eINo/YUECIeYWCFskxlYBAiDUdvZXwD3vgQIkEyZbbZWbUUE
-CH4+odl1Isk3BBj68fkqJ0fKJRWVLWuW/O3VE4BOPKwFlaIECFseVTdDUho8BAj+cOKvV2WA
-hgQgaXr+wwq+ItblG0Qxz8IVUXX6PV2mIdHwz4SCCvnCsaIECJhBYxdfLI/XBCDswamPn9MR
-yXi2HVQBineV+GtWVkIoZ2dCLFB9mQRMoAQI0nUR5a5AOJoECA+AunKlAlx8BAi5RtFeF4g1
-FQQIz/ie+16LlQcECOmNuVg5DXjMBAjH2nkfpXZgWwQIVdLuO/+kuHAECO/5rEHmyI9vBBD4
-16BU4Rd3YerDQnHtrwOQBCCkho1XxK5Maz8KLCNi20wvcGt8wsIXlj2h5q9ITBq7IgQQvKVY
-4OfJ7bKbItP2dylwQgQYPIGxwkkbRXNraONYvN19G8UdF35rFOuIBAjf0sKz/618ZQQIxObr
-xJkRe0sECIC+ssnjEb2NBBBI+XM4OntVWGsRV9Td3sFgBAinGwIroo8O0gQQMGAwgc9PaLaG
-gBCiwSTrYQQIVHjfCQgOtygEUIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/g0thR0lM
-+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy043GNZBAhOqjyB2JbD
-NwQoR23XCYD9x6E20ChHJRXmaHwyMdYXKl5CUxypl7ois+sy2D7jDukS3wQIsTyyPgJi0GsA
-AAAAAAAAAAAA
-
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-enc-01.pem b/crypto/openssl/crypto/pkcs7/t/msie-enc-01.pem
deleted file mode 100644
index 9abf00b2f245..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-enc-01.pem
+++ /dev/null
@@ -1,66 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIILyAIBADGB8zCB8AIBADCBmTCBkjELMAkGA1UEBhMC
-QVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYD
-VQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
-TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBAgIEbjANBgkq
-hkiG9w0BAQEFAARAq8xpbzGHqgX9f4ImK/MhlXvIfGWng7c0dC1YbQDww5kH4K0q
-VTv/qDl79r0O79M6rFEyq1hGnrelrZD+YzghgzCCCssGCSqGSIb3DQEHATAaBggq
-hkiG9w0DAjAOAgIAoAQIn8+kb8zj2JSAggqgxtGA/FLBBRs1wbBPgDCbSG0yCwjJ
-NsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrIpd8W
-iSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqr
-cWTmSTSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sg
-Qki4t2g4/SaqKl6EoJbpOrMHTQ9LYh2O7+XemEdvXjwpdv0kyffHiaVpBBAtthjT
-bzsu67v0b9h3uDKim13uyT0wx33GEmmmDsJwf/IPH/8eu2Ck5xaafpXGmFqon4uX
-kQtIPaNclFn7/hLxPw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5
-mYXfw+b81lh1kutxaPaV4YJ9ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/
-GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/tMnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVw
-Nx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78YM+NaIpIQ3On4DokJA2ZHtjBj
-ZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3TedvKJsbZuu0stErbv
-WcRy11I328l557ECU+3eODid62PpuefHp0NTZJGqnYIShBpKRBuyhNxkyjmPfzYc
-KgCQ69fRl3QOqCjobPpMHhVV3li1NrxKGedQcM8XcwpsTsPigp+51o2qgKzBNAqv
-5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQNUEM1dNU+EYslL4o
-3RoSHRjUgPU+2t9c0prS9A/bPBDj/eD8p2kzccB4t1Uyu0s7kJoMwOJ/eNhPY6Eo
-qrED5bCgG97D1Giwt0rlMUozQYH6bw9G5qwP+YflmaGF7yKIBacI5EppxZ7SWHk6
-/VpGu8LDn+PdD9b/hm03lT5p5UEky0DyfQzF3mQ/Eds1WHigamtnrAR6BXyG3e+j
-JlqZnkLLFzx98xicz8kkjr+gRkMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62
-r5HgNbdDFHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3Pbfkn
-szCEeD3V2G22kdwGnDd0OZGGJlrKt1lusYK4NJphBqLBr8EkMQQbol2a8UnAmuIr
-xKtOVGcMkoXj7ynbjr51BNswzuiFxS2cYU2QSb38Wi8uAYCInuIwaZi+whIslJzA
-bif7CtJpA1BeLOz03fKTKznjAE13/4FDgXumdweENDYPK3kx6QHxjyI06hxRMUK7
-nbi9aWCXmXP3vU7D21dp0XnAMzRQJ565JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW
-7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6yugpim58soznxNoixiZkxWvdOVdi
-q1QwppRLv8chjLPNMk8mQvskszPNxTFbyxEJks3EzVGVaQ3wNZDV215D6LgV10+o
-PK/CQkZY2iigAZqUyF44lBFRRThyC+Eyt5c9rKGrkCjhUxIKQDmFhEIFzObgOL8w
-yiEXRLEix1FjqBj0I+esFcCxjqHVFtHtPDSJBmZ5eLnYMKL0by+SYMAa9z0CReIz
-l8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG
-955HlAoEQBOGJbcoHeV0oq2fWNwGwn7ijqqDAbxFBp/sP6TGqpxr56+RWYbgQyq4
-UV6rcULMQP/3axlMbK2Trki/9Pn276O59odWfDcvOozr1WQCPDaXVhzlENc9i3I8
-pKEOVQf/UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs
-/4n+Vu3SVYU3cAxolUTiCGUSlBfkw+e0iOfkSPjDbZw/a7OBNZpedWKBxlhY91D6
-4g5mNBShMCIKrTFzGN32fSqvHfN24w88cGw1+1sEeym0niVk+NqQs+5DPuM+w6dk
-e66xdPfHauuwGdi1ixu33yZIWJIrNO0WZd+Q4FsJB2K3U/vpCdgnVpcwazrM/obK
-lBNp0r/Nha+WbfxCRXC55onTCqW2pqKA70h2UMDHOrpepU1lj0YMzmotDHSTU3L9
-09VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1YdaKPmgsv62RWLYl80wXcBtHv5o
-Bu+Y6fZToSXVV6nGG0KUvb4sFWlZMB/uvZrv20COII6BLFGF+ju9UXts/nGIXJvV
-Kyvg17khQV0DiJQBcSjFuAdGqXen1POBbGSz6itcTk4TQDYHaOInxAjQTGTiFS9a
-sw0l9RnAXJLsTTnFX05G5fXGawqqRPi1VHk2qWfi+G8BjzrRUGiWjPQIOR3yx5IE
-SN4y9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+
-F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCb3ZSNXPiEBgPyLkwzCWArkP7/vARu
-WXllR4nD2Zl30WrfXhStXRigCXn+vk3/Rz7g40qQ8n364n7Kew3N+JZpuxjdfjjd
-2TLc2bp6lvzVEpaOgjuMgpRX8zan/R54ZKqzhvTooX9VHp0HCwlUvkOmdOyncxXi
-P8IA6VF1I9nn762wpsxqmWT5x6pC2kQXPUxhO1VXj6uWtZo1okJyNZ5/tNOwM7B+
-XfOZ0xw+uyVi9v4byTZM2QdsJ+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNed
-XPHtgSl/jHct8BWoT2BWC+sU1aKoTFoMGqnPwz4CwpJTX6/cSTW9KrrzDxodu2FO
-ZJVkM8I30q9jfVlMKhAqQButL22eNefUjf5nrPx3eINo/YWHmFghbJMZWINR29lf
-APe+kEyZbbZWbUV+PqHZdSLJN/rx+SonR8olFZUta5b87dUTgE48rAWVolseVTdD
-Uho8/nDir1dlgIZpev7DCr4i1uUbRDHPwhVRdfo9XaYh0fDPhIIK+cKxophBYxdf
-LI/X7MGpj5/TEcl4th1UAYp3lfhrVlZCKGdnQixQfZkETKDSdRHlrkA4mg+AunKl
-Alx8uUbRXheINRXP+J77XouVB+mNuVg5DXjMx9p5H6V2YFtV0u47/6S4cO/5rEHm
-yI9v+NegVOEXd2Hqw0Jx7a8DkKSGjVfErkxrPwosI2LbTC9wa3zCwheWPaHmr0hM
-GrsivKVY4OfJ7bKbItP2dylwQjyBscJJG0Vza2jjWLzdfRvFHRd+axTriN/SwrP/
-rXxlxObrxJkRe0uAvrLJ4xG9jUj5czg6e1VYaxFX1N3ewWCnGwIroo8O0jBgMIHP
-T2i2hoAQosEk62FUeN8JCA63KIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/
-g0thR0lM+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy04
-3GNZTqo8gdiWwzdHbdcJgP3HoTbQKEclFeZofDIx1hcqXkJTHKmXuiKz6zLYPuMO
-6RLfsTyyPgJi0GsAAAAA
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-enc-02 b/crypto/openssl/crypto/pkcs7/t/msie-enc-02
deleted file mode 100644
index 70170559651f..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-enc-02
+++ /dev/null
@@ -1,90 +0,0 @@
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
-BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
-aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABEACr4tn
-kSzvo3aIlHfJLGbfokNCV6FjdDP1vQhL+kdXONqcFCEf9ReETCvaHslIr/Wepc5j2hjZselzgqLn
-rM1ZMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
-BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
-SIb3DQEBAQUABEBanBxKOvUoRn3DiFY55lly2TPu2Cv+dI/GLrzW6qvnUMZPWGPGaUlPyWLMZrXJ
-xGXZUiRJKTBwDu91fnodUEK9MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQImxKZEDWP
-EuOggASCBACBi1bX/qc3geqFyfRpX7JyIo/g4CDr62GlwvassAGlIO8zJ5Z/UDIIooeV6QS4D4OW
-PymKd0WXhwcJI0yBcJTWEoxND27LM7CWFJpA07AoxVCRHTOPgm794NynLecNUOqVTFyS4CRuLhVG
-PAk0nFZG/RE2yMtx4rAkSiVgOexES7wq/xWuoDSSmuTMNQOTbKfkEKqdFLkM/d62gD2wnaph7vKk
-PPK82wdZP8rF3nUUC5c4ahbNoa8g+5B3tIF/Jz3ZZK3vGLU0IWO+i7W451dna13MglDDjXOeikNl
-XLsQdAVo0nsjfGu+f66besJojPzysNA+IEZl6gNWUetl9lim4SqrxubUExdS2rmXnXXmEuEW/HC7
-dlTAeYq5Clqx5id6slhC2C2oegMww3XH9yxHw6OqzvXY6pVPEScEtBMQLgaKFQT+m2SRtbTVFG7c
-QcnUODyVB1IbpQTF1DHeeOX1W/HfpWZym8dzkti6SCyeumHmqO406xDiIMVKtHOqM86nEHuAMZsr
-cLy+ey6TEJvR6S4N8QRzng8JJDZDTJXQN6q84aEudsnOrw2KyOVwPpI6ey4qBsHUgQ8kAFy5lsQa
-WV45h6exgUwbBcKLgPZGFj+OdD2RKJsTb83/UqbJS5Q/lGXhzBlnaYucyJxEprRxbntmcnOEPFJe
-+tRDUwOTd7qlJljdhIJL+uDcooL9Ahgo6Cwep6tduekv2cSEohJeTE8Dvy34YRhMbLvnFNdmnpNy
-rNZDYVVxxaKoyd2AfB8NPFZh1VdAYfI3R1QAQ2kXEef5NNIfVQfMzD9akJn4RP+Kv32Qaxm4FrnK
-xmwRyGJShavIBc2ax+F1r1+NZXuSBHn5vfoRTxOk0ST4dXsw74dnlYUMRaSu4qqUdM9jsXSyeX4Z
-gQgkR2bkaYO6ezFgenFIa7QWVw8rXZAEZ5aibCxbnY1VE41PYIvhlLdbFJhH9gY22s+fFAuwnzyA
-SRjC40A9aAEItRlaPStWSGiqlLRgNkBBwdpv2l2YPBd2QzHx6ek6XGrvRJuAC+Nh62rtQKwpNH54
-YAOHW55maBFW2SQ3TF+cZ6NbbqhCmHTyyR7mcSYc9sXSVDWEhYKQ1iyU870zhHWVpvglZizZetJC
-ZFjYex3b1ngVdcgargOvpPq9urCKKi2mbkqv/EFpzSWGXkKSpfCG/XfMnEOtkNrB8S06vnk2JcJB
-OBqJot+uuSH5hOg0vTpxX2DuONJSiWSWyfRE/lTfJJFXwhod7SXclUyXPeSyibcSic2hVAzDmwjD
-31js/j2k02PI/agPhr3UQ8cMgcNAiaoCKbNaWfn6BGbCAbTchxzUlo2cSJiLlrX2IDZmfXbXmZCo
-m1smWIG+BIIEALiuAxDb6dWLAYyVBoN9hYI4AiPeZAY9MtvQ6AV8o2/EFm6PvYGXy3Hei5830CH0
-PBeX7Kdd6ff1y33TW/l5qSkIL1ULTGR7okFfJePHDmq1dFt6/JOMptiQ8WSu7CsJQvZ9VTFXeYFc
-ZqCPPZc1NrPegNK70Zf9QxWIbDAevJ5KLBf1c6j8pU2/6LnvDY6VjaTvYSgr7vTR8eVzH4Rm77W0
-iOHxg5VcODv6cGSVyuvbX8UAGo8Cmb58ERDtBDJBQXVpWKLNAuDJ9GX8n2zNkpjZLbPSkcmuhqGa
-BJBE/BaCTkUQWlY9dIbRtEnxIU1mfbPPdx1Ppa8DqGDjSOsQdKcKYNNZtayEw++EIpmpdBNsKphC
-fB8UEK2Wkk4ZVW+qyGoi/r0MFsvO1NmSOOZ0o/jy/YHmoeURHhPy97AO3eVTkEAa5CfJEJybmo56
-7CDw/FwoGAUCgsoz7rlxzMudr/IhHIH+APinncxXlHO2ecvHD9i8DaHGA8tVifgsUhqQoZieULut
-eF94O5UAxOkv41UZssYTwN4nYrN1QkesZl3BX4ORS4EE30/PQ23ARf3WZptZrCJevGm2ZYzGeh8x
-g17mCDfiLO+bff4qP/4mC96Pu4ia6j4to5BwKIJS/+DCuoD8WeSKF4pugXQkMUiHdQnNnVP9Sp2O
-/4ly5mO8JzrQC59V2bnTNBqPhpno8kfJvK5TypPSVC+bTzern3rJ6UceB3srcn9zxKx9GdNydJQj
-yWjv8ec3n3d1nuQwhz5Q053NBhIjwoGg3Go7LO6i78ZOlpF7dcoAO13NfHLyNjnyHCaiWtVRTct9
-rLf5vN00urSn8YJngHk1eTKK8nHGIcOg6YdYDOD2nE5XwRijKmieG8Xa3eKRzfbL06GrBQENle6J
-mC131bp3cRVxpjq+o6RAbGoMm4yICsL4eTarCQrsyHmoPHqr91UHo91avyxU7knWmEhX27ybmsrs
-8aeZwPHixL14TeyhruCqRVvkf1Ks7P+z8MPUboGNqQe2WLN8ktCGEr15O8MJR/em86G03Jfo4oaw
-/DVUH5RwLT6acedOGuzMh/2r8BcmemhVQ8/cWvV4YJ0tOW4hzyVHC5hQf8sZ3LzxXLH6Ohnrbprh
-xvrdbaSdChWZDDP0bCCbxEhkwuBkBeKZrMbwRTP+TPTPYLVTH/CmKLzKh/114tkGkyO3hHS4qExU
-V39F2Sj4mylx+hD0+20D9pntpNi7htccGlOm6yNM69at/3+kLgJJyoIlaxLcCUYHNMifDt+T3p/t
-5U4XmD53uUQ6M8dvj/udqPekNSUfse15yrd9pjOt5PcJuqW28q0sFHf9pHIgz3XZFMe5PD7ppw6r
-S+C6Ir4PrYIEggQA7ZDVtiCm+BbtNNB/UJm79/OQ5mp5bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOB
-DICj7jHOXSHT7JlGyX6aSFJUltucAnZvwzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwf
-WSDRtIHkWTjly+pe4yy5K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/y
-NH8Wy3qvb2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6KCEi
-LgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili20hCn4hVfsqUQk2PT
-8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvlSVIfY+/v/FR8feKOjaGhyGF51BAx
-aM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKmCMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vP
-Ko/mQCfWy/9icUaIfKQldvkllUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnl
-m89saTJxRb7NWHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj
-hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUDsvjgjgLQ3P2U
-p2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1IyKqHFoB7h48OXxXKKY94DY0TG
-x6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJGObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuF
-yhdPZyuniIcmtLNxRZ1duYHErcAyX56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT
-7lTcXvDJgOUNnBRaIcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxy
-Xg4pkneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7VKHtXrNyj
-dPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/6EIHBy2hZ7ukfjHmdP4L
-yQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8Ro9eo6mfjjQ45z8adC43a47klwTEzvod
-3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5
-BpRD9Tgm3u6HPQSCBADgkWEN75Mu9TGosXY0xm1k6K6sPv8L949CrLWo4r1I2LA072bTGvQP28Vs
-hUA76jgcT1ocC++9PoktIK10YCq5w+FfMAQ04KeCXuAdmiY2iAT4Slea61PMCMta3mVGyLUZCLEm
-P+I0UKR5mlO0fGEcjU9j8TmbjZqxNFqloLsU7oSi7Os0EtYHkdAVrExUyOc/ZDie6fBjdLTmLdCm
-bE9JNwjlbXypdTZupGgLNhKGDIskUAAMwZYayI6YfSIMkNCeAYTnjOuGZZ1msCXGXsfMBR1sfUIj
-9UeGjwD8gq+UVVHX/oeoH/m0eJ5ppqi3+nUlgc9DvpYsC/Fg0G2KuYb9B+VJ+a4GMzQSPREoFtQp
-B9dtLkBb7Ha/hpGWTIdqzW0eAo5llyN8FNvl2Fu2IcLaNmWFO69gLjRKQopp0dvFOuwAVI6fvGDj
-p1WigoNbFZl8N+iiWmzKOjoG2ZLbez1clZCms/JPJrXhEMMOxWpVzkQyN336VWHmGgMcjaKCGSeA
-2nnESIGuiCXMrkHlGfabYIsKcHFCo2t13uXyZPf0zSPTkuD0Eh92wqC9pvA3gvrrCUfo9Mn3bs+e
-KWKmDlpcs8mDn032oIg+zrQhIduMqXVn3evzeVM3B5MBOGMvg51/SXg7R+MC/463juQQEb9IVe/I
-YGnO//oWm9lw/377Af/qH+FnN02obJw1FvesQIs9e5RHNQykKbO+vmVJQl1nd9DZWrHDNO7/80Yz
-2hCm7Tws5nSRN2iFlyRaYJHr7ypxkU2rCak2r6ua7XDwu1qU2RT3+qPjT1RuxQ2oTlHyGkKPMZGC
-Rc+CSWz5aeeCmHZVwdb3nC8YpfsujMiYqygLeuQ82pjKuR7DIKGmnfcOLdv5F+Ek2Wyy0D98iSgk
-+aoQGYLhL9llU13pn21uRsDY5uGcXiIw1IETFlTdgENEv8futZuJsegrp7fmFXyNoNyFNyypeDrM
-6ZqR4vKxFjg3tKKeVpkw/W4EAklzMxmNiazGNDBHsnYV3rwPlKa+HeeE2YxnsKwGLCNgRYUXTaJk
-461vS160z3dvh/mLfdZ7MYCkmO3bNE3ELUDAw7YQkSuo9ujzdFKte9LC34sjg9fOex3ThAg5Y50n
-wYm4zBmGM7yEqL8O6QgnM6tIDFS9XryDaLNzcGhMWqMvhzO6sC/AA2WfLgwS517Cp03IkJQWqG9q
-w52+E+GAtpioJfczEhlv9BrhjttdugRSjJrG8SYVYE4zG3Aur5eNBoGaALIOHOtPw8+JovQmIWcF
-oaJ/WQuglFrWtew51IK6F8RiHAOBVavZOuZcO7tV+5enVfreOd0rX8ZOy4hYmHhmF1hOrrWOn+Ee
-E0SYKonXN01BM9xMBIIBSLCvNAppnGPTUGjwbMJRg1VJ2KMiBWH5oJp8tyfIAxMuWFdtaLYbRSOD
-XbOAshPVK8JAY8DQDkzqaCTAkLTfSRAt9yY6SbUpMsRv7xa8nMZNJBJzJT9b/wNjgiOJgaGuJMkV
-2g/DX2jfP3PrMM/Sbnz7edORXHj1Pa5XTT8nG5MS0FuZgvevdq3o/gVVAz+ZCKOH3ShMzZvfp01l
-SX5gaJTflmU6cdNwtn2yZ6IScF7OrjUeA9iEoSVR9dQcA+4lB3RAG3LMwcnxXY35D7+PMJzHIZdF
-cSnq+n03ACY2/E/T31iijRH29rvYHGI+mP/ieYs45iq4fTWo6i1HofeWLdP0fX7xW3XO0/hWYFiw
-BxKu66whAbRhaib3XJNvetVs25ToYXyiDpjG+cd5rCMei8sGQwTBj9Zeh0URoeMW1inTP0JvCmMU
-rZgAAAAAAAAAAAAA
-
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-enc-02.pem b/crypto/openssl/crypto/pkcs7/t/msie-enc-02.pem
deleted file mode 100644
index 279c5d830b07..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-enc-02.pem
+++ /dev/null
@@ -1,106 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIITQAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
-bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
-aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
-uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQAKvi2eRLO+jdoiUd8ksZt+iQ0JXoWN0
-M/W9CEv6R1c42pwUIR/1F4RMK9oeyUiv9Z6lzmPaGNmx6XOCoueszVkwgfACAQAw
-gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
-GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
-QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFqcHEo69ShGfcOIVjnmWXLZM+7Y
-K/50j8YuvNbqq+dQxk9YY8ZpSU/JYsxmtcnEZdlSJEkpMHAO73V+eh1QQr0wghFz
-BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECJsSmRA1jxLjgIIRSIGLVtf+
-pzeB6oXJ9GlfsnIij+DgIOvrYaXC9qywAaUg7zMnln9QMgiih5XpBLgPg5Y/KYp3
-RZeHBwkjTIFwlNYSjE0PbsszsJYUmkDTsCjFUJEdM4+Cbv3g3Kct5w1Q6pVMXJLg
-JG4uFUY8CTScVkb9ETbIy3HisCRKJWA57ERLvCr/Fa6gNJKa5Mw1A5Nsp+QQqp0U
-uQz93raAPbCdqmHu8qQ88rzbB1k/ysXedRQLlzhqFs2hryD7kHe0gX8nPdlkre8Y
-tTQhY76LtbjnV2drXcyCUMONc56KQ2VcuxB0BWjSeyN8a75/rpt6wmiM/PKw0D4g
-RmXqA1ZR62X2WKbhKqvG5tQTF1LauZeddeYS4Rb8cLt2VMB5irkKWrHmJ3qyWELY
-Lah6AzDDdcf3LEfDo6rO9djqlU8RJwS0ExAuBooVBP6bZJG1tNUUbtxBydQ4PJUH
-UhulBMXUMd545fVb8d+lZnKbx3OS2LpILJ66Yeao7jTrEOIgxUq0c6ozzqcQe4Ax
-mytwvL57LpMQm9HpLg3xBHOeDwkkNkNMldA3qrzhoS52yc6vDYrI5XA+kjp7LioG
-wdSBDyQAXLmWxBpZXjmHp7GBTBsFwouA9kYWP450PZEomxNvzf9SpslLlD+UZeHM
-GWdpi5zInESmtHFue2Zyc4Q8Ul761ENTA5N3uqUmWN2Egkv64Nyigv0CGCjoLB6n
-q1256S/ZxISiEl5MTwO/LfhhGExsu+cU12aek3Ks1kNhVXHFoqjJ3YB8Hw08VmHV
-V0Bh8jdHVABDaRcR5/k00h9VB8zMP1qQmfhE/4q/fZBrGbgWucrGbBHIYlKFq8gF
-zZrH4XWvX41le5IEefm9+hFPE6TRJPh1ezDvh2eVhQxFpK7iqpR0z2OxdLJ5fhmB
-CCRHZuRpg7p7MWB6cUhrtBZXDytdkARnlqJsLFudjVUTjU9gi+GUt1sUmEf2Bjba
-z58UC7CfPIBJGMLjQD1oAQi1GVo9K1ZIaKqUtGA2QEHB2m/aXZg8F3ZDMfHp6Tpc
-au9Em4AL42Hrau1ArCk0fnhgA4dbnmZoEVbZJDdMX5xno1tuqEKYdPLJHuZxJhz2
-xdJUNYSFgpDWLJTzvTOEdZWm+CVmLNl60kJkWNh7HdvWeBV1yBquA6+k+r26sIoq
-LaZuSq/8QWnNJYZeQpKl8Ib9d8ycQ62Q2sHxLTq+eTYlwkE4Gomi3665IfmE6DS9
-OnFfYO440lKJZJbJ9ET+VN8kkVfCGh3tJdyVTJc95LKJtxKJzaFUDMObCMPfWOz+
-PaTTY8j9qA+GvdRDxwyBw0CJqgIps1pZ+foEZsIBtNyHHNSWjZxImIuWtfYgNmZ9
-dteZkKibWyZYgb64rgMQ2+nViwGMlQaDfYWCOAIj3mQGPTLb0OgFfKNvxBZuj72B
-l8tx3oufN9Ah9DwXl+ynXen39ct901v5eakpCC9VC0xke6JBXyXjxw5qtXRbevyT
-jKbYkPFkruwrCUL2fVUxV3mBXGagjz2XNTaz3oDSu9GX/UMViGwwHryeSiwX9XOo
-/KVNv+i57w2OlY2k72EoK+700fHlcx+EZu+1tIjh8YOVXDg7+nBklcrr21/FABqP
-Apm+fBEQ7QQyQUF1aViizQLgyfRl/J9szZKY2S2z0pHJroahmgSQRPwWgk5FEFpW
-PXSG0bRJ8SFNZn2zz3cdT6WvA6hg40jrEHSnCmDTWbWshMPvhCKZqXQTbCqYQnwf
-FBCtlpJOGVVvqshqIv69DBbLztTZkjjmdKP48v2B5qHlER4T8vewDt3lU5BAGuQn
-yRCcm5qOeuwg8PxcKBgFAoLKM+65cczLna/yIRyB/gD4p53MV5RztnnLxw/YvA2h
-xgPLVYn4LFIakKGYnlC7rXhfeDuVAMTpL+NVGbLGE8DeJ2KzdUJHrGZdwV+DkUuB
-BN9Pz0NtwEX91mabWawiXrxptmWMxnofMYNe5gg34izvm33+Kj/+Jgvej7uImuo+
-LaOQcCiCUv/gwrqA/FnkiheKboF0JDFIh3UJzZ1T/Uqdjv+JcuZjvCc60AufVdm5
-0zQaj4aZ6PJHybyuU8qT0lQvm083q596yelHHgd7K3J/c8SsfRnTcnSUI8lo7/Hn
-N593dZ7kMIc+UNOdzQYSI8KBoNxqOyzuou/GTpaRe3XKADtdzXxy8jY58hwmolrV
-UU3Lfay3+bzdNLq0p/GCZ4B5NXkyivJxxiHDoOmHWAzg9pxOV8EYoyponhvF2t3i
-kc32y9OhqwUBDZXuiZgtd9W6d3EVcaY6vqOkQGxqDJuMiArC+Hk2qwkK7Mh5qDx6
-q/dVB6PdWr8sVO5J1phIV9u8m5rK7PGnmcDx4sS9eE3soa7gqkVb5H9SrOz/s/DD
-1G6BjakHtlizfJLQhhK9eTvDCUf3pvOhtNyX6OKGsPw1VB+UcC0+mnHnThrszIf9
-q/AXJnpoVUPP3Fr1eGCdLTluIc8lRwuYUH/LGdy88Vyx+joZ626a4cb63W2knQoV
-mQwz9Gwgm8RIZMLgZAXimazG8EUz/kz0z2C1Ux/wpii8yof9deLZBpMjt4R0uKhM
-VFd/Rdko+JspcfoQ9PttA/aZ7aTYu4bXHBpTpusjTOvWrf9/pC4CScqCJWsS3AlG
-BzTInw7fk96f7eVOF5g+d7lEOjPHb4/7naj3pDUlH7Htecq3faYzreT3CbqltvKt
-LBR3/aRyIM912RTHuTw+6acOq0vguiK+D62C7ZDVtiCm+BbtNNB/UJm79/OQ5mp5
-bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOBDICj7jHOXSHT7JlGyX6aSFJUltucAnZv
-wzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwfWSDRtIHkWTjly+pe4yy5
-K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/yNH8Wy3qv
-b2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6
-KCEiLgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili2
-0hCn4hVfsqUQk2PT8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvl
-SVIfY+/v/FR8feKOjaGhyGF51BAxaM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKm
-CMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vPKo/mQCfWy/9icUaIfKQldvkl
-lUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnlm89saTJxRb7N
-WHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj
-hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUD
-svjgjgLQ3P2Up2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1Iy
-KqHFoB7h48OXxXKKY94DY0TGx6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJ
-GObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuFyhdPZyuniIcmtLNxRZ1duYHErcAy
-X56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT7lTcXvDJgOUNnBRa
-IcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxyXg4p
-kneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7V
-KHtXrNyjdPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/
-6EIHBy2hZ7ukfjHmdP4LyQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8
-Ro9eo6mfjjQ45z8adC43a47klwTEzvod3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK
-0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5BpRD9Tgm3u6HPeCRYQ3v
-ky71MaixdjTGbWTorqw+/wv3j0KstajivUjYsDTvZtMa9A/bxWyFQDvqOBxPWhwL
-770+iS0grXRgKrnD4V8wBDTgp4Je4B2aJjaIBPhKV5rrU8wIy1reZUbItRkIsSY/
-4jRQpHmaU7R8YRyNT2PxOZuNmrE0WqWguxTuhKLs6zQS1geR0BWsTFTI5z9kOJ7p
-8GN0tOYt0KZsT0k3COVtfKl1Nm6kaAs2EoYMiyRQAAzBlhrIjph9IgyQ0J4BhOeM
-64ZlnWawJcZex8wFHWx9QiP1R4aPAPyCr5RVUdf+h6gf+bR4nmmmqLf6dSWBz0O+
-liwL8WDQbYq5hv0H5Un5rgYzNBI9ESgW1CkH120uQFvsdr+GkZZMh2rNbR4CjmWX
-I3wU2+XYW7Yhwto2ZYU7r2AuNEpCimnR28U67ABUjp+8YOOnVaKCg1sVmXw36KJa
-bMo6OgbZktt7PVyVkKaz8k8mteEQww7FalXORDI3ffpVYeYaAxyNooIZJ4DaecRI
-ga6IJcyuQeUZ9ptgiwpwcUKja3Xe5fJk9/TNI9OS4PQSH3bCoL2m8DeC+usJR+j0
-yfduz54pYqYOWlyzyYOfTfagiD7OtCEh24ypdWfd6/N5UzcHkwE4Yy+DnX9JeDtH
-4wL/jreO5BARv0hV78hgac7/+hab2XD/fvsB/+of4Wc3TahsnDUW96xAiz17lEc1
-DKQps76+ZUlCXWd30NlascM07v/zRjPaEKbtPCzmdJE3aIWXJFpgkevvKnGRTasJ
-qTavq5rtcPC7WpTZFPf6o+NPVG7FDahOUfIaQo8xkYJFz4JJbPlp54KYdlXB1vec
-Lxil+y6MyJirKAt65DzamMq5HsMgoaad9w4t2/kX4STZbLLQP3yJKCT5qhAZguEv
-2WVTXemfbW5GwNjm4ZxeIjDUgRMWVN2AQ0S/x+61m4mx6Cunt+YVfI2g3IU3LKl4
-OszpmpHi8rEWODe0op5WmTD9bgQCSXMzGY2JrMY0MEeydhXevA+Upr4d54TZjGew
-rAYsI2BFhRdNomTjrW9LXrTPd2+H+Yt91nsxgKSY7ds0TcQtQMDDthCRK6j26PN0
-Uq170sLfiyOD1857HdOECDljnSfBibjMGYYzvISovw7pCCczq0gMVL1evINos3Nw
-aExaoy+HM7qwL8ADZZ8uDBLnXsKnTciQlBaob2rDnb4T4YC2mKgl9zMSGW/0GuGO
-2126BFKMmsbxJhVgTjMbcC6vl40GgZoAsg4c60/Dz4mi9CYhZwWhon9ZC6CUWta1
-7DnUgroXxGIcA4FVq9k65lw7u1X7l6dV+t453Stfxk7LiFiYeGYXWE6utY6f4R4T
-RJgqidc3TUEz3EywrzQKaZxj01Bo8GzCUYNVSdijIgVh+aCafLcnyAMTLlhXbWi2
-G0Ujg12zgLIT1SvCQGPA0A5M6mgkwJC030kQLfcmOkm1KTLEb+8WvJzGTSQScyU/
-W/8DY4IjiYGhriTJFdoPw19o3z9z6zDP0m58+3nTkVx49T2uV00/JxuTEtBbmYL3
-r3at6P4FVQM/mQijh90oTM2b36dNZUl+YGiU35ZlOnHTcLZ9smeiEnBezq41HgPY
-hKElUfXUHAPuJQd0QBtyzMHJ8V2N+Q+/jzCcxyGXRXEp6vp9NwAmNvxP099Yoo0R
-9va72BxiPpj/4nmLOOYquH01qOotR6H3li3T9H1+8Vt1ztP4VmBYsAcSruusIQG0
-YWom91yTb3rVbNuU6GF8og6YxvnHeawjHovLBkMEwY/WXodFEaHjFtYp0z9Cbwpj
-FK2YAAAAAA==
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-s-a-e b/crypto/openssl/crypto/pkcs7/t/msie-s-a-e
deleted file mode 100644
index 0067794d7081..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-s-a-e
+++ /dev/null
@@ -1,91 +0,0 @@
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
-BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
-aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECjscaS
-G0U299fqiEAgTqTFQBp8Ai6zzjl557cVb3k6z4QZ7CbqBjSXAjLbh5e7S5Hd/FrFcDnxl1Ka06ha
-VHGPMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
-BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
-SIb3DQEBAQUABECsyHXZ1xaiv0UQRvOmVYsaF38AL2XX75wxbCsz5/wOg7g3RP4aicZxaR4sBog0
-f2G1o9om/hu+A0rIYF/L4/GUMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQIsozQrnwj
-cc2ggASCBAAQz/LPoJe/+iYWeTwSebz6Q9UeKZzQ2UWm7GLtEM3s3c9SCvpmkwIRdEhLjWaBJMyI
-DiL7t1I1vMf9inB8LXgAcIEYkpNScjS8ERA9Ebb7ieNKSBg7w7B8ATHFxLSlDADqRgoZrB1Ctfgf
-ximp3EgxTgnhtyQhZxXW7kBQyFRwumplrJXOp7albP7IothrOKncw30IJT1fwPxWNMItI9juXF0U
-CbWVSjPzGBo4+XNXMvUO6MplOQEz/ywEQ9E8OZAQex1Zw9qq5ppsXB2pMsYV5sLJGikukMYKquiz
-3YK+tN6J8ahLcDUs+VGwqvZi17gpBTlbEP+ZmXJpnO63t1yTEB0V5AZcRKWUOhzlCBM5YUagqNoY
-cpsmSvOK6bYzkUKOrzWpDCAtGZ/Dvul5dTZZmxs2WpM+iyeHXMxO3huy8K1brPTqt1f1sHhuq1jD
-1eXedaCjIgUW9qV18vNAQCof/Yb6T/1fxztf/jD7pPLQJ+7LJkKCAEHGcaizpoKqhYcttaEhLq1G
-O+Ohqf7yFegMdTJ3wwP324w5ZYSU5fLo2Z34/Edf6EGvXyTIqVfAmEBALd6JGVdN5GlYYTxrL+eO
-P80Z4ao4YKoxwEmRp5bmQsQ8B29QhOFKmC6eiG5B96qLMtp7Zmu1grDNxTd6OXShWVwYARD0/B1P
-Sy0PAfk9Gb4fAkO9fZJDQYZ7s0mM5iOPEeSR7820TolOb+KfRabLA9d714jsc2jEykKlpP66Bh4j
-aCsyqJ0uUQcE8SnzrKAqGwgWiCGQpiTa+HBiP6eRlRGOKQj5Y06vcNx6Ija4cGe6+yCN8HV8tCY0
-okZK98NQCl5t79R/ZB2c3NvBJH+/g3ulU48ikT3tVmDxE3mOZofZyGFEM99P+YCMScLDxTl3hzGy
-0YkI8U855P7qOAbcFfh2T5n+LSELwLhbkymEfZT917GWTfmypBWMvJx0WHeDhKwQYPdzbKgWETnc
-yeKasaCW+oLdhBwrd6Ws2r4MA8cwiYXDLbwYmCxJA8VF++8kubF2HJOjSyMBS+QT2PSV/0D9UWoi
-Vfk7R4OvWBJVvq7nV+lXS0O5igjExxlmx1OaBfg7+Cr/MbK4zVNrKSJn82NnKKt6LC6RaTmvFYay
-0sDFxQ7Xo+Th6tDNKmKWJt6Kegfjc+qTWJTKb3kL+UI8vS0zTLy1+M/rZ4ekos/JiS5rYIcAswvg
-58kBgp/0rc6upBeWjBaK5O0aLAeBQfLulo1axWX04OSVKmYeoAltyR6UO9ME3acurQyg7Ta24yqO
-whi/PrIaEiO7dsWvFtzsshVzBLic02NlAkPkMUzliPYnZHWQglDAVxL5K2qhvK1OFCkQpIgBsBDM
-6KYRL/mkBIIEALIl927rIkaN37/BQIcxLcSa05YfC0Hl3mxWESt1A0D4lA37A9S8EbYmDfAYlMc0
-3HhZGdZEtawfpJFyDHzNZceNWBch6nxeNZCY4YFdsbzuGS0RKpwNA9S/czOJ4p9ymBCxuhGepI3U
-PKbC8C749Www1/wMdAot1n+K7M/PBGR8hWmaH5SS7U3yMwAB1fq2NDjx4ur+Um+MclSdN01MDXzG
-EO+eAo1pdAY8479234l8dB2YVAhZ1ZlJ4KmbqMKJrGJXnQUEYS6/cTDRjsUocsoW7uGg1ci2GiHa
-qjlkfpBfie3SdhFW/K8hwAH0HALs56oFN66wUkP/AaJAPfIUNhR6RpHKzZ9zCC42oB2mNawQRMnF
-ETBl1s/SwMxLKRp7jAfKs4NZxSY6I9z/2dTpzS3tsHMjxVDuxkolvRNWBILEMeL1CBvip2HhmoUw
-/Sz5NDgyzk1aQLV6DQNJ2RZLMZDRCtSwZSBu6lhhSgTJGazP0+NbqXXC5aQTrqrFIcWyDXz+ADle
-kszzYM/gSaQTCALTwfDDaU9Ek3xVgW+XBtExtJ3U+0AN3l0j86rUIdIvp6eWdxWQqv9LtpoorKMD
-KfUc5PYV09Z1JgsT4X51Zzq+74l5dz7udIM7UNbdTpmRm9PDj3TUbGCvNR9hqOEGTLbkvb1ZR24a
-h6uGRl2znB25IpDAGRhNRb9is/pO2tvHwHTDMOjrgvZG/pNvXgSUxz0pRjUjXIcqBe2X2gcQfeal
-r8gY76o83WEGL6ODryV9vTQVHt52+izgpYoBZaVlpgqbZl54c+OE0Zxf9RwXwDbcYu5Ku5E0MPL0
-qUjc0y2+Y6E4P5bAWaZGMGT+ORkyVUzcaWmM/+XlO7PER5wrWlCIMZCX1L/nvioY0q0CKqALn7DJ
-QU+qenbwrb6uwS7uNZY6V86s0aDYpU7yRyqxC5SbuyNJb02gdxUCgpIscFaMUjMVRml4M4BIjX/b
-U+HgHoVMUm8SnN9gRcT2izPrgOGVcMTJjfenzoCKoCPo9RjgGMctgB4DvKamErNU7OrilIfuoqzE
-PNSeP9SPw/zkDmNvMebM499We9CVnsHUWqF00/ZJWoua77+0f1bLS/tmci1JBvIcMo/4SJvgH+KF
-o0gijP9gqAPd5iCOnpnJlHUqRIym42SmyKEDuzdSwXKjAR6j7uXda39JyMJr8gGzEsu0jYRkAmj1
-YdiqwKXUcLMkcj1AKeU/PxTUVw0YKsv/rowrPYww3xQUWqNivrXB7GCHE3BzsYNdHsmziaGIXQbA
-+EBHdkuKrM8BcC+fxhF/l/KUxngsD1E75IcUv8zFDF+sk4CBYHqks9S4JYlcubuizqsILbdGzIMN
-Z7w34k0XT+sEggQAyzr8MHeIJGsT+AYnZr08PeTbyr01JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzY
-CXrxZcUmuay6/MV8w/f5T6vQXdoSw5puWodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSV
-OWSvST0AtAX57fFOTckm+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4Eg
-XBLNvOZY9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ40BQD
-c6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q53DvKVtXp9Ycam5J
-TmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp6B+06HljUwQLBJs9XtCfqH5Zgdz9
-gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/TH68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4
-zVkwsn203bUmKLyz+yl1zItDpn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeD
-JJVld3ac6F8+3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w
-95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUCQkJyqTeTeGgH
-rn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrVuh6V9m7Mpl9hzpogg++EZqah
-fzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUt
-j2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRI
-Ipi+7tX0FsilqEbmjG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRm
-hOhGqUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38Bw10ERap
-m8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6L7IwJWotIUx8E0XH0/cU
-xS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+NtgabrZ6SsKGthGa7eULTpz0McWTLRU0y/
-/tkckpm5pDnXSFbIMskwwjECz82UZBSPpigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9P
-O1tQd60EO+3awASCBAAZQvWV3/yJ6FxPttbP+qeURpJoPEZfpN2UYZmd8HqtR0YbaOZ6Rln9nvpd
-K9fylXdw9z2xeCbjDWUttJB4VqZxGJM8eCTC1VDVyAOsQ5n7SY55dMkQbU+o4Z/4J5m8+wz50BBI
-LfruL1eZ6/CF6CdvxVRiJ10sXc0Tn2sVMXqkw7Adp1GYoCI9c6VFSFK74+n+y7LVFQ5HBnbQyKJc
-dvdLOXwZOPaFHC5UNXRmOpcwdPqyXUe+xIsOMYbzdlAnI9eGDNeRDktUa/Rh0CbZCxjmJzoZEYOE
-ZjsYZlEfp1Kb61t8z4m28hGLEg88T1Ihmxa2HeUWes1RpmgIOP+/2Lb3smj/l/fpSu4gabFgyCAV
-H5HdCYMScUv8SVu55+tpeO8ELoHHQUXV4rr084O4budzhgNSOPyLGDl5sfDUXiyusPCxS4JVO/KY
-6V2Qrtg/q2wtmXpEkZnGT+Qi3WDzwt4W81alztnYMP17oGLmxX71KV9OEiMZjI4WaaGt+OOINLtR
-qefioZ1NI2L1s5M0tybwTsyU9WERM+3pUwXIfJVsbMZRlNaO2OogcHbaR4UWvhOj+3CTG1sThiYQ
-MxMnp1Rpqx3nhyzqLO3TRrkYvxnA3cdPBn9EeqpgBMg7X3hCiMV3Fl5cj/WOMhtHYgY7BgeCXo46
-EFVZ4+WroGZ46xGiRDiIblo8bzLd7QCxvukzxy3mUDgsZQ8pds4N28weSUhBk5MAPbfBpRvXUVJx
-MhKqXucQU1Md1qSGLbuuIQuz9pAGp1JFUx/vEkCgm74daSoVWCZuB+1ZE4f48clvrBj51xMNf8CP
-EFE7vySzVb6X2H1i5X3Z+Y3DdIcWw4Y2FClfcJk4Mwq8Cq2GALGFEge9YSEE9YmyuU6OFeU0ICon
-iXAgZ72SM8fBwJPruLFbdsNYKW+oAfmPisXSWMcZmdSbfk0GYv+vKtu3eegSbWw1UsCVtZOh9E5Z
-uQ83l59CBqO9sV/SFU3WrrJ0qNWxrmXu9nJn5Qf5iCRoFGYNHYHkIG5FS6N00GEDZxGkxmro2d++
-Adj5LVHc/b1cYWmrux+jEqI8ZK8cyTB0XMbBA/HYbx9NXazr7znP4/Mlv3pZToEcYt+lgLHAArtU
-AdhybhbLIwNMq0gr6EwtDklBa3ns4Wx/rJU8H7LGs6gV8uqeaSketv+nz+sQhfctxZ1rx+5qzXfy
-FOQVpO23KDQunBi1Bl9k61Di4q9JWcyADBXPHXJzp7mL8Fk7zdvMAEfuED1phdRm6GgDYoYUs4yQ
-IrhSjFlWyk7hT8475xk3BIv++obvWSAv/3+pF6A6U2RXDChVmnG0JnPa9wYYtdzBmLfZKBjX+DjD
-yEMsuhPsCzuN4R6tBIIBWCVRKmKwdkatmpsQBgDw48u0/Arffl5/DRlS9ee+QffFecUitDdCK+kt
-X5L2fGYrL5g6SltncMIeV1ptx4nuSjC/O944q1KYtqvQiPFWJqEXIRMNbbYOC47sjLza0tEFrimN
-wxcrWGSzsy5R9beFQ1aHPcMrDWfCoviNRk2qPtxuKIC5Qk2ZuOmJLjCiLwUGEb0/1Mpzv3MqQa7d
-mRayXg3DZWJPajxNZv6eS357ElMvwGQmqafb2mlQJwWLsg9m9PG7uqEoyrqSc6MiuY+icLEFib9j
-OfRQrx70rTSKUfTr4MtP0aZZAefjCrpVIyTekhFDOk0Nmx057eonlyGgmGpl5/Uo+t1J1Z11Ya/l
-bNbfmebRISJeTVW0I8FhseAZMI1GSwp/ludJxSLYOgyRkh+GX134MexNo7O9F1SxLCfWaSG9Fc3s
-5ify04ua9/t8SGrYZPm/l3MkAAAAAAAAAAAAAA==
-
-
diff --git a/crypto/openssl/crypto/pkcs7/t/msie-s-a-e.pem b/crypto/openssl/crypto/pkcs7/t/msie-s-a-e.pem
deleted file mode 100644
index 55dbd8f80bdd..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/msie-s-a-e.pem
+++ /dev/null
@@ -1,106 +0,0 @@
------BEGIN PKCS7-----
-MIAGCSqGSIb3DQEHA6CAMIITUAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
-bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
-aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
-uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQKOxxpIbRTb31+qIQCBOpMVAGnwCLrPO
-OXnntxVveTrPhBnsJuoGNJcCMtuHl7tLkd38WsVwOfGXUprTqFpUcY8wgfACAQAw
-gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
-GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
-QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKzIddnXFqK/RRBG86ZVixoXfwAv
-ZdfvnDFsKzPn/A6DuDdE/hqJxnFpHiwGiDR/YbWj2ib+G74DSshgX8vj8ZQwghGD
-BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECLKM0K58I3HNgIIRWBDP8s+g
-l7/6JhZ5PBJ5vPpD1R4pnNDZRabsYu0Qzezdz1IK+maTAhF0SEuNZoEkzIgOIvu3
-UjW8x/2KcHwteABwgRiSk1JyNLwRED0RtvuJ40pIGDvDsHwBMcXEtKUMAOpGChms
-HUK1+B/GKancSDFOCeG3JCFnFdbuQFDIVHC6amWslc6ntqVs/sii2Gs4qdzDfQgl
-PV/A/FY0wi0j2O5cXRQJtZVKM/MYGjj5c1cy9Q7oymU5ATP/LARD0Tw5kBB7HVnD
-2qrmmmxcHakyxhXmwskaKS6Qxgqq6LPdgr603onxqEtwNSz5UbCq9mLXuCkFOVsQ
-/5mZcmmc7re3XJMQHRXkBlxEpZQ6HOUIEzlhRqCo2hhymyZK84rptjORQo6vNakM
-IC0Zn8O+6Xl1NlmbGzZakz6LJ4dczE7eG7LwrVus9Oq3V/WweG6rWMPV5d51oKMi
-BRb2pXXy80BAKh/9hvpP/V/HO1/+MPuk8tAn7ssmQoIAQcZxqLOmgqqFhy21oSEu
-rUY746Gp/vIV6Ax1MnfDA/fbjDllhJTl8ujZnfj8R1/oQa9fJMipV8CYQEAt3okZ
-V03kaVhhPGsv544/zRnhqjhgqjHASZGnluZCxDwHb1CE4UqYLp6IbkH3qosy2ntm
-a7WCsM3FN3o5dKFZXBgBEPT8HU9LLQ8B+T0Zvh8CQ719kkNBhnuzSYzmI48R5JHv
-zbROiU5v4p9FpssD13vXiOxzaMTKQqWk/roGHiNoKzKonS5RBwTxKfOsoCobCBaI
-IZCmJNr4cGI/p5GVEY4pCPljTq9w3HoiNrhwZ7r7II3wdXy0JjSiRkr3w1AKXm3v
-1H9kHZzc28Ekf7+De6VTjyKRPe1WYPETeY5mh9nIYUQz30/5gIxJwsPFOXeHMbLR
-iQjxTznk/uo4BtwV+HZPmf4tIQvAuFuTKYR9lP3XsZZN+bKkFYy8nHRYd4OErBBg
-93NsqBYROdzJ4pqxoJb6gt2EHCt3pazavgwDxzCJhcMtvBiYLEkDxUX77yS5sXYc
-k6NLIwFL5BPY9JX/QP1RaiJV+TtHg69YElW+rudX6VdLQ7mKCMTHGWbHU5oF+Dv4
-Kv8xsrjNU2spImfzY2coq3osLpFpOa8VhrLSwMXFDtej5OHq0M0qYpYm3op6B+Nz
-6pNYlMpveQv5Qjy9LTNMvLX4z+tnh6Siz8mJLmtghwCzC+DnyQGCn/Stzq6kF5aM
-Fork7RosB4FB8u6WjVrFZfTg5JUqZh6gCW3JHpQ70wTdpy6tDKDtNrbjKo7CGL8+
-shoSI7t2xa8W3OyyFXMEuJzTY2UCQ+QxTOWI9idkdZCCUMBXEvkraqG8rU4UKRCk
-iAGwEMzophEv+aSyJfdu6yJGjd+/wUCHMS3EmtOWHwtB5d5sVhErdQNA+JQN+wPU
-vBG2Jg3wGJTHNNx4WRnWRLWsH6SRcgx8zWXHjVgXIep8XjWQmOGBXbG87hktESqc
-DQPUv3MzieKfcpgQsboRnqSN1DymwvAu+PVsMNf8DHQKLdZ/iuzPzwRkfIVpmh+U
-ku1N8jMAAdX6tjQ48eLq/lJvjHJUnTdNTA18xhDvngKNaXQGPOO/dt+JfHQdmFQI
-WdWZSeCpm6jCiaxiV50FBGEuv3Ew0Y7FKHLKFu7hoNXIthoh2qo5ZH6QX4nt0nYR
-VvyvIcAB9BwC7OeqBTeusFJD/wGiQD3yFDYUekaRys2fcwguNqAdpjWsEETJxREw
-ZdbP0sDMSykae4wHyrODWcUmOiPc/9nU6c0t7bBzI8VQ7sZKJb0TVgSCxDHi9Qgb
-4qdh4ZqFMP0s+TQ4Ms5NWkC1eg0DSdkWSzGQ0QrUsGUgbupYYUoEyRmsz9PjW6l1
-wuWkE66qxSHFsg18/gA5XpLM82DP4EmkEwgC08Hww2lPRJN8VYFvlwbRMbSd1PtA
-Dd5dI/Oq1CHSL6enlncVkKr/S7aaKKyjAyn1HOT2FdPWdSYLE+F+dWc6vu+JeXc+
-7nSDO1DW3U6ZkZvTw4901GxgrzUfYajhBky25L29WUduGoerhkZds5wduSKQwBkY
-TUW/YrP6Ttrbx8B0wzDo64L2Rv6Tb14ElMc9KUY1I1yHKgXtl9oHEH3mpa/IGO+q
-PN1hBi+jg68lfb00FR7edvos4KWKAWWlZaYKm2ZeeHPjhNGcX/UcF8A23GLuSruR
-NDDy9KlI3NMtvmOhOD+WwFmmRjBk/jkZMlVM3GlpjP/l5TuzxEecK1pQiDGQl9S/
-574qGNKtAiqgC5+wyUFPqnp28K2+rsEu7jWWOlfOrNGg2KVO8kcqsQuUm7sjSW9N
-oHcVAoKSLHBWjFIzFUZpeDOASI1/21Ph4B6FTFJvEpzfYEXE9osz64DhlXDEyY33
-p86AiqAj6PUY4BjHLYAeA7ymphKzVOzq4pSH7qKsxDzUnj/Uj8P85A5jbzHmzOPf
-VnvQlZ7B1FqhdNP2SVqLmu+/tH9Wy0v7ZnItSQbyHDKP+Eib4B/ihaNIIoz/YKgD
-3eYgjp6ZyZR1KkSMpuNkpsihA7s3UsFyowEeo+7l3Wt/ScjCa/IBsxLLtI2EZAJo
-9WHYqsCl1HCzJHI9QCnlPz8U1FcNGCrL/66MKz2MMN8UFFqjYr61wexghxNwc7GD
-XR7Js4mhiF0GwPhAR3ZLiqzPAXAvn8YRf5fylMZ4LA9RO+SHFL/MxQxfrJOAgWB6
-pLPUuCWJXLm7os6rCC23RsyDDWe8N+JNF0/ryzr8MHeIJGsT+AYnZr08PeTbyr01
-JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzYCXrxZcUmuay6/MV8w/f5T6vQXdoSw5pu
-WodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSVOWSvST0AtAX57fFOTckm
-+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4EgXBLNvOZY
-9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ4
-0BQDc6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q
-53DvKVtXp9Ycam5JTmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp
-6B+06HljUwQLBJs9XtCfqH5Zgdz9gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/T
-H68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4zVkwsn203bUmKLyz+yl1zItD
-pn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeDJJVld3ac6F8+
-3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w
-95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUC
-QkJyqTeTeGgHrn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrV
-uh6V9m7Mpl9hzpogg++EZqahfzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6
-M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUtj2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4
-EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRIIpi+7tX0FsilqEbm
-jG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRmhOhG
-qUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38
-Bw10ERapm8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6
-L7IwJWotIUx8E0XH0/cUxS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+Nt
-gabrZ6SsKGthGa7eULTpz0McWTLRU0y//tkckpm5pDnXSFbIMskwwjECz82UZBSP
-pigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9PO1tQd60EO+3awBlC9ZXf
-/InoXE+21s/6p5RGkmg8Rl+k3ZRhmZ3weq1HRhto5npGWf2e+l0r1/KVd3D3PbF4
-JuMNZS20kHhWpnEYkzx4JMLVUNXIA6xDmftJjnl0yRBtT6jhn/gnmbz7DPnQEEgt
-+u4vV5nr8IXoJ2/FVGInXSxdzROfaxUxeqTDsB2nUZigIj1zpUVIUrvj6f7LstUV
-DkcGdtDIolx290s5fBk49oUcLlQ1dGY6lzB0+rJdR77Eiw4xhvN2UCcj14YM15EO
-S1Rr9GHQJtkLGOYnOhkRg4RmOxhmUR+nUpvrW3zPibbyEYsSDzxPUiGbFrYd5RZ6
-zVGmaAg4/7/YtveyaP+X9+lK7iBpsWDIIBUfkd0JgxJxS/xJW7nn62l47wQugcdB
-RdXiuvTzg7hu53OGA1I4/IsYOXmx8NReLK6w8LFLglU78pjpXZCu2D+rbC2ZekSR
-mcZP5CLdYPPC3hbzVqXO2dgw/XugYubFfvUpX04SIxmMjhZpoa3444g0u1Gp5+Kh
-nU0jYvWzkzS3JvBOzJT1YREz7elTBch8lWxsxlGU1o7Y6iBwdtpHhRa+E6P7cJMb
-WxOGJhAzEyenVGmrHeeHLOos7dNGuRi/GcDdx08Gf0R6qmAEyDtfeEKIxXcWXlyP
-9Y4yG0diBjsGB4JejjoQVVnj5augZnjrEaJEOIhuWjxvMt3tALG+6TPHLeZQOCxl
-Dyl2zg3bzB5JSEGTkwA9t8GlG9dRUnEyEqpe5xBTUx3WpIYtu64hC7P2kAanUkVT
-H+8SQKCbvh1pKhVYJm4H7VkTh/jxyW+sGPnXEw1/wI8QUTu/JLNVvpfYfWLlfdn5
-jcN0hxbDhjYUKV9wmTgzCrwKrYYAsYUSB71hIQT1ibK5To4V5TQgKieJcCBnvZIz
-x8HAk+u4sVt2w1gpb6gB+Y+KxdJYxxmZ1Jt+TQZi/68q27d56BJtbDVSwJW1k6H0
-Tlm5DzeXn0IGo72xX9IVTdausnSo1bGuZe72cmflB/mIJGgUZg0dgeQgbkVLo3TQ
-YQNnEaTGaujZ374B2PktUdz9vVxhaau7H6MSojxkrxzJMHRcxsED8dhvH01drOvv
-Oc/j8yW/ellOgRxi36WAscACu1QB2HJuFssjA0yrSCvoTC0OSUFreezhbH+slTwf
-ssazqBXy6p5pKR62/6fP6xCF9y3FnWvH7mrNd/IU5BWk7bcoNC6cGLUGX2TrUOLi
-r0lZzIAMFc8dcnOnuYvwWTvN28wAR+4QPWmF1GboaANihhSzjJAiuFKMWVbKTuFP
-zjvnGTcEi/76hu9ZIC//f6kXoDpTZFcMKFWacbQmc9r3Bhi13MGYt9koGNf4OMPI
-Qyy6E+wLO43hHq0lUSpisHZGrZqbEAYA8OPLtPwK335efw0ZUvXnvkH3xXnFIrQ3
-QivpLV+S9nxmKy+YOkpbZ3DCHldabceJ7kowvzveOKtSmLar0IjxViahFyETDW22
-DguO7Iy82tLRBa4pjcMXK1hks7MuUfW3hUNWhz3DKw1nwqL4jUZNqj7cbiiAuUJN
-mbjpiS4woi8FBhG9P9TKc79zKkGu3ZkWsl4Nw2ViT2o8TWb+nkt+exJTL8BkJqmn
-29ppUCcFi7IPZvTxu7qhKMq6knOjIrmPonCxBYm/Yzn0UK8e9K00ilH06+DLT9Gm
-WQHn4wq6VSMk3pIRQzpNDZsdOe3qJ5choJhqZef1KPrdSdWddWGv5WzW35nm0SEi
-Xk1VtCPBYbHgGTCNRksKf5bnScUi2DoMkZIfhl9d+DHsTaOzvRdUsSwn1mkhvRXN
-7OYn8tOLmvf7fEhq2GT5v5dzJAAAAAA=
------END PKCS7-----
diff --git a/crypto/openssl/crypto/pkcs7/t/nav-smime b/crypto/openssl/crypto/pkcs7/t/nav-smime
deleted file mode 100644
index 6ee4b597a145..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/nav-smime
+++ /dev/null
@@ -1,157 +0,0 @@
-From angela@c2.net.au Thu May 14 13:32:27 1998
-X-UIDL: 83c94dd550e54329bf9571b72038b8c8
-Return-Path: angela@c2.net.au
-Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27838 for <tjh@cryptsoft.com>; Thu, 14 May 1998 13:32:26 +1000 (EST)
-Message-ID: <355A6779.4B63E64C@cryptsoft.com>
-Date: Thu, 14 May 1998 13:39:37 +1000
-From: Angela van Lent <angela@c2.net.au>
-X-Mailer: Mozilla 4.03 [en] (Win95; U)
-MIME-Version: 1.0
-To: tjh@cryptsoft.com
-Subject: signed
-Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms9A58844C95949ECC78A1C54C"
-Content-Length: 2604
-Status: OR
-
-This is a cryptographically signed message in MIME format.
-
---------------ms9A58844C95949ECC78A1C54C
-Content-Type: text/plain; charset=us-ascii
-Content-Transfer-Encoding: 7bit
-
-signed body
-
---------------ms9A58844C95949ECC78A1C54C
-Content-Type: application/x-pkcs7-signature; name="smime.p7s"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7s"
-Content-Description: S/MIME Cryptographic Signature
-
-MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
-BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
-BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
-ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
-AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
-gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
-ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
-A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
-dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
-hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
-hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
-igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
-syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
-kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
-MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
-TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
-mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
-8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
-ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
-BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
-REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
-AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
-CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
-SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
-BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
-9CWR6g==
---------------ms9A58844C95949ECC78A1C54C--
-
-
-From angela@c2.net.au Thu May 14 13:33:16 1998
-X-UIDL: 8f076c44ff7c5967fd5b00c4588a8731
-Return-Path: angela@c2.net.au
-Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27847 for <tjh@cryptsoft.com>; Thu, 14 May 1998 13:33:15 +1000 (EST)
-Message-ID: <355A67AB.2AF38806@cryptsoft.com>
-Date: Thu, 14 May 1998 13:40:27 +1000
-From: Angela van Lent <angela@c2.net.au>
-X-Mailer: Mozilla 4.03 [en] (Win95; U)
-MIME-Version: 1.0
-To: tjh@cryptsoft.com
-Subject: signed
-Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------msD7863B84BD61E02C407F2F5E"
-Content-Length: 2679
-Status: OR
-
-This is a cryptographically signed message in MIME format.
-
---------------msD7863B84BD61E02C407F2F5E
-Content-Type: text/plain; charset=us-ascii
-Content-Transfer-Encoding: 7bit
-
-signed body 2
-
---------------msD7863B84BD61E02C407F2F5E
-Content-Type: application/x-pkcs7-signature; name="smime.p7s"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7s"
-Content-Description: S/MIME Cryptographic Signature
-
-MIIGVgYJKoZIhvcNAQcCoIIGRzCCBkMCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
-BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
-BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
-ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
-AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
-gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
-ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
-A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
-dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
-hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
-hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
-igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
-syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
-kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
-MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
-TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
-mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
-8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
-ggGzMIIBrwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
-BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
-REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
-AgIEfjAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN
-AQkFMQ8XDTk4MDUxNDAzNDAyN1owIwYJKoZIhvcNAQkEMRYEFOKcV8mNYJnM8rHQajcSEqJN
-rwdDMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsO
-AwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEADPE/N
-coH+zTFuX5YpolupTKxKK8eEjc48TuADuO8bIHHDE/fEYaWunlwDuTlcFJl1ig0idffPB1qC
-Zp8SSVVY
---------------msD7863B84BD61E02C407F2F5E--
-
-
-From angela@c2.net.au Thu May 14 14:05:32 1998
-X-UIDL: a7d629b4b9acacaee8b39371b860a32a
-Return-Path: angela@c2.net.au
-Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id OAA28033 for <tjh@cryptsoft.com>; Thu, 14 May 1998 14:05:32 +1000 (EST)
-Message-ID: <355A6F3B.AC385981@cryptsoft.com>
-Date: Thu, 14 May 1998 14:12:43 +1000
-From: Angela van Lent <angela@c2.net.au>
-X-Mailer: Mozilla 4.03 [en] (Win95; U)
-MIME-Version: 1.0
-To: tjh@cryptsoft.com
-Subject: encrypted
-Content-Type: application/x-pkcs7-mime; name="smime.p7m"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7m"
-Content-Description: S/MIME Encrypted Message
-Content-Length: 905
-Status: OR
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
-A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
-ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEA92N29Yk39RUY2tIVd
-exGT2MFX3J6H8LB8aDRJjw7843ALgJ5zXpM5+f80QkAWwEN2A6Pl3VxiCeKLi435zXVyMIHw
-AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
-QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
-UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0G
-CSqGSIb3DQEBAQUABECR9IfyHtvnjFmZ8B2oUCEs1vxMsG0u1kxKE4RMPFyDqDCEARq7zXMg
-nzSUI7Wgv5USSKDqcLRJeW+jvYURv/nJMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
-oAQIrLqrij2ZMpeggAQoibtn6reRZWuWk5Iv5IAhgitr8EYE4w4ySQ7EMB6mTlBoFpccUMWX
-BwQgQn1UoWCvYAlhDzURdbui64Dc0rS2wtj+kE/InS6y25EEEPe4NUKaF8/UlE+lo3LtILQE
-CL3uV8k7m0iqAAAAAAAAAAAAAA==
-
diff --git a/crypto/openssl/crypto/pkcs7/t/s.pem b/crypto/openssl/crypto/pkcs7/t/s.pem
deleted file mode 100644
index 4fa925b1824a..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/s.pem
+++ /dev/null
@@ -1,57 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
-mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
-fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
-zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
-p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
-bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
-IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
------END RSA PRIVATE KEY-----
-issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
-subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
-serial :047D
-
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1149 (0x47d)
-        Signature Algorithm: md5withRSAEncryption
-        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
-        Validity
-            Not Before: May 13 05:40:58 1998 GMT
-            Not After : May 12 05:40:58 2000 GMT
-        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Modulus:
-                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
-                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
-                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
-                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
-                    e7:e7:0c:4d:0b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            Netscape Comment: 
-                Generated with SSLeay
-    Signature Algorithm: md5withRSAEncryption
-        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
-        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
-        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
-        50:74:ad:92:cb:4e:90:e5:fa:7d
-
------BEGIN CERTIFICATE-----
-MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
-MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
-ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
-IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
-NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
-aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
-9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
-lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
-hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
-UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
-4A3ZItobUHStkstOkOX6fQ==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/crypto/pkcs7/t/server.pem b/crypto/openssl/crypto/pkcs7/t/server.pem
deleted file mode 100644
index 989baf87096a..000000000000
--- a/crypto/openssl/crypto/pkcs7/t/server.pem
+++ /dev/null
@@ -1,57 +0,0 @@
-issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
-subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
-serial :047D
-
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1149 (0x47d)
-        Signature Algorithm: md5withRSAEncryption
-        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
-        Validity
-            Not Before: May 13 05:40:58 1998 GMT
-            Not After : May 12 05:40:58 2000 GMT
-        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Modulus:
-                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
-                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
-                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
-                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
-                    e7:e7:0c:4d:0b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            Netscape Comment: 
-                Generated with SSLeay
-    Signature Algorithm: md5withRSAEncryption
-        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
-        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
-        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
-        50:74:ad:92:cb:4e:90:e5:fa:7d
-
------BEGIN CERTIFICATE-----
-MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
-MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
-ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
-IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
-NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
-dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
-aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
-9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
-lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
-hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
-UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
-4A3ZItobUHStkstOkOX6fQ==
------END CERTIFICATE-----
-
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
-mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
-fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
-zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
-p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
-bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
-IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/crypto/pkcs7/verify.c b/crypto/openssl/crypto/pkcs7/verify.c
deleted file mode 100644
index b40f26032ec6..000000000000
--- a/crypto/openssl/crypto/pkcs7/verify.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* crypto/pkcs7/verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include "example.h"
-
-int verify_callback(int ok, X509_STORE_CTX *ctx);
-
-BIO *bio_err=NULL;
-BIO *bio_out=NULL;
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	PKCS7 *p7;
-	PKCS7_SIGNER_INFO *si;
-	X509_STORE_CTX cert_ctx;
-	X509_STORE *cert_store=NULL;
-	BIO *data,*detached=NULL,*p7bio=NULL;
-	char buf[1024*4];
-	char *pp;
-	int i,printit=0;
-	STACK_OF(PKCS7_SIGNER_INFO) *sk;
-
-	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
-#endif
-#ifndef OPENSSL_NO_MD5
-	EVP_add_digest(EVP_md5());
-#endif
-#ifndef OPENSSL_NO_SHA1
-	EVP_add_digest(EVP_sha1());
-#endif
-#ifndef OPENSSL_NO_MDC2
-	EVP_add_digest(EVP_mdc2());
-#endif
-
-	data=BIO_new(BIO_s_file());
-
-	pp=NULL;
-	while (argc > 1)
-		{
-		argc--;
-		argv++;
-		if (strcmp(argv[0],"-p") == 0)
-			{
-			printit=1;
-			}
-		else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
-			{
-			detached=BIO_new(BIO_s_file());
-			if (!BIO_read_filename(detached,argv[1]))
-				goto err;
-			argc--;
-			argv++;
-			}
-		else
-			{
-			pp=argv[0];
-			if (!BIO_read_filename(data,argv[0]))
-				goto err;
-			}
-		}
-
-	if (pp == NULL)
-		BIO_set_fp(data,stdin,BIO_NOCLOSE);
-
-
-	/* Load the PKCS7 object from a file */
-	if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err;
-
-	/* This stuff is being setup for certificate verification.
-	 * When using SSL, it could be replaced with a 
-	 * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
-	cert_store=X509_STORE_new();
-	X509_STORE_set_default_paths(cert_store);
-	X509_STORE_load_locations(cert_store,NULL,"../../certs");
-	X509_STORE_set_verify_cb_func(cert_store,verify_callback);
-
-	ERR_clear_error();
-
-	/* We need to process the data */
-	if ((PKCS7_get_detached(p7) || detached))
-		{
-		if (detached == NULL)
-			{
-			printf("no data to verify the signature on\n");
-			exit(1);
-			}
-		else
-			p7bio=PKCS7_dataInit(p7,detached);
-		}
-	else
-		{
-		p7bio=PKCS7_dataInit(p7,NULL);
-		}
-
-	/* We now have to 'read' from p7bio to calculate digests etc. */
-	for (;;)
-		{
-		i=BIO_read(p7bio,buf,sizeof(buf));
-		/* print it? */
-		if (i <= 0) break;
-		}
-
-	/* We can now verify signatures */
-	sk=PKCS7_get_signer_info(p7);
-	if (sk == NULL)
-		{
-		printf("there are no signatures on this data\n");
-		exit(1);
-		}
-
-	/* Ok, first we need to, for each subject entry, see if we can verify */
-	for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++)
-		{
-		ASN1_UTCTIME *tm;
-		char *str1,*str2;
-		int rc;
-
-		si=sk_PKCS7_SIGNER_INFO_value(sk,i);
-		rc=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
-		if (rc <= 0)
-			goto err;
-		printf("signer info\n");
-		if ((tm=get_signed_time(si)) != NULL)
-			{
-			BIO_printf(bio_out,"Signed time:");
-			ASN1_UTCTIME_print(bio_out,tm);
-			ASN1_UTCTIME_free(tm);
-			BIO_printf(bio_out,"\n");
-			}
-		if (get_signed_seq2string(si,&str1,&str2))
-			{
-			BIO_printf(bio_out,"String 1 is %s\n",str1);
-			BIO_printf(bio_out,"String 2 is %s\n",str2);
-			}
-
-		}
-
-	X509_STORE_free(cert_store);
-
-	printf("done\n");
-	exit(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	exit(1);
-	}
-
-/* should be X509 * but we can just have them as char *. */
-int verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	char buf[256];
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
-
-	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
-	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-		if (depth < 6)
-			{
-			ok=1;
-			X509_STORE_CTX_set_error(ctx,X509_V_OK);
-			}
-		else
-			{
-			ok=0;
-			X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
-			}
-		}
-	switch (ctx->error)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
-		BIO_printf(bio_err,"issuer= %s\n",buf);
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-		}
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/rand/Makefile.save b/crypto/openssl/crypto/rand/Makefile.save
deleted file mode 100644
index e9a6876b5a74..000000000000
--- a/crypto/openssl/crypto/rand/Makefile.save
+++ /dev/null
@@ -1,108 +0,0 @@
-#
-# SSLeay/crypto/rand/Makefile
-#
-
-DIR=	rand
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= randtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c rand_win.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o rand_win.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rand.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-md_rand.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-md_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-md_rand.o: ../../include/openssl/symhacks.h rand_lcl.h
-rand_egd.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
-rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-rand_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-rand_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rand_err.o: ../../include/openssl/symhacks.h
-rand_lib.o: ../../include/openssl/rand.h
-rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-rand_win.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_win.o: ../cryptlib.h rand_lcl.h
-randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-randfile.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-randfile.o: ../../include/openssl/symhacks.h
diff --git a/crypto/openssl/crypto/rand/Makefile.ssl b/crypto/openssl/crypto/rand/Makefile.ssl
deleted file mode 100644
index b25421e3ab45..000000000000
--- a/crypto/openssl/crypto/rand/Makefile.ssl
+++ /dev/null
@@ -1,194 +0,0 @@
-#
-# SSLeay/crypto/rand/Makefile
-#
-
-DIR=	rand
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= randtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
-	rand_win.c rand_unix.c rand_os2.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
-	rand_win.o rand_unix.o rand_os2.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rand.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md_rand.o: ../../e_os.h ../../include/openssl/aes.h
-md_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-md_rand.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-md_rand.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-md_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-md_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-md_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-md_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-md_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-md_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-md_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-md_rand.o: md_rand.c rand_lcl.h
-rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rand_egd.o: rand_egd.c
-rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_err.o: rand_err.c
-rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rand_lib.o: ../../include/openssl/opensslconf.h
-rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-rand_lib.o: ../cryptlib.h rand_lib.c
-rand_os2.o: ../../e_os.h ../../include/openssl/aes.h
-rand_os2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rand_os2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_os2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rand_os2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_os2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rand_os2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rand_os2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_os2.o: ../../include/openssl/opensslconf.h
-rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-rand_os2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-rand_os2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-rand_os2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_os2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_os2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rand_os2.o: ../cryptlib.h rand_lcl.h rand_os2.c
-rand_unix.o: ../../e_os.h ../../include/openssl/aes.h
-rand_unix.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rand_unix.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_unix.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rand_unix.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_unix.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rand_unix.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rand_unix.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_unix.o: ../../include/openssl/opensslconf.h
-rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-rand_unix.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-rand_unix.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-rand_unix.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_unix.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_unix.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rand_unix.o: ../cryptlib.h rand_lcl.h rand_unix.c
-rand_win.o: ../../e_os.h ../../include/openssl/aes.h
-rand_win.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rand_win.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_win.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rand_win.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_win.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rand_win.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rand_win.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_win.o: ../../include/openssl/opensslconf.h
-rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_win.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-rand_win.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-rand_win.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c
-randfile.o: ../../e_os.h ../../include/openssl/crypto.h
-randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-randfile.o: randfile.c
diff --git a/crypto/openssl/crypto/rand/md_rand.c b/crypto/openssl/crypto/rand/md_rand.c
deleted file mode 100644
index eeffc0df4cb3..000000000000
--- a/crypto/openssl/crypto/rand/md_rand.c
+++ /dev/null
@@ -1,572 +0,0 @@
-/* crypto/rand/md_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifdef MD_RAND_DEBUG
-# ifndef NDEBUG
-#   define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-
-#ifdef BN_DEBUG
-# define PREDICT
-#endif
-
-/* #define PREDICT	1 */
-
-#define STATE_SIZE	1023
-static int state_num=0,state_index=0;
-static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
-static unsigned char md[MD_DIGEST_LENGTH];
-static long md_count[2]={0,0};
-static double entropy=0;
-static int initialized=0;
-
-static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
-                                           * holds CRYPTO_LOCK_RAND
-                                           * (to prevent double locking) */
-/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
-
-
-#ifdef PREDICT
-int rand_predictable=0;
-#endif
-
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
-
-static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num);
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
-static int ssleay_rand_status(void);
-
-RAND_METHOD rand_ssleay_meth={
-	ssleay_rand_seed,
-	ssleay_rand_bytes,
-	ssleay_rand_cleanup,
-	ssleay_rand_add,
-	ssleay_rand_pseudo_bytes,
-	ssleay_rand_status
-	}; 
-
-RAND_METHOD *RAND_SSLeay(void)
-	{
-	return(&rand_ssleay_meth);
-	}
-
-static void ssleay_rand_cleanup(void)
-	{
-	OPENSSL_cleanse(state,sizeof(state));
-	state_num=0;
-	state_index=0;
-	OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
-	md_count[0]=0;
-	md_count[1]=0;
-	entropy=0;
-	initialized=0;
-	}
-
-static void ssleay_rand_add(const void *buf, int num, double add)
-	{
-	int i,j,k,st_idx;
-	long md_c[2];
-	unsigned char local_md[MD_DIGEST_LENGTH];
-	EVP_MD_CTX m;
-	int do_not_lock;
-
-	/*
-	 * (Based on the rand(3) manpage)
-	 *
-	 * The input is chopped up into units of 20 bytes (or less for
-	 * the last block).  Each of these blocks is run through the hash
-	 * function as follows:  The data passed to the hash function
-	 * is the current 'md', the same number of bytes from the 'state'
-	 * (the location determined by in incremented looping index) as
-	 * the current 'block', the new key data 'block', and 'count'
-	 * (which is incremented after each use).
-	 * The result of this is kept in 'md' and also xored into the
-	 * 'state' at the same locations that were used as input into the
-         * hash function.
-	 */
-
-	/* check if we already have the lock */
-	if (crypto_lock_rand)
-		{
-		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-		do_not_lock = (locking_thread == CRYPTO_thread_id());
-		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-		}
-	else
-		do_not_lock = 0;
-
-	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-	st_idx=state_index;
-
-	/* use our own copies of the counters so that even
-	 * if a concurrent thread seeds with exactly the
-	 * same data and uses the same subarray there's _some_
-	 * difference */
-	md_c[0] = md_count[0];
-	md_c[1] = md_count[1];
-
-	memcpy(local_md, md, sizeof md);
-
-	/* state_index <= state_num <= STATE_SIZE */
-	state_index += num;
-	if (state_index >= STATE_SIZE)
-		{
-		state_index%=STATE_SIZE;
-		state_num=STATE_SIZE;
-		}
-	else if (state_num < STATE_SIZE)	
-		{
-		if (state_index > state_num)
-			state_num=state_index;
-		}
-	/* state_index <= state_num <= STATE_SIZE */
-
-	/* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE]
-	 * are what we will use now, but other threads may use them
-	 * as well */
-
-	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
-
-	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-	EVP_MD_CTX_init(&m);
-	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
-		{
-		j=(num-i);
-		j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
-
-		MD_Init(&m);
-		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-		k=(st_idx+j)-STATE_SIZE;
-		if (k > 0)
-			{
-			MD_Update(&m,&(state[st_idx]),j-k);
-			MD_Update(&m,&(state[0]),k);
-			}
-		else
-			MD_Update(&m,&(state[st_idx]),j);
-			
-		MD_Update(&m,buf,j);
-		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-		MD_Final(&m,local_md);
-		md_c[1]++;
-
-		buf=(const char *)buf + j;
-
-		for (k=0; k<j; k++)
-			{
-			/* Parallel threads may interfere with this,
-			 * but always each byte of the new state is
-			 * the XOR of some previous value of its
-			 * and local_md (itermediate values may be lost).
-			 * Alway using locking could hurt performance more
-			 * than necessary given that conflicts occur only
-			 * when the total seeding is longer than the random
-			 * state. */
-			state[st_idx++]^=local_md[k];
-			if (st_idx >= STATE_SIZE)
-				st_idx=0;
-			}
-		}
-	EVP_MD_CTX_cleanup(&m);
-
-	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-	/* Don't just copy back local_md into md -- this could mean that
-	 * other thread's seeding remains without effect (except for
-	 * the incremented counter).  By XORing it we keep at least as
-	 * much entropy as fits into md. */
-	for (k = 0; k < sizeof md; k++)
-		{
-		md[k] ^= local_md[k];
-		}
-	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
-	    entropy += add;
-	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-	
-#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
-	assert(md_c[1] == md_count[1]);
-#endif
-	}
-
-static void ssleay_rand_seed(const void *buf, int num)
-	{
-	ssleay_rand_add(buf, num, num);
-	}
-
-static int ssleay_rand_bytes(unsigned char *buf, int num)
-	{
-	static volatile int stirred_pool = 0;
-	int i,j,k,st_num,st_idx;
-	int num_ceil;
-	int ok;
-	long md_c[2];
-	unsigned char local_md[MD_DIGEST_LENGTH];
-	EVP_MD_CTX m;
-#ifndef GETPID_IS_MEANINGLESS
-	pid_t curr_pid = getpid();
-#endif
-	int do_stir_pool = 0;
-
-#ifdef PREDICT
-	if (rand_predictable)
-		{
-		static unsigned char val=0;
-
-		for (i=0; i<num; i++)
-			buf[i]=val++;
-		return(1);
-		}
-#endif
-
-	if (num <= 0)
-		return 1;
-
-	EVP_MD_CTX_init(&m);
-	/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
-	num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
-
-	/*
-	 * (Based on the rand(3) manpage:)
-	 *
-	 * For each group of 10 bytes (or less), we do the following:
-	 *
-	 * Input into the hash function the local 'md' (which is initialized from
-	 * the global 'md' before any bytes are generated), the bytes that are to
-	 * be overwritten by the random bytes, and bytes from the 'state'
-	 * (incrementing looping index). From this digest output (which is kept
-	 * in 'md'), the top (up to) 10 bytes are returned to the caller and the
-	 * bottom 10 bytes are xored into the 'state'.
-	 * 
-	 * Finally, after we have finished 'num' random bytes for the
-	 * caller, 'count' (which is incremented) and the local and global 'md'
-	 * are fed into the hash function and the results are kept in the
-	 * global 'md'.
-	 */
-
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-	locking_thread = CRYPTO_thread_id();
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-	crypto_lock_rand = 1;
-
-	if (!initialized)
-		{
-		RAND_poll();
-		initialized = 1;
-		}
-	
-	if (!stirred_pool)
-		do_stir_pool = 1;
-	
-	ok = (entropy >= ENTROPY_NEEDED);
-	if (!ok)
-		{
-		/* If the PRNG state is not yet unpredictable, then seeing
-		 * the PRNG output may help attackers to determine the new
-		 * state; thus we have to decrease the entropy estimate.
-		 * Once we've had enough initial seeding we don't bother to
-		 * adjust the entropy count, though, because we're not ambitious
-		 * to provide *information-theoretic* randomness.
-		 *
-		 * NOTE: This approach fails if the program forks before
-		 * we have enough entropy. Entropy should be collected
-		 * in a separate input pool and be transferred to the
-		 * output pool only when the entropy limit has been reached.
-		 */
-		entropy -= num;
-		if (entropy < 0)
-			entropy = 0;
-		}
-
-	if (do_stir_pool)
-		{
-		/* In the output function only half of 'md' remains secret,
-		 * so we better make sure that the required entropy gets
-		 * 'evenly distributed' through 'state', our randomness pool.
-		 * The input function (ssleay_rand_add) chains all of 'md',
-		 * which makes it more suitable for this purpose.
-		 */
-
-		int n = STATE_SIZE; /* so that the complete pool gets accessed */
-		while (n > 0)
-			{
-#if MD_DIGEST_LENGTH > 20
-# error "Please adjust DUMMY_SEED."
-#endif
-#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
-			/* Note that the seed does not matter, it's just that
-			 * ssleay_rand_add expects to have something to hash. */
-			ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
-			n -= MD_DIGEST_LENGTH;
-			}
-		if (ok)
-			stirred_pool = 1;
-		}
-
-	st_idx=state_index;
-	st_num=state_num;
-	md_c[0] = md_count[0];
-	md_c[1] = md_count[1];
-	memcpy(local_md, md, sizeof md);
-
-	state_index+=num_ceil;
-	if (state_index > state_num)
-		state_index %= state_num;
-
-	/* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num]
-	 * are now ours (but other threads may use them too) */
-
-	md_count[0] += 1;
-
-	/* before unlocking, we must clear 'crypto_lock_rand' */
-	crypto_lock_rand = 0;
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-	while (num > 0)
-		{
-		/* num_ceil -= MD_DIGEST_LENGTH/2 */
-		j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
-		num-=j;
-		MD_Init(&m);
-#ifndef GETPID_IS_MEANINGLESS
-		if (curr_pid) /* just in the first iteration to save time */
-			{
-			MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
-			curr_pid = 0;
-			}
-#endif
-		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-#ifndef PURIFY
-		MD_Update(&m,buf,j); /* purify complains */
-#endif
-		k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
-		if (k > 0)
-			{
-			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
-			MD_Update(&m,&(state[0]),k);
-			}
-		else
-			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
-		MD_Final(&m,local_md);
-
-		for (i=0; i<MD_DIGEST_LENGTH/2; i++)
-			{
-			state[st_idx++]^=local_md[i]; /* may compete with other threads */
-			if (st_idx >= st_num)
-				st_idx=0;
-			if (i < j)
-				*(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
-			}
-		}
-
-	MD_Init(&m);
-	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-	MD_Update(&m,md,MD_DIGEST_LENGTH);
-	MD_Final(&m,md);
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-	EVP_MD_CTX_cleanup(&m);
-	if (ok)
-		return(1);
-	else
-		{
-		RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
-		ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
-			"http://www.openssl.org/support/faq.html");
-		return(0);
-		}
-	}
-
-/* pseudo-random bytes that are guaranteed to be unique but not
-   unpredictable */
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 
-	{
-	int ret;
-	unsigned long err;
-
-	ret = RAND_bytes(buf, num);
-	if (ret == 0)
-		{
-		err = ERR_peek_error();
-		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
-		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-			(void)ERR_get_error();
-		}
-	return (ret);
-	}
-
-static int ssleay_rand_status(void)
-	{
-	int ret;
-	int do_not_lock;
-
-	/* check if we already have the lock
-	 * (could happen if a RAND_poll() implementation calls RAND_status()) */
-	if (crypto_lock_rand)
-		{
-		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-		do_not_lock = (locking_thread == CRYPTO_thread_id());
-		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-		}
-	else
-		do_not_lock = 0;
-	
-	if (!do_not_lock)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-		
-		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-		CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-		locking_thread = CRYPTO_thread_id();
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-		crypto_lock_rand = 1;
-		}
-	
-	if (!initialized)
-		{
-		RAND_poll();
-		initialized = 1;
-		}
-
-	ret = entropy >= ENTROPY_NEEDED;
-
-	if (!do_not_lock)
-		{
-		/* before unlocking, we must clear 'crypto_lock_rand' */
-		crypto_lock_rand = 0;
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-		}
-	
-	return ret;
-	}
diff --git a/crypto/openssl/crypto/rand/rand.h b/crypto/openssl/crypto/rand/rand.h
deleted file mode 100644
index 606382dd211c..000000000000
--- a/crypto/openssl/crypto/rand/rand.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/rand/rand.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RAND_H
-#define HEADER_RAND_H
-
-#include <stdlib.h>
-#include <openssl/ossl_typ.h>
-#include <openssl/e_os2.h>
-
-#if defined(OPENSSL_SYS_WINDOWS)
-#include <windows.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rand_meth_st
-	{
-	void (*seed)(const void *buf, int num);
-	int (*bytes)(unsigned char *buf, int num);
-	void (*cleanup)(void);
-	void (*add)(const void *buf, int num, double entropy);
-	int (*pseudorand)(unsigned char *buf, int num);
-	int (*status)(void);
-	} RAND_METHOD;
-
-#ifdef BN_DEBUG
-extern int rand_predictable;
-#endif
-
-int RAND_set_rand_method(const RAND_METHOD *meth);
-const RAND_METHOD *RAND_get_rand_method(void);
-#ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine);
-#endif
-RAND_METHOD *RAND_SSLeay(void);
-void RAND_cleanup(void );
-int  RAND_bytes(unsigned char *buf,int num);
-int  RAND_pseudo_bytes(unsigned char *buf,int num);
-void RAND_seed(const void *buf,int num);
-void RAND_add(const void *buf,int num,double entropy);
-int  RAND_load_file(const char *file,long max_bytes);
-int  RAND_write_file(const char *file);
-const char *RAND_file_name(char *file,size_t num);
-int RAND_status(void);
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
-int RAND_egd(const char *path);
-int RAND_egd_bytes(const char *path,int bytes);
-int RAND_poll(void);
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-
-void RAND_screen(void);
-int RAND_event(UINT, WPARAM, LPARAM);
-
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RAND_strings(void);
-
-/* Error codes for the RAND functions. */
-
-/* Function codes. */
-#define RAND_F_RAND_GET_RAND_METHOD			 101
-#define RAND_F_SSLEAY_RAND_BYTES			 100
-
-/* Reason codes. */
-#define RAND_R_PRNG_NOT_SEEDED				 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/rand/rand_egd.c b/crypto/openssl/crypto/rand/rand_egd.c
deleted file mode 100644
index 1f168221e3c9..000000000000
--- a/crypto/openssl/crypto/rand/rand_egd.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/* crypto/rand/rand_egd.c */
-/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/e_os2.h>
-#include <openssl/rand.h>
-
-/*
- * Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
- *
- * This module supplies three routines:
- *
- * RAND_query_egd_bytes(path, buf, bytes)
- *   will actually query "bytes" bytes of entropy form the egd-socket located
- *   at path and will write them to buf (if supplied) or will directly feed
- *   it to RAND_seed() if buf==NULL.
- *   The number of bytes is not limited by the maximum chunk size of EGD,
- *   which is 255 bytes. If more than 255 bytes are wanted, several chunks
- *   of entropy bytes are requested. The connection is left open until the
- *   query is competed.
- *   RAND_query_egd_bytes() returns with
- *     -1  if an error occured during connection or communication.
- *     num the number of bytes read from the EGD socket. This number is either
- *         the number of bytes requested or smaller, if the EGD pool is
- *         drained and the daemon signals that the pool is empty.
- *   This routine does not touch any RAND_status(). This is necessary, since
- *   PRNG functions may call it during initialization.
- *
- * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them
- *   used to seed the PRNG.
- *   RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL.
- *   Unlike RAND_query_egd_bytes(), RAND_status() is used to test the
- *   seed status so that the return value can reflect the seed state:
- *     -1  if an error occured during connection or communication _or_
- *         if the PRNG has still not received the required seeding.
- *     num the number of bytes read from the EGD socket. This number is either
- *         the number of bytes requested or smaller, if the EGD pool is
- *         drained and the daemon signals that the pool is empty.
- *
- * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed
- *   the PRNG.
- *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
- */
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS)
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
-	{
-	return(-1);
-	}
-int RAND_egd(const char *path)
-	{
-	return(-1);
-	}
-
-int RAND_egd_bytes(const char *path,int bytes)
-	{
-	return(-1);
-	}
-#else
-#include <openssl/opensslconf.h>
-#include OPENSSL_UNISTD
-#include <sys/types.h>
-#include <sys/socket.h>
-#ifndef NO_SYS_UN_H
-# ifdef OPENSSL_SYS_VXWORKS
-#   include <streams/un.h>
-# else
-#   include <sys/un.h>
-# endif
-#else
-struct	sockaddr_un {
-	short	sun_family;		/* AF_UNIX */
-	char	sun_path[108];		/* path name (gag) */
-};
-#endif /* NO_SYS_UN_H */
-#include <string.h>
-#include <errno.h>
-
-#ifndef offsetof
-#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
-#endif
-
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
-	{
-	int ret = 0;
-	struct sockaddr_un addr;
-	int len, num, numbytes;
-	int fd = -1;
-	int success;
-	unsigned char egdbuf[2], tempbuf[255], *retrievebuf;
-
-	memset(&addr, 0, sizeof(addr));
-	addr.sun_family = AF_UNIX;
-	if (strlen(path) >= sizeof(addr.sun_path))
-		return (-1);
-	strcpy(addr.sun_path,path);
-	len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
-	fd = socket(AF_UNIX, SOCK_STREAM, 0);
-	if (fd == -1) return (-1);
-	success = 0;
-	while (!success)
-	    {
-	    if (connect(fd, (struct sockaddr *)&addr, len) == 0)
-	       success = 1;
-	    else
-		{
-		switch (errno)
-		    {
-#ifdef EINTR
-		    case EINTR:
-#endif
-#ifdef EAGAIN
-		    case EAGAIN:
-#endif
-#ifdef EINPROGRESS
-		    case EINPROGRESS:
-#endif
-#ifdef EALREADY
-		    case EALREADY:
-#endif
-			/* No error, try again */
-			break;
-#ifdef EISCONN
-		    case EISCONN:
-			success = 1;
-			break;
-#endif
-		    default:
-			goto err;	/* failure */
-		    }
-		}
-	    }
-
-	while(bytes > 0)
-	    {
-	    egdbuf[0] = 1;
-	    egdbuf[1] = bytes < 255 ? bytes : 255;
-	    numbytes = 0;
-	    while (numbytes != 2)
-		{
-	        num = write(fd, egdbuf + numbytes, 2 - numbytes);
-	        if (num >= 0)
-		    numbytes += num;
-	    	else
-		    {
-		    switch (errno)
-		    	{
-#ifdef EINTR
-		    	case EINTR:
-#endif
-#ifdef EAGAIN
-		    	case EAGAIN:
-#endif
-			    /* No error, try again */
-			    break;
-		    	default:
-			    ret = -1;
-			    goto err;	/* failure */
-			}
-		    }
-		}
-	    numbytes = 0;
-	    while (numbytes != 1)
-		{
-	        num = read(fd, egdbuf, 1);
-	        if (num >= 0)
-		    numbytes += num;
-	    	else
-		    {
-		    switch (errno)
-		    	{
-#ifdef EINTR
-		    	case EINTR:
-#endif
-#ifdef EAGAIN
-		    	case EAGAIN:
-#endif
-			    /* No error, try again */
-			    break;
-		    	default:
-			    ret = -1;
-			    goto err;	/* failure */
-			}
-		    }
-		}
-	    if(egdbuf[0] == 0)
-		goto err;
-	    if (buf)
-		retrievebuf = buf + ret;
-	    else
-		retrievebuf = tempbuf;
-	    numbytes = 0;
-	    while (numbytes != egdbuf[0])
-		{
-	        num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
-	        if (num >= 0)
-		    numbytes += num;
-	    	else
-		    {
-		    switch (errno)
-		    	{
-#ifdef EINTR
-		    	case EINTR:
-#endif
-#ifdef EAGAIN
-		    	case EAGAIN:
-#endif
-			    /* No error, try again */
-			    break;
-		    	default:
-			    ret = -1;
-			    goto err;	/* failure */
-			}
-		    }
-		}
-	    ret += egdbuf[0];
-	    bytes -= egdbuf[0];
-	    if (!buf)
-		RAND_seed(tempbuf, egdbuf[0]);
-	    }
- err:
-	if (fd != -1) close(fd);
-	return(ret);
-	}
-
-
-int RAND_egd_bytes(const char *path, int bytes)
-	{
-	int num, ret = 0;
-
-	num = RAND_query_egd_bytes(path, NULL, bytes);
-	if (num < 1) goto err;
-	if (RAND_status() == 1)
-	    ret = num;
- err:
-	return(ret);
-	}
-
-
-int RAND_egd(const char *path)
-	{
-	return (RAND_egd_bytes(path, 255));
-	}
-
-
-#endif
diff --git a/crypto/openssl/crypto/rand/rand_err.c b/crypto/openssl/crypto/rand/rand_err.c
deleted file mode 100644
index b77267e213ba..000000000000
--- a/crypto/openssl/crypto/rand/rand_err.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/rand/rand_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA RAND_str_functs[]=
-	{
-{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0),	"RAND_get_rand_method"},
-{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),	"SSLEAY_RAND_BYTES"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA RAND_str_reasons[]=
-	{
-{RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_RAND_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
-		ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/rand/rand_lcl.h b/crypto/openssl/crypto/rand/rand_lcl.h
deleted file mode 100755
index 618a8ec899ce..000000000000
--- a/crypto/openssl/crypto/rand/rand_lcl.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/rand/rand_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_RAND_LCL_H
-#define HEADER_RAND_LCL_H
-
-#define ENTROPY_NEEDED 32  /* require 256 bits = 32 bytes of randomness */
-
-
-#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-#define USE_SHA1_RAND
-#elif !defined(OPENSSL_NO_MD5)
-#define USE_MD5_RAND
-#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-#define USE_MDC2_RAND
-#elif !defined(OPENSSL_NO_MD2)
-#define USE_MD2_RAND
-#else
-#error No message digest algorithm available
-#endif
-#endif
-
-#include <openssl/evp.h>
-#define MD_Update(a,b,c)	EVP_DigestUpdate(a,b,c)
-#define	MD_Final(a,b)		EVP_DigestFinal_ex(a,b,NULL)
-#if defined(USE_MD5_RAND)
-#include <openssl/md5.h>
-#define MD_DIGEST_LENGTH	MD5_DIGEST_LENGTH
-#define MD_Init(a)		EVP_DigestInit_ex(a,EVP_md5(), NULL)
-#define	MD(a,b,c)		EVP_Digest(a,b,c,NULL,EVP_md5(), NULL)
-#elif defined(USE_SHA1_RAND)
-#include <openssl/sha.h>
-#define MD_DIGEST_LENGTH	SHA_DIGEST_LENGTH
-#define MD_Init(a)		EVP_DigestInit_ex(a,EVP_sha1(), NULL)
-#define	MD(a,b,c)		EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
-#elif defined(USE_MDC2_RAND)
-#include <openssl/mdc2.h>
-#define MD_DIGEST_LENGTH	MDC2_DIGEST_LENGTH
-#define MD_Init(a)		EVP_DigestInit_ex(a,EVP_mdc2(), NULL)
-#define	MD(a,b,c)		EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL)
-#elif defined(USE_MD2_RAND)
-#include <openssl/md2.h>
-#define MD_DIGEST_LENGTH	MD2_DIGEST_LENGTH
-#define MD_Init(a)		EVP_DigestInit_ex(a,EVP_md2(), NULL)
-#define	MD(a,b,c)		EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
-#endif
-
-
-#endif
diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_lib.c
deleted file mode 100644
index 513e3389859e..000000000000
--- a/crypto/openssl/crypto/rand/rand_lib.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/* crypto/rand/rand_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-/* non-NULL if default_RAND_meth is ENGINE-provided */
-static ENGINE *funct_ref =NULL;
-#endif
-static const RAND_METHOD *default_RAND_meth = NULL;
-
-int RAND_set_rand_method(const RAND_METHOD *meth)
-	{
-#ifndef OPENSSL_NO_ENGINE
-	if(funct_ref)
-		{
-		ENGINE_finish(funct_ref);
-		funct_ref = NULL;
-		}
-#endif
-	default_RAND_meth = meth;
-	return 1;
-	}
-
-const RAND_METHOD *RAND_get_rand_method(void)
-	{
-	if (!default_RAND_meth)
-		{
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE *e = ENGINE_get_default_RAND();
-		if(e)
-			{
-			default_RAND_meth = ENGINE_get_RAND(e);
-			if(!default_RAND_meth)
-				{
-				ENGINE_finish(e);
-				e = NULL;
-				}
-			}
-		if(e)
-			funct_ref = e;
-		else
-#endif
-			default_RAND_meth = RAND_SSLeay();
-		}
-	return default_RAND_meth;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine)
-	{
-	const RAND_METHOD *tmp_meth = NULL;
-	if(engine)
-		{
-		if(!ENGINE_init(engine))
-			return 0;
-		tmp_meth = ENGINE_get_RAND(engine);
-		if(!tmp_meth)
-			{
-			ENGINE_finish(engine);
-			return 0;
-			}
-		}
-	/* This function releases any prior ENGINE so call it first */
-	RAND_set_rand_method(tmp_meth);
-	funct_ref = engine;
-	return 1;
-	}
-#endif
-
-void RAND_cleanup(void)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->cleanup)
-		meth->cleanup();
-	RAND_set_rand_method(NULL);
-	}
-
-void RAND_seed(const void *buf, int num)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->seed)
-		meth->seed(buf,num);
-	}
-
-void RAND_add(const void *buf, int num, double entropy)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->add)
-		meth->add(buf,num,entropy);
-	}
-
-int RAND_bytes(unsigned char *buf, int num)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->bytes)
-		return meth->bytes(buf,num);
-	return(-1);
-	}
-
-int RAND_pseudo_bytes(unsigned char *buf, int num)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->pseudorand)
-		return meth->pseudorand(buf,num);
-	return(-1);
-	}
-
-int RAND_status(void)
-	{
-	const RAND_METHOD *meth = RAND_get_rand_method();
-	if (meth && meth->status)
-		return meth->status();
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/rand/rand_os2.c b/crypto/openssl/crypto/rand/rand_os2.c
deleted file mode 100644
index c3e36d4e5e33..000000000000
--- a/crypto/openssl/crypto/rand/rand_os2.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/* crypto/rand/rand_os2.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#ifdef OPENSSL_SYS_OS2
-
-#define INCL_DOSPROCESS
-#define INCL_DOSPROFILE
-#define INCL_DOSMISC
-#define INCL_DOSMODULEMGR
-#include <os2.h>
-
-#define   CMD_KI_RDCNT    (0x63)
-
-typedef struct _CPUUTIL {
-    ULONG ulTimeLow;            /* Low 32 bits of time stamp      */
-    ULONG ulTimeHigh;           /* High 32 bits of time stamp     */
-    ULONG ulIdleLow;            /* Low 32 bits of idle time       */
-    ULONG ulIdleHigh;           /* High 32 bits of idle time      */
-    ULONG ulBusyLow;            /* Low 32 bits of busy time       */
-    ULONG ulBusyHigh;           /* High 32 bits of busy time      */
-    ULONG ulIntrLow;            /* Low 32 bits of interrupt time  */
-    ULONG ulIntrHigh;           /* High 32 bits of interrupt time */
-} CPUUTIL;
-
-APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, ULONG ulParm2, ULONG ulParm3) = NULL;
-APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, ULONG _res_, PVOID buf, ULONG bufsz) = NULL;
-HMODULE hDoscalls = 0;
-
-int RAND_poll(void)
-{
-    char failed_module[20];
-    QWORD qwTime;
-    ULONG SysVars[QSV_FOREGROUND_PROCESS];
-
-    if (hDoscalls == 0) {
-        ULONG rc = DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", &hDoscalls);
-
-        if (rc == 0) {
-            rc = DosQueryProcAddr(hDoscalls, 976, NULL, (PFN *)&DosPerfSysCall);
-
-            if (rc)
-                DosPerfSysCall = NULL;
-
-            rc = DosQueryProcAddr(hDoscalls, 368, NULL, (PFN *)&DosQuerySysState);
-
-            if (rc)
-                DosQuerySysState = NULL;
-        }
-    }
-
-    /* Sample the hi-res timer, runs at around 1.1 MHz */
-    DosTmrQueryTime(&qwTime);
-    RAND_add(&qwTime, sizeof(qwTime), 2);
-
-    /* Sample a bunch of system variables, includes various process & memory statistics */
-    DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars));
-    RAND_add(SysVars, sizeof(SysVars), 4);
-
-    /* If available, sample CPU registers that count at CPU MHz
-     * Only fairly new CPUs (PPro & K6 onwards) & OS/2 versions support this
-     */
-    if (DosPerfSysCall) {
-        CPUUTIL util;
-
-        if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG)&util, 0, 0) == 0) {
-            RAND_add(&util, sizeof(util), 10);
-        }
-        else {
-            DosPerfSysCall = NULL;
-        }
-    }
-
-    /* DosQuerySysState() gives us a huge quantity of process, thread, memory & handle stats */
-    if (DosQuerySysState) {
-        char *buffer = OPENSSL_malloc(256 * 1024);
-
-        if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
-            /* First 4 bytes in buffer is a pointer to the thread count
-             * there should be at least 1 byte of entropy per thread
-             */
-            RAND_add(buffer, 256 * 1024, **(ULONG **)buffer);
-        }
-
-        OPENSSL_free(buffer);
-        return 1;
-    }
-
-    return 0;
-}
-
-#endif /* OPENSSL_SYS_OS2 */
diff --git a/crypto/openssl/crypto/rand/rand_unix.c b/crypto/openssl/crypto/rand/rand_unix.c
deleted file mode 100644
index a776e522431b..000000000000
--- a/crypto/openssl/crypto/rand/rand_unix.c
+++ /dev/null
@@ -1,245 +0,0 @@
-/* crypto/rand/rand_unix.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define USE_SOCKETS
-#include "e_os.h"
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS))
-
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/times.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <time.h>
-
-int RAND_poll(void)
-{
-	unsigned long l;
-	pid_t curr_pid = getpid();
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-	unsigned char tmpbuf[ENTROPY_NEEDED];
-	int n = 0;
-#endif
-#ifdef DEVRANDOM
-	static const char *randomfiles[] = { DEVRANDOM, NULL };
-	const char **randomfile = NULL;
-	int fd;
-#endif
-#ifdef DEVRANDOM_EGD
-	static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
-	const char **egdsocket = NULL;
-#endif
-
-#ifdef DEVRANDOM
-	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
-	 * have this. Use /dev/urandom if you can as /dev/random may block
-	 * if it runs out of random entries.  */
-
-	for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
-		{
-		if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
-#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
-		   our controlling tty */
-			|O_NOCTTY
-#endif
-#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
-			|O_NOFOLLOW
-#endif
-			)) >= 0)
-			{
-			struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
-							      each file. */
-			int r;
-			fd_set fset;
-
-			do
-				{
-				FD_ZERO(&fset);
-				FD_SET(fd, &fset);
-				r = -1;
-
-				if (select(fd+1,&fset,NULL,NULL,&t) < 0)
-					t.tv_usec=0;
-				else if (FD_ISSET(fd, &fset))
-					{
-					r=read(fd,(unsigned char *)tmpbuf+n,
-					       ENTROPY_NEEDED-n);
-					if (r > 0)
-						n += r;
-					}
-
-				/* Some Unixen will update t, some
-				   won't.  For those who won't, give
-				   up here, otherwise, we will do
-				   this once again for the remaining
-				   time. */
-				if (t.tv_usec == 10*1000)
-					t.tv_usec=0;
-				}
-			while ((r > 0 || (errno == EINTR || errno == EAGAIN))
-				&& t.tv_usec != 0 && n < ENTROPY_NEEDED);
-
-			close(fd);
-			}
-		}
-#endif
-
-#ifdef DEVRANDOM_EGD
-	/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
-	 * collecting daemon. */
-
-	for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
-		{
-		int r;
-
-		r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf+n,
-					 ENTROPY_NEEDED-n);
-		if (r > 0)
-			n += r;
-		}
-#endif
-
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-	if (n > 0)
-		{
-		RAND_add(tmpbuf,sizeof tmpbuf,n);
-		OPENSSL_cleanse(tmpbuf,n);
-		}
-#endif
-
-	/* put in some default random data, we need more than just this */
-	l=curr_pid;
-	RAND_add(&l,sizeof(l),0);
-	l=getuid();
-	RAND_add(&l,sizeof(l),0);
-
-	l=time(NULL);
-	RAND_add(&l,sizeof(l),0);
-
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-	return 1;
-#else
-	return 0;
-#endif
-}
-
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-int RAND_poll(void)
-{
-    return 0;
-}
-#endif
diff --git a/crypto/openssl/crypto/rand/rand_vms.c b/crypto/openssl/crypto/rand/rand_vms.c
deleted file mode 100644
index 29b2d7af0b01..000000000000
--- a/crypto/openssl/crypto/rand/rand_vms.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined(OPENSSL_SYS_VMS)
-
-#include <descrip.h>
-#include <jpidef.h>
-#include <ssdef.h>
-#include <starlet.h>
-#ifdef __DECC
-# pragma message disable DOLLARID
-#endif
-
-static struct items_data_st
-	{
-	short length, code;	/* length is amount of bytes */
-	} items_data[] =
-		{ { 4, JPI$_BUFIO },
-		  { 4, JPI$_CPUTIM },
-		  { 4, JPI$_DIRIO },
-		  { 8, JPI$_LOGINTIM },
-		  { 4, JPI$_PAGEFLTS },
-		  { 4, JPI$_PID },
-		  { 4, JPI$_WSSIZE },
-		  { 0, 0 }
-		};
-		  
-int RAND_poll(void)
-	{
-	long pid, iosb[2];
-	int status = 0;
-	struct
-		{
-		short length, code;
-		long *buffer;
-		int *retlen;
-		} item[32], *pitem;
-	unsigned char data_buffer[256];
-	short total_length = 0;
-	struct items_data_st *pitems_data;
-
-	pitems_data = items_data;
-	pitem = item;
-
-	/* Setup */
-	while (pitems_data->length)
-		{
-		pitem->length = pitems_data->length;
-		pitem->code = pitems_data->code;
-		pitem->buffer = (long *)data_buffer[total_length];
-		pitem->retlen = 0;
-		total_length += pitems_data->length;
-		pitems_data++;
-		pitem++;
-		}
-	pitem->length = pitem->code = 0;
-
-	/*
-	 * Scan through all the processes in the system and add entropy with
-	 * results from the processes that were possible to look at.
-	 * However, view the information as only half trustable.
-	 */
-	pid = -1;			/* search context */
-	while ((status = sys$getjpiw(0, &pid,  0, item, iosb, 0, 0))
-		!= SS$_NOMOREPROC)
-		{
-		if (status == SS$_NORMAL)
-			{
-			RAND_add(data_buffer, total_length, total_length/2);
-			}
-		}
-	sys$gettim(iosb);
-	RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb)/2);
-	return 1;
-}
-
-#endif
diff --git a/crypto/openssl/crypto/rand/rand_win.c b/crypto/openssl/crypto/rand/rand_win.c
deleted file mode 100644
index 113b58678f38..000000000000
--- a/crypto/openssl/crypto/rand/rand_win.c
+++ /dev/null
@@ -1,721 +0,0 @@
-/* crypto/rand/rand_win.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-#include <windows.h>
-#ifndef _WIN32_WINNT
-# define _WIN32_WINNT 0x0400
-#endif
-#include <wincrypt.h>
-#include <tlhelp32.h>
-
-/* Intel hardware RNG CSP -- available from
- * http://developer.intel.com/design/security/rng/redist_license.htm
- */
-#define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
-
-static void readtimer(void);
-static void readscreen(void);
-
-/* It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
-   when WINVER is 0x0500 and up, which currently only happens on Win2000.
-   Unfortunately, those are typedefs, so they're a little bit difficult to
-   detect properly.  On the other hand, the macro CURSOR_SHOWING is defined
-   within the same conditional, so it can be use to detect the absence of said
-   typedefs. */
-
-#ifndef CURSOR_SHOWING
-/*
- * Information about the global cursor.
- */
-typedef struct tagCURSORINFO
-{
-    DWORD   cbSize;
-    DWORD   flags;
-    HCURSOR hCursor;
-    POINT   ptScreenPos;
-} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
-
-#define CURSOR_SHOWING     0x00000001
-#endif /* CURSOR_SHOWING */
-
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
-				    DWORD, DWORD);
-typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
-typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
-
-typedef HWND (WINAPI *GETFOREGROUNDWINDOW)(VOID);
-typedef BOOL (WINAPI *GETCURSORINFO)(PCURSORINFO);
-typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT);
-
-typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
-typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD);
-typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32);
-typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32);
-typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32);
-typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
-typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
-
-#include <lmcons.h>
-#ifndef OPENSSL_SYS_WINCE
-#include <lmstats.h>
-#endif
-#if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
-       * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
-       * was added to the Platform SDK to allow the NET API to be used in
-       * non-Unicode applications provided that Unicode strings were still
-       * used for input.  LMSTR is defined as LPWSTR.
-       */
-typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
-        (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
-typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
-#endif /* 1 */
-
-int RAND_poll(void)
-{
-	MEMORYSTATUS m;
-	HCRYPTPROV hProvider = 0;
-	BYTE buf[64];
-	DWORD w;
-	HWND h;
-
-	HMODULE advapi, kernel, user, netapi;
-	CRYPTACQUIRECONTEXT acquire = 0;
-	CRYPTGENRANDOM gen = 0;
-	CRYPTRELEASECONTEXT release = 0;
-#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
-       * section is still experimental, but if all goes well, this conditional
-       * will be removed
-       */
-	NETSTATGET netstatget = 0;
-	NETFREE netfree = 0;
-#endif /* 1 */
-
-	/* Determine the OS version we are on so we can turn off things 
-	 * that do not work properly.
-	 */
-        OSVERSIONINFO osverinfo ;
-        osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
-        GetVersionEx( &osverinfo ) ;
-
-#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
-	/* poll the CryptoAPI PRNG */
-	/* The CryptoAPI returns sizeof(buf) bytes of randomness */
-	if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
-		{
-		if (CryptGenRandom(hProvider, sizeof(buf), buf))
-			RAND_add(buf, sizeof(buf), sizeof(buf));
-		CryptReleaseContext(hProvider, 0); 
-		}
-#endif
-
-	/* load functions dynamically - not available on all systems */
-	advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
-	kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
-	user = LoadLibrary(TEXT("USER32.DLL"));
-	netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
-
-#ifndef OPENSSL_SYS_WINCE
-#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
-       * section is still experimental, but if all goes well, this conditional
-       * will be removed
-       */
-	if (netapi)
-		{
-		netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
-		netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
-		}
-
-	if (netstatget && netfree)
-		{
-		LPBYTE outbuf;
-		/* NetStatisticsGet() is a Unicode only function
- 		 * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
-		 * contains 17 fields.  We treat each field as a source of
-		 * one byte of entropy.
-                 */
-
-		if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0)
-			{
-			RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
-			netfree(outbuf);
-			}
-		if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0)
-			{
-			RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
-			netfree(outbuf);
-			}
-		}
-
-	if (netapi)
-		FreeLibrary(netapi);
-#endif /* 1 */
-#endif /* !OPENSSL_SYS_WINCE */
- 
-#ifndef OPENSSL_SYS_WINCE
-        /* It appears like this can cause an exception deep within ADVAPI32.DLL
-         * at random times on Windows 2000.  Reported by Jeffrey Altman.  
-         * Only use it on NT.
-	 */
-	/* Wolfgang Marczy <WMarczy@topcall.co.at> reports that
-	 * the RegQueryValueEx call below can hang on NT4.0 (SP6).
-	 * So we don't use this at all for now. */
-#if 0
-        if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
-		osverinfo.dwMajorVersion < 5)
-		{
-		/* Read Performance Statistics from NT/2000 registry
-		 * The size of the performance data can vary from call
-		 * to call so we must guess the size of the buffer to use
-		 * and increase its size if we get an ERROR_MORE_DATA
-		 * return instead of ERROR_SUCCESS.
-		 */
-		LONG   rc=ERROR_MORE_DATA;
-		char * buf=NULL;
-		DWORD bufsz=0;
-		DWORD length;
-
-		while (rc == ERROR_MORE_DATA)
-			{
-			buf = realloc(buf,bufsz+8192);
-			if (!buf)
-				break;
-			bufsz += 8192;
-
-			length = bufsz;
-			rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"),
-				NULL, NULL, buf, &length);
-			}
-		if (rc == ERROR_SUCCESS)
-			{
-                        /* For entropy count assume only least significant
-			 * byte of each DWORD is random.
-			 */
-			RAND_add(&length, sizeof(length), 0);
-			RAND_add(buf, length, length / 4.0);
-
-			/* Close the Registry Key to allow Windows to cleanup/close
-			 * the open handle
-			 * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened
-			 *       when the RegQueryValueEx above is done.  However, if
-			 *       it is not explicitly closed, it can cause disk
-			 *       partition manipulation problems.
-			 */
-			RegCloseKey(HKEY_PERFORMANCE_DATA);
-			}
-		if (buf)
-			free(buf);
-		}
-#endif
-#endif /* !OPENSSL_SYS_WINCE */
-
-	if (advapi)
-		{
-		acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
-			TEXT("CryptAcquireContextA"));
-		gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
-			TEXT("CryptGenRandom"));
-		release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
-			TEXT("CryptReleaseContext"));
-		}
-
-	if (acquire && gen && release)
-		{
-		/* poll the CryptoAPI PRNG */
-                /* The CryptoAPI returns sizeof(buf) bytes of randomness */
-		if (acquire(&hProvider, 0, 0, PROV_RSA_FULL,
-			CRYPT_VERIFYCONTEXT))
-			{
-			if (gen(hProvider, sizeof(buf), buf) != 0)
-				{
-				RAND_add(buf, sizeof(buf), 0);
-#if 0
-				printf("randomness from PROV_RSA_FULL\n");
-#endif
-				}
-			release(hProvider, 0); 
-			}
-		
-		/* poll the Pentium PRG with CryptoAPI */
-		if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0))
-			{
-			if (gen(hProvider, sizeof(buf), buf) != 0)
-				{
-				RAND_add(buf, sizeof(buf), sizeof(buf));
-#if 0
-				printf("randomness from PROV_INTEL_SEC\n");
-#endif
-				}
-			release(hProvider, 0);
-			}
-		}
-
-        if (advapi)
-		FreeLibrary(advapi);
-
-	/* timer data */
-	readtimer();
-	
-	/* memory usage statistics */
-	GlobalMemoryStatus(&m);
-	RAND_add(&m, sizeof(m), 1);
-
-	/* process ID */
-	w = GetCurrentProcessId();
-	RAND_add(&w, sizeof(w), 1);
-
-	if (user)
-		{
-		GETCURSORINFO cursor;
-		GETFOREGROUNDWINDOW win;
-		GETQUEUESTATUS queue;
-
-		win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
-		cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
-		queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
-
-		if (win)
-			{
-			/* window handle */
-			h = win();
-			RAND_add(&h, sizeof(h), 0);
-			}
-		if (cursor)
-			{
-			/* unfortunately, its not safe to call GetCursorInfo()
-			 * on NT4 even though it exists in SP3 (or SP6) and
-			 * higher.
-			 */
-			if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
-				osverinfo.dwMajorVersion < 5)
-				cursor = 0;
-			}
-		if (cursor)
-			{
-			/* cursor position */
-                        /* assume 2 bytes of entropy */
-			CURSORINFO ci;
-			ci.cbSize = sizeof(CURSORINFO);
-			if (cursor(&ci))
-				RAND_add(&ci, ci.cbSize, 2);
-			}
-
-		if (queue)
-			{
-			/* message queue status */
-                        /* assume 1 byte of entropy */
-			w = queue(QS_ALLEVENTS);
-			RAND_add(&w, sizeof(w), 1);
-			}
-
-		FreeLibrary(user);
-		}
-
-	/* Toolhelp32 snapshot: enumerate processes, threads, modules and heap
-	 * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
-	 * (Win 9x and 2000 only, not available on NT)
-	 *
-	 * This seeding method was proposed in Peter Gutmann, Software
-	 * Generation of Practically Strong Random Numbers,
-	 * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
-     * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
-	 * (The assignment of entropy estimates below is arbitrary, but based
-	 * on Peter's analysis the full poll appears to be safe. Additional
-	 * interactive seeding is encouraged.)
-	 */
-
-	if (kernel)
-		{
-		CREATETOOLHELP32SNAPSHOT snap;
-		HANDLE handle;
-
-		HEAP32FIRST heap_first;
-		HEAP32NEXT heap_next;
-		HEAP32LIST heaplist_first, heaplist_next;
-		PROCESS32 process_first, process_next;
-		THREAD32 thread_first, thread_next;
-		MODULE32 module_first, module_next;
-
-		HEAPLIST32 hlist;
-		HEAPENTRY32 hentry;
-		PROCESSENTRY32 p;
-		THREADENTRY32 t;
-		MODULEENTRY32 m;
-
-		snap = (CREATETOOLHELP32SNAPSHOT)
-			GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
-		heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
-		heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
-		heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
-		heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
-		process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
-		process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
-		thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
-		thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
-		module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
-		module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
-
-		if (snap && heap_first && heap_next && heaplist_first &&
-			heaplist_next && process_first && process_next &&
-			thread_first && thread_next && module_first &&
-			module_next && (handle = snap(TH32CS_SNAPALL,0))
-			!= NULL)
-			{
-			/* heap list and heap walking */
-                        /* HEAPLIST32 contains 3 fields that will change with
-                         * each entry.  Consider each field a source of 1 byte
-                         * of entropy.
-                         * HEAPENTRY32 contains 5 fields that will change with 
-                         * each entry.  Consider each field a source of 1 byte
-                         * of entropy.
-                         */
-			hlist.dwSize = sizeof(HEAPLIST32);		
-			if (heaplist_first(handle, &hlist))
-				do
-					{
-					RAND_add(&hlist, hlist.dwSize, 3);
-					hentry.dwSize = sizeof(HEAPENTRY32);
-					if (heap_first(&hentry,
-						hlist.th32ProcessID,
-						hlist.th32HeapID))
-						{
-						int entrycnt = 80;
-						do
-							RAND_add(&hentry,
-								hentry.dwSize, 5);
-						while (heap_next(&hentry)
-							&& --entrycnt > 0);
-						}
-					} while (heaplist_next(handle,
-						&hlist));
-			
-			/* process walking */
-                        /* PROCESSENTRY32 contains 9 fields that will change
-                         * with each entry.  Consider each field a source of
-                         * 1 byte of entropy.
-                         */
-			p.dwSize = sizeof(PROCESSENTRY32);
-			if (process_first(handle, &p))
-				do
-					RAND_add(&p, p.dwSize, 9);
-				while (process_next(handle, &p));
-
-			/* thread walking */
-                        /* THREADENTRY32 contains 6 fields that will change
-                         * with each entry.  Consider each field a source of
-                         * 1 byte of entropy.
-                         */
-			t.dwSize = sizeof(THREADENTRY32);
-			if (thread_first(handle, &t))
-				do
-					RAND_add(&t, t.dwSize, 6);
-				while (thread_next(handle, &t));
-
-			/* module walking */
-                        /* MODULEENTRY32 contains 9 fields that will change
-                         * with each entry.  Consider each field a source of
-                         * 1 byte of entropy.
-                         */
-			m.dwSize = sizeof(MODULEENTRY32);
-			if (module_first(handle, &m))
-				do
-					RAND_add(&m, m.dwSize, 9);
-				while (module_next(handle, &m));
-
-			CloseHandle(handle);
-			}
-
-		FreeLibrary(kernel);
-		}
-
-#if 0
-	printf("Exiting RAND_poll\n");
-#endif
-
-	return(1);
-}
-
-int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
-        {
-        double add_entropy=0;
-
-        switch (iMsg)
-                {
-        case WM_KEYDOWN:
-                        {
-                        static WPARAM key;
-                        if (key != wParam)
-                                add_entropy = 0.05;
-                        key = wParam;
-                        }
-                        break;
-	case WM_MOUSEMOVE:
-                        {
-                        static int lastx,lasty,lastdx,lastdy;
-                        int x,y,dx,dy;
-
-                        x=LOWORD(lParam);
-                        y=HIWORD(lParam);
-                        dx=lastx-x;
-                        dy=lasty-y;
-                        if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
-                                add_entropy=.2;
-                        lastx=x, lasty=y;
-                        lastdx=dx, lastdy=dy;
-                        }
-		break;
-		}
-
-	readtimer();
-        RAND_add(&iMsg, sizeof(iMsg), add_entropy);
-	RAND_add(&wParam, sizeof(wParam), 0);
-	RAND_add(&lParam, sizeof(lParam), 0);
- 
-	return (RAND_status());
-	}
-
-
-void RAND_screen(void) /* function available for backward compatibility */
-{
-	RAND_poll();
-	readscreen();
-}
-
-
-/* feed timing information to the PRNG */
-static void readtimer(void)
-{
-	DWORD w;
-	LARGE_INTEGER l;
-	static int have_perfc = 1;
-#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
-	static int have_tsc = 1;
-	DWORD cyclecount;
-
-	if (have_tsc) {
-	  __try {
-	    __asm {
-	      _emit 0x0f
-	      _emit 0x31
-	      mov cyclecount, eax
-	      }
-	    RAND_add(&cyclecount, sizeof(cyclecount), 1);
-	  } __except(EXCEPTION_EXECUTE_HANDLER) {
-	    have_tsc = 0;
-	  }
-	}
-#else
-# define have_tsc 0
-#endif
-
-	if (have_perfc) {
-	  if (QueryPerformanceCounter(&l) == 0)
-	    have_perfc = 0;
-	  else
-	    RAND_add(&l, sizeof(l), 0);
-	}
-
-	if (!have_tsc && !have_perfc) {
-	  w = GetTickCount();
-	  RAND_add(&w, sizeof(w), 0);
-	}
-}
-
-/* feed screen contents to PRNG */
-/*****************************************************************************
- *
- * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
- *
- * Code adapted from
- * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
- * the original copyright message is:
- *
- *   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
- *
- *   You have a royalty-free right to use, modify, reproduce and
- *   distribute the Sample Files (and/or any modified version) in
- *   any way you find useful, provided that you agree that
- *   Microsoft has no warranty obligations or liability for any
- *   Sample Application Files which are modified.
- */
-
-static void readscreen(void)
-{
-#ifndef OPENSSL_SYS_WINCE
-  HDC		hScrDC;		/* screen DC */
-  HDC		hMemDC;		/* memory DC */
-  HBITMAP	hBitmap;	/* handle for our bitmap */
-  HBITMAP	hOldBitmap;	/* handle for previous bitmap */
-  BITMAP	bm;		/* bitmap properties */
-  unsigned int	size;		/* size of bitmap */
-  char		*bmbits;	/* contents of bitmap */
-  int		w;		/* screen width */
-  int		h;		/* screen height */
-  int		y;		/* y-coordinate of screen lines to grab */
-  int		n = 16;		/* number of screen lines to grab at a time */
-
-  /* Create a screen DC and a memory DC compatible to screen DC */
-  hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL);
-  hMemDC = CreateCompatibleDC(hScrDC);
-
-  /* Get screen resolution */
-  w = GetDeviceCaps(hScrDC, HORZRES);
-  h = GetDeviceCaps(hScrDC, VERTRES);
-
-  /* Create a bitmap compatible with the screen DC */
-  hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
-
-  /* Select new bitmap into memory DC */
-  hOldBitmap = SelectObject(hMemDC, hBitmap);
-
-  /* Get bitmap properties */
-  GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
-  size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
-
-  bmbits = OPENSSL_malloc(size);
-  if (bmbits) {
-    /* Now go through the whole screen, repeatedly grabbing n lines */
-    for (y = 0; y < h-n; y += n)
-    	{
-	unsigned char md[MD_DIGEST_LENGTH];
-
-	/* Bitblt screen DC to memory DC */
-	BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
-
-	/* Copy bitmap bits from memory DC to bmbits */
-	GetBitmapBits(hBitmap, size, bmbits);
-
-	/* Get the hash of the bitmap */
-	MD(bmbits,size,md);
-
-	/* Seed the random generator with the hash value */
-	RAND_add(md, MD_DIGEST_LENGTH, 0);
-	}
-
-    OPENSSL_free(bmbits);
-  }
-
-  /* Select old bitmap back into memory DC */
-  hBitmap = SelectObject(hMemDC, hOldBitmap);
-
-  /* Clean up */
-  DeleteObject(hBitmap);
-  DeleteDC(hMemDC);
-  DeleteDC(hScrDC);
-#endif /* !OPENSSL_SYS_WINCE */
-}
-
-#endif
diff --git a/crypto/openssl/crypto/rand/randfile.c b/crypto/openssl/crypto/rand/randfile.c
deleted file mode 100644
index 41574768ab76..000000000000
--- a/crypto/openssl/crypto/rand/randfile.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/* crypto/rand/randfile.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-
-#ifdef OPENSSL_SYS_VMS
-#include <unixio.h>
-#endif
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
-# include <sys/stat.h>
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE	1024
-#define RAND_DATA 1024
-
-/* #define RFILE ".rnd" - defined in ../../e_os.h */
-
-/* Note that these functions are intended for seed files only.
- * Entropy devices and EGD sockets are handled in rand_unix.c */
-
-int RAND_load_file(const char *file, long bytes)
-	{
-	/* If bytes >= 0, read up to 'bytes' bytes.
-	 * if bytes == -1, read complete file. */
-
-	MS_STATIC unsigned char buf[BUFSIZE];
-	struct stat sb;
-	int i,ret=0,n;
-	FILE *in;
-
-	if (file == NULL) return(0);
-
-	i=stat(file,&sb);
-	/* If the state fails, put some crap in anyway */
-	RAND_add(&sb,sizeof(sb),0);
-	if (i < 0) return(0);
-	if (bytes == 0) return(ret);
-
-	in=fopen(file,"rb");
-	if (in == NULL) goto err;
-	for (;;)
-		{
-		if (bytes > 0)
-			n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
-		else
-			n = BUFSIZE;
-		i=fread(buf,1,n,in);
-		if (i <= 0) break;
-		/* even if n != i, use the full array */
-		RAND_add(buf,n,i);
-		ret+=i;
-		if (bytes > 0)
-			{
-			bytes-=n;
-			if (bytes <= 0) break;
-			}
-		}
-	fclose(in);
-	OPENSSL_cleanse(buf,BUFSIZE);
-err:
-	return(ret);
-	}
-
-int RAND_write_file(const char *file)
-	{
-	unsigned char buf[BUFSIZE];
-	int i,ret=0,rand_err=0;
-	FILE *out = NULL;
-	int n;
-	
-#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
-	/* For some reason Win32 can't write to files created this way */
-	
-	/* chmod(..., 0600) is too late to protect the file,
-	 * permissions should be restrictive from the start */
-	int fd = open(file, O_CREAT, 0600);
-	if (fd != -1)
-		out = fdopen(fd, "wb");
-#endif
-	if (out == NULL)
-		out = fopen(file,"wb");
-	if (out == NULL) goto err;
-
-#ifndef NO_CHMOD
-	chmod(file,0600);
-#endif
-	n=RAND_DATA;
-	for (;;)
-		{
-		i=(n > BUFSIZE)?BUFSIZE:n;
-		n-=BUFSIZE;
-		if (RAND_bytes(buf,i) <= 0)
-			rand_err=1;
-		i=fwrite(buf,1,i,out);
-		if (i <= 0)
-			{
-			ret=0;
-			break;
-			}
-		ret+=i;
-		if (n <= 0) break;
-                }
-#ifdef OPENSSL_SYS_VMS
-	/* Try to delete older versions of the file, until there aren't
-	   any */
-	{
-	char *tmpf;
-
-	tmpf = OPENSSL_malloc(strlen(file) + 4);  /* to add ";-1" and a nul */
-	if (tmpf)
-		{
-		strcpy(tmpf, file);
-		strcat(tmpf, ";-1");
-		while(delete(tmpf) == 0)
-			;
-		rename(file,";1"); /* Make sure it's version 1, or we
-				      will reach the limit (32767) at
-				      some point... */
-		}
-	}
-#endif /* OPENSSL_SYS_VMS */
-
-	fclose(out);
-	OPENSSL_cleanse(buf,BUFSIZE);
-err:
-	return (rand_err ? -1 : ret);
-	}
-
-const char *RAND_file_name(char *buf, size_t size)
-	{
-	char *s=NULL;
-	char *ret=NULL;
-
-	if (OPENSSL_issetugid() == 0)
-		s=getenv("RANDFILE");
-	if (s != NULL)
-		{
-		if(strlen(s) >= size)
-			return NULL;
-		strcpy(buf,s);
-		ret=buf;
-		}
-	else
-		{
-		if (OPENSSL_issetugid() == 0)
-			s=getenv("HOME");
-#ifdef DEFAULT_HOME
-		if (s == NULL)
-			{
-			s = DEFAULT_HOME;
-			}
-#endif
-		if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
-			{
-			strcpy(buf,s);
-#ifndef OPENSSL_SYS_VMS
-			strcat(buf,"/");
-#endif
-			strcat(buf,RFILE);
-			ret=buf;
-			}
-		else
-		  	buf[0] = '\0'; /* no file name */
-		}
-	return(ret);
-	}
diff --git a/crypto/openssl/crypto/rand/randtest.c b/crypto/openssl/crypto/rand/randtest.c
deleted file mode 100644
index 701932e6ee28..000000000000
--- a/crypto/openssl/crypto/rand/randtest.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/rand/randtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rand.h>
-
-#include "../e_os.h"
-
-/* some FIPS 140-1 random number test */
-/* some simple tests */
-
-int main()
-	{
-	unsigned char buf[2500];
-	int i,j,k,s,sign,nsign,err=0;
-	unsigned long n1;
-	unsigned long n2[16];
-	unsigned long runs[2][34];
-	/*double d; */
-	long d;
-
-	i = RAND_pseudo_bytes(buf,2500);
-	if (i < 0)
-		{
-		printf ("init failed, the rand method is not properly installed\n");
-		err++;
-		goto err;
-		}
-
-	n1=0;
-	for (i=0; i<16; i++) n2[i]=0;
-	for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
-
-	/* test 1 and 2 */
-	sign=0;
-	nsign=0;
-	for (i=0; i<2500; i++)
-		{
-		j=buf[i];
-
-		n2[j&0x0f]++;
-		n2[(j>>4)&0x0f]++;
-
-		for (k=0; k<8; k++)
-			{
-			s=(j&0x01);
-			if (s == sign)
-				nsign++;
-			else
-				{
-				if (nsign > 34) nsign=34;
-				if (nsign != 0)
-					{
-					runs[sign][nsign-1]++;
-					if (nsign > 6)
-						runs[sign][5]++;
-					}
-				sign=s;
-				nsign=1;
-				}
-
-			if (s) n1++;
-			j>>=1;
-			}
-		}
-		if (nsign > 34) nsign=34;
-		if (nsign != 0) runs[sign][nsign-1]++;
-
-	/* test 1 */
-	if (!((9654 < n1) && (n1 < 10346)))
-		{
-		printf("test 1 failed, X=%lu\n",n1);
-		err++;
-		}
-	printf("test 1 done\n");
-
-	/* test 2 */
-#ifdef undef
-	d=0;
-	for (i=0; i<16; i++)
-		d+=n2[i]*n2[i];
-	d=d*16.0/5000.0-5000.0;
-	if (!((1.03 < d) && (d < 57.4)))
-		{
-		printf("test 2 failed, X=%.2f\n",d);
-		err++;
-		}
-#endif
-	d=0;
-	for (i=0; i<16; i++)
-		d+=n2[i]*n2[i];
-	d=(d*8)/25-500000;
-	if (!((103 < d) && (d < 5740)))
-		{
-		printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
-		err++;
-		}
-	printf("test 2 done\n");
-
-	/* test 3 */
-	for (i=0; i<2; i++)
-		{
-		if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,1,runs[i][0]);
-			err++;
-			}
-		if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,2,runs[i][1]);
-			err++;
-			}
-		if (!(( 502 < runs[i][2]) && (runs[i][2] <  748)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,3,runs[i][2]);
-			err++;
-			}
-		if (!(( 223 < runs[i][3]) && (runs[i][3] <  402)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,4,runs[i][3]);
-			err++;
-			}
-		if (!((  90 < runs[i][4]) && (runs[i][4] <  223)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,5,runs[i][4]);
-			err++;
-			}
-		if (!((  90 < runs[i][5]) && (runs[i][5] <  223)))
-			{
-			printf("test 3 failed, bit=%d run=%d num=%lu\n",
-				i,6,runs[i][5]);
-			err++;
-			}
-		}
-	printf("test 3 done\n");
-	
-	/* test 4 */
-	if (runs[0][33] != 0)
-		{
-		printf("test 4 failed, bit=%d run=%d num=%lu\n",
-			0,34,runs[0][33]);
-		err++;
-		}
-	if (runs[1][33] != 0)
-		{
-		printf("test 4 failed, bit=%d run=%d num=%lu\n",
-			1,34,runs[1][33]);
-		err++;
-		}
-	printf("test 4 done\n");
- err:
-	err=((err)?1:0);
-	EXIT(err);
-	return(err);
-	}
diff --git a/crypto/openssl/crypto/rc2/Makefile.save b/crypto/openssl/crypto/rc2/Makefile.save
deleted file mode 100644
index 6966e01b6f27..000000000000
--- a/crypto/openssl/crypto/rc2/Makefile.save
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/rc2/Makefile
-#
-
-DIR=	rc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc2.h
-HEADER=	rc2_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_cbc.o: rc2_locl.h
-rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rc2_ecb.o: ../../include/openssl/rc2.h rc2_locl.h
-rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_skey.o: rc2_locl.h
-rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2cfb64.o: rc2_locl.h
-rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2ofb64.o: rc2_locl.h
diff --git a/crypto/openssl/crypto/rc2/Makefile.ssl b/crypto/openssl/crypto/rc2/Makefile.ssl
deleted file mode 100644
index aa73dea5b601..000000000000
--- a/crypto/openssl/crypto/rc2/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/rc2/Makefile
-#
-
-DIR=	rc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc2.h
-HEADER=	rc2_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_cbc.o: rc2_cbc.c rc2_locl.h
-rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
-rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_skey.o: rc2_locl.h rc2_skey.c
-rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2cfb64.o: rc2_locl.h rc2cfb64.c
-rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/crypto/openssl/crypto/rc2/Makefile.uni b/crypto/openssl/crypto/rc2/Makefile.uni
deleted file mode 100644
index 4dc20c6fcfd5..000000000000
--- a/crypto/openssl/crypto/rc2/Makefile.uni
+++ /dev/null
@@ -1,73 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-
-DIR=    rc2
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-IDEA_ENC=rc2_cbc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc2test
-APPS=rc2speed
-
-LIB=librc2.a
-LIBSRC=rc2_skey.c rc2_ecb.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-LIBOBJ=rc2_skey.o rc2_ecb.o $(IDEA_ENC) rc2cfb64.o rc2ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc2.h
-HEADER= rc2_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/rc2/rc2.h b/crypto/openssl/crypto/rc2/rc2.h
deleted file mode 100644
index 7816b454dcdf..000000000000
--- a/crypto/openssl/crypto/rc2/rc2.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/rc2/rc2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC2_H
-#define HEADER_RC2_H
-
-#ifdef OPENSSL_NO_RC2
-#error RC2 is disabled.
-#endif
-
-#define RC2_ENCRYPT	1
-#define RC2_DECRYPT	0
-
-#include <openssl/opensslconf.h> /* RC2_INT */
-#define RC2_BLOCK	8
-#define RC2_KEY_LENGTH	16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc2_key_st
-	{
-	RC2_INT data[64];
-	} RC2_KEY;
-
- 
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
-void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
-		     int enc);
-void RC2_encrypt(unsigned long *data,RC2_KEY *key);
-void RC2_decrypt(unsigned long *data,RC2_KEY *key);
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num, int enc);
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/rc2/rc2_cbc.c b/crypto/openssl/crypto/rc2/rc2_cbc.c
deleted file mode 100644
index 74f48d3d87b3..000000000000
--- a/crypto/openssl/crypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* crypto/rc2/rc2_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     RC2_KEY *ks, unsigned char *iv, int encrypt)
-	{
-	register unsigned long tin0,tin1;
-	register unsigned long tout0,tout1,xor0,xor1;
-	register long l=length;
-	unsigned long tin[2];
-
-	if (encrypt)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC2_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC2_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC2_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC2_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-void RC2_encrypt(unsigned long *d, RC2_KEY *key)
-	{
-	int i,n;
-	register RC2_INT *p0,*p1;
-	register RC2_INT x0,x1,x2,x3,t;
-	unsigned long l;
-
-	l=d[0];
-	x0=(RC2_INT)l&0xffff;
-	x1=(RC2_INT)(l>>16L);
-	l=d[1];
-	x2=(RC2_INT)l&0xffff;
-	x3=(RC2_INT)(l>>16L);
-
-	n=3;
-	i=5;
-
-	p0=p1= &(key->data[0]);
-	for (;;)
-		{
-		t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
-		x0=(t<<1)|(t>>15);
-		t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
-		x1=(t<<2)|(t>>14);
-		t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
-		x2=(t<<3)|(t>>13);
-		t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
-		x3=(t<<5)|(t>>11);
-
-		if (--i == 0)
-			{
-			if (--n == 0) break;
-			i=(n == 2)?6:5;
-
-			x0+=p1[x3&0x3f];
-			x1+=p1[x0&0x3f];
-			x2+=p1[x1&0x3f];
-			x3+=p1[x2&0x3f];
-			}
-		}
-
-	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
-	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
-	}
-
-void RC2_decrypt(unsigned long *d, RC2_KEY *key)
-	{
-	int i,n;
-	register RC2_INT *p0,*p1;
-	register RC2_INT x0,x1,x2,x3,t;
-	unsigned long l;
-
-	l=d[0];
-	x0=(RC2_INT)l&0xffff;
-	x1=(RC2_INT)(l>>16L);
-	l=d[1];
-	x2=(RC2_INT)l&0xffff;
-	x3=(RC2_INT)(l>>16L);
-
-	n=3;
-	i=5;
-
-	p0= &(key->data[63]);
-	p1= &(key->data[0]);
-	for (;;)
-		{
-		t=((x3<<11)|(x3>>5))&0xffff;
-		x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
-		t=((x2<<13)|(x2>>3))&0xffff;
-		x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
-		t=((x1<<14)|(x1>>2))&0xffff;
-		x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
-		t=((x0<<15)|(x0>>1))&0xffff;
-		x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
-
-		if (--i == 0)
-			{
-			if (--n == 0) break;
-			i=(n == 2)?6:5;
-
-			x3=(x3-p1[x2&0x3f])&0xffff;
-			x2=(x2-p1[x1&0x3f])&0xffff;
-			x1=(x1-p1[x0&0x3f])&0xffff;
-			x0=(x0-p1[x3&0x3f])&0xffff;
-			}
-		}
-
-	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
-	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
-	}
-
diff --git a/crypto/openssl/crypto/rc2/rc2_ecb.c b/crypto/openssl/crypto/rc2/rc2_ecb.c
deleted file mode 100644
index d3e8c2718a30..000000000000
--- a/crypto/openssl/crypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/rc2/rc2_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT;
-
-/* RC2 as implemented frm a posting from
- * Newsgroups: sci.crypt
- * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
- * Subject: Specification for Ron Rivests Cipher No.2
- * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
- * Date: 11 Feb 1996 06:45:03 GMT
- */
-
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
-		     int encrypt)
-	{
-	unsigned long l,d[2];
-
-	c2l(in,l); d[0]=l;
-	c2l(in,l); d[1]=l;
-	if (encrypt)
-		RC2_encrypt(d,ks);
-	else
-		RC2_decrypt(d,ks);
-	l=d[0]; l2c(l,out);
-	l=d[1]; l2c(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/rc2/rc2_locl.h b/crypto/openssl/crypto/rc2/rc2_locl.h
deleted file mode 100644
index 565cd1761973..000000000000
--- a/crypto/openssl/crypto/rc2/rc2_locl.h
+++ /dev/null
@@ -1,156 +0,0 @@
-/* crypto/rc2/rc2_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#define C_RC2(n) \
-	t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
-	x0=(t<<1)|(t>>15); \
-	t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
-	x1=(t<<2)|(t>>14); \
-	t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
-	x2=(t<<3)|(t>>13); \
-	t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
-	x3=(t<<5)|(t>>11);
-
diff --git a/crypto/openssl/crypto/rc2/rc2_skey.c b/crypto/openssl/crypto/rc2/rc2_skey.c
deleted file mode 100644
index cab3080c73dc..000000000000
--- a/crypto/openssl/crypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* crypto/rc2/rc2_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-static unsigned char key_table[256]={
-	0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
-	0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
-	0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
-	0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
-	0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
-	0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
-	0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
-	0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
-	0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
-	0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
-	0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
-	0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
-	0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
-	0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
-	0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
-	0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
-	0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
-	0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
-	0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
-	0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
-	0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
-	0xfe,0x7f,0xc1,0xad,
-	};
-
-/* It has come to my attention that there are 2 versions of the RC2
- * key schedule.  One which is normal, and anther which has a hook to
- * use a reduced key length.
- * BSAFE uses the 'retarded' version.  What I previously shipped is
- * the same as specifying 1024 for the 'bits' parameter.  Bsafe uses
- * a version where the bits parameter is the same as len*8 */
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
-	{
-	int i,j;
-	unsigned char *k;
-	RC2_INT *ki;
-	unsigned int c,d;
-
-	k= (unsigned char *)&(key->data[0]);
-	*k=0; /* for if there is a zero length key */
-
-	if (len > 128) len=128;
-	if (bits <= 0) bits=1024;
-	if (bits > 1024) bits=1024;
-
-	for (i=0; i<len; i++)
-		k[i]=data[i];
-
-	/* expand table */
-	d=k[len-1];
-	j=0;
-	for (i=len; i < 128; i++,j++)
-		{
-		d=key_table[(k[j]+d)&0xff];
-		k[i]=d;
-		}
-
-	/* hmm.... key reduction to 'bits' bits */
-
-	j=(bits+7)>>3;
-	i=128-j;
-	c= (0xff>>(-bits & 0x07));
-
-	d=key_table[k[i]&c];
-	k[i]=d;
-	while (i--)
-		{
-		d=key_table[k[i+j]^d];
-		k[i]=d;
-		}
-
-	/* copy from bytes into RC2_INT's */
-	ki= &(key->data[63]);
-	for (i=127; i>=0; i-=2)
-		*(ki--)=((k[i]<<8)|k[i-1])&0xffff;
-	}
-
diff --git a/crypto/openssl/crypto/rc2/rc2cfb64.c b/crypto/openssl/crypto/rc2/rc2cfb64.c
deleted file mode 100644
index b3a0158a6e65..000000000000
--- a/crypto/openssl/crypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/rc2/rc2cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num, int encrypt)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned long ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/rc2/rc2ofb64.c b/crypto/openssl/crypto/rc2/rc2ofb64.c
deleted file mode 100644
index 9e297867ed56..000000000000
--- a/crypto/openssl/crypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/rc2/rc2ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned char d[8];
-	register char *dp;
-	unsigned long ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			RC2_encrypt((unsigned long *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2c(t,dp);
-			t=ti[1]; l2c(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/rc2/rc2speed.c b/crypto/openssl/crypto/rc2/rc2speed.c
deleted file mode 100644
index 47d34b444e5b..000000000000
--- a/crypto/openssl/crypto/rc2/rc2speed.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/* crypto/rc2/rc2speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/rc2.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#endif
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	RC2_KEY sch;
-	double a,b,c,d;
-#ifndef SIGALRM
-	long ca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	RC2_set_key(&sch,16,key,128);
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			RC2_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/512;
-	cb=count;
-	cc=count*8/BUFSIZE+1;
-	printf("Doing RC2_set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing RC2_set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		RC2_set_key(&sch,16,key,128);
-		RC2_set_key(&sch,16,key,128);
-		RC2_set_key(&sch,16,key,128);
-		RC2_set_key(&sch,16,key,128);
-		}
-	d=Time_F(STOP);
-	printf("%ld RC2_set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing RC2_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing RC2_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count+=4)
-		{
-		unsigned long data[2];
-
-		RC2_encrypt(data,&sch);
-		RC2_encrypt(data,&sch);
-		RC2_encrypt(data,&sch);
-		RC2_encrypt(data,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld RC2_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		RC2_cbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&(key[0]),RC2_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("RC2 set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
-	printf("RC2 cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/rc2/rc2test.c b/crypto/openssl/crypto/rc2/rc2test.c
deleted file mode 100644
index b67bafb49f4e..000000000000
--- a/crypto/openssl/crypto/rc2/rc2test.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* crypto/rc2/rc2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
- * RC2 modes, more of the code will be uncommented. */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC2
-int main(int argc, char *argv[])
-{
-    printf("No RC2 support\n");
-    return(0);
-}
-#else
-#include <openssl/rc2.h>
-
-static unsigned char RC2key[4][16]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
-	 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F},
-	};
-
-static unsigned char RC2plain[4][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	};
-
-static unsigned char RC2cipher[4][8]={
-	{0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7},
-	{0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74},
-	{0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E},
-	{0x50,0xDC,0x01,0x62,0xBD,0x75,0x7F,0x31},
-	};
-/************/
-#ifdef undef
-unsigned char k[16]={
-	0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
-	0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
-
-unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
-unsigned char  c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
-unsigned char out[80];
-
-char *text="Hello to all people out there";
-
-static unsigned char cfb_key[16]={
-	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
-	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
-	};
-static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
-static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
-#define CFB_TEST_SIZE 24
-static unsigned char plain[CFB_TEST_SIZE]=
-        {
-        0x4e,0x6f,0x77,0x20,0x69,0x73,
-        0x20,0x74,0x68,0x65,0x20,0x74,
-        0x69,0x6d,0x65,0x20,0x66,0x6f,
-        0x72,0x20,0x61,0x6c,0x6c,0x20
-        };
-static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
-	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
-	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
-	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
-
-/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
-	}; 
-
-
-/*static int cfb64_test(unsigned char *cfb_cipher);*/
-static char *pt(unsigned char *p);
-#endif
-
-int main(int argc, char *argv[])
-	{
-	int i,n,err=0;
-	RC2_KEY key; 
-	unsigned char buf[8],buf2[8];
-
-	for (n=0; n<4; n++)
-		{
-		RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */);
-
-		RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT);
-		if (memcmp(&(RC2cipher[n][0]),buf,8) != 0)
-			{
-			printf("ecb rc2 error encrypting\n");
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",RC2cipher[n][i]);
-			err=20;
-			printf("\n");
-			}
-
-		RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT);
-		if (memcmp(&(RC2plain[n][0]),buf2,8) != 0)
-			{
-			printf("ecb RC2 error decrypting\n");
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",RC2plain[n][i]);
-			printf("\n");
-			err=3;
-			}
-		}
-
-	if (err == 0) printf("ecb RC2 ok\n");
-#ifdef undef
-	memcpy(iv,k,8);
-	idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
-	memcpy(iv,k,8);
-	idea_cbc_encrypt(out,out,8,&dkey,iv,0);
-	idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
-	if (memcmp(text,out,strlen(text)+1) != 0)
-		{
-		printf("cbc idea bad\n");
-		err=4;
-		}
-	else
-		printf("cbc idea ok\n");
-
-	printf("cfb64 idea ");
-	if (cfb64_test(cfb_cipher64))
-		{
-		printf("bad\n");
-		err=5;
-		}
-	else
-		printf("ok\n");
-#endif
-
-	EXIT(err);
-	return(err);
-	}
-
-#ifdef undef
-static int cfb64_test(unsigned char *cfb_cipher)
-        {
-        IDEA_KEY_SCHEDULE eks,dks;
-        int err=0,i,n;
-
-        idea_set_encrypt_key(cfb_key,&eks);
-        idea_set_decrypt_key(&eks,&dks);
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
-                (long)CFB_TEST_SIZE-12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb64_encrypt encrypt error\n");
-                for (i=0; i<CFB_TEST_SIZE; i+=8)
-                        printf("%s\n",pt(&(cfb_buf1[i])));
-                }
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
-                (long)CFB_TEST_SIZE-17,&dks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb_encrypt decrypt error\n");
-                for (i=0; i<24; i+=8)
-                        printf("%s\n",pt(&(cfb_buf2[i])));
-                }
-        return(err);
-        }
-
-static char *pt(unsigned char *p)
-	{
-	static char bufs[10][20];
-	static int bnum=0;
-	char *ret;
-	int i;
-	static char *f="0123456789ABCDEF";
-
-	ret= &(bufs[bnum++][0]);
-	bnum%=10;
-	for (i=0; i<8; i++)
-		{
-		ret[i*2]=f[(p[i]>>4)&0xf];
-		ret[i*2+1]=f[p[i]&0xf];
-		}
-	ret[16]='\0';
-	return(ret);
-	}
-	
-#endif
-#endif
diff --git a/crypto/openssl/crypto/rc2/rrc2.doc b/crypto/openssl/crypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2f8..000000000000
--- a/crypto/openssl/crypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
-Article 23601 of sci.crypt:
-Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
->From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Newsgroups: sci.crypt
-Subject: Specification for Ron Rivests Cipher No.2
-Date: 11 Feb 1996 06:45:03 GMT
-Organization: University of Auckland
-Lines: 203
-Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Message-ID: <4fk39f$f70@net.auckland.ac.nz>
-NNTP-Posting-Host: cs26.cs.auckland.ac.nz
-X-Newsreader: NN version 6.5.0 #3 (NOV)
-
-
-
-
-                           Ron Rivest's Cipher No.2
-                           ------------------------
- 
-Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
-refer to it by other names) is word oriented, operating on a block of 64 bits
-divided into four 16-bit words, with a key table of 64 words.  All data units
-are little-endian.  This functional description of the algorithm is based in
-the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
-the same general layout, terminology, and pseudocode style.
- 
- 
-Notation and RRC.2 Primitive Operations
- 
-RRC.2 uses the following primitive operations:
- 
-1. Two's-complement addition of words, denoted by "+".  The inverse operation,
-   subtraction, is denoted by "-".
-2. Bitwise exclusive OR, denoted by "^".
-3. Bitwise AND, denoted by "&".
-4. Bitwise NOT, denoted by "~".
-5. A left-rotation of words; the rotation of word x left by y is denoted
-   x <<< y.  The inverse operation, right-rotation, is denoted x >>> y.
- 
-These operations are directly and efficiently supported by most processors.
- 
- 
-The RRC.2 Algorithm
- 
-RRC.2 consists of three components, a *key expansion* algorithm, an
-*encryption* algorithm, and a *decryption* algorithm.
- 
- 
-Key Expansion
- 
-The purpose of the key-expansion routine is to expand the user's key K to fill
-the expanded key array S, so S resembles an array of random binary words
-determined by the user's secret key K.
- 
-Initialising the S-box
- 
-RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
-Beale Cipher No.1 XOR'd with a one-time pad.  The Beale Ciphers predate modern
-cryptography by enough time that there should be no concerns about trapdoors
-hidden in the data.  They have been published widely, and the S-box can be
-easily recreated from the one-time pad values and the Beale Cipher data taken
-from a standard source.  To initialise the S-box:
- 
-  for i = 0 to 255 do
-    sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
- 
-The contents of Beale Cipher No.1 and the necessary one-time pad are given as
-an appendix at the end of this document.  For efficiency, implementors may wish
-to skip the Beale Cipher expansion and store the sBox table directly.
- 
-Expanding the Secret Key to 128 Bytes
- 
-The secret key is first expanded to fill 128 bytes (64 words).  The expansion
-consists of taking the sum of the first and last bytes in the user key, looking
-up the sum (modulo 256) in the S-box, and appending the result to the key.  The
-operation is repeated with the second byte and new last byte of the key until
-all 128 bytes have been generated.  Note that the following pseudocode treats
-the S array as an array of 128 bytes rather than 64 words.
- 
-  for j = 0 to length-1 do
-    S[ j ] = K[ j ]
-  for j = length to 127 do
-    s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
- 
-At this point it is possible to perform a truncation of the effective key
-length to ease the creation of espionage-enabled software products.  However
-since the author cannot conceive why anyone would want to do this, it will not
-be considered further.
- 
-The final phase of the key expansion involves replacing the first byte of S
-with the entry selected from the S-box:
- 
-  S[ 0 ] = sBox[ S[ 0 ] ]
- 
- 
-Encryption
- 
-The cipher has 16 full rounds, each divided into 4 subrounds.  Two of the full
-rounds perform an additional transformation on the data.  Note that the
-following pseudocode treats the S array as an array of 64 words rather than 128
-bytes.
- 
-  for i = 0 to 15 do
-    j = i * 4;
-    word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
-    word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
-    word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
-    word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
- 
-In addition the fifth and eleventh rounds add the contents of the S-box indexed
-by one of the data words to another of the data words following the four
-subrounds as follows:
- 
-    word0 = word0 + S[ word3 & 63 ];
-    word1 = word1 + S[ word0 & 63 ];
-    word2 = word2 + S[ word1 & 63 ];
-    word3 = word3 + S[ word2 & 63 ];
- 
- 
-Decryption
- 
-The decryption operation is simply the inverse of the encryption operation.
-Note that the following pseudocode treats the S array as an array of 64 words
-rather than 128 bytes.
- 
-  for i = 15 downto 0 do
-    j = i * 4;
-    word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
-    word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
-    word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
-    word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
- 
-In addition the fifth and eleventh rounds subtract the contents of the S-box
-indexed by one of the data words from another one of the data words following
-the four subrounds as follows:
- 
-    word3 = word3 - S[ word2 & 63 ]
-    word2 = word2 - S[ word1 & 63 ]
-    word1 = word1 - S[ word0 & 63 ]
-    word0 = word0 - S[ word3 & 63 ]
- 
- 
-Test Vectors
- 
-The following test vectors may be used to test the correctness of an RRC.2
-implementation:
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-  Cipher:   0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
- 
-  Key:      0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-            0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
- 
- 
-Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
-          Creating the S-Box
- 
-Beale Cipher No.1.
- 
-  71, 194,  38,1701,  89,  76,  11,  83,1629,  48,  94,  63, 132,  16, 111,  95,
-  84, 341, 975,  14,  40,  64,  27,  81, 139, 213,  63,  90,1120,   8,  15,   3,
- 126,2018,  40,  74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
- 124, 211, 486, 225, 401, 370,  11, 101, 305, 139, 189,  17,  33,  88, 208, 193,
- 145,   1,  94,  73, 416, 918, 263,  28, 500, 538, 356, 117, 136, 219,  27, 176,
- 130,  10, 460,  25, 485,  18, 436,  65,  84, 200, 283, 118, 320, 138,  36, 416,
- 280,  15,  71, 224, 961,  44,  16, 401,  39,  88,  61, 304,  12,  21,  24, 283,
- 134,  92,  63, 246, 486, 682,   7, 219, 184, 360, 780,  18,  64, 463, 474, 131,
- 160,  79,  73, 440,  95,  18,  64, 581,  34,  69, 128, 367, 460,  17,  81,  12,
- 103, 820,  62, 110,  97, 103, 862,  70,  60,1317, 471, 540, 208, 121, 890, 346,
-  36, 150,  59, 568, 614,  13, 120,  63, 219, 812,2160,1780,  99,  35,  18,  21,
- 136, 872,  15,  28, 170,  88,   4,  30,  44, 112,  18, 147, 436, 195, 320,  37,
- 122, 113,   6, 140,   8, 120, 305,  42,  58, 461,  44, 106, 301,  13, 408, 680,
-  93,  86, 116, 530,  82, 568,   9, 102,  38, 416,  89,  71, 216, 728, 965, 818,
-   2,  38, 121, 195,  14, 326, 148, 234,  18,  55, 131, 234, 361, 824,   5,  81,
- 623,  48, 961,  19,  26,  33,  10,1101, 365,  92,  88, 181, 275, 346, 201, 206
- 
-One-time Pad.
- 
- 158, 186, 223,  97,  64, 145, 190, 190, 117, 217, 163,  70, 206, 176, 183, 194,
- 146,  43, 248, 141,   3,  54,  72, 223, 233, 153,  91, 210,  36, 131, 244, 161,
- 105, 120, 113, 191, 113,  86,  19, 245, 213, 221,  43,  27, 242, 157,  73, 213,
- 193,  92, 166,  10,  23, 197, 112, 110, 193,  30, 156,  51, 125,  51, 158,  67,
- 197, 215,  59, 218, 110, 246, 181,   0, 135,  76, 164,  97,  47,  87, 234, 108,
- 144, 127,   6,   6, 222, 172,  80, 144,  22, 245, 207,  70, 227, 182, 146, 134,
- 119, 176,  73,  58, 135,  69,  23, 198,   0, 170,  32, 171, 176, 129,  91,  24,
- 126,  77, 248,   0, 118,  69,  57,  60, 190, 171, 217,  61, 136, 169, 196,  84,
- 168, 167, 163, 102, 223,  64, 174, 178, 166, 239, 242, 195, 249,  92,  59,  38,
- 241,  46, 236,  31,  59, 114,  23,  50, 119, 186,   7,  66, 212,  97, 222, 182,
- 230, 118, 122,  86, 105,  92, 179, 243, 255, 189, 223, 164, 194, 215,  98,  44,
-  17,  20,  53, 153, 137, 224, 176, 100, 208, 114,  36, 200, 145, 150, 215,  20,
-  87,  44, 252,  20, 235, 242, 163, 132,  63,  18,   5, 122,  74,  97,  34,  97,
- 142,  86, 146, 221, 179, 166, 161,  74,  69, 182,  88, 120, 128,  58,  76, 155,
-  15,  30,  77, 216, 165, 117, 107,  90, 169, 127, 143, 181, 208, 137, 200, 127,
- 170, 195,  26,  84, 255, 132, 150,  58, 103, 250, 120, 221, 237,  37,   8,  99
- 
- 
-Implementation
- 
-A non-US based programmer who has never seen any encryption code before will
-shortly be implementing RRC.2 based solely on this specification and not on
-knowledge of any other encryption algorithms.  Stand by.
-
-
-
diff --git a/crypto/openssl/crypto/rc2/tab.c b/crypto/openssl/crypto/rc2/tab.c
deleted file mode 100644
index 25dc14eeba1d..000000000000
--- a/crypto/openssl/crypto/rc2/tab.c
+++ /dev/null
@@ -1,86 +0,0 @@
-#include <stdio.h>
-
-unsigned char ebits_to_num[256]={
-	0xbd,0x56,0xea,0xf2,0xa2,0xf1,0xac,0x2a,
-	0xb0,0x93,0xd1,0x9c,0x1b,0x33,0xfd,0xd0,
-	0x30,0x04,0xb6,0xdc,0x7d,0xdf,0x32,0x4b,
-	0xf7,0xcb,0x45,0x9b,0x31,0xbb,0x21,0x5a,
-	0x41,0x9f,0xe1,0xd9,0x4a,0x4d,0x9e,0xda,
-	0xa0,0x68,0x2c,0xc3,0x27,0x5f,0x80,0x36,
-	0x3e,0xee,0xfb,0x95,0x1a,0xfe,0xce,0xa8,
-	0x34,0xa9,0x13,0xf0,0xa6,0x3f,0xd8,0x0c,
-	0x78,0x24,0xaf,0x23,0x52,0xc1,0x67,0x17,
-	0xf5,0x66,0x90,0xe7,0xe8,0x07,0xb8,0x60,
-	0x48,0xe6,0x1e,0x53,0xf3,0x92,0xa4,0x72,
-	0x8c,0x08,0x15,0x6e,0x86,0x00,0x84,0xfa,
-	0xf4,0x7f,0x8a,0x42,0x19,0xf6,0xdb,0xcd,
-	0x14,0x8d,0x50,0x12,0xba,0x3c,0x06,0x4e,
-	0xec,0xb3,0x35,0x11,0xa1,0x88,0x8e,0x2b,
-	0x94,0x99,0xb7,0x71,0x74,0xd3,0xe4,0xbf,
-	0x3a,0xde,0x96,0x0e,0xbc,0x0a,0xed,0x77,
-	0xfc,0x37,0x6b,0x03,0x79,0x89,0x62,0xc6,
-	0xd7,0xc0,0xd2,0x7c,0x6a,0x8b,0x22,0xa3,
-	0x5b,0x05,0x5d,0x02,0x75,0xd5,0x61,0xe3,
-	0x18,0x8f,0x55,0x51,0xad,0x1f,0x0b,0x5e,
-	0x85,0xe5,0xc2,0x57,0x63,0xca,0x3d,0x6c,
-	0xb4,0xc5,0xcc,0x70,0xb2,0x91,0x59,0x0d,
-	0x47,0x20,0xc8,0x4f,0x58,0xe0,0x01,0xe2,
-	0x16,0x38,0xc4,0x6f,0x3b,0x0f,0x65,0x46,
-	0xbe,0x7e,0x2d,0x7b,0x82,0xf9,0x40,0xb5,
-	0x1d,0x73,0xf8,0xeb,0x26,0xc7,0x87,0x97,
-	0x25,0x54,0xb1,0x28,0xaa,0x98,0x9d,0xa5,
-	0x64,0x6d,0x7a,0xd4,0x10,0x81,0x44,0xef,
-	0x49,0xd6,0xae,0x2e,0xdd,0x76,0x5c,0x2f,
-	0xa7,0x1c,0xc9,0x09,0x69,0x9a,0x83,0xcf,
-	0x29,0x39,0xb9,0xe9,0x4c,0xff,0x43,0xab,
-	};
-
-unsigned char num_to_ebits[256]={
-	0x5d,0xbe,0x9b,0x8b,0x11,0x99,0x6e,0x4d,
-	0x59,0xf3,0x85,0xa6,0x3f,0xb7,0x83,0xc5,
-	0xe4,0x73,0x6b,0x3a,0x68,0x5a,0xc0,0x47,
-	0xa0,0x64,0x34,0x0c,0xf1,0xd0,0x52,0xa5,
-	0xb9,0x1e,0x96,0x43,0x41,0xd8,0xd4,0x2c,
-	0xdb,0xf8,0x07,0x77,0x2a,0xca,0xeb,0xef,
-	0x10,0x1c,0x16,0x0d,0x38,0x72,0x2f,0x89,
-	0xc1,0xf9,0x80,0xc4,0x6d,0xae,0x30,0x3d,
-	0xce,0x20,0x63,0xfe,0xe6,0x1a,0xc7,0xb8,
-	0x50,0xe8,0x24,0x17,0xfc,0x25,0x6f,0xbb,
-	0x6a,0xa3,0x44,0x53,0xd9,0xa2,0x01,0xab,
-	0xbc,0xb6,0x1f,0x98,0xee,0x9a,0xa7,0x2d,
-	0x4f,0x9e,0x8e,0xac,0xe0,0xc6,0x49,0x46,
-	0x29,0xf4,0x94,0x8a,0xaf,0xe1,0x5b,0xc3,
-	0xb3,0x7b,0x57,0xd1,0x7c,0x9c,0xed,0x87,
-	0x40,0x8c,0xe2,0xcb,0x93,0x14,0xc9,0x61,
-	0x2e,0xe5,0xcc,0xf6,0x5e,0xa8,0x5c,0xd6,
-	0x75,0x8d,0x62,0x95,0x58,0x69,0x76,0xa1,
-	0x4a,0xb5,0x55,0x09,0x78,0x33,0x82,0xd7,
-	0xdd,0x79,0xf5,0x1b,0x0b,0xde,0x26,0x21,
-	0x28,0x74,0x04,0x97,0x56,0xdf,0x3c,0xf0,
-	0x37,0x39,0xdc,0xff,0x06,0xa4,0xea,0x42,
-	0x08,0xda,0xb4,0x71,0xb0,0xcf,0x12,0x7a,
-	0x4e,0xfa,0x6c,0x1d,0x84,0x00,0xc8,0x7f,
-	0x91,0x45,0xaa,0x2b,0xc2,0xb1,0x8f,0xd5,
-	0xba,0xf2,0xad,0x19,0xb2,0x67,0x36,0xf7,
-	0x0f,0x0a,0x92,0x7d,0xe3,0x9d,0xe9,0x90,
-	0x3e,0x23,0x27,0x66,0x13,0xec,0x81,0x15,
-	0xbd,0x22,0xbf,0x9f,0x7e,0xa9,0x51,0x4b,
-	0x4c,0xfb,0x02,0xd3,0x70,0x86,0x31,0xe7,
-	0x3b,0x05,0x03,0x54,0x60,0x48,0x65,0x18,
-	0xd2,0xcd,0x5f,0x32,0x88,0x0e,0x35,0xfd,
-	};
-	
-main()
-	{
-	int i,j;
-
-	for (i=0; i<256; i++)
-		{
-		for (j=0; j<256; j++)
-			if (ebits_to_num[j] == i)
-				{
-				printf("0x%02x,",j);
-				break;
-				}
-		}
-	}
diff --git a/crypto/openssl/crypto/rc2/version b/crypto/openssl/crypto/rc2/version
deleted file mode 100644
index 6f89d595f179..000000000000
--- a/crypto/openssl/crypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
-1.1 23/08/96 - eay
-	Changed RC2_set_key() so it now takes another argument.  Many
-	thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
-	clarification and origional specification of RC2.  BSAFE uses
-	this last parameter, 'bits'.  It the key is 128 bits, BSAFE
-	also sets this parameter to 128.  The old behaviour can be
-	duplicated by setting this parameter to 1024.
-
-1.0 08/04/96 - eay
-	First version of SSLeay with rc2.  This has been written from the spec
-	posted sci.crypt.  It is in this directory under rrc2.doc
-	I have no test values for any mode other than ecb, my wrappers for the
-	other modes should be ok since they are basically the same as
-	the ones taken from idea and des :-).  I have implemented them as
-	little-endian operators.
-	While rc2 is included because it is used with SSL, I don't know how
-	far I trust it.  It is about the same speed as IDEA and DES.
-	So if you are paranoid, used Tripple DES, else IDEA.  If RC2
-	does get used more, perhaps more people will look for weaknesses in
-	it.
-	
-
diff --git a/crypto/openssl/crypto/rc4/Makefile.save b/crypto/openssl/crypto/rc4/Makefile.save
deleted file mode 100644
index 8ffff0a74e3d..000000000000
--- a/crypto/openssl/crypto/rc4/Makefile.save
+++ /dev/null
@@ -1,115 +0,0 @@
-#
-# SSLeay/crypto/rc4/Makefile
-#
-
-DIR=	rc4
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC4_ENC=rc4_enc.o
-# or use
-#RC4_ENC=asm/rx86-elf.o
-#RC4_ENC=asm/rx86-out.o
-#RC4_ENC=asm/rx86-sol.o
-#RC4_ENC=asm/rx86bdsi.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc4test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_skey.c rc4_enc.c
-LIBOBJ=rc4_skey.o $(RC4_ENC)
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc4.h
-HEADER=	$(EXHEADER) rc4_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/rx86-elf.o: asm/rx86unix.cpp
-	$(CPP) -DELF -x c asm/rx86unix.cpp | as -o asm/rx86-elf.o
-
-# solaris
-asm/rx86-sol.o: asm/rx86unix.cpp
-	$(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s
-	as -o asm/rx86-sol.o asm/rx86-sol.s
-	rm -f asm/rx86-sol.s
-
-# a.out
-asm/rx86-out.o: asm/rx86unix.cpp
-	$(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
-
-# bsdi
-asm/rx86bsdi.o: asm/rx86unix.cpp
-	$(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o
-
-asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/rx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h
-rc4_enc.o: rc4_locl.h
-rc4_skey.o: ../../include/openssl/opensslconf.h
-rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
-rc4_skey.o: rc4_locl.h
diff --git a/crypto/openssl/crypto/rc4/Makefile.ssl b/crypto/openssl/crypto/rc4/Makefile.ssl
deleted file mode 100644
index b210b42f8f4b..000000000000
--- a/crypto/openssl/crypto/rc4/Makefile.ssl
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# SSLeay/crypto/rc4/Makefile
-#
-
-DIR=	rc4
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC4_ENC=rc4_enc.o
-# or use
-#RC4_ENC=asm/rx86-elf.o
-#RC4_ENC=asm/rx86-out.o
-#RC4_ENC=asm/rx86-sol.o
-#RC4_ENC=asm/rx86bdsi.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc4test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_skey.c rc4_enc.c
-LIBOBJ=rc4_skey.o $(RC4_ENC)
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc4.h
-HEADER=	$(EXHEADER) rc4_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s)
-
-# a.out
-asm/rx86-out.o: asm/rx86unix.cpp
-	$(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
-
-# bsdi
-asm/rx86bsdi.o: asm/rx86unix.cpp
-	$(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o
-
-asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h
-rc4_enc.o: rc4_enc.c rc4_locl.h
-rc4_skey.o: ../../include/openssl/opensslconf.h
-rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
-rc4_skey.o: rc4_locl.h rc4_skey.c
diff --git a/crypto/openssl/crypto/rc4/Makefile.uni b/crypto/openssl/crypto/rc4/Makefile.uni
deleted file mode 100644
index 855d9e50f371..000000000000
--- a/crypto/openssl/crypto/rc4/Makefile.uni
+++ /dev/null
@@ -1,103 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=    rc4
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-RC4_ENC=rc4_enc.o
-# or use
-#RC4_ENC=asm/rx86-elf.o
-#RC4_ENC=asm/rx86-out.o
-#RC4_ENC=asm/rx86-sol.o
-#RC4_ENC=asm/rx86bdsi.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc4test
-APPS=rc4speed
-
-LIB=librc4.a
-LIBSRC=rc4_skey.c rc4_enc.c
-LIBOBJ=rc4_skey.o $(RC4_ENC)
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc4.h
-HEADER= $(EXHEADER) rc4_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-# elf
-asm/rx86-elf.o: asm/rx86unix.cpp
-	$(CPP) -DELF asm/rx86unix.cpp | as -o asm/rx86-elf.o
-
-# solaris
-asm/rx86-sol.o: asm/rx86unix.cpp
-	$(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s
-	as -o asm/rx86-sol.o asm/rx86-sol.s
-	rm -f asm/rx86-sol.s
-
-# a.out
-asm/rx86-out.o: asm/rx86unix.cpp
-	$(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
-
-# bsdi
-asm/rx86bsdi.o: asm/rx86unix.cpp
-	$(CPP) -DBSDI asm/rx86unix.cpp | as -o asm/rx86bsdi.o
-
-asm/rx86unix.cpp:
-	(cd asm; perl rc4-586.pl cpp >rx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/rc4/asm/rc4-586.pl b/crypto/openssl/crypto/rc4/asm/rc4-586.pl
deleted file mode 100644
index 7ef889e5a135..000000000000
--- a/crypto/openssl/crypto/rc4/asm/rc4-586.pl
+++ /dev/null
@@ -1,173 +0,0 @@
-#!/usr/local/bin/perl
-
-# define for pentium pro friendly version
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"rc4-586.pl");
-
-$tx="eax";
-$ty="ebx";
-$x="ecx";
-$y="edx";
-$in="esi";
-$out="edi";
-$d="ebp";
-
-&RC4("RC4");
-
-&asm_finish();
-
-sub RC4_loop
-	{
-	local($n,$p,$char)=@_;
-
-	&comment("Round $n");
-
-	if ($char)
-		{
-		if ($p >= 0)
-			{
-			 &mov($ty,	&swtmp(2));
-			&cmp($ty,	$in);
-			 &jle(&label("finished"));
-			&inc($in);
-			}
-		else
-			{
-			&add($ty,	8);
-			 &inc($in);
-			&cmp($ty,	$in);
-			 &jl(&label("finished"));
-			&mov(&swtmp(2),	$ty);
-			}
-		}
-	# Moved out
-	# &mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 0;
-
-	 &add(	$y,		$tx);
-	&and(	$y,		0xff);
-	 &inc(	$x);			# NEXT ROUND 
-	&mov(	$ty,		&DWP(0,$d,$y,4));
-	 # XXX
-	&mov(	&DWP(-4,$d,$x,4),$ty);			# AGI
-	 &add(	$ty,		$tx);
-	&and(	$x,		0xff);	# NEXT ROUND
-	 &and(	$ty,		0xff);
-	&mov(	&DWP(0,$d,$y,4),$tx);
-	 &nop();
-	&mov(	$ty,		&DWP(0,$d,$ty,4));
-	 &mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
-	 # XXX
-
-	if (!$char)
-		{
-		#moved up into last round
-		if ($p >= 1)
-			{
-			&add(	$out,	8)
-			}
-		&movb(	&BP($n,"esp","",0),	&LB($ty));
-		}
-	else
-		{
-		# Note in+=8 has occured
-		&movb(	&HB($ty),	&BP(-1,$in,"",0));
-		 # XXX
-		&xorb(&LB($ty),		&HB($ty));
-		 # XXX
-		&movb(&BP($n,$out,"",0),&LB($ty));
-		}
-	}
-
-
-sub RC4
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"");
-
-	&comment("");
-
-	&push("ebp");
-	 &push("ebx");
-	&mov(	$d,	&wparam(0));	# key
-	 &mov(	$ty,	&wparam(1));	# num
-	&push("esi");
-	 &push("edi");
-
-	&mov(	$x,	&DWP(0,$d,"",1));
-	 &mov(	$y,	&DWP(4,$d,"",1));
-
-	&mov(	$in,	&wparam(2));
-	 &inc(	$x);
-
-	&stack_push(3);	# 3 temp variables
-	 &add(	$d,	8);
-	&and(	$x,		0xff);
-
-	 &lea(	$ty,	&DWP(-8,$ty,$in));
-
-	# check for 0 length input
-
-	&mov(	$out,	&wparam(3));
-	 &mov(	&swtmp(2),	$ty);	# this is now address to exit at
-	&mov(	$tx,	&DWP(0,$d,$x,4));
-
-	 &cmp(	$ty,	$in);
-	&jl(	&label("end")); # less than 8 bytes
-
-	&set_label("start");
-
-	# filling DELAY SLOT
-	&add(	$in,	8);
-
-	&RC4_loop(0,-1,0);
-	&RC4_loop(1,0,0);
-	&RC4_loop(2,0,0);
-	&RC4_loop(3,0,0);
-	&RC4_loop(4,0,0);
-	&RC4_loop(5,0,0);
-	&RC4_loop(6,0,0);
-	&RC4_loop(7,1,0);
-	
-	&comment("apply the cipher text");
-	# xor the cipher data with input
-
-	#&add(	$out,	8); #moved up into last round
-
-	&mov(	$tx,	&swtmp(0));
-	 &mov(	$ty,	&DWP(-8,$in,"",0));
-	&xor(	$tx,	$ty);
-	 &mov(	$ty,	&DWP(-4,$in,"",0)); 
-	&mov(	&DWP(-8,$out,"",0),	$tx);
-	 &mov(	$tx,	&swtmp(1));
-	&xor(	$tx,	$ty);
-	 &mov(	$ty,	&swtmp(2));	# load end ptr;
-	&mov(	&DWP(-4,$out,"",0),	$tx);
-	 &mov(	$tx,		&DWP(0,$d,$x,4));
-	&cmp($in,	$ty);
-	 &jle(&label("start"));
-
-	&set_label("end");
-
-	# There is quite a bit of extra crap in RC4_loop() for this
-	# first round
-	&RC4_loop(0,-1,1);
-	&RC4_loop(1,0,1);
-	&RC4_loop(2,0,1);
-	&RC4_loop(3,0,1);
-	&RC4_loop(4,0,1);
-	&RC4_loop(5,0,1);
-	&RC4_loop(6,1,1);
-
-	&set_label("finished");
-	&dec(	$x);
-	 &stack_pop(3);
-	&mov(	&DWP(-4,$d,"",0),$y);
-	 &movb(	&BP(-8,$d,"",0),&LB($x));
-
-	&function_end($name);
-	}
-
diff --git a/crypto/openssl/crypto/rc4/rc4.c b/crypto/openssl/crypto/rc4/rc4.c
deleted file mode 100644
index b39c070292c9..000000000000
--- a/crypto/openssl/crypto/rc4/rc4.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* crypto/rc4/rc4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/rc4.h>
-
-char *usage[]={
-"usage: rc4 args\n",
-"\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -key key        - password\n",
-NULL
-};
-
-int main(int argc, char *argv[])
-	{
-	FILE *in=NULL,*out=NULL;
-	char *infile=NULL,*outfile=NULL,*keystr=NULL;
-	RC4_KEY key;
-	char buf[BUFSIZ];
-	int badops=0,i;
-	char **pp;
-	unsigned char md[MD5_DIGEST_LENGTH];
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keystr= *(++argv);
-			}
-		else
-			{
-			fprintf(stderr,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=usage; (*pp != NULL); pp++)
-			fprintf(stderr,"%s",*pp);
-		exit(1);
-		}
-
-	if (infile == NULL)
-		in=stdin;
-	else
-		{
-		in=fopen(infile,"r");
-		if (in == NULL)
-			{
-			perror("open");
-			exit(1);
-			}
-
-		}
-	if (outfile == NULL)
-		out=stdout;
-	else
-		{
-		out=fopen(outfile,"w");
-		if (out == NULL)
-			{
-			perror("open");
-			exit(1);
-			}
-		}
-		
-#ifdef OPENSSL_SYS_MSDOS
-	/* This should set the file to binary mode. */
-	{
-#include <fcntl.h>
-	setmode(fileno(in),O_BINARY);
-	setmode(fileno(out),O_BINARY);
-	}
-#endif
-
-	if (keystr == NULL)
-		{ /* get key */
-		i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
-		if (i != 0)
-			{
-			OPENSSL_cleanse(buf,BUFSIZ);
-			fprintf(stderr,"bad password read\n");
-			exit(1);
-			}
-		keystr=buf;
-		}
-
-	EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5());
-	OPENSSL_cleanse(keystr,strlen(keystr));
-	RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
-	
-	for(;;)
-		{
-		i=fread(buf,1,BUFSIZ,in);
-		if (i == 0) break;
-		if (i < 0)
-			{
-			perror("read");
-			exit(1);
-			}
-		RC4(&key,(unsigned int)i,(unsigned char *)buf,
-			(unsigned char *)buf);
-		i=fwrite(buf,(unsigned int)i,1,out);
-		if (i != 1)
-			{
-			perror("write");
-			exit(1);
-			}
-		}
-	fclose(out);
-	fclose(in);
-	exit(0);
-	return(1);
-	}
-
diff --git a/crypto/openssl/crypto/rc4/rc4.h b/crypto/openssl/crypto/rc4/rc4.h
deleted file mode 100644
index 8722091f2ecf..000000000000
--- a/crypto/openssl/crypto/rc4/rc4.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/rc4/rc4.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC4_H
-#define HEADER_RC4_H
-
-#ifdef OPENSSL_NO_RC4
-#error RC4 is disabled.
-#endif
-
-#include <openssl/opensslconf.h> /* RC4_INT */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc4_key_st
-	{
-	RC4_INT x,y;
-	RC4_INT data[256];
-	} RC4_KEY;
-
- 
-const char *RC4_options(void);
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
-		unsigned char *outdata);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/rc4/rc4_enc.c b/crypto/openssl/crypto/rc4/rc4_enc.c
deleted file mode 100644
index d5f18a3a7070..000000000000
--- a/crypto/openssl/crypto/rc4/rc4_enc.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* crypto/rc4/rc4_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
-	     unsigned char *outdata)
-	{
-        register RC4_INT *d;
-        register RC4_INT x,y,tx,ty;
-	int i;
-        
-        x=key->x;     
-        y=key->y;     
-        d=key->data; 
-
-#if defined(RC4_CHUNK)
-	/*
-	 * The original reason for implementing this(*) was the fact that
-	 * pre-21164a Alpha CPUs don't have byte load/store instructions
-	 * and e.g. a byte store has to be done with 64-bit load, shift,
-	 * and, or and finally 64-bit store. Peaking data and operating
-	 * at natural word size made it possible to reduce amount of
-	 * instructions as well as to perform early read-ahead without
-	 * suffering from RAW (read-after-write) hazard. This resulted
-	 * in ~40%(**) performance improvement on 21064 box with gcc.
-	 * But it's not only Alpha users who win here:-) Thanks to the
-	 * early-n-wide read-ahead this implementation also exhibits
-	 * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
-	 * on sizeof(RC4_INT)).
-	 *
-	 * (*)	"this" means code which recognizes the case when input
-	 *	and output pointers appear to be aligned at natural CPU
-	 *	word boundary
-	 * (**)	i.e. according to 'apps/openssl speed rc4' benchmark,
-	 *	crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
-	 *
-	 * Cavets.
-	 *
-	 * - RC4_CHUNK="unsigned long long" should be a #1 choice for
-	 *   UltraSPARC. Unfortunately gcc generates very slow code
-	 *   (2.5-3 times slower than one generated by Sun's WorkShop
-	 *   C) and therefore gcc (at least 2.95 and earlier) should
-	 *   always be told that RC4_CHUNK="unsigned long".
-	 *
-	 *					<appro@fy.chalmers.se>
-	 */
-
-# define RC4_STEP	( \
-			x=(x+1) &0xff,	\
-			tx=d[x],	\
-			y=(tx+y)&0xff,	\
-			ty=d[y],	\
-			d[y]=tx,	\
-			d[x]=ty,	\
-			(RC4_CHUNK)d[(tx+ty)&0xff]\
-			)
-
-	if ( ( ((unsigned long)indata  & (sizeof(RC4_CHUNK)-1)) | 
-	       ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
-		{
-		RC4_CHUNK ichunk,otp;
-		const union { long one; char little; } is_endian = {1};
-
-		/*
-		 * I reckon we can afford to implement both endian
-		 * cases and to decide which way to take at run-time
-		 * because the machine code appears to be very compact
-		 * and redundant 1-2KB is perfectly tolerable (i.e.
-		 * in case the compiler fails to eliminate it:-). By
-		 * suggestion from Terrel Larson <terr@terralogic.net>
-		 * who also stands for the is_endian union:-)
-		 *
-		 * Special notes.
-		 *
-		 * - is_endian is declared automatic as doing otherwise
-		 *   (declaring static) prevents gcc from eliminating
-		 *   the redundant code;
-		 * - compilers (those I've tried) don't seem to have
-		 *   problems eliminating either the operators guarded
-		 *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
-		 *   expressions themselves so I've got 'em to replace
-		 *   corresponding #ifdefs from the previous version;
-		 * - I chose to let the redundant switch cases when
-		 *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
-		 *   before);
-		 * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
-		 *   [LB]ESHFT guards against "shift is out of range"
-		 *   warnings when sizeof(RC4_CHUNK)!=8 
-		 *
-		 *			<appro@fy.chalmers.se>
-		 */
-		if (!is_endian.little)
-			{	/* BIG-ENDIAN CASE */
-# define BESHFT(c)	(((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
-				{
-				ichunk  = *(RC4_CHUNK *)indata;
-				otp  = RC4_STEP<<BESHFT(0);
-				otp |= RC4_STEP<<BESHFT(1);
-				otp |= RC4_STEP<<BESHFT(2);
-				otp |= RC4_STEP<<BESHFT(3);
-				if (sizeof(RC4_CHUNK)==8)
-					{
-					otp |= RC4_STEP<<BESHFT(4);
-					otp |= RC4_STEP<<BESHFT(5);
-					otp |= RC4_STEP<<BESHFT(6);
-					otp |= RC4_STEP<<BESHFT(7);
-					}
-				*(RC4_CHUNK *)outdata = otp^ichunk;
-				indata  += sizeof(RC4_CHUNK);
-				outdata += sizeof(RC4_CHUNK);
-				}
-			if (len)
-				{
-				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
-
-				ichunk = *(RC4_CHUNK *)indata;
-				ochunk = *(RC4_CHUNK *)outdata;
-				otp = 0;
-				i = BESHFT(0);
-				mask <<= (sizeof(RC4_CHUNK)-len)<<3;
-				switch (len&(sizeof(RC4_CHUNK)-1))
-					{
-					case 7:	otp  = RC4_STEP<<i, i-=8;
-					case 6:	otp |= RC4_STEP<<i, i-=8;
-					case 5:	otp |= RC4_STEP<<i, i-=8;
-					case 4:	otp |= RC4_STEP<<i, i-=8;
-					case 3:	otp |= RC4_STEP<<i, i-=8;
-					case 2:	otp |= RC4_STEP<<i, i-=8;
-					case 1:	otp |= RC4_STEP<<i, i-=8;
-					case 0: ; /*
-						   * it's never the case,
-						   * but it has to be here
-						   * for ultrix?
-						   */
-					}
-				ochunk &= ~mask;
-				ochunk |= (otp^ichunk) & mask;
-				*(RC4_CHUNK *)outdata = ochunk;
-				}
-			key->x=x;     
-			key->y=y;
-			return;
-			}
-		else
-			{	/* LITTLE-ENDIAN CASE */
-# define LESHFT(c)	(((c)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
-				{
-				ichunk  = *(RC4_CHUNK *)indata;
-				otp  = RC4_STEP;
-				otp |= RC4_STEP<<8;
-				otp |= RC4_STEP<<16;
-				otp |= RC4_STEP<<24;
-				if (sizeof(RC4_CHUNK)==8)
-					{
-					otp |= RC4_STEP<<LESHFT(4);
-					otp |= RC4_STEP<<LESHFT(5);
-					otp |= RC4_STEP<<LESHFT(6);
-					otp |= RC4_STEP<<LESHFT(7);
-					}
-				*(RC4_CHUNK *)outdata = otp^ichunk;
-				indata  += sizeof(RC4_CHUNK);
-				outdata += sizeof(RC4_CHUNK);
-				}
-			if (len)
-				{
-				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
-
-				ichunk = *(RC4_CHUNK *)indata;
-				ochunk = *(RC4_CHUNK *)outdata;
-				otp = 0;
-				i   = 0;
-				mask >>= (sizeof(RC4_CHUNK)-len)<<3;
-				switch (len&(sizeof(RC4_CHUNK)-1))
-					{
-					case 7:	otp  = RC4_STEP,    i+=8;
-					case 6:	otp |= RC4_STEP<<i, i+=8;
-					case 5:	otp |= RC4_STEP<<i, i+=8;
-					case 4:	otp |= RC4_STEP<<i, i+=8;
-					case 3:	otp |= RC4_STEP<<i, i+=8;
-					case 2:	otp |= RC4_STEP<<i, i+=8;
-					case 1:	otp |= RC4_STEP<<i, i+=8;
-					case 0: ; /*
-						   * it's never the case,
-						   * but it has to be here
-						   * for ultrix?
-						   */
-					}
-				ochunk &= ~mask;
-				ochunk |= (otp^ichunk) & mask;
-				*(RC4_CHUNK *)outdata = ochunk;
-				}
-			key->x=x;     
-			key->y=y;
-			return;
-			}
-		}
-#endif
-#define LOOP(in,out) \
-		x=((x+1)&0xff); \
-		tx=d[x]; \
-		y=(tx+y)&0xff; \
-		d[x]=ty=d[y]; \
-		d[y]=tx; \
-		(out) = d[(tx+ty)&0xff]^ (in);
-
-#ifndef RC4_INDEX
-#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
-#else
-#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
-#endif
-
-	i=(int)(len>>3L);
-	if (i)
-		{
-		for (;;)
-			{
-			RC4_LOOP(indata,outdata,0);
-			RC4_LOOP(indata,outdata,1);
-			RC4_LOOP(indata,outdata,2);
-			RC4_LOOP(indata,outdata,3);
-			RC4_LOOP(indata,outdata,4);
-			RC4_LOOP(indata,outdata,5);
-			RC4_LOOP(indata,outdata,6);
-			RC4_LOOP(indata,outdata,7);
-#ifdef RC4_INDEX
-			indata+=8;
-			outdata+=8;
-#endif
-			if (--i == 0) break;
-			}
-		}
-	i=(int)len&0x07;
-	if (i)
-		{
-		for (;;)
-			{
-			RC4_LOOP(indata,outdata,0); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,1); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,2); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,3); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,4); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,5); if (--i == 0) break;
-			RC4_LOOP(indata,outdata,6); if (--i == 0) break;
-			}
-		}               
-	key->x=x;     
-	key->y=y;
-	}
diff --git a/crypto/openssl/crypto/rc4/rc4_locl.h b/crypto/openssl/crypto/rc4/rc4_locl.h
deleted file mode 100644
index 3bb80b6ce9e0..000000000000
--- a/crypto/openssl/crypto/rc4/rc4_locl.h
+++ /dev/null
@@ -1,4 +0,0 @@
-#ifndef HEADER_RC4_LOCL_H
-#define HEADER_RC4_LOCL_H
-#include <openssl/opensslconf.h>
-#endif
diff --git a/crypto/openssl/crypto/rc4/rc4_skey.c b/crypto/openssl/crypto/rc4/rc4_skey.c
deleted file mode 100644
index bb10c1ebe289..000000000000
--- a/crypto/openssl/crypto/rc4/rc4_skey.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/rc4/rc4_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;
-
-const char *RC4_options(void)
-	{
-#ifdef RC4_INDEX
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(idx,char)");
-	else
-		return("rc4(idx,int)");
-#else
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(ptr,char)");
-	else
-		return("rc4(ptr,int)");
-#endif
-	}
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-	{
-        register RC4_INT tmp;
-        register int id1,id2;
-        register RC4_INT *d;
-        unsigned int i;
-        
-        d= &(key->data[0]);
-	for (i=0; i<256; i++)
-		d[i]=i;
-        key->x = 0;     
-        key->y = 0;     
-        id1=id2=0;     
-
-#define SK_LOOP(n) { \
-		tmp=d[(n)]; \
-		id2 = (data[id1] + tmp + id2) & 0xff; \
-		if (++id1 == len) id1=0; \
-		d[(n)]=d[id2]; \
-		d[id2]=tmp; }
-
-	for (i=0; i < 256; i+=4)
-		{
-		SK_LOOP(i+0);
-		SK_LOOP(i+1);
-		SK_LOOP(i+2);
-		SK_LOOP(i+3);
-		}
-	}
-    
diff --git a/crypto/openssl/crypto/rc4/rc4s.cpp b/crypto/openssl/crypto/rc4/rc4s.cpp
deleted file mode 100644
index 3814fde9972f..000000000000
--- a/crypto/openssl/crypto/rc4/rc4s.cpp
+++ /dev/null
@@ -1,73 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rc4.h>
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[1024];
-	RC4_KEY ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=64,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=256;
-	if (num > 1024-16) num=1024-16;
-	numm=num+8;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(s1);
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(e1);
-			GetTSC(s2);
-			RC4(&ctx,num,buffer,buffer);
-			GetTSC(e2);
-			RC4(&ctx,num,buffer,buffer);
-			}
-
-		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
-			e1-s1,e2-s2,(e1-s1)-(e2-s2));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/rc4/rc4speed.c b/crypto/openssl/crypto/rc4/rc4speed.c
deleted file mode 100644
index ced98c52df94..000000000000
--- a/crypto/openssl/crypto/rc4/rc4speed.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/* crypto/rc4/rc4speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/rc4.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	RC4_KEY sch;
-	double a,b,c,d;
-#ifndef SIGALRM
-	long ca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	RC4_set_key(&sch,16,key);
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			RC4(&sch,8,buf,buf);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/512;
-	cc=count*8/BUFSIZE+1;
-	printf("Doing RC4_set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing RC4_set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		RC4_set_key(&sch,16,key);
-		RC4_set_key(&sch,16,key);
-		RC4_set_key(&sch,16,key);
-		RC4_set_key(&sch,16,key);
-		}
-	d=Time_F(STOP);
-	printf("%ld RC4_set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing RC4 on %ld byte blocks for 10 seconds\n",BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing RC4 %ld times on %ld byte blocks\n",cc,BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		RC4(&sch,BUFSIZE,buf,buf);
-	d=Time_F(STOP);
-	printf("%ld RC4's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("RC4   bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
-
diff --git a/crypto/openssl/crypto/rc4/rc4test.c b/crypto/openssl/crypto/rc4/rc4test.c
deleted file mode 100644
index b9d8f2097536..000000000000
--- a/crypto/openssl/crypto/rc4/rc4test.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* crypto/rc4/rc4test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC4
-int main(int argc, char *argv[])
-{
-    printf("No RC4 support\n");
-    return(0);
-}
-#else
-#include <openssl/rc4.h>
-
-static unsigned char keys[7][30]={
-	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
-	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
-	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{4,0xef,0x01,0x23,0x45},
-	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
-	{4,0xef,0x01,0x23,0x45},
-	};
-
-static unsigned char data_len[7]={8,8,8,20,28,10};
-static unsigned char data[7][30]={
-	{0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	   0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	   0x00,0x00,0x00,0x00,0xff},
-	{0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
-	   0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
-	   0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
-	   0x12,0x34,0x56,0x78,0xff},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
-	{0},
-	};
-
-static unsigned char output[7][30]={
-	{0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00},
-	{0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00},
-	{0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00},
-	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,
-	 0xbd,0x61,0x5a,0x11,0x62,0xe1,0xc7,0xba,
-	 0x36,0xb6,0x78,0x58,0x00},
-	{0x66,0xa0,0x94,0x9f,0x8a,0xf7,0xd6,0x89,
-	 0x1f,0x7f,0x83,0x2b,0xa8,0x33,0xc0,0x0c,
-	 0x89,0x2e,0xbe,0x30,0x14,0x3c,0xe2,0x87,
-	 0x40,0x01,0x1e,0xcf,0x00},
-	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61,0x00},
-	{0},
-	};
-
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	int j;
-	unsigned char *p;
-	RC4_KEY key;
-	unsigned char buf[512],obuf[512];
-
-	for (i=0; i<512; i++) buf[i]=0x01;
-
-	for (i=0; i<6; i++)
-		{
-		RC4_set_key(&key,keys[i][0],&(keys[i][1]));
-		memset(obuf,0x00,sizeof(obuf));
-		RC4(&key,data_len[i],&(data[i][0]),obuf);
-		if (memcmp(obuf,output[i],data_len[i]+1) != 0)
-			{
-			printf("error calculating RC4\n");
-			printf("output:");
-			for (j=0; j<data_len[i]+1; j++)
-				printf(" %02x",obuf[j]);
-			printf("\n");
-			printf("expect:");
-			p= &(output[i][0]);
-			for (j=0; j<data_len[i]+1; j++)
-				printf(" %02x",*(p++));
-			printf("\n");
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		}
-	printf("test end processing ");
-	for (i=0; i<data_len[3]; i++)
-		{
-		RC4_set_key(&key,keys[3][0],&(keys[3][1]));
-		memset(obuf,0x00,sizeof(obuf));
-		RC4(&key,i,&(data[3][0]),obuf);
-		if ((memcmp(obuf,output[3],i) != 0) || (obuf[i] != 0))
-			{
-			printf("error in RC4 length processing\n");
-			printf("output:");
-			for (j=0; j<i+1; j++)
-				printf(" %02x",obuf[j]);
-			printf("\n");
-			printf("expect:");
-			p= &(output[3][0]);
-			for (j=0; j<i; j++)
-				printf(" %02x",*(p++));
-			printf(" 00\n");
-			err++;
-			}
-		else
-			{
-			printf(".");
-			fflush(stdout);
-			}
-		}
-	printf("done\n");
-	printf("test multi-call ");
-	for (i=0; i<data_len[3]; i++)
-		{
-		RC4_set_key(&key,keys[3][0],&(keys[3][1]));
-		memset(obuf,0x00,sizeof(obuf));
-		RC4(&key,i,&(data[3][0]),obuf);
-		RC4(&key,data_len[3]-i,&(data[3][i]),&(obuf[i]));
-		if (memcmp(obuf,output[3],data_len[3]+1) != 0)
-			{
-			printf("error in RC4 multi-call processing\n");
-			printf("output:");
-			for (j=0; j<data_len[3]+1; j++)
-				printf(" %02x",obuf[j]);
-			printf("\n");
-			printf("expect:");
-			p= &(output[3][0]);
-			for (j=0; j<data_len[3]+1; j++)
-				printf(" %02x",*(p++));
-			err++;
-			}
-		else
-			{
-			printf(".");
-			fflush(stdout);
-			}
-		}
-	printf("done\n");
-	EXIT(err);
-	return(0);
-	}
-#endif
diff --git a/crypto/openssl/crypto/rc4/rrc4.doc b/crypto/openssl/crypto/rc4/rrc4.doc
deleted file mode 100644
index 2f9a953c12f7..000000000000
--- a/crypto/openssl/crypto/rc4/rrc4.doc
+++ /dev/null
@@ -1,278 +0,0 @@
-Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
-Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
-From: sterndark@netcom.com (David Sterndark)
-Subject: RC4 Algorithm revealed.
-Message-ID: <sternCvKL4B.Hyy@netcom.com>
-Sender: sterndark@netcom.com 
-Organization: NETCOM On-line Communication Services (408 261-4700 guest)
-X-Newsreader: TIN [version 1.2 PL1]
-Date: Wed, 14 Sep 1994 06:35:31 GMT
-Lines: 263
-Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
-
-I am shocked,  shocked, I tell you,  shocked, to discover
-that the cypherpunks have illegaly and criminally revealed
-a crucial RSA trade secret and harmed the security of
-America by reverse engineering the RC4 algorithm and
-publishing it to the world.
- 
-On Saturday morning an anonymous cypherpunk wrote:
- 
- 
-   SUBJECT:  RC4 Source Code
- 
- 
-   I've tested this.  It is compatible with the RC4 object module
-   that comes in the various RSA toolkits.  
- 
-   /* rc4.h */
-   typedef struct rc4_key
-   {      
-        unsigned char state[256];       
-        unsigned char x;        
-        unsigned char y;
-   } rc4_key;
-   void prepare_key(unsigned char *key_data_ptr,int key_data_len,
-   rc4_key *key);
-   void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
-   
-   
-   /*rc4.c */
-   #include "rc4.h"
-   static void swap_byte(unsigned char *a, unsigned char *b);
-   void prepare_key(unsigned char *key_data_ptr, int key_data_len,
-   rc4_key *key)
-   {
-        unsigned char swapByte;
-        unsigned char index1;
-        unsigned char index2;
-        unsigned char* state;
-        short counter;     
-        
-        state = &key->state[0];         
-        for(counter = 0; counter < 256; counter++)              
-        state[counter] = counter;               
-        key->x = 0;     
-        key->y = 0;     
-        index1 = 0;     
-        index2 = 0;             
-        for(counter = 0; counter < 256; counter++)      
-        {               
-             index2 = (key_data_ptr[index1] + state[counter] +
-                index2) % 256;                
-             swap_byte(&state[counter], &state[index2]);            
-   
-             index1 = (index1 + 1) % key_data_len;  
-        }       
-    }
-    
-    void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
-    { 
-        unsigned char x;
-        unsigned char y;
-        unsigned char* state;
-        unsigned char xorIndex;
-        short counter;              
-        
-        x = key->x;     
-        y = key->y;     
-        
-        state = &key->state[0];         
-        for(counter = 0; counter < buffer_len; counter ++)      
-        {               
-             x = (x + 1) % 256;                      
-             y = (state[x] + y) % 256;               
-             swap_byte(&state[x], &state[y]);                        
-                  
-             xorIndex = (state[x] + state[y]) % 256;                 
-                  
-             buffer_ptr[counter] ^= state[xorIndex];         
-         }               
-         key->x = x;     
-         key->y = y;
-    }
-    
-    static void swap_byte(unsigned char *a, unsigned char *b)
-    {
-        unsigned char swapByte; 
-        
-        swapByte = *a; 
-        *a = *b;      
-        *b = swapByte;
-    }
- 
- 
- 
-Another cypherpunk, this one not anonymous, tested the
-output from this algorithm against the output from
-official RC4 object code
- 
- 
-   Date: Tue, 13 Sep 94 18:37:56 PDT
-   From: ekr@eit.COM (Eric Rescorla)
-   Message-Id: <9409140137.AA17743@eitech.eit.com>
-   Subject: RC4 compatibility testing
-   Cc: cypherpunks@toad.com
-   
-   One data point:
-   
-   I can't say anything about the internals of RC4 versus the
-   algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
-   since I don't know anything about RC4's internals. 
-   
-   However, I do have a (legitimately acquired) copy of BSAFE2 and
-   so I'm able to compare the output of this algorithm to the output
-   of genuine RC4 as found in BSAFE. I chose a set of test vectors
-   and ran them through both algorithms. The algorithms appear to
-   give identical results, at least with these key/plaintext pairs.
-   
-   I note that this is the algorithm _without_ Hal Finney's
-   proposed modification
-   
-   (see <199409130605.XAA24133@jobe.shell.portal.com>).
-   
-   The vectors I used (together with the ciphertext they produce)
-   follow at the end of this message.
-   
-   -Ekr
-   
-   Disclaimer: This posting does not reflect the opinions of EIT.
-   
-   --------------------results follow--------------
-   Test vector 0
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 
-   
-   Test vector 1
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 
-   
-   Test vector 2
-   Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a 
-   
-   Test vector 3
-   Key: 0xef 0x01 0x23 0x45 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 
-   
-   Test vector 4
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 
-   0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 
-   0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 
-   0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 
-   0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 
-   0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 
-   0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 
-   0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 
-   0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 
-   0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 
-   0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 
-   0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 
-   0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 
-   0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 
-   0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 
-   0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 
-   0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 
-   0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 
-   0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 
-   0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 
-   0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 
-   0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 
-   0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 
-   0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 
-   0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 
-   0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 
-   0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 
-   0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 
-   0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 
-   0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 
-   0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 
-   0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 
-   0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 
-   0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 
-   0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 
-   0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 
-   0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 
-   0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 
-   0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 
-   0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 
-   0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 
-   0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 
-   0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 
-   0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 
-   0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 
-   0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 
-   0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 
-   0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 
-   0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 
-   0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 
-   0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 
-   0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 
-   0xc0 
-   
-
-
--- 
- ---------------------------------------------------------------------
-We have the right to defend ourselves and our
-property, because of the kind of animals that we              James A. Donald
-are.  True law derives from this right, not from
-the arbitrary power of the omnipotent state.                jamesd@netcom.com
-
-
diff --git a/crypto/openssl/crypto/rc5/Makefile.save b/crypto/openssl/crypto/rc5/Makefile.save
deleted file mode 100644
index cf5d176859ba..000000000000
--- a/crypto/openssl/crypto/rc5/Makefile.save
+++ /dev/null
@@ -1,113 +0,0 @@
-#
-# SSLeay/crypto/rc5/Makefile
-#
-
-DIR=	rc5
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC5_ENC=		rc5_enc.o
-# or use
-#DES_ENC=	r586-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
-LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc5.h
-HEADER=	rc5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/r586-elf.o: asm/r586unix.cpp
-	$(CPP) -DELF -x c asm/r586unix.cpp | as -o asm/r586-elf.o
-
-# solaris
-asm/r586-sol.o: asm/r586unix.cpp
-	$(CC) -E -DSOL asm/r586unix.cpp | sed 's/^#.*//' > asm/r586-sol.s
-	as -o asm/r586-sol.o asm/r586-sol.s
-	rm -f asm/r586-sol.s
-
-# a.out
-asm/r586-out.o: asm/r586unix.cpp
-	$(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
-
-# bsdi
-asm/r586bsdi.o: asm/r586unix.cpp
-	$(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o
-
-asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/r586unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
-rc5_ecb.o: rc5_locl.h
-rc5_enc.o: ../../include/openssl/rc5.h rc5_locl.h
-rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h
-rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h
-rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h
diff --git a/crypto/openssl/crypto/rc5/Makefile.ssl b/crypto/openssl/crypto/rc5/Makefile.ssl
deleted file mode 100644
index 3ad665594686..000000000000
--- a/crypto/openssl/crypto/rc5/Makefile.ssl
+++ /dev/null
@@ -1,107 +0,0 @@
-#
-# SSLeay/crypto/rc5/Makefile
-#
-
-DIR=	rc5
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC5_ENC=		rc5_enc.o
-# or use
-#DES_ENC=	r586-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
-LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc5.h
-HEADER=	rc5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > r586-elf.s)
-
-# a.out
-asm/r586-out.o: asm/r586unix.cpp
-	$(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
-
-# bsdi
-asm/r586bsdi.o: asm/r586unix.cpp
-	$(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o
-
-asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
-rc5_ecb.o: rc5_ecb.c rc5_locl.h
-rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
-rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h rc5_skey.c
-rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c
-rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c
diff --git a/crypto/openssl/crypto/rc5/Makefile.uni b/crypto/openssl/crypto/rc5/Makefile.uni
deleted file mode 100644
index 4dc20c6fcfd5..000000000000
--- a/crypto/openssl/crypto/rc5/Makefile.uni
+++ /dev/null
@@ -1,73 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-
-DIR=    rc2
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-IDEA_ENC=rc2_cbc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc2test
-APPS=rc2speed
-
-LIB=librc2.a
-LIBSRC=rc2_skey.c rc2_ecb.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-LIBOBJ=rc2_skey.o rc2_ecb.o $(IDEA_ENC) rc2cfb64.o rc2ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc2.h
-HEADER= rc2_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/rc5/asm/rc5-586.pl b/crypto/openssl/crypto/rc5/asm/rc5-586.pl
deleted file mode 100644
index edff1d1e64af..000000000000
--- a/crypto/openssl/crypto/rc5/asm/rc5-586.pl
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"rc5-586.pl");
-
-$RC5_MAX_ROUNDS=16;
-$RC5_32_OFF=($RC5_MAX_ROUNDS+2)*4;
-$A="edi";
-$B="esi";
-$S="ebp";
-$tmp1="eax";
-$r="ebx";
-$tmpc="ecx";
-$tmp4="edx";
-
-&RC5_32_encrypt("RC5_32_encrypt",1);
-&RC5_32_encrypt("RC5_32_decrypt",0);
-&cbc("RC5_32_cbc_encrypt","RC5_32_encrypt","RC5_32_decrypt",0,4,5,3,-1,-1);
-&asm_finish();
-
-sub RC5_32_encrypt
-	{
-	local($name,$enc)=@_;
-
-	&function_begin_B($name,"");
-
-	&comment("");
-
-	&push("ebp");
-	 &push("esi");
-	&push("edi");
-	 &mov($tmp4,&wparam(0));
-	&mov($S,&wparam(1));
-
-	&comment("Load the 2 words");
-	 &mov($A,&DWP(0,$tmp4,"",0));
-	&mov($B,&DWP(4,$tmp4,"",0));
-
-	&push($r);
-	 &mov($r,	&DWP(0,$S,"",0));
-
-	# encrypting part
-
-	if ($enc)
-		{
-		 &add($A,	&DWP(4+0,$S,"",0));
-		&add($B,	&DWP(4+4,$S,"",0));
-
-		for ($i=0; $i<$RC5_MAX_ROUNDS; $i++)
-			{
-			 &xor($A,	$B);
-			&mov($tmp1,	&DWP(12+$i*8,$S,"",0));
-			 &mov($tmpc,	$B);
-			&rotl($A,	&LB("ecx"));
-			&add($A,	$tmp1);
-
-			 &xor($B,	$A);
-			&mov($tmp1,	&DWP(16+$i*8,$S,"",0));
-			 &mov($tmpc,	$A);
-			&rotl($B,	&LB("ecx"));
-			&add($B,	$tmp1);
-			if (($i == 7) || ($i == 11))
-				{
-			 &cmp($r,	$i+1);
-			&je(&label("rc5_exit"));
-				}
-			}
-		}
-	else
-		{
-		 &cmp($r,	12);
-		&je(&label("rc5_dec_12"));
-		 &cmp($r,	8);
-		&je(&label("rc5_dec_8"));
-		for ($i=$RC5_MAX_ROUNDS; $i > 0; $i--)
-			{
-			&set_label("rc5_dec_$i") if ($i == 12) || ($i == 8);
-			 &mov($tmp1,	&DWP($i*8+8,$S,"",0));
-			&sub($B,	$tmp1);
-			 &mov($tmpc,	$A);
-			&rotr($B,	&LB("ecx"));
-			&xor($B,	$A);
-
-			 &mov($tmp1,	&DWP($i*8+4,$S,"",0));
-			&sub($A,	$tmp1);
-			 &mov($tmpc,	$B);
-			&rotr($A,	&LB("ecx"));
-			&xor($A,	$B);
-			}
-		 &sub($B,	&DWP(4+4,$S,"",0));
-		&sub($A,	&DWP(4+0,$S,"",0));
-		}
-
-	&set_label("rc5_exit");
-	 &mov(&DWP(0,$tmp4,"",0),$A);
-	&mov(&DWP(4,$tmp4,"",0),$B);
-
-	 &pop("ebx");
-	&pop("edi");
-	 &pop("esi");
-	&pop("ebp");
-	 &ret();
-	&function_end_B($name);
-	}
-
-
diff --git a/crypto/openssl/crypto/rc5/rc5.h b/crypto/openssl/crypto/rc5/rc5.h
deleted file mode 100644
index 4adfd2db5ab1..000000000000
--- a/crypto/openssl/crypto/rc5/rc5.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/rc5/rc5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC5_H
-#define HEADER_RC5_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_RC5
-#error RC5 is disabled.
-#endif
-
-#define RC5_ENCRYPT	1
-#define RC5_DECRYPT	0
-
-/* 32 bit.  For Alpha, things may get weird */
-#define RC5_32_INT unsigned long
-
-#define RC5_32_BLOCK		8
-#define RC5_32_KEY_LENGTH	16 /* This is a default, max is 255 */
-
-/* This are the only values supported.  Tweak the code if you want more
- * The most supported modes will be
- * RC5-32/12/16
- * RC5-32/16/8
- */
-#define RC5_8_ROUNDS	8
-#define RC5_12_ROUNDS	12
-#define RC5_16_ROUNDS	16
-
-typedef struct rc5_key_st
-	{
-	/* Number of rounds */
-	int rounds;
-	RC5_32_INT data[2*(RC5_16_ROUNDS+1)];
-	} RC5_32_KEY;
-
- 
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
-	int rounds);
-void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key,
-	int enc);
-void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key);
-void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key);
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
-			long length, RC5_32_KEY *ks, unsigned char *iv,
-			int enc);
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			  long length, RC5_32_KEY *schedule,
-			  unsigned char *ivec, int *num, int enc);
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			  long length, RC5_32_KEY *schedule,
-			  unsigned char *ivec, int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/rc5/rc5_ecb.c b/crypto/openssl/crypto/rc5/rc5_ecb.c
deleted file mode 100644
index e72b535507c6..000000000000
--- a/crypto/openssl/crypto/rc5/rc5_ecb.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/rc5/rc5_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-#include <openssl/opensslv.h>
-
-const char RC5_version[]="RC5" OPENSSL_VERSION_PTEXT;
-
-void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
-			RC5_32_KEY *ks, int encrypt)
-	{
-	unsigned long l,d[2];
-
-	c2l(in,l); d[0]=l;
-	c2l(in,l); d[1]=l;
-	if (encrypt)
-		RC5_32_encrypt(d,ks);
-	else
-		RC5_32_decrypt(d,ks);
-	l=d[0]; l2c(l,out);
-	l=d[1]; l2c(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5_enc.c b/crypto/openssl/crypto/rc5/rc5_enc.c
deleted file mode 100644
index f327d32a7660..000000000000
--- a/crypto/openssl/crypto/rc5/rc5_enc.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* crypto/rc5/rc5_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
-			long length, RC5_32_KEY *ks, unsigned char *iv,
-			int encrypt)
-	{
-	register unsigned long tin0,tin1;
-	register unsigned long tout0,tout1,xor0,xor1;
-	register long l=length;
-	unsigned long tin[2];
-
-	if (encrypt)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC5_32_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC5_32_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC5_32_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC5_32_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-void RC5_32_encrypt(unsigned long *d, RC5_32_KEY *key)
-	{
-	RC5_32_INT a,b,*s;
-
-	s=key->data;
-
-	a=d[0]+s[0];
-	b=d[1]+s[1];
-	E_RC5_32(a,b,s, 2);
-	E_RC5_32(a,b,s, 4);
-	E_RC5_32(a,b,s, 6);
-	E_RC5_32(a,b,s, 8);
-	E_RC5_32(a,b,s,10);
-	E_RC5_32(a,b,s,12);
-	E_RC5_32(a,b,s,14);
-	E_RC5_32(a,b,s,16);
-	if (key->rounds == 12)
-		{
-		E_RC5_32(a,b,s,18);
-		E_RC5_32(a,b,s,20);
-		E_RC5_32(a,b,s,22);
-		E_RC5_32(a,b,s,24);
-		}
-	else if (key->rounds == 16)
-		{
-		/* Do a full expansion to avoid a jump */
-		E_RC5_32(a,b,s,18);
-		E_RC5_32(a,b,s,20);
-		E_RC5_32(a,b,s,22);
-		E_RC5_32(a,b,s,24);
-		E_RC5_32(a,b,s,26);
-		E_RC5_32(a,b,s,28);
-		E_RC5_32(a,b,s,30);
-		E_RC5_32(a,b,s,32);
-		}
-	d[0]=a;
-	d[1]=b;
-	}
-
-void RC5_32_decrypt(unsigned long *d, RC5_32_KEY *key)
-	{
-	RC5_32_INT a,b,*s;
-
-	s=key->data;
-
-	a=d[0];
-	b=d[1];
-	if (key->rounds == 16) 
-		{
-		D_RC5_32(a,b,s,32);
-		D_RC5_32(a,b,s,30);
-		D_RC5_32(a,b,s,28);
-		D_RC5_32(a,b,s,26);
-		/* Do a full expansion to avoid a jump */
-		D_RC5_32(a,b,s,24);
-		D_RC5_32(a,b,s,22);
-		D_RC5_32(a,b,s,20);
-		D_RC5_32(a,b,s,18);
-		}
-	else if (key->rounds == 12)
-		{
-		D_RC5_32(a,b,s,24);
-		D_RC5_32(a,b,s,22);
-		D_RC5_32(a,b,s,20);
-		D_RC5_32(a,b,s,18);
-		}
-	D_RC5_32(a,b,s,16);
-	D_RC5_32(a,b,s,14);
-	D_RC5_32(a,b,s,12);
-	D_RC5_32(a,b,s,10);
-	D_RC5_32(a,b,s, 8);
-	D_RC5_32(a,b,s, 6);
-	D_RC5_32(a,b,s, 4);
-	D_RC5_32(a,b,s, 2);
-	d[0]=a-s[0];
-	d[1]=b-s[1];
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5_locl.h b/crypto/openssl/crypto/rc5/rc5_locl.h
deleted file mode 100644
index f4ebc23004b8..000000000000
--- a/crypto/openssl/crypto/rc5/rc5_locl.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/rc5/rc5_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
-#define ROTATE_l32(a,n)     _lrotl(a,n)
-#define ROTATE_r32(a,n)     _lrotr(a,n)
-#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#  define ROTATE_l32(a,n)	({ register unsigned int ret;	\
-					asm ("roll %%cl,%0"	\
-						: "=r"(ret)	\
-						: "c"(n),"0"(a)	\
-						: "cc");	\
-					ret;			\
-				})
-#  define ROTATE_r32(a,n)	({ register unsigned int ret;	\
-					asm ("rorl %%cl,%0"	\
-						: "=r"(ret)	\
-						: "c"(n),"0"(a)	\
-						: "cc");	\
-					ret;			\
-				})
-# endif
-#endif
-#ifndef ROTATE_l32
-#define ROTATE_l32(a,n)     (((a)<<(n&0x1f))|(((a)&0xffffffff)>>(32-(n&0x1f))))
-#endif
-#ifndef ROTATE_r32
-#define ROTATE_r32(a,n)     (((a)<<(32-(n&0x1f)))|(((a)&0xffffffff)>>(n&0x1f)))
-#endif
-
-#define RC5_32_MASK	0xffffffffL
-
-#define RC5_16_P	0xB7E1
-#define RC5_16_Q	0x9E37
-#define RC5_32_P	0xB7E15163L
-#define RC5_32_Q	0x9E3779B9L
-#define RC5_64_P	0xB7E151628AED2A6BLL
-#define RC5_64_Q	0x9E3779B97F4A7C15LL
-
-#define E_RC5_32(a,b,s,n) \
-	a^=b; \
-	a=ROTATE_l32(a,b); \
-	a+=s[n]; \
-	a&=RC5_32_MASK; \
-	b^=a; \
-	b=ROTATE_l32(b,a); \
-	b+=s[n+1]; \
-	b&=RC5_32_MASK;
-
-#define D_RC5_32(a,b,s,n) \
-	b-=s[n+1]; \
-	b&=RC5_32_MASK; \
-	b=ROTATE_r32(b,a); \
-	b^=a; \
-	a-=s[n]; \
-	a&=RC5_32_MASK; \
-	a=ROTATE_r32(a,b); \
-	a^=b;
-
-
-
diff --git a/crypto/openssl/crypto/rc5/rc5_skey.c b/crypto/openssl/crypto/rc5/rc5_skey.c
deleted file mode 100644
index a2e00a41c550..000000000000
--- a/crypto/openssl/crypto/rc5/rc5_skey.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/rc5/rc5_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
-		    int rounds)
-	{
-	RC5_32_INT L[64],l,ll,A,B,*S,k;
-	int i,j,m,c,t,ii,jj;
-
-	if (	(rounds != RC5_16_ROUNDS) &&
-		(rounds != RC5_12_ROUNDS) &&
-		(rounds != RC5_8_ROUNDS))
-		rounds=RC5_16_ROUNDS;
-
-	key->rounds=rounds;
-	S= &(key->data[0]);
-	j=0;
-	for (i=0; i<=(len-8); i+=8)
-		{
-		c2l(data,l);
-		L[j++]=l;
-		c2l(data,l);
-		L[j++]=l;
-		}
-	ii=len-i;
-	if (ii)
-		{
-		k=len&0x07;
-		c2ln(data,l,ll,k);
-		L[j+0]=l;
-		L[j+1]=ll;
-		}
-
-	c=(len+3)/4;
-	t=(rounds+1)*2;
-	S[0]=RC5_32_P;
-	for (i=1; i<t; i++)
-		S[i]=(S[i-1]+RC5_32_Q)&RC5_32_MASK;
-
-	j=(t>c)?t:c;
-	j*=3;
-	ii=jj=0;
-	A=B=0;
-	for (i=0; i<j; i++)
-		{
-		k=(S[ii]+A+B)&RC5_32_MASK;
-		A=S[ii]=ROTATE_l32(k,3);
-		m=(int)(A+B);
-		k=(L[jj]+A+B)&RC5_32_MASK;
-		B=L[jj]=ROTATE_l32(k,m);
-		if (++ii >= t) ii=0;
-		if (++jj >= c) jj=0;
-		}
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5cfb64.c b/crypto/openssl/crypto/rc5/rc5cfb64.c
deleted file mode 100644
index 3a8b60bc7a87..000000000000
--- a/crypto/openssl/crypto/rc5/rc5cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/rc5/rc5cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			  long length, RC5_32_KEY *schedule,
-			  unsigned char *ivec, int *num, int encrypt)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned long ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC5_32_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC5_32_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5ofb64.c b/crypto/openssl/crypto/rc5/rc5ofb64.c
deleted file mode 100644
index d412215f3c33..000000000000
--- a/crypto/openssl/crypto/rc5/rc5ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/rc5/rc5ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			  long length, RC5_32_KEY *schedule,
-			  unsigned char *ivec, int *num)
-	{
-	register unsigned long v0,v1,t;
-	register int n= *num;
-	register long l=length;
-	unsigned char d[8];
-	register char *dp;
-	unsigned long ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			RC5_32_encrypt((unsigned long *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2c(t,dp);
-			t=ti[1]; l2c(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5s.cpp b/crypto/openssl/crypto/rc5/rc5s.cpp
deleted file mode 100644
index 1c5518bc8045..000000000000
--- a/crypto/openssl/crypto/rc5/rc5s.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rc5.h>
-
-void main(int argc,char *argv[])
-	{
-	RC5_32_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
-
-	RC5_32_set_key(&key, 16,d,12);
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(s1);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(e2);
-			RC5_32_encrypt(&data[0],&key);
-			}
-
-		printf("cast %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/crypto/rc5/rc5speed.c b/crypto/openssl/crypto/rc5/rc5speed.c
deleted file mode 100644
index 7d490d5b77fb..000000000000
--- a/crypto/openssl/crypto/rc5/rc5speed.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/* crypto/rc5/rc5speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-#define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-
-#include <signal.h>
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#include <openssl/rc5.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-#ifndef CLK_TCK
-#define HZ	100.0
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#define BUFSIZE	((long)1024)
-long run=0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-double Time_F(int s)
-	{
-	double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if (s == START)
-		{
-		times(&tstart);
-		return(0);
-		}
-	else
-		{
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if (s == START)
-		{
-		ftime(&tstart);
-		return(0);
-		}
-	else
-		{
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
-		return((ret == 0.0)?1e-6:ret);
-		}
-#endif
-	}
-
-int main(int argc, char **argv)
-	{
-	long count;
-	static unsigned char buf[BUFSIZE];
-	static unsigned char key[] ={
-			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
-			};
-	RC5_32_KEY sch;
-	double a,b,c,d;
-#ifndef SIGALRM
-	long ca,cb,cc;
-#endif
-
-#ifndef TIMES
-	printf("To get the most accurate results, try to run this\n");
-	printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-	printf("First we calculate the approximate speed ...\n");
-	RC5_32_set_key(&sch,16,key,12);
-	count=10;
-	do	{
-		long i;
-		unsigned long data[2];
-
-		count*=2;
-		Time_F(START);
-		for (i=count; i; i--)
-			RC5_32_encrypt(data,&sch);
-		d=Time_F(STOP);
-		} while (d < 3.0);
-	ca=count/512;
-	cb=count;
-	cc=count*8/BUFSIZE+1;
-	printf("Doing RC5_32_set_key %ld times\n",ca);
-#define COND(d)	(count != (d))
-#define COUNT(d) (d)
-#else
-#define COND(c)	(run)
-#define COUNT(d) (count)
-	signal(SIGALRM,sig_done);
-	printf("Doing RC5_32_set_key for 10 seconds\n");
-	alarm(10);
-#endif
-
-	Time_F(START);
-	for (count=0,run=1; COND(ca); count+=4)
-		{
-		RC5_32_set_key(&sch,16,key,12);
-		RC5_32_set_key(&sch,16,key,12);
-		RC5_32_set_key(&sch,16,key,12);
-		RC5_32_set_key(&sch,16,key,12);
-		}
-	d=Time_F(STOP);
-	printf("%ld RC5_32_set_key's in %.2f seconds\n",count,d);
-	a=((double)COUNT(ca))/d;
-
-#ifdef SIGALRM
-	printf("Doing RC5_32_encrypt's for 10 seconds\n");
-	alarm(10);
-#else
-	printf("Doing RC5_32_encrypt %ld times\n",cb);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cb); count+=4)
-		{
-		unsigned long data[2];
-
-		RC5_32_encrypt(data,&sch);
-		RC5_32_encrypt(data,&sch);
-		RC5_32_encrypt(data,&sch);
-		RC5_32_encrypt(data,&sch);
-		}
-	d=Time_F(STOP);
-	printf("%ld RC5_32_encrypt's in %.2f second\n",count,d);
-	b=((double)COUNT(cb)*8)/d;
-
-#ifdef SIGALRM
-	printf("Doing RC5_32_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-		BUFSIZE);
-	alarm(10);
-#else
-	printf("Doing RC5_32_cbc_encrypt %ld times on %ld byte blocks\n",cc,
-		BUFSIZE);
-#endif
-	Time_F(START);
-	for (count=0,run=1; COND(cc); count++)
-		RC5_32_cbc_encrypt(buf,buf,BUFSIZE,&sch,
-			&(key[0]),RC5_ENCRYPT);
-	d=Time_F(STOP);
-	printf("%ld RC5_32_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-		count,BUFSIZE,d);
-	c=((double)COUNT(cc)*BUFSIZE)/d;
-
-	printf("RC5_32/12/16 set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
-	printf("RC5_32/12/16 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
-	printf("RC5_32/12/16 cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
-	exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-	return(0);
-#endif
-	}
diff --git a/crypto/openssl/crypto/rc5/rc5test.c b/crypto/openssl/crypto/rc5/rc5test.c
deleted file mode 100644
index ce3d0cc16f32..000000000000
--- a/crypto/openssl/crypto/rc5/rc5test.c
+++ /dev/null
@@ -1,386 +0,0 @@
-/* crypto/rc5/rc5test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
- * RC5 modes, more of the code will be uncommented. */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RC5
-int main(int argc, char *argv[])
-{
-    printf("No RC5 support\n");
-    return(0);
-}
-#else
-#include <openssl/rc5.h>
-
-static unsigned char RC5key[5][16]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x91,0x5f,0x46,0x19,0xbe,0x41,0xb2,0x51,
-	 0x63,0x55,0xa5,0x01,0x10,0xa9,0xce,0x91},
-	{0x78,0x33,0x48,0xe7,0x5a,0xeb,0x0f,0x2f,
-	 0xd7,0xb1,0x69,0xbb,0x8d,0xc1,0x67,0x87},
-	{0xdc,0x49,0xdb,0x13,0x75,0xa5,0x58,0x4f,
-	 0x64,0x85,0xb4,0x13,0xb5,0xf1,0x2b,0xaf},
-	{0x52,0x69,0xf1,0x49,0xd4,0x1b,0xa0,0x15,
-	 0x24,0x97,0x57,0x4d,0x7f,0x15,0x31,0x25},
-	};
-
-static unsigned char RC5plain[5][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x21,0xA5,0xDB,0xEE,0x15,0x4B,0x8F,0x6D},
-	{0xF7,0xC0,0x13,0xAC,0x5B,0x2B,0x89,0x52},
-	{0x2F,0x42,0xB3,0xB7,0x03,0x69,0xFC,0x92},
-	{0x65,0xC1,0x78,0xB2,0x84,0xD1,0x97,0xCC},
-	};
-
-static unsigned char RC5cipher[5][8]={
-	{0x21,0xA5,0xDB,0xEE,0x15,0x4B,0x8F,0x6D},
-	{0xF7,0xC0,0x13,0xAC,0x5B,0x2B,0x89,0x52},
-	{0x2F,0x42,0xB3,0xB7,0x03,0x69,0xFC,0x92},
-	{0x65,0xC1,0x78,0xB2,0x84,0xD1,0x97,0xCC},
-	{0xEB,0x44,0xE4,0x15,0xDA,0x31,0x98,0x24},
-	};
-
-#define RC5_CBC_NUM 27
-static unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8]={
-	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1e},
-	{0x79,0x7b,0xba,0x4d,0x78,0x11,0x1d,0x1e},
-	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1f},
-	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1f},
-	{0x8b,0x9d,0xed,0x91,0xce,0x77,0x94,0xa6},
-	{0x2f,0x75,0x9f,0xe7,0xad,0x86,0xa3,0x78},
-	{0xdc,0xa2,0x69,0x4b,0xf4,0x0e,0x07,0x88},
-	{0xdc,0xa2,0x69,0x4b,0xf4,0x0e,0x07,0x88},
-	{0xdc,0xfe,0x09,0x85,0x77,0xec,0xa5,0xff},
-	{0x96,0x46,0xfb,0x77,0x63,0x8f,0x9c,0xa8},
-	{0xb2,0xb3,0x20,0x9d,0xb6,0x59,0x4d,0xa4},
-	{0x54,0x5f,0x7f,0x32,0xa5,0xfc,0x38,0x36},
-	{0x82,0x85,0xe7,0xc1,0xb5,0xbc,0x74,0x02},
-	{0xfc,0x58,0x6f,0x92,0xf7,0x08,0x09,0x34},
-	{0xcf,0x27,0x0e,0xf9,0x71,0x7f,0xf7,0xc4},
-	{0xe4,0x93,0xf1,0xc1,0xbb,0x4d,0x6e,0x8c},
-	{0x5c,0x4c,0x04,0x1e,0x0f,0x21,0x7a,0xc3},
-	{0x92,0x1f,0x12,0x48,0x53,0x73,0xb4,0xf7},
-	{0x5b,0xa0,0xca,0x6b,0xbe,0x7f,0x5f,0xad},
-	{0xc5,0x33,0x77,0x1c,0xd0,0x11,0x0e,0x63},
-	{0x29,0x4d,0xdb,0x46,0xb3,0x27,0x8d,0x60},
-	{0xda,0xd6,0xbd,0xa9,0xdf,0xe8,0xf7,0xe8},
-	{0x97,0xe0,0x78,0x78,0x37,0xed,0x31,0x7f},
-	{0x78,0x75,0xdb,0xf6,0x73,0x8c,0x64,0x78},
-	{0x8f,0x34,0xc3,0xc6,0x81,0xc9,0x96,0x95},
-	{0x7c,0xb3,0xf1,0xdf,0x34,0xf9,0x48,0x11},
-	{0x7f,0xd1,0xa0,0x23,0xa5,0xbb,0xa2,0x17},
-	};
-
-static unsigned char rc5_cbc_key[RC5_CBC_NUM][17]={
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x11},
-	{ 1,0x00},
-	{ 4,0x00,0x00,0x00,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 1,0x00},
-	{ 4,0x01,0x02,0x03,0x04},
-	{ 4,0x01,0x02,0x03,0x04},
-	{ 4,0x01,0x02,0x03,0x04},
-	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
-	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
-	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
-	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{ 5,0x01,0x02,0x03,0x04,0x05},
-	{ 5,0x01,0x02,0x03,0x04,0x05},
-	{ 5,0x01,0x02,0x03,0x04,0x05},
-	{ 5,0x01,0x02,0x03,0x04,0x05},
-	{ 5,0x01,0x02,0x03,0x04,0x05},
-	};
-
-static unsigned char rc5_cbc_plain[RC5_CBC_NUM][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
-	{0x08,0x08,0x08,0x08,0x08,0x08,0x08,0x08},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x01},
-	};
-
-static int rc5_cbc_rounds[RC5_CBC_NUM]={
-	 0, 0, 0, 0, 0, 1, 2, 2,
-	 8, 8,12,16, 8,12,16,12,
-	 8,12,16, 8,12,16,12, 8,
-	 8, 8, 8,
-	};
-
-static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8]={
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x78,0x75,0xdb,0xf6,0x73,0x8c,0x64,0x78},
-	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{0x7c,0xb3,0xf1,0xdf,0x34,0xf9,0x48,0x11},
-	};
-
-int main(int argc, char *argv[])
-	{
-	int i,n,err=0;
-	RC5_32_KEY key; 
-	unsigned char buf[8],buf2[8],ivb[8];
-
-	for (n=0; n<5; n++)
-		{
-		RC5_32_set_key(&key,16,&(RC5key[n][0]),12);
-
-		RC5_32_ecb_encrypt(&(RC5plain[n][0]),buf,&key,RC5_ENCRYPT);
-		if (memcmp(&(RC5cipher[n][0]),buf,8) != 0)
-			{
-			printf("ecb RC5 error encrypting (%d)\n",n+1);
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",RC5cipher[n][i]);
-			err=20;
-			printf("\n");
-			}
-
-		RC5_32_ecb_encrypt(buf,buf2,&key,RC5_DECRYPT);
-		if (memcmp(&(RC5plain[n][0]),buf2,8) != 0)
-			{
-			printf("ecb RC5 error decrypting (%d)\n",n+1);
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf2[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",RC5plain[n][i]);
-			printf("\n");
-			err=3;
-			}
-		}
-	if (err == 0) printf("ecb RC5 ok\n");
-
-	for (n=0; n<RC5_CBC_NUM; n++)
-		{
-		i=rc5_cbc_rounds[n];
-		if (i < 8) continue;
-
-		RC5_32_set_key(&key,rc5_cbc_key[n][0],&(rc5_cbc_key[n][1]),i);
-
-		memcpy(ivb,&(rc5_cbc_iv[n][0]),8);
-		RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]),buf,8,
-			&key,&(ivb[0]),RC5_ENCRYPT);
-
-		if (memcmp(&(rc5_cbc_cipher[n][0]),buf,8) != 0)
-			{
-			printf("cbc RC5 error encrypting (%d)\n",n+1);
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",rc5_cbc_cipher[n][i]);
-			err=30;
-			printf("\n");
-			}
-
-		memcpy(ivb,&(rc5_cbc_iv[n][0]),8);
-		RC5_32_cbc_encrypt(buf,buf2,8,
-			&key,&(ivb[0]),RC5_DECRYPT);
-		if (memcmp(&(rc5_cbc_plain[n][0]),buf2,8) != 0)
-			{
-			printf("cbc RC5 error decrypting (%d)\n",n+1);
-			printf("got     :");
-			for (i=0; i<8; i++)
-				printf("%02X ",buf2[i]);
-			printf("\n");
-			printf("expected:");
-			for (i=0; i<8; i++)
-				printf("%02X ",rc5_cbc_plain[n][i]);
-			printf("\n");
-			err=3;
-			}
-		}
-	if (err == 0) printf("cbc RC5 ok\n");
-
-	EXIT(err);
-	return(err);
-	}
-
-#ifdef undef
-static int cfb64_test(unsigned char *cfb_cipher)
-        {
-        IDEA_KEY_SCHEDULE eks,dks;
-        int err=0,i,n;
-
-        idea_set_encrypt_key(cfb_key,&eks);
-        idea_set_decrypt_key(&eks,&dks);
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
-                (long)CFB_TEST_SIZE-12,&eks,
-                cfb_tmp,&n,IDEA_ENCRYPT);
-        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb64_encrypt encrypt error\n");
-                for (i=0; i<CFB_TEST_SIZE; i+=8)
-                        printf("%s\n",pt(&(cfb_buf1[i])));
-                }
-        memcpy(cfb_tmp,cfb_iv,8);
-        n=0;
-        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
-                (long)CFB_TEST_SIZE-17,&dks,
-                cfb_tmp,&n,IDEA_DECRYPT);
-        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
-                {
-                err=1;
-                printf("idea_cfb_encrypt decrypt error\n");
-                for (i=0; i<24; i+=8)
-                        printf("%s\n",pt(&(cfb_buf2[i])));
-                }
-        return(err);
-        }
-
-static char *pt(unsigned char *p)
-	{
-	static char bufs[10][20];
-	static int bnum=0;
-	char *ret;
-	int i;
-	static char *f="0123456789ABCDEF";
-
-	ret= &(bufs[bnum++][0]);
-	bnum%=10;
-	for (i=0; i<8; i++)
-		{
-		ret[i*2]=f[(p[i]>>4)&0xf];
-		ret[i*2+1]=f[p[i]&0xf];
-		}
-	ret[16]='\0';
-	return(ret);
-	}
-	
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ripemd/Makefile.save b/crypto/openssl/crypto/ripemd/Makefile.save
deleted file mode 100644
index 0b1cd7394132..000000000000
--- a/crypto/openssl/crypto/ripemd/Makefile.save
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# SSLeay/crypto/ripemd/Makefile
-#
-
-DIR=    ripemd
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-RIP_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rmdtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rmd_dgst.c rmd_one.c
-LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ripemd.h
-HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/rm86-elf.o: asm/rm86unix.cpp
-	$(CPP) -DELF -x c asm/rm86unix.cpp | as -o asm/rm86-elf.o
-
-# solaris
-asm/rm86-sol.o: asm/rm86unix.cpp
-	$(CC) -E -DSOL asm/rm86unix.cpp | sed 's/^#.*//' > asm/rm86-sol.s
-	as -o asm/rm86-sol.o asm/rm86-sol.s
-	rm -f asm/rm86-sol.s
-
-# a.out
-asm/rm86-out.o: asm/rm86unix.cpp
-	$(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
-
-# bsdi
-asm/rm86bsdi.o: asm/rm86unix.cpp
-	$(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o
-
-asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/rm86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rmd_dgst.o: ../../include/openssl/opensslconf.h
-rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
-rmd_dgst.o: ../md32_common.h rmd_locl.h rmdconst.h
-rmd_one.o: ../../include/openssl/ripemd.h
diff --git a/crypto/openssl/crypto/ripemd/Makefile.ssl b/crypto/openssl/crypto/ripemd/Makefile.ssl
deleted file mode 100644
index 3583dfdcaf32..000000000000
--- a/crypto/openssl/crypto/ripemd/Makefile.ssl
+++ /dev/null
@@ -1,107 +0,0 @@
-#
-# SSLeay/crypto/ripemd/Makefile
-#
-
-DIR=    ripemd
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-RIP_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rmdtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rmd_dgst.c rmd_one.c
-LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ripemd.h
-HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s)
-
-# a.out
-asm/rm86-out.o: asm/rm86unix.cpp
-	$(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
-
-# bsdi
-asm/rm86bsdi.o: asm/rm86unix.cpp
-	$(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o
-
-asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
-rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
-rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
-rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rmd_one.o: rmd_one.c
diff --git a/crypto/openssl/crypto/ripemd/Makefile.uni b/crypto/openssl/crypto/ripemd/Makefile.uni
deleted file mode 100644
index 5310020eb11a..000000000000
--- a/crypto/openssl/crypto/ripemd/Makefile.uni
+++ /dev/null
@@ -1,109 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=    md5
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-
-MD5_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md5test
-APPS=md5
-
-LIB=libmd5.a
-LIBSRC=md5_dgst.c md5_one.c
-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-# elf
-asm/mx86-elf.o: asm/mx86unix.cpp
-	$(CPP) -DELF asm/mx86unix.cpp | as -o asm/mx86-elf.o
-
-# solaris
-asm/mx86-sol.o: asm/mx86unix.cpp
-	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
-	as -o asm/mx86-sol.o asm/mx86-sol.s
-	rm -f asm/mx86-sol.s
-
-# a.out
-asm/mx86-out.o: asm/mx86unix.cpp
-	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
-
-# bsdi
-asm/mx86bsdi.o: asm/mx86unix.cpp
-	$(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o
-
-asm/mx86unix.cpp:
-	(cd asm; perl md5-586.pl cpp >mx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APPS): $(APPS).c $(LIB)
-	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) MD5_ASM_OBJ="" CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) MD5_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-x86-elf:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-elf.o" CFLAG="-DELF -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-out:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-out.o" CFLAG="-DOUT -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-solaris:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-sol.o" CFLAG="-DSOL -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-bdsi:
-	$(MAKE) MD5_ASM_OBJ="asm/mx86-bdsi.o" CFLAG="-DBDSI -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/ripemd/README b/crypto/openssl/crypto/ripemd/README
deleted file mode 100644
index 70977072649e..000000000000
--- a/crypto/openssl/crypto/ripemd/README
+++ /dev/null
@@ -1,15 +0,0 @@
-RIPEMD-160
-http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
-
-This is my implementation of RIPEMD-160.  The pentium assember is a little
-off the pace since I only get 1050 cycles, while the best is 1013.
-I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now.  I belive the trick will be
-to remove my 'copy X array onto stack' until inside the RIP1() finctions the
-first time round.  To do this I need another register and will only have one
-temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
-after the first half of the calculation.  I should read the origional
-value, add then write.  Currently I just save the new and read the origioal.
-I then read both at the end.  Bad.
-
-eric (20-Jan-1998)
diff --git a/crypto/openssl/crypto/ripemd/asm/rips.cpp b/crypto/openssl/crypto/ripemd/asm/rips.cpp
deleted file mode 100644
index f7a13677a921..000000000000
--- a/crypto/openssl/crypto/ripemd/asm/rips.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/ripemd.h>
-
-#define ripemd160_block_x86 ripemd160_block_asm_host_order
-
-extern "C" {
-void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	RIPEMD160_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-#if 0
-	num*=64;
-	numm*=64;
-#endif
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			ripemd160_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			ripemd160_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			ripemd160_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			ripemd160_block_x86(&ctx,buffer,num);
-			}
-		printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num*64,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/crypto/ripemd/asm/rmd-586.pl b/crypto/openssl/crypto/ripemd/asm/rmd-586.pl
deleted file mode 100644
index 0ab6f76bfffb..000000000000
--- a/crypto/openssl/crypto/ripemd/asm/rmd-586.pl
+++ /dev/null
@@ -1,590 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="ecx";
-$B="esi";
-$C="edi";
-$D="ebx";
-$E="ebp";
-$tmp1="eax";
-$tmp2="edx";
-
-$KL1=0x5A827999;
-$KL2=0x6ED9EBA1;
-$KL3=0x8F1BBCDC;
-$KL4=0xA953FD4E;
-$KR0=0x50A28BE6;
-$KR1=0x5C4DD124; 
-$KR2=0x6D703EF3;
-$KR3=0x7A6D76E9;
-
-
-@wl=(	 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
-	 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
-	 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
-	 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
-	 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
-	 );
-
-@wr=(	 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
-	 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
-	15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
-	 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
-	12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
-	);
-
-@sl=(	11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
-	 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
-	11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
-	11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
-	 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
-	 );
-
-@sr=(	 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
-	 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
-	 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
-	15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
-	 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
- 	);
-
-&ripemd160_block("ripemd160_block_asm_host_order");
-&asm_finish();
-
-sub Xv
-	{
-	local($n)=@_;
-	return(&swtmp($n));
-	# tmp on stack
-	}
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
-	return($n{$p});
-	}
-
-sub RIP1
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-	 #&mov($tmp1,	$c) if $o == -1;
-	&xor($tmp1,	$d) if $o == -1;
-	 &mov($tmp2,	&Xv($pos));
-	&xor($tmp1,	$b);
-	 &add($a,	$tmp2);
-	&rotl($c,	10);
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($c));	# NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &xor($tmp1,	$d);
-	&mov($tmp2,	&Xv($pos));
-	 &xor($tmp1,	$b);
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($c)) if $o <= 0;
-	 &mov($tmp1,	-1) if $o == 1;
-	 # XXX if $o == 2;
-	&rotl($c,	10);
-	&add($a,	$tmp2);
-	 &xor($tmp1,	&Np($d)) if $o <= 0;
-	 &mov($tmp2,	&Xv($pos2)) if $o == 1;
-	 &mov($tmp2,	&wparam(0)) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP2
-	{
-	local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
-
-# XXXXXX
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	&Xv($pos)) if $o < -1;
-#	&mov($tmp1,	-1) if $o < -1;
-
-	 &add($a,	$tmp2);
-	&mov($tmp2,	$c);
-	 &sub($tmp1,	$b);
-	&and($tmp2,	$b);
-	 &and($tmp1,	$d);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &mov($tmp2,	-1) if $o <= 0;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 # XXX
-	 &add($a,	$tmp1);
-	&mov($tmp1,	$c);
-	 &sub($tmp2,	$b);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$d);
-	if ($o != 2)
-		{
-	&or($tmp1,	$tmp2);
-	 &mov($tmp2,	&Xv($pos2)) if $o <= 0;
-	 &mov($tmp2,	-1) if $o == 1;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &mov($tmp1,	-1) if $o <= 0;
-	 &sub($tmp2,	&Np($c)) if $o == 1;
-		} else {
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Np($c));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &xor($tmp1,	&Np($d));
-		}
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP3
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	-1) if $o < -1;
-#	&sub($tmp2,	$c) if $o < -1;
-	 &mov($tmp1,	&Xv($pos));
-	&or($tmp2,	$b);
-	 &add($a,	$tmp1);
-	&xor($tmp2,	$d);
-	 &mov($tmp1,	-1) if $o <= 0;		# NEXT
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &sub($tmp1,	&Np($c)) if $o <= 0;	# NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &mov($tmp2,	&Xv($pos));
-	&or($tmp1,	$b);
-	 &add($a,	$tmp2);
-	&xor($tmp1,	$d);
-	 &mov($tmp2,	-1) if $o <= 0;		# NEXT
-	 &mov($tmp2,	-1) if $o == 1;
-	 &mov($tmp2,	&Xv($pos2)) if $o == 2;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &sub($tmp2,	&Np($c)) if $o <= 0;	# NEXT
-	 &mov($tmp1,	&Np($d)) if $o == 1;
-	 &mov($tmp1,	-1) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP4
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	-1) if $o == -2;
-#	&mov($tmp1,	$d) if $o == -2;
-	 &sub($tmp2,	$d);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$c);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2));
-	 &mov($tmp2,	-1) unless $o > 0;	# NEXT
-	 # XXX
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($d)) unless $o > 0; # NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &sub($tmp2,	$d);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$c);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2));
-	 &mov($tmp2,	-1) if $o == 0;	# NEXT
-	 &mov($tmp2,	-1) if $o == 1;
-	 &mov($tmp2,	-1) if $o == 2;
-	 # XXX
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($d)) if $o == 0;	# NEXT
-	 &sub($tmp2,	&Np($d)) if $o == 1;
-	 &sub($tmp2,	&Np($c)) if $o == 2;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP5
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-	 &mov($tmp2,	-1) if $o == -2;
-	&sub($tmp2,	$d) if $o == -2;
-	 &mov($tmp1,	&Xv($pos));
-	&or($tmp2,	$c);
-	 &add($a,	$tmp1);
-	&xor($tmp2,	$b);
-	 &mov($tmp1,	-1) if $o <= 0;
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &sub($tmp1,	&Np($d)) if $o <= 0;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &mov($tmp2,	&Xv($pos));
-	&or($tmp1,	$c);
-	 &add($a,	$tmp2);
-	&xor($tmp1,	$b);
-	 &mov($tmp2,	-1) if $o <= 0;
-	 &mov($tmp2,	&wparam(0)) if $o == 1;	# Middle code
-	 &mov($tmp2,	-1) if $o == 2;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &sub($tmp2,	&Np($d)) if $o <= 0;
-	 &mov(&swtmp(16),	$A) if $o == 1;
-	 &mov($tmp1,	&Np($d)) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub ripemd160_block
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"",3);
-
-	# parameter 1 is the RIPEMD160_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov($tmp2,	&wparam(0));
-	 &mov($tmp1,	&wparam(1));
-	&push("esi");
-	 &mov($A,	&DWP( 0,$tmp2,"",0));
-	&push("edi");
-	 &mov($B,	&DWP( 4,$tmp2,"",0));
-	&push("ebp");
-	 &mov($C,	&DWP( 8,$tmp2,"",0));
-	&push("ebx");
-	 &stack_push(16+5+6);
-			  # Special comment about the figure of 6.
-			  # Idea is to pad the current frame so
-			  # that the top of the stack gets fairly
-			  # aligned. Well, as you realize it would
-			  # always depend on how the frame below is
-			  # aligned. The good news are that gcc-2.95
-			  # and later does keep first argument at
-			  # least double-wise aligned.
-			  #			<appro@fy.chalmers.se>
-
-	&set_label("start") unless $normal;
-	&comment("");
-
-	# &mov($tmp1,	&wparam(1)); # Done at end of loop
-	# &mov($tmp2,	&wparam(0)); # Done at end of loop
-
-	for ($z=0; $z<16; $z+=2)
-		{
-		&mov($D,		&DWP( $z*4,$tmp1,"",0));
-		 &mov($E,		&DWP( ($z+1)*4,$tmp1,"",0));
-		&mov(&swtmp($z),	$D);
-		 &mov(&swtmp($z+1),	$E);
-		}
-	&mov($tmp1,	$C);
-	 &mov($D,	&DWP(12,$tmp2,"",0));
-	&mov($E,	&DWP(16,$tmp2,"",0));
-
-	&RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
-	&RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
-	&RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
-	&RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
-
-	&RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
-	&RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
-	&RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
-	&RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
-
-	&RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
-	&RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
-	&RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
-	&RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
-
-	&RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
-	&RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
-	&RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
-	&RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
-
-	&RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
-	&RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
-	&RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
-	&RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
-
-	# &mov($tmp2,	&wparam(0)); # moved into last RIP5
-	# &mov(&swtmp(16),	$A);
-	 &mov($A,	&DWP( 0,$tmp2,"",0));
-	&mov(&swtmp(16+1),	$B);
-	 &mov(&swtmp(16+2),	$C);
-	&mov($B,	&DWP( 4,$tmp2,"",0));
-	 &mov(&swtmp(16+3),	$D);
-	&mov($C,	&DWP( 8,$tmp2,"",0));
-	 &mov(&swtmp(16+4),	$E);
-	&mov($D,	&DWP(12,$tmp2,"",0));
-	 &mov($E,	&DWP(16,$tmp2,"",0));
-
-	&RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
-	&RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
-	&RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
-	&RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
-
-	&RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
-	&RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
-	&RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
-	&RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
-
-	&RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
-	&RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
-	&RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
-	&RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
-
-	&RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
-	&RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
-	&RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
-	&RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
-
-	&RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
-	&RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
-	&RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
-	&RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
-
-	# &mov($tmp2,	&wparam(0)); # Moved into last round
-
-	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));	# ctx->B
- 	&add($D,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+2));		# $c
-	&add($D,	$tmp1);
-
-	 &mov($tmp1,	&DWP( 8,$tmp2,"",0));	# ctx->C
-	&add($E,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+3));		# $d
-	&add($E,	$tmp1);
-
-	 &mov($tmp1,	&DWP(12,$tmp2,"",0));	# ctx->D
-	&add($A,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+4));		# $e
-	&add($A,	$tmp1);
-
-
-	 &mov($tmp1,	&DWP(16,$tmp2,"",0));	# ctx->E
-	&add($B,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+0));		# $a
-	&add($B,	$tmp1);
-
-	 &mov($tmp1,	&DWP( 0,$tmp2,"",0));	# ctx->A
-	&add($C,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+1));		# $b
-	&add($C,	$tmp1);
-
-	 &mov($tmp1,	&wparam(2));
-
-	&mov(&DWP( 0,$tmp2,"",0),	$D);
-	 &mov(&DWP( 4,$tmp2,"",0),	$E);
-	&mov(&DWP( 8,$tmp2,"",0),	$A);
-	 &sub($tmp1,1);
-	&mov(&DWP(12,$tmp2,"",0),	$B);
-	 &mov(&DWP(16,$tmp2,"",0),	$C);
-
-	&jle(&label("get_out"));
-
-	&mov(&wparam(2),$tmp1);
-	 &mov($C,	$A);
-	&mov($tmp1,	&wparam(1));
-	 &mov($A,	$D);
-	&add($tmp1,	64);
-	 &mov($B,	$E);
-	&mov(&wparam(1),$tmp1);
-
-	&jmp(&label("start"));
-
-	&set_label("get_out");
-
-	&stack_pop(16+5+6);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
diff --git a/crypto/openssl/crypto/ripemd/ripemd.h b/crypto/openssl/crypto/ripemd/ripemd.h
deleted file mode 100644
index 78d5f365605b..000000000000
--- a/crypto/openssl/crypto/ripemd/ripemd.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/ripemd/ripemd.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RIPEMD_H
-#define HEADER_RIPEMD_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_RIPEMD
-#error RIPEMD is disabled.
-#endif
-
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define RIPEMD160_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define RIPEMD160_LONG unsigned long
-#define RIPEMD160_LONG_LOG2 3
-#else
-#define RIPEMD160_LONG unsigned int
-#endif
-
-#define RIPEMD160_CBLOCK	64
-#define RIPEMD160_LBLOCK	(RIPEMD160_CBLOCK/4)
-#define RIPEMD160_DIGEST_LENGTH	20
-
-typedef struct RIPEMD160state_st
-	{
-	RIPEMD160_LONG A,B,C,D,E;
-	RIPEMD160_LONG Nl,Nh;
-	RIPEMD160_LONG data[RIPEMD160_LBLOCK];
-	int num;
-	} RIPEMD160_CTX;
-
-int RIPEMD160_Init(RIPEMD160_CTX *c);
-int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
-int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
-	unsigned char *md);
-void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/ripemd/rmd160.c b/crypto/openssl/crypto/ripemd/rmd160.c
deleted file mode 100644
index b0ec57449890..000000000000
--- a/crypto/openssl/crypto/ripemd/rmd160.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/ripemd/rmd160.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/ripemd.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("RIPEMD160(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	RIPEMD160_CTX c;
-	unsigned char md[RIPEMD160_DIGEST_LENGTH];
-	int fd;
-	int i;
-	static unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	RIPEMD160_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,BUFSIZE);
-		if (i <= 0) break;
-		RIPEMD160_Update(&c,buf,(unsigned long)i);
-		}
-	RIPEMD160_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
-
diff --git a/crypto/openssl/crypto/ripemd/rmd_dgst.c b/crypto/openssl/crypto/ripemd/rmd_dgst.c
deleted file mode 100644
index f351f00eea0e..000000000000
--- a/crypto/openssl/crypto/ripemd/rmd_dgst.c
+++ /dev/null
@@ -1,494 +0,0 @@
-/* crypto/ripemd/rmd_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "rmd_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
-
-#  ifdef RMD160_ASM
-     void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num);
-#    define ripemd160_block ripemd160_block_x86
-#  else
-     void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
-#  endif
-
-int RIPEMD160_Init(RIPEMD160_CTX *c)
-	{
-	c->A=RIPEMD160_A;
-	c->B=RIPEMD160_B;
-	c->C=RIPEMD160_C;
-	c->D=RIPEMD160_D;
-	c->E=RIPEMD160_E;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
-	return 1;
-	}
-
-#ifndef ripemd160_block_host_order
-#ifdef X
-#undef X
-#endif
-#define X(i)	XX[i]
-void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num)
-	{
-	const RIPEMD160_LONG *XX=p;
-	register unsigned MD32_REG_T A,B,C,D,E;
-	register unsigned MD32_REG_T a,b,c,d,e;
-
-	for (;num--;XX+=HASH_LBLOCK)
-		{
-
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP1(A,B,C,D,E,WL00,SL00);
-	RIP1(E,A,B,C,D,WL01,SL01);
-	RIP1(D,E,A,B,C,WL02,SL02);
-	RIP1(C,D,E,A,B,WL03,SL03);
-	RIP1(B,C,D,E,A,WL04,SL04);
-	RIP1(A,B,C,D,E,WL05,SL05);
-	RIP1(E,A,B,C,D,WL06,SL06);
-	RIP1(D,E,A,B,C,WL07,SL07);
-	RIP1(C,D,E,A,B,WL08,SL08);
-	RIP1(B,C,D,E,A,WL09,SL09);
-	RIP1(A,B,C,D,E,WL10,SL10);
-	RIP1(E,A,B,C,D,WL11,SL11);
-	RIP1(D,E,A,B,C,WL12,SL12);
-	RIP1(C,D,E,A,B,WL13,SL13);
-	RIP1(B,C,D,E,A,WL14,SL14);
-	RIP1(A,B,C,D,E,WL15,SL15);
-
-	RIP2(E,A,B,C,D,WL16,SL16,KL1);
-	RIP2(D,E,A,B,C,WL17,SL17,KL1);
-	RIP2(C,D,E,A,B,WL18,SL18,KL1);
-	RIP2(B,C,D,E,A,WL19,SL19,KL1);
-	RIP2(A,B,C,D,E,WL20,SL20,KL1);
-	RIP2(E,A,B,C,D,WL21,SL21,KL1);
-	RIP2(D,E,A,B,C,WL22,SL22,KL1);
-	RIP2(C,D,E,A,B,WL23,SL23,KL1);
-	RIP2(B,C,D,E,A,WL24,SL24,KL1);
-	RIP2(A,B,C,D,E,WL25,SL25,KL1);
-	RIP2(E,A,B,C,D,WL26,SL26,KL1);
-	RIP2(D,E,A,B,C,WL27,SL27,KL1);
-	RIP2(C,D,E,A,B,WL28,SL28,KL1);
-	RIP2(B,C,D,E,A,WL29,SL29,KL1);
-	RIP2(A,B,C,D,E,WL30,SL30,KL1);
-	RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
-	RIP3(D,E,A,B,C,WL32,SL32,KL2);
-	RIP3(C,D,E,A,B,WL33,SL33,KL2);
-	RIP3(B,C,D,E,A,WL34,SL34,KL2);
-	RIP3(A,B,C,D,E,WL35,SL35,KL2);
-	RIP3(E,A,B,C,D,WL36,SL36,KL2);
-	RIP3(D,E,A,B,C,WL37,SL37,KL2);
-	RIP3(C,D,E,A,B,WL38,SL38,KL2);
-	RIP3(B,C,D,E,A,WL39,SL39,KL2);
-	RIP3(A,B,C,D,E,WL40,SL40,KL2);
-	RIP3(E,A,B,C,D,WL41,SL41,KL2);
-	RIP3(D,E,A,B,C,WL42,SL42,KL2);
-	RIP3(C,D,E,A,B,WL43,SL43,KL2);
-	RIP3(B,C,D,E,A,WL44,SL44,KL2);
-	RIP3(A,B,C,D,E,WL45,SL45,KL2);
-	RIP3(E,A,B,C,D,WL46,SL46,KL2);
-	RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
-	RIP4(C,D,E,A,B,WL48,SL48,KL3);
-	RIP4(B,C,D,E,A,WL49,SL49,KL3);
-	RIP4(A,B,C,D,E,WL50,SL50,KL3);
-	RIP4(E,A,B,C,D,WL51,SL51,KL3);
-	RIP4(D,E,A,B,C,WL52,SL52,KL3);
-	RIP4(C,D,E,A,B,WL53,SL53,KL3);
-	RIP4(B,C,D,E,A,WL54,SL54,KL3);
-	RIP4(A,B,C,D,E,WL55,SL55,KL3);
-	RIP4(E,A,B,C,D,WL56,SL56,KL3);
-	RIP4(D,E,A,B,C,WL57,SL57,KL3);
-	RIP4(C,D,E,A,B,WL58,SL58,KL3);
-	RIP4(B,C,D,E,A,WL59,SL59,KL3);
-	RIP4(A,B,C,D,E,WL60,SL60,KL3);
-	RIP4(E,A,B,C,D,WL61,SL61,KL3);
-	RIP4(D,E,A,B,C,WL62,SL62,KL3);
-	RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
-	RIP5(B,C,D,E,A,WL64,SL64,KL4);
-	RIP5(A,B,C,D,E,WL65,SL65,KL4);
-	RIP5(E,A,B,C,D,WL66,SL66,KL4);
-	RIP5(D,E,A,B,C,WL67,SL67,KL4);
-	RIP5(C,D,E,A,B,WL68,SL68,KL4);
-	RIP5(B,C,D,E,A,WL69,SL69,KL4);
-	RIP5(A,B,C,D,E,WL70,SL70,KL4);
-	RIP5(E,A,B,C,D,WL71,SL71,KL4);
-	RIP5(D,E,A,B,C,WL72,SL72,KL4);
-	RIP5(C,D,E,A,B,WL73,SL73,KL4);
-	RIP5(B,C,D,E,A,WL74,SL74,KL4);
-	RIP5(A,B,C,D,E,WL75,SL75,KL4);
-	RIP5(E,A,B,C,D,WL76,SL76,KL4);
-	RIP5(D,E,A,B,C,WL77,SL77,KL4);
-	RIP5(C,D,E,A,B,WL78,SL78,KL4);
-	RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
-	a=A; b=B; c=C; d=D; e=E;
-	/* Do other half */
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP5(A,B,C,D,E,WR00,SR00,KR0);
-	RIP5(E,A,B,C,D,WR01,SR01,KR0);
-	RIP5(D,E,A,B,C,WR02,SR02,KR0);
-	RIP5(C,D,E,A,B,WR03,SR03,KR0);
-	RIP5(B,C,D,E,A,WR04,SR04,KR0);
-	RIP5(A,B,C,D,E,WR05,SR05,KR0);
-	RIP5(E,A,B,C,D,WR06,SR06,KR0);
-	RIP5(D,E,A,B,C,WR07,SR07,KR0);
-	RIP5(C,D,E,A,B,WR08,SR08,KR0);
-	RIP5(B,C,D,E,A,WR09,SR09,KR0);
-	RIP5(A,B,C,D,E,WR10,SR10,KR0);
-	RIP5(E,A,B,C,D,WR11,SR11,KR0);
-	RIP5(D,E,A,B,C,WR12,SR12,KR0);
-	RIP5(C,D,E,A,B,WR13,SR13,KR0);
-	RIP5(B,C,D,E,A,WR14,SR14,KR0);
-	RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
-	RIP4(E,A,B,C,D,WR16,SR16,KR1);
-	RIP4(D,E,A,B,C,WR17,SR17,KR1);
-	RIP4(C,D,E,A,B,WR18,SR18,KR1);
-	RIP4(B,C,D,E,A,WR19,SR19,KR1);
-	RIP4(A,B,C,D,E,WR20,SR20,KR1);
-	RIP4(E,A,B,C,D,WR21,SR21,KR1);
-	RIP4(D,E,A,B,C,WR22,SR22,KR1);
-	RIP4(C,D,E,A,B,WR23,SR23,KR1);
-	RIP4(B,C,D,E,A,WR24,SR24,KR1);
-	RIP4(A,B,C,D,E,WR25,SR25,KR1);
-	RIP4(E,A,B,C,D,WR26,SR26,KR1);
-	RIP4(D,E,A,B,C,WR27,SR27,KR1);
-	RIP4(C,D,E,A,B,WR28,SR28,KR1);
-	RIP4(B,C,D,E,A,WR29,SR29,KR1);
-	RIP4(A,B,C,D,E,WR30,SR30,KR1);
-	RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
-	RIP3(D,E,A,B,C,WR32,SR32,KR2);
-	RIP3(C,D,E,A,B,WR33,SR33,KR2);
-	RIP3(B,C,D,E,A,WR34,SR34,KR2);
-	RIP3(A,B,C,D,E,WR35,SR35,KR2);
-	RIP3(E,A,B,C,D,WR36,SR36,KR2);
-	RIP3(D,E,A,B,C,WR37,SR37,KR2);
-	RIP3(C,D,E,A,B,WR38,SR38,KR2);
-	RIP3(B,C,D,E,A,WR39,SR39,KR2);
-	RIP3(A,B,C,D,E,WR40,SR40,KR2);
-	RIP3(E,A,B,C,D,WR41,SR41,KR2);
-	RIP3(D,E,A,B,C,WR42,SR42,KR2);
-	RIP3(C,D,E,A,B,WR43,SR43,KR2);
-	RIP3(B,C,D,E,A,WR44,SR44,KR2);
-	RIP3(A,B,C,D,E,WR45,SR45,KR2);
-	RIP3(E,A,B,C,D,WR46,SR46,KR2);
-	RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
-	RIP2(C,D,E,A,B,WR48,SR48,KR3);
-	RIP2(B,C,D,E,A,WR49,SR49,KR3);
-	RIP2(A,B,C,D,E,WR50,SR50,KR3);
-	RIP2(E,A,B,C,D,WR51,SR51,KR3);
-	RIP2(D,E,A,B,C,WR52,SR52,KR3);
-	RIP2(C,D,E,A,B,WR53,SR53,KR3);
-	RIP2(B,C,D,E,A,WR54,SR54,KR3);
-	RIP2(A,B,C,D,E,WR55,SR55,KR3);
-	RIP2(E,A,B,C,D,WR56,SR56,KR3);
-	RIP2(D,E,A,B,C,WR57,SR57,KR3);
-	RIP2(C,D,E,A,B,WR58,SR58,KR3);
-	RIP2(B,C,D,E,A,WR59,SR59,KR3);
-	RIP2(A,B,C,D,E,WR60,SR60,KR3);
-	RIP2(E,A,B,C,D,WR61,SR61,KR3);
-	RIP2(D,E,A,B,C,WR62,SR62,KR3);
-	RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
-	RIP1(B,C,D,E,A,WR64,SR64);
-	RIP1(A,B,C,D,E,WR65,SR65);
-	RIP1(E,A,B,C,D,WR66,SR66);
-	RIP1(D,E,A,B,C,WR67,SR67);
-	RIP1(C,D,E,A,B,WR68,SR68);
-	RIP1(B,C,D,E,A,WR69,SR69);
-	RIP1(A,B,C,D,E,WR70,SR70);
-	RIP1(E,A,B,C,D,WR71,SR71);
-	RIP1(D,E,A,B,C,WR72,SR72);
-	RIP1(C,D,E,A,B,WR73,SR73);
-	RIP1(B,C,D,E,A,WR74,SR74);
-	RIP1(A,B,C,D,E,WR75,SR75);
-	RIP1(E,A,B,C,D,WR76,SR76);
-	RIP1(D,E,A,B,C,WR77,SR77);
-	RIP1(C,D,E,A,B,WR78,SR78);
-	RIP1(B,C,D,E,A,WR79,SR79);
-
-	D     =ctx->B+c+D;
-	ctx->B=ctx->C+d+E;
-	ctx->C=ctx->D+e+A;
-	ctx->D=ctx->E+a+B;
-	ctx->E=ctx->A+b+C;
-	ctx->A=D;
-
-		}
-	}
-#endif
-
-#ifndef ripemd160_block_data_order
-#ifdef X
-#undef X
-#endif
-void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num)
-	{
-	const unsigned char *data=p;
-	register unsigned MD32_REG_T A,B,C,D,E;
-	unsigned MD32_REG_T a,b,c,d,e,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	RIPEMD160_LONG	XX[16];
-# define X(i)	XX[i]
-#endif
-
-	for (;num--;)
-		{
-
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	HOST_c2l(data,l); X( 0)=l;	HOST_c2l(data,l); X( 1)=l;
-	RIP1(A,B,C,D,E,WL00,SL00);	HOST_c2l(data,l); X( 2)=l;
-	RIP1(E,A,B,C,D,WL01,SL01);	HOST_c2l(data,l); X( 3)=l;
-	RIP1(D,E,A,B,C,WL02,SL02);	HOST_c2l(data,l); X( 4)=l;
-	RIP1(C,D,E,A,B,WL03,SL03);	HOST_c2l(data,l); X( 5)=l;
-	RIP1(B,C,D,E,A,WL04,SL04);	HOST_c2l(data,l); X( 6)=l;
-	RIP1(A,B,C,D,E,WL05,SL05);	HOST_c2l(data,l); X( 7)=l;
-	RIP1(E,A,B,C,D,WL06,SL06);	HOST_c2l(data,l); X( 8)=l;
-	RIP1(D,E,A,B,C,WL07,SL07);	HOST_c2l(data,l); X( 9)=l;
-	RIP1(C,D,E,A,B,WL08,SL08);	HOST_c2l(data,l); X(10)=l;
-	RIP1(B,C,D,E,A,WL09,SL09);	HOST_c2l(data,l); X(11)=l;
-	RIP1(A,B,C,D,E,WL10,SL10);	HOST_c2l(data,l); X(12)=l;
-	RIP1(E,A,B,C,D,WL11,SL11);	HOST_c2l(data,l); X(13)=l;
-	RIP1(D,E,A,B,C,WL12,SL12);	HOST_c2l(data,l); X(14)=l;
-	RIP1(C,D,E,A,B,WL13,SL13);	HOST_c2l(data,l); X(15)=l;
-	RIP1(B,C,D,E,A,WL14,SL14);
-	RIP1(A,B,C,D,E,WL15,SL15);
-
-	RIP2(E,A,B,C,D,WL16,SL16,KL1);
-	RIP2(D,E,A,B,C,WL17,SL17,KL1);
-	RIP2(C,D,E,A,B,WL18,SL18,KL1);
-	RIP2(B,C,D,E,A,WL19,SL19,KL1);
-	RIP2(A,B,C,D,E,WL20,SL20,KL1);
-	RIP2(E,A,B,C,D,WL21,SL21,KL1);
-	RIP2(D,E,A,B,C,WL22,SL22,KL1);
-	RIP2(C,D,E,A,B,WL23,SL23,KL1);
-	RIP2(B,C,D,E,A,WL24,SL24,KL1);
-	RIP2(A,B,C,D,E,WL25,SL25,KL1);
-	RIP2(E,A,B,C,D,WL26,SL26,KL1);
-	RIP2(D,E,A,B,C,WL27,SL27,KL1);
-	RIP2(C,D,E,A,B,WL28,SL28,KL1);
-	RIP2(B,C,D,E,A,WL29,SL29,KL1);
-	RIP2(A,B,C,D,E,WL30,SL30,KL1);
-	RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
-	RIP3(D,E,A,B,C,WL32,SL32,KL2);
-	RIP3(C,D,E,A,B,WL33,SL33,KL2);
-	RIP3(B,C,D,E,A,WL34,SL34,KL2);
-	RIP3(A,B,C,D,E,WL35,SL35,KL2);
-	RIP3(E,A,B,C,D,WL36,SL36,KL2);
-	RIP3(D,E,A,B,C,WL37,SL37,KL2);
-	RIP3(C,D,E,A,B,WL38,SL38,KL2);
-	RIP3(B,C,D,E,A,WL39,SL39,KL2);
-	RIP3(A,B,C,D,E,WL40,SL40,KL2);
-	RIP3(E,A,B,C,D,WL41,SL41,KL2);
-	RIP3(D,E,A,B,C,WL42,SL42,KL2);
-	RIP3(C,D,E,A,B,WL43,SL43,KL2);
-	RIP3(B,C,D,E,A,WL44,SL44,KL2);
-	RIP3(A,B,C,D,E,WL45,SL45,KL2);
-	RIP3(E,A,B,C,D,WL46,SL46,KL2);
-	RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
-	RIP4(C,D,E,A,B,WL48,SL48,KL3);
-	RIP4(B,C,D,E,A,WL49,SL49,KL3);
-	RIP4(A,B,C,D,E,WL50,SL50,KL3);
-	RIP4(E,A,B,C,D,WL51,SL51,KL3);
-	RIP4(D,E,A,B,C,WL52,SL52,KL3);
-	RIP4(C,D,E,A,B,WL53,SL53,KL3);
-	RIP4(B,C,D,E,A,WL54,SL54,KL3);
-	RIP4(A,B,C,D,E,WL55,SL55,KL3);
-	RIP4(E,A,B,C,D,WL56,SL56,KL3);
-	RIP4(D,E,A,B,C,WL57,SL57,KL3);
-	RIP4(C,D,E,A,B,WL58,SL58,KL3);
-	RIP4(B,C,D,E,A,WL59,SL59,KL3);
-	RIP4(A,B,C,D,E,WL60,SL60,KL3);
-	RIP4(E,A,B,C,D,WL61,SL61,KL3);
-	RIP4(D,E,A,B,C,WL62,SL62,KL3);
-	RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
-	RIP5(B,C,D,E,A,WL64,SL64,KL4);
-	RIP5(A,B,C,D,E,WL65,SL65,KL4);
-	RIP5(E,A,B,C,D,WL66,SL66,KL4);
-	RIP5(D,E,A,B,C,WL67,SL67,KL4);
-	RIP5(C,D,E,A,B,WL68,SL68,KL4);
-	RIP5(B,C,D,E,A,WL69,SL69,KL4);
-	RIP5(A,B,C,D,E,WL70,SL70,KL4);
-	RIP5(E,A,B,C,D,WL71,SL71,KL4);
-	RIP5(D,E,A,B,C,WL72,SL72,KL4);
-	RIP5(C,D,E,A,B,WL73,SL73,KL4);
-	RIP5(B,C,D,E,A,WL74,SL74,KL4);
-	RIP5(A,B,C,D,E,WL75,SL75,KL4);
-	RIP5(E,A,B,C,D,WL76,SL76,KL4);
-	RIP5(D,E,A,B,C,WL77,SL77,KL4);
-	RIP5(C,D,E,A,B,WL78,SL78,KL4);
-	RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
-	a=A; b=B; c=C; d=D; e=E;
-	/* Do other half */
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP5(A,B,C,D,E,WR00,SR00,KR0);
-	RIP5(E,A,B,C,D,WR01,SR01,KR0);
-	RIP5(D,E,A,B,C,WR02,SR02,KR0);
-	RIP5(C,D,E,A,B,WR03,SR03,KR0);
-	RIP5(B,C,D,E,A,WR04,SR04,KR0);
-	RIP5(A,B,C,D,E,WR05,SR05,KR0);
-	RIP5(E,A,B,C,D,WR06,SR06,KR0);
-	RIP5(D,E,A,B,C,WR07,SR07,KR0);
-	RIP5(C,D,E,A,B,WR08,SR08,KR0);
-	RIP5(B,C,D,E,A,WR09,SR09,KR0);
-	RIP5(A,B,C,D,E,WR10,SR10,KR0);
-	RIP5(E,A,B,C,D,WR11,SR11,KR0);
-	RIP5(D,E,A,B,C,WR12,SR12,KR0);
-	RIP5(C,D,E,A,B,WR13,SR13,KR0);
-	RIP5(B,C,D,E,A,WR14,SR14,KR0);
-	RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
-	RIP4(E,A,B,C,D,WR16,SR16,KR1);
-	RIP4(D,E,A,B,C,WR17,SR17,KR1);
-	RIP4(C,D,E,A,B,WR18,SR18,KR1);
-	RIP4(B,C,D,E,A,WR19,SR19,KR1);
-	RIP4(A,B,C,D,E,WR20,SR20,KR1);
-	RIP4(E,A,B,C,D,WR21,SR21,KR1);
-	RIP4(D,E,A,B,C,WR22,SR22,KR1);
-	RIP4(C,D,E,A,B,WR23,SR23,KR1);
-	RIP4(B,C,D,E,A,WR24,SR24,KR1);
-	RIP4(A,B,C,D,E,WR25,SR25,KR1);
-	RIP4(E,A,B,C,D,WR26,SR26,KR1);
-	RIP4(D,E,A,B,C,WR27,SR27,KR1);
-	RIP4(C,D,E,A,B,WR28,SR28,KR1);
-	RIP4(B,C,D,E,A,WR29,SR29,KR1);
-	RIP4(A,B,C,D,E,WR30,SR30,KR1);
-	RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
-	RIP3(D,E,A,B,C,WR32,SR32,KR2);
-	RIP3(C,D,E,A,B,WR33,SR33,KR2);
-	RIP3(B,C,D,E,A,WR34,SR34,KR2);
-	RIP3(A,B,C,D,E,WR35,SR35,KR2);
-	RIP3(E,A,B,C,D,WR36,SR36,KR2);
-	RIP3(D,E,A,B,C,WR37,SR37,KR2);
-	RIP3(C,D,E,A,B,WR38,SR38,KR2);
-	RIP3(B,C,D,E,A,WR39,SR39,KR2);
-	RIP3(A,B,C,D,E,WR40,SR40,KR2);
-	RIP3(E,A,B,C,D,WR41,SR41,KR2);
-	RIP3(D,E,A,B,C,WR42,SR42,KR2);
-	RIP3(C,D,E,A,B,WR43,SR43,KR2);
-	RIP3(B,C,D,E,A,WR44,SR44,KR2);
-	RIP3(A,B,C,D,E,WR45,SR45,KR2);
-	RIP3(E,A,B,C,D,WR46,SR46,KR2);
-	RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
-	RIP2(C,D,E,A,B,WR48,SR48,KR3);
-	RIP2(B,C,D,E,A,WR49,SR49,KR3);
-	RIP2(A,B,C,D,E,WR50,SR50,KR3);
-	RIP2(E,A,B,C,D,WR51,SR51,KR3);
-	RIP2(D,E,A,B,C,WR52,SR52,KR3);
-	RIP2(C,D,E,A,B,WR53,SR53,KR3);
-	RIP2(B,C,D,E,A,WR54,SR54,KR3);
-	RIP2(A,B,C,D,E,WR55,SR55,KR3);
-	RIP2(E,A,B,C,D,WR56,SR56,KR3);
-	RIP2(D,E,A,B,C,WR57,SR57,KR3);
-	RIP2(C,D,E,A,B,WR58,SR58,KR3);
-	RIP2(B,C,D,E,A,WR59,SR59,KR3);
-	RIP2(A,B,C,D,E,WR60,SR60,KR3);
-	RIP2(E,A,B,C,D,WR61,SR61,KR3);
-	RIP2(D,E,A,B,C,WR62,SR62,KR3);
-	RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
-	RIP1(B,C,D,E,A,WR64,SR64);
-	RIP1(A,B,C,D,E,WR65,SR65);
-	RIP1(E,A,B,C,D,WR66,SR66);
-	RIP1(D,E,A,B,C,WR67,SR67);
-	RIP1(C,D,E,A,B,WR68,SR68);
-	RIP1(B,C,D,E,A,WR69,SR69);
-	RIP1(A,B,C,D,E,WR70,SR70);
-	RIP1(E,A,B,C,D,WR71,SR71);
-	RIP1(D,E,A,B,C,WR72,SR72);
-	RIP1(C,D,E,A,B,WR73,SR73);
-	RIP1(B,C,D,E,A,WR74,SR74);
-	RIP1(A,B,C,D,E,WR75,SR75);
-	RIP1(E,A,B,C,D,WR76,SR76);
-	RIP1(D,E,A,B,C,WR77,SR77);
-	RIP1(C,D,E,A,B,WR78,SR78);
-	RIP1(B,C,D,E,A,WR79,SR79);
-
-	D     =ctx->B+c+D;
-	ctx->B=ctx->C+d+E;
-	ctx->C=ctx->D+e+A;
-	ctx->D=ctx->E+a+B;
-	ctx->E=ctx->A+b+C;
-	ctx->A=D;
-
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/ripemd/rmd_locl.h b/crypto/openssl/crypto/ripemd/rmd_locl.h
deleted file mode 100644
index 7b835dfbd4f8..000000000000
--- a/crypto/openssl/crypto/ripemd/rmd_locl.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/* crypto/ripemd/rmd_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/ripemd.h>
-
-#ifndef RIPEMD160_LONG_LOG2
-#define RIPEMD160_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-/*
- * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
- * FOR EXPLANATIONS ON FOLLOWING "CODE."
- *					<appro@fy.chalmers.se>
- */
-#ifdef RMD160_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define ripemd160_block_host_order ripemd160_block_asm_host_order
-# endif
-#endif
-
-void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num);
-void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#define ripemd160_block_data_order ripemd160_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG               RIPEMD160_LONG
-#define HASH_LONG_LOG2          RIPEMD160_LONG_LOG2
-#define HASH_CTX                RIPEMD160_CTX
-#define HASH_CBLOCK             RIPEMD160_CBLOCK
-#define HASH_LBLOCK             RIPEMD160_LBLOCK
-#define HASH_UPDATE             RIPEMD160_Update
-#define HASH_TRANSFORM          RIPEMD160_Transform
-#define HASH_FINAL              RIPEMD160_Final
-#define HASH_BLOCK_HOST_ORDER   ripemd160_block_host_order
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	ll=(c)->E; HOST_l2c(ll,(s));	\
-	} while (0)
-#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order)
-#define HASH_BLOCK_DATA_ORDER   ripemd160_block_data_order
-#endif
-
-#include "md32_common.h"
-
-#if 0
-#define F1(x,y,z)	 ((x)^(y)^(z))
-#define F2(x,y,z)	(((x)&(y))|((~x)&z))
-#define F3(x,y,z)	(((x)|(~y))^(z))
-#define F4(x,y,z)	(((x)&(z))|((y)&(~(z))))
-#define F5(x,y,z)	 ((x)^((y)|(~(z))))
-#else
-/*
- * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
- */
-#define F1(x,y,z)	((x) ^ (y) ^ (z))
-#define F2(x,y,z)	((((y) ^ (z)) & (x)) ^ (z))
-#define F3(x,y,z)	(((~(y)) | (x)) ^ (z))
-#define F4(x,y,z)	((((x) ^ (y)) & (z)) ^ (y))
-#define F5(x,y,z)	(((~(z)) | (y)) ^ (x))
-#endif
-
-#define RIPEMD160_A	0x67452301L
-#define RIPEMD160_B	0xEFCDAB89L
-#define RIPEMD160_C	0x98BADCFEL
-#define RIPEMD160_D	0x10325476L
-#define RIPEMD160_E	0xC3D2E1F0L
-
-#include "rmdconst.h"
-
-#define RIP1(a,b,c,d,e,w,s) { \
-	a+=F1(b,c,d)+X(w); \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP2(a,b,c,d,e,w,s,K) { \
-	a+=F2(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP3(a,b,c,d,e,w,s,K) { \
-	a+=F3(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP4(a,b,c,d,e,w,s,K) { \
-	a+=F4(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP5(a,b,c,d,e,w,s,K) { \
-	a+=F5(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
diff --git a/crypto/openssl/crypto/ripemd/rmd_one.c b/crypto/openssl/crypto/ripemd/rmd_one.c
deleted file mode 100644
index f8b580c33a3a..000000000000
--- a/crypto/openssl/crypto/ripemd/rmd_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* crypto/ripemd/rmd_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/ripemd.h>
-#include <openssl/crypto.h>
-
-unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
-	     unsigned char *md)
-	{
-	RIPEMD160_CTX c;
-	static unsigned char m[RIPEMD160_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	RIPEMD160_Init(&c);
-	RIPEMD160_Update(&c,d,n);
-	RIPEMD160_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
-	return(md);
-	}
-
diff --git a/crypto/openssl/crypto/ripemd/rmdconst.h b/crypto/openssl/crypto/ripemd/rmdconst.h
deleted file mode 100644
index 59c48dead1ba..000000000000
--- a/crypto/openssl/crypto/ripemd/rmdconst.h
+++ /dev/null
@@ -1,399 +0,0 @@
-/* crypto/ripemd/rmdconst.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#define KL0 0x00000000L
-#define KL1 0x5A827999L
-#define KL2 0x6ED9EBA1L
-#define KL3 0x8F1BBCDCL
-#define KL4 0xA953FD4EL
-
-#define KR0 0x50A28BE6L
-#define KR1 0x5C4DD124L
-#define KR2 0x6D703EF3L
-#define KR3 0x7A6D76E9L
-#define KR4 0x00000000L
-
-#define WL00  0
-#define SL00 11
-#define WL01  1
-#define SL01 14
-#define WL02  2
-#define SL02 15
-#define WL03  3
-#define SL03 12
-#define WL04  4
-#define SL04  5
-#define WL05  5
-#define SL05  8
-#define WL06  6
-#define SL06  7
-#define WL07  7
-#define SL07  9
-#define WL08  8
-#define SL08 11
-#define WL09  9
-#define SL09 13
-#define WL10 10
-#define SL10 14
-#define WL11 11
-#define SL11 15
-#define WL12 12
-#define SL12  6
-#define WL13 13
-#define SL13  7
-#define WL14 14
-#define SL14  9
-#define WL15 15
-#define SL15  8
-
-#define WL16  7
-#define SL16  7
-#define WL17  4
-#define SL17  6
-#define WL18 13
-#define SL18  8
-#define WL19  1
-#define SL19 13
-#define WL20 10
-#define SL20 11
-#define WL21  6
-#define SL21  9
-#define WL22 15
-#define SL22  7
-#define WL23  3
-#define SL23 15
-#define WL24 12
-#define SL24  7
-#define WL25  0
-#define SL25 12
-#define WL26  9
-#define SL26 15
-#define WL27  5
-#define SL27  9
-#define WL28  2
-#define SL28 11
-#define WL29 14
-#define SL29  7
-#define WL30 11
-#define SL30 13
-#define WL31  8
-#define SL31 12
-
-#define WL32  3
-#define SL32 11
-#define WL33 10
-#define SL33 13
-#define WL34 14
-#define SL34  6
-#define WL35  4
-#define SL35  7
-#define WL36  9
-#define SL36 14
-#define WL37 15
-#define SL37  9
-#define WL38  8
-#define SL38 13
-#define WL39  1
-#define SL39 15
-#define WL40  2
-#define SL40 14
-#define WL41  7
-#define SL41  8
-#define WL42  0
-#define SL42 13
-#define WL43  6
-#define SL43  6
-#define WL44 13
-#define SL44  5
-#define WL45 11
-#define SL45 12
-#define WL46  5
-#define SL46  7
-#define WL47 12
-#define SL47  5
-
-#define WL48  1
-#define SL48 11
-#define WL49  9
-#define SL49 12
-#define WL50 11
-#define SL50 14
-#define WL51 10
-#define SL51 15
-#define WL52  0
-#define SL52 14
-#define WL53  8
-#define SL53 15
-#define WL54 12
-#define SL54  9
-#define WL55  4
-#define SL55  8
-#define WL56 13
-#define SL56  9
-#define WL57  3
-#define SL57 14
-#define WL58  7
-#define SL58  5
-#define WL59 15
-#define SL59  6
-#define WL60 14
-#define SL60  8
-#define WL61  5
-#define SL61  6
-#define WL62  6
-#define SL62  5
-#define WL63  2
-#define SL63 12
-
-#define WL64  4
-#define SL64  9
-#define WL65  0
-#define SL65 15
-#define WL66  5
-#define SL66  5
-#define WL67  9
-#define SL67 11
-#define WL68  7
-#define SL68  6
-#define WL69 12
-#define SL69  8
-#define WL70  2
-#define SL70 13
-#define WL71 10
-#define SL71 12
-#define WL72 14
-#define SL72  5
-#define WL73  1
-#define SL73 12
-#define WL74  3
-#define SL74 13
-#define WL75  8
-#define SL75 14
-#define WL76 11
-#define SL76 11
-#define WL77  6
-#define SL77  8
-#define WL78 15
-#define SL78  5
-#define WL79 13
-#define SL79  6
-
-#define WR00  5
-#define SR00  8
-#define WR01 14
-#define SR01  9
-#define WR02  7
-#define SR02  9
-#define WR03  0
-#define SR03 11
-#define WR04  9
-#define SR04 13
-#define WR05  2
-#define SR05 15
-#define WR06 11
-#define SR06 15
-#define WR07  4
-#define SR07  5
-#define WR08 13
-#define SR08  7
-#define WR09  6
-#define SR09  7
-#define WR10 15
-#define SR10  8
-#define WR11  8
-#define SR11 11
-#define WR12  1
-#define SR12 14
-#define WR13 10
-#define SR13 14
-#define WR14  3
-#define SR14 12
-#define WR15 12
-#define SR15  6
-
-#define WR16  6
-#define SR16  9
-#define WR17 11
-#define SR17 13
-#define WR18  3
-#define SR18 15
-#define WR19  7
-#define SR19  7
-#define WR20  0
-#define SR20 12
-#define WR21 13
-#define SR21  8
-#define WR22  5
-#define SR22  9
-#define WR23 10
-#define SR23 11
-#define WR24 14
-#define SR24  7
-#define WR25 15
-#define SR25  7
-#define WR26  8
-#define SR26 12
-#define WR27 12
-#define SR27  7
-#define WR28  4
-#define SR28  6
-#define WR29  9
-#define SR29 15
-#define WR30  1
-#define SR30 13
-#define WR31  2
-#define SR31 11
-
-#define WR32 15
-#define SR32  9
-#define WR33  5
-#define SR33  7
-#define WR34  1
-#define SR34 15
-#define WR35  3
-#define SR35 11
-#define WR36  7
-#define SR36  8
-#define WR37 14
-#define SR37  6
-#define WR38  6
-#define SR38  6
-#define WR39  9
-#define SR39 14
-#define WR40 11
-#define SR40 12
-#define WR41  8
-#define SR41 13
-#define WR42 12
-#define SR42  5
-#define WR43  2
-#define SR43 14
-#define WR44 10
-#define SR44 13
-#define WR45  0
-#define SR45 13
-#define WR46  4
-#define SR46  7
-#define WR47 13
-#define SR47  5
-
-#define WR48  8
-#define SR48 15
-#define WR49  6
-#define SR49  5
-#define WR50  4
-#define SR50  8
-#define WR51  1
-#define SR51 11
-#define WR52  3
-#define SR52 14
-#define WR53 11
-#define SR53 14
-#define WR54 15
-#define SR54  6
-#define WR55  0
-#define SR55 14
-#define WR56  5
-#define SR56  6
-#define WR57 12
-#define SR57  9
-#define WR58  2
-#define SR58 12
-#define WR59 13
-#define SR59  9
-#define WR60  9
-#define SR60 12
-#define WR61  7
-#define SR61  5
-#define WR62 10
-#define SR62 15
-#define WR63 14
-#define SR63  8
-
-#define WR64 12
-#define SR64  8
-#define WR65 15
-#define SR65  5
-#define WR66 10
-#define SR66 12
-#define WR67  4
-#define SR67  9
-#define WR68  1
-#define SR68 12
-#define WR69  5
-#define SR69  5
-#define WR70  8
-#define SR70 14
-#define WR71  7
-#define SR71  6
-#define WR72  6
-#define SR72  8
-#define WR73  2
-#define SR73 13
-#define WR74 13
-#define SR74  6
-#define WR75 14
-#define SR75  5
-#define WR76  0
-#define SR76 15
-#define WR77  3
-#define SR77 13
-#define WR78  9
-#define SR78 11
-#define WR79 11
-#define SR79 11
-
diff --git a/crypto/openssl/crypto/ripemd/rmdtest.c b/crypto/openssl/crypto/ripemd/rmdtest.c
deleted file mode 100644
index d4c709e64667..000000000000
--- a/crypto/openssl/crypto/ripemd/rmdtest.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/ripemd/rmdtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_RIPEMD
-int main(int argc, char *argv[])
-{
-    printf("No ripemd support\n");
-    return(0);
-}
-#else
-#include <openssl/ripemd.h>
-#include <openssl/evp.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-static char *test[]={
-	"",
-	"a",
-	"abc",
-	"message digest",
-	"abcdefghijklmnopqrstuvwxyz",
-	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
-	NULL,
-	};
-
-static char *ret[]={
-	"9c1185a5c5e9fc54612808977ee8f548b2258d31",
-	"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
-	"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
-	"5d0689ef49d2fae572b881b123a85ffa21595f36",
-	"f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
-	"12a053384a9c0c88e405a06c27dcf49ada62eb2b",
-	"b0e20b6e3116640286ed3a87a5713079b21f5189",
-	"9b752e45573d4b39f4dbd3323cab82bf63326bfb",
-	};
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	unsigned char **P,**R;
-	char *p;
-	unsigned char md[RIPEMD160_DIGEST_LENGTH];
-
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
-	i=1;
-	while (*P != NULL)
-		{
-#ifdef CHARSET_EBCDIC
-		ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
-#endif
-		EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL);
-		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
-			{
-			printf("error calculating RIPEMD160 on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-	EXIT(err);
-	return(0);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/rsa/Makefile.save b/crypto/openssl/crypto/rsa/Makefile.save
deleted file mode 100644
index 1be9a1cd2397..000000000000
--- a/crypto/openssl/crypto/rsa/Makefile.save
+++ /dev/null
@@ -1,200 +0,0 @@
-#
-# SSLeay/crypto/rsa/Makefile
-#
-
-DIR=	rsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rsa_test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
-	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c
-LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
-	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
-rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-rsa_chk.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_chk.o: ../../include/openssl/symhacks.h
-rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h
-rsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
-rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_err.o: ../../include/openssl/symhacks.h
-rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_gen.o: ../cryptlib.h
-rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_lib.o: ../cryptlib.h
-rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_none.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_none.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_none.o: ../../include/openssl/opensslconf.h
-rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-rsa_none.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_none.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_none.o: ../cryptlib.h
-rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_null.o: ../../include/openssl/opensslconf.h
-rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-rsa_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_null.o: ../cryptlib.h
-rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_oaep.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_oaep.o: ../../include/openssl/opensslconf.h
-rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-rsa_oaep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_oaep.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_oaep.o: ../../include/openssl/symhacks.h ../cryptlib.h
-rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_pk1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_pk1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h
-rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rsa_saos.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-rsa_saos.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_saos.o: ../../include/openssl/opensslconf.h
-rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-rsa_saos.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-rsa_saos.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-rsa_saos.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_saos.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_saos.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-rsa_saos.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-rsa_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_sign.o: ../../include/openssl/opensslconf.h
-rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-rsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-rsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_ssl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h
diff --git a/crypto/openssl/crypto/rsa/Makefile.ssl b/crypto/openssl/crypto/rsa/Makefile.ssl
deleted file mode 100644
index 605d48800572..000000000000
--- a/crypto/openssl/crypto/rsa/Makefile.ssl
+++ /dev/null
@@ -1,243 +0,0 @@
-#
-# SSLeay/crypto/rsa/Makefile
-#
-
-DIR=	rsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rsa_test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
-	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
-	rsa_asn1.c
-LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
-	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
-	rsa_asn1.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_asn1.o: ../../include/openssl/opensslconf.h
-rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_asn1.o: ../cryptlib.h rsa_asn1.c
-rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_chk.o: rsa_chk.c
-rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_eay.o: ../../include/openssl/ui.h ../cryptlib.h rsa_eay.c
-rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_err.o: rsa_err.c
-rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_gen.o: ../cryptlib.h rsa_gen.c
-rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c
-rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
-rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
-rsa_oaep.o: ../../e_os.h ../../include/openssl/aes.h
-rsa_oaep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_oaep.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rsa_oaep.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rsa_oaep.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rsa_oaep.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_oaep.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rsa_oaep.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rsa_oaep.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_oaep.o: ../../include/openssl/opensslconf.h
-rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-rsa_oaep.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-rsa_oaep.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_oaep.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rsa_oaep.o: ../cryptlib.h rsa_oaep.c
-rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
-rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h
-rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rsa_saos.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rsa_saos.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_saos.o: ../../include/openssl/opensslconf.h
-rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-rsa_saos.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-rsa_saos.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_saos.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rsa_saos.o: ../cryptlib.h rsa_saos.c
-rsa_sign.o: ../../e_os.h ../../include/openssl/aes.h
-rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-rsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-rsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-rsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-rsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-rsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-rsa_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_sign.c
-rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
diff --git a/crypto/openssl/crypto/rsa/rsa.h b/crypto/openssl/crypto/rsa/rsa.h
deleted file mode 100644
index b2e25e4e7c71..000000000000
--- a/crypto/openssl/crypto/rsa/rsa.h
+++ /dev/null
@@ -1,356 +0,0 @@
-/* crypto/rsa/rsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSA_H
-#define HEADER_RSA_H
-
-#include <openssl/asn1.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef OPENSSL_NO_RSA
-#error RSA is disabled.
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rsa_st RSA;
-
-typedef struct rsa_meth_st
-	{
-	const char *name;
-	int (*rsa_pub_enc)(int flen,const unsigned char *from,
-			   unsigned char *to,
-			   RSA *rsa,int padding);
-	int (*rsa_pub_dec)(int flen,const unsigned char *from,
-			   unsigned char *to,
-			   RSA *rsa,int padding);
-	int (*rsa_priv_enc)(int flen,const unsigned char *from,
-			    unsigned char *to,
-			    RSA *rsa,int padding);
-	int (*rsa_priv_dec)(int flen,const unsigned char *from,
-			    unsigned char *to,
-			    RSA *rsa,int padding);
-	int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */
-	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			  const BIGNUM *m, BN_CTX *ctx,
-			  BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(RSA *rsa);		/* called at new */
-	int (*finish)(RSA *rsa);	/* called at free */
-	int flags;			/* RSA_METHOD_FLAG_* things */
-	char *app_data;			/* may be needed! */
-/* New sign and verify functions: some libraries don't allow arbitrary data
- * to be signed/verified: this allows them to be used. Note: for this to work
- * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
- * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
- * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
- * option is set in 'flags'.
- */
-	int (*rsa_sign)(int type,
-		const unsigned char *m, unsigned int m_length,
-		unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
-	int (*rsa_verify)(int dtype,
-		const unsigned char *m, unsigned int m_length,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
-
-	} RSA_METHOD;
-
-struct rsa_st
-	{
-	/* The first parameter is used to pickup errors where
-	 * this is passed instead of aEVP_PKEY, it is set to 0 */
-	int pad;
-	long version;
-	const RSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	BIGNUM *n;
-	BIGNUM *e;
-	BIGNUM *d;
-	BIGNUM *p;
-	BIGNUM *q;
-	BIGNUM *dmp1;
-	BIGNUM *dmq1;
-	BIGNUM *iqmp;
-	/* be careful using this if the RSA structure is shared */
-	CRYPTO_EX_DATA ex_data;
-	int references;
-	int flags;
-
-	/* Used to cache montgomery values */
-	BN_MONT_CTX *_method_mod_n;
-	BN_MONT_CTX *_method_mod_p;
-	BN_MONT_CTX *_method_mod_q;
-
-	/* all BIGNUM values are actually in the following data, if it is not
-	 * NULL */
-	char *bignum_data;
-	BN_BLINDING *blinding;
-	};
-
-#define RSA_3	0x3L
-#define RSA_F4	0x10001L
-
-#define RSA_METHOD_FLAG_NO_CHECK	0x01 /* don't check pub/private match */
-
-#define RSA_FLAG_CACHE_PUBLIC		0x02
-#define RSA_FLAG_CACHE_PRIVATE		0x04
-#define RSA_FLAG_BLINDING		0x08
-#define RSA_FLAG_THREAD_SAFE		0x10
-/* This flag means the private key operations will be handled by rsa_mod_exp
- * and that they do not depend on the private key components being present:
- * for example a key stored in external hardware. Without this flag bn_mod_exp
- * gets called when private key components are absent.
- */
-#define RSA_FLAG_EXT_PKEY		0x20
-
-/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
- */
-#define RSA_FLAG_SIGN_VER		0x40
-
-#define RSA_PKCS1_PADDING	1
-#define RSA_SSLV23_PADDING	2
-#define RSA_NO_PADDING		3
-#define RSA_PKCS1_OAEP_PADDING	4
-
-#define RSA_PKCS1_PADDING_SIZE	11
-
-#define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
-#define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
-
-RSA *	RSA_new(void);
-RSA *	RSA_new_method(ENGINE *engine);
-int	RSA_size(const RSA *);
-RSA *	RSA_generate_key(int bits, unsigned long e,void
-		(*callback)(int,int,void *),void *cb_arg);
-int	RSA_check_key(const RSA *);
-	/* next 4 return -1 on error */
-int	RSA_public_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-int	RSA_private_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-int	RSA_public_decrypt(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa,int padding);
-int	RSA_private_decrypt(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa,int padding);
-void	RSA_free (RSA *r);
-/* "up" the RSA object's reference count */
-int	RSA_up_ref(RSA *r);
-
-int	RSA_flags(const RSA *r);
-
-void RSA_set_default_method(const RSA_METHOD *meth);
-const RSA_METHOD *RSA_get_default_method(void);
-const RSA_METHOD *RSA_get_method(const RSA *rsa);
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
-
-/* these are the actual SSLeay RSA functions */
-const RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
-const RSA_METHOD *RSA_null_method(void);
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
-
-#ifndef OPENSSL_NO_FP_API
-int	RSA_print_fp(FILE *fp, const RSA *r,int offset);
-#endif
-
-#ifndef OPENSSL_NO_BIO
-int	RSA_print(BIO *bp, const RSA *r,int offset);
-#endif
-
-int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
-
-/* The following 2 functions sign and verify a X509_SIG ASN1 object
- * inside PKCS#1 padded RSA encryption */
-int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
-	unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
-	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-/* The following 2 function sign and verify a ASN1_OCTET_STRING
- * object inside PKCS#1 padded RSA encryption */
-int RSA_sign_ASN1_OCTET_STRING(int type,
-	const unsigned char *m, unsigned int m_length,
-	unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify_ASN1_OCTET_STRING(int type,
-	const unsigned char *m, unsigned int m_length,
-	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
-	const unsigned char *f,int fl);
-int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
-	const unsigned char *f,int fl);
-int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,
-	const unsigned char *p,int pl);
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,int rsa_len,
-	const unsigned char *p,int pl);
-int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
-	const unsigned char *f,int fl);
-int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_none(unsigned char *to,int tlen,
-	const unsigned char *f,int fl);
-int RSA_padding_check_none(unsigned char *to,int tlen,
-	const unsigned char *f,int fl,int rsa_len);
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int RSA_set_ex_data(RSA *r,int idx,void *arg);
-void *RSA_get_ex_data(const RSA *r, int idx);
-
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RSA_strings(void);
-
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-#define RSA_F_MEMORY_LOCK				 100
-#define RSA_F_RSA_CHECK_KEY				 123
-#define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 101
-#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 102
-#define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 103
-#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 104
-#define RSA_F_RSA_GENERATE_KEY				 105
-#define RSA_F_RSA_NEW_METHOD				 106
-#define RSA_F_RSA_NULL					 124
-#define RSA_F_RSA_PADDING_ADD_NONE			 107
-#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP		 121
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 108
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2		 109
-#define RSA_F_RSA_PADDING_ADD_SSLV23			 110
-#define RSA_F_RSA_PADDING_CHECK_NONE			 111
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP		 122
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 112
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 113
-#define RSA_F_RSA_PADDING_CHECK_SSLV23			 114
-#define RSA_F_RSA_PRINT					 115
-#define RSA_F_RSA_PRINT_FP				 116
-#define RSA_F_RSA_SIGN					 117
-#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 118
-#define RSA_F_RSA_VERIFY				 119
-#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 120
-
-/* Reason codes. */
-#define RSA_R_ALGORITHM_MISMATCH			 100
-#define RSA_R_BAD_E_VALUE				 101
-#define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
-#define RSA_R_BAD_PAD_BYTE_COUNT			 103
-#define RSA_R_BAD_SIGNATURE				 104
-#define RSA_R_BLOCK_TYPE_IS_NOT_01			 106
-#define RSA_R_BLOCK_TYPE_IS_NOT_02			 107
-#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 108
-#define RSA_R_DATA_TOO_LARGE				 109
-#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 110
-#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS		 132
-#define RSA_R_DATA_TOO_SMALL				 111
-#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE		 122
-#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
-#define RSA_R_DMP1_NOT_CONGRUENT_TO_D			 124
-#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D			 125
-#define RSA_R_D_E_NOT_CONGRUENT_TO_1			 123
-#define RSA_R_INVALID_MESSAGE_LENGTH			 131
-#define RSA_R_IQMP_NOT_INVERSE_OF_Q			 126
-#define RSA_R_KEY_SIZE_TOO_SMALL			 120
-#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
-#define RSA_R_N_DOES_NOT_EQUAL_P_Q			 127
-#define RSA_R_OAEP_DECODING_ERROR			 121
-#define RSA_R_PADDING_CHECK_FAILED			 114
-#define RSA_R_P_NOT_PRIME				 128
-#define RSA_R_Q_NOT_PRIME				 129
-#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED		 130
-#define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
-#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
-#define RSA_R_UNKNOWN_PADDING_TYPE			 118
-#define RSA_R_WRONG_SIGNATURE_LENGTH			 119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_asn1.c b/crypto/openssl/crypto/rsa/rsa_asn1.c
deleted file mode 100644
index 1455a7e0e42b..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_asn1.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* rsa_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/asn1t.h>
-
-static ASN1_METHOD method={
-        (int (*)())  i2d_RSAPrivateKey,
-        (char *(*)())d2i_RSAPrivateKey,
-        (char *(*)())RSA_new,
-        (void (*)()) RSA_free};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-	{
-	return(&method);
-	}
-
-/* Override the default free and new methods */
-static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)RSA_new();
-		if(*pval) return 2;
-		return 0;
-	} else if(operation == ASN1_OP_FREE_PRE) {
-		RSA_free((RSA *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
-	ASN1_SIMPLE(RSA, version, LONG),
-	ASN1_SIMPLE(RSA, n, BIGNUM),
-	ASN1_SIMPLE(RSA, e, BIGNUM),
-	ASN1_SIMPLE(RSA, d, BIGNUM),
-	ASN1_SIMPLE(RSA, p, BIGNUM),
-	ASN1_SIMPLE(RSA, q, BIGNUM),
-	ASN1_SIMPLE(RSA, dmp1, BIGNUM),
-	ASN1_SIMPLE(RSA, dmq1, BIGNUM),
-	ASN1_SIMPLE(RSA, iqmp, BIGNUM)
-} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
-
-
-ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
-	ASN1_SIMPLE(RSA, n, BIGNUM),
-	ASN1_SIMPLE(RSA, e, BIGNUM),
-} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
-
-RSA *RSAPublicKey_dup(RSA *rsa)
-	{
-	return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
-	}
-
-RSA *RSAPrivateKey_dup(RSA *rsa)
-	{
-	return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
-	}
diff --git a/crypto/openssl/crypto/rsa/rsa_chk.c b/crypto/openssl/crypto/rsa/rsa_chk.c
deleted file mode 100644
index 002f2cb48722..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_chk.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* crypto/rsa/rsa_chk.c  -*- Mode: C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-
-int RSA_check_key(const RSA *key)
-	{
-	BIGNUM *i, *j, *k, *l, *m;
-	BN_CTX *ctx;
-	int r;
-	int ret=1;
-	
-	i = BN_new();
-	j = BN_new();
-	k = BN_new();
-	l = BN_new();
-	m = BN_new();
-	ctx = BN_CTX_new();
-	if (i == NULL || j == NULL || k == NULL || l == NULL ||
-		m == NULL || ctx == NULL)
-		{
-		ret = -1;
-		RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	
-	/* p prime? */
-	r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL);
-	if (r != 1)
-		{
-		ret = r;
-		if (r != 0)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
-		}
-	
-	/* q prime? */
-	r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL);
-	if (r != 1)
-		{
-		ret = r;
-		if (r != 0)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
-		}
-	
-	/* n = p*q? */
-	r = BN_mul(i, key->p, key->q, ctx);
-	if (!r) { ret = -1; goto err; }
-	
-	if (BN_cmp(i, key->n) != 0)
-		{
-		ret = 0;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
-		}
-	
-	/* d*e = 1  mod lcm(p-1,q-1)? */
-
-	r = BN_sub(i, key->p, BN_value_one());
-	if (!r) { ret = -1; goto err; }
-	r = BN_sub(j, key->q, BN_value_one());
-	if (!r) { ret = -1; goto err; }
-
-	/* now compute k = lcm(i,j) */
-	r = BN_mul(l, i, j, ctx);
-	if (!r) { ret = -1; goto err; }
-	r = BN_gcd(m, i, j, ctx);
-	if (!r) { ret = -1; goto err; }
-	r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
-	if (!r) { ret = -1; goto err; }
-
-	r = BN_mod_mul(i, key->d, key->e, k, ctx);
-	if (!r) { ret = -1; goto err; }
-
-	if (!BN_is_one(i))
-		{
-		ret = 0;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
-		}
-	
-	if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL)
-		{
-		/* dmp1 = d mod (p-1)? */
-		r = BN_sub(i, key->p, BN_value_one());
-		if (!r) { ret = -1; goto err; }
-
-		r = BN_mod(j, key->d, i, ctx);
-		if (!r) { ret = -1; goto err; }
-
-		if (BN_cmp(j, key->dmp1) != 0)
-			{
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-				RSA_R_DMP1_NOT_CONGRUENT_TO_D);
-			}
-	
-		/* dmq1 = d mod (q-1)? */    
-		r = BN_sub(i, key->q, BN_value_one());
-		if (!r) { ret = -1; goto err; }
-	
-		r = BN_mod(j, key->d, i, ctx);
-		if (!r) { ret = -1; goto err; }
-
-		if (BN_cmp(j, key->dmq1) != 0)
-			{
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-				RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
-			}
-	
-		/* iqmp = q^-1 mod p? */
-		if(!BN_mod_inverse(i, key->q, key->p, ctx))
-			{
-			ret = -1;
-			goto err;
-			}
-
-		if (BN_cmp(i, key->iqmp) != 0)
-			{
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-				RSA_R_IQMP_NOT_INVERSE_OF_Q);
-			}
-		}
-
- err:
-	if (i != NULL) BN_free(i);
-	if (j != NULL) BN_free(j);
-	if (k != NULL) BN_free(k);
-	if (l != NULL) BN_free(l);
-	if (m != NULL) BN_free(m);
-	if (ctx != NULL) BN_CTX_free(ctx);
-	return (ret);
-	}
diff --git a/crypto/openssl/crypto/rsa/rsa_err.c b/crypto/openssl/crypto/rsa/rsa_err.c
deleted file mode 100644
index a7766c3b762e..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/rsa/rsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA RSA_str_functs[]=
-	{
-{ERR_PACK(0,RSA_F_MEMORY_LOCK,0),	"MEMORY_LOCK"},
-{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0),	"RSA_check_key"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0),	"RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0),	"RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0),	"RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0),	"RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0),	"RSA_generate_key"},
-{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0),	"RSA_new_method"},
-{ERR_PACK(0,RSA_F_RSA_NULL,0),	"RSA_NULL"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0),	"RSA_padding_add_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0),	"RSA_padding_add_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0),	"RSA_padding_add_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0),	"RSA_padding_add_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0),	"RSA_padding_add_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0),	"RSA_padding_check_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0),	"RSA_padding_check_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0),	"RSA_padding_check_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0),	"RSA_padding_check_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0),	"RSA_padding_check_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PRINT,0),	"RSA_print"},
-{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0),	"RSA_print_fp"},
-{ERR_PACK(0,RSA_F_RSA_SIGN,0),	"RSA_sign"},
-{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0),	"RSA_sign_ASN1_OCTET_STRING"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY,0),	"RSA_verify"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0),	"RSA_verify_ASN1_OCTET_STRING"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA RSA_str_reasons[]=
-	{
-{RSA_R_ALGORITHM_MISMATCH                ,"algorithm mismatch"},
-{RSA_R_BAD_E_VALUE                       ,"bad e value"},
-{RSA_R_BAD_FIXED_HEADER_DECRYPT          ,"bad fixed header decrypt"},
-{RSA_R_BAD_PAD_BYTE_COUNT                ,"bad pad byte count"},
-{RSA_R_BAD_SIGNATURE                     ,"bad signature"},
-{RSA_R_BLOCK_TYPE_IS_NOT_01              ,"block type is not 01"},
-{RSA_R_BLOCK_TYPE_IS_NOT_02              ,"block type is not 02"},
-{RSA_R_DATA_GREATER_THAN_MOD_LEN         ,"data greater than mod len"},
-{RSA_R_DATA_TOO_LARGE                    ,"data too large"},
-{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
-{RSA_R_DATA_TOO_LARGE_FOR_MODULUS        ,"data too large for modulus"},
-{RSA_R_DATA_TOO_SMALL                    ,"data too small"},
-{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE       ,"data too small for key size"},
-{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
-{RSA_R_DMP1_NOT_CONGRUENT_TO_D           ,"dmp1 not congruent to d"},
-{RSA_R_DMQ1_NOT_CONGRUENT_TO_D           ,"dmq1 not congruent to d"},
-{RSA_R_D_E_NOT_CONGRUENT_TO_1            ,"d e not congruent to 1"},
-{RSA_R_INVALID_MESSAGE_LENGTH            ,"invalid message length"},
-{RSA_R_IQMP_NOT_INVERSE_OF_Q             ,"iqmp not inverse of q"},
-{RSA_R_KEY_SIZE_TOO_SMALL                ,"key size too small"},
-{RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
-{RSA_R_N_DOES_NOT_EQUAL_P_Q              ,"n does not equal p q"},
-{RSA_R_OAEP_DECODING_ERROR               ,"oaep decoding error"},
-{RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
-{RSA_R_P_NOT_PRIME                       ,"p not prime"},
-{RSA_R_Q_NOT_PRIME                       ,"q not prime"},
-{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED      ,"rsa operations not supported"},
-{RSA_R_SSLV3_ROLLBACK_ATTACK             ,"sslv3 rollback attack"},
-{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{RSA_R_UNKNOWN_ALGORITHM_TYPE            ,"unknown algorithm type"},
-{RSA_R_UNKNOWN_PADDING_TYPE              ,"unknown padding type"},
-{RSA_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_RSA_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
-		ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/rsa/rsa_gen.c b/crypto/openssl/crypto/rsa/rsa_gen.c
deleted file mode 100644
index 00c25adbc588..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_gen.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* crypto/rsa/rsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-
-RSA *RSA_generate_key(int bits, unsigned long e_value,
-	     void (*callback)(int,int,void *), void *cb_arg)
-	{
-	RSA *rsa=NULL;
-	BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
-	int bitsp,bitsq,ok= -1,n=0,i;
-	BN_CTX *ctx=NULL,*ctx2=NULL;
-
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	ctx2=BN_CTX_new();
-	if (ctx2 == NULL) goto err;
-	BN_CTX_start(ctx);
-	r0 = BN_CTX_get(ctx);
-	r1 = BN_CTX_get(ctx);
-	r2 = BN_CTX_get(ctx);
-	r3 = BN_CTX_get(ctx);
-	if (r3 == NULL) goto err;
-
-	bitsp=(bits+1)/2;
-	bitsq=bits-bitsp;
-	rsa=RSA_new();
-	if (rsa == NULL) goto err;
-
-	/* set e */ 
-	rsa->e=BN_new();
-	if (rsa->e == NULL) goto err;
-
-#if 1
-	/* The problem is when building with 8, 16, or 32 BN_ULONG,
-	 * unsigned long can be larger */
-	for (i=0; i<sizeof(unsigned long)*8; i++)
-		{
-		if (e_value & (1UL<<i))
-			BN_set_bit(rsa->e,i);
-		}
-#else
-	if (!BN_set_word(rsa->e,e_value)) goto err;
-#endif
-
-	/* generate p and q */
-	for (;;)
-		{
-		rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
-		if (rsa->p == NULL) goto err;
-		if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
-		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
-		if (BN_is_one(r1)) break;
-		if (callback != NULL) callback(2,n++,cb_arg);
-		BN_free(rsa->p);
-		}
-	if (callback != NULL) callback(3,0,cb_arg);
-	for (;;)
-		{
-		rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg);
-		if (rsa->q == NULL) goto err;
-		if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
-		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
-		if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
-			break;
-		if (callback != NULL) callback(2,n++,cb_arg);
-		BN_free(rsa->q);
-		}
-	if (callback != NULL) callback(3,1,cb_arg);
-	if (BN_cmp(rsa->p,rsa->q) < 0)
-		{
-		tmp=rsa->p;
-		rsa->p=rsa->q;
-		rsa->q=tmp;
-		}
-
-	/* calculate n */
-	rsa->n=BN_new();
-	if (rsa->n == NULL) goto err;
-	if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err;
-
-	/* calculate d */
-	if (!BN_sub(r1,rsa->p,BN_value_one())) goto err;	/* p-1 */
-	if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;	/* q-1 */
-	if (!BN_mul(r0,r1,r2,ctx)) goto err;	/* (p-1)(q-1) */
-
-/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
-/*	for (;;)
-		{
-		if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
-		if (BN_is_one(r3)) break;
-
-		if (1)
-			{
-			if (!BN_add_word(rsa->e,2L)) goto err;
-			continue;
-			}
-		RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
-		goto err;
-		}
-*/
-	rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2);	/* d */
-	if (rsa->d == NULL) goto err;
-
-	/* calculate d mod (p-1) */
-	rsa->dmp1=BN_new();
-	if (rsa->dmp1 == NULL) goto err;
-	if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
-
-	/* calculate d mod (q-1) */
-	rsa->dmq1=BN_new();
-	if (rsa->dmq1 == NULL) goto err;
-	if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
-
-	/* calculate inverse of q mod p */
-	rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
-	if (rsa->iqmp == NULL) goto err;
-
-	ok=1;
-err:
-	if (ok == -1)
-		{
-		RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
-		ok=0;
-		}
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	BN_CTX_free(ctx2);
-	
-	if (!ok)
-		{
-		if (rsa != NULL) RSA_free(rsa);
-		return(NULL);
-		}
-	else
-		return(rsa);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_none.c b/crypto/openssl/crypto/rsa/rsa_none.c
deleted file mode 100644
index e6f3e627ca1a..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_none.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/rsa/rsa_none.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_none(unsigned char *to, int tlen,
-	const unsigned char *from, int flen)
-	{
-	if (flen > tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return(0);
-		}
-
-	if (flen < tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
-		return(0);
-		}
-	
-	memcpy(to,from,(unsigned int)flen);
-	return(1);
-	}
-
-int RSA_padding_check_none(unsigned char *to, int tlen,
-	const unsigned char *from, int flen, int num)
-	{
-
-	if (flen > tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
-		return(-1);
-		}
-
-	memset(to,0,tlen-flen);
-	memcpy(to+tlen-flen,from,flen);
-	return(tlen);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_null.c b/crypto/openssl/crypto/rsa/rsa_null.c
deleted file mode 100644
index 64057fbdcf7b..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_null.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* rsa_null.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-/* This is a dummy RSA implementation that just returns errors when called.
- * It is designed to allow some RSA functions to work while stopping those
- * covered by the RSA patent. That is RSA, encryption, decryption, signing
- * and verify is not allowed but RSA key generation, key checking and other
- * operations (like storing RSA keys) are permitted.
- */
-
-static int RSA_null_public_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-static int RSA_null_private_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-static int RSA_null_public_decrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-static int RSA_null_private_decrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
-#if 0 /* not currently used */
-static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa);
-#endif
-static int RSA_null_init(RSA *rsa);
-static int RSA_null_finish(RSA *rsa);
-static RSA_METHOD rsa_null_meth={
-	"Null RSA",
-	RSA_null_public_encrypt,
-	RSA_null_public_decrypt,
-	RSA_null_private_encrypt,
-	RSA_null_private_decrypt,
-	NULL,
-	NULL,
-	RSA_null_init,
-	RSA_null_finish,
-	0,
-	NULL,
-	};
-
-const RSA_METHOD *RSA_null_method(void)
-	{
-	return(&rsa_null_meth);
-	}
-
-static int RSA_null_public_encrypt(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-	return -1;
-	}
-
-static int RSA_null_private_encrypt(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-	return -1;
-	}
-
-static int RSA_null_private_decrypt(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-	return -1;
-	}
-
-static int RSA_null_public_decrypt(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-	return -1;
-	}
-
-#if 0 /* not currently used */
-static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
-	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-	return -1;
-	}
-#endif
-
-static int RSA_null_init(RSA *rsa)
-	{
-	return(1);
-	}
-
-static int RSA_null_finish(RSA *rsa)
-	{
-	return(1);
-	}
-
-
diff --git a/crypto/openssl/crypto/rsa/rsa_oaep.c b/crypto/openssl/crypto/rsa/rsa_oaep.c
deleted file mode 100644
index e3f7c608ec8c..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_oaep.c
+++ /dev/null
@@ -1,206 +0,0 @@
-/* crypto/rsa/rsa_oaep.c */
-/* Written by Ulf Moeller. This software is distributed on an "AS IS"
-   basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
-
-/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
-
-/* See Victor Shoup, "OAEP reconsidered," Nov. 2000,
- * <URL: http://www.shoup.net/papers/oaep.ps.Z>
- * for problems with the security proof for the
- * original OAEP scheme, which EME-OAEP is based on.
- * 
- * A new proof can be found in E. Fujisaki, T. Okamoto,
- * D. Pointcheval, J. Stern, "RSA-OEAP is Still Alive!",
- * Dec. 2000, <URL: http://eprint.iacr.org/2000/061/>.
- * The new proof has stronger requirements for the
- * underlying permutation: "partial-one-wayness" instead
- * of one-wayness.  For the RSA function, this is
- * an equivalent notion.
- */
-
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-int MGF1(unsigned char *mask, long len,
-	const unsigned char *seed, long seedlen);
-
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-	const unsigned char *from, int flen,
-	const unsigned char *param, int plen)
-	{
-	int i, emlen = tlen - 1;
-	unsigned char *db, *seed;
-	unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
-
-	if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
-		   RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-		}
-
-	if (emlen < 2 * SHA_DIGEST_LENGTH + 1)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL);
-		return 0;
-		}
-
-	dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
-	if (dbmask == NULL)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-
-	to[0] = 0;
-	seed = to + 1;
-	db = to + SHA_DIGEST_LENGTH + 1;
-
-	EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
-	memset(db + SHA_DIGEST_LENGTH, 0,
-		emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
-	db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
-	memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
-	if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
-		return 0;
-#ifdef PKCS_TESTVECT
-	memcpy(seed,
-	   "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
-	   20);
-#endif
-
-	MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
-	for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
-		db[i] ^= dbmask[i];
-
-	MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
-	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
-		seed[i] ^= seedmask[i];
-
-	OPENSSL_free(dbmask);
-	return 1;
-	}
-
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-	const unsigned char *from, int flen, int num,
-	const unsigned char *param, int plen)
-	{
-	int i, dblen, mlen = -1;
-	const unsigned char *maskeddb;
-	int lzero;
-	unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
-	int bad = 0;
-
-	if (--num < 2 * SHA_DIGEST_LENGTH + 1)
-		/* 'num' is the length of the modulus, i.e. does not depend on the
-		 * particular ciphertext. */
-		goto decoding_err;
-
-	lzero = num - flen;
-	if (lzero < 0)
-		{
-		/* lzero == -1 */
-
-		/* signalling this error immediately after detection might allow
-		 * for side-channel attacks (e.g. timing if 'plen' is huge
-		 * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal
-		 * Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001),
-		 * so we use a 'bad' flag */
-		bad = 1;
-		lzero = 0;
-		}
-	maskeddb = from - lzero + SHA_DIGEST_LENGTH;
-
-	dblen = num - SHA_DIGEST_LENGTH;
-	db = OPENSSL_malloc(dblen);
-	if (db == NULL)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
-		return -1;
-		}
-
-	MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
-	for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
-		seed[i] ^= from[i - lzero];
-  
-	MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
-	for (i = 0; i < dblen; i++)
-		db[i] ^= maskeddb[i];
-
-	EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
-
-	if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
-		goto decoding_err;
-	else
-		{
-		for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
-			if (db[i] != 0x00)
-				break;
-		if (db[i] != 0x01 || i++ >= dblen)
-			goto decoding_err;
-		else
-			{
-			/* everything looks OK */
-
-			mlen = dblen - i;
-			if (tlen < mlen)
-				{
-				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
-				mlen = -1;
-				}
-			else
-				memcpy(to, db + i, mlen);
-			}
-		}
-	OPENSSL_free(db);
-	return mlen;
-
-decoding_err:
-	/* to avoid chosen ciphertext attacks, the error message should not reveal
-	 * which kind of decoding error happened */
-	RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
-	if (db != NULL) OPENSSL_free(db);
-	return -1;
-	}
-
-int MGF1(unsigned char *mask, long len,
-	const unsigned char *seed, long seedlen)
-	{
-	long i, outlen = 0;
-	unsigned char cnt[4];
-	EVP_MD_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-
-	EVP_MD_CTX_init(&c);
-	for (i = 0; outlen < len; i++)
-		{
-		cnt[0] = (unsigned char)((i >> 24) & 255);
-		cnt[1] = (unsigned char)((i >> 16) & 255);
-		cnt[2] = (unsigned char)((i >> 8)) & 255;
-		cnt[3] = (unsigned char)(i & 255);
-		EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
-		EVP_DigestUpdate(&c, seed, seedlen);
-		EVP_DigestUpdate(&c, cnt, 4);
-		if (outlen + SHA_DIGEST_LENGTH <= len)
-			{
-			EVP_DigestFinal_ex(&c, mask + outlen, NULL);
-			outlen += SHA_DIGEST_LENGTH;
-			}
-		else
-			{
-			EVP_DigestFinal_ex(&c, md, NULL);
-			memcpy(mask + outlen, md, len - outlen);
-			outlen = len;
-			}
-		}
-	EVP_MD_CTX_cleanup(&c);
-	return 0;
-	}
-#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_oaep_test.c b/crypto/openssl/crypto/rsa/rsa_oaep_test.c
deleted file mode 100644
index 0d4e39d3dab1..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_oaep_test.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/* test vectors from p1ovect1.txt */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "openssl/e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#ifdef NO_RSA
-int main(int argc, char *argv[])
-{
-    printf("No RSA support\n");
-    return(0);
-}
-#else
-#include <openssl/rsa.h>
-
-#define SetKey \
-  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
-  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
-  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
-  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
-  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
-  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
-  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
-  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
-  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
-  return (sizeof(ctext_ex) - 1);
-
-static int key1(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
-"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
-"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
-"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
-"\xF5";
-
-    static unsigned char e[] = "\x11";
-
-    static unsigned char d[] =
-"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
-"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
-"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
-"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
-
-    static unsigned char p[] =
-"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
-"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
-"\x0D";
-    
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
-"\x89";
-
-    static unsigned char dmp1[] =
-"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
-"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
-
-    static unsigned char dmq1[] =
-"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
-"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
-"\x51";
-
-    static unsigned char iqmp[] =
-"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
-"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
-
-    static unsigned char ctext_ex[] =
-"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
-"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
-"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
-"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
-
-    SetKey;
-    }
-
-static int key2(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
-"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
-"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
-"\x34\x77\xCF";
-
-    static unsigned char e[] = "\x3";
-
-    static unsigned char d[] =
-"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
-"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
-"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
-"\xE5\xEB";
-
-    static unsigned char p[] =
-"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
-"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
-
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
-    
-    static unsigned char dmp1[] =
-"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
-"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
-
-    static unsigned char dmq1[] =
-"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
-"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
-
-    static unsigned char iqmp[] =
-"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
-"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
-
-    static unsigned char ctext_ex[] =
-"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
-"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
-"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
-"\x62\x51";
-
-    SetKey;
-    }
-
-static int key3(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
-"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
-"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
-"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
-"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
-"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
-"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
-"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
-"\xCB";
-
-    static unsigned char e[] = "\x11";
-
-    static unsigned char d[] =
-"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
-"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
-"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
-"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
-"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
-"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
-"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
-"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
-"\xC1";
-
-    static unsigned char p[] =
-"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
-"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
-"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
-"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
-"\x99";
-
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
-"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
-"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
-"\x03";
-
-    static unsigned char dmp1[] =
-"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
-"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
-"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
-"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
-
-    static unsigned char dmq1[] =
-"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
-"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
-"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
-"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
-    
-    static unsigned char iqmp[] =
-"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
-"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
-"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
-"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
-"\xF7";
-
-    static unsigned char ctext_ex[] =
-"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
-"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
-"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
-"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
-"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
-"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
-"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
-"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
-
-    SetKey;
-    }
-
-static int pad_unknown(void)
-{
-    unsigned long l;
-    while ((l = ERR_get_error()) != 0)
-      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
-	return(1);
-    return(0);
-}
-
-int main() 
-    {
-    int err=0;
-    int v;
-    RSA *key;
-    unsigned char ptext[256];
-    unsigned char ctext[256];
-    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
-    unsigned char ctext_ex[256];
-    int plen;
-    int clen = 0;
-    int num;
-
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-	
-    plen = sizeof(ptext_ex) - 1;
-
-    for (v = 0; v < 3; v++)
-	{
-	key = RSA_new();
-	switch (v) {
-    case 0:
-	clen = key1(key, ctext_ex);
-	break;
-    case 1:
-	clen = key2(key, ctext_ex);
-	break;
-    case 2:
-	clen = key3(key, ctext_ex);
-	break;
-	}
-
-	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
-				 RSA_PKCS1_PADDING);
-	if (num != clen)
-	    {
-	    printf("PKCS#1 v1.5 encryption failed!\n");
-	    err=1;
-	    goto oaep;
-	    }
-  
-	num = RSA_private_decrypt(num, ctext, ptext, key,
-				  RSA_PKCS1_PADDING);
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("PKCS#1 v1.5 decryption failed!\n");
-	    err=1;
-	    }
-	else
-	    printf("PKCS #1 v1.5 encryption/decryption ok\n");
-
-    oaep:
-	ERR_clear_error();
-	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
-				 RSA_PKCS1_OAEP_PADDING);
-	if (num == -1 && pad_unknown())
-	    {
-	    printf("No OAEP support\n");
-	    goto next;
-	    }
-	if (num != clen)
-	    {
-	    printf("OAEP encryption failed!\n");
-	    err=1;
-	    goto next;
-	    }
-  
-	num = RSA_private_decrypt(num, ctext, ptext, key,
-				  RSA_PKCS1_OAEP_PADDING);
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("OAEP decryption (encrypted data) failed!\n");
-	    err=1;
-	    }
-	else if (memcmp(ctext, ctext_ex, num) == 0)
-	    {
-	    printf("OAEP test vector %d passed!\n", v);
-	    goto next;
-	    }
-    
-	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
-	   Try decrypting ctext_ex */
-
-	num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
-				  RSA_PKCS1_OAEP_PADDING);
-
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("OAEP decryption (test vector data) failed!\n");
-	    err=1;
-	    }
-	else
-	    printf("OAEP encryption/decryption ok\n");
-    next:
-	RSA_free(key);
-	}
-
-    ERR_remove_state(0);
-
-    CRYPTO_mem_leaks_fp(stdout);
-
-    return err;
-    }
-#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_pk1.c b/crypto/openssl/crypto/rsa/rsa_pk1.c
deleted file mode 100644
index 8560755f1d12..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_pk1.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/rsa/rsa_pk1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-	     const unsigned char *from, int flen)
-	{
-	int j;
-	unsigned char *p;
-
-	if (flen > (tlen-RSA_PKCS1_PADDING_SIZE))
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return(0);
-		}
-	
-	p=(unsigned char *)to;
-
-	*(p++)=0;
-	*(p++)=1; /* Private Key BT (Block Type) */
-
-	/* pad out with 0xff data */
-	j=tlen-3-flen;
-	memset(p,0xff,j);
-	p+=j;
-	*(p++)='\0';
-	memcpy(p,from,(unsigned int)flen);
-	return(1);
-	}
-
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-	     const unsigned char *from, int flen, int num)
-	{
-	int i,j;
-	const unsigned char *p;
-
-	p=from;
-	if ((num != (flen+1)) || (*(p++) != 01))
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
-		return(-1);
-		}
-
-	/* scan over padding data */
-	j=flen-1; /* one for type. */
-	for (i=0; i<j; i++)
-		{
-		if (*p != 0xff) /* should decrypt to 0xff */
-			{
-			if (*p == 0)
-				{ p++; break; }
-			else	{
-				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
-				return(-1);
-				}
-			}
-		p++;
-		}
-
-	if (i == j)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return(-1);
-		}
-
-	if (i < 8)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
-		return(-1);
-		}
-	i++; /* Skip over the '\0' */
-	j-=i;
-	if (j > tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
-		return(-1);
-		}
-	memcpy(to,p,(unsigned int)j);
-
-	return(j);
-	}
-
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-	     const unsigned char *from, int flen)
-	{
-	int i,j;
-	unsigned char *p;
-	
-	if (flen > (tlen-11))
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return(0);
-		}
-	
-	p=(unsigned char *)to;
-
-	*(p++)=0;
-	*(p++)=2; /* Public Key BT (Block Type) */
-
-	/* pad out with non-zero random data */
-	j=tlen-3-flen;
-
-	if (RAND_bytes(p,j) <= 0)
-		return(0);
-	for (i=0; i<j; i++)
-		{
-		if (*p == '\0')
-			do	{
-				if (RAND_bytes(p,1) <= 0)
-					return(0);
-				} while (*p == '\0');
-		p++;
-		}
-
-	*(p++)='\0';
-
-	memcpy(p,from,(unsigned int)flen);
-	return(1);
-	}
-
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-	     const unsigned char *from, int flen, int num)
-	{
-	int i,j;
-	const unsigned char *p;
-
-	p=from;
-	if ((num != (flen+1)) || (*(p++) != 02))
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
-		return(-1);
-		}
-#ifdef PKCS1_CHECK
-	return(num-11);
-#endif
-
-	/* scan over padding data */
-	j=flen-1; /* one for type. */
-	for (i=0; i<j; i++)
-		if (*(p++) == 0) break;
-
-	if (i == j)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return(-1);
-		}
-
-	if (i < 8)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
-		return(-1);
-		}
-	i++; /* Skip over the '\0' */
-	j-=i;
-	if (j > tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
-		return(-1);
-		}
-	memcpy(to,p,(unsigned int)j);
-
-	return(j);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_saos.c b/crypto/openssl/crypto/rsa/rsa_saos.c
deleted file mode 100644
index f462716a57f2..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_saos.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/* crypto/rsa/rsa_saos.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int RSA_sign_ASN1_OCTET_STRING(int type,
-	const unsigned char *m, unsigned int m_len,
-	unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-	{
-	ASN1_OCTET_STRING sig;
-	int i,j,ret=1;
-	unsigned char *p,*s;
-
-	sig.type=V_ASN1_OCTET_STRING;
-	sig.length=m_len;
-	sig.data=(unsigned char *)m;
-
-	i=i2d_ASN1_OCTET_STRING(&sig,NULL);
-	j=RSA_size(rsa);
-	if (i > (j-RSA_PKCS1_PADDING_SIZE))
-		{
-		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-		return(0);
-		}
-	s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
-	if (s == NULL)
-		{
-		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	p=s;
-	i2d_ASN1_OCTET_STRING(&sig,&p);
-	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
-	if (i <= 0)
-		ret=0;
-	else
-		*siglen=i;
-
-	OPENSSL_cleanse(s,(unsigned int)j+1);
-	OPENSSL_free(s);
-	return(ret);
-	}
-
-int RSA_verify_ASN1_OCTET_STRING(int dtype,
-	const unsigned char *m,
-	unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-	RSA *rsa)
-	{
-	int i,ret=0;
-	unsigned char *p,*s;
-	ASN1_OCTET_STRING *sig=NULL;
-
-	if (siglen != (unsigned int)RSA_size(rsa))
-		{
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
-		return(0);
-		}
-
-	s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
-	if (s == NULL)
-		{
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
-
-	if (i <= 0) goto err;
-
-	p=s;
-	sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
-	if (sig == NULL) goto err;
-
-	if (	((unsigned int)sig->length != m_len) ||
-		(memcmp(m,sig->data,m_len) != 0))
-		{
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
-		}
-	else
-		ret=1;
-err:
-	if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
-	OPENSSL_cleanse(s,(unsigned int)siglen);
-	OPENSSL_free(s);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_sign.c b/crypto/openssl/crypto/rsa/rsa_sign.c
deleted file mode 100644
index 9dd62ac956ba..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_sign.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/* crypto/rsa/rsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* Size of an SSL signature: MD5+SHA1 */
-#define SSL_SIG_LENGTH	36
-
-int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
-	     unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-	{
-	X509_SIG sig;
-	ASN1_TYPE parameter;
-	int i,j,ret=1;
-	unsigned char *p, *tmps = NULL;
-	const unsigned char *s = NULL;
-	X509_ALGOR algor;
-	ASN1_OCTET_STRING digest;
-#ifndef OPENSSL_NO_ENGINE
-	if((rsa->flags & RSA_FLAG_SIGN_VER)
-	      && ENGINE_get_RSA(rsa->engine)->rsa_sign)
-	      return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
-			m, m_len, sigret, siglen, rsa);
-#endif
-	/* Special case: SSL signature, just check the length */
-	if(type == NID_md5_sha1) {
-		if(m_len != SSL_SIG_LENGTH) {
-			RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
-			return(0);
-		}
-		i = SSL_SIG_LENGTH;
-		s = m;
-	} else {
-		sig.algor= &algor;
-		sig.algor->algorithm=OBJ_nid2obj(type);
-		if (sig.algor->algorithm == NULL)
-			{
-			RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
-			return(0);
-			}
-		if (sig.algor->algorithm->length == 0)
-			{
-			RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-			return(0);
-			}
-		parameter.type=V_ASN1_NULL;
-		parameter.value.ptr=NULL;
-		sig.algor->parameter= &parameter;
-
-		sig.digest= &digest;
-		sig.digest->data=(unsigned char *)m; /* TMP UGLY CAST */
-		sig.digest->length=m_len;
-
-		i=i2d_X509_SIG(&sig,NULL);
-	}
-	j=RSA_size(rsa);
-	if (i > (j-RSA_PKCS1_PADDING_SIZE))
-		{
-		RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-		return(0);
-		}
-	if(type != NID_md5_sha1) {
-		tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
-		if (tmps == NULL)
-			{
-			RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		p=tmps;
-		i2d_X509_SIG(&sig,&p);
-		s=tmps;
-	}
-	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
-	if (i <= 0)
-		ret=0;
-	else
-		*siglen=i;
-
-	if(type != NID_md5_sha1) {
-		OPENSSL_cleanse(tmps,(unsigned int)j+1);
-		OPENSSL_free(tmps);
-	}
-	return(ret);
-	}
-
-int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
-	     unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
-	{
-	int i,ret=0,sigtype;
-	unsigned char *p,*s;
-	X509_SIG *sig=NULL;
-
-	if (siglen != (unsigned int)RSA_size(rsa))
-		{
-		RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
-		return(0);
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-	if((rsa->flags & RSA_FLAG_SIGN_VER)
-	    && ENGINE_get_RSA(rsa->engine)->rsa_verify)
-	    return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
-			m, m_len, sigbuf, siglen, rsa);
-#endif
-
-	s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
-	if (s == NULL)
-		{
-		RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
-			RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
-			return(0);
-	}
-	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
-
-	if (i <= 0) goto err;
-
-	/* Special case: SSL signature */
-	if(dtype == NID_md5_sha1) {
-		if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
-				RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
-		else ret = 1;
-	} else {
-		p=s;
-		sig=d2i_X509_SIG(NULL,&p,(long)i);
-
-		if (sig == NULL) goto err;
-		sigtype=OBJ_obj2nid(sig->algor->algorithm);
-
-
-	#ifdef RSA_DEBUG
-		/* put a backward compatibility flag in EAY */
-		fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
-			OBJ_nid2ln(dtype));
-	#endif
-		if (sigtype != dtype)
-			{
-			if (((dtype == NID_md5) &&
-				(sigtype == NID_md5WithRSAEncryption)) ||
-				((dtype == NID_md2) &&
-				(sigtype == NID_md2WithRSAEncryption)))
-				{
-				/* ok, we will let it through */
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-				fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
-#endif
-				}
-			else
-				{
-				RSAerr(RSA_F_RSA_VERIFY,
-						RSA_R_ALGORITHM_MISMATCH);
-				goto err;
-				}
-			}
-		if (	((unsigned int)sig->digest->length != m_len) ||
-			(memcmp(m,sig->digest->data,m_len) != 0))
-			{
-			RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
-			}
-		else
-			ret=1;
-	}
-err:
-	if (sig != NULL) X509_SIG_free(sig);
-	OPENSSL_cleanse(s,(unsigned int)siglen);
-	OPENSSL_free(s);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_ssl.c b/crypto/openssl/crypto/rsa/rsa_ssl.c
deleted file mode 100644
index ea72629494cf..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_ssl.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/rsa/rsa_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-	const unsigned char *from, int flen)
-	{
-	int i,j;
-	unsigned char *p;
-	
-	if (flen > (tlen-11))
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return(0);
-		}
-	
-	p=(unsigned char *)to;
-
-	*(p++)=0;
-	*(p++)=2; /* Public Key BT (Block Type) */
-
-	/* pad out with non-zero random data */
-	j=tlen-3-8-flen;
-
-	if (RAND_bytes(p,j) <= 0)
-		return(0);
-	for (i=0; i<j; i++)
-		{
-		if (*p == '\0')
-			do	{
-				if (RAND_bytes(p,1) <= 0)
-					return(0);
-				} while (*p == '\0');
-		p++;
-		}
-
-	memset(p,3,8);
-	p+=8;
-	*(p++)='\0';
-
-	memcpy(p,from,(unsigned int)flen);
-	return(1);
-	}
-
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-	const unsigned char *from, int flen, int num)
-	{
-	int i,j,k;
-	const unsigned char *p;
-
-	p=from;
-	if (flen < 10)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
-		return(-1);
-		}
-	if ((num != (flen+1)) || (*(p++) != 02))
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
-		return(-1);
-		}
-
-	/* scan over padding data */
-	j=flen-1; /* one for type */
-	for (i=0; i<j; i++)
-		if (*(p++) == 0) break;
-
-	if ((i == j) || (i < 8))
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return(-1);
-		}
-	for (k= -8; k<0; k++)
-		{
-		if (p[k] !=  0x03) break;
-		}
-	if (k == -1)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
-		return(-1);
-		}
-
-	i++; /* Skip over the '\0' */
-	j-=i;
-	if (j > tlen)
-		{
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
-		return(-1);
-		}
-	memcpy(to,p,(unsigned int)j);
-
-	return(j);
-	}
-
diff --git a/crypto/openssl/crypto/rsa/rsa_test.c b/crypto/openssl/crypto/rsa/rsa_test.c
deleted file mode 100644
index 99abb1fde782..000000000000
--- a/crypto/openssl/crypto/rsa/rsa_test.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* test vectors from p1ovect1.txt */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#ifdef OPENSSL_NO_RSA
-int main(int argc, char *argv[])
-{
-    printf("No RSA support\n");
-    return(0);
-}
-#else
-#include <openssl/rsa.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#define SetKey \
-  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
-  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
-  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
-  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
-  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
-  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
-  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
-  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
-  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
-  return (sizeof(ctext_ex) - 1);
-
-static int key1(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
-"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
-"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
-"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
-"\xF5";
-
-    static unsigned char e[] = "\x11";
-
-    static unsigned char d[] =
-"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
-"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
-"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
-"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
-
-    static unsigned char p[] =
-"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
-"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
-"\x0D";
-    
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
-"\x89";
-
-    static unsigned char dmp1[] =
-"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
-"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
-
-    static unsigned char dmq1[] =
-"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
-"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
-"\x51";
-
-    static unsigned char iqmp[] =
-"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
-"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
-
-    static unsigned char ctext_ex[] =
-"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
-"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
-"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
-"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
-
-    SetKey;
-    }
-
-static int key2(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
-"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
-"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
-"\x34\x77\xCF";
-
-    static unsigned char e[] = "\x3";
-
-    static unsigned char d[] =
-"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
-"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
-"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
-"\xE5\xEB";
-
-    static unsigned char p[] =
-"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
-"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
-
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
-    
-    static unsigned char dmp1[] =
-"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
-"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
-
-    static unsigned char dmq1[] =
-"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
-"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
-
-    static unsigned char iqmp[] =
-"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
-"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
-
-    static unsigned char ctext_ex[] =
-"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
-"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
-"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
-"\x62\x51";
-
-    SetKey;
-    }
-
-static int key3(RSA *key, unsigned char *c)
-    {
-    static unsigned char n[] =
-"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
-"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
-"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
-"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
-"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
-"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
-"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
-"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
-"\xCB";
-
-    static unsigned char e[] = "\x11";
-
-    static unsigned char d[] =
-"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
-"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
-"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
-"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
-"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
-"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
-"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
-"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
-"\xC1";
-
-    static unsigned char p[] =
-"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
-"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
-"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
-"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
-"\x99";
-
-    static unsigned char q[] =
-"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
-"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
-"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
-"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
-"\x03";
-
-    static unsigned char dmp1[] =
-"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
-"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
-"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
-"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
-
-    static unsigned char dmq1[] =
-"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
-"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
-"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
-"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
-    
-    static unsigned char iqmp[] =
-"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
-"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
-"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
-"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
-"\xF7";
-
-    static unsigned char ctext_ex[] =
-"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
-"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
-"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
-"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
-"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
-"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
-"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
-"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
-
-    SetKey;
-    }
-
-static int pad_unknown(void)
-{
-    unsigned long l;
-    while ((l = ERR_get_error()) != 0)
-      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
-	return(1);
-    return(0);
-}
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-int main(int argc, char *argv[])
-    {
-    int err=0;
-    int v;
-    RSA *key;
-    unsigned char ptext[256];
-    unsigned char ctext[256];
-    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
-    unsigned char ctext_ex[256];
-    int plen;
-    int clen = 0;
-    int num;
-
-    CRYPTO_malloc_debug_init();
-    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
-
-    plen = sizeof(ptext_ex) - 1;
-
-    for (v = 0; v < 3; v++)
-	{
-	key = RSA_new();
-	switch (v) {
-    case 0:
-	clen = key1(key, ctext_ex);
-	break;
-    case 1:
-	clen = key2(key, ctext_ex);
-	break;
-    case 2:
-	clen = key3(key, ctext_ex);
-	break;
-	}
-
-	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
-				 RSA_PKCS1_PADDING);
-	if (num != clen)
-	    {
-	    printf("PKCS#1 v1.5 encryption failed!\n");
-	    err=1;
-	    goto oaep;
-	    }
-  
-	num = RSA_private_decrypt(num, ctext, ptext, key,
-				  RSA_PKCS1_PADDING);
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("PKCS#1 v1.5 decryption failed!\n");
-	    err=1;
-	    }
-	else
-	    printf("PKCS #1 v1.5 encryption/decryption ok\n");
-
-    oaep:
-	ERR_clear_error();
-	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
-				 RSA_PKCS1_OAEP_PADDING);
-	if (num == -1 && pad_unknown())
-	    {
-	    printf("No OAEP support\n");
-	    goto next;
-	    }
-	if (num != clen)
-	    {
-	    printf("OAEP encryption failed!\n");
-	    err=1;
-	    goto next;
-	    }
-  
-	num = RSA_private_decrypt(num, ctext, ptext, key,
-				  RSA_PKCS1_OAEP_PADDING);
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("OAEP decryption (encrypted data) failed!\n");
-	    err=1;
-	    }
-	else if (memcmp(ctext, ctext_ex, num) == 0)
-	    {
-	    printf("OAEP test vector %d passed!\n", v);
-	    goto next;
-	    }
-    
-	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
-	   Try decrypting ctext_ex */
-
-	num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
-				  RSA_PKCS1_OAEP_PADDING);
-
-	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
-	    {
-	    printf("OAEP decryption (test vector data) failed!\n");
-	    err=1;
-	    }
-	else
-	    printf("OAEP encryption/decryption ok\n");
-    next:
-	RSA_free(key);
-	}
-
-    CRYPTO_cleanup_all_ex_data();
-    ERR_remove_state(0);
-
-    CRYPTO_mem_leaks_fp(stderr);
-
-    return err;
-    }
-#endif
diff --git a/crypto/openssl/crypto/sha/Makefile.save b/crypto/openssl/crypto/sha/Makefile.save
deleted file mode 100644
index 75d3e0bf4ff3..000000000000
--- a/crypto/openssl/crypto/sha/Makefile.save
+++ /dev/null
@@ -1,113 +0,0 @@
-#
-# SSLeay/crypto/sha/Makefile
-#
-
-DIR=    sha
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-SHA1_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=shatest.c sha1test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= sha.h
-HEADER= sha_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-# elf
-asm/sx86-elf.o: asm/sx86unix.cpp
-	$(CPP) -DELF -x c asm/sx86unix.cpp | as -o asm/sx86-elf.o
-
-# solaris
-asm/sx86-sol.o: asm/sx86unix.cpp
-	$(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s
-	as -o asm/sx86-sol.o asm/sx86-sol.s
-	rm -f asm/sx86-sol.s
-
-# a.out
-asm/sx86-out.o: asm/sx86unix.cpp
-	$(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
-
-# bsdi
-asm/sx86bsdi.o: asm/sx86unix.cpp
-	$(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
-
-asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/sx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-sha1_one.o: ../../include/openssl/sha.h
-sha1dgst.o: ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha1dgst.o: ../md32_common.h sha_locl.h
-sha_dgst.o: ../../include/openssl/opensslconf.h
-sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha_dgst.o: ../md32_common.h sha_locl.h
-sha_one.o: ../../include/openssl/sha.h
diff --git a/crypto/openssl/crypto/sha/Makefile.ssl b/crypto/openssl/crypto/sha/Makefile.ssl
deleted file mode 100644
index 864645c8b547..000000000000
--- a/crypto/openssl/crypto/sha/Makefile.ssl
+++ /dev/null
@@ -1,115 +0,0 @@
-#
-# SSLeay/crypto/sha/Makefile
-#
-
-DIR=    sha
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-SHA1_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=shatest.c sha1test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= sha.h
-HEADER= sha_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# elf
-asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s)
-
-# a.out
-asm/sx86-out.o: asm/sx86unix.cpp
-	$(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
-
-# bsdi
-asm/sx86bsdi.o: asm/sx86unix.cpp
-	$(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
-
-asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha1_one.o: ../../include/openssl/opensslconf.h
-sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c
-sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
-sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
-sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha_one.o: sha_one.c
diff --git a/crypto/openssl/crypto/sha/Makefile.uni b/crypto/openssl/crypto/sha/Makefile.uni
deleted file mode 100644
index b7ec5caa4e52..000000000000
--- a/crypto/openssl/crypto/sha/Makefile.uni
+++ /dev/null
@@ -1,122 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=    sha
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-
-SHA_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-
-TEST1=shatest
-TEST2=sha1test
-APP1=sha
-APP2=sha1
-
-TEST=$(TEST1) $(TEST2)
-APPS=$(APP1) $(APP2)
-
-LIB=libsha.a
-LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= sha.h
-HEADER= sha_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB): $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-
-# elf
-asm/sx86-elf.o: asm/sx86unix.cpp
-	$(CPP) -DELF asm/sx86unix.cpp | as -o asm/sx86-elf.o
-
-# solaris
-asm/sx86-sol.o: asm/sx86unix.cpp
-	$(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s
-	as -o asm/sx86-sol.o asm/sx86-sol.s
-	rm -f asm/sx86-sol.s
-
-# a.out
-asm/sx86-out.o: asm/sx86unix.cpp
-	$(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
-
-# bsdi
-asm/sx86bsdi.o: asm/sx86unix.cpp
-	$(CPP) -DBSDI asm/sx86unix.cpp | as -o asm/sx86bsdi.o
-
-asm/sx86unix.cpp:
-	(cd asm; perl sha1-586.pl cpp >sx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST1)
-	./$(TEST2)
-
-$(TEST1): $(TEST1).c $(LIB)
-	$(CC) -o $(TEST1) $(CFLAGS) $(TEST1).c $(LIB)
-
-$(TEST2): $(TEST2).c $(LIB)
-	$(CC) -o $(TEST2) $(CFLAGS) $(TEST2).c $(LIB)
-
-$(APP1): $(APP1).c $(LIB)
-	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
-
-$(APP2): $(APP2).c $(LIB)
-	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) SHA_ASM_OBJ="" CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) SHA_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-x86-elf:
-	$(MAKE) SHA_ASM_OBJ="asm/sx86-elf.o" CFLAG="-DELF -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-out:
-	$(MAKE) SHA_ASM_OBJ="asm/sx86-out.o" CFLAG="-DOUT -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-solaris:
-	$(MAKE) SHA_ASM_OBJ="asm/sx86-sol.o" CFLAG="-DSOL -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
-
-x86-bdsi:
-	$(MAKE) SHA_ASM_OBJ="asm/sx86-bdsi.o" CFLAG="-DBDSI -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/crypto/sha/asm/README b/crypto/openssl/crypto/sha/asm/README
deleted file mode 100644
index b7e755765fcc..000000000000
--- a/crypto/openssl/crypto/sha/asm/README
+++ /dev/null
@@ -1 +0,0 @@
-C2.pl works
diff --git a/crypto/openssl/crypto/sha/asm/sha1-586.pl b/crypto/openssl/crypto/sha/asm/sha1-586.pl
deleted file mode 100644
index fe51fd079457..000000000000
--- a/crypto/openssl/crypto/sha/asm/sha1-586.pl
+++ /dev/null
@@ -1,540 +0,0 @@
-#!/usr/local/bin/perl
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
-
-$A="eax";
-$B="ecx";
-$C="ebx";
-$D="edx";
-$E="edi";
-$T="esi";
-$tmp1="ebp";
-
-$off=9*4;
-
-@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
-
-&sha1_block_data("sha1_block_asm_data_order");
-
-&asm_finish();
-
-sub Nn
-	{
-	local($p)=@_;
-	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
-	return($n{$p});
-	}
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
-	local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
-	return($n{$p});
-	}
-
-sub Na
-	{
-	local($n)=@_;
-	return( (($n   )&0x0f),
-		(($n+ 2)&0x0f),
-		(($n+ 8)&0x0f),
-		(($n+13)&0x0f),
-		(($n+ 1)&0x0f));
-	}
-
-sub X_expand
-	{
-	local($in)=@_;
-
-	&comment("First, load the words onto the stack in network byte order");
-	for ($i=0; $i<16; $i+=2)
-		{
-		&mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0;
-		 &mov($B,&DWP(($i+1)*4,$in,"",0));
-		&bswap($A);
-		 &bswap($B);
-		&mov(&swtmp($i+0),$A);
-		 &mov(&swtmp($i+1),$B);
-		}
-
-	&comment("We now have the X array on the stack");
-	&comment("starting at sp-4");
-	}
-
-# Rules of engagement
-# F is always trashable at the start, the running total.
-# E becomes the next F so it can be trashed after it has been 'accumulated'
-# F becomes A in the next round.  We don't need to access it much.
-# During the X update part, the result ends up in $X[$n0].
-
-sub BODY_00_15
-	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
-return if $n & 1;
-	&comment("00_15 $n");
-
-	 &mov($f,$c);
-
-	&mov($tmp1,$a);
-	 &xor($f,$d);			# F2
-
-	&rotl($tmp1,5);			# A2
-
-	&and($f,$b);			# F3
-	 &add($tmp1,$e);
-
-	&rotr($b,1);			# B1	<- F
-	 &mov($e,&swtmp($n));		# G1
-
-	&rotr($b,1);			# B1	<- F
-	 &xor($f,$d);			# F4
-
-	&lea($tmp1,&DWP($K,$tmp1,$e,1));
-
-############################
-#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
-	 &mov($f,$c);
-
-	&add($a,$tmp1);		# MOVED DOWN
-	 &xor($f,$d);			# F2
-
-	&mov($tmp1,$a);
-	 &and($f,$b);			# F3
-
-	&rotl($tmp1,5);			# A2
-
-	&add($tmp1,$e);
-	 &mov($e,&swtmp($n));		# G1
-
-	&rotr($b,1);			# B1	<- F
-	 &xor($f,$d);			# F4
-
-	&rotr($b,1);			# B1	<- F
-	 &lea($tmp1,&DWP($K,$tmp1,$e,1));
-
-	&add($f,$tmp1);
-	}
-
-sub BODY_16_19
-	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-return if $n & 1;
-	&comment("16_19 $n");
-
- &nop() if ($pos < 0);
-&mov($tmp1,&swtmp($n0));			# X1
- &mov($f,&swtmp($n1));			# X2
-&xor($f,$tmp1);				# X3
- &mov($tmp1,&swtmp($n2));		# X4
-&xor($f,$tmp1);				# X5
- &mov($tmp1,&swtmp($n3));		# X6
-&xor($f,$tmp1);				# X7 - slot
- &mov($tmp1,$c);			# F1
-&rotl($f,1);				# X8 - slot
- &xor($tmp1,$d);			# F2
-&mov(&swtmp($n0),$f);			# X9 - anytime
- &and($tmp1,$b);			# F3
-&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
- &xor($tmp1,$d);				# F4
-&mov($e,$a);				# A1
- &add($f,$tmp1);			# tot+=F();
-
-&rotl($e,5);				# A2
-
-&rotr($b,1);				# B1	<- F
- &add($f,$e);				# tot+=a
-
-############################
-#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
-
-&mov($f,&swtmp($n0));			# X1
- &mov($tmp1,&swtmp($n1));		# X2
-&xor($f,$tmp1);				# X3
- &mov($tmp1,&swtmp($n2));		# X4
-&xor($f,$tmp1);				# X5
- &mov($tmp1,&swtmp($n3));		# X6
-&rotr($c,1); #&rotr($b,1);		# B1	<- F # MOVED DOWN
- &xor($f,$tmp1);				# X7 - slot
-&rotl($f,1);				# X8 - slot
- &mov($tmp1,$c);			# F1
-&xor($tmp1,$d);			# F2
- &mov(&swtmp($n0),$f);			# X9 - anytime
-&and($tmp1,$b);			# F3
- &lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
-
-&xor($tmp1,$d);				# F4
- &mov($e,$a);				# A1
-
-&rotl($e,5);				# A2
-
-&rotr($b,1);				# B1	<- F
- &add($f,$e);				# tot+=a
-
-&rotr($b,1);				# B1	<- F
- &add($f,$tmp1);			# tot+=F();
-
-	}
-
-sub BODY_20_39
-	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
-	&comment("20_39 $n");
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-&mov($f,&swtmp($n0));			# X1
- &mov($tmp1,&swtmp($n1));		# X2
-&xor($f,$tmp1);				# X3
- &mov($tmp1,&swtmp($n2));		# X4
-&xor($f,$tmp1);				# X5
- &mov($tmp1,&swtmp($n3));		# X6
-&xor($f,$tmp1);				# X7 - slot
- &mov($tmp1,$b);			# F1
-&rotl($f,1);				# X8 - slot
- &xor($tmp1,$c);			# F2
-&mov(&swtmp($n0),$f);			# X9 - anytime
- &xor($tmp1,$d);			# F3
-
-&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
- &mov($e,$a);				# A1
-
-&rotl($e,5);				# A2
-
-if ($n != 79) # last loop	
-	{
-	&rotr($b,1);				# B1	<- F
-	 &add($e,$tmp1);			# tmp1=F()+a
-
-	&rotr($b,1);				# B2	<- F
-	 &add($f,$e);				# tot+=tmp1;
-	}
-else
-	{
-	&add($e,$tmp1);				# tmp1=F()+a
-	 &mov($tmp1,&wparam(0));
-
-	&rotr($b,1);				# B1	<- F
-	 &add($f,$e);				# tot+=tmp1;
-
-	&rotr($b,1);				# B2	<- F
-	}
-	}
-
-sub BODY_40_59
-	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
-	&comment("40_59 $n");
-	return if $n & 1;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-&mov($f,&swtmp($n0));			# X1
- &mov($tmp1,&swtmp($n1));		# X2
-&xor($f,$tmp1);				# X3
- &mov($tmp1,&swtmp($n2));		# X4
-&xor($f,$tmp1);				# X5
- &mov($tmp1,&swtmp($n3));		# X6
-&xor($f,$tmp1);				# X7 - slot
- &mov($tmp1,$b);			# F1
-&rotl($f,1);				# X8 - slot
- &or($tmp1,$c);				# F2
-&mov(&swtmp($n0),$f);			# X9 - anytime
- &and($tmp1,$d);			# F3
-
-&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
- &mov($e,$b);				# F4
-
-&rotr($b,1);				# B1	<- F
- &and($e,$c);				# F5
-
-&or($tmp1,$e);				# F6
- &mov($e,$a);				# A1
-
-&rotl($e,5);				# A2
-
-&add($tmp1,$e);			# tmp1=F()+a
-
-############################
-#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
- &mov($f,&swtmp($n0));			# X1
-&add($a,$tmp1);				# tot+=tmp1; # moved was add f,tmp1
- &mov($tmp1,&swtmp($n1));		# X2
-&xor($f,$tmp1);				# X3
- &mov($tmp1,&swtmp($n2));		# X4
-&xor($f,$tmp1);				# X5
- &mov($tmp1,&swtmp($n3));		# X6
-&rotr($c,1);				# B2	<- F # moved was rotr b,1
- &xor($f,$tmp1);			# X7 - slot
-&rotl($f,1);				# X8 - slot
- &mov($tmp1,$b);			# F1
-&mov(&swtmp($n0),$f);			# X9 - anytime
- &or($tmp1,$c);				# F2
-&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
- &mov($e,$b);				# F4
-&and($tmp1,$d);				# F3
- &and($e,$c);				# F5
-
-&or($tmp1,$e);				# F6
- &mov($e,$a);				# A1
-
-&rotl($e,5);				# A2
-
-&rotr($b,1);				# B1	<- F
- &add($tmp1,$e);			# tmp1=F()+a
-
-&rotr($b,1);				# B2	<- F
- &add($f,$tmp1);			# tot+=tmp1;
-	}
-
-sub BODY_60_79
-	{
-	&BODY_20_39(@_);
-	}
-
-sub sha1_block_host
-	{
-	local($name, $sclabel)=@_;
-
-	&function_begin_B($name,"");
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov("ecx",	&wparam(2));
-	 &push("esi");
-	&shl("ecx",6);
-	 &mov("esi",	&wparam(1));
-	&push("ebp");
-	 &add("ecx","esi");	# offset to leave on
-	&push("ebx");
-	 &mov("ebp",	&wparam(0));
-	&push("edi");
-	 &mov($D,	&DWP(12,"ebp","",0));
-	&stack_push(18+9);
-	 &mov($E,	&DWP(16,"ebp","",0));
-	&mov($C,	&DWP( 8,"ebp","",0));
-	 &mov(&swtmp(17),"ecx");
-
-	&comment("First we need to setup the X array");
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0;
-		 &mov($B,&DWP(($i+1)*4,"esi","",0));
-		&mov(&swtmp($i+0),$A);
-		 &mov(&swtmp($i+1),$B);
-		}
-	&jmp($sclabel);
-	&function_end_B($name);
-	}
-
-
-sub sha1_block_data
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"");
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov("ecx",	&wparam(2));
-	 &push("esi");
-	&shl("ecx",6);
-	 &mov("esi",	&wparam(1));
-	&push("ebp");
-	 &add("ecx","esi");	# offset to leave on
-	&push("ebx");
-	 &mov("ebp",	&wparam(0));
-	&push("edi");
-	 &mov($D,	&DWP(12,"ebp","",0));
-	&stack_push(18+9);
-	 &mov($E,	&DWP(16,"ebp","",0));
-	&mov($C,	&DWP( 8,"ebp","",0));
-	 &mov(&swtmp(17),"ecx");
-
-	&comment("First we need to setup the X array");
-
-	&set_label("start") unless $normal;
-
-	&X_expand("esi");
-	 &mov(&wparam(1),"esi");
-
-	&set_label("shortcut", 0, 1);
-	&comment("");
-	&comment("Start processing");
-
-	# odd start
-	&mov($A,	&DWP( 0,"ebp","",0));
-	 &mov($B,	&DWP( 4,"ebp","",0));
-	$X="esp";
-	&BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
-	&BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
-	&BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
-	&BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
-	&BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
-
-	&BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
-
-	&BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
-
-	&BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
-
-	&comment("End processing");
-	&comment("");
-	# D is the tmp value
-
-	# E -> A
-	# T -> B
-	# A -> C
-	# B -> D
-	# C -> E
-	# D -> T
-
-	# The last 2 have been moved into the last loop
-	# &mov($tmp1,&wparam(0));
-
-	 &mov($D,	&DWP(12,$tmp1,"",0));
-	&add($D,$B);
-	 &mov($B,	&DWP( 4,$tmp1,"",0));
-	&add($B,$T);
-	 &mov($T,	$A);
-	&mov($A,	&DWP( 0,$tmp1,"",0));
-	 &mov(&DWP(12,$tmp1,"",0),$D);
-
-	&add($A,$E);
-	 &mov($E,	&DWP(16,$tmp1,"",0));
-	&add($E,$C);
-	 &mov($C,	&DWP( 8,$tmp1,"",0));
-	&add($C,$T);
-
-	 &mov(&DWP( 0,$tmp1,"",0),$A);
-	&mov("esi",&wparam(1));
-	 &mov(&DWP( 8,$tmp1,"",0),$C);
- 	&add("esi",64);
-	 &mov("eax",&swtmp(17));
-	&mov(&DWP(16,$tmp1,"",0),$E);
-	 &cmp("esi","eax");
-	&mov(&DWP( 4,$tmp1,"",0),$B);
-	 &jl(&label("start"));
-
-	&stack_pop(18+9);
-	 &pop("edi");
-	&pop("ebx");
-	 &pop("ebp");
-	&pop("esi");
-	 &ret();
-
-	# keep a note of shortcut label so it can be used outside
-	# block.
-	my $sclabel = &label("shortcut");
-
-	&function_end_B($name);
-	# Putting this here avoids problems with MASM in debugging mode
-	&sha1_block_host("sha1_block_asm_host_order", $sclabel);
-	}
-
diff --git a/crypto/openssl/crypto/sha/sha.c b/crypto/openssl/crypto/sha/sha.c
deleted file mode 100644
index 42126551d12e..000000000000
--- a/crypto/openssl/crypto/sha/sha.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/sha/sha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-int main(int argc, char **argv)
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("SHA(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	SHA_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-	int fd;
-	int i;
-	unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	SHA_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,BUFSIZE);
-		if (i <= 0) break;
-		SHA_Update(&c,buf,(unsigned long)i);
-		}
-	SHA_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<SHA_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
-
diff --git a/crypto/openssl/crypto/sha/sha.h b/crypto/openssl/crypto/sha/sha.h
deleted file mode 100644
index 3fd54a10cc7c..000000000000
--- a/crypto/openssl/crypto/sha/sha.h
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/sha/sha.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SHA_H
-#define HEADER_SHA_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
-#error SHA is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! SHA_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define SHA_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define SHA_LONG unsigned long
-#define SHA_LONG_LOG2 3
-#else
-#define SHA_LONG unsigned int
-#endif
-
-#define SHA_LBLOCK	16
-#define SHA_CBLOCK	(SHA_LBLOCK*4)	/* SHA treats input data as a
-					 * contiguous array of 32 bit
-					 * wide big-endian values. */
-#define SHA_LAST_BLOCK  (SHA_CBLOCK-8)
-#define SHA_DIGEST_LENGTH 20
-
-typedef struct SHAstate_st
-	{
-	SHA_LONG h0,h1,h2,h3,h4;
-	SHA_LONG Nl,Nh;
-	SHA_LONG data[SHA_LBLOCK];
-	int num;
-	} SHA_CTX;
-
-#ifndef OPENSSL_NO_SHA0
-int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, unsigned long len);
-int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md);
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
-#ifndef OPENSSL_NO_SHA1
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, unsigned long len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/sha/sha1.c b/crypto/openssl/crypto/sha/sha1.c
deleted file mode 100644
index d350c88ee47d..000000000000
--- a/crypto/openssl/crypto/sha/sha1.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/sha/sha1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define BUFSIZE	1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#ifndef _OSD_POSIX
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-	{
-	int i,err=0;
-	FILE *IN;
-
-	if (argc == 1)
-		{
-		do_fp(stdin);
-		}
-	else
-		{
-		for (i=1; i<argc; i++)
-			{
-			IN=fopen(argv[i],"r");
-			if (IN == NULL)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("SHA1(%s)= ",argv[i]);
-			do_fp(IN);
-			fclose(IN);
-			}
-		}
-	exit(err);
-	}
-
-void do_fp(FILE *f)
-	{
-	SHA_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-	int fd;
-	int i;
-	unsigned char buf[BUFSIZE];
-
-	fd=fileno(f);
-	SHA1_Init(&c);
-	for (;;)
-		{
-		i=read(fd,buf,BUFSIZE);
-		if (i <= 0) break;
-		SHA1_Update(&c,buf,(unsigned long)i);
-		}
-	SHA1_Final(&(md[0]),&c);
-	pt(md);
-	}
-
-void pt(unsigned char *md)
-	{
-	int i;
-
-	for (i=0; i<SHA_DIGEST_LENGTH; i++)
-		printf("%02x",md[i]);
-	printf("\n");
-	}
-
diff --git a/crypto/openssl/crypto/sha/sha1_one.c b/crypto/openssl/crypto/sha/sha1_one.c
deleted file mode 100644
index 20e660c71df7..000000000000
--- a/crypto/openssl/crypto/sha/sha1_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* crypto/sha/sha1_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/sha.h>
-#include <openssl/crypto.h>
-
-#ifndef OPENSSL_NO_SHA1
-unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	SHA_CTX c;
-	static unsigned char m[SHA_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA1_Init(&c);
-	SHA1_Update(&c,d,n);
-	SHA1_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));
-	return(md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/sha/sha1dgst.c b/crypto/openssl/crypto/sha/sha1dgst.c
deleted file mode 100644
index 182f65982ab0..000000000000
--- a/crypto/openssl/crypto/sha/sha1dgst.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
-
-#undef  SHA_0
-#define SHA_1
-
-#include <openssl/opensslv.h>
-
-const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
-
diff --git a/crypto/openssl/crypto/sha/sha1s.cpp b/crypto/openssl/crypto/sha/sha1s.cpp
deleted file mode 100644
index af23d1e0f218..000000000000
--- a/crypto/openssl/crypto/sha/sha1s.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define sha1_block_x86 sha1_block_asm_data_order
-extern "C" {
-void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	SHA_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-#if 0
-	num*=64;
-	numm*=64;
-#endif
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			sha1_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			sha1_block_x86(&ctx,buffer,num);
-			}
-
-		printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/crypto/sha/sha1test.c b/crypto/openssl/crypto/sha/sha1test.c
deleted file mode 100644
index 4f2e4ada2d25..000000000000
--- a/crypto/openssl/crypto/sha/sha1test.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* crypto/sha/sha1test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_SHA
-int main(int argc, char *argv[])
-{
-    printf("No SHA support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-#undef SHA_0 /* FIPS 180 */
-#define  SHA_1 /* FIPS 180-1 */
-
-static char *test[]={
-	"abc",
-	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-	NULL,
-	};
-
-#ifdef SHA_0
-static char *ret[]={
-	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
-	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-	};
-static char *bigret=
-	"3232affa48628a26653b5aaa44541fd90d690603";
-#endif
-#ifdef SHA_1
-static char *ret[]={
-	"a9993e364706816aba3e25717850c26c9cd0d89d",
-	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-	};
-static char *bigret=
-	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-#endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	unsigned char **P,**R;
-	static unsigned char buf[1000];
-	char *p,*r;
-	EVP_MD_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(test[0], test[0], strlen(test[0]));
-	ebcdic2ascii(test[1], test[1], strlen(test[1]));
-#endif
-
-	EVP_MD_CTX_init(&c);
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL);
-		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
-			{
-			printf("error calculating SHA1 on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-
-	memset(buf,'a',1000);
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, 1000);
-#endif /*CHARSET_EBCDIC*/
-	EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
-	for (i=0; i<1000; i++)
-		EVP_DigestUpdate(&c,buf,1000);
-	EVP_DigestFinal_ex(&c,md,NULL);
-	p=pt(md);
-
-	r=bigret;
-	if (strcmp(p,r) != 0)
-		{
-		printf("error calculating SHA1 on 'a' * 1000\n");
-		printf("got %s instead of %s\n",p,r);
-		err++;
-		}
-	else
-		printf("test 3 ok\n");
-	EXIT(err);
-	EVP_MD_CTX_cleanup(&c);
-	return(0);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<SHA_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/sha/sha_dgst.c b/crypto/openssl/crypto/sha/sha_dgst.c
deleted file mode 100644
index 5a4b3ab20459..000000000000
--- a/crypto/openssl/crypto/sha/sha_dgst.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
-
-#undef  SHA_1
-#define SHA_0
-
-#include <openssl/opensslv.h>
-
-const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
-
diff --git a/crypto/openssl/crypto/sha/sha_locl.h b/crypto/openssl/crypto/sha/sha_locl.h
deleted file mode 100644
index 2dd63a62a646..000000000000
--- a/crypto/openssl/crypto/sha/sha_locl.h
+++ /dev/null
@@ -1,472 +0,0 @@
-/* crypto/sha/sha_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/sha.h>
-
-#ifndef SHA_LONG_LOG2
-#define SHA_LONG_LOG2	2	/* default to 32 bits */
-#endif
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG               SHA_LONG
-#define HASH_LONG_LOG2          SHA_LONG_LOG2
-#define HASH_CTX                SHA_CTX
-#define HASH_CBLOCK             SHA_CBLOCK
-#define HASH_LBLOCK             SHA_LBLOCK
-#define HASH_MAKE_STRING(c,s)   do {	\
-	unsigned long ll;		\
-	ll=(c)->h0; HOST_l2c(ll,(s));	\
-	ll=(c)->h1; HOST_l2c(ll,(s));	\
-	ll=(c)->h2; HOST_l2c(ll,(s));	\
-	ll=(c)->h3; HOST_l2c(ll,(s));	\
-	ll=(c)->h4; HOST_l2c(ll,(s));	\
-	} while (0)
-
-#if defined(SHA_0)
-
-# define HASH_UPDATE             	SHA_Update
-# define HASH_TRANSFORM          	SHA_Transform
-# define HASH_FINAL              	SHA_Final
-# define HASH_INIT			SHA_Init
-# define HASH_BLOCK_HOST_ORDER   	sha_block_host_order
-# define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))
-
-  void sha_block_host_order (SHA_CTX *c, const void *p,int num);
-  void sha_block_data_order (SHA_CTX *c, const void *p,int num);
-
-#elif defined(SHA_1)
-
-# define HASH_UPDATE             	SHA1_Update
-# define HASH_TRANSFORM          	SHA1_Transform
-# define HASH_FINAL              	SHA1_Final
-# define HASH_INIT			SHA1_Init
-# define HASH_BLOCK_HOST_ORDER   	sha1_block_host_order
-# define HASH_BLOCK_DATA_ORDER   	sha1_block_data_order
-# if defined(__MWERKS__) && defined(__MC68K__)
-   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
-#  define Xupdate(a,ix,ia,ib,ic,id)	do { (a)=(ia^ib^ic^id);		\
-					     ix=(a)=ROTATE((a),1);	\
-					} while (0)
-# else
-#  define Xupdate(a,ix,ia,ib,ic,id)	( (a)=(ia^ib^ic^id),	\
-					  ix=(a)=ROTATE((a),1)	\
-					)
-# endif
-
-# ifdef SHA1_ASM
-#  if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#   define sha1_block_host_order		sha1_block_asm_host_order
-#   define DONT_IMPLEMENT_BLOCK_HOST_ORDER
-#   define sha1_block_data_order		sha1_block_asm_data_order
-#   define DONT_IMPLEMENT_BLOCK_DATA_ORDER
-#   define HASH_BLOCK_DATA_ORDER_ALIGNED	sha1_block_asm_data_order
-#  endif
-# endif
-  void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
-  void sha1_block_data_order (SHA_CTX *c, const void *p,int num);
-
-#else
-# error "Either SHA_0 or SHA_1 must be defined."
-#endif
-
-#include "md32_common.h"
-
-#define INIT_DATA_h0 0x67452301UL
-#define INIT_DATA_h1 0xefcdab89UL
-#define INIT_DATA_h2 0x98badcfeUL
-#define INIT_DATA_h3 0x10325476UL
-#define INIT_DATA_h4 0xc3d2e1f0UL
-
-int HASH_INIT (SHA_CTX *c)
-	{
-	c->h0=INIT_DATA_h0;
-	c->h1=INIT_DATA_h1;
-	c->h2=INIT_DATA_h2;
-	c->h3=INIT_DATA_h3;
-	c->h4=INIT_DATA_h4;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
-	return 1;
-	}
-
-#define K_00_19	0x5a827999UL
-#define K_20_39 0x6ed9eba1UL
-#define K_40_59 0x8f1bbcdcUL
-#define K_60_79 0xca62c1d6UL
-
-/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
- * simplified to the code in F_00_19.  Wei attributes these optimisations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
- * I've just become aware of another tweak to be made, again from Wei Dai,
- * in F_40_59, (x&a)|(y&a) -> (x|y)&a
- */
-#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
-#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
-#define	F_60_79(b,c,d)	F_20_39(b,c,d)
-
-#define BODY_00_15(i,a,b,c,d,e,f,xi) \
-	(f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-	Xupdate(f,xi,xa,xb,xc,xd); \
-	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-	Xupdate(f,xi,xa,xb,xc,xd); \
-	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#ifdef X
-#undef X
-#endif
-#ifndef MD32_XARRAY
-  /*
-   * Originally X was an array. As it's automatic it's natural
-   * to expect RISC compiler to accomodate at least part of it in
-   * the register bank, isn't it? Unfortunately not all compilers
-   * "find" this expectation reasonable:-( On order to make such
-   * compilers generate better code I replace X[] with a bunch of
-   * X0, X1, etc. See the function body below...
-   *					<appro@fy.chalmers.se>
-   */
-# define X(i)	XX##i
-#else
-  /*
-   * However! Some compilers (most notably HP C) get overwhelmed by
-   * that many local variables so that we have to have the way to
-   * fall down to the original behavior.
-   */
-# define X(i)	XX[i]
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
-void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
-	{
-	const SHA_LONG *W=d;
-	register unsigned MD32_REG_T A,B,C,D,E,T;
-#ifndef MD32_XARRAY
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
-	SHA_LONG	XX[16];
-#endif
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-		{
-	BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
-	BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
-	BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
-	BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
-	BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
-	BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
-	BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
-	BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
-	BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
-	BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
-	BODY_00_15(10,C,D,E,T,A,B,W[10]);
-	BODY_00_15(11,B,C,D,E,T,A,W[11]);
-	BODY_00_15(12,A,B,C,D,E,T,W[12]);
-	BODY_00_15(13,T,A,B,C,D,E,W[13]);
-	BODY_00_15(14,E,T,A,B,C,D,W[14]);
-	BODY_00_15(15,D,E,T,A,B,C,W[15]);
-
-	BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
-	BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
-	BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
-	BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
-
-	BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
-	BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
-	BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
-	BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
-	BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
-	BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
-	BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
-	BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
-	BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
-	BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
-	BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
-	BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
-
-	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
-	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
-	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
-	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
-	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
-	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
-	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
-	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
-	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
-	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
-	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
-	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
-	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
-	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
-	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
-	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
-	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
-	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
-	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
-	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
-	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
-	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
-	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
-	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
-	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
-	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
-	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
-	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
-	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
-	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
-	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
-	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
-	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
-	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
-	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
-	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
-	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
-	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-	
-	c->h0=(c->h0+E)&0xffffffffL; 
-	c->h1=(c->h1+T)&0xffffffffL;
-	c->h2=(c->h2+A)&0xffffffffL;
-	c->h3=(c->h3+B)&0xffffffffL;
-	c->h4=(c->h4+C)&0xffffffffL;
-
-	if (--num <= 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	W+=SHA_LBLOCK;
-		}
-	}
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
-void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
-	{
-	const unsigned char *data=p;
-	register unsigned MD32_REG_T A,B,C,D,E,T,l;
-#ifndef MD32_XARRAY
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
-	SHA_LONG	XX[16];
-#endif
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-		{
-
-	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-	BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
-	BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
-	BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
-	BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
-	BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
-	BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
-	BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
-	BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
-	BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
-	BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
-	BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
-	BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
-	BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
-	BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
-	BODY_00_15(14,E,T,A,B,C,D,X(14));
-	BODY_00_15(15,D,E,T,A,B,C,X(15));
-
-	BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
-	BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
-	BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
-	BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
-
-	BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
-	BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
-	BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
-	BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
-	BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
-	BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
-	BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
-	BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
-	BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
-	BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
-	BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
-	BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
-
-	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
-	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
-	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
-	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
-	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
-	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
-	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
-	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
-	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
-	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
-	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
-	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
-	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
-	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
-	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
-	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
-	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
-	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
-	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
-	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
-	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
-	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
-	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
-	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
-	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
-	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
-	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
-	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
-	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
-	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
-	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
-	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
-	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
-	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
-	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
-	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
-	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
-	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-	
-	c->h0=(c->h0+E)&0xffffffffL; 
-	c->h1=(c->h1+T)&0xffffffffL;
-	c->h2=(c->h2+A)&0xffffffffL;
-	c->h3=(c->h3+B)&0xffffffffL;
-	c->h4=(c->h4+C)&0xffffffffL;
-
-	if (--num <= 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-		}
-	}
-#endif
diff --git a/crypto/openssl/crypto/sha/sha_one.c b/crypto/openssl/crypto/sha/sha_one.c
deleted file mode 100644
index e61c63f3e99d..000000000000
--- a/crypto/openssl/crypto/sha/sha_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* crypto/sha/sha_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/sha.h>
-#include <openssl/crypto.h>
-
-#ifndef OPENSSL_NO_SHA0
-unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md)
-	{
-	SHA_CTX c;
-	static unsigned char m[SHA_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA_Init(&c);
-	SHA_Update(&c,d,n);
-	SHA_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));
-	return(md);
-	}
-#endif
diff --git a/crypto/openssl/crypto/sha/shatest.c b/crypto/openssl/crypto/sha/shatest.c
deleted file mode 100644
index 5d2b1d3b1aed..000000000000
--- a/crypto/openssl/crypto/sha/shatest.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* crypto/sha/shatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#ifdef OPENSSL_NO_SHA
-int main(int argc, char *argv[])
-{
-    printf("No SHA support\n");
-    return(0);
-}
-#else
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-#define SHA_0 /* FIPS 180 */
-#undef  SHA_1 /* FIPS 180-1 */
-
-static char *test[]={
-	"abc",
-	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-	NULL,
-	};
-
-#ifdef SHA_0
-static char *ret[]={
-	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
-	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-	};
-static char *bigret=
-	"3232affa48628a26653b5aaa44541fd90d690603";
-#endif
-#ifdef SHA_1
-static char *ret[]={
-	"a9993e364706816aba3e25717850c26c9cd0d89d",
-	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-	};
-static char *bigret=
-	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-#endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	unsigned char **P,**R;
-	static unsigned char buf[1000];
-	char *p,*r;
-	EVP_MD_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(test[0], test[0], strlen(test[0]));
-	ebcdic2ascii(test[1], test[1], strlen(test[1]));
-#endif
-
-	EVP_MD_CTX_init(&c);
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL);
-		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
-			{
-			printf("error calculating SHA on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-
-	memset(buf,'a',1000);
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, 1000);
-#endif /*CHARSET_EBCDIC*/
-	EVP_DigestInit_ex(&c,EVP_sha(), NULL);
-	for (i=0; i<1000; i++)
-		EVP_DigestUpdate(&c,buf,1000);
-	EVP_DigestFinal_ex(&c,md,NULL);
-	p=pt(md);
-
-	r=bigret;
-	if (strcmp(p,r) != 0)
-		{
-		printf("error calculating SHA on '%s'\n",p);
-		printf("got %s instead of %s\n",p,r);
-		err++;
-		}
-	else
-		printf("test 3 ok\n");
-	EVP_MD_CTX_cleanup(&c);
-	EXIT(err);
-	return(0);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<SHA_DIGEST_LENGTH; i++)
-		sprintf(&(buf[i*2]),"%02x",md[i]);
-	return(buf);
-	}
-#endif
diff --git a/crypto/openssl/crypto/stack/Makefile.save b/crypto/openssl/crypto/stack/Makefile.save
deleted file mode 100644
index 2027d3946ce1..000000000000
--- a/crypto/openssl/crypto/stack/Makefile.save
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay/crypto/stack/Makefile
-#
-
-DIR=	stack
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=stack.c
-LIBOBJ=stack.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= stack.h safestack.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-stack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-stack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-stack.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/stack/Makefile.ssl b/crypto/openssl/crypto/stack/Makefile.ssl
deleted file mode 100644
index e4acfe6aba22..000000000000
--- a/crypto/openssl/crypto/stack/Makefile.ssl
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay/crypto/stack/Makefile
-#
-
-DIR=	stack
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=stack.c
-LIBOBJ=stack.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= stack.h safestack.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-stack.o: ../../e_os.h ../../include/openssl/bio.h
-stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-stack.o: ../cryptlib.h stack.c
diff --git a/crypto/openssl/crypto/stack/safestack.h b/crypto/openssl/crypto/stack/safestack.h
deleted file mode 100644
index ed9ed2c23a0b..000000000000
--- a/crypto/openssl/crypto/stack/safestack.h
+++ /dev/null
@@ -1,1512 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SAFESTACK_H
-#define HEADER_SAFESTACK_H
-
-#include <openssl/stack.h>
-
-#ifdef DEBUG_SAFESTACK
-
-#define STACK_OF(type) struct stack_st_##type
-#define PREDECLARE_STACK_OF(type) STACK_OF(type);
-
-#define DECLARE_STACK_OF(type) \
-STACK_OF(type) \
-    { \
-    STACK stack; \
-    };
-
-#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
-
-/* SKM_sk_... stack macros are internal to safestack.h:
- * never use them directly, use sk_<type>_... instead */
-#define SKM_sk_new(type, cmp) \
-	((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp)
-#define SKM_sk_new_null(type) \
-	((STACK_OF(type) * (*)(void))sk_new_null)()
-#define SKM_sk_free(type, st) \
-	((void (*)(STACK_OF(type) *))sk_free)(st)
-#define SKM_sk_num(type, st) \
-	((int (*)(const STACK_OF(type) *))sk_num)(st)
-#define SKM_sk_value(type, st,i) \
-	((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i)
-#define SKM_sk_set(type, st,i,val) \
-	((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val)
-#define SKM_sk_zero(type, st) \
-	((void (*)(STACK_OF(type) *))sk_zero)(st)
-#define SKM_sk_push(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_push)(st, val)
-#define SKM_sk_unshift(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val)
-#define SKM_sk_find(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_find)(st, val)
-#define SKM_sk_delete(type, st,i) \
-	((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i)
-#define SKM_sk_delete_ptr(type, st,ptr) \
-	((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr)
-#define SKM_sk_insert(type, st,val,i) \
-	((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
-	((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
-	  (const type * const *, const type * const *))sk_set_cmp_func)\
-	(st, cmp)
-#define SKM_sk_dup(type, st) \
-	((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st)
-#define SKM_sk_pop_free(type, st,free_func) \
-	((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\
-	(st, free_func)
-#define SKM_sk_shift(type, st) \
-	((type * (*)(STACK_OF(type) *))sk_shift)(st)
-#define SKM_sk_pop(type, st) \
-	((type * (*)(STACK_OF(type) *))sk_pop)(st)
-#define SKM_sk_sort(type, st) \
-	((void (*)(STACK_OF(type) *))sk_sort)(st)
-
-#define	SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \
-                                       type *(*)(type **, unsigned char **,long), \
-                                       void (*)(type *), int ,int )) d2i_ASN1_SET) \
-						(st,pp,length, d2i_func, free_func, ex_tag,ex_class)
-#define	SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	((int (*)(STACK_OF(type) *,unsigned char **, \
-                           int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \
-						(st,pp,i2d_func,ex_tag,ex_class,is_set)
-
-#define	SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-	((unsigned char *(*)(STACK_OF(type) *, \
-                                    int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \
-				(st, i2d_func, buf, len)
-#define	SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-	((STACK_OF(type) * (*)(unsigned char *,int, \
-                                       type *(*)(type **,unsigned char **, long), \
-                                       void (*)(type *)))ASN1_seq_unpack) \
-					(buf,len,d2i_func, free_func)
-
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	((STACK_OF(type) * (*)(X509_ALGOR *, \
-                                type *(*)(type **, unsigned char **, long), void (*)(type *), \
-                                const char *, int, \
-                                ASN1_STRING *, int))PKCS12_decrypt_d2i) \
-				(algor,d2i_func,free_func,pass,passlen,oct,seq)
-
-#else
-
-#define STACK_OF(type) STACK
-#define PREDECLARE_STACK_OF(type) /* nada */
-#define DECLARE_STACK_OF(type)    /* nada */
-#define IMPLEMENT_STACK_OF(type)  /* nada */
-
-#define SKM_sk_new(type, cmp) \
-	sk_new((int (*)(const char * const *, const char * const *))(cmp))
-#define SKM_sk_new_null(type) \
-	sk_new_null()
-#define SKM_sk_free(type, st) \
-	sk_free(st)
-#define SKM_sk_num(type, st) \
-	sk_num(st)
-#define SKM_sk_value(type, st,i) \
-	((type *)sk_value(st, i))
-#define SKM_sk_set(type, st,i,val) \
-	((type *)sk_set(st, i,(char *)val))
-#define SKM_sk_zero(type, st) \
-	sk_zero(st)
-#define SKM_sk_push(type, st,val) \
-	sk_push(st, (char *)val)
-#define SKM_sk_unshift(type, st,val) \
-	sk_unshift(st, val)
-#define SKM_sk_find(type, st,val) \
-	sk_find(st, (char *)val)
-#define SKM_sk_delete(type, st,i) \
-	((type *)sk_delete(st, i))
-#define SKM_sk_delete_ptr(type, st,ptr) \
-	((type *)sk_delete_ptr(st,(char *)ptr))
-#define SKM_sk_insert(type, st,val,i) \
-	sk_insert(st, (char *)val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
-	((int (*)(const type * const *,const type * const *)) \
-	sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp)))
-#define SKM_sk_dup(type, st) \
-	sk_dup(st)
-#define SKM_sk_pop_free(type, st,free_func) \
-	sk_pop_free(st, (void (*)(void *))free_func)
-#define SKM_sk_shift(type, st) \
-	((type *)sk_shift(st))
-#define SKM_sk_pop(type, st) \
-	((type *)sk_pop(st))
-#define SKM_sk_sort(type, st) \
-	sk_sort(st)
-
-#define	SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
-#define	SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set)
-
-#define	SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-	ASN1_seq_pack(st, i2d_func, buf, len)
-#define	SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-	ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func)
-
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq))
-
-#endif
-
-/* This block of defines is updated by util/mkstack.pl, please do not touch! */
-#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
-#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
-#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
-#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
-#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
-#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
-#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
-#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-
-#define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
-#define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
-#define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
-#define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
-#define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
-#define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
-#define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
-#define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
-#define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
-#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
-
-#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
-#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
-#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
-#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
-#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
-#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
-#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
-#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-
-#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
-#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
-#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
-#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
-#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
-#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
-#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
-#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-
-#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
-#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
-#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
-#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
-#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
-#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
-#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
-#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-
-#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
-#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
-#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
-#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
-#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
-#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
-#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
-#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-
-#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
-#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
-#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
-#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
-#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
-#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
-#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
-#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
-#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
-#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
-
-#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
-#define sk_BIO_new_null() SKM_sk_new_null(BIO)
-#define sk_BIO_free(st) SKM_sk_free(BIO, (st))
-#define sk_BIO_num(st) SKM_sk_num(BIO, (st))
-#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
-#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
-#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
-#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
-#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
-#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
-#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
-#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
-#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
-#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
-#define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
-#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
-#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
-#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
-#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-
-#define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
-#define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
-#define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
-#define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
-#define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
-#define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
-#define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
-#define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
-#define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
-#define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
-
-#define sk_CONF_MODULE_new(st) SKM_sk_new(CONF_MODULE, (st))
-#define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
-#define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
-#define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
-#define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
-#define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
-#define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
-#define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
-#define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
-#define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
-#define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
-#define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
-#define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
-#define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
-#define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
-#define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
-
-#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
-#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
-#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
-#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
-#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
-#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
-#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
-#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
-#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
-#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
-#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
-#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
-#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
-#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-
-#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
-#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
-#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
-#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
-#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
-#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-
-#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
-#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
-#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
-#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
-#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
-#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
-#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
-#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-
-#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
-#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
-#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
-#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
-#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
-#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
-#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
-#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
-#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
-#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
-#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
-#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
-#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
-#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-
-#define sk_ENGINE_new(st) SKM_sk_new(ENGINE, (st))
-#define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
-#define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
-#define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
-#define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
-#define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
-#define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
-#define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
-#define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
-#define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
-#define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
-#define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
-#define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
-#define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
-#define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
-#define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
-#define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
-#define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
-#define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
-
-#define sk_ENGINE_CLEANUP_ITEM_new(st) SKM_sk_new(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
-#define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
-#define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
-#define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
-#define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
-#define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
-#define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
-#define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
-#define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
-#define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
-
-#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
-#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
-#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
-#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
-#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
-#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
-#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
-#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-
-#define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
-#define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
-#define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
-#define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
-#define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
-#define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
-#define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
-#define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
-#define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
-#define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
-
-#define sk_KRB5_AUTHDATA_new(st) SKM_sk_new(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
-#define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
-#define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
-#define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
-#define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
-#define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
-#define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
-#define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
-#define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
-#define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
-
-#define sk_KRB5_AUTHENTBODY_new(st) SKM_sk_new(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
-#define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
-#define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
-#define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
-#define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
-#define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
-#define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
-#define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
-#define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
-#define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
-
-#define sk_KRB5_CHECKSUM_new(st) SKM_sk_new(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
-#define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
-#define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
-#define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
-#define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
-#define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
-#define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
-#define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
-#define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
-#define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
-
-#define sk_KRB5_ENCDATA_new(st) SKM_sk_new(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
-#define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
-#define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
-#define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
-#define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
-#define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
-#define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
-#define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
-#define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
-#define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
-
-#define sk_KRB5_ENCKEY_new(st) SKM_sk_new(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
-#define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
-#define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
-#define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
-#define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
-#define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
-#define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
-#define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
-#define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
-#define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
-
-#define sk_KRB5_PRINCNAME_new(st) SKM_sk_new(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
-#define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
-#define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
-#define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
-#define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
-#define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
-#define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
-#define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
-#define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
-#define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
-
-#define sk_KRB5_TKTBODY_new(st) SKM_sk_new(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
-#define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
-#define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
-#define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
-#define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
-#define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
-#define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
-#define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
-#define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
-#define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
-
-#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
-#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
-#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
-#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
-#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
-#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
-#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
-#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
-#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
-#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
-#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
-#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
-#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
-#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-
-#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
-#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
-#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
-#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
-#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
-#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
-#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
-#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
-#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
-#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
-#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
-#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
-#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
-#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-
-#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
-#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
-#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
-#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
-#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
-#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
-#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
-#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-
-#define sk_OCSP_CERTID_new(st) SKM_sk_new(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
-#define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
-#define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
-#define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
-#define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
-#define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
-#define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
-#define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
-#define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
-#define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
-
-#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
-#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
-#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
-#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
-#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
-#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
-#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
-#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
-#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
-#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
-
-#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
-#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
-#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
-#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
-#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
-#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
-#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
-#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
-#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
-#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
-
-#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
-#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
-#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
-#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
-#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
-#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
-#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
-#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-
-#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
-#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
-#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
-#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
-#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
-#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
-#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
-#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
-#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
-#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
-#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
-#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
-#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
-#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
-#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
-#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
-#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
-#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
-#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-
-#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
-#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
-#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
-#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
-#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
-#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
-#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
-#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-
-#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
-#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
-#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
-#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
-#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
-#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
-#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
-#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-
-#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
-#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
-#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
-#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
-#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
-#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
-#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
-#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
-#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
-#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
-#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
-#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
-#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
-#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-
-#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
-#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
-#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
-#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
-#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
-#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
-#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
-#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-
-#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
-#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
-#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
-#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
-#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
-#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
-#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
-#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-
-#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
-#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
-#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
-#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
-#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
-#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
-#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
-#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
-#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
-#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
-#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
-#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
-#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
-#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-
-#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
-#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
-#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
-#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
-#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
-#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
-#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
-#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
-#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
-#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
-#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
-#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
-#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
-#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
-#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
-#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
-#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
-#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
-#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-
-#define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st))
-#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
-#define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
-#define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
-#define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
-#define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
-#define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
-#define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
-#define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
-#define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
-#define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
-#define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
-#define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
-#define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
-#define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
-#define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
-#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
-#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
-#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
-
-#define sk_X509_new(st) SKM_sk_new(X509, (st))
-#define sk_X509_new_null() SKM_sk_new_null(X509)
-#define sk_X509_free(st) SKM_sk_free(X509, (st))
-#define sk_X509_num(st) SKM_sk_num(X509, (st))
-#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
-#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
-#define sk_X509_zero(st) SKM_sk_zero(X509, (st))
-#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
-#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
-#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
-#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
-#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
-#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
-#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
-#define sk_X509_dup(st) SKM_sk_dup(X509, st)
-#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
-#define sk_X509_shift(st) SKM_sk_shift(X509, (st))
-#define sk_X509_pop(st) SKM_sk_pop(X509, (st))
-#define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-
-#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
-#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
-#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
-#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
-#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
-#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
-#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
-#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-
-#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
-#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
-#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
-#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
-#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
-#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
-#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
-#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
-#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
-#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
-#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
-#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
-#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
-#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-
-#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
-#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
-#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
-#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
-#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
-#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
-#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
-#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-
-#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
-#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
-#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
-#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
-#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
-#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
-#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
-#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
-#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
-#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
-#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
-#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
-#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
-#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
-#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
-#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
-#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
-#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
-#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-
-#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
-#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
-#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
-#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
-#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
-#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
-#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
-#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-
-#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
-#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
-#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
-#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
-#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
-#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
-#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
-#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
-#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
-#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
-#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
-#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
-#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
-#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
-#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
-#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
-#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
-#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
-#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-
-#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
-#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
-#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
-#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
-#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
-#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
-#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
-#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-
-#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
-#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
-#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
-#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
-#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
-#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
-#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
-#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
-#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
-#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
-#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
-#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
-#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
-#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
-#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
-#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
-#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
-#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
-#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-
-#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
-#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
-#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
-#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
-#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
-#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
-#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
-#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-
-#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
-#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
-#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
-#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
-#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
-#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
-#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
-#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
-#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
-#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
-#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
-#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
-#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
-#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-
-#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
-#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
-#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
-#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
-#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
-#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
-#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
-#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-
-#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
-#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
-#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
-#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
-#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
-#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
-#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
-#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
-#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
-#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
-#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
-#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
-#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
-#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-
-#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
-#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
-#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
-#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
-#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
-#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
-#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
-#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
-#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
-#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
-#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
-#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
-#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
-#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-
-#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
-
-#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
-#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-/* End of util/mkstack.pl block, you may now edit :-) */
-
-#endif /* !defined HEADER_SAFESTACK_H */
diff --git a/crypto/openssl/crypto/stack/stack.c b/crypto/openssl/crypto/stack/stack.c
deleted file mode 100644
index 2496f28a8c01..000000000000
--- a/crypto/openssl/crypto/stack/stack.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/stack/stack.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Code for stacks
- * Author - Eric Young v 1.0
- * 1.2 eay 12-Mar-97 -	Modified sk_find so that it _DOES_ return the
- *			lowest index for the searched item.
- *
- * 1.1 eay - Take from netdb and added to SSLeay
- *
- * 1.0 eay - First version 29/07/92
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/stack.h>
-
-#undef MIN_NODES
-#define MIN_NODES	4
-
-const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT;
-
-#include <errno.h>
-
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *)))
-		(const char * const *, const char * const *)
-	{
-	int (*old)(const char * const *,const char * const *)=sk->comp;
-
-	if (sk->comp != c)
-		sk->sorted=0;
-	sk->comp=c;
-
-	return old;
-	}
-
-STACK *sk_dup(STACK *sk)
-	{
-	STACK *ret;
-	char **s;
-
-	if ((ret=sk_new(sk->comp)) == NULL) goto err;
-	s=(char **)OPENSSL_realloc((char *)ret->data,
-		(unsigned int)sizeof(char *)*sk->num_alloc);
-	if (s == NULL) goto err;
-	ret->data=s;
-
-	ret->num=sk->num;
-	memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
-	ret->sorted=sk->sorted;
-	ret->num_alloc=sk->num_alloc;
-	ret->comp=sk->comp;
-	return(ret);
-err:
-	if(ret)
-		sk_free(ret);
-	return(NULL);
-	}
-
-STACK *sk_new_null(void)
-	{
-	return sk_new((int (*)(const char * const *, const char * const *))0);
-	}
-
-STACK *sk_new(int (*c)(const char * const *, const char * const *))
-	{
-	STACK *ret;
-	int i;
-
-	if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL)
-		goto err;
-	if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL)
-		goto err;
-	for (i=0; i<MIN_NODES; i++)
-		ret->data[i]=NULL;
-	ret->comp=c;
-	ret->num_alloc=MIN_NODES;
-	ret->num=0;
-	ret->sorted=0;
-	return(ret);
-err:
-	if(ret)
-		OPENSSL_free(ret);
-	return(NULL);
-	}
-
-int sk_insert(STACK *st, char *data, int loc)
-	{
-	char **s;
-
-	if(st == NULL) return 0;
-	if (st->num_alloc <= st->num+1)
-		{
-		s=(char **)OPENSSL_realloc((char *)st->data,
-			(unsigned int)sizeof(char *)*st->num_alloc*2);
-		if (s == NULL)
-			return(0);
-		st->data=s;
-		st->num_alloc*=2;
-		}
-	if ((loc >= (int)st->num) || (loc < 0))
-		st->data[st->num]=data;
-	else
-		{
-		int i;
-		char **f,**t;
-
-		f=(char **)st->data;
-		t=(char **)&(st->data[1]);
-		for (i=st->num; i>=loc; i--)
-			t[i]=f[i];
-			
-#ifdef undef /* no memmove on sunos :-( */
-		memmove( (char *)&(st->data[loc+1]),
-			(char *)&(st->data[loc]),
-			sizeof(char *)*(st->num-loc));
-#endif
-		st->data[loc]=data;
-		}
-	st->num++;
-	st->sorted=0;
-	return(st->num);
-	}
-
-char *sk_delete_ptr(STACK *st, char *p)
-	{
-	int i;
-
-	for (i=0; i<st->num; i++)
-		if (st->data[i] == p)
-			return(sk_delete(st,i));
-	return(NULL);
-	}
-
-char *sk_delete(STACK *st, int loc)
-	{
-	char *ret;
-	int i,j;
-
-	if ((st == NULL) || (st->num == 0) || (loc < 0)
-					 || (loc >= st->num)) return(NULL);
-
-	ret=st->data[loc];
-	if (loc != st->num-1)
-		{
-		j=st->num-1;
-		for (i=loc; i<j; i++)
-			st->data[i]=st->data[i+1];
-		/* In theory memcpy is not safe for this
-		 * memcpy( &(st->data[loc]),
-		 *	&(st->data[loc+1]),
-		 *	sizeof(char *)*(st->num-loc-1));
-		 */
-		}
-	st->num--;
-	return(ret);
-	}
-
-int sk_find(STACK *st, char *data)
-	{
-	char **r;
-	int i;
-	int (*comp_func)(const void *,const void *);
-	if(st == NULL) return -1;
-
-	if (st->comp == NULL)
-		{
-		for (i=0; i<st->num; i++)
-			if (st->data[i] == data)
-				return(i);
-		return(-1);
-		}
-	sk_sort(st);
-	if (data == NULL) return(-1);
-	/* This (and the "qsort" below) are the two places in OpenSSL
-	 * where we need to convert from our standard (type **,type **)
-	 * compare callback type to the (void *,void *) type required by
-	 * bsearch. However, the "data" it is being called(back) with are
-	 * not (type *) pointers, but the *pointers* to (type *) pointers,
-	 * so we get our extra level of pointer dereferencing that way. */
-	comp_func=(int (*)(const void *,const void *))(st->comp);
-	r=(char **)bsearch(&data,(char *)st->data,
-		st->num,sizeof(char *), comp_func);
-	if (r == NULL) return(-1);
-	i=(int)(r-st->data);
-	for ( ; i>0; i--)
-		/* This needs a cast because the type being pointed to from
-		 * the "&" expressions are (char *) rather than (const char *).
-		 * For an explanation, read:
-		 * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */
-		if ((*st->comp)((const char * const *)&(st->data[i-1]),
-				(const char * const *)&data) < 0)
-			break;
-	return(i);
-	}
-
-int sk_push(STACK *st, char *data)
-	{
-	return(sk_insert(st,data,st->num));
-	}
-
-int sk_unshift(STACK *st, char *data)
-	{
-	return(sk_insert(st,data,0));
-	}
-
-char *sk_shift(STACK *st)
-	{
-	if (st == NULL) return(NULL);
-	if (st->num <= 0) return(NULL);
-	return(sk_delete(st,0));
-	}
-
-char *sk_pop(STACK *st)
-	{
-	if (st == NULL) return(NULL);
-	if (st->num <= 0) return(NULL);
-	return(sk_delete(st,st->num-1));
-	}
-
-void sk_zero(STACK *st)
-	{
-	if (st == NULL) return;
-	if (st->num <= 0) return;
-	memset((char *)st->data,0,sizeof(st->data)*st->num);
-	st->num=0;
-	}
-
-void sk_pop_free(STACK *st, void (*func)(void *))
-	{
-	int i;
-
-	if (st == NULL) return;
-	for (i=0; i<st->num; i++)
-		if (st->data[i] != NULL)
-			func(st->data[i]);
-	sk_free(st);
-	}
-
-void sk_free(STACK *st)
-	{
-	if (st == NULL) return;
-	if (st->data != NULL) OPENSSL_free(st->data);
-	OPENSSL_free(st);
-	}
-
-int sk_num(const STACK *st)
-{
-	if(st == NULL) return -1;
-	return st->num;
-}
-
-char *sk_value(const STACK *st, int i)
-{
-	if(st == NULL) return NULL;
-	return st->data[i];
-}
-
-char *sk_set(STACK *st, int i, char *value)
-{
-	if(st == NULL) return NULL;
-	return (st->data[i] = value);
-}
-
-void sk_sort(STACK *st)
-	{
-	if (st && !st->sorted)
-		{
-		int (*comp_func)(const void *,const void *);
-
-		/* same comment as in sk_find ... previously st->comp was declared
-		 * as a (void*,void*) callback type, but this made the population
-		 * of the callback pointer illogical - our callbacks compare
-		 * type** with type**, so we leave the casting until absolutely
-		 * necessary (ie. "now"). */
-		comp_func=(int (*)(const void *,const void *))(st->comp);
-		qsort(st->data,st->num,sizeof(char *), comp_func);
-		st->sorted=1;
-		}
-	}
diff --git a/crypto/openssl/crypto/stack/stack.h b/crypto/openssl/crypto/stack/stack.h
deleted file mode 100644
index 8b436ca4b986..000000000000
--- a/crypto/openssl/crypto/stack/stack.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/stack/stack.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_STACK_H
-#define HEADER_STACK_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct stack_st
-	{
-	int num;
-	char **data;
-	int sorted;
-
-	int num_alloc;
-	int (*comp)(const char * const *, const char * const *);
-	} STACK;
-
-#define M_sk_num(sk)		((sk) ? (sk)->num:-1)
-#define M_sk_value(sk,n)	((sk) ? (sk)->data[n] : NULL)
-
-int sk_num(const STACK *);
-char *sk_value(const STACK *, int);
-
-char *sk_set(STACK *, int, char *);
-
-STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
-STACK *sk_new_null(void);
-void sk_free(STACK *);
-void sk_pop_free(STACK *st, void (*func)(void *));
-int sk_insert(STACK *sk,char *data,int where);
-char *sk_delete(STACK *st,int loc);
-char *sk_delete_ptr(STACK *st, char *p);
-int sk_find(STACK *st,char *data);
-int sk_push(STACK *st,char *data);
-int sk_unshift(STACK *st,char *data);
-char *sk_shift(STACK *st);
-char *sk_pop(STACK *st);
-void sk_zero(STACK *st);
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
-			const char * const *)))
-			(const char * const *, const char * const *);
-STACK *sk_dup(STACK *st);
-void sk_sort(STACK *st);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/symhacks.h b/crypto/openssl/crypto/symhacks.h
deleted file mode 100644
index 774162fec9e8..000000000000
--- a/crypto/openssl/crypto/symhacks.h
+++ /dev/null
@@ -1,275 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SYMHACKS_H
-#define HEADER_SYMHACKS_H
-
-#include <openssl/e_os2.h>
-
-/* Hacks to solve the problem with linkers incapable of handling very long
-   symbol names.  In the case of VMS, the limit is 31 characters on VMS for
-   VAX. */
-#ifdef OPENSSL_SYS_VMS
-
-/* Hack a long name in crypto/ex_data.c */
-#undef CRYPTO_get_ex_data_implementation
-#define CRYPTO_get_ex_data_implementation	CRYPTO_get_ex_data_impl
-#undef CRYPTO_set_ex_data_implementation
-#define CRYPTO_set_ex_data_implementation	CRYPTO_set_ex_data_impl
-
-/* Hack a long name in crypto/asn1/a_mbstr.c */
-#undef ASN1_STRING_set_default_mask_asc
-#define ASN1_STRING_set_default_mask_asc	ASN1_STRING_set_def_mask_asc
-
-#if 0 /* No longer needed, since safestack macro magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
-#undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
-#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO	i2d_ASN1_SET_OF_PKCS7_SIGINF
-#undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
-#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO	d2i_ASN1_SET_OF_PKCS7_SIGINF
-#endif
-
-#if 0 /* No longer needed, since safestack macro magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
-#undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
-#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO	i2d_ASN1_SET_OF_PKCS7_RECINF
-#undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
-#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO	d2i_ASN1_SET_OF_PKCS7_RECINF
-#endif
-
-#if 0 /* No longer needed, since safestack macro magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
-#undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
-#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION	i2d_ASN1_SET_OF_ACC_DESC
-#undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
-#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION	d2i_ASN1_SET_OF_ACC_DESC
-#endif
-
-/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
-#undef PEM_read_NETSCAPE_CERT_SEQUENCE
-#define PEM_read_NETSCAPE_CERT_SEQUENCE		PEM_read_NS_CERT_SEQ
-#undef PEM_write_NETSCAPE_CERT_SEQUENCE
-#define PEM_write_NETSCAPE_CERT_SEQUENCE	PEM_write_NS_CERT_SEQ
-#undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
-#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE	PEM_read_bio_NS_CERT_SEQ
-#undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
-#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE	PEM_write_bio_NS_CERT_SEQ
-#undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
-#define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE	PEM_write_cb_bio_NS_CERT_SEQ
-
-/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
-#undef PEM_read_PKCS8_PRIV_KEY_INFO
-#define PEM_read_PKCS8_PRIV_KEY_INFO		PEM_read_P8_PRIV_KEY_INFO
-#undef PEM_write_PKCS8_PRIV_KEY_INFO
-#define PEM_write_PKCS8_PRIV_KEY_INFO		PEM_write_P8_PRIV_KEY_INFO
-#undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
-#define PEM_read_bio_PKCS8_PRIV_KEY_INFO	PEM_read_bio_P8_PRIV_KEY_INFO
-#undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
-#define PEM_write_bio_PKCS8_PRIV_KEY_INFO	PEM_write_bio_P8_PRIV_KEY_INFO
-#undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
-#define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO	PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
-
-/* Hack other PEM names */
-#undef PEM_write_bio_PKCS8PrivateKey_nid
-#define PEM_write_bio_PKCS8PrivateKey_nid	PEM_write_bio_PKCS8PrivKey_nid
-
-/* Hack some long X509 names */
-#undef X509_REVOKED_get_ext_by_critical
-#define X509_REVOKED_get_ext_by_critical	X509_REVOKED_get_ext_by_critic
-
-/* Hack some long CRYPTO names */
-#undef CRYPTO_set_dynlock_destroy_callback
-#define CRYPTO_set_dynlock_destroy_callback     CRYPTO_set_dynlock_destroy_cb
-#undef CRYPTO_set_dynlock_create_callback
-#define CRYPTO_set_dynlock_create_callback      CRYPTO_set_dynlock_create_cb
-#undef CRYPTO_set_dynlock_lock_callback
-#define CRYPTO_set_dynlock_lock_callback        CRYPTO_set_dynlock_lock_cb
-#undef CRYPTO_get_dynlock_lock_callback
-#define CRYPTO_get_dynlock_lock_callback        CRYPTO_get_dynlock_lock_cb
-#undef CRYPTO_get_dynlock_destroy_callback
-#define CRYPTO_get_dynlock_destroy_callback     CRYPTO_get_dynlock_destroy_cb
-#undef CRYPTO_get_dynlock_create_callback
-#define CRYPTO_get_dynlock_create_callback      CRYPTO_get_dynlock_create_cb
-#undef CRYPTO_set_locked_mem_ex_functions
-#define CRYPTO_set_locked_mem_ex_functions      CRYPTO_set_locked_mem_ex_funcs
-#undef CRYPTO_get_locked_mem_ex_functions
-#define CRYPTO_get_locked_mem_ex_functions      CRYPTO_get_locked_mem_ex_funcs
-
-/* Hack some long SSL names */
-#undef SSL_CTX_set_default_verify_paths
-#define SSL_CTX_set_default_verify_paths        SSL_CTX_set_def_verify_paths
-#undef SSL_get_ex_data_X509_STORE_CTX_idx
-#define SSL_get_ex_data_X509_STORE_CTX_idx      SSL_get_ex_d_X509_STORE_CTX_idx
-#undef SSL_add_file_cert_subjects_to_stack
-#define SSL_add_file_cert_subjects_to_stack     SSL_add_file_cert_subjs_to_stk
-#if 0 /* This function is not defined i VMS. */
-#undef SSL_add_dir_cert_subjects_to_stack
-#define SSL_add_dir_cert_subjects_to_stack      SSL_add_dir_cert_subjs_to_stk
-#endif
-#undef SSL_CTX_use_certificate_chain_file
-#define SSL_CTX_use_certificate_chain_file      SSL_CTX_use_cert_chain_file
-#undef SSL_CTX_set_cert_verify_callback
-#define SSL_CTX_set_cert_verify_callback        SSL_CTX_set_cert_verify_cb
-#undef SSL_CTX_set_default_passwd_cb_userdata
-#define SSL_CTX_set_default_passwd_cb_userdata  SSL_CTX_set_def_passwd_cb_ud
-
-/* Hack some long ENGINE names */
-#undef ENGINE_get_default_BN_mod_exp_crt
-#define ENGINE_get_default_BN_mod_exp_crt	ENGINE_get_def_BN_mod_exp_crt
-#undef ENGINE_set_default_BN_mod_exp_crt
-#define ENGINE_set_default_BN_mod_exp_crt	ENGINE_set_def_BN_mod_exp_crt
-#undef ENGINE_set_load_privkey_function
-#define ENGINE_set_load_privkey_function        ENGINE_set_load_privkey_fn
-#undef ENGINE_get_load_privkey_function
-#define ENGINE_get_load_privkey_function        ENGINE_get_load_privkey_fn
-
-/* Hack some long OCSP names */
-#undef OCSP_REQUEST_get_ext_by_critical
-#define OCSP_REQUEST_get_ext_by_critical        OCSP_REQUEST_get_ext_by_crit
-#undef OCSP_BASICRESP_get_ext_by_critical
-#define OCSP_BASICRESP_get_ext_by_critical      OCSP_BASICRESP_get_ext_by_crit
-#undef OCSP_SINGLERESP_get_ext_by_critical
-#define OCSP_SINGLERESP_get_ext_by_critical     OCSP_SINGLERESP_get_ext_by_crit
-
-/* Hack some long DES names */
-#undef _ossl_old_des_ede3_cfb64_encrypt
-#define _ossl_old_des_ede3_cfb64_encrypt	_ossl_odes_ede3_cfb64_encrypt
-#undef _ossl_old_des_ede3_ofb64_encrypt
-#define _ossl_old_des_ede3_ofb64_encrypt	_ossl_odes_ede3_ofb64_encrypt
-
-/* Hack some long EVP names */
-#undef OPENSSL_add_all_algorithms_noconf
-#define OPENSSL_add_all_algorithms_noconf	OPENSSL_add_all_algo_noconf
-#undef OPENSSL_add_all_algorithms_conf
-#define OPENSSL_add_all_algorithms_conf		OPENSSL_add_all_algo_conf
-
-/* Hack some long EC names */
-#undef EC_POINT_set_Jprojective_coordinates_GFp
-#define EC_POINT_set_Jprojective_coordinates_GFp \
-                                                EC_POINT_set_Jproj_coords_GFp
-#undef EC_POINT_get_Jprojective_coordinates_GFp
-#define EC_POINT_get_Jprojective_coordinates_GFp \
-                                                EC_POINT_get_Jproj_coords_GFp
-#undef EC_POINT_set_affine_coordinates_GFp
-#define EC_POINT_set_affine_coordinates_GFp     EC_POINT_set_affine_coords_GFp
-#undef EC_POINT_get_affine_coordinates_GFp
-#define EC_POINT_get_affine_coordinates_GFp     EC_POINT_get_affine_coords_GFp
-#undef EC_POINT_set_compressed_coordinates_GFp
-#define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
-#undef ec_GFp_simple_group_set_curve_GFp
-#define ec_GFp_simple_group_set_curve_GFp       ec_GFp_simple_grp_set_curve_GFp
-#undef ec_GFp_simple_group_get_curve_GFp
-#define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
-#undef ec_GFp_simple_group_clear_finish
-#define ec_GFp_simple_group_clear_finish        ec_GFp_simple_grp_clear_finish
-#undef ec_GFp_simple_group_set_generator
-#define ec_GFp_simple_group_set_generator       ec_GFp_simple_grp_set_generator
-#undef ec_GFp_simple_group_get0_generator
-#define ec_GFp_simple_group_get0_generator      ec_GFp_simple_grp_gt0_generator
-#undef ec_GFp_simple_group_get_cofactor
-#define ec_GFp_simple_group_get_cofactor        ec_GFp_simple_grp_get_cofactor
-#undef ec_GFp_simple_point_clear_finish
-#define ec_GFp_simple_point_clear_finish        ec_GFp_simple_pt_clear_finish
-#undef ec_GFp_simple_point_set_to_infinity
-#define ec_GFp_simple_point_set_to_infinity     ec_GFp_simple_pt_set_to_inf
-#undef ec_GFp_simple_points_make_affine
-#define ec_GFp_simple_points_make_affine        ec_GFp_simple_pts_make_affine
-#undef ec_GFp_simple_group_get_curve_GFp
-#define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
-#undef ec_GFp_simple_set_Jprojective_coordinates_GFp
-#define ec_GFp_simple_set_Jprojective_coordinates_GFp \
-                                                ec_GFp_smp_set_Jproj_coords_GFp
-#undef ec_GFp_simple_get_Jprojective_coordinates_GFp
-#define ec_GFp_simple_get_Jprojective_coordinates_GFp \
-                                                ec_GFp_smp_get_Jproj_coords_GFp
-#undef ec_GFp_simple_point_set_affine_coordinates_GFp
-#define ec_GFp_simple_point_set_affine_coordinates_GFp \
-                                                ec_GFp_smp_pt_set_af_coords_GFp
-#undef ec_GFp_simple_point_get_affine_coordinates_GFp
-#define ec_GFp_simple_point_get_affine_coordinates_GFp \
-                                                ec_GFp_smp_pt_get_af_coords_GFp
-#undef ec_GFp_simple_set_compressed_coordinates_GFp
-#define ec_GFp_simple_set_compressed_coordinates_GFp \
-                                                ec_GFp_smp_set_compr_coords_GFp
-
-#endif /* defined OPENSSL_SYS_VMS */
-
-
-/* Case insensiteve linking causes problems.... */
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
-#undef ERR_load_CRYPTO_strings
-#define ERR_load_CRYPTO_strings			ERR_load_CRYPTOlib_strings
-#undef OCSP_crlID_new
-#define OCSP_crlID_new                          OCSP_crlID2_new
-
-/* These functions do not seem to exist!  However, I'm paranoid...
-   Original command in x509v3.h:
-   These functions are being redefined in another directory,
-   and clash when the linker is case-insensitive, so let's
-   hide them a little, by giving them an extra 'o' at the
-   beginning of the name... */
-#undef X509v3_cleanup_extensions
-#define X509v3_cleanup_extensions               oX509v3_cleanup_extensions
-#undef X509v3_add_extension
-#define X509v3_add_extension                    oX509v3_add_extension
-#undef X509v3_add_netscape_extensions
-#define X509v3_add_netscape_extensions          oX509v3_add_netscape_extensions
-#undef X509v3_add_standard_extensions
-#define X509v3_add_standard_extensions          oX509v3_add_standard_extensions
-
-
-#endif
-
-
-#endif /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/crypto/openssl/crypto/threads/README b/crypto/openssl/crypto/threads/README
deleted file mode 100644
index df6b26e146f2..000000000000
--- a/crypto/openssl/crypto/threads/README
+++ /dev/null
@@ -1,14 +0,0 @@
-Mutithreading testing area.
-
-Since this stuff is very very platorm specific, this is not part of the
-normal build.  Have a read of doc/threads.doc.
-
-mttest will do some testing and will currently build under Windows NT/95,
-Solaris and Linux.  The IRIX stuff is not finished.
-
-I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
-and things seem to work ok.
-
-The Linux pthreads package can be retrieved from 
-http://www.mit.edu:8001/people/proven/pthreads.html
-
diff --git a/crypto/openssl/crypto/threads/mttest.c b/crypto/openssl/crypto/threads/mttest.c
deleted file mode 100644
index 7142e4edc77c..000000000000
--- a/crypto/openssl/crypto/threads/mttest.c
+++ /dev/null
@@ -1,1100 +0,0 @@
-/* crypto/threads/mttest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#ifdef LINUX
-#include <typedefs.h>
-#endif
-#ifdef OPENSSL_SYS_WIN32
-#include <windows.h>
-#endif
-#ifdef SOLARIS
-#include <synch.h>
-#include <thread.h>
-#endif
-#ifdef IRIX
-#include <ulocks.h>
-#include <sys/prctl.h>
-#endif
-#ifdef PTHREADS
-#include <pthread.h>
-#endif
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include "../../e_os.h"
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#ifdef OPENSSL_NO_FP_API
-#define APPS_WIN16
-#include "../buffer/bss_file.c"
-#endif
-
-#define TEST_SERVER_CERT "../../apps/server.pem"
-#define TEST_CLIENT_CERT "../../apps/client.pem"
-
-#define MAX_THREAD_NUMBER	100
-
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs);
-void thread_setup(void);
-void thread_cleanup(void);
-void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
-
-void irix_locking_callback(int mode,int type,char *file,int line);
-void solaris_locking_callback(int mode,int type,char *file,int line);
-void win32_locking_callback(int mode,int type,char *file,int line);
-void pthreads_locking_callback(int mode,int type,char *file,int line);
-
-unsigned long irix_thread_id(void );
-unsigned long solaris_thread_id(void );
-unsigned long pthreads_thread_id(void );
-
-BIO *bio_err=NULL;
-BIO *bio_stdout=NULL;
-
-static char *cipher=NULL;
-int verbose=0;
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-
-int thread_number=10;
-int number_of_loops=10;
-int reconnect=0;
-int cache_stats=0;
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-int doit(char *ctx[4]);
-static void print_stats(FILE *fp, SSL_CTX *ctx)
-{
-	fprintf(fp,"%4ld items in the session cache\n",
-		SSL_CTX_sess_number(ctx));
-	fprintf(fp,"%4d client connects (SSL_connect())\n",
-		SSL_CTX_sess_connect(ctx));
-	fprintf(fp,"%4d client connects that finished\n",
-		SSL_CTX_sess_connect_good(ctx));
-	fprintf(fp,"%4d server connects (SSL_accept())\n",
-		SSL_CTX_sess_accept(ctx));
-	fprintf(fp,"%4d server connects that finished\n",
-		SSL_CTX_sess_accept_good(ctx));
-	fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
-	fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
-	fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
-	}
-
-static void sv_usage(void)
-	{
-	fprintf(stderr,"usage: ssltest [args ...]\n");
-	fprintf(stderr,"\n");
-	fprintf(stderr," -server_auth  - check server certificate\n");
-	fprintf(stderr," -client_auth  - do client authentication\n");
-	fprintf(stderr," -v            - more output\n");
-	fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
-	fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
-	fprintf(stderr," -threads arg  - number of threads\n");
-	fprintf(stderr," -loops arg    - number of 'connections', per thread\n");
-	fprintf(stderr," -reconnect    - reuse session-id's\n");
-	fprintf(stderr," -stats        - server session-id cache stats\n");
-	fprintf(stderr," -cert arg     - server certificate/key\n");
-	fprintf(stderr," -ccert arg    - client certificate/key\n");
-	fprintf(stderr," -ssl3         - just SSLv3n\n");
-	}
-
-int main(int argc, char *argv[])
-	{
-	char *CApath=NULL,*CAfile=NULL;
-	int badop=0;
-	int ret=1;
-	int client_auth=0;
-	int server_auth=0;
-	SSL_CTX *s_ctx=NULL;
-	SSL_CTX *c_ctx=NULL;
-	char *scert=TEST_SERVER_CERT;
-	char *ccert=TEST_CLIENT_CERT;
-	SSL_METHOD *ssl_method=SSLv23_method();
-
-	RAND_seed(rnd_seed, sizeof rnd_seed);
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	if (bio_stdout == NULL)
-		bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
-	argc--;
-	argv++;
-
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-server_auth") == 0)
-			server_auth=1;
-		else if	(strcmp(*argv,"-client_auth") == 0)
-			client_auth=1;
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			reconnect=1;
-		else if	(strcmp(*argv,"-stats") == 0)
-			cache_stats=1;
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			ssl_method=SSLv3_method();
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			ssl_method=SSLv2_method();
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			scert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-ccert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ccert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-threads") == 0)
-			{
-			if (--argc < 1) goto bad;
-			thread_number= atoi(*(++argv));
-			if (thread_number == 0) thread_number=1;
-			if (thread_number > MAX_THREAD_NUMBER)
-				thread_number=MAX_THREAD_NUMBER;
-			}
-		else if	(strcmp(*argv,"-loops") == 0)
-			{
-			if (--argc < 1) goto bad;
-			number_of_loops= atoi(*(++argv));
-			if (number_of_loops == 0) number_of_loops=1;
-			}
-		else
-			{
-			fprintf(stderr,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sv_usage();
-		goto end;
-		}
-
-	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
-
-	SSL_load_error_strings();
-	OpenSSL_add_ssl_algorithms();
-
-	c_ctx=SSL_CTX_new(ssl_method);
-	s_ctx=SSL_CTX_new(ssl_method);
-	if ((c_ctx == NULL) || (s_ctx == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	SSL_CTX_set_session_cache_mode(s_ctx,
-		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
-	SSL_CTX_set_session_cache_mode(c_ctx,
-		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
-
-	if (!SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM))
-		{
-		ERR_print_errors(bio_err);
-		}
-	else if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (client_auth)
-		{
-		SSL_CTX_use_certificate_file(c_ctx,ccert,
-			SSL_FILETYPE_PEM);
-		SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
-			SSL_FILETYPE_PEM);
-		}
-
-	if (	(!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
-		(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(c_ctx)))
-		{
-		fprintf(stderr,"SSL_load_verify_locations\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (client_auth)
-		{
-		fprintf(stderr,"client authentication\n");
-		SSL_CTX_set_verify(s_ctx,
-			SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
-			verify_callback);
-		}
-	if (server_auth)
-		{
-		fprintf(stderr,"server authentication\n");
-		SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
-			verify_callback);
-		}
-
-	thread_setup();
-	do_threads(s_ctx,c_ctx);
-	thread_cleanup();
-end:
-	
-	if (c_ctx != NULL) 
-		{
-		fprintf(stderr,"Client SSL_CTX stats then free it\n");
-		print_stats(stderr,c_ctx);
-		SSL_CTX_free(c_ctx);
-		}
-	if (s_ctx != NULL)
-		{
-		fprintf(stderr,"Server SSL_CTX stats then free it\n");
-		print_stats(stderr,s_ctx);
-		if (cache_stats)
-			{
-			fprintf(stderr,"-----\n");
-			lh_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n");
-		/*	lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n"); */
-			lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n");
-			}
-		SSL_CTX_free(s_ctx);
-		fprintf(stderr,"done free\n");
-		}
-	exit(ret);
-	return(0);
-	}
-
-#define W_READ	1
-#define W_WRITE	2
-#define C_DONE	1
-#define S_DONE	2
-
-int ndoit(SSL_CTX *ssl_ctx[2])
-	{
-	int i;
-	int ret;
-	char *ctx[4];
-
-	ctx[0]=(char *)ssl_ctx[0];
-	ctx[1]=(char *)ssl_ctx[1];
-
-	if (reconnect)
-		{
-		ctx[2]=(char *)SSL_new(ssl_ctx[0]);
-		ctx[3]=(char *)SSL_new(ssl_ctx[1]);
-		}
-	else
-		{
-		ctx[2]=NULL;
-		ctx[3]=NULL;
-		}
-
-	fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
-	for (i=0; i<number_of_loops; i++)
-		{
-/*		fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
-			CRYPTO_thread_id(),i,
-			ssl_ctx[0]->references,
-			ssl_ctx[1]->references); */
-	/*	pthread_delay_np(&tm);*/
-
-		ret=doit(ctx);
-		if (ret != 0)
-			{
-			fprintf(stdout,"error[%d] %lu - %d\n",
-				i,CRYPTO_thread_id(),ret);
-			return(ret);
-			}
-		}
-	fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
-	if (reconnect)
-		{
-		SSL_free((SSL *)ctx[2]);
-		SSL_free((SSL *)ctx[3]);
-		}
-	return(0);
-	}
-
-int doit(char *ctx[4])
-	{
-	SSL_CTX *s_ctx,*c_ctx;
-	static char cbuf[200],sbuf[200];
-	SSL *c_ssl=NULL;
-	SSL *s_ssl=NULL;
-	BIO *c_to_s=NULL;
-	BIO *s_to_c=NULL;
-	BIO *c_bio=NULL;
-	BIO *s_bio=NULL;
-	int c_r,c_w,s_r,s_w;
-	int c_want,s_want;
-	int i;
-	int done=0;
-	int c_write,s_write;
-	int do_server=0,do_client=0;
-
-	s_ctx=(SSL_CTX *)ctx[0];
-	c_ctx=(SSL_CTX *)ctx[1];
-
-	if (ctx[2] != NULL)
-		s_ssl=(SSL *)ctx[2];
-	else
-		s_ssl=SSL_new(s_ctx);
-
-	if (ctx[3] != NULL)
-		c_ssl=(SSL *)ctx[3];
-	else
-		c_ssl=SSL_new(c_ctx);
-
-	if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
-
-	c_to_s=BIO_new(BIO_s_mem());
-	s_to_c=BIO_new(BIO_s_mem());
-	if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
-
-	c_bio=BIO_new(BIO_f_ssl());
-	s_bio=BIO_new(BIO_f_ssl());
-	if ((c_bio == NULL) || (s_bio == NULL)) goto err;
-
-	SSL_set_connect_state(c_ssl);
-	SSL_set_bio(c_ssl,s_to_c,c_to_s);
-	BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
-
-	SSL_set_accept_state(s_ssl);
-	SSL_set_bio(s_ssl,c_to_s,s_to_c);
-	BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
-
-	c_r=0; s_r=1;
-	c_w=1; s_w=0;
-	c_want=W_WRITE;
-	s_want=0;
-	c_write=1,s_write=0;
-
-	/* We can always do writes */
-	for (;;)
-		{
-		do_server=0;
-		do_client=0;
-
-		i=(int)BIO_pending(s_bio);
-		if ((i && s_r) || s_w) do_server=1;
-
-		i=(int)BIO_pending(c_bio);
-		if ((i && c_r) || c_w) do_client=1;
-
-		if (do_server && verbose)
-			{
-			if (SSL_in_init(s_ssl))
-				printf("server waiting in SSL_accept - %s\n",
-					SSL_state_string_long(s_ssl));
-			else if (s_write)
-				printf("server:SSL_write()\n");
-			else 
-				printf("server:SSL_read()\n");
-			}
-
-		if (do_client && verbose)
-			{
-			if (SSL_in_init(c_ssl))
-				printf("client waiting in SSL_connect - %s\n",
-					SSL_state_string_long(c_ssl));
-			else if (c_write)
-				printf("client:SSL_write()\n");
-			else
-				printf("client:SSL_read()\n");
-			}
-
-		if (!do_client && !do_server)
-			{
-			fprintf(stdout,"ERROR IN STARTUP\n");
-			break;
-			}
-		if (do_client && !(done & C_DONE))
-			{
-			if (c_write)
-				{
-				i=BIO_write(c_bio,"hello from client\n",18);
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					/* ok */
-					c_write=0;
-					}
-				}
-			else
-				{
-				i=BIO_read(c_bio,cbuf,100);
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					done|=C_DONE;
-#ifdef undef
-					fprintf(stdout,"CLIENT:from server:");
-					fwrite(cbuf,1,i,stdout);
-					fflush(stdout);
-#endif
-					}
-				}
-			}
-
-		if (do_server && !(done & S_DONE))
-			{
-			if (!s_write)
-				{
-				i=BIO_read(s_bio,sbuf,100);
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					s_write=1;
-					s_w=1;
-#ifdef undef
-					fprintf(stdout,"SERVER:from client:");
-					fwrite(sbuf,1,i,stdout);
-					fflush(stdout);
-#endif
-					}
-				}
-			else
-				{
-				i=BIO_write(s_bio,"hello from server\n",18);
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					s_write=0;
-					s_r=1;
-					done|=S_DONE;
-					}
-				}
-			}
-
-		if ((done & S_DONE) && (done & C_DONE)) break;
-		}
-
-	SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-	SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-
-#ifdef undef
-	fprintf(stdout,"DONE\n");
-#endif
-err:
-	/* We have to set the BIO's to NULL otherwise they will be
-	 * free()ed twice.  Once when th s_ssl is SSL_free()ed and
-	 * again when c_ssl is SSL_free()ed.
-	 * This is a hack required because s_ssl and c_ssl are sharing the same
-	 * BIO structure and SSL_set_bio() and SSL_free() automatically
-	 * BIO_free non NULL entries.
-	 * You should not normally do this or be required to do this */
-
-	if (s_ssl != NULL)
-		{
-		s_ssl->rbio=NULL;
-		s_ssl->wbio=NULL;
-		}
-	if (c_ssl != NULL)
-		{
-		c_ssl->rbio=NULL;
-		c_ssl->wbio=NULL;
-		}
-
-	/* The SSL's are optionally freed in the following calls */
-	if (c_to_s != NULL) BIO_free(c_to_s);
-	if (s_to_c != NULL) BIO_free(s_to_c);
-
-	if (c_bio != NULL) BIO_free(c_bio);
-	if (s_bio != NULL) BIO_free(s_bio);
-	return(0);
-	}
-
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	char *s, buf[256];
-
-	if (verbose)
-		{
-		s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
-				    buf,256);
-		if (s != NULL)
-			{
-			if (ok)
-				fprintf(stderr,"depth=%d %s\n",
-					ctx->error_depth,buf);
-			else
-				fprintf(stderr,"depth=%d error=%d %s\n",
-					ctx->error_depth,ctx->error,buf);
-			}
-		}
-	return(ok);
-	}
-
-#define THREAD_STACK_SIZE (16*1024)
-
-#ifdef OPENSSL_SYS_WIN32
-
-static HANDLE *lock_cs;
-
-void thread_setup(void)
-	{
-	int i;
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
-		}
-
-	CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
-	/* id callback defined */
-	}
-
-void thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		CloseHandle(lock_cs[i]);
-	OPENSSL_free(lock_cs);
-	}
-
-void win32_locking_callback(int mode, int type, char *file, int line)
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		WaitForSingleObject(lock_cs[type],INFINITE);
-		}
-	else
-		{
-		ReleaseMutex(lock_cs[type]);
-		}
-	}
-
-void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
-	{
-	double ret;
-	SSL_CTX *ssl_ctx[2];
-	DWORD thread_id[MAX_THREAD_NUMBER];
-	HANDLE thread_handle[MAX_THREAD_NUMBER];
-	int i;
-	SYSTEMTIME start,end;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	GetSystemTime(&start);
-	for (i=0; i<thread_number; i++)
-		{
-		thread_handle[i]=CreateThread(NULL,
-			THREAD_STACK_SIZE,
-			(LPTHREAD_START_ROUTINE)ndoit,
-			(void *)ssl_ctx,
-			0L,
-			&(thread_id[i]));
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i+=50)
-		{
-		int j;
-
-		j=(thread_number < (i+50))?(thread_number-i):50;
-
-		if (WaitForMultipleObjects(j,
-			(CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
-			== WAIT_FAILED)
-			{
-			fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
-			exit(1);
-			}
-		}
-	GetSystemTime(&end);
-
-	if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
-	ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
-
-	ret=(ret+end.wHour-start.wHour)*60;
-	ret=(ret+end.wMinute-start.wMinute)*60;
-	ret=(ret+end.wSecond-start.wSecond);
-	ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
-
-	printf("win32 threads done - %.3f seconds\n",ret);
-	}
-
-#endif /* OPENSSL_SYS_WIN32 */
-
-#ifdef SOLARIS
-
-static mutex_t *lock_cs;
-/*static rwlock_t *lock_cs; */
-static long *lock_count;
-
-void thread_setup(void)
-	{
-	int i;
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t));
-	lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_count[i]=0;
-		/* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
-		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
-	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
-	}
-
-void thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-
-	fprintf(stderr,"cleanup\n");
-
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		/* rwlock_destroy(&(lock_cs[i])); */
-		mutex_destroy(&(lock_cs[i]));
-		fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
-		}
-	OPENSSL_free(lock_cs);
-	OPENSSL_free(lock_count);
-
-	fprintf(stderr,"done cleanup\n");
-
-	}
-
-void solaris_locking_callback(int mode, int type, char *file, int line)
-	{
-#ifdef undef
-	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-		CRYPTO_thread_id(),
-		(mode&CRYPTO_LOCK)?"l":"u",
-		(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-
-	/*
-	if (CRYPTO_LOCK_SSL_CERT == type)
-	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-		CRYPTO_thread_id(),
-		mode,file,line);
-	*/
-	if (mode & CRYPTO_LOCK)
-		{
-	/*	if (mode & CRYPTO_READ)
-			rw_rdlock(&(lock_cs[type]));
-		else
-			rw_wrlock(&(lock_cs[type])); */
-
-		mutex_lock(&(lock_cs[type]));
-		lock_count[type]++;
-		}
-	else
-		{
-/*		rw_unlock(&(lock_cs[type]));  */
-		mutex_unlock(&(lock_cs[type]));
-		}
-	}
-
-void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
-	{
-	SSL_CTX *ssl_ctx[2];
-	thread_t thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	thr_setconcurrency(thread_number);
-	for (i=0; i<thread_number; i++)
-		{
-		thr_create(NULL, THREAD_STACK_SIZE,
-			(void *(*)())ndoit,
-			(void *)ssl_ctx,
-			0L,
-			&(thread_ctx[i]));
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		thr_join(thread_ctx[i],NULL,NULL);
-		}
-
-	printf("solaris threads done (%d,%d)\n",
-		s_ctx->references,c_ctx->references);
-	}
-
-unsigned long solaris_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)thr_self();
-	return(ret);
-	}
-#endif /* SOLARIS */
-
-#ifdef IRIX
-
-
-static usptr_t *arena;
-static usema_t **lock_cs;
-
-void thread_setup(void)
-	{
-	int i;
-	char filename[20];
-
-	strcpy(filename,"/tmp/mttest.XXXXXX");
-	mktemp(filename);
-
-	usconfig(CONF_STHREADIOOFF);
-	usconfig(CONF_STHREADMALLOCOFF);
-	usconfig(CONF_INITUSERS,100);
-	usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
-	arena=usinit(filename);
-	unlink(filename);
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_cs[i]=usnewsema(arena,1);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
-	CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
-	}
-
-void thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		char buf[10];
-
-		sprintf(buf,"%2d:",i);
-		usdumpsema(lock_cs[i],stdout,buf);
-		usfreesema(lock_cs[i],arena);
-		}
-	OPENSSL_free(lock_cs);
-	}
-
-void irix_locking_callback(int mode, int type, char *file, int line)
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		printf("lock %d\n",type);
-		uspsema(lock_cs[type]);
-		}
-	else
-		{
-		printf("unlock %d\n",type);
-		usvsema(lock_cs[type]);
-		}
-	}
-
-void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
-	{
-	SSL_CTX *ssl_ctx[2];
-	int thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	for (i=0; i<thread_number; i++)
-		{
-		thread_ctx[i]=sproc((void (*)())ndoit,
-			PR_SADDR|PR_SFDS,(void *)ssl_ctx);
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		wait(NULL);
-		}
-
-	printf("irix threads done (%d,%d)\n",
-		s_ctx->references,c_ctx->references);
-	}
-
-unsigned long irix_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)getpid();
-	return(ret);
-	}
-#endif /* IRIX */
-
-#ifdef PTHREADS
-
-static pthread_mutex_t *lock_cs;
-static long *lock_count;
-
-void thread_setup(void)
-	{
-	int i;
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
-	lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_count[i]=0;
-		pthread_mutex_init(&(lock_cs[i]),NULL);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
-	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
-	}
-
-void thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	fprintf(stderr,"cleanup\n");
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		pthread_mutex_destroy(&(lock_cs[i]));
-		fprintf(stderr,"%8ld:%s\n",lock_count[i],
-			CRYPTO_get_lock_name(i));
-		}
-	OPENSSL_free(lock_cs);
-	OPENSSL_free(lock_count);
-
-	fprintf(stderr,"done cleanup\n");
-	}
-
-void pthreads_locking_callback(int mode, int type, char *file,
-	     int line)
-      {
-#ifdef undef
-	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-		CRYPTO_thread_id(),
-		(mode&CRYPTO_LOCK)?"l":"u",
-		(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-/*
-	if (CRYPTO_LOCK_SSL_CERT == type)
-		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-		CRYPTO_thread_id(),
-		mode,file,line);
-*/
-	if (mode & CRYPTO_LOCK)
-		{
-		pthread_mutex_lock(&(lock_cs[type]));
-		lock_count[type]++;
-		}
-	else
-		{
-		pthread_mutex_unlock(&(lock_cs[type]));
-		}
-	}
-
-void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
-	{
-	SSL_CTX *ssl_ctx[2];
-	pthread_t thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	/*
-	thr_setconcurrency(thread_number);
-	*/
-	for (i=0; i<thread_number; i++)
-		{
-		pthread_create(&(thread_ctx[i]), NULL,
-			(void *(*)())ndoit, (void *)ssl_ctx);
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		pthread_join(thread_ctx[i],NULL);
-		}
-
-	printf("pthreads threads done (%d,%d)\n",
-		s_ctx->references,c_ctx->references);
-	}
-
-unsigned long pthreads_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)pthread_self();
-	return(ret);
-	}
-
-#endif /* PTHREADS */
-
-
-
diff --git a/crypto/openssl/crypto/threads/profile.sh b/crypto/openssl/crypto/threads/profile.sh
deleted file mode 100644
index 6e3e342fc0b3..000000000000
--- a/crypto/openssl/crypto/threads/profile.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-cc -p -DSOLARIS -I../../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/crypto/threads/pthread.sh b/crypto/openssl/crypto/threads/pthread.sh
deleted file mode 100644
index f1c49821d2fb..000000000000
--- a/crypto/openssl/crypto/threads/pthread.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-#
-# build using pthreads
-#
-# http://www.mit.edu:8001/people/proven/pthreads.html
-#
-/bin/rm -f mttest
-pgcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto 
-
diff --git a/crypto/openssl/crypto/threads/pthread2.sh b/crypto/openssl/crypto/threads/pthread2.sh
deleted file mode 100755
index 41264c6a5046..000000000000
--- a/crypto/openssl/crypto/threads/pthread2.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-#
-# build using pthreads where it's already built into the system
-#
-/bin/rm -f mttest
-gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread
-
diff --git a/crypto/openssl/crypto/threads/purify.sh b/crypto/openssl/crypto/threads/purify.sh
deleted file mode 100644
index 6d44fe26b76a..000000000000
--- a/crypto/openssl/crypto/threads/purify.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-purify cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/crypto/threads/solaris.sh b/crypto/openssl/crypto/threads/solaris.sh
deleted file mode 100644
index bc93094a2748..000000000000
--- a/crypto/openssl/crypto/threads/solaris.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/crypto/threads/th-lock.c b/crypto/openssl/crypto/threads/th-lock.c
deleted file mode 100644
index a6a79b9f4530..000000000000
--- a/crypto/openssl/crypto/threads/th-lock.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/threads/th-lock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#ifdef LINUX
-#include <typedefs.h>
-#endif
-#ifdef OPENSSL_SYS_WIN32
-#include <windows.h>
-#endif
-#ifdef SOLARIS
-#include <synch.h>
-#include <thread.h>
-#endif
-#ifdef IRIX
-#include <ulocks.h>
-#include <sys/prctl.h>
-#endif
-#ifdef PTHREADS
-#include <pthread.h>
-#endif
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/e_os.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-void CRYPTO_thread_setup(void);
-void CRYPTO_thread_cleanup(void);
-
-static void irix_locking_callback(int mode,int type,char *file,int line);
-static void solaris_locking_callback(int mode,int type,char *file,int line);
-static void win32_locking_callback(int mode,int type,char *file,int line);
-static void pthreads_locking_callback(int mode,int type,char *file,int line);
-
-static unsigned long irix_thread_id(void );
-static unsigned long solaris_thread_id(void );
-static unsigned long pthreads_thread_id(void );
-
-/* usage:
- * CRYPTO_thread_setup();
- * application code
- * CRYPTO_thread_cleanup();
- */
-
-#define THREAD_STACK_SIZE (16*1024)
-
-#ifdef OPENSSL_SYS_WIN32
-
-static HANDLE *lock_cs;
-
-void CRYPTO_thread_setup(void)
-	{
-	int i;
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
-		}
-
-	CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
-	/* id callback defined */
-	return(1);
-	}
-
-static void CRYPTO_thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		CloseHandle(lock_cs[i]);
-	OPENSSL_free(lock_cs);
-	}
-
-void win32_locking_callback(int mode, int type, char *file, int line)
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		WaitForSingleObject(lock_cs[type],INFINITE);
-		}
-	else
-		{
-		ReleaseMutex(lock_cs[type]);
-		}
-	}
-
-#endif /* OPENSSL_SYS_WIN32 */
-
-#ifdef SOLARIS
-
-#define USE_MUTEX
-
-#ifdef USE_MUTEX
-static mutex_t *lock_cs;
-#else
-static rwlock_t *lock_cs;
-#endif
-static long *lock_count;
-
-void CRYPTO_thread_setup(void)
-	{
-	int i;
-
-#ifdef USE_MUTEX
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t));
-#else
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
-#endif
-	lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_count[i]=0;
-#ifdef USE_MUTEX
-		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
-#else
-		rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL);
-#endif
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
-	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
-	}
-
-void CRYPTO_thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-#ifdef USE_MUTEX
-		mutex_destroy(&(lock_cs[i]));
-#else
-		rwlock_destroy(&(lock_cs[i]));
-#endif
-		}
-	OPENSSL_free(lock_cs);
-	OPENSSL_free(lock_count);
-	}
-
-void solaris_locking_callback(int mode, int type, char *file, int line)
-	{
-#if 0
-	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-		CRYPTO_thread_id(),
-		(mode&CRYPTO_LOCK)?"l":"u",
-		(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-
-#if 0
-	if (CRYPTO_LOCK_SSL_CERT == type)
-		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-			CRYPTO_thread_id(),
-			mode,file,line);
-#endif
-	if (mode & CRYPTO_LOCK)
-		{
-#ifdef USE_MUTEX
-		mutex_lock(&(lock_cs[type]));
-#else
-		if (mode & CRYPTO_READ)
-			rw_rdlock(&(lock_cs[type]));
-		else
-			rw_wrlock(&(lock_cs[type]));
-#endif
-		lock_count[type]++;
-		}
-	else
-		{
-#ifdef USE_MUTEX
-		mutex_unlock(&(lock_cs[type]));
-#else
-		rw_unlock(&(lock_cs[type]));
-#endif
-		}
-	}
-
-unsigned long solaris_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)thr_self();
-	return(ret);
-	}
-#endif /* SOLARIS */
-
-#ifdef IRIX
-/* I don't think this works..... */
-
-static usptr_t *arena;
-static usema_t **lock_cs;
-
-void CRYPTO_thread_setup(void)
-	{
-	int i;
-	char filename[20];
-
-	strcpy(filename,"/tmp/mttest.XXXXXX");
-	mktemp(filename);
-
-	usconfig(CONF_STHREADIOOFF);
-	usconfig(CONF_STHREADMALLOCOFF);
-	usconfig(CONF_INITUSERS,100);
-	usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
-	arena=usinit(filename);
-	unlink(filename);
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_cs[i]=usnewsema(arena,1);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
-	CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
-	}
-
-void CRYPTO_thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		char buf[10];
-
-		sprintf(buf,"%2d:",i);
-		usdumpsema(lock_cs[i],stdout,buf);
-		usfreesema(lock_cs[i],arena);
-		}
-	OPENSSL_free(lock_cs);
-	}
-
-void irix_locking_callback(int mode, int type, char *file, int line)
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		uspsema(lock_cs[type]);
-		}
-	else
-		{
-		usvsema(lock_cs[type]);
-		}
-	}
-
-unsigned long irix_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)getpid();
-	return(ret);
-	}
-#endif /* IRIX */
-
-/* Linux and a few others */
-#ifdef PTHREADS
-
-static pthread_mutex_t *lock_cs;
-static long *lock_count;
-
-void CRYPTO_thread_setup(void)
-	{
-	int i;
-
-	lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
-	lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		lock_count[i]=0;
-		pthread_mutex_init(&(lock_cs[i]),NULL);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
-	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
-	}
-
-void thread_cleanup(void)
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_num_locks(); i++)
-		{
-		pthread_mutex_destroy(&(lock_cs[i]));
-		}
-	OPENSSL_free(lock_cs);
-	OPENSSL_free(lock_count);
-	}
-
-void pthreads_locking_callback(int mode, int type, char *file,
-	     int line)
-      {
-#if 0
-	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-		CRYPTO_thread_id(),
-		(mode&CRYPTO_LOCK)?"l":"u",
-		(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-#if 0
-	if (CRYPTO_LOCK_SSL_CERT == type)
-		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-		CRYPTO_thread_id(),
-		mode,file,line);
-#endif
-	if (mode & CRYPTO_LOCK)
-		{
-		pthread_mutex_lock(&(lock_cs[type]));
-		lock_count[type]++;
-		}
-	else
-		{
-		pthread_mutex_unlock(&(lock_cs[type]));
-		}
-	}
-
-unsigned long pthreads_thread_id(void)
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)pthread_self();
-	return(ret);
-	}
-
-#endif /* PTHREADS */
-
diff --git a/crypto/openssl/crypto/tmdiff.c b/crypto/openssl/crypto/tmdiff.c
deleted file mode 100644
index 307523ebba3b..000000000000
--- a/crypto/openssl/crypto/tmdiff.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* crypto/tmdiff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/tmdiff.h>
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#ifdef TIMEB
-#undef OPENSSL_SYS_WIN32
-#undef TIMES
-#endif
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !(defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX_RHAPSODY) && !defined(OPENSSL_SYS_VXWORKS)
-# define TIMES
-#endif
-
-#ifndef _IRIX
-#  include <time.h>
-#endif
-#ifdef TIMES
-#  include <sys/types.h>
-#  include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS)
-#include <sys/timeb.h>
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-#include <windows.h>
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# if defined(_SC_CLK_TCK) \
-     && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
-#  define HZ ((double)sysconf(_SC_CLK_TCK))
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ  100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
-typedef struct ms_tm
-	{
-#ifdef TIMES
-	struct tms ms_tms;
-#else
-#  ifdef OPENSSL_SYS_WIN32
-	HANDLE thread_id;
-	FILETIME ms_win32;
-#  else
-#    ifdef OPENSSL_SYS_VXWORKS
-          unsigned long ticks;
-#    else
-	struct timeb ms_timeb;
-#    endif
-#  endif
-#endif
-	} MS_TM;
-
-char *ms_time_new(void)
-	{
-	MS_TM *ret;
-
-	ret=(MS_TM *)OPENSSL_malloc(sizeof(MS_TM));
-	if (ret == NULL)
-		return(NULL);
-	memset(ret,0,sizeof(MS_TM));
-#ifdef OPENSSL_SYS_WIN32
-	ret->thread_id=GetCurrentThread();
-#endif
-	return((char *)ret);
-	}
-
-void ms_time_free(char *a)
-	{
-	if (a != NULL)
-		OPENSSL_free(a);
-	}
-
-void ms_time_get(char *a)
-	{
-	MS_TM *tm=(MS_TM *)a;
-#ifdef OPENSSL_SYS_WIN32
-	FILETIME tmpa,tmpb,tmpc;
-#endif
-
-#ifdef TIMES
-	times(&tm->ms_tms);
-#else
-#  ifdef OPENSSL_SYS_WIN32
-	GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32));
-#  else
-#    ifdef OPENSSL_SYS_VXWORKS
-        tm->ticks = tickGet();
-#    else
-	ftime(&tm->ms_timeb);
-#    endif
-#  endif
-#endif
-	}
-
-double ms_time_diff(char *ap, char *bp)
-	{
-	MS_TM *a=(MS_TM *)ap;
-	MS_TM *b=(MS_TM *)bp;
-	double ret;
-
-#ifdef TIMES
-	ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
-#else
-# ifdef OPENSSL_SYS_WIN32
-	{
-#ifdef __GNUC__
-	signed long long la,lb;
-#else
-	signed _int64 la,lb;
-#endif
-	la=a->ms_win32.dwHighDateTime;
-	lb=b->ms_win32.dwHighDateTime;
-	la<<=32;
-	lb<<=32;
-	la+=a->ms_win32.dwLowDateTime;
-	lb+=b->ms_win32.dwLowDateTime;
-	ret=((double)(lb-la))/1e7;
-	}
-# else
-#  ifdef OPENSSL_SYS_VXWORKS
-        ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet();
-#  else
-	ret=	 (double)(b->ms_timeb.time-a->ms_timeb.time)+
-		(((double)b->ms_timeb.millitm)-
-		((double)a->ms_timeb.millitm))/1000.0;
-#  endif
-# endif
-#endif
-	return((ret < 0.0000001)?0.0000001:ret);
-	}
-
-int ms_time_cmp(char *ap, char *bp)
-	{
-	MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp;
-	double d;
-	int ret;
-
-#ifdef TIMES
-	d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
-#else
-# ifdef OPENSSL_SYS_WIN32
-	d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7;
-	d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
-# else
-#  ifdef OPENSSL_SYS_VXWORKS
-        d = (b->ticks - a->ticks);
-#  else
-	d=	 (double)(b->ms_timeb.time-a->ms_timeb.time)+
-		(((double)b->ms_timeb.millitm)-(double)a->ms_timeb.millitm)/1000.0;
-#  endif
-# endif
-#endif
-	if (d == 0.0)
-		ret=0;
-	else if (d < 0)
-		ret= -1;
-	else
-		ret=1;
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/tmdiff.h b/crypto/openssl/crypto/tmdiff.h
deleted file mode 100644
index 41a8a1e0e0da..000000000000
--- a/crypto/openssl/crypto/tmdiff.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/tmdiff.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-
-#ifndef HEADER_TMDIFF_H
-#define HEADER_TMDIFF_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-char *ms_time_new(void );
-void ms_time_free(char *a);
-void ms_time_get(char *a);
-double ms_time_diff(char *start,char *end);
-int ms_time_cmp(char *ap,char *bp);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/crypto/openssl/crypto/txt_db/Makefile.save b/crypto/openssl/crypto/txt_db/Makefile.save
deleted file mode 100644
index 567202abb771..000000000000
--- a/crypto/openssl/crypto/txt_db/Makefile.save
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay/crypto/txt_db/Makefile
-#
-
-DIR=	txt_db
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=txt_db.c
-LIBOBJ=txt_db.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= txt_db.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-txt_db.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-txt_db.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h
diff --git a/crypto/openssl/crypto/txt_db/Makefile.ssl b/crypto/openssl/crypto/txt_db/Makefile.ssl
deleted file mode 100644
index 313f75313b78..000000000000
--- a/crypto/openssl/crypto/txt_db/Makefile.ssl
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay/crypto/txt_db/Makefile
-#
-
-DIR=	txt_db
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=txt_db.c
-LIBOBJ=txt_db.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= txt_db.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-txt_db.o: ../../e_os.h ../../include/openssl/bio.h
-txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c
diff --git a/crypto/openssl/crypto/txt_db/txt_db.c b/crypto/openssl/crypto/txt_db/txt_db.c
deleted file mode 100644
index 58b300b00b01..000000000000
--- a/crypto/openssl/crypto/txt_db/txt_db.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/* crypto/txt_db/txt_db.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/txt_db.h>
-
-#undef BUFSIZE
-#define BUFSIZE	512
-
-const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT;
-
-TXT_DB *TXT_DB_read(BIO *in, int num)
-	{
-	TXT_DB *ret=NULL;
-	int er=1;
-	int esc=0;
-	long ln=0;
-	int i,add,n;
-	int size=BUFSIZE;
-	int offset=0;
-	char *p,**pp,*f;
-	BUF_MEM *buf=NULL;
-
-	if ((buf=BUF_MEM_new()) == NULL) goto err;
-	if (!BUF_MEM_grow(buf,size)) goto err;
-
-	if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
-		goto err;
-	ret->num_fields=num;
-	ret->index=NULL;
-	ret->qual=NULL;
-	if ((ret->data=sk_new_null()) == NULL)
-		goto err;
-	if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL)
-		goto err;
-	if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL)
-		goto err;
-	for (i=0; i<num; i++)
-		{
-		ret->index[i]=NULL;
-		ret->qual[i]=NULL;
-		}
-
-	add=(num+1)*sizeof(char *);
-	buf->data[size-1]='\0';
-	offset=0;
-	for (;;)
-		{
-		if (offset != 0)
-			{
-			size+=BUFSIZE;
-			if (!BUF_MEM_grow_clean(buf,size)) goto err;
-			}
-		buf->data[offset]='\0';
-		BIO_gets(in,&(buf->data[offset]),size-offset);
-		ln++;
-		if (buf->data[offset] == '\0') break;
-		if ((offset == 0) && (buf->data[0] == '#')) continue;
-		i=strlen(&(buf->data[offset]));
-		offset+=i;
-		if (buf->data[offset-1] != '\n')
-			continue;
-		else
-			{
-			buf->data[offset-1]='\0'; /* blat the '\n' */
-			if (!(p=(char *)OPENSSL_malloc(add+offset))) goto err;
-			offset=0;
-			}
-		pp=(char **)p;
-		p+=add;
-		n=0;
-		pp[n++]=p;
-		i=0;
-		f=buf->data;
-
-		esc=0;
-		for (;;)
-			{
-			if (*f == '\0') break;
-			if (*f == '\t')
-				{
-				if (esc)
-					p--;
-				else
-					{	
-					*(p++)='\0';
-					f++;
-					if (n >=  num) break;
-					pp[n++]=p;
-					continue;
-					}
-				}
-			esc=(*f == '\\');
-			*(p++)= *(f++);
-			}
-		*(p++)='\0';
-		if ((n != num) || (*f != '\0'))
-			{
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporaty fix :-( */
-			fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f);
-#endif
-			er=2;
-			goto err;
-			}
-		pp[n]=p;
-		if (!sk_push(ret->data,(char *)pp))
-			{
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporaty fix :-( */
-			fprintf(stderr,"failure in sk_push\n");
-#endif
-			er=2;
-			goto err;
-			}
-		}
-	er=0;
-err:
-	BUF_MEM_free(buf);
-	if (er)
-		{
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-		if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n");
-#endif
-		if (ret->data != NULL) sk_free(ret->data);
-		if (ret->index != NULL) OPENSSL_free(ret->index);
-		if (ret->qual != NULL) OPENSSL_free(ret->qual);
-		if (ret != NULL) OPENSSL_free(ret);
-		return(NULL);
-		}
-	else
-		return(ret);
-	}
-
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
-	{
-	char **ret;
-	LHASH *lh;
-
-	if (idx >= db->num_fields)
-		{
-		db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
-		return(NULL);
-		}
-	lh=db->index[idx];
-	if (lh == NULL)
-		{
-		db->error=DB_ERROR_NO_INDEX;
-		return(NULL);
-		}
-	ret=(char **)lh_retrieve(lh,value);
-	db->error=DB_ERROR_OK;
-	return(ret);
-	}
-
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(),
-		LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
-	{
-	LHASH *idx;
-	char *r;
-	int i,n;
-
-	if (field >= db->num_fields)
-		{
-		db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
-		return(0);
-		}
-	if ((idx=lh_new(hash,cmp)) == NULL)
-		{
-		db->error=DB_ERROR_MALLOC;
-		return(0);
-		}
-	n=sk_num(db->data);
-	for (i=0; i<n; i++)
-		{
-		r=(char *)sk_value(db->data,i);
-		if ((qual != NULL) && (qual(r) == 0)) continue;
-		if ((r=lh_insert(idx,r)) != NULL)
-			{
-			db->error=DB_ERROR_INDEX_CLASH;
-			db->arg1=sk_find(db->data,r);
-			db->arg2=i;
-			lh_free(idx);
-			return(0);
-			}
-		}
-	if (db->index[field] != NULL) lh_free(db->index[field]);
-	db->index[field]=idx;
-	db->qual[field]=qual;
-	return(1);
-	}
-
-long TXT_DB_write(BIO *out, TXT_DB *db)
-	{
-	long i,j,n,nn,l,tot=0;
-	char *p,**pp,*f;
-	BUF_MEM *buf=NULL;
-	long ret= -1;
-
-	if ((buf=BUF_MEM_new()) == NULL)
-		goto err;
-	n=sk_num(db->data);
-	nn=db->num_fields;
-	for (i=0; i<n; i++)
-		{
-		pp=(char **)sk_value(db->data,i);
-
-		l=0;
-		for (j=0; j<nn; j++)
-			{
-			if (pp[j] != NULL)
-				l+=strlen(pp[j]);
-			}
-		if (!BUF_MEM_grow_clean(buf,(int)(l*2+nn))) goto err;
-
-		p=buf->data;
-		for (j=0; j<nn; j++)
-			{
-			f=pp[j];
-			if (f != NULL)
-				for (;;) 
-					{
-					if (*f == '\0') break;
-					if (*f == '\t') *(p++)='\\';
-					*(p++)= *(f++);
-					}
-			*(p++)='\t';
-			}
-		p[-1]='\n';
-		j=p-buf->data;
-		if (BIO_write(out,buf->data,(int)j) != j)
-			goto err;
-		tot+=j;
-		}
-	ret=tot;
-err:
-	if (buf != NULL) BUF_MEM_free(buf);
-	return(ret);
-	}
-
-int TXT_DB_insert(TXT_DB *db, char **row)
-	{
-	int i;
-	char **r;
-
-	for (i=0; i<db->num_fields; i++)
-		{
-		if (db->index[i] != NULL)
-			{
-			if ((db->qual[i] != NULL) &&
-				(db->qual[i](row) == 0)) continue;
-			r=(char **)lh_retrieve(db->index[i],row);
-			if (r != NULL)
-				{
-				db->error=DB_ERROR_INDEX_CLASH;
-				db->arg1=i;
-				db->arg_row=r;
-				goto err;
-				}
-			}
-		}
-	/* We have passed the index checks, now just append and insert */
-	if (!sk_push(db->data,(char *)row))
-		{
-		db->error=DB_ERROR_MALLOC;
-		goto err;
-		}
-
-	for (i=0; i<db->num_fields; i++)
-		{
-		if (db->index[i] != NULL)
-			{
-			if ((db->qual[i] != NULL) &&
-				(db->qual[i](row) == 0)) continue;
-			lh_insert(db->index[i],row);
-			}
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-void TXT_DB_free(TXT_DB *db)
-	{
-	int i,n;
-	char **p,*max;
-
-	if(db == NULL)
-	    return;
-
-	if (db->index != NULL)
-		{
-		for (i=db->num_fields-1; i>=0; i--)
-			if (db->index[i] != NULL) lh_free(db->index[i]);
-		OPENSSL_free(db->index);
-		}
-	if (db->qual != NULL)
-		OPENSSL_free(db->qual);
-	if (db->data != NULL)
-		{
-		for (i=sk_num(db->data)-1; i>=0; i--)
-			{
-			/* check if any 'fields' have been allocated
-			 * from outside of the initial block */
-			p=(char **)sk_value(db->data,i);
-			max=p[db->num_fields]; /* last address */
-			if (max == NULL) /* new row */
-				{
-				for (n=0; n<db->num_fields; n++)
-					if (p[n] != NULL) OPENSSL_free(p[n]);
-				}
-			else
-				{
-				for (n=0; n<db->num_fields; n++)
-					{
-					if (((p[n] < (char *)p) || (p[n] > max))
-						&& (p[n] != NULL))
-						OPENSSL_free(p[n]);
-					}
-				}
-			OPENSSL_free(sk_value(db->data,i));
-			}
-		sk_free(db->data);
-		}
-	OPENSSL_free(db);
-	}
diff --git a/crypto/openssl/crypto/txt_db/txt_db.h b/crypto/openssl/crypto/txt_db/txt_db.h
deleted file mode 100644
index 563392aeff11..000000000000
--- a/crypto/openssl/crypto/txt_db/txt_db.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/txt_db/txt_db.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TXT_DB_H
-#define HEADER_TXT_DB_H
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-
-#define DB_ERROR_OK			0
-#define DB_ERROR_MALLOC			1
-#define DB_ERROR_INDEX_CLASH    	2
-#define DB_ERROR_INDEX_OUT_OF_RANGE	3
-#define DB_ERROR_NO_INDEX		4
-#define DB_ERROR_INSERT_INDEX_CLASH    	5
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct txt_db_st
-	{
-	int num_fields;
-	STACK /* char ** */ *data;
-	LHASH **index;
-	int (**qual)();
-	long error;
-	long arg1;
-	long arg2;
-	char **arg_row;
-	} TXT_DB;
-
-#ifndef OPENSSL_NO_BIO
-TXT_DB *TXT_DB_read(BIO *in, int num);
-long TXT_DB_write(BIO *out, TXT_DB *db);
-#else
-TXT_DB *TXT_DB_read(char *in, int num);
-long TXT_DB_write(char *out, TXT_DB *db);
-#endif
-int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
-		LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
-void TXT_DB_free(TXT_DB *db);
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
-int TXT_DB_insert(TXT_DB *db,char **value);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/crypto/openssl/crypto/ui/Makefile.ssl b/crypto/openssl/crypto/ui/Makefile.ssl
deleted file mode 100644
index 90ae7d4a4a24..000000000000
--- a/crypto/openssl/crypto/ui/Makefile.ssl
+++ /dev/null
@@ -1,117 +0,0 @@
-#
-# OpenSSL/crypto/ui/Makefile
-#
-
-DIR=	ui
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-#TEST= uitest.c
-TEST=
-APPS=
-
-COMPATSRC= ui_compat.c
-COMPATOBJ= ui_compat.o
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
-LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ui.h ui_compat.h
-HEADER=	$(EXHEADER) ui_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ui_compat.o: ../../include/openssl/opensslconf.h
-ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ui_compat.o: ui_compat.c
-ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ui_err.o: ../../include/openssl/ui.h ui_err.c
-ui_lib.o: ../../e_os.h ../../include/openssl/bio.h
-ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h
-ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
-ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_openssl.o: ../../include/openssl/opensslv.h
-ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c
-ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_util.o: ui_util.c
diff --git a/crypto/openssl/crypto/ui/ui.h b/crypto/openssl/crypto/ui/ui.h
deleted file mode 100644
index 735a2d988e84..000000000000
--- a/crypto/openssl/crypto/ui/ui.h
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_H
-#define HEADER_UI_H
-
-#include <openssl/crypto.h>
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* The UI type is a holder for a specific user interface session.  It can
-   contain an illimited number of informational or error strings as well
-   as things to prompt for, both passwords (noecho mode) and others (echo
-   mode), and verification of the same.  All of these are called strings,
-   and are further described below. */
-typedef struct ui_st UI;
-
-/* All instances of UI have a reference to a method structure, which is a
-   ordered vector of functions that implement the lower level things to do.
-   There is an instruction on the implementation further down, in the section
-   for method implementors. */
-typedef struct ui_method_st UI_METHOD;
-
-
-/* All the following functions return -1 or NULL on error and in some cases
-   (UI_process()) -2 if interrupted or in some other way cancelled.
-   When everything is fine, they return 0, a positive value or a non-NULL
-   pointer, all depending on their purpose. */
-
-/* Creators and destructor.   */
-UI *UI_new(void);
-UI *UI_new_method(const UI_METHOD *method);
-void UI_free(UI *ui);
-
-/* The following functions are used to add strings to be printed and prompt
-   strings to prompt for data.  The names are UI_{add,dup}_<function>_string
-   and UI_{add,dup}_input_boolean.
-
-   UI_{add,dup}_<function>_string have the following meanings:
-	add	add a text or prompt string.  The pointers given to these
-		functions are used verbatim, no copying is done.
-	dup	make a copy of the text or prompt string, then add the copy
-		to the collection of strings in the user interface.
-	<function>
-		The function is a name for the functionality that the given
-		string shall be used for.  It can be one of:
-			input	use the string as data prompt.
-			verify	use the string as verification prompt.  This
-				is used to verify a previous input.
-			info	use the string for informational output.
-			error	use the string for error output.
-   Honestly, there's currently no difference between info and error for the
-   moment.
-
-   UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
-   and are typically used when one wants to prompt for a yes/no response.
-
-
-   All of the functions in this group take a UI and a prompt string.
-   The string input and verify addition functions also take a flag argument,
-   a buffer for the result to end up with, a minimum input size and a maximum
-   input size (the result buffer MUST be large enough to be able to contain
-   the maximum number of characters).  Additionally, the verify addition
-   functions takes another buffer to compare the result against.
-   The boolean input functions take an action description string (which should
-   be safe to ignore if the expected user action is obvious, for example with
-   a dialog box with an OK button and a Cancel button), a string of acceptable
-   characters to mean OK and to mean Cancel.  The two last strings are checked
-   to make sure they don't have common characters.  Additionally, the same
-   flag argument as for the string input is taken, as well as a result buffer.
-   The result buffer is required to be at least one byte long.  Depending on
-   the answer, the first character from the OK or the Cancel character strings
-   will be stored in the first byte of the result buffer.  No NUL will be
-   added, so the result is *not* a string.
-
-   On success, the all return an index of the added information.  That index
-   is usefull when retrieving results with UI_get0_result(). */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize);
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize);
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf);
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf);
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf);
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf);
-int UI_add_info_string(UI *ui, const char *text);
-int UI_dup_info_string(UI *ui, const char *text);
-int UI_add_error_string(UI *ui, const char *text);
-int UI_dup_error_string(UI *ui, const char *text);
-
-/* These are the possible flags.  They can be or'ed together. */
-/* Use to have echoing of input */
-#define UI_INPUT_FLAG_ECHO		0x01
-/* Use a default password.  Where that password is found is completely
-   up to the application, it might for example be in the user data set
-   with UI_add_user_data().  It is not recommended to have more than
-   one input in each UI being marked with this flag, or the application
-   might get confused. */
-#define UI_INPUT_FLAG_DEFAULT_PWD	0x02
-
-/* The user of these routines may want to define flags of their own.  The core
-   UI won't look at those, but will pass them on to the method routines.  They
-   must use higher bits so they don't get confused with the UI bits above.
-   UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
-   example of use is this:
-
-	#define MY_UI_FLAG1	(0x01 << UI_INPUT_FLAG_USER_BASE)
-
-*/
-#define UI_INPUT_FLAG_USER_BASE	16
-
-
-/* The following function helps construct a prompt.  object_desc is a
-   textual short description of the object, for example "pass phrase",
-   and object_name is the name of the object (might be a card name or
-   a file name.
-   The returned string shall always be allocated on the heap with
-   OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
-
-   If the ui_method doesn't contain a pointer to a user-defined prompt
-   constructor, a default string is built, looking like this:
-
-	"Enter {object_desc} for {object_name}:"
-
-   So, if object_desc has the value "pass phrase" and object_name has
-   the value "foo.key", the resulting string is:
-
-	"Enter pass phrase for foo.key:"
-*/
-char *UI_construct_prompt(UI *ui_method,
-	const char *object_desc, const char *object_name);
-
-
-/* The following function is used to store a pointer to user-specific data.
-   Any previous such pointer will be returned and replaced.
-
-   For callback purposes, this function makes a lot more sense than using
-   ex_data, since the latter requires that different parts of OpenSSL or
-   applications share the same ex_data index.
-
-   Note that the UI_OpenSSL() method completely ignores the user data.
-   Other methods may not, however.  */
-void *UI_add_user_data(UI *ui, void *user_data);
-/* We need a user data retrieving function as well.  */
-void *UI_get0_user_data(UI *ui);
-
-/* Return the result associated with a prompt given with the index i. */
-const char *UI_get0_result(UI *ui, int i);
-
-/* When all strings have been added, process the whole thing. */
-int UI_process(UI *ui);
-
-/* Give a user interface parametrised control commands.  This can be used to
-   send down an integer, a data pointer or a function pointer, as well as
-   be used to get information from a UI. */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
-
-/* The commands */
-/* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
-   OpenSSL error stack before printing any info or added error messages and
-   before any prompting. */
-#define UI_CTRL_PRINT_ERRORS		1
-/* Check if a UI_process() is possible to do again with the same instance of
-   a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
-   if not. */
-#define UI_CTRL_IS_REDOABLE		2
-
-
-/* Some methods may use extra data */
-#define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
-#define UI_get_app_data(s)             UI_get_ex_data(s,0)
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int UI_set_ex_data(UI *r,int idx,void *arg);
-void *UI_get_ex_data(UI *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-void UI_set_default_method(const UI_METHOD *meth);
-const UI_METHOD *UI_get_default_method(void);
-const UI_METHOD *UI_get_method(UI *ui);
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void);
-
-
-/* ---------- For method writers ---------- */
-/* A method contains a number of functions that implement the low level
-   of the User Interface.  The functions are:
-
-	an opener	This function starts a session, maybe by opening
-			a channel to a tty, or by opening a window.
-	a writer	This function is called to write a given string,
-			maybe to the tty, maybe as a field label in a
-			window.
-	a flusher	This function is called to flush everything that
-			has been output so far.  It can be used to actually
-			display a dialog box after it has been built.
-	a reader	This function is called to read a given prompt,
-			maybe from the tty, maybe from a field in a
-			window.  Note that it's called wth all string
-			structures, not only the prompt ones, so it must
-			check such things itself.
-	a closer	This function closes the session, maybe by closing
-			the channel to the tty, or closing the window.
-
-   All these functions are expected to return:
-
-	0	on error.
-	1	on success.
-	-1	on out-of-band events, for example if some prompting has
-		been canceled (by pressing Ctrl-C, for example).  This is
-		only checked when returned by the flusher or the reader.
-
-   The way this is used, the opener is first called, then the writer for all
-   strings, then the flusher, then the reader for all strings and finally the
-   closer.  Note that if you want to prompt from a terminal or other command
-   line interface, the best is to have the reader also write the prompts
-   instead of having the writer do it.  If you want to prompt from a dialog
-   box, the writer can be used to build up the contents of the box, and the
-   flusher to actually display the box and run the event loop until all data
-   has been given, after which the reader only grabs the given data and puts
-   them back into the UI strings.
-
-   All method functions take a UI as argument.  Additionally, the writer and
-   the reader take a UI_STRING.
-*/
-
-/* The UI_STRING type is the data structure that contains all the needed info
-   about a string or a prompt, including test data for a verification prompt.
-*/
-DECLARE_STACK_OF(UI_STRING)
-typedef struct ui_string_st UI_STRING;
-
-/* The different types of strings that are currently supported.
-   This is only needed by method authors. */
-enum UI_string_types
-	{
-	UIT_NONE=0,
-	UIT_PROMPT,		/* Prompt for a string */
-	UIT_VERIFY,		/* Prompt for a string and verify */
-	UIT_BOOLEAN,		/* Prompt for a yes/no response */
-	UIT_INFO,		/* Send info to the user */
-	UIT_ERROR		/* Send an error message to the user */
-	};
-
-/* Create and manipulate methods */
-UI_METHOD *UI_create_method(char *name);
-void UI_destroy_method(UI_METHOD *ui_method);
-int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui));
-int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis));
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui));
-int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
-int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
-int (*UI_method_get_opener(UI_METHOD *method))(UI*);
-int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
-int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
-int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
-int (*UI_method_get_closer(UI_METHOD *method))(UI*);
-
-/* The following functions are helpers for method writers to access relevant
-   data from a UI_STRING. */
-
-/* Return type of the UI_STRING */
-enum UI_string_types UI_get_string_type(UI_STRING *uis);
-/* Return input flags of the UI_STRING */
-int UI_get_input_flags(UI_STRING *uis);
-/* Return the actual string to output (the prompt, info or error) */
-const char *UI_get0_output_string(UI_STRING *uis);
-/* Return the optional action string to output (the boolean promtp instruction) */
-const char *UI_get0_action_string(UI_STRING *uis);
-/* Return the result of a prompt */
-const char *UI_get0_result_string(UI_STRING *uis);
-/* Return the string to test the result against.  Only useful with verifies. */
-const char *UI_get0_test_string(UI_STRING *uis);
-/* Return the required minimum size of the result */
-int UI_get_result_minsize(UI_STRING *uis);
-/* Return the required maximum size of the result */
-int UI_get_result_maxsize(UI_STRING *uis);
-/* Set the result of a UI_STRING. */
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
-
-
-/* A couple of popular utility functions */
-int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify);
-int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_UI_strings(void);
-
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-#define UI_F_GENERAL_ALLOCATE_BOOLEAN			 108
-#define UI_F_GENERAL_ALLOCATE_PROMPT			 109
-#define UI_F_GENERAL_ALLOCATE_STRING			 100
-#define UI_F_UI_CTRL					 111
-#define UI_F_UI_DUP_ERROR_STRING			 101
-#define UI_F_UI_DUP_INFO_STRING				 102
-#define UI_F_UI_DUP_INPUT_BOOLEAN			 110
-#define UI_F_UI_DUP_INPUT_STRING			 103
-#define UI_F_UI_DUP_VERIFY_STRING			 106
-#define UI_F_UI_GET0_RESULT				 107
-#define UI_F_UI_NEW_METHOD				 104
-#define UI_F_UI_SET_RESULT				 105
-
-/* Reason codes. */
-#define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS		 104
-#define UI_R_INDEX_TOO_LARGE				 102
-#define UI_R_INDEX_TOO_SMALL				 103
-#define UI_R_NO_RESULT_BUFFER				 105
-#define UI_R_RESULT_TOO_LARGE				 100
-#define UI_R_RESULT_TOO_SMALL				 101
-#define UI_R_UNKNOWN_CONTROL_COMMAND			 106
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ui/ui_compat.c b/crypto/openssl/crypto/ui/ui_compat.c
deleted file mode 100644
index 13e0f70d9091..000000000000
--- a/crypto/openssl/crypto/ui/ui_compat.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/ui_compat.h>
-
-int _ossl_old_des_read_pw_string(char *buf,int length,const char *prompt,int verify)
-	{
-	return UI_UTIL_read_pw_string(buf, length, prompt, verify);
-	}
-
-int _ossl_old_des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
-	{
-	return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
-	}
diff --git a/crypto/openssl/crypto/ui/ui_compat.h b/crypto/openssl/crypto/ui/ui_compat.h
deleted file mode 100644
index b35c9bb7fd31..000000000000
--- a/crypto/openssl/crypto/ui/ui_compat.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_COMPAT_H
-#define HEADER_UI_COMPAT_H
-
-#include <openssl/opensslconf.h>
-#include <openssl/ui.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* The following functions were previously part of the DES section,
-   and are provided here for backward compatibility reasons. */
-
-#define des_read_pw_string(b,l,p,v) \
-	_ossl_old_des_read_pw_string((b),(l),(p),(v))
-#define des_read_pw(b,bf,s,p,v) \
-	_ossl_old_des_read_pw((b),(bf),(s),(p),(v))
-
-int _ossl_old_des_read_pw_string(char *buf,int length,const char *prompt,int verify);
-int _ossl_old_des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/ui/ui_err.c b/crypto/openssl/crypto/ui/ui_err.c
deleted file mode 100644
index 39a62ae73710..000000000000
--- a/crypto/openssl/crypto/ui/ui_err.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/ui/ui_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ui.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA UI_str_functs[]=
-	{
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_BOOLEAN,0),	"GENERAL_ALLOCATE_BOOLEAN"},
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_PROMPT,0),	"GENERAL_ALLOCATE_PROMPT"},
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_STRING,0),	"GENERAL_ALLOCATE_STRING"},
-{ERR_PACK(0,UI_F_UI_CTRL,0),	"UI_ctrl"},
-{ERR_PACK(0,UI_F_UI_DUP_ERROR_STRING,0),	"UI_dup_error_string"},
-{ERR_PACK(0,UI_F_UI_DUP_INFO_STRING,0),	"UI_dup_info_string"},
-{ERR_PACK(0,UI_F_UI_DUP_INPUT_BOOLEAN,0),	"UI_dup_input_boolean"},
-{ERR_PACK(0,UI_F_UI_DUP_INPUT_STRING,0),	"UI_dup_input_string"},
-{ERR_PACK(0,UI_F_UI_DUP_VERIFY_STRING,0),	"UI_dup_verify_string"},
-{ERR_PACK(0,UI_F_UI_GET0_RESULT,0),	"UI_get0_result"},
-{ERR_PACK(0,UI_F_UI_NEW_METHOD,0),	"UI_new_method"},
-{ERR_PACK(0,UI_F_UI_SET_RESULT,0),	"UI_set_result"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA UI_str_reasons[]=
-	{
-{UI_R_COMMON_OK_AND_CANCEL_CHARACTERS    ,"common ok and cancel characters"},
-{UI_R_INDEX_TOO_LARGE                    ,"index too large"},
-{UI_R_INDEX_TOO_SMALL                    ,"index too small"},
-{UI_R_NO_RESULT_BUFFER                   ,"no result buffer"},
-{UI_R_RESULT_TOO_LARGE                   ,"result too large"},
-{UI_R_RESULT_TOO_SMALL                   ,"result too small"},
-{UI_R_UNKNOWN_CONTROL_COMMAND            ,"unknown control command"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_UI_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_UI,UI_str_functs);
-		ERR_load_strings(ERR_LIB_UI,UI_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/ui/ui_lib.c b/crypto/openssl/crypto/ui/ui_lib.c
deleted file mode 100644
index 13e5f20dcb2a..000000000000
--- a/crypto/openssl/crypto/ui/ui_lib.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/ui.h>
-#include <openssl/err.h>
-#include "ui_locl.h"
-#include "cryptlib.h"
-
-IMPLEMENT_STACK_OF(UI_STRING_ST)
-
-static const UI_METHOD *default_UI_meth=NULL;
-
-UI *UI_new(void)
-	{
-	return(UI_new_method(NULL));
-	}
-
-UI *UI_new_method(const UI_METHOD *method)
-	{
-	UI *ret;
-
-	ret=(UI *)OPENSSL_malloc(sizeof(UI));
-	if (ret == NULL)
-		{
-		UIerr(UI_F_UI_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-	if (method == NULL)
-		ret->meth=UI_get_default_method();
-	else
-		ret->meth=method;
-
-	ret->strings=NULL;
-	ret->user_data=NULL;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
-	return ret;
-	}
-
-static void free_string(UI_STRING *uis)
-	{
-	if (uis->flags & OUT_STRING_FREEABLE)
-		{
-		OPENSSL_free((char *)uis->out_string);
-		switch(uis->type)
-			{
-		case UIT_BOOLEAN:
-			OPENSSL_free((char *)uis->_.boolean_data.action_desc);
-			OPENSSL_free((char *)uis->_.boolean_data.ok_chars);
-			OPENSSL_free((char *)uis->_.boolean_data.cancel_chars);
-			break;
-		default:
-			break;
-			}
-		}
-	OPENSSL_free(uis);
-	}
-
-void UI_free(UI *ui)
-	{
-	if (ui == NULL)
-		return;
-	sk_UI_STRING_pop_free(ui->strings,free_string);
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
-	OPENSSL_free(ui);
-	}
-
-static int allocate_string_stack(UI *ui)
-	{
-	if (ui->strings == NULL)
-		{
-		ui->strings=sk_UI_STRING_new_null();
-		if (ui->strings == NULL)
-			{
-			return -1;
-			}
-		}
-	return 0;
-	}
-
-static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
-	int prompt_freeable, enum UI_string_types type, int input_flags,
-	char *result_buf)
-	{
-	UI_STRING *ret = NULL;
-
-	if (prompt == NULL)
-		{
-		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER);
-		}
-	else if ((type == UIT_PROMPT || type == UIT_VERIFY
-			 || type == UIT_BOOLEAN) && result_buf == NULL)
-		{
-		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER);
-		}
-	else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING))))
-		{
-		ret->out_string=prompt;
-		ret->flags=prompt_freeable ? OUT_STRING_FREEABLE : 0;
-		ret->input_flags=input_flags;
-		ret->type=type;
-		ret->result_buf=result_buf;
-		}
-	return ret;
-	}
-
-static int general_allocate_string(UI *ui, const char *prompt,
-	int prompt_freeable, enum UI_string_types type, int input_flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf)
-	{
-	int ret = -1;
-	UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
-		type, input_flags, result_buf);
-
-	if (s)
-		{
-		if (allocate_string_stack(ui) >= 0)
-			{
-			s->_.string_data.result_minsize=minsize;
-			s->_.string_data.result_maxsize=maxsize;
-			s->_.string_data.test_buf=test_buf;
-			ret=sk_UI_STRING_push(ui->strings, s);
-			/* sk_push() returns 0 on error.  Let's addapt that */
-			if (ret <= 0) ret--;
-			}
-		else
-			free_string(s);
-		}
-	return ret;
-	}
-
-static int general_allocate_boolean(UI *ui,
-	const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int prompt_freeable, enum UI_string_types type, int input_flags,
-	char *result_buf)
-	{
-	int ret = -1;
-	UI_STRING *s;
-	const char *p;
-
-	if (ok_chars == NULL)
-		{
-		UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,ERR_R_PASSED_NULL_PARAMETER);
-		}
-	else if (cancel_chars == NULL)
-		{
-		UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,ERR_R_PASSED_NULL_PARAMETER);
-		}
-	else
-		{
-		for(p = ok_chars; *p; p++)
-			{
-			if (strchr(cancel_chars, *p))
-				{
-				UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
-					UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
-				}
-			}
-
-		s = general_allocate_prompt(ui, prompt, prompt_freeable,
-			type, input_flags, result_buf);
-
-		if (s)
-			{
-			if (allocate_string_stack(ui) >= 0)
-				{
-				s->_.boolean_data.action_desc = action_desc;
-				s->_.boolean_data.ok_chars = ok_chars;
-				s->_.boolean_data.cancel_chars = cancel_chars;
-				ret=sk_UI_STRING_push(ui->strings, s);
-				/* sk_push() returns 0 on error.
-				   Let's addapt that */
-				if (ret <= 0) ret--;
-				}
-			else
-				free_string(s);
-			}
-		}
-	return ret;
-	}
-
-/* Returns the index to the place in the stack or -1 for error.  Uses a
-   direct reference to the prompt.  */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize)
-	{
-	return general_allocate_string(ui, prompt, 0,
-		UIT_PROMPT, flags, result_buf, minsize, maxsize, NULL);
-	}
-
-/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize)
-	{
-	char *prompt_copy=NULL;
-
-	if (prompt)
-		{
-		prompt_copy=BUF_strdup(prompt);
-		if (prompt_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INPUT_STRING,ERR_R_MALLOC_FAILURE);
-			return 0;
-			}
-		}
-	
-	return general_allocate_string(ui, prompt_copy, 1,
-		UIT_PROMPT, flags, result_buf, minsize, maxsize, NULL);
-	}
-
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf)
-	{
-	return general_allocate_string(ui, prompt, 0,
-		UIT_VERIFY, flags, result_buf, minsize, maxsize, test_buf);
-	}
-
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf)
-	{
-	char *prompt_copy=NULL;
-
-	if (prompt)
-		{
-		prompt_copy=BUF_strdup(prompt);
-		if (prompt_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_VERIFY_STRING,ERR_R_MALLOC_FAILURE);
-			return -1;
-			}
-		}
-	
-	return general_allocate_string(ui, prompt_copy, 1,
-		UIT_VERIFY, flags, result_buf, minsize, maxsize, test_buf);
-	}
-
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf)
-	{
-	return general_allocate_boolean(ui, prompt, action_desc,
-		ok_chars, cancel_chars, 0, UIT_BOOLEAN, flags, result_buf);
-	}
-
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf)
-	{
-	char *prompt_copy = NULL;
-	char *action_desc_copy = NULL;
-	char *ok_chars_copy = NULL;
-	char *cancel_chars_copy = NULL;
-
-	if (prompt)
-		{
-		prompt_copy=BUF_strdup(prompt);
-		if (prompt_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	
-	if (action_desc)
-		{
-		action_desc_copy=BUF_strdup(action_desc);
-		if (action_desc_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	
-	if (ok_chars)
-		{
-		ok_chars_copy=BUF_strdup(ok_chars);
-		if (ok_chars_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	
-	if (cancel_chars)
-		{
-		cancel_chars_copy=BUF_strdup(cancel_chars);
-		if (cancel_chars_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	
-	return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
-		ok_chars_copy, cancel_chars_copy, 1, UIT_BOOLEAN, flags,
-		result_buf);
- err:
-	if (prompt_copy) OPENSSL_free(prompt_copy);
-	if (action_desc_copy) OPENSSL_free(action_desc_copy);
-	if (ok_chars_copy) OPENSSL_free(ok_chars_copy);
-	if (cancel_chars_copy) OPENSSL_free(cancel_chars_copy);
-	return -1;
-	}
-
-int UI_add_info_string(UI *ui, const char *text)
-	{
-	return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
-		NULL);
-	}
-
-int UI_dup_info_string(UI *ui, const char *text)
-	{
-	char *text_copy=NULL;
-
-	if (text)
-		{
-		text_copy=BUF_strdup(text);
-		if (text_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_INFO_STRING,ERR_R_MALLOC_FAILURE);
-			return -1;
-			}
-		}
-
-	return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
-		0, 0, NULL);
-	}
-
-int UI_add_error_string(UI *ui, const char *text)
-	{
-	return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
-		NULL);
-	}
-
-int UI_dup_error_string(UI *ui, const char *text)
-	{
-	char *text_copy=NULL;
-
-	if (text)
-		{
-		text_copy=BUF_strdup(text);
-		if (text_copy == NULL)
-			{
-			UIerr(UI_F_UI_DUP_ERROR_STRING,ERR_R_MALLOC_FAILURE);
-			return -1;
-			}
-		}
-	return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
-		0, 0, NULL);
-	}
-
-char *UI_construct_prompt(UI *ui, const char *object_desc,
-	const char *object_name)
-	{
-	char *prompt = NULL;
-
-	if (ui->meth->ui_construct_prompt)
-		prompt = ui->meth->ui_construct_prompt(ui,
-			object_desc, object_name);
-	else
-		{
-		char prompt1[] = "Enter ";
-		char prompt2[] = " for ";
-		char prompt3[] = ":";
-		int len = 0;
-
-		if (object_desc == NULL)
-			return NULL;
-		len = sizeof(prompt1) - 1 + strlen(object_desc);
-		if (object_name)
-			len += sizeof(prompt2) - 1 + strlen(object_name);
-		len += sizeof(prompt3) - 1;
-
-		prompt = (char *)OPENSSL_malloc(len + 1);
-		strcpy(prompt, prompt1);
-		strcat(prompt, object_desc);
-		if (object_name)
-			{
-			strcat(prompt, prompt2);
-			strcat(prompt, object_name);
-			}
-		strcat(prompt, prompt3);
-		}
-	return prompt;
-	}
-
-void *UI_add_user_data(UI *ui, void *user_data)
-	{
-	void *old_data = ui->user_data;
-	ui->user_data = user_data;
-	return old_data;
-	}
-
-void *UI_get0_user_data(UI *ui)
-	{
-	return ui->user_data;
-	}
-
-const char *UI_get0_result(UI *ui, int i)
-	{
-	if (i < 0)
-		{
-		UIerr(UI_F_UI_GET0_RESULT,UI_R_INDEX_TOO_SMALL);
-		return NULL;
-		}
-	if (i >= sk_UI_STRING_num(ui->strings))
-		{
-		UIerr(UI_F_UI_GET0_RESULT,UI_R_INDEX_TOO_LARGE);
-		return NULL;
-		}
-	return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
-	}
-
-static int print_error(const char *str, size_t len, UI *ui)
-	{
-	UI_STRING uis;
-
-	memset(&uis, 0, sizeof(uis));
-	uis.type = UIT_ERROR;
-	uis.out_string = str;
-
-	if (ui->meth->ui_write_string
-		&& !ui->meth->ui_write_string(ui, &uis))
-		return -1;
-	return 0;
-	}
-
-int UI_process(UI *ui)
-	{
-	int i, ok=0;
-
-	if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
-		return -1;
-
-	if (ui->flags & UI_FLAG_PRINT_ERRORS)
-		ERR_print_errors_cb(
-			(int (*)(const char *, size_t, void *))print_error,
-			(void *)ui);
-
-	for(i=0; i<sk_UI_STRING_num(ui->strings); i++)
-		{
-		if (ui->meth->ui_write_string
-			&& !ui->meth->ui_write_string(ui,
-				sk_UI_STRING_value(ui->strings, i)))
-			{
-			ok=-1;
-			goto err;
-			}
-		}
-
-	if (ui->meth->ui_flush)
-		switch(ui->meth->ui_flush(ui))
-			{
-		case -1: /* Interrupt/Cancel/something... */
-			ok = -2;
-			goto err;
-		case 0: /* Errors */
-			ok = -1;
-			goto err;
-		default: /* Success */
-			ok = 0;
-			break;
-			}
-
-	for(i=0; i<sk_UI_STRING_num(ui->strings); i++)
-		{
-		if (ui->meth->ui_read_string)
-			{
-			switch(ui->meth->ui_read_string(ui,
-				sk_UI_STRING_value(ui->strings, i)))
-				{
-			case -1: /* Interrupt/Cancel/something... */
-				ok = -2;
-				goto err;
-			case 0: /* Errors */
-				ok = -1;
-				goto err;
-			default: /* Success */
-				ok = 0;
-				break;
-				}
-			}
-		}
- err:
-	if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
-		return -1;
-	return ok;
-	}
-
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)())
-	{
-	if (ui == NULL)
-		{
-		UIerr(UI_F_UI_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-		return -1;
-		}
-	switch(cmd)
-		{
-	case UI_CTRL_PRINT_ERRORS:
-		{
-		int save_flag = !!(ui->flags & UI_FLAG_PRINT_ERRORS);
-		if (i)
-			ui->flags |= UI_FLAG_PRINT_ERRORS;
-		else
-			ui->flags &= ~UI_FLAG_PRINT_ERRORS;
-		return save_flag;
-		}
-	case UI_CTRL_IS_REDOABLE:
-		return !!(ui->flags & UI_FLAG_REDOABLE);
-	default:
-		break;
-		}
-	UIerr(UI_F_UI_CTRL,UI_R_UNKNOWN_CONTROL_COMMAND);
-	return -1;
-	}
-
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
-				new_func, dup_func, free_func);
-        }
-
-int UI_set_ex_data(UI *r, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
-	}
-
-void *UI_get_ex_data(UI *r, int idx)
-	{
-	return(CRYPTO_get_ex_data(&r->ex_data,idx));
-	}
-
-void UI_set_default_method(const UI_METHOD *meth)
-	{
-	default_UI_meth=meth;
-	}
-
-const UI_METHOD *UI_get_default_method(void)
-	{
-	if (default_UI_meth == NULL)
-		{
-		default_UI_meth=UI_OpenSSL();
-		}
-	return default_UI_meth;
-	}
-
-const UI_METHOD *UI_get_method(UI *ui)
-	{
-	return ui->meth;
-	}
-
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
-	{
-	ui->meth=meth;
-	return ui->meth;
-	}
-
-
-UI_METHOD *UI_create_method(char *name)
-	{
-	UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
-
-	if (ui_method)
-		memset(ui_method, 0, sizeof(*ui_method));
-	ui_method->name = BUF_strdup(name);
-	return ui_method;
-	}
-
-/* BIG FSCKING WARNING!!!!  If you use this on a statically allocated method
-   (that is, it hasn't been allocated using UI_create_method(), you deserve
-   anything Murphy can throw at you and more!  You have been warned. */
-void UI_destroy_method(UI_METHOD *ui_method)
-	{
-	OPENSSL_free(ui_method->name);
-	ui_method->name = NULL;
-	OPENSSL_free(ui_method);
-	}
-
-int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui))
-	{
-	if (method)
-		{
-		method->ui_open_session = opener;
-		return 0;
-		}
-	else
-		return -1;
-	}
-
-int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis))
-	{
-	if (method)
-		{
-		method->ui_write_string = writer;
-		return 0;
-		}
-	else
-		return -1;
-	}
-
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui))
-	{
-	if (method)
-		{
-		method->ui_flush = flusher;
-		return 0;
-		}
-	else
-		return -1;
-	}
-
-int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis))
-	{
-	if (method)
-		{
-		method->ui_read_string = reader;
-		return 0;
-		}
-	else
-		return -1;
-	}
-
-int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui))
-	{
-	if (method)
-		{
-		method->ui_close_session = closer;
-		return 0;
-		}
-	else
-		return -1;
-	}
-
-int (*UI_method_get_opener(UI_METHOD *method))(UI*)
-	{
-	if (method)
-		return method->ui_open_session;
-	else
-		return NULL;
-	}
-
-int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*)
-	{
-	if (method)
-		return method->ui_write_string;
-	else
-		return NULL;
-	}
-
-int (*UI_method_get_flusher(UI_METHOD *method))(UI*)
-	{
-	if (method)
-		return method->ui_flush;
-	else
-		return NULL;
-	}
-
-int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*)
-	{
-	if (method)
-		return method->ui_read_string;
-	else
-		return NULL;
-	}
-
-int (*UI_method_get_closer(UI_METHOD *method))(UI*)
-	{
-	if (method)
-		return method->ui_close_session;
-	else
-		return NULL;
-	}
-
-enum UI_string_types UI_get_string_type(UI_STRING *uis)
-	{
-	if (!uis)
-		return UIT_NONE;
-	return uis->type;
-	}
-
-int UI_get_input_flags(UI_STRING *uis)
-	{
-	if (!uis)
-		return 0;
-	return uis->input_flags;
-	}
-
-const char *UI_get0_output_string(UI_STRING *uis)
-	{
-	if (!uis)
-		return NULL;
-	return uis->out_string;
-	}
-
-const char *UI_get0_action_string(UI_STRING *uis)
-	{
-	if (!uis)
-		return NULL;
-	switch(uis->type)
-		{
-	case UIT_PROMPT:
-	case UIT_BOOLEAN:
-		return uis->_.boolean_data.action_desc;
-	default:
-		return NULL;
-		}
-	}
-
-const char *UI_get0_result_string(UI_STRING *uis)
-	{
-	if (!uis)
-		return NULL;
-	switch(uis->type)
-		{
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->result_buf;
-	default:
-		return NULL;
-		}
-	}
-
-const char *UI_get0_test_string(UI_STRING *uis)
-	{
-	if (!uis)
-		return NULL;
-	switch(uis->type)
-		{
-	case UIT_VERIFY:
-		return uis->_.string_data.test_buf;
-	default:
-		return NULL;
-		}
-	}
-
-int UI_get_result_minsize(UI_STRING *uis)
-	{
-	if (!uis)
-		return -1;
-	switch(uis->type)
-		{
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->_.string_data.result_minsize;
-	default:
-		return -1;
-		}
-	}
-
-int UI_get_result_maxsize(UI_STRING *uis)
-	{
-	if (!uis)
-		return -1;
-	switch(uis->type)
-		{
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->_.string_data.result_maxsize;
-	default:
-		return -1;
-		}
-	}
-
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
-	{
-	int l = strlen(result);
-
-	ui->flags &= ~UI_FLAG_REDOABLE;
-
-	if (!uis)
-		return -1;
-	switch (uis->type)
-		{
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		{
-		char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1];
-		char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1];
-
-		BIO_snprintf(number1, sizeof(number1), "%d",
-			uis->_.string_data.result_minsize);
-		BIO_snprintf(number2, sizeof(number2), "%d",
-			uis->_.string_data.result_maxsize);
-
-		if (l < uis->_.string_data.result_minsize)
-			{
-			ui->flags |= UI_FLAG_REDOABLE;
-			UIerr(UI_F_UI_SET_RESULT,UI_R_RESULT_TOO_SMALL);
-			ERR_add_error_data(5,"You must type in ",
-				number1," to ",number2," characters");
-			return -1;
-			}
-		if (l > uis->_.string_data.result_maxsize)
-			{
-			ui->flags |= UI_FLAG_REDOABLE;
-			UIerr(UI_F_UI_SET_RESULT,UI_R_RESULT_TOO_LARGE);
-			ERR_add_error_data(5,"You must type in ",
-				number1," to ",number2," characters");
-			return -1;
-			}
-		}
-
-		if (!uis->result_buf)
-			{
-			UIerr(UI_F_UI_SET_RESULT,UI_R_NO_RESULT_BUFFER);
-			return -1;
-			}
-
-		strcpy(uis->result_buf, result);
-		break;
-	case UIT_BOOLEAN:
-		{
-		const char *p;
-
-		if (!uis->result_buf)
-			{
-			UIerr(UI_F_UI_SET_RESULT,UI_R_NO_RESULT_BUFFER);
-			return -1;
-			}
-
-		uis->result_buf[0] = '\0';
-		for(p = result; *p; p++)
-			{
-			if (strchr(uis->_.boolean_data.ok_chars, *p))
-				{
-				uis->result_buf[0] =
-					uis->_.boolean_data.ok_chars[0];
-				break;
-				}
-			if (strchr(uis->_.boolean_data.cancel_chars, *p))
-				{
-				uis->result_buf[0] =
-					uis->_.boolean_data.cancel_chars[0];
-				break;
-				}
-			}
-	default:
-		break;
-		}
-		}
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/ui/ui_locl.h b/crypto/openssl/crypto/ui/ui_locl.h
deleted file mode 100644
index 7d3a75a619c7..000000000000
--- a/crypto/openssl/crypto/ui/ui_locl.h
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_LOCL_H
-#define HEADER_UI_LOCL_H
-
-#include <openssl/ui.h>
-
-struct ui_method_st
-	{
-	char *name;
-
-	/* All the functions return 1 or non-NULL for success and 0 or NULL
-	   for failure */
-
-	/* Open whatever channel for this, be it the console, an X window
-	   or whatever.
-	   This function should use the ex_data structure to save
-	   intermediate data. */
-	int (*ui_open_session)(UI *ui);
-
-	int (*ui_write_string)(UI *ui, UI_STRING *uis);
-
-	/* Flush the output.  If a GUI dialog box is used, this function can
-	   be used to actually display it. */
-	int (*ui_flush)(UI *ui);
-
-	int (*ui_read_string)(UI *ui, UI_STRING *uis);
-
-	int (*ui_close_session)(UI *ui);
-
-	/* Construct a prompt in a user-defined manner.  object_desc is a
-	   textual short description of the object, for example "pass phrase",
-	   and object_name is the name of the object (might be a card name or
-	   a file name.
-	   The returned string shall always be allocated on the heap with
-	   OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). */
-	char *(*ui_construct_prompt)(UI *ui, const char *object_desc,
-		const char *object_name);
-	};
-
-struct ui_string_st
-	{
-	enum UI_string_types type; /* Input */
-	const char *out_string;	/* Input */
-	int input_flags;	/* Flags from the user */
-
-	/* The following parameters are completely irrelevant for UIT_INFO,
-	   and can therefore be set to 0 or NULL */
-	char *result_buf;	/* Input and Output: If not NULL, user-defined
-				   with size in result_maxsize.  Otherwise, it
-				   may be allocated by the UI routine, meaning
-				   result_minsize is going to be overwritten.*/
-	union
-		{
-		struct
-			{
-			int result_minsize;	/* Input: minimum required
-						   size of the result.
-						*/
-			int result_maxsize;	/* Input: maximum permitted
-						   size of the result */
-
-			const char *test_buf;	/* Input: test string to verify
-						   against */
-			} string_data;
-		struct
-			{
-			const char *action_desc; /* Input */
-			const char *ok_chars; /* Input */
-			const char *cancel_chars; /* Input */
-			} boolean_data;
-		} _;
-
-#define OUT_STRING_FREEABLE 0x01
-	int flags;		/* flags for internal use */
-	};
-
-struct ui_st
-	{
-	const UI_METHOD *meth;
-	STACK_OF(UI_STRING) *strings; /* We might want to prompt for more
-					 than one thing at a time, and
-					 with different echoing status.  */
-	void *user_data;
-	CRYPTO_EX_DATA ex_data;
-
-#define UI_FLAG_REDOABLE	0x0001
-#define UI_FLAG_PRINT_ERRORS	0x0100
-	int flags;
-	};
-
-#endif
diff --git a/crypto/openssl/crypto/ui/ui_openssl.c b/crypto/openssl/crypto/ui/ui_openssl.c
deleted file mode 100644
index 75318d48a142..000000000000
--- a/crypto/openssl/crypto/ui/ui_openssl.c
+++ /dev/null
@@ -1,673 +0,0 @@
-/* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard@levitte.org) and others
- * for the OpenSSL project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* The lowest level part of this file was previously in crypto/des/read_pwd.c,
- * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-
-#include <openssl/e_os2.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
-# ifdef OPENSSL_UNISTD
-#  include OPENSSL_UNISTD
-# else
-#  include <unistd.h>
-# endif
-/* If unistd.h defines _POSIX_VERSION, we conclude that we
- * are on a POSIX system and have sigaction and termios. */
-# if defined(_POSIX_VERSION)
-
-#  define SIGACTION
-#  if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-#   define TERMIOS
-#  endif
-
-# endif
-#endif
-
-#ifdef WIN16TTY
-# undef OPENSSL_SYS_WIN16
-# undef WIN16
-# undef _WINDOWS
-# include <graph.h>
-#endif
-
-/* 06-Apr-92 Luke Brennan    Support for VMS */
-#include "ui_locl.h"
-#include "cryptlib.h"
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-#ifdef OPENSSL_SYS_VMS		/* prototypes for sys$whatever */
-# include <starlet.h>
-# ifdef __DECC
-#  pragma message disable DOLLARID
-# endif
-#endif
-
-#ifdef WIN_CONSOLE_BUG
-# include <windows.h>
-#ifndef OPENSSL_SYS_WINCE
-# include <wincon.h>
-#endif
-#endif
-
-
-/* There are 5 types of terminal interface supported,
- * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
- */
-
-#if defined(__sgi) && !defined(TERMIOS)
-# define TERMIOS
-# undef  TERMIO
-# undef  SGTTY
-#endif
-
-#if defined(linux) && !defined(TERMIO)
-# undef  TERMIOS
-# define TERMIO
-# undef  SGTTY
-#endif
-
-#ifdef _LIBC
-# undef  TERMIOS
-# define TERMIO
-# undef  SGTTY
-#endif
-
-#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(MAC_OS_GUSI_SOURCE)
-# undef  TERMIOS
-# undef  TERMIO
-# define SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-#undef TERMIOS
-#undef TERMIO
-#undef SGTTY
-#endif
-
-#ifdef TERMIOS
-# include <termios.h>
-# define TTY_STRUCT		struct termios
-# define TTY_FLAGS		c_lflag
-# define TTY_get(tty,data)	tcgetattr(tty,data)
-# define TTY_set(tty,data)	tcsetattr(tty,TCSANOW,data)
-#endif
-
-#ifdef TERMIO
-# include <termio.h>
-# define TTY_STRUCT		struct termio
-# define TTY_FLAGS		c_lflag
-# define TTY_get(tty,data)	ioctl(tty,TCGETA,data)
-# define TTY_set(tty,data)	ioctl(tty,TCSETA,data)
-#endif
-
-#ifdef SGTTY
-# include <sgtty.h>
-# define TTY_STRUCT		struct sgttyb
-# define TTY_FLAGS		sg_flags
-# define TTY_get(tty,data)	ioctl(tty,TIOCGETP,data)
-# define TTY_set(tty,data)	ioctl(tty,TIOCSETP,data)
-#endif
-
-#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS)
-# include <sys/ioctl.h>
-#endif
-
-#ifdef OPENSSL_SYS_MSDOS
-# include <conio.h>
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-# include <ssdef.h>
-# include <iodef.h>
-# include <ttdef.h>
-# include <descrip.h>
-struct IOSB {
-	short iosb$w_value;
-	short iosb$w_count;
-	long  iosb$l_info;
-	};
-#endif
-
-#ifdef OPENSSL_SYS_SUNOS
-	typedef int sig_atomic_t;
-#endif
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE)
-/*
- * This one needs work. As a matter of fact the code is unoperational
- * and this is only a trick to get it compiled.
- *					<appro@fy.chalmers.se>
- */
-# define TTY_STRUCT int
-#endif
-
-#ifndef NX509_SIG
-# define NX509_SIG 32
-#endif
-
-
-/* Define globals.  They are protected by a lock */
-#ifdef SIGACTION
-static struct sigaction savsig[NX509_SIG];
-#else
-static void (*savsig[NX509_SIG])(int );
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-static struct IOSB iosb;
-static $DESCRIPTOR(terminal,"TT");
-static long tty_orig[3], tty_new[3]; /* XXX   Is there any guarantee that this will always suffice for the actual structures? */
-static long status;
-static unsigned short channel = 0;
-#else
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-static TTY_STRUCT tty_orig,tty_new;
-#endif
-#endif
-static FILE *tty_in, *tty_out;
-static int is_a_tty;
-
-/* Declare static functions */
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static void read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-#endif
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
-static int noecho_fgets(char *buf, int size, FILE *tty);
-#endif
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
-
-static int read_string(UI *ui, UI_STRING *uis);
-static int write_string(UI *ui, UI_STRING *uis);
-
-static int open_console(UI *ui);
-static int echo_console(UI *ui);
-static int noecho_console(UI *ui);
-static int close_console(UI *ui);
-
-static UI_METHOD ui_openssl =
-	{
-	"OpenSSL default user interface",
-	open_console,
-	write_string,
-	NULL,			/* No flusher is needed for command lines */
-	read_string,
-	close_console,
-	NULL
-	};
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void)
-	{
-	return &ui_openssl;
-	}
-
-/* The following function makes sure that info and error strings are printed
-   before any prompt. */
-static int write_string(UI *ui, UI_STRING *uis)
-	{
-	switch (UI_get_string_type(uis))
-		{
-	case UIT_ERROR:
-	case UIT_INFO:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fflush(tty_out);
-		break;
-	default:
-		break;
-		}
-	return 1;
-	}
-
-static int read_string(UI *ui, UI_STRING *uis)
-	{
-	int ok = 0;
-
-	switch (UI_get_string_type(uis))
-		{
-	case UIT_BOOLEAN:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fputs(UI_get0_action_string(uis), tty_out);
-		fflush(tty_out);
-		return read_string_inner(ui, uis,
-			UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0);
-	case UIT_PROMPT:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fflush(tty_out);
-		return read_string_inner(ui, uis,
-			UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1);
-	case UIT_VERIFY:
-		fprintf(tty_out,"Verifying - %s",
-			UI_get0_output_string(uis));
-		fflush(tty_out);
-		if ((ok = read_string_inner(ui, uis,
-			UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1)) <= 0)
-			return ok;
-		if (strcmp(UI_get0_result_string(uis),
-			UI_get0_test_string(uis)) != 0)
-			{
-			fprintf(tty_out,"Verify failure\n");
-			fflush(tty_out);
-			return 0;
-			}
-		break;
-	default:
-		break;
-		}
-	return 1;
-	}
-
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to read a string without echoing */
-static void read_till_nl(FILE *in)
-	{
-#define SIZE 4
-	char buf[SIZE+1];
-
-	do	{
-		fgets(buf,SIZE,in);
-		} while (strchr(buf,'\n') == NULL);
-	}
-
-static volatile sig_atomic_t intr_signal;
-#endif
-
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
-	{
-	static int ps;
-	int ok;
-	char result[BUFSIZ];
-	int maxsize = BUFSIZ-1;
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-	char *p;
-
-	intr_signal=0;
-	ok=0;
-	ps=0;
-
-	pushsig();
-	ps=1;
-
-	if (!echo && !noecho_console(ui))
-		goto error;
-	ps=2;
-
-	result[0]='\0';
-#ifdef OPENSSL_SYS_MSDOS
-	if (!echo)
-		{
-		noecho_fgets(result,maxsize,tty_in);
-		p=result; /* FIXME: noecho_fgets doesn't return errors */
-		}
-	else
-		p=fgets(result,maxsize,tty_in);
-#else
-	p=fgets(result,maxsize,tty_in);
-#endif
-	if(!p)
-		goto error;
-	if (feof(tty_in)) goto error;
-	if (ferror(tty_in)) goto error;
-	if ((p=(char *)strchr(result,'\n')) != NULL)
-		{
-		if (strip_nl)
-			*p='\0';
-		}
-	else
-		read_till_nl(tty_in);
-	if (UI_set_result(ui, uis, result) >= 0)
-		ok=1;
-
-error:
-	if (intr_signal == SIGINT)
-		ok=-1;
-	if (!echo) fprintf(tty_out,"\n");
-	if (ps >= 2 && !echo && !echo_console(ui))
-		ok=0;
-
-	if (ps >= 1)
-		popsig();
-#else
-	ok=1;
-#endif
-
-	OPENSSL_cleanse(result,BUFSIZ);
-	return ok;
-	}
-
-
-/* Internal functions to open, handle and close a channel to the console.  */
-static int open_console(UI *ui)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_UI);
-	is_a_tty = 1;
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS)
-	tty_in=stdin;
-	tty_out=stderr;
-#else
-#  ifdef OPENSSL_SYS_MSDOS
-#    define DEV_TTY "con"
-#  else
-#    define DEV_TTY "/dev/tty"
-#  endif
-	if ((tty_in=fopen(DEV_TTY,"r")) == NULL)
-		tty_in=stdin;
-	if ((tty_out=fopen(DEV_TTY,"w")) == NULL)
-		tty_out=stderr;
-#endif
-
-#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
-	if (TTY_get(fileno(tty_in),&tty_orig) == -1)
-		{
-#ifdef ENOTTY
-		if (errno == ENOTTY)
-			is_a_tty=0;
-		else
-#endif
-#ifdef EINVAL
-		/* Ariel Glenn ariel@columbia.edu reports that solaris
-		 * can return EINVAL instead.  This should be ok */
-		if (errno == EINVAL)
-			is_a_tty=0;
-		else
-#endif
-			return 0;
-		}
-#endif
-#ifdef OPENSSL_SYS_VMS
-	status = sys$assign(&terminal,&channel,0,0);
-	if (status != SS$_NORMAL)
-		return 0;
-	status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
-	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-		return 0;
-#endif
-	return 1;
-	}
-
-static int noecho_console(UI *ui)
-	{
-#ifdef TTY_FLAGS
-	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
-	tty_new.TTY_FLAGS &= ~ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-	if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1))
-		return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
-	tty_new[0] = tty_orig[0];
-	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
-	tty_new[2] = tty_orig[2];
-	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
-	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-		return 0;
-#endif
-	return 1;
-	}
-
-static int echo_console(UI *ui)
-	{
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
-	tty_new.TTY_FLAGS |= ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-	if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1))
-		return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
-	tty_new[0] = tty_orig[0];
-	tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
-	tty_new[2] = tty_orig[2];
-	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
-	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-		return 0;
-#endif
-	return 1;
-	}
-
-static int close_console(UI *ui)
-	{
-	if (tty_in != stdin) fclose(tty_in);
-	if (tty_out != stderr) fclose(tty_out);
-#ifdef OPENSSL_SYS_VMS
-	status = sys$dassgn(channel);
-#endif
-	CRYPTO_w_unlock(CRYPTO_LOCK_UI);
-
-	return 1;
-	}
-
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to handle signals and act on them */
-static void pushsig(void)
-	{
-	int i;
-#ifdef SIGACTION
-	struct sigaction sa;
-
-	memset(&sa,0,sizeof sa);
-	sa.sa_handler=recsig;
-#endif
-
-	for (i=1; i<NX509_SIG; i++)
-		{
-#ifdef SIGUSR1
-		if (i == SIGUSR1)
-			continue;
-#endif
-#ifdef SIGUSR2
-		if (i == SIGUSR2)
-			continue;
-#endif
-#ifdef SIGKILL
-		if (i == SIGKILL) /* We can't make any action on that. */
-			continue;
-#endif
-#ifdef SIGACTION
-		sigaction(i,&sa,&savsig[i]);
-#else
-		savsig[i]=signal(i,recsig);
-#endif
-		}
-
-#ifdef SIGWINCH
-	signal(SIGWINCH,SIG_DFL);
-#endif
-	}
-
-static void popsig(void)
-	{
-	int i;
-
-	for (i=1; i<NX509_SIG; i++)
-		{
-#ifdef SIGUSR1
-		if (i == SIGUSR1)
-			continue;
-#endif
-#ifdef SIGUSR2
-		if (i == SIGUSR2)
-			continue;
-#endif
-#ifdef SIGACTION
-		sigaction(i,&savsig[i],NULL);
-#else
-		signal(i,savsig[i]);
-#endif
-		}
-	}
-
-static void recsig(int i)
-	{
-	intr_signal=i;
-	}
-#endif
-
-/* Internal functions specific for Windows */
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static int noecho_fgets(char *buf, int size, FILE *tty)
-	{
-	int i;
-	char *p;
-
-	p=buf;
-	for (;;)
-		{
-		if (size == 0)
-			{
-			*p='\0';
-			break;
-			}
-		size--;
-#ifdef WIN16TTY
-		i=_inchar();
-#else
-		i=getch();
-#endif
-		if (i == '\r') i='\n';
-		*(p++)=i;
-		if (i == '\n')
-			{
-			*p='\0';
-			break;
-			}
-		}
-#ifdef WIN_CONSOLE_BUG
-/* Win95 has several evil console bugs: one of these is that the
- * last character read using getch() is passed to the next read: this is
- * usually a CR so this can be trouble. No STDIO fix seems to work but
- * flushing the console appears to do the trick.
- */
-		{
-			HANDLE inh;
-			inh = GetStdHandle(STD_INPUT_HANDLE);
-			FlushConsoleInputBuffer(inh);
-		}
-#endif
-	return(strlen(buf));
-	}
-#endif
diff --git a/crypto/openssl/crypto/ui/ui_util.c b/crypto/openssl/crypto/ui/ui_util.c
deleted file mode 100644
index 46bc8c1a9a08..000000000000
--- a/crypto/openssl/crypto/ui/ui_util.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* crypto/ui/ui_util.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/ui.h>
-
-int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify)
-	{
-	char buff[BUFSIZ];
-	int ret;
-
-	ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
-	OPENSSL_cleanse(buff,BUFSIZ);
-	return(ret);
-	}
-
-int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
-	{
-	int ok = 0;
-	UI *ui;
-
-	if (size < 1)
-		return -1;
-
-	ui = UI_new();
-	if (ui)
-		{
-		ok = UI_add_input_string(ui,prompt,0,buf,0,size-1);
-		if (ok >= 0 && verify)
-			ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1,
-				buf);
-		if (ok >= 0)
-			ok=UI_process(ui);
-		UI_free(ui);
-		}
-	if (ok > 0)
-		ok = 0;
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/uid.c b/crypto/openssl/crypto/uid.c
deleted file mode 100644
index 73205a4baa93..000000000000
--- a/crypto/openssl/crypto/uid.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/uid.c */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslconf.h>
-
-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2)
-
-#include OPENSSL_UNISTD
-
-int OPENSSL_issetugid(void)
-	{
-	return issetugid();
-	}
-
-#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)
-
-int OPENSSL_issetugid(void)
-	{
-	return 0;
-	}
-
-#else
-
-#include OPENSSL_UNISTD
-#include <sys/types.h>
-
-int OPENSSL_issetugid(void)
-	{
-	if (getuid() != geteuid()) return 1;
-	if (getgid() != getegid()) return 1;
-	return 0;
-	}
-#endif
-
-
-
diff --git a/crypto/openssl/crypto/x509/Makefile.save b/crypto/openssl/crypto/x509/Makefile.save
deleted file mode 100644
index 55356c680b20..000000000000
--- a/crypto/openssl/crypto/x509/Makefile.save
+++ /dev/null
@@ -1,521 +0,0 @@
-#
-# SSLeay/crypto/x509/Makefile
-#
-
-DIR=	x509
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
-	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
-	x509_set.c x509rset.c x509_err.c \
-	x509name.c x509_v3.c x509_ext.c x509_att.c \
-	x509type.c x509_lu.c x_all.c x509_txt.c \
-	x509_trs.c by_file.c by_dir.c 
-LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
-	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
-	x509_set.o x509rset.o x509_err.o \
-	x509name.o x509_v3.o x509_ext.o x509_att.o \
-	x509type.o x509_lu.o x_all.o x509_txt.o \
-	x509_trs.o by_file.o by_dir.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509.h x509_vfy.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-by_dir.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-by_dir.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-by_dir.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-by_dir.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-by_dir.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-by_dir.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-by_dir.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-by_dir.o: ../cryptlib.h
-by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-by_file.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-by_file.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-by_file.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-by_file.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-by_file.o: ../cryptlib.h
-x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_att.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_att.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_att.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_att.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_att.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_att.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_att.o: ../../include/openssl/opensslconf.h
-x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_att.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_att.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_att.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_att.o: ../cryptlib.h
-x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_cmp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_cmp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_cmp.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_cmp.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_cmp.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_cmp.o: ../../include/openssl/opensslconf.h
-x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_cmp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_cmp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_cmp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_cmp.o: ../cryptlib.h
-x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_d2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_d2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_d2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_d2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_d2.o: ../cryptlib.h
-x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_def.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_def.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_def.o: ../../include/openssl/opensslconf.h
-x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_def.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_def.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_def.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_err.o: ../../include/openssl/x509_vfy.h
-x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_ext.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_ext.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_ext.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_ext.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_ext.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_ext.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_ext.o: ../../include/openssl/opensslconf.h
-x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_ext.o: ../cryptlib.h
-x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_lu.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_lu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_lu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_lu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_lu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_lu.o: ../cryptlib.h
-x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_obj.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_obj.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_obj.o: ../../include/openssl/opensslconf.h
-x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_obj.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_obj.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_obj.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_r2x.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_r2x.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_r2x.o: ../../include/openssl/opensslconf.h
-x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_r2x.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_r2x.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_r2x.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_req.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_req.o: ../../include/openssl/opensslconf.h
-x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-x509_req.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-x509_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_set.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_set.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_set.o: ../../include/openssl/opensslconf.h
-x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_set.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_set.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_set.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_trs.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_trs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_trs.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_trs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_trs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_trs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_trs.o: ../../include/openssl/opensslconf.h
-x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_trs.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_trs.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_trs.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_trs.o: ../cryptlib.h
-x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_txt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_txt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_txt.o: ../../include/openssl/opensslconf.h
-x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_txt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_txt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_txt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_v3.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_v3.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_v3.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_v3.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_v3.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_v3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h
-x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509_vfy.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_vfy.o: ../../include/openssl/opensslconf.h
-x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509_vfy.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_vfy.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_vfy.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_vfy.o: ../cryptlib.h
-x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509name.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509name.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509name.o: ../../include/openssl/opensslconf.h
-x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509rset.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509rset.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509rset.o: ../../include/openssl/opensslconf.h
-x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509rset.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509rset.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x509spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x509spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x509spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x509spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509type.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509type.o: ../../include/openssl/opensslconf.h
-x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x509type.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509type.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509type.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-x_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_all.o: ../cryptlib.h
diff --git a/crypto/openssl/crypto/x509/Makefile.ssl b/crypto/openssl/crypto/x509/Makefile.ssl
deleted file mode 100644
index 6a5a87969190..000000000000
--- a/crypto/openssl/crypto/x509/Makefile.ssl
+++ /dev/null
@@ -1,594 +0,0 @@
-#
-# SSLeay/crypto/x509/Makefile
-#
-
-DIR=	x509
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
-	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
-	x509_set.c x509cset.c x509rset.c x509_err.c \
-	x509name.c x509_v3.c x509_ext.c x509_att.c \
-	x509type.c x509_lu.c x_all.c x509_txt.c \
-	x509_trs.c by_file.c by_dir.c 
-LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
-	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
-	x509_set.o x509cset.o x509rset.o x509_err.o \
-	x509name.o x509_v3.o x509_ext.o x509_att.o \
-	x509type.o x509_lu.o x_all.o x509_txt.o \
-	x509_trs.o by_file.o by_dir.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509.h x509_vfy.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-by_dir.o: ../cryptlib.h by_dir.c
-by_file.o: ../../e_os.h ../../include/openssl/aes.h
-by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
-x509_att.o: ../../e_os.h ../../include/openssl/aes.h
-x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c
-x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h
-x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c
-x509_d2.o: ../../e_os.h ../../include/openssl/aes.h
-x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
-x509_def.o: ../../e_os.h ../../include/openssl/aes.h
-x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_def.o: ../../include/openssl/opensslconf.h
-x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_def.o: ../cryptlib.h x509_def.c
-x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_err.o: x509_err.c
-x509_ext.o: ../../e_os.h ../../include/openssl/aes.h
-x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c
-x509_lu.o: ../../e_os.h ../../include/openssl/aes.h
-x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
-x509_obj.o: ../../e_os.h ../../include/openssl/aes.h
-x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_obj.o: ../../include/openssl/opensslconf.h
-x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_obj.o: ../cryptlib.h x509_obj.c
-x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h
-x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_r2x.o: ../../include/openssl/opensslconf.h
-x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_r2x.o: ../cryptlib.h x509_r2x.c
-x509_req.o: ../../e_os.h ../../include/openssl/aes.h
-x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_req.o: ../../include/openssl/opensslconf.h
-x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_req.o: ../cryptlib.h x509_req.c
-x509_set.o: ../../e_os.h ../../include/openssl/aes.h
-x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_set.o: ../../include/openssl/opensslconf.h
-x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_set.o: ../cryptlib.h x509_set.c
-x509_trs.o: ../../e_os.h ../../include/openssl/aes.h
-x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c
-x509_txt.o: ../../e_os.h ../../include/openssl/aes.h
-x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_txt.o: ../../include/openssl/opensslconf.h
-x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_txt.o: ../cryptlib.h x509_txt.c
-x509_v3.o: ../../e_os.h ../../include/openssl/aes.h
-x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
-x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h
-x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c
-x509cset.o: ../../e_os.h ../../include/openssl/aes.h
-x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509cset.o: ../../include/openssl/opensslconf.h
-x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509cset.o: ../cryptlib.h x509cset.c
-x509name.o: ../../e_os.h ../../include/openssl/aes.h
-x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509name.o: ../../include/openssl/opensslconf.h
-x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509name.o: ../cryptlib.h x509name.c
-x509rset.o: ../../e_os.h ../../include/openssl/aes.h
-x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509rset.o: ../../include/openssl/opensslconf.h
-x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509rset.o: ../cryptlib.h x509rset.c
-x509spki.o: ../../e_os.h ../../include/openssl/aes.h
-x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509spki.o: ../../include/openssl/opensslconf.h
-x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509spki.o: ../cryptlib.h x509spki.c
-x509type.o: ../../e_os.h ../../include/openssl/aes.h
-x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509type.o: ../../include/openssl/opensslconf.h
-x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509type.o: ../cryptlib.h x509type.c
-x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_all.o: ../cryptlib.h x_all.c
diff --git a/crypto/openssl/crypto/x509/by_dir.c b/crypto/openssl/crypto/x509/by_dir.c
deleted file mode 100644
index 448bd7e69cca..000000000000
--- a/crypto/openssl/crypto/x509/by_dir.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* crypto/x509/by_dir.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
-# include <sys/stat.h>
-#endif
-
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-typedef struct lookup_dir_st
-	{
-	BUF_MEM *buffer;
-	int num_dirs;
-	char **dirs;
-	int *dirs_type;
-	int num_dirs_alloced;
-	} BY_DIR;
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-	char **ret);
-static int new_dir(X509_LOOKUP *lu);
-static void free_dir(X509_LOOKUP *lu);
-static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
-static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
-	X509_OBJECT *ret);
-X509_LOOKUP_METHOD x509_dir_lookup=
-	{
-	"Load certs from files in a directory",
-	new_dir,		/* new */
-	free_dir,		/* free */
-	NULL, 			/* init */
-	NULL,			/* shutdown */
-	dir_ctrl,		/* ctrl */
-	get_cert_by_subject,	/* get_by_subject */
-	NULL,			/* get_by_issuer_serial */
-	NULL,			/* get_by_fingerprint */
-	NULL,			/* get_by_alias */
-	};
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
-	{
-	return(&x509_dir_lookup);
-	}
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-	     char **retp)
-	{
-	int ret=0;
-	BY_DIR *ld;
-	char *dir;
-
-	ld=(BY_DIR *)ctx->method_data;
-
-	switch (cmd)
-		{
-	case X509_L_ADD_DIR:
-		if (argl == X509_FILETYPE_DEFAULT)
-			{
-			ret=add_cert_dir(ld,X509_get_default_cert_dir(),
-				X509_FILETYPE_PEM);
-			if (!ret)
-				{
-				X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
-				}
-			else
-				{
-				dir=(char *)Getenv(X509_get_default_cert_dir_env());
-				ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
-				}
-			}
-		else
-			ret=add_cert_dir(ld,argp,(int)argl);
-		break;
-		}
-	return(ret);
-	}
-
-static int new_dir(X509_LOOKUP *lu)
-	{
-	BY_DIR *a;
-
-	if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
-		return(0);
-	if ((a->buffer=BUF_MEM_new()) == NULL)
-		{
-		OPENSSL_free(a);
-		return(0);
-		}
-	a->num_dirs=0;
-	a->dirs=NULL;
-	a->dirs_type=NULL;
-	a->num_dirs_alloced=0;
-	lu->method_data=(char *)a;
-	return(1);
-	}
-
-static void free_dir(X509_LOOKUP *lu)
-	{
-	BY_DIR *a;
-	int i;
-
-	a=(BY_DIR *)lu->method_data;
-	for (i=0; i<a->num_dirs; i++)
-		if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
-	if (a->dirs != NULL) OPENSSL_free(a->dirs);
-	if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
-	if (a->buffer != NULL) BUF_MEM_free(a->buffer);
-	OPENSSL_free(a);
-	}
-
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
-	{
-	int j,len;
-	int *ip;
-	const char *s,*ss,*p;
-	char **pp;
-
-	if (dir == NULL || !*dir)
-	    {
-	    X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY);
-	    return 0;
-	    }
-
-	s=dir;
-	p=s;
-	for (;;)
-		{
-		if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
-			{
-			ss=s;
-			s=p+1;
-			len=(int)(p-ss);
-			if (len == 0) continue;
-			for (j=0; j<ctx->num_dirs; j++)
-				if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
-					continue;
-			if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
-				{
-				ctx->num_dirs_alloced+=10;
-				pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
-					sizeof(char *));
-				ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
-					sizeof(int));
-				if ((pp == NULL) || (ip == NULL))
-					{
-					X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
-					return(0);
-					}
-				memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
-					sizeof(char *));
-				memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
-					sizeof(int));
-				if (ctx->dirs != NULL)
-					OPENSSL_free(ctx->dirs);
-				if (ctx->dirs_type != NULL)
-					OPENSSL_free(ctx->dirs_type);
-				ctx->dirs=pp;
-				ctx->dirs_type=ip;
-				}
-			ctx->dirs_type[ctx->num_dirs]=type;
-			ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
-			if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
-			strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
-			ctx->dirs[ctx->num_dirs][len]='\0';
-			ctx->num_dirs++;
-			}
-		if (*p == '\0') break;
-		p++;
-		}
-	return(1);
-	}
-
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
-	     X509_OBJECT *ret)
-	{
-	BY_DIR *ctx;
-	union	{
-		struct	{
-			X509 st_x509;
-			X509_CINF st_x509_cinf;
-			} x509;
-		struct	{
-			X509_CRL st_crl;
-			X509_CRL_INFO st_crl_info;
-			} crl;
-		} data;
-	int ok=0;
-	int i,j,k;
-	unsigned long h;
-	BUF_MEM *b=NULL;
-	struct stat st;
-	X509_OBJECT stmp,*tmp;
-	const char *postfix="";
-
-	if (name == NULL) return(0);
-
-	stmp.type=type;
-	if (type == X509_LU_X509)
-		{
-		data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
-		data.x509.st_x509_cinf.subject=name;
-		stmp.data.x509= &data.x509.st_x509;
-		postfix="";
-		}
-	else if (type == X509_LU_CRL)
-		{
-		data.crl.st_crl.crl= &data.crl.st_crl_info;
-		data.crl.st_crl_info.issuer=name;
-		stmp.data.crl= &data.crl.st_crl;
-		postfix="r";
-		}
-	else
-		{
-		X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
-		goto finish;
-		}
-
-	if ((b=BUF_MEM_new()) == NULL)
-		{
-		X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
-		goto finish;
-		}
-	
-	ctx=(BY_DIR *)xl->method_data;
-
-	h=X509_NAME_hash(name);
-	for (i=0; i<ctx->num_dirs; i++)
-		{
-		j=strlen(ctx->dirs[i])+1+8+6+1+1;
-		if (!BUF_MEM_grow(b,j))
-			{
-			X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
-			goto finish;
-			}
-		k=0;
-		for (;;)
-			{
-			sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
-				postfix,k);
-			k++;
-			if (stat(b->data,&st) < 0)
-				break;
-			/* found one. */
-			if (type == X509_LU_X509)
-				{
-				if ((X509_load_cert_file(xl,b->data,
-					ctx->dirs_type[i])) == 0)
-					break;
-				}
-			else if (type == X509_LU_CRL)
-				{
-				if ((X509_load_crl_file(xl,b->data,
-					ctx->dirs_type[i])) == 0)
-					break;
-				}
-			/* else case will caught higher up */
-			}
-
-		/* we have added it to the cache so now pull
-		 * it out again */
-		CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
-		j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp);
-		if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j);
-		else tmp = NULL;
-		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
-
-		if (tmp != NULL)
-			{
-			ok=1;
-			ret->type=tmp->type;
-			memcpy(&ret->data,&tmp->data,sizeof(ret->data));
-			/* If we were going to up the reference count,
-			 * we would need to do it on a perl 'type'
-			 * basis */
-	/*		CRYPTO_add(&tmp->data.x509->references,1,
-				CRYPTO_LOCK_X509);*/
-			goto finish;
-			}
-		}
-finish:
-	if (b != NULL) BUF_MEM_free(b);
-	return(ok);
-	}
-
diff --git a/crypto/openssl/crypto/x509/by_file.c b/crypto/openssl/crypto/x509/by_file.c
deleted file mode 100644
index 22be90cdcd91..000000000000
--- a/crypto/openssl/crypto/x509/by_file.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* crypto/x509/by_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef OPENSSL_NO_STDIO
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-	long argl, char **ret);
-X509_LOOKUP_METHOD x509_file_lookup=
-	{
-	"Load file into cache",
-	NULL,		/* new */
-	NULL,		/* free */
-	NULL, 		/* init */
-	NULL,		/* shutdown */
-	by_file_ctrl,	/* ctrl */
-	NULL,		/* get_by_subject */
-	NULL,		/* get_by_issuer_serial */
-	NULL,		/* get_by_fingerprint */
-	NULL,		/* get_by_alias */
-	};
-
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
-	{
-	return(&x509_file_lookup);
-	}
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-	     char **ret)
-	{
-	int ok=0;
-	char *file;
-
-	switch (cmd)
-		{
-	case X509_L_FILE_LOAD:
-		if (argl == X509_FILETYPE_DEFAULT)
-			{
-			file = (char *)Getenv(X509_get_default_cert_file_env());
-			if (file)
-				ok = (X509_load_cert_crl_file(ctx,file,
-					      X509_FILETYPE_PEM) != 0);
-
-			else
-				ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(),
-					      X509_FILETYPE_PEM) != 0);
-
-			if (!ok)
-				{
-				X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
-				}
-			}
-		else
-			{
-			if(argl == X509_FILETYPE_PEM)
-				ok = (X509_load_cert_crl_file(ctx,argp,
-					X509_FILETYPE_PEM) != 0);
-			else
-				ok = (X509_load_cert_file(ctx,argp,(int)argl) != 0);
-			}
-		break;
-		}
-	return(ok);
-	}
-
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
-	{
-	int ret=0;
-	BIO *in=NULL;
-	int i,count=0;
-	X509 *x=NULL;
-
-	if (file == NULL) return(1);
-	in=BIO_new(BIO_s_file_internal());
-
-	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
-		{
-		X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
-		goto err;
-		}
-
-	if (type == X509_FILETYPE_PEM)
-		{
-		for (;;)
-			{
-			x=PEM_read_bio_X509_AUX(in,NULL,NULL,NULL);
-			if (x == NULL)
-				{
-				if ((ERR_GET_REASON(ERR_peek_error()) ==
-					PEM_R_NO_START_LINE) && (count > 0))
-					{
-					ERR_clear_error();
-					break;
-					}
-				else
-					{
-					X509err(X509_F_X509_LOAD_CERT_FILE,
-						ERR_R_PEM_LIB);
-					goto err;
-					}
-				}
-			i=X509_STORE_add_cert(ctx->store_ctx,x);
-			if (!i) goto err;
-			count++;
-			X509_free(x);
-			x=NULL;
-			}
-		ret=count;
-		}
-	else if (type == X509_FILETYPE_ASN1)
-		{
-		x=d2i_X509_bio(in,NULL);
-		if (x == NULL)
-			{
-			X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		i=X509_STORE_add_cert(ctx->store_ctx,x);
-		if (!i) goto err;
-		ret=i;
-		}
-	else
-		{
-		X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
-		goto err;
-		}
-err:
-	if (x != NULL) X509_free(x);
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-	{
-	int ret=0;
-	BIO *in=NULL;
-	int i,count=0;
-	X509_CRL *x=NULL;
-
-	if (file == NULL) return(1);
-	in=BIO_new(BIO_s_file_internal());
-
-	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
-		{
-		X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB);
-		goto err;
-		}
-
-	if (type == X509_FILETYPE_PEM)
-		{
-		for (;;)
-			{
-			x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
-			if (x == NULL)
-				{
-				if ((ERR_GET_REASON(ERR_peek_error()) ==
-					PEM_R_NO_START_LINE) && (count > 0))
-					{
-					ERR_clear_error();
-					break;
-					}
-				else
-					{
-					X509err(X509_F_X509_LOAD_CRL_FILE,
-						ERR_R_PEM_LIB);
-					goto err;
-					}
-				}
-			i=X509_STORE_add_crl(ctx->store_ctx,x);
-			if (!i) goto err;
-			count++;
-			X509_CRL_free(x);
-			x=NULL;
-			}
-		ret=count;
-		}
-	else if (type == X509_FILETYPE_ASN1)
-		{
-		x=d2i_X509_CRL_bio(in,NULL);
-		if (x == NULL)
-			{
-			X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		i=X509_STORE_add_crl(ctx->store_ctx,x);
-		if (!i) goto err;
-		ret=i;
-		}
-	else
-		{
-		X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE);
-		goto err;
-		}
-err:
-	if (x != NULL) X509_CRL_free(x);
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-	STACK_OF(X509_INFO) *inf;
-	X509_INFO *itmp;
-	BIO *in;
-	int i, count = 0;
-	if(type != X509_FILETYPE_PEM)
-		return X509_load_cert_file(ctx, file, type);
-	in = BIO_new_file(file, "r");
-	if(!in) {
-		X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_SYS_LIB);
-		return 0;
-	}
-	inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
-	BIO_free(in);
-	if(!inf) {
-		X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);
-		return 0;
-	}
-	for(i = 0; i < sk_X509_INFO_num(inf); i++) {
-		itmp = sk_X509_INFO_value(inf, i);
-		if(itmp->x509) {
-			X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
-			count++;
-		} else if(itmp->crl) {
-			X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
-			count++;
-		}
-	}
-	sk_X509_INFO_pop_free(inf, X509_INFO_free);
-	return count;
-}
-
-
-#endif /* OPENSSL_NO_STDIO */
-
diff --git a/crypto/openssl/crypto/x509/x509.h b/crypto/openssl/crypto/x509/x509.h
deleted file mode 100644
index eaad5685a8f8..000000000000
--- a/crypto/openssl/crypto/x509/x509.h
+++ /dev/null
@@ -1,1262 +0,0 @@
-/* crypto/x509/x509.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-#define HEADER_X509_H
-
-#include <openssl/symhacks.h>
-#ifndef OPENSSL_NO_BUFFER
-#include <openssl/buffer.h>
-#endif
-#ifndef OPENSSL_NO_EVP
-#include <openssl/evp.h>
-#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/asn1.h>
-#include <openssl/safestack.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_SHA
-#include <openssl/sha.h>
-#endif
-#include <openssl/e_os2.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-/* Under Win32 this is defined in wincrypt.h */
-#undef X509_NAME
-#endif
-
-#define X509_FILETYPE_PEM	1
-#define X509_FILETYPE_ASN1	2
-#define X509_FILETYPE_DEFAULT	3
-
-#define X509v3_KU_DIGITAL_SIGNATURE	0x0080
-#define X509v3_KU_NON_REPUDIATION	0x0040
-#define X509v3_KU_KEY_ENCIPHERMENT	0x0020
-#define X509v3_KU_DATA_ENCIPHERMENT	0x0010
-#define X509v3_KU_KEY_AGREEMENT		0x0008
-#define X509v3_KU_KEY_CERT_SIGN		0x0004
-#define X509v3_KU_CRL_SIGN		0x0002
-#define X509v3_KU_ENCIPHER_ONLY		0x0001
-#define X509v3_KU_DECIPHER_ONLY		0x8000
-#define X509v3_KU_UNDEF			0xffff
-
-typedef struct X509_objects_st
-	{
-	int nid;
-	int (*a2i)();
-	int (*i2a)();
-	} X509_OBJECTS;
-
-struct X509_algor_st
-	{
-	ASN1_OBJECT *algorithm;
-	ASN1_TYPE *parameter;
-	} /* X509_ALGOR */;
-
-DECLARE_STACK_OF(X509_ALGOR)
-DECLARE_ASN1_SET_OF(X509_ALGOR)
-
-typedef struct X509_val_st
-	{
-	ASN1_TIME *notBefore;
-	ASN1_TIME *notAfter;
-	} X509_VAL;
-
-typedef struct X509_pubkey_st
-	{
-	X509_ALGOR *algor;
-	ASN1_BIT_STRING *public_key;
-	EVP_PKEY *pkey;
-	} X509_PUBKEY;
-
-typedef struct X509_sig_st
-	{
-	X509_ALGOR *algor;
-	ASN1_OCTET_STRING *digest;
-	} X509_SIG;
-
-typedef struct X509_name_entry_st
-	{
-	ASN1_OBJECT *object;
-	ASN1_STRING *value;
-	int set;
-	int size; 	/* temp variable */
-	} X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
-
-/* we always keep X509_NAMEs in 2 forms. */
-struct X509_name_st
-	{
-	STACK_OF(X509_NAME_ENTRY) *entries;
-	int modified;	/* true if 'bytes' needs to be built */
-#ifndef OPENSSL_NO_BUFFER
-	BUF_MEM *bytes;
-#else
-	char *bytes;
-#endif
-	unsigned long hash; /* Keep the hash around for lookups */
-	} /* X509_NAME */;
-
-DECLARE_STACK_OF(X509_NAME)
-
-#define X509_EX_V_NETSCAPE_HACK		0x8000
-#define X509_EX_V_INIT			0x0001
-typedef struct X509_extension_st
-	{
-	ASN1_OBJECT *object;
-	ASN1_BOOLEAN critical;
-	ASN1_OCTET_STRING *value;
-	} X509_EXTENSION;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-DECLARE_ASN1_SET_OF(X509_EXTENSION)
-
-/* a sequence of these are used */
-typedef struct x509_attributes_st
-	{
-	ASN1_OBJECT *object;
-	int single; /* 0 for a set, 1 for a single item (which is wrong) */
-	union	{
-		char		*ptr;
-/* 0 */		STACK_OF(ASN1_TYPE) *set;
-/* 1 */		ASN1_TYPE	*single;
-		} value;
-	} X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-
-
-typedef struct X509_req_info_st
-	{
-	ASN1_ENCODING enc;
-	ASN1_INTEGER *version;
-	X509_NAME *subject;
-	X509_PUBKEY *pubkey;
-	/*  d=2 hl=2 l=  0 cons: cont: 00 */
-	STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-	} X509_REQ_INFO;
-
-typedef struct X509_req_st
-	{
-	X509_REQ_INFO *req_info;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int references;
-	} X509_REQ;
-
-typedef struct x509_cinf_st
-	{
-	ASN1_INTEGER *version;		/* [ 0 ] default of v1 */
-	ASN1_INTEGER *serialNumber;
-	X509_ALGOR *signature;
-	X509_NAME *issuer;
-	X509_VAL *validity;
-	X509_NAME *subject;
-	X509_PUBKEY *key;
-	ASN1_BIT_STRING *issuerUID;		/* [ 1 ] optional in v2 */
-	ASN1_BIT_STRING *subjectUID;		/* [ 2 ] optional in v2 */
-	STACK_OF(X509_EXTENSION) *extensions;	/* [ 3 ] optional in v3 */
-	} X509_CINF;
-
-/* This stuff is certificate "auxiliary info"
- * it contains details which are useful in certificate
- * stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st
-	{
-	STACK_OF(ASN1_OBJECT) *trust;		/* trusted uses */
-	STACK_OF(ASN1_OBJECT) *reject;		/* rejected uses */
-	ASN1_UTF8STRING *alias;			/* "friendly name" */
-	ASN1_OCTET_STRING *keyid;		/* key id of private key */
-	STACK_OF(X509_ALGOR) *other;		/* other unspecified info */
-	} X509_CERT_AUX;
-
-struct x509_st
-	{
-	X509_CINF *cert_info;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int valid;
-	int references;
-	char *name;
-	CRYPTO_EX_DATA ex_data;
-	/* These contain copies of various extension values */
-	long ex_pathlen;
-	unsigned long ex_flags;
-	unsigned long ex_kusage;
-	unsigned long ex_xkusage;
-	unsigned long ex_nscert;
-	ASN1_OCTET_STRING *skid;
-	struct AUTHORITY_KEYID_st *akid;
-#ifndef OPENSSL_NO_SHA
-	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-#endif
-	X509_CERT_AUX *aux;
-	} /* X509 */;
-
-DECLARE_STACK_OF(X509)
-DECLARE_ASN1_SET_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
-	int trust;
-	int flags;
-	int (*check_trust)(struct x509_trust_st *, X509 *, int);
-	char *name;
-	int arg1;
-	void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-/* standard trust ids */
-
-#define X509_TRUST_DEFAULT	-1	/* Only valid in purpose settings */
-
-#define X509_TRUST_COMPAT	1
-#define X509_TRUST_SSL_CLIENT	2
-#define X509_TRUST_SSL_SERVER	3
-#define X509_TRUST_EMAIL	4
-#define X509_TRUST_OBJECT_SIGN	5
-#define X509_TRUST_OCSP_SIGN	6
-#define X509_TRUST_OCSP_REQUEST	7
-
-/* Keep these up to date! */
-#define X509_TRUST_MIN		1
-#define X509_TRUST_MAX		7
-
-
-/* trust_flags values */
-#define	X509_TRUST_DYNAMIC 	1
-#define	X509_TRUST_DYNAMIC_NAME	2
-
-/* check_trust return codes */
-
-#define X509_TRUST_TRUSTED	1
-#define X509_TRUST_REJECTED	2
-#define X509_TRUST_UNTRUSTED	3
-
-/* Flags for X509_print_ex() */
-
-#define	X509_FLAG_COMPAT		0
-#define	X509_FLAG_NO_HEADER		1L
-#define	X509_FLAG_NO_VERSION		(1L << 1)
-#define	X509_FLAG_NO_SERIAL		(1L << 2)
-#define	X509_FLAG_NO_SIGNAME		(1L << 3)
-#define	X509_FLAG_NO_ISSUER		(1L << 4)
-#define	X509_FLAG_NO_VALIDITY		(1L << 5)
-#define	X509_FLAG_NO_SUBJECT		(1L << 6)
-#define	X509_FLAG_NO_PUBKEY		(1L << 7)
-#define	X509_FLAG_NO_EXTENSIONS		(1L << 8)
-#define	X509_FLAG_NO_SIGDUMP		(1L << 9)
-#define	X509_FLAG_NO_AUX		(1L << 10)
-#define	X509_FLAG_NO_ATTRIBUTES		(1L << 11)
-
-/* Flags specific to X509_NAME_print_ex() */	
-
-/* The field separator information */
-
-#define XN_FLAG_SEP_MASK	(0xf << 16)
-
-#define XN_FLAG_COMPAT		0		/* Traditional SSLeay: use old X509_NAME_print */
-#define XN_FLAG_SEP_COMMA_PLUS	(1 << 16)	/* RFC2253 ,+ */
-#define XN_FLAG_SEP_CPLUS_SPC	(2 << 16)	/* ,+ spaced: more readable */
-#define XN_FLAG_SEP_SPLUS_SPC	(3 << 16)	/* ;+ spaced */
-#define XN_FLAG_SEP_MULTILINE	(4 << 16)	/* One line per field */
-
-#define XN_FLAG_DN_REV		(1 << 20)	/* Reverse DN order */
-
-/* How the field name is shown */
-
-#define XN_FLAG_FN_MASK		(0x3 << 21)
-
-#define XN_FLAG_FN_SN		0		/* Object short name */
-#define XN_FLAG_FN_LN		(1 << 21)	/* Object long name */
-#define XN_FLAG_FN_OID		(2 << 21)	/* Always use OIDs */
-#define XN_FLAG_FN_NONE		(3 << 21)	/* No field names */
-
-#define XN_FLAG_SPC_EQ		(1 << 23)	/* Put spaces round '=' */
-
-/* This determines if we dump fields we don't recognise:
- * RFC2253 requires this.
- */
-
-#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-#define XN_FLAG_FN_ALIGN	(1 << 25)	/* Align field names to 20 characters */
-
-/* Complete set of RFC2253 flags */
-
-#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
-			XN_FLAG_SEP_COMMA_PLUS | \
-			XN_FLAG_DN_REV | \
-			XN_FLAG_FN_SN | \
-			XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
-			ASN1_STRFLGS_ESC_QUOTE | \
-			XN_FLAG_SEP_CPLUS_SPC | \
-			XN_FLAG_SPC_EQ | \
-			XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
-			ASN1_STRFLGS_ESC_MSB | \
-			XN_FLAG_SEP_MULTILINE | \
-			XN_FLAG_SPC_EQ | \
-			XN_FLAG_FN_LN | \
-			XN_FLAG_FN_ALIGN)
-
-typedef struct X509_revoked_st
-	{
-	ASN1_INTEGER *serialNumber;
-	ASN1_TIME *revocationDate;
-	STACK_OF(X509_EXTENSION) /* optional */ *extensions;
-	int sequence; /* load sequence */
-	} X509_REVOKED;
-
-DECLARE_STACK_OF(X509_REVOKED)
-DECLARE_ASN1_SET_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st
-	{
-	ASN1_INTEGER *version;
-	X509_ALGOR *sig_alg;
-	X509_NAME *issuer;
-	ASN1_TIME *lastUpdate;
-	ASN1_TIME *nextUpdate;
-	STACK_OF(X509_REVOKED) *revoked;
-	STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
-	} X509_CRL_INFO;
-
-struct X509_crl_st
-	{
-	/* actual signature */
-	X509_CRL_INFO *crl;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int references;
-	} /* X509_CRL */;
-
-DECLARE_STACK_OF(X509_CRL)
-DECLARE_ASN1_SET_OF(X509_CRL)
-
-typedef struct private_key_st
-	{
-	int version;
-	/* The PKCS#8 data types */
-	X509_ALGOR *enc_algor;
-	ASN1_OCTET_STRING *enc_pkey;	/* encrypted pub key */
-
-	/* When decrypted, the following will not be NULL */
-	EVP_PKEY *dec_pkey;
-
-	/* used to encrypt and decrypt */
-	int key_length;
-	char *key_data;
-	int key_free;	/* true if we should auto free key_data */
-
-	/* expanded version of 'enc_algor' */
-	EVP_CIPHER_INFO cipher;
-
-	int references;
-	} X509_PKEY;
-
-#ifndef OPENSSL_NO_EVP
-typedef struct X509_info_st
-	{
-	X509 *x509;
-	X509_CRL *crl;
-	X509_PKEY *x_pkey;
-
-	EVP_CIPHER_INFO enc_cipher;
-	int enc_len;
-	char *enc_data;
-
-	int references;
-	} X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-#endif
-
-/* The next 2 structures and their 8 routines were sent to me by
- * Pat Richard <patr@x509.com> and are used to manipulate
- * Netscapes spki structures - useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st
-	{
-	X509_PUBKEY *pubkey;
-	ASN1_IA5STRING *challenge;	/* challenge sent in atlas >= PR2 */
-	} NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st
-	{
-	NETSCAPE_SPKAC *spkac;	/* signed public key and challenge */
-	X509_ALGOR *sig_algor;
-	ASN1_BIT_STRING *signature;
-	} NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence
-	{
-	ASN1_OBJECT *type;
-	STACK_OF(X509) *certs;
-	} NETSCAPE_CERT_SEQUENCE;
-
-/* Unused (and iv length is wrong)
-typedef struct CBCParameter_st
-	{
-	unsigned char iv[8];
-	} CBC_PARAM;
-*/
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
-ASN1_OCTET_STRING *salt;
-ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
-X509_ALGOR *keyfunc;
-X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-ASN1_TYPE *salt;	/* Usually OCTET STRING but could be anything */
-ASN1_INTEGER *iter;
-ASN1_INTEGER *keylength;
-X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-
-/* PKCS#8 private key info structure */
-
-typedef struct pkcs8_priv_key_info_st
-        {
-        int broken;     /* Flag for various broken formats */
-#define PKCS8_OK		0
-#define PKCS8_NO_OCTET		1
-#define PKCS8_EMBEDDED_PARAM	2
-#define PKCS8_NS_DB		3
-        ASN1_INTEGER *version;
-        X509_ALGOR *pkeyalg;
-        ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
-        STACK_OF(X509_ATTRIBUTE) *attributes;
-        } PKCS8_PRIV_KEY_INFO;
-
-#ifdef  __cplusplus
-}
-#endif
-
-#include <openssl/x509_vfy.h>
-#include <openssl/pkcs7.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef SSLEAY_MACROS
-#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
-	a->signature,(char *)a->cert_info,r)
-#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
-	a->sig_alg,a->signature,(char *)a->req_info,r)
-#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
-	a->sig_alg, a->signature,(char *)a->crl,r)
-
-#define X509_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
-		x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
-#define X509_REQ_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
-		x->signature, (char *)x->req_info,pkey,md)
-#define X509_CRL_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
-		x->signature, (char *)x->crl,pkey,md)
-#define NETSCAPE_SPKI_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
-		x->signature, (char *)x->spkac,pkey,md)
-
-#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
-		(char *(*)())d2i_X509,(char *)x509)
-#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
-		(int (*)())i2d_X509_ATTRIBUTE, \
-		(char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
-#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
-		(int (*)())i2d_X509_EXTENSION, \
-		(char *(*)())d2i_X509_EXTENSION,(char *)ex)
-#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
-		(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
-#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
-#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
-		(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
-#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
-
-#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
-		(char *(*)())d2i_X509_CRL,(char *)crl)
-#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
-		X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
-		(unsigned char **)(crl))
-#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
-		(unsigned char *)crl)
-#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
-		X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
-		(unsigned char **)(crl))
-#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
-		(unsigned char *)crl)
-
-#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
-		(char *(*)())d2i_PKCS7,(char *)p7)
-#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
-		PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
-		(unsigned char **)(p7))
-#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
-		(unsigned char *)p7)
-#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
-		PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
-		(unsigned char **)(p7))
-#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
-		(unsigned char *)p7)
-
-#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
-		(char *(*)())d2i_X509_REQ,(char *)req)
-#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
-		X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
-		(unsigned char **)(req))
-#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
-		(unsigned char *)req)
-#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
-		X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
-		(unsigned char **)(req))
-#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
-		(unsigned char *)req)
-
-#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
-		(char *(*)())d2i_RSAPublicKey,(char *)rsa)
-#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
-		(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
-
-#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
-		(unsigned char *)rsa)
-#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
-		(unsigned char *)rsa)
-
-#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
-		(unsigned char *)rsa)
-#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
-		(unsigned char *)rsa)
-
-#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
-		(unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
-		(unsigned char *)dsa)
-#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
-		(unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
-		(unsigned char *)dsa)
-
-#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
-		(char *(*)())d2i_X509_ALGOR,(char *)xn)
-
-#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
-		(char *(*)())d2i_X509_NAME,(char *)xn)
-#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
-		(int (*)())i2d_X509_NAME_ENTRY, \
-		(char *(*)())d2i_X509_NAME_ENTRY,\
-		(char *)ne)
-
-#define X509_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
-#define X509_NAME_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
-		(char *)data,md,len)
-#endif
-#endif
-
-#define X509_EXT_PACK_UNKNOWN	1
-#define X509_EXT_PACK_STRING	2
-
-#define		X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-#define		X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-#define		X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-#define		X509_extract_key(x)	X509_get_pubkey(x) /*****/
-#define		X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-#define		X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-#define		X509_REQ_extract_key(a)	X509_REQ_get_pubkey(a)
-#define		X509_name_cmp(a,b)	X509_NAME_cmp((a),(b))
-#define		X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-#define		X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-#define 	X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-#define 	X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-#define		X509_CRL_get_issuer(x) ((x)->crl->issuer)
-#define		X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-/* This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
-#define 	X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-
-const char *X509_verify_cert_error_string(long n);
-
-#ifndef SSLEAY_MACROS
-#ifndef OPENSSL_NO_EVP
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_pubkey_digest(const X509 *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_digest(const X509 *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-#endif
-
-#ifndef OPENSSL_NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp,X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
-						PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-#endif
-
-#ifndef OPENSSL_NO_BIO
-X509 *d2i_X509_bio(BIO *bp,X509 **x509);
-int i2d_X509_bio(BIO *bp,X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
-						PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-#endif
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-#ifndef OPENSSL_NO_RSA
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-#endif
-
-#endif /* !SSLEAY_MACROS */
-
-int		X509_cmp_time(ASN1_TIME *s, time_t *t);
-int		X509_cmp_current_time(ASN1_TIME *s);
-ASN1_TIME *	X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME *	X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char *	X509_get_default_cert_area(void );
-const char *	X509_get_default_cert_dir(void );
-const char *	X509_get_default_cert_file(void );
-const char *	X509_get_default_cert_dir_env(void );
-const char *	X509_get_default_cert_file_env(void );
-const char *	X509_get_default_private_dir(void );
-
-X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 *		X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-DECLARE_ASN1_FUNCTIONS(X509_VAL)
-
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int		X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_PUBKEY_get(X509_PUBKEY *key);
-int		X509_get_pubkey_parameters(EVP_PKEY *pkey,
-					   STACK_OF(X509) *chain);
-int		i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp);
-EVP_PKEY *	d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp,
-			long length);
-#ifndef OPENSSL_NO_RSA
-int		i2d_RSA_PUBKEY(RSA *a,unsigned char **pp);
-RSA *		d2i_RSA_PUBKEY(RSA **a,unsigned char **pp,
-			long length);
-#endif
-#ifndef OPENSSL_NO_DSA
-int		i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
-DSA *		d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
-			long length);
-#endif
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-int		X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509_CINF)
-
-DECLARE_ASN1_FUNCTIONS(X509)
-DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int		i2d_X509_AUX(X509 *a,unsigned char **pp);
-X509 *		d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char * X509_alias_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-
-X509_PKEY *	X509_PKEY_new(void );
-void		X509_PKEY_free(X509_PKEY *a);
-int		i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
-X509_PKEY *	d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
-
-#ifndef OPENSSL_NO_EVP
-X509_INFO *	X509_INFO_new(void);
-void		X509_INFO_free(X509_INFO *a);
-char *		X509_NAME_oneline(X509_NAME *a,char *buf,int size);
-
-int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
-	ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
-
-int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data,
-	unsigned char *md,unsigned int *len);
-
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
-	ASN1_BIT_STRING *signature,
-	char *data,EVP_PKEY *pkey, const EVP_MD *type);
-
-int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data,
-	unsigned char *md,unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
-	ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
-	ASN1_BIT_STRING *signature,
-	void *data, EVP_PKEY *pkey, const EVP_MD *type);
-#endif
-
-int 		X509_set_version(X509 *x,long version);
-int 		X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER *	X509_get_serialNumber(X509 *x);
-int 		X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME *	X509_get_issuer_name(X509 *a);
-int 		X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME *	X509_get_subject_name(X509 *a);
-int 		X509_set_notBefore(X509 *x, ASN1_TIME *tm);
-int 		X509_set_notAfter(X509 *x, ASN1_TIME *tm);
-int 		X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_get_pubkey(X509 *x);
-ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
-int		X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
-
-int		X509_REQ_set_version(X509_REQ *x,long version);
-int		X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
-int		X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_REQ_get_pubkey(X509_REQ *req);
-int		X509_REQ_extension_nid(int nid);
-int *		X509_REQ_get_extension_nids(void);
-void		X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-				int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
-			  int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-
-int X509_CRL_set_version(X509_CRL *x, long version);
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm);
-int X509_CRL_sort(X509_CRL *crl);
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
-int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
-
-int		X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
-
-int		X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_issuer_and_serial_hash(X509 *a);
-
-int		X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_issuer_name_hash(X509 *a);
-
-int		X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_subject_name_hash(X509 *x);
-
-int		X509_cmp(const X509 *a, const X509 *b);
-int		X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long	X509_NAME_hash(X509_NAME *x);
-
-int		X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-#ifndef OPENSSL_NO_FP_API
-int		X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
-int		X509_print_fp(FILE *bp,X509 *x);
-int		X509_CRL_print_fp(FILE *bp,X509_CRL *x);
-int		X509_REQ_print_fp(FILE *bp,X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
-#endif
-
-#ifndef OPENSSL_NO_BIO
-int		X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
-int		X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
-int		X509_print(BIO *bp,X509 *x);
-int		X509_ocspid_print(BIO *bp,X509 *x);
-int		X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
-int		X509_CRL_print(BIO *bp,X509_CRL *x);
-int		X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag);
-int		X509_REQ_print(BIO *bp,X509_REQ *req);
-#endif
-
-int 		X509_NAME_entry_count(X509_NAME *name);
-int 		X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
-			char *buf,int len);
-int		X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
-			char *buf,int len);
-
-/* NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
- * lastpos, search after that position on. */
-int 		X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int 		X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
-			int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int 		X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
-			int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-			unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-			unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-		char *field, int type, unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-			int type,unsigned char *bytes, int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
-			unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-			ASN1_OBJECT *obj, int type,unsigned char *bytes,
-			int len);
-int 		X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
-			ASN1_OBJECT *obj);
-int 		X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-			unsigned char *bytes, int len);
-ASN1_OBJECT *	X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *	X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int		X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int		X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
-				      int nid, int lastpos);
-int		X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
-				      ASN1_OBJECT *obj,int lastpos);
-int		X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
-					   int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
-					 X509_EXTENSION *ex, int loc);
-
-int		X509_get_ext_count(X509 *x);
-int		X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int		X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void	*	X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-int		X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-int		X509_CRL_get_ext_count(X509_CRL *x);
-int		X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int		X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int		X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void	*	X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-int		X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-int		X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int		X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int		X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int		X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void	*	X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-int		X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
-			int nid, int crit, ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
-			ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
-int		X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
-int		X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int		X509_EXTENSION_set_data(X509_EXTENSION *ex,
-			ASN1_OCTET_STRING *data);
-ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int		X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-			  int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-	     int atrtype, const void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-	     const ASN1_OBJECT *obj, int atrtype, const void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
-		const char *atrname, int type, const unsigned char *bytes, int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
-					int atrtype, void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int		X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
-				     ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(PBEPARAM)
-DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
-DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-					 unsigned char *salt, int saltlen);
-
-/* PKCS#8 utilities */
-
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST * X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-					char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-#define X509_F_ADD_CERT_DIR				 100
-#define X509_F_BY_FILE_CTRL				 101
-#define X509_F_DIR_CTRL					 102
-#define X509_F_GET_CERT_BY_SUBJECT			 103
-#define X509_F_NETSCAPE_SPKI_B64_DECODE			 129
-#define X509_F_NETSCAPE_SPKI_B64_ENCODE			 130
-#define X509_F_X509V3_ADD_EXT				 104
-#define X509_F_X509_ADD_ATTR				 135
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID		 136
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ		 137
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT		 140
-#define X509_F_X509_ATTRIBUTE_GET0_DATA			 139
-#define X509_F_X509_ATTRIBUTE_SET1_DATA			 138
-#define X509_F_X509_CHECK_PRIVATE_KEY			 128
-#define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
-#define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
-#define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
-#define X509_F_X509_LOAD_CERT_CRL_FILE			 132
-#define X509_F_X509_LOAD_CERT_FILE			 111
-#define X509_F_X509_LOAD_CRL_FILE			 112
-#define X509_F_X509_NAME_ADD_ENTRY			 113
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 114
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT		 131
-#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 115
-#define X509_F_X509_NAME_ONELINE			 116
-#define X509_F_X509_NAME_PRINT				 117
-#define X509_F_X509_PRINT_FP				 118
-#define X509_F_X509_PUBKEY_GET				 119
-#define X509_F_X509_PUBKEY_SET				 120
-#define X509_F_X509_REQ_PRINT				 121
-#define X509_F_X509_REQ_PRINT_FP			 122
-#define X509_F_X509_REQ_TO_X509				 123
-#define X509_F_X509_STORE_ADD_CERT			 124
-#define X509_F_X509_STORE_ADD_CRL			 125
-#define X509_F_X509_STORE_CTX_INIT			 143
-#define X509_F_X509_STORE_CTX_NEW			 142
-#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT		 134
-#define X509_F_X509_TO_X509_REQ				 126
-#define X509_F_X509_TRUST_ADD				 133
-#define X509_F_X509_TRUST_SET				 141
-#define X509_F_X509_VERIFY_CERT				 127
-
-/* Reason codes. */
-#define X509_R_BAD_X509_FILETYPE			 100
-#define X509_R_BASE64_DECODE_ERROR			 118
-#define X509_R_CANT_CHECK_DH_KEY			 114
-#define X509_R_CERT_ALREADY_IN_HASH_TABLE		 101
-#define X509_R_ERR_ASN1_LIB				 102
-#define X509_R_INVALID_DIRECTORY			 113
-#define X509_R_INVALID_FIELD_NAME			 119
-#define X509_R_INVALID_TRUST				 123
-#define X509_R_KEY_TYPE_MISMATCH			 115
-#define X509_R_KEY_VALUES_MISMATCH			 116
-#define X509_R_LOADING_CERT_DIR				 103
-#define X509_R_LOADING_DEFAULTS				 104
-#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY		 105
-#define X509_R_SHOULD_RETRY				 106
-#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN	 107
-#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
-#define X509_R_UNKNOWN_KEY_TYPE				 117
-#define X509_R_UNKNOWN_NID				 109
-#define X509_R_UNKNOWN_PURPOSE_ID			 121
-#define X509_R_UNKNOWN_TRUST_ID				 120
-#define X509_R_UNSUPPORTED_ALGORITHM			 111
-#define X509_R_WRONG_LOOKUP_TYPE			 112
-#define X509_R_WRONG_TYPE				 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/crypto/x509/x509_att.c b/crypto/openssl/crypto/x509/x509_att.c
deleted file mode 100644
index 0bae3d32a1a5..000000000000
--- a/crypto/openssl/crypto/x509/x509_att.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/* crypto/x509/x509_att.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-{
-	if (!x) return 0;
-	return(sk_X509_ATTRIBUTE_num(x));
-}
-
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-			  int lastpos)
-{
-	ASN1_OBJECT *obj;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL) return(-2);
-	return(X509at_get_attr_by_OBJ(x,obj,lastpos));
-}
-
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
-			  int lastpos)
-{
-	int n;
-	X509_ATTRIBUTE *ex;
-
-	if (sk == NULL) return(-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos=0;
-	n=sk_X509_ATTRIBUTE_num(sk);
-	for ( ; lastpos < n; lastpos++)
-		{
-		ex=sk_X509_ATTRIBUTE_value(sk,lastpos);
-		if (OBJ_cmp(ex->object,obj) == 0)
-			return(lastpos);
-		}
-	return(-1);
-}
-
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-		return NULL;
-	else
-		return sk_X509_ATTRIBUTE_value(x,loc);
-}
-
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	X509_ATTRIBUTE *ret;
-
-	if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-		return(NULL);
-	ret=sk_X509_ATTRIBUTE_delete(x,loc);
-	return(ret);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr)
-{
-	X509_ATTRIBUTE *new_attr=NULL;
-	STACK_OF(X509_ATTRIBUTE) *sk=NULL;
-
-	if ((x != NULL) && (*x == NULL))
-		{
-		if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
-			goto err;
-		}
-	else
-		sk= *x;
-
-	if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
-		goto err2;
-	if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
-		goto err;
-	if ((x != NULL) && (*x == NULL))
-		*x=sk;
-	return(sk);
-err:
-	X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE);
-err2:
-	if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
-	if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
-	return(NULL);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-	attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
-	if(!attr) return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
-			int nid, int type,
-			const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-	attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
-	if(!attr) return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-	attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
-	if(!attr) return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-	     int atrtype, const void *data, int len)
-{
-	ASN1_OBJECT *obj;
-	X509_ATTRIBUTE *ret;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
-		return(NULL);
-		}
-	ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
-	if (ret == NULL) ASN1_OBJECT_free(obj);
-	return(ret);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-	     const ASN1_OBJECT *obj, int atrtype, const void *data, int len)
-{
-	X509_ATTRIBUTE *ret;
-
-	if ((attr == NULL) || (*attr == NULL))
-		{
-		if ((ret=X509_ATTRIBUTE_new()) == NULL)
-			{
-			X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
-			return(NULL);
-			}
-		}
-	else
-		ret= *attr;
-
-	if (!X509_ATTRIBUTE_set1_object(ret,obj))
-		goto err;
-	if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
-		goto err;
-	
-	if ((attr != NULL) && (*attr == NULL)) *attr=ret;
-	return(ret);
-err:
-	if ((attr == NULL) || (ret != *attr))
-		X509_ATTRIBUTE_free(ret);
-	return(NULL);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
-		const char *atrname, int type, const unsigned char *bytes, int len)
-	{
-	ASN1_OBJECT *obj;
-	X509_ATTRIBUTE *nattr;
-
-	obj=OBJ_txt2obj(atrname, 0);
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
-						X509_R_INVALID_FIELD_NAME);
-		ERR_add_error_data(2, "name=", atrname);
-		return(NULL);
-		}
-	nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
-	ASN1_OBJECT_free(obj);
-	return nattr;
-	}
-
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
-{
-	if ((attr == NULL) || (obj == NULL))
-		return(0);
-	ASN1_OBJECT_free(attr->object);
-	attr->object=OBJ_dup(obj);
-	return(1);
-}
-
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len)
-{
-	ASN1_TYPE *ttmp;
-	ASN1_STRING *stmp;
-	int atype;
-	if (!attr) return 0;
-	if(attrtype & MBSTRING_FLAG) {
-		stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
-						OBJ_obj2nid(attr->object));
-		if(!stmp) {
-			X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
-			return 0;
-		}
-		atype = stmp->type;
-	} else {
-		if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
-		if(!ASN1_STRING_set(stmp, data, len)) goto err;
-		atype = attrtype;
-	}
-	if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
-	if(!(ttmp = ASN1_TYPE_new())) goto err;
-	if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
-	attr->single = 0;
-	ASN1_TYPE_set(ttmp, atype, stmp);
-	return 1;
-	err:
-	X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
-{
-	if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set);
-	if(attr->value.single) return 1;
-	return 0;
-}
-
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
-{
-	if (attr == NULL) return(NULL);
-	return(attr->object);
-}
-
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
-					int atrtype, void *data)
-{
-	ASN1_TYPE *ttmp;
-	ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
-	if(!ttmp) return NULL;
-	if(atrtype != ASN1_TYPE_get(ttmp)){
-		X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
-		return NULL;
-	}
-	return ttmp->value.ptr;
-}
-
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
-{
-	if (attr == NULL) return(NULL);
-	if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
-	if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx);
-	else return attr->value.single;
-}
diff --git a/crypto/openssl/crypto/x509/x509_cmp.c b/crypto/openssl/crypto/x509/x509_cmp.c
deleted file mode 100644
index f460102f4978..000000000000
--- a/crypto/openssl/crypto/x509/x509_cmp.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/* crypto/x509/x509_cmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
-	{
-	int i;
-	X509_CINF *ai,*bi;
-
-	ai=a->cert_info;
-	bi=b->cert_info;
-	i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
-	if (i) return(i);
-	return(X509_NAME_cmp(ai->issuer,bi->issuer));
-	}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_and_serial_hash(X509 *a)
-	{
-	unsigned long ret=0;
-	EVP_MD_CTX ctx;
-	unsigned char md[16];
-	char *f;
-
-	EVP_MD_CTX_init(&ctx);
-	f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
-	ret=strlen(f);
-	EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
-	EVP_DigestUpdate(&ctx,(unsigned char *)f,ret);
-	OPENSSL_free(f);
-	EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
-		(unsigned long)a->cert_info->serialNumber->length);
-	EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
-	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
-		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
-		)&0xffffffffL;
-	EVP_MD_CTX_cleanup(&ctx);
-	return(ret);
-	}
-#endif
-	
-int X509_issuer_name_cmp(const X509 *a, const X509 *b)
-	{
-	return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
-	}
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b)
-	{
-	return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
-	}
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
-	{
-	return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
-	}
-
-X509_NAME *X509_get_issuer_name(X509 *a)
-	{
-	return(a->cert_info->issuer);
-	}
-
-unsigned long X509_issuer_name_hash(X509 *x)
-	{
-	return(X509_NAME_hash(x->cert_info->issuer));
-	}
-
-X509_NAME *X509_get_subject_name(X509 *a)
-	{
-	return(a->cert_info->subject);
-	}
-
-ASN1_INTEGER *X509_get_serialNumber(X509 *a)
-	{
-	return(a->cert_info->serialNumber);
-	}
-
-unsigned long X509_subject_name_hash(X509 *x)
-	{
-	return(X509_NAME_hash(x->cert_info->subject));
-	}
-
-#ifndef OPENSSL_NO_SHA
-/* Compare two certificates: they must be identical for
- * this to work. NB: Although "cmp" operations are generally
- * prototyped to take "const" arguments (eg. for use in
- * STACKs), the way X509 handling is - these operations may
- * involve ensuring the hashes are up-to-date and ensuring
- * certain cert information is cached. So this is the point
- * where the "depth-first" constification tree has to halt
- * with an evil cast.
- */
-int X509_cmp(const X509 *a, const X509 *b)
-{
-	/* ensure hash is valid */
-	X509_check_purpose((X509 *)a, -1, 0);
-	X509_check_purpose((X509 *)b, -1, 0);
-
-	return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
-}
-#endif
-
-
-/* Case insensitive string comparision */
-static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-	int i;
-
-	if (a->length != b->length)
-		return (a->length - b->length);
-
-	for (i=0; i<a->length; i++)
-	{
-		int ca, cb;
-
-		ca = tolower(a->data[i]);
-		cb = tolower(b->data[i]);
-
-		if (ca != cb)
-			return(ca-cb);
-	}
-	return 0;
-}
-
-/* Case insensitive string comparision with space normalization 
- * Space normalization - ignore leading, trailing spaces, 
- *       multiple spaces between characters are replaced by single space  
- */
-static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-	unsigned char *pa = NULL, *pb = NULL;
-	int la, lb;
-	
-	la = a->length;
-	lb = b->length;
-	pa = a->data;
-	pb = b->data;
-
-	/* skip leading spaces */
-	while (la > 0 && isspace(*pa))
-	{
-		la--;
-		pa++;
-	}
-	while (lb > 0 && isspace(*pb))
-	{
-		lb--;
-		pb++;
-	}
-
-	/* skip trailing spaces */
-	while (la > 0 && isspace(pa[la-1]))
-		la--;
-	while (lb > 0 && isspace(pb[lb-1]))
-		lb--;
-
-	/* compare strings with space normalization */
-	while (la > 0 && lb > 0)
-	{
-		int ca, cb;
-
-		/* compare character */
-		ca = tolower(*pa);
-		cb = tolower(*pb);
-		if (ca != cb)
-			return (ca - cb);
-
-		pa++; pb++;
-		la--; lb--;
-
-		if (la <= 0 || lb <= 0)
-			break;
-
-		/* is white space next character ? */
-		if (isspace(*pa) && isspace(*pb))
-		{
-			/* skip remaining white spaces */
-			while (la > 0 && isspace(*pa))
-			{
-				la--;
-				pa++;
-			}
-			while (lb > 0 && isspace(*pb))
-			{
-				lb--;
-				pb++;
-			}
-		}
-	}
-	if (la > 0 || lb > 0)
-		return la - lb;
-
-	return 0;
-}
-
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
-	{
-	int i,j;
-	X509_NAME_ENTRY *na,*nb;
-
-	if (sk_X509_NAME_ENTRY_num(a->entries)
-	    != sk_X509_NAME_ENTRY_num(b->entries))
-		return sk_X509_NAME_ENTRY_num(a->entries)
-		  -sk_X509_NAME_ENTRY_num(b->entries);
-	for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
-		{
-		na=sk_X509_NAME_ENTRY_value(a->entries,i);
-		nb=sk_X509_NAME_ENTRY_value(b->entries,i);
-		j=na->value->type-nb->value->type;
-		if (j) return(j);
-		if (na->value->type == V_ASN1_PRINTABLESTRING)
-			j=nocase_spacenorm_cmp(na->value, nb->value);
-		else if (na->value->type == V_ASN1_IA5STRING
-			&& OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
-			j=nocase_cmp(na->value, nb->value);
-		else
-			{
-			j=na->value->length-nb->value->length;
-			if (j) return(j);
-			j=memcmp(na->value->data,nb->value->data,
-				na->value->length);
-			}
-		if (j) return(j);
-		j=na->set-nb->set;
-		if (j) return(j);
-		}
-
-	/* We will check the object types after checking the values
-	 * since the values will more often be different than the object
-	 * types. */
-	for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
-		{
-		na=sk_X509_NAME_ENTRY_value(a->entries,i);
-		nb=sk_X509_NAME_ENTRY_value(b->entries,i);
-		j=OBJ_cmp(na->object,nb->object);
-		if (j) return(j);
-		}
-	return(0);
-	}
-
-#ifndef OPENSSL_NO_MD5
-/* I now DER encode the name and hash it.  Since I cache the DER encoding,
- * this is reasonably efficient. */
-unsigned long X509_NAME_hash(X509_NAME *x)
-	{
-	unsigned long ret=0;
-	unsigned char md[16];
-
-	/* Make sure X509_NAME structure contains valid cached encoding */
-	i2d_X509_NAME(x,NULL);
-	EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
-
-	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
-		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
-		)&0xffffffffL;
-	return(ret);
-	}
-#endif
-
-/* Search a stack of X509 for a match */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
-		ASN1_INTEGER *serial)
-	{
-	int i;
-	X509_CINF cinf;
-	X509 x,*x509=NULL;
-
-	if(!sk) return NULL;
-
-	x.cert_info= &cinf;
-	cinf.serialNumber=serial;
-	cinf.issuer=name;
-
-	for (i=0; i<sk_X509_num(sk); i++)
-		{
-		x509=sk_X509_value(sk,i);
-		if (X509_issuer_and_serial_cmp(x509,&x) == 0)
-			return(x509);
-		}
-	return(NULL);
-	}
-
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
-	{
-	X509 *x509;
-	int i;
-
-	for (i=0; i<sk_X509_num(sk); i++)
-		{
-		x509=sk_X509_value(sk,i);
-		if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
-			return(x509);
-		}
-	return(NULL);
-	}
-
-EVP_PKEY *X509_get_pubkey(X509 *x)
-	{
-	if ((x == NULL) || (x->cert_info == NULL))
-		return(NULL);
-	return(X509_PUBKEY_get(x->cert_info->key));
-	}
-
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
-	{
-	if(!x) return NULL;
-	return x->cert_info->key->public_key;
-	}
-
-int X509_check_private_key(X509 *x, EVP_PKEY *k)
-	{
-	EVP_PKEY *xk=NULL;
-	int ok=0;
-
-	xk=X509_get_pubkey(x);
-	if (xk->type != k->type)
-	    {
-	    X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
-	    goto err;
-	    }
-	switch (k->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
-		    || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
-		    {
-		    X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
-		    goto err;
-		    }
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
-		    {
-		    X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
-		    goto err;
-		    }
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case EVP_PKEY_DH:
-		/* No idea */
-	        X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
-		goto err;
-#endif
-	default:
-	        X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
-		goto err;
-		}
-
-	ok=1;
-err:
-	EVP_PKEY_free(xk);
-	return(ok);
-	}
diff --git a/crypto/openssl/crypto/x509/x509_d2.c b/crypto/openssl/crypto/x509/x509_d2.c
deleted file mode 100644
index 51410cfd1a93..000000000000
--- a/crypto/openssl/crypto/x509/x509_d2.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/x509/x509_d2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_STDIO
-int X509_STORE_set_default_paths(X509_STORE *ctx)
-	{
-	X509_LOOKUP *lookup;
-
-	lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
-	if (lookup == NULL) return(0);
-	X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-
-	lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) return(0);
-	X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-	
-	/* clear any errors */
-	ERR_clear_error();
-
-	return(1);
-	}
-
-int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
-		const char *path)
-	{
-	X509_LOOKUP *lookup;
-
-	if (file != NULL)
-		{
-		lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
-		if (lookup == NULL) return(0);
-		if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1)
-		    return(0);
-		}
-	if (path != NULL)
-		{
-		lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
-		if (lookup == NULL) return(0);
-		if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1)
-		    return(0);
-		}
-	if ((path == NULL) && (file == NULL))
-		return(0);
-	return(1);
-	}
-
-#endif
diff --git a/crypto/openssl/crypto/x509/x509_def.c b/crypto/openssl/crypto/x509/x509_def.c
deleted file mode 100644
index e0ac151a768c..000000000000
--- a/crypto/openssl/crypto/x509/x509_def.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/x509/x509_def.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-const char *X509_get_default_private_dir(void)
-	{ return(X509_PRIVATE_DIR); }
-	
-const char *X509_get_default_cert_area(void)
-	{ return(X509_CERT_AREA); }
-
-const char *X509_get_default_cert_dir(void)
-	{ return(X509_CERT_DIR); }
-
-const char *X509_get_default_cert_file(void)
-	{ return(X509_CERT_FILE); }
-
-const char *X509_get_default_cert_dir_env(void)
-	{ return(X509_CERT_DIR_EVP); }
-
-const char *X509_get_default_cert_file_env(void)
-	{ return(X509_CERT_FILE_EVP); }
-
diff --git a/crypto/openssl/crypto/x509/x509_err.c b/crypto/openssl/crypto/x509/x509_err.c
deleted file mode 100644
index 5bbf4acf7651..000000000000
--- a/crypto/openssl/crypto/x509/x509_err.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* crypto/x509/x509_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA X509_str_functs[]=
-	{
-{ERR_PACK(0,X509_F_ADD_CERT_DIR,0),	"ADD_CERT_DIR"},
-{ERR_PACK(0,X509_F_BY_FILE_CTRL,0),	"BY_FILE_CTRL"},
-{ERR_PACK(0,X509_F_DIR_CTRL,0),	"DIR_CTRL"},
-{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0),	"GET_CERT_BY_SUBJECT"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0),	"NETSCAPE_SPKI_b64_decode"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0),	"NETSCAPE_SPKI_b64_encode"},
-{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0),	"X509v3_add_ext"},
-{ERR_PACK(0,X509_F_X509_ADD_ATTR,0),	"X509_ADD_ATTR"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),	"X509_ATTRIBUTE_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),	"X509_ATTRIBUTE_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0),	"X509_ATTRIBUTE_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0),	"X509_ATTRIBUTE_get0_data"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0),	"X509_ATTRIBUTE_set1_data"},
-{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0),	"X509_get_pubkey_parameters"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0),	"X509_load_cert_crl_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0),	"X509_load_cert_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0),	"X509_load_crl_file"},
-{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0),	"X509_NAME_add_entry"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0),	"X509_NAME_ENTRY_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0),	"X509_NAME_ENTRY_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0),	"X509_NAME_ENTRY_set_object"},
-{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0),	"X509_NAME_oneline"},
-{ERR_PACK(0,X509_F_X509_NAME_PRINT,0),	"X509_NAME_print"},
-{ERR_PACK(0,X509_F_X509_PRINT_FP,0),	"X509_print_fp"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0),	"X509_PUBKEY_get"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0),	"X509_PUBKEY_set"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT,0),	"X509_REQ_print"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0),	"X509_REQ_print_fp"},
-{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0),	"X509_REQ_to_X509"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0),	"X509_STORE_add_cert"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0),	"X509_STORE_add_crl"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_INIT,0),	"X509_STORE_CTX_init"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_NEW,0),	"X509_STORE_CTX_new"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0),	"X509_STORE_CTX_purpose_inherit"},
-{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0),	"X509_to_X509_REQ"},
-{ERR_PACK(0,X509_F_X509_TRUST_ADD,0),	"X509_TRUST_add"},
-{ERR_PACK(0,X509_F_X509_TRUST_SET,0),	"X509_TRUST_set"},
-{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0),	"X509_verify_cert"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA X509_str_reasons[]=
-	{
-{X509_R_BAD_X509_FILETYPE                ,"bad x509 filetype"},
-{X509_R_BASE64_DECODE_ERROR              ,"base64 decode error"},
-{X509_R_CANT_CHECK_DH_KEY                ,"cant check dh key"},
-{X509_R_CERT_ALREADY_IN_HASH_TABLE       ,"cert already in hash table"},
-{X509_R_ERR_ASN1_LIB                     ,"err asn1 lib"},
-{X509_R_INVALID_DIRECTORY                ,"invalid directory"},
-{X509_R_INVALID_FIELD_NAME               ,"invalid field name"},
-{X509_R_INVALID_TRUST                    ,"invalid trust"},
-{X509_R_KEY_TYPE_MISMATCH                ,"key type mismatch"},
-{X509_R_KEY_VALUES_MISMATCH              ,"key values mismatch"},
-{X509_R_LOADING_CERT_DIR                 ,"loading cert dir"},
-{X509_R_LOADING_DEFAULTS                 ,"loading defaults"},
-{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY     ,"no cert set for us to verify"},
-{X509_R_SHOULD_RETRY                     ,"should retry"},
-{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
-{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY   ,"unable to get certs public key"},
-{X509_R_UNKNOWN_KEY_TYPE                 ,"unknown key type"},
-{X509_R_UNKNOWN_NID                      ,"unknown nid"},
-{X509_R_UNKNOWN_PURPOSE_ID               ,"unknown purpose id"},
-{X509_R_UNKNOWN_TRUST_ID                 ,"unknown trust id"},
-{X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
-{X509_R_WRONG_LOOKUP_TYPE                ,"wrong lookup type"},
-{X509_R_WRONG_TYPE                       ,"wrong type"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_X509_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_X509,X509_str_functs);
-		ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/x509/x509_ext.c b/crypto/openssl/crypto/x509/x509_ext.c
deleted file mode 100644
index e7fdacb5e45a..000000000000
--- a/crypto/openssl/crypto/x509/x509_ext.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* crypto/x509/x509_ext.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-
-int X509_CRL_get_ext_count(X509_CRL *x)
-	{
-	return(X509v3_get_ext_count(x->crl->extensions));
-	}
-
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
-	}
-
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
-	}
-
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
-	}
-
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
-	{
-	return(X509v3_get_ext(x->crl->extensions,loc));
-	}
-
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
-	{
-	return(X509v3_delete_ext(x->crl->extensions,loc));
-	}
-
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
-}
-
-int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-							unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->crl->extensions, nid, value, crit, flags);
-}
-
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
-	}
-
-int X509_get_ext_count(X509 *x)
-	{
-	return(X509v3_get_ext_count(x->cert_info->extensions));
-	}
-
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
-	}
-
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
-	}
-
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
-	}
-
-X509_EXTENSION *X509_get_ext(X509 *x, int loc)
-	{
-	return(X509v3_get_ext(x->cert_info->extensions,loc));
-	}
-
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
-	{
-	return(X509v3_delete_ext(x->cert_info->extensions,loc));
-	}
-
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
-	}
-
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
-}
-
-int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-							unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->cert_info->extensions, nid, value, crit,
-							flags);
-}
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x)
-	{
-	return(X509v3_get_ext_count(x->extensions));
-	}
-
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
-	{
-	return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
-	}
-
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
-	     int lastpos)
-	{
-	return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
-	}
-
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
-	{
-	return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
-	}
-
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
-	{
-	return(X509v3_get_ext(x->extensions,loc));
-	}
-
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
-	{
-	return(X509v3_delete_ext(x->extensions,loc));
-	}
-
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
-	{
-	return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
-	}
-
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->extensions, nid, crit, idx);
-}
-
-int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-							unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->extensions, nid, value, crit, flags);
-}
-
-IMPLEMENT_STACK_OF(X509_EXTENSION)
-IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/crypto/openssl/crypto/x509/x509_lu.c b/crypto/openssl/crypto/x509/x509_lu.c
deleted file mode 100644
index b780dae5e29e..000000000000
--- a/crypto/openssl/crypto/x509/x509_lu.c
+++ /dev/null
@@ -1,557 +0,0 @@
-/* crypto/x509/x509_lu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
-	{
-	X509_LOOKUP *ret;
-
-	ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
-	if (ret == NULL) return NULL;
-
-	ret->init=0;
-	ret->skip=0;
-	ret->method=method;
-	ret->method_data=NULL;
-	ret->store_ctx=NULL;
-	if ((method->new_item != NULL) && !method->new_item(ret))
-		{
-		OPENSSL_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void X509_LOOKUP_free(X509_LOOKUP *ctx)
-	{
-	if (ctx == NULL) return;
-	if (	(ctx->method != NULL) &&
-		(ctx->method->free != NULL))
-		ctx->method->free(ctx);
-	OPENSSL_free(ctx);
-	}
-
-int X509_LOOKUP_init(X509_LOOKUP *ctx)
-	{
-	if (ctx->method == NULL) return 0;
-	if (ctx->method->init != NULL)
-		return ctx->method->init(ctx);
-	else
-		return 1;
-	}
-
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
-	{
-	if (ctx->method == NULL) return 0;
-	if (ctx->method->shutdown != NULL)
-		return ctx->method->shutdown(ctx);
-	else
-		return 1;
-	}
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
-	     char **ret)
-	{
-	if (ctx->method == NULL) return -1;
-	if (ctx->method->ctrl != NULL)
-		return ctx->method->ctrl(ctx,cmd,argc,argl,ret);
-	else
-		return 1;
-	}
-
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	     X509_OBJECT *ret)
-	{
-	if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
-		return X509_LU_FAIL;
-	if (ctx->skip) return 0;
-	return ctx->method->get_by_subject(ctx,type,name,ret);
-	}
-
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	     ASN1_INTEGER *serial, X509_OBJECT *ret)
-	{
-	if ((ctx->method == NULL) ||
-		(ctx->method->get_by_issuer_serial == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret);
-	}
-
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-	     unsigned char *bytes, int len, X509_OBJECT *ret)
-	{
-	if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret);
-	}
-
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
-	     X509_OBJECT *ret)
-	{
-	if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_alias(ctx,type,str,len,ret);
-	}
-
-  
-static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
-  	{
- 	int ret;
-
- 	ret=((*a)->type - (*b)->type);
- 	if (ret) return ret;
- 	switch ((*a)->type)
- 		{
- 	case X509_LU_X509:
- 		ret=X509_subject_name_cmp((*a)->data.x509,(*b)->data.x509);
- 		break;
- 	case X509_LU_CRL:
- 		ret=X509_CRL_cmp((*a)->data.crl,(*b)->data.crl);
- 		break;
-	default:
-		/* abort(); */
-		return 0;
-		}
-	return ret;
-	}
-
-X509_STORE *X509_STORE_new(void)
-	{
-	X509_STORE *ret;
-
-	if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
-		return NULL;
-	ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
-	ret->cache=1;
-	ret->get_cert_methods=sk_X509_LOOKUP_new_null();
-	ret->verify=0;
-	ret->verify_cb=0;
-
-	ret->purpose = 0;
-	ret->trust = 0;
-
-	ret->flags = 0;
-
-	ret->get_issuer = 0;
-	ret->check_issued = 0;
-	ret->check_revocation = 0;
-	ret->get_crl = 0;
-	ret->check_crl = 0;
-	ret->cert_crl = 0;
-	ret->cleanup = 0;
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
-	ret->references=1;
-	ret->depth=0;
-	return ret;
-	}
-
-static void cleanup(X509_OBJECT *a)
-	{
-	if (a->type == X509_LU_X509)
-		{
-		X509_free(a->data.x509);
-		}
-	else if (a->type == X509_LU_CRL)
-		{
-		X509_CRL_free(a->data.crl);
-		}
-	else
-		{
-		/* abort(); */
-		}
-
-	OPENSSL_free(a);
-	}
-
-void X509_STORE_free(X509_STORE *vfy)
-	{
-	int i;
-	STACK_OF(X509_LOOKUP) *sk;
-	X509_LOOKUP *lu;
-
-	if (vfy == NULL)
-	    return;
-
-	sk=vfy->get_cert_methods;
-	for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
-		{
-		lu=sk_X509_LOOKUP_value(sk,i);
-		X509_LOOKUP_shutdown(lu);
-		X509_LOOKUP_free(lu);
-		}
-	sk_X509_LOOKUP_free(sk);
-	sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
-	OPENSSL_free(vfy);
-	}
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
-	{
-	int i;
-	STACK_OF(X509_LOOKUP) *sk;
-	X509_LOOKUP *lu;
-
-	sk=v->get_cert_methods;
-	for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
-		{
-		lu=sk_X509_LOOKUP_value(sk,i);
-		if (m == lu->method)
-			{
-			return lu;
-			}
-		}
-	/* a new one */
-	lu=X509_LOOKUP_new(m);
-	if (lu == NULL)
-		return NULL;
-	else
-		{
-		lu->store_ctx=v;
-		if (sk_X509_LOOKUP_push(v->get_cert_methods,lu))
-			return lu;
-		else
-			{
-			X509_LOOKUP_free(lu);
-			return NULL;
-			}
-		}
-	}
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
-	     X509_OBJECT *ret)
-	{
-	X509_STORE *ctx=vs->ctx;
-	X509_LOOKUP *lu;
-	X509_OBJECT stmp,*tmp;
-	int i,j;
-
-	tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name);
-
-	if (tmp == NULL)
-		{
-		for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++)
-			{
-			lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i);
-			j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
-			if (j < 0)
-				{
-				vs->current_method=j;
-				return j;
-				}
-			else if (j)
-				{
-				tmp= &stmp;
-				break;
-				}
-			}
-		vs->current_method=0;
-		if (tmp == NULL)
-			return 0;
-		}
-
-/*	if (ret->data.ptr != NULL)
-		X509_OBJECT_free_contents(ret); */
-
-	ret->type=tmp->type;
-	ret->data.ptr=tmp->data.ptr;
-
-	X509_OBJECT_up_ref_count(ret);
-
-	return 1;
-	}
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
-	{
-	X509_OBJECT *obj;
-	int ret=1;
-
-	if (x == NULL) return 0;
-	obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	obj->type=X509_LU_X509;
-	obj->data.x509=x;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-	X509_OBJECT_up_ref_count(obj);
-
-
-	if (X509_OBJECT_retrieve_match(ctx->objs, obj))
-		{
-		X509_OBJECT_free_contents(obj);
-		OPENSSL_free(obj);
-		X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
-		ret=0;
-		} 
-	else sk_X509_OBJECT_push(ctx->objs, obj);
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-	return ret;
-	}
-
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
-	{
-	X509_OBJECT *obj;
-	int ret=1;
-
-	if (x == NULL) return 0;
-	obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	obj->type=X509_LU_CRL;
-	obj->data.crl=x;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-	X509_OBJECT_up_ref_count(obj);
-
-	if (X509_OBJECT_retrieve_match(ctx->objs, obj))
-		{
-		X509_OBJECT_free_contents(obj);
-		OPENSSL_free(obj);
-		X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE);
-		ret=0;
-		}
-	else sk_X509_OBJECT_push(ctx->objs, obj);
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-	return ret;
-	}
-
-void X509_OBJECT_up_ref_count(X509_OBJECT *a)
-	{
-	switch (a->type)
-		{
-	case X509_LU_X509:
-		CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
-		break;
-	case X509_LU_CRL:
-		CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
-		break;
-		}
-	}
-
-void X509_OBJECT_free_contents(X509_OBJECT *a)
-	{
-	switch (a->type)
-		{
-	case X509_LU_X509:
-		X509_free(a->data.x509);
-		break;
-	case X509_LU_CRL:
-		X509_CRL_free(a->data.crl);
-		break;
-		}
-	}
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-	     X509_NAME *name)
-	{
-	X509_OBJECT stmp;
-	X509 x509_s;
-	X509_CINF cinf_s;
-	X509_CRL crl_s;
-	X509_CRL_INFO crl_info_s;
-
-	stmp.type=type;
-	switch (type)
-		{
-	case X509_LU_X509:
-		stmp.data.x509= &x509_s;
-		x509_s.cert_info= &cinf_s;
-		cinf_s.subject=name;
-		break;
-	case X509_LU_CRL:
-		stmp.data.crl= &crl_s;
-		crl_s.crl= &crl_info_s;
-		crl_info_s.issuer=name;
-		break;
-	default:
-		/* abort(); */
-		return -1;
-		}
-
-	return sk_X509_OBJECT_find(h,&stmp);
-	}
-
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-	     X509_NAME *name)
-{
-	int idx;
-	idx = X509_OBJECT_idx_by_subject(h, type, name);
-	if (idx==-1) return NULL;
-	return sk_X509_OBJECT_value(h, idx);
-}
-
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x)
-{
-	int idx, i;
-	X509_OBJECT *obj;
-	idx = sk_X509_OBJECT_find(h, x);
-	if (idx == -1) return NULL;
-	if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
-	for (i = idx; i < sk_X509_OBJECT_num(h); i++)
-		{
-		obj = sk_X509_OBJECT_value(h, i);
-		if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
-			return NULL;
-		if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509))
-			return obj;
-		}
-	return NULL;
-}
-
-
-/* Try to get issuer certificate from store. Due to limitations
- * of the API this can only retrieve a single certificate matching
- * a given subject name. However it will fill the cache with all
- * matching certificates, so we can examine the cache for all 
- * matches.
- *
- * Return values are:
- *  1 lookup successful.
- *  0 certificate not found.
- * -1 some other error.
- */
-
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-	X509_NAME *xn;
-	X509_OBJECT obj, *pobj;
-	int i, ok, idx;
-	xn=X509_get_issuer_name(x);
-	ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
-	if (ok != X509_LU_X509)
-		{
-		if (ok == X509_LU_RETRY)
-			{
-			X509_OBJECT_free_contents(&obj);
-			X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
-			return -1;
-			}
-		else if (ok != X509_LU_FAIL)
-			{
-			X509_OBJECT_free_contents(&obj);
-			/* not good :-(, break anyway */
-			return -1;
-			}
-		return 0;
-		}
-	/* If certificate matches all OK */
-	if (ctx->check_issued(ctx, x, obj.data.x509))
-		{
-		*issuer = obj.data.x509;
-		return 1;
-		}
-	X509_OBJECT_free_contents(&obj);
-	/* Else find index of first matching cert */
-	idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
-	/* This shouldn't normally happen since we already have one match */
-	if (idx == -1) return 0;
-
-	/* Look through all matching certificates for a suitable issuer */
-	for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++)
-		{
-		pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
-		/* See if we've ran out of matches */
-		if (pobj->type != X509_LU_X509) return 0;
-		if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0;
-		if (ctx->check_issued(ctx, x, pobj->data.x509))
-			{
-			*issuer = pobj->data.x509;
-			X509_OBJECT_up_ref_count(pobj);
-			return 1;
-			}
-		}
-	return 0;
-}
-
-void X509_STORE_set_flags(X509_STORE *ctx, long flags)
-	{
-	ctx->flags |= flags;
-	}
-
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
-	{
-	return X509_PURPOSE_set(&ctx->purpose, purpose);
-	}
-
-int X509_STORE_set_trust(X509_STORE *ctx, int trust)
-	{
-	return X509_TRUST_set(&ctx->trust, trust);
-	}
-
-IMPLEMENT_STACK_OF(X509_LOOKUP)
-IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/crypto/openssl/crypto/x509/x509_obj.c b/crypto/openssl/crypto/x509/x509_obj.c
deleted file mode 100644
index 1e718f76eb2d..000000000000
--- a/crypto/openssl/crypto/x509/x509_obj.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* crypto/x509/x509_obj.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/buffer.h>
-
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
-	{
-	X509_NAME_ENTRY *ne;
-int i;
-	int n,lold,l,l1,l2,num,j,type;
-	const char *s;
-	char *p;
-	unsigned char *q;
-	BUF_MEM *b=NULL;
-	static char hex[17]="0123456789ABCDEF";
-	int gs_doit[4];
-	char tmp_buf[80];
-#ifdef CHARSET_EBCDIC
-	char ebcdic_buf[1024];
-#endif
-
-	if (buf == NULL)
-		{
-		if ((b=BUF_MEM_new()) == NULL) goto err;
-		if (!BUF_MEM_grow(b,200)) goto err;
-		b->data[0]='\0';
-		len=200;
-		}
-	if (a == NULL)
-	    {
-	    if(b)
-		{
-		buf=b->data;
-		OPENSSL_free(b);
-		}
-	    strncpy(buf,"NO X509_NAME",len);
-	    buf[len-1]='\0';
-	    return buf;
-	    }
-
-	len--; /* space for '\0' */
-	l=0;
-	for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++)
-		{
-		ne=sk_X509_NAME_ENTRY_value(a->entries,i);
-		n=OBJ_obj2nid(ne->object);
-		if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
-			{
-			i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object);
-			s=tmp_buf;
-			}
-		l1=strlen(s);
-
-		type=ne->value->type;
-		num=ne->value->length;
-		q=ne->value->data;
-#ifdef CHARSET_EBCDIC
-                if (type == V_ASN1_GENERALSTRING ||
-		    type == V_ASN1_VISIBLESTRING ||
-		    type == V_ASN1_PRINTABLESTRING ||
-		    type == V_ASN1_TELETEXSTRING ||
-		    type == V_ASN1_VISIBLESTRING ||
-		    type == V_ASN1_IA5STRING) {
-                        ascii2ebcdic(ebcdic_buf, q,
-				     (num > sizeof ebcdic_buf)
-				     ? sizeof ebcdic_buf : num);
-                        q=ebcdic_buf;
-		}
-#endif
-
-		if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
-			{
-			gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
-			for (j=0; j<num; j++)
-				if (q[j] != 0) gs_doit[j&3]=1;
-
-			if (gs_doit[0]|gs_doit[1]|gs_doit[2])
-				gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
-			else
-				{
-				gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
-				gs_doit[3]=1;
-				}
-			}
-		else
-			gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
-
-		for (l2=j=0; j<num; j++)
-			{
-			if (!gs_doit[j&3]) continue;
-			l2++;
-#ifndef CHARSET_EBCDIC
-			if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
-#else
-			if ((os_toascii[q[j]] < os_toascii[' ']) ||
-			    (os_toascii[q[j]] > os_toascii['~'])) l2+=3;
-#endif
-			}
-
-		lold=l;
-		l+=1+l1+1+l2;
-		if (b != NULL)
-			{
-			if (!BUF_MEM_grow(b,l+1)) goto err;
-			p= &(b->data[lold]);
-			}
-		else if (l > len)
-			{
-			break;
-			}
-		else
-			p= &(buf[lold]);
-		*(p++)='/';
-		memcpy(p,s,(unsigned int)l1); p+=l1;
-		*(p++)='=';
-
-#ifndef CHARSET_EBCDIC /* q was assigned above already. */
-		q=ne->value->data;
-#endif
-
-		for (j=0; j<num; j++)
-			{
-			if (!gs_doit[j&3]) continue;
-#ifndef CHARSET_EBCDIC
-			n=q[j];
-			if ((n < ' ') || (n > '~'))
-				{
-				*(p++)='\\';
-				*(p++)='x';
-				*(p++)=hex[(n>>4)&0x0f];
-				*(p++)=hex[n&0x0f];
-				}
-			else
-				*(p++)=n;
-#else
-			n=os_toascii[q[j]];
-			if ((n < os_toascii[' ']) ||
-			    (n > os_toascii['~']))
-				{
-				*(p++)='\\';
-				*(p++)='x';
-				*(p++)=hex[(n>>4)&0x0f];
-				*(p++)=hex[n&0x0f];
-				}
-			else
-				*(p++)=q[j];
-#endif
-			}
-		*p='\0';
-		}
-	if (b != NULL)
-		{
-		p=b->data;
-		OPENSSL_free(b);
-		}
-	else
-		p=buf;
-	if (i == 0)
-		*p = '\0';
-	return(p);
-err:
-	X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
-	if (b != NULL) BUF_MEM_free(b);
-	return(NULL);
-	}
-
diff --git a/crypto/openssl/crypto/x509/x509_r2x.c b/crypto/openssl/crypto/x509/x509_r2x.c
deleted file mode 100644
index db051033d9bf..000000000000
--- a/crypto/openssl/crypto/x509/x509_r2x.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/x509/x509_r2x.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
-	{
-	X509 *ret=NULL;
-	X509_CINF *xi=NULL;
-	X509_NAME *xn;
-
-	if ((ret=X509_new()) == NULL)
-		{
-		X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	/* duplicate the request */
-	xi=ret->cert_info;
-
-	if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0)
-		{
-		if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
-		if (!ASN1_INTEGER_set(xi->version,2)) goto err;
-/*		xi->extensions=ri->attributes; <- bad, should not ever be done
-		ri->attributes=NULL; */
-		}
-
-	xn=X509_REQ_get_subject_name(r);
-	X509_set_subject_name(ret,X509_NAME_dup(xn));
-	X509_set_issuer_name(ret,X509_NAME_dup(xn));
-
-	X509_gmtime_adj(xi->validity->notBefore,0);
-	X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
-
-	X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
-
-	if (!X509_sign(ret,pkey,EVP_md5()))
-		goto err;
-	if (0)
-		{
-err:
-		X509_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/x509/x509_req.c b/crypto/openssl/crypto/x509/x509_req.c
deleted file mode 100644
index 0affa3bf306a..000000000000
--- a/crypto/openssl/crypto/x509/x509_req.c
+++ /dev/null
@@ -1,278 +0,0 @@
-/* crypto/x509/x509_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/pem.h>
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-	{
-	X509_REQ *ret;
-	X509_REQ_INFO *ri;
-	int i;
-	EVP_PKEY *pktmp;
-
-	ret=X509_REQ_new();
-	if (ret == NULL)
-		{
-		X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	ri=ret->req_info;
-
-	ri->version->length=1;
-	ri->version->data=(unsigned char *)OPENSSL_malloc(1);
-	if (ri->version->data == NULL) goto err;
-	ri->version->data[0]=0; /* version == 0 */
-
-	if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
-		goto err;
-
-	pktmp = X509_get_pubkey(x);
-	i=X509_REQ_set_pubkey(ret,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (!i) goto err;
-
-	if (pkey != NULL)
-		{
-		if (!X509_REQ_sign(ret,pkey,md))
-			goto err;
-		}
-	return(ret);
-err:
-	X509_REQ_free(ret);
-	return(NULL);
-	}
-
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
-	{
-	if ((req == NULL) || (req->req_info == NULL))
-		return(NULL);
-	return(X509_PUBKEY_get(req->req_info->pubkey));
-	}
-
-/* It seems several organisations had the same idea of including a list of
- * extensions in a certificate request. There are at least two OIDs that are
- * used and there may be more: so the list is configurable.
- */
-
-static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
-
-static int *ext_nids = ext_nid_list;
-
-int X509_REQ_extension_nid(int req_nid)
-{
-	int i, nid;
-	for(i = 0; ; i++) {
-		nid = ext_nids[i];
-		if(nid == NID_undef) return 0;
-		else if (req_nid == nid) return 1;
-	}
-}
-
-int *X509_REQ_get_extension_nids(void)
-{
-	return ext_nids;
-}
-	
-void X509_REQ_set_extension_nids(int *nids)
-{
-	ext_nids = nids;
-}
-
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	ASN1_TYPE *ext = NULL;
-	int i;
-	unsigned char *p;
-	if ((req == NULL) || (req->req_info == NULL))
-		return(NULL);
-	sk=req->req_info->attributes;
-        if (!sk) return NULL;
-	for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-		attr = sk_X509_ATTRIBUTE_value(sk, i);
-		if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
-			if(attr->single) ext = attr->value.single;
-			else if(sk_ASN1_TYPE_num(attr->value.set))
-				ext = sk_ASN1_TYPE_value(attr->value.set, 0);
-			break;
-		}
-	}
-	if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
-	p = ext->value.sequence->data;
-	return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
-			ext->value.sequence->length,
-			d2i_X509_EXTENSION, X509_EXTENSION_free,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
- * in case we want to create a non standard one.
- */
-
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-				int nid)
-{
-	unsigned char *p = NULL, *q;
-	long len;
-	ASN1_TYPE *at = NULL;
-	X509_ATTRIBUTE *attr = NULL;
-	if(!(at = ASN1_TYPE_new()) ||
-		!(at->value.sequence = ASN1_STRING_new())) goto err;
-
-	at->type = V_ASN1_SEQUENCE;
-	/* Generate encoding of extensions */
-	len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-	if(!(p = OPENSSL_malloc(len))) goto err;
-	q = p;
-	i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-	at->value.sequence->data = p;
-	p = NULL;
-	at->value.sequence->length = len;
-	if(!(attr = X509_ATTRIBUTE_new())) goto err;
-	if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
-	if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
-	at = NULL;
-	attr->single = 0;
-	attr->object = OBJ_nid2obj(nid);
-	if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
-	return 1;
-	err:
-	if(p) OPENSSL_free(p);
-	X509_ATTRIBUTE_free(attr);
-	ASN1_TYPE_free(at);
-	return 0;
-}
-/* This is the normal usage: use the "official" OID */
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
-{
-	return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
-}
-
-/* Request attribute functions */
-
-int X509_REQ_get_attr_count(const X509_REQ *req)
-{
-	return X509at_get_attr_count(req->req_info->attributes);
-}
-
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
-			  int lastpos)
-{
-	return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
-}
-
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
-			  int lastpos)
-{
-	return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
-{
-	return X509at_get_attr(req->req_info->attributes, loc);
-}
-
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
-{
-	return X509at_delete_attr(req->req_info->attributes, loc);
-}
-
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
-{
-	if(X509at_add1_attr(&req->req_info->attributes, attr)) return 1;
-	return 0;
-}
-
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len)
-{
-	if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
-				type, bytes, len)) return 1;
-	return 0;
-}
-
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
-			int nid, int type,
-			const unsigned char *bytes, int len)
-{
-	if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
-				type, bytes, len)) return 1;
-	return 0;
-}
-
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len)
-{
-	if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
-				type, bytes, len)) return 1;
-	return 0;
-}
diff --git a/crypto/openssl/crypto/x509/x509_set.c b/crypto/openssl/crypto/x509/x509_set.c
deleted file mode 100644
index aaf61ca062b9..000000000000
--- a/crypto/openssl/crypto/x509/x509_set.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/x509/x509_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_set_version(X509 *x, long version)
-	{
-	if (x == NULL) return(0);
-	if (x->cert_info->version == NULL)
-		{
-		if ((x->cert_info->version=M_ASN1_INTEGER_new()) == NULL)
-			return(0);
-		}
-	return(ASN1_INTEGER_set(x->cert_info->version,version));
-	}
-
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
-	{
-	ASN1_INTEGER *in;
-
-	if (x == NULL) return(0);
-	in=x->cert_info->serialNumber;
-	if (in != serial)
-		{
-		in=M_ASN1_INTEGER_dup(serial);
-		if (in != NULL)
-			{
-			M_ASN1_INTEGER_free(x->cert_info->serialNumber);
-			x->cert_info->serialNumber=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_set_issuer_name(X509 *x, X509_NAME *name)
-	{
-	if ((x == NULL) || (x->cert_info == NULL)) return(0);
-	return(X509_NAME_set(&x->cert_info->issuer,name));
-	}
-
-int X509_set_subject_name(X509 *x, X509_NAME *name)
-	{
-	if ((x == NULL) || (x->cert_info == NULL)) return(0);
-	return(X509_NAME_set(&x->cert_info->subject,name));
-	}
-
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
-	{
-	ASN1_TIME *in;
-
-	if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
-	in=x->cert_info->validity->notBefore;
-	if (in != tm)
-		{
-		in=M_ASN1_TIME_dup(tm);
-		if (in != NULL)
-			{
-			M_ASN1_TIME_free(x->cert_info->validity->notBefore);
-			x->cert_info->validity->notBefore=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm)
-	{
-	ASN1_TIME *in;
-
-	if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
-	in=x->cert_info->validity->notAfter;
-	if (in != tm)
-		{
-		in=M_ASN1_TIME_dup(tm);
-		if (in != NULL)
-			{
-			M_ASN1_TIME_free(x->cert_info->validity->notAfter);
-			x->cert_info->validity->notAfter=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
-	{
-	if ((x == NULL) || (x->cert_info == NULL)) return(0);
-	return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
-	}
-
-
-
diff --git a/crypto/openssl/crypto/x509/x509_trs.c b/crypto/openssl/crypto/x509/x509_trs.c
deleted file mode 100644
index 17d69ac005b1..000000000000
--- a/crypto/openssl/crypto/x509/x509_trs.c
+++ /dev/null
@@ -1,286 +0,0 @@
-/* x509_trs.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-
-static int tr_cmp(const X509_TRUST * const *a,
-		const X509_TRUST * const *b);
-static void trtable_free(X509_TRUST *p);
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
-static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
-
-static int obj_trust(int id, X509 *x, int flags);
-static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
-
-/* WARNING: the following table should be kept in order of trust
- * and without any gaps so we can just subtract the minimum trust
- * value to get an index into the table
- */
-
-static X509_TRUST trstandard[] = {
-{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
-{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
-{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
-{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
-{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
-{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
-};
-
-#define X509_TRUST_COUNT	(sizeof(trstandard)/sizeof(X509_TRUST))
-
-IMPLEMENT_STACK_OF(X509_TRUST)
-
-static STACK_OF(X509_TRUST) *trtable = NULL;
-
-static int tr_cmp(const X509_TRUST * const *a,
-		const X509_TRUST * const *b)
-{
-	return (*a)->trust - (*b)->trust;
-}
-
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
-{
-	int (*oldtrust)(int , X509 *, int);
-	oldtrust = default_trust;
-	default_trust = trust;
-	return oldtrust;
-}
-
-
-int X509_check_trust(X509 *x, int id, int flags)
-{
-	X509_TRUST *pt;
-	int idx;
-	if(id == -1) return 1;
-	idx = X509_TRUST_get_by_id(id);
-	if(idx == -1) return default_trust(id, x, flags);
-	pt = X509_TRUST_get0(idx);
-	return pt->check_trust(pt, x, flags);
-}
-
-int X509_TRUST_get_count(void)
-{
-	if(!trtable) return X509_TRUST_COUNT;
-	return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
-}
-
-X509_TRUST * X509_TRUST_get0(int idx)
-{
-	if(idx < 0) return NULL;
-	if(idx < X509_TRUST_COUNT) return trstandard + idx;
-	return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
-}
-
-int X509_TRUST_get_by_id(int id)
-{
-	X509_TRUST tmp;
-	int idx;
-	if((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
-				 return id - X509_TRUST_MIN;
-	tmp.trust = id;
-	if(!trtable) return -1;
-	idx = sk_X509_TRUST_find(trtable, &tmp);
-	if(idx == -1) return -1;
-	return idx + X509_TRUST_COUNT;
-}
-
-int X509_TRUST_set(int *t, int trust)
-{
-	if(X509_TRUST_get_by_id(trust) == -1) {
-		X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
-		return 0;
-	}
-	*t = trust;
-	return 1;
-}
-
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-					char *name, int arg1, void *arg2)
-{
-	int idx;
-	X509_TRUST *trtmp;
-	/* This is set according to what we change: application can't set it */
-	flags &= ~X509_TRUST_DYNAMIC;
-	/* This will always be set for application modified trust entries */
-	flags |= X509_TRUST_DYNAMIC_NAME;
-	/* Get existing entry if any */
-	idx = X509_TRUST_get_by_id(id);
-	/* Need a new entry */
-	if(idx == -1) {
-		if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) {
-			X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		trtmp->flags = X509_TRUST_DYNAMIC;
-	} else trtmp = X509_TRUST_get0(idx);
-
-	/* OPENSSL_free existing name if dynamic */
-	if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name);
-	/* dup supplied name */
-	if(!(trtmp->name = BUF_strdup(name))) {
-		X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	/* Keep the dynamic flag of existing entry */
-	trtmp->flags &= X509_TRUST_DYNAMIC;
-	/* Set all other flags */
-	trtmp->flags |= flags;
-
-	trtmp->trust = id;
-	trtmp->check_trust = ck;
-	trtmp->arg1 = arg1;
-	trtmp->arg2 = arg2;
-
-	/* If its a new entry manage the dynamic table */
-	if(idx == -1) {
-		if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
-			X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if (!sk_X509_TRUST_push(trtable, trtmp)) {
-			X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void trtable_free(X509_TRUST *p)
-	{
-	if(!p) return;
-	if (p->flags & X509_TRUST_DYNAMIC) 
-		{
-		if (p->flags & X509_TRUST_DYNAMIC_NAME)
-			OPENSSL_free(p->name);
-		OPENSSL_free(p);
-		}
-	}
-
-void X509_TRUST_cleanup(void)
-{
-	int i;
-	for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i);
-	sk_X509_TRUST_pop_free(trtable, trtable_free);
-	trtable = NULL;
-}
-
-int X509_TRUST_get_flags(X509_TRUST *xp)
-{
-	return xp->flags;
-}
-
-char *X509_TRUST_get0_name(X509_TRUST *xp)
-{
-	return xp->name;
-}
-
-int X509_TRUST_get_trust(X509_TRUST *xp)
-{
-	return xp->trust;
-}
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
-{
-	if(x->aux && (x->aux->trust || x->aux->reject))
-		return obj_trust(trust->arg1, x, flags);
-	/* we don't have any trust settings: for compatibility
-	 * we return trusted if it is self signed
-	 */
-	return trust_compat(trust, x, flags);
-}
-
-static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
-{
-	if(x->aux) return obj_trust(trust->arg1, x, flags);
-	return X509_TRUST_UNTRUSTED;
-}
-
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
-{
-	X509_check_purpose(x, -1, 0);
-	if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED;
-	else return X509_TRUST_UNTRUSTED;
-}
-
-static int obj_trust(int id, X509 *x, int flags)
-{
-	ASN1_OBJECT *obj;
-	int i;
-	X509_CERT_AUX *ax;
-	ax = x->aux;
-	if(!ax) return X509_TRUST_UNTRUSTED;
-	if(ax->reject) {
-		for(i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
-			obj = sk_ASN1_OBJECT_value(ax->reject, i);
-			if(OBJ_obj2nid(obj) == id) return X509_TRUST_REJECTED;
-		}
-	}	
-	if(ax->trust) {
-		for(i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
-			obj = sk_ASN1_OBJECT_value(ax->trust, i);
-			if(OBJ_obj2nid(obj) == id) return X509_TRUST_TRUSTED;
-		}
-	}
-	return X509_TRUST_UNTRUSTED;
-}
-
diff --git a/crypto/openssl/crypto/x509/x509_txt.c b/crypto/openssl/crypto/x509/x509_txt.c
deleted file mode 100644
index 4f83db8ba2f5..000000000000
--- a/crypto/openssl/crypto/x509/x509_txt.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* crypto/x509/x509_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-const char *X509_verify_cert_error_string(long n)
-	{
-	static char buf[100];
-
-	switch ((int)n)
-		{
-	case X509_V_OK:
-		return("ok");
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		return("unable to get issuer certificate");
-	case X509_V_ERR_UNABLE_TO_GET_CRL:
-		return("unable to get certificate CRL");
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-		return("unable to decrypt certificate's signature");
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-		return("unable to decrypt CRL's signature");
-	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-		return("unable to decode issuer public key");
-	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-		return("certificate signature failure");
-	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-		return("CRL signature failure");
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-		return("certificate is not yet valid");
-	case X509_V_ERR_CRL_NOT_YET_VALID:
-		return("CRL is not yet valid");
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-		return("certificate has expired");
-	case X509_V_ERR_CRL_HAS_EXPIRED:
-		return("CRL has expired");
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		return("format error in certificate's notBefore field");
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		return("format error in certificate's notAfter field");
-	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-		return("format error in CRL's lastUpdate field");
-	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-		return("format error in CRL's nextUpdate field");
-	case X509_V_ERR_OUT_OF_MEM:
-		return("out of memory");
-	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-		return("self signed certificate");
-	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-		return("self signed certificate in certificate chain");
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-		return("unable to get local issuer certificate");
-	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-		return("unable to verify the first certificate");
-	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-		return("certificate chain too long");
-	case X509_V_ERR_CERT_REVOKED:
-		return("certificate revoked");
-	case X509_V_ERR_INVALID_CA:
-		return ("invalid CA certificate");
-	case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-		return ("path length constraint exceeded");
-	case X509_V_ERR_INVALID_PURPOSE:
-		return ("unsupported certificate purpose");
-	case X509_V_ERR_CERT_UNTRUSTED:
-		return ("certificate not trusted");
-	case X509_V_ERR_CERT_REJECTED:
-		return ("certificate rejected");
-	case X509_V_ERR_APPLICATION_VERIFICATION:
-		return("application verification failure");
-	case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
-		return("subject issuer mismatch");
-	case X509_V_ERR_AKID_SKID_MISMATCH:
-		return("authority and subject key identifier mismatch");
-	case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
-		return("authority and issuer serial number mismatch");
-	case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
-		return("key usage does not include certificate signing");
-
-	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-		return("unable to get CRL issuer certificate");
-
-	case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
-		return("unhandled critical extension");
-
-	default:
-		sprintf(buf,"error number %ld",n);
-		return(buf);
-		}
-	}
-
-
diff --git a/crypto/openssl/crypto/x509/x509_v3.c b/crypto/openssl/crypto/x509/x509_v3.c
deleted file mode 100644
index 67b1796a9213..000000000000
--- a/crypto/openssl/crypto/x509/x509_v3.c
+++ /dev/null
@@ -1,268 +0,0 @@
-/* crypto/x509/x509_v3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
-	{
-	if (x == NULL) return(0);
-	return(sk_X509_EXTENSION_num(x));
-	}
-
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
-			  int lastpos)
-	{
-	ASN1_OBJECT *obj;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL) return(-2);
-	return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
-	}
-
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
-			  int lastpos)
-	{
-	int n;
-	X509_EXTENSION *ex;
-
-	if (sk == NULL) return(-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos=0;
-	n=sk_X509_EXTENSION_num(sk);
-	for ( ; lastpos < n; lastpos++)
-		{
-		ex=sk_X509_EXTENSION_value(sk,lastpos);
-		if (OBJ_cmp(ex->object,obj) == 0)
-			return(lastpos);
-		}
-	return(-1);
-	}
-
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
-			       int lastpos)
-	{
-	int n;
-	X509_EXTENSION *ex;
-
-	if (sk == NULL) return(-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos=0;
-	n=sk_X509_EXTENSION_num(sk);
-	for ( ; lastpos < n; lastpos++)
-		{
-		ex=sk_X509_EXTENSION_value(sk,lastpos);
-		if (	((ex->critical > 0) && crit) ||
-			((ex->critical <= 0) && !crit))
-			return(lastpos);
-		}
-	return(-1);
-	}
-
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
-	{
-	if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-		return NULL;
-	else
-		return sk_X509_EXTENSION_value(x,loc);
-	}
-
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
-	{
-	X509_EXTENSION *ret;
-
-	if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-		return(NULL);
-	ret=sk_X509_EXTENSION_delete(x,loc);
-	return(ret);
-	}
-
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
-					 X509_EXTENSION *ex, int loc)
-	{
-	X509_EXTENSION *new_ex=NULL;
-	int n;
-	STACK_OF(X509_EXTENSION) *sk=NULL;
-
-	if ((x != NULL) && (*x == NULL))
-		{
-		if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
-			goto err;
-		}
-	else
-		sk= *x;
-
-	n=sk_X509_EXTENSION_num(sk);
-	if (loc > n) loc=n;
-	else if (loc < 0) loc=n;
-
-	if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
-		goto err2;
-	if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
-		goto err;
-	if ((x != NULL) && (*x == NULL))
-		*x=sk;
-	return(sk);
-err:
-	X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
-err2:
-	if (new_ex != NULL) X509_EXTENSION_free(new_ex);
-	if (sk != NULL) sk_X509_EXTENSION_free(sk);
-	return(NULL);
-	}
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
-	     int crit, ASN1_OCTET_STRING *data)
-	{
-	ASN1_OBJECT *obj;
-	X509_EXTENSION *ret;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
-		return(NULL);
-		}
-	ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
-	if (ret == NULL) ASN1_OBJECT_free(obj);
-	return(ret);
-	}
-
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
-	     ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data)
-	{
-	X509_EXTENSION *ret;
-
-	if ((ex == NULL) || (*ex == NULL))
-		{
-		if ((ret=X509_EXTENSION_new()) == NULL)
-			{
-			X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
-			return(NULL);
-			}
-		}
-	else
-		ret= *ex;
-
-	if (!X509_EXTENSION_set_object(ret,obj))
-		goto err;
-	if (!X509_EXTENSION_set_critical(ret,crit))
-		goto err;
-	if (!X509_EXTENSION_set_data(ret,data))
-		goto err;
-	
-	if ((ex != NULL) && (*ex == NULL)) *ex=ret;
-	return(ret);
-err:
-	if ((ex == NULL) || (ret != *ex))
-		X509_EXTENSION_free(ret);
-	return(NULL);
-	}
-
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
-	{
-	if ((ex == NULL) || (obj == NULL))
-		return(0);
-	ASN1_OBJECT_free(ex->object);
-	ex->object=OBJ_dup(obj);
-	return(1);
-	}
-
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
-	{
-	if (ex == NULL) return(0);
-	ex->critical=(crit)?0xFF:-1;
-	return(1);
-	}
-
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
-	{
-	int i;
-
-	if (ex == NULL) return(0);
-	i=M_ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
-	if (!i) return(0);
-	return(1);
-	}
-
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
-	{
-	if (ex == NULL) return(NULL);
-	return(ex->object);
-	}
-
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
-	{
-	if (ex == NULL) return(NULL);
-	return(ex->value);
-	}
-
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
-	{
-	if (ex == NULL) return(0);
-	if(ex->critical > 0) return 1;
-	return 0;
-	}
diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c
deleted file mode 100644
index 552d1e72516e..000000000000
--- a/crypto/openssl/crypto/x509/x509_vfy.c
+++ /dev/null
@@ -1,1187 +0,0 @@
-/* crypto/x509/x509_vfy.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-
-static int null_callback(int ok,X509_STORE_CTX *e);
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_purpose(X509_STORE_CTX *ctx);
-static int check_trust(X509_STORE_CTX *ctx);
-static int check_revocation(X509_STORE_CTX *ctx);
-static int check_cert(X509_STORE_CTX *ctx);
-static int internal_verify(X509_STORE_CTX *ctx);
-const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
-
-
-static int null_callback(int ok, X509_STORE_CTX *e)
-	{
-	return ok;
-	}
-
-#if 0
-static int x509_subject_cmp(X509 **a, X509 **b)
-	{
-	return X509_subject_name_cmp(*a,*b);
-	}
-#endif
-
-int X509_verify_cert(X509_STORE_CTX *ctx)
-	{
-	X509 *x,*xtmp,*chain_ss=NULL;
-	X509_NAME *xn;
-	int depth,i,ok=0;
-	int num;
-	int (*cb)();
-	STACK_OF(X509) *sktmp=NULL;
-
-	if (ctx->cert == NULL)
-		{
-		X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
-		return -1;
-		}
-
-	cb=ctx->verify_cb;
-
-	/* first we make sure the chain we are going to build is
-	 * present and that the first entry is in place */
-	if (ctx->chain == NULL)
-		{
-		if (	((ctx->chain=sk_X509_new_null()) == NULL) ||
-			(!sk_X509_push(ctx->chain,ctx->cert)))
-			{
-			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
-			goto end;
-			}
-		CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
-		ctx->last_untrusted=1;
-		}
-
-	/* We use a temporary STACK so we can chop and hack at it */
-	if (ctx->untrusted != NULL
-	    && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
-		{
-		X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
-		goto end;
-		}
-
-	num=sk_X509_num(ctx->chain);
-	x=sk_X509_value(ctx->chain,num-1);
-	depth=ctx->depth;
-
-
-	for (;;)
-		{
-		/* If we have enough, we break */
-		if (depth < num) break; /* FIXME: If this happens, we should take
-		                         * note of it and, if appropriate, use the
-		                         * X509_V_ERR_CERT_CHAIN_TOO_LONG error
-		                         * code later.
-		                         */
-
-		/* If we are self signed, we break */
-		xn=X509_get_issuer_name(x);
-		if (ctx->check_issued(ctx, x,x)) break;
-
-		/* If we were passed a cert chain, use it first */
-		if (ctx->untrusted != NULL)
-			{
-			xtmp=find_issuer(ctx, sktmp,x);
-			if (xtmp != NULL)
-				{
-				if (!sk_X509_push(ctx->chain,xtmp))
-					{
-					X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
-					goto end;
-					}
-				CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
-				sk_X509_delete_ptr(sktmp,xtmp);
-				ctx->last_untrusted++;
-				x=xtmp;
-				num++;
-				/* reparse the full chain for
-				 * the next one */
-				continue;
-				}
-			}
-		break;
-		}
-
-	/* at this point, chain should contain a list of untrusted
-	 * certificates.  We now need to add at least one trusted one,
-	 * if possible, otherwise we complain. */
-
-	/* Examine last certificate in chain and see if it
- 	 * is self signed.
- 	 */
-
-	i=sk_X509_num(ctx->chain);
-	x=sk_X509_value(ctx->chain,i-1);
-	xn = X509_get_subject_name(x);
-	if (ctx->check_issued(ctx, x, x))
-		{
-		/* we have a self signed certificate */
-		if (sk_X509_num(ctx->chain) == 1)
-			{
-			/* We have a single self signed certificate: see if
-			 * we can find it in the store. We must have an exact
-			 * match to avoid possible impersonation.
-			 */
-			ok = ctx->get_issuer(&xtmp, ctx, x);
-			if ((ok <= 0) || X509_cmp(x, xtmp)) 
-				{
-				ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
-				ctx->current_cert=x;
-				ctx->error_depth=i-1;
-				if (ok == 1) X509_free(xtmp);
-				ok=cb(0,ctx);
-				if (!ok) goto end;
-				}
-			else 
-				{
-				/* We have a match: replace certificate with store version
-				 * so we get any trust settings.
-				 */
-				X509_free(x);
-				x = xtmp;
-				sk_X509_set(ctx->chain, i - 1, x);
-				ctx->last_untrusted=0;
-				}
-			}
-		else
-			{
-			/* extract and save self signed certificate for later use */
-			chain_ss=sk_X509_pop(ctx->chain);
-			ctx->last_untrusted--;
-			num--;
-			x=sk_X509_value(ctx->chain,num-1);
-			}
-		}
-
-	/* We now lookup certs from the certificate store */
-	for (;;)
-		{
-		/* If we have enough, we break */
-		if (depth < num) break;
-
-		/* If we are self signed, we break */
-		xn=X509_get_issuer_name(x);
-		if (ctx->check_issued(ctx,x,x)) break;
-
-		ok = ctx->get_issuer(&xtmp, ctx, x);
-
-		if (ok < 0) return ok;
-		if (ok == 0) break;
-
-		x = xtmp;
-		if (!sk_X509_push(ctx->chain,x))
-			{
-			X509_free(xtmp);
-			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
-			return 0;
-			}
-		num++;
-		}
-
-	/* we now have our chain, lets check it... */
-	xn=X509_get_issuer_name(x);
-
-	/* Is last certificate looked up self signed? */
-	if (!ctx->check_issued(ctx,x,x))
-		{
-		if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
-			{
-			if (ctx->last_untrusted >= num)
-				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
-			else
-				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
-			ctx->current_cert=x;
-			}
-		else
-			{
-
-			sk_X509_push(ctx->chain,chain_ss);
-			num++;
-			ctx->last_untrusted=num;
-			ctx->current_cert=chain_ss;
-			ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
-			chain_ss=NULL;
-			}
-
-		ctx->error_depth=num-1;
-		ok=cb(0,ctx);
-		if (!ok) goto end;
-		}
-
-	/* We have the chain complete: now we need to check its purpose */
-	if (ctx->purpose > 0) ok = check_chain_purpose(ctx);
-
-	if (!ok) goto end;
-
-	/* The chain extensions are OK: check trust */
-
-	if (ctx->trust > 0) ok = check_trust(ctx);
-
-	if (!ok) goto end;
-
-	/* We may as well copy down any DSA parameters that are required */
-	X509_get_pubkey_parameters(NULL,ctx->chain);
-
-	/* Check revocation status: we do this after copying parameters
-	 * because they may be needed for CRL signature verification.
-	 */
-
-	ok = ctx->check_revocation(ctx);
-	if(!ok) goto end;
-
-	/* At this point, we have a chain and just need to verify it */
-	if (ctx->verify != NULL)
-		ok=ctx->verify(ctx);
-	else
-		ok=internal_verify(ctx);
-	if (0)
-		{
-end:
-		X509_get_pubkey_parameters(NULL,ctx->chain);
-		}
-	if (sktmp != NULL) sk_X509_free(sktmp);
-	if (chain_ss != NULL) X509_free(chain_ss);
-	return ok;
-	}
-
-
-/* Given a STACK_OF(X509) find the issuer of cert (if any)
- */
-
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
-{
-	int i;
-	X509 *issuer;
-	for (i = 0; i < sk_X509_num(sk); i++)
-		{
-		issuer = sk_X509_value(sk, i);
-		if (ctx->check_issued(ctx, x, issuer))
-			return issuer;
-		}
-	return NULL;
-}
-
-/* Given a possible certificate and issuer check them */
-
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
-{
-	int ret;
-	ret = X509_check_issued(issuer, x);
-	if (ret == X509_V_OK)
-		return 1;
-	/* If we haven't asked for issuer errors don't set ctx */
-	if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
-		return 0;
-
-	ctx->error = ret;
-	ctx->current_cert = x;
-	ctx->current_issuer = issuer;
-	return ctx->verify_cb(0, ctx);
-	return 0;
-}
-
-/* Alternative lookup method: look from a STACK stored in other_ctx */
-
-static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-	*issuer = find_issuer(ctx, ctx->other_ctx, x);
-	if (*issuer)
-		{
-		CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
-		return 1;
-		}
-	else
-		return 0;
-}
-	
-
-/* Check a certificate chains extensions for consistency
- * with the supplied purpose
- */
-
-static int check_chain_purpose(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
-	return 1;
-#else
-	int i, ok=0;
-	X509 *x;
-	int (*cb)();
-	cb=ctx->verify_cb;
-	/* Check all untrusted certificates */
-	for (i = 0; i < ctx->last_untrusted; i++)
-		{
-		x = sk_X509_value(ctx->chain, i);
-		if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
-			&& (x->ex_flags & EXFLAG_CRITICAL))
-			{
-			ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok=cb(0,ctx);
-			if (!ok) goto end;
-			}
-		if (!X509_check_purpose(x, ctx->purpose, i))
-			{
-			if (i)
-				ctx->error = X509_V_ERR_INVALID_CA;
-			else
-				ctx->error = X509_V_ERR_INVALID_PURPOSE;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok=cb(0,ctx);
-			if (!ok) goto end;
-			}
-		/* Check pathlen */
-		if ((i > 1) && (x->ex_pathlen != -1)
-			   && (i > (x->ex_pathlen + 1)))
-			{
-			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok=cb(0,ctx);
-			if (!ok) goto end;
-			}
-		}
-	ok = 1;
- end:
-	return ok;
-#endif
-}
-
-static int check_trust(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
-	return 1;
-#else
-	int i, ok;
-	X509 *x;
-	int (*cb)();
-	cb=ctx->verify_cb;
-/* For now just check the last certificate in the chain */
-	i = sk_X509_num(ctx->chain) - 1;
-	x = sk_X509_value(ctx->chain, i);
-	ok = X509_check_trust(x, ctx->trust, 0);
-	if (ok == X509_TRUST_TRUSTED)
-		return 1;
-	ctx->error_depth = i;
-	ctx->current_cert = x;
-	if (ok == X509_TRUST_REJECTED)
-		ctx->error = X509_V_ERR_CERT_REJECTED;
-	else
-		ctx->error = X509_V_ERR_CERT_UNTRUSTED;
-	ok = cb(0, ctx);
-	return ok;
-#endif
-}
-
-static int check_revocation(X509_STORE_CTX *ctx)
-	{
-	int i, last, ok;
-	if (!(ctx->flags & X509_V_FLAG_CRL_CHECK))
-		return 1;
-	if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL)
-		last = 0;
-	else
-		last = sk_X509_num(ctx->chain) - 1;
-	for(i = 0; i <= last; i++)
-		{
-		ctx->error_depth = i;
-		ok = check_cert(ctx);
-		if (!ok) return ok;
-		}
-	return 1;
-	}
-
-static int check_cert(X509_STORE_CTX *ctx)
-	{
-	X509_CRL *crl = NULL;
-	X509 *x;
-	int ok, cnum;
-	cnum = ctx->error_depth;
-	x = sk_X509_value(ctx->chain, cnum);
-	ctx->current_cert = x;
-	/* Try to retrieve relevant CRL */
-	ok = ctx->get_crl(ctx, &crl, x);
-	/* If error looking up CRL, nothing we can do except
-	 * notify callback
-	 */
-	if(!ok)
-		{
-		ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-		ok = ctx->verify_cb(0, ctx);
-		goto err;
-		}
-	ctx->current_crl = crl;
-	ok = ctx->check_crl(ctx, crl);
-	if (!ok) goto err;
-	ok = ctx->cert_crl(ctx, crl, x);
-	err:
-	ctx->current_crl = NULL;
-	X509_CRL_free(crl);
-	return ok;
-
-	}
-
-/* Retrieve CRL corresponding to certificate: currently just a
- * subject lookup: maybe use AKID later...
- * Also might look up any included CRLs too (e.g PKCS#7 signedData).
- */
-static int get_crl(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x)
-	{
-	int ok;
-	X509_OBJECT xobj;
-	ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, X509_get_issuer_name(x), &xobj);
-	if (!ok) return 0;
-	*crl = xobj.data.crl;
-	return 1;
-	}
-
-/* Check CRL validity */
-static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
-	{
-	X509 *issuer = NULL;
-	EVP_PKEY *ikey = NULL;
-	int ok = 0, chnum, cnum, i;
-	time_t *ptime;
-	cnum = ctx->error_depth;
-	chnum = sk_X509_num(ctx->chain) - 1;
-	/* Find CRL issuer: if not last certificate then issuer
-	 * is next certificate in chain.
-	 */
-	if(cnum < chnum)
-		issuer = sk_X509_value(ctx->chain, cnum + 1);
-	else
-		{
-		issuer = sk_X509_value(ctx->chain, chnum);
-		/* If not self signed, can't check signature */
-		if(!ctx->check_issued(ctx, issuer, issuer))
-			{
-			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
-			ok = ctx->verify_cb(0, ctx);
-			if(!ok) goto err;
-			}
-		}
-
-	if(issuer)
-		{
-
-		/* Attempt to get issuer certificate public key */
-		ikey = X509_get_pubkey(issuer);
-
-		if(!ikey)
-			{
-			ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-			ok = ctx->verify_cb(0, ctx);
-			if (!ok) goto err;
-			}
-		else
-			{
-			/* Verify CRL signature */
-			if(X509_CRL_verify(crl, ikey) <= 0)
-				{
-				ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE;
-				ok = ctx->verify_cb(0, ctx);
-				if (!ok) goto err;
-				}
-			}
-		}
-
-	/* OK, CRL signature valid check times */
-	if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
-		ptime = &ctx->check_time;
-	else
-		ptime = NULL;
-
-	i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
-	if (i == 0)
-		{
-		ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
-		ok = ctx->verify_cb(0, ctx);
-		if (!ok) goto err;
-		}
-
-	if (i > 0)
-		{
-		ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
-		ok = ctx->verify_cb(0, ctx);
-		if (!ok) goto err;
-		}
-
-	if(X509_CRL_get_nextUpdate(crl))
-		{
-		i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
-
-		if (i == 0)
-			{
-			ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
-			ok = ctx->verify_cb(0, ctx);
-			if (!ok) goto err;
-			}
-
-		if (i < 0)
-			{
-			ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
-			ok = ctx->verify_cb(0, ctx);
-			if (!ok) goto err;
-			}
-		}
-
-	ok = 1;
-
-	err:
-	EVP_PKEY_free(ikey);
-	return ok;
-	}
-
-/* Check certificate against CRL */
-static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
-	{
-	int idx, ok;
-	X509_REVOKED rtmp;
-	/* Look for serial number of certificate in CRL */
-	rtmp.serialNumber = X509_get_serialNumber(x);
-	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
-	/* Not found: OK */
-	if(idx == -1) return 1;
-	/* Otherwise revoked: want something cleverer than
-	 * this to handle entry extensions in V2 CRLs.
-	 */
-	ctx->error = X509_V_ERR_CERT_REVOKED;
-	ok = ctx->verify_cb(0, ctx);
-	return ok;
-	}
-
-static int internal_verify(X509_STORE_CTX *ctx)
-	{
-	int i,ok=0,n;
-	X509 *xs,*xi;
-	EVP_PKEY *pkey=NULL;
-	time_t *ptime;
-	int (*cb)();
-
-	cb=ctx->verify_cb;
-
-	n=sk_X509_num(ctx->chain);
-	ctx->error_depth=n-1;
-	n--;
-	xi=sk_X509_value(ctx->chain,n);
-	if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
-		ptime = &ctx->check_time;
-	else
-		ptime = NULL;
-	if (ctx->check_issued(ctx, xi, xi))
-		xs=xi;
-	else
-		{
-		if (n <= 0)
-			{
-			ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
-			ctx->current_cert=xi;
-			ok=cb(0,ctx);
-			goto end;
-			}
-		else
-			{
-			n--;
-			ctx->error_depth=n;
-			xs=sk_X509_value(ctx->chain,n);
-			}
-		}
-
-/*	ctx->error=0;  not needed */
-	while (n >= 0)
-		{
-		ctx->error_depth=n;
-		if (!xs->valid)
-			{
-			if ((pkey=X509_get_pubkey(xi)) == NULL)
-				{
-				ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-				ctx->current_cert=xi;
-				ok=(*cb)(0,ctx);
-				if (!ok) goto end;
-				}
-			if (X509_verify(xs,pkey) <= 0)
-				/* XXX  For the final trusted self-signed cert,
-				 * this is a waste of time.  That check should
-				 * optional so that e.g. 'openssl x509' can be
-				 * used to detect invalid self-signatures, but
-				 * we don't verify again and again in SSL
-				 * handshakes and the like once the cert has
-				 * been declared trusted. */
-				{
-				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
-				ctx->current_cert=xs;
-				ok=(*cb)(0,ctx);
-				if (!ok)
-					{
-					EVP_PKEY_free(pkey);
-					goto end;
-					}
-				}
-			EVP_PKEY_free(pkey);
-			pkey=NULL;
-
-			i=X509_cmp_time(X509_get_notBefore(xs), ptime);
-			if (i == 0)
-				{
-				ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
-				ctx->current_cert=xs;
-				ok=(*cb)(0,ctx);
-				if (!ok) goto end;
-				}
-			if (i > 0)
-				{
-				ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
-				ctx->current_cert=xs;
-				ok=(*cb)(0,ctx);
-				if (!ok) goto end;
-				}
-			xs->valid=1;
-			}
-
-		i=X509_cmp_time(X509_get_notAfter(xs), ptime);
-		if (i == 0)
-			{
-			ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
-			ctx->current_cert=xs;
-			ok=(*cb)(0,ctx);
-			if (!ok) goto end;
-			}
-
-		if (i < 0)
-			{
-			ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
-			ctx->current_cert=xs;
-			ok=(*cb)(0,ctx);
-			if (!ok) goto end;
-			}
-
-		/* The last error (if any) is still in the error value */
-		ctx->current_cert=xs;
-		ok=(*cb)(1,ctx);
-		if (!ok) goto end;
-
-		n--;
-		if (n >= 0)
-			{
-			xi=xs;
-			xs=sk_X509_value(ctx->chain,n);
-			}
-		}
-	ok=1;
-end:
-	return ok;
-	}
-
-int X509_cmp_current_time(ASN1_TIME *ctm)
-{
-	return X509_cmp_time(ctm, NULL);
-}
-
-int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
-	{
-	char *str;
-	ASN1_TIME atm;
-	long offset;
-	char buff1[24],buff2[24],*p;
-	int i,j;
-
-	p=buff1;
-	i=ctm->length;
-	str=(char *)ctm->data;
-	if (ctm->type == V_ASN1_UTCTIME)
-		{
-		if ((i < 11) || (i > 17)) return 0;
-		memcpy(p,str,10);
-		p+=10;
-		str+=10;
-		}
-	else
-		{
-		if (i < 13) return 0;
-		memcpy(p,str,12);
-		p+=12;
-		str+=12;
-		}
-
-	if ((*str == 'Z') || (*str == '-') || (*str == '+'))
-		{ *(p++)='0'; *(p++)='0'; }
-	else
-		{ 
-		*(p++)= *(str++);
-		*(p++)= *(str++);
-		/* Skip any fractional seconds... */
-		if (*str == '.')
-			{
-			str++;
-			while ((*str >= '0') && (*str <= '9')) str++;
-			}
-		
-		}
-	*(p++)='Z';
-	*(p++)='\0';
-
-	if (*str == 'Z')
-		offset=0;
-	else
-		{
-		if ((*str != '+') && (str[5] != '-'))
-			return 0;
-		offset=((str[1]-'0')*10+(str[2]-'0'))*60;
-		offset+=(str[3]-'0')*10+(str[4]-'0');
-		if (*str == '-')
-			offset= -offset;
-		}
-	atm.type=ctm->type;
-	atm.length=sizeof(buff2);
-	atm.data=(unsigned char *)buff2;
-
-	X509_time_adj(&atm,-offset*60, cmp_time);
-
-	if (ctm->type == V_ASN1_UTCTIME)
-		{
-		i=(buff1[0]-'0')*10+(buff1[1]-'0');
-		if (i < 50) i+=100; /* cf. RFC 2459 */
-		j=(buff2[0]-'0')*10+(buff2[1]-'0');
-		if (j < 50) j+=100;
-
-		if (i < j) return -1;
-		if (i > j) return 1;
-		}
-	i=strcmp(buff1,buff2);
-	if (i == 0) /* wait a second then return younger :-) */
-		return -1;
-	else
-		return i;
-	}
-
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
-{
-	return X509_time_adj(s, adj, NULL);
-}
-
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
-	{
-	time_t t;
-	int type = -1;
-
-	if (in_tm) t = *in_tm;
-	else time(&t);
-
-	t+=adj;
-	if (s) type = s->type;
-	if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
-	if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t);
-	return ASN1_TIME_set(s, t);
-	}
-
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
-	{
-	EVP_PKEY *ktmp=NULL,*ktmp2;
-	int i,j;
-
-	if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
-
-	for (i=0; i<sk_X509_num(chain); i++)
-		{
-		ktmp=X509_get_pubkey(sk_X509_value(chain,i));
-		if (ktmp == NULL)
-			{
-			X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
-			return 0;
-			}
-		if (!EVP_PKEY_missing_parameters(ktmp))
-			break;
-		else
-			{
-			EVP_PKEY_free(ktmp);
-			ktmp=NULL;
-			}
-		}
-	if (ktmp == NULL)
-		{
-		X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
-		return 0;
-		}
-
-	/* first, populate the other certs */
-	for (j=i-1; j >= 0; j--)
-		{
-		ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
-		EVP_PKEY_copy_parameters(ktmp2,ktmp);
-		EVP_PKEY_free(ktmp2);
-		}
-	
-	if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
-	EVP_PKEY_free(ktmp);
-	return 1;
-	}
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-	{
-	/* This function is (usually) called only once, by
-	 * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
-			new_func, dup_func, free_func);
-	}
-
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
-	{
-	return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
-	}
-
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
-	{
-	return CRYPTO_get_ex_data(&ctx->ex_data,idx);
-	}
-
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
-	{
-	return ctx->error;
-	}
-
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
-	{
-	ctx->error=err;
-	}
-
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
-	{
-	return ctx->error_depth;
-	}
-
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
-	{
-	return ctx->current_cert;
-	}
-
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
-	{
-	return ctx->chain;
-	}
-
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
-	{
-	int i;
-	X509 *x;
-	STACK_OF(X509) *chain;
-	if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
-	for (i = 0; i < sk_X509_num(chain); i++)
-		{
-		x = sk_X509_value(chain, i);
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-		}
-	return chain;
-	}
-
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
-	{
-	ctx->cert=x;
-	}
-
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-	{
-	ctx->untrusted=sk;
-	}
-
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
-	{
-	return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
-	}
-
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
-	{
-	return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
-	}
-
-/* This function is used to set the X509_STORE_CTX purpose and trust
- * values. This is intended to be used when another structure has its
- * own trust and purpose values which (if set) will be inherited by
- * the ctx. If they aren't set then we will usually have a default
- * purpose in mind which should then be used to set the trust value.
- * An example of this is SSL use: an SSL structure will have its own
- * purpose and trust settings which the application can set: if they
- * aren't set then we use the default of SSL client/server.
- */
-
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-				int purpose, int trust)
-{
-	int idx;
-	/* If purpose not set use default */
-	if (!purpose) purpose = def_purpose;
-	/* If we have a purpose then check it is valid */
-	if (purpose)
-		{
-		X509_PURPOSE *ptmp;
-		idx = X509_PURPOSE_get_by_id(purpose);
-		if (idx == -1)
-			{
-			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-						X509_R_UNKNOWN_PURPOSE_ID);
-			return 0;
-			}
-		ptmp = X509_PURPOSE_get0(idx);
-		if (ptmp->trust == X509_TRUST_DEFAULT)
-			{
-			idx = X509_PURPOSE_get_by_id(def_purpose);
-			if (idx == -1)
-				{
-				X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-						X509_R_UNKNOWN_PURPOSE_ID);
-				return 0;
-				}
-			ptmp = X509_PURPOSE_get0(idx);
-			}
-		/* If trust not set then get from purpose default */
-		if (!trust) trust = ptmp->trust;
-		}
-	if (trust)
-		{
-		idx = X509_TRUST_get_by_id(trust);
-		if (idx == -1)
-			{
-			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-						X509_R_UNKNOWN_TRUST_ID);
-			return 0;
-			}
-		}
-
-	if (purpose && !ctx->purpose) ctx->purpose = purpose;
-	if (trust && !ctx->trust) ctx->trust = trust;
-	return 1;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_new(void)
-{
-	X509_STORE_CTX *ctx;
-	ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
-	if (!ctx)
-		{
-		X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-	memset(ctx, 0, sizeof(X509_STORE_CTX));
-	return ctx;
-}
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
-{
-	X509_STORE_CTX_cleanup(ctx);
-	OPENSSL_free(ctx);
-}
-
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
-	     STACK_OF(X509) *chain)
-	{
-	ctx->ctx=store;
-	ctx->current_method=0;
-	ctx->cert=x509;
-	ctx->untrusted=chain;
-	ctx->last_untrusted=0;
-	ctx->check_time=0;
-	ctx->other_ctx=NULL;
-	ctx->valid=0;
-	ctx->chain=NULL;
-	ctx->depth=9;
-	ctx->error=0;
-	ctx->error_depth=0;
-	ctx->current_cert=NULL;
-	ctx->current_issuer=NULL;
-
-	/* Inherit callbacks and flags from X509_STORE if not set
-	 * use defaults.
-	 */
-
-
-	if (store)
-		{
-		ctx->purpose=store->purpose;
-		ctx->trust=store->trust;
-		ctx->flags = store->flags;
-		ctx->cleanup = store->cleanup;
-		}
-	else
-		{
-		ctx->purpose = 0;
-		ctx->trust = 0;
-		ctx->flags = 0;
-		ctx->cleanup = 0;
-		}
-
-	if (store && store->check_issued)
-		ctx->check_issued = store->check_issued;
-	else
-		ctx->check_issued = check_issued;
-
-	if (store && store->get_issuer)
-		ctx->get_issuer = store->get_issuer;
-	else
-		ctx->get_issuer = X509_STORE_CTX_get1_issuer;
-
-	if (store && store->verify_cb)
-		ctx->verify_cb = store->verify_cb;
-	else
-		ctx->verify_cb = null_callback;
-
-	if (store && store->verify)
-		ctx->verify = store->verify;
-	else
-		ctx->verify = internal_verify;
-
-	if (store && store->check_revocation)
-		ctx->check_revocation = store->check_revocation;
-	else
-		ctx->check_revocation = check_revocation;
-
-	if (store && store->get_crl)
-		ctx->get_crl = store->get_crl;
-	else
-		ctx->get_crl = get_crl;
-
-	if (store && store->check_crl)
-		ctx->check_crl = store->check_crl;
-	else
-		ctx->check_crl = check_crl;
-
-	if (store && store->cert_crl)
-		ctx->cert_crl = store->cert_crl;
-	else
-		ctx->cert_crl = cert_crl;
-
-
-	/* This memset() can't make any sense anyway, so it's removed. As
-	 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
-	 * corresponding "new" here and remove this bogus initialisation. */
-	/* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
-	if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
-				&(ctx->ex_data)))
-		{
-		OPENSSL_free(ctx);
-		X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-	return 1;
-	}
-
-/* Set alternative lookup method: just a STACK of trusted certificates.
- * This avoids X509_STORE nastiness where it isn't needed.
- */
-
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
-	ctx->other_ctx = sk;
-	ctx->get_issuer = get_issuer_sk;
-}
-
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
-	{
-	if (ctx->cleanup) ctx->cleanup(ctx);
-	if (ctx->chain != NULL)
-		{
-		sk_X509_pop_free(ctx->chain,X509_free);
-		ctx->chain=NULL;
-		}
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
-	memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
-	}
-
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
-	{
-	ctx->flags |= flags;
-	}
-
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
-	{
-	ctx->check_time = t;
-	ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
-	}
-
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-				  int (*verify_cb)(int, X509_STORE_CTX *))
-	{
-	ctx->verify_cb=verify_cb;
-	}
-
-IMPLEMENT_STACK_OF(X509)
-IMPLEMENT_ASN1_SET_OF(X509)
-
-IMPLEMENT_STACK_OF(X509_NAME)
-
-IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
-IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/crypto/openssl/crypto/x509/x509_vfy.h b/crypto/openssl/crypto/x509/x509_vfy.h
deleted file mode 100644
index f0be21f4525c..000000000000
--- a/crypto/openssl/crypto/x509/x509_vfy.h
+++ /dev/null
@@ -1,407 +0,0 @@
-/* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-#include <openssl/x509.h>
-/* openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment. */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-#define HEADER_X509_VFY_H
-
-#ifndef OPENSSL_NO_LHASH
-#include <openssl/lhash.h>
-#endif
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Outer object */
-typedef struct x509_hash_dir_st
-	{
-	int num_dirs;
-	char **dirs;
-	int *dirs_type;
-	int num_dirs_alloced;
-	} X509_HASH_DIR_CTX;
-
-typedef struct x509_file_st
-	{
-	int num_paths;	/* number of paths to files or directories */
-	int num_alloced;
-	char **paths;	/* the list of paths or directories */
-	int *path_type;
-	} X509_CERT_FILE_CTX;
-
-/*******************************/
-/*
-SSL_CTX -> X509_STORE    
-		-> X509_LOOKUP
-			->X509_LOOKUP_METHOD
-		-> X509_LOOKUP
-			->X509_LOOKUP_METHOD
- 
-SSL	-> X509_STORE_CTX
-		->X509_STORE    
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-#define X509_LU_RETRY		-1
-#define X509_LU_FAIL		0
-#define X509_LU_X509		1
-#define X509_LU_CRL		2
-#define X509_LU_PKEY		3
-
-typedef struct x509_object_st
-	{
-	/* one of the above types */
-	int type;
-	union	{
-		char *ptr;
-		X509 *x509;
-		X509_CRL *crl;
-		EVP_PKEY *pkey;
-		} data;
-	} X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st
-	{
-	const char *name;
-	int (*new_item)(X509_LOOKUP *ctx);
-	void (*free)(X509_LOOKUP *ctx);
-	int (*init)(X509_LOOKUP *ctx);
-	int (*shutdown)(X509_LOOKUP *ctx);
-	int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
-			char **ret);
-	int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
-			      X509_OBJECT *ret);
-	int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
-				    ASN1_INTEGER *serial,X509_OBJECT *ret);
-	int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
-				  unsigned char *bytes,int len,
-				  X509_OBJECT *ret);
-	int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
-			    X509_OBJECT *ret);
-	} X509_LOOKUP_METHOD;
-
-/* This is used to hold everything.  It is used for all certificate
- * validation.  Once we have a certificate chain, the 'verify'
- * function is then called to actually check the cert chain. */
-struct x509_store_st
-	{
-	/* The following is a cache of trusted certs */
-	int cache; 	/* if true, stash any hits */
-	STACK_OF(X509_OBJECT) *objs;	/* Cache of all objects */
-
-	/* These are external lookup methods */
-	STACK_OF(X509_LOOKUP) *get_cert_methods;
-
-	/* The following fields are not used by X509_STORE but are
-         * inherited by X509_STORE_CTX when it is initialised.
-	 */
-
-	unsigned long flags;	/* Various verify flags */
-	int purpose;
-	int trust;
-	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);	/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
-	int (*cleanup)(X509_STORE_CTX *ctx);
-
-	CRYPTO_EX_DATA ex_data;
-	int references;
-	int depth;		/* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
-	} /* X509_STORE */;
-
-#define X509_STORE_set_depth(ctx,d)       ((ctx)->depth=(d))
-
-#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-#define X509_STORE_set_verify_func(ctx,func)	((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st
-	{
-	int init;			/* have we been started */
-	int skip;			/* don't use us. */
-	X509_LOOKUP_METHOD *method;	/* the functions */
-	char *method_data;		/* method data */
-
-	X509_STORE *store_ctx;	/* who owns us */
-	} /* X509_LOOKUP */;
-
-/* This is a used when verifying cert chains.  Since the
- * gathering of the cert chain can take some time (and have to be
- * 'retried', this needs to be kept and passed around. */
-struct x509_store_ctx_st      /* X509_STORE_CTX */
-	{
-	X509_STORE *ctx;
-	int current_method;	/* used when looking up certs */
-
-	/* The following are set by the caller */
-	X509 *cert;		/* The cert to check */
-	STACK_OF(X509) *untrusted;	/* chain of X509s - untrusted - passed in */
-	int purpose;		/* purpose to check untrusted certificates */
-	int trust;		/* trust setting to check */
-	time_t	check_time;	/* time to make verify at */
-	unsigned long flags;	/* Various verify flags */
-	void *other_ctx;	/* Other info for use with get_issuer() */
-
-	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);		/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
-	int (*cleanup)(X509_STORE_CTX *ctx);
-
-	/* The following is built up */
-	int depth;		/* how far to go looking up certs */
-	int valid;		/* if 0, rebuild chain */
-	int last_untrusted;	/* index of last untrusted cert */
-	STACK_OF(X509) *chain; 		/* chain of X509s - built up and trusted */
-
-	/* When something goes wrong, this is why */
-	int error_depth;
-	int error;
-	X509 *current_cert;
-	X509 *current_issuer;	/* cert currently being tested as valid issuer */
-	X509_CRL *current_crl;	/* current CRL */
-
-	CRYPTO_EX_DATA ex_data;
-	} /* X509_STORE_CTX */;
-
-#define X509_STORE_CTX_set_depth(ctx,d)       ((ctx)->depth=(d))
-
-#define X509_STORE_CTX_set_app_data(ctx,data) \
-	X509_STORE_CTX_set_ex_data(ctx,0,data)
-#define X509_STORE_CTX_get_app_data(ctx) \
-	X509_STORE_CTX_get_ex_data(ctx,0)
-
-#define X509_L_FILE_LOAD	1
-#define X509_L_ADD_DIR		2
-
-#define X509_LOOKUP_load_file(x,name,type) \
-		X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-#define X509_LOOKUP_add_dir(x,name,type) \
-		X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-#define		X509_V_OK					0
-/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
-
-#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT		2
-#define		X509_V_ERR_UNABLE_TO_GET_CRL			3
-#define		X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE	4
-#define		X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE	5
-#define		X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY	6
-#define		X509_V_ERR_CERT_SIGNATURE_FAILURE		7
-#define		X509_V_ERR_CRL_SIGNATURE_FAILURE		8
-#define		X509_V_ERR_CERT_NOT_YET_VALID			9	
-#define		X509_V_ERR_CERT_HAS_EXPIRED			10
-#define		X509_V_ERR_CRL_NOT_YET_VALID			11
-#define		X509_V_ERR_CRL_HAS_EXPIRED			12
-#define		X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD	13
-#define		X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD	14
-#define		X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD	15
-#define		X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD	16
-#define		X509_V_ERR_OUT_OF_MEM				17
-#define		X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT		18
-#define		X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN		19
-#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY	20
-#define		X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE	21
-#define		X509_V_ERR_CERT_CHAIN_TOO_LONG			22
-#define		X509_V_ERR_CERT_REVOKED				23
-#define		X509_V_ERR_INVALID_CA				24
-#define		X509_V_ERR_PATH_LENGTH_EXCEEDED			25
-#define		X509_V_ERR_INVALID_PURPOSE			26
-#define		X509_V_ERR_CERT_UNTRUSTED			27
-#define		X509_V_ERR_CERT_REJECTED			28
-/* These are 'informational' when looking for issuer cert */
-#define		X509_V_ERR_SUBJECT_ISSUER_MISMATCH		29
-#define		X509_V_ERR_AKID_SKID_MISMATCH			30
-#define		X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH		31
-#define		X509_V_ERR_KEYUSAGE_NO_CERTSIGN			32
-
-#define		X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER		33
-#define		X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION		34
-
-/* The application is not happy */
-#define		X509_V_ERR_APPLICATION_VERIFICATION		50
-
-/* Certificate verify flags */
-
-#define	X509_V_FLAG_CB_ISSUER_CHECK		0x1	/* Send issuer+subject checks to verify_cb */
-#define	X509_V_FLAG_USE_CHECK_TIME		0x2	/* Use check time instead of current time */
-#define	X509_V_FLAG_CRL_CHECK			0x4	/* Lookup CRLs */
-#define	X509_V_FLAG_CRL_CHECK_ALL		0x8	/* Lookup CRLs for whole chain */
-#define	X509_V_FLAG_IGNORE_CRITICAL		0x10	/* Ignore unhandled critical extensions */
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-	     X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void );
-void X509_STORE_free(X509_STORE *v);
-
-void X509_STORE_set_flags(X509_STORE *ctx, long flags);
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
-int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
-			 X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
-	X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-	long argl, char **ret);
-
-#ifndef OPENSSL_NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-#endif
-
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-	unsigned char *bytes, int len, X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
-	int len, X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-#ifndef OPENSSL_NO_STDIO
-int	X509_STORE_load_locations (X509_STORE *ctx,
-		const char *file, const char *dir);
-int	X509_STORE_set_default_paths(X509_STORE *ctx);
-#endif
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int	X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
-void *	X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
-int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
-int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void	X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
-void	X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-				int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-				  int (*verify_cb)(int, X509_STORE_CTX *));
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/crypto/x509/x509cset.c b/crypto/openssl/crypto/x509/x509cset.c
deleted file mode 100644
index 6cac440ea936..000000000000
--- a/crypto/openssl/crypto/x509/x509cset.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* crypto/x509/x509cset.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_CRL_set_version(X509_CRL *x, long version)
-	{
-	if (x == NULL) return(0);
-	if (x->crl->version == NULL)
-		{
-		if ((x->crl->version=M_ASN1_INTEGER_new()) == NULL)
-			return(0);
-		}
-	return(ASN1_INTEGER_set(x->crl->version,version));
-	}
-
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
-	{
-	if ((x == NULL) || (x->crl == NULL)) return(0);
-	return(X509_NAME_set(&x->crl->issuer,name));
-	}
-
-
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm)
-	{
-	ASN1_TIME *in;
-
-	if (x == NULL) return(0);
-	in=x->crl->lastUpdate;
-	if (in != tm)
-		{
-		in=M_ASN1_TIME_dup(tm);
-		if (in != NULL)
-			{
-			M_ASN1_TIME_free(x->crl->lastUpdate);
-			x->crl->lastUpdate=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm)
-	{
-	ASN1_TIME *in;
-
-	if (x == NULL) return(0);
-	in=x->crl->nextUpdate;
-	if (in != tm)
-		{
-		in=M_ASN1_TIME_dup(tm);
-		if (in != NULL)
-			{
-			M_ASN1_TIME_free(x->crl->nextUpdate);
-			x->crl->nextUpdate=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_CRL_sort(X509_CRL *c)
-	{
-	int i;
-	X509_REVOKED *r;
-	/* sort the data so it will be written in serial
-	 * number order */
-	sk_X509_REVOKED_sort(c->crl->revoked);
-	for (i=0; i<sk_X509_REVOKED_num(c->crl->revoked); i++)
-		{
-		r=sk_X509_REVOKED_value(c->crl->revoked,i);
-		r->sequence=i;
-		}
-	return 1;
-	}
-
-int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
-	{
-	ASN1_TIME *in;
-
-	if (x == NULL) return(0);
-	in=x->revocationDate;
-	if (in != tm)
-		{
-		in=M_ASN1_TIME_dup(tm);
-		if (in != NULL)
-			{
-			M_ASN1_TIME_free(x->revocationDate);
-			x->revocationDate=in;
-			}
-		}
-	return(in != NULL);
-	}
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
-	{
-	ASN1_INTEGER *in;
-
-	if (x == NULL) return(0);
-	in=x->serialNumber;
-	if (in != serial)
-		{
-		in=M_ASN1_INTEGER_dup(serial);
-		if (in != NULL)
-			{
-			M_ASN1_INTEGER_free(x->serialNumber);
-			x->serialNumber=in;
-			}
-		}
-	return(in != NULL);
-	}
diff --git a/crypto/openssl/crypto/x509/x509name.c b/crypto/openssl/crypto/x509/x509name.c
deleted file mode 100644
index 4c20e03eced3..000000000000
--- a/crypto/openssl/crypto/x509/x509name.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/* crypto/x509/x509name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
-	{
-	ASN1_OBJECT *obj;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL) return(-1);
-	return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
-	}
-
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
-	     int len)
-	{
-	int i;
-	ASN1_STRING *data;
-
-	i=X509_NAME_get_index_by_OBJ(name,obj,-1);
-	if (i < 0) return(-1);
-	data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
-	i=(data->length > (len-1))?(len-1):data->length;
-	if (buf == NULL) return(data->length);
-	memcpy(buf,data->data,i);
-	buf[i]='\0';
-	return(i);
-	}
-
-int X509_NAME_entry_count(X509_NAME *name)
-	{
-	if (name == NULL) return(0);
-	return(sk_X509_NAME_ENTRY_num(name->entries));
-	}
-
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
-	{
-	ASN1_OBJECT *obj;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL) return(-2);
-	return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
-	}
-
-/* NOTE: you should be passsing -1, not 0 as lastpos */
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
-	     int lastpos)
-	{
-	int n;
-	X509_NAME_ENTRY *ne;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL) return(-1);
-	if (lastpos < 0)
-		lastpos= -1;
-	sk=name->entries;
-	n=sk_X509_NAME_ENTRY_num(sk);
-	for (lastpos++; lastpos < n; lastpos++)
-		{
-		ne=sk_X509_NAME_ENTRY_value(sk,lastpos);
-		if (OBJ_cmp(ne->object,obj) == 0)
-			return(lastpos);
-		}
-	return(-1);
-	}
-
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
-	{
-	if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
-	   || loc < 0)
-		return(NULL);
-	else
-		return(sk_X509_NAME_ENTRY_value(name->entries,loc));
-	}
-
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
-	{
-	X509_NAME_ENTRY *ret;
-	int i,n,set_prev,set_next;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
-	    || loc < 0)
-		return(NULL);
-	sk=name->entries;
-	ret=sk_X509_NAME_ENTRY_delete(sk,loc);
-	n=sk_X509_NAME_ENTRY_num(sk);
-	name->modified=1;
-	if (loc == n) return(ret);
-
-	/* else we need to fixup the set field */
-	if (loc != 0)
-		set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;
-	else
-		set_prev=ret->set-1;
-	set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;
-
-	/* set_prev is the previous set
-	 * set is the current set
-	 * set_next is the following
-	 * prev  1 1	1 1	1 1	1 1
-	 * set   1	1	2	2
-	 * next  1 1	2 2	2 2	3 2
-	 * so basically only if prev and next differ by 2, then
-	 * re-number down by 1 */
-	if (set_prev+1 < set_next)
-		for (i=loc; i<n; i++)
-			sk_X509_NAME_ENTRY_value(sk,i)->set--;
-	return(ret);
-	}
-
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-			unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-	ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
-	if(!ne) return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-			unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-	ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
-	if(!ne) return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
-			unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-	ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
-	if(!ne) return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-/* if set is -1, append to previous set, 0 'a new one', and 1,
- * prepend to the guy we are about to stomp on. */
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
-	     int set)
-	{
-	X509_NAME_ENTRY *new_name=NULL;
-	int n,i,inc;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL) return(0);
-	sk=name->entries;
-	n=sk_X509_NAME_ENTRY_num(sk);
-	if (loc > n) loc=n;
-	else if (loc < 0) loc=n;
-
-	name->modified=1;
-
-	if (set == -1)
-		{
-		if (loc == 0)
-			{
-			set=0;
-			inc=1;
-			}
-		else
-			{
-			set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;
-			inc=0;
-			}
-		}
-	else /* if (set >= 0) */
-		{
-		if (loc >= n)
-			{
-			if (loc != 0)
-				set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;
-			else
-				set=0;
-			}
-		else
-			set=sk_X509_NAME_ENTRY_value(sk,loc)->set;
-		inc=(set == 0)?1:0;
-		}
-
-	if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
-		goto err;
-	new_name->set=set;
-	if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))
-		{
-		X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	if (inc)
-		{
-		n=sk_X509_NAME_ENTRY_num(sk);
-		for (i=loc+1; i<n; i++)
-			sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;
-		}	
-	return(1);
-err:
-	if (new_name != NULL)
-		X509_NAME_ENTRY_free(new_name);
-	return(0);
-	}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-		char *field, int type, unsigned char *bytes, int len)
-	{
-	ASN1_OBJECT *obj;
-	X509_NAME_ENTRY *nentry;
-
-	obj=OBJ_txt2obj(field, 0);
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
-						X509_R_INVALID_FIELD_NAME);
-		ERR_add_error_data(2, "name=", field);
-		return(NULL);
-		}
-	nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
-	ASN1_OBJECT_free(obj);
-	return nentry;
-	}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-	     int type, unsigned char *bytes, int len)
-	{
-	ASN1_OBJECT *obj;
-	X509_NAME_ENTRY *nentry;
-
-	obj=OBJ_nid2obj(nid);
-	if (obj == NULL)
-		{
-		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
-		return(NULL);
-		}
-	nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
-	ASN1_OBJECT_free(obj);
-	return nentry;
-	}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-	     ASN1_OBJECT *obj, int type, unsigned char *bytes, int len)
-	{
-	X509_NAME_ENTRY *ret;
-
-	if ((ne == NULL) || (*ne == NULL))
-		{
-		if ((ret=X509_NAME_ENTRY_new()) == NULL)
-			return(NULL);
-		}
-	else
-		ret= *ne;
-
-	if (!X509_NAME_ENTRY_set_object(ret,obj))
-		goto err;
-	if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
-		goto err;
-
-	if ((ne != NULL) && (*ne == NULL)) *ne=ret;
-	return(ret);
-err:
-	if ((ne == NULL) || (ret != *ne))
-		X509_NAME_ENTRY_free(ret);
-	return(NULL);
-	}
-
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
-	{
-	if ((ne == NULL) || (obj == NULL))
-		{
-		X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	ASN1_OBJECT_free(ne->object);
-	ne->object=OBJ_dup(obj);
-	return((ne->object == NULL)?0:1);
-	}
-
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-	     unsigned char *bytes, int len)
-	{
-	int i;
-
-	if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
-	if((type > 0) && (type & MBSTRING_FLAG)) 
-		return ASN1_STRING_set_by_NID(&ne->value, bytes,
-						len, type,
-					OBJ_obj2nid(ne->object)) ? 1 : 0;
-	if (len < 0) len=strlen((char *)bytes);
-	i=ASN1_STRING_set(ne->value,bytes,len);
-	if (!i) return(0);
-	if (type != V_ASN1_UNDEF)
-		{
-		if (type == V_ASN1_APP_CHOOSE)
-			ne->value->type=ASN1_PRINTABLE_type(bytes,len);
-		else
-			ne->value->type=type;
-		}
-	return(1);
-	}
-
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
-	{
-	if (ne == NULL) return(NULL);
-	return(ne->object);
-	}
-
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
-	{
-	if (ne == NULL) return(NULL);
-	return(ne->value);
-	}
-
diff --git a/crypto/openssl/crypto/x509/x509rset.c b/crypto/openssl/crypto/x509/x509rset.c
deleted file mode 100644
index d9f6b573729e..000000000000
--- a/crypto/openssl/crypto/x509/x509rset.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/x509/x509rset.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_REQ_set_version(X509_REQ *x, long version)
-	{
-	if (x == NULL) return(0);
-	return(ASN1_INTEGER_set(x->req_info->version,version));
-	}
-
-int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
-	{
-	if ((x == NULL) || (x->req_info == NULL)) return(0);
-	return(X509_NAME_set(&x->req_info->subject,name));
-	}
-
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
-	{
-	if ((x == NULL) || (x->req_info == NULL)) return(0);
-	return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
-	}
-
diff --git a/crypto/openssl/crypto/x509/x509spki.c b/crypto/openssl/crypto/x509/x509spki.c
deleted file mode 100644
index 4c3af946ec73..000000000000
--- a/crypto/openssl/crypto/x509/x509spki.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* x509spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
-{
-	if ((x == NULL) || (x->spkac == NULL)) return(0);
-	return(X509_PUBKEY_set(&(x->spkac->pubkey),pkey));
-}
-
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
-{
-	if ((x == NULL) || (x->spkac == NULL))
-		return(NULL);
-	return(X509_PUBKEY_get(x->spkac->pubkey));
-}
-
-/* Load a Netscape SPKI from a base64 encoded string */
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len)
-{
-	unsigned char *spki_der, *p;
-	int spki_len;
-	NETSCAPE_SPKI *spki;
-	if(len <= 0) len = strlen(str);
-	if (!(spki_der = OPENSSL_malloc(len + 1))) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
-	if(spki_len < 0) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_DECODE,
-						X509_R_BASE64_DECODE_ERROR);
-		OPENSSL_free(spki_der);
-		return NULL;
-	}
-	p = spki_der;
-	spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
-	OPENSSL_free(spki_der);
-	return spki;
-}
-
-/* Generate a base64 encoded string from an SPKI */
-
-char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
-{
-	unsigned char *der_spki, *p;
-	char *b64_str;
-	int der_len;
-	der_len = i2d_NETSCAPE_SPKI(spki, NULL);
-	der_spki = OPENSSL_malloc(der_len);
-	b64_str = OPENSSL_malloc(der_len * 2);
-	if(!der_spki || !b64_str) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p = der_spki;
-	i2d_NETSCAPE_SPKI(spki, &p);
-	EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
-	OPENSSL_free(der_spki);
-	return b64_str;
-}
diff --git a/crypto/openssl/crypto/x509/x509type.c b/crypto/openssl/crypto/x509/x509type.c
deleted file mode 100644
index 8e78b344581e..000000000000
--- a/crypto/openssl/crypto/x509/x509type.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/x509/x509type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
-	{
-	EVP_PKEY *pk;
-	int ret=0,i;
-
-	if (x == NULL) return(0);
-
-	if (pkey == NULL)
-		pk=X509_get_pubkey(x);
-	else
-		pk=pkey;
-
-	if (pk == NULL) return(0);
-
-	switch (pk->type)
-		{
-	case EVP_PKEY_RSA:
-		ret=EVP_PK_RSA|EVP_PKT_SIGN;
-/*		if (!sign only extension) */
-			ret|=EVP_PKT_ENC;
-	break;
-	case EVP_PKEY_DSA:
-		ret=EVP_PK_DSA|EVP_PKT_SIGN;
-		break;
-	case EVP_PKEY_DH:
-		ret=EVP_PK_DH|EVP_PKT_EXCH;
-		break;
-	default:
-		break;
-		}
-
-	i=X509_get_signature_type(x);
-	switch (i)
-		{
-	case EVP_PKEY_RSA:
-		ret|=EVP_PKS_RSA;
-		break;
-	case EVP_PKS_DSA:
-		ret|=EVP_PKS_DSA;
-		break;
-	default:
-		break;
-		}
-
-	if (EVP_PKEY_size(pk) <= 512)
-		ret|=EVP_PKT_EXP;
-	if(pkey==NULL) EVP_PKEY_free(pk);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/crypto/x509/x_all.c b/crypto/openssl/crypto/x509/x_all.c
deleted file mode 100644
index fb5015cd4def..000000000000
--- a/crypto/openssl/crypto/x509/x_all.c
+++ /dev/null
@@ -1,488 +0,0 @@
-/* crypto/x509/x_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_verify(X509 *a, EVP_PKEY *r)
-	{
-	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
-		a->signature,a->cert_info,r));
-	}
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
-	{
-	return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
-		a->sig_alg,a->signature,a->req_info,r));
-	}
-
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
-	{
-	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
-		a->sig_alg, a->signature,a->crl,r));
-	}
-
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
-	{
-	return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
-		a->sig_algor,a->signature,a->spkac,r));
-	}
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-	{
-	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
-		x->sig_alg, x->signature, x->cert_info,pkey,md));
-	}
-
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
-	{
-	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL,
-		x->signature, x->req_info,pkey,md));
-	}
-
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
-	{
-	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg,
-		x->sig_alg, x->signature, x->crl,pkey,md));
-	}
-
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
-	{
-	return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL,
-		x->signature, x->spkac,pkey,md));
-	}
-
-#ifndef OPENSSL_NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
-	}
-
-int i2d_X509_fp(FILE *fp, X509 *x509)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
-	}
-#endif
-
-X509 *d2i_X509_bio(BIO *bp, X509 **x509)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
-	}
-
-int i2d_X509_bio(BIO *bp, X509 *x509)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-	}
-
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-	}
-#endif
-
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-	}
-
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-	}
-
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-	}
-#endif
-
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-	}
-
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-	}
-
-#ifndef OPENSSL_NO_FP_API
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-	}
-
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-	}
-#endif
-
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-	}
-
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-	}
-
-#ifndef OPENSSL_NO_RSA
-
-#ifndef OPENSSL_NO_FP_API
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-	}
-
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-	}
-
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
-	{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-	}
-
-
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
-	{
-	return((RSA *)ASN1_d2i_fp((char *(*)())
-		RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp),
-		(unsigned char **)(rsa)));
-	}
-
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
-	{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-	}
-
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
-	{
-	return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa));
-	}
-#endif
-
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-	}
-
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-	}
-
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
-	{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-	}
-
-
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
-	{
-	return((RSA *)ASN1_d2i_bio((char *(*)())
-		RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp),
-		(unsigned char **)(rsa)));
-	}
-
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
-	{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-	}
-
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
-	{
-	return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa));
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#ifndef OPENSSL_NO_FP_API
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
-	{
-	return((DSA *)ASN1_d2i_fp((char *(*)())
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
-		(unsigned char **)(dsa)));
-	}
-
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
-	{
-	return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
-	}
-
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
-	{
-	return((DSA *)ASN1_d2i_fp((char *(*)())
-		DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp),
-		(unsigned char **)(dsa)));
-	}
-
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
-	{
-	return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa));
-	}
-#endif
-
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
-	{
-	return((DSA *)ASN1_d2i_bio((char *(*)())
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
-		(unsigned char **)(dsa)));
-	}
-
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
-	{
-	return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
-	}
-
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
-	{
-	return((DSA *)ASN1_d2i_bio((char *(*)())
-		DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp),
-		(unsigned char **)(dsa)));
-	}
-
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
-	{
-	return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa));
-	}
-
-#endif
-
-int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
-	     unsigned int *len)
-	{
-	ASN1_BIT_STRING *key;
-	key = X509_get0_pubkey_bitstr(data);
-	if(!key) return 0;
-	return EVP_Digest(key->data, key->length, md, len, type, NULL);
-	}
-
-int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
-	     unsigned int *len)
-	{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(X509),type,(char *)data,md,len));
-	}
-
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
-	     unsigned int *len)
-	{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL),type,(char *)data,md,len));
-	}
-
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
-	     unsigned int *len)
-	{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ),type,(char *)data,md,len));
-	}
-
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
-	     unsigned int *len)
-	{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME),type,(char *)data,md,len));
-	}
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
-	     unsigned char *md, unsigned int *len)
-	{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL),type,
-		(char *)data,md,len));
-	}
-
-
-#ifndef OPENSSL_NO_FP_API
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
-	{
-	return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
-		(char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
-	}
-
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
-	{
-	return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
-	}
-#endif
-
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
-	{
-	return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
-		(char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
-	}
-
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
-	{
-	return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
-	}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
-						 PKCS8_PRIV_KEY_INFO **p8inf)
-	{
-	return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
-		(char *(*)())PKCS8_PRIV_KEY_INFO_new,
-		(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
-				(unsigned char **)(p8inf)));
-	}
-
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
-	{
-	return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
-	}
-
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
-	{
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	int ret;
-	p8inf = EVP_PKEY2PKCS8(key);
-	if(!p8inf) return 0;
-	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	return ret;
-	}
-
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
-	{
-	return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey));
-	}
-
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
-{
-	return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a)));
-}
-
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
-	{
-	return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey));
-	}
-
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
-{
-	return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a)));
-}
-
-#endif
-
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
-						 PKCS8_PRIV_KEY_INFO **p8inf)
-	{
-	return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
-		(char *(*)())PKCS8_PRIV_KEY_INFO_new,
-		(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
-				(unsigned char **)(p8inf)));
-	}
-
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
-	{
-	return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
-	}
-
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
-	{
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	int ret;
-	p8inf = EVP_PKEY2PKCS8(key);
-	if(!p8inf) return 0;
-	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	return ret;
-	}
-
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
-	{
-	return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey));
-	}
-
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
-	{
-	return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a)));
-	}
-
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
-	{
-	return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey));
-	}
-
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
-	{
-	return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a)));
-	}
diff --git a/crypto/openssl/crypto/x509v3/Makefile.save b/crypto/openssl/crypto/x509v3/Makefile.save
deleted file mode 100644
index 8ed366504940..000000000000
--- a/crypto/openssl/crypto/x509v3/Makefile.save
+++ /dev/null
@@ -1,514 +0,0 @@
-#
-# SSLeay/crypto/x509v3/Makefile
-#
-
-DIR=	x509v3
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
-v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
-v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c
-LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
-v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509v3.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_akey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_akey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_akey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_akey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_akey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_akey.o: ../cryptlib.h
-v3_alt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_alt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_alt.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_alt.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_alt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_alt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_alt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_bcons.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_bcons.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_bcons.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_bcons.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_bcons.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_bcons.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_bcons.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_bcons.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_bcons.o: ../cryptlib.h
-v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_bitst.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_bitst.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_bitst.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_bitst.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_bitst.o: ../../include/openssl/opensslconf.h
-v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_bitst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_bitst.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_bitst.o: ../cryptlib.h
-v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_conf.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_conf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_conf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_conf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_conf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_conf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_cpols.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_cpols.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_cpols.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_cpols.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_cpols.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_cpols.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_cpols.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_cpols.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_cpols.o: ../cryptlib.h
-v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_crld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_crld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_crld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_crld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_crld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_crld.o: ../cryptlib.h
-v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_enum.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_enum.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_enum.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_enum.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_enum.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_enum.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_extku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_extku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_extku.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_extku.o: ../../include/openssl/opensslconf.h
-v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_extku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_extku.o: ../cryptlib.h
-v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_genn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_genn.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_genn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_genn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_genn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_genn.o: ../cryptlib.h
-v3_ia5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_ia5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_ia5.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_ia5.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_ia5.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_ia5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_ia5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_info.o: ../cryptlib.h
-v3_int.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_int.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_int.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_int.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_int.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_int.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_int.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h
-v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_pku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_pku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_pku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_pku.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_pku.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pku.o: ../cryptlib.h
-v3_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_prn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_prn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_prn.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_prn.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_purp.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_purp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_purp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_purp.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_purp.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_purp.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_skey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_skey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_skey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_skey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_skey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_skey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_sxnet.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_sxnet.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
-v3_sxnet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_sxnet.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_sxnet.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3_sxnet.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_sxnet.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_sxnet.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_sxnet.o: ../cryptlib.h
-v3_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_utl.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_utl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3err.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3err.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
diff --git a/crypto/openssl/crypto/x509v3/Makefile.ssl b/crypto/openssl/crypto/x509v3/Makefile.ssl
deleted file mode 100644
index 5ca169c37cd6..000000000000
--- a/crypto/openssl/crypto/x509v3/Makefile.ssl
+++ /dev/null
@@ -1,603 +0,0 @@
-#
-# SSLeay/crypto/x509v3/Makefile
-#
-
-DIR=	x509v3
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
-v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
-v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
-v3_ocsp.c v3_akeya.c
-LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
-v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
-v3_ocsp.o v3_akeya.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509v3.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-v3_akey.o: ../../e_os.h ../../include/openssl/aes.h
-v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_akey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_akey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_akey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_akey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_akey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_akey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_akey.o: ../cryptlib.h v3_akey.c
-v3_akeya.o: ../../e_os.h ../../include/openssl/aes.h
-v3_akeya.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_akeya.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_akeya.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_akeya.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_akeya.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_akeya.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_akeya.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_akeya.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_akeya.o: ../../include/openssl/opensslconf.h
-v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_akeya.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_akeya.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_akeya.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c
-v3_alt.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_alt.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_alt.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_alt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_alt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_alt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_alt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_alt.o: ../cryptlib.h v3_alt.c
-v3_bcons.o: ../../e_os.h ../../include/openssl/aes.h
-v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_bcons.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_bcons.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_bcons.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_bcons.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_bcons.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_bcons.o: ../../include/openssl/opensslconf.h
-v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_bcons.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_bcons.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_bcons.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c
-v3_bitst.o: ../../e_os.h ../../include/openssl/aes.h
-v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c
-v3_conf.o: ../../e_os.h ../../include/openssl/aes.h
-v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_conf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_conf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_conf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_conf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
-v3_cpols.o: ../../e_os.h ../../include/openssl/aes.h
-v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_cpols.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_cpols.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_cpols.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_cpols.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_cpols.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_cpols.o: ../../include/openssl/opensslconf.h
-v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_cpols.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_cpols.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_cpols.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c
-v3_crld.o: ../../e_os.h ../../include/openssl/aes.h
-v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_crld.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_crld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_crld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_crld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_crld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_crld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_crld.o: ../cryptlib.h v3_crld.c
-v3_enum.o: ../../e_os.h ../../include/openssl/aes.h
-v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_enum.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_enum.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_enum.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_enum.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_enum.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
-v3_extku.o: ../../e_os.h ../../include/openssl/aes.h
-v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_extku.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_extku.o: ../../include/openssl/opensslconf.h
-v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_extku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_extku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_extku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c
-v3_genn.o: ../../e_os.h ../../include/openssl/aes.h
-v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_genn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_genn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_genn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_genn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_genn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_genn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_genn.o: ../cryptlib.h v3_genn.c
-v3_ia5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_ia5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_ia5.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_ia5.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_ia5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_ia5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_ia5.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_ia5.o: ../cryptlib.h v3_ia5.c
-v3_info.o: ../../e_os.h ../../include/openssl/aes.h
-v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_info.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_info.o: ../cryptlib.h v3_info.c
-v3_int.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_int.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_int.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_int.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_int.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_int.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_int.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_int.o: ../cryptlib.h v3_int.c
-v3_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_lib.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
-v3_ocsp.o: ../../e_os.h ../../include/openssl/aes.h
-v3_ocsp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_ocsp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_ocsp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_ocsp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_ocsp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_ocsp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_ocsp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_ocsp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_ocsp.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_ocsp.o: ../cryptlib.h v3_ocsp.c
-v3_pku.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_pku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_pku.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_pku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_pku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c
-v3_prn.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_prn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_prn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_prn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_prn.o: ../cryptlib.h v3_prn.c
-v3_purp.o: ../../e_os.h ../../include/openssl/aes.h
-v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_purp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_purp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_purp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_purp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_purp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
-v3_skey.o: ../../e_os.h ../../include/openssl/aes.h
-v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_skey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-v3_skey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-v3_skey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-v3_skey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_skey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
-v3_sxnet.o: ../../e_os.h ../../include/openssl/aes.h
-v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_sxnet.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_sxnet.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_sxnet.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_sxnet.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_sxnet.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_sxnet.o: ../../include/openssl/opensslconf.h
-v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-v3_sxnet.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-v3_sxnet.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_sxnet.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c
-v3_utl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3_utl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_utl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3_utl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_utl.o: ../cryptlib.h v3_utl.c
-v3err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-v3err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
-v3err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-v3err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
-v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-v3err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3err.o: v3err.c
diff --git a/crypto/openssl/crypto/x509v3/README b/crypto/openssl/crypto/x509v3/README
deleted file mode 100644
index 3b2cc047beb4..000000000000
--- a/crypto/openssl/crypto/x509v3/README
+++ /dev/null
@@ -1,4 +0,0 @@
-WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-
-This is ***VERY*** new experimental code and is likely to change
-considerably or vanish altogether.
diff --git a/crypto/openssl/crypto/x509v3/ext_dat.h b/crypto/openssl/crypto/x509v3/ext_dat.h
deleted file mode 100644
index 5442480595b3..000000000000
--- a/crypto/openssl/crypto/x509v3/ext_dat.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/* ext_dat.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* This file contains a table of "standard" extensions */
-
-extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
-extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
-extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate, v3_cpols, v3_crld;
-extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
-extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
-extern X509V3_EXT_METHOD v3_crl_hold;
-
-/* This table will be searched using OBJ_bsearch so it *must* kept in
- * order of the ext_nid values.
- */
-
-static X509V3_EXT_METHOD *standard_exts[] = {
-&v3_nscert,
-&v3_ns_ia5_list[0],
-&v3_ns_ia5_list[1],
-&v3_ns_ia5_list[2],
-&v3_ns_ia5_list[3],
-&v3_ns_ia5_list[4],
-&v3_ns_ia5_list[5],
-&v3_ns_ia5_list[6],
-&v3_skey_id,
-&v3_key_usage,
-&v3_pkey_usage_period,
-&v3_alt[0],
-&v3_alt[1],
-&v3_bcons,
-&v3_crl_num,
-&v3_cpols,
-&v3_akey_id,
-&v3_crld,
-&v3_ext_ku,
-&v3_crl_reason,
-#ifndef OPENSSL_NO_OCSP
-&v3_crl_invdate,
-#endif
-&v3_sxnet,
-&v3_info,
-#ifndef OPENSSL_NO_OCSP
-&v3_ocsp_nonce,
-&v3_ocsp_crlid,
-&v3_ocsp_accresp,
-&v3_ocsp_nocheck,
-&v3_ocsp_acutoff,
-&v3_ocsp_serviceloc,
-#endif
-&v3_sinfo,
-#ifndef OPENSSL_NO_OCSP
-&v3_crl_hold
-#endif
-};
-
-/* Number of standard extensions */
-
-#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
-
diff --git a/crypto/openssl/crypto/x509v3/tabtest.c b/crypto/openssl/crypto/x509v3/tabtest.c
deleted file mode 100644
index dad0d38dd530..000000000000
--- a/crypto/openssl/crypto/x509v3/tabtest.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* tabtest.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Simple program to check the ext_dat.h is correct and print out
- * problems if it is not.
- */
-
-#include <stdio.h>
-
-#include <openssl/x509v3.h>
-
-#include "ext_dat.h"
-
-main()
-{
-	int i, prev = -1, bad = 0;
-	X509V3_EXT_METHOD **tmp;
-	i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *);
-	if(i != STANDARD_EXTENSION_COUNT)
-		fprintf(stderr, "Extension number invalid expecting %d\n", i);
-	tmp = standard_exts;
-	for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) {
-		if((*tmp)->ext_nid < prev) bad = 1;
-		prev = (*tmp)->ext_nid;
-		
-	}
-	if(bad) {
-		tmp = standard_exts;
-		fprintf(stderr, "Extensions out of order!\n");
-		for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++)
-		printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid));
-	} else fprintf(stderr, "Order OK\n");
-}
diff --git a/crypto/openssl/crypto/x509v3/v3_akey.c b/crypto/openssl/crypto/x509v3/v3_akey.c
deleted file mode 100644
index 97e686f97af9..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_akey.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* v3_akey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-			AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-			X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
-(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-0,0,
-NULL
-};
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-	     AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
-{
-	char *tmp;
-	if(akeyid->keyid) {
-		tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
-		X509V3_add_value("keyid", tmp, &extlist);
-		OPENSSL_free(tmp);
-	}
-	if(akeyid->issuer) 
-		extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
-	if(akeyid->serial) {
-		tmp = hex_to_string(akeyid->serial->data,
-						 akeyid->serial->length);
-		X509V3_add_value("serial", tmp, &extlist);
-		OPENSSL_free(tmp);
-	}
-	return extlist;
-}
-
-/* Currently two options:
- * keyid: use the issuers subject keyid, the value 'always' means its is
- * an error if the issuer certificate doesn't have a key id.
- * issuer: use the issuers cert issuer and serial number. The default is
- * to only use this if keyid is not present. With the option 'always'
- * this is always included.
- */
-
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
-{
-char keyid=0, issuer=0;
-int i;
-CONF_VALUE *cnf;
-ASN1_OCTET_STRING *ikeyid = NULL;
-X509_NAME *isname = NULL;
-GENERAL_NAMES * gens = NULL;
-GENERAL_NAME *gen = NULL;
-ASN1_INTEGER *serial = NULL;
-X509_EXTENSION *ext;
-X509 *cert;
-AUTHORITY_KEYID *akeyid;
-for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
-	cnf = sk_CONF_VALUE_value(values, i);
-	if(!strcmp(cnf->name, "keyid")) {
-		keyid = 1;
-		if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
-	} else if(!strcmp(cnf->name, "issuer")) {
-		issuer = 1;
-		if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2;
-	} else {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
-		ERR_add_error_data(2, "name=", cnf->name);
-		return NULL;
-	}
-}
-
-if(!ctx || !ctx->issuer_cert) {
-	if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
-	X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
-	return NULL;
-}
-
-cert = ctx->issuer_cert;
-
-if(keyid) {
-	i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
-	if((i >= 0)  && (ext = X509_get_ext(cert, i)))
-						 ikeyid = X509V3_EXT_d2i(ext);
-	if(keyid==2 && !ikeyid) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
-		return NULL;
-	}
-}
-
-if((issuer && !ikeyid) || (issuer == 2)) {
-	isname = X509_NAME_dup(X509_get_issuer_name(cert));
-	serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
-	if(!isname || !serial) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
-		goto err;
-	}
-}
-
-if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
-
-if(isname) {
-	if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new())
-		|| !sk_GENERAL_NAME_push(gens, gen)) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	gen->type = GEN_DIRNAME;
-	gen->d.dirn = isname;
-}
-
-akeyid->issuer = gens;
-akeyid->serial = serial;
-akeyid->keyid = ikeyid;
-
-return akeyid;
-
-err:
-X509_NAME_free(isname);
-M_ASN1_INTEGER_free(serial);
-M_ASN1_OCTET_STRING_free(ikeyid);
-return NULL;
-
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3_akeya.c b/crypto/openssl/crypto/x509v3/v3_akeya.c
deleted file mode 100644
index 2aafa26ba712..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_akeya.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* v3_akey_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(AUTHORITY_KEYID) = {
-	ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0),
-	ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1),
-	ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2)
-} ASN1_SEQUENCE_END(AUTHORITY_KEYID)
-
-IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID)
diff --git a/crypto/openssl/crypto/x509v3/v3_alt.c b/crypto/openssl/crypto/x509v3/v3_alt.c
deleted file mode 100644
index 0e9e7dcb4fda..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_alt.c
+++ /dev/null
@@ -1,457 +0,0 @@
-/* v3_alt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
-static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
-X509V3_EXT_METHOD v3_alt[] = {
-{ NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-(X509V3_EXT_V2I)v2i_subject_alt,
-NULL, NULL, NULL},
-
-{ NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-(X509V3_EXT_V2I)v2i_issuer_alt,
-NULL, NULL, NULL},
-};
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-		GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret)
-{
-	int i;
-	GENERAL_NAME *gen;
-	for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-		gen = sk_GENERAL_NAME_value(gens, i);
-		ret = i2v_GENERAL_NAME(method, gen, ret);
-	}
-	if(!ret) return sk_CONF_VALUE_new_null();
-	return ret;
-}
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
-				GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
-{
-	unsigned char *p;
-	char oline[256];
-	switch (gen->type)
-	{
-		case GEN_OTHERNAME:
-		X509V3_add_value("othername","<unsupported>", &ret);
-		break;
-
-		case GEN_X400:
-		X509V3_add_value("X400Name","<unsupported>", &ret);
-		break;
-
-		case GEN_EDIPARTY:
-		X509V3_add_value("EdiPartyName","<unsupported>", &ret);
-		break;
-
-		case GEN_EMAIL:
-		X509V3_add_value_uchar("email",gen->d.ia5->data, &ret);
-		break;
-
-		case GEN_DNS:
-		X509V3_add_value_uchar("DNS",gen->d.ia5->data, &ret);
-		break;
-
-		case GEN_URI:
-		X509V3_add_value_uchar("URI",gen->d.ia5->data, &ret);
-		break;
-
-		case GEN_DIRNAME:
-		X509_NAME_oneline(gen->d.dirn, oline, 256);
-		X509V3_add_value("DirName",oline, &ret);
-		break;
-
-		case GEN_IPADD:
-		p = gen->d.ip->data;
-		/* BUG: doesn't support IPV6 */
-		if(gen->d.ip->length != 4) {
-			X509V3_add_value("IP Address","<invalid>", &ret);
-			break;
-		}
-		sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-		X509V3_add_value("IP Address",oline, &ret);
-		break;
-
-		case GEN_RID:
-		i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
-		X509V3_add_value("Registered ID",oline, &ret);
-		break;
-	}
-	return ret;
-}
-
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
-{
-	unsigned char *p;
-	switch (gen->type)
-	{
-		case GEN_OTHERNAME:
-		BIO_printf(out, "othername:<unsupported>");
-		break;
-
-		case GEN_X400:
-		BIO_printf(out, "X400Name:<unsupported>");
-		break;
-
-		case GEN_EDIPARTY:
-		/* Maybe fix this: it is supported now */
-		BIO_printf(out, "EdiPartyName:<unsupported>");
-		break;
-
-		case GEN_EMAIL:
-		BIO_printf(out, "email:%s",gen->d.ia5->data);
-		break;
-
-		case GEN_DNS:
-		BIO_printf(out, "DNS:%s",gen->d.ia5->data);
-		break;
-
-		case GEN_URI:
-		BIO_printf(out, "URI:%s",gen->d.ia5->data);
-		break;
-
-		case GEN_DIRNAME:
-		BIO_printf(out, "DirName: ");
-		X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
-		break;
-
-		case GEN_IPADD:
-		p = gen->d.ip->data;
-		/* BUG: doesn't support IPV6 */
-		if(gen->d.ip->length != 4) {
-			BIO_printf(out,"IP Address:<invalid>");
-			break;
-		}
-		BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-		break;
-
-		case GEN_RID:
-		BIO_printf(out, "Registered ID");
-		i2a_ASN1_OBJECT(out, gen->d.rid);
-		break;
-	}
-	return 1;
-}
-
-static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
-				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!name_cmp(cnf->name, "issuer") && cnf->value &&
-						!strcmp(cnf->value, "copy")) {
-			if(!copy_issuer(ctx, gens)) goto err;
-		} else {
-			GENERAL_NAME *gen;
-			if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-								 goto err; 
-			sk_GENERAL_NAME_push(gens, gen);
-		}
-	}
-	return gens;
-	err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-/* Append subject altname of issuer to issuer alt name of subject */
-
-static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
-{
-	GENERAL_NAMES *ialt;
-	GENERAL_NAME *gen;
-	X509_EXTENSION *ext;
-	int i;
-	if(ctx && (ctx->flags == CTX_TEST)) return 1;
-	if(!ctx || !ctx->issuer_cert) {
-		X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_NO_ISSUER_DETAILS);
-		goto err;
-	}
-        i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
-	if(i < 0) return 1;
-        if(!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
-                        !(ialt = X509V3_EXT_d2i(ext)) ) {
-		X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR);
-		goto err;
-	}
-
-	for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
-		gen = sk_GENERAL_NAME_value(ialt, i);
-		if(!sk_GENERAL_NAME_push(gens, gen)) {
-			X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	sk_GENERAL_NAME_free(ialt);
-
-	return 1;
-		
-	err:
-	return 0;
-	
-}
-
-static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
-				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!name_cmp(cnf->name, "email") && cnf->value &&
-						!strcmp(cnf->value, "copy")) {
-			if(!copy_email(ctx, gens, 0)) goto err;
-		} else if(!name_cmp(cnf->name, "email") && cnf->value &&
-						!strcmp(cnf->value, "move")) {
-			if(!copy_email(ctx, gens, 1)) goto err;
-		} else {
-			GENERAL_NAME *gen;
-			if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-								 goto err; 
-			sk_GENERAL_NAME_push(gens, gen);
-		}
-	}
-	return gens;
-	err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-/* Copy any email addresses in a certificate or request to 
- * GENERAL_NAMES
- */
-
-static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
-{
-	X509_NAME *nm;
-	ASN1_IA5STRING *email = NULL;
-	X509_NAME_ENTRY *ne;
-	GENERAL_NAME *gen = NULL;
-	int i;
-	if(ctx->flags == CTX_TEST) return 1;
-	if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
-		X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS);
-		goto err;
-	}
-	/* Find the subject name */
-	if(ctx->subject_cert) nm = X509_get_subject_name(ctx->subject_cert);
-	else nm = X509_REQ_get_subject_name(ctx->subject_req);
-
-	/* Now add any email address(es) to STACK */
-	i = -1;
-	while((i = X509_NAME_get_index_by_NID(nm,
-					 NID_pkcs9_emailAddress, i)) >= 0) {
-		ne = X509_NAME_get_entry(nm, i);
-		email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
-                if (move_p)
-                        {
-                        X509_NAME_delete_entry(nm, i);
-                        i--;
-                        }
-		if(!email || !(gen = GENERAL_NAME_new())) {
-			X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		gen->d.ia5 = email;
-		email = NULL;
-		gen->type = GEN_EMAIL;
-		if(!sk_GENERAL_NAME_push(gens, gen)) {
-			X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		gen = NULL;
-	}
-
-	
-	return 1;
-		
-	err:
-	GENERAL_NAME_free(gen);
-	M_ASN1_IA5STRING_free(email);
-	return 0;
-	
-}
-
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAME *gen;
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; 
-		sk_GENERAL_NAME_push(gens, gen);
-	}
-	return gens;
-	err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-							 CONF_VALUE *cnf)
-{
-char is_string = 0;
-int type;
-GENERAL_NAME *gen = NULL;
-
-char *name, *value;
-
-name = cnf->name;
-value = cnf->value;
-
-if(!value) {
-	X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
-	return NULL;
-}
-
-if(!(gen = GENERAL_NAME_new())) {
-	X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-if(!name_cmp(name, "email")) {
-	is_string = 1;
-	type = GEN_EMAIL;
-} else if(!name_cmp(name, "URI")) {
-	is_string = 1;
-	type = GEN_URI;
-} else if(!name_cmp(name, "DNS")) {
-	is_string = 1;
-	type = GEN_DNS;
-} else if(!name_cmp(name, "RID")) {
-	ASN1_OBJECT *obj;
-	if(!(obj = OBJ_txt2obj(value,0))) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
-		ERR_add_error_data(2, "value=", value);
-		goto err;
-	}
-	gen->d.rid = obj;
-	type = GEN_RID;
-} else if(!name_cmp(name, "IP")) {
-	int i1,i2,i3,i4;
-	unsigned char ip[4];
-	if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) ||
-	    (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) ||
-	    (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
-		ERR_add_error_data(2, "value=", value);
-		goto err;
-	}
-	ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
-	if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) ||
-		!ASN1_STRING_set(gen->d.ip, ip, 4)) {
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
-			goto err;
-	}
-	type = GEN_IPADD;
-} else {
-	X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION);
-	ERR_add_error_data(2, "name=", name);
-	goto err;
-}
-
-if(is_string) {
-	if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
-		      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
-				       strlen(value))) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-}
-
-gen->type = type;
-
-return gen;
-
-err:
-GENERAL_NAME_free(gen);
-return NULL;
-}
diff --git a/crypto/openssl/crypto/x509v3/v3_bcons.c b/crypto/openssl/crypto/x509v3/v3_bcons.c
deleted file mode 100644
index cbb012715e55..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_bcons.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* v3_bcons.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-X509V3_EXT_METHOD v3_bcons = {
-NID_basic_constraints, 0,
-ASN1_ITEM_ref(BASIC_CONSTRAINTS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
-(X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
-NULL,NULL,
-NULL
-};
-
-ASN1_SEQUENCE(BASIC_CONSTRAINTS) = {
-	ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN),
-	ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS)
-
-IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-	     BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
-{
-	X509V3_add_value_bool("CA", bcons->ca, &extlist);
-	X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
-	return extlist;
-}
-
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
-{
-	BASIC_CONSTRAINTS *bcons=NULL;
-	CONF_VALUE *val;
-	int i;
-	if(!(bcons = BASIC_CONSTRAINTS_new())) {
-		X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
-		val = sk_CONF_VALUE_value(values, i);
-		if(!strcmp(val->name, "CA")) {
-			if(!X509V3_get_value_bool(val, &bcons->ca)) goto err;
-		} else if(!strcmp(val->name, "pathlen")) {
-			if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err;
-		} else {
-			X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
-			X509V3_conf_err(val);
-			goto err;
-		}
-	}
-	return bcons;
-	err:
-	BASIC_CONSTRAINTS_free(bcons);
-	return NULL;
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3_bitst.c b/crypto/openssl/crypto/x509v3/v3_bitst.c
deleted file mode 100644
index 16cf12556218..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_bitst.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* v3_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-				ASN1_BIT_STRING *bits,
-				STACK_OF(CONF_VALUE) *extlist);
-
-static BIT_STRING_BITNAME ns_cert_type_table[] = {
-{0, "SSL Client", "client"},
-{1, "SSL Server", "server"},
-{2, "S/MIME", "email"},
-{3, "Object Signing", "objsign"},
-{4, "Unused", "reserved"},
-{5, "SSL CA", "sslCA"},
-{6, "S/MIME CA", "emailCA"},
-{7, "Object Signing CA", "objCA"},
-{-1, NULL, NULL}
-};
-
-static BIT_STRING_BITNAME key_usage_type_table[] = {
-{0, "Digital Signature", "digitalSignature"},
-{1, "Non Repudiation", "nonRepudiation"},
-{2, "Key Encipherment", "keyEncipherment"},
-{3, "Data Encipherment", "dataEncipherment"},
-{4, "Key Agreement", "keyAgreement"},
-{5, "Certificate Sign", "keyCertSign"},
-{6, "CRL Sign", "cRLSign"},
-{7, "Encipher Only", "encipherOnly"},
-{8, "Decipher Only", "decipherOnly"},
-{-1, NULL, NULL}
-};
-
-
-
-X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
-X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
-
-static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-	     ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
-{
-	BIT_STRING_BITNAME *bnam;
-	for(bnam =method->usr_data; bnam->lname; bnam++) {
-		if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) 
-			X509V3_add_value(bnam->lname, NULL, &ret);
-	}
-	return ret;
-}
-	
-static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	CONF_VALUE *val;
-	ASN1_BIT_STRING *bs;
-	int i;
-	BIT_STRING_BITNAME *bnam;
-	if(!(bs = M_ASN1_BIT_STRING_new())) {
-		X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		for(bnam = method->usr_data; bnam->lname; bnam++) {
-			if(!strcmp(bnam->sname, val->name) ||
-				!strcmp(bnam->lname, val->name) ) {
-				ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1);
-				break;
-			}
-		}
-		if(!bnam->lname) {
-			X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-					X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
-			X509V3_conf_err(val);
-			M_ASN1_BIT_STRING_free(bs);
-			return NULL;
-		}
-	}
-	return bs;
-}
-	
-
diff --git a/crypto/openssl/crypto/x509v3/v3_conf.c b/crypto/openssl/crypto/x509v3/v3_conf.c
deleted file mode 100644
index 1a3448e12172..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_conf.c
+++ /dev/null
@@ -1,485 +0,0 @@
-/* v3_conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* extension creation utilities */
-
-
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int v3_check_critical(char **value);
-static int v3_check_generic(char **value);
-static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value);
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type);
-static char *conf_lhash_get_string(void *db, char *section, char *value);
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
-						 int crit, void *ext_struc);
-/* CONF *conf:  Config file    */
-/* char *name:  Name    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
-	     char *value)
-	{
-	int crit;
-	int ext_type;
-	X509_EXTENSION *ret;
-	crit = v3_check_critical(&value);
-	if ((ext_type = v3_check_generic(&value))) 
-		return v3_generic_extension(name, value, crit, ext_type);
-	ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
-	if (!ret)
-		{
-		X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION);
-		ERR_add_error_data(4,"name=", name, ", value=", value);
-		}
-	return ret;
-	}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-	     char *value)
-	{
-	int crit;
-	int ext_type;
-	crit = v3_check_critical(&value);
-	if ((ext_type = v3_check_generic(&value))) 
-		return v3_generic_extension(OBJ_nid2sn(ext_nid),
-							 value, crit, ext_type);
-	return do_ext_nconf(conf, ctx, ext_nid, crit, value);
-	}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-	     int crit, char *value)
-	{
-	X509V3_EXT_METHOD *method;
-	X509_EXTENSION *ext;
-	STACK_OF(CONF_VALUE) *nval;
-	void *ext_struc;
-	if (ext_nid == NID_undef)
-		{
-		X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
-		return NULL;
-		}
-	if (!(method = X509V3_EXT_get_nid(ext_nid)))
-		{
-		X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION);
-		return NULL;
-		}
-	/* Now get internal extension representation based on type */
-	if (method->v2i)
-		{
-		if(*value == '@') nval = NCONF_get_section(conf, value + 1);
-		else nval = X509V3_parse_list(value);
-		if(!nval)
-			{
-			X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING);
-			ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value);
-			return NULL;
-			}
-		ext_struc = method->v2i(method, ctx, nval);
-		if(*value != '@') sk_CONF_VALUE_pop_free(nval,
-							 X509V3_conf_free);
-		if(!ext_struc) return NULL;
-		}
-	else if(method->s2i)
-		{
-		if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
-		}
-	else if(method->r2i)
-		{
-		if(!ctx->db)
-			{
-			X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
-			return NULL;
-			}
-		if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
-		}
-	else
-		{
-		X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
-		ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
-		return NULL;
-		}
-
-	ext  = do_ext_i2d(method, ext_nid, crit, ext_struc);
-	if(method->it) ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
-	else method->ext_free(ext_struc);
-	return ext;
-
-	}
-
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
-						 int crit, void *ext_struc)
-	{
-	unsigned char *ext_der;
-	int ext_len;
-	ASN1_OCTET_STRING *ext_oct;
-	X509_EXTENSION *ext;
-	/* Convert internal representation to DER */
-	if (method->it)
-		{
-		ext_der = NULL;
-		ext_len = ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
-		if (ext_len < 0) goto merr;
-		}
-	 else
-		{
-		unsigned char *p;
-		ext_len = method->i2d(ext_struc, NULL);
-		if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr;
-		p = ext_der;
-		method->i2d(ext_struc, &p);
-		}
-	if (!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
-	ext_oct->data = ext_der;
-	ext_oct->length = ext_len;
-
-	ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
-	if (!ext) goto merr;
-	M_ASN1_OCTET_STRING_free(ext_oct);
-
-	return ext;
-
-	merr:
-	X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE);
-	return NULL;
-
-	}
-
-/* Given an internal structure, nid and critical flag create an extension */
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
-	{
-	X509V3_EXT_METHOD *method;
-	if (!(method = X509V3_EXT_get_nid(ext_nid))) {
-		X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION);
-		return NULL;
-	}
-	return do_ext_i2d(method, ext_nid, crit, ext_struc);
-}
-
-/* Check the extension string for critical flag */
-static int v3_check_critical(char **value)
-{
-	char *p = *value;
-	if ((strlen(p) < 9) || strncmp(p, "critical,", 9)) return 0;
-	p+=9;
-	while(isspace((unsigned char)*p)) p++;
-	*value = p;
-	return 1;
-}
-
-/* Check extension string for generic extension and return the type */
-static int v3_check_generic(char **value)
-{
-	char *p = *value;
-	if ((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0;
-	p+=4;
-	while (isspace((unsigned char)*p)) p++;
-	*value = p;
-	return 1;
-}
-
-/* Create a generic extension: for now just handle DER type */
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
-	     int crit, int type)
-	{
-	unsigned char *ext_der=NULL;
-	long ext_len;
-	ASN1_OBJECT *obj=NULL;
-	ASN1_OCTET_STRING *oct=NULL;
-	X509_EXTENSION *extension=NULL;
-	if (!(obj = OBJ_txt2obj(ext, 0)))
-		{
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_NAME_ERROR);
-		ERR_add_error_data(2, "name=", ext);
-		goto err;
-		}
-
-	if (!(ext_der = string_to_hex(value, &ext_len)))
-		{
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR);
-		ERR_add_error_data(2, "value=", value);
-		goto err;
-		}
-
-	if (!(oct = M_ASN1_OCTET_STRING_new()))
-		{
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	oct->data = ext_der;
-	oct->length = ext_len;
-	ext_der = NULL;
-
-	extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
-
-	err:
-	ASN1_OBJECT_free(obj);
-	M_ASN1_OCTET_STRING_free(oct);
-	if(ext_der) OPENSSL_free(ext_der);
-	return extension;
-
-	}
-
-
-/* This is the main function: add a bunch of extensions based on a config file
- * section to an extension STACK.
- */
-
-
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
-	     STACK_OF(X509_EXTENSION) **sk)
-	{
-	X509_EXTENSION *ext;
-	STACK_OF(CONF_VALUE) *nval;
-	CONF_VALUE *val;	
-	int i;
-	if (!(nval = NCONF_get_section(conf, section))) return 0;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++)
-		{
-		val = sk_CONF_VALUE_value(nval, i);
-		if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
-								return 0;
-		if (sk) X509v3_add_ext(sk, ext, -1);
-		X509_EXTENSION_free(ext);
-		}
-	return 1;
-	}
-
-/* Convenience functions to add extensions to a certificate, CRL and request */
-
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-	     X509 *cert)
-	{
-	STACK_OF(X509_EXTENSION) **sk = NULL;
-	if (cert)
-		sk = &cert->cert_info->extensions;
-	return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-	}
-
-/* Same as above but for a CRL */
-
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-	     X509_CRL *crl)
-	{
-	STACK_OF(X509_EXTENSION) **sk = NULL;
-	if (crl)
-		sk = &crl->crl->extensions;
-	return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-	}
-
-/* Add extensions to certificate request */
-
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-	     X509_REQ *req)
-	{
-	STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
-	int i;
-	if (req)
-		sk = &extlist;
-	i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-	if (!i || !sk)
-		return i;
-	i = X509_REQ_add_extensions(req, extlist);
-	sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
-	return i;
-	}
-
-/* Config database functions */
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
-	{
-	if (ctx->db_meth->get_string)
-			return ctx->db_meth->get_string(ctx->db, name, section);
-	return NULL;
-	}
-
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section)
-	{
-	if (ctx->db_meth->get_section)
-			return ctx->db_meth->get_section(ctx->db, section);
-	return NULL;
-	}
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str)
-	{
-	if (!str) return;
-	if (ctx->db_meth->free_string)
-			ctx->db_meth->free_string(ctx->db, str);
-	}
-
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
-	{
-	if (!section) return;
-	if (ctx->db_meth->free_section)
-			ctx->db_meth->free_section(ctx->db, section);
-	}
-
-static char *nconf_get_string(void *db, char *section, char *value)
-	{
-	return NCONF_get_string(db, section, value);
-	}
-
-static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section)
-	{
-	return NCONF_get_section(db, section);
-	}
-
-static X509V3_CONF_METHOD nconf_method = {
-nconf_get_string,
-nconf_get_section,
-NULL,
-NULL
-};
-
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
-	{
-	ctx->db_meth = &nconf_method;
-	ctx->db = conf;
-	}
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
-	     X509_CRL *crl, int flags)
-	{
-	ctx->issuer_cert = issuer;
-	ctx->subject_cert = subj;
-	ctx->crl = crl;
-	ctx->subject_req = req;
-	ctx->flags = flags;
-	}
-
-/* Old conf compatibility functions */
-
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
-	     char *value)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_nconf(&ctmp, ctx, name, value);
-	}
-
-/* LHASH *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
-	     char *value)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
-	}
-
-static char *conf_lhash_get_string(void *db, char *section, char *value)
-	{
-	return CONF_get_string(db, section, value);
-	}
-
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
-	{
-	return CONF_get_section(db, section);
-	}
-
-static X509V3_CONF_METHOD conf_lhash_method = {
-conf_lhash_get_string,
-conf_lhash_get_section,
-NULL,
-NULL
-};
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash)
-	{
-	ctx->db_meth = &conf_lhash_method;
-	ctx->db = lhash;
-	}
-
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509 *cert)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
-	}
-
-/* Same as above but for a CRL */
-
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509_CRL *crl)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
-	}
-
-/* Add extensions to certificate request */
-
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509_REQ *req)
-	{
-	CONF ctmp;
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
-	}
diff --git a/crypto/openssl/crypto/x509v3/v3_cpols.c b/crypto/openssl/crypto/x509v3/v3_cpols.c
deleted file mode 100644
index 0d4ab1f68031..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_cpols.c
+++ /dev/null
@@ -1,422 +0,0 @@
-/* v3_cpols.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-/* Certificate policies extension support: this one is a bit complex... */
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent);
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
-static void print_notice(BIO *out, USERNOTICE *notice, int indent);
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
-				 STACK_OF(CONF_VALUE) *polstrs, int ia5org);
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
-					STACK_OF(CONF_VALUE) *unot, int ia5org);
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos);
-
-X509V3_EXT_METHOD v3_cpols = {
-NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
-0,0,0,0,
-0,0,
-0,0,
-(X509V3_EXT_I2R)i2r_certpol,
-(X509V3_EXT_R2I)r2i_certpol,
-NULL
-};
-
-ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
-ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES)
-
-IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-
-ASN1_SEQUENCE(POLICYINFO) = {
-	ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
-	ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
-} ASN1_SEQUENCE_END(POLICYINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
-
-ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
-
-ASN1_ADB(POLICYQUALINFO) = {
-	ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
-	ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
-} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
-
-ASN1_SEQUENCE(POLICYQUALINFO) = {
-	ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
-	ASN1_ADB_OBJECT(POLICYQUALINFO)
-} ASN1_SEQUENCE_END(POLICYQUALINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO)
-
-ASN1_SEQUENCE(USERNOTICE) = {
-	ASN1_OPT(USERNOTICE, noticeref, NOTICEREF),
-	ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT)
-} ASN1_SEQUENCE_END(USERNOTICE)
-
-IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE)
-
-ASN1_SEQUENCE(NOTICEREF) = {
-	ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT),
-	ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(NOTICEREF)
-
-IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF)
-
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
-		X509V3_CTX *ctx, char *value)
-{
-	STACK_OF(POLICYINFO) *pols = NULL;
-	char *pstr;
-	POLICYINFO *pol;
-	ASN1_OBJECT *pobj;
-	STACK_OF(CONF_VALUE) *vals;
-	CONF_VALUE *cnf;
-	int i, ia5org;
-	pols = sk_POLICYINFO_new_null();
-	vals =  X509V3_parse_list(value);
-	ia5org = 0;
-	for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-		cnf = sk_CONF_VALUE_value(vals, i);
-		if(cnf->value || !cnf->name ) {
-			X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-		pstr = cnf->name;
-		if(!strcmp(pstr,"ia5org")) {
-			ia5org = 1;
-			continue;
-		} else if(*pstr == '@') {
-			STACK_OF(CONF_VALUE) *polsect;
-			polsect = X509V3_get_section(ctx, pstr + 1);
-			if(!polsect) {
-				X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
-
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol = policy_section(ctx, polsect, ia5org);
-			X509V3_section_free(ctx, polsect);
-			if(!pol) goto err;
-		} else {
-			if(!(pobj = OBJ_txt2obj(cnf->name, 0))) {
-				X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol = POLICYINFO_new();
-			pol->policyid = pobj;
-		}
-		sk_POLICYINFO_push(pols, pol);
-	}
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	return pols;
-	err:
-	sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
-	return NULL;
-}
-
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
-				STACK_OF(CONF_VALUE) *polstrs, int ia5org)
-{
-	int i;
-	CONF_VALUE *cnf;
-	POLICYINFO *pol;
-	POLICYQUALINFO *qual;
-	if(!(pol = POLICYINFO_new())) goto merr;
-	for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
-		cnf = sk_CONF_VALUE_value(polstrs, i);
-		if(!strcmp(cnf->name, "policyIdentifier")) {
-			ASN1_OBJECT *pobj;
-			if(!(pobj = OBJ_txt2obj(cnf->value, 0))) {
-				X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol->policyid = pobj;
-
-		} else if(!name_cmp(cnf->name, "CPS")) {
-			if(!pol->qualifiers) pol->qualifiers =
-						 sk_POLICYQUALINFO_new_null();
-			if(!(qual = POLICYQUALINFO_new())) goto merr;
-			if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
-								 goto merr;
-			qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
-			qual->d.cpsuri = M_ASN1_IA5STRING_new();
-			if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
-						 strlen(cnf->value))) goto merr;
-		} else if(!name_cmp(cnf->name, "userNotice")) {
-			STACK_OF(CONF_VALUE) *unot;
-			if(*cnf->value != '@') {
-				X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			unot = X509V3_get_section(ctx, cnf->value + 1);
-			if(!unot) {
-				X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION);
-
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			qual = notice_section(ctx, unot, ia5org);
-			X509V3_section_free(ctx, unot);
-			if(!qual) goto err;
-			if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
-								 goto merr;
-		} else {
-			X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION);
-
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-	}
-	if(!pol->policyid) {
-		X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER);
-		goto err;
-	}
-
-	return pol;
-
-	merr:
-	X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE);
-
-	err:
-	POLICYINFO_free(pol);
-	return NULL;
-	
-	
-}
-
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
-					STACK_OF(CONF_VALUE) *unot, int ia5org)
-{
-	int i;
-	CONF_VALUE *cnf;
-	USERNOTICE *not;
-	POLICYQUALINFO *qual;
-	if(!(qual = POLICYQUALINFO_new())) goto merr;
-	qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
-	if(!(not = USERNOTICE_new())) goto merr;
-	qual->d.usernotice = not;
-	for(i = 0; i < sk_CONF_VALUE_num(unot); i++) {
-		cnf = sk_CONF_VALUE_value(unot, i);
-		if(!strcmp(cnf->name, "explicitText")) {
-			not->exptext = M_ASN1_VISIBLESTRING_new();
-			if(!ASN1_STRING_set(not->exptext, cnf->value,
-						 strlen(cnf->value))) goto merr;
-		} else if(!strcmp(cnf->name, "organization")) {
-			NOTICEREF *nref;
-			if(!not->noticeref) {
-				if(!(nref = NOTICEREF_new())) goto merr;
-				not->noticeref = nref;
-			} else nref = not->noticeref;
-			if(ia5org) nref->organization = M_ASN1_IA5STRING_new();
-			else nref->organization = M_ASN1_VISIBLESTRING_new();
-			if(!ASN1_STRING_set(nref->organization, cnf->value,
-						 strlen(cnf->value))) goto merr;
-		} else if(!strcmp(cnf->name, "noticeNumbers")) {
-			NOTICEREF *nref;
-			STACK_OF(CONF_VALUE) *nos;
-			if(!not->noticeref) {
-				if(!(nref = NOTICEREF_new())) goto merr;
-				not->noticeref = nref;
-			} else nref = not->noticeref;
-			nos = X509V3_parse_list(cnf->value);
-			if(!nos || !sk_CONF_VALUE_num(nos)) {
-				X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			nref->noticenos = nref_nos(nos);
-			sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
-			if(!nref->noticenos) goto err;
-		} else {
-			X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
-
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-	}
-
-	if(not->noticeref && 
-	      (!not->noticeref->noticenos || !not->noticeref->organization)) {
-			X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
-			goto err;
-	}
-
-	return qual;
-
-	merr:
-	X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
-
-	err:
-	POLICYQUALINFO_free(qual);
-	return NULL;
-}
-
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
-{
-	STACK_OF(ASN1_INTEGER) *nnums;
-	CONF_VALUE *cnf;
-	ASN1_INTEGER *aint;
-
-	int i;
-
-	if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
-	for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
-		cnf = sk_CONF_VALUE_value(nos, i);
-		if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
-			X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER);
-			goto err;
-		}
-		if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
-	}
-	return nnums;
-
-	merr:
-	X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
-
-	err:
-	sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
-	return NULL;
-}
-
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
-		BIO *out, int indent)
-{
-	int i;
-	POLICYINFO *pinfo;
-	/* First print out the policy OIDs */
-	for(i = 0; i < sk_POLICYINFO_num(pol); i++) {
-		pinfo = sk_POLICYINFO_value(pol, i);
-		BIO_printf(out, "%*sPolicy: ", indent, "");
-		i2a_ASN1_OBJECT(out, pinfo->policyid);
-		BIO_puts(out, "\n");
-		if(pinfo->qualifiers)
-			 print_qualifiers(out, pinfo->qualifiers, indent + 2);
-	}
-	return 1;
-}
-
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
-		int indent)
-{
-	POLICYQUALINFO *qualinfo;
-	int i;
-	for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
-		qualinfo = sk_POLICYQUALINFO_value(quals, i);
-		switch(OBJ_obj2nid(qualinfo->pqualid))
-		{
-			case NID_id_qt_cps:
-			BIO_printf(out, "%*sCPS: %s\n", indent, "",
-						qualinfo->d.cpsuri->data);
-			break;
-		
-			case NID_id_qt_unotice:
-			BIO_printf(out, "%*sUser Notice:\n", indent, "");
-			print_notice(out, qualinfo->d.usernotice, indent + 2);
-			break;
-
-			default:
-			BIO_printf(out, "%*sUnknown Qualifier: ",
-							 indent + 2, "");
-			
-			i2a_ASN1_OBJECT(out, qualinfo->pqualid);
-			BIO_puts(out, "\n");
-			break;
-		}
-	}
-}
-
-static void print_notice(BIO *out, USERNOTICE *notice, int indent)
-{
-	int i;
-	if(notice->noticeref) {
-		NOTICEREF *ref;
-		ref = notice->noticeref;
-		BIO_printf(out, "%*sOrganization: %s\n", indent, "",
-						 ref->organization->data);
-		BIO_printf(out, "%*sNumber%s: ", indent, "",
-			   sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
-		for(i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
-			ASN1_INTEGER *num;
-			char *tmp;
-			num = sk_ASN1_INTEGER_value(ref->noticenos, i);
-			if(i) BIO_puts(out, ", ");
-			tmp = i2s_ASN1_INTEGER(NULL, num);
-			BIO_puts(out, tmp);
-			OPENSSL_free(tmp);
-		}
-		BIO_puts(out, "\n");
-	}
-	if(notice->exptext)
-		BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
-							 notice->exptext->data);
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3_crld.c b/crypto/openssl/crypto/x509v3/v3_crld.c
deleted file mode 100644
index 894a8b94d802..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_crld.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* v3_crld.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
-		STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist);
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-X509V3_EXT_METHOD v3_crld = {
-NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_crld,
-(X509V3_EXT_V2I)v2i_crld,
-0,0,
-NULL
-};
-
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
-			STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts)
-{
-	DIST_POINT *point;
-	int i;
-	for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
-		point = sk_DIST_POINT_value(crld, i);
-		if(point->distpoint) {
-			if(point->distpoint->type == 0)
-				exts = i2v_GENERAL_NAMES(NULL,
-					 point->distpoint->name.fullname, exts);
-		        else X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
-		}
-		if(point->reasons) 
-			X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
-		if(point->CRLissuer)
-			X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
-	}
-	return exts;
-}
-
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	STACK_OF(DIST_POINT) *crld = NULL;
-	GENERAL_NAMES *gens = NULL;
-	GENERAL_NAME *gen = NULL;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(crld = sk_DIST_POINT_new_null())) goto merr;
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		DIST_POINT *point;
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; 
-		if(!(gens = GENERAL_NAMES_new())) goto merr;
-		if(!sk_GENERAL_NAME_push(gens, gen)) goto merr;
-		gen = NULL;
-		if(!(point = DIST_POINT_new())) goto merr;
-		if(!sk_DIST_POINT_push(crld, point)) {
-			DIST_POINT_free(point);
-			goto merr;
-		}
-		if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
-		point->distpoint->name.fullname = gens;
-		point->distpoint->type = 0;
-		gens = NULL;
-	}
-	return crld;
-
-	merr:
-	X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE);
-	err:
-	GENERAL_NAME_free(gen);
-	GENERAL_NAMES_free(gens);
-	sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
-	return NULL;
-}
-
-IMPLEMENT_STACK_OF(DIST_POINT)
-IMPLEMENT_ASN1_SET_OF(DIST_POINT)
-
-
-ASN1_CHOICE(DIST_POINT_NAME) = {
-	ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
-	ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
-} ASN1_CHOICE_END(DIST_POINT_NAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
-
-ASN1_SEQUENCE(DIST_POINT) = {
-	ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
-	ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
-	ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, CRLissuer, GENERAL_NAME, 2)
-} ASN1_SEQUENCE_END(DIST_POINT)
-
-IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
-
-ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT)
-ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
-
-IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
diff --git a/crypto/openssl/crypto/x509v3/v3_enum.c b/crypto/openssl/crypto/x509v3/v3_enum.c
deleted file mode 100644
index 010c9d6260a9..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_enum.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* v3_enum.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ENUMERATED_NAMES crl_reasons[] = {
-{0, "Unspecified", "unspecified"},
-{1, "Key Compromise", "keyCompromise"},
-{2, "CA Compromise", "CACompromise"},
-{3, "Affiliation Changed", "affiliationChanged"},
-{4, "Superseded", "superseded"},
-{5, "Cessation Of Operation", "cessationOfOperation"},
-{6, "Certificate Hold", "certificateHold"},
-{8, "Remove From CRL", "removeFromCRL"},
-{-1, NULL, NULL}
-};
-
-X509V3_EXT_METHOD v3_crl_reason = { 
-NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED),
-0,0,0,0,
-(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
-0,
-0,0,0,0,
-crl_reasons};
-
-
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
-	     ASN1_ENUMERATED *e)
-{
-	ENUMERATED_NAMES *enam;
-	long strval;
-	strval = ASN1_ENUMERATED_get(e);
-	for(enam = method->usr_data; enam->lname; enam++) {
-		if(strval == enam->bitnum) return BUF_strdup(enam->lname);
-	}
-	return i2s_ASN1_ENUMERATED(method, e);
-}
diff --git a/crypto/openssl/crypto/x509v3/v3_extku.c b/crypto/openssl/crypto/x509v3/v3_extku.c
deleted file mode 100644
index b1cfaba1aa83..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_extku.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* v3_extku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-		void *eku, STACK_OF(CONF_VALUE) *extlist);
-
-X509V3_EXT_METHOD v3_ext_ku = {
-	NID_ext_key_usage, 0,
-	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-	0,0,0,0,
-	0,0,
-	i2v_EXTENDED_KEY_USAGE,
-	v2i_EXTENDED_KEY_USAGE,
-	0,0,
-	NULL
-};
-
-/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
-X509V3_EXT_METHOD v3_ocsp_accresp = {
-	NID_id_pkix_OCSP_acceptableResponses, 0,
-	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-	0,0,0,0,
-	0,0,
-	i2v_EXTENDED_KEY_USAGE,
-	v2i_EXTENDED_KEY_USAGE,
-	0,0,
-	NULL
-};
-
-ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
-ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
-
-IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-		void *a, STACK_OF(CONF_VALUE) *ext_list)
-{
-	EXTENDED_KEY_USAGE *eku = a;
-	int i;
-	ASN1_OBJECT *obj;
-	char obj_tmp[80];
-	for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
-		obj = sk_ASN1_OBJECT_value(eku, i);
-		i2t_ASN1_OBJECT(obj_tmp, 80, obj);
-		X509V3_add_value(NULL, obj_tmp, &ext_list);
-	}
-	return ext_list;
-}
-
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	EXTENDED_KEY_USAGE *extku;
-	char *extval;
-	ASN1_OBJECT *objtmp;
-	CONF_VALUE *val;
-	int i;
-
-	if(!(extku = sk_ASN1_OBJECT_new_null())) {
-		X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		if(val->value) extval = val->value;
-		else extval = val->name;
-		if(!(objtmp = OBJ_txt2obj(extval, 0))) {
-			sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-			X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
-			X509V3_conf_err(val);
-			return NULL;
-		}
-		sk_ASN1_OBJECT_push(extku, objtmp);
-	}
-	return extku;
-}
diff --git a/crypto/openssl/crypto/x509v3/v3_genn.c b/crypto/openssl/crypto/x509v3/v3_genn.c
deleted file mode 100644
index 650b510980da..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_genn.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* v3_genn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(OTHERNAME) = {
-	ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
-	/* Maybe have a true ANY DEFINED BY later */
-	ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
-} ASN1_SEQUENCE_END(OTHERNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
-
-ASN1_SEQUENCE(EDIPARTYNAME) = {
-	ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
-	ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
-} ASN1_SEQUENCE_END(EDIPARTYNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
-
-ASN1_CHOICE(GENERAL_NAME) = {
-	ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
-	ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
-	ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
-	/* Don't decode this */
-	ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
-	/* X509_NAME is a CHOICE type so use EXPLICIT */
-	ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
-	ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
-	ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
-	ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
-	ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
-} ASN1_CHOICE_END(GENERAL_NAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
-
-ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
-ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
-
-IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
diff --git a/crypto/openssl/crypto/x509v3/v3_ia5.c b/crypto/openssl/crypto/x509v3/v3_ia5.c
deleted file mode 100644
index f9414456de27..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_ia5.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* v3_ia5.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_ns_ia5_list[] = { 
-EXT_IA5STRING(NID_netscape_base_url),
-EXT_IA5STRING(NID_netscape_revocation_url),
-EXT_IA5STRING(NID_netscape_ca_revocation_url),
-EXT_IA5STRING(NID_netscape_renewal_url),
-EXT_IA5STRING(NID_netscape_ca_policy_url),
-EXT_IA5STRING(NID_netscape_ssl_server_name),
-EXT_IA5STRING(NID_netscape_comment),
-EXT_END
-};
-
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-	     ASN1_IA5STRING *ia5)
-{
-	char *tmp;
-	if(!ia5 || !ia5->length) return NULL;
-	if (!(tmp = OPENSSL_malloc(ia5->length + 1))) return NULL;
-	memcpy(tmp, ia5->data, ia5->length);
-	tmp[ia5->length] = 0;
-	return tmp;
-}
-
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, char *str)
-{
-	ASN1_IA5STRING *ia5;
-	if(!str) {
-		X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-	if(!(ia5 = M_ASN1_IA5STRING_new())) goto err;
-	if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
-			    strlen(str))) {
-		M_ASN1_IA5STRING_free(ia5);
-		goto err;
-	}
-#ifdef CHARSET_EBCDIC
-        ebcdic2ascii(ia5->data, ia5->data, ia5->length);
-#endif /*CHARSET_EBCDIC*/
-	return ia5;
-	err:
-	X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3_info.c b/crypto/openssl/crypto/x509v3/v3_info.c
deleted file mode 100644
index e269df1373b0..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_info.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/* v3_info.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-				AUTHORITY_INFO_ACCESS *ainfo,
-						STACK_OF(CONF_VALUE) *ret);
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-X509V3_EXT_METHOD v3_info =
-{ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
-
-X509V3_EXT_METHOD v3_sinfo =
-{ NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
-
-ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
-	ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
-	ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME)
-} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION)
-
-IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-
-ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) = 
-	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
-ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
-
-IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-				AUTHORITY_INFO_ACCESS *ainfo,
-						STACK_OF(CONF_VALUE) *ret)
-{
-	ACCESS_DESCRIPTION *desc;
-	int i;
-	char objtmp[80], *ntmp;
-	CONF_VALUE *vtmp;
-	for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
-		desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
-		ret = i2v_GENERAL_NAME(method, desc->location, ret);
-		if(!ret) break;
-		vtmp = sk_CONF_VALUE_value(ret, i);
-		i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
-		ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
-		if(!ntmp) {
-			X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
-					ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		strcpy(ntmp, objtmp);
-		strcat(ntmp, " - ");
-		strcat(ntmp, vtmp->name);
-		OPENSSL_free(vtmp->name);
-		vtmp->name = ntmp;
-		
-	}
-	if(!ret) return sk_CONF_VALUE_new_null();
-	return ret;
-}
-
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	AUTHORITY_INFO_ACCESS *ainfo = NULL;
-	CONF_VALUE *cnf, ctmp;
-	ACCESS_DESCRIPTION *acc;
-	int i, objlen;
-	char *objtmp, *ptmp;
-	if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
-		X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!(acc = ACCESS_DESCRIPTION_new())
-			|| !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ptmp = strchr(cnf->name, ';');
-		if(!ptmp) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX);
-			goto err;
-		}
-		objlen = ptmp - cnf->name;
-		ctmp.name = ptmp + 1;
-		ctmp.value = cnf->value;
-		GENERAL_NAME_free(acc->location);
-		if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp)))
-								 goto err; 
-		if(!(objtmp = OPENSSL_malloc(objlen + 1))) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		strncpy(objtmp, cnf->name, objlen);
-		objtmp[objlen] = 0;
-		acc->method = OBJ_txt2obj(objtmp, 0);
-		if(!acc->method) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT);
-			ERR_add_error_data(2, "value=", objtmp);
-			OPENSSL_free(objtmp);
-			goto err;
-		}
-		OPENSSL_free(objtmp);
-
-	}
-	return ainfo;
-	err:
-	sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
-	return NULL;
-}
-
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
-        {
-	i2a_ASN1_OBJECT(bp, a->method);
-#ifdef UNDEF
-	i2a_GENERAL_NAME(bp, a->location);
-#endif
-	return 2;
-	}
diff --git a/crypto/openssl/crypto/x509v3/v3_int.c b/crypto/openssl/crypto/x509v3/v3_int.c
deleted file mode 100644
index f34cbfb7315c..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_int.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* v3_int.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-X509V3_EXT_METHOD v3_crl_num = { 
-NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
-0,0,0,0,
-(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-0,
-0,0,0,0, NULL};
-
diff --git a/crypto/openssl/crypto/x509v3/v3_lib.c b/crypto/openssl/crypto/x509v3/v3_lib.c
deleted file mode 100644
index 482ca8ccf5d5..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_lib.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/* v3_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-#include "ext_dat.h"
-
-static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
-
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
-		const X509V3_EXT_METHOD * const *b);
-static void ext_list_free(X509V3_EXT_METHOD *ext);
-
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
-{
-	if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
-		const X509V3_EXT_METHOD * const *b)
-{
-	return ((*a)->ext_nid - (*b)->ext_nid);
-}
-
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
-{
-	X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
-	int idx;
-	if(nid < 0) return NULL;
-	tmp.ext_nid = nid;
-	ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
-			(char *)standard_exts, STANDARD_EXTENSION_COUNT,
-			sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
-	if(ret) return *ret;
-	if(!ext_list) return NULL;
-	idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
-	if(idx == -1) return NULL;
-	return sk_X509V3_EXT_METHOD_value(ext_list, idx);
-}
-
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
-{
-	int nid;
-	if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
-	return X509V3_EXT_get_nid(nid);
-}
-
-
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
-{
-	for(;extlist->ext_nid!=-1;extlist++) 
-			if(!X509V3_EXT_add(extlist)) return 0;
-	return 1;
-}
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from)
-{
-	X509V3_EXT_METHOD *ext, *tmpext;
-	if(!(ext = X509V3_EXT_get_nid(nid_from))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
-		return 0;
-	}
-	if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	*tmpext = *ext;
-	tmpext->ext_nid = nid_to;
-	tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
-	return X509V3_EXT_add(tmpext);
-}
-
-void X509V3_EXT_cleanup(void)
-{
-	sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
-	ext_list = NULL;
-}
-
-static void ext_list_free(X509V3_EXT_METHOD *ext)
-{
-	if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext);
-}
-
-/* Legacy function: we don't need to add standard extensions
- * any more because they are now kept in ext_dat.h.
- */
-
-int X509V3_add_standard_extensions(void)
-{
-	return 1;
-}
-
-/* Return an extension internal structure */
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext)
-{
-	X509V3_EXT_METHOD *method;
-	unsigned char *p;
-	if(!(method = X509V3_EXT_get(ext))) return NULL;
-	p = ext->value->data;
-	if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it));
-	return method->d2i(NULL, &p, ext->value->length);
-}
-
-/* Get critical flag and decoded version of extension from a NID.
- * The "idx" variable returns the last found extension and can
- * be used to retrieve multiple extensions of the same NID.
- * However multiple extensions with the same NID is usually
- * due to a badly encoded certificate so if idx is NULL we
- * choke if multiple extensions exist.
- * The "crit" variable is set to the critical value.
- * The return value is the decoded extension or NULL on
- * error. The actual error can have several different causes,
- * the value of *crit reflects the cause:
- * >= 0, extension found but not decoded (reflects critical value).
- * -1 extension not found.
- * -2 extension occurs more than once.
- */
-
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
-{
-	int lastpos, i;
-	X509_EXTENSION *ex, *found_ex = NULL;
-	if(!x) {
-		if(idx) *idx = -1;
-		if(crit) *crit = -1;
-		return NULL;
-	}
-	if(idx) lastpos = *idx + 1;
-	else lastpos = 0;
-	if(lastpos < 0) lastpos = 0;
-	for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++)
-	{
-		ex = sk_X509_EXTENSION_value(x, i);
-		if(OBJ_obj2nid(ex->object) == nid) {
-			if(idx) {
-				*idx = i;
-				break;
-			} else if(found_ex) {
-				/* Found more than one */
-				if(crit) *crit = -2;
-				return NULL;
-			}
-			found_ex = ex;
-		}
-	}
-	if(found_ex) {
-		/* Found it */
-		if(crit) *crit = X509_EXTENSION_get_critical(found_ex);
-		return X509V3_EXT_d2i(found_ex);
-	}
-
-	/* Extension not found */
-	if(idx) *idx = -1;
-	if(crit) *crit = -1;
-	return NULL;
-}
-
-/* This function is a general extension append, replace and delete utility.
- * The precise operation is governed by the 'flags' value. The 'crit' and
- * 'value' arguments (if relevant) are the extensions internal structure.
- */
-
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
-					int crit, unsigned long flags)
-{
-	int extidx = -1;
-	int errcode;
-	X509_EXTENSION *ext, *extmp;
-	unsigned long ext_op = flags & X509V3_ADD_OP_MASK;
-
-	/* If appending we don't care if it exists, otherwise
-	 * look for existing extension.
-	 */
-	if(ext_op != X509V3_ADD_APPEND)
-		extidx = X509v3_get_ext_by_NID(*x, nid, -1);
-
-	/* See if extension exists */
-	if(extidx >= 0) {
-		/* If keep existing, nothing to do */
-		if(ext_op == X509V3_ADD_KEEP_EXISTING)
-			return 1;
-		/* If default then its an error */
-		if(ext_op == X509V3_ADD_DEFAULT) {
-			errcode = X509V3_R_EXTENSION_EXISTS;
-			goto err;
-		}
-		/* If delete, just delete it */
-		if(ext_op == X509V3_ADD_DELETE) {
-			if(!sk_X509_EXTENSION_delete(*x, extidx)) return -1;
-			return 1;
-		}
-	} else {
-		/* If replace existing or delete, error since 
-		 * extension must exist
-		 */
-		if((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
-		   (ext_op == X509V3_ADD_DELETE)) {
-			errcode = X509V3_R_EXTENSION_NOT_FOUND;
-			goto err;
-		}
-	}
-
-	/* If we get this far then we have to create an extension:
-	 * could have some flags for alternative encoding schemes...
-	 */
-
-	ext = X509V3_EXT_i2d(nid, crit, value);
-
-	if(!ext) {
-		X509V3err(X509V3_F_X509V3_ADD_I2D, X509V3_R_ERROR_CREATING_EXTENSION);
-		return 0;
-	}
-
-	/* If extension exists replace it.. */
-	if(extidx >= 0) {
-		extmp = sk_X509_EXTENSION_value(*x, extidx);
-		X509_EXTENSION_free(extmp);
-		if(!sk_X509_EXTENSION_set(*x, extidx, ext)) return -1;
-		return 1;
-	}
-
-	if(!*x && !(*x = sk_X509_EXTENSION_new_null())) return -1;
-	if(!sk_X509_EXTENSION_push(*x, ext)) return -1;
-
-	return 1;
-
-	err:
-	if(!(flags & X509V3_ADD_SILENT))
-		X509V3err(X509V3_F_X509V3_ADD_I2D, errcode);
-	return 0;
-}
-
-IMPLEMENT_STACK_OF(X509V3_EXT_METHOD)
diff --git a/crypto/openssl/crypto/x509v3/v3_ocsp.c b/crypto/openssl/crypto/x509v3/v3_ocsp.c
deleted file mode 100644
index 21badc13f9f0..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_ocsp.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* v3_ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_OCSP
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/ocsp.h>
-#include <openssl/x509v3.h>
-
-/* OCSP extensions and a couple of CRL entry extensions
- */
-
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
-static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent);
-
-static void *ocsp_nonce_new(void);
-static int i2d_ocsp_nonce(void *a, unsigned char **pp);
-static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length);
-static void ocsp_nonce_free(void *a);
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
-
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent);
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind);
-
-X509V3_EXT_METHOD v3_ocsp_crlid = {
-	NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID),
-	0,0,0,0,
-	0,0,
-	0,0,
-	i2r_ocsp_crlid,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_ocsp_acutoff = {
-	NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-	0,0,0,0,
-	0,0,
-	0,0,
-	i2r_ocsp_acutoff,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_crl_invdate = {
-	NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-	0,0,0,0,
-	0,0,
-	0,0,
-	i2r_ocsp_acutoff,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_crl_hold = {
-	NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT),
-	0,0,0,0,
-	0,0,
-	0,0,
-	i2r_object,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_ocsp_nonce = {
-	NID_id_pkix_OCSP_Nonce, 0, NULL,
-	ocsp_nonce_new,
-	ocsp_nonce_free,
-	d2i_ocsp_nonce,
-	i2d_ocsp_nonce,
-	0,0,
-	0,0,
-	i2r_ocsp_nonce,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_ocsp_nocheck = {
-	NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL),
-	0,0,0,0,
-	0,s2i_ocsp_nocheck,
-	0,0,
-	i2r_ocsp_nocheck,0,
-	NULL
-};
-
-X509V3_EXT_METHOD v3_ocsp_serviceloc = {
-	NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC),
-	0,0,0,0,
-	0,0,
-	0,0,
-	i2r_ocsp_serviceloc,0,
-	NULL
-};
-
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
-{
-	OCSP_CRLID *a = in;
-	if (a->crlUrl)
-	        {
-		if (!BIO_printf(bp, "%*scrlUrl: ", ind, "")) goto err;
-		if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
-		}
-	if (a->crlNum)
-	        {
-		if (!BIO_printf(bp, "%*scrlNum: ", ind, "")) goto err;
-		if (!i2a_ASN1_INTEGER(bp, a->crlNum)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
-		}
-	if (a->crlTime)
-	        {
-		if (!BIO_printf(bp, "%*scrlTime: ", ind, "")) goto err;
-		if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
-		}
-	return 1;
-	err:
-	return 0;
-}
-
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *cutoff, BIO *bp, int ind)
-{
-	if (!BIO_printf(bp, "%*s", ind, "")) return 0;
-	if(!ASN1_GENERALIZEDTIME_print(bp, cutoff)) return 0;
-	return 1;
-}
-
-
-static int i2r_object(X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind)
-{
-	if (!BIO_printf(bp, "%*s", ind, "")) return 0;
-	if(!i2a_ASN1_OBJECT(bp, oid)) return 0;
-	return 1;
-}
-
-/* OCSP nonce. This is needs special treatment because it doesn't have
- * an ASN1 encoding at all: it just contains arbitrary data.
- */
-
-static void *ocsp_nonce_new(void)
-{
-	return ASN1_OCTET_STRING_new();
-}
-
-static int i2d_ocsp_nonce(void *a, unsigned char **pp)
-{
-	ASN1_OCTET_STRING *os = a;
-	if(pp) {
-		memcpy(*pp, os->data, os->length);
-		*pp += os->length;
-	}
-	return os->length;
-}
-
-static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length)
-{
-	ASN1_OCTET_STRING *os, **pos;
-	pos = a;
-	if(!pos || !*pos) os = ASN1_OCTET_STRING_new();
-	else os = *pos;
-	if(!ASN1_OCTET_STRING_set(os, *pp, length)) goto err;
-
-	*pp += length;
-
-	if(pos) *pos = os;
-	return os;
-
-	err:
-	if(os && (!pos || (*pos != os))) M_ASN1_OCTET_STRING_free(os);
-	OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-static void ocsp_nonce_free(void *a)
-{
-	M_ASN1_OCTET_STRING_free(a);
-}
-
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent)
-{
-	if(BIO_printf(out, "%*s", indent, "") <= 0) return 0;
-	if(i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0) return 0;
-	return 1;
-}
-
-/* Nocheck is just a single NULL. Don't print anything and always set it */
-
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent)
-{
-	return 1;
-}
-
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
-{
-	return ASN1_NULL_new();
-}
-
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
-        {
-	int i;
-	OCSP_SERVICELOC *a = in;
-	ACCESS_DESCRIPTION *ad;
-
-        if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0) goto err;
-        if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err;
-	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++)
-	        {
-				ad = sk_ACCESS_DESCRIPTION_value(a->locator,i);
-				if (BIO_printf(bp, "\n%*s", (2*ind), "") <= 0) 
-					goto err;
-				if(i2a_ASN1_OBJECT(bp, ad->method) <= 0) goto err;
-				if(BIO_puts(bp, " - ") <= 0) goto err;
-				if(GENERAL_NAME_print(bp, ad->location) <= 0) goto err;
-		}
-	return 1;
-err:
-	return 0;
-	}
-#endif
diff --git a/crypto/openssl/crypto/x509v3/v3_pku.c b/crypto/openssl/crypto/x509v3/v3_pku.c
deleted file mode 100644
index 49a2e4697acc..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_pku.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* v3_pku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-*/
-X509V3_EXT_METHOD v3_pkey_usage_period = {
-NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD),
-0,0,0,0,
-0,0,0,0,
-(X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
-NULL
-};
-
-ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = {
-	ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0),
-	ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1)
-} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
-	     PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
-{
-	BIO_printf(out, "%*s", indent, "");
-	if(usage->notBefore) {
-		BIO_write(out, "Not Before: ", 12);
-		ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
-		if(usage->notAfter) BIO_write(out, ", ", 2);
-	}
-	if(usage->notAfter) {
-		BIO_write(out, "Not After: ", 11);
-		ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
-	}
-	return 1;
-}
-
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
-X509V3_EXT_METHOD *method;
-X509V3_CTX *ctx;
-STACK_OF(CONF_VALUE) *values;
-{
-return NULL;
-}
-*/
diff --git a/crypto/openssl/crypto/x509v3/v3_prn.c b/crypto/openssl/crypto/x509v3/v3_prn.c
deleted file mode 100644
index aeaf6170fe44..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_prn.c
+++ /dev/null
@@ -1,233 +0,0 @@
-/* v3_prn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-/* Extension printing routines */
-
-static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported);
-
-/* Print out a name+value stack */
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
-{
-	int i;
-	CONF_VALUE *nval;
-	if(!val) return;
-	if(!ml || !sk_CONF_VALUE_num(val)) {
-		BIO_printf(out, "%*s", indent, "");
-		if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n");
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(val); i++) {
-		if(ml) BIO_printf(out, "%*s", indent, "");
-		else if(i > 0) BIO_printf(out, ", ");
-		nval = sk_CONF_VALUE_value(val, i);
-		if(!nval->name) BIO_puts(out, nval->value);
-		else if(!nval->value) BIO_puts(out, nval->name);
-#ifndef CHARSET_EBCDIC
-		else BIO_printf(out, "%s:%s", nval->name, nval->value);
-#else
-		else {
-			int len;
-			char *tmp;
-			len = strlen(nval->value)+1;
-			tmp = OPENSSL_malloc(len);
-			if (tmp)
-			{
-				ascii2ebcdic(tmp, nval->value, len);
-				BIO_printf(out, "%s:%s", nval->name, tmp);
-				OPENSSL_free(tmp);
-			}
-		}
-#endif
-		if(ml) BIO_puts(out, "\n");
-	}
-}
-
-/* Main routine: print out a general extension */
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent)
-{
-	void *ext_str = NULL;
-	char *value = NULL;
-	unsigned char *p;
-	X509V3_EXT_METHOD *method;	
-	STACK_OF(CONF_VALUE) *nval = NULL;
-	int ok = 1;
-	if(!(method = X509V3_EXT_get(ext)))
-		return unknown_ext_print(out, ext, flag, indent, 0);
-	p = ext->value->data;
-	if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it));
-	else ext_str = method->d2i(NULL, &p, ext->value->length);
-
-	if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1);
-
-	if(method->i2s) {
-		if(!(value = method->i2s(method, ext_str))) {
-			ok = 0;
-			goto err;
-		}
-#ifndef CHARSET_EBCDIC
-		BIO_printf(out, "%*s%s", indent, "", value);
-#else
-		{
-			int len;
-			char *tmp;
-			len = strlen(value)+1;
-			tmp = OPENSSL_malloc(len);
-			if (tmp)
-			{
-				ascii2ebcdic(tmp, value, len);
-				BIO_printf(out, "%*s%s", indent, "", tmp);
-				OPENSSL_free(tmp);
-			}
-		}
-#endif
-	} else if(method->i2v) {
-		if(!(nval = method->i2v(method, ext_str, NULL))) {
-			ok = 0;
-			goto err;
-		}
-		X509V3_EXT_val_prn(out, nval, indent,
-				 method->ext_flags & X509V3_EXT_MULTILINE);
-	} else if(method->i2r) {
-		if(!method->i2r(method, ext_str, out, indent)) ok = 0;
-	} else ok = 0;
-
-	err:
-		sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-		if(value) OPENSSL_free(value);
-		if(method->it) ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it));
-		else method->ext_free(ext_str);
-		return ok;
-}
-
-int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent)
-{
-	int i, j;
-
-	if(sk_X509_EXTENSION_num(exts) <= 0) return 1;
-
-	if(title) 
-		{
-		BIO_printf(bp,"%*s%s:\n",indent, "", title);
-		indent += 4;
-		}
-
-	for (i=0; i<sk_X509_EXTENSION_num(exts); i++)
-		{
-		ASN1_OBJECT *obj;
-		X509_EXTENSION *ex;
-		ex=sk_X509_EXTENSION_value(exts, i);
-		if (BIO_printf(bp,"%*s",indent, "") <= 0) return 0;
-		obj=X509_EXTENSION_get_object(ex);
-		i2a_ASN1_OBJECT(bp,obj);
-		j=X509_EXTENSION_get_critical(ex);
-		if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
-			return 0;
-		if(!X509V3_EXT_print(bp, ex, flag, 12))
-			{
-			BIO_printf(bp, "%*s", indent + 4, "");
-			M_ASN1_OCTET_STRING_print(bp,ex->value);
-			}
-		if (BIO_write(bp,"\n",1) <= 0) return 0;
-		}
-	return 1;
-}
-
-static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported)
-{
-	switch(flag & X509V3_EXT_UNKNOWN_MASK) {
-
-		case X509V3_EXT_DEFAULT:
-		return 0;
-
-		case X509V3_EXT_ERROR_UNKNOWN:
-		if(supported)
-			BIO_printf(out, "%*s<Parse Error>", indent, "");
-		else
-			BIO_printf(out, "%*s<Not Supported>", indent, "");
-		return 1;
-
-		case X509V3_EXT_PARSE_UNKNOWN:
-			return ASN1_parse_dump(out,
-				ext->value->data, ext->value->length, indent, -1);
-		case X509V3_EXT_DUMP_UNKNOWN:
-			return BIO_dump_indent(out, (char *)ext->value->data, ext->value->length, indent);
-
-		default:
-		return 1;
-	}
-}
-	
-
-#ifndef OPENSSL_NO_FP_API
-int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
-{
-	BIO *bio_tmp;
-	int ret;
-	if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
-	ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
-	BIO_free(bio_tmp);
-	return ret;
-}
-#endif
diff --git a/crypto/openssl/crypto/x509v3/v3_purp.c b/crypto/openssl/crypto/x509v3/v3_purp.c
deleted file mode 100644
index 4d145f71fd03..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_purp.c
+++ /dev/null
@@ -1,629 +0,0 @@
-/* v3_purp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-#include <openssl/x509_vfy.h>
-
-static void x509v3_cache_extensions(X509 *x);
-
-static int ca_check(const X509 *x);
-static int check_ssl_ca(const X509 *x);
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int purpose_smime(const X509 *x, int ca);
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
-
-static int xp_cmp(const X509_PURPOSE * const *a,
-		const X509_PURPOSE * const *b);
-static void xptable_free(X509_PURPOSE *p);
-
-static X509_PURPOSE xstandard[] = {
-	{X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL},
-	{X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL},
-	{X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
-	{X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL},
-	{X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
-	{X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
-	{X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
-	{X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
-};
-
-#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
-
-IMPLEMENT_STACK_OF(X509_PURPOSE)
-
-static STACK_OF(X509_PURPOSE) *xptable = NULL;
-
-static int xp_cmp(const X509_PURPOSE * const *a,
-		const X509_PURPOSE * const *b)
-{
-	return (*a)->purpose - (*b)->purpose;
-}
-
-/* As much as I'd like to make X509_check_purpose use a "const" X509*
- * I really can't because it does recalculate hashes and do other non-const
- * things. */
-int X509_check_purpose(X509 *x, int id, int ca)
-{
-	int idx;
-	const X509_PURPOSE *pt;
-	if(!(x->ex_flags & EXFLAG_SET)) {
-		CRYPTO_w_lock(CRYPTO_LOCK_X509);
-		x509v3_cache_extensions(x);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-	}
-	if(id == -1) return 1;
-	idx = X509_PURPOSE_get_by_id(id);
-	if(idx == -1) return -1;
-	pt = X509_PURPOSE_get0(idx);
-	return pt->check_purpose(pt, x, ca);
-}
-
-int X509_PURPOSE_set(int *p, int purpose)
-{
-	if(X509_PURPOSE_get_by_id(purpose) == -1) {
-		X509V3err(X509V3_F_X509_PURPOSE_SET, X509V3_R_INVALID_PURPOSE);
-		return 0;
-	}
-	*p = purpose;
-	return 1;
-}
-
-int X509_PURPOSE_get_count(void)
-{
-	if(!xptable) return X509_PURPOSE_COUNT;
-	return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
-}
-
-X509_PURPOSE * X509_PURPOSE_get0(int idx)
-{
-	if(idx < 0) return NULL;
-	if(idx < X509_PURPOSE_COUNT) return xstandard + idx;
-	return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
-}
-
-int X509_PURPOSE_get_by_sname(char *sname)
-{
-	int i;
-	X509_PURPOSE *xptmp;
-	for(i = 0; i < X509_PURPOSE_get_count(); i++) {
-		xptmp = X509_PURPOSE_get0(i);
-		if(!strcmp(xptmp->sname, sname)) return i;
-	}
-	return -1;
-}
-
-int X509_PURPOSE_get_by_id(int purpose)
-{
-	X509_PURPOSE tmp;
-	int idx;
-	if((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
-		return purpose - X509_PURPOSE_MIN;
-	tmp.purpose = purpose;
-	if(!xptable) return -1;
-	idx = sk_X509_PURPOSE_find(xptable, &tmp);
-	if(idx == -1) return -1;
-	return idx + X509_PURPOSE_COUNT;
-}
-
-int X509_PURPOSE_add(int id, int trust, int flags,
-			int (*ck)(const X509_PURPOSE *, const X509 *, int),
-					char *name, char *sname, void *arg)
-{
-	int idx;
-	X509_PURPOSE *ptmp;
-	/* This is set according to what we change: application can't set it */
-	flags &= ~X509_PURPOSE_DYNAMIC;
-	/* This will always be set for application modified trust entries */
-	flags |= X509_PURPOSE_DYNAMIC_NAME;
-	/* Get existing entry if any */
-	idx = X509_PURPOSE_get_by_id(id);
-	/* Need a new entry */
-	if(idx == -1) {
-		if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
-			X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		ptmp->flags = X509_PURPOSE_DYNAMIC;
-	} else ptmp = X509_PURPOSE_get0(idx);
-
-	/* OPENSSL_free existing name if dynamic */
-	if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
-		OPENSSL_free(ptmp->name);
-		OPENSSL_free(ptmp->sname);
-	}
-	/* dup supplied name */
-	ptmp->name = BUF_strdup(name);
-	ptmp->sname = BUF_strdup(sname);
-	if(!ptmp->name || !ptmp->sname) {
-		X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	/* Keep the dynamic flag of existing entry */
-	ptmp->flags &= X509_PURPOSE_DYNAMIC;
-	/* Set all other flags */
-	ptmp->flags |= flags;
-
-	ptmp->purpose = id;
-	ptmp->trust = trust;
-	ptmp->check_purpose = ck;
-	ptmp->usr_data = arg;
-
-	/* If its a new entry manage the dynamic table */
-	if(idx == -1) {
-		if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
-			X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
-			X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void xptable_free(X509_PURPOSE *p)
-	{
-	if(!p) return;
-	if (p->flags & X509_PURPOSE_DYNAMIC) 
-		{
-		if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
-			OPENSSL_free(p->name);
-			OPENSSL_free(p->sname);
-		}
-		OPENSSL_free(p);
-		}
-	}
-
-void X509_PURPOSE_cleanup(void)
-{
-	int i;
-	sk_X509_PURPOSE_pop_free(xptable, xptable_free);
-	for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i);
-	xptable = NULL;
-}
-
-int X509_PURPOSE_get_id(X509_PURPOSE *xp)
-{
-	return xp->purpose;
-}
-
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
-{
-	return xp->name;
-}
-
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
-{
-	return xp->sname;
-}
-
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
-{
-	return xp->trust;
-}
-
-static int nid_cmp(int *a, int *b)
-	{
-	return *a - *b;
-	}
-
-int X509_supported_extension(X509_EXTENSION *ex)
-	{
-	/* This table is a list of the NIDs of supported extensions:
-	 * that is those which are used by the verify process. If
-	 * an extension is critical and doesn't appear in this list
-	 * then the verify process will normally reject the certificate.
-	 * The list must be kept in numerical order because it will be
-	 * searched using bsearch.
-	 */
-
-	static int supported_nids[] = {
-		NID_netscape_cert_type, /* 71 */
-        	NID_key_usage,		/* 83 */
-		NID_subject_alt_name,	/* 85 */
-		NID_basic_constraints,	/* 87 */
-        	NID_ext_key_usage	/* 126 */
-	};
-
-	int ex_nid;
-
-	ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
-
-	if (ex_nid == NID_undef) 
-		return 0;
-
-	if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
-		sizeof(supported_nids)/sizeof(int), sizeof(int),
-		(int (*)(const void *, const void *))nid_cmp))
-		return 1;
-	return 0;
-	}
- 
-
-static void x509v3_cache_extensions(X509 *x)
-{
-	BASIC_CONSTRAINTS *bs;
-	ASN1_BIT_STRING *usage;
-	ASN1_BIT_STRING *ns;
-	EXTENDED_KEY_USAGE *extusage;
-	X509_EXTENSION *ex;
-	
-	int i;
-	if(x->ex_flags & EXFLAG_SET) return;
-#ifndef OPENSSL_NO_SHA
-	X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
-#endif
-	/* Does subject name match issuer ? */
-	if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)))
-			 x->ex_flags |= EXFLAG_SS;
-	/* V1 should mean no extensions ... */
-	if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1;
-	/* Handle basic constraints */
-	if((bs=X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
-		if(bs->ca) x->ex_flags |= EXFLAG_CA;
-		if(bs->pathlen) {
-			if((bs->pathlen->type == V_ASN1_NEG_INTEGER)
-						|| !bs->ca) {
-				x->ex_flags |= EXFLAG_INVALID;
-				x->ex_pathlen = 0;
-			} else x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
-		} else x->ex_pathlen = -1;
-		BASIC_CONSTRAINTS_free(bs);
-		x->ex_flags |= EXFLAG_BCONS;
-	}
-	/* Handle key usage */
-	if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
-		if(usage->length > 0) {
-			x->ex_kusage = usage->data[0];
-			if(usage->length > 1) 
-				x->ex_kusage |= usage->data[1] << 8;
-		} else x->ex_kusage = 0;
-		x->ex_flags |= EXFLAG_KUSAGE;
-		ASN1_BIT_STRING_free(usage);
-	}
-	x->ex_xkusage = 0;
-	if((extusage=X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
-		x->ex_flags |= EXFLAG_XKUSAGE;
-		for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
-			switch(OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage,i))) {
-				case NID_server_auth:
-				x->ex_xkusage |= XKU_SSL_SERVER;
-				break;
-
-				case NID_client_auth:
-				x->ex_xkusage |= XKU_SSL_CLIENT;
-				break;
-
-				case NID_email_protect:
-				x->ex_xkusage |= XKU_SMIME;
-				break;
-
-				case NID_code_sign:
-				x->ex_xkusage |= XKU_CODE_SIGN;
-				break;
-
-				case NID_ms_sgc:
-				case NID_ns_sgc:
-				x->ex_xkusage |= XKU_SGC;
-				break;
-
-				case NID_OCSP_sign:
-				x->ex_xkusage |= XKU_OCSP_SIGN;
-				break;
-
-				case NID_time_stamp:
-				x->ex_xkusage |= XKU_TIMESTAMP;
-				break;
-
-				case NID_dvcs:
-				x->ex_xkusage |= XKU_DVCS;
-				break;
-			}
-		}
-		sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
-	}
-
-	if((ns=X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
-		if(ns->length > 0) x->ex_nscert = ns->data[0];
-		else x->ex_nscert = 0;
-		x->ex_flags |= EXFLAG_NSCERT;
-		ASN1_BIT_STRING_free(ns);
-	}
-	x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
-	x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
-	for (i = 0; i < X509_get_ext_count(x); i++)
-		{
-		ex = X509_get_ext(x, i);
-		if (!X509_EXTENSION_get_critical(ex))
-			continue;
-		if (!X509_supported_extension(ex))
-			{
-			x->ex_flags |= EXFLAG_CRITICAL;
-			break;
-			}
-		}
-	x->ex_flags |= EXFLAG_SET;
-}
-
-/* CA checks common to all purposes
- * return codes:
- * 0 not a CA
- * 1 is a CA
- * 2 basicConstraints absent so "maybe" a CA
- * 3 basicConstraints absent but self signed V1.
- */
-
-#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
-#define ku_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-#define xku_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
-#define ns_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
-
-static int ca_check(const X509 *x)
-{
-	/* keyUsage if present should allow cert signing */
-	if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0;
-	if(x->ex_flags & EXFLAG_BCONS) {
-		if(x->ex_flags & EXFLAG_CA) return 1;
-		/* If basicConstraints says not a CA then say so */
-		else return 0;
-	} else {
-		if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
-		/* If key usage present it must have certSign so tolerate it */
-		else if (x->ex_flags & EXFLAG_KUSAGE) return 3;
-		else return 2;
-	}
-}
-
-/* Check SSL CA: common checks for SSL client and server */
-static int check_ssl_ca(const X509 *x)
-{
-	int ca_ret;
-	ca_ret = ca_check(x);
-	if(!ca_ret) return 0;
-	/* check nsCertType if present */
-	if(x->ex_flags & EXFLAG_NSCERT) {
-		if(x->ex_nscert & NS_SSL_CA) return ca_ret;
-		return 0;
-	}
-	if(ca_ret != 2) return ca_ret;
-	else return 0;
-}
-
-
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if(xku_reject(x,XKU_SSL_CLIENT)) return 0;
-	if(ca) return check_ssl_ca(x);
-	/* We need to do digital signatures with it */
-	if(ku_reject(x,KU_DIGITAL_SIGNATURE)) return 0;
-	/* nsCertType if present should allow SSL client use */	
-	if(ns_reject(x, NS_SSL_CLIENT)) return 0;
-	return 1;
-}
-
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0;
-	if(ca) return check_ssl_ca(x);
-
-	if(ns_reject(x, NS_SSL_SERVER)) return 0;
-	/* Now as for keyUsage: we'll at least need to sign OR encipher */
-	if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT)) return 0;
-	
-	return 1;
-
-}
-
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-	ret = check_purpose_ssl_server(xp, x, ca);
-	if(!ret || ca) return ret;
-	/* We need to encipher or Netscape complains */
-	if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
-	return ret;
-}
-
-/* common S/MIME checks */
-static int purpose_smime(const X509 *x, int ca)
-{
-	if(xku_reject(x,XKU_SMIME)) return 0;
-	if(ca) {
-		int ca_ret;
-		ca_ret = ca_check(x);
-		if(!ca_ret) return 0;
-		/* check nsCertType if present */
-		if(x->ex_flags & EXFLAG_NSCERT) {
-			if(x->ex_nscert & NS_SMIME_CA) return ca_ret;
-			return 0;
-		}
-		if(ca_ret != 2) return ca_ret;
-		else return 0;
-	}
-	if(x->ex_flags & EXFLAG_NSCERT) {
-		if(x->ex_nscert & NS_SMIME) return 1;
-		/* Workaround for some buggy certificates */
-		if(x->ex_nscert & NS_SSL_CLIENT) return 2;
-		return 0;
-	}
-	return 1;
-}
-
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-	ret = purpose_smime(x, ca);
-	if(!ret || ca) return ret;
-	if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_NON_REPUDIATION)) return 0;
-	return ret;
-}
-
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-	ret = purpose_smime(x, ca);
-	if(!ret || ca) return ret;
-	if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
-	return ret;
-}
-
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if(ca) {
-		int ca_ret;
-		if((ca_ret = ca_check(x)) != 2) return ca_ret;
-		else return 0;
-	}
-	if(ku_reject(x, KU_CRL_SIGN)) return 0;
-	return 1;
-}
-
-/* OCSP helper: this is *not* a full OCSP check. It just checks that
- * each CA is valid. Additional checks must be made on the chain.
- */
-
-static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	/* Must be a valid CA */
-	if(ca) {
-		int ca_ret;
-		ca_ret = ca_check(x);
-		if(ca_ret != 2) return ca_ret;
-		if(x->ex_flags & EXFLAG_NSCERT) {
-			if(x->ex_nscert & NS_ANY_CA) return ca_ret;
-			return 0;
-		}
-		return 0;
-	}
-	/* leaf certificate is checked in OCSP_verify() */
-	return 1;
-}
-
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	return 1;
-}
-
-/* Various checks to see if one certificate issued the second.
- * This can be used to prune a set of possible issuer certificates
- * which have been looked up using some simple method such as by
- * subject name.
- * These are:
- * 1. Check issuer_name(subject) == subject_name(issuer)
- * 2. If akid(subject) exists check it matches issuer
- * 3. If key_usage(issuer) exists check it supports certificate signing
- * returns 0 for OK, positive for reason for mismatch, reasons match
- * codes for X509_verify_cert()
- */
-
-int X509_check_issued(X509 *issuer, X509 *subject)
-{
-	if(X509_NAME_cmp(X509_get_subject_name(issuer),
-			X509_get_issuer_name(subject)))
-				return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
-	x509v3_cache_extensions(issuer);
-	x509v3_cache_extensions(subject);
-	if(subject->akid) {
-		/* Check key ids (if present) */
-		if(subject->akid->keyid && issuer->skid &&
-		 ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) )
-				return X509_V_ERR_AKID_SKID_MISMATCH;
-		/* Check serial number */
-		if(subject->akid->serial &&
-			ASN1_INTEGER_cmp(X509_get_serialNumber(issuer),
-						subject->akid->serial))
-				return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-		/* Check issuer name */
-		if(subject->akid->issuer) {
-			/* Ugh, for some peculiar reason AKID includes
-			 * SEQUENCE OF GeneralName. So look for a DirName.
-			 * There may be more than one but we only take any
-			 * notice of the first.
-			 */
-			GENERAL_NAMES *gens;
-			GENERAL_NAME *gen;
-			X509_NAME *nm = NULL;
-			int i;
-			gens = subject->akid->issuer;
-			for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-				gen = sk_GENERAL_NAME_value(gens, i);
-				if(gen->type == GEN_DIRNAME) {
-					nm = gen->d.dirn;
-					break;
-				}
-			}
-			if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
-				return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-		}
-	}
-	if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
-	return X509_V_OK;
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3_skey.c b/crypto/openssl/crypto/x509v3/v3_skey.c
deleted file mode 100644
index c0f044ac1b98..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_skey.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* v3_skey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_skey_id = { 
-NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
-0,0,0,0,
-(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
-(X509V3_EXT_S2I)s2i_skey_id,
-0,0,0,0,
-NULL};
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-	     ASN1_OCTET_STRING *oct)
-{
-	return hex_to_string(oct->data, oct->length);
-}
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, char *str)
-{
-	ASN1_OCTET_STRING *oct;
-	long length;
-
-	if(!(oct = M_ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if(!(oct->data = string_to_hex(str, &length))) {
-		M_ASN1_OCTET_STRING_free(oct);
-		return NULL;
-	}
-
-	oct->length = length;
-
-	return oct;
-
-}
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, char *str)
-{
-	ASN1_OCTET_STRING *oct;
-	ASN1_BIT_STRING *pk;
-	unsigned char pkey_dig[EVP_MAX_MD_SIZE];
-	unsigned int diglen;
-
-	if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str);
-
-	if(!(oct = M_ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if(ctx && (ctx->flags == CTX_TEST)) return oct;
-
-	if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
-		X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
-		goto err;
-	}
-
-	if(ctx->subject_req) 
-		pk = ctx->subject_req->req_info->pubkey->public_key;
-	else pk = ctx->subject_cert->cert_info->key->public_key;
-
-	if(!pk) {
-		X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
-		goto err;
-	}
-
-	EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL);
-
-	if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
-		X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	return oct;
-	
-	err:
-	M_ASN1_OCTET_STRING_free(oct);
-	return NULL;
-}
diff --git a/crypto/openssl/crypto/x509v3/v3_sxnet.c b/crypto/openssl/crypto/x509v3/v3_sxnet.c
deleted file mode 100644
index d3f4ba3a7243..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_sxnet.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* v3_sxnet.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-/* Support for Thawte strong extranet extension */
-
-#define SXNET_TEST
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
-#ifdef SXNET_TEST
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-						STACK_OF(CONF_VALUE) *nval);
-#endif
-X509V3_EXT_METHOD v3_sxnet = {
-NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
-0,0,0,0,
-0,0,
-0, 
-#ifdef SXNET_TEST
-(X509V3_EXT_V2I)sxnet_v2i,
-#else
-0,
-#endif
-(X509V3_EXT_I2R)sxnet_i2r,
-0,
-NULL
-};
-
-ASN1_SEQUENCE(SXNETID) = {
-	ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
-	ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(SXNETID)
-
-IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
-
-ASN1_SEQUENCE(SXNET) = {
-	ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
-	ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
-} ASN1_SEQUENCE_END(SXNET)
-
-IMPLEMENT_ASN1_FUNCTIONS(SXNET)
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
-	     int indent)
-{
-	long v;
-	char *tmp;
-	SXNETID *id;
-	int i;
-	v = ASN1_INTEGER_get(sx->version);
-	BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
-	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-		id = sk_SXNETID_value(sx->ids, i);
-		tmp = i2s_ASN1_INTEGER(NULL, id->zone);
-		BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
-		OPENSSL_free(tmp);
-		M_ASN1_OCTET_STRING_print(out, id->user);
-	}
-	return 1;
-}
-
-#ifdef SXNET_TEST
-
-/* NBB: this is used for testing only. It should *not* be used for anything
- * else because it will just take static IDs from the configuration file and
- * they should really be separate values for each user.
- */
-
-
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     STACK_OF(CONF_VALUE) *nval)
-{
-	CONF_VALUE *cnf;
-	SXNET *sx = NULL;
-	int i;
-	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
-								 return NULL;
-	}
-	return sx;
-}
-		
-	
-#endif
-
-/* Strong Extranet utility functions */
-
-/* Add an id given the zone as an ASCII number */
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
-	     int userlen)
-{
-	ASN1_INTEGER *izone = NULL;
-	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-		X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
-		return 0;
-	}
-	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-
-/* Add an id given the zone as an unsigned long */
-
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
-	     int userlen)
-{
-	ASN1_INTEGER *izone = NULL;
-	if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
-		M_ASN1_INTEGER_free(izone);
-		return 0;
-	}
-	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-	
-}
-
-/* Add an id given the zone as an ASN1_INTEGER.
- * Note this version uses the passed integer and doesn't make a copy so don't
- * free it up afterwards.
- */
-
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
-	     int userlen)
-{
-	SXNET *sx = NULL;
-	SXNETID *id = NULL;
-	if(!psx || !zone || !user) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
-		return 0;
-	}
-	if(userlen == -1) userlen = strlen(user);
-	if(userlen > 64) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
-		return 0;
-	}
-	if(!*psx) {
-		if(!(sx = SXNET_new())) goto err;
-		if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
-		*psx = sx;
-	} else sx = *psx;
-	if(SXNET_get_id_INTEGER(sx, zone)) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
-		return 0;
-	}
-
-	if(!(id = SXNETID_new())) goto err;
-	if(userlen == -1) userlen = strlen(user);
-		
-	if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
-	if(!sk_SXNETID_push(sx->ids, id)) goto err;
-	id->zone = zone;
-	return 1;
-	
-	err:
-	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
-	SXNETID_free(id);
-	SXNET_free(sx);
-	*psx = NULL;
-	return 0;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
-{
-	ASN1_INTEGER *izone = NULL;
-	ASN1_OCTET_STRING *oct;
-	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-		X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
-		return NULL;
-	}
-	oct = SXNET_get_id_INTEGER(sx, izone);
-	M_ASN1_INTEGER_free(izone);
-	return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
-{
-	ASN1_INTEGER *izone = NULL;
-	ASN1_OCTET_STRING *oct;
-	if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
-		X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
-		M_ASN1_INTEGER_free(izone);
-		return NULL;
-	}
-	oct = SXNET_get_id_INTEGER(sx, izone);
-	M_ASN1_INTEGER_free(izone);
-	return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
-{
-	SXNETID *id;
-	int i;
-	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-		id = sk_SXNETID_value(sx->ids, i);
-		if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
-	}
-	return NULL;
-}
-
-IMPLEMENT_STACK_OF(SXNETID)
-IMPLEMENT_ASN1_SET_OF(SXNETID)
diff --git a/crypto/openssl/crypto/x509v3/v3_utl.c b/crypto/openssl/crypto/x509v3/v3_utl.c
deleted file mode 100644
index 34ac2998defe..000000000000
--- a/crypto/openssl/crypto/x509v3/v3_utl.c
+++ /dev/null
@@ -1,535 +0,0 @@
-/* v3_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static char *strip_spaces(char *name);
-static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
-static void str_free(void *str);
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
-
-/* Add a CONF_VALUE name value pair to stack */
-
-int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist)
-{
-	CONF_VALUE *vtmp = NULL;
-	char *tname = NULL, *tvalue = NULL;
-	if(name && !(tname = BUF_strdup(name))) goto err;
-	if(value && !(tvalue = BUF_strdup(value))) goto err;;
-	if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err;
-	if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
-	vtmp->section = NULL;
-	vtmp->name = tname;
-	vtmp->value = tvalue;
-	if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err;
-	return 1;
-	err:
-	X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE);
-	if(vtmp) OPENSSL_free(vtmp);
-	if(tname) OPENSSL_free(tname);
-	if(tvalue) OPENSSL_free(tvalue);
-	return 0;
-}
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-			   STACK_OF(CONF_VALUE) **extlist)
-    {
-    return X509V3_add_value(name,(const char *)value,extlist);
-    }
-
-/* Free function for STACK_OF(CONF_VALUE) */
-
-void X509V3_conf_free(CONF_VALUE *conf)
-{
-	if(!conf) return;
-	if(conf->name) OPENSSL_free(conf->name);
-	if(conf->value) OPENSSL_free(conf->value);
-	if(conf->section) OPENSSL_free(conf->section);
-	OPENSSL_free(conf);
-}
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist)
-{
-	if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
-	return X509V3_add_value(name, "FALSE", extlist);
-}
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist)
-{
-	if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
-	return 1;
-}
-
-
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
-{
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-	if(!a) return NULL;
-	if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)) )
-		X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
-}
-
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
-{
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-	if(!a) return NULL;
-	if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)) )
-		X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
-}
-
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
-{
-	BIGNUM *bn = NULL;
-	ASN1_INTEGER *aint;
-	int isneg, ishex;
-	int ret;
-	bn = BN_new();
-	if (!value) {
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE);
-		return 0;
-	}
-	if (value[0] == '-') {
-		value++;
-		isneg = 1;
-	} else isneg = 0;
-
-	if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
-		value += 2;
-		ishex = 1;
-	} else ishex = 0;
-
-	if (ishex) ret = BN_hex2bn(&bn, value);
-	else ret = BN_dec2bn(&bn, value);
-
-	if (!ret) {
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR);
-		return 0;
-	}
-
-	if (isneg && BN_is_zero(bn)) isneg = 0;
-
-	aint = BN_to_ASN1_INTEGER(bn, NULL);
-	BN_free(bn);
-	if (!aint) {
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
-		return 0;
-	}
-	if (isneg) aint->type |= V_ASN1_NEG;
-	return aint;
-}
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-	     STACK_OF(CONF_VALUE) **extlist)
-{
-	char *strtmp;
-	int ret;
-	if(!aint) return 1;
-	if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0;
-	ret = X509V3_add_value(name, strtmp, extlist);
-	OPENSSL_free(strtmp);
-	return ret;
-}
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
-{
-	char *btmp;
-	if(!(btmp = value->value)) goto err;
-	if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
-		 || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
-		|| !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
-		*asn1_bool = 0xff;
-		return 1;
-	} else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
-		 || !strcmp(btmp, "N") || !strcmp(btmp, "n")
-		|| !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
-		*asn1_bool = 0;
-		return 1;
-	}
-	err:
-	X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING);
-	X509V3_conf_err(value);
-	return 0;
-}
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
-{
-	ASN1_INTEGER *itmp;
-	if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
-		X509V3_conf_err(value);
-		return 0;
-	}
-	*aint = itmp;
-	return 1;
-}
-
-#define HDR_NAME	1
-#define HDR_VALUE	2
-
-/*#define DEBUG*/
-
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
-{
-	char *p, *q, c;
-	char *ntmp, *vtmp;
-	STACK_OF(CONF_VALUE) *values = NULL;
-	char *linebuf;
-	int state;
-	/* We are going to modify the line so copy it first */
-	linebuf = BUF_strdup(line);
-	state = HDR_NAME;
-	ntmp = NULL;
-	/* Go through all characters */
-	for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-
-		switch(state) {
-			case HDR_NAME:
-			if(c == ':') {
-				state = HDR_VALUE;
-				*p = 0;
-				ntmp = strip_spaces(q);
-				if(!ntmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				q = p + 1;
-			} else if(c == ',') {
-				*p = 0;
-				ntmp = strip_spaces(q);
-				q = p + 1;
-#if 0
-				printf("%s\n", ntmp);
-#endif
-				if(!ntmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				X509V3_add_value(ntmp, NULL, &values);
-			}
-			break ;
-
-			case HDR_VALUE:
-			if(c == ',') {
-				state = HDR_NAME;
-				*p = 0;
-				vtmp = strip_spaces(q);
-#if 0
-				printf("%s\n", ntmp);
-#endif
-				if(!vtmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
-					goto err;
-				}
-				X509V3_add_value(ntmp, vtmp, &values);
-				ntmp = NULL;
-				q = p + 1;
-			}
-
-		}
-	}
-
-	if(state == HDR_VALUE) {
-		vtmp = strip_spaces(q);
-#if 0
-		printf("%s=%s\n", ntmp, vtmp);
-#endif
-		if(!vtmp) {
-			X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
-			goto err;
-		}
-		X509V3_add_value(ntmp, vtmp, &values);
-	} else {
-		ntmp = strip_spaces(q);
-#if 0
-		printf("%s\n", ntmp);
-#endif
-		if(!ntmp) {
-			X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
-			goto err;
-		}
-		X509V3_add_value(ntmp, NULL, &values);
-	}
-OPENSSL_free(linebuf);
-return values;
-
-err:
-OPENSSL_free(linebuf);
-sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-return NULL;
-
-}
-
-/* Delete leading and trailing spaces from a string */
-static char *strip_spaces(char *name)
-{
-	char *p, *q;
-	/* Skip over leading spaces */
-	p = name;
-	while(*p && isspace((unsigned char)*p)) p++;
-	if(!*p) return NULL;
-	q = p + strlen(p) - 1;
-	while((q != p) && isspace((unsigned char)*q)) q--;
-	if(p != q) q[1] = 0;
-	if(!*p) return NULL;
-	return p;
-}
-
-/* hex string utilities */
-
-/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
- * hex representation
- * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
- */
-
-char *hex_to_string(unsigned char *buffer, long len)
-{
-	char *tmp, *q;
-	unsigned char *p;
-	int i;
-	static char hexdig[] = "0123456789ABCDEF";
-	if(!buffer || !len) return NULL;
-	if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
-		X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	q = tmp;
-	for(i = 0, p = buffer; i < len; i++,p++) {
-		*q++ = hexdig[(*p >> 4) & 0xf];
-		*q++ = hexdig[*p & 0xf];
-		*q++ = ':';
-	}
-	q[-1] = 0;
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(tmp, tmp, q - tmp - 1);
-#endif
-
-	return tmp;
-}
-
-/* Give a string of hex digits convert to
- * a buffer
- */
-
-unsigned char *string_to_hex(char *str, long *len)
-{
-	unsigned char *hexbuf, *q;
-	unsigned char ch, cl, *p;
-	if(!str) {
-		X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-	if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err;
-	for(p = (unsigned char *)str, q = hexbuf; *p;) {
-		ch = *p++;
-#ifdef CHARSET_EBCDIC
-		ch = os_toebcdic[ch];
-#endif
-		if(ch == ':') continue;
-		cl = *p++;
-#ifdef CHARSET_EBCDIC
-		cl = os_toebcdic[cl];
-#endif
-		if(!cl) {
-			X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS);
-			OPENSSL_free(hexbuf);
-			return NULL;
-		}
-		if(isupper(ch)) ch = tolower(ch);
-		if(isupper(cl)) cl = tolower(cl);
-
-		if((ch >= '0') && (ch <= '9')) ch -= '0';
-		else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10;
-		else goto badhex;
-
-		if((cl >= '0') && (cl <= '9')) cl -= '0';
-		else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10;
-		else goto badhex;
-
-		*q++ = (ch << 4) | cl;
-	}
-
-	if(len) *len = q - hexbuf;
-
-	return hexbuf;
-
-	err:
-	if(hexbuf) OPENSSL_free(hexbuf);
-	X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE);
-	return NULL;
-
-	badhex:
-	OPENSSL_free(hexbuf);
-	X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT);
-	return NULL;
-
-}
-
-/* V2I name comparison function: returns zero if 'name' matches
- * cmp or cmp.*
- */
-
-int name_cmp(const char *name, const char *cmp)
-{
-	int len, ret;
-	char c;
-	len = strlen(cmp);
-	if((ret = strncmp(name, cmp, len))) return ret;
-	c = name[len];
-	if(!c || (c=='.')) return 0;
-	return 1;
-}
-
-static int sk_strcmp(const char * const *a, const char * const *b)
-{
-	return strcmp(*a, *b);
-}
-
-STACK *X509_get1_email(X509 *x)
-{
-	GENERAL_NAMES *gens;
-	STACK *ret;
-	gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return ret;
-}
-
-STACK *X509_REQ_get1_email(X509_REQ *x)
-{
-	GENERAL_NAMES *gens;
-	STACK_OF(X509_EXTENSION) *exts;
-	STACK *ret;
-	exts = X509_REQ_get_extensions(x);
-	gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_REQ_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-	return ret;
-}
-
-
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
-{
-	STACK *ret = NULL;
-	X509_NAME_ENTRY *ne;
-	ASN1_IA5STRING *email;
-	GENERAL_NAME *gen;
-	int i;
-	/* Now add any email address(es) to STACK */
-	i = -1;
-	/* First supplied X509_NAME */
-	while((i = X509_NAME_get_index_by_NID(name,
-					 NID_pkcs9_emailAddress, i)) >= 0) {
-		ne = X509_NAME_get_entry(name, i);
-		email = X509_NAME_ENTRY_get_data(ne);
-		if(!append_ia5(&ret, email)) return NULL;
-	}
-	for(i = 0; i < sk_GENERAL_NAME_num(gens); i++)
-	{
-		gen = sk_GENERAL_NAME_value(gens, i);
-		if(gen->type != GEN_EMAIL) continue;
-		if(!append_ia5(&ret, gen->d.ia5)) return NULL;
-	}
-	return ret;
-}
-
-static void str_free(void *str)
-{
-	OPENSSL_free(str);
-}
-
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email)
-{
-	char *emtmp;
-	/* First some sanity checks */
-	if(email->type != V_ASN1_IA5STRING) return 1;
-	if(!email->data || !email->length) return 1;
-	if(!*sk) *sk = sk_new(sk_strcmp);
-	if(!*sk) return 0;
-	/* Don't add duplicates */
-	if(sk_find(*sk, (char *)email->data) != -1) return 1;
-	emtmp = BUF_strdup((char *)email->data);
-	if(!emtmp || !sk_push(*sk, emtmp)) {
-		X509_email_free(*sk);
-		*sk = NULL;
-		return 0;
-	}
-	return 1;
-}
-
-void X509_email_free(STACK *sk)
-{
-	sk_pop_free(sk, str_free);
-}
diff --git a/crypto/openssl/crypto/x509v3/v3conf.c b/crypto/openssl/crypto/x509v3/v3conf.c
deleted file mode 100644
index 00cf5b4a5b2e..000000000000
--- a/crypto/openssl/crypto/x509v3/v3conf.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* v3conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* Test application to add extensions from a config file */
-
-int main(int argc, char **argv)
-{
-	LHASH *conf;
-	X509 *cert;
-	FILE *inf;
-	char *conf_file;
-	int i;
-	int count;
-	X509_EXTENSION *ext;
-	X509V3_add_standard_extensions();
-	ERR_load_crypto_strings();
-	if(!argv[1]) {
-		fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
-		exit(1);
-	}
-	conf_file = argv[2];
-	if(!conf_file) conf_file = "test.cnf";
-	conf = CONF_load(NULL, "test.cnf", NULL);
-	if(!conf) {
-		fprintf(stderr, "Error opening Config file %s\n", conf_file);
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-
-	inf = fopen(argv[1], "r");
-	if(!inf) {
-		fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
-		exit(1);
-	}
-	cert = PEM_read_X509(inf, NULL, NULL);
-	if(!cert) {
-		fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
-		exit(1);
-	}
-	fclose(inf);
-
-	sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
-	cert->cert_info->extensions = NULL;
-
-	if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
-		fprintf(stderr, "Error adding extensions\n");
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-
-	count = X509_get_ext_count(cert);
-	printf("%d extensions\n", count);
-	for(i = 0; i < count; i++) {
-		ext = X509_get_ext(cert, i);
-		printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
-		if(ext->critical) printf(",critical:\n");
-		else printf(":\n");
-		X509V3_EXT_print_fp(stdout, ext, 0, 0);
-		printf("\n");
-		
-	}
-	return 0;
-}
-
diff --git a/crypto/openssl/crypto/x509v3/v3err.c b/crypto/openssl/crypto/x509v3/v3err.c
deleted file mode 100644
index 6458e95bb918..000000000000
--- a/crypto/openssl/crypto/x509v3/v3err.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/* crypto/x509v3/v3err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA X509V3_str_functs[]=
-	{
-{ERR_PACK(0,X509V3_F_COPY_EMAIL,0),	"COPY_EMAIL"},
-{ERR_PACK(0,X509V3_F_COPY_ISSUER,0),	"COPY_ISSUER"},
-{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0),	"DO_EXT_CONF"},
-{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0),	"DO_EXT_I2D"},
-{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0),	"hex_to_string"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0),	"i2s_ASN1_ENUMERATED"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0),	"i2s_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0),	"I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0),	"NOTICE_SECTION"},
-{ERR_PACK(0,X509V3_F_NREF_NOS,0),	"NREF_NOS"},
-{ERR_PACK(0,X509V3_F_POLICY_SECTION,0),	"POLICY_SECTION"},
-{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0),	"R2I_CERTPOL"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0),	"S2I_ASN1_IA5STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0),	"s2i_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0),	"s2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0),	"S2I_ASN1_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0),	"S2I_S2I_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0),	"string_to_hex"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0),	"SXNET_ADD_ASC"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0),	"SXNET_add_id_INTEGER"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0),	"SXNET_add_id_ulong"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0),	"SXNET_get_id_asc"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0),	"SXNET_get_id_ulong"},
-{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0),	"V2I_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0),	"V2I_ASN1_BIT_STRING"},
-{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0),	"V2I_AUTHORITY_KEYID"},
-{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0),	"V2I_BASIC_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_V2I_CRLD,0),	"V2I_CRLD"},
-{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0),	"V2I_EXT_KU"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0),	"v2i_GENERAL_NAME"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0),	"v2i_GENERAL_NAMES"},
-{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0),	"V3_GENERIC_EXTENSION"},
-{ERR_PACK(0,X509V3_F_X509V3_ADD_I2D,0),	"X509V3_ADD_I2D"},
-{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0),	"X509V3_add_value"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0),	"X509V3_EXT_add"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0),	"X509V3_EXT_add_alias"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0),	"X509V3_EXT_conf"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0),	"X509V3_EXT_i2d"},
-{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0),	"X509V3_get_value_bool"},
-{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0),	"X509V3_parse_list"},
-{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0),	"X509_PURPOSE_add"},
-{ERR_PACK(0,X509V3_F_X509_PURPOSE_SET,0),	"X509_PURPOSE_set"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA X509V3_str_reasons[]=
-	{
-{X509V3_R_BAD_IP_ADDRESS                 ,"bad ip address"},
-{X509V3_R_BAD_OBJECT                     ,"bad object"},
-{X509V3_R_BN_DEC2BN_ERROR                ,"bn dec2bn error"},
-{X509V3_R_BN_TO_ASN1_INTEGER_ERROR       ,"bn to asn1 integer error"},
-{X509V3_R_DUPLICATE_ZONE_ID              ,"duplicate zone id"},
-{X509V3_R_ERROR_CONVERTING_ZONE          ,"error converting zone"},
-{X509V3_R_ERROR_CREATING_EXTENSION       ,"error creating extension"},
-{X509V3_R_ERROR_IN_EXTENSION             ,"error in extension"},
-{X509V3_R_EXPECTED_A_SECTION_NAME        ,"expected a section name"},
-{X509V3_R_EXTENSION_EXISTS               ,"extension exists"},
-{X509V3_R_EXTENSION_NAME_ERROR           ,"extension name error"},
-{X509V3_R_EXTENSION_NOT_FOUND            ,"extension not found"},
-{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"},
-{X509V3_R_EXTENSION_VALUE_ERROR          ,"extension value error"},
-{X509V3_R_ILLEGAL_HEX_DIGIT              ,"illegal hex digit"},
-{X509V3_R_INVALID_BOOLEAN_STRING         ,"invalid boolean string"},
-{X509V3_R_INVALID_EXTENSION_STRING       ,"invalid extension string"},
-{X509V3_R_INVALID_NAME                   ,"invalid name"},
-{X509V3_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
-{X509V3_R_INVALID_NULL_NAME              ,"invalid null name"},
-{X509V3_R_INVALID_NULL_VALUE             ,"invalid null value"},
-{X509V3_R_INVALID_NUMBER                 ,"invalid number"},
-{X509V3_R_INVALID_NUMBERS                ,"invalid numbers"},
-{X509V3_R_INVALID_OBJECT_IDENTIFIER      ,"invalid object identifier"},
-{X509V3_R_INVALID_OPTION                 ,"invalid option"},
-{X509V3_R_INVALID_POLICY_IDENTIFIER      ,"invalid policy identifier"},
-{X509V3_R_INVALID_PURPOSE                ,"invalid purpose"},
-{X509V3_R_INVALID_SECTION                ,"invalid section"},
-{X509V3_R_INVALID_SYNTAX                 ,"invalid syntax"},
-{X509V3_R_ISSUER_DECODE_ERROR            ,"issuer decode error"},
-{X509V3_R_MISSING_VALUE                  ,"missing value"},
-{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS  ,"need organization and numbers"},
-{X509V3_R_NO_CONFIG_DATABASE             ,"no config database"},
-{X509V3_R_NO_ISSUER_CERTIFICATE          ,"no issuer certificate"},
-{X509V3_R_NO_ISSUER_DETAILS              ,"no issuer details"},
-{X509V3_R_NO_POLICY_IDENTIFIER           ,"no policy identifier"},
-{X509V3_R_NO_PUBLIC_KEY                  ,"no public key"},
-{X509V3_R_NO_SUBJECT_DETAILS             ,"no subject details"},
-{X509V3_R_ODD_NUMBER_OF_DIGITS           ,"odd number of digits"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS   ,"unable to get issuer details"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID     ,"unable to get issuer keyid"},
-{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT    ,"unknown bit string argument"},
-{X509V3_R_UNKNOWN_EXTENSION              ,"unknown extension"},
-{X509V3_R_UNKNOWN_EXTENSION_NAME         ,"unknown extension name"},
-{X509V3_R_UNKNOWN_OPTION                 ,"unknown option"},
-{X509V3_R_UNSUPPORTED_OPTION             ,"unsupported option"},
-{X509V3_R_USER_TOO_LONG                  ,"user too long"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_X509V3_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs);
-		ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/crypto/x509v3/v3prin.c b/crypto/openssl/crypto/x509v3/v3prin.c
deleted file mode 100644
index b529814319b1..000000000000
--- a/crypto/openssl/crypto/x509v3/v3prin.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* v3prin.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int main(int argc, char **argv)
-{
-	X509 *cert;
-	FILE *inf;
-	int i, count;
-	X509_EXTENSION *ext;
-	X509V3_add_standard_extensions();
-	ERR_load_crypto_strings();
-	if(!argv[1]) {
-		fprintf(stderr, "Usage v3prin cert.pem\n");
-		exit(1);
-	}
-	if(!(inf = fopen(argv[1], "r"))) {
-		fprintf(stderr, "Can't open %s\n", argv[1]);
-		exit(1);
-	}
-	if(!(cert = PEM_read_X509(inf, NULL, NULL))) {
-		fprintf(stderr, "Can't read certificate %s\n", argv[1]);
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-	fclose(inf);
-	count = X509_get_ext_count(cert);
-	printf("%d extensions\n", count);
-	for(i = 0; i < count; i++) {
-		ext = X509_get_ext(cert, i);
-		printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
-		if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
-		printf("\n");
-		
-	}
-	return 0;
-}
diff --git a/crypto/openssl/crypto/x509v3/x509v3.h b/crypto/openssl/crypto/x509v3/x509v3.h
deleted file mode 100644
index fb07a19016fd..000000000000
--- a/crypto/openssl/crypto/x509v3/x509v3.h
+++ /dev/null
@@ -1,656 +0,0 @@
-/* x509v3.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_X509V3_H
-#define HEADER_X509V3_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Forward reference */
-struct v3_ext_method;
-struct v3_ext_ctx;
-
-/* Useful typedefs */
-
-typedef void * (*X509V3_EXT_NEW)(void);
-typedef void (*X509V3_EXT_FREE)(void *);
-typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
-typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
-typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
-typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
-typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-/* V3 extension structure */
-
-struct v3_ext_method {
-int ext_nid;
-int ext_flags;
-/* If this is set the following four fields are ignored */
-ASN1_ITEM_EXP *it;
-/* Old style ASN1 calls */
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-
-/* The following pair is used for string extensions */
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-
-/* The following pair is used for multi-valued extensions */
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-
-/* The following are used for raw extensions */
-X509V3_EXT_I2R i2r;
-X509V3_EXT_R2I r2i;
-
-void *usr_data;	/* Any extension specific data */
-};
-
-typedef struct X509V3_CONF_METHOD_st {
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-/* Context specific info */
-struct v3_ext_ctx {
-#define CTX_TEST 0x1
-int flags;
-X509 *issuer_cert;
-X509 *subject_cert;
-X509_REQ *subject_req;
-X509_CRL *crl;
-X509V3_CONF_METHOD *db_meth;
-void *db;
-/* Maybe more here */
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-typedef struct v3_ext_ctx X509V3_CTX;
-
-DECLARE_STACK_OF(X509V3_EXT_METHOD)
-
-/* ext_flags values */
-#define X509V3_EXT_DYNAMIC	0x1
-#define X509V3_EXT_CTX_DEP	0x2
-#define X509V3_EXT_MULTILINE	0x4
-
-typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-
-typedef struct BASIC_CONSTRAINTS_st {
-int ca;
-ASN1_INTEGER *pathlen;
-} BASIC_CONSTRAINTS;
-
-
-typedef struct PKEY_USAGE_PERIOD_st {
-ASN1_GENERALIZEDTIME *notBefore;
-ASN1_GENERALIZEDTIME *notAfter;
-} PKEY_USAGE_PERIOD;
-
-typedef struct otherName_st {
-ASN1_OBJECT *type_id;
-ASN1_TYPE *value;
-} OTHERNAME;
-
-typedef struct EDIPartyName_st {
-	ASN1_STRING *nameAssigner;
-	ASN1_STRING *partyName;
-} EDIPARTYNAME;
-
-typedef struct GENERAL_NAME_st {
-
-#define GEN_OTHERNAME	0
-#define GEN_EMAIL	1
-#define GEN_DNS		2
-#define GEN_X400	3
-#define GEN_DIRNAME	4
-#define GEN_EDIPARTY	5
-#define GEN_URI		6
-#define GEN_IPADD	7
-#define GEN_RID		8
-
-int type;
-union {
-	char *ptr;
-	OTHERNAME *otherName; /* otherName */
-	ASN1_IA5STRING *rfc822Name;
-	ASN1_IA5STRING *dNSName;
-	ASN1_TYPE *x400Address;
-	X509_NAME *directoryName;
-	EDIPARTYNAME *ediPartyName;
-	ASN1_IA5STRING *uniformResourceIdentifier;
-	ASN1_OCTET_STRING *iPAddress;
-	ASN1_OBJECT *registeredID;
-
-	/* Old names */
-	ASN1_OCTET_STRING *ip; /* iPAddress */
-	X509_NAME *dirn;		/* dirn */
-	ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
-	ASN1_OBJECT *rid; /* registeredID */
-	ASN1_TYPE *other; /* x400Address */
-} d;
-} GENERAL_NAME;
-
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-
-typedef struct ACCESS_DESCRIPTION_st {
-	ASN1_OBJECT *method;
-	GENERAL_NAME *location;
-} ACCESS_DESCRIPTION;
-
-typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
-
-typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
-
-DECLARE_STACK_OF(GENERAL_NAME)
-DECLARE_ASN1_SET_OF(GENERAL_NAME)
-
-DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-typedef struct DIST_POINT_NAME_st {
-int type;
-union {
-	GENERAL_NAMES *fullname;
-	STACK_OF(X509_NAME_ENTRY) *relativename;
-} name;
-} DIST_POINT_NAME;
-
-typedef struct DIST_POINT_st {
-DIST_POINT_NAME	*distpoint;
-ASN1_BIT_STRING *reasons;
-GENERAL_NAMES *CRLissuer;
-} DIST_POINT;
-
-typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_ASN1_SET_OF(DIST_POINT)
-
-typedef struct AUTHORITY_KEYID_st {
-ASN1_OCTET_STRING *keyid;
-GENERAL_NAMES *issuer;
-ASN1_INTEGER *serial;
-} AUTHORITY_KEYID;
-
-/* Strong extranet structures */
-
-typedef struct SXNET_ID_st {
-	ASN1_INTEGER *zone;
-	ASN1_OCTET_STRING *user;
-} SXNETID;
-
-DECLARE_STACK_OF(SXNETID)
-DECLARE_ASN1_SET_OF(SXNETID)
-
-typedef struct SXNET_st {
-	ASN1_INTEGER *version;
-	STACK_OF(SXNETID) *ids;
-} SXNET;
-
-typedef struct NOTICEREF_st {
-	ASN1_STRING *organization;
-	STACK_OF(ASN1_INTEGER) *noticenos;
-} NOTICEREF;
-
-typedef struct USERNOTICE_st {
-	NOTICEREF *noticeref;
-	ASN1_STRING *exptext;
-} USERNOTICE;
-
-typedef struct POLICYQUALINFO_st {
-	ASN1_OBJECT *pqualid;
-	union {
-		ASN1_IA5STRING *cpsuri;
-		USERNOTICE *usernotice;
-		ASN1_TYPE *other;
-	} d;
-} POLICYQUALINFO;
-
-DECLARE_STACK_OF(POLICYQUALINFO)
-DECLARE_ASN1_SET_OF(POLICYQUALINFO)
-
-typedef struct POLICYINFO_st {
-	ASN1_OBJECT *policyid;
-	STACK_OF(POLICYQUALINFO) *qualifiers;
-} POLICYINFO;
-
-typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
-
-DECLARE_STACK_OF(POLICYINFO)
-DECLARE_ASN1_SET_OF(POLICYINFO)
-
-#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
-",name:", val->name, ",value:", val->value);
-
-#define X509V3_set_ctx_test(ctx) \
-			X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
-			0,0,0,0, \
-			0,0, \
-			(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
-			(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
-			NULL, NULL, \
-			table}
-
-#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
-			0,0,0,0, \
-			(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
-			(X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
-			0,0,0,0, \
-			NULL}
-
-#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
-
-
-/* X509_PURPOSE stuff */
-
-#define EXFLAG_BCONS		0x1
-#define EXFLAG_KUSAGE		0x2
-#define EXFLAG_XKUSAGE		0x4
-#define EXFLAG_NSCERT		0x8
-
-#define EXFLAG_CA		0x10
-#define EXFLAG_SS		0x20
-#define EXFLAG_V1		0x40
-#define EXFLAG_INVALID		0x80
-#define EXFLAG_SET		0x100
-#define EXFLAG_CRITICAL		0x200
-
-#define KU_DIGITAL_SIGNATURE	0x0080
-#define KU_NON_REPUDIATION	0x0040
-#define KU_KEY_ENCIPHERMENT	0x0020
-#define KU_DATA_ENCIPHERMENT	0x0010
-#define KU_KEY_AGREEMENT	0x0008
-#define KU_KEY_CERT_SIGN	0x0004
-#define KU_CRL_SIGN		0x0002
-#define KU_ENCIPHER_ONLY	0x0001
-#define KU_DECIPHER_ONLY	0x8000
-
-#define NS_SSL_CLIENT		0x80
-#define NS_SSL_SERVER		0x40
-#define NS_SMIME		0x20
-#define NS_OBJSIGN		0x10
-#define NS_SSL_CA		0x04
-#define NS_SMIME_CA		0x02
-#define NS_OBJSIGN_CA		0x01
-#define NS_ANY_CA		(NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
-
-#define XKU_SSL_SERVER		0x1	
-#define XKU_SSL_CLIENT		0x2
-#define XKU_SMIME		0x4
-#define XKU_CODE_SIGN		0x8
-#define XKU_SGC			0x10
-#define XKU_OCSP_SIGN		0x20
-#define XKU_TIMESTAMP		0x40
-#define XKU_DVCS		0x80
-
-#define X509_PURPOSE_DYNAMIC	0x1
-#define X509_PURPOSE_DYNAMIC_NAME	0x2
-
-typedef struct x509_purpose_st {
-	int purpose;
-	int trust;		/* Default trust ID */
-	int flags;
-	int (*check_purpose)(const struct x509_purpose_st *,
-				const X509 *, int);
-	char *name;
-	char *sname;
-	void *usr_data;
-} X509_PURPOSE;
-
-#define X509_PURPOSE_SSL_CLIENT		1
-#define X509_PURPOSE_SSL_SERVER		2
-#define X509_PURPOSE_NS_SSL_SERVER	3
-#define X509_PURPOSE_SMIME_SIGN		4
-#define X509_PURPOSE_SMIME_ENCRYPT	5
-#define X509_PURPOSE_CRL_SIGN		6
-#define X509_PURPOSE_ANY		7
-#define X509_PURPOSE_OCSP_HELPER	8
-
-#define X509_PURPOSE_MIN		1
-#define X509_PURPOSE_MAX		8
-
-/* Flags for X509V3_EXT_print() */
-
-#define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT		0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN	(1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN	(2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN		(3L << 16)
-
-/* Flags for X509V3_add1_i2d */
-
-#define X509V3_ADD_OP_MASK		0xfL
-#define X509V3_ADD_DEFAULT		0L
-#define X509V3_ADD_APPEND		1L
-#define X509V3_ADD_REPLACE		2L
-#define X509V3_ADD_REPLACE_EXISTING	3L
-#define X509V3_ADD_KEEP_EXISTING	4L
-#define X509V3_ADD_DELETE		5L
-#define X509V3_ADD_SILENT		0x10
-
-DECLARE_STACK_OF(X509_PURPOSE)
-
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-DECLARE_ASN1_FUNCTIONS(SXNET)
-DECLARE_ASN1_FUNCTIONS(SXNETID)
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); 
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
-
-DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-		GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a);
-
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
-
-DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
-
-DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-#ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
-void X509V3_conf_free(CONF_VALUE *val);
-
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value);
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk);
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert);
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
-
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
-#endif
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-				 X509_REQ *req, X509_CRL *crl, int flags);
-
-int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-						STACK_OF(CONF_VALUE) **extlist);
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-void X509V3_EXT_cleanup(void);
-
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
-int X509V3_add_standard_extensions(void);
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
-
-char *hex_to_string(unsigned char *buffer, long len);
-unsigned char *string_to_hex(char *str, long *len);
-int name_cmp(const char *name, const char *cmp);
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
-								 int ml);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
-
-int X509_check_purpose(X509 *x, int id, int ca);
-int X509_supported_extension(X509_EXTENSION *ex);
-int X509_PURPOSE_set(int *p, int purpose);
-int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_PURPOSE_get_count(void);
-X509_PURPOSE * X509_PURPOSE_get0(int idx);
-int X509_PURPOSE_get_by_sname(char *sname);
-int X509_PURPOSE_get_by_id(int id);
-int X509_PURPOSE_add(int id, int trust, int flags,
-			int (*ck)(const X509_PURPOSE *, const X509 *, int),
-				char *name, char *sname, void *arg);
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
-void X509_PURPOSE_cleanup(void);
-int X509_PURPOSE_get_id(X509_PURPOSE *);
-
-STACK *X509_get1_email(X509 *x);
-STACK *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK *sk);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509V3_strings(void);
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-#define X509V3_F_COPY_EMAIL				 122
-#define X509V3_F_COPY_ISSUER				 123
-#define X509V3_F_DO_EXT_CONF				 124
-#define X509V3_F_DO_EXT_I2D				 135
-#define X509V3_F_HEX_TO_STRING				 111
-#define X509V3_F_I2S_ASN1_ENUMERATED			 121
-#define X509V3_F_I2S_ASN1_INTEGER			 120
-#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS		 138
-#define X509V3_F_NOTICE_SECTION				 132
-#define X509V3_F_NREF_NOS				 133
-#define X509V3_F_POLICY_SECTION				 131
-#define X509V3_F_R2I_CERTPOL				 130
-#define X509V3_F_S2I_ASN1_IA5STRING			 100
-#define X509V3_F_S2I_ASN1_INTEGER			 108
-#define X509V3_F_S2I_ASN1_OCTET_STRING			 112
-#define X509V3_F_S2I_ASN1_SKEY_ID			 114
-#define X509V3_F_S2I_S2I_SKEY_ID			 115
-#define X509V3_F_STRING_TO_HEX				 113
-#define X509V3_F_SXNET_ADD_ASC				 125
-#define X509V3_F_SXNET_ADD_ID_INTEGER			 126
-#define X509V3_F_SXNET_ADD_ID_ULONG			 127
-#define X509V3_F_SXNET_GET_ID_ASC			 128
-#define X509V3_F_SXNET_GET_ID_ULONG			 129
-#define X509V3_F_V2I_ACCESS_DESCRIPTION			 139
-#define X509V3_F_V2I_ASN1_BIT_STRING			 101
-#define X509V3_F_V2I_AUTHORITY_KEYID			 119
-#define X509V3_F_V2I_BASIC_CONSTRAINTS			 102
-#define X509V3_F_V2I_CRLD				 134
-#define X509V3_F_V2I_EXT_KU				 103
-#define X509V3_F_V2I_GENERAL_NAME			 117
-#define X509V3_F_V2I_GENERAL_NAMES			 118
-#define X509V3_F_V3_GENERIC_EXTENSION			 116
-#define X509V3_F_X509V3_ADD_I2D				 140
-#define X509V3_F_X509V3_ADD_VALUE			 105
-#define X509V3_F_X509V3_EXT_ADD				 104
-#define X509V3_F_X509V3_EXT_ADD_ALIAS			 106
-#define X509V3_F_X509V3_EXT_CONF			 107
-#define X509V3_F_X509V3_EXT_I2D				 136
-#define X509V3_F_X509V3_GET_VALUE_BOOL			 110
-#define X509V3_F_X509V3_PARSE_LIST			 109
-#define X509V3_F_X509_PURPOSE_ADD			 137
-#define X509V3_F_X509_PURPOSE_SET			 141
-
-/* Reason codes. */
-#define X509V3_R_BAD_IP_ADDRESS				 118
-#define X509V3_R_BAD_OBJECT				 119
-#define X509V3_R_BN_DEC2BN_ERROR			 100
-#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR		 101
-#define X509V3_R_DUPLICATE_ZONE_ID			 133
-#define X509V3_R_ERROR_CONVERTING_ZONE			 131
-#define X509V3_R_ERROR_CREATING_EXTENSION		 144
-#define X509V3_R_ERROR_IN_EXTENSION			 128
-#define X509V3_R_EXPECTED_A_SECTION_NAME		 137
-#define X509V3_R_EXTENSION_EXISTS			 145
-#define X509V3_R_EXTENSION_NAME_ERROR			 115
-#define X509V3_R_EXTENSION_NOT_FOUND			 102
-#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED	 103
-#define X509V3_R_EXTENSION_VALUE_ERROR			 116
-#define X509V3_R_ILLEGAL_HEX_DIGIT			 113
-#define X509V3_R_INVALID_BOOLEAN_STRING			 104
-#define X509V3_R_INVALID_EXTENSION_STRING		 105
-#define X509V3_R_INVALID_NAME				 106
-#define X509V3_R_INVALID_NULL_ARGUMENT			 107
-#define X509V3_R_INVALID_NULL_NAME			 108
-#define X509V3_R_INVALID_NULL_VALUE			 109
-#define X509V3_R_INVALID_NUMBER				 140
-#define X509V3_R_INVALID_NUMBERS			 141
-#define X509V3_R_INVALID_OBJECT_IDENTIFIER		 110
-#define X509V3_R_INVALID_OPTION				 138
-#define X509V3_R_INVALID_POLICY_IDENTIFIER		 134
-#define X509V3_R_INVALID_PURPOSE			 146
-#define X509V3_R_INVALID_SECTION			 135
-#define X509V3_R_INVALID_SYNTAX				 143
-#define X509V3_R_ISSUER_DECODE_ERROR			 126
-#define X509V3_R_MISSING_VALUE				 124
-#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS		 142
-#define X509V3_R_NO_CONFIG_DATABASE			 136
-#define X509V3_R_NO_ISSUER_CERTIFICATE			 121
-#define X509V3_R_NO_ISSUER_DETAILS			 127
-#define X509V3_R_NO_POLICY_IDENTIFIER			 139
-#define X509V3_R_NO_PUBLIC_KEY				 114
-#define X509V3_R_NO_SUBJECT_DETAILS			 125
-#define X509V3_R_ODD_NUMBER_OF_DIGITS			 112
-#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS		 122
-#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID		 123
-#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT		 111
-#define X509V3_R_UNKNOWN_EXTENSION			 129
-#define X509V3_R_UNKNOWN_EXTENSION_NAME			 130
-#define X509V3_R_UNKNOWN_OPTION				 120
-#define X509V3_R_UNSUPPORTED_OPTION			 117
-#define X509V3_R_USER_TOO_LONG				 132
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/demos/README b/crypto/openssl/demos/README
deleted file mode 100644
index d2155ef97341..000000000000
--- a/crypto/openssl/demos/README
+++ /dev/null
@@ -1,9 +0,0 @@
-NOTE: Don't expect any of these programs to work with current
-OpenSSL releases, or even with later SSLeay releases.
-
-Original README:
-=============================================================================
-
-Some demo programs sent to me by various people
-
-eric
diff --git a/crypto/openssl/demos/asn1/README.ASN1 b/crypto/openssl/demos/asn1/README.ASN1
deleted file mode 100644
index ac497be184a9..000000000000
--- a/crypto/openssl/demos/asn1/README.ASN1
+++ /dev/null
@@ -1,7 +0,0 @@
-This is a demo of the new ASN1 code. Its an OCSP ASN1 module. Doesn't
-do much yet other than demonstrate what the new ASN1 modules might look
-like.
-
-It wont even compile yet: the new code isn't in place.
-
-
diff --git a/crypto/openssl/demos/asn1/ocsp.c b/crypto/openssl/demos/asn1/ocsp.c
deleted file mode 100644
index 0199fe100405..000000000000
--- a/crypto/openssl/demos/asn1/ocsp.c
+++ /dev/null
@@ -1,366 +0,0 @@
-/* ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-
-
-
-/* Example of new ASN1 code, OCSP request
-
-	OCSPRequest     ::=     SEQUENCE {
-	    tbsRequest                  TBSRequest,
-	    optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
-
-	TBSRequest      ::=     SEQUENCE {
-	    version             [0] EXPLICIT Version DEFAULT v1,
-	    requestorName       [1] EXPLICIT GeneralName OPTIONAL,
-	    requestList             SEQUENCE OF Request,
-	    requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
-
-	Signature       ::=     SEQUENCE {
-	    signatureAlgorithm   AlgorithmIdentifier,
-	    signature            BIT STRING,
-	    certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
-
-	Version  ::=  INTEGER  {  v1(0) }
-
-	Request ::=     SEQUENCE {
-	    reqCert                    CertID,
-	    singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
-
-	CertID ::= SEQUENCE {
-	    hashAlgorithm            AlgorithmIdentifier,
-	    issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
-	    issuerKeyHash      OCTET STRING, -- Hash of Issuers public key
-	    serialNumber       CertificateSerialNumber }
-
-	OCSPResponse ::= SEQUENCE {
-	   responseStatus         OCSPResponseStatus,
-	   responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
-
-	OCSPResponseStatus ::= ENUMERATED {
-	    successful            (0),      --Response has valid confirmations
-	    malformedRequest      (1),      --Illegal confirmation request
-	    internalError         (2),      --Internal error in issuer
-	    tryLater              (3),      --Try again later
-					    --(4) is not used
-	    sigRequired           (5),      --Must sign the request
-	    unauthorized          (6)       --Request unauthorized
-	}
-
-	ResponseBytes ::=       SEQUENCE {
-	    responseType   OBJECT IDENTIFIER,
-	    response       OCTET STRING }
-
-	BasicOCSPResponse       ::= SEQUENCE {
-	   tbsResponseData      ResponseData,
-	   signatureAlgorithm   AlgorithmIdentifier,
-	   signature            BIT STRING,
-	   certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
-
-	ResponseData ::= SEQUENCE {
-	   version              [0] EXPLICIT Version DEFAULT v1,
-	   responderID              ResponderID,
-	   producedAt               GeneralizedTime,
-	   responses                SEQUENCE OF SingleResponse,
-	   responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
-
-	ResponderID ::= CHOICE {
-	   byName   [1] Name,    --EXPLICIT
-	   byKey    [2] KeyHash }
-
-	KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
-				 --(excluding the tag and length fields)
-
-	SingleResponse ::= SEQUENCE {
-	   certID                       CertID,
-	   certStatus                   CertStatus,
-	   thisUpdate                   GeneralizedTime,
-	   nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
-	   singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
-
-	CertStatus ::= CHOICE {
-	    good                [0]     IMPLICIT NULL,
-	    revoked             [1]     IMPLICIT RevokedInfo,
-	    unknown             [2]     IMPLICIT UnknownInfo }
-
-	RevokedInfo ::= SEQUENCE {
-	    revocationTime              GeneralizedTime,
-	    revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
-
-	UnknownInfo ::= NULL -- this can be replaced with an enumeration
-
-	ArchiveCutoff ::= GeneralizedTime
-
-	AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER
-
-	ServiceLocator ::= SEQUENCE {
-	    issuer    Name,
-	    locator   AuthorityInfoAccessSyntax }
-
-	-- Object Identifiers
-
-	id-kp-OCSPSigning            OBJECT IDENTIFIER ::= { id-kp 9 }
-	id-pkix-ocsp                 OBJECT IDENTIFIER ::= { id-ad-ocsp }
-	id-pkix-ocsp-basic           OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 }
-	id-pkix-ocsp-nonce           OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
-	id-pkix-ocsp-crl             OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 }
-	id-pkix-ocsp-response        OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 }
-	id-pkix-ocsp-nocheck         OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
-	id-pkix-ocsp-archive-cutoff  OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 }
-	id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 }
-
-*/
-
-/* Request Structures */
-
-DECLARE_STACK_OF(Request)
-
-typedef struct {
-	ASN1_INTEGER *version;
-	GENERAL_NAME *requestorName;
-	STACK_OF(Request) *requestList;
-	STACK_OF(X509_EXTENSION) *requestExtensions;
-} TBSRequest;
-
-typedef struct {
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_BIT_STRING *signature;
-	STACK_OF(X509) *certs;
-} Signature;
-
-typedef struct {
-	TBSRequest *tbsRequest;
-	Signature *optionalSignature;
-} OCSPRequest;
-
-typedef struct {
-	X509_ALGOR *hashAlgorithm;
-	ASN1_OCTET_STRING *issuerNameHash;
-	ASN1_OCTET_STRING *issuerKeyHash;
-	ASN1_INTEGER *certificateSerialNumber;
-} CertID;
-
-typedef struct {
-	CertID *reqCert;
-	STACK_OF(X509_EXTENSION) *singleRequestExtensions;
-} Request;
-
-/* Response structures */
-
-typedef struct {
-	ASN1_OBJECT *responseType;
-	ASN1_OCTET_STRING *response;
-} ResponseBytes;
-
-typedef struct {
-	ASN1_ENUMERATED *responseStatus;
-	ResponseBytes *responseBytes;
-} OCSPResponse;
-
-typedef struct {
-	int type;
-	union {
-	   X509_NAME *byName;
-	   ASN1_OCTET_STRING *byKey;
-	}d;
-} ResponderID;
-
-typedef struct {
-	   ASN1_INTEGER *version;
-	   ResponderID *responderID;
-	   ASN1_GENERALIZEDTIME *producedAt;
-	   STACK_OF(SingleResponse) *responses;
-	   STACK_OF(X509_EXTENSION) *responseExtensions;
-} ResponseData;
-
-typedef struct {
-	   ResponseData *tbsResponseData;
-	   X509_ALGOR *signatureAlgorithm;
-	   ASN1_BIT_STRING *signature;
-	   STACK_OF(X509) *certs;
-} BasicOCSPResponse;
-
-typedef struct {
-	ASN1_GENERALIZEDTIME *revocationTime;
-	ASN1_ENUMERATED * revocationReason;
-} RevokedInfo;
-
-typedef struct {
-	int type;
-	union {
-	    ASN1_NULL *good;
-	    RevokedInfo *revoked;
-	    ASN1_NULL *unknown;
-	} d;
-} CertStatus;
-
-typedef struct {
-	   CertID *certID;
-	   CertStatus *certStatus;
-	   ASN1_GENERALIZEDTIME *thisUpdate;
-	   ASN1_GENERALIZEDTIME *nextUpdate;
-	   STACK_OF(X509_EXTENSION) *singleExtensions;
-} SingleResponse;
-
-
-typedef struct {
-    X509_NAME *issuer;
-    STACK_OF(ACCESS_DESCRIPTION) *locator;
-} ServiceLocator;
-
-
-/* Now the ASN1 templates */
-
-IMPLEMENT_COMPAT_ASN1(X509);
-IMPLEMENT_COMPAT_ASN1(X509_ALGOR);
-//IMPLEMENT_COMPAT_ASN1(X509_EXTENSION);
-IMPLEMENT_COMPAT_ASN1(GENERAL_NAME);
-IMPLEMENT_COMPAT_ASN1(X509_NAME);
-
-ASN1_SEQUENCE(X509_EXTENSION) = {
-	ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
-	ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
-	ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(X509_EXTENSION);
-	
-
-ASN1_SEQUENCE(Signature) = {
-	ASN1_SIMPLE(Signature, signatureAlgorithm, X509_ALGOR),
-	ASN1_SIMPLE(Signature, signature, ASN1_BIT_STRING),
-	ASN1_SEQUENCE_OF(Signature, certs, X509)
-} ASN1_SEQUENCE_END(Signature);
-
-ASN1_SEQUENCE(CertID) = {
-	ASN1_SIMPLE(CertID, hashAlgorithm, X509_ALGOR),
-	ASN1_SIMPLE(CertID, issuerNameHash, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(CertID, issuerKeyHash, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(CertID, certificateSerialNumber, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(CertID);
-
-ASN1_SEQUENCE(Request) = {
-	ASN1_SIMPLE(Request, reqCert, CertID),
-	ASN1_EXP_SEQUENCE_OF_OPT(Request, singleRequestExtensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END(Request);
-
-ASN1_SEQUENCE(TBSRequest) = {
-	ASN1_EXP_OPT(TBSRequest, version, ASN1_INTEGER, 0),
-	ASN1_EXP_OPT(TBSRequest, requestorName, GENERAL_NAME, 1),
-	ASN1_SEQUENCE_OF(TBSRequest, requestList, Request),
-	ASN1_EXP_SEQUENCE_OF_OPT(TBSRequest, requestExtensions, X509_EXTENSION, 2)
-} ASN1_SEQUENCE_END(TBSRequest);
-
-ASN1_SEQUENCE(OCSPRequest) = {
-	ASN1_SIMPLE(OCSPRequest, tbsRequest, TBSRequest),
-	ASN1_EXP_OPT(OCSPRequest, optionalSignature, Signature, 0)
-} ASN1_SEQUENCE_END(OCSPRequest);
-
-
-/* Response templates */
-
-ASN1_SEQUENCE(ResponseBytes) = {
-	    ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT),
-	    ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(ResponseBytes);
-
-ASN1_SEQUENCE(OCSPResponse) = {
-	ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED),
-	ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0)
-} ASN1_SEQUENCE_END(OCSPResponse);
-
-ASN1_CHOICE(ResponderID) = {
-	   ASN1_EXP(ResponderID, d.byName, X509_NAME, 1),
-	   ASN1_IMP(ResponderID, d.byKey, ASN1_OCTET_STRING, 2)
-} ASN1_CHOICE_END(ResponderID);
-
-ASN1_SEQUENCE(RevokedInfo) = {
-	ASN1_SIMPLE(RevokedInfo, revocationTime, ASN1_GENERALIZEDTIME),
-  	ASN1_EXP_OPT(RevokedInfo, revocationReason, ASN1_ENUMERATED, 0)
-} ASN1_SEQUENCE_END(RevokedInfo);
-
-ASN1_CHOICE(CertStatus) = {
-	ASN1_IMP(CertStatus, d.good, ASN1_NULL, 0),
-	ASN1_IMP(CertStatus, d.revoked, RevokedInfo, 1),
-	ASN1_IMP(CertStatus, d.unknown, ASN1_NULL, 2)
-} ASN1_CHOICE_END(CertStatus);
-
-ASN1_SEQUENCE(SingleResponse) = {
-	   ASN1_SIMPLE(SingleResponse, certID, CertID),
-	   ASN1_SIMPLE(SingleResponse, certStatus, CertStatus),
-	   ASN1_SIMPLE(SingleResponse, thisUpdate, ASN1_GENERALIZEDTIME),
-	   ASN1_EXP_OPT(SingleResponse, nextUpdate, ASN1_GENERALIZEDTIME, 0),
-	   ASN1_EXP_SEQUENCE_OF_OPT(SingleResponse, singleExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(SingleResponse);
-
-ASN1_SEQUENCE(ResponseData) = {
-	   ASN1_EXP_OPT(ResponseData, version, ASN1_INTEGER, 0),
-	   ASN1_SIMPLE(ResponseData, responderID, ResponderID),
-	   ASN1_SIMPLE(ResponseData, producedAt, ASN1_GENERALIZEDTIME),
-	   ASN1_SEQUENCE_OF(ResponseData, responses, SingleResponse),
-	   ASN1_EXP_SEQUENCE_OF_OPT(ResponseData, responseExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(ResponseData);
-
-ASN1_SEQUENCE(BasicOCSPResponse) = {
-	   ASN1_SIMPLE(BasicOCSPResponse, tbsResponseData, ResponseData),
-	   ASN1_SIMPLE(BasicOCSPResponse, signatureAlgorithm, X509_ALGOR),
-	   ASN1_SIMPLE(BasicOCSPResponse, signature, ASN1_BIT_STRING),
-	   ASN1_EXP_SEQUENCE_OF_OPT(BasicOCSPResponse, certs, X509, 0)
-} ASN1_SEQUENCE_END(BasicOCSPResponse);
-
diff --git a/crypto/openssl/demos/b64.c b/crypto/openssl/demos/b64.c
deleted file mode 100644
index efdd44457da6..000000000000
--- a/crypto/openssl/demos/b64.c
+++ /dev/null
@@ -1,268 +0,0 @@
-/* demos/b64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "../apps/apps.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#undef SIZE
-#undef BSIZE
-#undef PROG
-
-#define SIZE	(512)
-#define BSIZE	(8*1024)
-#define	PROG	enc_main
-
-int main(argc,argv)
-int argc;
-char **argv;
-	{
-	char *strbuf=NULL;
-	unsigned char *buff=NULL,*bufsize=NULL;
-	int bsize=BSIZE,verbose=0;
-	int ret=1,inl;
-	char *str=NULL;
-	char *hkey=NULL,*hiv=NULL;
-	int enc=1,printkey=0,i,base64=0;
-	int debug=0;
-	EVP_CIPHER *cipher=NULL,*c;
-	char *inf=NULL,*outf=NULL;
-	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
-#define PROG_NAME_SIZE  39
-
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
-
-	base64=1;
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-e") == 0)
-			enc=1;
-		if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inf= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outf= *(++argv);
-			}
-		else if	(strcmp(*argv,"-d") == 0)
-			enc=0;
-		else if	(strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			debug=1;
-		else if (strcmp(*argv,"-bufsize") == 0)
-			{
-			if (--argc < 1) goto bad;
-			bufsize=(unsigned char *)*(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-bad:
-			BIO_printf(bio_err,"options are\n");
-			BIO_printf(bio_err,"%-14s input file\n","-in <file>");
-			BIO_printf(bio_err,"%-14s output file\n","-out <file>");
-			BIO_printf(bio_err,"%-14s encode\n","-e");
-			BIO_printf(bio_err,"%-14s decode\n","-d");
-			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
-
-			goto end;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (bufsize != NULL)
-		{
-		int i;
-		unsigned long n;
-
-		for (n=0; *bufsize; bufsize++)
-			{
-			i= *bufsize;
-			if ((i <= '9') && (i >= '0'))
-				n=n*10+i-'0';
-			else if (i == 'k')
-				{
-				n*=1024;
-				bufsize++;
-				break;
-				}
-			}
-		if (*bufsize != '\0')
-			{
-			BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
-			goto end;
-			}
-
-		/* It must be large enough for a base64 encoded line */
-		if (n < 80) n=80;
-
-		bsize=(int)n;
-		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
-		}
-
-	strbuf=OPENSSL_malloc(SIZE);
-	buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
-	if ((buff == NULL) || (strbuf == NULL))
-		{
-		BIO_printf(bio_err,"OPENSSL_malloc failure\n");
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,bio_err);
-		BIO_set_callback_arg(out,bio_err);
-		}
-
-	if (inf == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,inf) <= 0)
-			{
-			perror(inf);
-			goto end;
-			}
-		}
-
-	if (outf == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outf) <= 0)
-			{
-			perror(outf);
-			goto end;
-			}
-		}
-
-	rbio=in;
-	wbio=out;
-
-	if (base64)
-		{
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		if (debug)
-			{
-			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,bio_err);
-			}
-		if (enc)
-			wbio=BIO_push(b64,wbio);
-		else
-			rbio=BIO_push(b64,rbio);
-		}
-
-	for (;;)
-		{
-		inl=BIO_read(rbio,(char *)buff,bsize);
-		if (inl <= 0) break;
-		if (BIO_write(wbio,(char *)buff,inl) != inl)
-			{
-			BIO_printf(bio_err,"error writing output file\n");
-			goto end;
-			}
-		}
-	BIO_flush(wbio);
-
-	ret=0;
-	if (verbose)
-		{
-		BIO_printf(bio_err,"bytes read   :%8ld\n",BIO_number_read(in));
-		BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
-		}
-end:
-	if (strbuf != NULL) OPENSSL_free(strbuf);
-	if (buff != NULL) OPENSSL_free(buff);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (benc != NULL) BIO_free(benc);
-	if (b64 != NULL) BIO_free(b64);
-	EXIT(ret);
-	}
-
diff --git a/crypto/openssl/demos/b64.pl b/crypto/openssl/demos/b64.pl
deleted file mode 100644
index 8aa5fb464d38..000000000000
--- a/crypto/openssl/demos/b64.pl
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/usr/local/bin/perl
-
-#
-# Make PEM encoded data have lines of 64 bytes of data
-#
-
-while (<>)
-	{
-	if (/^-----BEGIN/ .. /^-----END/)
-		{
-		if (/^-----BEGIN/) { $first=$_; next; }
-		if (/^-----END/) { $last=$_; next; }
-		$out.=$_;
-		}
-	}
-$out =~ s/\s//g;
-$out =~ s/(.{64})/$1\n/g;
-print "$first$out\n$last\n";
-
-
diff --git a/crypto/openssl/demos/bio/Makefile b/crypto/openssl/demos/bio/Makefile
deleted file mode 100644
index 435154053236..000000000000
--- a/crypto/openssl/demos/bio/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include
-LIBS= -L../.. ../../libssl.a ../../libcrypto.a
-EXAMPLES=saccept sconnect
-
-all: $(EXAMPLES) 
-
-saccept: saccept.o
-	$(CC) -o saccept saccept.o $(LIBS)
-
-sconnect: sconnect.o
-	$(CC) -o sconnect sconnect.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
diff --git a/crypto/openssl/demos/bio/README b/crypto/openssl/demos/bio/README
deleted file mode 100644
index 0b24e5b80cc7..000000000000
--- a/crypto/openssl/demos/bio/README
+++ /dev/null
@@ -1,3 +0,0 @@
-This directory contains some simple examples of the use of BIO's
-to simplify socket programming.
-
diff --git a/crypto/openssl/demos/bio/saccept.c b/crypto/openssl/demos/bio/saccept.c
deleted file mode 100644
index 40cd4daad293..000000000000
--- a/crypto/openssl/demos/bio/saccept.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* NOCW */
-/* demos/bio/saccept.c */
-
-/* A minimal program to server an SSL connection.
- * It uses blocking.
- * saccept host:port
- * host is the interface IP to use.  If any interface, use *:port
- * The default it *:4433
- *
- * cc -I../../include saccept.c -L../.. -lssl -lcrypto
- */
-
-#include <stdio.h>
-#include <signal.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-#define CERT_FILE	"server.pem"
-
-BIO *in=NULL;
-
-void close_up()
-	{
-	if (in != NULL)
-		BIO_free(in);
-	}
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	char *port=NULL;
-	BIO *ssl_bio,*tmp;
-	SSL_CTX *ctx;
-	SSL *ssl;
-	char buf[512];
-	int ret=1,i;
-
-        if (argc <= 1)
-		port="*:4433";
-	else
-		port=argv[1];
-
-	signal(SIGINT,close_up);
-
-	SSL_load_error_strings();
-
-#ifdef WATT32
-	dbug_init();
-	sock_init();
-#endif
-
-	/* Add ciphers and message digests */
-	OpenSSL_add_ssl_algorithms();
-
-	ctx=SSL_CTX_new(SSLv23_server_method());
-	if (!SSL_CTX_use_certificate_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
-		goto err;
-	if (!SSL_CTX_use_PrivateKey_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
-		goto err;
-	if (!SSL_CTX_check_private_key(ctx))
-		goto err;
-
-	/* Setup server side SSL bio */
-	ssl=SSL_new(ctx);
-	ssl_bio=BIO_new_ssl(ctx,0);
-
-	if ((in=BIO_new_accept(port)) == NULL) goto err;
-
-	/* This means that when a new connection is acceptede on 'in',
-	 * The ssl_bio will be 'dupilcated' and have the new socket
-	 * BIO push into it.  Basically it means the SSL BIO will be
-	 * automatically setup */
-	BIO_set_accept_bios(in,ssl_bio);
-
-again:
-	/* The first call will setup the accept socket, and the second
-	 * will get a socket.  In this loop, the first actual accept
-	 * will occur in the BIO_read() function. */
-
-	if (BIO_do_accept(in) <= 0) goto err;
-
-	for (;;)
-		{
-		i=BIO_read(in,buf,512);
-		if (i == 0)
-			{
-			/* If we have finished, remove the underlying
-			 * BIO stack so the next time we call any function
-			 * for this BIO, it will attempt to do an
-			 * accept */
-			printf("Done\n");
-			tmp=BIO_pop(in);
-			BIO_free_all(tmp);
-			goto again;
-			}
-		if (i < 0) goto err;
-		fwrite(buf,1,i,stdout);
-		fflush(stdout);
-		}
-
-	ret=0;
-err:
-	if (ret)
-		{
-		ERR_print_errors_fp(stderr);
-		}
-	if (in != NULL) BIO_free(in);
-	exit(ret);
-	return(!ret);
-	}
-
diff --git a/crypto/openssl/demos/bio/sconnect.c b/crypto/openssl/demos/bio/sconnect.c
deleted file mode 100644
index 880344eb7845..000000000000
--- a/crypto/openssl/demos/bio/sconnect.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* NOCW */
-/* demos/bio/sconnect.c */
-
-/* A minimal program to do SSL to a passed host and port.
- * It is actually using non-blocking IO but in a very simple manner
- * sconnect host:port - it does a 'GET / HTTP/1.0'
- *
- * cc -I../../include sconnect.c -L../.. -lssl -lcrypto
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-extern int errno;
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	char *host;
-	BIO *out;
-	char buf[1024*10],*p;
-	SSL_CTX *ssl_ctx=NULL;
-	SSL *ssl;
-	BIO *ssl_bio;
-	int i,len,off,ret=1;
-
-	if (argc <= 1)
-		host="localhost:4433";
-	else
-		host=argv[1];
-
-#ifdef WATT32
-	dbug_init();
-	sock_init();
-#endif
-
-	/* Lets get nice error messages */
-	SSL_load_error_strings();
-
-	/* Setup all the global SSL stuff */
-	OpenSSL_add_ssl_algorithms();
-	ssl_ctx=SSL_CTX_new(SSLv23_client_method());
-
-	/* Lets make a SSL structure */
-	ssl=SSL_new(ssl_ctx);
-	SSL_set_connect_state(ssl);
-
-	/* Use it inside an SSL BIO */
-	ssl_bio=BIO_new(BIO_f_ssl());
-	BIO_set_ssl(ssl_bio,ssl,BIO_CLOSE);
-
-	/* Lets use a connect BIO under the SSL BIO */
-	out=BIO_new(BIO_s_connect());
-	BIO_set_conn_hostname(out,host);
-	BIO_set_nbio(out,1);
-	out=BIO_push(ssl_bio,out);
-
-	p="GET / HTTP/1.0\r\n\r\n";
-	len=strlen(p);
-
-	off=0;
-	for (;;)
-		{
-		i=BIO_write(out,&(p[off]),len);
-		if (i <= 0)
-			{
-			if (BIO_should_retry(out))
-				{
-				fprintf(stderr,"write DELAY\n");
-				sleep(1);
-				continue;
-				}
-			else
-				{
-				goto err;
-				}
-			}
-		off+=i;
-		len-=i;
-		if (len <= 0) break;
-		}
-
-	for (;;)
-		{
-		i=BIO_read(out,buf,sizeof(buf));
-		if (i == 0) break;
-		if (i < 0)
-			{
-			if (BIO_should_retry(out))
-				{
-				fprintf(stderr,"read DELAY\n");
-				sleep(1);
-				continue;
-				}
-			goto err;
-			}
-		fwrite(buf,1,i,stdout);
-		}
-
-	ret=1;
-
-	if (0)
-		{
-err:
-		if (ERR_peek_error() == 0) /* system call error */
-			{
-			fprintf(stderr,"errno=%d ",errno);
-			perror("error");
-			}
-		else
-			ERR_print_errors_fp(stderr);
-		}
-	BIO_free_all(out);
-	if (ssl_ctx != NULL) SSL_CTX_free(ssl_ctx);
-	exit(!ret);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/demos/bio/server.pem b/crypto/openssl/demos/bio/server.pem
deleted file mode 100644
index 5cf1387d65d7..000000000000
--- a/crypto/openssl/demos/bio/server.pem
+++ /dev/null
@@ -1,30 +0,0 @@
-subject=/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-issuer= /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-
-MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
-Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
-hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
-sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
-tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
-agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
-g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
------END RSA PRIVATE KEY-----
-
------BEGIN DH PARAMETERS-----
-MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
-a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
------END DH PARAMETERS-----
-
diff --git a/crypto/openssl/demos/easy_tls/Makefile b/crypto/openssl/demos/easy_tls/Makefile
deleted file mode 100644
index 208070074c02..000000000000
--- a/crypto/openssl/demos/easy_tls/Makefile
+++ /dev/null
@@ -1,123 +0,0 @@
-# Makefile for easy-tls example application (rudimentary client and server)
-# $Id: Makefile,v 1.2 2001/09/18 09:15:40 bodo Exp $
-
-SOLARIS_CFLAGS=-Wall -pedantic -g -O2
-SOLARIS_LIBS=-lxnet
-
-LINUX_CFLAGS=-Wall -pedantic -g -O2
-LINUX_LIBS=
-
-
-auto-all:
-	case `uname -s` in \
-	SunOS) echo Using SunOS configuration; \
-	  make SYSCFLAGS="$(SOLARIS_CFLAGS)" SYSLIBS="$(SOLARIS_LIBS)" all;; \
-	Linux) echo Using Linux configuration; \
-	  make SYSCFLAGS="$(LINUX_CFLAGS)" SYSLIBS="$(LINUX_LIBS)" all;; \
-	*) echo "unknown system"; exit 1;; \
-	esac
-
-all: test TAGS
-
-# For adapting this Makefile to a different system, only the following
-# definitions should need customizing:
-
-OPENSSLDIR=../..
-CC=gcc
-
-SYSCFLAGS=whatever
-SYSLIBS=whatever
-
-
-#############################################################################
-#
-# SSLeay/OpenSSL imports
-#
-# OPENSSLDIR (set above) can be either the directory where OpenSSL is
-# installed or the directory where it was compiled.
-
-# We rely on having a new OpenSSL release where include files
-# have names like <openssl/ssl.h> (not just <ssl.h>).
-OPENSSLINCLUDES=-I$(OPENSSLDIR)/include
-
-# libcrypto.a and libssl.a are directly in $(OPENSSLDIR) if this is
-# the compile directory, or in $(OPENSSLDIR)/lib if we use an installed
-# library.  With the following definition, we can handle either case.
-OPENSSLLIBS=-L$(OPENSSLDIR) -L$(OPENSSLDIR)/lib -lssl -lcrypto
-
-
-#############################################################################
-#
-# Stuff for handling the source files
-#
-
-SOURCES=easy-tls.c test.c
-HEADERS=easy-tls.h test.h
-DOCSandEXAMPLESetc=Makefile cert.pem cacerts.pem
-EVERYTHING=$(SOURCES) $(HEADERS) $(DOCSandEXAMPLESetc)
-
-ls: ls-l
-ls-l:
-	ls -l $(EVERYTHING)
-# For RCS:
-tag:
-	-rcs -n_`date +%y%m%d`: $(EVERYTHING)
-	rcs -nMYTAG $(EVERYTHING)
-	rcs -nMYTAG: $(EVERYTHING)
-diff:
-	-rcsdiff -rMYTAG -u $(EVERYTHING)
-today:
-	-rcsdiff -r_`date +%y%m%d` -u $(EVERYTHING)
-ident:
-	for a in $(EVERYTHING); do ident $$a; done
-
-# Distribution .tar:
-easy-tls.tar.gz: $(EVERYTHING)
-	tar cvf - $(EVERYTHING) | \
-	gzip -9 > easy-tls.tar.gz
-
-# Working .tar:
-tls.tgz: $(EVERYTHING)
-	tar cfv - `find . -type f -a ! -name '*.tgz' -a ! -name '*.tar.gz'` | \
-	gzip -9 > tls.tgz
-
-# For emacs:
-etags: TAGS
-TAGS: $(SOURCES) $(HEADERS)
-	-etags $(SOURCES) $(HEADERS)
-
-
-#############################################################################
-#
-# Compilation
-#
-# The following definitions are system dependent (and hence defined
-# at the beginning of this Makefile, where they are more easily found):
-
-### CC=gcc
-### SYSCFLAGS=-Wall -pedantic -g -O2
-### SYSLIBS=-lxnet
-
-EXTRACFLAGS=-DTLS_APP=\"test.h\"
-# EXTRACFLAGS=-DTLS_APP=\"test.h\" -DDEBUG_TLS
-
-#
-# The rest shouldn't need to be touched.
-#
-LDFLAGS=$(SYSLIBS) $(OPENSSLLIBS)
-INCLUDES=$(OPENSSLINCLUDES)
-CFLAGS=$(SYSCFLAGS) $(EXTRACFLAGS) $(INCLUDES)
-
-OBJS=easy-tls.o test.o
-
-clean:
-	@rm -f test
-	@rm -f TAGS
-	@rm -f *.o
-	@rm -f core
-
-test: $(OBJS)
-	$(CC) $(OBJS) $(LDFLAGS) -o test
-
-test.o: $(HEADERS)
-easy-tls.o: $(HEADERS)
diff --git a/crypto/openssl/demos/easy_tls/README b/crypto/openssl/demos/easy_tls/README
deleted file mode 100644
index 816a58009c86..000000000000
--- a/crypto/openssl/demos/easy_tls/README
+++ /dev/null
@@ -1,65 +0,0 @@
-easy_tls - generic SSL/TLS proxy
-========
-
-(... and example for non-blocking SSL/TLS I/O multiplexing.)
-
-
-  easy_tls.c, easy_tls.h:
-
-     Small generic SSL/TLS proxy library: With a few function calls,
-     an application socket will be replaced by a pipe handled by a
-     separate SSL/TLS proxy process.  This allows easily adding
-     SSL/TLS support to many programs not originally designed for it.
-
-     [Actually easy_tls.c is not a proper library: Customization
-     requires defining preprocessor macros while compiling it.
-     This is quite confusing, so I'll probably change it.]
-
-     These files may be used under the OpenSSL license.
-
-
-
-  test.c, test.h, Makefile, cert.pem, cacerts.pem:
-
-     Rudimentary example program using the easy_tls library, and
-     example key and certificates for it.  Usage examples:
-
-       $ ./test 8443     # create server listening at port 8443
-       $ ./test 127.0.0.1 8443  # create client, connect to port 8443
-                                # at IP address 127.0.0.1
-
-     'test' will not automatically do SSL/TLS, or even read or write
-     data -- it must be told to do so on input lines starting
-     with a command letter.  'W' means write a line, 'R' means
-     read a line, 'C' means close the connection, 'T' means
-     start an SSL/TLS proxy.  E.g. (user input tagged with '*'):
-
-     * R
-       <<< 220 mail.example.net
-     * WSTARTTLS
-       >>> STARTTLS
-     * R
-       <<< 220 Ready to start TLS
-     * T
-       test_process_init(fd = 3, client_p = 1, apparg = (nil))
-       +++ `E:self signed certificate in certificate chain'
-       +++ `<... certificate info ...>'
-     * WHELO localhost
-       >>> HELO localhost
-       R
-       <<< 250 mail.example.net
-
-     You can even do SSL/TLS over SSL/TLS over SSL/TLS ... by using
-     'T' multiple times.  I have no idea why you would want to though.
-
-
-This code is rather old.  When I find time I will update anything that
-should be changed, and improve code comments.  To compile the sample
-program 'test' on platforms other then Linux or Solaris, you will have
-to edit the Makefile.
-
-As noted above, easy_tls.c will be changed to become a library one
-day, which means that future revisions will not be fully compatible to
-the current version.
-
-Bodo Möller <bodo@openssl.org>
diff --git a/crypto/openssl/demos/easy_tls/cacerts.pem b/crypto/openssl/demos/easy_tls/cacerts.pem
deleted file mode 100644
index acc70baf19dd..000000000000
--- a/crypto/openssl/demos/easy_tls/cacerts.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-$Id: cacerts.pem,v 1.1 2001/09/17 19:06:57 bodo Exp $
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
diff --git a/crypto/openssl/demos/easy_tls/cert.pem b/crypto/openssl/demos/easy_tls/cert.pem
deleted file mode 100644
index 364fe10d5b9b..000000000000
--- a/crypto/openssl/demos/easy_tls/cert.pem
+++ /dev/null
@@ -1,31 +0,0 @@
-$Id: cert.pem,v 1.1 2001/09/17 19:06:57 bodo Exp $
-
-Example certificate and key.
-
------BEGIN CERTIFICATE-----
-MIIB1jCCAT8CAQEwDQYJKoZIhvcNAQEEBQAwRTELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
-ZDAeFw05OTA1MDEwMTI2MzVaFw05OTA1MzEwMTI2MzVaMCIxCzAJBgNVBAYTAkRF
-MRMwEQYDVQQDEwpUZXN0c2VydmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQD6I3oDKiexwwlkzjar69AIFnVUaG85LtCege2R+CtIDlkQYw68/8MbT3ou0pdF
-AcL9IGiYY3Y0SHM9PqF00RO1MCtNpqTnF3ScLpbmggGjKilmWYn2ai7emdjMjXVL
-tzWW2xGgIGATWQN32KgfJng4jXi1UjEiyLhkw0Zf1I/ggwIDAQABMA0GCSqGSIb3
-DQEBBAUAA4GBAMgM+sbAk8DfjSfa+Rf2gcGXmbrvZAzKzC+5RU3kaq/NyxIXAGco
-9dZjozzWfN/xuGup5boFk+KrP+xdgsaqGHsyzlgEoqz4ekqLjQeVbnoj339hVFU9
-MhPi6JULPxjXKumjfX2LLNkikW5puz8Df3UiX0EiaJvd7EwP8J75tiUT
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQD6I3oDKiexwwlkzjar69AIFnVUaG85LtCege2R+CtIDlkQYw68
-/8MbT3ou0pdFAcL9IGiYY3Y0SHM9PqF00RO1MCtNpqTnF3ScLpbmggGjKilmWYn2
-ai7emdjMjXVLtzWW2xGgIGATWQN32KgfJng4jXi1UjEiyLhkw0Zf1I/ggwIDAQAB
-AoGANST8c1etf1MU19oIO5aqaE19OCXIG7oakNLCCtVTPMfvnE+vffBJH7BPIUuU
-4BBzwRv1nQrkvk72TPjVjOAu81B1SStKQueun2flVuYxp9NyupNWCBley4QdohlP
-I92ml2tzTSPmNIoA6jdGyNzFcGchapRRmejsC39F1RUbHQECQQD9KX81Wt8ZOrri
-dWiEXja1L3X8Bkb9vvUjVMQDTJJPxBJjehC6eurgE6PP6SJD5p/f3RHPCcLr8tSM
-D4P/OpKhAkEA/PFNlhIZUDKK6aTvG2mn7qQ5phbadOoyN1Js3ttWG5OMOZ6b/QlC
-Wvp84h44506BIlv+Tg2YAI0AdBUrf7oEowJAM4joAVd/ROaEtqbJ4PBA2L9RmD06
-5FqkEk4mHLnQqvYx/BgUIbH18ClvVlqSBBqFfw/EmU3WZSuogt6Bs0ocIQJBAOxB
-AoPiYcxbeQ5kZIVJOXaX49SzUdaUDNVJYrEBUzsspHQJJo/Avz606kJVkjbSR6Ft
-JWmIHuqcyMikIV4KxFsCQQCU2evoVjVsqkkbHi7W28f73PGBsyu0KIwlK7nu4h08
-Daf7TAI+A6jW/WRUsJ6dFhUYi7/Jvkcdrlnbgm2fxziX
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/easy_tls/easy-tls.c b/crypto/openssl/demos/easy_tls/easy-tls.c
deleted file mode 100644
index 9c1d98293960..000000000000
--- a/crypto/openssl/demos/easy_tls/easy-tls.c
+++ /dev/null
@@ -1,1240 +0,0 @@
-/* -*- Mode: C; c-file-style: "bsd" -*- */
-/*
- * easy-tls.c -- generic TLS proxy.
- * $Id: easy-tls.c,v 1.2.2.2 2002/03/05 09:06:57 bodo Exp $
- */
-/*
- (c) Copyright 1999 Bodo Moeller.  All rights reserved.
-
- This is free software; you can redistributed and/or modify it
- unter the terms of either
-   -  the GNU General Public License as published by the
-      Free Software Foundation, version 1, or (at your option)
-      any later version,
- or
-   -  the following license:
-*/
-/*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that each of the following
- * conditions is met:
- *
- * 1. Redistributions qualify as "freeware" or "Open Source Software" under
- *    one of the following terms:
- * 
- *    (a) Redistributions are made at no charge beyond the reasonable cost of
- *        materials and delivery.
- * 
- *    (b) Redistributions are accompanied by a copy of the Source Code
- *        or by an irrevocable offer to provide a copy of the Source Code
- *        for up to three years at the cost of materials and delivery.
- *        Such redistributions must allow further use, modification, and
- *        redistribution of the Source Code under substantially the same
- *        terms as this license.
- *
- * 2. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 3. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 4. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by Bodo Moeller."
- *    (If available, substitute umlauted o for oe.)
- *
- * 5. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by Bodo Moeller."
- *
- * THIS SOFTWARE IS PROVIDED BY BODO MOELLER ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL BODO MOELLER OR
- * HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Attribution for OpenSSL library:
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- * This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)
- */
-
-static char const rcsid[] =
-"$Id: easy-tls.c,v 1.2.2.2 2002/03/05 09:06:57 bodo Exp $";
-
-#include <assert.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/select.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/utsname.h>
-#include <unistd.h>
-
-#include <openssl/crypto.h>
-#include <openssl/dh.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/opensslv.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#ifndef NO_RSA
- #include <openssl/rsa.h>
-#endif
-#include <openssl/ssl.h>
-#include <openssl/x509.h>
-#include <openssl/x509_vfy.h>
-
-#if OPENSSL_VERSION_NUMBER < 0x00904000L /* 0.9.4-dev */
-# error "This program needs OpenSSL 0.9.4 or later."
-#endif
-
-#include "easy-tls.h" /* include after <openssl/ssl.h> if both are needed */
-
-#if TLS_INFO_SIZE > PIPE_BUF
-# if PIPE_BUF < 512
-#  error "PIPE_BUF < 512" /* non-POSIX */
-# endif
-# error "TLS_INFO_SIZE > PIPE_BUF"
-#endif
-
-/*****************************************************************************/
-
-#ifdef TLS_APP
-# include TLS_APP
-#endif
-
-/* Applications can define:
- *   TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
- *   TLS_CUMULATE_ERRORS 
- *   TLS_ERROR_BUFSIZ
- *   TLS_APP_ERRFLUSH -- void ...(int child_p, char *, size_t, void *apparg)
- */
-
-#ifndef TLS_APP_PROCESS_INIT
-# define TLS_APP_PROCESS_INIT(fd, client_p, apparg) ((void) 0)
-#endif
-
-#ifndef TLS_ERROR_BUFSIZ
-# define TLS_ERROR_BUFSIZ (10*160)
-#endif
-#if TLS_ERROR_BUFSIZ < 2 /* {'\n',0} */
-# error "TLS_ERROR_BUFSIZE is too small."
-#endif
-
-#ifndef TLS_APP_ERRFLUSH
-# define TLS_APP_ERRFLUSH tls_app_errflush
-static void
-tls_app_errflush(int child_p, char *errbuf, size_t num, void *apparg)
-{
-    fputs(errbuf, stderr);
-}
-#endif
-
-/*****************************************************************************/
-
-#ifdef DEBUG_TLS
-# define DEBUG_MSG(x) fprintf(stderr,"  %s\n",x)
-# define DEBUG_MSG2(x,y) fprintf(stderr, "  %s: %d\n",x,y)
-static int tls_loop_count = 0;
-static int tls_select_count = 0;
-#else
-# define DEBUG_MSG(x) (void)0
-# define DEBUG_MSG2(x,y) (void)0
-#endif
-
-static void tls_rand_seed_uniquely(void);
-static void tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p);
-static int tls_socket_nonblocking(int fd);
-
-static int tls_child_p = 0;
-static void *tls_child_apparg;
-
-
-struct tls_start_proxy_args
-tls_start_proxy_defaultargs(void)
-{
-    struct tls_start_proxy_args ret;
-
-    ret.fd = -1;
-    ret.client_p = -1;
-    ret.ctx = NULL;
-    ret.pid = NULL;
-    ret.infofd = NULL;
-    
-    return ret;
-}
-
-/* Slice in TLS proxy process at fd.
- * Return value:
- *   0    ok  (*pid is set to child's PID if pid != NULL),
- *   < 0  look at errno
- *   > 0  other error
- *   (return value encodes place of error)
- *
- */
-int
-tls_start_proxy(struct tls_start_proxy_args a, void *apparg)
-{
-    int fds[2] = {-1, -1};
-    int infofds[2] = {-1, -1};
-    int r, getfd, getfl;
-    int ret;
-
-    DEBUG_MSG2("tls_start_proxy fd", a.fd);
-    DEBUG_MSG2("tls_start_proxy client_p", a.client_p);
-
-    if (a.fd == -1 || a.client_p == -1 || a.ctx == NULL)
-	return 1;
-
-    if (a.pid != NULL) {
-	*a.pid = 0;
-    }
-    if (a.infofd != NULL) {
-	*a.infofd = -1;
-    }
-
-    r = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
-    if (r == -1)
-	return -1;
-    if (a.fd >= FD_SETSIZE || fds[0] >= FD_SETSIZE) {
-	ret = 2;
-	goto err;
-    }
-    if (a.infofd != NULL) {
-	r = pipe(infofds);
-	if (r == -1) {
-	    ret = -3;
-	    goto err;
-	}
-    }
-
-    r = fork();
-    if (r == -1) {
-	ret = -4;
-	goto err;
-    }
-    if (r == 0) {
-	DEBUG_MSG("fork");
-	tls_child_p = 1;
-	tls_child_apparg = apparg;
-	close(fds[1]);
-	if (infofds[0] != -1)
-	    close(infofds[0]);
-	TLS_APP_PROCESS_INIT(a.fd, a.client_p, apparg);
-	DEBUG_MSG("TLS_APP_PROCESS_INIT");
-	tls_proxy(fds[0], a.fd, infofds[1], a.ctx, a.client_p);
-	exit(0);
-    }
-    if (a.pid != NULL)
-	*a.pid = r;
-    if (infofds[1] != -1) {
-	close(infofds[1]);
-	infofds[1] = -1;
-    }
-    /* install fds[1] in place of fd: */
-    close(fds[0]);
-    fds[0] = -1;
-    getfd = fcntl(a.fd, F_GETFD);
-    getfl = fcntl(a.fd, F_GETFL);
-    r = dup2(fds[1], a.fd);
-    close(fds[1]);
-    fds[1] = -1;
-    if (r == -1) {
-	ret = -5;
-	goto err;
-    }
-    if (getfd != 1)
-	fcntl(a.fd, F_SETFD, getfd);
-    if (getfl & O_NONBLOCK)
-	(void)tls_socket_nonblocking(a.fd);
-    if (a.infofd != NULL)
-	*a.infofd = infofds[0];
-    return 0;
-    
-  err:
-    if (fds[0] != -1)
-	close(fds[0]);
-    if (fds[1] != -1)
-	close(fds[1]);
-    if (infofds[0] != -1)
-	close(infofds[0]);
-    if (infofds[1] != -1)
-	close(infofds[1]);
-    return ret;
-}
-
-/*****************************************************************************/
-
-static char errbuf[TLS_ERROR_BUFSIZ];
-static size_t errbuf_i = 0;
-
-static void
-tls_errflush(void *apparg)
-{
-    if (errbuf_i == 0)
-	return;
-    
-    assert(errbuf_i < sizeof errbuf);
-    assert(errbuf[errbuf_i] == 0);
-    if (errbuf_i == sizeof errbuf - 1) {
-	/* make sure we have a newline, even if string has been truncated */
-	errbuf[errbuf_i - 1] = '\n';
-    }
-
-    /* TLS_APP_ERRFLUSH may modify the string as needed,
-     * e.g. substitute other characters for \n for convenience */
-    TLS_APP_ERRFLUSH(tls_child_p, errbuf, errbuf_i, apparg);
-
-    errbuf_i = 0;
-}
-
-static void
-tls_errprintf(int flush, void *apparg, const char *fmt, ...)
-{
-    va_list args;
-    int r;
-    
-    if (errbuf_i < sizeof errbuf - 1) {
-	size_t n;
-
-	va_start(args, fmt);
-	n = (sizeof errbuf) - errbuf_i;
-	r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
-	if (r >= n)
-	    r = n - 1;
-	if (r >= 0) {
-	    errbuf_i += r;
-	} else {
-	    errbuf_i = sizeof errbuf - 1;
-	    errbuf[errbuf_i] = '\0';
-	}
-	assert(errbuf_i < sizeof errbuf);
-	assert(errbuf[errbuf_i] == 0);
-    }
-#ifndef TLS_CUMULATE_ERRORS
-    tls_errflush(apparg);
-#else
-    if (flush)
-	tls_errflush(apparg);
-#endif
-}
-
-/* app_prefix.. are for additional information provided by caller.
- * If OpenSSL error queue is empty, print default_text ("???" if NULL).
- */
-static char *
-tls_openssl_errors(const char *app_prefix_1, const char *app_prefix_2, const char *default_text, void *apparg)
-{
-    static char reasons[255];
-    size_t reasons_i;
-    unsigned long err;
-    const char *file;
-    int line;
-    const char *data;
-    int flags;
-    char *errstring;
-    int printed_something = 0;
-    
-    reasons_i = 0;
-
-    assert(app_prefix_1 != NULL);
-    assert(app_prefix_2 != NULL);
-
-    if (default_text == NULL)
-	default_text = "?""?""?";
-    
-    while ((err = ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) {
-	if (reasons_i < sizeof reasons) {
-	    size_t n;
-	    int r;
-
-	    n = (sizeof reasons) - reasons_i;
-	    r = snprintf(reasons + reasons_i, n, "%s%s", (reasons_i > 0 ? ", " : ""), ERR_reason_error_string(err));
-	    if (r >= n)
-		r = n - 1;
-	    if (r >= 0) {
-		reasons_i += r;
-	    } else {
-		reasons_i = sizeof reasons;
-	    }
-	    assert(reasons_i <= sizeof reasons);
-	}
-	
-	errstring = ERR_error_string(err, NULL);
-	assert(errstring != NULL);
-	tls_errprintf(0, apparg, "OpenSSL error%s%s: %s:%s:%d:%s\n", app_prefix_1, app_prefix_2, errstring, file, line, (flags & ERR_TXT_STRING) ? data : "");
-	printed_something = 1;
-    }
-
-    if (!printed_something) {
-	assert(reasons_i == 0);
-	snprintf(reasons, sizeof reasons, "%s", default_text);
-	tls_errprintf(0, apparg, "OpenSSL error%s%s: %s\n", app_prefix_1, app_prefix_2, default_text);
-    }
-
-#ifdef TLS_CUMULATE_ERRORS    
-    tls_errflush(apparg);
-#endif
-    assert(errbuf_i == 0);
-
-    return reasons;
-}
-
-/*****************************************************************************/
-
-static int tls_init_done = 0;
-
-static int
-tls_init(void *apparg)
-{
-    if (tls_init_done)
-	return 0;
-    
-    SSL_load_error_strings();
-    if (!SSL_library_init() /* aka SSLeay_add_ssl_algorithms() */ ) {
-	tls_errprintf(1, apparg, "SSL_library_init failed.\n");
-	return -1;
-    }
-    tls_init_done = 1;
-    tls_rand_seed();
-    return 0;
-}
-
-/*****************************************************************************/
-
-static void
-tls_rand_seed_uniquely(void)
-{
-    struct {
-	pid_t pid;
-	time_t time;
-	void *stack;
-    } data;
-
-    data.pid = getpid();
-    data.time = time(NULL);
-    data.stack = (void *)&data;
-
-    RAND_seed((const void *)&data, sizeof data);
-}
-
-void
-tls_rand_seed(void)
-{
-    struct {
-	struct utsname uname;
-	int uname_1;
-	int uname_2;
-	uid_t uid;
-	uid_t euid;
-	gid_t gid;
-	gid_t egid;
-    } data;
-    
-    data.uname_1 = uname(&data.uname);
-    data.uname_2 = errno; /* Let's hope that uname fails randomly :-) */
-
-    data.uid = getuid();
-    data.euid = geteuid();
-    data.gid = getgid();
-    data.egid = getegid();
-    
-    RAND_seed((const void *)&data, sizeof data);
-    tls_rand_seed_uniquely();
-}
-
-static int tls_rand_seeded_p = 0;
-
-#define my_MIN_SEED_BYTES 256 /* struct stat can be larger than 128 */
-int
-tls_rand_seed_from_file(const char *filename, size_t n, void *apparg)
-{
-    /* Seed OpenSSL's random number generator from file.
-       Try to read n bytes if n > 0, whole file if n == 0. */
-
-    int r;
-
-    if (tls_init(apparg) == -1)
-	return -1;
-    tls_rand_seed();
-
-    r = RAND_load_file(filename, (n > 0 && n < LONG_MAX) ? (long)n : LONG_MAX);
-    /* r is the number of bytes filled into the random number generator,
-     * which are taken from "stat(filename, ...)" in addition to the
-     * file contents.
-     */
-    assert(1 < my_MIN_SEED_BYTES);
-    /* We need to detect at least those cases when the file does not exist
-     * at all.  With current versions of OpenSSL, this should do it: */
-    if (n == 0)
-	n = my_MIN_SEED_BYTES;
-    if (r < n) {
-	tls_errprintf(1, apparg, "rand_seed_from_file: could not read %d bytes from %s.\n", n, filename);
-	return -1;
-    } else {
-	tls_rand_seeded_p = 1;
-	return 0;
-    }
-}
-
-void
-tls_rand_seed_from_memory(const void *buf, size_t n)
-{
-    size_t i = 0;
-    
-    while (i < n) {
-	size_t rest = n - i;
-	int chunk = rest < INT_MAX ? (int)rest : INT_MAX;
-	RAND_seed((const char *)buf + i, chunk);
-	i += chunk;
-    }
-    tls_rand_seeded_p = 1;
-}
-
-
-/*****************************************************************************/
-
-struct tls_x509_name_string {
-    char str[100];
-};
-
-static void
-tls_get_x509_subject_name_oneline(X509 *cert, struct tls_x509_name_string *namestring)
-{
-    X509_NAME *name;
-
-    if (cert == NULL) {
-	namestring->str[0] = '\0';
-	return;
-    }
-    
-    name = X509_get_subject_name(cert); /* does not increment any reference counter */
-
-    assert(sizeof namestring->str >= 4); /* "?" or "...", plus 0 */
-    
-    if (name == NULL) {
-	namestring->str[0] = '?';
-	namestring->str[1] = 0;
-    } else {
-	size_t len;
-
-	X509_NAME_oneline(name, namestring->str, sizeof namestring->str);
-	len = strlen(namestring->str);
-	assert(namestring->str[len] == 0);
-	assert(len < sizeof namestring->str);
-
-	if (len+1 == sizeof namestring->str) {
-	    /* (Probably something was cut off.)
-	     * Does not really work -- X509_NAME_oneline truncates after
-	     * name components, we cannot tell from the result whether
-	     * anything is missing. */
-
-	    assert(namestring->str[len] == 0);
-	    namestring->str[--len] = '.';
-	    namestring->str[--len] = '.';
-	    namestring->str[--len] = '.';
-	}
-    }
-}
-
-/*****************************************************************************/
-
-/* to hinder OpenSSL from asking for passphrases */
-static int
-no_passphrase_callback(char *buf, int num, int w, void *arg)
-{
-    return -1;
-}
-
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
-static int
-verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
-#else
-static int
-verify_dont_fail_cb(X509_STORE_CTX *c)
-#endif
-{
-    int i;
-    
-    i = X509_verify_cert(c); /* sets c->error */
-#if OPENSSL_VERSION_NUMBER >= 0x00905000L /* don't allow unverified
-					   * certificates -- they could
-					   * survive session reuse, but
-					   * OpenSSL < 0.9.5-dev does not
-					   * preserve their verify_result */
-    if (i == 0)
-	return 1;
-    else
-#endif
-	return i;
-}
-
-static DH *tls_dhe1024 = NULL; /* generating these takes a while, so do it just once */
-
-void
-tls_set_dhe1024(int i, void *apparg)
-{
-    DSA *dsaparams;
-    DH *dhparams;
-    const char *seed[] = { ";-)  :-(  :-)  :-(  ",
-			   ";-)  :-(  :-)  :-(  ",
-			   "Random String no. 12",
-			   ";-)  :-(  :-)  :-(  ",
-			   "hackers have even mo", /* from jargon file */
-    };
-    unsigned char seedbuf[20];
-    
-    tls_init(apparg);
-    if (i >= 0) {
-	i %= sizeof seed / sizeof seed[0];
-	assert(strlen(seed[i]) == 20);
-	memcpy(seedbuf, seed[i], 20);
-	dsaparams = DSA_generate_parameters(1024, seedbuf, 20, NULL, NULL, 0, NULL);
-    } else {
-	/* random parameters (may take a while) */
-	dsaparams = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, 0, NULL);
-    }
-    
-    if (dsaparams == NULL) {
-	tls_openssl_errors("", "", NULL, apparg);
-	return;
-    }
-    dhparams = DSA_dup_DH(dsaparams);
-    DSA_free(dsaparams);
-    if (dhparams == NULL) {
-	tls_openssl_errors("", "", NULL, apparg);
-	return;
-    }
-    if (tls_dhe1024 != NULL)
-	DH_free(tls_dhe1024);
-    tls_dhe1024 = dhparams;
-}
-
-struct tls_create_ctx_args
-tls_create_ctx_defaultargs(void)
-{
-	struct tls_create_ctx_args ret;
-
-	ret.client_p = 0;
-	ret.certificate_file = NULL;
-	ret.key_file = NULL;
-	ret.ca_file = NULL;
-	ret.verify_depth = -1;
-	ret.fail_unless_verified = 0;
-	ret.export_p = 0;
-
-	return ret;
-}
-
-SSL_CTX *
-tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
-{
-    int r;
-    static long context_num = 0;
-    SSL_CTX *ret;
-    const char *err_pref_1 = "", *err_pref_2 = "";
-    
-    if (tls_init(apparg) == -1)
-	return NULL;
-
-    ret = SSL_CTX_new((a.client_p? SSLv23_client_method:SSLv23_server_method)());
-
-    if (ret == NULL)
-	goto err;
-
-    SSL_CTX_set_default_passwd_cb(ret, no_passphrase_callback);
-    SSL_CTX_set_mode(ret, SSL_MODE_ENABLE_PARTIAL_WRITE);
-    
-    if ((a.certificate_file != NULL) || (a.key_file != NULL)) {
-	if (a.key_file == NULL) {
-	    tls_errprintf(1, apparg, "Need a key file.\n");
-	    goto err_return;
-	}
-	if (a.certificate_file == NULL) {
-	    tls_errprintf(1, apparg, "Need a certificate chain file.\n");
-	    goto err_return;
-	}
-	
-	if (!SSL_CTX_use_PrivateKey_file(ret, a.key_file, SSL_FILETYPE_PEM))
-	    goto err;
-	if (!tls_rand_seeded_p) {
-	    /* particularly paranoid people may not like this --
-	     * so provide your own random seeding before calling this */
-	    if (tls_rand_seed_from_file(a.key_file, 0, apparg) == -1)
-		goto err_return;
-	}
-	if (!SSL_CTX_use_certificate_chain_file(ret, a.certificate_file))
-	    goto err;
-	if (!SSL_CTX_check_private_key(ret)) {
-	    tls_errprintf(1, apparg, "Private key \"%s\" does not match certificate \"%s\".\n", a.key_file, a.certificate_file);
-	    goto err_peek;
-	}
-    }
-    
-    if ((a.ca_file != NULL) || (a.verify_depth > 0)) {
-	context_num++;
-	r = SSL_CTX_set_session_id_context(ret, (const void *)&context_num, (unsigned int)sizeof context_num);
-	if (!r)
-	    goto err;
-	
-	SSL_CTX_set_verify(ret, SSL_VERIFY_PEER | (a.fail_unless_verified ? SSL_VERIFY_FAIL_IF_NO_PEER_CERT : 0), 0);
-	if (!a.fail_unless_verified)
-	    SSL_CTX_set_cert_verify_callback(ret, verify_dont_fail_cb, NULL);
-	    
-	if (a.verify_depth > 0)
-	    SSL_CTX_set_verify_depth(ret, a.verify_depth);
-	
-	if (a.ca_file != NULL) {
-	    r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL /* no CA-directory */); /* does not report failure if file does not exist ... */
-	    if (!r) {
-		err_pref_1 = " while processing certificate file ";
-		err_pref_2 = a.ca_file;
-		goto err;
-	    }
-	    
-	    if (!a.client_p) {
-		/* SSL_load_client_CA_file is a misnomer, it just creates a list of CNs. */
-		SSL_CTX_set_client_CA_list(ret, SSL_load_client_CA_file(a.ca_file));
-		/* SSL_CTX_set_client_CA_list does not have a return value;
-		 * it does not really need one, but make sure
-		 * (we really test if SSL_load_client_CA_file worked) */
-		if (SSL_CTX_get_client_CA_list(ret) == NULL) {
-		    tls_errprintf(1, apparg, "Could not set client CA list from \"%s\".\n", a.ca_file);
-		    goto err_peek;
-		}
-	    }
-	}
-    }
-    
-    if (!a.client_p) {
-	if (tls_dhe1024 == NULL) {
-	    int i;
-
-	    RAND_bytes((unsigned char *) &i, sizeof i);
-	    /* make sure that i is non-negative -- pick one of the provided
-	     * seeds */
-	    if (i < 0)
-		i = -i;
-	    if (i < 0)
-		i = 0;
-	    tls_set_dhe1024(i, apparg);
-	    if (tls_dhe1024 == NULL)
-		goto err_return;
-	}
-	
-	if (!SSL_CTX_set_tmp_dh(ret, tls_dhe1024))
-	    goto err;
-
-	/* avoid small subgroup attacks: */
-	SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE);
-    }
-	
-#ifndef NO_RSA
-    if (!a.client_p && a.export_p) {
-	RSA *tmpkey;
-
-	tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL);
-	if (tmpkey == NULL)
-	    goto err;
-	if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) {
-	    RSA_free(tmpkey);
-	    goto err;
-	}
-	RSA_free(tmpkey); /* SSL_CTX_set_tmp_rsa uses a duplicate. */
-    }
-#endif
-	
-    return ret;
-    
- err_peek:
-    if (!ERR_peek_error())
-	goto err_return;
- err:
-    tls_openssl_errors(err_pref_1, err_pref_2, NULL, apparg);
- err_return:
-    if (ret != NULL)
-	SSL_CTX_free(ret);
-    return NULL;
-}
-
-
-/*****************************************************************************/
-
-static int
-tls_socket_nonblocking(int fd)
-{
-    int v, r;
-
-    v = fcntl(fd, F_GETFL, 0);
-    if (v == -1) {
-	if (errno == EINVAL)
-	    return 0; /* already shut down -- ignore */
-	return -1;
-    }
-    r = fcntl(fd, F_SETFL, v | O_NONBLOCK);
-    if (r == -1) {
-	if (errno == EINVAL)
-	    return 0; /* already shut down -- ignore */
-	return -1;
-    }
-    return 0;
-}
-
-static int
-max(int a, int b)
-{
-    return a > b ? a : b;
-}
-
-static void
-tls_sockets_select(int read_select_1, int read_select_2, int write_select_1, int write_select_2, int seconds /* timeout, -1 means no timeout */)
-{
-    int maxfd, n;
-    fd_set reads, writes;
-    struct timeval timeout;
-    struct timeval *timeout_p;
-    
-    assert(read_select_1 >= -1 && read_select_2 >= -1 && write_select_1 >= -1 && write_select_2 >= -1);
-    assert(read_select_1 < FD_SETSIZE && read_select_2 < FD_SETSIZE -1 && write_select_1 < FD_SETSIZE -1 && write_select_2 < FD_SETSIZE -1);
-
-    maxfd = max(max(read_select_1, read_select_2), max(write_select_1, write_select_2));
-    assert(maxfd >= 0);
-
-    FD_ZERO(&reads);
-    FD_ZERO(&writes);
-    
-    for(n = 0; n < 4; ++n) {
-	int i = n % 2;
-	int w = n >= 2;
-	/* loop over all (i, w) in {0,1}x{0,1} */
-	int fd;
-	
-	if (i == 0 && w == 0)
-	    fd = read_select_1;
-	else if (i == 1 && w == 0)
-	    fd = read_select_2;
-	else if (i == 0 && w == 1)
-	    fd = write_select_1;
-	else {
-	    assert(i == 1 && w == 1);
-	    fd = write_select_2;
-	}
-	
-	if (fd >= 0) {
-	    if (w == 0)
-		FD_SET(fd, &reads);
-	    else /* w == 1 */
-		FD_SET(fd, &writes);
-	}
-    }
-
-    if (seconds >= 0) {
-	timeout.tv_sec = seconds;
-	timeout.tv_usec = 0;
-	timeout_p = &timeout;
-    } else 
-	timeout_p = NULL;
-
-    DEBUG_MSG2("select no.", ++tls_select_count);
-    select(maxfd + 1, &reads, &writes, (fd_set *) NULL, timeout_p);
-    DEBUG_MSG("cont.");
-}
-
-/*****************************************************************************/
-
-#define TUNNELBUFSIZE (16*1024)
-struct tunnelbuf {
-    char buf[TUNNELBUFSIZE];
-    size_t len;
-    size_t offset;
-};
-
-static int tls_connect_attempt(SSL *, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref);
-
-static int tls_accept_attempt(SSL *, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref);
-
-static int tls_write_attempt(SSL *, struct tunnelbuf *, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref);
-
-static int tls_read_attempt(SSL *, struct tunnelbuf *, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref);
-
-static int write_attempt(int fd, struct tunnelbuf *, int *select, int *closed, int *progress);
-
-static int read_attempt(int fd, struct tunnelbuf *, int *select, int *closed, int *progress);
-
-static void write_info(SSL *ssl, int *info_fd)
-{
-    if (*info_fd != -1) {
-	long v;
-	int v_ok;
-	struct tls_x509_name_string peer;
-	char infobuf[TLS_INFO_SIZE];
-	int r;
-
-	DEBUG_MSG("write_info");
-	v = SSL_get_verify_result(ssl);
-	v_ok = (v == X509_V_OK) ? 'A' : 'E'; /* Auth./Error */
-	{
-	    X509 *peercert;
-
-	    peercert = SSL_get_peer_certificate(ssl);
-	    tls_get_x509_subject_name_oneline(peercert, &peer);
-	    if (peercert != NULL)
-		X509_free(peercert);
-	}
-	if (peer.str[0] == '\0')
-	    v_ok = '0'; /* no cert at all */
-	else
-	    if (strchr(peer.str, '\n')) {
-		/* should not happen, but make sure */
-		*strchr(peer.str, '\n') = '\0';
-	    }
-	r = snprintf(infobuf, sizeof infobuf, "%c:%s\n%s\n", v_ok, X509_verify_cert_error_string(v), peer.str);
-	DEBUG_MSG2("snprintf", r);
-	if (r == -1 || r >= sizeof infobuf)
-	    r = sizeof infobuf - 1;
-	write(*info_fd, infobuf, r);
-	close (*info_fd);
-	*info_fd = -1;
-    }
-}
-
-
-/* tls_proxy expects that all fds are closed after return */
-static void
-tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
-{
-    struct tunnelbuf clear_to_tls, tls_to_clear;
-    SSL *ssl;
-    BIO *rbio, *wbio;
-    int closed, in_handshake;
-    const char *err_pref_1 = "", *err_pref_2 = "";
-    const char *err_def = NULL;
-
-    assert(clear_fd != -1);
-    assert(tls_fd != -1);
-    assert(clear_fd < FD_SETSIZE);
-    assert(tls_fd < FD_SETSIZE);
-    /* info_fd may be -1 */
-    assert(ctx != NULL);
-
-    tls_rand_seed_uniquely();
-
-    tls_socket_nonblocking(clear_fd);
-    DEBUG_MSG2("clear_fd", clear_fd);
-    tls_socket_nonblocking(tls_fd);
-    DEBUG_MSG2("tls_fd", tls_fd);
-
-    ssl = SSL_new(ctx);
-    if (ssl == NULL)
-	goto err;
-    DEBUG_MSG("SSL_new");
-    if (!SSL_set_fd(ssl, tls_fd))
-	goto err;
-    rbio = SSL_get_rbio(ssl);
-    wbio = SSL_get_wbio(ssl); /* should be the same, but who cares */
-    assert(rbio != NULL);
-    assert(wbio != NULL);
-    if (client_p)
-	SSL_set_connect_state(ssl);
-    else
-	SSL_set_accept_state(ssl);
-    
-    closed = 0;
-    in_handshake = 1;
-    tls_to_clear.len = 0;
-    tls_to_clear.offset = 0;
-    clear_to_tls.len = 0;
-    clear_to_tls.offset = 0;
-
-    err_def = "I/O error";
-    
-    /* loop finishes as soon as we detect that one side closed;
-     * when all (program and OS) buffers have enough space,
-     * the data from the last succesful read in each direction is transferred
-     * before close */
-    do {
-	int clear_read_select = 0, clear_write_select = 0,
-	    tls_read_select = 0, tls_write_select = 0,
-	    progress = 0;
-	int r;
-	unsigned long num_read = BIO_number_read(rbio),
-	    num_written = BIO_number_written(wbio);
-
-	DEBUG_MSG2("loop iteration", ++tls_loop_count);
-
-	if (in_handshake) {
-	    DEBUG_MSG("in_handshake");
-	    if (client_p)
-		r = tls_connect_attempt(ssl, &tls_write_select, &tls_read_select, &closed, &progress, &err_pref_1);
-	    else
-		r = tls_accept_attempt(ssl, &tls_write_select, &tls_read_select, &closed, &progress, &err_pref_1);
-	    if (r != 0) {
-		write_info(ssl, &info_fd);
-		goto err;
-	    }
-	    if (closed)
-		goto err_return;
-	    if (!SSL_in_init(ssl)) {
-		in_handshake = 0;
-		write_info(ssl, &info_fd);
-	    }
-	}
-	
-	if (clear_to_tls.len != 0 && !in_handshake) {
-	    assert(!closed);
-	    
-	    r = tls_write_attempt(ssl, &clear_to_tls, &tls_write_select, &tls_read_select, &closed, &progress, &err_pref_1);
-	    if (r != 0)
-		goto err;
-	    if (closed) {
-		assert(progress);
-		tls_to_clear.offset = 0;
-		tls_to_clear.len = 0;
-	    }
-	}
-	
-	if (tls_to_clear.len != 0) {
-	    assert(!closed);
-
-	    r = write_attempt(clear_fd, &tls_to_clear, &clear_write_select, &closed, &progress);
-	    if (r != 0)
-		goto err_return;
-	    if (closed) {
-		assert(progress);
-		clear_to_tls.offset = 0;
-		clear_to_tls.len = 0;
-	    }
-	}
-	
-	if (!closed) {
-	    if (clear_to_tls.offset + clear_to_tls.len < sizeof clear_to_tls.buf) {
-		r = read_attempt(clear_fd, &clear_to_tls, &clear_read_select, &closed, &progress);
-		if (r != 0)
-		    goto err_return;
-		if (closed) {
-		    r = SSL_shutdown(ssl);
-		    DEBUG_MSG2("SSL_shutdown", r);
-		}
-	    }
-	}
-	
-	if (!closed && !in_handshake) {
-	    if (tls_to_clear.offset + tls_to_clear.len < sizeof tls_to_clear.buf) {
-		r = tls_read_attempt(ssl, &tls_to_clear, &tls_write_select, &tls_read_select, &closed, &progress, &err_pref_1);
-		if (r != 0)
-		    goto err;
-		if (closed) {
-		    r = SSL_shutdown(ssl);
-		    DEBUG_MSG2("SSL_shutdown", r);
-		}
-	    }
-	}
-
-	if (!progress) {
-	    DEBUG_MSG("!progress?");
-	    if (num_read != BIO_number_read(rbio) || num_written != BIO_number_written(wbio))
-		progress = 1;
-
-	    if (!progress) {
-		DEBUG_MSG("!progress");
-		assert(clear_read_select || tls_read_select || clear_write_select || tls_write_select);
-		tls_sockets_select(clear_read_select ? clear_fd : -1, tls_read_select ? tls_fd : -1, clear_write_select ? clear_fd : -1, tls_write_select ? tls_fd : -1, -1);
-	    }
-	}
-    } while (!closed);
-    return;
-
- err:
-    tls_openssl_errors(err_pref_1, err_pref_2, err_def, tls_child_apparg);
- err_return:
-    return;
-}
-
-
-static int
-tls_get_error(SSL *ssl, int r, int *write_select, int *read_select, int *closed, int *progress)
-{
-    int err = SSL_get_error(ssl, r);
-
-    if (err == SSL_ERROR_NONE) {
-	assert(r > 0);
-	*progress = 1;
-	return 0;
-    }
-
-    assert(r <= 0);
-
-    switch (err) {
-    case SSL_ERROR_ZERO_RETURN:
-	assert(r == 0);
-	*closed = 1;
-	*progress = 1;
-	return 0;
-
-    case SSL_ERROR_WANT_WRITE:
-	*write_select = 1;
-	return 0;
-	
-    case SSL_ERROR_WANT_READ:
-	*read_select = 1;
-	return 0;
-    }
-
-    return -1;
-}
-
-static int
-tls_connect_attempt(SSL *ssl, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref)
-{
-    int n, r;
-
-    DEBUG_MSG("tls_connect_attempt");
-    n = SSL_connect(ssl);
-    DEBUG_MSG2("SSL_connect",n);
-    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
-    if (r == -1)
-	*err_pref = " during SSL_connect";
-    return r;
-}
-
-static int
-tls_accept_attempt(SSL *ssl, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref)
-{
-    int n, r;
-
-    DEBUG_MSG("tls_accept_attempt");
-    n = SSL_accept(ssl);
-    DEBUG_MSG2("SSL_accept",n);
-    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
-    if (r == -1)
-	*err_pref = " during SSL_accept";
-    return r;
-}
-
-static int
-tls_write_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref)
-{
-    int n, r;
-
-    DEBUG_MSG("tls_write_attempt");
-    n = SSL_write(ssl, buf->buf + buf->offset, buf->len);
-    DEBUG_MSG2("SSL_write",n);
-    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
-    if (n > 0) {
-	buf->len -= n;
-	assert(buf->len >= 0);
-	if (buf->len == 0)
-	    buf->offset = 0;
-	else
-	    buf->offset += n;
-    }
-    if (r == -1)
-	*err_pref = " during SSL_write";
-    return r;
-}
-
-static int
-tls_read_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select, int *read_select, int *closed, int *progress, const char **err_pref)
-{
-    int n, r;
-    size_t total;
-
-    DEBUG_MSG("tls_read_attempt");
-    total = buf->offset + buf->len;
-    assert(total < sizeof buf->buf);
-    n = SSL_read(ssl, buf->buf + total, (sizeof buf->buf) - total);
-    DEBUG_MSG2("SSL_read",n);
-    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
-    if (n > 0) {
-	buf->len += n;
-	assert(buf->offset + buf->len <= sizeof buf->buf);
-    }
-    if (r == -1)
-	*err_pref = " during SSL_read";
-    return r;
-}
-
-static int
-get_error(int r, int *select, int *closed, int *progress)
-{
-    if (r >= 0) {
-	*progress = 1;
-	if (r == 0)
-	    *closed = 1;
-	return 0;
-    } else {
-	assert(r == -1);
-	if (errno == EAGAIN || errno == EWOULDBLOCK) {
-	    *select = 1;
-	    return 0;
-	} else if (errno == EPIPE) {
-	    *progress = 1;
-	    *closed = 1;
-	    return 0;
-	} else
-	    return -1;
-    }
-}
-
-static int write_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed, int *progress)
-{
-    int n, r;
-
-    DEBUG_MSG("write_attempt");
-    n = write(fd, buf->buf + buf->offset, buf->len);
-    DEBUG_MSG2("write",n);
-    r = get_error(n, select, closed, progress);
-    if (n > 0) {
-	buf->len -= n;
-	assert(buf->len >= 0);
-	if (buf->len == 0)
-	    buf->offset = 0;
-	else
-	    buf->offset += n;
-    }
-    if (r == -1)
-	tls_errprintf(1, tls_child_apparg, "write error: %s\n", strerror(errno));
-    return r;
-}
-    
-static int
-read_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed, int *progress)
-{
-    int n, r;
-    size_t total;
-
-    DEBUG_MSG("read_attempt");
-    total = buf->offset + buf->len;
-    assert(total < sizeof buf->buf);
-    n = read(fd, buf->buf + total, (sizeof buf->buf) - total);
-    DEBUG_MSG2("read",n);
-    r = get_error(n, select, closed, progress);
-    if (n > 0) {
-	buf->len += n;
-	assert(buf->offset + buf->len <= sizeof buf->buf);
-    }
-    if (r == -1)
-	tls_errprintf(1, tls_child_apparg, "read error: %s\n", strerror(errno));
-    return r;
-}
diff --git a/crypto/openssl/demos/easy_tls/easy-tls.h b/crypto/openssl/demos/easy_tls/easy-tls.h
deleted file mode 100644
index 52b298e65471..000000000000
--- a/crypto/openssl/demos/easy_tls/easy-tls.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/* -*- Mode: C; c-file-style: "bsd" -*- */
-/*
- * easy-tls.h -- generic TLS proxy.
- * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
- */
-/*
- * (c) Copyright 1999 Bodo Moeller.  All rights reserved.
- */
-
-#ifndef HEADER_TLS_H
-#define HEADER_TLS_H
-
-#ifndef HEADER_SSL_H
-typedef struct ssl_ctx_st SSL_CTX;
-#endif
-
-#define TLS_INFO_SIZE 512 /* max. # of bytes written to infofd */
-
-void tls_set_dhe1024(int i, void* apparg);
-/* Generate DHE parameters:
- * i >= 0 deterministic (i selects seed), i < 0 random (may take a while).
- * tls_create_ctx calls this with random non-negative i if the application
- * has never called it.*/
-
-void tls_rand_seed(void);
-int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg);
-void tls_rand_seed_from_memory(const void *buf, size_t n);
-
-struct tls_create_ctx_args 
-{
-    int client_p;
-    const char *certificate_file;
-    const char *key_file;
-    const char *ca_file;
-    int verify_depth;
-    int fail_unless_verified;
-    int export_p;
-};
-struct tls_create_ctx_args tls_create_ctx_defaultargs(void);
-/* struct tls_create_ctx_args is similar to a conventional argument list,
- * but it can provide default values and allows for future extension. */
-SSL_CTX *tls_create_ctx(struct tls_create_ctx_args, void *apparg);
-
-struct tls_start_proxy_args
-{
-    int fd;
-    int client_p;
-    SSL_CTX *ctx;
-    pid_t *pid;
-    int *infofd;
-};
-struct tls_start_proxy_args tls_start_proxy_defaultargs(void);
-/* tls_start_proxy return value *MUST* be checked!
- * 0 means ok, otherwise we've probably run out of some resources. */
-int tls_start_proxy(struct tls_start_proxy_args, void *apparg);
-
-#endif
diff --git a/crypto/openssl/demos/easy_tls/test.c b/crypto/openssl/demos/easy_tls/test.c
deleted file mode 100644
index 21f679afd1ab..000000000000
--- a/crypto/openssl/demos/easy_tls/test.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/* test.c */
-/* $Id: test.c,v 1.1 2001/09/17 19:06:59 bodo Exp $ */
-
-#define L_PORT 9999
-#define C_PORT 443
-
-#include <arpa/inet.h>
-#include <assert.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <netinet/in.h>
-#include <netinet/tcp.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/select.h>
-#include <sys/socket.h>
-#include <unistd.h>
-
-#include "test.h"
-#include "easy-tls.h"
-
-void
-test_process_init(int fd, int client_p, void *apparg)
-{
-    fprintf(stderr, "test_process_init(fd = %d, client_p = %d, apparg = %p)\n", fd, client_p, apparg);
-}
-
-void
-test_errflush(int child_p, char *errbuf, size_t num, void *apparg)
-{
-    fputs(errbuf, stderr);
-}
-
-
-int
-main(int argc, char *argv[])
-{
-    int s, fd, r;
-    FILE *conn_in;
-    FILE *conn_out;
-    char buf[256];
-    SSL_CTX *ctx;
-    int client_p = 0;
-    int port;
-    int tls = 0;
-    char infobuf[TLS_INFO_SIZE + 1];
-
-    if (argc > 1 && argv[1][0] == '-') {
-	fputs("Usage: test [port]                   -- server\n"
-	      "       test num.num.num.num [port]   -- client\n",
-	      stderr);
-	exit(1);
-    }
-
-    if (argc > 1) {
-	if (strchr(argv[1], '.')) {
-	    client_p = 1;
-	}
-    }
-    
-    fputs(client_p ? "Client\n" : "Server\n", stderr);
-    
-    {
-	struct tls_create_ctx_args a = tls_create_ctx_defaultargs();
-	a.client_p = client_p;
-	a.certificate_file = "cert.pem";
-	a.key_file = "cert.pem";
-	a.ca_file = "cacerts.pem";
-	
-	ctx = tls_create_ctx(a, NULL);
-	if (ctx == NULL)
-	    exit(1);
-    }
-    
-    s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
-    if (s == -1) {
-	perror("socket");
-	exit(1);
-    }
-    
-    if (client_p) {
-	struct sockaddr_in addr;
-	size_t addr_len = sizeof addr;
-	    
-	addr.sin_family = AF_INET;
-	assert(argc > 1);
-	if (argc > 2)
-	    sscanf(argv[2], "%d", &port);
-	else
-	    port = C_PORT;
-	addr.sin_port = htons(port);
-	addr.sin_addr.s_addr = inet_addr(argv[1]);
-	    
-	r = connect(s, &addr, addr_len);
-	if (r != 0) {
-	    perror("connect");
-	    exit(1);
-	}
-	fd = s;
-	fprintf(stderr, "Connect (fd = %d).\n", fd);
-    } else {
-	/* server */
-	{
-	    int i = 1;
-
-	    r = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *) &i, sizeof i);
-	    if (r == -1) {
-		perror("setsockopt");
-		exit(1);
-	    }
-	}
-	
-	{
-	    struct sockaddr_in addr;
-	    size_t addr_len = sizeof addr;
-	    
-	    if (argc > 1)
-		sscanf(argv[1], "%d", &port);
-	    else
-		port = L_PORT;
-	    addr.sin_family = AF_INET;
-	    addr.sin_port = htons(port);
-	    addr.sin_addr.s_addr = INADDR_ANY;
-	    
-	    r = bind(s, &addr, addr_len);
-	    if (r != 0) {
-		perror("bind");
-		exit(1);
-	    }
-	}
-    
-	r = listen(s, 1);
-	if (r == -1) {
-	    perror("listen");
-	    exit(1);
-	}
-
-	fprintf(stderr, "Listening at port %i.\n", port);
-	
-	fd = accept(s, NULL, 0);
-	if (fd == -1) {
-	    perror("accept");
-	    exit(1);
-	}
-	
-	fprintf(stderr, "Accept (fd = %d).\n", fd);
-    }
-
-    conn_in = fdopen(fd, "r");
-    if (conn_in == NULL) {
-	perror("fdopen");
-	exit(1);
-    }
-    conn_out = fdopen(fd, "w");
-    if (conn_out == NULL) {
-	perror("fdopen");
-	exit(1);
-    }
-
-    setvbuf(conn_in, NULL, _IOLBF, 256);
-    setvbuf(conn_out, NULL, _IOLBF, 256);
-	
-    while (fgets(buf, sizeof buf, stdin) != NULL) {
-	if (buf[0] == 'W') {
-	    fprintf(conn_out, "%.*s\r\n", (int)(strlen(buf + 1) - 1), buf + 1);
-	    fprintf(stderr, ">>> %.*s\n", (int)(strlen(buf + 1) - 1), buf + 1);
-	} else if (buf[0] == 'C') {
-	    fprintf(stderr, "Closing.\n");
-	    fclose(conn_in);
-	    fclose(conn_out);
-	    exit(0);
-	} else if (buf[0] == 'R') {
-	    int lines = 0;
-
-	    sscanf(buf + 1, "%d", &lines);
-	    do {
-		if (fgets(buf, sizeof buf, conn_in) == NULL) {
-		    if (ferror(conn_in)) {
-			fprintf(stderr, "ERROR\n");
-			exit(1);
-		    }
-		    fprintf(stderr, "CLOSED\n");
-		    return 0;
-		}
-		fprintf(stderr, "<<< %s", buf);
-	    } while (--lines > 0);
-	} else if (buf[0] == 'T') {
-	    int infofd;
-
-	    tls++;
-	    {
-		struct tls_start_proxy_args a = tls_start_proxy_defaultargs();
-		a.fd = fd;
-		a.client_p = client_p;
-		a.ctx = ctx;
-		a.infofd = &infofd;
-		r = tls_start_proxy(a, NULL);
-	    }
-	    assert(r != 1);
-	    if (r != 0) {
-		fprintf(stderr, "tls_start_proxy failed: %d\n", r);
-		switch (r) {
-		case -1:
-		    fputs("socketpair", stderr); break;
-		case 2:
-		    fputs("FD_SETSIZE exceeded", stderr); break;
-		case -3:
-		    fputs("pipe", stderr); break;
-		case -4:
-		    fputs("fork", stderr); break;
-		case -5:
-		    fputs("dup2", stderr); break;
-		default:
-		    fputs("?", stderr);
-		}
-		if (r < 0)
-		    perror("");
-		else
-		    fputc('\n', stderr);
-		exit(1);
-	    }
-	    
-	    r = read(infofd, infobuf, sizeof infobuf - 1);
-	    if (r > 0) {
-		const char *info = infobuf;
-		const char *eol;
-		
-		infobuf[r] = '\0';
-		while ((eol = strchr(info, '\n')) != NULL) {
-		    fprintf(stderr, "+++ `%.*s'\n", eol - info, info);
-		    info = eol+1;
-		}
-		close (infofd);
-	    }
-	} else {
-	    fprintf(stderr, "W...  write line to network\n"
-		    "R[n]  read line (n lines) from network\n"
-		    "C     close\n"
-		    "T     start %sTLS proxy\n", tls ? "another " : "");
-	}
-    }
-    return 0;
-}
diff --git a/crypto/openssl/demos/easy_tls/test.h b/crypto/openssl/demos/easy_tls/test.h
deleted file mode 100644
index dda667843f61..000000000000
--- a/crypto/openssl/demos/easy_tls/test.h
+++ /dev/null
@@ -1,11 +0,0 @@
-/* test.h */
-/* $Id: test.h,v 1.1 2001/09/17 19:07:00 bodo Exp $ */
-
-
-void test_process_init(int fd, int client_p, void *apparg);
-#define TLS_APP_PROCESS_INIT test_process_init
-
-#undef TLS_CUMULATE_ERRORS
-
-void test_errflush(int child_p, char *errbuf, size_t num, void *apparg);
-#define TLS_APP_ERRFLUSH test_errflush
diff --git a/crypto/openssl/demos/eay/Makefile b/crypto/openssl/demos/eay/Makefile
deleted file mode 100644
index 2d22eaca569d..000000000000
--- a/crypto/openssl/demos/eay/Makefile
+++ /dev/null
@@ -1,24 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include
-#LIBS=  -L../.. -lcrypto -lssl
-LIBS= -L../.. ../../libssl.a ../../libcrypto.a
-
-# the file conn.c requires a file "proxy.h" which I couldn't find...
-#EXAMPLES=base64 conn loadrsa
-EXAMPLES=base64 loadrsa
-
-all: $(EXAMPLES) 
-
-base64: base64.o
-	$(CC) -o base64 base64.o $(LIBS)
-#
-# sorry... can't find "proxy.h"
-#conn: conn.o
-#	$(CC) -o conn conn.o $(LIBS)
-
-loadrsa: loadrsa.o
-	$(CC) -o loadrsa loadrsa.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
diff --git a/crypto/openssl/demos/eay/base64.c b/crypto/openssl/demos/eay/base64.c
deleted file mode 100644
index 4b8b0627d19f..000000000000
--- a/crypto/openssl/demos/eay/base64.c
+++ /dev/null
@@ -1,49 +0,0 @@
-/* This is a simple example of using the base64 BIO to a memory BIO and then
- * getting the data.
- */
-#include <stdio.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-main()
-	{
-	int i;
-	BIO *mbio,*b64bio,*bio;
-	char buf[512];
-	char *p;
-
-	mbio=BIO_new(BIO_s_mem());
-	b64bio=BIO_new(BIO_f_base64());
-
-	bio=BIO_push(b64bio,mbio);
-	/* We now have bio pointing at b64->mem, the base64 bio encodes on
-	 * write and decodes on read */
-
-	for (;;)
-		{
-		i=fread(buf,1,512,stdin);
-		if (i <= 0) break;
-		BIO_write(bio,buf,i);
-		}
-	/* We need to 'flush' things to push out the encoding of the
-	 * last few bytes.  There is special encoding if it is not a
-	 * multiple of 3
-	 */
-	BIO_flush(bio);
-
-	printf("We have %d bytes available\n",BIO_pending(mbio));
-
-	/* We will now get a pointer to the data and the number of elements. */
-	/* hmm... this one was not defined by a macro in bio.h, it will be for
-	 * 0.9.1.  The other option is too just read from the memory bio.
-	 */
-	i=(int)BIO_ctrl(mbio,BIO_CTRL_INFO,0,(char *)&p);
-
-	printf("%d\n",i);
-	fwrite("---\n",1,4,stdout);
-	fwrite(p,1,i,stdout);
-	fwrite("---\n",1,4,stdout);
-
-	/* This call will walk the chain freeing all the BIOs */
-	BIO_free_all(bio);
-	}
diff --git a/crypto/openssl/demos/eay/conn.c b/crypto/openssl/demos/eay/conn.c
deleted file mode 100644
index c4b8f5163e11..000000000000
--- a/crypto/openssl/demos/eay/conn.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* NOCW */
-/* demos/eay/conn.c */
-
-/* A minimal program to connect to a port using the sock4a protocol.
- *
- * cc -I../../include conn.c -L../.. -lcrypto
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-/* #include "proxy.h" */
-
-extern int errno;
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	PROXY *pxy;
-	char *host;
-	char buf[1024*10],*p;
-	BIO *bio;
-	int i,len,off,ret=1;
-
-	if (argc <= 1)
-		host="localhost:4433";
-	else
-		host=argv[1];
-
-	/* Lets get nice error messages */
-	ERR_load_crypto_strings();
-
-	/* First, configure proxy settings */
-	pxy=PROXY_new();
-	PROXY_add_server(pxy,PROXY_PROTOCOL_SOCKS,"gromit:1080");
-
-	bio=BIO_new(BIO_s_socks4a_connect());
-
-	BIO_set_conn_hostname(bio,host);
-	BIO_set_proxies(bio,pxy);
-	BIO_set_socks_userid(bio,"eay");
-	BIO_set_nbio(bio,1);
-
-	p="GET / HTTP/1.0\r\n\r\n";
-	len=strlen(p);
-
-	off=0;
-	for (;;)
-		{
-		i=BIO_write(bio,&(p[off]),len);
-		if (i <= 0)
-			{
-			if (BIO_should_retry(bio))
-				{
-				fprintf(stderr,"write DELAY\n");
-				sleep(1);
-				continue;
-				}
-			else
-				{
-				goto err;
-				}
-			}
-		off+=i;
-		len-=i;
-		if (len <= 0) break;
-		}
-
-	for (;;)
-		{
-		i=BIO_read(bio,buf,sizeof(buf));
-		if (i == 0) break;
-		if (i < 0)
-			{
-			if (BIO_should_retry(bio))
-				{
-				fprintf(stderr,"read DELAY\n");
-				sleep(1);
-				continue;
-				}
-			goto err;
-			}
-		fwrite(buf,1,i,stdout);
-		}
-
-	ret=1;
-
-	if (0)
-		{
-err:
-		if (ERR_peek_error() == 0) /* system call error */
-			{
-			fprintf(stderr,"errno=%d ",errno);
-			perror("error");
-			}
-		else
-			ERR_print_errors_fp(stderr);
-		}
-	BIO_free_all(bio);
-	if (pxy != NULL) PROXY_free(pxy);
-	exit(!ret);
-	return(ret);
-	}
-
diff --git a/crypto/openssl/demos/eay/loadrsa.c b/crypto/openssl/demos/eay/loadrsa.c
deleted file mode 100644
index 79f1885ca4a8..000000000000
--- a/crypto/openssl/demos/eay/loadrsa.c
+++ /dev/null
@@ -1,53 +0,0 @@
-#include <stdio.h>
-#include <openssl/rsa.h>
-
-/* This is a simple program to generate an RSA private key.  It then
- * saves both the public and private key into a char array, then
- * re-reads them.  It saves them as DER encoded binary data.
- */
-
-void callback(stage,count,arg)
-int stage,count;
-char *arg;
-	{
-	FILE *out;
-
-	out=(FILE *)arg;
-	fprintf(out,"%d",stage);
-	if (stage == 3)
-		fprintf(out,"\n");
-	fflush(out);
-	}
-
-main()
-	{
-	RSA *rsa,*pub_rsa,*priv_rsa;
-	int len;
-	unsigned char buf[1024],*p;
-
-	rsa=RSA_generate_key(512,RSA_F4,callback,(char *)stdout);
-
-	p=buf;
-
-	/* Save the public key into buffer, we know it will be big enough
-	 * but we should really check how much space we need by calling the
-	 * i2d functions with a NULL second parameter */
-	len=i2d_RSAPublicKey(rsa,&p);
-	len+=i2d_RSAPrivateKey(rsa,&p);
-
-	printf("The public and private key are now both in a char array\n");
-	printf("and are taking up %d bytes\n",len);
-
-	RSA_free(rsa);
-
-	p=buf;
-	pub_rsa=d2i_RSAPublicKey(NULL,&p,(long)len);
-	len-=(p-buf);
-	priv_rsa=d2i_RSAPrivateKey(NULL,&p,(long)len);
-
-	if ((pub_rsa == NULL) || (priv_rsa == NULL))
-		ERR_print_errors_fp(stderr);
-
-	RSA_free(pub_rsa);
-	RSA_free(priv_rsa);
-	}
diff --git a/crypto/openssl/demos/engines/cluster_labs/Makefile b/crypto/openssl/demos/engines/cluster_labs/Makefile
deleted file mode 100644
index 956193f0937c..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/Makefile
+++ /dev/null
@@ -1,114 +0,0 @@
-LIBNAME=	libclabs
-SRC=		hw_cluster_labs.c
-OBJ=		hw_cluster_labs.o
-HEADER=		hw_cluster_labs.h
-
-CC=		gcc
-PIC=		-fPIC
-CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
-AR=		ar r
-RANLIB=		ranlib
-
-LIB=		$(LIBNAME).a
-SHLIB=		$(LIBNAME).so
-
-all:
-		@echo 'Please choose a system to build on:'
-		@echo ''
-		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
-		@echo 'solaris:  Solaris'
-		@echo 'irix:     IRIX'
-		@echo 'hpux32:   32-bit HP/UX'
-		@echo 'hpux64:   64-bit HP/UX'
-		@echo 'aix:      AIX'
-		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
-		@echo ''
-
-FORCE.update:
-update:		FORCE.update
-		perl ../../../util/mkerr.pl -conf hw_cluster_labs.ec \
-			-nostatic -staticloader -write hw_cluster_labs.c
-
-gnu:		$(SHLIB).gnu
-tru64:		$(SHLIB).tru64
-solaris:	$(SHLIB).solaris
-irix:		$(SHLIB).irix
-hpux32:		$(SHLIB).hpux32
-hpux64:		$(SHLIB).hpux64
-aix:		$(SHLIB).aix
-
-$(LIB):		$(OBJ)
-		$(AR) $(LIB) $(OBJ)
-		- $(RANLIB) $(LIB)
-
-LINK_SO=	\
-  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
-  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
-   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
-
-$(SHLIB).gnu:	$(LIB)
-		ALLSYMSFLAGS='--whole-archive' \
-		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).gnu
-$(SHLIB).tru64:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).tru64
-$(SHLIB).solaris:	$(LIB)
-		ALLSYMSFLAGS='-z allextract' \
-		SHAREDFLAGS='-G -h $(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).solaris
-$(SHLIB).irix:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).irix
-$(SHLIB).hpux32:	$(LIB)
-		ALLSYMSFLAGS='-Fl' \
-		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux32
-$(SHLIB).hpux64:	$(LIB)
-		ALLSYMSFLAGS='+forceload' \
-		SHAREDFLAGS='-b -z +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux64
-$(SHLIB).aix:	$(LIB)
-		ALLSYMSFLAGS='-bnogc' \
-		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).aix
-
-depend:
-		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
-		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
-		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
-		rm -f Makefile.tmp Makefile
-		mv Makefile.new Makefile
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
-rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
-rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
-rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
-rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
-rsaref.o: ../../../include/openssl/opensslconf.h
-rsaref.o: ../../../include/openssl/opensslv.h
-rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
-rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
-rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
-rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
-rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
-rsaref.o: source/rsaref.h
diff --git a/crypto/openssl/demos/engines/cluster_labs/cluster_labs.h b/crypto/openssl/demos/engines/cluster_labs/cluster_labs.h
deleted file mode 100644
index d0926796f07b..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/cluster_labs.h
+++ /dev/null
@@ -1,35 +0,0 @@
-typedef int cl_engine_init(void);
-typedef int cl_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			const BIGNUM *m, BN_CTX *cgx);
-typedef int cl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
-		const BIGNUM *iqmp, BN_CTX *ctx);
-typedef int cl_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-typedef int cl_rsa_pub_enc(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding);
-typedef int cl_rsa_pub_dec(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding);
-typedef int cl_rsa_priv_enc(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding);
-typedef int cl_rsa_priv_dec(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding);		
-typedef int cl_rand_bytes(unsigned char *buf, int num);
-typedef DSA_SIG *cl_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-typedef int cl_dsa_verify(const unsigned char *dgst, int dgst_len,
-				DSA_SIG *sig, DSA *dsa);
-
-
-static const char *CLUSTER_LABS_LIB_NAME = "cluster_labs";
-static const char *CLUSTER_LABS_F1	 = "hw_engine_init";
-static const char *CLUSTER_LABS_F2	 = "hw_mod_exp";
-static const char *CLUSTER_LABS_F3	 = "hw_mod_exp_crt";
-static const char *CLUSTER_LABS_F4	 = "hw_rsa_mod_exp";
-static const char *CLUSTER_LABS_F5	 = "hw_rsa_priv_enc";
-static const char *CLUSTER_LABS_F6	 = "hw_rsa_priv_dec";
-static const char *CLUSTER_LABS_F7	 = "hw_rsa_pub_enc";
-static const char *CLUSTER_LABS_F8	 = "hw_rsa_pub_dec";
-static const char *CLUSTER_LABS_F20	 = "hw_rand_bytes";
-static const char *CLUSTER_LABS_F30	 = "hw_dsa_sign";
-static const char *CLUSTER_LABS_F31	 = "hw_dsa_verify";
-
-
diff --git a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.c b/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.c
deleted file mode 100644
index 036f48bafac4..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.c
+++ /dev/null
@@ -1,721 +0,0 @@
-/* crypto/engine/hw_cluster_labs.c */
-/* Written by Jan Tschirschwitz (jan.tschirschwitz@cluster-labs.com
- * for the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define MSC_VER   /* only used cryptic.h */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/des.h>
-#include <openssl/engine.h>
-
-#ifndef NO_HW
-#ifndef NO_HW_CLUSTER_LABS
-
-#ifdef FLAT_INC
-#include "cluster_labs.h"
-#else
-#include "vendor_defns/cluster_labs.h"
-#endif
-
-#define CL_LIB_NAME "cluster_labs engine"
-#include "hw_cluster_labs_err.c"
-
-
-static int cluster_labs_destroy(ENGINE *e);
-static int cluster_labs_init(ENGINE *e);
-static int cluster_labs_finish(ENGINE *e);
-static int cluster_labs_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-
-/* BIGNUM stuff */
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cluster_labs_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-		
-/* RSA stuff */
-#ifndef OPENSSL_NO_RSA
-static int cluster_labs_rsa_pub_enc(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding);
-static int cluster_labs_rsa_pub_dec(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding);
-static int cluster_labs_rsa_priv_enc(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding);
-static int cluster_labs_rsa_priv_dec(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding);
-static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-
-/* DSA stuff */
-#ifndef OPENSSL_NO_DSA
-static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int cluster_labs_dsa_verify(const unsigned char *dgst, int dgst_len,
-				DSA_SIG *sig, DSA *dsa);
-static int cluster_labs_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int cluster_labs_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx);
-#endif
-								
-/* DH stuff */
-#ifndef OPENSSL_NO_DH
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int cluster_labs_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-		
-/* RANDOM stuff */						
-static int cluster_labs_rand_bytes(unsigned char *buf, int num);
-
-/* The definitions for control commands specific to this engine */
-#define CLUSTER_LABS_CMD_SO_PATH		ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cluster_labs_cmd_defns[] =
-	{
-	{ CLUSTER_LABS_CMD_SO_PATH,
-	  "SO_PATH",
-	  "Specifies the path to the 'cluster labs' shared library",
-	  ENGINE_CMD_FLAG_STRING
-	},
-	{0, NULL, NULL, 0}
-	};
-
-/* Our internal RSA_METHOD that we provide pointers to */
-#ifndef OPENSSL_NO_RSA
-static RSA_METHOD cluster_labs_rsa =
-	{
-	"Cluster Labs RSA method",
-	cluster_labs_rsa_pub_enc,	/* rsa_pub_enc */
-	cluster_labs_rsa_pub_dec,	/* rsa_pub_dec */
-	cluster_labs_rsa_priv_enc,	/* rsa_priv_enc */
-	cluster_labs_rsa_priv_dec,	/* rsa_priv_dec */
-	cluster_labs_rsa_mod_exp,	/* rsa_mod_exp */
-	cluster_labs_mod_exp_mont,	/* bn_mod_exp */
-	NULL,				/* init */
-	NULL,				/* finish */
-	0, 				/* flags */
-	NULL,				/* apps_data */
-	NULL,				/* rsa_sign */
-	NULL				/* rsa_verify */
-	};
-#endif
-
-/* Our internal DSA_METHOD that we provide pointers to */
-#ifndef OPENSSL_NO_DSA
-static DSA_METHOD cluster_labs_dsa =
-	{
-	"Cluster Labs DSA method",
-	cluster_labs_dsa_sign,  	/* dsa_do_sign */
-	NULL, 				/* dsa_sign_setup */
-	cluster_labs_dsa_verify,	/* dsa_do_verify */
-	cluster_labs_dsa_mod_exp, 	/* dsa_mod_exp */
-	cluster_labs_mod_exp_dsa, 	/* bn_mod_exp */
-	NULL, 				/* init */
-	NULL, 				/* finish */
-	0, 				/* flags */
-	NULL 				/* app_data */
-	};
-#endif	
-
-/* Our internal DH_METHOD that we provide pointers to */
-#ifndef OPENSSL_NO_DH
-static DH_METHOD cluster_labs_dh =
-	{
-	"Cluster Labs DH method",
-	NULL,				/* generate key */
-	NULL,				/* compute key */
-	cluster_labs_mod_exp_dh,	/* bn_mod_exp */
-	NULL,				/* init */
-	NULL,				/* finish */
-	0,				/* flags */
-	NULL				/* app_data */
-	};
-#endif	
-	
-static RAND_METHOD cluster_labs_rand =
-	{
-	/* "Cluster Labs RAND method", */
-	NULL,				/* seed */
-	cluster_labs_rand_bytes,	/* bytes */
-	NULL,				/* cleanup */
-	NULL,				/* add */
-	cluster_labs_rand_bytes,	/* pseudorand */
-	NULL,				/* status */
-	};	
-
-static const char *engine_cluster_labs_id = "cluster_labs";
-static const char *engine_cluster_labs_name = "Cluster Labs hardware engine support";
-
-/* engine implementation */
-/*-----------------------*/
-static int bind_helper(ENGINE *e)
-	{
-	
-	if(!ENGINE_set_id(e, engine_cluster_labs_id) ||
-			!ENGINE_set_name(e, engine_cluster_labs_name) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(e, &cluster_labs_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(e, &cluster_labs_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(e, &cluster_labs_dh) ||
-#endif
-			!ENGINE_set_RAND(e, &cluster_labs_rand) ||
-			!ENGINE_set_destroy_function(e, cluster_labs_destroy) ||
-			!ENGINE_set_init_function(e, cluster_labs_init) ||
-			!ENGINE_set_finish_function(e, cluster_labs_finish) ||
-			!ENGINE_set_ctrl_function(e, cluster_labs_ctrl) ||
-			!ENGINE_set_cmd_defns(e, cluster_labs_cmd_defns))
-		return 0;
-	/* Ensure the error handling is set up */
-	ERR_load_CL_strings();
-	return 1;
-	}
-	
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_cluster_labs(void)
-	{
-	ENGINE *ret = ENGINE_new();
-
-	if(!ret)
-		return NULL;
-	if(!bind_helper(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static
-#endif
-void ENGINE_load_cluster_labs(void)
-	{
-
-	ENGINE *cluster_labs = engine_cluster_labs();
-	
-	if(!cluster_labs) return;
-	ENGINE_add(cluster_labs);
-	ENGINE_free(cluster_labs);
-	ERR_clear_error();
-	}
-#endif /* !ENGINE_DYNAMIC_SUPPORT */
-
-static int cluster_labs_destroy(ENGINE *e)
-	{
-	
-	ERR_unload_CL_strings();
-	return 1;
-	}
-
-
-
-/* This is a process-global DSO handle used for loading and unloading
- * the Cluster Labs library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *cluster_labs_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static cl_engine_init	  	*p_cl_engine_init 		 = NULL;
-static cl_mod_exp	 	*p_cl_mod_exp 			 = NULL;
-static cl_mod_exp_crt		*p_cl_mod_exp_crt 		 = NULL;
-static cl_rsa_mod_exp		*p_cl_rsa_mod_exp 		 = NULL;
-static cl_rsa_priv_enc		*p_cl_rsa_priv_enc 		 = NULL;
-static cl_rsa_priv_dec		*p_cl_rsa_priv_dec 		 = NULL;
-static cl_rsa_pub_enc		*p_cl_rsa_pub_enc 		 = NULL;
-static cl_rsa_pub_dec		*p_cl_rsa_pub_dec 		 = NULL;
-static cl_rand_bytes		*p_cl_rand_bytes	 	 = NULL;
-static cl_dsa_sign		*p_cl_dsa_sign		 	 = NULL;
-static cl_dsa_verify		*p_cl_dsa_verify	 	 = NULL;
-
-
-int cluster_labs_init(ENGINE *e)
-	{
-
-	cl_engine_init			*p1;
-	cl_mod_exp			*p2;
-	cl_mod_exp_crt			*p3;
-	cl_rsa_mod_exp			*p4;
-	cl_rsa_priv_enc			*p5;
-	cl_rsa_priv_dec			*p6;	
-	cl_rsa_pub_enc			*p7;
-	cl_rsa_pub_dec			*p8;
-	cl_rand_bytes			*p20;
-	cl_dsa_sign			*p30;	
-	cl_dsa_verify			*p31;		
-	
-	/* engine already loaded */
-	if(cluster_labs_dso != NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_INIT,CL_R_ALREADY_LOADED);
-		goto err;
-		}
-	/* try to load engine	 */	
-	cluster_labs_dso = DSO_load(NULL, CLUSTER_LABS_LIB_NAME, NULL,0);
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_INIT,CL_R_DSO_FAILURE);
-		goto err;
-		}
-	/* bind functions */
-	if(	!(p1 = (cl_engine_init *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F1)) ||
-		!(p2 = (cl_mod_exp *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F2)) ||			
-		!(p3 = (cl_mod_exp_crt *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F3)) ||				
-		!(p4 = (cl_rsa_mod_exp *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F4)) ||				
-		!(p5 = (cl_rsa_priv_enc *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F5)) ||
-		!(p6 = (cl_rsa_priv_dec *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F6)) ||
-		!(p7 = (cl_rsa_pub_enc *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F7)) ||
-		!(p8 = (cl_rsa_pub_dec *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F8)) ||
-		!(p20= (cl_rand_bytes *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F20)) ||
-		!(p30= (cl_dsa_sign *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F30)) ||
-		!(p31= (cl_dsa_verify *)DSO_bind_func(
-				cluster_labs_dso, CLUSTER_LABS_F31)))
-		{
-		CLerr(CL_F_CLUSTER_LABS_INIT,CL_R_DSO_FAILURE);
-		goto err;
-		}
-		
-	/* copy function pointers */
-	p_cl_engine_init		= p1;
-	p_cl_mod_exp			= p2;
-	p_cl_mod_exp_crt		= p3;	
-	p_cl_rsa_mod_exp 		= p4;
-	p_cl_rsa_priv_enc	 	= p5;
-	p_cl_rsa_priv_dec	 	= p6;
-	p_cl_rsa_pub_enc	 	= p7;
-	p_cl_rsa_pub_dec	 	= p8;
-	p_cl_rand_bytes			= p20;	
-	p_cl_dsa_sign			= p30;
-	p_cl_dsa_verify			= p31;	
-	
-	
-	
-	/* cluster labs engine init */
-	if(p_cl_engine_init()== 0){
-		CLerr(CL_F_CLUSTER_LABS_INIT,CL_R_INIT_FAILED);		
-		goto err;
-	}
-
-	return(1);
-
-err:	
-	/* reset all pointers */
-	if(cluster_labs_dso)
-		DSO_free(cluster_labs_dso);
-
-	cluster_labs_dso		= NULL;
-	p_cl_engine_init		= NULL;	
-	p_cl_mod_exp			= NULL;
-	p_cl_mod_exp_crt		= NULL;
-	p_cl_rsa_mod_exp		= NULL;
-	p_cl_rsa_priv_enc		= NULL;
-	p_cl_rsa_priv_dec		= NULL;	
-	p_cl_rsa_pub_enc		= NULL;
-	p_cl_rsa_pub_dec		= NULL;	
-	p_cl_rand_bytes			= NULL;	
-	p_cl_dsa_sign			= NULL;
-	p_cl_dsa_verify			= NULL;	
-	
-	return(0);
-	}
-	
-
-static int cluster_labs_finish(ENGINE *e)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_FINISH,CL_R_NOT_LOADED);
-		return 0;
-		}
-	if(!DSO_free(cluster_labs_dso))
-		{
-		CLerr(CL_F_CLUSTER_LABS_FINISH,CL_R_DSO_FAILURE);
-		return 0;
-		}
-		
-	cluster_labs_dso 		= NULL;
-	p_cl_engine_init		= NULL;		
-	p_cl_mod_exp			= NULL;
-	p_cl_rsa_mod_exp		= NULL;	
-	p_cl_mod_exp_crt		= NULL;	
-	p_cl_rsa_priv_enc		= NULL;	
-	p_cl_rsa_priv_dec		= NULL;	
-	p_cl_rsa_pub_enc		= NULL;
-	p_cl_rsa_pub_dec		= NULL;	
-	p_cl_rand_bytes			= NULL;		
-	p_cl_dsa_sign			= NULL;
-	p_cl_dsa_verify			= NULL;	
-	
-	return(1);	
-	
-	}
-	
-static int cluster_labs_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-	{
-	int initialised = ((cluster_labs_dso == NULL) ? 0 : 1);
-
-	switch(cmd)
-		{
-	case CLUSTER_LABS_CMD_SO_PATH:
-		if(p == NULL)
-			{
-			CLerr(CL_F_CLUSTER_LABS_CTRL,ERR_R_PASSED_NULL_PARAMETER);
-			return 0;
-			}
-		if(initialised)
-			{
-			CLerr(CL_F_CLUSTER_LABS_CTRL,CL_R_ALREADY_LOADED);
-			return 0;
-			}
-		CLUSTER_LABS_LIB_NAME = (const char *)p;
-		return 1;
-	default:
-		break;
-		}
-	CLerr(CL_F_CLUSTER_LABS_CTRL,CL_R_COMMAND_NOT_IMPLEMENTED);
-	return 0;
-	}
-	
-
-static int cluster_labs_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_MOD_EXP,CL_R_NOT_LOADED);
-		return 0;
-		}	
-	if(p_cl_mod_exp == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_MOD_EXP,CL_R_FUNCTION_NOT_BINDED);
-		return 0;
-		}
-
-	return	p_cl_mod_exp(r, a, p, m, ctx);
-
-	}
-	
-static int cluster_labs_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
-		const BIGNUM *iqmp, BN_CTX *ctx)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_MOD_EXP_CRT,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_mod_exp_crt == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_MOD_EXP_CRT,CL_R_FUNCTION_NOT_BINDED);		
-		return 0;
-		}
-	
-	return	p_cl_mod_exp_crt(r, a, p, q,dmp1, dmq1, iqmp, ctx);
-	
-	}
-	
-static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_MOD_EXP,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_rsa_mod_exp == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_MOD_EXP,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-
-	return p_cl_rsa_mod_exp(r0, I, rsa);
-
-	}
-	
-static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_DSA_SIGN,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_dsa_sign == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_DSA_SIGN,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-
-	return p_cl_dsa_sign(dgst, dlen, dsa);
-	
-	}
-	
-static int cluster_labs_dsa_verify(const unsigned char *dgst, int dgst_len,
-				DSA_SIG *sig, DSA *dsa)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_DSA_VERIFY,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	
-	if(p_cl_dsa_verify == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_DSA_VERIFY,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-
-	return p_cl_dsa_verify(dgst, dgst_len, sig, dsa);
-	
-	}			
-
-static int cluster_labs_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-		BN_CTX *ctx, BN_MONT_CTX *in_mont)
-	{
-	BIGNUM t;
-	int status = 0;
-		
-	BN_init(&t);
-	/* let rr = a1 ^ p1 mod m */
-	if (!cluster_labs_mod_exp(rr,a1,p1,m,ctx)) goto end;
-	/* let t = a2 ^ p2 mod m */
-	if (!cluster_labs_mod_exp(&t,a2,p2,m,ctx)) goto end;
-	/* let rr = rr * t mod m */
-	if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
-	status = 1;
-end:
-	BN_free(&t);
-	
-	return(1);
-
-	}
-
-static int cluster_labs_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx)
-	{
-	return 	cluster_labs_mod_exp(r, a, p, m, ctx);
-	}
-	
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cluster_labs_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return	cluster_labs_mod_exp(r, a, p, m, ctx);
-	}
-	
-
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int cluster_labs_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	return 	cluster_labs_mod_exp(r, a, p, m, ctx);
-	}
-
-
-static int cluster_labs_rsa_pub_enc(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PUB_ENC,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_rsa_priv_enc == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PUB_ENC,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-		
-	return 	p_cl_rsa_pub_enc(flen, from, to, rsa, padding);
-	
-	}  
-	     
-static int cluster_labs_rsa_pub_dec(int flen, const unsigned char *from,
-	     unsigned char *to, RSA *rsa, int padding)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PUB_DEC,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_rsa_priv_enc == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PUB_DEC,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-		
-	return 	p_cl_rsa_pub_dec(flen, from, to, rsa, padding);
-	
-	}  
-
-
-static int cluster_labs_rsa_priv_enc(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding)
-	{
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_ENC,CL_R_NOT_LOADED);		
-		return 0;
-		}
-
-	if(p_cl_rsa_priv_enc == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_ENC,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-		
-	return 	p_cl_rsa_priv_enc(flen, from, to, rsa, padding);
-	
-	}  
-
-static int cluster_labs_rsa_priv_dec(int flen, const unsigned char *from, 
-		unsigned char *to, RSA *rsa, int padding)
-	{
-	
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_DEC,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_rsa_priv_dec == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_DEC,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-
-	return 	p_cl_rsa_priv_dec(flen, from, to, rsa, padding);
-		
-	}  
-
-/************************************************************************************
-* Symmetric algorithms
-************************************************************************************/
-/* this will be come soon! */
-
-/************************************************************************************
-* Random generator
-************************************************************************************/
-
-static int cluster_labs_rand_bytes(unsigned char *buf, int num){
-
-	if(cluster_labs_dso == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RAND_BYTES,CL_R_NOT_LOADED);		
-		return 0;
-		}
-	if(p_cl_mod_exp_crt == NULL)
-		{
-		CLerr(CL_F_CLUSTER_LABS_RAND_BYTES,CL_R_FUNCTION_NOT_BINDED);				
-		return 0;
-		}
-
-	return 	p_cl_rand_bytes(buf, num);
-
-}
-
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-	{
-	fprintf(stderr, "bind_fn CLUSTER_LABS\n");
-	if(id && (strcmp(id, engine_cluster_labs_id) != 0)) {
-		fprintf(stderr, "bind_fn return(0) first\n");
-		return 0;
-		}
-	if(!bind_helper(e)) {
-		fprintf(stderr, "bind_fn return(1) first\n");
-		return 0;
-		}
-	fprintf(stderr, "bind_fn return(1)\n");		
-	return 1;
-	}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-						
-#endif /* !NO_HW_CLUSTER_LABS */
-#endif /* !NO_HW */
-
diff --git a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.ec b/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.ec
deleted file mode 100644
index 1f6478654234..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-# configuration file for util/mkerr.pl
-#
-# use like this:
-#
-#	perl ../../../util/mkerr.pl -conf hw_cluster_labs.ec \
-#		-nostatic -staticloader -write *.c
-
-L CL		hw_cluster_labs_err.h		hw_cluster_labs_err.c
diff --git a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.c b/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.c
deleted file mode 100644
index a7fa4083b130..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* hw_cluster_labs_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_cluster_labs_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CL_str_functs[]=
-	{
-{ERR_PACK(0,CL_F_CLUSTER_LABS_CTRL,0),	"CLUSTER_LABS_CTRL"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_DSA_SIGN,0),	"CLUSTER_LABS_DSA_SIGN"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_DSA_VERIFY,0),	"CLUSTER_LABS_DSA_VERIFY"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_FINISH,0),	"CLUSTER_LABS_FINISH"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_INIT,0),	"CLUSTER_LABS_INIT"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_MOD_EXP,0),	"CLUSTER_LABS_MOD_EXP"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_MOD_EXP_CRT,0),	"CLUSTER_LABS_MOD_EXP_CRT"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RAND_BYTES,0),	"CLUSTER_LABS_RAND_BYTES"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RSA_MOD_EXP,0),	"CLUSTER_LABS_RSA_MOD_EXP"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RSA_PRIV_DEC,0),	"CLUSTER_LABS_RSA_PRIV_DEC"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RSA_PRIV_ENC,0),	"CLUSTER_LABS_RSA_PRIV_ENC"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RSA_PUB_DEC,0),	"CLUSTER_LABS_RSA_PUB_DEC"},
-{ERR_PACK(0,CL_F_CLUSTER_LABS_RSA_PUB_ENC,0),	"CLUSTER_LABS_RSA_PUB_ENC"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA CL_str_reasons[]=
-	{
-{CL_R_ALREADY_LOADED                     ,"already loaded"},
-{CL_R_COMMAND_NOT_IMPLEMENTED            ,"command not implemented"},
-{CL_R_DSO_FAILURE                        ,"dso failure"},
-{CL_R_FUNCTION_NOT_BINDED                ,"function not binded"},
-{CL_R_INIT_FAILED                        ,"init failed"},
-{CL_R_NOT_LOADED                         ,"not loaded"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef CL_LIB_NAME
-static ERR_STRING_DATA CL_lib_name[]=
-        {
-{0	,CL_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int CL_lib_error_code=0;
-static int CL_error_init=1;
-
-static void ERR_load_CL_strings(void)
-	{
-	if (CL_lib_error_code == 0)
-		CL_lib_error_code=ERR_get_next_error_library();
-
-	if (CL_error_init)
-		{
-		CL_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(CL_lib_error_code,CL_str_functs);
-		ERR_load_strings(CL_lib_error_code,CL_str_reasons);
-#endif
-
-#ifdef CL_LIB_NAME
-		CL_lib_name->error = ERR_PACK(CL_lib_error_code,0,0);
-		ERR_load_strings(0,CL_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_CL_strings(void)
-	{
-	if (CL_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(CL_lib_error_code,CL_str_functs);
-		ERR_unload_strings(CL_lib_error_code,CL_str_reasons);
-#endif
-
-#ifdef CL_LIB_NAME
-		ERR_unload_strings(0,CL_lib_name);
-#endif
-		CL_error_init=1;
-		}
-	}
-
-static void ERR_CL_error(int function, int reason, char *file, int line)
-	{
-	if (CL_lib_error_code == 0)
-		CL_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(CL_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.h b/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.h
deleted file mode 100644
index afc175b13355..000000000000
--- a/crypto/openssl/demos/engines/cluster_labs/hw_cluster_labs_err.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CL_ERR_H
-#define HEADER_CL_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CL_strings(void);
-static void ERR_unload_CL_strings(void);
-static void ERR_CL_error(int function, int reason, char *file, int line);
-#define CLerr(f,r) ERR_CL_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CL functions. */
-
-/* Function codes. */
-#define CL_F_CLUSTER_LABS_CTRL				 100
-#define CL_F_CLUSTER_LABS_DSA_SIGN			 101
-#define CL_F_CLUSTER_LABS_DSA_VERIFY			 102
-#define CL_F_CLUSTER_LABS_FINISH			 103
-#define CL_F_CLUSTER_LABS_INIT				 104
-#define CL_F_CLUSTER_LABS_MOD_EXP			 105
-#define CL_F_CLUSTER_LABS_MOD_EXP_CRT			 106
-#define CL_F_CLUSTER_LABS_RAND_BYTES			 107
-#define CL_F_CLUSTER_LABS_RSA_MOD_EXP			 108
-#define CL_F_CLUSTER_LABS_RSA_PRIV_DEC			 109
-#define CL_F_CLUSTER_LABS_RSA_PRIV_ENC			 110
-#define CL_F_CLUSTER_LABS_RSA_PUB_DEC			 111
-#define CL_F_CLUSTER_LABS_RSA_PUB_ENC			 112
-
-/* Reason codes. */
-#define CL_R_ALREADY_LOADED				 100
-#define CL_R_COMMAND_NOT_IMPLEMENTED			 101
-#define CL_R_DSO_FAILURE				 102
-#define CL_R_FUNCTION_NOT_BINDED			 103
-#define CL_R_INIT_FAILED				 104
-#define CL_R_NOT_LOADED					 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/demos/engines/ibmca/Makefile b/crypto/openssl/demos/engines/ibmca/Makefile
deleted file mode 100644
index 72f354635993..000000000000
--- a/crypto/openssl/demos/engines/ibmca/Makefile
+++ /dev/null
@@ -1,114 +0,0 @@
-LIBNAME=	libibmca
-SRC=		hw_ibmca.c
-OBJ=		hw_ibmca.o
-HEADER=		hw_ibmca.h
-
-CC=		gcc
-PIC=		-fPIC
-CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
-AR=		ar r
-RANLIB=		ranlib
-
-LIB=		$(LIBNAME).a
-SHLIB=		$(LIBNAME).so
-
-all:
-		@echo 'Please choose a system to build on:'
-		@echo ''
-		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
-		@echo 'solaris:  Solaris'
-		@echo 'irix:     IRIX'
-		@echo 'hpux32:   32-bit HP/UX'
-		@echo 'hpux64:   64-bit HP/UX'
-		@echo 'aix:      AIX'
-		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
-		@echo ''
-
-FORCE.update:
-update:		FORCE.update
-		perl ../../../util/mkerr.pl -conf hw_ibmca.ec \
-			-nostatic -staticloader -write hw_ibmca.c
-
-gnu:		$(SHLIB).gnu
-tru64:		$(SHLIB).tru64
-solaris:	$(SHLIB).solaris
-irix:		$(SHLIB).irix
-hpux32:		$(SHLIB).hpux32
-hpux64:		$(SHLIB).hpux64
-aix:		$(SHLIB).aix
-
-$(LIB):		$(OBJ)
-		$(AR) $(LIB) $(OBJ)
-		- $(RANLIB) $(LIB)
-
-LINK_SO=	\
-  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
-  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
-   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
-
-$(SHLIB).gnu:	$(LIB)
-		ALLSYMSFLAGS='--whole-archive' \
-		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).gnu
-$(SHLIB).tru64:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).tru64
-$(SHLIB).solaris:	$(LIB)
-		ALLSYMSFLAGS='-z allextract' \
-		SHAREDFLAGS='-G -h $(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).solaris
-$(SHLIB).irix:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).irix
-$(SHLIB).hpux32:	$(LIB)
-		ALLSYMSFLAGS='-Fl' \
-		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux32
-$(SHLIB).hpux64:	$(LIB)
-		ALLSYMSFLAGS='+forceload' \
-		SHAREDFLAGS='-b -z +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux64
-$(SHLIB).aix:	$(LIB)
-		ALLSYMSFLAGS='-bnogc' \
-		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).aix
-
-depend:
-		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
-		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
-		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
-		rm -f Makefile.tmp Makefile
-		mv Makefile.new Makefile
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
-rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
-rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
-rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
-rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
-rsaref.o: ../../../include/openssl/opensslconf.h
-rsaref.o: ../../../include/openssl/opensslv.h
-rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
-rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
-rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
-rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
-rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
-rsaref.o: source/rsaref.h
diff --git a/crypto/openssl/demos/engines/ibmca/hw_ibmca.c b/crypto/openssl/demos/engines/ibmca/hw_ibmca.c
deleted file mode 100644
index 0c2c39b8a799..000000000000
--- a/crypto/openssl/demos/engines/ibmca/hw_ibmca.c
+++ /dev/null
@@ -1,920 +0,0 @@
-/* crypto/engine/hw_ibmca.c */

-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL

- * project 2000.

- */

-/* ====================================================================

- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

- *

- * Redistribution and use in source and binary forms, with or without

- * modification, are permitted provided that the following conditions

- * are met:

- *

- * 1. Redistributions of source code must retain the above copyright

- *    notice, this list of conditions and the following disclaimer.

- *

- * 2. Redistributions in binary form must reproduce the above copyright

- *    notice, this list of conditions and the following disclaimer in

- *    the documentation and/or other materials provided with the

- *    distribution.

- *

- * 3. All advertising materials mentioning features or use of this

- *    software must display the following acknowledgment:

- *    "This product includes software developed by the OpenSSL Project

- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

- *

- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

- *    endorse or promote products derived from this software without

- *    prior written permission. For written permission, please contact

- *    licensing@OpenSSL.org.

- *

- * 5. Products derived from this software may not be called "OpenSSL"

- *    nor may "OpenSSL" appear in their names without prior written

- *    permission of the OpenSSL Project.

- *

- * 6. Redistributions of any form whatsoever must retain the following

- *    acknowledgment:

- *    "This product includes software developed by the OpenSSL Project

- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

- *

- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

- * OF THE POSSIBILITY OF SUCH DAMAGE.

- * ====================================================================

- *

- * This product includes cryptographic software written by Eric Young

- * (eay@cryptsoft.com).  This product includes software written by Tim

- * Hudson (tjh@cryptsoft.com).

- *

- */

-

-/* (C) COPYRIGHT International Business Machines Corp. 2001 */

-

-#include <stdio.h>

-#include <openssl/crypto.h>

-#include <openssl/dso.h>

-#include <openssl/engine.h>

-

-#ifndef OPENSSL_NO_HW

-#ifndef OPENSSL_NO_HW_IBMCA

-

-#ifdef FLAT_INC

-#include "ica_openssl_api.h"

-#else

-#include "vendor_defns/ica_openssl_api.h"

-#endif

-

-#define IBMCA_LIB_NAME "ibmca engine"

-#include "hw_ibmca_err.c"

-

-static int ibmca_destroy(ENGINE *e);

-static int ibmca_init(ENGINE *e);

-static int ibmca_finish(ENGINE *e);

-static int ibmca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());

-

-static const char *IBMCA_F1 = "icaOpenAdapter";

-static const char *IBMCA_F2 = "icaCloseAdapter";

-static const char *IBMCA_F3 = "icaRsaModExpo";

-static const char *IBMCA_F4 = "icaRandomNumberGenerate";

-static const char *IBMCA_F5 = "icaRsaCrt";

-

-ICA_ADAPTER_HANDLE handle=0;

-

-/* BIGNUM stuff */

-static int ibmca_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *m, BN_CTX *ctx);

-

-static int ibmca_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,

-        const BIGNUM *iqmp, BN_CTX *ctx);

-

-#ifndef OPENSSL_NO_RSA  

-/* RSA stuff */

-static int ibmca_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);

-#endif

-

-/* This function is aliased to mod_exp (with the mont stuff dropped). */

-static int ibmca_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

-

-#ifndef OPENSSL_NO_DSA 

-/* DSA stuff */

-static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,

-        BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,

-        BN_CTX *ctx, BN_MONT_CTX *in_mont);

-static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,

-        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,

-        BN_MONT_CTX *m_ctx);

-#endif

-

-#ifndef OPENSSL_NO_DH 

-/* DH stuff */

-/* This function is alised to mod_exp (with the DH and mont dropped). */

-static int ibmca_mod_exp_dh(const DH *dh, BIGNUM *r, 

-	const BIGNUM *a, const BIGNUM *p,

-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

-#endif

-

-/* RAND stuff */

-static int ibmca_rand_bytes(unsigned char *buf, int num);

-static int ibmca_rand_status(void);

-

-

-/* WJH - check for more commands, like in nuron */

-

-/* The definitions for control commands specific to this engine */

-#define IBMCA_CMD_SO_PATH		ENGINE_CMD_BASE

-static const ENGINE_CMD_DEFN ibmca_cmd_defns[] = {

-	{IBMCA_CMD_SO_PATH,

-		"SO_PATH",

-		"Specifies the path to the 'atasi' shared library",

-		ENGINE_CMD_FLAG_STRING},

-	{0, NULL, NULL, 0}

-	};

-

-#ifndef OPENSSL_NO_RSA  

-/* Our internal RSA_METHOD that we provide pointers to */

-static RSA_METHOD ibmca_rsa =

-        {

-        "Ibmca RSA method",

-        NULL,

-        NULL,

-        NULL,

-        NULL,

-        ibmca_rsa_mod_exp,

-        ibmca_mod_exp_mont,

-        NULL,

-        NULL,

-        0,

-        NULL,

-        NULL,

-        NULL

-        };

-#endif

-

-#ifndef OPENSSL_NO_DSA

-/* Our internal DSA_METHOD that we provide pointers to */

-static DSA_METHOD ibmca_dsa =

-        {

-        "Ibmca DSA method",

-        NULL, /* dsa_do_sign */

-        NULL, /* dsa_sign_setup */

-        NULL, /* dsa_do_verify */

-        ibmca_dsa_mod_exp, /* dsa_mod_exp */

-        ibmca_mod_exp_dsa, /* bn_mod_exp */

-        NULL, /* init */

-        NULL, /* finish */

-        0, /* flags */

-        NULL /* app_data */

-        };

-#endif

-

-#ifndef OPENSSL_NO_DH

-/* Our internal DH_METHOD that we provide pointers to */

-static DH_METHOD ibmca_dh =

-        {

-        "Ibmca DH method",

-        NULL,

-        NULL,

-        ibmca_mod_exp_dh,

-        NULL,

-        NULL,

-        0,

-        NULL

-        };

-#endif

-

-static RAND_METHOD ibmca_rand =

-        {

-        /* "IBMCA RAND method", */

-        NULL,

-        ibmca_rand_bytes,

-        NULL,

-        NULL,

-        ibmca_rand_bytes,

-        ibmca_rand_status,

-        };

-

-/* Constants used when creating the ENGINE */

-static const char *engine_ibmca_id = "ibmca";

-static const char *engine_ibmca_name = "Ibmca hardware engine support";

-

-/* This internal function is used by ENGINE_ibmca() and possibly by the

- * "dynamic" ENGINE support too */

-static int bind_helper(ENGINE *e)

-	{

-#ifndef OPENSSL_NO_RSA

-	const RSA_METHOD *meth1;

-#endif

-#ifndef OPENSSL_NO_DSA

-	const DSA_METHOD *meth2;

-#endif

-#ifndef OPENSSL_NO_DH

-	const DH_METHOD *meth3;

-#endif

-	if(!ENGINE_set_id(e, engine_ibmca_id) ||

-		!ENGINE_set_name(e, engine_ibmca_name) ||

-#ifndef OPENSSL_NO_RSA

-		!ENGINE_set_RSA(e, &ibmca_rsa) ||

-#endif

-#ifndef OPENSSL_NO_DSA

-		!ENGINE_set_DSA(e, &ibmca_dsa) ||

-#endif

-#ifndef OPENSSL_NO_DH

-		!ENGINE_set_DH(e, &ibmca_dh) ||

-#endif

-		!ENGINE_set_RAND(e, &ibmca_rand) ||

-		!ENGINE_set_destroy_function(e, ibmca_destroy) ||

-		!ENGINE_set_init_function(e, ibmca_init) ||

-		!ENGINE_set_finish_function(e, ibmca_finish) ||

-		!ENGINE_set_ctrl_function(e, ibmca_ctrl) ||

-		!ENGINE_set_cmd_defns(e, ibmca_cmd_defns))

-		return 0;

-

-#ifndef OPENSSL_NO_RSA

-	/* We know that the "PKCS1_SSLeay()" functions hook properly

-	 * to the ibmca-specific mod_exp and mod_exp_crt so we use

-	 * those functions. NB: We don't use ENGINE_openssl() or

-	 * anything "more generic" because something like the RSAref

-	 * code may not hook properly, and if you own one of these

-	 * cards then you have the right to do RSA operations on it

-	 * anyway! */ 

-	meth1 = RSA_PKCS1_SSLeay();

-	ibmca_rsa.rsa_pub_enc = meth1->rsa_pub_enc;

-	ibmca_rsa.rsa_pub_dec = meth1->rsa_pub_dec;

-	ibmca_rsa.rsa_priv_enc = meth1->rsa_priv_enc;

-	ibmca_rsa.rsa_priv_dec = meth1->rsa_priv_dec;

-#endif

-

-#ifndef OPENSSL_NO_DSA

-	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish

-	 * bits. */

-	meth2 = DSA_OpenSSL();

-	ibmca_dsa.dsa_do_sign = meth2->dsa_do_sign;

-	ibmca_dsa.dsa_sign_setup = meth2->dsa_sign_setup;

-	ibmca_dsa.dsa_do_verify = meth2->dsa_do_verify;

-#endif

-

-#ifndef OPENSSL_NO_DH

-	/* Much the same for Diffie-Hellman */

-	meth3 = DH_OpenSSL();

-	ibmca_dh.generate_key = meth3->generate_key;

-	ibmca_dh.compute_key = meth3->compute_key;

-#endif

-

-	/* Ensure the ibmca error handling is set up */

-	ERR_load_IBMCA_strings(); 

-	return 1;

-	}

-

-static ENGINE *engine_ibmca(void)

-	{

-	ENGINE *ret = ENGINE_new();

-	if(!ret)

-		return NULL;

-	if(!bind_helper(ret))

-		{

-		ENGINE_free(ret);

-		return NULL;

-		}

-	return ret;

-	}

-

-#ifdef ENGINE_DYNAMIC_SUPPORT

-static

-#endif

-void ENGINE_load_ibmca(void)

-	{

-	/* Copied from eng_[openssl|dyn].c */

-	ENGINE *toadd = engine_ibmca();

-	if(!toadd) return;

-	ENGINE_add(toadd);

-	ENGINE_free(toadd);

-	ERR_clear_error();

-	}

-

-/* Destructor (complements the "ENGINE_ibmca()" constructor) */

-static int ibmca_destroy(ENGINE *e)

-	{

-	/* Unload the ibmca error strings so any error state including our

-	 * functs or reasons won't lead to a segfault (they simply get displayed

-	 * without corresponding string data because none will be found). */

-        ERR_unload_IBMCA_strings(); 

-	return 1;

-	}

-

-

-/* This is a process-global DSO handle used for loading and unloading

- * the Ibmca library. NB: This is only set (or unset) during an

- * init() or finish() call (reference counts permitting) and they're

- * operating with global locks, so this should be thread-safe

- * implicitly. */

-

-static DSO *ibmca_dso = NULL;

-

-/* These are the function pointers that are (un)set when the library has

- * successfully (un)loaded. */

-

-static unsigned int    (ICA_CALL *p_icaOpenAdapter)();

-static unsigned int    (ICA_CALL *p_icaCloseAdapter)();

-static unsigned int    (ICA_CALL *p_icaRsaModExpo)();

-static unsigned int    (ICA_CALL *p_icaRandomNumberGenerate)();

-static unsigned int    (ICA_CALL *p_icaRsaCrt)();

-

-/* utility function to obtain a context */

-static int get_context(ICA_ADAPTER_HANDLE *p_handle)

-        {

-        unsigned int status=0;

-

-        status = p_icaOpenAdapter(0, p_handle);

-        if(status != 0)

-                return 0;

-        return 1;

-        }

-

-/* similarly to release one. */

-static void release_context(ICA_ADAPTER_HANDLE handle)

-        {

-        p_icaCloseAdapter(handle);

-        }

-

-/* (de)initialisation functions. */

-static int ibmca_init(ENGINE *e)

-        {

-

-        void          (*p1)();

-        void          (*p2)();

-        void          (*p3)();

-        void          (*p4)();

-        void          (*p5)();

-

-        if(ibmca_dso != NULL)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_INIT,IBMCA_R_ALREADY_LOADED);

-                goto err;

-                }

-        /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be

-         * changed unfortunately because the Ibmca drivers don't have

-         * standard library names that can be platform-translated well. */

-        /* TODO: Work out how to actually map to the names the Ibmca

-         * drivers really use - for now a symbollic link needs to be

-         * created on the host system from libatasi.so to atasi.so on

-         * unix variants. */

-

-	/* WJH XXX check name translation */

-

-        ibmca_dso = DSO_load(NULL, IBMCA_LIBNAME, NULL,

-			     /* DSO_FLAG_NAME_TRANSLATION */ 0);

-        if(ibmca_dso == NULL)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_INIT,IBMCA_R_DSO_FAILURE);

-                goto err;

-                }

-

-        if(!(p1 = DSO_bind_func(

-                ibmca_dso, IBMCA_F1)) ||

-                !(p2 = DSO_bind_func(

-                        ibmca_dso, IBMCA_F2)) ||

-                !(p3 = DSO_bind_func(

-                        ibmca_dso, IBMCA_F3)) ||

-                !(p4 = DSO_bind_func(

-                        ibmca_dso, IBMCA_F4)) ||

-                !(p5 = DSO_bind_func(

-                        ibmca_dso, IBMCA_F5)))

-                {

-                IBMCAerr(IBMCA_F_IBMCA_INIT,IBMCA_R_DSO_FAILURE);

-                goto err;

-                }

-

-        /* Copy the pointers */

-

-	p_icaOpenAdapter =           (unsigned int (ICA_CALL *)())p1;

-	p_icaCloseAdapter =          (unsigned int (ICA_CALL *)())p2;

-	p_icaRsaModExpo =            (unsigned int (ICA_CALL *)())p3;

-	p_icaRandomNumberGenerate =  (unsigned int (ICA_CALL *)())p4;

-	p_icaRsaCrt =                (unsigned int (ICA_CALL *)())p5;

-

-        if(!get_context(&handle))

-                {

-                IBMCAerr(IBMCA_F_IBMCA_INIT,IBMCA_R_UNIT_FAILURE);

-                goto err;

-                }

-

-        return 1;

- err:

-        if(ibmca_dso)

-                DSO_free(ibmca_dso);

-

-        p_icaOpenAdapter = NULL;

-        p_icaCloseAdapter = NULL;

-        p_icaRsaModExpo = NULL;

-        p_icaRandomNumberGenerate = NULL;

-

-        return 0;

-        }

-

-static int ibmca_finish(ENGINE *e)

-        {

-        if(ibmca_dso == NULL)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_FINISH,IBMCA_R_NOT_LOADED);

-                return 0;

-                }

-        release_context(handle);

-        if(!DSO_free(ibmca_dso))

-                {

-                IBMCAerr(IBMCA_F_IBMCA_FINISH,IBMCA_R_DSO_FAILURE);

-                return 0;

-                }

-        ibmca_dso = NULL;

-

-        return 1;

-        }

-

-static int ibmca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())

-	{

-	int initialised = ((ibmca_dso == NULL) ? 0 : 1);

-	switch(cmd)

-		{

-	case IBMCA_CMD_SO_PATH:

-		if(p == NULL)

-			{

-			IBMCAerr(IBMCA_F_IBMCA_CTRL,ERR_R_PASSED_NULL_PARAMETER);

-			return 0;

-			}

-		if(initialised)

-			{

-			IBMCAerr(IBMCA_F_IBMCA_CTRL,IBMCA_R_ALREADY_LOADED);

-			return 0;

-			}

-		IBMCA_LIBNAME = (const char *)p;

-		return 1;

-	default:

-		break;

-		}

-	IBMCAerr(IBMCA_F_IBMCA_CTRL,IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED);

-	return 0;

-	}

-

-

-static int ibmca_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *m, BN_CTX *ctx)

-        {

-        /* I need somewhere to store temporary serialised values for

-         * use with the Ibmca API calls. A neat cheat - I'll use

-         * BIGNUMs from the BN_CTX but access their arrays directly as

-         * byte arrays <grin>. This way I don't have to clean anything

-         * up. */

-

-        BIGNUM *argument=NULL;

-        BIGNUM *result=NULL;

-        BIGNUM *key=NULL;

-        int to_return;

-	int inLen, outLen, tmpLen;

-

-

-        ICA_KEY_RSA_MODEXPO *publKey=NULL;

-        unsigned int rc;

-

-        to_return = 0; /* expect failure */

-

-        if(!ibmca_dso)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_NOT_LOADED);

-                goto err;

-                }

-        /* Prepare the params */

-	BN_CTX_start(ctx);

-        argument = BN_CTX_get(ctx);

-        result = BN_CTX_get(ctx);

-        key = BN_CTX_get(ctx);

-

-        if( !argument || !result || !key)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_BN_CTX_FULL);

-                goto err;

-                }

-

-

-	if(!bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top) ||

-                !bn_wexpand(key, sizeof(*publKey)/BN_BYTES))

-

-                {

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_BN_EXPAND_FAIL);

-                goto err;

-                }

-

-        publKey = (ICA_KEY_RSA_MODEXPO *)key->d;

-

-        if (publKey == NULL)

-                {

-                goto err;

-                }

-        memset(publKey, 0, sizeof(ICA_KEY_RSA_MODEXPO));

-

-        publKey->keyType   =  CORRECT_ENDIANNESS(ME_KEY_TYPE);

-        publKey->keyLength =  CORRECT_ENDIANNESS(sizeof(ICA_KEY_RSA_MODEXPO));

-        publKey->expOffset =  (char *) publKey->keyRecord - (char *) publKey;

-

-        /* A quirk of the card: the exponent length has to be the same

-     as the modulus (key) length */

-

-	outLen = BN_num_bytes(m);

-

-/* check for modulus length SAB*/

-	if (outLen > 256 ) {

-		IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_MEXP_LENGTH_TO_LARGE);

-		goto err;

-	}

-/* check for modulus length SAB*/

-

-

-	publKey->expLength = publKey->nLength = outLen;

-/* SAB Check for underflow condition

-    the size of the exponent is less than the size of the parameter

-    then we have a big problem and will underflow the keyRecord

-   buffer.  Bad stuff could happen then

-*/

-if (outLen < BN_num_bytes(p)){

-	IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_UNDERFLOW_KEYRECORD);

-	goto err;

-}

-/* SAB End check for underflow */

-

-

-        BN_bn2bin(p, &publKey->keyRecord[publKey->expLength -

-                BN_num_bytes(p)]);

-        BN_bn2bin(m, &publKey->keyRecord[publKey->expLength]);

-

-

-

-        publKey->modulusBitLength = CORRECT_ENDIANNESS(publKey->nLength * 8);

-        publKey->nOffset   = CORRECT_ENDIANNESS(publKey->expOffset + 

-						publKey->expLength);

-

-        publKey->expOffset = CORRECT_ENDIANNESS((char *) publKey->keyRecord - 

-						(char *) publKey);

-

-	tmpLen = outLen;

-	publKey->expLength = publKey->nLength = CORRECT_ENDIANNESS(tmpLen);

-

-  /* Prepare the argument */

-

-	memset(argument->d, 0, outLen);

-	BN_bn2bin(a, (unsigned char *)argument->d + outLen -

-                 BN_num_bytes(a));

-

-	inLen = outLen;

-

-  /* Perform the operation */

-

-          if( (rc = p_icaRsaModExpo(handle, inLen,(unsigned char *)argument->d,

-                publKey, &outLen, (unsigned char *)result->d))

-                !=0 )

-

-                {

-                printf("rc = %d\n", rc);

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP,IBMCA_R_REQUEST_FAILED);

-                goto err;

-                }

-

-

-        /* Convert the response */

-        BN_bin2bn((unsigned char *)result->d, outLen, r);

-        to_return = 1;

- err:

-	BN_CTX_end(ctx);

-        return to_return;

-        }

-

-#ifndef OPENSSL_NO_RSA 

-static int ibmca_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)

-        {

-        BN_CTX *ctx;

-        int to_return = 0;

-

-        if((ctx = BN_CTX_new()) == NULL)

-                goto err;

-        if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)

-                {

-                if(!rsa->d || !rsa->n)

-                        {

-                        IBMCAerr(IBMCA_F_IBMCA_RSA_MOD_EXP,

-                                IBMCA_R_MISSING_KEY_COMPONENTS);

-                        goto err;

-                        }

-                to_return = ibmca_mod_exp(r0, I, rsa->d, rsa->n, ctx);

-                }

-        else

-                {

-                to_return = ibmca_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,

-                        rsa->dmq1, rsa->iqmp, ctx);

-                }

- err:

-        if(ctx)

-                BN_CTX_free(ctx);

-        return to_return;

-        }

-#endif

-

-/* Ein kleines chinesisches "Restessen"  */

-static int ibmca_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *q, const BIGNUM *dmp1,

-        const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)

-        {

-

-        BIGNUM *argument = NULL;

-        BIGNUM *result = NULL;

-        BIGNUM *key = NULL;

-

-        int to_return = 0; /* expect failure */

-

-        char                *pkey=NULL;

-        ICA_KEY_RSA_CRT     *privKey=NULL;

-        int inLen, outLen;

-

-        int rc;

-        unsigned int        offset, pSize, qSize;

-/* SAB New variables */

-	unsigned int keyRecordSize;

-	unsigned int pbytes = BN_num_bytes(p);

-	unsigned int qbytes = BN_num_bytes(q);

-	unsigned int dmp1bytes = BN_num_bytes(dmp1);

-	unsigned int dmq1bytes = BN_num_bytes(dmq1);

-	unsigned int iqmpbytes = BN_num_bytes(iqmp);

-

-        /* Prepare the params */

-

-	BN_CTX_start(ctx);

-        argument = BN_CTX_get(ctx);

-        result = BN_CTX_get(ctx);

-        key = BN_CTX_get(ctx);

-

-        if(!argument || !result || !key)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_BN_CTX_FULL);

-                goto err;

-                }

-

-	if(!bn_wexpand(argument, p->top + q->top) ||

-                !bn_wexpand(result, p->top + q->top) ||

-                !bn_wexpand(key, sizeof(*privKey)/BN_BYTES ))

-                {

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_BN_EXPAND_FAIL);

-                goto err;

-                }

-

-

-        privKey = (ICA_KEY_RSA_CRT *)key->d;

-/* SAB Add check for total size in bytes of the parms does not exceed

-   the buffer space we have

-   do this first

-*/

-      keyRecordSize = pbytes+qbytes+dmp1bytes+dmq1bytes+iqmpbytes;

-     if (  keyRecordSize > sizeof(privKey->keyRecord )) {

-	 IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_OPERANDS_TO_LARGE);

-         goto err;

-     }

-

-     if ( (qbytes + dmq1bytes)  > 256 ){

-	 IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_OPERANDS_TO_LARGE);

-         goto err;

-     }

-

-     if ( pbytes + dmp1bytes > 256 ) {

-	 IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_OPERANDS_TO_LARGE);

-         goto err;

-     }

-

-/* end SAB additions */

-  

-        memset(privKey, 0, sizeof(ICA_KEY_RSA_CRT));

-        privKey->keyType =  CORRECT_ENDIANNESS(CRT_KEY_TYPE);

-        privKey->keyLength = CORRECT_ENDIANNESS(sizeof(ICA_KEY_RSA_CRT));

-        privKey->modulusBitLength = 

-	  CORRECT_ENDIANNESS(BN_num_bytes(q) * 2 * 8);

-

-        /*

-         * p,dp & qInv are 1 QWORD Larger

-         */

-        privKey->pLength = CORRECT_ENDIANNESS(BN_num_bytes(p)+8);

-        privKey->qLength = CORRECT_ENDIANNESS(BN_num_bytes(q));

-        privKey->dpLength = CORRECT_ENDIANNESS(BN_num_bytes(dmp1)+8);

-        privKey->dqLength = CORRECT_ENDIANNESS(BN_num_bytes(dmq1));

-        privKey->qInvLength = CORRECT_ENDIANNESS(BN_num_bytes(iqmp)+8);

-

-        offset = (char *) privKey->keyRecord

-                  - (char *) privKey;

-

-        qSize = BN_num_bytes(q);

-        pSize = qSize + 8;   /*  1 QWORD larger */

-

-

-/* SAB  probably aittle redundant, but we'll verify that each of the

-   components which make up a key record sent ot the card does not exceed

-   the space that is allocated for it.  this handles the case where even if

-   the total length does not exceed keyrecord zied, if the operands are funny sized

-they could cause potential side affects on either the card or the result */

-

-     if ( (pbytes > pSize) || (dmp1bytes > pSize) ||

-          (iqmpbytes > pSize) || ( qbytes >qSize) ||

-          (dmq1bytes > qSize) ) {

-		IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OPERANDS_TO_LARGE);

-		goto err;

-

-	}

-     

-

-        privKey->dpOffset = CORRECT_ENDIANNESS(offset);

-

-	offset += pSize;

-	privKey->dqOffset = CORRECT_ENDIANNESS(offset);

-

-	offset += qSize;

-	privKey->pOffset = CORRECT_ENDIANNESS(offset);

-

-	offset += pSize;

-	privKey->qOffset = CORRECT_ENDIANNESS(offset);

-

-	offset += qSize;

-	privKey->qInvOffset = CORRECT_ENDIANNESS(offset);

-

-        pkey = (char *) privKey->keyRecord;

-

-

-/* SAB first check that we don;t under flow the buffer */

-	if ( pSize < pbytes ) {

-		IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_UNDERFLOW_CONDITION);

-		goto err;

-	}

-

-        /* pkey += pSize - BN_num_bytes(p); WROING this should be dmp1) */

-        pkey += pSize - BN_num_bytes(dmp1);

-        BN_bn2bin(dmp1, pkey);   

-        pkey += BN_num_bytes(dmp1);  /* move the pointer */

-

-        BN_bn2bin(dmq1, pkey);  /* Copy over dmq1 */

-

-        pkey += qSize;     /* move pointer */

-	pkey += pSize - BN_num_bytes(p);  /* set up for zero padding of next field */

-

-        BN_bn2bin(p, pkey);

-        pkey += BN_num_bytes(p);  /* increment pointer by number of bytes moved  */

-

-        BN_bn2bin(q, pkey);

-        pkey += qSize ;  /* move the pointer */

-	pkey +=  pSize - BN_num_bytes(iqmp); /* Adjust for padding */

-        BN_bn2bin(iqmp, pkey);

-

-        /* Prepare the argument and response */

-

-	outLen = CORRECT_ENDIANNESS(privKey->qLength) * 2;  /* Correct endianess is used 

-						because the fields were converted above */

-

-        if (outLen > 256) {

-		IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_OUTLEN_TO_LARGE);

-		goto err;

-	}

-

-	/* SAB check for underflow here on the argeument */

-	if ( outLen < BN_num_bytes(a)) {

-		IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_UNDERFLOW_CONDITION);

-		goto err;

-	}

-

-        BN_bn2bin(a, (unsigned char *)argument->d + outLen -

-                          BN_num_bytes(a));

-        inLen = outLen;

-

-        memset(result->d, 0, outLen);

-

-        /* Perform the operation */

-

-        if ( (rc = p_icaRsaCrt(handle, inLen, (unsigned char *)argument->d,

-                privKey, &outLen, (unsigned char *)result->d)) != 0)

-                {

-                printf("rc = %d\n", rc);

-                IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT,IBMCA_R_REQUEST_FAILED);

-                goto err;

-                }

-

-        /* Convert the response */

-

-        BN_bin2bn((unsigned char *)result->d, outLen, r);

-        to_return = 1;

-

- err:

-	BN_CTX_end(ctx);

-        return to_return;

-

-        }

-

-#ifndef OPENSSL_NO_DSA

-/* This code was liberated and adapted from the commented-out code in

- * dsa_ossl.c. Because of the unoptimised form of the Ibmca acceleration

- * (it doesn't have a CRT form for RSA), this function means that an

- * Ibmca system running with a DSA server certificate can handshake

- * around 5 or 6 times faster/more than an equivalent system running with

- * RSA. Just check out the "signs" statistics from the RSA and DSA parts

- * of "openssl speed -engine ibmca dsa1024 rsa1024". */

-static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,

-        BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,

-        BN_CTX *ctx, BN_MONT_CTX *in_mont)

-        {

-        BIGNUM t;

-        int to_return = 0;

-

-        BN_init(&t);

-        /* let rr = a1 ^ p1 mod m */

-        if (!ibmca_mod_exp(rr,a1,p1,m,ctx)) goto end;

-        /* let t = a2 ^ p2 mod m */

-        if (!ibmca_mod_exp(&t,a2,p2,m,ctx)) goto end;

-        /* let rr = rr * t mod m */

-        if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;

-        to_return = 1;

- end:

-        BN_free(&t);

-        return to_return;

-        }

-

-

-static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,

-        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,

-        BN_MONT_CTX *m_ctx)

-        {

-        return ibmca_mod_exp(r, a, p, m, ctx);

-        }

-#endif

-

-/* This function is aliased to mod_exp (with the mont stuff dropped). */

-static int ibmca_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

-        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)

-        {

-        return ibmca_mod_exp(r, a, p, m, ctx);

-        }

-

-#ifndef OPENSSL_NO_DH 

-/* This function is aliased to mod_exp (with the dh and mont dropped). */

-static int ibmca_mod_exp_dh(DH const *dh, BIGNUM *r, 

-	const BIGNUM *a, const BIGNUM *p, 

-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)

-        {

-        return ibmca_mod_exp(r, a, p, m, ctx);

-        }

-#endif

-

-/* Random bytes are good */

-static int ibmca_rand_bytes(unsigned char *buf, int num)

-        {

-        int to_return = 0; /* assume failure */

-        unsigned int ret;

-

-

-        if(handle == 0)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_RAND_BYTES,IBMCA_R_NOT_INITIALISED);

-                goto err;

-                }

-

-        ret = p_icaRandomNumberGenerate(handle, num, buf);

-        if (ret < 0)

-                {

-                IBMCAerr(IBMCA_F_IBMCA_RAND_BYTES,IBMCA_R_REQUEST_FAILED);

-                goto err;

-                }

-        to_return = 1;

- err:

-        return to_return;

-        }

-

-static int ibmca_rand_status(void)

-        {

-        return 1;

-        }

-

-/* This stuff is needed if this ENGINE is being compiled into a self-contained

- * shared-library. */

-#ifdef ENGINE_DYNAMIC_SUPPORT

-static int bind_fn(ENGINE *e, const char *id)

-	{

-	if(id && (strcmp(id, engine_ibmca_id) != 0))  /* WJH XXX */

-		return 0;

-	if(!bind_helper(e))

-		return 0;

-	return 1;

-	}

-IMPLEMENT_DYNAMIC_CHECK_FN()

-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)

-#endif /* ENGINE_DYNAMIC_SUPPORT */

-

-

-#endif /* !OPENSSL_NO_HW_IBMCA */

-#endif /* !OPENSSL_NO_HW */

diff --git a/crypto/openssl/demos/engines/ibmca/hw_ibmca.ec b/crypto/openssl/demos/engines/ibmca/hw_ibmca.ec
deleted file mode 100644
index f68646d237bb..000000000000
--- a/crypto/openssl/demos/engines/ibmca/hw_ibmca.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-# configuration file for util/mkerr.pl
-#
-# use like this:
-#
-#	perl ../../../util/mkerr.pl -conf hw_ibmca.ec \
-#		-nostatic -staticloader -write *.c
-
-L IBMCA		hw_ibmca_err.h			hw_ibmca_err.c
diff --git a/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.c b/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.c
deleted file mode 100644
index c4053f6d3015..000000000000
--- a/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* hw_ibmca_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_ibmca_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA IBMCA_str_functs[]=
-	{
-{ERR_PACK(0,IBMCA_F_IBMCA_CTRL,0),	"IBMCA_CTRL"},
-{ERR_PACK(0,IBMCA_F_IBMCA_FINISH,0),	"IBMCA_FINISH"},
-{ERR_PACK(0,IBMCA_F_IBMCA_INIT,0),	"IBMCA_INIT"},
-{ERR_PACK(0,IBMCA_F_IBMCA_MOD_EXP,0),	"IBMCA_MOD_EXP"},
-{ERR_PACK(0,IBMCA_F_IBMCA_MOD_EXP_CRT,0),	"IBMCA_MOD_EXP_CRT"},
-{ERR_PACK(0,IBMCA_F_IBMCA_RAND_BYTES,0),	"IBMCA_RAND_BYTES"},
-{ERR_PACK(0,IBMCA_F_IBMCA_RSA_MOD_EXP,0),	"IBMCA_RSA_MOD_EXP"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA IBMCA_str_reasons[]=
-	{
-{IBMCA_R_ALREADY_LOADED                  ,"already loaded"},
-{IBMCA_R_BN_CTX_FULL                     ,"bn ctx full"},
-{IBMCA_R_BN_EXPAND_FAIL                  ,"bn expand fail"},
-{IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{IBMCA_R_DSO_FAILURE                     ,"dso failure"},
-{IBMCA_R_MEXP_LENGTH_TO_LARGE            ,"mexp length to large"},
-{IBMCA_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
-{IBMCA_R_NOT_INITIALISED                 ,"not initialised"},
-{IBMCA_R_NOT_LOADED                      ,"not loaded"},
-{IBMCA_R_OPERANDS_TO_LARGE               ,"operands to large"},
-{IBMCA_R_OUTLEN_TO_LARGE                 ,"outlen to large"},
-{IBMCA_R_REQUEST_FAILED                  ,"request failed"},
-{IBMCA_R_UNDERFLOW_CONDITION             ,"underflow condition"},
-{IBMCA_R_UNDERFLOW_KEYRECORD             ,"underflow keyrecord"},
-{IBMCA_R_UNIT_FAILURE                    ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef IBMCA_LIB_NAME
-static ERR_STRING_DATA IBMCA_lib_name[]=
-        {
-{0	,IBMCA_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int IBMCA_lib_error_code=0;
-static int IBMCA_error_init=1;
-
-static void ERR_load_IBMCA_strings(void)
-	{
-	if (IBMCA_lib_error_code == 0)
-		IBMCA_lib_error_code=ERR_get_next_error_library();
-
-	if (IBMCA_error_init)
-		{
-		IBMCA_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(IBMCA_lib_error_code,IBMCA_str_functs);
-		ERR_load_strings(IBMCA_lib_error_code,IBMCA_str_reasons);
-#endif
-
-#ifdef IBMCA_LIB_NAME
-		IBMCA_lib_name->error = ERR_PACK(IBMCA_lib_error_code,0,0);
-		ERR_load_strings(0,IBMCA_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_IBMCA_strings(void)
-	{
-	if (IBMCA_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(IBMCA_lib_error_code,IBMCA_str_functs);
-		ERR_unload_strings(IBMCA_lib_error_code,IBMCA_str_reasons);
-#endif
-
-#ifdef IBMCA_LIB_NAME
-		ERR_unload_strings(0,IBMCA_lib_name);
-#endif
-		IBMCA_error_init=1;
-		}
-	}
-
-static void ERR_IBMCA_error(int function, int reason, char *file, int line)
-	{
-	if (IBMCA_lib_error_code == 0)
-		IBMCA_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(IBMCA_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.h b/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.h
deleted file mode 100644
index da64bde5f21b..000000000000
--- a/crypto/openssl/demos/engines/ibmca/hw_ibmca_err.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_IBMCA_ERR_H
-#define HEADER_IBMCA_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_IBMCA_strings(void);
-static void ERR_unload_IBMCA_strings(void);
-static void ERR_IBMCA_error(int function, int reason, char *file, int line);
-#define IBMCAerr(f,r) ERR_IBMCA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the IBMCA functions. */
-
-/* Function codes. */
-#define IBMCA_F_IBMCA_CTRL				 100
-#define IBMCA_F_IBMCA_FINISH				 101
-#define IBMCA_F_IBMCA_INIT				 102
-#define IBMCA_F_IBMCA_MOD_EXP				 103
-#define IBMCA_F_IBMCA_MOD_EXP_CRT			 104
-#define IBMCA_F_IBMCA_RAND_BYTES			 105
-#define IBMCA_F_IBMCA_RSA_MOD_EXP			 106
-
-/* Reason codes. */
-#define IBMCA_R_ALREADY_LOADED				 100
-#define IBMCA_R_BN_CTX_FULL				 101
-#define IBMCA_R_BN_EXPAND_FAIL				 102
-#define IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
-#define IBMCA_R_DSO_FAILURE				 104
-#define IBMCA_R_MEXP_LENGTH_TO_LARGE			 105
-#define IBMCA_R_MISSING_KEY_COMPONENTS			 106
-#define IBMCA_R_NOT_INITIALISED				 107
-#define IBMCA_R_NOT_LOADED				 108
-#define IBMCA_R_OPERANDS_TO_LARGE			 109
-#define IBMCA_R_OUTLEN_TO_LARGE				 110
-#define IBMCA_R_REQUEST_FAILED				 111
-#define IBMCA_R_UNDERFLOW_CONDITION			 112
-#define IBMCA_R_UNDERFLOW_KEYRECORD			 113
-#define IBMCA_R_UNIT_FAILURE				 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/demos/engines/ibmca/ica_openssl_api.h b/crypto/openssl/demos/engines/ibmca/ica_openssl_api.h
deleted file mode 100644
index c77e0fd5c067..000000000000
--- a/crypto/openssl/demos/engines/ibmca/ica_openssl_api.h
+++ /dev/null
@@ -1,189 +0,0 @@
-
-#ifndef __ICA_OPENSSL_API_H__
-#define __ICA_OPENSSL_API_H__
-
-/**
- ** abstract data types for API
- **/
-
-#define ICA_ADAPTER_HANDLE int
-
-#if defined(linux) || defined (_AIX)
-#define ICA_CALL 
-#endif
-
-#if defined(WIN32) || defined(_WIN32)
-#define ICA_CALL  __stdcall
-#endif
-
-/*------------------------------------------------*
- | RSA defines and typedefs                       |
- *------------------------------------------------*/
- /*
- * All data elements of the RSA key are in big-endian format
- * Modulus-Exponent form of key
- *
- */
- #define MAX_EXP_SIZE 256
- #define MAX_MODULUS_SIZE 256
- #define MAX_MODEXP_SIZE  (MAX_EXP_SIZE + MAX_MODULUS_SIZE)
-
- #define MAX_OPERAND_SIZE  MAX_EXP_SIZE
-
- typedef unsigned char ICA_KEY_RSA_MODEXPO_REC[MAX_MODEXP_SIZE];
- /*
- * All data elements of the RSA key are in big-endian format
- * Chinese Remainder Thereom(CRT) form of key
- * Used only for Decrypt, the encrypt form is typically Modulus-Exponent
- *
- */
- #define MAX_BP_SIZE 136
- #define MAX_BQ_SIZE 128
- #define MAX_NP_SIZE 136
- #define MAX_NQ_SIZE 128
- #define MAX_QINV_SIZE 136
- #define MAX_RSACRT_SIZE (MAX_BP_SIZE+MAX_BQ_SIZE+MAX_NP_SIZE+MAX_NQ_SIZE+MAX_QINV_SIZE)
-
-#define RSA_GEN_OPERAND_MAX   256 /* bytes */
-
-typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE];
-/*------------------------------------------------*
- | RSA key token types                            |
- *------------------------------------------------*/
-
-#define  RSA_PUBLIC_MODULUS_EXPONENT        3
-#define  RSA_PKCS_PRIVATE_CHINESE_REMAINDER 6
-
-#define KEYTYPE_MODEXPO         1
-#define KEYTYPE_PKCSCRT         2
-
-
-/*------------------------------------------------*
- | RSA Key Token format                           |
- *------------------------------------------------*/
-
-/*
- * NOTE:  All the fields in the ICA_KEY_RSA_MODEXPO structure
- *        (lengths, offsets, exponents, modulus, etc.) are
- *        stored in big-endian format
- */
-
-typedef struct _ICA_KEY_RSA_MODEXPO
-{   unsigned int  keyType;             /* RSA key type.               */
-    unsigned int  keyLength;           /* Total length of the token.  */
-    unsigned int  modulusBitLength;    /* Modulus n bit length.       */
-                                       /* -- Start of the data length.*/
-    unsigned int  nLength;             /* Modulus n = p * q           */
-    unsigned int  expLength;           /* exponent (public or private)*/
-                                       /*   e = 1/d * mod(p-1)(q-1)   */
-                                       /* -- Start of the data offsets*/
-    unsigned int  nOffset;             /* Modulus n .                 */
-    unsigned int  expOffset;           /* exponent (public or private)*/
-    unsigned char reserved[112];       /* reserved area               */
-                                       /* -- Start of the variable -- */
-                                       /* -- length token data.    -- */
-    ICA_KEY_RSA_MODEXPO_REC keyRecord;
-} ICA_KEY_RSA_MODEXPO;
-#define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC))
-
-/*
- * NOTE:  All the fields in the ICA_KEY_RSA_CRT structure
- *        (lengths, offsets, exponents, modulus, etc.) are
- *        stored in big-endian format
- */
-
-typedef struct _ICA_KEY_RSA_CRT
-{   unsigned int  keyType;             /* RSA key type.               */
-    unsigned int  keyLength;           /* Total length of the token.  */
-    unsigned int  modulusBitLength;    /* Modulus n bit length.       */
-                                       /* -- Start of the data length.*/
-#if _AIX
-    unsigned int  nLength;             /* Modulus n = p * q           */
-#endif
-    unsigned int  pLength;             /* Prime number p .            */
-    unsigned int  qLength;             /* Prime number q .            */
-    unsigned int  dpLength;            /* dp = d * mod(p-1) .         */
-    unsigned int  dqLength;            /* dq = d * mod(q-1) .         */
-    unsigned int  qInvLength;          /* PKCS: qInv = Ap/q           */
-                                       /* -- Start of the data offsets*/
-#if _AIX
-    unsigned int  nOffset;             /* Modulus n .                 */
-#endif
-    unsigned int  pOffset;             /* Prime number p .            */
-    unsigned int  qOffset;             /* Prime number q .            */
-    unsigned int  dpOffset;            /* dp .                        */
-    unsigned int  dqOffset;            /* dq .                        */
-    unsigned int  qInvOffset;          /* qInv for PKCS               */
-#if _AIX
-    unsigned char reserved[80];        /* reserved area               */
-#else
-    unsigned char reserved[88];        /* reserved area               */
-#endif
-                                       /* -- Start of the variable -- */
-                                       /* -- length token data.    -- */
-    ICA_KEY_RSA_CRT_REC keyRecord;
-} ICA_KEY_RSA_CRT;
-#define SZ_HEADER_CRT (sizeof(ICA_KEY_RSA_CRT) - sizeof(ICA_KEY_RSA_CRT_REC))
-
-unsigned int
-icaOpenAdapter( unsigned int        adapterId,
-	        ICA_ADAPTER_HANDLE *pAdapterHandle );
-
-unsigned int
-icaCloseAdapter( ICA_ADAPTER_HANDLE adapterHandle );
-
-unsigned int
-icaRsaModExpo( ICA_ADAPTER_HANDLE    hAdapterHandle,
-	       unsigned int          inputDataLength,
-	       unsigned char        *pInputData,
-	       ICA_KEY_RSA_MODEXPO  *pKeyModExpo,
-	       unsigned int         *pOutputDataLength,
-	       unsigned char        *pOutputData );
-
-unsigned int
-icaRsaCrt( ICA_ADAPTER_HANDLE     hAdapterHandle,
-	   unsigned int           inputDataLength,
-	   unsigned char         *pInputData,
-	   ICA_KEY_RSA_CRT       *pKeyCrt,
-	   unsigned int          *pOutputDataLength,
-	   unsigned char         *pOutputData );
-
-unsigned int
-icaRandomNumberGenerate( ICA_ADAPTER_HANDLE  hAdapterHandle,
-			 unsigned int        outputDataLength,
-			 unsigned char      *pOutputData );
-
-/* Specific macros and definitions to not have IFDEF;s all over the
-   main code */
-
-#if (_AIX)
-static const char *IBMCA_LIBNAME = "/lib/libica.a(shr.o)";
-#elif (WIN32)
-static const char *IBMCA_LIBNAME = "cryptica";
-#else
-static const char *IBMCA_LIBNAME = "ica";
-#endif
-
-#if (WIN32)
-/*
- The ICA_KEY_RSA_MODEXPO & ICA_KEY_RSA_CRT lengths and
- offsets must be in big-endian format.
-
-*/
-#define CORRECT_ENDIANNESS(b) (  \
-                             (((unsigned long) (b) & 0x000000ff) << 24) |  \
-                             (((unsigned long) (b) & 0x0000ff00) <<  8) |  \
-                             (((unsigned long) (b) & 0x00ff0000) >>  8) |  \
-                             (((unsigned long) (b) & 0xff000000) >> 24)    \
-                             )
-#define CRT_KEY_TYPE   RSA_PKCS_PRIVATE_CHINESE_REMAINDER
-#define ME_KEY_TYPE    RSA_PUBLIC_MODULUS_EXPONENT
-#else
-#define CORRECT_ENDIANNESS(b) (b)
-#define CRT_KEY_TYPE       KEYTYPE_PKCSCRT
-#define ME_KEY_TYPE        KEYTYPE_MODEXPO
-#endif
-
-
-
-#endif   /* __ICA_OPENSSL_API_H__ */
diff --git a/crypto/openssl/demos/engines/rsaref/Makefile b/crypto/openssl/demos/engines/rsaref/Makefile
deleted file mode 100644
index 63b8c79d2705..000000000000
--- a/crypto/openssl/demos/engines/rsaref/Makefile
+++ /dev/null
@@ -1,135 +0,0 @@
-LIBNAME=	librsaref
-SRC=		rsaref.c
-OBJ=		rsaref.o
-HEADER=		rsaref.h
-
-CC=		gcc
-PIC=		-fPIC
-CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT
-AR=		ar r
-RANLIB=		ranlib
-
-LIB=		$(LIBNAME).a
-SHLIB=		$(LIBNAME).so
-
-all:
-		@echo 'Please choose a system to build on:'
-		@echo ''
-		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
-		@echo 'solaris:  Solaris'
-		@echo 'irix:     IRIX'
-		@echo 'hpux32:   32-bit HP/UX'
-		@echo 'hpux64:   64-bit HP/UX'
-		@echo 'aix:      AIX'
-		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
-		@echo ''
-
-FORCE.install:
-install:	FORCE.install
-		cd install; \
-			make -f unix/makefile CFLAGS='-I. -DPROTOTYPES=1 -O -c' RSAREFLIB=librsaref.a librsaref.a
-
-FORCE.update:
-update:		FORCE.update
-		perl ../../../util/mkerr.pl -conf rsaref.ec \
-			-nostatic -staticloader -write rsaref.c
-
-darwin:		install $(SHLIB).darwin
-cygwin:		install $(SHLIB).cygwin
-gnu:		install $(SHLIB).gnu
-alpha-osf1:	install $(SHLIB).alpha-osf1
-tru64:		install $(SHLIB).tru64
-solaris:	install $(SHLIB).solaris
-irix:		install $(SHLIB).irix
-hpux32:		install $(SHLIB).hpux32
-hpux64:		install $(SHLIB).hpux64
-aix:		install $(SHLIB).aix
-reliantunix:	install $(SHLIB).reliantunix
-
-$(LIB):		$(OBJ)
-		$(AR) $(LIB) $(OBJ)
-		- $(RANLIB) $(LIB)
-
-LINK_SO=	\
-  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) install/librsaref.a && \
-  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
-   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
-
-$(SHLIB).darwin:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-all_load' \
-		SHAREDFLAGS='-dynamiclib -install_name $(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).darwin
-$(SHLIB).cygwin:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='--whole-archive' \
-		SHAREDFLAGS='-shared -Wl,-Bsymbolic -Wl,--out-implib,$(LIBNAME).dll.a' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).cygwin
-$(SHLIB).gnu:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='--whole-archive' \
-		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).gnu
-$(SHLIB).tru64:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).tru64
-$(SHLIB).solaris:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-z allextract' \
-		SHAREDFLAGS='-G -h $(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).solaris
-$(SHLIB).irix:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).irix
-$(SHLIB).hpux32:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-Fl' \
-		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux32
-$(SHLIB).hpux64:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='+forceload' \
-		SHAREDFLAGS='-b -z +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux64
-$(SHLIB).aix:	$(LIB) install/librsaref.a
-		ALLSYMSFLAGS='-bnogc' \
-		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).aix
-
-depend:
-		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
-		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
-		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
-		rm -f Makefile.tmp Makefile
-		mv Makefile.new Makefile
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
-rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
-rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
-rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
-rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
-rsaref.o: ../../../include/openssl/opensslconf.h
-rsaref.o: ../../../include/openssl/opensslv.h
-rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
-rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
-rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
-rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
-rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
-rsaref.o: source/rsaref.h
diff --git a/crypto/openssl/demos/engines/rsaref/README b/crypto/openssl/demos/engines/rsaref/README
deleted file mode 100644
index 00b1f7473b64..000000000000
--- a/crypto/openssl/demos/engines/rsaref/README
+++ /dev/null
@@ -1,22 +0,0 @@
-librsaref.so is a demonstration dynamic engine that does RSA
-operations using the old RSAref 2.0 implementation.
-
-To make proper use of this engine, you must download RSAref 2.0
-(search the web for rsaref.tar.Z for example) and unpack it in this
-directory, so you'll end up having the subdirectories "install" and
-"source" among others.
-
-To build, do the following:
-
-	make
-
-This will list a number of available targets to choose from.  Most of
-them are architecture-specific.  The exception is "gnu" which is to be
-used on systems where GNU ld and gcc have been installed in such a way
-that gcc uses GNU ld to link together programs and shared libraries.
-
-The make file assumes you use gcc.  To change that, just reassign CC:
-
-	make CC=cc
-
-The result is librsaref.so, which you can copy to any place you wish.
diff --git a/crypto/openssl/demos/engines/rsaref/build.com b/crypto/openssl/demos/engines/rsaref/build.com
deleted file mode 100644
index b9569129161f..000000000000
--- a/crypto/openssl/demos/engines/rsaref/build.com
+++ /dev/null
@@ -1,85 +0,0 @@
-$! BUILD.COM -- Building procedure for the RSAref engine
-$
-$	if f$search("source.dir") .eqs. "" -
-	   .or. f$search("install.dir") .eqs. ""
-$	then
-$	    write sys$error "RSAref 2.0 hasn't been properly extracted."
-$	    exit
-$	endif
-$
-$	_save_default = f$environment("default")
-$	set default [.install]
-$	files := desc,digit,md2c,md5c,nn,prime,-
-		rsa,r_encode,r_dh,r_enhanc,r_keygen,r_random,-
-		r_stdlib
-$	delete rsaref.olb;*
-$	library/create/object rsaref.olb
-$	files_i = 0
-$ rsaref_loop:
-$	files_e = f$edit(f$element(files_i,",",files),"trim")
-$	files_i = files_i + 1
-$	if files_e .eqs. "," then goto rsaref_loop_end
-$	cc/include=([-.source],[])/define=PROTOTYPES=1/object=[]'files_e'.obj -
-		[-.source]'files_e'.c
-$	library/replace/object rsaref.olb 'files_e'.obj
-$	goto rsaref_loop
-$ rsaref_loop_end:
-$
-$	set default [-]
-$	define/user openssl [---.include.openssl]
-$	cc/define=ENGINE_DYNAMIC_SUPPORT rsaref.c
-$
-$	if f$getsyi("CPU") .ge. 128
-$	then
-$	    link/share=librsaref.exe sys$input:/option
-[]rsaref.obj
-[.install]rsaref.olb/lib
-[---.axp.exe.crypto]libcrypto.olb/lib
-symbol_vector=(bind_engine=procedure,v_check=procedure)
-$	else
-$	    macro/object=rsaref_vec.obj sys$input:
-;
-; Transfer vector for VAX shareable image
-;
-	.TITLE librsaref
-;
-; Define macro to assist in building transfer vector entries.  Each entry
-; should take no more than 8 bytes.
-;
-	.MACRO FTRANSFER_ENTRY routine
-	.ALIGN QUAD
-	.TRANSFER routine
-	.MASK	routine
-	JMP	routine+2
-	.ENDM FTRANSFER_ENTRY
-;
-; Place entries in own program section.
-;
-	.PSECT $$LIBRSAREF,QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT
-
-LIBRSAREF_xfer:
-	FTRANSFER_ENTRY bind_engine
-	FTRANSFER_ENTRY v_check
-
-;
-; Allocate extra storage at end of vector to allow for expansion.
-;
-	.BLKB 512-<.-LIBRSAREF_xfer>	; 1 page.
-	.END
-$	    link/share=librsaref.exe sys$input:/option
-!
-! Ensure transfer vector is at beginning of image
-!
-CLUSTER=FIRST
-COLLECT=FIRST,$$LIBRSAREF
-!
-! make psects nonshareable so image can be installed.
-!
-PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
-[]rsaref_vec.obj
-[]rsaref.obj
-[.install]rsaref.olb/lib
-[---.vax.exe.crypto]libcrypto.olb/lib
-$	endif
-$
-$	set default '_save_default'
diff --git a/crypto/openssl/demos/engines/rsaref/rsaref.c b/crypto/openssl/demos/engines/rsaref/rsaref.c
deleted file mode 100644
index 872811b8f72f..000000000000
--- a/crypto/openssl/demos/engines/rsaref/rsaref.c
+++ /dev/null
@@ -1,685 +0,0 @@
-/* Demo of how to construct your own engine and using it.  The basis of this
-   engine is RSAref, an old reference of the RSA algorithm which can still
-   be found a little here and there. */
-
-#include <stdio.h>
-#include <string.h>
-#include "./source/global.h"
-#include "./source/rsaref.h"
-#include "./source/rsa.h"
-#include "./source/des.h"
-#include <openssl/err.h>
-#define OPENSSL_NO_MD2
-#define OPENSSL_NO_MD5
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-#include <openssl/engine.h>
-
-#define RSAREF_LIB_NAME "rsaref engine"
-#include "rsaref_err.c"
-
-/*****************************************************************************
- *** Function declarations and global variable definitions                 ***
- *****************************************************************************/
-
-/*****************************************************************************
- * Constants used when creating the ENGINE
- **/
-static const char *engine_rsaref_id = "rsaref";
-static const char *engine_rsaref_name = "RSAref engine support";
-
-/*****************************************************************************
- * Functions to handle the engine
- **/
-static int rsaref_destroy(ENGINE *e);
-static int rsaref_init(ENGINE *e);
-static int rsaref_finish(ENGINE *e);
-#if 0
-static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 
-#endif
-
-/*****************************************************************************
- * Engine commands
- **/
-static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
-	{0, NULL, NULL, 0}
-	};
-
-/*****************************************************************************
- * RSA functions
- **/
-static int rsaref_private_decrypt(int len, const unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-static int rsaref_private_encrypt(int len, const unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-static int rsaref_public_encrypt(int len, const unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-static int rsaref_public_decrypt(int len, const unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
-			  BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-
-/*****************************************************************************
- * Our RSA method
- **/
-static RSA_METHOD rsaref_rsa =
-{
-  "RSAref PKCS#1 RSA",
-  rsaref_public_encrypt,
-  rsaref_public_decrypt,
-  rsaref_private_encrypt,
-  rsaref_private_decrypt,
-  rsaref_mod_exp,
-  bnref_mod_exp,
-  NULL,
-  NULL,
-  0,
-  NULL,
-  NULL,
-  NULL
-};
-
-/*****************************************************************************
- * Symetric cipher and digest function registrars
- **/
-static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-	const int **nids, int nid);
-static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
-	const int **nids, int nid);
-
-static int rsaref_cipher_nids[] =
-	{ NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 };
-static int rsaref_digest_nids[] =
-	{ NID_md2, NID_md5, 0 };
-
-/*****************************************************************************
- * DES functions
- **/
-static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc);
-static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl);
-static int cipher_des_cbc_clean(EVP_CIPHER_CTX *);
-static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc);
-static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl);
-static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *);
-static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc);
-static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl);
-static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *);
-
-/*****************************************************************************
- * Our DES ciphers
- **/
-static const EVP_CIPHER cipher_des_cbc =
-	{
-	NID_des_cbc,
-	8, 8, 8,
-	0 | EVP_CIPH_CBC_MODE,
-	cipher_des_cbc_init,
-	cipher_des_cbc_code,
-	cipher_des_cbc_clean,
-	sizeof(DES_CBC_CTX),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-	};
-
-static const EVP_CIPHER cipher_des_ede3_cbc =
-	{
-	NID_des_ede3_cbc,
-	8, 24, 8,
-	0 | EVP_CIPH_CBC_MODE,
-	cipher_des_ede3_cbc_init,
-	cipher_des_ede3_cbc_code,
-	cipher_des_ede3_cbc_clean,
-	sizeof(DES3_CBC_CTX),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-	};
-
-static const EVP_CIPHER cipher_desx_cbc =
-	{
-	NID_desx_cbc,
-	8, 24, 8,
-	0 | EVP_CIPH_CBC_MODE,
-	cipher_desx_cbc_init,
-	cipher_desx_cbc_code,
-	cipher_desx_cbc_clean,
-	sizeof(DESX_CBC_CTX),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-	};
-
-/*****************************************************************************
- * MD functions
- **/
-static int digest_md2_init(EVP_MD_CTX *ctx);
-static int digest_md2_update(EVP_MD_CTX *ctx,const void *data,
-	unsigned long count);
-static int digest_md2_final(EVP_MD_CTX *ctx,unsigned char *md);
-static int digest_md5_init(EVP_MD_CTX *ctx);
-static int digest_md5_update(EVP_MD_CTX *ctx,const void *data,
-	unsigned long count);
-static int digest_md5_final(EVP_MD_CTX *ctx,unsigned char *md);
-
-/*****************************************************************************
- * Our MD digests
- **/
-static const EVP_MD digest_md2 =
-	{
-	NID_md2,
-	NID_md2WithRSAEncryption,
-	16,
-	0,
-	digest_md2_init,
-	digest_md2_update,
-	digest_md2_final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	16,
-	sizeof(MD2_CTX)
-	};
-
-static const EVP_MD digest_md5 =
-	{
-	NID_md5,
-	NID_md5WithRSAEncryption,
-	16,
-	0,
-	digest_md5_init,
-	digest_md5_update,
-	digest_md5_final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	64,
-	sizeof(MD5_CTX)
-	};
-
-/*****************************************************************************
- *** Function definitions                                                  ***
- *****************************************************************************/
-
-/*****************************************************************************
- * Functions to handle the engine
- **/
-
-static int bind_rsaref(ENGINE *e)
-	{
-	const RSA_METHOD *meth1;
-	if(!ENGINE_set_id(e, engine_rsaref_id)
-		|| !ENGINE_set_name(e, engine_rsaref_name)
-		|| !ENGINE_set_RSA(e, &rsaref_rsa)
-		|| !ENGINE_set_ciphers(e, rsaref_ciphers)
-		|| !ENGINE_set_digests(e, rsaref_digests)
-		|| !ENGINE_set_destroy_function(e, rsaref_destroy)
-		|| !ENGINE_set_init_function(e, rsaref_init)
-		|| !ENGINE_set_finish_function(e, rsaref_finish)
-		/* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
-		/* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
-		return 0;
-
-	/* Ensure the rsaref error handling is set up */
-	ERR_load_RSAREF_strings();
-	return 1;
-	}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_helper(ENGINE *e, const char *id)
-	{
-	if(id && (strcmp(id, engine_rsaref_id) != 0))
-		return 0;
-	if(!bind_rsaref(e))
-		return 0;
-	return 1;
-	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
-static ENGINE *engine_rsaref(void)
-	{
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!bind_rsaref(ret))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
-
-void ENGINE_load_rsaref(void)
-	{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_rsaref();
-	if(!toadd) return;
-	ENGINE_add(toadd);
-	ENGINE_free(toadd);
-	ERR_clear_error();
-	}
-#endif
-
-/* Initiator which is only present to make sure this engine looks available */
-static int rsaref_init(ENGINE *e)
-	{
-	return 1;
-	}
-
-/* Finisher which is only present to make sure this engine looks available */
-static int rsaref_finish(ENGINE *e)
-	{
-	return 1;
-	}
-
-/* Destructor (complements the "ENGINE_ncipher()" constructor) */
-static int rsaref_destroy(ENGINE *e)
-	{
-	ERR_unload_RSAREF_strings();
-	return 1;
-	}
-
-/*****************************************************************************
- * RSA functions
- **/
-
-static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-	{
-	RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(0);
-	}
-
-static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(0);
-	}
-
-/* unsigned char *to:  [max]    */
-static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
-	{
-	int i;
-
-	i=BN_num_bytes(from);
-	if (i > max)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
-		return(0);
-		}
-
-	memset(to,0,(unsigned int)max);
-	if (!BN_bn2bin(from,&(to[max-i])))
-		return(0);
-	return(1);
-	}
-
-#ifdef undef
-/* unsigned char *from:  [max]    */
-static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
-	{
-	int i;
-	BIGNUM *ret;
-
-	for (i=0; i<max; i++)
-		if (from[i]) break;
-
-	ret=BN_bin2bn(&(from[i]),max-i,to);
-	return(ret);
-	}
-
-static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
-	{
-	to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
-	to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
-	if ((to->n == NULL) || (to->e == NULL)) return(0);
-	return(1);
-	}
-#endif
-
-static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY *to)
-	{
-	to->bits=BN_num_bits(from->n);
-	if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
-	if (!RSAref_bn2bin(from->e,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
-	return(1);
-	}
-
-#ifdef undef
-static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
-	{
-	if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
-		== NULL)
-		return(0);
-	if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
-		== NULL)
-		return(0);
-	if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	return(1);
-	}
-#endif
-
-static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY *to)
-	{
-	to->bits=BN_num_bits(from->n);
-	if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
-	if (!RSAref_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN)) return(0);
-	if (!RSAref_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
-	if (!RSAref_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN)) return(0);
-	if (!RSAref_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN)) return(0);
-	if (!RSAref_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN)) return(0);
-	if (!RSAref_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN)) return(0);
-	if (!RSAref_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN)) return(0);
-	return(1);
-	}
-
-static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	R_RSA_PRIVATE_KEY RSAkey;
-
-	if (!RSAref_Private_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPrivateDecrypt(to,(unsigned int *)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	R_RSA_PRIVATE_KEY RSAkey;
-
-	if (padding != RSA_PKCS1_PADDING)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (!RSAref_Private_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPrivateEncrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	R_RSA_PUBLIC_KEY RSAkey;
-
-	if (!RSAref_Public_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPublicDecrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int outlen= -1;
-	int i;
-	R_RSA_PUBLIC_KEY RSAkey;
-	R_RANDOM_STRUCT rnd;
-	unsigned char buf[16];
-
-	if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) 
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-		}
-	
-	R_RandomInit(&rnd);
-	R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
-	while (i > 0)
-		{
-		if (RAND_bytes(buf,16) <= 0)
-			goto err;
-		R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
-		i-=16;
-		}
-
-	if (!RSAref_Public_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPublicEncrypt(to,(unsigned int)&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
-		outlen= -1;
-		goto err;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	R_RandomFinal(&rnd);
-	memset(&rnd,0,sizeof(rnd));
-	return(outlen);
-	}
-
-/*****************************************************************************
- * Symetric cipher and digest function registrars
- **/
-static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-	const int **nids, int nid)
-	{
-	int ok = 1;
-	if(!cipher)
-		{
-		/* We are returning a list of supported nids */
-		*nids = rsaref_cipher_nids;
-		return (sizeof(rsaref_cipher_nids)-1)/sizeof(rsaref_cipher_nids[0]);
-		}
-	/* We are being asked for a specific cipher */
-	switch (nid)
-		{
-	case NID_des_cbc:
-		*cipher = &cipher_des_cbc; break;
-	case NID_des_ede3_cbc:
-		*cipher = &cipher_des_ede3_cbc; break;
-	case NID_desx_cbc:
-		*cipher = &cipher_desx_cbc; break;
-	default:
-		ok = 0;
-		*cipher = NULL;
-		break;
-		}
-	return ok;
-	}
-static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
-	const int **nids, int nid)
-	{
-	int ok = 1;
-	if(!digest)
-		{
-		/* We are returning a list of supported nids */
-		*nids = rsaref_digest_nids;
-		return (sizeof(rsaref_digest_nids)-1)/sizeof(rsaref_digest_nids[0]);
-		}
-	/* We are being asked for a specific digest */
-	switch (nid)
-		{
-	case NID_md2:
-		*digest = &digest_md2; break;
-	case NID_md5:
-		*digest = &digest_md5; break;
-	default:
-		ok = 0;
-		*digest = NULL;
-		break;
-		}
-	return ok;
-	}
-
-/*****************************************************************************
- * DES functions
- **/
-#undef data
-#define data(ctx) ((DES_CBC_CTX *)(ctx)->cipher_data)
-static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc)
-	{
-	DES_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
-	return 1;
-	}
-static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl)
-	{
-	int ret = DES_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
-	switch (ret)
-		{
-	case RE_LEN:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
-		break;
-	case 0:
-		break;
-	default:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
-		}
-	return !ret;
-	}
-static int cipher_des_cbc_clean(EVP_CIPHER_CTX *ctx)
-	{
-	memset(data(ctx), 0, ctx->cipher->ctx_size);
-	return 1;
-	}
-
-#undef data
-#define data(ctx) ((DES3_CBC_CTX *)(ctx)->cipher_data)
-static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc)
-	{
-	DES3_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
-		enc);
-	return 1;
-	}
-static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl)
-	{
-	int ret = DES3_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
-	switch (ret)
-		{
-	case RE_LEN:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
-		break;
-	case 0:
-		break;
-	default:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
-		}
-	return !ret;
-	}
-static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *ctx)
-	{
-	memset(data(ctx), 0, ctx->cipher->ctx_size);
-	return 1;
-	}
-
-#undef data
-#define data(ctx) ((DESX_CBC_CTX *)(ctx)->cipher_data)
-static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	const unsigned char *iv, int enc)
-	{
-	DESX_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
-		enc);
-	return 1;
-	}
-static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl)
-	{
-	int ret = DESX_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
-	switch (ret)
-		{
-	case RE_LEN:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
-		break;
-	case 0:
-		break;
-	default:
-		RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
-		}
-	return !ret;
-	}
-static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *ctx)
-	{
-	memset(data(ctx), 0, ctx->cipher->ctx_size);
-	return 1;
-	}
-
-/*****************************************************************************
- * MD functions
- **/
-#undef data
-#define data(ctx) ((MD2_CTX *)(ctx)->md_data)
-static int digest_md2_init(EVP_MD_CTX *ctx)
-	{
-	MD2Init(data(ctx));
-	return 1;
-	}
-static int digest_md2_update(EVP_MD_CTX *ctx,const void *data,
-	unsigned long count)
-	{
-	MD2Update(data(ctx), (unsigned char *)data, (unsigned int)count);
-	return 1;
-	}
-static int digest_md2_final(EVP_MD_CTX *ctx,unsigned char *md)
-	{
-	MD2Final(md, data(ctx));
-	return 1;
-	}
-
-#undef data
-#define data(ctx) ((MD5_CTX *)(ctx)->md_data)
-static int digest_md5_init(EVP_MD_CTX *ctx)
-	{
-	MD5Init(data(ctx));
-	return 1;
-	}
-static int digest_md5_update(EVP_MD_CTX *ctx,const void *data,
-	unsigned long count)
-	{
-	MD5Update(data(ctx), (unsigned char *)data, (unsigned int)count);
-	return 1;
-	}
-static int digest_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
-	{
-	MD5Final(md, data(ctx));
-	return 1;
-	}
diff --git a/crypto/openssl/demos/engines/rsaref/rsaref.ec b/crypto/openssl/demos/engines/rsaref/rsaref.ec
deleted file mode 100644
index c690ae3883bf..000000000000
--- a/crypto/openssl/demos/engines/rsaref/rsaref.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-# configuration file for util/mkerr.pl
-#
-# use like this:
-#
-#	perl ../../../util/mkerr.pl -conf rsaref.ec \
-#		-nostatic -staticloader -write *.c
-
-L RSAREF	rsaref_err.h			rsaref_err.c
diff --git a/crypto/openssl/demos/engines/rsaref/rsaref_err.c b/crypto/openssl/demos/engines/rsaref/rsaref_err.c
deleted file mode 100644
index ceaf05706d3c..000000000000
--- a/crypto/openssl/demos/engines/rsaref/rsaref_err.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* rsaref_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "rsaref_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA RSAREF_str_functs[]=
-	{
-{ERR_PACK(0,RSAREF_F_BNREF_MOD_EXP,0),	"BNREF_MOD_EXP"},
-{ERR_PACK(0,RSAREF_F_CIPHER_DES_CBC_CODE,0),	"CIPHER_DES_CBC_CODE"},
-{ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0),	"RSAREF_BN2BIN"},
-{ERR_PACK(0,RSAREF_F_RSAREF_MOD_EXP,0),	"RSAREF_MOD_EXP"},
-{ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_DECRYPT,0),	"RSAREF_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_ENCRYPT,0),	"RSAREF_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_DECRYPT,0),	"RSAREF_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_ENCRYPT,0),	"RSAREF_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0),	"RSA_BN2BIN"},
-{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0),	"RSA_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0),	"RSA_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0),	"RSA_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0),	"RSA_PUBLIC_ENCRYPT"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA RSAREF_str_reasons[]=
-	{
-{RSAREF_R_CONTENT_ENCODING               ,"content encoding"},
-{RSAREF_R_DATA                           ,"data"},
-{RSAREF_R_DIGEST_ALGORITHM               ,"digest algorithm"},
-{RSAREF_R_ENCODING                       ,"encoding"},
-{RSAREF_R_ENCRYPTION_ALGORITHM           ,"encryption algorithm"},
-{RSAREF_R_KEY                            ,"key"},
-{RSAREF_R_KEY_ENCODING                   ,"key encoding"},
-{RSAREF_R_LEN                            ,"len"},
-{RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED       ,"length not block aligned"},
-{RSAREF_R_MODULUS_LEN                    ,"modulus len"},
-{RSAREF_R_NEED_RANDOM                    ,"need random"},
-{RSAREF_R_PRIVATE_KEY                    ,"private key"},
-{RSAREF_R_PUBLIC_KEY                     ,"public key"},
-{RSAREF_R_SIGNATURE                      ,"signature"},
-{RSAREF_R_SIGNATURE_ENCODING             ,"signature encoding"},
-{RSAREF_R_UNKNOWN_FAULT                  ,"unknown fault"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef RSAREF_LIB_NAME
-static ERR_STRING_DATA RSAREF_lib_name[]=
-        {
-{0	,RSAREF_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int RSAREF_lib_error_code=0;
-static int RSAREF_error_init=1;
-
-static void ERR_load_RSAREF_strings(void)
-	{
-	if (RSAREF_lib_error_code == 0)
-		RSAREF_lib_error_code=ERR_get_next_error_library();
-
-	if (RSAREF_error_init)
-		{
-		RSAREF_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(RSAREF_lib_error_code,RSAREF_str_functs);
-		ERR_load_strings(RSAREF_lib_error_code,RSAREF_str_reasons);
-#endif
-
-#ifdef RSAREF_LIB_NAME
-		RSAREF_lib_name->error = ERR_PACK(RSAREF_lib_error_code,0,0);
-		ERR_load_strings(0,RSAREF_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_RSAREF_strings(void)
-	{
-	if (RSAREF_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(RSAREF_lib_error_code,RSAREF_str_functs);
-		ERR_unload_strings(RSAREF_lib_error_code,RSAREF_str_reasons);
-#endif
-
-#ifdef RSAREF_LIB_NAME
-		ERR_unload_strings(0,RSAREF_lib_name);
-#endif
-		RSAREF_error_init=1;
-		}
-	}
-
-static void ERR_RSAREF_error(int function, int reason, char *file, int line)
-	{
-	if (RSAREF_lib_error_code == 0)
-		RSAREF_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(RSAREF_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/demos/engines/rsaref/rsaref_err.h b/crypto/openssl/demos/engines/rsaref/rsaref_err.h
deleted file mode 100644
index 19759709b771..000000000000
--- a/crypto/openssl/demos/engines/rsaref/rsaref_err.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* rsaref_err.h */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_RSAREF_ERR_H
-#define HEADER_RSAREF_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_RSAREF_strings(void);
-static void ERR_unload_RSAREF_strings(void);
-static void ERR_RSAREF_error(int function, int reason, char *file, int line);
-#define RSAREFerr(f,r) ERR_RSAREF_error((f),(r),__FILE__,__LINE__)
-/* Error codes for the RSAREF functions. */
-
-/* Function codes. */
-#define RSAREF_F_BNREF_MOD_EXP				 100
-#define RSAREF_F_CIPHER_DES_CBC_CODE			 112
-#define RSAREF_F_RSAREF_BN2BIN				 101
-#define RSAREF_F_RSAREF_MOD_EXP				 102
-#define RSAREF_F_RSAREF_PRIVATE_DECRYPT			 103
-#define RSAREF_F_RSAREF_PRIVATE_ENCRYPT			 104
-#define RSAREF_F_RSAREF_PUBLIC_DECRYPT			 105
-#define RSAREF_F_RSAREF_PUBLIC_ENCRYPT			 106
-#define RSAREF_F_RSA_BN2BIN				 107
-#define RSAREF_F_RSA_PRIVATE_DECRYPT			 108
-#define RSAREF_F_RSA_PRIVATE_ENCRYPT			 109
-#define RSAREF_F_RSA_PUBLIC_DECRYPT			 110
-#define RSAREF_F_RSA_PUBLIC_ENCRYPT			 111
-
-/* Reason codes. */
-#define RSAREF_R_CONTENT_ENCODING			 100
-#define RSAREF_R_DATA					 101
-#define RSAREF_R_DIGEST_ALGORITHM			 102
-#define RSAREF_R_ENCODING				 103
-#define RSAREF_R_ENCRYPTION_ALGORITHM			 104
-#define RSAREF_R_KEY					 105
-#define RSAREF_R_KEY_ENCODING				 106
-#define RSAREF_R_LEN					 107
-#define RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED		 114
-#define RSAREF_R_MODULUS_LEN				 108
-#define RSAREF_R_NEED_RANDOM				 109
-#define RSAREF_R_PRIVATE_KEY				 110
-#define RSAREF_R_PUBLIC_KEY				 111
-#define RSAREF_R_SIGNATURE				 112
-#define RSAREF_R_SIGNATURE_ENCODING			 113
-#define RSAREF_R_UNKNOWN_FAULT				 115
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/demos/engines/zencod/Makefile b/crypto/openssl/demos/engines/zencod/Makefile
deleted file mode 100644
index 5b6a339ab2ba..000000000000
--- a/crypto/openssl/demos/engines/zencod/Makefile
+++ /dev/null
@@ -1,114 +0,0 @@
-LIBNAME=	libzencod
-SRC=		hw_zencod.c
-OBJ=		hw_zencod.o
-HEADER=		hw_zencod.h
-
-CC=		gcc
-PIC=		-fPIC
-CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
-AR=		ar r
-RANLIB=		ranlib
-
-LIB=		$(LIBNAME).a
-SHLIB=		$(LIBNAME).so
-
-all:
-		@echo 'Please choose a system to build on:'
-		@echo ''
-		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
-		@echo 'solaris:  Solaris'
-		@echo 'irix:     IRIX'
-		@echo 'hpux32:   32-bit HP/UX'
-		@echo 'hpux64:   64-bit HP/UX'
-		@echo 'aix:      AIX'
-		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
-		@echo ''
-
-FORCE.update:
-update:		FORCE.update
-		perl ../../../util/mkerr.pl -conf hw_zencod.ec \
-			-nostatic -staticloader -write hw_zencod.c
-
-gnu:		$(SHLIB).gnu
-tru64:		$(SHLIB).tru64
-solaris:	$(SHLIB).solaris
-irix:		$(SHLIB).irix
-hpux32:		$(SHLIB).hpux32
-hpux64:		$(SHLIB).hpux64
-aix:		$(SHLIB).aix
-
-$(LIB):		$(OBJ)
-		$(AR) $(LIB) $(OBJ)
-		- $(RANLIB) $(LIB)
-
-LINK_SO=	\
-  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
-  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
-   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
-
-$(SHLIB).gnu:	$(LIB)
-		ALLSYMSFLAGS='--whole-archive' \
-		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).gnu
-$(SHLIB).tru64:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).tru64
-$(SHLIB).solaris:	$(LIB)
-		ALLSYMSFLAGS='-z allextract' \
-		SHAREDFLAGS='-G -h $(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).solaris
-$(SHLIB).irix:	$(LIB)
-		ALLSYMSFLAGS='-all' \
-		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).irix
-$(SHLIB).hpux32:	$(LIB)
-		ALLSYMSFLAGS='-Fl' \
-		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux32
-$(SHLIB).hpux64:	$(LIB)
-		ALLSYMSFLAGS='+forceload' \
-		SHAREDFLAGS='-b -z +h $(SHLIB)' \
-		SHAREDCMD='/usr/ccs/bin/ld'; \
-		$(LINK_SO)
-		touch $(SHLIB).hpux64
-$(SHLIB).aix:	$(LIB)
-		ALLSYMSFLAGS='-bnogc' \
-		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
-		SHAREDCMD='$(CC)'; \
-		$(LINK_SO)
-		touch $(SHLIB).aix
-
-depend:
-		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
-		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
-		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
-		rm -f Makefile.tmp Makefile
-		mv Makefile.new Makefile
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
-rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
-rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
-rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
-rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
-rsaref.o: ../../../include/openssl/opensslconf.h
-rsaref.o: ../../../include/openssl/opensslv.h
-rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
-rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
-rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
-rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
-rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
-rsaref.o: source/rsaref.h
diff --git a/crypto/openssl/demos/engines/zencod/hw_zencod.c b/crypto/openssl/demos/engines/zencod/hw_zencod.c
deleted file mode 100644
index 29206b4a2978..000000000000
--- a/crypto/openssl/demos/engines/zencod/hw_zencod.c
+++ /dev/null
@@ -1,1739 +0,0 @@
-/* crypto/engine/hw_zencod.c */
- /* Written by Fred Donnat (frederic.donnat@zencod.com) for "zencod"
- * engine integration in order to redirect crypto computing on a crypto
- * hardware accelerator zenssl32  ;-)
- *
- * Date : 25 jun 2002
- * Revision : 17 Ju7 2002
- * Version : zencod_engine-0.9.7
- */
-
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-/* ENGINE general include */
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_ZENCOD
-
-#ifdef FLAT_INC
-#  include "hw_zencod.h"
-#else
-#  include "vendor_defns/hw_zencod.h"
-#endif
-
-#define ZENCOD_LIB_NAME "zencod engine"
-#include "hw_zencod_err.c"
-
-#define FAIL_TO_SOFTWARE		-15
-
-#define	ZEN_LIBRARY	"zenbridge"
-
-#if 0
-#  define PERROR(s)	perror(s)
-#  define CHEESE()	fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr)
-#else
-#  define PERROR(s)
-#  define CHEESE()
-#endif
-
-
-/* Sorry ;) */
-#ifndef WIN32
-static inline void esrever ( unsigned char *d, int l )
-{
-	for(;--l>0;--l,d++){*d^=*(d+l);*(d+l)^=*d;*d^=*(d+l);}
-}
-
-static inline void ypcmem ( unsigned char *d, const unsigned char *s, int l )
-{
-	for(d+=l;l--;)*--d=*s++;
-}
-#else
-static __inline void esrever ( unsigned char *d, int l )
-{
-	for(;--l>0;--l,d++){*d^=*(d+l);*(d+l)^=*d;*d^=*(d+l);}
-}
-
-static __inline void ypcmem ( unsigned char *d, const unsigned char *s, int l )
-{
-	for(d+=l;l--;)*--d=*s++;
-}
-#endif
-
-
-#define BIGNUM2ZEN(n, bn)	(ptr_zencod_init_number((n), \
-					(unsigned long) ((bn)->top * BN_BITS2), \
-					(unsigned char *) ((bn)->d)))
-
-#define ZEN_BITS(n, bytes)	(ptr_zencod_bytes2bits((unsigned char *) (n), (unsigned long) (bytes)))
-#define ZEN_BYTES(bits)	(ptr_zencod_bits2bytes((unsigned long) (bits)))
-
-
-/* Function for ENGINE detection and control */
-static int zencod_destroy ( ENGINE *e ) ;
-static int zencod_init ( ENGINE *e ) ;
-static int zencod_finish ( ENGINE *e ) ;
-static int zencod_ctrl ( ENGINE *e, int cmd, long i, void *p, void (*f) () ) ;
-
-/* BIGNUM stuff */
-static int zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx ) ;
-
-/* RSA stuff */
-#ifndef OPENSSL_NO_RSA
-static int RSA_zencod_rsa_mod_exp ( BIGNUM *r0, const BIGNUM *I, RSA *rsa ) ;
-static int RSA_zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx ) ;
-#endif
-
-/* DSA stuff */
-#ifndef OPENSSL_NO_DSA
-static int DSA_zencod_bn_mod_exp ( DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx ) ;
-
-static DSA_SIG *DSA_zencod_do_sign ( const unsigned char *dgst, int dlen, DSA *dsa ) ;
-static int DSA_zencod_do_verify ( const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		DSA *dsa ) ;
-#endif
-
-/* DH stuff */
-#ifndef OPENSSL_NO_DH
-static int DH_zencod_bn_mod_exp ( const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx ) ;
-static int DH_zencod_generate_key ( DH *dh ) ;
-static int DH_zencod_compute_key ( unsigned char *key, const BIGNUM *pub_key, DH *dh ) ;
-#endif
-
-/* Rand stuff */
-static void RAND_zencod_seed ( const void *buf, int num ) ;
-static int RAND_zencod_rand_bytes ( unsigned char *buf, int num ) ;
-static int RAND_zencod_rand_status ( void ) ;
-
-/* Digest Stuff */
-static int engine_digests ( ENGINE *e, const EVP_MD **digest, const int **nids, int nid ) ;
-
-/* Cipher Stuff */
-static int engine_ciphers ( ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid ) ;
-
-
-#define ZENCOD_CMD_SO_PATH			ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN zencod_cmd_defns [ ] =
-{
-	{ ZENCOD_CMD_SO_PATH,
-	  "SO_PATH",
-	  "Specifies the path to the 'zenbridge' shared library",
-	  ENGINE_CMD_FLAG_STRING},
-	{ 0, NULL, NULL, 0 }
-} ;
-
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD specific to zencod ENGINE providing pointers to our function */
-static RSA_METHOD zencod_rsa =
-{
-	"ZENCOD RSA method",
-	NULL,
-	NULL,
-	NULL,
-	NULL,
-	RSA_zencod_rsa_mod_exp,
-	RSA_zencod_bn_mod_exp,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL
-} ;
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD specific to zencod ENGINE providing pointers to our function */
-static DSA_METHOD zencod_dsa =
-{
-	"ZENCOD DSA method",
-	DSA_zencod_do_sign,
-	NULL,
-	DSA_zencod_do_verify,
-	NULL,
-	DSA_zencod_bn_mod_exp,
-	NULL,
-	NULL,
-	0,
-	NULL
-} ;
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD specific to zencod ENGINE providing pointers to our function */
-static DH_METHOD zencod_dh =
-{
-	"ZENCOD DH method",
-	DH_zencod_generate_key,
-	DH_zencod_compute_key,
-	DH_zencod_bn_mod_exp,
-	NULL,
-	NULL,
-	0,
-	NULL
-} ;
-#endif
-
-/* Our internal RAND_meth specific to zencod ZNGINE providing pointers to  our function */
-static RAND_METHOD zencod_rand =
-{
-	RAND_zencod_seed,
-	RAND_zencod_rand_bytes,
-	NULL,
-	NULL,
-	RAND_zencod_rand_bytes,
-	RAND_zencod_rand_status
-} ;
-
-
-/* Constants used when creating the ENGINE */
-static const char *engine_zencod_id = "zencod";
-static const char *engine_zencod_name = "ZENCOD hardware engine support";
-
-
-/* This internal function is used by ENGINE_zencod () and possibly by the
- * "dynamic" ENGINE support too   ;-)
- */
-static int bind_helper ( ENGINE *e )
-{
-
-#ifndef OPENSSL_NO_RSA
-	const RSA_METHOD *meth_rsa ;
-#endif
-#ifndef OPENSSL_NO_DSA
-	const DSA_METHOD *meth_dsa ;
-#endif
-#ifndef OPENSSL_NO_DH
-	const DH_METHOD *meth_dh ;
-#endif
-
-	const RAND_METHOD *meth_rand ;
-
-
-	if ( !ENGINE_set_id ( e, engine_zencod_id ) ||
-			!ENGINE_set_name ( e, engine_zencod_name ) ||
-#ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA ( e, &zencod_rsa ) ||
-#endif
-#ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA ( e, &zencod_dsa ) ||
-#endif
-#ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH ( e, &zencod_dh ) ||
-#endif
-			!ENGINE_set_RAND ( e, &zencod_rand ) ||
-
-			!ENGINE_set_destroy_function ( e, zencod_destroy ) ||
-			!ENGINE_set_init_function ( e, zencod_init ) ||
-			!ENGINE_set_finish_function ( e, zencod_finish ) ||
-			!ENGINE_set_ctrl_function ( e, zencod_ctrl ) ||
-			!ENGINE_set_cmd_defns ( e, zencod_cmd_defns ) ||
-			!ENGINE_set_digests ( e, engine_digests ) ||
-			!ENGINE_set_ciphers ( e, engine_ciphers ) ) {
-		return 0 ;
-	}
-
-#ifndef OPENSSL_NO_RSA
-	/* We know that the "PKCS1_SSLeay()" functions hook properly
-	 * to the Zencod-specific mod_exp and mod_exp_crt so we use
-	 * those functions. NB: We don't use ENGINE_openssl() or
-	 * anything "more generic" because something like the RSAref
-	 * code may not hook properly, and if you own one of these
-	 * cards then you have the right to do RSA operations on it
-	 * anyway!
-	 */
-	meth_rsa = RSA_PKCS1_SSLeay () ;
-
-	zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc ;
-	zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec ;
-	zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc ;
-	zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec ;
-	/* meth_rsa->rsa_mod_exp */
-	/* meth_rsa->bn_mod_exp */
-	zencod_rsa.init = meth_rsa->init ;
-	zencod_rsa.finish = meth_rsa->finish ;
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	/* We use OpenSSL meth to supply what we don't provide ;-*)
-	 */
-	meth_dsa = DSA_OpenSSL () ;
-
-	/* meth_dsa->dsa_do_sign */
-	zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup ;
-	/* meth_dsa->dsa_do_verify */
-	zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp ;
-	/* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */
-	zencod_dsa.init = meth_dsa->init ;
-	zencod_dsa.finish = meth_dsa->finish ;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	/* We use OpenSSL meth to supply what we don't provide ;-*)
-	 */
-	meth_dh = DH_OpenSSL () ;
-
-	/* zencod_dh.generate_key = meth_dh->generate_key ; */
-	/* zencod_dh.compute_key = meth_dh->compute_key ; */
-	/* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */
-	zencod_dh.init = meth_dh->init ;
-	zencod_dh.finish = meth_dh->finish ;
-
-#endif
-
-	/* We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*)
-	 */
-	meth_rand = RAND_SSLeay () ;
-
-	/* meth_rand->seed ; */
-	/* zencod_rand.seed = meth_rand->seed ; */
-	/* meth_rand->bytes ; */
-	/* zencod_rand.bytes = meth_rand->bytes ; */
-	zencod_rand.cleanup = meth_rand->cleanup ;
-	zencod_rand.add = meth_rand->add ;
-	/* meth_rand->pseudorand ; */
-	/* zencod_rand.pseudorand = meth_rand->pseudorand ; */
-	/* zencod_rand.status = meth_rand->status ; */
-	/* meth_rand->status ; */
-
-	/* Ensure the zencod error handling is set up */
-	ERR_load_ZENCOD_strings () ;
-	return 1 ;
-}
-
-
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!)
- */
-static ENGINE *ENGINE_zencod ( void )
-{
-
-	ENGINE *eng = ENGINE_new () ;
-
-	if ( !eng ) {
-		return NULL ;
-	}
-	if ( !bind_helper ( eng ) ) {
-		ENGINE_free ( eng ) ;
-		return NULL ;
-	}
-
-	return eng ;
-}
-
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static
-#endif
-void ENGINE_load_zencod ( void )
-{
-	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = ENGINE_zencod ( ) ;
-	if ( !toadd ) return ;
-	ENGINE_add ( toadd ) ;
-	ENGINE_free ( toadd ) ;
-	ERR_clear_error ( ) ;
-}
-
-
-/* This is a process-global DSO handle used for loading and unloading
- * the ZENBRIDGE library.
- * NB: This is only set (or unset) during an * init () or finish () call
- * (reference counts permitting) and they're  * operating with global locks,
- * so this should be thread-safe * implicitly.
- */
-static DSO *zencod_dso = NULL ;
-
-static t_zencod_test *ptr_zencod_test = NULL ;
-static t_zencod_bytes2bits *ptr_zencod_bytes2bits = NULL ;
-static t_zencod_bits2bytes *ptr_zencod_bits2bytes = NULL ;
-static t_zencod_new_number *ptr_zencod_new_number = NULL ;
-static t_zencod_init_number *ptr_zencod_init_number = NULL ;
-
-static t_zencod_rsa_mod_exp *ptr_zencod_rsa_mod_exp = NULL ;
-static t_zencod_rsa_mod_exp_crt *ptr_zencod_rsa_mod_exp_crt = NULL ;
-static t_zencod_dsa_do_sign *ptr_zencod_dsa_do_sign = NULL ;
-static t_zencod_dsa_do_verify *ptr_zencod_dsa_do_verify = NULL ;
-static t_zencod_dh_generate_key *ptr_zencod_dh_generate_key = NULL ;
-static t_zencod_dh_compute_key *ptr_zencod_dh_compute_key = NULL ;
-static t_zencod_rand_bytes *ptr_zencod_rand_bytes = NULL ;
-static t_zencod_math_mod_exp *ptr_zencod_math_mod_exp = NULL ;
-
-static t_zencod_md5_init *ptr_zencod_md5_init = NULL ;
-static t_zencod_md5_update *ptr_zencod_md5_update = NULL ;
-static t_zencod_md5_do_final *ptr_zencod_md5_do_final = NULL ;
-static t_zencod_sha1_init *ptr_zencod_sha1_init = NULL ;
-static t_zencod_sha1_update *ptr_zencod_sha1_update = NULL ;
-static t_zencod_sha1_do_final *ptr_zencod_sha1_do_final = NULL ;
-
-static t_zencod_xdes_cipher *ptr_zencod_xdes_cipher = NULL ;
-static t_zencod_rc4_cipher *ptr_zencod_rc4_cipher = NULL ;
-
-/* These are the static string constants for the DSO file name and the function
- * symbol names to bind to.
- */
-static const char *ZENCOD_LIBNAME = ZEN_LIBRARY ;
-
-static const char *ZENCOD_Fct_0 = "test_device" ;
-static const char *ZENCOD_Fct_1 = "zenbridge_bytes2bits" ;
-static const char *ZENCOD_Fct_2 = "zenbridge_bits2bytes" ;
-static const char *ZENCOD_Fct_3 = "zenbridge_new_number" ;
-static const char *ZENCOD_Fct_4 = "zenbridge_init_number" ;
-
-static const char *ZENCOD_Fct_exp_1 = "zenbridge_rsa_mod_exp" ;
-static const char *ZENCOD_Fct_exp_2 = "zenbridge_rsa_mod_exp_crt" ;
-static const char *ZENCOD_Fct_dsa_1 = "zenbridge_dsa_do_sign" ;
-static const char *ZENCOD_Fct_dsa_2 = "zenbridge_dsa_do_verify" ;
-static const char *ZENCOD_Fct_dh_1 = "zenbridge_dh_generate_key" ;
-static const char *ZENCOD_Fct_dh_2 = "zenbridge_dh_compute_key" ;
-static const char *ZENCOD_Fct_rand_1 = "zenbridge_rand_bytes" ;
-static const char *ZENCOD_Fct_math_1 = "zenbridge_math_mod_exp" ;
-
-static const char *ZENCOD_Fct_md5_1 = "zenbridge_md5_init" ;
-static const char *ZENCOD_Fct_md5_2 = "zenbridge_md5_update" ;
-static const char *ZENCOD_Fct_md5_3 = "zenbridge_md5_do_final" ;
-static const char *ZENCOD_Fct_sha1_1 = "zenbridge_sha1_init" ;
-static const char *ZENCOD_Fct_sha1_2 = "zenbridge_sha1_update" ;
-static const char *ZENCOD_Fct_sha1_3 = "zenbridge_sha1_do_final" ;
-
-static const char *ZENCOD_Fct_xdes_1 = "zenbridge_xdes_cipher" ;
-static const char *ZENCOD_Fct_rc4_1 = "zenbridge_rc4_cipher" ;
-
-/* Destructor (complements the "ENGINE_zencod ()" constructor)
- */
-static int zencod_destroy (ENGINE *e )
-{
-
-	ERR_unload_ZENCOD_strings () ;
-
-	return 1 ;
-}
-
-
-/* (de)initialisation functions. Control Function
- */
-static int zencod_init ( ENGINE *e )
-{
-
-	t_zencod_test *ptr_0 ;
-	t_zencod_bytes2bits *ptr_1 ;
-	t_zencod_bits2bytes *ptr_2 ;
-	t_zencod_new_number *ptr_3 ;
-	t_zencod_init_number *ptr_4 ;
-	t_zencod_rsa_mod_exp *ptr_exp_1 ;
-	t_zencod_rsa_mod_exp_crt *ptr_exp_2 ;
-	t_zencod_dsa_do_sign *ptr_dsa_1 ;
-	t_zencod_dsa_do_verify *ptr_dsa_2 ;
-	t_zencod_dh_generate_key *ptr_dh_1 ;
-	t_zencod_dh_compute_key *ptr_dh_2 ;
-	t_zencod_rand_bytes *ptr_rand_1 ;
-	t_zencod_math_mod_exp *ptr_math_1 ;
-	t_zencod_md5_init *ptr_md5_1 ;
-	t_zencod_md5_update *ptr_md5_2 ;
-	t_zencod_md5_do_final *ptr_md5_3 ;
-	t_zencod_sha1_init *ptr_sha1_1 ;
-	t_zencod_sha1_update *ptr_sha1_2 ;
-	t_zencod_sha1_do_final *ptr_sha1_3 ;
-	t_zencod_xdes_cipher *ptr_xdes_1 ;
-	t_zencod_rc4_cipher *ptr_rc4_1 ;
-
-	CHEESE () ;
-
-	/*
-	 * We Should add some tests for non NULL parameters or bad value !!
-	 * Stuff to be done ...
-	 */
-
-	if ( zencod_dso != NULL ) {
-		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_ALREADY_LOADED ) ;
-		goto err ;
-	}
-	/* Trying to load the Library "cryptozen"
-	 */
-	zencod_dso = DSO_load ( NULL, ZENCOD_LIBNAME, NULL, 0 ) ;
-	if ( zencod_dso == NULL ) {
-		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE ) ;
-		goto err ;
-	}
-
-	/* Trying to load Function from the Library
-	 */
-	if ( ! ( ptr_1 = (t_zencod_bytes2bits*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_1 ) ) ||
-			! ( ptr_2 = (t_zencod_bits2bytes*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_2 ) ) ||
-			! ( ptr_3 = (t_zencod_new_number*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_3 ) ) ||
-			! ( ptr_4 = (t_zencod_init_number*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_4 ) ) ||
-			! ( ptr_exp_1 = (t_zencod_rsa_mod_exp*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_exp_1 ) ) ||
-			! ( ptr_exp_2 = (t_zencod_rsa_mod_exp_crt*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_exp_2 ) ) ||
-			! ( ptr_dsa_1 = (t_zencod_dsa_do_sign*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dsa_1 ) ) ||
-			! ( ptr_dsa_2 = (t_zencod_dsa_do_verify*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dsa_2 ) ) ||
-			! ( ptr_dh_1 = (t_zencod_dh_generate_key*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dh_1 ) ) ||
-			! ( ptr_dh_2 = (t_zencod_dh_compute_key*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dh_2 ) ) ||
-			! ( ptr_rand_1 = (t_zencod_rand_bytes*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_rand_1 ) ) ||
-			! ( ptr_math_1 = (t_zencod_math_mod_exp*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_math_1 ) ) ||
-			! ( ptr_0 = (t_zencod_test *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_0 ) ) ||
-			! ( ptr_md5_1 = (t_zencod_md5_init *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_1 ) ) ||
-			! ( ptr_md5_2 = (t_zencod_md5_update *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_2 ) ) ||
-			! ( ptr_md5_3 = (t_zencod_md5_do_final *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_3 ) ) ||
-			! ( ptr_sha1_1 = (t_zencod_sha1_init *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_1 ) ) ||
-			! ( ptr_sha1_2 = (t_zencod_sha1_update *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_2 ) ) ||
-			! ( ptr_sha1_3 = (t_zencod_sha1_do_final *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_3 ) ) ||
-			! ( ptr_xdes_1 = (t_zencod_xdes_cipher *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_xdes_1 ) ) ||
-			! ( ptr_rc4_1 = (t_zencod_rc4_cipher *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_rc4_1 ) ) ) {
-
-		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE ) ;
-		goto err ;
-	}
-
-	/* The function from "cryptozen" Library have been correctly loaded so copy them
-	 */
-	ptr_zencod_test = ptr_0 ;
-	ptr_zencod_bytes2bits = ptr_1 ;
-	ptr_zencod_bits2bytes = ptr_2 ;
-	ptr_zencod_new_number = ptr_3 ;
-	ptr_zencod_init_number = ptr_4 ;
-	ptr_zencod_rsa_mod_exp = ptr_exp_1 ;
-	ptr_zencod_rsa_mod_exp_crt = ptr_exp_2 ;
-	ptr_zencod_dsa_do_sign = ptr_dsa_1 ;
-	ptr_zencod_dsa_do_verify = ptr_dsa_2 ;
-	ptr_zencod_dh_generate_key = ptr_dh_1 ;
-	ptr_zencod_dh_compute_key = ptr_dh_2 ;
-	ptr_zencod_rand_bytes = ptr_rand_1 ;
-	ptr_zencod_math_mod_exp = ptr_math_1 ;
-	ptr_zencod_test = ptr_0 ;
-	ptr_zencod_md5_init = ptr_md5_1 ;
-	ptr_zencod_md5_update = ptr_md5_2 ;
-	ptr_zencod_md5_do_final = ptr_md5_3 ;
-	ptr_zencod_sha1_init = ptr_sha1_1 ;
-	ptr_zencod_sha1_update = ptr_sha1_2 ;
-	ptr_zencod_sha1_do_final = ptr_sha1_3 ;
-	ptr_zencod_xdes_cipher = ptr_xdes_1 ;
-	ptr_zencod_rc4_cipher = ptr_rc4_1 ;
-
-	/* We should peform a test to see if there is actually any unit runnig on the system ...
-	 * Even if the cryptozen library is loaded the module coul not be loaded on the system ...
-	 * For now we may just open and close the device !!
-	 */
-
-	if ( ptr_zencod_test () != 0 ) {
-		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_UNIT_FAILURE ) ;
-		goto err ;
-	}
-
-	return 1 ;
-err :
-	if ( zencod_dso ) {
-		DSO_free ( zencod_dso ) ;
-	}
-	zencod_dso = NULL ;
-	ptr_zencod_bytes2bits = NULL ;
-	ptr_zencod_bits2bytes = NULL ;
-	ptr_zencod_new_number = NULL ;
-	ptr_zencod_init_number = NULL ;
-	ptr_zencod_rsa_mod_exp = NULL ;
-	ptr_zencod_rsa_mod_exp_crt = NULL ;
-	ptr_zencod_dsa_do_sign = NULL ;
-	ptr_zencod_dsa_do_verify = NULL ;
-	ptr_zencod_dh_generate_key = NULL ;
-	ptr_zencod_dh_compute_key = NULL ;
-	ptr_zencod_rand_bytes = NULL ;
-	ptr_zencod_math_mod_exp = NULL ;
-	ptr_zencod_test = NULL ;
-	ptr_zencod_md5_init = NULL ;
-	ptr_zencod_md5_update = NULL ;
-	ptr_zencod_md5_do_final = NULL ;
-	ptr_zencod_sha1_init = NULL ;
-	ptr_zencod_sha1_update = NULL ;
-	ptr_zencod_sha1_do_final = NULL ;
-	ptr_zencod_xdes_cipher = NULL ;
-	ptr_zencod_rc4_cipher = NULL ;
-
-	return 0 ;
-}
-
-
-static int zencod_finish ( ENGINE *e )
-{
-
-	CHEESE () ;
-
-	/*
-	 * We Should add some tests for non NULL parameters or bad value !!
-	 * Stuff to be done ...
-	 */
-	if ( zencod_dso == NULL ) {
-		ZENCODerr ( ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_NOT_LOADED ) ;
-		return 0 ;
-	}
-	if ( !DSO_free ( zencod_dso ) ) {
-		ZENCODerr ( ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_DSO_FAILURE ) ;
-		return 0 ;
-	}
-
-	zencod_dso = NULL ;
-
-	ptr_zencod_bytes2bits = NULL ;
-	ptr_zencod_bits2bytes = NULL ;
-	ptr_zencod_new_number = NULL ;
-	ptr_zencod_init_number = NULL ;
-	ptr_zencod_rsa_mod_exp = NULL ;
-	ptr_zencod_rsa_mod_exp_crt = NULL ;
-	ptr_zencod_dsa_do_sign = NULL ;
-	ptr_zencod_dsa_do_verify = NULL ;
-	ptr_zencod_dh_generate_key = NULL ;
-	ptr_zencod_dh_compute_key = NULL ;
-	ptr_zencod_rand_bytes = NULL ;
-	ptr_zencod_math_mod_exp = NULL ;
-	ptr_zencod_test = NULL ;
-	ptr_zencod_md5_init = NULL ;
-	ptr_zencod_md5_update = NULL ;
-	ptr_zencod_md5_do_final = NULL ;
-	ptr_zencod_sha1_init = NULL ;
-	ptr_zencod_sha1_update = NULL ;
-	ptr_zencod_sha1_do_final = NULL ;
-	ptr_zencod_xdes_cipher = NULL ;
-	ptr_zencod_rc4_cipher = NULL ;
-
-	return 1 ;
-}
-
-
-static int zencod_ctrl ( ENGINE *e, int cmd, long i, void *p, void (*f) () )
-{
-
-	int initialised = ( ( zencod_dso == NULL ) ? 0 : 1 ) ;
-
-	CHEESE () ;
-
-	/*
-	 * We Should add some tests for non NULL parameters or bad value !!
-	 * Stuff to be done ...
-	 */
-	switch ( cmd ) {
-	case ZENCOD_CMD_SO_PATH :
-		if ( p == NULL ) {
-			ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ERR_R_PASSED_NULL_PARAMETER ) ;
-			return 0 ;
-		}
-		if ( initialised ) {
-			ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_ALREADY_LOADED ) ;
-			return 0 ;
-		}
-		ZENCOD_LIBNAME = (const char *) p ;
-		return 1 ;
-	default :
-		break ;
-	}
-
-	ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED ) ;
-
-	return 0 ;
-}
-
-
-/* BIGNUM stuff Functions
- */
-static int zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx )
-{
-	zen_nb_t y, x, e, n;
-	int ret;
-
-	CHEESE () ;
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	if ( !bn_wexpand(r, m->top + 1) ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
-		return 0;
-	}
-
-	memset(r->d, 0, BN_num_bytes(m));
-
-	ptr_zencod_init_number ( &y, (r->dmax - 1) * sizeof (BN_ULONG) * 8, (unsigned char *) r->d ) ;
-	BIGNUM2ZEN ( &x, a ) ;
-	BIGNUM2ZEN ( &e, p ) ;
-	BIGNUM2ZEN ( &n, m ) ;
-
-	/* Must invert x and e parameter due to BN mod exp prototype ... */
-	ret = ptr_zencod_math_mod_exp ( &y, &e, &x, &n ) ;
-
-	if ( ret )  {
-		PERROR("zenbridge_math_mod_exp");
-		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
-		return 0;
-	}
-
-	r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
-
-	return 1;
-}
-
-
-/* RSA stuff Functions
- */
-#ifndef OPENSSL_NO_RSA
-static int RSA_zencod_rsa_mod_exp ( BIGNUM *r0, const BIGNUM *i, RSA *rsa )
-{
-
-	CHEESE () ;
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	if ( !rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BAD_KEY_COMPONENTS);
-		return 0;
-	}
-
-	/* Do in software if argument is too large for hardware */
-	if ( RSA_size(rsa) * 8 > ZENBRIDGE_MAX_KEYSIZE_RSA_CRT ) {
-		const RSA_METHOD *meth;
-
-		meth = RSA_PKCS1_SSLeay();
-		return meth->rsa_mod_exp(r0, i, rsa);
-	} else {
-		zen_nb_t y, x, p, q, dmp1, dmq1, iqmp;
-
-		if ( !bn_expand(r0, RSA_size(rsa) * 8) ) {
-			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BN_EXPAND_FAIL);
-			return 0;
-		}
-		r0->top = (RSA_size(rsa) * 8 + BN_BITS2 - 1) / BN_BITS2;
-
-		BIGNUM2ZEN ( &x, i ) ;
-		BIGNUM2ZEN ( &y, r0 ) ;
-		BIGNUM2ZEN ( &p, rsa->p ) ;
-		BIGNUM2ZEN ( &q, rsa->q ) ;
-		BIGNUM2ZEN ( &dmp1, rsa->dmp1 ) ;
-		BIGNUM2ZEN ( &dmq1, rsa->dmq1 ) ;
-		BIGNUM2ZEN ( &iqmp, rsa->iqmp ) ;
-
-		if ( ptr_zencod_rsa_mod_exp_crt ( &y, &x, &p, &q, &dmp1, &dmq1, &iqmp ) < 0 ) {
-			PERROR("zenbridge_rsa_mod_exp_crt");
-			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_REQUEST_FAILED);
-			return 0;
-		}
-
-		return 1;
-	}
-}
-
-
-/* This function is aliased to RSA_mod_exp (with the mont stuff dropped).
- */
-static int RSA_zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx )
-{
-
-	CHEESE () ;
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	/* Do in software if argument is too large for hardware */
-	if ( BN_num_bits(m) > ZENBRIDGE_MAX_KEYSIZE_RSA ) {
-		const RSA_METHOD *meth;
-
-		meth = RSA_PKCS1_SSLeay();
-		return meth->bn_mod_exp(r, a, p, m, ctx, m_ctx);
-	} else {
-		zen_nb_t y, x, e, n;
-
-		if ( !bn_expand(r, BN_num_bits(m)) ) {
-			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
-			return 0;
-		}
-		r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
-
-		BIGNUM2ZEN ( &x, a ) ;
-		BIGNUM2ZEN ( &y, r ) ;
-		BIGNUM2ZEN ( &e, p ) ;
-		BIGNUM2ZEN ( &n, m ) ;
-
-		if ( ptr_zencod_rsa_mod_exp ( &y, &x, &n, &e ) < 0 ) {
-			PERROR("zenbridge_rsa_mod_exp");
-			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
-			return 0;
-		}
-
-		return 1;
-	}
-}
-#endif /* !OPENSSL_NO_RSA */
-
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff Functions
- */
-static DSA_SIG *DSA_zencod_do_sign ( const unsigned char *dgst, int dlen, DSA *dsa )
-{
-	zen_nb_t p, q, g, x, y, r, s, data;
-	DSA_SIG *sig;
-	BIGNUM *bn_r = NULL;
-	BIGNUM *bn_s = NULL;
-	char msg[20];
-
-	CHEESE();
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_NOT_LOADED);
-		goto FAILED;
-	}
-
-	if ( dlen > 160 ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
-		goto FAILED;
-	}
-
-	/* Do in software if argument is too large for hardware */
-	if ( BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ||
-		BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ) {
-		const DSA_METHOD *meth;
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
-		meth = DSA_OpenSSL();
-		return meth->dsa_do_sign(dgst, dlen, dsa);
-	}
-
-	if ( !(bn_s = BN_new()) || !(bn_r = BN_new()) ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
-		goto FAILED;
-	}
-
-	if ( !bn_expand(bn_r, 160) || !bn_expand(bn_s, 160) ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BN_EXPAND_FAIL);
-		goto FAILED;
-	}
-
-	bn_r->top = bn_s->top = (160 + BN_BITS2 - 1) / BN_BITS2;
-	BIGNUM2ZEN ( &p, dsa->p ) ;
-	BIGNUM2ZEN ( &q, dsa->q ) ;
-	BIGNUM2ZEN ( &g, dsa->g ) ;
-	BIGNUM2ZEN ( &x, dsa->priv_key ) ;
-	BIGNUM2ZEN ( &y, dsa->pub_key ) ;
-	BIGNUM2ZEN ( &r, bn_r ) ;
-	BIGNUM2ZEN ( &s, bn_s ) ;
-	q.len = x.len = 160;
-
-	ypcmem(msg, dgst, 20);
-	ptr_zencod_init_number ( &data, 160, msg ) ;
-
-	if ( ptr_zencod_dsa_do_sign ( 0, &data, &y, &p, &q, &g, &x, &r, &s ) < 0 ) {
-		PERROR("zenbridge_dsa_do_sign");
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
-		goto FAILED;
-	}
-
-	if ( !( sig = DSA_SIG_new () ) ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
-		goto FAILED;
-	}
-	sig->r = bn_r;
-	sig->s = bn_s;
-	return sig;
-
- FAILED:
-	if (bn_r)
-		BN_free(bn_r);
-	if (bn_s)
-		BN_free(bn_s);
-	return NULL;
-}
-
-
-static int DSA_zencod_do_verify ( const unsigned char *dgst, int dlen, DSA_SIG *sig, DSA *dsa )
-{
-	zen_nb_t data, p, q, g, y, r, s, v;
-	char msg[20];
-	char v_data[20];
-	int ret;
-
-	CHEESE();
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	if ( dlen > 160 ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
-		return 0;
-	}
-
-	/* Do in software if argument is too large for hardware */
-	if ( BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ||
-		BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ) {
-		const DSA_METHOD *meth;
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
-		meth = DSA_OpenSSL();
-		return meth->dsa_do_verify(dgst, dlen, sig, dsa);
-	}
-
-	BIGNUM2ZEN ( &p, dsa->p ) ;
-	BIGNUM2ZEN ( &q, dsa->q ) ;
-	BIGNUM2ZEN ( &g, dsa->g ) ;
-	BIGNUM2ZEN ( &y, dsa->pub_key ) ;
-	BIGNUM2ZEN ( &r, sig->r ) ;
-	BIGNUM2ZEN ( &s, sig->s ) ;
-	ptr_zencod_init_number ( &v, 160, v_data ) ;
-	ypcmem(msg, dgst, 20);
-	ptr_zencod_init_number ( &data, 160, msg ) ;
-
-	if ( ( ret = ptr_zencod_dsa_do_verify ( 0, &data, &p, &q, &g, &y, &r, &s, &v ) ) < 0 ) {
-		PERROR("zenbridge_dsa_do_verify");
-		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_REQUEST_FAILED);
-		return 0;
-	}
-
-	return ( ( ret == 0 ) ? 1 : ret ) ;
-}
-
-
-static int DSA_zencod_bn_mod_exp ( DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-			     BN_CTX *ctx, BN_MONT_CTX *m_ctx )
-{
-	CHEESE () ;
-
-	return zencod_bn_mod_exp ( r, a, p, m, ctx ) ;
-}
-#endif /* !OPENSSL_NO_DSA */
-
-
-#ifndef OPENSSl_NO_DH
-/* DH stuff Functions
- */
-static int DH_zencod_generate_key ( DH *dh )
-{
-	BIGNUM *bn_prv = NULL;
-	BIGNUM *bn_pub = NULL;
-	zen_nb_t y, x, g, p;
-	int generate_x;
-
-	CHEESE();
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	/* Private key */
-	if ( dh->priv_key ) {
-		bn_prv = dh->priv_key;
-		generate_x = 0;
-	} else {
-		if (!(bn_prv = BN_new())) {
-			ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
-			goto FAILED;
-		}
-		generate_x = 1;
-	}
-
-	/* Public key */
-	if ( dh->pub_key )
-		bn_pub = dh->pub_key;
-	else
-		if ( !( bn_pub = BN_new () ) ) {
-			ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
-			goto FAILED;
-		}
-
-	/* Expand */
-	if ( !bn_wexpand ( bn_prv, dh->p->dmax ) ||
-	    !bn_wexpand ( bn_pub, dh->p->dmax ) ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
-		goto FAILED;
-	}
-	bn_prv->top = dh->p->top;
-	bn_pub->top = dh->p->top;
-
-	/* Convert all keys */
-	BIGNUM2ZEN ( &p, dh->p ) ;
-	BIGNUM2ZEN ( &g, dh->g ) ;
-	BIGNUM2ZEN ( &y, bn_pub ) ;
-	BIGNUM2ZEN ( &x, bn_prv ) ;
-	x.len = DH_size(dh) * 8;
-
-	/* Adjust the lengths of P and G */
-	p.len = ptr_zencod_bytes2bits ( p.data, ZEN_BYTES ( p.len ) ) ;
-	g.len = ptr_zencod_bytes2bits ( g.data, ZEN_BYTES ( g.len ) ) ;
-
-	/* Send the request to the driver */
-	if ( ptr_zencod_dh_generate_key ( &y, &x, &g, &p, generate_x ) < 0 ) {
-		perror("zenbridge_dh_generate_key");
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_REQUEST_FAILED);
-		goto FAILED;
-	}
-
-	dh->priv_key = bn_prv;
-	dh->pub_key  = bn_pub;
-
-	return 1;
-
- FAILED:
-	if (!dh->priv_key && bn_prv)
-		BN_free(bn_prv);
-	if (!dh->pub_key && bn_pub)
-		BN_free(bn_pub);
-
-	return 0;
-}
-
-
-static int DH_zencod_compute_key ( unsigned char *key, const BIGNUM *pub_key, DH *dh )
-{
-	zen_nb_t y, x, p, k;
-
-	CHEESE();
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	if ( !dh->priv_key ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_BAD_KEY_COMPONENTS);
-		return 0;
-	}
-
-	/* Convert all keys */
-	BIGNUM2ZEN ( &y, pub_key ) ;
-	BIGNUM2ZEN ( &x, dh->priv_key ) ;
-	BIGNUM2ZEN ( &p, dh->p ) ;
-	ptr_zencod_init_number ( &k, p.len, key ) ;
-
-	/* Adjust the lengths */
-	p.len = ptr_zencod_bytes2bits ( p.data, ZEN_BYTES ( p.len ) ) ;
-	y.len = ptr_zencod_bytes2bits ( y.data, ZEN_BYTES ( y.len ) ) ;
-	x.len = ptr_zencod_bytes2bits ( x.data, ZEN_BYTES ( x.len ) ) ;
-
-	/* Call the hardware */
-	if ( ptr_zencod_dh_compute_key ( &k, &y, &x, &p ) < 0 ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_REQUEST_FAILED);
-		return 0;
-	}
-
-	/* The key must be written MSB -> LSB */
-	k.len = ptr_zencod_bytes2bits ( k.data, ZEN_BYTES ( k.len ) ) ;
-	esrever ( key, ZEN_BYTES ( k.len ) ) ;
-
-	return ZEN_BYTES ( k.len ) ;
-}
-
-
-static int DH_zencod_bn_mod_exp ( const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *m_ctx )
-{
-	CHEESE () ;
-
-	return zencod_bn_mod_exp ( r, a, p, m, ctx ) ;
-}
-#endif	/* !OPENSSL_NO_DH */
-
-
-/* RAND stuff Functions
- */
-static void RAND_zencod_seed ( const void *buf, int num )
-{
-	/* Nothing to do cause our crypto accelerator provide a true random generator */
-}
-
-
-static int RAND_zencod_rand_bytes ( unsigned char *buf, int num )
-{
-	zen_nb_t r;
-
-	CHEESE();
-
-	if ( !zencod_dso ) {
-		ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_NOT_LOADED);
-		return 0;
-	}
-
-	ptr_zencod_init_number ( &r, num * 8, buf ) ;
-
-	if ( ptr_zencod_rand_bytes ( &r, ZENBRIDGE_RNG_DIRECT ) < 0 ) {
-		PERROR("zenbridge_rand_bytes");
-		ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_REQUEST_FAILED);
-		return 0;
-	}
-
-	return 1;
-}
-
-
-static int RAND_zencod_rand_status ( void )
-{
-	CHEESE () ;
-
-	return 1;
-}
-
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library.
- */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn ( ENGINE *e, const char *id )
-{
-
-	if ( id && ( strcmp ( id, engine_zencod_id ) != 0 ) ) {
-		return 0 ;
-	}
-	if ( !bind_helper ( e ) )  {
-		return 0 ;
-	}
-
-	return 1 ;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN ()
-IMPLEMENT_DYNAMIC_BIND_FN ( bind_fn )
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-
-
-
-/*
- * Adding "Digest" and "Cipher" tools ...
- * This is in development ... ;-)
- * In orfer to code this, i refer to hw_openbsd_dev_crypto and openssl engine made by Geoff Thorpe (if i'm rigth),
- * and evp, sha md5 definitions etc ...
- */
-/* First add some include ... */
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-#include <openssl/md5.h>
-#include <openssl/rc4.h>
-#include <openssl/des.h>
-
-
-/* Some variables declaration ... */
-/* DONS:
- * Disable symetric computation except DES and 3DES, but let part of the code
- */
-/* static int engine_digest_nids [ ] = { NID_sha1, NID_md5 } ; */
-static int engine_digest_nids [ ] = {  } ;
-static int engine_digest_nids_num = 0 ;
-/* static int engine_cipher_nids [ ] = { NID_rc4, NID_rc4_40, NID_des_cbc, NID_des_ede3_cbc } ; */
-static int engine_cipher_nids [ ] = { NID_des_cbc, NID_des_ede3_cbc } ;
-static int engine_cipher_nids_num = 2 ;
-
-
-/* Function prototype ... */
-/*  SHA stuff */
-static int engine_sha1_init ( EVP_MD_CTX *ctx ) ;
-static int engine_sha1_update ( EVP_MD_CTX *ctx, const void *data, unsigned long count ) ;
-static int engine_sha1_final ( EVP_MD_CTX *ctx, unsigned char *md ) ;
-
-/*  MD5 stuff */
-static int engine_md5_init ( EVP_MD_CTX *ctx ) ;
-static int engine_md5_update ( EVP_MD_CTX *ctx, const void *data, unsigned long count ) ;
-static int engine_md5_final ( EVP_MD_CTX *ctx, unsigned char *md ) ;
-
-static int engine_md_cleanup ( EVP_MD_CTX *ctx ) ;
-static int engine_md_copy ( EVP_MD_CTX *to, const EVP_MD_CTX *from ) ;
-
-
-/* RC4 Stuff */
-static int engine_rc4_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc ) ;
-static int engine_rc4_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl ) ;
-
-/* DES Stuff */
-static int engine_des_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc ) ;
-static int engine_des_cbc_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl ) ;
-
-/*  3DES Stuff */
-static int engine_des_ede3_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc ) ;
-static int engine_des_ede3_cbc_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out,const unsigned char *in, unsigned int inl ) ;
-
-static int engine_cipher_cleanup ( EVP_CIPHER_CTX *ctx ) ;	/* cleanup ctx */
-
-
-/* The one for SHA ... */
-static const EVP_MD engine_sha1_md =
-{
-	NID_sha1,
-	NID_sha1WithRSAEncryption,
-	SHA_DIGEST_LENGTH,
-	EVP_MD_FLAG_ONESHOT,
-	/* 0, */			/* EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block
-				* XXX: set according to device info ... */
-	engine_sha1_init,
-	engine_sha1_update,
-	engine_sha1_final,
-	engine_md_copy,		/* dev_crypto_sha_copy */
-	engine_md_cleanup,		/* dev_crypto_sha_cleanup */
-	EVP_PKEY_RSA_method,
-	SHA_CBLOCK,
-	/* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */
-	sizeof ( ZEN_MD_DATA )
-	/* sizeof ( MD_CTX_DATA )	The message digest data stucture ... */
-} ;
-
-/* The one for MD5 ... */
-static const EVP_MD engine_md5_md =
-{
-	NID_md5,
-	NID_md5WithRSAEncryption,
-	MD5_DIGEST_LENGTH,
-	EVP_MD_FLAG_ONESHOT,
-	/* 0, */			/* EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block
-				* XXX: set according to device info ... */
-	engine_md5_init,
-	engine_md5_update,
-	engine_md5_final,
-	engine_md_copy,		/* dev_crypto_md5_copy */
-	engine_md_cleanup,		/* dev_crypto_md5_cleanup */
-	EVP_PKEY_RSA_method,
-	MD5_CBLOCK,
-	/* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */
-	sizeof ( ZEN_MD_DATA )
-	/* sizeof ( MD_CTX_DATA )	The message digest data stucture ... */
-} ;
-
-
-/* The one for RC4 ... */
-#define EVP_RC4_KEY_SIZE			16
-
-/* Try something static ... */
-typedef struct
-{
-	unsigned int len ;
-	unsigned int first ;
-	unsigned char rc4_state [ 260 ] ;
-} NEW_ZEN_RC4_KEY ;
-
-#define rc4_data(ctx)				( (EVP_RC4_KEY *) ( ctx )->cipher_data )
-
-static const EVP_CIPHER engine_rc4 =
-{
-	NID_rc4,
-	1,
-	16,				/* EVP_RC4_KEY_SIZE should be 128 bits */
-	0,				/* FIXME: key should be up to 256 bytes */
-	EVP_CIPH_VARIABLE_LENGTH,
-	engine_rc4_init_key,
-	engine_rc4_cipher,
-	engine_cipher_cleanup,
-	sizeof ( NEW_ZEN_RC4_KEY ),
-	NULL,
-	NULL,
-	NULL
-} ;
-
-/* The one for RC4_40 ... */
-static const EVP_CIPHER engine_rc4_40 =
-{
-	NID_rc4_40,
-	1,
-	5,				/* 40 bits */
-	0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	engine_rc4_init_key,
-	engine_rc4_cipher,
-	engine_cipher_cleanup,
-	sizeof ( NEW_ZEN_RC4_KEY ),
-	NULL,
-	NULL,
-	NULL
-} ;
-
-/* The one for DES ... */
-
-/* Try something static ... */
-typedef struct
-{
-	unsigned char des_key [ 24 ] ;
-	unsigned char des_iv [ 8 ] ;
-} ZEN_DES_KEY ;
-
-static const EVP_CIPHER engine_des_cbc =
-	{
-	NID_des_cbc,
-	8, 8, 8,
-	0 | EVP_CIPH_CBC_MODE,
-	engine_des_init_key,
-	engine_des_cbc_cipher,
-	engine_cipher_cleanup,
-	sizeof(ZEN_DES_KEY),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL,
-	NULL
-	};
-
-/* The one for 3DES ... */
-
-/* Try something static ... */
-typedef struct
-{
-	unsigned char des3_key [ 24 ] ;
-	unsigned char des3_iv [ 8 ] ;
-} ZEN_3DES_KEY ;
-
-#define des_data(ctx)				 ( (DES_EDE_KEY *) ( ctx )->cipher_data )
-
-static const EVP_CIPHER engine_des_ede3_cbc =
-	{
-	NID_des_ede3_cbc,
-	8, 8, 8,
-	0 | EVP_CIPH_CBC_MODE,
-	engine_des_ede3_init_key,
-	engine_des_ede3_cbc_cipher,
-	engine_cipher_cleanup,
-	sizeof(ZEN_3DES_KEY),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL,
-	NULL
-	};
-
-
-/* General function cloned on hw_openbsd_dev_crypto one ... */
-static int engine_digests ( ENGINE *e, const EVP_MD **digest, const int **nids, int nid )
-{
-
-#ifdef DEBUG_ZENCOD_MD
-	fprintf ( stderr, "\t=>Function : static int engine_digests () called !\n" ) ;
-#endif
-
-	if ( !digest ) {
-		/* We are returning a list of supported nids */
-		*nids = engine_digest_nids ;
-		return engine_digest_nids_num ;
-	}
-	/* We are being asked for a specific digest */
-	if ( nid == NID_md5 ) {
-		*digest = &engine_md5_md ;
-	}
-	else if ( nid == NID_sha1 ) {
-		*digest = &engine_sha1_md ;
-	}
-	else {
-		*digest = NULL ;
-		return 0 ;
-	}
-	return 1 ;
-}
-
-
-/* SHA stuff Functions
- */
-static int engine_sha1_init ( EVP_MD_CTX *ctx )
-{
-
-	int to_return = 0 ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_sha1_init ( (ZEN_MD_DATA *) ctx->md_data ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-static int engine_sha1_update ( EVP_MD_CTX *ctx, const void *data, unsigned long count )
-{
-
-	zen_nb_t input ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	input.len = count ;
-	input.data = (unsigned char *) data ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_sha1_update ( (ZEN_MD_DATA *) ctx->md_data, (const zen_nb_t *) &input ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-static int engine_sha1_final ( EVP_MD_CTX *ctx, unsigned char *md )
-{
-
-	zen_nb_t output ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	output.len = SHA_DIGEST_LENGTH ;
-	output.data = md ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_sha1_do_final ( (ZEN_MD_DATA *) ctx->md_data, (zen_nb_t *) &output ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-
-/* MD5 stuff Functions
- */
-static int engine_md5_init ( EVP_MD_CTX *ctx )
-{
-
-	int to_return = 0 ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_md5_init ( (ZEN_MD_DATA *) ctx->md_data ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-static int engine_md5_update ( EVP_MD_CTX *ctx, const void *data, unsigned long count )
-{
-
-	zen_nb_t input ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	input.len = count ;
-	input.data = (unsigned char *) data ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_md5_update ( (ZEN_MD_DATA *) ctx->md_data, (const zen_nb_t *) &input ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-static int engine_md5_final ( EVP_MD_CTX *ctx, unsigned char *md )
-{
-
-	zen_nb_t output ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	output.len = MD5_DIGEST_LENGTH ;
-	output.data = md ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_md5_do_final ( (ZEN_MD_DATA *) ctx->md_data, (zen_nb_t *) &output ) ;
-	to_return = !to_return ;
-
-	return to_return ;
-}
-
-
-static int engine_md_cleanup ( EVP_MD_CTX *ctx )
-{
-
-	ZEN_MD_DATA *zen_md_data = (ZEN_MD_DATA *) ctx->md_data ;
-
-	if ( zen_md_data->HashBuffer != NULL ) {
-		OPENSSL_free ( zen_md_data->HashBuffer ) ;
-		zen_md_data->HashBufferSize = 0 ;
-		ctx->md_data = NULL ;
-	}
-
-	return 1 ;
-}
-
-
-static int engine_md_copy ( EVP_MD_CTX *to, const EVP_MD_CTX *from )
-{
-	const ZEN_MD_DATA *from_md = (ZEN_MD_DATA *) from->md_data ;
-	ZEN_MD_DATA *to_md = (ZEN_MD_DATA *) to->md_data ;
-
-	to_md->HashBuffer = OPENSSL_malloc ( from_md->HashBufferSize ) ;
-	memcpy ( to_md->HashBuffer, from_md->HashBuffer, from_md->HashBufferSize ) ;
-
-	return 1;
-}
-
-
-/* General function cloned on hw_openbsd_dev_crypto one ... */
-static int engine_ciphers ( ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid )
-{
-
-	if ( !cipher ) {
-		/* We are returning a list of supported nids */
-		*nids = engine_cipher_nids ;
-		return engine_cipher_nids_num ;
-	}
-	/* We are being asked for a specific cipher */
-	if ( nid == NID_rc4 ) {
-		*cipher = &engine_rc4 ;
-	}
-	else if ( nid == NID_rc4_40 ) {
-		*cipher = &engine_rc4_40 ;
-	}
-	else if ( nid == NID_des_cbc ) {
-		*cipher = &engine_des_cbc ;
-	}
-	else if ( nid == NID_des_ede3_cbc ) {
-		*cipher = &engine_des_ede3_cbc ;
-	}
-	else {
-		*cipher = NULL ;
-		return 0 ;
-	}
-
-	return 1 ;
-}
-
-
-static int engine_rc4_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc )
-{
-	int to_return = 0 ;
-	int i = 0 ;
-	int nb = 0 ;
-	NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL ;
-
-	tmp_rc4_key = (NEW_ZEN_RC4_KEY *) ( ctx->cipher_data ) ;
-	tmp_rc4_key->first = 0 ;
-	tmp_rc4_key->len = ctx->key_len ;
-	tmp_rc4_key->rc4_state [ 0 ] = 0x00 ;
-	tmp_rc4_key->rc4_state [ 2 ] = 0x00 ;
-	nb = 256 / ctx->key_len ;
-	for ( i = 0; i < nb ; i++ ) {
-		memcpy ( &( tmp_rc4_key->rc4_state [ 4 + i*ctx->key_len ] ), key, ctx->key_len ) ;
-	}
-
-	to_return = 1 ;
-
-	return to_return ;
-}
-
-
-static int engine_rc4_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int in_len )
-{
-
-	zen_nb_t output, input ;
-	zen_nb_t rc4key ;
-	int to_return = 0 ;
-	NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL ;
-
-	/* Convert parameters ... */
-	input.len = in_len ;
-	input.data = (unsigned char *) in ;
-	output.len = in_len ;
-	output.data = (unsigned char *) out ;
-
-	tmp_rc4_key = ( (NEW_ZEN_RC4_KEY *) ( ctx->cipher_data ) ) ;
-	rc4key.len = 260 ;
-	rc4key.data = &( tmp_rc4_key->rc4_state [ 0 ] ) ;
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_rc4_cipher ( &output, &input, (const zen_nb_t *) &rc4key, &( tmp_rc4_key->rc4_state [0] ), &( tmp_rc4_key->rc4_state [3] ), !tmp_rc4_key->first ) ;
-	to_return = !to_return ;
-
-	/* Update encryption state ... */
-	tmp_rc4_key->first = 1 ;
-	tmp_rc4_key = NULL ;
-
-	return to_return ;
-}
-
-
-static int engine_des_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc )
-{
-
-	ZEN_DES_KEY *tmp_des_key = NULL ;
-	int to_return = 0 ;
-
-	tmp_des_key = (ZEN_DES_KEY *) ( ctx->cipher_data ) ;
-	memcpy ( &( tmp_des_key->des_key [ 0 ] ), key, 8 ) ;
-	memcpy ( &( tmp_des_key->des_key [ 8 ] ), key, 8 ) ;
-	memcpy ( &( tmp_des_key->des_key [ 16 ] ), key, 8 ) ;
-	memcpy ( &( tmp_des_key->des_iv [ 0 ] ), iv, 8 ) ;
-
-	to_return = 1 ;
-
-	return to_return ;
-}
-
-
-static int engine_des_cbc_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl )
-{
-
-	zen_nb_t output, input ;
-	zen_nb_t deskey_1, deskey_2, deskey_3, iv ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	input.len = inl ;
-	input.data = (unsigned char *) in ;
-	output.len = inl ;
-	output.data = out ;
-
-	/* Set key parameters ... */
-	deskey_1.len = 8 ;
-	deskey_2.len = 8 ;
-	deskey_3.len = 8 ;
-	deskey_1.data = (unsigned char *) ( (ZEN_DES_KEY *) ( ctx->cipher_data ) )->des_key ;
-	deskey_2.data =  (unsigned char *) &( (ZEN_DES_KEY *) ( ctx->cipher_data ) )->des_key [ 8 ] ;
-	deskey_3.data =  (unsigned char *) &( (ZEN_DES_KEY *) ( ctx->cipher_data ) )->des_key [ 16 ] ;
-
-	/* Key correct iv ... */
-	memcpy ( ( (ZEN_DES_KEY *) ( ctx->cipher_data ) )->des_iv, ctx->iv, 8 ) ;
-	iv.len = 8 ;
-	iv.data = (unsigned char *) ( (ZEN_DES_KEY *) ( ctx->cipher_data ) )->des_iv ;
-
-	if ( ctx->encrypt == 0 ) {
-		memcpy ( ctx->iv, &( input.data [ input.len - 8 ] ), 8 ) ;
-	}
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_xdes_cipher ( &output, &input,
-			(zen_nb_t *) &deskey_1, (zen_nb_t *) &deskey_2, (zen_nb_t *) &deskey_3, &iv, ctx->encrypt ) ;
-	to_return = !to_return ;
-
-	/* But we need to set up the rigth iv ...
-	 * Test ENCRYPT or DECRYPT mode to set iv ... */
-	if ( ctx->encrypt == 1 ) {
-		memcpy ( ctx->iv, &( output.data [ output.len - 8 ] ), 8 ) ;
-	}
-
-	return to_return ;
-}
-
-
-static int engine_des_ede3_init_key ( EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc )
-{
-
-	ZEN_3DES_KEY *tmp_3des_key = NULL ;
-	int to_return = 0 ;
-
-	tmp_3des_key = (ZEN_3DES_KEY *) ( ctx->cipher_data ) ;
-	memcpy ( &( tmp_3des_key->des3_key [ 0 ] ), key, 24 ) ;
-	memcpy ( &( tmp_3des_key->des3_iv [ 0 ] ), iv, 8 ) ;
-
-	to_return = 1;
-
-	return to_return ;
-}
-
-
-static int engine_des_ede3_cbc_cipher ( EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
-	unsigned int in_len )
-{
-
-	zen_nb_t output, input ;
-	zen_nb_t deskey_1, deskey_2, deskey_3, iv ;
-	int to_return = 0 ;
-
-	/* Convert parameters ... */
-	input.len = in_len ;
-	input.data = (unsigned char *) in ;
-	output.len = in_len ;
-	output.data = out ;
-
-	/* Set key ... */
-	deskey_1.len = 8 ;
-	deskey_2.len = 8 ;
-	deskey_3.len = 8 ;
-	deskey_1.data =  (unsigned char *) ( (ZEN_3DES_KEY *) ( ctx->cipher_data ) )->des3_key ;
-	deskey_2.data =  (unsigned char *) &( (ZEN_3DES_KEY *) ( ctx->cipher_data ) )->des3_key [ 8 ] ;
-	deskey_3.data =  (unsigned char *) &( (ZEN_3DES_KEY *) ( ctx->cipher_data ) )->des3_key [ 16 ] ;
-
-	/* Key correct iv ... */
-	memcpy ( ( (ZEN_3DES_KEY *) ( ctx->cipher_data ) )->des3_iv, ctx->iv, 8 ) ;
-	iv.len = 8 ;
-	iv.data = (unsigned char *) ( (ZEN_3DES_KEY *) ( ctx->cipher_data ) )->des3_iv ;
-
-	if ( ctx->encrypt == 0 ) {
-		memcpy ( ctx->iv, &( input.data [ input.len - 8 ] ), 8 ) ;
-	}
-
-	/* Test with zenbridge library ... */
-	to_return = ptr_zencod_xdes_cipher ( &output, &input,
-			(zen_nb_t *) &deskey_1, (zen_nb_t *) &deskey_2, (zen_nb_t *) &deskey_3, &iv, ctx->encrypt ) ;
-	to_return = !to_return ;
-
-	if ( ctx->encrypt == 1 ) {
-		memcpy ( ctx->iv, &( output.data [ output.len - 8 ] ), 8 ) ;
-	}
-
-	return to_return ;
-}
-
-
-static int engine_cipher_cleanup ( EVP_CIPHER_CTX *ctx )
-{
-
-	/* Set the key pointer ... */
-	if ( ctx->cipher->nid == NID_rc4 || ctx->cipher->nid == NID_rc4_40 ) {
-	}
-	else if ( ctx->cipher->nid == NID_des_cbc ) {
-	}
-	else if ( ctx->cipher->nid == NID_des_ede3_cbc ) {
-	}
-
-	return 1 ;
-}
-
-
-#endif /* !OPENSSL_NO_HW_ZENCOD */
-#endif /* !OPENSSL_NO_HW */
diff --git a/crypto/openssl/demos/engines/zencod/hw_zencod.ec b/crypto/openssl/demos/engines/zencod/hw_zencod.ec
deleted file mode 100644
index 1552c79be6f2..000000000000
--- a/crypto/openssl/demos/engines/zencod/hw_zencod.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-# configuration file for util/mkerr.pl
-#
-# use like this:
-#
-#	perl ../../../util/mkerr.pl -conf hw_zencod.ec \
-#		-nostatic -staticloader -write *.c
-
-L ZENCOD	hw_zencod_err.h			hw_zencod_err.c
diff --git a/crypto/openssl/demos/engines/zencod/hw_zencod.h b/crypto/openssl/demos/engines/zencod/hw_zencod.h
deleted file mode 100644
index 195345d8c6c2..000000000000
--- a/crypto/openssl/demos/engines/zencod/hw_zencod.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/* File : /crypto/engine/vendor_defns/hw_zencod.h */
-/* ====================================================================
- * Written by Donnat Frederic (frederic.donnat@zencod.com) from ZENCOD
- * for "zencod" ENGINE integration in OpenSSL project.
- */
-
-
- #ifndef	_HW_ZENCOD_H_
-#define	_HW_ZENCOD_H_
-
-#include <stdio.h>
-
-#ifdef	__cplusplus
-extern "C" {
-#endif	/* __cplusplus */
-
-#define ZENBRIDGE_MAX_KEYSIZE_RSA	2048
-#define ZENBRIDGE_MAX_KEYSIZE_RSA_CRT	1024
-#define ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN	1024
-#define ZENBRIDGE_MAX_KEYSIZE_DSA_VRFY	1024
-
-/* Library version computation */
-#define	ZENBRIDGE_VERSION_MAJOR(x)	(((x) >> 16) | 0xff)
-#define	ZENBRIDGE_VERSION_MINOR(x)	(((x) >>  8) | 0xff)
-#define	ZENBRIDGE_VERSION_PATCH(x)	(((x) >>  0) | 0xff)
-#define	ZENBRIDGE_VERSION(x, y, z)		((x) << 16 | (y) << 8 | (z))
-
-/*
- * Memory type
- */
-typedef struct zencod_number_s {
-	unsigned long len;
-	unsigned char *data;
-} zen_nb_t;
-
-#define KEY	zen_nb_t
-
-
-/*
- * Misc
- */
-typedef int t_zencod_lib_version (void);
-typedef int t_zencod_hw_version (void);
-typedef int t_zencod_test (void);
-typedef int t_zencod_dump_key (FILE *stream, char *msg, KEY *key);
-
-
-/*
- * Key managment tools
- */
-typedef KEY *t_zencod_new_number (unsigned long len, unsigned char *data);
-typedef int t_zencod_init_number (KEY *n, unsigned long len, unsigned char *data);
-typedef unsigned long t_zencod_bytes2bits (unsigned char *n, unsigned long bytes);
-typedef unsigned long t_zencod_bits2bytes (unsigned long bits);
-
-
-/*
- * RSA API
- */
-/* Compute modular exponential : y = x**e | n */
-typedef int t_zencod_rsa_mod_exp (KEY *y, KEY *x, KEY *n, KEY *e);
-/* Compute modular exponential : y1 = (x | p)**edp | p, y2 = (x | p)**edp | p, y = y2 + (qinv * (y1 - y2) | p) * q */
-typedef int t_zencod_rsa_mod_exp_crt (KEY *y, KEY *x, KEY *p, KEY *q,
-					KEY *edp, KEY *edq, KEY *qinv);
-
-
-/*
- * DSA API
- */
-typedef int t_zencod_dsa_do_sign (unsigned int hash, KEY *data, KEY *random,
-				    KEY *p, KEY *q, KEY *g, KEY *x, KEY *r, KEY *s);
-typedef int t_zencod_dsa_do_verify (unsigned int hash, KEY *data,
-				      KEY *p, KEY *q, KEY *g, KEY *y,
-				      KEY *r, KEY *s, KEY *v);
-
-
-/*
- * DH API
- */
- /* Key generation : compute public value y = g**x | n */
-typedef int t_zencod_dh_generate_key (KEY *y, KEY *x, KEY *g, KEY *n, int gen_x);
-typedef int t_zencod_dh_compute_key (KEY *k, KEY *y, KEY *x, KEY *n);
-
-
-/*
- * RNG API
- */
-#define ZENBRIDGE_RNG_DIRECT		0
-#define ZENBRIDGE_RNG_SHA1		1
-typedef int t_zencod_rand_bytes (KEY *rand, unsigned int flags);
-
-
-/*
- * Math API
- */
-typedef int t_zencod_math_mod_exp (KEY *r, KEY *a, KEY *e, KEY *n);
-
-
-
-
-/*
- * Symetric API
- */
-/* Define a data structure for digests operations */
-typedef struct ZEN_data_st
-{
-	unsigned int HashBufferSize ;
-	unsigned char *HashBuffer ;
-} ZEN_MD_DATA ;
-
-/*
- * Functions for Digest (MD5, SHA1) stuff
- */
-/* output : output data buffer */
-/* input : input data buffer */
-/* algo : hash algorithm, MD5 or SHA1 */
-/* typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;
- * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
- */
-/* For now separate this stuff that mad it easier to test */
-typedef int t_zencod_md5_init ( ZEN_MD_DATA *data ) ;
-typedef int t_zencod_md5_update ( ZEN_MD_DATA *data, const KEY *input ) ;
-typedef int t_zencod_md5_do_final ( ZEN_MD_DATA *data, KEY *output ) ;
-
-typedef int t_zencod_sha1_init ( ZEN_MD_DATA *data ) ;
-typedef int t_zencod_sha1_update ( ZEN_MD_DATA *data, const KEY *input ) ;
-typedef int t_zencod_sha1_do_final ( ZEN_MD_DATA *data, KEY *output ) ;
-
-
-/*
- * Functions for Cipher (RC4, DES, 3DES) stuff
- */
-/* output : output data buffer */
-/* input : input data buffer */
-/* key : rc4 key data */
-/* index_1 : value of index x from RC4 key structure */
-/* index_2 : value of index y from RC4 key structure */
-/* Be carefull : RC4 key should be expanded before calling this method (Should we provide an expand function ??) */
-typedef int t_zencod_rc4_cipher ( KEY *output, const KEY *input, const KEY *key,
-		unsigned char *index_1, unsigned char *index_2, int mode ) ;
-
-/* output : output data buffer */
-/* input : input data buffer */
-/* key_1 : des first key data */
-/* key_2 : des second key data */
-/* key_3 : des third key data */
-/* iv : initial vector */
-/* mode : xdes mode (encrypt or decrypt) */
-/* Be carefull : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */
-typedef int t_zencod_xdes_cipher ( KEY *output, const KEY *input, const KEY *key_1,
-		const KEY *key_2, const KEY *key_3, const KEY *iv, int mode ) ;
-
-
-#undef KEY
-
-#ifdef	__cplusplus
-}
-#endif	/* __cplusplus */
-
-#endif	/* !_HW_ZENCOD_H_ */
diff --git a/crypto/openssl/demos/engines/zencod/hw_zencod_err.c b/crypto/openssl/demos/engines/zencod/hw_zencod_err.c
deleted file mode 100644
index 8ed0fffc9cf8..000000000000
--- a/crypto/openssl/demos/engines/zencod/hw_zencod_err.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* hw_zencod_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_zencod_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ZENCOD_str_functs[]=
-	{
-{ERR_PACK(0,ZENCOD_F_ZENCOD_BN_MOD_EXP,0),	"ZENCOD_BN_MOD_EXP"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_CTRL,0),	"ZENCOD_CTRL"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_DH_COMPUTE,0),	"ZENCOD_DH_COMPUTE"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_DH_GENERATE,0),	"ZENCOD_DH_GENERATE"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_DSA_DO_SIGN,0),	"ZENCOD_DSA_DO_SIGN"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_DSA_DO_VERIFY,0),	"ZENCOD_DSA_DO_VERIFY"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_FINISH,0),	"ZENCOD_FINISH"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_INIT,0),	"ZENCOD_INIT"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_RAND,0),	"ZENCOD_RAND"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_RSA_MOD_EXP,0),	"ZENCOD_RSA_MOD_EXP"},
-{ERR_PACK(0,ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT,0),	"ZENCOD_RSA_MOD_EXP_CRT"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ZENCOD_str_reasons[]=
-	{
-{ZENCOD_R_ALREADY_LOADED                 ,"already loaded"},
-{ZENCOD_R_BAD_KEY_COMPONENTS             ,"bad key components"},
-{ZENCOD_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
-{ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{ZENCOD_R_DSO_FAILURE                    ,"dso failure"},
-{ZENCOD_R_NOT_LOADED                     ,"not loaded"},
-{ZENCOD_R_REQUEST_FAILED                 ,"request failed"},
-{ZENCOD_R_UNIT_FAILURE                   ,"unit failure"},
-{0,NULL}
-	};
-
-#endif
-
-#ifdef ZENCOD_LIB_NAME
-static ERR_STRING_DATA ZENCOD_lib_name[]=
-        {
-{0	,ZENCOD_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int ZENCOD_lib_error_code=0;
-static int ZENCOD_error_init=1;
-
-static void ERR_load_ZENCOD_strings(void)
-	{
-	if (ZENCOD_lib_error_code == 0)
-		ZENCOD_lib_error_code=ERR_get_next_error_library();
-
-	if (ZENCOD_error_init)
-		{
-		ZENCOD_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ZENCOD_lib_error_code,ZENCOD_str_functs);
-		ERR_load_strings(ZENCOD_lib_error_code,ZENCOD_str_reasons);
-#endif
-
-#ifdef ZENCOD_LIB_NAME
-		ZENCOD_lib_name->error = ERR_PACK(ZENCOD_lib_error_code,0,0);
-		ERR_load_strings(0,ZENCOD_lib_name);
-#endif
-		}
-	}
-
-static void ERR_unload_ZENCOD_strings(void)
-	{
-	if (ZENCOD_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(ZENCOD_lib_error_code,ZENCOD_str_functs);
-		ERR_unload_strings(ZENCOD_lib_error_code,ZENCOD_str_reasons);
-#endif
-
-#ifdef ZENCOD_LIB_NAME
-		ERR_unload_strings(0,ZENCOD_lib_name);
-#endif
-		ZENCOD_error_init=1;
-		}
-	}
-
-static void ERR_ZENCOD_error(int function, int reason, char *file, int line)
-	{
-	if (ZENCOD_lib_error_code == 0)
-		ZENCOD_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(ZENCOD_lib_error_code,function,reason,file,line);
-	}
diff --git a/crypto/openssl/demos/engines/zencod/hw_zencod_err.h b/crypto/openssl/demos/engines/zencod/hw_zencod_err.h
deleted file mode 100644
index 1b5dcb568527..000000000000
--- a/crypto/openssl/demos/engines/zencod/hw_zencod_err.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ZENCOD_ERR_H
-#define HEADER_ZENCOD_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_ZENCOD_strings(void);
-static void ERR_unload_ZENCOD_strings(void);
-static void ERR_ZENCOD_error(int function, int reason, char *file, int line);
-#define ZENCODerr(f,r) ERR_ZENCOD_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the ZENCOD functions. */
-
-/* Function codes. */
-#define ZENCOD_F_ZENCOD_BN_MOD_EXP			 100
-#define ZENCOD_F_ZENCOD_CTRL				 101
-#define ZENCOD_F_ZENCOD_DH_COMPUTE			 102
-#define ZENCOD_F_ZENCOD_DH_GENERATE			 103
-#define ZENCOD_F_ZENCOD_DSA_DO_SIGN			 104
-#define ZENCOD_F_ZENCOD_DSA_DO_VERIFY			 105
-#define ZENCOD_F_ZENCOD_FINISH				 106
-#define ZENCOD_F_ZENCOD_INIT				 107
-#define ZENCOD_F_ZENCOD_RAND				 108
-#define ZENCOD_F_ZENCOD_RSA_MOD_EXP			 109
-#define ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT			 110
-
-/* Reason codes. */
-#define ZENCOD_R_ALREADY_LOADED				 100
-#define ZENCOD_R_BAD_KEY_COMPONENTS			 101
-#define ZENCOD_R_BN_EXPAND_FAIL				 102
-#define ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
-#define ZENCOD_R_DSO_FAILURE				 104
-#define ZENCOD_R_NOT_LOADED				 105
-#define ZENCOD_R_REQUEST_FAILED				 106
-#define ZENCOD_R_UNIT_FAILURE				 107
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/demos/maurice/Makefile b/crypto/openssl/demos/maurice/Makefile
deleted file mode 100644
index f9bf62276e83..000000000000
--- a/crypto/openssl/demos/maurice/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=example1 example2 example3 example4
-
-all: $(EXAMPLES) 
-
-example1: example1.o loadkeys.o 
-	$(CC) -o example1 example1.o loadkeys.o $(LIBS)
-
-example2: example2.o loadkeys.o
-	$(CC) -o example2 example2.o loadkeys.o $(LIBS)
-
-example3: example3.o 
-	$(CC) -o example3 example3.o $(LIBS)
-
-example4: example4.o
-	$(CC) -o example4 example4.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
-test: all
-	@echo
-	@echo Example 1 Demonstrates the sealing and opening APIs
-	@echo Doing the encrypt side...
-	./example1 <README >t.t
-	@echo Doing the decrypt side...
-	./example1 -d <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo  example1 is OK
-
-	@echo
-	@echo Example2 Demonstrates rsa encryption and decryption
-	@echo   and it should just print \"This the clear text\"
-	./example2
-
-	@echo
-	@echo Example3 Demonstrates the use of symmetric block ciphers
-	@echo in this case it uses EVP_des_ede3_cbc
-	@echo i.e. triple DES in Cipher Block Chaining mode
-	@echo Doing the encrypt side...
-	./example3 ThisIsThePassword <README >t.t
-	@echo Doing the decrypt side...
-	./example3 -d ThisIsThePassword <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo  example3 is OK
-
-	@echo
-	@echo Example4 Demonstrates base64 encoding and decoding
-	@echo Doing the encrypt side...
-	./example4 <README >t.t
-	@echo Doing the decrypt side...
-	./example4 -d <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo example4 is OK
diff --git a/crypto/openssl/demos/maurice/README b/crypto/openssl/demos/maurice/README
deleted file mode 100644
index 29778d55cbc1..000000000000
--- a/crypto/openssl/demos/maurice/README
+++ /dev/null
@@ -1,34 +0,0 @@
-From Maurice Gittens <mgittens@gits.nl>
---
-	Example programs, demonstrating some basic SSLeay crypto library
-	operations, to help you not to make the same mistakes I did. 
-
-	The following files are present.
-	- loadkeys.c 	Demonstrates the loading and of public and 
-			private keys.
-	- loadkeys.h   	The interface for loadkeys.c
-	- example1.c    Demonstrates the sealing and opening API's
-	- example2.c  	Demonstrates rsa encryption and decryption
-	- example3.c    Demonstrates the use of symmetric block ciphers
-	- example4.c	Demonstrates base64 and decoding 		
-	- Makefile	A makefile you probably will have to adjust for
-			your environment
-	- README	this file
-
-
-	The programs were written by Maurice Gittens <mgittens@gits.nl>
-	with the necesary help from Eric Young <eay@cryptsoft.com> 
-	
-	You may do as you please with these programs, but please don't
-	pretend that you wrote them. 
-
-	To be complete: If you use these programs you acknowlegde that
-	you are aware that there is NO warranty of any kind associated
-	with these programs. I don't even claim that the programs work,
-	they are provided AS-IS.
-
- 	January 1997
-
-	Maurice	
-
-
diff --git a/crypto/openssl/demos/maurice/cert.pem b/crypto/openssl/demos/maurice/cert.pem
deleted file mode 100644
index e31a9ae05f93..000000000000
--- a/crypto/openssl/demos/maurice/cert.pem
+++ /dev/null
@@ -1,77 +0,0 @@
-issuer :/C=NL/SP=Brabant/L=Eindhoven/O=Gittens Information Systems B.V./OU=Certification Services/CN=ca.gits.nl/Email=mgittens@gits.nl
-subject:/C=NL/SP=Brabant/O=Gittens Information Systems B.V./OU=Certification Services/CN=caleb.gits.nl/Email=mgittens@gits.nl
-serial :01
-
-Certificate:
-    Data:
-        Version: 0 (0x0)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5withRSAEncryption
-        Issuer: C=NL, SP=Brabant, L=Eindhoven, O=Gittens Information Systems B.V., OU=Certification Services, CN=ca.gits.nl/Email=mgittens@gits.nl
-        Validity
-            Not Before: Jan  5 13:21:16 1997 GMT
-            Not After : Jul 24 13:21:16 1997 GMT
-        Subject: C=NL, SP=Brabant, O=Gittens Information Systems B.V., OU=Certification Services, CN=caleb.gits.nl/Email=mgittens@gits.nl
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Modulus:
-                    00:dd:82:a0:fe:a9:8d:6a:02:7e:78:d6:33:75:9b:
-                    82:01:4b:12:80:ea:6b:9b:83:9e:e3:ae:dc:f3:d0:
-                    71:7c:4b:ea:03:57:b4:cc:ba:44:5b:b8:4b:49:d3:
-                    f6:39:cc:3d:12:1f:da:58:26:27:bc:bc:ab:a4:6d:
-                    62:d1:91:5a:47:9f:80:40:c1:b9:fa:e3:1e:ef:52:
-                    78:46:26:43:65:1d:f2:6b:bf:ff:c0:81:66:14:cd:
-                    81:32:91:f1:f8:51:7d:0e:17:1f:27:fc:c7:51:fd:
-                    1c:73:41:e5:66:43:3c:67:a3:09:b9:5e:36:50:50:
-                    b1:e8:42:bd:5c:c6:2b:ec:a9:2c:fe:6a:fe:40:26:
-                    64:9e:b9:bf:2d:1d:fb:d0:48:5b:82:2a:8e:ab:a4:
-                    d5:7b:5f:26:84:8a:9a:69:5e:c1:71:e2:a9:59:4c:
-                    2a:76:f7:fd:f4:cf:3f:d3:ce:30:72:62:65:1c:e9:
-                    e9:ee:d2:fc:44:00:1e:e0:80:57:e9:41:b3:f0:44:
-                    e5:0f:77:3b:1a:1f:57:5e:94:1d:c3:a5:fa:af:41:
-                    8c:4c:30:6b:2b:00:84:52:0c:64:0c:a8:5b:17:16:
-                    d1:1e:f8:ea:72:01:47:9a:b9:21:95:f9:71:ed:7c:
-                    d2:93:54:0c:c5:9c:e8:e5:40:28:c5:a0:ca:b1:a9:
-                    20:f9
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md5withRSAEncryption
-        93:08:f9:e0:d4:c5:ca:95:de:4e:38:3b:28:87:e9:d3:b6:ce:
-        4f:69:2e:c9:09:57:2f:fa:e2:50:9f:39:ec:f3:84:e8:3a:8f:
-        9b:c3:06:62:90:49:93:6d:23:7a:2b:3d:7b:f9:46:32:18:d3:
-        87:44:49:f7:29:2f:f3:58:97:70:c3:45:5b:90:52:1c:df:fb:
-        a8:a3:a1:29:53:a3:4c:ed:d2:51:d0:44:98:a4:14:6f:76:9d:
-        0d:03:76:e5:d3:13:21:ce:a3:4d:2a:77:fe:ad:b3:47:6d:42:
-        b9:4a:0e:ff:61:f4:ec:62:b2:3b:00:9c:ac:16:a2:ec:19:c8:
-        c7:3d:d7:7d:97:cd:4d:1a:d2:00:07:4e:40:3d:b9:ba:1e:e2:
-        fe:81:28:57:b9:ad:2b:74:59:b0:9f:8b:a5:98:d3:75:06:67:
-        4a:04:11:b2:ea:1a:8c:e0:d4:be:c8:0c:46:76:7f:5f:5a:7b:
-        72:09:dd:b6:d3:6b:97:70:e8:7e:17:74:1c:f7:3a:5f:e3:fa:
-        c2:f7:95:bd:74:5e:44:4b:9b:bd:27:de:02:7f:87:1f:68:68:
-        60:b9:f4:1d:2b:7b:ce:ef:b1:7f:3a:be:b9:66:60:54:6f:0c:
-        a0:dd:8c:03:a7:f1:9f:f8:0e:8d:bb:c6:ba:77:61:f7:8e:be:
-        28:ba:d8:4f
-
------BEGIN CERTIFICATE-----
-MIIDzzCCArcCAQEwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAk5MMRAwDgYD
-VQQIEwdCcmFiYW50MRIwEAYDVQQHEwlFaW5kaG92ZW4xKTAnBgNVBAoTIEdpdHRl
-bnMgSW5mb3JtYXRpb24gU3lzdGVtcyBCLlYuMR8wHQYDVQQLExZDZXJ0aWZpY2F0
-aW9uIFNlcnZpY2VzMRMwEQYDVQQDEwpjYS5naXRzLm5sMR8wHQYJKoZIhvcNAQkB
-FhBtZ2l0dGVuc0BnaXRzLm5sMB4XDTk3MDEwNTEzMjExNloXDTk3MDcyNDEzMjEx
-NlowgaQxCzAJBgNVBAYTAk5MMRAwDgYDVQQIEwdCcmFiYW50MSkwJwYDVQQKEyBH
-aXR0ZW5zIEluZm9ybWF0aW9uIFN5c3RlbXMgQi5WLjEfMB0GA1UECxMWQ2VydGlm
-aWNhdGlvbiBTZXJ2aWNlczEWMBQGA1UEAxMNY2FsZWIuZ2l0cy5ubDEfMB0GCSqG
-SIb3DQEJARYQbWdpdHRlbnNAZ2l0cy5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAN2CoP6pjWoCfnjWM3WbggFLEoDqa5uDnuOu3PPQcXxL6gNXtMy6
-RFu4S0nT9jnMPRIf2lgmJ7y8q6RtYtGRWkefgEDBufrjHu9SeEYmQ2Ud8mu//8CB
-ZhTNgTKR8fhRfQ4XHyf8x1H9HHNB5WZDPGejCbleNlBQsehCvVzGK+ypLP5q/kAm
-ZJ65vy0d+9BIW4Iqjquk1XtfJoSKmmlewXHiqVlMKnb3/fTPP9POMHJiZRzp6e7S
-/EQAHuCAV+lBs/BE5Q93OxofV16UHcOl+q9BjEwwaysAhFIMZAyoWxcW0R746nIB
-R5q5IZX5ce180pNUDMWc6OVAKMWgyrGpIPkCAwEAATANBgkqhkiG9w0BAQQFAAOC
-AQEAkwj54NTFypXeTjg7KIfp07bOT2kuyQlXL/riUJ857POE6DqPm8MGYpBJk20j
-eis9e/lGMhjTh0RJ9ykv81iXcMNFW5BSHN/7qKOhKVOjTO3SUdBEmKQUb3adDQN2
-5dMTIc6jTSp3/q2zR21CuUoO/2H07GKyOwCcrBai7BnIxz3XfZfNTRrSAAdOQD25
-uh7i/oEoV7mtK3RZsJ+LpZjTdQZnSgQRsuoajODUvsgMRnZ/X1p7cgndttNrl3Do
-fhd0HPc6X+P6wveVvXReREubvSfeAn+HH2hoYLn0HSt7zu+xfzq+uWZgVG8MoN2M
-A6fxn/gOjbvGundh946+KLrYTw==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/demos/maurice/example1.c b/crypto/openssl/demos/maurice/example1.c
deleted file mode 100644
index 1ef829990065..000000000000
--- a/crypto/openssl/demos/maurice/example1.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* NOCW */
-/*
-	Please read the README file for condition of use, before
-	using this software.
-	
-	Maurice Gittens  <mgittens@gits.nl>   January 1997
-*/
-
-#include <unistd.h>
-#include <stdio.h>
-#include <netinet/in.h>
-#include <fcntl.h>
-#include <strings.h>
-#include <stdlib.h>
-
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-
-#include "loadkeys.h"
-
-#define PUBFILE   "cert.pem"
-#define PRIVFILE  "privkey.pem"
-
-#define STDIN     0
-#define STDOUT    1 
-
-void main_encrypt(void);
-void main_decrypt(void);
-
-static const char *usage = "Usage: example1 [-d]\n";
-
-int main(int argc, char *argv[])
-{
-
-        ERR_load_crypto_strings();
-
-	if ((argc == 1))	
-	{
-		main_encrypt();
-	}	
-	else if ((argc == 2) && !strcmp(argv[1],"-d"))
-	{
-		main_decrypt();
-	}
-	else
-	{
-		printf("%s",usage);
-		exit(1);
-	}
-
-	return 0;		
-}
-
-void main_encrypt(void)
-{
-	unsigned int ebuflen;
-        EVP_CIPHER_CTX ectx;
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-	unsigned char *ekey[1]; 
-	int readlen;
-	int ekeylen, net_ekeylen; 
-	EVP_PKEY *pubKey[1];
-	char buf[512];
-	char ebuf[512];
-	
- 	memset(iv, '\0', sizeof(iv));
-
-        pubKey[0] = ReadPublicKey(PUBFILE);
-
-	if(!pubKey[0])
-	{
-           fprintf(stderr,"Error: can't load public key");
-           exit(1);
-        }      
-
-        ekey[0] = malloc(EVP_PKEY_size(pubKey[0]));  
-        if (!ekey[0])
-	{
-	   EVP_PKEY_free(pubKey[0]); 
-	   perror("malloc");
-	   exit(1);
-	}
-
-	EVP_SealInit(&ectx,
-                   EVP_des_ede3_cbc(),
-		   ekey,
-		   &ekeylen,
-		   iv,
-		   pubKey,
-		   1); 
-
-	net_ekeylen = htonl(ekeylen);	
-	write(STDOUT, (char*)&net_ekeylen, sizeof(net_ekeylen));
-        write(STDOUT, ekey[0], ekeylen);
-        write(STDOUT, iv, sizeof(iv));
-
-	while(1)
-	{
-		readlen = read(STDIN, buf, sizeof(buf));
-
-		if (readlen <= 0)
-		{
-		   if (readlen < 0)
-			perror("read");
-
-		   break;
-		}
-
-		EVP_SealUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
-
-		write(STDOUT, ebuf, ebuflen);
-	}
-
-        EVP_SealFinal(&ectx, ebuf, &ebuflen);
-        
-	write(STDOUT, ebuf, ebuflen);
-
-        EVP_PKEY_free(pubKey[0]);
-	free(ekey[0]);
-}
-
-void main_decrypt(void)
-{
-	char buf[520];
-	char ebuf[512];
-	unsigned int buflen;
-        EVP_CIPHER_CTX ectx;
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-	unsigned char *encryptKey; 
-	unsigned int ekeylen; 
-	EVP_PKEY *privateKey;
-
-	memset(iv, '\0', sizeof(iv));
-
-	privateKey = ReadPrivateKey(PRIVFILE);
-	if (!privateKey)
-	{
-		fprintf(stderr, "Error: can't load private key");
-		exit(1);	
-	}
-
-     	read(STDIN, &ekeylen, sizeof(ekeylen));
-	ekeylen = ntohl(ekeylen);
-
-	if (ekeylen != EVP_PKEY_size(privateKey))
-	{
-        	EVP_PKEY_free(privateKey);
-		fprintf(stderr, "keylength mismatch");
-		exit(1);	
-	}
-
-	encryptKey = malloc(sizeof(char) * ekeylen);
-	if (!encryptKey)
-	{
-        	EVP_PKEY_free(privateKey);
-		perror("malloc");
-		exit(1);
-	}
-
-	read(STDIN, encryptKey, ekeylen);
-	read(STDIN, iv, sizeof(iv));
-	EVP_OpenInit(&ectx,
-		   EVP_des_ede3_cbc(), 
-		   encryptKey,
-		   ekeylen,
-		   iv,
-		   privateKey); 	
-
-	while(1)
-	{
-		int readlen = read(STDIN, ebuf, sizeof(ebuf));
-
-		if (readlen <= 0)
-		{
-			if (readlen < 0)
-				perror("read");
-
-			break;
-		}
-
-		EVP_OpenUpdate(&ectx, buf, &buflen, ebuf, readlen);
-		write(STDOUT, buf, buflen);
-	}
-
-        EVP_OpenFinal(&ectx, buf, &buflen);
-
-	write(STDOUT, buf, buflen);
-
-        EVP_PKEY_free(privateKey);
-	free(encryptKey);
-}
-
-
diff --git a/crypto/openssl/demos/maurice/example2.c b/crypto/openssl/demos/maurice/example2.c
deleted file mode 100644
index 57bce10b5ed5..000000000000
--- a/crypto/openssl/demos/maurice/example2.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* NOCW */
-/*
-        Please read the README file for condition of use, before
-        using this software.
-
-        Maurice Gittens  <mgittens@gits.nl>   January 1997
-*/
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <strings.h>
-
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-
-#include "loadkeys.h"
-
-#define PUBFILE   "cert.pem"
-#define PRIVFILE  "privkey.pem"
-#define STDIN     0
-#define STDOUT    1 
-
-int main()
-{
-        char *ct = "This the clear text";
-	char *buf;   
-	char *buf2;
-  	EVP_PKEY *pubKey;
-  	EVP_PKEY *privKey;
-	int len;
-
-        ERR_load_crypto_strings();
-
-        privKey = ReadPrivateKey(PRIVFILE);
-        if (!privKey) 
-	{  
-		ERR_print_errors_fp (stderr);    
-		exit (1);  
-	}
-
-        pubKey = ReadPublicKey(PUBFILE);  
-	if(!pubKey)
-	{
-	   EVP_PKEY_free(privKey);   
-           fprintf(stderr,"Error: can't load public key");
-	   exit(1);
-	}
-
-	/* No error checking */
-        buf = malloc(EVP_PKEY_size(pubKey));
-        buf2 = malloc(EVP_PKEY_size(pubKey));
-
-	len = RSA_public_encrypt(strlen(ct)+1, ct, buf, pubKey->pkey.rsa,RSA_PKCS1_PADDING);
-
-	if (len != EVP_PKEY_size(pubKey))
-	{
-	    fprintf(stderr,"Error: ciphertext should match length of key\n");
-	    exit(1);
-	}
-
-	RSA_private_decrypt(len, buf, buf2, privKey->pkey.rsa,RSA_PKCS1_PADDING);
-
-	printf("%s\n", buf2);
-
-	EVP_PKEY_free(privKey);
-	EVP_PKEY_free(pubKey);
-	free(buf);
-	free(buf2);
-        return 0;
-}
diff --git a/crypto/openssl/demos/maurice/example3.c b/crypto/openssl/demos/maurice/example3.c
deleted file mode 100644
index 03d8a20f62b3..000000000000
--- a/crypto/openssl/demos/maurice/example3.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* NOCW */
-/*
-        Please read the README file for condition of use, before
-        using this software.
-
-        Maurice Gittens  <mgittens@gits.nl>   January 1997
-
-*/
-
-#include <stdio.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <openssl/evp.h>
-
-#define STDIN     	0
-#define STDOUT    	1
-#define BUFLEN	  	512 
-#define INIT_VECTOR 	"12345678"
-#define ENCRYPT		1
-#define DECRYPT         0
-#define ALG		EVP_des_ede3_cbc()
-
-static const char *usage = "Usage: example3 [-d] password\n";
-
-void do_cipher(char *,int);
-
-int main(int argc, char *argv[])
-{
-	if ((argc == 2))	
-	{
-		do_cipher(argv[1],ENCRYPT);
-	}	
-	else if ((argc == 3) && !strcmp(argv[1],"-d"))
-	{
-		do_cipher(argv[2],DECRYPT);
-	}
-	else
-	{
-		fprintf(stderr,"%s", usage);
-		exit(1);
-	}
-
-	return 0;		
-}
-
-void do_cipher(char *pw, int operation)
-{
-	char buf[BUFLEN];
-	char ebuf[BUFLEN + 8];
-	unsigned int ebuflen; /* rc; */
-        unsigned char iv[EVP_MAX_IV_LENGTH], key[EVP_MAX_KEY_LENGTH];
-	/* unsigned int ekeylen, net_ekeylen;  */
-	EVP_CIPHER_CTX ectx;
-        
-	memcpy(iv, INIT_VECTOR, sizeof(iv));
-
-	EVP_BytesToKey(ALG, EVP_md5(), "salu", pw, strlen(pw), 1, key, iv);
-
-	EVP_CIPHER_CTX_init(&ectx);
-	EVP_CipherInit_ex(&ectx, ALG, NULL, key, iv, operation);
-
-	while(1)
-	{
-		int readlen = read(STDIN, buf, sizeof(buf));
-	
-		if (readlen <= 0)
-		{
-			if (!readlen)
-			   break;
-			else
-			{
-				perror("read");
-				exit(1);
-			}
-		}
-
-		EVP_CipherUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
-
-		write(STDOUT, ebuf, ebuflen);
-	}
-
-        EVP_CipherFinal_ex(&ectx, ebuf, &ebuflen); 
-	EVP_CIPHER_CTX_cleanup(&ectx);
-
-	write(STDOUT, ebuf, ebuflen); 
-}
diff --git a/crypto/openssl/demos/maurice/example4.c b/crypto/openssl/demos/maurice/example4.c
deleted file mode 100644
index ce629848b74f..000000000000
--- a/crypto/openssl/demos/maurice/example4.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* NOCW */
-/*
-        Please read the README file for condition of use, before
-        using this software.
-
-        Maurice Gittens  <mgittens@gits.nl>   January 1997
-
-*/
-
-#include <stdio.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <openssl/evp.h>
-
-#define STDIN     	0
-#define STDOUT    	1
-#define BUFLEN	  	512 
-
-static const char *usage = "Usage: example4 [-d]\n";
-
-void do_encode(void);
-void do_decode(void);
-
-int main(int argc, char *argv[])
-{
-	if ((argc == 1))	
-	{
-		do_encode();
-	}	
-	else if ((argc == 2) && !strcmp(argv[1],"-d"))
-	{
-		do_decode();
-	}
-	else
-	{
-		fprintf(stderr,"%s", usage);
-		exit(1);
-	}
-
-	return 0;		
-}
-
-void do_encode()
-{
-	char buf[BUFLEN];
-	char ebuf[BUFLEN+24];
-	unsigned int ebuflen;
-	EVP_ENCODE_CTX ectx;
-        
-	EVP_EncodeInit(&ectx);
-
-	while(1)
-	{
-		int readlen = read(STDIN, buf, sizeof(buf));
-	
-		if (readlen <= 0)
-		{
-			if (!readlen)
-			   break;
-			else
-			{
-				perror("read");
-				exit(1);
-			}
-		}
-
-		EVP_EncodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
-
-		write(STDOUT, ebuf, ebuflen);
-	}
-
-        EVP_EncodeFinal(&ectx, ebuf, &ebuflen); 
-
-	write(STDOUT, ebuf, ebuflen);
-}
-
-void do_decode()
-{
- 	char buf[BUFLEN];
- 	char ebuf[BUFLEN+24];
-	unsigned int ebuflen;
-	EVP_ENCODE_CTX ectx;
-        
-	EVP_DecodeInit(&ectx);
-
-	while(1)
-	{
-		int readlen = read(STDIN, buf, sizeof(buf));
-		int rc;	
-	
-		if (readlen <= 0)
-		{
-			if (!readlen)
-			   break;
-			else
-			{
-				perror("read");
-				exit(1);
-			}
-		}
-
-		rc = EVP_DecodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
-		if (rc <= 0)
-		{
-			if (!rc)
-			{
-				write(STDOUT, ebuf, ebuflen);
-				break;
-			}
-
-			fprintf(stderr, "Error: decoding message\n");
-			return;
-		}
-
-		write(STDOUT, ebuf, ebuflen);
-	}
-
-        EVP_DecodeFinal(&ectx, ebuf, &ebuflen); 
-
-	write(STDOUT, ebuf, ebuflen); 
-}
-
diff --git a/crypto/openssl/demos/maurice/loadkeys.c b/crypto/openssl/demos/maurice/loadkeys.c
deleted file mode 100644
index 82fd22a95036..000000000000
--- a/crypto/openssl/demos/maurice/loadkeys.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* NOCW */
-/*
-        Please read the README file for condition of use, before
-        using this software.
-
-        Maurice Gittens  <mgittens@gits.nl>   January 1997
-
-*/
-
-#include <unistd.h>
-#include <stdio.h>
-#include <netinet/in.h>
-#include <fcntl.h>
-#include <strings.h>
-#include <stdlib.h>
-
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-
-EVP_PKEY * ReadPublicKey(const char *certfile)
-{
-  FILE *fp = fopen (certfile, "r");   
-  X509 *x509;
-  EVP_PKEY *pkey;
-
-  if (!fp) 
-     return NULL; 
-
-  x509 = PEM_read_X509(fp, NULL, 0, NULL);
-
-  if (x509 == NULL) 
-  {  
-     ERR_print_errors_fp (stderr);
-     return NULL;   
-  }
-
-  fclose (fp);
-  
-  pkey=X509_extract_key(x509);
-
-  X509_free(x509);
-
-  if (pkey == NULL) 
-     ERR_print_errors_fp (stderr);
-
-  return pkey; 
-}
-
-EVP_PKEY *ReadPrivateKey(const char *keyfile)
-{
-	FILE *fp = fopen(keyfile, "r");
-	EVP_PKEY *pkey;
-
-	if (!fp)
-		return NULL;
-
-	pkey = PEM_read_PrivateKey(fp, NULL, 0, NULL);
-
-	fclose (fp);
-
-  	if (pkey == NULL) 
-		ERR_print_errors_fp (stderr);   
-
-	return pkey;
-}
-
-
diff --git a/crypto/openssl/demos/maurice/loadkeys.h b/crypto/openssl/demos/maurice/loadkeys.h
deleted file mode 100644
index d8fde86eb7fa..000000000000
--- a/crypto/openssl/demos/maurice/loadkeys.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/* NOCW */
-/*
-        Please read the README file for condition of use, before
-        using this software.
-
-        Maurice Gittens  <mgittens@gits.nl>   January 1997
-
-*/
-
-#ifndef LOADKEYS_H_SEEN
-#define LOADKEYS_H_SEEN
-
-#include <openssl/evp.h>
-
-EVP_PKEY * ReadPublicKey(const char *certfile);
-EVP_PKEY *ReadPrivateKey(const char *keyfile);
-
-#endif
-
diff --git a/crypto/openssl/demos/maurice/privkey.pem b/crypto/openssl/demos/maurice/privkey.pem
deleted file mode 100644
index fc3554e930a1..000000000000
--- a/crypto/openssl/demos/maurice/privkey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA3YKg/qmNagJ+eNYzdZuCAUsSgOprm4Oe467c89BxfEvqA1e0
-zLpEW7hLSdP2Ocw9Eh/aWCYnvLyrpG1i0ZFaR5+AQMG5+uMe71J4RiZDZR3ya7//
-wIFmFM2BMpHx+FF9DhcfJ/zHUf0cc0HlZkM8Z6MJuV42UFCx6EK9XMYr7Kks/mr+
-QCZknrm/LR370EhbgiqOq6TVe18mhIqaaV7BceKpWUwqdvf99M8/084wcmJlHOnp
-7tL8RAAe4IBX6UGz8ETlD3c7Gh9XXpQdw6X6r0GMTDBrKwCEUgxkDKhbFxbRHvjq
-cgFHmrkhlflx7XzSk1QMxZzo5UAoxaDKsakg+QIDAQABAoIBAQC0hnh083PnuJ6g
-Flob+B+stCUhYWtPc6ZzgphaMD+9ABV4oescipWZdooNYiyikBwZgFIvUvFBtTXh
-rLBDgUVlZ81beUb7/EvC2aBh818rsotWW0Sw/ARY4d7wetcL/EWBzUA8E5vR6wlb
-uZGelR9OiyYqp2h2bj1/v5yaVnuHxBeBj5clTHtPMXc+/70iUNBDMZ0ruZTdSwll
-e0DH8pp/5USYewlrKtRIJT7elC8LFMqEz4OpNvfaR2OEY0FatYYmSvQPNwV8/Eor
-XlNzRi9qD0uXbVexaAgQZ3/KZuAzUbOgwJZZXEAOGkZ/J1n08jljPXdU0o7bHhNl
-7siHbuEBAoGBAP53IvvJkhnH8Akf6E6sXelZkPKHnwDwfywDAiIhXza9DB1DViRS
-bZUB5gzcxmLGalex5+LcwZmsqFO5NXZ8SQeE9p0YT8yJsX4J1w9JzSvsWJBS2vyW
-Kbt21oG6JAGrWSGMIfxKpuahtWLf4JpGjftti0qIVQ60GKEPc1/xE2PZAoGBAN7Y
-nRPaUaqcIwbnH9kovOKwZ/PWREy1ecr3YXj65VYTnwSJHD0+CJa/DX8eB/G4AoNA
-Y2LPbq0Xu3+7SaUsO45VkaZuJmNwheUQ4tmyd/YdnVZ0AHXx1tvpR7QeO0WjnlNK
-mR+x00fetrff2Ypahs0wtU0Xf3F8ORgVB8jnxBIhAoGAcwf0PpI+g30Im3dbEsWE
-poogpiJ81HXjZ0fs3PTtD9eh9FCOTlkcxHFZR5M980TyqbX4t2tH8WpFpaNh8a/5
-a3bF7PoiiLnuDKXyHC0mnKZ42rU53VkcgGwWSAqXYFHPNwUcD+rHTBbp4kqGQ/eF
-E5XPk9/RY5YyVAyiAUr/kvECgYBvW1Ua75SxqbZDI8mhbZ79tGMt0NtubZz/1KCL
-oOxrGAD1dkJ7Q/1svunSpMIZgvcWeV1wqfFHY72ZNZC2jiTwmkffH9nlBPyTm92Q
-JYOWo/PUmMEGLyRL3gWrtxOtV/as7nEYCndmyZ8KwTxmy5fi/z0J2f0gS5AIPbIX
-LeGnoQKBgQDapjz9K4HWR5AMxyga4eiLIrmADySP846uz3eZIvTJQZ+6TAamvnno
-KbnU21cGq5HBBtxqQvGswLPGW9rZAgykHHJmYBUp0xv4+I4qHfXyD7QNmvq+Vxjj
-V2tgIafEpaf2ZsfM7BZeZz8MzeGcDwyrHtIO1FQiYN5Qz9Hq68XmVA==
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/pkcs12/README b/crypto/openssl/demos/pkcs12/README
deleted file mode 100644
index c87434b04f6f..000000000000
--- a/crypto/openssl/demos/pkcs12/README
+++ /dev/null
@@ -1,3 +0,0 @@
-PKCS#12 demo applications
-
-Written by Steve Henson.
diff --git a/crypto/openssl/demos/pkcs12/pkread.c b/crypto/openssl/demos/pkcs12/pkread.c
deleted file mode 100644
index 8e1b68631216..000000000000
--- a/crypto/openssl/demos/pkcs12/pkread.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* pkread.c */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Simple PKCS#12 file reader */
-
-int main(int argc, char **argv)
-{
-	FILE *fp;
-	EVP_PKEY *pkey;
-	X509 *cert;
-	STACK_OF(X509) *ca = NULL;
-	PKCS12 *p12;
-	int i;
-	if (argc != 4) {
-		fprintf(stderr, "Usage: pkread p12file password opfile\n");
-		exit (1);
-	}
-	SSLeay_add_all_algorithms();
-	ERR_load_crypto_strings();
-	if (!(fp = fopen(argv[1], "rb"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	p12 = d2i_PKCS12_fp(fp, NULL);
-	fclose (fp);
-	if (!p12) {
-		fprintf(stderr, "Error reading PKCS#12 file\n");
-		ERR_print_errors_fp(stderr);
-		exit (1);
-	}
-	if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
-		fprintf(stderr, "Error parsing PKCS#12 file\n");
-		ERR_print_errors_fp(stderr);
-		exit (1);
-	}
-	PKCS12_free(p12);
-	if (!(fp = fopen(argv[3], "w"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	if (pkey) {
-		fprintf(fp, "***Private Key***\n");
-		PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL);
-	}
-	if (cert) {
-		fprintf(fp, "***User Certificate***\n");
-		PEM_write_X509_AUX(fp, cert);
-	}
-	if (ca && sk_num(ca)) {
-		fprintf(fp, "***Other Certificates***\n");
-		for (i = 0; i < sk_X509_num(ca); i++) 
-		    PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
-	}
-	fclose(fp);
-	return 0;
-}
diff --git a/crypto/openssl/demos/pkcs12/pkwrite.c b/crypto/openssl/demos/pkcs12/pkwrite.c
deleted file mode 100644
index 15f839d1ebae..000000000000
--- a/crypto/openssl/demos/pkcs12/pkwrite.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/* pkwrite.c */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Simple PKCS#12 file creator */
-
-int main(int argc, char **argv)
-{
-	FILE *fp;
-	EVP_PKEY *pkey;
-	X509 *cert;
-	PKCS12 *p12;
-	if (argc != 5) {
-		fprintf(stderr, "Usage: pkwrite infile password name p12file\n");
-		exit(1);
-	}
-	SSLeay_add_all_algorithms();
-	ERR_load_crypto_strings();
-	if (!(fp = fopen(argv[1], "r"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	cert = PEM_read_X509(fp, NULL, NULL, NULL);
-	rewind(fp);
-	pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
-	fclose(fp);
-	p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0,0,0,0,0);
-	if(!p12) {
-		fprintf(stderr, "Error creating PKCS#12 structure\n");
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-	if (!(fp = fopen(argv[4], "wb"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-	i2d_PKCS12_fp(fp, p12);
-	PKCS12_free(p12);
-	fclose(fp);
-	return 0;
-}
diff --git a/crypto/openssl/demos/prime/Makefile b/crypto/openssl/demos/prime/Makefile
deleted file mode 100644
index 0166cd46fe46..000000000000
--- a/crypto/openssl/demos/prime/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=prime
-
-all: $(EXAMPLES) 
-
-prime: prime.o
-	$(CC) -o prime prime.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
-test: all
-	@echo Test creating a 128-bit prime
-	./prime 128
-	@echo Test creating a 256-bit prime
-	./prime 256
-	@echo Test creating a 512-bit prime
-	./prime 512
diff --git a/crypto/openssl/demos/prime/prime.c b/crypto/openssl/demos/prime/prime.c
deleted file mode 100644
index 103e0efc0cda..000000000000
--- a/crypto/openssl/demos/prime/prime.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* demos/prime/prime.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bn.h>    
-
-void callback(type,num)
-int type,num;
-	{
-	if (type == 0)
-		fprintf(stderr,".");
-	else if (type == 1)
-		fprintf(stderr,"+");
-	else if (type == 2)
-		fprintf(stderr,"*");
-	fflush(stderr);
-	}
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	BIGNUM *rand;
-	int num=256;
-
-	/* we should really call RAND_seed(char *bytes,int num);
-	 * to fully initalise the random number generator */
-	if (argc >= 2)
-		{
-		num=atoi(argv[1]);
-		if (num == 0) num=256;
-		}
-
-	fprintf(stderr,"generate a strong prime\n");
-        rand=BN_generate_prime(NULL,num,1,NULL,NULL,callback,NULL);
-	/* change the third parameter to 1 for a strong prime */
-	fprintf(stderr,"\n");
-
-	BN_print_fp(stdout,rand);           
-	fprintf(stdout,"\n");
-	BN_free(rand); 
-	exit(0);
-	return(0);
-	}
-
diff --git a/crypto/openssl/demos/privkey.pem b/crypto/openssl/demos/privkey.pem
deleted file mode 100644
index ddae24075da9..000000000000
--- a/crypto/openssl/demos/privkey.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAN+FmbxmHVOp/RxtpMGz0DvQEBz1sDktHp19hIoMSu0YZift5MAu
-4xAEJYvWVCshDiyOTWsUBXwZkrkt87FyctkCAwEAAQJAG/vxBGpQb6IPo1iC0RF/
-F430BnwoBPCGLbeCOXpSgx5X+19vuTSdEqMgeNB6+aNb+XY/7mvVfCjyD6WZ0oxs
-JQIhAPO+uL9cP40lFs62pdL3QSWsh3VNDByvOtr9LpeaxBm/AiEA6sKVfXsDQ5hd
-SHt9U61r2r8Lcxmzi9Kw6JNqjMmzqWcCIQCKoRy+aZ8Tjdas9yDVHh+FZ90bEBkl
-b1xQFNOdEj8aTQIhAOJWrO6INYNsWTPS6+hLYZtLamyUsQj0H+B8kNQge/mtAiEA
-nBfvUl243qbqN8gF7Az1u33uc9FsPVvQPiBzLxZ4ixw=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/selfsign.c b/crypto/openssl/demos/selfsign.c
deleted file mode 100644
index 68904c611eac..000000000000
--- a/crypto/openssl/demos/selfsign.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* NOCW */
-/* cc -o ssdemo -I../include selfsign.c ../libcrypto.a */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/pem.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
-
-int main()
-	{
-	BIO *bio_err;
-	X509 *x509=NULL;
-	EVP_PKEY *pkey=NULL;
-
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	mkit(&x509,&pkey,512,0,365);
-
-	RSA_print_fp(stdout,pkey->pkey.rsa,0);
-	X509_print_fp(stdout,x509);
-
-	PEM_write_PrivateKey(stdout,pkey,NULL,NULL,0,NULL, NULL);
-	PEM_write_X509(stdout,x509);
-
-	X509_free(x509);
-	EVP_PKEY_free(pkey);
-
-#ifdef CUSTOM_EXT
-	/* Only needed if we add objects or custom extensions */
-	X509V3_EXT_cleanup();
-	OBJ_cleanup();
-#endif
-
-	CRYPTO_mem_leaks(bio_err);
-	BIO_free(bio_err);
-	return(0);
-	}
-
-#ifdef WIN16
-#  define MS_CALLBACK   _far _loadds
-#  define MS_FAR        _far
-#else
-#  define MS_CALLBACK
-#  define MS_FAR
-#endif
-
-static void MS_CALLBACK callback(p, n, arg)
-int p;
-int n;
-void *arg;
-	{
-	char c='B';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	fputc(c,stderr);
-	}
-
-int mkit(x509p,pkeyp,bits,serial,days)
-X509 **x509p;
-EVP_PKEY **pkeyp;
-int bits;
-int serial;
-int days;
-	{
-	X509 *x;
-	EVP_PKEY *pk;
-	RSA *rsa;
-	X509_NAME *name=NULL;
-	X509_NAME_ENTRY *ne=NULL;
-	X509_EXTENSION *ex=NULL;
-
-	
-	if ((pkeyp == NULL) || (*pkeyp == NULL))
-		{
-		if ((pk=EVP_PKEY_new()) == NULL)
-			{
-			abort(); 
-			return(0);
-			}
-		}
-	else
-		pk= *pkeyp;
-
-	if ((x509p == NULL) || (*x509p == NULL))
-		{
-		if ((x=X509_new()) == NULL)
-			goto err;
-		}
-	else
-		x= *x509p;
-
-	rsa=RSA_generate_key(bits,RSA_F4,callback,NULL);
-	if (!EVP_PKEY_assign_RSA(pk,rsa))
-		{
-		abort();
-		goto err;
-		}
-	rsa=NULL;
-
-	X509_set_version(x,3);
-	ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
-	X509_gmtime_adj(X509_get_notBefore(x),0);
-	X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
-	X509_set_pubkey(x,pk);
-
-	name=X509_get_subject_name(x);
-
-	/* This function creates and adds the entry, working out the
-	 * correct string type and performing checks on its length.
-	 * Normally we'd check the return value for errors...
-	 */
-	X509_NAME_add_entry_by_txt(name,"C",
-				MBSTRING_ASC, "UK", -1, -1, 0);
-	X509_NAME_add_entry_by_txt(name,"CN",
-				MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
-
-	X509_set_issuer_name(x,name);
-
-	/* Add extension using V3 code: we can set the config file as NULL
-	 * because we wont reference any other sections. We can also set
-         * the context to NULL because none of these extensions below will need
-	 * to access it.
-	 */
-
-	ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_cert_type, "server");
-	X509_add_ext(x,ex,-1);
-	X509_EXTENSION_free(ex);
-
-	ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_comment,
-						"example comment extension");
-	X509_add_ext(x,ex,-1);
-	X509_EXTENSION_free(ex);
-
-	ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_ssl_server_name,
-							"www.openssl.org");
-
-	X509_add_ext(x,ex,-1);
-	X509_EXTENSION_free(ex);
-
-#if 0
-	/* might want something like this too.... */
-	ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,
-							"critical,CA:TRUE");
-
-
-	X509_add_ext(x,ex,-1);
-	X509_EXTENSION_free(ex);
-#endif
-
-#ifdef CUSTOM_EXT
-	/* Maybe even add our own extension based on existing */
-	{
-		int nid;
-		nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
-		X509V3_EXT_add_alias(nid, NID_netscape_comment);
-		ex = X509V3_EXT_conf_nid(NULL, NULL, nid,
-						"example comment alias");
-		X509_add_ext(x,ex,-1);
-		X509_EXTENSION_free(ex);
-	}
-#endif
-	
-	if (!X509_sign(x,pk,EVP_md5()))
-		goto err;
-
-	*x509p=x;
-	*pkeyp=pk;
-	return(1);
-err:
-	return(0);
-	}
diff --git a/crypto/openssl/demos/sign/Makefile b/crypto/openssl/demos/sign/Makefile
deleted file mode 100644
index e6d391e4ada4..000000000000
--- a/crypto/openssl/demos/sign/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=sign
-
-all: $(EXAMPLES) 
-
-sign: sign.o
-	$(CC) -o sign sign.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
-test: all
-	./sign
diff --git a/crypto/openssl/demos/sign/cert.pem b/crypto/openssl/demos/sign/cert.pem
deleted file mode 100644
index 9d7ac238d86b..000000000000
--- a/crypto/openssl/demos/sign/cert.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
-bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
-dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
-DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
-EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
-dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
-EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
-MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
-L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
-BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
-9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
------END CERTIFICATE-----
diff --git a/crypto/openssl/demos/sign/key.pem b/crypto/openssl/demos/sign/key.pem
deleted file mode 100644
index 239ad66f9903..000000000000
--- a/crypto/openssl/demos/sign/key.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
-2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
-oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
-8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
-a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
-WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
-6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/sign/sig.txt b/crypto/openssl/demos/sign/sig.txt
deleted file mode 100644
index 5613c0ee77ba..000000000000
--- a/crypto/openssl/demos/sign/sig.txt
+++ /dev/null
@@ -1,158 +0,0 @@
-From ssl-lists-owner@mincom.com Mon Sep 30 02:37:40 1996
-Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA11782
-  (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 11:46:21 +1000
-Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id LAA18980 for ssl-users-outgoing; Mon, 30 Sep 1996 11:44:56 +1000 (EST)
-Received: from minbne.mincom.oz.au (minbne.mincom.oz.au [192.55.196.247]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id LAA18962 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 11:44:51 +1000 (EST)
-Received: by minbne.mincom.oz.au id AA22230
-  (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 11:38:41 +1000
-Received: from brutus.neuronio.pt (brutus.neuronio.pt [193.126.253.2]) by bunyip.cc.uq.oz.au (8.7.6/8.7.3) with SMTP id LAA15824 for <ssl-users@mincom.com>; Mon, 30 Sep 1996 11:40:07 +1000
-Received: (from sampo@localhost) by brutus.neuronio.pt (8.6.11/8.6.11) id BAA08729; Mon, 30 Sep 1996 01:37:40 +0100
-Date: Mon, 30 Sep 1996 01:37:40 +0100
-Message-Id: <199609300037.BAA08729@brutus.neuronio.pt>
-From: Sampo Kellomaki <sampo@neuronio.pt>
-To: ssl-users@mincom.com
-Cc: sampo@brutus.neuronio.pt
-Subject: Signing with envelope routines
-Sender: ssl-lists-owner@mincom.com
-Precedence: bulk
-Status: RO
-X-Status: D
-
-
-I have been trying to figure out how to produce signatures with EVP_
-routines. I seem to be able to read in private key and sign some
-data ok, but I can't figure out how I am supposed to read in
-public key so that I could verify my signature. I use self signed
-certificate.
-
-I figured I should use
-	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
-	                               fp, NULL, NULL);
-to read in private key and this seems to work Ok.
-
-However when I try analogous
-	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
-	                               fp, NULL, NULL);
-the program fails with
-
-error:0D09508D:asn1 encoding routines:D2I_PUBLICKEY:unknown public key type:d2i_pu.c:93
-error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_lib.c:232
-
-I figured that the second argument to PEM_ASN1_read should match the
-name in my PEM encoded object, hence PEM_STRING_X509.
-PEM_STRING_EVP_PKEY seems to be somehow magical
-because it matches whatever private key there happens to be. I could
-not find a similar constant to use with getting the certificate, however.
-
-Is my approach of using PEM_ASN1_read correct? What should I pass in
-as name?  Can I use normal (or even self signed) X509 certificate for
-verifying the signature?
-
-When will SSLeay documentation be written ;-)? If I would contribute
-comments to the code, would Eric take time to review them and include
-them in distribution?
-
-I'm using SSLeay-0.6.4. My program is included below along with the
-key and cert that I use.
-
---Sampo
-
------------------------------------
-/* sign-it.cpp  -  Simple test app using SSLeay envelopes to sign data
-   29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
-
-#include <stdio.h>
-#include "rsa.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
-#include "err.h"
-#include "pem.h"
-#include "ssl.h"
-
-void main ()
-{
-  int err;
-  int sig_len;
-  unsigned char sig_buf [4096];
-  const char certfile[] = "plain-cert.pem";
-  const char keyfile[]  = "plain-key.pem";
-  const char data[]     = "I owe you...";
-  EVP_MD_CTX     md_ctx;
-  EVP_PKEY*      pkey;
-  FILE*          fp;
-
-  SSL_load_error_strings();
-  
-  /* Read private key */
-  
-  fp = fopen (keyfile, "r");   if (fp == NULL) exit (1);
-  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
-				   PEM_STRING_EVP_PKEY,
-				   fp,
-				   NULL, NULL);
-  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  fclose (fp);
-  
-  /* Do the signature */
-  
-  EVP_SignInit   (&md_ctx, EVP_md5());
-  EVP_SignUpdate (&md_ctx, data, strlen(data));
-  sig_len = sizeof(sig_buf);
-  err = EVP_SignFinal (&md_ctx,
-		       sig_buf, 
-		       &sig_len,
-		       pkey);
-  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  EVP_PKEY_free (pkey);
-  
-  /* Read public key */
-  
-  fp = fopen (certfile, "r");   if (fp == NULL) exit (1);
-  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PublicKey,
-				   PEM_STRING_X509,
-				   fp,
-				   NULL, NULL);
-  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  fclose (fp);
-  
-  /* Verify the signature */
-  
-  EVP_VerifyInit   (&md_ctx, EVP_md5());
-  EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
-  err = EVP_VerifyFinal (&md_ctx,
-			 sig_buf,
-			 sig_len,
-			 pkey);
-  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  EVP_PKEY_free (pkey);
-  printf ("Signature Verified Ok.\n");
-}
-/* EOF */
---------------- plain-cert.pem -----------------
------BEGIN CERTIFICATE-----
-MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
-bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
-dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
-DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
-EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
-dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
-EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
-MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
-L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
-BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
-9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
------END CERTIFICATE-----
----------------- plain-key.pem -----------------
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
-2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
-oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
-8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
-a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
-WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
-6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
------END RSA PRIVATE KEY-----
-------------------------------------------------
-
diff --git a/crypto/openssl/demos/sign/sign.c b/crypto/openssl/demos/sign/sign.c
deleted file mode 100644
index a6c66e17c3c3..000000000000
--- a/crypto/openssl/demos/sign/sign.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* demos/sign/sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* sign-it.cpp  -  Simple test app using SSLeay envelopes to sign data
-   29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
-
-/* converted to C - eay :-) */
-
-/* reformated a bit and converted to use the more common functions: this was
- * initially written at the dawn of time :-) - Steve.
- */
-
-#include <stdio.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-
-int main ()
-{
-  int err;
-  int sig_len;
-  unsigned char sig_buf [4096];
-  static char certfile[] = "cert.pem";
-  static char keyfile[]  = "key.pem";
-  static char data[]     = "I owe you...";
-  EVP_MD_CTX     md_ctx;
-  EVP_PKEY *      pkey;
-  FILE *          fp;
-  X509 *	x509;
-
-  /* Just load the crypto library error strings,
-   * SSL_load_error_strings() loads the crypto AND the SSL ones */
-  /* SSL_load_error_strings();*/
-  ERR_load_crypto_strings();
-  
-  /* Read private key */
-  
-  fp = fopen (keyfile, "r");
-  if (fp == NULL) exit (1);
-  pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
-  fclose (fp);
-
-  if (pkey == NULL) { 
-	ERR_print_errors_fp (stderr);
-	exit (1);
-  }
-  
-  /* Do the signature */
-  
-  EVP_SignInit   (&md_ctx, EVP_sha1());
-  EVP_SignUpdate (&md_ctx, data, strlen(data));
-  sig_len = sizeof(sig_buf);
-  err = EVP_SignFinal (&md_ctx, sig_buf, &sig_len, pkey);
-
-  if (err != 1) {
-	ERR_print_errors_fp(stderr);
-	exit (1);
-  }
-
-  EVP_PKEY_free (pkey);
-  
-  /* Read public key */
-  
-  fp = fopen (certfile, "r");
-  if (fp == NULL) exit (1);
-  x509 = PEM_read_X509(fp, NULL, NULL, NULL);
-  fclose (fp);
-
-  if (x509 == NULL) {
-	ERR_print_errors_fp (stderr);
-	exit (1);
-  }
-  
-  /* Get public key - eay */
-  pkey=X509_get_pubkey(x509);
-  if (pkey == NULL) {
-	ERR_print_errors_fp (stderr);
-	exit (1);
-  }
-
-  /* Verify the signature */
-  
-  EVP_VerifyInit   (&md_ctx, EVP_sha1());
-  EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
-  err = EVP_VerifyFinal (&md_ctx, sig_buf, sig_len, pkey);
-  EVP_PKEY_free (pkey);
-
-  if (err != 1) {
-	ERR_print_errors_fp (stderr);
-	exit (1);
-  }
-  printf ("Signature Verified Ok.\n");
-  return(0);
-}
diff --git a/crypto/openssl/demos/sign/sign.txt b/crypto/openssl/demos/sign/sign.txt
deleted file mode 100644
index 2aa2b46cc36e..000000000000
--- a/crypto/openssl/demos/sign/sign.txt
+++ /dev/null
@@ -1,170 +0,0 @@
-From ssl-lists-owner@mincom.com Mon Sep 30 22:43:15 1996
-Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA12802
-  (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 12:45:43 +1000
-Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id MAA25922 for ssl-users-outgoing; Mon, 30 Sep 1996 12:43:43 +1000 (EST)
-Received: from orb.mincom.oz.au (eay@orb.mincom.oz.au [192.55.197.1]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id MAA25900 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 12:43:39 +1000 (EST)
-Received: by orb.mincom.oz.au id AA12688
-  (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 12:43:16 +1000
-Date: Mon, 30 Sep 1996 12:43:15 +1000 (EST)
-From: Eric Young <eay@mincom.com>
-X-Sender: eay@orb
-To: Sampo Kellomaki <sampo@neuronio.pt>
-Cc: ssl-users@mincom.com, sampo@brutus.neuronio.pt
-Subject: Re: Signing with envelope routines
-In-Reply-To: <199609300037.BAA08729@brutus.neuronio.pt>
-Message-Id: <Pine.SOL.3.91.960930121504.11800Y-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Sender: ssl-lists-owner@mincom.com
-Precedence: bulk
-Status: O
-X-Status: 
-
-
-On Mon, 30 Sep 1996, Sampo Kellomaki wrote:
-> I have been trying to figure out how to produce signatures with EVP_
-> routines. I seem to be able to read in private key and sign some
-> data ok, but I can't figure out how I am supposed to read in
-> public key so that I could verify my signature. I use self signed
-> certificate.
-
-hmm... a rather poorly documented are of the library at this point in time.
-
-> I figured I should use
-> 	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
-> 	                               fp, NULL, NULL);
-> to read in private key and this seems to work Ok.
-> 
-> However when I try analogous
-> 	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
-> 	                               fp, NULL, NULL);
-
-What you should do is 
-	X509 *x509=PEM_read_X509(fp,NULL,NULL);
-	/* which is the same as PEM_ASN1_read(d2i_X509,PEM_STRING_X509,fp,
-	 * NULL,NULL); */
-Then
-	EVP_PKEY *pkey=X509_extract_key(x509);
-
-There is also a X509_REQ_extract_key(req);
-which gets the public key from a certificate request.
-
-I re-worked quite a bit of this when I cleaned up the dependancy on
-RSA as the private key.
-
-> I figured that the second argument to PEM_ASN1_read should match the
-> name in my PEM encoded object, hence PEM_STRING_X509.
-> PEM_STRING_EVP_PKEY seems to be somehow magical
-> because it matches whatever private key there happens to be. I could
-> not find a similar constant to use with getting the certificate, however.
-
-:-), PEM_STRING_EVP_PKEY is 'magical' :-).  In theory I should be using a
-standard such as PKCS#8 to store the private key so that the type is 
-encoded in the asn.1 encoding of the object.
-
-> Is my approach of using PEM_ASN1_read correct? What should I pass in
-> as name?  Can I use normal (or even self signed) X509 certificate for
-> verifying the signature?
-
-The actual public key is kept in the certificate, so basically you have 
-to load the certificate and then 'unpack' the public key from the 
-certificate.
-
-> When will SSLeay documentation be written ;-)? If I would contribute
-> comments to the code, would Eric take time to review them and include
-> them in distribution?
-
-:-) After SSLv3 and PKCS#7 :-).  I actually started doing a function list 
-but what I really need to do is do quite a few 'this is how you do xyz' 
-type documents.  I suppose the current method is to post to ssl-users and 
-I'll respond :-).
-
-I'll add a 'demo' directory for the next release, I've appended a 
-modified version of your program that works, you were very close :-).
-
-eric
-
-/* sign-it.cpp  -  Simple test app using SSLeay envelopes to sign data
-   29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
-
-/* converted to C - eay :-) */
-
-#include <stdio.h>
-#include "rsa.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
-#include "err.h"
-#include "pem.h"
-#include "ssl.h"
-
-void main ()
-{
-  int err;
-  int sig_len;
-  unsigned char sig_buf [4096];
-  static char certfile[] = "plain-cert.pem";
-  static char keyfile[]  = "plain-key.pem";
-  static char data[]     = "I owe you...";
-  EVP_MD_CTX     md_ctx;
-  EVP_PKEY *      pkey;
-  FILE *          fp;
-  X509 *	x509;
-
-  /* Just load the crypto library error strings,
-   * SSL_load_error_strings() loads the crypto AND the SSL ones */
-  /* SSL_load_error_strings();*/
-  ERR_load_crypto_strings();
-  
-  /* Read private key */
-  
-  fp = fopen (keyfile, "r");   if (fp == NULL) exit (1);
-  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
-				   PEM_STRING_EVP_PKEY,
-				   fp,
-				   NULL, NULL);
-  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  fclose (fp);
-  
-  /* Do the signature */
-  
-  EVP_SignInit   (&md_ctx, EVP_md5());
-  EVP_SignUpdate (&md_ctx, data, strlen(data));
-  sig_len = sizeof(sig_buf);
-  err = EVP_SignFinal (&md_ctx,
-		       sig_buf, 
-		       &sig_len,
-		       pkey);
-  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  EVP_PKEY_free (pkey);
-  
-  /* Read public key */
-  
-  fp = fopen (certfile, "r");   if (fp == NULL) exit (1);
-  x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
-				   PEM_STRING_X509,
-				   fp, NULL, NULL);
-  if (x509 == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  fclose (fp);
-  
-  /* Get public key - eay */
-  pkey=X509_extract_key(x509);
-  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
-
-  /* Verify the signature */
-  
-  EVP_VerifyInit   (&md_ctx, EVP_md5());
-  EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
-  err = EVP_VerifyFinal (&md_ctx,
-			 sig_buf,
-			 sig_len,
-			 pkey);
-  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
-  EVP_PKEY_free (pkey);
-  printf ("Signature Verified Ok.\n");
-}
-
-
-
-
-
diff --git a/crypto/openssl/demos/spkigen.c b/crypto/openssl/demos/spkigen.c
deleted file mode 100644
index 2cd5dfea970d..000000000000
--- a/crypto/openssl/demos/spkigen.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* NOCW */
-/* demos/spkigen.c
- * 18-Mar-1997 - eay - A quick hack :-) 
- * 		version 1.1, it would probably help to save or load the
- *		private key :-)
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-/* The following two don't exist in SSLeay but they are in here as
- * examples */
-#define PEM_write_SPKI(fp,x) \
-	PEM_ASN1_write((int (*)())i2d_NETSCAPE_SPKI,"SPKI",fp,\
-			(char *)x,NULL,NULL,0,NULL)
-int SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-/* These are defined in the next version of SSLeay */
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type,char *key);
-#define RSA_F4	0x10001
-#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
-					(char *)(rsa))
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	RSA *rsa=NULL;
-	NETSCAPE_SPKI *spki=NULL;
-	EVP_PKEY *pkey=NULL;
-	char buf[128];
-	int ok=0,i;
-	FILE *fp;
-
-	pkey=EVP_PKEY_new();
-	 
-	if (argc < 2)
-		{
-		/* Generate an RSA key, the random state should have been seeded
-		 * with lots of calls to RAND_seed(....) */
-		fprintf(stderr,"generating RSA key, could take some time...\n");
-		if ((rsa=RSA_generate_key(512,RSA_F4,NULL)) == NULL) goto err;
-		}
-	else
-		{
-		if ((fp=fopen(argv[1],"r")) == NULL)
-			{ perror(argv[1]); goto err; }
-		if ((rsa=PEM_read_RSAPrivateKey(fp,NULL,NULL)) == NULL)
-			goto err;
-		fclose(fp);
-		}
-	
-	if (!EVP_PKEY_assign_RSA(pkey,rsa)) goto err;
-	rsa=NULL;
-
-	/* lets make the spki and set the public key and challenge */
-	if ((spki=NETSCAPE_SPKI_new()) == NULL) goto err;
-
-	if (!SPKI_set_pubkey(spki,pkey)) goto err;
-
-	fprintf(stderr,"please enter challenge string:");
-	fflush(stderr);
-	buf[0]='\0';
-	fgets(buf,sizeof buf,stdin);
-	i=strlen(buf);
-	if (i > 0) buf[--i]='\0';
-	if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge,
-		buf,i)) goto err;
-
-	if (!NETSCAPE_SPKI_sign(spki,pkey,EVP_md5())) goto err;
-	PEM_write_SPKI(stdout,spki);
-	if (argc < 2)
-		PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL);
-
-	ok=1;
-err:
-	if (!ok)
-		{
-		fprintf(stderr,"something bad happened....");
-		ERR_print_errors_fp(stderr);
-		}
-	NETSCAPE_SPKI_free(spki);
-	EVP_PKEY_free(pkey);
-	exit(!ok);
-	}
-
-/* This function is in the next version of SSLeay */
-int EVP_PKEY_assign(pkey,type,key)
-EVP_PKEY *pkey;
-int type;
-char *key;
-	{
-	if (pkey == NULL) return(0);
-	if (pkey->pkey.ptr != NULL)
-		{
-		if (pkey->type == EVP_PKEY_RSA)
-			RSA_free(pkey->pkey.rsa);
-		/* else memory leak */
-		}
-	pkey->type=type;
-	pkey->pkey.ptr=key;
-	return(1);
-	}
-
-/* While I have a 
- * X509_set_pubkey() and X509_REQ_set_pubkey(), SPKI_set_pubkey() does
- * not currently exist so here is a version of it.
- * The next SSLeay release will probably have
- * X509_set_pubkey(),
- * X509_REQ_set_pubkey() and
- * NETSCAPE_SPKI_set_pubkey()
- * as macros calling the same function */
-int SPKI_set_pubkey(x,pkey)
-NETSCAPE_SPKI *x;
-EVP_PKEY *pkey;
-	{
-	int ok=0;
-	X509_PUBKEY *pk;
-	X509_ALGOR *a;
-	ASN1_OBJECT *o;
-	unsigned char *s,*p;
-	int i;
-
-	if (x == NULL) return(0);
-
-	if ((pk=X509_PUBKEY_new()) == NULL) goto err;
-	a=pk->algor;
-
-	/* set the algorithm id */
-	if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
-	ASN1_OBJECT_free(a->algorithm);
-	a->algorithm=o;
-
-	/* Set the parameter list */
-	if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL))
-		{
-		ASN1_TYPE_free(a->parameter);
-		a->parameter=ASN1_TYPE_new();
-		a->parameter->type=V_ASN1_NULL;
-		}
-	i=i2d_PublicKey(pkey,NULL);
-	if ((s=(unsigned char *)malloc(i+1)) == NULL) goto err;
-	p=s;
-	i2d_PublicKey(pkey,&p);
-	if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
-	free(s);
-
-	X509_PUBKEY_free(x->spkac->pubkey);
-	x->spkac->pubkey=pk;
-	pk=NULL;
-	ok=1;
-err:
-	if (pk != NULL) X509_PUBKEY_free(pk);
-	return(ok);
-	}
-
diff --git a/crypto/openssl/demos/ssl/cli.cpp b/crypto/openssl/demos/ssl/cli.cpp
deleted file mode 100644
index 49cba5da0c81..000000000000
--- a/crypto/openssl/demos/ssl/cli.cpp
+++ /dev/null
@@ -1,110 +0,0 @@
-/* cli.cpp  -  Minimal ssleay client for Unix
-   30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
-
-/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
-   Simplified to be even more minimal
-   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
-
-#include <stdio.h>
-#include <memory.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-
-#define CHK_NULL(x) if ((x)==NULL) exit (1)
-#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
-#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
-
-void main ()
-{
-  int err;
-  int sd;
-  struct sockaddr_in sa;
-  SSL_CTX* ctx;
-  SSL*     ssl;
-  X509*    server_cert;
-  char*    str;
-  char     buf [4096];
-  SSL_METHOD *meth;
-
-  SSLeay_add_ssl_algorithms();
-  meth = SSLv2_client_method();
-  SSL_load_error_strings();
-  ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);
-
-  CHK_SSL(err);
-  
-  /* ----------------------------------------------- */
-  /* Create a socket and connect to server using normal socket calls. */
-  
-  sd = socket (AF_INET, SOCK_STREAM, 0);       CHK_ERR(sd, "socket");
- 
-  memset (&sa, '\0', sizeof(sa));
-  sa.sin_family      = AF_INET;
-  sa.sin_addr.s_addr = inet_addr ("127.0.0.1");   /* Server IP */
-  sa.sin_port        = htons     (1111);          /* Server Port number */
-  
-  err = connect(sd, (struct sockaddr*) &sa,
-		sizeof(sa));                   CHK_ERR(err, "connect");
-
-  /* ----------------------------------------------- */
-  /* Now we have TCP conncetion. Start SSL negotiation. */
-  
-  ssl = SSL_new (ctx);                         CHK_NULL(ssl);    
-  SSL_set_fd (ssl, sd);
-  err = SSL_connect (ssl);                     CHK_SSL(err);
-    
-  /* Following two steps are optional and not required for
-     data exchange to be successful. */
-  
-  /* Get the cipher - opt */
-
-  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
-  
-  /* Get server's certificate (note: beware of dynamic allocation) - opt */
-
-  server_cert = SSL_get_peer_certificate (ssl);       CHK_NULL(server_cert);
-  printf ("Server certificate:\n");
-  
-  str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
-  CHK_NULL(str);
-  printf ("\t subject: %s\n", str);
-  OPENSSL_free (str);
-
-  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
-  CHK_NULL(str);
-  printf ("\t issuer: %s\n", str);
-  OPENSSL_free (str);
-
-  /* We could do all sorts of certificate verification stuff here before
-     deallocating the certificate. */
-
-  X509_free (server_cert);
-  
-  /* --------------------------------------------------- */
-  /* DATA EXCHANGE - Send a message and receive a reply. */
-
-  err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));  CHK_SSL(err);
-  
-  err = SSL_read (ssl, buf, sizeof(buf) - 1);                     CHK_SSL(err);
-  buf[err] = '\0';
-  printf ("Got %d chars:'%s'\n", err, buf);
-  SSL_shutdown (ssl);  /* send SSL/TLS close_notify */
-
-  /* Clean up. */
-
-  close (sd);
-  SSL_free (ssl);
-  SSL_CTX_free (ctx);
-}
-/* EOF - cli.cpp */
diff --git a/crypto/openssl/demos/ssl/inetdsrv.cpp b/crypto/openssl/demos/ssl/inetdsrv.cpp
deleted file mode 100644
index efd70d2771b8..000000000000
--- a/crypto/openssl/demos/ssl/inetdsrv.cpp
+++ /dev/null
@@ -1,98 +0,0 @@
-/* inetdserv.cpp  -  Minimal ssleay server for Unix inetd.conf
- * 30.9.1996, Sampo Kellomaki <sampo@iki.fi>
- * From /etc/inetd.conf:
- *     1111 stream tcp nowait sampo /usr/users/sampo/demo/inetdserv inetdserv
- */
-
-#include <stdio.h>
-#include <errno.h>
-
-#include "rsa.h"       /* SSLeay stuff */
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-#define HOME "/usr/users/sampo/demo/"
-#define CERTF HOME "plain-cert.pem"
-#define KEYF  HOME "plain-key.pem"
-
-#define CHK_NULL(x) if ((x)==NULL) exit (1)
-#define CHK_ERR(err,s) if ((err)==-1) \
-                         { fprintf(log, "%s %d\n", (s), errno); exit(1); }
-#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(log); exit(2); }
-
-void main ()
-{
-  int err;
-  SSL_CTX* ctx;
-  SSL*     ssl;
-  X509*    client_cert;
-  char*    str;
-  char     buf [4096];
-  FILE* log;
-  
-  log = fopen ("/dev/console", "a");                     CHK_NULL(log);
-  fprintf (log, "inetdserv %ld\n", (long)getpid());
-  
-  SSL_load_error_strings();
-  ctx = SSL_CTX_new (); CHK_NULL(ctx);
-  
-  err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF,  SSL_FILETYPE_PEM);
-  CHK_SSL (err);
-  
-  err = SSL_CTX_use_certificate_file   (ctx, CERTF, SSL_FILETYPE_PEM);
-  CHK_SSL (err);
-
-  /* inetd has already opened the TCP connection, so we can get right
-     down to business. */
-  
-  ssl = SSL_new (ctx);  CHK_NULL(ssl);
-  SSL_set_fd (ssl,  fileno(stdin));
-  err = SSL_accept (ssl);                                CHK_SSL(err);
-  
-  /* Get the cipher - opt */
-  
-  fprintf (log, "SSL connection using %s\n", SSL_get_cipher (ssl));
-  
-  /* Get client's certificate (note: beware of dynamic allocation) - opt */
-
-  client_cert = SSL_get_peer_certificate (ssl);
-  if (client_cert != NULL) {
-    fprintf (log, "Client certificate:\n");
-    
-    str = X509_NAME_oneline (X509_get_subject_name (client_cert));
-    CHK_NULL(str);
-    fprintf (log, "\t subject: %s\n", str);
-    OPENSSL_free (str);
-    
-    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert));
-    CHK_NULL(str);
-    fprintf (log, "\t issuer: %s\n", str);
-    OPENSSL_free (str);
-    
-    /* We could do all sorts of certificate verification stuff here before
-       deallocating the certificate. */
-    
-    X509_free (client_cert);
-  } else
-    fprintf (log, "Client doe not have certificate.\n");
-
-  /* ------------------------------------------------- */
-  /* DATA EXCHANGE: Receive message and send reply  */
-  
-  err = SSL_read (ssl, buf, sizeof(buf) - 1);  CHK_SSL(err);
-  buf[err] = '\0';
-  fprintf (log, "Got %d chars:'%s'\n", err, buf);
-  
-  err = SSL_write (ssl, "Loud and clear.", strlen("Loud and clear."));
-  CHK_SSL(err);
-
-  /* Clean up. */
-
-  fclose (log);
-  SSL_free (ssl);
-  SSL_CTX_free (ctx);
-}
-/* EOF - inetdserv.cpp */
diff --git a/crypto/openssl/demos/ssl/serv.cpp b/crypto/openssl/demos/ssl/serv.cpp
deleted file mode 100644
index b142c758d2c2..000000000000
--- a/crypto/openssl/demos/ssl/serv.cpp
+++ /dev/null
@@ -1,152 +0,0 @@
-/* serv.cpp  -  Minimal ssleay server for Unix
-   30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
-
-
-/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
-   Simplified to be even more minimal
-   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
-
-#include <stdio.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <memory.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-
-#include <openssl/rsa.h>       /* SSLeay stuff */
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-
-/* define HOME to be dir for key and cert files... */
-#define HOME "./"
-/* Make these what you want for cert & key files */
-#define CERTF  HOME "foo-cert.pem"
-#define KEYF  HOME  "foo-cert.pem"
-
-
-#define CHK_NULL(x) if ((x)==NULL) exit (1)
-#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
-#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
-
-void main ()
-{
-  int err;
-  int listen_sd;
-  int sd;
-  struct sockaddr_in sa_serv;
-  struct sockaddr_in sa_cli;
-  size_t client_len;
-  SSL_CTX* ctx;
-  SSL*     ssl;
-  X509*    client_cert;
-  char*    str;
-  char     buf [4096];
-  SSL_METHOD *meth;
-  
-  /* SSL preliminaries. We keep the certificate and key with the context. */
-
-  SSL_load_error_strings();
-  SSLeay_add_ssl_algorithms();
-  meth = SSLv23_server_method();
-  ctx = SSL_CTX_new (meth);
-  if (!ctx) {
-    ERR_print_errors_fp(stderr);
-    exit(2);
-  }
-  
-  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
-    ERR_print_errors_fp(stderr);
-    exit(3);
-  }
-  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
-    ERR_print_errors_fp(stderr);
-    exit(4);
-  }
-
-  if (!SSL_CTX_check_private_key(ctx)) {
-    fprintf(stderr,"Private key does not match the certificate public key\n");
-    exit(5);
-  }
-
-  /* ----------------------------------------------- */
-  /* Prepare TCP socket for receiving connections */
-
-  listen_sd = socket (AF_INET, SOCK_STREAM, 0);   CHK_ERR(listen_sd, "socket");
-  
-  memset (&sa_serv, '\0', sizeof(sa_serv));
-  sa_serv.sin_family      = AF_INET;
-  sa_serv.sin_addr.s_addr = INADDR_ANY;
-  sa_serv.sin_port        = htons (1111);          /* Server Port number */
-  
-  err = bind(listen_sd, (struct sockaddr*) &sa_serv,
-	     sizeof (sa_serv));                   CHK_ERR(err, "bind");
-	     
-  /* Receive a TCP connection. */
-	     
-  err = listen (listen_sd, 5);                    CHK_ERR(err, "listen");
-  
-  client_len = sizeof(sa_cli);
-  sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
-  CHK_ERR(sd, "accept");
-  close (listen_sd);
-
-  printf ("Connection from %lx, port %x\n",
-	  sa_cli.sin_addr.s_addr, sa_cli.sin_port);
-  
-  /* ----------------------------------------------- */
-  /* TCP connection is ready. Do server side SSL. */
-
-  ssl = SSL_new (ctx);                           CHK_NULL(ssl);
-  SSL_set_fd (ssl, sd);
-  err = SSL_accept (ssl);                        CHK_SSL(err);
-  
-  /* Get the cipher - opt */
-  
-  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
-  
-  /* Get client's certificate (note: beware of dynamic allocation) - opt */
-
-  client_cert = SSL_get_peer_certificate (ssl);
-  if (client_cert != NULL) {
-    printf ("Client certificate:\n");
-    
-    str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
-    CHK_NULL(str);
-    printf ("\t subject: %s\n", str);
-    OPENSSL_free (str);
-    
-    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert), 0, 0);
-    CHK_NULL(str);
-    printf ("\t issuer: %s\n", str);
-    OPENSSL_free (str);
-    
-    /* We could do all sorts of certificate verification stuff here before
-       deallocating the certificate. */
-    
-    X509_free (client_cert);
-  } else
-    printf ("Client does not have certificate.\n");
-
-  /* DATA EXCHANGE - Receive message and send reply. */
-
-  err = SSL_read (ssl, buf, sizeof(buf) - 1);                   CHK_SSL(err);
-  buf[err] = '\0';
-  printf ("Got %d chars:'%s'\n", err, buf);
-  
-  err = SSL_write (ssl, "I hear you.", strlen("I hear you."));  CHK_SSL(err);
-
-  /* Clean up. */
-
-  close (sd);
-  SSL_free (ssl);
-  SSL_CTX_free (ctx);
-}
-/* EOF - serv.cpp */
diff --git a/crypto/openssl/demos/state_machine/Makefile b/crypto/openssl/demos/state_machine/Makefile
deleted file mode 100644
index c7a114540de9..000000000000
--- a/crypto/openssl/demos/state_machine/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
-CFLAGS=-I../../include -Wall -Werror -g
-
-all: state_machine
-
-state_machine: state_machine.o
-	$(CC) -o state_machine state_machine.o -L../.. -lssl -lcrypto
-
-test: state_machine
-	./state_machine 10000 ../../apps/server.pem ../../apps/server.pem
diff --git a/crypto/openssl/demos/state_machine/state_machine.c b/crypto/openssl/demos/state_machine/state_machine.c
deleted file mode 100644
index fef3f3e3d1fc..000000000000
--- a/crypto/openssl/demos/state_machine/state_machine.c
+++ /dev/null
@@ -1,416 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Nuron, a leader in hardware encryption technology, generously
- * sponsored the development of this demo by Ben Laurie.
- *
- * See http://www.nuron.com/.
- */
-
-/*
- * the aim of this demo is to provide a fully working state-machine
- * style SSL implementation, i.e. one where the main loop acquires
- * some data, then converts it from or to SSL by feeding it into the
- * SSL state machine. It then does any I/O required by the state machine
- * and loops.
- *
- * In order to keep things as simple as possible, this implementation
- * listens on a TCP socket, which it expects to get an SSL connection
- * on (for example, from s_client) and from then on writes decrypted
- * data to stdout and encrypts anything arriving on stdin. Verbose
- * commentary is written to stderr.
- *
- * This implementation acts as a server, but it can also be done for a client.  */
-
-#include <openssl/ssl.h>
-#include <assert.h>
-#include <unistd.h>
-#include <string.h>
-#include <openssl/err.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-
-/* die_unless is intended to work like assert, except that it happens
-   always, even if NDEBUG is defined. Use assert as a stopgap. */
-
-#define die_unless(x)	assert(x)
-
-typedef struct
-    {
-    SSL_CTX *pCtx;
-    BIO *pbioRead;
-    BIO *pbioWrite;
-    SSL *pSSL;
-    } SSLStateMachine;
-
-void SSLStateMachine_print_error(SSLStateMachine *pMachine,const char *szErr)
-    {
-    unsigned long l;
-
-    fprintf(stderr,"%s\n",szErr);
-    while((l=ERR_get_error()))
-	{
-	char buf[1024];
-
-	ERR_error_string_n(l,buf,sizeof buf);
-	fprintf(stderr,"Error %lx: %s\n",l,buf);
-	}
-    }
-
-SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
-				     const char *szKeyFile)
-    {
-    SSLStateMachine *pMachine=malloc(sizeof *pMachine);
-    int n;
-
-    die_unless(pMachine);
-
-    pMachine->pCtx=SSL_CTX_new(SSLv23_server_method());
-    die_unless(pMachine->pCtx);
-
-    n=SSL_CTX_use_certificate_file(pMachine->pCtx,szCertificateFile,
-				   SSL_FILETYPE_PEM);
-    die_unless(n > 0);
-
-    n=SSL_CTX_use_PrivateKey_file(pMachine->pCtx,szKeyFile,SSL_FILETYPE_PEM);
-    die_unless(n > 0);
-
-    pMachine->pSSL=SSL_new(pMachine->pCtx);
-    die_unless(pMachine->pSSL);
-
-    pMachine->pbioRead=BIO_new(BIO_s_mem());
-
-    pMachine->pbioWrite=BIO_new(BIO_s_mem());
-
-    SSL_set_bio(pMachine->pSSL,pMachine->pbioRead,pMachine->pbioWrite);
-
-    SSL_set_accept_state(pMachine->pSSL);
-
-    return pMachine;
-    }
-
-void SSLStateMachine_read_inject(SSLStateMachine *pMachine,
-				 const unsigned char *aucBuf,int nBuf)
-    {
-    int n=BIO_write(pMachine->pbioRead,aucBuf,nBuf);
-    /* If it turns out this assert fails, then buffer the data here
-     * and just feed it in in churn instead. Seems to me that it
-     * should be guaranteed to succeed, though.
-     */
-    assert(n == nBuf);
-    fprintf(stderr,"%d bytes of encrypted data fed to state machine\n",n);
-    }
-
-int SSLStateMachine_read_extract(SSLStateMachine *pMachine,
-				 unsigned char *aucBuf,int nBuf)
-    {
-    int n;
-
-    if(!SSL_is_init_finished(pMachine->pSSL))
-	{
-	fprintf(stderr,"Doing SSL_accept\n");
-	n=SSL_accept(pMachine->pSSL);
-	if(n == 0)
-	    fprintf(stderr,"SSL_accept returned zero\n");
-	if(n < 0)
-	    {
-	    int err;
-
-	    if((err=SSL_get_error(pMachine->pSSL,n)) == SSL_ERROR_WANT_READ)
-		{
-		fprintf(stderr,"SSL_accept wants more data\n");
-		return 0;
-		}
-
-	    SSLStateMachine_print_error(pMachine,"SSL_accept error");
-	    exit(7);
-	    }
-	return 0;
-	}
-
-    n=SSL_read(pMachine->pSSL,aucBuf,nBuf);
-    if(n < 0)
-	{
-	int err=SSL_get_error(pMachine->pSSL,n);
-
-	if(err == SSL_ERROR_WANT_READ)
-	    {
-	    fprintf(stderr,"SSL_read wants more data\n");
-	    return 0;
-	    }
-
-	SSLStateMachine_print_error(pMachine,"SSL_read error");
-	exit(8);
-	}
-
-    fprintf(stderr,"%d bytes of decrypted data read from state machine\n",n);
-    return n;
-    }
-
-int SSLStateMachine_write_can_extract(SSLStateMachine *pMachine)
-    {
-    int n=BIO_pending(pMachine->pbioWrite);
-    if(n)
-	fprintf(stderr,"There is encrypted data available to write\n");
-    else
-	fprintf(stderr,"There is no encrypted data available to write\n");
-
-    return n;
-    }
-
-int SSLStateMachine_write_extract(SSLStateMachine *pMachine,
-				  unsigned char *aucBuf,int nBuf)
-    {
-    int n;
-
-    n=BIO_read(pMachine->pbioWrite,aucBuf,nBuf);
-    fprintf(stderr,"%d bytes of encrypted data read from state machine\n",n);
-    return n;
-    }
-
-void SSLStateMachine_write_inject(SSLStateMachine *pMachine,
-				  const unsigned char *aucBuf,int nBuf)
-    {
-    int n=SSL_write(pMachine->pSSL,aucBuf,nBuf);
-    /* If it turns out this assert fails, then buffer the data here
-     * and just feed it in in churn instead. Seems to me that it
-     * should be guaranteed to succeed, though.
-     */
-    assert(n == nBuf);
-    fprintf(stderr,"%d bytes of unencrypted data fed to state machine\n",n);
-    }
-
-int OpenSocket(int nPort)
-    {
-    int nSocket;
-    struct sockaddr_in saServer;
-    struct sockaddr_in saClient;
-    int one=1;
-    int nSize;
-    int nFD;
-    int nLen;
-
-    nSocket=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
-    if(nSocket < 0)
-	{
-	perror("socket");
-	exit(1);
-	}
-
-    if(setsockopt(nSocket,SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof one) < 0)
-	{
-	perror("setsockopt");
-        exit(2);
-	}
-
-    memset(&saServer,0,sizeof saServer);
-    saServer.sin_family=AF_INET;
-    saServer.sin_port=htons(nPort);
-    nSize=sizeof saServer;
-    if(bind(nSocket,(struct sockaddr *)&saServer,nSize) < 0)
-	{
-	perror("bind");
-	exit(3);
-	}
-
-    if(listen(nSocket,512) < 0)
-	{
-	perror("listen");
-	exit(4);
-	}
-
-    nLen=sizeof saClient;
-    nFD=accept(nSocket,(struct sockaddr *)&saClient,&nLen);
-    if(nFD < 0)
-	{
-	perror("accept");
-	exit(5);
-	}
-
-    fprintf(stderr,"Incoming accepted on port %d\n",nPort);
-
-    return nFD;
-    }
-
-int main(int argc,char **argv)
-    {
-    SSLStateMachine *pMachine;
-    int nPort;
-    int nFD;
-    const char *szCertificateFile;
-    const char *szKeyFile;
-    char rbuf[1];
-    int nrbuf=0;
-
-    if(argc != 4)
-	{
-	fprintf(stderr,"%s <port> <certificate file> <key file>\n",argv[0]);
-	exit(6);
-	}
-
-    nPort=atoi(argv[1]);
-    szCertificateFile=argv[2];
-    szKeyFile=argv[3];
-
-    SSL_library_init();
-    OpenSSL_add_ssl_algorithms();
-    SSL_load_error_strings();
-    ERR_load_crypto_strings();
-
-    nFD=OpenSocket(nPort);
-
-    pMachine=SSLStateMachine_new(szCertificateFile,szKeyFile);
-
-    for( ; ; )
-	{
-	fd_set rfds,wfds;
-	unsigned char buf[1024];
-	int n;
-
-	FD_ZERO(&rfds);
-	FD_ZERO(&wfds);
-
-	/* Select socket for input */
-	FD_SET(nFD,&rfds);
-
-	/* check whether there's decrypted data */
-	if(!nrbuf)
-	    nrbuf=SSLStateMachine_read_extract(pMachine,rbuf,1);
-
-	/* if there's decrypted data, check whether we can write it */
-	if(nrbuf)
-	    FD_SET(1,&wfds);
-
-	/* Select socket for output */
-	if(SSLStateMachine_write_can_extract(pMachine))
-	    FD_SET(nFD,&wfds);
-
-	/* Select stdin for input */
-	FD_SET(0,&rfds);
-
-	/* Wait for something to do something */
-	n=select(nFD+1,&rfds,&wfds,NULL,NULL);
-	assert(n > 0);
-
-	/* Socket is ready for input */
-	if(FD_ISSET(nFD,&rfds))
-	    {
-	    n=read(nFD,buf,sizeof buf);
-	    if(n == 0)
-		{
-		fprintf(stderr,"Got EOF on socket\n");
-		exit(0);
-		}
-	    assert(n > 0);
-
-	    SSLStateMachine_read_inject(pMachine,buf,n);
-	    }
-
-	/* stdout is ready for output (and hence we have some to send it) */
-	if(FD_ISSET(1,&wfds))
-	    {
-	    assert(nrbuf == 1);
-	    buf[0]=rbuf[0];
-	    nrbuf=0;
-
-	    n=SSLStateMachine_read_extract(pMachine,buf+1,sizeof buf-1);
-	    if(n < 0)
-		{
-		SSLStateMachine_print_error(pMachine,"read extract failed");
-		break;
-		}
-	    assert(n >= 0);
-	    ++n;
-	    if(n > 0) /* FIXME: has to be true now */
-		{
-		int w;
-		
-		w=write(1,buf,n);
-		/* FIXME: we should push back any unwritten data */
-		assert(w == n);
-		}
-	    }
-
-	/* Socket is ready for output (and therefore we have output to send) */
-	if(FD_ISSET(nFD,&wfds))
-	    {
-	    int w;
-
-	    n=SSLStateMachine_write_extract(pMachine,buf,sizeof buf);
-	    assert(n > 0);
-
-	    w=write(nFD,buf,n);
-	    /* FIXME: we should push back any unwritten data */
-	    assert(w == n);
-	    }
-
-	/* Stdin is ready for input */
-	if(FD_ISSET(0,&rfds))
-	    {
-	    n=read(0,buf,sizeof buf);
-	    if(n == 0)
-		{
-		fprintf(stderr,"Got EOF on stdin\n");
-		exit(0);
-		}
-	    assert(n > 0);
-
-	    SSLStateMachine_write_inject(pMachine,buf,n);
-	    }
-	}
-    /* not reached */
-    return 0;
-    }
diff --git a/crypto/openssl/demos/tunala/A-client.pem b/crypto/openssl/demos/tunala/A-client.pem
deleted file mode 100644
index a4caf6ef8a85..000000000000
--- a/crypto/openssl/demos/tunala/A-client.pem
+++ /dev/null
@@ -1,84 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
-        Validity
-            Not Before: Jan 16 05:19:30 2002 GMT
-            Not After : Jan 14 05:19:30 2012 GMT
-        Subject: C=NZ, L=Auckland, O=Mordor, OU=SSL grunt things, CN=tunala-client/Email=client@fake.domain
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:b0:d3:56:5c:c8:7f:fb:f4:95:9d:04:84:4f:82:
-                    b7:a2:75:5c:81:48:8c:56:5d:52:ee:38:e1:5c:c8:
-                    9a:70:8e:72:f2:00:1c:17:ef:df:b7:06:59:82:04:
-                    f1:f6:49:11:12:a6:4d:cb:1e:ed:ac:59:1c:4a:d0:
-                    3d:de:e6:f2:8d:cd:39:c2:0f:e0:46:2f:db:cb:9f:
-                    47:f7:56:e7:f8:16:5f:68:71:fb:3a:e3:ab:d2:e5:
-                    05:b7:da:65:61:fe:6d:30:e4:12:a8:b5:c1:71:24:
-                    6b:aa:80:05:41:17:a0:8b:6e:8b:e6:04:cf:85:7b:
-                    2a:ac:a1:79:7d:f4:96:6e:77
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                F8:43:CB:4F:4D:4F:BC:6E:52:1A:FD:F9:7B:E1:12:3F:A7:A3:BA:93
-            X509v3 Authority Key Identifier: 
-                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
-                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
-                serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        8f:5f:0e:43:da:9d:61:43:7e:03:38:9a:e6:50:9d:42:e8:95:
-        34:49:75:ec:04:8d:5c:85:99:94:70:a0:e7:1f:1e:a0:8b:0f:
-        d6:e2:cb:f7:35:d9:96:72:bd:a6:e9:8d:4e:b1:e2:ac:97:7f:
-        2f:70:01:9d:aa:04:bc:d4:01:2b:63:77:a5:de:63:3c:a8:f5:
-        f2:72:af:ec:11:12:c0:d4:70:cf:71:a6:fb:e9:1d:b3:27:07:
-        aa:f2:b1:f3:87:d6:ab:8b:ce:c2:08:1b:3c:f9:ba:ff:77:71:
-        86:09:ef:9e:4e:04:06:63:44:e9:93:20:90:c7:2d:50:c6:50:
-        f8:66
------BEGIN CERTIFICATE-----
-MIID9TCCA16gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE5MzBaFw0xMjAxMTQw
-NTE5MzBaMIGHMQswCQYDVQQGEwJOWjERMA8GA1UEBxMIQXVja2xhbmQxDzANBgNV
-BAoTBk1vcmRvcjEZMBcGA1UECxMQU1NMIGdydW50IHRoaW5nczEWMBQGA1UEAxMN
-dHVuYWxhLWNsaWVudDEhMB8GCSqGSIb3DQEJARYSY2xpZW50QGZha2UuZG9tYWlu
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw01ZcyH/79JWdBIRPgreidVyB
-SIxWXVLuOOFcyJpwjnLyABwX79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnC
-D+BGL9vLn0f3Vuf4Fl9ocfs646vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovm
-BM+FeyqsoXl99JZudwIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglghkgBhvhC
-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPhD
-y09NT7xuUhr9+XvhEj+no7qTMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6V
-xCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3Rv
-bjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBB
-dXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQD
-ExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9t
-YWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAI9fDkPanWFDfgM4muZQnULolTRJdewE
-jVyFmZRwoOcfHqCLD9biy/c12ZZyvabpjU6x4qyXfy9wAZ2qBLzUAStjd6XeYzyo
-9fJyr+wREsDUcM9xpvvpHbMnB6rysfOH1quLzsIIGzz5uv93cYYJ755OBAZjROmT
-IJDHLVDGUPhm
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCw01ZcyH/79JWdBIRPgreidVyBSIxWXVLuOOFcyJpwjnLyABwX
-79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnCD+BGL9vLn0f3Vuf4Fl9ocfs6
-46vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovmBM+FeyqsoXl99JZudwIDAQAB
-AoGAU4chbqbPvkclPYzaq2yGLlneHrwUft+KwzlfS6L/QVgo+CQRIUWQmjaHpaGM
-YtjVFcg1S1QK1bUqZjTEZT0XKhfbYmqW8yYTfbcDEbnY7esoYlvIlW8qRlPRlTBE
-utKrtZafmVhLgoNawYGD0aLZofPqpYjbGUlrC7nrem2vNJECQQDVLD3Qb+OlEMET
-73ApnJhYsK3e+G2LTrtjrS8y5zS4+Xv61XUqvdV7ogzRl0tpvSAmMOItVyoYadkB
-S3xSIWX9AkEA1Fm1FhkQSZwGG5rf4c6gMN71jJ6JE3/kocdVa0sUjRevIupo4XQ2
-Vkykxi84MRP8cfHqyjewq7Ozv3op2MGWgwJBAKemsb66IJjzAkaBav7u70nhOf0/
-+Dc1Zl7QF2y7NVW8sGrnccx5m+ot2lMD4AV6/kvK6jaqdKrapBZGnbGiHqkCQQDI
-T1r33mqz1R8Z2S2Jtzz6/McKf930a/dC+GLGVEutkILf39lRmytKmv/wB0jtWtoO
-rlJ5sLDSNzC+1cE1u997AkEAu3IrtGmLKiuS6kDj6W47m+iiTIsuSJtTJb1SbUaK
-fIoBNFxbvJYW6rUU9+PxpMRaEhzh5s24/jBOE+mlb17mRQ==
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/tunala/A-server.pem b/crypto/openssl/demos/tunala/A-server.pem
deleted file mode 100644
index e9f37b1895b1..000000000000
--- a/crypto/openssl/demos/tunala/A-server.pem
+++ /dev/null
@@ -1,84 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
-        Validity
-            Not Before: Jan 16 05:14:06 2002 GMT
-            Not After : Jan 14 05:14:06 2012 GMT
-        Subject: C=NZ, L=Wellington, O=Middle Earth, OU=SSL dev things, CN=tunala-server/Email=server@fake.domain
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:a9:3e:62:87:97:13:6b:de:8f:bc:1d:0a:3f:65:
-                    0c:f9:76:a3:53:ce:97:30:27:0d:c6:df:72:1f:8d:
-                    5a:ce:58:23:6a:65:e5:e3:72:1a:8d:7f:fe:90:01:
-                    ea:42:f1:9f:6e:7b:0a:bd:eb:52:15:7b:f4:3d:9c:
-                    4e:db:74:29:2b:d1:81:9d:b9:9e:18:2b:87:e1:da:
-                    50:20:3c:59:6c:c9:83:3e:2c:11:0b:78:1e:03:f4:
-                    56:3a:db:95:6a:75:33:85:a9:7b:cc:3c:4a:67:96:
-                    f2:24:b2:a0:cb:2e:cc:52:18:16:6f:44:d9:29:64:
-                    07:2e:fb:56:cc:7c:dc:a2:d7
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                70:AC:7A:B5:6E:97:C2:82:AF:11:9E:32:CB:8D:48:49:93:B7:DC:22
-            X509v3 Authority Key Identifier: 
-                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
-                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
-                serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        2e:cb:a3:cd:6d:a8:9d:d1:dc:e5:f0:e0:27:7e:4b:5a:90:a8:
-        85:43:f0:05:f7:04:43:d7:5f:d1:a5:8f:5c:58:eb:fc:da:c6:
-        7c:e0:0b:2b:98:72:95:f6:79:48:96:7a:fa:0c:6b:09:ec:c6:
-        8c:91:74:45:9f:8f:0f:16:78:e3:66:14:fa:1e:f4:f0:23:ec:
-        cd:a9:52:77:20:4d:c5:05:2c:52:b6:7b:f3:42:33:fd:90:1f:
-        3e:88:6f:9b:23:61:c8:80:3b:e6:57:84:2e:f7:26:c7:35:ed:
-        00:8b:08:30:9b:aa:21:83:b6:6d:b8:7c:8a:9b:2a:ef:79:3d:
-        96:31
------BEGIN CERTIFICATE-----
-MIID+zCCA2SgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE0MDZaFw0xMjAxMTQw
-NTE0MDZaMIGNMQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjEVMBMG
-A1UEChMMTWlkZGxlIEVhcnRoMRcwFQYDVQQLEw5TU0wgZGV2IHRoaW5nczEWMBQG
-A1UEAxMNdHVuYWxhLXNlcnZlcjEhMB8GCSqGSIb3DQEJARYSc2VydmVyQGZha2Uu
-ZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpPmKHlxNr3o+8HQo/
-ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXjchqNf/6QAepC8Z9uewq961IVe/Q9nE7b
-dCkr0YGduZ4YK4fh2lAgPFlsyYM+LBELeB4D9FY625VqdTOFqXvMPEpnlvIksqDL
-LsxSGBZvRNkpZAcu+1bMfNyi1wIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglg
-hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O
-BBYEFHCserVul8KCrxGeMsuNSEmTt9wiMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzh
-RaHTCJ6VxCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2Vs
-bGluZ3RvbjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNh
-dGlvbiBBdXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkw
-FwYDVQQDExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZh
-a2UuZG9tYWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAC7Lo81tqJ3R3OXw4Cd+S1qQ
-qIVD8AX3BEPXX9Glj1xY6/zaxnzgCyuYcpX2eUiWevoMawnsxoyRdEWfjw8WeONm
-FPoe9PAj7M2pUncgTcUFLFK2e/NCM/2QHz6Ib5sjYciAO+ZXhC73Jsc17QCLCDCb
-qiGDtm24fIqbKu95PZYx
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCpPmKHlxNr3o+8HQo/ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXj
-chqNf/6QAepC8Z9uewq961IVe/Q9nE7bdCkr0YGduZ4YK4fh2lAgPFlsyYM+LBEL
-eB4D9FY625VqdTOFqXvMPEpnlvIksqDLLsxSGBZvRNkpZAcu+1bMfNyi1wIDAQAB
-AoGANCwqHZhiAU/TyW6+WPqivEhpYw19p/dyFMuPF9DwnEmpaUROUQY8z0AUznn4
-qHhp6Jn/nrprTHowucl0ucweYIYVxZoUiUDFpxdFUbzMdFvo6HcyV1Pe4Rt81HaY
-KYWrTZ6PaPtN65hLms8NhPEdGcGAFlY1owYv4QNGq2bU1JECQQDd32LM0NSfyGmK
-4ziajqGcvzK9NO2XyV/nJsGlJZNgMh2zm1t7yR28l/6Q2uyU49cCN+2aYULZCAfs
-taNvxBspAkEAw0alNub+xj2AVQvaxOB1sGfKzsJjHCzKIxUXn/tJi3j0+2asmkBZ
-Umx1MWr9jKQBnCMciCRUbnMEZiElOxCN/wJAfAeQl6Z19gx206lJzzzEo3dOye54
-k02DSxijT8q9pBzf9bN3ZK987BybtiZr8p+bZiYVsSOF1wViSLURdD1QYQJAIaMU
-qH1n24wShBPTrmAfxbBLTgxL+Dl65Eoo1KT7iSvfv0JzbuqwuDL4iPeuD0DdCiE+
-M/FWHeRwGIuTFzaFzwJBANKwx0jZS/h093w9g0Clw6UzeA1P5VcAt9y+qMC9hO3c
-4KXwIxQAt9yRaFLpiIR9do5bjjKNnMguf3aO/XRSDQM=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/demos/tunala/CA.pem b/crypto/openssl/demos/tunala/CA.pem
deleted file mode 100644
index 7a55b5463ef3..000000000000
--- a/crypto/openssl/demos/tunala/CA.pem
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCA2CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTA5NTlaFw0xMjAxMTQw
-NTA5NTlaMIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoG
-A1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3Jp
-dHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNr
-b3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluMIGf
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7QdDfFIrJn3X24hKmpkyk3TG0Ivxd
-K2wWmDPXq1wjr8lUTwrA6hM5Ba9N36jLieWpXhviLOWu9DBza5GmtgCuXloATKTC
-94xOdKHlciTVujG3wDlLDB5e710Kar84nnj6VueL1RyZ0bmP5PANa4mbGW9Tqc7J
-CkBTTW2y9d0SgQIDAQABo4IBFTCCAREwHQYDVR0OBBYEFEn7RXISxMzhRaHTCJ6V
-xCxtVT8XMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6VxCxtVT8XoYG6pIG3
-MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoGA1UEChMz
-UmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3JpdHkgKFJJ
-QUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNrb3YgYWwt
-VHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluggEAMAwGA1Ud
-EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYQo95V/NY+eKxYxkhibZiUQygph+
-gTfgbDG20MsnH6+8//w5ArHauFCgDrf0P2VyACgq+N4pBTWFGaAaLwbjKy9HCe2E
-j9C91tO1CqDS4MJkDB5AP13FTkK6fP1ZCiTQranOAp3DlGWTTWsFVyW5kVfQ9diS
-ZOyJZ9Fit5XM2X0=
------END CERTIFICATE-----
diff --git a/crypto/openssl/demos/tunala/INSTALL b/crypto/openssl/demos/tunala/INSTALL
deleted file mode 100644
index a65bbeb8d11b..000000000000
--- a/crypto/openssl/demos/tunala/INSTALL
+++ /dev/null
@@ -1,107 +0,0 @@
-There are two ways to build this code;
-
-(1) Manually
-
-(2) Using all-singing all-dancing (all-confusing) autotools, ie. autoconf,
-automake, and their little friends (autoheader, etc).
-
-=================
-Building Manually
-=================
-
-There is a basic "Makefile" in this directory that gets moved out of the way and
-ignored when building with autoconf et al. This Makefile is suitable for
-building tunala on Linux using gcc. Any other platform probably requires some
-tweaking. Here are the various bits you might need to do if you want to build
-this way and the default Makefile isn't sufficient;
-
-* Compiler: Edit the "CC" definition in Makefile
-
-* Headers, features: tunala.h controls what happens in the non-autoconf world.
-  It, by default, assumes the system has *everything* (except autoconf's
-  "config.h") so if a target system is missing something it must define the
-  appropriate "NO_***" symbols in CFLAGS. These include;
-
-  - NO_HAVE_UNISTD_H, NO_HAVE_FCNTL_H, NO_HAVE_LIMITS_H
-    Indicates the compiling system doesn't have (or need) these header files.
-  - NO_HAVE_STRSTR, NO_HAVE_STRTOUL
-    Indicates the compiling system doesn't have these functions. Replacements
-    are compiled and used in breakage.c
-  - NO_HAVE_SELECT, NO_HAVE_SOCKET
-    Pointless symbols - these indicate select() and/or socket() are missing in
-    which case the program won't compile anyway.
-
-  If you want to specify any of these, add them with "-D" prefixed to each in
-  the CFLAGS definition in Makefile.
-
-* Compilation flags: edit DEBUG_FLAGS and/or CFLAGS directly to control the
-  flags passed to the compiler. This can also be used to change the degree of
-  optimisation.
-
-* Linker flags: some systems (eg. Solaris) require extra linker flags such as;
-  -ldl, -lsocket, -lnsl, etc. If unsure, bring up the man page for whichever
-  function is "undefined" when the linker fails - that usually indicates what
-  you need to add. Make changes to the LINK_FLAGS symbol.
-
-* Linker command: if a different linker syntax or even a different program is
-  required to link, edit the linker line directly in the "tunala:" target
-  definition - it currently assumes the "CC" (compiler) program is used to link.
-
-======================
-Building Automagically
-======================
-
-Automagic building is handled courtesy of autoconf, automake, etc. There are in
-fact two steps required to build, and only the first has to be done on a system
-with these tools installed (and if I was prepared to bloat out the CVS
-repository, I could store these extra files, but I'm not).
-
-First step: "autogunk.sh"
--------------------------
-
-The "./autogunk.sh" script will call all the necessary autotool commands to
-create missing files and run automake and autoconf. The result is that a
-"./configure" script should be generated and a "Makefile.in" generated from the
-supplied "Makefile.am". NB: This script also moves the "manual" Makefile (see
-above) out of the way and calls it "Makefile.plain" - the "ungunk" script
-reverses this to leave the directory it was previously.
-
-Once "ungunk" has been run, the resulting directory should be able to build on
-other systems without autoconf, automake, or libtool. Which is what the second
-step describes;
-
-Second step: "./configure"
---------------------------
-
-The second step is to run the generated "./configure" script to create a
-config.h header for your system and to generate a "Makefile" (generated from
-"Makefile.in") tweaked to compile on your system. This is the standard sort of
-thing you see in GNU packages, for example, and the standard tricks also work.
-Eg. to override "configure"'s choice of compiler, set the CC environment
-variable prior to running configure, eg.
-
-    CC=gcc ./configure
-
-would cause "gcc" to be used even if there is an otherwise preferable (to
-autoconf) native compiler on your system.
-
-After this run "make" and it should build the "tunala" executable.
-
-Notes
------
-
-- Some versions of autoconf (or automake?) generate a Makefile syntax that gives
-  trouble to some "make" programs on some systems (eg. OpenBSD). If this
-  happens, either build 'Manually' (see above) or use "gmake" instead of "make".
-  I don't like this either but like even less the idea of sifting into all the
-  script magic crud that's involved.
-
-- On a solaris system I tried, the "configure" script specified some broken
-  compiler flags in the resulting Makefile that don't even get echoed to
-  stdout/err when the error happens (evil!). If this happens, go into the
-  generated Makefile, find the two affected targets ("%.o:" and "%.lo"), and
-  remove the offending hidden option in the $(COMPILE) line all the sludge after
-  the two first lines of script (ie. after the "echo" and the "COMPILE" lines).
-  NB: This will probably only function if "--disable-shared" was used, otherwise
-  who knows what would result ...
-
diff --git a/crypto/openssl/demos/tunala/Makefile b/crypto/openssl/demos/tunala/Makefile
deleted file mode 100644
index bef1704a3caa..000000000000
--- a/crypto/openssl/demos/tunala/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-# Edit these to suit
-#
-# Oh yeah, and please read the README too.
-
-
-SSL_HOMEDIR=../..
-SSL_INCLUDEDIR=$(SSL_HOMEDIR)/include
-SSL_LIBDIR=$(SSL_HOMEDIR)
-
-RM=rm -f
-CC=gcc
-DEBUG_FLAGS=-g -ggdb3 -Wall -Wshadow
-INCLUDE_FLAGS=-I$(SSL_INCLUDEDIR)
-CFLAGS=$(DEBUG_FLAGS) $(INCLUDE_FLAGS) -DNO_CONFIG_H
-COMPILE=$(CC) $(CFLAGS) -c
-
-# Edit, particularly the "-ldl" if not building with "dlfcn" support
-LINK_FLAGS=-L$(SSL_LIBDIR) -lssl -lcrypto -ldl
-
-SRCS=buffer.c cb.c ip.c sm.c tunala.c breakage.c
-OBJS=buffer.o cb.o ip.o sm.o tunala.o breakage.o
-
-TARGETS=tunala
-
-default: $(TARGETS)
-
-clean:
-	$(RM) $(OBJS) $(TARGETS) *.bak core
-
-.c.o:
-	$(COMPILE) $<
-
-tunala: $(OBJS)
-	$(CC) -o tunala $(OBJS) $(LINK_FLAGS)
-
-# Extra dependencies, should really use makedepend
-buffer.o: buffer.c tunala.h
-cb.o: cb.c tunala.h
-ip.o: ip.c tunala.h
-sm.o: sm.c tunala.h
-tunala.o: tunala.c tunala.h
diff --git a/crypto/openssl/demos/tunala/Makefile.am b/crypto/openssl/demos/tunala/Makefile.am
deleted file mode 100644
index 706c7806c9d9..000000000000
--- a/crypto/openssl/demos/tunala/Makefile.am
+++ /dev/null
@@ -1,7 +0,0 @@
-# Our includes come from the OpenSSL build-tree we're in
-INCLUDES		= -I$(top_builddir)/../../include
-
-bin_PROGRAMS		= tunala
-
-tunala_SOURCES		= tunala.c buffer.c cb.c ip.c sm.c breakage.c
-tunala_LDADD		= -L$(top_builddir)/../.. -lssl -lcrypto
diff --git a/crypto/openssl/demos/tunala/README b/crypto/openssl/demos/tunala/README
deleted file mode 100644
index 15690088f335..000000000000
--- a/crypto/openssl/demos/tunala/README
+++ /dev/null
@@ -1,233 +0,0 @@
-This is intended to be an example of a state-machine driven SSL application. It
-acts as an SSL tunneler (functioning as either the server or client half,
-depending on command-line arguments). *PLEASE* read the comments in tunala.h
-before you treat this stuff as anything more than a curiosity - YOU HAVE BEEN
-WARNED!! There, that's the draconian bit out of the way ...
-
-
-Why "tunala"??
---------------
-
-I thought I asked you to read tunala.h?? :-)
-
-
-Show me
--------
-
-If you want to simply see it running, skip to the end and see some example
-command-line arguments to demonstrate with.
-
-
-Where to look and what to do?
------------------------------
-
-The code is split up roughly coinciding with the detaching of an "abstract" SSL
-state machine (which is the purpose of all this) and its surrounding application
-specifics. This is primarily to make it possible for me to know when I could cut
-corners and when I needed to be rigorous (or at least maintain the pretense as
-such :-).
-
-Network stuff:
-
-Basically, the network part of all this is what is supposed to be abstracted out
-of the way. The intention is to illustrate one way to stick OpenSSL's mechanisms
-inside a little memory-driven sandbox and operate it like a pure state-machine.
-So, the network code is inside both ip.c (general utility functions and gory
-IPv4 details) and tunala.c itself, which takes care of application specifics
-like the main select() loop. The connectivity between the specifics of this
-application (TCP/IP tunneling and the associated network code) and the
-underlying abstract SSL state machine stuff is through the use of the "buffer_t"
-type, declared in tunala.h and implemented in buffer.c.
-
-State machine:
-
-Which leaves us, generally speaking, with the abstract "state machine" code left
-over and this is sitting inside sm.c, with declarations inside tunala.h. As can
-be seen by the definition of the state_machine_t structure and the associated
-functions to manipulate it, there are the 3 OpenSSL "handles" plus 4 buffer_t
-structures dealing with IO on both the encrypted and unencrypted sides ("dirty"
-and "clean" respectively). The "SSL" handle is what facilitates the reading and
-writing of the unencrypted (tunneled) data. The two "BIO" handles act as the
-read and write channels for encrypted tunnel traffic - in other applications
-these are often socket BIOs so that the OpenSSL framework operates with the
-network layer directly. In this example, those two BIOs are memory BIOs
-(BIO_s_mem()) so that the sending and receiving of the tunnel traffic stays
-within the state-machine, and we can handle where this gets send to (or read
-from) ourselves.
-
-
-Why?
-----
-
-If you take a look at the "state_machine_t" section of tunala.h and the code in
-sm.c, you will notice that nothing related to the concept of 'transport' is
-involved. The binding to TCP/IP networking occurs in tunala.c, specifically
-within the "tunala_item_t" structure that associates a state_machine_t object
-with 4 file-descriptors. The way to best see where the bridge between the
-outside world (TCP/IP reads, writes, select()s, file-descriptors, etc) and the
-state machine is, is to examine the "tunala_item_io()" function in tunala.c.
-This is currently around lines 641-732 but of course could be subject to change.
-
-
-And...?
--------
-
-Well, although that function is around 90 lines of code, it could easily have
-been a lot less only I was trying to address an easily missed "gotcha" (item (2)
-below). The main() code that drives the select/accept/IO loop initialises new
-tunala_item_t structures when connections arrive, and works out which
-file-descriptors go where depending on whether we're an SSL client or server
-(client --> accepted connection is clean and proxied is dirty, server -->
-accepted connection is dirty and proxied is clean). What that tunala_item_io()
-function is attempting to do is 2 things;
-
-  (1) Perform all reads and writes on the network directly into the
-      state_machine_t's buffers (based on a previous select() result), and only
-      then allow the abstact state_machine_t to "churn()" using those buffers.
-      This will cause the SSL machine to consume as much input data from the two
-      "IN" buffers as possible, and generate as much output data into the two
-      "OUT" buffers as possible. Back up in the main() function, the next main
-      loop loop will examine these output buffers and select() for writability
-      on the corresponding sockets if the buffers are non-empty.
-
-  (2) Handle the complicated tunneling-specific issue of cascading "close"s.
-      This is the reason for most of the complexity in the logic - if one side
-      of the tunnel is closed, you can't simply close the other side and throw
-      away the whole thing - (a) there may still be outgoing data on the other
-      side of the tunnel that hasn't been sent yet, (b) the close (or things
-      happening during the close) may cause more data to be generated that needs
-      sending on the other side. Of course, this logic is complicated yet futher
-      by the fact that it's different depending on which side closes first :-)
-      state_machine_close_clean() will indicate to the state machine that the
-      unencrypted side of the tunnel has closed, so any existing outgoing data
-      needs to be flushed, and the SSL stream needs to be closed down using the
-      appropriate shutdown sequence. state_machine_close_dirty() is simpler
-      because it indicates that the SSL stream has been disconnected, so all
-      that remains before closing the other side is to flush out anything that
-      remains and wait for it to all be sent.
-
-Anyway, with those things in mind, the code should be a little easier to follow
-in terms of "what is *this* bit supposed to achieve??!!".
-
-
-How might this help?
---------------------
-
-Well, the reason I wrote this is that there seemed to be rather a flood of
-questions of late on the openssl-dev and openssl-users lists about getting this
-whole IO logic thing sorted out, particularly by those who were trying to either
-use non-blocking IO, or wanted SSL in an environment where "something else" was
-handling the network already and they needed to operate in memory only. This
-code is loosely based on some other stuff I've been working on, although that
-stuff is far more complete, far more dependant on a whole slew of other
-network/framework code I don't want to incorporate here, and far harder to look
-at for 5 minutes and follow where everything is going. I will be trying over
-time to suck in a few things from that into this demo in the hopes it might be
-more useful, and maybe to even make this demo usable as a utility of its own.
-Possible things include:
-
-  * controlling multiple processes/threads - this can be used to combat
-    latencies and get passed file-descriptor limits on some systems, and it uses
-    a "controller" process/thread that maintains IPC links with the
-    processes/threads doing the real work.
-
-  * cert verification rules - having some say over which certs get in or out :-)
-
-  * control over SSL protocols and cipher suites
-
-  * A few other things you can already do in s_client and s_server :-)
-
-  * Support (and control over) session resuming, particularly when functioning
-    as an SSL client.
-
-If you have a particular environment where this model might work to let you "do
-SSL" without having OpenSSL be aware of the transport, then you should find you
-could use the state_machine_t structure (or your own variant thereof) and hook
-it up to your transport stuff in much the way tunala.c matches it up with those
-4 file-descriptors. The state_machine_churn(), state_machine_close_clean(), and
-state_machine_close_dirty() functions are the main things to understand - after
-that's done, you just have to ensure you're feeding and bleeding the 4
-state_machine buffers in a logical fashion. This state_machine loop handles not
-only handshakes and normal streaming, but also renegotiates - there's no special
-handling required beyond keeping an eye on those 4 buffers and keeping them in
-sync with your outer "loop" logic. Ie. if one of the OUT buffers is not empty,
-you need to find an opportunity to try and forward its data on. If one of the IN
-buffers is not full, you should keep an eye out for data arriving that should be
-placed there.
-
-This approach could hopefully also allow you to run the SSL protocol in very
-different environments. As an example, you could support encrypted event-driven
-IPC where threads/processes pass messages to each other inside an SSL layer;
-each IPC-message's payload would be in fact the "dirty" content, and the "clean"
-payload coming out of the tunnel at each end would be the real intended message.
-Likewise, this could *easily* be made to work across unix domain sockets, or
-even entirely different network/comms protocols.
-
-This is also a quick and easy way to do VPN if you (and the remote network's
-gateway) support virtual network devices that are encapsulted in a single
-network connection, perhaps PPP going through an SSL tunnel?
-
-
-Suggestions
------------
-
-Please let me know if you find this useful, or if there's anything wrong or
-simply too confusing about it. Patches are also welcome, but please attach a
-description of what it changes and why, and "diff -urN" format is preferred.
-Mail to geoff@openssl.org should do the trick.
-
-
-Example
--------
-
-Here is an example of how to use "tunala" ...
-
-First, it's assumed that OpenSSL has already built, and that you are building
-inside the ./demos/tunala/ directory. If not - please correct the paths and
-flags inside the Makefile. Likewise, if you want to tweak the building, it's
-best to try and do so in the makefile (eg. removing the debug flags and adding
-optimisation flags).
-
-Secondly, this code has mostly only been tested on Linux. However, some
-autoconf/etc support has been added and the code has been compiled on openbsd
-and solaris using that.
-
-Thirdly, if you are Win32, you probably need to do some *major* rewriting of
-ip.c to stand a hope in hell. Good luck, and please mail me the diff if you do
-this, otherwise I will take a look at another time. It can certainly be done,
-but it's very non-POSIXy.
-
-See the INSTALL document for details on building.
-
-Now, if you don't have an executable "tunala" compiled, go back to "First,...".
-Rinse and repeat.
-
-Inside one console, try typing;
-
-(i)  ./tunala -listen localhost:8080 -proxy localhost:8081 -cacert CA.pem \
-              -cert A-client.pem -out_totals -v_peer -v_strict
-
-In another console, type;
-
-(ii) ./tunala -listen localhost:8081 -proxy localhost:23 -cacert CA.pem \
-              -cert A-server.pem -server 1 -out_totals -v_peer -v_strict
-
-Now if you open another console and "telnet localhost 8080", you should be
-tunneled through to the telnet service on your local machine (if it's running -
-you could change it to port "22" and tunnel ssh instead if you so desired). When
-you logout of the telnet session, the tunnel should cleanly shutdown and show
-you some traffic stats in both consoles. Feel free to experiment. :-)
-
-Notes:
-
- - the format for the "-listen" argument can skip the host part (eg. "-listen
-   8080" is fine). If you do, the listening socket will listen on all interfaces
-   so you can connect from other machines for example. Using the "localhost"
-   form listens only on 127.0.0.1 so you can only connect locally (unless, of
-   course, you've set up weird stuff with your networking in which case probably
-   none of the above applies).
-
- - ./tunala -? gives you a list of other command-line options, but tunala.c is
-   also a good place to look :-)
-
-
diff --git a/crypto/openssl/demos/tunala/autogunk.sh b/crypto/openssl/demos/tunala/autogunk.sh
deleted file mode 100755
index c9783c6261c3..000000000000
--- a/crypto/openssl/demos/tunala/autogunk.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/sh
-
-# This script tries to follow the "GNU way" w.r.t. the autobits.
-# This does of course generate a number of irritating files.
-# Try to get over it (I am getting there myself).
-
-# This should generate any missing crud, and then run autoconf which should turn
-# configure.in into a "./configure" script and "Makefile.am" into a
-# "Makefile.in". Then running "./configure" should turn "Makefile.in" into
-# "Makefile" and should generate the config.h containing your systems various
-# settings. I know ... what a hassle ...
-
-# Also, sometimes these autobits things generate bizarre output (looking like
-# errors). So I direct everything "elsewhere" ...
-
-(aclocal
-autoheader
-libtoolize --copy --force
-automake --foreign --add-missing --copy
-autoconf) 1> /dev/null 2>&1
-
-# Move the "no-autotools" Makefile out of the way
-if test ! -f Makefile.plain; then
-	mv Makefile Makefile.plain
-fi
diff --git a/crypto/openssl/demos/tunala/autoungunk.sh b/crypto/openssl/demos/tunala/autoungunk.sh
deleted file mode 100755
index 14d10790fd87..000000000000
--- a/crypto/openssl/demos/tunala/autoungunk.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-# This script tries to clean up as much as is possible from whatever diabolical
-# mess has been left in the directory thanks to autoconf, automake, and their
-# friends.
-
-if test -f Makefile; then
-	make distclean
-	rm -f Makefile
-fi
-
-if test -f Makefile.plain; then
-	mv Makefile.plain Makefile
-fi
-
-rm -f aclocal.m4 config.* configure install-sh \
-	missing mkinstalldirs stamp-h.* Makefile.in \
-	ltconfig ltmain.sh
diff --git a/crypto/openssl/demos/tunala/breakage.c b/crypto/openssl/demos/tunala/breakage.c
deleted file mode 100644
index dcdd64b0ef18..000000000000
--- a/crypto/openssl/demos/tunala/breakage.c
+++ /dev/null
@@ -1,66 +0,0 @@
-#include "tunala.h"
-
-int int_strtoul(const char *str, unsigned long *val)
-{
-#ifdef HAVE_STRTOUL
-	char *tmp;
-	unsigned long ret = strtoul(str, &tmp, 10);
-	if((str == tmp) || (*tmp != '\0'))
-		/* The value didn't parse cleanly */
-		return 0;
-	if(ret == ULONG_MAX)
-		/* We hit a limit */
-		return 0;
-	*val = ret;
-	return 1;
-#else
-	char buf[2];
-	unsigned long ret = 0;
-	buf[1] = '\0';
-	if(str == '\0')
-		/* An empty string ... */
-		return 0;
-	while(*str != '\0') {
-		/* We have to multiply 'ret' by 10 before absorbing the next
-		 * digit. If this will overflow, catch it now. */
-		if(ret && (((ULONG_MAX + 10) / ret) < 10))
-			return 0;
-		ret *= 10;
-		if(!isdigit(*str))
-			return 0;
-		buf[0] = *str;
-		ret += atoi(buf);
-		str++;
-	}
-	*val = ret;
-	return 1;
-#endif
-}
-
-#ifndef HAVE_STRSTR
-char *int_strstr(const char *haystack, const char *needle)
-{
-	const char *sub_haystack = haystack, *sub_needle = needle;
-	unsigned int offset = 0;
-	if(!needle)
-		return haystack;
-	if(!haystack)
-		return NULL;
-	while((*sub_haystack != '\0') && (*sub_needle != '\0')) {
-		if(sub_haystack[offset] == sub_needle) {
-			/* sub_haystack is still a candidate */
-			offset++;
-			sub_needle++;
-		} else {
-			/* sub_haystack is no longer a possibility */
-			sub_haystack++;
-			offset = 0;
-			sub_needle = needle;
-		}
-	}
-	if(*sub_haystack == '\0')
-		/* Found nothing */
-		return NULL;
-	return sub_haystack;
-}
-#endif
diff --git a/crypto/openssl/demos/tunala/buffer.c b/crypto/openssl/demos/tunala/buffer.c
deleted file mode 100644
index c5cd004209ad..000000000000
--- a/crypto/openssl/demos/tunala/buffer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-#include "tunala.h"
-
-#ifndef NO_BUFFER
-
-void buffer_init(buffer_t *buf)
-{
-	buf->used = 0;
-	buf->total_in = buf->total_out = 0;
-}
-
-void buffer_close(buffer_t *buf)
-{
-	/* Our data is static - nothing needs "release", just reset it */
-	buf->used = 0;
-}
-
-/* Code these simple ones in compact form */
-unsigned int buffer_used(buffer_t *buf) {
-	return buf->used; }
-unsigned int buffer_unused(buffer_t *buf) {
-	return (MAX_DATA_SIZE - buf->used); }
-int buffer_full(buffer_t *buf) {
-	return (buf->used == MAX_DATA_SIZE ? 1 : 0); }
-int buffer_notfull(buffer_t *buf) {
-	return (buf->used < MAX_DATA_SIZE ? 1 : 0); }
-int buffer_empty(buffer_t *buf) {
-	return (buf->used == 0 ? 1 : 0); }
-int buffer_notempty(buffer_t *buf) {
-	return (buf->used > 0 ? 1 : 0); }
-unsigned long buffer_total_in(buffer_t *buf) {
-	return buf->total_in; }
-unsigned long buffer_total_out(buffer_t *buf) {
-	return buf->total_out; }
-
-/* These 3 static (internal) functions don't adjust the "total" variables as
- * it's not sure when they're called how it should be interpreted. Only the
- * higher-level "buffer_[to|from]_[fd|SSL|BIO]" functions should alter these
- * values. */
-#if 0 /* To avoid "unused" warnings */
-static unsigned int buffer_adddata(buffer_t *buf, const unsigned char *ptr,
-		unsigned int size)
-{
-	unsigned int added = MAX_DATA_SIZE - buf->used;
-	if(added > size)
-		added = size;
-	if(added == 0)
-		return 0;
-	memcpy(buf->data + buf->used, ptr, added);
-	buf->used += added;
-	buf->total_in += added;
-	return added;
-}
-
-static unsigned int buffer_tobuffer(buffer_t *to, buffer_t *from, int cap)
-{
-	unsigned int moved, tomove = from->used;
-	if((int)tomove > cap)
-		tomove = cap;
-	if(tomove == 0)
-		return 0;
-	moved = buffer_adddata(to, from->data, tomove);
-	if(moved == 0)
-		return 0;
-	buffer_takedata(from, NULL, moved);
-	return moved;
-}
-#endif
-
-static unsigned int buffer_takedata(buffer_t *buf, unsigned char *ptr,
-		unsigned int size)
-{
-	unsigned int taken = buf->used;
-	if(taken > size)
-		taken = size;
-	if(taken == 0)
-		return 0;
-	if(ptr)
-		memcpy(ptr, buf->data, taken);
-	buf->used -= taken;
-	/* Do we have to scroll? */
-	if(buf->used > 0)
-		memmove(buf->data, buf->data + taken, buf->used);
-	return taken;
-}
-
-#ifndef NO_IP
-
-int buffer_from_fd(buffer_t *buf, int fd)
-{
-	int toread = buffer_unused(buf);
-	if(toread == 0)
-		/* Shouldn't be called in this case! */
-		abort();
-	toread = read(fd, buf->data + buf->used, toread);
-	if(toread > 0) {
-		buf->used += toread;
-		buf->total_in += toread;
-	}
-	return toread;
-}
-
-int buffer_to_fd(buffer_t *buf, int fd)
-{
-	int towrite = buffer_used(buf);
-	if(towrite == 0)
-		/* Shouldn't be called in this case! */
-		abort();
-	towrite = write(fd, buf->data, towrite);
-	if(towrite > 0) {
-		buffer_takedata(buf, NULL, towrite);
-		buf->total_out += towrite;
-	}
-	return towrite;
-}
-
-#endif /* !defined(NO_IP) */
-
-#ifndef NO_OPENSSL
-
-static void int_ssl_check(SSL *s, int ret)
-{
-	int e = SSL_get_error(s, ret);
-	switch(e) {
-		/* These seem to be harmless and already "dealt with" by our
-		 * non-blocking environment. NB: "ZERO_RETURN" is the clean
-		 * "error" indicating a successfully closed SSL tunnel. We let
-		 * this happen because our IO loop should not appear to have
-		 * broken on this condition - and outside the IO loop, the
-		 * "shutdown" state is checked. */
-	case SSL_ERROR_NONE:
-	case SSL_ERROR_WANT_READ:
-	case SSL_ERROR_WANT_WRITE:
-	case SSL_ERROR_WANT_X509_LOOKUP:
-	case SSL_ERROR_ZERO_RETURN:
-		return;
-		/* These seem to be indications of a genuine error that should
-		 * result in the SSL tunnel being regarded as "dead". */
-	case SSL_ERROR_SYSCALL:
-	case SSL_ERROR_SSL:
-		SSL_set_app_data(s, (char *)1);
-		return;
-	default:
-		break;
-	}
-	/* For any other errors that (a) exist, and (b) crop up - we need to
-	 * interpret what to do with them - so "politely inform" the caller that
-	 * the code needs updating here. */
-	abort();
-}
-
-void buffer_from_SSL(buffer_t *buf, SSL *ssl)
-{
-	int ret;
-	if(!ssl || buffer_full(buf))
-		return;
-	ret = SSL_read(ssl, buf->data + buf->used, buffer_unused(buf));
-	if(ret > 0) {
-		buf->used += ret;
-		buf->total_in += ret;
-	}
-	if(ret < 0)
-		int_ssl_check(ssl, ret);
-}
-
-void buffer_to_SSL(buffer_t *buf, SSL *ssl)
-{
-	int ret;
-	if(!ssl || buffer_empty(buf))
-		return;
-	ret = SSL_write(ssl, buf->data, buf->used);
-	if(ret > 0) {
-		buffer_takedata(buf, NULL, ret);
-		buf->total_out += ret;
-	}
-	if(ret < 0)
-		int_ssl_check(ssl, ret);
-}
-
-void buffer_from_BIO(buffer_t *buf, BIO *bio)
-{
-	int ret;
-	if(!bio || buffer_full(buf))
-		return;
-	ret = BIO_read(bio, buf->data + buf->used, buffer_unused(buf));
-	if(ret > 0) {
-		buf->used += ret;
-		buf->total_in += ret;
-	}
-}
-
-void buffer_to_BIO(buffer_t *buf, BIO *bio)
-{
-	int ret;
-	if(!bio || buffer_empty(buf))
-		return;
-	ret = BIO_write(bio, buf->data, buf->used);
-	if(ret > 0) {
-		buffer_takedata(buf, NULL, ret);
-		buf->total_out += ret;
-	}
-}
-
-#endif /* !defined(NO_OPENSSL) */
-
-#endif /* !defined(NO_BUFFER) */
diff --git a/crypto/openssl/demos/tunala/cb.c b/crypto/openssl/demos/tunala/cb.c
deleted file mode 100644
index cd32f74c70a2..000000000000
--- a/crypto/openssl/demos/tunala/cb.c
+++ /dev/null
@@ -1,133 +0,0 @@
-#include "tunala.h"
-
-#ifndef NO_OPENSSL
-
-/* For callbacks generating output, here are their file-descriptors. */
-static FILE *fp_cb_ssl_info = NULL;
-static FILE *fp_cb_ssl_verify = NULL;
-/* Output level:
- *     0 = nothing,
- *     1 = minimal, just errors,
- *     2 = minimal, all steps,
- *     3 = detail, all steps */
-static unsigned int cb_ssl_verify_level = 1;
-
-/* Other static rubbish (to mirror s_cb.c where required) */
-static int int_verify_depth = 10;
-
-/* This function is largely borrowed from the one used in OpenSSL's "s_client"
- * and "s_server" utilities. */
-void cb_ssl_info(const SSL *s, int where, int ret)
-{
-	const char *str1, *str2;
-	int w;
-
-	if(!fp_cb_ssl_info)
-		return;
-
-	w = where & ~SSL_ST_MASK;
-	str1 = (w & SSL_ST_CONNECT ? "SSL_connect" : (w & SSL_ST_ACCEPT ?
-				"SSL_accept" : "undefined")),
-	str2 = SSL_state_string_long(s);
-
-	if (where & SSL_CB_LOOP)
-		fprintf(fp_cb_ssl_info, "(%s) %s\n", str1, str2);
-	else if (where & SSL_CB_EXIT) {
-		if (ret == 0)
-			fprintf(fp_cb_ssl_info, "(%s) failed in %s\n", str1, str2);
-/* In a non-blocking model, we get a few of these "error"s simply because we're
- * calling "reads" and "writes" on the state-machine that are virtual NOPs
- * simply to avoid wasting the time seeing if we *should* call them. Removing
- * this case makes the "-out_state" output a lot easier on the eye. */
-#if 0
-		else if (ret < 0)
-			fprintf(fp_cb_ssl_info, "%s:error in %s\n", str1, str2);
-#endif
-	}
-}
-
-void cb_ssl_info_set_output(FILE *fp)
-{
-	fp_cb_ssl_info = fp;
-}
-
-static const char *int_reason_no_issuer = "X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT";
-static const char *int_reason_not_yet = "X509_V_ERR_CERT_NOT_YET_VALID";
-static const char *int_reason_before = "X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD";
-static const char *int_reason_expired = "X509_V_ERR_CERT_HAS_EXPIRED";
-static const char *int_reason_after = "X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD";
-
-/* Stolen wholesale from apps/s_cb.c :-) And since then, mutilated ... */
-int cb_ssl_verify(int ok, X509_STORE_CTX *ctx)
-{
-	char buf1[256]; /* Used for the subject name */
-	char buf2[256]; /* Used for the issuer name */
-	const char *reason = NULL; /* Error reason (if any) */
-	X509 *err_cert;
-	int err, depth;
-
-	if(!fp_cb_ssl_verify || (cb_ssl_verify_level == 0))
-		return ok;
-	err_cert = X509_STORE_CTX_get_current_cert(ctx);
-	err = X509_STORE_CTX_get_error(ctx);
-	depth = X509_STORE_CTX_get_error_depth(ctx);
-
-	buf1[0] = buf2[0] = '\0';
-	/* Fill buf1 */
-	X509_NAME_oneline(X509_get_subject_name(err_cert), buf1, 256);
-	/* Fill buf2 */
-	X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf2, 256);
-	switch (ctx->error) {
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		reason = int_reason_no_issuer;
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-		reason = int_reason_not_yet;
-		break;
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		reason = int_reason_before;
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-		reason = int_reason_expired;
-		break;
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		reason = int_reason_after;
-		break;
-	}
-
-	if((cb_ssl_verify_level == 1) && ok)
-		return ok;
-	fprintf(fp_cb_ssl_verify, "chain-depth=%d, ", depth);
-	if(reason)
-		fprintf(fp_cb_ssl_verify, "error=%s\n", reason);
-	else
-		fprintf(fp_cb_ssl_verify, "error=%d\n", err);
-	if(cb_ssl_verify_level < 3)
-		return ok;
-	fprintf(fp_cb_ssl_verify, "--> subject = %s\n", buf1);
-	fprintf(fp_cb_ssl_verify, "--> issuer  = %s\n", buf2);
-	if(!ok)
-		fprintf(fp_cb_ssl_verify,"--> verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-	fprintf(fp_cb_ssl_verify, "--> verify return:%d\n",ok);
-	return ok;
-}
-
-void cb_ssl_verify_set_output(FILE *fp)
-{
-	fp_cb_ssl_verify = fp;
-}
-
-void cb_ssl_verify_set_depth(unsigned int verify_depth)
-{
-	int_verify_depth = verify_depth;
-}
-
-void cb_ssl_verify_set_level(unsigned int level)
-{
-	if(level < 4)
-		cb_ssl_verify_level = level;
-}
-
-#endif /* !defined(NO_OPENSSL) */
-
diff --git a/crypto/openssl/demos/tunala/configure.in b/crypto/openssl/demos/tunala/configure.in
deleted file mode 100644
index b2a6ffc756b3..000000000000
--- a/crypto/openssl/demos/tunala/configure.in
+++ /dev/null
@@ -1,28 +0,0 @@
-dnl Process this file with autoconf to produce a configure script.
-AC_INIT(tunala.c)
-AM_CONFIG_HEADER(config.h)
-AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
-
-dnl Checks for programs. (Though skip libtool)
-AC_PROG_CC
-dnl AC_PROG_LIBTOOL
-dnl AM_PROG_LIBTOOL
-
-dnl Checks for libraries.
-AC_CHECK_LIB(dl, dlopen)
-AC_CHECK_LIB(socket, socket)
-AC_CHECK_LIB(nsl, gethostbyname)
-
-dnl Checks for header files.
-AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h limits.h unistd.h)
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-
-dnl Checks for library functions.
-AC_CHECK_FUNCS(strstr strtoul)
-AC_CHECK_FUNCS(select socket)
-AC_CHECK_FUNCS(dlopen)
-
-AC_OUTPUT(Makefile)
diff --git a/crypto/openssl/demos/tunala/ip.c b/crypto/openssl/demos/tunala/ip.c
deleted file mode 100644
index 96ef4e653606..000000000000
--- a/crypto/openssl/demos/tunala/ip.c
+++ /dev/null
@@ -1,146 +0,0 @@
-#include "tunala.h"
-
-#ifndef NO_IP
-
-#define IP_LISTENER_BACKLOG 511 /* So if it gets masked by 256 or some other
-				   such value it'll still be respectable */
-
-/* Any IP-related initialisations. For now, this means blocking SIGPIPE */
-int ip_initialise(void)
-{
-	struct sigaction sa;
-
-	sa.sa_handler = SIG_IGN;
-	sa.sa_flags = 0;
-	sigemptyset(&sa.sa_mask);
-	if(sigaction(SIGPIPE, &sa, NULL) != 0)
-		return 0;
-	return 1;
-}
-
-int ip_create_listener_split(const char *ip, unsigned short port)
-{
-	struct sockaddr_in in_addr;
-	int fd = -1;
-	int reuseVal = 1;
-
-	/* Create the socket */
-	if((fd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
-		goto err;
-	/* Set the SO_REUSEADDR flag - servers act weird without it */
-	if(setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)(&reuseVal),
-				sizeof(reuseVal)) != 0)
-		goto err;
-	/* Prepare the listen address stuff */
-	in_addr.sin_family = AF_INET;
-	memcpy(&in_addr.sin_addr.s_addr, ip, 4);
-	in_addr.sin_port = htons(port);
-	/* Bind to the required port/address/interface */
-	if(bind(fd, (struct sockaddr *)&in_addr, sizeof(struct sockaddr_in)) != 0)
-		goto err;
-	/* Start "listening" */
-	if(listen(fd, IP_LISTENER_BACKLOG) != 0)
-		goto err;
-	return fd;
-err:
-	if(fd != -1)
-		close(fd);
-	return -1;
-}
-
-int ip_create_connection_split(const char *ip, unsigned short port)
-{
-	struct sockaddr_in in_addr;
-	int flags, fd = -1;
-
-	/* Create the socket */
-	if((fd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
-		goto err;
-	/* Make it non-blocking */
-	if(((flags = fcntl(fd, F_GETFL, 0)) < 0) ||
-			(fcntl(fd, F_SETFL, flags | O_NONBLOCK) < 0))
-		goto err;
-	/* Prepare the connection address stuff */
-	in_addr.sin_family = AF_INET;
-	memcpy(&in_addr.sin_addr.s_addr, ip, 4);
-	in_addr.sin_port = htons(port);
-	/* Start a connect (non-blocking, in all likelihood) */
-	if((connect(fd, (struct sockaddr *)&in_addr,
-			sizeof(struct sockaddr_in)) != 0) &&
-			(errno != EINPROGRESS))
-		goto err;
-	return fd;
-err:
-	if(fd != -1)
-		close(fd);
-	return -1;
-}
-
-static char all_local_ip[] = {0x00,0x00,0x00,0x00};
-
-int ip_parse_address(const char *address, const char **parsed_ip,
-		unsigned short *parsed_port, int accept_all_ip)
-{
-	char buf[256];
-	struct hostent *lookup;
-	unsigned long port;
-	const char *ptr = strstr(address, ":");
-	const char *ip = all_local_ip;
-
-	if(!ptr) {
-		/* We assume we're listening on all local interfaces and have
-		 * only specified a port. */
-		if(!accept_all_ip)
-			return 0;
-		ptr = address;
-		goto determine_port;
-	}
-	if((ptr - address) > 255)
-		return 0;
-	memset(buf, 0, 256);
-	memcpy(buf, address, ptr - address);
-	ptr++;
-	if((lookup = gethostbyname(buf)) == NULL) {
-		/* Spit a message to differentiate between lookup failures and
-		 * bad strings. */
-		fprintf(stderr, "hostname lookup for '%s' failed\n", buf);
-		return 0;
-	}
-	ip = lookup->h_addr_list[0];
-determine_port:
-	if(strlen(ptr) < 1)
-		return 0;
-	if(!int_strtoul(ptr, &port) || (port > 65535))
-		return 0;
-	*parsed_ip = ip;
-	*parsed_port = (unsigned short)port;
-	return 1;
-}
-
-int ip_create_listener(const char *address)
-{
-	const char *ip;
-	unsigned short port;
-
-	if(!ip_parse_address(address, &ip, &port, 1))
-		return -1;
-	return ip_create_listener_split(ip, port);
-}
-
-int ip_create_connection(const char *address)
-{
-	const char *ip;
-	unsigned short port;
-
-	if(!ip_parse_address(address, &ip, &port, 0))
-		return -1;
-	return ip_create_connection_split(ip, port);
-}
-
-int ip_accept_connection(int listen_fd)
-{
-	return accept(listen_fd, NULL, NULL);
-}
-
-#endif /* !defined(NO_IP) */
-
diff --git a/crypto/openssl/demos/tunala/sm.c b/crypto/openssl/demos/tunala/sm.c
deleted file mode 100644
index 25359e67ef49..000000000000
--- a/crypto/openssl/demos/tunala/sm.c
+++ /dev/null
@@ -1,151 +0,0 @@
-#include "tunala.h"
-
-#ifndef NO_TUNALA
-
-void state_machine_init(state_machine_t *machine)
-{
-	machine->ssl = NULL;
-	machine->bio_intossl = machine->bio_fromssl = NULL;
-	buffer_init(&machine->clean_in);
-	buffer_init(&machine->clean_out);
-	buffer_init(&machine->dirty_in);
-	buffer_init(&machine->dirty_out);
-}
-
-void state_machine_close(state_machine_t *machine)
-{
-	if(machine->ssl)
-		SSL_free(machine->ssl);
-/* SSL_free seems to decrement the reference counts already so doing this goes
- * kaboom. */
-#if 0
-	if(machine->bio_intossl)
-		BIO_free(machine->bio_intossl);
-	if(machine->bio_fromssl)
-		BIO_free(machine->bio_fromssl);
-#endif
-	buffer_close(&machine->clean_in);
-	buffer_close(&machine->clean_out);
-	buffer_close(&machine->dirty_in);
-	buffer_close(&machine->dirty_out);
-	state_machine_init(machine);
-}
-
-buffer_t *state_machine_get_buffer(state_machine_t *machine, sm_buffer_t type)
-{
-	switch(type) {
-	case SM_CLEAN_IN:
-		return &machine->clean_in;
-	case SM_CLEAN_OUT:
-		return &machine->clean_out;
-	case SM_DIRTY_IN:
-		return &machine->dirty_in;
-	case SM_DIRTY_OUT:
-		return &machine->dirty_out;
-	default:
-		break;
-	}
-	/* Should never get here */
-	abort();
-	return NULL;
-}
-
-SSL *state_machine_get_SSL(state_machine_t *machine)
-{
-	return machine->ssl;
-}
-
-int state_machine_set_SSL(state_machine_t *machine, SSL *ssl, int is_server)
-{
-	if(machine->ssl)
-		/* Shouldn't ever be set twice */
-		abort();
-	machine->ssl = ssl;
-	/* Create the BIOs to handle the dirty side of the SSL */
-	if((machine->bio_intossl = BIO_new(BIO_s_mem())) == NULL)
-		abort();
-	if((machine->bio_fromssl = BIO_new(BIO_s_mem())) == NULL)
-		abort();
-	/* Hook up the BIOs on the dirty side of the SSL */
-	SSL_set_bio(machine->ssl, machine->bio_intossl, machine->bio_fromssl);
-	if(is_server)
-		SSL_set_accept_state(machine->ssl);
-	else
-		SSL_set_connect_state(machine->ssl);
-	/* If we're the first one to generate traffic - do it now otherwise we
-	 * go into the next select empty-handed and our peer will not send data
-	 * but will similarly wait for us. */
-	return state_machine_churn(machine);
-}
-
-/* Performs the data-IO loop and returns zero if the machine should close */
-int state_machine_churn(state_machine_t *machine)
-{
-	unsigned int loop;
-	if(machine->ssl == NULL) {
-		if(buffer_empty(&machine->clean_out))
-			/* Time to close this state-machine altogether */
-			return 0;
-		else
-			/* Still buffered data on the clean side to go out */
-			return 1;
-	}
-	/* Do this loop twice to cover any dependencies about which precise
-	 * order of reads and writes is required. */
-	for(loop = 0; loop < 2; loop++) {
-		buffer_to_SSL(&machine->clean_in, machine->ssl);
-		buffer_to_BIO(&machine->dirty_in, machine->bio_intossl);
-		buffer_from_SSL(&machine->clean_out, machine->ssl);
-		buffer_from_BIO(&machine->dirty_out, machine->bio_fromssl);
-	}
-	/* We close on the SSL side if the info callback noticed some problems
-	 * or an SSL shutdown was underway and shutdown traffic had all been
-	 * sent. */
-	if(SSL_get_app_data(machine->ssl) || (SSL_get_shutdown(machine->ssl) &&
-				buffer_empty(&machine->dirty_out))) {
-		/* Great, we can seal off the dirty side completely */
-		if(!state_machine_close_dirty(machine))
-			return 0;
-	}
-	/* Either the SSL is alive and well, or the closing process still has
-	 * outgoing data waiting to be sent */
-	return 1;
-}
-
-/* Called when the clean side of the SSL has lost its connection */
-int state_machine_close_clean(state_machine_t *machine)
-{
-	/* Well, first thing to do is null out the clean-side buffers - they're
-	 * no use any more. */
-	buffer_close(&machine->clean_in);
-	buffer_close(&machine->clean_out);
-	/* And start an SSL shutdown */
-	if(machine->ssl)
-		SSL_shutdown(machine->ssl);
-	/* This is an "event", so flush the SSL of any generated traffic */
-	state_machine_churn(machine);
-	if(buffer_empty(&machine->dirty_in) &&
-			buffer_empty(&machine->dirty_out))
-		return 0;
-	return 1;
-}
-
-/* Called when the dirty side of the SSL has lost its connection. This is pretty
- * terminal as all that can be left to do is send any buffered output on the
- * clean side - after that, we're done. */
-int state_machine_close_dirty(state_machine_t *machine)
-{
-	buffer_close(&machine->dirty_in);
-	buffer_close(&machine->dirty_out);
-	buffer_close(&machine->clean_in);
-	if(machine->ssl)
-		SSL_free(machine->ssl);
-	machine->ssl = NULL;
-	machine->bio_intossl = machine->bio_fromssl = NULL;
-	if(buffer_empty(&machine->clean_out))
-		return 0;
-	return 1;
-}
-
-#endif /* !defined(NO_TUNALA) */
-
diff --git a/crypto/openssl/demos/tunala/tunala.c b/crypto/openssl/demos/tunala/tunala.c
deleted file mode 100644
index e802a6209fff..000000000000
--- a/crypto/openssl/demos/tunala/tunala.c
+++ /dev/null
@@ -1,1093 +0,0 @@
-#if defined(NO_BUFFER) || defined(NO_IP) || defined(NO_OPENSSL)
-#error "Badness, NO_BUFFER, NO_IP or NO_OPENSSL is defined, turn them *off*"
-#endif
-
-/* Include our bits'n'pieces */
-#include "tunala.h"
-
-
-/********************************************/
-/* Our local types that specify our "world" */
-/********************************************/
-
-/* These represent running "tunnels". Eg. if you wanted to do SSL in a
- * "message-passing" scanario, the "int" file-descriptors might be replaced by
- * thread or process IDs, and the "select" code might be replaced by message
- * handling code. Whatever. */
-typedef struct _tunala_item_t {
-	/* The underlying SSL state machine. This is a data-only processing unit
-	 * and we communicate with it by talking to its four "buffers". */
-	state_machine_t sm;
-	/* The file-descriptors for the "dirty" (encrypted) side of the SSL
-	 * setup. In actuality, this is typically a socket and both values are
-	 * identical. */
-	int dirty_read, dirty_send;
-	/* The file-descriptors for the "clean" (unencrypted) side of the SSL
-	 * setup. These could be stdin/stdout, a socket (both values the same),
-	 * or whatever you like. */
-	int clean_read, clean_send;
-} tunala_item_t;
-
-/* This structure is used as the data for running the main loop. Namely, in a
- * network format such as this, it is stuff for select() - but as pointed out,
- * when moving the real-world to somewhere else, this might be replaced by
- * something entirely different. It's basically the stuff that controls when
- * it's time to do some "work". */
-typedef struct _select_sets_t {
-	int max; /* As required as the first argument to select() */
-	fd_set reads, sends, excepts; /* As passed to select() */
-} select_sets_t;
-typedef struct _tunala_selector_t {
-	select_sets_t last_selected; /* Results of the last select() */
-	select_sets_t next_select; /* What we'll next select on */
-} tunala_selector_t;
-
-/* This structure is *everything*. We do it to avoid the use of globals so that,
- * for example, it would be easier to shift things around between async-IO,
- * thread-based, or multi-fork()ed (or combinations thereof). */
-typedef struct _tunala_world_t {
-	/* The file-descriptor we "listen" on for new connections */
-	int listen_fd;
-	/* The array of tunnels */
-	tunala_item_t *tunnels;
-	/* the number of tunnels in use and allocated, respectively */
-	unsigned int tunnels_used, tunnels_size;
-	/* Our outside "loop" context stuff */
-	tunala_selector_t selector;
-	/* Our SSL_CTX, which is configured as the SSL client or server and has
-	 * the various cert-settings and callbacks configured. */
-	SSL_CTX *ssl_ctx;
-	/* Simple flag with complex logic :-) Indicates whether we're an SSL
-	 * server or an SSL client. */
-	int server_mode;
-} tunala_world_t;
-
-/*****************************/
-/* Internal static functions */
-/*****************************/
-
-static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
-		const char *CAfile, const char *cert, const char *key,
-		const char *dcert, const char *dkey, const char *cipher_list,
-		const char *dh_file, const char *dh_special, int ctx_options,
-		int out_state, int out_verify, int verify_mode,
-		unsigned int verify_depth);
-static void selector_init(tunala_selector_t *selector);
-static void selector_add_listener(tunala_selector_t *selector, int fd);
-static void selector_add_tunala(tunala_selector_t *selector, tunala_item_t *t);
-static int selector_select(tunala_selector_t *selector);
-/* This returns -1 for error, 0 for no new connections, or 1 for success, in
- * which case *newfd is populated. */
-static int selector_get_listener(tunala_selector_t *selector, int fd, int *newfd);
-static int tunala_world_new_item(tunala_world_t *world, int fd,
-		const char *ip, unsigned short port, int flipped);
-static void tunala_world_del_item(tunala_world_t *world, unsigned int idx);
-static int tunala_item_io(tunala_selector_t *selector, tunala_item_t *item);
-
-/*********************************************/
-/* MAIN FUNCTION (and its utility functions) */
-/*********************************************/
-
-static const char *def_proxyhost = "127.0.0.1:443";
-static const char *def_listenhost = "127.0.0.1:8080";
-static int def_max_tunnels = 50;
-static const char *def_cacert = NULL;
-static const char *def_cert = NULL;
-static const char *def_key = NULL;
-static const char *def_dcert = NULL;
-static const char *def_dkey = NULL;
-static const char *def_engine_id = NULL;
-static int def_server_mode = 0;
-static int def_flipped = 0;
-static const char *def_cipher_list = NULL;
-static const char *def_dh_file = NULL;
-static const char *def_dh_special = NULL;
-static int def_ctx_options = 0;
-static int def_verify_mode = 0;
-static unsigned int def_verify_depth = 10;
-static int def_out_state = 0;
-static unsigned int def_out_verify = 0;
-static int def_out_totals = 0;
-static int def_out_conns = 0;
-
-static const char *helpstring =
-"\n'Tunala' (A tunneler with a New Zealand accent)\n"
-"Usage: tunala [options], where options are from;\n"
-" -listen [host:]<port>  (default = 127.0.0.1:8080)\n"
-" -proxy <host>:<port>   (default = 127.0.0.1:443)\n"
-" -maxtunnels <num>      (default = 50)\n"
-" -cacert <path|NULL>    (default = NULL)\n"
-" -cert <path|NULL>      (default = NULL)\n"
-" -key <path|NULL>       (default = whatever '-cert' is)\n"
-" -dcert <path|NULL>     (usually for DSA, default = NULL)\n"
-" -dkey <path|NULL>      (usually for DSA, default = whatever '-dcert' is)\n"
-" -engine <id|NULL>      (default = NULL)\n"
-" -server <0|1>          (default = 0, ie. an SSL client)\n"
-" -flipped <0|1>         (makes SSL servers be network clients, and vice versa)\n"
-" -cipher <list>         (specifies cipher list to use)\n"
-" -dh_file <path>        (a PEM file containing DH parameters to use)\n"
-" -dh_special <NULL|generate|standard> (see below: def=NULL)\n"
-" -no_ssl2               (disable SSLv2)\n"
-" -no_ssl3               (disable SSLv3)\n"
-" -no_tls1               (disable TLSv1)\n"
-" -v_peer                (verify the peer certificate)\n"
-" -v_strict              (do not continue if peer doesn't authenticate)\n"
-" -v_once                (no verification in renegotiates)\n"
-" -v_depth <num>         (limit certificate chain depth, default = 10)\n"
-" -out_conns             (prints client connections and disconnections)\n"
-" -out_state             (prints SSL handshake states)\n"
-" -out_verify <0|1|2|3>  (prints certificate verification states: def=1)\n"
-" -out_totals            (prints out byte-totals when a tunnel closes)\n"
-" -<h|help|?>            (displays this help screen)\n"
-"Notes:\n"
-"(1) It is recommended to specify a cert+key when operating as an SSL server.\n"
-"    If you only specify '-cert', the same file must contain a matching\n"
-"    private key.\n"
-"(2) Either dh_file or dh_special can be used to specify where DH parameters\n"
-"    will be obtained from (or '-dh_special NULL' for the default choice) but\n"
-"    you cannot specify both. For dh_special, 'generate' will create new DH\n"
-"    parameters on startup, and 'standard' will use embedded parameters\n"
-"    instead.\n"
-"(3) Normally an ssl client connects to an ssl server - so that an 'ssl client\n"
-"    tunala' listens for 'clean' client connections and proxies ssl, and an\n"
-"    'ssl server tunala' listens for ssl connections and proxies 'clean'. With\n"
-"    '-flipped 1', this behaviour is reversed so that an 'ssl server tunala'\n"
-"    listens for clean client connections and proxies ssl (but participating\n"
-"    as an ssl *server* in the SSL/TLS protocol), and an 'ssl client tunala'\n"
-"    listens for ssl connections (participating as an ssl *client* in the\n"
-"    SSL/TLS protocol) and proxies 'clean' to the end destination. This can\n"
-"    be useful for allowing network access to 'servers' where only the server\n"
-"    needs to authenticate the client (ie. the other way is not required).\n"
-"    Even with client and server authentication, this 'technique' mitigates\n"
-"    some DoS (denial-of-service) potential as it will be the network client\n"
-"    having to perform the first private key operation rather than the other\n"
-"    way round.\n"
-"(4) The 'technique' used by setting '-flipped 1' is probably compatible with\n"
-"    absolutely nothing except another complimentary instance of 'tunala'\n"
-"    running with '-flipped 1'. :-)\n";
-
-/* Default DH parameters for use with "-dh_special standard" ... stolen striaght
- * from s_server. */
-static unsigned char dh512_p[]={
-	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
-	0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
-	0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
-	0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
-	0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
-	0x47,0x74,0xE8,0x33,
-	};
-static unsigned char dh512_g[]={
-	0x02,
-	};
-
-/* And the function that parses the above "standard" parameters, again, straight
- * out of s_server. */
-static DH *get_dh512(void)
-	{
-	DH *dh=NULL;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		return(NULL);
-	return(dh);
-	}
-
-/* Various help/error messages used by main() */
-static int usage(const char *errstr, int isunknownarg)
-{
-	if(isunknownarg)
-		fprintf(stderr, "Error: unknown argument '%s'\n", errstr);
-	else
-		fprintf(stderr, "Error: %s\n", errstr);
-	fprintf(stderr, "%s\n", helpstring);
-	return 1;
-}
-
-static int err_str0(const char *str0)
-{
-	fprintf(stderr, "%s\n", str0);
-	return 1;
-}
-
-static int err_str1(const char *fmt, const char *str1)
-{
-	fprintf(stderr, fmt, str1);
-	fprintf(stderr, "\n");
-	return 1;
-}
-
-static int parse_max_tunnels(const char *s, unsigned int *maxtunnels)
-{
-	unsigned long l;
-	if(!int_strtoul(s, &l) || (l < 1) || (l > 1024)) {
-		fprintf(stderr, "Error, '%s' is an invalid value for "
-				"maxtunnels\n", s);
-		return 0;
-	}
-	*maxtunnels = (unsigned int)l;
-	return 1;
-}
-
-static int parse_server_mode(const char *s, int *servermode)
-{
-	unsigned long l;
-	if(!int_strtoul(s, &l) || (l > 1)) {
-		fprintf(stderr, "Error, '%s' is an invalid value for the "
-				"server mode\n", s);
-		return 0;
-	}
-	*servermode = (int)l;
-	return 1;
-}
-
-static int parse_dh_special(const char *s, const char **dh_special)
-{
-	if((strcmp(s, "NULL") == 0) || (strcmp(s, "generate") == 0) ||
-			(strcmp(s, "standard") == 0)) {
-		*dh_special = s;
-		return 1;
-	}
-	fprintf(stderr, "Error, '%s' is an invalid value for 'dh_special'\n", s);
-	return 0;
-}
-
-static int parse_verify_level(const char *s, unsigned int *verify_level)
-{
-	unsigned long l;
-	if(!int_strtoul(s, &l) || (l > 3)) {
-		fprintf(stderr, "Error, '%s' is an invalid value for "
-				"out_verify\n", s);
-		return 0;
-	}
-	*verify_level = (unsigned int)l;
-	return 1;
-}
-
-static int parse_verify_depth(const char *s, unsigned int *verify_depth)
-{
-	unsigned long l;
-	if(!int_strtoul(s, &l) || (l < 1) || (l > 50)) {
-		fprintf(stderr, "Error, '%s' is an invalid value for "
-				"verify_depth\n", s);
-		return 0;
-	}
-	*verify_depth = (unsigned int)l;
-	return 1;
-}
-
-/* Some fprintf format strings used when tunnels close */
-static const char *io_stats_dirty =
-"    SSL traffic;   %8lu bytes in, %8lu bytes out\n";
-static const char *io_stats_clean =
-"    clear traffic; %8lu bytes in, %8lu bytes out\n";
-
-int main(int argc, char *argv[])
-{
-	unsigned int loop;
-	int newfd;
-	tunala_world_t world;
-	tunala_item_t *t_item;
-	const char *proxy_ip;
-	unsigned short proxy_port;
-	/* Overridables */
-	const char *proxyhost = def_proxyhost;
-	const char *listenhost = def_listenhost;
-	unsigned int max_tunnels = def_max_tunnels;
-	const char *cacert = def_cacert;
-	const char *cert = def_cert;
-	const char *key = def_key;
-	const char *dcert = def_dcert;
-	const char *dkey = def_dkey;
-	const char *engine_id = def_engine_id;
-	int server_mode = def_server_mode;
-	int flipped = def_flipped;
-	const char *cipher_list = def_cipher_list;
-	const char *dh_file = def_dh_file;
-	const char *dh_special = def_dh_special;
-	int ctx_options = def_ctx_options;
-	int verify_mode = def_verify_mode;
-	unsigned int verify_depth = def_verify_depth;
-	int out_state = def_out_state;
-	unsigned int out_verify = def_out_verify;
-	int out_totals = def_out_totals;
-	int out_conns = def_out_conns;
-
-/* Parse command-line arguments */
-next_arg:
-	argc--; argv++;
-	if(argc > 0) {
-		if(strcmp(*argv, "-listen") == 0) {
-			if(argc < 2)
-				return usage("-listen requires an argument", 0);
-			argc--; argv++;
-			listenhost = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-proxy") == 0) {
-			if(argc < 2)
-				return usage("-proxy requires an argument", 0);
-			argc--; argv++;
-			proxyhost = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-maxtunnels") == 0) {
-			if(argc < 2)
-				return usage("-maxtunnels requires an argument", 0);
-			argc--; argv++;
-			if(!parse_max_tunnels(*argv, &max_tunnels))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-cacert") == 0) {
-			if(argc < 2)
-				return usage("-cacert requires an argument", 0);
-			argc--; argv++;
-			if(strcmp(*argv, "NULL") == 0)
-				cacert = NULL;
-			else
-				cacert = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-cert") == 0) {
-			if(argc < 2)
-				return usage("-cert requires an argument", 0);
-			argc--; argv++;
-			if(strcmp(*argv, "NULL") == 0)
-				cert = NULL;
-			else
-				cert = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-key") == 0) {
-			if(argc < 2)
-				return usage("-key requires an argument", 0);
-			argc--; argv++;
-			if(strcmp(*argv, "NULL") == 0)
-				key = NULL;
-			else
-				key = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-dcert") == 0) {
-			if(argc < 2)
-				return usage("-dcert requires an argument", 0);
-			argc--; argv++;
-			if(strcmp(*argv, "NULL") == 0)
-				dcert = NULL;
-			else
-				dcert = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-dkey") == 0) {
-			if(argc < 2)
-				return usage("-dkey requires an argument", 0);
-			argc--; argv++;
-			if(strcmp(*argv, "NULL") == 0)
-				dkey = NULL;
-			else
-				dkey = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-engine") == 0) {
-			if(argc < 2)
-				return usage("-engine requires an argument", 0);
-			argc--; argv++;
-			engine_id = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-server") == 0) {
-			if(argc < 2)
-				return usage("-server requires an argument", 0);
-			argc--; argv++;
-			if(!parse_server_mode(*argv, &server_mode))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-flipped") == 0) {
-			if(argc < 2)
-				return usage("-flipped requires an argument", 0);
-			argc--; argv++;
-			if(!parse_server_mode(*argv, &flipped))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-cipher") == 0) {
-			if(argc < 2)
-				return usage("-cipher requires an argument", 0);
-			argc--; argv++;
-			cipher_list = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-dh_file") == 0) {
-			if(argc < 2)
-				return usage("-dh_file requires an argument", 0);
-			if(dh_special)
-				return usage("cannot mix -dh_file with "
-						"-dh_special", 0);
-			argc--; argv++;
-			dh_file = *argv;
-			goto next_arg;
-		} else if(strcmp(*argv, "-dh_special") == 0) {
-			if(argc < 2)
-				return usage("-dh_special requires an argument", 0);
-			if(dh_file)
-				return usage("cannot mix -dh_file with "
-						"-dh_special", 0);
-			argc--; argv++;
-			if(!parse_dh_special(*argv, &dh_special))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-no_ssl2") == 0) {
-			ctx_options |= SSL_OP_NO_SSLv2;
-			goto next_arg;
-		} else if(strcmp(*argv, "-no_ssl3") == 0) {
-			ctx_options |= SSL_OP_NO_SSLv3;
-			goto next_arg;
-		} else if(strcmp(*argv, "-no_tls1") == 0) {
-			ctx_options |= SSL_OP_NO_TLSv1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-v_peer") == 0) {
-			verify_mode |= SSL_VERIFY_PEER;
-			goto next_arg;
-		} else if(strcmp(*argv, "-v_strict") == 0) {
-			verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
-			goto next_arg;
-		} else if(strcmp(*argv, "-v_once") == 0) {
-			verify_mode |= SSL_VERIFY_CLIENT_ONCE;
-			goto next_arg;
-		} else if(strcmp(*argv, "-v_depth") == 0) {
-			if(argc < 2)
-				return usage("-v_depth requires an argument", 0);
-			argc--; argv++;
-			if(!parse_verify_depth(*argv, &verify_depth))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-out_state") == 0) {
-			out_state = 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-out_verify") == 0) {
-			if(argc < 2)
-				return usage("-out_verify requires an argument", 0);
-			argc--; argv++;
-			if(!parse_verify_level(*argv, &out_verify))
-				return 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-out_totals") == 0) {
-			out_totals = 1;
-			goto next_arg;
-		} else if(strcmp(*argv, "-out_conns") == 0) {
-			out_conns = 1;
-			goto next_arg;
-		} else if((strcmp(*argv, "-h") == 0) ||
-				(strcmp(*argv, "-help") == 0) ||
-				(strcmp(*argv, "-?") == 0)) {
-			fprintf(stderr, "%s\n", helpstring);
-			return 0;
-		} else
-			return usage(*argv, 1);
-	}
-	/* Run any sanity checks we want here */
-	if(!cert && !dcert && server_mode)
-		fprintf(stderr, "WARNING: you are running an SSL server without "
-				"a certificate - this may not work!\n");
-
-	/* Initialise network stuff */
-	if(!ip_initialise())
-		return err_str0("ip_initialise failed");
-	/* Create the SSL_CTX */
-	if((world.ssl_ctx = initialise_ssl_ctx(server_mode, engine_id,
-			cacert, cert, key, dcert, dkey, cipher_list, dh_file,
-			dh_special, ctx_options, out_state, out_verify,
-			verify_mode, verify_depth)) == NULL)
-		return err_str1("initialise_ssl_ctx(engine_id=%s) failed",
-			(engine_id == NULL) ? "NULL" : engine_id);
-	if(engine_id)
-		fprintf(stderr, "Info, engine '%s' initialised\n", engine_id);
-	/* Create the listener */
-	if((world.listen_fd = ip_create_listener(listenhost)) == -1)
-		return err_str1("ip_create_listener(%s) failed", listenhost);
-	fprintf(stderr, "Info, listening on '%s'\n", listenhost);
-	if(!ip_parse_address(proxyhost, &proxy_ip, &proxy_port, 0))
-		return err_str1("ip_parse_address(%s) failed", proxyhost);
-	fprintf(stderr, "Info, proxying to '%s' (%d.%d.%d.%d:%d)\n", proxyhost,
-			(int)proxy_ip[0], (int)proxy_ip[1],
-			(int)proxy_ip[2], (int)proxy_ip[3], (int)proxy_port);
-	fprintf(stderr, "Info, set maxtunnels to %d\n", (int)max_tunnels);
-	fprintf(stderr, "Info, set to operate as an SSL %s\n",
-			(server_mode ? "server" : "client"));
-	/* Initialise the rest of the stuff */
-	world.tunnels_used = world.tunnels_size = 0;
-	world.tunnels = NULL;
-	world.server_mode = server_mode;
-	selector_init(&world.selector);
-
-/* We're ready to loop */
-main_loop:
-	/* Should we listen for *new* tunnels? */
-	if(world.tunnels_used < max_tunnels)
-		selector_add_listener(&world.selector, world.listen_fd);
-	/* We should add in our existing tunnels */
-	for(loop = 0; loop < world.tunnels_used; loop++)
-		selector_add_tunala(&world.selector, world.tunnels + loop);
-	/* Now do the select */
-	switch(selector_select(&world.selector)) {
-	case -1:
-		fprintf(stderr, "selector_select returned a badness error.\n");
-		goto shouldnt_happen;
-	case 0:
-		fprintf(stderr, "Warn, selector_select returned 0 - signal?""?\n");
-		goto main_loop;
-	default:
-		break;
-	}
-	/* Accept new connection if we should and can */
-	if((world.tunnels_used < max_tunnels) && (selector_get_listener(
-					&world.selector, world.listen_fd,
-					&newfd) == 1)) {
-		/* We have a new connection */
-		if(!tunala_world_new_item(&world, newfd, proxy_ip,
-						proxy_port, flipped))
-			fprintf(stderr, "tunala_world_new_item failed\n");
-		else if(out_conns)
-			fprintf(stderr, "Info, new tunnel opened, now up to "
-					"%d\n", world.tunnels_used);
-	}
-	/* Give each tunnel its moment, note the while loop is because it makes
-	 * the logic easier than with "for" to deal with an array that may shift
-	 * because of deletes. */
-	loop = 0;
-	t_item = world.tunnels;
-	while(loop < world.tunnels_used) {
-		if(!tunala_item_io(&world.selector, t_item)) {
-			/* We're closing whether for reasons of an error or a
-			 * natural close. Don't increment loop or t_item because
-			 * the next item is moving to us! */
-			if(!out_totals)
-				goto skip_totals;
-			fprintf(stderr, "Tunnel closing, traffic stats follow\n");
-			/* Display the encrypted (over the network) stats */
-			fprintf(stderr, io_stats_dirty,
-				buffer_total_in(state_machine_get_buffer(
-						&t_item->sm,SM_DIRTY_IN)),
-				buffer_total_out(state_machine_get_buffer(
-						&t_item->sm,SM_DIRTY_OUT)));
-			/* Display the local (tunnelled) stats. NB: Data we
-			 * *receive* is data sent *out* of the state_machine on
-			 * its 'clean' side. Hence the apparent back-to-front
-			 * OUT/IN mixup here :-) */
-			fprintf(stderr, io_stats_clean,
-				buffer_total_out(state_machine_get_buffer(
-						&t_item->sm,SM_CLEAN_OUT)),
-				buffer_total_in(state_machine_get_buffer(
-						&t_item->sm,SM_CLEAN_IN)));
-skip_totals:
-			tunala_world_del_item(&world, loop);
-			if(out_conns)
-				fprintf(stderr, "Info, tunnel closed, down to %d\n",
-					world.tunnels_used);
-		}
-		else {
-			/* Move to the next item */
-			loop++;
-			t_item++;
-		}
-	}
-	goto main_loop;
-	/* Should never get here */
-shouldnt_happen:
-	abort();
-	return 1;
-}
-
-/****************/
-/* OpenSSL bits */
-/****************/
-
-static int ctx_set_cert(SSL_CTX *ctx, const char *cert, const char *key)
-{
-	FILE *fp = NULL;
-	X509 *x509 = NULL;
-	EVP_PKEY *pkey = NULL;
-	int toret = 0; /* Assume an error */
-
-	/* cert */
-	if(cert) {
-		if((fp = fopen(cert, "r")) == NULL) {
-			fprintf(stderr, "Error opening cert file '%s'\n", cert);
-			goto err;
-		}
-		if(!PEM_read_X509(fp, &x509, NULL, NULL)) {
-			fprintf(stderr, "Error reading PEM cert from '%s'\n",
-					cert);
-			goto err;
-		}
-		if(!SSL_CTX_use_certificate(ctx, x509)) {
-			fprintf(stderr, "Error, cert in '%s' can not be used\n",
-					cert);
-			goto err;
-		}
-		/* Clear the FILE* for reuse in the "key" code */
-		fclose(fp);
-		fp = NULL;
-		fprintf(stderr, "Info, operating with cert in '%s'\n", cert);
-		/* If a cert was given without matching key, we assume the same
-		 * file contains the required key. */
-		if(!key)
-			key = cert;
-	} else {
-		if(key)
-			fprintf(stderr, "Error, can't specify a key without a "
-					"corresponding certificate\n");
-		else
-			fprintf(stderr, "Error, ctx_set_cert called with "
-					"NULLs!\n");
-		goto err;
-	}
-	/* key */
-	if(key) {
-		if((fp = fopen(key, "r")) == NULL) {
-			fprintf(stderr, "Error opening key file '%s'\n", key);
-			goto err;
-		}
-		if(!PEM_read_PrivateKey(fp, &pkey, NULL, NULL)) {
-			fprintf(stderr, "Error reading PEM key from '%s'\n",
-					key);
-			goto err;
-		}
-		if(!SSL_CTX_use_PrivateKey(ctx, pkey)) {
-			fprintf(stderr, "Error, key in '%s' can not be used\n",
-					key);
-			goto err;
-		}
-		fprintf(stderr, "Info, operating with key in '%s'\n", key);
-	} else
-		fprintf(stderr, "Info, operating without a cert or key\n");
-	/* Success */
-	toret = 1; err:
-	if(x509)
-		X509_free(x509);
-	if(pkey)
-		EVP_PKEY_free(pkey);
-	if(fp)
-		fclose(fp);
-	return toret;
-}
-
-static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file, const char *dh_special)
-{
-	DH *dh = NULL;
-	FILE *fp = NULL;
-
-	if(dh_special) {
-		if(strcmp(dh_special, "NULL") == 0)
-			return 1;
-		if(strcmp(dh_special, "standard") == 0) {
-			if((dh = get_dh512()) == NULL) {
-				fprintf(stderr, "Error, can't parse 'standard'"
-						" DH parameters\n");
-				return 0;
-			}
-			fprintf(stderr, "Info, using 'standard' DH parameters\n");
-			goto do_it;
-		}
-		if(strcmp(dh_special, "generate") != 0)
-			/* This shouldn't happen - screening values is handled
-			 * in main(). */
-			abort();
-		fprintf(stderr, "Info, generating DH parameters ... ");
-		fflush(stderr);
-		if((dh = DH_generate_parameters(512, DH_GENERATOR_5,
-					NULL, NULL)) == NULL) {
-			fprintf(stderr, "error!\n");
-			return 0;
-		}
-		fprintf(stderr, "complete\n");
-		goto do_it;
-	}
-	/* So, we're loading dh_file */
-	if((fp = fopen(dh_file, "r")) == NULL) {
-		fprintf(stderr, "Error, couldn't open '%s' for DH parameters\n",
-				dh_file);
-		return 0;
-	}
-	dh = PEM_read_DHparams(fp, NULL, NULL, NULL);
-	fclose(fp);
-	if(dh == NULL) {
-		fprintf(stderr, "Error, could not parse DH parameters from '%s'\n",
-				dh_file);
-		return 0;
-	}
-	fprintf(stderr, "Info, using DH parameters from file '%s'\n", dh_file);
-do_it:
-	SSL_CTX_set_tmp_dh(ctx, dh);
-	DH_free(dh);
-	return 1;
-}
-
-static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
-		const char *CAfile, const char *cert, const char *key,
-		const char *dcert, const char *dkey, const char *cipher_list,
-		const char *dh_file, const char *dh_special, int ctx_options,
-		int out_state, int out_verify, int verify_mode,
-		unsigned int verify_depth)
-{
-	SSL_CTX *ctx = NULL, *ret = NULL;
-	SSL_METHOD *meth;
-	ENGINE *e = NULL;
-
-        OpenSSL_add_ssl_algorithms();
-        SSL_load_error_strings();
-
-	meth = (server_mode ? SSLv23_server_method() : SSLv23_client_method());
-	if(meth == NULL)
-		goto err;
-	if(engine_id) {
-		ENGINE_load_builtin_engines();
-		if((e = ENGINE_by_id(engine_id)) == NULL) {
-			fprintf(stderr, "Error obtaining '%s' engine, openssl "
-					"errors follow\n", engine_id);
-			goto err;
-		}
-		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
-			fprintf(stderr, "Error assigning '%s' engine, openssl "
-					"errors follow\n", engine_id);
-			goto err;
-		}
-		ENGINE_free(e);
-	}
-	if((ctx = SSL_CTX_new(meth)) == NULL)
-		goto err;
-	/* cacert */
-	if(CAfile) {
-		if(!X509_STORE_load_locations(SSL_CTX_get_cert_store(ctx),
-					CAfile, NULL)) {
-			fprintf(stderr, "Error loading CA cert(s) in '%s'\n",
-					CAfile);
-			goto err;
-		}
-		fprintf(stderr, "Info, operating with CA cert(s) in '%s'\n",
-				CAfile);
-	} else
-		fprintf(stderr, "Info, operating without a CA cert(-list)\n");
-	if(!SSL_CTX_set_default_verify_paths(ctx)) {
-		fprintf(stderr, "Error setting default verify paths\n");
-		goto err;
-	}
-
-	/* cert and key */
-	if((cert || key) && !ctx_set_cert(ctx, cert, key))
-		goto err;
-	/* dcert and dkey */
-	if((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey))
-		goto err;
-
-	/* cipher_list */
-	if(cipher_list) {
-		if(!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
-			fprintf(stderr, "Error setting cipher list '%s'\n",
-					cipher_list);
-			goto err;
-		}
-		fprintf(stderr, "Info, set cipher list '%s'\n", cipher_list);
-	} else
-		fprintf(stderr, "Info, operating with default cipher list\n");
-
-	/* dh_file & dh_special */
-	if((dh_file || dh_special) && !ctx_set_dh(ctx, dh_file, dh_special))
-		goto err;
-
-	/* ctx_options */
-	SSL_CTX_set_options(ctx, ctx_options);
-
-	/* out_state (output of SSL handshake states to screen). */
-	if(out_state)
-		cb_ssl_info_set_output(stderr);
-
-	/* out_verify */
-	if(out_verify > 0) {
-		cb_ssl_verify_set_output(stderr);
-		cb_ssl_verify_set_level(out_verify);
-	}
-
-	/* verify_depth */
-	cb_ssl_verify_set_depth(verify_depth);
-
-	/* Success! (includes setting verify_mode) */
-	SSL_CTX_set_info_callback(ctx, cb_ssl_info);
-	SSL_CTX_set_verify(ctx, verify_mode, cb_ssl_verify);
-	ret = ctx;
-err:
-	if(!ret) {
-		ERR_print_errors_fp(stderr);
-		if(ctx)
-			SSL_CTX_free(ctx);
-	}
-	return ret;
-}
-
-/*****************/
-/* Selector bits */
-/*****************/
-
-static void selector_sets_init(select_sets_t *s)
-{
-	s->max = 0;
-	FD_ZERO(&s->reads);
-	FD_ZERO(&s->sends);
-	FD_ZERO(&s->excepts);
-}
-static void selector_init(tunala_selector_t *selector)
-{
-	selector_sets_init(&selector->last_selected);
-	selector_sets_init(&selector->next_select);
-}
-
-#define SEL_EXCEPTS 0x00
-#define SEL_READS   0x01
-#define SEL_SENDS   0x02
-static void selector_add_raw_fd(tunala_selector_t *s, int fd, int flags)
-{
-	FD_SET(fd, &s->next_select.excepts);
-	if(flags & SEL_READS)
-		FD_SET(fd, &s->next_select.reads);
-	if(flags & SEL_SENDS)
-		FD_SET(fd, &s->next_select.sends);
-	/* Adjust "max" */
-	if(s->next_select.max < (fd + 1))
-		s->next_select.max = fd + 1;
-}
-
-static void selector_add_listener(tunala_selector_t *selector, int fd)
-{
-	selector_add_raw_fd(selector, fd, SEL_READS);
-}
-
-static void selector_add_tunala(tunala_selector_t *s, tunala_item_t *t)
-{
-	/* Set clean read if sm.clean_in is not full */
-	if(t->clean_read != -1) {
-		selector_add_raw_fd(s, t->clean_read,
-			(buffer_full(state_machine_get_buffer(&t->sm,
-				SM_CLEAN_IN)) ? SEL_EXCEPTS : SEL_READS));
-	}
-	/* Set clean send if sm.clean_out is not empty */
-	if(t->clean_send != -1) {
-		selector_add_raw_fd(s, t->clean_send,
-			(buffer_empty(state_machine_get_buffer(&t->sm,
-				SM_CLEAN_OUT)) ? SEL_EXCEPTS : SEL_SENDS));
-	}
-	/* Set dirty read if sm.dirty_in is not full */
-	if(t->dirty_read != -1) {
-		selector_add_raw_fd(s, t->dirty_read,
-			(buffer_full(state_machine_get_buffer(&t->sm,
-				SM_DIRTY_IN)) ? SEL_EXCEPTS : SEL_READS));
-	}
-	/* Set dirty send if sm.dirty_out is not empty */
-	if(t->dirty_send != -1) {
-		selector_add_raw_fd(s, t->dirty_send,
-			(buffer_empty(state_machine_get_buffer(&t->sm,
-				SM_DIRTY_OUT)) ? SEL_EXCEPTS : SEL_SENDS));
-	}
-}
-
-static int selector_select(tunala_selector_t *selector)
-{
-	memcpy(&selector->last_selected, &selector->next_select,
-			sizeof(select_sets_t));
-	selector_sets_init(&selector->next_select);
-	return select(selector->last_selected.max,
-			&selector->last_selected.reads,
-			&selector->last_selected.sends,
-			&selector->last_selected.excepts, NULL);
-}
-
-/* This returns -1 for error, 0 for no new connections, or 1 for success, in
- * which case *newfd is populated. */
-static int selector_get_listener(tunala_selector_t *selector, int fd, int *newfd)
-{
-	if(FD_ISSET(fd, &selector->last_selected.excepts))
-		return -1;
-	if(!FD_ISSET(fd, &selector->last_selected.reads))
-		return 0;
-	if((*newfd = ip_accept_connection(fd)) == -1)
-		return -1;
-	return 1;
-}
-
-/************************/
-/* "Tunala" world stuff */
-/************************/
-
-static int tunala_world_make_room(tunala_world_t *world)
-{
-	unsigned int newsize;
-	tunala_item_t *newarray;
-
-	if(world->tunnels_used < world->tunnels_size)
-		return 1;
-	newsize = (world->tunnels_size == 0 ? 16 :
-			((world->tunnels_size * 3) / 2));
-	if((newarray = malloc(newsize * sizeof(tunala_item_t))) == NULL)
-		return 0;
-	memset(newarray, 0, newsize * sizeof(tunala_item_t));
-	if(world->tunnels_used > 0)
-		memcpy(newarray, world->tunnels,
-			world->tunnels_used * sizeof(tunala_item_t));
-	if(world->tunnels_size > 0)
-		free(world->tunnels);
-	/* migrate */
-	world->tunnels = newarray;
-	world->tunnels_size = newsize;
-	return 1;
-}
-
-static int tunala_world_new_item(tunala_world_t *world, int fd,
-		const char *ip, unsigned short port, int flipped)
-{
-	tunala_item_t *item;
-	int newfd;
-	SSL *new_ssl = NULL;
-
-	if(!tunala_world_make_room(world))
-		return 0;
-	if((new_ssl = SSL_new(world->ssl_ctx)) == NULL) {
-		fprintf(stderr, "Error creating new SSL\n");
-		ERR_print_errors_fp(stderr);
-		return 0;
-	}
-	item = world->tunnels + (world->tunnels_used++);
-	state_machine_init(&item->sm);
-	item->clean_read = item->clean_send =
-		item->dirty_read = item->dirty_send = -1;
-	if((newfd = ip_create_connection_split(ip, port)) == -1)
-		goto err;
-	/* Which way round? If we're a server, "fd" is the dirty side and the
-	 * connection we open is the clean one. For a client, it's the other way
-	 * around. Unless, of course, we're "flipped" in which case everything
-	 * gets reversed. :-) */
-	if((world->server_mode && !flipped) ||
-			(!world->server_mode && flipped)) {
-		item->dirty_read = item->dirty_send = fd;
-		item->clean_read = item->clean_send = newfd;
-	} else {
-		item->clean_read = item->clean_send = fd;
-		item->dirty_read = item->dirty_send = newfd;
-	}
-	/* We use the SSL's "app_data" to indicate a call-back induced "kill" */
-	SSL_set_app_data(new_ssl, NULL);
-	if(!state_machine_set_SSL(&item->sm, new_ssl, world->server_mode))
-		goto err;
-	return 1;
-err:
-	tunala_world_del_item(world, world->tunnels_used - 1);
-	return 0;
-
-}
-
-static void tunala_world_del_item(tunala_world_t *world, unsigned int idx)
-{
-	tunala_item_t *item = world->tunnels + idx;
-	if(item->clean_read != -1)
-		close(item->clean_read);
-	if(item->clean_send != item->clean_read)
-		close(item->clean_send);
-	item->clean_read = item->clean_send = -1;
-	if(item->dirty_read != -1)
-		close(item->dirty_read);
-	if(item->dirty_send != item->dirty_read)
-		close(item->dirty_send);
-	item->dirty_read = item->dirty_send = -1;
-	state_machine_close(&item->sm);
-	/* OK, now we fix the item array */
-	if(idx + 1 < world->tunnels_used)
-		/* We need to scroll entries to the left */
-		memmove(world->tunnels + idx,
-				world->tunnels + (idx + 1),
-				(world->tunnels_used - (idx + 1)) *
-					sizeof(tunala_item_t));
-	world->tunnels_used--;
-}
-
-static int tunala_item_io(tunala_selector_t *selector, tunala_item_t *item)
-{
-	int c_r, c_s, d_r, d_s; /* Four boolean flags */
-
-	/* Take ourselves out of the gene-pool if there was an except */
-	if((item->clean_read != -1) && FD_ISSET(item->clean_read,
-				&selector->last_selected.excepts))
-		return 0;
-	if((item->clean_send != -1) && FD_ISSET(item->clean_send,
-				&selector->last_selected.excepts))
-		return 0;
-	if((item->dirty_read != -1) && FD_ISSET(item->dirty_read,
-				&selector->last_selected.excepts))
-		return 0;
-	if((item->dirty_send != -1) && FD_ISSET(item->dirty_send,
-				&selector->last_selected.excepts))
-		return 0;
-	/* Grab our 4 IO flags */
-	c_r = c_s = d_r = d_s = 0;
-	if(item->clean_read != -1)
-		c_r = FD_ISSET(item->clean_read, &selector->last_selected.reads);
-	if(item->clean_send != -1)
-		c_s = FD_ISSET(item->clean_send, &selector->last_selected.sends);
-	if(item->dirty_read != -1)
-		d_r = FD_ISSET(item->dirty_read, &selector->last_selected.reads);
-	if(item->dirty_send != -1)
-		d_s = FD_ISSET(item->dirty_send, &selector->last_selected.sends);
-	/* If no IO has happened for us, skip needless data looping */
-	if(!c_r && !c_s && !d_r && !d_s)
-		return 1;
-	if(c_r)
-		c_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
-				SM_CLEAN_IN), item->clean_read) <= 0);
-	if(c_s)
-		c_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
-				SM_CLEAN_OUT), item->clean_send) <= 0);
-	if(d_r)
-		d_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
-				SM_DIRTY_IN), item->dirty_read) <= 0);
-	if(d_s)
-		d_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
-				SM_DIRTY_OUT), item->dirty_send) <= 0);
-	/* If any of the flags is non-zero, that means they need closing */
-	if(c_r) {
-		close(item->clean_read);
-		if(item->clean_send == item->clean_read)
-			item->clean_send = -1;
-		item->clean_read = -1;
-	}
-	if(c_s && (item->clean_send != -1)) {
-		close(item->clean_send);
-		if(item->clean_send == item->clean_read)
-			item->clean_read = -1;
-		item->clean_send = -1;
-	}
-	if(d_r) {
-		close(item->dirty_read);
-		if(item->dirty_send == item->dirty_read)
-			item->dirty_send = -1;
-		item->dirty_read = -1;
-	}
-	if(d_s && (item->dirty_send != -1)) {
-		close(item->dirty_send);
-		if(item->dirty_send == item->dirty_read)
-			item->dirty_read = -1;
-		item->dirty_send = -1;
-	}
-	/* This function name is attributed to the term donated by David
-	 * Schwartz on openssl-dev, message-ID:
-	 * <NCBBLIEPOCNJOAEKBEAKEEDGLIAA.davids@webmaster.com>. :-) */
-	if(!state_machine_churn(&item->sm))
-		/* If the SSL closes, it will also zero-out the _in buffers
-		 * and will in future process just outgoing data. As and
-		 * when the outgoing data has gone, it will return zero
-		 * here to tell us to bail out. */
-		return 0;
-	/* Otherwise, we return zero if both sides are dead. */
-	if(((item->clean_read == -1) || (item->clean_send == -1)) &&
-			((item->dirty_read == -1) || (item->dirty_send == -1)))
-		return 0;
-	/* If only one side closed, notify the SSL of this so it can take
-	 * appropriate action. */
-	if((item->clean_read == -1) || (item->clean_send == -1)) {
-		if(!state_machine_close_clean(&item->sm))
-			return 0;
-	}
-	if((item->dirty_read == -1) || (item->dirty_send == -1)) {
-		if(!state_machine_close_dirty(&item->sm))
-			return 0;
-	}
-	return 1;
-}
-
diff --git a/crypto/openssl/demos/tunala/tunala.h b/crypto/openssl/demos/tunala/tunala.h
deleted file mode 100644
index b4c8ec78d8ac..000000000000
--- a/crypto/openssl/demos/tunala/tunala.h
+++ /dev/null
@@ -1,214 +0,0 @@
-/* Tunala ("Tunneler with a New Zealand accent")
- *
- * Written by Geoff Thorpe, but endorsed/supported by noone. Please use this is
- * if it's useful or informative to you, but it's only here as a scratchpad for
- * ideas about how you might (or might not) program with OpenSSL. If you deploy
- * this is in a mission-critical environment, and have not read, understood,
- * audited, and modified this code to your satisfaction, and the result is that
- * all hell breaks loose and you are looking for a new employer, then it proves
- * nothing except perhaps that Darwinism is alive and well. Let's just say, *I*
- * don't use this in a mission-critical environment, so it would be stupid for
- * anyone to assume that it is solid and/or tested enough when even its author
- * doesn't place that much trust in it. You have been warned.
- *
- * With thanks to Cryptographic Appliances, Inc.
- */
-
-#ifndef _TUNALA_H
-#define _TUNALA_H
-
-/* pull in autoconf fluff */
-#ifndef NO_CONFIG_H
-#include "config.h"
-#else
-/* We don't have autoconf, we have to set all of these unless a tweaked Makefile
- * tells us not to ... */
-/* headers */
-#ifndef NO_HAVE_SELECT
-#define HAVE_SELECT
-#endif
-#ifndef NO_HAVE_SOCKET
-#define HAVE_SOCKET
-#endif
-#ifndef NO_HAVE_UNISTD_H
-#define HAVE_UNISTD_H
-#endif
-#ifndef NO_HAVE_FCNTL_H
-#define HAVE_FCNTL_H
-#endif
-#ifndef NO_HAVE_LIMITS_H
-#define HAVE_LIMITS_H
-#endif
-/* features */
-#ifndef NO_HAVE_STRSTR
-#define HAVE_STRSTR
-#endif
-#ifndef NO_HAVE_STRTOUL
-#define HAVE_STRTOUL
-#endif
-#endif
-
-#if !defined(HAVE_SELECT) || !defined(HAVE_SOCKET)
-#error "can't build without some network basics like select() and socket()"
-#endif
-
-#include <stdlib.h>
-#ifndef NO_SYSTEM_H
-#include <string.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-#include <netdb.h>
-#include <signal.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#endif /* !defined(NO_SYSTEM_H) */
-
-#ifndef NO_OPENSSL
-#include <openssl/err.h>
-#include <openssl/engine.h>
-#include <openssl/ssl.h>
-#endif /* !defined(NO_OPENSSL) */
-
-#ifndef OPENSSL_NO_BUFFER
-/* This is the generic "buffer" type that is used when feeding the
- * state-machine. It's basically a FIFO with respect to the "adddata" &
- * "takedata" type functions that operate on it. */
-#define MAX_DATA_SIZE 16384
-typedef struct _buffer_t {
-	unsigned char data[MAX_DATA_SIZE];
-	unsigned int used;
-	/* Statistical values - counts the total number of bytes read in and
-	 * read out (respectively) since "buffer_init()" */
-	unsigned long total_in, total_out;
-} buffer_t;
-
-/* Initialise a buffer structure before use */
-void buffer_init(buffer_t *buf);
-/* Cleanup a buffer structure - presently not needed, but if buffer_t is
- * converted to using dynamic allocation, this would be required - so should be
- * called to protect against an explosion of memory leaks later if the change is
- * made. */
-void buffer_close(buffer_t *buf);
-
-/* Basic functions to manipulate buffers */
-
-unsigned int buffer_used(buffer_t *buf); /* How much data in the buffer */
-unsigned int buffer_unused(buffer_t *buf); /* How much space in the buffer */
-int buffer_full(buffer_t *buf); /* Boolean, is it full? */
-int buffer_notfull(buffer_t *buf); /* Boolean, is it not full? */
-int buffer_empty(buffer_t *buf); /* Boolean, is it empty? */
-int buffer_notempty(buffer_t *buf); /* Boolean, is it not empty? */
-unsigned long buffer_total_in(buffer_t *buf); /* Total bytes written to buffer */
-unsigned long buffer_total_out(buffer_t *buf); /* Total bytes read from buffer */
-
-#if 0 /* Currently used only within buffer.c - better to expose only
-       * higher-level functions anyway */
-/* Add data to the tail of the buffer, returns the amount that was actually
- * added (so, you need to check if return value is less than size) */
-unsigned int buffer_adddata(buffer_t *buf, const unsigned char *ptr,
-		unsigned int size);
-
-/* Take data from the front of the buffer (and scroll the rest forward). If
- * "ptr" is NULL, this just removes data off the front of the buffer. Return
- * value is the amount actually removed (can be less than size if the buffer has
- * too little data). */
-unsigned int buffer_takedata(buffer_t *buf, unsigned char *ptr,
-		unsigned int size);
-
-/* Flushes as much data as possible out of the "from" buffer into the "to"
- * buffer. Return value is the amount moved. The amount moved can be restricted
- * to a maximum by specifying "cap" - setting it to -1 means no limit. */
-unsigned int buffer_tobuffer(buffer_t *to, buffer_t *from, int cap);
-#endif
-
-#ifndef NO_IP
-/* Read or write between a file-descriptor and a buffer */
-int buffer_from_fd(buffer_t *buf, int fd);
-int buffer_to_fd(buffer_t *buf, int fd);
-#endif /* !defined(NO_IP) */
-
-#ifndef NO_OPENSSL
-/* Read or write between an SSL or BIO and a buffer */
-void buffer_from_SSL(buffer_t *buf, SSL *ssl);
-void buffer_to_SSL(buffer_t *buf, SSL *ssl);
-void buffer_from_BIO(buffer_t *buf, BIO *bio);
-void buffer_to_BIO(buffer_t *buf, BIO *bio);
-
-/* Callbacks */
-void cb_ssl_info(const SSL *s, int where, int ret);
-void cb_ssl_info_set_output(FILE *fp); /* Called if output should be sent too */
-int cb_ssl_verify(int ok, X509_STORE_CTX *ctx);
-void cb_ssl_verify_set_output(FILE *fp);
-void cb_ssl_verify_set_depth(unsigned int verify_depth);
-void cb_ssl_verify_set_level(unsigned int level);
-#endif /* !defined(NO_OPENSSL) */
-#endif /* !defined(OPENSSL_NO_BUFFER) */
-
-#ifndef NO_TUNALA
-#ifdef OPENSSL_NO_BUFFER
-#error "TUNALA section of tunala.h requires BUFFER support"
-#endif
-typedef struct _state_machine_t {
-	SSL *ssl;
-	BIO *bio_intossl;
-	BIO *bio_fromssl;
-	buffer_t clean_in, clean_out;
-	buffer_t dirty_in, dirty_out;
-} state_machine_t;
-typedef enum {
-	SM_CLEAN_IN, SM_CLEAN_OUT,
-	SM_DIRTY_IN, SM_DIRTY_OUT
-} sm_buffer_t;
-void state_machine_init(state_machine_t *machine);
-void state_machine_close(state_machine_t *machine);
-buffer_t *state_machine_get_buffer(state_machine_t *machine, sm_buffer_t type);
-SSL *state_machine_get_SSL(state_machine_t *machine);
-int state_machine_set_SSL(state_machine_t *machine, SSL *ssl, int is_server);
-/* Performs the data-IO loop and returns zero if the machine should close */
-int state_machine_churn(state_machine_t *machine);
-/* Is used to handle closing conditions - namely when one side of the tunnel has
- * closed but the other should finish flushing. */
-int state_machine_close_clean(state_machine_t *machine);
-int state_machine_close_dirty(state_machine_t *machine);
-#endif /* !defined(NO_TUNALA) */
-
-#ifndef NO_IP
-/* Initialise anything related to the networking. This includes blocking pesky
- * SIGPIPE signals. */
-int ip_initialise(void);
-/* ip is the 4-byte ip address (eg. 127.0.0.1 is {0x7F,0x00,0x00,0x01}), port is
- * the port to listen on (host byte order), and the return value is the
- * file-descriptor or -1 on error. */
-int ip_create_listener_split(const char *ip, unsigned short port);
-/* Same semantics as above. */
-int ip_create_connection_split(const char *ip, unsigned short port);
-/* Converts a string into the ip/port before calling the above */
-int ip_create_listener(const char *address);
-int ip_create_connection(const char *address);
-/* Just does a string conversion on its own. NB: If accept_all_ip is non-zero,
- * then the address string could be just a port. Ie. it's suitable for a
- * listening address but not a connecting address. */
-int ip_parse_address(const char *address, const char **parsed_ip,
-		unsigned short *port, int accept_all_ip);
-/* Accepts an incoming connection through the listener. Assumes selects and
- * what-not have deemed it an appropriate thing to do. */
-int ip_accept_connection(int listen_fd);
-#endif /* !defined(NO_IP) */
-
-/* These functions wrap up things that can be portability hassles. */
-int int_strtoul(const char *str, unsigned long *val);
-#ifdef HAVE_STRSTR
-#define int_strstr strstr
-#else
-char *int_strstr(const char *haystack, const char *needle);
-#endif
-
-#endif /* !defined(_TUNALA_H) */
diff --git a/crypto/openssl/demos/x509/README b/crypto/openssl/demos/x509/README
deleted file mode 100644
index 88f9d6c46e8a..000000000000
--- a/crypto/openssl/demos/x509/README
+++ /dev/null
@@ -1,3 +0,0 @@
-This directory contains examples of how to contruct
-various X509 structures. Certificates, certificate requests
-and CRLs.
diff --git a/crypto/openssl/demos/x509/mkcert.c b/crypto/openssl/demos/x509/mkcert.c
deleted file mode 100644
index c5e67b8e28e4..000000000000
--- a/crypto/openssl/demos/x509/mkcert.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/* Certificate creation. Demonstrates some certificate related
- * operations.
- */
-
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/pem.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
-int add_ext(X509 *cert, int nid, char *value);
-
-int main(int argc, char **argv)
-	{
-	BIO *bio_err;
-	X509 *x509=NULL;
-	EVP_PKEY *pkey=NULL;
-
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	mkcert(&x509,&pkey,512,0,365);
-
-	RSA_print_fp(stdout,pkey->pkey.rsa,0);
-	X509_print_fp(stdout,x509);
-
-	PEM_write_PrivateKey(stdout,pkey,NULL,NULL,0,NULL, NULL);
-	PEM_write_X509(stdout,x509);
-
-	X509_free(x509);
-	EVP_PKEY_free(pkey);
-
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_cleanup();
-#endif
-	CRYPTO_cleanup_all_ex_data();
-
-	CRYPTO_mem_leaks(bio_err);
-	BIO_free(bio_err);
-	return(0);
-	}
-
-static void callback(int p, int n, void *arg)
-	{
-	char c='B';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	fputc(c,stderr);
-	}
-
-int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days)
-	{
-	X509 *x;
-	EVP_PKEY *pk;
-	RSA *rsa;
-	X509_NAME *name=NULL;
-	
-	if ((pkeyp == NULL) || (*pkeyp == NULL))
-		{
-		if ((pk=EVP_PKEY_new()) == NULL)
-			{
-			abort(); 
-			return(0);
-			}
-		}
-	else
-		pk= *pkeyp;
-
-	if ((x509p == NULL) || (*x509p == NULL))
-		{
-		if ((x=X509_new()) == NULL)
-			goto err;
-		}
-	else
-		x= *x509p;
-
-	rsa=RSA_generate_key(bits,RSA_F4,callback,NULL);
-	if (!EVP_PKEY_assign_RSA(pk,rsa))
-		{
-		abort();
-		goto err;
-		}
-	rsa=NULL;
-
-	X509_set_version(x,2);
-	ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
-	X509_gmtime_adj(X509_get_notBefore(x),0);
-	X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
-	X509_set_pubkey(x,pk);
-
-	name=X509_get_subject_name(x);
-
-	/* This function creates and adds the entry, working out the
-	 * correct string type and performing checks on its length.
-	 * Normally we'd check the return value for errors...
-	 */
-	X509_NAME_add_entry_by_txt(name,"C",
-				MBSTRING_ASC, "UK", -1, -1, 0);
-	X509_NAME_add_entry_by_txt(name,"CN",
-				MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
-
-	/* Its self signed so set the issuer name to be the same as the
- 	 * subject.
-	 */
-	X509_set_issuer_name(x,name);
-
-	/* Add various extensions: standard extensions */
-	add_ext(x, NID_basic_constraints, "critical,CA:TRUE");
-	add_ext(x, NID_key_usage, "critical,keyCertSign,cRLSign");
-
-	add_ext(x, NID_subject_key_identifier, "hash");
-
-	/* Some Netscape specific extensions */
-	add_ext(x, NID_netscape_cert_type, "sslCA");
-
-	add_ext(x, NID_netscape_comment, "example comment extension");
-
-
-#ifdef CUSTOM_EXT
-	/* Maybe even add our own extension based on existing */
-	{
-		int nid;
-		nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
-		X509V3_EXT_add_alias(nid, NID_netscape_comment);
-		add_ext(x, nid, "example comment alias");
-	}
-#endif
-	
-	if (!X509_sign(x,pk,EVP_md5()))
-		goto err;
-
-	*x509p=x;
-	*pkeyp=pk;
-	return(1);
-err:
-	return(0);
-	}
-
-/* Add extension using V3 code: we can set the config file as NULL
- * because we wont reference any other sections.
- */
-
-int add_ext(X509 *cert, int nid, char *value)
-	{
-	X509_EXTENSION *ex;
-	X509V3_CTX ctx;
-	/* This sets the 'context' of the extensions. */
-	/* No configuration database */
-	X509V3_set_ctx_nodb(&ctx);
-	/* Issuer and subject certs: both the target since it is self signed,
-	 * no request and no CRL
-	 */
-	X509V3_set_ctx(&ctx, cert, cert, NULL, NULL, 0);
-	ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, value);
-	if (!ex)
-		return 0;
-
-	X509_add_ext(cert,ex,-1);
-	X509_EXTENSION_free(ex);
-	return 1;
-	}
-	
diff --git a/crypto/openssl/demos/x509/mkreq.c b/crypto/openssl/demos/x509/mkreq.c
deleted file mode 100644
index 3dfc65f16435..000000000000
--- a/crypto/openssl/demos/x509/mkreq.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* Certificate request creation. Demonstrates some request related
- * operations.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/pem.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-int mkreq(X509_REQ **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
-int add_ext(STACK_OF(X509_REQUEST) *sk, int nid, char *value);
-
-int main(int argc, char **argv)
-	{
-	BIO *bio_err;
-	X509_REQ *req=NULL;
-	EVP_PKEY *pkey=NULL;
-
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	mkreq(&req,&pkey,512,0,365);
-
-	RSA_print_fp(stdout,pkey->pkey.rsa,0);
-	X509_REQ_print_fp(stdout,req);
-
-	PEM_write_X509_REQ(stdout,req);
-
-	X509_REQ_free(req);
-	EVP_PKEY_free(pkey);
-
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_cleanup();
-#endif
-	CRYPTO_cleanup_all_ex_data();
-
-	CRYPTO_mem_leaks(bio_err);
-	BIO_free(bio_err);
-	return(0);
-	}
-
-static void callback(int p, int n, void *arg)
-	{
-	char c='B';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	fputc(c,stderr);
-	}
-
-int mkreq(X509_REQ **req, EVP_PKEY **pkeyp, int bits, int serial, int days)
-	{
-	X509_REQ *x;
-	EVP_PKEY *pk;
-	RSA *rsa;
-	X509_NAME *name=NULL;
-	STACK_OF(X509_EXTENSION) *exts = NULL;
-	
-	if ((pk=EVP_PKEY_new()) == NULL)
-		goto err;
-
-	if ((x=X509_REQ_new()) == NULL)
-		goto err;
-
-	rsa=RSA_generate_key(bits,RSA_F4,callback,NULL);
-	if (!EVP_PKEY_assign_RSA(pk,rsa))
-		goto err;
-
-	rsa=NULL;
-
-	X509_REQ_set_pubkey(x,pk);
-
-	name=X509_REQ_get_subject_name(x);
-
-	/* This function creates and adds the entry, working out the
-	 * correct string type and performing checks on its length.
-	 * Normally we'd check the return value for errors...
-	 */
-	X509_NAME_add_entry_by_txt(name,"C",
-				MBSTRING_ASC, "UK", -1, -1, 0);
-	X509_NAME_add_entry_by_txt(name,"CN",
-				MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
-
-#ifdef REQUEST_EXTENSIONS
-	/* Certificate requests can contain extensions, which can be used
-	 * to indicate the extensions the requestor would like added to 
-	 * their certificate. CAs might ignore them however or even choke
-	 * if they are present.
-	 */
-
-	/* For request extensions they are all packed in a single attribute.
-	 * We save them in a STACK and add them all at once later...
-	 */
-
-	exts = sk_X509_EXTENSION_new_null();
-	/* Standard extenions */
-
-	add_ext(exts, NID_key_usage, "critical,digitalSignature,keyEncipherment");
-
-	/* This is a typical use for request extensions: requesting a value for
-	 * subject alternative name.
-	 */
-
-	add_ext(exts, NID_subject_alt_name, "email:steve@openssl.org");
-
-	/* Some Netscape specific extensions */
-	add_ext(exts, NID_netscape_cert_type, "client,email");
-
-
-
-#ifdef CUSTOM_EXT
-	/* Maybe even add our own extension based on existing */
-	{
-		int nid;
-		nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
-		X509V3_EXT_add_alias(nid, NID_netscape_comment);
-		add_ext(x, nid, "example comment alias");
-	}
-#endif
-
-	/* Now we've created the extensions we add them to the request */
-
-	X509_REQ_add_extensions(x, exts);
-
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-
-#endif
-	
-	if (!X509_REQ_sign(x,pk,EVP_md5()))
-		goto err;
-
-	*req=x;
-	*pkeyp=pk;
-	return(1);
-err:
-	return(0);
-	}
-
-/* Add extension using V3 code: we can set the config file as NULL
- * because we wont reference any other sections.
- */
-
-int add_ext(STACK_OF(X509_REQUEST) *sk, int nid, char *value)
-	{
-	X509_EXTENSION *ex;
-	ex = X509V3_EXT_conf_nid(NULL, NULL, nid, value);
-	if (!ex)
-		return 0;
-	sk_X509_EXTENSION_push(sk, ex);
-
-	return 1;
-	}
-	
diff --git a/crypto/openssl/dep/crypto.txt b/crypto/openssl/dep/crypto.txt
deleted file mode 100644
index 9e5144fec64d..000000000000
--- a/crypto/openssl/dep/crypto.txt
+++ /dev/null
@@ -1,1043 +0,0 @@
-ASN1_BIT_STRING_asn1_meth
-ASN1_BIT_STRING_get_bit
-ASN1_BIT_STRING_set_bit
-ASN1_HEADER_free
-ASN1_HEADER_new
-ASN1_IA5STRING_asn1_meth
-ASN1_INTEGER_get
-ASN1_INTEGER_set
-ASN1_INTEGER_to_BN
-ASN1_OBJECT_create
-ASN1_OBJECT_free
-ASN1_OBJECT_new
-ASN1_PRINTABLE_type
-ASN1_STRING_cmp
-ASN1_STRING_dup
-ASN1_STRING_free
-ASN1_STRING_new
-ASN1_STRING_print
-ASN1_STRING_set
-ASN1_STRING_type_new
-ASN1_TYPE_free
-ASN1_TYPE_get
-ASN1_TYPE_new
-ASN1_TYPE_set
-ASN1_UNIVERSALSTRING_to_string
-ASN1_UTCTIME_check
-ASN1_UTCTIME_print
-ASN1_UTCTIME_set
-ASN1_check_infinite_end
-ASN1_d2i_bio
-ASN1_d2i_fp
-ASN1_digest
-ASN1_dup
-ASN1_get_object
-ASN1_i2d_bio
-ASN1_i2d_fp
-ASN1_object_size
-ASN1_parse
-ASN1_put_object
-ASN1_sign
-ASN1_verify
-BF_cbc_encrypt
-BF_cfb64_encrypt
-BF_decrypt
-BF_ecb_encrypt
-BF_encrypt
-BF_ofb64_encrypt
-BF_options
-BF_set_key
-BIO_ACCEPT_free
-BIO_ACCEPT_new
-BIO_CONNECT_free
-BIO_CONNECT_new
-BIO_accept
-BIO_copy_next_retry
-BIO_ctrl
-BIO_ctrl_int
-BIO_debug_callback
-BIO_dump
-BIO_dup_chain
-BIO_f_base64
-BIO_f_buffer
-BIO_f_cipher
-BIO_f_md
-BIO_f_nbio_test
-BIO_f_null
-BIO_f_proxy_server
-BIO_fd_non_fatal_error
-BIO_fd_should_retry
-BIO_find_type
-BIO_free
-BIO_free_all
-BIO_get_accept_socket
-BIO_get_ex_data
-BIO_get_ex_new_index
-BIO_get_filter_bio
-BIO_get_host_ip
-BIO_get_port
-BIO_get_retry_BIO
-BIO_get_retry_reason
-BIO_gethostbyname
-BIO_gets
-BIO_ghbn_ctrl
-BIO_new
-BIO_new_accept
-BIO_new_connect
-BIO_new_fd
-BIO_new_file
-BIO_new_fp
-BIO_new_socket
-BIO_pop
-BIO_printf
-BIO_ptr_ctrl
-BIO_push
-BIO_puts
-BIO_read
-BIO_s_accept
-BIO_s_connect
-BIO_s_fd
-BIO_s_file
-BIO_s_mem
-BIO_s_null
-BIO_s_proxy_client
-BIO_s_socket
-BIO_set
-BIO_set_cipher
-BIO_set_ex_data
-BIO_set_tcp_ndelay
-BIO_sock_cleanup
-BIO_sock_error
-BIO_sock_init
-BIO_sock_non_fatal_error
-BIO_sock_should_retry
-BIO_socket_ioctl
-BIO_write
-BN_BLINDING_convert
-BN_BLINDING_free
-BN_BLINDING_invert
-BN_BLINDING_new
-BN_BLINDING_update
-BN_CTX_free
-BN_CTX_new
-BN_MONT_CTX_free
-BN_MONT_CTX_new
-BN_MONT_CTX_set
-BN_add
-BN_add_word
-BN_bin2bn
-BN_bn2bin
-BN_bn2dec
-BN_bn2hex
-BN_bn2mpi
-BN_clear
-BN_clear_bit
-BN_clear_free
-BN_cmp
-BN_copy
-BN_dec2bn
-BN_div
-BN_div_word
-BN_dup
-BN_exp
-BN_free
-BN_from_montgomery
-BN_gcd
-BN_generate_prime
-BN_get_word
-BN_hex2bn
-BN_is_bit_set
-BN_is_prime
-BN_lshift
-BN_lshift1
-BN_mask_bits
-BN_mod
-BN_mod_exp
-BN_mod_exp_mont
-BN_mod_exp_recp
-BN_mod_exp_simple
-BN_mod_inverse
-BN_mod_mul
-BN_mod_mul_montgomery
-BN_mod_mul_reciprocal
-BN_mod_word
-BN_mpi2bn
-BN_mul
-BN_mul_word
-BN_new
-BN_num_bits
-BN_num_bits_word
-BN_options
-BN_print
-BN_print_fp
-BN_rand
-BN_reciprocal
-BN_rshift
-BN_rshift1
-BN_set_bit
-BN_set_word
-BN_sqr
-BN_sub
-BN_sub_word
-BN_to_ASN1_INTEGER
-BN_ucmp
-BN_value_one
-BUF_MEM_free
-BUF_MEM_grow
-BUF_MEM_new
-BUF_strdup
-CAST_cbc_encrypt
-CAST_cfb64_encrypt
-CAST_decrypt
-CAST_ecb_encrypt
-CAST_encrypt
-CAST_ofb64_encrypt
-CAST_set_key
-CONF_free
-CONF_get_number
-CONF_get_section
-CONF_get_string
-CONF_load
-CRYPTO_add_lock
-CRYPTO_dbg_free
-CRYPTO_dbg_malloc
-CRYPTO_dbg_realloc
-CRYPTO_dbg_remalloc
-CRYPTO_dup_ex_data
-CRYPTO_free
-CRYPTO_free_ex_data
-CRYPTO_get_add_lock_callback
-CRYPTO_get_ex_data
-CRYPTO_get_ex_new_index
-CRYPTO_get_id_callback
-CRYPTO_get_lock_name
-CRYPTO_get_locking_callback
-CRYPTO_get_mem_functions
-CRYPTO_get_new_lockid
-CRYPTO_lock
-CRYPTO_malloc
-CRYPTO_mem_ctrl
-CRYPTO_mem_leaks
-CRYPTO_mem_leaks_cb
-CRYPTO_mem_leaks_fp
-CRYPTO_new_ex_data
-CRYPTO_realloc
-CRYPTO_remalloc
-CRYPTO_set_add_lock_callback
-CRYPTO_set_ex_data
-CRYPTO_set_id_callback
-CRYPTO_set_locking_callback
-CRYPTO_set_mem_functions
-CRYPTO_thread_id
-DH_check
-DH_compute_key
-DH_free
-DH_generate_key
-DH_generate_parameters
-DH_new
-DH_size
-DHparams_print
-DHparams_print_fp
-DSA_free
-DSA_generate_key
-DSA_generate_parameters
-DSA_is_prime
-DSA_new
-DSA_print
-DSA_print_fp
-DSA_sign
-DSA_sign_setup
-DSA_size
-DSA_verify
-DSAparams_print
-DSAparams_print_fp
-ERR_clear_error
-ERR_error_string
-ERR_free_strings
-ERR_func_error_string
-ERR_get_err_state_table
-ERR_get_error
-ERR_get_error_line
-ERR_get_next_error_library
-ERR_get_state
-ERR_get_string_table
-ERR_lib_error_string
-ERR_load_ASN1_strings
-ERR_load_BIO_strings
-ERR_load_BN_strings
-ERR_load_BUF_strings
-ERR_load_CONF_strings
-ERR_load_CRYPTO_strings
-ERR_load_DH_strings
-ERR_load_DSA_strings
-ERR_load_ERR_strings
-ERR_load_EVP_strings
-ERR_load_OBJ_strings
-ERR_load_PEM_strings
-ERR_load_PKCS7_strings
-ERR_load_PROXY_strings
-ERR_load_RSA_strings
-ERR_load_X509_strings
-ERR_load_crypto_strings
-ERR_load_strings
-ERR_peek_error
-ERR_peek_error_line
-ERR_print_errors
-ERR_print_errors_fp
-ERR_put_error
-ERR_reason_error_string
-ERR_remove_state
-EVP_BytesToKey
-EVP_CIPHER_CTX_cleanup
-EVP_CIPHER_CTX_init
-EVP_CipherFinal
-EVP_CipherInit
-EVP_CipherUpdate
-EVP_DecodeBlock
-EVP_DecodeFinal
-EVP_DecodeInit
-EVP_DecodeUpdate
-EVP_DecryptFinal
-EVP_DecryptInit
-EVP_DecryptUpdate
-EVP_DigestFinal
-EVP_DigestInit
-EVP_DigestUpdate
-EVP_EncodeBlock
-EVP_EncodeFinal
-EVP_EncodeInit
-EVP_EncodeUpdate
-EVP_EncryptFinal
-EVP_EncryptInit
-EVP_EncryptUpdate
-EVP_OpenFinal
-EVP_OpenInit
-EVP_PKEY_assign
-EVP_PKEY_bits
-EVP_PKEY_cmp_parameters
-EVP_PKEY_copy_parameters
-EVP_PKEY_free
-EVP_PKEY_missing_parameters
-EVP_PKEY_new
-EVP_PKEY_save_parameters
-EVP_PKEY_size
-EVP_PKEY_type
-EVP_SealFinal
-EVP_SealInit
-EVP_SignFinal
-EVP_VerifyFinal
-EVP_add_alias
-EVP_add_cipher
-EVP_add_digest
-EVP_bf_cbc
-EVP_bf_cfb
-EVP_bf_ecb
-EVP_bf_ofb
-EVP_cast5_cbc
-EVP_cast5_cfb
-EVP_cast5_ecb
-EVP_cast5_ofb
-EVP_cleanup
-EVP_delete_alias
-EVP_des_cbc
-EVP_des_cfb
-EVP_des_ecb
-EVP_des_ede
-EVP_des_ede3
-EVP_des_ede3_cbc
-EVP_des_ede3_cfb
-EVP_des_ede3_ofb
-EVP_des_ede_cbc
-EVP_des_ede_cfb
-EVP_des_ede_ofb
-EVP_des_ofb
-EVP_desx_cbc
-EVP_dss
-EVP_dss1
-EVP_enc_null
-EVP_get_cipherbyname
-EVP_get_digestbyname
-EVP_get_pw_prompt
-EVP_idea_cbc
-EVP_idea_cfb
-EVP_idea_ecb
-EVP_idea_ofb
-EVP_md2
-EVP_md5
-EVP_md_null
-EVP_mdc2
-EVP_rc2_40_cbc
-EVP_rc2_cbc
-EVP_rc2_cfb
-EVP_rc2_ecb
-EVP_rc2_ofb
-EVP_rc4
-EVP_rc4_40
-EVP_read_pw_string
-EVP_set_pw_prompt
-EVP_sha
-EVP_sha1
-HMAC
-HMAC_Final
-HMAC_Init
-HMAC_Update
-HMAC_cleanup
-MD2
-MD2_Final
-MD2_Init
-MD2_Update
-MD2_options
-MD5
-MD5_Final
-MD5_Init
-MD5_Transform
-MD5_Update
-MDC2
-MDC2_Final
-MDC2_Init
-MDC2_Update
-NETSCAPE_SPKAC_free
-NETSCAPE_SPKAC_new
-NETSCAPE_SPKI_free
-NETSCAPE_SPKI_new
-NETSCAPE_SPKI_sign
-NETSCAPE_SPKI_verify
-OBJ_add_object
-OBJ_bsearch
-OBJ_cleanup
-OBJ_cmp
-OBJ_create
-OBJ_create_objects
-OBJ_dup
-OBJ_ln2nid
-OBJ_new_nid
-OBJ_nid2ln
-OBJ_nid2obj
-OBJ_nid2sn
-OBJ_obj2nid
-OBJ_sn2nid
-OBJ_txt2nid
-PEM_ASN1_read
-PEM_ASN1_read_bio
-PEM_ASN1_write
-PEM_ASN1_write_bio
-PEM_SealFinal
-PEM_SealInit
-PEM_SealUpdate
-PEM_SignFinal
-PEM_SignInit
-PEM_SignUpdate
-PEM_X509_INFO_read
-PEM_X509_INFO_read_bio
-PEM_X509_INFO_write_bio
-PEM_dek_info
-PEM_do_header
-PEM_get_EVP_CIPHER_INFO
-PEM_proc_type
-PEM_read
-PEM_read_DHparams
-PEM_read_DSAPrivateKey
-PEM_read_DSAparams
-PEM_read_PKCS7
-PEM_read_PrivateKey
-PEM_read_RSAPrivateKey
-PEM_read_RSAPublicKey
-PEM_read_X509
-PEM_read_X509_CRL
-PEM_read_X509_REQ
-PEM_read_bio
-PEM_read_bio_DHparams
-PEM_read_bio_DSAPrivateKey
-PEM_read_bio_DSAparams
-PEM_read_bio_PKCS7
-PEM_read_bio_PrivateKey
-PEM_read_bio_RSAPrivateKey
-PEM_read_bio_RSAPublicKey
-PEM_read_bio_X509
-PEM_read_bio_X509_CRL
-PEM_read_bio_X509_REQ
-PEM_write
-PEM_write_DHparams
-PEM_write_DSAPrivateKey
-PEM_write_DSAparams
-PEM_write_PKCS7
-PEM_write_PrivateKey
-PEM_write_RSAPrivateKey
-PEM_write_RSAPublicKey
-PEM_write_X509
-PEM_write_X509_CRL
-PEM_write_X509_REQ
-PEM_write_bio
-PEM_write_bio_DHparams
-PEM_write_bio_DSAPrivateKey
-PEM_write_bio_DSAparams
-PEM_write_bio_PKCS7
-PEM_write_bio_PrivateKey
-PEM_write_bio_RSAPrivateKey
-PEM_write_bio_RSAPublicKey
-PEM_write_bio_X509
-PEM_write_bio_X509_CRL
-PEM_write_bio_X509_REQ
-PKCS7_DIGEST_free
-PKCS7_DIGEST_new
-PKCS7_ENCRYPT_free
-PKCS7_ENCRYPT_new
-PKCS7_ENC_CONTENT_free
-PKCS7_ENC_CONTENT_new
-PKCS7_ENVELOPE_free
-PKCS7_ENVELOPE_new
-PKCS7_ISSUER_AND_SERIAL_digest
-PKCS7_ISSUER_AND_SERIAL_free
-PKCS7_ISSUER_AND_SERIAL_new
-PKCS7_RECIP_INFO_free
-PKCS7_RECIP_INFO_new
-PKCS7_SIGNED_free
-PKCS7_SIGNED_new
-PKCS7_SIGNER_INFO_free
-PKCS7_SIGNER_INFO_new
-PKCS7_SIGNER_INFO_set
-PKCS7_SIGN_ENVELOPE_free
-PKCS7_SIGN_ENVELOPE_new
-PKCS7_add_certificate
-PKCS7_add_crl
-PKCS7_add_signature
-PKCS7_add_signer
-PKCS7_cert_from_signer_info
-PKCS7_content_free
-PKCS7_content_new
-PKCS7_ctrl
-PKCS7_dataInit
-PKCS7_dataSign
-PKCS7_dataVerify
-PKCS7_dup
-PKCS7_free
-PKCS7_get_signer_info
-PKCS7_new
-PKCS7_set_content
-PKCS7_set_type
-PROXY_ENTRY_add_noproxy
-PROXY_ENTRY_clear_noproxy
-PROXY_ENTRY_free
-PROXY_ENTRY_get_noproxy
-PROXY_ENTRY_new
-PROXY_ENTRY_set_server
-PROXY_add_noproxy
-PROXY_add_server
-PROXY_check_by_host
-PROXY_check_url
-PROXY_clear_noproxy
-PROXY_free
-PROXY_get_noproxy
-PROXY_get_proxies
-PROXY_get_proxy_entry
-PROXY_load_conf
-PROXY_new
-PROXY_print
-RAND_bytes
-RAND_cleanup
-RAND_file_name
-RAND_load_file
-RAND_seed
-RAND_write_file
-RC2_cbc_encrypt
-RC2_cfb64_encrypt
-RC2_decrypt
-RC2_ecb_encrypt
-RC2_encrypt
-RC2_ofb64_encrypt
-RC2_set_key
-RC4
-RC4_options
-RC4_set_key
-RC5_32_cbc_encrypt
-RC5_32_cfb64_encrypt
-RC5_32_decrypt
-RC5_32_ecb_encrypt
-RC5_32_encrypt
-RC5_32_ofb64_encrypt
-RC5_32_set_key
-RIPEMD160
-RIPEMD160_Final
-RIPEMD160_Init
-RIPEMD160_Transform
-RIPEMD160_Update
-RSAPrivateKey_asn1_meth
-RSAPrivateKey_dup
-RSAPublicKey_dup
-RSA_PKCS1_SSLeay
-RSA_blinding_off
-RSA_blinding_on
-RSA_flags
-RSA_free
-RSA_generate_key
-RSA_get_ex_data
-RSA_get_ex_new_index
-RSA_new
-RSA_new_method
-RSA_padding_add_PKCS1_type_1
-RSA_padding_add_PKCS1_type_2
-RSA_padding_add_SSLv23
-RSA_padding_add_none
-RSA_padding_check_PKCS1_type_1
-RSA_padding_check_PKCS1_type_2
-RSA_padding_check_SSLv23
-RSA_padding_check_none
-RSA_print
-RSA_print_fp
-RSA_private_decrypt
-RSA_private_encrypt
-RSA_public_decrypt
-RSA_public_encrypt
-RSA_set_default_method
-RSA_set_ex_data
-RSA_sign
-RSA_sign_ASN1_OCTET_STRING
-RSA_size
-RSA_verify
-RSA_verify_ASN1_OCTET_STRING
-SHA
-SHA1
-SHA1_Final
-SHA1_Init
-SHA1_Transform
-SHA1_Update
-SHA_Final
-SHA_Init
-SHA_Transform
-SHA_Update
-SSLeay
-SSLeay_add_all_algorithms
-SSLeay_add_all_ciphers
-SSLeay_add_all_digests
-SSLeay_version
-TXT_DB_create_index
-TXT_DB_free
-TXT_DB_get_by_index
-TXT_DB_insert
-TXT_DB_read
-TXT_DB_write
-X509_ALGOR_free
-X509_ALGOR_new
-X509_ATTRIBUTE_free
-X509_ATTRIBUTE_new
-X509_CINF_free
-X509_CINF_new
-X509_CRL_INFO_free
-X509_CRL_INFO_new
-X509_CRL_add_ext
-X509_CRL_cmp
-X509_CRL_delete_ext
-X509_CRL_dup
-X509_CRL_free
-X509_CRL_get_ext
-X509_CRL_get_ext_by_NID
-X509_CRL_get_ext_by_OBJ
-X509_CRL_get_ext_by_critical
-X509_CRL_get_ext_count
-X509_CRL_new
-X509_CRL_sign
-X509_CRL_verify
-X509_EXTENSION_create_by_NID
-X509_EXTENSION_create_by_OBJ
-X509_EXTENSION_dup
-X509_EXTENSION_free
-X509_EXTENSION_get_critical
-X509_EXTENSION_get_data
-X509_EXTENSION_get_object
-X509_EXTENSION_new
-X509_EXTENSION_set_critical
-X509_EXTENSION_set_data
-X509_EXTENSION_set_object
-X509_INFO_free
-X509_INFO_new
-X509_LOOKUP_by_alias
-X509_LOOKUP_by_fingerprint
-X509_LOOKUP_by_issuer_serial
-X509_LOOKUP_by_subject
-X509_LOOKUP_ctrl
-X509_LOOKUP_file
-X509_LOOKUP_free
-X509_LOOKUP_hash_dir
-X509_LOOKUP_init
-X509_LOOKUP_new
-X509_LOOKUP_shutdown
-X509_NAME_ENTRY_create_by_NID
-X509_NAME_ENTRY_create_by_OBJ
-X509_NAME_ENTRY_dup
-X509_NAME_ENTRY_free
-X509_NAME_ENTRY_get_data
-X509_NAME_ENTRY_get_object
-X509_NAME_ENTRY_new
-X509_NAME_ENTRY_set_data
-X509_NAME_ENTRY_set_object
-X509_NAME_add_entry
-X509_NAME_cmp
-X509_NAME_delete_entry
-X509_NAME_digest
-X509_NAME_dup
-X509_NAME_entry_count
-X509_NAME_free
-X509_NAME_get_entry
-X509_NAME_get_index_by_NID
-X509_NAME_get_index_by_OBJ
-X509_NAME_get_text_by_NID
-X509_NAME_get_text_by_OBJ
-X509_NAME_hash
-X509_NAME_new
-X509_NAME_oneline
-X509_NAME_print
-X509_NAME_set
-X509_OBJECT_free_contents
-X509_OBJECT_retrive_by_subject
-X509_OBJECT_up_ref_count
-X509_PKEY_free
-X509_PKEY_new
-X509_PUBKEY_free
-X509_PUBKEY_get
-X509_PUBKEY_new
-X509_PUBKEY_set
-X509_REQ_INFO_free
-X509_REQ_INFO_new
-X509_REQ_dup
-X509_REQ_free
-X509_REQ_get_pubkey
-X509_REQ_new
-X509_REQ_print
-X509_REQ_print_fp
-X509_REQ_set_pubkey
-X509_REQ_set_subject_name
-X509_REQ_set_version
-X509_REQ_sign
-X509_REQ_to_X509
-X509_REQ_verify
-X509_REVOKED_add_ext
-X509_REVOKED_delete_ext
-X509_REVOKED_free
-X509_REVOKED_get_ext
-X509_REVOKED_get_ext_by_NID
-X509_REVOKED_get_ext_by_OBJ
-X509_REVOKED_get_ext_by_critical
-X509_REVOKED_get_ext_count
-X509_REVOKED_new
-X509_SIG_free
-X509_SIG_new
-X509_STORE_CTX_cleanup
-X509_STORE_CTX_get_chain
-X509_STORE_CTX_get_current_cert
-X509_STORE_CTX_get_error
-X509_STORE_CTX_get_error_depth
-X509_STORE_CTX_get_ex_data
-X509_STORE_CTX_get_ex_new_index
-X509_STORE_CTX_init
-X509_STORE_CTX_set_cert
-X509_STORE_CTX_set_chain
-X509_STORE_CTX_set_error
-X509_STORE_CTX_set_ex_data
-X509_STORE_add_cert
-X509_STORE_add_crl
-X509_STORE_add_lookup
-X509_STORE_free
-X509_STORE_get_by_subject
-X509_STORE_load_locations
-X509_STORE_new
-X509_STORE_set_default_paths
-X509_VAL_free
-X509_VAL_new
-X509_add_ext
-X509_asn1_meth
-X509_certificate_type
-X509_check_private_key
-X509_cmp_current_time
-X509_delete_ext
-X509_digest
-X509_dup
-X509_find_by_issuer_and_serial
-X509_find_by_subject
-X509_free
-X509_get_default_cert_area
-X509_get_default_cert_dir
-X509_get_default_cert_dir_env
-X509_get_default_cert_file
-X509_get_default_cert_file_env
-X509_get_default_private_dir
-X509_get_ext
-X509_get_ext_by_NID
-X509_get_ext_by_OBJ
-X509_get_ext_by_critical
-X509_get_ext_count
-X509_get_issuer_name
-X509_get_pubkey
-X509_get_pubkey_parameters
-X509_get_serialNumber
-X509_get_subject_name
-X509_gmtime_adj
-X509_issuer_and_serial_cmp
-X509_issuer_and_serial_hash
-X509_issuer_name_cmp
-X509_issuer_name_hash
-X509_load_cert_file
-X509_load_crl_file
-X509_new
-X509_print
-X509_print_fp
-X509_set_issuer_name
-X509_set_notAfter
-X509_set_notBefore
-X509_set_pubkey
-X509_set_serialNumber
-X509_set_subject_name
-X509_set_version
-X509_sign
-X509_subject_name_cmp
-X509_subject_name_hash
-X509_to_X509_REQ
-X509_verify
-X509_verify_cert
-X509_verify_cert_error_string
-X509v3_add_ext
-X509v3_add_extension
-X509v3_add_netscape_extensions
-X509v3_add_standard_extensions
-X509v3_cleanup_extensions
-X509v3_data_type_by_NID
-X509v3_data_type_by_OBJ
-X509v3_delete_ext
-X509v3_get_ext
-X509v3_get_ext_by_NID
-X509v3_get_ext_by_OBJ
-X509v3_get_ext_by_critical
-X509v3_get_ext_count
-X509v3_get_key_usage
-X509v3_pack_string
-X509v3_pack_type_by_NID
-X509v3_pack_type_by_OBJ
-X509v3_set_key_usage
-X509v3_unpack_string
-_des_crypt
-a2d_ASN1_OBJECT
-a2i_ASN1_INTEGER
-a2i_ASN1_STRING
-a2i_X509v3_key_usage
-asn1_Finish
-asn1_GetSequence
-bn_add_words
-bn_div64
-bn_expand2
-bn_mul_add_words
-bn_mul_words
-bn_qadd
-bn_qsub
-bn_sqr_words
-crypt
-d2i_ASN1_BIT_STRING
-d2i_ASN1_BOOLEAN
-d2i_ASN1_HEADER
-d2i_ASN1_IA5STRING
-d2i_ASN1_INTEGER
-d2i_ASN1_OBJECT
-d2i_ASN1_OCTET_STRING
-d2i_ASN1_PRINTABLE
-d2i_ASN1_PRINTABLESTRING
-d2i_ASN1_SET
-d2i_ASN1_T61STRING
-d2i_ASN1_TYPE
-d2i_ASN1_UTCTIME
-d2i_ASN1_bytes
-d2i_ASN1_type_bytes
-d2i_DHparams
-d2i_DSAPrivateKey
-d2i_DSAPrivateKey_bio
-d2i_DSAPrivateKey_fp
-d2i_DSAPublicKey
-d2i_DSAparams
-d2i_NETSCAPE_SPKAC
-d2i_NETSCAPE_SPKI
-d2i_Netscape_RSA
-d2i_Netscape_RSA_2
-d2i_PKCS7
-d2i_PKCS7_DIGEST
-d2i_PKCS7_ENCRYPT
-d2i_PKCS7_ENC_CONTENT
-d2i_PKCS7_ENVELOPE
-d2i_PKCS7_ISSUER_AND_SERIAL
-d2i_PKCS7_RECIP_INFO
-d2i_PKCS7_SIGNED
-d2i_PKCS7_SIGNER_INFO
-d2i_PKCS7_SIGN_ENVELOPE
-d2i_PKCS7_bio
-d2i_PKCS7_fp
-d2i_PrivateKey
-d2i_PublicKey
-d2i_RSAPrivateKey
-d2i_RSAPrivateKey_bio
-d2i_RSAPrivateKey_fp
-d2i_RSAPublicKey
-d2i_RSAPublicKey_bio
-d2i_RSAPublicKey_fp
-d2i_X509
-d2i_X509_ALGOR
-d2i_X509_ATTRIBUTE
-d2i_X509_CINF
-d2i_X509_CRL
-d2i_X509_CRL_INFO
-d2i_X509_CRL_bio
-d2i_X509_CRL_fp
-d2i_X509_EXTENSION
-d2i_X509_NAME
-d2i_X509_NAME_ENTRY
-d2i_X509_PKEY
-d2i_X509_PUBKEY
-d2i_X509_REQ
-d2i_X509_REQ_INFO
-d2i_X509_REQ_bio
-d2i_X509_REQ_fp
-d2i_X509_REVOKED
-d2i_X509_SIG
-d2i_X509_VAL
-d2i_X509_bio
-d2i_X509_fp
-des_cbc_cksum
-des_cbc_encrypt
-des_cblock_print_file
-des_cfb64_encrypt
-des_cfb_encrypt
-des_decrypt3
-des_ecb3_encrypt
-des_ecb_encrypt
-des_ede3_cbc_encrypt
-des_ede3_cfb64_encrypt
-des_ede3_ofb64_encrypt
-des_enc_read
-des_enc_write
-des_encrypt
-des_encrypt2
-des_encrypt3
-des_fcrypt
-des_is_weak_key
-des_key_sched
-des_ncbc_encrypt
-des_ofb64_encrypt
-des_ofb_encrypt
-des_options
-des_pcbc_encrypt
-des_quad_cksum
-des_random_key
-des_random_seed
-des_read_2passwords
-des_read_password
-des_read_pw
-des_read_pw_string
-des_set_key
-des_set_odd_parity
-des_string_to_2keys
-des_string_to_key
-des_xcbc_encrypt
-des_xwhite_in2out
-fcrypt_body
-i2a_ASN1_INTEGER
-i2a_ASN1_OBJECT
-i2a_ASN1_STRING
-i2a_X509v3_key_usage
-i2d_ASN1_BIT_STRING
-i2d_ASN1_BOOLEAN
-i2d_ASN1_HEADER
-i2d_ASN1_IA5STRING
-i2d_ASN1_INTEGER
-i2d_ASN1_OBJECT
-i2d_ASN1_OCTET_STRING
-i2d_ASN1_PRINTABLE
-i2d_ASN1_SET
-i2d_ASN1_TYPE
-i2d_ASN1_UTCTIME
-i2d_ASN1_bytes
-i2d_DHparams
-i2d_DSAPrivateKey
-i2d_DSAPrivateKey_bio
-i2d_DSAPrivateKey_fp
-i2d_DSAPublicKey
-i2d_DSAparams
-i2d_NETSCAPE_SPKAC
-i2d_NETSCAPE_SPKI
-i2d_Netscape_RSA
-i2d_PKCS7
-i2d_PKCS7_DIGEST
-i2d_PKCS7_ENCRYPT
-i2d_PKCS7_ENC_CONTENT
-i2d_PKCS7_ENVELOPE
-i2d_PKCS7_ISSUER_AND_SERIAL
-i2d_PKCS7_RECIP_INFO
-i2d_PKCS7_SIGNED
-i2d_PKCS7_SIGNER_INFO
-i2d_PKCS7_SIGN_ENVELOPE
-i2d_PKCS7_bio
-i2d_PKCS7_fp
-i2d_PrivateKey
-i2d_PublicKey
-i2d_RSAPrivateKey
-i2d_RSAPrivateKey_bio
-i2d_RSAPrivateKey_fp
-i2d_RSAPublicKey
-i2d_RSAPublicKey_bio
-i2d_RSAPublicKey_fp
-i2d_X509
-i2d_X509_ALGOR
-i2d_X509_ATTRIBUTE
-i2d_X509_CINF
-i2d_X509_CRL
-i2d_X509_CRL_INFO
-i2d_X509_CRL_bio
-i2d_X509_CRL_fp
-i2d_X509_EXTENSION
-i2d_X509_NAME
-i2d_X509_NAME_ENTRY
-i2d_X509_PKEY
-i2d_X509_PUBKEY
-i2d_X509_REQ
-i2d_X509_REQ_INFO
-i2d_X509_REQ_bio
-i2d_X509_REQ_fp
-i2d_X509_REVOKED
-i2d_X509_SIG
-i2d_X509_VAL
-i2d_X509_bio
-i2d_X509_fp
-i2t_ASN1_OBJECT
-idea_cbc_encrypt
-idea_cfb64_encrypt
-idea_ecb_encrypt
-idea_encrypt
-idea_ofb64_encrypt
-idea_options
-idea_set_decrypt_key
-idea_set_encrypt_key
-lh_delete
-lh_doall
-lh_doall_arg
-lh_free
-lh_insert
-lh_new
-lh_node_stats
-lh_node_stats_bio
-lh_node_usage_stats
-lh_node_usage_stats_bio
-lh_retrieve
-lh_stats
-lh_stats_bio
-lh_strhash
-ripemd160_block
-sha1_block
-sha_block
-sk_delete
-sk_delete_ptr
-sk_dup
-sk_find
-sk_free
-sk_insert
-sk_new
-sk_pop
-sk_pop_free
-sk_push
-sk_set_cmp_func
-sk_shift
-sk_unshift
-sk_zero
diff --git a/crypto/openssl/dep/files b/crypto/openssl/dep/files
deleted file mode 100644
index 85cd7a3ff93f..000000000000
--- a/crypto/openssl/dep/files
+++ /dev/null
@@ -1,566 +0,0 @@
-./e_os.h
-
-./crypto/cryptall.h		CRYPTO
-./crypto/cryptlib.h		CRYPTO
-./crypto/crypto.c		CRYPTO
-./crypto/cversion.c		CRYPTO
-./crypto/date.h			CRYPTO
-./crypto/mem.c			CRYPTO
-./crypto/cpt_err.c		CRYPTO
-./crypto/ex_data.c		CRYPTO
-./crypto/crypto.h		CRYPTO
-./crypto/cryptlib.c		CRYPTO
-./crypto/tmdiff.c		CRYPTO
-
-./crypto/asn1/asn1.h		ASN1
-./crypto/asn1/asn1_mac.h	ASN1
-./crypto/asn1/asn1_err.c	ASN1
-./crypto/asn1/asn1_lib.c	ASN1
-./crypto/asn1/asn1_par.c	ASN1
-./crypto/asn1/a_bitstr.c	ASN1
-./crypto/asn1/a_bmp.c		ASN1
-./crypto/asn1/a_bool.c		ASN1
-./crypto/asn1/a_bytes.c		ASN1
-./crypto/asn1/a_d2i_fp.c	ASN1
-./crypto/asn1/a_digest.c	ASN1
-./crypto/asn1/a_dup.c		ASN1
-./crypto/asn1/a_hdr.c		ASN1
-./crypto/asn1/a_i2d_fp.c	ASN1
-./crypto/asn1/a_int.c		ASN1
-./crypto/asn1/a_meth.c		ASN1
-./crypto/asn1/a_object.c	ASN1
-./crypto/asn1/a_octet.c		ASN1
-./crypto/asn1/a_print.c		ASN1
-./crypto/asn1/a_set.c		ASN1
-./crypto/asn1/a_sign.c		ASN1
-./crypto/asn1/a_type.c		ASN1
-./crypto/asn1/a_utctm.c		ASN1
-./crypto/asn1/a_verify.c	ASN1
-./crypto/asn1/d2i_dhp.c		ASN1
-./crypto/asn1/d2i_dsap.c	ASN1
-./crypto/asn1/d2i_pr.c		ASN1
-./crypto/asn1/d2i_pu.c		ASN1
-./crypto/asn1/d2i_r_pr.c	ASN1
-./crypto/asn1/d2i_r_pu.c	ASN1
-./crypto/asn1/d2i_s_pr.c	ASN1
-./crypto/asn1/d2i_s_pu.c	ASN1
-./crypto/asn1/f_int.c		ASN1
-./crypto/asn1/f_string.c	ASN1
-./crypto/asn1/i2d_dhp.c		ASN1
-./crypto/asn1/i2d_dsap.c	ASN1
-./crypto/asn1/i2d_pr.c		ASN1
-./crypto/asn1/i2d_pu.c		ASN1
-./crypto/asn1/i2d_r_pr.c	ASN1
-./crypto/asn1/i2d_r_pu.c	ASN1
-./crypto/asn1/i2d_s_pr.c	ASN1
-./crypto/asn1/i2d_s_pu.c	ASN1
-./crypto/asn1/n_pkey.c		ASN1
-./crypto/asn1/p7_dgst.c		ASN1
-./crypto/asn1/p7_enc.c		ASN1
-./crypto/asn1/p7_enc_c.c	ASN1
-./crypto/asn1/p7_evp.c		ASN1
-./crypto/asn1/p7_i_s.c		ASN1
-./crypto/asn1/p7_lib.c		ASN1
-./crypto/asn1/p7_recip.c	ASN1
-./crypto/asn1/p7_signd.c	ASN1
-./crypto/asn1/p7_signi.c	ASN1
-./crypto/asn1/p7_s_e.c		ASN1
-./crypto/asn1/pk.c		ASN1
-./crypto/asn1/pkcs8.c		ASN1
-./crypto/asn1/t_pkey.c		ASN1
-./crypto/asn1/t_req.c		ASN1
-./crypto/asn1/t_x509.c		ASN1
-./crypto/asn1/x_algor.c		ASN1
-./crypto/asn1/x_attrib.c	ASN1
-./crypto/asn1/x_cinf.c		ASN1
-./crypto/asn1/x_crl.c		ASN1
-./crypto/asn1/x_exten.c		ASN1
-./crypto/asn1/x_info.c		ASN1
-./crypto/asn1/x_name.c		ASN1
-./crypto/asn1/x_pkey.c		ASN1
-./crypto/asn1/x_pubkey.c	ASN1
-./crypto/asn1/x_req.c		ASN1
-./crypto/asn1/x_sig.c		ASN1
-./crypto/asn1/x_spki.c		ASN1
-./crypto/asn1/x_val.c		ASN1
-./crypto/asn1/x_x509.c		ASN1
-
-./crypto/bf/blowfish.h		BF
-./crypto/bf/bf_pi.h		BF
-./crypto/bf/bf_locl.h		BF
-./crypto/bf/bfspeed.c		BF
-./crypto/bf/bftest.c		BF
-./crypto/bf/bf_cbc.c		BF
-./crypto/bf/bf_cfb64.c		BF
-./crypto/bf/bf_ecb.c		BF
-./crypto/bf/bf_enc.c		BF
-./crypto/bf/bf_ofb64.c		BF
-./crypto/bf/bf_opts.c		BF
-./crypto/bf/bf_skey.c		BF
-
-./crypto/bio/bio.h		BIO
-./crypto/bio/bf_buff.c		BIO
-./crypto/bio/bf_nbio.c		BIO
-./crypto/bio/bf_null.c		BIO
-./crypto/bio/bio_cb.c		BIO
-./crypto/bio/bio_err.c		BIO
-./crypto/bio/bio_lib.c		BIO
-./crypto/bio/bss_acpt.c		BIO
-./crypto/bio/bss_conn.c		BIO
-./crypto/bio/bss_fd.c		BIO
-./crypto/bio/bss_file.c		BIO
-./crypto/bio/bss_mem.c		BIO
-./crypto/bio/bss_null.c		BIO
-./crypto/bio/bss_rtcp.c		BIO
-./crypto/bio/bss_sock.c		BIO
-./crypto/bio/b_dump.c		BIO
-./crypto/bio/b_print.c		BIO
-./crypto/bio/b_sock.c		BIO
-
-./crypto/bn/bn.h		BN
-./crypto/bn/bn_lcl.h		BN
-./crypto/bn/bn_prime.h		BN
-./crypto/bn/bnspeed.c		BN
-./crypto/bn/bntest.c		BN
-./crypto/bn/bn_add.c		BN
-./crypto/bn/bn_bld.c		BN
-./crypto/bn/bn_blind.c		BN
-./crypto/bn/bn_div.c		BN
-./crypto/bn/bn_err.c		BN
-./crypto/bn/bn_exp.c		BN
-./crypto/bn/bn_gcd.c		BN
-./crypto/bn/bn_lib.c		BN
-./crypto/bn/bn_mod.c		BN
-./crypto/bn/bn_mont.c		BN
-./crypto/bn/bn_mul.c		BN
-./crypto/bn/bn_mulw.c		BN
-./crypto/bn/bn_prime.c		BN
-./crypto/bn/bn_print.c		BN
-./crypto/bn/bn_rand.c		BN
-./crypto/bn/bn_recp.c		BN
-./crypto/bn/bn_shift.c		BN
-./crypto/bn/bn_sqr.c		BN
-./crypto/bn/bn_sub.c		BN
-./crypto/bn/bn_word.c		BN
-./crypto/bn/bn_m.c		BN
-./crypto/bn/m.c			BN
-./crypto/bn/expspeed.c		BN
-./crypto/bn/bn_mpi.c		BN
-./crypto/bn/exptest.c		BN
-
-./crypto/buffer/buffer.c	BUFF
-./crypto/buffer/buffer.h	BUFF
-./crypto/buffer/buf_err.c	BUFF
-
-./crypto/cast/cast.h		CAST
-./crypto/cast/castopts.c	CAST
-./crypto/cast/casttest.c	CAST
-./crypto/cast/cast_lcl.h	CAST
-./crypto/cast/cast_s.h		CAST
-./crypto/cast/cast_spd.c	CAST
-./crypto/cast/c_cfb64.c		CAST
-./crypto/cast/c_ecb.c		CAST
-./crypto/cast/c_enc.c		CAST
-./crypto/cast/c_ofb64.c		CAST
-./crypto/cast/c_skey.c		CAST
-
-./crypto/conf/conf_lcl.h	CONF
-./crypto/conf/cnf_save.c	CONF
-./crypto/conf/conf.c		CONF
-./crypto/conf/conf.h		CONF
-./crypto/conf/conf_err.c	CONF
-
-./crypto/des/des.h		DES
-./crypto/des/des_locl.h		DES
-./crypto/des/spr.h		DES
-./crypto/des/podd.h		DES
-./crypto/des/sk.h		DES
-./crypto/des/cbc3_enc.c		DES
-./crypto/des/cbc_cksm.c		DES
-./crypto/des/cbc_enc.c		DES
-./crypto/des/cfb64ede.c		DES
-./crypto/des/cfb64enc.c		DES
-./crypto/des/cfb_enc.c		DES
-./crypto/des/des.c		DES
-./crypto/des/destest.c		DES
-./crypto/des/des_enc.c		DES
-./crypto/des/des_opts.c		DES
-./crypto/des/des_ver.h		DES
-./crypto/des/ecb3_enc.c		DES
-./crypto/des/ecb_enc.c		DES
-./crypto/des/ede_enc.c		DES
-./crypto/des/enc_read.c		DES
-./crypto/des/enc_writ.c		DES
-./crypto/des/fcrypt.c		DES
-./crypto/des/fcrypt_b.c		DES
-./crypto/des/ncbc_enc.c		DES
-./crypto/des/ofb64ede.c		DES
-./crypto/des/ofb64enc.c		DES
-./crypto/des/ofb_enc.c		DES
-./crypto/des/pcbc_enc.c		DES
-./crypto/des/qud_cksm.c		DES
-./crypto/des/rand_key.c		DES
-./crypto/des/read2pwd.c		DES
-./crypto/des/read_pwd.c		DES
-./crypto/des/rpc_des.h		DES
-./crypto/des/rpc_enc.c		DES
-./crypto/des/rpw.c		DES
-./crypto/des/set_key.c		DES
-./crypto/des/str2key.c		DES
-./crypto/des/supp.c		DES
-./crypto/des/xcbc_enc.c		DES
-
-./crypto/dh/dh.h		DH
-./crypto/dh/dh_check.c		DH
-./crypto/dh/dh_err.c		DH
-./crypto/dh/dh_gen.c		DH
-./crypto/dh/dh_key.c		DH
-./crypto/dh/dh_lib.c		DH
-./crypto/dh/p1024.c		DH
-./crypto/dh/p192.c		DH
-./crypto/dh/p512.c		DH
-./crypto/dh/dhtest.c		DH
-
-./crypto/dsa/dsa.h		DSA
-./crypto/dsa/dsagen.c		DSA
-./crypto/dsa/dsa_err.c		DSA
-./crypto/dsa/dsa_gen.c		DSA
-./crypto/dsa/dsa_key.c		DSA
-./crypto/dsa/dsa_lib.c		DSA
-./crypto/dsa/dsa_sign.c		DSA
-./crypto/dsa/dsa_vrf.c		DSA
-./crypto/dsa/dsatest.c		DSA
-
-./crypto/err/err.c		ERR
-./crypto/err/err.h		ERR
-./crypto/err/err_all.c		ERR
-./crypto/err/err_prn.c		ERR
-
-./crypto/evp/evp.h		EVP
-./crypto/evp/bio_b64.c		EVP
-./crypto/evp/bio_enc.c		EVP
-./crypto/evp/bio_md.c		EVP
-./crypto/evp/c_all.c		EVP
-./crypto/evp/digest.c		EVP
-./crypto/evp/encode.c		EVP
-./crypto/evp/evp_enc.c		EVP
-./crypto/evp/evp_err.c		EVP
-./crypto/evp/evp_key.c		EVP
-./crypto/evp/e_cbc_3d.c		EVP
-./crypto/evp/e_cbc_bf.c		EVP
-./crypto/evp/e_cbc_c.c		EVP
-./crypto/evp/e_cbc_d.c		EVP
-./crypto/evp/e_cbc_i.c		EVP
-./crypto/evp/e_cbc_r2.c		EVP
-./crypto/evp/e_cfb_3d.c		EVP
-./crypto/evp/e_cfb_bf.c		EVP
-./crypto/evp/e_cfb_c.c		EVP
-./crypto/evp/e_cfb_d.c		EVP
-./crypto/evp/e_cfb_i.c		EVP
-./crypto/evp/e_cfb_r2.c		EVP
-./crypto/evp/e_dsa.c		EVP
-./crypto/evp/e_ecb_3d.c		EVP
-./crypto/evp/e_ecb_bf.c		EVP
-./crypto/evp/e_ecb_c.c		EVP
-./crypto/evp/e_ecb_d.c		EVP
-./crypto/evp/e_ecb_i.c		EVP
-./crypto/evp/e_ecb_r2.c		EVP
-./crypto/evp/e_null.c		EVP
-./crypto/evp/e_ofb_3d.c		EVP
-./crypto/evp/e_ofb_bf.c		EVP
-./crypto/evp/e_ofb_c.c		EVP
-./crypto/evp/e_ofb_d.c		EVP
-./crypto/evp/e_ofb_i.c		EVP
-./crypto/evp/e_ofb_r2.c		EVP
-./crypto/evp/e_rc4.c		EVP
-./crypto/evp/e_xcbc_d.c		EVP
-./crypto/evp/m_dss.c		EVP
-./crypto/evp/m_dss1.c		EVP
-./crypto/evp/m_md2.c		EVP
-./crypto/evp/m_md5.c		EVP
-./crypto/evp/m_mdc2.c		EVP
-./crypto/evp/m_null.c		EVP
-./crypto/evp/m_sha.c		EVP
-./crypto/evp/m_sha1.c		EVP
-./crypto/evp/names.c		EVP
-./crypto/evp/p_lib.c		EVP
-./crypto/evp/p_open.c		EVP
-./crypto/evp/p_seal.c		EVP
-./crypto/evp/p_sign.c		EVP
-./crypto/evp/p_verify.c		EVP
-
-./crypto/hmac/hmac.c		HMAC
-./crypto/hmac/hmac.h		HMAC
-./crypto/hmac/hmactest.c	HMAC
-
-./crypto/idea/ideatest.c	IDEA
-./crypto/idea/idea_lcl.h	IDEA
-./crypto/idea/idea_spd.c	IDEA
-./crypto/idea/i_cbc.c		IDEA
-./crypto/idea/i_cfb64.c		IDEA
-./crypto/idea/i_ecb.c		IDEA
-./crypto/idea/i_ofb64.c		IDEA
-./crypto/idea/i_skey.c		IDEA
-./crypto/idea/idea.h		IDEA
-
-./crypto/lhash/lhash.c		LHASH
-./crypto/lhash/lhash.h		LHASH
-./crypto/lhash/lh_stats.c	LHASH
-./crypto/lhash/lh_test.c	LHASH
-
-./crypto/md2/md2.c		MD2
-./crypto/md2/md2test.c		MD2
-./crypto/md2/md2_dgst.c		MD2
-./crypto/md2/md2_one.c		MD2
-./crypto/md2/md2.h		MD2
-
-./crypto/md5/md5.c		MD5
-./crypto/md5/md5.h		MD5
-./crypto/md5/md5test.c		MD5
-./crypto/md5/md5_dgst.c		MD5
-./crypto/md5/md5_locl.h		MD5
-./crypto/md5/md5_one.c		MD5
-
-./crypto/mdc2/mdc2.h		MDC2
-./crypto/mdc2/mdc2dgst.c	MDC2
-./crypto/mdc2/mdc2test.c	MDC2
-./crypto/mdc2/mdc2_one.c	MDC2
-
-./crypto/objects/objects.h	OBJ
-./crypto/objects/obj_dat.c	OBJ
-./crypto/objects/obj_dat.h	OBJ
-./crypto/objects/obj_err.c	OBJ
-./crypto/objects/obj_lib.c	OBJ
-
-./crypto/pem/ctx_size.c		PEM
-./crypto/pem/pem.h		PEM
-./crypto/pem/pem_all.c		PEM
-./crypto/pem/pem_err.c		PEM
-./crypto/pem/pem_info.c		PEM
-./crypto/pem/pem_lib.c		PEM
-./crypto/pem/pem_seal.c		PEM
-./crypto/pem/pem_sign.c		PEM
-
-./crypto/pkcs7/pk7_dgst.c	PKCS7
-./crypto/pkcs7/pk7_doit.c	PKCS7
-./crypto/pkcs7/pk7_enc.c	PKCS7
-./crypto/pkcs7/pk7_lib.c	PKCS7
-./crypto/pkcs7/pkcs7.h		PKCS7
-./crypto/pkcs7/pkcs7err.c	PKCS7
-./crypto/pkcs7/sign.c		PKCS7
-
-./crypto/proxy/bf_proxy.c	PROXY
-./crypto/proxy/p2test.c		PROXY
-./crypto/proxy/p3test.c		PROXY
-./crypto/proxy/paccept.c	PROXY
-./crypto/proxy/proxy.c		PROXY
-./crypto/proxy/proxy.h		PROXY
-./crypto/proxy/ptest.c		PROXY
-./crypto/proxy/pxy_conf.c	PROXY
-./crypto/proxy/pxy_err.c	PROXY
-./crypto/proxy/pxy_txt.c	PROXY
-
-./crypto/rand/md_rand.c		RAND
-./crypto/rand/rand.h		RAND
-./crypto/rand/randfile.c	RAND
-./crypto/rand/randtest.c	RAND
-
-./crypto/rc2/rc2cfb64.c		RC2
-./crypto/rc2/rc2ofb64.c		RC2
-./crypto/rc2/rc2speed.c		RC2
-./crypto/rc2/rc2test.c		RC2
-./crypto/rc2/rc2_cbc.c		RC2
-./crypto/rc2/rc2_ecb.c		RC2
-./crypto/rc2/rc2_locl.h		RC2
-./crypto/rc2/rc2_skey.c		RC2
-./crypto/rc2/rc2.h		RC2
-
-./crypto/rc4/rc4.c		RC4
-./crypto/rc4/rc4speed.c		RC4
-./crypto/rc4/rc4test.c		RC4
-./crypto/rc4/rc4_enc.c		RC4
-./crypto/rc4/rc4_skey.c		RC4
-./crypto/rc4/rc4.h		RC4
-./crypto/rc4/rc4_locl.h		RC4
-
-./crypto/rsa/rsa.h		RSA
-./crypto/rsa/rsa_eay.c		RSA
-./crypto/rsa/rsa_err.c		RSA
-./crypto/rsa/rsa_gen.c		RSA
-./crypto/rsa/rsa_lib.c		RSA
-./crypto/rsa/rsa_saos.c		RSA
-./crypto/rsa/rsa_sign.c		RSA
-./crypto/rsa/rsa_ssl.c		RSA
-./crypto/rsa/rsa_pk1.c		RSA
-./crypto/rsa/rsa_none.c		RSA
-
-./crypto/sha/sha.h		SHA
-./crypto/sha/sha_locl.h		SHA
-./crypto/sha/sha.c		SHA0
-./crypto/sha/sha_dgst.c		SHA0
-./crypto/sha/sha_one.c		SHA0
-./crypto/sha/sha_sgst.c		SHA0
-./crypto/sha/shatest.c		SHA0
-./crypto/sha/sha1.c		SHA1
-./crypto/sha/sha1dgst.c		SHA1
-./crypto/sha/sha1_one.c		SHA1
-./crypto/sha/sha1test.c		SHA1
-
-./crypto/stack/stack.c		STACK
-./crypto/stack/stack.h		STACK
-
-./crypto/txt_db/txt_db.c	TXTDB
-./crypto/txt_db/txt_db.h	TXTDB
-
-./crypto/x509/by_dir.c		X509
-./crypto/x509/by_file.c		X509
-./crypto/x509/v3_net.c		X509
-./crypto/x509/v3_x509.c		X509
-./crypto/x509/x509.h		X509
-./crypto/x509/x509name.c	X509
-./crypto/x509/x509pack.c	X509
-./crypto/x509/x509rset.c	X509
-./crypto/x509/x509type.c	X509
-./crypto/x509/x509_cmp.c	X509
-./crypto/x509/x509_d2.c		X509
-./crypto/x509/x509_def.c	X509
-./crypto/x509/x509_err.c	X509
-./crypto/x509/x509_ext.c	X509
-./crypto/x509/x509_lu.c		X509
-./crypto/x509/x509_obj.c	X509
-./crypto/x509/x509_r2x.c	X509
-./crypto/x509/x509_req.c	X509
-./crypto/x509/x509_set.c	X509
-./crypto/x509/x509_txt.c	X509
-./crypto/x509/x509_v3.c		X509
-./crypto/x509/x509_vfy.c	X509
-./crypto/x509/x_all.c		X509
-./crypto/x509/x509_vfy.h	X509
-./crypto/x509v3/v3_ku.c		X509
-./crypto/x509v3/x509v3.h	X509
-
-./crypto/threads/mttest.c	THREADS
-./crypto/threads/th-lock.c	THREADS
-
-./crypto/ripemd/rmdtest.c	RMD160
-./crypto/ripemd/ripemd.h	RMD160
-./crypto/ripemd/rmdconst.h	RMD160
-./crypto/ripemd/rmd_locl.h	RMD160
-./crypto/ripemd/rmd_one.c	RMD160
-./crypto/ripemd/rmd160.c	RMD160
-./crypto/ripemd/rmd_dgst.c	RMD160
-
-./crypto/rc5/rc5_ecb.c		RC5
-./crypto/rc5/rc5cfb64.c		RC5
-./crypto/rc5/rc5ofb64.c		RC5
-./crypto/rc5/rc5speed.c		RC5
-./crypto/rc5/rc5test.c		RC5
-./crypto/rc5/rc5_enc.c		RC5
-./crypto/rc5/rc5.h		RC5
-./crypto/rc5/rc5_locl.h		RC5
-./crypto/rc5/rc5_skey.c		RC5
-
-./ssl/bio_ssl.c			SSL
-./ssl/pxy_ssl.c			SSL
-./ssl/s23_clnt.c		SSL
-./ssl/s23_lib.c			SSL
-./ssl/s23_meth.c		SSL
-./ssl/s23_pkt.c			SSL
-./ssl/s23_srvr.c		SSL
-./ssl/s2_clnt.c			SSL
-./ssl/s2_enc.c			SSL
-./ssl/s2_lib.c			SSL
-./ssl/s2_meth.c			SSL
-./ssl/s2_pkt.c			SSL
-./ssl/s2_srvr.c			SSL
-./ssl/s3_both.c			SSL
-./ssl/s3_clnt.c			SSL
-./ssl/s3_enc.c			SSL
-./ssl/s3_lib.c			SSL
-./ssl/s3_meth.c			SSL
-./ssl/s3_pkt.c			SSL
-./ssl/s3_srvr.c			SSL
-./ssl/ssl.c			SSL
-./ssl/ssl2.h			SSL
-./ssl/ssl23.h			SSL
-./ssl/ssl3.h			SSL
-./ssl/ssl_algs.c		SSL
-./ssl/ssl_asn1.c		SSL
-./ssl/ssl_cert.c		SSL
-./ssl/ssl_ciph.c		SSL
-./ssl/ssl_err.c			SSL
-./ssl/ssl_err2.c		SSL
-./ssl/ssl_lib.c			SSL
-./ssl/ssl_locl.h		SSL
-./ssl/ssl_rsa.c			SSL
-./ssl/ssl_sess.c		SSL
-./ssl/ssl_stat.c		SSL
-./ssl/ssl_task.c		SSL
-./ssl/ssl_txt.c			SSL
-./ssl/tls1.h			SSL
-./ssl/t1_lib.c			SSL
-./ssl/t1_enc.c			SSL
-./ssl/t1_meth.c			SSL
-./ssl/t1_srvr.c			SSL
-./ssl/t1_clnt.c			SSL
-./ssl/ssl.h			SSL
-./ssl/ssltest.c			SSL
-
-./rsaref/rsaref.c		RSAREF
-./rsaref/rsaref.h		RSAREF
-./rsaref/rsar_err.c		RSAREF
-
-./apps/apps.c			APPS
-./apps/apps.h			APPS
-./apps/asn1pars.c		APPS
-./apps/bf_perm.c		APPS
-./apps/bf_perm.h		APPS
-./apps/ca.c			APPS
-./apps/ciphers.c		APPS
-./apps/crl.c			APPS
-./apps/crl2p7.c			APPS
-./apps/dgst.c			APPS
-./apps/dh.c			APPS
-./apps/dsa.c			APPS
-./apps/dsaparam.c		APPS
-./apps/eay.c			APPS
-./apps/enc.c			APPS
-./apps/errstr.c			APPS
-./apps/speed.c			APPS
-./apps/gendh.c			APPS
-./apps/gendsa.c			APPS
-./apps/genrsa.c			APPS
-./apps/mybio_cb.c		APPS
-./apps/pem_mail.c		APPS
-./apps/pkcs7.c			APPS
-./apps/progs.h			APPS
-./apps/req.c			APPS
-./apps/rsa.c			APPS
-./apps/sess_id.c		APPS
-./apps/s_apps.h			APPS
-./apps/s_cb.c			APPS
-./apps/s_client.c		APPS
-./apps/s_server.c		APPS
-./apps/s_socket.c		APPS
-./apps/s_time.c			APPS
-./apps/testdsa.h		APPS
-./apps/testrsa.h		APPS
-./apps/verify.c			APPS
-./apps/version.c		APPS
-./apps/x509.c			APPS
-./apps/ssleay.c			APPS
-./apps/sp.c			APPS
-
-./demos/b64.c			DEMO
-./demos/bio/saccept.c		DEMO
-./demos/bio/sconnect.c		DEMO
-./demos/maurice/example1.c	DEMO
-./demos/maurice/example2.c	DEMO
-./demos/maurice/example3.c	DEMO
-./demos/maurice/example4.c	DEMO
-./demos/maurice/loadkeys.c	DEMO
-./demos/maurice/loadkeys.h	DEMO
-./demos/prime/prime.c		DEMO
-./demos/selfsign.c		DEMO
-./demos/spkigen.c		DEMO
-
diff --git a/crypto/openssl/dep/gen.pl b/crypto/openssl/dep/gen.pl
deleted file mode 100644
index 8ab6db5c5329..000000000000
--- a/crypto/openssl/dep/gen.pl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/local/bin/perl
-
-require 'getopts.pl';
-
-$files="files";
-%have=();
-%missing=();
-%name=();
-%func=();
-
-&Getopts('Ff:');
-
-&load_file("files");
-foreach $file (@ARGV)
-	{ &do_nm($file); }
-
-if (defined($opt_f))
-	{
-	%a=();
-	$r=&list_files($opt_f,"",*a);
-	if ($opt_F)
-		{
-		foreach (sort split(/\n/,$r))
-			{ print "$_\n"; }
-		}
-	else
-		{ print $r; }
-	}
-else
-	{
-	for (sort keys %have)
-		{
-		print "$_:$have{$_}\n";
-		}
-	}
-
-sub list_files
-	{
-	local($f,$o,*done)=@_;
-	local($a,$_,$ff,$ret);
-
-	return if $f =~ /^\s*$/;
-
-	$done{$f}=1;
-	$ret.=$f."\n" if $opt_F;
-	foreach (split(/ /,$have{$f}))
-		{
-		$ret.="$o$f:$_\n" unless $opt_F;
-		}
-
-	foreach (split(/ /,$missing{$f}))
-		{
-		$ff=$func{$_};
-		next if defined($done{$ff});
-		$ret.=&list_files($ff,$o."	");
-		}
-	$ret;
-	}
-
-sub do_nm
-	{
-	local($file)=@_;
-	local($fname)="";
-
-	open(IN,"nm $file|") || die "unable to run 'nm $file|':$!\n";
-	while (<IN>)
-		{
-		chop;
-		next if /^\s*$/;
-		if (/^(.*)\.o:\s*$/)
-			{
-			$fname="$1.c";
-			next;
-			}
-		($type,$name)=/^.{8} (.) (.+)/;
-#		print "$fname $type $name\n";
-
-		if ($type eq "T")
-			{
-			$have{$fname}.="$name ";
-			$func{$name}=$fname;
-			}
-		elsif ($type eq "U")
-			{
-			$missing{$fname}.="$name ";
-			}
-		}
-	close(IN);
-	}
-
-sub load_file
-	{
-	local($file)=@_;
-
-	open(IN,"<$files") || die "unable to open $files:$!\n";
-
-	while (<IN>)
-		{
-		chop;
-		next if /^\s*$/;
-		($n)=/\/([^\/\s]+)\s+/;
-		($fn)=/^(\S+)\s/;
-#		print "$n - $fn\n";
-		if (defined($name{$n}))
-			{ print "$n already exists\n"; }
-		else
-			{ $name{$n}=$fn; }
-		}
-	close(IN);
-	@name=%name;
-	}
-
-
diff --git a/crypto/openssl/dep/ssl.txt b/crypto/openssl/dep/ssl.txt
deleted file mode 100644
index 7cd125a0d178..000000000000
--- a/crypto/openssl/dep/ssl.txt
+++ /dev/null
@@ -1,156 +0,0 @@
-BIO_f_ssl
-BIO_new_buffer_ssl_connect
-BIO_new_ssl
-BIO_new_ssl_connect
-BIO_proxy_ssl_copy_session_id
-BIO_ssl_copy_session_id
-BIO_ssl_shutdown
-ERR_load_SSL_strings
-SSL_CIPHER_description
-SSL_CIPHER_get_bits
-SSL_CIPHER_get_name
-SSL_CIPHER_get_version
-SSL_CTX_add_client_CA
-SSL_CTX_add_session
-SSL_CTX_check_private_key
-SSL_CTX_ctrl
-SSL_CTX_flush_sessions
-SSL_CTX_free
-SSL_CTX_get_client_CA_list
-SSL_CTX_get_ex_data
-SSL_CTX_get_ex_new_index
-SSL_CTX_get_quiet_shutdown
-SSL_CTX_get_verify_callback
-SSL_CTX_get_verify_mode
-SSL_CTX_load_verify_locations
-SSL_CTX_new
-SSL_CTX_remove_session
-SSL_CTX_set_cert_verify_cb
-SSL_CTX_set_cipher_list
-SSL_CTX_set_client_CA_list
-SSL_CTX_set_default_passwd_cb
-SSL_CTX_set_default_verify_paths
-SSL_CTX_set_ex_data
-SSL_CTX_set_quiet_shutdown
-SSL_CTX_set_ssl_version
-SSL_CTX_set_verify
-SSL_CTX_use_PrivateKey
-SSL_CTX_use_PrivateKey_ASN1
-SSL_CTX_use_PrivateKey_file
-SSL_CTX_use_RSAPrivateKey
-SSL_CTX_use_RSAPrivateKey_ASN1
-SSL_CTX_use_RSAPrivateKey_file
-SSL_CTX_use_certificate
-SSL_CTX_use_certificate_ASN1
-SSL_CTX_use_certificate_file
-SSL_SESSION_cmp
-SSL_SESSION_free
-SSL_SESSION_get_ex_data
-SSL_SESSION_get_ex_new_index
-SSL_SESSION_get_time
-SSL_SESSION_get_timeout
-SSL_SESSION_hash
-SSL_SESSION_new
-SSL_SESSION_print
-SSL_SESSION_print_fp
-SSL_SESSION_set_ex_data
-SSL_SESSION_set_time
-SSL_SESSION_set_timeout
-SSL_accept
-SSL_add_client_CA
-SSL_alert_desc_string
-SSL_alert_desc_string_long
-SSL_alert_type_string
-SSL_alert_type_string_long
-SSL_check_private_key
-SSL_clear
-SSL_connect
-SSL_copy_session_id
-SSL_ctrl
-SSL_do_handshake
-SSL_dup
-SSL_dup_CA_list
-SSL_free
-SSL_get_SSL_CTX
-SSL_get_certificate
-SSL_get_cipher_list
-SSL_get_ciphers
-SSL_get_client_CA_list
-SSL_get_current_cipher
-SSL_get_default_timeout
-SSL_get_error
-SSL_get_ex_data
-SSL_get_ex_new_index
-SSL_get_fd
-SSL_get_info_callback
-SSL_get_peer_cert_chain
-SSL_get_peer_certificate
-SSL_get_privatekey
-SSL_get_quiet_shutdown
-SSL_get_rbio
-SSL_get_read_ahead
-SSL_get_session
-SSL_get_shared_ciphers
-SSL_get_shutdown
-SSL_get_ssl_method
-SSL_get_verify_callback
-SSL_get_verify_mode
-SSL_get_verify_result
-SSL_get_version
-SSL_get_wbio
-SSL_load_client_CA_file
-SSL_load_error_strings
-SSL_new
-SSL_peek
-SSL_pending
-SSL_read
-SSL_renegotiate
-SSL_rstate_string
-SSL_rstate_string_long
-SSL_set_accept_state
-SSL_set_bio
-SSL_set_cipher_list
-SSL_set_client_CA_list
-SSL_set_connect_state
-SSL_set_ex_data
-SSL_set_fd
-SSL_set_info_callback
-SSL_set_quiet_shutdown
-SSL_set_read_ahead
-SSL_set_rfd
-SSL_set_session
-SSL_set_shutdown
-SSL_set_ssl_method
-SSL_set_verify
-SSL_set_verify_result
-SSL_set_wfd
-SSL_shutdown
-SSL_state
-SSL_state_string
-SSL_state_string_long
-SSL_use_PrivateKey
-SSL_use_PrivateKey_ASN1
-SSL_use_PrivateKey_file
-SSL_use_RSAPrivateKey
-SSL_use_RSAPrivateKey_ASN1
-SSL_use_RSAPrivateKey_file
-SSL_use_certificate
-SSL_use_certificate_ASN1
-SSL_use_certificate_file
-SSL_version
-SSL_write
-SSLeay_add_ssl_algorithms
-SSLv23_client_method
-SSLv23_method
-SSLv23_server_method
-SSLv2_client_method
-SSLv2_method
-SSLv2_server_method
-SSLv3_client_method
-SSLv3_method
-SSLv3_server_method
-TLSv1_client_method
-TLSv1_method
-TLSv1_server_method
-d2i_SSL_SESSION
-i2d_SSL_SESSION
diff --git a/crypto/openssl/doc/HOWTO/certificates.txt b/crypto/openssl/doc/HOWTO/certificates.txt
deleted file mode 100644
index 82166e0dc23e..000000000000
--- a/crypto/openssl/doc/HOWTO/certificates.txt
+++ /dev/null
@@ -1,108 +0,0 @@
-<DRAFT!>
-			HOWTO certificates
-
-1. Introduction
-
-How you handle certificates depend a great deal on what your role is.
-Your role can be one or several of:
-
-  - User of some client software
-  - User of some server software
-  - Certificate authority
-
-This file is for users who wish to get a certificate of their own.
-Certificate authorities should read ca.txt.
-
-In all the cases shown below, the standard configuration file, as
-compiled into openssl, will be used.  You may find it in /etc/,
-/usr/local/ssl/ or somewhere else.  The name is openssl.cnf, and
-is better described in another HOWTO <config.txt?>.  If you want to
-use a different configuration file, use the argument '-config {file}'
-with the command shown below.
-
-
-2. Relationship with keys
-
-Certificates are related to public key cryptography by containing a
-public key.  To be useful, there must be a corresponding private key
-somewhere.  With OpenSSL, public keys are easily derived from private
-keys, so before you create a certificate or a certificate request, you
-need to create a private key.
-
-Private keys are generated with 'openssl genrsa' if you want a RSA
-private key, or 'openssl gendsa' if you want a DSA private key.
-Further information on how to create private keys can be found in
-another HOWTO <keys.txt?>.  The rest of this text assumes you have
-a private key in the file privkey.pem.
-
-
-3. Creating a certificate request
-
-To create a certificate, you need to start with a certificate
-request (or, as some certificate authorities like to put
-it, "certificate signing request", since that's exactly what they do,
-they sign it and give you the result back, thus making it authentic
-according to their policies).  A certificate request can then be sent
-to a certificate authority to get it signed into a certificate, or if
-you have your own certificate authority, you may sign it yourself, or
-if you need a self-signed certificate (because you just want a test
-certificate or because you are setting up your own CA).
-
-The certificate is created like this:
-
-  openssl req -new -key privkey.pem -out cert.csr
-
-Now, cert.csr can be sent to the certificate authority, if they can
-handle files in PEM format.  If not, use the extra argument '-outform'
-followed by the keyword for the format to use (see another HOWTO
-<formats.txt?>).  In some cases, that isn't sufficient and you will
-have to be more creative.
-
-When the certificate authority has then done the checks the need to
-do (and probably gotten payment from you), they will hand over your
-new certificate to you.
-
-Section 5 will tell you more on how to handle the certificate you
-received.
-
-
-4. Creating a self-signed certificate
-
-If you don't want to deal with another certificate authority, or just
-want to create a test certificate for yourself, or are setting up a
-certificate authority of your own, you may want to make the requested
-certificate a self-signed one.  If you have created a certificate
-request as shown above, you can sign it using the 'openssl x509'
-command, for example like this (to create a self-signed CA
-certificate):
-
-  openssl x509 -req -in cert.csr -extfile openssl.cnf -extensions v3_ca \
-	  -signkey privkey.pem -out cacert.pem -trustout
-
-
-5. What to do with the certificate
-
-If you created everything yourself, or if the certificate authority
-was kind enough, your certificate is a raw DER thing in PEM format.
-Your key most definitely is if you have followed the examples above.
-However, some (most?) certificate authorities will encode them with
-things like PKCS7 or PKCS12, or something else.  Depending on your
-applications, this may be perfectly OK, it all depends on what they
-know how to decode.  If not, There are a number of OpenSSL tools to
-convert between some (most?) formats.
-
-So, depending on your application, you may have to convert your
-certificate and your key to various formats, most often also putting
-them together into one file.  The ways to do this is described in
-another HOWTO <formats.txt?>, I will just mention the simplest case.
-In the case of a raw DER thing in PEM format, and assuming that's all
-right for yor applications, simply concatenating the certificate and
-the key into a new file and using that one should be enough.  With
-some applications, you don't even have to do that.
-
-
-By now, you have your cetificate and your private key and can start
-using the software that depend on it.
-
--- 
-Richard Levitte
diff --git a/crypto/openssl/doc/README b/crypto/openssl/doc/README
deleted file mode 100644
index 6ecc14d99457..000000000000
--- a/crypto/openssl/doc/README
+++ /dev/null
@@ -1,12 +0,0 @@
-
- apps/openssl.pod .... Documentation of OpenSSL `openssl' command
- crypto/crypto.pod ... Documentation of OpenSSL crypto.h+libcrypto.a
- ssl/ssl.pod ......... Documentation of OpenSSL ssl.h+libssl.a
- openssl.txt ......... Assembled documentation files for OpenSSL [not final]
- ssleay.txt .......... Assembled documentation of ancestor SSLeay [obsolete]
- standards.txt ....... Assembled pointers to standards, RFCs or internet drafts
-                       that are related to OpenSSL.
-
- An archive of HTML documents for the SSLeay library is available from
- http://www.columbia.edu/~ariel/ssleay/
-
diff --git a/crypto/openssl/doc/apps/CA.pl.pod b/crypto/openssl/doc/apps/CA.pl.pod
deleted file mode 100644
index 58e0f5200100..000000000000
--- a/crypto/openssl/doc/apps/CA.pl.pod
+++ /dev/null
@@ -1,179 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-CA.pl - friendlier interface for OpenSSL certificate programs
-
-=head1 SYNOPSIS
-
-B<CA.pl>
-[B<-?>]
-[B<-h>]
-[B<-help>]
-[B<-newcert>]
-[B<-newreq>]
-[B<-newreq-nodes>]
-[B<-newca>]
-[B<-xsign>]
-[B<-sign>]
-[B<-signreq>]
-[B<-signcert>]
-[B<-verify>]
-[B<files>]
-
-=head1 DESCRIPTION
-
-The B<CA.pl> script is a perl script that supplies the relevant command line
-arguments to the B<openssl> command for some common certificate operations.
-It is intended to simplify the process of certificate creation and management
-by the use of some simple options.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<?>, B<-h>, B<-help>
-
-prints a usage message.
-
-=item B<-newcert>
-
-creates a new self signed certificate. The private key and certificate are
-written to the file "newreq.pem".
-
-=item B<-newreq>
-
-creates a new certificate request. The private key and request are
-written to the file "newreq.pem".
-
-=item B<-newreq-nowdes>
-
-is like B<-newreq> except that the private key will not be encrypted.
-
-=item B<-newca>
-
-creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>
-and B<-xsign> options). The user is prompted to enter the filename of the CA
-certificates (which should also contain the private key) or by hitting ENTER
-details of the CA will be prompted for. The relevant files and directories
-are created in a directory called "demoCA" in the current directory.
-
-=item B<-pkcs12>
-
-create a PKCS#12 file containing the user certificate, private key and CA
-certificate. It expects the user certificate and private key to be in the
-file "newcert.pem" and the CA certificate to be in the file demoCA/cacert.pem,
-it creates a file "newcert.p12". This command can thus be called after the
-B<-sign> option. The PKCS#12 file can be imported directly into a browser.
-If there is an additional argument on the command line it will be used as the
-"friendly name" for the certificate (which is typically displayed in the browser
-list box), otherwise the name "My Certificate" is used.
-
-=item B<-sign>, B<-signreq>, B<-xsign>
-
-calls the B<ca> program to sign a certificate request. It expects the request
-to be in the file "newreq.pem". The new certificate is written to the file
-"newcert.pem" except in the case of the B<-xsign> option when it is written
-to standard output.
-
-
-=item B<-signCA>
-
-this option is the same as the B<-signreq> option except it uses the configuration
-file section B<v3_ca> and so makes the signed request a valid CA certificate. This
-is useful when creating intermediate CA from a root CA.
-
-=item B<-signcert>
-
-this option is the same as B<-sign> except it expects a self signed certificate
-to be present in the file "newreq.pem".
-
-=item B<-verify>
-
-verifies certificates against the CA certificate for "demoCA". If no certificates
-are specified on the command line it tries to verify the file "newcert.pem". 
-
-=item B<files>
-
-one or more optional certificate file names for use with the B<-verify> command.
-
-=back
-
-=head1 EXAMPLES
-
-Create a CA hierarchy:
-
- CA.pl -newca
-
-Complete certificate creation example: create a CA, create a request, sign
-the request and finally create a PKCS#12 file containing it.
-
- CA.pl -newca
- CA.pl -newreq
- CA.pl -signreq
- CA.pl -pkcs12 "My Test Certificate"
-
-=head1 DSA CERTIFICATES
-
-Although the B<CA.pl> creates RSA CAs and requests it is still possible to
-use it with DSA certificates and requests using the L<req(1)|req(1)> command
-directly. The following example shows the steps that would typically be taken.
-
-Create some DSA parameters:
-
- openssl dsaparam -out dsap.pem 1024
-
-Create a DSA CA certificate and private key:
-
- openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
-
-Create the CA directories and files:
-
- CA.pl -newca
-
-enter cacert.pem when prompted for the CA file name.
-
-Create a DSA certificate request and private key (a different set of parameters
-can optionally be created first):
-
- openssl req -out newreq.pem -newkey dsa:dsap.pem 
-
-Sign the request:
-
- CA.pl -signreq
-
-=head1 NOTES
-
-Most of the filenames mentioned can be modified by editing the B<CA.pl> script.
-
-If the demoCA directory already exists then the B<-newca> command will not
-overwrite it and will do nothing. This can happen if a previous call using
-the B<-newca> option terminated abnormally. To get the correct behaviour
-delete the demoCA directory if it already exists.
-
-Under some environments it may not be possible to run the B<CA.pl> script
-directly (for example Win32) and the default configuration file location may
-be wrong. In this case the command:
-
- perl -S CA.pl
-
-can be used and the B<OPENSSL_CONF> environment variable changed to point to 
-the correct path of the configuration file "openssl.cnf".
-
-The script is intended as a simple front end for the B<openssl> program for use
-by a beginner. Its behaviour isn't always what is wanted. For more control over the
-behaviour of the certificate commands call the B<openssl> command directly.
-
-=head1 ENVIRONMENT VARIABLES
-
-The variable B<OPENSSL_CONF> if defined allows an alternative configuration
-file location to be specified, it should contain the full path to the
-configuration file, not just its directory.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<req(1)|req(1)>, L<pkcs12(1)|pkcs12(1)>,
-L<config(5)|config(5)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/asn1parse.pod b/crypto/openssl/doc/apps/asn1parse.pod
deleted file mode 100644
index e76e9813abaf..000000000000
--- a/crypto/openssl/doc/apps/asn1parse.pod
+++ /dev/null
@@ -1,129 +0,0 @@
-=pod
-
-=head1 NAME
-
-asn1parse - ASN.1 parsing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<asn1parse>
-[B<-inform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-offset number>]
-[B<-length number>]
-[B<-i>]
-[B<-oid filename>]
-[B<-strparse offset>]
-
-=head1 DESCRIPTION
-
-The B<asn1parse> command is a diagnostic utility that can parse ASN.1
-structures. It can also be used to extract data from ASN.1 formatted data.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform> B<DER|PEM>
-
-the input format. B<DER> is binary format and B<PEM> (the default) is base64
-encoded.
-
-=item B<-in filename>
-
-the input file, default is standard input
-
-=item B<-out filename>
-
-output file to place the DER encoded data into. If this
-option is not present then no data will be output. This is most useful when
-combined with the B<-strparse> option.
-
-=item B<-noout>
-
-don't output the parsed version of the input file.
-
-=item B<-offset number>
-
-starting offset to begin parsing, default is start of file.
-
-=item B<-length number>
-
-number of bytes to parse, default is until end of file.
-
-=item B<-i>
-
-indents the output according to the "depth" of the structures.
-
-=item B<-oid filename>
-
-a file containing additional OBJECT IDENTIFIERs (OIDs). The format of this
-file is described in the NOTES section below.
-
-=item B<-strparse offset>
-
-parse the contents octets of the ASN.1 object starting at B<offset>. This
-option can be used multiple times to "drill down" into a nested structure.
-
-
-=back
-
-=head2 OUTPUT
-
-The output will typically contain lines like this:
-
-  0:d=0  hl=4 l= 681 cons: SEQUENCE          
-
-.....
-
-  229:d=3  hl=3 l= 141 prim: BIT STRING        
-  373:d=2  hl=3 l= 162 cons: cont [ 3 ]        
-  376:d=3  hl=3 l= 159 cons: SEQUENCE          
-  379:d=4  hl=2 l=  29 cons: SEQUENCE          
-  381:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Key Identifier
-  386:d=5  hl=2 l=  22 prim: OCTET STRING      
-  410:d=4  hl=2 l= 112 cons: SEQUENCE          
-  412:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key Identifier
-  417:d=5  hl=2 l= 105 prim: OCTET STRING      
-  524:d=4  hl=2 l=  12 cons: SEQUENCE          
-
-.....
-
-This example is part of a self signed certificate. Each line starts with the
-offset in decimal. B<d=XX> specifies the current depth. The depth is increased
-within the scope of any SET or SEQUENCE. B<hl=XX> gives the header length
-(tag and length octets) of the current type. B<l=XX> gives the length of
-the contents octets.
-
-The B<-i> option can be used to make the output more readable.
-
-Some knowledge of the ASN.1 structure is needed to interpret the output. 
-
-In this example the BIT STRING at offset 229 is the certificate public key.
-The contents octets of this will contain the public key information. This can
-be examined using the option B<-strparse 229> to yield:
-
-    0:d=0  hl=3 l= 137 cons: SEQUENCE          
-    3:d=1  hl=3 l= 129 prim: INTEGER           :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
-  135:d=1  hl=2 l=   3 prim: INTEGER           :010001
-
-=head1 NOTES
-
-If an OID is not part of OpenSSL's internal table it will be represented in
-numerical form (for example 1.2.3.4). The file passed to the B<-oid> option 
-allows additional OIDs to be included. Each line consists of three columns,
-the first column is the OID in numerical format and should be followed by white
-space. The second column is the "short name" which is a single word followed
-by white space. The final column is the rest of the line and is the
-"long name". B<asn1parse> displays the long name. Example:
-
-C<1.2.3.4	shortName	A long name>
-
-=head1 BUGS
-
-There should be options to change the format of input lines. The output of some
-ASN.1 types is not well handled (if at all).
-
-=cut
diff --git a/crypto/openssl/doc/apps/ca.pod b/crypto/openssl/doc/apps/ca.pod
deleted file mode 100644
index de66c534b5cc..000000000000
--- a/crypto/openssl/doc/apps/ca.pod
+++ /dev/null
@@ -1,629 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-ca - sample minimal CA application
-
-=head1 SYNOPSIS
-
-B<openssl> B<ca>
-[B<-verbose>]
-[B<-config filename>]
-[B<-name section>]
-[B<-gencrl>]
-[B<-revoke file>]
-[B<-crl_reason reason>]
-[B<-crl_hold instruction>]
-[B<-crl_compromise time>]
-[B<-crl_CA_compromise time>]
-[B<-subj arg>]
-[B<-crldays days>]
-[B<-crlhours hours>]
-[B<-crlexts section>]
-[B<-startdate date>]
-[B<-enddate date>]
-[B<-days arg>]
-[B<-md arg>]
-[B<-policy arg>]
-[B<-keyfile arg>]
-[B<-key arg>]
-[B<-passin arg>]
-[B<-cert file>]
-[B<-in file>]
-[B<-out file>]
-[B<-notext>]
-[B<-outdir dir>]
-[B<-infiles>]
-[B<-spkac file>]
-[B<-ss_cert file>]
-[B<-preserveDN>]
-[B<-noemailDN>]
-[B<-batch>]
-[B<-msie_hack>]
-[B<-extensions section>]
-[B<-extfile section>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<ca> command is a minimal CA application. It can be used
-to sign certificate requests in a variety of forms and generate
-CRLs it also maintains a text database of issued certificates
-and their status.
-
-The options descriptions will be divided into each purpose.
-
-=head1 CA OPTIONS
-
-=over 4
-
-=item B<-config filename>
-
-specifies the configuration file to use.
-
-=item B<-name section>
-
-specifies the configuration file section to use (overrides
-B<default_ca> in the B<ca> section).
-
-=item B<-in filename>
-
-an input filename containing a single certificate request to be
-signed by the CA.
-
-=item B<-ss_cert filename>
-
-a single self signed certificate to be signed by the CA.
-
-=item B<-spkac filename>
-
-a file containing a single Netscape signed public key and challenge
-and additional field values to be signed by the CA. See the B<SPKAC FORMAT>
-section for information on the required format.
-
-=item B<-infiles>
-
-if present this should be the last option, all subsequent arguments
-are assumed to the the names of files containing certificate requests. 
-
-=item B<-out filename>
-
-the output file to output certificates to. The default is standard
-output. The certificate details will also be printed out to this
-file.
-
-=item B<-outdir directory>
-
-the directory to output certificates to. The certificate will be
-written to a filename consisting of the serial number in hex with
-".pem" appended.
-
-=item B<-cert>
-
-the CA certificate file.
-
-=item B<-keyfile filename>
-
-the private key to sign requests with.
-
-=item B<-key password>
-
-the password used to encrypt the private key. Since on some
-systems the command line arguments are visible (e.g. Unix with
-the 'ps' utility) this option should be used with caution.
-
-=item B<-passin arg>
-
-the key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
-=item B<-notext>
-
-don't output the text form of a certificate to the output file.
-
-=item B<-startdate date>
-
-this allows the start date to be explicitly set. The format of the
-date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
-
-=item B<-enddate date>
-
-this allows the expiry date to be explicitly set. The format of the
-date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
-
-=item B<-days arg>
-
-the number of days to certify the certificate for.
-
-=item B<-md alg>
-
-the message digest to use. Possible values include md5, sha1 and mdc2.
-This option also applies to CRLs.
-
-=item B<-policy arg>
-
-this option defines the CA "policy" to use. This is a section in
-the configuration file which decides which fields should be mandatory
-or match the CA certificate. Check out the B<POLICY FORMAT> section
-for more information.
-
-=item B<-msie_hack>
-
-this is a legacy option to make B<ca> work with very old versions of
-the IE certificate enrollment control "certenr3". It used UniversalStrings
-for almost everything. Since the old control has various security bugs
-its use is strongly discouraged. The newer control "Xenroll" does not
-need this option.
-
-=item B<-preserveDN>
-
-Normally the DN order of a certificate is the same as the order of the
-fields in the relevant policy section. When this option is set the order 
-is the same as the request. This is largely for compatibility with the
-older IE enrollment control which would only accept certificates if their
-DNs match the order of the request. This is not needed for Xenroll.
-
-=item B<-noemailDN>
-
-The DN of a certificate can contain the EMAIL field if present in the
-request DN, however it is good policy just having the e-mail set into
-the altName extension of the certificate. When this option is set the
-EMAIL field is removed from the certificate' subject and set only in
-the, eventually present, extensions. The B<email_in_dn> keyword can be
-used in the configuration file to enable this behaviour.
-
-=item B<-batch>
-
-this sets the batch mode. In this mode no questions will be asked
-and all certificates will be certified automatically.
-
-=item B<-extensions section>
-
-the section of the configuration file containing certificate extensions
-to be added when a certificate is issued (defaults to B<x509_extensions>
-unless the B<-extfile> option is used). If no extension section is
-present then, a V1 certificate is created. If the extension section
-is present (even if it is empty), then a V3 certificate is created.
-
-=item B<-extfile file>
-
-an additional configuration file to read certificate extensions from
-(using the default section unless the B<-extensions> option is also
-used).
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 CRL OPTIONS
-
-=over 4
-
-=item B<-gencrl>
-
-this option generates a CRL based on information in the index file.
-
-=item B<-crldays num>
-
-the number of days before the next CRL is due. That is the days from
-now to place in the CRL nextUpdate field.
-
-=item B<-crlhours num>
-
-the number of hours before the next CRL is due.
-
-=item B<-revoke filename>
-
-a filename containing a certificate to revoke.
-
-=item B<-crl_reason reason>
-
-revocation reason, where B<reason> is one of: B<unspecified>, B<keyCompromise>,
-B<CACompromise>, B<affiliationChanged>, B<superseded>, B<cessationOfOperation>,
-B<certificateHold> or B<removeFromCRL>. The matching of B<reason> is case
-insensitive. Setting any revocation reason will make the CRL v2.
-
-In practive B<removeFromCRL> is not particularly useful because it is only used
-in delta CRLs which are not currently implemented.
-
-=item B<-crl_hold instruction>
-
-This sets the CRL revocation reason code to B<certificateHold> and the hold
-instruction to B<instruction> which must be an OID. Although any OID can be
-used only B<holdInstructionNone> (the use of which is discouraged by RFC2459)
-B<holdInstructionCallIssuer> or B<holdInstructionReject> will normally be used.
-
-=item B<-crl_compromise time>
-
-This sets the revocation reason to B<keyCompromise> and the compromise time to
-B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>.
-
-=item B<-crl_CA_compromise time>
-
-This is the same as B<crl_compromise> except the revocation reason is set to
-B<CACompromise>.
-
-=item B<-subj arg>
-
-supersedes subject name given in the request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
-=item B<-crlexts section>
-
-the section of the configuration file containing CRL extensions to
-include. If no CRL extension section is present then a V1 CRL is
-created, if the CRL extension section is present (even if it is
-empty) then a V2 CRL is created. The CRL extensions specified are
-CRL extensions and B<not> CRL entry extensions.  It should be noted
-that some software (for example Netscape) can't handle V2 CRLs. 
-
-=back
-
-=head1 CONFIGURATION FILE OPTIONS
-
-The section of the configuration file containing options for B<ca>
-is found as follows: If the B<-name> command line option is used,
-then it names the section to be used. Otherwise the section to
-be used must be named in the B<default_ca> option of the B<ca> section
-of the configuration file (or in the default section of the
-configuration file). Besides B<default_ca>, the following options are
-read directly from the B<ca> section:
- RANDFILE
- preserve
- msie_hack
-With the exception of B<RANDFILE>, this is probably a bug and may
-change in future releases.
-
-Many of the configuration file options are identical to command line
-options. Where the option is present in the configuration file
-and the command line the command line value is used. Where an
-option is described as mandatory then it must be present in
-the configuration file or the command line equivalent (if
-any) used.
-
-=over 4
-
-=item B<oid_file>
-
-This specifies a file containing additional B<OBJECT IDENTIFIERS>.
-Each line of the file should consist of the numerical form of the
-object identifier followed by white space then the short name followed
-by white space and finally the long name. 
-
-=item B<oid_section>
-
-This specifies a section in the configuration file containing extra
-object identifiers. Each line should consist of the short name of the
-object identifier followed by B<=> and the numerical form. The short
-and long names are the same when this option is used.
-
-=item B<new_certs_dir>
-
-the same as the B<-outdir> command line option. It specifies
-the directory where new certificates will be placed. Mandatory.
-
-=item B<certificate>
-
-the same as B<-cert>. It gives the file containing the CA
-certificate. Mandatory.
-
-=item B<private_key>
-
-same as the B<-keyfile> option. The file containing the
-CA private key. Mandatory.
-
-=item B<RANDFILE>
-
-a file used to read and write random number seed information, or
-an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-
-=item B<default_days>
-
-the same as the B<-days> option. The number of days to certify
-a certificate for. 
-
-=item B<default_startdate>
-
-the same as the B<-startdate> option. The start date to certify
-a certificate for. If not set the current time is used.
-
-=item B<default_enddate>
-
-the same as the B<-enddate> option. Either this option or
-B<default_days> (or the command line equivalents) must be
-present.
-
-=item B<default_crl_hours default_crl_days>
-
-the same as the B<-crlhours> and the B<-crldays> options. These
-will only be used if neither command line option is present. At
-least one of these must be present to generate a CRL.
-
-=item B<default_md>
-
-the same as the B<-md> option. The message digest to use. Mandatory.
-
-=item B<database>
-
-the text database file to use. Mandatory. This file must be present
-though initially it will be empty.
-
-=item B<serialfile>
-
-a text file containing the next serial number to use in hex. Mandatory.
-This file must be present and contain a valid serial number.
-
-=item B<x509_extensions>
-
-the same as B<-extensions>.
-
-=item B<crl_extensions>
-
-the same as B<-crlexts>.
-
-=item B<preserve>
-
-the same as B<-preserveDN>
-
-=item B<email_in_dn>
-
-the same as B<-noemailDN>. If you want the EMAIL field to be removed
-from the DN of the certificate simply set this to 'no'. If not present
-the default is to allow for the EMAIL filed in the certificate's DN.
-
-=item B<msie_hack>
-
-the same as B<-msie_hack>
-
-=item B<policy>
-
-the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
-for more information.
-
-=item B<nameopt>, B<certopt>
-
-these options allow the format used to display the certificate details
-when asking the user to confirm signing. All the options supported by
-the B<x509> utilities B<-nameopt> and B<-certopt> switches can be used
-here, except the B<no_signame> and B<no_sigdump> are permanently set
-and cannot be disabled (this is because the certificate signature cannot
-be displayed because the certificate has not been signed at this point).
-
-For convenience the values B<default_ca> are accepted by both to produce
-a reasonable output.
-
-If neither option is present the format used in earlier versions of
-OpenSSL is used. Use of the old format is B<strongly> discouraged because
-it only displays fields mentioned in the B<policy> section, mishandles
-multicharacter string types and does not display extensions.
-
-=item B<copy_extensions>
-
-determines how extensions in certificate requests should be handled.
-If set to B<none> or this option is not present then extensions are
-ignored and not copied to the certificate. If set to B<copy> then any
-extensions present in the request that are not already present are copied
-to the certificate. If set to B<copyall> then all extensions in the
-request are copied to the certificate: if the extension is already present
-in the certificate it is deleted first. See the B<WARNINGS> section before
-using this option.
-
-The main use of this option is to allow a certificate request to supply
-values for certain extensions such as subjectAltName.
-
-=back
-
-=head1 POLICY FORMAT
-
-The policy section consists of a set of variables corresponding to
-certificate DN fields. If the value is "match" then the field value
-must match the same field in the CA certificate. If the value is
-"supplied" then it must be present. If the value is "optional" then
-it may be present. Any fields not mentioned in the policy section
-are silently deleted, unless the B<-preserveDN> option is set but
-this can be regarded more of a quirk than intended behaviour.
-
-=head1 SPKAC FORMAT
-
-The input to the B<-spkac> command line option is a Netscape
-signed public key and challenge. This will usually come from
-the B<KEYGEN> tag in an HTML form to create a new private key. 
-It is however possible to create SPKACs using the B<spkac> utility.
-
-The file should contain the variable SPKAC set to the value of
-the SPKAC and also the required DN components as name value pairs.
-If you need to include the same component twice then it can be
-preceded by a number and a '.'.
-
-=head1 EXAMPLES
-
-Note: these examples assume that the B<ca> directory structure is
-already set up and the relevant files already exist. This usually
-involves creating a CA certificate and private key with B<req>, a
-serial number file and an empty index file and placing them in
-the relevant directories.
-
-To use the sample configuration file below the directories demoCA,
-demoCA/private and demoCA/newcerts would be created. The CA
-certificate would be copied to demoCA/cacert.pem and its private
-key to demoCA/private/cakey.pem. A file demoCA/serial would be
-created containing for example "01" and the empty index file
-demoCA/index.txt.
-
-
-Sign a certificate request:
-
- openssl ca -in req.pem -out newcert.pem
-
-Sign a certificate request, using CA extensions:
-
- openssl ca -in req.pem -extensions v3_ca -out newcert.pem
-
-Generate a CRL
-
- openssl ca -gencrl -out crl.pem
-
-Sign several requests:
-
- openssl ca -infiles req1.pem req2.pem req3.pem
-
-Certify a Netscape SPKAC:
-
- openssl ca -spkac spkac.txt
-
-A sample SPKAC file (the SPKAC line has been truncated for clarity):
-
- SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
- CN=Steve Test
- emailAddress=steve@openssl.org
- 0.OU=OpenSSL Group
- 1.OU=Another Group
-
-A sample configuration file with the relevant sections for B<ca>:
-
- [ ca ]
- default_ca      = CA_default            # The default ca section
- 
- [ CA_default ]
-
- dir            = ./demoCA              # top dir
- database       = $dir/index.txt        # index file.
- new_certs_dir	= $dir/newcerts         # new certs dir
- 
- certificate    = $dir/cacert.pem       # The CA cert
- serial         = $dir/serial           # serial no file
- private_key    = $dir/private/cakey.pem# CA private key
- RANDFILE       = $dir/private/.rand    # random number file
- 
- default_days   = 365                   # how long to certify for
- default_crl_days= 30                   # how long before next CRL
- default_md     = md5                   # md to use
-
- policy         = policy_any            # default policy
- email_in_dn    = no                    # Don't add the email into cert DN
-
- nameopt	= default_ca		# Subject name display option
- certopt	= default_ca		# Certificate display option
- copy_extensions = none			# Don't copy extensions from request
-
- [ policy_any ]
- countryName            = supplied
- stateOrProvinceName    = optional
- organizationName       = optional
- organizationalUnitName = optional
- commonName             = supplied
- emailAddress           = optional
-
-=head1 FILES
-
-Note: the location of all files can change either by compile time options,
-configuration file entries, environment variables or command line options.
-The values below reflect the default values.
-
- /usr/local/ssl/lib/openssl.cnf - master configuration file
- ./demoCA                       - main CA directory
- ./demoCA/cacert.pem            - CA certificate
- ./demoCA/private/cakey.pem     - CA private key
- ./demoCA/serial                - CA serial number file
- ./demoCA/serial.old            - CA serial number backup file
- ./demoCA/index.txt             - CA text database file
- ./demoCA/index.txt.old         - CA text database backup file
- ./demoCA/certs                 - certificate output file
- ./demoCA/.rnd                  - CA random seed information
-
-=head1 ENVIRONMENT VARIABLES
-
-B<OPENSSL_CONF> reflects the location of master configuration file it can
-be overridden by the B<-config> command line option.
-
-=head1 RESTRICTIONS
-
-The text database index file is a critical part of the process and 
-if corrupted it can be difficult to fix. It is theoretically possible
-to rebuild the index file from all the issued certificates and a current
-CRL: however there is no option to do this.
-
-V2 CRL features like delta CRL support and CRL numbers are not currently
-supported.
-
-Although several requests can be input and handled at once it is only
-possible to include one SPKAC or self signed certificate.
-
-=head1 BUGS
-
-The use of an in memory text database can cause problems when large
-numbers of certificates are present because, as the name implies
-the database has to be kept in memory.
-
-It is not possible to certify two certificates with the same DN: this
-is a side effect of how the text database is indexed and it cannot easily
-be fixed without introducing other problems. Some S/MIME clients can use
-two certificates with the same DN for separate signing and encryption
-keys.
-
-The B<ca> command really needs rewriting or the required functionality
-exposed at either a command or interface level so a more friendly utility
-(perl script or GUI) can handle things properly. The scripts B<CA.sh> and
-B<CA.pl> help a little but not very much.
-
-Any fields in a request that are not present in a policy are silently
-deleted. This does not happen if the B<-preserveDN> option is used. To
-enforce the absence of the EMAIL field within the DN, as suggested by
-RFCs, regardless the contents of the request' subject the B<-noemailDN>
-option can be used. The behaviour should be more friendly and
-configurable.
-
-Cancelling some commands by refusing to certify a certificate can
-create an empty file.
-
-=head1 WARNINGS
-
-The B<ca> command is quirky and at times downright unfriendly.
-
-The B<ca> utility was originally meant as an example of how to do things
-in a CA. It was not supposed to be used as a full blown CA itself:
-nevertheless some people are using it for this purpose.
-
-The B<ca> command is effectively a single user command: no locking is
-done on the various files and attempts to run more than one B<ca> command
-on the same database can have unpredictable results.
-
-The B<copy_extensions> option should be used with caution. If care is
-not taken then it can be a security risk. For example if a certificate
-request contains a basicConstraints extension with CA:TRUE and the
-B<copy_extensions> value is set to B<copyall> and the user does not spot
-this when the certificate is displayed then this will hand the requestor
-a valid CA certificate.
-
-This situation can be avoided by setting B<copy_extensions> to B<copy>
-and including basicConstraints with CA:FALSE in the configuration file.
-Then if the request contains a basicConstraints extension it will be
-ignored.
-
-It is advisable to also include values for other extensions such
-as B<keyUsage> to prevent a request supplying its own values.
-
-Additional restrictions can be placed on the CA certificate itself.
-For example if the CA certificate has:
-
- basicConstraints = CA:TRUE, pathlen:0
-
-then even if a certificate is issued with CA:TRUE it will not be valid.
-
-=head1 SEE ALSO
-
-L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
-L<config(5)|config(5)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/ciphers.pod b/crypto/openssl/doc/apps/ciphers.pod
deleted file mode 100644
index 81a2c43893ef..000000000000
--- a/crypto/openssl/doc/apps/ciphers.pod
+++ /dev/null
@@ -1,394 +0,0 @@
-=pod
-
-=head1 NAME
-
-ciphers - SSL cipher display and cipher list tool.
-
-=head1 SYNOPSIS
-
-B<openssl> B<ciphers>
-[B<-v>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<cipherlist>]
-
-=head1 DESCRIPTION
-
-The B<cipherlist> command converts OpenSSL cipher lists into ordered
-SSL cipher preference lists. It can be used as a test tool to determine
-the appropriate cipherlist.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-v>
-
-verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
-authentication, encryption and mac algorithms used along with any key size
-restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
-
-=item B<-ssl3>
-
-only include SSL v3 ciphers.
-
-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
-=item B<-tls1>
-
-only include TLS v1 ciphers.
-
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
-=item B<cipherlist>
-
-a cipher list to convert to a cipher preference list. If it is not included
-then the default cipher list will be used. The format is described below.
-
-=back
-
-=head1 CIPHER LIST FORMAT
-
-The cipher list consists of one or more I<cipher strings> separated by colons.
-Commas or spaces are also acceptable separators but colons are normally used.
-
-The actual cipher string can take several different forms.
-
-It can consist of a single cipher suite such as B<RC4-SHA>.
-
-It can represent a list of cipher suites containing a certain algorithm, or
-cipher suites of a certain type. For example B<SHA1> represents all ciphers
-suites using the digest algorithm SHA1 and B<SSLv3> represents all SSL v3
-algorithms.
-
-Lists of cipher suites can be combined in a single cipher string using the
-B<+> character. This is used as a logical B<and> operation. For example
-B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
-algorithms.
-
-Each cipher string can be optionally preceded by the characters B<!>,
-B<-> or B<+>.
-
-If B<!> is used then the ciphers are permanently deleted from the list.
-The ciphers deleted can never reappear in the list even if they are
-explicitly stated.
-
-If B<-> is used then the ciphers are deleted from the list, but some or
-all of the ciphers can be added again by later options.
-
-If B<+> is used then the ciphers are moved to the end of the list. This
-option doesn't add any new ciphers it just moves matching existing ones.
-
-If none of these characters is present then the string is just interpreted
-as a list of ciphers to be appended to the current preference list. If the
-list includes any ciphers already present they will be ignored: that is they
-will not moved to the end of the list.
-
-Additionally the cipher string B<@STRENGTH> can be used at any point to sort
-the current cipher list in order of encryption algorithm key length.
-
-=head1 CIPHER STRINGS
-
-The following is a list of all permitted cipher strings and their meanings.
-
-=over 4
-
-=item B<DEFAULT>
-
-the default cipher list. This is determined at compile time and is normally
-B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string
-specified.
-
-=item B<COMPLEMENTOFDEFAULT>
-
-the ciphers included in B<ALL>, but not enabled by default. Currently
-this is B<ADH>. Note that this rule does not cover B<eNULL>, which is
-not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
-
-=item B<ALL>
-
-all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled.
-
-=item B<COMPLEMENTOFALL>
-
-the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
-
-=item B<HIGH>
-
-"high" encryption cipher suites. This currently means those with key lengths larger
-than 128 bits.
-
-=item B<MEDIUM>
-
-"medium" encryption cipher suites, currently those using 128 bit encryption.
-
-=item B<LOW>
-
-"low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms
-but excluding export cipher suites.
-
-=item B<EXP>, B<EXPORT>
-
-export encryption algorithms. Including 40 and 56 bits algorithms.
-
-=item B<EXPORT40>
-
-40 bit export encryption algorithms
-
-=item B<EXPORT56>
-
-56 bit export encryption algorithms.
-
-=item B<eNULL>, B<NULL>
-
-the "NULL" ciphers that is those offering no encryption. Because these offer no
-encryption at all and are a security risk they are disabled unless explicitly
-included.
-
-=item B<aNULL>
-
-the cipher suites offering no authentication. This is currently the anonymous
-DH algorithms. These cipher suites are vulnerable to a "man in the middle"
-attack and so their use is normally discouraged.
-
-=item B<kRSA>, B<RSA>
-
-cipher suites using RSA key exchange.
-
-=item B<kEDH>
-
-cipher suites using ephemeral DH key agreement.
-
-=item B<kDHr>, B<kDHd>
-
-cipher suites using DH key agreement and DH certificates signed by CAs with RSA
-and DSS keys respectively. Not implemented.
-
-=item B<aRSA>
-
-cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
-
-=item B<aDSS>, B<DSS>
-
-cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
-
-=item B<aDH>
-
-cipher suites effectively using DH authentication, i.e. the certificates carry
-DH keys.  Not implemented.
-
-=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
-
-ciphers suites using FORTEZZA key exchange, authentication, encryption or all
-FORTEZZA algorithms. Not implemented.
-
-=item B<TLSv1>, B<SSLv3>, B<SSLv2>
-
-TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively.
-
-=item B<DH>
-
-cipher suites using DH, including anonymous DH.
-
-=item B<ADH>
-
-anonymous DH cipher suites.
-
-=item B<AES>
-
-cipher suites using AES.
-
-=item B<3DES>
-
-cipher suites using triple DES.
-
-=item B<DES>
-
-cipher suites using DES (not triple DES).
-
-=item B<RC4>
-
-cipher suites using RC4.
-
-=item B<RC2>
-
-cipher suites using RC2.
-
-=item B<IDEA>
-
-cipher suites using IDEA.
-
-=item B<MD5>
-
-cipher suites using MD5.
-
-=item B<SHA1>, B<SHA>
-
-cipher suites using SHA1.
-
-=back
-
-=head1 CIPHER SUITE NAMES
-
-The following lists give the SSL or TLS cipher suites names from the
-relevant specification and their OpenSSL equivalents. It should be noted,
-that several cipher suite names do not include the authentication used,
-e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
-
-=head2 SSL v3.0 cipher suites.
-
- SSL_RSA_WITH_NULL_MD5                   NULL-MD5
- SSL_RSA_WITH_NULL_SHA                   NULL-SHA
- SSL_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
- SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
- SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
- SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
- SSL_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
- SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
-
- SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- SSL_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
- SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
- SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- SSL_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
- SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
- SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
- SSL_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
- SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
-
- SSL_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
- SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
-
- SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
- SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
- SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.
-
-=head2 TLS v1.0 cipher suites.
-
- TLS_RSA_WITH_NULL_MD5                   NULL-MD5
- TLS_RSA_WITH_NULL_SHA                   NULL-SHA
- TLS_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
- TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
- TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
- TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
- TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
- TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
- TLS_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
-
- TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- TLS_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
- TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
- TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- TLS_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
- TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
- TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
- TLS_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
- TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
-
- TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
- TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
- TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
-
-=head2 AES ciphersuites from RFC3268, extending TLS v1.0
-
- TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
- TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
-
- TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
- TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
- TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
- TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
-
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
-
- TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
- TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
-
-=head2 Additional Export 1024 and other cipher suites
-
-Note: these ciphers can also be used in SSL v3.
-
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     EXP1024-DES-CBC-SHA
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      EXP1024-RC4-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  EXP1024-DHE-DSS-RC4-SHA
- TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA
-
-=head2 SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
-
-=head1 NOTES
-
-The non-ephemeral DH modes are currently unimplemented in OpenSSL
-because there is no support for DH certificates.
-
-Some compiled versions of OpenSSL may not include all the ciphers
-listed here because some ciphers were excluded at compile time.
-
-=head1 EXAMPLES
-
-Verbose listing of all OpenSSL ciphers including NULL ciphers:
-
- openssl ciphers -v 'ALL:eNULL'
-
-Include all ciphers except NULL and anonymous DH then sort by
-strength:
-
- openssl ciphers -v 'ALL:!ADH:@STRENGTH'
-
-Include only 3DES ciphers and then place RSA ciphers last:
-
- openssl ciphers -v '3DES:+RSA'
-
-Include all RC4 ciphers but leave out those without authentication:
-
- openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
-
-Include all chiphers with RSA authentication but leave out ciphers without
-encryption.
-
- openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
-
-=head1 SEE ALSO
-
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
-
-=head1 HISTORY
-
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were
-added in version 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/apps/config.pod b/crypto/openssl/doc/apps/config.pod
deleted file mode 100644
index ce874a42ce13..000000000000
--- a/crypto/openssl/doc/apps/config.pod
+++ /dev/null
@@ -1,138 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-config - OpenSSL CONF library configuration files
-
-=head1 DESCRIPTION
-
-The OpenSSL CONF library can be used to read configuration files.
-It is used for the OpenSSL master configuration file B<openssl.cnf>
-and in a few other places like B<SPKAC> files and certificate extension
-files for the B<x509> utility.
-
-A configuration file is divided into a number of sections. Each section
-starts with a line B<[ section_name ]> and ends when a new section is
-started or end of file is reached. A section name can consist of
-alphanumeric characters and underscores.
-
-The first section of a configuration file is special and is referred
-to as the B<default> section this is usually unnamed and is from the
-start of file until the first named section. When a name is being looked up
-it is first looked up in a named section (if any) and then the
-default section.
-
-The environment is mapped onto a section called B<ENV>.
-
-Comments can be included by preceding them with the B<#> character
-
-Each section in a configuration file consists of a number of name and
-value pairs of the form B<name=value>
-
-The B<name> string can contain any alphanumeric characters as well as
-a few punctuation symbols such as B<.> B<,> B<;> and B<_>.
-
-The B<value> string consists of the string following the B<=> character
-until end of line with any leading and trailing white space removed.
-
-The value string undergoes variable expansion. This can be done by
-including the form B<$var> or B<${var}>: this will substitute the value
-of the named variable in the current section. It is also possible to
-substitute a value from another section using the syntax B<$section::name>
-or B<${section::name}>. By using the form B<$ENV::name> environment
-variables can be substituted. It is also possible to assign values to
-environment variables by using the name B<ENV::name>, this will work
-if the program looks up environment variables using the B<CONF> library
-instead of calling B<getenv()> directly.
-
-It is possible to escape certain characters by using any kind of quote
-or the B<\> character. By making the last character of a line a B<\>
-a B<value> string can be spread across multiple lines. In addition
-the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
-
-=head1 NOTES
-
-If a configuration file attempts to expand a variable that doesn't exist
-then an error is flagged and the file will not load. This can happen
-if an attempt is made to expand an environment variable that doesn't
-exist. For example the default OpenSSL master configuration file used
-the value of B<HOME> which may not be defined on non Unix systems.
-
-This can be worked around by including a B<default> section to provide
-a default value: then if the environment lookup fails the default value
-will be used instead. For this to work properly the default value must
-be defined earlier in the configuration file than the expansion. See
-the B<EXAMPLES> section for an example of how to do this.
-
-If the same variable exists in the same section then all but the last
-value will be silently ignored. In certain circumstances such as with
-DNs the same field may occur multiple times. This is usually worked
-around by ignoring any characters before an initial B<.> e.g.
-
- 1.OU="My first OU"
- 2.OU="My Second OU"
-
-=head1 EXAMPLES
-
-Here is a sample configuration file using some of the features
-mentioned above.
-
- # This is the default section.
- 
- HOME=/temp
- RANDFILE= ${ENV::HOME}/.rnd
- configdir=$ENV::HOME/config
-
- [ section_one ]
-
- # We are now in section one.
-
- # Quotes permit leading and trailing whitespace
- any = " any variable name "
-
- other = A string that can \
- cover several lines \
- by including \\ characters
-
- message = Hello World\n
-
- [ section_two ]
-
- greeting = $section_one::message
-
-This next example shows how to expand environment variables safely.
-
-Suppose you want a variable called B<tmpfile> to refer to a
-temporary filename. The directory it is placed in can determined by
-the the B<TEMP> or B<TMP> environment variables but they may not be
-set to any value at all. If you just include the environment variable
-names and the variable doesn't exist then this will cause an error when
-an attempt is made to load the configuration file. By making use of the
-default section both values can be looked up with B<TEMP> taking 
-priority and B</tmp> used if neither is defined:
-
- TMP=/tmp
- # The above value is used if TMP isn't in the environment
- TEMP=$ENV::TMP
- # The above value is used if TEMP isn't in the environment
- tmpfile=${ENV::TEMP}/tmp.filename
-
-=head1 BUGS
-
-Currently there is no way to include characters using the octal B<\nnn>
-form. Strings are all null terminated so nulls cannot form part of
-the value.
-
-The escaping isn't quite right: if you want to use sequences like B<\n>
-you can't use any quote escaping on the same line.
-
-Files are loaded in a single pass. This means that an variable expansion
-will only work if the variables referenced are defined earlier in the
-file.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>, L<req(1)|req(1)>, L<ca(1)|ca(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/crl.pod b/crypto/openssl/doc/apps/crl.pod
deleted file mode 100644
index a40c873b9568..000000000000
--- a/crypto/openssl/doc/apps/crl.pod
+++ /dev/null
@@ -1,117 +0,0 @@
-=pod
-
-=head1 NAME
-
-crl - CRL utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<crl>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-text>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-hash>]
-[B<-issuer>]
-[B<-lastupdate>]
-[B<-nextupdate>]
-[B<-CAfile file>]
-[B<-CApath dir>]
-
-=head1 DESCRIPTION
-
-The B<crl> command processes CRL files in DER or PEM format.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. B<DER> format is DER encoded CRL
-structure. B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-text>
-
-print out the CRL in text form.
-
-=item B<-noout>
-
-don't output the encoded version of the CRL.
-
-=item B<-hash>
-
-output a hash of the issuer name. This can be use to lookup CRLs in
-a directory by issuer name.
-
-=item B<-issuer>
-
-output the issuer name.
-
-=item B<-lastupdate>
-
-output the lastUpdate field.
-
-=item B<-nextupdate>
-
-output the nextUpdate field.
-
-=item B<-CAfile file>
-
-verify the signature on a CRL by looking up the issuing certificate in
-B<file>
-
-=item B<-CApath dir>
-
-verify the signature on a CRL by looking up the issuing certificate in
-B<dir>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=back
-
-=head1 NOTES
-
-The PEM CRL format uses the header and footer lines:
-
- -----BEGIN X509 CRL-----
- -----END X509 CRL-----
-
-=head1 EXAMPLES
-
-Convert a CRL file from PEM to DER:
-
- openssl crl -in crl.pem -outform DER -out crl.der
-
-Output the text form of a DER encoded certificate:
-
- openssl crl -in crl.der -text -noout
-
-=head1 BUGS
-
-Ideally it should be possible to create a CRL using appropriate options
-and files too.
-
-=head1 SEE ALSO
-
-L<crl2pkcs7(1)|crl2pkcs7(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/crl2pkcs7.pod b/crypto/openssl/doc/apps/crl2pkcs7.pod
deleted file mode 100644
index 3797bc0df4ef..000000000000
--- a/crypto/openssl/doc/apps/crl2pkcs7.pod
+++ /dev/null
@@ -1,91 +0,0 @@
-=pod
-
-=head1 NAME
-
-crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
-
-=head1 SYNOPSIS
-
-B<openssl> B<crl2pkcs7>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-certfile filename>]
-[B<-nocrl>]
-
-=head1 DESCRIPTION
-
-The B<crl2pkcs7> command takes an optional CRL and one or more
-certificates and converts them into a PKCS#7 degenerate "certificates
-only" structure.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the CRL input format. B<DER> format is DER encoded CRL
-structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the PKCS#7 structure output format. B<DER> format is DER
-encoded PKCS#7 structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-in filename>
-
-This specifies the input filename to read a CRL from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write the PKCS#7 structure to or standard
-output by default.
-
-=item B<-certfile filename>
-
-specifies a filename containing one or more certificates in B<PEM> format.
-All certificates in the file will be added to the PKCS#7 structure. This
-option can be used more than once to read certificates form multiple
-files.
-
-=item B<-nocrl>
-
-normally a CRL is included in the output file. With this option no CRL is
-included in the output file and a CRL is not read from the input file.
-
-=back
-
-=head1 EXAMPLES
-
-Create a PKCS#7 structure from a certificate and CRL:
-
- openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem
-
-Creates a PKCS#7 structure in DER format with no CRL from several
-different certificates:
-
- openssl crl2pkcs7 -nocrl -certfile newcert.pem 
-	-certfile demoCA/cacert.pem -outform DER -out p7.der
-
-=head1 NOTES
-
-The output file is a PKCS#7 signed data structure containing no signers and
-just certificates and an optional CRL.
-
-This utility can be used to send certificates and CAs to Netscape as part of
-the certificate enrollment process. This involves sending the DER encoded output
-as MIME type application/x-x509-user-cert.
-
-The B<PEM> encoded form with the header and footer lines removed can be used to
-install user certificates and CAs in MSIE using the Xenroll control.
-
-=head1 SEE ALSO
-
-L<pkcs7(1)|pkcs7(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/dgst.pod b/crypto/openssl/doc/apps/dgst.pod
deleted file mode 100644
index 1648742bcfe1..000000000000
--- a/crypto/openssl/doc/apps/dgst.pod
+++ /dev/null
@@ -1,104 +0,0 @@
-=pod
-
-=head1 NAME
-
-dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests
-
-=head1 SYNOPSIS
-
-B<openssl> B<dgst> 
-[B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>]
-[B<-c>]
-[B<-d>]
-[B<-hex>]
-[B<-binary>]
-[B<-out filename>]
-[B<-sign filename>]
-[B<-verify filename>]
-[B<-prverify filename>]
-[B<-signature filename>]
-[B<file...>]
-
-[B<md5|md4|md2|sha1|sha|mdc2|ripemd160>]
-[B<-c>]
-[B<-d>]
-[B<file...>]
-
-=head1 DESCRIPTION
-
-The digest functions output the message digest of a supplied file or files
-in hexadecimal form. They can also be used for digital signing and verification.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-c>
-
-print out the digest in two digit groups separated by colons, only relevant if
-B<hex> format output is used.
-
-=item B<-d>
-
-print out BIO debugging information.
-
-=item B<-hex>
-
-digest is to be output as a hex dump. This is the default case for a "normal"
-digest as opposed to a digital signature.
-
-=item B<-binary>
-
-output the digest or signature in binary form.
-
-=item B<-out filename>
-
-filename to output to, or standard output by default.
-
-=item B<-sign filename>
-
-digitally sign the digest using the private key in "filename".
-
-=item B<-verify filename>
-
-verify the signature using the the public key in "filename".
-The output is either "Verification OK" or "Verification Failure".
-
-=item B<-prverify filename>
-
-verify the signature using the  the private key in "filename".
-
-=item B<-signature filename>
-
-the actual signature to verify.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others. 
-
-=item B<file...>
-
-file or files to digest. If no files are specified then standard input is
-used.
-
-=back
-
-=head1 NOTES
-
-The digest of choice for all new applications is SHA1. Other digests are
-however still widely used.
-
-If you wish to sign or verify data using the DSA algorithm then the dss1
-digest must be used.
-
-A source of random numbers is required for certain signing algorithms, in
-particular DSA.
-
-The signing and verify options should only be used if a single file is
-being signed or verified.
-
-=cut
diff --git a/crypto/openssl/doc/apps/dhparam.pod b/crypto/openssl/doc/apps/dhparam.pod
deleted file mode 100644
index c31db95a4732..000000000000
--- a/crypto/openssl/doc/apps/dhparam.pod
+++ /dev/null
@@ -1,141 +0,0 @@
-=pod
-
-=head1 NAME
-
-dhparam - DH parameter manipulation and generation
-
-=head1 SYNOPSIS
-
-B<openssl dhparam>
-[B<-inform DER|PEM>]
-[B<-outform DER|PEM>]
-[B<-in> I<filename>]
-[B<-out> I<filename>]
-[B<-dsaparam>]
-[B<-noout>]
-[B<-text>]
-[B<-C>]
-[B<-2>]
-[B<-5>]
-[B<-rand> I<file(s)>]
-[B<-engine id>]
-[I<numbits>]
-
-=head1 DESCRIPTION
-
-This command is used to manipulate DH parameter files.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#3 DHparameter structure. The PEM form is the
-default format: it consists of the B<DER> format base64 encoded with
-additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in> I<filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified.
-
-=item B<-out> I<filename>
-
-This specifies the output filename parameters to. Standard output is used
-if this option is not present. The output filename should B<not> be the same
-as the input filename.
-
-=item B<-dsaparam>
-
-If this option is used, DSA rather than DH parameters are read or created;
-they are converted to DH format.  Otherwise, "strong" primes (such
-that (p-1)/2 is also prime) will be used for DH parameter generation.
-
-DH parameter generation with the B<-dsaparam> option is much faster,
-and the recommended exponent length is shorter, which makes DH key
-exchange more efficient.  Beware that with such DSA-style DH
-parameters, a fresh DH key should be created for each use to
-avoid small-subgroup attacks that may be possible otherwise.
-
-=item B<-2>, B<-5>
-
-The generator to use, either 2 or 5. 2 is the default. If present then the
-input file is ignored and parameters are generated instead.
-
-=item B<-rand> I<file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item I<numbits>
-
-this option specifies that a parameter set should be generated of size
-I<numbits>. It must be the last option. If not present then a value of 512
-is used. If this option is present then the input file is ignored and 
-parameters are generated instead.
-
-=item B<-noout>
-
-this option inhibits the output of the encoded version of the parameters.
-
-=item B<-text>
-
-this option prints out the DH parameters in human readable form.
-
-=item B<-C>
-
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the B<get_dh>I<numbits>B<()> function.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 WARNINGS
-
-The program B<dhparam> combines the functionality of the programs B<dh> and
-B<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh>
-programs are retained for now but may have different purposes in future 
-versions of OpenSSL.
-
-=head1 NOTES
-
-PEM format DH parameters use the header and footer lines:
-
- -----BEGIN DH PARAMETERS-----
- -----END DH PARAMETERS-----
-
-OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42
-DH.
-
-This program manipulates DH parameters not keys.
-
-=head1 BUGS
-
-There should be a way to generate and manipulate DH keys.
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>
-
-=head1 HISTORY
-
-The B<dhparam> command was added in OpenSSL 0.9.5.
-The B<-dsaparam> option was added in OpenSSL 0.9.6.
-
-=cut
diff --git a/crypto/openssl/doc/apps/dsa.pod b/crypto/openssl/doc/apps/dsa.pod
deleted file mode 100644
index ed06b8806d8c..000000000000
--- a/crypto/openssl/doc/apps/dsa.pod
+++ /dev/null
@@ -1,158 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsa - DSA key processing
-
-=head1 SYNOPSIS
-
-B<openssl> B<dsa>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-text>]
-[B<-noout>]
-[B<-modulus>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<dsa> command processes DSA keys. They can be converted between various
-forms and their components printed out. B<Note> This command uses the
-traditional SSLeay compatible format for private key encryption: newer
-applications should use the more secure PKCS#8 format using the B<pkcs8>
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option with a private key uses
-an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of
-version (currently zero), p, q, g, the public and private key components
-respectively as ASN.1 INTEGERs. When used with a public key it uses a
-SubjectPublicKeyInfo structure: it is an error if the key is not DSA.
-
-The B<PEM> form is the default format: it consists of the B<DER> format base64
-encoded with additional header and footer lines. In the case of a private key
-PKCS#8 format is also accepted.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output by
-is not specified. If any encryption options are set then a pass phrase will be
-prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the 
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified the key is written in plain text. This
-means that using the B<dsa> utility to read in an encrypted key with no
-encryption option can be used to remove the pass phrase from a key, or by
-setting the encryption options it can be use to add or change the pass phrase.
-These options can only be used with PEM format output files.
-
-=item B<-text>
-
-prints out the public, private key components and parameters.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the key.
-
-=item B<-modulus>
-
-this option prints out the value of the public key component of the key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this option a
-public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output. With this option a public
-key will be output instead. This option is automatically set if the input is
-a public key.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The PEM private key format uses the header and footer lines:
-
- -----BEGIN DSA PRIVATE KEY-----
- -----END DSA PRIVATE KEY-----
-
-The PEM public key format uses the header and footer lines:
-
- -----BEGIN PUBLIC KEY-----
- -----END PUBLIC KEY-----
-
-=head1 EXAMPLES
-
-To remove the pass phrase on a DSA private key:
-
- openssl dsa -in key.pem -out keyout.pem
-
-To encrypt a private key using triple DES:
-
- openssl dsa -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format: 
-
- openssl dsa -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl dsa -in key.pem -text -noout
-
-To just output the public part of a private key:
-
- openssl dsa -in key.pem -pubout -out pubkey.pem
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>, L<gendsa(1)|gendsa(1)>, L<rsa(1)|rsa(1)>,
-L<genrsa(1)|genrsa(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/dsaparam.pod b/crypto/openssl/doc/apps/dsaparam.pod
deleted file mode 100644
index b9b1b93b42ec..000000000000
--- a/crypto/openssl/doc/apps/dsaparam.pod
+++ /dev/null
@@ -1,110 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsaparam - DSA parameter manipulation and generation
-
-=head1 SYNOPSIS
-
-B<openssl dsaparam>
-[B<-inform DER|PEM>]
-[B<-outform DER|PEM>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-text>]
-[B<-C>]
-[B<-rand file(s)>]
-[B<-genkey>]
-[B<-engine id>]
-[B<numbits>]
-
-=head1 DESCRIPTION
-
-This command is used to manipulate or generate DSA parameter files.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting
-of p, q and g respectively. The PEM form is the default format: it consists
-of the B<DER> format base64 encoded with additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified. If the B<numbits> parameter is included then
-this option will be ignored.
-
-=item B<-out filename>
-
-This specifies the output filename parameters to. Standard output is used
-if this option is not present. The output filename should B<not> be the same
-as the input filename.
-
-=item B<-noout>
-
-this option inhibits the output of the encoded version of the parameters.
-
-=item B<-text>
-
-this option prints out the DSA parameters in human readable form.
-
-=item B<-C>
-
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the B<get_dsaXXX()> function.
-
-=item B<-genkey>
-
-this option will generate a DSA either using the specified or generated
-parameters.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<numbits>
-
-this option specifies that a parameter set should be generated of size
-B<numbits>. It must be the last option. If this option is included then
-the input file (if any) is ignored.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-PEM format DSA parameters use the header and footer lines:
-
- -----BEGIN DSA PARAMETERS-----
- -----END DSA PARAMETERS-----
-
-DSA parameter generation is a slow process and as a result the same set of
-DSA parameters is often used to generate several distinct keys.
-
-=head1 SEE ALSO
-
-L<gendsa(1)|gendsa(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/enc.pod b/crypto/openssl/doc/apps/enc.pod
deleted file mode 100644
index ddf081617f51..000000000000
--- a/crypto/openssl/doc/apps/enc.pod
+++ /dev/null
@@ -1,271 +0,0 @@
-=pod
-
-=head1 NAME
-
-enc - symmetric cipher routines
-
-=head1 SYNOPSIS
-
-B<openssl enc -ciphername>
-[B<-in filename>]
-[B<-out filename>]
-[B<-pass arg>]
-[B<-e>]
-[B<-d>]
-[B<-a>]
-[B<-A>]
-[B<-k password>]
-[B<-kfile filename>]
-[B<-K key>]
-[B<-iv IV>]
-[B<-p>]
-[B<-P>]
-[B<-bufsize number>]
-[B<-nopad>]
-[B<-debug>]
-
-=head1 DESCRIPTION
-
-The symmetric cipher commands allow data to be encrypted or decrypted
-using various block and stream ciphers using keys based on passwords
-or explicitly provided. Base64 encoding or decoding can also be performed
-either by itself or in addition to the encryption or decryption.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-the input filename, standard input by default.
-
-=item B<-out filename>
-
-the output filename, standard output by default.
-
-=item B<-pass arg>
-
-the password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-salt>
-
-use a salt in the key derivation routines. This option should B<ALWAYS>
-be used unless compatibility with previous versions of OpenSSL or SSLeay
-is required. This option is only present on OpenSSL versions 0.9.5 or
-above.
-
-=item B<-nosalt>
-
-don't use a salt in the key derivation routines. This is the default for
-compatibility with previous versions of OpenSSL and SSLeay.
-
-=item B<-e>
-
-encrypt the input data: this is the default.
-
-=item B<-d>
-
-decrypt the input data.
-
-=item B<-a>
-
-base64 process the data. This means that if encryption is taking place
-the data is base64 encoded after encryption. If decryption is set then
-the input data is base64 decoded before being decrypted.
-
-=item B<-A>
-
-if the B<-a> option is set then base64 process the data on one line.
-
-=item B<-k password>
-
-the password to derive the key from. This is for compatibility with previous
-versions of OpenSSL. Superseded by the B<-pass> argument.
-
-=item B<-kfile filename>
-
-read the password to derive the key from the first line of B<filename>.
-This is for computability with previous versions of OpenSSL. Superseded by
-the B<-pass> argument.
-
-=item B<-S salt>
-
-the actual salt to use: this must be represented as a string comprised only
-of hex digits.
-
-=item B<-K key>
-
-the actual key to use: this must be represented as a string comprised only
-of hex digits. If only the key is specified, the IV must additionally specified
-using the B<-iv> option. When both a key and a password are specified, the
-key given with the B<-K> option will be used and the IV generated from the
-password will be taken. It probably does not make much sense to specify
-both key and password.
-
-=item B<-iv IV>
-
-the actual IV to use: this must be represented as a string comprised only
-of hex digits. When only the key is specified using the B<-K> option, the
-IV must explicitly be defined. When a password is being specified using
-one of the other options, the IV is generated from this password.
-
-=item B<-p>
-
-print out the key and IV used.
-
-=item B<-P>
-
-print out the key and IV used then immediately exit: don't do any encryption
-or decryption.
-
-=item B<-bufsize number>
-
-set the buffer size for I/O
-
-=item B<-nopad>
-
-disable standard block padding
-
-=item B<-debug>
-
-debug the BIOs used for I/O.
-
-=back
-
-=head1 NOTES
-
-The program can be called either as B<openssl ciphername> or
-B<openssl enc -ciphername>.
-
-A password will be prompted for to derive the key and IV if necessary.
-
-The B<-salt> option should B<ALWAYS> be used if the key is being derived
-from a password unless you want compatibility with previous versions of
-OpenSSL and SSLeay.
-
-Without the B<-salt> option it is possible to perform efficient dictionary
-attacks on the password and to attack stream cipher encrypted data. The reason
-for this is that without the salt the same password always generates the same
-encryption key. When the salt is being used the first eight bytes of the
-encrypted data are reserved for the salt: it is generated at random when
-encrypting a file and read from the encrypted file when it is decrypted.
-
-Some of the ciphers do not have large keys and others have security
-implications if not used correctly. A beginner is advised to just use
-a strong block cipher in CBC mode such as bf or des3.
-
-All the block ciphers normally use PKCS#5 padding also known as standard block
-padding: this allows a rudimentary integrity or password check to be
-performed. However since the chance of random data passing the test is
-better than 1 in 256 it isn't a very good test.
-
-If padding is disabled then the input data must be a multiple of the cipher
-block length.
-
-All RC2 ciphers have the same key and effective key length.
-
-Blowfish and RC5 algorithms use a 128 bit key.
-
-=head1 SUPPORTED CIPHERS
-
- base64             Base 64
-
- bf-cbc             Blowfish in CBC mode
- bf                 Alias for bf-cbc
- bf-cfb             Blowfish in CFB mode
- bf-ecb             Blowfish in ECB mode
- bf-ofb             Blowfish in OFB mode
-
- cast-cbc           CAST in CBC mode
- cast               Alias for cast-cbc
- cast5-cbc          CAST5 in CBC mode
- cast5-cfb          CAST5 in CFB mode
- cast5-ecb          CAST5 in ECB mode
- cast5-ofb          CAST5 in OFB mode
-
- des-cbc            DES in CBC mode
- des                Alias for des-cbc
- des-cfb            DES in CBC mode
- des-ofb            DES in OFB mode
- des-ecb            DES in ECB mode
-
- des-ede-cbc        Two key triple DES EDE in CBC mode
- des-ede            Alias for des-ede
- des-ede-cfb        Two key triple DES EDE in CFB mode
- des-ede-ofb        Two key triple DES EDE in OFB mode
-
- des-ede3-cbc       Three key triple DES EDE in CBC mode
- des-ede3           Alias for des-ede3-cbc
- des3               Alias for des-ede3-cbc
- des-ede3-cfb       Three key triple DES EDE CFB mode
- des-ede3-ofb       Three key triple DES EDE in OFB mode
-
- desx               DESX algorithm.
-
- idea-cbc           IDEA algorithm in CBC mode
- idea               same as idea-cbc
- idea-cfb           IDEA in CFB mode
- idea-ecb           IDEA in ECB mode
- idea-ofb           IDEA in OFB mode
-
- rc2-cbc            128 bit RC2 in CBC mode
- rc2                Alias for rc2-cbc
- rc2-cfb            128 bit RC2 in CBC mode
- rc2-ecb            128 bit RC2 in CBC mode
- rc2-ofb            128 bit RC2 in CBC mode
- rc2-64-cbc         64 bit RC2 in CBC mode
- rc2-40-cbc         40 bit RC2 in CBC mode
-
- rc4                128 bit RC4
- rc4-64             64 bit RC4
- rc4-40             40 bit RC4
-
- rc5-cbc            RC5 cipher in CBC mode
- rc5                Alias for rc5-cbc
- rc5-cfb            RC5 cipher in CBC mode
- rc5-ecb            RC5 cipher in CBC mode
- rc5-ofb            RC5 cipher in CBC mode
-
-=head1 EXAMPLES
-
-Just base64 encode a binary file:
-
- openssl base64 -in file.bin -out file.b64
-
-Decode the same file
-
- openssl base64 -d -in file.b64 -out file.bin 
-
-Encrypt a file using triple DES in CBC mode using a prompted password:
-
- openssl des3 -salt -in file.txt -out file.des3 
-
-Decrypt a file using a supplied password:
-
- openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword
-
-Encrypt a file then base64 encode it (so it can be sent via mail for example)
-using Blowfish in CBC mode:
-
- openssl bf -a -salt -in file.txt -out file.bf
-
-Base64 decode a file then decrypt it:
-
- openssl bf -d -salt -a -in file.bf -out file.txt
-
-Decrypt some data using a supplied 40 bit RC4 key:
-
- openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405
-
-=head1 BUGS
-
-The B<-A> option when used with large files doesn't work properly.
-
-There should be an option to allow an iteration count to be included.
-
-The B<enc> program only supports a fixed number of algorithms with
-certain parameters. So if, for example, you want to use RC2 with a
-76 bit key or RC4 with an 84 bit key you can't use this program.
-
-=cut
diff --git a/crypto/openssl/doc/apps/gendsa.pod b/crypto/openssl/doc/apps/gendsa.pod
deleted file mode 100644
index 2c56cc788897..000000000000
--- a/crypto/openssl/doc/apps/gendsa.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-gendsa - generate a DSA private key from a set of parameters
-
-=head1 SYNOPSIS
-
-B<openssl> B<gendsa>
-[B<-out filename>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-rand file(s)>]
-[B<-engine id>]
-[B<paramfile>]
-
-=head1 DESCRIPTION
-
-The B<gendsa> command generates a DSA private key from a DSA parameter file
-(which will be typically generated by the B<openssl dsaparam> command).
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the 
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified no encryption is used.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<paramfile>
-
-This option specifies the DSA parameter file to use. The parameters in this
-file determine the size of the private key. DSA parameters can be generated
-and examined using the B<openssl dsaparam> command.
-
-=back
-
-=head1 NOTES
-
-DSA key generation is little more than random number generation so it is
-much quicker that RSA key generation for example.
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/genrsa.pod b/crypto/openssl/doc/apps/genrsa.pod
deleted file mode 100644
index 25af4d1475cd..000000000000
--- a/crypto/openssl/doc/apps/genrsa.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-genrsa - generate an RSA private key
-
-=head1 SYNOPSIS
-
-B<openssl> B<genrsa>
-[B<-out filename>]
-[B<-passout arg>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-f4>]
-[B<-3>]
-[B<-rand file(s)>]
-[B<-engine id>]
-[B<numbits>]
-
-=head1 DESCRIPTION
-
-The B<genrsa> command generates an RSA private key.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-out filename>
-
-the output filename. If this argument is not specified then standard output is
-used.  
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the 
-IDEA ciphers respectively before outputting it. If none of these options is
-specified no encryption is used. If encryption is used a pass phrase is prompted
-for if it is not supplied via the B<-passout> argument.
-
-=item B<-F4|-3>
-
-the public exponent to use, either 65537 or 3. The default is 65537.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<numbits>
-
-the size of the private key to generate in bits. This must be the last option
-specified. The default is 512.
-
-=back
-
-=head1 NOTES
-
-RSA private key generation essentially involves the generation of two prime
-numbers. When generating a private key various symbols will be output to
-indicate the progress of the generation. A B<.> represents each number which
-has passed an initial sieve test, B<+> means a number has passed a single
-round of the Miller-Rabin primality test. A newline means that the number has
-passed all the prime tests (the actual number depends on the key size).
-
-Because key generation is a random process the time taken to generate a key
-may vary somewhat.
-
-=head1 BUGS
-
-A quirk of the prime generation algorithm is that it cannot generate small
-primes. Therefore the number of bits should not be less that 64. For typical
-private keys this will not matter because for security reasons they will
-be much larger (typically 1024 bits).
-
-=head1 SEE ALSO
-
-L<gendsa(1)|gendsa(1)>
-
-=cut
-
diff --git a/crypto/openssl/doc/apps/nseq.pod b/crypto/openssl/doc/apps/nseq.pod
deleted file mode 100644
index 989c3108fb83..000000000000
--- a/crypto/openssl/doc/apps/nseq.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-nseq - create or examine a netscape certificate sequence
-
-=head1 SYNOPSIS
-
-B<openssl> B<nseq>
-[B<-in filename>]
-[B<-out filename>]
-[B<-toseq>]
-
-=head1 DESCRIPTION
-
-The B<nseq> command takes a file containing a Netscape certificate
-sequence and prints out the certificates contained in it or takes a
-file of certificates and converts it into a Netscape certificate
-sequence.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename or standard output by default.
-
-=item B<-toseq>
-
-normally a Netscape certificate sequence will be input and the output
-is the certificates contained in it. With the B<-toseq> option the
-situation is reversed: a Netscape certificate sequence is created from
-a file of certificates.
-
-=back
-
-=head1 EXAMPLES
-
-Output the certificates in a Netscape certificate sequence
-
- openssl nseq -in nseq.pem -out certs.pem
-
-Create a Netscape certificate sequence
-
- openssl nseq -in certs.pem -toseq -out nseq.pem
-
-=head1 NOTES
-
-The B<PEM> encoded form uses the same headers and footers as a certificate:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-A Netscape certificate sequence is a Netscape specific form that can be sent
-to browsers as an alternative to the standard PKCS#7 format when several
-certificates are sent to the browser: for example during certificate enrollment.
-It is used by Netscape certificate server for example.
-
-=head1 BUGS
-
-This program needs a few more options: like allowing DER or PEM input and
-output files and allowing multiple certificate files to be used.
-
-=cut
diff --git a/crypto/openssl/doc/apps/ocsp.pod b/crypto/openssl/doc/apps/ocsp.pod
deleted file mode 100644
index da201b95e64f..000000000000
--- a/crypto/openssl/doc/apps/ocsp.pod
+++ /dev/null
@@ -1,348 +0,0 @@
-=pod
-
-=head1 NAME
-
-ocsp - Online Certificate Status Protocol utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<ocsp>
-[B<-out file>]
-[B<-issuer file>]
-[B<-cert file>]
-[B<-serial n>]
-[B<-req_text>]
-[B<-resp_text>]
-[B<-text>]
-[B<-reqout file>]
-[B<-respout file>]
-[B<-reqin file>]
-[B<-respin file>]
-[B<-nonce>]
-[B<-no_nonce>]
-[B<-url responder_url>]
-[B<-host host:n>]
-[B<-path>]
-[B<-CApath file>]
-[B<-CAfile file>]
-[B<-VAfile file>]
-[B<-verify_certs file>]
-[B<-noverify>]
-[B<-trust_other>]
-[B<-no_intern>]
-[B<-no_sig_verify>]
-[B<-no_cert_verify>]
-[B<-no_chain>]
-[B<-no_cert_checks>]
-[B<-validity_period nsec>]
-[B<-status_age nsec>]
-
-=head1 DESCRIPTION
-
-B<WARNING: this documentation is preliminary and subject to change.>
-
-The Online Certificate Status Protocol (OCSP) enables applications to
-determine the (revocation) state of an identified certificate (RFC 2560).
-
-The B<ocsp> command performs many common OCSP tasks. It can be used
-to print out requests and responses, create requests and send queries
-to an OCSP responder and behave like a mini OCSP server itself.
-
-=head1 OCSP CLIENT OPTIONS
-
-=over 4
-
-=item B<-out filename>
-
-specify output filename, default is standard output.
-
-=item B<-issuer filename>
-
-This specifies the current issuer certificate. This option can be used
-multiple times. The certificate specified in B<filename> must be in
-PEM format.
-
-=item B<-cert filename>
-
-Add the certificate B<filename> to the request. The issuer certificate
-is taken from the previous B<issuer> option, or an error occurs if no
-issuer certificate is specified.
-
-=item B<-serial num>
-
-Same as the B<cert> option except the certificate with serial number
-B<num> is added to the request. The serial number is interpreted as a
-decimal integer unless preceded by B<0x>. Negative integers can also
-be specified by preceding the value by a B<-> sign.
-
-=item B<-signer filename>, B<-signkey filename>
-
-Sign the OCSP request using the certificate specified in the B<signer>
-option and the private key specified by the B<signkey> option. If
-the B<signkey> option is not present then the private key is read
-from the same file as the certificate. If neither option is specified then
-the OCSP request is not signed.
-
-=item B<-nonce>, B<-no_nonce>
-
-Add an OCSP nonce extension to a request or disable OCSP nonce addition.
-Normally if an OCSP request is input using the B<respin> option no
-nonce is added: using the B<nonce> option will force addition of a nonce.
-If an OCSP request is being created (using B<cert> and B<serial> options)
-a nonce is automatically added specifying B<no_nonce> overrides this.
-
-=item B<-req_text>, B<-resp_text>, B<-text>
-
-print out the text form of the OCSP request, response or both respectively.
-
-=item B<-reqout file>, B<-respout file>
-
-write out the DER encoded certificate request or response to B<file>.
-
-=item B<-reqin file>, B<-respin file>
-
-read OCSP request or response file from B<file>. These option are ignored
-if OCSP request or response creation is implied by other options (for example
-with B<serial>, B<cert> and B<host> options).
-
-=item B<-url responder_url>
-
-specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.
-
-=item B<-host hostname:port>, B<-path pathname>
-
-if the B<host> option is present then the OCSP request is sent to the host
-B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
-or "/" by default.
-
-=item B<-CAfile file>, B<-CApath pathname>
-
-file or pathname containing trusted CA certificates. These are used to verify
-the signature on the OCSP response.
-
-=item B<-verify_certs file>
-
-file containing additional certificates to search when attempting to locate
-the OCSP response signing certificate. Some responders omit the actual signer's
-certificate from the response: this option can be used to supply the necessary
-certificate in such cases.
-
-=item B<-trust_other>
-
-the certificates specified by the B<-verify_certs> option should be explicitly
-trusted and no additional checks will be performed on them. This is useful
-when the complete responder certificate chain is not available or trusting a
-root CA is not appropriate.
-
-=item B<-VAfile file>
-
-file containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_certs> and B<-trust_other> options.
-
-=item B<-noverify>
-
-don't attempt to verify the OCSP response signature or the nonce values. This
-option will normally only be used for debugging since it disables all verification
-of the responders certificate.
-
-=item B<-no_intern>
-
-ignore certificates contained in the OCSP response when searching for the
-signers certificate. With this option the signers certificate must be specified
-with either the B<-verify_certs> or B<-VAfile> options.
-
-=item B<-no_sig_verify>
-
-don't check the signature on the OCSP response. Since this option tolerates invalid
-signatures on OCSP responses it will normally only be used for testing purposes.
-
-=item B<-no_cert_verify>
-
-don't verify the OCSP response signers certificate at all. Since this option allows
-the OCSP response to be signed by any certificate it should only be used for
-testing purposes.
-
-=item B<-no_chain>
-
-do not use certificates in the response as additional untrusted CA
-certificates.
-
-=item B<-no_cert_checks>
-
-don't perform any additional checks on the OCSP response signers certificate.
-That is do not make any checks to see if the signers certificate is authorised
-to provide the necessary status information: as a result this option should
-only be used for testing purposes.
-
-=item B<-validity_period nsec>, B<-status_age age>
-
-these options specify the range of times, in seconds, which will be tolerated
-in an OCSP response. Each certificate status response includes a B<notBefore> time and
-an optional B<notAfter> time. The current time should fall between these two values, but
-the interval between the two times may be only a few seconds. In practice the OCSP
-responder and clients clocks may not be precisely synchronised and so such a check
-may fail. To avoid this the B<-validity_period> option can be used to specify an
-acceptable error range in seconds, the default value is 5 minutes.
-
-If the B<notAfter> time is omitted from a response then this means that new status
-information is immediately available. In this case the age of the B<notBefore> field
-is checked to see it is not older than B<age> seconds old. By default this additional
-check is not performed.
-
-=back
-
-=head1 OCSP SERVER OPTIONS
-
-=over 4
-
-=item B<-index indexfile>
-
-B<indexfile> is a text index file in B<ca> format containing certificate revocation
-information.
-
-If the B<index> option is specified the B<ocsp> utility is in responder mode, otherwise
-it is in client mode. The request(s) the responder processes can be either specified on
-the command line (using B<issuer> and B<serial> options), supplied in a file (using the
-B<respin> option) or via external OCSP clients (if B<port> or B<url> is specified).
-
-If the B<index> option is present then the B<CA> and B<rsigner> options must also be
-present.
-
-=item B<-CA file>
-
-CA certificate corresponding to the revocation information in B<indexfile>.
-
-=item B<-rsigner file>
-
-The certificate to sign OCSP responses with.
-
-=item B<-rother file>
-
-Additional certificates to include in the OCSP response.
-
-=item B<-resp_no_certs>
-
-Don't include any certificates in the OCSP response.
-
-=item B<-resp_key_id>
-
-Identify the signer certificate using the key ID, default is to use the subject name.
-
-=item B<-rkey file>
-
-The private key to sign OCSP responses with: if not present the file specified in the
-B<rsigner> option is used.
-
-=item B<-port portnum>
-
-Port to listen for OCSP requests on. The port may also be specified using the B<url>
-option.
-
-=item B<-nrequest number>
-
-The OCSP server will exit after receiving B<number> requests, default unlimited. 
-
-=item B<-nmin minutes>, B<-ndays days>
-
-Number of minutes or days when fresh revocation information is available: used in the
-B<nextUpdate> field. If neither option is present then the B<nextUpdate> field is 
-omitted meaning fresh revocation information is immediately available.
-
-=back
-
-=head1 OCSP Response verification.
-
-OCSP Response follows the rules specified in RFC2560.
-
-Initially the OCSP responder certificate is located and the signature on
-the OCSP request checked using the responder certificate's public key.
-
-Then a normal certificate verify is performed on the OCSP responder certificate
-building up a certificate chain in the process. The locations of the trusted
-certificates used to build the chain can be specified by the B<CAfile>
-and B<CApath> options or they will be looked for in the standard OpenSSL
-certificates directory.
-
-If the initial verify fails then the OCSP verify process halts with an
-error.
-
-Otherwise the issuing CA certificate in the request is compared to the OCSP
-responder certificate: if there is a match then the OCSP verify succeeds.
-
-Otherwise the OCSP responder certificate's CA is checked against the issuing
-CA certificate in the request. If there is a match and the OCSPSigning
-extended key usage is present in the OCSP responder certificate then the
-OCSP verify succeeds.
-
-Otherwise the root CA of the OCSP responders CA is checked to see if it
-is trusted for OCSP signing. If it is the OCSP verify succeeds.
-
-If none of these checks is successful then the OCSP verify fails.
-
-What this effectively means if that if the OCSP responder certificate is
-authorised directly by the CA it is issuing revocation information about
-(and it is correctly configured) then verification will succeed.
-
-If the OCSP responder is a "global responder" which can give details about
-multiple CAs and has its own separate certificate chain then its root
-CA can be trusted for OCSP signing. For example:
-
- openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem
-
-Alternatively the responder certificate itself can be explicitly trusted
-with the B<-VAfile> option.
-
-=head1 NOTES
-
-As noted, most of the verify options are for testing or debugging purposes.
-Normally only the B<-CApath>, B<-CAfile> and (if the responder is a 'global
-VA') B<-VAfile> options need to be used.
-
-The OCSP server is only useful for test and demonstration purposes: it is
-not really usable as a full OCSP responder. It contains only a very
-simple HTTP request handling and can only handle the POST form of OCSP
-queries. It also handles requests serially meaning it cannot respond to
-new requests until it has processed the current one. The text index file
-format of revocation is also inefficient for large quantities of revocation
-data.
-
-It is possible to run the B<ocsp> application in responder mode via a CGI
-script using the B<respin> and B<respout> options.
-
-=head1 EXAMPLES
-
-Create an OCSP request and write it to a file:
-
- openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der
-
-Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the 
-response to a file and print it out in text form
-
- openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
-     -url http://ocsp.myhost.com/ -resp_text -respout resp.der
-
-Read in an OCSP response and print out text form:
-
- openssl ocsp -respin resp.der -text
-
-OCSP server on port 8888 using a standard B<ca> configuration, and a separate
-responder certificate. All requests and responses are printed to a file.
-
- openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-	-text -out log.txt
-
-As above but exit after processing one request:
-
- openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-     -nrequest 1
-
-Query status information using internally generated request:
-
- openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-     -issuer demoCA/cacert.pem -serial 1
-
-Query status information using request read from a file, write response to a
-second file.
-
- openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-     -reqin req.der -respout resp.der
diff --git a/crypto/openssl/doc/apps/openssl.pod b/crypto/openssl/doc/apps/openssl.pod
deleted file mode 100644
index 07dd80eabe56..000000000000
--- a/crypto/openssl/doc/apps/openssl.pod
+++ /dev/null
@@ -1,344 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-openssl - OpenSSL command line tool
-
-=head1 SYNOPSIS
-
-B<openssl>
-I<command>
-[ I<command_opts> ]
-[ I<command_args> ]
-
-B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> ]
-
-B<openssl> B<no->I<XXX> [ I<arbitrary options> ]
-
-=head1 DESCRIPTION
-
-OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
-v2/v3) and Transport Layer Security (TLS v1) network protocols and related
-cryptography standards required by them.
-
-The B<openssl> program is a command line tool for using the various
-cryptography functions of OpenSSL's B<crypto> library from the shell. 
-It can be used for 
-
- o  Creation of RSA, DH and DSA key parameters
- o  Creation of X.509 certificates, CSRs and CRLs 
- o  Calculation of Message Digests
- o  Encryption and Decryption with Ciphers
- o  SSL/TLS Client and Server Tests
- o  Handling of S/MIME signed or encrypted mail
-
-=head1 COMMAND SUMMARY
-
-The B<openssl> program provides a rich variety of commands (I<command> in the
-SYNOPSIS above), each of which often has a wealth of options and arguments
-(I<command_opts> and I<command_args> in the SYNOPSIS).
-
-The pseudo-commands B<list-standard-commands>, B<list-message-digest-commands>,
-and B<list-cipher-commands> output a list (one entry per line) of the names
-of all standard commands, message digest commands, or cipher commands,
-respectively, that are available in the present B<openssl> utility.
-
-The pseudo-command B<no->I<XXX> tests whether a command of the
-specified name is available.  If no command named I<XXX> exists, it
-returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1
-and prints I<XXX>.  In both cases, the output goes to B<stdout> and
-nothing is printed to B<stderr>.  Additional command line arguments
-are always ignored.  Since for each cipher there is a command of the
-same name, this provides an easy way for shell scripts to test for the
-availability of ciphers in the B<openssl> program.  (B<no->I<XXX> is
-not able to detect pseudo-commands such as B<quit>,
-B<list->I<...>B<-commands>, or B<no->I<XXX> itself.)
-
-=head2 STANDARD COMMANDS
-
-=over 10
-
-=item L<B<asn1parse>|asn1parse(1)>
-
-Parse an ASN.1 sequence.
-
-=item L<B<ca>|ca(1)>
-
-Certificate Authority (CA) Management.  
-
-=item L<B<ciphers>|ciphers(1)>
-
-Cipher Suite Description Determination.
-
-=item L<B<crl>|crl(1)>
-
-Certificate Revocation List (CRL) Management.
-
-=item L<B<crl2pkcs7>|crl2pkcs7(1)>
-
-CRL to PKCS#7 Conversion.
-
-=item L<B<dgst>|dgst(1)>
-
-Message Digest Calculation.
-
-=item B<dh>
-
-Diffie-Hellman Parameter Management.
-Obsoleted by L<B<dhparam>|dhparam(1)>.
-
-=item L<B<dsa>|dsa(1)>
-
-DSA Data Management.
-
-=item L<B<dsaparam>|dsaparam(1)>
-
-DSA Parameter Generation.
-
-=item L<B<enc>|enc(1)>
-
-Encoding with Ciphers.
-
-=item L<B<errstr>|errstr(1)>
-
-Error Number to Error String Conversion.
-
-=item L<B<dhparam>|dhparam(1)>
-
-Generation and Management of Diffie-Hellman Parameters.
-
-=item B<gendh>
-
-Generation of Diffie-Hellman Parameters.
-Obsoleted by L<B<dhparam>|dhparam(1)>.
-
-=item L<B<gendsa>|gendsa(1)>
-
-Generation of DSA Parameters.
-
-=item L<B<genrsa>|genrsa(1)>
-
-Generation of RSA Parameters.
-
-=item L<B<ocsp>|ocsp(1)>
-
-Online Certificate Status Protocol utility.
-
-=item L<B<passwd>|passwd(1)>
-
-Generation of hashed passwords.
-
-=item L<B<pkcs12>|pkcs12(1)>
-
-PKCS#12 Data Management.
-
-=item L<B<pkcs7>|pkcs7(1)>
-
-PKCS#7 Data Management.
-
-=item L<B<rand>|rand(1)>
-
-Generate pseudo-random bytes.
-
-=item L<B<req>|req(1)>
-
-X.509 Certificate Signing Request (CSR) Management.
-
-=item L<B<rsa>|rsa(1)>
-
-RSA Data Management.
-
-=item L<B<rsautl>|rsautl(1)>
-
-RSA utility for signing, verification, encryption, and decryption.
-
-=item L<B<s_client>|s_client(1)>
-
-This implements a generic SSL/TLS client which can establish a transparent
-connection to a remote server speaking SSL/TLS. It's intended for testing
-purposes only and provides only rudimentary interface functionality but
-internally uses mostly all functionality of the OpenSSL B<ssl> library.
-
-=item L<B<s_server>|s_server(1)>
-
-This implements a generic SSL/TLS server which accepts connections from remote
-clients speaking SSL/TLS. It's intended for testing purposes only and provides
-only rudimentary interface functionality but internally uses mostly all
-functionality of the OpenSSL B<ssl> library.  It provides both an own command
-line oriented protocol for testing SSL functions and a simple HTTP response
-facility to emulate an SSL/TLS-aware webserver.
-
-=item L<B<s_time>|s_time(1)>
-
-SSL Connection Timer.
-
-=item L<B<sess_id>|sess_id(1)>
-
-SSL Session Data Management.
-
-=item L<B<smime>|smime(1)>
-
-S/MIME mail processing.
-
-=item L<B<speed>|speed(1)>
-
-Algorithm Speed Measurement.
-
-=item L<B<verify>|verify(1)>
-
-X.509 Certificate Verification.
-
-=item L<B<version>|version(1)>
-
-OpenSSL Version Information.
-
-=item L<B<x509>|x509(1)>
-
-X.509 Certificate Data Management.
-
-=back
-
-=head2 MESSAGE DIGEST COMMANDS
-
-=over 10
-
-=item B<md2>
-
-MD2 Digest
-
-=item B<md5>
-
-MD5 Digest
-
-=item B<mdc2>
-
-MDC2 Digest
-
-=item B<rmd160>
-
-RMD-160 Digest
-
-=item B<sha>            
-
-SHA Digest
-
-=item B<sha1>           
-
-SHA-1 Digest
-
-=back
-
-=head2 ENCODING AND CIPHER COMMANDS
-
-=over 10
-
-=item B<base64>
-
-Base64 Encoding
-
-=item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
-
-Blowfish Cipher
-
-=item B<cast cast-cbc>
-
-CAST Cipher
-
-=item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
-
-CAST5 Cipher
-
-=item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
-
-DES Cipher
-
-=item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
-
-Triple-DES Cipher
-
-=item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
-
-IDEA Cipher
-
-=item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
-
-RC2 Cipher
-
-=item B<rc4>
-
-RC4 Cipher
-
-=item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
-
-RC5 Cipher
-
-=back
-
-=head1 PASS PHRASE ARGUMENTS
-
-Several commands accept password arguments, typically using B<-passin>
-and B<-passout> for input and output passwords respectively. These allow
-the password to be obtained from a variety of sources. Both of these
-options take a single argument whose format is described below. If no
-password argument is given and a password is required then the user is
-prompted to enter one: this will typically be read from the current
-terminal with echoing turned off.
-
-=over 10
-
-=item B<pass:password>
-
-the actual password is B<password>. Since the password is visible
-to utilities (like 'ps' under Unix) this form should only be used
-where security is not important.
-
-=item B<env:var>
-
-obtain the password from the environment variable B<var>. Since
-the environment of other processes is visible on certain platforms
-(e.g. ps under certain Unix OSes) this option should be used with caution.
-
-=item B<file:pathname>
-
-the first line of B<pathname> is the password. If the same B<pathname>
-argument is supplied to B<-passin> and B<-passout> arguments then the first
-line will be used for the input password and the next line for the output
-password. B<pathname> need not refer to a regular file: it could for example
-refer to a device or named pipe.
-
-=item B<fd:number>
-
-read the password from the file descriptor B<number>. This can be used to
-send the data via a pipe for example.
-
-=item B<stdin>
-
-read the password from standard input.
-
-=back
-
-=head1 SEE ALSO
-
-L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
-L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
-L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
-L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
-L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
-L<passwd(1)|passwd(1)>,
-L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
-L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-L<s_server(1)|s_server(1)>, L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
-L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
-L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)> 
-
-=head1 HISTORY
-
-The openssl(1) document appeared in OpenSSL 0.9.2.
-The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
-the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
-For notes on the availability of other commands, see their individual
-manual pages.
-
-=cut
diff --git a/crypto/openssl/doc/apps/passwd.pod b/crypto/openssl/doc/apps/passwd.pod
deleted file mode 100644
index f44982549bf1..000000000000
--- a/crypto/openssl/doc/apps/passwd.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-passwd - compute password hashes
-
-=head1 SYNOPSIS
-
-B<openssl passwd>
-[B<-crypt>]
-[B<-1>]
-[B<-apr1>]
-[B<-salt> I<string>]
-[B<-in> I<file>]
-[B<-stdin>]
-[B<-noverify>]
-[B<-quiet>]
-[B<-table>]
-{I<password>}
-
-=head1 DESCRIPTION
-
-The B<passwd> command computes the hash of a password typed at
-run-time or the hash of each password in a list.  The password list is
-taken from the named file for option B<-in file>, from stdin for
-option B<-stdin>, or from the command line, or from the terminal otherwise.
-The Unix standard algorithm B<crypt> and the MD5-based BSD password
-algorithm B<1> and its Apache variant B<apr1> are available.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-crypt>
-
-Use the B<crypt> algorithm (default).
-
-=item B<-1>
-
-Use the MD5 based BSD password algorithm B<1>.
-
-=item B<-apr1>
-
-Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-
-=item B<-salt> I<string>
-
-Use the specified salt.
-When reading a password from the terminal, this implies B<-noverify>.
-
-=item B<-in> I<file>
-
-Read passwords from I<file>.
-
-=item B<-stdin>
-
-Read passwords from B<stdin>.
-
-=item B<-noverify>
-
-Don't verify when reading a password from the terminal.
-
-=item B<-quiet>
-
-Don't output warnings when passwords given at the command line are truncated.
-
-=item B<-table>
-
-In the output list, prepend the cleartext password and a TAB character
-to each password hash.
-
-=back
-
-=head1 EXAMPLES
-
-B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-
-B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-
-B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-
-=cut
diff --git a/crypto/openssl/doc/apps/pkcs12.pod b/crypto/openssl/doc/apps/pkcs12.pod
deleted file mode 100644
index 7d84146293d2..000000000000
--- a/crypto/openssl/doc/apps/pkcs12.pod
+++ /dev/null
@@ -1,330 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-pkcs12 - PKCS#12 file utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs12>
-[B<-export>]
-[B<-chain>]
-[B<-inkey filename>]
-[B<-certfile filename>]
-[B<-name name>]
-[B<-caname name>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-nomacver>]
-[B<-nocerts>]
-[B<-clcerts>]
-[B<-cacerts>]
-[B<-nokeys>]
-[B<-info>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-nodes>]
-[B<-noiter>]
-[B<-maciter>]
-[B<-twopass>]
-[B<-descert>]
-[B<-certpbe>]
-[B<-keypbe>]
-[B<-keyex>]
-[B<-keysig>]
-[B<-password arg>]
-[B<-passin arg>]
-[B<-passout arg>]
-[B<-rand file(s)>]
-
-=head1 DESCRIPTION
-
-The B<pkcs12> command allows PKCS#12 files (sometimes referred to as
-PFX files) to be created and parsed. PKCS#12 files are used by several
-programs including Netscape, MSIE and MS Outlook.
-
-=head1 COMMAND OPTIONS
-
-There are a lot of options the meaning of some depends of whether a PKCS#12 file
-is being created or parsed. By default a PKCS#12 file is parsed a PKCS#12
-file can be created by using the B<-export> option (see below).
-
-=head1 PARSING OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies filename of the PKCS#12 file to be parsed. Standard input is used
-by default.
-
-=item B<-out filename>
-
-The filename to write certificates and private keys to, standard output by default.
-They are all written in PEM format.
-
-=item B<-pass arg>, B<-passin arg>
-
-the PKCS#12 file (i.e. input file) password source. For more information about the
-format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-passout arg>
-
-pass phrase source to encrypt any outputed private keys with. For more information
-about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-noout>
-
-this option inhibits output of the keys and certificates to the output file version
-of the PKCS#12 file.
-
-=item B<-clcerts>
-
-only output client certificates (not CA certificates).
-
-=item B<-cacerts>
-
-only output CA certificates (not client certificates).
-
-=item B<-nocerts>
-
-no certificates at all will be output.
-
-=item B<-nokeys>
-
-no private keys will be output.
-
-=item B<-info>
-
-output additional information about the PKCS#12 file structure, algorithms used and
-iteration counts.
-
-=item B<-des>
-
-use DES to encrypt private keys before outputting.
-
-=item B<-des3>
-
-use triple DES to encrypt private keys before outputting, this is the default.
-
-=item B<-idea>
-
-use IDEA to encrypt private keys before outputting.
-
-=item B<-nodes>
-
-don't encrypt the private keys at all.
-
-=item B<-nomacver>
-
-don't attempt to verify the integrity MAC before reading the file.
-
-=item B<-twopass>
-
-prompt for separate integrity and encryption passwords: most software
-always assumes these are the same so this option will render such
-PKCS#12 files unreadable.
-
-=back
-
-=head1 FILE CREATION OPTIONS
-
-=over 4
-
-=item B<-export>
-
-This option specifies that a PKCS#12 file will be created rather than
-parsed.
-
-=item B<-out filename>
-
-This specifies filename to write the PKCS#12 file to. Standard output is used
-by default.
-
-=item B<-in filename>
-
-The filename to read certificates and private keys from, standard input by default.
-They must all be in PEM format. The order doesn't matter but one private key and
-its corresponding certificate should be present. If additional certificates are
-present they will also be included in the PKCS#12 file.
-
-=item B<-inkey filename>
-
-file to read private key from. If not present then a private key must be present
-in the input file.
-
-=item B<-name friendlyname>
-
-This specifies the "friendly name" for the certificate and private key. This name
-is typically displayed in list boxes by software importing the file.
-
-=item B<-certfile filename>
-
-A filename to read additional certificates from.
-
-=item B<-caname friendlyname>
-
-This specifies the "friendly name" for other certificates. This option may be
-used multiple times to specify names for all certificates in the order they
-appear. Netscape ignores friendly names on other certificates whereas MSIE
-displays them.
-
-=item B<-pass arg>, B<-passout arg>
-
-the PKCS#12 file (i.e. output file) password source. For more information about
-the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-passin password>
-
-pass phrase source to decrypt any input private keys with. For more information
-about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-chain>
-
-if this option is present then an attempt is made to include the entire
-certificate chain of the user certificate. The standard CA store is used
-for this search. If the search fails it is considered a fatal error.
-
-=item B<-descert>
-
-encrypt the certificate using triple DES, this may render the PKCS#12
-file unreadable by some "export grade" software. By default the private
-key is encrypted using triple DES and the certificate using 40 bit RC2.
-
-=item B<-keypbe alg>, B<-certpbe alg>
-
-these options allow the algorithm used to encrypt the private key and
-certificates to be selected. Although any PKCS#5 v1.5 or PKCS#12 algorithms
-can be selected it is advisable only to use PKCS#12 algorithms. See the list
-in the B<NOTES> section for more information.
-
-=item B<-keyex|-keysig>
-
-specifies that the private key is to be used for key exchange or just signing.
-This option is only interpreted by MSIE and similar MS software. Normally
-"export grade" software will only allow 512 bit RSA keys to be used for
-encryption purposes but arbitrary length keys for signing. The B<-keysig>
-option marks the key for signing only. Signing only keys can be used for
-S/MIME signing, authenticode (ActiveX control signing)  and SSL client
-authentication, however due to a bug only MSIE 5.0 and later support
-the use of signing only keys for SSL client authentication.
-
-=item B<-nomaciter>, B<-noiter>
-
-these options affect the iteration counts on the MAC and key algorithms.
-Unless you wish to produce files compatible with MSIE 4.0 you should leave
-these options alone.
-
-To discourage attacks by using large dictionaries of common passwords the
-algorithm that derives keys from passwords can have an iteration count applied
-to it: this causes a certain part of the algorithm to be repeated and slows it
-down. The MAC is used to check the file integrity but since it will normally
-have the same password as the keys and certificates it could also be attacked.
-By default both MAC and encryption iteration counts are set to 2048, using
-these options the MAC and encryption iteration counts can be set to 1, since
-this reduces the file security you should not use these options unless you
-really have to. Most software supports both MAC and key iteration counts.
-MSIE 4.0 doesn't support MAC iteration counts so it needs the B<-nomaciter>
-option.
-
-=item B<-maciter>
-
-This option is included for compatibility with previous versions, it used
-to be needed to use MAC iterations counts but they are now used by default.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=back
-
-=head1 NOTES
-
-Although there are a large number of options most of them are very rarely
-used. For PKCS#12 file parsing only B<-in> and B<-out> need to be used
-for PKCS#12 file creation B<-export> and B<-name> are also used.
-
-If none of the B<-clcerts>, B<-cacerts> or B<-nocerts> options are present
-then all certificates will be output in the order they appear in the input
-PKCS#12 files. There is no guarantee that the first certificate present is
-the one corresponding to the private key. Certain software which requires
-a private key and certificate and assumes the first certificate in the
-file is the one corresponding to the private key: this may not always
-be the case. Using the B<-clcerts> option will solve this problem by only
-outputting the certificate corresponding to the private key. If the CA
-certificates are required then they can be output to a separate file using
-the B<-nokeys -cacerts> options to just output CA certificates.
-
-The B<-keypbe> and B<-certpbe> algorithms allow the precise encryption
-algorithms for private keys and certificates to be specified. Normally
-the defaults are fine but occasionally software can't handle triple DES
-encrypted private keys, then the option B<-keypbe PBE-SHA1-RC2-40> can
-be used to reduce the private key encryption to 40 bit RC2. A complete
-description of all algorithms is contained in the B<pkcs8> manual page.
-
-=head1 EXAMPLES
-
-Parse a PKCS#12 file and output it to a file:
-
- openssl pkcs12 -in file.p12 -out file.pem
-
-Output only client certificates to a file:
-
- openssl pkcs12 -in file.p12 -clcerts -out file.pem
-
-Don't encrypt the private key:
- 
- openssl pkcs12 -in file.p12 -out file.pem -nodes
-
-Print some info about a PKCS#12 file:
-
- openssl pkcs12 -in file.p12 -info -noout
-
-Create a PKCS#12 file:
-
- openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
-
-Include some extra certificates:
-
- openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
-  -certfile othercerts.pem
-
-=head1 BUGS
-
-Some would argue that the PKCS#12 standard is one big bug :-)
-
-Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key generation
-routines. Under rare circumstances this could produce a PKCS#12 file encrypted
-with an invalid key. As a result some PKCS#12 files which triggered this bug
-from other implementations (MSIE or Netscape) could not be decrypted
-by OpenSSL and similarly OpenSSL could produce PKCS#12 files which could
-not be decrypted by other implementations. The chances of producing such
-a file are relatively small: less than 1 in 256.
-
-A side effect of fixing this bug is that any old invalidly encrypted PKCS#12
-files cannot no longer be parsed by the fixed version. Under such circumstances
-the B<pkcs12> utility will report that the MAC is OK but fail with a decryption
-error when extracting private keys.
-
-This problem can be resolved by extracting the private keys and certificates
-from the PKCS#12 file using an older version of OpenSSL and recreating the PKCS#12
-file from the keys and certificates using a newer version of OpenSSL. For example:
-
- old-openssl -in bad.p12 -out keycerts.pem
- openssl -in keycerts.pem -export -name "My PKCS#12 file" -out fixed.p12
-
-=head1 SEE ALSO
-
-L<pkcs8(1)|pkcs8(1)>
-
diff --git a/crypto/openssl/doc/apps/pkcs7.pod b/crypto/openssl/doc/apps/pkcs7.pod
deleted file mode 100644
index a0a636328b59..000000000000
--- a/crypto/openssl/doc/apps/pkcs7.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-pkcs7 - PKCS#7 utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs7>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-print_certs>]
-[B<-text>]
-[B<-noout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkcs7> command processes PKCS#7 files in DER or PEM format.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. B<DER> format is DER encoded PKCS#7
-v1.5 structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-print_certs>
-
-prints out any certificates or CRLs contained in the file. They are
-preceded by their subject and issuer names in one line format.
-
-=item B<-text>
-
-prints out certificates details in full rather than just subject and
-issuer names.
-
-=item B<-noout>
-
-don't output the encoded version of the PKCS#7 structure (or certificates
-is B<-print_certs> is set).
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLES
-
-Convert a PKCS#7 file from PEM to DER:
-
- openssl pkcs7 -in file.pem -outform DER -out file.der
-
-Output all certificates in a file:
-
- openssl pkcs7 -in file.pem -print_certs -out certs.pem
-
-=head1 NOTES
-
-The PEM PKCS#7 format uses the header and footer lines:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-For compatibility with some CAs it will also accept:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-=head1 RESTRICTIONS
-
-There is no option to print out all the fields of a PKCS#7 file.
-
-This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they 
-cannot currently parse, for example, the new CMS as described in RFC2630.
-
-=head1 SEE ALSO
-
-L<crl2pkcs7(1)|crl2pkcs7(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/pkcs8.pod b/crypto/openssl/doc/apps/pkcs8.pod
deleted file mode 100644
index 68ecd65b1019..000000000000
--- a/crypto/openssl/doc/apps/pkcs8.pod
+++ /dev/null
@@ -1,243 +0,0 @@
-=pod
-
-=head1 NAME
-
-pkcs8 - PKCS#8 format private key conversion tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs8>
-[B<-topk8>]
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-noiter>]
-[B<-nocrypt>]
-[B<-nooct>]
-[B<-embed>]
-[B<-nsdb>]
-[B<-v2 alg>]
-[B<-v1 alg>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkcs8> command processes private keys in PKCS#8 format. It can handle
-both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo
-format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-topk8>
-
-Normally a PKCS#8 private key is expected on input and a traditional format
-private key will be written. With the B<-topk8> option the situation is
-reversed: it reads a traditional format private key and writes a PKCS#8
-format key.
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. If a PKCS#8 format key is expected on input
-then either a B<DER> or B<PEM> encoded version of a PKCS#8 key will be
-expected. Otherwise the B<DER> or B<PEM> format of the traditional format
-private key is used.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output by
-default. If any encryption options are set then a pass phrase will be
-prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-nocrypt>
-
-PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo
-structures using an appropriate password based encryption algorithm. With
-this option an unencrypted PrivateKeyInfo structure is expected or output.
-This option does not encrypt private keys at all and should only be used
-when absolutely necessary. Certain software such as some versions of Java
-code signing software used unencrypted private keys.
-
-=item B<-nooct>
-
-This option generates RSA private keys in a broken format that some software
-uses. Specifically the private key should be enclosed in a OCTET STRING
-but some software just includes the structure itself without the
-surrounding OCTET STRING.
-
-=item B<-embed>
-
-This option generates DSA keys in a broken format. The DSA parameters are
-embedded inside the PrivateKey structure. In this form the OCTET STRING
-contains an ASN1 SEQUENCE consisting of two structures: a SEQUENCE containing
-the parameters and an ASN1 INTEGER containing the private key.
-
-=item B<-nsdb>
-
-This option generates DSA keys in a broken format compatible with Netscape
-private key databases. The PrivateKey contains a SEQUENCE consisting of
-the public and private keys respectively.
-
-=item B<-v2 alg>
-
-This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8
-private keys are encrypted with the password based encryption algorithm
-called B<pbeWithMD5AndDES-CBC> this uses 56 bit DES encryption but it
-was the strongest encryption algorithm supported in PKCS#5 v1.5. Using 
-the B<-v2> option PKCS#5 v2.0 algorithms are used which can use any
-encryption algorithm such as 168 bit triple DES or 128 bit RC2 however
-not many implementations support PKCS#5 v2.0 yet. If you are just using
-private keys with OpenSSL then this doesn't matter.
-
-The B<alg> argument is the encryption algorithm to use, valid values include
-B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.
-
-=item B<-v1 alg>
-
-This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
-list of possible algorithms is included below.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The encrypted form of a PEM encode PKCS#8 files uses the following
-headers and footers:
-
- -----BEGIN ENCRYPTED PRIVATE KEY-----
- -----END ENCRYPTED PRIVATE KEY-----
-
-The unencrypted form uses:
-
- -----BEGIN PRIVATE KEY-----
- -----END PRIVATE KEY-----
-
-Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration
-counts are more secure that those encrypted using the traditional
-SSLeay compatible formats. So if additional security is considered
-important the keys should be converted.
-
-The default encryption is only 56 bits because this is the encryption
-that most current implementations of PKCS#8 will support.
-
-Some software may use PKCS#12 password based encryption algorithms
-with PKCS#8 format private keys: these are handled automatically
-but there is no option to produce them.
-
-It is possible to write out DER encoded encrypted private keys in
-PKCS#8 format because the encryption details are included at an ASN1
-level whereas the traditional format includes them at a PEM level.
-
-=head1 PKCS#5 v1.5 and PKCS#12 algorithms.
-
-Various algorithms can be used with the B<-v1> command line option,
-including PKCS#5 v1.5 and PKCS#12. These are described in more detail
-below.
-
-=over 4
-
-=item B<PBE-MD2-DES PBE-MD5-DES>
-
-These algorithms were included in the original PKCS#5 v1.5 specification.
-They only offer 56 bits of protection since they both use DES.
-
-=item B<PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES>
-
-These algorithms are not mentioned in the original PKCS#5 v1.5 specification
-but they use the same key derivation algorithm and are supported by some
-software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or
-56 bit DES.
-
-=item B<PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40>
-
-These algorithms use the PKCS#12 password based encryption algorithm and
-allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.
-
-=back
-
-=head1 EXAMPLES
-
-Convert a private from traditional to PKCS#5 v2.0 format using triple
-DES:
-
- openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
-
-Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
-(DES):
-
- openssl pkcs8 -in key.pem -topk8 -out enckey.pem
-
-Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm
-(3DES):
-
- openssl pkcs8 -in key.pem -topk8 -out enckey.pem -v1 PBE-SHA1-3DES
-
-Read a DER unencrypted PKCS#8 format private key:
-
- openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem
-
-Convert a private key from any PKCS#8 format to traditional format:
-
- openssl pkcs8 -in pk8.pem -out key.pem
-
-=head1 STANDARDS
-
-Test vectors from this PKCS#5 v2.0 implementation were posted to the
-pkcs-tng mailing list using triple DES, DES and RC2 with high iteration
-counts, several people confirmed that they could decrypt the private
-keys produced and Therefore it can be assumed that the PKCS#5 v2.0
-implementation is reasonably accurate at least as far as these
-algorithms are concerned.
-
-The format of PKCS#8 DSA (and other) private keys is not well documented:
-it is hidden away in PKCS#11 v2.01, section 11.9. OpenSSL's default DSA
-PKCS#8 private key format complies with this standard.
-
-=head1 BUGS
-
-There should be an option that prints out the encryption algorithm
-in use and other details such as the iteration count.
-
-PKCS#8 using triple DES and PKCS#5 v2.0 should be the default private
-key format for OpenSSL: for compatibility several of the utilities use
-the old format at present.
-
-=head1 SEE ALSO
-
-L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)> 
-
-=cut
diff --git a/crypto/openssl/doc/apps/rand.pod b/crypto/openssl/doc/apps/rand.pod
deleted file mode 100644
index 75745ca0023c..000000000000
--- a/crypto/openssl/doc/apps/rand.pod
+++ /dev/null
@@ -1,50 +0,0 @@
-=pod
-
-=head1 NAME
-
-rand - generate pseudo-random bytes
-
-=head1 SYNOPSIS
-
-B<openssl rand>
-[B<-out> I<file>]
-[B<-rand> I<file(s)>]
-[B<-base64>]
-I<num>
-
-=head1 DESCRIPTION
-
-The B<rand> command outputs I<num> pseudo-random bytes after seeding
-the random number generator once.  As in other B<openssl> command
-line tools, PRNG seeding uses the file I<$HOME/>B<.rnd> or B<.rnd>
-in addition to the files given in the B<-rand> option.  A new
-I<$HOME>/B<.rnd> or B<.rnd> file will be written back if enough
-seeding was obtained from these sources.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-out> I<file>
-
-Write to I<file> instead of standard output.
-
-=item B<-rand> I<file(s)>
-
-Use specified file or files or EGD socket (see L<RAND_egd(3)|RAND_egd(3)>)
-for seeding the random number generator.
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-base64>
-
-Perform base64 encoding on the output.
-
-=back
-
-=head1 SEE ALSO
-
-L<RAND_bytes(3)|RAND_bytes(3)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/req.pod b/crypto/openssl/doc/apps/req.pod
deleted file mode 100644
index e2b5d0d8ec22..000000000000
--- a/crypto/openssl/doc/apps/req.pod
+++ /dev/null
@@ -1,601 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-req - PKCS#10 certificate request and certificate generating utility.
-
-=head1 SYNOPSIS
-
-B<openssl> B<req>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-text>]
-[B<-pubkey>]
-[B<-noout>]
-[B<-verify>]
-[B<-modulus>]
-[B<-new>]
-[B<-rand file(s)>]
-[B<-newkey rsa:bits>]
-[B<-newkey dsa:file>]
-[B<-nodes>]
-[B<-key filename>]
-[B<-keyform PEM|DER>]
-[B<-keyout filename>]
-[B<-[md5|sha1|md2|mdc2]>]
-[B<-config filename>]
-[B<-subj arg>]
-[B<-x509>]
-[B<-days n>]
-[B<-set_serial n>]
-[B<-asn1-kludge>]
-[B<-newhdr>]
-[B<-extensions section>]
-[B<-reqexts section>]
-[B<-utf8>]
-[B<-nameopt>]
-[B<-batch>]
-[B<-verbose>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<req> command primarily creates and processes certificate requests
-in PKCS#10 format. It can additionally create self signed certificates
-for use as root CAs for example.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#10. The B<PEM> form is the default format: it
-consists of the B<DER> format base64 encoded with additional header and
-footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a request from or standard input
-if this option is not specified. A request is only read if the creation
-options (B<-new> and B<-newkey>) are not specified.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write to or standard output by
-default.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-text>
-
-prints out the certificate request in text form.
-
-=item B<-pubkey>
-
-outputs the public key.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the request.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the public key
-contained in the request.
-
-=item B<-verify>
-
-verifies the signature on the request.
-
-=item B<-new>
-
-this option generates a new certificate request. It will prompt
-the user for the relevant field values. The actual fields
-prompted for and their maximum and minimum sizes are specified
-in the configuration file and any requested extensions.
-
-If the B<-key> option is not used it will generate a new RSA private
-key using information specified in the configuration file.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-newkey arg>
-
-this option creates a new certificate request and a new private
-key. The argument takes one of two forms. B<rsa:nbits>, where
-B<nbits> is the number of bits, generates an RSA key B<nbits>
-in size. B<dsa:filename> generates a DSA key using the parameters
-in the file B<filename>.
-
-=item B<-key filename>
-
-This specifies the file to read the private key from. It also
-accepts PKCS#8 format private keys for PEM format files.
-
-=item B<-keyform PEM|DER>
-
-the format of the private key file specified in the B<-key>
-argument. PEM is the default.
-
-=item B<-keyout filename>
-
-this gives the filename to write the newly created private key to.
-If this option is not specified then the filename present in the
-configuration file is used.
-
-=item B<-nodes>
-
-if this option is specified then if a private key is created it
-will not be encrypted.
-
-=item B<-[md5|sha1|md2|mdc2]>
-
-this specifies the message digest to sign the request with. This
-overrides the digest algorithm specified in the configuration file.
-This option is ignored for DSA requests: they always use SHA1.
-
-=item B<-config filename>
-
-this allows an alternative configuration file to be specified,
-this overrides the compile time filename or any specified in
-the B<OPENSSL_CONF> environment variable.
-
-=item B<-subj arg>
-
-sets subject name for new request or supersedes the subject name
-when processing a request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
-=item B<-x509>
-
-this option outputs a self signed certificate instead of a certificate
-request. This is typically used to generate a test certificate or
-a self signed root CA. The extensions added to the certificate
-(if any) are specified in the configuration file. Unless specified
-using the B<set_serial> option B<0> will be used for the serial
-number.
-
-=item B<-days n>
-
-when the B<-x509> option is being used this specifies the number of
-days to certify the certificate for. The default is 30 days.
-
-=item B<-set_serial n>
-
-serial number to use when outputting a self signed certificate. This
-may be specified as a decimal value or a hex value if preceded by B<0x>.
-It is possible to use negative serial numbers but this is not recommended.
-
-=item B<-extensions section>
-
-=item B<-reqexts section>
-
-these options specify alternative sections to include certificate
-extensions (if the B<-x509> option is present) or certificate
-request extensions. This allows several different sections to
-be used in the same configuration file to specify requests for
-a variety of purposes.
-
-=item B<-utf8>
-
-this option causes field values to be interpreted as UTF8 strings, by 
-default they are interpreted as ASCII. This means that the field
-values, whether prompted from a terminal or obtained from a
-configuration file, must be valid UTF8 strings.
-
-=item B<-nameopt option>
-
-option which determines how the subject or issuer names are displayed. The
-B<option> argument can be a single option or multiple options separated by
-commas.  Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L<x509(1)|x509(1)> manual page for details.
-
-=item B<-asn1-kludge>
-
-by default the B<req> command outputs certificate requests containing
-no attributes in the correct PKCS#10 format. However certain CAs will only
-accept requests containing no attributes in an invalid form: this
-option produces this invalid format.
-
-More precisely the B<Attributes> in a PKCS#10 certificate request
-are defined as a B<SET OF Attribute>. They are B<not OPTIONAL> so
-if no attributes are present then they should be encoded as an
-empty B<SET OF>. The invalid form does not include the empty
-B<SET OF> whereas the correct form does.
-
-It should be noted that very few CAs still require the use of this option.
-
-=item B<-newhdr>
-
-Adds the word B<NEW> to the PEM file header and footer lines on the outputed
-request. Some software (Netscape certificate server) and some CAs need this.
-
-=item B<-batch>
-
-non-interactive mode.
-
-=item B<-verbose>
-
-print extra details about the operations being performed.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 CONFIGURATION FILE FORMAT
-
-The configuration options are specified in the B<req> section of
-the configuration file. As with all configuration files if no
-value is specified in the specific section (i.e. B<req>) then
-the initial unnamed or B<default> section is searched too.
-
-The options available are described in detail below.
-
-=over 4
-
-=item B<input_password output_password>
-
-The passwords for the input private key file (if present) and
-the output private key file (if one will be created). The
-command line options B<passin> and B<passout> override the
-configuration file values.
-
-=item B<default_bits>
-
-This specifies the default key size in bits. If not specified then
-512 is used. It is used if the B<-new> option is used. It can be
-overridden by using the B<-newkey> option.
-
-=item B<default_keyfile>
-
-This is the default filename to write a private key to. If not
-specified the key is written to standard output. This can be
-overridden by the B<-keyout> option.
-
-=item B<oid_file>
-
-This specifies a file containing additional B<OBJECT IDENTIFIERS>.
-Each line of the file should consist of the numerical form of the
-object identifier followed by white space then the short name followed
-by white space and finally the long name. 
-
-=item B<oid_section>
-
-This specifies a section in the configuration file containing extra
-object identifiers. Each line should consist of the short name of the
-object identifier followed by B<=> and the numerical form. The short
-and long names are the same when this option is used.
-
-=item B<RANDFILE>
-
-This specifies a filename in which random number seed information is
-placed and read from, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-It is used for private key generation.
-
-=item B<encrypt_key>
-
-If this is set to B<no> then if a private key is generated it is
-B<not> encrypted. This is equivalent to the B<-nodes> command line
-option. For compatibility B<encrypt_rsa_key> is an equivalent option.
-
-=item B<default_md>
-
-This option specifies the digest algorithm to use. Possible values
-include B<md5 sha1 mdc2>. If not present then MD5 is used. This
-option can be overridden on the command line.
-
-=item B<string_mask>
-
-This option masks out the use of certain string types in certain
-fields. Most users will not need to change this option.
-
-It can be set to several values B<default> which is also the default
-option uses PrintableStrings, T61Strings and BMPStrings if the 
-B<pkix> value is used then only PrintableStrings and BMPStrings will
-be used. This follows the PKIX recommendation in RFC2459. If the
-B<utf8only> option is used then only UTF8Strings will be used: this
-is the PKIX recommendation in RFC2459 after 2003. Finally the B<nombstr>
-option just uses PrintableStrings and T61Strings: certain software has
-problems with BMPStrings and UTF8Strings: in particular Netscape.
-
-=item B<req_extensions>
-
-this specifies the configuration file section containing a list of
-extensions to add to the certificate request. It can be overridden
-by the B<-reqexts> command line switch.
-
-=item B<x509_extensions>
-
-this specifies the configuration file section containing a list of
-extensions to add to certificate generated when the B<-x509> switch
-is used. It can be overridden by the B<-extensions> command line switch.
-
-=item B<prompt>
-
-if set to the value B<no> this disables prompting of certificate fields
-and just takes values from the config file directly. It also changes the
-expected format of the B<distinguished_name> and B<attributes> sections.
-
-=item B<utf8>
-
-if set to the value B<yes> then field values to be interpreted as UTF8
-strings, by default they are interpreted as ASCII. This means that
-the field values, whether prompted from a terminal or obtained from a
-configuration file, must be valid UTF8 strings.
-
-=item B<attributes>
-
-this specifies the section containing any request attributes: its format
-is the same as B<distinguished_name>. Typically these may contain the
-challengePassword or unstructuredName types. They are currently ignored
-by OpenSSL's request signing utilities but some CAs might want them.
-
-=item B<distinguished_name>
-
-This specifies the section containing the distinguished name fields to
-prompt for when generating a certificate or certificate request. The format
-is described in the next section.
-
-=back
-
-=head1 DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT
-
-There are two separate formats for the distinguished name and attribute
-sections. If the B<prompt> option is set to B<no> then these sections
-just consist of field names and values: for example,
-
- CN=My Name
- OU=My Organization
- emailAddress=someone@somewhere.org
-
-This allows external programs (e.g. GUI based) to generate a template file
-with all the field names and values and just pass it to B<req>. An example
-of this kind of configuration file is contained in the B<EXAMPLES> section.
-
-Alternatively if the B<prompt> option is absent or not set to B<no> then the
-file contains field prompting information. It consists of lines of the form:
-
- fieldName="prompt"
- fieldName_default="default field value"
- fieldName_min= 2
- fieldName_max= 4
-
-"fieldName" is the field name being used, for example commonName (or CN).
-The "prompt" string is used to ask the user to enter the relevant
-details. If the user enters nothing then the default value is used if no
-default value is present then the field is omitted. A field can
-still be omitted if a default value is present if the user just
-enters the '.' character.
-
-The number of characters entered must be between the fieldName_min and
-fieldName_max limits: there may be additional restrictions based
-on the field being used (for example countryName can only ever be
-two characters long and must fit in a PrintableString).
-
-Some fields (such as organizationName) can be used more than once
-in a DN. This presents a problem because configuration files will
-not recognize the same name occurring twice. To avoid this problem
-if the fieldName contains some characters followed by a full stop
-they will be ignored. So for example a second organizationName can
-be input by calling it "1.organizationName".
-
-The actual permitted field names are any object identifier short or
-long names. These are compiled into OpenSSL and include the usual
-values such as commonName, countryName, localityName, organizationName,
-organizationUnitName, stateOrProvinceName. Additionally emailAddress
-is include as well as name, surname, givenName initials and dnQualifier.
-
-Additional object identifiers can be defined with the B<oid_file> or
-B<oid_section> options in the configuration file. Any additional fields
-will be treated as though they were a DirectoryString.
-
-
-=head1 EXAMPLES
-
-Examine and verify certificate request:
-
- openssl req -in req.pem -text -verify -noout
-
-Create a private key and then generate a certificate request from it:
-
- openssl genrsa -out key.pem 1024
- openssl req -new -key key.pem -out req.pem
-
-The same but just using req:
-
- openssl req -newkey rsa:1024 -keyout key.pem -out req.pem
-
-Generate a self signed root certificate:
-
- openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem
-
-Example of a file pointed to by the B<oid_file> option:
-
- 1.2.3.4	shortName	A longer Name
- 1.2.3.6	otherName	Other longer Name
-
-Example of a section pointed to by B<oid_section> making use of variable
-expansion:
-
- testoid1=1.2.3.5
- testoid2=${testoid1}.6
-
-Sample configuration file prompting for field values:
-
- [ req ]
- default_bits		= 1024
- default_keyfile 	= privkey.pem
- distinguished_name	= req_distinguished_name
- attributes		= req_attributes
- x509_extensions	= v3_ca
-
- dirstring_type = nobmp
-
- [ req_distinguished_name ]
- countryName			= Country Name (2 letter code)
- countryName_default		= AU
- countryName_min		= 2
- countryName_max		= 2
-
- localityName			= Locality Name (eg, city)
-
- organizationalUnitName		= Organizational Unit Name (eg, section)
-
- commonName			= Common Name (eg, YOUR name)
- commonName_max			= 64
-
- emailAddress			= Email Address
- emailAddress_max		= 40
-
- [ req_attributes ]
- challengePassword		= A challenge password
- challengePassword_min		= 4
- challengePassword_max		= 20
-
- [ v3_ca ]
-
- subjectKeyIdentifier=hash
- authorityKeyIdentifier=keyid:always,issuer:always
- basicConstraints = CA:true
-
-Sample configuration containing all field values:
-
-
- RANDFILE		= $ENV::HOME/.rnd
-
- [ req ]
- default_bits		= 1024
- default_keyfile 	= keyfile.pem
- distinguished_name	= req_distinguished_name
- attributes		= req_attributes
- prompt			= no
- output_password	= mypass
-
- [ req_distinguished_name ]
- C			= GB
- ST			= Test State or Province
- L			= Test Locality
- O			= Organization Name
- OU			= Organizational Unit Name
- CN			= Common Name
- emailAddress		= test@email.address
-
- [ req_attributes ]
- challengePassword		= A challenge password
-
-
-=head1 NOTES
-
-The header and footer lines in the B<PEM> format are normally:
-
- -----BEGIN CERTIFICATE REQUEST-----
- -----END CERTIFICATE REQUEST-----
-
-some software (some versions of Netscape certificate server) instead needs:
-
- -----BEGIN NEW CERTIFICATE REQUEST-----
- -----END NEW CERTIFICATE REQUEST-----
-
-which is produced with the B<-newhdr> option but is otherwise compatible.
-Either form is accepted transparently on input.
-
-The certificate requests generated by B<Xenroll> with MSIE have extensions
-added. It includes the B<keyUsage> extension which determines the type of
-key (signature only or general purpose) and any additional OIDs entered
-by the script in an extendedKeyUsage extension.
-
-=head1 DIAGNOSTICS
-
-The following messages are frequently asked about:
-
-	Using configuration from /some/path/openssl.cnf
-	Unable to load config info
-
-This is followed some time later by...
-
-	unable to find 'distinguished_name' in config
-	problems making Certificate Request
-
-The first error message is the clue: it can't find the configuration
-file! Certain operations (like examining a certificate request) don't
-need a configuration file so its use isn't enforced. Generation of
-certificates or requests however does need a configuration file. This
-could be regarded as a bug.
-
-Another puzzling message is this:
-
-        Attributes:
-            a0:00
-
-this is displayed when no attributes are present and the request includes
-the correct empty B<SET OF> structure (the DER encoding of which is 0xa0
-0x00). If you just see:
-
-        Attributes:
-
-then the B<SET OF> is missing and the encoding is technically invalid (but
-it is tolerated). See the description of the command line option B<-asn1-kludge>
-for more information.
-
-=head1 ENVIRONMENT VARIABLES
-
-The variable B<OPENSSL_CONF> if defined allows an alternative configuration
-file location to be specified, it will be overridden by the B<-config> command
-line switch if it is present. For compatibility reasons the B<SSLEAY_CONF>
-environment variable serves the same purpose but its use is discouraged.
-
-=head1 BUGS
-
-OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
-treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour.
-This can cause problems if you need characters that aren't available in
-PrintableStrings and you don't want to or can't use BMPStrings.
-
-As a consequence of the T61String handling the only correct way to represent
-accented characters in OpenSSL is to use a BMPString: unfortunately Netscape
-currently chokes on these. If you have to use accented characters with Netscape
-and MSIE then you currently need to use the invalid T61String form.
-
-The current prompting is not very friendly. It doesn't allow you to confirm what
-you've just entered. Other things like extensions in certificate requests are
-statically defined in the configuration file. Some of these: like an email
-address in subjectAltName should be input by the user.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/rsa.pod b/crypto/openssl/doc/apps/rsa.pod
deleted file mode 100644
index 4d7640995ede..000000000000
--- a/crypto/openssl/doc/apps/rsa.pod
+++ /dev/null
@@ -1,189 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-rsa - RSA key processing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<rsa>
-[B<-inform PEM|NET|DER>]
-[B<-outform PEM|NET|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-sgckey>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-text>]
-[B<-noout>]
-[B<-modulus>]
-[B<-check>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<rsa> command processes RSA keys. They can be converted between various
-forms and their components printed out. B<Note> this command uses the
-traditional SSLeay compatible format for private key encryption: newer
-applications should use the more secure PKCS#8 format using the B<pkcs8>
-utility.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|NET|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format.
-The B<PEM> form is the default format: it consists of the B<DER> format base64
-encoded with additional header and footer lines. On input PKCS#8 format private
-keys are also accepted. The B<NET> form is a format is described in the B<NOTES>
-section.
-
-=item B<-outform DER|NET|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output if this
-option is not specified. If any encryption options are set then a pass phrase
-will be prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout password>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-sgckey>
-
-use the modified NET algorithm used with some versions of Microsoft IIS and SGC
-keys.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the 
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified the key is written in plain text. This
-means that using the B<rsa> utility to read in an encrypted key with no
-encryption option can be used to remove the pass phrase from a key, or by
-setting the encryption options it can be use to add or change the pass phrase.
-These options can only be used with PEM format output files.
-
-=item B<-text>
-
-prints out the various public or private key components in
-plain text in addition to the encoded version. 
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the key.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the key.
-
-=item B<-check>
-
-this option checks the consistency of an RSA private key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this
-option a public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output: with this option a public
-key will be output instead. This option is automatically set if
-the input is a public key.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The PEM private key format uses the header and footer lines:
-
- -----BEGIN RSA PRIVATE KEY-----
- -----END RSA PRIVATE KEY-----
-
-The PEM public key format uses the header and footer lines:
-
- -----BEGIN PUBLIC KEY-----
- -----END PUBLIC KEY-----
-
-The B<NET> form is a format compatible with older Netscape servers
-and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
-It is not very secure and so should only be used when necessary.
-
-Some newer version of IIS have additional data in the exported .key
-files. To use these with the utility, view the file with a binary editor
-and look for the string "private-key", then trace back to the byte
-sequence 0x30, 0x82 (this is an ASN1 SEQUENCE). Copy all the data
-from this point onwards to another file and use that as the input
-to the B<rsa> utility with the B<-inform NET> option. If you get
-an error after entering the password try the B<-sgckey> option.
-
-=head1 EXAMPLES
-
-To remove the pass phrase on an RSA private key:
-
- openssl rsa -in key.pem -out keyout.pem
-
-To encrypt a private key using triple DES:
-
- openssl rsa -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format: 
-
- openssl rsa -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl rsa -in key.pem -text -noout
-
-To just output the public part of a private key:
-
- openssl rsa -in key.pem -pubout -out pubkey.pem
-
-=head1 BUGS
-
-The command line password arguments don't currently work with
-B<NET> format.
-
-There should be an option that automatically handles .key files,
-without having to manually edit them.
-
-=head1 SEE ALSO
-
-L<pkcs8(1)|pkcs8(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)> 
-
-=cut
diff --git a/crypto/openssl/doc/apps/rsautl.pod b/crypto/openssl/doc/apps/rsautl.pod
deleted file mode 100644
index a7c1681d9859..000000000000
--- a/crypto/openssl/doc/apps/rsautl.pod
+++ /dev/null
@@ -1,183 +0,0 @@
-=pod
-
-=head1 NAME
-
-rsautl - RSA utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<rsautl>
-[B<-in file>]
-[B<-out file>]
-[B<-inkey file>]
-[B<-pubin>]
-[B<-certin>]
-[B<-sign>]
-[B<-verify>]
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-pkcs>]
-[B<-ssl>]
-[B<-raw>]
-[B<-hexdump>]
-[B<-asn1parse>]
-
-=head1 DESCRIPTION
-
-The B<rsautl> command can be used to sign, verify, encrypt and decrypt
-data using the RSA algorithm.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read data from or standard input
-if this option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-inkey file>
-
-the input key file, by default it should be an RSA private key.
-
-=item B<-pubin>
-
-the input file is an RSA public key. 
-
-=item B<-certin>
-
-the input is a certificate containing an RSA public key. 
-
-=item B<-sign>
-
-sign the input data and output the signed result. This requires
-and RSA private key.
-
-=item B<-verify>
-
-verify the input data and output the recovered data.
-
-=item B<-encrypt>
-
-encrypt the input data using an RSA public key.
-
-=item B<-decrypt>
-
-decrypt the input data using an RSA private key.
-
-=item B<-pkcs, -oaep, -ssl, -raw>
-
-the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
-special padding used in SSL v2 backwards compatible handshakes,
-or no padding, respectively.
-For signatures, only B<-pkcs> and B<-raw> can be used.
-
-=item B<-hexdump>
-
-hex dump the output data.
-
-=item B<-asn1parse>
-
-asn1parse the output data, this is useful when combined with the
-B<-verify> option.
-
-=back
-
-=head1 NOTES
-
-B<rsautl> because it uses the RSA algorithm directly can only be
-used to sign or verify small pieces of data.
-
-=head1 EXAMPLES
-
-Sign some data using a private key:
-
- openssl rsautl -sign -in file -inkey key.pem -out sig
-
-Recover the signed data
-
- openssl rsautl -verify -in sig -inkey key.pem
-
-Examine the raw signed data:
-
- openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
-
- 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world
-
-The PKCS#1 block formatting is evident from this. If this was done using
-encrypt and decrypt the block would have been of type 2 (the second byte)
-and random padding data visible instead of the 0xff bytes.
-
-It is possible to analyse the signature of certificates using this
-utility in conjunction with B<asn1parse>. Consider the self signed
-example in certs/pca-cert.pem . Running B<asn1parse> as follows yields:
-
- openssl asn1parse -in pca-cert.pem
-
-    0:d=0  hl=4 l= 742 cons: SEQUENCE          
-    4:d=1  hl=4 l= 591 cons:  SEQUENCE          
-    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]        
-   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
-   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
-   16:d=2  hl=2 l=  13 cons:   SEQUENCE          
-   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
-   29:d=3  hl=2 l=   0 prim:    NULL              
-   31:d=2  hl=2 l=  92 cons:   SEQUENCE          
-   33:d=3  hl=2 l=  11 cons:    SET               
-   35:d=4  hl=2 l=   9 cons:     SEQUENCE          
-   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
-   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
-  ....
-  599:d=1  hl=2 l=  13 cons:  SEQUENCE          
-  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
-  612:d=2  hl=2 l=   0 prim:   NULL              
-  614:d=1  hl=3 l= 129 prim:  BIT STRING        
-
-
-The final BIT STRING contains the actual signature. It can be extracted with:
-
- openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
-
-The certificate public key can be extracted with:
- 
- openssl x509 -in test/testx509.pem -pubout -noout >pubkey.pem
-
-The signature can be analysed with:
-
- openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
-
-    0:d=0  hl=2 l=  32 cons: SEQUENCE          
-    2:d=1  hl=2 l=  12 cons:  SEQUENCE          
-    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
-   14:d=2  hl=2 l=   0 prim:   NULL              
-   16:d=1  hl=2 l=  16 prim:  OCTET STRING      
-      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..
-
-This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
-the digest used was md5. The actual part of the certificate that was signed can
-be extracted with:
-
- openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
-
-and its digest computed with:
-
- openssl md5 -c tbs
- MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
-
-which it can be seen agrees with the recovered value above.
-
-=head1 SEE ALSO
-
-L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/crypto/openssl/doc/apps/s_client.pod b/crypto/openssl/doc/apps/s_client.pod
deleted file mode 100644
index 7fca9cbdbd68..000000000000
--- a/crypto/openssl/doc/apps/s_client.pod
+++ /dev/null
@@ -1,243 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_client - SSL/TLS client program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_client>
-[B<-connect> host:port>]
-[B<-verify depth>]
-[B<-cert filename>]
-[B<-key filename>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-reconnect>]
-[B<-pause>]
-[B<-showcerts>]
-[B<-debug>]
-[B<-msg>]
-[B<-nbio_test>]
-[B<-state>]
-[B<-nbio>]
-[B<-crlf>]
-[B<-ign_eof>]
-[B<-quiet>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-bugs>]
-[B<-cipher cipherlist>]
-[B<-engine id>]
-[B<-rand file(s)>]
-
-=head1 DESCRIPTION
-
-The B<s_client> command implements a generic SSL/TLS client which connects
-to a remote host using SSL/TLS. It is a I<very> useful diagnostic tool for
-SSL servers.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-connect host:port>
-
-This specifies the host and optional port to connect to. If not specified
-then an attempt is made to connect to the local host on port 4433.
-
-=item B<-cert certname>
-
-The certificate to use, if one is requested by the server. The default is
-not to use a certificate.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
-with a certificate chain can be seen. As a side effect the connection
-will never fail due to a server certificate verify failure.
-
-=item B<-CApath directory>
-
-The directory to use for server certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the client certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during server authentication
-and to use when attempting to build the client certificate chain.
-
-=item B<-reconnect>
-
-reconnects to the same server 5 times using the same session ID, this can
-be used as a test that session caching is working.
-
-=item B<-pause>
-
-pauses 1 second between each read and write call.
-
-=item B<-showcerts>
-
-display the whole server certificate chain: normally only the server
-certificate itself is displayed.
-
-=item B<-prexit>
-
-print session information when the program exits. This will always attempt
-to print out information even if the connection fails. Normally information
-will only be printed out once if the connection succeeds. This option is useful
-because the cipher in use may be renegotiated or the connection may fail
-because a client certificate is required or is requested only after an
-attempt is made to access a certain URL. Note: the output produced by this
-option is not always accurate because a connection might never have been
-established.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non-blocking I/O
-
-=item B<-nbio>
-
-turns on non-blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF as required
-by some servers.
-
-=item B<-ign_eof>
-
-inhibit shutting down the connection when end of file is reached in the
-input.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information.  This implicitly
-turns on B<-ign_eof> as well.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-Unfortunately there are a lot of ancient and broken servers in use which
-cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-no_tls> option others will only
-support SSL v2 and may need the B<-ssl2> option.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client. See the B<ciphers>
-command for more information.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<s_client>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection is established with an SSL server then any data received
-from the server is displayed and any key presses will be sent to the
-server. When used interactively (which means neither B<-quiet> nor B<-ign_eof>
-have been given), the session will be renegotiated if the line begins with an
-B<R>, and if the line begins with a B<Q> or if end of file is reached, the
-connection will be closed down.
-
-=head1 NOTES
-
-B<s_client> can be used to debug SSL servers. To connect to an SSL HTTP
-server the command:
-
- openssl s_client -connect servername:443
-
-would typically be used (https uses port 443). If the connection succeeds
-then an HTTP command can be given such as "GET /" to retrieve a web page.
-
-If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> can be tried
-in case it is a buggy server. In particular you should play with these
-options B<before> submitting a bug report to an OpenSSL mailing list.
-
-A frequent problem when attempting to get client certificates working
-is that a web client complains it has no certificates or gives an empty
-list to choose from. This is normally because the server is not sending
-the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using B<s_client> the CA list can be viewed
-and checked. However some servers only request client authentication
-after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> command and send an HTTP request
-for an appropriate page.
-
-If a certificate is specified on the command line using the B<-cert>
-option it will not be used unless the server specifically requests
-a client certificate. Therefor merely including a client certificate
-on the command line is no guarantee that the certificate works.
-
-If there are problems verifying a server certificate then the
-B<-showcerts> option can be used to show the whole chain.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_client is rather
-hard to read and not a model of how things should be done. A typical
-SSL client program would be much simpler.
-
-The B<-verify> option should really exit if the server verification
-fails.
-
-The B<-prexit> option is a bit of a hack. We should really report
-information whenever a session is renegotiated.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/s_server.pod b/crypto/openssl/doc/apps/s_server.pod
deleted file mode 100644
index 4b1e4260ef1e..000000000000
--- a/crypto/openssl/doc/apps/s_server.pod
+++ /dev/null
@@ -1,296 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_server - SSL/TLS server program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_server>
-[B<-accept port>]
-[B<-context id>]
-[B<-verify depth>]
-[B<-Verify depth>]
-[B<-cert filename>]
-[B<-key keyfile>]
-[B<-dcert filename>]
-[B<-dkey keyfile>]
-[B<-dhparam filename>]
-[B<-nbio>]
-[B<-nbio_test>]
-[B<-crlf>]
-[B<-debug>]
-[B<-msg>]
-[B<-state>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-nocert>]
-[B<-cipher cipherlist>]
-[B<-quiet>]
-[B<-no_tmp_rsa>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-no_dhe>]
-[B<-bugs>]
-[B<-hack>]
-[B<-www>]
-[B<-WWW>]
-[B<-HTTP>]
-[B<-engine id>]
-[B<-rand file(s)>]
-
-=head1 DESCRIPTION
-
-The B<s_server> command implements a generic SSL/TLS server which listens
-for connections on a given port using SSL/TLS.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-accept port>
-
-the TCP port to listen on for connections. If not specified 4433 is used.
-
-=item B<-context id>
-
-sets the SSL context id. It can be given any string value. If this option
-is not present a default value will be used.
-
-=item B<-cert certname>
-
-The certificate to use, most servers cipher suites require the use of a
-certificate and some require a certificate with a certain public key type:
-for example the DSS cipher suites require a certificate containing a DSS
-(DSA) key. If not specified then the filename "server.pem" will be used.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-dcert filename>, B<-dkey keyname>
-
-specify an additional certificate and private key, these behave in the
-same manner as the B<-cert> and B<-key> options except there is no default
-if they are not specified (no additional certificate and key is used). As
-noted above some cipher suites require a certificate containing a key of
-a certain type. Some cipher suites need a certificate carrying an RSA key
-and some a DSS (DSA) key. By using RSA and DSS certificates and keys
-a server can support clients which only support RSA or DSS cipher suites
-by using an appropriate certificate.
-
-=item B<-nocert>
-
-if this option is set then no certificate is used. This restricts the
-cipher suites available to the anonymous ones (currently just anonymous
-DH).
-
-=item B<-dhparam filename>
-
-the DH parameter file to use. The ephemeral DH cipher suites generate keys
-using a set of DH parameters. If not specified then an attempt is made to
-load the parameters from the server certificate file. If this fails then
-a static set of parameters hard coded into the s_server program will be used.
-
-=item B<-no_dhe>
-
-if this option is set then no DH parameters will be loaded effectively
-disabling the ephemeral DH cipher suites.
-
-=item B<-no_tmp_rsa>
-
-certain export cipher suites sometimes use a temporary RSA key, this option
-disables temporary RSA key generation.
-
-=item B<-verify depth>, B<-Verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-client certificate chain and makes the server request a certificate from
-the client. With the B<-verify> option a certificate is requested but the
-client does not have to send one, with the B<-Verify> option the client
-must supply a certificate or an error occurs.
-
-=item B<-CApath directory>
-
-The directory to use for client certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the server certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during client authentication
-and to use when attempting to build the server certificate chain. The list
-is also used in the list of acceptable client CAs passed to the client when
-a certificate is requested.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non blocking I/O
-
-=item B<-nbio>
-
-turns on non blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-hack>
-
-this option enables a further workaround for some some early Netscape
-SSL code (?).
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list used by the server to be modified.  When
-the client sends a list of supported ciphers the first client cipher
-also included in the server list is used. Because the client specifies
-the preference order, the order of the server cipherlist irrelevant. See
-the B<ciphers> command for more information.
-
-=item B<-www>
-
-sends a status message back to the client when it connects. This includes
-lots of information about the ciphers used and various session parameters.
-The output is in HTML format so this option will normally be used with a
-web browser.
-
-=item B<-WWW>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded.
-
-=item B<-HTTP>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded. The files loaded are
-assumed to contain a complete and correct HTTP response (lines that
-are part of the HTTP response line and headers must end with CRLF).
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<s_server>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection request is established with an SSL client and neither the
-B<-www> nor the B<-WWW> option has been used then normally any data received
-from the client is displayed and any key presses will be sent to the client. 
-
-Certain single letter commands are also recognized which perform special
-operations: these are listed below.
-
-=over 4
-
-=item B<q>
-
-end the current SSL connection but still accept new connections.
-
-=item B<Q>
-
-end the current SSL connection and exit.
-
-=item B<r>
-
-renegotiate the SSL session.
-
-=item B<R>
-
-renegotiate the SSL session and request a client certificate.
-
-=item B<P>
-
-send some plain text down the underlying TCP connection: this should
-cause the client to disconnect due to a protocol violation.
-
-=item B<S>
-
-print out some session cache status information.
-
-=back
-
-=head1 NOTES
-
-B<s_server> can be used to debug SSL clients. To accept connections from
-a web browser the command:
-
- openssl s_server -accept 443 -www
-
-can be used for example.
-
-Most web browsers (in particular Netscape and MSIE) only support RSA cipher
-suites, so they cannot connect to servers which don't use a certificate
-carrying an RSA key or a version of OpenSSL with RSA disabled.
-
-Although specifying an empty list of CAs when requesting a client certificate
-is strictly speaking a protocol violation, some SSL clients interpret this to
-mean any CA is acceptable. This is useful for debugging purposes.
-
-The session parameters can printed out using the B<sess_id> program.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_server is rather
-hard to read and not a model of how things should be done. A typical
-SSL server program would be much simpler.
-
-The output of common ciphers is wrong: it just gives the list of ciphers that
-OpenSSL recognizes and the client supports.
-
-There should be a way for the B<s_server> program to print out details of any
-unknown cipher suites a client says it supports.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/sess_id.pod b/crypto/openssl/doc/apps/sess_id.pod
deleted file mode 100644
index 9988d2cd3d5d..000000000000
--- a/crypto/openssl/doc/apps/sess_id.pod
+++ /dev/null
@@ -1,151 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-sess_id - SSL/TLS session handling utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<sess_id>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-text>]
-[B<-noout>]
-[B<-context ID>]
-
-=head1 DESCRIPTION
-
-The B<sess_id> process the encoded version of the SSL session structure
-and optionally prints out SSL session details (for example the SSL session
-master key) in human readable format. Since this is a diagnostic tool that
-needs some knowledge of the SSL protocol to use properly, most users will
-not need to use it.
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-format containing session details. The precise format can vary from one version
-to the next.  The B<PEM> form is the default format: it consists of the B<DER>
-format base64 encoded with additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read session information from or standard
-input by default.
-
-=item B<-out filename>
-
-This specifies the output filename to write session information to or standard
-output if this option is not specified.
-
-=item B<-text>
-
-prints out the various public or private key components in
-plain text in addition to the encoded version. 
-
-=item B<-cert>
-
-if a certificate is present in the session it will be output using this option,
-if the B<-text> option is also present then it will be printed out in text form.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the session.
-
-=item B<-context ID>
-
-this option can set the session id so the output session information uses the
-supplied ID. The ID can be any string of characters. This option wont normally
-be used.
-
-=back
-
-=head1 OUTPUT
-
-Typical output:
-
- SSL-Session:
-     Protocol  : TLSv1
-     Cipher    : 0016
-     Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
-     Session-ID-ctx: 01000000
-     Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
-     Key-Arg   : None
-     Start Time: 948459261
-     Timeout   : 300 (sec)
-     Verify return code 0 (ok)
-
-Theses are described below in more detail.
-
-=over 4
-
-=item B<Protocol>
-
-this is the protocol in use TLSv1, SSLv3 or SSLv2.
-
-=item B<Cipher>
-
-the cipher used this is the actual raw SSL or TLS cipher code, see the SSL
-or TLS specifications for more information.
-
-=item B<Session-ID>
-
-the SSL session ID in hex format.
-
-=item B<Session-ID-ctx>
-
-the session ID context in hex format.
-
-=item B<Master-Key>
-
-this is the SSL session master key.
-
-=item B<Key-Arg>
-
-the key argument, this is only used in SSL v2.
-
-=item B<Start Time>
-
-this is the session start time represented as an integer in standard Unix format.
-
-=item B<Timeout>
-
-the timeout in seconds.
-
-=item B<Verify return code>
-
-this is the return code when an SSL client certificate is verified.
-
-=back
-
-=head1 NOTES
-
-The PEM encoded session format uses the header and footer lines:
-
- -----BEGIN SSL SESSION PARAMETERS-----
- -----END SSL SESSION PARAMETERS-----
-
-Since the SSL session output contains the master key it is possible to read the contents
-of an encrypted session using this information. Therefore appropriate security precautions
-should be taken if the information is being output by a "real" application. This is
-however strongly discouraged and should only be used for debugging purposes.
-
-=head1 BUGS
-
-The cipher and start time should be printed out in human readable form.
-
-=head1 SEE ALSO
-
-L<ciphers(1)|ciphers(1)>, L<s_server(1)|s_server(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/smime.pod b/crypto/openssl/doc/apps/smime.pod
deleted file mode 100644
index 2453dd2738d1..000000000000
--- a/crypto/openssl/doc/apps/smime.pod
+++ /dev/null
@@ -1,375 +0,0 @@
-=pod
-
-=head1 NAME
-
-smime - S/MIME utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<smime>
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-sign>]
-[B<-verify>]
-[B<-pk7out>]
-[B<-des>]
-[B<-des3>]
-[B<-rc2-40>]
-[B<-rc2-64>]
-[B<-rc2-128>]
-[B<-in file>]
-[B<-certfile file>]
-[B<-signer file>]
-[B<-recip  file>]
-[B<-inform SMIME|PEM|DER>]
-[B<-passin arg>]
-[B<-inkey file>]
-[B<-out file>]
-[B<-outform SMIME|PEM|DER>]
-[B<-content file>]
-[B<-to addr>]
-[B<-from ad>]
-[B<-subject s>]
-[B<-text>]
-[B<-rand file(s)>]
-[cert.pem]...
-
-=head1 DESCRIPTION
-
-The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
-verify S/MIME messages.
-
-=head1 COMMAND OPTIONS
-
-There are five operation options that set the type of operation to be performed.
-The meaning of the other options varies according to the operation type.
-
-=over 4
-
-=item B<-encrypt>
-
-encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format.
-
-=item B<-decrypt>
-
-decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
-
-=item B<-sign>
-
-sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
-
-=item B<-verify>
-
-verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
-
-=item B<-pk7out>
-
-takes an input message and writes out a PEM encoded PKCS#7 structure.
-
-=item B<-in filename>
-
-the input message to be encrypted or signed or the MIME message to
-be decrypted or verified.
-
-=item B<-inform SMIME|PEM|DER>
-
-this specifies the input format for the PKCS#7 structure. The default
-is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
-format change this to expect PEM and DER format PKCS#7 structures
-instead. This currently only affects the input format of the PKCS#7
-structure, if no PKCS#7 structure is being input (for example with
-B<-encrypt> or B<-sign>) this option has no effect.
-
-=item B<-out filename>
-
-the message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
-
-=item B<-outform SMIME|PEM|DER>
-
-this specifies the output format for the PKCS#7 structure. The default
-is B<SMIME> which write an S/MIME format message. B<PEM> and B<DER>
-format change this to write PEM and DER format PKCS#7 structures
-instead. This currently only affects the output format of the PKCS#7
-structure, if no PKCS#7 structure is being output (for example with
-B<-verify> or B<-decrypt>) this option has no effect.
-
-=item B<-content filename>
-
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the PKCS#7
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
-
-=item B<-text>
-
-this option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME 
-type text/plain then an error occurs.
-
-=item B<-CAfile file>
-
-a file containing trusted CA certificates, only used with B<-verify>.
-
-=item B<-CApath dir>
-
-a directory containing trusted CA certificates, only used with
-B<-verify>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128>
-
-the encryption algorithm to use. DES (56 bits), triple DES (168 bits)
-or 40, 64 or 128 bit RC2 respectively if not specified 40 bit RC2 is
-used. Only used with B<-encrypt>.
-
-=item B<-nointern>
-
-when verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
-
-=item B<-noverify>
-
-do not verify the signers certificate of a signed message.
-
-=item B<-nochain>
-
-do not do chain verification of signers certificates: that is don't
-use the certificates in the signed message as untrusted CAs.
-
-=item B<-nosigs>
-
-don't try to verify the signatures on the message.
-
-=item B<-nocerts>
-
-when signing a message the signer's certificate is normally included
-with this option it is excluded. This will reduce the size of the
-signed message but the verifier must have a copy of the signers certificate
-available locally (passed using the B<-certfile> option for example).
-
-=item B<-noattr>
-
-normally when a message is signed a set of attributes are included which
-include the signing time and supported symmetric algorithms. With this
-option they are not included.
-
-=item B<-binary>
-
-normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-nodetach>
-
-when signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME.  Without this option cleartext signing with
-the MIME type multipart/signed is used.
-
-=item B<-certfile file>
-
-allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates. The certificates should be in PEM format.
-
-=item B<-signer file>
-
-the signers certificate when signing a message. If a message is
-being verified then the signers certificates will be written to this
-file if the verification was successful.
-
-=item B<-recip file>
-
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
-
-=item B<-inkey file>
-
-the private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file.
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<cert.pem...>
-
-one or more certificates of message recipients: used when encrypting
-a message. 
-
-=item B<-to, -from, -subject>
-
-the relevant mail headers. These are included outside the signed
-portion of a message so they may be included manually. If signing
-then many S/MIME mail clients check the signers certificate's email
-address matches that specified in the From: address.
-
-=back
-
-=head1 NOTES
-
-The MIME message must be sent without any blank lines between the
-headers and the output. Some mail programs will automatically add
-a blank line. Piping the mail directly to sendmail is one way to
-achieve the correct format.
-
-The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
-properly (if at all). You can use the B<-text> option to automatically
-add plain text headers.
-
-A "signed and encrypted" message is one where a signed message is
-then encrypted. This can be produced by encrypting an already signed
-message: see the examples section.
-
-This version of the program only allows one signer per message but it
-will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains multiple signers. It is possible to sign
-messages "in parallel" by signing an already signed message.
-
-The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
-clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
-encrypted data is used for other purposes.
-
-=head1 EXIT CODES
-
-=over 4
-
-=item 0
-
-the operation was completely successfully.
-
-=item 1 
-
-an error occurred parsing the command options.
-
-=item 2
-
-one of the input files could not be read.
-
-=item 3
-
-an error occurred creating the PKCS#7 file or when reading the MIME
-message.
-
-=item 4
-
-an error occurred decrypting or verifying the message.
-
-=item 5
-
-the message was verified correctly but an error occurred writing out
-the signers certificates.
-
-=back
-
-=head1 EXAMPLES
-
-Create a cleartext signed message:
-
- openssl smime -sign -in message.txt -text -out mail.msg \
-	-signer mycert.pem
-
-Create and opaque signed message
-
- openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
-	-signer mycert.pem
-
-Create a signed message, include some additional certificates and
-read the private key from another file:
-
- openssl smime -sign -in in.txt -text -out mail.msg \
-	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
-
-Send a signed message under Unix directly to sendmail, including headers:
-
- openssl smime -sign -in in.txt -text -signer mycert.pem \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed message" | sendmail someone@somewhere
-
-Verify a message and extract the signer's certificate if successful:
-
- openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
-
-Send encrypted mail using triple DES:
-
- openssl smime -encrypt -in in.txt -from steve@openssl.org \
-	-to someone@somewhere -subject "Encrypted message" \
-	-des3 user.pem -out mail.msg
-
-Sign and encrypt mail:
-
- openssl smime -sign -in ml.txt -signer my.pem -text \
-	| openssl smime -encrypt -out mail.msg \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed and Encrypted message" -des3 user.pem
-
-Note: the encryption command does not include the B<-text> option because the message
-being encrypted already has MIME headers.
-
-Decrypt mail:
-
- openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
-
-The output from Netscape form signing is a PKCS#7 structure with the
-detached signature format. You can use this program to verify the
-signature by line wrapping the base64 encoded structure and surrounding
-it with:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-and using the command, 
-
- openssl smime -verify -inform PEM -in signature.pem -content content.txt
-
-alternatively you can base64 decode the signature and use
-
- openssl smime -verify -inform DER -in signature.der -content content.txt
-
-=head1 BUGS
-
-The MIME parser isn't very clever: it seems to handle most messages that I've thrown
-at it but it may choke on others.
-
-The code currently will only write out the signer's certificate to a file: if the
-signer has a separate encryption certificate this must be manually extracted. There
-should be some heuristic that determines the correct encryption certificate.
-
-Ideally a database should be maintained of a certificates for each email address.
-
-The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. this means the
-user has to manually include the correct encryption algorithm. It should store
-the list of permitted ciphers in a database and only use those.
-
-No revocation checking is done on the signer's certificate.
-
-The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
-structures may cause parsing errors.
-
-=cut
diff --git a/crypto/openssl/doc/apps/speed.pod b/crypto/openssl/doc/apps/speed.pod
deleted file mode 100644
index 0dcdba873e0c..000000000000
--- a/crypto/openssl/doc/apps/speed.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-speed - test library performance
-
-=head1 SYNOPSIS
-
-B<openssl speed>
-[B<-engine id>]
-[B<md2>]
-[B<mdc2>]
-[B<md5>]
-[B<hmac>]
-[B<sha1>]
-[B<rmd160>]
-[B<idea-cbc>]
-[B<rc2-cbc>]
-[B<rc5-cbc>]
-[B<bf-cbc>]
-[B<des-cbc>]
-[B<des-ede3>]
-[B<rc4>]
-[B<rsa512>]
-[B<rsa1024>]
-[B<rsa2048>]
-[B<rsa4096>]
-[B<dsa512>]
-[B<dsa1024>]
-[B<dsa2048>]
-[B<idea>]
-[B<rc2>]
-[B<des>]
-[B<rsa>]
-[B<blowfish>]
-
-=head1 DESCRIPTION
-
-This command is used to test the performance of cryptographic algorithms.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<speed>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<[zero or more test algorithms]>
-
-If any options are given, B<speed> tests those algorithms, otherwise all of
-the above are tested.
-
-=back
-
-=cut
diff --git a/crypto/openssl/doc/apps/spkac.pod b/crypto/openssl/doc/apps/spkac.pod
deleted file mode 100644
index c3f1ff9c6441..000000000000
--- a/crypto/openssl/doc/apps/spkac.pod
+++ /dev/null
@@ -1,133 +0,0 @@
-=pod
-
-=head1 NAME
-
-spkac - SPKAC printing and generating utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<spkac>
-[B<-in filename>]
-[B<-out filename>]
-[B<-key keyfile>]
-[B<-passin arg>]
-[B<-challenge string>]
-[B<-pubkey>]
-[B<-spkac spkacname>]
-[B<-spksect section>]
-[B<-noout>]
-[B<-verify>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<spkac> command processes Netscape signed public key and challenge
-(SPKAC) files. It can print out their contents, verify the signature and
-produce its own SPKACs from a supplied private key.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified. Ignored if the B<-key> option is used.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-key keyfile>
-
-create an SPKAC file using the private key in B<keyfile>. The
-B<-in>, B<-noout>, B<-spksect> and B<-verify> options are ignored if
-present.
-
-=item B<-passin password>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-challenge string>
-
-specifies the challenge string if an SPKAC is being created.
-
-=item B<-spkac spkacname>
-
-allows an alternative name form the variable containing the
-SPKAC. The default is "SPKAC". This option affects both
-generated and input SPKAC files.
-
-=item B<-spksect section>
-
-allows an alternative name form the section containing the
-SPKAC. The default is the default section.
-
-=item B<-noout>
-
-don't output the text version of the SPKAC (not used if an
-SPKAC is being created).
-
-=item B<-pubkey>
-
-output the public key of an SPKAC (not used if an SPKAC is
-being created).
-
-=item B<-verify>
-
-verifies the digital signature on the supplied SPKAC.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLES
-
-Print out the contents of an SPKAC:
-
- openssl spkac -in spkac.cnf
-
-Verify the signature of an SPKAC:
-
- openssl spkac -in spkac.cnf -noout -verify
-
-Create an SPKAC using the challenge string "hello":
-
- openssl spkac -key key.pem -challenge hello -out spkac.cnf
-
-Example of an SPKAC, (long lines split up for clarity):
-
- SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1cCoq2Wa3Ixs47uI7F\
- PVwHVIPDx5yso105Y6zpozam135a8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03u\
- PFoQIDAQABFgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJh1bEIYuc\
- 2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnDdq+NQ3F+X4deMx9AaEglZtULwV\
- 4=
-
-=head1 NOTES
-
-A created SPKAC with suitable DN components appended can be fed into
-the B<ca> utility.
-
-SPKACs are typically generated by Netscape when a form is submitted
-containing the B<KEYGEN> tag as part of the certificate enrollment
-process.
-
-The challenge string permits a primitive form of proof of possession
-of private key. By checking the SPKAC signature and a random challenge
-string some guarantee is given that the user knows the private key
-corresponding to the public key being certified. This is important in
-some applications. Without this it is possible for a previous SPKAC
-to be used in a "replay attack".
-
-=head1 SEE ALSO
-
-L<ca(1)|ca(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/verify.pod b/crypto/openssl/doc/apps/verify.pod
deleted file mode 100644
index ea5c29c15021..000000000000
--- a/crypto/openssl/doc/apps/verify.pod
+++ /dev/null
@@ -1,328 +0,0 @@
-=pod
-
-=head1 NAME
-
-verify - Utility to verify certificates.
-
-=head1 SYNOPSIS
-
-B<openssl> B<verify>
-[B<-CApath directory>]
-[B<-CAfile file>]
-[B<-purpose purpose>]
-[B<-untrusted file>]
-[B<-help>]
-[B<-issuer_checks>]
-[B<-verbose>]
-[B<->]
-[certificates]
-
-
-=head1 DESCRIPTION
-
-The B<verify> command verifies certificate chains.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-CApath directory>
-
-A directory of trusted certificates. The certificates should have names
-of the form: hash.0 or have symbolic links to them of this
-form ("hash" is the hashed certificate subject name: see the B<-hash> option
-of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
-create symbolic links to a directory of certificates.
-
-=item B<-CAfile file>
-
-A file of trusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
-=item B<-untrusted file>
-
-A file of untrusted certificates. The file should contain multiple certificates
-
-=item B<-purpose purpose>
-
-the intended use for the certificate. Without this option no chain verification
-will be done. Currently accepted uses are B<sslclient>, B<sslserver>,
-B<nssslserver>, B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION>
-section for more information.
-
-=item B<-help>
-
-prints out a usage message.
-
-=item B<-verbose>
-
-print extra information about the operations being performed.
-
-=item B<-issuer_checks>
-
-print out diagnostics relating to searches for the issuer certificate
-of the current certificate. This shows why each candidate issuer
-certificate was rejected. However the presence of rejection messages
-does not itself imply that anything is wrong: during the normal
-verify process several rejections may take place.
-
-=item B<->
-
-marks the last option. All arguments following this are assumed to be
-certificate files. This is useful if the first certificate filename begins
-with a B<->.
-
-=item B<certificates>
-
-one or more certificates to verify. If no certificate filenames are included
-then an attempt is made to read a certificate from standard input. They should
-all be in PEM format.
-
-
-=back
-
-=head1 VERIFY OPERATION
-
-The B<verify> program uses the same functions as the internal SSL and S/MIME
-verification, therefore this description applies to these verify operations
-too.
-
-There is one crucial difference between the verify operations performed
-by the B<verify> program: wherever possible an attempt is made to continue
-after an error whereas normally the verify operation would halt on the
-first error. This allows all the problems with a certificate chain to be
-determined.
-
-The verify operation consists of a number of separate steps.
-
-Firstly a certificate chain is built up starting from the supplied certificate
-and ending in the root CA. It is an error if the whole chain cannot be built
-up. The chain is built up by looking up the issuers certificate of the current
-certificate. If a certificate is found which is its own issuer it is assumed 
-to be the root CA.
-
-The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
-whose subject name matches the issuer name of the current certificate are 
-subject to further tests. The relevant authority key identifier components
-of the current certificate (if present) must match the subject key identifier
-(if present) and issuer and serial number of the candidate issuer, in addition
-the keyUsage extension of the candidate issuer (if present) must permit
-certificate signing.
-
-The lookup first looks in the list of untrusted certificates and if no match
-is found the remaining lookups are from the trusted certificates. The root CA
-is always looked up in the trusted certificate list: if the certificate to
-verify is a root certificate then an exact match must be found in the trusted
-list.
-
-The second operation is to check every untrusted certificate's extensions for
-consistency with the supplied purpose. If the B<-purpose> option is not included
-then no checks are done. The supplied or "leaf" certificate must have extensions
-compatible with the supplied purpose and all other certificates must also be valid
-CA certificates. The precise extensions required are described in more detail in
-the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.
-
-The third operation is to check the trust settings on the root CA. The root
-CA should be trusted for the supplied purpose. For compatibility with previous
-versions of SSLeay and OpenSSL a certificate with no trust settings is considered
-to be valid for all purposes. 
-
-The final operation is to check the validity of the certificate chain. The validity
-period is checked against the current system time and the notBefore and notAfter
-dates in the certificate. The certificate signatures are also checked at this
-point.
-
-If all operations complete successfully then certificate is considered valid. If
-any operation fails then the certificate is not valid.
-
-=head1 DIAGNOSTICS
-
-When a verify operation fails the output messages can be somewhat cryptic. The
-general form of the error message is:
-
- server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
- error 24 at 1 depth lookup:invalid CA certificate
-
-The first line contains the name of the certificate being verified followed by
-the subject name of the certificate. The second line contains the error number
-and the depth. The depth is number of the certificate being verified when a
-problem was detected starting with zero for the certificate being verified itself
-then 1 for the CA that signed the certificate and so on. Finally a text version
-of the error number is presented.
-
-An exhaustive list of the error codes and messages is shown below, this also
-includes the name of the error code as defined in the header file x509_vfy.h
-Some of the error codes are defined but never returned: these are described
-as "unused".
-
-=over 4
-
-=item B<0 X509_V_OK: ok>
-
-the operation was successful.
-
-=item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
-
-the issuer certificate could not be found: this occurs if the issuer certificate
-of an untrusted certificate cannot be found.
-
-=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL unable to get certificate CRL>
-
-the CRL of a certificate could not be found. Unused.
-
-=item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
-
-the certificate signature could not be decrypted. This means that the actual signature value
-could not be determined rather than it not matching the expected value, this is only
-meaningful for RSA keys.
-
-=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
-
-the CRL signature could not be decrypted: this means that the actual signature value
-could not be determined rather than it not matching the expected value. Unused.
-
-=item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
-
-the public key in the certificate SubjectPublicKeyInfo could not be read.
-
-=item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
-
-the signature of the certificate is invalid. Unused.
-
-=item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
-
-the certificate is not yet valid: the notBefore date is after the current time.
-
-=item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
-
-the certificate has expired: that is the notAfter date is before the current time.
-
-=item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
-
-the CRL is not yet valid. Unused.
-
-=item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
-
-the CRL has expired. Unused.
-
-=item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
-
-the certificate notBefore field contains an invalid time.
-
-=item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
-
-the certificate notAfter field contains an invalid time.
-
-=item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
-
-the CRL lastUpdate field contains an invalid time. Unused.
-
-=item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
-
-the CRL nextUpdate field contains an invalid time. Unused.
-
-=item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
-
-an error occurred trying to allocate memory. This should never happen.
-
-=item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
-
-the passed certificate is self signed and the same certificate cannot be found in the list of
-trusted certificates.
-
-=item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
-
-the certificate chain could be built up using the untrusted certificates but the root could not
-be found locally.
-
-=item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
-
-the issuer certificate of a locally looked up certificate could not be found. This normally means
-the list of trusted certificates is not complete.
-
-=item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
-
-no signatures could be verified because the chain contains only one certificate and it is not
-self signed.
-
-=item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
-
-the certificate chain length is greater than the supplied maximum depth. Unused.
-
-=item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
-
-the certificate has been revoked. Unused.
-
-=item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
-
-a CA certificate is invalid. Either it is not a CA or its extensions are not consistent
-with the supplied purpose.
-
-=item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
-
-the basicConstraints pathlength parameter has been exceeded.
-
-=item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
-
-the supplied certificate cannot be used for the specified purpose.
-
-=item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
-
-the root CA is not marked as trusted for the specified purpose.
-
-=item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected>
-
-the root CA is marked to reject the specified purpose.
-
-=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
-
-the current candidate issuer certificate was rejected because its subject name
-did not match the issuer name of the current certificate. Only displayed when
-the B<-issuer_checks> option is set.
-
-=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
-
-the current candidate issuer certificate was rejected because its subject key
-identifier was present and did not match the authority key identifier current
-certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
-
-the current candidate issuer certificate was rejected because its issuer name
-and serial number was present and did not match the authority key identifier
-of the current certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
-
-the current candidate issuer certificate was rejected because its keyUsage extension
-does not permit certificate signing.
-
-=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
-
-an application specific error. Unused.
-
-=back
-
-=head1 BUGS
-
-Although the issuer checks are a considerably improvement over the old technique they still
-suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
-trusted certificates with matching subject name must either appear in a file (as specified by the
-B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
-the certificates in the file will be recognised.
-
-Previous versions of OpenSSL assume certificates with matching subject name are identical and
-mishandled them.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>
-
-=cut
diff --git a/crypto/openssl/doc/apps/version.pod b/crypto/openssl/doc/apps/version.pod
deleted file mode 100644
index e00324c446cd..000000000000
--- a/crypto/openssl/doc/apps/version.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-version - print OpenSSL version information
-
-=head1 SYNOPSIS
-
-B<openssl version>
-[B<-a>]
-[B<-v>]
-[B<-b>]
-[B<-o>]
-[B<-f>]
-[B<-p>]
-
-=head1 DESCRIPTION
-
-This command is used to print out version information about OpenSSL.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-a>
-
-all information, this is the same as setting all the other flags.
-
-=item B<-v>
-
-the current OpenSSL version.
-
-=item B<-b>
-
-the date the current version of OpenSSL was built.
-
-=item B<-o>
-
-option information: various options set when the library was built.
-
-=item B<-c>
-
-compilation flags.
-
-=item B<-p>
-
-platform setting.
-
-=item B<-d>
-
-OPENSSLDIR setting.
-
-=back
-
-=head1 NOTES
-
-The output of B<openssl version -a> would typically be used when sending
-in a bug report.
-
-=head1 HISTORY
-
-The B<-d> option was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/apps/x509.pod b/crypto/openssl/doc/apps/x509.pod
deleted file mode 100644
index 50343cd68543..000000000000
--- a/crypto/openssl/doc/apps/x509.pod
+++ /dev/null
@@ -1,818 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-x509 - Certificate display and signing utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<x509>
-[B<-inform DER|PEM|NET>]
-[B<-outform DER|PEM|NET>]
-[B<-keyform DER|PEM>]
-[B<-CAform DER|PEM>]
-[B<-CAkeyform DER|PEM>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-serial>]
-[B<-hash>]
-[B<-subject>]
-[B<-issuer>]
-[B<-nameopt option>]
-[B<-email>]
-[B<-startdate>]
-[B<-enddate>]
-[B<-purpose>]
-[B<-dates>]
-[B<-modulus>]
-[B<-fingerprint>]
-[B<-alias>]
-[B<-noout>]
-[B<-trustout>]
-[B<-clrtrust>]
-[B<-clrreject>]
-[B<-addtrust arg>]
-[B<-addreject arg>]
-[B<-setalias arg>]
-[B<-days arg>]
-[B<-set_serial n>]
-[B<-signkey filename>]
-[B<-x509toreq>]
-[B<-req>]
-[B<-CA filename>]
-[B<-CAkey filename>]
-[B<-CAcreateserial>]
-[B<-CAserial filename>]
-[B<-text>]
-[B<-C>]
-[B<-md2|-md5|-sha1|-mdc2>]
-[B<-clrext>]
-[B<-extfile filename>]
-[B<-extensions section>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<x509> command is a multi purpose certificate utility. It can be
-used to display certificate information, convert certificates to
-various forms, sign certificate requests like a "mini CA" or edit
-certificate trust settings.
-
-Since there are a large number of options they will split up into
-various sections.
-
-=head1 OPTIONS
-
-=head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM|NET>
-
-This specifies the input format normally the command will expect an X509
-certificate but this can change if other options such as B<-req> are
-present. The DER format is the DER encoding of the certificate and PEM
-is the base64 encoding of the DER encoding with header and footer lines
-added. The NET option is an obscure Netscape server format that is now
-obsolete.
-
-=item B<-outform DER|PEM|NET>
-
-This specifies the output format, the options have the same meaning as the 
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a certificate from or standard input
-if this option is not specified.
-
-=item B<-out filename>
-
-This specifies the output filename to write to or standard output by
-default.
-
-=item B<-md2|-md5|-sha1|-mdc2>
-
-the digest to use. This affects any signing or display option that uses a message
-digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
-specified then MD5 is used. If the key being used to sign with is a DSA key then
-this option has no effect: SHA1 is always used with DSA keys.
-
-=item B<-engine id>
-
-specifying an engine (by it's unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head2 DISPLAY OPTIONS
-
-Note: the B<-alias> and B<-purpose> options are also display options
-but are described in the B<TRUST SETTINGS> section.
-
-=over 4
-
-=item B<-text>
-
-prints out the certificate in text form. Full details are output including the
-public key, signature algorithms, issuer and subject names, serial number
-any extensions present and any trust settings.
-
-=item B<-certopt option>
-
-customise the output format used with B<-text>. The B<option> argument can be
-a single option or multiple options separated by commas. The B<-certopt> switch
-may be also be used more than once to set multiple options. See the B<TEXT OPTIONS>
-section for more information.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the request.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the public key
-contained in the certificate.
-
-=item B<-serial>
-
-outputs the certificate serial number.
-
-=item B<-hash>
-
-outputs the "hash" of the certificate subject name. This is used in OpenSSL to
-form an index to allow certificates in a directory to be looked up by subject
-name.
-
-=item B<-subject>
-
-outputs the subject name.
-
-=item B<-issuer>
-
-outputs the issuer name.
-
-=item B<-nameopt option>
-
-option which determines how the subject or issuer names are displayed. The
-B<option> argument can be a single option or multiple options separated by
-commas.  Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the B<NAME OPTIONS> section for more information.
-
-=item B<-email>
-
-outputs the email address(es) if any.
-
-=item B<-startdate>
-
-prints out the start date of the certificate, that is the notBefore date.
-
-=item B<-enddate>
-
-prints out the expiry date of the certificate, that is the notAfter date.
-
-=item B<-dates>
-
-prints out the start and expiry dates of a certificate.
-
-=item B<-fingerprint>
-
-prints out the digest of the DER encoded version of the whole certificate
-(see digest options).
-
-=item B<-C>
-
-this outputs the certificate in the form of a C source file.
-
-=back
-
-=head2 TRUST SETTINGS
-
-Please note these options are currently experimental and may well change.
-
-A B<trusted certificate> is an ordinary certificate which has several
-additional pieces of information attached to it such as the permitted
-and prohibited uses of the certificate and an "alias".
-
-Normally when a certificate is being verified at least one certificate
-must be "trusted". By default a trusted certificate must be stored
-locally and must be a root CA: any certificate chain ending in this CA
-is then usable for any purpose.
-
-Trust settings currently are only used with a root CA. They allow a finer
-control over the purposes the root CA can be used for. For example a CA
-may be trusted for SSL client but not SSL server use.
-
-See the description of the B<verify> utility for more information on the
-meaning of trust settings.
-
-Future versions of OpenSSL will recognize trust settings on any
-certificate: not just root CAs.
-
-
-=over 4
-
-=item B<-trustout>
-
-this causes B<x509> to output a B<trusted> certificate. An ordinary
-or trusted certificate can be input but by default an ordinary
-certificate is output and any trust settings are discarded. With the
-B<-trustout> option a trusted certificate is output. A trusted
-certificate is automatically output if any trust settings are modified.
-
-=item B<-setalias arg>
-
-sets the alias of the certificate. This will allow the certificate
-to be referred to using a nickname for example "Steve's Certificate".
-
-=item B<-alias>
-
-outputs the certificate alias, if any.
-
-=item B<-clrtrust>
-
-clears all the permitted or trusted uses of the certificate.
-
-=item B<-clrreject>
-
-clears all the prohibited or rejected uses of the certificate.
-
-=item B<-addtrust arg>
-
-adds a trusted certificate use. Any object name can be used here
-but currently only B<clientAuth> (SSL client use), B<serverAuth>
-(SSL server use) and B<emailProtection> (S/MIME email) are used.
-Other OpenSSL applications may define additional uses.
-
-=item B<-addreject arg>
-
-adds a prohibited use. It accepts the same values as the B<-addtrust>
-option.
-
-=item B<-purpose>
-
-this option performs tests on the certificate extensions and outputs
-the results. For a more complete description see the B<CERTIFICATE
-EXTENSIONS> section.
-
-=back
-
-=head2 SIGNING OPTIONS
-
-The B<x509> utility can be used to sign certificates and requests: it
-can thus behave like a "mini CA".
-
-=over 4
-
-=item B<-signkey filename>
-
-this option causes the input file to be self signed using the supplied
-private key. 
-
-If the input file is a certificate it sets the issuer name to the
-subject name (i.e.  makes it self signed) changes the public key to the
-supplied value and changes the start and end dates. The start date is
-set to the current time and the end date is set to a value determined
-by the B<-days> option. Any certificate extensions are retained unless
-the B<-clrext> option is supplied.
-
-If the input is a certificate request then a self signed certificate
-is created using the supplied private key using the subject name in
-the request.
-
-=item B<-clrext>
-
-delete any extensions from a certificate. This option is used when a
-certificate is being created from another certificate (for example with
-the B<-signkey> or the B<-CA> options). Normally all extensions are
-retained.
-
-=item B<-keyform PEM|DER>
-
-specifies the format (DER or PEM) of the private key file used in the
-B<-signkey> option.
-
-=item B<-days arg>
-
-specifies the number of days to make a certificate valid for. The default
-is 30 days.
-
-=item B<-x509toreq>
-
-converts a certificate into a certificate request. The B<-signkey> option
-is used to pass the required private key.
-
-=item B<-req>
-
-by default a certificate is expected on input. With this option a
-certificate request is expected instead.
-
-=item B<-set_serial n>
-
-specifies the serial number to use. This option can be used with either
-the B<-signkey> or B<-CA> options. If used in conjunction with the B<-CA>
-option the serial number file (as specified by the B<-CAserial> or
-B<-CAcreateserial> options) is not used.
-
-The serial number can be decimal or hex (if preceded by B<0x>). Negative
-serial numbers can also be specified but their use is not recommended.
-
-=item B<-CA filename>
-
-specifies the CA certificate to be used for signing. When this option is
-present B<x509> behaves like a "mini CA". The input file is signed by this
-CA using this option: that is its issuer name is set to the subject name
-of the CA and it is digitally signed using the CAs private key.
-
-This option is normally combined with the B<-req> option. Without the
-B<-req> option the input is a certificate which must be self signed.
-
-=item B<-CAkey filename>
-
-sets the CA private key to sign a certificate with. If this option is
-not specified then it is assumed that the CA private key is present in
-the CA certificate file.
-
-=item B<-CAserial filename>
-
-sets the CA serial number file to use.
-
-When the B<-CA> option is used to sign a certificate it uses a serial
-number specified in a file. This file consist of one line containing
-an even number of hex digits with the serial number to use. After each
-use the serial number is incremented and written out to the file again.
-
-The default filename consists of the CA certificate file base name with
-".srl" appended. For example if the CA certificate file is called 
-"mycacert.pem" it expects to find a serial number file called "mycacert.srl".
-
-=item B<-CAcreateserial>
-
-with this option the CA serial number file is created if it does not exist:
-it will contain the serial number "02" and the certificate being signed will
-have the 1 as its serial number. Normally if the B<-CA> option is specified
-and the serial number file does not exist it is an error.
-
-=item B<-extfile filename>
-
-file containing certificate extensions to use. If not specified then
-no extensions are added to the certificate.
-
-=item B<-extensions section>
-
-the section to add certificate extensions from. If this option is not
-specified then the extensions should either be contained in the unnamed
-(default) section or the default section should contain a variable called
-"extensions" which contains the section to use.
-
-=back
-
-=head2 NAME OPTIONS
-
-The B<nameopt> command line switch determines how the subject and issuer
-names are displayed. If no B<nameopt> switch is present the default "oneline"
-format is used which is compatible with previous versions of OpenSSL.
-Each option is described in detail below, all options can be preceded by
-a B<-> to turn the option off. Only the first four will normally be used.
-
-=over 4
-
-=item B<compat>
-
-use the old format. This is equivalent to specifying no name options at all.
-
-=item B<RFC2253>
-
-displays names compatible with RFC2253 equivalent to B<esc_2253>, B<esc_ctrl>,
-B<esc_msb>, B<utf8>, B<dump_nostr>, B<dump_unknown>, B<dump_der>,
-B<sep_comma_plus>, B<dn_rev> and B<sname>.
-
-=item B<oneline>
-
-a oneline format which is more readable than RFC2253. It is equivalent to
-specifying the  B<esc_2253>, B<esc_ctrl>, B<esc_msb>, B<utf8>, B<dump_nostr>,
-B<dump_der>, B<use_quote>, B<sep_comma_plus_spc>, B<spc_eq> and B<sname>
-options.
-
-=item B<multiline>
-
-a multiline format. It is equivalent B<esc_ctrl>, B<esc_msb>, B<sep_multiline>,
-B<spc_eq>, B<lname> and B<align>.
-
-=item B<esc_2253>
-
-escape the "special" characters required by RFC2253 in a field That is
-B<,+"E<lt>E<gt>;>. Additionally B<#> is escaped at the beginning of a string
-and a space character at the beginning or end of a string.
-
-=item B<esc_ctrl>
-
-escape control characters. That is those with ASCII values less than
-0x20 (space) and the delete (0x7f) character. They are escaped using the
-RFC2253 \XX notation (where XX are two hex digits representing the
-character value).
-
-=item B<esc_msb>
-
-escape characters with the MSB set, that is with ASCII values larger than
-127.
-
-=item B<use_quote>
-
-escapes some characters by surrounding the whole string with B<"> characters,
-without the option all escaping is done with the B<\> character.
-
-=item B<utf8>
-
-convert all strings to UTF8 format first. This is required by RFC2253. If
-you are lucky enough to have a UTF8 compatible terminal then the use
-of this option (and B<not> setting B<esc_msb>) may result in the correct
-display of multibyte (international) characters. Is this option is not
-present then multibyte characters larger than 0xff will be represented
-using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits.
-Also if this option is off any UTF8Strings will be converted to their
-character form first.
-
-=item B<no_type>
-
-this option does not attempt to interpret multibyte characters in any
-way. That is their content octets are merely dumped as though one octet
-represents each character. This is useful for diagnostic purposes but
-will result in rather odd looking output.
-
-=item B<show_type>
-
-show the type of the ASN1 character string. The type precedes the
-field contents. For example "BMPSTRING: Hello World".
-
-=item B<dump_der>
-
-when this option is set any fields that need to be hexdumped will
-be dumped using the DER encoding of the field. Otherwise just the
-content octets will be displayed. Both options use the RFC2253
-B<#XXXX...> format.
-
-=item B<dump_nostr>
-
-dump non character string types (for example OCTET STRING) if this
-option is not set then non character string types will be displayed
-as though each content octet represents a single character.
-
-=item B<dump_all>
-
-dump all fields. This option when used with B<dump_der> allows the
-DER encoding of the structure to be unambiguously determined.
-
-=item B<dump_unknown>
-
-dump any field whose OID is not recognised by OpenSSL.
-
-=item B<sep_comma_plus>, B<sep_comma_plus_space>, B<sep_semi_plus_space>,
-B<sep_multiline>
-
-these options determine the field separators. The first character is
-between RDNs and the second between multiple AVAs (multiple AVAs are
-very rare and their use is discouraged). The options ending in
-"space" additionally place a space after the separator to make it
-more readable. The B<sep_multiline> uses a linefeed character for
-the RDN separator and a spaced B<+> for the AVA separator. It also
-indents the fields by four characters.
-
-=item B<dn_rev>
-
-reverse the fields of the DN. This is required by RFC2253. As a side
-effect this also reverses the order of multiple AVAs but this is
-permissible.
-
-=item B<nofname>, B<sname>, B<lname>, B<oid>
-
-these options alter how the field name is displayed. B<nofname> does
-not display the field at all. B<sname> uses the "short name" form
-(CN for commonName for example). B<lname> uses the long form.
-B<oid> represents the OID in numerical form and is useful for
-diagnostic purpose.
-
-=item B<align>
-
-align field values for a more readable output. Only usable with
-B<sep_multiline>.
-
-=item B<spc_eq>
-
-places spaces round the B<=> character which follows the field
-name.
-
-=back
-
-=head2 TEXT OPTIONS
-
-As well as customising the name output format, it is also possible to
-customise the actual fields printed using the B<certopt> options when
-the B<text> option is present. The default behaviour is to print all fields.
-
-=over 4
-
-=item B<compatible>
-
-use the old format. This is equivalent to specifying no output options at all.
-
-=item B<no_header>
-
-don't print header information: that is the lines saying "Certificate" and "Data".
-
-=item B<no_version>
-
-don't print out the version number.
-
-=item B<no_serial>
-
-don't print out the serial number.
-
-=item B<no_signame>
-
-don't print out the signature algorithm used.
-
-=item B<no_validity>
-
-don't print the validity, that is the B<notBefore> and B<notAfter> fields.
-
-=item B<no_subject>
-
-don't print out the subject name.
-
-=item B<no_issuer>
-
-don't print out the issuer name.
-
-=item B<no_pubkey>
-
-don't print out the public key.
-
-=item B<no_sigdump>
-
-don't give a hexadecimal dump of the certificate signature.
-
-=item B<no_aux>
-
-don't print out certificate trust information.
-
-=item B<no_extensions>
-
-don't print out any X509V3 extensions.
-
-=item B<ext_default>
-
-retain default extension behaviour: attempt to print out unsupported certificate extensions.
-
-=item B<ext_error>
-
-print an error message for unsupported certificate extensions.
-
-=item B<ext_parse>
-
-ASN1 parse unsupported extensions.
-
-=item B<ext_dump>
-
-hex dump unsupported extensions.
-
-=item B<ca_default>
-
-the value used by the B<ca> utility, equivalent to B<no_issuer>, B<no_pubkey>, B<no_header>,
-B<no_version>, B<no_sigdump> and B<no_signame>.
-
-=back
-
-=head1 EXAMPLES
-
-Note: in these examples the '\' means the example should be all on one
-line.
-
-Display the contents of a certificate:
-
- openssl x509 -in cert.pem -noout -text
-
-Display the certificate serial number:
-
- openssl x509 -in cert.pem -noout -serial
-
-Display the certificate subject name:
-
- openssl x509 -in cert.pem -noout -subject
-
-Display the certificate subject name in RFC2253 form:
-
- openssl x509 -in cert.pem -noout -subject -nameopt RFC2253
-
-Display the certificate subject name in oneline form on a terminal
-supporting UTF8:
-
- openssl x509 -in cert.pem -noout -subject -nameopt oneline,-escmsb
-
-Display the certificate MD5 fingerprint:
-
- openssl x509 -in cert.pem -noout -fingerprint
-
-Display the certificate SHA1 fingerprint:
-
- openssl x509 -sha1 -in cert.pem -noout -fingerprint
-
-Convert a certificate from PEM to DER format:
-
- openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
-
-Convert a certificate to a certificate request:
-
- openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem
-
-Convert a certificate request into a self signed certificate using
-extensions for a CA:
-
- openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
-	-signkey key.pem -out cacert.pem
-
-Sign a certificate request using the CA certificate above and add user
-certificate extensions:
-
- openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
-	-CA cacert.pem -CAkey key.pem -CAcreateserial
-
-
-Set a certificate to be trusted for SSL client use and change set its alias to
-"Steve's Class 1 CA"
-
- openssl x509 -in cert.pem -addtrust clientAuth \
-	-setalias "Steve's Class 1 CA" -out trust.pem
-
-=head1 NOTES
-
-The PEM format uses the header and footer lines:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-it will also handle files containing:
-
- -----BEGIN X509 CERTIFICATE-----
- -----END X509 CERTIFICATE-----
-
-Trusted certificates have the lines
-
- -----BEGIN TRUSTED CERTIFICATE-----
- -----END TRUSTED CERTIFICATE-----
-
-The conversion to UTF8 format used with the name options assumes that
-T61Strings use the ISO8859-1 character set. This is wrong but Netscape
-and MSIE do this as do many certificates. So although this is incorrect
-it is more likely to display the majority of certificates correctly.
-
-The B<-fingerprint> option takes the digest of the DER encoded certificate.
-This is commonly called a "fingerprint". Because of the nature of message
-digests the fingerprint of a certificate is unique to that certificate and
-two certificates with the same fingerprint can be considered to be the same.
-
-The Netscape fingerprint uses MD5 whereas MSIE uses SHA1.
-
-The B<-email> option searches the subject name and the subject alternative
-name extension. Only unique email addresses will be printed out: it will
-not print the same address more than once.
-
-=head1 CERTIFICATE EXTENSIONS
-
-The B<-purpose> option checks the certificate extensions and determines
-what the certificate can be used for. The actual checks done are rather
-complex and include various hacks and workarounds to handle broken
-certificates and software.
-
-The same code is used when verifying untrusted certificates in chains
-so this section is useful if a chain is rejected by the verify code.
-
-The basicConstraints extension CA flag is used to determine whether the
-certificate can be used as a CA. If the CA flag is true then it is a CA,
-if the CA flag is false then it is not a CA. B<All> CAs should have the
-CA flag set to true.
-
-If the basicConstraints extension is absent then the certificate is
-considered to be a "possible CA" other extensions are checked according
-to the intended use of the certificate. A warning is given in this case
-because the certificate should really not be regarded as a CA: however
-it is allowed to be a CA to work around some broken software.
-
-If the certificate is a V1 certificate (and thus has no extensions) and
-it is self signed it is also assumed to be a CA but a warning is again
-given: this is to work around the problem of Verisign roots which are V1
-self signed certificates.
-
-If the keyUsage extension is present then additional restraints are
-made on the uses of the certificate. A CA certificate B<must> have the
-keyCertSign bit set if the keyUsage extension is present.
-
-The extended key usage extension places additional restrictions on the
-certificate uses. If this extension is present (whether critical or not)
-the key can only be used for the purposes specified.
-
-A complete description of each test is given below. The comments about
-basicConstraints and keyUsage and V1 certificates above apply to B<all>
-CA certificates.
-
-
-=over 4
-
-=item B<SSL Client>
-
-The extended key usage extension must be absent or include the "web client
-authentication" OID.  keyUsage must be absent or it must have the
-digitalSignature bit set. Netscape certificate type must be absent or it must
-have the SSL client bit set.
-
-=item B<SSL Client CA>
-
-The extended key usage extension must be absent or include the "web client
-authentication" OID. Netscape certificate type must be absent or it must have
-the SSL CA bit set: this is used as a work around if the basicConstraints
-extension is absent.
-
-=item B<SSL Server>
-
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  keyUsage must be absent or it
-must have the digitalSignature, the keyEncipherment set or both bits set.
-Netscape certificate type must be absent or have the SSL server bit set.
-
-=item B<SSL Server CA>
-
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  Netscape certificate type must
-be absent or the SSL CA bit must be set: this is used as a work around if the
-basicConstraints extension is absent.
-
-=item B<Netscape SSL Server>
-
-For Netscape SSL clients to connect to an SSL server it must have the
-keyEncipherment bit set if the keyUsage extension is present. This isn't
-always valid because some cipher suites use the key for digital signing.
-Otherwise it is the same as a normal SSL server.
-
-=item B<Common S/MIME Client Tests>
-
-The extended key usage extension must be absent or include the "email
-protection" OID. Netscape certificate type must be absent or should have the
-S/MIME bit set. If the S/MIME bit is not set in netscape certificate type
-then the SSL client bit is tolerated as an alternative but a warning is shown:
-this is because some Verisign certificates don't set the S/MIME bit.
-
-=item B<S/MIME Signing>
-
-In addition to the common S/MIME client tests the digitalSignature bit must
-be set if the keyUsage extension is present.
-
-=item B<S/MIME Encryption>
-
-In addition to the common S/MIME tests the keyEncipherment bit must be set
-if the keyUsage extension is present.
-
-=item B<S/MIME CA>
-
-The extended key usage extension must be absent or include the "email
-protection" OID. Netscape certificate type must be absent or must have the
-S/MIME CA bit set: this is used as a work around if the basicConstraints
-extension is absent. 
-
-=item B<CRL Signing>
-
-The keyUsage extension must be absent or it must have the CRL signing bit
-set.
-
-=item B<CRL Signing CA>
-
-The normal CA tests apply. Except in this case the basicConstraints extension
-must be present.
-
-=back
-
-=head1 BUGS
-
-Extensions in certificates are not transferred to certificate requests and
-vice versa.
-
-It is possible to produce invalid certificates or requests by specifying the
-wrong private key or using inconsistent options in some cases: these should
-be checked.
-
-There should be options to explicitly set such things as start and end
-dates rather than an offset from the current time.
-
-The code to implement the verify behaviour described in the B<TRUST SETTINGS>
-is currently being developed. It thus describes the intended behaviour rather
-than the current behaviour. It is hoped that it will represent reality in
-OpenSSL 0.9.5 and later.
-
-=head1 SEE ALSO
-
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>
-
-=cut
diff --git a/crypto/openssl/doc/c-indentation.el b/crypto/openssl/doc/c-indentation.el
deleted file mode 100644
index cbf01cb1720a..000000000000
--- a/crypto/openssl/doc/c-indentation.el
+++ /dev/null
@@ -1,44 +0,0 @@
-; This Emacs Lisp file defines a C indentation style that closely
-; follows most aspects of the one that is used throughout SSLeay,
-; and hence in OpenSSL.
-; 
-; This definition is for the "CC mode" package, which is the default
-; mode for editing C source files in Emacs 20, not for the older
-; c-mode.el (which was the default in less recent releaes of Emacs 19).
-;
-; Copy the definition in your .emacs file or use M-x eval-buffer.
-; To activate this indentation style, visit a C file, type
-; M-x c-set-style <RET> (or C-c . for short), and enter "eay".
-; To toggle the auto-newline feature of CC mode, type C-c C-a.
-;
-; Apparently statement blocks that are not introduced by a statement
-; such as "if" and that are not the body of a function cannot
-; be handled too well by CC mode with this indentation style,
-; so you have to indent them manually (you can use C-q tab).
-; 
-; For suggesting improvements, please send e-mail to bodo@openssl.org.
-
-(c-add-style "eay"
-	     '((c-basic-offset . 8)
-	       (c-comment-only-line-offset . 0)
-	       (c-hanging-braces-alist)
-	       (c-offsets-alist	. ((defun-open . +)
-				   (defun-block-intro . 0)
-				   (class-open . +)
-				   (class-close . +)
-				   (block-open . 0)
-				   (block-close . 0)
-				   (substatement-open . +)
-				   (statement . 0)
-				   (statement-block-intro . 0)
-				   (statement-case-open . +)
-				   (statement-case-intro . +)
-				   (case-label . -)
-				   (label . -)
-				   (arglist-cont-nonempty . +)
-				   (topmost-intro . -)
-				   (brace-list-close . 0)
-				   (brace-list-intro . 0)
-				   (brace-list-open . +)
-				   ))))
-
diff --git a/crypto/openssl/doc/crypto.pod b/crypto/openssl/doc/crypto.pod
deleted file mode 100644
index 9c8a143b09b9..000000000000
--- a/crypto/openssl/doc/crypto.pod
+++ /dev/null
@@ -1,27 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-Crypto - OpenSSL Cryptography library
-
-=head1 SYNOPSIS
-
-=head1 DESCRIPTION
-
-The OpenSSL B<crypto> library implements various cryptography standards
-related to the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security
-(TLS v1) protocols. It provides a rich API which is documented here.
-
-...
-
-=head1 SEE ALSO
-
-openssl(1), ssl(3)
-
-=head1 HISTORY
-
-The crypto(3) document appeared in OpenSSL 0.9.2
-
-=cut
-
diff --git a/crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod b/crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod
deleted file mode 100644
index 51679bfcd97c..000000000000
--- a/crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-ASN1_OBJECT_new, ASN1_OBJECT_free, - object allocation functions
-
-=head1 SYNOPSIS
-
- ASN1_OBJECT *ASN1_OBJECT_new(void);
- void ASN1_OBJECT_free(ASN1_OBJECT *a);
-
-=head1 DESCRIPTION
-
-The ASN1_OBJECT allocation routines, allocate and free an
-ASN1_OBJECT structure, which represents an ASN1 OBJECT IDENTIFIER.
-
-ASN1_OBJECT_new() allocates and initializes a ASN1_OBJECT structure.
-
-ASN1_OBJECT_free() frees up the B<ASN1_OBJECT> structure B<a>.
-
-=head1 NOTES
-
-Although ASN1_OBJECT_new() allocates a new ASN1_OBJECT structure it
-is almost never used in applications. The ASN1 object utility functions
-such as OBJ_nid2obj() are used instead.
-
-=head1 RETURN VALUES
-
-If the allocation fails, ASN1_OBJECT_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-Otherwise it returns a pointer to the newly allocated structure.
-
-ASN1_OBJECT_free() returns no value.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)|d2i_ASN1_OBJECT(3)>
-
-=head1 HISTORY
-
-ASN1_OBJECT_new() and ASN1_OBJECT_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ASN1_STRING_length.pod b/crypto/openssl/doc/crypto/ASN1_STRING_length.pod
deleted file mode 100644
index c4ec693f17bd..000000000000
--- a/crypto/openssl/doc/crypto/ASN1_STRING_length.pod
+++ /dev/null
@@ -1,81 +0,0 @@
-=pod
-
-=head1 NAME
-
-ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length,
-ASN1_STRING_length_set, ASN1_STRING_type, ASN1_STRING_data -
-ASN1_STRING utility functions
-
-=head1 SYNOPSIS
-
- int ASN1_STRING_length(ASN1_STRING *x);
- unsigned char * ASN1_STRING_data(ASN1_STRING *x);
-
- ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
-
- int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
-
- int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-
- int ASN1_STRING_type(ASN1_STRING *x);
-
- int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-=head1 DESCRIPTION
-
-These functions allow an B<ASN1_STRING> structure to be manipulated.
-
-ASN1_STRING_length() returns the length of the content of B<x>.
-
-ASN1_STRING_data() returns an internal pointer to the data of B<x>.
-Since this is an internal pointer it should B<not> be freed or
-modified in any way.
-
-ASN1_STRING_dup() returns a copy of the structure B<a>.
-
-ASN1_STRING_cmp() compares B<a> and B<b> returning 0 if the two
-are identical. The string types and content are compared.
-
-ASN1_STRING_set() sets the data of string B<str> to the buffer
-B<data> or length B<len>. The supplied data is copied. If B<len>
-is -1 then the length is determined by strlen(data).
-
-ASN1_STRING_type() returns the type of B<x>, using standard constants
-such as B<V_ASN1_OCTET_STRING>.
-
-ASN1_STRING_to_UTF8() converts the string B<in> to UTF8 format, the
-converted data is allocated in a buffer in B<*out>. The length of
-B<out> is returned or a negative error code. The buffer B<*out>
-should be free using OPENSSL_free().
-
-=head1 NOTES
-
-Almost all ASN1 types in OpenSSL are represented as an B<ASN1_STRING>
-structure. Other types such as B<ASN1_OCTET_STRING> are simply typedefed
-to B<ASN1_STRING> and the functions call the B<ASN1_STRING> equivalents.
-B<ASN1_STRING> is also used for some B<CHOICE> types which consist
-entirely of primitive string types such as B<DirectoryString> and
-B<Time>.
-
-These functions should B<not> be used to examine or modify B<ASN1_INTEGER>
-or B<ASN1_ENUMERATED> types: the relevant B<INTEGER> or B<ENUMERATED>
-utility functions should be used instead.
-
-In general it cannot be assumed that the data returned by ASN1_STRING_data()
-is null terminated or does not contain embedded nulls. The actual format
-of the data will depend on the actual string type itself: for example
-for and IA5String the data will be ASCII, for a BMPString two bytes per
-character in big endian format, UTF8String will be in UTF8 format.
-
-Similar care should be take to ensure the data is in the correct format
-when calling ASN1_STRING_set().
-
-=head1 RETURN VALUES
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ASN1_STRING_new.pod b/crypto/openssl/doc/crypto/ASN1_STRING_new.pod
deleted file mode 100644
index 5b1bbb7eb21f..000000000000
--- a/crypto/openssl/doc/crypto/ASN1_STRING_new.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free -
-ASN1_STRING allocation functions
-
-=head1 SYNOPSIS
-
- ASN1_STRING * ASN1_STRING_new(void);
- ASN1_STRING * ASN1_STRING_type_new(int type);
- void ASN1_STRING_free(ASN1_STRING *a);
-
-=head1 DESCRIPTION
-
-ASN1_STRING_new() returns an allocated B<ASN1_STRING> structure. Its type
-is undefined.
-
-ASN1_STRING_type_new() returns an allocated B<ASN1_STRING> structure of
-type B<type>.
-
-ASN1_STRING_free() frees up B<a>.
-
-=head1 NOTES
-
-Other string types call the B<ASN1_STRING> functions. For example
-ASN1_OCTET_STRING_new() calls ASN1_STRING_type(V_ASN1_OCTET_STRING).
-
-=head1 RETURN VALUES
-
-ASN1_STRING_new() and ASN1_STRING_type_new() return a valid
-ASN1_STRING structure or B<NULL> if an error occurred.
-
-ASN1_STRING_free() does not return a value.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ASN1_STRING_print_ex.pod b/crypto/openssl/doc/crypto/ASN1_STRING_print_ex.pod
deleted file mode 100644
index fbf9a1f1412e..000000000000
--- a/crypto/openssl/doc/crypto/ASN1_STRING_print_ex.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp - ASN1_STRING output routines.
-
-=head1 SYNOPSIS
-
- #include <openssl/asn1.h>
-
- int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
- int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
- int ASN1_STRING_print(BIO *out, ASN1_STRING *str);
-
-
-=head1 DESCRIPTION
-
-These functions output an B<ASN1_STRING> structure. B<ASN1_STRING> is used to
-represent all the ASN1 string types.
-
-ASN1_STRING_print_ex() outputs B<str> to B<out>, the format is determined by
-the options B<flags>. ASN1_STRING_print_ex_fp() is identical except it outputs
-to B<fp> instead.
-
-ASN1_STRING_print() prints B<str> to B<out> but using a different format to
-ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF)
-with '.'.
-
-=head1 NOTES
-
-ASN1_STRING_print() is a legacy function which should be avoided in new applications.
-
-Although there are a large number of options frequently B<ASN1_STRFLAGS_RFC2253> is 
-suitable, or on UTF8 terminals B<ASN1_STRFLAGS_RFC2253 & ~ASN1_STRFLAGS_ESC_MSB>.
-
-The complete set of supported options for B<flags> is listed below.
-
-Various characters can be escaped. If B<ASN1_STRFLGS_ESC_2253> is set the characters
-determined by RFC2253 are escaped. If B<ASN1_STRFLGS_ESC_CTRL> is set control
-characters are escaped. If B<ASN1_STRFLGS_ESC_MSB> is set characters with the
-MSB set are escaped: this option should B<not> be used if the terminal correctly
-interprets UTF8 sequences.
-
-Escaping takes several forms.
-
-If the character being escaped is a 16 bit character then the form "\WXXXX" is used
-using exactly four characters for the hex representation. If it is 32 bits then
-"\UXXXXXXXX" is used using eight characters of its hex representation. These forms
-will only be used if UTF8 conversion is not set (see below).
-
-Printable characters are normally escaped using the backslash '\' character. If
-B<ASN1_STRFLGS_ESC_QUOTE> is set then the whole string is instead surrounded by
-double quote characters: this is arguably more readable than the backslash
-notation. Other characters use the "\XX" using exactly two characters of the hex
-representation.
-
-If B<ASN1_STRFLGS_UTF8_CONVERT> is set then characters are converted to UTF8
-format first. If the terminal supports the display of UTF8 sequences then this
-option will correctly display multi byte characters.
-
-If B<ASN1_STRFLGS_IGNORE_TYPE> is set then the string type is not interpreted at
-all: everything is assumed to be one byte per character. This is primarily for
-debugging purposes and can result in confusing output in multi character strings.
-
-If B<ASN1_STRFLGS_SHOW_TYPE> is set then the string type itself is printed out
-before its value (for example "BMPSTRING"), this actually uses ASN1_tag2str().
-
-The content of a string instead of being interpreted can be "dumped": this just
-outputs the value of the string using the form #XXXX using hex format for each
-octet.
-
-If B<ASN1_STRFLGS_DUMP_ALL> is set then any type is dumped.
-
-Normally non character string types (such as OCTET STRING) are assumed to be
-one byte per character, if B<ASN1_STRFLAGS_DUMP_UNKNOWN> is set then they will
-be dumped instead.
-
-When a type is dumped normally just the content octets are printed, if 
-B<ASN1_STRFLGS_DUMP_DER> is set then the complete encoding is dumped
-instead (including tag and length octets).
-
-B<ASN1_STRFLGS_RFC2253> includes all the flags required by RFC2253. It is
-equivalent to:
- ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
- ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER
-
-=head1 SEE ALSO
-
-L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
-L<ASN1_tag2str(3)|ASN1_tag2str(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BIO_ctrl.pod b/crypto/openssl/doc/crypto/BIO_ctrl.pod
deleted file mode 100644
index 722e8b8f46c9..000000000000
--- a/crypto/openssl/doc/crypto/BIO_ctrl.pod
+++ /dev/null
@@ -1,128 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
-BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close,
-BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending,
-BIO_get_info_callback, BIO_set_info_callback - BIO control operations
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
- long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
- char *	BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
- long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-
- int BIO_reset(BIO *b);
- int BIO_seek(BIO *b, int ofs);
- int BIO_tell(BIO *b);
- int BIO_flush(BIO *b);
- int BIO_eof(BIO *b);
- int BIO_set_close(BIO *b,long flag);
- int BIO_get_close(BIO *b);
- int BIO_pending(BIO *b);
- int BIO_wpending(BIO *b);
- size_t BIO_ctrl_pending(BIO *b);
- size_t BIO_ctrl_wpending(BIO *b);
-
- int BIO_get_info_callback(BIO *b,bio_info_cb **cbp);
- int BIO_set_info_callback(BIO *b,bio_info_cb *cb);
-
- typedef void bio_info_cb(BIO *b, int oper, const char *ptr, int arg1, long arg2, long arg3);
-
-=head1 DESCRIPTION
-
-BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl()
-are BIO "control" operations taking arguments of various types.
-These functions are not normally called directly, various macros
-are used instead. The standard macros are described below, macros
-specific to a particular type of BIO are described in the specific
-BIOs manual page as well as any special features of the standard
-calls.
-
-BIO_reset() typically resets a BIO to some initial state, in the case
-of file related BIOs for example it rewinds the file pointer to the
-start of the file.
-
-BIO_seek() resets a file related BIO's (that is file descriptor and
-FILE BIOs) file position pointer to B<ofs> bytes from start of file.
-
-BIO_tell() returns the current file position of a file related BIO.
-
-BIO_flush() normally writes out any internally buffered data, in some
-cases it is used to signal EOF and that no more data will be written.
-
-BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of
-"EOF" varies according to the BIO type.
-
-BIO_set_close() sets the BIO B<b> close flag to B<flag>. B<flag> can
-take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used
-in a source/sink BIO to indicate that the underlying I/O stream should
-be closed when the BIO is freed.
-
-BIO_get_close() returns the BIOs close flag.
-
-BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
-return the number of pending characters in the BIOs read and write buffers.
-Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending()
-return a size_t type and are functions, BIO_pending() and BIO_wpending() are
-macros which call BIO_ctrl().
-
-=head1 RETURN VALUES
-
-BIO_reset() normally returns 1 for success and 0 or -1 for failure. File
-BIOs are an exception, they return 0 for success and -1 for failure.
-
-BIO_seek() and BIO_tell() both return the current file position on success
-and -1 for failure, except file BIOs which for BIO_seek() always return 0
-for success and -1 for failure.
-
-BIO_flush() returns 1 for success and 0 or -1 for failure.
-
-BIO_eof() returns 1 if EOF has been reached 0 otherwise.
-
-BIO_set_close() always returns 1.
-
-BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.
-
-BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
-return the amount of pending data.
-
-=head1 NOTES
-
-BIO_flush(), because it can write data may return 0 or -1 indicating
-that the call should be retried later in a similar manner to BIO_write(). 
-The BIO_should_retry() call should be used and appropriate action taken
-is the call fails.
-
-The return values of BIO_pending() and BIO_wpending() may not reliably
-determine the amount of pending data in all cases. For example in the
-case of a file BIO some data may be available in the FILE structures
-internal buffers but it is not possible to determine this in a
-portably way. For other types of BIO they may not be supported.
-
-Filter BIOs if they do not internally handle a particular BIO_ctrl()
-operation usually pass the operation to the next BIO in the chain.
-This often means there is no need to locate the required BIO for
-a particular operation, it can be called on a chain and it will
-be automatically passed to the relevant BIO. However this can cause
-unexpected results: for example no current filter BIOs implement
-BIO_seek(), but this may still succeed if the chain ends in a FILE
-or file descriptor BIO.
-
-Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl()
-operation.
-
-=head1 BUGS
-
-Some of the return values are ambiguous and care should be taken. In
-particular a return value of 0 can be returned if an operation is not
-supported, if an error occurred, if EOF has not been reached and in
-the case of BIO_seek() on a file BIO for a successful operation. 
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_base64.pod b/crypto/openssl/doc/crypto/BIO_f_base64.pod
deleted file mode 100644
index fdb603b38e30..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_base64.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_base64 - base64 BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *	BIO_f_base64(void);
-
-=head1 DESCRIPTION
-
-BIO_f_base64() returns the base64 BIO method. This is a filter
-BIO that base64 encodes any data written through it and decodes
-any data read through it.
-
-Base64 BIOs do not support BIO_gets() or BIO_puts(). 
-
-BIO_flush() on a base64 BIO that is being written through is
-used to signal that no more data is to be encoded: this is used
-to flush the final block through the BIO.
-
-The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags()
-to encode the data all on one line or expect the data to be all
-on one line.
-
-=head1 NOTES
-
-Because of the format of base64 encoding the end of the encoded
-block cannot always be reliably determined.
-
-=head1 RETURN VALUES
-
-BIO_f_base64() returns the base64 BIO method.
-
-=head1 EXAMPLES
-
-Base64 encode the string "Hello World\n" and write the result
-to standard output:
-
- BIO *bio, *b64;
- char message[] = "Hello World \n";
-
- b64 = BIO_new(BIO_f_base64());
- bio = BIO_new_fp(stdout, BIO_NOCLOSE);
- bio = BIO_push(b64, bio);
- BIO_write(bio, message, strlen(message));
- BIO_flush(bio);
-
- BIO_free_all(bio);
-
-Read Base64 encoded data from standard input and write the decoded
-data to standard output:
-
- BIO *bio, *b64, bio_out;
- char inbuf[512];
- int inlen;
- char message[] = "Hello World \n";
-
- b64 = BIO_new(BIO_f_base64());
- bio = BIO_new_fp(stdin, BIO_NOCLOSE);
- bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
- bio = BIO_push(b64, bio);
- while((inlen = BIO_read(bio, inbuf, strlen(message))) > 0) 
-	BIO_write(bio_out, inbuf, inlen);
-
- BIO_free_all(bio);
-
-=head1 BUGS
-
-The ambiguity of EOF in base64 encoded data can cause additional
-data following the base64 encoded block to be misinterpreted.
-
-There should be some way of specifying a test that the BIO can perform
-to reliably determine EOF (for example a MIME boundary).
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_buffer.pod b/crypto/openssl/doc/crypto/BIO_f_buffer.pod
deleted file mode 100644
index c9093c6a576c..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_buffer.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_buffer - buffering BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD * BIO_f_buffer(void);
-
- #define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
- #define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
- #define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
- #define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
- #define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-=head1 DESCRIPTION
-
-BIO_f_buffer() returns the buffering BIO method.
-
-Data written to a buffering BIO is buffered and periodically written
-to the next BIO in the chain. Data read from a buffering BIO comes from
-an internal buffer which is filled from the next BIO in the chain.
-Both BIO_gets() and BIO_puts() are supported.
-
-Calling BIO_reset() on a buffering BIO clears any buffered data.
-
-BIO_get_buffer_num_lines() returns the number of lines currently buffered.
-
-BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size()
-set the read, write or both read and write buffer sizes to B<size>. The initial
-buffer size is DEFAULT_BUFFER_SIZE, currently 1024. Any attempt to reduce the
-buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared
-when the buffer is resized.
-
-BIO_set_buffer_read_data() clears the read buffer and fills it with B<num>
-bytes of B<buf>. If B<num> is larger than the current buffer size the buffer
-is expanded.
-
-=head1 NOTES
-
-Buffering BIOs implement BIO_gets() by using BIO_read() operations on the
-next BIO in the chain. By prepending a buffering BIO to a chain it is therefore
-possible to provide BIO_gets() functionality if the following BIOs do not
-support it (for example SSL BIOs).
-
-Data is only written to the next BIO in the chain when the write buffer fills
-or when BIO_flush() is called. It is therefore important to call BIO_flush()
-whenever any pending data should be written such as when removing a buffering
-BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate
-source/sink BIO is non blocking.
-
-=head1 RETURN VALUES
-
-BIO_f_buffer() returns the buffering BIO method.
-
-BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).
-
-BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size()
-return 1 if the buffer was successfully resized or 0 for failure.
-
-BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if
-there was an error.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_cipher.pod b/crypto/openssl/doc/crypto/BIO_f_cipher.pod
deleted file mode 100644
index 4182f2c30903..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_cipher.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *	BIO_f_cipher(void);
- void BIO_set_cipher(BIO *b,const EVP_CIPHER *cipher,
-		unsigned char *key, unsigned char *iv, int enc);
- int BIO_get_cipher_status(BIO *b)
- int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)
-
-=head1 DESCRIPTION
-
-BIO_f_cipher() returns the cipher BIO method. This is a filter
-BIO that encrypts any data written through it, and decrypts any data
-read from it. It is a BIO wrapper for the cipher routines
-EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
-
-Cipher BIOs do not support BIO_gets() or BIO_puts(). 
-
-BIO_flush() on an encryption BIO that is being written through is
-used to signal that no more data is to be encrypted: this is used
-to flush and possibly pad the final block through the BIO.
-
-BIO_set_cipher() sets the cipher of BIO <b> to B<cipher> using key B<key>
-and IV B<iv>. B<enc> should be set to 1 for encryption and zero for
-decryption.
-
-When reading from an encryption BIO the final block is automatically
-decrypted and checked when EOF is detected. BIO_get_cipher_status()
-is a BIO_ctrl() macro which can be called to determine whether the
-decryption operation was successful.
-
-BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal
-BIO cipher context. The retrieved context can be used in conjunction
-with the standard cipher routines to set it up. This is useful when
-BIO_set_cipher() is not flexible enough for the applications needs.
-
-=head1 NOTES
-
-When encrypting BIO_flush() B<must> be called to flush the final block
-through the BIO. If it is not then the final block will fail a subsequent
-decrypt.
-
-When decrypting an error on the final block is signalled by a zero
-return value from the read operation. A successful decrypt followed
-by EOF will also return zero for the final read. BIO_get_cipher_status()
-should be called to determine if the decrypt was successful.
-
-As always, if BIO_gets() or BIO_puts() support is needed then it can
-be achieved by preceding the cipher BIO with a buffering BIO.
-
-=head1 RETURN VALUES
-
-BIO_f_cipher() returns the cipher BIO method.
-
-BIO_set_cipher() does not return a value.
-
-BIO_get_cipher_status() returns 1 for a successful decrypt and 0
-for failure.
-
-BIO_get_cipher_ctx() currently always returns 1.
-
-=head1 EXAMPLES
-
-TBA
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_md.pod b/crypto/openssl/doc/crypto/BIO_f_md.pod
deleted file mode 100644
index 0d24083e6db8..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_md.pod
+++ /dev/null
@@ -1,138 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *	BIO_f_md(void);
- int BIO_set_md(BIO *b,EVP_MD *md);
- int BIO_get_md(BIO *b,EVP_MD **mdp);
- int BIO_get_md_ctx(BIO *b,EVP_MD_CTX **mdcp);
-
-=head1 DESCRIPTION
-
-BIO_f_md() returns the message digest BIO method. This is a filter
-BIO that digests any data passed through it, it is a BIO wrapper
-for the digest routines EVP_DigestInit(), EVP_DigestUpdate()
-and EVP_DigestFinal().
-
-Any data written or read through a digest BIO using BIO_read() and
-BIO_write() is digested.
-
-BIO_gets(), if its B<size> parameter is large enough finishes the
-digest calculation and returns the digest value. BIO_puts() is
-not supported.
-
-BIO_reset() reinitialises a digest BIO.
-
-BIO_set_md() sets the message digest of BIO B<b> to B<md>: this
-must be called to initialize a digest BIO before any data is
-passed through it. It is a BIO_ctrl() macro.
-
-BIO_get_md() places the a pointer to the digest BIOs digest method
-in B<mdp>, it is a BIO_ctrl() macro.
-
-BIO_get_md_ctx() returns the digest BIOs context into B<mdcp>.
-
-=head1 NOTES
-
-The context returned by BIO_get_md_ctx() can be used in calls
-to EVP_DigestFinal() and also the signature routines EVP_SignFinal()
-and EVP_VerifyFinal().
-
-The context returned by BIO_get_md_ctx() is an internal context
-structure. Changes made to this context will affect the digest
-BIO itself and the context pointer will become invalid when the digest
-BIO is freed.
-
-After the digest has been retrieved from a digest BIO it must be
-reinitialized by calling BIO_reset(), or BIO_set_md() before any more
-data is passed through it.
-
-If an application needs to call BIO_gets() or BIO_puts() through
-a chain containing digest BIOs then this can be done by prepending
-a buffering BIO.
-
-=head1 RETURN VALUES
-
-BIO_f_md() returns the digest BIO method.
-
-BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and
-0 for failure.
-
-=head1 EXAMPLES
-
-The following example creates a BIO chain containing an SHA1 and MD5
-digest BIO and passes the string "Hello World" through it. Error
-checking has been omitted for clarity.
-
- BIO *bio, *mdtmp;
- char message[] = "Hello World";
- bio = BIO_new(BIO_s_null());
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_sha1());
- /* For BIO_push() we want to append the sink BIO and keep a note of
-  * the start of the chain.
-  */
- bio = BIO_push(mdtmp, bio);
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_md5());
- bio = BIO_push(mdtmp, bio);
- /* Note: mdtmp can now be discarded */
- BIO_write(bio, message, strlen(message));
-
-The next example digests data by reading through a chain instead:
-
- BIO *bio, *mdtmp;
- char buf[1024];
- int rdlen;
- bio = BIO_new_file(file, "rb");
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_sha1());
- bio = BIO_push(mdtmp, bio);
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_md5());
- bio = BIO_push(mdtmp, bio);
- do {
- 	rdlen = BIO_read(bio, buf, sizeof(buf));
-        /* Might want to do something with the data here */
- } while(rdlen > 0);
-
-This next example retrieves the message digests from a BIO chain and
-outputs them. This could be used with the examples above.
-
- BIO *mdtmp;
- unsigned char mdbuf[EVP_MAX_MD_SIZE];
- int mdlen;
- int i;
- mdtmp = bio;	/* Assume bio has previously been set up */
- do {
-	EVP_MD *md;
- 	mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
-        if(!mdtmp) break;
-	BIO_get_md(mdtmp, &md);
-        printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
-	mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
-	for(i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
-	printf("\n");
-	mdtmp = BIO_next(mdtmp);
- } while(mdtmp);
-
- BIO_free_all(bio);
-
-=head1 BUGS
-
-The lack of support for BIO_puts() and the non standard behaviour of
-BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets()
-and BIO_puts() should be passed to the next BIO in the chain and digest
-the data passed through and that digests should be retrieved using a
-separate BIO_ctrl() call.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_null.pod b/crypto/openssl/doc/crypto/BIO_f_null.pod
deleted file mode 100644
index b057c1840832..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_null.pod
+++ /dev/null
@@ -1,32 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_null - null filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *	BIO_f_null(void);
-
-=head1 DESCRIPTION
-
-BIO_f_null() returns the null filter BIO method. This is a filter BIO
-that does nothing.
-
-All requests to a null filter BIO are passed through to the next BIO in
-the chain: this means that a BIO chain containing a null filter BIO
-behaves just as though the BIO was not there.
-
-=head1 NOTES
-
-As may be apparent a null filter BIO is not particularly useful.
-
-=head1 RETURN VALUES
-
-BIO_f_null() returns the null filter BIO method.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_f_ssl.pod b/crypto/openssl/doc/crypto/BIO_f_ssl.pod
deleted file mode 100644
index a56ee2b92f2b..000000000000
--- a/crypto/openssl/doc/crypto/BIO_f_ssl.pod
+++ /dev/null
@@ -1,313 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes,
-BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl,
-BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id,
-BIO_ssl_shutdown - SSL BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/ssl.h>
-
- BIO_METHOD *BIO_f_ssl(void);
-
- #define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
- #define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
- #define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
- #define BIO_set_ssl_renegotiate_bytes(b,num) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
- #define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
- #define BIO_get_num_renegotiates(b) \
-	BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
-
- BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
- BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
- BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
- int BIO_ssl_copy_session_id(BIO *to,BIO *from);
- void BIO_ssl_shutdown(BIO *bio);
-
- #define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-=head1 DESCRIPTION
-
-BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which
-is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to
-SSL I/O. 
-
-I/O performed on an SSL BIO communicates using the SSL protocol with
-the SSLs read and write BIOs. If an SSL connection is not established
-then an attempt is made to establish one on the first I/O call.
-
-If a BIO is appended to an SSL BIO using BIO_push() it is automatically
-used as the SSL BIOs read and write BIOs.
-
-Calling BIO_reset() on an SSL BIO closes down any current SSL connection
-by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in
-the chain: this will typically disconnect the underlying transport.
-The SSL BIO is then reset to the initial accept or connect state.
-
-If the close flag is set when an SSL BIO is freed then the internal
-SSL structure is also freed using SSL_free().
-
-BIO_set_ssl() sets the internal SSL pointer of BIO B<b> to B<ssl> using
-the close flag B<c>.
-
-BIO_get_ssl() retrieves the SSL pointer of BIO B<b>, it can then be
-manipulated using the standard SSL library functions.
-
-BIO_set_ssl_mode() sets the SSL BIO mode to B<client>. If B<client>
-is 1 client mode is set. If B<client> is 0 server mode is set.
-
-BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count
-to B<num>. When set after every B<num> bytes of I/O (read and write) 
-the SSL session is automatically renegotiated. B<num> must be at
-least 512 bytes.
-
-BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to
-B<seconds>. When the renegotiate timeout elapses the session is
-automatically renegotiated.
-
-BIO_get_num_renegotiates() returns the total number of session
-renegotiations due to I/O or timeout.
-
-BIO_new_ssl() allocates an SSL BIO using SSL_CTX B<ctx> and using
-client mode if B<client> is non zero.
-
-BIO_new_ssl_connect() creates a new BIO chain consisting of an
-SSL BIO (using B<ctx>) followed by a connect BIO.
-
-BIO_new_buffer_ssl_connect() creates a new BIO chain consisting
-of a buffering BIO, an SSL BIO (using B<ctx>) and a connect
-BIO.
-
-BIO_ssl_copy_session_id() copies an SSL session id between 
-BIO chains B<from> and B<to>. It does this by locating the
-SSL BIOs in each chain and calling SSL_copy_session_id() on
-the internal SSL pointer.
-
-BIO_ssl_shutdown() closes down an SSL connection on BIO
-chain B<bio>. It does this by locating the SSL BIO in the
-chain and calling SSL_shutdown() on its internal SSL
-pointer.
-
-BIO_do_handshake() attempts to complete an SSL handshake on the
-supplied BIO and establish the SSL connection. It returns 1
-if the connection was established successfully. A zero or negative
-value is returned if the connection could not be established, the
-call BIO_should_retry() should be used for non blocking connect BIOs
-to determine if the call should be retried. If an SSL connection has
-already been established this call has no effect.
-
-=head1 NOTES
-
-SSL BIOs are exceptional in that if the underlying transport
-is non blocking they can still request a retry in exceptional
-circumstances. Specifically this will happen if a session
-renegotiation takes place during a BIO_read() operation, one
-case where this happens is when SGC or step up occurs.
-
-In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be
-set to disable this behaviour. That is when this flag is set
-an SSL BIO using a blocking transport will never request a
-retry.
-
-Since unknown BIO_ctrl() operations are sent through filter
-BIOs the servers name and port can be set using BIO_set_host()
-on the BIO returned by BIO_new_ssl_connect() without having
-to locate the connect BIO first.
-
-Applications do not have to call BIO_do_handshake() but may wish
-to do so to separate the handshake process from other I/O
-processing.
-
-=head1 RETURN VALUES
-
-TBA
-
-=head1 EXAMPLE
-
-This SSL/TLS client example, attempts to retrieve a page from an
-SSL/TLS web server. The I/O routines are identical to those of the
-unencrypted example in L<BIO_s_connect(3)|BIO_s_connect(3)>.
-
- BIO *sbio, *out;
- int len;
- char tmpbuf[1024];
- SSL_CTX *ctx;
- SSL *ssl;
-
- ERR_load_crypto_strings();
- ERR_load_SSL_strings();
- OpenSSL_add_all_algorithms();
-
- /* We would seed the PRNG here if the platform didn't
-  * do it automatically
-  */
-
- ctx = SSL_CTX_new(SSLv23_client_method());
-
- /* We'd normally set some stuff like the verify paths and
-  * mode here because as things stand this will connect to
-  * any server whose certificate is signed by any CA.
-  */
-
- sbio = BIO_new_ssl_connect(ctx);
-
- BIO_get_ssl(sbio, &ssl);
-
- if(!ssl) {
-   fprintf(stderr, "Can't locate SSL pointer\n");
-   /* whatever ... */
- }
-
- /* Don't want any retries */
- SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
-
- /* We might want to do other things with ssl here */
-
- BIO_set_conn_hostname(sbio, "localhost:https");
-
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
- if(BIO_do_connect(sbio) <= 0) {
-	fprintf(stderr, "Error connecting to server\n");
-	ERR_print_errors_fp(stderr);
-	/* whatever ... */
- }
-
- if(BIO_do_handshake(sbio) <= 0) {
-	fprintf(stderr, "Error establishing SSL connection\n");
-	ERR_print_errors_fp(stderr);
-	/* whatever ... */
- }
-
- /* Could examine ssl here to get connection info */
-
- BIO_puts(sbio, "GET / HTTP/1.0\n\n");
- for(;;) {	
-	len = BIO_read(sbio, tmpbuf, 1024);
-	if(len <= 0) break;
-	BIO_write(out, tmpbuf, len);
- }
- BIO_free_all(sbio);
- BIO_free(out);
-
-Here is a simple server example. It makes use of a buffering
-BIO to allow lines to be read from the SSL BIO using BIO_gets.
-It creates a pseudo web page containing the actual request from
-a client and also echoes the request to standard output.
-
- BIO *sbio, *bbio, *acpt, *out;
- int len;
- char tmpbuf[1024];
- SSL_CTX *ctx;
- SSL *ssl;
-
- ERR_load_crypto_strings();
- ERR_load_SSL_strings();
- OpenSSL_add_all_algorithms();
-
- /* Might seed PRNG here */
-
- ctx = SSL_CTX_new(SSLv23_server_method());
-
- if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
-	|| !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM)
-	|| !SSL_CTX_check_private_key(ctx)) {
-
-	fprintf(stderr, "Error setting up SSL_CTX\n");
-	ERR_print_errors_fp(stderr);
-	return 0;
- }
-
- /* Might do other things here like setting verify locations and
-  * DH and/or RSA temporary key callbacks
-  */
-
- /* New SSL BIO setup as server */
- sbio=BIO_new_ssl(ctx,0);
-
- BIO_get_ssl(sbio, &ssl);
-
- if(!ssl) {
-   fprintf(stderr, "Can't locate SSL pointer\n");
-   /* whatever ... */
- }
-
- /* Don't want any retries */
- SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
-
- /* Create the buffering BIO */
-
- bbio = BIO_new(BIO_f_buffer());
-
- /* Add to chain */
- sbio = BIO_push(bbio, sbio);
-
- acpt=BIO_new_accept("4433");
-
- /* By doing this when a new connection is established
-  * we automatically have sbio inserted into it. The
-  * BIO chain is now 'swallowed' by the accept BIO and
-  * will be freed when the accept BIO is freed. 
-  */
- 
- BIO_set_accept_bios(acpt,sbio);
-
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
- /* Setup accept BIO */
- if(BIO_do_accept(acpt) <= 0) {
-	fprintf(stderr, "Error setting up accept BIO\n");
-	ERR_print_errors_fp(stderr);
-	return 0;
- }
-
- /* Now wait for incoming connection */
- if(BIO_do_accept(acpt) <= 0) {
-	fprintf(stderr, "Error in connection\n");
-	ERR_print_errors_fp(stderr);
-	return 0;
- }
-
- /* We only want one connection so remove and free
-  * accept BIO
-  */
-
- sbio = BIO_pop(acpt);
-
- BIO_free_all(acpt);
-
- if(BIO_do_handshake(sbio) <= 0) {
-	fprintf(stderr, "Error in SSL handshake\n");
-	ERR_print_errors_fp(stderr);
-	return 0;
- }
-
- BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/html\r\n\r\n");
- BIO_puts(sbio, "<pre>\r\nConnection Established\r\nRequest headers:\r\n");
- BIO_puts(sbio, "--------------------------------------------------\r\n");
-
- for(;;) {
- 	len = BIO_gets(sbio, tmpbuf, 1024);
-        if(len <= 0) break;
-	BIO_write(sbio, tmpbuf, len);
-	BIO_write(out, tmpbuf, len);
-	/* Look for blank line signifying end of headers*/
-	if((tmpbuf[0] == '\r') || (tmpbuf[0] == '\n')) break;
- }
-
- BIO_puts(sbio, "--------------------------------------------------\r\n");
- BIO_puts(sbio, "</pre>\r\n");
-
- /* Since there is a buffering BIO present we had better flush it */
- BIO_flush(sbio);
-
- BIO_free_all(sbio);
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_find_type.pod b/crypto/openssl/doc/crypto/BIO_find_type.pod
deleted file mode 100644
index bd3b25619617..000000000000
--- a/crypto/openssl/doc/crypto/BIO_find_type.pod
+++ /dev/null
@@ -1,98 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_find_type, BIO_next - BIO chain traversal
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO *	BIO_find_type(BIO *b,int bio_type);
- BIO *	BIO_next(BIO *b);
-
- #define BIO_method_type(b)		((b)->method->type)
-
- #define BIO_TYPE_NONE		0
- #define BIO_TYPE_MEM		(1|0x0400)
- #define BIO_TYPE_FILE		(2|0x0400)
-
- #define BIO_TYPE_FD		(4|0x0400|0x0100)
- #define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
- #define BIO_TYPE_NULL		(6|0x0400)
- #define BIO_TYPE_SSL		(7|0x0200)
- #define BIO_TYPE_MD		(8|0x0200)
- #define BIO_TYPE_BUFFER		(9|0x0200)
- #define BIO_TYPE_CIPHER		(10|0x0200)
- #define BIO_TYPE_BASE64		(11|0x0200)
- #define BIO_TYPE_CONNECT	(12|0x0400|0x0100)
- #define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)
- #define BIO_TYPE_PROXY_CLIENT	(14|0x0200)
- #define BIO_TYPE_PROXY_SERVER	(15|0x0200)
- #define BIO_TYPE_NBIO_TEST	(16|0x0200)
- #define BIO_TYPE_NULL_FILTER	(17|0x0200)
- #define BIO_TYPE_BER		(18|0x0200)
- #define BIO_TYPE_BIO		(19|0x0400)
-
- #define BIO_TYPE_DESCRIPTOR	0x0100
- #define BIO_TYPE_FILTER		0x0200
- #define BIO_TYPE_SOURCE_SINK	0x0400
-
-=head1 DESCRIPTION
-
-The BIO_find_type() searches for a BIO of a given type in a chain, starting
-at BIO B<b>. If B<type> is a specific type (such as BIO_TYPE_MEM) then a search
-is made for a BIO of that type. If B<type> is a general type (such as
-B<BIO_TYPE_SOURCE_SINK>) then the next matching BIO of the given general type is
-searched for. BIO_find_type() returns the next matching BIO or NULL if none is
-found.
-
-Note: not all the B<BIO_TYPE_*> types above have corresponding BIO implementations.
-
-BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs
-in a chain or used in conjunction with BIO_find_type() to find all BIOs of a
-certain type.
-
-BIO_method_type() returns the type of a BIO.
-
-=head1 RETURN VALUES
-
-BIO_find_type() returns a matching BIO or NULL for no match.
-
-BIO_next() returns the next BIO in a chain.
-
-BIO_method_type() returns the type of the BIO B<b>.
-
-=head1 NOTES
-
-BIO_next() was added to OpenSSL 0.9.6 to provide a 'clean' way to traverse a BIO
-chain or find multiple matches using BIO_find_type(). Previous versions had to
-use:
-
- next = bio->next_bio;
-
-=head1 BUGS
-
-BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a
-NULL pointer for the B<b> argument.
-
-=head1 EXAMPLE
-
-Traverse a chain looking for digest BIOs:
-
- BIO *btmp;
- btmp = in_bio;	/* in_bio is chain to search through */
-
- do {
- 	btmp = BIO_find_type(btmp, BIO_TYPE_MD);
-	if(btmp == NULL) break;	/* Not found */
-	/* btmp is a digest BIO, do something with it ...*/
-   	...
-
-	btmp = BIO_next(btmp);
- } while(btmp);
-
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_new.pod b/crypto/openssl/doc/crypto/BIO_new.pod
deleted file mode 100644
index 2a245fc8de83..000000000000
--- a/crypto/openssl/doc/crypto/BIO_new.pod
+++ /dev/null
@@ -1,65 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_new, BIO_set, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO *	BIO_new(BIO_METHOD *type);
- int	BIO_set(BIO *a,BIO_METHOD *type);
- int	BIO_free(BIO *a);
- void	BIO_vfree(BIO *a);
- void	BIO_free_all(BIO *a);
-
-=head1 DESCRIPTION
-
-The BIO_new() function returns a new BIO using method B<type>.
-
-BIO_set() sets the method of an already existing BIO.
-
-BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO
-but it does not return a value. Calling BIO_free() may also have some effect
-on the underlying I/O structure, for example it may close the file being
-referred to under certain circumstances. For more details see the individual
-BIO_METHOD descriptions.
-
-BIO_free_all() frees up an entire BIO chain, it does not halt if an error
-occurs freeing up an individual BIO in the chain.
-
-=head1 RETURN VALUES
-
-BIO_new() returns a newly created BIO or NULL if the call fails.
-
-BIO_set(), BIO_free() return 1 for success and 0 for failure.
-
-BIO_free_all() and BIO_vfree() do not return values.
-
-=head1 NOTES
-
-Some BIOs (such as memory BIOs) can be used immediately after calling
-BIO_new(). Others (such as file BIOs) need some additional initialization,
-and frequently a utility function exists to create and initialize such BIOs.
-
-If BIO_free() is called on a BIO chain it will only free one BIO resulting
-in a memory leak.
-
-Calling BIO_free_all() a single BIO has the same effect as calling BIO_free()
-on it other than the discarded return value.
-
-Normally the B<type> argument is supplied by a function which returns a
-pointer to a BIO_METHOD. There is a naming convention for such functions:
-a source/sink BIO is normally called BIO_s_*() and a filter BIO
-BIO_f_*();
-
-=head1 EXAMPLE
-
-Create a memory BIO:
-
- BIO *mem = BIO_new(BIO_s_mem());
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_new_bio_pair.pod b/crypto/openssl/doc/crypto/BIO_new_bio_pair.pod
deleted file mode 100644
index 2256ba9d3410..000000000000
--- a/crypto/openssl/doc/crypto/BIO_new_bio_pair.pod
+++ /dev/null
@@ -1,102 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_new_bio_pair - create a new BIO pair
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
-
-=head1 DESCRIPTION
-
-BIO_new_bio_pair() creates a buffering BIO pair. It has two endpoints between
-data can be buffered. Its typical use is to connect one endpoint as underlying
-input/output BIO to an SSL and access the other one controlled by the program
-instead of accessing the network connection directly.
-
-The two new BIOs B<bio1> and B<bio2> are symmetric with respect to their
-functionality. The size of their buffers is determined by B<writebuf1> and
-B<writebuf2>. If the size give is 0, the default size is used.
-
-BIO_new_bio_pair() does not check whether B<bio1> or B<bio2> do point to
-some other BIO, the values are overwritten, BIO_free() is not called.
-
-The two BIOs, even though forming a BIO pair and must be BIO_free()'ed
-separately. This can be of importance, as some SSL-functions like SSL_set_bio()
-or SSL_free() call BIO_free() implicitly, so that the peer-BIO is left
-untouched and must also be BIO_free()'ed.
-
-=head1 EXAMPLE
-
-The BIO pair can be used to have full control over the network access of an
-application. The application can call select() on the socket as required
-without having to go through the SSL-interface.
-
- BIO *internal_bio, *network_bio;
- ...
- BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
- SSL_set_bio(ssl, internal_bio);
- SSL_operations();
- ...
-
- application |   TLS-engine
-    |        |
-    +----------> SSL_operations()
-             |     /\    ||
-             |     ||    \/
-             |   BIO-pair (internal_bio)
-    +----------< BIO-pair (network_bio)
-    |        |
-  socket     |
-
-  ...
-  SSL_free(ssl);		/* implicitly frees internal_bio */
-  BIO_free(network_bio);
-  ...
-
-As the BIO pair will only buffer the data and never directly access the
-connection, it behaves non-blocking and will return as soon as the write
-buffer is full or the read buffer is drained. Then the application has to
-flush the write buffer and/or fill the read buffer.
-
-Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO
-and must be transfered to the network. Use BIO_ctrl_get_read_request() to
-find out, how many bytes must be written into the buffer before the
-SSL_operation() can successfully be continued.
-
-=head1 IMPORTANT
-
-As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ
-condition, but there is still data in the write buffer. An application must
-not rely on the error value of SSL_operation() but must assure that the
-write buffer is always flushed first. Otherwise a deadlock may occur as
-the peer might be waiting for the data before being able to continue.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 1
-
-The BIO pair was created successfully. The new BIOs are available in
-B<bio1> and B<bio2>.
-
-=item 0
-
-The operation failed. The NULL pointer is stored into the locations for
-B<bio1> and B<bio2>. Check the error stack for more information.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<BIO_ctrl_pending(3)|BIO_ctrl_pending(3)>,
-L<BIO_ctrl_get_read_request(3)|BIO_ctrl_get_read_request(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BIO_push.pod b/crypto/openssl/doc/crypto/BIO_push.pod
deleted file mode 100644
index 8af1d3c09751..000000000000
--- a/crypto/openssl/doc/crypto/BIO_push.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_push, BIO_pop - add and remove BIOs from a chain.
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO *	BIO_push(BIO *b,BIO *append);
- BIO *	BIO_pop(BIO *b);
-
-=head1 DESCRIPTION
-
-The BIO_push() function appends the BIO B<append> to B<b>, it returns
-B<b>.
-
-BIO_pop() removes the BIO B<b> from a chain and returns the next BIO
-in the chain, or NULL if there is no next BIO. The removed BIO then
-becomes a single BIO with no association with the original chain,
-it can thus be freed or attached to a different chain.
-
-=head1 NOTES
-
-The names of these functions are perhaps a little misleading. BIO_push()
-joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain,
-the deleted BIO does not need to be at the end of a chain.
-
-The process of calling BIO_push() and BIO_pop() on a BIO may have additional
-consequences (a control call is made to the affected BIOs) any effects will
-be noted in the descriptions of individual BIOs.
-
-=head1 EXAMPLES
-
-For these examples suppose B<md1> and B<md2> are digest BIOs, B<b64> is
-a base64 BIO and B<f> is a file BIO.
-
-If the call:
-
- BIO_push(b64, f);
-
-is made then the new chain will be B<b64-chain>. After making the calls
-
- BIO_push(md2, b64);
- BIO_push(md1, md2);
-
-the new chain is B<md1-md2-b64-f>. Data written to B<md1> will be digested
-by B<md1> and B<md2>, B<base64> encoded and written to B<f>.
-
-It should be noted that reading causes data to pass in the reverse
-direction, that is data is read from B<f>, base64 B<decoded> and digested
-by B<md1> and B<md2>. If the call:
-
- BIO_pop(md2);
-
-The call will return B<b64> and the new chain will be B<md1-b64-f> data can
-be written to B<md1> as before.
-
-=head1 RETURN VALUES
-
-BIO_push() returns the end of the chain, B<b>.
-
-BIO_pop() returns the next BIO in the chain, or NULL if there is no next
-BIO.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_read.pod b/crypto/openssl/doc/crypto/BIO_read.pod
deleted file mode 100644
index b34528104ddf..000000000000
--- a/crypto/openssl/doc/crypto/BIO_read.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- int	BIO_read(BIO *b, void *buf, int len);
- int	BIO_gets(BIO *b,char *buf, int size);
- int	BIO_write(BIO *b, const void *buf, int len);
- int	BIO_puts(BIO *b,const char *buf);
-
-=head1 DESCRIPTION
-
-BIO_read() attempts to read B<len> bytes from BIO B<b> and places
-the data in B<buf>.
-
-BIO_gets() performs the BIOs "gets" operation and places the data
-in B<buf>. Usually this operation will attempt to read a line of data
-from the BIO of maximum length B<len>. There are exceptions to this
-however, for example BIO_gets() on a digest BIO will calculate and
-return the digest and other BIOs may not support BIO_gets() at all.
-
-BIO_write() attempts to write B<len> bytes from B<buf> to BIO B<b>.
-
-BIO_puts() attempts to write a null terminated string B<buf> to BIO B<b>
-
-=head1 RETURN VALUES
-
-All these functions return either the amount of data successfully read or
-written (if the return value is positive) or that no data was successfully
-read or written if the result is 0 or -1. If the return value is -2 then
-the operation is not implemented in the specific BIO type.
-
-=head1 NOTES
-
-A 0 or -1 return is not necessarily an indication of an error. In
-particular when the source/sink is non-blocking or of a certain type
-it may merely be an indication that no data is currently available and that
-the application should retry the operation later.
-
-One technique sometimes used with blocking sockets is to use a system call
-(such as select(), poll() or equivalent) to determine when data is available
-and then call read() to read the data. The equivalent with BIOs (that is call
-select() on the underlying I/O structure and then call BIO_read() to
-read the data) should B<not> be used because a single call to BIO_read()
-can cause several reads (and writes in the case of SSL BIOs) on the underlying
-I/O structure and may block as a result. Instead select() (or equivalent)
-should be combined with non blocking I/O so successive reads will request
-a retry instead of blocking.
-
-See L<BIO_should_retry(3)|BIO_should_retry(3)> for details of how to
-determine the cause of a retry and other I/O issues.
-
-If the BIO_gets() function is not supported by a BIO then it possible to
-work around this by adding a buffering BIO L<BIO_f_buffer(3)|BIO_f_buffer(3)>
-to the chain.
-
-=head1 SEE ALSO
-
-L<BIO_should_retry(3)|BIO_should_retry(3)>
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_s_accept.pod b/crypto/openssl/doc/crypto/BIO_s_accept.pod
deleted file mode 100644
index 7b63e4621b66..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_accept.pod
+++ /dev/null
@@ -1,195 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_accept, BIO_set_accept_port, BIO_get_accept_port,
-BIO_set_nbio_accept, BIO_set_accept_bios, BIO_set_bind_mode,
-BIO_get_bind_mode, BIO_do_accept - accept BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *BIO_s_accept(void);
-
- long BIO_set_accept_port(BIO *b, char *name);
- char *BIO_get_accept_port(BIO *b);
-
- BIO *BIO_new_accept(char *host_port);
-
- long BIO_set_nbio_accept(BIO *b, int n);
- long BIO_set_accept_bios(BIO *b, char *bio);
-
- long BIO_set_bind_mode(BIO *b, long mode);
- long BIO_get_bind_mode(BIO *b, long dummy);
-
- #define BIO_BIND_NORMAL		0
- #define BIO_BIND_REUSEADDR_IF_UNUSED	1
- #define BIO_BIND_REUSEADDR		2
-
- int BIO_do_accept(BIO *b);
-
-=head1 DESCRIPTION
-
-BIO_s_accept() returns the accept BIO method. This is a wrapper
-round the platform's TCP/IP socket accept routines.
-
-Using accept BIOs, TCP/IP connections can be accepted and data
-transferred using only BIO routines. In this way any platform
-specific operations are hidden by the BIO abstraction.
-
-Read and write operations on an accept BIO will perform I/O
-on the underlying connection. If no connection is established
-and the port (see below) is set up properly then the BIO
-waits for an incoming connection.
-
-Accept BIOs support BIO_puts() but not BIO_gets().
-
-If the close flag is set on an accept BIO then any active
-connection on that chain is shutdown and the socket closed when
-the BIO is freed.
-
-Calling BIO_reset() on a accept BIO will close any active
-connection and reset the BIO into a state where it awaits another
-incoming connection.
-
-BIO_get_fd() and BIO_set_fd() can be called to retrieve or set
-the accept socket. See L<BIO_s_fd(3)|BIO_s_fd(3)>
-
-BIO_set_accept_port() uses the string B<name> to set the accept
-port. The port is represented as a string of the form "host:port",
-where "host" is the interface to use and "port" is the port.
-Either or both values can be "*" which is interpreted as meaning
-any interface or port respectively. "port" has the same syntax
-as the port specified in BIO_set_conn_port() for connect BIOs,
-that is it can be a numerical port string or a string to lookup
-using getservbyname() and a string table.
-
-BIO_new_accept() combines BIO_new() and BIO_set_accept_port() into
-a single call: that is it creates a new accept BIO with port
-B<host_port>.
-
-BIO_set_nbio_accept() sets the accept socket to blocking mode
-(the default) if B<n> is 0 or non blocking mode if B<n> is 1.
-
-BIO_set_accept_bios() can be used to set a chain of BIOs which
-will be duplicated and prepended to the chain when an incoming
-connection is received. This is useful if, for example, a 
-buffering or SSL BIO is required for each connection. The
-chain of BIOs must not be freed after this call, they will
-be automatically freed when the accept BIO is freed.
-
-BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve
-the current bind mode. If BIO_BIND_NORMAL (the default) is set
-then another socket cannot be bound to the same port. If
-BIO_BIND_REUSEADDR is set then other sockets can bind to the
-same port. If BIO_BIND_REUSEADDR_IF_UNUSED is set then and
-attempt is first made to use BIO_BIN_NORMAL, if this fails
-and the port is not in use then a second attempt is made
-using BIO_BIND_REUSEADDR.
-
-BIO_do_accept() serves two functions. When it is first
-called, after the accept BIO has been setup, it will attempt
-to create the accept socket and bind an address to it. Second
-and subsequent calls to BIO_do_accept() will await an incoming
-connection, or request a retry in non blocking mode.
-
-=head1 NOTES
-
-When an accept BIO is at the end of a chain it will await an
-incoming connection before processing I/O calls. When an accept
-BIO is not at then end of a chain it passes I/O calls to the next
-BIO in the chain.
-
-When a connection is established a new socket BIO is created for
-the connection and appended to the chain. That is the chain is now
-accept->socket. This effectively means that attempting I/O on
-an initial accept socket will await an incoming connection then
-perform I/O on it.
-
-If any additional BIOs have been set using BIO_set_accept_bios()
-then they are placed between the socket and the accept BIO,
-that is the chain will be accept->otherbios->socket.
-
-If a server wishes to process multiple connections (as is normally
-the case) then the accept BIO must be made available for further
-incoming connections. This can be done by waiting for a connection and
-then calling:
-
- connection = BIO_pop(accept);
-
-After this call B<connection> will contain a BIO for the recently
-established connection and B<accept> will now be a single BIO
-again which can be used to await further incoming connections.
-If no further connections will be accepted the B<accept> can
-be freed using BIO_free().
-
-If only a single connection will be processed it is possible to
-perform I/O using the accept BIO itself. This is often undesirable
-however because the accept BIO will still accept additional incoming
-connections. This can be resolved by using BIO_pop() (see above)
-and freeing up the accept BIO after the initial connection.
-
-If the underlying accept socket is non-blocking and BIO_do_accept() is
-called to await an incoming connection it is possible for
-BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens
-then it is an indication that an accept attempt would block: the application
-should take appropriate action to wait until the underlying socket has
-accepted a connection and retry the call.
-
-BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(),
-BIO_set_accept_bios(), BIO_set_bind_mode(), BIO_get_bind_mode() and
-BIO_do_accept() are macros.
-
-=head1 RETURN VALUES
-
-TBA
-
-=head1 EXAMPLE
-
-This example accepts two connections on port 4444, sends messages
-down each and finally closes both down.
-
- BIO *abio, *cbio, *cbio2;
- ERR_load_crypto_strings();
- abio = BIO_new_accept("4444");
-
- /* First call to BIO_accept() sets up accept BIO */
- if(BIO_do_accept(abio) <= 0) {
-	fprintf(stderr, "Error setting up accept\n");
-	ERR_print_errors_fp(stderr);
-	exit(0);		
- }
-
- /* Wait for incoming connection */
- if(BIO_do_accept(abio) <= 0) {
-	fprintf(stderr, "Error accepting connection\n");
-	ERR_print_errors_fp(stderr);
-	exit(0);		
- }
- fprintf(stderr, "Connection 1 established\n");
- /* Retrieve BIO for connection */
- cbio = BIO_pop(abio);
- BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\n");
- fprintf(stderr, "Sent out data on connection 1\n");
- /* Wait for another connection */
- if(BIO_do_accept(abio) <= 0) {
-	fprintf(stderr, "Error accepting connection\n");
-	ERR_print_errors_fp(stderr);
-	exit(0);		
- }
- fprintf(stderr, "Connection 2 established\n");
- /* Close accept BIO to refuse further connections */
- cbio2 = BIO_pop(abio);
- BIO_free(abio);
- BIO_puts(cbio2, "Connection 2: Sending out Data on second\n");
- fprintf(stderr, "Sent out data on connection 2\n");
-
- BIO_puts(cbio, "Connection 1: Second connection established\n");
- /* Close the two established connections */
- BIO_free(cbio);
- BIO_free(cbio2);
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_s_bio.pod b/crypto/openssl/doc/crypto/BIO_s_bio.pod
deleted file mode 100644
index 8d0a55a025c7..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_bio.pod
+++ /dev/null
@@ -1,182 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, 
-BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
-BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
-BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *BIO_s_bio(void);
-
- #define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
- #define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-
- #define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-
- #define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
- #define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-
- int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
-
- #define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
- size_t BIO_ctrl_get_write_guarantee(BIO *b);
-
- #define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
- size_t BIO_ctrl_get_read_request(BIO *b);
-
- int BIO_ctrl_reset_read_request(BIO *b);
-
-=head1 DESCRIPTION
-
-BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink
-BIOs where data written to either half of the pair is buffered and can be read from
-the other half. Both halves must usually by handled by the same application thread
-since no locking is done on the internal data structures.
-
-Since BIO chains typically end in a source/sink BIO it is possible to make this
-one half of a BIO pair and have all the data processed by the chain under application
-control.
-
-One typical use of BIO pairs is to place TLS/SSL I/O under application control, this
-can be used when the application wishes to use a non standard transport for
-TLS/SSL or the normal socket routines are inappropriate.
-
-Calls to BIO_read() will read data from the buffer or request a retry if no
-data is available.
-
-Calls to BIO_write() will place data in the buffer or request a retry if the
-buffer is full.
-
-The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to
-determine the amount of pending data in the read or write buffer.
-
-BIO_reset() clears any data in the write buffer.
-
-BIO_make_bio_pair() joins two separate BIOs into a connected pair.
-
-BIO_destroy_pair() destroys the association between two connected BIOs. Freeing
-up any half of the pair will automatically destroy the association.
-
-BIO_shutdown_wr() is used to close down a BIO B<b>. After this call no further
-writes on BIO B<b> are allowed (they will return an error). Reads on the other
-half of the pair will return any pending data or EOF when all pending data has
-been read. 
-
-BIO_set_write_buf_size() sets the write buffer size of BIO B<b> to B<size>.
-If the size is not initialized a default value is used. This is currently
-17K, sufficient for a maximum size TLS record.
-
-BIO_get_write_buf_size() returns the size of the write buffer.
-
-BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and
-BIO_set_write_buf_size() to create a connected pair of BIOs B<bio1>, B<bio2>
-with write buffer sizes B<writebuf1> and B<writebuf2>. If either size is
-zero then the default size is used.  BIO_new_bio_pair() does not check whether
-B<bio1> or B<bio2> do point to some other BIO, the values are overwritten,
-BIO_free() is not called.
-
-BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum
-length of data that can be currently written to the BIO. Writes larger than this
-value will return a value from BIO_write() less than the amount requested or if the
-buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function
-whereas BIO_get_write_guarantee() is a macro.
-
-BIO_get_read_request() and BIO_ctrl_get_read_request() return the
-amount of data requested, or the buffer size if it is less, if the
-last read attempt at the other half of the BIO pair failed due to an
-empty buffer.  This can be used to determine how much data should be
-written to the BIO so the next read will succeed: this is most useful
-in TLS/SSL applications where the amount of data read is usually
-meaningful rather than just a buffer size. After a successful read
-this call will return zero.  It also will return zero once new data
-has been written satisfying the read request or part of it.
-Note that BIO_get_read_request() never returns an amount larger
-than that returned by BIO_get_write_guarantee().
-
-BIO_ctrl_reset_read_request() can also be used to reset the value returned by
-BIO_get_read_request() to zero.
-
-=head1 NOTES
-
-Both halves of a BIO pair should be freed. That is even if one half is implicit
-freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.
-
-When used in bidirectional applications (such as TLS/SSL) care should be taken to
-flush any data in the write buffer. This can be done by calling BIO_pending()
-on the other half of the pair and, if any data is pending, reading it and sending
-it to the underlying transport. This must be done before any normal processing
-(such as calling select() ) due to a request and BIO_should_read() being true.
-
-To see why this is important consider a case where a request is sent using
-BIO_write() and a response read with BIO_read(), this can occur during an
-TLS/SSL handshake for example. BIO_write() will succeed and place data in the write
-buffer. BIO_read() will initially fail and BIO_should_read() will be true. If
-the application then waits for data to be available on the underlying transport
-before flushing the write buffer it will never succeed because the request was
-never sent!
-
-=head1 RETURN VALUES
-
-BIO_new_bio_pair() returns 1 on success, with the new BIOs available in
-B<bio1> and B<bio2>, or 0 on failure, with NULL pointers stored into the
-locations for B<bio1> and B<bio2>. Check the error stack for more information.
-
-[XXXXX: More return values need to be added here]
-
-=head1 EXAMPLE
-
-The BIO pair can be used to have full control over the network access of an
-application. The application can call select() on the socket as required
-without having to go through the SSL-interface.
-
- BIO *internal_bio, *network_bio;
- ...
- BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
- SSL_set_bio(ssl, internal_bio, internal_bio);
- SSL_operations();
- ...
-
- application |   TLS-engine
-    |        |
-    +----------> SSL_operations()
-             |     /\    ||
-             |     ||    \/
-             |   BIO-pair (internal_bio)
-    +----------< BIO-pair (network_bio)
-    |        |
-  socket     |
-
-  ...
-  SSL_free(ssl);		/* implicitly frees internal_bio */
-  BIO_free(network_bio);
-  ...
-
-As the BIO pair will only buffer the data and never directly access the
-connection, it behaves non-blocking and will return as soon as the write
-buffer is full or the read buffer is drained. Then the application has to
-flush the write buffer and/or fill the read buffer.
-
-Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO
-and must be transfered to the network. Use BIO_ctrl_get_read_request() to
-find out, how many bytes must be written into the buffer before the
-SSL_operation() can successfully be continued.
-
-=head1 WARNING
-
-As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ
-condition, but there is still data in the write buffer. An application must
-not rely on the error value of SSL_operation() but must assure that the
-write buffer is always flushed first. Otherwise a deadlock may occur as
-the peer might be waiting for the data before being able to continue.
-
-=head1 SEE ALSO
-
-L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<BIO_should_retry(3)|BIO_should_retry(3)>, L<BIO_read(3)|BIO_read(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BIO_s_connect.pod b/crypto/openssl/doc/crypto/BIO_s_connect.pod
deleted file mode 100644
index bcf7d8dcac7d..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_connect.pod
+++ /dev/null
@@ -1,192 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_connect, BIO_set_conn_hostname, BIO_set_conn_port,
-BIO_set_conn_ip, BIO_set_conn_int_port, BIO_get_conn_hostname,
-BIO_get_conn_port, BIO_get_conn_ip, BIO_get_conn_int_port,
-BIO_set_nbio, BIO_do_connect - connect BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD * BIO_s_connect(void);
-
- BIO *BIO_new_connect(char *name);
-
- long BIO_set_conn_hostname(BIO *b, char *name);
- long BIO_set_conn_port(BIO *b, char *port);
- long BIO_set_conn_ip(BIO *b, char *ip);
- long BIO_set_conn_int_port(BIO *b, char *port);
- char *BIO_get_conn_hostname(BIO *b);
- char *BIO_get_conn_port(BIO *b);
- char *BIO_get_conn_ip(BIO *b, dummy);
- long BIO_get_conn_int_port(BIO *b, int port);
-
- long BIO_set_nbio(BIO *b, long n);
-
- int BIO_do_connect(BIO *b);
-
-=head1 DESCRIPTION
-
-BIO_s_connect() returns the connect BIO method. This is a wrapper
-round the platform's TCP/IP socket connection routines.
-
-Using connect BIOs, TCP/IP connections can be made and data
-transferred using only BIO routines. In this way any platform
-specific operations are hidden by the BIO abstraction.
-
-Read and write operations on a connect BIO will perform I/O
-on the underlying connection. If no connection is established
-and the port and hostname (see below) is set up properly then
-a connection is established first.
-
-Connect BIOs support BIO_puts() but not BIO_gets().
-
-If the close flag is set on a connect BIO then any active
-connection is shutdown and the socket closed when the BIO
-is freed.
-
-Calling BIO_reset() on a connect BIO will close any active
-connection and reset the BIO into a state where it can connect
-to the same host again.
-
-BIO_get_fd() places the underlying socket in B<c> if it is not NULL,
-it also returns the socket . If B<c> is not NULL it should be of
-type (int *).
-
-BIO_set_conn_hostname() uses the string B<name> to set the hostname.
-The hostname can be an IP address. The hostname can also include the
-port in the form hostname:port . It is also acceptable to use the
-form "hostname/any/other/path" or "hostname:port/any/other/path".
-
-BIO_set_conn_port() sets the port to B<port>. B<port> can be the
-numerical form or a string such as "http". A string will be looked
-up first using getservbyname() on the host platform but if that
-fails a standard table of port names will be used. Currently the
-list is http, telnet, socks, https, ssl, ftp, gopher and wais.
-
-BIO_set_conn_ip() sets the IP address to B<ip> using binary form,
-that is four bytes specifying the IP address in big-endian form.
-
-BIO_set_conn_int_port() sets the port using B<port>. B<port> should
-be of type (int *).
-
-BIO_get_conn_hostname() returns the hostname of the connect BIO or
-NULL if the BIO is initialized but no hostname is set.
-This return value is an internal pointer which should not be modified.
-
-BIO_get_conn_port() returns the port as a string.
-
-BIO_get_conn_ip() returns the IP address in binary form.
-
-BIO_get_conn_int_port() returns the port as an int.
-
-BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
-zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
-is set. Blocking I/O is the default. The call to BIO_set_nbio()
-should be made before the connection is established because 
-non blocking I/O is set during the connect process.
-
-BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
-a single call: that is it creates a new connect BIO with B<name>.
-
-BIO_do_connect() attempts to connect the supplied BIO. It returns 1
-if the connection was established successfully. A zero or negative
-value is returned if the connection could not be established, the
-call BIO_should_retry() should be used for non blocking connect BIOs
-to determine if the call should be retried.
-
-=head1 NOTES
-
-If blocking I/O is set then a non positive return value from any
-I/O call is caused by an error condition, although a zero return
-will normally mean that the connection was closed.
-
-If the port name is supplied as part of the host name then this will
-override any value set with BIO_set_conn_port(). This may be undesirable
-if the application does not wish to allow connection to arbitrary
-ports. This can be avoided by checking for the presence of the ':'
-character in the passed hostname and either indicating an error or
-truncating the string at that point.
-
-The values returned by BIO_get_conn_hostname(), BIO_get_conn_port(),
-BIO_get_conn_ip() and BIO_get_conn_int_port() are updated when a
-connection attempt is made. Before any connection attempt the values
-returned are those set by the application itself.
-
-Applications do not have to call BIO_do_connect() but may wish to do
-so to separate the connection process from other I/O processing.
-
-If non blocking I/O is set then retries will be requested as appropriate.
-
-It addition to BIO_should_read() and BIO_should_write() it is also
-possible for BIO_should_io_special() to be true during the initial
-connection process with the reason BIO_RR_CONNECT. If this is returned
-then this is an indication that a connection attempt would block,
-the application should then take appropriate action to wait until
-the underlying socket has connected and retry the call.
-
-BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip(),
-BIO_set_conn_int_port(), BIO_get_conn_hostname(), BIO_get_conn_port(),
-BIO_get_conn_ip(), BIO_get_conn_int_port(), BIO_set_nbio() and
-BIO_do_connect() are macros.
-
-=head1 RETURN VALUES
-
-BIO_s_connect() returns the connect BIO method.
-
-BIO_get_fd() returns the socket or -1 if the BIO has not
-been initialized.
-
-BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip() and
-BIO_set_conn_int_port() always return 1.
-
-BIO_get_conn_hostname() returns the connected hostname or NULL is
-none was set.
-
-BIO_get_conn_port() returns a string representing the connected
-port or NULL if not set.
-
-BIO_get_conn_ip() returns a pointer to the connected IP address in
-binary form or all zeros if not set.
-
-BIO_get_conn_int_port() returns the connected port or 0 if none was
-set.
-
-BIO_set_nbio() always returns 1.
-
-BIO_do_connect() returns 1 if the connection was successfully
-established and 0 or -1 if the connection failed.
-
-=head1 EXAMPLE
-
-This is example connects to a webserver on the local host and attempts
-to retrieve a page and copy the result to standard output.
-
-
- BIO *cbio, *out;
- int len;
- char tmpbuf[1024];
- ERR_load_crypto_strings();
- cbio = BIO_new_connect("localhost:http");
- out = BIO_new_fp(stdout, BIO_NOCLOSE);
- if(BIO_do_connect(cbio) <= 0) {
-	fprintf(stderr, "Error connecting to server\n");
-	ERR_print_errors_fp(stderr);
-	/* whatever ... */
-	}
- BIO_puts(cbio, "GET / HTTP/1.0\n\n");
- for(;;) {	
-	len = BIO_read(cbio, tmpbuf, 1024);
-	if(len <= 0) break;
-	BIO_write(out, tmpbuf, len);
- }
- BIO_free(cbio);
- BIO_free(out);
-
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_s_fd.pod b/crypto/openssl/doc/crypto/BIO_s_fd.pod
deleted file mode 100644
index b1de1d101549..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_fd.pod
+++ /dev/null
@@ -1,89 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *	BIO_s_fd(void);
-
- #define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
- #define BIO_get_fd(b,c)	BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
- BIO *BIO_new_fd(int fd, int close_flag);
-
-=head1 DESCRIPTION
-
-BIO_s_fd() returns the file descriptor BIO method. This is a wrapper
-round the platforms file descriptor routines such as read() and write().
-
-BIO_read() and BIO_write() read or write the underlying descriptor.
-BIO_puts() is supported but BIO_gets() is not.
-
-If the close flag is set then then close() is called on the underlying
-file descriptor when the BIO is freed.
-
-BIO_reset() attempts to change the file pointer to the start of file
-using lseek(fd, 0, 0).
-
-BIO_seek() sets the file pointer to position B<ofs> from start of file
-using lseek(fd, ofs, 0).
-
-BIO_tell() returns the current file position by calling lseek(fd, 0, 1).
-
-BIO_set_fd() sets the file descriptor of BIO B<b> to B<fd> and the close
-flag to B<c>.
-
-BIO_get_fd() places the file descriptor in B<c> if it is not NULL, it also
-returns the file descriptor. If B<c> is not NULL it should be of type
-(int *).
-
-BIO_new_fd() returns a file descriptor BIO using B<fd> and B<close_flag>.
-
-=head1 NOTES
-
-The behaviour of BIO_read() and BIO_write() depends on the behavior of the
-platforms read() and write() calls on the descriptor. If the underlying 
-file descriptor is in a non blocking mode then the BIO will behave in the
-manner described in the L<BIO_read(3)|BIO_read(3)> and L<BIO_should_retry(3)|BIO_should_retry(3)>
-manual pages.
-
-File descriptor BIOs should not be used for socket I/O. Use socket BIOs
-instead.
-
-=head1 RETURN VALUES
-
-BIO_s_fd() returns the file descriptor BIO method.
-
-BIO_reset() returns zero for success and -1 if an error occurred.
-BIO_seek() and BIO_tell() return the current file position or -1
-is an error occurred. These values reflect the underlying lseek()
-behaviour.
-
-BIO_set_fd() always returns 1.
-
-BIO_get_fd() returns the file descriptor or -1 if the BIO has not
-been initialized.
-
-BIO_new_fd() returns the newly allocated BIO or NULL is an error
-occurred.
-
-=head1 EXAMPLE
-
-This is a file descriptor BIO version of "Hello World":
-
- BIO *out;
- out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
- BIO_printf(out, "Hello World\n");
- BIO_free(out);
-
-=head1 SEE ALSO
-
-L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
-L<BIO_reset(3)|BIO_reset(3)>, L<BIO_read(3)|BIO_read(3)>,
-L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
-L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
-L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
diff --git a/crypto/openssl/doc/crypto/BIO_s_file.pod b/crypto/openssl/doc/crypto/BIO_s_file.pod
deleted file mode 100644
index b2a29263f4cd..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_file.pod
+++ /dev/null
@@ -1,144 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp,
-BIO_read_filename, BIO_write_filename, BIO_append_filename,
-BIO_rw_filename - FILE bio
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *	BIO_s_file(void);
- BIO *BIO_new_file(const char *filename, const char *mode);
- BIO *BIO_new_fp(FILE *stream, int flags);
-
- BIO_set_fp(BIO *b,FILE *fp, int flags);
- BIO_get_fp(BIO *b,FILE **fpp);
-
- int BIO_read_filename(BIO *b, char *name)
- int BIO_write_filename(BIO *b, char *name)
- int BIO_append_filename(BIO *b, char *name)
- int BIO_rw_filename(BIO *b, char *name)
-
-=head1 DESCRIPTION
-
-BIO_s_file() returns the BIO file method. As its name implies it
-is a wrapper round the stdio FILE structure and it is a
-source/sink BIO.
-
-Calls to BIO_read() and BIO_write() read and write data to the
-underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.
-
-BIO_flush() on a file BIO calls the fflush() function on the wrapped
-stream.
-
-BIO_reset() attempts to change the file pointer to the start of file
-using fseek(stream, 0, 0).
-
-BIO_seek() sets the file pointer to position B<ofs> from start of file
-using fseek(stream, ofs, 0).
-
-BIO_eof() calls feof().
-
-Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO
-is freed.
-
-BIO_new_file() creates a new file BIO with mode B<mode> the meaning
-of B<mode> is the same as the stdio function fopen(). The BIO_CLOSE
-flag is set on the returned BIO.
-
-BIO_new_fp() creates a file BIO wrapping B<stream>. Flags can be:
-BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying
-stream to text mode, default is binary: this only has any effect under
-Win32).
-
-BIO_set_fp() set the fp of a file BIO to B<fp>. B<flags> has the same
-meaning as in BIO_new_fp(), it is a macro.
-
-BIO_get_fp() retrieves the fp of a file BIO, it is a macro.
-
-BIO_seek() is a macro that sets the position pointer to B<offset> bytes
-from the start of file.
-
-BIO_tell() returns the value of the position pointer.
-
-BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and
-BIO_rw_filename() set the file BIO B<b> to use file B<name> for
-reading, writing, append or read write respectively.
-
-=head1 NOTES
-
-When wrapping stdout, stdin or stderr the underlying stream should not
-normally be closed so the BIO_NOCLOSE flag should be set.
-
-Because the file BIO calls the underlying stdio functions any quirks
-in stdio behaviour will be mirrored by the corresponding BIO.
-
-=head1 EXAMPLES
-
-File BIO "hello world":
-
- BIO *bio_out;
- bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
- BIO_printf(bio_out, "Hello World\n");
-
-Alternative technique:
-
- BIO *bio_out;
- bio_out = BIO_new(BIO_s_file());
- if(bio_out == NULL) /* Error ... */
- if(!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */
- BIO_printf(bio_out, "Hello World\n");
-
-Write to a file:
-
- BIO *out;
- out = BIO_new_file("filename.txt", "w");
- if(!out) /* Error occurred */
- BIO_printf(out, "Hello World\n");
- BIO_free(out);
-
-Alternative technique:
-
- BIO *out;
- out = BIO_new(BIO_s_file());
- if(out == NULL) /* Error ... */
- if(!BIO_write_filename(out, "filename.txt")) /* Error ... */
- BIO_printf(out, "Hello World\n");
- BIO_free(out);
-
-=head1 RETURN VALUES
-
-BIO_s_file() returns the file BIO method.
-
-BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error
-occurred.
-
-BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure
-(although the current implementation never return 0).
-
-BIO_seek() returns the same value as the underlying fseek() function:
-0 for success or -1 for failure.
-
-BIO_tell() returns the current file position.
-
-BIO_read_filename(), BIO_write_filename(),  BIO_append_filename() and
-BIO_rw_filename() return 1 for success or 0 for failure.
-
-=head1 BUGS
-
-BIO_reset() and BIO_seek() are implemented using fseek() on the underlying
-stream. The return value for fseek() is 0 for success or -1 if an error
-occurred this differs from other types of BIO which will typically return
-1 for success and a non positive value if an error occurred.
-
-=head1 SEE ALSO
-
-L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
-L<BIO_reset(3)|BIO_reset(3)>, L<BIO_flush(3)|BIO_flush(3)>,
-L<BIO_read(3)|BIO_read(3)>,
-L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
-L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
-L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
diff --git a/crypto/openssl/doc/crypto/BIO_s_mem.pod b/crypto/openssl/doc/crypto/BIO_s_mem.pod
deleted file mode 100644
index 19648acfae0f..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_mem.pod
+++ /dev/null
@@ -1,115 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf,
-BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *	BIO_s_mem(void);
-
- BIO_set_mem_eof_return(BIO *b,int v)
- long BIO_get_mem_data(BIO *b, char **pp)
- BIO_set_mem_buf(BIO *b,BUF_MEM *bm,int c)
- BIO_get_mem_ptr(BIO *b,BUF_MEM **pp)
-
- BIO *BIO_new_mem_buf(void *buf, int len);
-
-=head1 DESCRIPTION
-
-BIO_s_mem() return the memory BIO method function. 
-
-A memory BIO is a source/sink BIO which uses memory for its I/O. Data
-written to a memory BIO is stored in a BUF_MEM structure which is extended
-as appropriate to accommodate the stored data.
-
-Any data written to a memory BIO can be recalled by reading from it.
-Unless the memory BIO is read only any data read from it is deleted from
-the BIO.
-
-Memory BIOs support BIO_gets() and BIO_puts().
-
-If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying
-BUF_MEM structure is also freed.
-
-Calling BIO_reset() on a read write memory BIO clears any data in it. On a
-read only BIO it restores the BIO to its original state and the read only
-data can be read again.
-
-BIO_eof() is true if no data is in the BIO.
-
-BIO_ctrl_pending() returns the number of bytes currently stored.
-
-BIO_set_mem_eof_return() sets the behaviour of memory BIO B<b> when it is
-empty. If the B<v> is zero then an empty memory BIO will return EOF (that is
-it will return zero and BIO_should_retry(b) will be false. If B<v> is non
-zero then it will return B<v> when it is empty and it will set the read retry
-flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal
-positive return value B<v> should be set to a negative value, typically -1.
-
-BIO_get_mem_data() sets B<pp> to a pointer to the start of the memory BIOs data
-and returns the total amount of data available. It is implemented as a macro.
-
-BIO_set_mem_buf() sets the internal BUF_MEM structure to B<bm> and sets the
-close flag to B<c>, that is B<c> should be either BIO_CLOSE or BIO_NOCLOSE.
-It is a macro.
-
-BIO_get_mem_ptr() places the underlying BUF_MEM structure in B<pp>. It is
-a macro.
-
-BIO_new_mem_buf() creates a memory BIO using B<len> bytes of data at B<buf>,
-if B<len> is -1 then the B<buf> is assumed to be null terminated and its
-length is determined by B<strlen>. The BIO is set to a read only state and
-as a result cannot be written to. This is useful when some data needs to be
-made available from a static area of memory in the form of a BIO. The
-supplied data is read directly from the supplied buffer: it is B<not> copied
-first, so the supplied area of memory must be unchanged until the BIO is freed.
-
-=head1 NOTES
-
-Writes to memory BIOs will always succeed if memory is available: that is
-their size can grow indefinitely.
-
-Every read from a read write memory BIO will remove the data just read with
-an internal copy operation, if a BIO contains a lots of data and it is
-read in small chunks the operation can be very slow. The use of a read only
-memory BIO avoids this problem. If the BIO must be read write then adding
-a buffering BIO to the chain will speed up the process.
-
-=head1 BUGS
-
-There should be an option to set the maximum size of a memory BIO.
-
-There should be a way to "rewind" a read write BIO without destroying
-its contents.
-
-The copying operation should not occur after every small read of a large BIO
-to improve efficiency.
-
-=head1 EXAMPLE
-
-Create a memory BIO and write some data to it:
-
- BIO *mem = BIO_new(BIO_s_mem());
- BIO_puts(mem, "Hello World\n"); 
-
-Create a read only memory BIO:
-
- char data[] = "Hello World";
- BIO *mem;
- mem = BIO_new_mem_buf(data, -1);
-
-Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
-
- BUF_MEM *bptr;
- BIO_get_mem_ptr(mem, &bptr);
- BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
- BIO_free(mem);
- 
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_s_null.pod b/crypto/openssl/doc/crypto/BIO_s_null.pod
deleted file mode 100644
index e5514f723898..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_null.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_null - null data sink
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *	BIO_s_null(void);
-
-=head1 DESCRIPTION
-
-BIO_s_null() returns the null sink BIO method. Data written to
-the null sink is discarded, reads return EOF.
-
-=head1 NOTES
-
-A null sink BIO behaves in a similar manner to the Unix /dev/null
-device.
-
-A null bio can be placed on the end of a chain to discard any data
-passed through it.
-
-A null sink is useful if, for example, an application wishes to digest some
-data by writing through a digest bio but not send the digested data anywhere.
-Since a BIO chain must normally include a source/sink BIO this can be achieved
-by adding a null sink BIO to the end of the chain
-
-=head1 RETURN VALUES
-
-BIO_s_null() returns the null sink BIO method.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_s_socket.pod b/crypto/openssl/doc/crypto/BIO_s_socket.pod
deleted file mode 100644
index 1c8d3a911027..000000000000
--- a/crypto/openssl/doc/crypto/BIO_s_socket.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_s_socket, BIO_new_socket - socket BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *BIO_s_socket(void);
-
- long BIO_set_fd(BIO *b, int fd, long close_flag);
- long BIO_get_fd(BIO *b, int *c);
-
- BIO *BIO_new_socket(int sock, int close_flag);
-
-=head1 DESCRIPTION
-
-BIO_s_socket() returns the socket BIO method. This is a wrapper
-round the platform's socket routines.
-
-BIO_read() and BIO_write() read or write the underlying socket.
-BIO_puts() is supported but BIO_gets() is not.
-
-If the close flag is set then the socket is shut down and closed
-when the BIO is freed.
-
-BIO_set_fd() sets the socket of BIO B<b> to B<fd> and the close
-flag to B<close_flag>.
-
-BIO_get_fd() places the socket in B<c> if it is not NULL, it also
-returns the socket. If B<c> is not NULL it should be of type (int *).
-
-BIO_new_socket() returns a socket BIO using B<sock> and B<close_flag>.
-
-=head1 NOTES
-
-Socket BIOs also support any relevant functionality of file descriptor
-BIOs.
-
-The reason for having separate file descriptor and socket BIOs is that on some
-platforms sockets are not file descriptors and use distinct I/O routines,
-Windows is one such platform. Any code mixing the two will not work on
-all platforms.
-
-BIO_set_fd() and BIO_get_fd() are macros.
-
-=head1 RETURN VALUES
-
-BIO_s_socket() returns the socket BIO method.
-
-BIO_set_fd() always returns 1.
-
-BIO_get_fd() returns the socket or -1 if the BIO has not been
-initialized.
-
-BIO_new_socket() returns the newly allocated BIO or NULL is an error
-occurred.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_set_callback.pod b/crypto/openssl/doc/crypto/BIO_set_callback.pod
deleted file mode 100644
index 9b6961ca8d4a..000000000000
--- a/crypto/openssl/doc/crypto/BIO_set_callback.pod
+++ /dev/null
@@ -1,108 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg,
-BIO_debug_callback - BIO callback functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- #define BIO_set_callback(b,cb)		((b)->callback=(cb))
- #define BIO_get_callback(b)		((b)->callback)
- #define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
- #define BIO_get_callback_arg(b)		((b)->cb_arg)
-
- long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
-	long argl,long ret);
-
- typedef long callback(BIO *b, int oper, const char *argp,
-			int argi, long argl, long retvalue);
-
-=head1 DESCRIPTION
-
-BIO_set_callback() and BIO_get_callback() set and retrieve the BIO callback,
-they are both macros. The callback is called during most high level BIO
-operations. It can be used for debugging purposes to trace operations on
-a BIO or to modify its operation.
-
-BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be
-used to set and retrieve an argument for use in the callback.
-
-BIO_debug_callback() is a standard debugging callback which prints
-out information relating to each BIO operation. If the callback
-argument is set if is interpreted as a BIO to send the information
-to, otherwise stderr is used.
-
-callback() is the callback function itself. The meaning of each
-argument is described below.
-
-The BIO the callback is attached to is passed in B<b>.
-
-B<oper> is set to the operation being performed. For some operations
-the callback is called twice, once before and once after the actual
-operation, the latter case has B<oper> or'ed with BIO_CB_RETURN.
-
-The meaning of the arguments B<argp>, B<argi> and B<argl> depends on
-the value of B<oper>, that is the operation being performed.
-
-B<retvalue> is the return value that would be returned to the
-application if no callback were present. The actual value returned
-is the return value of the callback itself. In the case of callbacks
-called before the actual BIO operation 1 is placed in retvalue, if
-the return value is not positive it will be immediately returned to
-the application and the BIO operation will not be performed.
-
-The callback should normally simply return B<retvalue> when it has
-finished processing, unless if specifically wishes to modify the
-value returned to the application.
-
-=head1 CALLBACK OPERATIONS
-
-=over 4
-
-=item B<BIO_free(b)>
-
-callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L) is called before the
-free operation.
-
-=item B<BIO_read(b, out, outl)>
-
-callback(b, BIO_CB_READ, out, outl, 0L, 1L) is called before
-the read and callback(b, BIO_CB_READ|BIO_CB_RETURN, out, outl, 0L, retvalue)
-after.
-
-=item B<BIO_write(b, in, inl)>
-
-callback(b, BIO_CB_WRITE, in, inl, 0L, 1L) is called before
-the write and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl, 0L, retvalue)
-after.
-
-=item B<BIO_gets(b, out, outl)>
-
-callback(b, BIO_CB_GETS, out, outl, 0L, 1L) is called before
-the operation and callback(b, BIO_CB_GETS|BIO_CB_RETURN, out, outl, 0L, retvalue)
-after.
-
-=item B<BIO_puts(b, in)>
-
-callback(b, BIO_CB_WRITE, in, 0, 0L, 1L) is called before
-the operation and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, 0, 0L, retvalue)
-after.
-
-=item B<BIO_ctrl(BIO *b, int cmd, long larg, void *parg)>
-
-callback(b,BIO_CB_CTRL,parg,cmd,larg,1L) is called before the call and
-callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, larg,ret) after.
-
-=back
-
-=head1 EXAMPLE
-
-The BIO_debug_callback() function is a good example, its source is
-in crypto/bio/bio_cb.c
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BIO_should_retry.pod b/crypto/openssl/doc/crypto/BIO_should_retry.pod
deleted file mode 100644
index 539c3912728c..000000000000
--- a/crypto/openssl/doc/crypto/BIO_should_retry.pod
+++ /dev/null
@@ -1,114 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_should_retry, BIO_should_read, BIO_should_write,
-BIO_should_io_special, BIO_retry_type, BIO_should_retry,
-BIO_get_retry_BIO, BIO_get_retry_reason - BIO retry functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- #define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
- #define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
- #define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
- #define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
- #define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
-
- #define BIO_FLAGS_READ		0x01
- #define BIO_FLAGS_WRITE	0x02
- #define BIO_FLAGS_IO_SPECIAL	0x04
- #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
- #define BIO_FLAGS_SHOULD_RETRY	0x08
-
- BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
- int	BIO_get_retry_reason(BIO *bio);
-
-=head1 DESCRIPTION
-
-These functions determine why a BIO is not able to read or write data.
-They will typically be called after a failed BIO_read() or BIO_write()
-call.
-
-BIO_should_retry() is true if the call that produced this condition
-should then be retried at a later time.
-
-If BIO_should_retry() is false then the cause is an error condition.
-
-BIO_should_read() is true if the cause of the condition is that a BIO
-needs to read data.
-
-BIO_should_write() is true if the cause of the condition is that a BIO
-needs to read data.
-
-BIO_should_io_special() is true if some "special" condition, that is a
-reason other than reading or writing is the cause of the condition.
-
-BIO_get_retry_reason() returns a mask of the cause of a retry condition
-consisting of the values B<BIO_FLAGS_READ>, B<BIO_FLAGS_WRITE>,
-B<BIO_FLAGS_IO_SPECIAL> though current BIO types will only set one of
-these.
-
-BIO_get_retry_BIO() determines the precise reason for the special
-condition, it returns the BIO that caused this condition and if 
-B<reason> is not NULL it contains the reason code. The meaning of
-the reason code and the action that should be taken depends on
-the type of BIO that resulted in this condition.
-
-BIO_get_retry_reason() returns the reason for a special condition if
-passed the relevant BIO, for example as returned by BIO_get_retry_BIO().
-
-=head1 NOTES
-
-If BIO_should_retry() returns false then the precise "error condition"
-depends on the BIO type that caused it and the return code of the BIO
-operation. For example if a call to BIO_read() on a socket BIO returns
-0 and BIO_should_retry() is false then the cause will be that the
-connection closed. A similar condition on a file BIO will mean that it
-has reached EOF. Some BIO types may place additional information on
-the error queue. For more details see the individual BIO type manual
-pages.
-
-If the underlying I/O structure is in a blocking mode almost all current
-BIO types will not request a retry, because the underlying I/O
-calls will not. If the application knows that the BIO type will never
-signal a retry then it need not call BIO_should_retry() after a failed
-BIO I/O call. This is typically done with file BIOs.
-
-SSL BIOs are the only current exception to this rule: they can request a
-retry even if the underlying I/O structure is blocking, if a handshake
-occurs during a call to BIO_read(). An application can retry the failed
-call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY
-on the underlying SSL structure.
-
-While an application may retry a failed non blocking call immediately
-this is likely to be very inefficient because the call will fail
-repeatedly until data can be processed or is available. An application
-will normally wait until the necessary condition is satisfied. How
-this is done depends on the underlying I/O structure.
-
-For example if the cause is ultimately a socket and BIO_should_read()
-is true then a call to select() may be made to wait until data is
-available and then retry the BIO operation. By combining the retry
-conditions of several non blocking BIOs in a single select() call
-it is possible to service several BIOs in a single thread, though
-the performance may be poor if SSL BIOs are present because long delays
-can occur during the initial handshake process. 
-
-It is possible for a BIO to block indefinitely if the underlying I/O
-structure cannot process or return any data. This depends on the behaviour of
-the platforms I/O functions. This is often not desirable: one solution
-is to use non blocking I/O and use a timeout on the select() (or
-equivalent) call.
-
-=head1 BUGS
-
-The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O:
-that is they cannot retry after a partial read or write. This is usually
-worked around by only passing the relevant data to ASN1 functions when
-the entire structure can be read or written.
-
-=head1 SEE ALSO
-
-TBA
diff --git a/crypto/openssl/doc/crypto/BN_CTX_new.pod b/crypto/openssl/doc/crypto/BN_CTX_new.pod
deleted file mode 100644
index ad8d07db89af..000000000000
--- a/crypto/openssl/doc/crypto/BN_CTX_new.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_CTX_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BN_CTX *BN_CTX_new(void);
-
- void BN_CTX_init(BN_CTX *c);
-
- void BN_CTX_free(BN_CTX *c);
-
-=head1 DESCRIPTION
-
-A B<BN_CTX> is a structure that holds B<BIGNUM> temporary variables used by
-library functions. Since dynamic memory allocation to create B<BIGNUM>s
-is rather expensive when used in conjunction with repeated subroutine
-calls, the B<BN_CTX> structure is used.
-
-BN_CTX_new() allocates and initializes a B<BN_CTX>
-structure. BN_CTX_init() initializes an existing uninitialized
-B<BN_CTX>.
-
-BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
-created by BN_CTX_new(), also the structure itself.
-If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
-L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
-may be freed by BN_CTX_free().
-
-
-=head1 RETURN VALUES
-
-BN_CTX_new() returns a pointer to the B<BN_CTX>. If the allocation fails,
-it returns B<NULL> and sets an error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-BN_CTX_init() and BN_CTX_free() have no return values.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_start(3)|BN_CTX_start(3)>
-
-=head1 HISTORY
-
-BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay
-and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_CTX_start.pod b/crypto/openssl/doc/crypto/BN_CTX_start.pod
deleted file mode 100644
index dfcefe1a8876..000000000000
--- a/crypto/openssl/doc/crypto/BN_CTX_start.pod
+++ /dev/null
@@ -1,52 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- void BN_CTX_start(BN_CTX *ctx);
-
- BIGNUM *BN_CTX_get(BN_CTX *ctx);
-
- void BN_CTX_end(BN_CTX *ctx);
-
-=head1 DESCRIPTION
-
-These functions are used to obtain temporary B<BIGNUM> variables from
-a B<BN_CTX> (which can been created by using L<BN_CTX_new(3)|BN_CTX_new(3)>)
-in order to save the overhead of repeatedly creating and
-freeing B<BIGNUM>s in functions that are called from inside a loop.
-
-A function must call BN_CTX_start() first. Then, BN_CTX_get() may be
-called repeatedly to obtain temporary B<BIGNUM>s. All BN_CTX_get()
-calls must be made before calling any other functions that use the
-B<ctx> as an argument.
-
-Finally, BN_CTX_end() must be called before returning from the function.
-When BN_CTX_end() is called, the B<BIGNUM> pointers obtained from
-BN_CTX_get() become invalid.
-
-=head1 RETURN VALUES
-
-BN_CTX_start() and BN_CTX_end() return no values.
-
-BN_CTX_get() returns a pointer to the B<BIGNUM>, or B<NULL> on error.
-Once BN_CTX_get() has failed, the subsequent calls will return B<NULL>
-as well, so it is sufficient to check the return value of the last
-BN_CTX_get() call. In case of an error, an error code is set, which
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-
-=head1 SEE ALSO
-
-L<BN_CTX_new(3)|BN_CTX_new(3)>
-
-=head1 HISTORY
-
-BN_CTX_start(), BN_CTX_get() and BN_CTX_end() were added in OpenSSL 0.9.5.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_add.pod b/crypto/openssl/doc/crypto/BN_add.pod
deleted file mode 100644
index 88c7a799eea5..000000000000
--- a/crypto/openssl/doc/crypto/BN_add.pod
+++ /dev/null
@@ -1,126 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add,
-BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd -
-arithmetic operations on BIGNUMs
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-
- int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-
- int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
- int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
-
- int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
-         BN_CTX *ctx);
-
- int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-
- int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-
- int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
-
- int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
-
- int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
-
- int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-
- int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
-
- int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-         const BIGNUM *m, BN_CTX *ctx);
-
- int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
-=head1 DESCRIPTION
-
-BN_add() adds I<a> and I<b> and places the result in I<r> (C<r=a+b>).
-I<r> may be the same B<BIGNUM> as I<a> or I<b>.
-
-BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>).
-
-BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>).
-I<r> may be the same B<BIGNUM> as I<a> or I<b>.
-For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>.
-
-BN_sqr() takes the square of I<a> and places the result in I<r>
-(C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>.
-This function is faster than BN_mul(r,a,a).
-
-BN_div() divides I<a> by I<d> and places the result in I<dv> and the
-remainder in I<rem> (C<dv=a/d, rem=a%d>). Either of I<dv> and I<rem> may
-be B<NULL>, in which case the respective value is not returned.
-The result is rounded towards zero; thus if I<a> is negative, the
-remainder will be zero or negative.
-For division by powers of 2, use BN_rshift(3).
-
-BN_mod() corresponds to BN_div() with I<dv> set to B<NULL>.
-
-BN_nnmod() reduces I<a> modulo I<m> and places the non-negative
-remainder in I<r>.
-
-BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative
-result in I<r>.
-
-BN_mod_sub() subtracts I<b> from I<a> modulo I<m> and places the
-non-negative result in I<r>.
-
-BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative
-remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be
-the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for
-repeated computations using the same modulus, see
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>.
-
-BN_mod_sqr() takes the square of I<a> modulo B<m> and places the
-result in I<r>.
-
-BN_exp() raises I<a> to the I<p>-th power and places the result in I<r>
-(C<r=a^p>). This function is faster than repeated applications of
-BN_mul().
-
-BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p %
-m>). This function uses less time and space than BN_exp().
-
-BN_gcd() computes the greatest common divisor of I<a> and I<b> and
-places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or
-I<b>.
-
-For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
-temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>.
-
-Unless noted otherwise, the result B<BIGNUM> must be different from
-the arguments.
-
-=head1 RETURN VALUES
-
-For all functions, 1 is returned for success, 0 on error. The return
-value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>).
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
-L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)>
-
-=head1 HISTORY
-
-BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(),
-BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and
-OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay
-0.9.1b. BN_exp() appeared in SSLeay 0.9.0.
-BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in
-OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_add_word.pod b/crypto/openssl/doc/crypto/BN_add_word.pod
deleted file mode 100644
index 94244adea4cd..000000000000
--- a/crypto/openssl/doc/crypto/BN_add_word.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic
-functions on BIGNUMs with integers
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_add_word(BIGNUM *a, BN_ULONG w);
-
- int BN_sub_word(BIGNUM *a, BN_ULONG w);
-
- int BN_mul_word(BIGNUM *a, BN_ULONG w);
-
- BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-
- BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-
-=head1 DESCRIPTION
-
-These functions perform arithmetic operations on BIGNUMs with unsigned
-integers. They are much more efficient than the normal BIGNUM
-arithmetic operations.
-
-BN_add_word() adds B<w> to B<a> (C<a+=w>).
-
-BN_sub_word() subtracts B<w> from B<a> (C<a-=w>).
-
-BN_mul_word() multiplies B<a> and B<w> (C<a*=b>).
-
-BN_div_word() divides B<a> by B<w> (C<a/=w>) and returns the remainder.
-
-BN_mod_word() returns the remainder of B<a> divided by B<w> (C<a%m>).
-
-For BN_div_word() and BN_mod_word(), B<w> must not be 0.
-
-=head1 RETURN VALUES
-
-BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0
-on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-BN_mod_word() and BN_div_word() return B<a>%B<w>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
-
-=head1 HISTORY
-
-BN_add_word() and BN_mod_word() are available in all versions of
-SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and
-BN_sub_word() and BN_mul_word() in SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_bn2bin.pod b/crypto/openssl/doc/crypto/BN_bn2bin.pod
deleted file mode 100644
index a4b17ca60a89..000000000000
--- a/crypto/openssl/doc/crypto/BN_bn2bin.pod
+++ /dev/null
@@ -1,95 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_bn2bin, BN_bin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn,
-BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_bn2bin(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-
- char *BN_bn2hex(const BIGNUM *a);
- char *BN_bn2dec(const BIGNUM *a);
- int BN_hex2bn(BIGNUM **a, const char *str);
- int BN_dec2bn(BIGNUM **a, const char *str);
-
- int BN_print(BIO *fp, const BIGNUM *a);
- int BN_print_fp(FILE *fp, const BIGNUM *a);
-
- int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
-
-=head1 DESCRIPTION
-
-BN_bn2bin() converts the absolute value of B<a> into big-endian form
-and stores it at B<to>. B<to> must point to BN_num_bytes(B<a>) bytes of
-memory.
-
-BN_bin2bn() converts the positive integer in big-endian form of length
-B<len> at B<s> into a B<BIGNUM> and places it in B<ret>. If B<ret> is
-NULL, a new B<BIGNUM> is created.
-
-BN_bn2hex() and BN_bn2dec() return printable strings containing the
-hexadecimal and decimal encoding of B<a> respectively. For negative
-numbers, the string is prefaced with a leading '-'. The string must be
-freed later using OPENSSL_free().
-
-BN_hex2bn() converts the string B<str> containing a hexadecimal number
-to a B<BIGNUM> and stores it in **B<bn>. If *B<bn> is NULL, a new
-B<BIGNUM> is created. If B<bn> is NULL, it only computes the number's
-length in hexadecimal digits. If the string starts with '-', the
-number is negative. BN_dec2bn() is the same using the decimal system.
-
-BN_print() and BN_print_fp() write the hexadecimal encoding of B<a>,
-with a leading '-' for negative numbers, to the B<BIO> or B<FILE>
-B<fp>.
-
-BN_bn2mpi() and BN_mpi2bn() convert B<BIGNUM>s from and to a format
-that consists of the number's length in bytes represented as a 4-byte
-big-endian number, and the number itself in big-endian format, where
-the most significant bit signals a negative number (the representation
-of numbers with the MSB set is prefixed with null byte).
-
-BN_bn2mpi() stores the representation of B<a> at B<to>, where B<to>
-must be large enough to hold the result. The size can be determined by
-calling BN_bn2mpi(B<a>, NULL).
-
-BN_mpi2bn() converts the B<len> bytes long representation at B<s> to
-a B<BIGNUM> and stores it at B<ret>, or in a newly allocated B<BIGNUM>
-if B<ret> is NULL.
-
-=head1 RETURN VALUES
-
-BN_bn2bin() returns the length of the big-endian number placed at B<to>.
-BN_bin2bn() returns the B<BIGNUM>, NULL on error.
-
-BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL
-on error. BN_hex2bn() and BN_dec2bn() return the number's length in
-hexadecimal or decimal digits, and 0 on error.
-
-BN_print_fp() and BN_print() return 1 on success, 0 on write errors.
-
-BN_bn2mpi() returns the length of the representation. BN_mpi2bn()
-returns the B<BIGNUM>, and NULL on error.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_zero(3)|BN_zero(3)>,
-L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>,
-L<BN_num_bytes(3)|BN_num_bytes(3)>
-
-=head1 HISTORY
-
-BN_bn2bin(), BN_bin2bn(), BN_print_fp() and BN_print() are available
-in all versions of SSLeay and OpenSSL.
-
-BN_bn2hex(), BN_bn2dec(), BN_hex2bn(), BN_dec2bn(), BN_bn2mpi() and
-BN_mpi2bn() were added in SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_cmp.pod b/crypto/openssl/doc/crypto/BN_cmp.pod
deleted file mode 100644
index 23e9ed0b4f95..000000000000
--- a/crypto/openssl/doc/crypto/BN_cmp.pod
+++ /dev/null
@@ -1,48 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
-
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
-
-=head1 DESCRIPTION
-
-BN_cmp() compares the numbers B<a> and B<b>. BN_ucmp() compares their
-absolute values.
-
-BN_is_zero(), BN_is_one() and BN_is_word() test if B<a> equals 0, 1,
-or B<w> respectively. BN_is_odd() tests if a is odd.
-
-BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
-
-=head1 RETURN VALUES
-
-BN_cmp() returns -1 if B<a> E<lt> B<b>, 0 if B<a> == B<b> and 1 if
-B<a> E<gt> B<b>. BN_ucmp() is the same using the absolute values
-of B<a> and B<b>.
-
-BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
-the condition is true, 0 otherwise.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>
-
-=head1 HISTORY
-
-BN_cmp(), BN_ucmp(), BN_is_zero(), BN_is_one() and BN_is_word() are
-available in all versions of SSLeay and OpenSSL.
-BN_is_odd() was added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_copy.pod b/crypto/openssl/doc/crypto/BN_copy.pod
deleted file mode 100644
index 388dd7df2653..000000000000
--- a/crypto/openssl/doc/crypto/BN_copy.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_copy, BN_dup - copy BIGNUMs
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
-
- BIGNUM *BN_dup(const BIGNUM *from);
-
-=head1 DESCRIPTION
-
-BN_copy() copies B<from> to B<to>. BN_dup() creates a new B<BIGNUM>
-containing the value B<from>.
-
-=head1 RETURN VALUES
-
-BN_copy() returns B<to> on success, NULL on error. BN_dup() returns
-the new B<BIGNUM>, and NULL on error. The error codes can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-BN_copy() and BN_dup() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_generate_prime.pod b/crypto/openssl/doc/crypto/BN_generate_prime.pod
deleted file mode 100644
index 7dccacbc1e55..000000000000
--- a/crypto/openssl/doc/crypto/BN_generate_prime.pod
+++ /dev/null
@@ -1,102 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
-     BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
-
- int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, 
-     void *), BN_CTX *ctx, void *cb_arg);
-
- int BN_is_prime_fasttest(const BIGNUM *a, int checks,
-     void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
-     int do_trial_division);
-
-=head1 DESCRIPTION
-
-BN_generate_prime() generates a pseudo-random prime number of B<num>
-bits.
-If B<ret> is not B<NULL>, it will be used to store the number.
-
-If B<callback> is not B<NULL>, it is called as follows:
-
-=over 4
-
-=item *
-
-B<callback(0, i, cb_arg)> is called after generating the i-th
-potential prime number.
-
-=item *
-
-While the number is being tested for primality, B<callback(1, j,
-cb_arg)> is called as described below.
-
-=item *
-
-When a prime has been found, B<callback(2, i, cb_arg)> is called.
-
-=back
-
-The prime may have to fulfill additional requirements for use in
-Diffie-Hellman key exchange:
-
-If B<add> is not B<NULL>, the prime will fulfill the condition p % B<add>
-== B<rem> (p % B<add> == 1 if B<rem> == B<NULL>) in order to suit a given
-generator.
-
-If B<safe> is true, it will be a safe prime (i.e. a prime p so
-that (p-1)/2 is also prime).
-
-The PRNG must be seeded prior to calling BN_generate_prime().
-The prime number generation has a negligible error probability.
-
-BN_is_prime() and BN_is_prime_fasttest() test if the number B<a> is
-prime.  The following tests are performed until one of them shows that
-B<a> is composite; if B<a> passes all these tests, it is considered
-prime.
-
-BN_is_prime_fasttest(), when called with B<do_trial_division == 1>,
-first attempts trial division by a number of small primes;
-if no divisors are found by this test and B<callback> is not B<NULL>,
-B<callback(1, -1, cb_arg)> is called.
-If B<do_trial_division == 0>, this test is skipped.
-
-Both BN_is_prime() and BN_is_prime_fasttest() perform a Miller-Rabin
-probabilistic primality test with B<checks> iterations. If
-B<checks == BN_prime_checks>, a number of iterations is used that
-yields a false positive rate of at most 2^-80 for random input.
-
-If B<callback> is not B<NULL>, B<callback(1, j, cb_arg)> is called
-after the j-th iteration (j = 0, 1, ...). B<ctx> is a
-pre-allocated B<BN_CTX> (to save the overhead of allocating and
-freeing the structure in a loop), or B<NULL>.
-
-=head1 RETURN VALUES
-
-BN_generate_prime() returns the prime number on success, B<NULL> otherwise.
-
-BN_is_prime() returns 0 if the number is composite, 1 if it is
-prime with an error probability of less than 0.25^B<checks>, and
--1 on error.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-The B<cb_arg> arguments to BN_generate_prime() and to BN_is_prime()
-were added in SSLeay 0.9.0. The B<ret> argument to BN_generate_prime()
-was added in SSLeay 0.9.1.
-BN_is_prime_fasttest() was added in OpenSSL 0.9.5.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_mod_inverse.pod b/crypto/openssl/doc/crypto/BN_mod_inverse.pod
deleted file mode 100644
index 3ea3975c7422..000000000000
--- a/crypto/openssl/doc/crypto/BN_mod_inverse.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_mod_inverse - compute inverse modulo n
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
-           BN_CTX *ctx);
-
-=head1 DESCRIPTION
-
-BN_mod_inverse() computes the inverse of B<a> modulo B<n>
-places the result in B<r> (C<(a*r)%n==1>). If B<r> is NULL,
-a new B<BIGNUM> is created.
-
-B<ctx> is a previously allocated B<BN_CTX> used for temporary
-variables. B<r> may be the same B<BIGNUM> as B<a> or B<n>.
-
-=head1 RETURN VALUES
-
-BN_mod_inverse() returns the B<BIGNUM> containing the inverse, and
-NULL on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
-
-=head1 HISTORY
-
-BN_mod_inverse() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_mod_mul_montgomery.pod b/crypto/openssl/doc/crypto/BN_mod_mul_montgomery.pod
deleted file mode 100644
index 6b16351b92e4..000000000000
--- a/crypto/openssl/doc/crypto/BN_mod_mul_montgomery.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init,
-BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy,
-BN_from_montgomery, BN_to_montgomery - Montgomery multiplication
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
- void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-
- int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
- BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-
- int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-         BN_MONT_CTX *mont, BN_CTX *ctx);
-
- int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
-
- int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
-
-=head1 DESCRIPTION
-
-These functions implement Montgomery multiplication. They are used
-automatically when L<BN_mod_exp(3)|BN_mod_exp(3)> is called with suitable input,
-but they may be useful when several operations are to be performed
-using the same modulus.
-
-BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure.
-BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>.
-
-BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m>
-by precomputing its inverse and a value R.
-
-BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>.
-
-BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if
-it was created by BN_MONT_CTX_new(), also the structure itself.
-
-BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places
-the result in I<r>.
-
-BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1.
-
-BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R.
-Note that I<a> must be non-negative and smaller than the modulus.
-
-For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
-temporary variables.
-
-The B<BN_MONT_CTX> structure is defined as follows:
-
- typedef struct bn_mont_ctx_st
-        {
-        int ri;         /* number of bits in R */
-        BIGNUM RR;      /* R^2 (used to convert to Montgomery form) */
-        BIGNUM N;       /* The modulus */
-        BIGNUM Ni;      /* R*(1/R mod N) - N*Ni = 1
-                         * (Ni is only stored for bignum algorithm) */
-        BN_ULONG n0;    /* least significant word of Ni */
-        int flags;
-        } BN_MONT_CTX;
-
-BN_to_montgomery() is a macro.
-
-=head1 RETURN VALUES
-
-BN_MONT_CTX_new() returns the newly allocated B<BN_MONT_CTX>, and NULL
-on error.
-
-BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values.
-
-For the other functions, 1 is returned for success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 WARNING
-
-The inputs must be reduced modulo B<m>, otherwise the result will be
-outside the expected range.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_new(3)|BN_CTX_new(3)>
-
-=head1 HISTORY
-
-BN_MONT_CTX_new(), BN_MONT_CTX_free(), BN_MONT_CTX_set(),
-BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery()
-are available in all versions of SSLeay and OpenSSL.
-
-BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_mod_mul_reciprocal.pod b/crypto/openssl/doc/crypto/BN_mod_mul_reciprocal.pod
deleted file mode 100644
index 74a216ddc2ad..000000000000
--- a/crypto/openssl/doc/crypto/BN_mod_mul_reciprocal.pod
+++ /dev/null
@@ -1,81 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_mod_mul_reciprocal,  BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_init,
-BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using
-reciprocal
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
- void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-
- int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
-
- int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
-        BN_CTX *ctx);
-
- int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-        BN_RECP_CTX *recp, BN_CTX *ctx);
-
-=head1 DESCRIPTION
-
-BN_mod_mul_reciprocal() can be used to perform an efficient
-L<BN_mod_mul(3)|BN_mod_mul(3)> operation when the operation will be performed
-repeatedly with the same modulus. It computes B<r>=(B<a>*B<b>)%B<m>
-using B<recp>=1/B<m>, which is set as described below.  B<ctx> is a
-previously allocated B<BN_CTX> used for temporary variables.
-
-BN_RECP_CTX_new() allocates and initializes a B<BN_RECP> structure.
-BN_RECP_CTX_init() initializes an existing uninitialized B<BN_RECP>.
-
-BN_RECP_CTX_free() frees the components of the B<BN_RECP>, and, if it
-was created by BN_RECP_CTX_new(), also the structure itself.
-
-BN_RECP_CTX_set() stores B<m> in B<recp> and sets it up for computing
-1/B<m> and shifting it left by BN_num_bits(B<m>)+1 to make it an
-integer. The result and the number of bits it was shifted left will
-later be stored in B<recp>.
-
-BN_div_recp() divides B<a> by B<m> using B<recp>. It places the quotient
-in B<dv> and the remainder in B<rem>.
-
-The B<BN_RECP_CTX> structure is defined as follows:
-
- typedef struct bn_recp_ctx_st
-	{
-	BIGNUM N;	/* the divisor */
-	BIGNUM Nr;	/* the reciprocal */
-	int num_bits;
-	int shift;
-	int flags;
-	} BN_RECP_CTX;
-
-It cannot be shared between threads.
-
-=head1 RETURN VALUES
-
-BN_RECP_CTX_new() returns the newly allocated B<BN_RECP_CTX>, and NULL
-on error.
-
-BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values.
-
-For the other functions, 1 is returned for success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_new(3)|BN_CTX_new(3)>
-
-=head1 HISTORY
-
-B<BN_RECP_CTX> was added in SSLeay 0.9.0. Before that, the function
-BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal()
-arguments were different.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_new.pod b/crypto/openssl/doc/crypto/BN_new.pod
deleted file mode 100644
index 3033789c5147..000000000000
--- a/crypto/openssl/doc/crypto/BN_new.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_new(void);
-
- void BN_init(BIGNUM *);
-
- void BN_clear(BIGNUM *a);
-
- void BN_free(BIGNUM *a);
-
- void BN_clear_free(BIGNUM *a);
-
-=head1 DESCRIPTION
-
-BN_new() allocated and initializes a B<BIGNUM> structure. BN_init()
-initializes an existing uninitialized B<BIGNUM>.
-
-BN_clear() is used to destroy sensitive data such as keys when they
-are no longer needed. It erases the memory used by B<a> and sets it
-to the value 0.
-
-BN_free() frees the components of the B<BIGNUM>, and if it was created
-by BN_new(), also the structure itself. BN_clear_free() additionally
-overwrites the data before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails,
-it returns B<NULL> and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-BN_init(), BN_clear(), BN_free() and BN_clear_free() have no return
-values.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in
-all versions on SSLeay and OpenSSL.  BN_init() was added in SSLeay
-0.9.1b.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_num_bytes.pod b/crypto/openssl/doc/crypto/BN_num_bytes.pod
deleted file mode 100644
index 61589fb9aca6..000000000000
--- a/crypto/openssl/doc/crypto/BN_num_bytes.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_num_bytes(const BIGNUM *a);
-
- int BN_num_bits(const BIGNUM *a);
-
- int BN_num_bits_word(BN_ULONG w);
-
-=head1 DESCRIPTION
-
-These functions return the size of a B<BIGNUM> in bytes or bits,
-and the size of an unsigned integer in bits.
-
-BN_num_bytes() is a macro.
-
-=head1 RETURN VALUES
-
-The size.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>
-
-=head1 HISTORY
-
-BN_num_bytes(), BN_num_bits() and BN_num_bits_word() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_rand.pod b/crypto/openssl/doc/crypto/BN_rand.pod
deleted file mode 100644
index 81f93c2eb3a4..000000000000
--- a/crypto/openssl/doc/crypto/BN_rand.pod
+++ /dev/null
@@ -1,58 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_rand, BN_pseudo_rand - generate pseudo-random number
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
- int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
- int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
-
- int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
-
-=head1 DESCRIPTION
-
-BN_rand() generates a cryptographically strong pseudo-random number of
-B<bits> bits in length and stores it in B<rnd>. If B<top> is -1, the
-most significant bit of the random number can be zero. If B<top> is 0,
-it is set to 1, and if B<top> is 1, the two most significant bits of
-the number will be set to 1, so that the product of two such random
-numbers will always have 2*B<bits> length.  If B<bottom> is true, the
-number will be odd.
-
-BN_pseudo_rand() does the same, but pseudo-random numbers generated by
-this function are not necessarily unpredictable. They can be used for
-non-cryptographic purposes and for certain purposes in cryptographic
-protocols, but usually not for key generation etc.
-
-BN_rand_range() generates a cryptographically strong pseudo-random
-number B<rnd> in the range 0 <lt>= B<rnd> E<lt> B<range>.
-BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(),
-and hence numbers generated by it are not necessarily unpredictable.
-
-The PRNG must be seeded prior to calling BN_rand() or BN_rand_range().
-
-=head1 RETURN VALUES
-
-The functions return 1 on success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
-
-=head1 HISTORY
-
-BN_rand() is available in all versions of SSLeay and OpenSSL.
-BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case
-and the function BN_rand_range() were added in OpenSSL 0.9.6a.
-BN_pseudo_rand_range() was added in OpenSSL 0.9.6c.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_set_bit.pod b/crypto/openssl/doc/crypto/BN_set_bit.pod
deleted file mode 100644
index b7c47b9b0158..000000000000
--- a/crypto/openssl/doc/crypto/BN_set_bit.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift,
-BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_set_bit(BIGNUM *a, int n);
- int BN_clear_bit(BIGNUM *a, int n);
-
- int BN_is_bit_set(const BIGNUM *a, int n);
-
- int BN_mask_bits(BIGNUM *a, int n);
-
- int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
- int BN_lshift1(BIGNUM *r, BIGNUM *a);
-
- int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
- int BN_rshift1(BIGNUM *r, BIGNUM *a);
-
-=head1 DESCRIPTION
-
-BN_set_bit() sets bit B<n> in B<a> to 1 (C<a|=(1E<lt>E<lt>n)>). The
-number is expanded if necessary.
-
-BN_clear_bit() sets bit B<n> in B<a> to 0 (C<a&=~(1E<lt>E<lt>n)>). An
-error occurs if B<a> is shorter than B<n> bits.
-
-BN_is_bit_set() tests if bit B<n> in B<a> is set.
-
-BN_mask_bits() truncates B<a> to an B<n> bit number
-(C<a&=~((~0)E<gt>E<gt>n)>).  An error occurs if B<a> already is
-shorter than B<n> bits.
-
-BN_lshift() shifts B<a> left by B<n> bits and places the result in
-B<r> (C<r=a*2^n>). BN_lshift1() shifts B<a> left by one and places
-the result in B<r> (C<r=2*a>).
-
-BN_rshift() shifts B<a> right by B<n> bits and places the result in
-B<r> (C<r=a/2^n>). BN_rshift1() shifts B<a> right by one and places
-the result in B<r> (C<r=a/2>).
-
-For the shift functions, B<r> and B<a> may be the same variable.
-
-=head1 RETURN VALUES
-
-BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.
-
-All other functions return 1 for success, 0 on error. The error codes
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)>
-
-=head1 HISTORY
-
-BN_set_bit(), BN_clear_bit(), BN_is_bit_set(), BN_mask_bits(),
-BN_lshift(), BN_lshift1(), BN_rshift(), and BN_rshift1() are available
-in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_swap.pod b/crypto/openssl/doc/crypto/BN_swap.pod
deleted file mode 100644
index 79efaa144634..000000000000
--- a/crypto/openssl/doc/crypto/BN_swap.pod
+++ /dev/null
@@ -1,23 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_swap - exchange BIGNUMs
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- void BN_swap(BIGNUM *a, BIGNUM *b);
-
-=head1 DESCRIPTION
-
-BN_swap() exchanges the values of I<a> and I<b>.
-
-L<bn(3)|bn(3)>
-
-=head1 HISTORY
-
-BN_swap was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/BN_zero.pod b/crypto/openssl/doc/crypto/BN_zero.pod
deleted file mode 100644
index b555ec398859..000000000000
--- a/crypto/openssl/doc/crypto/BN_zero.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment
-operations
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- int BN_zero(BIGNUM *a);
- int BN_one(BIGNUM *a);
-
- const BIGNUM *BN_value_one(void);
-
- int BN_set_word(BIGNUM *a, unsigned long w);
- unsigned long BN_get_word(BIGNUM *a);
-
-=head1 DESCRIPTION
-
-BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and
-B<w> respectively.  BN_zero() and BN_one() are macros.
-
-BN_value_one() returns a B<BIGNUM> constant of value 1. This constant
-is useful for use in comparisons and assignment.
-
-BN_get_word() returns B<a>, if it can be represented as an unsigned
-long.
-
-=head1 RETURN VALUES
-
-BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot
-be represented as an unsigned long.
-
-BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise.
-BN_value_one() returns the constant.
-
-=head1 BUGS
-
-Someone might change the constant.
-
-If a B<BIGNUM> is equal to 0xffffffffL it can be represented as an
-unsigned long but this value is also returned on error.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
-
-=head1 HISTORY
-
-BN_zero(), BN_one() and BN_set_word() are available in all versions of
-SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in
-SSLeay 0.8.
-
-BN_value_one() was changed to return a true const BIGNUM * in OpenSSL
-0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod b/crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod
deleted file mode 100644
index 1bd5bed67d70..000000000000
--- a/crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-CRYPTO_set_ex_data, CRYPTO_get_ex_data - internal application specific data functions
-
-=head1 SYNOPSIS
-
- int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
-
- void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-
-These functions should only be used by applications to manipulate
-B<CRYPTO_EX_DATA> structures passed to the B<new_func()>, B<free_func()> and
-B<dup_func()> callbacks: as passed to B<RSA_get_ex_new_index()> for example.
-
-B<CRYPTO_set_ex_data()> is used to set application specific data, the data is
-supplied in the B<arg> parameter and its precise meaning is up to the
-application.
-
-B<CRYPTO_get_ex_data()> is used to retrieve application specific data. The data
-is returned to the application, this will be the same value as supplied to
-a previous B<CRYPTO_set_ex_data()> call.
-
-=head1 RETURN VALUES
-
-B<CRYPTO_set_ex_data()> returns 1 on success or 0 on failure.
-
-B<CRYPTO_get_ex_data()> returns the application data or 0 on failure. 0 may also
-be valid application data but currently it can only fail if given an invalid B<idx>
-parameter.
-
-On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>
-
-=head1 HISTORY
-
-CRYPTO_set_ex_data() and CRYPTO_get_ex_data() have been available since SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_generate_key.pod b/crypto/openssl/doc/crypto/DH_generate_key.pod
deleted file mode 100644
index 81f09fdf45ea..000000000000
--- a/crypto/openssl/doc/crypto/DH_generate_key.pod
+++ /dev/null
@@ -1,50 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_generate_key(DH *dh);
-
- int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
-=head1 DESCRIPTION
-
-DH_generate_key() performs the first step of a Diffie-Hellman key
-exchange by generating private and public DH values. By calling
-DH_compute_key(), these are combined with the other party's public
-value to compute the shared key.
-
-DH_generate_key() expects B<dh> to contain the shared parameters
-B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
-unless B<dh-E<gt>priv_key> is already set, and computes the
-corresponding public value B<dh-E<gt>pub_key>, which can then be
-published.
-
-DH_compute_key() computes the shared secret from the private DH value
-in B<dh> and the other party's public value in B<pub_key> and stores
-it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
-
-=head1 RETURN VALUES
-
-DH_generate_key() returns 1 on success, 0 otherwise.
-
-DH_compute_key() returns the size of the shared secret on success, -1
-on error.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
-
-=head1 HISTORY
-
-DH_generate_key() and DH_compute_key() are available in all versions
-of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_generate_parameters.pod b/crypto/openssl/doc/crypto/DH_generate_parameters.pod
deleted file mode 100644
index 9081e9ea7cf9..000000000000
--- a/crypto/openssl/doc/crypto/DH_generate_parameters.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_parameters, DH_check - generate and check Diffie-Hellman parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH *DH_generate_parameters(int prime_len, int generator,
-     void (*callback)(int, int, void *), void *cb_arg);
-
- int DH_check(DH *dh, int *codes);
-
-=head1 DESCRIPTION
-
-DH_generate_parameters() generates Diffie-Hellman parameters that can
-be shared among a group of users, and returns them in a newly
-allocated B<DH> structure. The pseudo-random number generator must be
-seeded prior to calling DH_generate_parameters().
-
-B<prime_len> is the length in bits of the safe prime to be generated.
-B<generator> is a small number E<gt> 1, typically 2 or 5. 
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<callback> is not B<NULL>, it will be
-called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime
-number is generated, and when a prime has been found, B<callback(3,
-0, cb_arg)> is called.
-
-DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
-a safe prime, and that B<g> is a suitable generator. In the case of an
-error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or
-DH_NOT_SUITABLE_GENERATOR are set in B<*codes>.
-DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be
-checked, i.e. it does not equal 2 or 5.
-
-=head1 RETURN VALUES
-
-DH_generate_parameters() returns a pointer to the DH structure, or
-NULL if the parameter generation fails. The error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-DH_check() returns 1 if the check could be performed, 0 otherwise.
-
-=head1 NOTES
-
-DH_generate_parameters() may run for several hours before finding a
-suitable prime.
-
-The parameters generated by DH_generate_parameters() are not to be
-used in signature schemes.
-
-=head1 BUGS
-
-If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not
-a usable generator.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DH_free(3)|DH_free(3)>
-
-=head1 HISTORY
-
-DH_check() is available in all versions of SSLeay and OpenSSL.
-The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
-
-In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
-instead of DH_CHECK_P_NOT_SAFE_PRIME.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_get_ex_new_index.pod b/crypto/openssl/doc/crypto/DH_get_ex_new_index.pod
deleted file mode 100644
index fa5eab26502a..000000000000
--- a/crypto/openssl/doc/crypto/DH_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int DH_set_ex_data(DH *d, int idx, void *arg);
-
- char *DH_get_ex_data(DH *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DH
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
-
-=head1 HISTORY
-
-DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_new.pod b/crypto/openssl/doc/crypto/DH_new.pod
deleted file mode 100644
index 60c930093e02..000000000000
--- a/crypto/openssl/doc/crypto/DH_new.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_new, DH_free - allocate and free DH objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH* DH_new(void);
-
- void DH_free(DH *dh);
-
-=head1 DESCRIPTION
-
-DH_new() allocates and initializes a B<DH> structure.
-
-DH_free() frees the B<DH> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DH_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
-a pointer to the newly allocated structure.
-
-DH_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_set_method.pod b/crypto/openssl/doc/crypto/DH_set_method.pod
deleted file mode 100644
index 73261fc4675d..000000000000
--- a/crypto/openssl/doc/crypto/DH_set_method.pod
+++ /dev/null
@@ -1,129 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_set_default_method, DH_get_default_method,
-DH_set_method, DH_new_method, DH_OpenSSL - select DH method
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- void DH_set_default_method(const DH_METHOD *meth);
-
- const DH_METHOD *DH_get_default_method(void);
-
- int DH_set_method(DH *dh, const DH_METHOD *meth);
-
- DH *DH_new_method(ENGINE *engine);
-
- const DH_METHOD *DH_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these DH API functions are affected by the use
-of B<ENGINE> API calls.
-
-Initially, the default DH_METHOD is the OpenSSL internal implementation, as
-returned by DH_OpenSSL().
-
-DH_set_default_method() makes B<meth> the default method for all DH
-structures created later. B<NB>: This is true only whilst no ENGINE has been set
-as a default for DH, so this function is no longer recommended.
-
-DH_get_default_method() returns a pointer to the current default DH_METHOD.
-However, the meaningfulness of this result is dependant on whether the ENGINE
-API is being used, so this function is no longer recommended.
-
-DH_set_method() selects B<meth> to perform all operations using the key B<dh>.
-This will replace the DH_METHOD used by the DH key and if the previous method
-was supplied by an ENGINE, the handle to that ENGINE will be released during the
-change. It is possible to have DH keys that only work with certain DH_METHOD
-implementations (eg. from an ENGINE module that supports embedded
-hardware-protected keys), and in such cases attempting to change the DH_METHOD
-for the key can have unexpected results.
-
-DH_new_method() allocates and initializes a DH structure so that B<engine> will
-be used for the DH operations. If B<engine> is NULL, the default ENGINE for DH
-operations is used, and if no default ENGINE is set, the DH_METHOD controlled by
-DH_set_default_method() is used.
-
-=head1 THE DH_METHOD STRUCTURE
-
- typedef struct dh_meth_st
- {
-     /* name of the implementation */
-	const char *name;
-
-     /* generate private and public DH values for key agreement */
-        int (*generate_key)(DH *dh);
-
-     /* compute shared secret */
-        int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-        int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-                                const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx);
-
-     /* called at DH_new */
-        int (*init)(DH *dh);
-
-     /* called at DH_free */
-        int (*finish)(DH *dh);
-
-        int flags;
-
-        char *app_data; /* ?? */
-
- } DH_METHOD;
-
-=head1 RETURN VALUES
-
-DH_OpenSSL() and DH_get_default_method() return pointers to the respective
-B<DH_METHOD>s.
-
-DH_set_default_method() returns no value.
-
-DH_set_method() returns non-zero if the provided B<meth> was successfully set as
-the method for B<dh> (including unloading the ENGINE handle if the previous
-method was supplied by an ENGINE).
-
-DH_new_method() returns NULL and sets an error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise it
-returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, DH_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DH functionality using an ENGINE API function,
-that will override any DH defaults set using the DH API (ie.
-DH_set_default_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in DH and other cryptographic
-algorithms.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
-
-=head1 HISTORY
-
-DH_set_default_method(), DH_get_default_method(), DH_set_method(),
-DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
-
-DH_set_default_openssl_method() and DH_get_default_openssl_method() replaced
-DH_set_default_method() and DH_get_default_method() respectively, and
-DH_set_method() and DH_new_method() were altered to use B<ENGINE>s rather than
-B<DH_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DH API without
-requiring changing these function prototypes.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DH_size.pod b/crypto/openssl/doc/crypto/DH_size.pod
deleted file mode 100644
index 97f26fda7855..000000000000
--- a/crypto/openssl/doc/crypto/DH_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_size - get Diffie-Hellman prime size
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_size(DH *dh);
-
-=head1 DESCRIPTION
-
-This function returns the Diffie-Hellman size in bytes. It can be used
-to determine how much memory must be allocated for the shared secret
-computed by DH_compute_key().
-
-B<dh-E<gt>p> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_SIG_new.pod b/crypto/openssl/doc/crypto/DSA_SIG_new.pod
deleted file mode 100644
index 3ac614003816..000000000000
--- a/crypto/openssl/doc/crypto/DSA_SIG_new.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_SIG_new(void);
-
- void	DSA_SIG_free(DSA_SIG *a);
-
-=head1 DESCRIPTION
-
-DSA_SIG_new() allocates and initializes a B<DSA_SIG> structure.
-
-DSA_SIG_free() frees the B<DSA_SIG> structure and its components. The
-values are erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
-error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-DSA_SIG_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_do_sign.pod b/crypto/openssl/doc/crypto/DSA_do_sign.pod
deleted file mode 100644
index 5dfc733b20e2..000000000000
--- a/crypto/openssl/doc/crypto/DSA_do_sign.pod
+++ /dev/null
@@ -1,47 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_do_sign, DSA_do_verify - raw DSA signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-
- int DSA_do_verify(const unsigned char *dgst, int dgst_len,
-	     DSA_SIG *sig, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_do_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and returns it in a
-newly allocated B<DSA_SIG> structure.
-
-L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
-of the signing operation in case signature generation is
-time-critical.
-
-DSA_do_verify() verifies that the signature B<sig> matches a given
-message digest B<dgst> of size B<len>.  B<dsa> is the signer's public
-key.
-
-=head1 RETURN VALUES
-
-DSA_do_sign() returns the signature, NULL on error.  DSA_do_verify()
-returns 1 for a valid signature, 0 for an incorrect signature and -1
-on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
-L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_dup_DH.pod b/crypto/openssl/doc/crypto/DSA_dup_DH.pod
deleted file mode 100644
index 7f6f0d1115ad..000000000000
--- a/crypto/openssl/doc/crypto/DSA_dup_DH.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_dup_DH - create a DH structure out of DSA structure
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DH * DSA_dup_DH(const DSA *r);
-
-=head1 DESCRIPTION
-
-DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
-is lost during that conversion, but the resulting DH parameters
-contain its length.
-
-=head1 RETURN VALUE
-
-DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTE
-
-Be careful to avoid small subgroup attacks when using this.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-DSA_dup_DH() was added in OpenSSL 0.9.4.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_generate_key.pod b/crypto/openssl/doc/crypto/DSA_generate_key.pod
deleted file mode 100644
index af83ccfaa16b..000000000000
--- a/crypto/openssl/doc/crypto/DSA_generate_key.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_key - generate DSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_generate_key(DSA *a);
-
-=head1 DESCRIPTION
-
-DSA_generate_key() expects B<a> to contain DSA parameters. It generates
-a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
-
-The PRNG must be seeded prior to calling DSA_generate_key().
-
-=head1 RETURN VALUE
-
-DSA_generate_key() returns 1 on success, 0 otherwise.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
-
-=head1 HISTORY
-
-DSA_generate_key() is available since SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_generate_parameters.pod b/crypto/openssl/doc/crypto/DSA_generate_parameters.pod
deleted file mode 100644
index be7c924ff8f9..000000000000
--- a/crypto/openssl/doc/crypto/DSA_generate_parameters.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_parameters - generate DSA parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA *DSA_generate_parameters(int bits, unsigned char *seed,
-                int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-DSA_generate_parameters() generates primes p and q and a generator g
-for use in the DSA.
-
-B<bits> is the length of the prime to be generated; the DSS allows a
-maximum of 1024 bits.
-
-If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
-generated at random. Otherwise, the seed is used to generate
-them. If the given seed does not yield a prime q, a new random
-seed is chosen and placed at B<seed>.
-
-DSA_generate_parameters() places the iteration count in
-*B<counter_ret> and a counter used for finding a generator in
-*B<h_ret>, unless these are B<NULL>.
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<callback> is not B<NULL>, it will be
-called as follows:
-
-=over 4
-
-=item *
-
-When a candidate for q is generated, B<callback(0, m++, cb_arg)> is called
-(m is 0 for the first candidate).
-
-=item *
-
-When a candidate for q has passed a test by trial division,
-B<callback(1, -1, cb_arg)> is called.
-While a candidate for q is tested by Miller-Rabin primality tests,
-B<callback(1, i, cb_arg)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime);
-i is the loop counter (starting at 0).
-
-=item *
-
-When a prime q has been found, B<callback(2, 0, cb_arg)> and
-B<callback(3, 0, cb_arg)> are called.
-
-=item *
-
-Before a candidate for p (other than the first) is generated and tested,
-B<callback(0, counter, cb_arg)> is called.
-
-=item *
-
-When a candidate for p has passed the test by trial division,
-B<callback(1, -1, cb_arg)> is called.
-While it is tested by the Miller-Rabin primality test,
-B<callback(1, i, cb_arg)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime).
-i is the loop counter (starting at 0).
-
-=item *
-
-When p has been found, B<callback(2, 1, cb_arg)> is called.
-
-=item *
-
-When the generator has been found, B<callback(3, 1, cb_arg)> is called.
-
-=back
-
-=head1 RETURN VALUE
-
-DSA_generate_parameters() returns a pointer to the DSA structure, or
-B<NULL> if the parameter generation fails. The error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-Seed lengths E<gt> 20 are not supported.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_free(3)|DSA_free(3)>
-
-=head1 HISTORY
-
-DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
-argument was added in SSLeay 0.9.0.
-In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
-in the inner loop of the Miller-Rabin test whenever it reached the
-squaring step (the parameters to B<callback> did not reveal how many
-witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
-is called as in BN_is_prime(3), i.e. once for each witness.
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod b/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod
deleted file mode 100644
index 4612e708ecc0..000000000000
--- a/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/DSA.h>
-
- int DSA_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int DSA_set_ex_data(DSA *d, int idx, void *arg);
-
- char *DSA_get_ex_data(DSA *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DSA
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
-
-=head1 HISTORY
-
-DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_new.pod b/crypto/openssl/doc/crypto/DSA_new.pod
deleted file mode 100644
index 48e9b82a09c8..000000000000
--- a/crypto/openssl/doc/crypto/DSA_new.pod
+++ /dev/null
@@ -1,42 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_new, DSA_free - allocate and free DSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA* DSA_new(void);
-
- void DSA_free(DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_new() allocates and initializes a B<DSA> structure. It is equivalent to
-calling DSA_new_method(NULL).
-
-DSA_free() frees the B<DSA> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_new() returns B<NULL> and sets an error
-code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-DSA_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>
-
-=head1 HISTORY
-
-DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_set_method.pod b/crypto/openssl/doc/crypto/DSA_set_method.pod
deleted file mode 100644
index bc3cfb1f0a78..000000000000
--- a/crypto/openssl/doc/crypto/DSA_set_method.pod
+++ /dev/null
@@ -1,143 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_set_default_method, DSA_get_default_method,
-DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- void DSA_set_default_method(const DSA_METHOD *meth);
-
- const DSA_METHOD *DSA_get_default_method(void);
-
- int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
-
- DSA *DSA_new_method(ENGINE *engine);
-
- DSA_METHOD *DSA_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these DSA API functions are affected by the use
-of B<ENGINE> API calls.
-
-Initially, the default DSA_METHOD is the OpenSSL internal implementation,
-as returned by DSA_OpenSSL().
-
-DSA_set_default_method() makes B<meth> the default method for all DSA
-structures created later. B<NB>: This is true only whilst no ENGINE has
-been set as a default for DSA, so this function is no longer recommended.
-
-DSA_get_default_method() returns a pointer to the current default
-DSA_METHOD. However, the meaningfulness of this result is dependant on
-whether the ENGINE API is being used, so this function is no longer 
-recommended.
-
-DSA_set_method() selects B<meth> to perform all operations using the key
-B<rsa>. This will replace the DSA_METHOD used by the DSA key and if the
-previous method was supplied by an ENGINE, the handle to that ENGINE will
-be released during the change. It is possible to have DSA keys that only
-work with certain DSA_METHOD implementations (eg. from an ENGINE module
-that supports embedded hardware-protected keys), and in such cases
-attempting to change the DSA_METHOD for the key can have unexpected
-results.
-
-DSA_new_method() allocates and initializes a DSA structure so that B<engine>
-will be used for the DSA operations. If B<engine> is NULL, the default engine
-for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD
-controlled by DSA_set_default_method() is used.
-
-=head1 THE DSA_METHOD STRUCTURE
-
-struct
- {
-     /* name of the implementation */
-        const char *name;
-
-     /* sign */
-	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
-                                 DSA *dsa);
-
-     /* pre-compute k^-1 and r */
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-                                 BIGNUM **rp);
-
-     /* verify */
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-                                 DSA_SIG *sig, DSA *dsa);
-
-     /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
-                                          implementations) */
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-                                 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                                 BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-        int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                                 const BIGNUM *p, const BIGNUM *m,
-                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-     /* called at DSA_new */
-        int (*init)(DSA *DSA);
-
-     /* called at DSA_free */
-        int (*finish)(DSA *DSA);
-
-        int flags;
-
-        char *app_data; /* ?? */
-
- } DSA_METHOD;
-
-=head1 RETURN VALUES
-
-DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective
-B<DSA_METHOD>s.
-
-DSA_set_default_method() returns no value.
-
-DSA_set_method() returns non-zero if the provided B<meth> was successfully set as
-the method for B<dsa> (including unloading the ENGINE handle if the previous
-method was supplied by an ENGINE).
-
-DSA_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
-fails. Otherwise it returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, DSA_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DSA functionality using an ENGINE API function,
-that will override any DSA defaults set using the DSA API (ie.
-DSA_set_default_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in DSA and other cryptographic
-algorithms.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
-
-=head1 HISTORY
-
-DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
-DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
-
-DSA_set_default_openssl_method() and DSA_get_default_openssl_method() replaced
-DSA_set_default_method() and DSA_get_default_method() respectively, and
-DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s rather than
-B<DSA_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DSA API without
-requiring changing these function prototypes.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_sign.pod b/crypto/openssl/doc/crypto/DSA_sign.pod
deleted file mode 100644
index 97389e8ec885..000000000000
--- a/crypto/openssl/doc/crypto/DSA_sign.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int	DSA_sign(int type, const unsigned char *dgst, int len,
-		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
-
- int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
-                BIGNUM **rp);
-
- int	DSA_verify(int type, const unsigned char *dgst, int len,
-		unsigned char *sigbuf, int siglen, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
-encoding at B<sigret>. The length of the signature is places in
-*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
-
-DSA_sign_setup() may be used to precompute part of the signing
-operation in case signature generation is time-critical. It expects
-B<dsa> to contain DSA parameters. It places the precomputed values
-in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
-the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
-be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
-B<ctx> is a pre-allocated B<BN_CTX> or NULL.
-
-DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<dgst> of size B<len>.
-B<dsa> is the signer's public key.
-
-The B<type> parameter is ignored.
-
-The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
-is called.
-
-=head1 RETURN VALUES
-
-DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
-DSA_verify() returns 1 for a valid signature, 0 for an incorrect
-signature and -1 on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_sign() and DSA_verify() are available in all versions of SSLeay.
-DSA_sign_setup() was added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/DSA_size.pod b/crypto/openssl/doc/crypto/DSA_size.pod
deleted file mode 100644
index ba4f650361c3..000000000000
--- a/crypto/openssl/doc/crypto/DSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_size - get DSA signature size
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_size(const DSA *dsa);
-
-=head1 DESCRIPTION
-
-This function returns the size of an ASN.1 encoded DSA signature in
-bytes. It can be used to determine how much memory must be allocated
-for a DSA signature.
-
-B<dsa-E<gt>q> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_GET_LIB.pod b/crypto/openssl/doc/crypto/ERR_GET_LIB.pod
deleted file mode 100644
index 2a129da036cc..000000000000
--- a/crypto/openssl/doc/crypto/ERR_GET_LIB.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
-reason code
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- int ERR_GET_LIB(unsigned long e);
-
- int ERR_GET_FUNC(unsigned long e);
-
- int ERR_GET_REASON(unsigned long e);
-
-=head1 DESCRIPTION
-
-The error code returned by ERR_get_error() consists of a library
-number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
-and ERR_GET_REASON() can be used to extract these.
-
-The library number and function code describe where the error
-occurred, the reason code is the information about what went wrong.
-
-Each sub-library of OpenSSL has a unique library number; function and
-reason codes are unique within each sub-library.  Note that different
-libraries may use the same value to signal different functions and
-reasons.
-
-B<ERR_R_...> reason codes such as B<ERR_R_MALLOC_FAILURE> are globally
-unique. However, when checking for sub-library specific reason codes,
-be sure to also compare the library number.
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
-
-=head1 RETURN VALUES
-
-The library number, function code and reason code respectively.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_clear_error.pod b/crypto/openssl/doc/crypto/ERR_clear_error.pod
deleted file mode 100644
index 566e1f4e317f..000000000000
--- a/crypto/openssl/doc/crypto/ERR_clear_error.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_clear_error - clear the error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_clear_error(void);
-
-=head1 DESCRIPTION
-
-ERR_clear_error() empties the current thread's error queue.
-
-=head1 RETURN VALUES
-
-ERR_clear_error() has no return value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_error_string.pod b/crypto/openssl/doc/crypto/ERR_error_string.pod
deleted file mode 100644
index e01beb817a39..000000000000
--- a/crypto/openssl/doc/crypto/ERR_error_string.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
-ERR_func_error_string, ERR_reason_error_string - obtain human-readable
-error message
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- char *ERR_error_string(unsigned long e, char *buf);
- char *ERR_error_string_n(unsigned long e, char *buf, size_t len);
-
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
-=head1 DESCRIPTION
-
-ERR_error_string() generates a human-readable string representing the
-error code I<e>, and places it at I<buf>. I<buf> must be at least 120
-bytes long. If I<buf> is B<NULL>, the error string is placed in a
-static buffer.
-ERR_error_string_n() is a variant of ERR_error_string() that writes
-at most I<len> characters (including the terminating 0)
-and truncates the string if necessary.
-For ERR_error_string_n(), I<buf> may not be B<NULL>.
-
-The string will have the following format:
-
- error:[error code]:[library name]:[function name]:[reason string]
-
-I<error code> is an 8 digit hexadecimal number, I<library name>,
-I<function name> and I<reason string> are ASCII text.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the library name, function
-name and reason string respectively.
-
-The OpenSSL error strings should be loaded by calling
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
-applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-first.
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
-all error codes currently in the queue.
-
-=head1 RETURN VALUES
-
-ERR_error_string() returns a pointer to a static buffer containing the
-string if I<buf> B<== NULL>, I<buf> otherwise.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the strings, and B<NULL> if
-none is registered for the error code.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-L<ERR_print_errors(3)|ERR_print_errors(3)>
-
-=head1 HISTORY
-
-ERR_error_string() is available in all versions of SSLeay and OpenSSL.
-ERR_error_string_n() was added in OpenSSL 0.9.6.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_get_error.pod b/crypto/openssl/doc/crypto/ERR_get_error.pod
deleted file mode 100644
index 34443045fc0d..000000000000
--- a/crypto/openssl/doc/crypto/ERR_get_error.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_get_error, ERR_peek_error, ERR_peek_last_error,
-ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line,
-ERR_get_error_line_data, ERR_peek_error_line_data,
-ERR_peek_last_error_line_data - obtain error code and data
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
- unsigned long ERR_peek_last_error(void);
-
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
- unsigned long ERR_peek_last_error_line(const char **file, int *line);
-
- unsigned long ERR_get_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
-
-=head1 DESCRIPTION
-
-ERR_get_error() returns the earliest error code from the thread's error
-queue and removes the entry. This function can be called repeatedly
-until there are no more error codes to return.
-
-ERR_peek_error() returns the earliest error code from the thread's
-error queue without modifying it.
-
-ERR_peek_last_error() returns the latest error code from the thread's
-error queue without modifying it.
-
-See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
-location and reason of the error, and
-L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
-messages.
-
-ERR_get_error_line(), ERR_peek_error_line() and
-ERR_peek_last_error_line() are the same as the above, but they
-additionally store the file name and line number where
-the error occurred in *B<file> and *B<line>, unless these are B<NULL>.
-
-ERR_get_error_line_data(), ERR_peek_error_line_data() and
-ERR_get_last_error_line_data() store additional data and flags
-associated with the error code in *B<data>
-and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING>. If it has been allocated by OPENSSL_malloc(),
-*B<flags>&B<ERR_TXT_MALLOCED> is true.
-
-=head1 RETURN VALUES
-
-The error code, or 0 if there is no error in the queue.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
-
-=head1 HISTORY
-
-ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
-ERR_peek_error_line() are available in all versions of SSLeay and
-OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
-were added in SSLeay 0.9.0.
-ERR_peek_last_error(), ERR_peek_last_error_line() and
-ERR_peek_last_error_line_data() were added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_load_crypto_strings.pod b/crypto/openssl/doc/crypto/ERR_load_crypto_strings.pod
deleted file mode 100644
index 9bdec75a4638..000000000000
--- a/crypto/openssl/doc/crypto/ERR_load_crypto_strings.pod
+++ /dev/null
@@ -1,46 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings -
-load and free error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- #include <openssl/ssl.h>
-
- void SSL_load_error_strings(void);
-
-=head1 DESCRIPTION
-
-ERR_load_crypto_strings() registers the error strings for all
-B<libcrypto> functions. SSL_load_error_strings() does the same,
-but also registers the B<libssl> error strings.
-
-One of these functions should be called before generating
-textual error messages. However, this is not required when memory
-usage is an issue.
-
-ERR_free_strings() frees all previously loaded error strings.
-
-=head1 RETURN VALUES
-
-ERR_load_crypto_strings(), SSL_load_error_strings() and
-ERR_free_strings() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings(), SSL_load_error_strings() and
-ERR_free_strings() are available in all versions of SSLeay and
-OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_load_strings.pod b/crypto/openssl/doc/crypto/ERR_load_strings.pod
deleted file mode 100644
index 5acdd0edbc5e..000000000000
--- a/crypto/openssl/doc/crypto/ERR_load_strings.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load
-arbitrary error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-
- int ERR_get_next_error_library(void);
-
- unsigned long ERR_PACK(int lib, int func, int reason);
-
-=head1 DESCRIPTION
-
-ERR_load_strings() registers error strings for library number B<lib>.
-
-B<str> is an array of error string data:
-
- typedef struct ERR_string_data_st
- {
-        unsigned long error;
-        char *string;
- } ERR_STRING_DATA;
-
-The error code is generated from the library number and a function and
-reason code: B<error> = ERR_PACK(B<lib>, B<func>, B<reason>).
-ERR_PACK() is a macro.
-
-The last entry in the array is {0,0}.
-
-ERR_get_next_error_library() can be used to assign library numbers
-to user libraries at runtime.
-
-=head1 RETURN VALUE
-
-ERR_load_strings() returns no value. ERR_PACK() return the error code.
-ERR_get_next_error_library() returns a new library number.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings() and ERR_PACK() are available in all versions
-of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
-SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_print_errors.pod b/crypto/openssl/doc/crypto/ERR_print_errors.pod
deleted file mode 100644
index b100a5fa2b30..000000000000
--- a/crypto/openssl/doc/crypto/ERR_print_errors.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_print_errors, ERR_print_errors_fp - print error messages
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
-=head1 DESCRIPTION
-
-ERR_print_errors() is a convenience function that prints the error
-strings for all errors that OpenSSL has recorded to B<bp>, thus
-emptying the error queue.
-
-ERR_print_errors_fp() is the same, except that the output goes to a
-B<FILE>.
-
-
-The error strings will have the following format:
-
- [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
-
-I<error code> is an 8 digit hexadecimal number. I<library name>,
-I<function name> and I<reason string> are ASCII text, as is I<optional
-text message> if one was set for the respective error code.
-
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-=head1 RETURN VALUES
-
-ERR_print_errors() and ERR_print_errors_fp() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-
-=head1 HISTORY
-
-ERR_print_errors() and ERR_print_errors_fp()
-are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_put_error.pod b/crypto/openssl/doc/crypto/ERR_put_error.pod
deleted file mode 100644
index acd241fbe476..000000000000
--- a/crypto/openssl/doc/crypto/ERR_put_error.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_put_error, ERR_add_error_data - record an error
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
-         int line);
-
- void ERR_add_error_data(int num, ...);
-
-=head1 DESCRIPTION
-
-ERR_put_error() adds an error code to the thread's error queue. It
-signals that the error of reason code B<reason> occurred in function
-B<func> of library B<lib>, in line number B<line> of B<file>.
-This function is usually called by a macro.
-
-ERR_add_error_data() associates the concatenation of its B<num> string
-arguments with the error code added last.
-
-L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
-error strings so that the application can a generate human-readable
-error messages for the error code.
-
-=head1 RETURN VALUES
-
-ERR_put_error() and ERR_add_error_data() return
-no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_put_error() is available in all versions of SSLeay and OpenSSL.
-ERR_add_error_data() was added in SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ERR_remove_state.pod b/crypto/openssl/doc/crypto/ERR_remove_state.pod
deleted file mode 100644
index 72925fb9f474..000000000000
--- a/crypto/openssl/doc/crypto/ERR_remove_state.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_remove_state - free a thread's error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_remove_state(unsigned long pid);
-
-=head1 DESCRIPTION
-
-ERR_remove_state() frees the error queue associated with thread B<pid>.
-If B<pid> == 0, the current thread will have its error queue removed.
-
-Since error queue data structures are allocated automatically for new
-threads, they must be freed when threads are terminated in order to
-avoid memory leaks.
-
-=head1 RETURN VALUE
-
-ERR_remove_state() returns no value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>
-
-=head1 HISTORY
-
-ERR_remove_state() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_BytesToKey.pod b/crypto/openssl/doc/crypto/EVP_BytesToKey.pod
deleted file mode 100644
index 5ce4add0821c..000000000000
--- a/crypto/openssl/doc/crypto/EVP_BytesToKey.pod
+++ /dev/null
@@ -1,67 +0,0 @@
-=pod
-
-=head1 NAME
-
- EVP_BytesToKey - password based encryption routine
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
-                       const unsigned char *salt,
-                       const unsigned char *data, int datal, int count,
-                       unsigned char *key,unsigned char *iv);
-
-=head1 DESCRIPTION
-
-EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
-the cipher to derive the key and IV for. B<md> is the message digest to use.
-The B<salt> paramter is used as a salt in the derivation: it should point to
-an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
-B<datal> bytes which is used to derive the keying data. B<count> is the
-iteration count to use. The derived key and IV will be written to B<key>
-and B<iv> respectively.
-
-=head1 NOTES
-
-A typical application of this function is to derive keying material for an
-encryption algorithm from a password in the B<data> parameter.
-
-Increasing the B<count> parameter slows down the algorithm which makes it
-harder for an attacker to peform a brute force attack using a large number
-of candidate passwords.
-
-If the total key and IV length is less than the digest length and
-B<MD5> is used then the derivation algorithm is compatible with PKCS#5 v1.5
-otherwise a non standard extension is used to derive the extra data.
-
-Newer applications should use more standard algorithms such as PKCS#5
-v2.0 for key derivation.
-
-=head1 KEY DERIVATION ALGORITHM
-
-The key and IV is derived by concatenating D_1, D_2, etc until
-enough data is available for the key and IV. D_i is defined as:
-
-	D_i = HASH^count(D_(i-1) || data || salt)
-
-where || denotes concatentaion, D_0 is empty, HASH is the digest
-algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
-is HASH(HASH(data)) and so on.
-
-The initial bytes are used for the key and the subsequent bytes for
-the IV.
-
-=head1 RETURN VALUES
-
-EVP_BytesToKey() returns the size of the derived key in bytes.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-
-=head1 HISTORY
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_DigestInit.pod b/crypto/openssl/doc/crypto/EVP_DigestInit.pod
deleted file mode 100644
index 5901c3952660..000000000000
--- a/crypto/openssl/doc/crypto/EVP_DigestInit.pod
+++ /dev/null
@@ -1,256 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
-EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
-EVP_MD_CTX_copy_ex EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
-EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
-EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
-EVP digest routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
- EVP_MD_CTX *EVP_MD_CTX_create(void);
-
- int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
-        unsigned int *s);
-
- int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
- void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-
- int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
- int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
-        unsigned int *s);
-
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);  
-
- #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
-
-
- #define EVP_MD_type(e)			((e)->type)
- #define EVP_MD_pkey_type(e)		((e)->pkey_type)
- #define EVP_MD_size(e)			((e)->md_size)
- #define EVP_MD_block_size(e)		((e)->block_size)
-
- #define EVP_MD_CTX_md(e)		(e)->digest)
- #define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
- #define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
- #define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
-
- const EVP_MD *EVP_md_null(void);
- const EVP_MD *EVP_md2(void);
- const EVP_MD *EVP_md5(void);
- const EVP_MD *EVP_sha(void);
- const EVP_MD *EVP_sha1(void);
- const EVP_MD *EVP_dss(void);
- const EVP_MD *EVP_dss1(void);
- const EVP_MD *EVP_mdc2(void);
- const EVP_MD *EVP_ripemd160(void);
-
- const EVP_MD *EVP_get_digestbyname(const char *name);
- #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
- #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-
-=head1 DESCRIPTION
-
-The EVP digest routines are a high level interface to message digests.
-
-EVP_MD_CTX_init() initializes digest contet B<ctx>.
-
-EVP_MD_CTX_create() allocates, initializes and returns a digest contet.
-
-EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
-function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
-If B<impl> is NULL then the default implementation of digest B<type> is used.
-
-EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
-digest context B<ctx>. This function can be called several times on the
-same B<ctx> to hash additional data.
-
-EVP_DigestFinal_ex() retrieves the digest value from B<ctx> and places
-it in B<md>. If the B<s> parameter is not NULL then the number of
-bytes of data written (i.e. the length of the digest) will be written
-to the integer at B<s>, at most B<EVP_MAX_MD_SIZE> bytes will be written.
-After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate()
-can be made, but EVP_DigestInit_ex() can be called to initialize a new
-digest operation.
-
-EVP_MD_CTX_cleanup() cleans up digest context B<ctx>, it should be called
-after a digest context is no longer needed.
-
-EVP_MD_CTX_destroy() cleans up digest context B<ctx> and frees up the
-space allocated to it, it should be called only on a context created
-using EVP_MD_CTX_create().
-
-EVP_MD_CTX_copy_ex() can be used to copy the message digest state from
-B<in> to B<out>. This is useful if large amounts of data are to be
-hashed which only differ in the last few bytes. B<out> must be initialized
-before calling this function.
-
-EVP_DigestInit() behaves in the same way as EVP_DigestInit_ex() except
-the passed context B<ctx> does not have to be initialized, and it always
-uses the default digest implementation.
-
-EVP_DigestFinal() is similar to EVP_DigestFinal_ex() except the digest
-contet B<ctx> is automatically cleaned up.
-
-EVP_MD_CTX_copy() is similar to EVP_MD_CTX_copy_ex() except the destination
-B<out> does not have to be initialized.
-
-EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest
-when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure, i.e. the size of the
-hash.
-
-EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the
-message digest when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure.
-
-EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER
-representing the given message digest when passed an B<EVP_MD> structure.
-For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
-normally used when setting ASN1 OIDs.
-
-EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
-B<EVP_MD_CTX>.
-
-EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
-with this digest. For example EVP_sha1() is associated with RSA so this will
-return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
-algorithms may not be retained in future versions of OpenSSL.
-
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
-algorithms respectively. The associated signature algorithm is RSA in each case.
-
-EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm.
-
-EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
-returns is of zero length.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return an B<EVP_MD> structure when passed a digest name, a digest NID or
-an ASN1_OBJECT structure respectively. The digest table must be initialized
-using, for example, OpenSSL_add_all_digests() for these functions to work.
-
-=head1 RETURN VALUES
-
-EVP_DigestInit_ex(), EVP_DigestUpdate() and EVP_DigestFinal_ex() return 1 for
-success and 0 for failure.
-
-EVP_MD_CTX_copy_ex() returns 1 if successful or 0 for failure.
-
-EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
-corresponding OBJECT IDENTIFIER or NID_undef if none exists.
-
-EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(),
-EVP_MD_CTX_block_size()	and EVP_MD_block_size() return the digest or block
-size in bytes.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
-corresponding EVP_MD structures.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return either an B<EVP_MD> structure or NULL if an error occurs.
-
-=head1 NOTES
-
-The B<EVP> interface to message digests should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the digest used and much more flexible.
-
-SHA1 is the digest of choice for new applications. The other digest algorithms
-are still in common use.
-
-For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
-set to NULL to use the default digest implementation.
-
-The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are 
-obsolete but are retained to maintain compatibility with existing code. New
-applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and 
-EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
-instead of initializing and cleaning it up on each call and allow non default
-implementations of digests to be specified.
-
-In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
-memory leaks will occur. 
-
-=head1 EXAMPLE
-
-This example digests the data "Test Message\n" and "Hello World\n", using the
-digest name passed on the command line.
-
- #include <stdio.h>
- #include <openssl/evp.h>
-
- main(int argc, char *argv[])
- {
- EVP_MD_CTX mdctx;
- const EVP_MD *md;
- char mess1[] = "Test Message\n";
- char mess2[] = "Hello World\n";
- unsigned char md_value[EVP_MAX_MD_SIZE];
- int md_len, i;
-
- OpenSSL_add_all_digests();
-
- if(!argv[1]) {
- 	printf("Usage: mdtest digestname\n");
-	exit(1);
- }
-
- md = EVP_get_digestbyname(argv[1]);
-
- if(!md) {
- 	printf("Unknown message digest %s\n", argv[1]);
-	exit(1);
- }
-
- EVP_MD_CTX_init(&mdctx);
- EVP_DigestInit_ex(&mdctx, md, NULL);
- EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
- EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
- EVP_MD_CTX_cleanup(&mdctx);
-
- printf("Digest is: ");
- for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
- printf("\n");
- }
-
-=head1 BUGS
-
-The link between digests and signing algorithms results in a situation where
-EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS
-even though they are identical digests.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
-EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
-and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
-EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
-changed to return truely const EVP_MD * in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_EncryptInit.pod b/crypto/openssl/doc/crypto/EVP_EncryptInit.pod
deleted file mode 100644
index daf57e5895f1..000000000000
--- a/crypto/openssl/doc/crypto/EVP_EncryptInit.pod
+++ /dev/null
@@ -1,509 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_CIPHER_CTX_init, EVP_EncryptInit_ex, EVP_EncryptUpdate,
-EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate,
-EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate,
-EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length,
-EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX_cleanup, EVP_EncryptInit,
-EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal,
-EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname,
-EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid,
-EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length,
-EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher,
-EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length,
-EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data,
-EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags,
-EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param,
-EVP_CIPHER_CTX_set_padding - EVP cipher routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-
- int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
- int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
- int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
- int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);
- int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
- int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
- int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
- int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv, int enc);
- int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
- int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
- int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
- int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-
- const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
- #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
- #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
- #define EVP_CIPHER_nid(e)		((e)->nid)
- #define EVP_CIPHER_block_size(e)	((e)->block_size)
- #define EVP_CIPHER_key_length(e)	((e)->key_len)
- #define EVP_CIPHER_iv_length(e)		((e)->iv_len)
- #define EVP_CIPHER_flags(e)		((e)->flags)
- #define EVP_CIPHER_mode(e)		((e)->flags) & EVP_CIPH_MODE)
- int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
- #define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
- #define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
- #define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
- #define EVP_CIPHER_CTX_key_length(e)	((e)->key_len)
- #define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
- #define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
- #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
- #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
- #define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
- #define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
-
- int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
- int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-=head1 DESCRIPTION
-
-The EVP cipher routines are a high level interface to certain
-symmetric ciphers.
-
-EVP_CIPHER_CTX_init() initializes cipher contex B<ctx>.
-
-EVP_EncryptInit_ex() sets up cipher context B<ctx> for encryption
-with cipher B<type> from ENGINE B<impl>. B<ctx> must be initialized
-before calling this function. B<type> is normally supplied
-by a function such as EVP_des_cbc(). If B<impl> is NULL then the
-default implementation is used. B<key> is the symmetric key to use
-and B<iv> is the IV to use (if necessary), the actual number of bytes
-used for the key and IV depends on the cipher. It is possible to set
-all parameters to NULL except B<type> in an initial call and supply
-the remaining parameters in subsequent calls, all of which have B<type>
-set to NULL. This is done when the default cipher parameters are not
-appropriate.
-
-EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
-writes the encrypted version to B<out>. This function can be called
-multiple times to encrypt successive blocks of data. The amount
-of data written depends on the block alignment of the encrypted data:
-as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
-room. The actual number of bytes written is placed in B<outl>.
-
-If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts
-the "final" data, that is any data that remains in a partial block.
-It uses L<standard block padding|/NOTES> (aka PKCS padding). The encrypted
-final data is written to B<out> which should have sufficient space for
-one cipher block. The number of bytes written is placed in B<outl>. After
-this function is called the encryption operation is finished and no further
-calls to EVP_EncryptUpdate() should be made.
-
-If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more
-data and it will return an error if any data remains in a partial block:
-that is if the total data length is not a multiple of the block size. 
-
-EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the
-corresponding decryption operations. EVP_DecryptFinal() will return an
-error code if padding is enabled and the final block is not correctly
-formatted. The parameters and restrictions are identical to the encryption
-operations except that if padding is enabled the decrypted data buffer B<out>
-passed to EVP_DecryptUpdate() should have sufficient room for
-(B<inl> + cipher_block_size) bytes unless the cipher block size is 1 in
-which case B<inl> bytes is sufficient.
-
-EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are
-functions that can be used for decryption or encryption. The operation
-performed depends on the value of the B<enc> parameter. It should be set
-to 1 for encryption, 0 for decryption and -1 to leave the value unchanged
-(the actual value of 'enc' being supplied in a previous call).
-
-EVP_CIPHER_CTX_cleanup() clears all information from a cipher context
-and free up any allocated memory associate with it. It should be called
-after all operations using a cipher are complete so sensitive information
-does not remain in memory.
-
-EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a
-similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex and
-EVP_CipherInit_ex() except the B<ctx> paramter does not need to be
-initialized and they always use the default cipher implementation.
-
-EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
-similar way to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and
-EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up 
-after the call.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an EVP_CIPHER structure when passed a cipher name, a NID or an
-ASN1_OBJECT structure.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when
-passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX> structure.  The actual NID
-value is an internal value which may not have a corresponding OBJECT
-IDENTIFIER.
-
-EVP_CIPHER_CTX_set_padding() enables or disables padding. By default
-encryption operations are padded using standard block padding and the
-padding is checked and removed when decrypting. If the B<pad> parameter
-is zero then no padding is performed, the total amount of data encrypted
-or decrypted must then be a multiple of the block size or an error will
-occur.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_KEY_LENGTH> is the maximum key length
-for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a
-given cipher, the value of EVP_CIPHER_CTX_key_length() may be different
-for variable key length ciphers.
-
-EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx.
-If the cipher is a fixed length cipher then attempting to set the key
-length to any value other than the fixed value is an error.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>.
-It will return zero if the cipher does not use an IV.  The constant
-B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_IV_LENGTH> is also the maximum block
-length for all ciphers.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
-cipher or context. This "type" is the actual NID of the cipher OBJECT
-IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
-128 bit RC2 have the same NID. If the cipher does not have an object
-identifier or does not have ASN1 support this function will return
-B<NID_undef>.
-
-EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
-an B<EVP_CIPHER_CTX> structure.
-
-EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode:
-EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or
-EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then
-EVP_CIPH_STREAM_CIPHER is returned.
-
-EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based
-on the passed cipher. This will typically include any parameters and an
-IV. The cipher IV (if any) must be set when this call is made. This call
-should be made before the cipher is actually "used" (before any
-EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function
-may fail if the cipher does not have any ASN1 support.
-
-EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1
-AlgorithmIdentifier "parameter". The precise effect depends on the cipher
-In the case of RC2, for example, it will set the IV and effective key length.
-This function should be called after the base cipher type is set but before
-the key is set. For example EVP_CipherInit() will be called with the IV and
-key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally
-EVP_CipherInit() again with all parameters except the key set to NULL. It is
-possible for this function to fail if the cipher does not have any ASN1 support
-or the parameters cannot be set (for example the RC2 effective key length
-is not supported.
-
-EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined
-and set. Currently only the RC2 effective key length and the number of rounds of
-RC5 can be set.
-
-=head1 RETURN VALUES
-
-EVP_CIPHER_CTX_init, EVP_EncryptInit_ex(), EVP_EncryptUpdate() and
-EVP_EncryptFinal_ex() return 1 for success and 0 for failure.
-
-EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
-EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
-
-EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure.
-EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.
-
-EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an B<EVP_CIPHER> structure or NULL on error.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length.
-
-EVP_CIPHER_CTX_set_padding() always returns 1.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length or zero if the cipher does not use an IV.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
-OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
-
-EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
-
-EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for 
-success or zero for failure.
-
-=head1 CIPHER LISTING
-
-All algorithms have a fixed key length unless otherwise stated.
-
-=over 4
-
-=item EVP_enc_null()
-
-Null cipher: does nothing.
-
-=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
-
-DES in CBC, ECB, CFB and OFB modes respectively. 
-
-=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void),  EVP_des_ede_cfb(void)
-
-Two key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void),  EVP_des_ede3_cfb(void)
-
-Three key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_desx_cbc(void)
-
-DESX algorithm in CBC mode.
-
-=item EVP_rc4(void)
-
-RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
-
-=item EVP_rc4_40(void)
-
-RC4 stream cipher with 40 bit key length. This is obsolete and new code should use EVP_rc4()
-and the EVP_CIPHER_CTX_set_key_length() function.
-
-=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)
-
-IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)
-
-RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher with an additional parameter called "effective key bits" or "effective key length".
-By default both are set to 128 bits.
-
-=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)
-
-RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.
-These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and
-EVP_CIPHER_CTX_ctrl() to set the key length and effective key length.
-
-=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);
-
-Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher.
-
-=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)
-
-CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher.
-
-=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)
-
-RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length
-cipher with an additional "number of rounds" parameter. By default the key length is set to 128
-bits and 12 rounds.
-
-=back
-
-=head1 NOTES
-
-Where possible the B<EVP> interface to symmetric ciphers should be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the cipher used and much more flexible.
-
-PKCS padding works by adding B<n> padding bytes of value B<n> to make the total 
-length of the encrypted data a multiple of the block size. Padding is always
-added so if the data is already a multiple of the block size B<n> will equal
-the block size. For example if the block size is 8 and 11 bytes are to be
-encrypted then 5 padding bytes of value 5 will be added.
-
-When decrypting the final block is checked to see if it has the correct form.
-
-Although the decryption operation can produce an error if padding is enabled,
-it is not a strong test that the input data or key is correct. A random block
-has better than 1 in 256 chance of being of the correct format and problems with
-the input data earlier on will not produce a final decrypt error.
-
-If padding is disabled then the decryption operation will always succeed if
-the total amount of data decrypted is a multiple of the block size.
-
-The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(),
-EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for
-compatibility with existing code. New code should use EVP_EncryptInit_ex(),
-EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(),
-EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an
-existing context without allocating and freeing it up on each call.
-
-=head1 BUGS
-
-For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is
-a limitation of the current RC5 code rather than the EVP interface.
-
-EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
-default key lengths. If custom ciphers exceed these values the results are
-unpredictable. This is because it has become standard practice to define a 
-generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
-
-The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
-for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
-
-=head1 EXAMPLES
-
-Get the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &nrounds);
-
-Get the RC2 effective key length:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &key_bits);
-
-Set the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, nrounds, NULL);
-
-Set the effective key length used in RC2:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-
-Encrypt a string using blowfish:
-
- int do_crypt(char *outfile)
- 	{
-	unsigned char outbuf[1024];
-	int outlen, tmplen;
-	/* Bogus key and IV: we'd normally set these from
-	 * another source.
-	 */
-	unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
-	unsigned char iv[] = {1,2,3,4,5,6,7,8};
-	char intext[] = "Some Crypto Text";
-	EVP_CIPHER_CTX ctx;
-	FILE *out;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv);
-
-	if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext)))
-		{
-		/* Error */
-		return 0;
-		}
-	/* Buffer passed to EVP_EncryptFinal() must be after data just
-	 * encrypted to avoid overwriting it.
-	 */
-	if(!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen))
-		{
-		/* Error */
-		return 0;
-		}
-	outlen += tmplen;
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	/* Need binary mode for fopen because encrypted data is
-	 * binary data. Also cannot use strlen() on it because
-         * it wont be null terminated and may contain embedded
-	 * nulls.
-	 */
-	out = fopen(outfile, "wb");
-	fwrite(outbuf, 1, outlen, out);
-	fclose(out);
-	return 1;
-	}
-
-The ciphertext from the above example can be decrypted using the B<openssl>
-utility with the command line:
- 
- S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
-
-General encryption, decryption function example using FILE I/O and RC2 with an
-80 bit key:
-
- int do_crypt(FILE *in, FILE *out, int do_encrypt)
- 	{
-	/* Allow enough space in output buffer for additional block */
-	inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
-	int inlen, outlen;
-	/* Bogus key and IV: we'd normally set these from
-	 * another source.
-	 */
-	unsigned char key[] = "0123456789";
-	unsigned char iv[] = "12345678";
-	/* Don't set key or IV because we will modify the parameters */
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_CipherInit_ex(&ctx, EVP_rc2(), NULL, NULL, NULL, do_encrypt);
-	EVP_CIPHER_CTX_set_key_length(&ctx, 10);
-	/* We finished modifying parameters so now we can set key and IV */
-	EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
-
-	for(;;) 
-		{
-		inlen = fread(inbuf, 1, 1024, in);
-		if(inlen <= 0) break;
-		if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
-			{
-			/* Error */
-			return 0;
-			}
-		fwrite(outbuf, 1, outlen, out);
-		}
-	if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
-		{
-		/* Error */
-		return 0;
-		}
-	fwrite(outbuf, 1, outlen, out);
-
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return 1;
-	}
-
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>
-
-=head1 HISTORY
-
-EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(),
-EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(),
-EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
-OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_OpenInit.pod b/crypto/openssl/doc/crypto/EVP_OpenInit.pod
deleted file mode 100644
index 2e710da945b0..000000000000
--- a/crypto/openssl/doc/crypto/EVP_OpenInit.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
-		int ekl,unsigned char *iv,EVP_PKEY *priv);
- int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-decryption. They decrypt a public key encrypted symmetric key and
-then decrypt data using it.
-
-EVP_OpenInit() initializes a cipher context B<ctx> for decryption
-with cipher B<type>. It decrypts the encrypted symmetric key of length
-B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
-The IV is supplied in the B<iv> parameter.
-
-EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as 
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
-
-=head1 NOTES
-
-It is possible to call EVP_OpenInit() twice in the same way as
-EVP_DecryptInit(). The first call should have B<priv> set to NULL
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-If the cipher passed in the B<type> parameter is a variable length
-cipher then the key length will be set to the value of the recovered
-key length. If the cipher is a fixed length cipher then the recovered
-key length must match the fixed cipher length.
-
-=head1 RETURN VALUES
-
-EVP_OpenInit() returns 0 on error or a non zero integer (actually the
-recovered secret key size) if successful.
-
-EVP_OpenUpdate() returns 1 for success or 0 for failure.
-
-EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_PKEY_new.pod b/crypto/openssl/doc/crypto/EVP_PKEY_new.pod
deleted file mode 100644
index 10687e458db2..000000000000
--- a/crypto/openssl/doc/crypto/EVP_PKEY_new.pod
+++ /dev/null
@@ -1,47 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_new, EVP_PKEY_free - private key allocation functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- EVP_PKEY *EVP_PKEY_new(void);
- void EVP_PKEY_free(EVP_PKEY *key);
-
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_new() function allocates an empty B<EVP_PKEY> 
-structure which is used by OpenSSL to store private keys.
-
-EVP_PKEY_free() frees up the private key B<key>.
-
-=head1 NOTES
-
-The B<EVP_PKEY> structure is used by various OpenSSL functions
-which require a general private key without reference to any
-particular algorithm.
-
-The structure returned by EVP_PKEY_new() is empty. To add a
-private key to this empty structure the functions described in
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> should be used.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_new() returns either the newly allocated B<EVP_PKEY>
-structure of B<NULL> if an error occurred.
-
-EVP_PKEY_free() does not return a value.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod b/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
deleted file mode 100644
index 2db692e2719e..000000000000
--- a/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
+++ /dev/null
@@ -1,80 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
-EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
-EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY,
-EVP_PKEY_type - EVP_PKEY assignment functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
-
- RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
- DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
- DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
- EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-
- int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
-
- int EVP_PKEY_type(int type);
-
-=head1 DESCRIPTION
-
-EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
-EVP_PKEY_set1_EC_KEY() set the key referenced by B<pkey> to B<key>.
-
-EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
-B<NULL> if the key is not of the correct type.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-and EVP_PKEY_assign_EC_KEY() also set the referenced key to B<key>
-however these use the supplied B<key> internally and so B<key>
-will be freed when the parent B<pkey> is freed.
-
-EVP_PKEY_type() returns the type of key corresponding to the value
-B<type>. The type of a key can be obtained with
-EVP_PKEY_type(pkey->type). The return value will be EVP_PKEY_RSA,
-EVP_PKEY_DSA, EVP_PKEY_DH or EVP_PKEY_EC for the corresponding
-key types or NID_undef if the key type is unassigned.
-
-=head1 NOTES
-
-In accordance with the OpenSSL naming convention the key obtained
-from or assigned to the B<pkey> using the B<1> functions must be
-freed as well as B<pkey>.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-EVP_PKEY_assign_EC_KEY() are implemented as macros.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
-EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
-
-EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if 
-an error occurred.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_SealInit.pod b/crypto/openssl/doc/crypto/EVP_SealInit.pod
deleted file mode 100644
index b5e477e29421..000000000000
--- a/crypto/openssl/doc/crypto/EVP_SealInit.pod
+++ /dev/null
@@ -1,84 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
-		int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
- int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-encryption. They generate a random key and IV (if required) then
-"envelope" it by using public key encryption. Data can then be
-encrypted using this key.
-
-EVP_SealInit() initializes a cipher context B<ctx> for encryption
-with cipher B<type> using a random secret key and IV. B<type> is normally
-supplied by a function such as EVP_des_cbc(). The secret key is encrypted
-using one or more public keys, this allows the same encrypted data to be
-decrypted using any of the corresponding private keys. B<ek> is an array of
-buffers where the public key encrypted secret key will be written, each buffer
-must contain enough room for the corresponding encrypted key: that is
-B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
-size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
-an array of B<npubk> public keys.
-
-The B<iv> parameter is a buffer where the generated IV is written to. It must
-contain enough room for the corresponding cipher's IV, as determined by (for
-example) EVP_CIPHER_iv_length(type).
-
-If the cipher does not require an IV then the B<iv> parameter is ignored
-and can be B<NULL>.
-
-EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as 
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page. 
-
-=head1 RETURN VALUES
-
-EVP_SealInit() returns 0 on error or B<npubk> if successful.
-
-EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
-failure.
-
-=head1 NOTES
-
-Because a random secret key is generated the random number generator
-must be seeded before calling EVP_SealInit().
-
-The public key must be RSA because it is the only OpenSSL public key
-algorithm that supports key transport.
-
-Envelope encryption is the usual method of using public key encryption
-on large amounts of data, this is because public key encryption is slow
-but symmetric encryption is fast. So symmetric encryption is used for
-bulk encryption and the small random symmetric key used is transferred
-using public key encryption.
-
-It is possible to call EVP_SealInit() twice in the same way as
-EVP_EncryptInit(). The first call should have B<npubk> set to 0
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>
-
-=head1 HISTORY
-
-EVP_SealFinal() did not return a value before OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_SignInit.pod b/crypto/openssl/doc/crypto/EVP_SignInit.pod
deleted file mode 100644
index b203c3a1c550..000000000000
--- a/crypto/openssl/doc/crypto/EVP_SignInit.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
-
- void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-
- int EVP_PKEY_size(EVP_PKEY *pkey);
-
-=head1 DESCRIPTION
-
-The EVP signature routines are a high level interface to digital
-signatures.
-
-EVP_SignInit_ex() sets up signing context B<ctx> to use digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized with
-EVP_MD_CTX_init() before calling this function.
-
-EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
-signature context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey>
-and places the signature in B<sig>. If the B<s> parameter is not NULL
-then the number of bytes of data written (i.e. the length of the signature)
-will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
-will be written. 
-
-EVP_SignInit() initializes a signing context B<ctx> to use the default
-implementation of digest B<type>.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
-signature returned by EVP_SignFinal() may be smaller.
-
-=head1 RETURN VALUES
-
-EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
-for success and 0 for failure.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-When signing with DSA private keys the random number generator must be seeded
-or the operation will fail. The random number generator does not need to be
-seeded for RSA signatures.
-
-The call to EVP_SignFinal() internally finalizes a copy of the digest context.
-This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
-later to digest and sign additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-=head1 BUGS
-
-Older versions of this documentation wrongly stated that calls to 
-EVP_SignUpdate() could not be made after calling EVP_SignFinal().
-
-=head1 SEE ALSO
-
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_SignInit_ex() was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/EVP_VerifyInit.pod b/crypto/openssl/doc/crypto/EVP_VerifyInit.pod
deleted file mode 100644
index b6afaedee5bf..000000000000
--- a/crypto/openssl/doc/crypto/EVP_VerifyInit.pod
+++ /dev/null
@@ -1,86 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
-
- int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-
-=head1 DESCRIPTION
-
-The EVP signature verification routines are a high level interface to digital
-signatures.
-
-EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized by calling
-EVP_MD_CTX_init() before calling this function.
-
-EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
-verification context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
-and against the B<siglen> bytes at B<sigbuf>.
-
-EVP_VerifyInit() initializes verification context B<ctx> to use the default
-implementation of digest B<type>.
-
-=head1 RETURN VALUES
-
-EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
-failure.
-
-EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
-other error occurred.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
-This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called
-later to digest and verify additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-=head1 BUGS
-
-Older versions of this documentation wrongly stated that calls to 
-EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_VerifyInit_ex() was added in OpenSSL 0.9.7
-
-=cut
diff --git a/crypto/openssl/doc/crypto/OBJ_nid2obj.pod b/crypto/openssl/doc/crypto/OBJ_nid2obj.pod
deleted file mode 100644
index 7dcc07923ff9..000000000000
--- a/crypto/openssl/doc/crypto/OBJ_nid2obj.pod
+++ /dev/null
@@ -1,149 +0,0 @@
-=pod
-
-=head1 NAME
-
-OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid,
-OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility
-functions
-
-=head1 SYNOPSIS
-
- ASN1_OBJECT * OBJ_nid2obj(int n);
- const char *  OBJ_nid2ln(int n);
- const char *  OBJ_nid2sn(int n);
-
- int OBJ_obj2nid(const ASN1_OBJECT *o);
- int OBJ_ln2nid(const char *ln);
- int OBJ_sn2nid(const char *sn);
-
- int OBJ_txt2nid(const char *s);
-
- ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
- int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-
- int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
- ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
-
- int OBJ_create(const char *oid,const char *sn,const char *ln);
- void OBJ_cleanup(void);
-
-=head1 DESCRIPTION
-
-The ASN1 object utility functions process ASN1_OBJECT structures which are
-a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
-
-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to 
-an ASN1_OBJECT structure, its long name and its short name respectively,
-or B<NULL> is an error occurred.
-
-OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID
-for the object B<o>, the long name <ln> or the short name <sn> respectively
-or NID_undef if an error occurred.
-
-OBJ_txt2nid() returns NID corresponding to text string <s>. B<s> can be
-a long name, a short name or the numerical respresentation of an object.
-
-OBJ_txt2obj() converts the text string B<s> into an ASN1_OBJECT structure.
-If B<no_name> is 0 then long names and short names will be interpreted
-as well as numerical forms. If B<no_name> is 1 only the numerical form
-is acceptable.
-
-OBJ_obj2txt() converts the B<ASN1_OBJECT> B<a> into a textual representation.
-The representation is written as a null terminated string to B<buf>
-at most B<buf_len> bytes are written, truncating the result if necessary.
-The total amount of space required is returned. If B<no_name> is 0 then
-if the object has a long or short name then that will be used, otherwise
-the numerical form will be used. If B<no_name> is 1 then the numerical
-form will always be used.
-
-OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
-
-OBJ_dup() returns a copy of B<o>.
-
-OBJ_create() adds a new object to the internal table. B<oid> is the 
-numerical form of the object, B<sn> the short name and B<ln> the
-long name. A new NID is returned for the created object.
-
-OBJ_cleanup() cleans up OpenSSLs internal object table: this should
-be called before an application exits if any new objects were added
-using OBJ_create().
-
-=head1 NOTES
-
-Objects in OpenSSL can have a short name, a long name and a numerical
-identifier (NID) associated with them. A standard set of objects is
-represented in an internal table. The appropriate values are defined
-in the header file B<objects.h>.
-
-For example the OID for commonName has the following definitions:
-
- #define SN_commonName                   "CN"
- #define LN_commonName                   "commonName"
- #define NID_commonName                  13
-
-New objects can be added by calling OBJ_create().
-
-Table objects have certain advantages over other objects: for example
-their NIDs can be used in a C language switch statement. They are
-also static constant structures which are shared: that is there
-is only a single constant structure for each table object.
-
-Objects which are not in the table have the NID value NID_undef.
-
-Objects do not need to be in the internal tables to be processed,
-the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
-form of an OID.
-
-=head1 EXAMPLES
-
-Create an object for B<commonName>:
-
- ASN1_OBJECT *o;
- o = OBJ_nid2obj(NID_commonName);
-
-Check if an object is B<commonName>
-
- if (OBJ_obj2nid(obj) == NID_commonName)
-	/* Do something */
-
-Create a new NID and initialize an object from it:
-
- int new_nid;
- ASN1_OBJECT *obj;
- new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
-
- obj = OBJ_nid2obj(new_nid);
- 
-Create a new object directly:
-
- obj = OBJ_txt2obj("1.2.3.4", 1);
-
-=head1 BUGS
-
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the 
-convention of other OpenSSL functions where the buffer can be set
-to B<NULL> to determine the amount of data that should be written.
-Instead B<buf> must point to a valid buffer and B<buf_len> should
-be set to a positive value. A buffer length of 80 should be more
-than enough to handle any OID encountered in practice.
-
-=head1 RETURN VALUES
-
-OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
-error occurred.
-
-OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
-on error.
-
-OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
-a NID or B<NID_undef> on error.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/crypto/openssl/doc/crypto/OPENSSL_VERSION_NUMBER.pod
deleted file mode 100644
index c39ac35e78ae..000000000000
--- a/crypto/openssl/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_VERSION_NUMBER, SSLeay, SSLeay_version - get OpenSSL version number
-
-=head1 SYNOPSIS
-
- #include <openssl/opensslv.h>
- #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
-
- #include <openssl/crypto.h>
- long SSLeay(void);
- const char *SSLeay_version(int t);
-
-=head1 DESCRIPTION
-
-OPENSSL_VERSION_NUMBER is a numeric release version identifier:
-
- MMNNFFPPS: major minor fix patch status
-
-The status nibble has one of the values 0 for development, 1 to e for betas
-1 to 14, and f for release.
-
-for example
-
- 0x000906000 == 0.9.6 dev
- 0x000906023 == 0.9.6b beta 3
- 0x00090605f == 0.9.6e release
-
-Versions prior to 0.9.3 have identifiers E<lt> 0x0930.
-Versions between 0.9.3 and 0.9.5 had a version identifier with this
-interpretation:
-
- MMNNFFRBB major minor fix final beta/patch
-
-for example
-
- 0x000904100 == 0.9.4 release
- 0x000905000 == 0.9.5 dev
-
-Version 0.9.5a had an interim interpretation that is like the current one,
-except the patch level got the highest bit set, to keep continuity.  The
-number was therefore 0x0090581f.
-
-
-For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
-
-SSLeay() returns this number. The return value can be compared to the
-macro to make sure that the correct version of the library has been
-loaded, especially when using DLLs on Windows systems.
-
-SSLeay_version() returns different strings depending on B<t>:
-
-=over 4
-
-=item SSLEAY_VERSION
-
-The text variant of the version number and the release date.  For example,
-"OpenSSL 0.9.5a 1 Apr 2000".
-
-=item SSLEAY_CFLAGS
-
-The compiler flags set for the compilation process in the form
-"compiler: ..."  if available or "compiler: information not available"
-otherwise.
-
-=item SSLEAY_BUILT_ON
-
-The date of the build process in the form "built on: ..." if available
-or "built on: date not available" otherwise.
-
-=item SSLEAY_PLATFORM
-
-The "Configure" target of the library build in the form "platform: ..."
-if available or "platform: information not available" otherwise.
-
-=item SSLEAY_DIR
-
-The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
-if available or "OPENSSLDIR: N/A" otherwise.
-
-=back
-
-For an unknown B<t>, the text "not available" is returned.
-
-=head1 RETURN VALUE
-
-The version number.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL.
-OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/OpenSSL_add_all_algorithms.pod b/crypto/openssl/doc/crypto/OpenSSL_add_all_algorithms.pod
deleted file mode 100644
index 486c90343078..000000000000
--- a/crypto/openssl/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests -
-add algorithms to internal table
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void OpenSSL_add_all_algorithms(void);
- void OpenSSL_add_all_ciphers(void);
- void OpenSSL_add_all_digests(void);
-
- void EVP_cleanup(void);
-
-=head1 DESCRIPTION
-
-OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
-this table to lookup ciphers via functions such as EVP_get_cipher_byname().
-
-OpenSSL_add_all_digests() adds all digest algorithms to the table.
-
-OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
-ciphers).
-
-OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
-password based encryption algorithms.
-
-EVP_cleanup() removes all ciphers and digests from the table.
-
-=head1 RETURN VALUES
-
-None of the functions return a value.
-
-=head1 NOTES
-
-A typical application will will call OpenSSL_add_all_algorithms() initially and
-EVP_cleanup() before exiting.
-
-An application does not need to add algorithms to use them explicitly, for example
-by EVP_sha1(). It just needs to add them if it (or any of the functions it calls)
-needs to lookup algorithms.
-
-The cipher and digest lookup functions are used in many parts of the library. If
-the table is not initialized several functions will misbehave and complain they
-cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries.
-This is a common query in the OpenSSL mailing lists.
-
-Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
-statically linked executable can be quite large. If this is important it is possible
-to just add the required ciphers and digests.
-
-=head1 BUGS
-
-Although the functions do not return error codes it is possible for them to fail.
-This will only happen as a result of a memory allocation failure so this is not
-too much of a problem in practice.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS12_create.pod b/crypto/openssl/doc/crypto/PKCS12_create.pod
deleted file mode 100644
index 48f3bb8cb8ef..000000000000
--- a/crypto/openssl/doc/crypto/PKCS12_create.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS12_create - create a PKCS#12 structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs12.h>
-
- PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca,
-				int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
-
-=head1 DESCRIPTION
-
-PKCS12_create() creates a PKCS#12 structure.
-
-B<pass> is the passphrase to use. B<name> is the B<friendlyName> to use for
-the supplied certifictate and key. B<pkey> is the private key to include in
-the structure and B<cert> its corresponding certificates. B<ca>, if not B<NULL>
-is an optional set of certificates to also include in the structure.
-
-B<nid_key> and B<nid_cert> are the encryption algorithms that should be used
-for the key and certificate respectively. B<iter> is the encryption algorithm
-iteration count to use and B<mac_iter> is the MAC iteration count to use.
-B<keytype> is the type of key.
-
-=head1 NOTES
-
-The parameters B<nid_key>, B<nid_cert>, B<iter>, B<mac_iter> and B<keytype>
-can all be set to zero and sensible defaults will be used.
-
-These defaults are: 40 bit RC2 encryption for certificates, triple DES
-encryption for private keys, a key iteration count of PKCS12_DEFAULT_ITER
-(currently 2048) and a MAC iteration count of 1.
-
-The default MAC iteration count is 1 in order to retain compatibility with
-old software which did not interpret MAC iteration counts. If such compatibility
-is not required then B<mac_iter> should be set to PKCS12_DEFAULT_ITER.
-
-B<keytype> adds a flag to the store private key. This is a non standard extension
-that is only currently interpreted by MSIE. If set to zero the flag is omitted,
-if set to B<KEY_SIG> the key can be used for signing only, if set to B<KEY_EX>
-it can be used for signing and encryption. This option was useful for old
-export grade software which could use signing only keys of arbitrary size but
-had restrictions on the permissible sizes of keys which could be used for
-encryption.
-
-=head1 SEE ALSO
-
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
-
-=head1 HISTORY
-
-PKCS12_create was added in OpenSSL 0.9.3
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS12_parse.pod b/crypto/openssl/doc/crypto/PKCS12_parse.pod
deleted file mode 100644
index 51344f883a9b..000000000000
--- a/crypto/openssl/doc/crypto/PKCS12_parse.pod
+++ /dev/null
@@ -1,50 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS12_parse - parse a PKCS#12 structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs12.h>
-
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
-
-=head1 DESCRIPTION
-
-PKCS12_parse() parses a PKCS12 structure.
-
-B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use.
-If successful the private key will be written to B<*pkey>, the corresponding
-certificate to B<*cert> and any additional certificates to B<*ca>.
-
-=head1 NOTES
-
-The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL>
-in which case additional certificates will be discarded. B<*ca> can also
-be a valid STACK in which case additional certificates are appended to
-B<*ca>. If B<*ca> is B<NULL> a new STACK will be allocated.
-
-The B<friendlyName> and B<localKeyID> attributes (if present) on each certificate
-will be stored in the B<alias> and B<keyid> attributes of the B<X509> structure.
-
-=head1 BUGS
-
-Only a single private key and corresponding certificate is returned by this function.
-More complex PKCS#12 files with multiple private keys will only return the first
-match.
-
-Only B<friendlyName> and B<localKeyID> attributes are currently stored in certificates.
-Other attributes are discarded.
-
-Attributes currently cannot be store in the private key B<EVP_PKEY> structure.
-
-=head1 SEE ALSO
-
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
-
-=head1 HISTORY
-
-PKCS12_parse was added in OpenSSL 0.9.3
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS7_decrypt.pod b/crypto/openssl/doc/crypto/PKCS7_decrypt.pod
deleted file mode 100644
index b0ca067b8922..000000000000
--- a/crypto/openssl/doc/crypto/PKCS7_decrypt.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
-
-=head1 SYNOPSIS
-
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
-structure. B<pkey> is the private key of the recipient, B<cert> is the
-recipients certificate, B<data> is a BIO to write the content to and
-B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
-function or errors about unknown algorithms will occur.
-
-Although the recipients certificate is not needed to decrypt the data it is needed
-to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
-
-The following flags can be passed in the B<flags> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
-from the content. If the content is not of type B<text/plain> then an error is
-returned.
-
-=head1 RETURN VALUES
-
-PKCS7_decrypt() returns either 1 for success or 0 for failure.
-The error can be obtained from ERR_get_error(3)
-
-=head1 BUGS
-
-PKCS7_decrypt() must be passed the correct recipient key and certificate. It would
-be better if it could look up the correct key and certificate from a database.
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-
-=head1 HISTORY
-
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS7_encrypt.pod b/crypto/openssl/doc/crypto/PKCS7_encrypt.pod
deleted file mode 100644
index 1a507b22a29b..000000000000
--- a/crypto/openssl/doc/crypto/PKCS7_encrypt.pod
+++ /dev/null
@@ -1,65 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_encrypt - create a PKCS#7 envelopedData structure
-
-=head1 SYNOPSIS
-
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. B<certs>
-is a list of recipient certificates. B<in> is the content to be encrypted.
-B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates
-supplied to this function must all contain RSA public keys, though they do not have to
-be signed using the RSA algorithm.
-
-EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because
-most clients will support it.
-
-Some old "export grade" clients may only support weak encryption using 40 or 64 bit
-RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.
-
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
-parameters. 
-
-Many browsers implement a "sign and encrypt" option which is simply an S/MIME 
-envelopedData containing an S/MIME signed message. This can be readily produced
-by storing the S/MIME signed message in a memory BIO and passing it to
-PKCS7_encrypt().
-
-The following flags can be passed in the B<flags> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
-to the data.
-
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it. If B<PKCS7_BINARY> is set then B<PKCS7_TEXT> is ignored.
-
-=head1 RETURN VALUES
-
-PKCS7_encrypt() returns either a valid PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
-
-=head1 BUGS
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS7_sign.pod b/crypto/openssl/doc/crypto/PKCS7_sign.pod
deleted file mode 100644
index fc7e649b341c..000000000000
--- a/crypto/openssl/doc/crypto/PKCS7_sign.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_sign - create a PKCS#7 signedData structure
-
-=head1 SYNOPSIS
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert>
-is the certificate to sign with, B<pkey> is the corresponsding private key.
-B<certs> is an optional additional set of certificates to include in the
-PKCS#7 structure (for example any intermediate CAs in the chain). 
-
-The data to be signed is read from BIO B<data>.
-
-B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-Any of the following flags (ored together) can be passed in the B<flags> parameter.
-
-Many S/MIME clients expect the signed content to include valid MIME headers. If
-the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
-to the data.
-
-If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the B<signcert>
-parameter though. This can reduce the size of the signature if the signers certificate
-can be obtained by other means: for example a previously signed message.
-
-The data being signed is included in the PKCS7 structure, unless B<PKCS7_DETACHED> 
-is set in which case it is omitted. This is used for PKCS7 detached signatures
-which are used in S/MIME plaintext signed messages for example.
-
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it.
-
-The signedData structure includes several PKCS#7 autenticatedAttributes including
-the signing time, the PKCS#7 content type and the supported list of ciphers in
-an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no authenticatedAttributes
-will be used. If B<PKCS7_NOSMIMECAP> is set then just the SMIMECapabilities are
-omitted.
-
-If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any
-of these algorithms is disabled then it will not be included.
-
-=head1 BUGS
-
-PKCS7_sign() is somewhat limited. It does not support multiple signers, some
-advanced attributes such as counter signatures are not supported.
-
-The SHA1 digest algorithm is currently always used.
-
-When the signed data is not detached it will be stored in memory within the
-B<PKCS7> structure. This effectively limits the size of messages which can be
-signed due to memory restraints. There should be a way to sign data without
-having to hold it all in memory, this would however require fairly major
-revisions of the OpenSSL ASN1 code.
-
-Clear text signing does not store the content in memory but the way PKCS7_sign()
-operates means that two passes of the data must typically be made: one to compute
-the signatures and a second to output the data along with the signature. There
-should be a way to process the data with only a single pass.
-
-=head1 RETURN VALUES
-
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
-
-=head1 HISTORY
-
-PKCS7_sign() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/PKCS7_verify.pod b/crypto/openssl/doc/crypto/PKCS7_verify.pod
deleted file mode 100644
index 07c9fdad4021..000000000000
--- a/crypto/openssl/doc/crypto/PKCS7_verify.pod
+++ /dev/null
@@ -1,116 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_verify - verify a PKCS#7 signedData structure
-
-=head1 SYNOPSIS
-
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
-
-int PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
-structure to verify. B<certs> is a set of certificates in which to search for
-the signer's certificate. B<store> is a trusted certficate store (used for
-chain verification). B<indata> is the signed data if the content is not
-present in B<p7> (that is it is detached). The content is written to B<out>
-if it is not NULL.
-
-B<flags> is an optional set of flags, which can be used to modify the verify
-operation.
-
-PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
-B<not> check their validity or whether any signatures are valid. The B<certs>
-and B<flags> parameters have the same meanings as in PKCS7_verify().
-
-=head1 VERIFY PROCESS
-
-Normally the verify process proceeds as follows.
-
-Initially some sanity checks are performed on B<p7>. The type of B<p7> must
-be signedData. There must be at least one signature on the data and if
-the content is detached B<indata> cannot be B<NULL>.
-
-An attempt is made to locate all the signer's certificates, first looking in
-the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
-contained in the B<p7> structure itself. If any signer's certificates cannot be
-located the operation fails.
-
-Each signer's certificate is chain verified using the B<smimesign> purpose and
-the supplied trusted certificate store. Any internal certificates in the message
-are used as untrusted CAs. If any chain verify fails an error code is returned.
-
-Finally the signed content is read (and written to B<out> is it is not NULL) and
-the signature's checked.
-
-If all signature's verify correctly then the function is successful.
-
-Any of the following flags (ored together) can be passed in the B<flags> parameter
-to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
-meaningful to PKCS7_get0_signers().
-
-If B<PKCS7_NOINTERN> is set the certificates in the message itself are not 
-searched when locating the signer's certificate. This means that all the signers
-certificates must be in the B<certs> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
-from the content. If the content is not of type B<text/plain> then an error is
-returned.
-
-If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
-
-If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
-not used as untrusted CAs. This means that the whole verify chain (apart from
-the signer's certificate) must be contained in the trusted store.
-
-If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
-
-=head1 NOTES
-
-One application of B<PKCS7_NOINTERN> is to only accept messages signed by
-a small number of certificates. The acceptable certificates would be passed
-in the B<certs> parameter. In this case if the signer is not one of the
-certificates supplied in B<certs> then the verify will fail because the
-signer cannot be found.
-
-Care should be taken when modifying the default verify behaviour, for example
-setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification 
-and any signed message will be considered valid. This combination is however
-useful if one merely wishes to write the content to B<out> and its validity
-is not considered important.
-
-Chain verification should arguably be performed  using the signing time rather
-than the current time. However since the signing time is supplied by the
-signer it cannot be trusted without additional evidence (such as a trusted
-timestamp).
-
-=head1 RETURN VALUES
-
-PKCS7_verify() returns 1 for a successful verification and zero or a negative
-value if an error occurs.
-
-PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
-
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 BUGS
-
-The trusted certificate store is not searched for the signers certificate,
-this is primarily due to the inadequacies of the current B<X509_STORE>
-functionality.
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>
-
-=head1 HISTORY
-
-PKCS7_verify() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_add.pod b/crypto/openssl/doc/crypto/RAND_add.pod
deleted file mode 100644
index 67c66f3e0c96..000000000000
--- a/crypto/openssl/doc/crypto/RAND_add.pod
+++ /dev/null
@@ -1,77 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add
-entropy to the PRNG
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_seed(const void *buf, int num);
-
- void RAND_add(const void *buf, int num, double entropy);
-
- int  RAND_status(void);
-
- int  RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
- void RAND_screen(void);
-
-=head1 DESCRIPTION
-
-RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
-if the data at B<buf> are unpredictable to an adversary, this
-increases the uncertainty about the state and makes the PRNG output
-less predictable. Suitable input comes from user interaction (random
-key presses, mouse movements) and certain hardware events. The
-B<entropy> argument is (the lower bound of) an estimate of how much
-randomness is contained in B<buf>, measured in bytes. Details about
-sources of randomness and how to estimate their entropy can be found
-in the literature, e.g. RFC 1750.
-
-RAND_add() may be called with sensitive data such as user entered
-passwords. The seed values cannot be recovered from the PRNG output.
-
-OpenSSL makes sure that the PRNG state is unique for each thread. On
-systems that provide C</dev/urandom>, the randomness device is used
-to seed the PRNG transparently. However, on all other systems, the
-application is responsible for seeding the PRNG by calling RAND_add(),
-L<RAND_egd(3)|RAND_egd(3)>
-or L<RAND_load_file(3)|RAND_load_file(3)>.
-
-RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
-
-RAND_event() collects the entropy from Windows events such as mouse
-movements and other user interaction. It should be called with the
-B<iMsg>, B<wParam> and B<lParam> arguments of I<all> messages sent to
-the window procedure. It will estimate the entropy contained in the
-event message (if any), and add it to the PRNG. The program can then
-process the messages as usual.
-
-The RAND_screen() function is available for the convenience of Windows
-programmers. It adds the current contents of the screen to the PRNG.
-For applications that can catch Windows events, seeding the PRNG by
-calling RAND_event() is a significantly better source of
-randomness. It should be noted that both methods cannot be used on
-servers that run without user interaction.
-
-=head1 RETURN VALUES
-
-RAND_status() and RAND_event() return 1 if the PRNG has been seeded
-with enough data, 0 otherwise.
-
-The other functions do not return values.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_seed() and RAND_screen() are available in all versions of SSLeay
-and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
-0.9.5, RAND_event() in OpenSSL 0.9.5a.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_bytes.pod b/crypto/openssl/doc/crypto/RAND_bytes.pod
deleted file mode 100644
index ce6329ce54af..000000000000
--- a/crypto/openssl/doc/crypto/RAND_bytes.pod
+++ /dev/null
@@ -1,47 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_bytes, RAND_pseudo_bytes - generate random data
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int RAND_bytes(unsigned char *buf, int num);
-
- int RAND_pseudo_bytes(unsigned char *buf, int num);
-
-=head1 DESCRIPTION
-
-RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
-into B<buf>. An error occurs if the PRNG has not been seeded with
-enough randomness to ensure an unpredictable byte sequence.
-
-RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
-Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
-unique if they are of sufficient length, but are not necessarily
-unpredictable. They can be used for non-cryptographic purposes and for
-certain purposes in cryptographic protocols, but usually not for key
-generation etc.
-
-=head1 RETURN VALUES
-
-RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
-bytes generated are cryptographically strong, 0 otherwise. Both
-functions return -1 if they are not supported by the current RAND
-method.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<RAND_add(3)|RAND_add(3)>
-
-=head1 HISTORY
-
-RAND_bytes() is available in all versions of SSLeay and OpenSSL.  It
-has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
-in OpenSSL 0.9.5.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_cleanup.pod b/crypto/openssl/doc/crypto/RAND_cleanup.pod
deleted file mode 100644
index 3a8f0749a8d4..000000000000
--- a/crypto/openssl/doc/crypto/RAND_cleanup.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_cleanup - erase the PRNG state
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_cleanup(void);
-
-=head1 DESCRIPTION
-
-RAND_cleanup() erases the memory used by the PRNG.
-
-=head1 RETURN VALUE
-
-RAND_cleanup() returns no value.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_egd.pod b/crypto/openssl/doc/crypto/RAND_egd.pod
deleted file mode 100644
index 62adbe19b29e..000000000000
--- a/crypto/openssl/doc/crypto/RAND_egd.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_egd - query entropy gathering daemon
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int RAND_egd(const char *path);
- int RAND_egd_bytes(const char *path, int bytes);
-
- int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
-
-=head1 DESCRIPTION
-
-RAND_egd() queries the entropy gathering daemon EGD on socket B<path>.
-It queries 255 bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
-OpenSSL built-in PRNG. RAND_egd(path) is a wrapper for
-RAND_egd_bytes(path, 255);
-
-RAND_egd_bytes() queries the entropy gathering daemon EGD on socket B<path>.
-It queries B<bytes> bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
-OpenSSL built-in PRNG.
-This function is more flexible than RAND_egd().
-When only one secret key must
-be generated, it is not necessary to request the full amount 255 bytes from
-the EGD socket. This can be advantageous, since the amount of entropy
-that can be retrieved from EGD over time is limited.
-
-RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket
-B<path>. If B<buf> is given, B<bytes> bytes are queried and written into
-B<buf>. If B<buf> is NULL, B<bytes> bytes are queried and used to seed the
-OpenSSL built-in PRNG using L<RAND_add(3)|RAND_add(3)>.
-
-=head1 NOTES
-
-On systems without /dev/*random devices providing entropy from the kernel,
-the EGD entropy gathering daemon can be used to collect entropy. It provides
-a socket interface through which entropy can be gathered in chunks up to
-255 bytes. Several chunks can be queried during one connection.
-
-EGD is available from http://www.lothar.com/tech/crypto/ (C<perl
-Makefile.PL; make; make install> to install). It is run as B<egd>
-I<path>, where I<path> is an absolute path designating a socket. When
-RAND_egd() is called with that path as an argument, it tries to read
-random bytes that EGD has collected. The read is performed in
-non-blocking mode.
-
-Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is
-available from
-http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html .
-PRNGD does employ an internal PRNG itself and can therefore never run
-out of entropy.
-
-OpenSSL automatically queries EGD when entropy is requested via RAND_bytes()
-or the status is checked via RAND_status() for the first time, if the socket
-is located at /var/run/egd-pool, /dev/egd-pool or /etc/egd-pool.
-
-=head1 RETURN VALUE
-
-RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
-daemon on success, and -1 if the connection failed or the daemon did not
-return enough data to fully seed the PRNG.
-
-RAND_query_egd_bytes() returns the number of bytes read from the daemon on
-success, and -1 if the connection failed. The PRNG state is not considered.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_egd() is available since OpenSSL 0.9.5.
-
-RAND_egd_bytes() is available since OpenSSL 0.9.6.
-
-RAND_query_egd_bytes() is available since OpenSSL 0.9.7.
-
-The automatic query of /var/run/egd-pool et al was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_load_file.pod b/crypto/openssl/doc/crypto/RAND_load_file.pod
deleted file mode 100644
index d8c134e621d1..000000000000
--- a/crypto/openssl/doc/crypto/RAND_load_file.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- const char *RAND_file_name(char *buf, size_t num);
-
- int RAND_load_file(const char *filename, long max_bytes);
-
- int RAND_write_file(const char *filename);
-
-=head1 DESCRIPTION
-
-RAND_file_name() generates a default path for the random seed
-file. B<buf> points to a buffer of size B<num> in which to store the
-filename. The seed file is $RANDFILE if that environment variable is
-set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
-too small for the path name, an error occurs.
-
-RAND_load_file() reads a number of bytes from file B<filename> and
-adds them to the PRNG. If B<max_bytes> is non-negative,
-up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
-if B<max_bytes> is -1, the complete file is read.
-
-RAND_write_file() writes a number of random bytes (currently 1024) to
-file B<filename> which can be used to initialize the PRNG by calling
-RAND_load_file() in a later session.
-
-=head1 RETURN VALUES
-
-RAND_load_file() returns the number of bytes read.
-
-RAND_write_file() returns the number of bytes written, and -1 if the
-bytes written were generated without appropriate seed.
-
-RAND_file_name() returns a pointer to B<buf> on success, and NULL on
-error.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RAND_set_rand_method.pod b/crypto/openssl/doc/crypto/RAND_set_rand_method.pod
deleted file mode 100644
index c9bb6d9f27b3..000000000000
--- a/crypto/openssl/doc/crypto/RAND_set_rand_method.pod
+++ /dev/null
@@ -1,83 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_set_rand_method(const RAND_METHOD *meth);
-
- const RAND_METHOD *RAND_get_rand_method(void);
-
- RAND_METHOD *RAND_SSLeay(void);
-
-=head1 DESCRIPTION
-
-A B<RAND_METHOD> specifies the functions that OpenSSL uses for random number
-generation. By modifying the method, alternative implementations such as
-hardware RNGs may be used. IMPORTANT: See the NOTES section for important
-information about how these RAND API functions are affected by the use of
-B<ENGINE> API calls.
-
-Initially, the default RAND_METHOD is the OpenSSL internal implementation, as
-returned by RAND_SSLeay().
-
-RAND_set_default_method() makes B<meth> the method for PRNG use. B<NB>: This is
-true only whilst no ENGINE has been set as a default for RAND, so this function
-is no longer recommended.
-
-RAND_get_default_method() returns a pointer to the current RAND_METHOD.
-However, the meaningfulness of this result is dependant on whether the ENGINE
-API is being used, so this function is no longer recommended.
-
-=head1 THE RAND_METHOD STRUCTURE
-
- typedef struct rand_meth_st
- {
-        void (*seed)(const void *buf, int num);
-        int (*bytes)(unsigned char *buf, int num);
-        void (*cleanup)(void);
-        void (*add)(const void *buf, int num, int entropy);
-        int (*pseudorand)(unsigned char *buf, int num);
-	int (*status)(void);
- } RAND_METHOD;
-
-The components point to the implementation of RAND_seed(),
-RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand()
-and RAND_status().
-Each component may be NULL if the function is not implemented.
-
-=head1 RETURN VALUES
-
-RAND_set_rand_method() returns no value. RAND_get_rand_method() and
-RAND_SSLeay() return pointers to the respective methods.
-
-=head1 NOTES
-
-As of version 0.9.7, RAND_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for RAND functionality using an ENGINE API function,
-that will override any RAND defaults set using the RAND API (ie.
-RAND_set_rand_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in RAND and other cryptographic
-algorithms.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
-
-=head1 HISTORY
-
-RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
-available in all versions of OpenSSL.
-
-In the engine version of version 0.9.6, RAND_set_rand_method() was altered to
-take an ENGINE pointer as its argument. As of version 0.9.7, that has been
-reverted as the ENGINE API transparently overrides RAND defaults if used,
-otherwise RAND API functions work as before. RAND_set_rand_engine() was also
-introduced in version 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_blinding_on.pod b/crypto/openssl/doc/crypto/RSA_blinding_on.pod
deleted file mode 100644
index fd2c69abd867..000000000000
--- a/crypto/openssl/doc/crypto/RSA_blinding_on.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-
- void RSA_blinding_off(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA is vulnerable to timing attacks. In a setup where attackers can
-measure the time of RSA decryption or signature operations, blinding
-must be used to protect the RSA operation from that attack.
-
-RSA_blinding_on() turns blinding on for key B<rsa> and generates a
-random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
-initialized B<BN_CTX>. The random number generator must be seeded
-prior to calling RSA_blinding_on().
-
-RSA_blinding_off() turns blinding off and frees the memory used for
-the blinding factor.
-
-=head1 RETURN VALUES
-
-RSA_blinding_on() returns 1 on success, and 0 if an error occurred.
-
-RSA_blinding_off() returns no value.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_check_key.pod b/crypto/openssl/doc/crypto/RSA_check_key.pod
deleted file mode 100644
index a5198f3db5b5..000000000000
--- a/crypto/openssl/doc/crypto/RSA_check_key.pod
+++ /dev/null
@@ -1,67 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_check_key - validate private RSA keys
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_check_key(RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function validates RSA keys. It checks that B<p> and B<q> are
-in fact prime, and that B<n = p*q>.
-
-It also checks that B<d*e = 1 mod (p-1*q-1)>,
-and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
-
-As such, this function can not be used with any arbitrary RSA key object,
-even if it is otherwise fit for regular RSA operation. See B<NOTES> for more
-information.
-
-=head1 RETURN VALUE
-
-RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
--1 is returned if an error occurs while checking the key.
-
-If the key is invalid or an error occurred, the reason code can be
-obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-This function does not work on RSA public keys that have only the modulus
-and public exponent elements populated. It performs integrity checks on all
-the RSA key material, so the RSA key structure must contain all the private
-key data too.
-
-Unlike most other RSA functions, this function does B<not> work
-transparently with any underlying ENGINE implementation because it uses the
-key data in the RSA structure directly. An ENGINE implementation can
-override the way key data is stored and handled, and can even provide
-support for HSM keys - in which case the RSA structure may contain B<no>
-key data at all! If the ENGINE in question is only being used for
-acceleration or analysis purposes, then in all likelihood the RSA key data
-is complete and untouched, but this can't be assumed in the general case.
-
-=head1 BUGS
-
-A method of verifying the RSA key using opaque RSA API functions might need
-to be considered. Right now RSA_check_key() simply uses the RSA structure
-elements directly, bypassing the RSA_METHOD table altogether (and
-completely violating encapsulation and object-orientation in the process).
-The best fix will probably be to introduce a "check_key()" handler to the
-RSA_METHOD function table so that alternative implementations can also
-provide their own verifiers.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-RSA_check_key() appeared in OpenSSL 0.9.4.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_generate_key.pod b/crypto/openssl/doc/crypto/RSA_generate_key.pod
deleted file mode 100644
index 52dbb14a537d..000000000000
--- a/crypto/openssl/doc/crypto/RSA_generate_key.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_generate_key - generate RSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA *RSA_generate_key(int num, unsigned long e,
-    void (*callback)(int,int,void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-RSA_generate_key() generates a key pair and returns it in a newly
-allocated B<RSA> structure. The pseudo-random number generator must
-be seeded prior to calling RSA_generate_key().
-
-The modulus size will be B<num> bits, and the public exponent will be
-B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
-The exponent is an odd number, typically 3, 17 or 65537.
-
-A callback function may be used to provide feedback about the
-progress of the key generation. If B<callback> is not B<NULL>, it
-will be called as follows:
-
-=over 4
-
-=item *
-
-While a random prime number is generated, it is called as
-described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
-
-=item *
-
-When the n-th randomly generated prime is rejected as not
-suitable for the key, B<callback(2, n, cb_arg)> is called.
-
-=item *
-
-When a random p has been found with p-1 relatively prime to B<e>,
-it is called as B<callback(3, 0, cb_arg)>.
-
-=back
-
-The process is then repeated for prime q with B<callback(3, 1, cb_arg)>.
-
-=head1 RETURN VALUE
-
-If key generation fails, RSA_generate_key() returns B<NULL>; the
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<callback(2, x, cb_arg)> is used with two different meanings.
-
-RSA_generate_key() goes into an infinite loop for illegal input values.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_free(3)|RSA_free(3)>
-
-=head1 HISTORY
-
-The B<cb_arg> argument was added in SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_get_ex_new_index.pod b/crypto/openssl/doc/crypto/RSA_get_ex_new_index.pod
deleted file mode 100644
index 46cc8f535979..000000000000
--- a/crypto/openssl/doc/crypto/RSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,120 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int RSA_set_ex_data(RSA *r, int idx, void *arg);
-
- void *RSA_get_ex_data(RSA *r, int idx);
-
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-		int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-		int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 
-		int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-This has several potential uses, it can be used to cache data associated with
-a structure (for example the hash of some part of the structure) or some
-additional data (for example a handle to the data in an external library).
-
-Since the application data can be anything at all it is passed and retrieved
-as a B<void *> type.
-
-The B<RSA_get_ex_new_index()> function is initially called to "register" some
-new application specific data. It takes three optional function pointers which
-are called when the parent structure (in this case an RSA structure) is
-initially created, when it is copied and when it is freed up. If any or all of
-these function pointer arguments are not used they should be set to NULL. The
-precise manner in which these function pointers are called is described in more
-detail below. B<RSA_get_ex_new_index()> also takes additional long and pointer
-parameters which will be passed to the supplied functions but which otherwise
-have no special meaning. It returns an B<index> which should be stored
-(typically in a static variable) and passed used in the B<idx> parameter in
-the remaining functions. Each successful call to B<RSA_get_ex_new_index()>
-will return an index greater than any previously returned, this is important
-because the optional functions are called in order of increasing index value.
-
-B<RSA_set_ex_data()> is used to set application specific data, the data is
-supplied in the B<arg> parameter and its precise meaning is up to the
-application.
-
-B<RSA_get_ex_data()> is used to retrieve application specific data. The data
-is returned to the application, this will be the same value as supplied to
-a previous B<RSA_set_ex_data()> call.
-
-B<new_func()> is called when a structure is initially allocated (for example
-with B<RSA_new()>. The parent structure members will not have any meaningful
-values at this point. This function will typically be used to allocate any
-application specific structure.
-
-B<free_func()> is called when a structure is being freed up. The dynamic parent
-structure members should not be accessed because they will be freed up when
-this function is called.
-
-B<new_func()> and B<free_func()> take the same parameters. B<parent> is a
-pointer to the parent RSA structure. B<ptr> is a the application specific data
-(this wont be of much use in B<new_func()>. B<ad> is a pointer to the
-B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
-B<CRYPTO_get_ex_data()> and B<CRYPTO_set_ex_data()> can be called to manipulate
-it. The B<idx> parameter is the index: this will be the same value returned by
-B<RSA_get_ex_new_index()> when the functions were initially registered. Finally
-the B<argl> and B<argp> parameters are the values originally passed to the same
-corresponding parameters when B<RSA_get_ex_new_index()> was called.
-
-B<dup_func()> is called when a structure is being copied. Pointers to the
-destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
-B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
-the source application data when the function is called, when the function returns
-the value is copied to the destination: the application can thus modify the data
-pointed to by B<from_d> and have different values in the source and destination.
-The B<idx>, B<argl> and B<argp> parameters are the same as those in B<new_func()>
-and B<free_func()>.
-
-=head1 RETURN VALUES
-
-B<RSA_get_ex_new_index()> returns a new index or -1 on failure (note 0 is a valid
-index value).
-
-B<RSA_set_ex_data()> returns 1 on success or 0 on failure.
-
-B<RSA_get_ex_data()> returns the application data or 0 on failure. 0 may also
-be valid application data but currently it can only fail if given an invalid B<idx>
-parameter.
-
-B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
-
-On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<dup_func()> is currently never called.
-
-The return value of B<new_func()> is ignored.
-
-The B<new_func()> function isn't very useful because no meaningful values are
-present in the parent RSA structure when it is called.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=head1 HISTORY
-
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_new.pod b/crypto/openssl/doc/crypto/RSA_new.pod
deleted file mode 100644
index 3d15b928243d..000000000000
--- a/crypto/openssl/doc/crypto/RSA_new.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_new, RSA_free - allocate and free RSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA * RSA_new(void);
-
- void RSA_free(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_new() allocates and initializes an B<RSA> structure. It is equivalent to
-calling RSA_new_method(NULL).
-
-RSA_free() frees the B<RSA> structure and its components. The key is
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, RSA_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
-a pointer to the newly allocated structure.
-
-RSA_free() returns no value.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_new_method(3)|RSA_new_method(3)>
-
-=head1 HISTORY
-
-RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/crypto/openssl/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
deleted file mode 100644
index b8f678fe729d..000000000000
--- a/crypto/openssl/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+++ /dev/null
@@ -1,124 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
-RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
-RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
-RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
-RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
-padding
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-    unsigned char *f, int fl, unsigned char *p, int pl);
-
- int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl);
-
- int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_none(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_none(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
-=head1 DESCRIPTION
-
-The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
-decrypt, sign and verify functions. Normally they should not be called
-from application programs.
-
-However, they can also be called directly to implement padding for other
-asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
-RSA_padding_check_PKCS1_OAEP() may be used in an application combined
-with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
-parameter.
-
-RSA_padding_add_xxx() encodes B<fl> bytes from B<f> so as to fit into
-B<tlen> bytes and stores the result at B<to>. An error occurs if B<fl>
-does not meet the size requirements of the encoding method.
-
-The following encoding methods are implemented:
-
-=over 4
-
-=item PKCS1_type_1
-
-PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures
-
-=item PKCS1_type_2
-
-PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
-
-=item PKCS1_OAEP
-
-PKCS #1 v2.0 EME-OAEP
-
-=item SSLv23
-
-PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
-
-=item none
-
-simply copy the data
-
-=back
-
-The random number generator must be seeded prior to calling
-RSA_padding_add_xxx().
-
-RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
-a valid encoding for a B<rsa_len> byte RSA key in the respective
-encoding method and stores the recovered data of at most B<tlen> bytes
-(for B<RSA_NO_PADDING>: of size B<tlen>)
-at B<to>.
-
-For RSA_padding_xxx_OAEP(), B<p> points to the encoding parameter
-of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
-
-=head1 RETURN VALUES
-
-The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
-The RSA_padding_check_xxx() functions return the length of the
-recovered data, -1 on error. Error codes can be obtained by calling
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
-RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
-RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
-RSA_padding_add_none() and RSA_padding_check_none() appeared in
-SSLeay 0.9.0.
-
-RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
-added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_print.pod b/crypto/openssl/doc/crypto/RSA_print.pod
deleted file mode 100644
index e28d107d1c6e..000000000000
--- a/crypto/openssl/doc/crypto/RSA_print.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_print, RSA_print_fp,
-DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp,
-DHparams_print, DHparams_print_fp - print cryptographic parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- #include <openssl/dsa.h>
-
- int DSAparams_print(BIO *bp, DSA *x);
- int DSAparams_print_fp(FILE *fp, DSA *x);
- int DSA_print(BIO *bp, DSA *x, int offset);
- int DSA_print_fp(FILE *fp, DSA *x, int offset);
-
- #include <openssl/dh.h>
-
- int DHparams_print(BIO *bp, DH *x);
- int DHparams_print_fp(FILE *fp, DH *x);
-
-=head1 DESCRIPTION
-
-A human-readable hexadecimal output of the components of the RSA
-key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
-
-The output lines are indented by B<offset> spaces.
-
-=head1 RETURN VALUES
-
-These functions return 1 on success, 0 on error.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
-
-=head1 HISTORY
-
-RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
-DH_print_fp() are available in all versions of SSLeay and OpenSSL.
-DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_private_encrypt.pod b/crypto/openssl/doc/crypto/RSA_private_encrypt.pod
deleted file mode 100644
index 746a80c79ea0..000000000000
--- a/crypto/openssl/doc/crypto/RSA_private_encrypt.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_private_encrypt, RSA_public_decrypt - low level signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_private_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-
- int RSA_public_decrypt(int flen, unsigned char *from, 
-    unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-These functions handle RSA signatures at a low level.
-
-RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a
-message digest with an algorithm identifier) using the private key
-B<rsa> and stores the signature in B<to>. B<to> must point to
-B<RSA_size(rsa)> bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This function does not handle the
-B<algorithmIdentifier> specified in PKCS #1. When generating or
-verifying PKCS #1 signatures, L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be
-used.
-
-=item RSA_NO_PADDING
-
-Raw RSA signature. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Signing user data directly with RSA is insecure.
-
-=back
-
-RSA_public_decrypt() recovers the message digest from the B<flen>
-bytes long signature at B<from> using the signer's public key
-B<rsa>. B<to> must point to a memory section large enough to hold the
-message digest (which is smaller than B<RSA_size(rsa) -
-11>). B<padding> is the padding mode that was used to sign the data.
-
-=head1 RETURN VALUES
-
-RSA_private_encrypt() returns the size of the signature (i.e.,
-RSA_size(rsa)). RSA_public_decrypt() returns the size of the
-recovered message digest.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_public_encrypt.pod b/crypto/openssl/doc/crypto/RSA_public_encrypt.pod
deleted file mode 100644
index d53e19d2b749..000000000000
--- a/crypto/openssl/doc/crypto/RSA_public_encrypt.pod
+++ /dev/null
@@ -1,83 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_public_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-
- int RSA_private_decrypt(int flen, unsigned char *from,
-     unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
-session key) using the public key B<rsa> and stores the ciphertext in
-B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This currently is the most widely used mode.
-
-=item RSA_PKCS1_OAEP_PADDING
-
-EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
-encoding parameter. This mode is recommended for all new applications.
-
-=item RSA_SSLV23_PADDING
-
-PKCS #1 v1.5 padding with an SSL-specific modification that denotes
-that the server is SSL3 capable.
-
-=item RSA_NO_PADDING
-
-Raw RSA encryption. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Encrypting user data directly with RSA is insecure.
-
-=back
-
-B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
-based padding modes, and less than RSA_size(B<rsa>) - 41 for
-RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded
-prior to calling RSA_public_encrypt().
-
-RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
-private key B<rsa> and stores the plaintext in B<to>. B<to> must point
-to a memory section large enough to hold the decrypted data (which is
-smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
-was used to encrypt the data.
-
-=head1 RETURN VALUES
-
-RSA_public_encrypt() returns the size of the encrypted data (i.e.,
-RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
-recovered plaintext.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_size(3)|RSA_size(3)>
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_set_method.pod b/crypto/openssl/doc/crypto/RSA_set_method.pod
deleted file mode 100644
index 0a305f6b140d..000000000000
--- a/crypto/openssl/doc/crypto/RSA_set_method.pod
+++ /dev/null
@@ -1,202 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_set_default_method, RSA_get_default_method, RSA_set_method,
-RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
-RSA_new_method - select RSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- void RSA_set_default_method(const RSA_METHOD *meth);
-
- RSA_METHOD *RSA_get_default_method(void);
-
- int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
- RSA_METHOD *RSA_get_method(const RSA *rsa);
-
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
- RSA_METHOD *RSA_null_method(void);
-
- int RSA_flags(const RSA *rsa);
-
- RSA *RSA_new_method(RSA_METHOD *method);
-
-=head1 DESCRIPTION
-
-An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA
-operations. By modifying the method, alternative implementations such as
-hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these RSA API functions are affected by the
-use of B<ENGINE> API calls.
-
-Initially, the default RSA_METHOD is the OpenSSL internal implementation,
-as returned by RSA_PKCS1_SSLeay().
-
-RSA_set_default_method() makes B<meth> the default method for all RSA
-structures created later. B<NB>: This is true only whilst no ENGINE has
-been set as a default for RSA, so this function is no longer recommended.
-
-RSA_get_default_method() returns a pointer to the current default
-RSA_METHOD. However, the meaningfulness of this result is dependant on
-whether the ENGINE API is being used, so this function is no longer 
-recommended.
-
-RSA_set_method() selects B<meth> to perform all operations using the key
-B<rsa>. This will replace the RSA_METHOD used by the RSA key and if the
-previous method was supplied by an ENGINE, the handle to that ENGINE will
-be released during the change. It is possible to have RSA keys that only
-work with certain RSA_METHOD implementations (eg. from an ENGINE module
-that supports embedded hardware-protected keys), and in such cases
-attempting to change the RSA_METHOD for the key can have unexpected
-results.
-
-RSA_get_method() returns a pointer to the RSA_METHOD being used by B<rsa>.
-This method may or may not be supplied by an ENGINE implementation, but if
-it is, the return value can only be guaranteed to be valid as long as the
-RSA key itself is valid and does not have its implementation changed by
-RSA_set_method().
-
-RSA_flags() returns the B<flags> that are set for B<rsa>'s current
-RSA_METHOD. See the BUGS section.
-
-RSA_new_method() allocates and initializes an RSA structure so that
-B<engine> will be used for the RSA operations. If B<engine> is NULL, the
-default ENGINE for RSA operations is used, and if no default ENGINE is set,
-the RSA_METHOD controlled by RSA_set_default_method() is used.
-
-RSA_flags() returns the B<flags> that are set for B<rsa>'s current method.
-
-RSA_new_method() allocates and initializes an B<RSA> structure so that
-B<method> will be used for the RSA operations. If B<method> is B<NULL>,
-the default method is used.
-
-=head1 THE RSA_METHOD STRUCTURE
-
- typedef struct rsa_meth_st
- {
-     /* name of the implementation */
-	const char *name;
-
-     /* encrypt */
-	int (*rsa_pub_enc)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* verify arbitrary data */
-	int (*rsa_pub_dec)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* sign arbitrary data */
-	int (*rsa_priv_enc)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* decrypt */
-	int (*rsa_priv_dec)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
-                                        implementations) */
-	int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-	int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-     /* called at RSA_new */
-	int (*init)(RSA *rsa);
-
-     /* called at RSA_free */
-	int (*finish)(RSA *rsa);
-
-     /* RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
-      *                            operations, even if p,q,dmp1,dmq1,iqmp
-      *                            are NULL
-      * RSA_FLAG_SIGN_VER        - enable rsa_sign and rsa_verify
-      * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
-      */
-	int flags;
-
-	char *app_data; /* ?? */
-
-     /* sign. For backward compatibility, this is used only
-      * if (flags & RSA_FLAG_SIGN_VER)
-      */
-	int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
-           unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
-     /* verify. For backward compatibility, this is used only
-      * if (flags & RSA_FLAG_SIGN_VER)
-      */
-	int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
-           unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- } RSA_METHOD;
-
-=head1 RETURN VALUES
-
-RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method()
-and RSA_get_method() return pointers to the respective RSA_METHODs.
-
-RSA_set_default_method() returns no value.
-
-RSA_set_method() returns a pointer to the old RSA_METHOD implementation
-that was replaced. However, this return value should probably be ignored
-because if it was supplied by an ENGINE, the pointer could be invalidated
-at any time if the ENGINE is unloaded (in fact it could be unloaded as a
-result of the RSA_set_method() function releasing its handle to the
-ENGINE). For this reason, the return type may be replaced with a B<void>
-declaration in a future release.
-
-RSA_new_method() returns NULL and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
-it returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, RSA_METHOD implementations are grouped together with
-other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
-modules. If a default ENGINE is specified for RSA functionality using an
-ENGINE API function, that will override any RSA defaults set using the RSA
-API (ie.  RSA_set_default_method()). For this reason, the ENGINE API is the
-recommended way to control default implementations for use in RSA and other
-cryptographic algorithms.
-
-=head1 BUGS
-
-The behaviour of RSA_flags() is a mis-feature that is left as-is for now
-to avoid creating compatibility problems. RSA functionality, such as the
-encryption functions, are controlled by the B<flags> value in the RSA key
-itself, not by the B<flags> value in the RSA_METHOD attached to the RSA key
-(which is what this function returns). If the flags element of an RSA key
-is changed, the changes will be honoured by RSA functionality but will not
-be reflected in the return value of the RSA_flags() function - in effect
-RSA_flags() behaves more like an RSA_default_flags() function (which does
-not currently exist).
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
-
-=head1 HISTORY
-
-RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
-RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
-well as the rsa_sign and rsa_verify components of RSA_METHOD were
-added in OpenSSL 0.9.4.
-
-RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
-replaced RSA_set_default_method() and RSA_get_default_method()
-respectively, and RSA_set_method() and RSA_new_method() were altered to use
-B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
-version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
-API was restructured so that this change was reversed, and behaviour of the
-other functions resembled more closely the previous behaviour. The
-behaviour of defaults in the ENGINE API now transparently overrides the
-behaviour of defaults in the RSA API without requiring changing these
-function prototypes.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_sign.pod b/crypto/openssl/doc/crypto/RSA_sign.pod
deleted file mode 100644
index 71688a665e13..000000000000
--- a/crypto/openssl/doc/crypto/RSA_sign.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign, RSA_verify - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign() signs the message digest B<m> of size B<m_len> using the
-private key B<rsa> as specified in PKCS #1 v2.0. It stores the
-signature in B<sigret> and the signature size in B<siglen>. B<sigret>
-must point to RSA_size(B<rsa>) bytes of memory.
-
-B<type> denotes the message digest algorithm that was used to generate
-B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
-see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
-an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
-and no algorithm identifier) is created.
-
-RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<m> of size B<m_len>. B<type> denotes
-the message digest algorithm that was used to generate the signature.
-B<rsa> is the signer's public key.
-
-=head1 RETURN VALUES
-
-RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
-on successful verification, 0 otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-Certain signatures with an improper algorithm identifier are accepted
-for compatibility with SSLeay 0.4.5 :-)
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)> 
-
-=head1 HISTORY
-
-RSA_sign() and RSA_verify() are available in all versions of SSLeay
-and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/crypto/openssl/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
deleted file mode 100644
index e70380bbfc96..000000000000
--- a/crypto/openssl/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
-    RSA *rsa);
-
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-    RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign_ASN1_OCTET_STRING() signs the octet string B<m> of size
-B<m_len> using the private key B<rsa> represented in DER using PKCS #1
-padding. It stores the signature in B<sigret> and the signature size
-in B<siglen>. B<sigret> must point to B<RSA_size(rsa)> bytes of
-memory.
-
-B<dummy> is ignored.
-
-The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().
-
-RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
-of size B<siglen> is the DER representation of a given octet string
-B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's
-public key.
-
-=head1 RETURN VALUES
-
-RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
-RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
-otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-These functions serve no recognizable purpose.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
-added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/RSA_size.pod b/crypto/openssl/doc/crypto/RSA_size.pod
deleted file mode 100644
index 5b7f835f95d6..000000000000
--- a/crypto/openssl/doc/crypto/RSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_size - get RSA modulus size
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_size(const RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function returns the RSA modulus size in bytes. It can be used to
-determine how much memory must be allocated for an RSA encrypted
-value.
-
-B<rsa-E<gt>n> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>
-
-=head1 HISTORY
-
-RSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod b/crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod
deleted file mode 100644
index ffafa378877c..000000000000
--- a/crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod
+++ /dev/null
@@ -1,71 +0,0 @@
-=pod
-
-=head1 NAME
-
-SMIME_read_PKCS7 - parse S/MIME message.
-
-=head1 SYNOPSIS
-
-PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
-
-=head1 DESCRIPTION
-
-SMIME_read_PKCS7() parses a message in S/MIME format.
-
-B<in> is a BIO to read the message from.
-
-If cleartext signing is used then the content is saved in
-a memory bio which is written to B<*bcont>, otherwise
-B<*bcont> is set to B<NULL>.
-
-The parsed PKCS#7 structure is returned or B<NULL> if an
-error occurred.
-
-=head1 NOTES
-
-If B<*bcont> is not B<NULL> then the message is clear text
-signed. B<*bcont> can then be passed to PKCS7_verify() with
-the B<PKCS7_DETACHED> flag set.
-
-Otherwise the type of the returned structure can be determined
-using PKCS7_type().
-
-To support future functionality if B<bcont> is not B<NULL>
-B<*bcont> should be initialized to B<NULL>. For example:
-
- BIO *cont = NULL;
- PKCS7 *p7;
-
- p7 = SMIME_read_PKCS7(in, &cont);
-
-=head1 BUGS
-
-The MIME parser used by SMIME_read_PKCS7() is somewhat primitive.
-While it will handle most S/MIME messages more complex compound
-formats may not work.
-
-The parser assumes that the PKCS7 structure is always base64
-encoded and will not handle the case where it is in binary format
-or uses quoted printable format.
-
-The use of a memory BIO to hold the signed content limits the size
-of message which can be processed due to memory restraints: a
-streaming single pass option should be available.
-
-=head1 RETURN VALUES
-
-SMIME_read_PKCS7() returns a valid B<PKCS7> structure or B<NULL>
-is an error occurred. The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_type(3)|PKCS7_type(3)>
-L<SMIME_read_PKCS7(3)|SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_read_PKCS7() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod b/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod
deleted file mode 100644
index 2cfad2e04976..000000000000
--- a/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
-
-=head1 SYNOPSIS
-
-int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
-structure to produce an S/MIME message.
-
-B<out> is the BIO to write the data to. B<p7> is the appropriate
-B<PKCS7> structure. If cleartext signing (B<multipart/signed>) is
-being used then the signed data must be supplied in the B<data> 
-argument. B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-The following flags can be passed in the B<flags> parameter.
-
-If B<PKCS7_DETACHED> is set then cleartext signing will be used,
-this option only makes sense for signedData where B<PKCS7_DETACHED>
-is also set when PKCS7_sign() is also called.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
-are added to the content, this only makes sense if B<PKCS7_DETACHED>
-is also set.
-
-If cleartext signing is being used then the data must be read twice:
-once to compute the signature in PKCS7_sign() and once to output the
-S/MIME message.
-
-=head1 BUGS
-
-SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
-should be an option to disable this.
-
-There should really be a way to produce cleartext signing using only
-a single pass of the data.
-
-=head1 RETURN VALUES
-
-SMIME_write_PKCS7() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_write_PKCS7() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod b/crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod
deleted file mode 100644
index d287c18564be..000000000000
--- a/crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data,
-X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data,
-X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID,
-X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
-
-=head1 SYNOPSIS
-
-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, unsigned char *bytes, int len);
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type,unsigned char *bytes, int len);
-
-=head1 DESCRIPTION
-
-X509_NAME_ENTRY_get_object() retrieves the field name of B<ne> in
-and B<ASN1_OBJECT> structure.
-
-X509_NAME_ENTRY_get_data() retrieves the field value of B<ne> in
-and B<ASN1_STRING> structure.
-
-X509_NAME_ENTRY_set_object() sets the field name of B<ne> to B<obj>.
-
-X509_NAME_ENTRY_set_data() sets the field value of B<ne> to string type
-B<type> and value determined by B<bytes> and B<len>.
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
-and X509_NAME_ENTRY_create_by_OBJ() create and return an 
-B<X509_NAME_ENTRY> structure.
-
-=head1 NOTES
-
-X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
-used to examine an B<X509_NAME_ENTRY> function as returned by 
-X509_NAME_get_entry() for example.
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
-and X509_NAME_ENTRY_create_by_OBJ() create and return an 
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
-X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
-are seldom used in practice because B<X509_NAME_ENTRY> structures
-are almost always part of B<X509_NAME> structures and the
-corresponding B<X509_NAME> functions are typically used to
-create and add new entries in a single operation.
-
-The arguments of these functions support similar options to the similarly
-named ones of the corresponding B<X509_NAME> functions such as
-X509_NAME_add_entry_by_txt(). So for example B<type> can be set to
-B<MBSTRING_ASC> but in the case of X509_set_data() the field name must be
-set first so the relevant field information can be looked up internally.
-
-=head1 RETURN VALUES
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<OBJ_nid2obj(3),OBJ_nid2obj(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod b/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod
deleted file mode 100644
index 4472a1c5cf77..000000000000
--- a/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ /dev/null
@@ -1,110 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID,
-X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions
-
-=head1 SYNOPSIS
-
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-
-=head1 DESCRIPTION
-
-X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and
-X509_NAME_add_entry_by_NID() add a field whose name is defined
-by a string B<field>, an object B<obj> or a NID B<nid> respectively.
-The field value to be added is in B<bytes> of length B<len>. If
-B<len> is -1 then the field length is calculated internally using
-strlen(bytes).
-
-The type of field is determined by B<type> which can either be a
-definition of the type of B<bytes> (such as B<MBSTRING_ASC>) or a
-standard ASN1 type (such as B<V_ASN1_IA5STRING>). The new entry is
-added to a position determined by B<loc> and B<set>.
-
-X509_NAME_add_entry() adds a copy of B<X509_NAME_ENTRY> structure B<ne>
-to B<name>. The new entry is added to a position determined by B<loc>
-and B<set>. Since a copy of B<ne> is added B<ne> must be freed up after
-the call.
-
-X509_NAME_delete_entry() deletes an entry from B<name> at position
-B<loc>. The deleted entry is returned and must be freed up.
-
-=head1 NOTES
-
-The use of string types such as B<MBSTRING_ASC> or B<MBSTRING_UTF8>
-is strongly recommened for the B<type> parameter. This allows the
-internal code to correctly determine the type of the field and to
-apply length checks according to the relevant standards. This is
-done using ASN1_STRING_set_by_NID().
-
-If instead an ASN1 type is used no checks are performed and the
-supplied data in B<bytes> is used directly.
-
-In X509_NAME_add_entry_by_txt() the B<field> string represents
-the field name using OBJ_txt2obj(field, 0).
-
-The B<loc> and B<set> parameters determine where a new entry should
-be added. For almost all applications B<loc> can be set to -1 and B<set>
-to 0. This adds a new entry to the end of B<name> as a single valued
-RelativeDistinguishedName (RDN).
-
-B<loc> actually determines the index where the new entry is inserted:
-if it is -1 it is appended. 
-
-B<set> determines how the new type is added. If it is zero a
-new RDN is created.
-
-If B<set> is -1 or 1 it is added to the previous or next RDN
-structure respectively. This will then be a multivalued RDN:
-since multivalues RDNs are very seldom used B<set> is almost
-always set to zero.
-
-=head1 EXAMPLES
-
-Create an B<X509_NAME> structure:
-
-"C=UK, O=Disorganized Organization, CN=Joe Bloggs"
-
- X509_NAME *nm;
- nm = X509_NAME_new();
- if (nm == NULL)
-	/* Some error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"C", "UK", -1, -1, 0))
-	/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"O", "Disorganized Organization", -1, -1, 0))
-	/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"CN", "Joe Bloggs", -1, -1, 0))
-	/* Error */
-
-=head1 RETURN VALUES
-
-X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(),
-X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for
-success of 0 if an error occurred.
-
-X509_NAME_delete_entry() returns either the deleted B<X509_NAME_ENTRY>
-structure of B<NULL> if an error occurred.
-
-=head1 BUGS
-
-B<type> can still be set to B<V_ASN1_APP_CHOOSE> to use a
-different algorithm to determine field types. Since this form does
-not understand multicharacter types, performs no length checks and
-can result in invalid field types its use is strongly discouraged.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod b/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
deleted file mode 100644
index 333323d734e0..000000000000
--- a/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ /dev/null
@@ -1,106 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry,
-X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ -
-X509_NAME lookup and enumeration functions
-
-=head1 SYNOPSIS
-
-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
-
-int X509_NAME_entry_count(X509_NAME *name);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
-
-=head1 DESCRIPTION
-
-These functions allow an B<X509_NAME> structure to be examined. The
-B<X509_NAME> structure is the same as the B<Name> type defined in
-RFC2459 (and elsewhere) and used for example in certificate subject
-and issuer names.
-
-X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve
-the next index matching B<nid> or B<obj> after B<lastpos>. B<lastpos>
-should initially be set to -1. If there are no more entries -1 is returned.
-
-X509_NAME_entry_count() returns the total number of entries in B<name>.
-
-X509_NAME_get_entry() retrieves the B<X509_NAME_ENTRY> from B<name>
-corresponding to index B<loc>. Acceptable values for B<loc> run from
-0 to (X509_NAME_entry_count(name) - 1). The value returned is an
-internal pointer which must not be freed.
-
-X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve
-the "text" from the first entry in B<name> which matches B<nid> or
-B<obj>, if no such entry exists -1 is returned. At most B<len> bytes
-will be written and the text written to B<buf> will be null
-terminated. The length of the output string written is returned
-excluding the terminating null. If B<buf> is <NULL> then the amount
-of space needed in B<buf> (excluding the final null) is returned. 
-
-=head1 NOTES
-
-X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() are
-legacy functions which have various limitations which make them
-of minimal use in practice. They can only find the first matching
-entry and will copy the contents of the field verbatim: this can
-be highly confusing if the target is a muticharacter string type
-like a BMPString or a UTF8String.
-
-For a more general solution X509_NAME_get_index_by_NID() or
-X509_NAME_get_index_by_OBJ() should be used followed by
-X509_NAME_get_entry() on any matching indices and then the
-various B<X509_NAME_ENTRY> utility functions on the result.
-
-=head1 EXAMPLES
-
-Process all entries:
-
- int i;
- X509_NAME_ENTRY *e;
-
- for (i = 0; i < X509_NAME_entry_count(nm); i++)
-	{
-	e = X509_NAME_get_entry(nm, i);
-	/* Do something with e */
-	}
-
-Process all commonName entries:
-
- int loc;
- X509_NAME_ENTRY *e;
-
- loc = -1;
- for (;;)
-	{
-	lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
-	if (lastpos == -1)
-		break;
-	e = X509_NAME_get_entry(nm, lastpos);
-	/* Do something with e */
-	}
-
-=head1 RETURN VALUES
-
-X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ()
-return the index of the next matching entry or -1 if not found.
-
-X509_NAME_entry_count() returns the total number of entries.
-
-X509_NAME_get_entry() returns an B<X509_NAME> pointer to the
-requested entry or B<NULL> if the index is invalid.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/X509_NAME_print_ex.pod b/crypto/openssl/doc/crypto/X509_NAME_print_ex.pod
deleted file mode 100644
index 907c04f684f5..000000000000
--- a/crypto/openssl/doc/crypto/X509_NAME_print_ex.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print,
-X509_NAME_oneline - X509_NAME printing routines.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
- int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
- char *	X509_NAME_oneline(X509_NAME *a,char *buf,int size);
- int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-
-=head1 DESCRIPTION
-
-X509_NAME_print_ex() prints a human readable version of B<nm> to BIO B<out>. Each
-line (for multiline formats) is indented by B<indent> spaces. The output format
-can be extensively customised by use of the B<flags> parameter.
-
-X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is
-written to FILE pointer B<fp>.
-
-X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
-bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
-and returned, otherwise B<buf> is returned.
-
-X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase> 
-characters. Multiple lines are used if the output (including indent) exceeds
-80 characters.
-
-=head1 NOTES
-
-The functions X509_NAME_oneline() and X509_NAME_print() are legacy functions which
-produce a non standard output form, they don't handle multi character fields and
-have various quirks and inconsistencies. Their use is strongly discouraged in new
-applications.
-
-Although there are a large number of possible flags for most purposes
-B<XN_FLAG_ONELINE>, B<XN_FLAG_MULTILINE> or B<XN_FLAG_RFC2253> will suffice.
-As noted on the L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)> manual page
-for UTF8 terminals the B<ASN1_STRFLAGS_ESC_MSB> should be unset: so for example
-B<XN_FLAG_ONELINE & ~ASN1_STRFLAGS_ESC_MSB> would be used.
-
-The complete set of the flags supported by X509_NAME_print_ex() is listed below.
-
-Several options can be ored together.
-
-The options B<XN_FLAG_SEP_COMMA_PLUS>, B<XN_FLAG_SEP_CPLUS_SPC>,
-B<XN_FLAG_SEP_SPLUS_SPC> and B<XN_FLAG_SEP_MULTILINE> determine the field separators
-to use. Two distinct separators are used between distinct RelativeDistinguishedName
-components and separate values in the same RDN for a multi-valued RDN. Multi-valued
-RDNs are currently very rare so the second separator will hardly ever be used.
-
-B<XN_FLAG_SEP_COMMA_PLUS> uses comma and plus as separators. B<XN_FLAG_SEP_CPLUS_SPC>
-uses comma and plus with spaces: this is more readable that plain comma and plus.
-B<XN_FLAG_SEP_SPLUS_SPC> uses spaced semicolon and plus. B<XN_FLAG_SEP_MULTILINE> uses
-spaced newline and plus respectively.
-
-If B<XN_FLAG_DN_REV> is set the whole DN is printed in reversed order.
-
-The fields B<XN_FLAG_FN_SN>, B<XN_FLAG_FN_LN>, B<XN_FLAG_FN_OID>,
-B<XN_FLAG_FN_NONE> determine how a field name is displayed. It will
-use the short name (e.g. CN) the long name (e.g. commonName) always
-use OID numerical form (normally OIDs are only used if the field name is not
-recognised) and no field name respectively.
-
-If B<XN_FLAG_SPC_EQ> is set then spaces will be placed around the '=' character
-separating field names and values.
-
-If B<XN_FLAG_DUMP_UNKNOWN_FIELDS> is set then the encoding of unknown fields is
-printed instead of the values.
-
-If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
-is only of use for multiline format.
-
-Additionally all the options supported by ASN1_STRING_print_ex() can be used to 
-control how each field value is displayed.
-
-In addition a number options can be set for commonly used formats.
-
-B<XN_FLAG_RFC2253> sets options which produce an output compatible with RFC2253 it
-is equivalent to:
- B<ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS>
-
-
-B<XN_FLAG_ONELINE> is a more readable one line format it is the same as:
- B<ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN>
-
-B<XN_FLAG_MULTILINE> is a multiline format is is the same as:
- B<ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN>
-
-B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.
-
-=head1 SEE ALSO
-
-L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/X509_new.pod b/crypto/openssl/doc/crypto/X509_new.pod
deleted file mode 100644
index fd5fc65ce152..000000000000
--- a/crypto/openssl/doc/crypto/X509_new.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_new, X509_free - X509 certificate ASN1 allocation functions
-
-=head1 SYNOPSIS
-
- X509 *X509_new(void);
- void X509_free(X509 *a);
-
-=head1 DESCRIPTION
-
-The X509 ASN1 allocation routines, allocate and free an
-X509 structure, which represents an X509 certificate.
-
-X509_new() allocates and initializes a X509 structure.
-
-X509_free() frees up the B<X509> structure B<a>.
-
-=head1 RETURN VALUES
-
-If the allocation fails, X509_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-Otherwise it returns a pointer to the newly allocated structure.
-
-X509_free() returns no value.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-X509_new() and X509_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/bio.pod b/crypto/openssl/doc/crypto/bio.pod
deleted file mode 100644
index f9239226ffcc..000000000000
--- a/crypto/openssl/doc/crypto/bio.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-bio - I/O abstraction
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
-TBA
-
-
-=head1 DESCRIPTION
-
-A BIO is an I/O abstraction, it hides many of the underlying I/O
-details from an application. If an application uses a BIO for its
-I/O it can transparently handle SSL connections, unencrypted network
-connections and file I/O.
-
-There are two type of BIO, a source/sink BIO and a filter BIO.
-
-As its name implies a source/sink BIO is a source and/or sink of data,
-examples include a socket BIO and a file BIO.
-
-A filter BIO takes data from one BIO and passes it through to
-another, or the application. The data may be left unmodified (for
-example a message digest BIO) or translated (for example an
-encryption BIO). The effect of a filter BIO may change according
-to the I/O operation it is performing: for example an encryption
-BIO will encrypt data if it is being written to and decrypt data
-if it is being read from.
-
-BIOs can be joined together to form a chain (a single BIO is a chain
-with one component). A chain normally consist of one source/sink
-BIO and one or more filter BIOs. Data read from or written to the
-first BIO then traverses the chain to the end (normally a source/sink
-BIO).
-
-=head1 SEE ALSO
-
-L<BIO_ctrl(3)|BIO_ctrl(3)>,
-L<BIO_f_base64(3)|BIO_f_base64(3)>, L<BIO_f_buffer(3)|BIO_f_buffer(3)>,
-L<BIO_f_cipher(3)|BIO_f_cipher(3)>, L<BIO_f_md(3)|BIO_f_md(3)>,
-L<BIO_f_null(3)|BIO_f_null(3)>, L<BIO_f_ssl(3)|BIO_f_ssl(3)>,
-L<BIO_find_type(3)|BIO_find_type(3)>, L<BIO_new(3)|BIO_new(3)>,
-L<BIO_new_bio_pair(3)|BIO_new_bio_pair(3)>,
-L<BIO_push(3)|BIO_push(3)>, L<BIO_read(3)|BIO_read(3)>,
-L<BIO_s_accept(3)|BIO_s_accept(3)>, L<BIO_s_bio(3)|BIO_s_bio(3)>,
-L<BIO_s_connect(3)|BIO_s_connect(3)>, L<BIO_s_fd(3)|BIO_s_fd(3)>,
-L<BIO_s_file(3)|BIO_s_file(3)>, L<BIO_s_mem(3)|BIO_s_mem(3)>,
-L<BIO_s_null(3)|BIO_s_null(3)>, L<BIO_s_socket(3)|BIO_s_socket(3)>,
-L<BIO_set_callback(3)|BIO_set_callback(3)>,
-L<BIO_should_retry(3)|BIO_should_retry(3)>
diff --git a/crypto/openssl/doc/crypto/blowfish.pod b/crypto/openssl/doc/crypto/blowfish.pod
deleted file mode 100644
index ed71334f5618..000000000000
--- a/crypto/openssl/doc/crypto/blowfish.pod
+++ /dev/null
@@ -1,112 +0,0 @@
-=pod
-
-=head1 NAME
-
-blowfish, BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
-BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/blowfish.h>
-
- void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
- void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-         BF_KEY *key, int enc);
- void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
- 	 long length, BF_KEY *schedule, unsigned char *ivec, int enc);
- void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- 	 long length, BF_KEY *schedule, unsigned char *ivec, int *num,
-         int enc);
- void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- 	 long length, BF_KEY *schedule, unsigned char *ivec, int *num);
- const char *BF_options(void);
-
- void BF_encrypt(BF_LONG *data,const BF_KEY *key);
- void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-=head1 DESCRIPTION
-
-This library implements the Blowfish cipher, which was invented and described
-by Counterpane (see http://www.counterpane.com/blowfish.html ).
-
-Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
-It uses a variable size key, but typically, 128 bit (16 byte) keys are
-a considered good for strong encryption.  Blowfish can be used in the same
-modes as DES (see L<des_modes(7)|des_modes(7)>).  Blowfish is currently one
-of the faster block ciphers.  It is quite a bit faster than DES, and much
-faster than IDEA or RC2.
-
-Blowfish consists of a key setup phase and the actual encryption or decryption
-phase.
-
-BF_set_key() sets up the B<BF_KEY> B<key> using the B<len> bytes long key
-at B<data>.
-
-BF_ecb_encrypt() is the basic Blowfish encryption and decryption function.
-It encrypts or decrypts the first 64 bits of B<in> using the key B<key>,
-putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
-or decryption (B<BF_DECRYPT>) shall be performed.  The vector pointed at by
-B<in> and B<out> must be 64 bits in length, no less.  If they are larger,
-everything after the first 64 bits is ignored.
-
-The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt()
-all operate on variable length data.  They all take an initialization vector
-B<ivec> which needs to be passed along into the next call of the same function 
-for the same message.  B<ivec> may be initialized with anything, but the
-recipient needs to know what it was initialized with, or it won't be able
-to decrypt.  Some programs and protocols simplify this, like SSH, where
-B<ivec> is simply initialized to zero.
-BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while
-BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable
-number of bytes (the amount does not have to be an exact multiple of 8).  The
-purpose of the latter two is to simulate stream ciphers, and therefore, they
-need the parameter B<num>, which is a pointer to an integer where the current
-offset in B<ivec> is stored between calls.  This integer must be initialized
-to zero when B<ivec> is initialized.
-
-BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish.  It
-encrypts or decrypts the 64 bits chunks of B<in> using the key B<schedule>,
-putting the result in B<out>.  B<enc> decides if encryption (BF_ENCRYPT) or
-decryption (BF_DECRYPT) shall be performed.  B<ivec> must point at an 8 byte
-long initialization vector.
-
-BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback.
-It encrypts or decrypts the bytes in B<in> using the key B<schedule>,
-putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
-or decryption (B<BF_DECRYPT>) shall be performed.  B<ivec> must point at an
-8 byte long initialization vector. B<num> must point at an integer which must
-be initially zero.
-
-BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback.
-It uses the same parameters as BF_cfb64_encrypt(), which must be initialized
-the same way.
-
-BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish
-encryption.  They encrypt/decrypt the first 64 bits of the vector pointed by
-B<data>, using the key B<key>.  These functions should not be used unless you
-implement 'modes' of Blowfish.  The alternative is to use BF_ecb_encrypt().
-If you still want to use these functions, you should be aware that they take
-each 32-bit chunk in host-byte order, which is little-endian on little-endian
-platforms and big-endian on big-endian ones.
-
-=head1 RETURN VALUES
-
-None of the functions presented here return any value.
-
-=head1 NOTE
-
-Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling the
-blowfish functions directly.
-
-=head1 SEE ALSO
-
-L<des_modes(7)|des_modes(7)>
-
-=head1 HISTORY
-
-The Blowfish functions are available in all versions of SSLeay and OpenSSL.
-
-=cut
-
diff --git a/crypto/openssl/doc/crypto/bn.pod b/crypto/openssl/doc/crypto/bn.pod
deleted file mode 100644
index 210dfeac08cd..000000000000
--- a/crypto/openssl/doc/crypto/bn.pod
+++ /dev/null
@@ -1,158 +0,0 @@
-=pod
-
-=head1 NAME
-
-bn - multiprecision integer arithmetics
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_new(void);
- void BN_free(BIGNUM *a);
- void BN_init(BIGNUM *);
- void BN_clear(BIGNUM *a);
- void BN_clear_free(BIGNUM *a);
-
- BN_CTX *BN_CTX_new(void);
- void BN_CTX_init(BN_CTX *c);
- void BN_CTX_free(BN_CTX *c);
-
- BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
- BIGNUM *BN_dup(const BIGNUM *a);
-
- BIGNUM *BN_swap(BIGNUM *a, BIGNUM *b);
-
- int BN_num_bytes(const BIGNUM *a);
- int BN_num_bits(const BIGNUM *a);
- int BN_num_bits_word(BN_ULONG w);
-
- int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
- int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
- int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
- int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
-         BN_CTX *ctx);
- int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_nnmod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_add(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_sub(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_sqr(BIGNUM *ret, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
- int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-         const BIGNUM *m, BN_CTX *ctx);
- int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
- int BN_add_word(BIGNUM *a, BN_ULONG w);
- int BN_sub_word(BIGNUM *a, BN_ULONG w);
- int BN_mul_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
-
- int BN_zero(BIGNUM *a);
- int BN_one(BIGNUM *a);
- const BIGNUM *BN_value_one(void);
- int BN_set_word(BIGNUM *a, unsigned long w);
- unsigned long BN_get_word(BIGNUM *a);
-
- int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
- int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
-
- BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
-         BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
- int BN_is_prime(const BIGNUM *p, int nchecks,
-         void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
-
- int BN_set_bit(BIGNUM *a, int n);
- int BN_clear_bit(BIGNUM *a, int n);
- int BN_is_bit_set(const BIGNUM *a, int n);
- int BN_mask_bits(BIGNUM *a, int n);
- int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
- int BN_lshift1(BIGNUM *r, BIGNUM *a);
- int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
- int BN_rshift1(BIGNUM *r, BIGNUM *a);
-
- int BN_bn2bin(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
- char *BN_bn2hex(const BIGNUM *a);
- char *BN_bn2dec(const BIGNUM *a);
- int BN_hex2bn(BIGNUM **a, const char *str);
- int BN_dec2bn(BIGNUM **a, const char *str);
- int BN_print(BIO *fp, const BIGNUM *a);
- int BN_print_fp(FILE *fp, const BIGNUM *a);
- int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
-
- BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
-     BN_CTX *ctx);
-
- BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
- void BN_RECP_CTX_free(BN_RECP_CTX *recp);
- int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-        BN_RECP_CTX *recp, BN_CTX *ctx);
-
- BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
- void BN_MONT_CTX_free(BN_MONT_CTX *mont);
- int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
- BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
- int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-         BN_MONT_CTX *mont, BN_CTX *ctx);
- int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
- int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
-
-
-=head1 DESCRIPTION
-
-This library performs arithmetic operations on integers of arbitrary
-size. It was written for use in public key cryptography, such as RSA
-and Diffie-Hellman.
-
-It uses dynamic memory allocation for storing its data structures.
-That means that there is no limit on the size of the numbers
-manipulated by these functions, but return values must always be
-checked in case a memory allocation error has occurred.
-
-The basic object in this library is a B<BIGNUM>. It is used to hold a
-single large integer. This type should be considered opaque and fields
-should not be modified or accessed directly.
-
-The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
-L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
-Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
-describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
-random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
-numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
-of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
-
-=head1 SEE ALSO
-
-L<bn_internal(3)|bn_internal(3)>,
-L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
-L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
-L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
-L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
-L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> 
-
-=cut
diff --git a/crypto/openssl/doc/crypto/bn_internal.pod b/crypto/openssl/doc/crypto/bn_internal.pod
deleted file mode 100644
index 9805a7c9f298..000000000000
--- a/crypto/openssl/doc/crypto/bn_internal.pod
+++ /dev/null
@@ -1,226 +0,0 @@
-=pod
-
-=head1 NAME
-
-bn_mul_words, bn_mul_add_words, bn_sqr_words, bn_div_words,
-bn_add_words, bn_sub_words, bn_mul_comba4, bn_mul_comba8,
-bn_sqr_comba4, bn_sqr_comba8, bn_cmp_words, bn_mul_normal,
-bn_mul_low_normal, bn_mul_recursive, bn_mul_part_recursive,
-bn_mul_low_recursive, bn_mul_high, bn_sqr_normal, bn_sqr_recursive,
-bn_expand, bn_wexpand, bn_expand2, bn_fix_top, bn_check_top,
-bn_print, bn_dump, bn_set_max, bn_set_high, bn_set_low - BIGNUM
-library internal functions
-
-=head1 SYNOPSIS
-
- BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
- BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num,
-   BN_ULONG w);
- void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
- BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
- BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
-   int num);
- BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
-   int num);
-
- void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
- void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
- void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a);
- void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a);
-
- int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n);
-
- void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b,
-   int nb);
- void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
- void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-   int dna,int dnb,BN_ULONG *tmp);
- void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
-   int n, int tna,int tnb, BN_ULONG *tmp);
- void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
-   int n2, BN_ULONG *tmp);
- void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l,
-   int n2, BN_ULONG *tmp);
-
- void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
- void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *tmp);
-
- void mul(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
- void mul_add(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
- void sqr(BN_ULONG r0, BN_ULONG r1, BN_ULONG a);
-
- BIGNUM *bn_expand(BIGNUM *a, int bits);
- BIGNUM *bn_wexpand(BIGNUM *a, int n);
- BIGNUM *bn_expand2(BIGNUM *a, int n);
- void bn_fix_top(BIGNUM *a);
-
- void bn_check_top(BIGNUM *a);
- void bn_print(BIGNUM *a);
- void bn_dump(BN_ULONG *d, int n);
- void bn_set_max(BIGNUM *a);
- void bn_set_high(BIGNUM *r, BIGNUM *a, int n);
- void bn_set_low(BIGNUM *r, BIGNUM *a, int n);
-
-=head1 DESCRIPTION
-
-This page documents the internal functions used by the OpenSSL
-B<BIGNUM> implementation. They are described here to facilitate
-debugging and extending the library. They are I<not> to be used by
-applications.
-
-=head2 The BIGNUM structure
-
- typedef struct bignum_st
-        {
-        int top;      /* index of last used d (most significant word) */
-        BN_ULONG *d;  /* pointer to an array of 'BITS2' bit chunks */
-        int max;      /* size of the d array */
-        int neg;      /* sign */
-        } BIGNUM;
-
-The big number is stored in B<d>, a malloc()ed array of B<BN_ULONG>s,
-least significant first. A B<BN_ULONG> can be either 16, 32 or 64 bits
-in size (B<BITS2>), depending on the 'number of bits' specified in
-C<openssl/bn.h>.
-
-B<max> is the size of the B<d> array that has been allocated.  B<top>
-is the 'last' entry being used, so for a value of 4, bn.d[0]=4 and
-bn.top=1.  B<neg> is 1 if the number is negative.  When a B<BIGNUM> is
-B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
-
-Various routines in this library require the use of temporary
-B<BIGNUM> variables during their execution.  Since dynamic memory
-allocation to create B<BIGNUM>s is rather expensive when used in
-conjunction with repeated subroutine calls, the B<BN_CTX> structure is
-used.  This structure contains B<BN_CTX_NUM> B<BIGNUM>s, see
-L<BN_CTX_start(3)|BN_CTX_start(3)>.
-
-=head2 Low-level arithmetic operations
-
-These functions are implemented in C and for several platforms in
-assembly language:
-
-bn_mul_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num> word
-arrays B<rp> and B<ap>.  It computes B<ap> * B<w>, places the result
-in B<rp>, and returns the high word (carry).
-
-bn_mul_add_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num>
-word arrays B<rp> and B<ap>.  It computes B<ap> * B<w> + B<rp>, places
-the result in B<rp>, and returns the high word (carry).
-
-bn_sqr_words(B<rp>, B<ap>, B<n>) operates on the B<num> word array
-B<ap> and the 2*B<num> word array B<ap>.  It computes B<ap> * B<ap>
-word-wise, and places the low and high bytes of the result in B<rp>.
-
-bn_div_words(B<h>, B<l>, B<d>) divides the two word number (B<h>,B<l>)
-by B<d> and returns the result.
-
-bn_add_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
-arrays B<ap>, B<bp> and B<rp>.  It computes B<ap> + B<bp>, places the
-result in B<rp>, and returns the high word (carry).
-
-bn_sub_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
-arrays B<ap>, B<bp> and B<rp>.  It computes B<ap> - B<bp>, places the
-result in B<rp>, and returns the carry (1 if B<bp> E<gt> B<ap>, 0
-otherwise).
-
-bn_mul_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
-B<b> and the 8 word array B<r>.  It computes B<a>*B<b> and places the
-result in B<r>.
-
-bn_mul_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
-B<b> and the 16 word array B<r>.  It computes B<a>*B<b> and places the
-result in B<r>.
-
-bn_sqr_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
-B<b> and the 8 word array B<r>.
-
-bn_sqr_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
-B<b> and the 16 word array B<r>.
-
-The following functions are implemented in C:
-
-bn_cmp_words(B<a>, B<b>, B<n>) operates on the B<n> word arrays B<a>
-and B<b>.  It returns 1, 0 and -1 if B<a> is greater than, equal and
-less than B<b>.
-
-bn_mul_normal(B<r>, B<a>, B<na>, B<b>, B<nb>) operates on the B<na>
-word array B<a>, the B<nb> word array B<b> and the B<na>+B<nb> word
-array B<r>.  It computes B<a>*B<b> and places the result in B<r>.
-
-bn_mul_low_normal(B<r>, B<a>, B<b>, B<n>) operates on the B<n> word
-arrays B<r>, B<a> and B<b>.  It computes the B<n> low words of
-B<a>*B<b> and places the result in B<r>.
-
-bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<dna>, B<dnb>, B<t>) operates
-on the word arrays B<a> and B<b> of length B<n2>+B<dna> and B<n2>+B<dnb>
-(B<dna> and B<dnb> are currently allowed to be 0 or negative) and the 2*B<n2>
-word arrays B<r> and B<t>.  B<n2> must be a power of 2.  It computes
-B<a>*B<b> and places the result in B<r>.
-
-bn_mul_part_recursive(B<r>, B<a>, B<b>, B<n>, B<tna>, B<tnb>, B<tmp>)
-operates on the word arrays B<a> and B<b> of length B<n>+B<tna> and
-B<n>+B<tnb> and the 4*B<n> word arrays B<r> and B<tmp>.
-
-bn_mul_low_recursive(B<r>, B<a>, B<b>, B<n2>, B<tmp>) operates on the
-B<n2> word arrays B<r> and B<tmp> and the B<n2>/2 word arrays B<a>
-and B<b>.
-
-bn_mul_high(B<r>, B<a>, B<b>, B<l>, B<n2>, B<tmp>) operates on the
-B<n2> word arrays B<r>, B<a>, B<b> and B<l> (?) and the 3*B<n2> word
-array B<tmp>.
-
-BN_mul() calls bn_mul_normal(), or an optimized implementation if the
-factors have the same size: bn_mul_comba8() is used if they are 8
-words long, bn_mul_recursive() if they are larger than
-B<BN_MULL_SIZE_NORMAL> and the size is an exact multiple of the word
-size, and bn_mul_part_recursive() for others that are larger than
-B<BN_MULL_SIZE_NORMAL>.
-
-bn_sqr_normal(B<r>, B<a>, B<n>, B<tmp>) operates on the B<n> word array
-B<a> and the 2*B<n> word arrays B<tmp> and B<r>.
-
-The implementations use the following macros which, depending on the
-architecture, may use "long long" C operations or inline assembler.
-They are defined in C<bn_lcl.h>.
-
-mul(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<c> and places the
-low word of the result in B<r> and the high word in B<c>.
-
-mul_add(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<r>+B<c> and
-places the low word of the result in B<r> and the high word in B<c>.
-
-sqr(B<r0>, B<r1>, B<a>) computes B<a>*B<a> and places the low word
-of the result in B<r0> and the high word in B<r1>.
-
-=head2 Size changes
-
-bn_expand() ensures that B<b> has enough space for a B<bits> bit
-number.  bn_wexpand() ensures that B<b> has enough space for an
-B<n> word number.  If the number has to be expanded, both macros
-call bn_expand2(), which allocates a new B<d> array and copies the
-data.  They return B<NULL> on error, B<b> otherwise.
-
-The bn_fix_top() macro reduces B<a-E<gt>top> to point to the most
-significant non-zero word when B<a> has shrunk.
-
-=head2 Debugging
-
-bn_check_top() verifies that C<((a)-E<gt>top E<gt>= 0 && (a)-E<gt>top
-E<lt>= (a)-E<gt>max)>.  A violation will cause the program to abort.
-
-bn_print() prints B<a> to stderr. bn_dump() prints B<n> words at B<d>
-(in reverse order, i.e. most significant word first) to stderr.
-
-bn_set_max() makes B<a> a static number with a B<max> of its current size.
-This is used by bn_set_low() and bn_set_high() to make B<r> a read-only
-B<BIGNUM> that contains the B<n> low or high words of B<a>.
-
-If B<BN_DEBUG> is not defined, bn_check_top(), bn_print(), bn_dump()
-and bn_set_max() are defined as empty macros.
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/buffer.pod b/crypto/openssl/doc/crypto/buffer.pod
deleted file mode 100644
index 781f5b11ee54..000000000000
--- a/crypto/openssl/doc/crypto/buffer.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-BUF_MEM_new, BUF_MEM_free, BUF_MEM_grow, BUF_strdup - simple
-character arrays structure
-
-=head1 SYNOPSIS
-
- #include <openssl/buffer.h>
-
- BUF_MEM *BUF_MEM_new(void);
-
- void	BUF_MEM_free(BUF_MEM *a);
-
- int	BUF_MEM_grow(BUF_MEM *str, int len);
-
- char *	BUF_strdup(const char *str);
-
-=head1 DESCRIPTION
-
-The buffer library handles simple character arrays. Buffers are used for
-various purposes in the library, most notably memory BIOs.
-
-The library uses the BUF_MEM structure defined in buffer.h:
-
- typedef struct buf_mem_st
- {
-        int length;     /* current number of bytes */
-        char *data;
-        int max;        /* size of buffer */
- } BUF_MEM;
-
-B<length> is the current size of the buffer in bytes, B<max> is the amount of
-memory allocated to the buffer. There are three functions which handle these
-and one "miscellaneous" function.
-
-BUF_MEM_new() allocates a new buffer of zero size.
-
-BUF_MEM_free() frees up an already existing buffer. The data is zeroed
-before freeing up in case the buffer contains sensitive data.
-
-BUF_MEM_grow() changes the size of an already existing buffer to
-B<len>. Any data already in the buffer is preserved if it increases in
-size.
-
-BUF_strdup() copies a null terminated string into a block of allocated
-memory and returns a pointer to the allocated block.
-Unlike the standard C library strdup() this function uses OPENSSL_malloc() and so
-should be used in preference to the standard library strdup() because it can
-be used for memory leak checking or replacing the malloc() function.
-
-The memory allocated from BUF_strdup() should be freed up using the OPENSSL_free()
-function.
-
-=head1 RETURN VALUES
-
-BUF_MEM_new() returns the buffer or NULL on error.
-
-BUF_MEM_free() has no return value.
-
-BUF_MEM_grow() returns zero on error or the new size (i.e. B<len>).
-
-=head1 SEE ALSO
-
-L<bio(3)|bio(3)>
-
-=head1 HISTORY
-
-BUF_MEM_new(), BUF_MEM_free() and BUF_MEM_grow() are available in all
-versions of SSLeay and OpenSSL. BUF_strdup() was added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/crypto.pod b/crypto/openssl/doc/crypto/crypto.pod
deleted file mode 100644
index 7a527992bb5e..000000000000
--- a/crypto/openssl/doc/crypto/crypto.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-crypto - OpenSSL cryptographic library
-
-=head1 SYNOPSIS
-
-=head1 DESCRIPTION
-
-The OpenSSL B<crypto> library implements a wide range of cryptographic
-algorithms used in various Internet standards. The services provided
-by this library are used by the OpenSSL implementations of SSL, TLS
-and S/MIME, and they have also been used to implement SSH, OpenPGP, and
-other cryptographic standards.
-
-=head1 OVERVIEW
-
-B<libcrypto> consists of a number of sub-libraries that implement the
-individual algorithms.
-
-The functionality includes symmetric encryption, public key
-cryptography and key agreement, certificate handling, cryptographic
-hash functions and a cryptographic pseudo-random number generator.
-
-=over 4
-
-=item SYMMETRIC CIPHERS
-
-L<blowfish(3)|blowfish(3)>, L<cast(3)|cast(3)>, L<des(3)|des(3)>,
-L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)> 
-
-=item PUBLIC KEY CRYPTOGRAPHY AND KEY AGREEMENT
-
-L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rsa(3)|rsa(3)>
-
-=item CERTIFICATES
-
-L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)>
-
-=item AUTHENTICATION CODES, HASH FUNCTIONS
-
-L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>
-
-=item AUXILIARY FUNCTIONS
-
-L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
-L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
-
-=item INPUT/OUTPUT, DATA ENCODING
-
-L<asn1(3)|asn1(3)>, L<bio(3)|bio(3)>, L<evp(3)|evp(3)>, L<pem(3)|pem(3)>,
-L<pkcs7(3)|pkcs7(3)>, L<pkcs12(3)|pkcs12(3)> 
-
-=item INTERNAL FUNCTIONS
-
-L<bn(3)|bn(3)>, L<buffer(3)|buffer(3)>, L<lhash(3)|lhash(3)>,
-L<objects(3)|objects(3)>, L<stack(3)|stack(3)>,
-L<txt_db(3)|txt_db(3)> 
-
-=back
-
-=head1 NOTES
-
-Some of the newer functions follow a naming convention using the numbers
-B<0> and B<1>. For example the functions:
-
- int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
- int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-
-The B<0> version uses the supplied structure pointer directly
-in the parent and it will be freed up when the parent is freed.
-In the above example B<crl> would be freed but B<rev> would not.
-
-The B<1> function uses a copy of the supplied structure pointer
-(or in some cases increases its link count) in the parent and
-so both (B<x> and B<obj> above) should be freed up.
-
-=head1 SEE ALSO
-
-L<openssl(1)|openssl(1)>, L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod b/crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod
deleted file mode 100644
index 45bb18492cab..000000000000
--- a/crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_ASN1_OBJECT, i2d_ASN1_OBJECT - ASN1 OBJECT IDENTIFIER functions
-
-=head1 SYNOPSIS
-
- #include <openssl/objects.h>
-
- ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, long length);
- int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an ASN1 OBJECT IDENTIFIER.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_DHparams.pod b/crypto/openssl/doc/crypto/d2i_DHparams.pod
deleted file mode 100644
index 1e98aebeca01..000000000000
--- a/crypto/openssl/doc/crypto/d2i_DHparams.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
- int i2d_DHparams(DH *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode PKCS#3 DH parameters using the
-DHparameter structure described in PKCS#3.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_DSAPublicKey.pod b/crypto/openssl/doc/crypto/d2i_DSAPublicKey.pod
deleted file mode 100644
index 6ebd30427b88..000000000000
--- a/crypto/openssl/doc/crypto/d2i_DSAPublicKey.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_DSAPublicKey, i2d_DSAPublicKey, d2i_DSAPrivateKey, i2d_DSAPrivateKey,
-d2i_DSA_PUBKEY, i2d_DSA_PUBKEY, d2i_DSA_SIG, i2d_DSA_SIG - DSA key encoding
-and parsing functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAparams(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length);
-
- int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key
-components structure.
-
-d2i_DSA_PUKEY() and i2d_DSA_PUKEY() decode and encode an DSA public key using a
-SubjectPublicKeyInfo (certificate public key) structure.
-
-d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key
-components.
-
-d2i_DSAparams(), i2d_DSAparams() decode and encode the DSA parameters using
-a B<Dss-Parms> structure as defined in RFC2459.
-
-d2i_DSA_SIG(), i2d_DSA_SIG() decode and encode a DSA signature using a
-B<Dss-Sig-Value> structure as defined in RFC2459.
-
-The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 NOTES
-
-The B<DSA> structure passed to the private key encoding functions should have
-all the private key components present.
-
-The data encoded by the private key functions is unencrypted and therefore 
-offers no private key security.
-
-The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
-functions when encoding public keys because they use a standard format.
-
-The B<DSAPublicKey> functions use an non standard format the actual data encoded
-depends on the value of the B<write_params> field of the B<a> key parameter.
-If B<write_params> is zero then only the B<pub_key> field is encoded as an
-B<INTEGER>. If B<write_params> is 1 then a B<SEQUENCE> consisting of the
-B<p>, B<q>, B<g> and B<pub_key> respectively fields are encoded.
-
-The B<DSAPrivateKey> functions also use a non standard structure consiting
-consisting of a SEQUENCE containing the B<p>, B<q>, B<g> and B<pub_key> and
-B<priv_key> fields respectively.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_PKCS8PrivateKey.pod b/crypto/openssl/doc/crypto/d2i_PKCS8PrivateKey.pod
deleted file mode 100644
index a54b77908844..000000000000
--- a/crypto/openssl/doc/crypto/d2i_PKCS8PrivateKey.pod
+++ /dev/null
@@ -1,56 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp,
-i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp,
-i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
- EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
-
- int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-
- int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-
- int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-
- int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-				  char *kstr, int klen,
-				  pem_password_cb *cb, void *u);
-
-=head1 DESCRIPTION
-
-The PKCS#8 functions encode and decode private keys in PKCS#8 format using both
-PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.
-
-Other than the use of DER as opposed to PEM these functions are identical to the
-corresponding B<PEM> function as described in the L<pem(3)|pem(3)> manual page.
-
-=head1 NOTES
-
-Before using these functions L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
-should be called to initialize the internal algorithm lookup tables otherwise errors about
-unknown algorithms will occur if an attempt is made to decrypt a private key. 
-
-These functions are currently the only way to store encrypted private keys using DER format.
-
-Currently all the functions use BIOs or FILE pointers, there are no functions which
-work directly on memory: this can be readily worked around by converting the buffers
-to memory BIOs, see L<BIO_s_mem(3)|BIO_s_mem(3)> for details.
-
-=head1 SEE ALSO
-
-L<pem(3)|pem(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod b/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod
deleted file mode 100644
index 7c71bcbf3dbd..000000000000
--- a/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey,
-d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA,
-d2i_Netscape_RSA - RSA public and private key encoding functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
-
- int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
-
- RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length);
-
- int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
-
- RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
-
- int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
-
- int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
-
- RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
-
-=head1 DESCRIPTION
-
-d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey
-structure.
-
-d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a
-SubjectPublicKeyInfo (certificate public key) structure.
-
-d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey
-structure.
-
-d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in
-NET format.
-
-The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 NOTES
-
-The B<RSA> structure passed to the private key encoding functions should have
-all the PKCS#1 private key components present.
-
-The data encoded by the private key functions is unencrypted and therefore 
-offers no private key security. 
-
-The NET format functions are present to provide compatibility with certain very
-old software. This format has some severe security weaknesses and should be
-avoided if possible.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509.pod b/crypto/openssl/doc/crypto/d2i_X509.pod
deleted file mode 100644
index 5e3c3d098573..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509.pod
+++ /dev/null
@@ -1,231 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio,
-i2d_X509_fp - X509 encode and decode functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509 *d2i_X509(X509 **px, unsigned char **in, int len);
- int i2d_X509(X509 *x, unsigned char **out);
-
- X509 *d2i_X509_bio(BIO *bp, X509 **x);
- X509 *d2i_X509_fp(FILE *fp, X509 **x);
-
- int i2d_X509_bio(X509 *x, BIO *bp);
- int i2d_X509_fp(X509 *x, FILE *fp);
-
-=head1 DESCRIPTION
-
-The X509 encode and decode routines encode and parse an
-B<X509> structure, which represents an X509 certificate.
-
-d2i_X509() attempts to decode B<len> bytes at B<*out>. If 
-successful a pointer to the B<X509> structure is returned. If an error
-occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
-returned structure is written to B<*px>. If B<*px> is not B<NULL>
-then it is assumed that B<*px> contains a valid B<X509>
-structure and an attempt is made to reuse it. If the call is
-successful B<*out> is incremented to the byte following the
-parsed data.
-
-i2d_X509() encodes the structure pointed to by B<x> into DER format.
-If B<out> is not B<NULL> is writes the DER encoded data to the buffer
-at B<*out>, and increments it to point after the data just written.
-If the return value is negative an error occurred, otherwise it
-returns the length of the encoded data. 
-
-For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
-allocated for a buffer and the encoded data written to it. In this
-case B<*out> is not incremented and it points to the start of the
-data just written.
-
-d2i_X509_bio() is similar to d2i_X509() except it attempts
-to parse data from BIO B<bp>.
-
-d2i_X509_fp() is similar to d2i_X509() except it attempts
-to parse data from FILE pointer B<fp>.
-
-i2d_X509_bio() is similar to i2d_X509() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-i2d_X509_fp() is similar to i2d_X509() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-=head1 NOTES
-
-The letters B<i> and B<d> in for example B<i2d_X509> stand for
-"internal" (that is an internal C structure) and "DER". So that
-B<i2d_X509> converts from internal to DER.
-
-The functions can also understand B<BER> forms.
-
-The actual X509 structure passed to i2d_X509() must be a valid
-populated B<X509> structure it can B<not> simply be fed with an
-empty structure such as that returned by X509_new().
-
-The encoded data is in binary form and may contain embedded zeroes.
-Therefore any FILE pointers or BIOs should be opened in binary mode.
-Functions such as B<strlen()> will B<not> return the correct length
-of the encoded structure.
-
-The ways that B<*in> and B<*out> are incremented after the operation
-can trap the unwary. See the B<WARNINGS> section for some common
-errors.
-
-The reason for the auto increment behaviour is to reflect a typical
-usage of ASN1 functions: after one structure is encoded or decoded
-another will processed after it.
-
-=head1 EXAMPLES
-
-Allocate and encode the DER encoding of an X509 structure:
-
- int len;
- unsigned char *buf, *p;
-
- len = i2d_X509(x, NULL);
-
- buf = OPENSSL_malloc(len);
-
- if (buf == NULL)
-	/* error */
-
- p = buf;
-
- i2d_X509(x, &p);
-
-If you are using OpenSSL 0.9.7 or later then this can be
-simplified to:
-
-
- int len;
- unsigned char *buf;
-
- buf = NULL;
-
- len = i2d_X509(x, &buf);
-
- if (len < 0)
-	/* error */
-
-Attempt to decode a buffer:
-
- X509 *x;
-
- unsigned char *buf, *p;
-
- int len;
-
- /* Something to setup buf and len */
-
- p = buf;
-
- x = d2i_X509(NULL, &p, len);
-
- if (x == NULL)
-    /* Some error */
-
-Alternative technique:
-
- X509 *x;
-
- unsigned char *buf, *p;
-
- int len;
-
- /* Something to setup buf and len */
-
- p = buf;
-
- x = NULL;
-
- if(!d2i_X509(&x, &p, len))
-    /* Some error */
-
-
-=head1 WARNINGS
-
-The use of temporary variable is mandatory. A common
-mistake is to attempt to use a buffer directly as follows:
-
- int len;
- unsigned char *buf;
-
- len = i2d_X509(x, NULL);
-
- buf = OPENSSL_malloc(len);
-
- if (buf == NULL)
-	/* error */
-
- i2d_X509(x, &buf);
-
- /* Other stuff ... */
-
- OPENSSL_free(buf);
-
-This code will result in B<buf> apparently containing garbage because
-it was incremented after the call to point after the data just written.
-Also B<buf> will no longer contain the pointer allocated by B<OPENSSL_malloc()>
-and the subsequent call to B<OPENSSL_free()> may well crash.
-
-The auto allocation feature (setting buf to NULL) only works on OpenSSL
-0.9.7 and later. Attempts to use it on earlier versions will typically
-cause a segmentation violation.
-
-Another trap to avoid is misuse of the B<xp> argument to B<d2i_X509()>:
-
- X509 *x;
-
- if (!d2i_X509(&x, &p, len))
-	/* Some error */
-
-This will probably crash somewhere in B<d2i_X509()>. The reason for this
-is that the variable B<x> is uninitialized and an attempt will be made to
-interpret its (invalid) value as an B<X509> structure, typically causing
-a segmentation violation. If B<x> is set to NULL first then this will not
-happen.
-
-=head1 BUGS
-
-In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when 
-B<*px> is valid is broken and some parts of the reused structure may
-persist if they are not present in the new one. As a result the use
-of this "reuse" behaviour is strongly discouraged.
-
-i2d_X509() will not return an error in many versions of OpenSSL,
-if mandatory fields are not initialized due to a programming error
-then the encoded structure may contain invalid data or omit the
-fields entirely and will not be parsed by d2i_X509(). This may be
-fixed in future so code should not assume that i2d_X509() will
-always succeed.
-
-=head1 RETURN VALUES
-
-d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
-or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. 
-
-i2d_X509(), i2d_X509_bio() and i2d_X509_fp() return a the number of bytes
-successfully encoded or a negative value if an error occurs. The error code
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
-
-i2d_X509_bio() and i2d_X509_fp() returns 1 for success and 0 if an error 
-occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio and i2d_X509_fp
-are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod b/crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod
deleted file mode 100644
index 9e5cd92ca7ed..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_ALGOR, i2d_X509_ALGOR - AlgorithmIdentifier functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length);
- int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an B<X509_ALGOR> structure which is
-equivalent to the B<AlgorithmIdentifier> structure.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509_CRL.pod b/crypto/openssl/doc/crypto/d2i_X509_CRL.pod
deleted file mode 100644
index 06c5b23c090a..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509_CRL.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_CRL, i2d_X509_CRL, d2i_X509_CRL_bio, d2i_509_CRL_fp,
-i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length);
- int i2d_X509_CRL(X509_CRL *a, unsigned char **pp);
-
- X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
- X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
-
- int i2d_X509_CRL_bio(X509_CRL *x, BIO *bp);
- int i2d_X509_CRL_fp(X509_CRL *x, FILE *fp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an X509 CRL (certificate revocation
-list).
-
-Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509_NAME.pod b/crypto/openssl/doc/crypto/d2i_X509_NAME.pod
deleted file mode 100644
index 343ffe151914..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509_NAME.pod
+++ /dev/null
@@ -1,31 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_NAME, i2d_X509_NAME - X509_NAME encoding functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length);
- int i2d_X509_NAME(X509_NAME *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an B<X509_NAME> structure which is the
-the same as the B<Name> type defined in RFC2459 (and elsewhere) and used
-for example in certificate subject and issuer names.
-
-Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509_REQ.pod b/crypto/openssl/doc/crypto/d2i_X509_REQ.pod
deleted file mode 100644
index be4ad68257e0..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509_REQ.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_REQ, i2d_X509_REQ, d2i_X509_REQ_bio, d2i_X509_REQ_fp,
-i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length);
- int i2d_X509_REQ(X509_REQ *a, unsigned char **pp);
-
- X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
- X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
-
- int i2d_X509_REQ_bio(X509_REQ *x, BIO *bp);
- int i2d_X509_REQ_fp(X509_REQ *x, FILE *fp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode a PKCS#10 certificate request.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/d2i_X509_SIG.pod b/crypto/openssl/doc/crypto/d2i_X509_SIG.pod
deleted file mode 100644
index e48fd79a5104..000000000000
--- a/crypto/openssl/doc/crypto/d2i_X509_SIG.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_SIG, i2d_X509_SIG - DigestInfo functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length);
- int i2d_X509_SIG(X509_SIG *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an X509_SIG structure which is
-equivalent to the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-TBA
-
-=cut
diff --git a/crypto/openssl/doc/crypto/des.pod b/crypto/openssl/doc/crypto/des.pod
deleted file mode 100644
index 528c73acac61..000000000000
--- a/crypto/openssl/doc/crypto/des.pod
+++ /dev/null
@@ -1,358 +0,0 @@
-=pod
-
-=head1 NAME
-
-DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked,
-DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key,
-DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt,
-DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt,
-DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
-DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
-DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
-DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
-DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/des.h>
-
- void DES_random_key(DES_cblock *ret);
-
- int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
- int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
- int DES_set_key_checked(const_DES_cblock *key,
-        DES_key_schedule *schedule);
- void DES_set_key_unchecked(const_DES_cblock *key,
-        DES_key_schedule *schedule);
-
- void DES_set_odd_parity(DES_cblock *key);
- int DES_is_weak_key(const_DES_cblock *key);
-
- void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, 
-        DES_key_schedule *ks, int enc);
- void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, 
-        DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
- void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, 
-        DES_key_schedule *ks1, DES_key_schedule *ks2, 
-        DES_key_schedule *ks3, int enc);
-
- void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, 
-        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
-        int enc);
- void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
-        int numbits, long length, DES_key_schedule *schedule,
-        DES_cblock *ivec, int enc);
- void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
-        int numbits, long length, DES_key_schedule *schedule,
-        DES_cblock *ivec);
- void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, 
-        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
-        int enc);
- void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int *num, int enc);
- void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int *num);
-
- void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, 
-        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
-        const_DES_cblock *inw, const_DES_cblock *outw, int enc);
-
- void DES_ede2_cbc_encrypt(const unsigned char *input,
-        unsigned char *output, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int enc);
- void DES_ede2_cfb64_encrypt(const unsigned char *in,
-        unsigned char *out, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
- void DES_ede2_ofb64_encrypt(const unsigned char *in,
-        unsigned char *out, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int *num);
-
- void DES_ede3_cbc_encrypt(const unsigned char *input,
-        unsigned char *output, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
-        int enc);
- void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, 
-        long length, DES_key_schedule *ks1, DES_key_schedule *ks2, 
-        DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, 
-        int enc);
- void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, 
-        long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-        DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
- void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
-        long length, DES_key_schedule *ks1, 
-        DES_key_schedule *ks2, DES_key_schedule *ks3, 
-        DES_cblock *ivec, int *num);
-
- DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, 
-        long length, DES_key_schedule *schedule, 
-        const_DES_cblock *ivec);
- DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], 
-        long length, int out_count, DES_cblock *seed);
- void DES_string_to_key(const char *str, DES_cblock *key);
- void DES_string_to_2keys(const char *str, DES_cblock *key1,
-        DES_cblock *key2);
-
- char *DES_fcrypt(const char *buf, const char *salt, char *ret);
- char *DES_crypt(const char *buf, const char *salt);
-
- int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-        DES_cblock *iv);
- int DES_enc_write(int fd, const void *buf, int len,
-        DES_key_schedule *sched, DES_cblock *iv);
-
-=head1 DESCRIPTION
-
-This library contains a fast implementation of the DES encryption
-algorithm.
-
-There are two phases to the use of DES encryption.  The first is the
-generation of a I<DES_key_schedule> from a key, the second is the
-actual encryption.  A DES key is of type I<DES_cblock>. This type is
-consists of 8 bytes with odd parity.  The least significant bit in
-each byte is the parity bit.  The key schedule is an expanded form of
-the key; it is used to speed the encryption process.
-
-DES_random_key() generates a random key.  The PRNG must be seeded
-prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
-could not generate a secure key, 0 is returned.
-
-Before a DES key can be used, it must be converted into the
-architecture dependent I<DES_key_schedule> via the
-DES_set_key_checked() or DES_set_key_unchecked() function.
-
-DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
-is returned.  If the key is a weak key, then -2 is returned.  If an
-error is returned, the key schedule is not generated.
-
-DES_set_key() works like
-DES_set_key_checked() if the I<DES_check_key> flag is non-zero,
-otherwise like DES_set_key_unchecked().  These functions are available
-for compatibility; it is recommended to use a function that does not
-depend on a global variable.
-
-DES_set_odd_parity() sets the parity of the passed I<key> to odd.
-
-DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it
-is ok.  The probability that a randomly generated key is weak is
-1/2^52, so it is not really worth checking for them.
-
-The following routines mostly operate on an input and output stream of
-I<DES_cblock>s.
-
-DES_ecb_encrypt() is the basic DES encryption routine that encrypts or
-decrypts a single 8-byte I<DES_cblock> in I<electronic code book>
-(ECB) mode.  It always transforms the input data, pointed to by
-I<input>, into the output data, pointed to by the I<output> argument.
-If the I<encrypt> argument is non-zero (DES_ENCRYPT), the I<input>
-(cleartext) is encrypted in to the I<output> (ciphertext) using the
-key_schedule specified by the I<schedule> argument, previously set via
-I<DES_set_key>. If I<encrypt> is zero (DES_DECRYPT), the I<input> (now
-ciphertext) is decrypted into the I<output> (now cleartext).  Input
-and output may overlap.  DES_ecb_encrypt() does not return a value.
-
-DES_ecb3_encrypt() encrypts/decrypts the I<input> block by using
-three-key Triple-DES encryption in ECB mode.  This involves encrypting
-the input with I<ks1>, decrypting with the key schedule I<ks2>, and
-then encrypting with I<ks3>.  This routine greatly reduces the chances
-of brute force breaking of DES and has the advantage of if I<ks1>,
-I<ks2> and I<ks3> are the same, it is equivalent to just encryption
-using ECB mode and I<ks1> as the key.
-
-The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES
-encryption by using I<ks1> for the final encryption.
-
-DES_ncbc_encrypt() encrypts/decrypts using the I<cipher-block-chaining>
-(CBC) mode of DES.  If the I<encrypt> argument is non-zero, the
-routine cipher-block-chain encrypts the cleartext data pointed to by
-the I<input> argument into the ciphertext pointed to by the I<output>
-argument, using the key schedule provided by the I<schedule> argument,
-and initialization vector provided by the I<ivec> argument.  If the
-I<length> argument is not an integral multiple of eight bytes, the
-last block is copied to a temporary area and zero filled.  The output
-is always an integral multiple of eight bytes.
-
-DES_xcbc_encrypt() is RSA's DESX mode of DES.  It uses I<inw> and
-I<outw> to 'whiten' the encryption.  I<inw> and I<outw> are secret
-(unlike the iv) and are as such, part of the key.  So the key is sort
-of 24 bytes.  This is much better than CBC DES.
-
-DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with
-three keys. This means that each DES operation inside the CBC mode is
-really an C<C=E(ks3,D(ks2,E(ks1,M)))>.  This mode is used by SSL.
-
-The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by
-reusing I<ks1> for the final encryption.  C<C=E(ks1,D(ks2,E(ks1,M)))>.
-This form of Triple-DES is used by the RSAREF library.
-
-DES_pcbc_encrypt() encrypt/decrypts using the propagating cipher block
-chaining mode used by Kerberos v4. Its parameters are the same as
-DES_ncbc_encrypt().
-
-DES_cfb_encrypt() encrypt/decrypts using cipher feedback mode.  This
-method takes an array of characters as input and outputs and array of
-characters.  It does not require any padding to 8 character groups.
-Note: the I<ivec> variable is changed and the new changed value needs to
-be passed to the next call to this function.  Since this function runs
-a complete DES ECB encryption per I<numbits>, this function is only
-suggested for use when sending small numbers of characters.
-
-DES_cfb64_encrypt()
-implements CFB mode of DES with 64bit feedback.  Why is this
-useful you ask?  Because this routine will allow you to encrypt an
-arbitrary number of bytes, no 8 byte padding.  Each call to this
-routine will encrypt the input bytes to output and then update ivec
-and num.  num contains 'how far' we are though ivec.  If this does
-not make much sense, read more about cfb mode of DES :-).
-
-DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as
-DES_cfb64_encrypt() except that Triple-DES is used.
-
-DES_ofb_encrypt() encrypts using output feedback mode.  This method
-takes an array of characters as input and outputs and array of
-characters.  It does not require any padding to 8 character groups.
-Note: the I<ivec> variable is changed and the new changed value needs to
-be passed to the next call to this function.  Since this function runs
-a complete DES ECB encryption per numbits, this function is only
-suggested for use when sending small numbers of characters.
-
-DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output
-Feed Back mode.
-
-DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as
-DES_ofb64_encrypt(), using Triple-DES.
-
-The following functions are included in the DES library for
-compatibility with the MIT Kerberos library.
-
-DES_cbc_cksum() produces an 8 byte checksum based on the input stream
-(via CBC encryption).  The last 4 bytes of the checksum are returned
-and the complete 8 bytes are placed in I<output>. This function is
-used by Kerberos v4.  Other applications should use
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead.
-
-DES_quad_cksum() is a Kerberos v4 function.  It returns a 4 byte
-checksum from the input bytes.  The algorithm can be iterated over the
-input, depending on I<out_count>, 1, 2, 3 or 4 times.  If I<output> is
-non-NULL, the 8 bytes generated by each pass are written into
-I<output>.
-
-The following are DES-based transformations:
-
-DES_fcrypt() is a fast version of the Unix crypt(3) function.  This
-version takes only a small amount of space relative to other fast
-crypt() implementations.  This is different to the normal crypt in
-that the third parameter is the buffer that the return value is
-written into.  It needs to be at least 14 bytes long.  This function
-is thread safe, unlike the normal crypt.
-
-DES_crypt() is a faster replacement for the normal system crypt().
-This function calls DES_fcrypt() with a static array passed as the
-third parameter.  This emulates the normal non-thread safe semantics
-of crypt(3).
-
-DES_enc_write() writes I<len> bytes to file descriptor I<fd> from
-buffer I<buf>. The data is encrypted via I<pcbc_encrypt> (default)
-using I<sched> for the key and I<iv> as a starting vector.  The actual
-data send down I<fd> consists of 4 bytes (in network byte order)
-containing the length of the following encrypted data.  The encrypted
-data then follows, padded with random data out to a multiple of 8
-bytes.
-
-DES_enc_read() is used to read I<len> bytes from file descriptor
-I<fd> into buffer I<buf>. The data being read from I<fd> is assumed to
-have come from DES_enc_write() and is decrypted using I<sched> for
-the key schedule and I<iv> for the initial vector.
-
-B<Warning:> The data format used by DES_enc_write() and DES_enc_read()
-has a cryptographic weakness: When asked to write more than MAXWRITE
-bytes, DES_enc_write() will split the data into several chunks that
-are all encrypted using the same IV.  So don't use these functions
-unless you are sure you know what you do (in which case you might not
-want to use them anyway).  They cannot handle non-blocking sockets.
-DES_enc_read() uses an internal state and thus cannot be used on
-multiple files.
-
-I<DES_rw_mode> is used to specify the encryption mode to use with
-DES_enc_read() and DES_end_write().  If set to I<DES_PCBC_MODE> (the
-default), DES_pcbc_encrypt is used.  If set to I<DES_CBC_MODE>
-DES_cbc_encrypt is used.
-
-=head1 NOTES
-
-Single-key DES is insecure due to its short key size.  ECB mode is
-not suitable for most applications; see L<DES_modes(7)|DES_modes(7)>.
-
-The L<evp(3)|evp(3)> library provides higher-level encryption functions.
-
-=head1 BUGS
-
-DES_3cbc_encrypt() is flawed and must not be used in applications.
-
-DES_cbc_encrypt() does not modify B<ivec>; use DES_ncbc_encrypt()
-instead.
-
-DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits.
-What this means is that if you set numbits to 12, and length to 2, the
-first 12 bits will come from the 1st input byte and the low half of
-the second input byte.  The second 12 bits will have the low 8 bits
-taken from the 3rd input byte and the top 4 bits taken from the 4th
-input byte.  The same holds for output.  This function has been
-implemented this way because most people will be using a multiple of 8
-and because once you get into pulling bytes input bytes apart things
-get ugly!
-
-DES_string_to_key() is available for backward compatibility with the
-MIT library.  New applications should use a cryptographic hash function.
-The same applies for DES_string_to_2key().
-
-=head1 CONFORMING TO
-
-ANSI X3.106
-
-The B<des> library was written to be source code compatible with
-the MIT Kerberos library.
-
-=head1 SEE ALSO
-
-crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-In OpenSSL 0.9.7, all des_ functions were renamed to DES_ to avoid
-clashes with older versions of libdes.  Compatibility des_ functions
-are provided for a short while, as well as crypt().
-Declarations for these are in <openssl/des_old.h>. There is no DES_
-variant for des_random_seed().
-This will happen to other functions
-as well if they are deemed redundant (des_random_seed() just calls
-RAND_seed() and is present for backward compatibility only), buggy or
-already scheduled for removal.
-
-des_cbc_cksum(), des_cbc_encrypt(), des_ecb_encrypt(),
-des_is_weak_key(), des_key_sched(), des_pcbc_encrypt(),
-des_quad_cksum(), des_random_key() and des_string_to_key()
-are available in the MIT Kerberos library;
-des_check_key_parity(), des_fixup_key_parity() and des_is_weak_key()
-are available in newer versions of that library.
-
-des_set_key_checked() and des_set_key_unchecked() were added in
-OpenSSL 0.9.5.
-
-des_generate_random_block(), des_init_random_number_generator(),
-des_new_random_key(), des_set_random_generator_seed() and
-des_set_sequence_number() and des_rand_data() are used in newer
-versions of Kerberos but are not implemented here.
-
-des_random_key() generated cryptographically weak random data in
-SSLeay and in OpenSSL prior version 0.9.5, as well as in the original
-MIT library.
-
-=head1 AUTHOR
-
-Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
-(http://www.openssl.org).
-
-=cut
diff --git a/crypto/openssl/doc/crypto/des_modes.pod b/crypto/openssl/doc/crypto/des_modes.pod
deleted file mode 100644
index da75e8007d45..000000000000
--- a/crypto/openssl/doc/crypto/des_modes.pod
+++ /dev/null
@@ -1,253 +0,0 @@
-=pod
-
-=head1 NAME
-
-Modes of DES - the variants of DES and other crypto algorithms of OpenSSL
-
-=head1 DESCRIPTION
-
-Several crypto algorithms for OpenSSL can be used in a number of modes.  Those
-are used for using block ciphers in a way similar to stream ciphers, among
-other things.
-
-=head1 OVERVIEW
-
-=head2 Electronic Codebook Mode (ECB)
-
-Normally, this is found as the function I<algorithm>_ecb_encrypt().
-
-=over 2
-
-=item *
-
-64 bits are enciphered at a time.
-
-=item *
-
-The order of the blocks can be rearranged without detection.
-
-=item *
-
-The same plaintext block always produces the same ciphertext block
-(for the same key) making it vulnerable to a 'dictionary attack'.
-
-=item *
-
-An error will only affect one ciphertext block.
-
-=back
-
-=head2 Cipher Block Chaining Mode (CBC)
-
-Normally, this is found as the function I<algorithm>_cbc_encrypt().
-Be aware that des_cbc_encrypt() is not really DES CBC (it does
-not update the IV); use des_ncbc_encrypt() instead.
-
-=over 2
-
-=item *
-
-a multiple of 64 bits are enciphered at a time.
-
-=item *
-
-The CBC mode produces the same ciphertext whenever the same
-plaintext is encrypted using the same key and starting variable.
-
-=item *
-
-The chaining operation makes the ciphertext blocks dependent on the
-current and all preceding plaintext blocks and therefore blocks can not
-be rearranged.
-
-=item *
-
-The use of different starting variables prevents the same plaintext
-enciphering to the same ciphertext.
-
-=item *
-
-An error will affect the current and the following ciphertext blocks.
-
-=back
-
-=head2 Cipher Feedback Mode (CFB)
-
-Normally, this is found as the function I<algorithm>_cfb_encrypt().
-
-=over 2
-
-=item *
-
-a number of bits (j) <= 64 are enciphered at a time.
-
-=item *
-
-The CFB mode produces the same ciphertext whenever the same
-plaintext is encrypted using the same key and starting variable.
-
-=item *
-
-The chaining operation makes the ciphertext variables dependent on the
-current and all preceding variables and therefore j-bit variables are
-chained together and can not be rearranged.
-
-=item *
-
-The use of different starting variables prevents the same plaintext
-enciphering to the same ciphertext.
-
-=item *
-
-The strength of the CFB mode depends on the size of k (maximal if
-j == k).  In my implementation this is always the case.
-
-=item *
-
-Selection of a small value for j will require more cycles through
-the encipherment algorithm per unit of plaintext and thus cause
-greater processing overheads.
-
-=item *
-
-Only multiples of j bits can be enciphered.
-
-=item *
-
-An error will affect the current and the following ciphertext variables.
-
-=back
-
-=head2 Output Feedback Mode (OFB)
-
-Normally, this is found as the function I<algorithm>_ofb_encrypt().
-
-=over 2
-
-
-=item *
-
-a number of bits (j) <= 64 are enciphered at a time.
-
-=item *
-
-The OFB mode produces the same ciphertext whenever the same
-plaintext enciphered using the same key and starting variable.  More
-over, in the OFB mode the same key stream is produced when the same
-key and start variable are used.  Consequently, for security reasons
-a specific start variable should be used only once for a given key.
-
-=item *
-
-The absence of chaining makes the OFB more vulnerable to specific attacks.
-
-=item *
-
-The use of different start variables values prevents the same
-plaintext enciphering to the same ciphertext, by producing different
-key streams.
-
-=item *
-
-Selection of a small value for j will require more cycles through
-the encipherment algorithm per unit of plaintext and thus cause
-greater processing overheads.
-
-=item *
-
-Only multiples of j bits can be enciphered.
-
-=item *
-
-OFB mode of operation does not extend ciphertext errors in the
-resultant plaintext output.  Every bit error in the ciphertext causes
-only one bit to be in error in the deciphered plaintext.
-
-=item *
-
-OFB mode is not self-synchronizing.  If the two operation of
-encipherment and decipherment get out of synchronism, the system needs
-to be re-initialized.
-
-=item *
-
-Each re-initialization should use a value of the start variable
-different from the start variable values used before with the same
-key.  The reason for this is that an identical bit stream would be
-produced each time from the same parameters.  This would be
-susceptible to a 'known plaintext' attack.
-
-=back
-
-=head2 Triple ECB Mode
-
-Normally, this is found as the function I<algorithm>_ecb3_encrypt().
-
-=over 2
-
-=item *
-
-Encrypt with key1, decrypt with key2 and encrypt with key3 again.
-
-=item *
-
-As for ECB encryption but increases the key length to 168 bits.
-There are theoretic attacks that can be used that make the effective
-key length 112 bits, but this attack also requires 2^56 blocks of
-memory, not very likely, even for the NSA.
-
-=item *
-
-If both keys are the same it is equivalent to encrypting once with
-just one key.
-
-=item *
-
-If the first and last key are the same, the key length is 112 bits.
-There are attacks that could reduce the effective key strength
-to only slightly more than 56 bits, but these require a lot of memory.
-
-=item *
-
-If all 3 keys are the same, this is effectively the same as normal
-ecb mode.
-
-=back
-
-=head2 Triple CBC Mode
-
-Normally, this is found as the function I<algorithm>_ede3_cbc_encrypt().
-
-=over 2
-
-
-=item *
-
-Encrypt with key1, decrypt with key2 and then encrypt with key3.
-
-=item *
-
-As for CBC encryption but increases the key length to 168 bits with
-the same restrictions as for triple ecb mode.
-
-=back
-
-=head1 NOTES
-
-This text was been written in large parts by Eric Young in his original
-documentation for SSLeay, the predecessor of OpenSSL.  In turn, he attributed
-it to:
-
-	AS 2805.5.2
-	Australian Standard
-	Electronic funds transfer - Requirements for interfaces,
-	Part 5.2: Modes of operation for an n-bit block cipher algorithm
-	Appendix A
-
-=head1 SEE ALSO
-
-L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
-L<rc2(3)|rc2(3)>
-
-=cut
-
diff --git a/crypto/openssl/doc/crypto/dh.pod b/crypto/openssl/doc/crypto/dh.pod
deleted file mode 100644
index c3ccd0620783..000000000000
--- a/crypto/openssl/doc/crypto/dh.pod
+++ /dev/null
@@ -1,78 +0,0 @@
-=pod
-
-=head1 NAME
-
-dh - Diffie-Hellman key agreement
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- DH *	DH_new(void);
- void	DH_free(DH *dh);
-
- int	DH_size(const DH *dh);
-
- DH *	DH_generate_parameters(int prime_len, int generator,
-		void (*callback)(int, int, void *), void *cb_arg);
- int	DH_check(const DH *dh, int *codes);
-
- int	DH_generate_key(DH *dh);
- int	DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
- void DH_set_default_method(const DH_METHOD *meth);
- const DH_METHOD *DH_get_default_method(void);
- int DH_set_method(DH *dh, const DH_METHOD *meth);
- DH *DH_new_method(ENGINE *engine);
- const DH_METHOD *DH_OpenSSL(void);
-
- int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-	     int (*dup_func)(), void (*free_func)());
- int DH_set_ex_data(DH *d, int idx, char *arg);
- char *DH_get_ex_data(DH *d, int idx);
-
- DH *	d2i_DHparams(DH **a, unsigned char **pp, long length);
- int	i2d_DHparams(const DH *a, unsigned char **pp);
-
- int	DHparams_print_fp(FILE *fp, const DH *x);
- int	DHparams_print(BIO *bp, const DH *x);
-
-=head1 DESCRIPTION
-
-These functions implement the Diffie-Hellman key agreement protocol.
-The generation of shared DH parameters is described in
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how
-to perform a key agreement.
-
-The B<DH> structure consists of several BIGNUM components.
-
- struct
-        {
-        BIGNUM *p;		// prime number (shared)
-        BIGNUM *g;		// generator of Z_p (shared)
-        BIGNUM *priv_key;	// private DH value x
-        BIGNUM *pub_key;	// public DH value g^x
-        // ...
-        };
- DH
-
-Note that DH keys may use non-standard B<DH_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using DH
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 SEE ALSO
-
-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
-L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)> 
-
-=cut
diff --git a/crypto/openssl/doc/crypto/dsa.pod b/crypto/openssl/doc/crypto/dsa.pod
deleted file mode 100644
index da07d2b930ce..000000000000
--- a/crypto/openssl/doc/crypto/dsa.pod
+++ /dev/null
@@ -1,114 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsa - Digital Signature Algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- DSA *	DSA_new(void);
- void	DSA_free(DSA *dsa);
-
- int	DSA_size(const DSA *dsa);
-
- DSA *	DSA_generate_parameters(int bits, unsigned char *seed,
-                int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *), void *cb_arg);
-
- DH *	DSA_dup_DH(const DSA *r);
-
- int	DSA_generate_key(DSA *dsa);
-
- int	DSA_sign(int dummy, const unsigned char *dgst, int len,
-		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
- int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
-                BIGNUM **rp);
- int	DSA_verify(int dummy, const unsigned char *dgst, int len,
-		const unsigned char *sigbuf, int siglen, DSA *dsa);
-
- void DSA_set_default_method(const DSA_METHOD *meth);
- const DSA_METHOD *DSA_get_default_method(void);
- int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
- DSA *DSA_new_method(ENGINE *engine);
- const DSA_METHOD *DSA_OpenSSL(void);
-
- int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-	     int (*dup_func)(), void (*free_func)());
- int DSA_set_ex_data(DSA *d, int idx, char *arg);
- char *DSA_get_ex_data(DSA *d, int idx);
-
- DSA_SIG *DSA_SIG_new(void);
- void	DSA_SIG_free(DSA_SIG *a);
- int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
- DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
- int	DSA_do_verify(const unsigned char *dgst, int dgst_len,
-	     DSA_SIG *sig, DSA *dsa);
-
- DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
- DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
- DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
- int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
- int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
- int	i2d_DSAparams(const DSA *a,unsigned char **pp);
-
- int	DSAparams_print(BIO *bp, const DSA *x);
- int	DSAparams_print_fp(FILE *fp, const DSA *x);
- int	DSA_print(BIO *bp, const DSA *x, int off);
- int	DSA_print_fp(FILE *bp, const DSA *x, int off);
-
-=head1 DESCRIPTION
-
-These functions implement the Digital Signature Algorithm (DSA).  The
-generation of shared DSA parameters is described in
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
-L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
-generate a signature key. Signature generation and verification are
-described in L<DSA_sign(3)|DSA_sign(3)>.
-
-The B<DSA> structure consists of several BIGNUM components.
-
- struct
-        {
-        BIGNUM *p;		// prime number (public)
-        BIGNUM *q;		// 160-bit subprime, q | p-1 (public)
-        BIGNUM *g;		// generator of subgroup (public)
-        BIGNUM *priv_key;	// private key x
-        BIGNUM *pub_key;	// public key y = g^x
-        // ...
-        }
- DSA;
-
-In public keys, B<priv_key> is NULL.
-
-Note that DSA keys may use non-standard B<DSA_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using DSA
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
-L<DSA_new(3)|DSA_new(3)>,
-L<DSA_size(3)|DSA_size(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>,
-L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<RSA_print(3)|RSA_print(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/engine.pod b/crypto/openssl/doc/crypto/engine.pod
deleted file mode 100644
index c77dad55621f..000000000000
--- a/crypto/openssl/doc/crypto/engine.pod
+++ /dev/null
@@ -1,621 +0,0 @@
-=pod
-
-=head1 NAME
-
-engine - ENGINE cryptographic module support
-
-=head1 SYNOPSIS
-
- #include <openssl/engine.h>
-
- ENGINE *ENGINE_get_first(void);
- ENGINE *ENGINE_get_last(void);
- ENGINE *ENGINE_get_next(ENGINE *e);
- ENGINE *ENGINE_get_prev(ENGINE *e);
-
- int ENGINE_add(ENGINE *e);
- int ENGINE_remove(ENGINE *e);
-
- ENGINE *ENGINE_by_id(const char *id);
-
- int ENGINE_init(ENGINE *e);
- int ENGINE_finish(ENGINE *e);
-
- void ENGINE_load_openssl(void);
- void ENGINE_load_dynamic(void);
- void ENGINE_load_cswift(void);
- void ENGINE_load_chil(void);
- void ENGINE_load_atalla(void);
- void ENGINE_load_nuron(void);
- void ENGINE_load_ubsec(void);
- void ENGINE_load_aep(void);
- void ENGINE_load_sureware(void);
- void ENGINE_load_4758cca(void);
- void ENGINE_load_openbsd_dev_crypto(void);
- void ENGINE_load_builtin_engines(void);
-
- void ENGINE_cleanup(void);
-
- ENGINE *ENGINE_get_default_RSA(void);
- ENGINE *ENGINE_get_default_DSA(void);
- ENGINE *ENGINE_get_default_DH(void);
- ENGINE *ENGINE_get_default_RAND(void);
- ENGINE *ENGINE_get_cipher_engine(int nid);
- ENGINE *ENGINE_get_digest_engine(int nid);
-
- int ENGINE_set_default_RSA(ENGINE *e);
- int ENGINE_set_default_DSA(ENGINE *e);
- int ENGINE_set_default_DH(ENGINE *e);
- int ENGINE_set_default_RAND(ENGINE *e);
- int ENGINE_set_default_ciphers(ENGINE *e);
- int ENGINE_set_default_digests(ENGINE *e);
- int ENGINE_set_default_string(ENGINE *e, const char *list);
-
- int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
- unsigned int ENGINE_get_table_flags(void);
- void ENGINE_set_table_flags(unsigned int flags);
-
- int ENGINE_register_RSA(ENGINE *e);
- void ENGINE_unregister_RSA(ENGINE *e);
- void ENGINE_register_all_RSA(void);
- int ENGINE_register_DSA(ENGINE *e);
- void ENGINE_unregister_DSA(ENGINE *e);
- void ENGINE_register_all_DSA(void);
- int ENGINE_register_DH(ENGINE *e);
- void ENGINE_unregister_DH(ENGINE *e);
- void ENGINE_register_all_DH(void);
- int ENGINE_register_RAND(ENGINE *e);
- void ENGINE_unregister_RAND(ENGINE *e);
- void ENGINE_register_all_RAND(void);
- int ENGINE_register_ciphers(ENGINE *e);
- void ENGINE_unregister_ciphers(ENGINE *e);
- void ENGINE_register_all_ciphers(void);
- int ENGINE_register_digests(ENGINE *e);
- void ENGINE_unregister_digests(ENGINE *e);
- void ENGINE_register_all_digests(void);
- int ENGINE_register_complete(ENGINE *e);
- int ENGINE_register_all_complete(void);
-
- int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
- int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
- int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-         long i, void *p, void (*f)(), int cmd_optional);
- int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-                 int cmd_optional);
-
- int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
- void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
- int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
- ENGINE *ENGINE_new(void);
- int ENGINE_free(ENGINE *e);
-
- int ENGINE_set_id(ENGINE *e, const char *id);
- int ENGINE_set_name(ENGINE *e, const char *name);
- int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
- int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
- int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
- int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
- int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
- int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
- int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
- int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
- int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
- int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
- int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
- int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
- int ENGINE_set_flags(ENGINE *e, int flags);
- int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-
- const char *ENGINE_get_id(const ENGINE *e);
- const char *ENGINE_get_name(const ENGINE *e);
- const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
- const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
- const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
- const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
- ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
- ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
- ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
- ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
- ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
- const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
- const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
- int ENGINE_get_flags(const ENGINE *e);
- const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-
- EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-     UI_METHOD *ui_method, void *callback_data);
- EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-     UI_METHOD *ui_method, void *callback_data);
-
- void ENGINE_add_conf_module(void);
-
-=head1 DESCRIPTION
-
-These functions create, manipulate, and use cryptographic modules in the
-form of B<ENGINE> objects. These objects act as containers for
-implementations of cryptographic algorithms, and support a
-reference-counted mechanism to allow them to be dynamically loaded in and
-out of the running application.
-
-The cryptographic functionality that can be provided by an B<ENGINE>
-implementation includes the following abstractions;
-
- RSA_METHOD - for providing alternative RSA implementations
- DSA_METHOD, DH_METHOD, RAND_METHOD - alternative DSA, DH, and RAND
- EVP_CIPHER - potentially multiple cipher algorithms (indexed by 'nid')
- EVP_DIGEST - potentially multiple hash algorithms (indexed by 'nid')
- key-loading - loading public and/or private EVP_PKEY keys
-
-=head2 Reference counting and handles
-
-Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be
-treated as handles - ie. not only as pointers, but also as references to
-the underlying ENGINE object. Ie. you should obtain a new reference when
-making copies of an ENGINE pointer if the copies will be used (and
-released) independantly.
-
-ENGINE objects have two levels of reference-counting to match the way in
-which the objects are used. At the most basic level, each ENGINE pointer is
-inherently a B<structural> reference - you need a structural reference
-simply to refer to the pointer value at all, as this kind of reference is
-your guarantee that the structure can not be deallocated until you release
-your reference.
-
-However, a structural reference provides no guarantee that the ENGINE has
-been initiliased to be usable to perform any of its cryptographic
-implementations - and indeed it's quite possible that most ENGINEs will not
-initialised at all on standard setups, as ENGINEs are typically used to
-support specialised hardware. To use an ENGINE's functionality, you need a
-B<functional> reference. This kind of reference can be considered a
-specialised form of structural reference, because each functional reference
-implicitly contains a structural reference as well - however to avoid
-difficult-to-find programming bugs, it is recommended to treat the two
-kinds of reference independantly. If you have a functional reference to an
-ENGINE, you have a guarantee that the ENGINE has been initialised ready to
-perform cryptographic operations and will not be uninitialised or cleaned
-up until after you have released your reference.
-
-We will discuss the two kinds of reference separately, including how to
-tell which one you are dealing with at any given point in time (after all
-they are both simply (ENGINE *) pointers, the difference is in the way they
-are used).
-
-I<Structural references>
-
-This basic type of reference is typically used for creating new ENGINEs
-dynamically, iterating across OpenSSL's internal linked-list of loaded
-ENGINEs, reading information about an ENGINE, etc. Essentially a structural
-reference is sufficient if you only need to query or manipulate the data of
-an ENGINE implementation rather than use its functionality.
-
-The ENGINE_new() function returns a structural reference to a new (empty)
-ENGINE object. Other than that, structural references come from return
-values to various ENGINE API functions such as; ENGINE_by_id(),
-ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(),
-ENGINE_get_prev(). All structural references should be released by a
-corresponding to call to the ENGINE_free() function - the ENGINE object
-itself will only actually be cleaned up and deallocated when the last
-structural reference is released.
-
-It should also be noted that many ENGINE API function calls that accept a
-structural reference will internally obtain another reference - typically
-this happens whenever the supplied ENGINE will be needed by OpenSSL after
-the function has returned. Eg. the function to add a new ENGINE to
-OpenSSL's internal list is ENGINE_add() - if this function returns success,
-then OpenSSL will have stored a new structural reference internally so the
-caller is still responsible for freeing their own reference with
-ENGINE_free() when they are finished with it. In a similar way, some
-functions will automatically release the structural reference passed to it
-if part of the function's job is to do so. Eg. the ENGINE_get_next() and
-ENGINE_get_prev() functions are used for iterating across the internal
-ENGINE list - they will return a new structural reference to the next (or
-previous) ENGINE in the list or NULL if at the end (or beginning) of the
-list, but in either case the structural reference passed to the function is
-released on behalf of the caller.
-
-To clarify a particular function's handling of references, one should
-always consult that function's documentation "man" page, or failing that
-the openssl/engine.h header file includes some hints.
-
-I<Functional references>
-
-As mentioned, functional references exist when the cryptographic
-functionality of an ENGINE is required to be available. A functional
-reference can be obtained in one of two ways; from an existing structural
-reference to the required ENGINE, or by asking OpenSSL for the default
-operational ENGINE for a given cryptographic purpose.
-
-To obtain a functional reference from an existing structural reference,
-call the ENGINE_init() function. This returns zero if the ENGINE was not
-already operational and couldn't be successfully initialised (eg. lack of
-system drivers, no special hardware attached, etc), otherwise it will
-return non-zero to indicate that the ENGINE is now operational and will
-have allocated a new B<functional> reference to the ENGINE. In this case,
-the supplied ENGINE pointer is, from the point of the view of the caller,
-both a structural reference and a functional reference - so if the caller
-intends to use it as a functional reference it should free the structural
-reference with ENGINE_free() first. If the caller wishes to use it only as
-a structural reference (eg. if the ENGINE_init() call was simply to test if
-the ENGINE seems available/online), then it should free the functional
-reference; all functional references are released by the ENGINE_finish()
-function.
-
-The second way to get a functional reference is by asking OpenSSL for a
-default implementation for a given task, eg. by ENGINE_get_default_RSA(),
-ENGINE_get_default_cipher_engine(), etc. These are discussed in the next
-section, though they are not usually required by application programmers as
-they are used automatically when creating and using the relevant
-algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.
-
-=head2 Default implementations
-
-For each supported abstraction, the ENGINE code maintains an internal table
-of state to control which implementations are available for a given
-abstraction and which should be used by default. These implementations are
-registered in the tables separated-out by an 'nid' index, because
-abstractions like EVP_CIPHER and EVP_DIGEST support many distinct
-algorithms and modes - ENGINEs will support different numbers and
-combinations of these. In the case of other abstractions like RSA, DSA,
-etc, there is only one "algorithm" so all implementations implicitly
-register using the same 'nid' index. ENGINEs can be B<registered> into
-these tables to make themselves available for use automatically by the
-various abstractions, eg. RSA. For illustrative purposes, we continue with
-the RSA example, though all comments apply similarly to the other
-abstractions (they each get their own table and linkage to the
-corresponding section of openssl code).
-
-When a new RSA key is being created, ie. in RSA_new_method(), a
-"get_default" call will be made to the ENGINE subsystem to process the RSA
-state table and return a functional reference to an initialised ENGINE
-whose RSA_METHOD should be used. If no ENGINE should (or can) be used, it
-will return NULL and the RSA key will operate with a NULL ENGINE handle by
-using the conventional RSA implementation in OpenSSL (and will from then on
-behave the way it used to before the ENGINE API existed - for details see
-L<RSA_new_method(3)|RSA_new_method(3)>).
-
-Each state table has a flag to note whether it has processed this
-"get_default" query since the table was last modified, because to process
-this question it must iterate across all the registered ENGINEs in the
-table trying to initialise each of them in turn, in case one of them is
-operational. If it returns a functional reference to an ENGINE, it will
-also cache another reference to speed up processing future queries (without
-needing to iterate across the table). Likewise, it will cache a NULL
-response if no ENGINE was available so that future queries won't repeat the
-same iteration unless the state table changes. This behaviour can also be
-changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using
-ENGINE_set_table_flags()), no attempted initialisations will take place,
-instead the only way for the state table to return a non-NULL ENGINE to the
-"get_default" query will be if one is expressly set in the table. Eg.
-ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except
-that it also sets the state table's cached response for the "get_default"
-query.
-
-In the case of abstractions like EVP_CIPHER, where implementations are
-indexed by 'nid', these flags and cached-responses are distinct for each
-'nid' value.
-
-It is worth illustrating the difference between "registration" of ENGINEs
-into these per-algorithm state tables and using the alternative
-"set_default" functions. The latter handles both "registration" and also
-setting the cached "default" ENGINE in each relevant state table - so
-registered ENGINEs will only have a chance to be initialised for use as a
-default if a default ENGINE wasn't already set for the same state table.
-Eg. if ENGINE X supports cipher nids {A,B} and RSA, ENGINE Y supports
-ciphers {A} and DSA, and the following code is executed;
-
- ENGINE_register_complete(X);
- ENGINE_set_default(Y, ENGINE_METHOD_ALL);
- e1 = ENGINE_get_default_RSA();
- e2 = ENGINE_get_cipher_engine(A);
- e3 = ENGINE_get_cipher_engine(B);
- e4 = ENGINE_get_default_DSA();
- e5 = ENGINE_get_cipher_engine(C);
-
-The results would be as follows;
-
- assert(e1 == X);
- assert(e2 == Y);
- assert(e3 == X);
- assert(e4 == Y);
- assert(e5 == NULL);
-
-=head2 Application requirements
-
-This section will explain the basic things an application programmer should
-support to make the most useful elements of the ENGINE functionality
-available to the user. The first thing to consider is whether the
-programmer wishes to make alternative ENGINE modules available to the
-application and user. OpenSSL maintains an internal linked list of
-"visible" ENGINEs from which it has to operate - at start-up, this list is
-empty and in fact if an application does not call any ENGINE API calls and
-it uses static linking against openssl, then the resulting application
-binary will not contain any alternative ENGINE code at all. So the first
-consideration is whether any/all available ENGINE implementations should be
-made visible to OpenSSL - this is controlled by calling the various "load"
-functions, eg.
-
- /* Make the "dynamic" ENGINE available */
- void ENGINE_load_dynamic(void);
- /* Make the CryptoSwift hardware acceleration support available */
- void ENGINE_load_cswift(void);
- /* Make support for nCipher's "CHIL" hardware available */
- void ENGINE_load_chil(void);
- ...
- /* Make ALL ENGINE implementations bundled with OpenSSL available */
- void ENGINE_load_builtin_engines(void);
-
-Having called any of these functions, ENGINE objects would have been
-dynamically allocated and populated with these implementations and linked
-into OpenSSL's internal linked list. At this point it is important to
-mention an important API function;
-
- void ENGINE_cleanup(void);
-
-If no ENGINE API functions are called at all in an application, then there
-are no inherent memory leaks to worry about from the ENGINE functionality,
-however if any ENGINEs are "load"ed, even if they are never registered or
-used, it is necessary to use the ENGINE_cleanup() function to
-correspondingly cleanup before program exit, if the caller wishes to avoid
-memory leaks. This mechanism uses an internal callback registration table
-so that any ENGINE API functionality that knows it requires cleanup can
-register its cleanup details to be called during ENGINE_cleanup(). This
-approach allows ENGINE_cleanup() to clean up after any ENGINE functionality
-at all that your program uses, yet doesn't automatically create linker
-dependencies to all possible ENGINE functionality - only the cleanup
-callbacks required by the functionality you do use will be required by the
-linker.
-
-The fact that ENGINEs are made visible to OpenSSL (and thus are linked into
-the program and loaded into memory at run-time) does not mean they are
-"registered" or called into use by OpenSSL automatically - that behaviour
-is something for the application to have control over. Some applications
-will want to allow the user to specify exactly which ENGINE they want used
-if any is to be used at all. Others may prefer to load all support and have
-OpenSSL automatically use at run-time any ENGINE that is able to
-successfully initialise - ie. to assume that this corresponds to
-acceleration hardware attached to the machine or some such thing. There are
-probably numerous other ways in which applications may prefer to handle
-things, so we will simply illustrate the consequences as they apply to a
-couple of simple cases and leave developers to consider these and the
-source code to openssl's builtin utilities as guides.
-
-I<Using a specific ENGINE implementation>
-
-Here we'll assume an application has been configured by its user or admin
-to want to use the "ACME" ENGINE if it is available in the version of
-OpenSSL the application was compiled with. If it is available, it should be
-used by default for all RSA, DSA, and symmetric cipher operation, otherwise
-OpenSSL should use its builtin software as per usual. The following code
-illustrates how to approach this;
-
- ENGINE *e;
- const char *engine_id = "ACME";
- ENGINE_load_builtin_engines();
- e = ENGINE_by_id(engine_id);
- if(!e)
-     /* the engine isn't available */
-     return;
- if(!ENGINE_init(e)) {
-     /* the engine couldn't initialise, release 'e' */
-     ENGINE_free(e);
-     return;
- }
- if(!ENGINE_set_default_RSA(e))
-     /* This should only happen when 'e' can't initialise, but the previous
-      * statement suggests it did. */
-     abort();
- ENGINE_set_default_DSA(e);
- ENGINE_set_default_ciphers(e);
- /* Release the functional reference from ENGINE_init() */
- ENGINE_finish(e);
- /* Release the structural reference from ENGINE_by_id() */
- ENGINE_free(e);
-
-I<Automatically using builtin ENGINE implementations>
-
-Here we'll assume we want to load and register all ENGINE implementations
-bundled with OpenSSL, such that for any cryptographic algorithm required by
-OpenSSL - if there is an ENGINE that implements it and can be initialise,
-it should be used. The following code illustrates how this can work;
-
- /* Load all bundled ENGINEs into memory and make them visible */
- ENGINE_load_builtin_engines();
- /* Register all of them for every algorithm they collectively implement */
- ENGINE_register_all_complete();
-
-That's all that's required. Eg. the next time OpenSSL tries to set up an
-RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to
-ENGINE_init() and if any of those succeed, that ENGINE will be set as the
-default for use with RSA from then on.
-
-=head2 Advanced configuration support
-
-There is a mechanism supported by the ENGINE framework that allows each
-ENGINE implementation to define an arbitrary set of configuration
-"commands" and expose them to OpenSSL and any applications based on
-OpenSSL. This mechanism is entirely based on the use of name-value pairs
-and and assumes ASCII input (no unicode or UTF for now!), so it is ideal if
-applications want to provide a transparent way for users to provide
-arbitrary configuration "directives" directly to such ENGINEs. It is also
-possible for the application to dynamically interrogate the loaded ENGINE
-implementations for the names, descriptions, and input flags of their
-available "control commands", providing a more flexible configuration
-scheme. However, if the user is expected to know which ENGINE device he/she
-is using (in the case of specialised hardware, this goes without saying)
-then applications may not need to concern themselves with discovering the
-supported control commands and simply prefer to allow settings to passed
-into ENGINEs exactly as they are provided by the user.
-
-Before illustrating how control commands work, it is worth mentioning what
-they are typically used for. Broadly speaking there are two uses for
-control commands; the first is to provide the necessary details to the
-implementation (which may know nothing at all specific to the host system)
-so that it can be initialised for use. This could include the path to any
-driver or config files it needs to load, required network addresses,
-smart-card identifiers, passwords to initialise password-protected devices,
-logging information, etc etc. This class of commands typically needs to be
-passed to an ENGINE B<before> attempting to initialise it, ie. before
-calling ENGINE_init(). The other class of commands consist of settings or
-operations that tweak certain behaviour or cause certain operations to take
-place, and these commands may work either before or after ENGINE_init(), or
-in same cases both. ENGINE implementations should provide indications of
-this in the descriptions attached to builtin control commands and/or in
-external product documentation.
-
-I<Issuing control commands to an ENGINE>
-
-Let's illustrate by example; a function for which the caller supplies the
-name of the ENGINE it wishes to use, a table of string-pairs for use before
-initialisation, and another table for use after initialisation. Note that
-the string-pairs used for control commands consist of a command "name"
-followed by the command "parameter" - the parameter could be NULL in some
-cases but the name can not. This function should initialise the ENGINE
-(issuing the "pre" commands beforehand and the "post" commands afterwards)
-and set it as the default for everything except RAND and then return a
-boolean success or failure.
-
- int generic_load_engine_fn(const char *engine_id,
-                            const char **pre_cmds, int pre_num,
-                            const char **post_cmds, int post_num)
- {
-     ENGINE *e = ENGINE_by_id(engine_id);
-     if(!e) return 0;
-     while(pre_num--) {
-         if(!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
-             fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
-                 pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : "(NULL)");
-             ENGINE_free(e);
-             return 0;
-         }
-	 pre_cmds += 2;
-     }
-     if(!ENGINE_init(e)) {
-         fprintf(stderr, "Failed initialisation\n");
-         ENGINE_free(e);
-         return 0;
-     }
-     /* ENGINE_init() returned a functional reference, so free the structural
-      * reference from ENGINE_by_id(). */
-     ENGINE_free(e);
-     while(post_num--) {
-         if(!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
-             fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
-                 post_cmds[0], post_cmds[1] ? post_cmds[1] : "(NULL)");
-             ENGINE_finish(e);
-             return 0;
-         }
-	 post_cmds += 2;
-     }
-     ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND);
-     /* Success */
-     return 1;
- }
-
-Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can
-relax the semantics of the function - if set non-zero it will only return
-failure if the ENGINE supported the given command name but failed while
-executing it, if the ENGINE doesn't support the command name it will simply
-return success without doing anything. In this case we assume the user is
-only supplying commands specific to the given ENGINE so we set this to
-FALSE.
-
-I<Discovering supported control commands>
-
-It is possible to discover at run-time the names, numerical-ids, descriptions
-and input parameters of the control commands supported from a structural
-reference to any ENGINE. It is first important to note that some control
-commands are defined by OpenSSL itself and it will intercept and handle these
-control commands on behalf of the ENGINE, ie. the ENGINE's ctrl() handler is not
-used for the control command. openssl/engine.h defines a symbol,
-ENGINE_CMD_BASE, that all control commands implemented by ENGINEs from. Any
-command value lower than this symbol is considered a "generic" command is
-handled directly by the OpenSSL core routines.
-
-It is using these "core" control commands that one can discover the the control
-commands implemented by a given ENGINE, specifically the commands;
-
- #define ENGINE_HAS_CTRL_FUNCTION		10
- #define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
- #define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
- #define ENGINE_CTRL_GET_CMD_FROM_NAME		13
- #define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
- #define ENGINE_CTRL_GET_NAME_FROM_CMD		15
- #define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
- #define ENGINE_CTRL_GET_DESC_FROM_CMD		17
- #define ENGINE_CTRL_GET_CMD_FLAGS		18
-
-Whilst these commands are automatically processed by the OpenSSL framework code,
-they use various properties exposed by each ENGINE by which to process these
-queries. An ENGINE has 3 properties it exposes that can affect this behaviour;
-it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in
-the ENGINE's flags, and it can expose an array of control command descriptions.
-If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will
-simply pass all these "core" control commands directly to the ENGINE's ctrl()
-handler (and thus, it must have supplied one), so it is up to the ENGINE to
-reply to these "discovery" commands itself. If that flag is not set, then the
-OpenSSL framework code will work with the following rules;
-
- if no ctrl() handler supplied;
-     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
-     all other commands fail.
- if a ctrl() handler was supplied but no array of control commands;
-     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
-     all other commands fail.
- if a ctrl() handler and array of control commands was supplied;
-     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
-     all other commands proceed processing ...
-
-If the ENGINE's array of control commands is empty then all other commands will
-fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of
-the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the
-identifier of a command supported by the ENGINE and returns the next command
-identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string
-name for a command and returns the corresponding identifier or fails if no such
-command name exists, and the remaining commands take a command identifier and
-return properties of the corresponding commands. All except
-ENGINE_CTRL_GET_FLAGS return the string length of a command name or description,
-or populate a supplied character buffer with a copy of the command name or
-description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR'd mask of the following
-possible values;
-
- #define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
- #define ENGINE_CMD_FLAG_STRING			(unsigned int)0x0002
- #define ENGINE_CMD_FLAG_NO_INPUT		(unsigned int)0x0004
- #define ENGINE_CMD_FLAG_INTERNAL		(unsigned int)0x0008
-
-If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely
-informational to the caller - this flag will prevent the command being usable
-for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string().
-"INTERNAL" commands are not intended to be exposed to text-based configuration
-by applications, administrations, users, etc. These can support arbitrary
-operations via ENGINE_ctrl(), including passing to and/or from the control
-commands data of any arbitrary type. These commands are supported in the
-discovery mechanisms simply to allow applications determinie if an ENGINE
-supports certain specific commands it might want to use (eg. application "foo"
-might query various ENGINEs to see if they implement "FOO_GET_VENDOR_LOGO_GIF" -
-and ENGINE could therefore decide whether or not to support this "foo"-specific
-extension).
-
-=head2 Future developments
-
-The ENGINE API and internal architecture is currently being reviewed. Slated for
-possible release in 0.9.8 is support for transparent loading of "dynamic"
-ENGINEs (built as self-contained shared-libraries). This would allow ENGINE
-implementations to be provided independantly of OpenSSL libraries and/or
-OpenSSL-based applications, and would also remove any requirement for
-applications to explicitly use the "dynamic" ENGINE to bind to shared-library
-implementations.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>,
-L<RSA_new_method(3)|RSA_new_method(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/err.pod b/crypto/openssl/doc/crypto/err.pod
deleted file mode 100644
index 6f729554d2a9..000000000000
--- a/crypto/openssl/doc/crypto/err.pod
+++ /dev/null
@@ -1,187 +0,0 @@
-=pod
-
-=head1 NAME
-
-err - error codes
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
- unsigned long ERR_get_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
-
- int ERR_GET_LIB(unsigned long e);
- int ERR_GET_FUNC(unsigned long e);
- int ERR_GET_REASON(unsigned long e);
-
- void ERR_clear_error(void);
-
- char *ERR_error_string(unsigned long e, char *buf);
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- void ERR_remove_state(unsigned long pid);
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
-         int line);
- void ERR_add_error_data(int num, ...);
-
- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
- unsigned long ERR_PACK(int lib, int func, int reason);
- int ERR_get_next_error_library(void);
-
-=head1 DESCRIPTION
-
-When a call to the OpenSSL library fails, this is usually signalled
-by the return value, and an error code is stored in an error queue
-associated with the current thread. The B<err> library provides
-functions to obtain these error codes and textual error messages.
-
-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-access error codes.
-
-Error codes contain information about where the error occurred, and
-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-extract this information. A method to obtain human-readable error
-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-
-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-error queue.
-
-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-avoid memory leaks when threads are terminated.
-
-=head1 ADDING NEW ERROR CODES TO OPENSSL
-
-See L<ERR_put_error(3)> if you want to record error codes in the
-OpenSSL error system from within your application.
-
-The remainder of this section is of interest only if you want to add
-new error codes to OpenSSL or add error codes from external libraries.
-
-=head2 Reporting errors
-
-Each sub-library has a specific macro XXXerr() that is used to report
-errors. Its first argument is a function code B<XXX_F_...>, the second
-argument is a reason code B<XXX_R_...>. Function codes are derived
-from the function names; reason codes consist of textual error
-descriptions. For example, the function ssl23_read() reports a
-"handshake failure" as follows:
-
- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-
-Function and reason codes should consist of upper case characters,
-numbers and underscores only. The error file generation script translates
-function codes into function names by looking in the header files
-for an appropriate function name, if none is found it just uses
-the capitalized form such as "SSL23_READ" in the above example.
-
-The trailing section of a reason code (after the "_R_") is translated
-into lower case and underscores changed to spaces.
-
-When you are using new function or reason codes, run B<make errors>.
-The necessary B<#define>s will then automatically be added to the
-sub-library's header file.
-
-Although a library will normally report errors using its own specific
-XXXerr macro, another library's macro can be used. This is normally
-only done when a library wants to include ASN1 code which must use
-the ASN1err() macro.
-
-=head2 Adding new libraries
-
-When adding a new sub-library to OpenSSL, assign it a library number
-B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-(in B<crypto/err/err_all.c>). Finally, add an entry
-
- L	XXX	xxx.h	xxx_err.c
-
-to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-Running B<make errors> will then generate a file B<xxx_err.c>, and
-add all error codes used in the library to B<xxx.h>.
-
-Additionally the library include file must have a certain form.
-Typically it will initially look like this:
-
- #ifndef HEADER_XXX_H
- #define HEADER_XXX_H
-
- #ifdef __cplusplus
- extern "C" {
- #endif
-
- /* Include files */
-
- #include <openssl/bio.h>
- #include <openssl/x509.h>
-
- /* Macros, structures and function prototypes */
-
-
- /* BEGIN ERROR CODES */
-
-The B<BEGIN ERROR CODES> sequence is used by the error code
-generation script as the point to place new error codes, any text
-after this point will be overwritten when B<make errors> is run.
-The closing #endif etc will be automatically added by the script.
-
-The generated C error code file B<xxx_err.c> will load the header
-files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-header file must load any additional header files containing any
-definitions it uses.
-
-=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-
-It is also possible to use OpenSSL's error code scheme in external
-libraries. The library needs to load its own codes and call the OpenSSL
-error code insertion script B<mkerr.pl> explicitly to add codes to
-the header file and generate the C error code file. This will normally
-be done if the external library needs to generate new ASN1 structures
-but it can also be used to add more general purpose error code handling.
-
-TBA more details
-
-=head1 INTERNALS
-
-The error queues are stored in a hash table with one B<ERR_STATE>
-entry for each pid. ERR_get_state() returns the current thread's
-B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-codes. When more error codes are added, the old ones are overwritten,
-on the assumption that the most recent errors are most important.
-
-Error strings are also stored in hash table. The hash tables can
-be obtained by calling ERR_get_err_state_table(void) and
-ERR_get_string_table(void) respectively.
-
-=head1 SEE ALSO
-
-L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-L<ERR_clear_error(3)|ERR_clear_error(3)>,
-L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_print_errors(3)|ERR_print_errors(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<ERR_remove_state(3)|ERR_remove_state(3)>,
-L<ERR_put_error(3)|ERR_put_error(3)>,
-L<ERR_load_strings(3)|ERR_load_strings(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/evp.pod b/crypto/openssl/doc/crypto/evp.pod
deleted file mode 100644
index b3ca14314fac..000000000000
--- a/crypto/openssl/doc/crypto/evp.pod
+++ /dev/null
@@ -1,45 +0,0 @@
-=pod
-
-=head1 NAME
-
-evp - high-level cryptographic functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
-=head1 DESCRIPTION
-
-The EVP library provides a high-level interface to cryptographic
-functions.
-
-B<EVP_Seal>I<...> and B<EVP_Open>I<...> provide public key encryption
-and decryption to implement digital "envelopes".
-
-The B<EVP_Sign>I<...> and B<EVP_Verify>I<...> functions implement
-digital signatures.
-
-Symmetric encryption is available with the B<EVP_Encrypt>I<...>
-functions.  The B<EVP_Digest>I<...> functions provide message digests.
-
-Algorithms are loaded with OpenSSL_add_all_algorithms(3).
-
-All the symmetric algorithms (ciphers) and digests can be replaced by ENGINE
-modules providing alternative implementations. If ENGINE implementations of
-ciphers or digests are registered as defaults, then the various EVP functions
-will automatically use those implementations automatically in preference to
-built in software implementations. For more information, consult the engine(3)
-man page.
-
-=head1 SEE ALSO
-
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
-L<engine(3)|engine(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/hmac.pod b/crypto/openssl/doc/crypto/hmac.pod
deleted file mode 100644
index 3976baf226a5..000000000000
--- a/crypto/openssl/doc/crypto/hmac.pod
+++ /dev/null
@@ -1,102 +0,0 @@
-=pod
-
-=head1 NAME
-
-HMAC, HMAC_Init, HMAC_Update, HMAC_Final, HMAC_cleanup - HMAC message
-authentication code
-
-=head1 SYNOPSIS
-
- #include <openssl/hmac.h>
-
- unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
-               int key_len, const unsigned char *d, int n,
-               unsigned char *md, unsigned int *md_len);
-
- void HMAC_CTX_init(HMAC_CTX *ctx);
-
- void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
-               const EVP_MD *md);
- void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
-               	   const EVP_MD *md);
- void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
- void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-
- void HMAC_CTX_cleanup(HMAC_CTX *ctx);
- void HMAC_cleanup(HMAC_CTX *ctx);
-
-=head1 DESCRIPTION
-
-HMAC is a MAC (message authentication code), i.e. a keyed hash
-function used for message authentication, which is based on a hash
-function.
-
-HMAC() computes the message authentication code of the B<n> bytes at
-B<d> using the hash function B<evp_md> and the key B<key> which is
-B<key_len> bytes long.
-
-It places the result in B<md> (which must have space for the output of
-the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
-If B<md> is NULL, the digest is placed in a static array.  The size of
-the output is placed in B<md_len>, unless it is B<NULL>.
-
-B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
-B<key> and B<evp_md> may be B<NULL> if a key and hash function have
-been set in a previous call to HMAC_Init() for that B<HMAC_CTX>.
-
-HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
-called.
-
-HMAC_CTX_cleanup() erases the key and other data from the B<HMAC_CTX>
-and releases any associated resources. It must be called when an
-B<HMAC_CTX> is no longer required.
-
-HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back
-compatibility with 0.9.6b, it is deprecated.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
-function B<evp_md> and the key B<key> which is B<key_len> bytes
-long. It is deprecated and only included for backward compatibility
-with OpenSSL 0.9.6b.
-
-HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use
-the function B<evp_md> and key B<key>. Either can be NULL, in which
-case the existing one will be reused. HMAC_CTX_init() must have been
-called before the first use of an B<HMAC_CTX> in this
-function. B<N.B. HMAC_Init() had this undocumented behaviour in
-previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in
-programs that expect it will cause them to stop working>.
-
-HMAC_Update() can be called repeatedly with chunks of the message to
-be authenticated (B<len> bytes at B<data>).
-
-HMAC_Final() places the message authentication code in B<md>, which
-must have space for the hash function output.
-
-=head1 RETURN VALUES
-
-HMAC() returns a pointer to the message authentication code.
-
-HMAC_CTX_init(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
-HMAC_CTX_cleanup() do not return values.
-
-=head1 CONFORMING TO
-
-RFC 2104
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
-
-=head1 HISTORY
-
-HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
-are available since SSLeay 0.9.0.
-
-HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
-since OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/lh_stats.pod b/crypto/openssl/doc/crypto/lh_stats.pod
deleted file mode 100644
index 3eeaa72e525d..000000000000
--- a/crypto/openssl/doc/crypto/lh_stats.pod
+++ /dev/null
@@ -1,60 +0,0 @@
-=pod
-
-=head1 NAME
-
-lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
-lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
-
-=head1 SYNOPSIS
-
- #include <openssl/lhash.h>
-
- void lh_stats(LHASH *table, FILE *out);
- void lh_node_stats(LHASH *table, FILE *out);
- void lh_node_usage_stats(LHASH *table, FILE *out);
-
- void lh_stats_bio(LHASH *table, BIO *out);
- void lh_node_stats_bio(LHASH *table, BIO *out);
- void lh_node_usage_stats_bio(LHASH *table, BIO *out);
-
-=head1 DESCRIPTION
-
-The B<LHASH> structure records statistics about most aspects of
-accessing the hash table.  This is mostly a legacy of Eric Young
-writing this library for the reasons of implementing what looked like
-a nice algorithm rather than for a particular software product.
-
-lh_stats() prints out statistics on the size of the hash table, how
-many entries are in it, and the number and result of calls to the
-routines in this library.
-
-lh_node_stats() prints the number of entries for each 'bucket' in the
-hash table.
-
-lh_node_usage_stats() prints out a short summary of the state of the
-hash table.  It prints the 'load' and the 'actual load'.  The load is
-the average number of data items per 'bucket' in the hash table.  The
-'actual load' is the average number of items per 'bucket', but only
-for buckets which contain entries.  So the 'actual load' is the
-average number of searches that will need to find an item in the hash
-table, while the 'load' is the average number that will be done to
-record a miss.
-
-lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
-are the same as the above, except that the output goes to a B<BIO>.
-
-=head1 RETURN VALUES
-
-These functions do not return values.
-
-=head1 SEE ALSO
-
-L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
-
-=head1 HISTORY
-
-These functions are available in all versions of SSLeay and OpenSSL.
-
-This manpage is derived from the SSLeay documentation.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/lhash.pod b/crypto/openssl/doc/crypto/lhash.pod
deleted file mode 100644
index dcdbb43a8ed6..000000000000
--- a/crypto/openssl/doc/crypto/lhash.pod
+++ /dev/null
@@ -1,294 +0,0 @@
-=pod
-
-=head1 NAME
-
-lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall, lh_doall_arg, lh_error - dynamic hash table
-
-=head1 SYNOPSIS
-
- #include <openssl/lhash.h>
-
- LHASH *lh_new(LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE compare);
- void lh_free(LHASH *table);
-
- void *lh_insert(LHASH *table, void *data);
- void *lh_delete(LHASH *table, void *data);
- void *lh_retrieve(LHASH *table, void *data);
-
- void lh_doall(LHASH *table, LHASH_DOALL_FN_TYPE func);
- void lh_doall_arg(LHASH *table, LHASH_DOALL_ARG_FN_TYPE func,
-          void *arg);
-
- int lh_error(LHASH *table);
-
- typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
- typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
- typedef void (*LHASH_DOALL_FN_TYPE)(const void *);
- typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);
-
-=head1 DESCRIPTION
-
-This library implements dynamic hash tables. The hash table entries
-can be arbitrary structures. Usually they consist of key and value
-fields.
-
-lh_new() creates a new B<LHASH> structure to store arbitrary data
-entries, and provides the 'hash' and 'compare' callbacks to be used in
-organising the table's entries.  The B<hash> callback takes a pointer
-to a table entry as its argument and returns an unsigned long hash
-value for its key field.  The hash value is normally truncated to a
-power of 2, so make sure that your hash function returns well mixed
-low order bits.  The B<compare> callback takes two arguments (pointers
-to two hash table entries), and returns 0 if their keys are equal,
-non-zero otherwise.  If your hash table will contain items of some
-particular type and the B<hash> and B<compare> callbacks hash/compare
-these types, then the B<DECLARE_LHASH_HASH_FN> and
-B<IMPLEMENT_LHASH_COMP_FN> macros can be used to create callback
-wrappers of the prototypes required by lh_new().  These provide
-per-variable casts before calling the type-specific callbacks written
-by the application author.  These macros, as well as those used for
-the "doall" callbacks, are defined as;
-
- #define DECLARE_LHASH_HASH_FN(f_name,o_type) \
-         unsigned long f_name##_LHASH_HASH(const void *);
- #define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
-         unsigned long f_name##_LHASH_HASH(const void *arg) { \
-                 o_type a = (o_type)arg; \
-                 return f_name(a); }
- #define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
-
- #define DECLARE_LHASH_COMP_FN(f_name,o_type) \
-         int f_name##_LHASH_COMP(const void *, const void *);
- #define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
-         int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-                 o_type a = (o_type)arg1; \
-                 o_type b = (o_type)arg2; \
-                 return f_name(a,b); }
- #define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
-
- #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
-         void f_name##_LHASH_DOALL(const void *);
- #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
-         void f_name##_LHASH_DOALL(const void *arg) { \
-                 o_type a = (o_type)arg; \
-                 f_name(a); }
- #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
-
- #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-         void f_name##_LHASH_DOALL_ARG(const void *, const void *);
- #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-         void f_name##_LHASH_DOALL_ARG(const void *arg1, const void *arg2) { \
-                 o_type a = (o_type)arg1; \
-                 a_type b = (a_type)arg2; \
-                 f_name(a,b); }
- #define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
-
-An example of a hash table storing (pointers to) structures of type 'STUFF'
-could be defined as follows;
-
- /* Calculates the hash value of 'tohash' (implemented elsewhere) */
- unsigned long STUFF_hash(const STUFF *tohash);
- /* Orders 'arg1' and 'arg2' (implemented elsewhere) */
- int STUFF_cmp(const STUFF *arg1, const STUFF *arg2);
- /* Create the type-safe wrapper functions for use in the LHASH internals */
- static IMPLEMENT_LHASH_HASH_FN(STUFF_hash, const STUFF *)
- static IMPLEMENT_LHASH_COMP_FN(STUFF_cmp, const STUFF *);
- /* ... */
- int main(int argc, char *argv[]) {
-         /* Create the new hash table using the hash/compare wrappers */
-         LHASH *hashtable = lh_new(LHASH_HASH_FN(STUFF_hash),
-                                   LHASH_COMP_FN(STUFF_cmp));
-	 /* ... */
- }
-
-lh_free() frees the B<LHASH> structure B<table>. Allocated hash table
-entries will not be freed; consider using lh_doall() to deallocate any
-remaining entries in the hash table (see below).
-
-lh_insert() inserts the structure pointed to by B<data> into B<table>.
-If there already is an entry with the same key, the old value is
-replaced. Note that lh_insert() stores pointers, the data are not
-copied.
-
-lh_delete() deletes an entry from B<table>.
-
-lh_retrieve() looks up an entry in B<table>. Normally, B<data> is
-a structure with the key field(s) set; the function will return a
-pointer to a fully populated structure.
-
-lh_doall() will, for every entry in the hash table, call B<func> with
-the data item as its parameter.  For lh_doall() and lh_doall_arg(),
-function pointer casting should be avoided in the callbacks (see
-B<NOTE>) - instead, either declare the callbacks to match the
-prototype required in lh_new() or use the declare/implement macros to
-create type-safe wrappers that cast variables prior to calling your
-type-specific callbacks.  An example of this is illustrated here where
-the callback is used to cleanup resources for items in the hash table
-prior to the hashtable itself being deallocated:
-
- /* Cleans up resources belonging to 'a' (this is implemented elsewhere) */
- void STUFF_cleanup(STUFF *a);
- /* Implement a prototype-compatible wrapper for "STUFF_cleanup" */
- IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF *)
-         /* ... then later in the code ... */
- /* So to run "STUFF_cleanup" against all items in a hash table ... */
- lh_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
- /* Then the hash table itself can be deallocated */
- lh_free(hashtable);
-
-When doing this, be careful if you delete entries from the hash table
-in your callbacks: the table may decrease in size, moving the item
-that you are currently on down lower in the hash table - this could
-cause some entries to be skipped during the iteration.  The second
-best solution to this problem is to set hash-E<gt>down_load=0 before
-you start (which will stop the hash table ever decreasing in size).
-The best solution is probably to avoid deleting items from the hash
-table inside a "doall" callback!
-
-lh_doall_arg() is the same as lh_doall() except that B<func> will be
-called with B<arg> as the second argument and B<func> should be of
-type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype that is passed
-both the table entry and an extra argument).  As with lh_doall(), you
-can instead choose to declare your callback with a prototype matching
-the types you are dealing with and use the declare/implement macros to
-create compatible wrappers that cast variables before calling your
-type-specific callbacks.  An example of this is demonstrated here
-(printing all hash table entries to a BIO that is provided by the
-caller):
-
- /* Prints item 'a' to 'output_bio' (this is implemented elsewhere) */
- void STUFF_print(const STUFF *a, BIO *output_bio);
- /* Implement a prototype-compatible wrapper for "STUFF_print" */
- static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF_print, const STUFF *, BIO *)
-         /* ... then later in the code ... */
- /* Print out the entire hashtable to a particular BIO */
- lh_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), logging_bio);
- 
-lh_error() can be used to determine if an error occurred in the last
-operation. lh_error() is a macro.
-
-=head1 RETURN VALUES
-
-lh_new() returns B<NULL> on error, otherwise a pointer to the new
-B<LHASH> structure.
-
-When a hash table entry is replaced, lh_insert() returns the value
-being replaced. B<NULL> is returned on normal operation and on error.
-
-lh_delete() returns the entry being deleted.  B<NULL> is returned if
-there is no such value in the hash table.
-
-lh_retrieve() returns the hash table entry if it has been found,
-B<NULL> otherwise.
-
-lh_error() returns 1 if an error occurred in the last operation, 0
-otherwise.
-
-lh_free(), lh_doall() and lh_doall_arg() return no values.
-
-=head1 NOTE
-
-The various LHASH macros and callback types exist to make it possible
-to write type-safe code without resorting to function-prototype
-casting - an evil that makes application code much harder to
-audit/verify and also opens the window of opportunity for stack
-corruption and other hard-to-find bugs.  It also, apparently, violates
-ANSI-C.
-
-The LHASH code regards table entries as constant data.  As such, it
-internally represents lh_insert()'d items with a "const void *"
-pointer type.  This is why callbacks such as those used by lh_doall()
-and lh_doall_arg() declare their prototypes with "const", even for the
-parameters that pass back the table items' data pointers - for
-consistency, user-provided data is "const" at all times as far as the
-LHASH code is concerned.  However, as callers are themselves providing
-these pointers, they can choose whether they too should be treating
-all such parameters as constant.
-
-As an example, a hash table may be maintained by code that, for
-reasons of encapsulation, has only "const" access to the data being
-indexed in the hash table (ie. it is returned as "const" from
-elsewhere in their code) - in this case the LHASH prototypes are
-appropriate as-is.  Conversely, if the caller is responsible for the
-life-time of the data in question, then they may well wish to make
-modifications to table item passed back in the lh_doall() or
-lh_doall_arg() callbacks (see the "STUFF_cleanup" example above).  If
-so, the caller can either cast the "const" away (if they're providing
-the raw callbacks themselves) or use the macros to declare/implement
-the wrapper functions without "const" types.
-
-Callers that only have "const" access to data they're indexing in a
-table, yet declare callbacks without constant types (or cast the
-"const" away themselves), are therefore creating their own risks/bugs
-without being encouraged to do so by the API.  On a related note,
-those auditing code should pay special attention to any instances of
-DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types
-without any "const" qualifiers.
-
-=head1 BUGS
-
-lh_insert() returns B<NULL> both for success and error.
-
-=head1 INTERNALS
-
-The following description is based on the SSLeay documentation:
-
-The B<lhash> library implements a hash table described in the
-I<Communications of the ACM> in 1991.  What makes this hash table
-different is that as the table fills, the hash table is increased (or
-decreased) in size via OPENSSL_realloc().  When a 'resize' is done, instead of
-all hashes being redistributed over twice as many 'buckets', one
-bucket is split.  So when an 'expand' is done, there is only a minimal
-cost to redistribute some values.  Subsequent inserts will cause more
-single 'bucket' redistributions but there will never be a sudden large
-cost due to redistributing all the 'buckets'.
-
-The state for a particular hash table is kept in the B<LHASH> structure.
-The decision to increase or decrease the hash table size is made
-depending on the 'load' of the hash table.  The load is the number of
-items in the hash table divided by the size of the hash table.  The
-default values are as follows.  If (hash->up_load E<lt> load) =E<gt>
-expand.  if (hash-E<gt>down_load E<gt> load) =E<gt> contract.  The
-B<up_load> has a default value of 1 and B<down_load> has a default value
-of 2.  These numbers can be modified by the application by just
-playing with the B<up_load> and B<down_load> variables.  The 'load' is
-kept in a form which is multiplied by 256.  So
-hash-E<gt>up_load=8*256; will cause a load of 8 to be set.
-
-If you are interested in performance the field to watch is
-num_comp_calls.  The hash library keeps track of the 'hash' value for
-each item so when a lookup is done, the 'hashes' are compared, if
-there is a match, then a full compare is done, and
-hash-E<gt>num_comp_calls is incremented.  If num_comp_calls is not equal
-to num_delete plus num_retrieve it means that your hash function is
-generating hashes that are the same for different values.  It is
-probably worth changing your hash function if this is the case because
-even if your hash table has 10 items in a 'bucket', it can be searched
-with 10 B<unsigned long> compares and 10 linked list traverses.  This
-will be much less expensive that 10 calls to your compare function.
-
-lh_strhash() is a demo string hashing function:
-
- unsigned long lh_strhash(const char *c);
-
-Since the B<LHASH> routines would normally be passed structures, this
-routine would not normally be passed to lh_new(), rather it would be
-used in the function passed to lh_new().
-
-=head1 SEE ALSO
-
-L<lh_stats(3)|lh_stats(3)>
-
-=head1 HISTORY
-
-The B<lhash> library is available in all versions of SSLeay and OpenSSL.
-lh_error() was added in SSLeay 0.9.1b.
-
-This manpage is derived from the SSLeay documentation.
-
-In OpenSSL 0.9.7, all lhash functions that were passed function pointers
-were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
-LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE 
-became available.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/md5.pod b/crypto/openssl/doc/crypto/md5.pod
deleted file mode 100644
index 6e6322dcdcc8..000000000000
--- a/crypto/openssl/doc/crypto/md5.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-
-=head1 NAME
-
-MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
-MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
-
-=head1 SYNOPSIS
-
- #include <openssl/md2.h>
-
- unsigned char *MD2(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void MD2_Init(MD2_CTX *c);
- void MD2_Update(MD2_CTX *c, const unsigned char *data,
-                  unsigned long len);
- void MD2_Final(unsigned char *md, MD2_CTX *c);
-
-
- #include <openssl/md4.h>
-
- unsigned char *MD4(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void MD4_Init(MD4_CTX *c);
- void MD4_Update(MD4_CTX *c, const void *data,
-                  unsigned long len);
- void MD4_Final(unsigned char *md, MD4_CTX *c);
-
-
- #include <openssl/md5.h>
-
- unsigned char *MD5(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void MD5_Init(MD5_CTX *c);
- void MD5_Update(MD5_CTX *c, const void *data,
-                  unsigned long len);
- void MD5_Final(unsigned char *md, MD5_CTX *c);
-
-=head1 DESCRIPTION
-
-MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
-
-MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
-of the B<n> bytes at B<d> and place it in B<md> (which must have space
-for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
-bytes of output). If B<md> is NULL, the digest is placed in a static
-array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-MD2_Init() initializes a B<MD2_CTX> structure.
-
-MD2_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-MD2_Final() places the message digest in B<md>, which must have space
-for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
-
-MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
-MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-etc. instead of calling the hash functions directly.
-
-=head1 NOTE
-
-MD2, MD4, and MD5 are recommended only for compatibility with existing
-applications. In new applications, SHA-1 or RIPEMD-160 should be
-preferred.
-
-=head1 RETURN VALUES
-
-MD2(), MD4(), and MD5() return pointers to the hash value. 
-
-MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() do not return
-values.
-
-=head1 CONFORMING TO
-
-RFC 1319, RFC 1320, RFC 1321
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
-MD5_Update() and MD5_Final() are available in all versions of SSLeay
-and OpenSSL.
-
-MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
-above.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/mdc2.pod b/crypto/openssl/doc/crypto/mdc2.pod
deleted file mode 100644
index 11dc303e04f4..000000000000
--- a/crypto/openssl/doc/crypto/mdc2.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function
-
-=head1 SYNOPSIS
-
- #include <openssl/mdc2.h>
-
- unsigned char *MDC2(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void MDC2_Init(MDC2_CTX *c);
- void MDC2_Update(MDC2_CTX *c, const unsigned char *data,
-                  unsigned long len);
- void MDC2_Final(unsigned char *md, MDC2_CTX *c);
-
-=head1 DESCRIPTION
-
-MDC2 is a method to construct hash functions with 128 bit output from
-block ciphers.  These functions are an implementation of MDC2 with
-DES.
-
-MDC2() computes the MDC2 message digest of the B<n>
-bytes at B<d> and places it in B<md> (which must have space for
-MDC2_DIGEST_LENGTH == 16 bytes of output). If B<md> is NULL, the digest
-is placed in a static array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-MDC2_Init() initializes a B<MDC2_CTX> structure.
-
-MDC2_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-MDC2_Final() places the message digest in B<md>, which must have space
-for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MDC2_CTX>.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
-hash functions directly.
-
-=head1 RETURN VALUES
-
-MDC2() returns a pointer to the hash value. 
-
-MDC2_Init(), MDC2_Update() and MDC2_Final() do not return values.
-
-=head1 CONFORMING TO
-
-ISO/IEC 10118-2, with DES
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-MDC2(), MDC2_Init(), MDC2_Update() and MDC2_Final() are available since
-SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/pem.pod b/crypto/openssl/doc/crypto/pem.pod
deleted file mode 100644
index a4f8cc33376a..000000000000
--- a/crypto/openssl/doc/crypto/pem.pod
+++ /dev/null
@@ -1,476 +0,0 @@
-=pod
-
-=head1 NAME
-
-PEM - PEM routines
-
-=head1 SYNOPSIS
-
- #include <openssl/pem.h>
-
- EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
- int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
-
- RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
-
- int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
-
- RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
-
- int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
-
- DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
-
- int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
-
- DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
-
- int PEM_write_DSAparams(FILE *fp, DSA *x);
-
- DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
-
- DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DHparams(BIO *bp, DH *x);
-
- int PEM_write_DHparams(FILE *fp, DH *x);
-
- X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
-
- X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509(BIO *bp, X509 *x);
-
- int PEM_write_X509(FILE *fp, X509 *x);
-
- X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
-
- X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
-
- int PEM_write_X509_AUX(FILE *fp, X509 *x);
-
- X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
-					pem_password_cb *cb, void *u);
-
- X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
-
- int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
-
- int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
-
- int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
-
- X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
-					pem_password_cb *cb, void *u);
- X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
-					pem_password_cb *cb, void *u);
- int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
- int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
-
- PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
-
- PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
-
- int PEM_write_PKCS7(FILE *fp, PKCS7 *x);
-
- NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,
-						NETSCAPE_CERT_SEQUENCE **x,
-						pem_password_cb *cb, void *u);
-
- NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,
-						NETSCAPE_CERT_SEQUENCE **x,
-						pem_password_cb *cb, void *u);
-
- int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x);
-
- int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp, NETSCAPE_CERT_SEQUENCE *x);
-
-=head1 DESCRIPTION
-
-The PEM functions read or write structures in PEM format. In
-this sense PEM format is simply base64 encoded data surrounded
-by header lines.
-
-For more details about the meaning of arguments see the
-B<PEM FUNCTION ARGUMENTS> section.
-
-Each operation has four functions associated with it. For
-clarity the term "B<foobar> functions" will be used to collectively
-refer to the PEM_read_bio_foobar(), PEM_read_foobar(),
-PEM_write_bio_foobar() and PEM_write_foobar() functions.
-
-The B<PrivateKey> functions read or write a private key in
-PEM format using an EVP_PKEY structure. The write routines use
-"traditional" private key format and can handle both RSA and DSA
-private keys. The read functions can additionally transparently
-handle PKCS#8 format encrypted and unencrypted keys too.
-
-PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
-write a private key in an EVP_PKEY structure in PKCS#8
-EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
-algorithms. The B<cipher> argument specifies the encryption algoritm to
-use: unlike all other PEM routines the encryption is applied at the
-PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
-encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
-
-PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid()
-also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however
-it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm
-to use is specified in the B<nid> parameter and should be the NID of the
-corresponding OBJECT IDENTIFIER (see NOTES section).
-
-The B<PUBKEY> functions process a public key using an EVP_PKEY
-structure. The public key is encoded as a SubjectPublicKeyInfo
-structure.
-
-The B<RSAPrivateKey> functions process an RSA private key using an
-RSA structure. It handles the same formats as the B<PrivateKey>
-functions but an error occurs if the private key is not RSA.
-
-The B<RSAPublicKey> functions process an RSA public key using an
-RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey
-structure.
-
-The B<RSA_PUBKEY> functions also process an RSA public key using
-an RSA structure. However the public key is encoded using a
-SubjectPublicKeyInfo structure and an error occurs if the public
-key is not RSA.
-
-The B<DSAPrivateKey> functions process a DSA private key using a
-DSA structure. It handles the same formats as the B<PrivateKey>
-functions but an error occurs if the private key is not DSA.
-
-The B<DSA_PUBKEY> functions process a DSA public key using
-a DSA structure. The public key is encoded using a
-SubjectPublicKeyInfo structure and an error occurs if the public
-key is not DSA.
-
-The B<DSAparams> functions process DSA parameters using a DSA
-structure. The parameters are encoded using a foobar structure.
-
-The B<DHparams> functions process DH parameters using a DH
-structure. The parameters are encoded using a PKCS#3 DHparameter
-structure.
-
-The B<X509> functions process an X509 certificate using an X509
-structure. They will also process a trusted X509 certificate but
-any trust settings are discarded.
-
-The B<X509_AUX> functions process a trusted X509 certificate using
-an X509 structure. 
-
-The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
-certificate request using an X509_REQ structure. The B<X509_REQ>
-write functions use B<CERTIFICATE REQUEST> in the header whereas
-the B<X509_REQ_NEW> functions use B<NEW CERTIFICATE REQUEST>
-(as required by some CAs). The B<X509_REQ> read functions will
-handle either form so there are no B<X509_REQ_NEW> read functions.
-
-The B<X509_CRL> functions process an X509 CRL using an X509_CRL
-structure.
-
-The B<PKCS7> functions process a PKCS#7 ContentInfo using a PKCS7
-structure.
-
-The B<NETSCAPE_CERT_SEQUENCE> functions process a Netscape Certificate
-Sequence using a NETSCAPE_CERT_SEQUENCE structure.
-
-=head1 PEM FUNCTION ARGUMENTS
-
-The PEM functions have many common arguments.
-
-The B<bp> BIO parameter (if present) specifies the BIO to read from
-or write to.
-
-The B<fp> FILE parameter (if present) specifies the FILE pointer to
-read from or write to.
-
-The PEM read functions all take an argument B<TYPE **x> and return
-a B<TYPE *> pointer. Where B<TYPE> is whatever structure the function
-uses. If B<x> is NULL then the parameter is ignored. If B<x> is not
-NULL but B<*x> is NULL then the structure returned will be written
-to B<*x>. If neither B<x> nor B<*x> is NULL then an attempt is made
-to reuse the structure at B<*x> (but see BUGS and EXAMPLES sections).
-Irrespective of the value of B<x> a pointer to the structure is always
-returned (or NULL if an error occurred).
-
-The PEM functions which write private keys take an B<enc> parameter
-which specifies the encryption algorithm to use, encryption is done
-at the PEM level. If this parameter is set to NULL then the private
-key is written in unencrypted form.
-
-The B<cb> argument is the callback to use when querying for the pass
-phrase used for encrypted PEM structures (normally only private keys).
-
-For the PEM write routines if the B<kstr> parameter is not NULL then
-B<klen> bytes at B<kstr> are used as the passphrase and B<cb> is
-ignored.
-
-If the B<cb> parameters is set to NULL and the B<u> parameter is not
-NULL then the B<u> parameter is interpreted as a null terminated string
-to use as the passphrase. If both B<cb> and B<u> are NULL then the
-default callback routine is used which will typically prompt for the
-passphrase on the current terminal with echoing turned off.
-
-The default passphrase callback is sometimes inappropriate (for example
-in a GUI application) so an alternative can be supplied. The callback
-routine has the following form:
-
- int cb(char *buf, int size, int rwflag, void *u);
-
-B<buf> is the buffer to write the passphrase to. B<size> is the maximum
-length of the passphrase (i.e. the size of buf). B<rwflag> is a flag
-which is set to 0 when reading and 1 when writing. A typical routine
-will ask the user to verify the passphrase (for example by prompting
-for it twice) if B<rwflag> is 1. The B<u> parameter has the same
-value as the B<u> parameter passed to the PEM routine. It allows
-arbitrary data to be passed to the callback by the application
-(for example a window handle in a GUI application). The callback
-B<must> return the number of characters in the passphrase or 0 if
-an error occurred.
-
-=head1 EXAMPLES
-
-Although the PEM routines take several arguments in almost all applications
-most of them are set to 0 or NULL.
-
-Read a certificate in PEM format from a BIO:
-
- X509 *x;
- x = PEM_read_bio(bp, NULL, 0, NULL);
- if (x == NULL)
-	{
-	/* Error */
-	}
-
-Alternative method:
-
- X509 *x = NULL;
- if (!PEM_read_bio_X509(bp, &x, 0, NULL))
-	{
-	/* Error */
-	}
-
-Write a certificate to a BIO:
-
- if (!PEM_write_bio_X509(bp, x))
-	{
-	/* Error */
-	}
-
-Write an unencrypted private key to a FILE pointer:
-
- if (!PEM_write_PrivateKey(fp, key, NULL, NULL, 0, 0, NULL))
-	{
-	/* Error */
-	}
-
-Write a private key (using traditional format) to a BIO using
-triple DES encryption, the pass phrase is prompted for:
-
- if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
-	{
-	/* Error */
-	}
-
-Write a private key (using PKCS#8 format) to a BIO using triple
-DES encryption, using the pass phrase "hello":
-
- if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, "hello"))
-	{
-	/* Error */
-	}
-
-Read a private key from a BIO using the pass phrase "hello":
-
- key = PEM_read_bio_PrivateKey(bp, NULL, 0, "hello");
- if (key == NULL)
-	{
-	/* Error */
-	}
-
-Read a private key from a BIO using a pass phrase callback:
-
- key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key");
- if (key == NULL)
-	{
-	/* Error */
-	}
-
-Skeleton pass phrase callback:
-
- int pass_cb(char *buf, int size, int rwflag, void *u);
-	{
-	int len;
-	char *tmp;
-	/* We'd probably do something else if 'rwflag' is 1 */
-	printf("Enter pass phrase for \"%s\"\n", u);
-
-	/* get pass phrase, length 'len' into 'tmp' */
-	tmp = "hello";
-	len = strlen(tmp);
-
-	if (len <= 0) return 0;
-	/* if too long, truncate */
-	if (len > size) len = size;
-	memcpy(buf, tmp, len);
-	return len;
-	}
-
-=head1 NOTES
-
-The old B<PrivateKey> write routines are retained for compatibility.
-New applications should write private keys using the
-PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines
-because they are more secure (they use an iteration count of 2048 whereas
-the traditional routines use a count of 1) unless compatibility with older
-versions of OpenSSL is important.
-
-The B<PrivateKey> read routines can be used in all applications because
-they handle all formats transparently.
-
-A frequent cause of problems is attempting to use the PEM routines like
-this:
-
- X509 *x;
- PEM_read_bio_X509(bp, &x, 0, NULL);
-
-this is a bug because an attempt will be made to reuse the data at B<x>
-which is an uninitialised pointer.
-
-=head1 PEM ENCRYPTION FORMAT
-
-This old B<PrivateKey> routines use a non standard technique for encryption.
-
-The private key (or other data) takes the following form: 
-
- -----BEGIN RSA PRIVATE KEY-----
- Proc-Type: 4,ENCRYPTED
- DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
-
- ...base64 encoded data...
- -----END RSA PRIVATE KEY-----
-
-The line beginning DEK-Info contains two comma separated pieces of information:
-the encryption algorithm name as used by EVP_get_cipherbyname() and an 8
-byte B<salt> encoded as a set of hexadecimal digits.
-
-After this is the base64 encoded encrypted data.
-
-The encryption key is determined using EVP_bytestokey(), using B<salt> and an
-iteration count of 1. The IV used is the value of B<salt> and *not* the IV
-returned by EVP_bytestokey().
-
-=head1 BUGS
-
-The PEM read routines in some versions of OpenSSL will not correctly reuse
-an existing structure. Therefore the following:
-
- PEM_read_bio(bp, &x, 0, NULL);
-
-where B<x> already contains a valid certificate, may not work, whereas: 
-
- X509_free(x);
- x = PEM_read_bio(bp, NULL, 0, NULL);
-
-is guaranteed to work.
-
-=head1 RETURN CODES
-
-The read routines return either a pointer to the structure read or NULL
-is an error occurred.
-
-The write routines return 1 for success or 0 for failure.
diff --git a/crypto/openssl/doc/crypto/rand.pod b/crypto/openssl/doc/crypto/rand.pod
deleted file mode 100644
index 1c068c85b34c..000000000000
--- a/crypto/openssl/doc/crypto/rand.pod
+++ /dev/null
@@ -1,175 +0,0 @@
-=pod
-
-=head1 NAME
-
-rand - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int  RAND_set_rand_engine(ENGINE *engine);
-
- int  RAND_bytes(unsigned char *buf, int num);
- int  RAND_pseudo_bytes(unsigned char *buf, int num);
-
- void RAND_seed(const void *buf, int num);
- void RAND_add(const void *buf, int num, int entropy);
- int  RAND_status(void);
-
- int  RAND_load_file(const char *file, long max_bytes);
- int  RAND_write_file(const char *file);
- const char *RAND_file_name(char *file, size_t num);
-
- int  RAND_egd(const char *path);
-
- void RAND_set_rand_method(const RAND_METHOD *meth);
- const RAND_METHOD *RAND_get_rand_method(void);
- RAND_METHOD *RAND_SSLeay(void);
-
- void RAND_cleanup(void);
-
- /* For Win32 only */
- void RAND_screen(void);
- int RAND_event(UINT, WPARAM, LPARAM);
-
-=head1 DESCRIPTION
-
-Since the introduction of the ENGINE API, the recommended way of controlling
-default implementations is by using the ENGINE API functions. The default
-B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
-RAND_get_rand_method(), is only used if no ENGINE has been set as the default
-"rand" implementation. Hence, these two functions are no longer the recommened
-way to control defaults.
-
-If an alternative B<RAND_METHOD> implementation is being used (either set
-directly or as provided by an ENGINE module), then it is entirely responsible
-for the generation and management of a cryptographically secure PRNG stream. The
-mechanisms described below relate solely to the software PRNG implementation
-built in to OpenSSL and used by default.
-
-These functions implement a cryptographically secure pseudo-random
-number generator (PRNG). It is used by other library functions for
-example to generate random keys, and applications can use it when they
-need randomness.
-
-A cryptographic PRNG must be seeded with unpredictable data such as
-mouse movements or keys pressed at random by the user. This is
-described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
-seeding process whenever the application is started.
-
-L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-PRNG. 
-
-=head1 INTERNALS
-
-The RAND_SSLeay() method implements a PRNG based on a cryptographic
-hash function.
-
-The following description of its design is based on the SSLeay
-documentation:
-
-First up I will state the things I believe I need for a good RNG.
-
-=over 4
-
-=item 1
-
-A good hashing algorithm to mix things up and to convert the RNG 'state'
-to random numbers.
-
-=item 2
-
-An initial source of random 'state'.
-
-=item 3
-
-The state should be very large.  If the RNG is being used to generate
-4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-If your RNG state only has 128 bits, you are obviously limiting the
-search space to 128 bits, not 2048.  I'm probably getting a little
-carried away on this last point but it does indicate that it may not be
-a bad idea to keep quite a lot of RNG state.  It should be easier to
-break a cipher than guess the RNG seed data.
-
-=item 4
-
-Any RNG seed data should influence all subsequent random numbers
-generated.  This implies that any random seed data entered will have
-an influence on all subsequent random numbers generated.
-
-=item 5
-
-When using data to seed the RNG state, the data used should not be
-extractable from the RNG state.  I believe this should be a
-requirement because one possible source of 'secret' semi random
-data would be a private key or a password.  This data must
-not be disclosed by either subsequent random numbers or a
-'core' dump left by a program crash.
-
-=item 6
-
-Given the same initial 'state', 2 systems should deviate in their RNG state
-(and hence the random numbers generated) over time if at all possible.
-
-=item 7
-
-Given the random number output stream, it should not be possible to determine
-the RNG state or the next random number.
-
-=back
-
-The algorithm is as follows.
-
-There is global state made up of a 1023 byte buffer (the 'state'), a
-working hash value ('md'), and a counter ('count').
-
-Whenever seed data is added, it is inserted into the 'state' as
-follows.
-
-The input is chopped up into units of 20 bytes (or less for
-the last block).  Each of these blocks is run through the hash
-function as follows:  The data passed to the hash function
-is the current 'md', the same number of bytes from the 'state'
-(the location determined by in incremented looping index) as
-the current 'block', the new key data 'block', and 'count'
-(which is incremented after each use).
-The result of this is kept in 'md' and also xored into the
-'state' at the same locations that were used as input into the
-hash function. I
-believe this system addresses points 1 (hash function; currently
-SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-function and xor).
-
-When bytes are extracted from the RNG, the following process is used.
-For each group of 10 bytes (or less), we do the following:
-
-Input into the hash function the local 'md' (which is initialized from
-the global 'md' before any bytes are generated), the bytes that are to
-be overwritten by the random bytes, and bytes from the 'state'
-(incrementing looping index). From this digest output (which is kept
-in 'md'), the top (up to) 10 bytes are returned to the caller and the
-bottom 10 bytes are xored into the 'state'.
-
-Finally, after we have finished 'num' random bytes for the caller,
-'count' (which is incremented) and the local and global 'md' are fed
-into the hash function and the results are kept in the global 'md'.
-
-I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-into the 'state' the 'old' data from the caller that is about to be
-overwritten) and 7 (by not using the 10 bytes given to the caller to
-update the 'state', but they are used to update 'md').
-
-So of the points raised, only 2 is not addressed (but see
-L<RAND_add(3)|RAND_add(3)>).
-
-=head1 SEE ALSO
-
-L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_bytes(3)|RAND_bytes(3)>,
-L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)> 
-
-=cut
diff --git a/crypto/openssl/doc/crypto/rc4.pod b/crypto/openssl/doc/crypto/rc4.pod
deleted file mode 100644
index b6d3a4342caa..000000000000
--- a/crypto/openssl/doc/crypto/rc4.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-RC4_set_key, RC4 - RC4 encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/rc4.h>
-
- void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-
- void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
-          unsigned char *outdata);
-
-=head1 DESCRIPTION
-
-This library implements the Alleged RC4 cipher, which is described for
-example in I<Applied Cryptography>.  It is believed to be compatible
-with RC4[TM], a proprietary cipher of RSA Security Inc.
-
-RC4 is a stream cipher with variable key length.  Typically, 128 bit
-(16 byte) keys are used for strong encryption, but shorter insecure
-key sizes have been widely used due to export restrictions.
-
-RC4 consists of a key setup phase and the actual encryption or
-decryption phase.
-
-RC4_set_key() sets up the B<RC4_KEY> B<key> using the B<len> bytes long
-key at B<data>.
-
-RC4() encrypts or decrypts the B<len> bytes of data at B<indata> using
-B<key> and places the result at B<outdata>.  Repeated RC4() calls with
-the same B<key> yield a continuous key stream.
-
-Since RC4 is a stream cipher (the input is XORed with a pseudo-random
-key stream to produce the output), decryption uses the same function
-calls as encryption.
-
-Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-etc. instead of calling the RC4 functions directly.
-
-=head1 RETURN VALUES
-
-RC4_set_key() and RC4() do not return values.
-
-=head1 NOTE
-
-Certain conditions have to be observed to securely use stream ciphers.
-It is not permissible to perform multiple encryptions using the same
-key stream.
-
-=head1 SEE ALSO
-
-L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<rc2(3)|rc2(3)>
-
-=head1 HISTORY
-
-RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ripemd.pod b/crypto/openssl/doc/crypto/ripemd.pod
deleted file mode 100644
index 31054b6a8ccd..000000000000
--- a/crypto/openssl/doc/crypto/ripemd.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final -
-RIPEMD-160 hash function
-
-=head1 SYNOPSIS
-
- #include <openssl/ripemd.h>
-
- unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void RIPEMD160_Init(RIPEMD160_CTX *c);
- void RIPEMD160_Update(RIPEMD_CTX *c, const void *data,
-                  unsigned long len);
- void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-
-=head1 DESCRIPTION
-
-RIPEMD-160 is a cryptographic hash function with a
-160 bit output.
-
-RIPEMD160() computes the RIPEMD-160 message digest of the B<n>
-bytes at B<d> and places it in B<md> (which must have space for
-RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
-is placed in a static array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-RIPEMD160_Init() initializes a B<RIPEMD160_CTX> structure.
-
-RIPEMD160_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-RIPEMD160_Final() places the message digest in B<md>, which must have
-space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases
-the B<RIPEMD160_CTX>.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
-hash functions directly.
-
-=head1 RETURN VALUES
-
-RIPEMD160() returns a pointer to the hash value. 
-
-RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() do not
-return values.
-
-=head1 CONFORMING TO
-
-ISO/IEC 10118-3 (draft) (??)
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-RIPEMD160(), RIPEMD160_Init(), RIPEMD160_Update() and
-RIPEMD160_Final() are available since SSLeay 0.9.0.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/rsa.pod b/crypto/openssl/doc/crypto/rsa.pod
deleted file mode 100644
index 45ac53ffc147..000000000000
--- a/crypto/openssl/doc/crypto/rsa.pod
+++ /dev/null
@@ -1,123 +0,0 @@
-=pod
-
-=head1 NAME
-
-rsa - RSA public key cryptosystem
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
- #include <openssl/engine.h>
-
- RSA * RSA_new(void);
- void RSA_free(RSA *rsa);
-
- int RSA_public_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
- int RSA_private_decrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
- int RSA_private_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa,int padding);
- int RSA_public_decrypt(int flen, unsigned char *from, 
-    unsigned char *to, RSA *rsa,int padding);
-
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- int RSA_size(const RSA *rsa);
-
- RSA *RSA_generate_key(int num, unsigned long e,
-    void (*callback)(int,int,void *), void *cb_arg);
-
- int RSA_check_key(RSA *rsa);
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
- void RSA_blinding_off(RSA *rsa);
-
- void RSA_set_default_method(const RSA_METHOD *meth);
- const RSA_METHOD *RSA_get_default_method(void);
- int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
- const RSA_METHOD *RSA_get_method(const RSA *rsa);
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
- RSA_METHOD *RSA_null_method(void);
- int RSA_flags(const RSA *rsa);
- RSA *RSA_new_method(ENGINE *engine);
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-    int (*dup_func)(), void (*free_func)());
- int RSA_set_ex_data(RSA *r,int idx,char *arg);
- char *RSA_get_ex_data(RSA *r, int idx);
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
-    RSA *rsa);
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-    RSA *rsa);
-
-=head1 DESCRIPTION
-
-These functions implement RSA public key encryption and signatures
-as defined in PKCS #1 v2.0 [RFC 2437].
-
-The B<RSA> structure consists of several BIGNUM components. It can
-contain public as well as private RSA keys:
-
- struct
-        {
-        BIGNUM *n;		// public modulus
-        BIGNUM *e;		// public exponent
-        BIGNUM *d;		// private exponent
-        BIGNUM *p;		// secret prime factor
-        BIGNUM *q;		// secret prime factor
-        BIGNUM *dmp1;		// d mod (p-1)
-        BIGNUM *dmq1;		// d mod (q-1)
-        BIGNUM *iqmp;		// q^-1 mod p
-	// ...
-        };
- RSA
-
-In public keys, the private exponent and the related secret values are
-B<NULL>.
-
-B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
-keys, but the RSA operations are much faster when these values are
-available.
-
-Note that RSA keys may use non-standard B<RSA_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using RSA
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 PATENTS
-
-RSA was covered by a US patent which expired in September 2000.
-
-=head1 SEE ALSO
-
-L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_check_key(3)|RSA_check_key(3)>,
-L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
-L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)> 
-
-=cut
diff --git a/crypto/openssl/doc/crypto/sha.pod b/crypto/openssl/doc/crypto/sha.pod
deleted file mode 100644
index 0ba315d6d7a3..000000000000
--- a/crypto/openssl/doc/crypto/sha.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-SHA1, SHA1_Init, SHA1_Update, SHA1_Final - Secure Hash Algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/sha.h>
-
- unsigned char *SHA1(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- void SHA1_Init(SHA_CTX *c);
- void SHA1_Update(SHA_CTX *c, const void *data,
-                  unsigned long len);
- void SHA1_Final(unsigned char *md, SHA_CTX *c);
-
-=head1 DESCRIPTION
-
-SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
-160 bit output.
-
-SHA1() computes the SHA-1 message digest of the B<n>
-bytes at B<d> and places it in B<md> (which must have space for
-SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
-is placed in a static array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-SHA1_Init() initializes a B<SHA_CTX> structure.
-
-SHA1_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-SHA1_Final() places the message digest in B<md>, which must have space
-for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the B<SHA_CTX>.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-etc. instead of calling the hash functions directly.
-
-The predecessor of SHA-1, SHA, is also implemented, but it should be
-used only when backward compatibility is required.
-
-=head1 RETURN VALUES
-
-SHA1() returns a pointer to the hash value. 
-
-SHA1_Init(), SHA1_Update() and SHA1_Final() do not return values.
-
-=head1 CONFORMING TO
-
-SHA: US Federal Information Processing Standard FIPS PUB 180 (Secure Hash
-Standard),
-SHA-1: US Federal Information Processing Standard FIPS PUB 180-1 (Secure Hash
-Standard),
-ANSI X9.30
-
-=head1 SEE ALSO
-
-L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-SHA1(), SHA1_Init(), SHA1_Update() and SHA1_Final() are available in all
-versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/crypto/openssl/doc/crypto/threads.pod b/crypto/openssl/doc/crypto/threads.pod
deleted file mode 100644
index afa45cd76cda..000000000000
--- a/crypto/openssl/doc/crypto/threads.pod
+++ /dev/null
@@ -1,158 +0,0 @@
-=pod
-
-=head1 NAME
-
-CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
-CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
-CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
-CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
-
-=head1 SYNOPSIS
-
- #include <openssl/crypto.h>
-
- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-        int n, const char *file, int line));
-
- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-
- int CRYPTO_num_locks(void);
-
-
- /* struct CRYPTO_dynlock_value needs to be defined by the user */
- struct CRYPTO_dynlock_value;
-
- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-	(*dyn_create_function)(char *file, int line));
- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-	(int mode, struct CRYPTO_dynlock_value *l,
-	const char *file, int line));
- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-	(struct CRYPTO_dynlock_value *l, const char *file, int line));
-
- int CRYPTO_get_new_dynlockid(void);
-
- void CRYPTO_destroy_dynlockid(int i);
-
- void CRYPTO_lock(int mode, int n, const char *file, int line);
-
- #define CRYPTO_w_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
- #define CRYPTO_w_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
- #define CRYPTO_r_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
- #define CRYPTO_r_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
- #define CRYPTO_add(addr,amount,type)	\
-	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-
-=head1 DESCRIPTION
-
-OpenSSL can safely be used in multi-threaded applications provided
-that at least two callback functions are set.
-
-locking_function(int mode, int n, const char *file, int line) is
-needed to perform locking on shared data structures. 
-(Note that OpenSSL uses a number of global data structures that
-will be implicitly shared whenever multiple threads use OpenSSL.)
-Multi-threaded applications will crash at random if it is not set.
-
-locking_function() must be able to handle up to CRYPTO_num_locks()
-different mutex locks. It sets the B<n>-th lock if B<mode> &
-B<CRYPTO_LOCK>, and releases it otherwise.
-
-B<file> and B<line> are the file number of the function setting the
-lock. They can be useful for debugging.
-
-id_function(void) is a function that returns a thread ID. It is not
-needed on Windows nor on platforms where getpid() returns a different
-ID for each thread (most notably Linux).
-
-Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
-of OpenSSL need it for better performance.  To enable this, the following
-is required:
-
-=over 4
-
-=item *
-Three additional callback function, dyn_create_function, dyn_lock_function
-and dyn_destroy_function.
-
-=item *
-A structure defined with the data that each lock needs to handle.
-
-=back
-
-struct CRYPTO_dynlock_value has to be defined to contain whatever structure
-is needed to handle locks.
-
-dyn_create_function(const char *file, int line) is needed to create a
-lock.  Multi-threaded applications might crash at random if it is not set.
-
-dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
-is needed to perform locking off dynamic lock numbered n. Multi-threaded
-applications might crash at random if it is not set.
-
-dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
-needed to destroy the lock l. Multi-threaded applications might crash at
-random if it is not set.
-
-CRYPTO_get_new_dynlockid() is used to create locks.  It will call
-dyn_create_function for the actual creation.
-
-CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
-dyn_destroy_function for the actual destruction.
-
-CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
-describing what should be done with the lock.  n is the number of the
-lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
-from the following values.  These values are pairwise exclusive, with
-undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
-should not be used together):
-
-	CRYPTO_LOCK	0x01
-	CRYPTO_UNLOCK	0x02
-	CRYPTO_READ	0x04
-	CRYPTO_WRITE	0x08
-
-=head1 RETURN VALUES
-
-CRYPTO_num_locks() returns the required number of locks.
-
-CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
-
-The other functions return no values.
-
-=head1 NOTE
-
-You can find out if OpenSSL was configured with thread support:
-
- #define OPENSSL_THREAD_DEFINES
- #include <openssl/opensslconf.h>
- #if defined(THREADS)
-   // thread support enabled
- #else
-   // no thread support
- #endif
-
-Also, dynamic locks are currently not used internally by OpenSSL, but
-may do so in the future.
-
-=head1 EXAMPLES
-
-B<crypto/threads/mttest.c> shows examples of the callback functions on
-Solaris, Irix and Win32.
-
-=head1 HISTORY
-
-CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
-available in all versions of SSLeay and OpenSSL.
-CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ui.pod b/crypto/openssl/doc/crypto/ui.pod
deleted file mode 100644
index 2b3535a74618..000000000000
--- a/crypto/openssl/doc/crypto/ui.pod
+++ /dev/null
@@ -1,194 +0,0 @@
-=pod
-
-=head1 NAME
-
-UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string,
-UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean,
-UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string,
-UI_add_error_string, UI_dup_error_string, UI_construct_prompt
-UI_add_user_data, UI_get0_user_data, UI_get0_result, UI_process,
-UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method,
-UI_set_method, UI_OpenSSL, ERR_load_UI_strings - New User Interface
-
-=head1 SYNOPSIS
-
- #include <openssl/ui.h>
-
- typedef struct ui_st UI;
- typedef struct ui_method_st UI_METHOD;
-
- UI *UI_new(void);
- UI *UI_new_method(const UI_METHOD *method);
- void UI_free(UI *ui);
-
- int UI_add_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize);
- int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize);
- int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf);
- int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-	char *result_buf, int minsize, int maxsize, const char *test_buf);
- int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf);
- int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-	const char *ok_chars, const char *cancel_chars,
-	int flags, char *result_buf);
- int UI_add_info_string(UI *ui, const char *text);
- int UI_dup_info_string(UI *ui, const char *text);
- int UI_add_error_string(UI *ui, const char *text);
- int UI_dup_error_string(UI *ui, const char *text);
-
- /* These are the possible flags.  They can be or'ed together. */
- #define UI_INPUT_FLAG_ECHO		0x01
- #define UI_INPUT_FLAG_DEFAULT_PWD	0x02
-
- char *UI_construct_prompt(UI *ui_method,
-	const char *object_desc, const char *object_name);
-
- void *UI_add_user_data(UI *ui, void *user_data);
- void *UI_get0_user_data(UI *ui);
-
- const char *UI_get0_result(UI *ui, int i);
-
- int UI_process(UI *ui);
-
- int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
- #define UI_CTRL_PRINT_ERRORS		1
- #define UI_CTRL_IS_REDOABLE		2
-
- void UI_set_default_method(const UI_METHOD *meth);
- const UI_METHOD *UI_get_default_method(void);
- const UI_METHOD *UI_get_method(UI *ui);
- const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
- UI_METHOD *UI_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-UI stands for User Interface, and is general purpose set of routines to
-prompt the user for text-based information.  Through user-written methods
-(see L<ui_create(3)|ui_create(3)>), prompting can be done in any way
-imaginable, be it plain text prompting, through dialog boxes or from a
-cell phone.
-
-All the functions work through a context of the type UI.  This context
-contains all the information needed to prompt correctly as well as a
-reference to a UI_METHOD, which is an ordered vector of functions that
-carry out the actual prompting.
-
-The first thing to do is to create a UI with UI_new() or UI_new_method(),
-then add information to it with the UI_add or UI_dup functions.  Also,
-user-defined random data can be passed down to the underlying method
-through calls to UI_add_user_data.  The default UI method doesn't care
-about these data, but other methods might.  Finally, use UI_process()
-to actually perform the prompting and UI_get0_result() to find the result
-to the prompt.
-
-A UI can contain more than one prompt, which are performed in the given
-sequence.  Each prompt gets an index number which is returned by the
-UI_add and UI_dup functions, and has to be used to get the corresponding
-result with UI_get0_result().
-
-The functions are as follows:
-
-UI_new() creates a new UI using the default UI method.  When done with
-this UI, it should be freed using UI_free().
-
-UI_new_method() creates a new UI using the given UI method.  When done with
-this UI, it should be freed using UI_free().
-
-UI_OpenSSL() returns the built-in UI method (note: not the default one,
-since the default can be changed.  See further on).  This method is the
-most machine/OS dependent part of OpenSSL and normally generates the
-most problems when porting.
-
-UI_free() removes a UI from memory, along with all other pieces of memory
-that's connected to it, like duplicated input strings, results and others.
-
-UI_add_input_string() and UI_add_verify_string() add a prompt to the UI,
-as well as flags and a result buffer and the desired minimum and maximum
-sizes of the result.  The given information is used to prompt for
-information, for example a password, and to verify a password (i.e. having
-the user enter it twice and check that the same string was entered twice).
-UI_add_verify_string() takes and extra argument that should be a pointer
-to the result buffer of the input string that it's supposed to verify, or
-verification will fail.
-
-UI_add_input_boolean() adds a prompt to the UI that's supposed to be answered
-in a boolean way, with a single character for yes and a different character
-for no.  A set of characters that can be used to cancel the prompt is given
-as well.  The prompt itself is really divided in two, one part being the
-descriptive text (given through the I<prompt> argument) and one describing
-the possible answers (given through the I<action_desc> argument).
-
-UI_add_info_string() and UI_add_error_string() add strings that are shown at
-the same time as the prompt for extra information or to show an error string.
-The difference between the two is only conceptual.  With the builtin method,
-there's no technical difference between them.  Other methods may make a
-difference between them, however.
-
-The flags currently supported are UI_INPUT_FLAG_ECHO, which is relevant for
-UI_add_input_string() and will have the users response be echoed (when
-prompting for a password, this flag should obviously not be used, and
-UI_INPUT_FLAG_DEFAULT_PWD, which means that a default password of some
-sort will be used (completely depending on the application and the UI
-method).
-
-UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(),
-UI_dup_info_string() and UI_dup_error_string() are basically the same
-as their UI_add counterparts, except that they make their own copies
-of all strings.
-
-UI_construct_prompt() is a helper function that can be used to create
-a prompt from two pieces of information: an description and a name.
-The default constructor (if there is none provided by the method used)
-creates a string "Enter I<description> for I<name>:".  With the
-description "pass phrase" and the file name "foo.key", that becomes
-"Enter pass phrase for foo.key:".  Other methods may create whatever
-string and may include encodings that will be processed by the other
-method functions.
-
-UI_add_user_data() adds a piece of memory for the method to use at any
-time.  The builtin UI method doesn't care about this info.  Note that several
-calls to this function doesn't add data, it replaces the previous blob
-with the one given as argument.
-
-UI_get0_user_data() retrieves the data that has last been given to the
-UI with UI_add_user_data().
-
-UI_get0_result() returns a pointer to the result buffer associated with
-the information indexed by I<i>.
-
-UI_process() goes through the information given so far, does all the printing
-and prompting and returns.
-
-UI_ctrl() adds extra control for the application author.  For now, it
-understands two commands: UI_CTRL_PRINT_ERRORS, which makes UI_process()
-print the OpenSSL error stack as part of processing the UI, and
-UI_CTRL_IS_REDOABLE, which returns a flag saying if the used UI can
-be used again or not.
-
-UI_set_default_method() changes the default UI method to the one given.
-
-UI_get_default_method() returns a pointer to the current default UI method.
-
-UI_get_method() returns the UI method associated with a given UI.
-
-UI_set_method() changes the UI method associated with a given UI.
-
-=head1 SEE ALSO
-
-L<ui_create(3)|ui_create(3)>, L<ui_compat(3)|ui_compat(3)>
-
-=head1 HISTORY
-
-The UI section was first introduced in OpenSSL 0.9.7.
-
-=head1 AUTHOR
-
-Richard Levitte (richard@levitte.org) for the OpenSSL project
-(http://www.openssl.org).
-
-=cut
diff --git a/crypto/openssl/doc/crypto/ui_compat.pod b/crypto/openssl/doc/crypto/ui_compat.pod
deleted file mode 100644
index 9ab3c69bf256..000000000000
--- a/crypto/openssl/doc/crypto/ui_compat.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-des_read_password, des_read_2passwords, des_read_pw_string, des_read_pw -
-Compatibility user interface functions
-
-=head1 SYNOPSIS
-
- int des_read_password(DES_cblock *key,const char *prompt,int verify);
- int des_read_2passwords(DES_cblock *key1,DES_cblock *key2,
- 	const char *prompt,int verify);
-
- int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
- int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-
-=head1 DESCRIPTION
-
-The DES library contained a few routines to prompt for passwords.  These
-aren't necessarely dependent on DES, and have therefore become part of the
-UI compatibility library.
-
-des_read_pw() writes the string specified by I<prompt> to standard output
-turns echo off and reads an input string from the terminal.  The string is
-returned in I<buf>, which must have spac for at least I<size> bytes.
-If I<verify> is set, the user is asked for the password twice and unless
-the two copies match, an error is returned.  The second password is stored
-in I<buff>, which must therefore also be at least I<size> bytes.  A return
-code of -1 indicates a system error, 1 failure due to use interaction, and
-0 is success.  All other functions described here use des_read_pw() to do
-the work.
-
-des_read_pw_string() is a variant of des_read_pw() that provides a buffer
-for you if I<verify> is set.
-
-des_read_password() calls des_read_pw() and converts the password to a
-DES key by calling DES_string_to_key(); des_read_2password() operates in
-the same way as des_read_password() except that it generates two keys
-by using the DES_string_to_2key() function.
-
-=head1 NOTES
-
-des_read_pw_string() is available in the MIT Kerberos library as well, and
-is also available under the name EVP_read_pw_string().
-
-=head1 SEE ALSO
-
-L<ui(3)|ui(3)>, L<ui_create(3)|ui_create(3)>
-
-=head1 AUTHOR
-
-Richard Levitte (richard@levitte.org) for the OpenSSL project
-(http://www.openssl.org).
-
-=cut
diff --git a/crypto/openssl/doc/openssl.pod b/crypto/openssl/doc/openssl.pod
deleted file mode 100644
index 561f01e0ca81..000000000000
--- a/crypto/openssl/doc/openssl.pod
+++ /dev/null
@@ -1,304 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-openssl - OpenSSL command line tool
-
-=head1 SYNOPSIS
-
-B<openssl>
-I<command>
-[ I<command_opts> ]
-[ I<command_args> ]
-
-=head1 DESCRIPTION
-
-OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
-v2/v3) and Transport Layer Security (TLS v1) network protocols and related
-cryptography standards required by them.
-
-The B<openssl> program is a command line tool for using the various
-cryptography functions of OpenSSL's B<crypto> library from the shell. 
-It can be used for 
-
- o  Creation of RSA, DH and DSA key parameters
- o  Creation of X.509 certificates, CSRs and CRLs 
- o  Calculation of Message Digests
- o  Encryption and Decryption with Ciphers
- o  SSL/TLS Client and Server Tests
-
-=head1 COMMAND SUMMARY
-
-The B<openssl> program provides a rich variety of commands (I<command> in the
-SYNOPSIS above), each of which often has a wealth of options and arguments
-(I<command_opts> and I<command_args> in the SYNOPSIS).
-
-=head2 STANDARD COMMANDS
-
-=over 10
-
-=item B<asn1parse> 
-
-Parse an ASN.1 sequence.
-
-=item B<ca>
-
-Certificate Authority (CA) Management.  
-
-=item B<ciphers>
-
-Cipher Suite Description Determination.
-
-=item B<crl>
-
-Certificate Revocation List (CRL) Management.
-
-=item B<crl2pkcs7>      
-
-CRL2 to PKCS#7 Conversion.
-
-=item B<dgst>
-
-Message Digest Calculation.
-
-=item B<dh>
-
-Diffie-Hellman Data Management.
-
-=item B<dsa>
-
-DSA Data Management.
-
-=item B<dsaparam>
-
-DSA Parameter Generation.
-
-=item B<enc>            
-
-Encoding with Ciphers.
-
-=item B<errstr>
-
-Error Number to Error String Conversion.
-
-=item B<gendh>
-
-Generation of Diffie-Hellman Parameters.
-
-=item B<gendsa>
-
-Generation of DSA Parameters.
-
-=item B<genrsa>
-
-Generation of RSA Parameters.
-
-=item B<pkcs7>
-
-PKCS#7 Data Management.
-
-=item B<req>
-
-X.509 Certificate Signing Request (CSR) Management.
-
-=item B<rsa>
-
-RSA Data Management.
-
-=item B<s_client>
-
-This implements a generic SSL/TLS client which can establish a transparent
-connection to a remote server speaking SSL/TLS. It's intended for testing
-purposes only and provides only rudimentary interface functionality but
-internally uses mostly all functionality of the OpenSSL B<ssl> library.
-
-=item B<s_server>
-
-This implements a generic SSL/TLS server which accepts connections from remote
-clients speaking SSL/TLS. It's intended for testing purposes only and provides
-only rudimentary interface functionality but internally uses mostly all
-functionality of the OpenSSL B<ssl> library.  It provides both an own command
-line oriented protocol for testing SSL functions and a simple HTTP response
-facility to emulate an SSL/TLS-aware webserver.
-
-=item B<s_time>        
-
-SSL Connection Timer.
-
-=item B<sess_id>
-
-SSL Session Data Management.
-
-=item B<speed>
-
-Algorithm Speed Measurement.
-
-=item B<verify>
-
-X.509 Certificate Verification.
-
-=item B<version>
-
-OpenSSL Version Information.
-
-=item B<x509>           
-
-X.509 Certificate Data Management.
-
-=back
-
-=head2 MESSAGE DIGEST COMMANDS
-
-=over 10
-
-=item B<md2>
-
-MD2 Digest
-
-=item B<md5>
-
-MD5 Digest
-
-=item B<mdc2>
-
-MDC2 Digest
-
-=item B<rmd160>
-
-RMD-160 Digest
-
-=item B<sha>            
-
-SHA Digest
-
-=item B<sha1>           
-
-SHA-1 Digest
-
-=back
-
-=head2 ENCODING AND CIPHER COMMANDS
-
-=over 10
-
-=item B<base64>
-
-Base64 Encoding
-
-=item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
-
-Blowfish Cipher
-
-=item B<cast cast-cbc>
-
-CAST Cipher
-
-=item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
-
-CAST5 Cipher
-
-=item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
-
-DES Cipher
-
-=item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
-
-Triple-DES Cipher
-
-=item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
-
-IDEA Cipher
-
-=item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
-
-RC2 Cipher
-
-=item B<rc4>
-
-RC4 Cipher
-
-=item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
-
-RC5 Cipher
-
-=back
-
-=head1 DETAILED COMMAND DESCRIPTION
-
-The following is a detailed description of every B<openssl> I<command>.
-
-=over 4
-
-=item B<openssl> B<s_client>
-[B<-connect> I<host>B<:>I<port>]
-[B<-verify> I<arg>]
-[B<-cert> I<arg>]
-[B<-key> I<arg>]
-[B<-CApath> I<arg>]
-[B<-CAfile> I<arg>]
-[B<-reconnect>]
-[B<-pause>]
-[B<-debug>]
-[B<-nbio_test>]
-[B<-state>]
-[B<-nbio>]
-[B<-quiet>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-bugs>]
-[B<-cipher>]
-
-The B<s_client> command implements a generic SSL/TLS client which can
-establish a transparent connection to a remote I<host> and I<port> speaking
-SSL/TLS. 
-
-=item B<openssl> B<s_server>
-[B<-accept> I<port>]
-[B<-verify> I<arg>]
-[B<-Verify> I<arg>]
-[B<-cert> I<arg>]
-[B<-key> I<arg>]
-[B<-dcert> I<arg>]
-[B<-dkey> I<arg>]
-[B<-nbio>]
-[B<-nbio_test>]
-[B<-debug>]
-[B<-state>]
-[B<-CApath> I<arg>]
-[B<-CAfile> I<arg>]
-[B<-nocert>]
-[B<-cipher> I<arg>]
-[B<-quiet>]
-[B<-no_tmp_rsa>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-bugs>]
-[B<-www>]
-[B<-WWW>]
-
-The B<s_server> command implements a generic SSL/TLS server which accepts
-connections from remote clients on I<port> speaking SSL/TLS.
-
-=back
-
-...
-
-=head1 SEE ALSO
-
-crypto(3), ssl(3)
-
-=head1 HISTORY
-
-The openssl(3) document appeared in OpenSSL 0.9.2
-
-=cut
-
diff --git a/crypto/openssl/doc/openssl.txt b/crypto/openssl/doc/openssl.txt
deleted file mode 100644
index 432a17b66cf8..000000000000
--- a/crypto/openssl/doc/openssl.txt
+++ /dev/null
@@ -1,1235 +0,0 @@
-
-This is some preliminary documentation for OpenSSL.
-
-Contents:
-
- OpenSSL X509V3 extension configuration
- X509V3 Extension code: programmers guide
- PKCS#12 Library
-
-
-==============================================================================
-               OpenSSL X509V3 extension configuration
-==============================================================================
-
-OpenSSL X509V3 extension configuration: preliminary documentation.
-
-INTRODUCTION.
-
-For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
-possible to add and print out common X509 V3 certificate and CRL extensions.
-
-BEGINNERS NOTE
-
-For most simple applications you don't need to know too much about extensions:
-the default openssl.cnf values will usually do sensible things.
-
-If you want to know more you can initially quickly look through the sections
-describing how the standard OpenSSL utilities display and add extensions and
-then the list of supported extensions.
-
-For more technical information about the meaning of extensions see:
-
-http://www.imc.org/ietf-pkix/
-http://home.netscape.com/eng/security/certs.html
-
-PRINTING EXTENSIONS.
-
-Extension values are automatically printed out for supported extensions.
-
-openssl x509 -in cert.pem -text
-openssl crl -in crl.pem -text
-
-will give information in the extension printout, for example:
-
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:TRUE
-            X509v3 Subject Key Identifier: 
-                73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
-            X509v3 Authority Key Identifier: 
-                keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
-            X509v3 Key Usage: 
-                Certificate Sign, CRL Sign
-            X509v3 Subject Alternative Name: 
-                email:email@1.address, email:email@2.address
-
-CONFIGURATION FILES.
-
-The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
-which certificate extensions to include. In each case a line:
-
-x509_extensions = extension_section
-
-indicates which section contains the extensions. In the case of 'req' the
-extension section is used when the -x509 option is present to create a
-self signed root certificate.
-
-The 'x509' utility also supports extensions when it signs a certificate.
-The -extfile option is used to set the configuration file containing the
-extensions. In this case a line with:
-
-extensions = extension_section
-
-in the nameless (default) section is used. If no such line is included then
-it uses the default section.
-
-You can also add extensions to CRLs: a line
-
-crl_extensions = crl_extension_section
-
-will include extensions when the -gencrl option is used with the 'ca' utility.
-You can add any extension to a CRL but of the supported extensions only
-issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
-CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
-CRL entry extensions can be displayed.
-
-NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
-you should not include a crl_extensions line in the configuration file.
-
-As with all configuration files you can use the inbuilt environment expansion
-to allow the values to be passed in the environment. Therefore if you have
-several extension sections used for different purposes you can have a line:
-
-x509_extensions = $ENV::ENV_EXT
-
-and set the ENV_EXT environment variable before calling the relevant utility.
-
-EXTENSION SYNTAX.
-
-Extensions have the basic form:
-
-extension_name=[critical,] extension_options
-
-the use of the critical option makes the extension critical. Extreme caution
-should be made when using the critical flag. If an extension is marked
-as critical then any client that does not understand the extension should
-reject it as invalid. Some broken software will reject certificates which
-have *any* critical extensions (these violates PKIX but we have to live
-with it).
-
-There are three main types of extension: string extensions, multi-valued
-extensions, and raw extensions.
-
-String extensions simply have a string which contains either the value itself
-or how it is obtained.
-
-For example:
-
-nsComment="This is a Comment"
-
-Multi-valued extensions have a short form and a long form. The short form
-is a list of names and values:
-
-basicConstraints=critical,CA:true,pathlen:1
-
-The long form allows the values to be placed in a separate section:
-
-basicConstraints=critical,@bs_section
-
-[bs_section]
-
-CA=true
-pathlen=1
-
-Both forms are equivalent. However it should be noted that in some cases the
-same name can appear multiple times, for example,
-
-subjectAltName=email:steve@here,email:steve@there
-
-in this case an equivalent long form is:
-
-subjectAltName=@alt_section
-
-[alt_section]
-
-email.1=steve@here
-email.2=steve@there
-
-This is because the configuration file code cannot handle the same name
-occurring twice in the same section.
-
-The syntax of raw extensions is governed by the extension code: it can
-for example contain data in multiple sections. The correct syntax to
-use is defined by the extension code itself: check out the certificate
-policies extension for an example.
-
-In addition it is also possible to use the word DER to include arbitrary
-data in any extension.
-
-1.2.3.4=critical,DER:01:02:03:04
-1.2.3.4=DER:01020304
-
-The value following DER is a hex dump of the DER encoding of the extension
-Any extension can be placed in this form to override the default behaviour.
-For example:
-
-basicConstraints=critical,DER:00:01:02:03
-
-WARNING: DER should be used with caution. It is possible to create totally
-invalid extensions unless care is taken.
-
-CURRENTLY SUPPORTED EXTENSIONS.
-
-If you aren't sure about extensions then they can be largely ignored: its only
-when you want to do things like restrict certificate usage when you need to
-worry about them. 
-
-The only extension that a beginner might want to look at is Basic Constraints.
-If in addition you want to try Netscape object signing the you should also
-look at Netscape Certificate Type.
-
-Literal String extensions.
-
-In each case the 'value' of the extension is placed directly in the
-extension. Currently supported extensions in this category are: nsBaseUrl,
-nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
-nsSslServerName and nsComment.
-
-For example:
-
-nsComment="This is a test comment"
-
-Bit Strings.
-
-Bit string extensions just consist of a list of supported bits, currently
-two extensions are in this category: PKIX keyUsage and the Netscape specific
-nsCertType.
-
-nsCertType (netscape certificate type) takes the flags: client, server, email,
-objsign, reserved, sslCA, emailCA, objCA.
-
-keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
-keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
-encipherOnly, decipherOnly.
-
-For example:
-
-nsCertType=server
-
-keyUsage=digitalSignature, nonRepudiation
-
-Hints on Netscape Certificate Type.
-
-Other than Basic Constraints this is the only extension a beginner might
-want to use, if you want to try Netscape object signing, otherwise it can
-be ignored.
-
-If you want a certificate that can be used just for object signing then:
-
-nsCertType=objsign
-
-will do the job. If you want to use it as a normal end user and server
-certificate as well then
-
-nsCertType=objsign,email,server
-
-is more appropriate. You cannot use a self signed certificate for object
-signing (well Netscape signtool can but it cheats!) so you need to create
-a CA certificate and sign an end user certificate with it.
-
-Side note: If you want to conform to the Netscape specifications then you
-should really also set:
-
-nsCertType=objCA
-
-in the *CA* certificate for just an object signing CA and
-
-nsCertType=objCA,emailCA,sslCA
-
-for everything. Current Netscape software doesn't enforce this so it can
-be omitted.
-
-Basic Constraints.
-
-This is generally the only extension you need to worry about for simple
-applications. If you want your certificate to be usable as a CA certificate
-(in addition to an end user certificate) then you set this to:
-
-basicConstraints=CA:TRUE
-
-if you want to be certain the certificate cannot be used as a CA then do:
-
-basicConstraints=CA:FALSE
-
-The rest of this section describes more advanced usage.
-
-Basic constraints is a multi-valued extension that supports a CA and an
-optional pathlen option. The CA option takes the values true and false and
-pathlen takes an integer. Note if the CA option is false the pathlen option
-should be omitted. 
-
-The pathlen parameter indicates the maximum number of CAs that can appear
-below this one in a chain. So if you have a CA with a pathlen of zero it can
-only be used to sign end user certificates and not further CAs. This all
-assumes that the software correctly interprets this extension of course.
-
-Examples:
-
-basicConstraints=CA:TRUE
-basicConstraints=critical,CA:TRUE, pathlen:0
-
-NOTE: for a CA to be considered valid it must have the CA option set to
-TRUE. An end user certificate MUST NOT have the CA value set to true.
-According to PKIX recommendations it should exclude the extension entirely,
-however some software may require CA set to FALSE for end entity certificates.
-
-Extended Key Usage.
-
-This extensions consists of a list of usages.
-
-These can either be object short names of the dotted numerical form of OIDs.
-While any OID can be used only certain values make sense. In particular the
-following PKIX, NS and MS values are meaningful:
-
-Value			Meaning
------			-------
-serverAuth		SSL/TLS Web Server Authentication.
-clientAuth		SSL/TLS Web Client Authentication.
-codeSigning		Code signing.
-emailProtection		E-mail Protection (S/MIME).
-timeStamping		Trusted Timestamping
-msCodeInd		Microsoft Individual Code Signing (authenticode)
-msCodeCom		Microsoft Commercial Code Signing (authenticode)
-msCTLSign		Microsoft Trust List Signing
-msSGC			Microsoft Server Gated Crypto
-msEFS			Microsoft Encrypted File System
-nsSGC			Netscape Server Gated Crypto
-
-For example, under IE5 a CA can be used for any purpose: by including a list
-of the above usages the CA can be restricted to only authorised uses.
-
-Note: software packages may place additional interpretations on certificate 
-use, in particular some usages may only work for selected CAs. Don't for example
-expect just including msSGC or nsSGC will automatically mean that a certificate
-can be used for SGC ("step up" encryption) otherwise anyone could use it.
-
-Examples:
-
-extendedKeyUsage=critical,codeSigning,1.2.3.4
-extendedKeyUsage=nsSGC,msSGC
-
-Subject Key Identifier.
-
-This is really a string extension and can take two possible values. Either
-a hex string giving details of the extension value to include or the word
-'hash' which then automatically follow PKIX guidelines in selecting and
-appropriate key identifier. The use of the hex string is strongly discouraged.
-
-Example: subjectKeyIdentifier=hash
-
-Authority Key Identifier.
-
-The authority key identifier extension permits two options. keyid and issuer:
-both can take the optional value "always".
-
-If the keyid option is present an attempt is made to copy the subject key
-identifier from the parent certificate. If the value "always" is present
-then an error is returned if the option fails.
-
-The issuer option copies the issuer and serial number from the issuer
-certificate. Normally this will only be done if the keyid option fails or
-is not included: the "always" flag will always include the value.
-
-Subject Alternative Name.
-
-The subject alternative name extension allows various literal values to be
-included in the configuration file. These include "email" (an email address)
-"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
-registered ID: OBJECT IDENTIFIER) and IP (and IP address).
-
-Also the email option include a special 'copy' value. This will automatically
-include and email addresses contained in the certificate subject name in
-the extension.
-
-Examples:
-
-subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
-subjectAltName=email:my@other.address,RID:1.2.3.4
-
-Issuer Alternative Name.
-
-The issuer alternative name option supports all the literal options of
-subject alternative name. It does *not* support the email:copy option because
-that would not make sense. It does support an additional issuer:copy option
-that will copy all the subject alternative name values from the issuer 
-certificate (if possible).
-
-Example:
-
-issuserAltName = issuer:copy
-
-Authority Info Access.
-
-The authority information access extension gives details about how to access
-certain information relating to the CA. Its syntax is accessOID;location
-where 'location' has the same syntax as subject alternative name (except
-that email:copy is not supported). accessOID can be any valid OID but only
-certain values are meaningful for example OCSP and caIssuers. OCSP gives the
-location of an OCSP responder: this is used by Netscape PSM and other software.
-
-Example:
-
-authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
-authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
-
-CRL distribution points.
-
-This is a multi-valued extension that supports all the literal options of
-subject alternative name. Of the few software packages that currently interpret
-this extension most only interpret the URI option.
-
-Currently each option will set a new DistributionPoint with the fullName
-field set to the given value.
-
-Other fields like cRLissuer and reasons cannot currently be set or displayed:
-at this time no examples were available that used these fields.
-
-If you see this extension with <UNSUPPORTED> when you attempt to print it out
-or it doesn't appear to display correctly then let me know, including the
-certificate (mail me at steve@openssl.org) .
-
-Examples:
-
-crlDistributionPoints=URI:http://www.myhost.com/myca.crl
-crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
-
-Certificate Policies.
-
-This is a RAW extension. It attempts to display the contents of this extension:
-unfortunately this extension is often improperly encoded.
-
-The certificate policies extension will rarely be used in practice: few
-software packages interpret it correctly or at all. IE5 does partially
-support this extension: but it needs the 'ia5org' option because it will
-only correctly support a broken encoding. Of the options below only the
-policy OID, explicitText and CPS options are displayed with IE5.
-
-All the fields of this extension can be set by using the appropriate syntax.
-
-If you follow the PKIX recommendations of not including any qualifiers and just
-using only one OID then you just include the value of that OID. Multiple OIDs
-can be set separated by commas, for example:
-
-certificatePolicies= 1.2.4.5, 1.1.3.4
-
-If you wish to include qualifiers then the policy OID and qualifiers need to
-be specified in a separate section: this is done by using the @section syntax
-instead of a literal OID value.
-
-The section referred to must include the policy OID using the name
-policyIdentifier, cPSuri qualifiers can be included using the syntax:
-
-CPS.nnn=value
-
-userNotice qualifiers can be set using the syntax:
-
-userNotice.nnn=@notice
-
-The value of the userNotice qualifier is specified in the relevant section.
-This section can include explicitText, organization and noticeNumbers
-options. explicitText and organization are text strings, noticeNumbers is a
-comma separated list of numbers. The organization and noticeNumbers options
-(if included) must BOTH be present. If you use the userNotice option with IE5
-then you need the 'ia5org' option at the top level to modify the encoding:
-otherwise it will not be interpreted properly.
-
-Example:
-
-certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
-
-[polsect]
-
-policyIdentifier = 1.3.5.8
-CPS.1="http://my.host.name/"
-CPS.2="http://my.your.name/"
-userNotice.1=@notice
-
-[notice]
-
-explicitText="Explicit Text Here"
-organization="Organisation Name"
-noticeNumbers=1,2,3,4
-
-TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
-according to PKIX it should be of type DisplayText but Verisign uses an 
-IA5STRING and IE5 needs this too.
-
-Display only extensions.
-
-Some extensions are only partially supported and currently are only displayed
-but cannot be set. These include private key usage period, CRL number, and
-CRL reason.
-
-==============================================================================
-		X509V3 Extension code: programmers guide
-==============================================================================
-
-The purpose of the extension code is twofold. It allows an extension to be
-created from a string or structure describing its contents and it prints out an
-extension in a human or machine readable form.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed before calling the extension functions.
-You used to have to call X509V3_add_standard_extensions(); but this is no longer
-required and this function no longer does anything.
-
-void X509V3_EXT_cleanup(void);
-
-This function should be called to cleanup the extension code if any custom
-extensions have been added. If no custom extensions have been added then this
-call does nothing. After this call all custom extension code is freed up but
-you can still use the standard extensions.
-
-2. Printing and parsing extensions.
-
-The simplest way to print out extensions is via the standard X509 printing
-routines: if you use the standard X509_print() function, the supported
-extensions will be printed out automatically.
-
-The following functions allow finer control over extension display:
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-These two functions print out an individual extension to a BIO or FILE pointer.
-Currently the flag argument is unused and should be set to 0. The 'indent'
-argument is the number of spaces to indent each line.
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-
-This function parses an extension and returns its internal structure. The
-precise structure you get back depends on the extension being parsed. If the
-extension if basicConstraints you will get back a pointer to a
-BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
-details about the structures returned. The returned structure should be freed
-after use using the relevant free function, BASIC_CONSTRAINTS_free() for 
-example.
-
-void	*	X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-void	*	X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-void	*	X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-void 	*	X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-These functions combine the operations of searching for extensions and
-parsing them. They search a certificate, a CRL a CRL entry or a stack
-of extensions respectively for extension whose NID is 'nid' and return
-the parsed result of NULL if an error occurred. For example:
-
-BASIC_CONSTRAINTS *bs;
-bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
-
-This will search for the basicConstraints extension and either return
-it value or NULL. NULL can mean either the extension was not found, it
-occurred more than once or it could not be parsed.
-
-If 'idx' is NULL then an extension is only parsed if it occurs precisely
-once. This is standard behaviour because extensions normally cannot occur
-more than once. If however more than one extension of the same type can
-occur it can be used to parse successive extensions for example:
-
-int i;
-void *ext;
-
-i = -1;
-for(;;) {
-	ext = X509_get_ext_d2i(x, nid, crit, &idx);
-	if(ext == NULL) break;
-	 /* Do something with ext */
-}
-
-If 'crit' is not NULL and the extension was found then the int it points to
-is set to 1 for critical extensions and 0 for non critical. Therefore if the
-function returns NULL but 'crit' is set to 0 or 1 then the extension was
-found but it could not be parsed.
-
-The int pointed to by crit will be set to -1 if the extension was not found
-and -2 if the extension occurred more than once (this will only happen if
-idx is NULL). In both cases the function will return NULL.
-
-3. Generating extensions.
-
-An extension will typically be generated from a configuration file, or some
-other kind of configuration database.
-
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-								 X509 *cert);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-								 X509_CRL *crl);
-
-These functions add all the extensions in the given section to the given
-certificate or CRL. They will normally be called just before the certificate
-or CRL is due to be signed. Both return 0 on error on non zero for success.
-
-In each case 'conf' is the LHASH pointer of the configuration file to use
-and 'section' is the section containing the extension details.
-
-See the 'context functions' section for a description of the ctx parameter.
-
-
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
-								 char *value);
-
-This function returns an extension based on a name and value pair, if the
-pair will not need to access other sections in a config file (or there is no
-config file) then the 'conf' parameter can be set to NULL.
-
-X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
-								 char *value);
-
-This function creates an extension in the same way as X509V3_EXT_conf() but
-takes the NID of the extension rather than its name.
-
-For example to produce basicConstraints with the CA flag and a path length of
-10:
-
-x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
-
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-
-This function sets up an extension from its internal structure. The ext_nid
-parameter is the NID of the extension and 'crit' is the critical flag.
-
-4. Context functions.
-
-The following functions set and manipulate an extension context structure.
-The purpose of the extension context is to allow the extension code to
-access various structures relating to the "environment" of the certificate:
-for example the issuers certificate or the certificate request.
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-                                 X509_REQ *req, X509_CRL *crl, int flags);
-
-This function sets up an X509V3_CTX structure with details of the certificate
-environment: specifically the issuers certificate, the subject certificate,
-the certificate request and the CRL: if these are not relevant or not
-available then they can be set to NULL. The 'flags' parameter should be set
-to zero.
-
-X509V3_set_ctx_test(ctx)
-
-This macro is used to set the 'ctx' structure to a 'test' value: this is to
-allow the syntax of an extension (or configuration file) to be tested.
-
-X509V3_set_ctx_nodb(ctx)
-
-This macro is used when no configuration database is present.
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
-
-This function is used to set the configuration database when it is an LHASH
-structure: typically a configuration file.
-
-The following functions are used to access a configuration database: they
-should only be used in RAW extensions.
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-
-This function returns the value of the parameter "name" in "section", or NULL
-if there has been an error.
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-
-This function frees up the string returned by the above function.
-
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-
-This function returns a whole section as a STACK_OF(CONF_VALUE) .
-
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-
-This function frees up the STACK returned by the above function.
-
-Note: it is possible to use the extension code with a custom configuration
-database. To do this the "db_meth" element of the X509V3_CTX structure should
-be set to an X509V3_CTX_METHOD structure. This structure contains the following
-function pointers:
-
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-
-these will be called and passed the 'db' element in the X509V3_CTX structure
-to access the database. If a given function is not implemented or not required
-it can be set to NULL.
-
-5. String helper functions.
-
-There are several "i2s" and "s2i" functions that convert structures to and
-from ASCII strings. In all the "i2s" cases the returned string should be
-freed using Free() after use. Since some of these are part of other extension
-code they may take a 'method' parameter. Unless otherwise stated it can be
-safely set to NULL.
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
-
-This returns a hex string from an ASN1_OCTET_STRING.
-
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-
-These return a string decimal representations of an ASN1_INTEGER and an
-ASN1_ENUMERATED type, respectively.
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-                                                   X509V3_CTX *ctx, char *str);
-
-This converts an ASCII hex string to an ASN1_OCTET_STRING.
-
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-
-This converts a decimal ASCII string into an ASN1_INTEGER.
-
-6. Multi valued extension helper functions.
-
-The following functions can be used to manipulate STACKs of CONF_VALUE
-structures, as used by multi valued extensions.
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-
-This function expects a boolean value in 'value' and sets 'asn1_bool' to
-it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
-strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
-"false", "N", "n", "NO" or "no".
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-
-This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
-
-int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This simply adds a string name and value pair.
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-                          			STACK_OF(CONF_VALUE) **extlist);
-
-The same as above but for an unsigned character value.
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This is the same as above except it adds nothing if asn1_bool is FALSE.
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This function adds the value of the ASN1_INTEGER in decimal form.
-
-7. Other helper functions.
-
-<to be added>
-
-ADDING CUSTOM EXTENSIONS.
-
-Currently there are three types of supported extensions. 
-
-String extensions are simple strings where the value is placed directly in the
-extensions, and the string returned is printed out.
-
-Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
-or return a STACK_OF(CONF_VALUE).
-
-Raw extensions are just passed a BIO or a value and it is the extensions
-responsibility to handle all the necessary printing.
-
-There are two ways to add an extension. One is simply as an alias to an already
-existing extension. An alias is an extension that is identical in ASN1 structure
-to an existing extension but has a different OBJECT IDENTIFIER. This can be
-done by calling:
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-
-'nid_to' is the new extension NID and 'nid_from' is the already existing
-extension NID.
-
-Alternatively an extension can be written from scratch. This involves writing
-the ASN1 code to encode and decode the extension and functions to print out and
-generate the extension from strings. The relevant functions are then placed in
-a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-called.
-
-The X509V3_EXT_METHOD structure is described below.
-
-strut {
-int ext_nid;
-int ext_flags;
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-X509V3_EXT_R2I r2i;
-X509V3_EXT_I2R i2r;
-
-void *usr_data;
-};
-
-The elements have the following meanings.
-
-ext_nid		is the NID of the object identifier of the extension.
-
-ext_flags	is set of flags. Currently the only external flag is
-		X509V3_EXT_MULTILINE which means a multi valued extensions
-		should be printed on separate lines.
-
-usr_data	is an extension specific pointer to any relevant data. This
-		allows extensions to share identical code but have different
-		uses. An example of this is the bit string extension which uses
-		usr_data to contain a list of the bit names.
-
-All the remaining elements are function pointers.
-
-ext_new		is a pointer to a function that allocates memory for the
-		extension ASN1 structure: for example ASN1_OBJECT_new().
-
-ext_free	is a pointer to a function that free up memory of the extension
-		ASN1 structure: for example ASN1_OBJECT_free().
-
-d2i		is the standard ASN1 function that converts a DER buffer into
-		the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
-
-i2d		is the standard ASN1 function that converts the internal
-		structure into the DER representation: for example
-		i2d_ASN1_IA5STRING().
-
-The remaining functions are depend on the type of extension. One i2X and
-one X2i should be set and the rest set to NULL. The types set do not need
-to match up, for example the extension could be set using the multi valued
-v2i function and printed out using the raw i2r.
-
-All functions have the X509V3_EXT_METHOD passed to them in the 'method'
-parameter and an X509V3_CTX structure. Extension code can then access the
-parent structure via the 'method' parameter to for example make use of the value
-of usr_data. If the code needs to use detail relating to the request it can
-use the 'ctx' parameter.
-
-A note should be given here about the 'flags' member of the 'ctx' parameter.
-If it has the value CTX_TEST then the configuration syntax is being checked
-and no actual certificate or CRL exists. Therefore any attempt in the config
-file to access such information should silently succeed. If the syntax is OK
-then it should simply return a (possibly bogus) extension, otherwise it
-should return NULL.
-
-char *i2s(struct v3_ext_method *method, void *ext);
-
-This function takes the internal structure in the ext parameter and returns
-a Malloc'ed string representing its value.
-
-void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This function takes the string representation in the ext parameter and returns
-an allocated internal structure: ext_free() will be used on this internal
-structure after use.
-
-i2v and v2i handle a STACK_OF(CONF_VALUE):
-
-typedef struct
-{
-        char *section;
-        char *name;
-        char *value;
-} CONF_VALUE;
-
-Only the name and value members are currently used.
-
-STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
-
-This function is passed the internal structure in the ext parameter and
-returns a STACK of CONF_VALUE structures. The values of name, value,
-section and the structure itself will be freed up with Free after use.
-Several helper functions are available to add values to this STACK.
-
-void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
-						STACK_OF(CONF_VALUE) *values);
-
-This function takes a STACK_OF(CONF_VALUE) structures and should set the
-values of the external structure. This typically uses the name element to
-determine which structure element to set and the value element to determine
-what to set it to. Several helper functions are available for this
-purpose (see above).
-
-int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-
-This function is passed the internal extension structure in the ext parameter
-and sends out a human readable version of the extension to out. The 'indent'
-parameter should be noted to determine the necessary amount of indentation
-needed on the output.
-
-void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This is just passed the string representation of the extension. It is intended
-to be used for more elaborate extensions where the standard single and multi
-valued options are insufficient. They can use the 'ctx' parameter to parse the
-configuration database themselves. See the context functions section for details
-of how to do this.
-
-Note: although this type takes the same parameters as the "r2s" function there
-is a subtle difference. Whereas an "r2i" function can access a configuration
-database an "s2i" function MUST NOT. This is so the internal code can safely
-assume that an "s2i" function will work without a configuration database.
-
-==============================================================================
-                            PKCS#12 Library
-==============================================================================
-
-This section describes the internal PKCS#12 support. There are very few
-differences between the old external library and the new internal code at
-present. This may well change because the external library will not be updated
-much in future.
-
-This version now includes a couple of high level PKCS#12 functions which
-generally "do the right thing" and should make it much easier to handle PKCS#12
-structures.
-
-HIGH LEVEL FUNCTIONS.
-
-For most applications you only need concern yourself with the high level
-functions. They can parse and generate simple PKCS#12 files as produced by
-Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
-private key and certificate pair.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed for the internal PKCS#12 library: the 
-standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
-add all algorithms (you should at least add SHA1 though) then you can manually
-initialise the PKCS#12 library with:
-
-PKCS12_PBE_add();
-
-The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
-called or it can be directly freed with:
-
-EVP_PBE_cleanup();
-
-after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
-be called.
-
-2. I/O functions.
-
-i2d_PKCS12_bio(bp, p12)
-
-This writes out a PKCS12 structure to a BIO.
-
-i2d_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-d2i_PKCS12_bio(bp, p12)
-
-This reads in a PKCS12 structure from a BIO.
-
-d2i_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-3. High level functions.
-
-3.1 Parsing with PKCS12_parse().
-
-int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
-								 STACK **ca);
-
-This function takes a PKCS12 structure and a password (ASCII, null terminated)
-and returns the private key, the corresponding certificate and any CA
-certificates. If any of these is not required it can be passed as a NULL.
-The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
-structure. Typically to read in a PKCS#12 file you might do:
-
-p12 = d2i_PKCS12_fp(fp, NULL);
-PKCS12_parse(p12, password, &pkey, &cert, NULL); 	/* CAs not wanted */
-PKCS12_free(p12);
-
-3.2 PKCS#12 creation with PKCS12_create().
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-			STACK *ca, int nid_key, int nid_cert, int iter,
-						 int mac_iter, int keytype);
-
-This function will create a PKCS12 structure from a given password, name,
-private key, certificate and optional STACK of CA certificates. The remaining
-5 parameters can be set to 0 and sensible defaults will be used.
-
-The parameters nid_key and nid_cert are the key and certificate encryption
-algorithms, iter is the encryption iteration count, mac_iter is the MAC
-iteration count and keytype is the type of private key. If you really want
-to know what these last 5 parameters do then read the low level section.
-
-Typically to create a PKCS#12 file the following could be used:
-
-p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
-i2d_PKCS12_fp(fp, p12);
-PKCS12_free(p12);
-
-3.3 Changing a PKCS#12 structure password.
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-This changes the password of an already existing PKCS#12 structure. oldpass
-is the old password and newpass is the new one. An error occurs if the old
-password is incorrect.
-
-LOW LEVEL FUNCTIONS.
-
-In some cases the high level functions do not provide the necessary
-functionality. For example if you want to generate or parse more complex
-PKCS#12 files. The sample pkcs12 application uses the low level functions
-to display details about the internal structure of a PKCS#12 file.
-
-Introduction.
-
-This is a brief description of how a PKCS#12 file is represented internally:
-some knowledge of PKCS#12 is assumed.
-
-A PKCS#12 object contains several levels.
-
-At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
-CRL, a private key, encrypted or unencrypted, a set of safebags (so the
-structure can be nested) or other secrets (not documented at present). 
-A safebag can optionally have attributes, currently these are: a unicode
-friendlyName (a Unicode string) or a localKeyID (a string of bytes).
-
-At the next level is an authSafe which is a set of safebags collected into
-a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
-
-At the top level is the PKCS12 structure itself which contains a set of
-authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
-contains a MAC which is a kind of password protected digest to preserve
-integrity (so any unencrypted stuff below can't be tampered with).
-
-The reason for these levels is so various objects can be encrypted in various
-ways. For example you might want to encrypt a set of private keys with
-triple-DES and then include the related certificates either unencrypted or
-with lower encryption. Yes it's the dreaded crypto laws at work again which
-allow strong encryption on private keys and only weak encryption on other
-stuff.
-
-To build one of these things you turn all certificates and keys into safebags
-(with optional attributes). You collect the safebags into (one or more) STACKS
-and convert these into authsafes (encrypted or unencrypted).  The authsafes
-are collected into a STACK and added to a PKCS12 structure.  Finally a MAC
-inserted.
-
-Pulling one apart is basically the reverse process. The MAC is verified against
-the given password. The authsafes are extracted and each authsafe split into
-a set of safebags (possibly involving decryption). Finally the safebags are
-decomposed into the original keys and certificates and the attributes used to
-match up private key and certificate pairs.
-
-Anyway here are the functions that do the dirty work.
-
-1. Construction functions.
-
-1.1 Safebag functions.
-
-M_PKCS12_x5092certbag(x509)
-
-This macro takes an X509 structure and returns a certificate bag. The
-X509 structure can be freed up after calling this function.
-
-M_PKCS12_x509crl2certbag(crl)
-
-As above but for a CRL.
-
-PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
-
-Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
-Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
-structure contains a private key data in plain text form it should be free'd
-up as soon as it has been encrypted for security reasons (freeing up the
-structure zeros out the sensitive data). This can be done with
-PKCS8_PRIV_KEY_INFO_free().
-
-PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-
-This sets the key type when a key is imported into MSIE or Outlook 98. Two
-values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
-key that can also be used for signing but its size is limited in the export
-versions of MS software to 512 bits, it is also the default. KEY_SIG is a
-signing only key but the keysize is unlimited (well 16K is supposed to work).
-If you are using the domestic version of MSIE then you can ignore this because
-KEY_EX is not limited and can be used for both.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS8 private key structure into a keybag. This routine embeds the
-p8 structure in the keybag so p8 should not be freed up or used after it is
-called.  The p8 structure will be freed up when the safebag is freed.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
-embedded and can be freed up after use.
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-
-Add a local key id or a friendlyname to a safebag.
-
-1.2 Authsafe functions.
-
-PKCS7 *PKCS12_pack_p7data(STACK *sk)
-Take a stack of safebags and convert them into an unencrypted authsafe. The
-stack of safebags can be freed up after calling this function.
-
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
-
-As above but encrypted.
-
-1.3 PKCS12 functions.
-
-PKCS12 *PKCS12_init(int mode)
-
-Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
-
-M_PKCS12_pack_authsafes(p12, safes)
-
-This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
-
-int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
-
-Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
-that SHA-1 should be used.
-
-2. Extraction Functions.
-
-2.1 Safebags.
-
-M_PKCS12_bag_type(bag)
-
-Return the type of "bag". Returns one of the following
-
-NID_keyBag
-NID_pkcs8ShroudedKeyBag			7
-NID_certBag				8
-NID_crlBag				9
-NID_secretBag				10
-NID_safeContentsBag			11
-
-M_PKCS12_cert_bag_type(bag)
-
-Returns type of certificate bag, following are understood.
-
-NID_x509Certificate			14
-NID_sdsiCertificate			15
-
-M_PKCS12_crl_bag_type(bag)
-
-Returns crl bag type, currently only NID_crlBag is recognised.
-
-M_PKCS12_certbag2x509(bag)
-
-This macro extracts an X509 certificate from a certificate bag.
-
-M_PKCS12_certbag2x509crl(bag)
-
-As above but for a CRL.
-
-EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
-
-Extract a private key from a PKCS8 private key info structure.
-
-M_PKCS12_decrypt_skey(bag, pass, passlen) 
-
-Decrypt a shrouded key bag and return a PKCS8 private key info structure.
-Works with both RSA and DSA keys
-
-char *PKCS12_get_friendlyname(bag)
-
-Returns the friendlyName of a bag if present or NULL if none. The returned
-string is a null terminated ASCII string allocated with Malloc(). It should 
-thus be freed up with Free() after use.
-
-2.2 AuthSafe functions.
-
-M_PKCS12_unpack_p7data(p7)
-
-Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
-
-#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
-
-As above but for an encrypted content info.
-
-2.3 PKCS12 functions.
-
-M_PKCS12_unpack_authsafes(p12)
-
-Extract a STACK of authsafes from a PKCS12 structure.
-
-M_PKCS12_mac_present(p12)
-
-Check to see if a MAC is present.
-
-int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
-
-Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
-
-
-Notes.
-
-1. All the function return 0 or NULL on error.
-2. Encryption based functions take a common set of parameters. These are
-described below.
-
-pass, passlen
-ASCII password and length. The password on the MAC is called the "integrity
-password" the encryption password is called the "privacy password" in the
-PKCS#12 documentation. The passwords do not have to be the same. If -1 is
-passed for the length it is worked out by the function itself (currently
-this is sometimes done whatever is passed as the length but that may change).
-
-salt, saltlen
-A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
-default length is used.
-
-iter
-Iteration count. This is a measure of how many times an internal function is
-called to encrypt the data. The larger this value is the longer it takes, it
-makes dictionary attacks on passwords harder. NOTE: Some implementations do
-not support an iteration count on the MAC. If the password for the MAC and
-encryption is the same then there is no point in having a high iteration
-count for encryption if the MAC has no count. The MAC could be attacked
-and the password used for the main decryption.
-
-pbe_nid
-This is the NID of the password based encryption method used. The following are
-supported.
-NID_pbe_WithSHA1And128BitRC4
-NID_pbe_WithSHA1And40BitRC4
-NID_pbe_WithSHA1And3_Key_TripleDES_CBC
-NID_pbe_WithSHA1And2_Key_TripleDES_CBC
-NID_pbe_WithSHA1And128BitRC2_CBC
-NID_pbe_WithSHA1And40BitRC2_CBC
-
-Which you use depends on the implementation you are exporting to. "Export
-grade" (i.e. cryptographically challenged) products cannot support all
-algorithms. Typically you may be able to use any encryption on shrouded key
-bags but they must then be placed in an unencrypted authsafe. Other authsafes
-may only support 40bit encryption. Of course if you are using SSLeay
-throughout you can strongly encrypt everything and have high iteration counts
-on everything.
-
-3. For decryption routines only the password and length are needed.
-
-4. Unlike the external version the nid's of objects are the values of the
-constants: that is NID_certBag is the real nid, therefore there is no 
-PKCS12_obj_offset() function.  Note the object constants are not the same as
-those of the external version. If you use these constants then you will need
-to recompile your code.
-
-5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or 
-macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
-reused or freed up safely.
-
diff --git a/crypto/openssl/doc/openssl_button.gif b/crypto/openssl/doc/openssl_button.gif
deleted file mode 100644
index 3d3c90c9f849..000000000000
--- a/crypto/openssl/doc/openssl_button.gif
+++ /dev/null
diff --git a/crypto/openssl/doc/openssl_button.html b/crypto/openssl/doc/openssl_button.html
deleted file mode 100644
index 44c91bd3d068..000000000000
--- a/crypto/openssl/doc/openssl_button.html
+++ /dev/null
@@ -1,7 +0,0 @@
-
-<!-- the `Includes OpenSSL Cryptogaphy Software' button      -->
-<!-- freely usable by any application linked against OpenSSL -->
-<a   href="http://www.openssl.org/">
-<img src="openssl_button.gif" 
-     width=102 height=47 border=0></a>
-
diff --git a/crypto/openssl/doc/ssl.pod b/crypto/openssl/doc/ssl.pod
deleted file mode 100644
index 46ee443f5753..000000000000
--- a/crypto/openssl/doc/ssl.pod
+++ /dev/null
@@ -1,633 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-SSL - OpenSSL SSL/TLS library
-
-=head1 SYNOPSIS
-
-=head1 DESCRIPTION
-
-The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
-Transport Layer Security (TLS v1) protocols. It provides a rich API which is
-documented here.
-
-=head1 HEADER FILES
-
-Currently the OpenSSL B<ssl> library provides the following C header files
-containing the prototypes for the data structures and and functions:
-
-=over 4
-
-=item B<ssl.h>
-
-That's the common header file for the SSL/TLS API.  Include it into your
-program to make the API of the B<ssl> library available. It internally
-includes both more private SSL headers and headers from the B<crypto> library.
-Whenever you need hard-core details on the internals of the SSL API, look
-inside this header file.
-
-=item B<ssl2.h>
-
-That's the sub header file dealing with the SSLv2 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl3.h>
-
-That's the sub header file dealing with the SSLv3 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl23.h>
-
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<tls1.h>
-
-That's the sub header file dealing with the TLSv1 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=back
-
-=head1 DATA STRUCTURES
-
-Currently the OpenSSL B<ssl> library functions deals with the following data
-structures:
-
-=over 4
-
-=item B<SSL_METHOD> (SSL Method)
-
-That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
-
-=item B<SSL_CIPHER> (SSL Cipher)
-
-This structure holds the algorithm information for a particular cipher which
-are a core part of the SSL/TLS protocol. The available ciphers are configured
-on a B<SSL_CTX> basis and the actually used ones are then part of the
-B<SSL_SESSION>.
-
-=item B<SSL_CTX> (SSL Context)
-
-That's the global context structure which is created by a server or client
-once per program life-time and which holds mainly default values for the
-B<SSL> structures which are later created for the connections.
-
-=item B<SSL_SESSION> (SSL Session)
-
-This is a structure containing the current SSL session details for a
-connection: B<SSL_CIPHER>s, client and server certificates, keys, etc.
-
-=item B<SSL> (SSL Connection)
-
-That's the main SSL/TLS structure which is created by a server or client per
-established connection. This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
-links to mostly all other structures.
-
-=back
-
-=head1 API FUNCTIONS
-
-Currently the OpenSSL B<ssl> library exports 214 API functions.
-They are documented in the following:
-
-=head2 DEALING WITH PROTOCOL METHODS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol methods defined in B<SSL_METHOD> structures.
-
-=over 4
-
-=item SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
-=item SSL_METHOD *B<SSLv3_client_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<SSLv3_server_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<SSLv3_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
-
-=item SSL_METHOD *B<TLSv1_client_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<TLSv1_server_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<TLSv1_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
-
-=back
-
-=head2 DEALING WITH CIPHERS
-
-Here we document the various API functions which deal with the SSL/TLS
-ciphers defined in B<SSL_CIPHER> structures.
-
-=over 4
-
-=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len);
-
-Write a string to I<buf> (with a maximum size of I<len>) containing a human
-readable description of I<cipher>. Returns I<buf>.
-
-=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits);
-
-Determine the number of bits in I<cipher>. Because of export crippled ciphers
-there are two bits: The bits the algorithm supports in general (stored to
-I<alg_bits>) and the bits which are actually used (the return value).
-
-=item char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
-
-Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
-definitions in the header files.
-
-=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
-
-Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
-SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
-in the specification the first time).
-
-=back
-
-=head2 DEALING WITH PROTOCOL CONTEXTS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol context defined in the B<SSL_CTX> structure.
-
-=over 4
-
-=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x);
-
-=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509);
-
-=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_check_private_key>(SSL_CTX *ctx);
-
-=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
-
-=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t);
-
-=item void B<SSL_CTX_free>(SSL_CTX *a);
-
-=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx);
-
-=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
-
-=item STACK *B<SSL_CTX_get_client_CA_list>(SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-=item char *B<SSL_CTX_get_ex_data>(SSL_CTX *s, int idx);
-
-=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
-
-=item int B<SSL_CTX_get_quiet_shutdown>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
-
-=item long B<SSL_CTX_get_timeout>(SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_verify_callback>(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
-
-=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
-
-=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
-
-=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth);
-
-=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx);
-
-=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);
-
-=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);
-
-=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);
-
-=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
-
-=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
-
-=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));
-
-=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));
-
-=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx);
-
-=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg);
-
-=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs);
-
-=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(SSL_CTX *), char *arg)
-
-=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str);
-
-=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list);
-
-=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
-
-=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void))
-
-=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m);
-
-=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg);
-
-=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));
-
-=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op);
-
-=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
-
-=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
-
-=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth);
-
-=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
-
-=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
-
-=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
-
-=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa);
-
-=item SSL_CTX_set_tmp_rsa_callback
-
-C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));>
-
-Sets the callback which will be called when a temporary private key is
-required. The B<C<export>> flag will be set if the reason for needing
-a temp key is that an export ciphersuite is in use, in which case,
-B<C<keylength>> will contain the required keylength in bits. Generate a key of
-appropriate size (using ???) and return it.
-
-=item SSL_set_tmp_rsa_callback
-
-long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
-
-The same as L<"SSL_CTX_set_tmp_rsa_callback">, except it operates on an SSL
-session instead of a context.
-
-=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
-
-=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
-
-=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
-
-=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
-
-=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
-
-=back
-
-=head2 DEALING WITH SESSIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-sessions defined in the B<SSL_SESSION> structures.
-
-=over 4
-
-=item int B<SSL_SESSION_cmp>(SSL_SESSION *a, SSL_SESSION *b);
-
-=item void B<SSL_SESSION_free>(SSL_SESSION *ss);
-
-=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
-
-=item char *B<SSL_SESSION_get_ex_data>(SSL_SESSION *s, int idx);
-
-=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item long B<SSL_SESSION_get_time>(SSL_SESSION *s);
-
-=item long B<SSL_SESSION_get_timeout>(SSL_SESSION *s);
-
-=item unsigned long B<SSL_SESSION_hash>(SSL_SESSION *a);
-
-=item SSL_SESSION *B<SSL_SESSION_new>(void);
-
-=item int B<SSL_SESSION_print>(BIO *bp, SSL_SESSION *x);
-
-=item int B<SSL_SESSION_print_fp>(FILE *fp, SSL_SESSION *x);
-
-=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
-
-=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg);
-
-=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t);
-
-=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t);
-
-=back
-
-=head2 DEALING WITH CONNECTIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-connection defined in the B<SSL> structure.
-
-=over 4
-
-=item int B<SSL_accept>(SSL *ssl);
-
-=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir);
-
-=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file);
-
-=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x);
-
-=item char *B<SSL_alert_desc_string>(int value);
-
-=item char *B<SSL_alert_desc_string_long>(int value);
-
-=item char *B<SSL_alert_type_string>(int value);
-
-=item char *B<SSL_alert_type_string_long>(int value);
-
-=item int B<SSL_check_private_key>(SSL *ssl);
-
-=item void B<SSL_clear>(SSL *ssl);
-
-=item long B<SSL_clear_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_connect>(SSL *ssl);
-
-=item void B<SSL_copy_session_id>(SSL *t, SSL *f);
-
-=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
-
-=item int B<SSL_do_handshake>(SSL *ssl);
-
-=item SSL *B<SSL_dup>(SSL *ssl);
-
-=item STACK *B<SSL_dup_CA_list>(STACK *sk);
-
-=item void B<SSL_free>(SSL *ssl);
-
-=item SSL_CTX *B<SSL_get_SSL_CTX>(SSL *ssl);
-
-=item char *B<SSL_get_app_data>(SSL *ssl);
-
-=item X509 *B<SSL_get_certificate>(SSL *ssl);
-
-=item SSL_CIPHER *B<SSL_get_cipher>(SSL *ssl);
-
-=item int B<SSL_get_cipher_bits>(SSL *ssl, int *alg_bits);
-
-=item char *B<SSL_get_cipher_list>(SSL *ssl, int n);
-
-=item char *B<SSL_get_cipher_name>(SSL *ssl);
-
-=item char *B<SSL_get_cipher_version>(SSL *ssl);
-
-=item STACK *B<SSL_get_ciphers>(SSL *ssl);
-
-=item STACK *B<SSL_get_client_CA_list>(SSL *ssl);
-
-=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
-
-=item long B<SSL_get_default_timeout>(SSL *ssl);
-
-=item int B<SSL_get_error>(SSL *ssl, int i);
-
-=item char *B<SSL_get_ex_data>(SSL *ssl, int idx);
-
-=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
-
-=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item int B<SSL_get_fd>(SSL *ssl);
-
-=item void (*B<SSL_get_info_callback>(SSL *ssl);)(void)
-
-=item STACK *B<SSL_get_peer_cert_chain>(SSL *ssl);
-
-=item X509 *B<SSL_get_peer_certificate>(SSL *ssl);
-
-=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
-
-=item int B<SSL_get_quiet_shutdown>(SSL *ssl);
-
-=item BIO *B<SSL_get_rbio>(SSL *ssl);
-
-=item int B<SSL_get_read_ahead>(SSL *ssl);
-
-=item SSL_SESSION *B<SSL_get_session>(SSL *ssl);
-
-=item char *B<SSL_get_shared_ciphers>(SSL *ssl, char *buf, int len);
-
-=item int B<SSL_get_shutdown>(SSL *ssl);
-
-=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
-
-=item int B<SSL_get_state>(SSL *ssl);
-
-=item long B<SSL_get_time>(SSL *ssl);
-
-=item long B<SSL_get_timeout>(SSL *ssl);
-
-=item int (*B<SSL_get_verify_callback>(SSL *ssl);)(void)
-
-=item int B<SSL_get_verify_mode>(SSL *ssl);
-
-=item long B<SSL_get_verify_result>(SSL *ssl);
-
-=item char *B<SSL_get_version>(SSL *ssl);
-
-=item BIO *B<SSL_get_wbio>(SSL *ssl);
-
-=item int B<SSL_in_accept_init>(SSL *ssl);
-
-=item int B<SSL_in_before>(SSL *ssl);
-
-=item int B<SSL_in_connect_init>(SSL *ssl);
-
-=item int B<SSL_in_init>(SSL *ssl);
-
-=item int B<SSL_is_init_finished>(SSL *ssl);
-
-=item STACK *B<SSL_load_client_CA_file>(char *file);
-
-=item void B<SSL_load_error_strings>(void);
-
-=item SSL *B<SSL_new>(SSL_CTX *ctx);
-
-=item long B<SSL_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_peek>(SSL *ssl, char *buf, int num);
-
-=item int B<SSL_pending>(SSL *ssl);
-
-=item int B<SSL_read>(SSL *ssl, char *buf, int num);
-
-=item int B<SSL_renegotiate>(SSL *ssl);
-
-=item char *B<SSL_rstate_string>(SSL *ssl);
-
-=item char *B<SSL_rstate_string_long>(SSL *ssl);
-
-=item long B<SSL_session_reused>(SSL *ssl);
-
-=item void B<SSL_set_accept_state>(SSL *ssl);
-
-=item void B<SSL_set_app_data>(SSL *ssl, char *arg);
-
-=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio);
-
-=item int B<SSL_set_cipher_list>(SSL *ssl, char *str);
-
-=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list);
-
-=item void B<SSL_set_connect_state>(SSL *ssl);
-
-=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg);
-
-=item int B<SSL_set_fd>(SSL *ssl, int fd);
-
-=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void))
-
-=item void B<SSL_set_options>(SSL *ssl, unsigned long op);
-
-=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode);
-
-=item void B<SSL_set_read_ahead>(SSL *ssl, int yes);
-
-=item int B<SSL_set_rfd>(SSL *ssl, int fd);
-
-=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session);
-
-=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
-
-=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth);
-
-=item void B<SSL_set_time>(SSL *ssl, long t);
-
-=item void B<SSL_set_timeout>(SSL *ssl, long t);
-
-=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
-
-=item void B<SSL_set_verify_result>(SSL *ssl, long arg);
-
-=item int B<SSL_set_wfd>(SSL *ssl, int fd);
-
-=item int B<SSL_shutdown>(SSL *ssl);
-
-=item int B<SSL_state>(SSL *ssl);
-
-=item char *B<SSL_state_string>(SSL *ssl);
-
-=item char *B<SSL_state_string_long>(SSL *ssl);
-
-=item long B<SSL_total_renegotiations>(SSL *ssl);
-
-=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey);
-
-=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
-
-=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
-
-=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
-
-=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_version>(SSL *ssl);
-
-=item int B<SSL_want>(SSL *ssl);
-
-=item int B<SSL_want_nothing>(SSL *ssl);
-
-=item int B<SSL_want_read>(SSL *ssl);
-
-=item int B<SSL_want_write>(SSL *ssl);
-
-=item int B<SSL_want_x509_lookup>(s);
-
-=item int B<SSL_write>(SSL *ssl, char *buf, int num);
-
-=back
-
-=head1 SEE ALSO
-
-openssl(1), crypto(3)
-
-=head1 HISTORY
-
-The ssl(3) document appeared in OpenSSL 0.9.2
-
-=cut
-
diff --git a/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod b/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod
deleted file mode 100644
index 4b91c63ba0df..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod
+++ /dev/null
@@ -1,112 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
- int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
- char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
- char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int size);
-
-=head1 DESCRIPTION
-
-SSL_CIPHER_get_name() returns a pointer to the name of B<cipher>. If the
-argument is the NULL pointer, a pointer to the constant value "NONE" is
-returned.
-
-SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>. If
-B<alg_bits> is not NULL, it contains the number of bits processed by the
-chosen algorithm. If B<cipher> is NULL, 0 is returned.
-
-SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently
-"SSLv2", "SSLv3", or "TLSv1". If B<cipher> is NULL, "(NONE)" is returned.
-
-SSL_CIPHER_description() returns a textual description of the cipher used
-into the buffer B<buf> of length B<len> provided. B<len> must be at least
-128 bytes, otherwise a pointer to the the string "Buffer too small" is
-returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using
-OPENSSL_malloc(). If the allocation fails, a pointer to the string
-"OPENSSL_malloc Error" is returned.
-
-=head1 NOTES
-
-The number of bits processed can be different from the secret bits. An
-export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The algorithm
-does use the full 128 bits (which would be returned for B<alg_bits>), of
-which however 88bits are fixed. The search space is hence only 40 bits.
-
-The string returned by SSL_CIPHER_description() in case of success consists
-of cleartext information separated by one or more blanks in the following
-sequence:
-
-=over 4
-
-=item <ciphername>
-
-Textual representation of the cipher name.
-
-=item <protocol version>
-
-Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3.
-
-=item Kx=<key exchange>
-
-Key exchange method: B<RSA> (for export ciphers as B<RSA(512)> or
-B<RSA(1024)>), B<DH> (for export ciphers as B<DH(512)> or B<DH(1024)>),
-B<DH/RSA>, B<DH/DSS>, B<Fortezza>.
-
-=item Au=<authentication>
-
-Authentication method: B<RSA>, B<DSS>, B<DH>, B<None>. None is the
-representation of anonymous ciphers.
-
-=item Enc=<symmetric encryption method>
-
-Encryption method with number of secret bits: B<DES(40)>, B<DES(56)>,
-B<3DES(168)>, B<RC4(40)>, B<RC4(56)>, B<RC4(64)>, B<RC4(128)>,
-B<RC2(40)>, B<RC2(56)>, B<RC2(128)>, B<IDEA(128)>, B<Fortezza>, B<None>.
-
-=item Mac=<message authentication code>
-
-Message digest: B<MD5>, B<SHA1>.
-
-=item <export flag>
-
-If the cipher is flagged exportable with respect to old US crypto
-regulations, the word "B<export>" is printed.
-
-=back
-
-=head1 EXAMPLES
-
-Some examples for the output of SSL_CIPHER_description():
-
- EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
- EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
- RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
- EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
-
-=head1 BUGS
-
-If SSL_CIPHER_description() is called with B<cipher> being NULL, the
-library crashes.
-
-If SSL_CIPHER_description() cannot handle a built-in cipher, the according
-description of the cipher property is B<unknown>. This case should not
-occur.
-
-=head1 RETURN VALUES
-
-See DESCRIPTION
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>,
-L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_COMP_add_compression_method.pod b/crypto/openssl/doc/ssl/SSL_COMP_add_compression_method.pod
deleted file mode 100644
index 2a987391147c..000000000000
--- a/crypto/openssl/doc/ssl/SSL_COMP_add_compression_method.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_COMP_add_compression_method - handle SSL/TLS integrated compression methods
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-
-=head1 DESCRIPTION
-
-SSL_COMP_add_compression_method() adds the compression method B<cm> with
-the identifier B<id> to the list of available compression methods. This
-list is globally maintained for all SSL operations within this application.
-It cannot be set for specific SSL_CTX or SSL objects.
-
-=head1 NOTES
-
-The TLS standard (or SSLv3) allows the integration of compression methods
-into the communication. The TLS RFC does however not specify compression
-methods or their corresponding identifiers, so there is currently no compatible
-way to integrate compression with unknown peers. It is therefore currently not
-recommended to integrate compression into applications. Applications for
-non-public use may agree on certain compression methods. Using different
-compression methods with the same identifier will lead to connection failure.
-
-An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
-will unconditionally send the list of all compression methods enabled with
-SSL_COMP_add_compression_method() to the server during the handshake.
-Unlike the mechanisms to set a cipher list, there is no method available to
-restrict the list of compression method on a per connection basis.
-
-An OpenSSL server will match the identifiers listed by a client against
-its own compression methods and will unconditionally activate compression
-when a matching identifier is found. There is no way to restrict the list
-of compression methods supported on a per connection basis.
-
-The OpenSSL library has the compression methods B<COMP_rle()> and (when
-especially enabled during compilation) B<COMP_zlib()> available.
-
-=head1 WARNINGS
-
-Once the identities of the compression methods for the TLS protocol have
-been standardized, the compression API will most likely be changed. Using
-it in the current state is not recommended.
-
-=head1 RETURN VALUES
-
-SSL_COMP_add_compression_method() may return the following values:
-
-=over 4
-
-=item 1
-
-The operation succeeded.
-
-=item 0
-
-The operation failed. Check the error queue to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod b/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
deleted file mode 100644
index ee28f5ccc3a3..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_add_extra_chain_cert - add certificate to chain
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_add_extra_chain_cert(SSL_CTX ctx, X509 *x509)
-
-=head1 DESCRIPTION
-
-SSL_CTX_add_extra_chain_cert() adds the certificate B<x509> to the certificate
-chain presented together with the certificate. Several certificates
-can be added one after the other.
-
-=head1 NOTES
-
-When constructing the certificate chain, the chain will be formed from
-these certificates explicitly specified. If no chain is specified,
-the library will try to complete the chain from the available CA
-certificates in the trusted CA storage, see
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
-
-=head1 RETURN VALUES
-
-SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the
-error stack to find out the reason for failure otherwise.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod b/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod
deleted file mode 100644
index 82676b26b239..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_add_session, SSL_add_session, SSL_CTX_remove_session, SSL_remove_session - manipulate session cache
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
- int SSL_add_session(SSL_CTX *ctx, SSL_SESSION *c);
-
- int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
- int SSL_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
-
-=head1 DESCRIPTION
-
-SSL_CTX_add_session() adds the session B<c> to the context B<ctx>. The
-reference count for session B<c> is incremented by 1. If a session with
-the same session id already exists, the old session is removed by calling
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
-
-SSL_CTX_remove_session() removes the session B<c> from the context B<ctx>.
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> is called once for B<c>.
-
-SSL_add_session() and SSL_remove_session() are synonyms for their
-SSL_CTX_*() counterparts.
-
-=head1 NOTES
-
-When adding a new session to the internal session cache, it is examined
-whether a session with the same session id already exists. In this case
-it is assumed that both sessions are identical. If the same session is
-stored in a different SSL_SESSION object, The old session is
-removed and replaced by the new session. If the session is actually
-identical (the SSL_SESSION object is identical), SSL_CTX_add_session()
-is a no-op, and the return value is 0.
-
-If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE
-flag then the internal cache will not be populated automatically by new
-sessions negotiated by the SSL/TLS implementation, even though the internal
-cache will be searched automatically for session-resume requests (the
-latter can be surpressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
-application can use SSL_CTX_add_session() directly to have full control
-over the sessions that can be resumed if desired.
-
-
-=head1 RETURN VALUES
-
-The following values are returned by all functions:
-
-=over 4
-
-=item 0
-
- The operation failed. In case of the add operation, it was tried to add
- the same (identical) session twice. In case of the remove operation, the
- session was not found in the cache.
-
-=item 1
- 
- The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod b/crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod
deleted file mode 100644
index fb6adcf50c16..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
- long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
-
- long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
- long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());
-
-=head1 DESCRIPTION
-
-The SSL_*_ctrl() family of functions is used to manipulate settings of
-the SSL_CTX and SSL objects. Depending on the command B<cmd> the arguments
-B<larg>, B<parg>, or B<fp> are evaluated. These functions should never
-be called directly. All functionalities needed are made available via
-other functions or macros.
-
-=head1 RETURN VALUES
-
-The return values of the SSL*_ctrl() functions depend on the command
-supplied via the B<cmd> parameter.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_flush_sessions.pod b/crypto/openssl/doc/ssl/SSL_CTX_flush_sessions.pod
deleted file mode 100644
index 148c36c87151..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_flush_sessions.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_flush_sessions, SSL_flush_sessions - remove expired sessions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
- void SSL_flush_sessions(SSL_CTX *ctx, long tm);
-
-=head1 DESCRIPTION
-
-SSL_CTX_flush_sessions() causes a run through the session cache of
-B<ctx> to remove sessions expired at time B<tm>.
-
-SSL_flush_sessions() is a synonym for SSL_CTX_flush_sessions().
-
-=head1 NOTES
-
-If enabled, the internal session cache will collect all sessions established
-up to the specified maximum number (see SSL_CTX_sess_set_cache_size()).
-As sessions will not be reused ones they are expired, they should be
-removed from the cache to save resources. This can either be done
- automatically whenever 255 new sessions were established (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
-or manually by calling SSL_CTX_flush_sessions(). 
-
-The parameter B<tm> specifies the time which should be used for the
-expiration test, in most cases the actual time given by time(0)
-will be used.
-
-SSL_CTX_flush_sessions() will only check sessions stored in the internal
-cache. When a session is found and removed, the remove_session_cb is however
-called to synchronize with the external cache (see
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
-
-=head1 RETURN VALUES
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_free.pod b/crypto/openssl/doc/ssl/SSL_CTX_free.pod
deleted file mode 100644
index 55e592f5f826..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_free.pod
+++ /dev/null
@@ -1,31 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_free - free an allocated SSL_CTX object
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_free(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_free() decrements the reference count of B<ctx>, and removes the
-SSL_CTX object pointed to by B<ctx> and frees up the allocated memory if the
-the reference count has reached 0.
-
-It also calls the free()ing procedures for indirectly affected items, if
-applicable: the session cache, the list of ciphers, the list of Client CAs,
-the certificates and keys.
-
-=head1 RETURN VALUES
-
-SSL_CTX_free() does not provide diagnostic information.
-
-=head1 SEE ALSO
-
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_get_ex_new_index.pod b/crypto/openssl/doc/ssl/SSL_CTX_get_ex_new_index.pod
deleted file mode 100644
index 5686faf29982..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_get_ex_new_index.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data - internal application specific data functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_get_ex_new_index(long argl, void *argp,
-                CRYPTO_EX_new *new_func,
-                CRYPTO_EX_dup *dup_func,
-                CRYPTO_EX_free *free_func);
-
- int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg);
-
- void *SSL_CTX_get_ex_data(SSL_CTX *ctx, int idx);
-
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-
-SSL_CTX_get_ex_new_index() is used to register a new index for application
-specific data.
-
-SSL_CTX_set_ex_data() is used to store application data at B<arg> for B<idx>
-into the B<ctx> object.
-
-SSL_CTX_get_ex_data() is used to retrieve the information for B<idx> from
-B<ctx>.
-
-A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
-The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_get_verify_mode.pod b/crypto/openssl/doc/ssl/SSL_CTX_get_verify_mode.pod
deleted file mode 100644
index 7f10c6e94509..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_get_verify_mode.pod
+++ /dev/null
@@ -1,50 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
- int SSL_get_verify_mode(SSL *ssl);
- int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
- int SSL_get_verify_depth(SSL *ssl);
- int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int, X509_STORE_CTX *);
- int (*SSL_get_verify_callback(SSL *ssl))(int, X509_STORE_CTX *);
-
-=head1 DESCRIPTION
-
-SSL_CTX_get_verify_mode() returns the verification mode currently set in
-B<ctx>.
-
-SSL_get_verify_mode() returns the verification mode currently set in
-B<ssl>.
-
-SSL_CTX_get_verify_depth() returns the verification depth limit currently set
-in B<ctx>. If no limit has been explicitly set, -1 is returned and the
-default value will be used.
-
-SSL_get_verify_depth() returns the verification depth limit currently set
-in B<ssl>. If no limit has been explicitly set, -1 is returned and the
-default value will be used.
-
-SSL_CTX_get_verify_callback() returns a function pointer to the verification
-callback currently set in B<ctx>. If no callback was explicitly set, the
-NULL pointer is returned and the default callback will be used.
-
-SSL_get_verify_callback() returns a function pointer to the verification
-callback currently set in B<ssl>. If no callback was explicitly set, the
-NULL pointer is returned and the default callback will be used.
-
-=head1 RETURN VALUES
-
-See DESCRIPTION
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod b/crypto/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod
deleted file mode 100644
index 84a799fc71dd..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ /dev/null
@@ -1,124 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_load_verify_locations - set default locations for trusted CA
-certificates
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-                                   const char *CApath);
-
-=head1 DESCRIPTION
-
-SSL_CTX_load_verify_locations() specifies the locations for B<ctx>, at
-which CA certificates for verification purposes are located. The certificates
-available via B<CAfile> and B<CApath> are trusted.
-
-=head1 NOTES
-
-If B<CAfile> is not NULL, it points to a file of CA certificates in PEM
-format. The file can contain several CA certificates identified by
-
- -----BEGIN CERTIFICATE-----
- ... (CA certificate in base64 encoding) ...
- -----END CERTIFICATE-----
-
-sequences. Before, between, and after the certificates text is allowed
-which can be used e.g. for descriptions of the certificates.
-
-The B<CAfile> is processed on execution of the SSL_CTX_load_verify_locations()
-function.
-
-If B<CApath> is not NULL, it points to a directory containing CA certificates
-in PEM format. The files each contain one CA certificate. The files are
-looked up by the CA subject name hash value, which must hence be available.
-If more than one CA certificate with the same name hash value exist, the
-extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search
-is performed in the ordering of the extension number, regardless of other
-properties of the certificates.
-Use the B<c_rehash> utility to create the necessary links.
-
-The certificates in B<CApath> are only looked up when required, e.g. when
-building the certificate chain or when actually performing the verification
-of a peer certificate.
-
-When looking up CA certificates, the OpenSSL library will first search the
-certificates in B<CAfile>, then those in B<CApath>. Certificate matching
-is done based on the subject name, the key identifier (if present), and the
-serial number as taken from the certificate to be verified. If these data
-do not match, the next certificate will be tried. If a first certificate
-matching the parameters is found, the verification process will be performed;
-no other certificates for the same parameters will be searched in case of
-failure.
-
-In server mode, when requesting a client certificate, the server must send
-the list of CAs of which it will accept client certificates. This list
-is not influenced by the contents of B<CAfile> or B<CApath> and must
-explicitly be set using the
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
-family of functions.
-
-When building its own certificate chain, an OpenSSL client/server will
-try to fill in missing certificates from B<CAfile>/B<CApath>, if the
-certificate chain was not explicitly specified (see
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>.
-
-=head1 WARNINGS
-
-If several CA certificates matching the name, key identifier, and serial
-number condition are available, only the first one will be examined. This
-may lead to unexpected results if the same CA certificate is available
-with different expiration dates. If a "certificate expired" verification
-error occurs, no other certificate will be searched. Make sure to not
-have expired certificates mixed with valid ones.
-
-=head1 EXAMPLES
-
-Generate a CA certificate file with descriptive text from the CA certificates
-ca1.pem ca2.pem ca3.pem:
-
- #!/bin/sh
- rm CAfile.pem
- for i in ca1.pem ca2.pem ca3.pem ; do
-   openssl x509 -in $i -text >> CAfile.pem
- done
-
-Prepare the directory /some/where/certs containing several CA certificates
-for use as B<CApath>:
-
- cd /some/where/certs
- c_rehash .
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 0
-
-The operation failed because B<CAfile> and B<CApath> are NULL or the
-processing at one of the locations specified failed. Check the error
-stack to find out the reason.
-
-=item 1
-
-The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_new.pod b/crypto/openssl/doc/ssl/SSL_CTX_new.pod
deleted file mode 100644
index 465220a75c0a..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_new.pod
+++ /dev/null
@@ -1,94 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
-
-=head1 DESCRIPTION
-
-SSL_CTX_new() creates a new B<SSL_CTX> object as framework to establish
-TLS/SSL enabled connections.
-
-=head1 NOTES
-
-The SSL_CTX object uses B<method> as connection method. The methods exist
-in a generic type (for client and server use), a server only type, and a
-client only type. B<method> can be of the following types:
-
-=over 4
-
-=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand
-the SSLv2 protocol. A client will send out SSLv2 client hello messages
-and will also indicate that it only understand SSLv2. A server will only
-understand SSLv2 client hello messages.
-
-=item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand the
-SSLv3 protocol. A client will send out SSLv3 client hello messages
-and will indicate that it only understands SSLv3. A server will only understand
-SSLv3 client hello messages. This especially means, that it will
-not understand SSLv2 client hello messages which are widely used for
-compatibility reasons, see SSLv23_*_method().
-
-=item TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand the
-TLSv1 protocol. A client will send out TLSv1 client hello messages
-and will indicate that it only understands TLSv1. A server will only understand
-TLSv1 client hello messages. This especially means, that it will
-not understand SSLv2 client hello messages which are widely used for
-compatibility reasons, see SSLv23_*_method(). It will also not understand
-SSLv3 client hello messages.
-
-=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
-
-A TLS/SSL connection established with these methods will understand the SSLv2,
-SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
-and will indicate that it also understands SSLv3 and TLSv1. A server will
-understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
-choice when compatibility is a concern.
-
-=back
-
-The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
-SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the B<SSL_CTX_set_options()> or
-B<SSL_set_options()> functions. Using these options it is possible to choose
-e.g. SSLv23_server_method() and be able to negotiate with all possible
-clients, but to only allow newer protocols like SSLv3 or TLSv1.
-
-SSL_CTX_new() initializes the list of ciphers, the session cache setting,
-the callbacks, the keys and certificates, and the options to its default
-values.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-The creation of a new SSL_CTX object failed. Check the error stack to
-find out the reason.
-
-=item Pointer to an SSL_CTX object
-
-The return value points to an allocated SSL_CTX object.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<ssl(3)|ssl(3)>,  L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_sess_number.pod b/crypto/openssl/doc/ssl/SSL_CTX_sess_number.pod
deleted file mode 100644
index 19aa4e29027b..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_sess_number.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_sess_number(SSL_CTX *ctx);
- long SSL_CTX_sess_connect(SSL_CTX *ctx);
- long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
- long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
- long SSL_CTX_sess_accept(SSL_CTX *ctx);
- long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
- long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
- long SSL_CTX_sess_hits(SSL_CTX *ctx);
- long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
- long SSL_CTX_sess_misses(SSL_CTX *ctx);
- long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
- long SSL_CTX_sess_cache_full(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_sess_number() returns the current number of sessions in the internal
-session cache.
-
-SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in
-client mode.
-
-SSL_CTX_sess_connect_good() returns the number of successfully established
-SSL/TLS sessions in client mode.
-
-SSL_CTX_sess_connect_renegotiate() returns the number of start renegotiations
-in client mode.
-
-SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in
-server mode.
-
-SSL_CTX_sess_accept_good() returns the number of successfully established
-SSL/TLS sessions in server mode.
-
-SSL_CTX_sess_accept_renegotiate() returns the number of start renegotiations
-in server mode.
-
-SSL_CTX_sess_hits() returns the number of successfully reused sessions.
-In client mode a session set with L<SSL_set_session(3)|SSL_set_session(3)>
-successfully reused is counted as a hit. In server mode a session successfully
-retrieved from internal or external cache is counted as a hit.
-
-SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions
-from the external session cache in server mode.
-
-SSL_CTX_sess_misses() returns the number of sessions proposed by clients
-that were not found in the internal session cache in server mode.
-
-SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients
-and either found in the internal or external session cache in server mode,
- but that were invalid due to timeout. These sessions are not included in
-the SSL_CTX_sess_hits() count.
-
-SSL_CTX_sess_cache_full() returns the number of sessions that were removed
-because the maximum session cache size was exceeded.
-
-=head1 RETURN VALUES
-
-The functions return the values indicated in the DESCRIPTION section.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/crypto/openssl/doc/ssl/SSL_CTX_sess_set_cache_size.pod
deleted file mode 100644
index c8b99f4eef09..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_sess_set_cache_size.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session cache size
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, long t);
- long SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_sess_set_cache_size() sets the size of the internal session cache
-of context B<ctx> to B<t>.
-
-SSL_CTX_sess_get_cache_size() returns the currently valid session cache size.
-
-=head1 NOTES
-
-The internal session cache size is SSL_SESSION_CACHE_MAX_SIZE_DEFAULT,
-currently 1024*20, so that up to 20000 sessions can be held. This size
-can be modified using the SSL_CTX_sess_set_cache_size() call. A special
-case is the size 0, which is used for unlimited size.
-
-When the maximum number of sessions is reached, no more new sessions are
-added to the cache. New space may be added by calling
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> to remove
-expired sessions.
-
-If the size of the session cache is reduced and more sessions are already
-in the session cache, old session will be removed at the next time a
-session shall be added. This removal is not synchronized with the
-expiration of sessions.
-
-=head1 RETURN VALUES
-
-SSL_CTX_sess_set_cache_size() returns the previously valid size.
-
-SSL_CTX_sess_get_cache_size() returns the currently valid size.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/crypto/openssl/doc/ssl/SSL_CTX_sess_set_get_cb.pod
deleted file mode 100644
index 7c0b2baf6c5e..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_sess_set_get_cb.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-			      int (*new_session_cb)(SSL *, SSL_SESSION *));
- void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
-	   void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
- void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
-	   SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *));
-
- int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
- void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
- SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *data, int len, int *copy);
-
- int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
- void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
- SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
-	       int len, int *copy);
-
-=head1 DESCRIPTION
-
-SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically
-called whenever a new session was negotiated.
-
-SSL_CTX_sess_set_remove_cb() sets the callback function, which is
-automatically called whenever a session is removed by the SSL engine,
-because it is considered faulty or the session has become obsolete because
-of exceeding the timeout value.
-
-SSL_CTX_sess_set_get_cb() sets the callback function which is called,
-whenever a SSL/TLS client proposed to resume a session but the session
-could not be found in the internal session cache (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
-(SSL/TLS server only.)
-
-SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and
-SSL_CTX_sess_get_get_cb() allow to retrieve the function pointers of the
-provided callback functions. If a callback function has not been set,
-the NULL pointer is returned.
-
-=head1 NOTES
-
-In order to allow external session caching, synchronization with the internal
-session cache is realized via callback functions. Inside these callback
-functions, session can be saved to disk or put into a database using the
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> interface.
-
-The new_session_cb() is called, whenever a new session has been negotiated
-and session caching is enabled (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
-The new_session_cb() is passed the B<ssl> connection and the ssl session
-B<sess>. If the callback returns B<0>, the session will be immediately
-removed again.
-
-The remove_session_cb() is called, whenever the SSL engine removes a session
-from the internal cache. This happens if the session is removed because
-it is expired or when a connection was not shutdown cleanly. The
-remove_session_cb() is passed the B<ctx> and the ssl session B<sess>.
-It does not provide any feedback.
-
-The get_session_cb() is only called on SSL/TLS servers with the session id
-proposed by the client. The get_session_cb() is always called, also when
-session caching was disabled. The get_session_cb() is passed the
-B<ssl> connection, the session id of length B<length> at the memory location
-B<data>. With the parameter B<copy> the callback can require the
-SSL engine to increment the reference count of the SSL_SESSION object,
-Normally the reference count is not incremented and therefore the
-session must not be explicitly freed with
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_sessions.pod b/crypto/openssl/doc/ssl/SSL_CTX_sessions.pod
deleted file mode 100644
index e05aab3c1bc2..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_sessions.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_sessions - access internal session cache
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_sessions() returns a pointer to the lhash databases containing the
-internal session cache for B<ctx>.
-
-=head1 NOTES
-
-The sessions in the internal session cache are kept in an
-L<lhash(3)|lhash(3)> type database. It is possible to directly
-access this database e.g. for searching. In parallel, the sessions
-form a linked list which is maintained separately from the
-L<lhash(3)|lhash(3)> operations, so that the database must not be
-modified directly but by using the
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)> family of functions.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<lhash(3)|lhash(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_cert_store.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_cert_store.pod
deleted file mode 100644
index 3a240c4d3747..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_cert_store.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
- X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_cert_store() sets/replaces the certificate verification storage
-of B<ctx> to/with B<store>. If another X509_STORE object is currently
-set in B<ctx>, it will be X509_STORE_free()ed.
-
-SSL_CTX_get_cert_store() returns a pointer to the current certificate
-verification storage.
-
-=head1 NOTES
-
-In order to verify the certificates presented by the peer, trusted CA
-certificates must be accessed. These CA certificates are made available
-via lookup methods, handled inside the X509_STORE. From the X509_STORE
-the X509_STORE_CTX used when verifying certificates is created.
-
-Typically the trusted certificate store is handled indirectly via using
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
-Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions
-it is possible to manipulate the X509_STORE object beyond the
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-call.
-
-Currently no detailed documentation on how to use the X509_STORE
-object is available. Not all members of the X509_STORE are used when
-the verification takes place. So will e.g. the verify_callback() be
-overridden with the verify_callback() set via the
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> family of functions.
-This document must therefore be updated when documentation about the
-X509_STORE object and its handling becomes available.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_cert_store() does not return diagnostic output.
-
-SSL_CTX_get_cert_store() returns the current setting.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
deleted file mode 100644
index c0f4f8570851..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+++ /dev/null
@@ -1,75 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_cert_verify_callback() sets the verification callback function for
-I<ctx>. SSL objects that are created from I<ctx> inherit the setting valid at
-the time when L<SSL_new(3)|SSL_new(3)> is called.
-
-=head1 NOTES
-
-Whenever a certificate is verified during a SSL/TLS handshake, a verification
-function is called. If the application does not explicitly specify a
-verification callback function, the built-in verification function is used.
-If a verification callback I<callback> is specified via
-SSL_CTX_set_cert_verify_callback(), the supplied callback function is called
-instead. By setting I<callback> to NULL, the default behaviour is restored.
-
-When the verification must be performed, I<callback> will be called with
-the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The 
-argument I<arg> is specified by the application when setting I<callback>.
-
-I<callback> should return 1 to indicate verification success and 0 to
-indicate verification failure. If SSL_VERIFY_PEER is set and I<callback>
-returns 0, the handshake will fail. As the verification procedure may
-allow to continue the connection in case of failure (by always returning 1)
-the verification result must be set in any case using the B<error>
-member of I<x509_store_ctx> so that the calling application will be informed
-about the detailed result of the verification procedure! 
-
-Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
-function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
-
-=head1 WARNINGS
-
-Do not mix the verification callback described in this function with the
-B<verify_callback> function called during the verification process. The
-latter is set using the L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-family of functions.
-
-Providing a complete verification procedure including certificate purpose
-settings etc is a complex task. The built-in procedure is quite powerful
-and in most cases it should be sufficient to modify its behaviour using
-the B<verify_callback> function.
-
-=head1 BUGS
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-
-=head1 HISTORY
-
-Previous to OpenSSL 0.9.7, the I<arg> argument to B<SSL_CTX_set_cert_verify_callback>
-was ignored, and I<callback> was called simply as
- int (*callback)(X509_STORE_CTX *)
-To compile software written for previous versions of OpenSSL, a dummy
-argument will have to be added to I<callback>.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod
deleted file mode 100644
index ed64f6415702..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_cipher_list, SSL_set_cipher_list - choose list of available SSL_CIPHERs
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
- int SSL_set_cipher_list(SSL *ssl, const char *str);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_cipher_list() sets the list of available ciphers for B<ctx>
-using the control string B<str>. The format of the string is described
-in L<ciphers(1)|ciphers(1)>. The list of ciphers is inherited by all
-B<ssl> objects created from B<ctx>.
-
-SSL_set_cipher_list() sets the list of ciphers only for B<ssl>.
-
-=head1 NOTES
-
-The control string B<str> should be universally usable and not depend
-on details of the library configuration (ciphers compiled in). Thus no
-syntax checking takes place. Items that are not recognized, because the
-corresponding ciphers are not compiled in or because they are mistyped,
-are simply ignored. Failure is only flagged if no ciphers could be collected
-at all.
-
-It should be noted, that inclusion of a cipher to be used into the list is
-a necessary condition. On the client side, the inclusion into the list is
-also sufficient. On the server side, additional restrictions apply. All ciphers
-have additional requirements. ADH ciphers don't need a certificate, but
-DH-parameters must have been set. All other ciphers need a corresponding
-certificate and key.
-
-A RSA cipher can only be chosen, when a RSA certificate is available.
-RSA export ciphers with a keylength of 512 bits for the RSA key require
-a temporary 512 bit RSA key, as typically the supplied key has a length
-of 1024 bit (see
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).
-RSA ciphers using EDH need a certificate and key and additional DH-parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
-
-A DSA cipher can only be chosen, when a DSA certificate is available.
-DSA ciphers always use DH key exchange and therefore need DH-parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
-
-When these conditions are not met for any cipher in the list (e.g. a
-client only supports export RSA ciphers with a asymmetric key length
-of 512 bits and the server is not configured to use temporary RSA
-keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
-and the handshake will fail.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
-could be selected and 0 on complete failure.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod
deleted file mode 100644
index 632b556d1262..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod
+++ /dev/null
@@ -1,94 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_CTX_add_client_CA,
-SSL_add_client_CA - set list of CAs sent to the client when requesting a
-client certificate
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
- 
- void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
- void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
- int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
- int SSL_add_client_CA(SSL *ssl, X509 *cacert);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_client_CA_list() sets the B<list> of CAs sent to the client when
-requesting a client certificate for B<ctx>.
-
-SSL_set_client_CA_list() sets the B<list> of CAs sent to the client when
-requesting a client certificate for the chosen B<ssl>, overriding the
-setting valid for B<ssl>'s SSL_CTX object.
-
-SSL_CTX_add_client_CA() adds the CA name extracted from B<cacert> to the
-list of CAs sent to the client when requesting a client certificate for
-B<ctx>.
-
-SSL_add_client_CA() adds the CA name extracted from B<cacert> to the
-list of CAs sent to the client when requesting a client certificate for
-the chosen B<ssl>, overriding the setting valid for B<ssl>'s SSL_CTX object.
-
-=head1 NOTES
-
-When a TLS/SSL server requests a client certificate (see
-B<SSL_CTX_set_verify_options()>), it sends a list of CAs, for which
-it will accept certificates, to the client.
-
-This list must explicitly be set using SSL_CTX_set_client_CA_list() for
-B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
-specified overrides the previous setting. The CAs listed do not become
-trusted (B<list> only contains the names, not the complete certificates); use
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 
-to additionally load them for verification.
-
-If the list of acceptable CAs is compiled in a file, the
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>
-function can be used to help importing the necessary data.
-
-SSL_CTX_add_client_CA() and SSL_add_client_CA() can be used to add additional
-items the list of client CAs. If no list was specified before using
-SSL_CTX_set_client_CA_list() or SSL_set_client_CA_list(), a new client
-CA list for B<ctx> or B<ssl> (as appropriate) is opened.
-
-These functions are only useful for TLS/SSL servers.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_client_CA_list() and SSL_set_client_CA_list() do not return
-diagnostic information.
-
-SSL_CTX_add_client_CA() and SSL_add_client_CA() have the following return
-values:
-
-=over 4
-
-=item 1
-
-The operation succeeded.
-
-=item 0
-
-A failure while manipulating the STACK_OF(X509_NAME) object occurred or
-the X509_NAME could not be extracted from B<cacert>. Check the error stack
-to find out the reason.
-
-=back
-
-=head1 EXAMPLES
-
-Scan all certificates in B<CAfile> and list them as acceptable CAs:
-
-  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod
deleted file mode 100644
index 3465b5c7bbaf..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod
+++ /dev/null
@@ -1,94 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client certificate callback function
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
- int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
- int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_client_cert_cb() sets the B<client_cert_cb()> callback, that is
-called when a client certificate is requested by a server and no certificate
-was yet set for the SSL object.
-
-When B<client_cert_cb()> is NULL, no callback function is used.
-
-SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback
-function.
-
-client_cert_cb() is the application defined callback. If it wants to
-set a certificate, a certificate/private key combination must be set
-using the B<x509> and B<pkey> arguments and "1" must be returned. The
-certificate will be installed into B<ssl>, see the NOTES and BUGS sections.
-If no certificate should be set, "0" has to be returned and no certificate
-will be sent. A negative return value will suspend the handshake and the
-handshake function will return immediatly. L<SSL_get_error(3)|SSL_get_error(3)>
-will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was
-suspended. The next call to the handshake function will again lead to the call
-of client_cert_cb(). It is the job of the client_cert_cb() to store information
-about the state of the last call, if required to continue.
-
-=head1 NOTES
-
-During a handshake (or renegotiation) a server may request a certificate
-from the client. A client certificate must only be sent, when the server
-did send the request.
-
-When a certificate was set using the
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)> family of functions,
-it will be sent to the server. The TLS standard requires that only a
-certificate is sent, if it matches the list of acceptable CAs sent by the
-server. This constraint is violated by the default behavior of the OpenSSL
-library. Using the callback function it is possible to implement a proper
-selection routine or to allow a user interaction to choose the certificate to
-be sent.
-
-If a callback function is defined and no certificate was yet defined for the
-SSL object, the callback function will be called.
-If the callback function returns a certificate, the OpenSSL library
-will try to load the private key and certificate data into the SSL
-object using the SSL_use_certificate() and SSL_use_private_key() functions.
-Thus it will permanently install the certificate and key for this SSL
-object. It will not be reset by calling L<SSL_clear(3)|SSL_clear(3)>.
-If the callback returns no certificate, the OpenSSL library will not send
-a certificate.
-
-=head1 BUGS
-
-The client_cert_cb() cannot return a complete certificate chain, it can
-only return one client certificate. If the chain only has a length of 2,
-the root CA certificate may be omitted according to the TLS standard and
-thus a standard conforming answer can be sent to the server. For a
-longer chain, the client must send the complete chain (with the option
-to leave out the root CA certificate). This can only be accomplished by
-either adding the intermediate CA certificates into the trusted
-certificate store for the SSL_CTX object (resulting in having to add
-CA certificates that otherwise maybe would not be trusted), or by adding
-the chain certificates using the
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
-function, which is only available for the SSL_CTX object as a whole and that
-therefore probably can only apply for one client certificate, making
-the concept of the callback function (to allow the choice from several
-certificates) questionable.
-
-Once the SSL object has been used in conjunction with the callback function,
-the certificate will be set for the SSL object and will not be cleared
-even when L<SSL_clear(3)|SSL_clear(3)> is being called. It is therefore
-mandatory to destroy the SSL object using L<SSL_free(3)|SSL_free(3)>
-and create a new one to return to the previous state.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
deleted file mode 100644
index 2b87f01ca15f..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata - set passwd callback for encrypted PEM file handling
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
- void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
- int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_default_passwd_cb() sets the default password callback called
-when loading/storing a PEM certificate with encryption.
-
-SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to B<userdata> which
-will be provided to the password callback on invocation.
-
-The pem_passwd_cb(), which must be provided by the application, hands back the
-password to be used during decryption. On invocation a pointer to B<userdata>
-is provided. The pem_passwd_cb must write the password into the provided buffer
-B<buf> which is of size B<size>. The actual length of the password must
-be returned to the calling function. B<rwflag> indicates whether the
-callback is used for reading/decryption (rwflag=0) or writing/encryption
-(rwflag=1).
-
-=head1 NOTES
-
-When loading or storing private keys, a password might be supplied to
-protect the private key. The way this password can be supplied may depend
-on the application. If only one private key is handled, it can be practical
-to have pem_passwd_cb() handle the password dialog interactively. If several
-keys have to be handled, it can be practical to ask for the password once,
-then keep it in memory and use it several times. In the last case, the
-password could be stored into the B<userdata> storage and the
-pem_passwd_cb() only returns the password already stored.
-
-When asking for the password interactively, pem_passwd_cb() can use
-B<rwflag> to check, whether an item shall be encrypted (rwflag=1).
-In this case the password dialog may ask for the same password twice
-for comparison in order to catch typos, that would make decryption
-impossible.
-
-Other items in PEM formatting (certificates) can also be encrypted, it is
-however not usual, as certificate information is considered public.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_default_passwd_cb() and SSL_CTX_set_default_passwd_cb_userdata()
-do not provide diagnostic information.
-
-=head1 EXAMPLES
-
-The following example returns the password provided as B<userdata> to the
-calling function. The password is considered to be a '\0' terminated
-string. If the password does not fit into the buffer, the password is
-truncated.
-
- int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
- {
-  strncpy(buf, (char *)(password), size);
-  buf[size - 1] = '\0';
-  return(strlen(buf));
- }
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_generate_session_id.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_generate_session_id.pod
deleted file mode 100644
index 798e8443a711..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_generate_session_id.pod
+++ /dev/null
@@ -1,150 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id - manipulate generation of SSL session IDs (server only)
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
-                               unsigned int *id_len);
-
- int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
- int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
- int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-				 unsigned int id_len);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_generate_session_id() sets the callback function for generating
-new session ids for SSL/TLS sessions for B<ctx> to be B<cb>.
-
-SSL_set_generate_session_id() sets the callback function for generating
-new session ids for SSL/TLS sessions for B<ssl> to be B<cb>.
-
-SSL_has_matching_session_id() checks, whether a session with id B<id>
-(of length B<id_len>) is already contained in the internal session cache
-of the parent context of B<ssl>.
-
-=head1 NOTES
-
-When a new session is established between client and server, the server
-generates a session id. The session id is an arbitrary sequence of bytes.
-The length of the session id is 16 bytes for SSLv2 sessions and between
-1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical
-but must be unique for the server. Additionally, the session id is
-transmitted in the clear when reusing the session so it must not contain
-sensitive information.
-
-Without a callback being set, an OpenSSL server will generate a unique
-session id from pseudo random numbers of the maximum possible length.
-Using the callback function, the session id can be changed to contain
-additional information like e.g. a host id in order to improve load balancing
-or external caching techniques.
-
-The callback function receives a pointer to the memory location to put
-B<id> into and a pointer to the maximum allowed length B<id_len>. The
-buffer at location B<id> is only guaranteed to have the size B<id_len>.
-The callback is only allowed to generate a shorter id and reduce B<id_len>;
-the callback B<must never> increase B<id_len> or write to the location
-B<id> exceeding the given limit.
-
-If a SSLv2 session id is generated and B<id_len> is reduced, it will be
-restored after the callback has finished and the session id will be padded
-with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions.
-The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> function
-to check, whether the session is of type SSLv2.
-
-The location B<id> is filled with 0x00 before the callback is called, so the
-callback may only fill part of the possible length and leave B<id_len>
-untouched while maintaining reproducibility.
-
-Since the sessions must be distinguished, session ids must be unique.
-Without the callback a random number is used, so that the probability
-of generating the same session id is extremely small (2^128 possible ids
-for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the
-uniqueness of the generated session id, the callback must call
-SSL_has_matching_session_id() and generate another id if a conflict occurs.
-If an id conflict is not resolved, the handshake will fail.
-If the application codes e.g. a unique host id, a unique process number, and
-a unique sequence number into the session id, uniqueness could easily be
-achieved without randomness added (it should however be taken care that
-no confidential information is leaked this way). If the application can not
-guarantee uniqueness, it is recommended to use the maximum B<id_len> and
-fill in the bytes not used to code special information with random data
-to avoid collisions.
-
-SSL_has_matching_session_id() will only query the internal session cache,
-not the external one. Since the session id is generated before the
-handshake is completed, it is not immediately added to the cache. If
-another thread is using the same internal session cache, a race condition
-can occur in that another thread generates the same session id.
-Collisions can also occur when using an external session cache, since
-the external cache is not tested with SSL_has_matching_session_id()
-and the same race condition applies.
-
-When calling SSL_has_matching_session_id() for an SSLv2 session with
-reduced B<id_len>, the match operation will be performed using the
-fixed length required and with a 0x00 padded id.
-
-The callback must return 0 if it cannot generate a session id for whatever
-reason and return 1 on success.
-
-=head1 EXAMPLES
-
-The callback function listed will generate a session id with the
-server id given, and will fill the rest with pseudo random bytes:
-
- const char session_id_prefix = "www-18";
-
- #define MAX_SESSION_ID_ATTEMPTS 10
- static int generate_session_id(const SSL *ssl, unsigned char *id,
-                              unsigned int *id_len)
-      {
-      unsigned int count = 0;
-      const char *version;
-
-      version = SSL_get_version(ssl);
-      if (!strcmp(version, "SSLv2"))
-	  /* we must not change id_len */;
-
-      do      {
-              RAND_pseudo_bytes(id, *id_len);
-              /* Prefix the session_id with the required prefix. NB: If our
-               * prefix is too long, clip it - but there will be worse effects
-               * anyway, eg. the server could only possibly create 1 session
-               * ID (ie. the prefix!) so all future session negotiations will
-               * fail due to conflicts. */
-              memcpy(id, session_id_prefix,
-                      (strlen(session_id_prefix) < *id_len) ?
-                      strlen(session_id_prefix) : *id_len);
-              }
-      while(SSL_has_matching_session_id(ssl, id, *id_len) &&
-              (++count < MAX_SESSION_ID_ATTEMPTS));
-      if(count >= MAX_SESSION_ID_ATTEMPTS)
-              return 0;
-      return 1;
-      }
-
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id()
-always return 1.
-
-SSL_has_matching_session_id() returns 1 if another session with the
-same id is already in the cache.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_version(3)|SSL_get_version(3)>
-
-=head1 HISTORY
-
-SSL_CTX_set_generate_session_id(), SSL_set_generate_session_id()
-and SSL_has_matching_session_id() have been introduced in
-OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_info_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_info_callback.pod
deleted file mode 100644
index 63d0b8d33f87..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_info_callback.pod
+++ /dev/null
@@ -1,153 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
- void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))();
-
- void SSL_set_info_callback(SSL *ssl, void (*callback)());
- void (*SSL_get_info_callback(SSL *ssl))();
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to
-obtain state information for SSL objects created from B<ctx> during connection
-setup and use. The setting for B<ctx> is overridden from the setting for
-a specific SSL object, if specified.
-When B<callback> is NULL, not callback function is used.
-
-SSL_set_info_callback() sets the B<callback> function, that can be used to
-obtain state information for B<ssl> during connection setup and use.
-When B<callback> is NULL, the callback setting currently valid for
-B<ctx> is used.
-
-SSL_CTX_get_info_callback() returns a pointer to the currently set information
-callback function for B<ctx>.
-
-SSL_get_info_callback() returns a pointer to the currently set information
-callback function for B<ssl>.
-
-=head1 NOTES
-
-When setting up a connection and during use, it is possible to obtain state
-information from the SSL/TLS engine. When set, an information callback function
-is called whenever the state changes, an alert appears, or an error occurs.
-
-The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
-The B<where> argument specifies information about where (in which context)
-the callback function was called. If B<ret> is 0, an error condition occurred.
-If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
-information.
-
-B<where> is a bitmask made up of the following bits:
-
-=over 4
-
-=item SSL_CB_LOOP
-
-Callback has been called to indicate state change inside a loop.
-
-=item SSL_CB_EXIT
-
-Callback has been called to indicate error exit of a handshake function.
-(May be soft error with retry option for non-blocking setups.)
-
-=item SSL_CB_READ
-
-Callback has been called during read operation.
-
-=item SSL_CB_WRITE
-
-Callback has been called during write operation.
-
-=item SSL_CB_ALERT
-
-Callback has been called due to an alert being sent or received.
-
-=item SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
-
-=item SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
-
-=item SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
-
-=item SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
-
-=item SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
-
-=item SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
-
-=item SSL_CB_HANDSHAKE_START
-
-Callback has been called because a new handshake is started.
-
-=item SSL_CB_HANDSHAKE_DONE           0x20
-
-Callback has been called because a handshake is finished.
-
-=back
-
-The current state information can be obtained using the
-L<SSL_state_string(3)|SSL_state_string(3)> family of functions.
-
-The B<ret> information can be evaluated using the
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)> family of functions.
-
-=head1 RETURN VALUES
-
-SSL_set_info_callback() does not provide diagnostic information.
-
-SSL_get_info_callback() returns the current setting.
-
-=head1 EXAMPLES
-
-The following example callback function prints state strings, information
-about alerts being handled and error messages to the B<bio_err> BIO.
-
- void apps_ssl_info_callback(SSL *s, int where, int ret)
-	{
-	const char *str;
-	int w;
-
-	w=where& ~SSL_ST_MASK;
-
-	if (w & SSL_ST_CONNECT) str="SSL_connect";
-	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-	else str="undefined";
-
-	if (where & SSL_CB_LOOP)
-		{
-		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
-		}
-	else if (where & SSL_CB_ALERT)
-		{
-		str=(where & SSL_CB_READ)?"read":"write";
-		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
-			str,
-			SSL_alert_type_string_long(ret),
-			SSL_alert_desc_string_long(ret));
-		}
-	else if (where & SSL_CB_EXIT)
-		{
-		if (ret == 0)
-			BIO_printf(bio_err,"%s:failed in %s\n",
-				str,SSL_state_string_long(s));
-		else if (ret < 0)
-			{
-			BIO_printf(bio_err,"%s:error in %s\n",
-				str,SSL_state_string_long(s));
-			}
-		}
-	}
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_state_string(3)|SSL_state_string(3)>,
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_max_cert_list.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_max_cert_list.pod
deleted file mode 100644
index da68cb9fc240..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_max_cert_list.pod
+++ /dev/null
@@ -1,77 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list, - manipulate allowed for the peer's certificate chain
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
- long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
-
- long SSL_set_max_cert_list(SSL *ssl, long size);
- long SSL_get_max_cert_list(SSL *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer's
-certificate chain for all SSL objects created from B<ctx> to be <size> bytes.
-The SSL objects inherit the setting valid for B<ctx> at the time
-L<SSL_new(3)|SSL_new(3)> is being called.
-
-SSL_CTX_get_max_cert_list() returns the currently set maximum size for B<ctx>.
-
-SSL_set_max_cert_list() sets the maximum size allowed for the peer's
-certificate chain for B<ssl> to be <size> bytes. This setting stays valid
-until a new value is set.
-
-SSL_get_max_cert_list() returns the currently set maximum size for B<ssl>.
-
-=head1 NOTES
-
-During the handshake process, the peer may send a certificate chain.
-The TLS/SSL standard does not give any maximum size of the certificate chain.
-The OpenSSL library handles incoming data by a dynamically allocated buffer.
-In order to prevent this buffer from growing without bounds due to data
-received from a faulty or malicious peer, a maximum size for the certificate
-chain is set.
-
-The default value for the maximum certificate chain size is 100kB (30kB
-on the 16bit DOS platform). This should be sufficient for usual certificate
-chains (OpenSSL's default maximum chain length is 10, see
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, and certificates
-without special extensions have a typical size of 1-2kB).
-
-For special applications it can be necessary to extend the maximum certificate
-chain size allowed to be sent by the peer, see e.g. the work on
-"Internet X.509 Public Key Infrastructure Proxy Certificate Profile"
-and "TLS Delegation Protocol" at http://www.ietf.org/ and
-http://www.globus.org/ .
-
-Under normal conditions it should never be necessary to set a value smaller
-than the default, as the buffer is handled dynamically and only uses the
-memory actually required by the data sent by the peer.
-
-If the maximum certificate chain size allowed is exceeded, the handshake will
-fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously
-set value.
-
-SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently
-set value.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=head1 HISTORY
-
-SSL*_set/get_max_cert_list() have been introduced in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod
deleted file mode 100644
index 9822544e5e2d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod
+++ /dev/null
@@ -1,81 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
- long SSL_set_mode(SSL *ssl, long mode);
-
- long SSL_CTX_get_mode(SSL_CTX *ctx);
- long SSL_get_mode(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_mode() adds the mode set via bitmask in B<mode> to B<ctx>.
-Options already set before are not cleared.
-
-SSL_set_mode() adds the mode set via bitmask in B<mode> to B<ssl>.
-Options already set before are not cleared.
-
-SSL_CTX_get_mode() returns the mode set for B<ctx>.
-
-SSL_get_mode() returns the mode set for B<ssl>.
-
-=head1 NOTES
-
-The following mode changes are available:
-
-=over 4
-
-=item SSL_MODE_ENABLE_PARTIAL_WRITE
-
-Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
-when just a single record has been written). When not set (the default),
-SSL_write() will only report success once the complete chunk was written.
-Once SSL_write() returns with r, r bytes have been successfully written
-and the next call to SSL_write() must only send the n-r bytes left,
-imitating the behaviour of write().
-
-=item SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
-
-Make it possible to retry SSL_write() with changed buffer location
-(the buffer contents must stay the same). This is not the default to avoid
-the misconception that non-blocking SSL_write() behaves like
-non-blocking write().
-
-=item SSL_MODE_AUTO_RETRY
-
-Never bother the application with retries if the transport is blocking.
-If a renegotiation take place during normal operation, a
-L<SSL_read(3)|SSL_read(3)> or L<SSL_write(3)|SSL_write(3)> would return
-with -1 and indicate the need to retry with SSL_ERROR_WANT_READ.
-In a non-blocking environment applications must be prepared to handle
-incomplete read/write operations.
-In a blocking environment, applications are not always prepared to
-deal with read/write operations returning without success report. The
-flag SSL_MODE_AUTO_RETRY will cause read/write operations to only
-return after the handshake and successful completion.
-
-=back
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask
-after adding B<mode>.
-
-SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_read(3)|SSL_read(3)>, L<SSL_write(3)|SSL_write(3)>
-
-=head1 HISTORY
-
-SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod
deleted file mode 100644
index 0015e6ea7923..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod
+++ /dev/null
@@ -1,99 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_get_msg_callback_arg - install callback for observing protocol messages
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
- void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
-
- void SSL_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
- void SSL_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to
-define a message callback function I<cb> for observing all SSL/TLS
-protocol messages (such as handshake messages) that are received or
-sent.  SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg()
-can be used to set argument I<arg> to the callback function, which is
-available for arbitrary application use.
-
-SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify
-default settings that will be copied to new B<SSL> objects by
-L<SSL_new(3)|SSL_new(3)>. SSL_set_msg_callback() and
-SSL_set_msg_callback_arg() modify the actual settings of an B<SSL>
-object. Using a B<0> pointer for I<cb> disables the message callback.
-
-When I<cb> is called by the SSL/TLS library for a protocol message,
-the function arguments have the following meaning:
-
-=over 4
-
-=item I<write_p>
-
-This flag is B<0> when a protocol message has been received and B<1>
-when a protocol message has been sent.
-
-=item I<version>
-
-The protocol version according to which the protocol message is
-interpreted by the library. Currently, this is one of
-B<SSL2_VERSION>, B<SSL3_VERSION> and B<TLS1_VERSION> (for SSL 2.0, SSL
-3.0 and TLS 1.0, respectively).
-
-=item I<content_type>
-
-In the case of SSL 2.0, this is always B<0>.  In the case of SSL 3.0
-or TLS 1.0, this is one of the B<ContentType> values defined in the
-protocol specification (B<change_cipher_spec(20)>, B<alert(21)>,
-B<handshake(22)>; but never B<application_data(23)> because the
-callback will only be called for protocol messages).
-
-=item I<buf>, I<len>
-
-I<buf> points to a buffer containing the protocol message, which
-consists of I<len> bytes. The buffer is no longer valid after the
-callback function has returned.
-
-=item I<ssl>
-
-The B<SSL> object that received or sent the message.
-
-=item I<arg>
-
-The user-defined argument optionally defined by
-SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().
-
-=back
-
-=head1 NOTES
-
-Protocol messages are passed to the callback function after decryption
-and fragment collection where applicable. (Thus record boundaries are
-not visible.)
-
-If processing a received protocol message results in an error,
-the callback function may not be called.  For example, the callback
-function will never see messages that are considered too large to be
-processed.
-
-Due to automatic protocol version negotiation, I<version> is not
-necessarily the protocol version used by the sender of the message: If
-a TLS 1.0 ClientHello message is received by an SSL 3.0-only server,
-I<version> will be B<SSL3_VERSION>.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
-
-=head1 HISTORY
-
-SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(),
-SSL_set_msg_callback() and SSL_get_msg_callback_arg() were added in OpenSSL 0.9.7.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
deleted file mode 100644
index f5e2ec355508..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
+++ /dev/null
@@ -1,235 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options - manipulate SSL engine options
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_options(SSL_CTX *ctx, long options);
- long SSL_set_options(SSL *ssl, long options);
-
- long SSL_CTX_get_options(SSL_CTX *ctx);
- long SSL_get_options(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
-Options already set before are not cleared!
-
-SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
-Options already set before are not cleared!
-
-SSL_CTX_get_options() returns the options set for B<ctx>.
-
-SSL_get_options() returns the options set for B<ssl>.
-
-=head1 NOTES
-
-The behaviour of the SSL library can be changed by setting several options.
-The options are coded as bitmasks and can be combined by a logical B<or>
-operation (|). Options can only be added but can never be reset.
-
-SSL_CTX_set_options() and SSL_set_options() affect the (external)
-protocol behaviour of the SSL library. The (internal) behaviour of
-the API can be changed by using the similar
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
-
-During a handshake, the option settings of the SSL object are used. When
-a new SSL object is created from a context using SSL_new(), the current
-option setting is copied. Changes to B<ctx> do not affect already created
-SSL objects. SSL_clear() does not affect the settings.
-
-The following B<bug workaround> options are available:
-
-=over 4
-
-=item SSL_OP_MICROSOFT_SESS_ID_BUG
-
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
-
-=item SSL_OP_NETSCAPE_CHALLENGE_BUG
-
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
-
-=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-
-ssl3.netscape.com:443, first a connection is established with RC4-MD5.
-If it is then resumed, we end up using DES-CBC3-SHA.  It should be
-RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
-
-Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
-It only really shows up when connecting via SSLv2/v3 then reconnecting
-via SSLv3. The cipher list changes....
-
-NEW INFORMATION.  Try connecting with a cipher list of just
-DES-CBC-SHA:RC4-MD5.  For some weird reason, each new connection uses
-RC4-MD5, but a re-connect tries to use DES-CBC-SHA.  So netscape, when
-doing a re-connect, always takes the first cipher in the cipher list.
-
-=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-
-...
-
-=item SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-
-...
-
-=item SSL_OP_MSIE_SSLV2_RSA_PADDING
-
-...
-
-=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-
-...
-
-=item SSL_OP_TLS_D5_BUG
-
-...
-
-=item SSL_OP_TLS_BLOCK_PADDING_BUG
-
-...
-
-=item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-
-Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
-vulnerability affecting CBC ciphers, which cannot be handled by some
-broken SSL implementations.  This option has no effect for connections
-using other ciphers.
-
-=item SSL_OP_ALL
-
-All of the above bug workarounds.
-
-=back
-
-It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround
-options if compatibility with somewhat broken implementations is
-desired.
-
-The following B<modifying> options are available:
-
-=over 4
-
-=item SSL_OP_TLS_ROLLBACK_BUG
-
-Disable version rollback attack detection.
-
-During the client key exchange, the client must send the same information
-about acceptable SSL/TLS protocol levels as during the first hello. Some
-clients violate this rule by adapting to the server's answer. (Example:
-the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server
-only understands up to SSLv3. In this case the client must still use the
-same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect
-to the server's answer and violate the version rollback protection.)
-
-=item SSL_OP_SINGLE_DH_USE
-
-Always create a new key when using temporary/ephemeral DH parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
-This option must be used to prevent small subgroup attacks, when
-the DH parameters were not generated using "strong" primes
-(e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
-If "strong" primes were used, it is not strictly necessary to generate
-a new DH key during each handshake but it is also recommended.
-B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever
-temporary/ephemeral DH parameters are used.
-
-=item SSL_OP_EPHEMERAL_RSA
-
-Always use ephemeral (temporary) RSA key when doing RSA operations
-(see L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).
-According to the specifications this is only done, when a RSA key
-can only be used for signature operations (namely under export ciphers
-with restricted RSA keylength). By setting this option, ephemeral
-RSA keys are always used. This option breaks compatibility with the
-SSL/TLS specifications and may lead to interoperability problems with
-clients and should therefore never be used. Ciphers with EDH (ephemeral
-Diffie-Hellman) key exchange should be used instead.
-
-=item SSL_OP_CIPHER_SERVER_PREFERENCE
-
-When choosing a cipher, use the server's preferences instead of the client
-preferences. When not set, the SSL server will always follow the clients
-preferences. When set, the SSLv3/TLSv1 server will choose following its
-own preferences. Because of the different protocol, for SSLv2 the server
-will send his list of preferences to the client and the client chooses.
-
-=item SSL_OP_PKCS1_CHECK_1
-
-...
-
-=item SSL_OP_PKCS1_CHECK_2
-
-...
-
-=item SSL_OP_NETSCAPE_CA_DN_BUG
-
-If we accept a netscape connection, demand a client cert, have a
-non-self-sighed CA which does not have it's CA in netscape, and the
-browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta 
-
-=item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-
-...
-
-=item SSL_OP_NO_SSLv2
-
-Do not use the SSLv2 protocol.
-
-=item SSL_OP_NO_SSLv3
-
-Do not use the SSLv3 protocol.
-
-=item SSL_OP_NO_TLSv1
-
-Do not use the TLSv1 protocol.
-
-=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-
-When performing renegotiation as a server, always start a new session
-(i.e., session resumption requests are only accepted in the initial
-handshake).  This option is not needed for clients.
-
-=back
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
-after adding B<options>.
-
-SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<dhparam(1)|dhparam(1)>
-
-=head1 HISTORY
-
-B<SSL_OP_CIPHER_SERVER_PREFERENCE> and
-B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in
-OpenSSL 0.9.7.
-
-B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
-enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
-and must be explicitly set.
-
-B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
-Versions up to OpenSSL 0.9.6c do not include the countermeasure that
-can be disabled with this option (in OpenSSL 0.9.6d, it was always
-enabled).
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_quiet_shutdown.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
deleted file mode 100644
index 1d0526d59a3f..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
- int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
-
- void SSL_set_quiet_shutdown(SSL *ssl, int mode);
- int SSL_get_quiet_shutdown(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ctx> to be
-B<mode>. SSL objects created from B<ctx> inherit the B<mode> valid at the time
-L<SSL_new(3)|SSL_new(3)> is called. B<mode> may be 0 or 1.
-
-SSL_CTX_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ctx>.
-
-SSL_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ssl> to be
-B<mode>. The setting stays valid until B<ssl> is removed with
-L<SSL_free(3)|SSL_free(3)> or SSL_set_quiet_shutdown() is called again.
-It is not changed when L<SSL_clear(3)|SSL_clear(3)> is called.
-B<mode> may be 0 or 1.
-
-SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>.
-
-=head1 NOTES
-
-Normally when a SSL connection is finished, the parties must send out
-"close notify" alert messages using L<SSL_shutdown(3)|SSL_shutdown(3)>
-for a clean shutdown.
-
-When setting the "quiet shutdown" flag to 1, L<SSL_shutdown(3)|SSL_shutdown(3)>
-will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.
-(L<SSL_shutdown(3)|SSL_shutdown(3)> then behaves like
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> called with
-SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.)
-The session is thus considered to be shutdown, but no "close notify" alert
-is sent to the peer. This behaviour violates the TLS standard.
-
-The default is normal shutdown behaviour as described by the TLS standard.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return
-diagnostic information.
-
-SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current
-setting.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_session_cache_mode.pod
deleted file mode 100644
index c5d2f43dff15..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+++ /dev/null
@@ -1,137 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable session caching
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);
- long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_session_cache_mode() enables/disables session caching
-by setting the operational mode for B<ctx> to <mode>.
-
-SSL_CTX_get_session_cache_mode() returns the currently used cache mode.
-
-=head1 NOTES
-
-The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse.
-The sessions can be held in memory for each B<ctx>, if more than one
-SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX
-object.
-
-In order to reuse a session, a client must send the session's id to the
-server. It can only send exactly one id.  The server then either 
-agrees to reuse the session or it starts a full handshake (to create a new
-session).
-
-A server will lookup up the session in its internal session storage. If the
-session is not found in internal storage or lookups for the internal storage
-have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try
-the external storage if available.
-
-Since a client may try to reuse a session intended for use in a different
-context, the session id context must be set by the server (see
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>).
-
-The following session cache modes and modifiers are available:
-
-=over 4
-
-=item SSL_SESS_CACHE_OFF
-
-No session caching for client or server takes place.
-
-=item SSL_SESS_CACHE_CLIENT
-
-Client sessions are added to the session cache. As there is no reliable way
-for the OpenSSL library to know whether a session should be reused or which
-session to choose (due to the abstract BIO layer the SSL engine does not
-have details about the connection), the application must select the session
-to be reused by using the L<SSL_set_session(3)|SSL_set_session(3)>
-function. This option is not activated by default.
-
-=item SSL_SESS_CACHE_SERVER
-
-Server sessions are added to the session cache. When a client proposes a
-session to be reused, the server looks for the corresponding session in (first)
-the internal session cache (unless SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set),
-then (second) in the external cache if available. If the session is found, the
-server will try to reuse the session.  This is the default.
-
-=item SSL_SESS_CACHE_BOTH
-
-Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time.
-
-=item SSL_SESS_CACHE_NO_AUTO_CLEAR
-
-Normally the session cache is checked for expired sessions every
-255 connections using the
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> function. Since
-this may lead to a delay which cannot be controlled, the automatic
-flushing may be disabled and
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> can be called
-explicitly by the application.
-
-=item SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
-
-By setting this flag, session-resume operations in an SSL/TLS server will not
-automatically look up sessions in the internal cache, even if sessions are
-automatically stored there. If external session caching callbacks are in use,
-this flag guarantees that all lookups are directed to the external cache.
-As automatic lookup only applies for SSL/TLS servers, the flag has no effect on
-clients.
-
-=item SSL_SESS_CACHE_NO_INTERNAL_STORE
-
-Depending on the presence of SSL_SESS_CACHE_CLIENT and/or SSL_SESS_CACHE_SERVER,
-sessions negotiated in an SSL/TLS handshake may be cached for possible reuse.
-Normally a new session is added to the internal cache as well as any external
-session caching (callback) that is configured for the SSL_CTX. This flag will
-prevent sessions being stored in the internal cache (though the application can
-add them manually using L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>). Note:
-in any SSL/TLS servers where external caching is configured, any successful
-session lookups in the external cache (ie. for session-resume requests) would
-normally be copied into the local cache before processing continues - this flag
-prevents these additions to the internal cache as well.
-
-=item SSL_SESS_CACHE_NO_INTERNAL
-
-Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and
-SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time.
-
-
-=back
-
-The default mode is SSL_SESS_CACHE_SERVER.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_session_cache_mode() returns the previously set cache mode.
-
-SSL_CTX_get_session_cache_mode() returns the currently set cache mode.
-
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
-
-=head1 HISTORY
-
-SSL_SESS_CACHE_NO_INTERNAL_STORE and SSL_SESS_CACHE_NO_INTERNAL
-were introduced in OpenSSL 0.9.6h.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod
deleted file mode 100644
index 5949395159e7..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can be reused (server side only)
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
-                                    unsigned int sid_ctx_len);
- int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
-                                unsigned int sid_ctx_len);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_session_id_context() sets the context B<sid_ctx> of length
-B<sid_ctx_len> within which a session can be reused for the B<ctx> object.
-
-SSL_set_session_id_context() sets the context B<sid_ctx> of length
-B<sid_ctx_len> within which a session can be reused for the B<ssl> object.
-
-=head1 NOTES
-
-Sessions are generated within a certain context. When exporting/importing
-sessions with B<i2d_SSL_SESSION>/B<d2i_SSL_SESSION> it would be possible,
-to re-import a session generated from another context (e.g. another
-application), which might lead to malfunctions. Therefore each application
-must set its own session id context B<sid_ctx> which is used to distinguish
-the contexts and is stored in exported sessions. The B<sid_ctx> can be
-any kind of binary data with a given length, it is therefore possible
-to use e.g. the name of the application and/or the hostname and/or service
-name ...
-
-The session id context becomes part of the session. The session id context
-is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and
-SSL_set_session_id_context() functions are therefore only useful on the
-server side.
-
-OpenSSL clients will check the session id context returned by the server
-when reusing a session.
-
-The maximum length of the B<sid_ctx> is limited to
-B<SSL_MAX_SSL_SESSION_ID_LENGTH>.
-
-=head1 WARNINGS
-
-If the session id context is not set on an SSL/TLS server, stored sessions
-will not be reused but a fatal error will be flagged and the handshake
-will fail.
-
-If a server returns a different session id context to an OpenSSL client
-when reusing a session, an error will be flagged and the handshake will
-fail. OpenSSL servers will always return the correct session id context,
-as an OpenSSL server checks the session id context itself before reusing
-a session as described above.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_session_id_context() and SSL_set_session_id_context()
-return the following values:
-
-=over 4
-
-=item 0
-
-The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
-the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
-is logged to the error stack.
-
-=item 1
-
-The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod
deleted file mode 100644
index 002018096551..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod
+++ /dev/null
@@ -1,61 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
-- choose a new TLS/SSL method
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method);
- int SSL_set_ssl_method(SSL *s, SSL_METHOD *method);
- SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
-newly created from this B<ctx>. SSL objects already created with
-L<SSL_new(3)|SSL_new(3)> are not affected, except when
-L<SSL_clear(3)|SSL_clear(3)> is being called.
-
-SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
-object. It may be reset, when SSL_clear() is called.
-
-SSL_get_ssl_method() returns a function pointer to the TLS/SSL method
-set in B<ssl>.
-
-=head1 NOTES
-
-The available B<method> choices are described in
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>.
-
-When L<SSL_clear(3)|SSL_clear(3)> is called and no session is connected to
-an SSL object, the method of the SSL object is reset to the method currently
-set in the corresponding SSL_CTX object.
-
-=head1 RETURN VALUES
-
-The following return values can occur for SSL_CTX_set_ssl_version()
-and SSL_set_ssl_method():
-
-=over 4
-
-=item 0
-
-The new choice failed, check the error stack to find out the reason.
-
-=item 1
-
-The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<ssl(3)|ssl(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_timeout.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_timeout.pod
deleted file mode 100644
index e3de27c47367..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_timeout.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
- long SSL_CTX_get_timeout(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_timeout() sets the timeout for newly created sessions for
-B<ctx> to B<t>. The timeout value B<t> must be given in seconds.
-
-SSL_CTX_get_timeout() returns the currently set timeout value for B<ctx>.
-
-=head1 NOTES
-
-Whenever a new session is created, it is assigned a maximum lifetime. This
-lifetime is specified by storing the creation time of the session and the
-timeout value valid at this time. If the actual time is later than creation
-time plus timeout, the session is not reused.
-
-Due to this realization, all sessions behave according to the timeout value
-valid at the time of the session negotiation. Changes of the timeout value
-do not affect already established sessions.
-
-The expiration time of a single session can be modified using the
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)> family of functions.
-
-Expired sessions are removed from the internal session cache, whenever
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> is called, either
-directly by the application or automatically (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
-
-The default value for session timeout is decided on a per protocol
-basis, see L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>.
-All currently supported protocols have the same default timeout value
-of 300 seconds.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_timeout() returns the previously set timeout value.
-
-SSL_CTX_get_timeout() returns the currently set timeout value.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
deleted file mode 100644
index 29d1f8a6fbfe..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+++ /dev/null
@@ -1,170 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
-
- void SSL_set_tmp_dh_callback(SSL_CTX *ctx,
-            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_set_tmp_dh(SSL *ssl, DH *dh)
-
- DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
-used when a DH parameters are required to B<tmp_dh_callback>.
-The callback is inherited by all B<ssl> objects created from B<ctx>.
-
-SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.
-The key is inherited by all B<ssl> objects created from B<ctx>.
-
-SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
-
-SSL_set_tmp_dh() sets the parameters only for B<ssl>.
-
-These functions apply to SSL/TLS servers only.
-
-=head1 NOTES
-
-When using a cipher with RSA authentication, an ephemeral DH key exchange
-can take place. Ciphers with DSA keys always use ephemeral DH keys as well.
-In these cases, the session data are negotiated using the
-ephemeral/temporary DH key and the key supplied and certified
-by the certificate chain is only used for signing.
-Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
-
-Using ephemeral DH key exchange yields forward secrecy, as the connection
-can only be decrypted, when the DH key is known. By generating a temporary
-DH key inside the server application that is lost when the application
-is left, it becomes impossible for an attacker to decrypt past sessions,
-even if he gets hold of the normal (certified) key, as this key was
-only used for signing.
-
-In order to perform a DH key exchange the server must use a DH group
-(DH parameters) and generate a DH key. The server will always generate a new
-DH key during the negotiation, when the DH parameters are supplied via
-callback and/or when the SSL_OP_SINGLE_DH_USE option of
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)> is set. It will
-immediately create a DH key, when DH parameters are supplied via
-SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. In this case,
-it may happen that a key is generated on initialization without later
-being needed, while on the other hand the computer time during the
-negotiation is being saved.
-
-If "strong" primes were used to generate the DH parameters, it is not strictly
-necessary to generate a new key for each handshake but it does improve forward
-secrecy. If it is not assured, that "strong" primes were used (see especially
-the section about DSA parameters below), SSL_OP_SINGLE_DH_USE must be used
-in order to prevent small subgroup attacks. Always using SSL_OP_SINGLE_DH_USE
-has an impact on the computer time needed during negotiation, but it is not
-very large, so application authors/users should consider to always enable
-this option.
-
-As generating DH parameters is extremely time consuming, an application
-should not generate the parameters on the fly but supply the parameters.
-DH parameters can be reused, as the actual key is newly generated during
-the negotiation. The risk in reusing DH parameters is that an attacker
-may specialize on a very often used DH group. Applications should therefore
-generate their own DH parameters during the installation process using the
-openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
-time needed for this generation, it is possible to use DSA parameters
-instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
-is mandatory.
-
-Application authors may compile in DH parameters. Files dh512.pem,
-dh1024.pem, dh2048.pem, and dh4096 in the 'apps' directory of current
-version of the OpenSSL distribution contain the 'SKIP' DH parameters,
-which use safe primes and were generated verifiably pseudo-randomly.
-These files can be converted into C code using the B<-C> option of the
-L<dhparam(1)|dhparam(1)> application.
-Authors may also generate their own set of parameters using
-L<dhparam(1)|dhparam(1)>, but a user may not be sure how the parameters were
-generated. The generation of DH parameters during installation is therefore
-recommended.
-
-An application may either directly specify the DH parameters or
-can supply the DH parameters via a callback function. The callback approach
-has the advantage, that the callback may supply DH parameters for different
-key lengths.
-
-The B<tmp_dh_callback> is called with the B<keylength> needed and
-the B<is_export> information. The B<is_export> flag is set, when the
-ephemeral DH key exchange is performed with an export cipher.
-
-=head1 EXAMPLES
-
-Handle DH parameters for key lengths of 512 and 1024 bits. (Error handling
-partly left out.)
-
- ...
- /* Set up ephemeral DH stuff */
- DH *dh_512 = NULL;
- DH *dh_1024 = NULL;
- FILE *paramfile;
-
- ...
- /* "openssl dhparam -out dh_param_512.pem -2 512" */
- paramfile = fopen("dh_param_512.pem", "r");
- if (paramfile) {
-   dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
-   fclose(paramfile);
- }
- /* "openssl dhparam -out dh_param_1024.pem -2 1024" */
- paramfile = fopen("dh_param_1024.pem", "r");
- if (paramfile) {
-   dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
-   fclose(paramfile);
- }
- ...
-
- /* "openssl dhparam -C -2 512" etc... */
- DH *get_dh512() { ... }
- DH *get_dh1024() { ... }
-
- DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
- {
-    DH *dh_tmp=NULL;
-
-    switch (keylength) {
-    case 512:
-      if (!dh_512)
-        dh_512 = get_dh512();
-      dh_tmp = dh_512;
-      break;
-    case 1024:
-      if (!dh_1024) 
-        dh_1024 = get_dh1024();
-      dh_tmp = dh_1024;
-      break;
-    default:
-      /* Generating a key on the fly is very costly, so use what is there */
-      setup_dh_parameters_like_above();
-    }
-    return(dh_tmp);
- }
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
-diagnostic output.
-
-SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0
-on failure. Check the error queue to find out the reason of failure.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<ciphers(1)|ciphers(1)>, L<dhparam(1)|dhparam(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
deleted file mode 100644
index f85775927dda..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
+++ /dev/null
@@ -1,166 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, SSL_set_tmp_rsa_callback, SSL_set_tmp_rsa, SSL_need_tmp_rsa - handle RSA keys for ephemeral key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
-            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
- long SSL_CTX_need_tmp_rsa(SSL_CTX *ctx);
-
- void SSL_set_tmp_rsa_callback(SSL_CTX *ctx,
-            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
- long SSL_set_tmp_rsa(SSL *ssl, RSA *rsa)
- long SSL_need_tmp_rsa(SSL *ssl)
-
- RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_tmp_rsa_callback() sets the callback function for B<ctx> to be
-used when a temporary/ephemeral RSA key is required to B<tmp_rsa_callback>.
-The callback is inherited by all SSL objects newly created from B<ctx>
-with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected.
-
-SSL_CTX_set_tmp_rsa() sets the temporary/ephemeral RSA key to be used to be
-B<rsa>. The key is inherited by all SSL objects newly created from B<ctx>
-with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected.
-
-SSL_CTX_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed
-for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
-with a keysize larger than 512 bits is installed.
-
-SSL_set_tmp_rsa_callback() sets the callback only for B<ssl>.
-
-SSL_set_tmp_rsa() sets the key only for B<ssl>.
-
-SSL_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed,
-for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
-with a keysize larger than 512 bits is installed.
-
-These functions apply to SSL/TLS servers only.
-
-=head1 NOTES
-
-When using a cipher with RSA authentication, an ephemeral RSA key exchange
-can take place. In this case the session data are negotiated using the
-ephemeral/temporary RSA key and the RSA key supplied and certified
-by the certificate chain is only used for signing.
-
-Under previous export restrictions, ciphers with RSA keys shorter (512 bits)
-than the usual key length of 1024 bits were created. To use these ciphers
-with RSA keys of usual length, an ephemeral key exchange must be performed,
-as the normal (certified) key cannot be directly used.
-
-Using ephemeral RSA key exchange yields forward secrecy, as the connection
-can only be decrypted, when the RSA key is known. By generating a temporary
-RSA key inside the server application that is lost when the application
-is left, it becomes impossible for an attacker to decrypt past sessions,
-even if he gets hold of the normal (certified) RSA key, as this key was
-used for signing only. The downside is that creating a RSA key is
-computationally expensive.
-
-Additionally, the use of ephemeral RSA key exchange is only allowed in
-the TLS standard, when the RSA key can be used for signing only, that is
-for export ciphers. Using ephemeral RSA key exchange for other purposes
-violates the standard and can break interoperability with clients.
-It is therefore strongly recommended to not use ephemeral RSA key
-exchange and use EDH (Ephemeral Diffie-Hellman) key exchange instead
-in order to achieve forward secrecy (see
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
-
-On OpenSSL servers ephemeral RSA key exchange is therefore disabled by default
-and must be explicitly enabled  using the SSL_OP_EPHEMERAL_RSA option of
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, violating the TLS/SSL
-standard. When ephemeral RSA key exchange is required for export ciphers,
-it will automatically be used without this option!
-
-An application may either directly specify the key or can supply the key via
-a callback function. The callback approach has the advantage, that the
-callback may generate the key only in case it is actually needed. As the
-generation of a RSA key is however costly, it will lead to a significant
-delay in the handshake procedure.  Another advantage of the callback function
-is that it can supply keys of different size (e.g. for SSL_OP_EPHEMERAL_RSA
-usage) while the explicit setting of the key is only useful for key size of
-512 bits to satisfy the export restricted ciphers and does give away key length
-if a longer key would be allowed.
-
-The B<tmp_rsa_callback> is called with the B<keylength> needed and
-the B<is_export> information. The B<is_export> flag is set, when the
-ephemeral RSA key exchange is performed with an export cipher.
-
-=head1 EXAMPLES
-
-Generate temporary RSA keys to prepare ephemeral RSA key exchange. As the
-generation of a RSA key costs a lot of computer time, they saved for later
-reuse. For demonstration purposes, two keys for 512 bits and 1024 bits
-respectively are generated.
-
- ...
- /* Set up ephemeral RSA stuff */
- RSA *rsa_512 = NULL;
- RSA *rsa_1024 = NULL;
-
- rsa_512 = RSA_generate_key(512,RSA_F4,NULL,NULL);
- if (rsa_512 == NULL)
-     evaluate_error_queue();
-
- rsa_1024 = RSA_generate_key(1024,RSA_F4,NULL,NULL);
- if (rsa_1024 == NULL)
-   evaluate_error_queue();
-
- ...
-
- RSA *tmp_rsa_callback(SSL *s, int is_export, int keylength)
- {
-    RSA *rsa_tmp=NULL;
-
-    switch (keylength) {
-    case 512:
-      if (rsa_512)
-        rsa_tmp = rsa_512;
-      else { /* generate on the fly, should not happen in this example */
-        rsa_tmp = RSA_generate_key(keylength,RSA_F4,NULL,NULL);
-        rsa_512 = rsa_tmp; /* Remember for later reuse */
-      }
-      break;
-    case 1024:
-      if (rsa_1024)
-        rsa_tmp=rsa_1024;
-      else
-        should_not_happen_in_this_example();
-      break;
-    default:
-      /* Generating a key on the fly is very costly, so use what is there */
-      if (rsa_1024)
-        rsa_tmp=rsa_1024;
-      else
-        rsa_tmp=rsa_512; /* Use at least a shorter key */
-    }
-    return(rsa_tmp);
- }
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_tmp_rsa_callback() and SSL_set_tmp_rsa_callback() do not return
-diagnostic output.
-
-SSL_CTX_set_tmp_rsa() and SSL_set_tmp_rsa() do return 1 on success and 0
-on failure. Check the error queue to find out the reason of failure.
-
-SSL_CTX_need_tmp_rsa() and SSL_need_tmp_rsa() return 1 if a temporary
-RSA key is needed and 0 otherwise.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_new(3)|SSL_new(3)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
deleted file mode 100644
index d15b2a3a1a5b..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
+++ /dev/null
@@ -1,294 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth - set peer certificate verification parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
-                         int (*verify_callback)(int, X509_STORE_CTX *));
- void SSL_set_verify(SSL *s, int mode,
-                     int (*verify_callback)(int, X509_STORE_CTX *));
- void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
- void SSL_set_verify_depth(SSL *s, int depth);
-
- int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and
-specifies the B<verify_callback> function to be used. If no callback function
-shall be specified, the NULL pointer can be used for B<verify_callback>.
-
-SSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and
-specifies the B<verify_callback> function to be used. If no callback function
-shall be specified, the NULL pointer can be used for B<verify_callback>. In
-this case last B<verify_callback> set specifically for this B<ssl> remains. If
-no special B<callback> was set before, the default callback for the underlying
-B<ctx> is used, that was valid at the the time B<ssl> was created with
-L<SSL_new(3)|SSL_new(3)>.
-
-SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
-verification that shall be allowed for B<ctx>. (See the BUGS section.)
-
-SSL_set_verify_depth() sets the maximum B<depth> for the certificate chain
-verification that shall be allowed for B<ssl>. (See the BUGS section.)
-
-=head1 NOTES
-
-The verification of certificates can be controlled by a set of logically
-or'ed B<mode> flags:
-
-=over 4
-
-=item SSL_VERIFY_NONE
-
-B<Server mode:> the server will not send a client certificate request to the
-client, so the client will not send a certificate.
-
-B<Client mode:> if not using an anonymous cipher (by default disabled), the
-server will send a certificate which will be checked. The result of the
-certificate verification process can be checked after the TLS/SSL handshake
-using the L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> function.
-The handshake will be continued regardless of the verification result.
-
-=item SSL_VERIFY_PEER
-
-B<Server mode:> the server sends a client certificate request to the client.
-The certificate returned (if any) is checked. If the verification process
-fails, the TLS/SSL handshake is
-immediately terminated with an alert message containing the reason for
-the verification failure.
-The behaviour can be controlled by the additional
-SSL_VERIFY_FAIL_IF_NO_PEER_CERT and SSL_VERIFY_CLIENT_ONCE flags.
-
-B<Client mode:> the server certificate is verified. If the verification process
-fails, the TLS/SSL handshake is
-immediately terminated with an alert message containing the reason for
-the verification failure. If no server certificate is sent, because an
-anonymous cipher is used, SSL_VERIFY_PEER is ignored.
-
-=item SSL_VERIFY_FAIL_IF_NO_PEER_CERT
-
-B<Server mode:> if the client did not return a certificate, the TLS/SSL
-handshake is immediately terminated with a "handshake failure" alert.
-This flag must be used together with SSL_VERIFY_PEER.
-
-B<Client mode:> ignored
-
-=item SSL_VERIFY_CLIENT_ONCE
-
-B<Server mode:> only request a client certificate on the initial TLS/SSL
-handshake. Do not ask for a client certificate again in case of a
-renegotiation. This flag must be used together with SSL_VERIFY_PEER.
-
-B<Client mode:> ignored
-
-=back
-
-Exactly one of the B<mode> flags SSL_VERIFY_NONE and SSL_VERIFY_PEER must be
-set at any time.
-
-The actual verification procedure is performed either using the built-in
-verification procedure or using another application provided verification
-function set with
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>.
-The following descriptions apply in the case of the built-in procedure. An
-application provided procedure also has access to the verify depth information
-and the verify_callback() function, but the way this information is used
-may be different.
-
-SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set the limit up
-to which depth certificates in a chain are used during the verification
-procedure. If the certificate chain is longer than allowed, the certificates
-above the limit are ignored. Error messages are generated as if these
-certificates would not be present, most likely a
-X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY will be issued.
-The depth count is "level 0:peer certificate", "level 1: CA certificate",
-"level 2: higher level CA certificate", and so on. Setting the maximum
-depth to 2 allows the levels 0, 1, and 2. The default depth limit is 9,
-allowing for the peer certificate and additional 9 CA certificates.
-
-The B<verify_callback> function is used to control the behaviour when the
-SSL_VERIFY_PEER flag is set. It must be supplied by the application and
-receives two arguments: B<preverify_ok> indicates, whether the verification of
-the certificate in question was passed (preverify_ok=1) or not
-(preverify_ok=0). B<x509_ctx> is a pointer to the complete context used
-for the certificate chain verification.
-
-The certificate chain is checked starting with the deepest nesting level
-(the root CA certificate) and worked upward to the peer's certificate.
-At each level signatures and issuer attributes are checked. Whenever
-a verification error is found, the error number is stored in B<x509_ctx>
-and B<verify_callback> is called with B<preverify_ok>=0. By applying
-X509_CTX_store_* functions B<verify_callback> can locate the certificate
-in question and perform additional steps (see EXAMPLES). If no error is
-found for a certificate, B<verify_callback> is called with B<preverify_ok>=1
-before advancing to the next level.
-
-The return value of B<verify_callback> controls the strategy of the further
-verification process. If B<verify_callback> returns 0, the verification
-process is immediately stopped with "verification failed" state. If
-SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and
-the TLS/SSL handshake is terminated. If B<verify_callback> returns 1,
-the verification process is continued. If B<verify_callback> always returns
-1, the TLS/SSL handshake will never be terminated because of this application
-experiencing a verification failure. The calling process can however
-retrieve the error code of the last verification error using
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its
-own error storage managed by B<verify_callback>.
-
-If no B<verify_callback> is specified, the default callback will be used.
-Its return value is identical to B<preverify_ok>, so that any verification
-failure will lead to a termination of the TLS/SSL handshake with an
-alert message, if SSL_VERIFY_PEER is set.
-
-=head1 BUGS
-
-In client mode, it is not checked whether the SSL_VERIFY_PEER flag
-is set, but whether SSL_VERIFY_NONE is not set. This can lead to
-unexpected behaviour, if the SSL_VERIFY_PEER and SSL_VERIFY_NONE are not
-used as required (exactly one must be set at any time).
-
-The certificate verification depth set with SSL[_CTX]_verify_depth()
-stops the verification at a certain depth. The error message produced
-will be that of an incomplete certificate chain and not
-X509_V_ERR_CERT_CHAIN_TOO_LONG as may be expected.
-
-=head1 RETURN VALUES
-
-The SSL*_set_verify*() functions do not provide diagnostic information.
-
-=head1 EXAMPLES
-
-The following code sequence realizes an example B<verify_callback> function
-that will always continue the TLS/SSL handshake regardless of verification
-failure, if wished. The callback realizes a verification depth limit with
-more informational output.
-
-All verification errors are printed, informations about the certificate chain
-are printed on request.
-The example is realized for a server that does allow but not require client
-certificates.
-
-The example makes use of the ex_data technique to store application data
-into/retrieve application data from the SSL structure
-(see L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
-
- ...
- typedef struct {
-   int verbose_mode;
-   int verify_depth;
-   int always_continue;
- } mydata_t;
- int mydata_index;
- ...
- static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
- {
-    char    buf[256];
-    X509   *err_cert;
-    int     err, depth;
-    SSL    *ssl;
-    mydata_t *mydata;
-
-    err_cert = X509_STORE_CTX_get_current_cert(ctx);
-    err = X509_STORE_CTX_get_error(ctx);
-    depth = X509_STORE_CTX_get_error_depth(ctx);
-
-    /*
-     * Retrieve the pointer to the SSL of the connection currently treated
-     * and the application specific data stored into the SSL object.
-     */
-    ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
-    mydata = SSL_get_ex_data(ssl, mydata_index);
-
-    X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
-
-    /*
-     * Catch a too long certificate chain. The depth limit set using
-     * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so
-     * that whenever the "depth>verify_depth" condition is met, we
-     * have violated the limit and want to log this error condition.
-     * We must do it here, because the CHAIN_TOO_LONG error would not
-     * be found explicitly; only errors introduced by cutting off the
-     * additional certificates would be logged.
-     */
-    if (depth > mydata->verify_depth) {
-        preverify_ok = 0;
-        err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
-        X509_STORE_CTX_set_error(ctx, err);
-    } 
-    if (!preverify_ok) {
-        printf("verify error:num=%d:%s:depth=%d:%s\n", err,
-                 X509_verify_cert_error_string(err), depth, buf);
-    }
-    else if (mydata->verbose_mode)
-    {
-        printf("depth=%d:%s\n", depth, buf);
-    }
-
-    /*
-     * At this point, err contains the last verification error. We can use
-     * it for something special
-     */
-    if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))
-    {
-      X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
-      printf("issuer= %s\n", buf);
-    }
-
-    if (mydata->always_continue)
-      return 1;
-    else
-      return preverify_ok;
- }
- ...
-
- mydata_t mydata;
-
- ...
- mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL);
-
- ...
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
-                    verify_callback);
-
- /*
-  * Let the verify_callback catch the verify_depth error so that we get
-  * an appropriate error in the logfile.
-  */
- SSL_CTX_set_verify_depth(verify_depth + 1);
-
- /*
-  * Set up the SSL specific data into "mydata" and store it into th SSL
-  * structure.
-  */
- mydata.verify_depth = verify_depth; ...
- SSL_set_ex_data(ssl, mydata_index, &mydata);
-					     
- ...
- SSL_accept(ssl);	/* check of success left out for clarity */
- if (peer = SSL_get_peer_certificate(ssl))
- {
-   if (SSL_get_verify_result(ssl) == X509_V_OK)
-   {
-     /* The client sent a certificate which verified OK */
-   }
- }
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
-L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod b/crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod
deleted file mode 100644
index b8868f18bfc1..000000000000
--- a/crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod
+++ /dev/null
@@ -1,155 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key - load certificate and key data
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
- int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
- int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
- int SSL_use_certificate(SSL *ssl, X509 *x);
- int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
- int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-
- int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
-
- int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
- int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
-				 long len);
- int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
- int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
- int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
- int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
- int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
- int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
- int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
- int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
- int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
- int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-
- int SSL_CTX_check_private_key(SSL_CTX *ctx);
- int SSL_check_private_key(SSL *ssl);
-
-=head1 DESCRIPTION
-
-These functions load the certificates and private keys into the SSL_CTX
-or SSL object, respectively.
-
-The SSL_CTX_* class of functions loads the certificates and keys into the
-SSL_CTX object B<ctx>. The information is passed to SSL objects B<ssl>
-created from B<ctx> with L<SSL_new(3)|SSL_new(3)> by copying, so that
-changes applied to B<ctx> do not propagate to already existing SSL objects.
-
-The SSL_* class of functions only loads certificates and keys into a
-specific SSL object. The specific information is kept, when
-L<SSL_clear(3)|SSL_clear(3)> is called for this SSL object.
-
-SSL_CTX_use_certificate() loads the certificate B<x> into B<ctx>,
-SSL_use_certificate() loads B<x> into B<ssl>. The rest of the
-certificates needed to form the complete certificate chain can be
-specified using the
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
-function.
-
-SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from
-the memory location B<d> (with length B<len>) into B<ctx>,
-SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into B<ssl>.
-
-SSL_CTX_use_certificate_file() loads the first certificate stored in B<file>
-into B<ctx>. The formatting B<type> of the certificate must be specified
-from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1.
-SSL_use_certificate_file() loads the certificate from B<file> into B<ssl>.
-See the NOTES section on why SSL_CTX_use_certificate_chain_file()
-should be preferred.
-
-SSL_CTX_use_certificate_chain_file() loads a certificate chain from 
-B<file> into B<ctx>. The certificates must be in PEM format and must
-be sorted starting with the certificate to the highest level (root CA).
-There is no corresponding function working on a single SSL object.
-
-SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>.
-SSL_CTX_use_RSAPrivateKey() adds the private key B<rsa> of type RSA
-to B<ctx>. SSL_use_PrivateKey() adds B<pkey> as private key to B<ssl>;
-SSL_use_RSAPrivateKey() adds B<rsa> as private key of type RSA to B<ssl>.
-
-SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B<pk>
-stored at memory location B<d> (length B<len>) to B<ctx>.
-SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA
-stored at memory location B<d> (length B<len>) to B<ctx>.
-SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private
-key to B<ssl>.
-
-SSL_CTX_use_PrivateKey_file() adds the first private key found in
-B<file> to B<ctx>. The formatting B<type> of the certificate must be specified
-from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1.
-SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in
-B<file> to B<ctx>. SSL_use_PrivateKey_file() adds the first private key found
-in B<file> to B<ssl>; SSL_use_RSAPrivateKey_file() adds the first private
-RSA key found to B<ssl>.
-
-SSL_CTX_check_private_key() checks the consistency of a private key with
-the corresponding certificate loaded into B<ctx>. If more than one
-key/certificate pair (RSA/DSA) is installed, the last item installed will
-be checked. If e.g. the last item was a RSA certificate or key, the RSA
-key/certificate pair will be checked. SSL_check_private_key() performs
-the same check for B<ssl>. If no key/certificate was explicitly added for
-this B<ssl>, the last item added into B<ctx> will be checked.
-
-=head1 NOTES
-  
-The internal certificate store of OpenSSL can hold two private key/certificate
-pairs at a time: one key/certificate of type RSA and one key/certificate
-of type DSA. The certificate used depends on the cipher select, see
-also L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>.
-
-When reading certificates and private keys from file, files of type
-SSL_FILETYPE_ASN1 (also known as B<DER>, binary encoding) can only contain
-one certificate or private key, consequently 
-SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting.
-Files of type SSL_FILETYPE_PEM can contain more than one item.
-
-SSL_CTX_use_certificate_chain_file() adds the first certificate found
-in the file to the certificate store. The other certificates are added
-to the store of chain certificates using
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>.
-There exists only one extra chain store, so that the same chain is appended
-to both types of certificates, RSA and DSA! If it is not intended to use
-both type of certificate at the same time, it is recommended to use the
-SSL_CTX_use_certificate_chain_file() instead of the
-SSL_CTX_use_certificate_file() function in order to allow the use of
-complete certificate chains even when no trusted CA storage is used or
-when the CA issuing the certificate shall not be added to the trusted
-CA storage.
-
-If additional certificates are needed to complete the chain during the
-TLS negotiation, CA certificates are additionally looked up in the
-locations of trusted CA certificates, see
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
-
-The private keys loaded from file can be encrypted. In order to successfully
-load encrypted keys, a function returning the passphrase must have been
-supplied, see
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>.
-(Certificate files might be encrypted as well from the technical point
-of view, it however does not make sense as the data in the certificate
-is considered public anyway.)
-
-=head1 RETURN VALUES
-
-On success, the functions return 1.
-Otherwise check out the error stack to find out the reason.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
-L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_SESSION_free.pod b/crypto/openssl/doc/ssl/SSL_SESSION_free.pod
deleted file mode 100644
index 558de01df91d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_SESSION_free.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_SESSION_free - free an allocated SSL_SESSION structure
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_SESSION_free(SSL_SESSION *session);
-
-=head1 DESCRIPTION
-
-SSL_SESSION_free() decrements the reference count of B<session> and removes
-the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
-memory, if the the reference count has reached 0.
-
-=head1 NOTES
-
-SSL_SESSION objects are allocated, when a TLS/SSL handshake operation
-is successfully completed. Depending on the settings, see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-the SSL_SESSION objects are internally referenced by the SSL_CTX and
-linked into its session cache. SSL objects may be using the SSL_SESSION object;
-as a session may be reused, several SSL objects may be using one SSL_SESSION
-object at the same time. It is therefore crucial to keep the reference
-count (usage information) correct and not delete a SSL_SESSION object
-that is still used, as this may lead to program failures due to
-dangling pointers. These failures may also appear delayed, e.g.
-when an SSL_SESSION object was completely freed as the reference count
-incorrectly became 0, but it is still referenced in the internal
-session cache and the cache list is processed during a
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> operation.
-
-SSL_SESSION_free() must only be called for SSL_SESSION objects, for
-which the reference count was explicitly incremented (e.g.
-by calling SSL_get1_session(), see L<SSL_get_session(3)|SSL_get_session(3)>)
-or when the SSL_SESSION object was generated outside a TLS handshake
-operation, e.g. by using L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>.
-It must not be called on other SSL_SESSION objects, as this would cause
-incorrect reference counts and therefore program failures.
-
-=head1 RETURN VALUES
-
-SSL_SESSION_free() does not provide diagnostic information.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
- L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_SESSION_get_ex_new_index.pod b/crypto/openssl/doc/ssl/SSL_SESSION_get_ex_new_index.pod
deleted file mode 100644
index da0bcf1590ca..000000000000
--- a/crypto/openssl/doc/ssl/SSL_SESSION_get_ex_new_index.pod
+++ /dev/null
@@ -1,61 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - internal application specific data functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_SESSION_get_ex_new_index(long argl, void *argp,
-                CRYPTO_EX_new *new_func,
-                CRYPTO_EX_dup *dup_func,
-                CRYPTO_EX_free *free_func);
-
- int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg);
-
- void *SSL_SESSION_get_ex_data(SSL_SESSION *session, int idx);
-
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-
-SSL_SESSION_get_ex_new_index() is used to register a new index for application
-specific data.
-
-SSL_SESSION_set_ex_data() is used to store application data at B<arg> for B<idx>
-into the B<session> object.
-
-SSL_SESSION_get_ex_data() is used to retrieve the information for B<idx> from
-B<session>.
-
-A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
-The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
-
-=head1 WARNINGS
-
-The application data is only maintained for sessions held in memory. The
-application data is not included when dumping the session with
-i2d_SSL_SESSION() (and all functions indirectly calling the dump functions
-like PEM_write_SSL_SESSION() and PEM_write_bio_SSL_SESSION()) and can
-therefore not be restored.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_SESSION_get_time.pod b/crypto/openssl/doc/ssl/SSL_SESSION_get_time.pod
deleted file mode 100644
index ea3c2bcfe601..000000000000
--- a/crypto/openssl/doc/ssl/SSL_SESSION_get_time.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_get_timeout - retrieve and manipulate session time and timeout settings
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_SESSION_get_time(SSL_SESSION *s);
- long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
- long SSL_SESSION_get_timeout(SSL_SESSION *s);
- long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
-
- long SSL_get_time(SSL_SESSION *s);
- long SSL_set_time(SSL_SESSION *s, long tm);
- long SSL_get_timeout(SSL_SESSION *s);
- long SSL_set_timeout(SSL_SESSION *s, long tm);
-
-=head1 DESCRIPTION
-
-SSL_SESSION_get_time() returns the time at which the session B<s> was
-established. The time is given in seconds since the Epoch and therefore
-compatible to the time delivered by the time() call.
-
-SSL_SESSION_set_time() replaces the creation time of the session B<s> with
-the chosen value B<tm>.
-
-SSL_SESSION_get_timeout() returns the timeout value set for session B<s>
-in seconds.
-
-SSL_SESSION_set_timeout() sets the timeout value for session B<s> in seconds
-to B<tm>.
-
-The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout()
-functions are synonyms for the SSL_SESSION_*() counterparts.
-
-=head1 NOTES
-
-Sessions are expired by examining the creation time and the timeout value.
-Both are set at creation time of the session to the actual time and the
-default timeout value at creation, respectively, as set by
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>.
-Using these functions it is possible to extend or shorten the lifetime
-of the session.
-
-=head1 RETURN VALUES
-
-SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently
-valid values.
-
-SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.
-
-If any of the function is passed the NULL pointer for the session B<s>, 
-0 is returned.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_accept.pod b/crypto/openssl/doc/ssl/SSL_accept.pod
deleted file mode 100644
index a673edba8532..000000000000
--- a/crypto/openssl/doc/ssl/SSL_accept.pod
+++ /dev/null
@@ -1,75 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_accept(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake.
-The communication channel must already have been set and assigned to the
-B<ssl> by setting an underlying B<BIO>.
-
-=head1 NOTES
-
-The behaviour of SSL_accept() depends on the underlying BIO. 
-
-If the underlying BIO is B<blocking>, SSL_accept() will only return once the
-handshake has been finished or an error occurred, except for SGC (Server
-Gated Cryptography). For SGC, SSL_accept() may return with -1, but
-SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and SSL_accept()
-should be called again.
-
-If the underlying BIO is B<non-blocking>, SSL_accept() will also return
-when the underlying BIO could not satisfy the needs of SSL_accept()
-to continue the handshake. In this case a call to SSL_get_error() with the
-return value of SSL_accept() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
-taking appropriate action to satisfy the needs of SSL_accept().
-The action depends on the underlying BIO. When using a non-blocking socket,
-nothing is to be done, but select() can be used to check for the required
-condition. When using a buffering BIO, like a BIO pair, data must be written
-into or retrieved out of the BIO before being able to continue.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 1
-
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
-
-=item 0
-
-The TLS/SSL handshake was not successful but was shut down controlled and
-by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
-
-=item E<lt>0
-
-The TLS/SSL handshake was not successful because a fatal error occurred either
-at the protocol level or a connection failure occurred. The shutdown was
-not clean. It can also occur of action is need to continue the operation
-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
-to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_alert_type_string.pod b/crypto/openssl/doc/ssl/SSL_alert_type_string.pod
deleted file mode 100644
index 94e28cc3075e..000000000000
--- a/crypto/openssl/doc/ssl/SSL_alert_type_string.pod
+++ /dev/null
@@ -1,228 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- const char *SSL_alert_type_string(int value);
- const char *SSL_alert_type_string_long(int value);
-
- const char *SSL_alert_desc_string(int value);
- const char *SSL_alert_desc_string_long(int value);
-
-=head1 DESCRIPTION
-
-SSL_alert_type_string() returns a one letter string indicating the
-type of the alert specified by B<value>.
-
-SSL_alert_type_string_long() returns a string indicating the type of the alert
-specified by B<value>.
-
-SSL_alert_desc_string() returns a two letter string as a short form
-describing the reason of the alert specified by B<value>.
-
-SSL_alert_desc_string_long() returns a string describing the reason
-of the alert specified by B<value>.
-
-=head1 NOTES
-
-When one side of an SSL/TLS communication wants to inform the peer about
-a special situation, it sends an alert. The alert is sent as a special message
-and does not influence the normal data stream (unless its contents results
-in the communication being canceled).
-
-A warning alert is sent, when a non-fatal error condition occurs. The
-"close notify" alert is sent as a warning alert. Other examples for
-non-fatal errors are certificate errors ("certificate expired",
-"unsupported certificate"), for which a warning alert may be sent.
-(The sending party may however decide to send a fatal error.) The
-receiving side may cancel the connection on reception of a warning
-alert on it discretion.
-
-Several alert messages must be sent as fatal alert messages as specified
-by the TLS RFC. A fatal alert always leads to a connection abort.
-
-=head1 RETURN VALUES
-
-The following strings can occur for SSL_alert_type_string() or
-SSL_alert_type_string_long():
-
-=over 4
-
-=item "W"/"warning"
-
-=item "F"/"fatal"
-
-=item "U"/"unknown"
-
-This indicates that no support is available for this alert type.
-Probably B<value> does not contain a correct alert message.
-
-=back
-
-The following strings can occur for SSL_alert_desc_string() or
-SSL_alert_desc_string_long():
-
-=over 4
-
-=item "CN"/"close notify"
-
-The connection shall be closed. This is a warning alert.
-
-=item "UM"/"unexpected message"
-
-An inappropriate message was received. This alert is always fatal
-and should never be observed in communication between proper
-implementations.
-
-=item "BM"/"bad record mac"
-
-This alert is returned if a record is received with an incorrect
-MAC. This message is always fatal.
-
-=item "DF"/"decompression failure"
-
-The decompression function received improper input (e.g. data
-that would expand to excessive length). This message is always
-fatal.
-
-=item "HF"/"handshake failure"
-
-Reception of a handshake_failure alert message indicates that the
-sender was unable to negotiate an acceptable set of security
-parameters given the options available. This is a fatal error.
-
-=item "NC"/"no certificate"
-
-A client, that was asked to send a certificate, does not send a certificate
-(SSLv3 only).
-
-=item "BC"/"bad certificate"
-
-A certificate was corrupt, contained signatures that did not
-verify correctly, etc
-
-=item "UC"/"unsupported certificate"
-
-A certificate was of an unsupported type.
-
-=item "CR"/"certificate revoked"
-
-A certificate was revoked by its signer.
-
-=item "CE"/"certificate expired"
-
-A certificate has expired or is not currently valid.
-
-=item "CU"/"certificate unknown"
-
-Some other (unspecified) issue arose in processing the
-certificate, rendering it unacceptable.
-
-=item "IP"/"illegal parameter"
-
-A field in the handshake was out of range or inconsistent with
-other fields. This is always fatal.
-
-=item "DC"/"decryption failed"
-
-A TLSCiphertext decrypted in an invalid way: either it wasn't an
-even multiple of the block length or its padding values, when
-checked, weren't correct. This message is always fatal.
-
-=item "RO"/"record overflow"
-
-A TLSCiphertext record was received which had a length more than
-2^14+2048 bytes, or a record decrypted to a TLSCompressed record
-with more than 2^14+1024 bytes. This message is always fatal.
-
-=item "CA"/"unknown CA"
-
-A valid certificate chain or partial chain was received, but the
-certificate was not accepted because the CA certificate could not
-be located or couldn't be matched with a known, trusted CA.  This
-message is always fatal.
-
-=item "AD"/"access denied"
-
-A valid certificate was received, but when access control was
-applied, the sender decided not to proceed with negotiation.
-This message is always fatal.
-
-=item "DE"/"decode error"
-
-A message could not be decoded because some field was out of the
-specified range or the length of the message was incorrect. This
-message is always fatal.
-
-=item "CY"/"decrypt error"
-
-A handshake cryptographic operation failed, including being
-unable to correctly verify a signature, decrypt a key exchange,
-or validate a finished message.
-
-=item "ER"/"export restriction"
-
-A negotiation not in compliance with export restrictions was
-detected; for example, attempting to transfer a 1024 bit
-ephemeral RSA key for the RSA_EXPORT handshake method. This
-message is always fatal.
-
-=item "PV"/"protocol version"
-
-The protocol version the client has attempted to negotiate is
-recognized, but not supported. (For example, old protocol
-versions might be avoided for security reasons). This message is
-always fatal.
-
-=item "IS"/"insufficient security"
-
-Returned instead of handshake_failure when a negotiation has
-failed specifically because the server requires ciphers more
-secure than those supported by the client. This message is always
-fatal.
-
-=item "IE"/"internal error"
-
-An internal error unrelated to the peer or the correctness of the
-protocol makes it impossible to continue (such as a memory
-allocation failure). This message is always fatal.
-
-=item "US"/"user canceled"
-
-This handshake is being canceled for some reason unrelated to a
-protocol failure. If the user cancels an operation after the
-handshake is complete, just closing the connection by sending a
-close_notify is more appropriate. This alert should be followed
-by a close_notify. This message is generally a warning.
-
-=item "NR"/"no renegotiation"
-
-Sent by the client in response to a hello request or by the
-server in response to a client hello after initial handshaking.
-Either of these would normally lead to renegotiation; when that
-is not appropriate, the recipient should respond with this alert;
-at that point, the original requester can decide whether to
-proceed with the connection. One case where this would be
-appropriate would be where a server has spawned a process to
-satisfy a request; the process might receive security parameters
-(key length, authentication, etc.) at startup and it might be
-difficult to communicate changes to these parameters after that
-point. This message is always a warning.
-
-=item "UK"/"unknown"
-
-This indicates that no description is available for this alert type.
-Probably B<value> does not contain a correct alert message.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_clear.pod b/crypto/openssl/doc/ssl/SSL_clear.pod
deleted file mode 100644
index 8e077e31c9a8..000000000000
--- a/crypto/openssl/doc/ssl/SSL_clear.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_clear - reset SSL object to allow another connection
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_clear(SSL *ssl);
-
-=head1 DESCRIPTION
-
-Reset B<ssl> to allow another connection. All settings (method, ciphers,
-BIOs) are kept.
-
-=head1 NOTES
-
-SSL_clear is used to prepare an SSL object for a new connection. While all
-settings are kept, a side effect is the handling of the current SSL session.
-If a session is still B<open>, it is considered bad and will be removed
-from the session cache, as required by RFC2246. A session is considered open,
-if L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
-or at least L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was used to
-set the SSL_SENT_SHUTDOWN state.
-
-If a session was closed cleanly, the session object will be kept and all
-settings corresponding. This explicitly means, that e.g. the special method
-used during the session will be kept for the next handshake. So if the
-session was a TLSv1 session, a SSL client object will use a TLSv1 client
-method for the next handshake and a SSL server object will use a TLSv1
-server method, even if SSLv23_*_methods were chosen on startup. This
-will might lead to connection failures (see L<SSL_new(3)|SSL_new(3)>)
-for a description of the method's properties.
-
-=head1 WARNINGS
-
-SSL_clear() resets the SSL object to allow for another connection. The
-reset operation however keeps several settings of the last sessions
-(some of these settings were made automatically during the last
-handshake). It only makes sense when opening a new session (or reusing
-an old one) with the same peer that shares these settings.
-SSL_clear() is not a short form for the sequence
-L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>; .
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 0
-
-The SSL_clear() operation could not be performed. Check the error stack to
-find out the reason.
-
-=item 1
-
-The SSL_clear() operation was successful.
-
-=back
-
-L<SSL_new(3)|SSL_new(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_connect.pod b/crypto/openssl/doc/ssl/SSL_connect.pod
deleted file mode 100644
index 8426310c0d26..000000000000
--- a/crypto/openssl/doc/ssl/SSL_connect.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_connect(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_connect() initiates the TLS/SSL handshake with a server. The communication
-channel must already have been set and assigned to the B<ssl> by setting an
-underlying B<BIO>.
-
-=head1 NOTES
-
-The behaviour of SSL_connect() depends on the underlying BIO. 
-
-If the underlying BIO is B<blocking>, SSL_connect() will only return once the
-handshake has been finished or an error occurred.
-
-If the underlying BIO is B<non-blocking>, SSL_connect() will also return
-when the underlying BIO could not satisfy the needs of SSL_connect()
-to continue the handshake. In this case a call to SSL_get_error() with the
-return value of SSL_connect() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
-taking appropriate action to satisfy the needs of SSL_connect().
-The action depends on the underlying BIO. When using a non-blocking socket,
-nothing is to be done, but select() can be used to check for the required
-condition. When using a buffering BIO, like a BIO pair, data must be written
-into or retrieved out of the BIO before being able to continue.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 1
-
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
-
-=item 0
-
-The TLS/SSL handshake was not successful but was shut down controlled and
-by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
-
-=item E<lt>0
-
-The TLS/SSL handshake was not successful, because a fatal error occurred either
-at the protocol level or a connection failure occurred. The shutdown was
-not clean. It can also occur of action is need to continue the operation
-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
-to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_do_handshake.pod b/crypto/openssl/doc/ssl/SSL_do_handshake.pod
deleted file mode 100644
index 243576451b7f..000000000000
--- a/crypto/openssl/doc/ssl/SSL_do_handshake.pod
+++ /dev/null
@@ -1,75 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_do_handshake - perform a TLS/SSL handshake
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_do_handshake(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the
-connection is in client mode, the handshake will be started. The handshake
-routines may have to be explicitly set in advance using either
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or
-L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
-
-=head1 NOTES
-
-The behaviour of SSL_do_handshake() depends on the underlying BIO.
-
-If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
-once the handshake has been finished or an error occurred, except for SGC
-(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1,
-but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and
-SSL_do_handshake() should be called again.
-
-If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
-when the underlying BIO could not satisfy the needs of SSL_do_handshake()
-to continue the handshake. In this case a call to SSL_get_error() with the
-return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
-taking appropriate action to satisfy the needs of SSL_do_handshake().
-The action depends on the underlying BIO. When using a non-blocking socket,
-nothing is to be done, but select() can be used to check for the required
-condition. When using a buffering BIO, like a BIO pair, data must be written
-into or retrieved out of the BIO before being able to continue.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 1
-
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
-
-=item 0
-
-The TLS/SSL handshake was not successful but was shut down controlled and
-by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
-
-=item E<lt>0
-
-The TLS/SSL handshake was not successful because a fatal error occurred either
-at the protocol level or a connection failure occurred. The shutdown was
-not clean. It can also occur of action is need to continue the operation
-for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
-to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_free.pod b/crypto/openssl/doc/ssl/SSL_free.pod
deleted file mode 100644
index 2d4f8b6168b3..000000000000
--- a/crypto/openssl/doc/ssl/SSL_free.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_free - free an allocated SSL structure
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_free(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_free() decrements the reference count of B<ssl>, and removes the SSL
-structure pointed to by B<ssl> and frees up the allocated memory if the
-the reference count has reached 0.
-
-=head1 NOTES
-
-SSL_free() also calls the free()ing procedures for indirectly affected items, if
-applicable: the buffering BIO, the read and write BIOs,
-cipher lists specially created for this B<ssl>, the B<SSL_SESSION>.
-Do not explicitly free these indirectly freed up items before or after
-calling SSL_free(), as trying to free things twice may lead to program
-failure.
-
-The ssl session has reference counts from two users: the SSL object, for
-which the reference count is removed by SSL_free() and the internal
-session cache. If the session is considered bad, because
-L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
-and L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was not used to set the
-SSL_SENT_SHUTDOWN state, the session will also be removed
-from the session cache as required by RFC2246.
-
-=head1 RETURN VALUES
-
-SSL_free() does not provide diagnostic information.
-
-L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod b/crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod
deleted file mode 100644
index 52d0227b193d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod
+++ /dev/null
@@ -1,26 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which
-B<ssl> was created with L<SSL_new(3)|SSL_new(3)>.
-
-=head1 RETURN VALUES
-
-The pointer to the SSL_CTX object is returned.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_ciphers.pod b/crypto/openssl/doc/ssl/SSL_get_ciphers.pod
deleted file mode 100644
index 2a57455c235d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_ciphers.pod
+++ /dev/null
@@ -1,42 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *ssl);
- const char *SSL_get_cipher_list(SSL *ssl, int priority);
-
-=head1 DESCRIPTION
-
-SSL_get_ciphers() returns the stack of available SSL_CIPHERs for B<ssl>,
-sorted by preference. If B<ssl> is NULL or no ciphers are available, NULL
-is returned.
-
-SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER
-listed for B<ssl> with B<priority>. If B<ssl> is NULL, no ciphers are
-available, or there are less ciphers than B<priority> available, NULL
-is returned.
-
-=head1 NOTES
-
-The details of the ciphers obtained by SSL_get_ciphers() can be obtained using
-the L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> family of functions.
-
-Call SSL_get_cipher_list() with B<priority> starting from 0 to obtain the
-sorted list of available ciphers, until NULL is returned.
-
-=head1 RETURN VALUES
-
-See DESCRIPTION
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_client_CA_list.pod b/crypto/openssl/doc/ssl/SSL_get_client_CA_list.pod
deleted file mode 100644
index 5693fdebb2f1..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_client_CA_list.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
- STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx); 
-
-=head1 DESCRIPTION
-
-SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for
-B<ctx> using L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>.
-
-SSL_get_client_CA_list() returns the list of client CAs explicitly
-set for B<ssl> using SSL_set_client_CA_list() or B<ssl>'s SSL_CTX object with
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, when in
-server mode. In client mode, SSL_get_client_CA_list returns the list of
-client CAs sent from the server, if any.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_client_CA_list() and SSL_set_client_CA_list() do not return
-diagnostic information.
-
-SSL_CTX_add_client_CA() and SSL_add_client_CA() have the following return
-values:
-
-=over 4
-
-=item STACK_OF(X509_NAMES)
-
-List of CA names explicitly set (for B<ctx> or in server mode) or send
-by the server (client mode).
-
-=item NULL
-
-No client CA list was explicitly set (for B<ctx> or in server mode) or
-the server did not send a list of CAs (client mode).
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_current_cipher.pod b/crypto/openssl/doc/ssl/SSL_get_current_cipher.pod
deleted file mode 100644
index 2dd7261d89dc..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_current_cipher.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_current_cipher, SSL_get_cipher, SSL_get_cipher_name,
-SSL_get_cipher_bits, SSL_get_cipher_version - get SSL_CIPHER of a connection
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
- #define SSL_get_cipher(s) \
-                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
- #define SSL_get_cipher_name(s) \
-                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
- #define SSL_get_cipher_bits(s,np) \
-                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
- #define SSL_get_cipher_version(s) \
-                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-
-=head1 DESCRIPTION
-
-SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing
-the description of the actually used cipher of a connection established with
-the B<ssl> object.
-
-SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the
-name of the currently used cipher. SSL_get_cipher_bits() is a
-macro to obtain the number of secret/algorithm bits used and 
-SSL_get_cipher_version() returns the protocol name.
-See L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> for more details.
-
-=head1 RETURN VALUES
-
-SSL_get_current_cipher() returns the cipher actually used or NULL, when
-no session has been established.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_default_timeout.pod b/crypto/openssl/doc/ssl/SSL_get_default_timeout.pod
deleted file mode 100644
index 8d43b31345df..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_default_timeout.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_default_timeout - get default session timeout value
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_get_default_timeout(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_default_timeout() returns the default timeout value assigned to
-SSL_SESSION objects negotiated for the protocol valid for B<ssl>.
-
-=head1 NOTES
-
-Whenever a new session is negotiated, it is assigned a timeout value,
-after which it will not be accepted for session reuse. If the timeout
-value was not explicitly set using
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default
-timeout for the protocol will be used.
-
-SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
-for all currently supported protocols (SSLv2, SSLv3, and TLSv1).
-
-=head1 RETURN VALUES
-
-See description.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_error.pod b/crypto/openssl/doc/ssl/SSL_get_error.pod
deleted file mode 100644
index fe28dd942aee..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_error.pod
+++ /dev/null
@@ -1,114 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_error - obtain result code for TLS/SSL I/O operation
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_get_error(SSL *ssl, int ret);
-
-=head1 DESCRIPTION
-
-SSL_get_error() returns a result code (suitable for the C "switch"
-statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(),
-SSL_read(), SSL_peek(), or SSL_write() on B<ssl>.  The value returned by
-that TLS/SSL I/O function must be passed to SSL_get_error() in parameter
-B<ret>.
-
-In addition to B<ssl> and B<ret>, SSL_get_error() inspects the
-current thread's OpenSSL error queue.  Thus, SSL_get_error() must be
-used in the same thread that performed the TLS/SSL I/O operation, and no
-other OpenSSL function calls should appear in between.  The current
-thread's error queue must be empty before the TLS/SSL I/O operation is
-attempted, or SSL_get_error() will not work reliably.
-
-=head1 RETURN VALUES
-
-The following return values can currently occur:
-
-=over 4
-
-=item SSL_ERROR_NONE
-
-The TLS/SSL I/O operation completed.  This result code is returned
-if and only if B<ret E<gt> 0>.
-
-=item SSL_ERROR_ZERO_RETURN
-
-The TLS/SSL connection has been closed.  If the protocol version is SSL 3.0
-or TLS 1.0, this result code is returned only if a closure
-alert has occurred in the protocol, i.e. if the connection has been
-closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
-does not necessarily indicate that the underlying transport
-has been closed.
-
-=item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
-
-The operation did not complete; the same TLS/SSL I/O function should be
-called again later.  If, by then, the underlying B<BIO> has data
-available for reading (if the result code is B<SSL_ERROR_WANT_READ>)
-or allows writing data (B<SSL_ERROR_WANT_WRITE>), then some TLS/SSL
-protocol progress will take place, i.e. at least part of an TLS/SSL
-record will be read or written.  Note that the retry may again lead to
-a B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE> condition.
-There is no fixed upper limit for the number of iterations that
-may be necessary until progress becomes visible at application
-protocol level.
-
-For socket B<BIO>s (e.g. when SSL_set_fd() was used), select() or
-poll() on the underlying socket can be used to find out when the
-TLS/SSL I/O function should be retried.
-
-Caveat: Any TLS/SSL I/O function can lead to either of
-B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>.  In particular,
-SSL_read() or SSL_peek() may want to write data and SSL_write() may want
-to read data.  This is mainly because TLS/SSL handshakes may occur at any
-time during the protocol (initiated by either the client or the server);
-SSL_read(), SSL_peek(), and SSL_write() will handle any pending handshakes.
-
-=item SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT
-
-The operation did not complete; the same TLS/SSL I/O function should be
-called again later. The underlying BIO was not connected yet to the peer
-and the call would block in connect()/accept(). The SSL function should be
-called again when the connection is established. These messages can only
-appear with a BIO_s_connect() or BIO_s_accept() BIO, respectively.
-In order to find out, when the connection has been successfully established,
-on many platforms select() or poll() for writing on the socket file descriptor
-can be used.
-
-=item SSL_ERROR_WANT_X509_LOOKUP
-
-The operation did not complete because an application callback set by
-SSL_CTX_set_client_cert_cb() has asked to be called again.
-The TLS/SSL I/O function should be called again later.
-Details depend on the application.
-
-=item SSL_ERROR_SYSCALL
-
-Some I/O error occurred.  The OpenSSL error queue may contain more
-information on the error.  If the error queue is empty
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
-about the error: If B<ret == 0>, an EOF was observed that violates
-the protocol.  If B<ret == -1>, the underlying B<BIO> reported an
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
-
-=item SSL_ERROR_SSL
-
-A failure in the SSL library occurred, usually a protocol error.  The
-OpenSSL error queue contains more information on the error.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
-
-=head1 HISTORY
-
-SSL_get_error() was added in SSLeay 0.8.
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/crypto/openssl/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
deleted file mode 100644
index 165c6a5b2cae..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
+++ /dev/null
@@ -1,61 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_ex_data_X509_STORE_CTX_idx - get ex_data index to access SSL structure
-from X509_STORE_CTX
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_get_ex_data_X509_STORE_CTX_idx(void);
-
-=head1 DESCRIPTION
-
-SSL_get_ex_data_X509_STORE_CTX_idx() returns the index number under which
-the pointer to the SSL object is stored into the X509_STORE_CTX object.
-
-=head1 NOTES
-
-Whenever a X509_STORE_CTX object is created for the verification of the
-peers certificate during a handshake, a pointer to the SSL object is
-stored into the X509_STORE_CTX object to identify the connection affected.
-To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can
-be used with the correct index. This index is globally the same for all
-X509_STORE_CTX objects and can be retrieved using
-SSL_get_ex_data_X509_STORE_CTX_idx(). The index value is set when
-SSL_get_ex_data_X509_STORE_CTX_idx() is first called either by the application
-program directly or indirectly during other SSL setup functions or during
-the handshake.
-
-The value depends on other index values defined for X509_STORE_CTX objects
-before the SSL index is created.
-
-=head1 RETURN VALUES
-
-=over 4
-
-=item E<gt>=0
-
-The index value to access the pointer.
-
-=item E<lt>0
-
-An error occurred, check the error stack for a detailed error message.
-
-=back
-
-=head1 EXAMPLES
-
-The index returned from SSL_get_ex_data_X509_STORE_CTX_idx() allows to
-access the SSL object for the connection to be accessed during the
-verify_callback() when checking the peers certificate. Please check
-the example in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_ex_new_index.pod b/crypto/openssl/doc/ssl/SSL_get_ex_new_index.pod
deleted file mode 100644
index 6644ef8fbc10..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_ex_new_index.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data - internal application specific data functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_get_ex_new_index(long argl, void *argp,
-                CRYPTO_EX_new *new_func,
-                CRYPTO_EX_dup *dup_func,
-                CRYPTO_EX_free *free_func);
-
- int SSL_set_ex_data(SSL *ssl, int idx, void *arg);
-
- void *SSL_get_ex_data(SSL *ssl, int idx);
-
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-
-SSL_get_ex_new_index() is used to register a new index for application
-specific data.
-
-SSL_set_ex_data() is used to store application data at B<arg> for B<idx> into
-the B<ssl> object.
-
-SSL_get_ex_data() is used to retrieve the information for B<idx> from
-B<ssl>.
-
-A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
-The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
-
-=head1 EXAMPLES
-
-An example on how to use the functionality is included in the example
-verify_callback() in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_fd.pod b/crypto/openssl/doc/ssl/SSL_get_fd.pod
deleted file mode 100644
index a3f76259316f..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_fd.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_fd - get file descriptor linked to an SSL object
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_get_fd(SSL *ssl);
- int SSL_get_rfd(SSL *ssl);
- int SSL_get_wfd(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_fd() returns the file descriptor which is linked to B<ssl>.
-SSL_get_rfd() and SSL_get_wfd() return the file descriptors for the
-read or the write channel, which can be different. If the read and the
-write channel are different, SSL_get_fd() will return the file descriptor
-of the read channel.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item -1
-
-The operation failed, because the underlying BIO is not of the correct type
-(suitable for file descriptors).
-
-=item E<gt>=0
-
-The file descriptor linked to B<ssl>.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_set_fd(3)|SSL_set_fd(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod b/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod
deleted file mode 100644
index 390ce0b41b5c..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod
+++ /dev/null
@@ -1,52 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_peer_cert_chain - get the X509 certificate chain of the peer
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- STACKOF(X509) *SSL_get_peer_cert_chain(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_peer_cert_chain() returns a pointer to STACKOF(X509) certificates
-forming the certificate chain of the peer. If called on the client side,
-the stack also contains the peer's certificate; if called on the server
-side, the peer's certificate must be obtained separately using
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
-If the peer did not present a certificate, NULL is returned.
-
-=head1 NOTES
-
-The peer certificate chain is not necessarily available after reusing
-a session, in which case a NULL pointer is returned.
-
-The reference count of the STACKOF(X509) object is not incremented.
-If the corresponding session is freed, the pointer must not be used
-any longer.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-No certificate was presented by the peer or no connection was established
-or the certificate chain is no longer available when a session is reused.
-
-=item Pointer to a STACKOF(X509)
-
-The return value points to the certificate chain presented by the peer.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_peer_certificate.pod b/crypto/openssl/doc/ssl/SSL_get_peer_certificate.pod
deleted file mode 100644
index 60635a966000..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_peer_certificate.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_peer_certificate - get the X509 certificate of the peer
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- X509 *SSL_get_peer_certificate(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_peer_certificate() returns a pointer to the X509 certificate the
-peer presented. If the peer did not present a certificate, NULL is returned.
-
-=head1 NOTES
-
-Due to the protocol definition, a TLS/SSL server will always send a
-certificate, if present. A client will only send a certificate when
-explicitly requested to do so by the server (see
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
-is used, no certificates are sent.
-
-That a certificate is returned does not indicate information about the
-verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
-to check the verification state.
-
-The reference count of the X509 object is incremented by one, so that it
-will not be destroyed when the session containing the peer certificate is
-freed. The X509 object must be explicitly freed using X509_free().
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-No certificate was presented by the peer or no connection was established.
-
-=item Pointer to an X509 certificate
-
-The return value points to the certificate presented by the peer.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_rbio.pod b/crypto/openssl/doc/ssl/SSL_get_rbio.pod
deleted file mode 100644
index 3d98233cacee..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_rbio.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_rbio - get BIO linked to an SSL object
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- BIO *SSL_get_rbio(SSL *ssl);
- BIO *SSL_get_wbio(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_rbio() and SSL_get_wbio() return pointers to the BIOs for the
-read or the write channel, which can be different. The reference count
-of the BIO is not incremented.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-No BIO was connected to the SSL object
-
-=item Any other pointer
-
-The BIO linked to B<ssl>.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_session.pod b/crypto/openssl/doc/ssl/SSL_get_session.pod
deleted file mode 100644
index dd9aba40b6a4..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_session.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_session - retrieve TLS/SSL session data
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_SESSION *SSL_get_session(SSL *ssl);
- SSL_SESSION *SSL_get0_session(SSL *ssl);
- SSL_SESSION *SSL_get1_session(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_session() returns a pointer to the B<SSL_SESSION> actually used in
-B<ssl>. The reference count of the B<SSL_SESSION> is not incremented, so
-that the pointer can become invalid by other operations.
-
-SSL_get0_session() is the same as SSL_get_session().
-
-SSL_get1_session() is the same as SSL_get_session(), but the reference
-count of the B<SSL_SESSION> is incremented by one.
-
-=head1 NOTES
-
-The ssl session contains all information required to re-establish the
-connection without a new handshake.
-
-SSL_get0_session() returns a pointer to the actual session. As the
-reference counter is not incremented, the pointer is only valid while
-the connection is in use. If L<SSL_clear(3)|SSL_clear(3)> or
-L<SSL_free(3)|SSL_free(3)> is called, the session may be removed completely
-(if considered bad), and the pointer obtained will become invalid. Even
-if the session is valid, it can be removed at any time due to timeout
-during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
-
-If the data is to be kept, SSL_get1_session() will increment the reference
-count, so that the session will not be implicitly removed by other operations
-but stays in memory. In order to remove the session
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
-to decrement the reference count again.
-
-SSL_SESSION objects keep internal link information about the session cache
-list, when being inserted into one SSL_CTX object's session cache.
-One SSL_SESSION object, regardless of its reference count, must therefore
-only be used with one SSL_CTX object (and the SSL objects created
-from this SSL_CTX object).
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-There is no session available in B<ssl>.
-
-=item Pointer to an SSL
-
-The return value points to the data of an SSL session.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_verify_result.pod b/crypto/openssl/doc/ssl/SSL_get_verify_result.pod
deleted file mode 100644
index e6bac9c35a8b..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_verify_result.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_verify_result - get result of peer certificate verification
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- long SSL_get_verify_result(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_verify_result() returns the result of the verification of the
-X509 certificate presented by the peer, if any.
-
-=head1 NOTES
-
-SSL_get_verify_result() can only return one error code while the verification
-of a certificate can fail because of many reasons at the same time. Only
-the last verification error that occurred during the processing is available
-from SSL_get_verify_result().
-
-The verification result is part of the established session and is restored
-when a session is reused.
-
-=head1 BUGS
-
-If no peer certificate was presented, the returned result code is
-X509_V_OK. This is because no verification error occurred, it does however
-not indicate success. SSL_get_verify_result() is only useful in connection
-with L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
-
-=head1 RETURN VALUES
-
-The following return values can currently occur:
-
-=over 4
-
-=item X509_V_OK
-
-The verification succeeded or no peer certificate was presented.
-
-=item Any other value
-
-Documented in L<verify(1)|verify(1)>.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_set_verify_result(3)|SSL_set_verify_result(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<verify(1)|verify(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_get_version.pod b/crypto/openssl/doc/ssl/SSL_get_version.pod
deleted file mode 100644
index 24d52912565d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_get_version.pod
+++ /dev/null
@@ -1,46 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_get_version - get the protocol version of a connection.
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- const char *SSL_get_version(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_get_cipher_version() returns the name of the protocol used for the
-connection B<ssl>.
-
-=head1 RETURN VALUES
-
-The following strings can occur:
-
-=over 4
-
-=item SSLv2
-
-The connection uses the SSLv2 protocol.
-
-=item SSLv3
-
-The connection uses the SSLv3 protocol.
-
-=item TLSv1
-
-The connection uses the TLSv1 protocol.
-
-=item unknown
-
-This indicates that no version has been set (no connection established).
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_library_init.pod b/crypto/openssl/doc/ssl/SSL_library_init.pod
deleted file mode 100644
index ecf3c4858e52..000000000000
--- a/crypto/openssl/doc/ssl/SSL_library_init.pod
+++ /dev/null
@@ -1,52 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms
-- initialize SSL library by registering algorithms
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_library_init(void);
- #define OpenSSL_add_ssl_algorithms()    SSL_library_init()
- #define SSLeay_add_ssl_algorithms()     SSL_library_init()
-
-=head1 DESCRIPTION
-
-SSL_library_init() registers the available ciphers and digests.
-
-OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms
-for SSL_library_init().
-
-=head1 NOTES
-
-SSL_library_init() must be called before any other action takes place.
-
-=head1 WARNING
-
-SSL_library_init() only registers ciphers. Another important initialization
-is the seeding of the PRNG (Pseudo Random Number Generator), which has to
-be performed separately.
-
-=head1 EXAMPLES
-
-A typical TLS/SSL application will start with the library initialization,
-will provide readable error messages and will seed the PRNG.
-
- SSL_load_error_strings();                /* readable error messages */
- SSL_library_init();                      /* initialize library */
- actions_to_seed_PRNG(); 
-
-=head1 RETURN VALUES
-
-SSL_library_init() always returns "1", so it is safe to discard the return
-value.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>,
-L<RAND_add(3)|RAND_add(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_load_client_CA_file.pod b/crypto/openssl/doc/ssl/SSL_load_client_CA_file.pod
deleted file mode 100644
index 02527dc2edc8..000000000000
--- a/crypto/openssl/doc/ssl/SSL_load_client_CA_file.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_load_client_CA_file - load certificate names from file
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-
-=head1 DESCRIPTION
-
-SSL_load_client_CA_file() reads certificates from B<file> and returns
-a STACK_OF(X509_NAME) with the subject names found.
-
-=head1 NOTES
-
-SSL_load_client_CA_file() reads a file of PEM formatted certificates and
-extracts the X509_NAMES of the certificates found. While the name suggests
-the specific usage as support function for
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-it is not limited to CA certificates.
-
-=head1 EXAMPLES
-
-Load names of CAs from file and use it as a client CA list:
-
- SSL_CTX *ctx;
- STACK_OF(X509_NAME) *cert_names;
-
- ... 
- cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
- if (cert_names != NULL)
-   SSL_CTX_set_client_CA_list(ctx, cert_names);
- else
-   error_handling();
- ...
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-The operation failed, check out the error stack for the reason.
-
-=item Pointer to STACK_OF(X509_NAME)
-
-Pointer to the subject names of the successfully read certificates.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_new.pod b/crypto/openssl/doc/ssl/SSL_new.pod
deleted file mode 100644
index 25300e978f02..000000000000
--- a/crypto/openssl/doc/ssl/SSL_new.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_new - create a new SSL structure for a connection
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL *SSL_new(SSL_CTX *ctx);
-
-=head1 DESCRIPTION
-
-SSL_new() creates a new B<SSL> structure which is needed to hold the
-data for a TLS/SSL connection. The new structure inherits the settings
-of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1),
-options, verification settings, timeout settings.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item NULL
-
-The creation of a new SSL structure failed. Check the error stack to
-find out the reason.
-
-=item Pointer to an SSL structure
-
-The return value points to an allocated SSL structure.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_free(3)|SSL_free(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_pending.pod b/crypto/openssl/doc/ssl/SSL_pending.pod
deleted file mode 100644
index b4c48598b25d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_pending.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_pending - obtain number of readable bytes buffered in an SSL object
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_pending(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_pending() returns the number of bytes which are available inside
-B<ssl> for immediate read.
-
-=head1 NOTES
-
-Data are received in blocks from the peer. Therefore data can be buffered
-inside B<ssl> and are ready for immediate retrieval with
-L<SSL_read(3)|SSL_read(3)>.
-
-=head1 RETURN VALUES
-
-The number of bytes pending is returned.
-
-=head1 BUGS
-
-SSL_pending() takes into account only bytes from the TLS/SSL record
-that is currently being processed (if any).  If the B<SSL> object's
-I<read_ahead> flag is set, additional protocol bytes may have been
-read containing more TLS/SSL records; these are ignored by
-SSL_pending().
-
-Up to OpenSSL 0.9.6, SSL_pending() does not check if the record type
-of pending data is application data.
-
-=head1 SEE ALSO
-
-L<SSL_read(3)|SSL_read(3)>, L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_read.pod b/crypto/openssl/doc/ssl/SSL_read.pod
deleted file mode 100644
index f6c37f77e491..000000000000
--- a/crypto/openssl/doc/ssl/SSL_read.pod
+++ /dev/null
@@ -1,118 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_read - read bytes from a TLS/SSL connection.
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_read(SSL *ssl, void *buf, int num);
-
-=head1 DESCRIPTION
-
-SSL_read() tries to read B<num> bytes from the specified B<ssl> into the
-buffer B<buf>.
-
-=head1 NOTES
-
-If necessary, SSL_read() will negotiate a TLS/SSL session, if
-not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)>. If the
-peer requests a re-negotiation, it will be performed transparently during
-the SSL_read() operation. The behaviour of SSL_read() depends on the
-underlying BIO. 
-
-For the transparent negotiation to succeed, the B<ssl> must have been
-initialized to client or server mode. This is being done by calling
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
-before the first call to an SSL_read() or L<SSL_write(3)|SSL_write(3)>
-function.
-
-SSL_read() works based on the SSL/TLS records. The data are received in
-records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a
-record has been completely received, it can be processed (decryption and
-check of integrity). Therefore data that was not retrieved at the last
-call of SSL_read() can still be buffered inside the SSL layer and will be
-retrieved on the next call to SSL_read(). If B<num> is higher than the
-number of bytes buffered, SSL_read() will return with the bytes buffered.
-If no more bytes are in the buffer, SSL_read() will trigger the processing
-of the next record. Only when the record has been received and processed
-completely, SSL_read() will return reporting success. At most the contents
-of the record will be returned. As the size of an SSL/TLS record may exceed
-the maximum packet size of the underlying transport (e.g. TCP), it may
-be necessary to read several packets from the transport layer before the
-record is complete and SSL_read() can succeed.
-
-If the underlying BIO is B<blocking>, SSL_read() will only return, once the
-read operation has been finished or an error occurred, except when a
-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
-This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
-
-If the underlying BIO is B<non-blocking>, SSL_read() will also return
-when the underlying BIO could not satisfy the needs of SSL_read()
-to continue the operation. In this case a call to
-L<SSL_get_error(3)|SSL_get_error(3)> with the
-return value of SSL_read() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
-call to SSL_read() can also cause write operations! The calling process
-then must repeat the call after taking appropriate action to satisfy the
-needs of SSL_read(). The action depends on the underlying BIO. When using a
-non-blocking socket, nothing is to be done, but select() can be used to check
-for the required condition. When using a buffering BIO, like a BIO pair, data
-must be written into or retrieved out of the BIO before being able to continue.
-
-=head1 WARNING
-
-When an SSL_read() operation has to be repeated because of
-B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
-with the same arguments.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item E<gt>0
-
-The read operation was successful; the return value is the number of
-bytes actually read from the TLS/SSL connection.
-
-=item 0
-
-The read operation was not successful. The reason may either be a clean
-shutdown due to a "close notify" alert sent by the peer (in which case
-the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
-(see L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>). It is also possible, that
-the peer simply shut down the underlying transport and the shutdown is
-incomplete. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
-
-SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
-only be detected, whether the underlying connection was closed. It cannot
-be checked, whether the closure was initiated by the peer or by something
-else.
-
-=item E<lt>0
-
-The read operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_rstate_string.pod b/crypto/openssl/doc/ssl/SSL_rstate_string.pod
deleted file mode 100644
index bdb8a1fcd55f..000000000000
--- a/crypto/openssl/doc/ssl/SSL_rstate_string.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_rstate_string, SSL_rstate_string_long - get textual description of state of an SSL object during read operation
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- const char *SSL_rstate_string(SSL *ssl);
- const char *SSL_rstate_string_long(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_rstate_string() returns a 2 letter string indicating the current read state
-of the SSL object B<ssl>.
-
-SSL_rstate_string_long() returns a string indicating the current read state of
-the SSL object B<ssl>.
-
-=head1 NOTES
-
-When performing a read operation, the SSL/TLS engine must parse the record,
-consisting of header and body. When working in a blocking environment,
-SSL_rstate_string[_long]() should always return "RD"/"read done".
-
-This function should only seldom be needed in applications.
-
-=head1 RETURN VALUES
-
-SSL_rstate_string() and SSL_rstate_string_long() can return the following
-values:
-
-=over 4
-
-=item "RH"/"read header"
-
-The header of the record is being evaluated.
-
-=item "RB"/"read body"
-
-The body of the record is being evaluated.
-
-=item "RD"/"read done"
-
-The record has been completely processed.
-
-=item "unknown"/"unknown"
-
-The read state is unknown. This should never happen.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_session_reused.pod b/crypto/openssl/doc/ssl/SSL_session_reused.pod
deleted file mode 100644
index da7d06264d04..000000000000
--- a/crypto/openssl/doc/ssl/SSL_session_reused.pod
+++ /dev/null
@@ -1,45 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_session_reused - query whether a reused session was negotiated during handshake
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_session_reused(SSL *ssl);
-
-=head1 DESCRIPTION
-
-Query, whether a reused session was negotiated during the handshake.
-
-=head1 NOTES
-
-During the negotiation, a client can propose to reuse a session. The server
-then looks up the session in its cache. If both client and server agree
-on the session, it will be reused and a flag is being set that can be
-queried by the application.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 0
-
-A new session was negotiated.
-
-=item 1
-
-A session was reused.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_bio.pod b/crypto/openssl/doc/ssl/SSL_set_bio.pod
deleted file mode 100644
index 67c9756d3fe5..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_bio.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_bio - connect the SSL object with a BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
-
-=head1 DESCRIPTION
-
-SSL_set_bio() connects the BIOs B<rbio> and B<wbio> for the read and write
-operations of the TLS/SSL (encrypted) side of B<ssl>.
-
-The SSL engine inherits the behaviour of B<rbio> and B<wbio>, respectively.
-If a BIO is non-blocking, the B<ssl> will also have non-blocking behaviour.
-
-If there was already a BIO connected to B<ssl>, BIO_free() will be called
-(for both the reading and writing side, if different).
-
-=head1 RETURN VALUES
-
-SSL_set_bio() cannot fail.
-
-=head1 SEE ALSO
-
-L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_connect_state.pod b/crypto/openssl/doc/ssl/SSL_set_connect_state.pod
deleted file mode 100644
index d88a057deffa..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_connect_state.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_connect_state, SSL_get_accept_state - prepare SSL object to work in client or server mode
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_set_connect_state(SSL *ssl);
-
- void SSL_set_accept_state(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_set_connect_state() sets B<ssl> to work in client mode.
-
-SSL_set_accept_state() sets B<ssl> to work in server mode.
-
-=head1 NOTES
-
-When the SSL_CTX object was created with L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-it was either assigned a dedicated client method, a dedicated server
-method, or a generic method, that can be used for both client and
-server connections. (The method might have been changed with
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)> or
-SSL_set_ssl_method().)
-
-When beginning a new handshake, the SSL engine must know whether it must
-call the connect (client) or accept (server) routines. Even though it may
-be clear from the method chosen, whether client or server mode was
-requested, the handshake routines must be explicitly set.
-
-When using the L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)> routines, the correct handshake
-routines are automatically set. When performing a transparent negotiation
-using L<SSL_write(3)|SSL_write(3)> or L<SSL_read(3)|SSL_read(3)>, the
-handshake routines must be explicitly set in advance using either
-SSL_set_connect_state() or SSL_set_accept_state().
-
-=head1 RETURN VALUES
-
-SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic
-information.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_fd.pod b/crypto/openssl/doc/ssl/SSL_set_fd.pod
deleted file mode 100644
index 70291128fcec..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_fd.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_fd - connect the SSL object with a file descriptor
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_set_fd(SSL *ssl, int fd);
- int SSL_set_rfd(SSL *ssl, int fd);
- int SSL_set_wfd(SSL *ssl, int fd);
-
-=head1 DESCRIPTION
-
-SSL_set_fd() sets the file descriptor B<fd> as the input/output facility
-for the TLS/SSL (encrypted) side of B<ssl>. B<fd> will typically be the
-socket file descriptor of a network connection.
-
-When performing the operation, a B<socket BIO> is automatically created to
-interface between the B<ssl> and B<fd>. The BIO and hence the SSL engine
-inherit the behaviour of B<fd>. If B<fd> is non-blocking, the B<ssl> will
-also have non-blocking behaviour.
-
-If there was already a BIO connected to B<ssl>, BIO_free() will be called
-(for both the reading and writing side, if different).
-
-SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only
-for the read channel or the write channel, which can be set independently.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 0
-
-The operation failed. Check the error stack to find out why.
-
-=item 1
-
-The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_fd(3)|SSL_get_fd(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_session.pod b/crypto/openssl/doc/ssl/SSL_set_session.pod
deleted file mode 100644
index 5f54714ad86a..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_session.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_session - set a TLS/SSL session to be used during TLS/SSL connect
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_set_session(SSL *ssl, SSL_SESSION *session);
-
-=head1 DESCRIPTION
-
-SSL_set_session() sets B<session> to be used when the TLS/SSL connection
-is to be established. SSL_set_session() is only useful for TLS/SSL clients.
-When the session is set, the reference count of B<session> is incremented
-by 1. If the session is not reused, the reference count is decremented
-again during SSL_connect(). Whether the session was reused can be queried
-with the L<SSL_session_reused(3)|SSL_session_reused(3)> call.
-
-If there is already a session set inside B<ssl> (because it was set with
-SSL_set_session() before or because the same B<ssl> was already used for
-a connection), SSL_SESSION_free() will be called for that session.
-
-=head1 NOTES
-
-SSL_SESSION objects keep internal link information about the session cache
-list, when being inserted into one SSL_CTX object's session cache.
-One SSL_SESSION object, regardless of its reference count, must therefore
-only be used with one SSL_CTX object (and the SSL objects created
-from this SSL_CTX object).
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 0
-
-The operation failed; check the error stack to find out the reason.
-
-=item 1
-
-The operation succeeded.
-
-=back
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_shutdown.pod b/crypto/openssl/doc/ssl/SSL_set_shutdown.pod
deleted file mode 100644
index 6289e635d96d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_shutdown.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_set_shutdown(SSL *ssl, int mode);
-
- int SSL_get_shutdown(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>.
-
-SSL_get_shutdown() returns the shutdown mode of B<ssl>.
-
-=head1 NOTES
-
-The shutdown state of an ssl connection is a bitmask of:
-
-=over 4
-
-=item 0
-
-No shutdown setting, yet.
-
-=item SSL_SENT_SHUTDOWN
-
-A "close notify" shutdown alert was sent to the peer, the connection is being
-considered closed and the session is closed and correct.
-
-=item SSL_RECEIVED_SHUTDOWN
-
-A shutdown alert was received form the peer, either a normal "close notify"
-or a fatal error.
-
-=back
-
-SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.
-
-The shutdown state of the connection is used to determine the state of
-the ssl session. If the session is still open, when
-L<SSL_clear(3)|SSL_clear(3)> or L<SSL_free(3)|SSL_free(3)> is called,
-it is considered bad and removed according to RFC2246.
-The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
-(according to the TLS RFC, it is acceptable to only send the "close notify"
-alert but to not wait for the peer's answer, when the underlying connection
-is closed).
-SSL_set_shutdown() can be used to set this state without sending a
-close alert to the peer (see L<SSL_shutdown(3)|SSL_shutdown(3)>).
-
-If a "close notify" was received, SSL_RECEIVED_SHUTDOWN will be set,
-for setting SSL_SENT_SHUTDOWN the application must however still call
-L<SSL_shutdown(3)|SSL_shutdown(3)> or SSL_set_shutdown() itself.
-
-=head1 RETURN VALUES
-
-SSL_set_shutdown() does not return diagnostic information.
-
-SSL_get_shutdown() returns the current setting.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_set_verify_result.pod b/crypto/openssl/doc/ssl/SSL_set_verify_result.pod
deleted file mode 100644
index 04ab101aad2e..000000000000
--- a/crypto/openssl/doc/ssl/SSL_set_verify_result.pod
+++ /dev/null
@@ -1,38 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_set_verify_result - override result of peer certificate verification
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- void SSL_set_verify_result(SSL *ssl, long verify_result);
-
-=head1 DESCRIPTION
-
-SSL_set_verify_result() sets B<verify_result> of the object B<ssl> to be the
-result of the verification of the X509 certificate presented by the peer,
-if any.
-
-=head1 NOTES
-
-SSL_set_verify_result() overrides the verification result. It only changes
-the verification result of the B<ssl> object. It does not become part of the
-established session, so if the session is to be reused later, the original
-value will reappear.
-
-The valid codes for B<verify_result> are documented in L<verify(1)|verify(1)>.
-
-=head1 RETURN VALUES
-
-SSL_set_verify_result() does not provide a return value.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<verify(1)|verify(1)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_shutdown.pod b/crypto/openssl/doc/ssl/SSL_shutdown.pod
deleted file mode 100644
index 6b5012be7a8d..000000000000
--- a/crypto/openssl/doc/ssl/SSL_shutdown.pod
+++ /dev/null
@@ -1,125 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_shutdown - shut down a TLS/SSL connection
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_shutdown(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_shutdown() shuts down an active TLS/SSL connection. It sends the 
-"close notify" shutdown alert to the peer.
-
-=head1 NOTES
-
-SSL_shutdown() tries to send the "close notify" shutdown alert to the peer.
-Whether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and
-a currently open session is considered closed and good and will be kept in the
-session cache for further reuse.
-
-The shutdown procedure consists of 2 steps: the sending of the "close notify"
-shutdown alert and the reception of the peer's "close notify" shutdown
-alert. According to the TLS standard, it is acceptable for an application
-to only send its shutdown alert and then close the underlying connection
-without waiting for the peer's response (this way resources can be saved,
-as the process can already terminate or serve another connection).
-When the underlying connection shall be used for more communications, the
-complete shutdown procedure (bidirectional "close notify" alerts) must be
-performed, so that the peers stay synchronized.
-
-SSL_shutdown() supports both uni- and bidirectional shutdown by its 2 step
-behaviour.
-
-=over 4
-
-=item When the application is the first party to send the "close notify"
-alert, SSL_shutdown() will only send the alert and the set the
-SSL_SENT_SHUTDOWN flag (so that the session is considered good and will
-be kept in cache). SSL_shutdown() will then return with 0. If a unidirectional
-shutdown is enough (the underlying connection shall be closed anyway), this
-first call to SSL_shutdown() is sufficient. In order to complete the
-bidirectional shutdown handshake, SSL_shutdown() must be called again.
-The second call will make SSL_shutdown() wait for the peer's "close notify"
-shutdown alert. On success, the second call to SSL_shutdown() will return
-with 1.
-
-=item If the peer already sent the "close notify" alert B<and> it was
-already processed implicitly inside another function
-(L<SSL_read(3)|SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set.
-SSL_shutdown() will send the "close notify" alert, set the SSL_SENT_SHUTDOWN
-flag and will immediately return with 1.
-Whether SSL_RECEIVED_SHUTDOWN is already set can be checked using the
-SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call.
-
-=back
-
-It is therefore recommended, to check the return value of SSL_shutdown()
-and call SSL_shutdown() again, if the bidirectional shutdown is not yet
-complete (return value of the first call is 0). As the shutdown is not
-specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
-the first call.
-
-The behaviour of SSL_shutdown() additionally depends on the underlying BIO. 
-
-If the underlying BIO is B<blocking>, SSL_shutdown() will only return once the
-handshake step has been finished or an error occurred.
-
-If the underlying BIO is B<non-blocking>, SSL_shutdown() will also return
-when the underlying BIO could not satisfy the needs of SSL_shutdown()
-to continue the handshake. In this case a call to SSL_get_error() with the
-return value of SSL_shutdown() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
-taking appropriate action to satisfy the needs of SSL_shutdown().
-The action depends on the underlying BIO. When using a non-blocking socket,
-nothing is to be done, but select() can be used to check for the required
-condition. When using a buffering BIO, like a BIO pair, data must be written
-into or retrieved out of the BIO before being able to continue.
-
-SSL_shutdown() can be modified to only set the connection to "shutdown"
-state but not actually send the "close notify" alert messages,
-see L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>.
-When "quiet shutdown" is enabled, SSL_shutdown() will always succeed
-and return 1.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item 1
-
-The shutdown was successfully completed. The "close notify" alert was sent
-and the peer's "close notify" alert was received.
-
-=item 0
-
-The shutdown is not yet finished. Call SSL_shutdown() for a second time,
-if a bidirectional shutdown shall be performed.
-The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
-erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
-
-=item -1
-
-The shutdown was not successful because a fatal error occurred either
-at the protocol level or a connection failure occurred. It can also occur if
-action is need to continue the operation for non-blocking BIOs.
-Call L<SSL_get_error(3)|SSL_get_error(3)> with the return value B<ret>
-to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_state_string.pod b/crypto/openssl/doc/ssl/SSL_state_string.pod
deleted file mode 100644
index b4be1aaa4863..000000000000
--- a/crypto/openssl/doc/ssl/SSL_state_string.pod
+++ /dev/null
@@ -1,45 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_state_string, SSL_state_string_long - get textual description of state of an SSL object
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- const char *SSL_state_string(SSL *ssl);
- const char *SSL_state_string_long(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_state_string() returns a 6 letter string indicating the current state
-of the SSL object B<ssl>.
-
-SSL_state_string_long() returns a string indicating the current state of
-the SSL object B<ssl>.
-
-=head1 NOTES
-
-During its use, an SSL objects passes several states. The state is internally
-maintained. Querying the state information is not very informative before
-or when a connection has been established. It however can be of significant
-interest during the handshake.
-
-When using non-blocking sockets, the function call performing the handshake
-may return with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE condition,
-so that SSL_state_string[_long]() may be called.
-
-For both blocking or non-blocking sockets, the details state information
-can be used within the info_callback function set with the
-SSL_set_info_callback() call.
-
-=head1 RETURN VALUES
-
-Detailed description of possible states to be included later.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_want.pod b/crypto/openssl/doc/ssl/SSL_want.pod
deleted file mode 100644
index 50cc89db80b9..000000000000
--- a/crypto/openssl/doc/ssl/SSL_want.pod
+++ /dev/null
@@ -1,77 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup - obtain state information TLS/SSL I/O operation
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_want(SSL *ssl);
- int SSL_want_nothing(SSL *ssl);
- int SSL_want_read(SSL *ssl);
- int SSL_want_write(SSL *ssl);
- int SSL_want_x509_lookup(SSL *ssl);
-
-=head1 DESCRIPTION
-
-SSL_want() returns state information for the SSL object B<ssl>.
-
-The other SSL_want_*() calls are shortcuts for the possible states returned
-by SSL_want().
-
-=head1 NOTES
-
-SSL_want() examines the internal state information of the SSL object. Its
-return values are similar to that of L<SSL_get_error(3)|SSL_get_error(3)>.
-Unlike L<SSL_get_error(3)|SSL_get_error(3)>, which also evaluates the
-error queue, the results are obtained by examining an internal state flag
-only. The information must therefore only be used for normal operation under
-non-blocking I/O. Error conditions are not handled and must be treated
-using L<SSL_get_error(3)|SSL_get_error(3)>.
-
-The result returned by SSL_want() should always be consistent with
-the result of L<SSL_get_error(3)|SSL_get_error(3)>.
-
-=head1 RETURN VALUES
-
-The following return values can currently occur for SSL_want():
-
-=over 4
-
-=item SSL_NOTHING
-
-There is no data to be written or to be read.
-
-=item SSL_WRITING
-
-There are data in the SSL buffer that must be written to the underlying
-B<BIO> layer in order to complete the actual SSL_*() operation.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
-SSL_ERROR_WANT_WRITE.
-
-=item SSL_READING
-
-More data must be read from the underlying B<BIO> layer in order to
-complete the actual SSL_*() operation.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
-SSL_ERROR_WANT_READ.
-
-=item SSL_X509_LOOKUP
-
-The operation did not complete because an application callback set by
-SSL_CTX_set_client_cert_cb() has asked to be called again.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
-SSL_ERROR_WANT_X509_LOOKUP.
-
-=back
-
-SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup()
-return 1, when the corresponding condition is true or 0 otherwise.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/SSL_write.pod b/crypto/openssl/doc/ssl/SSL_write.pod
deleted file mode 100644
index e013c12d5254..000000000000
--- a/crypto/openssl/doc/ssl/SSL_write.pod
+++ /dev/null
@@ -1,109 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_write - write bytes to a TLS/SSL connection.
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- int SSL_write(SSL *ssl, const void *buf, int num);
-
-=head1 DESCRIPTION
-
-SSL_write() writes B<num> bytes from the buffer B<buf> into the specified
-B<ssl> connection.
-
-=head1 NOTES
-
-If necessary, SSL_write() will negotiate a TLS/SSL session, if
-not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)>. If the
-peer requests a re-negotiation, it will be performed transparently during
-the SSL_write() operation. The behaviour of SSL_write() depends on the
-underlying BIO. 
-
-For the transparent negotiation to succeed, the B<ssl> must have been
-initialized to client or server mode. This is being done by calling
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
-before the first call to an L<SSL_read(3)|SSL_read(3)> or SSL_write() function.
-
-If the underlying BIO is B<blocking>, SSL_write() will only return, once the
-write operation has been finished or an error occurred, except when a
-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
-This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
-
-If the underlying BIO is B<non-blocking>, SSL_write() will also return,
-when the underlying BIO could not satisfy the needs of SSL_write()
-to continue the operation. In this case a call to
-L<SSL_get_error(3)|SSL_get_error(3)> with the
-return value of SSL_write() will yield B<SSL_ERROR_WANT_READ> or
-B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
-call to SSL_write() can also cause read operations! The calling process
-then must repeat the call after taking appropriate action to satisfy the
-needs of SSL_write(). The action depends on the underlying BIO. When using a
-non-blocking socket, nothing is to be done, but select() can be used to check
-for the required condition. When using a buffering BIO, like a BIO pair, data
-must be written into or retrieved out of the BIO before being able to continue.
-
-SSL_write() will only return with success, when the complete contents
-of B<buf> of length B<num> has been written. This default behaviour
-can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>. When this flag is set,
-SSL_write() will also return with success, when a partial write has been
-successfully completed. In this case the SSL_write() operation is considered
-completed. The bytes are sent and a new SSL_write() operation with a new
-buffer (with the already sent bytes removed) must be started.
-A partial write is performed with the size of a message block, which is
-16kB for SSLv3/TLSv1.
-
-=head1 WARNING
-
-When an SSL_write() operation has to be repeated because of
-B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
-with the same arguments.
-
-When calling SSL_write() with num=0 bytes to be sent the behaviour is
-undefined.
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item E<gt>0
-
-The write operation was successful, the return value is the number of
-bytes actually written to the TLS/SSL connection.
-
-=item 0
-
-The write operation was not successful. Probably the underlying connection
-was closed. Call SSL_get_error() with the return value B<ret> to find out,
-whether an error occurred or the connection was shut down cleanly
-(SSL_ERROR_ZERO_RETURN).
-
-SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
-only be detected, whether the underlying connection was closed. It cannot
-be checked, why the closure happened.
-
-=item E<lt>0
-
-The write operation was not successful, because either an error occurred
-or action must be taken by the calling process. Call SSL_get_error() with the
-return value B<ret> to find out the reason.
-
-=back
-
-=head1 SEE ALSO
-
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_read(3)|SSL_read(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod b/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod
deleted file mode 100644
index 0321a5a36f2e..000000000000
--- a/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_SSL_SESSION, i2d_SSL_SESSION - convert SSL_SESSION object from/to ASN1 representation
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length);
- int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-d2i_SSL_SESSION() transforms the external ASN1 representation of an SSL/TLS
-session, stored as binary data at location B<pp> with length B<length>, into
-an SSL_SESSION object.
-
-i2d_SSL_SESSION() transforms the SSL_SESSION object B<in> into the ASN1
-representation and stores it into the memory location pointed to by B<pp>.
-The length of the resulting ASN1 representation is returned. If B<pp> is
-the NULL pointer, only the length is calculated and returned.
-
-=head1 NOTES
-
-The SSL_SESSION object is built from several malloc()ed parts, it can
-therefore not be moved, copied or stored directly. In order to store
-session data on disk or into a database, it must be transformed into
-a binary ASN1 representation.
-
-When using d2i_SSL_SESSION(), the SSL_SESSION object is automatically
-allocated. The reference count is 1, so that the session must be
-explicitly removed using L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-unless the SSL_SESSION object is completely taken over, when being called
-inside the get_session_cb() (see
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
-
-SSL_SESSION objects keep internal link information about the session cache
-list, when being inserted into one SSL_CTX object's session cache.
-One SSL_SESSION object, regardless of its reference count, must therefore
-only be used with one SSL_CTX object (and the SSL objects created
-from this SSL_CTX object).
-
-When using i2d_SSL_SESSION(), the memory location pointed to by B<pp> must be
-large enough to hold the binary representation of the session. There is no
-known limit on the size of the created ASN1 representation, so the necessary
-amount of space should be obtained by first calling i2d_SSL_SESSION() with
-B<pp=NULL>, and obtain the size needed, then allocate the memory and
-call i2d_SSL_SESSION() again.
-
-=head1 RETURN VALUES
-
-d2i_SSL_SESSION() returns a pointer to the newly allocated SSL_SESSION
-object. In case of failure the NULL-pointer is returned and the error message
-can be retrieved from the error stack.
-
-i2d_SSL_SESSION() returns the size of the ASN1 representation in bytes.
-When the session is not valid, B<0> is returned and no operation is performed.
-
-=head1 SEE ALSO
-
-L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
-
-=cut
diff --git a/crypto/openssl/doc/ssl/ssl.pod b/crypto/openssl/doc/ssl/ssl.pod
deleted file mode 100644
index 3dc5358ef63f..000000000000
--- a/crypto/openssl/doc/ssl/ssl.pod
+++ /dev/null
@@ -1,736 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-SSL - OpenSSL SSL/TLS library
-
-=head1 SYNOPSIS
-
-=head1 DESCRIPTION
-
-The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
-Transport Layer Security (TLS v1) protocols. It provides a rich API which is
-documented here.
-
-At first the library must be initialized; see
-L<SSL_library_init(3)|SSL_library_init(3)>.
-
-Then an B<SSL_CTX> object is created as a framework to establish
-TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
-Various options regarding certificates, algorithms etc. can be set
-in this object.
-
-When a network connection has been created, it can be assigned to an
-B<SSL> object. After the B<SSL> object has been created using
-L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
-L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
-connection with the object.
-
-Then the TLS/SSL handshake is performed using
-L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
-respectively.
-L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
-to read and write data on the TLS/SSL connection.
-L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
-TLS/SSL connection.
-
-=head1 DATA STRUCTURES
-
-Currently the OpenSSL B<ssl> library functions deals with the following data
-structures:
-
-=over 4
-
-=item B<SSL_METHOD> (SSL Method)
-
-That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
-
-=item B<SSL_CIPHER> (SSL Cipher)
-
-This structure holds the algorithm information for a particular cipher which
-are a core part of the SSL/TLS protocol. The available ciphers are configured
-on a B<SSL_CTX> basis and the actually used ones are then part of the
-B<SSL_SESSION>.
-
-=item B<SSL_CTX> (SSL Context)
-
-That's the global context structure which is created by a server or client
-once per program life-time and which holds mainly default values for the
-B<SSL> structures which are later created for the connections.
-
-=item B<SSL_SESSION> (SSL Session)
-
-This is a structure containing the current TLS/SSL session details for a
-connection: B<SSL_CIPHER>s, client and server certificates, keys, etc.
-
-=item B<SSL> (SSL Connection)
-
-That's the main SSL/TLS structure which is created by a server or client per
-established connection. This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
-links to mostly all other structures.
-
-=back
-
-
-=head1 HEADER FILES
-
-Currently the OpenSSL B<ssl> library provides the following C header files
-containing the prototypes for the data structures and and functions:
-
-=over 4
-
-=item B<ssl.h>
-
-That's the common header file for the SSL/TLS API.  Include it into your
-program to make the API of the B<ssl> library available. It internally
-includes both more private SSL headers and headers from the B<crypto> library.
-Whenever you need hard-core details on the internals of the SSL API, look
-inside this header file.
-
-=item B<ssl2.h>
-
-That's the sub header file dealing with the SSLv2 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl3.h>
-
-That's the sub header file dealing with the SSLv3 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl23.h>
-
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<tls1.h>
-
-That's the sub header file dealing with the TLSv1 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=back
-
-=head1 API FUNCTIONS
-
-Currently the OpenSSL B<ssl> library exports 214 API functions.
-They are documented in the following:
-
-=head2 DEALING WITH PROTOCOL METHODS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol methods defined in B<SSL_METHOD> structures.
-
-=over 4
-
-=item SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
-=item SSL_METHOD *B<SSLv3_client_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<SSLv3_server_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<SSLv3_method>(void);
-
-Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
-
-=item SSL_METHOD *B<TLSv1_client_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
-
-=item SSL_METHOD *B<TLSv1_server_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
-
-=item SSL_METHOD *B<TLSv1_method>(void);
-
-Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
-
-=back
-
-=head2 DEALING WITH CIPHERS
-
-Here we document the various API functions which deal with the SSL/TLS
-ciphers defined in B<SSL_CIPHER> structures.
-
-=over 4
-
-=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len);
-
-Write a string to I<buf> (with a maximum size of I<len>) containing a human
-readable description of I<cipher>. Returns I<buf>.
-
-=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits);
-
-Determine the number of bits in I<cipher>. Because of export crippled ciphers
-there are two bits: The bits the algorithm supports in general (stored to
-I<alg_bits>) and the bits which are actually used (the return value).
-
-=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
-
-Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
-definitions in the header files.
-
-=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
-
-Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
-SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
-in the specification the first time).
-
-=back
-
-=head2 DEALING WITH PROTOCOL CONTEXTS
-
-Here we document the various API functions which deal with the SSL/TLS
-protocol context defined in the B<SSL_CTX> structure.
-
-=over 4
-
-=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x);
-
-=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509);
-
-=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_check_private_key>(SSL_CTX *ctx);
-
-=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
-
-=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t);
-
-=item void B<SSL_CTX_free>(SSL_CTX *a);
-
-=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx);
-
-=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
-
-=item STACK *B<SSL_CTX_get_client_CA_list>(SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-=item char *B<SSL_CTX_get_ex_data>(SSL_CTX *s, int idx);
-
-=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
-
-=item int B<SSL_CTX_get_quiet_shutdown>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
-
-=item long B<SSL_CTX_get_timeout>(SSL_CTX *ctx);
-
-=item int (*B<SSL_CTX_get_verify_callback>(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
-
-=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
-
-=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
-
-=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth);
-
-=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
-
-=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx);
-
-=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);
-
-=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);
-
-=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);
-
-=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
-
-=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
-
-=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));
-
-=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));
-
-=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx);
-
-=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx);
-
-=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg);
-
-=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs);
-
-=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg)
-
-=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str);
-
-=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list);
-
-=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
-
-=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void))
-
-=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m);
-
-=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx);
-
-=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg);
-
-=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));
-
-=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-
-=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg);
-
-=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op);
-
-=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
-
-=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
-
-=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth);
-
-=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
-
-=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
-
-=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
-
-=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa);
-
-=item SSL_CTX_set_tmp_rsa_callback
-
-C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));>
-
-Sets the callback which will be called when a temporary private key is
-required. The B<C<export>> flag will be set if the reason for needing
-a temp key is that an export ciphersuite is in use, in which case,
-B<C<keylength>> will contain the required keylength in bits. Generate a key of
-appropriate size (using ???) and return it.
-
-=item SSL_set_tmp_rsa_callback
-
-long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
-
-The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL
-session instead of a context.
-
-=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
-
-=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
-
-=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
-
-=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
-
-=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
-
-=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
-
-=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
-
-=back
-
-=head2 DEALING WITH SESSIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-sessions defined in the B<SSL_SESSION> structures.
-
-=over 4
-
-=item int B<SSL_SESSION_cmp>(SSL_SESSION *a, SSL_SESSION *b);
-
-=item void B<SSL_SESSION_free>(SSL_SESSION *ss);
-
-=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
-
-=item char *B<SSL_SESSION_get_ex_data>(SSL_SESSION *s, int idx);
-
-=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item long B<SSL_SESSION_get_time>(SSL_SESSION *s);
-
-=item long B<SSL_SESSION_get_timeout>(SSL_SESSION *s);
-
-=item unsigned long B<SSL_SESSION_hash>(SSL_SESSION *a);
-
-=item SSL_SESSION *B<SSL_SESSION_new>(void);
-
-=item int B<SSL_SESSION_print>(BIO *bp, SSL_SESSION *x);
-
-=item int B<SSL_SESSION_print_fp>(FILE *fp, SSL_SESSION *x);
-
-=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
-
-=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg);
-
-=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t);
-
-=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t);
-
-=back
-
-=head2 DEALING WITH CONNECTIONS
-
-Here we document the various API functions which deal with the SSL/TLS
-connection defined in the B<SSL> structure.
-
-=over 4
-
-=item int B<SSL_accept>(SSL *ssl);
-
-=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir);
-
-=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file);
-
-=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x);
-
-=item char *B<SSL_alert_desc_string>(int value);
-
-=item char *B<SSL_alert_desc_string_long>(int value);
-
-=item char *B<SSL_alert_type_string>(int value);
-
-=item char *B<SSL_alert_type_string_long>(int value);
-
-=item int B<SSL_check_private_key>(SSL *ssl);
-
-=item void B<SSL_clear>(SSL *ssl);
-
-=item long B<SSL_clear_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_connect>(SSL *ssl);
-
-=item void B<SSL_copy_session_id>(SSL *t, SSL *f);
-
-=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
-
-=item int B<SSL_do_handshake>(SSL *ssl);
-
-=item SSL *B<SSL_dup>(SSL *ssl);
-
-=item STACK *B<SSL_dup_CA_list>(STACK *sk);
-
-=item void B<SSL_free>(SSL *ssl);
-
-=item SSL_CTX *B<SSL_get_SSL_CTX>(SSL *ssl);
-
-=item char *B<SSL_get_app_data>(SSL *ssl);
-
-=item X509 *B<SSL_get_certificate>(SSL *ssl);
-
-=item const char *B<SSL_get_cipher>(SSL *ssl);
-
-=item int B<SSL_get_cipher_bits>(SSL *ssl, int *alg_bits);
-
-=item char *B<SSL_get_cipher_list>(SSL *ssl, int n);
-
-=item char *B<SSL_get_cipher_name>(SSL *ssl);
-
-=item char *B<SSL_get_cipher_version>(SSL *ssl);
-
-=item STACK *B<SSL_get_ciphers>(SSL *ssl);
-
-=item STACK *B<SSL_get_client_CA_list>(SSL *ssl);
-
-=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
-
-=item long B<SSL_get_default_timeout>(SSL *ssl);
-
-=item int B<SSL_get_error>(SSL *ssl, int i);
-
-=item char *B<SSL_get_ex_data>(SSL *ssl, int idx);
-
-=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
-
-=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
-
-=item int B<SSL_get_fd>(SSL *ssl);
-
-=item void (*B<SSL_get_info_callback>(SSL *ssl);)(void)
-
-=item STACK *B<SSL_get_peer_cert_chain>(SSL *ssl);
-
-=item X509 *B<SSL_get_peer_certificate>(SSL *ssl);
-
-=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
-
-=item int B<SSL_get_quiet_shutdown>(SSL *ssl);
-
-=item BIO *B<SSL_get_rbio>(SSL *ssl);
-
-=item int B<SSL_get_read_ahead>(SSL *ssl);
-
-=item SSL_SESSION *B<SSL_get_session>(SSL *ssl);
-
-=item char *B<SSL_get_shared_ciphers>(SSL *ssl, char *buf, int len);
-
-=item int B<SSL_get_shutdown>(SSL *ssl);
-
-=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
-
-=item int B<SSL_get_state>(SSL *ssl);
-
-=item long B<SSL_get_time>(SSL *ssl);
-
-=item long B<SSL_get_timeout>(SSL *ssl);
-
-=item int (*B<SSL_get_verify_callback>(SSL *ssl);)(void)
-
-=item int B<SSL_get_verify_mode>(SSL *ssl);
-
-=item long B<SSL_get_verify_result>(SSL *ssl);
-
-=item char *B<SSL_get_version>(SSL *ssl);
-
-=item BIO *B<SSL_get_wbio>(SSL *ssl);
-
-=item int B<SSL_in_accept_init>(SSL *ssl);
-
-=item int B<SSL_in_before>(SSL *ssl);
-
-=item int B<SSL_in_connect_init>(SSL *ssl);
-
-=item int B<SSL_in_init>(SSL *ssl);
-
-=item int B<SSL_is_init_finished>(SSL *ssl);
-
-=item STACK *B<SSL_load_client_CA_file>(char *file);
-
-=item void B<SSL_load_error_strings>(void);
-
-=item SSL *B<SSL_new>(SSL_CTX *ctx);
-
-=item long B<SSL_num_renegotiations>(SSL *ssl);
-
-=item int B<SSL_peek>(SSL *ssl, void *buf, int num);
-
-=item int B<SSL_pending>(SSL *ssl);
-
-=item int B<SSL_read>(SSL *ssl, void *buf, int num);
-
-=item int B<SSL_renegotiate>(SSL *ssl);
-
-=item char *B<SSL_rstate_string>(SSL *ssl);
-
-=item char *B<SSL_rstate_string_long>(SSL *ssl);
-
-=item long B<SSL_session_reused>(SSL *ssl);
-
-=item void B<SSL_set_accept_state>(SSL *ssl);
-
-=item void B<SSL_set_app_data>(SSL *ssl, char *arg);
-
-=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio);
-
-=item int B<SSL_set_cipher_list>(SSL *ssl, char *str);
-
-=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list);
-
-=item void B<SSL_set_connect_state>(SSL *ssl);
-
-=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg);
-
-=item int B<SSL_set_fd>(SSL *ssl, int fd);
-
-=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void))
-
-=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-
-=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg);
-
-=item void B<SSL_set_options>(SSL *ssl, unsigned long op);
-
-=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode);
-
-=item void B<SSL_set_read_ahead>(SSL *ssl, int yes);
-
-=item int B<SSL_set_rfd>(SSL *ssl, int fd);
-
-=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session);
-
-=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
-
-=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth);
-
-=item void B<SSL_set_time>(SSL *ssl, long t);
-
-=item void B<SSL_set_timeout>(SSL *ssl, long t);
-
-=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
-
-=item void B<SSL_set_verify_result>(SSL *ssl, long arg);
-
-=item int B<SSL_set_wfd>(SSL *ssl, int fd);
-
-=item int B<SSL_shutdown>(SSL *ssl);
-
-=item int B<SSL_state>(SSL *ssl);
-
-=item char *B<SSL_state_string>(SSL *ssl);
-
-=item char *B<SSL_state_string_long>(SSL *ssl);
-
-=item long B<SSL_total_renegotiations>(SSL *ssl);
-
-=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey);
-
-=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
-
-=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
-
-=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
-
-=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
-
-=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
-
-=item int B<SSL_version>(SSL *ssl);
-
-=item int B<SSL_want>(SSL *ssl);
-
-=item int B<SSL_want_nothing>(SSL *ssl);
-
-=item int B<SSL_want_read>(SSL *ssl);
-
-=item int B<SSL_want_write>(SSL *ssl);
-
-=item int B<SSL_want_x509_lookup>(s);
-
-=item int B<SSL_write>(SSL *ssl, const void *buf, int num);
-
-=back
-
-=head1 SEE ALSO
-
-L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>,
-L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>,
-L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>,
-L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>,
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
-L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
-L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>,
-L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>,
-L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
-L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
-L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
-L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
-L<SSL_get_fd(3)|SSL_get_fd(3)>,
-L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>,
-L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
-L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_get_version(3)|SSL_get_version(3)>,
-L<SSL_library_init(3)|SSL_library_init(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
-L<SSL_new(3)|SSL_new(3)>,
-L<SSL_pending(3)|SSL_pending(3)>,
-L<SSL_read(3)|SSL_read(3)>,
-L<SSL_rstate_string(3)|SSL_rstate_string(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_set_bio(3)|SSL_set_bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_set_fd(3)|SSL_set_fd(3)>,
-L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_state_string(3)|SSL_state_string(3)>,
-L<SSL_want(3)|SSL_want(3)>,
-L<SSL_write(3)|SSL_write(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
-
-=head1 HISTORY
-
-The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
-
-=cut
-
diff --git a/crypto/openssl/doc/ssleay.txt b/crypto/openssl/doc/ssleay.txt
deleted file mode 100644
index c6049d5e53ba..000000000000
--- a/crypto/openssl/doc/ssleay.txt
+++ /dev/null
@@ -1,7030 +0,0 @@
-
-Bundle of old SSLeay documentation files [OBSOLETE!]
-
-*** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
-
-OBSOLETE means that nothing in this document should be trusted.  This
-document is provided mostly for historical purposes (it wasn't even up
-to date at the time SSLeay 0.8.1 was released) and as inspiration.  If
-you copy some snippet of code from this document, please _check_ that
-it really is correct from all points of view.  For example, you can
-check with the other documents in this directory tree, or by comparing
-with relevant parts of the include files.
-
-People have done the mistake of trusting what's written here.  Please
-don't do that.
-
-*** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
-
-
-==== readme ========================================================
-
-This is the old 0.6.6 docuementation.  Most of the cipher stuff is still
-relevent but I'm working (very slowly) on new docuemtation.
-The current version can be found online at
-
-http://www.cryptsoft.com/ssleay/doc
-
-==== API.doc ========================================================
-
-SSL - SSLv2/v3/v23 etc.
-
-BIO - methods and how they plug together
-
-MEM - memory allocation callback
-
-CRYPTO - locking for threads
-
-EVP - Ciphers/Digests/signatures
-
-RSA - methods
-
-X509 - certificate retrieval
-
-X509 - validation
-
-X509 - X509v3 extensions
-
-Objects - adding object identifiers
-
-ASN.1 - parsing
-
-PEM - parsing
-
-==== ssl/readme =====================================================
-
-22 Jun 1996
-This file belongs in ../apps, but I'll leave it here because it deals
-with SSL :-)  It is rather dated but it gives you an idea of how
-things work.
-===
-
-17 Jul 1995
-I have been changing things quite a bit and have not fully updated
-this file, so take what you read with a grain of salt
-eric
-===
-The s_client and s_server programs can be used to test SSL capable
-IP/port addresses and the verification of the X509 certificates in use
-by these services.  I strongly advise having a look at the code to get
-an idea of how to use the authentication under SSLeay.  Any feedback
-on changes and improvements would be greatly accepted.
-
-This file will probably be gibberish unless you have read
-rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
-authentication.
-
-A Brief outline (and examples) how to use them to do so.
-
-NOTE:
-The environment variable SSL_CIPER is used to specify the prefered
-cipher to use, play around with setting it's value to combinations of
-RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
-in a : separated list.
-
-This directory contains 3 X509 certificates which can be used by these programs.
-client.pem: a file containing a certificate and private key to be used
-	by s_client.
-server.pem :a file containing a certificate and private key to be used
-	by s_server.
-eay1024.pem:the certificate used to sign client.pem and server.pem.
-	This would be your CA's certificate.  There is also a link
-	from the file a8556381.0 to eay1024.PEM.  The value a8556381
-	is returned by 'x509 -hash -noout <eay1024.pem' and is the
-	value used by X509 verification routines to 'find' this
-	certificte when search a directory for it.
-	[the above is not true any more, the CA cert is 
-	 ../certs/testca.pem which is signed by ../certs/mincomca.pem]
-
-When testing the s_server, you may get
-bind: Address already in use
-errors.  These indicate the port is still being held by the unix
-kernel and you are going to have to wait for it to let go of it.  If
-this is the case, remember to use the port commands on the s_server and
-s_client to talk on an alternative port.
-
-=====
-s_client.
-This program can be used to connect to any IP/hostname:port that is
-talking SSL.  Once connected, it will attempt to authenticate the
-certificate it was passed and if everything works as expected, a 2
-directional channel will be open.  Any text typed will be sent to the
-other end.  type Q<cr> to exit.  Flags are as follows.
--host arg	: Arg is the host or IP address to connect to.
--port arg	: Arg is the port to connect to (https is 443).
--verify arg	: Turn on authentication of the server certificate.
-		: Arg specifies the 'depth', this will covered below.
--cert arg	: The optional certificate to use.  This certificate
-		: will be returned to the server if the server
-		: requests it for client authentication.
--key arg	: The private key that matches the certificate
-		: specified by the -cert option.  If this is not
-		: specified (but -cert is), the -cert file will be
-		: searched for the Private key.  Both files are
-		: assumed to be in PEM format.
--CApath arg	: When to look for certificates when 'verifying' the
-		: certificate from the server.
--CAfile arg	: A file containing certificates to be used for
-		: 'verifying' the server certificate.
--reconnect	: Once a connection has been made, drop it and
-		: reconnect with same session-id.  This is for testing :-).
-
-The '-verify n' parameter specifies not only to verify the servers
-certificate but to also only take notice of 'n' levels.  The best way
-to explain is to show via examples.
-Given
-s_server -cert server.PEM is running.
-
-s_client
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify error:num=1:unable to get issuer certificate
-	verify return:1
-	CIPHER is CBC-DES-MD5
-What has happened is that the 'SSLeay demo server' certificate's
-issuer ('CA') could not be found but because verify is not on, we
-don't care and the connection has been made anyway.  It is now 'up'
-using CBC-DES-MD5 mode.  This is an unauthenticate secure channel.
-You may not be talking to the right person but the data going to them
-is encrypted.
-
-s_client -verify 0
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify error:num=1:unable to get issuer certificate
-	verify return:1
-	CIPHER is CBC-DES-MD5
-We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
-certificate passed the date and checksum, we are happy to proceed.
-
-s_client -verify 1
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify error:num=1:unable to get issuer certificate
-	verify return:0
-	ERROR
-	verify error:unable to get issuer certificate
-In this case we failed to make the connection because we could not
-authenticate the certificate because we could not find the
-'CA' certificate.
-
-s_client -verify 1 -CAfile eay1024.PEM
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-We loaded the certificates from the file eay1024.PEM.  Everything
-checked out and so we made the connection.
-
-s_client -verify 1 -CApath .
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-We looked in out local directory for issuer certificates and 'found'
-a8556381.0 and so everything is ok.
-
-It is worth noting that 'CA' is a self certified certificate.  If you
-are passed one of these, it will fail to 'verify' at depth 0 because
-we need to lookup the certifier of a certificate from some information
-that we trust and keep locally.
-
-SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
-export SSL_CIPHER
-s_client -verify 10 -CApath . -reconnect
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	drop the connection and reconnect with the same session id
-	CIPHER is CBC3-DES-MD5
-This has done a full connection and then re-estabished it with the
-same session id but a new socket.  No RSA stuff occures on the second
-connection.  Note that we said we would prefer to use CBC3-DES-MD5
-encryption and so, since the server supports it, we are.
-
-=====
-s_server
-This program accepts SSL connections on a specified port
-Once connected, it will estabish an SSL connection and optionaly
-attempt to authenticate the client.  A 2 directional channel will be
-open.  Any text typed will be sent to the other end.  Type Q<cr> to exit.
-Flags are as follows.
--port arg	: Arg is the port to listen on.
--verify arg	: Turn on authentication of the client if they have a
-		: certificate.  Arg specifies the 'depth'.
--Verify arg	: Turn on authentication of the client. If they don't
-		: have a valid certificate, drop the connection.
--cert arg	: The certificate to use.  This certificate
-		: will be passed to the client.  If it is not
-		: specified, it will default to server.PEM
--key arg	: The private key that matches the certificate
-		: specified by the -cert option.  If this is not
-		: specified (but -cert is), the -cert file will be
-		: searched for the Private key.  Both files are
-		: assumed to be in PEM format.  Default is server.PEM
--CApath arg	: When to look for certificates when 'verifying' the
-		: certificate from the client.
--CAfile arg	: A file containing certificates to be used for
-		: 'verifying' the client certificate.
-
-For the following 'demo'  I will specify the s_server command and
-the s_client command and then list the output from the s_server.
-s_server
-s_client
-	CONNECTED
-	CIPHER is CBC-DES-MD5
-Everything up and running
-
-s_server -verify 0
-s_client  
-	CONNECTED
-	CIPHER is CBC-DES-MD5
-Ok since no certificate was returned and we don't care.
-
-s_server -verify 0
-./s_client -cert client.PEM
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
-	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify error:num=1:unable to get issuer certificate
-	verify return:1
-	CIPHER is CBC-DES-MD5
-Ok since we were only verifying to level 0
-
-s_server -verify 4
-s_client -cert client.PEM
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
-	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify error:num=1:unable to get issuer certificate
-	verify return:0
-	ERROR
-	verify error:unable to get issuer certificate
-Bad because we could not authenticate the returned certificate.
-
-s_server -verify 4 -CApath .
-s_client -cert client.PEM
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-Ok because we could authenticate the returned certificate :-).
-
-s_server -Verify 0 -CApath .
-s_client
-	CONNECTED
-	ERROR
-	SSL error:function is:REQUEST_CERTIFICATE
-		 :error is   :client end did not return a certificate
-Error because no certificate returned.
-
-s_server -Verify 4 -CApath .
-s_client -cert client.PEM
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-Full authentication of the client.
-
-So in summary to do full authentication of both ends
-s_server -Verify 9 -CApath .
-s_client -cert client.PEM -CApath . -verify 9
-From the server side
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-From the client side
-	CONNECTED
-	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-	verify return:1
-	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-	verify return:1
-	CIPHER is CBC-DES-MD5
-
-For general probing of the 'internet https' servers for the
-distribution area, run
-s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
-Then enter
-GET /
-and you should be talking to the https server on that host.
-
-www.rsa.com was refusing to respond to connections on 443 when I was
-testing.
-
-have fun :-).
-
-eric
-
-==== a_verify.doc ========================================================
-
-From eay@mincom.com Fri Oct  4 18:29:06 1996
-Received: by orb.mincom.oz.au id AA29080
-  (5.65c/IDA-1.4.4 for eay); Fri, 4 Oct 1996 08:29:07 +1000
-Date: Fri, 4 Oct 1996 08:29:06 +1000 (EST)
-From: Eric Young <eay@mincom.oz.au>
-X-Sender: eay@orb
-To: wplatzer <wplatzer@iaik.tu-graz.ac.at>
-Cc: Eric Young <eay@mincom.oz.au>, SSL Mailing List <ssl-users@mincom.com>
-Subject: Re: Netscape's Public Key
-In-Reply-To: <19961003134837.NTM0049@iaik.tu-graz.ac.at>
-Message-Id: <Pine.SOL.3.91.961004081346.8018K-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Status: RO
-X-Status: 
-
-On Thu, 3 Oct 1996, wplatzer wrote:
-> I get Public Key from Netscape (Gold 3.0b4), but cannot do anything
-> with it... It looks like (asn1parse):
-> 
-> 0:d=0 hl=3 l=180 cons: SEQUENCE
-> 3:d=1 hl=2 l= 96 cons: SEQUENCE
-> 5:d=2 hl=2 l= 92 cons: SEQUENCE
-> 7:d=3 hl=2 l= 13 cons: SEQUENCE
-> 9:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
-> 20:d=4 hl=2 l= 0 prim: NULL
-> 22:d=3 hl=2 l= 75 prim: BIT STRING
-> 99:d=2 hl=2 l= 0 prim: IA5STRING :
-> 101:d=1 hl=2 l= 13 cons: SEQUENCE
-> 103:d=2 hl=2 l= 9 prim: OBJECT :md5withRSAEncryption
-> 114:d=2 hl=2 l= 0 prim: NULL
-> 116:d=1 hl=2 l= 65 prim: BIT STRING
-> 
-> The first BIT STRING is the public key and the second BIT STRING is 
-> the signature.
-> But a public key consists of the public exponent and the modulus. Are 
-> both numbers in the first BIT STRING?
-> Is there a document simply describing this coding stuff (checking 
-> signature, get the public key, etc.)?
-
-Minimal in SSLeay.  If you want to see what the modulus and exponent are,
-try asn1parse -offset 25 -length 75 <key.pem
-asn1parse will currently stuff up on the 'length 75' part (fixed in next 
-release) but it will print the stuff.  If you are after more 
-documentation on ASN.1, have a look at www.rsa.com and get their PKCS 
-documents, most of my initial work on SSLeay was done using them.
-
-As for SSLeay,
-util/crypto.num and util/ssl.num are lists of all exported functions in 
-the library (but not macros :-(.
-
-The ones for extracting public keys from certificates and certificate 
-requests are EVP_PKEY *      X509_REQ_extract_key(X509_REQ *req);
-EVP_PKEY *      X509_extract_key(X509 *x509);
-
-To verify a signature on a signed ASN.1 object
-int X509_verify(X509 *a,EVP_PKEY *key);
-int X509_REQ_verify(X509_REQ *a,EVP_PKEY *key);
-int X509_CRL_verify(X509_CRL *a,EVP_PKEY *key);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a,EVP_PKEY *key);
-
-I should mention that EVP_PKEY can be used to hold a public or a private key,
-since for  things like RSA and DSS, a public key is just a subset of what 
-is stored for the private key.
-
-To sign any of the above structures
-
-int X509_sign(X509 *a,EVP_PKEY *key,EVP_MD *md);
-int X509_REQ_sign(X509_REQ *a,EVP_PKEY *key,EVP_MD *md);
-int X509_CRL_sign(X509_CRL *a,EVP_PKEY *key,EVP_MD *md);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *a,EVP_PKEY *key,EVP_MD *md);
-
-where md is the message digest to sign with.
-
-There are all defined in x509.h and all the _sign and _verify functions are
-actually macros to the ASN1_sign() and ASN1_verify() functions.
-These functions will put the correct algorithm identifiers in the correct 
-places in the structures.
-
-eric
---
-Eric Young                  | BOOL is tri-state according to Bill Gates.
-AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
-
-==== x509 =======================================================
-
-X509_verify()
-X509_sign()
-
-X509_get_version()
-X509_get_serialNumber()
-X509_get_issuer()
-X509_get_subject()
-X509_get_notBefore()
-X509_get_notAfter()
-X509_get_pubkey()
-
-X509_set_version()
-X509_set_serialNumber()
-X509_set_issuer()
-X509_set_subject()
-X509_set_notBefore()
-X509_set_notAfter()
-X509_set_pubkey()
-
-X509_get_extensions()
-X509_set_extensions()
-
-X509_EXTENSIONS_clear()
-X509_EXTENSIONS_retrieve()
-X509_EXTENSIONS_add()
-X509_EXTENSIONS_delete()
-
-==== x509 attribute ================================================
-
-PKCS7
-	STACK of X509_ATTRIBUTES
-		ASN1_OBJECT
-		STACK of ASN1_TYPE
-
-So it is
-
-p7.xa[].obj
-p7.xa[].data[]
-
-get_obj_by_nid(STACK , nid)
-get_num_by_nid(STACK , nid)
-get_data_by_nid(STACK , nid, index)
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
-void		X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
-			int nid, STACK *value);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
-			int nid, STACK *value);
-
-int		X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
-int		X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
-			ASN1_TYPE *value);
-
-ASN1_OBJECT *	X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
-int 		X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
-ASN1_TYPE *	X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
-
-ASN1_TYPE *	X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
-			ASN1_OBJECT *obj);
-
-X509_ATTRIBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
-X509_ATTRIBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
-
-==== x509 v3 ========================================================
-
-The 'new' system.
-
-The X509_EXTENSION_METHOD includes extensions and attributes and/or names. 
-Basically everthing that can be added to an X509 with an OID identifying it.
-
-It operates via 2 methods per object id.
-int a2i_XXX(X509 *x,char *str,int len);
-int i2a_XXX(BIO *bp,X509 *x);
-
-The a2i_XXX function will add the object with a value converted from the
-string into the X509.  Len can be -1 in which case the length is calculated
-via strlen(str).   Applications can always use direct knowledge to load and
-unload the relevent objects themselves.
-
-i2a_XXX will print to the passed BIO, a text representation of the
-relevet object.  Use a memory BIO if you want it printed to a buffer :-).
-
-X509_add_by_NID(X509 *x,int nid,char *str,int len);
-X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
-
-X509_print_by_name(BIO *bp,X509 *x);
-X509_print_by_NID(BIO *bp,X509 *x);
-X509_print_by_OBJ(BIO *bp,X509 *x);
-
-==== verify ========================================================
-
-X509_verify_cert_chain(
-	CERT_STORE *cert_store,
-	STACK /* X509 */ *certs,
-	int *verify_result,
-	int (*verify_error_callback)()
-	char *argument_to_callback, /* SSL */
-
-app_verify_callback(
-	char *app_verify_arg, /* from SSL_CTX */
-	STACK /* X509 */ *certs,
-	int *verify_result,
-	int (*verify_error_callback)()
-	SSL *s,
-
-int X509_verify_cert(
-	CERT_STORE *cert_store,
-	X509 *x509,
-	int *verify_result,
-	int (*verify_error_callback)(),
-	char *arg,
-
-==== apps.doc ========================================================
-
-The applications
-
-Ok, where to begin....
-In the begining, when SSLeay was small (April 1995), there
-were but few applications, they did happily cohabit in
-the one bin directory.  Then over time, they did multiply and grow,
-and they started to look like microsoft software; 500k to print 'hello world'.
-A new approach was needed.  They were coalessed into one 'Monolithic'
-application, ssleay.  This one program is composed of many programs that
-can all be compiled independantly.
-
-ssleay has 3 modes of operation.
-1) If the ssleay binaray has the name of one of its component programs, it
-executes that program and then exits.  This can be achieve by using hard or
-symbolic links, or failing that, just renaming the binary.
-2) If the first argument to ssleay is the name of one of the component
-programs, that program runs that program and then exits.
-3) If there are no arguments, ssleay enters a 'command' mode.  Each line is
-interpreted as a program name plus arguments.  After each 'program' is run,
-ssleay returns to the comand line.
-
-dgst	- message digests
-enc	- encryption and base64 encoding
-
-ans1parse - 'pulls' appart ASN.1 encoded objects like certificates.
-
-dh	- Diffle-Hellman parameter manipulation.
-rsa	- RSA manipulations.
-crl	- Certificate revokion list manipulations
-x509	- X509 cert fiddles, including signing.
-pkcs7	- pkcs7 manipulation, only DER versions right now.
-
-genrsa	- generate an RSA private key.
-gendh	- Generate a set of Diffle-Hellman parameters.
-req	- Generate a PKCS#10 object, a certificate request.
-
-s_client - SSL client program
-s_server - SSL server program
-s_time	 - A SSL protocol timing program
-s_mult	 - Another SSL server, but it multiplexes
-	   connections.
-s_filter - under development
-
-errstr	- Convert SSLeay error numbers to strings.
-ca	- Sign certificate requests, and generate
-	  certificate revokion lists
-crl2pkcs7 - put a crl and certifcates into a pkcs7 object.
-speed	- Benchmark the ciphers.
-verify	- Check certificates
-hashdir - under development
-
-[ there a now a few more options, play with the program to see what they
-  are ]
-
-==== asn1.doc ========================================================
-
-The ASN.1 Routines.
-
-ASN.1 is a specification for how to encode structured 'data' in binary form.
-The approach I have take to the manipulation of structures and their encoding
-into ASN.1 is as follows.
-
-For each distinct structure there are 4 function of the following form
-TYPE *TYPE_new(void);
-void TYPE_free(TYPE *);
-TYPE *d2i_TYPE(TYPE **a,unsigned char **pp,long length);
-long i2d_TYPE(TYPE *a,unsigned char **pp); 	/* CHECK RETURN VALUE */
-
-where TYPE is the type of the 'object'.  The TYPE that have these functions
-can be in one of 2 forms, either the internal C malloc()ed data structure
-or in the DER (a variant of ASN.1 encoding) binary encoding which is just
-an array of unsigned bytes.  The 'i2d' functions converts from the internal
-form to the DER form and the 'd2i' functions convert from the DER form to
-the internal form.
-
-The 'new' function returns a malloc()ed version of the structure with all
-substructures either created or left as NULL pointers.  For 'optional'
-fields, they are normally left as NULL to indicate no value.  For variable
-size sub structures (often 'SET OF' or 'SEQUENCE OF' in ASN.1 syntax) the
-STACK data type is used to hold the values.  Have a read of stack.doc
-and have a look at the relevant header files to see what I mean.  If there
-is an error while malloc()ing the structure, NULL is returned.
-
-The 'free' function will free() all the sub components of a particular
-structure.  If any of those sub components have been 'removed', replace
-them with NULL pointers, the 'free' functions are tolerant of NULL fields.
-
-The 'd2i' function copies a binary representation into a C structure.  It
-operates as follows.  'a' is a pointer to a pointer to
-the structure to populate, 'pp' is a pointer to a pointer to where the DER
-byte string is located and 'length' is the length of the '*pp' data.
-If there are no errors, a pointer to the populated structure is returned.
-If there is an error, NULL is returned.  Errors can occur because of
-malloc() failures but normally they will be due to syntax errors in the DER
-encoded data being parsed. It is also an error if there was an
-attempt to read more that 'length' bytes from '*p'.  If
-everything works correctly, the value in '*p' is updated
-to point at the location just beyond where the DER
-structure was read from.  In this way, chained calls to 'd2i' type
-functions can be made, with the pointer into the 'data' array being
-'walked' along the input byte array.
-Depending on the value passed for 'a', different things will be done.  If
-'a' is NULL, a new structure will be malloc()ed and returned.  If '*a' is
-NULL, a new structure will be malloc()ed and put into '*a' and returned.
-If '*a' is not NULL, the structure in '*a' will be populated, or in the
-case of an error, free()ed and then returned.
-Having these semantics means that a structure
-can call a 'd2i' function to populate a field and if the field is currently
-NULL, the structure will be created.
-
-The 'i2d' function type is used to copy a C structure to a byte array.
-The parameter 'a' is the structure to convert and '*p' is where to put it.
-As for the 'd2i' type structure, 'p' is updated to point after the last
-byte written.  If p is NULL, no data is written.  The function also returns
-the number of bytes written.  Where this becomes useful is that if the
-function is called with a NULL 'p' value, the length is returned.  This can
-then be used to malloc() an array of bytes and then the same function can
-be recalled passing the malloced array to be written to. e.g.
-
-int len;
-unsigned char *bytes,*p;
-len=i2d_X509(x,NULL);	/* get the size of the ASN1 encoding of 'x' */
-if ((bytes=(unsigned char *)malloc(len)) == NULL)
-	goto err;
-p=bytes;
-i2d_X509(x,&p);
-
-Please note that a new variable, 'p' was passed to i2d_X509.  After the
-call to i2d_X509 p has been incremented by len bytes.
-
-Now the reason for this functional organisation is that it allows nested
-structures to be built up by calling these functions as required.  There
-are various macros used to help write the general 'i2d', 'd2i', 'new' and
-'free' functions.  They are discussed in another file and would only be
-used by some-one wanting to add new structures to the library.  As you
-might be able to guess, the process of writing ASN.1 files can be a bit CPU
-expensive for complex structures.  I'm willing to live with this since the
-simpler library code make my life easier and hopefully most programs using
-these routines will have their execution profiles dominated by cipher or
-message digest routines.
-What follows is a list of 'TYPE' values and the corresponding ASN.1
-structure and where it is used.
-
-TYPE			ASN.1
-ASN1_INTEGER		INTEGER
-ASN1_BIT_STRING		BIT STRING
-ASN1_OCTET_STRING	OCTET STRING
-ASN1_OBJECT		OBJECT IDENTIFIER
-ASN1_PRINTABLESTRING	PrintableString
-ASN1_T61STRING		T61String
-ASN1_IA5STRING		IA5String
-ASN1_UTCTIME		UTCTime
-ASN1_TYPE		Any of the above mentioned types plus SEQUENCE and SET
-
-Most of the above mentioned types are actualled stored in the
-ASN1_BIT_STRING type and macros are used to differentiate between them.
-The 3 types used are
-
-typedef struct asn1_object_st
-	{
-	/* both null if a dynamic ASN1_OBJECT, one is
-	 * defined if a 'static' ASN1_OBJECT */
-	char *sn,*ln;
-	int nid;
-	int length;
-	unsigned char *data;
-	} ASN1_OBJECT;
-This is used to store ASN1 OBJECTS.  Read 'objects.doc' for details ono
-routines to manipulate this structure.  'sn' and 'ln' are used to hold text
-strings that represent the object (short name and long or lower case name).
-These are used by the 'OBJ' library.  'nid' is a number used by the OBJ
-library to uniquely identify objects.  The ASN1 routines will populate the
-'length' and 'data' fields which will contain the bit string representing
-the object.
-
-typedef struct asn1_bit_string_st
-	{
-	int length;
-	int type;
-	unsigned char *data;
-	} ASN1_BIT_STRING;
-This structure is used to hold all the other base ASN1 types except for
-ASN1_UTCTIME (which is really just a 'char *').  Length is the number of
-bytes held in data and type is the ASN1 type of the object (there is a list
-in asn1.h).
-
-typedef struct asn1_type_st
-	{
-	int type;
-	union	{
-		char *ptr;
-		ASN1_INTEGER *		integer;
-		ASN1_BIT_STRING *	bit_string;
-		ASN1_OCTET_STRING *	octet_string;
-		ASN1_OBJECT *		object;
-		ASN1_PRINTABLESTRING *	printablestring;
-		ASN1_T61STRING *	t61string;
-		ASN1_IA5STRING *	ia5string;
-		ASN1_UTCTIME *		utctime;
-		ASN1_BIT_STRING *	set;
-		ASN1_BIT_STRING *	sequence;
-		} value;
-	} ASN1_TYPE;
-This structure is used in a few places when 'any' type of object can be
-expected.
-
-X509			Certificate
-X509_CINF		CertificateInfo
-X509_ALGOR		AlgorithmIdentifier
-X509_NAME		Name			
-X509_NAME_ENTRY		A single sub component of the name.
-X509_VAL		Validity
-X509_PUBKEY		SubjectPublicKeyInfo
-The above mentioned types are declared in x509.h. They are all quite
-straight forward except for the X509_NAME/X509_NAME_ENTRY pair.
-A X509_NAME is a STACK (see stack.doc) of X509_NAME_ENTRY's.
-typedef struct X509_name_entry_st
-	{
-	ASN1_OBJECT *object;
-	ASN1_BIT_STRING *value;
-	int set;
-	int size; 	/* temp variable */
-	} X509_NAME_ENTRY;
-The size is a temporary variable used by i2d_NAME and set is the set number
-for the particular NAME_ENTRY.  A X509_NAME is encoded as a sequence of
-sequence of sets.  Normally each set contains only a single item.
-Sometimes it contains more.  Normally throughout this library there will be
-only one item per set.  The set field contains the 'set' that this entry is
-a member of.  So if you have just created a X509_NAME structure and
-populated it with X509_NAME_ENTRYs, you should then traverse the X509_NAME
-(which is just a STACK) and set the 'set/' field to incrementing numbers.
-For more details on why this is done, read the ASN.1 spec for Distinguished
-Names.
-
-X509_REQ		CertificateRequest
-X509_REQ_INFO		CertificateRequestInfo
-These are used to hold certificate requests.
-
-X509_CRL		CertificateRevocationList
-These are used to hold a certificate revocation list
-
-RSAPrivateKey		PrivateKeyInfo
-RSAPublicKey		PublicKeyInfo
-Both these 'function groups' operate on 'RSA' structures (see rsa.doc).
-The difference is that the RSAPublicKey operations only manipulate the m
-and e fields in the RSA structure.
-
-DSAPrivateKey		DSS private key
-DSAPublicKey		DSS public key
-Both these 'function groups' operate on 'DSS' structures (see dsa.doc).
-The difference is that the RSAPublicKey operations only manipulate the 
-XXX fields in the DSA structure.
-
-DHparams		DHParameter
-This is used to hold the p and g value for The Diffie-Hellman operation.
-The function deal with the 'DH' strucure (see dh.doc).
-
-Now all of these function types can be used with several other functions to give
-quite useful set of general manipulation routines.  Normally one would
-not uses these functions directly but use them via macros. 
-
-char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
-'x' is the input structure case to a 'char *', 'i2d' is the 'i2d_TYPE'
-function for the type that 'x' is and d2i is the 'd2i_TYPE' function for the
-type that 'x' is.  As is obvious from the parameters, this function
-duplicates the strucutre by transforming it into the DER form and then
-re-loading it into a new strucutre and returning the new strucutre.  This
-is obviously a bit cpu intensive but when faced with a complex dynamic
-structure this is the simplest programming approach.  There are macros for
-duplicating the major data types but is simple to add extras.
-
-char *ASN1_d2i_fp(char *(*new)(),char *(*d2i)(),FILE *fp,unsigned char **x);
-'x' is a pointer to a pointer of the 'desired type'.  new and d2i are the
-corresponding 'TYPE_new' and 'd2i_TYPE' functions for the type and 'fp' is
-an open file pointer to read from.  This function reads from 'fp' as much
-data as it can and then uses 'd2i' to parse the bytes to load and return
-the parsed strucutre in 'x' (if it was non-NULL) and to actually return the
-strucutre.  The behavior of 'x' is as per all the other d2i functions.
-
-char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
-The 'BIO' is the new IO type being used in SSLeay (see bio.doc).  This
-function is the same as ASN1_d2i_fp() except for the BIO argument.
-ASN1_d2i_fp() actually calls this function.
-
-int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
-'x' is converted to bytes by 'i2d' and then written to 'out'.  ASN1_i2d_fp
-and ASN1_d2i_fp are not really symetric since ASN1_i2d_fp will read all
-available data from the file pointer before parsing a single item while
-ASN1_i2d_fp can be used to write a sequence of data objects.  To read a
-series of objects from a file I would sugest loading the file into a buffer
-and calling the relevent 'd2i' functions.
-
-char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
-This function is the same as ASN1_i2d_fp() except for the BIO argument.
-ASN1_i2d_fp() actually calls this function.
-
-char *	PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
-This function will read the next PEM encoded (base64) object of the same
-type as 'x' (loaded by the d2i function).  'name' is the name that is in
-the '-----BEGIN name-----' that designates the start of that object type.
-If the data is encrypted, 'cb' will be called to prompt for a password.  If
-it is NULL a default function will be used to prompt from the password.
-'x' is delt with as per the standard 'd2i' function interface.  This
-function can be used to read a series of objects from a file.  While any
-data type can be encrypted (see PEM_ASN1_write) only RSA private keys tend
-to be encrypted.
-
-char *	PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *fp,
-	char **x,int (*cb)());
-Same as PEM_ASN1_read() except using a BIO.  This is called by
-PEM_ASN1_read().
-
-int	PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,EVP_CIPHER *enc,
-		unsigned char *kstr,int klen,int (*callback)());
-
-int	PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *fp,
-		char *x,EVP_CIPHER *enc,unsigned char *kstr,int klen,
-		int (*callback)());
-
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
-	ASN1_BIT_STRING *signature, char *data, RSA *rsa, EVP_MD *type);
-int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
-	ASN1_BIT_STRING *signature,char *data, RSA *rsa);
-
-int ASN1_BIT_STRING_cmp(ASN1_BIT_STRING *a, ASN1_BIT_STRING *b);
-ASN1_BIT_STRING *ASN1_BIT_STRING_type_new(int type );
-
-int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
-void ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_dup(ASN1_UTCTIME *a);
-
-ASN1_BIT_STRING *d2i_asn1_print_type(ASN1_BIT_STRING **a,unsigned char **pp,
-		long length,int type);
-
-int		i2d_ASN1_SET(STACK *a, unsigned char **pp,
-			int (*func)(), int ex_tag, int ex_class);
-STACK *		d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
-			char *(*func)(), int ex_tag, int ex_class);
-
-int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *object);
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
-
-/* given a string, return the correct type.  Max is the maximum number
- * of bytes to parse.  It stops parsing when 'max' bytes have been
- * processed or a '\0' is hit */
-int ASN1_PRINTABLE_type(unsigned char *s,int max);
-
-void ASN1_parse(BIO *fp,unsigned char *pp,long len);
-
-int i2d_ASN1_bytes(ASN1_BIT_STRING *a, unsigned char **pp, int tag, int class);
-ASN1_BIT_STRING *d2i_ASN1_bytes(ASN1_OCTET_STRING **a, unsigned char **pp,
-	long length, int Ptag, int Pclass);
-
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
-	int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p,long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length,
-	int tag, int class);
-int ASN1_object_size(int constructed, int length, int tag);
-
-X509 *	X509_get_cert(CERTIFICATE_CTX *ctx,X509_NAME * name,X509 *tmp_x509);
-int  	X509_add_cert(CERTIFICATE_CTX *ctx,X509 *);
-
-char *	X509_cert_verify_error_string(int n);
-int 	X509_add_cert_file(CERTIFICATE_CTX *c,char *file, int type);
-char *	X509_gmtime (char *s, long adj);
-int	X509_add_cert_dir (CERTIFICATE_CTX *c,char *dir, int type);
-int	X509_load_verify_locations (CERTIFICATE_CTX *ctx,
-		char *file_env, char *dir_env);
-int	X509_set_default_verify_paths(CERTIFICATE_CTX *cts);
-X509 *	X509_new_D2i_X509(int len, unsigned char *p);
-char *	X509_get_default_cert_area(void );
-char *	X509_get_default_cert_dir(void );
-char *	X509_get_default_cert_file(void );
-char *	X509_get_default_cert_dir_env(void );
-char *	X509_get_default_cert_file_env(void );
-char *	X509_get_default_private_dir(void );
-X509_REQ *X509_X509_TO_req(X509 *x, RSA *rsa);
-int	X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)()); 
-
-CERTIFICATE_CTX *CERTIFICATE_CTX_new();
-void CERTIFICATE_CTX_free(CERTIFICATE_CTX *c);
-
-void X509_NAME_print(BIO *fp, X509_NAME *name, int obase);
-int		X509_print_fp(FILE *fp,X509 *x);
-int		X509_print(BIO *fp,X509 *x);
-
-X509_INFO *	X509_INFO_new(void);
-void		X509_INFO_free(X509_INFO *a);
-
-char *		X509_NAME_oneline(X509_NAME *a);
-
-#define X509_verify(x,rsa)
-#define X509_REQ_verify(x,rsa)
-#define X509_CRL_verify(x,rsa)
-
-#define X509_sign(x,rsa,md)
-#define X509_REQ_sign(x,rsa,md)
-#define X509_CRL_sign(x,rsa,md)
-
-#define X509_dup(x509)
-#define d2i_X509_fp(fp,x509)
-#define i2d_X509_fp(fp,x509)
-#define d2i_X509_bio(bp,x509)
-#define i2d_X509_bio(bp,x509)
-
-#define X509_CRL_dup(crl)
-#define d2i_X509_CRL_fp(fp,crl)
-#define i2d_X509_CRL_fp(fp,crl)
-#define d2i_X509_CRL_bio(bp,crl)
-#define i2d_X509_CRL_bio(bp,crl)
-
-#define X509_REQ_dup(req)
-#define d2i_X509_REQ_fp(fp,req)
-#define i2d_X509_REQ_fp(fp,req)
-#define d2i_X509_REQ_bio(bp,req)
-#define i2d_X509_REQ_bio(bp,req)
-
-#define RSAPrivateKey_dup(rsa)
-#define d2i_RSAPrivateKey_fp(fp,rsa)
-#define i2d_RSAPrivateKey_fp(fp,rsa)
-#define d2i_RSAPrivateKey_bio(bp,rsa)
-#define i2d_RSAPrivateKey_bio(bp,rsa)
-
-#define X509_NAME_dup(xn)
-#define X509_NAME_ENTRY_dup(ne)
-
-void X509_REQ_print_fp(FILE *fp,X509_REQ *req);
-void X509_REQ_print(BIO *fp,X509_REQ *req);
-
-RSA *X509_REQ_extract_key(X509_REQ *req);
-RSA *X509_extract_key(X509 *x509);
-
-int		X509_issuer_and_serial_cmp(X509 *a, X509 *b);
-unsigned long	X509_issuer_and_serial_hash(X509 *a);
-
-X509_NAME *	X509_get_issuer_name(X509 *a);
-int		X509_issuer_name_cmp(X509 *a, X509 *b);
-unsigned long	X509_issuer_name_hash(X509 *a);
-
-X509_NAME *	X509_get_subject_name(X509 *a);
-int		X509_subject_name_cmp(X509 *a,X509 *b);
-unsigned long	X509_subject_name_hash(X509 *x);
-
-int		X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
-unsigned long	X509_NAME_hash(X509_NAME *x);
-
-
-==== bio.doc ========================================================
-
-BIO Routines
-
-This documentation is rather sparse, you are probably best 
-off looking at the code for specific details.
-
-The BIO library is a IO abstraction that was originally 
-inspired by the need to have callbacks to perform IO to FILE 
-pointers when using Windows 3.1 DLLs.  There are two types 
-of BIO; a source/sink type and a filter type.
-The source/sink methods are as follows:
--	BIO_s_mem()  memory buffer - a read/write byte array that
-	grows until memory runs out :-).
--	BIO_s_file()  FILE pointer - A wrapper around the normal 
-	'FILE *' commands, good for use with stdin/stdout.
--	BIO_s_fd()  File descriptor - A wrapper around file 
-	descriptors, often used with pipes.
--	BIO_s_socket()  Socket - Used around sockets.  It is 
-	mostly in the Microsoft world that sockets are different 
-	from file descriptors and there are all those ugly winsock 
-	commands.
--	BIO_s_null()  Null - read nothing and write nothing.; a 
-	useful endpoint for filter type BIO's specifically things 
-	like the message digest BIO.
-
-The filter types are
--	BIO_f_buffer()  IO buffering - does output buffering into 
-	larger chunks and performs input buffering to allow gets() 
-	type functions.
--	BIO_f_md()  Message digest - a transparent filter that can 
-	be asked to return a message digest for the data that has 
-	passed through it.
--	BIO_f_cipher()  Encrypt or decrypt all data passing 
-	through the filter.
--	BIO_f_base64()  Base64 decode on read and encode on write.
--	BIO_f_ssl()  A filter that performs SSL encryption on the 
-	data sent through it.
-
-Base BIO functions.
-The BIO library has a set of base functions that are 
-implemented for each particular type.  Filter BIOs will 
-normally call the equivalent function on the source/sink BIO 
-that they are layered on top of after they have performed 
-some modification to the data stream.  Multiple filter BIOs 
-can be 'push' into a stack of modifers, so to read from a 
-file, unbase64 it, then decrypt it, a BIO_f_cipher, 
-BIO_f_base64 and a BIO_s_file would probably be used.  If a 
-sha-1 and md5 message digest needed to be generated, a stack 
-two BIO_f_md() BIOs and a BIO_s_null() BIO could be used.
-The base functions are
--	BIO *BIO_new(BIO_METHOD *type); Create  a new BIO of  type 'type'.
--	int BIO_free(BIO *a); Free a BIO structure.  Depending on 
-	the configuration, this will free the underlying data 
-	object for a source/sink BIO.
--	int BIO_read(BIO *b, char *data, int len); Read upto 'len' 
-	bytes into 'data'. 
--	int BIO_gets(BIO *bp,char *buf, int size); Depending on 
-	the BIO, this can either be a 'get special' or a get one 
-	line of data, as per fgets();
--	int BIO_write(BIO *b, char *data, int len); Write 'len' 
-	bytes from 'data' to the 'b' BIO.
--	int BIO_puts(BIO *bp,char *buf); Either a 'put special' or 
-	a write null terminated string as per fputs().
--	long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);  A 
-	control function which is used to manipulate the BIO 
-	structure and modify it's state and or report on it.  This 
-	function is just about never used directly, rather it 
-	should be used in conjunction with BIO_METHOD specific 
-	macros.
--	BIO *BIO_push(BIO *new_top, BIO *old); new_top is apped to the
-	top of the 'old' BIO list.  new_top should be a filter BIO.
-	All writes will go through 'new_top' first and last on read.
-	'old' is returned.
--	BIO *BIO_pop(BIO *bio); the new topmost BIO is returned, NULL if
-	there are no more.
-
-If a particular low level BIO method is not supported 
-(normally BIO_gets()), -2 will be returned if that method is 
-called.  Otherwise the IO methods (read, write, gets, puts) 
-will return the number of bytes read or written, and 0 or -1 
-for error (or end of input).  For the -1 case, 
-BIO_should_retry(bio) can be called to determine if it was a 
-genuine error or a temporary problem.  -2 will also be 
-returned if the BIO has not been initalised yet, in all 
-cases, the correct error codes are set (accessible via the 
-ERR library).
-
-
-The following functions are convenience functions:
--	int BIO_printf(BIO *bio, char * format, ..);  printf but 
-	to a BIO handle.
--	long BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg); a 
-	convenience function to allow a different argument types 
-	to be passed to BIO_ctrl().
--	int BIO_dump(BIO *b,char *bytes,int len); output 'len' 
-	bytes from 'bytes' in a hex dump debug format.
--	long BIO_debug_callback(BIO *bio, int cmd, char *argp, int 
-	argi, long argl, long ret) - a default debug BIO callback, 
-	this is mentioned below.  To use this one normally has to 
-	use the BIO_set_callback_arg() function to assign an 
-	output BIO for the callback to use.
--	BIO *BIO_find_type(BIO *bio,int type); when there is a 'stack'
-	of BIOs, this function scan the list and returns the first
-	that is of type 'type', as listed in buffer.h under BIO_TYPE_XXX.
--	void BIO_free_all(BIO *bio); Free the bio and all other BIOs
-	in the list.  It walks the bio->next_bio list.
-
-
-
-Extra commands are normally implemented as macros calling BIO_ctrl().
--	BIO_number_read(BIO *bio) - the number of bytes processed 
-	by BIO_read(bio,.).
--	BIO_number_written(BIO *bio) - the number of bytes written 
-	by BIO_write(bio,.).
--	BIO_reset(BIO *bio) - 'reset' the BIO.
--	BIO_eof(BIO *bio) - non zero if we are at the current end 
-	of input.
--	BIO_set_close(BIO *bio, int close_flag) - set the close flag.
--	BIO_get_close(BIO *bio) - return the close flag.
-	BIO_pending(BIO *bio) - return the number of bytes waiting 
-	to be read (normally buffered internally).
--	BIO_flush(BIO *bio) - output any data waiting to be output.
--	BIO_should_retry(BIO *io) - after a BIO_read/BIO_write 
-	operation returns 0 or -1, a call to this function will 
-	return non zero if you should retry the call later (this 
-	is for non-blocking IO).
--	BIO_should_read(BIO *io) - we should retry when data can 
-	be read.
--	BIO_should_write(BIO *io) - we should retry when data can 
-	be written.
--	BIO_method_name(BIO *io) - return a string for the method name.
--	BIO_method_type(BIO *io) - return the unique ID of the BIO method.
--	BIO_set_callback(BIO *io,  long (*callback)(BIO *io, int 
-	cmd, char *argp, int argi, long argl, long ret); - sets 
-	the debug callback.
--	BIO_get_callback(BIO *io) - return the assigned function 
-	as mentioned above.
--	BIO_set_callback_arg(BIO *io, char *arg)  - assign some 
-	data against the BIO.  This is normally used by the debug 
-	callback but could in reality be used for anything.  To 
-	get an idea of how all this works, have a look at the code 
-	in the default debug callback mentioned above.  The 
-	callback can modify the return values.
-
-Details of the BIO_METHOD structure.
-typedef struct bio_method_st
-        {
-	int type;
-	char *name;
-	int (*bwrite)();
-	int (*bread)();
-	int (*bputs)();
-	int (*bgets)();
-	long (*ctrl)();
-	int (*create)();
-	int (*destroy)();
-	} BIO_METHOD;
-
-The 'type' is the numeric type of the BIO, these are listed in buffer.h;
-'Name' is a textual representation of the BIO 'type'.
-The 7 function pointers point to the respective function 
-methods, some of which can be NULL if not implemented.
-The BIO structure
-typedef struct bio_st
-	{
-	BIO_METHOD *method;
-	long (*callback)(BIO * bio, int mode, char *argp, int 
-		argi, long argl, long ret);
-	char *cb_arg; /* first argument for the callback */
-	int init;
-	int shutdown;
-	int flags;      /* extra storage */
-	int num;
-	char *ptr;
-	struct bio_st *next_bio; /* used by filter BIOs */
-	int references;
-	unsigned long num_read;
-	unsigned long num_write;
-	} BIO;
-
--	'Method' is the BIO method.
--	'callback', when configured, is called before and after 
-	each BIO method is called for that particular BIO.  This 
-	is intended primarily for debugging and of informational feedback.
--	'init' is 0 when the BIO can be used for operation.  
-	Often, after a BIO is created, a number of operations may 
-	need to be performed before it is available for use.  An 
-	example is for BIO_s_sock().  A socket needs to be 
-	assigned to the BIO before it can be used.
--	'shutdown', this flag indicates if the underlying 
-	comunication primative being used should be closed/freed 
-	when the BIO is closed.
--	'flags' is used to hold extra state.  It is primarily used 
-	to hold information about why a non-blocking operation 
-	failed and to record startup protocol information for the 
-	SSL BIO.
--	'num' and 'ptr' are used to hold instance specific state 
-	like file descriptors or local data structures.
--	'next_bio' is used by filter BIOs to hold the pointer of the
-	next BIO in the chain. written data is sent to this BIO and
-	data read is taken from it.
--	'references' is used to indicate the number of pointers to 
-	this structure.  This needs to be '1' before a call to 
-	BIO_free() is made if the BIO_free() function is to 
-	actually free() the structure, otherwise the reference 
-	count is just decreased.  The actual BIO subsystem does 
-	not really use this functionality but it is useful when 
-	used in more advanced applicaion.
--	num_read and num_write are the total number of bytes 
-	read/written via the 'read()' and 'write()' methods.
-
-BIO_ctrl operations.
-The following is the list of standard commands passed as the 
-second parameter to BIO_ctrl() and should be supported by 
-all BIO as best as possible.  Some are optional, some are 
-manditory, in any case, where is makes sense, a filter BIO 
-should pass such requests to underlying BIO's.
--	BIO_CTRL_RESET	- Reset the BIO back to an initial state.
--	BIO_CTRL_EOF	- return 0 if we are not at the end of input, 
-	non 0 if we are.
--	BIO_CTRL_INFO	- BIO specific special command, normal
-	information return.
--	BIO_CTRL_SET	- set IO specific parameter.
--	BIO_CTRL_GET	- get IO specific parameter.
--	BIO_CTRL_GET_CLOSE - Get the close on BIO_free() flag, one 
-	of BIO_CLOSE or BIO_NOCLOSE.
--	BIO_CTRL_SET_CLOSE - Set the close on BIO_free() flag.
--	BIO_CTRL_PENDING - Return the number of bytes available 
-	for instant reading
--	BIO_CTRL_FLUSH	- Output pending data, return number of bytes output.
--	BIO_CTRL_SHOULD_RETRY - After an IO error (-1 returned) 
-	should we 'retry' when IO is possible on the underlying IO object.
--	BIO_CTRL_RETRY_TYPE - What kind of IO are we waiting on.
-
-The following command is a special BIO_s_file() specific option.
--	BIO_CTRL_SET_FILENAME - specify a file to open for IO.
-
-The BIO_CTRL_RETRY_TYPE needs a little more explanation.  
-When performing non-blocking IO, or say reading on a memory 
-BIO, when no data is present (or cannot be written), 
-BIO_read() and/or BIO_write() will return -1.  
-BIO_should_retry(bio) will return true if this is due to an 
-IO condition rather than an actual error.  In the case of 
-BIO_s_mem(), a read when there is no data will return -1 and 
-a should retry when there is more 'read' data.
-The retry type is deduced from 2 macros
-BIO_should_read(bio) and BIO_should_write(bio).
-Now while it may appear obvious that a BIO_read() failure 
-should indicate that a retry should be performed when more 
-read data is available, this is often not true when using 
-things like an SSL BIO.  During the SSL protocol startup 
-multiple reads and writes are performed, triggered by any 
-SSL_read or SSL_write.
-So to write code that will transparently handle either a 
-socket or SSL BIO,
-	i=BIO_read(bio,..)
-	if (I == -1)
-		{
-		if (BIO_should_retry(bio))
-			{
-			if (BIO_should_read(bio))
-				{
-				/* call us again when BIO can be read */
-				}
-			if (BIO_should_write(bio))
-				{
-				/* call us again when BIO can be written */
-				}
-			}
-		}
-
-At this point in time only read and write conditions can be 
-used but in the future I can see the situation for other 
-conditions, specifically with SSL there could be a condition 
-of a X509 certificate lookup taking place and so the non-
-blocking BIO_read would require a retry when the certificate 
-lookup subsystem has finished it's lookup.  This is all 
-makes more sense and is easy to use in a event loop type 
-setup.
-When using the SSL BIO, either SSL_read() or SSL_write()s 
-can be called during the protocol startup and things will 
-still work correctly.
-The nice aspect of the use of the BIO_should_retry() macro 
-is that all the errno codes that indicate a non-fatal error 
-are encapsulated in one place.  The Windows specific error 
-codes and WSAGetLastError() calls are also hidden from the 
-application.
-
-Notes on each BIO method.
-Normally buffer.h is just required but depending on the 
-BIO_METHOD, ssl.h or evp.h will also be required.
-
-BIO_METHOD *BIO_s_mem(void);
--	BIO_set_mem_buf(BIO *bio, BUF_MEM *bm, int close_flag) - 
-	set the underlying BUF_MEM structure for the BIO to use.
--	BIO_get_mem_ptr(BIO *bio, char **pp) - if pp is not NULL, 
-	set it to point to the memory array and return the number 
-	of bytes available.
-A read/write BIO.  Any data written is appended to the 
-memory array and any read is read from the front.  This BIO 
-can be used for read/write at the same time. BIO_gets() is 
-supported in the fgets() sense.
-BIO_CTRL_INFO can be used to retrieve pointers to the memory 
-buffer and it's length.
-
-BIO_METHOD *BIO_s_file(void);
--	BIO_set_fp(BIO *bio, FILE *fp, int close_flag) - set 'FILE *' to use.
--	BIO_get_fp(BIO *bio, FILE **fp) - get the 'FILE *' in use.
--	BIO_read_filename(BIO *bio, char *name) - read from file.
--	BIO_write_filename(BIO *bio, char *name) - write to file.
--	BIO_append_filename(BIO *bio, char *name) - append to file.
-This BIO sits over the normal system fread()/fgets() type 
-functions. Gets() is supported.  This BIO in theory could be 
-used for read and write but it is best to think of each BIO 
-of this type as either a read or a write BIO, not both.
-
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_fd(void);
--	BIO_sock_should_retry(int i) - the underlying function 
-	used to determine if a call should be retried; the 
-	argument is the '0' or '-1' returned by the previous BIO 
-	operation.
--	BIO_fd_should_retry(int i) - same as the 
--	BIO_sock_should_retry() except that it is different internally.
--	BIO_set_fd(BIO *bio, int fd, int close_flag) - set the 
-	file descriptor to use
--	BIO_get_fd(BIO *bio, int *fd) - get the file descriptor.
-These two methods are very similar.  Gets() is not 
-supported, if you want this functionality, put a 
-BIO_f_buffer() onto it.  This BIO is bi-directional if the 
-underlying file descriptor is.  This is normally the case 
-for sockets but not the case for stdio descriptors.
-
-BIO_METHOD *BIO_s_null(void);
-Read and write as much data as you like, it all disappears 
-into this BIO.
-
-BIO_METHOD *BIO_f_buffer(void);
--	BIO_get_buffer_num_lines(BIO *bio) - return the number of 
-	complete lines in the buffer.
--	BIO_set_buffer_size(BIO *bio, long size) - set the size of 
-	the buffers.
-This type performs input and output buffering.  It performs 
-both at the same time.  The size of the buffer can be set 
-via the set buffer size option.  Data buffered for output is 
-only written when the buffer fills.
-
-BIO_METHOD *BIO_f_ssl(void);
--	BIO_set_ssl(BIO *bio, SSL *ssl, int close_flag) - the SSL 
-	structure to use.
--	BIO_get_ssl(BIO *bio, SSL **ssl) - get the SSL structure 
-	in use.
-The SSL bio is a little different from normal BIOs because 
-the underlying SSL structure is a little different.  A SSL 
-structure performs IO via a read and write BIO.  These can 
-be different and are normally set via the
-SSL_set_rbio()/SSL_set_wbio() calls.  The SSL_set_fd() calls 
-are just wrappers that create socket BIOs and then call 
-SSL_set_bio() where the read and write BIOs are the same.  
-The BIO_push() operation makes the SSLs IO BIOs the same, so 
-make sure the BIO pushed is capable of two directional 
-traffic.  If it is not, you will have to install the BIOs 
-via the more conventional SSL_set_bio() call.  BIO_pop() will retrieve
-the 'SSL read' BIO.
-
-BIO_METHOD *BIO_f_md(void);
--	BIO_set_md(BIO *bio, EVP_MD *md) - set the message digest 
-	to use.
--	BIO_get_md(BIO *bio, EVP_MD **mdp) - return the digest 
-	method in use in mdp, return 0 if not set yet.
--	BIO_reset() reinitializes the digest (EVP_DigestInit()) 
-	and passes the reset to the underlying BIOs.
-All data read or written via BIO_read() or BIO_write() to 
-this BIO will be added to the calculated digest.  This 
-implies that this BIO is only one directional.  If read and 
-write operations are performed, two separate BIO_f_md() BIOs 
-are reuqired to generate digests on both the input and the 
-output.  BIO_gets(BIO *bio, char *md, int size) will place the 
-generated digest into 'md' and return the number of bytes.  
-The EVP_MAX_MD_SIZE should probably be used to size the 'md' 
-array.  Reading the digest will also reset it.
-
-BIO_METHOD *BIO_f_cipher(void);
--	BIO_reset() reinitializes the cipher.
--	BIO_flush() should be called when the last bytes have been 
-	output to flush the final block of block ciphers.
--	BIO_get_cipher_status(BIO *b), when called after the last 
-	read from a cipher BIO, returns non-zero if the data 
-	decrypted correctly, otherwise, 0.
--	BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *key, 
-	unsigned char *iv, int encrypt)   This function is used to 
-	setup a cipher BIO.  The length of key and iv are 
-	specified by the choice of EVP_CIPHER.  Encrypt is 1 to 
-	encrypt and 0 to decrypt.
-
-BIO_METHOD *BIO_f_base64(void);
--	BIO_flush() should be called when the last bytes have been output.
-This BIO base64 encodes when writing and base64 decodes when 
-reading.  It will scan the input until a suitable begin line 
-is found.  After reading data, BIO_reset() will reset the 
-BIO to start scanning again.  Do not mix reading and writing 
-on the same base64 BIO.  It is meant as a single stream BIO.
-
-Directions	type
-both		BIO_s_mem()
-one/both	BIO_s_file()
-both		BIO_s_fd()
-both		BIO_s_socket() 
-both		BIO_s_null()
-both		BIO_f_buffer()
-one		BIO_f_md()  
-one		BIO_f_cipher()  
-one		BIO_f_base64()  
-both		BIO_f_ssl()
-
-It is easy to mix one and two directional BIOs, all one has 
-to do is to keep two separate BIO pointers for reading and 
-writing and be careful about usage of underlying BIOs.  The 
-SSL bio by it's very nature has to be two directional but 
-the BIO_push() command will push the one BIO into the SSL 
-BIO for both reading and writing.
-
-The best example program to look at is apps/enc.c and/or perhaps apps/dgst.c.
-
-
-==== blowfish.doc ========================================================
-
-The Blowfish library.
-
-Blowfish is a block cipher that operates on 64bit (8 byte) quantities.  It
-uses variable size key, but 128bit (16 byte) key would normally be considered
-good.  It can be used in all the modes that DES can be used.  This
-library implements the ecb, cbc, cfb64, ofb64 modes.
-
-Blowfish is quite a bit faster that DES, and much faster than IDEA or
-RC2.  It is one of the faster block ciphers.
-
-For all calls that have an 'input' and 'output' variables, they can be the
-same.
-
-This library requires the inclusion of 'blowfish.h'.
-
-All of the encryption functions take what is called an BF_KEY as an 
-argument.  An BF_KEY is an expanded form of the Blowfish key.
-For all modes of the Blowfish algorithm, the BF_KEY used for
-decryption is the same one that was used for encryption.
-
-The define BF_ENCRYPT is passed to specify encryption for the functions
-that require an encryption/decryption flag. BF_DECRYPT is passed to
-specify decryption.
-
-Please note that any of the encryption modes specified in my DES library
-could be used with Blowfish.  I have only implemented ecb, cbc, cfb64 and
-ofb64 for the following reasons.
-- ecb is the basic Blowfish encryption.
-- cbc is the normal 'chaining' form for block ciphers.
-- cfb64 can be used to encrypt single characters, therefore input and output
-  do not need to be a multiple of 8.
-- ofb64 is similar to cfb64 but is more like a stream cipher, not as
-  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
-- If you want triple Blowfish, thats 384 bits of key and you must be totally
-  obsessed with security.  Still, if you want it, it is simple enough to
-  copy the function from the DES library and change the des_encrypt to
-  BF_encrypt; an exercise left for the paranoid reader :-).
-
-The functions are as follows:
-
-void BF_set_key(
-BF_KEY *ks;
-int len;
-unsigned char *key;
-        BF_set_key converts an 'len' byte key into a BF_KEY.
-        A 'ks' is an expanded form of the 'key' which is used to
-        perform actual encryption.  It can be regenerated from the Blowfish key
-        so it only needs to be kept when encryption or decryption is about
-        to occur.  Don't save or pass around BF_KEY's since they
-        are CPU architecture dependent, 'key's are not.  Blowfish is an
-	interesting cipher in that it can be used with a variable length
-	key.  'len' is the length of 'key' to be used as the key.
-	A 'len' of 16 is recomended by me, but blowfish can use upto
-	72 bytes.  As a warning, blowfish has a very very slow set_key
-	function, it actually runs BF_encrypt 521 times.
-	
-void BF_encrypt(unsigned long *data, BF_KEY *key);
-void BF_decrypt(unsigned long *data, BF_KEY *key);
-	These are the Blowfish encryption function that gets called by just
-	about every other Blowfish routine in the library.  You should not
-	use this function except to implement 'modes' of Blowfish.
-	I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.
-	Data is a pointer to 2 unsigned long's and key is the
-	BF_KEY to use. 
-
-void BF_ecb_encrypt(
-unsigned char *in,
-unsigned char *out,
-BF_KEY *key,
-int encrypt);
-	This is the basic Electronic Code Book form of Blowfish (in DES this
-	mode is called Electronic Code Book so I'm going to use the term
-	for blowfish as well.
-	Input is encrypted into output using the key represented by
-	key.  Depending on the encrypt, encryption or
-	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
-	
-void BF_cbc_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-BF_KEY *ks,
-unsigned char *ivec,
-int encrypt);
-	This routine implements Blowfish in Cipher Block Chaining mode.
-	Input, which should be a multiple of 8 bytes is encrypted
-	(or decrypted) to output which will also be a multiple of 8 bytes.
-	The number of bytes is in length (and from what I've said above,
-	should be a multiple of 8).  If length is not a multiple of 8, bad 
-	things will probably happen.  ivec is the initialisation vector.
-	This function updates iv after each call so that it can be passed to
-	the next call to BF_cbc_encrypt().
-	
-void BF_cfb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-BF_KEY *schedule,
-unsigned char *ivec,
-int *num,
-int encrypt);
-	This is one of the more useful functions in this Blowfish library, it
-	implements CFB mode of Blowfish with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	'Encrypt' is used to indicate encryption or decryption.
-	CFB64 mode operates by using the cipher to generate a stream
-	of bytes which is used to encrypt the plain text.
-	The cipher text is then encrypted to generate the next 64 bits to
-	be xored (incrementally) with the next 64 bits of plain
-	text.  As can be seen from this, to encrypt or decrypt,
-	the same 'cipher stream' needs to be generated but the way the next
-	block of data is gathered for encryption is different for
-	encryption and decryption.
-	
-void BF_ofb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-BF_KEY *schedule,
-unsigned char *ivec,
-int *num);
-	This functions implements OFB mode of Blowfish with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	This is in effect a stream cipher, there is no encryption or
-	decryption mode.
-	
-For reading passwords, I suggest using des_read_pw_string() from my DES library.
-To generate a password from a text string, I suggest using MD5 (or MD2) to
-produce a 16 byte message digest that can then be passed directly to
-BF_set_key().
-
-=====
-For more information about the specific Blowfish modes in this library
-(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
-documentation on my DES library.  What is said about DES is directly
-applicable for Blowfish.
-
-
-==== bn.doc ========================================================
-
-The Big Number library.
-
-#include "bn.h" when using this library.
-
-This big number library was written for use in implementing the RSA and DH
-public key encryption algorithms.  As such, features such as negative
-numbers have not been extensively tested but they should work as expected.
-This library uses dynamic memory allocation for storing its data structures
-and so there are no limit on the size of the numbers manipulated by these
-routines but there is always the requirement to check return codes from
-functions just in case a memory allocation error has occurred.
-
-The basic object in this library is a BIGNUM.  It is used to hold a single
-large integer.  This type should be considered opaque and fields should not
-be modified or accessed directly.
-typedef struct bignum_st
-	{
-	int top;	/* Index of last used d. */
-	BN_ULONG *d;	/* Pointer to an array of 'BITS2' bit chunks. */
-	int max;	/* Size of the d array. */
-	int neg;
-	} BIGNUM;
-The big number is stored in a malloced array of BN_ULONG's.  A BN_ULONG can
-be either 16, 32 or 64 bits in size, depending on the 'number of  bits'
-specified in bn.h. 
-The 'd' field is this array.  'max' is the size of the 'd' array that has
-been allocated.  'top' is the 'last' entry being used, so for a value of 4,
-bn.d[0]=4 and bn.top=1.  'neg' is 1 if the number is negative.
-When a BIGNUM is '0', the 'd' field can be NULL and top == 0.
-
-Various routines in this library require the use of 'temporary' BIGNUM
-variables during their execution.  Due to the use of dynamic memory
-allocation to create BIGNUMs being rather expensive when used in
-conjunction with repeated subroutine calls, the BN_CTX structure is
-used.  This structure contains BN_CTX BIGNUMs.  BN_CTX
-is the maximum number of temporary BIGNUMs any publicly exported 
-function will use.
-
-#define BN_CTX	12
-typedef struct bignum_ctx
-	{
-	int tos;			/* top of stack */
-	BIGNUM *bn[BN_CTX];	/* The variables */
-	} BN_CTX;
-
-The functions that follow have been grouped according to function.  Most
-arithmetic functions return a result in the first argument, sometimes this
-first argument can also be an input parameter, sometimes it cannot.  These
-restrictions are documented.
-
-extern BIGNUM *BN_value_one;
-There is one variable defined by this library, a BIGNUM which contains the
-number 1.  This variable is useful for use in comparisons and assignment.
-
-Get Size functions.
-
-int BN_num_bits(BIGNUM *a);
-	This function returns the size of 'a' in bits.
-	
-int BN_num_bytes(BIGNUM *a);
-	This function (macro) returns the size of 'a' in bytes.
-	For conversion of BIGNUMs to byte streams, this is the number of
-	bytes the output string will occupy.  If the output byte
-	format specifies that the 'top' bit indicates if the number is
-	signed, so an extra '0' byte is required if the top bit on a
-	positive number is being written, it is upto the application to
-	make this adjustment.  Like I said at the start, I don't
-	really support negative numbers :-).
-
-Creation/Destruction routines.
-
-BIGNUM *BN_new();
-	Return a new BIGNUM object.  The number initially has a value of 0.  If
-	there is an error, NULL is returned.
-	
-void	BN_free(BIGNUM *a);
-	Free()s a BIGNUM.
-	
-void	BN_clear(BIGNUM *a);
-	Sets 'a' to a value of 0 and also zeros all unused allocated
-	memory.  This function is used to clear a variable of 'sensitive'
-	data that was held in it.
-	
-void	BN_clear_free(BIGNUM *a);
-	This function zeros the memory used by 'a' and then free()'s it.
-	This function should be used to BN_free() BIGNUMS that have held
-	sensitive numeric values like RSA private key values.  Both this
-	function and BN_clear tend to only be used by RSA and DH routines.
-
-BN_CTX *BN_CTX_new(void);
-	Returns a new BN_CTX.  NULL on error.
-	
-void	BN_CTX_free(BN_CTX *c);
-	Free a BN_CTX structure.  The BIGNUMs in 'c' are BN_clear_free()ed.
-	
-BIGNUM *bn_expand(BIGNUM *b, int bits);
-	This is an internal function that should not normally be used.  It
-	ensures that 'b' has enough room for a 'bits' bit number.  It is
-	mostly used by the various BIGNUM routines.  If there is an error,
-	NULL is returned. if not, 'b' is returned.
-	
-BIGNUM *BN_copy(BIGNUM *to, BIGNUM *from);
-	The 'from' is copied into 'to'.  NULL is returned if there is an
-	error, otherwise 'to' is returned.
-
-BIGNUM *BN_dup(BIGNUM *a);
-	A new BIGNUM is created and returned containing the value of 'a'.
-	NULL is returned on error.
-
-Comparison and Test Functions.
-
-int BN_is_zero(BIGNUM *a)
-	Return 1 if 'a' is zero, else 0.
-
-int BN_is_one(a)
-	Return 1 is 'a' is one, else 0.
-
-int BN_is_word(a,w)
-	Return 1 if 'a' == w, else 0.  'w' is a BN_ULONG.
-
-int BN_cmp(BIGNUM *a, BIGNUM *b);
-	Return -1 if 'a' is less than 'b', 0 if 'a' and 'b' are the same
-	and 1 is 'a' is greater than 'b'.  This is a signed comparison.
-	
-int BN_ucmp(BIGNUM *a, BIGNUM *b);
-	This function is the same as BN_cmp except that the comparison
-	ignores the sign of the numbers.
-	
-Arithmetic Functions
-For all of these functions, 0 is returned if there is an error and 1 is
-returned for success.  The return value should always be checked.  eg.
-if (!BN_add(r,a,b)) goto err;
-Unless explicitly mentioned, the 'return' value can be one of the
-'parameters' to the function.
-
-int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
-	Add 'a' and 'b' and return the result in 'r'.  This is r=a+b.
-	
-int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
-	Subtract 'a' from 'b' and put the result in 'r'. This is r=a-b.
-	
-int BN_lshift(BIGNUM *r, BIGNUM *a, int n);
-	Shift 'a' left by 'n' bits.  This is r=a*(2^n).
-	
-int BN_lshift1(BIGNUM *r, BIGNUM *a);
-	Shift 'a' left by 1 bit.  This form is more efficient than
-	BN_lshift(r,a,1).  This is r=a*2.
-	
-int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
-	Shift 'a' right by 'n' bits.  This is r=int(a/(2^n)).
-	
-int BN_rshift1(BIGNUM *r, BIGNUM *a);
-	Shift 'a' right by 1 bit.  This form is more efficient than
-	BN_rshift(r,a,1).  This is r=int(a/2).
-	
-int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
-	Multiply a by b and return the result in 'r'. 'r' must not be
-	either 'a' or 'b'.  It has to be a different BIGNUM.
-	This is r=a*b.
-
-int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
-	Multiply a by a and return the result in 'r'. 'r' must not be
-	'a'.  This function is alot faster than BN_mul(r,a,a).  This is r=a*a.
-
-int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
-	Divide 'm' by 'd' and return the result in 'dv' and the remainder
-	in 'rem'.  Either of 'dv' or 'rem' can be NULL in which case that
-	value is not returned.  'ctx' needs to be passed as a source of
-	temporary BIGNUM variables.
-	This is dv=int(m/d), rem=m%d.
-	
-int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
-	Find the remainder of 'm' divided by 'd' and return it in 'rem'.
-	'ctx' holds the temporary BIGNUMs required by this function.
-	This function is more efficient than BN_div(NULL,rem,m,d,ctx);
-	This is rem=m%d.
-
-int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *m,BN_CTX *ctx);
-	Multiply 'a' by 'b' and return the remainder when divided by 'm'.
-	'ctx' holds the temporary BIGNUMs required by this function.
-	This is r=(a*b)%m.
-
-int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
-	Raise 'a' to the 'p' power and return the remainder when divided by
-	'm'.  'ctx' holds the temporary BIGNUMs required by this function.
-	This is r=(a^p)%m.
-
-int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
-	Return the reciprocal of 'm'.  'ctx' holds the temporary variables
-	required.  This function returns -1 on error, otherwise it returns
-	the number of bits 'r' is shifted left to make 'r' into an integer.
-	This number of bits shifted is required in BN_mod_mul_reciprocal().
-	This is r=(1/m)<<(BN_num_bits(m)+1).
-	
-int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, 
-	BIGNUM *i, int nb, BN_CTX *ctx);
-	This function is used to perform an efficient BN_mod_mul()
-	operation.  If one is going to repeatedly perform BN_mod_mul() with
-	the same modulus is worth calculating the reciprocal of the modulus
-	and then using this function.  This operation uses the fact that
-	a/b == a*r where r is the reciprocal of b.  On modern computers
-	multiplication is very fast and big number division is very slow.
-	'x' is multiplied by 'y' and then divided by 'm' and the remainder
-	is returned.  'i' is the reciprocal of 'm' and 'nb' is the number
-	of bits as returned from BN_reciprocal().  Normal usage is as follows.
-	bn=BN_reciprocal(i,m);
-	for (...)
-		{ BN_mod_mul_reciprocal(r,x,y,m,i,bn,ctx); }
-	This is r=(x*y)%m.  Internally it is approximately
-	r=(x*y)-m*(x*y/m) or r=(x*y)-m*((x*y*i) >> bn)
-	This function is used in BN_mod_exp() and BN_is_prime().
-
-Assignment Operations
-
-int BN_one(BIGNUM *a)
-	Set 'a' to hold the value one.
-	This is a=1.
-	
-int BN_zero(BIGNUM *a)
-	Set 'a' to hold the value zero.
-	This is a=0.
-	
-int BN_set_word(BIGNUM *a, unsigned long w);
-	Set 'a' to hold the value of 'w'.  'w' is an unsigned long.
-	This is a=w.
-
-unsigned long BN_get_word(BIGNUM *a);
-	Returns 'a' in an unsigned long.  Not remarkably, often 'a' will
-	be biger than a word, in which case 0xffffffffL is returned.
-
-Word Operations
-These functions are much more efficient that the normal bignum arithmetic
-operations.
-
-BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
-	Return the remainder of 'a' divided by 'w'.
-	This is return(a%w).
-	
-int BN_add_word(BIGNUM *a, unsigned long w);
-	Add 'w' to 'a'.  This function does not take the sign of 'a' into
-	account.  This is a+=w;
-	
-Bit operations.
-
-int BN_is_bit_set(BIGNUM *a, int n);
-	This function return 1 if bit 'n' is set in 'a' else 0.
-
-int BN_set_bit(BIGNUM *a, int n);
-	This function sets bit 'n' to 1 in 'a'. 
-	This is a&= ~(1<<n);
-
-int BN_clear_bit(BIGNUM *a, int n);
-	This function sets bit 'n' to zero in 'a'.  Return 0 if less
-	than 'n' bits in 'a' else 1.  This is a&= ~(1<<n);
-
-int BN_mask_bits(BIGNUM *a, int n);
-	Truncate 'a' to n bits long.  This is a&= ~((~0)<<n)
-
-Format conversion routines.
-
-BIGNUM *BN_bin2bn(unsigned char *s, int len,BIGNUM *ret);
-	This function converts 'len' bytes in 's' into a BIGNUM which
-	is put in 'ret'.  If ret is NULL, a new BIGNUM is created.
-	Either this new BIGNUM or ret is returned.  The number is
-	assumed to be in bigendian form in 's'.  By this I mean that
-	to 'ret' is created as follows for 'len' == 5.
-	ret = s[0]*2^32 + s[1]*2^24 + s[2]*2^16 + s[3]*2^8 + s[4];
-	This function cannot be used to convert negative numbers.  It
-	is always assumed the number is positive.  The application
-	needs to diddle the 'neg' field of th BIGNUM its self.
-	The better solution would be to save the numbers in ASN.1 format
-	since this is a defined standard for storing big numbers.
-	Look at the functions
-
-	ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-	BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
-	int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-	ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
-		long length;
-
-int BN_bn2bin(BIGNUM *a, unsigned char *to);
-	This function converts 'a' to a byte string which is put into
-	'to'.  The representation is big-endian in that the most
-	significant byte of 'a' is put into to[0].  This function
-	returns the number of bytes used to hold 'a'.  BN_num_bytes(a)
-	would return the same value and can be used to determine how
-	large 'to' needs to be.  If the number is negative, this
-	information is lost.  Since this library was written to
-	manipulate large positive integers, the inability to save and
-	restore them is not considered to be a problem by me :-).
-	As for BN_bin2bn(), look at the ASN.1 integer encoding funtions
-	for SSLeay.  They use BN_bin2bn() and BN_bn2bin() internally.
-	
-char *BN_bn2ascii(BIGNUM *a);
-	This function returns a malloc()ed string that contains the
-	ascii hexadecimal encoding of 'a'.  The number is in bigendian
-	format with a '-' in front if the number is negative.
-
-int BN_ascii2bn(BIGNUM **bn, char *a);
-	The inverse of BN_bn2ascii.  The function returns the number of
-	characters from 'a' were processed in generating a the bignum.
-	error is inticated by 0 being returned.  The number is a
-	hex digit string, optionally with a leading '-'.  If *bn
-	is null, a BIGNUM is created and returned via that variable.
-	
-int BN_print_fp(FILE *fp, BIGNUM *a);
-	'a' is printed to file pointer 'fp'.  It is in the same format
-	that is output from BN_bn2ascii().  0 is returned on error,
-	1 if things are ok.
-
-int BN_print(BIO *bp, BIGNUM *a);
-	Same as BN_print except that the output is done to the SSLeay libraries
-	BIO routines.  BN_print_fp() actually calls this function.
-
-Miscellaneous Routines.
-
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-	This function returns in 'rnd' a random BIGNUM that is bits
-	long.  If bottom is 1, the number returned is odd.  If top is set,
-	the top 2 bits of the number are set.  This is useful because if
-	this is set, 2 'n; bit numbers multiplied together will return a 2n
-	bit number.  If top was not set, they could produce a 2n-1 bit
-	number.
-
-BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
-	This function create a new BIGNUM and returns it.  This number
-	is the inverse mod 'n' of 'a'.  By this it is meant that the
-	returned value 'r' satisfies (a*r)%n == 1.  This function is
-	used in the generation of RSA keys.  'ctx', as per usual,
-	is used to hold temporary variables that are required by the
-	function.  NULL is returned on error.
-
-int BN_gcd(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
-	'r' has the greatest common divisor of 'a' and 'b'.  'ctx' is
-	used for temporary variables and 0 is returned on error.
-
-int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx,
-	char *cb_arg);
-	This function is used to check if a BIGNUM ('p') is prime.
-	It performs this test by using the Miller-Rabin randomised
-	primality test.  This is a probalistic test that requires a
-	number of rounds to ensure the number is prime to a high
-	degree of probability.  Since this can take quite some time, a
-	callback function can be passed and it will be called each
-	time 'p' passes a round of the prime testing.  'callback' will
-	be called as follows, callback(1,n,cb_arg) where n is the number of
-	the round, just passed.  As per usual 'ctx' contains temporary
-	variables used.  If ctx is NULL, it does not matter, a local version
-	will be malloced.  This parameter is present to save some mallocing
-	inside the function but probably could be removed.
-	0 is returned on error.
-	'ncheck' is the number of Miller-Rabin tests to run.  It is
-	suggested to use the value 'BN_prime_checks' by default.
-
-BIGNUM *BN_generate_prime(
-int bits,
-int strong,
-BIGNUM *a,
-BIGNUM *rems,
-void (*callback)());
-char *cb_arg
-	This function is used to generate prime numbers.  It returns a
-	new BIGNUM that has a high probability of being a prime.
-	'bits' is the number of bits that
-	are to be in the prime.  If 'strong' is true, the returned prime
-	will also be a strong prime ((p-1)/2 is also prime).
-	While searching for the prime ('p'), we
-	can add the requirement that the prime fill the following
-	condition p%a == rem.  This can be used to help search for
-	primes with specific features, which is required when looking
-	for primes suitable for use with certain 'g' values in the
-	Diffie-Hellman key exchange algorithm.  If 'a' is NULL,
-	this condition is not checked.  If rem is NULL, rem is assumed
-	to be 1.  Since this search for a prime
-	can take quite some time, if callback is not NULL, it is called
-	in the following situations.
-	We have a suspected prime (from a quick sieve),
-	callback(0,sus_prime++,cb_arg). Each item to be passed to BN_is_prime().
-	callback(1,round++,cb_arg).  Each successful 'round' in BN_is_prime().
-	callback(2,round,cb_arg). For each successful BN_is_prime() test.
-
-Hints
------
-
-DSA wants 64*32 to use word mont mul, but RSA wants to use full.
-
-==== callback.doc ========================================================
-
-Callback functions used in SSLeay.
-
---------------------------
-The BIO library.  
-
-Each BIO structure can have a callback defined against it.  This callback is
-called 2 times for each BIO 'function'.  It is passed 6 parameters.
-BIO_debug_callback() is an example callback which is defined in
-crypto/buffer/bio_cb.c and is used in apps/dgst.c  This is intended mostly
-for debuging or to notify the application of IO.
-
-long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,long argl,
-	long ret);
-bio is the BIO being called, cmd is the type of BIO function being called.
-Look at the BIO_CB_* defines in buffer.h.  Argp and argi are the arguments
-passed to BIO_read(), BIO_write, BIO_gets(), BIO_puts().  In the case of
-BIO_ctrl(), argl is also defined.  The first time the callback is called,
-before the underlying function has been executed, 0 is passed as 'ret', and
-if the return code from the callback is not > 0, the call is aborted
-and the returned <= 0 value is returned.
-The second time the callback is called, the 'cmd' value also has
-BIO_CB_RETURN logically 'or'ed with it.  The 'ret' value is the value returned
-from the actuall function call and whatever the callback returns is returned
-from the BIO function.
-
-BIO_set_callback(b,cb) can be used to set the callback function
-(b is a BIO), and BIO_set_callback_arg(b,arg) can be used to
-set the cb_arg argument in the BIO strucutre.  This field is only intended
-to be used by application, primarily in the callback function since it is
-accessable since the BIO is passed.
-
---------------------------
-The PEM library.
-
-The pem library only really uses one type of callback,
-static int def_callback(char *buf, int num, int verify);
-which is used to return a password string if required.
-'buf' is the buffer to put the string in.  'num' is the size of 'buf'
-and 'verify' is used to indicate that the password should be checked.
-This last flag is mostly used when reading a password for encryption.
-
-For all of these functions, a NULL callback will call the above mentioned
-default callback.  This default function does not work under Windows 3.1.
-For other machines, it will use an application defined prompt string
-(EVP_set_pw_prompt(), which defines a library wide prompt string)
-if defined, otherwise it will use it's own PEM password prompt.
-It will then call EVP_read_pw_string() to get a password from the console.
-If your application wishes to use nice fancy windows to retrieve passwords,
-replace this function.  The callback should return the number of bytes read
-into 'buf'.  If the number of bytes <= 0, it is considered an error.
-
-Functions that take this callback are listed below.  For the 'read' type
-functions, the callback will only be required if the PEM data is encrypted.
-
-For the Write functions, normally a password can be passed in 'kstr', of
-'klen' bytes which will be used if the 'enc' cipher is not NULL.  If
-'kstr' is NULL, the callback will be used to retrieve a password.
-
-int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
-	int (*callback)());
-char *PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,int (*cb)());
-char *PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
-int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
-	EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
-int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
-	EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
-STACK *PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
-STACK *PEM_X509_INFO_read_bio(BIO *fp, STACK *sk, int (*cb)());
-
-#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
-#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
-#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
-#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
-#define	PEM_read_SSL_SESSION(fp,x,cb)
-#define	PEM_read_X509(fp,x,cb)
-#define	PEM_read_X509_REQ(fp,x,cb)
-#define	PEM_read_X509_CRL(fp,x,cb)
-#define	PEM_read_RSAPrivateKey(fp,x,cb)
-#define	PEM_read_DSAPrivateKey(fp,x,cb)
-#define	PEM_read_PrivateKey(fp,x,cb)
-#define	PEM_read_PKCS7(fp,x,cb)
-#define	PEM_read_DHparams(fp,x,cb)
-#define	PEM_read_bio_SSL_SESSION(bp,x,cb)
-#define	PEM_read_bio_X509(bp,x,cb)
-#define	PEM_read_bio_X509_REQ(bp,x,cb)
-#define	PEM_read_bio_X509_CRL(bp,x,cb)
-#define	PEM_read_bio_RSAPrivateKey(bp,x,cb)
-#define	PEM_read_bio_DSAPrivateKey(bp,x,cb)
-#define	PEM_read_bio_PrivateKey(bp,x,cb)
-#define	PEM_read_bio_PKCS7(bp,x,cb)
-#define	PEM_read_bio_DHparams(bp,x,cb)
-int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
-RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
-
-Now you will notice that macros like
-#define PEM_write_X509(fp,x) \
-                PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
-		                        (char *)x, NULL,NULL,0,NULL)
-Don't do encryption normally.  If you want to PEM encrypt your X509 structure,
-either just call PEM_ASN1_write directly or just define you own
-macro variant.  As you can see, this macro just sets all encryption related
-parameters to NULL.
-
-
---------------------------
-The SSL library.
-
-#define SSL_set_info_callback(ssl,cb)
-#define SSL_CTX_set_info_callback(ctx,cb)
-void callback(SSL *ssl,int location,int ret)
-This callback is called each time around the SSL_connect()/SSL_accept() 
-state machine.  So it will be called each time the SSL protocol progresses.
-It is mostly present for use when debugging.  When SSL_connect() or
-SSL_accept() return, the location flag is SSL_CB_ACCEPT_EXIT or
-SSL_CB_CONNECT_EXIT and 'ret' is the value about to be returned.
-Have a look at the SSL_CB_* defines in ssl.h.  If an info callback is defined
-against the SSL_CTX, it is called unless there is one set against the SSL.
-Have a look at
-void client_info_callback() in apps/s_client() for an example.
-
-Certificate verification.
-void SSL_set_verify(SSL *s, int mode, int (*callback) ());
-void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
-This callback is used to help verify client and server X509 certificates.
-It is actually passed to X509_cert_verify(), along with the SSL structure
-so you have to read about X509_cert_verify() :-).  The SSL_CTX version is used
-if the SSL version is not defined.  X509_cert_verify() is the function used
-by the SSL part of the library to verify certificates.  This function is
-nearly always defined by the application.
-
-void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
-int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
-This call is used to replace the SSLeay certificate verification code.
-The 'arg' is kept in the SSL_CTX and is passed to the callback.
-If the callback returns 0, the certificate is rejected, otherwise it
-is accepted.  The callback is replacing the X509_cert_verify() call.
-This feature is not often used, but if you wished to implement
-some totally different certificate authentication system, this 'hook' is
-vital.
-
-SSLeay keeps a cache of session-ids against each SSL_CTX.  These callbacks can
-be used to notify the application when a SSL_SESSION is added to the cache
-or to retrieve a SSL_SESSION that is not in the cache from the application.
-#define SSL_CTX_sess_set_get_cb(ctx,cb)
-SSL_SESSION *callback(SSL *s,char *session_id,int session_id_len,int *copy);
-If defined, this callback is called to return the SESSION_ID for the
-session-id in 'session_id', of 'session_id_len' bytes.  'copy' is set to 1
-if the server is to 'take a copy' of the SSL_SESSION structure.  It is 0
-if the SSL_SESSION is being 'passed in' so the SSLeay library is now
-responsible for 'free()ing' the structure.  Basically it is used to indicate
-if the reference count on the SSL_SESSION structure needs to be incremented.
-
-#define SSL_CTX_sess_set_new_cb(ctx,cb)
-int callback(SSL *s, SSL_SESSION *sess);
-When a new connection is established, if the SSL_SESSION is going to be added
-to the cache, this callback is called.  Return 1 if a 'copy' is required,
-otherwise, return 0.  This return value just causes the reference count
-to be incremented (on return of a 1), this means the application does
-not need to worry about incrementing the refernece count (and the
-locking that implies in a multi-threaded application).
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
-This sets the SSL password reading function.
-It is mostly used for windowing applications
-and used by PEM_read_bio_X509() and PEM_read_bio_RSAPrivateKey()
-calls inside the SSL library.   The only reason this is present is because the
-calls to PEM_* functions is hidden in the SSLeay library so you have to
-pass in the callback some how.
-
-#define SSL_CTX_set_client_cert_cb(ctx,cb)
-int callback(SSL *s,X509 **x509, EVP_PKEY **pkey);
-Called when a client certificate is requested but there is not one set
-against the SSL_CTX or the SSL.  If the callback returns 1, x509 and
-pkey need to point to valid data.  The library will free these when
-required so if the application wants to keep these around, increment
-their reference counts.  If 0 is returned, no client cert is
-available.  If -1 is returned, it is assumed that the callback needs
-to be called again at a later point in time.  SSL_connect will return
--1 and SSL_want_x509_lookup(ssl) returns true.  Remember that
-application data can be attached to an SSL structure via the
-SSL_set_app_data(SSL *ssl,char *data) call.
-
---------------------------
-The X509 library.
-
-int X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)(),
-	int *error,char *arg,STACK *cert_chain);
-int verify_callback(int ok,X509 *xs,X509 *xi,int depth,int error,char *arg,
-	STACK *cert_chain);
-
-X509_cert_verify() is used to authenticate X509 certificates.  The 'ctx' holds
-the details of the various caches and files used to locate certificates.
-'xs' is the certificate to verify and 'cb' is the application callback (more
-detail later).  'error' will be set to the error code and 'arg' is passed
-to the 'cb' callback.  Look at the VERIFY_* defines in crypto/x509/x509.h
-
-When ever X509_cert_verify() makes a 'negative' decision about a
-certitificate, the callback is called.  If everything checks out, the
-callback is called with 'VERIFY_OK' or 'VERIFY_ROOT_OK' (for a self
-signed cert that is not the passed certificate).
-
-The callback is passed the X509_cert_verify opinion of the certificate 
-in 'ok', the certificate in 'xs', the issuer certificate in 'xi',
-the 'depth' of the certificate in the verification 'chain', the
-VERIFY_* code in 'error' and the argument passed to X509_cert_verify()
-in 'arg'. cert_chain is a list of extra certs to use if they are not
-in the cache.
-
-The callback can be used to look at the error reason, and then return 0
-for an 'error' or '1' for ok.  This will override the X509_cert_verify()
-opinion of the certificates validity.  Processing will continue depending on
-the return value.  If one just wishes to use the callback for informational
-reason, just return the 'ok' parameter.
-
---------------------------
-The BN and DH library.
-
-BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
-	BIGNUM *rem,void (*callback)(int,int));
-int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
-
-Read doc/bn.doc for the description of these 2.
-
-DH *DH_generate_parameters(int prime_len,int generator,
-	void (*callback)(int,int));
-Read doc/bn.doc for the description of the callback, since it is just passed
-to BN_generate_prime(), except that it is also called as
-callback(3,0) by this function.
-
---------------------------
-The CRYPTO library.
-
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
-	int line));
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
-	int type,char *file, int line));
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-
-Read threads.doc for info on these ones.
-
-
-==== cipher.doc ========================================================
-
-The Cipher subroutines.
-
-These routines require "evp.h" to be included.
-
-These functions are a higher level interface to the various cipher
-routines found in this library.  As such, they allow the same code to be
-used to encrypt and decrypt via different ciphers with only a change
-in an initial parameter.  These routines also provide buffering for block
-ciphers.
-
-These routines all take a pointer to the following structure to specify
-which cipher to use.  If you wish to use a new cipher with these routines,
-you would probably be best off looking an how an existing cipher is
-implemented and copying it.  At this point in time, I'm not going to go
-into many details.  This structure should be considered opaque
-
-typedef struct pem_cipher_st
-	{
-	int type;
-	int block_size;
-	int key_len;
-	int iv_len;
-	void (*enc_init)();	/* init for encryption */
-	void (*dec_init)();	/* init for decryption */
-	void (*do_cipher)();	/* encrypt data */
-	} EVP_CIPHER;
-	
-The type field is the object NID of the cipher type
-(read the section on Objects for an explanation of what a NID is).
-The cipher block_size is how many bytes need to be passed
-to the cipher at a time.  Key_len is the
-length of the key the cipher requires and iv_len is the length of the
-initialisation vector required.  enc_init is the function
-called to initialise the ciphers context for encryption and dec_init is the
-function to initialise for decryption (they need to be different, especially
-for the IDEA cipher).
-
-One reason for specifying the Cipher via a pointer to a structure
-is that if you only use des-cbc, only the des-cbc routines will
-be included when you link the program.  If you passed an integer
-that specified which cipher to use, the routine that mapped that
-integer to a set of cipher functions would cause all the ciphers
-to be link into the code.  This setup also allows new ciphers
-to be added by the application (with some restrictions).
-
-The thirteen ciphers currently defined in this library are
-
-EVP_CIPHER *EVP_des_ecb();     /* DES in ecb mode,     iv=0, block=8, key= 8 */
-EVP_CIPHER *EVP_des_ede();     /* DES in ecb ede mode, iv=0, block=8, key=16 */
-EVP_CIPHER *EVP_des_ede3();    /* DES in ecb ede mode, iv=0, block=8, key=24 */
-EVP_CIPHER *EVP_des_cfb();     /* DES in cfb mode,     iv=8, block=1, key= 8 */
-EVP_CIPHER *EVP_des_ede_cfb(); /* DES in ede cfb mode, iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_des_ede3_cfb();/* DES in ede cfb mode, iv=8, block=1, key=24 */
-EVP_CIPHER *EVP_des_ofb();     /* DES in ofb mode,     iv=8, block=1, key= 8 */
-EVP_CIPHER *EVP_des_ede_ofb(); /* DES in ede ofb mode, iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_des_ede3_ofb();/* DES in ede ofb mode, iv=8, block=1, key=24 */
-EVP_CIPHER *EVP_des_cbc();     /* DES in cbc mode,     iv=8, block=8, key= 8 */
-EVP_CIPHER *EVP_des_ede_cbc(); /* DES in cbc ede mode, iv=8, block=8, key=16 */
-EVP_CIPHER *EVP_des_ede3_cbc();/* DES in cbc ede mode, iv=8, block=8, key=24 */
-EVP_CIPHER *EVP_desx_cbc();    /* DES in desx cbc mode,iv=8, block=8, key=24 */
-EVP_CIPHER *EVP_rc4();         /* RC4,                 iv=0, block=1, key=16 */
-EVP_CIPHER *EVP_idea_ecb();    /* IDEA in ecb mode,    iv=0, block=8, key=16 */
-EVP_CIPHER *EVP_idea_cfb();    /* IDEA in cfb mode,    iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_idea_ofb();    /* IDEA in ofb mode,    iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_idea_cbc();    /* IDEA in cbc mode,    iv=8, block=8, key=16 */
-EVP_CIPHER *EVP_rc2_ecb();     /* RC2 in ecb mode,     iv=0, block=8, key=16 */
-EVP_CIPHER *EVP_rc2_cfb();     /* RC2 in cfb mode,     iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_rc2_ofb();     /* RC2 in ofb mode,     iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_rc2_cbc();     /* RC2 in cbc mode,     iv=8, block=8, key=16 */
-EVP_CIPHER *EVP_bf_ecb();      /* Blowfish in ecb mode,iv=0, block=8, key=16 */
-EVP_CIPHER *EVP_bf_cfb();      /* Blowfish in cfb mode,iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_bf_ofb();      /* Blowfish in ofb mode,iv=8, block=1, key=16 */
-EVP_CIPHER *EVP_bf_cbc();      /* Blowfish in cbc mode,iv=8, block=8, key=16 */
-
-The meaning of the compound names is as follows.
-des	The base cipher is DES.
-idea	The base cipher is IDEA
-rc4	The base cipher is RC4-128
-rc2	The base cipher is RC2-128
-ecb	Electronic Code Book form of the cipher.
-cbc	Cipher Block Chaining form of the cipher.
-cfb	64 bit Cipher Feedback form of the cipher.
-ofb	64 bit Output Feedback form of the cipher.
-ede	The cipher is used in Encrypt, Decrypt, Encrypt mode.  The first
-	and last keys are the same.
-ede3	The cipher is used in Encrypt, Decrypt, Encrypt mode.
-
-All the Cipher routines take a EVP_CIPHER_CTX pointer as an argument.
-The state of the cipher is kept in this structure.
-
-typedef struct EVP_CIPHER_Ctx_st
-	{
-	EVP_CIPHER *cipher;
-	int encrypt;		/* encrypt or decrypt */
-	int buf_len;		/* number we have left */
-	unsigned char buf[8];
-	union	{
-		.... /* cipher specific stuff */
-		} c;
-	} EVP_CIPHER_CTX;
-
-Cipher is a pointer the the EVP_CIPHER for the current context.  The encrypt
-flag indicates encryption or decryption.  buf_len is the number of bytes
-currently being held in buf.
-The 'c' union holds the cipher specify context.
-
-The following functions are to be used.
-
-int EVP_read_pw_string(
-char *buf,
-int len,
-char *prompt,
-int verify,
-	This function is the same as des_read_pw_string() (des.doc).
-
-void EVP_set_pw_prompt(char *prompt);
-	This function sets the 'default' prompt to use to use in
-	EVP_read_pw_string when the prompt parameter is NULL.  If the
-	prompt parameter is NULL, this 'default prompt' feature is turned
-	off.  Be warned, this is a global variable so weird things
-	will happen if it is used under Win16 and care must be taken
-	with a multi-threaded version of the library.
-
-char *EVP_get_pw_prompt();
-	This returns a pointer to the default prompt string.  NULL
-	if it is not set.
-
-int EVP_BytesToKey(
-EVP_CIPHER *type,
-EVP_MD *md,
-unsigned char *salt,
-unsigned char *data,
-int datal,
-int count,
-unsigned char *key,
-unsigned char *iv);
-	This function is used to generate a key and an initialisation vector
-	for a specified cipher from a key string and a salt.  Type
-	specifies the cipher the 'key' is being generated for.  Md is the
-	message digest algorithm to use to generate the key and iv.  The salt
-	is an optional 8 byte object that is used to help seed the key
-	generator.
-	If the salt value is NULL, it is just not used.  Datal is the
-	number of bytes to use from 'data' in the key generation.  
-	This function returns the key size for the specified cipher, if
-	data is NULL, this value is returns and no other
-	computation is performed.  Count is
-	the number of times to loop around the key generator.  I would
-	suggest leaving it's value as 1.  Key and iv are the structures to
-	place the returning iv and key in.  If they are NULL, no value is
-	generated for that particular value.
-	The algorithm used is as follows
-	
-	/* M[] is an array of message digests
-	 * MD() is the message digest function */
-	M[0]=MD(data . salt);
-	for (i=1; i<count; i++) M[0]=MD(M[0]);
-
-	i=1
-	while (data still needed for key and iv)
-		{
-		M[i]=MD(M[i-1] . data . salt);
-		for (i=1; i<count; i++) M[i]=MD(M[i]);
-		i++;
-		}
-
-	If the salt is NULL, it is not used.
-	The digests are concatenated together.
-	M = M[0] . M[1] . M[2] .......
-
-	For key= 8, iv=8 => key=M[0.. 8], iv=M[ 9 .. 16].
-	For key=16, iv=0 => key=M[0..16].
-	For key=16, iv=8 => key=M[0..16], iv=M[17 .. 24].
-	For key=24, iv=8 => key=M[0..24], iv=M[25 .. 32].
-
-	This routine will produce DES-CBC keys and iv that are compatible
-	with the PKCS-5 standard when md2 or md5 are used.  If md5 is
-	used, the salt is NULL and count is 1, this routine will produce
-	the password to key mapping normally used with RC4.
-	I have attempted to logically extend the PKCS-5 standard to
-	generate keys and iv for ciphers that require more than 16 bytes,
-	if anyone knows what the correct standard is, please inform me.
-	When using sha or sha1, things are a bit different under this scheme,
-	since sha produces a 20 byte digest.  So for ciphers requiring
-	24 bits of data, 20 will come from the first MD and 4 will
-	come from the second.
-
-	I have considered having a separate function so this 'routine'
-	can be used without the requirement of passing a EVP_CIPHER *,
-	but I have decided to not bother.  If you wish to use the
-	function without official EVP_CIPHER structures, just declare
-	a local one and set the key_len and iv_len fields to the
-	length you desire.
-
-The following routines perform encryption and decryption 'by parts'.  By
-this I mean that there are groups of 3 routines.  An Init function that is
-used to specify a cipher and initialise data structures.  An Update routine
-that does encryption/decryption, one 'chunk' at a time.  And finally a
-'Final' function that finishes the encryption/decryption process.
-All these functions take a EVP_CIPHER pointer to specify which cipher to
-encrypt/decrypt with.  They also take a EVP_CIPHER_CTX object as an
-argument.  This structure is used to hold the state information associated
-with the operation in progress.
-
-void EVP_EncryptInit(
-EVP_CIPHER_CTX *ctx,
-EVP_CIPHER *type,
-unsigned char *key,
-unsigned char *iv);
-	This function initialise a EVP_CIPHER_CTX for encryption using the
-	cipher passed in the 'type' field.  The cipher is initialised to use
-	'key' as the key and 'iv' for the initialisation vector (if one is
-	required).  If the type, key or iv is NULL, the value currently in the
-	EVP_CIPHER_CTX is reused.  So to perform several decrypt
-	using the same cipher, key and iv, initialise with the cipher,
-	key and iv the first time and then for subsequent calls,
-	reuse 'ctx' but pass NULL for type, key and iv.  You must make sure
-	to pass a key that is large enough for a particular cipher.  I
-	would suggest using the EVP_BytesToKey() function.
-
-void EVP_EncryptUpdate(
-EVP_CIPHER_CTX *ctx,
-unsigned char *out,
-int *outl,
-unsigned char *in,
-int inl);
-	This function takes 'inl' bytes from 'in' and outputs bytes
-	encrypted by the cipher 'ctx' was initialised with into 'out'.  The
-	number of bytes written to 'out' is put into outl.  If a particular
-	cipher encrypts in blocks, less or more bytes than input may be
-	output.  Currently the largest block size used by supported ciphers
-	is 8 bytes, so 'out' should have room for 'inl+7' bytes.  Normally
-	EVP_EncryptInit() is called once, followed by lots and lots of
-	calls to EVP_EncryptUpdate, followed by a single EVP_EncryptFinal
-	call.
-
-void EVP_EncryptFinal(
-EVP_CIPHER_CTX *ctx,
-unsigned char *out,
-int *outl);
-	Because quite a large number of ciphers are block ciphers, there is
-	often an incomplete block to write out at the end of the
-	encryption.  EVP_EncryptFinal() performs processing on this last
-	block.  The last block in encoded in such a way that it is possible
-	to determine how many bytes in the last block are valid.  For 8 byte
-	block size ciphers, if only 5 bytes in the last block are valid, the
-	last three bytes will be filled with the value 3.  If only 2 were
-	valid, the other 6 would be filled with sixes.  If all 8 bytes are
-	valid, a extra 8 bytes are appended to the cipher stream containing
-	nothing but 8 eights.  These last bytes are output into 'out' and
-	the number of bytes written is put into 'outl'  These last bytes
-	are output into 'out' and the number of bytes written is put into
-	'outl'.  This form of block cipher finalisation is compatible with
-	PKCS-5.  Please remember that even if you are using ciphers like
-	RC4 that has no blocking and so the function will not write
-	anything into 'out', it would still be a good idea to pass a
-	variable for 'out' that can hold 8 bytes just in case the cipher is
-	changed some time in the future.  It should also be remembered
-	that the EVP_CIPHER_CTX contains the password and so when one has
-	finished encryption with a particular EVP_CIPHER_CTX, it is good
-	practice to zero the structure 
-	(ie. memset(ctx,0,sizeof(EVP_CIPHER_CTX)).
-	
-void EVP_DecryptInit(
-EVP_CIPHER_CTX *ctx,
-EVP_CIPHER *type,
-unsigned char *key,
-unsigned char *iv);
-	This function is basically the same as EVP_EncryptInit() accept that
-	is prepares the EVP_CIPHER_CTX for decryption.
-
-void EVP_DecryptUpdate(
-EVP_CIPHER_CTX *ctx,
-unsigned char *out,
-int *outl,
-unsigned char *in,
-int inl);
-	This function is basically the same as EVP_EncryptUpdate()
-	except that it performs decryption.  There is one
-	fundamental difference though.  'out' can not be the same as
-	'in' for any ciphers with a block size greater than 1 if more
-	than one call to EVP_DecryptUpdate() will be made.  This
-	is because this routine can hold a 'partial' block between
-	calls.  When a partial block is decrypted (due to more bytes
-	being passed via this function, they will be written to 'out'
-	overwriting the input bytes in 'in' that have not been read
-	yet.  From this it should also be noted that 'out' should
-	be at least one 'block size' larger than 'inl'.  This problem
-	only occurs on the second and subsequent call to
-	EVP_DecryptUpdate() when using a block cipher.
-
-int EVP_DecryptFinal(
-EVP_CIPHER_CTX *ctx,
-unsigned char *out,
-int *outl);
-	This function is different to EVP_EncryptFinal in that it 'removes'
-	any padding bytes appended when the data was encrypted.  Due to the
-	way in which 1 to 8 bytes may have been appended when encryption
-	using a block cipher, 'out' can end up with 0 to 7 bytes being put
-	into it.  When decoding the padding bytes, it is possible to detect
-	an incorrect decryption.  If the decryption appears to be wrong, 0
-	is returned.  If everything seems ok, 1 is returned.  For ciphers
-	with a block size of 1 (RC4), this function would normally not
-	return any bytes and would always return 1.  Just because this
-	function returns 1 does not mean the decryption was correct. It
-	would normally be wrong due to either the wrong key/iv or
-	corruption of the cipher data fed to EVP_DecryptUpdate().
-	As for EVP_EncryptFinal, it is a good idea to zero the
-	EVP_CIPHER_CTX after use since the structure contains the key used
-	to decrypt the data.
-	
-The following Cipher routines are convenience routines that call either
-EVP_EncryptXxx or EVP_DecryptXxx depending on weather the EVP_CIPHER_CTX
-was setup to encrypt or decrypt.  
-
-void EVP_CipherInit(
-EVP_CIPHER_CTX *ctx,
-EVP_CIPHER *type,
-unsigned char *key,
-unsigned char *iv,
-int enc);
-	This function take arguments that are the same as EVP_EncryptInit()
-	and EVP_DecryptInit() except for the extra 'enc' flag.  If 1, the
-	EVP_CIPHER_CTX is setup for encryption, if 0, decryption.
-
-void EVP_CipherUpdate(
-EVP_CIPHER_CTX *ctx,
-unsigned char *out,
-int *outl,
-unsigned char *in,
-int inl);
-	Again this function calls either EVP_EncryptUpdate() or
-	EVP_DecryptUpdate() depending on state in the 'ctx' structure.
-	As noted for EVP_DecryptUpdate(), when this routine is used
-	for decryption with block ciphers, 'out' should not be the
-	same as 'in'.
-
-int EVP_CipherFinal(
-EVP_CIPHER_CTX *ctx,
-unsigned char *outm,
-int *outl);
-	This routine call EVP_EncryptFinal() or EVP_DecryptFinal()
-	depending on the state information in 'ctx'.  1 is always returned
-	if the mode is encryption, otherwise the return value is the return
-	value of EVP_DecryptFinal().
-
-==== cipher.m ========================================================
-
-Date: Tue, 15 Oct 1996 08:16:14 +1000 (EST)
-From: Eric Young <eay@mincom.com>
-X-Sender: eay@orb
-To: Roland Haring <rharing@tandem.cl>
-Cc: ssl-users@mincom.com
-Subject: Re: Symmetric encryption with ssleay
-In-Reply-To: <m0vBpyq-00001aC@tandemnet.tandem.cl>
-Message-Id: <Pine.SOL.3.91.961015075623.11394A-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Sender: ssl-lists-owner@mincom.com
-Precedence: bulk
-Status: RO
-X-Status: 
-
-On Fri, 11 Oct 1996, Roland Haring wrote:
-> THE_POINT:
-> 	Would somebody be so kind to give me the minimum basic 
-> 	calls I need to do to libcrypto.a to get some text encrypted
-> 	and decrypted again? ...hopefully with code included to do
-> 	base64 encryption and decryption ... e.g. that sign-it.c code
-> 	posted some while ago was a big help :-) (please, do not point
-> 	me to apps/enc.c where I suspect my Heissenbug to be hidden :-)
-
-Ok, the base64 encoding stuff in 'enc.c' does the wrong thing sometimes 
-when the data is less than a line long (this is for decoding).  I'll dig 
-up the exact fix today and post it.  I am taking longer on 0.6.5 than I 
-intended so I'll just post this patch.
-
-The documentation to read is in
-doc/cipher.doc,
-doc/encode.doc (very sparse :-).
-and perhaps
-doc/digest.doc,
-
-The basic calls to encrypt with say triple DES are
-
-Given
-char key[EVP_MAX_KEY_LENGTH];
-char iv[EVP_MAX_IV_LENGTH];
-EVP_CIPHER_CTX ctx;
-unsigned char out[512+8];
-int outl;
-
-/* optional generation of key/iv data from text password using md5
- * via an upward compatable verson of PKCS#5. */
-EVP_BytesToKey(EVP_des_ede3_cbc,EVP_md5,NULL,passwd,strlen(passwd),
-	key,iv);
-
-/* Initalise the EVP_CIPHER_CTX */
-EVP_EncryptInit(ctx,EVP_des_ede3_cbc,key,iv);
-
-while (....)
-	{
-	/* This is processing 512 bytes at a time, the bytes are being
-	 * copied into 'out', outl bytes are output.  'out' should not be the
-	 * same as 'in' for reasons mentioned in the documentation. */
-	EVP_EncryptUpdate(ctx,out,&outl,in,512);
-	}
-
-/* Output the last 'block'.  If the cipher is a block cipher, the last
- * block is encoded in such a way so that a wrong decryption will normally be
- * detected - again, one of the PKCS standards. */
-
-EVP_EncryptFinal(ctx,out,&outl);
-
-To decrypt, use the EVP_DecryptXXXXX functions except that EVP_DecryptFinal()
-will return 0 if the decryption fails (only detectable on block ciphers).
-
-You can also use
-EVP_CipherInit()
-EVP_CipherUpdate()
-EVP_CipherFinal()
-which does either encryption or decryption depending on an extra 
-parameter to EVP_CipherInit().
-
-
-To do the base64 encoding,
-EVP_EncodeInit()
-EVP_EncodeUpdate()
-EVP_EncodeFinal()
-
-EVP_DecodeInit()
-EVP_DecodeUpdate()
-EVP_DecodeFinal()
-
-where the encoding is quite simple, but the decoding can be a bit more 
-fun (due to dud input).
-
-EVP_DecodeUpdate() returns -1 for an error on an input line, 0 if the 
-'last line' was just processed, and 1 if more lines should be submitted.
-
-EVP_DecodeFinal() returns -1 for an error or 1 if things are ok.
-
-So the loop becomes
-EVP_DecodeInit(....)
-for (;;)
-	{
-	i=EVP_DecodeUpdate(....);
-	if (i < 0) goto err;
-
-	/* process the data */
-
-	if (i == 0) break;
-	}
-EVP_DecodeFinal(....);
-/* process the data */
-
-The problem in 'enc.c' is that I was stuff the processing up after the 
-EVP_DecodeFinal(...) when the for(..) loop was not being run (one line of 
-base64 data) and this was because 'enc.c' tries to scan over a file until
-it hits the first valid base64 encoded line.
-
-hope this helps a bit.
-eric
---
-Eric Young                  | BOOL is tri-state according to Bill Gates.
-AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
-
-==== conf.doc ========================================================
-
-The CONF library.
-
-The CONF library is a simple set of routines that can be used to configure
-programs.  It is a superset of the genenv() function with some extra
-structure.
-
-The library consists of 5 functions.
-
-LHASH *CONF_load(LHASH *config,char *file);
-This function is called to load in a configuration file.  Multiple
-configuration files can be loaded, with each subsequent 'load' overwriting
-any already defined 'variables'.  If there is an error, NULL is returned.
-If config is NULL, a new LHASH structure is created and returned, otherwise
-the new data in the 'file' is loaded into the 'config' structure.
-
-void CONF_free(LHASH *config);
-This function free()s the data in config.
-
-char *CONF_get_string(LHASH *config,char *section,char *name);
-This function returns the string found in 'config' that corresponds to the
-'section' and 'name' specified.  Classes and the naming system used will be
-discussed later in this document.  If the variable is not defined, an NULL
-is returned.
-
-long CONF_get_long(LHASH *config,char *section, char *name);
-This function is the same as CONF_get_string() except that it converts the
-string to an long and returns it.  If variable is not a number or the
-variable does not exist, 0 is returned.  This is a little problematic but I
-don't know of a simple way around it.
-
-STACK *CONF_get_section(LHASH *config, char *section);
-This function returns a 'stack' of CONF_VALUE items that are all the
-items defined in a particular section.  DO NOT free() any of the
-variable returned.  They will disappear when CONF_free() is called.
-
-The 'lookup' model.
-The configuration file is divided into 'sections'.  Each section is started by
-a line of the form '[ section ]'.  All subsequent variable definitions are
-of this section.  A variable definition is a simple alpha-numeric name
-followed by an '=' and then the data.  A section or variable name can be
-described by a regular expression of the following form '[A-Za-z0-9_]+'.
-The value of the variable is the text after the '=' until the end of the
-line, stripped of leading and trailing white space.
-At this point I should mention that a '#' is a comment character, \ is the
-escape character, and all three types of quote can be used to stop any
-special interpretation of the data.
-Now when the data is being loaded, variable expansion can occur.  This is
-done by expanding any $NAME sequences into the value represented by the
-variable NAME.  If the variable is not in the current section, the different
-section can be specified by using the $SECTION::NAME form.  The ${NAME} form
-also works and is very useful for expanding variables inside strings.
-
-When a variable is looked up, there are 2 special section. 'default', which
-is the initial section, and 'ENV' which is the processes environment
-variables (accessed via getenv()).  When a variable is looked up, it is
-first 'matched' with it's section (if one was specified), if this fails, the
-'default' section is matched.
-If the 'lhash' variable passed was NULL, the environment is searched.
-
-Now why do we bother with sections?  So we can have multiple programs using
-the same configuration file, or multiple instances of the same program
-using different variables.  It also provides a nice mechanism to override
-the processes environment variables (eg ENV::HOME=/tmp).  If there is a
-program specific variable missing, we can have default values.
-Multiple configuration files can be loaded, with each new value clearing
-any predefined values.  A system config file can provide 'default' values,
-and application/usr specific files can provide overriding values.
-
-Examples
-
-# This is a simple example
-SSLEAY_HOME	= /usr/local/ssl
-ENV::PATH	= $SSLEAY_HOME/bin:$PATH	# override my path
-
-[X509]
-cert_dir	= $SSLEAY_HOME/certs	# /usr/local/ssl/certs
-
-[SSL]
-CIPHER		= DES-EDE-MD5:RC4-MD5
-USER_CERT	= $HOME/${USER}di'r 5'	# /home/eay/eaydir 5
-USER_CERT	= $HOME/\${USER}di\'r	# /home/eay/${USER}di'r
-USER_CERT	= "$HOME/${US"ER}di\'r	# $HOME/${USER}di'r
-
-TEST		= 1234\
-5678\
-9ab					# TEST=123456789ab
-TTT		= 1234\n\n		# TTT=1234<nl><nl>
-
-
-
-==== des.doc ========================================================
-
-The DES library.
-
-Please note that this library was originally written to operate with
-eBones, a version of Kerberos that had had encryption removed when it left
-the USA and then put back in.  As such there are some routines that I will
-advise not using but they are still in the library for historical reasons.
-For all calls that have an 'input' and 'output' variables, they can be the
-same.
-
-This library requires the inclusion of 'des.h'.
-
-All of the encryption functions take what is called a des_key_schedule as an 
-argument.  A des_key_schedule is an expanded form of the des key.
-A des_key is 8 bytes of odd parity, the type used to hold the key is a
-des_cblock.  A des_cblock is an array of 8 bytes, often in this library
-description I will refer to input bytes when the function specifies
-des_cblock's as input or output, this just means that the variable should
-be a multiple of 8 bytes.
-
-The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
-specify decryption.  The functions and global variable are as follows:
-
-int des_check_key;
-	DES keys are supposed to be odd parity.  If this variable is set to
-	a non-zero value, des_set_key() will check that the key has odd
-	parity and is not one of the known weak DES keys.  By default this
-	variable is turned off;
-	
-void des_set_odd_parity(
-des_cblock *key );
-	This function takes a DES key (8 bytes) and sets the parity to odd.
-	
-int des_is_weak_key(
-des_cblock *key );
-	This function returns a non-zero value if the DES key passed is a
-	weak, DES key.  If it is a weak key, don't use it, try a different
-	one.  If you are using 'random' keys, the chances of hitting a weak
-	key are 1/2^52 so it is probably not worth checking for them.
-	
-int des_set_key(
-des_cblock *key,
-des_key_schedule schedule);
-	Des_set_key converts an 8 byte DES key into a des_key_schedule.
-	A des_key_schedule is an expanded form of the key which is used to
-	perform actual encryption.  It can be regenerated from the DES key
-	so it only needs to be kept when encryption or decryption is about
-	to occur.  Don't save or pass around des_key_schedule's since they
-	are CPU architecture dependent, DES keys are not.  If des_check_key
-	is non zero, zero is returned if the key has the wrong parity or
-	the key is a weak key, else 1 is returned.
-	
-int des_key_sched(
-des_cblock *key,
-des_key_schedule schedule);
-	An alternative name for des_set_key().
-
-int des_rw_mode;		/* defaults to DES_PCBC_MODE */
-	This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
-	This specifies the function to use in the enc_read() and enc_write()
-	functions.
-
-void des_encrypt(
-unsigned long *data,
-des_key_schedule ks,
-int enc);
-	This is the DES encryption function that gets called by just about
-	every other DES routine in the library.  You should not use this
-	function except to implement 'modes' of DES.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.  The characters are loaded 'little endian',
-	have a look at my source code for more details on how I use this
-	function.
-	Data is a pointer to 2 unsigned long's and ks is the
-	des_key_schedule to use.  enc, is non zero specifies encryption,
-	zero if decryption.
-
-void des_encrypt2(
-unsigned long *data,
-des_key_schedule ks,
-int enc);
-	This functions is the same as des_encrypt() except that the DES
-	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for des_encrypt(), you should not use this function.
-	It is used by the routines in my library that implement triple DES.
-	IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
-	as des_encrypt() des_encrypt() des_encrypt() except faster :-).
-
-void des_ecb_encrypt(
-des_cblock *input,
-des_cblock *output,
-des_key_schedule ks,
-int enc);
-	This is the basic Electronic Code Book form of DES, the most basic
-	form.  Input is encrypted into output using the key represented by
-	ks.  If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise
-	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
-	(the des_cblock structure is 8 chars).
-	
-void des_ecb3_encrypt(
-des_cblock *input,
-des_cblock *output,
-des_key_schedule ks1,
-des_key_schedule ks2,
-des_key_schedule ks3,
-int enc);
-	This is the 3 key EDE mode of ECB DES.  What this means is that 
-	the 8 bytes of input is encrypted with ks1, decrypted with ks2 and
-	then encrypted again with ks3, before being put into output;
-	C=E(ks3,D(ks2,E(ks1,M))).  There is a macro, des_ecb2_encrypt()
-	that only takes 2 des_key_schedules that implements,
-	C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1.
-	
-void des_cbc_encrypt(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int enc);
-	This routine implements DES in Cipher Block Chaining mode.
-	Input, which should be a multiple of 8 bytes is encrypted
-	(or decrypted) to output which will also be a multiple of 8 bytes.
-	The number of bytes is in length (and from what I've said above,
-	should be a multiple of 8).  If length is not a multiple of 8, I'm
-	not being held responsible :-).  ivec is the initialisation vector.
-	This function does not modify this variable.  To correctly implement
-	cbc mode, you need to do one of 2 things; copy the last 8 bytes of
-	cipher text for use as the next ivec in your application,
-	or use des_ncbc_encrypt(). 
-	Only this routine has this problem with updating the ivec, all
-	other routines that are implementing cbc mode update ivec.
-	
-void des_ncbc_encrypt(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule sk,
-des_cblock *ivec,
-int enc);
-	For historical reasons, des_cbc_encrypt() did not update the
-	ivec with the value requires so that subsequent calls to
-	des_cbc_encrypt() would 'chain'.  This was needed so that the same
-	'length' values would not need to be used when decrypting.
-	des_ncbc_encrypt() does the right thing.  It is the same as
-	des_cbc_encrypt accept that ivec is updates with the correct value
-	to pass in subsequent calls to des_ncbc_encrypt().  I advise using
-	des_ncbc_encrypt() instead of des_cbc_encrypt();
-
-void des_xcbc_encrypt(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule sk,
-des_cblock *ivec,
-des_cblock *inw,
-des_cblock *outw,
-int enc);
-	This is RSA's DESX mode of DES.  It uses inw and outw to
-	'whiten' the encryption.  inw and outw are secret (unlike the iv)
-	and are as such, part of the key.  So the key is sort of 24 bytes.
-	This is much better than cbc des.
-	
-void des_3cbc_encrypt(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule sk1,
-des_key_schedule sk2,
-des_cblock *ivec1,
-des_cblock *ivec2,
-int enc);
-	This function is flawed, do not use it.  I have left it in the
-	library because it is used in my des(1) program and will function
-	correctly when used by des(1).  If I removed the function, people
-	could end up unable to decrypt files.
-	This routine implements outer triple cbc encryption using 2 ks and
-	2 ivec's.  Use des_ede2_cbc_encrypt() instead.
-	
-void des_ede3_cbc_encrypt(
-des_cblock *input,
-des_cblock *output, 
-long length,
-des_key_schedule ks1,
-des_key_schedule ks2, 
-des_key_schedule ks3, 
-des_cblock *ivec,
-int enc);
-	This function implements outer triple CBC DES encryption with 3
-	keys.  What this means is that each 'DES' operation
-	inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
-	Again, this is cbc mode so an ivec is requires.
-	This mode is used by SSL.
-	There is also a des_ede2_cbc_encrypt() that only uses 2
-	des_key_schedule's, the first being reused for the final
-	encryption.  C=E(ks1,D(ks2,E(ks1,M))).  This form of triple DES
-	is used by the RSAref library.
-	
-void des_pcbc_encrypt(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int enc);
-	This is Propagating Cipher Block Chaining mode of DES.  It is used
-	by Kerberos v4.  It's parameters are the same as des_ncbc_encrypt().
-	
-void des_cfb_encrypt(
-unsigned char *in,
-unsigned char *out,
-int numbits,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int enc);
-	Cipher Feedback Back mode of DES.  This implementation 'feeds back'
-	in numbit blocks.  The input (and output) is in multiples of numbits
-	bits.  numbits should to be a multiple of 8 bits.  Length is the
-	number of bytes input.  If numbits is not a multiple of 8 bits,
-	the extra bits in the bytes will be considered padding.  So if
-	numbits is 12, for each 2 input bytes, the 4 high bits of the
-	second byte will be ignored.  So to encode 72 bits when using
-	a numbits of 12 take 12 bytes.  To encode 72 bits when using
-	numbits of 9 will take 16 bytes.  To encode 80 bits when using
-	numbits of 16 will take 10 bytes. etc, etc.  This padding will
-	apply to both input and output.
-
-	
-void des_cfb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int *num,
-int enc);
-	This is one of the more useful functions in this DES library, it
-	implements CFB mode of DES with 64bit feedback.  Why is this
-	useful you ask?  Because this routine will allow you to encrypt an
-	arbitrary number of bytes, no 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  num contains 'how far' we are though ivec.  If this does
-	not make much sense, read more about cfb mode of DES :-).
-	
-void des_ede3_cfb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks1,
-des_key_schedule ks2,
-des_key_schedule ks3,
-des_cblock *ivec,
-int *num,
-int enc);
-	Same as des_cfb64_encrypt() accept that the DES operation is
-	triple DES.  As usual, there is a macro for
-	des_ede2_cfb64_encrypt() which reuses ks1.
-
-void des_ofb_encrypt(
-unsigned char *in,
-unsigned char *out,
-int numbits,
-long length,
-des_key_schedule ks,
-des_cblock *ivec);
-	This is a implementation of Output Feed Back mode of DES.  It is
-	the same as des_cfb_encrypt() in that numbits is the size of the
-	units dealt with during input and output (in bits).
-	
-void des_ofb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int *num);
-	The same as des_cfb64_encrypt() except that it is Output Feed Back
-	mode.
-
-void des_ede3_ofb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks1,
-des_key_schedule ks2,
-des_key_schedule ks3,
-des_cblock *ivec,
-int *num);
-	Same as des_ofb64_encrypt() accept that the DES operation is
-	triple DES.  As usual, there is a macro for
-	des_ede2_ofb64_encrypt() which reuses ks1.
-
-int des_read_pw_string(
-char *buf,
-int length,
-char *prompt,
-int verify);
-	This routine is used to get a password from the terminal with echo
-	turned off.  Buf is where the string will end up and length is the
-	size of buf.  Prompt is a string presented to the 'user' and if
-	verify is set, the key is asked for twice and unless the 2 copies
-	match, an error is returned.  A return code of -1 indicates a
-	system error, 1 failure due to use interaction, and 0 is success.
-
-unsigned long des_cbc_cksum(
-des_cblock *input,
-des_cblock *output,
-long length,
-des_key_schedule ks,
-des_cblock *ivec);
-	This function produces an 8 byte checksum from input that it puts in
-	output and returns the last 4 bytes as a long.  The checksum is
-	generated via cbc mode of DES in which only the last 8 byes are
-	kept.  I would recommend not using this function but instead using
-	the EVP_Digest routines, or at least using MD5 or SHA.  This
-	function is used by Kerberos v4 so that is why it stays in the
-	library.
-	
-char *des_fcrypt(
-const char *buf,
-const char *salt
-char *ret);
-	This is my fast version of the unix crypt(3) function.  This version
-	takes only a small amount of space relative to other fast
-	crypt() implementations.  This is different to the normal crypt
-	in that the third parameter is the buffer that the return value
-	is written into.  It needs to be at least 14 bytes long.  This
-	function is thread safe, unlike the normal crypt.
-
-char *crypt(
-const char *buf,
-const char *salt);
-	This function calls des_fcrypt() with a static array passed as the
-	third parameter.  This emulates the normal non-thread safe semantics
-	of crypt(3).
-
-void des_string_to_key(
-char *str,
-des_cblock *key);
-	This function takes str and converts it into a DES key.  I would
-	recommend using MD5 instead and use the first 8 bytes of output.
-	When I wrote the first version of these routines back in 1990, MD5
-	did not exist but I feel these routines are still sound.  This
-	routines is compatible with the one in MIT's libdes.
-	
-void des_string_to_2keys(
-char *str,
-des_cblock *key1,
-des_cblock *key2);
-	This function takes str and converts it into 2 DES keys.
-	I would recommend using MD5 and using the 16 bytes as the 2 keys.
-	I have nothing against these 2 'string_to_key' routines, it's just
-	that if you say that your encryption key is generated by using the
-	16 bytes of an MD5 hash, every-one knows how you generated your
-	keys.
-
-int des_read_password(
-des_cblock *key,
-char *prompt,
-int verify);
-	This routine combines des_read_pw_string() with des_string_to_key().
-
-int des_read_2passwords(
-des_cblock *key1,
-des_cblock *key2,
-char *prompt,
-int verify);
-	This routine combines des_read_pw_string() with des_string_to_2key().
-
-void des_random_seed(
-des_cblock key);
-	This routine sets a starting point for des_random_key().
-	
-void des_random_key(
-des_cblock ret);
-	This function return a random key.  Make sure to 'seed' the random
-	number generator (with des_random_seed()) before using this function.
-	I personally now use a MD5 based random number system.
-
-int des_enc_read(
-int fd,
-char *buf,
-int len,
-des_key_schedule ks,
-des_cblock *iv);
-	This function will write to a file descriptor the encrypted data
-	from buf.  This data will be preceded by a 4 byte 'byte count' and
-	will be padded out to 8 bytes.  The encryption is either CBC of
-	PCBC depending on the value of des_rw_mode.  If it is DES_PCBC_MODE,
-	pcbc is used, if DES_CBC_MODE, cbc is used.  The default is to use
-	DES_PCBC_MODE.
-
-int des_enc_write(
-int fd,
-char *buf,
-int len,
-des_key_schedule ks,
-des_cblock *iv);
-	This routines read stuff written by des_enc_read() and decrypts it.
-	I have used these routines quite a lot but I don't believe they are
-	suitable for non-blocking io.  If you are after a full
-	authentication/encryption over networks, have a look at SSL instead.
-
-unsigned long des_quad_cksum(
-des_cblock *input,
-des_cblock *output,
-long length,
-int out_count,
-des_cblock *seed);
-	This is a function from Kerberos v4 that is not anything to do with
-	DES but was needed.  It is a cksum that is quicker to generate than
-	des_cbc_cksum();  I personally would use MD5 routines now.
-=====
-Modes of DES
-Quite a bit of the following information has been taken from
-	AS 2805.5.2
-	Australian Standard
-	Electronic funds transfer - Requirements for interfaces,
-	Part 5.2: Modes of operation for an n-bit block cipher algorithm
-	Appendix A
-
-There are several different modes in which DES can be used, they are
-as follows.
-
-Electronic Codebook Mode (ECB) (des_ecb_encrypt())
-- 64 bits are enciphered at a time.
-- The order of the blocks can be rearranged without detection.
-- The same plaintext block always produces the same ciphertext block
-  (for the same key) making it vulnerable to a 'dictionary attack'.
-- An error will only affect one ciphertext block.
-
-Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
-- a multiple of 64 bits are enciphered at a time.
-- The CBC mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
-- The chaining operation makes the ciphertext blocks dependent on the
-  current and all preceding plaintext blocks and therefore blocks can not
-  be rearranged.
-- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
-- An error will affect the current and the following ciphertext blocks.
-
-Cipher Feedback Mode (CFB) (des_cfb_encrypt())
-- a number of bits (j) <= 64 are enciphered at a time.
-- The CFB mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
-- The chaining operation makes the ciphertext variables dependent on the
-  current and all preceding variables and therefore j-bit variables are
-  chained together and can not be rearranged.
-- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
-- The strength of the CFB mode depends on the size of k (maximal if
-  j == k).  In my implementation this is always the case.
-- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
-- Only multiples of j bits can be enciphered.
-- An error will affect the current and the following ciphertext variables.
-
-Output Feedback Mode (OFB) (des_ofb_encrypt())
-- a number of bits (j) <= 64 are enciphered at a time.
-- The OFB mode produces the same ciphertext whenever the same
-  plaintext enciphered using the same key and starting variable.  More
-  over, in the OFB mode the same key stream is produced when the same
-  key and start variable are used.  Consequently, for security reasons
-  a specific start variable should be used only once for a given key.
-- The absence of chaining makes the OFB more vulnerable to specific attacks.
-- The use of different start variables values prevents the same
-  plaintext enciphering to the same ciphertext, by producing different
-  key streams.
-- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
-- Only multiples of j bits can be enciphered.
-- OFB mode of operation does not extend ciphertext errors in the
-  resultant plaintext output.  Every bit error in the ciphertext causes
-  only one bit to be in error in the deciphered plaintext.
-- OFB mode is not self-synchronising.  If the two operation of
-  encipherment and decipherment get out of synchronism, the system needs
-  to be re-initialised.
-- Each re-initialisation should use a value of the start variable
- different from the start variable values used before with the same
- key.  The reason for this is that an identical bit stream would be
- produced each time from the same parameters.  This would be
- susceptible to a ' known plaintext' attack.
-
-Triple ECB Mode (des_ecb3_encrypt())
-- Encrypt with key1, decrypt with key2 and encrypt with key3 again.
-- As for ECB encryption but increases the key length to 168 bits.
-  There are theoretic attacks that can be used that make the effective
-  key length 112 bits, but this attack also requires 2^56 blocks of
-  memory, not very likely, even for the NSA.
-- If both keys are the same it is equivalent to encrypting once with
-  just one key.
-- If the first and last key are the same, the key length is 112 bits.
-  There are attacks that could reduce the key space to 55 bit's but it
-  requires 2^56 blocks of memory.
-- If all 3 keys are the same, this is effectively the same as normal
-  ecb mode.
-
-Triple CBC Mode (des_ede3_cbc_encrypt())
-- Encrypt with key1, decrypt with key2 and then encrypt with key3.
-- As for CBC encryption but increases the key length to 168 bits with
-  the same restrictions as for triple ecb mode.
-
-==== digest.doc ========================================================
-
-
-The Message Digest subroutines.
-
-These routines require "evp.h" to be included.
-
-These functions are a higher level interface to the various message digest
-routines found in this library.  As such, they allow the same code to be
-used to digest via different algorithms with only a change in an initial
-parameter.  They are basically just a front-end to the MD2, MD5, SHA
-and SHA1
-routines.
-
-These routines all take a pointer to the following structure to specify
-which message digest algorithm to use.
-typedef struct evp_md_st
-	{
-	int type;
-	int pkey_type;
-	int md_size;
-	void (*init)();
-	void (*update)();
-	void (*final)();
-
-	int required_pkey_type; /*EVP_PKEY_xxx */
-	int (*sign)();
-	int (*verify)();
-	} EVP_MD;
-
-If additional message digest algorithms are to be supported, a structure of
-this type needs to be declared and populated and then the Digest routines
-can be used with that algorithm.  The type field is the object NID of the
-digest type (read the section on Objects for an explanation).  The pkey_type
-is the Object type to use when the a message digest is generated by there
-routines and then is to be signed with the pkey algorithm.  Md_size is
-the size of the message digest returned.  Init, update
-and final are the relevant functions to perform the message digest function
-by parts.  One reason for specifying the message digest to use via this
-mechanism is that if you only use md5, only the md5 routines will
-be included in you linked program.  If you passed an integer
-that specified which message digest to use, the routine that mapped that
-integer to a set of message digest functions would cause all the message
-digests functions to be link into the code.  This setup also allows new
-message digest functions to be added by the application.
-
-The six message digests defined in this library are
-
-EVP_MD *EVP_md2(void);	/* RSA sign/verify */
-EVP_MD *EVP_md5(void);	/* RSA sign/verify */
-EVP_MD *EVP_sha(void);	/* RSA sign/verify */
-EVP_MD *EVP_sha1(void);	/* RSA sign/verify */
-EVP_MD *EVP_dss(void);	/* DSA sign/verify */
-EVP_MD *EVP_dss1(void);	/* DSA sign/verify */
-
-All the message digest routines take a EVP_MD_CTX pointer as an argument.
-The state of the message digest is kept in this structure.
-
-typedef struct pem_md_ctx_st
-	{
-	EVP_MD *digest;
-	union	{
-		unsigned char base[4]; /* this is used in my library as a
-					* 'pointer' to all union elements
-					* structures. */
-		MD2_CTX md2;
-		MD5_CTX md5;
-		SHA_CTX sha;
-		} md;
-	} EVP_MD_CTX;
-
-The Digest functions are as follows.
-
-void EVP_DigestInit(
-EVP_MD_CTX *ctx,
-EVP_MD *type);
-	This function is used to initialise the EVP_MD_CTX.  The message
-	digest that will associated with 'ctx' is specified by 'type'.
-
-void EVP_DigestUpdate(
-EVP_MD_CTX *ctx,
-unsigned char *data,
-unsigned int cnt);
-	This function is used to pass more data to the message digest
-	function.  'cnt' bytes are digested from 'data'.
-
-void EVP_DigestFinal(
-EVP_MD_CTX *ctx,
-unsigned char *md,
-unsigned int *len);
-	This function finishes the digestion and puts the message digest
-	into 'md'.  The length of the message digest is put into len;
-	EVP_MAX_MD_SIZE is the size of the largest message digest that
-	can be returned from this function.  Len can be NULL if the
-	size of the digest is not required.
-	
-
-==== encode.doc ========================================================
-
-
-void    EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void    EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
-		int *outl,unsigned char *in,int inl);
-void    EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
-int     EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
-
-void    EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int     EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
-		unsigned char *in, int inl);
-int     EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
-		char *out, int *outl);
-int     EVP_DecodeBlock(unsigned char *t, unsigned
-		char *f, int n);
-
-
-==== envelope.doc ========================================================
-
-The following routines are use to create 'digital' envelopes.
-By this I mean that they perform various 'higher' level cryptographic
-functions.  Have a read of 'cipher.doc' and 'digest.doc' since those
-routines are used by these functions.
-cipher.doc contains documentation about the cipher part of the
-envelope library and digest.doc contatins the description of the
-message digests supported.
-
-To 'sign' a document involves generating a message digest and then encrypting
-the digest with an private key.
-
-#define EVP_SignInit(a,b)		EVP_DigestInit(a,b)
-#define EVP_SignUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-Due to the fact this operation is basically just an extended message
-digest, the first 2 functions are macro calls to Digest generating
-functions.
-
-int     EVP_SignFinal(
-EVP_MD_CTX *ctx,
-unsigned char *md,
-unsigned int *s,
-EVP_PKEY *pkey);
-	This finalisation function finishes the generation of the message
-digest and then encrypts the digest (with the correct message digest 
-object identifier) with the EVP_PKEY private key.  'ctx' is the message digest
-context.  'md' will end up containing the encrypted message digest.  This
-array needs to be EVP_PKEY_size(pkey) bytes long.  's' will actually
-contain the exact length.  'pkey' of course is the private key.  It is
-one of EVP_PKEY_RSA or EVP_PKEY_DSA type.
-If there is an error, 0 is returned, otherwise 1.
-		
-Verify is used to check an signed message digest.
-
-#define EVP_VerifyInit(a,b)		EVP_DigestInit(a,b)
-#define EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-Since the first step is to generate a message digest, the first 2 functions
-are macros.
-
-int EVP_VerifyFinal(
-EVP_MD_CTX *ctx,
-unsigned char *md,
-unsigned int s,
-EVP_PKEY *pkey);
-	This function finishes the generation of the message digest and then
-compares it with the supplied encrypted message digest.  'md' contains the
-'s' bytes of encrypted message digest.  'pkey' is used to public key decrypt
-the digest.  It is then compared with the message digest just generated.
-If they match, 1 is returned else 0.
-
-int	EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
-		int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk);
-Must have at least one public key, error is 0.  I should also mention that
-the buffers pointed to by 'ek' need to be EVP_PKEY_size(pubk[n]) is size.
-
-#define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)	
-void	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
-
-
-int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
-		int ekl,unsigned char *iv,EVP_PKEY *priv);
-0 on failure
-
-#define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
-
-int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-Decrypt final return code
-
-
-==== error.doc ========================================================
-
-The error routines.
-
-The 'error' system I've implemented is intended to server 2 purpose, to
-record the reason why a command failed and to record where in the libraries
-the failure occurred.  It is more or less setup to record a 'trace' of which
-library components were being traversed when the error occurred.
-
-When an error is recorded, it is done so a as single unsigned long which is
-composed of three parts.  The top byte is the 'library' number, the middle
-12 bytes is the function code, and the bottom 12 bits is the 'reason' code.
-
-Each 'library', or should a say, 'section' of the SSLeay library has a
-different unique 'library' error number.  Each function in the library has
-a number that is unique for that library.  Each 'library' also has a number
-for each 'error reason' that is only unique for that 'library'.
-
-Due to the way these error routines record a 'error trace', there is an
-array per thread that is used to store the error codes.
-The various functions in this library are used to access
-and manipulate this array.
-
-void ERR_put_error(int lib, int func,int reason);
-	This routine records an error in library 'lib', function 'func'
-and reason 'reason'.  As errors get 'put' into the buffer, they wrap
-around and overwrite old errors if too many are written.  It is assumed
-that the last errors are the most important.
-
-unsigned long ERR_get_error(void );
-	This function returns the last error added to the error buffer.
-In effect it is popping the value off the buffer so repeated calls will
-continue to return values until there are no more errors to return in which
-case 0 is returned.
-
-unsigned long ERR_peek_error(void );
-	This function returns the value of the last error added to the
-error buffer but does not 'pop' it from the buffer.
-
-void ERR_clear_error(void );
-	This function clears the error buffer, discarding all unread
-errors.
-
-While the above described error system obviously produces lots of different
-error number, a method for 'reporting' these errors in a human readable
-form is required.  To achieve this, each library has the option of
-'registering' error strings.
-
-typedef struct ERR_string_data_st
-	{
-	unsigned long error;
-	char *string;
-	} ERR_STRING_DATA;
-
-The 'ERR_STRING_DATA' contains an error code and the corresponding text
-string.  To add new function error strings for a library, the
-ERR_STRING_DATA needs to be 'registered' with the library.
-
-void ERR_load_strings(unsigned long lib,ERR_STRING_DATA *err);
-	This function 'registers' the array of ERR_STRING_DATA pointed to by
-'err' as error text strings for the error library 'lib'.
-
-void ERR_free_strings(void);
-	This function free()s all the loaded error strings.
-
-char *ERR_error_string(unsigned long error,char *buf);
-	This function returns a text string that is a human readable
-version of the error represented by 'error'.  Buff should be at least 120
-bytes long and if it is NULL, the return value is a pointer to a static
-variable that will contain the error string, otherwise 'buf' is returned.
-If there is not a text string registered for a particular error, a text
-string containing the error number is returned instead.
-
-void ERR_print_errors(BIO *bp);
-void ERR_print_errors_fp(FILE *fp);
-	This function is a convenience routine that prints the error string
-for each error until all errors have been accounted for.
-
-char *ERR_lib_error_string(unsigned long e);
-char *ERR_func_error_string(unsigned long e);
-char *ERR_reason_error_string(unsigned long e);
-The above three functions return the 3 different components strings for the
-error 'e'.  ERR_error_string() uses these functions.
-
-void ERR_load_ERR_strings(void );
-	This function 'registers' the error strings for the 'ERR' module.
-
-void ERR_load_crypto_strings(void );
-	This function 'register' the error strings for just about every
-library in the SSLeay package except for the SSL routines.  There is no
-need to ever register any error text strings and you will probably save in
-program size.  If on the other hand you do 'register' all errors, it is
-quite easy to determine why a particular routine failed.
-
-As a final footnote as to why the error system is designed as it is.
-1) I did not want a single 'global' error code.
-2) I wanted to know which subroutine a failure occurred in.
-3) For Windows NT etc, it should be simple to replace the 'key' routines
-   with code to pass error codes back to the application.
-4) I wanted the option of meaningful error text strings.
-
-Late breaking news - the changes to support threads.
-
-Each 'thread' has an 'ERR_STATE' state associated with it.
-ERR_STATE *ERR_get_state(void ) will return the 'state' for the calling
-thread/process.
-
-ERR_remove_state(unsigned long pid); will 'free()' this state.  If pid == 0
-the current 'thread/process' will have it's error state removed.
-If you do not remove the error state of a thread, this could be considered a
-form of memory leak, so just after 'reaping' a thread that has died,
-call ERR_remove_state(pid).
-
-Have a read of thread.doc for more details for what is required for
-multi-threading support.  All the other error routines will
-work correctly when using threads.
-
-
-==== idea.doc ========================================================
-
-The IDEA library.
-IDEA is a block cipher that operates on 64bit (8 byte) quantities.  It
-uses a 128bit (16 byte) key.  It can be used in all the modes that DES can
-be used.  This library implements the ecb, cbc, cfb64 and ofb64 modes.
-
-For all calls that have an 'input' and 'output' variables, they can be the
-same.
-
-This library requires the inclusion of 'idea.h'.
-
-All of the encryption functions take what is called an IDEA_KEY_SCHEDULE as an 
-argument.  An IDEA_KEY_SCHEDULE is an expanded form of the idea key.
-For all modes of the IDEA algorithm, the IDEA_KEY_SCHEDULE used for
-decryption is different to the one used for encryption.
-
-The define IDEA_ENCRYPT is passed to specify encryption for the functions
-that require an encryption/decryption flag. IDEA_DECRYPT is passed to
-specify decryption.  For some mode there is no encryption/decryption
-flag since this is determined by the IDEA_KEY_SCHEDULE.
-
-So to encrypt you would do the following
-idea_set_encrypt_key(key,encrypt_ks);
-idea_ecb_encrypt(...,encrypt_ks);
-idea_cbc_encrypt(....,encrypt_ks,...,IDEA_ENCRYPT);
-
-To Decrypt
-idea_set_encrypt_key(key,encrypt_ks);
-idea_set_decrypt_key(encrypt_ks,decrypt_ks);
-idea_ecb_encrypt(...,decrypt_ks);
-idea_cbc_encrypt(....,decrypt_ks,...,IDEA_DECRYPT);
-
-Please note that any of the encryption modes specified in my DES library
-could be used with IDEA.  I have only implemented ecb, cbc, cfb64 and
-ofb64 for the following reasons.
-- ecb is the basic IDEA encryption.
-- cbc is the normal 'chaining' form for block ciphers.
-- cfb64 can be used to encrypt single characters, therefore input and output
-  do not need to be a multiple of 8.
-- ofb64 is similar to cfb64 but is more like a stream cipher, not as
-  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
-- If you want triple IDEA, thats 384 bits of key and you must be totally
-  obsessed with security.  Still, if you want it, it is simple enough to
-  copy the function from the DES library and change the des_encrypt to
-  idea_encrypt; an exercise left for the paranoid reader :-).
-
-The functions are as follows:
-
-void idea_set_encrypt_key(
-unsigned char *key;
-IDEA_KEY_SCHEDULE *ks);
-	idea_set_encrypt_key converts a 16 byte IDEA key into an
-	IDEA_KEY_SCHEDULE.  The IDEA_KEY_SCHEDULE is an expanded form of
-	the key which can be used to perform IDEA encryption.
-	An IDEA_KEY_SCHEDULE is an expanded form of the key which is used to
-	perform actual encryption.  It can be regenerated from the IDEA key
-	so it only needs to be kept when encryption is about
-	to occur.  Don't save or pass around IDEA_KEY_SCHEDULE's since they
-	are CPU architecture dependent, IDEA keys are not.
-	
-void idea_set_decrypt_key(
-IDEA_KEY_SCHEDULE *encrypt_ks,
-IDEA_KEY_SCHEDULE *decrypt_ks);
-	This functions converts an encryption IDEA_KEY_SCHEDULE into a
-	decryption IDEA_KEY_SCHEDULE.  For all decryption, this conversion
-	of the key must be done.  In some modes of IDEA, an
-	encryption/decryption flag is also required, this is because these
-	functions involve block chaining and the way this is done changes
-	depending on which of encryption of decryption is being done.
-	Please note that there is no quick way to generate the decryption
-	key schedule other than generating the encryption key schedule and
-	then converting it.
-
-void idea_encrypt(
-unsigned long *data,
-IDEA_KEY_SCHEDULE *ks);
-	This is the IDEA encryption function that gets called by just about
-	every other IDEA routine in the library.  You should not use this
-	function except to implement 'modes' of IDEA.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.
-	Data is a pointer to 2 unsigned long's and ks is the
-	IDEA_KEY_SCHEDULE to use.  Encryption or decryption depends on the
-	IDEA_KEY_SCHEDULE.
-
-void idea_ecb_encrypt(
-unsigned char *input,
-unsigned char *output,
-IDEA_KEY_SCHEDULE *ks);
-	This is the basic Electronic Code Book form of IDEA (in DES this
-	mode is called Electronic Code Book so I'm going to use the term
-	for idea as well :-).
-	Input is encrypted into output using the key represented by
-	ks.  Depending on the IDEA_KEY_SCHEDULE, encryption or
-	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
-	
-void idea_cbc_encrypt(
-unsigned char *input,
-unsigned char *output,
-long length,
-IDEA_KEY_SCHEDULE *ks,
-unsigned char *ivec,
-int enc);
-	This routine implements IDEA in Cipher Block Chaining mode.
-	Input, which should be a multiple of 8 bytes is encrypted
-	(or decrypted) to output which will also be a multiple of 8 bytes.
-	The number of bytes is in length (and from what I've said above,
-	should be a multiple of 8).  If length is not a multiple of 8, bad 
-	things will probably happen.  ivec is the initialisation vector.
-	This function updates iv after each call so that it can be passed to
-	the next call to idea_cbc_encrypt().
-	
-void idea_cfb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int *num,
-int enc);
-	This is one of the more useful functions in this IDEA library, it
-	implements CFB mode of IDEA with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	Enc is used to indicate encryption or decryption.
-	One very important thing to remember is that when decrypting, use
-	the encryption form of the key.
-	CFB64 mode operates by using the cipher to
-	generate a stream of bytes which is used to encrypt the plain text.
-	The cipher text is then encrypted to generate the next 64 bits to
-	be xored (incrementally) with the next 64 bits of plain
-	text.  As can be seen from this, to encrypt or decrypt,
-	the same 'cipher stream' needs to be generated but the way the next
-	block of data is gathered for encryption is different for
-	encryption and decryption.  What this means is that to encrypt
-	idea_set_encrypt_key(key,ks);
-	idea_cfb64_encrypt(...,ks,..,IDEA_ENCRYPT)
-	do decrypt
-	idea_set_encrypt_key(key,ks)
-	idea_cfb64_encrypt(...,ks,...,IDEA_DECRYPT)
-	Note: The same IDEA_KEY_SCHEDULE but different encryption flags.
-	For idea_cbc or idea_ecb, idea_set_decrypt_key() would need to be
-	used to generate the IDEA_KEY_SCHEDULE for decryption.
-	The reason I'm stressing this point is that I just wasted 3 hours
-	today trying to decrypt using this mode and the decryption form of
-	the key :-(.
-	
-void idea_ofb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-des_key_schedule ks,
-des_cblock *ivec,
-int *num);
-	This functions implements OFB mode of IDEA with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	This is in effect a stream cipher, there is no encryption or
-	decryption mode.  The same key and iv should be used to
-	encrypt and decrypt.
-	
-For reading passwords, I suggest using des_read_pw_string() from my DES library.
-To generate a password from a text string, I suggest using MD5 (or MD2) to
-produce a 16 byte message digest that can then be passed directly to
-idea_set_encrypt_key().
-
-=====
-For more information about the specific IDEA modes in this library
-(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
-documentation on my DES library.  What is said about DES is directly
-applicable for IDEA.
-
-
-==== legal.doc ========================================================
-
-From eay@mincom.com Thu Jun 27 00:25:45 1996
-Received: by orb.mincom.oz.au id AA15821
-  (5.65c/IDA-1.4.4 for eay); Wed, 26 Jun 1996 14:25:45 +1000
-Date: Wed, 26 Jun 1996 14:25:45 +1000 (EST)
-From: Eric Young <eay@mincom.oz.au>
-X-Sender: eay@orb
-To: Ken Toll <ktoll@ren.digitalage.com>
-Cc: Eric Young <eay@mincom.oz.au>, ssl-talk@netscape.com
-Subject: Re: Unidentified subject!
-In-Reply-To: <9606261950.ZM28943@ren.digitalage.com>
-Message-Id: <Pine.SOL.3.91.960626131156.28573K-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Status: O
-X-Status: 
-
-
-This is a little off topic but since SSLeay is a free implementation of
-the SSLv2 protocol, I feel it is worth responding on the topic of if it 
-is actually legal for Americans to use free cryptographic software.
-
-On Wed, 26 Jun 1996, Ken Toll wrote:
-> Is the U.S the only country that SSLeay cannot be used commercially 
-> (because of RSAref) or is that going to be an issue with every country 
-> that a client/server application (non-web browser/server) is deployed 
-> and sold?
-
->From what I understand, the software patents that apply to algorithms 
-like RSA and DH only apply in the USA.  The IDEA algorithm I believe is 
-patened in europe (USA?), but considing how little it is used by other SSL 
-implementations, it quite easily be left out of the SSLeay build
-(this can be done with a compile flag).
-
-Actually if the RSA patent did apply outside the USA, it could be rather
-interesting since RSA is not alowed to let RSA toolkits outside of the USA
-[1], and since these are the only forms that they will alow the algorithm
-to be used in, it would mean that non-one outside of the USA could produce
-public key software which would be a very strong statment for
-international patent law to make :-).  This logic is a little flawed but
-it still points out some of the more interesting permutations of USA
-patent law and ITAR restrictions. 
-
-Inside the USA there is also the unresolved issue of RC4/RC2 which were
-made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2).  I have
-copies of the origional postings if people are interested.  RSA I believe 
-claim that they were 'trade-secrets' and that some-one broke an NDA in 
-revealing them.  Other claim they reverse engineered the algorithms from 
-compiled binaries.  If the algorithms were reverse engineered, I belive 
-RSA had no legal leg to stand on.  If an NDA was broken, I don't know.
-Regardless, RSA, I belive, is willing to go to court over the issue so 
-licencing is probably the best idea, or at least talk to them.
-If there are people who actually know more about this, pease let me know, I 
-don't want to vilify or spread miss-information if I can help it.
-
-If you are not producing a web browser, it is easy to build SSLeay with
-RC2/RC4 removed. Since RC4 is the defacto standard cipher in 
-all web software (and it is damn fast) it is more or less required for 
-www use. For non www use of SSL, especially for an application where 
-interoperability with other vendors is not critical just leave it out.
-
-Removing IDEA, RC2 and RC4 would only leave DES and Triple DES but 
-they should be ok.  Considing that Triple DES can encrypt at rates of
-410k/sec on a pentium 100, and 940k/sec on a P6/200, this is quite 
-reasonable performance.  Single DES clocks in at 1160k/s and 2467k/s
-respectivly is actually quite fast for those not so paranoid (56 bit key).[1]
-
-> Is it possible to get a certificate for commercial use outside of the U.S.?
-yes.
-
-Thawte Consulting issues certificates (they are the people who sell the
-	Sioux httpd server and are based in South Africa)
-Verisign will issue certificates for Sioux (sold from South Africa), so this
-	proves that they will issue certificate for OS use if they are
-	happy with the quality of the software.
-
-(The above mentioned companies just the ones that I know for sure are issuing
- certificates outside the USA).
-
-There is always the point that if you are using SSL for an intra net, 
-SSLeay provides programs that can be used so you can issue your own 
-certificates.  They need polishing but at least it is a good starting point.
-
-I am not doing anything outside Australian law by implementing these
-algorithms (to the best of my knowedge).  It is another example of how 
-the world legal system does not cope with the internet very well.
-
-I may start making shared libraries available (I have now got DLL's for 
-Windows).  This will mean that distributions into the usa could be 
-shipped with a version with a reduced cipher set and the versions outside 
-could use the DLL/shared library with all the ciphers (and without RSAref).
-
-This could be completly hidden from the application, so this would not 
-even require a re-linking.
-
-This is the reverse of what people were talking about doing to get around 
-USA export regulations :-)
-
-eric
-
-[1]:	The RSAref2.0 tookit is available on at least 3 ftp sites in Europe
-	and one in South Africa.
-
-[2]:	Since I always get questions when I post benchmark numbers :-),
-	DES performace figures are in 1000's of bytes per second in cbc 
-	mode using an 8192 byte buffer.  The pentium 100 was running Windows NT 
-	3.51 DLLs and the 686/200 was running NextStep.
-	I quote pentium 100 benchmarks because it is basically the
-	'entry level' computer that most people buy for personal use.
-	Windows 95 is the OS shipping on those boxes, so I'll give
-	NT numbers (the same Win32 runtime environment).  The 686
-	numbers are present as an indication of where we will be in a
-	few years.
---
-Eric Young                  | BOOL is tri-state according to Bill Gates.
-AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
-
-
-
-==== lhash.doc ========================================================
-
-The LHASH library.
-
-I wrote this library in 1991 and have since forgotten why I called it lhash.
-It implements a hash table from an article I read at the
-time from 'Communications of the ACM'.  What makes this hash
-table different is that as the table fills, the hash table is
-increased (or decreased) in size via realloc().
-When a 'resize' is done, instead of all hashes being redistributed over
-twice as many 'buckets', one bucket is split.  So when an 'expand' is done,
-there is only a minimal cost to redistribute some values.  Subsequent
-inserts will cause more single 'bucket' redistributions but there will
-never be a sudden large cost due to redistributing all the 'buckets'.
-
-The state for a particular hash table is kept in the LHASH structure.
-The LHASH structure also records statistics about most aspects of accessing
-the hash table.  This is mostly a legacy of my writing this library for
-the reasons of implementing what looked like a nice algorithm rather than
-for a particular software product.
-
-Internal stuff you probably don't want to know about.
-The decision to increase or decrease the hash table size is made depending
-on the 'load' of the hash table.  The load is the number of items in the
-hash table divided by the size of the hash table.  The default values are
-as follows.  If (hash->up_load < load) => expand.
-if (hash->down_load > load) =>  contract.  The 'up_load' has a default value of
-1 and 'down_load' has a default value of 2.  These numbers can be modified
-by the application by just playing with the 'up_load' and 'down_load'
-variables.  The 'load' is kept in a form which is multiplied by 256.  So
-hash->up_load=8*256; will cause a load of 8 to be set.
-
-If you are interested in performance the field to watch is
-num_comp_calls.  The hash library keeps track of the 'hash' value for
-each item so when a lookup is done, the 'hashes' are compared, if
-there is a match, then a full compare is done, and
-hash->num_comp_calls is incremented.  If num_comp_calls is not equal
-to num_delete plus num_retrieve it means that your hash function is
-generating hashes that are the same for different values.  It is
-probably worth changing your hash function if this is the case because
-even if your hash table has 10 items in a 'bucked', it can be searched
-with 10 'unsigned long' compares and 10 linked list traverses.  This
-will be much less expensive that 10 calls to you compare function.
-
-LHASH *lh_new(
-unsigned long (*hash)(),
-int (*cmp)());
-	This function is used to create a new LHASH structure.  It is passed
-	function pointers that are used to store and retrieve values passed
-	into the hash table.  The 'hash'
-	function is a hashing function that will return a hashed value of
-	it's passed structure.  'cmp' is passed 2 parameters, it returns 0
-	is they are equal, otherwise, non zero.
-	If there are any problems (usually malloc failures), NULL is
-	returned, otherwise a new LHASH structure is returned.  The
-	hash value is normally truncated to a power of 2, so make sure
-	that your hash function returns well mixed low order bits.
-	
-void lh_free(
-LHASH *lh);
-	This function free()s a LHASH structure.  If there is malloced
-	data in the hash table, it will not be freed.  Consider using the
-	lh_doall function to deallocate any remaining entries in the hash
-	table.
-	
-char *lh_insert(
-LHASH *lh,
-char *data);
-	This function inserts the data pointed to by data into the lh hash
-	table.  If there is already and entry in the hash table entry, the
-	value being replaced is returned.  A NULL is returned if the new
-	entry does not clash with an entry already in the table (the normal
-	case) or on a malloc() failure (perhaps I should change this....).
-	The 'char *data' is exactly what is passed to the hash and
-	comparison functions specified in lh_new().
-	
-char *lh_delete(
-LHASH *lh,
-char *data);
-	This routine deletes an entry from the hash table.  The value being
-	deleted is returned.  NULL is returned if there is no such value in
-	the hash table.
-
-char *lh_retrieve(
-LHASH *lh,
-char *data);
-	If 'data' is in the hash table it is returned, else NULL is
-	returned.  The way these routines would normally be uses is that a
-	dummy structure would have key fields populated and then
-	ret=lh_retrieve(hash,&dummy);.  Ret would now be a pointer to a fully
-	populated structure.
-
-void lh_doall(
-LHASH *lh,
-void (*func)(char *a));
-	This function will, for every entry in the hash table, call function
-	'func' with the data item as parameters.
-	This function can be quite useful when used as follows.
-	void cleanup(STUFF *a)
-		{ STUFF_free(a); }
-	lh_doall(hash,cleanup);
-	lh_free(hash);
-	This can be used to free all the entries, lh_free() then
-	cleans up the 'buckets' that point to nothing.  Be careful
-	when doing this.  If you delete entries from the hash table,
-	in the call back function, the table may decrease in size,
-	moving item that you are
-	currently on down lower in the hash table.  This could cause
-	some entries to be skipped.  The best solution to this problem
-	is to set lh->down_load=0 before you start.  This will stop
-	the hash table ever being decreased in size.
-
-void lh_doall_arg(
-LHASH *lh;
-void(*func)(char *a,char *arg));
-char *arg;
-	This function is the same as lh_doall except that the function
-	called will be passed 'arg' as the second argument.
-	
-unsigned long lh_strhash(
-char *c);
-	This function is a demo string hashing function.  Since the LHASH
-	routines would normally be passed structures, this routine would
-	not normally be passed to lh_new(), rather it would be used in the
-	function passed to lh_new().
-
-The next three routines print out various statistics about the state of the
-passed hash table.  These numbers are all kept in the lhash structure.
-
-void lh_stats(
-LHASH *lh,
-FILE *out);
-	This function prints out statistics on the size of the hash table,
-	how many entries are in it, and the number and result of calls to
-	the routines in this library.
-
-void lh_node_stats(
-LHASH *lh,
-FILE *out);
-	For each 'bucket' in the hash table, the number of entries is
-	printed.
-	
-void lh_node_usage_stats(
-LHASH *lh,
-FILE *out);
-	This function prints out a short summary of the state of the hash
-	table.  It prints what I call the 'load' and the 'actual load'.
-	The load is the average number of data items per 'bucket' in the
-	hash table.  The 'actual load' is the average number of items per
-	'bucket', but only for buckets which contain entries.  So the
-	'actual load' is the average number of searches that will need to
-	find an item in the hash table, while the 'load' is the average number
-	that will be done to record a miss.
-
-==== md2.doc ========================================================
-
-The MD2 library.
-MD2 is a message digest algorithm that can be used to condense an arbitrary
-length message down to a 16 byte hash.  The functions all need to be passed
-a MD2_CTX which is used to hold the MD2 context during multiple MD2_Update()
-function calls.  The normal method of use for this library is as follows
-
-MD2_Init(...);
-MD2_Update(...);
-...
-MD2_Update(...);
-MD2_Final(...);
-
-This library requires the inclusion of 'md2.h'.
-
-The main negative about MD2 is that it is slow, especially when compared
-to MD5.
-
-The functions are as follows:
-
-void MD2_Init(
-MD2_CTX *c);
-	This function needs to be called to initiate a MD2_CTX structure for
-	use.
-	
-void MD2_Update(
-MD2_CTX *c;
-unsigned char *data;
-unsigned long len);
-	This updates the message digest context being generated with 'len'
-	bytes from the 'data' pointer.  The number of bytes can be any
-	length.
-
-void MD2_Final(
-unsigned char *md;
-MD2_CTX *c;
-	This function is called when a message digest of the data digested
-	with MD2_Update() is wanted.  The message digest is put in the 'md'
-	array and is MD2_DIGEST_LENGTH (16) bytes long.
-
-unsigned char *MD2(
-unsigned long n;
-unsigned char *d;
-unsigned char *md;
-	This function performs a MD2_Init(), followed by a MD2_Update()
-	followed by a MD2_Final() (using a local MD2_CTX).
-	The resulting digest is put into 'md' if it is not NULL.
-	Regardless of the value of 'md', the message
-	digest is returned from the function.  If 'md' was NULL, the message
-	digest returned is being stored in a static structure.
-
-==== md5.doc ========================================================
-
-The MD5 library.
-MD5 is a message digest algorithm that can be used to condense an arbitrary
-length message down to a 16 byte hash.  The functions all need to be passed
-a MD5_CTX which is used to hold the MD5 context during multiple MD5_Update()
-function calls.  This library also contains random number routines that are
-based on MD5
-
-The normal method of use for this library is as follows
-
-MD5_Init(...);
-MD5_Update(...);
-...
-MD5_Update(...);
-MD5_Final(...);
-
-This library requires the inclusion of 'md5.h'.
-
-The functions are as follows:
-
-void MD5_Init(
-MD5_CTX *c);
-	This function needs to be called to initiate a MD5_CTX structure for
-	use.
-	
-void MD5_Update(
-MD5_CTX *c;
-unsigned char *data;
-unsigned long len);
-	This updates the message digest context being generated with 'len'
-	bytes from the 'data' pointer.  The number of bytes can be any
-	length.
-
-void MD5_Final(
-unsigned char *md;
-MD5_CTX *c;
-	This function is called when a message digest of the data digested
-	with MD5_Update() is wanted.  The message digest is put in the 'md'
-	array and is MD5_DIGEST_LENGTH (16) bytes long.
-
-unsigned char *MD5(
-unsigned char *d;
-unsigned long n;
-unsigned char *md;
-	This function performs a MD5_Init(), followed by a MD5_Update()
-	followed by a MD5_Final() (using a local MD5_CTX).
-	The resulting digest is put into 'md' if it is not NULL.
-	Regardless of the value of 'md', the message
-	digest is returned from the function.  If 'md' was NULL, the message
-	digest returned is being stored in a static structure.
-
-
-==== memory.doc ========================================================
-
-In the interests of debugging SSLeay, there is an option to compile
-using some simple memory leak checking.
-
-All malloc(), free() and realloc() calls in SSLeay now go via
-Malloc(), Free() and Realloc() (except those in crypto/lhash).
-
-If CRYPTO_MDEBUG is defined, these calls are #defined to
-CRYPTO_malloc(), CRYPTO_free() and CRYPTO_realloc().
-If it is not defined, they are #defined to malloc(), free() and realloc().
-
-the CRYPTO_malloc() routines by default just call the underlying library
-functons.
-
-If CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) is called, memory leak detection is
-turned on.  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) turns it off.
-
-When turned on, each Malloc() or Realloc() call is recored along with the file
-and line number from where the call was made.   (This is done using the
-lhash library which always uses normal system malloc(3) routines).
-
-void CRYPTO_mem_leaks(BIO *b);
-void CRYPTO_mem_leaks_fp(FILE *fp);
-These both print out the list of memory that has not been free()ed.
-This will probably be rather hard to read, but if you look for the 'top level'
-structure allocation, this will often give an idea as to what is not being
-free()ed.  I don't expect people to use this stuff normally.
-
-==== ca.1 ========================================================
-
-From eay@orb.mincom.oz.au Thu Dec 28 23:56:45 1995
-Received: by orb.mincom.oz.au id AA07374
-  (5.65c/IDA-1.4.4 for eay); Thu, 28 Dec 1995 13:56:45 +1000
-Date: Thu, 28 Dec 1995 13:56:45 +1000 (EST)
-From: Eric Young <eay@mincom.oz.au>
-X-Sender: eay@orb
-To: sameer <sameer@c2.org>
-Cc: ssleay@mincom.oz.au
-Subject: Re: 'ca'
-In-Reply-To: <199512230440.UAA23410@infinity.c2.org>
-Message-Id: <Pine.SOL.3.91.951228133525.7269A-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Status: RO
-X-Status: 
-
-On Fri, 22 Dec 1995, sameer wrote:
-> 	I could use documentation on 'ca'. Thanks.
-
-Very quickly.
-The ca program uses the ssleay.conf file for most of its configuration
-
-./ca -help
-
- -verbose        - Talk alot while doing things
- -config file    - A config file. If you don't want to use the
-		   default config file
- -name arg       - The particular CA definition to use
-	In the config file, the section to use for parameters.  This lets 
-	multiple setups to be contained in the one file.  By default, the 
-	default_ca variable is looked up in the [ ca ] section.  So in the 
-	shipped ssleay.conf, the CA definition used is CA_default.  It could be 
-	any other name.
- -gencrl days    - Generate a new CRL, days is when the next CRL is due
-	This will generate a new certificate revocion list.
- -days arg       - number of days to certify the certificate for
-	When certifiying certificates, this is the number of days to use.
- -md arg         - md to use, one of md2, md5, sha or sha1
- -policy arg     - The CA 'policy' to support
-	I'll describe this later, but there are 2 policies definied in the 
-	shipped ssleay.conf
- -keyfile arg    - PEM RSA private key file
- -key arg        - key to decode the RSA private key if it is encrypted
-	since we need to keep the CA's RSA key encrypted
- -cert           - The CA certificate
- -in file        - The input PEM encoded certificate request(s)
- -out file       - Where to put the output file(s)
- -outdir dir     - Where to put output certificates
-	The -out options concatinates all the output certificied
-	certificates to one file, -outdir puts them in a directory,
-	named by serial number.
- -infiles ....   - The last argument, requests to process
-	The certificate requests to process, -in is the same.
-
-Just about all the above have default values defined in ssleay.conf.
-
-The key variables in ssleay.conf are (for the pariticular '-name' being 
-used, in the default, it is CA_default).
-
-dir is where all the CA database stuff is kept.
-certs is where all the previously issued certificates are kept.
-The database is a simple text database containing the following tab separated 
-fields.
-status: a value of 'R' - revoked, 'E' -expired or 'V' valid.
-issued date:  When the certificate was certified.
-revoked date:  When it was revoked, blank if not revoked.
-serial number:  The certificate serial number.
-certificate:	Where the certificate is located.
-CN:	The name of the certificate.
-
-The demo file has quite a few made up values it it.  The last 2 were 
-added by the ca program and are acurate.
-The CA program does not update the 'certificate' file correctly right now.
-The serial field should be unique as should the CN/status combination.
-The ca program checks these at startup.  What still needs to be 
-wrtten is a program to 'regenerate' the data base file from the issued 
-certificate list (and a CRL list).
-
-Back to the CA_default variables.
-
-Most of the variables are commented.
-
-policy is the default policy.
-
-Ok for policies, they define the order and which fields must be present 
-in the certificate request and what gets filled in.
-
-So a value of
-countryName             = match
-means that the country name must match the CA certificate.
-organizationalUnitName  = optional
-The org.Unit,Name does not have to be present and
-commonName              = supplied
-commonName must be supplied in the certificate request.
-
-For the 'policy_match' polocy, the order of the attributes in the 
-generated certiticate would be
-countryName
-stateOrProvinceName
-organizationName
-organizationalUnitName
-commonName
-emailAddress
-
-Have a play, it sort of makes sense.  If you think about how the persona 
-requests operate, it is similar to the 'policy_match' policy and the
-'policy_anything' is similar to what versign is doing.
-
-I hope this helps a bit.  Some backend scripts are definitly needed to 
-update the database and to make certificate revocion easy.  All 
-certificates issued should also be kept forever (or until they expire?)
-
-hope this helps
-eric (who has to run off an buy some cheap knee pads for the caving in 4 
-days time :-)
-
---
-Eric Young                  | Signature removed since it was generating
-AARNet: eay@mincom.oz.au    | more followups than the message contents :-)
-
-
-==== ms3-ca.doc ========================================================
-
-Date: Mon, 9 Jun 97 08:00:33 +0200
-From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif)
-Subject: ms3-ca.doc
-Organization: TU Ilmenau, Fak. IA, FG Telematik
-Content-Length: 14575
-Status: RO
-X-Status: 
-
-Loading client certs into MSIE 3.01
-===================================
-
-This document conatains all the information necessary to succesfully set up 
-some scripts to issue client certs to Microsoft Internet Explorer. It 
-includes the required knowledge about the model MSIE uses for client 
-certification and includes complete sample scripts ready to play with. The 
-scripts were tested against a modified ca program of SSLeay 0.6.6 and should 
-work with the regular ca program that comes with version 0.8.0. I haven't 
-tested against MSIE 4.0
-
-You can use the information contained in this document in either way you 
-want. However if you feel it saved you a lot of time I ask you to be as fair 
-as to mention my name: Holger Reif <reif@prakinf.tu-ilmenau.de>.
-
-1.) The model used by MSIE
---------------------------
-
-The Internet Explorer doesn't come with a embedded engine for installing 
-client certs like Netscape's Navigator. It rather uses the CryptoAPI (CAPI) 
-defined by Microsoft. CAPI comes with WindowsNT 4.0 or is installed together 
-with Internet Explorer since 3.01. The advantage of this approach is a higher 
-flexibility because the certificates in the (per user) system open 
-certificate store may be used by other applications as well. The drawback 
-however is that you need to do a bit more work to get a client cert issued.
-
-CAPI defines functions which will handle basic cryptographic work, eg. 
-generating keys, encrypting some data, signing text or building a certificate 
-request. The procedure is as follows: A CAPI function generates you a key 
-pair and saves it into the certificate store. After that one builds a 
-Distinguished Name. Together with that key pair another CAPI function forms a 
-PKCS#10 request which you somehow need to submit to a CA. Finally the issued 
-cert is given to a yet another CAPI function which saves it into the 
-certificate store.
-
-The certificate store with the user's keys and certs is in the registry. You 
-will find it under HKEY_CURRENT_USER/Software/Microsoft/Cryptography/ (I 
-leave it to you as a little exercise to figure out what all the entries mean 
-;-). Note that the keys are protected only with the user's usual Windows 
-login password.
-
-2.) The practical usage
------------------------
-
-Unfortunatly since CAPI is a system API you can't access its functions from 
-HTML code directly. For this purpose Microsoft provides a wrapper called 
-certenr3.dll. This DLL accesses the CAPI functions and provides an interface 
-usable from Visual Basic Script. One needs to install that library on the 
-computer which wants to have client cert. The easiest way is to load it as an 
-ActiveX control (certenr3.dll is properly authenticode signed by MS ;-). If 
-you have ever enrolled e cert request at a CA you will have installed it.
-
-At time of writing certenr3.dll is contained in 
-http://www.microsoft.com/workshop/prog/security/csa/certenr3.exe. It comes 
-with an README file which explains the available functions. It is labeled 
-beta but every CA seems to use it anyway. The license.txt allows you the 
-usage for your own purposes (as far as I understood) and a somehow limited 
-distribution. 
-
-The two functions of main interest are GenerateKeyPair and AcceptCredentials. 
-For complete explanation of all possible parameters see the README file. Here 
-are only minimal required parameters and their values.
-
-GenerateKeyPair(sessionID, FASLE, szName, 0, "ClientAuth", TRUE, FALSE, 1)
-- sessionID is a (locally to that computer) unique string to correlate the 
-generated key pair with a cert installed later.
-- szName is the DN of the form "C=DE; S=Thueringen; L=Ilmenau; CN=Holger 
-Reif; 1.2.840.113549.1.9.1=reif@prakinf.tu-ilmenau.de". Note that S is the 
-abreviation for StateOrProvince. The recognized abreviation include CN, O, C, 
-OU, G, I, L, S, T. If the abreviation is unknown (eg. for PKCS#9 email addr) 
-you need to use the full object identifier. The starting point for searching 
-them could be crypto/objects.h since all OIDs know to SSLeay are listed 
-there.
-- note: the possible ninth parameter which should give a default name to the 
-certificate storage location doesn't seem to work. Changes to the constant 
-values in the call above doesn't seem to make sense. You can't generate 
-PKCS#10 extensions with that function.
-
-The result of GenerateKeyPair is the base64 encoded PKCS#10 request. However 
-it has a little strange format that SSLeay doesn't accept. (BTW I feel the 
-decision of rejecting that format as standard conforming.) It looks like 
-follows:
-	1st line with 76 chars
-	2nd line with 76 chars
-	...
-	(n-2)th line with 76 chars
-	(n-1)th line contains a multiple of 4 chars less then 76 (possible 
-empty)
-	(n)th line has zero or 4 chars (then with 1 or 2 equal signs - the 
-		original text's lenght wasn'T a multiple of 3) 
-	The line separator has two chars: 0x0d 0x0a
-
-AcceptCredentials(sessionID, credentials, 0, FALSE)
-- sessionID needs to be the same as while generating the key pair
-- credentials is the base64 encoded PKCS#7 object containing the cert. 
-
-CRL's and CA certs are not required simply just the client cert. (It seems to 
-me that both are not even checked somehow.) The only format of the base64 
-encoded object I succesfully used was all characters in a very long string 
-without line feeds or carriage returns. (Hey, it doesn't matter, only a 
-computer reads it!)
-
-The result should be S_OK. For error handling see the example that comes with 
-certenr3.dll.
-
-A note about ASN.1 character encodings. certenr3.dll seems to know only about 
-2 of them: UniversalString and PrintableString. First it is definitely wrong 
-for an email address which is IA5STRING (checked by ssleay's ca). Second 
-unfortunately MSIE (at least until version 3.02) can't handle UniversalString 
-correctly - they just blow up you cert store! Therefore ssleay's ca (starting 
-from version 0.8.0) tries to convert the encodings automatically to IA5STRING 
-or TeletexString. The beef is it will work only for the latin-1 (western) 
-charset. Microsoft still has to do abit of homework...
-
-3.) An example
---------------
-
-At least you need two steps: generating the key & request and then installing 
-the certificate. A real world CA would have some more steps involved, eg. 
-accepting some license. Note that both scripts shown below are just 
-experimental state without any warrenty!
-
-First how to generate a request. Note that we can't use a static page because 
-of the sessionID. I generate it from system time plus pid and hope it is 
-unique enough. Your are free to feed it through md5 to get more impressive 
-ID's ;-) Then the intended text is read in with sed which inserts the 
-sessionID. 
-
------BEGIN ms-enroll.cgi-----
-#!/bin/sh
-SESSION_ID=`date '+%y%m%d%H%M%S'`$$
-echo Content-type: text/html
-echo
-sed s/template_for_sessId/$SESSION_ID/ <<EOF
-<HTML><HEAD>
-<TITLE>Certificate Enrollment Test Page</TITLE>
-</HEAD><BODY>
-
-<OBJECT
-    classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
-    codebase=certenr3.dll
-    id=certHelper
-    >
-</OBJECT>
-
-<CENTER>
-<H2>enrollment for a personal cert</H2>
-<BR><HR WIDTH=50%><BR><P>
-<FORM NAME="MSIE_Enrollment" ACTION="ms-gencert.cgi" ENCTYPE=x-www-form-
-encoded METHOD=POST>
-<TABLE>
-    <TR><TD>Country</TD><TD><INPUT NAME="Country" VALUE=""></TD></TR>
-    <TR><TD>State</TD><TD><INPUT NAME="StateOrProvince" VALUE=""></TD></TR>
-    <TR><TD>Location</TD><TD><INPUT NAME="Location" VALUE=""></TD></TR>
-    <TR><TD>Organization</TD><TD><INPUT NAME="Organization" 
-VALUE=""></TD></TR>
-    <TR><TD>Organizational Unit</TD>
-        <TD><INPUT NAME="OrganizationalUnit" VALUE=""></TD></TR>
-    <TR><TD>Name</TD><TD><INPUT NAME="CommonName" VALUE=""></TD></TR>
-    <TR><TD>eMail Address</TD>
-        <TD><INPUT NAME="EmailAddress" VALUE=""></TD></TR>
-    <TR><TD></TD>
-        <TD><INPUT TYPE="BUTTON" NAME="submit" VALUE="Beantragen"></TD></TR>
-</TABLE>
-	<INPUT TYPE="hidden" NAME="SessionId" VALUE="template_for_sessId">
-	<INPUT TYPE="hidden" NAME="Request" VALUE="">
-</FORM>
-<BR><HR WIDTH=50%><BR><P>
-</CENTER>
-
-<SCRIPT LANGUAGE=VBS>
-    Dim DN
-
-    Sub Submit_OnClick
-	Dim TheForm
-	Set TheForm = Document.MSIE_Enrollment
-	sessionId	= TheForm.SessionId.value
-	reqHardware     = FALSE
-	C		= TheForm.Country.value
-	SP		= TheForm.StateOrProvince.value
-	L		= TheForm.Location.value
-	O		= TheForm.Organization.value
-	OU		= TheForm.OrganizationalUnit.value
-	CN              = TheForm.CommonName.value
-	Email		= TheForm.EmailAddress.value
-        szPurpose       = "ClientAuth"
-        doAcceptanceUINow   = FALSE
-        doOnline        = TRUE
-
-	DN = ""
-
-	Call Add_RDN("C", C)
-	Call Add_RDN("S", SP)
-	Call Add_RDN("L", L)
-	Call Add_RDN("O", O)
-	Call Add_RDN("OU", OU)
-	Call Add_RDN("CN", CN)
-	Call Add_RDN("1.2.840.113549.1.9.1", Email)
-		      ' rsadsi
-				     ' pkcs
-				       ' pkcs9
-					 ' eMailAddress
-        On Error Resume Next
-        sz10 = certHelper.GenerateKeyPair(sessionId, _
-                FALSE, DN, 0, ClientAuth, FASLE, TRUE, 1)_
-        theError = Err.Number
-        On Error Goto 0
-        if (sz10 = Empty OR theError <> 0) Then
-            sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & _
-                chr(10) & "Your credentials could not be generated."
-            result = MsgBox(sz, 0, "Credentials Enrollment")
-            Exit Sub
-	else 
-	    TheForm.Request.value = sz10
-	    TheForm.Submit
-        end if
-    End Sub
-
-    Sub Add_RDN(sn, value)
-	if (value <> "") then
-	    if (DN <> "") then
-		DN = DN & "; "
-	    end if
-	    DN = DN & sn & "=" & value
-	end if
-    End Sub
-</SCRIPT>
-</BODY>
-</HTML>
-EOF
------END ms-enroll.cgi-----
-
-Second, how to extract the request and feed the certificate back? We need to 
-"normalize" the base64 encoding of the PKCS#10 format which means 
-regenerating the lines and wrapping with BEGIN and END line. This is done by 
-gawk. The request is taken by ca the normal way. Then the cert needs to be 
-packed into a PKCS#7 structure (note: the use of a CRL is necessary for 
-crl2pkcs7 as of version 0.6.6. Starting with 0.8.0 it it might probably be 
-ommited). Finally we need to format the PKCS#7 object and generate the HTML 
-text. I use two templates to have a clearer script.
-
-1st note: postit2 is slightly modified from a program I found at ncsa's ftp 
-site. Grab it from http://www.easterngraphics.com/certs/IX9704/postit2.c. You 
-need utils.c from there too.
-
-2nd note: I'm note quite sure wether the gawk script really handles all 
-possible inputs for the request right! Today I don't use this construction 
-anymore myself.
-
-3d note: the cert must be of version 3! This could be done with the nsComment 
-line in ssleay.cnf...
-
-------BEGIN ms-gencert.cgi-----
-#!/bin/sh
-FILE="/tmp/"`date '+%y%m%d%H%M%S'-`$$
-rm -f "$FILE".*
-
-HOME=`pwd`; export HOME  # as ssleay.cnf insists on having such an env var
-cd /usr/local/ssl #where demoCA (as named in ssleay.conf) is located
-
-postit2 -s " " -i 0x0d > "$FILE".inp  # process the FORM vars
-
-SESSION_ID=`gawk '$1 == "SessionId" { print $2; exit }' "$FILE".inp`
-
-gawk \
-	'BEGIN { \
-		OFS = ""; \
-		print "-----BEGIN CERTIFICATE REQUEST-----"; \
-		req_seen=0 \
-	} \
-	$1 == "Request" { \
-		req_seen=1; \
-		if (length($2) == 72) print($2); \
-		lastline=$2; \
-		next; \
-	} \
-	{ \
-		if (req_seen == 1) { \
-			if (length($1) >= 72) print($1); \
-			else if (length(lastline) < 72) { \
-				req_seen=0; \
-				print (lastline,$1); \
-			} \
-		lastline=$1; \
-		} \
-	} \
-	END { \
-		print "-----END CERTIFICATE REQUEST-----"; \
-	}' > "$FILE".pem < "$FILE".inp 
-
-ssleay ca -batch -in "$FILE".pem -key passwd -out "$FILE".out
-ssleay crl2pkcs7 -certfile "$FILE".out -out "$FILE".pkcs7 -in demoCA/crl.pem
-
-sed s/template_for_sessId/$SESSION_ID/ <ms-enroll2a.html >"$FILE".cert
-/usr/local/bin/gawk \
-	'BEGIN	{ \
-		OFS = ""; \
-		dq = sprintf("%c",34); \
-	} \
-	$0 ~ "PKCS7" { next; } \
-	{ \
-		print dq$0dq" & _"; \
-	}' <"$FILE".pkcs7 >> "$FILE".cert
-cat  ms-enroll2b.html >>"$FILE".cert
-
-echo Content-type: text/html
-echo Content-length: `wc -c "$FILE".cert`
-echo
-cat "$FILE".cert
-rm -f "$FILE".*
------END ms-gencert.cgi-----
-
-----BEGIN ms-enroll2a.html----
-<HTML><HEAD><TITLE>Certificate Acceptance Test Page</TITLE></HEAD><BODY>
-
-<OBJECT
-    classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
-    codebase=certenr3.dll
-    id=certHelper
-    >
-</OBJECT>
-
-<CENTER>
-<H2>Your personal certificate</H2>
-<BR><HR WIDTH=50%><BR><P>
-Press the button!
-<P><INPUT TYPE=BUTTON VALUE="Nimm mich!" NAME="InstallCert">
-</CENTER>
-<BR><HR WIDTH=50%><BR>
-
-<SCRIPT LANGUAGE=VBS>
-    Sub InstallCert_OnClick
-
-	sessionId	= "template_for_sessId"
-credentials = "" & _
-----END ms-enroll2a.html----
-
-----BEGIN ms-enroll2b.html----
-""
-        On Error Resume Next
-        result = certHelper.AcceptCredentials(sessionId, credentials, 0, 
-FALSE)
-        if (IsEmpty(result)) Then
-           sz = "The error '" & Err.Number & "' occurred." & chr(13) & 
-chr(10) & "This Digital ID could not be registered."
-           msgOut = MsgBox(sz, 0, "Credentials Registration Error")
-           navigate "error.html"
-        else
-           sz = "Digital ID successfully registered."
-           msgOut = MsgBox(sz, 0, "Credentials Registration")
-           navigate "success.html"
-        end if
-	Exit Sub
-    End Sub
-</SCRIPT>
-</BODY>
-</HTML>
-----END ms-enroll2b.html----
-
-4.) What do do with the cert?
------------------------------
-
-The cert is visible (without restarting MSIE) under the following menu:
-View->Options->Security->Personal certs. You can examine it's contents at 
-least partially.
-
-To use it for client authentication you need to use SSL3.0 (fortunately 
-SSLeay supports it with 0.8.0). Furthermore MSIE is told to only supports a 
-kind of automatic selection of certs (I personally wasn't able to test it 
-myself). But there is a requirement that the issuer of the server cert and 
-the issuer of the client cert needs to be the same (according to a developer 
-from MS). Which means: you need may more then one cert to talk to all 
-servers...
-
-I'm sure we will get a bit more experience after ApacheSSL is available for 
-SSLeay 0.8.8.
-
-
-I hope you enjoyed reading and that in future questions on this topic will 
-rarely appear on ssl-users@moncom.com ;-)
-
-Ilmenau, 9th of June 1997
-Holger Reif <reif@prakinf.tu-ilmenau.de>
--- 
-read you later  -  Holger Reif
-----------------------------------------  Signaturprojekt Deutsche Einheit
-TU Ilmenau - Informatik - Telematik                      (Verdamp lang her)
-Holger.Reif@PrakInf.TU-Ilmenau.DE         Alt wie ein Baum werden, um ueber
-http://Remus.PrakInf.TU-Ilmenau.DE/Reif/  alle 7 Bruecken gehen zu koennen
-
-
-==== ns-ca.doc ========================================================
-
-The following documentation was supplied by Jeff Barber, who provided the
-patch to the CA program to add this functionality.
-
-eric
---
-Jeff Barber                                Email: jeffb@issl.atl.hp.com
-
-Hewlett Packard                            Phone: (404) 648-9503
-Internet and System Security Lab           Fax:   (404) 648-9516
-
-                         oo
----------------------cut /\ here for ns-ca.doc ------------------------------
-
-This document briefly describes how to use SSLeay to implement a 
-certificate authority capable of dynamically serving up client
-certificates for version 3.0 beta 5 (and presumably later) versions of
-the Netscape Navigator.  Before describing how this is done, it's
-important to understand a little about how the browser implements its
-client certificate support.  This is documented in some detail in the
-URLs based at <URL:http://home.netscape.com/eng/security/certs.html>.
-Here's a brief overview:
-
--	The Navigator supports a new HTML tag "KEYGEN" which will cause
-	the browser to generate an RSA key pair when you submit a form
-	containing the tag.  The public key, along with an optional
-	challenge (supposedly provided for use in certificate revocation
-	but I don't use it) is signed, DER-encoded, base-64 encoded
-	and sent to the web server as the value of the variable
-	whose NAME is provided in the KEYGEN tag.  The private key is
-	stored by the browser in a local key database.
-
-	This "Signed Public Key And Challenge" (SPKAC) arrives formatted
-	into 64 character lines (which are of course URL-encoded when 
-	sent via HTTP -- i.e. spaces, newlines and most punctuatation are
-	encoded as "%HH" where HH is the hex equivalent of the ASCII code).
-	Note that the SPKAC does not contain the other usual attributes
-	of a certificate request, especially the subject name fields.
-	These must be otherwise encoded in the form for submission along
-	with the SPKAC.
-
--	Either immediately (in response to this form submission), or at
-	some later date (a real CA will probably verify your identity in
-	some way before issuing the certificate), a web server can send a
-	certificate based on the public key and other attributes back to
-	the browser by encoding it in DER (the binary form) and sending it
-	to the browser as MIME type:
-	"Content-type: application/x-x509-user-cert"
-
-	The browser uses the public key encoded in the certificate to
-	associate the certificate with the appropriate private key in
-	its local key database.  Now, the certificate is "installed".
-
--	When a server wants to require authentication based on client
-	certificates, it uses the right signals via the SSL protocol to
-	trigger the Navigator to ask you which certificate you want to
-	send.  Whether the certificate is accepted is dependent on CA
-	certificates and so forth installed in the server and is beyond
-	the scope of this document.
-
-
-Now, here's how the SSLeay package can be used to provide client 
-certficates:
-
--	You prepare a file for input to the SSLeay ca application.
-	The file contains a number of "name = value" pairs that identify
-	the subject.  The names here are the same subject name component
-	identifiers used in the CA section of the lib/ssleay.conf file,
-	such as "emailAddress", "commonName" "organizationName" and so
-	forth.  Both the long version and the short version (e.g. "Email",
-	"CN", "O") can be used.
-
-	One more name is supported: this one is "SPKAC".  Its value
-	is simply the value of the base-64 encoded SPKAC sent by the
-	browser (with all the newlines and other space charaters
-	removed -- and newline escapes are NOT supported).
-
-	[ As of SSLeay 0.6.4, multiple lines are supported.
-	  Put a \ at the end of each line and it will be joined with the
-	  previous line with the '\n' removed - eay ]
-	
-	Here's a sample input file:
-
-C = US
-SP = Georgia
-O = Some Organization, Inc.
-OU = Netscape Compatibility Group
-CN = John X. Doe
-Email = jxdoe@someorg.com
-SPKAC = MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwmk6FMJ4uAVIYbcvIOx5+bDGTfvL8X5gE+R67ccMk6rCSGbVQz2cetyQtnI+VIs0NwdD6wjuSuVtVFbLoHonowIDAQABFgAwDQYJKoZIhvcNAQEEBQADQQBFZDUWFl6BJdomtN1Bi53mwijy1rRgJ4YirF15yBEDM3DjAQkKXHYOIX+qpz4KXKnl6EYxTnGSFL5wWt8X2iyx
-
--	You execute the ca command (either from a CGI program run out of
-	the web server, or as a later manual task) giving it the above
-	file as input.  For example, if the file were named /tmp/cert.req,
-	you'd run:
-	$SSLDIR/bin/ca -spkac /tmp/cert.req -out /tmp/cert
-
-	The output is in DER format (binary) if a -out argument is 
-	provided, as above; otherwise, it's in the PEM format (base-64
-	encoded DER).  Also, the "-batch" switch is implied by the
-	"-spkac" so you don't get asked whether to complete the signing
-	(probably it shouldn't work this way but I was only interested
-	in hacking together an online CA that could be used for issuing
-	test certificates).
-
-	The "-spkac" capability doesn't support multiple files (I think).
-
-	Any CHALLENGE provided in the SPKAC is simply ignored.
-
-	The interactions between the identification fields you provide
-	and those identified in your lib/ssleay.conf are the same as if
-	you did an ordinary "ca -in infile -out outfile" -- that is, if
-	something is marked as required in the ssleay.conf file and it
-	isn't found in the -spkac file, the certificate won't be issued.
-
--	Now, you pick up the output from /tmp/cert and pass it back to
-	the Navigator prepending the Content-type string described earlier.
-
--	In order to run the ca command out of a CGI program, you must
-	provide a password to decrypt the CA's private key.  You can
-	do this by using "echo MyKeyPassword | $SSLDIR/bin/ca ..."
-	I think there's a way to not encrypt the key file in the first
-	place, but I didn't see how to do that, so I made a small change
-	to the library that allows the password to be accepted from a pipe.
-	Either way is UTTERLY INSECURE and a real CA would never do that.
-
-	[ You can use the 'ssleay rsa' command to remove the password
-	  from the private key, or you can use the '-key' option to the
-	  ca command to specify the decryption key on the command line
-	  or use the -nodes option when generating the key.
-	  ca will try to clear the command line version of the password
-	  but for quite a few operating systems, this is not possible.
-	  - eric ]
-
-So, what do you have to do to make use of this stuff to create an online 
-demo CA capability with SSLeay?
-
-1	Create an HTML form for your users.  The form should contain
-	fields for all of the required or optional fields in ssleay.conf.
-	The form must contain a KEYGEN tag somewhere with at least a NAME
-	attribute.
-
-2	Create a CGI program to process the form input submitted by the
-	browser.  The CGI program must URL-decode the variables and create
-	the file described above, containing subject identification info
-	as well as the SPKAC block.  It should then run the the ca program
-	with the -spkac option.  If it works (check the exit status),
-	return the new certificate with the appropriate MIME type.  If not,
-	return the output of the ca command with MIME type "text/plain".
-
-3	Set up your web server to accept connections signed by your demo
-	CA.  This probably involves obtaining the PEM-encoded CA certificate
-	(ordinarily in $SSLDIR/CA/cacert.pem) and installing it into a
-	server database.  See your server manual for instructions.
-
-
-==== obj.doc ========================================================
-
-The Object library.
-
-As part of my Crypto library, I found I required a method of identifying various
-objects.  These objects normally had 3 different values associated with
-them, a short text name, a long (or lower case) text name, and an
-ASN.1 Object Identifier (which is a sequence of numbers).
-This library contains a static list of objects and functions to lookup
-according to one type and to return the other types.
-
-To use these routines, 'Object.h' needs to be included.
-
-For each supported object, #define entries are defined as follows
-#define SN_Algorithm			"Algorithm"
-#define LN_algorithm			"algorithm"
-#define NID_algorithm			38
-#define OBJ_algorithm			1L,3L,14L,3L,2L
-
-SN_  stands for short name.
-LN_  stands for either long name or lowercase name.
-NID_ stands for Numeric ID.  I each object has a unique NID and this
-     should be used internally to identify objects.
-OBJ_ stands for ASN.1 Object Identifier or ASN1_OBJECT as defined in the
-     ASN1 routines.  These values are used in ASN1 encoding.
-
-The following functions are to be used to return pointers into a static
-definition of these types.  What this means is "don't try to free() any
-pointers returned from these functions.
-
-ASN1_OBJECT *OBJ_nid2obj(
-int n);
-	Return the ASN1_OBJECT that corresponds to a NID of n.
-	
-char *OBJ_nid2ln(
-int n);
-	Return the long/lower case name of the object represented by the
-	NID of n.
-	
-char *OBJ_nid2sn(
-int n);
-	Return the short name for the object represented by the NID of n.
-
-ASN1_OBJECT *OBJ_dup(
-ASN1_OBJECT *o);
-	Duplicate and return a new ASN1_OBJECT that is the same as the
-	passed parameter.
-	
-int OBJ_obj2nid(
-ASN1_OBJECT *o);
-	Given ASN1_OBJECT o, return the NID that corresponds.
-	
-int OBJ_ln2nid(
-char *s);
-	Given the long/lower case name 's', return the NID of the object.
-	
-int OBJ_sn2nid(
-char *s);
-	Given the short name 's', return the NID of the object.
-	
-char *OBJ_bsearch(
-char *key,
-char *base,
-int num,
-int size,
-int (*cmp)());
-	Since I have come across a few platforms that do not have the
-	bsearch() function, OBJ_bsearch is my version of that function.
-	Feel free to use this function, but you may as well just use the
-	normal system bsearch(3) if it is present.  This version also
-	has tolerance of being passed NULL pointers.
-
-==== keys ===========================================================
-
-EVP_PKEY_DSA
-EVP_PKEY_DSA2
-EVP_PKEY_DSA3
-EVP_PKEY_DSA4
-
-EVP_PKEY_RSA
-EVP_PKEY_RSA2
-
-valid DSA pkey types
-	NID_dsa
-	NID_dsaWithSHA
-	NID_dsaWithSHA1
-	NID_dsaWithSHA1_2
-
-valid RSA pkey types
-	NID_rsaEncryption
-	NID_rsa
-
-NID_dsaWithSHA	NID_dsaWithSHA			DSA		SHA
-NID_dsa		NID_dsaWithSHA1			DSA		SHA1
-NID_md2		NID_md2WithRSAEncryption	RSA-pkcs1	MD2
-NID_md5		NID_md5WithRSAEncryption	RSA-pkcs1	MD5
-NID_mdc2	NID_mdc2WithRSA			RSA-none	MDC2
-NID_ripemd160	NID_ripemd160WithRSA		RSA-pkcs1	RIPEMD160
-NID_sha		NID_shaWithRSAEncryption	RSA-pkcs1	SHA
-NID_sha1	NID_sha1WithRSAEncryption	RSA-pkcs1	SHA1
-
-==== rand.doc ========================================================
-
-My Random number library.
-
-These routines can be used to generate pseudo random numbers and can be
-used to 'seed' the pseudo random number generator (RNG).  The RNG make no
-effort to reproduce the same random number stream with each execution.
-Various other routines in the SSLeay library 'seed' the RNG when suitable
-'random' input data is available.  Read the section at the end for details
-on the design of the RNG.
-
-void RAND_bytes(
-unsigned char *buf,
-int num);
-	This routine puts 'num' random bytes into 'buf'.  One should make
-	sure RAND_seed() has been called before using this routine.
-	
-void RAND_seed(
-unsigned char *buf,
-int num);
-	This routine adds more 'seed' data the RNG state.  'num' bytes
-	are added to the RNG state, they are taken from 'buf'.  This
-	routine can be called with sensitive data such as user entered
-	passwords.  This sensitive data is in no way recoverable from
-	the RAND library routines or state.  Try to pass as much data
-	from 'random' sources as possible into the RNG via this function.
-	Also strongly consider using the RAND_load_file() and
-	RAND_write_file() routines.
-
-void RAND_cleanup();
-	When a program has finished with the RAND library, if it so
-	desires, it can 'zero' all RNG state.
-	
-The following 3 routines are convenience routines that can be used to
-'save' and 'restore' data from/to the RNG and it's state.
-Since the more 'random' data that is feed as seed data the better, why not
-keep it around between executions of the program?  Of course the
-application should pass more 'random' data in via RAND_seed() and 
-make sure no-one can read the 'random' data file.
-	
-char *RAND_file_name(
-char *buf,
-int size);
-	This routine returns a 'default' name for the location of a 'rand'
-	file.  The 'rand' file should keep a sequence of random bytes used
-	to initialise the RNG.  The filename is put in 'buf'.  Buf is 'size'
-	bytes long.  Buf is returned if things go well, if they do not,
-	NULL is returned.  The 'rand' file name is generated in the
-	following way.  First, if there is a 'RANDFILE' environment
-	variable, it is returned.  Second, if there is a 'HOME' environment
-	variable, $HOME/.rand is returned.  Third, NULL is returned.  NULL
-	is also returned if a buf would overflow.
-
-int RAND_load_file(
-char *file,
-long number);
-	This function 'adds' the 'file' into the RNG state.  It does this by
-	doing a RAND_seed() on the value returned from a stat() system call
-	on the file and if 'number' is non-zero, upto 'number' bytes read
-	from the file.  The number of bytes passed to RAND_seed() is returned.
-
-int RAND_write_file(
-char *file),
-	RAND_write_file() writes N random bytes to the file 'file', where
-	N is the size of the internal RND state (currently 1k).
-	This is a suitable method of saving RNG state for reloading via
-	RAND_load_file().
-
-What follows is a description of this RNG and a description of the rational
-behind it's design.
-
-It should be noted that this RNG is intended to be used to generate
-'random' keys for various ciphers including generation of DH and RSA keys.  
-
-It should also be noted that I have just created a system that I am happy with.
-It may be overkill but that does not worry me.  I have not spent that much
-time on this algorithm so if there are glaring errors, please let me know.
-Speed has not been a consideration in the design of these routines.
-
-First up I will state the things I believe I need for a good RNG.
-1) A good hashing algorithm to mix things up and to convert the RNG 'state'
-   to random numbers.
-2) An initial source of random 'state'.
-3) The state should be very large.  If the RNG is being used to generate
-   4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-   If your RNG state only has 128 bits, you are obviously limiting the
-   search space to 128 bits, not 2048.  I'm probably getting a little
-   carried away on this last point but it does indicate that it may not be
-   a bad idea to keep quite a lot of RNG state.  It should be easier to
-   break a cipher than guess the RNG seed data.
-4) Any RNG seed data should influence all subsequent random numbers
-   generated.  This implies that any random seed data entered will have
-   an influence on all subsequent random numbers generated.
-5) When using data to seed the RNG state, the data used should not be
-   extractable from the RNG state.  I believe this should be a
-   requirement because one possible source of 'secret' semi random
-   data would be a private key or a password.  This data must
-   not be disclosed by either subsequent random numbers or a
-   'core' dump left by a program crash.
-6) Given the same initial 'state', 2 systems should deviate in their RNG state
-   (and hence the random numbers generated) over time if at all possible.
-7) Given the random number output stream, it should not be possible to determine
-   the RNG state or the next random number.
-
-
-The algorithm is as follows.
-
-There is global state made up of a 1023 byte buffer (the 'state'), a
-working message digest ('md') and a counter ('count').
-
-Whenever seed data is added, it is inserted into the 'state' as
-follows.
-	The input is chopped up into units of 16 bytes (or less for
-	the last block).  Each of these blocks is run through the MD5
-	message digest.  The data passed to the MD5 digest is the
-	current 'md', the same number of bytes from the 'state'
-	(the location determined by in incremented looping index) as
-	the current 'block' and the new key data 'block'.  The result
-	of this is kept in 'md' and also xored into the 'state' at the
-	same locations that were used as input into the MD5.
-	I believe this system addresses points 1 (MD5), 3 (the 'state'),
-	4 (via the 'md'), 5 (by the use of MD5 and xor).
-
-When bytes are extracted from the RNG, the following process is used.
-For each group of 8 bytes (or less), we do the following,
-	Input into MD5, the top 8 bytes from 'md', the byte that are
-	to be overwritten by the random bytes and bytes from the
-	'state' (incrementing looping index).  From this digest output
-	(which is kept in 'md'), the top (upto) 8 bytes are
-	returned to the caller and the bottom (upto) 8 bytes are xored
-	into the 'state'.
-	Finally, after we have finished 'generation' random bytes for the
-	called, 'count' (which is incremented) and 'md' are fed into MD5 and
-	the results are kept in 'md'.
-	I believe the above addressed points 1 (use of MD5), 6 (by
-	hashing into the 'state' the 'old' data from the caller that
-	is about to be overwritten) and 7 (by not using the 8 bytes
-	given to the caller to update the 'state', but they are used
-	to update 'md').
-
-So of the points raised, only 2 is not addressed, but sources of
-random data will always be a problem.
-	
-
-==== rc2.doc ========================================================
-
-The RC2 library.
-
-RC2 is a block cipher that operates on 64bit (8 byte) quantities.  It
-uses variable size key, but 128bit (16 byte) key would normally be considered
-good.  It can be used in all the modes that DES can be used.  This
-library implements the ecb, cbc, cfb64, ofb64 modes.
-
-I have implemented this library from an article posted to sci.crypt on
-11-Feb-1996.  I personally don't know how far to trust the RC2 cipher.
-While it is capable of having a key of any size, not much reseach has
-publically been done on it at this point in time (Apr-1996)
-since the cipher has only been public for a few months :-)
-It is of a similar speed to DES and IDEA, so unless it is required for
-meeting some standard (SSLv2, perhaps S/MIME), it would probably be advisable
-to stick to IDEA, or for the paranoid, Tripple DES.
-
-Mind you, having said all that, I should mention that I just read alot and
-implement ciphers, I'm a 'babe in the woods' when it comes to evaluating
-ciphers :-).
-
-For all calls that have an 'input' and 'output' variables, they can be the
-same.
-
-This library requires the inclusion of 'rc2.h'.
-
-All of the encryption functions take what is called an RC2_KEY as an 
-argument.  An RC2_KEY is an expanded form of the RC2 key.
-For all modes of the RC2 algorithm, the RC2_KEY used for
-decryption is the same one that was used for encryption.
-
-The define RC2_ENCRYPT is passed to specify encryption for the functions
-that require an encryption/decryption flag. RC2_DECRYPT is passed to
-specify decryption.
-
-Please note that any of the encryption modes specified in my DES library
-could be used with RC2.  I have only implemented ecb, cbc, cfb64 and
-ofb64 for the following reasons.
-- ecb is the basic RC2 encryption.
-- cbc is the normal 'chaining' form for block ciphers.
-- cfb64 can be used to encrypt single characters, therefore input and output
-  do not need to be a multiple of 8.
-- ofb64 is similar to cfb64 but is more like a stream cipher, not as
-  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
-- If you want triple RC2, thats 384 bits of key and you must be totally
-  obsessed with security.  Still, if you want it, it is simple enough to
-  copy the function from the DES library and change the des_encrypt to
-  RC2_encrypt; an exercise left for the paranoid reader :-).
-
-The functions are as follows:
-
-void RC2_set_key(
-RC2_KEY *ks;
-int len;
-unsigned char *key;
-int bits;
-        RC2_set_key converts an 'len' byte key into a RC2_KEY.
-        A 'ks' is an expanded form of the 'key' which is used to
-        perform actual encryption.  It can be regenerated from the RC2 key
-        so it only needs to be kept when encryption or decryption is about
-        to occur.  Don't save or pass around RC2_KEY's since they
-        are CPU architecture dependent, 'key's are not.  RC2 is an
-	interesting cipher in that it can be used with a variable length
-	key.  'len' is the length of 'key' to be used as the key.
-	A 'len' of 16 is recomended.  The 'bits' argument is an
-	interesting addition which I only found out about in Aug 96.
-	BSAFE uses this parameter to 'limit' the number of bits used
-	for the key.  To use the 'key' unmodified, set bits to 1024.
-	This is what old versions of my RC2 library did (SSLeay 0.6.3).
-	RSAs BSAFE library sets this parameter to be 128 if 128 bit
-	keys are being used.  So to be compatable with BSAFE, set it
-	to 128, if you don't want to reduce RC2's key length, leave it
-	at 1024.
-	
-void RC2_encrypt(
-unsigned long *data,
-RC2_KEY *key,
-int encrypt);
-	This is the RC2 encryption function that gets called by just about
-	every other RC2 routine in the library.  You should not use this
-	function except to implement 'modes' of RC2.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.
-	Data is a pointer to 2 unsigned long's and key is the
-	RC2_KEY to use.  Encryption or decryption is indicated by 'encrypt'.
-	which can have the values RC2_ENCRYPT or RC2_DECRYPT.
-
-void RC2_ecb_encrypt(
-unsigned char *in,
-unsigned char *out,
-RC2_KEY *key,
-int encrypt);
-	This is the basic Electronic Code Book form of RC2 (in DES this
-	mode is called Electronic Code Book so I'm going to use the term
-	for rc2 as well.
-	Input is encrypted into output using the key represented by
-	key.  Depending on the encrypt, encryption or
-	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
-	
-void RC2_cbc_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-RC2_KEY *ks,
-unsigned char *ivec,
-int encrypt);
-	This routine implements RC2 in Cipher Block Chaining mode.
-	Input, which should be a multiple of 8 bytes is encrypted
-	(or decrypted) to output which will also be a multiple of 8 bytes.
-	The number of bytes is in length (and from what I've said above,
-	should be a multiple of 8).  If length is not a multiple of 8, bad 
-	things will probably happen.  ivec is the initialisation vector.
-	This function updates iv after each call so that it can be passed to
-	the next call to RC2_cbc_encrypt().
-	
-void RC2_cfb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-RC2_KEY *schedule,
-unsigned char *ivec,
-int *num,
-int encrypt);
-	This is one of the more useful functions in this RC2 library, it
-	implements CFB mode of RC2 with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	'Encrypt' is used to indicate encryption or decryption.
-	CFB64 mode operates by using the cipher to generate a stream
-	of bytes which is used to encrypt the plain text.
-	The cipher text is then encrypted to generate the next 64 bits to
-	be xored (incrementally) with the next 64 bits of plain
-	text.  As can be seen from this, to encrypt or decrypt,
-	the same 'cipher stream' needs to be generated but the way the next
-	block of data is gathered for encryption is different for
-	encryption and decryption.
-	
-void RC2_ofb64_encrypt(
-unsigned char *in,
-unsigned char *out,
-long length,
-RC2_KEY *schedule,
-unsigned char *ivec,
-int *num);
-	This functions implements OFB mode of RC2 with 64bit feedback.
-	This allows you to encrypt an arbitrary number of bytes,
-	you do not require 8 byte padding.  Each call to this
-	routine will encrypt the input bytes to output and then update ivec
-	and num.  Num contains 'how far' we are though ivec.
-	This is in effect a stream cipher, there is no encryption or
-	decryption mode.
-	
-For reading passwords, I suggest using des_read_pw_string() from my DES library.
-To generate a password from a text string, I suggest using MD5 (or MD2) to
-produce a 16 byte message digest that can then be passed directly to
-RC2_set_key().
-
-=====
-For more information about the specific RC2 modes in this library
-(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
-documentation on my DES library.  What is said about DES is directly
-applicable for RC2.
-
-
-==== rc4.doc ========================================================
-
-The RC4 library.
-RC4 is a stream cipher that operates on a byte stream.  It can be used with
-any length key but I would recommend normally using 16 bytes.
-
-This library requires the inclusion of 'rc4.h'.
-
-The RC4 encryption function takes what is called an RC4_KEY as an argument.
-The RC4_KEY is generated by the RC4_set_key function from the key bytes.
-
-RC4, being a stream cipher, does not have an encryption or decryption mode.
-It produces a stream of bytes that the input stream is xor'ed against and
-so decryption is just a case of 'encrypting' again with the same key.
-
-I have only put in one 'mode' for RC4 which is the normal one.  This means
-there is no initialisation vector and there is no feedback of the cipher
-text into the cipher.  This implies that you should not ever use the
-same key twice if you can help it.  If you do, you leave yourself open to
-known plain text attacks; if you know the plain text and
-corresponding cipher text in one message, all messages that used the same
-key can have the cipher text decoded for the corresponding positions in the
-cipher stream.
-
-The main positive feature of RC4 is that it is a very fast cipher; about 4
-times faster that DES.  This makes it ideally suited to protocols where the
-key is randomly chosen, like SSL.
-
-The functions are as follows:
-
-void RC4_set_key(
-RC4_KEY *key;
-int len;
-unsigned char *data);
-	This function initialises the RC4_KEY structure with the key passed
-	in 'data', which is 'len' bytes long.  The key data can be any
-	length but 16 bytes seems to be a good number.
-
-void RC4(
-RC4_KEY *key;
-unsigned long len;
-unsigned char *in;
-unsigned char *out);
-	Do the actual RC4 encryption/decryption.  Using the 'key', 'len'
-	bytes are transformed from 'in' to 'out'.  As mentioned above,
-	decryption is the operation as encryption.
-
-==== ref.doc ========================================================
-
-I have lots more references etc, and will update this list in the future,
-30 Aug 1996 - eay
-
-
-SSL	The SSL Protocol - from Netscapes.
-
-RC4	Newsgroups: sci.crypt
-	From: sterndark@netcom.com (David Sterndark)
-	Subject: RC4 Algorithm revealed.
-	Message-ID: <sternCvKL4B.Hyy@netcom.com>
-
-RC2	Newsgroups: sci.crypt
-	From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-	Subject: Specification for Ron Rivests Cipher No.2
-	Message-ID: <4fk39f$f70@net.auckland.ac.nz>
-
-MD2	RFC1319 The MD2 Message-Digest Algorithm
-MD5	RFC1321 The MD5 Message-Digest Algorithm
-
-X509 Certificates
-	RFC1421 Privacy Enhancement for Internet Electronic Mail: Part I
-	RFC1422 Privacy Enhancement for Internet Electronic Mail: Part II
-	RFC1423 Privacy Enhancement for Internet Electronic Mail: Part III
-	RFC1424 Privacy Enhancement for Internet Electronic Mail: Part IV
-
-RSA and various standard encoding
-	PKCS#1 RSA Encryption Standard
-	PKCS#5 Password-Based Encryption Standard
-	PKCS#7 Cryptographic Message Syntax Standard
-	A Layman's Guide to a Subset of ASN.1, BER, and DER
-	An Overview of the PKCS Standards
-	Some Examples of the PKCS Standards
-
-IDEA	Chapter 3 The Block Cipher IDEA
-
-RSA, prime number generation and bignum algorithms
-	Introduction To Algorithms,
-	Thomas Cormen, Charles Leiserson, Ronald Rivest,
-	Section 29 Arithmetic Circuits
-	Section 33 Number-Theoretic Algorithms
-
-Fast Private Key algorithm
-	Fast Decipherment Algorithm for RSA Public-Key Cryptosystem
-	J.-J. Quisquater and C. Couvreur, Electronics Letters,
-	14th October 1982, Vol. 18 No. 21
-
-Prime number generation and bignum algorithms.
-	PGP-2.3a
-
-==== rsa.doc ========================================================
-
-The RSA encryption and utility routines.
-
-The RSA routines are built on top of a big number library (the BN library).
-There are support routines in the X509 library for loading and manipulating
-the various objects in the RSA library.  When errors are returned, read
-about the ERR library for how to access the error codes.
-
-All RSA encryption is done according to the PKCS-1 standard which is
-compatible with PEM and RSAref.  This means that any values being encrypted
-must be less than the size of the modulus in bytes, minus 10, bytes long.
-
-This library uses RAND_bytes()() for it's random data, make sure to feed
-RAND_seed() with lots of interesting and varied data before using these
-routines.
-
-The RSA library has one specific data type, the RSA structure.
-It is composed of 8 BIGNUM variables (see the BN library for details) and
-can hold either a private RSA key or a public RSA key.
-Some RSA libraries have different structures for public and private keys, I
-don't.  For my libraries, a public key is determined by the fact that the
-RSA->d value is NULL.  These routines will operate on any size RSA keys.
-While I'm sure 4096 bit keys are very very secure, they take a lot longer
-to process that 1024 bit keys :-).
-
-The function in the RSA library are as follows.
-
-RSA *RSA_new();
-	This function creates a new RSA object.  The sub-fields of the RSA
-	type are also malloced so you should always use this routine to
-	create RSA variables.
-	
-void RSA_free(
-RSA *rsa);
-	This function 'frees' an RSA structure.  This routine should always
-	be used to free the RSA structure since it will also 'free' any
-	sub-fields of the RSA type that need freeing.
-	
-int RSA_size(
-RSA *rsa);	
-	This function returns the size of the RSA modulus in bytes.  Why do
-	I need this you may ask, well the reason is that when you encrypt
-	with RSA, the output string will be the size of the RSA modulus.
-	So the output for the RSA_encrypt and the input for the RSA_decrypt
-	routines need to be RSA_size() bytes long, because this is how many
-	bytes are expected.
-	
-For the following 4 RSA encryption routines, it should be noted that
-RSA_private_decrypt() should be used on the output from 
-RSA_public_encrypt() and RSA_public_decrypt() should be used on
-the output from RSA_private_encrypt().
-	
-int RSA_public_encrypt(
-int from_len;
-unsigned char *from	
-unsigned char *to	
-RSA *rsa);
-	This function implements RSA public encryption, the rsa variable
-	should be a public key (but can be a private key).  'from_len'
-	bytes taken from 'from' and encrypted and put into 'to'.  'to' needs
-	to be at least RSA_size(rsa) bytes long.  The number of bytes
-	written into 'to' is returned.  -1 is returned on an error.  The
-	operation performed is
-	to = from^rsa->e mod rsa->n.
-	
-int RSA_private_encrypt(
-int from_len;
-unsigned char *from	
-unsigned char *to	
-RSA *rsa);
-	This function implements RSA private encryption, the rsa variable
-	should be a private key.  'from_len' bytes taken from
-	'from' and encrypted and put into 'to'.  'to' needs
-	to be at least RSA_size(rsa) bytes long.  The number of bytes
-	written into 'to' is returned.  -1 is returned on an error.  The
-	operation performed is
-	to = from^rsa->d mod rsa->n.
-
-int RSA_public_decrypt(
-int from_len;
-unsigned char *from	
-unsigned char *to	
-RSA *rsa);
-	This function implements RSA public decryption, the rsa variable
-	should be a public key (but can be a private key).  'from_len'
-	bytes are taken from 'from' and decrypted.  The decrypted data is
-	put into 'to'.  The number of bytes encrypted is returned.  -1 is
-	returned to indicate an error. The operation performed is
-	to = from^rsa->e mod rsa->n.
-
-int RSA_private_decrypt(
-int from_len;
-unsigned char *from	
-unsigned char *to	
-RSA *rsa);
-	This function implements RSA private decryption, the rsa variable
-	should be a private key.  'from_len' bytes are taken
-	from 'from' and decrypted.  The decrypted data is
-	put into 'to'.  The number of bytes encrypted is returned.  -1 is
-	returned to indicate an error. The operation performed is
-	to = from^rsa->d mod rsa->n.
-
-int RSA_mod_exp(
-BIGNUM *n;
-BIGNUM *p;
-RSA *rsa);
-	Normally you will never use this routine.
-	This is really an internal function which is called by
-	RSA_private_encrypt() and RSA_private_decrypt().  It performs
-	n=n^p mod rsa->n except that it uses the 5 extra variables in the
-	RSA structure to make this more efficient.
-	
-RSA *RSA_generate_key(
-int bits;
-unsigned long e;
-void (*callback)();
-char *cb_arg;
-	This routine is used to generate RSA private keys.  It takes
-	quite a period of time to run and should only be used to
-	generate initial private keys that should then be stored
-	for later use.  The passed callback function 
-	will be called periodically so that feedback can be given
-	as to how this function is progressing.
-	'bits' is the length desired for the modulus, so it would be 1024
-	to generate a 1024 bit private key.
-	'e' is the value to use for the public exponent 'e'.  Traditionally
-	it is set to either 3 or 0x10001.
-	The callback function (if not NULL) is called in the following
-	situations.
-	when we have generated a suspected prime number to test,
-	callback(0,num1++,cb_arg).  When it passes a prime number test,
-	callback(1,num2++,cb_arg).  When it is rejected as one of
-	the 2 primes required due to gcd(prime,e value) != 0,
-	callback(2,num3++,cb_arg).  When finally accepted as one
-	of the 2 primes, callback(3,num4++,cb_arg).
-
-
-==== rsaref.doc ========================================================
-
-This package can be compiled to use the RSAref library.
-This library is not allowed outside of the USA but inside the USA it is
-claimed by RSA to be the only RSA public key library that can be used
-besides BSAFE..
-
-There are 2 files, rsaref/rsaref.c and rsaref/rsaref.h that contain the glue
-code to use RSAref.  These files were written by looking at the PGP
-source code and seeing which routines it used to access RSAref.
-I have also been sent by some-one a copy of the RSAref header file that
-contains the library error codes.
-
-[ Jun 1996 update - I have recently gotten hold of RSAref 2.0 from
-  South Africa and have been doing some performace tests. ]
-	
-They have now been tested against the recently announced RSAEURO
-library.
-
-There are 2 ways to use SSLeay and RSAref.  First, to build so that
-the programs must be linked with RSAref, add '-DRSAref' to CFLAG in the top
-level makefile and -lrsaref (or where ever you are keeping RSAref) to
-EX_LIBS.
-
-To build a makefile via util/mk1mf.pl to do this, use the 'rsaref' option.
-
-The second method is to build as per normal and link applications with
-the RSAglue library.  The correct library order would be
-cc -o cmd cmd.o -lssl -lRSAglue -lcrypto -lrsaref -ldes
-The RSAglue library is built in the rsa directory and is NOT
-automatically installed.
-
-Be warned that the RSAEURO library, that is claimed to be compatible
-with RSAref contains a different value for the maximum number of bits
-supported.  This changes structure sizes and so if you are using
-RSAEURO, change the value of RSAref_MAX_BITS in rsa/rsaref.h
-
-
-==== s_mult.doc ========================================================
-
-s_mult is a test program I hacked up on a Sunday for testing non-blocking
-IO.  It has a select loop at it's centre that handles multiple readers
-and writers.
-
-Try the following command
-ssleay s_mult -echo -nbio -ssl -v
-echo - sends any sent text back to the sender
-nbio - turns on non-blocking IO
-ssl  - accept SSL connections, default is normal text
-v    - print lots
-	type Q<cr> to quit
-
-In another window, run the following
-ssleay s_client -pause </etc/termcap
-
-The pause option puts in a 1 second pause in each read(2)/write(2) call
-so the other end will have read()s fail.
-
-==== session.doc ========================================================
-
-I have just checked over and re-worked the session stuff.
-The following brief example will ignore all setup information to do with
-authentication.
-
-Things operate as follows.
-
-The SSL environment has a 'context', a SSL_CTX structure.  This holds the
-cached SSL_SESSIONS (which can be reused) and the certificate lookup
-information.  Each SSL structure needs to be associated with a SSL_CTX.
-Normally only one SSL_CTX structure is needed per program.
-
-SSL_CTX *SSL_CTX_new(void ); 
-void    SSL_CTX_free(SSL_CTX *);
-These 2 functions create and destroy SSL_CTX structures
-
-The SSL_CTX has a session_cache_mode which is by default,
-in SSL_SESS_CACHE_SERVER mode.  What this means is that the library
-will automatically add new session-id's to the cache apon sucsessful
-SSL_accept() calls.
-If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
-to the cache.
-SSL_set_session_cache_mode(ctx,mode)  will set the 'mode' and
-SSL_get_session_cache_mode(ctx) will get the cache 'mode'.
-The modes can be
-SSL_SESS_CACHE_OFF	- no caching
-SSL_SESS_CACHE_CLIENT	- only SSL_connect()
-SSL_SESS_CACHE_SERVER	- only SSL_accept()
-SSL_SESS_NO_CACHE_BOTH	- Either SSL_accept() or SSL_connect().
-If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
-not automatically removed each 255, SSL_connect()s or SSL_accept()s.
-
-By default, apon every 255 successful SSL_connect() or SSL_accept()s,
-the cache is flush.  Please note that this could be expensive on
-a heavily loaded SSL server, in which case, turn this off and
-clear the cache of old entries 'manually' (with one of the functions
-listed below) every few hours.  Perhaps I should up this number, it is hard
-to say.  Remember, the '255' new calls is just a mechanims to get called
-every now and then, in theory at most 255 new session-id's will have been
-added but if 100 are added every minute, you would still have
-500 in the cache before any would start being flushed (assuming a 3 minute
-timeout)..
-
-int SSL_CTX_sess_hits(SSL_CTX *ctx);
-int SSL_CTX_sess_misses(SSL_CTX *ctx);
-int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
-These 3 functions return statistics about the SSL_CTX.  These 3 are the
-number of session id reuses.  hits is the number of reuses, misses are the
-number of lookups that failed, and timeouts is the number of cached
-entries ignored because they had timeouted.
-
-ctx->new_session_cb is a function pointer to a function of type
-int new_session_callback(SSL *ssl,SSL_SESSION *new);
-This function, if set in the SSL_CTX structure is called whenever a new
-SSL_SESSION is added to the cache.  If the callback returns non-zero, it
-means that the application will have to do a SSL_SESSION_free()
-on the structure (this is
-to do with the cache keeping the reference counts correct, without the
-application needing to know about it.
-The 'active' parameter is the current SSL session for which this connection
-was created.
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,int (*cb)());
-to set the callback,
-int (*cb)() SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)
-to get the callback.
-
-If the 'get session' callback is set, when a session id is looked up and
-it is not in the session-id cache, this callback is called.  The callback is
-of the form
-SSL_SESSION *get_session_callback(unsigned char *sess_id,int sess_id_len,
-	int *copy);
-
-The get_session_callback is intended to return null if no session id is found.
-The reference count on the SSL_SESSION in incremented by the SSL library,
-if copy is 1.  Otherwise, the reference count is not modified.
-
-void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
-int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
-
-These callbacks are basically indended to be used by processes to
-send their session-id's to other processes.  I currently have not implemented
-non-blocking semantics for these callbacks, it is upto the appication
-to make the callbacks effiecent if they require blocking (perhaps
-by 'saving' them and then 'posting them' when control returns from
-the SSL_accept().
-
-LHASH *SSL_CTX_sessions(SSL_CTX *ctx)
-This returns the session cache.  The lhash strucutre can be accessed for
-statistics about the cache.
-
-void lh_stats(LHASH *lh, FILE *out);
-void lh_node_stats(LHASH *lh, FILE *out);
-void lh_node_usage_stats(LHASH *lh, FILE *out);
-
-can be used to print details about it's activity and current state.
-You can also delve directly into the lhash structure for 14 different
-counters that are kept against the structure.  When I wrote the lhash library,
-I was interested in gathering statistics :-).
-Have a read of doc/lhash.doc in the SSLeay distribution area for more details
-on the lhash library.
-
-Now as mentioned ealier, when a SSL is created, it needs a SSL_CTX.
-SSL *   SSL_new(SSL_CTX *);
-
-This stores a session.  A session is secret information shared between 2
-SSL contexts.  It will only be created if both ends of the connection have
-authenticated their peer to their satisfaction.  It basically contains
-the information required to use a particular secret key cipher.
-
-To retrieve the SSL_CTX being used by a SSL,
-SSL_CTX *SSL_get_SSL_CTX(SSL *s);
-
-Now when a SSL session is established between to programs, the 'session'
-information that is cached in the SSL_CTX can me manipulated by the
-following functions.
-int SSL_set_session(SSL *s, SSL_SESSION *session);
-This will set the SSL_SESSION to use for the next SSL_connect().  If you use
-this function on an already 'open' established SSL connection, 'bad things
-will happen'.  This function is meaning-less when used on a ssl strucutre
-that is just about to be used in a SSL_accept() call since the
-SSL_accept() will either create a new session or retrieve one from the
-cache.
-
-SSL_SESSION *SSL_get_session(SSL *s);
-This will return the SSL_SESSION for the current SSL, NULL if there is
-no session associated with the SSL structure.
-
-The SSL sessions are kept in the SSL_CTX in a hash table, to remove a
-session
-void    SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
-and to add one
-int    SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-SSL_CTX_add_session() returns 1 if the session was already in the cache (so it
-was not added).
-Whenever a new session is created via SSL_connect()/SSL_accept(),
-they are automatically added to the cache, depending on the session_cache_mode
-settings.  SSL_set_session()
-does not add it to the cache.  Just call SSL_CTX_add_session() if you do want the
-session added.  For a 'client' this would not normally be the case.
-SSL_CTX_add_session() is not normally ever used, except for doing 'evil' things
-which the next 2 funtions help you do.
-
-int     i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
-These 2 functions are in the standard ASN1 library form and can be used to
-load and save to a byte format, the SSL_SESSION structure.
-With these functions, you can save and read these structures to a files or
-arbitary byte string.
-The PEM_write_SSL_SESSION(fp,x) and PEM_read_SSL_SESSION(fp,x,cb) will
-write to a file pointer in base64 encoding.
-
-What you can do with this, is pass session information between separate
-processes.  Please note, that you will probably also need to modify the
-timeout information on the SSL_SESSIONs.
-
-long SSL_get_time(SSL_SESSION *s)
-will return the 'time' that the session
-was loaded.  The timeout is relative to this time.  This information is
-saved when the SSL_SESSION is converted to binarary but it is stored
-in as a unix long, which is rather OS dependant, but easy to convert back.
-
-long SSL_set_time(SSL_SESSION *s,long t) will set the above mentioned time.
-The time value is just the value returned from time(3), and should really
-be defined by be to be time_t.
-
-long SSL_get_timeout(SSL_SESSION *s);
-long SSL_set_timeout(SSL_SESSION *s,long t);
-These 2 retrieve and set the timeout which is just a number of secconds
-from the 'SSL_get_time()' value.  When this time period has elapesed,
-the session will no longer be in the cache (well it will actually be removed
-the next time it is attempted to be retrieved, so you could 'bump'
-the timeout so it remains valid).
-The 'time' and 'timeout' are set on a session when it is created, not reset
-each time it is reused.  If you did wish to 'bump it', just after establishing
-a connection, do a
-SSL_set_time(ssl,time(NULL));
-
-You can also use
-SSL_CTX_set_timeout(SSL_CTX *ctx,unsigned long t) and
-SSL_CTX_get_timeout(SSL_CTX *ctx) to manipulate the default timeouts for
-all SSL connections created against a SSL_CTX.  If you set a timeout in
-an SSL_CTX, all new SSL's created will inherit the timeout.  It can be over
-written by the SSL_set_timeout(SSL *s,unsigned long t) function call.
-If you 'set' the timeout back to 0, the system default will be used.
-
-SSL_SESSION *SSL_SESSION_new();
-void SSL_SESSION_free(SSL_SESSION *ses);
-These 2 functions are used to create and dispose of SSL_SESSION functions.
-You should not ever normally need to use them unless you are using 
-i2d_SSL_SESSION() and/or d2i_SSL_SESSION().  If you 'load' a SSL_SESSION
-via d2i_SSL_SESSION(), you will need to SSL_SESSION_free() it.
-Both SSL_set_session() and SSL_CTX_add_session() will 'take copies' of the
-structure (via reference counts) when it is passed to them.
-
-SSL_CTX_flush_sessions(ctx,time);
-The first function will clear all sessions from the cache, which have expired
-relative to 'time' (which could just be time(NULL)).
-
-SSL_CTX_flush_sessions(ctx,0);
-This is a special case that clears everything.
-
-As a final comment, a 'session' is not enough to establish a new
-connection.  If a session has timed out, a certificate and private key
-need to have been associated with the SSL structure.
-SSL_copy_session_id(SSL *to,SSL *from); will copy not only the session
-strucutre but also the private key and certificate associated with
-'from'.
-
-EXAMPLES.
-
-So lets play at being a weird SSL server.
-
-/* setup a context */
-ctx=SSL_CTX_new();
-
-/* Lets load some session from binary into the cache, why one would do
- * this is not toally clear, but passing between programs does make sense
- * Perhaps you are using 4096 bit keys and are happy to keep them
- * valid for a week, to avoid the RSA overhead of 15 seconds, I'm not toally
- * sure, perhaps this is a process called from an SSL inetd and this is being 
- * passed to the application. */
-session=d2i_SSL_SESSION(....)
-SSL_CTX_add_session(ctx,session);
-
-/* Lets even add a session from a file */
-session=PEM_read_SSL_SESSION(....)
-SSL_CTX_add_session(ctx,session);
-
-/* create a new SSL structure */
-ssl=SSL_new(ctx);
-
-/* At this point we want to be able to 'create' new session if
- * required, so we need a certificate and RSAkey. */
-SSL_use_RSAPrivateKey_file(ssl,...)
-SSL_use_certificate_file(ssl,...)
-
-/* Now since we are a server, it make little sence to load a session against
- * the ssl strucutre since a SSL_accept() will either create a new session or
- * grab an existing one from the cache. */
-
-/* grab a socket descriptor */
-fd=accept(...);
-
-/* associated it with the ssl strucutre */
-SSL_set_fd(ssl,fd);
-
-SSL_accept(ssl); /* 'do' SSL using out cert and RSA key */
-
-/* Lets print out the session details or lets save it to a file,
- * perhaps with a secret key cipher, so that we can pass it to the FBI
- * when they want to decode the session :-).  While we have RSA
- * this does not matter much but when I do SSLv3, this will allow a mechanism
- * for the server/client to record the information needed to decode
- * the traffic that went over the wire, even when using Diffie-Hellman */
-PEM_write_SSL_SESSION(SSL_get_session(ssl),stdout,....)
-
-Lets 'connect' back to the caller using the same session id.
-
-ssl2=SSL_new(ctx);
-fd2=connect(them);
-SSL_set_fd(ssl2,fd2);
-SSL_set_session(ssl2,SSL_get_session(ssl));
-SSL_connect(ssl2);
-
-/* what the hell, lets accept no more connections using this session */
-SSL_CTX_remove_session(SSL_get_SSL_CTX(ssl),SSL_get_session(ssl));
-
-/* we could have just as easily used ssl2 since they both are using the
- * same session.
- * You will note that both ssl and ssl2 are still using the session, and
- * the SSL_SESSION structure will be free()ed when both ssl and ssl2
- * finish using the session.  Also note that you could continue to initiate
- * connections using this session by doing SSL_get_session(ssl) to get the
- * existing session, but SSL_accept() will not be able to find it to
- * use for incoming connections.
- * Of corse, the session will timeout at the far end and it will no
- * longer be accepted after a while.  The time and timeout are ignored except
- * by SSL_accept(). */
-
-/* Since we have had our server running for 10 weeks, and memory is getting
- * short, perhaps we should clear the session cache to remove those
- * 100000 session entries that have expired.  Some may consider this
- * a memory leak :-) */
-
-SSL_CTX_flush_sessions(ctx,time(NULL));
-
-/* Ok, after a bit more time we wish to flush all sessions from the cache
- * so that all new connections will be authenticated and incure the
- * public key operation overhead */
-
-SSL_CTX_flush_sessions(ctx,0);
-
-/* As a final note, to copy everything to do with a SSL, use */
-SSL_copy_session_id(SSL *to,SSL *from);
-/* as this also copies the certificate and RSA key so new session can
- * be established using the same details */
-
-
-==== sha.doc ========================================================
-
-The SHA (Secure Hash Algorithm) library.
-SHA is a message digest algorithm that can be used to condense an arbitrary
-length message down to a 20 byte hash.  The functions all need to be passed
-a SHA_CTX which is used to hold the SHA context during multiple SHA_Update()
-function calls.  The normal method of use for this library is as follows
-This library contains both SHA and SHA-1 digest algorithms.  SHA-1 is
-an update to SHA (which should really be called SHA-0 now) which
-tweaks the algorithm slightly.  The SHA-1 algorithm is used by simply
-using SHA1_Init(), SHA1_Update(), SHA1_Final() and SHA1() instead of the
-SHA*() calls
-
-SHA_Init(...);
-SHA_Update(...);
-...
-SHA_Update(...);
-SHA_Final(...);
-
-This library requires the inclusion of 'sha.h'.
-
-The functions are as follows:
-
-void SHA_Init(
-SHA_CTX *c);
-	This function needs to be called to initiate a SHA_CTX structure for
-	use.
-	
-void SHA_Update(
-SHA_CTX *c;
-unsigned char *data;
-unsigned long len);
-	This updates the message digest context being generated with 'len'
-	bytes from the 'data' pointer.  The number of bytes can be any
-	length.
-
-void SHA_Final(
-unsigned char *md;
-SHA_CTX *c;
-	This function is called when a message digest of the data digested
-	with SHA_Update() is wanted.  The message digest is put in the 'md'
-	array and is SHA_DIGEST_LENGTH (20) bytes long.
-
-unsigned char *SHA(
-unsigned char *d;
-unsigned long n;
-unsigned char *md;
-	This function performs a SHA_Init(), followed by a SHA_Update()
-	followed by a SHA_Final() (using a local SHA_CTX).
-	The resulting digest is put into 'md' if it is not NULL.
-	Regardless of the value of 'md', the message
-	digest is returned from the function.  If 'md' was NULL, the message
-	digest returned is being stored in a static structure.
-	
-
-==== speed.doc ========================================================
-
-To get an idea of the performance of this library, use
-ssleay speed
-
-perl util/sp-diff.pl file1 file2
-
-will print out the relative differences between the 2 files which are
-expected to be the output from the speed program.
-
-The performace of the library is very dependant on the Compiler
-quality and various flags used to build.
-
----
-
-These are some numbers I did comparing RSAref and SSLeay on a Pentium 100.
-[ These numbers are all out of date, as of SSL - 0.6.1 the RSA
-operations are about 2 times faster, so check the version number ]
-
-RSA performance.
-
-SSLeay 0.6.0
-Pentium 100, 32meg, Windows NT Workstation 3.51
-linux - gcc v 2.7.0 -O3 -fomit-frame-pointer -m486
-and
-Windows NT  - Windows NT 3.51 - Visual C++ 4.1   - 586 code + 32bit assember
-Windows 3.1 - Windows NT 3.51 - Visual C++ 1.52c - 286 code + 32bit assember
-NT Dos Shell- Windows NT 3.51 - Visual C++ 1.52c - 286 code + 16bit assember
-
-Times are how long it takes to do an RSA private key operation.
-
-	       512bits 1024bits
--------------------------------
-SSLeay NT dll	0.042s   0.202s see above
-SSLeay linux	0.046s   0.218s	Assember inner loops (normal build) 
-SSLeay linux	0.067s   0.380s Pure C code with BN_LLONG defined
-SSLeay W3.1 dll	0.108s 	 0.478s see above
-SSLeay linux	0.109s   0.713s C without BN_LLONG.
-RSAref2.0 linux	0.149s   0.936s
-SSLeay MS-DOS	0.197s   1.049s see above
-
-486DX66, 32meg, Windows NT Server 3.51
-	       512bits 1024bits
--------------------------------
-SSLeay NT dll   0.084s	 0.495s	<- SSLeay 0.6.3
-SSLeay NT dll   0.154s   0.882s
-SSLeay W3.1 dll 0.335s   1.538s
-SSLeay MS-DOS	0.490s   2.790s
-
-What I find cute is that I'm still faster than RSAref when using standard C,
-without using the 'long long' data type :-), %35 faster for 512bit and we
-scale up to 3.2 times faster for the 'default linux' build.  I should mention
-that people should 'try' to use either x86-lnx.s (elf), x86-lnxa.s or
-x86-sol.s for any x86 based unix they are building on.  The only problems
-with be with syntax but the performance gain is quite large, especially for
-servers.  The code is very simple, you just need to modify the 'header'.
-
-The message is, if you are stuck using RSAref, the RSA performance will be
-bad. Considering the code was compiled for a pentium, the 486DX66 number
-would indicate 'Use RSAref and turn you Pentium 100 into a 486DX66' :-). 
-[ As of verson 0.6.1, it would be correct to say 'turn you pentium 100
- into a 486DX33' :-) ]
-
-I won't tell people if the DLL's are using RSAref or my stuff if no-one
-asks :-).
-
-eric
-
-PS while I know I could speed things up further, I will probably not do
-   so due to the effort involved.  I did do some timings on the
-   SSLeay bignum format -> RSAref number format conversion that occurs
-   each time RSAref is used by SSLeay, and the numbers are trivial.
-   0.00012s a call for 512bit vs 0.149s for the time spent in the function.
-   0.00018s for 1024bit vs 0.938s.  Insignificant.
-   So the 'way to go', to support faster RSA libraries, if people are keen,
-   is to write 'glue' code in a similar way that I do for RSAref and send it
-   to me :-).
-   My base library still has the advantage of being able to operate on 
-   any size numbers, and is not that far from the performance from the
-   leaders in the field. (-%30?)
-   [ Well as of 0.6.1 I am now the leader in the filed on x86 (we at
-     least very close :-) ]
-
-   I suppose I should also mention some other numbers RSAref numbers, again
-   on my Pentium.
-		DES CBC		EDE-DES		MD5
-   RSAref linux	 830k/s		 302k/s		4390k/s
-   SSLeay linux  855k/s          319k/s        10025k/s
-   SSLeay NT	1158k/s		 410k/s	       10470k/s
-   SSLeay w31	 378k/s		 143k/s         2383k/s (fully 16bit)
-
-   Got to admit that Visual C++ 4.[01] is a damn fine compiler :-)
---
-Eric Young                  | BOOL is tri-state according to Bill Gates.
-AARNet: eay@cryptsoft.com   | RTFM Win32 GetMessage().
-
-
-
-
-==== ssl-ciph.doc ========================================================
-
-This is a quick high level summery of how things work now.
-
-Each SSLv2 and SSLv3 cipher is composed of 4 major attributes plus a few extra
-minor ones.
-
-They are 'The key exchange algorithm', which is RSA for SSLv2 but can also
-be Diffle-Hellman for SSLv3.
-
-An 'Authenticion algorithm', which can be RSA, Diffle-Helman, DSS or
-none.
-
-The cipher
-
-The MAC digest.
-
-A cipher can also be an export cipher and is either an SSLv2 or a
-SSLv3 ciphers.
-
-To specify which ciphers to use, one can either specify all the ciphers,
-one at a time, or use 'aliases' to specify the preference and order for
-the ciphers.
-
-There are a large number of aliases, but the most importaint are
-kRSA, kDHr, kDHd and kEDH for key exchange types.
-
-aRSA, aDSS, aNULL and aDH for authentication
-DES, 3DES, RC4, RC2, IDEA and eNULL for ciphers
-MD5, SHA0 and SHA1 digests
-
-Now where this becomes interesting is that these can be put together to
-specify the order and ciphers you wish to use.
-
-To speed this up there are also aliases for certian groups of ciphers.
-The main ones are
-SSLv2	- all SSLv2 ciphers
-SSLv3	- all SSLv3 ciphers
-EXP	- all export ciphers
-LOW	- all low strngth ciphers (no export ciphers, normally single DES)
-MEDIUM	- 128 bit encryption
-HIGH	- Triple DES
-
-These aliases can be joined in a : separated list which specifies to
-add ciphers, move them to the current location and delete them.
-
-A simpler way to look at all of this is to use the 'ssleay ciphers -v' command.
-The default library cipher spec is
-!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP
-which means, first, remove from consideration any ciphers that do not
-authenticate.  Next up, use ciphers using RC4 and RSA.  Next include the HIGH,
-MEDIUM and the LOW security ciphers.  Finish up by adding all the export
-ciphers on the end, then 'pull' all the SSLv2 and export ciphers to
-the end of the list.
-
-The results are
-$ ssleay ciphers -v '!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP'
-
-RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
-RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
-EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
-EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
-DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
-IDEA-CBC-MD5            SSLv3 Kx=RSA      Au=RSA  Enc=IDEA(128) Mac=SHA1
-EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
-EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
-DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
-DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5 
-DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5 
-IDEA-CBC-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=IDEA(128) Mac=MD5 
-RC2-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=RC2(128)  Mac=MD5 
-RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
-EXP-EDH-RSA-DES-CBC     SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
-EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
-EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
-EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
-EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
-EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
-EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
-
-I would recoment people use the 'ssleay ciphers -v "text"'
-command to check what they are going to use.
-
-Anyway, I'm falling asleep here so I'll do some more tomorrow.
-
-eric
-
-==== ssl.doc ========================================================
-
-SSL_CTX_sessions(SSL_CTX *ctx) - the session-id hash table.
-
-/* Session-id cache stats */
-SSL_CTX_sess_number
-SSL_CTX_sess_connect
-SSL_CTX_sess_connect_good
-SSL_CTX_sess_accept
-SSL_CTX_sess_accept_good
-SSL_CTX_sess_hits
-SSL_CTX_sess_cb_hits
-SSL_CTX_sess_misses
-SSL_CTX_sess_timeouts
-
-/* Session-id application notification callbacks */
-SSL_CTX_sess_set_new_cb
-SSL_CTX_sess_get_new_cb
-SSL_CTX_sess_set_get_cb
-SSL_CTX_sess_get_get_cb
-
-/* Session-id cache operation mode */
-SSL_CTX_set_session_cache_mode
-SSL_CTX_get_session_cache_mode
-
-/* Set default timeout values to use. */
-SSL_CTX_set_timeout
-SSL_CTX_get_timeout
-
-/* Global  SSL initalisation informational callback */
-SSL_CTX_set_info_callback
-SSL_CTX_get_info_callback
-SSL_set_info_callback
-SSL_get_info_callback
-
-/* If the SSL_accept/SSL_connect returned with -1, these indicate when
- * we should re-call *.
-SSL_want
-SSL_want_nothing
-SSL_want_read
-SSL_want_write
-SSL_want_x509_lookup
-
-/* Where we are in SSL initalisation, used in non-blocking, perhaps
- * have a look at ssl/bio_ssl.c */
-SSL_state
-SSL_is_init_finished
-SSL_in_init
-SSL_in_connect_init
-SSL_in_accept_init
-
-/* Used to set the 'inital' state so SSL_in_connect_init and SSL_in_accept_init
- * can be used to work out which function to call. */
-SSL_set_connect_state
-SSL_set_accept_state
-
-/* Where to look for certificates for authentication */
-SSL_set_default_verify_paths /* calles SSL_load_verify_locations */
-SSL_load_verify_locations
-
-/* get info from an established connection */
-SSL_get_session
-SSL_get_certificate
-SSL_get_SSL_CTX
-
-SSL_CTX_new
-SSL_CTX_free
-SSL_new
-SSL_clear
-SSL_free
-
-SSL_CTX_set_cipher_list
-SSL_get_cipher
-SSL_set_cipher_list
-SSL_get_cipher_list
-SSL_get_shared_ciphers
-
-SSL_accept
-SSL_connect
-SSL_read
-SSL_write
-
-SSL_debug
-
-SSL_get_read_ahead
-SSL_set_read_ahead
-SSL_set_verify
-
-SSL_pending
-
-SSL_set_fd
-SSL_set_rfd
-SSL_set_wfd
-SSL_set_bio
-SSL_get_fd
-SSL_get_rbio
-SSL_get_wbio
-
-SSL_use_RSAPrivateKey
-SSL_use_RSAPrivateKey_ASN1
-SSL_use_RSAPrivateKey_file
-SSL_use_PrivateKey
-SSL_use_PrivateKey_ASN1
-SSL_use_PrivateKey_file
-SSL_use_certificate
-SSL_use_certificate_ASN1
-SSL_use_certificate_file
-
-ERR_load_SSL_strings
-SSL_load_error_strings
-
-/* human readable version of the 'state' of the SSL connection. */
-SSL_state_string
-SSL_state_string_long
-/* These 2 report what kind of IO operation the library was trying to
- * perform last.  Probably not very usefull. */
-SSL_rstate_string
-SSL_rstate_string_long
-
-SSL_get_peer_certificate
-
-SSL_SESSION_new
-SSL_SESSION_print_fp
-SSL_SESSION_print
-SSL_SESSION_free
-i2d_SSL_SESSION
-d2i_SSL_SESSION
-
-SSL_get_time
-SSL_set_time
-SSL_get_timeout
-SSL_set_timeout
-SSL_copy_session_id
-SSL_set_session
-SSL_CTX_add_session
-SSL_CTX_remove_session
-SSL_CTX_flush_sessions
-
-BIO_f_ssl
-
-/* used to hold information as to why a certificate verification failed */
-SSL_set_verify_result
-SSL_get_verify_result
-
-/* can be used by the application to associate data with an SSL structure.
- * It needs to be 'free()ed' by the application */
-SSL_set_app_data
-SSL_get_app_data
-
-/* The following all set values that are kept in the SSL_CTX but
- * are used as the default values when an SSL session is created.
- * They are over writen by the relevent SSL_xxxx functions */
-
-/* SSL_set_verify */
-void SSL_CTX_set_default_verify
-
-/* This callback, if set, totaly overrides the normal SSLeay verification
- * functions and should return 1 on sucesss and 0 on failure */
-void SSL_CTX_set_cert_verify_callback
-
-/* The following are the same as the equivilent SSL_xxx functions.
- * Only one copy of this information is kept and if a particular
- * SSL structure has a local override, it is totally separate structure.
- */
-int SSL_CTX_use_RSAPrivateKey
-int SSL_CTX_use_RSAPrivateKey_ASN1
-int SSL_CTX_use_RSAPrivateKey_file
-int SSL_CTX_use_PrivateKey
-int SSL_CTX_use_PrivateKey_ASN1
-int SSL_CTX_use_PrivateKey_file
-int SSL_CTX_use_certificate
-int SSL_CTX_use_certificate_ASN1
-int SSL_CTX_use_certificate_file
-
-
-==== ssl_ctx.doc ========================================================
-
-This is now a bit dated, quite a few of the SSL_ functions could be
-SSL_CTX_ functions.  I will update this in the future. 30 Aug 1996
-
-From eay@orb.mincom.oz.au Mon Dec 11 21:37:08 1995
-Received: by orb.mincom.oz.au id AA00696
-  (5.65c/IDA-1.4.4 for eay); Mon, 11 Dec 1995 11:37:08 +1000
-Date: Mon, 11 Dec 1995 11:37:08 +1000 (EST)
-From: Eric Young <eay@mincom.oz.au>
-X-Sender: eay@orb
-To: sameer <sameer@c2.org>
-Cc: Eric Young <eay@mincom.oz.au>
-Subject: Re: PEM_readX509 oesn't seem to be working
-In-Reply-To: <199512110102.RAA12521@infinity.c2.org>
-Message-Id: <Pine.SOL.3.91.951211112115.28608D-100000@orb>
-Mime-Version: 1.0
-Content-Type: TEXT/PLAIN; charset=US-ASCII
-Status: RO
-X-Status: 
-
-On Sun, 10 Dec 1995, sameer wrote:
-> 	OK, that's solved. I've found out that it is saying "no
-> certificate set" in SSL_accept because s->conn == NULL
-> so there is some place I need to initialize s->conn that I am
-> not initializing it.
-
-The full order of things for a server should be.
-
-ctx=SSL_CTX_new();
-
-/* The next line should not really be using ctx->cert but I'll leave it 
- * this way right now... I don't want a X509_ routine to know about an SSL
- * structure, there should be an SSL_load_verify_locations... hmm, I may 
- * add it tonight.
- */
-X509_load_verify_locations(ctx->cert,CAfile,CApath);
-
-/* Ok now for each new connection we do the following */
-con=SSL_new(ctx);
-SSL_set_fd(con,s);
-SSL_set_verify(con,verify,verify_callback);
-
-/* set the certificate and private key to use. */
-SSL_use_certificate_ASN1(con,X509_certificate);
-SSL_use_RSAPrivateKey_ASN1(con,RSA_private_key);
-
-SSL_accept(con);
-
-SSL_read(con)/SSL_write(con);
-
-There is a bit more than that but that is basically the structure.
-
-Create a context and specify where to lookup certificates.
-
-foreach connection
-	{
-	create a SSL structure
-	set the certificate and private key
-	do a SSL_accept
-	
-	we should now be ok
-	}
-
-eric
---
-Eric Young                  | Signature removed since it was generating
-AARNet: eay@mincom.oz.au    | more followups than the message contents :-)
-
-
-
-==== ssleay.doc ========================================================
-
-SSLeay: a cryptographic kitchen sink.
-
-1st December 1995
-Way back at the start of April 1995, I was looking for a mindless
-programming project.  A friend of mine (Tim Hudson) said "why don't you do SSL,
-it has DES encryption in it and I would not mind using it in a SSL telnet".
-While it was true I had written a DES library in previous years, litle
-did I know what an expansive task SSL would turn into.
-
-First of all, the SSL protocol contains DES encryption.  Well and good.  My
-DES library was fast and portable.  It also contained the RSA's RC4 stream
-cipher.  Again, not a problem, some-one had just posted to sci.crypt
-something that was claimed to be RC4.  It also contained IDEA, I had the
-specifications, not a problem to implement.  MD5, an RFC, trivial, at most
-I could spend a week or so trying to see if I could speed up the
-implementation.  All in all a nice set of ciphers.
-Then the first 'expantion of the scope', RSA public key
-encryption.  Since I did not knowing a thing about public key encryption
-or number theory, this appeared quite a daunting task.  Just writing a
-big number library would be problomatic in itself, let alone making it fast.
-At this point the scope of 'implementing SSL' expands eponentialy.
-First of all, the RSA private keys  were being kept in ASN.1 format.
-Thankfully the RSA PKCS series of documents explains this format.  So I now
-needed to be able to encode and decode arbitary ASN.1 objects.  The Public
-keys were embeded in X509 certificates.  Hmm... these are not only
-ASN.1 objects but they make up a heirachy of authentication.  To
-authenticate a X509 certificate one needs to retrieve it's issuers
-certificate etc etc.  Hmm..., so I also need to implement some kind
-of certificate management software.  I would also have to implement
-software to authenticate certificates.  At this point the support code made
-the SSL part of my library look quite small.
-Around this time, the first version of SSLeay was released.
-
-Ah, but here was the problem, I was not happy with the code so far.  As may
-have become obvious, I had been treating all of this as a learning
-exersize, so I have completely written the library myself.  As such, due
-to the way it had grown like a fungus, much of the library was not
-'elagent' or neat.  There were global and static variables all over the
-place, the SSL part did not even handle non-blocking IO.
-The Great rewrite began.
-
-As of this point in time, the 'Great rewrite' has almost finished.  So what
-follows is an approximate list of what is actually SSLeay 0.5.0
-
-/********* This needs to be updated for 0.6.0+ *************/
-
----
-The library contains the following routines.  Please note that most of these
-functions are not specfic for SSL or any other particular cipher
-implementation.  I have tried to make all the routines as general purpose
-as possible.  So you should not think of this library as an SSL
-implemtation, but rather as a library of cryptographic functions
-that also contains SSL.  I refer to each of these function groupings as
-libraries since they are often capable of functioning as independant
-libraries
-
-First up, the general ciphers and message digests supported by the library.
-
-MD2	rfc???, a standard 'by parts' interface to this algorithm.
-MD5	rfc???, the same type of interface as for the MD2 library except a
-	different algorithm.
-SHA	THe Secure Hash Algorithm.  Again the same type of interface as
-	MD2/MD5 except the digest is 20 bytes.
-SHA1	The 'revised' version of SHA.  Just about identical to SHA except
-	for one tweak of an inner loop.
-DES	This is my libdes library that has been floating around for the last
-	few years.  It has been enhanced for no other reason than completeness.
-	It now supports ecb, cbc, cfb, ofb, cfb64, ofb64 in normal mode and
-	triple DES modes of ecb, cbc, cfb64 and ofb64.  cfb64 and ofb64 are
-	functional interfaces to the 64 bit modes of cfb and ofb used in
-	such a way thay they function as single character interfaces.
-RC4	The RSA Inc. stream cipher.
-RC2	The RSA Inc. block cipher.
-IDEA	An implmentation of the IDEA cipher, the library supports ecb, cbc,
-	cfb64 and ofb64 modes of operation.
-
-Now all the above mentioned ciphers and digests libraries support high
-speed, minimal 'crap in the way' type interfaces.  For fastest and
-lowest level access, these routines should be used directly.
-
-Now there was also the matter of public key crypto systems.  These are
-based on large integer arithmatic.
-
-BN	This is my large integer library.  It supports all the normal
-	arithmentic operations.  It uses malloc extensivly and as such has
-	no limits of the size of the numbers being manipulated.  If you
-	wish to use 4000 bit RSA moduli, these routines will handle it.
-	This library also contains routines to 'generate' prime numbers and
-	to test for primality.  The RSA and DH libraries sit on top of this
-	library.  As of this point in time, I don't support SHA, but
-	when I do add it, it will just sit on top of the routines contained
-	in this library.
-RSA	This implements the RSA public key algorithm.  It also contains
-	routines that will generate a new private/public key pair.
-	All the RSA functions conform to the PKCS#1 standard.
-DH	This is an implementation of the
-	Diffie-Hellman protocol.  There are all the require routines for
-	the protocol, plus extra routines that can be used to generate a
-	strong prime for use with a specified generator.  While this last
-	routine is not generally required by applications implementing DH,
-	It is present for completeness and because I thing it is much
-	better to be able to 'generate' your own 'magic' numbers as oposed
-	to using numbers suplied by others.  I conform to the PKCS#3
-	standard where required.
-
-You may have noticed the preceeding section mentions the 'generation' of
-prime numbers.  Now this requries the use of 'random numbers'. 
-
-RAND	This psuedo-random number library is based on MD5 at it's core
-	and a large internal state (2k bytes).  Once you have entered enough
-	seed data into this random number algorithm I don't feel
-	you will ever need to worry about it generating predictable output.
-	Due to the way I am writing a portable library, I have left the
-	issue of how to get good initial random seed data upto the
-	application but I do have support routines for saving and loading a
-	persistant random number state for use between program runs.
-	
-Now to make all these ciphers easier to use, a higher level
-interface was required.  In this form, the same function would be used to
-encrypt 'by parts', via any one of the above mentioned ciphers.
-
-EVP	The Digital EnVeloPe library is quite large.  At it's core are
-	function to perform encryption and decryption by parts while using
-	an initial parameter to specify which of the 17 different ciphers
-	or 4 different message digests to use.  On top of these are implmented
-	the digital signature functions, sign, verify, seal and open.
-	Base64 encoding of binary data is also done in this library.
-
-PEM	rfc???? describe the format for Privacy Enhanced eMail.
-	As part of this standard, methods of encoding digital enveloped
-	data is an ascii format are defined.  As such, I use a form of these
-	to encode enveloped data.  While at this point in time full support
-	for PEM has not been built into the library, a minimal subset of
-	the secret key and Base64 encoding is present.  These reoutines are
-	mostly used to Ascii encode binary data with a 'type' associated
-	with it and perhaps details of private key encryption used to
-	encrypt the data.
-	
-PKCS7	This is another Digital Envelope encoding standard which uses ASN.1
-	to encode the data.  At this point in time, while there are some
-	routines to encode and decode this binary format, full support is
-	not present.
-	
-As Mentioned, above, there are several different ways to encode
-data structures.
-
-ASN1	This library is more a set of primatives used to encode the packing
-	and unpacking of data structures.  It is used by the X509
-	certificate standard and by the PKCS standards which are used by
-	this library.  It also contains routines for duplicating and signing
-	the structures asocisated with X509.
-	
-X509	The X509 library contains routines for packing and unpacking,
-	verifying and just about every thing else you would want to do with
-	X509 certificates.
-
-PKCS7	PKCS-7 is a standard for encoding digital envelope data
-	structures.  At this point in time the routines will load and save
-	DER forms of these structees.  They need to be re-worked to support
-	the BER form which is the normal way PKCS-7 is encoded.  If the
-	previous 2 sentances don't make much sense, don't worry, this
-	library is not used by this version of SSLeay anyway.
-
-OBJ	ASN.1 uses 'object identifiers' to identify objects.  A set of
-	functions were requred to translate from ASN.1 to an intenger, to a
-	character string.  This library provieds these translations
-	
-Now I mentioned an X509 library.  X509 specified a hieachy of certificates
-which needs to be traversed to authenticate particular certificates.
-
-METH	This library is used to push 'methods' of retrieving certificates
-	into the library.  There are some supplied 'methods' with SSLeay
-	but applications can add new methods if they so desire.
-	This library has not been finished and is not being used in this
-	version.
-	
-Now all the above are required for use in the initial point of this project.
-
-SSL	The SSL protocol.  This is a full implmentation of SSL v 2.  It
-	support both server and client authentication.  SSL v 3 support
-	will be added when the SSL v 3 specification is released in it's
-	final form.
-
-Now quite a few of the above mentioned libraries rely on a few 'complex'
-data structures.  For each of these I have a library.
-
-Lhash	This is a hash table library which is used extensivly.
-
-STACK	An implemetation of a Stack data structure.
-
-BUF	A simple character array structure that also support a function to
-	check that the array is greater that a certain size, if it is not,
-	it is realloced so that is it.
-	
-TXT_DB	A simple memory based text file data base.  The application can specify
-	unique indexes that will be enforced at update time.
-
-CONF	Most of the programs written for this library require a configuration
-	file.  Instead of letting programs constantly re-implment this
-	subsystem, the CONF library provides a consistant and flexable
-	interface to not only configuration files but also environment
-	variables.
-
-But what about when something goes wrong?
-The one advantage (and perhaps disadvantage) of all of these
-functions being in one library was the ability to implement a
-single error reporting system.
-	
-ERR	This library is used to report errors.  The error system records
-	library number, function number (in the library) and reason
-	number.  Multiple errors can be reported so that an 'error' trace
-	is created.  The errors can be printed in numeric or textual form.
-
-
-==== ssluse.doc ========================================================
-
-We have an SSL_CTX which contains global information for lots of
-SSL connections.  The session-id cache and the certificate verificate cache.
-It also contains default values for use when certificates are used.
-
-SSL_CTX
-	default cipher list
-	session-id cache
-	certificate cache
-	default session-id timeout period
-	New session-id callback
-	Required session-id callback
-	session-id stats
-	Informational callback
-	Callback that is set, overrides the SSLeay X509 certificate
-	  verification
-	The default Certificate/Private Key pair
-	Default read ahead mode.
-	Default verify mode and verify callback.  These are not used
-	  if the over ride callback mentioned above is used.
-	
-Each SSL can have the following defined for it before a connection is made.
-
-Certificate
-Private key
-Ciphers to use
-Certificate verify mode and callback
-IO object to use in the comunication.
-Some 'read-ahead' mode information.
-A previous session-id to re-use.
-
-A connection is made by using SSL_connect or SSL_accept.
-When non-blocking IO is being used, there are functions that can be used
-to determin where and why the SSL_connect or SSL_accept did not complete.
-This information can be used to recall the functions when the 'error'
-condition has dissapeared.
-
-After the connection has been made, information can be retrived about the
-SSL session and the session-id values that have been decided apon.
-The 'peer' certificate can be retrieved.
-
-The session-id values include
-'start time'
-'timeout length'
-
-
-
-==== stack.doc ========================================================
-
-The stack data structure is used to store an ordered list of objects.
-It is basically misnamed to call it a stack but it can function that way
-and that is what I originally used it for.  Due to the way element
-pointers are kept in a malloc()ed array, the most efficient way to use this
-structure is to add and delete elements from the end via sk_pop() and
-sk_push().  If you wish to do 'lookups' sk_find() is quite efficient since
-it will sort the stack (if required) and then do a binary search to lookup 
-the requested item.  This sorting occurs automatically so just sk_push()
-elements on the stack and don't worry about the order.  Do remember that if
-you do a sk_find(), the order of the elements will change.
-
-You should never need to 'touch' this structure directly.
-typedef struct stack_st
-	{
-	unsigned int num;
-	char **data;
-	int sorted;
-
-	unsigned int num_alloc;
-	int (*comp)();
-	} STACK;
-
-'num' holds the number of elements in the stack, 'data' is the array of
-elements.  'sorted' is 1 is the list has been sorted, 0 if not.
-
-num_alloc is the number of 'nodes' allocated in 'data'.  When num becomes
-larger than num_alloc, data is realloced to a larger size.
-If 'comp' is set, it is a function that is used to compare 2 of the items
-in the stack.  The function should return -1, 0 or 1, depending on the
-ordering.
-
-#define sk_num(sk)	((sk)->num)
-#define sk_value(sk,n)	((sk)->data[n])
-
-These 2 macros should be used to access the number of elements in the
-'stack' and to access a pointer to one of the values.
-
-STACK *sk_new(int (*c)());
-	This creates a new stack.  If 'c', the comparison function, is not
-specified, the various functions that operate on a sorted 'stack' will not
-work (sk_find()).  NULL is returned on failure.
-
-void sk_free(STACK *);
-	This function free()'s a stack structure.  The elements in the
-stack will not be freed so one should 'pop' and free all elements from the
-stack before calling this function or call sk_pop_free() instead.
-
-void sk_pop_free(STACK *st; void (*func)());
-	This function calls 'func' for each element on the stack, passing
-the element as the argument.  sk_free() is then called to free the 'stack'
-structure.
-
-int sk_insert(STACK *sk,char *data,int where);
-	This function inserts 'data' into stack 'sk' at location 'where'.
-If 'where' is larger that the number of elements in the stack, the element
-is put at the end.  This function tends to be used by other 'stack'
-functions.  Returns 0 on failure, otherwise the number of elements in the
-new stack.
-
-char *sk_delete(STACK *st,int loc);
-	Remove the item a location 'loc' from the stack and returns it.
-Returns NULL if the 'loc' is out of range.
-
-char *sk_delete_ptr(STACK *st, char *p);
-	If the data item pointed to by 'p' is in the stack, it is deleted
-from the stack and returned.  NULL is returned if the element is not in the
-stack.
-
-int sk_find(STACK *st,char *data);
-	Returns the location that contains a value that is equal to 
-the 'data' item.  If the comparison function was not set, this function
-does a linear search.  This function actually qsort()s the stack if it is not
-in order and then uses bsearch() to do the initial search.  If the
-search fails,, -1 is returned.  For mutliple items with the same
-value, the index of the first in the array is returned.
-
-int sk_push(STACK *st,char *data);
-	Append 'data' to the stack.  0 is returned if there is a failure
-(due to a malloc failure), else 1.  This is 
-sk_insert(st,data,sk_num(st));
-
-int sk_unshift(STACK *st,char *data);
-	Prepend 'data' to the front (location 0) of the stack.  This is
-sk_insert(st,data,0);
-
-char *sk_shift(STACK *st);
-	Return and delete from the stack the first element in the stack.
-This is sk_delete(st,0);
-
-char *sk_pop(STACK *st);
-	Return and delete the last element on the stack.  This is
-sk_delete(st,sk_num(sk)-1);
-
-void sk_zero(STACK *st);
-	Removes all items from the stack.  It does not 'free'
-pointers but is a quick way to clear a 'stack of references'.
-
-==== threads.doc ========================================================
-
-How to compile SSLeay for multi-threading.
-
-Well basically it is quite simple, set the compiler flags and build.
-I have only really done much testing under Solaris and Windows NT.
-If you library supports localtime_r() and gmtime_r() add,
--DTHREADS to the makefile parameters.  You can probably survive with out
-this define unless you are going to have multiple threads generating
-certificates at once.  It will not affect the SSL side of things.
-
-The approach I have taken to doing locking is to make the application provide
-callbacks to perform locking and so that the SSLeay library can distinguish
-between threads (for the error state).
-
-To have a look at an example program, 'cd mt; vi mttest.c'.
-To build under solaris, sh solaris.sh, for Windows NT or Windows 95,
-win32.bat
-
-This will build mttest which will fire up 10 threads that talk SSL
-to each other 10 times.
-To enable everything to work, the application needs to call
-
-CRYPTO_set_id_callback(id_function);
-CRYPTO_set_locking_callback(locking_function);
-
-before any multithreading is started.
-id_function does not need to be defined under Windows NT or 95, the
-correct function will be called if it is not.  Under unix, getpid()
-is call if the id_callback is not defined, for Solaris this is wrong
-(since threads id's are not pid's) but under Linux it is correct
-(threads are just processes sharing the data segement).
-
-The locking_callback is used to perform locking by the SSLeay library.
-eg.
-
-void solaris_locking_callback(mode,type,file,line)
-int mode;
-int type;
-char *file;
-int line;
-	{
-	if (mode & CRYPTO_LOCK)
-		mutex_lock(&(lock_cs[type]));
-	else
-		mutex_unlock(&(lock_cs[type]));
-	}
-
-Now in this case I have used mutexes instead of read/write locks, since they
-are faster and there are not many read locks in SSLeay, you may as well
-always use write locks.  file and line are __FILE__ and __LINE__ from
-the compile and can be usefull when debugging.
-
-Now as you can see, 'type' can be one of a range of values, these values are
-defined in crypto/crypto.h
-CRYPTO_get_lock_name(type) will return a text version of what the lock is.
-There are CRYPTO_NUM_LOCKS locks required, so under solaris, the setup
-for multi-threading can be
-
-static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-
-void thread_setup()
-	{
-	int i;
-
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
-	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
-	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
-	}
-
-As a final note, under Windows NT or Windows 95, you have to be careful
-not to mix the various threaded, unthreaded and debug libraries.
-Normally if they are mixed incorrectly, mttest will crash just after printing
-out some usage statistics at the end.  This is because the
-different system libraries use different malloc routines and if
-data is malloc()ed inside crypt32.dll or ssl32.dll and then free()ed by a
-different library malloc, things get very confused.
-
-The default SSLeay DLL builds use /MD, so if you use this on your
-application, things will work as expected.  If you use /MDd,
-you will probably have to rebuild SSLeay using this flag.
-I should modify util/mk1mf.pl so it does all this correctly, but 
-this has not been done yet.
-
-One last warning.  Because locking overheads are actually quite large, the
-statistics collected against the SSL_CTX for successfull connections etc
-are not locked when updated.  This does make it possible for these
-values to be slightly lower than they should be, if you are
-running multithreaded on a multi-processor box, but this does not really
-matter much.
-
-
-==== txt_db.doc ========================================================
-
-TXT_DB, a simple text based in memory database.
-
-It holds rows of ascii data, for which the only special character is '\0'.
-The rows can be of an unlimited length.
-
-==== why.doc ========================================================
-
-This file is more of a note for other people who wish to understand why
-the build environment is the way it is :-).
-
-The include files 'depend' as follows.
-Each of 
-crypto/*/*.c includes crypto/cryptlib.h
-ssl/*.c include ssl/ssl_locl.h
-apps/*.c include apps/apps.h
-crypto/cryptlib.h, ssl/ssl_locl.h and apps/apps.h
-all include e_os.h which contains OS/environment specific information.
-If you need to add something todo with a particular environment,
-add it to this file.  It is worth remembering that quite a few libraries,
-like lhash, des, md, sha etc etc do not include crypto/cryptlib.h.  This
-is because these libraries should be 'independantly compilable' and so I
-try to keep them this way.
-e_os.h is not so much a part of SSLeay, as the placing in one spot all the
-evil OS dependant muck.
-
-I wanted to automate as many things as possible.  This includes
-error number generation.  A
-make errors
-will scan the source files for error codes, append them to the correct
-header files, and generate the functions to print the text version
-of the error numbers.  So don't even think about adding error numbers by
-hand, put them in the form
-XXXerr(XXXX_F_XXXX,YYYY_R_YYYY);
-on line and it will be automatically picked up my a make errors.
-
-In a similar vein, programs to be added into ssleay in the apps directory
-just need to have an entry added to E_EXE in makefile.ssl and
-everthing will work as expected.  Don't edit progs.h by hand.
-
-make links re-generates the symbolic links that are used.  The reason why
-I keep everything in its own directory, and don't put all the
-test programs and header files in 'test' and 'include' is because I want
-to keep the 'sub-libraries' independant.  I still 'pull' out
-indervidual libraries for use in specific projects where the code is
-required.  I have used the 'lhash' library in just about every software
-project I have worked on :-).
-
-make depend generates dependancies and
-make dclean removes them.
-
-You will notice that I use perl quite a bit when I could be using 'sed'.
-The reason I decided to do this was to just stick to one 'extra' program.
-For Windows NT, I have perl and no sed.
-
-The util/mk1mf.pl program can be used to generate a single makefile.
-I use this because makefiles under Microsoft are horrific.
-Each C compiler seems to have different linker formats, which have
-to be used because the retarted C compilers explode when you do
-cl -o file *.o.
-
-Now some would argue that I should just use the single makefile.  I don't
-like it during develoment for 2 reasons.  First, the actuall make
-command takes a long time.  For my current setup, if I'm in
-crypto/bn and I type make, only the crypto/bn directory gets rebuilt,
-which is nice when you are modifying prototypes in bn.h which
-half the SSLeay depends on.  The second is that to add a new souce file
-I just plonk it in at the required spot in the local makefile.  This
-then alows me to keep things local, I don't need to modify a 'global'
-tables (the make for unix, the make for NT, the make for w31...).
-When I am ripping apart a library structure, it is nice to only
-have to worry about one directory :-).
-
-Having said all this, for the hell of it I put together 2 files that
-#include all the souce code (generated by doing a ls */*.o after a build).
-crypto.c takes only 30 seconds to build under NT and 2 minutes under linux
-for my pentium100.  Much faster that the normal build :-).
-Again, the problem is that when using libraries, every program linked
-to libcrypto.a would suddenly get 330k of library when it may only need
-1k.  This technique does look like a nice way to do shared libraries though.
-
-Oh yes, as a final note, to 'build' a distribution, I just type
-make dist.
-This cleans and packages everything.  The directory needs to be called
-SSLeay since the make does a 'cd ..' and renames and tars things up.
-
-==== req.1 ========================================================
-
-The 'req' command is used to manipulate and deal with pkcs#10
-certificate requests.
-
-It's default mode of operation is to load a certificate and then
-write it out again.
-
-By default the 'req' is read from stdin in 'PEM' format.
-The -inform option can be used to specify 'pem' format or 'der'
-format.  PEM format is the base64 encoding of the DER format.
-
-By default 'req' then writes the request back out. -outform can be used
-to indicate the desired output format, be it 'pem' or 'der'.
-
-To specify an input file, use the '-in' option and the '-out' option
-can be used to specify the output file.
-
-If you wish to perform a command and not output the certificate
-request afterwards, use the '-noout' option.
-
-When a certificate is loaded, it can be printed in a human readable
-ascii format via the '-text' option.
-
-To check that the signature on a certificate request is correct, use
-the '-verify' option to make sure that the private key contained in the
-certificate request corresponds to the signature.
-
-Besides the default mode, there is also the 'generate a certificate
-request' mode.  There are several flags that trigger this mode.
-
--new will generate a new RSA key (if required) and then prompts
-the user for details for the certificate request.
--newkey has an argument that is the number of bits to make the new
-key.  This function also triggers '-new'.
-
-The '-new' option can have a key to use specified instead of having to
-load one, '-key' is used to specify the file containg the key.
--keyform can be used to specify the format of the key.  Only
-'pem' and 'der' formats are supported, later, 'netscape' format may be added.
-
-Finally there is the '-x509' options which makes req output a self
-signed x509 certificate instead of a certificate request.
-
-Now as you may have noticed, there are lots of default options that
-cannot be specified via the command line.  They are held in a 'template'
-or 'configuration file'.  The -config option specifies which configuration
-file to use.  See conf.doc for details on the syntax of this file.
-
-The req command uses the 'req' section of the config file.
-
----
-# The following variables are defined.  For this example I will populate
-# the various values
-[ req ]
-default_bits	= 512		# default number of bits to use.
-default_keyfile	= testkey.pem	# Where to write the generated keyfile
-				# if not specified.
-distinguished_name= req_dn	# The section that contains the
-				# information about which 'object' we
-				# want to put in the DN.
-attributes	= req_attr	# The objects we want for the
-				# attributes field.
-encrypt_rsa_key	= no		# Should we encrypt newly generated
-				# keys.  I strongly recommend 'yes'.
-
-# The distinguished name section.  For the following entries, the
-# object names must exist in the SSLeay header file objects.h.  If they
-# do not, they will be silently ignored.  The entries have the following
-# format.
-# <object_name>		=> string to prompt with
-# <object_name>_default	=> default value for people
-# <object_name>_value	=> Automatically use this value for this field.
-# <object_name>_min	=> minimum number of characters for data (def. 0)
-# <object_name>_max	=> maximum number of characters for data (def. inf.)
-# All of these entries are optional except for the first one.
-[ req_dn ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Queensland
-
-localityName			= Locality Name (eg, city)
-
-organizationName		= Organization Name (eg, company)
-organizationName_default	= Mincom Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-organizationalUnitName_default	= MTR
-
-commonName			= Common Name (eg, YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 40
-
-# The next section is the attributes section.  This is exactly the
-# same as for the previous section except that the resulting objects are
-# put in the attributes field. 
-[ req_attr ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-----
-Also note that the order that attributes appear in this file is the
-order they will be put into the distinguished name.
-
-Once this request has been generated, it can be sent to a CA for
-certifying.
-
-----
-A few quick examples....
-
-To generate a new request and a new key
-req -new
-
-To generate a new request and a 1058 bit key
-req -newkey 1058
-
-To generate a new request using a pre-existing key
-req -new -key key.pem
-
-To generate a self signed x509 certificate from a certificate
-request using a supplied key, and we want to see the text form of the
-output certificate (which we will put in the file selfSign.pem
-req -x509 -in req.pem -key key.pem -text -out selfSign.pem
-
-Verify that the signature is correct on a certificate request.
-req -verify -in req.pem
-
-Verify that the signature was made using a specified public key.
-req -verify -in req.pem -key key.pem
-
-Print the contents of a certificate request
-req -text -in req.pem
-
-==== danger ========================================================
-
-If you specify a SSLv2 cipher, and the mode is SSLv23 and the server
-can talk SSLv3, it will claim there is no cipher since you should be
-using SSLv3.
-
-When tracing debug stuff, remember BIO_s_socket() is different to
-BIO_s_connect().
-
-BSD/OS assember is not working
-
diff --git a/crypto/openssl/doc/standards.txt b/crypto/openssl/doc/standards.txt
deleted file mode 100644
index edbe2f3a57de..000000000000
--- a/crypto/openssl/doc/standards.txt
+++ /dev/null
@@ -1,257 +0,0 @@
-Standards related to OpenSSL
-============================
-
-[Please, this is currently a draft.  I made a first try at finding
- documents that describe parts of what OpenSSL implements.  There are
- big gaps, and I've most certainly done something wrong.  Please
- correct whatever is...  Also, this note should be removed when this
- file is reaching a somewhat correct state.        -- Richard Levitte]
-
-
-All pointers in here will be either URL's or blobs of text borrowed
-from miscellaneous indexes, like rfc-index.txt (index of RFCs),
-1id-index.txt (index of Internet drafts) and the like.
-
-To find the latest possible RFCs, it's recommended to either browse
-ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
-use the search mechanism found there.
-To find the latest possible Internet drafts, it's recommended to
-browse ftp://ftp.isi.edu/internet-drafts/.
-To find the latest possible PKCS, it's recommended to browse
-http://www.rsasecurity.com/rsalabs/pkcs/.
-
-
-Implemented:
-------------
-
-These are documents that describe things that are implemented (in
-whole or at least great parts) in OpenSSL.
-
-1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
-     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
-
-1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
-     TXT=32407 bytes) (Status: INFORMATIONAL)
-
-1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
-     TXT=35222 bytes) (Status: INFORMATIONAL)
-
-2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
-     (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
-
-2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
-     January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
-
-2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
-     March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
-
-PKCS#8: Private-Key Information Syntax Standard
-
-PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
-
-2560 X.509 Internet Public Key Infrastructure Online Certificate
-     Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
-     C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
-     STANDARD)
-
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
-     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
-     (Status: PROPOSED STANDARD)
-
-2898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
-     B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
-     INFORMATIONAL)
-
-2986 PKCS #10: Certification Request Syntax Specification Version 1.7.
-     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
-     (Obsoletes RFC2314) (Status: INFORMATIONAL)
-
-3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
-     September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
-
-3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
-     Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
-     (Status: PROPOSED STANDARD)
-
-3279 Algorithms and Identifiers for the Internet X.509 Public Key
-     Infrastructure Certificate and Certificate Revocation List (CRL)
-     Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
-     TXT=53833 bytes) (Status: PROPOSED STANDARD)
-
-3280 Internet X.509 Public Key Infrastructure Certificate and
-     Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
-     Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
-     RFC2459) (Status: PROPOSED STANDARD)
-
-3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
-     Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
-     (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:           
-     INFORMATIONAL)                                         
-
-
-Related:
---------
-
-These are documents that are close to OpenSSL, for example the
-STARTTLS documents.
-
-1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
-     Encryption and Authentication Procedures. J. Linn. February 1993.
-     (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
-     STANDARD)
-
-1422 Privacy Enhancement for Internet Electronic Mail: Part II:
-     Certificate-Based Key Management. S. Kent. February 1993. (Format:
-     TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
-
-1423 Privacy Enhancement for Internet Electronic Mail: Part III:
-     Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
-     (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
-     STANDARD)
-
-1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
-     Certification and Related Services. B. Kaliski. February 1993.
-     (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
-
-2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
-     1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
-
-2510 Internet X.509 Public Key Infrastructure Certificate Management
-     Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
-     bytes) (Status: PROPOSED STANDARD)
-
-2511 Internet X.509 Certificate Request Message Format. M. Myers, C.
-     Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
-     (Status: PROPOSED STANDARD)
-
-2527 Internet X.509 Public Key Infrastructure Certificate Policy and
-     Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
-     (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
-
-2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
-     3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
-     PROPOSED STANDARD)
-
-2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
-     D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
-     PROPOSED STANDARD)
-
-2559 Internet X.509 Public Key Infrastructure Operational Protocols -
-     LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
-     TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
-
-2585 Internet X.509 Public Key Infrastructure Operational Protocols:
-     FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
-     bytes) (Status: PROPOSED STANDARD)
-
-2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
-     Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
-     (Status: PROPOSED STANDARD)
-
-2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
-     (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
-
-2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
-     (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
-
-2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
-     1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
-
-2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
-     1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
-
-2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
-     February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
-     EXPERIMENTAL)
-
-2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
-     Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
-     PROPOSED STANDARD)
-
-2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
-     2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
-     STANDARD)
-
-2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
-     (Status: INFORMATIONAL)
-
-2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
-     2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
-
-2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
-     October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
-
-2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
-     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
-     (Status: INFORMATIONAL)
-
-3029 Internet X.509 Public Key Infrastructure Data Validation and
-     Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
-     R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
-     EXPERIMENTAL)
-
-3039 Internet X.509 Public Key Infrastructure Qualified Certificates
-     Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
-     (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
-
-3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
-     Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
-     (Status: INFORMATIONAL)
-
-3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
-     (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
-     (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
-
-3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
-     October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
-
-3207 SMTP Service Extension for Secure SMTP over Transport Layer
-     Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
-     (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
-
-3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
-     (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
-
-3274 Compressed Data Content Type for Cryptographic Message Syntax
-     (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
-     PROPOSED STANDARD)
-
-3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
-     Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
-     Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
-     INFORMATIONAL)
-
-3281 An Internet Attribute Certificate Profile for Authorization. S.
-     Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
-     PROPOSED STANDARD)
-
-3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
-     (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
-     PROPOSED STANDARD)
-
-3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
-     2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
-     PROPOSED STANDARD)
-
-3377 Lightweight Directory Access Protocol (v3): Technical
-     Specification. J. Hodges, R. Morgan. September 2002. (Format:
-     TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
-     RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
-
-3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
-     R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
-     INFORMATIONAL)
-
-3436 Transport Layer Security over Stream Control Transmission
-     Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
-     (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
-
-  "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
- 
-
-To be implemented:
-------------------
-
-These are documents that describe things that are planed to be
-implemented in the hopefully short future.
-
diff --git a/crypto/openssl/e_os.h b/crypto/openssl/e_os.h
deleted file mode 100644
index f7d09c529545..000000000000
--- a/crypto/openssl/e_os.h
+++ /dev/null
@@ -1,546 +0,0 @@
-/* e_os.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_E_OS_H
-#define HEADER_E_OS_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/e_os2.h>
-/* <openssl/e_os2.h> contains what we can justify to make visible
- * to the outside; this file e_os.h is not part of the exported
- * interface. */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Used to checking reference counts, most while doing perl5 stuff :-) */
-#ifdef REF_PRINT
-#undef REF_PRINT
-#define REF_PRINT(a,b)	fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
-#endif
-
-#ifndef DEVRANDOM
-/* set this to a comma-separated list of 'random' device files to try out.
- * My default, we will try to read at least one of these files */
-#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
-#endif
-#ifndef DEVRANDOM_EGD
-/* set this to a comma-seperated list of 'egd' sockets to try out. These
- * sockets will be tried in the order listed in case accessing the device files
- * listed in DEVRANDOM did not return enough entropy. */
-#define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-#  define NO_SYS_PARAM_H
-#  define NO_CHMOD
-#  define NO_SYSLOG
-#endif
-  
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
-# if macintosh==1
-#  ifndef MAC_OS_GUSI_SOURCE
-#    define MAC_OS_pre_X
-#    define NO_SYS_TYPES_H
-     typedef long ssize_t;
-#  endif
-#  define NO_SYS_PARAM_H
-#  define NO_CHMOD
-#  define NO_SYSLOG
-#  undef  DEVRANDOM
-#  define GETPID_IS_MEANINGLESS
-# endif
-#endif
-
-/********************************************************************
- The Microsoft section
- ********************************************************************/
-/* The following is used becaue of the small stack in some
- * Microsoft operating systems */
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
-#  define MS_STATIC	static
-#else
-#  define MS_STATIC
-#endif
-
-#if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
-#  define WIN32
-#endif
-#if defined(OPENSSL_SYS_WIN16) && !defined(WIN16)
-#  define WIN16
-#endif
-#if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
-#  define WINDOWS
-#endif
-#if defined(OPENSSL_SYS_MSDOS) && !defined(MSDOS)
-#  define MSDOS
-#endif
-
-#if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
-#  define GETPID_IS_MEANINGLESS
-#endif
-
-#ifdef WIN32
-#define get_last_sys_error()	GetLastError()
-#define clear_sys_error()	SetLastError(0)
-#if !defined(WINNT)
-#define WIN_CONSOLE_BUG
-#endif
-#else
-#define get_last_sys_error()	errno
-#define clear_sys_error()	errno=0
-#endif
-
-#if defined(WINDOWS)
-#define get_last_socket_error()	WSAGetLastError()
-#define clear_socket_error()	WSASetLastError(0)
-#define readsocket(s,b,n)	recv((s),(b),(n),0)
-#define writesocket(s,b,n)	send((s),(b),(n),0)
-#define EADDRINUSE		WSAEADDRINUSE
-#elif defined(__DJGPP__)
-#define WATT32
-#define get_last_socket_error()	errno
-#define clear_socket_error()	errno=0
-#define closesocket(s)		close_s(s)
-#define readsocket(s,b,n)	read_s(s,b,n)
-#define writesocket(s,b,n)	send(s,b,n,0)
-#elif defined(MAC_OS_pre_X)
-#define get_last_socket_error()	errno
-#define clear_socket_error()	errno=0
-#define closesocket(s)		MacSocket_close(s)
-#define readsocket(s,b,n)	MacSocket_recv((s),(b),(n),true)
-#define writesocket(s,b,n)	MacSocket_send((s),(b),(n))
-#elif defined(OPENSSL_SYS_VMS)
-#define get_last_socket_error() errno
-#define clear_socket_error()    errno=0
-#define ioctlsocket(a,b,c)      ioctl(a,b,c)
-#define closesocket(s)          close(s)
-#define readsocket(s,b,n)       recv((s),(b),(n),0)
-#define writesocket(s,b,n)      send((s),(b),(n),0)
-#else
-#define get_last_socket_error()	errno
-#define clear_socket_error()	errno=0
-#define ioctlsocket(a,b,c)	ioctl(a,b,c)
-#define closesocket(s)		close(s)
-#define readsocket(s,b,n)	read((s),(b),(n))
-#define writesocket(s,b,n)	write((s),(b),(n))
-#endif
-
-#ifdef WIN16
-#  define OPENSSL_NO_FP_API
-#  define MS_CALLBACK	_far _loadds
-#  define MS_FAR	_far
-#else
-#  define MS_CALLBACK
-#  define MS_FAR
-#endif
-
-#ifdef OPENSSL_NO_STDIO
-#  define OPENSSL_NO_FP_API
-#endif
-
-#if (defined(WINDOWS) || defined(MSDOS))
-
-#  ifdef __DJGPP__
-#    include <unistd.h>
-#    include <sys/stat.h>
-#    include <sys/socket.h>
-#    include <tcp.h>
-#    include <netdb.h>
-#    define _setmode setmode
-#    define _O_TEXT O_TEXT
-#    define _O_BINARY O_BINARY
-#  endif /* __DJGPP__ */
-
-#  ifndef S_IFDIR
-#    define S_IFDIR	_S_IFDIR
-#  endif
-
-#  ifndef S_IFMT
-#    define S_IFMT	_S_IFMT
-#  endif
-
-#  if !defined(WINNT) && !defined(__DJGPP__)
-#    define NO_SYSLOG
-#  endif
-#  define NO_DIRENT
-
-#  ifdef WINDOWS
-#    include <windows.h>
-#    include <stddef.h>
-#    include <errno.h>
-#    include <string.h>
-#    include <malloc.h>
-#  endif
-#  include <io.h>
-#  include <fcntl.h>
-
-#  ifdef OPENSSL_SYS_WINCE
-#    include <winsock_extras.h>
-#  endif
-
-#  define ssize_t long
-
-#  if defined (__BORLANDC__)
-#    define _setmode setmode
-#    define _O_TEXT O_TEXT
-#    define _O_BINARY O_BINARY
-#    define _int64 __int64
-#    define _kbhit kbhit
-#  endif
-
-#  if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
-#    define EXIT(n) _wsetexit(_WINEXITNOPERSIST)
-#    define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0)
-#  else
-#    define EXIT(n) return(n)
-#  endif
-#  define LIST_SEPARATOR_CHAR ';'
-#  ifndef X_OK
-#    define X_OK	0
-#  endif
-#  ifndef W_OK
-#    define W_OK	2
-#  endif
-#  ifndef R_OK
-#    define R_OK	4
-#  endif
-#  define OPENSSL_CONF	"openssl.cnf"
-#  define SSLEAY_CONF	OPENSSL_CONF
-#  define NUL_DEV	"nul"
-#  define RFILE		".rnd"
-#  ifdef OPENSSL_SYS_WINCE
-#    define DEFAULT_HOME  ""
-#  else
-#    define DEFAULT_HOME  "C:"
-#  endif
-
-#else /* The non-microsoft world world */
-
-#  ifdef OPENSSL_SYS_VMS
-#    define VMS 1
-  /* some programs don't include stdlib, so exit() and others give implicit 
-     function warnings */
-#    include <stdlib.h>
-#    if defined(__DECC)
-#      include <unistd.h>
-#    else
-#      include <unixlib.h>
-#    endif
-#    define OPENSSL_CONF	"openssl.cnf"
-#    define SSLEAY_CONF		OPENSSL_CONF
-#    define RFILE		".rnd"
-#    define LIST_SEPARATOR_CHAR ','
-#    define NUL_DEV		"NLA0:"
-  /* We don't have any well-defined random devices on VMS, yet... */
-#    undef DEVRANDOM
-  /* We need to do this since VMS has the following coding on status codes:
-
-     Bits 0-2: status type: 0 = warning, 1 = success, 2 = error, 3 = info ...
-               The important thing to know is that odd numbers are considered
-	       good, while even ones are considered errors.
-     Bits 3-15: actual status number
-     Bits 16-27: facility number.  0 is considered "unknown"
-     Bits 28-31: control bits.  If bit 28 is set, the shell won't try to
-                 output the message (which, for random codes, just looks ugly)
-
-     So, what we do here is to change 0 to 1 to get the default success status,
-     and everything else is shifted up to fit into the status number field, and
-     the status is tagged as an error, which I believe is what is wanted here.
-     -- Richard Levitte
-  */
-#    define EXIT(n)		do { int __VMS_EXIT = n; \
-                                     if (__VMS_EXIT == 0) \
-				       __VMS_EXIT = 1; \
-				     else \
-				       __VMS_EXIT = (n << 3) | 2; \
-                                     __VMS_EXIT |= 0x10000000; \
-				     exit(__VMS_EXIT); } while(0)
-#    define NO_SYS_PARAM_H
-#  else
-     /* !defined VMS */
-#    ifdef OPENSSL_SYS_MPE
-#      define NO_SYS_PARAM_H
-#    endif
-#    ifdef OPENSSL_UNISTD
-#      include OPENSSL_UNISTD
-#    else
-#      include <unistd.h>
-#    endif
-#    ifndef NO_SYS_TYPES_H
-#      include <sys/types.h>
-#    endif
-#    if defined(NeXT) || defined(OPENSSL_SYS_NEWS4)
-#      define pid_t int /* pid_t is missing on NEXTSTEP/OPENSTEP
-                         * (unless when compiling with -D_POSIX_SOURCE,
-                         * which doesn't work for us) */
-#      define ssize_t int /* ditto */
-#    endif
-#    ifdef OPENSSL_SYS_NEWS4 /* setvbuf is missing on mips-sony-bsd */
-#      define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
-       typedef unsigned long clock_t;
-#    endif
-
-#    define OPENSSL_CONF	"openssl.cnf"
-#    define SSLEAY_CONF		OPENSSL_CONF
-#    define RFILE		".rnd"
-#    define LIST_SEPARATOR_CHAR ':'
-#    define NUL_DEV		"/dev/null"
-#    define EXIT(n)		exit(n)
-#  endif
-
-#  define SSLeay_getpid()	getpid()
-
-#endif
-
-
-/*************/
-
-#ifdef USE_SOCKETS
-#  if defined(WINDOWS) || defined(MSDOS)
-      /* windows world */
-
-#    ifdef OPENSSL_NO_SOCK
-#      define SSLeay_Write(a,b,c)	(-1)
-#      define SSLeay_Read(a,b,c)	(-1)
-#      define SHUTDOWN(fd)		close(fd)
-#      define SHUTDOWN2(fd)		close(fd)
-#    elif !defined(__DJGPP__)
-#      include <winsock.h>
-extern HINSTANCE _hInstance;
-#      define SSLeay_Write(a,b,c)	send((a),(b),(c),0)
-#      define SSLeay_Read(a,b,c)	recv((a),(b),(c),0)
-#      define SHUTDOWN(fd)		{ shutdown((fd),0); closesocket(fd); }
-#      define SHUTDOWN2(fd)		{ shutdown((fd),2); closesocket(fd); }
-#    else
-#      define SSLeay_Write(a,b,c)	write_s(a,b,c,0)
-#      define SSLeay_Read(a,b,c)	read_s(a,b,c)
-#      define SHUTDOWN(fd)		close_s(fd)
-#      define SHUTDOWN2(fd)		close_s(fd)
-#    endif
-
-#  elif defined(MAC_OS_pre_X)
-
-#    include "MacSocket.h"
-#    define SSLeay_Write(a,b,c)		MacSocket_send((a),(b),(c))
-#    define SSLeay_Read(a,b,c)		MacSocket_recv((a),(b),(c),true)
-#    define SHUTDOWN(fd)		MacSocket_close(fd)
-#    define SHUTDOWN2(fd)		MacSocket_close(fd)
-
-#  else
-
-#    ifndef NO_SYS_PARAM_H
-#      include <sys/param.h>
-#    endif
-#    ifdef OPENSSL_SYS_VXWORKS
-#      include <time.h> 
-#    elif !defined(OPENSSL_SYS_MPE)
-#      include <sys/time.h> /* Needed under linux for FD_XXX */
-#    endif
-
-#    include <netdb.h>
-#    if defined(OPENSSL_SYS_VMS_NODECC)
-#      include <socket.h>
-#      include <in.h>
-#      include <inet.h>
-#    else
-#      include <sys/socket.h>
-#      ifdef FILIO_H
-#        include <sys/filio.h> /* Added for FIONBIO under unixware */
-#      endif
-#      include <netinet/in.h>
-#      include <arpa/inet.h>
-#    endif
-
-#    if defined(NeXT) || defined(_NEXT_SOURCE)
-#      include <sys/fcntl.h>
-#      include <sys/types.h>
-#    endif
-
-#    ifdef OPENSSL_SYS_AIX
-#      include <sys/select.h>
-#    endif
-
-#    ifdef __QNX__
-#      include <sys/select.h>
-#    endif
-
-#    if defined(sun)
-#      include <sys/filio.h>
-#    else
-#      ifndef VMS
-#        include <sys/ioctl.h>
-#      else
-	 /* ioctl is only in VMS > 7.0 and when socketshr is not used */
-#        if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
-#          include <sys/ioctl.h>
-#        endif
-#      endif
-#    endif
-
-#    ifdef VMS
-#      include <unixio.h>
-#      if defined(TCPIP_TYPE_SOCKETSHR)
-#        include <socketshr.h>
-#      endif
-#    endif
-
-#    define SSLeay_Read(a,b,c)     read((a),(b),(c))
-#    define SSLeay_Write(a,b,c)    write((a),(b),(c))
-#    define SHUTDOWN(fd)    { shutdown((fd),0); closesocket((fd)); }
-#    define SHUTDOWN2(fd)   { shutdown((fd),2); closesocket((fd)); }
-#    ifndef INVALID_SOCKET
-#    define INVALID_SOCKET	(-1)
-#    endif /* INVALID_SOCKET */
-#  endif
-#endif
-
-#if defined(__ultrix)
-#  ifndef ssize_t
-#    define ssize_t int 
-#  endif
-#endif
-
-#if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
-  /* include headers first, so our defines don't break it */
-#include <stdlib.h>
-#include <string.h>
-  /* bcopy can handle overlapping moves according to SunOS 4.1.4 manpage */
-# define memmove(s1,s2,n) bcopy((s2),(s1),(n))
-# define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b)))
-extern char *sys_errlist[]; extern int sys_nerr;
-# define strerror(errnum) \
-	(((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
-#endif
-
-#ifndef OPENSSL_EXIT
-# if defined(MONOLITH) && !defined(OPENSSL_C)
-#  define OPENSSL_EXIT(n) return(n)
-# else
-#  define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0)
-# endif
-#endif
-
-/***********************************************/
-
-/* do we need to do this for getenv.
- * Just define getenv for use under windows */
-
-#ifdef WIN16
-/* How to do this needs to be thought out a bit more.... */
-/*char *GETENV(char *);
-#define Getenv	GETENV*/
-#define Getenv	getenv
-#else
-#define Getenv getenv
-#endif
-
-#define DG_GCC_BUG	/* gcc < 2.6.3 on DGUX */
-
-#ifdef sgi
-#define IRIX_CC_BUG	/* all version of IRIX I've tested (4.* 5.*) */
-#endif
-#ifdef OPENSSL_SYS_SNI
-#define IRIX_CC_BUG	/* CDS++ up to V2.0Bsomething suffered from the same bug.*/
-#endif
-
-#if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
-# include <io.h>
-# include <fcntl.h>
-# define NO_SYSLOG
-# define strcasecmp stricmp
-#endif
-
-/* vxworks */
-#if defined(OPENSSL_SYS_VXWORKS)
-#include <ioLib.h>
-#include <tickLib.h>
-#include <sysLib.h>
-
-#define TTY_STRUCT int
-
-#define sleep(a) taskDelay((a) * sysClkRateGet())
-#if defined(ioctlsocket)
-#undef ioctlsocket
-#endif
-#define ioctlsocket(a,b,c) ioctl((a),(b),*(c))
-
-#include <vxWorks.h>
-#include <sockLib.h>
-#include <taskLib.h>
-
-#define getpid taskIdSelf
-
-/* NOTE: these are implemented by helpers in database app!
- * if the database is not linked, we need to implement them
- * elswhere */
-struct hostent *gethostbyname(const char *name);
-struct hostent *gethostbyaddr(const char *addr, int length, int type);
-struct servent *getservbyname(const char *name, const char *proto);
-
-#endif
-/* end vxworks */
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/crypto/openssl/e_os2.h b/crypto/openssl/e_os2.h
deleted file mode 100644
index 81be3025f602..000000000000
--- a/crypto/openssl/e_os2.h
+++ /dev/null
@@ -1,270 +0,0 @@
-/* e_os2.h */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef HEADER_E_OS2_H
-#define HEADER_E_OS2_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/******************************************************************************
- * Detect operating systems.  This probably needs completing.
- * The result is that at least one OPENSSL_SYS_os macro should be defined.
- * However, if none is defined, Unix is assumed.
- **/
-
-#define OPENSSL_SYS_UNIX
-
-/* ----------------------- Macintosh, before MacOS X ----------------------- */
-#if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MACINTOSH_CLASSIC
-#endif
-
-/* ---------------------- Microsoft operating systems ---------------------- */
-
-/* The 16 bit environments are pretty straightforward */
-#if defined(OPENSSL_SYSNAME_WIN16) || defined(OPENSSL_SYSNAME_MSDOS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MSDOS
-#endif
-#if defined(OPENSSL_SYSNAME_WIN16)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN16
-#endif
-
-/* For 32 bit environment, there seems to be the CygWin environment and then
-   all the others that try to do the same thing Microsoft does... */
-#if defined(OPENSSL_SYSNAME_UWIN)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_UWIN
-#else
-# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_WIN32_CYGWIN
-# else
-#  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WIN32
-#  endif
-#  if defined(OPENSSL_SYSNAME_WINNT)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WINNT
-#  endif
-#  if defined(OPENSSL_SYSNAME_WINCE)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WINCE
-#  endif
-# endif
-#endif
-
-/* Anything that tries to look like Microsoft is "Windows" */
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_SYS_MSDOS
-#  define OPENSSL_SYS_MSDOS
-# endif
-#endif
-
-/* DLL settings.  This part is a bit tough, because it's up to the application
-   implementor how he or she will link the application, so it requires some
-   macro to be used. */
-#ifdef OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_OPT_WINDLL
-#  if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
-                          DLL linkage should be used */
-#   define OPENSSL_OPT_WINDLL
-#  endif
-# endif
-#endif
-
-/* -------------------------------- OpenVMS -------------------------------- */
-#if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_VMS
-# if defined(__DECC)
-#  define OPENSSL_SYS_VMS_DECC
-# elif defined(__DECCXX)
-#  define OPENSSL_SYS_VMS_DECC
-#  define OPENSSL_SYS_VMS_DECCXX
-# else
-#  define OPENSSL_SYS_VMS_NODECC
-# endif
-#endif
-
-/* --------------------------------- OS/2 ---------------------------------- */
-#if defined(__EMX__) || defined(__OS2__)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_OS2
-#endif
-
-/* --------------------------------- Unix ---------------------------------- */
-#ifdef OPENSSL_SYS_UNIX
-# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
-#  define OPENSSL_SYS_LINUX
-# endif
-# ifdef OPENSSL_SYSNAME_MPE
-#  define OPENSSL_SYS_MPE
-# endif
-# ifdef OPENSSL_SYSNAME_SNI
-#  define OPENSSL_SYS_SNI
-# endif
-# ifdef OPENSSL_SYSNAME_ULTRASPARC
-#  define OPENSSL_SYS_ULTRASPARC
-# endif
-# ifdef OPENSSL_SYSNAME_NEWS4
-#  define OPENSSL_SYS_NEWS4
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX
-#  define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
-#  define OPENSSL_SYS_MACOSX_RHAPSODY
-#  define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_SUNOS
-#  define OPENSSL_SYS_SUNOS
-#endif
-# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
-#  define OPENSSL_SYS_CRAY
-# endif
-# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
-#  define OPENSSL_SYS_AIX
-# endif
-#endif
-
-/* ------------------------------- VxWorks --------------------------------- */
-#ifdef OPENSSL_SYSNAME_VXWORKS
-# define OPENSSL_SYS_VXWORKS
-#endif
-
-/**
- * That's it for OS-specific stuff
- *****************************************************************************/
-
-
-/* Specials for I/O an exit */
-#ifdef OPENSSL_SYS_MSDOS
-# define OPENSSL_UNISTD_IO <io.h>
-# define OPENSSL_DECLARE_EXIT extern void exit(int);
-#else
-# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
-# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
-#endif
-
-/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
-   certain global symbols that, with some compilers under VMS, have to be
-   defined and declared explicitely with globaldef and globalref.
-   Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
-   DLL exports and imports for compilers under Win32.  These are a little
-   more complicated to use.  Basically, for any library that exports some
-   global variables, the following code must be present in the header file
-   that declares them, before OPENSSL_EXTERN is used:
-
-   #ifdef SOME_BUILD_FLAG_MACRO
-   # undef OPENSSL_EXTERN
-   # define OPENSSL_EXTERN OPENSSL_EXPORT
-   #endif
-
-   The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
-   have some generally sensible values, and for OPENSSL_EXTERN to have the
-   value OPENSSL_IMPORT.
-*/
-
-#if defined(OPENSSL_SYS_VMS_NODECC)
-# define OPENSSL_EXPORT globalref
-# define OPENSSL_IMPORT globalref
-# define OPENSSL_GLOBAL globaldef
-#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern _declspec(dllexport)
-# define OPENSSL_IMPORT extern _declspec(dllimport)
-# define OPENSSL_GLOBAL
-#else
-# define OPENSSL_EXPORT extern
-# define OPENSSL_IMPORT extern
-# define OPENSSL_GLOBAL
-#endif
-#define OPENSSL_EXTERN OPENSSL_IMPORT
-
-/* Macros to allow global variables to be reached through function calls when
-   required (if a shared library version requvres it, for example.
-   The way it's done allows definitions like this:
-
-	// in foobar.c
-	OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
-	// in foobar.h
-	OPENSSL_DECLARE_GLOBAL(int,foobar);
-	#define foobar OPENSSL_GLOBAL_REF(foobar)
-*/
-#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) static type _hide_##name; \
-        type *_shadow_##name(void) { return &_hide_##name; } \
-        static type _hide_##name
-# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
-# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
-#else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
-# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
-# define OPENSSL_GLOBAL_REF(name) _shadow_##name
-#endif
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/mt/README b/crypto/openssl/mt/README
deleted file mode 100644
index df6b26e146f2..000000000000
--- a/crypto/openssl/mt/README
+++ /dev/null
@@ -1,14 +0,0 @@
-Mutithreading testing area.
-
-Since this stuff is very very platorm specific, this is not part of the
-normal build.  Have a read of doc/threads.doc.
-
-mttest will do some testing and will currently build under Windows NT/95,
-Solaris and Linux.  The IRIX stuff is not finished.
-
-I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
-and things seem to work ok.
-
-The Linux pthreads package can be retrieved from 
-http://www.mit.edu:8001/people/proven/pthreads.html
-
diff --git a/crypto/openssl/mt/mttest.c b/crypto/openssl/mt/mttest.c
deleted file mode 100644
index b2f332602dac..000000000000
--- a/crypto/openssl/mt/mttest.c
+++ /dev/null
@@ -1,1092 +0,0 @@
-/* mt/mttest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#ifdef LINUX
-#include <typedefs.h>
-#endif
-#ifdef WIN32
-#include <windows.h>
-#endif
-#ifdef SOLARIS
-#include <synch.h>
-#include <thread.h>
-#endif
-#ifdef IRIX
-#include <ulocks.h>
-#include <sys/prctl.h>
-#endif
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include "../e_os.h"
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-#ifdef NO_FP_API
-#define APPS_WIN16
-#include "../crypto/buffer/bss_file.c"
-#endif
-
-#define TEST_SERVER_CERT "../apps/server.pem"
-#define TEST_CLIENT_CERT "../apps/client.pem"
-
-#define MAX_THREAD_NUMBER	100
-
-int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-	int error,char *arg);
-void thread_setup(void);
-void thread_cleanup(void);
-void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
-
-void irix_locking_callback(int mode,int type,char *file,int line);
-void solaris_locking_callback(int mode,int type,char *file,int line);
-void win32_locking_callback(int mode,int type,char *file,int line);
-void pthreads_locking_callback(int mode,int type,char *file,int line);
-
-unsigned long irix_thread_id(void );
-unsigned long solaris_thread_id(void );
-unsigned long pthreads_thread_id(void );
-
-BIO *bio_err=NULL;
-BIO *bio_stdout=NULL;
-
-static char *cipher=NULL;
-int verbose=0;
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-
-int thread_number=10;
-int number_of_loops=10;
-int reconnect=0;
-int cache_stats=0;
-
-int doit(char *ctx[4]);
-static void print_stats(fp,ctx)
-FILE *fp;
-SSL_CTX *ctx;
-{
-	fprintf(fp,"%4ld items in the session cache\n",
-		SSL_CTX_sess_number(ctx));
-	fprintf(fp,"%4d client connects (SSL_connect())\n",
-		SSL_CTX_sess_connect(ctx));
-	fprintf(fp,"%4d client connects that finished\n",
-		SSL_CTX_sess_connect_good(ctx));
-	fprintf(fp,"%4d server connects (SSL_accept())\n",
-		SSL_CTX_sess_accept(ctx));
-	fprintf(fp,"%4d server connects that finished\n",
-		SSL_CTX_sess_accept_good(ctx));
-	fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
-	fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
-	fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
-	}
-
-static void sv_usage()
-	{
-	fprintf(stderr,"usage: ssltest [args ...]\n");
-	fprintf(stderr,"\n");
-	fprintf(stderr," -server_auth  - check server certificate\n");
-	fprintf(stderr," -client_auth  - do client authentication\n");
-	fprintf(stderr," -v            - more output\n");
-	fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
-	fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
-	fprintf(stderr," -threads arg  - number of threads\n");
-	fprintf(stderr," -loops arg    - number of 'connections', per thread\n");
-	fprintf(stderr," -reconnect    - reuse session-id's\n");
-	fprintf(stderr," -stats        - server session-id cache stats\n");
-	fprintf(stderr," -cert arg     - server certificate/key\n");
-	fprintf(stderr," -ccert arg    - client certificate/key\n");
-	fprintf(stderr," -ssl3         - just SSLv3n\n");
-	}
-
-int main(argc, argv)
-int argc;
-char *argv[];
-	{
-	char *CApath=NULL,*CAfile=NULL;
-	int badop=0;
-	int ret=1;
-	int client_auth=0;
-	int server_auth=0;
-	SSL_CTX *s_ctx=NULL;
-	SSL_CTX *c_ctx=NULL;
-	char *scert=TEST_SERVER_CERT;
-	char *ccert=TEST_CLIENT_CERT;
-	SSL_METHOD *ssl_method=SSLv23_method();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	if (bio_stdout == NULL)
-		bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
-	argc--;
-	argv++;
-
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-server_auth") == 0)
-			server_auth=1;
-		else if	(strcmp(*argv,"-client_auth") == 0)
-			client_auth=1;
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			reconnect=1;
-		else if	(strcmp(*argv,"-stats") == 0)
-			cache_stats=1;
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			ssl_method=SSLv3_method();
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			ssl_method=SSLv2_method();
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			scert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-ccert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ccert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-threads") == 0)
-			{
-			if (--argc < 1) goto bad;
-			thread_number= atoi(*(++argv));
-			if (thread_number == 0) thread_number=1;
-			if (thread_number > MAX_THREAD_NUMBER)
-				thread_number=MAX_THREAD_NUMBER;
-			}
-		else if	(strcmp(*argv,"-loops") == 0)
-			{
-			if (--argc < 1) goto bad;
-			number_of_loops= atoi(*(++argv));
-			if (number_of_loops == 0) number_of_loops=1;
-			}
-		else
-			{
-			fprintf(stderr,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sv_usage();
-		goto end;
-		}
-
-	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
-
-	SSL_load_error_strings();
-	SSLeay_add_ssl_algorithms();
-
-	c_ctx=SSL_CTX_new(ssl_method);
-	s_ctx=SSL_CTX_new(ssl_method);
-	if ((c_ctx == NULL) || (s_ctx == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	SSL_CTX_set_session_cache_mode(s_ctx,
-		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
-	SSL_CTX_set_session_cache_mode(c_ctx,
-		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
-
-	SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
-	SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
-
-	if (client_auth)
-		{
-		SSL_CTX_use_certificate_file(c_ctx,ccert,
-			SSL_FILETYPE_PEM);
-		SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
-			SSL_FILETYPE_PEM);
-		}
-
-	if (	(!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
-		(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(c_ctx)))
-		{
-		fprintf(stderr,"SSL_load_verify_locations\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (client_auth)
-		{
-		fprintf(stderr,"client authentication\n");
-		SSL_CTX_set_verify(s_ctx,
-			SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
-			verify_callback);
-		}
-	if (server_auth)
-		{
-		fprintf(stderr,"server authentication\n");
-		SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
-			verify_callback);
-		}
-
-	thread_setup();
-	do_threads(s_ctx,c_ctx);
-	thread_cleanup();
-end:
-	
-	if (c_ctx != NULL) 
-		{
-		fprintf(stderr,"Client SSL_CTX stats then free it\n");
-		print_stats(stderr,c_ctx);
-		SSL_CTX_free(c_ctx);
-		}
-	if (s_ctx != NULL)
-		{
-		fprintf(stderr,"Server SSL_CTX stats then free it\n");
-		print_stats(stderr,s_ctx);
-		if (cache_stats)
-			{
-			fprintf(stderr,"-----\n");
-			lh_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n");
-		/*	lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n"); */
-			lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
-			fprintf(stderr,"-----\n");
-			}
-		SSL_CTX_free(s_ctx);
-		fprintf(stderr,"done free\n");
-		}
-	exit(ret);
-	return(0);
-	}
-
-#define W_READ	1
-#define W_WRITE	2
-#define C_DONE	1
-#define S_DONE	2
-
-int ndoit(ssl_ctx)
-SSL_CTX *ssl_ctx[2];
-	{
-	int i;
-	int ret;
-	char *ctx[4];
-
-	ctx[0]=(char *)ssl_ctx[0];
-	ctx[1]=(char *)ssl_ctx[1];
-
-	if (reconnect)
-		{
-		ctx[2]=(char *)SSL_new(ssl_ctx[0]);
-		ctx[3]=(char *)SSL_new(ssl_ctx[1]);
-		}
-	else
-		{
-		ctx[2]=NULL;
-		ctx[3]=NULL;
-		}
-
-	fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
-	for (i=0; i<number_of_loops; i++)
-		{
-/*		fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
-			CRYPTO_thread_id(),i,
-			ssl_ctx[0]->references,
-			ssl_ctx[1]->references); */
-	/*	pthread_delay_np(&tm);*/
-
-		ret=doit(ctx);
-		if (ret != 0)
-			{
-			fprintf(stdout,"error[%d] %lu - %d\n",
-				i,CRYPTO_thread_id(),ret);
-			return(ret);
-			}
-		}
-	fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
-	if (reconnect)
-		{
-		SSL_free((SSL *)ctx[2]);
-		SSL_free((SSL *)ctx[3]);
-		}
-	return(0);
-	}
-
-int doit(ctx)
-char *ctx[4];
-	{
-	SSL_CTX *s_ctx,*c_ctx;
-	static char cbuf[200],sbuf[200];
-	SSL *c_ssl=NULL;
-	SSL *s_ssl=NULL;
-	BIO *c_to_s=NULL;
-	BIO *s_to_c=NULL;
-	BIO *c_bio=NULL;
-	BIO *s_bio=NULL;
-	int c_r,c_w,s_r,s_w;
-	int c_want,s_want;
-	int i;
-	int done=0;
-	int c_write,s_write;
-	int do_server=0,do_client=0;
-
-	s_ctx=(SSL_CTX *)ctx[0];
-	c_ctx=(SSL_CTX *)ctx[1];
-
-	if (ctx[2] != NULL)
-		s_ssl=(SSL *)ctx[2];
-	else
-		s_ssl=SSL_new(s_ctx);
-
-	if (ctx[3] != NULL)
-		c_ssl=(SSL *)ctx[3];
-	else
-		c_ssl=SSL_new(c_ctx);
-
-	if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
-
-	c_to_s=BIO_new(BIO_s_mem());
-	s_to_c=BIO_new(BIO_s_mem());
-	if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
-
-	c_bio=BIO_new(BIO_f_ssl());
-	s_bio=BIO_new(BIO_f_ssl());
-	if ((c_bio == NULL) || (s_bio == NULL)) goto err;
-
-	SSL_set_connect_state(c_ssl);
-	SSL_set_bio(c_ssl,s_to_c,c_to_s);
-	BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
-
-	SSL_set_accept_state(s_ssl);
-	SSL_set_bio(s_ssl,c_to_s,s_to_c);
-	BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
-
-	c_r=0; s_r=1;
-	c_w=1; s_w=0;
-	c_want=W_WRITE;
-	s_want=0;
-	c_write=1,s_write=0;
-
-	/* We can always do writes */
-	for (;;)
-		{
-		do_server=0;
-		do_client=0;
-
-		i=(int)BIO_pending(s_bio);
-		if ((i && s_r) || s_w) do_server=1;
-
-		i=(int)BIO_pending(c_bio);
-		if ((i && c_r) || c_w) do_client=1;
-
-		if (do_server && verbose)
-			{
-			if (SSL_in_init(s_ssl))
-				printf("server waiting in SSL_accept - %s\n",
-					SSL_state_string_long(s_ssl));
-			else if (s_write)
-				printf("server:SSL_write()\n");
-			else 
-				printf("server:SSL_read()\n");
-			}
-
-		if (do_client && verbose)
-			{
-			if (SSL_in_init(c_ssl))
-				printf("client waiting in SSL_connect - %s\n",
-					SSL_state_string_long(c_ssl));
-			else if (c_write)
-				printf("client:SSL_write()\n");
-			else
-				printf("client:SSL_read()\n");
-			}
-
-		if (!do_client && !do_server)
-			{
-			fprintf(stdout,"ERROR IN STARTUP\n");
-			break;
-			}
-		if (do_client && !(done & C_DONE))
-			{
-			if (c_write)
-				{
-				i=BIO_write(c_bio,"hello from client\n",18);
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					/* ok */
-					c_write=0;
-					}
-				}
-			else
-				{
-				i=BIO_read(c_bio,cbuf,100);
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					done|=C_DONE;
-#ifdef undef
-					fprintf(stdout,"CLIENT:from server:");
-					fwrite(cbuf,1,i,stdout);
-					fflush(stdout);
-#endif
-					}
-				}
-			}
-
-		if (do_server && !(done & S_DONE))
-			{
-			if (!s_write)
-				{
-				i=BIO_read(s_bio,sbuf,100);
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					s_write=1;
-					s_w=1;
-#ifdef undef
-					fprintf(stdout,"SERVER:from client:");
-					fwrite(sbuf,1,i,stdout);
-					fflush(stdout);
-#endif
-					}
-				}
-			else
-				{
-				i=BIO_write(s_bio,"hello from server\n",18);
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors_fp(stderr);
-						return(1);
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					return(1);
-					}
-				else
-					{
-					s_write=0;
-					s_r=1;
-					done|=S_DONE;
-					}
-				}
-			}
-
-		if ((done & S_DONE) && (done & C_DONE)) break;
-		}
-
-	SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-	SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-
-#ifdef undef
-	fprintf(stdout,"DONE\n");
-#endif
-err:
-	/* We have to set the BIO's to NULL otherwise they will be
-	 * free()ed twice.  Once when th s_ssl is SSL_free()ed and
-	 * again when c_ssl is SSL_free()ed.
-	 * This is a hack required because s_ssl and c_ssl are sharing the same
-	 * BIO structure and SSL_set_bio() and SSL_free() automatically
-	 * BIO_free non NULL entries.
-	 * You should not normally do this or be required to do this */
-
-	if (s_ssl != NULL)
-		{
-		s_ssl->rbio=NULL;
-		s_ssl->wbio=NULL;
-		}
-	if (c_ssl != NULL)
-		{
-		c_ssl->rbio=NULL;
-		c_ssl->wbio=NULL;
-		}
-
-	/* The SSL's are optionally freed in the following calls */
-	if (c_to_s != NULL) BIO_free(c_to_s);
-	if (s_to_c != NULL) BIO_free(s_to_c);
-
-	if (c_bio != NULL) BIO_free(c_bio);
-	if (s_bio != NULL) BIO_free(s_bio);
-	return(0);
-	}
-
-int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg)
-int ok;
-X509 *xs;
-X509 *xi;
-int depth;
-int error;
-char *arg;
-	{
-	char buf[256];
-
-	if (verbose)
-		{
-		X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
-		if (ok)
-			fprintf(stderr,"depth=%d %s\n",depth,buf);
-		else
-			fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
-		}
-	return(ok);
-	}
-
-#define THREAD_STACK_SIZE (16*1024)
-
-#ifdef WIN32
-
-static PRLOCK lock_cs[CRYPTO_NUM_LOCKS];
-
-void thread_setup()
-	{
-	int i;
-
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
-		}
-
-	CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
-	/* id callback defined */
-	}
-
-void thread_cleanup()
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		CloseHandle(lock_cs[i]);
-	}
-
-void win32_locking_callback(mode,type,file,line)
-int mode;
-int type;
-char *file;
-int line;
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		WaitForSingleObject(lock_cs[type],INFINITE);
-		}
-	else
-		{
-		ReleaseMutex(lock_cs[type]);
-		}
-	}
-
-void do_threads(s_ctx,c_ctx)
-SSL_CTX *s_ctx,*c_ctx;
-	{
-	double ret;
-	SSL_CTX *ssl_ctx[2];
-	DWORD thread_id[MAX_THREAD_NUMBER];
-	HANDLE thread_handle[MAX_THREAD_NUMBER];
-	int i;
-	SYSTEMTIME start,end;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	GetSystemTime(&start);
-	for (i=0; i<thread_number; i++)
-		{
-		thread_handle[i]=CreateThread(NULL,
-			THREAD_STACK_SIZE,
-			(LPTHREAD_START_ROUTINE)ndoit,
-			(void *)ssl_ctx,
-			0L,
-			&(thread_id[i]));
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i+=50)
-		{
-		int j;
-
-		j=(thread_number < (i+50))?(thread_number-i):50;
-
-		if (WaitForMultipleObjects(j,
-			(CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
-			== WAIT_FAILED)
-			{
-			fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
-			exit(1);
-			}
-		}
-	GetSystemTime(&end);
-
-	if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
-	ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
-
-	ret=(ret+end.wHour-start.wHour)*60;
-	ret=(ret+end.wMinute-start.wMinute)*60;
-	ret=(ret+end.wSecond-start.wSecond);
-	ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
-
-	printf("win32 threads done - %.3f seconds\n",ret);
-	}
-
-#endif /* WIN32 */
-
-#ifdef SOLARIS
-
-static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
-static long lock_count[CRYPTO_NUM_LOCKS];
-
-void thread_setup()
-	{
-	int i;
-
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		lock_count[i]=0;
-		/* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
-		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
-	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
-	}
-
-void thread_cleanup()
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-fprintf(stderr,"cleanup\n");
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		/* rwlock_destroy(&(lock_cs[i])); */
-		mutex_destroy(&(lock_cs[i]));
-		fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
-		}
-fprintf(stderr,"done cleanup\n");
-	}
-
-void solaris_locking_callback(mode,type,file,line)
-int mode;
-int type;
-char *file;
-int line;
-	{
-#ifdef undef
-fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-	CRYPTO_thread_id(),
-	(mode&CRYPTO_LOCK)?"l":"u",
-	(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-
-/*
-if (CRYPTO_LOCK_SSL_CERT == type)
-	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-		CRYPTO_thread_id(),
-		mode,file,line);
-*/
-	if (mode & CRYPTO_LOCK)
-		{
-	/*	if (mode & CRYPTO_READ)
-			rw_rdlock(&(lock_cs[type]));
-		else
-			rw_wrlock(&(lock_cs[type])); */
-
-		mutex_lock(&(lock_cs[type]));
-		lock_count[type]++;
-		}
-	else
-		{
-/*		rw_unlock(&(lock_cs[type]));  */
-		mutex_unlock(&(lock_cs[type]));
-		}
-	}
-
-void do_threads(s_ctx,c_ctx)
-SSL_CTX *s_ctx,*c_ctx;
-	{
-	SSL_CTX *ssl_ctx[2];
-	thread_t thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	thr_setconcurrency(thread_number);
-	for (i=0; i<thread_number; i++)
-		{
-		thr_create(NULL, THREAD_STACK_SIZE,
-			(void *(*)())ndoit,
-			(void *)ssl_ctx,
-			0L,
-			&(thread_ctx[i]));
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		thr_join(thread_ctx[i],NULL,NULL);
-		}
-
-	printf("solaris threads done (%d,%d)\n",
-		s_ctx->references,c_ctx->references);
-	}
-
-unsigned long solaris_thread_id()
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)thr_self();
-	return(ret);
-	}
-#endif /* SOLARIS */
-
-#ifdef IRIX
-
-
-static usptr_t *arena;
-static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
-
-void thread_setup()
-	{
-	int i;
-	char filename[20];
-
-	strcpy(filename,"/tmp/mttest.XXXXXX");
-	mktemp(filename);
-
-	usconfig(CONF_STHREADIOOFF);
-	usconfig(CONF_STHREADMALLOCOFF);
-	usconfig(CONF_INITUSERS,100);
-	usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
-	arena=usinit(filename);
-	unlink(filename);
-
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		lock_cs[i]=usnewsema(arena,1);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
-	CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
-	}
-
-void thread_cleanup()
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		char buf[10];
-
-		sprintf(buf,"%2d:",i);
-		usdumpsema(lock_cs[i],stdout,buf);
-		usfreesema(lock_cs[i],arena);
-		}
-	}
-
-void irix_locking_callback(mode,type,file,line)
-int mode;
-int type;
-char *file;
-int line;
-	{
-	if (mode & CRYPTO_LOCK)
-		{
-		printf("lock %d\n",type);
-		uspsema(lock_cs[type]);
-		}
-	else
-		{
-		printf("unlock %d\n",type);
-		usvsema(lock_cs[type]);
-		}
-	}
-
-void do_threads(s_ctx,c_ctx)
-SSL_CTX *s_ctx,*c_ctx;
-	{
-	SSL_CTX *ssl_ctx[2];
-	int thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	for (i=0; i<thread_number; i++)
-		{
-		thread_ctx[i]=sproc((void (*)())ndoit,
-			PR_SADDR|PR_SFDS,(void *)ssl_ctx);
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		wait(NULL);
-		}
-
-	printf("irix threads done (%d,%d)\n",
-		s_ctx->references,c_ctx->references);
-	}
-
-unsigned long irix_thread_id()
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)getpid();
-	return(ret);
-	}
-#endif /* IRIX */
-
-#ifdef PTHREADS
-
-static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
-static long lock_count[CRYPTO_NUM_LOCKS];
-
-void thread_setup()
-	{
-	int i;
-
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		lock_count[i]=0;
-		pthread_mutex_init(&(lock_cs[i]),NULL);
-		}
-
-	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
-	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
-	}
-
-void thread_cleanup()
-	{
-	int i;
-
-	CRYPTO_set_locking_callback(NULL);
-	fprintf(stderr,"cleanup\n");
-	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
-		{
-		pthread_mutex_destroy(&(lock_cs[i]));
-		fprintf(stderr,"%8ld:%s\n",lock_count[i],
-			CRYPTO_get_lock_name(i));
-		}
-	fprintf(stderr,"done cleanup\n");
-	}
-
-void pthreads_locking_callback(mode,type,file,line)
-int mode;
-int type;
-char *file;
-int line;
-      {
-#ifdef undef
-	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
-		CRYPTO_thread_id(),
-		(mode&CRYPTO_LOCK)?"l":"u",
-		(type&CRYPTO_READ)?"r":"w",file,line);
-#endif
-/*
-	if (CRYPTO_LOCK_SSL_CERT == type)
-		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-		CRYPTO_thread_id(),
-		mode,file,line);
-*/
-	if (mode & CRYPTO_LOCK)
-		{
-		pthread_mutex_lock(&(lock_cs[type]));
-		lock_count[type]++;
-		}
-	else
-		{
-		pthread_mutex_unlock(&(lock_cs[type]));
-		}
-	}
-
-void do_threads(s_ctx,c_ctx)
-SSL_CTX *s_ctx,*c_ctx;
-	{
-	SSL_CTX *ssl_ctx[2];
-	pthread_t thread_ctx[MAX_THREAD_NUMBER];
-	int i;
-
-	ssl_ctx[0]=s_ctx;
-	ssl_ctx[1]=c_ctx;
-
-	/*
-	thr_setconcurrency(thread_number);
-	*/
-	for (i=0; i<thread_number; i++)
-		{
-		pthread_create(&(thread_ctx[i]), NULL,
-			(void *(*)())ndoit, (void *)ssl_ctx);
-		}
-
-	printf("reaping\n");
-	for (i=0; i<thread_number; i++)
-		{
-		pthread_join(thread_ctx[i],NULL);
-		}
-
-	printf("pthreads threads done (%d,%d)\n",
-	s_ctx->references,c_ctx->references);
-	}
-
-unsigned long pthreads_thread_id()
-	{
-	unsigned long ret;
-
-	ret=(unsigned long)pthread_self();
-	return(ret);
-	}
-
-#endif /* PTHREADS */
-
-
-
diff --git a/crypto/openssl/mt/profile.sh b/crypto/openssl/mt/profile.sh
deleted file mode 100644
index de5eb0670860..000000000000
--- a/crypto/openssl/mt/profile.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-cc -p -DSOLARIS -I../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/mt/pthread.sh b/crypto/openssl/mt/pthread.sh
deleted file mode 100644
index 7d0b6e55f546..000000000000
--- a/crypto/openssl/mt/pthread.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-#
-# build using pthreads
-#
-# http://www.mit.edu:8001/people/proven/pthreads.html
-#
-/bin/rm -f mttest
-pgcc -DPTHREADS -I../include -g mttest.c -o mttest -L.. -lssl -lcrypto 
-
diff --git a/crypto/openssl/mt/purify.sh b/crypto/openssl/mt/purify.sh
deleted file mode 100644
index 57c4017073a8..000000000000
--- a/crypto/openssl/mt/purify.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-purify cc -DSOLARIS -I../include -g mttest.c -o mttest -L.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/mt/solaris.sh b/crypto/openssl/mt/solaris.sh
deleted file mode 100644
index f6a90b17ee0a..000000000000
--- a/crypto/openssl/mt/solaris.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-/bin/rm -f mttest
-cc -DSOLARIS -I../include -g mttest.c -o mttest -L.. -lthread  -lssl -lcrypto -lnsl -lsocket
-
diff --git a/crypto/openssl/openssl.doxy b/crypto/openssl/openssl.doxy
deleted file mode 100644
index 479c311470af..000000000000
--- a/crypto/openssl/openssl.doxy
+++ /dev/null
@@ -1,7 +0,0 @@
-PROJECT_NAME=OpenSSL
-GENERATE_LATEX=no
-OUTPUT_DIRECTORY=doxygen
-INPUT=ssl include
-FILE_PATTERNS=*.c *.h
-RECURSIVE=yes
-PREDEFINED=DOXYGEN
diff --git a/crypto/openssl/openssl.spec b/crypto/openssl/openssl.spec
deleted file mode 100644
index e3ec71adf723..000000000000
--- a/crypto/openssl/openssl.spec
+++ /dev/null
@@ -1,210 +0,0 @@
-%define libmaj 0
-%define libmin 9
-%define librel 7
-%define librev a
-Release: 1
-
-%define openssldir /var/ssl
-
-Summary: Secure Sockets Layer and cryptography libraries and tools
-Name: openssl
-#Version: %{libmaj}.%{libmin}.%{librel}
-Version: %{libmaj}.%{libmin}.%{librel}%{librev}
-Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-Copyright: Freely distributable
-Group: System Environment/Libraries
-Provides: SSL
-URL: http://www.openssl.org/
-Packager: Damien Miller <djm@mindrot.org>
-BuildRoot:   /var/tmp/%{name}-%{version}-root
-
-%description
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation. 
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes. 
-
-This package contains the base OpenSSL cryptography and SSL/TLS 
-libraries and tools.
-
-%package devel
-Summary: Secure Sockets Layer and cryptography static libraries and headers
-Group: Development/Libraries
-Requires: openssl
-%description devel
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation. 
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes. 
-
-This package contains the the OpenSSL cryptography and SSL/TLS 
-static libraries and header files required when developing applications.
-
-%package doc
-Summary: OpenSSL miscellaneous files
-Group: Documentation
-Requires: openssl
-%description doc
-The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, fully featured, and Open Source toolkit implementing the
-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
-protocols as well as a full-strength general purpose cryptography library.
-The project is managed by a worldwide community of volunteers that use the
-Internet to communicate, plan, and develop the OpenSSL tookit and its related
-documentation. 
-
-OpenSSL is based on the excellent SSLeay library developed from Eric A.
-Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
-Apache-style licence, which basically means that you are free to get and
-use it for commercial and non-commercial purposes. 
-
-This package contains the the OpenSSL cryptography and SSL/TLS extra
-documentation and POD files from which the man pages were produced.
-
-%prep
-
-%setup -q
-
-%build 
-
-%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr 
-
-perl util/perlpath.pl /usr/bin/perl
-
-%ifarch i386 i486 i586 i686
-./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-elf shared
-%endif
-%ifarch ppc
-./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-ppc shared
-%endif
-%ifarch alpha
-./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha shared
-%endif
-LD_LIBRARY_PATH=`pwd` make
-LD_LIBRARY_PATH=`pwd` make rehash
-LD_LIBRARY_PATH=`pwd` make test
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make MANDIR=/usr/man INSTALL_PREFIX="$RPM_BUILD_ROOT" install
-
-# Rename manpages
-for x in $RPM_BUILD_ROOT/usr/man/man*/* 
-	do mv ${x} ${x}ssl
-done
-
-# Make backwards-compatibility symlink to ssleay
-ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files 
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-
-%attr(0755,root,root) /usr/bin/*
-%attr(0755,root,root) /usr/lib/*.so*
-%attr(0755,root,root) %{openssldir}/misc/*
-%attr(0644,root,root) /usr/man/man[157]/*
-
-%config %attr(0644,root,root) %{openssldir}/openssl.cnf 
-%dir %attr(0755,root,root) %{openssldir}/certs
-%dir %attr(0755,root,root) %{openssldir}/lib
-%dir %attr(0755,root,root) %{openssldir}/misc
-%dir %attr(0750,root,root) %{openssldir}/private
-
-%files devel
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-
-%attr(0644,root,root) /usr/lib/*.a
-%attr(0644,root,root) /usr/include/openssl/*
-%attr(0644,root,root) /usr/man/man[3]/*
-
-%files doc
-%defattr(0644,root,root,0755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
-%doc doc
-
-%post
-ldconfig
-
-%postun
-ldconfig
-
-%changelog
-* Thu Mar 22 2001 Richard Levitte <richard@levitte.org>
-- Removed redundant subsection that re-installed libcrypto.a and libssl.a
-  as well.  Also remove RSAref stuff completely, since it's not needed
-  any more.
-* Thu Mar 15 2001 Jeremiah Johnson <jjohnson@penguincomputing.com>
-- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
-  libssl.so.0.9.6.  As well as the subsection that created symlinks for
-  these.  make install handles all this.
-* Sat Oct 21 2000 Horms <horms@vergenet.net>
-- Make sure symlinks are created by using -f flag to ln.
-  Otherwise some .so libraries are copied rather than
-  linked in the resulting binary RPM. This causes the package
-  to be larger than neccessary and makes ldconfig complain.
-* Fri Oct 13 2000 Horms <horms@vergenet.net>
-- Make defattr is set for files in all packages so packages built as
-  non-root will still be installed with files owned by root.
-* Thu Sep 14 2000 Richard Levitte <richard@levitte.org>
-- Changed to adapt to the new (supported) way of making shared libraries
-- Installs all static libraries, not just libRSAglue.a
-- Extra documents now end up in a separate document package
-* Sun Feb 27 2000 Damien Miller <djm@mindrot.org>
-- Merged patches to spec
-- Updated to 0.9.5beta2 (now with manpages)
-* Sat Feb  5 2000 Michal Jaegermann <michal@harddata.com>
-- added 'linux-alpha' to configuration
-- fixed nasty absolute links
-* Tue Jan 25 2000 Bennett Todd <bet@rahul.net>
-- Added -DSSL_ALLOW_ADH, bumped Release to 4
-* Thu Oct 14 1999 Damien Miller <djm@mindrot.org>
-- Set default permissions
-- Removed documentation from devel sub-package
-* Thu Sep 30 1999 Damien Miller <djm@mindrot.org>
-- Added "make test" stage
-- GPG signed
-* Tue Sep 10 1999 Damien Miller <damien@ibs.com.au>
-- Updated to version 0.9.4
-* Tue May 25 1999 Damien Miller <damien@ibs.com.au>
-- Updated to version 0.9.3
-- Added attributes for all files
-- Paramatised openssl directory
-* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas@jmconsultores.com.pe>
-- Added "official" bnrec patch and taking other out
-- making a link from ssleay to openssl binary
-- putting all changelog together on SPEC file
-* Fri Mar  5 1999 Henri Gomez <gomez@slib.fr>
-- Added bnrec patch
-* Tue Dec 29 1998 Jonathan Ruano <kobalt@james.encomix.es>
-- minimum spec and patches changes for openssl
-- modified for openssl sources
-* Sat Aug  8 1998 Khimenko Victor <khim@sch57.msk.ru>
-- shared library creating process honours $RPM_OPT_FLAGS
-- shared libarry supports threads (as well as static library)
-* Wed Jul 22 1998 Khimenko Victor <khim@sch57.msk.ru>
-- building of shared library completely reworked
-* Tue Jul 21 1998 Khimenko Victor <khim@sch57.msk.ru>
-- RPM is BuildRoot'ed
-* Tue Feb 10 1998 Khimenko Victor <khim@sch57.msk.ru>
-- all stuff is moved out of /usr/local
diff --git a/crypto/openssl/os2/OS2-EMX.cmd b/crypto/openssl/os2/OS2-EMX.cmd
deleted file mode 100644
index acab99ac393f..000000000000
--- a/crypto/openssl/os2/OS2-EMX.cmd
+++ /dev/null
@@ -1,66 +0,0 @@
-@echo off
-
-perl Configure OS2-EMX
-perl util\mkfiles.pl > MINFO
-
-@rem create make file
-perl util\mk1mf.pl OS2-EMX > OS2-EMX.mak
-perl util\mk1mf.pl dll OS2-EMX > OS2-EMX-DLL.mak
-
-echo Generating export definition files
-perl util\mkdef.pl crypto OS2 > os2\crypto.def
-perl util\mkdef.pl ssl OS2 > os2\ssl.def
-
-echo Generating x86 for GNU assember
-
-echo Bignum
-cd crypto\bn\asm
-rem perl x86.pl a.out > bn-os2.asm
-perl bn-586.pl a.out > bn-os2.asm 
-perl co-586.pl a.out > co-os2.asm 
-cd ..\..\..
-
-echo DES
-cd crypto\des\asm
-perl des-586.pl a.out > d-os2.asm
-cd ..\..\..
-
-echo crypt(3)
-cd crypto\des\asm
-perl crypt586.pl a.out > y-os2.asm
-cd ..\..\..
-
-echo Blowfish
-cd crypto\bf\asm
-perl bf-586.pl a.out > b-os2.asm
-cd ..\..\..
-
-echo CAST5
-cd crypto\cast\asm
-perl cast-586.pl a.out > c-os2.asm
-cd ..\..\..
-
-echo RC4
-cd crypto\rc4\asm
-perl rc4-586.pl a.out > r4-os2.asm
-cd ..\..\..
-
-echo MD5
-cd crypto\md5\asm
-perl md5-586.pl a.out > m5-os2.asm
-cd ..\..\..
-
-echo SHA1
-cd crypto\sha\asm
-perl sha1-586.pl a.out > s1-os2.asm
-cd ..\..\..
-
-echo RIPEMD160
-cd crypto\ripemd\asm
-perl rmd-586.pl a.out > rm-os2.asm
-cd ..\..\..
-
-echo RC5\32
-cd crypto\rc5\asm
-perl rc5-586.pl a.out > r5-os2.asm
-cd ..\..\..
diff --git a/crypto/openssl/perl/MANIFEST b/crypto/openssl/perl/MANIFEST
deleted file mode 100644
index 80c900769d0b..000000000000
--- a/crypto/openssl/perl/MANIFEST
+++ /dev/null
@@ -1,17 +0,0 @@
-README.1ST
-MANIFEST
-Makefile.PL
-typemap
-OpenSSL.pm
-OpenSSL.xs
-openssl.h
-openssl_bio.xs
-openssl_bn.xs
-openssl_cipher.xs
-openssl_digest.xs
-openssl_err.xs
-openssl_ssl.xs
-openssl_x509.xs
-t/01-use.t
-t/02-version.t
-t/03-bio.t
diff --git a/crypto/openssl/perl/Makefile.PL b/crypto/openssl/perl/Makefile.PL
deleted file mode 100644
index 2a67ad061d5c..000000000000
--- a/crypto/openssl/perl/Makefile.PL
+++ /dev/null
@@ -1,45 +0,0 @@
-##
-##  Makefile.PL -- Perl MakeMaker specification
-##
-
-open(IN,"<../Makefile.ssl") || die "unable to open Makefile.ssl!\n";
-while(<IN>) {
-    $V=$1 if (/^VERSION=(.*)$/);
-}
-close(IN);
-print "Configuring companion Perl module for OpenSSL $V\n";
-
-use ExtUtils::MakeMaker;
-
-WriteMakefile(
-    'OPTIMIZE'      => '',
-    'DISTNAME'      => "openssl-$V",
-    'NAME'          => 'OpenSSL',
-    'VERSION_FROM'  => 'OpenSSL.pm',
-    'LIBS'          => ( $^O eq 'MSWin32'
-                         ? [ '-L../out32dll -lssleay32 -llibeay32' ]
-                         : [ '-L.. -lssl -lcrypto' ]                 ),
-    'DEFINE'        => '',
-    'INC'           => '-I../include',
-    'H'             => ['openssl.h'],
-    'OBJECT' =>
-        'OpenSSL.o ' .
-        'openssl_bio.o ' .
-        'openssl_bn.o ' .
-        'openssl_cipher.o ' .
-        'openssl_digest.o ' .
-        'openssl_err.o ' .
-        'openssl_ssl.o ' .
-        'openssl_x509.o ',
-    'XS' => { 
-        'OpenSSL.xs'        =>  'OpenSSL.c',
-        'openssl_bio.xs'    =>  'openssl_bio.c',
-        'openssl_bn.xs'     =>  'openssl_bn.c',
-        'openssl_cipher.xs' =>  'openssl_cipher.c',
-        'openssl_digest.xs' =>  'openssl_digest.c',
-        'openssl_err.xs'    =>  'openssl_err.c',
-        'openssl_ssl.xs'    =>  'openssl_ssl.c',
-        'openssl_x509.xs'   =>  'openssl_x509.c',
-    },
-);
-
diff --git a/crypto/openssl/perl/OpenSSL.pm b/crypto/openssl/perl/OpenSSL.pm
deleted file mode 100644
index ae7265a21d95..000000000000
--- a/crypto/openssl/perl/OpenSSL.pm
+++ /dev/null
@@ -1,90 +0,0 @@
-##
-##  OpenSSL.pm
-##
-
-package OpenSSL;
-
-require 5.000;
-use Exporter;
-use DynaLoader;
-
-@ISA    = qw(Exporter DynaLoader);
-@EXPORT = qw();
-
-$VERSION = '0.94';
-bootstrap OpenSSL;
-
-@OpenSSL::BN::ISA        = qw(OpenSSL::ERR);
-@OpenSSL::MD::ISA        = qw(OpenSSL::ERR);
-@OpenSSL::Cipher::ISA    = qw(OpenSSL::ERR);
-@OpenSSL::SSL::CTX::ISA  = qw(OpenSSL::ERR);
-@OpenSSL::BIO::ISA       = qw(OpenSSL::ERR);
-@OpenSSL::SSL::ISA       = qw(OpenSSL::ERR);
-
-@BN::ISA                 = qw(OpenSSL::BN);
-@MD::ISA                 = qw(OpenSSL::MD);
-@Cipher::ISA             = qw(OpenSSL::Cipher);
-@SSL::ISA                = qw(OpenSSL::SSL);
-@SSL::CTX::ISA           = qw(OpenSSL::SSL::CTX);
-@BIO::ISA                = qw(OpenSSL::BIO);
-
-@OpenSSL::MD::names = qw(
-    md2 md5 sha sha1 ripemd160 mdc2
-);
-
-@OpenSSL::Cipher::names = qw(
-    des-ecb des-cfb des-ofb des-cbc
-    des-ede des-ede-cfb des-ede-ofb des-ede-cbc
-    des-ede3 des-ede3-cfb des-ede3-ofb des-ede3-cbc
-    desx-cbc rc4 rc4-40
-    idea-ecb idea-cfb idea-ofb idea-cbc
-    rc2-ecb rc2-cbc rc2-40-cbc rc2-cfb rc2-ofb
-    bf-ecb bf-cfb bf-ofb bf-cbc
-    cast5-ecb cast5-cfb cast5-ofb cast5-cbc
-    rc5-ecb rc5-cfb rc5-ofb rc5-cbc
-);
-
-sub OpenSSL::SSL::CTX::new_ssl { 
-    OpenSSL::SSL::new($_[0]);
-}
-
-sub OpenSSL::ERR::error {
-    my($o) = @_;
-    my($s, $ret);
-
-    while (($s = $o->get_error()) != 0) {
-        $ret.=$s."\n";
-    }
-    return($ret);
-}
-
-@OpenSSL::Cipher::aliases = qw(
-    des desx des3 idea rc2 bf cast
-);
-
-package OpenSSL::BN;
-
-sub bnfix { 
-    (ref($_[0]) ne "OpenSSL::BN") ? OpenSSL::BN::dec2bn($_[0]) : $_[0]; 
-}
-
-use overload
-"="    => sub { dup($_[0]); },
-"+"    => sub { add($_[0],$_[1]); },
-"-"    => sub { ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; OpenSSL::BN::sub($_[0],$_[1]); },
-"*"    => sub { mul($_[0],$_[1]); },
-"**"   => sub { ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; OpenSSL::BN::exp($_[0],$_[1]); },
-"/"    => sub { ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; (div($_[0],$_[1]))[0]; },
-"%"    => sub { ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; mod($_[0],$_[1]); },
-"<<"   => sub { lshift($_[0],$_[1]); },
-">>"   => sub { rshift($_[0],$_[1]); },
-"<=>"  => sub { OpenSSL::BN::cmp($_[0],$_[1]); },
-'""'   => sub { bn2dec($_[0]); },
-'0+'   => sub { dec2bn($_[0]); },
-"bool" => sub { ref($_[0]) eq "OpenSSL::BN"; };
-
-sub OpenSSL::BIO::do_accept { 
-    OpenSSL::BIO::do_handshake(@_);
-}
-
-1;
diff --git a/crypto/openssl/perl/OpenSSL.xs b/crypto/openssl/perl/OpenSSL.xs
deleted file mode 100644
index 2267168b79a9..000000000000
--- a/crypto/openssl/perl/OpenSSL.xs
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
-**  OpenSSL.xs
-*/
-
-#include "openssl.h"
-
-SV *
-new_ref(type, obj, mort)
-  char *type;
-  char *obj;
-{
-    SV *ret;
-
-    if (mort)
-        ret = sv_newmortal();
-    else
-        ret = newSViv(0);
-#ifdef DEBUG
-    printf(">new_ref %d\n",type);
-#endif
-    sv_setref_pv(ret, type, (void *)obj);
-    return(ret);
-}
-
-int 
-ex_new(obj, data, ad, idx, argl, argp)
-  char *obj;
-  SV *data;
-  CRYPTO_EX_DATA *ad;
-  int idx;
-  long argl;
-  char *argp;
-{
-    SV *sv;
-
-#ifdef DEBUG
-    printf("ex_new %08X %s\n",obj,argp); 
-#endif
-    sv = sv_newmortal();
-    sv_setref_pv(sv, argp, (void *)obj);
-#ifdef DEBUG
-    printf("%d>new_ref '%s'\n", sv, argp);
-#endif
-    CRYPTO_set_ex_data(ad, idx, (char *)sv);
-    return(1);
-}
-
-void 
-ex_cleanup(obj, data, ad, idx, argl, argp)
-  char *obj;
-  SV *data;
-  CRYPTO_EX_DATA *ad;
-  int idx;
-  long argl;
-  char *argp;
-{
-    pr_name("ex_cleanup");
-#ifdef DEBUG
-    printf("ex_cleanup %08X %s\n", obj, argp);
-#endif
-    if (data != NULL)
-        SvREFCNT_dec((SV *)data);
-}
-
-MODULE = OpenSSL  PACKAGE = OpenSSL
-
-PROTOTYPES: ENABLE
-
-BOOT:
-    boot_bio();
-    boot_cipher();
-    boot_digest();
-    boot_err();
-    boot_ssl();
-    boot_OpenSSL__BN();
-    boot_OpenSSL__BIO();
-    boot_OpenSSL__Cipher();
-    boot_OpenSSL__MD();
-    boot_OpenSSL__ERR();
-    boot_OpenSSL__SSL();
-    boot_OpenSSL__X509();
-
diff --git a/crypto/openssl/perl/README.1ST b/crypto/openssl/perl/README.1ST
deleted file mode 100644
index 7b5a1aa5e9dc..000000000000
--- a/crypto/openssl/perl/README.1ST
+++ /dev/null
@@ -1,4 +0,0 @@
-
-  WARNING, this Perl interface to OpenSSL is horrible incomplete.
-  Don't expect it to be really useable!!
-
diff --git a/crypto/openssl/perl/openssl.h b/crypto/openssl/perl/openssl.h
deleted file mode 100644
index 2712324a302a..000000000000
--- a/crypto/openssl/perl/openssl.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "EXTERN.h"
-#include "perl.h"
-#include "XSUB.h"
-
-#ifdef __cplusplus
-}
-#endif
-
-typedef struct datum_st {
-    char *dptr;
-    int dsize;
-} datum;
-
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-
-#ifdef DEBUG
-#define pr_name(name)           printf("%s\n",name)
-#define pr_name_d(name,p2)      printf("%s %d\n",name,p2)
-#define pr_name_dd(name,p2,p3)  printf("%s %d %d\n",name,p2,p3)
-#else
-#define pr_name(name)
-#define pr_name_d(name,p2)
-#define pr_name_dd(name,p2,p3)
-#endif
-
-SV *new_ref(char *type, char *obj, int mort);
-int ex_new(char *obj, SV *data, CRYPTO_EX_DATA *ad, int idx, long argl, char *argp);
-void ex_cleanup(char *obj, SV *data, CRYPTO_EX_DATA *ad, int idx, long argl, char *argp);
-
diff --git a/crypto/openssl/perl/openssl_bio.xs b/crypto/openssl/perl/openssl_bio.xs
deleted file mode 100644
index 06d61af13052..000000000000
--- a/crypto/openssl/perl/openssl_bio.xs
+++ /dev/null
@@ -1,450 +0,0 @@
-
-#include "openssl.h"
-
-static int p5_bio_ex_bio_ptr = 0;
-static int p5_bio_ex_bio_callback = 0;
-static int p5_bio_ex_bio_callback_data = 0;
-
-static long 
-p5_bio_callback(bio,state,parg,cmd,larg,ret)
-  BIO  *bio;
-  int   state;
-  char *parg;
-  int   cmd;
-  long  larg;
-  int   ret;
-{
-    int i;
-    SV *me,*cb;
-
-    me = (SV *)BIO_get_ex_data(bio, p5_bio_ex_bio_ptr);
-    cb = (SV *)BIO_get_ex_data(bio, p5_bio_ex_bio_callback);
-    if (cb != NULL) {
-        dSP;
-
-        ENTER;
-        SAVETMPS;
-
-        PUSHMARK(sp);
-        XPUSHs(sv_2mortal(newSVsv(me)));
-        XPUSHs(sv_2mortal(newSViv(state)));
-        XPUSHs(sv_2mortal(newSViv(cmd)));
-        if ((state == BIO_CB_READ) || (state == BIO_CB_WRITE))
-            XPUSHs(sv_2mortal(newSVpv(parg,larg)));
-        else
-            XPUSHs(&sv_undef);
-        /* ptr one */
-        XPUSHs(sv_2mortal(newSViv(larg)));
-        XPUSHs(sv_2mortal(newSViv(ret)));
-        PUTBACK;
-
-        i = perl_call_sv(cb,G_SCALAR);
-
-        SPAGAIN;
-        if (i == 1)
-            ret = POPi;
-        else
-            ret = 1;
-        PUTBACK;
-        FREETMPS;
-        LEAVE;
-    }
-    else {
-        croak("Internal error in p5_bio_callback");
-    }
-    return(ret);
-}
-
-int 
-boot_bio(void)
-{
-    p5_bio_ex_bio_ptr = BIO_get_ex_new_index(0, "OpenSSL::BIO", ex_new, NULL, ex_cleanup);
-    p5_bio_ex_bio_callback = BIO_get_ex_new_index(0, "bio_callback", NULL, NULL, ex_cleanup);
-    p5_bio_ex_bio_callback_data = BIO_get_ex_new_index(0, "bio_callback_data", NULL, NULL, ex_cleanup);
-    return(1);
-}
-
-MODULE = OpenSSL::BIO  PACKAGE = OpenSSL::BIO  PREFIX = p5_BIO_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-void
-p5_BIO_new_buffer_ssl_connect(...)
-    PROTOTYPE: ;$
-    PREINIT:
-        SSL_CTX *ctx;
-        BIO *bio;
-        SV *arg;
-    PPCODE:
-        if (items == 1)
-            arg = ST(0);
-        else if (items == 2)
-            arg = ST(1);
-        else
-            arg = NULL;
-        if ((arg == NULL) || !(sv_derived_from(arg,"OpenSSL::SSL::CTX")))
-            croak("Usage: OpenSSL::BIO::new_buffer_ssl_connect(SSL_CTX)");
-        else {
-            IV tmp = SvIV((SV *)SvRV(arg));
-            ctx = (SSL_CTX *)tmp;
-        }
-        EXTEND(sp, 1);
-        bio = BIO_new_buffer_ssl_connect(ctx);
-        arg = (SV *)BIO_get_ex_data(bio, p5_bio_ex_bio_ptr);
-        PUSHs(arg);
-    
-void
-p5_BIO_new_ssl_connect(...)
-    PROTOTYPE: ;$
-    PREINIT:
-        SSL_CTX *ctx;
-        BIO *bio;
-        SV *arg;
-    PPCODE:
-        if (items == 1)
-            arg = ST(0);
-        else if (items == 2)
-            arg = ST(1);
-        else
-            arg = NULL;
-        if ((arg == NULL) || !(sv_derived_from(arg,"OpenSSL::SSL::CTX")))
-            croak("Usage: OpenSSL::BIO::new_ssl_connect(SSL_CTX)");
-        else {
-            IV tmp = SvIV((SV *)SvRV(arg));
-            ctx = (SSL_CTX *)tmp;
-        }
-        EXTEND(sp,1);
-        bio = BIO_new_ssl_connect(ctx);
-        arg = (SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
-        PUSHs(arg);
-    
-void
-p5_BIO_new(...)
-    PROTOTYPE: ;$
-    PREINIT:
-        BIO *bio;
-        char *type;
-        SV *arg;
-    PPCODE:
-        pr_name("p5_BIO_new");
-        if ((items == 1) && SvPOK(ST(0)))
-            type = SvPV(ST(0),na);
-        else if ((items == 2) && SvPOK(ST(1)))
-            type = SvPV(ST(1),na);
-        else
-            croak("Usage: OpenSSL::BIO::new(type)");
-        EXTEND(sp,1);
-        if (strcmp(type, "mem") == 0)
-            bio=BIO_new(BIO_s_mem());
-        else if (strcmp(type, "socket") == 0)
-            bio=BIO_new(BIO_s_socket());
-        else if (strcmp(type, "connect") == 0)
-            bio=BIO_new(BIO_s_connect());
-        else if (strcmp(type, "accept") == 0)
-            bio=BIO_new(BIO_s_accept());
-        else if (strcmp(type, "fd") == 0)
-            bio=BIO_new(BIO_s_fd());
-        else if (strcmp(type, "file") == 0)
-            bio=BIO_new(BIO_s_file());
-        else if (strcmp(type, "null") == 0)
-            bio=BIO_new(BIO_s_null());
-        else if (strcmp(type, "ssl") == 0)
-            bio=BIO_new(BIO_f_ssl());
-        else if (strcmp(type, "buffer") == 0)
-            bio=BIO_new(BIO_f_buffer());
-        else
-            croak("unknown BIO type");
-        arg = (SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
-        PUSHs(arg);
-
-int
-p5_BIO_hostname(bio, name)
-    BIO *bio;
-    char *name;
-    PROTOTYPE: $$
-    CODE:
-        RETVAL = BIO_set_conn_hostname(bio, name);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_set_accept_port(bio, str)
-    BIO *bio;
-    char *str;
-    PROTOTYPE: $$
-    CODE:
-        RETVAL = BIO_set_accept_port(bio, str);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_do_handshake(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = BIO_do_handshake(bio);
-    OUTPUT:
-        RETVAL
-
-BIO *
-p5_BIO_push(b, bio)
-    BIO *b;
-    BIO *bio;
-    PROTOTYPE: $$
-    CODE:
-        /* This reference will be reduced when the reference is
-         * let go, and then when the BIO_free_all() is called
-         * inside the OpenSSL library by the BIO with this
-         * pushed into */
-        bio->references++;
-        RETVAL = BIO_push(b, bio);
-    OUTPUT:
-        RETVAL
-
-void
-p5_BIO_pop(b)
-    BIO *b
-    PROTOTYPE: $
-    PREINIT:
-        BIO *bio;
-        char *type;
-        SV *arg;
-    PPCODE:
-        bio = BIO_pop(b);
-        if (bio != NULL) {
-            /* This BIO will either be one created in the
-             * perl library, in which case it will have a perl
-             * SV, otherwise it will have been created internally,
-             * inside OpenSSL.  For the 'pushed in', it needs
-             * the reference count decremented. */
-            arg = (SV *)BIO_get_ex_data(bio, p5_bio_ex_bio_ptr);
-            if (arg == NULL) {
-                arg = new_ref("OpenSSL::BIO",(char *)bio,0);
-                BIO_set_ex_data(bio, p5_bio_ex_bio_ptr, (char *)arg);
-                PUSHs(arg);
-            }
-            else {
-                /* it was pushed in */
-                SvREFCNT_inc(arg);
-                PUSHs(arg);
-            }
-        }
-
-int
-p5_BIO_sysread(bio, in, num, ...)
-    BIO *bio;
-    SV *in;
-    int num;
-    PROTOTYPE: $$$;
-    PREINIT:
-        int i,n,olen;
-        int offset;
-        char *p;
-    CODE:
-        offset = 0;
-        if (!SvPOK(in))
-            sv_setpvn(in, "", 0);
-        SvPV(in, olen);
-        if (items > 3) {
-            offset = SvIV(ST(3));
-            if (offset < 0) {
-                if (-offset > olen)
-                    croak("Offset outside string");
-                offset+=olen;
-            }
-        }
-        if ((num+offset) > olen) {
-            SvGROW(in, num+offset+1);
-            p=SvPV(in, i);
-            memset(&(p[olen]), 0, (num+offset)-olen+1);
-        }
-        p = SvPV(in,n);
-        i = BIO_read(bio, p+offset, num);
-        RETVAL = i;
-        if (i <= 0) 
-            i = 0;
-        SvCUR_set(in, offset+i);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_syswrite(bio, in, ...)
-    BIO *bio;
-    SV *in;
-    PROTOTYPE: $$;
-    PREINIT:
-        char *ptr;
-        int len,in_len;
-        int offset=0;
-        int n;
-    CODE:
-        ptr = SvPV(in, in_len);
-        if (items > 2) {
-            len = SvOK(ST(2)) ? SvIV(ST(2)) : in_len;
-            if (items > 3) {
-                offset = SvIV(ST(3));
-                if (offset < 0) {
-                    if (-offset > in_len)
-                        croak("Offset outside string");
-                    offset+=in_len;
-                }
-                else if ((offset >= in_len) && (in_len > 0))
-                    croak("Offset outside string");
-            }
-            if (len >= (in_len-offset))
-                len = in_len-offset;
-        }
-        else
-            len = in_len;
-        RETVAL = BIO_write(bio, ptr+offset, len);
-    OUTPUT:
-        RETVAL
-
-void
-p5_BIO_getline(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    PREINIT:
-        int i;
-        char *p;
-    PPCODE:
-        pr_name("p5_BIO_gets");
-        EXTEND(sp, 1);
-        PUSHs(sv_newmortal());
-        sv_setpvn(ST(0), "", 0);
-        SvGROW(ST(0), 1024);
-        p=SvPV(ST(0), na);
-        i = BIO_gets(bio, p, 1024);
-        if (i < 0) 
-            i = 0;
-        SvCUR_set(ST(0), i);
-
-int
-p5_BIO_flush(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = BIO_flush(bio);
-    OUTPUT:
-        RETVAL
-
-char *
-p5_BIO_type(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = bio->method->name;
-    OUTPUT:
-        RETVAL
-
-void
-p5_BIO_next_bio(b)
-    BIO *b
-    PROTOTYPE: $
-    PREINIT:
-        BIO *bio;
-        char *type;
-        SV *arg;
-    PPCODE:
-        bio = b->next_bio;
-        if (bio != NULL) {
-            arg = (SV *)BIO_get_ex_data(bio, p5_bio_ex_bio_ptr);
-            if (arg == NULL) {
-                arg = new_ref("OpenSSL::BIO", (char *)bio, 0);
-                BIO_set_ex_data(bio, p5_bio_ex_bio_ptr, (char *)arg);
-                bio->references++;
-                PUSHs(arg);
-            }
-            else {
-                SvREFCNT_inc(arg);
-                PUSHs(arg);
-            }
-        }
-
-int
-p5_BIO_puts(bio, in)
-    BIO *bio;
-    SV *in;
-    PROTOTYPE: $$
-    PREINIT:
-        char *ptr;
-    CODE:
-        ptr = SvPV(in,na);
-        RETVAL = BIO_puts(bio, ptr);
-    OUTPUT:
-        RETVAL
-
-void
-p5_BIO_set_callback(bio, cb,...)
-    BIO *bio;
-    SV *cb;
-    PROTOTYPE: $$;
-    PREINIT:
-        SV *arg  = NULL;
-        SV *arg2 = NULL;
-    CODE:
-        if (items > 3)
-            croak("Usage: OpenSSL::BIO::set_callback(bio,callback[,arg]");
-        if (items == 3) {
-            arg2 = sv_mortalcopy(ST(2));
-            SvREFCNT_inc(arg2);
-            BIO_set_ex_data(bio, p5_bio_ex_bio_callback_data, (char *)arg2);
-        }
-        arg = sv_mortalcopy(ST(1));
-        SvREFCNT_inc(arg);
-        BIO_set_ex_data(bio, p5_bio_ex_bio_callback, (char *)arg);
-        /* printf("%08lx < bio_ptr\n",BIO_get_ex_data(bio,p5_bio_ex_bio_ptr)); */
-        BIO_set_callback(bio, p5_bio_callback);
-
-void
-p5_BIO_DESTROY(bio)
-    BIO *bio
-    PROTOTYPE: $
-    PREINIT:
-        SV *sv;
-    PPCODE:
-        pr_name_d("p5_BIO_DESTROY",bio->references);
-        /* printf("p5_BIO_DESTROY <%s> %d\n",bio->method->name,bio->references); */
-        BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,NULL);
-        BIO_free_all(bio);
-
-int
-p5_BIO_set_ssl(bio, ssl)
-    BIO *bio;
-    SSL *ssl;
-    PROTOTYPE: $$
-    CODE:
-        pr_name("p5_BIO_set_ssl");
-        ssl->references++;
-        RETVAL = BIO_set_ssl(bio, ssl, BIO_CLOSE);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_number_read(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = BIO_number_read(bio);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_number_written(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = BIO_number_written(bio);
-    OUTPUT:
-        RETVAL
-
-int
-p5_BIO_references(bio)
-    BIO *bio;
-    PROTOTYPE: $
-    CODE:
-        RETVAL = bio->references; 
-    OUTPUT:
-        RETVAL
-
diff --git a/crypto/openssl/perl/openssl_bn.xs b/crypto/openssl/perl/openssl_bn.xs
deleted file mode 100644
index f79bf879e8bc..000000000000
--- a/crypto/openssl/perl/openssl_bn.xs
+++ /dev/null
@@ -1,593 +0,0 @@
-
-#include "openssl.h"
-
-int sv_to_BIGNUM(var,arg,name)
-BIGNUM **var;
-SV *arg;
-char *name;
-	{
-	int ret=1;
-
-	if (sv_derived_from(arg,"OpenSSL::BN"))
-		{
-		IV tmp = SvIV((SV*)SvRV(arg));
-		*var = (BIGNUM *) tmp;
-		}
-	else if (SvIOK(arg)) {
-		SV *tmp=sv_newmortal();
-		*var=BN_new();
-		BN_set_word(*var,SvIV(arg));
-		sv_setref_pv(tmp,"OpenSSL::BN",(void*)*var);
-		}
-	else if (SvPOK(arg)) {
-		char *ptr;
-		STRLEN len;
-		SV *tmp=sv_newmortal();
-		*var=BN_new();
-		sv_setref_pv(tmp,"OpenSSL::BN", (void*)*var);
-		ptr=SvPV(arg,len);
-		SvGROW(arg,len+1);
-		ptr[len]='\0';
-		BN_dec2bn(var,ptr);
-		}
-	else
-		{
-		croak(name);
-		ret=0;
-		}
-	return(ret);
-	}
-
-typedef struct gpc_args_st {
-	SV *cb;
-	SV *arg;
-	} GPC_ARGS;
-
-static void generate_prime_callback(pos,num,arg)
-int pos;
-int num;
-char *arg;
-	{
-	dSP ;
-	int i;
-	GPC_ARGS *a=(GPC_ARGS *)arg;
-
-	ENTER ;
-	SAVETMPS ;
-
-	PUSHMARK(sp);
-	XPUSHs(sv_2mortal(newSViv(pos)));
-	XPUSHs(sv_2mortal(newSViv(num)));
-	XPUSHs(sv_2mortal(newSVsv(a->arg)));
-	PUTBACK;
-
-	i=perl_call_sv(a->cb,G_DISCARD);
-
-	SPAGAIN;
-
-	PUTBACK;
-	FREETMPS;
-	LEAVE;
-	}
-
-MODULE =  OpenSSL::BN	PACKAGE = OpenSSL::BN	PREFIX = p5_BN_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-void
-p5_BN_new(...)
-	PREINIT:
-		BIGNUM *bn;
-		SV *arg;
-	PPCODE:
-		pr_name("p5_BN_new");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		bn=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)bn);
-
-void
-p5_BN_dup(a)
-	BIGNUM *a;
-	PREINIT:
-		BIGNUM *bn;
-	PPCODE:
-		pr_name("p5_BN_dup");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		bn=BN_dup(a);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)bn);
-
-void
-p5_BN_rand(bits,...)
-	int bits;
-	PREINIT:
-		int top=1;
-		int bottom=0;
-		BIGNUM *ret;
-	PPCODE:	
-		pr_name("p5_BN_rand");
-		if ((items < 1) || (items > 3))
-			croak("Usage: OpenSSL::BN::rand(bits[,top_bit][,bottombit]");
-		if (items >= 2) top=(int)SvIV(ST(0));
-		if (items >= 3) bottom=(int)SvIV(ST(1));
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		BN_rand(ret,bits,top,bottom);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-
-void
-p5_BN_bin2bn(a)
-	datum a;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_bin2bn");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_bin2bn(a.dptr,a.dsize,NULL);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-
-void
-p5_BN_bn2bin(a)
-	BIGNUM *a;
-	PREINIT:
-		int i;
-	PPCODE:
-		pr_name("p5_BN_bn2bin");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		i=BN_num_bytes(a)+2;
-		sv_setpvn(ST(0),"",1);
-		SvGROW(ST(0),i+1);
-		SvCUR_set(ST(0),BN_bn2bin(a,SvPV(ST(0),na)));
-
-void
-p5_BN_mpi2bn(a)
-	datum a;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mpi2bn");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_mpi2bn(a.dptr,a.dsize,NULL);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-
-void
-p5_BN_bn2mpi(a)
-	BIGNUM *a;
-	PREINIT:
-		int i;
-	PPCODE:
-		pr_name("p5_BN_bn2mpi");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		i=BN_bn2mpi(a,NULL);
-		sv_setpvn(ST(0),"",1);
-		SvGROW(ST(0),i+1);
-		SvCUR_set(ST(0),BN_bn2mpi(a,SvPV(ST(0),na)));
-
-void
-p5_BN_hex2bn(a)
-	datum a;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_hex2bn");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_hex2bn(&ret,a.dptr);
-
-void
-p5_BN_dec2bn(a)
-	datum a;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_dec2bn");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_dec2bn(&ret,a.dptr);
-
-SV *
-p5_BN_bn2hex(a)
-	BIGNUM *a;
-	PREINIT:
-		char *ptr;
-		int i;
-	CODE:
-		pr_name("p5_BN_bn2hex");
-		ptr=BN_bn2hex(a);
-		RETVAL=newSVpv("",0);
-		i=strlen(ptr);
-		SvGROW(RETVAL,i+1);
-		memcpy(SvPV(RETVAL,na),ptr,i+1);
-		SvCUR_set(RETVAL,i);
-		Free(ptr);
-	OUTPUT:
-		RETVAL
-
-SV *
-p5_BN_bn2dec(a)
-	BIGNUM *a;
-	PREINIT:
-		char *ptr;
-		int i;
-	CODE:
-		pr_name("p5_BN_bn2dec");
-		ptr=BN_bn2dec(a);
-		RETVAL=newSVpv("",0);
-		i=strlen(ptr);
-		SvGROW(RETVAL,i+1);
-		memcpy(SvPV(RETVAL,na),ptr,i+1);
-		SvCUR_set(RETVAL,i);
-		Free(ptr);
-	OUTPUT:
-		RETVAL
-
-void
-p5_BN_add(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_add");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_add(ret,a,b);
-
-void
-p5_BN_sub(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_sub");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_sub(ret,a,b);
-
-void
-p5_BN_mul(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mul");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_mul(ret,a,b,ctx);
-
-void
-p5_BN_div(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *div,*mod;
-	PPCODE:
-		pr_name("p5_BN_div");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,2);
-		PUSHs(sv_newmortal());
-		PUSHs(sv_newmortal());
-		div=BN_new();
-		mod=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)div);
-		sv_setref_pv(ST(1), "OpenSSL::BN", (void*)mod);
-		BN_div(div,mod,a,b,ctx);
-
-void
-p5_BN_mod(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *rem;
-	PPCODE:
-		pr_name("p5_BN_mod");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		rem=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)rem);
-		BN_mod(rem,a,b,ctx);
-
-void
-p5_BN_exp(a,p)
-	BIGNUM *a;
-	BIGNUM *p;
-	PREINIT:
-		BIGNUM *ret;
-		static BN_CTX *ctx=NULL;
-	PPCODE:
-		pr_name("p5_BN_exp");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_exp(ret,a,p,ctx);
-
-void
-p5_BN_mod_mul(a,b,c)
-	BIGNUM *a;
-	BIGNUM *b;
-	BIGNUM *c;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mod_mul");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_mod_mul(ret,a,b,c,ctx);
-
-void
-p5_BN_mod_exp(a,b,c)
-	BIGNUM *a;
-	BIGNUM *b;
-	BIGNUM *c;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mod_exp");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_mod_exp(ret,a,b,c,ctx);
-
-void
-p5_BN_generate_prime(...)
-	PREINIT:
-		int bits=512;
-		int strong=0;
-		BIGNUM *ret=NULL;
-		SV *callback=NULL;
-		SV *cb_arg=NULL;
-		GPC_ARGS arg;
-		dSP;
-
-	PPCODE:
-		pr_name("p5_BN_generate_prime");
-		if ((items < 0) || (items > 4))
-			croak("Usage: OpenSSL::BN::generate_prime(a[,strong][,callback][,cb_arg]");
-		if (items >= 1) bits=(int)SvIV(ST(0));
-		if (items >= 2) strong=(int)SvIV(ST(1));
-		if (items >= 3) callback=ST(2);
-		if (items == 4) cb_arg=ST(3);
-
-		if (callback == NULL)
-			ret=BN_generate_prime(ret,bits,strong,NULL,NULL,NULL,NULL);
-		else
-			{
-			arg.cb=callback;
-			arg.arg=cb_arg;
-
-			ret=BN_generate_prime(ret,bits,strong,NULL,NULL,
-				generate_prime_callback,(char *)&arg);
-			}
-
-		SPAGAIN;
-		sp-=items; /* a bit evil that I do this */
-
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-
-void
-p5_BN_is_prime(p,...)
-	BIGNUM *p;
-	PREINIT:
-	int nchecks=5,ret;
-	SV *callback=NULL;
-	SV *cb_arg=NULL;
-	GPC_ARGS arg;
-	dSP;
-	static BN_CTX *ctx=NULL;
-	PPCODE:
-		pr_name("p5_BN_is_prime");
-		if ((items < 1) || (items > 4))
-			croak("Usage: OpenSSL::BN::is_prime(a[,ncheck][,callback][,callback_arg]");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		if (items >= 2) nchecks=(int)SvIV(ST(1));
-		if (items >= 3) callback=ST(2);
-		if (items >= 4) cb_arg=ST(3);
-		arg.arg=cb_arg; 
-		if (callback == NULL)
-			ret=BN_is_prime(p,nchecks,NULL,ctx,NULL);
-		else
-			{
-			arg.cb=callback;
-			arg.arg=cb_arg;
-			ret=BN_is_prime(p,nchecks,generate_prime_callback,
-				ctx,(char *)&arg);
-			}
-		SPAGAIN;
-		sp-=items; /* a bit evil */
-		PUSHs(sv_2mortal(newSViv(ret)));
-
-int
-p5_BN_num_bits(a)
-	BIGNUM *a;
-	CODE:
-		pr_name("p5_BN_num_bits");
-		RETVAL=BN_num_bits(a);
-	OUTPUT:
-		RETVAL
-
-int
-p5_BN_cmp(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	CODE:
-		pr_name("p5_BN_cmp");
-		RETVAL=BN_cmp(a,b);
-	OUTPUT:
-		RETVAL
-
-int
-p5_BN_ucmp(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	CODE:
-		pr_name("p5_BN_ucmp");
-		RETVAL=BN_ucmp(a,b);
-	OUTPUT:
-		RETVAL
-
-int
-p5_BN_is_bit_set(a,b)
-	BIGNUM *a;
-	int b;
-	CODE:
-		pr_name("p5_BN_is_bit_set");
-		RETVAL=BN_is_bit_set(a,b);
-	OUTPUT:
-		RETVAL
-
-void
-p5_BN_set_bit(a,b)
-	BIGNUM *a;
-	int b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_set_bit");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_dup(a);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_set_bit(ret,b);
-
-void
-p5_BN_clear_bit(a,b)
-	BIGNUM *a;
-	int b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_clear_bit");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_dup(a);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_clear_bit(ret,b);
-
-void
-p5_BN_lshift(a,b)
-	BIGNUM *a;
-	int b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_lshift");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		if (b == 1)
-			BN_lshift1(ret,a);
-		else
-			BN_lshift(ret,a,b);
-
-void
-p5_BN_rshift(a,b)
-	BIGNUM *a;
-	int b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_rshift");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		if (b == 1)
-			BN_rshift1(ret,a);
-		else
-			BN_rshift(ret,a,b);
-
-void
-p5_BN_mask_bits(a,b)
-	BIGNUM *a;
-	int b;
-	PREINIT:
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mask_bits");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_dup(a);
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_mask_bits(ret,b);
-
-void
-p5_BN_clear(a)
-	BIGNUM *a;
-	PPCODE:
-		pr_name("p5_BN_clear");
-		BN_clear(a);
-
-void
-p5_BN_gcd(a,b)
-	BIGNUM *a;
-	BIGNUM *b;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_gcd");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ret=BN_new();
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-		BN_gcd(ret,a,b,ctx);
-
-void
-p5_BN_mod_inverse(a,mod)
-	BIGNUM *a;
-	BIGNUM *mod;
-	PREINIT:
-		static BN_CTX *ctx=NULL;
-		BIGNUM *ret;
-	PPCODE:
-		pr_name("p5_BN_mod_inverse");
-		if (ctx == NULL) ctx=BN_CTX_new();
-		ret=BN_mod_inverse(ret,a,mod,ctx);
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		sv_setref_pv(ST(0), "OpenSSL::BN", (void*)ret);
-
-void
-p5_BN_DESTROY(bn)
-	BIGNUM *bn
-	CODE:
-	pr_name("p5_BN_DESTROY");
-	BN_free(bn);
-
diff --git a/crypto/openssl/perl/openssl_cipher.xs b/crypto/openssl/perl/openssl_cipher.xs
deleted file mode 100644
index e9ff2a8f7905..000000000000
--- a/crypto/openssl/perl/openssl_cipher.xs
+++ /dev/null
@@ -1,154 +0,0 @@
-
-#include "openssl.h"
-
-int boot_cipher()
-	{
-        SSLeay_add_all_ciphers();
-	return(1);
-	}
-
-MODULE =  OpenSSL::Cipher	PACKAGE = OpenSSL::Cipher PREFIX = p5_EVP_C_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-void
-p5_EVP_C_new(...)
-	PREINIT:
-		EVP_CIPHER_CTX *ctx;
-		const EVP_CIPHER *c;
-		char *name;
-	PPCODE:
-		if ((items == 1) && SvPOK(ST(0)))
-			name=SvPV(ST(0),na);
-		else if ((items == 2) && SvPOK(ST(1)))
-			name=SvPV(ST(1),na);
-		else
-			croak("Usage: OpenSSL::Cipher::new(type)");
-		PUSHs(sv_newmortal());
-		c=EVP_get_cipherbyname(name);
-		if (c != NULL)
-			{
-			ctx=malloc(sizeof(EVP_CIPHER_CTX));
-			EVP_EncryptInit(ctx,c,NULL,NULL);
-			sv_setref_pv(ST(0), "OpenSSL::Cipher", (void*)ctx);
-			}
-
-datum
-p5_EVP_C_name(ctx)
-	EVP_CIPHER_CTX *ctx
-	CODE:
-		RETVAL.dptr=OBJ_nid2ln(EVP_CIPHER_CTX_nid(ctx));
-		RETVAL.dsize=strlen(RETVAL.dptr);
-	OUTPUT:
-		RETVAL
-
-int
-p5_EVP_C_key_length(ctx)
-	EVP_CIPHER_CTX *ctx
-	CODE:
-		RETVAL=EVP_CIPHER_CTX_key_length(ctx);
-	OUTPUT:
-		RETVAL
-
-int
-p5_EVP_C_iv_length(ctx)
-	EVP_CIPHER_CTX *ctx
-	CODE:
-		RETVAL=EVP_CIPHER_CTX_iv_length(ctx);
-	OUTPUT:
-		RETVAL
-	
-int
-p5_EVP_C_block_size(ctx)
-	EVP_CIPHER_CTX *ctx
-	CODE:
-		RETVAL=EVP_CIPHER_CTX_block_size(ctx);
-	OUTPUT:
-		RETVAL
-	
-void
-p5_EVP_C_init(ctx,key,iv,enc)
-	EVP_CIPHER_CTX *ctx
-	datum key
-	datum iv
-	int enc
-	PREINIT:
-		char loc_iv[EVP_MAX_IV_LENGTH];
-		char loc_key[EVP_MAX_KEY_LENGTH];
-		char *ip=loc_iv,*kp=loc_key;
-		int i;
-		memset(loc_iv,0,EVP_MAX_IV_LENGTH);
-		memset(loc_key,0,EVP_MAX_KEY_LENGTH);
-	CODE:
-		i=key.dsize;
-		if (key.dsize > EVP_CIPHER_CTX_key_length(ctx))
-			i=EVP_CIPHER_CTX_key_length(ctx);
-		if (i > 0)
-			{
-			memset(kp,0,EVP_MAX_KEY_LENGTH);
-			memcpy(kp,key.dptr,i);
-			}
-		else
-			kp=NULL;
-		i=iv.dsize;
-		if (iv.dsize > EVP_CIPHER_CTX_iv_length(ctx))
-			i=EVP_CIPHER_CTX_iv_length(ctx);
-		if (i > 0)
-			{
-			memcpy(ip,iv.dptr,i);
-			memset(ip,0,EVP_MAX_IV_LENGTH);
-			}
-		else
-			ip=NULL;
-		EVP_CipherInit(ctx,EVP_CIPHER_CTX_cipher(ctx),kp,ip,enc);
-		memset(loc_key,0,sizeof(loc_key));
-		memset(loc_iv,0,sizeof(loc_iv));
-
-SV *
-p5_EVP_C_cipher(ctx,in)
-	EVP_CIPHER_CTX *ctx;
-	datum in;
-	CODE:
-		RETVAL=newSVpv("",0);
-		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
-		EVP_Cipher(ctx,SvPV(RETVAL,na),in.dptr,in.dsize);
-		SvCUR_set(RETVAL,in.dsize);
-	OUTPUT:
-		RETVAL
-
-SV *
-p5_EVP_C_update(ctx, in)
-	EVP_CIPHER_CTX *ctx
-	datum in
-	PREINIT:
-	int i;
-	CODE:
-		RETVAL=newSVpv("",0);
-		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
-		EVP_CipherUpdate(ctx,SvPV(RETVAL,na),&i,in.dptr,in.dsize);
-		SvCUR_set(RETVAL,i);
-	OUTPUT:
-		RETVAL
-
-SV *
-p5_EVP_C_final(ctx)
-	EVP_CIPHER_CTX *ctx
-	PREINIT:
-	int i;
-	CODE:
-		RETVAL=newSVpv("",0);
-		SvGROW(RETVAL,EVP_CIPHER_CTX_block_size(ctx)+1);
-		if (!EVP_CipherFinal(ctx,SvPV(RETVAL,na),&i))
-			sv_setpv(RETVAL,"BAD DECODE");
-		else
-			SvCUR_set(RETVAL,i);
-	OUTPUT:
-		RETVAL
-
-void
-p5_EVP_C_DESTROY(ctx)
-	EVP_CIPHER_CTX *ctx
-	CODE:
-	free((char *)ctx);
-
diff --git a/crypto/openssl/perl/openssl_digest.xs b/crypto/openssl/perl/openssl_digest.xs
deleted file mode 100644
index 6cd3018e9f21..000000000000
--- a/crypto/openssl/perl/openssl_digest.xs
+++ /dev/null
@@ -1,84 +0,0 @@
-
-#include "openssl.h"
-
-int boot_digest()
-	{
-	SSLeay_add_all_digests();
-	return(1);
-	}
-
-MODULE =  OpenSSL::MD	PACKAGE = OpenSSL::MD	PREFIX = p5_EVP_MD_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-# OpenSSL::MD::new(name) name= md2, md5, sha, sha1, or mdc2
-#	md->name() - returns the name
-#	md->init() - reinitalises the digest
-#	md->update(data) - adds more data to digest
-#	digest=md->final() - returns digest
-#
-
-void
-p5_EVP_MD_new(...)
-	PREINIT:
-		EVP_MD_CTX *ctx;
-		const EVP_MD *md;
-		char *name;
-	PPCODE:
-		if ((items == 1) && SvPOK(ST(0)))
-			name=SvPV(ST(0),na);
-		else if ((items == 2) && SvPOK(ST(1)))
-			name=SvPV(ST(1),na);
-		else
-			croak("Usage: OpenSSL::MD::new(type)");
-		PUSHs(sv_newmortal());
-		md=EVP_get_digestbyname(name);
-		if (md != NULL)
-			{
-			ctx=malloc(sizeof(EVP_MD_CTX));
-			EVP_DigestInit(ctx,md);
-			sv_setref_pv(ST(0), "OpenSSL::MD", (void*)ctx);
-			}
-
-datum
-p5_EVP_MD_name(ctx)
-	EVP_MD_CTX *ctx
-	CODE:
-		RETVAL.dptr=OBJ_nid2ln(EVP_MD_type(EVP_MD_CTX_type(ctx)));
-		RETVAL.dsize=strlen(RETVAL.dptr);
-	OUTPUT:
-		RETVAL
-	
-void
-p5_EVP_MD_init(ctx)
-	EVP_MD_CTX *ctx
-	CODE:
-		EVP_DigestInit(ctx,EVP_MD_CTX_type(ctx));
-
-void
-p5_EVP_MD_update(ctx, in)
-	EVP_MD_CTX *ctx
-	datum in
-	CODE:
-		EVP_DigestUpdate(ctx,in.dptr,in.dsize);
-
-datum
-p5_EVP_MD_final(ctx)
-	EVP_MD_CTX *ctx
-	PREINIT:
-		char md[EVP_MAX_MD_SIZE];
-		int len;
-	CODE:
-		EVP_DigestFinal(ctx,md,&len);
-		RETVAL.dptr=md;
-		RETVAL.dsize=len;
-	OUTPUT:
-		RETVAL
-
-void
-p5_EVP_MD_DESTROY(ctx)
-	EVP_MD_CTX *ctx
-	CODE:
-	free((char *)ctx);
-
diff --git a/crypto/openssl/perl/openssl_err.xs b/crypto/openssl/perl/openssl_err.xs
deleted file mode 100644
index 3a6f698f2854..000000000000
--- a/crypto/openssl/perl/openssl_err.xs
+++ /dev/null
@@ -1,47 +0,0 @@
-
-#include "openssl.h"
-
-int boot_err()
-	{
-	SSL_load_error_strings();
-	return(1);
-	}
-
-MODULE =  OpenSSL::ERR	PACKAGE = OpenSSL::ERR	PREFIX = p5_ERR_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-#	md->error() - returns the last error in text or numeric context
-
-void
-p5_ERR_get_error(...)
-	PPCODE:
-		char buf[512];
-		unsigned long l;
-
-		pr_name("p5_ERR_get_code");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		l=ERR_get_error();
-		ERR_error_string(l,buf);
-		sv_setiv(ST(0),l);
-		sv_setpv(ST(0),buf);
-		SvIOK_on(ST(0));
-
-void
-p5_ERR_peek_error(...)
-	PPCODE:
-		char buf[512];
-		unsigned long l;
-
-		pr_name("p5_ERR_get_code");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		l=ERR_peek_error();
-		ERR_error_string(l,buf);
-		sv_setiv(ST(0),l);
-		sv_setpv(ST(0),buf);
-		SvIOK_on(ST(0));
-
-
diff --git a/crypto/openssl/perl/openssl_ssl.xs b/crypto/openssl/perl/openssl_ssl.xs
deleted file mode 100644
index c7d1b171abfa..000000000000
--- a/crypto/openssl/perl/openssl_ssl.xs
+++ /dev/null
@@ -1,483 +0,0 @@
-
-#include "openssl.h"
-
-static int p5_ssl_ex_ssl_ptr=0;
-static int p5_ssl_ex_ssl_info_callback=0;
-static int p5_ssl_ex_ssl_ctx_ptr=0;
-static int p5_ssl_ctx_ex_ssl_info_callback=0;
-
-typedef struct ssl_ic_args_st {
-	SV *cb;
-	SV *arg;
-	} SSL_IC_ARGS;
-
-static void p5_ssl_info_callback(ssl,mode,ret)
-SSL *ssl;
-int mode;
-int ret;
-	{
-	int i;
-	SV *me,*cb;
-
-	me=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
-	cb=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_info_callback);
-	if (cb == NULL)
-		cb=(SV *)SSL_CTX_get_ex_data(
-			SSL_get_SSL_CTX(ssl),p5_ssl_ctx_ex_ssl_info_callback);
-	if (cb != NULL)
-		{
-		dSP;
-
-		PUSHMARK(sp);
-		XPUSHs(me);
-		XPUSHs(sv_2mortal(newSViv(mode)));
-		XPUSHs(sv_2mortal(newSViv(ret)));
-		PUTBACK;
-
-		i=perl_call_sv(cb,G_DISCARD);
-		}
-	else
-		{
-		croak("Internal error in SSL p5_ssl_info_callback");
-		}
-	}
-
-int boot_ssl()
-	{
-	p5_ssl_ex_ssl_ptr=		
-		SSL_get_ex_new_index(0,"OpenSSL::SSL",ex_new,NULL,ex_cleanup);
-	p5_ssl_ex_ssl_info_callback=
-		SSL_get_ex_new_index(0,"ssl_info_callback",NULL,NULL,
-			ex_cleanup);
-	p5_ssl_ex_ssl_ctx_ptr=
-		SSL_get_ex_new_index(0,"ssl_ctx_ptr",NULL,NULL,
-			ex_cleanup);
-	p5_ssl_ctx_ex_ssl_info_callback=
-		SSL_CTX_get_ex_new_index(0,"ssl_ctx_info_callback",NULL,NULL,
-			ex_cleanup);
-	return(1);
-	}
-
-MODULE =  OpenSSL::SSL	PACKAGE = OpenSSL::SSL::CTX PREFIX = p5_SSL_CTX_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-void
-p5_SSL_CTX_new(...)
-	PREINIT:
-		SSL_METHOD *meth;
-		SSL_CTX *ctx;
-		char *method;
-	PPCODE:
-		pr_name("p5_SSL_CTX_new");
-		if ((items == 1) && SvPOK(ST(0)))
-			method=SvPV(ST(0),na);
-		else if ((items == 2) && SvPOK(ST(1)))
-			method=SvPV(ST(1),na);
-		else
-			croak("Usage: OpenSSL::SSL::CTX::new(type)");
-			
-		if (strcmp(method,"SSLv3") == 0)
-			meth=SSLv3_method();
-		else if (strcmp(method,"SSLv3_client") == 0)
-			meth=SSLv3_client_method();
-		else if (strcmp(method,"SSLv3_server") == 0)
-			meth=SSLv3_server_method();
-		else if (strcmp(method,"SSLv23") == 0)
-			meth=SSLv23_method();
-		else if (strcmp(method,"SSLv23_client") == 0)
-			meth=SSLv23_client_method();
-		else if (strcmp(method,"SSLv23_server") == 0)
-			meth=SSLv23_server_method();
-		else if (strcmp(method,"SSLv2") == 0)
-			meth=SSLv2_method();
-		else if (strcmp(method,"SSLv2_client") == 0)
-			meth=SSLv2_client_method();
-		else if (strcmp(method,"SSLv2_server") == 0)
-			meth=SSLv2_server_method();
-		else if (strcmp(method,"TLSv1") == 0)
-			meth=TLSv1_method();
-		else if (strcmp(method,"TLSv1_client") == 0)
-			meth=TLSv1_client_method();
-		else if (strcmp(method,"TLSv1_server") == 0)
-			meth=TLSv1_server_method();
-		else
-			{
-			croak("Not a valid SSL method name, should be 'SSLv[23] [client|server]'");
-			}
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ctx=SSL_CTX_new(meth);
-		sv_setref_pv(ST(0), "OpenSSL::SSL::CTX", (void*)ctx);
-
-int
-p5_SSL_CTX_use_PrivateKey_file(ctx,file,...)
-	SSL_CTX *ctx;
-	char *file;
-	PREINIT:
-		int i=SSL_FILETYPE_PEM;
-		char *ptr;
-	CODE:
-		pr_name("p5_SSL_CTX_use_PrivateKey_file");
-		if (items > 3)
-			croak("OpenSSL::SSL::CTX::use_PrivateKey_file(ssl_ctx,file[,type])");
-		if (items == 3)
-			{
-			ptr=SvPV(ST(2),na);
-			if (strcmp(ptr,"der") == 0)
-				i=SSL_FILETYPE_ASN1;
-			else
-				i=SSL_FILETYPE_PEM;
-			}
-		RETVAL=SSL_CTX_use_RSAPrivateKey_file(ctx,file,i);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_CTX_set_options(ctx,...)
-	SSL_CTX *ctx;
-	PREINIT:
-		int i;
-		char *ptr;
-		SV *sv;
-	CODE:
-		pr_name("p5_SSL_CTX_set_options");
-
-		for (i=1; i<items; i++)
-			{
-			if (!SvPOK(ST(i)))
-				croak("Usage: OpenSSL::SSL_CTX::set_options(ssl_ctx[,option,value]+)");
-			ptr=SvPV(ST(i),na);
-			if (strcmp(ptr,"-info_callback") == 0)
-				{
-				SSL_CTX_set_info_callback(ctx,
-					p5_ssl_info_callback);
-				sv=sv_mortalcopy(ST(i+1));
-				SvREFCNT_inc(sv);
-				SSL_CTX_set_ex_data(ctx,
-					p5_ssl_ctx_ex_ssl_info_callback,
-						(char *)sv);
-				i++;
-				}
-			else
-				{
-				croak("OpenSSL::SSL_CTX::set_options(): unknown option");
-				}
-			}
-
-void
-p5_SSL_CTX_DESTROY(ctx)
-	SSL_CTX *ctx
-	PREINIT:
-		SV *sv;
-	PPCODE:
-		pr_name_d("p5_SSL_CTX_DESTROY",ctx->references);
-		SSL_CTX_free(ctx);
-
-MODULE =  OpenSSL::SSL	PACKAGE = OpenSSL::SSL PREFIX = p5_SSL_
-
-void
-p5_SSL_new(...)
-	PREINIT:
-		SV *sv_ctx;
-		SSL_CTX *ctx;
-		SSL *ssl;
-		SV *arg;
-	PPCODE:
-		pr_name("p5_SSL_new");
-		if ((items != 1) && (items != 2))
-			croak("Usage: OpenSSL::SSL::new(ssl_ctx)");
-		if (sv_derived_from(ST(items-1),"OpenSSL::SSL::CTX"))
-			{
-			IV tmp = SvIV((SV*)SvRV(ST(items-1)));
-			ctx=(SSL_CTX *)tmp;
-			sv_ctx=ST(items-1);
-			}
-		else
-			croak("ssl_ctx is not of type OpenSSL::SSL::CTX");
-
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		ssl=SSL_new(ctx);
-		sv_setref_pv(ST(0), "OpenSSL::SSL", (void*)ssl);
-
-		/* Now this is being a little hairy, we keep a pointer to
-		 * our perl reference.  We need to do a different one
-		 * to the one we return because it will have its reference
-		 * count dropped to 0 upon return and if we up its reference
-		 * count, it will never be DESTROYED */
-		arg=newSVsv(ST(0));
-		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ptr,(char *)arg);
-		SvREFCNT_inc(sv_ctx);
-		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ctx_ptr,(char *)sv_ctx);
-
-int
-p5_SSL_connect(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_connect(ssl);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_accept(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_connect(ssl);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_sysread(ssl,in,num, ...)
-	SSL *ssl;
-	SV *in;
-	int num;
-	PREINIT:
-		int i,n,olen;
-		int offset;
-		char *p;
-	CODE:
-		offset=0;
-		if (!SvPOK(in))
-			sv_setpvn(in,"",0);
-		SvPV(in,olen);
-		if (items > 3)
-			{
-			offset=SvIV(ST(3));
-			if (offset < 0)
-				{
-				if (-offset > olen)
-					croak("Offset outside string");
-				offset+=olen;
-				}
-			}
-		if ((num+offset) > olen)
-			{
-			SvGROW(in,num+offset+1);
-			p=SvPV(in,i);
-			memset(&(p[olen]),0,(num+offset)-olen+1);
-			}
-		p=SvPV(in,n);
-
-		i=SSL_read(ssl,p+offset,num);
-		RETVAL=i;
-		if (i <= 0) i=0;
-		SvCUR_set(in,offset+i);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_syswrite(ssl,in, ...)
-	SSL *ssl;
-	SV *in;
-	PREINIT:
-		char *ptr;
-		int len,in_len;
-		int offset=0;
-		int n;
-	CODE:
-		ptr=SvPV(in,in_len);
-		if (items > 2)
-			{
-			len=SvOK(ST(2))?SvIV(ST(2)):in_len;
-			if (items > 3)
-				{
-				offset=SvIV(ST(3));
-				if (offset < 0)
-					{
-					if (-offset > in_len)
-						croak("Offset outside string");
-					offset+=in_len;
-					}
-				else if ((offset >= in_len) && (in_len > 0))
-					croak("Offset outside string");
-				}
-			if (len >= (in_len-offset))
-				len=in_len-offset;
-			}
-		else
-			len=in_len;
-
-		RETVAL=SSL_write(ssl,ptr+offset,len);
-	OUTPUT:
-		RETVAL
-
-void
-p5_SSL_set_bio(ssl,bio)
-	SSL *ssl;
-	BIO *bio;
-	CODE:
-		bio->references++;
-		SSL_set_bio(ssl,bio,bio);
-
-int
-p5_SSL_set_options(ssl,...)
-	SSL *ssl;
-	PREINIT:
-		int i;
-		char *ptr;
-		SV *sv;
-	CODE:
-		pr_name("p5_SSL_set_options");
-
-		for (i=1; i<items; i++)
-			{
-			if (!SvPOK(ST(i)))
-				croak("Usage: OpenSSL::SSL::set_options(ssl[,option,value]+)");
-			ptr=SvPV(ST(i),na);
-			if (strcmp(ptr,"-info_callback") == 0)
-				{
-				SSL_set_info_callback(ssl,
-					p5_ssl_info_callback);
-				sv=sv_mortalcopy(ST(i+1));
-				SvREFCNT_inc(sv);
-				SSL_set_ex_data(ssl,
-					p5_ssl_ex_ssl_info_callback,(char *)sv);
-				i++;
-				}
-			else if (strcmp(ptr,"-connect_state") == 0)
-				{
-				SSL_set_connect_state(ssl);
-				}
-			else if (strcmp(ptr,"-accept_state") == 0)
-				{
-				SSL_set_accept_state(ssl);
-				}
-			else
-				{
-				croak("OpenSSL::SSL::set_options(): unknown option");
-				}
-			}
-
-void
-p5_SSL_state(ssl)
-	SSL *ssl;
-	PREINIT:
-		int state;
-	PPCODE:
-		pr_name("p5_SSL_state");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		state=SSL_state(ssl);
-		sv_setpv(ST(0),SSL_state_string_long(ssl));
-		sv_setiv(ST(0),state);
-		SvPOK_on(ST(0));
-
-void
-p5_SSL_DESTROY(ssl)
-	SSL *ssl;
-	CODE:
-	pr_name_dd("p5_SSL_DESTROY",ssl->references,ssl->ctx->references);
-#ifdef DEBUG
-	fprintf(stderr,"SSL_DESTROY %d\n",ssl->references);
-#endif
-	SSL_free(ssl);
-
-int
-p5_SSL_references(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=ssl->references;
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_do_handshake(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_do_handshake(ssl);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_renegotiate(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_renegotiate(ssl);
-	OUTPUT:
-		RETVAL
-
-int
-p5_SSL_shutdown(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_shutdown(ssl);
-	OUTPUT:
-		RETVAL
-
-char *
-p5_SSL_get_version(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_get_version(ssl);
-	OUTPUT:
-		RETVAL
-
-SSL_CIPHER *
-p5_SSL_get_current_cipher(ssl)
-	SSL *ssl;
-	CODE:
-		RETVAL=SSL_get_current_cipher(ssl);
-	OUTPUT:
-		RETVAL
-
-X509 *
-p5_SSL_get_peer_certificate(ssl)
-	SSL *ssl
-	CODE:
-		RETVAL=SSL_get_peer_certificate(ssl);
-	OUTPUT:
-		RETVAL
-
-MODULE =  OpenSSL::SSL	PACKAGE = OpenSSL::SSL::CIPHER PREFIX = p5_SSL_CIPHER_
-
-int
-p5_SSL_CIPHER_get_bits(sc)
-	SSL_CIPHER *sc
-	PREINIT:
-		int i,ret;
-	PPCODE:
-		EXTEND(sp,2);
-		PUSHs(sv_newmortal());
-		PUSHs(sv_newmortal());
-		ret=SSL_CIPHER_get_bits(sc,&i);
-		sv_setiv(ST(0),(IV)ret);
-		sv_setiv(ST(1),(IV)i);
-
-char *
-p5_SSL_CIPHER_get_version(sc)
-	SSL_CIPHER *sc
-	CODE:
-		RETVAL=SSL_CIPHER_get_version(sc);
-	OUTPUT:
-		RETVAL
-
-char *
-p5_SSL_CIPHER_get_name(sc)
-	SSL_CIPHER *sc
-	CODE:
-		RETVAL=SSL_CIPHER_get_name(sc);
-	OUTPUT:
-		RETVAL
-
-MODULE =  OpenSSL::SSL	PACKAGE = OpenSSL::BIO PREFIX = p5_BIO_
-
-void
-p5_BIO_get_ssl(bio)
-	BIO *bio;
-	PREINIT:
-		SSL *ssl;
-		SV *ret;
-		int i;
-	PPCODE:
-		if ((i=BIO_get_ssl(bio,&ssl)) > 0)
-			{
-			ret=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
-			ret=sv_mortalcopy(ret);
-			}
-		else
-			ret= &sv_undef;
-		EXTEND(sp,1);
-		PUSHs(ret);
-
diff --git a/crypto/openssl/perl/openssl_x509.xs b/crypto/openssl/perl/openssl_x509.xs
deleted file mode 100644
index 008d959c6420..000000000000
--- a/crypto/openssl/perl/openssl_x509.xs
+++ /dev/null
@@ -1,75 +0,0 @@
-
-#include "openssl.h"
-
-MODULE =  OpenSSL::X509	PACKAGE = OpenSSL::X509	PREFIX = p5_X509_
-
-PROTOTYPES: ENABLE
-VERSIONCHECK: DISABLE
-
-void
-p5_X509_new(void )
-	PREINIT:
-		X509 *x509;
-		SV *arg;
-	PPCODE:
-		pr_name("p5_X509_new");
-		EXTEND(sp,1);
-		PUSHs(sv_newmortal());
-		x509=X509_new();
-		sv_setref_pv(ST(0),"OpenSSL::X509",(void *)x509);
-
-char *
-p5_X509_get_subject_name(x509)
-	X509 *x509;
-	PREINIT:
-		char *p;
-		X509_NAME *name;
-		char buf[1024];
-		int i;
-	CODE:
-		name=X509_get_subject_name(x509);
-		X509_NAME_oneline(name,buf,sizeof(buf));
-		p= &(buf[0]);
-		RETVAL=p;
-	OUTPUT:
-		RETVAL
-
-char *
-p5_X509_get_issuer_name(x509)
-	X509 *x509;
-	PREINIT:
-		char *p;
-		X509_NAME *name;
-		char buf[1024];
-		int i;
-	CODE:
-		name=X509_get_issuer_name(x509);
-		X509_NAME_oneline(name,buf,sizeof(buf));
-		p= &(buf[0]);
-		RETVAL=p;
-	OUTPUT:
-		RETVAL
-
-int
-p5_X509_get_version(x509)
-	X509 *x509;
-	CODE:
-		RETVAL=X509_get_version(x509);
-	OUTPUT:
-		RETVAL
-
-BIGNUM *
-p5_X509_get_serialNumber(x509)
-	X509 *x509;
-	CODE:
-		RETVAL=ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
-	OUTPUT:
-		RETVAL
-
-void
-p5_X509_DESTROY(x509)
-	X509 *x509;
-	CODE:
-	pr_name("p5_X509_DESTROY");
-	X509_free(x509);
-
diff --git a/crypto/openssl/perl/t/01-use.t b/crypto/openssl/perl/t/01-use.t
deleted file mode 100644
index e24fd1f5045b..000000000000
--- a/crypto/openssl/perl/t/01-use.t
+++ /dev/null
@@ -1,13 +0,0 @@
-
-BEGIN { 
-    $| = 1; 
-    print "1..1\n";
-}
-END {
-	print "not ok 1\n" unless $loaded;
-}
-use OpenSSL;
-$loaded = 1;
-print "ok 1\n";
-
-
diff --git a/crypto/openssl/perl/t/02-version.t b/crypto/openssl/perl/t/02-version.t
deleted file mode 100644
index 8b5f6a0c9772..000000000000
--- a/crypto/openssl/perl/t/02-version.t
+++ /dev/null
@@ -1,10 +0,0 @@
-
-print "1..1\n";
-use OpenSSL;
-if ($OpenSSL::VERSION ne '') {
-    print "ok 1\n";
-}
-else {
-    print "not ok 1\n";
-}
-
diff --git a/crypto/openssl/perl/t/03-bio.t b/crypto/openssl/perl/t/03-bio.t
deleted file mode 100644
index e3ed7ed842e5..000000000000
--- a/crypto/openssl/perl/t/03-bio.t
+++ /dev/null
@@ -1,16 +0,0 @@
-
-BEGIN { 
-    $| = 1; 
-    print "1..1\n";
-}
-END {
-	print "not ok 1\n" unless $ok;
-}
-
-use OpenSSL;
-my $bio = OpenSSL::BIO::new("mem") || die;
-undef $bio;
-
-$ok = 1;
-print "ok 1\n";
-
diff --git a/crypto/openssl/perl/typemap b/crypto/openssl/perl/typemap
deleted file mode 100644
index f67b598adf12..000000000000
--- a/crypto/openssl/perl/typemap
+++ /dev/null
@@ -1,96 +0,0 @@
-
-datum			T_DATUM
-EVP_MD_CTX *		T_MD_CTX
-EVP_CIPHER_CTX *	T_CIPHER_CTX
-BIGNUM *		T_BIGNUM
-SSL_METHOD *		T_SSL_METHOD
-SSL_CTX *		T_SSL_CTX
-SSL_CIPHER *		T_SSL_CIPHER
-SSL *			T_SSL
-BIO *			T_BIO
-X509 *			T_X509
-
-INPUT
-T_DATUM
-	$var.dptr=SvPV($arg,$var.dsize);
-T_MD_CTX
-	if (sv_derived_from($arg, \"OpenSSL::MD\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (EVP_MD_CTX *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::MD\")
-T_CIPHER_CTX
-	if (sv_derived_from($arg, \"OpenSSL::Cipher\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (EVP_CIPHER_CTX *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::Cipher\")
-T_BIGNUM
-	sv_to_BIGNUM(&($var),$arg,\"$var is not of type OpenSSL::MD, int or string\")
-T_SSL_METHOD
-	if (sv_derived_from($arg, \"OpenSSL::SSL::METHOD\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (SSL_METHOD *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::SSL::METHOD\")
-T_SSL_CTX
-	if (sv_derived_from($arg, \"OpenSSL::SSL::CTX\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (SSL_CTX *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::SSL::CTX\")
-T_SSL_CIPHER
-	if (sv_derived_from($arg, \"OpenSSL::SSL::CIPHER\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (SSL_CIPHER *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::SSL::CIPHER\")
-T_SSL
-	if (sv_derived_from($arg, \"OpenSSL::SSL\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (SSL *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::SSL\")
-T_BIO
-	if (sv_derived_from($arg, \"OpenSSL::BIO\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (BIO *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::BIO\")
-T_X509
-	if (sv_derived_from($arg, \"OpenSSL::X509\")) {
-		IV tmp = SvIV((SV*)SvRV($arg));
-		$var = (X509 *) tmp;
-		}
-	else
-		croak(\"$var is not of type OpenSSL::X509\")
-OUTPUT
-T_DATUM
-	sv_setpvn($arg,$var.dptr,$var.dsize);
-T_MD_CTX
-	sv_setref_pv($arg, \"OpenSSL::MD\", (void*)$var);
-T_CIPHER_CTX
-	sv_setref_pv($arg, \"OpenSSL::Cipher\", (void*)$var);
-T_BIGNUM
-	sv_setref_pv($arg, \"OpenSSL::BN\", (void*)$var);
-T_SSL_METHOD
-	sv_setref_pv($arg, \"OpenSSL::SSL::METHOD\", (void*)$var);
-T_SSL_CTX
-	sv_setref_pv($arg, \"OpenSSL::SSL::CTX\", (void*)$var);
-T_SSL_CIPHER
-	sv_setref_pv($arg, \"OpenSSL::SSL::CIPHER\", (void*)$var);
-T_SSL
-	sv_setref_pv($arg, \"OpenSSL::SSL\", (void*)$var);
-T_BIO
-	sv_setref_pv($arg, \"OpenSSL::BIO\", (void*)$var);
-T_X509
-	sv_setref_pv($arg, \"OpenSSL::X509\", (void*)$var);
-
-
diff --git a/crypto/openssl/rsaref/Makefile.save b/crypto/openssl/rsaref/Makefile.save
deleted file mode 100644
index 8f27c48a5a6a..000000000000
--- a/crypto/openssl/rsaref/Makefile.save
+++ /dev/null
@@ -1,102 +0,0 @@
-#
-# SSLeay/rsaref/Makefile
-#
-
-DIR=	rsaref
-TOP=	..
-CC=	cc
-INCLUDES= -I../crypto -I../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile rsaref-lib.com install.com
-TEST=
-APPS=
-
-LIB=$(TOP)/libRSAglue.a
-LIBSRC=	rsaref.c rsar_err.c
-LIBOBJ= rsaref.o rsar_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=	rsaref.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=rsaref all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
-	-@if [ "x`echo x $(EX_LIBS) | grep RSAglue`" != x ]; then \
-	    echo "installing libRSAglue.a"; \
-	    cp $(LIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	    $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	    chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	fi
-
-#	@for i in $(EXHEADER) ; \
-#	do  \
-#	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-#	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-#	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsar_err.o: ../include/openssl/bio.h ../include/openssl/bn.h
-rsar_err.o: ../include/openssl/crypto.h ../include/openssl/err.h
-rsar_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-rsar_err.o: ../include/openssl/opensslv.h ../include/openssl/rsa.h
-rsar_err.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
-rsar_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsaref.o: ../crypto/cryptlib.h ../include/openssl/bio.h ../include/openssl/bn.h
-rsaref.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-rsaref.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsaref.o: ../include/openssl/err.h ../include/openssl/lhash.h
-rsaref.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsaref.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-rsaref.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
-rsaref.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
diff --git a/crypto/openssl/rsaref/Makefile.ssl b/crypto/openssl/rsaref/Makefile.ssl
deleted file mode 100644
index 8f27c48a5a6a..000000000000
--- a/crypto/openssl/rsaref/Makefile.ssl
+++ /dev/null
@@ -1,102 +0,0 @@
-#
-# SSLeay/rsaref/Makefile
-#
-
-DIR=	rsaref
-TOP=	..
-CC=	cc
-INCLUDES= -I../crypto -I../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile rsaref-lib.com install.com
-TEST=
-APPS=
-
-LIB=$(TOP)/libRSAglue.a
-LIBSRC=	rsaref.c rsar_err.c
-LIBOBJ= rsaref.o rsar_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=	rsaref.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=rsaref all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
-	-@if [ "x`echo x $(EX_LIBS) | grep RSAglue`" != x ]; then \
-	    echo "installing libRSAglue.a"; \
-	    cp $(LIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	    $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	    chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/libRSAglue.a; \
-	fi
-
-#	@for i in $(EXHEADER) ; \
-#	do  \
-#	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-#	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-#	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsar_err.o: ../include/openssl/bio.h ../include/openssl/bn.h
-rsar_err.o: ../include/openssl/crypto.h ../include/openssl/err.h
-rsar_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-rsar_err.o: ../include/openssl/opensslv.h ../include/openssl/rsa.h
-rsar_err.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
-rsar_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsaref.o: ../crypto/cryptlib.h ../include/openssl/bio.h ../include/openssl/bn.h
-rsaref.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-rsaref.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsaref.o: ../include/openssl/err.h ../include/openssl/lhash.h
-rsaref.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsaref.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-rsaref.o: ../include/openssl/rsaref.h ../include/openssl/safestack.h
-rsaref.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
diff --git a/crypto/openssl/rsaref/rsar_err.c b/crypto/openssl/rsaref/rsar_err.c
deleted file mode 100644
index 5e7871f8032f..000000000000
--- a/crypto/openssl/rsaref/rsar_err.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* rsaref/rsar_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rsaref.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA RSAREF_str_functs[]=
-	{
-{ERR_PACK(0,RSAREF_F_BN_REF_MOD_EXP,0),	"BN_REF_MOD_EXP"},
-{ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0),	"RSAREF_BN2BIN"},
-{ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0),	"RSA_BN2BIN"},
-{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0),	"RSA_private_decrypt"},
-{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0),	"RSA_private_encrypt"},
-{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0),	"RSA_public_decrypt"},
-{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0),	"RSA_public_encrypt"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_BN2BIN,0),	"RSA_REF_BN2BIN"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_MOD_EXP,0),	"RSA_REF_MOD_EXP"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_DECRYPT,0),	"RSA_REF_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,0),	"RSA_REF_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_DECRYPT,0),	"RSA_REF_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,0),	"RSA_REF_PUBLIC_ENCRYPT"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA RSAREF_str_reasons[]=
-	{
-{RSAREF_R_CONTENT_ENCODING               ,"content encoding"},
-{RSAREF_R_DATA                           ,"data"},
-{RSAREF_R_DIGEST_ALGORITHM               ,"digest algorithm"},
-{RSAREF_R_ENCODING                       ,"encoding"},
-{RSAREF_R_ENCRYPTION_ALGORITHM           ,"encryption algorithm"},
-{RSAREF_R_KEY                            ,"key"},
-{RSAREF_R_KEY_ENCODING                   ,"key encoding"},
-{RSAREF_R_LEN                            ,"len"},
-{RSAREF_R_MODULUS_LEN                    ,"modulus len"},
-{RSAREF_R_NEED_RANDOM                    ,"need random"},
-{RSAREF_R_PRIVATE_KEY                    ,"private key"},
-{RSAREF_R_PUBLIC_KEY                     ,"public key"},
-{RSAREF_R_SIGNATURE                      ,"signature"},
-{RSAREF_R_SIGNATURE_ENCODING             ,"signature encoding"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_RSAREF_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef NO_ERR
-		ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_functs);
-		ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/rsaref/rsaref.c b/crypto/openssl/rsaref/rsaref.c
deleted file mode 100644
index ae70feb3e9b0..000000000000
--- a/crypto/openssl/rsaref/rsaref.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* rsaref/rsaref.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rsaref.h>
-#include <openssl/rand.h>
-
-static int RSAref_bn2bin(BIGNUM * from, unsigned char* to, int max);
-#ifdef undef
-static BIGNUM* RSAref_bin2bn(unsigned char* from, BIGNUM * to, int max);
-#endif
-static int RSAref_Public_eay2ref(RSA * from, RSArefPublicKey * to);
-static int RSAref_Private_eay2ref(RSA * from, RSArefPrivateKey * to);
-int RSA_ref_private_decrypt(int len, unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-int RSA_ref_private_encrypt(int len, unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-int RSA_ref_public_encrypt(int len, unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-int RSA_ref_public_decrypt(int len, unsigned char *from,
-	unsigned char *to, RSA *rsa, int padding);
-static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
-			  BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
-static RSA_METHOD rsa_pkcs1_ref_meth={
-	"RSAref PKCS#1 RSA",
-	RSA_ref_public_encrypt,
-	RSA_ref_public_decrypt,
-	RSA_ref_private_encrypt,
-	RSA_ref_private_decrypt,
-	RSA_ref_mod_exp,
-	BN_ref_mod_exp,
-	NULL,
-	NULL,
-	0,
-	NULL,
-	};
-
-RSA_METHOD *RSA_PKCS1_RSAref(void)
-	{
-	return(&rsa_pkcs1_ref_meth);
-	}
-
-static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
-	{
-	RSAREFerr(RSAREF_F_RSA_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(0);
-	}
-
-static int BN_ref_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-	{
-	RSAREFerr(RSAREF_F_BN_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(0);
-	}
-
-/* unsigned char *to:  [max]    */
-static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
-	{
-	int i;
-
-	i=BN_num_bytes(from);
-	if (i > max)
-		{
-		RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
-		return(0);
-		}
-
-	memset(to,0,(unsigned int)max);
-	if (!BN_bn2bin(from,&(to[max-i])))
-		return(0);
-	return(1);
-	}
-
-#ifdef undef
-/* unsigned char *from:  [max]    */
-static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
-	{
-	int i;
-	BIGNUM *ret;
-
-	for (i=0; i<max; i++)
-		if (from[i]) break;
-
-	ret=BN_bin2bn(&(from[i]),max-i,to);
-	return(ret);
-	}
-
-static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
-	{
-	to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
-	to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
-	if ((to->n == NULL) || (to->e == NULL)) return(0);
-	return(1);
-	}
-#endif
-
-static int RSAref_Public_eay2ref(RSA *from, RSArefPublicKey *to)
-	{
-	to->bits=BN_num_bits(from->n);
-	if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
-	if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
-	return(1);
-	}
-
-#ifdef undef
-static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
-	{
-	if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
-		return(0);
-	if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
-		== NULL)
-		return(0);
-	if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
-		== NULL)
-		return(0);
-	if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
-		return(0);
-	return(1);
-	}
-#endif
-
-static int RSAref_Private_eay2ref(RSA *from, RSArefPrivateKey *to)
-	{
-	to->bits=BN_num_bits(from->n);
-	if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
-	if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
-	if (!RSAref_bn2bin(from->d,to->d,RSAref_MAX_LEN)) return(0);
-	if (!RSAref_bn2bin(from->p,to->prime[0],RSAref_MAX_PLEN)) return(0);
-	if (!RSAref_bn2bin(from->q,to->prime[1],RSAref_MAX_PLEN)) return(0);
-	if (!RSAref_bn2bin(from->dmp1,to->pexp[0],RSAref_MAX_PLEN)) return(0);
-	if (!RSAref_bn2bin(from->dmq1,to->pexp[1],RSAref_MAX_PLEN)) return(0);
-	if (!RSAref_bn2bin(from->iqmp,to->coef,RSAref_MAX_PLEN)) return(0);
-	return(1);
-	}
-
-int RSA_ref_private_decrypt(int len, unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	RSArefPrivateKey RSAkey;
-
-	if (!RSAref_Private_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPrivateDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-int RSA_ref_private_encrypt(int len, unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	RSArefPrivateKey RSAkey;
-
-	if (padding != RSA_PKCS1_PADDING)
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (!RSAref_Private_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPrivateEncrypt(to,&outlen,from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-int RSA_ref_public_decrypt(int len, unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int i,outlen= -1;
-	RSArefPublicKey RSAkey;
-
-	if (!RSAref_Public_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPublicDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,i);
-		outlen= -1;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	return(outlen);
-	}
-
-int RSA_ref_public_encrypt(int len, unsigned char *from, unsigned char *to,
-	     RSA *rsa, int padding)
-	{
-	int outlen= -1;
-	int i;
-	RSArefPublicKey RSAkey;
-	RSARandomState rnd;
-	unsigned char buf[16];
-
-	if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) 
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-		}
-	
-	R_RandomInit(&rnd);
-	R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
-	while (i > 0)
-		{
-		if (RAND_bytes(buf,16) <= 0)
-			goto err;
-		R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
-		i-=16;
-		}
-
-	if (!RSAref_Public_eay2ref(rsa,&RSAkey))
-		goto err;
-	if ((i=RSAPublicEncrypt(to,&outlen,from,len,&RSAkey,&rnd)) != 0)
-		{
-		RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,i);
-		outlen= -1;
-		goto err;
-		}
-err:
-	memset(&RSAkey,0,sizeof(RSAkey));
-	R_RandomFinal(&rnd);
-	memset(&rnd,0,sizeof(rnd));
-	return(outlen);
-	}
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/rsaref/rsaref.h b/crypto/openssl/rsaref/rsaref.h
deleted file mode 100644
index 4e99bda05963..000000000000
--- a/crypto/openssl/rsaref/rsaref.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/* rsaref/rsaref.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSAREF_H
-#define HEADER_RSAREF_H
-
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
- 
-/* RSAeuro */
-/*#define  RSAref_MAX_BITS		2048*/
-
-/* RSAref */
-#define  RSAref_MAX_BITS		1024
-
-#define RSAref_MIN_BITS		508
-#define RSAref_MAX_LEN		((RSAref_MAX_BITS+7)/8)
-#define RSAref_MAX_PBITS	(RSAref_MAX_BITS+1)/2
-#define RSAref_MAX_PLEN		((RSAref_MAX_PBITS+7)/8)
-
-typedef struct RSArefPublicKey_st
-	{
-	unsigned int bits;
-	unsigned char m[RSAref_MAX_LEN];
-	unsigned char e[RSAref_MAX_LEN];
-	} RSArefPublicKey;
-
-typedef struct RSArefPrivateKey_st
-	{
-	unsigned int bits;
-	unsigned char m[RSAref_MAX_LEN];
-	unsigned char e[RSAref_MAX_LEN];
-	unsigned char d[RSAref_MAX_LEN];
-	unsigned char prime[2][RSAref_MAX_PLEN];/* p & q */
-	unsigned char pexp[2][RSAref_MAX_PLEN];	/* dmp1 & dmq1 */
-	unsigned char coef[RSAref_MAX_PLEN];	/* iqmp */
-	} RSArefPrivateKey;
-
-typedef struct RSARandomState_st
-	{
-	unsigned int needed;
-	unsigned char state[16];
-	unsigned int outputnum;
-	unsigned char output[16];
-	} RSARandomState;
-
-#define RE_CONTENT_ENCODING 0x0400
-#define RE_DATA 0x0401
-#define RE_DIGEST_ALGORITHM 0x0402
-#define RE_ENCODING 0x0403
-#define RE_KEY 0x0404
-#define RE_KEY_ENCODING 0x0405
-#define RE_LEN 0x0406
-#define RE_MODULUS_LEN 0x0407
-#define RE_NEED_RANDOM 0x0408
-#define RE_PRIVATE_KEY 0x0409
-#define RE_PUBLIC_KEY 0x040a
-#define RE_SIGNATURE 0x040b
-#define RE_SIGNATURE_ENCODING 0x040c
-#define RE_ENCRYPTION_ALGORITHM 0x040d
-
-int RSAPrivateDecrypt(unsigned char *to, int *outlen, unsigned char *from,
-	int len, RSArefPrivateKey *RSAkey);
-int RSAPrivateEncrypt(unsigned char *to, int *outlen, unsigned char *from,
-	int len, RSArefPrivateKey *RSAkey);
-int RSAPublicDecrypt(unsigned char *to, int *outlen, unsigned char *from,
-	int len, RSArefPublicKey *RSAkey);
-int RSAPublicEncrypt(unsigned char *to, int *outlen, unsigned char *from,
-	int len, RSArefPublicKey *RSAkey,RSARandomState *rnd);
-int R_RandomInit(RSARandomState *rnd);
-int R_GetRandomBytesNeeded(unsigned int *,RSARandomState *rnd);
-int R_RandomUpdate(RSARandomState *rnd, unsigned char *data, unsigned int n);
-int R_RandomFinal(RSARandomState *rnd);
-
-RSA_METHOD *RSA_PKCS1_RSAref(void );
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RSAREF_strings(void);
-
-/* Error codes for the RSAREF functions. */
-
-/* Function codes. */
-#define RSAREF_F_BN_REF_MOD_EXP				 100
-#define RSAREF_F_RSAREF_BN2BIN				 101
-#define RSAREF_F_RSA_BN2BIN				 102
-#define RSAREF_F_RSA_PRIVATE_DECRYPT			 103
-#define RSAREF_F_RSA_PRIVATE_ENCRYPT			 104
-#define RSAREF_F_RSA_PUBLIC_DECRYPT			 105
-#define RSAREF_F_RSA_PUBLIC_ENCRYPT			 106
-#define RSAREF_F_RSA_REF_BN2BIN				 107
-#define RSAREF_F_RSA_REF_MOD_EXP			 108
-#define RSAREF_F_RSA_REF_PRIVATE_DECRYPT		 109
-#define RSAREF_F_RSA_REF_PRIVATE_ENCRYPT		 110
-#define RSAREF_F_RSA_REF_PUBLIC_DECRYPT			 111
-#define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT			 112
-
-/* Reason codes. */
-#define RSAREF_R_CONTENT_ENCODING			 0x0400
-#define RSAREF_R_DATA					 0x0401
-#define RSAREF_R_DIGEST_ALGORITHM			 0x0402
-#define RSAREF_R_ENCODING				 0x0403
-#define RSAREF_R_ENCRYPTION_ALGORITHM			 0x040d
-#define RSAREF_R_KEY					 0x0404
-#define RSAREF_R_KEY_ENCODING				 0x0405
-#define RSAREF_R_LEN					 0x0406
-#define RSAREF_R_MODULUS_LEN				 0x0407
-#define RSAREF_R_NEED_RANDOM				 0x0408
-#define RSAREF_R_PRIVATE_KEY				 0x0409
-#define RSAREF_R_PUBLIC_KEY				 0x040a
-#define RSAREF_R_SIGNATURE				 0x040b
-#define RSAREF_R_SIGNATURE_ENCODING			 0x040c
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/shlib/Makefile.hpux10-cc b/crypto/openssl/shlib/Makefile.hpux10-cc
deleted file mode 100644
index 4dc62ebd9ebc..000000000000
--- a/crypto/openssl/shlib/Makefile.hpux10-cc
+++ /dev/null
@@ -1,51 +0,0 @@
-# Makefile.hpux-cc
-
-major=1
-
-slib=libssl
-sh_slib=$(slib).so.$(major)
-
-clib=libcrypto
-sh_clib=$(clib).so.$(major)
-
-all : $(clib).sl $(slib).sl
-
-
-$(clib)_pic.a : $(clib).a
-	echo "Copying $? to $@"
-	cp -p $? $@
-
-$(slib)_pic.a : $(slib).a
-	echo "Copying $? to $@"
-	cp -p $? $@
-
-$(sh_clib) : $(clib)_pic.a
-	echo "collecting all object files for $@"
-	find . -name \*.o -print > allobjs
-	for obj in `ar t $(clib)_pic.a`; \
-	do \
-		grep /$$obj allobjs; \
-	done >objlist
-	echo "linking $@"
-	ld -b -s -z +h $@ -o $@ `cat objlist` -lc 
-	rm allobjs objlist
-
-$(clib).sl : $(sh_clib)
-	rm -f $@
-	ln -s $? $@
-
-$(sh_slib) : $(slib)_pic.a $(clib).sl
-	echo "collecting all object files for $@"
-	find . -name \*.o -print > allobjs
-	for obj in `ar t $(slib)_pic.a`; \
-	do \
-		grep /$$obj allobjs; \
-	done >objlist
-	echo "linking $@"
-	ld -b -s -z +h $@ +b /usr/local/ssl/lib:/usr/lib -o $@ `cat objlist` \
-			-L. -lcrypto -lc
-	rm -f allobjs objlist
-        
-$(slib).sl : $(sh_slib)
-	rm -f $@
-	ln -s $? $@
diff --git a/crypto/openssl/shlib/README b/crypto/openssl/shlib/README
deleted file mode 100644
index fea07a59eab5..000000000000
--- a/crypto/openssl/shlib/README
+++ /dev/null
@@ -1 +0,0 @@
-Only the windows NT and, linux builds have been tested for SSLeay 0.8.0
diff --git a/crypto/openssl/shlib/hpux10-cc.sh b/crypto/openssl/shlib/hpux10-cc.sh
deleted file mode 100644
index 903baaa4e7ea..000000000000
--- a/crypto/openssl/shlib/hpux10-cc.sh
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/usr/bin/sh
-#
-# Run this script from the OpenSSL root directory:
-# sh shlib/hpux10-cc.sh
-# 
-# HP-UX (10.20) shared library installation:
-# Compile and install OpenSSL with best possible optimization:
-# - shared libraries are compiled and installed with +O4 optimization
-# - executable(s) are compiled and installed with +O4 optimization
-# - static libraries are compiled and installed with +O3 optimization,
-#   to avoid the time consuming +O4 link-time optimization when using
-#   these libraries. (The shared libs are already optimized during build
-#   at +O4.)
-#
-# This script must be run with appropriate privileges to install into
-# /usr/local/ssl. HP-UX prevents used executables and shared libraries
-# from being deleted or overwritten. Stop all processes using already
-# installed items of OpenSSL.
-#
-# WARNING: At high optimization levels, HP's ANSI-C compiler can chew up
-#          large amounts of memory and CPU time. Make sure to have at least
-#          128MB of RAM available and that your kernel is configured to allow
-#          at least 128MB data size (maxdsiz parameter).
-#          The installation process can take several hours, even on fast
-#          machines. +O4 optimization of the libcrypto.sl shared library may
-#          take 1 hour on a C200 (200MHz PA8200 CPU), +O3 compilation of
-#          fcrypt_b.c can take 20 minutes on this machine. Stay patient.
-#
-# SITEFLAGS: site specific flags. I do use +DAportable, since I have to
-# support older PA1.1-type CPUs. Your mileage may vary.
-# +w1 enables enhanced warnings, useful when working with snaphots.
-#
-SITEFLAGS="+DAportable +w1"
-#
-# Set the default additions to build with HP-UX.
-# -D_REENTRANT must/should be defined on HP-UX manually, since we do call
-# Configure directly.
-# +Oall increases the optimization done.
-#
-MYFLAGS="-D_REENTRANT +Oall $SITEFLAGS"
-
-# Configure for pic and build the static pic libraries
-perl5 Configure hpux-parisc-cc-o4 +z ${MYFLAGS}
-make clean
-make DIRS="crypto ssl"
-# Rename the static pic libs and build dynamic libraries from them
-# Be prepared to see a lot of warnings about shared libraries being built
-# with optimizations higher than +O2. When using these libraries, it is
-# not possible to replace internal library functions with functions from
-# the program to be linked.
-#
-make -f shlib/Makefile.hpux10-cc
-
-# Copy the libraries to /usr/local/ssl/lib (they have to be in their
-# final location when linking applications).
-# If the directories are still there, no problem.
-mkdir /usr/local
-mkdir /usr/local/ssl
-mkdir /usr/local/ssl/lib
-chmod 444 lib*_pic.a
-chmod 555 lib*.so.1
-cp -p lib*_pic.a lib*.so.1 /usr/local/ssl/lib
-(cd /usr/local/ssl/lib ; ln -sf libcrypto.so.1 libcrypto.sl ; ln -sf libssl.so.1 libssl.sl)
-
-# Reconfigure without pic to compile the executables. Unfortunately, while
-# performing this task we have to recompile the library components, even
-# though we use the already installed shared libs anyway.
-#
-perl5 Configure hpux-parisc-cc-o4 ${MYFLAGS}
-
-make clean
-
-# Hack the Makefiles to pick up the dynamic libraries during linking
-#
-sed 's/^PEX_LIBS=.*$/PEX_LIBS=-L\/usr\/local\/ssl\/lib -Wl,+b,\/usr\/local\/ssl\/lib:\/usr\/lib/' Makefile.ssl >xxx; mv xxx Makefile.ssl
-sed 's/-L\.\.//' apps/Makefile.ssl >xxx; mv xxx apps/Makefile.ssl
-sed 's/-L\.\.//' test/Makefile.ssl >xxx; mv xxx test/Makefile.ssl
-# Build the static libs and the executables in one make.
-make
-# Install everything
-make install
-
-# Finally build the static libs with +O3. This time we only need the libraries,
-# once created, they are simply copied into place.
-#
-perl5 Configure hpux-parisc-cc ${MYFLAGS}
-make clean
-make DIRS="crypto ssl"
-chmod 644 libcrypto.a libssl.a
-cp -p libcrypto.a libssl.a /usr/local/ssl/lib
diff --git a/crypto/openssl/shlib/irix.sh b/crypto/openssl/shlib/irix.sh
deleted file mode 100644
index 22e4e6ad508d..000000000000
--- a/crypto/openssl/shlib/irix.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-FLAGS="-DTERMIOS -O2 -mips2 -DB_ENDIAN -fomit-frame-pointer -Wall -Iinclude"
-SHFLAGS="-DPIC -fpic"
-
-gcc -c -Icrypto $SHFLAGS $FLAGS -o crypto.o crypto/crypto.c
-ld -shared -o libcrypto.so crypto.o
-gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
-ld -shared -o libssl.so ssl.o
diff --git a/crypto/openssl/shlib/solaris-sc4.sh b/crypto/openssl/shlib/solaris-sc4.sh
deleted file mode 100755
index b0766b35f7ca..000000000000
--- a/crypto/openssl/shlib/solaris-sc4.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-
-major="1"
-
-slib=libssl
-sh_slib=$slib.so.$major
-
-clib=libcrypto
-sh_clib=$clib.so.$major
-
-echo collecting all object files for $clib.so
-OBJS=
-find . -name \*.o -print > allobjs
-for obj in `ar t libcrypto.a`
-do
-	OBJS="$OBJS `grep $obj allobjs`"
-done
-
-echo linking $clib.so
-cc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
-
-rm -f $clib.so
-ln -s $sh_clib $clib.so
-
-echo collecting all object files for $slib.so
-OBJS=
-for obj in `ar t libssl.a`
-do
-	OBJS="$OBJS `grep $obj allobjs`"
-done
-
-echo linking $slib.so
-cc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
-	
-rm -f $slib.so
-ln -s $sh_slib $slib.so
-
-rm -f allobjs
-
-mv libRSAglue.a libRSAglue.a.orig
-mv libcrypto.a  libcrypto.a.orig
-mv libssl.a     libssl.a.orig 
diff --git a/crypto/openssl/shlib/solaris.sh b/crypto/openssl/shlib/solaris.sh
deleted file mode 100644
index 03475f12b410..000000000000
--- a/crypto/openssl/shlib/solaris.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-echo "#define DATE      \"`date`\"" >crypto/date.h
-
-major="0"
-minor="8.0"
-slib=libssl
-clib=libcrypto
-CC=gcc
-CPP='gcc -E'
-AS=as
-#FLAGS='-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -mv8 -Wall'
-FLAGS='-DTERMIO -g2 -ggdb -DL_ENDIAN -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
-INCLUDE='-Iinclude -Icrypto -Issl'
-SHFLAGS='-DPIC -fpic'
-
-CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
-ASM_OBJ="";
-
-echo compiling bignum assember
-$AS -o bn_asm.o crypto/bn/asm/sparc.s
-CFLAGS="$CFLAGS -DBN_ASM"
-ASM_OBJ="$ASM_OBJ bn_asm.o"
-
-echo compiling $clib
-$CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
-
-echo linking $clib.so
-gcc $CFLAGS -shared -o $clib.so.$major.$minor crypto.o $ASM_OBJ -lnsl -lsocket
-
-echo compiling $slib.so
-$CC -c $CFLAGS -o ssl.o ssl/ssl.c
-
-echo building $slib.so
-gcc $CFLAGS -shared -o $slib.so ssl.o -L. -lcrypto
-
diff --git a/crypto/openssl/shlib/sun.sh b/crypto/openssl/shlib/sun.sh
deleted file mode 100644
index a890bbd37653..000000000000
--- a/crypto/openssl/shlib/sun.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-FLAGS="-DTERMIO -O3 -DB_ENDIAN -fomit-frame-pointer -mv8 -Wall -Iinclude"
-SHFLAGS="-DPIC -fpic"
-
-gcc -c -Icrypto $SHFLAGS -fpic $FLAGS -o crypto.o crypto/crypto.c
-ld -G -z text -o libcrypto.so crypto.o
-
-gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
-ld -G -z text -o libssl.so ssl.o
diff --git a/crypto/openssl/ssl/Makefile.save b/crypto/openssl/ssl/Makefile.save
deleted file mode 100644
index 61b9cee090b6..000000000000
--- a/crypto/openssl/ssl/Makefile.save
+++ /dev/null
@@ -1,884 +0,0 @@
-#
-# SSLeay/ssl/Makefile
-#
-
-DIR=	ssl
-TOP=	..
-CC=	cc
-INCLUDES= -I../crypto -I../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c
-APPS=
-
-LIB=$(TOP)/libssl.a
-LIBSRC=	\
-	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
-	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c \
-	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
-	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c \
-	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
-	ssl_ciph.c ssl_stat.c ssl_rsa.c \
-	ssl_asn1.c ssl_txt.c ssl_algs.c \
-	bio_ssl.c ssl_err.c
-LIBOBJ= \
-	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
-	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o \
-	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
-	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o \
-	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
-	ssl_ciph.o ssl_stat.o ssl_rsa.o \
-	ssl_asn1.o ssl_txt.o ssl_algs.o \
-	bio_ssl.o ssl_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h
-HEADER=	$(EXHEADER) ssl_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-bio_ssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-bio_ssl.o: ../include/openssl/des.h ../include/openssl/dh.h
-bio_ssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
-bio_ssl.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-bio_ssl.o: ../include/openssl/md2.h ../include/openssl/md4.h
-bio_ssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-bio_ssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-bio_ssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-bio_ssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-bio_ssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-bio_ssl.o: ../include/openssl/x509_vfy.h
-s23_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s23_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s23_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s23_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s23_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s23_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s23_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s23_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_lib.o: ../include/openssl/des.h ../include/openssl/dh.h
-s23_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s23_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s23_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s23_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s23_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s23_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s23_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_meth.o: ../include/openssl/des.h ../include/openssl/dh.h
-s23_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s23_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s23_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s23_meth.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s23_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s23_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s23_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s23_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s23_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s23_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h
-s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s23_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s23_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s23_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s2_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s2_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s2_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_enc.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_lib.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s2_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_meth.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_meth.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h
-s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s2_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s2_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s3_both.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_both.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_both.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_both.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_both.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_both.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_both.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_both.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_both.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_both.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_both.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s3_both.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_both.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_both.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s3_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s3_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h
-s3_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_enc.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s3_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_lib.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s3_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_meth.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_meth.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s3_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_pkt.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-s3_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h
-s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s3_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_algs.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_algs.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_algs.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_algs.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_algs.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_algs.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_algs.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_algs.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_asn1.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_asn1.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_asn1.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_asn1.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_asn1.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ssl_asn1.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_asn1.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_asn1.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_asn1.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_cert.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_cert.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_cert.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssl_cert.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-ssl_cert.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-ssl_cert.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_cert.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ssl_cert.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_cert.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_cert.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_cert.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_cert.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-ssl_cert.o: ssl_locl.h
-ssl_ciph.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_ciph.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_ciph.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_ciph.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_ciph.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_ciph.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_ciph.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_ciph.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_err.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_err.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_err.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ssl_err.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_err.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_err.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_err.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_err.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_err.o: ../include/openssl/x509_vfy.h
-ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err2.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_err2.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_err2.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err2.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ssl_err2.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_err2.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_err2.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_err2.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_err2.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_err2.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_err2.o: ../include/openssl/x509_vfy.h
-ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_lib.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_lib.o: ../include/openssl/x509v3.h ssl_locl.h
-ssl_rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_rsa.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_sess.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_sess.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_sess.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_sess.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_sess.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_sess.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ssl_sess.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_sess.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_stat.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_stat.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_stat.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_stat.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_stat.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_stat.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_stat.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_stat.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_txt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_txt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_txt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_txt.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_txt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_txt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_txt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_txt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_txt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-t1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_clnt.o: ../include/openssl/des.h ../include/openssl/dh.h
-t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-t1_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-t1_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-t1_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h
-t1_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-t1_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-t1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_enc.o: ../include/openssl/des.h ../include/openssl/dh.h
-t1_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-t1_enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-t1_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
-t1_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-t1_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-t1_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h
-t1_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-t1_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-t1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_lib.o: ../include/openssl/des.h ../include/openssl/dh.h
-t1_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-t1_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-t1_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-t1_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_meth.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_meth.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-t1_meth.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_meth.o: ../include/openssl/des.h ../include/openssl/dh.h
-t1_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-t1_meth.o: ../include/openssl/evp.h ../include/openssl/idea.h
-t1_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_meth.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-t1_meth.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-t1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_srvr.o: ../include/openssl/des.h ../include/openssl/dh.h
-t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-t1_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-t1_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-t1_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h
diff --git a/crypto/openssl/ssl/Makefile.ssl b/crypto/openssl/ssl/Makefile.ssl
deleted file mode 100644
index e36a79b2d6ff..000000000000
--- a/crypto/openssl/ssl/Makefile.ssl
+++ /dev/null
@@ -1,1024 +0,0 @@
-#
-# SSLeay/ssl/Makefile
-#
-
-DIR=	ssl
-TOP=	..
-CC=	cc
-INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-# KRB5 stuff
-KRB5_INCLUDES=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c
-APPS=
-
-LIB=$(TOP)/libssl.a
-SHARED_LIB= libssl$(SHLIB_EXT)
-LIBSRC=	\
-	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
-	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c \
-	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
-	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c \
-	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
-	ssl_ciph.c ssl_stat.c ssl_rsa.c \
-	ssl_asn1.c ssl_txt.c ssl_algs.c \
-	bio_ssl.c ssl_err.c kssl.c
-LIBOBJ= \
-	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
-	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o \
-	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
-	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o \
-	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
-	ssl_ciph.o ssl_stat.o ssl_rsa.o \
-	ssl_asn1.o ssl_txt.o ssl_algs.o \
-	bio_ssl.o ssl_err.o kssl.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h
-HEADER=	$(EXHEADER) ssl_locl.h kssl_lcl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	lib shared
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-shared:
-	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-	fi
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_ssl.o: ../include/openssl/aes.h ../include/openssl/asn1.h
-bio_ssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-bio_ssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-bio_ssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
-bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/des.h
-bio_ssl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-bio_ssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
-bio_ssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-bio_ssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-bio_ssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-bio_ssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-bio_ssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-bio_ssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-bio_ssl.o: ../include/openssl/x509_vfy.h bio_ssl.c
-kssl.o: ../include/openssl/aes.h ../include/openssl/asn1.h
-kssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-kssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-kssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
-kssl.o: ../include/openssl/crypto.h ../include/openssl/des.h
-kssl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-kssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-kssl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-kssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-kssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
-kssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-kssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-kssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-kssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-kssl.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-kssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-kssl.o: ../include/openssl/x509_vfy.h kssl.c
-s23_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s23_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s23_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s23_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s23_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s23_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_clnt.c
-s23_clnt.o: ssl_locl.h
-s23_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s23_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s23_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s23_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s23_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s23_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s23_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s23_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s23_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s23_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s23_lib.o: ../include/openssl/x509_vfy.h s23_lib.c ssl_locl.h
-s23_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s23_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s23_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s23_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s23_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s23_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s23_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s23_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s23_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s23_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s23_meth.o: ../include/openssl/x509_vfy.h s23_meth.c ssl_locl.h
-s23_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s23_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s23_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s23_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s23_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s23_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s23_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s23_pkt.o: ../include/openssl/x509_vfy.h s23_pkt.c ssl_locl.h
-s23_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s23_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s23_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s23_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s23_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s23_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s23_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s23_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_srvr.c
-s23_srvr.o: ssl_locl.h
-s2_clnt.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s2_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_clnt.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s2_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s2_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s2_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s2_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s2_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
-s2_enc.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_enc.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s2_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s2_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
-s2_enc.o: ssl_locl.h
-s2_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_lib.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s2_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s2_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_lib.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
-s2_lib.o: ssl_locl.h
-s2_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s2_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s2_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s2_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s2_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s2_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s2_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s2_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s2_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s2_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s2_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
-s2_pkt.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_pkt.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s2_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s2_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
-s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_srvr.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s2_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s2_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_srvr.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s2_srvr.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s2_srvr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s2_srvr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s2_srvr.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
-s3_both.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s3_both.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s3_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_both.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s3_both.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s3_both.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s3_both.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_both.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s3_both.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_both.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_both.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_both.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s3_both.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_both.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_both.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_both.c
-s3_both.o: ssl_locl.h
-s3_clnt.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s3_clnt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_clnt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_clnt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_clnt.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_clnt.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_clnt.o: ../include/openssl/md2.h ../include/openssl/md4.h
-s3_clnt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-s3_clnt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_clnt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s3_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
-s3_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s3_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s3_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s3_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s3_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s3_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_enc.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s3_enc.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
-s3_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s3_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s3_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s3_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s3_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s3_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s3_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s3_lib.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_lib.c ssl_locl.h
-s3_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s3_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s3_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s3_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s3_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s3_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s3_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s3_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s3_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s3_meth.o: ../include/openssl/x509_vfy.h s3_meth.c ssl_locl.h
-s3_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-s3_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-s3_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
-s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s3_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s3_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s3_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-s3_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
-s3_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-s3_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s3_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_srvr.o: ../include/openssl/des.h ../include/openssl/des_old.h
-s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s3_srvr.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s3_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s3_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s3_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s3_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_srvr.o: s3_srvr.c ssl_locl.h
-ssl_algs.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_algs.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_algs.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_algs.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_algs.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_algs.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_algs.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_algs.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_algs.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_algs.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_algs.o: ../include/openssl/x509_vfy.h ssl_algs.c ssl_locl.h
-ssl_asn1.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-ssl_asn1.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_asn1.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_asn1.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_asn1.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_asn1.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_asn1.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_asn1.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_asn1.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_asn1.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_asn1.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
-ssl_cert.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_cert.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_cert.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_cert.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_cert.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ssl_cert.o: ../include/openssl/des.h ../include/openssl/des_old.h
-ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_cert.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_cert.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_cert.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_cert.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ssl_cert.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_cert.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
-ssl_ciph.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_ciph.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_ciph.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_ciph.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_ciph.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_ciph.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_ciph.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_ciph.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_ciph.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_ciph.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_ciph.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
-ssl_err.o: ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_err.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_err.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_err.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_err.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_err.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_err.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_err.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_err.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_err.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_err.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_err.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_err.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_err.o: ../include/openssl/x509_vfy.h ssl_err.c
-ssl_err2.o: ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_err2.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_err2.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_err2.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_err2.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_err2.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_err2.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_err2.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_err2.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_err2.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_err2.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
-ssl_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
-ssl_lib.o: ssl_lib.c ssl_locl.h
-ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_rsa.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_rsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_rsa.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_rsa.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_rsa.c
-ssl_sess.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
-ssl_sess.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_sess.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_sess.o: ../include/openssl/des.h ../include/openssl/des_old.h
-ssl_sess.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssl_sess.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_sess.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssl_sess.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ssl_sess.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_sess.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_sess.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
-ssl_stat.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_stat.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_stat.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_stat.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_stat.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_stat.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_stat.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_stat.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_stat.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_stat.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.c
-ssl_txt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssl_txt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssl_txt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_txt.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssl_txt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_txt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssl_txt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssl_txt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ssl_txt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssl_txt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssl_txt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.c
-t1_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-t1_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-t1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
-t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
-t1_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-t1_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-t1_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_clnt.o: t1_clnt.c
-t1_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-t1_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-t1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
-t1_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
-t1_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-t1_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_enc.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
-t1_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-t1_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_enc.o: t1_enc.c
-t1_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-t1_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
-t1_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
-t1_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-t1_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-t1_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-t1_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-t1_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-t1_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-t1_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.c
-t1_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-t1_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
-t1_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
-t1_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-t1_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-t1_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-t1_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-t1_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-t1_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.c
-t1_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-t1_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-t1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
-t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
-t1_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
-t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-t1_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
-t1_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-t1_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-t1_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_srvr.o: t1_srvr.c
diff --git a/crypto/openssl/ssl/bio_ssl.c b/crypto/openssl/ssl/bio_ssl.c
deleted file mode 100644
index d683ee43e192..000000000000
--- a/crypto/openssl/ssl/bio_ssl.c
+++ /dev/null
@@ -1,598 +0,0 @@
-/* ssl/bio_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-static int ssl_write(BIO *h, const char *buf, int num);
-static int ssl_read(BIO *h, char *buf, int size);
-static int ssl_puts(BIO *h, const char *str);
-static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ssl_new(BIO *h);
-static int ssl_free(BIO *data);
-static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct bio_ssl_st
-	{
-	SSL *ssl; /* The ssl handle :-) */
-	/* re-negotiate every time the total number of bytes is this size */
-	int num_renegotiates;
-	unsigned long renegotiate_count;
-	unsigned long byte_count;
-	unsigned long renegotiate_timeout;
-	unsigned long last_time;
-	} BIO_SSL;
-
-static BIO_METHOD methods_sslp=
-	{
-	BIO_TYPE_SSL,"ssl",
-	ssl_write,
-	ssl_read,
-	ssl_puts,
-	NULL, /* ssl_gets, */
-	ssl_ctrl,
-	ssl_new,
-	ssl_free,
-	ssl_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_ssl(void)
-	{
-	return(&methods_sslp);
-	}
-
-static int ssl_new(BIO *bi)
-	{
-	BIO_SSL *bs;
-
-	bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
-	if (bs == NULL)
-		{
-		BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	memset(bs,0,sizeof(BIO_SSL));
-	bi->init=0;
-	bi->ptr=(char *)bs;
-	bi->flags=0;
-	return(1);
-	}
-
-static int ssl_free(BIO *a)
-	{
-	BIO_SSL *bs;
-
-	if (a == NULL) return(0);
-	bs=(BIO_SSL *)a->ptr;
-	if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
-	if (a->shutdown)
-		{
-		if (a->init && (bs->ssl != NULL))
-			SSL_free(bs->ssl);
-		a->init=0;
-		a->flags=0;
-		}
-	if (a->ptr != NULL)
-		OPENSSL_free(a->ptr);
-	return(1);
-	}
-	
-static int ssl_read(BIO *b, char *out, int outl)
-	{
-	int ret=1;
-	BIO_SSL *sb;
-	SSL *ssl;
-	int retry_reason=0;
-	int r=0;
-
-	if (out == NULL) return(0);
-	sb=(BIO_SSL *)b->ptr;
-	ssl=sb->ssl;
-
-	BIO_clear_retry_flags(b);
-
-#if 0
-	if (!SSL_is_init_finished(ssl))
-		{
-/*		ret=SSL_do_handshake(ssl); */
-		if (ret > 0)
-			{
-
-			outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
-			ret= -1;
-			goto end;
-			}
-		}
-#endif
-/*	if (ret > 0) */
-	ret=SSL_read(ssl,out,outl);
-
-	switch (SSL_get_error(ssl,ret))
-		{
-	case SSL_ERROR_NONE:
-		if (ret <= 0) break;
-		if (sb->renegotiate_count > 0)
-			{
-			sb->byte_count+=ret;
-			if (sb->byte_count > sb->renegotiate_count)
-				{
-				sb->byte_count=0;
-				sb->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				r=1;
-				}
-			}
-		if ((sb->renegotiate_timeout > 0) && (!r))
-			{
-			unsigned long tm;
-
-			tm=(unsigned long)time(NULL);
-			if (tm > sb->last_time+sb->renegotiate_timeout)
-				{
-				sb->last_time=tm;
-				sb->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				}
-			}
-
-		break;
-	case SSL_ERROR_WANT_READ:
-		BIO_set_retry_read(b);
-		break;
-	case SSL_ERROR_WANT_WRITE:
-		BIO_set_retry_write(b);
-		break;
-	case SSL_ERROR_WANT_X509_LOOKUP:
-		BIO_set_retry_special(b);
-		retry_reason=BIO_RR_SSL_X509_LOOKUP;
-		break;
-	case SSL_ERROR_WANT_ACCEPT:
-		BIO_set_retry_special(b);
-		retry_reason=BIO_RR_ACCEPT;
-		break;
-	case SSL_ERROR_WANT_CONNECT:
-		BIO_set_retry_special(b);
-		retry_reason=BIO_RR_CONNECT;
-		break;
-	case SSL_ERROR_SYSCALL:
-	case SSL_ERROR_SSL:
-	case SSL_ERROR_ZERO_RETURN:
-	default:
-		break;
-		}
-
-	b->retry_reason=retry_reason;
-	return(ret);
-	}
-
-static int ssl_write(BIO *b, const char *out, int outl)
-	{
-	int ret,r=0;
-	int retry_reason=0;
-	SSL *ssl;
-	BIO_SSL *bs;
-
-	if (out == NULL) return(0);
-	bs=(BIO_SSL *)b->ptr;
-	ssl=bs->ssl;
-
-	BIO_clear_retry_flags(b);
-
-/*	ret=SSL_do_handshake(ssl);
-	if (ret > 0) */
-	ret=SSL_write(ssl,out,outl);
-
-	switch (SSL_get_error(ssl,ret))
-		{
-	case SSL_ERROR_NONE:
-		if (ret <= 0) break;
-		if (bs->renegotiate_count > 0)
-			{
-			bs->byte_count+=ret;
-			if (bs->byte_count > bs->renegotiate_count)
-				{
-				bs->byte_count=0;
-				bs->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				r=1;
-				}
-			}
-		if ((bs->renegotiate_timeout > 0) && (!r))
-			{
-			unsigned long tm;
-
-			tm=(unsigned long)time(NULL);
-			if (tm > bs->last_time+bs->renegotiate_timeout)
-				{
-				bs->last_time=tm;
-				bs->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				}
-			}
-		break;
-	case SSL_ERROR_WANT_WRITE:
-		BIO_set_retry_write(b);
-		break;
-	case SSL_ERROR_WANT_READ:
-		BIO_set_retry_read(b);
-		break;
-	case SSL_ERROR_WANT_X509_LOOKUP:
-		BIO_set_retry_special(b);
-		retry_reason=BIO_RR_SSL_X509_LOOKUP;
-		break;
-	case SSL_ERROR_WANT_CONNECT:
-		BIO_set_retry_special(b);
-		retry_reason=BIO_RR_CONNECT;
-	case SSL_ERROR_SYSCALL:
-	case SSL_ERROR_SSL:
-	default:
-		break;
-		}
-
-	b->retry_reason=retry_reason;
-	return(ret);
-	}
-
-static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	SSL **sslp,*ssl;
-	BIO_SSL *bs;
-	BIO *dbio,*bio;
-	long ret=1;
-
-	bs=(BIO_SSL *)b->ptr;
-	ssl=bs->ssl;
-	if ((ssl == NULL)  && (cmd != BIO_C_SET_SSL))
-		return(0);
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		SSL_shutdown(ssl);
-
-		if (ssl->handshake_func == ssl->method->ssl_connect)
-			SSL_set_connect_state(ssl);
-		else if (ssl->handshake_func == ssl->method->ssl_accept)
-			SSL_set_accept_state(ssl);
-
-		SSL_clear(ssl);
-
-		if (b->next_bio != NULL)
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		else if (ssl->rbio != NULL)
-			ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
-		else
-			ret=1;
-		break;
-	case BIO_CTRL_INFO:
-		ret=0;
-		break;
-	case BIO_C_SSL_MODE:
-		if (num) /* client mode */
-			SSL_set_connect_state(ssl);
-		else
-			SSL_set_accept_state(ssl);
-		break;
-	case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
-		ret=bs->renegotiate_timeout;
-		if (num < 60) num=5;
-		bs->renegotiate_timeout=(unsigned long)num;
-		bs->last_time=(unsigned long)time(NULL);
-		break;
-	case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
-		ret=bs->renegotiate_count;
-		if ((long)num >=512)
-			bs->renegotiate_count=(unsigned long)num;
-		break;
-	case BIO_C_GET_SSL_NUM_RENEGOTIATES:
-		ret=bs->num_renegotiates;
-		break;
-	case BIO_C_SET_SSL:
-		if (ssl != NULL)
-			ssl_free(b);
-		b->shutdown=(int)num;
-		ssl=(SSL *)ptr;
-		((BIO_SSL *)b->ptr)->ssl=ssl;
-		bio=SSL_get_rbio(ssl);
-		if (bio != NULL)
-			{
-			if (b->next_bio != NULL)
-				BIO_push(bio,b->next_bio);
-			b->next_bio=bio;
-			CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
-			}
-		b->init=1;
-		break;
-	case BIO_C_GET_SSL:
-		if (ptr != NULL)
-			{
-			sslp=(SSL **)ptr;
-			*sslp=ssl;
-			}
-		else
-			ret=0;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_PENDING:
-		ret=SSL_pending(ssl);
-		if (ret == 0)
-			ret=BIO_pending(ssl->rbio);
-		break;
-	case BIO_CTRL_FLUSH:
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_PUSH:
-		if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
-			{
-			SSL_set_bio(ssl,b->next_bio,b->next_bio);
-			CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
-			}
-		break;
-	case BIO_CTRL_POP:
-		/* ugly bit of a hack */
-		if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
-			{
-			BIO_free_all(ssl->wbio);
-			}
-		if (b->next_bio != NULL)
-			{
-			CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
-			}
-		ssl->wbio=NULL;
-		ssl->rbio=NULL;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-
-		b->retry_reason=0;
-		ret=(int)SSL_do_handshake(ssl);
-
-		switch (SSL_get_error(ssl,(int)ret))
-			{
-		case SSL_ERROR_WANT_READ:
-			BIO_set_flags(b,
-				BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
-			break;
-		case SSL_ERROR_WANT_WRITE:
-			BIO_set_flags(b,
-				BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
-			break;
-		case SSL_ERROR_WANT_CONNECT:
-			BIO_set_flags(b,
-				BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
-			b->retry_reason=b->next_bio->retry_reason;
-			break;
-		default:
-			break;
-			}
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
-			SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
-		((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
-		((BIO_SSL *)dbio->ptr)->renegotiate_count=
-			((BIO_SSL *)b->ptr)->renegotiate_count;
-		((BIO_SSL *)dbio->ptr)->byte_count=
-			((BIO_SSL *)b->ptr)->byte_count;
-		((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
-			((BIO_SSL *)b->ptr)->renegotiate_timeout;
-		((BIO_SSL *)dbio->ptr)->last_time=
-			((BIO_SSL *)b->ptr)->last_time;
-		ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
-		break;
-	case BIO_C_GET_FD:
-		ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_SET_CALLBACK:
-		{
-#if 0 /* FIXME: Should this be used?  -- Richard Levitte */
-		BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		ret = -1;
-#else
-		ret=0;
-#endif
-		}
-		break;
-	case BIO_CTRL_GET_CALLBACK:
-		{
-		void (**fptr)();
-
-		fptr=(void (**)())ptr;
-		*fptr=SSL_get_info_callback(ssl);
-		}
-		break;
-	default:
-		ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-	}
-
-static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	SSL *ssl;
-	BIO_SSL *bs;
-	long ret=1;
-
-	bs=(BIO_SSL *)b->ptr;
-	ssl=bs->ssl;
-	switch (cmd)
-		{
-	case BIO_CTRL_SET_CALLBACK:
-		{
-		/* FIXME: setting this via a completely different prototype
-		   seems like a crap idea */
-		SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
-		}
-		break;
-	default:
-		ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int ssl_puts(BIO *bp, const char *str)
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=BIO_write(bp,str,n);
-	return(ret);
-	}
-
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
-	{
-#ifndef OPENSSL_NO_SOCK
-	BIO *ret=NULL,*buf=NULL,*ssl=NULL;
-
-	if ((buf=BIO_new(BIO_f_buffer())) == NULL)
-		return(NULL);
-	if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
-		goto err;
-	if ((ret=BIO_push(buf,ssl)) == NULL)
-		goto err;
-	return(ret);
-err:
-	if (buf != NULL) BIO_free(buf);
-	if (ssl != NULL) BIO_free(ssl);
-#endif
-	return(NULL);
-	}
-
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
-	{
-	BIO *ret=NULL,*con=NULL,*ssl=NULL;
-
-	if ((con=BIO_new(BIO_s_connect())) == NULL)
-		return(NULL);
-	if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
-		goto err;
-	if ((ret=BIO_push(ssl,con)) == NULL)
-		goto err;
-	return(ret);
-err:
-	if (con != NULL) BIO_free(con);
-	if (ret != NULL) BIO_free(ret);
-	return(NULL);
-	}
-
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
-	{
-	BIO *ret;
-	SSL *ssl;
-
-	if ((ret=BIO_new(BIO_f_ssl())) == NULL)
-		return(NULL);
-	if ((ssl=SSL_new(ctx)) == NULL)
-		{
-		BIO_free(ret);
-		return(NULL);
-		}
-	if (client)
-		SSL_set_connect_state(ssl);
-	else
-		SSL_set_accept_state(ssl);
-		
-	BIO_set_ssl(ret,ssl,BIO_CLOSE);
-	return(ret);
-	}
-
-int BIO_ssl_copy_session_id(BIO *t, BIO *f)
-	{
-	t=BIO_find_type(t,BIO_TYPE_SSL);
-	f=BIO_find_type(f,BIO_TYPE_SSL);
-	if ((t == NULL) || (f == NULL))
-		return(0);
-	if (	(((BIO_SSL *)t->ptr)->ssl == NULL) || 
-		(((BIO_SSL *)f->ptr)->ssl == NULL))
-		return(0);
-	SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
-	return(1);
-	}
-
-void BIO_ssl_shutdown(BIO *b)
-	{
-	SSL *s;
-
-	while (b != NULL)
-		{
-		if (b->method->type == BIO_TYPE_SSL)
-			{
-			s=((BIO_SSL *)b->ptr)->ssl;
-			SSL_shutdown(s);
-			break;
-			}
-		b=b->next_bio;
-		}
-	}
diff --git a/crypto/openssl/ssl/kssl.c b/crypto/openssl/ssl/kssl.c
deleted file mode 100644
index 327b92f33b06..000000000000
--- a/crypto/openssl/ssl/kssl.c
+++ /dev/null
@@ -1,2157 +0,0 @@
-/* ssl/kssl.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-/*  ssl/kssl.c  --  Routines to support (& debug) Kerberos5 auth for openssl
-**
-**  19990701	VRS 	Started.
-**  200011??	Jeffrey Altman, Richard Levitte
-**          		Generalized for Heimdal, Newer MIT, & Win32.
-**          		Integrated into main OpenSSL 0.9.7 snapshots.
-**  20010413	Simon Wilkinson, VRS
-**          		Real RFC2712 KerberosWrapper replaces AP_REQ.
-*/
-
-#include <openssl/opensslconf.h>
-
-#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */
-#include <time.h>
-#include <string.h>
-
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/krb5_asn.h>
-
-#ifndef OPENSSL_NO_KRB5
-
-/* 
- * When OpenSSL is built on Windows, we do not want to require that
- * the Kerberos DLLs be available in order for the OpenSSL DLLs to
- * work.  Therefore, all Kerberos routines are loaded at run time
- * and we do not link to a .LIB file.
- */
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-/* 
- * The purpose of the following pre-processor statements is to provide
- * compatibility with different releases of MIT Kerberos for Windows.
- * All versions up to 1.2 used macros.  But macros do not allow for
- * a binary compatible interface for DLLs.  Therefore, all macros are
- * being replaced by function calls.  The following code will allow
- * an OpenSSL DLL built on Windows to work whether or not the macro
- * or function form of the routines are utilized.
- */
-#ifdef  krb5_cc_get_principal
-#define NO_DEF_KRB5_CCACHE
-#undef  krb5_cc_get_principal
-#endif
-#define krb5_cc_get_principal    kssl_krb5_cc_get_principal
-
-#define krb5_free_data_contents  kssl_krb5_free_data_contents   
-#define krb5_free_context        kssl_krb5_free_context         
-#define krb5_auth_con_free       kssl_krb5_auth_con_free        
-#define krb5_free_principal      kssl_krb5_free_principal       
-#define krb5_mk_req_extended     kssl_krb5_mk_req_extended      
-#define krb5_get_credentials     kssl_krb5_get_credentials      
-#define krb5_cc_default          kssl_krb5_cc_default           
-#define krb5_sname_to_principal  kssl_krb5_sname_to_principal   
-#define krb5_init_context        kssl_krb5_init_context         
-#define krb5_free_ticket         kssl_krb5_free_ticket          
-#define krb5_rd_req              kssl_krb5_rd_req               
-#define krb5_kt_default          kssl_krb5_kt_default           
-#define krb5_kt_resolve          kssl_krb5_kt_resolve           
-/* macros in mit 1.2.2 and earlier; functions in mit 1.2.3 and greater */
-#ifndef krb5_kt_close
-#define krb5_kt_close            kssl_krb5_kt_close
-#endif /* krb5_kt_close */
-#ifndef krb5_kt_get_entry
-#define krb5_kt_get_entry        kssl_krb5_kt_get_entry
-#endif /* krb5_kt_get_entry */
-#define krb5_auth_con_init       kssl_krb5_auth_con_init        
-
-#define krb5_principal_compare   kssl_krb5_principal_compare
-#define krb5_decrypt_tkt_part    kssl_krb5_decrypt_tkt_part
-#define krb5_timeofday           kssl_krb5_timeofday
-#define krb5_rc_default           kssl_krb5_rc_default
-
-#ifdef krb5_rc_initialize
-#undef krb5_rc_initialize
-#endif
-#define krb5_rc_initialize   kssl_krb5_rc_initialize
-
-#ifdef krb5_rc_get_lifespan
-#undef krb5_rc_get_lifespan
-#endif
-#define krb5_rc_get_lifespan kssl_krb5_rc_get_lifespan
-
-#ifdef krb5_rc_destroy
-#undef krb5_rc_destroy
-#endif
-#define krb5_rc_destroy      kssl_krb5_rc_destroy
-
-#define valid_cksumtype      kssl_valid_cksumtype
-#define krb5_checksum_size   kssl_krb5_checksum_size
-#define krb5_kt_free_entry   kssl_krb5_kt_free_entry
-#define krb5_auth_con_setrcache  kssl_krb5_auth_con_setrcache
-#define krb5_auth_con_getrcache  kssl_krb5_auth_con_getrcache
-#define krb5_get_server_rcache   kssl_krb5_get_server_rcache
-
-/* Prototypes for built in stubs */
-void kssl_krb5_free_data_contents(krb5_context, krb5_data *);
-void kssl_krb5_free_principal(krb5_context, krb5_principal );
-krb5_error_code kssl_krb5_kt_resolve(krb5_context,
-                                     krb5_const char *,
-                                     krb5_keytab *);
-krb5_error_code kssl_krb5_kt_default(krb5_context,
-                                     krb5_keytab *);
-krb5_error_code kssl_krb5_free_ticket(krb5_context, krb5_ticket *);
-krb5_error_code kssl_krb5_rd_req(krb5_context, krb5_auth_context *, 
-                                 krb5_const krb5_data *,
-                                 krb5_const_principal, krb5_keytab, 
-                                 krb5_flags *,krb5_ticket **);
-
-krb5_boolean kssl_krb5_principal_compare(krb5_context, krb5_const_principal,
-                                         krb5_const_principal);
-krb5_error_code kssl_krb5_mk_req_extended(krb5_context,
-                                          krb5_auth_context  *,
-                                          krb5_const krb5_flags,
-                                          krb5_data  *,
-                                          krb5_creds  *,
-                                          krb5_data  * );
-krb5_error_code kssl_krb5_init_context(krb5_context *);
-void kssl_krb5_free_context(krb5_context);
-krb5_error_code kssl_krb5_cc_default(krb5_context,krb5_ccache  *);
-krb5_error_code kssl_krb5_sname_to_principal(krb5_context,
-                                             krb5_const char  *,
-                                             krb5_const char  *,
-                                             krb5_int32,
-                                             krb5_principal  *);
-krb5_error_code kssl_krb5_get_credentials(krb5_context,
-                                          krb5_const krb5_flags,
-                                          krb5_ccache,
-                                          krb5_creds  *,
-                                          krb5_creds  *  *);
-krb5_error_code kssl_krb5_auth_con_init(krb5_context,
-                                        krb5_auth_context  *);
-krb5_error_code kssl_krb5_cc_get_principal(krb5_context context, 
-                                           krb5_ccache cache,
-                                           krb5_principal *principal);
-krb5_error_code kssl_krb5_auth_con_free(krb5_context,krb5_auth_context);
-size_t kssl_krb5_checksum_size(krb5_context context,krb5_cksumtype ctype);
-krb5_boolean kssl_valid_cksumtype(krb5_cksumtype ctype);
-krb5_error_code krb5_kt_free_entry(krb5_context,krb5_keytab_entry FAR * );
-krb5_error_code kssl_krb5_auth_con_setrcache(krb5_context, 
-                                             krb5_auth_context, 
-                                             krb5_rcache);
-krb5_error_code kssl_krb5_get_server_rcache(krb5_context, 
-                                            krb5_const krb5_data *,
-                                            krb5_rcache *);
-krb5_error_code kssl_krb5_auth_con_getrcache(krb5_context, 
-                                             krb5_auth_context,
-                                             krb5_rcache *);
-
-/* Function pointers (almost all Kerberos functions are _stdcall) */
-static void (_stdcall *p_krb5_free_data_contents)(krb5_context, krb5_data *)
-	=NULL;
-static void (_stdcall *p_krb5_free_principal)(krb5_context, krb5_principal )
-	=NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_resolve)
-			(krb5_context, krb5_const char *, krb5_keytab *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_kt_default)(krb5_context,
-                                                     krb5_keytab *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_free_ticket)(krb5_context, 
-                                                      krb5_ticket *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_rd_req)(krb5_context, 
-                                                 krb5_auth_context *, 
-                                                 krb5_const krb5_data *,
-                                                 krb5_const_principal, 
-                                                 krb5_keytab, krb5_flags *,
-                                                 krb5_ticket **)=NULL;
-static krb5_error_code (_stdcall *p_krb5_mk_req_extended)
-			(krb5_context, krb5_auth_context *,
-			 krb5_const krb5_flags, krb5_data *, krb5_creds *,
-			 krb5_data * )=NULL;
-static krb5_error_code (_stdcall *p_krb5_init_context)(krb5_context *)=NULL;
-static void (_stdcall *p_krb5_free_context)(krb5_context)=NULL;
-static krb5_error_code (_stdcall *p_krb5_cc_default)(krb5_context,
-                                                     krb5_ccache  *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_sname_to_principal)
-			(krb5_context, krb5_const char *, krb5_const char *,
-			 krb5_int32, krb5_principal *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_get_credentials)
-			(krb5_context, krb5_const krb5_flags, krb5_ccache,
-			 krb5_creds *, krb5_creds **)=NULL;
-static krb5_error_code (_stdcall *p_krb5_auth_con_init)
-			(krb5_context, krb5_auth_context *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_cc_get_principal)
-			(krb5_context context, krb5_ccache cache,
-			 krb5_principal *principal)=NULL;
-static krb5_error_code (_stdcall *p_krb5_auth_con_free)
-			(krb5_context, krb5_auth_context)=NULL;
-static krb5_error_code (_stdcall *p_krb5_decrypt_tkt_part)
-                        (krb5_context, krb5_const krb5_keyblock *,
-                                           krb5_ticket *)=NULL;
-static krb5_error_code (_stdcall *p_krb5_timeofday)
-                        (krb5_context context, krb5_int32 *timeret)=NULL;
-static krb5_error_code (_stdcall *p_krb5_rc_default)
-                        (krb5_context context, krb5_rcache *rc)=NULL;
-static krb5_error_code (_stdcall *p_krb5_rc_initialize)
-                        (krb5_context context, krb5_rcache rc,
-                                     krb5_deltat lifespan)=NULL;
-static krb5_error_code (_stdcall *p_krb5_rc_get_lifespan)
-                        (krb5_context context, krb5_rcache rc,
-                                       krb5_deltat *lifespan)=NULL;
-static krb5_error_code (_stdcall *p_krb5_rc_destroy)
-                        (krb5_context context, krb5_rcache rc)=NULL;
-static krb5_boolean (_stdcall *p_krb5_principal_compare)
-                     (krb5_context, krb5_const_principal, krb5_const_principal)=NULL;
-static size_t (_stdcall *p_krb5_checksum_size)(krb5_context context,krb5_cksumtype ctype)=NULL;
-static krb5_boolean (_stdcall *p_valid_cksumtype)(krb5_cksumtype ctype)=NULL;
-static krb5_error_code (_stdcall *p_krb5_kt_free_entry)
-                        (krb5_context,krb5_keytab_entry * )=NULL;
-static krb5_error_code (_stdcall * p_krb5_auth_con_setrcache)(krb5_context, 
-                                                               krb5_auth_context, 
-                                                               krb5_rcache)=NULL;
-static krb5_error_code (_stdcall * p_krb5_get_server_rcache)(krb5_context, 
-                                                              krb5_const krb5_data *, 
-                                                              krb5_rcache *)=NULL;
-static krb5_error_code (* p_krb5_auth_con_getrcache)(krb5_context, 
-                                                      krb5_auth_context,
-                                                      krb5_rcache *)=NULL;
-static krb5_error_code (_stdcall * p_krb5_kt_close)(krb5_context context, 
-                                                    krb5_keytab keytab)=NULL;
-static krb5_error_code (_stdcall * p_krb5_kt_get_entry)(krb5_context context, 
-                                                        krb5_keytab keytab,
-                       krb5_const_principal principal, krb5_kvno vno,
-                       krb5_enctype enctype, krb5_keytab_entry *entry)=NULL;
-static int krb5_loaded = 0;     /* only attempt to initialize func ptrs once */
-
-/* Function to Load the Kerberos 5 DLL and initialize function pointers */
-void
-load_krb5_dll(void)
-	{
-	HANDLE hKRB5_32;
-    
-	krb5_loaded++;
-	hKRB5_32 = LoadLibrary("KRB5_32");
-	if (!hKRB5_32)
-		return;
-
-	(FARPROC) p_krb5_free_data_contents =
-		GetProcAddress( hKRB5_32, "krb5_free_data_contents" );
-	(FARPROC) p_krb5_free_context =
-		GetProcAddress( hKRB5_32, "krb5_free_context" );
-	(FARPROC) p_krb5_auth_con_free =
-		GetProcAddress( hKRB5_32, "krb5_auth_con_free" );
-	(FARPROC) p_krb5_free_principal =
-		GetProcAddress( hKRB5_32, "krb5_free_principal" );
-	(FARPROC) p_krb5_mk_req_extended =
-		GetProcAddress( hKRB5_32, "krb5_mk_req_extended" );
-	(FARPROC) p_krb5_get_credentials =
-		GetProcAddress( hKRB5_32, "krb5_get_credentials" );
-	(FARPROC) p_krb5_cc_get_principal =
-		GetProcAddress( hKRB5_32, "krb5_cc_get_principal" );
-	(FARPROC) p_krb5_cc_default =
-		GetProcAddress( hKRB5_32, "krb5_cc_default" );
-	(FARPROC) p_krb5_sname_to_principal =
-		GetProcAddress( hKRB5_32, "krb5_sname_to_principal" );
-	(FARPROC) p_krb5_init_context =
-		GetProcAddress( hKRB5_32, "krb5_init_context" );
-	(FARPROC) p_krb5_free_ticket =
-		GetProcAddress( hKRB5_32, "krb5_free_ticket" );
-	(FARPROC) p_krb5_rd_req =
-		GetProcAddress( hKRB5_32, "krb5_rd_req" );
-	(FARPROC) p_krb5_principal_compare =
-		GetProcAddress( hKRB5_32, "krb5_principal_compare" );
-	(FARPROC) p_krb5_decrypt_tkt_part =
-		GetProcAddress( hKRB5_32, "krb5_decrypt_tkt_part" );
-	(FARPROC) p_krb5_timeofday =
-		GetProcAddress( hKRB5_32, "krb5_timeofday" );
-	(FARPROC) p_krb5_rc_default =
-		GetProcAddress( hKRB5_32, "krb5_rc_default" );
-	(FARPROC) p_krb5_rc_initialize =
-		GetProcAddress( hKRB5_32, "krb5_rc_initialize" );
-	(FARPROC) p_krb5_rc_get_lifespan =
-		GetProcAddress( hKRB5_32, "krb5_rc_get_lifespan" );
-	(FARPROC) p_krb5_rc_destroy =
-		GetProcAddress( hKRB5_32, "krb5_rc_destroy" );
-	(FARPROC) p_krb5_kt_default =
-		GetProcAddress( hKRB5_32, "krb5_kt_default" );
-	(FARPROC) p_krb5_kt_resolve =
-		GetProcAddress( hKRB5_32, "krb5_kt_resolve" );
-	(FARPROC) p_krb5_auth_con_init =
-		GetProcAddress( hKRB5_32, "krb5_auth_con_init" );
-        (FARPROC) p_valid_cksumtype =
-                GetProcAddress( hKRB5_32, "valid_cksumtype" );
-        (FARPROC) p_krb5_checksum_size =
-                GetProcAddress( hKRB5_32, "krb5_checksum_size" );
-        (FARPROC) p_krb5_kt_free_entry =
-                GetProcAddress( hKRB5_32, "krb5_kt_free_entry" );
-        (FARPROC) p_krb5_auth_con_setrcache =
-                GetProcAddress( hKRB5_32, "krb5_auth_con_setrcache" );
-        (FARPROC) p_krb5_get_server_rcache =
-                GetProcAddress( hKRB5_32, "krb5_get_server_rcache" );
-        (FARPROC) p_krb5_auth_con_getrcache =
-                GetProcAddress( hKRB5_32, "krb5_auth_con_getrcache" );
-        (FARPROC) p_krb5_kt_close =
-                GetProcAddress( hKRB5_32, "krb5_kt_close" );
-        (FARPROC) p_krb5_kt_get_entry =
-                GetProcAddress( hKRB5_32, "krb5_kt_get_entry" );
-	}
-
-/* Stubs for each function to be dynamicly loaded */
-void
-kssl_krb5_free_data_contents(krb5_context CO, krb5_data  * data)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_free_data_contents )
-		p_krb5_free_data_contents(CO,data);
-	}
-
-krb5_error_code
-kssl_krb5_mk_req_extended (krb5_context CO,
-                          krb5_auth_context  * pACO,
-                          krb5_const krb5_flags F,
-                          krb5_data  * pD1,
-                          krb5_creds  * pC,
-                          krb5_data  * pD2)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_mk_req_extended )
-		return(p_krb5_mk_req_extended(CO,pACO,F,pD1,pC,pD2));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-krb5_error_code
-kssl_krb5_auth_con_init(krb5_context CO,
-                       krb5_auth_context  * pACO)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_auth_con_init )
-		return(p_krb5_auth_con_init(CO,pACO));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-krb5_error_code
-kssl_krb5_auth_con_free (krb5_context CO,
-                        krb5_auth_context ACO)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_auth_con_free )
-		return(p_krb5_auth_con_free(CO,ACO));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-krb5_error_code
-kssl_krb5_get_credentials(krb5_context CO,
-                         krb5_const krb5_flags F,
-                         krb5_ccache CC,
-                         krb5_creds  * pCR,
-                         krb5_creds  ** ppCR)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_get_credentials )
-		return(p_krb5_get_credentials(CO,F,CC,pCR,ppCR));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-krb5_error_code
-kssl_krb5_sname_to_principal(krb5_context CO,
-                            krb5_const char  * pC1,
-                            krb5_const char  * pC2,
-                            krb5_int32 I,
-                            krb5_principal  * pPR)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_sname_to_principal )
-		return(p_krb5_sname_to_principal(CO,pC1,pC2,I,pPR));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_cc_default(krb5_context CO,
-                    krb5_ccache  * pCC)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_cc_default )
-		return(p_krb5_cc_default(CO,pCC));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_init_context(krb5_context * pCO)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_init_context )
-		return(p_krb5_init_context(pCO));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-void
-kssl_krb5_free_context(krb5_context CO)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_free_context )
-		p_krb5_free_context(CO);
-	}
-
-void
-kssl_krb5_free_principal(krb5_context c, krb5_principal p)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_free_principal )
-		p_krb5_free_principal(c,p);
-	}
-
-krb5_error_code
-kssl_krb5_kt_resolve(krb5_context con,
-                    krb5_const char * sz,
-                    krb5_keytab * kt)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_kt_resolve )
-		return(p_krb5_kt_resolve(con,sz,kt));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_kt_default(krb5_context con,
-                    krb5_keytab * kt)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_kt_default )
-		return(p_krb5_kt_default(con,kt));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_free_ticket(krb5_context con,
-                     krb5_ticket * kt)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_free_ticket )
-		return(p_krb5_free_ticket(con,kt));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_rd_req(krb5_context con, krb5_auth_context * pacon,
-                krb5_const krb5_data * data,
-                krb5_const_principal princ, krb5_keytab keytab,
-                krb5_flags * flags, krb5_ticket ** pptkt)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_rd_req )
-		return(p_krb5_rd_req(con,pacon,data,princ,keytab,flags,pptkt));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_boolean
-krb5_principal_compare(krb5_context con, krb5_const_principal princ1,
-                krb5_const_principal princ2)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_principal_compare )
-		return(p_krb5_principal_compare(con,princ1,princ2));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_decrypt_tkt_part(krb5_context con, krb5_const krb5_keyblock *keys,
-                krb5_ticket *ticket)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_decrypt_tkt_part )
-		return(p_krb5_decrypt_tkt_part(con,keys,ticket));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_timeofday(krb5_context con, krb5_int32 *timeret)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_timeofday )
-		return(p_krb5_timeofday(con,timeret));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_rc_default(krb5_context con, krb5_rcache *rc)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_rc_default )
-		return(p_krb5_rc_default(con,rc));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_rc_initialize(krb5_context con, krb5_rcache rc, krb5_deltat lifespan)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_rc_initialize )
-		return(p_krb5_rc_initialize(con, rc, lifespan));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_rc_get_lifespan(krb5_context con, krb5_rcache rc, krb5_deltat *lifespanp)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_rc_get_lifespan )
-		return(p_krb5_rc_get_lifespan(con, rc, lifespanp));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-krb5_rc_destroy(krb5_context con, krb5_rcache rc)
-	{
-	if (!krb5_loaded)
-		load_krb5_dll();
-
-	if ( p_krb5_rc_destroy )
-		return(p_krb5_rc_destroy(con, rc));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-size_t 
-krb5_checksum_size(krb5_context context,krb5_cksumtype ctype)
-        {
-        if (!krb5_loaded)
-                load_krb5_dll();
-
-        if ( p_krb5_checksum_size )
-                return(p_krb5_checksum_size(context, ctype));
-        else
-                return KRB5KRB_ERR_GENERIC;
-        }
-
-krb5_boolean 
-valid_cksumtype(krb5_cksumtype ctype)
-        {
-        if (!krb5_loaded)
-                load_krb5_dll();
-
-        if ( p_valid_cksumtype )
-                return(p_valid_cksumtype(ctype));
-        else
-                return KRB5KRB_ERR_GENERIC;
-        }
-
-krb5_error_code 
-krb5_kt_free_entry(krb5_context con,krb5_keytab_entry * entry)
-        {
-        if (!krb5_loaded)
-                load_krb5_dll();
-
-        if ( p_krb5_kt_free_entry )
-                return(p_krb5_kt_free_entry(con,entry));
-        else
-                return KRB5KRB_ERR_GENERIC;
-        }
-                 
-/* Structure definitions  */
-#ifndef NO_DEF_KRB5_CCACHE
-#ifndef krb5_x
-#define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
-#define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
-#endif 
-
-typedef	krb5_pointer	krb5_cc_cursor;	/* cursor for sequential lookup */
-
-typedef struct _krb5_ccache
-	{
-	krb5_magic magic;
-	struct _krb5_cc_ops FAR *ops;
-	krb5_pointer data;
-	} *krb5_ccache;
-
-typedef struct _krb5_cc_ops
-	{
-	krb5_magic magic;
-	char  *prefix;
-	char  * (KRB5_CALLCONV *get_name)
-		(krb5_context, krb5_ccache);
-	krb5_error_code (KRB5_CALLCONV *resolve)
-		(krb5_context, krb5_ccache  *, const char  *);
-	krb5_error_code (KRB5_CALLCONV *gen_new)
-		(krb5_context, krb5_ccache  *);
-	krb5_error_code (KRB5_CALLCONV *init)
-		(krb5_context, krb5_ccache, krb5_principal);
-	krb5_error_code (KRB5_CALLCONV *destroy)
-		(krb5_context, krb5_ccache);
-	krb5_error_code (KRB5_CALLCONV *close)
-		(krb5_context, krb5_ccache);
-	krb5_error_code (KRB5_CALLCONV *store)
-		(krb5_context, krb5_ccache, krb5_creds  *);
-	krb5_error_code (KRB5_CALLCONV *retrieve)
-		(krb5_context, krb5_ccache,
-		krb5_flags, krb5_creds  *, krb5_creds  *);
-	krb5_error_code (KRB5_CALLCONV *get_princ)
-		(krb5_context, krb5_ccache, krb5_principal  *);
-	krb5_error_code (KRB5_CALLCONV *get_first)
-		(krb5_context, krb5_ccache, krb5_cc_cursor  *);
-	krb5_error_code (KRB5_CALLCONV *get_next)
-		(krb5_context, krb5_ccache,
-		krb5_cc_cursor  *, krb5_creds  *);
-	krb5_error_code (KRB5_CALLCONV *end_get)
-		(krb5_context, krb5_ccache, krb5_cc_cursor  *);
-	krb5_error_code (KRB5_CALLCONV *remove_cred)
-		(krb5_context, krb5_ccache,
-		krb5_flags, krb5_creds  *);
-	krb5_error_code (KRB5_CALLCONV *set_flags)
-		(krb5_context, krb5_ccache, krb5_flags);
-	} krb5_cc_ops;
-#endif /* NO_DEF_KRB5_CCACHE */
-
-krb5_error_code 
-kssl_krb5_cc_get_principal
-    (krb5_context context, krb5_ccache cache,
-      krb5_principal *principal)
-	{
-	if ( p_krb5_cc_get_principal )
-		return(p_krb5_cc_get_principal(context,cache,principal));
-	else
-		return(krb5_x
-			((cache)->ops->get_princ,(context, cache, principal)));
-	}
-
-krb5_error_code
-kssl_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
-                             krb5_rcache rcache)
-        {
-        if ( p_krb5_auth_con_setrcache )
-                 return(p_krb5_auth_con_setrcache(con,acon,rcache));
-        else
-                 return KRB5KRB_ERR_GENERIC;
-        }
-
-krb5_error_code
-kssl_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data * data,
-                            krb5_rcache * rcache) 
-        {
-	if ( p_krb5_get_server_rcache )
-		return(p_krb5_get_server_rcache(con,data,rcache));
-	else
-		return KRB5KRB_ERR_GENERIC;
-        }
-
-krb5_error_code
-kssl_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
-                             krb5_rcache * prcache)
-        {
-	if ( p_krb5_auth_con_getrcache )
-		return(p_krb5_auth_con_getrcache(con,acon, prcache));
-	else
-		return KRB5KRB_ERR_GENERIC;
-	}
- 
-krb5_error_code
-kssl_krb5_kt_close(krb5_context context, krb5_keytab keytab)
-	{
-	if ( p_krb5_kt_close )
-		return(p_krb5_kt_close(context,keytab));
-	else 
-		return KRB5KRB_ERR_GENERIC;
-	}
-
-krb5_error_code
-kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
-                       krb5_const_principal principal, krb5_kvno vno,
-                       krb5_enctype enctype, krb5_keytab_entry *entry)
-	{
-	if ( p_krb5_kt_get_entry )
-		return(p_krb5_kt_get_entry(context,keytab,principal,vno,enctype,entry));
-	else
-		return KRB5KRB_ERR_GENERIC;
-        }
-#endif  /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
-
-char
-*kstring(char *string)
-        {
-        static char	*null = "[NULL]";
-
-	return ((string == NULL)? null: string);
-        }
-
-/*	Given KRB5 enctype (basically DES or 3DES),
-**	return closest match openssl EVP_ encryption algorithm.
-**	Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
-**	Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK.
-*/
-const EVP_CIPHER *
-kssl_map_enc(krb5_enctype enctype)
-        {
-	switch (enctype)
-		{
-	case ENCTYPE_DES_HMAC_SHA1:		/*    EVP_des_cbc();       */
-	case ENCTYPE_DES_CBC_CRC:
-	case ENCTYPE_DES_CBC_MD4:
-	case ENCTYPE_DES_CBC_MD5:
-	case ENCTYPE_DES_CBC_RAW:
-				return EVP_des_cbc();
-				break;
-	case ENCTYPE_DES3_CBC_SHA1:		/*    EVP_des_ede3_cbc();  */
-	case ENCTYPE_DES3_CBC_SHA:
-	case ENCTYPE_DES3_CBC_RAW:
-				return EVP_des_ede3_cbc();
-				break;
-	default:                return NULL;
-				break;
-		}
-	}
-
-
-/*	Return true:1 if p "looks like" the start of the real authenticator
-**	described in kssl_skip_confound() below.  The ASN.1 pattern is
-**	"62 xx 30 yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and
-**	xx and yy are possibly multi-byte length fields.
-*/
-int 	kssl_test_confound(unsigned char *p)
-	{
-	int 	len = 2;
-	int 	xx = 0, yy = 0;
-
-	if (*p++ != 0x62)  return 0;
-	if (*p > 0x82)  return 0;
-	switch(*p)  {
-		case 0x82:  p++;          xx = (*p++ << 8);  xx += *p++;  break;
-		case 0x81:  p++;          xx =  *p++;  break;
-		case 0x80:  return 0;
-		default:    xx = *p++;  break;
-		}
-	if (*p++ != 0x30)  return 0;
-	if (*p > 0x82)  return 0;
-	switch(*p)  {
-		case 0x82:  p++; len+=2;  yy = (*p++ << 8);  yy += *p++;  break;
-		case 0x81:  p++; len++;   yy =  *p++;  break;
-		case 0x80:  return 0;
-		default:    yy = *p++;  break;
-		}
-
-	return (xx - len == yy)? 1: 0;
-	}
-
-/*	Allocate, fill, and return cksumlens array of checksum lengths.
-**	This array holds just the unique elements from the krb5_cksumarray[].
-**	array[n] == 0 signals end of data.
-**
-**      The krb5_cksumarray[] was an internal variable that has since been
-**      replaced by a more general method for storing the data.  It should
-**      not be used.  Instead we use real API calls and make a guess for 
-**      what the highest assigned CKSUMTYPE_ constant is.  As of 1.2.2
-**      it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3).  So we will use 0x0010.
-*/
-size_t  *populate_cksumlens(void)
-	{
-	int 		i, j, n;
-	static size_t 	*cklens = NULL;
-
-#ifdef KRB5_MIT_OLD11
-	n = krb5_max_cksum;
-#else
-	n = 0x0010;
-#endif	/* KRB5_MIT_OLD11 */
- 
-#ifdef KRB5CHECKAUTH
-	if (!cklens && !(cklens = (size_t *) calloc(sizeof(int),n+1)))  return NULL;
-
-	for (i=0; i < n; i++)  {
-		if (!valid_cksumtype(i))  continue;	/*  array has holes  */
-		for (j=0; j < n; j++)  {
-			if (cklens[j] == 0)  {
-				cklens[j] = krb5_checksum_size(NULL,i);
-				break;		/*  krb5 elem was new: add   */
-				}
-			if (cklens[j] == krb5_checksum_size(NULL,i))  {
-				break;		/*  ignore duplicate elements */
-				}
-			}
-		}
-#endif	/* KRB5CHECKAUTH */
-
-	return cklens;
-	}
-
-/*	Return pointer to start of real authenticator within authenticator, or
-**	return NULL on error.
-**	Decrypted authenticator looks like this:
-**		[0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]
-**	This hackery wouldn't be necessary if MIT KRB5 1.0.6 had the
-**	krb5_auth_con_getcksumtype() function advertised in its krb5.h.
-*/
-unsigned char	*kssl_skip_confound(krb5_enctype etype, unsigned char *a)
-	{
-	int 		i, conlen;
-	size_t		cklen;
-	static size_t 	*cksumlens = NULL;
-	unsigned char	*test_auth;
-
-	conlen = (etype)? 8: 0;
-
-	if (!cksumlens  &&  !(cksumlens = populate_cksumlens()))  return NULL;
-	for (i=0; (cklen = cksumlens[i]) != 0; i++)
-		{
-		test_auth = a + conlen + cklen;
-		if (kssl_test_confound(test_auth))  return test_auth;
-		}
-
-	return NULL;
-	}
-
-
-/*	Set kssl_err error info when reason text is a simple string
-**		kssl_err = struct { int reason; char text[KSSL_ERR_MAX+1]; }
-*/
-void
-kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
-        {
-	if (kssl_err == NULL)  return;
-
-	kssl_err->reason = reason;
-	BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, text);
-	return;
-        }
-
-
-/*	Display contents of krb5_data struct, for debugging
-*/
-void
-print_krb5_data(char *label, krb5_data *kdata)
-        {
-	int i;
-
-	printf("%s[%d] ", label, kdata->length);
-	for (i=0; i < kdata->length; i++)
-                {
-		if (0 &&  isprint((int) kdata->data[i]))
-                        printf(	"%c ",  kdata->data[i]);
-		else
-                        printf(	"%02x ", (unsigned char) kdata->data[i]);
-		}
-	printf("\n");
-        }
-
-
-/*	Display contents of krb5_authdata struct, for debugging
-*/
-void
-print_krb5_authdata(char *label, krb5_authdata **adata)
-        {
-	if (adata == NULL)
-                {
-		printf("%s, authdata==0\n", label);
-		return;
-		}
-	printf("%s [%p]\n", label, adata);
-#if 0
-	{
-        int 	i;
-	printf("%s[at%d:%d] ", label, adata->ad_type, adata->length);
-	for (i=0; i < adata->length; i++)
-                {
-                printf((isprint(adata->contents[i]))? "%c ": "%02x",
-                        adata->contents[i]);
-		}
-	printf("\n");
-	}
-#endif
-	}
-
-
-/*	Display contents of krb5_keyblock struct, for debugging
-*/
-void
-print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
-        {
-	int i;
-
-	if (keyblk == NULL)
-                {
-		printf("%s, keyblk==0\n", label);
-		return;
-		}
-#ifdef KRB5_HEIMDAL
-	printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
-					   keyblk->keyvalue->length);
-	for (i=0; i < keyblk->keyvalue->length; i++)
-                {
-		printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
-		}
-	printf("\n");
-#else
-	printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
-	for (i=0; i < keyblk->length; i++)
-                {
-		printf("%02x",keyblk->contents[i]);
-		}
-	printf("\n");
-#endif
-        }
-
-
-/*	Display contents of krb5_principal_data struct, for debugging
-**	(krb5_principal is typedef'd == krb5_principal_data *)
-*/
-void
-print_krb5_princ(char *label, krb5_principal_data *princ)
-        {
-	int i, ui, uj;
-
-	printf("%s principal Realm: ", label);
-	if (princ == NULL)  return;
-	for (ui=0; ui < princ->realm.length; ui++)  putchar(princ->realm.data[ui]);
-	printf(" (nametype %d) has %d strings:\n", princ->type,princ->length);
-	for (i=0; i < princ->length; i++)
-                {
-		printf("\t%d [%d]: ", i, princ->data[i].length);
-		for (uj=0; uj < princ->data[i].length; uj++)  {
-			putchar(princ->data[i].data[uj]);
-			}
-		printf("\n");
-		}
-	return;
-        }
-
-
-/*	Given krb5 service (typically "kssl") and hostname in kssl_ctx,
-**	Return encrypted Kerberos ticket for service @ hostname.
-**	If authenp is non-NULL, also return encrypted authenticator,
-**	whose data should be freed by caller.
-**	(Originally was: Create Kerberos AP_REQ message for SSL Client.)
-**
-**	19990628	VRS 	Started; Returns Kerberos AP_REQ message.
-**	20010409	VRS 	Modified for RFC2712; Returns enc tkt.
-**	20010606	VRS 	May also return optional authenticator.
-*/
-krb5_error_code
-kssl_cget_tkt(	/* UPDATE */	KSSL_CTX *kssl_ctx,
-                /* OUT    */	krb5_data **enc_ticketp,
-                /* UPDATE */	krb5_data *authenp,
-                /* OUT    */	KSSL_ERR *kssl_err)
-	{
-	krb5_error_code		krb5rc = KRB5KRB_ERR_GENERIC;
-	krb5_context		krb5context = NULL;
-	krb5_auth_context	krb5auth_context = NULL;
-	krb5_ccache 		krb5ccdef = NULL;
-	krb5_creds		krb5creds, *krb5credsp = NULL;
-	krb5_data		krb5_app_req;
-
-	kssl_err_set(kssl_err, 0, "");
-	memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
-	if (!kssl_ctx)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "No kssl_ctx defined.\n");
-		goto err;
-		}
-	else if (!kssl_ctx->service_host)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "kssl_ctx service_host undefined.\n");
-		goto err;
-		}
-
-	if ((krb5rc = krb5_init_context(&krb5context)) != 0)
-                {
-		BIO_snprintf(kssl_err->text,KSSL_ERR_MAX,
-                        "krb5_init_context() fails: %d\n", krb5rc);
-		kssl_err->reason = SSL_R_KRB5_C_INIT;
-		goto err;
-		}
-
-	if ((krb5rc = krb5_sname_to_principal(krb5context,
-                kssl_ctx->service_host,
-                (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
-                KRB5_NT_SRV_HST, &krb5creds.server)) != 0)
-                {
-		BIO_snprintf(kssl_err->text,KSSL_ERR_MAX,
-                        "krb5_sname_to_principal() fails for %s/%s\n",
-                        kssl_ctx->service_host,
-                        (kssl_ctx->service_name)? kssl_ctx->service_name:
-						  KRB5SVC);
-		kssl_err->reason = SSL_R_KRB5_C_INIT;
-		goto err;
-		}
-
-	if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
-                        "krb5_cc_default fails.\n");
-		goto err;
-		}
-
-	if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
-                &krb5creds.client)) != 0)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
-                        "krb5_cc_get_principal() fails.\n");
-		goto err;
-		}
-
-	if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
-                &krb5creds, &krb5credsp)) != 0)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_C_GET_CRED,
-                        "krb5_get_credentials() fails.\n");
-		goto err;
-		}
-
-	*enc_ticketp = &krb5credsp->ticket;
-#ifdef KRB5_HEIMDAL
-	kssl_ctx->enctype = krb5credsp->session.keytype;
-#else
-	kssl_ctx->enctype = krb5credsp->keyblock.enctype;
-#endif
-
-	krb5rc = KRB5KRB_ERR_GENERIC;
-	/*	caller should free data of krb5_app_req  */
-	/*  20010406 VRS deleted for real KerberosWrapper
-	**  20010605 VRS reinstated to offer Authenticator to KerberosWrapper
-	*/
-	krb5_app_req.length = 0;
-	if (authenp)
-                {
-		krb5_data	krb5in_data;
-		unsigned char	*p;
-		long		arlen;
-		KRB5_APREQBODY	*ap_req;
-
-		authenp->length = 0;
-		krb5in_data.data = NULL;
-		krb5in_data.length = 0;
-		if ((krb5rc = krb5_mk_req_extended(krb5context,
-			&krb5auth_context, 0, &krb5in_data, krb5credsp,
-			&krb5_app_req)) != 0)
-			{
-			kssl_err_set(kssl_err, SSL_R_KRB5_C_MK_REQ,
-				"krb5_mk_req_extended() fails.\n");
-			goto err;
-			}
-
-		arlen = krb5_app_req.length;
-		p = (unsigned char *)krb5_app_req.data;
-		ap_req = (KRB5_APREQBODY *) d2i_KRB5_APREQ(NULL, &p, arlen);
-		if (ap_req)
-			{
-			authenp->length = i2d_KRB5_ENCDATA(
-					ap_req->authenticator, NULL);
-			if (authenp->length  && 
-				(authenp->data = malloc(authenp->length)))
-				{
-				unsigned char	*adp = (unsigned char *)authenp->data;
-				authenp->length = i2d_KRB5_ENCDATA(
-						ap_req->authenticator, &adp);
-				}
-			}
-
-		if (ap_req)  KRB5_APREQ_free((KRB5_APREQ *) ap_req);
-		if (krb5_app_req.length)  
-                        kssl_krb5_free_data_contents(krb5context,&krb5_app_req);
-		}
-#ifdef KRB5_HEIMDAL
-	if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
-                        "kssl_ctx_setkey() fails.\n");
-		}
-#else
-	if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
-                        "kssl_ctx_setkey() fails.\n");
-		}
-#endif
-	else	krb5rc = 0;
-
- err:
-#ifdef KSSL_DEBUG
-	kssl_ctx_show(kssl_ctx);
-#endif	/* KSSL_DEBUG */
-
-	if (krb5creds.client)	krb5_free_principal(krb5context,
-							krb5creds.client);
-	if (krb5creds.server)	krb5_free_principal(krb5context,
-							krb5creds.server);
-	if (krb5auth_context)	krb5_auth_con_free(krb5context,
-							krb5auth_context);
-	if (krb5context)	krb5_free_context(krb5context);
-	return (krb5rc);
-	}
-
-
-/*  Given d2i_-decoded asn1ticket, allocate and return a new krb5_ticket.
-**  Return Kerberos error code and kssl_err struct on error.
-**  Allocates krb5_ticket and krb5_principal; caller should free these.
-**
-**	20010410	VRS	Implemented krb5_decode_ticket() as
-**				old_krb5_decode_ticket(). Missing from MIT1.0.6.
-**	20010615	VRS 	Re-cast as openssl/asn1 d2i_*() functions.
-**				Re-used some of the old krb5_decode_ticket()
-**				code here.  This tkt should alloc/free just
-**				like the real thing.
-*/
-krb5_error_code
-kssl_TKT2tkt(	/* IN     */	krb5_context	krb5context,
-		/* IN     */	KRB5_TKTBODY	*asn1ticket,
-		/* OUT    */	krb5_ticket	**krb5ticket,
-		/* OUT    */	KSSL_ERR *kssl_err  )
-        {
-        krb5_error_code			krb5rc = KRB5KRB_ERR_GENERIC;
-	krb5_ticket 			*new5ticket = NULL;
-	ASN1_GENERALSTRING		*gstr_svc, *gstr_host;
-
-	*krb5ticket = NULL;
-
-	if (asn1ticket == NULL  ||  asn1ticket->realm == NULL  ||
-		asn1ticket->sname == NULL  || 
-		sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2)
-		{
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"Null field in asn1ticket.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		return KRB5KRB_ERR_GENERIC;
-		}
-
-	if ((new5ticket = (krb5_ticket *) calloc(1, sizeof(krb5_ticket)))==NULL)
-		{
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"Unable to allocate new krb5_ticket.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		return ENOMEM;		/*  or  KRB5KRB_ERR_GENERIC;	*/
-		}
-
-	gstr_svc  = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
-	gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
-
-	if ((krb5rc = kssl_build_principal_2(krb5context,
-			&new5ticket->server,
-			asn1ticket->realm->length, (char *)asn1ticket->realm->data,
-			gstr_svc->length,  (char *)gstr_svc->data,
-			gstr_host->length, (char *)gstr_host->data)) != 0)
-		{
-		free(new5ticket);
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"Error building ticket server principal.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		return krb5rc;		/*  or  KRB5KRB_ERR_GENERIC;	*/
-		}
-
-	krb5_princ_type(krb5context, new5ticket->server) =
-			asn1ticket->sname->nametype->data[0];
-	new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
-	new5ticket->enc_part.kvno = asn1ticket->encdata->kvno->data[0];
-	new5ticket->enc_part.ciphertext.length =
-			asn1ticket->encdata->cipher->length;
-	if ((new5ticket->enc_part.ciphertext.data =
-		calloc(1, asn1ticket->encdata->cipher->length)) == NULL)
-		{
-		free(new5ticket);
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"Error allocating cipher in krb5ticket.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		return KRB5KRB_ERR_GENERIC;
-		}
-	else
-		{
-		memcpy(new5ticket->enc_part.ciphertext.data,
-			asn1ticket->encdata->cipher->data,
-			asn1ticket->encdata->cipher->length);
-		}
-
-	*krb5ticket = new5ticket;
-	return 0;
-	}
-
-
-/*	Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
-**		and krb5 AP_REQ message & message length,
-**	Return Kerberos session key and client principle
-**		to SSL Server in KSSL_CTX *kssl_ctx.
-**
-**	19990702	VRS 	Started.
-*/
-krb5_error_code
-kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
-		/* IN     */	krb5_data		*indata,
-		/* OUT    */	krb5_ticket_times	*ttimes,
-		/* OUT    */	KSSL_ERR		*kssl_err  )
-        {
-        krb5_error_code			krb5rc = KRB5KRB_ERR_GENERIC;
-        static krb5_context		krb5context = NULL;
-	static krb5_auth_context	krb5auth_context = NULL;
-	krb5_ticket 			*krb5ticket = NULL;
-	KRB5_TKTBODY 			*asn1ticket = NULL;
-	unsigned char			*p;
-	krb5_keytab 			krb5keytab = NULL;
-	krb5_keytab_entry		kt_entry;
-	krb5_principal			krb5server;
-        krb5_rcache                     rcache = NULL;
-
-	kssl_err_set(kssl_err, 0, "");
-
-	if (!kssl_ctx)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"No kssl_ctx defined.\n");
-		goto err;
-		}
-
-#ifdef KSSL_DEBUG
-	printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
-#endif	/* KSSL_DEBUG */
-
-	if (!krb5context  &&  (krb5rc = krb5_init_context(&krb5context)))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "krb5_init_context() fails.\n");
-		goto err;
-		}
-	if (krb5auth_context  &&
-		(krb5rc = krb5_auth_con_free(krb5context, krb5auth_context)))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "krb5_auth_con_free() fails.\n");
-		goto err;
-		}
-	else  krb5auth_context = NULL;
-	if (!krb5auth_context  &&
-		(krb5rc = krb5_auth_con_init(krb5context, &krb5auth_context)))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "krb5_auth_con_init() fails.\n");
-		goto err;
-		}
-
- 
-	if ((krb5rc = krb5_auth_con_getrcache(krb5context, krb5auth_context,
-		&rcache)))
-		{
- 		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"krb5_auth_con_getrcache() fails.\n");
- 		goto err;
-		}
- 
-	if ((krb5rc = krb5_sname_to_principal(krb5context, NULL,
-                (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
-                KRB5_NT_SRV_HST, &krb5server)) != 0)
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "krb5_sname_to_principal() fails.\n");
-		goto err;
-		}
-
-	if (rcache == NULL) 
-                {
-                if ((krb5rc = krb5_get_server_rcache(krb5context,
-			krb5_princ_component(krb5context, krb5server, 0),
-			&rcache)))
-                        {
-		        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                                "krb5_get_server_rcache() fails.\n");
-                  	goto err;
-                        }
-                }
-
-        if ((krb5rc = krb5_auth_con_setrcache(krb5context, krb5auth_context, rcache)))
-                {
-                kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"krb5_auth_con_setrcache() fails.\n");
-                goto err;
-                }
-
-
-	/*	kssl_ctx->keytab_file == NULL ==> use Kerberos default
-	*/
-	if (kssl_ctx->keytab_file)
-		{
-		krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
-                        &krb5keytab);
-		if (krb5rc)
-			{
-			kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-				"krb5_kt_resolve() fails.\n");
-			goto err;
-			}
-		}
-	else
-		{
-                krb5rc = krb5_kt_default(krb5context,&krb5keytab);
-                if (krb5rc)
-			{
-			kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, 
-				"krb5_kt_default() fails.\n");
-			goto err;
-			}
-		}
-
-	/*	Actual Kerberos5 krb5_recvauth() has initial conversation here
-	**	o	check KRB5_SENDAUTH_BADAUTHVERS
-	**		unless KRB5_RECVAUTH_SKIP_VERSION
-	**	o	check KRB5_SENDAUTH_BADAPPLVERS
-	**	o	send "0" msg if all OK
-	*/
-
-	/*  20010411 was using AP_REQ instead of true KerberosWrapper
-	**
-	**  if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context,
-	**			&krb5in_data, krb5server, krb5keytab,
-	**			&ap_option, &krb5ticket)) != 0)  { Error }
-	*/
-
-	p = (unsigned char *)indata->data;
-	if ((asn1ticket = (KRB5_TKTBODY *) d2i_KRB5_TICKET(NULL, &p,
-						(long) indata->length)) == NULL)
-		{
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"d2i_KRB5_TICKET() ASN.1 decode failure.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		goto err;
-		}
-	
-	/* Was:  krb5rc = krb5_decode_ticket(krb5in_data,&krb5ticket)) != 0) */
-	if ((krb5rc = kssl_TKT2tkt(krb5context, asn1ticket, &krb5ticket,
-					kssl_err)) != 0)
-		{
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"Error converting ASN.1 ticket to krb5_ticket.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		goto err;
-		}
-
-	if (! krb5_principal_compare(krb5context, krb5server,
-						  krb5ticket->server))  {
-		krb5rc = KRB5_PRINC_NOMATCH;
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"server principal != ticket principal\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		goto err;
-		}
-	if ((krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
-			krb5ticket->server, krb5ticket->enc_part.kvno,
-			krb5ticket->enc_part.enctype, &kt_entry)) != 0)  {
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"krb5_kt_get_entry() fails with %x.\n", krb5rc);
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		goto err;
-		}
-	if ((krb5rc = krb5_decrypt_tkt_part(krb5context, &kt_entry.key,
-			krb5ticket)) != 0)  {
-		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-			"krb5_decrypt_tkt_part() failed.\n");
-		kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-		goto err;
-		}
-	else  {
-		krb5_kt_free_entry(krb5context, &kt_entry);
-#ifdef KSSL_DEBUG
-		{
-		int i; krb5_address **paddr = krb5ticket->enc_part2->caddrs;
-		printf("Decrypted ticket fields:\n");
-		printf("\tflags: %X, transit-type: %X",
-			krb5ticket->enc_part2->flags,
-			krb5ticket->enc_part2->transited.tr_type);
-		print_krb5_data("\ttransit-data: ",
-			&(krb5ticket->enc_part2->transited.tr_contents));
-		printf("\tcaddrs: %p, authdata: %p\n",
-			krb5ticket->enc_part2->caddrs,
-			krb5ticket->enc_part2->authorization_data);
-		if (paddr)
-			{
-			printf("\tcaddrs:\n");
-			for (i=0; paddr[i] != NULL; i++)
-				{
-				krb5_data d;
-				d.length=paddr[i]->length;
-				d.data=paddr[i]->contents;
-				print_krb5_data("\t\tIP: ", &d);
-				}
-			}
-		printf("\tstart/auth/end times: %d / %d / %d\n",
-			krb5ticket->enc_part2->times.starttime,
-			krb5ticket->enc_part2->times.authtime,
-			krb5ticket->enc_part2->times.endtime);
-		}
-#endif	/* KSSL_DEBUG */
-		}
-
-	krb5rc = KRB5_NO_TKT_SUPPLIED;
-	if (!krb5ticket  ||	!krb5ticket->enc_part2  ||
-                !krb5ticket->enc_part2->client  ||
-                !krb5ticket->enc_part2->client->data  ||
-                !krb5ticket->enc_part2->session)
-                {
-                kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                        "bad ticket from krb5_rd_req.\n");
-		}
-	else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
-                &krb5ticket->enc_part2->client->realm,
-                krb5ticket->enc_part2->client->data))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                        "kssl_ctx_setprinc() fails.\n");
-		}
-	else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session))
-                {
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                        "kssl_ctx_setkey() fails.\n");
-		}
-	else if (krb5ticket->enc_part2->flags & TKT_FLG_INVALID)
-                {
-		krb5rc = KRB5KRB_AP_ERR_TKT_INVALID;
-                kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                        "invalid ticket from krb5_rd_req.\n");
-		}
-	else	krb5rc = 0;
-
-	kssl_ctx->enctype	= krb5ticket->enc_part.enctype;
-	ttimes->authtime	= krb5ticket->enc_part2->times.authtime;
-	ttimes->starttime	= krb5ticket->enc_part2->times.starttime;
-	ttimes->endtime 	= krb5ticket->enc_part2->times.endtime;
-	ttimes->renew_till	= krb5ticket->enc_part2->times.renew_till;
-
- err:
-#ifdef KSSL_DEBUG
-	kssl_ctx_show(kssl_ctx);
-#endif	/* KSSL_DEBUG */
-
-	if (asn1ticket) 	KRB5_TICKET_free((KRB5_TICKET *) asn1ticket);
-        if (krb5keytab)         krb5_kt_close(krb5context, krb5keytab);
-	if (krb5ticket) 	krb5_free_ticket(krb5context, krb5ticket);
-	if (krb5server) 	krb5_free_principal(krb5context, krb5server);
-	return (krb5rc);
-        }
-
-
-/*	Allocate & return a new kssl_ctx struct.
-*/
-KSSL_CTX	*
-kssl_ctx_new(void)
-        {
-	return ((KSSL_CTX *) calloc(1, sizeof(KSSL_CTX)));
-        }
-
-
-/*	Frees a kssl_ctx struct and any allocated memory it holds.
-**	Returns NULL.
-*/
-KSSL_CTX	*
-kssl_ctx_free(KSSL_CTX *kssl_ctx)
-        {
-	if (kssl_ctx == NULL)  return kssl_ctx;
-
-	if (kssl_ctx->key)  		OPENSSL_cleanse(kssl_ctx->key,
-							      kssl_ctx->length);
-	if (kssl_ctx->key)  		free(kssl_ctx->key);
-	if (kssl_ctx->client_princ) 	free(kssl_ctx->client_princ);
-	if (kssl_ctx->service_host) 	free(kssl_ctx->service_host);
-	if (kssl_ctx->service_name) 	free(kssl_ctx->service_name);
-	if (kssl_ctx->keytab_file) 	free(kssl_ctx->keytab_file);
-
-	free(kssl_ctx);
-	return (KSSL_CTX *) NULL;
-        }
-
-
-/*	Given a (krb5_data *) entity (and optional realm),
-**	set the plain (char *) client_princ or service_host member
-**	of the kssl_ctx struct.
-*/
-krb5_error_code
-kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
-        krb5_data *realm, krb5_data *entity)
-        {
-	char	**princ;
-	int 	length;
-
-	if (kssl_ctx == NULL  ||  entity == NULL)  return KSSL_CTX_ERR;
-
-	switch (which)
-                {
-        case KSSL_CLIENT:	princ = &kssl_ctx->client_princ;	break;
-        case KSSL_SERVER:	princ = &kssl_ctx->service_host;	break;
-        default:		return KSSL_CTX_ERR;			break;
-		}
-	if (*princ)  free(*princ);
-
-	length = entity->length + ((realm)? realm->length + 2: 1);
-	if ((*princ = calloc(1, length)) == NULL)
-		return KSSL_CTX_ERR;
-	else
-                {
-		strncpy(*princ, entity->data, entity->length);
-		(*princ)[entity->length]='\0';
-		if (realm)
-                        {
-			strcat (*princ, "@");
-			(void) strncat(*princ, realm->data, realm->length);
-			(*princ)[entity->length+1+realm->length]='\0';
-			}
-		}
-
-	return KSSL_CTX_OK;
-        }
-
-
-/*	Set one of the plain (char *) string members of the kssl_ctx struct.
-**	Default values should be:
-**		which == KSSL_SERVICE	=>	"khost" (KRB5SVC)
-**		which == KSSL_KEYTAB	=>	"/etc/krb5.keytab" (KRB5KEYTAB)
-*/
-krb5_error_code
-kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
-        {
-	char	**string;
-
-	if (!kssl_ctx)  return KSSL_CTX_ERR;
-
-	switch (which)
-                {
-        case KSSL_SERVICE:	string = &kssl_ctx->service_name;	break;
-        case KSSL_SERVER:	string = &kssl_ctx->service_host;	break;
-        case KSSL_CLIENT:	string = &kssl_ctx->client_princ;	break;
-        case KSSL_KEYTAB:	string = &kssl_ctx->keytab_file;	break;
-        default:		return KSSL_CTX_ERR;			break;
-		}
-	if (*string)  free(*string);
-
-	if (!text)
-                {
-		*string = '\0';
-		return KSSL_CTX_OK;
-		}
-
-	if ((*string = calloc(1, strlen(text) + 1)) == NULL)
-		return KSSL_CTX_ERR;
-	else
-		strcpy(*string, text);
-
-	return KSSL_CTX_OK;
-        }
-
-
-/*	Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
-**	struct.  Clear kssl_ctx->key if Kerberos session key is NULL.
-*/
-krb5_error_code
-kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
-        {
-	int 		length;
-	krb5_enctype	enctype;
-	krb5_octet FAR	*contents = NULL;
-
-	if (!kssl_ctx)  return KSSL_CTX_ERR;
-
-	if (kssl_ctx->key)
-                {
-		OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
-		free(kssl_ctx->key);
-		}
-
-	if (session)
-                {
-
-#ifdef KRB5_HEIMDAL
-		length = session->keyvalue->length;
-		enctype = session->keytype;
-		contents = session->keyvalue->contents;
-#else
-		length = session->length;
-		enctype = session->enctype;
-		contents = session->contents;
-#endif
-		kssl_ctx->enctype = enctype;
-		kssl_ctx->length  = length;
-		}
-	else
-                {
-		kssl_ctx->enctype = ENCTYPE_UNKNOWN;
-		kssl_ctx->length  = 0;
-		return KSSL_CTX_OK;
-		}
-
-	if ((kssl_ctx->key =
-                (krb5_octet FAR *) calloc(1, kssl_ctx->length)) == NULL)
-                {
-		kssl_ctx->length  = 0;
-		return KSSL_CTX_ERR;
-		}
-	else
-		memcpy(kssl_ctx->key, contents, length);
-
-	return KSSL_CTX_OK;
-        }
-
-
-/*	Display contents of kssl_ctx struct
-*/
-void
-kssl_ctx_show(KSSL_CTX *kssl_ctx)
-        {
-	int 	i;
-
-	printf("kssl_ctx: ");
-	if (kssl_ctx == NULL)
-                {
-		printf("NULL\n");
-		return;
-		}
-	else
-		printf("%p\n", kssl_ctx);
-
-	printf("\tservice:\t%s\n",
-                (kssl_ctx->service_name)? kssl_ctx->service_name: "NULL");
-	printf("\tclient:\t%s\n",
-                (kssl_ctx->client_princ)? kssl_ctx->client_princ: "NULL");
-	printf("\tserver:\t%s\n",
-                (kssl_ctx->service_host)? kssl_ctx->service_host: "NULL");
-	printf("\tkeytab:\t%s\n",
-                (kssl_ctx->keytab_file)? kssl_ctx->keytab_file: "NULL");
-	printf("\tkey [%d:%d]:\t",
-                kssl_ctx->enctype, kssl_ctx->length);
-
-	for (i=0; i < kssl_ctx->length  &&  kssl_ctx->key; i++)
-                {
-		printf("%02x", kssl_ctx->key[i]);
-		}
-	printf("\n");
-	return;
-        }
-
-    int 
-    kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
-{
-    krb5_context		krb5context = NULL;
-    krb5_keytab 		krb5keytab = NULL;
-    krb5_keytab_entry           entry;
-    krb5_principal              princ = NULL;
-    krb5_error_code  		krb5rc = KRB5KRB_ERR_GENERIC;
-    int rc = 0;
-
-    if ((krb5rc = krb5_init_context(&krb5context)))
-        return(0);
-
-    /*	kssl_ctx->keytab_file == NULL ==> use Kerberos default
-    */
-    if (kssl_ctx->keytab_file)
-    {
-        krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
-                                  &krb5keytab);
-        if (krb5rc)
-            goto exit;
-    }
-    else
-    {
-        krb5rc = krb5_kt_default(krb5context,&krb5keytab);
-        if (krb5rc)
-            goto exit;
-    }
-
-    /* the host key we are looking for */
-    krb5rc = krb5_sname_to_principal(krb5context, NULL, 
-                                     kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
-                                     KRB5_NT_SRV_HST, &princ);
-
-    krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, 
-                                princ,
-                                0 /* IGNORE_VNO */,
-                                0 /* IGNORE_ENCTYPE */,
-                                &entry);
-    if ( krb5rc == KRB5_KT_NOTFOUND ) {
-        rc = 1;
-        goto exit;
-    } else if ( krb5rc )
-        goto exit;
-    
-    krb5_kt_free_entry(krb5context, &entry);
-    rc = 1;
-
-  exit:
-    if (krb5keytab)     krb5_kt_close(krb5context, krb5keytab);
-    if (princ)          krb5_free_principal(krb5context, princ);
-    if (krb5context)	krb5_free_context(krb5context);
-    return(rc);
-}
-
-int 
-kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
-        {
-        krb5_error_code		krb5rc = KRB5KRB_ERR_GENERIC;
-        krb5_context		krb5context = NULL;
-        krb5_ccache 		krb5ccdef = NULL;
-        krb5_creds		krb5creds, *krb5credsp = NULL;
-        int                     rc = 0;
-
-        memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
-        if (!kssl_ctx)
-            return(0);
-
-        if (!kssl_ctx->service_host)
-            return(0);
-
-        if ((krb5rc = krb5_init_context(&krb5context)) != 0)
-            goto err;
-
-        if ((krb5rc = krb5_sname_to_principal(krb5context,
-                                              kssl_ctx->service_host,
-                                              (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC,
-                                              KRB5_NT_SRV_HST, &krb5creds.server)) != 0)
-            goto err;
-
-        if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
-            goto err;
-
-        if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
-                                             &krb5creds.client)) != 0)
-            goto err;
-
-        if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
-                                            &krb5creds, &krb5credsp)) != 0)
-            goto err;
-
-        rc = 1;
-
-      err:
-#ifdef KSSL_DEBUG
-	kssl_ctx_show(kssl_ctx);
-#endif	/* KSSL_DEBUG */
-
-	if (krb5creds.client)	krb5_free_principal(krb5context, krb5creds.client);
-	if (krb5creds.server)	krb5_free_principal(krb5context, krb5creds.server);
-	if (krb5context)	krb5_free_context(krb5context);
-        return(rc);
-	}
-
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WIN32)
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
-	{
-#ifdef KRB5_HEIMDAL
-	data->length = 0;
-        if (data->data)
-            free(data->data);
-#elif defined(KRB5_MIT_OLD11)
-	if (data->data)  {
-		krb5_xfree(data->data);
-		data->data = 0;
-		}
-#else
-	krb5_free_data_contents(NULL, data);
-#endif
-	}
-#endif /* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
-
-
-/*  Given pointers to KerberosTime and struct tm structs, convert the
-**  KerberosTime string to struct tm.  Note that KerberosTime is a
-**  ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional
-**  seconds as defined in RFC 1510.
-**  Return pointer to the (partially) filled in struct tm on success,
-**  return NULL on failure.
-*/
-struct tm	*k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
-	{
-	char 		c, *p;
-
-	if (!k_tm)  return NULL;
-	if (gtime == NULL  ||  gtime->length < 14)  return NULL;
-	if (gtime->data == NULL)  return NULL;
-
-	p = (char *)&gtime->data[14];
-
-	c = *p;	 *p = '\0';  p -= 2;  k_tm->tm_sec  = atoi(p);      *(p+2) = c;
-	c = *p;	 *p = '\0';  p -= 2;  k_tm->tm_min  = atoi(p);      *(p+2) = c;
-	c = *p;	 *p = '\0';  p -= 2;  k_tm->tm_hour = atoi(p);      *(p+2) = c;
-	c = *p;	 *p = '\0';  p -= 2;  k_tm->tm_mday = atoi(p);      *(p+2) = c;
-	c = *p;	 *p = '\0';  p -= 2;  k_tm->tm_mon  = atoi(p)-1;    *(p+2) = c;
-	c = *p;	 *p = '\0';  p -= 4;  k_tm->tm_year = atoi(p)-1900; *(p+4) = c;
-
-	return k_tm;
-	}
-
-
-/*  Helper function for kssl_validate_times().
-**  We need context->clockskew, but krb5_context is an opaque struct.
-**  So we try to sneek the clockskew out through the replay cache.
-**	If that fails just return a likely default (300 seconds).
-*/
-krb5_deltat	get_rc_clockskew(krb5_context context)
-	{
-	krb5_rcache 	rc;
-	krb5_deltat 	clockskew;
-
-	if (krb5_rc_default(context, &rc))  return KSSL_CLOCKSKEW;
-	if (krb5_rc_initialize(context, rc, 0))  return KSSL_CLOCKSKEW;
-	if (krb5_rc_get_lifespan(context, rc, &clockskew))  {
-		clockskew = KSSL_CLOCKSKEW;
-		}
-	(void) krb5_rc_destroy(context, rc);
-	return clockskew;
-	}
-
-
-/*  kssl_validate_times() combines (and more importantly exposes)
-**  the MIT KRB5 internal function krb5_validate_times() and the
-**  in_clock_skew() macro.  The authenticator client time is checked
-**  to be within clockskew secs of the current time and the current
-**  time is checked to be within the ticket start and expire times.
-**  Either check may be omitted by supplying a NULL value.
-**  Returns 0 for valid times, SSL_R_KRB5* error codes otherwise.
-**  See Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c
-**  20010420 VRS
-*/
-krb5_error_code  kssl_validate_times(	krb5_timestamp atime,
-					krb5_ticket_times *ttimes)
-	{
-	krb5_deltat 	skew;
-	krb5_timestamp	start, now;
-	krb5_error_code	rc;
-	krb5_context	context;
-
-	if ((rc = krb5_init_context(&context)))	 return SSL_R_KRB5_S_BAD_TICKET;
-	skew = get_rc_clockskew(context); 
-	if ((rc = krb5_timeofday(context,&now))) return SSL_R_KRB5_S_BAD_TICKET;
-	krb5_free_context(context);
-
-	if (atime  &&  labs(atime - now) >= skew)  return SSL_R_KRB5_S_TKT_SKEW;
-
-	if (! ttimes)  return 0;
-
-	start = (ttimes->starttime != 0)? ttimes->starttime: ttimes->authtime;
-	if (start - now > skew)  return SSL_R_KRB5_S_TKT_NYV;
-	if ((now - ttimes->endtime) > skew)  return SSL_R_KRB5_S_TKT_EXPIRED;
-
-#ifdef KSSL_DEBUG
-	printf("kssl_validate_times: %d |<-  | %d - %d | < %d  ->| %d\n",
-		start, atime, now, skew, ttimes->endtime);
-#endif	/* KSSL_DEBUG */
-
-	return 0;
-	}
-
-
-/*  Decode and decrypt given DER-encoded authenticator, then pass
-**  authenticator ctime back in *atimep (or 0 if time unavailable).
-**  Returns krb5_error_code and kssl_err on error.  A NULL 
-**  authenticator (authentp->length == 0) is not considered an error.
-**  Note that kssl_check_authent() makes use of the KRB5 session key;
-**  you must call kssl_sget_tkt() to get the key before calling this routine.
-*/
-krb5_error_code  kssl_check_authent(
-			/* IN     */	KSSL_CTX	*kssl_ctx,
-                        /* IN     */   	krb5_data	*authentp,
-			/* OUT    */	krb5_timestamp	*atimep,
-			/* OUT    */    KSSL_ERR	*kssl_err  )
-	{
-        krb5_error_code		krb5rc = 0;
-	KRB5_ENCDATA		*dec_authent = NULL;
-	KRB5_AUTHENTBODY	*auth = NULL;
-	krb5_enctype		enctype;
-	EVP_CIPHER_CTX		ciph_ctx;
-	const EVP_CIPHER	*enc = NULL;
-	unsigned char		iv[EVP_MAX_IV_LENGTH];
-	unsigned char		*p, *unenc_authent;
-	int 			outl, unencbufsize;
-	struct tm		tm_time, *tm_l, *tm_g;
-	time_t			now, tl, tg, tr, tz_offset;
-
-	EVP_CIPHER_CTX_init(&ciph_ctx);
-	*atimep = 0;
-	kssl_err_set(kssl_err, 0, "");
-
-#ifndef KRB5CHECKAUTH
-	authentp = NULL;
-#else
-#if	KRB5CHECKAUTH == 0
-	authentp = NULL;
-#endif
-#endif	/* KRB5CHECKAUTH */
-
-	if (authentp == NULL  ||  authentp->length == 0)  return 0;
-
-#ifdef KSSL_DEBUG
-        {
-        unsigned int ui;
-	printf("kssl_check_authent: authenticator[%d]:\n",authentp->length);
-	p = authentp->data; 
-	for (ui=0; ui < authentp->length; ui++)  printf("%02x ",p[ui]);
-	printf("\n");
-        }
-#endif	/* KSSL_DEBUG */
-
-	unencbufsize = 2 * authentp->length;
-	if ((unenc_authent = calloc(1, unencbufsize)) == NULL)
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"Unable to allocate authenticator buffer.\n");
-		krb5rc = KRB5KRB_ERR_GENERIC;
-		goto err;
-		}
-
-	p = (unsigned char *)authentp->data;
-	if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
-					(long) authentp->length)) == NULL) 
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "Error decoding authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-
-	enctype = dec_authent->etype->data[0];	/* should = kssl_ctx->enctype */
-#if !defined(KRB5_MIT_OLD11)
-            switch ( enctype ) {
-            case ENCTYPE_DES3_CBC_SHA1:		/*    EVP_des_ede3_cbc();  */
-            case ENCTYPE_DES3_CBC_SHA:
-            case ENCTYPE_DES3_CBC_RAW:
-                krb5rc = 0;                     /* Skip, can't handle derived keys */
-                goto err;
-            }
-#endif
-	enc = kssl_map_enc(enctype);
-	memset(iv, 0, sizeof iv);       /* per RFC 1510 */
-
-	if (enc == NULL)
-		{
-		/*  Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1.
-		**  This enctype indicates the authenticator was encrypted
-		**  using key-usage derived keys which openssl cannot decrypt.
-		*/
-		goto err;
-		}
-
-        if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0))
-                {
-                kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "EVP_CipherInit error decrypting authenticator.\n");
-                krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-                goto err;
-                }
-        outl = dec_authent->cipher->length;
-        if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher->data,outl))
-                {
-                kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "EVP_Cipher error decrypting authenticator.\n");
-                krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-                goto err;
-                }
-        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-#ifdef KSSL_DEBUG
-	printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
-	for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
-	printf("\n");
-#endif	/* KSSL_DEBUG */
-
-	if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL)
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "confounded by authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	outl -= p - unenc_authent;
-
-	if ((auth = (KRB5_AUTHENTBODY *) d2i_KRB5_AUTHENT(NULL, &p,
-							  (long) outl))==NULL)
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "Error decoding authenticator body.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-
-	memset(&tm_time,0,sizeof(struct tm));
-	if (k_gmtime(auth->ctime, &tm_time)  &&
-		((tr = mktime(&tm_time)) != (time_t)(-1)))
- 		{
- 		now  = time(&now);
- 		tm_l = localtime(&now); 	tl = mktime(tm_l);
- 		tm_g = gmtime(&now);		tg = mktime(tm_g);
- 		tz_offset = tg - tl;
-
-		*atimep = tr - tz_offset;
- 		}
-
-#ifdef KSSL_DEBUG
-	printf("kssl_check_authent: returns %d for client time ", *atimep);
-	if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
-		printf("%.*s\n", auth->ctime->length, auth->ctime->data);
-	else	printf("NULL\n");
-#endif	/* KSSL_DEBUG */
-
- err:
-	if (auth)		KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
-	if (dec_authent)	KRB5_ENCDATA_free(dec_authent);
-	if (unenc_authent)	free(unenc_authent);
-	EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-	return krb5rc;
-	}
-
-
-/*  Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
-**  because I dont't know how to stub varargs.
-**  Returns krb5_error_code == ENOMEM on alloc error, otherwise
-**  passes back newly constructed principal, which should be freed by caller.
-*/
-krb5_error_code  kssl_build_principal_2(
-			/* UPDATE */	krb5_context	context,
-			/* OUT    */	krb5_principal	*princ,
-			/* IN     */	int rlen,  const char *realm,
-			/* IN	  */	int slen,  const char *svc,
-			/* IN	  */	int hlen,  const char *host)
-	{
-	krb5_data		*p_data = NULL;
-	krb5_principal		new_p = NULL;
-        char			*new_r = NULL;
-
-	if ((p_data = (krb5_data *) calloc(2, sizeof(krb5_data))) == NULL  ||
-	    (new_p = (krb5_principal) calloc(1, sizeof(krb5_principal_data)))
-			== NULL)  goto err;
-	new_p->length = 2;
-	new_p->data = p_data;
-
-	if ((new_r = calloc(1, rlen + 1)) == NULL)  goto err;
-	memcpy(new_r, realm, rlen);
-	krb5_princ_set_realm_length(context, new_p, rlen);
-	krb5_princ_set_realm_data(context, new_p, new_r);
-
-	if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL)  goto err;
-	memcpy(new_p->data[0].data, svc, slen);
-	new_p->data[0].length = slen;
-
-	if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL)  goto err;
-	memcpy(new_p->data[1].data, host, hlen);
-	new_p->data[1].length = hlen;
-	
-	krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
-	*princ = new_p;
-	return 0;
-
- err:
-	if (new_p  &&  new_p[0].data)	free(new_p[0].data);
-	if (new_p  &&  new_p[1].data)	free(new_p[1].data);
-	if (new_p)	free(new_p);
-	if (new_r)	free(new_r);
-	return ENOMEM;
-	}
-
-
-#else /* !OPENSSL_NO_KRB5 */
-
-#if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
-static int dummy=(int)&dummy;
-#endif
-
-#endif	/* !OPENSSL_NO_KRB5	*/
-
diff --git a/crypto/openssl/ssl/kssl.h b/crypto/openssl/ssl/kssl.h
deleted file mode 100644
index cf7ebdd168ed..000000000000
--- a/crypto/openssl/ssl/kssl.h
+++ /dev/null
@@ -1,173 +0,0 @@
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-**	19990701	VRS 	Started.
-*/
-
-#ifndef	KSSL_H
-#define	KSSL_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_KRB5
-
-#include <stdio.h>
-#include <ctype.h>
-#include <krb5.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
-**	Depending on which KRB5 implementation used, some types from
-**	the other may be missing.  Resolve that here and now
-*/
-#ifdef KRB5_HEIMDAL
-typedef unsigned char krb5_octet;
-#define FAR
-#endif
-
-/*	Uncomment this to debug kssl problems or
-**	to trace usage of the Kerberos session key
-**
-**	#define		KSSL_DEBUG
-*/
-
-#ifndef	KRB5SVC
-#define KRB5SVC	"host"
-#endif
-
-#ifndef	KRB5KEYTAB
-#define KRB5KEYTAB	"/etc/krb5.keytab"
-#endif
-
-#ifndef KRB5SENDAUTH
-#define KRB5SENDAUTH	1
-#endif
-
-#ifndef KRB5CHECKAUTH
-#define KRB5CHECKAUTH	1
-#endif
-
-#ifndef KSSL_CLOCKSKEW
-#define	KSSL_CLOCKSKEW	300;
-#endif
-
-#define	KSSL_ERR_MAX	255
-typedef struct kssl_err_st  {
-	int  reason;
-	char text[KSSL_ERR_MAX+1];
-	} KSSL_ERR;
-
-
-/*	Context for passing
-**		(1) Kerberos session key to SSL, and
-**		(2)	Config data between application and SSL lib
-*/
-typedef struct kssl_ctx_st
-        {
-                                /*	used by:    disposition:            */
-	char *service_name;	/*	C,S	    default ok (kssl)       */
-	char *service_host;	/*	C	    input, REQUIRED         */
-	char *client_princ;	/*	S	    output from krb5 ticket */
-	char *keytab_file;	/*      S	    NULL (/etc/krb5.keytab) */
-	char *cred_cache;	/*	C	    NULL (default)          */
-	krb5_enctype enctype;
-	int length;
-	krb5_octet FAR *key;
-	} KSSL_CTX;
-
-#define	KSSL_CLIENT 	1
-#define KSSL_SERVER 	2
-#define	KSSL_SERVICE	3
-#define	KSSL_KEYTAB 	4
-
-#define KSSL_CTX_OK 	0
-#define KSSL_CTX_ERR	1
-#define KSSL_NOMEM	2
-
-/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
-KSSL_CTX *kssl_ctx_new(void);
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
-void kssl_ctx_show(KSSL_CTX *kssl_ctx);
-krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
-        krb5_data *realm, krb5_data *entity);
-krb5_error_code	kssl_cget_tkt(KSSL_CTX *kssl_ctx,  krb5_data **enc_tktp,
-        krb5_data *authenp, KSSL_ERR *kssl_err);
-krb5_error_code	kssl_sget_tkt(KSSL_CTX *kssl_ctx,  krb5_data *indata,
-        krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
-void	kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
-krb5_error_code  kssl_build_principal_2(krb5_context context,
-			krb5_principal *princ, int rlen, const char *realm,
-			int slen, const char *svc, int hlen, const char *host);
-krb5_error_code  kssl_validate_times(krb5_timestamp atime,
-					krb5_ticket_times *ttimes);
-krb5_error_code  kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
-			            krb5_timestamp *atimep, KSSL_ERR *kssl_err);
-unsigned char	*kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif	/* OPENSSL_NO_KRB5	*/
-#endif	/* KSSL_H 	*/
diff --git a/crypto/openssl/ssl/kssl_lcl.h b/crypto/openssl/ssl/kssl_lcl.h
deleted file mode 100644
index 4cd8dd2d7fe4..000000000000
--- a/crypto/openssl/ssl/kssl_lcl.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef	KSSL_LCL_H
-#define	KSSL_LCL_H
-
-#include <openssl/kssl.h>
-
-#ifndef OPENSSL_NO_KRB5
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Private (internal to OpenSSL) */
-void print_krb5_data(char *label, krb5_data *kdata);
-void print_krb5_authdata(char *label, krb5_authdata **adata);
-void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
-
-char *kstring(char *string);
-char *knumber(int len, krb5_octet *contents);
-
-EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
-
-int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
-int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif	/* OPENSSL_NO_KRB5	*/
-#endif	/* KSSL_LCL_H 	*/
diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c
deleted file mode 100644
index 64ee4269ec10..000000000000
--- a/crypto/openssl/ssl/s23_clnt.c
+++ /dev/null
@@ -1,490 +0,0 @@
-/* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static SSL_METHOD *ssl23_get_client_method(int ver);
-static int ssl23_client_hello(SSL *s);
-static int ssl23_get_server_hello(SSL *s);
-static SSL_METHOD *ssl23_get_client_method(int ver)
-	{
-#ifndef OPENSSL_NO_SSL2
-	if (ver == SSL2_VERSION)
-		return(SSLv2_client_method());
-#endif
-	if (ver == SSL3_VERSION)
-		return(SSLv3_client_method());
-	else if (ver == TLS1_VERSION)
-		return(TLSv1_client_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv23_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv23_client_data,
-				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-			SSLv23_client_data.ssl_connect=ssl23_connect;
-			SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_client_data);
-	}
-
-int ssl23_connect(SSL *s)
-	{
-	BUF_MEM *buf=NULL;
-	unsigned long Time=time(NULL);
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	int ret= -1;
-	int new_state,state;
-
-	RAND_add(&Time,sizeof(Time),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-	
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
-
-	for (;;)
-		{
-		state=s->state;
-
-		switch(s->state)
-			{
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			if (s->session != NULL)
-				{
-				SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
-				ret= -1;
-				goto end;
-				}
-			s->server=0;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			/* s->version=TLS1_VERSION; */
-			s->type=SSL_ST_CONNECT;
-
-			if (s->init_buf == NULL)
-				{
-				if ((buf=BUF_MEM_new()) == NULL)
-					{
-					ret= -1;
-					goto end;
-					}
-				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
-					{
-					ret= -1;
-					goto end;
-					}
-				s->init_buf=buf;
-				buf=NULL;
-				}
-
-			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
-
-			ssl3_init_finished_mac(s);
-
-			s->state=SSL23_ST_CW_CLNT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->init_num=0;
-			break;
-
-		case SSL23_ST_CW_CLNT_HELLO_A:
-		case SSL23_ST_CW_CLNT_HELLO_B:
-
-			s->shutdown=0;
-			ret=ssl23_client_hello(s);
-			if (ret <= 0) goto end;
-			s->state=SSL23_ST_CR_SRVR_HELLO_A;
-			s->init_num=0;
-
-			break;
-
-		case SSL23_ST_CR_SRVR_HELLO_A:
-		case SSL23_ST_CR_SRVR_HELLO_B:
-			ret=ssl23_get_server_hello(s);
-			if (ret >= 0) cb=NULL;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
-			ret= -1;
-			goto end;
-			/* break; */
-			}
-
-		if (s->debug) { (void)BIO_flush(s->wbio); }
-
-		if ((cb != NULL) && (s->state != state))
-			{
-			new_state=s->state;
-			s->state=state;
-			cb(s,SSL_CB_CONNECT_LOOP,1);
-			s->state=new_state;
-			}
-		}
-end:
-	s->in_handshake--;
-	if (buf != NULL)
-		BUF_MEM_free(buf);
-	if (cb != NULL)
-		cb(s,SSL_CB_CONNECT_EXIT,ret);
-	return(ret);
-	}
-
-
-static int ssl23_client_hello(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-	int i,ch_len;
-	int ret;
-
-	buf=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
-		{
-#if 0
-		/* don't reuse session-id's */
-		if (!ssl_get_new_session(s,0))
-			{
-			return(-1);
-			}
-#endif
-
-		p=s->s3->client_random;
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
-
-		/* Do the message type and length last */
-		d= &(buf[2]);
-		p=d+9;
-
-		*(d++)=SSL2_MT_CLIENT_HELLO;
-		if (!(s->options & SSL_OP_NO_TLSv1))
-			{
-			*(d++)=TLS1_VERSION_MAJOR;
-			*(d++)=TLS1_VERSION_MINOR;
-			s->client_version=TLS1_VERSION;
-			}
-		else if (!(s->options & SSL_OP_NO_SSLv3))
-			{
-			*(d++)=SSL3_VERSION_MAJOR;
-			*(d++)=SSL3_VERSION_MINOR;
-			s->client_version=SSL3_VERSION;
-			}
-		else if (!(s->options & SSL_OP_NO_SSLv2))
-			{
-			*(d++)=SSL2_VERSION_MAJOR;
-			*(d++)=SSL2_VERSION_MINOR;
-			s->client_version=SSL2_VERSION;
-			}
-		else
-			{
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
-			return(-1);
-			}
-
-		/* Ciphers supported */
-		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
-		if (i == 0)
-			{
-			/* no ciphers */
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-			return(-1);
-			}
-		s2n(i,d);
-		p+=i;
-
-		/* put in the session-id, zero since there is no
-		 * reuse. */
-#if 0
-		s->session->session_id_length=0;
-#endif
-		s2n(0,d);
-
-		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-			ch_len=SSL2_CHALLENGE_LENGTH;
-		else
-			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
-		/* write out sslv2 challenge */
-		if (SSL3_RANDOM_SIZE < ch_len)
-			i=SSL3_RANDOM_SIZE;
-		else
-			i=ch_len;
-		s2n(i,d);
-		memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
-		RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-		memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-		p+=i;
-
-		i= p- &(buf[2]);
-		buf[0]=((i>>8)&0xff)|0x80;
-		buf[1]=(i&0xff);
-
-		s->state=SSL23_ST_CW_CLNT_HELLO_B;
-		/* number of bytes to write */
-		s->init_num=i+2;
-		s->init_off=0;
-
-		ssl3_finish_mac(s,&(buf[2]),i);
-		}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	ret = ssl23_write_bytes(s);
-	if (ret >= 2)
-		if (s->msg_callback)
-			s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
-	return ret;
-	}
-
-static int ssl23_get_server_hello(SSL *s)
-	{
-	char buf[8];
-	unsigned char *p;
-	int i;
-	int n;
-
-	n=ssl23_read_bytes(s,7);
-
-	if (n != 7) return(n);
-	p=s->packet;
-
-	memcpy(buf,p,n);
-
-	if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
-		(p[5] == 0x00) && (p[6] == 0x02))
-		{
-#ifdef OPENSSL_NO_SSL2
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-		goto err;
-#else
-		/* we are talking sslv2 */
-		/* we need to clean up the SSLv3 setup and put in the
-		 * sslv2 stuff. */
-		int ch_len;
-
-		if (s->options & SSL_OP_NO_SSLv2)
-			{
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-			goto err;
-			}
-		if (s->s2 == NULL)
-			{
-			if (!ssl2_new(s))
-				goto err;
-			}
-		else
-			ssl2_clear(s);
-
-		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-			ch_len=SSL2_CHALLENGE_LENGTH;
-		else
-			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
-		/* write out sslv2 challenge */
-		i=(SSL3_RANDOM_SIZE < ch_len)
-			?SSL3_RANDOM_SIZE:ch_len;
-		s->s2->challenge_length=i;
-		memcpy(s->s2->challenge,
-			&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-
-		if (s->s3 != NULL) ssl3_free(s);
-
-		if (!BUF_MEM_grow_clean(s->init_buf,
-			SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-			{
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-			goto err;
-			}
-
-		s->state=SSL2_ST_GET_SERVER_HELLO_A;
-		if (!(s->client_version == SSL2_VERSION))
-			/* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
-			s->s2->ssl2_rollback=1;
-
-		/* setup the 5 bytes we have read so we get them from
-		 * the sslv2 buffer */
-		s->rstate=SSL_ST_READ_HEADER;
-		s->packet_length=n;
-		s->packet= &(s->s2->rbuf[0]);
-		memcpy(s->packet,buf,n);
-		s->s2->rbuf_left=n;
-		s->s2->rbuf_offs=0;
-
-		/* we have already written one */
-		s->s2->write_sequence=1;
-
-		s->method=SSLv2_client_method();
-		s->handshake_func=s->method->ssl_connect;
-#endif
-		}
-	else if ((p[0] == SSL3_RT_HANDSHAKE) &&
-		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 ((p[2] == SSL3_VERSION_MINOR) ||
-		  (p[2] == TLS1_VERSION_MINOR)) &&
-		 (p[5] == SSL3_MT_SERVER_HELLO))
-		{
-		/* we have sslv3 or tls1 */
-
-		if (!ssl_init_wbio_buffer(s,1)) goto err;
-
-		/* we are in this state */
-		s->state=SSL3_ST_CR_SRVR_HELLO_A;
-
-		/* put the 5 bytes we have read into the input buffer
-		 * for SSLv3 */
-		s->rstate=SSL_ST_READ_HEADER;
-		s->packet_length=n;
-		s->packet= &(s->s3->rbuf.buf[0]);
-		memcpy(s->packet,buf,n);
-		s->s3->rbuf.left=n;
-		s->s3->rbuf.offset=0;
-
-		if ((p[2] == SSL3_VERSION_MINOR) &&
-			!(s->options & SSL_OP_NO_SSLv3))
-			{
-			s->version=SSL3_VERSION;
-			s->method=SSLv3_client_method();
-			}
-		else if ((p[2] == TLS1_VERSION_MINOR) &&
-			!(s->options & SSL_OP_NO_TLSv1))
-			{
-			s->version=TLS1_VERSION;
-			s->method=TLSv1_client_method();
-			}
-		else
-			{
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-			goto err;
-			}
-			
-		s->handshake_func=s->method->ssl_connect;
-		}
-	else if ((p[0] == SSL3_RT_ALERT) &&
-		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 ((p[2] == SSL3_VERSION_MINOR) ||
-		  (p[2] == TLS1_VERSION_MINOR)) &&
-		 (p[3] == 0) &&
-		 (p[4] == 2))
-		{
-		void (*cb)(const SSL *ssl,int type,int val)=NULL;
-		int j;
-
-		/* An alert */
-		if (s->info_callback != NULL)
-			cb=s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb=s->ctx->info_callback;
- 
-		i=p[5];
-		if (cb != NULL)
-			{
-			j=(i<<8)|p[6];
-			cb(s,SSL_CB_READ_ALERT,j);
-			}
-
-		s->rwstate=SSL_NOTHING;
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
-		goto err;
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
-		goto err;
-		}
-	s->init_num=0;
-
-	/* Since, if we are sending a ssl23 client hello, we are not
-	 * reusing a session-id */
-	if (!ssl_get_new_session(s,0))
-		goto err;
-
-	s->first_packet=1;
-	return(SSL_connect(s));
-err:
-	return(-1);
-	}
-
diff --git a/crypto/openssl/ssl/s23_lib.c b/crypto/openssl/ssl/s23_lib.c
deleted file mode 100644
index b70002a64768..000000000000
--- a/crypto/openssl/ssl/s23_lib.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* ssl/s23_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static int ssl23_num_ciphers(void );
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-static int ssl23_read(SSL *s, void *buf, int len);
-static int ssl23_peek(SSL *s, void *buf, int len);
-static int ssl23_write(SSL *s, const void *buf, int len);
-static long ssl23_default_timeout(void );
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
-
-static SSL_METHOD SSLv23_data= {
-	TLS1_VERSION,
-	tls1_new,
-	tls1_clear,
-	tls1_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl23_read,
-	ssl23_peek,
-	ssl23_write,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl_ok,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl23_get_cipher_by_char,
-	ssl23_put_cipher_by_char,
-	ssl_undefined_function,
-	ssl23_num_ciphers,
-	ssl23_get_cipher,
-	ssl_bad_method,
-	ssl23_default_timeout,
-	&ssl3_undef_enc_method,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long ssl23_default_timeout(void)
-	{
-	return(300);
-	}
-
-SSL_METHOD *sslv23_base_method(void)
-	{
-	return(&SSLv23_data);
-	}
-
-static int ssl23_num_ciphers(void)
-	{
-	return(ssl3_num_ciphers()
-#ifndef OPENSSL_NO_SSL2
-	       + ssl2_num_ciphers()
-#endif
-	    );
-	}
-
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
-	{
-	unsigned int uu=ssl3_num_ciphers();
-
-	if (u < uu)
-		return(ssl3_get_cipher(u));
-	else
-#ifndef OPENSSL_NO_SSL2
-		return(ssl2_get_cipher(u-uu));
-#else
-		return(NULL);
-#endif
-	}
-
-/* This function needs to check if the ciphers required are actually
- * available */
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
-	{
-	SSL_CIPHER c,*cp;
-	unsigned long id;
-	int n;
-
-	n=ssl3_num_ciphers();
-	id=0x03000000|((unsigned long)p[0]<<16L)|
-		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
-	c.id=id;
-	cp=ssl3_get_cipher_by_char(p);
-#ifndef OPENSSL_NO_SSL2
-	if (cp == NULL)
-		cp=ssl2_get_cipher_by_char(p);
-#endif
-	return(cp);
-	}
-
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-	{
-	long l;
-
-	/* We can write SSLv2 and SSLv3 ciphers */
-	if (p != NULL)
-		{
-		l=c->id;
-		p[0]=((unsigned char)(l>>16L))&0xFF;
-		p[1]=((unsigned char)(l>> 8L))&0xFF;
-		p[2]=((unsigned char)(l     ))&0xFF;
-		}
-	return(3);
-	}
-
-static int ssl23_read(SSL *s, void *buf, int len)
-	{
-	int n;
-
-	clear_sys_error();
-	if (SSL_in_init(s) && (!s->in_handshake))
-		{
-		n=s->handshake_func(s);
-		if (n < 0) return(n);
-		if (n == 0)
-			{
-			SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		return(SSL_read(s,buf,len));
-		}
-	else
-		{
-		ssl_undefined_function(s);
-		return(-1);
-		}
-	}
-
-static int ssl23_peek(SSL *s, void *buf, int len)
-	{
-	int n;
-
-	clear_sys_error();
-	if (SSL_in_init(s) && (!s->in_handshake))
-		{
-		n=s->handshake_func(s);
-		if (n < 0) return(n);
-		if (n == 0)
-			{
-			SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		return(SSL_peek(s,buf,len));
-		}
-	else
-		{
-		ssl_undefined_function(s);
-		return(-1);
-		}
-	}
-
-static int ssl23_write(SSL *s, const void *buf, int len)
-	{
-	int n;
-
-	clear_sys_error();
-	if (SSL_in_init(s) && (!s->in_handshake))
-		{
-		n=s->handshake_func(s);
-		if (n < 0) return(n);
-		if (n == 0)
-			{
-			SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		return(SSL_write(s,buf,len));
-		}
-	else
-		{
-		ssl_undefined_function(s);
-		return(-1);
-		}
-	}
diff --git a/crypto/openssl/ssl/s23_meth.c b/crypto/openssl/ssl/s23_meth.c
deleted file mode 100644
index f207140835f8..000000000000
--- a/crypto/openssl/ssl/s23_meth.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* ssl/s23_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl23_get_method(int ver);
-static SSL_METHOD *ssl23_get_method(int ver)
-	{
-	if (ver == SSL2_VERSION)
-		return(SSLv2_method());
-	else if (ver == SSL3_VERSION)
-		return(SSLv3_method());
-	else if (ver == TLS1_VERSION)
-		return(TLSv1_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv23_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv23_data.ssl_connect=ssl23_connect;
-			SSLv23_data.ssl_accept=ssl23_accept;
-			SSLv23_data.get_ssl_method=ssl23_get_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_data);
-	}
-
diff --git a/crypto/openssl/ssl/s23_pkt.c b/crypto/openssl/ssl/s23_pkt.c
deleted file mode 100644
index 4ca6a1b25845..000000000000
--- a/crypto/openssl/ssl/s23_pkt.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* ssl/s23_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-
-int ssl23_write_bytes(SSL *s)
-	{
-	int i,num,tot;
-	char *buf;
-
-	buf=s->init_buf->data;
-	tot=s->init_off;
-	num=s->init_num;
-	for (;;)
-		{
-		s->rwstate=SSL_WRITING;
-		i=BIO_write(s->wbio,&(buf[tot]),num);
-		if (i <= 0)
-			{
-			s->init_off=tot;
-			s->init_num=num;
-			return(i);
-			}
-		s->rwstate=SSL_NOTHING;
-		if (i == num) return(tot+i);
-
-		num-=i;
-		tot+=i;
-		}
-	}
-
-/* return regularly only when we have read (at least) 'n' bytes */
-int ssl23_read_bytes(SSL *s, int n)
-	{
-	unsigned char *p;
-	int j;
-
-	if (s->packet_length < (unsigned int)n)
-		{
-		p=s->packet;
-
-		for (;;)
-			{
-			s->rwstate=SSL_READING;
-			j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
-				n-s->packet_length);
-			if (j <= 0)
-				return(j);
-			s->rwstate=SSL_NOTHING;
-			s->packet_length+=j;
-			if (s->packet_length >= (unsigned int)n)
-				return(s->packet_length);
-			}
-		}
-	return(n);
-	}
-
diff --git a/crypto/openssl/ssl/s23_srvr.c b/crypto/openssl/ssl/s23_srvr.c
deleted file mode 100644
index c5404ca0bcd4..000000000000
--- a/crypto/openssl/ssl/s23_srvr.c
+++ /dev/null
@@ -1,596 +0,0 @@
-/* ssl/s23_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static SSL_METHOD *ssl23_get_server_method(int ver);
-int ssl23_get_client_hello(SSL *s);
-static SSL_METHOD *ssl23_get_server_method(int ver)
-	{
-#ifndef OPENSSL_NO_SSL2
-	if (ver == SSL2_VERSION)
-		return(SSLv2_server_method());
-#endif
-	if (ver == SSL3_VERSION)
-		return(SSLv3_server_method());
-	else if (ver == TLS1_VERSION)
-		return(TLSv1_server_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv23_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv23_server_data,
-				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-			SSLv23_server_data.ssl_accept=ssl23_accept;
-			SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_server_data);
-	}
-
-int ssl23_accept(SSL *s)
-	{
-	BUF_MEM *buf;
-	unsigned long Time=time(NULL);
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	int ret= -1;
-	int new_state,state;
-
-	RAND_add(&Time,sizeof(Time),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-	
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
-
-	for (;;)
-		{
-		state=s->state;
-
-		switch(s->state)
-			{
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server=1;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			/* s->version=SSL3_VERSION; */
-			s->type=SSL_ST_ACCEPT;
-
-			if (s->init_buf == NULL)
-				{
-				if ((buf=BUF_MEM_new()) == NULL)
-					{
-					ret= -1;
-					goto end;
-					}
-				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
-					{
-					ret= -1;
-					goto end;
-					}
-				s->init_buf=buf;
-				}
-
-			ssl3_init_finished_mac(s);
-
-			s->state=SSL23_ST_SR_CLNT_HELLO_A;
-			s->ctx->stats.sess_accept++;
-			s->init_num=0;
-			break;
-
-		case SSL23_ST_SR_CLNT_HELLO_A:
-		case SSL23_ST_SR_CLNT_HELLO_B:
-
-			s->shutdown=0;
-			ret=ssl23_get_client_hello(s);
-			if (ret >= 0) cb=NULL;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
-			ret= -1;
-			goto end;
-			/* break; */
-			}
-
-		if ((cb != NULL) && (s->state != state))
-			{
-			new_state=s->state;
-			s->state=state;
-			cb(s,SSL_CB_ACCEPT_LOOP,1);
-			s->state=new_state;
-			}
-		}
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s,SSL_CB_ACCEPT_EXIT,ret);
-	return(ret);
-	}
-
-
-int ssl23_get_client_hello(SSL *s)
-	{
-	char buf_space[11]; /* Request this many bytes in initial read.
-	                     * We can detect SSL 3.0/TLS 1.0 Client Hellos
-	                     * ('type == 3') correctly only when the following
-	                     * is in a single record, which is not guaranteed by
-	                     * the protocol specification:
-	                     * Byte  Content
-	                     *  0     type            \
-	                     *  1/2   version          > record header
-	                     *  3/4   length          /
-	                     *  5     msg_type        \
-	                     *  6-8   length           > Client Hello message
-	                     *  9/10  client_version  /
-	                     */
-	char *buf= &(buf_space[0]);
-	unsigned char *p,*d,*d_len,*dd;
-	unsigned int i;
-	unsigned int csl,sil,cl;
-	int n=0,j;
-	int type=0;
-	int v[2];
-#ifndef OPENSSL_NO_RSA
-	int use_sslv2_strong=0;
-#endif
-
-	if (s->state ==	SSL23_ST_SR_CLNT_HELLO_A)
-		{
-		/* read the initial header */
-		v[0]=v[1]=0;
-
-		if (!ssl3_setup_buffers(s)) goto err;
-
-		n=ssl23_read_bytes(s, sizeof buf_space);
-		if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
-
-		p=s->packet;
-
-		memcpy(buf,p,n);
-
-		if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
-			{
-			/*
-			 * SSLv2 header
-			 */
-			if ((p[3] == 0x00) && (p[4] == 0x02))
-				{
-				v[0]=p[3]; v[1]=p[4];
-				/* SSLv2 */
-				if (!(s->options & SSL_OP_NO_SSLv2))
-					type=1;
-				}
-			else if (p[3] == SSL3_VERSION_MAJOR)
-				{
-				v[0]=p[3]; v[1]=p[4];
-				/* SSLv3/TLSv1 */
-				if (p[4] >= TLS1_VERSION_MINOR)
-					{
-					if (!(s->options & SSL_OP_NO_TLSv1))
-						{
-						s->version=TLS1_VERSION;
-						/* type=2; */ /* done later to survive restarts */
-						s->state=SSL23_ST_SR_CLNT_HELLO_B;
-						}
-					else if (!(s->options & SSL_OP_NO_SSLv3))
-						{
-						s->version=SSL3_VERSION;
-						/* type=2; */
-						s->state=SSL23_ST_SR_CLNT_HELLO_B;
-						}
-					else if (!(s->options & SSL_OP_NO_SSLv2))
-						{
-						type=1;
-						}
-					}
-				else if (!(s->options & SSL_OP_NO_SSLv3))
-					{
-					s->version=SSL3_VERSION;
-					/* type=2; */
-					s->state=SSL23_ST_SR_CLNT_HELLO_B;
-					}
-				else if (!(s->options & SSL_OP_NO_SSLv2))
-					type=1;
-
-				}
-			}
-		else if ((p[0] == SSL3_RT_HANDSHAKE) &&
-			 (p[1] == SSL3_VERSION_MAJOR) &&
-			 (p[5] == SSL3_MT_CLIENT_HELLO) &&
-			 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
-				|| (p[9] == p[1])))
-			{
-			/*
-			 * SSLv3 or tls1 header
-			 */
-			
-			v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
-			/* We must look at client_version inside the Client Hello message
-			 * to get the correct minor version.
-			 * However if we have only a pathologically small fragment of the
-			 * Client Hello message, this would be difficult, and we'd have
-			 * to read more records to find out.
-			 * No known SSL 3.0 client fragments ClientHello like this,
-			 * so we simply assume TLS 1.0 to avoid protocol version downgrade
-			 * attacks. */
-			if (p[3] == 0 && p[4] < 6)
-				{
-#if 0
-				SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
-				goto err;
-#else
-				v[1] = TLS1_VERSION_MINOR;
-#endif
-				}
-			else
-				v[1]=p[10]; /* minor version according to client_version */
-			if (v[1] >= TLS1_VERSION_MINOR)
-				{
-				if (!(s->options & SSL_OP_NO_TLSv1))
-					{
-					s->version=TLS1_VERSION;
-					type=3;
-					}
-				else if (!(s->options & SSL_OP_NO_SSLv3))
-					{
-					s->version=SSL3_VERSION;
-					type=3;
-					}
-				}
-			else
-				{
-				/* client requests SSL 3.0 */
-				if (!(s->options & SSL_OP_NO_SSLv3))
-					{
-					s->version=SSL3_VERSION;
-					type=3;
-					}
-				else if (!(s->options & SSL_OP_NO_TLSv1))
-					{
-					/* we won't be able to use TLS of course,
-					 * but this will send an appropriate alert */
-					s->version=TLS1_VERSION;
-					type=3;
-					}
-				}
-			}
-		else if ((strncmp("GET ", (char *)p,4) == 0) ||
-			 (strncmp("POST ",(char *)p,5) == 0) ||
-			 (strncmp("HEAD ",(char *)p,5) == 0) ||
-			 (strncmp("PUT ", (char *)p,4) == 0))
-			{
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
-			goto err;
-			}
-		else if (strncmp("CONNECT",(char *)p,7) == 0)
-			{
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
-			goto err;
-			}
-		}
-
-	if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
-		{
-		/* we have SSLv3/TLSv1 in an SSLv2 header
-		 * (other cases skip this state) */
-
-		type=2;
-		p=s->packet;
-		v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
-		v[1] = p[4];
-
-		n=((p[0]&0x7f)<<8)|p[1];
-		if (n > (1024*4))
-			{
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
-			goto err;
-			}
-
-		j=ssl23_read_bytes(s,n+2);
-		if (j <= 0) return(j);
-
-		ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
-		if (s->msg_callback)
-			s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
-
-		p=s->packet;
-		p+=5;
-		n2s(p,csl);
-		n2s(p,sil);
-		n2s(p,cl);
-		d=(unsigned char *)s->init_buf->data;
-		if ((csl+sil+cl+11) != s->packet_length)
-			{
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
-			goto err;
-			}
-
-		/* record header: msg_type ... */
-		*(d++) = SSL3_MT_CLIENT_HELLO;
-		/* ... and length (actual value will be written later) */
-		d_len = d;
-		d += 3;
-
-		/* client_version */
-		*(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
-		*(d++) = v[1];
-
-		/* lets populate the random area */
-		/* get the challenge_length */
-		i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
-		memset(d,0,SSL3_RANDOM_SIZE);
-		memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
-		d+=SSL3_RANDOM_SIZE;
-
-		/* no session-id reuse */
-		*(d++)=0;
-
-		/* ciphers */
-		j=0;
-		dd=d;
-		d+=2;
-		for (i=0; i<csl; i+=3)
-			{
-			if (p[i] != 0) continue;
-			*(d++)=p[i+1];
-			*(d++)=p[i+2];
-			j+=2;
-			}
-		s2n(j,dd);
-
-		/* COMPRESSION */
-		*(d++)=1;
-		*(d++)=0;
-		
-		i = (d-(unsigned char *)s->init_buf->data) - 4;
-		l2n3((long)i, d_len);
-
-		/* get the data reused from the init_buf */
-		s->s3->tmp.reuse_message=1;
-		s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
-		s->s3->tmp.message_size=i;
-		}
-
-	/* imaginary new state (for program structure): */
-	/* s->state = SSL23_SR_CLNT_HELLO_C */
-
-	if (type == 1)
-		{
-#ifdef OPENSSL_NO_SSL2
-		SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-		goto err;
-#else
-		/* we are talking sslv2 */
-		/* we need to clean up the SSLv3/TLSv1 setup and put in the
-		 * sslv2 stuff. */
-
-		if (s->s2 == NULL)
-			{
-			if (!ssl2_new(s))
-				goto err;
-			}
-		else
-			ssl2_clear(s);
-
-		if (s->s3 != NULL) ssl3_free(s);
-
-		if (!BUF_MEM_grow_clean(s->init_buf,
-			SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-			{
-			goto err;
-			}
-
-		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-			use_sslv2_strong ||
-			(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
-			s->s2->ssl2_rollback=0;
-		else
-			/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
-			 * (SSL 3.0 draft/RFC 2246, App. E.2) */
-			s->s2->ssl2_rollback=1;
-
-		/* setup the n bytes we have read so we get them from
-		 * the sslv2 buffer */
-		s->rstate=SSL_ST_READ_HEADER;
-		s->packet_length=n;
-		s->packet= &(s->s2->rbuf[0]);
-		memcpy(s->packet,buf,n);
-		s->s2->rbuf_left=n;
-		s->s2->rbuf_offs=0;
-
-		s->method=SSLv2_server_method();
-		s->handshake_func=s->method->ssl_accept;
-#endif
-		}
-
-	if ((type == 2) || (type == 3))
-		{
-		/* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
-
-		if (!ssl_init_wbio_buffer(s,1)) goto err;
-
-		/* we are in this state */
-		s->state=SSL3_ST_SR_CLNT_HELLO_A;
-
-		if (type == 3)
-			{
-			/* put the 'n' bytes we have read into the input buffer
-			 * for SSLv3 */
-			s->rstate=SSL_ST_READ_HEADER;
-			s->packet_length=n;
-			s->packet= &(s->s3->rbuf.buf[0]);
-			memcpy(s->packet,buf,n);
-			s->s3->rbuf.left=n;
-			s->s3->rbuf.offset=0;
-			}
-		else
-			{
-			s->packet_length=0;
-			s->s3->rbuf.left=0;
-			s->s3->rbuf.offset=0;
-			}
-
-		if (s->version == TLS1_VERSION)
-			s->method = TLSv1_server_method();
-		else
-			s->method = SSLv3_server_method();
-#if 0 /* ssl3_get_client_hello does this */
-		s->client_version=(v[0]<<8)|v[1];
-#endif
-		s->handshake_func=s->method->ssl_accept;
-		}
-	
-	if ((type < 1) || (type > 3))
-		{
-		/* bad, very bad */
-		SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
-		goto err;
-		}
-	s->init_num=0;
-
-	if (buf != buf_space) OPENSSL_free(buf);
-	s->first_packet=1;
-	return(SSL_accept(s));
-err:
-	if (buf != buf_space) OPENSSL_free(buf);
-	return(-1);
-	}
diff --git a/crypto/openssl/ssl/s2_clnt.c b/crypto/openssl/ssl/s2_clnt.c
deleted file mode 100644
index 1d24dedc918b..000000000000
--- a/crypto/openssl/ssl/s2_clnt.c
+++ /dev/null
@@ -1,1138 +0,0 @@
-/* ssl/s2_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/rand.h>
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "cryptlib.h"
-
-static SSL_METHOD *ssl2_get_client_method(int ver);
-static int get_server_finished(SSL *s);
-static int get_server_verify(SSL *s);
-static int get_server_hello(SSL *s);
-static int client_hello(SSL *s); 
-static int client_master_key(SSL *s);
-static int client_finished(SSL *s);
-static int client_certificate(SSL *s);
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-	unsigned char *to,int padding);
-#define BREAK	break
-
-static SSL_METHOD *ssl2_get_client_method(int ver)
-	{
-	if (ver == SSL2_VERSION)
-		return(SSLv2_client_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv2_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_client_data.ssl_connect=ssl2_connect;
-			SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_client_data);
-	}
-
-int ssl2_connect(SSL *s)
-	{
-	unsigned long l=time(NULL);
-	BUF_MEM *buf=NULL;
-	int ret= -1;
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	int new_state,state;
-
-	RAND_add(&l,sizeof(l),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-
-	/* init things to blank */
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-
-	for (;;)
-		{
-		state=s->state;
-
-		switch (s->state)
-			{
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			s->server=0;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			s->version=SSL2_VERSION;
-			s->type=SSL_ST_CONNECT;
-
-			buf=s->init_buf;
-			if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
-				{
-				ret= -1;
-				goto end;
-				}
-			if (!BUF_MEM_grow(buf,
-				SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-				{
-				if (buf == s->init_buf)
-					buf=NULL;
-				ret= -1;
-				goto end;
-				}
-			s->init_buf=buf;
-			buf=NULL;
-			s->init_num=0;
-			s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->handshake_func=ssl2_connect;
-			BREAK;
-
-		case SSL2_ST_SEND_CLIENT_HELLO_A:
-		case SSL2_ST_SEND_CLIENT_HELLO_B:
-			s->shutdown=0;
-			ret=client_hello(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_GET_SERVER_HELLO_A;
-			BREAK;
-		
-		case SSL2_ST_GET_SERVER_HELLO_A:
-		case SSL2_ST_GET_SERVER_HELLO_B:
-			ret=get_server_hello(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			if (!s->hit) /* new session */
-				{
-				s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
-				BREAK; 
-				}
-			else
-				{
-				s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
-				break;
-				}
-	
-		case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
-		case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
-			ret=client_master_key(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
-			break;
-
-		case SSL2_ST_CLIENT_START_ENCRYPTION:
-			/* Ok, we now have all the stuff needed to
-			 * start encrypting, so lets fire it up :-) */
-			if (!ssl2_enc_init(s,1))
-				{
-				ret= -1;
-				goto end;
-				}
-			s->s2->clear_text=0;
-			s->state=SSL2_ST_SEND_CLIENT_FINISHED_A;
-			break;
-
-		case SSL2_ST_SEND_CLIENT_FINISHED_A:
-		case SSL2_ST_SEND_CLIENT_FINISHED_B:
-			ret=client_finished(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_GET_SERVER_VERIFY_A;
-			break;
-
-		case SSL2_ST_GET_SERVER_VERIFY_A:
-		case SSL2_ST_GET_SERVER_VERIFY_B:
-			ret=get_server_verify(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_GET_SERVER_FINISHED_A;
-			break;
-
-		case SSL2_ST_GET_SERVER_FINISHED_A:
-		case SSL2_ST_GET_SERVER_FINISHED_B:
-			ret=get_server_finished(s);
-			if (ret <= 0) goto end;
-			break;
-
-		case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
-		case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
-		case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
-		case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
-		case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
-			ret=client_certificate(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_GET_SERVER_FINISHED_A;
-			break;
-
-		case SSL_ST_OK:
-			if (s->init_buf != NULL)
-				{
-				BUF_MEM_free(s->init_buf);
-				s->init_buf=NULL;
-				}
-			s->init_num=0;
-		/*	ERR_clear_error();*/
-
-			/* If we want to cache session-ids in the client
-			 * and we successfully add the session-id to the
-			 * cache, and there is a callback, then pass it out.
-			 * 26/11/96 - eay - only add if not a re-used session.
-			 */
-
-			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
-			if (s->hit) s->ctx->stats.sess_hit++;
-
-			ret=1;
-			/* s->server=0; */
-			s->ctx->stats.sess_connect_good++;
-
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
-			goto end;
-			/* break; */
-		default:
-			SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE);
-			return(-1);
-			/* break; */
-			}
-
-		if ((cb != NULL) && (s->state != state))
-			{
-			new_state=s->state;
-			s->state=state;
-			cb(s,SSL_CB_CONNECT_LOOP,1);
-			s->state=new_state;
-			}
-		}
-end:
-	s->in_handshake--;
-	if (buf != NULL)
-		BUF_MEM_free(buf);
-	if (cb != NULL) 
-		cb(s,SSL_CB_CONNECT_EXIT,ret);
-	return(ret);
-	}
-
-static int get_server_hello(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p;
-	int i,j;
-	unsigned long len;
-	STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow;
-
-	buf=(unsigned char *)s->init_buf->data;
-	p=buf;
-	if (s->state == SSL2_ST_GET_SERVER_HELLO_A)
-		{
-		i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num);
-		if (i < (11-s->init_num)) 
-			return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
-		s->init_num = 11;
-
-		if (*(p++) != SSL2_MT_SERVER_HELLO)
-			{
-			if (p[-1] != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_SERVER_HELLO,
-					SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				SSLerr(SSL_F_GET_SERVER_HELLO,
-					SSL_R_PEER_ERROR);
-			return(-1);
-			}
-#ifdef __APPLE_CC__
-		/* The Rhapsody 5.5 (a.k.a. MacOS X) compiler bug
-		 * workaround. <appro@fy.chalmers.se> */
-		s->hit=(i=*(p++))?1:0;
-#else
-		s->hit=(*(p++))?1:0;
-#endif
-		s->s2->tmp.cert_type= *(p++);
-		n2s(p,i);
-		if (i < s->version) s->version=i;
-		n2s(p,i); s->s2->tmp.cert_length=i;
-		n2s(p,i); s->s2->tmp.csl=i;
-		n2s(p,i); s->s2->tmp.conn_id_length=i;
-		s->state=SSL2_ST_GET_SERVER_HELLO_B;
-		}
-
-	/* SSL2_ST_GET_SERVER_HELLO_B */
-	len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
-	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-		{
-		SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG);
-		return -1;
-		}
-	j = (int)len - s->init_num;
-	i = ssl2_read(s,(char *)&(buf[s->init_num]),j);
-	if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
-
-	/* things are looking good */
-
-	p = buf + 11;
-	if (s->hit)
-		{
-		if (s->s2->tmp.cert_length != 0) 
-			{
-			SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
-			return(-1);
-			}
-		if (s->s2->tmp.cert_type != 0)
-			{
-			if (!(s->options &
-				SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG))
-				{
-				SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
-				return(-1);
-				}
-			}
-		if (s->s2->tmp.csl != 0)
-			{
-			SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
-			return(-1);
-			}
-		}
-	else
-		{
-#ifdef undef
-		/* very bad */
-		memset(s->session->session_id,0,
-			SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
-		s->session->session_id_length=0;
-		*/
-#endif
-
-		/* we need to do this in case we were trying to reuse a 
-		 * client session but others are already reusing it.
-		 * If this was a new 'blank' session ID, the session-id
-		 * length will still be 0 */
-		if (s->session->session_id_length > 0)
-			{
-			if (!ssl_get_new_session(s,0))
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				return(-1);
-				}
-			}
-
-		if (ssl2_set_certificate(s,s->s2->tmp.cert_type,
-			s->s2->tmp.cert_length,p) <= 0)
-			{
-			ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-			return(-1);
-			}
-		p+=s->s2->tmp.cert_length;
-
-		if (s->s2->tmp.csl == 0)
-			{
-			ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-			SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST);
-			return(-1);
-			}
-
-		/* We have just received a list of ciphers back from the
-		 * server.  We need to get the ones that match, then select
-		 * the one we want the most :-). */
-
-		/* load the ciphers */
-		sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl,
-					    &s->session->ciphers);
-		p+=s->s2->tmp.csl;
-		if (sk == NULL)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
-			return(-1);
-			}
-
-		sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
-
-		/* get the array of ciphers we will accept */
-		cl=SSL_get_ciphers(s);
-		sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
-
-		/*
-		 * If server preference flag set, choose the first
-		 * (highest priority) cipher the server sends, otherwise
-		 * client preference has priority.
-		 */
-		if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-		    {
-		    prio = sk;
-		    allow = cl;
-		    }
-		else
-		    {
-		    prio = cl;
-		    allow = sk;
-		    }
-		/* In theory we could have ciphers sent back that we
-		 * don't want to use but that does not matter since we
-		 * will check against the list we originally sent and
-		 * for performance reasons we should not bother to match
-		 * the two lists up just to check. */
-		for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
-			{
-			if (sk_SSL_CIPHER_find(allow,
-					     sk_SSL_CIPHER_value(prio,i)) >= 0)
-				break;
-			}
-
-		if (i >= sk_SSL_CIPHER_num(prio))
-			{
-			ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-			SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH);
-			return(-1);
-			}
-		s->session->cipher=sk_SSL_CIPHER_value(prio,i);
-
-
-		if (s->session->peer != NULL) /* can't happen*/
-			{
-			ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-			return(-1);
-			}
-
-		s->session->peer = s->session->sess_cert->peer_key->x509;
-		/* peer_key->x509 has been set by ssl2_set_certificate. */
-		CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
-		}
-
-	if (s->session->peer != s->session->sess_cert->peer_key->x509)
-		/* can't happen */
-		{
-		ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-		return(-1);
-		}
-		
-	s->s2->conn_id_length=s->s2->tmp.conn_id_length;
-	if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-		{
-		ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
-		return -1;
-		}
-	memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
-	return(1);
-	}
-
-static int client_hello(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-/*	CIPHER **cipher;*/
-	int i,n,j;
-
-	buf=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A)
-		{
-		if ((s->session == NULL) ||
-			(s->session->ssl_version != s->version))
-			{
-			if (!ssl_get_new_session(s,0))
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				return(-1);
-				}
-			}
-		/* else use the pre-loaded session */
-
-		p=buf;					/* header */
-		d=p+9;					/* data section */
-		*(p++)=SSL2_MT_CLIENT_HELLO;		/* type */
-		s2n(SSL2_VERSION,p);			/* version */
-		n=j=0;
-
-		n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
-		d+=n;
-
-		if (n == 0)
-			{
-			SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-			return(-1);
-			}
-
-		s2n(n,p);			/* cipher spec num bytes */
-
-		if ((s->session->session_id_length > 0) &&
-			(s->session->session_id_length <=
-			SSL2_MAX_SSL_SESSION_ID_LENGTH))
-			{
-			i=s->session->session_id_length;
-			s2n(i,p);		/* session id length */
-			memcpy(d,s->session->session_id,(unsigned int)i);
-			d+=i;
-			}
-		else
-			{
-			s2n(0,p);
-			}
-
-		s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
-		s2n(SSL2_CHALLENGE_LENGTH,p);		/* challenge length */
-		/*challenge id data*/
-		RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH);
-		memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
-		d+=SSL2_CHALLENGE_LENGTH;
-
-		s->state=SSL2_ST_SEND_CLIENT_HELLO_B;
-		s->init_num=d-buf;
-		s->init_off=0;
-		}
-	/* SSL2_ST_SEND_CLIENT_HELLO_B */
-	return(ssl2_do_write(s));
-	}
-
-static int client_master_key(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-	int clear,enc,karg,i;
-	SSL_SESSION *sess;
-	const EVP_CIPHER *c;
-	const EVP_MD *md;
-
-	buf=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
-		{
-
-		if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
-			{
-			ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-			SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-			return(-1);
-			}
-		sess=s->session;
-		p=buf;
-		d=p+10;
-		*(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
-
-		i=ssl_put_cipher_by_char(s,sess->cipher,p);
-		p+=i;
-
-		/* make key_arg data */
-		i=EVP_CIPHER_iv_length(c);
-		sess->key_arg_length=i;
-		if (i > SSL_MAX_KEY_ARG_LENGTH)
-			{
-			ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
-
-		/* make a master key */
-		i=EVP_CIPHER_key_length(c);
-		sess->master_key_length=i;
-		if (i > 0)
-			{
-			if (i > sizeof sess->master_key)
-				{
-				ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-				return -1;
-				}
-			if (RAND_bytes(sess->master_key,i) <= 0)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				return(-1);
-				}
-			}
-
-		if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
-			enc=8;
-		else if (SSL_C_IS_EXPORT(sess->cipher))
-			enc=5;
-		else
-			enc=i;
-
-		if (i < enc)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
-			return(-1);
-			}
-		clear=i-enc;
-		s2n(clear,p);
-		memcpy(d,sess->master_key,(unsigned int)clear);
-		d+=clear;
-
-		enc=ssl_rsa_public_encrypt(sess->sess_cert,enc,
-			&(sess->master_key[clear]),d,
-			(s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
-		if (enc <= 0)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
-			return(-1);
-			}
-#ifdef PKCS1_CHECK
-		if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++;
-		if (s->options & SSL_OP_PKCS1_CHECK_2)
-			sess->master_key[clear]++;
-#endif
-		s2n(enc,p);
-		d+=enc;
-		karg=sess->key_arg_length;	
-		s2n(karg,p); /* key arg size */
-		if (karg > sizeof sess->key_arg)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		memcpy(d,sess->key_arg,(unsigned int)karg);
-		d+=karg;
-
-		s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
-		s->init_num=d-buf;
-		s->init_off=0;
-		}
-
-	/* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
-	return(ssl2_do_write(s));
-	}
-
-static int client_finished(SSL *s)
-	{
-	unsigned char *p;
-
-	if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL2_MT_CLIENT_FINISHED;
-		if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-			{
-			SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
-
-		s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
-		s->init_num=s->s2->conn_id_length+1;
-		s->init_off=0;
-		}
-	return(ssl2_do_write(s));
-	}
-
-/* read the data and then respond */
-static int client_certificate(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-	int i;
-	unsigned int n;
-	int cert_ch_len;
-	unsigned char *cert_ch;
-
-	buf=(unsigned char *)s->init_buf->data;
-
-	/* We have a cert associated with the SSL, so attach it to
-	 * the session if it does not have one */
-
-	if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
-		{
-		i=ssl2_read(s,(char *)&(buf[s->init_num]),
-			SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
-		if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
-			return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
-		s->init_num += i;
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
-
-		/* type=buf[0]; */
-		/* type eq x509 */
-		if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
-			{
-			ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-			SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE);
-			return(-1);
-			}
-
-		if ((s->cert == NULL) ||
-			(s->cert->key->x509 == NULL) ||
-			(s->cert->key->privatekey == NULL))
-			{
-			s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
-			}
-		else
-			s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-		}
-
-	cert_ch = buf + 2;
-	cert_ch_len = s->init_num - 2;
-
-	if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE)
-		{
-		X509 *x509=NULL;
-		EVP_PKEY *pkey=NULL;
-
-		/* If we get an error we need to
-		 * ssl->rwstate=SSL_X509_LOOKUP;
-		 * return(error);
-		 * We should then be retried when things are ok and we
-		 * can get a cert or not */
-
-		i=0;
-		if (s->ctx->client_cert_cb != NULL)
-			{
-			i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
-			}
-
-		if (i < 0)
-			{
-			s->rwstate=SSL_X509_LOOKUP;
-			return(-1);
-			}
-		s->rwstate=SSL_NOTHING;
-
-		if ((i == 1) && (pkey != NULL) && (x509 != NULL))
-			{
-			s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-			if (	!SSL_use_certificate(s,x509) || 
-				!SSL_use_PrivateKey(s,pkey))
-				{
-				i=0;
-				}
-			X509_free(x509);
-			EVP_PKEY_free(pkey);
-			}
-		else if (i == 1)
-			{
-			if (x509 != NULL) X509_free(x509);
-			if (pkey != NULL) EVP_PKEY_free(pkey);
-			SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-			i=0;
-			}
-
-		if (i == 0)
-			{
-			/* We have no client certificate to respond with
-			 * so send the correct error message back */
-			s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
-			p=buf;
-			*(p++)=SSL2_MT_ERROR;
-			s2n(SSL2_PE_NO_CERTIFICATE,p);
-			s->init_off=0;
-			s->init_num=3;
-			/* Write is done at the end */
-			}
-		}
-
-	if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B)
-		{
-		return(ssl2_do_write(s));
-		}
-
-	if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C)
-		{
-		EVP_MD_CTX ctx;
-
-		/* ok, now we calculate the checksum
-		 * do it first so we can reuse buf :-) */
-		p=buf;
-		EVP_MD_CTX_init(&ctx);
-		EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
-		EVP_SignUpdate(&ctx,s->s2->key_material,
-			       s->s2->key_material_length);
-		EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
-		n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
-		EVP_SignUpdate(&ctx,buf,(unsigned int)n);
-
-		p=buf;
-		d=p+6;
-		*(p++)=SSL2_MT_CLIENT_CERTIFICATE;
-		*(p++)=SSL2_CT_X509_CERTIFICATE;
-		n=i2d_X509(s->cert->key->x509,&d);
-		s2n(n,p);
-
-		if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey))
-			{
-			/* this is not good.  If things have failed it
-			 * means there so something wrong with the key.
-			 * We will continue with a 0 length signature
-			 */
-			}
-		EVP_MD_CTX_cleanup(&ctx);
-		s2n(n,p);
-		d+=n;
-
-		s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
-		s->init_num=d-buf;
-		s->init_off=0;
-		}
-	/* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
-	return(ssl2_do_write(s));
-	}
-
-static int get_server_verify(SSL *s)
-	{
-	unsigned char *p;
-	int i, n, len;
-
-	p=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
-		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
-		if (i < (1-s->init_num)) 
-			return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
-		s->init_num += i;
-
-		s->state= SSL2_ST_GET_SERVER_VERIFY_B;
-		if (*p != SSL2_MT_SERVER_VERIFY)
-			{
-			if (p[0] != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_SERVER_VERIFY,
-					SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				{
-				SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
-				/* try to read the error message */
-				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-				}
-			return(-1);
-			}
-		}
-	
-	p=(unsigned char *)s->init_buf->data;
-	len = 1 + s->s2->challenge_length;
-	n =  len - s->init_num;
-	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-	if (i < n)
-		return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
-	p += 1;
-
-	if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
-		return(-1);
-		}
-	return(1);
-	}
-
-static int get_server_finished(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p;
-	int i, n, len;
-
-	buf=(unsigned char *)s->init_buf->data;
-	p=buf;
-	if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
-		{
-		i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
-		if (i < (1-s->init_num))
-			return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
-		s->init_num += i;
-
-		if (*p == SSL2_MT_REQUEST_CERTIFICATE)
-			{
-			s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
-			return(1);
-			}
-		else if (*p != SSL2_MT_SERVER_FINISHED)
-			{
-			if (p[0] != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				{
-				SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
-				/* try to read the error message */
-				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-				}
-			return(-1);
-			}
-		s->state=SSL2_ST_GET_SERVER_FINISHED_B;
-		}
-
-	len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
-	n = len - s->init_num;
-	i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
-	if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
-		return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
-	s->init_num += i;
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
-
-	if (!s->hit) /* new session */
-		{
-		/* new session-id */
-		/* Make sure we were not trying to re-use an old SSL_SESSION
-		 * or bad things can happen */
-		/* ZZZZZZZZZZZZZ */
-		s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
-		memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
-		}
-	else
-		{
-		if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
-			{
-			if ((s->session->session_id_length > sizeof s->session->session_id)
-			    || (0 != memcmp(buf + 1, s->session->session_id,
-			                    (unsigned int)s->session->session_id_length)))
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
-				return(-1);
-				}
-			}
-		}
-	s->state = SSL_ST_OK;
-	return(1);
-	}
-
-/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data)
-	{
-	STACK_OF(X509) *sk=NULL;
-	EVP_PKEY *pkey=NULL;
-	SESS_CERT *sc=NULL;
-	int i;
-	X509 *x509=NULL;
-	int ret=0;
-	
-	x509=d2i_X509(NULL,&data,(long)len);
-	if (x509 == NULL)
-		{
-		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
-		goto err;
-		}
-
-	if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509))
-		{
-		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	i=ssl_verify_cert_chain(s,sk);
-		
-	if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
-		{
-		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
-		goto err;
-		}
-	ERR_clear_error(); /* but we keep s->verify_result */
-	s->session->verify_result = s->verify_result;
-
-	/* server's cert for this session */
-	sc=ssl_sess_cert_new();
-	if (sc == NULL)
-		{
-		ret= -1;
-		goto err;
-		}
-	if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
-	s->session->sess_cert=sc;
-
-	sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509;
-	sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
-
-	pkey=X509_get_pubkey(x509);
-	x509=NULL;
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
-		goto err;
-		}
-	if (pkey->type != EVP_PKEY_RSA)
-		{
-		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
-		goto err;
-		}
-
-	if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE))
-		goto err;
-	ret=1;
-err:
-	sk_X509_free(sk);
-	X509_free(x509);
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-	     unsigned char *to, int padding)
-	{
-	EVP_PKEY *pkey=NULL;
-	int i= -1;
-
-	if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
-		((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL))
-		{
-		SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY);
-		return(-1);
-		}
-	if (pkey->type != EVP_PKEY_RSA)
-		{
-		SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-		goto end;
-		}
-
-	/* we have the public key */
-	i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding);
-	if (i < 0)
-		SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
-end:
-	EVP_PKEY_free(pkey);
-	return(i);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s2_enc.c b/crypto/openssl/ssl/s2_enc.c
deleted file mode 100644
index d3b144f1c52c..000000000000
--- a/crypto/openssl/ssl/s2_enc.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* ssl/s2_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include "cryptlib.h"
-
-int ssl2_enc_init(SSL *s, int client)
-	{
-	/* Max number of bytes needed */
-	EVP_CIPHER_CTX *rs,*ws;
-	const EVP_CIPHER *c;
-	const EVP_MD *md;
-	int num;
-
-	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
-		{
-		ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-		SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-		return(0);
-		}
-
-	s->read_hash=md;
-	s->write_hash=md;
-
-	if ((s->enc_read_ctx == NULL) &&
-		((s->enc_read_ctx=(EVP_CIPHER_CTX *)
-		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-		goto err;
-	if ((s->enc_write_ctx == NULL) &&
-		((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-		goto err;
-
-	rs= s->enc_read_ctx;
-	ws= s->enc_write_ctx;
-
-	EVP_CIPHER_CTX_init(rs);
-	EVP_CIPHER_CTX_init(ws);
-
-	num=c->key_len;
-	s->s2->key_material_length=num*2;
-	OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
-
-	if (ssl2_generate_key_material(s) <= 0)
-		return 0;
-
-	OPENSSL_assert(c->iv_len <= sizeof s->session->key_arg);
-	EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
-		s->session->key_arg);
-	EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
-		s->session->key_arg);
-	s->s2->read_key=  &(s->s2->key_material[(client)?0:num]);
-	s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
-	return(1);
-err:
-	SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-/* read/writes from s->s2->mac_data using length for encrypt and 
- * decrypt.  It sets s->s2->padding and s->[rw]length
- * if we are encrypting */
-void ssl2_enc(SSL *s, int send)
-	{
-	EVP_CIPHER_CTX *ds;
-	unsigned long l;
-	int bs;
-
-	if (send)
-		{
-		ds=s->enc_write_ctx;
-		l=s->s2->wlength;
-		}
-	else
-		{
-		ds=s->enc_read_ctx;
-		l=s->s2->rlength;
-		}
-
-	/* check for NULL cipher */
-	if (ds == NULL) return;
-
-
-	bs=ds->cipher->block_size;
-	/* This should be using (bs-1) and bs instead of 7 and 8, but
-	 * what the hell. */
-	if (bs == 8)
-		l=(l+7)/8*8;
-
-	EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
-	}
-
-void ssl2_mac(SSL *s, unsigned char *md, int send)
-	{
-	EVP_MD_CTX c;
-	unsigned char sequence[4],*p,*sec,*act;
-	unsigned long seq;
-	unsigned int len;
-
-	if (send)
-		{
-		seq=s->s2->write_sequence;
-		sec=s->s2->write_key;
-		len=s->s2->wact_data_length;
-		act=s->s2->wact_data;
-		}
-	else
-		{
-		seq=s->s2->read_sequence;
-		sec=s->s2->read_key;
-		len=s->s2->ract_data_length;
-		act=s->s2->ract_data;
-		}
-
-	p= &(sequence[0]);
-	l2n(seq,p);
-
-	/* There has to be a MAC algorithm. */
-	EVP_MD_CTX_init(&c);
-	EVP_DigestInit_ex(&c, s->read_hash, NULL);
-	EVP_DigestUpdate(&c,sec,
-		EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
-	EVP_DigestUpdate(&c,act,len); 
-	/* the above line also does the pad data */
-	EVP_DigestUpdate(&c,sequence,4); 
-	EVP_DigestFinal_ex(&c,md,NULL);
-	EVP_MD_CTX_cleanup(&c);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s2_lib.c b/crypto/openssl/ssl/s2_lib.c
deleted file mode 100644
index 910b9fe097d4..000000000000
--- a/crypto/openssl/ssl/s2_lib.c
+++ /dev/null
@@ -1,526 +0,0 @@
-/* ssl/s2_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include "cryptlib.h"
-
-static long ssl2_default_timeout(void );
-const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
-
-#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
-
-OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
-/* NULL_WITH_MD5 v3 */
-#if 0
-	{
-	1,
-	SSL2_TXT_NULL_WITH_MD5,
-	SSL2_CK_NULL_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
-	SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-#endif
-/* RC4_128_EXPORT40_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
-	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
-	SSL_EXPORT|SSL_EXP40,
-	SSL2_CF_5_BYTE_ENC,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* RC4_128_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_RC4_128_WITH_MD5,
-	SSL2_CK_RC4_128_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* RC2_128_CBC_EXPORT40_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
-	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
-	SSL_EXPORT|SSL_EXP40,
-	SSL2_CF_5_BYTE_ENC,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* RC2_128_CBC_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_RC2_128_CBC_WITH_MD5,
-	SSL2_CK_RC2_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* IDEA_128_CBC_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
-	SSL2_CK_IDEA_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* DES_64_CBC_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_DES_64_CBC_WITH_MD5,
-	SSL2_CK_DES_64_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* DES_192_EDE3_CBC_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
-	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* RC4_64_WITH_MD5 */
-#if 1
-	{
-	1,
-	SSL2_TXT_RC4_64_WITH_MD5,
-	SSL2_CK_RC4_64_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL2_CF_8_BYTE_ENC,
-	64,
-	64,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-#endif
-/* NULL SSLeay (testing) */
-#if 0
-	{	
-	0,
-	SSL2_TXT_NULL,
-	SSL2_CK_NULL,
-	0,
-	SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-#endif
-
-/* end of list :-) */
-	};
-
-static SSL_METHOD SSLv2_data= {
-	SSL2_VERSION,
-	ssl2_new,	/* local */
-	ssl2_clear,	/* local */
-	ssl2_free,	/* local */
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl2_read,
-	ssl2_peek,
-	ssl2_write,
-	ssl2_shutdown,
-	ssl_ok,	/* NULL - renegotiate */
-	ssl_ok,	/* NULL - check renegotiate */
-	ssl2_ctrl,	/* local */
-	ssl2_ctx_ctrl,	/* local */
-	ssl2_get_cipher_by_char,
-	ssl2_put_cipher_by_char,
-	ssl2_pending,
-	ssl2_num_ciphers,
-	ssl2_get_cipher,
-	ssl_bad_method,
-	ssl2_default_timeout,
-	&ssl3_undef_enc_method,
-	ssl_undefined_function,
-	ssl2_callback_ctrl,	/* local */
-	ssl2_ctx_callback_ctrl,	/* local */
-	};
-
-static long ssl2_default_timeout(void)
-	{
-	return(300);
-	}
-
-SSL_METHOD *sslv2_base_method(void)
-	{
-	return(&SSLv2_data);
-	}
-
-int ssl2_num_ciphers(void)
-	{
-	return(SSL2_NUM_CIPHERS);
-	}
-
-SSL_CIPHER *ssl2_get_cipher(unsigned int u)
-	{
-	if (u < SSL2_NUM_CIPHERS)
-		return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
-	else
-		return(NULL);
-	}
-
-int ssl2_pending(SSL *s)
-	{
-	return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
-	}
-
-int ssl2_new(SSL *s)
-	{
-	SSL2_STATE *s2;
-
-	if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
-	memset(s2,0,sizeof *s2);
-
-#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
-#  error "assertion failed"
-#endif
-
-	if ((s2->rbuf=OPENSSL_malloc(
-		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
-	/* wbuf needs one byte more because when using two-byte headers,
-	 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
-	if ((s2->wbuf=OPENSSL_malloc(
-		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err;
-	s->s2=s2;
-
-	ssl2_clear(s);
-	return(1);
-err:
-	if (s2 != NULL)
-		{
-		if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
-		if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
-		OPENSSL_free(s2);
-		}
-	return(0);
-	}
-
-void ssl2_free(SSL *s)
-	{
-	SSL2_STATE *s2;
-
-	if(s == NULL)
-	    return;
-
-	s2=s->s2;
-	if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
-	if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
-	OPENSSL_cleanse(s2,sizeof *s2);
-	OPENSSL_free(s2);
-	s->s2=NULL;
-	}
-
-void ssl2_clear(SSL *s)
-	{
-	SSL2_STATE *s2;
-	unsigned char *rbuf,*wbuf;
-
-	s2=s->s2;
-
-	rbuf=s2->rbuf;
-	wbuf=s2->wbuf;
-
-	memset(s2,0,sizeof *s2);
-
-	s2->rbuf=rbuf;
-	s2->wbuf=wbuf;
-	s2->clear_text=1;
-	s->packet=s2->rbuf;
-	s->version=SSL2_VERSION;
-	s->packet_length=0;
-	}
-
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
-	{
-	int ret=0;
-
-	switch(cmd)
-		{
-	case SSL_CTRL_GET_SESSION_REUSED:
-		ret=s->hit;
-		break;
-	default:
-		break;
-		}
-	return(ret);
-	}
-
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)())
-	{
-	return(0);
-	}
-
-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-	{
-	return(0);
-	}
-
-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
-	{
-	return(0);
-	}
-
-/* This function needs to check if the ciphers required are actually
- * available */
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
-	{
-	static int init=1;
-	static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
-	SSL_CIPHER c,*cp= &c,**cpp;
-	unsigned long id;
-	int i;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-
-		if (init)
-			{
-			for (i=0; i<SSL2_NUM_CIPHERS; i++)
-				sorted[i]= &(ssl2_ciphers[i]);
-
-			qsort((char *)sorted,
-				SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-				FP_ICC ssl_cipher_ptr_id_cmp);
-
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
-
-	id=0x02000000L|((unsigned long)p[0]<<16L)|
-		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
-	c.id=id;
-	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
-		(char *)sorted,
-		SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-		FP_ICC ssl_cipher_ptr_id_cmp);
-	if ((cpp == NULL) || !(*cpp)->valid)
-		return(NULL);
-	else
-		return(*cpp);
-	}
-
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-	{
-	long l;
-
-	if (p != NULL)
-		{
-		l=c->id;
-		if ((l & 0xff000000) != 0x02000000) return(0);
-		p[0]=((unsigned char)(l>>16L))&0xFF;
-		p[1]=((unsigned char)(l>> 8L))&0xFF;
-		p[2]=((unsigned char)(l     ))&0xFF;
-		}
-	return(3);
-	}
-
-int ssl2_generate_key_material(SSL *s)
-	{
-	unsigned int i;
-	EVP_MD_CTX ctx;
-	unsigned char *km;
-	unsigned char c='0';
-	const EVP_MD *md5;
-
-	md5 = EVP_md5();
-
-#ifdef CHARSET_EBCDIC
-	c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
-				see SSLv2 docu */
-#endif
-	EVP_MD_CTX_init(&ctx);
-	km=s->s2->key_material;
-
- 	if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key)
- 		{
- 		SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
- 		return 0;
- 		}
-
-	for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5))
-		{
-		if (((km - s->s2->key_material) + EVP_MD_size(md5)) > sizeof s->s2->key_material)
-			{
-			/* EVP_DigestFinal_ex() below would write beyond buffer */
-			SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
-			return 0;
-			}
-
-		EVP_DigestInit_ex(&ctx, md5, NULL);
-
-		OPENSSL_assert(s->session->master_key_length >= 0
-		    && s->session->master_key_length
-		    < sizeof s->session->master_key);
-		EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
-		EVP_DigestUpdate(&ctx,&c,1);
-		c++;
-		EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
-		EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
-		EVP_DigestFinal_ex(&ctx,km,NULL);
-		km += EVP_MD_size(md5);
-		}
-
-	EVP_MD_CTX_cleanup(&ctx);
-	return 1;
-	}
-
-void ssl2_return_error(SSL *s, int err)
-	{
-	if (!s->error)
-		{
-		s->error=3;
-		s->error_code=err;
-
-		ssl2_write_error(s);
-		}
-	}
-
-
-void ssl2_write_error(SSL *s)
-	{
-	unsigned char buf[3];
-	int i,error;
-
-	buf[0]=SSL2_MT_ERROR;
-	buf[1]=(s->error_code>>8)&0xff;
-	buf[2]=(s->error_code)&0xff;
-
-/*	state=s->rwstate;*/
-
-	error=s->error; /* number of bytes left to write */
-	s->error=0;
-	OPENSSL_assert(error >= 0 && error <= sizeof buf);
-	i=ssl2_write(s,&(buf[3-error]),error);
-
-/*	if (i == error) s->rwstate=state; */
-
-	if (i < 0)
-		s->error=error;
-	else
-		{
-		s->error=error-i;
-
-		if (s->error == 0)
-			if (s->msg_callback)
-				s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
-		}
-	}
-
-int ssl2_shutdown(SSL *s)
-	{
-	s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-	return(1);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s2_meth.c b/crypto/openssl/ssl/s2_meth.c
deleted file mode 100644
index 8b6cbd086e2a..000000000000
--- a/crypto/openssl/ssl/s2_meth.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* ssl/s2_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/objects.h>
-
-static SSL_METHOD *ssl2_get_method(int ver);
-static SSL_METHOD *ssl2_get_method(int ver)
-	{
-	if (ver == SSL2_VERSION)
-		return(SSLv2_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv2_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_data.ssl_connect=ssl2_connect;
-			SSLv2_data.ssl_accept=ssl2_accept;
-			SSLv2_data.get_ssl_method=ssl2_get_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_data);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s2_pkt.c b/crypto/openssl/ssl/s2_pkt.c
deleted file mode 100644
index d82f1376135e..000000000000
--- a/crypto/openssl/ssl/s2_pkt.c
+++ /dev/null
@@ -1,738 +0,0 @@
-/* ssl/s2_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#define USE_SOCKETS
-
-static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
-static int ssl_mt_error(int n);
-
-
-/* SSL 2.0 imlementation for SSL_read/SSL_peek -
- * This routine will return 0 to len bytes, decrypted etc if required.
- */
-static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
-	{
-	int n;
-	unsigned char mac[MAX_MAC_SIZE];
-	unsigned char *p;
-	int i;
-	unsigned int mac_size;
-
- ssl2_read_again:
-	if (SSL_in_init(s) && !s->in_handshake)
-		{
-		n=s->handshake_func(s);
-		if (n < 0) return(n);
-		if (n == 0)
-			{
-			SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		}
-
-	clear_sys_error();
-	s->rwstate=SSL_NOTHING;
-	if (len <= 0) return(len);
-
-	if (s->s2->ract_data_length != 0) /* read from buffer */
-		{
-		if (len > s->s2->ract_data_length)
-			n=s->s2->ract_data_length;
-		else
-			n=len;
-
-		memcpy(buf,s->s2->ract_data,(unsigned int)n);
-		if (!peek)
-			{
-			s->s2->ract_data_length-=n;
-			s->s2->ract_data+=n;
-			if (s->s2->ract_data_length == 0)
-				s->rstate=SSL_ST_READ_HEADER;
-			}
-
-		return(n);
-		}
-
-	/* s->s2->ract_data_length == 0
-	 * 
-	 * Fill the buffer, then goto ssl2_read_again.
-	 */
-
-	if (s->rstate == SSL_ST_READ_HEADER)
-		{
-		if (s->first_packet)
-			{
-			n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
-			if (n <= 0) return(n); /* error or non-blocking */
-			s->first_packet=0;
-			p=s->packet;
-			if (!((p[0] & 0x80) && (
-				(p[2] == SSL2_MT_CLIENT_HELLO) ||
-				(p[2] == SSL2_MT_SERVER_HELLO))))
-				{
-				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET);
-				return(-1);
-				}
-			}
-		else
-			{
-			n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
-			if (n <= 0) return(n); /* error or non-blocking */
-			}
-		/* part read stuff */
-
-		s->rstate=SSL_ST_READ_BODY;
-		p=s->packet;
-		/* Do header */
-		/*s->s2->padding=0;*/
-		s->s2->escape=0;
-		s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]);
-		if ((p[0] & TWO_BYTE_BIT))		/* Two byte header? */
-			{
-			s->s2->three_byte_header=0;
-			s->s2->rlength&=TWO_BYTE_MASK;	
-			}
-		else
-			{
-			s->s2->three_byte_header=1;
-			s->s2->rlength&=THREE_BYTE_MASK;
-
-			/* security >s2->escape */
-			s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0;
-			}
-		}
-
-	if (s->rstate == SSL_ST_READ_BODY)
-		{
-		n=s->s2->rlength+2+s->s2->three_byte_header;
-		if (n > (int)s->packet_length)
-			{
-			n-=s->packet_length;
-			i=read_n(s,(unsigned int)n,(unsigned int)n,1);
-			if (i <= 0) return(i); /* ERROR */
-			}
-
-		p= &(s->packet[2]);
-		s->rstate=SSL_ST_READ_HEADER;
-		if (s->s2->three_byte_header)
-			s->s2->padding= *(p++);
-		else	s->s2->padding=0;
-
-		/* Data portion */
-		if (s->s2->clear_text)
-			{
-			mac_size = 0;
-			s->s2->mac_data=p;
-			s->s2->ract_data=p;
-			if (s->s2->padding)
-				{
-				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING);
-				return(-1);
-				}
-			}
-		else
-			{
-			mac_size=EVP_MD_size(s->read_hash);
-			OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
-			s->s2->mac_data=p;
-			s->s2->ract_data= &p[mac_size];
-			if (s->s2->padding + mac_size > s->s2->rlength)
-				{
-				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING);
-				return(-1);
-				}
-			}
-
-		s->s2->ract_data_length=s->s2->rlength;
-		/* added a check for length > max_size in case
-		 * encryption was not turned on yet due to an error */
-		if ((!s->s2->clear_text) &&
-			(s->s2->rlength >= mac_size))
-			{
-			ssl2_enc(s,0);
-			s->s2->ract_data_length-=mac_size;
-			ssl2_mac(s,mac,0);
-			s->s2->ract_data_length-=s->s2->padding;
-			if (	(memcmp(mac,s->s2->mac_data,
-				(unsigned int)mac_size) != 0) ||
-				(s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
-				{
-				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
-				return(-1);
-				}
-			}
-		INC32(s->s2->read_sequence); /* expect next number */
-		/* s->s2->ract_data is now available for processing */
-
-		/* Possibly the packet that we just read had 0 actual data bytes.
-		 * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
-		 * In this case, returning 0 would be interpreted by the caller
-		 * as indicating EOF, so it's not a good idea.  Instead, we just
-		 * continue reading; thus ssl2_read_internal may have to process
-		 * multiple packets before it can return.
-		 *
-		 * [Note that using select() for blocking sockets *never* guarantees
-		 * that the next SSL_read will not block -- the available
-		 * data may contain incomplete packets, and except for SSL 2,
-		 * renegotiation can confuse things even more.] */
-
-		goto ssl2_read_again; /* This should really be
-		                       * "return ssl2_read(s,buf,len)",
-		                       * but that would allow for
-		                       * denial-of-service attacks if a
-		                       * C compiler is used that does not
-		                       * recognize end-recursion. */
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE);
-			return(-1);
-		}
-	}
-
-int ssl2_read(SSL *s, void *buf, int len)
-	{
-	return ssl2_read_internal(s, buf, len, 0);
-	}
-
-int ssl2_peek(SSL *s, void *buf, int len)
-	{
-	return ssl2_read_internal(s, buf, len, 1);
-	}
-
-static int read_n(SSL *s, unsigned int n, unsigned int max,
-	     unsigned int extend)
-	{
-	int i,off,newb;
-
-	/* if there is stuff still in the buffer from a previous read,
-	 * and there is more than we want, take some. */
-	if (s->s2->rbuf_left >= (int)n)
-		{
-		if (extend)
-			s->packet_length+=n;
-		else
-			{
-			s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]);
-			s->packet_length=n;
-			}
-		s->s2->rbuf_left-=n;
-		s->s2->rbuf_offs+=n;
-		return(n);
-		}
-
-	if (!s->read_ahead) max=n;
-	if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
-		max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
-	
-
-	/* Else we want more than we have.
-	 * First, if there is some left or we want to extend */
-	off=0;
-	if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend))
-		{
-		newb=s->s2->rbuf_left;
-		if (extend)
-			{
-			off=s->packet_length;
-			if (s->packet != s->s2->rbuf)
-				memcpy(s->s2->rbuf,s->packet,
-					(unsigned int)newb+off);
-			}
-		else if (s->s2->rbuf_offs != 0)
-			{
-			memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]),
-				(unsigned int)newb);
-			s->s2->rbuf_offs=0;
-			}
-		s->s2->rbuf_left=0;
-		}
-	else
-		newb=0;
-
-	/* off is the offset to start writing too.
-	 * r->s2->rbuf_offs is the 'unread data', now 0. 
-	 * newb is the number of new bytes so far
-	 */
-	s->packet=s->s2->rbuf;
-	while (newb < (int)n)
-		{
-		clear_sys_error();
-		if (s->rbio != NULL)
-			{
-			s->rwstate=SSL_READING;
-			i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]),
-				max-newb);
-			}
-		else
-			{
-			SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
-			i= -1;
-			}
-#ifdef PKT_DEBUG
-		if (s->debug & 0x01) sleep(1);
-#endif
-		if (i <= 0)
-			{
-			s->s2->rbuf_left+=newb;
-			return(i);
-			}
-		newb+=i;
-		}
-
-	/* record unread data */
-	if (newb > (int)n)
-		{
-		s->s2->rbuf_offs=n+off;
-		s->s2->rbuf_left=newb-n;
-		}
-	else
-		{
-		s->s2->rbuf_offs=0;
-		s->s2->rbuf_left=0;
-		}
-	if (extend)
-		s->packet_length+=n;
-	else
-		s->packet_length=n;
-	s->rwstate=SSL_NOTHING;
-	return(n);
-	}
-
-int ssl2_write(SSL *s, const void *_buf, int len)
-	{
-	const unsigned char *buf=_buf;
-	unsigned int n,tot;
-	int i;
-
-	if (SSL_in_init(s) && !s->in_handshake)
-		{
-		i=s->handshake_func(s);
-		if (i < 0) return(i);
-		if (i == 0)
-			{
-			SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		}
-
-	if (s->error)
-		{
-		ssl2_write_error(s);
-		if (s->error)
-			return(-1);
-		}
-
-	clear_sys_error();
-	s->rwstate=SSL_NOTHING;
-	if (len <= 0) return(len);
-
-	tot=s->s2->wnum;
-	s->s2->wnum=0;
-
-	n=(len-tot);
-	for (;;)
-		{
-		i=do_ssl_write(s,&(buf[tot]),n);
-		if (i <= 0)
-			{
-			s->s2->wnum=tot;
-			return(i);
-			}
-		if ((i == (int)n) ||
-			(s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))
-			{
-			return(tot+i);
-			}
-		
-		n-=i;
-		tot+=i;
-		}
-	}
-
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
-	{
-	int i;
-
-	/* s->s2->wpend_len != 0 MUST be true. */
-
-	/* check that they have given us the same buffer to
-	 * write */
-	if ((s->s2->wpend_tot > (int)len) ||
-		((s->s2->wpend_buf != buf) &&
-		 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)))
-		{
-		SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
-		return(-1);
-		}
-
-	for (;;)
-		{
-		clear_sys_error();
-		if (s->wbio != NULL)
-			{
-			s->rwstate=SSL_WRITING;
-			i=BIO_write(s->wbio,
-				(char *)&(s->s2->write_ptr[s->s2->wpend_off]),
-				(unsigned int)s->s2->wpend_len);
-			}
-		else
-			{
-			SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
-			i= -1;
-			}
-#ifdef PKT_DEBUG
-		if (s->debug & 0x01) sleep(1);
-#endif
-		if (i == s->s2->wpend_len)
-			{
-			s->s2->wpend_len=0;
-			s->rwstate=SSL_NOTHING;
-			return(s->s2->wpend_ret);
-			}
-		else if (i <= 0)
-			return(i);
-		s->s2->wpend_off+=i;
-		s->s2->wpend_len-=i;
-		}
-	}
-
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
-	{
-	unsigned int j,k,olen,p,mac_size,bs;
-	register unsigned char *pp;
-
-	olen=len;
-
-	/* first check if there is data from an encryption waiting to
-	 * be sent - it must be sent because the other end is waiting.
-	 * This will happen with non-blocking IO.  We print it and then
-	 * return.
-	 */
-	if (s->s2->wpend_len != 0) return(write_pending(s,buf,len));
-
-	/* set mac_size to mac size */
-	if (s->s2->clear_text)
-		mac_size=0;
-	else
-		mac_size=EVP_MD_size(s->write_hash);
-
-	/* lets set the pad p */
-	if (s->s2->clear_text)
-		{
-		if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-			len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-		p=0;
-		s->s2->three_byte_header=0;
-		/* len=len; */
-		}
-	else
-		{
-		bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
-		j=len+mac_size;
-		/* Two-byte headers allow for a larger record length than
-		 * three-byte headers, but we can't use them if we need
-		 * padding or if we have to set the escape bit. */
-		if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
-			(!s->s2->escape))
-			{
-			if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-				j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-			/* set k to the max number of bytes with 2
-			 * byte header */
-			k=j-(j%bs);
-			/* how many data bytes? */
-			len=k-mac_size; 
-			s->s2->three_byte_header=0;
-			p=0;
-			}
-		else if ((bs <= 1) && (!s->s2->escape))
-			{
-			/* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
-			 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
-			s->s2->three_byte_header=0;
-			p=0;
-			}
-		else /* we may have to use a 3 byte header */
-			{
-			/* If s->s2->escape is not set, then
-			 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
-			 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
-			p=(j%bs);
-			p=(p == 0)?0:(bs-p);
-			if (s->s2->escape)
-				{
-				s->s2->three_byte_header=1;
-				if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-					j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
-				}
-			else
-				s->s2->three_byte_header=(p == 0)?0:1;
-			}
-		}
-
-	/* Now
-	 *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
-	 * holds, and if s->s2->three_byte_header is set, then even
-	 *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
-	 */
-
-	/* mac_size is the number of MAC bytes
-	 * len is the number of data bytes we are going to send
-	 * p is the number of padding bytes
-	 * (if it is a two-byte header, then p == 0) */
-
-	s->s2->wlength=len;
-	s->s2->padding=p;
-	s->s2->mac_data= &(s->s2->wbuf[3]);
-	s->s2->wact_data= &(s->s2->wbuf[3+mac_size]);
-	/* we copy the data into s->s2->wbuf */
-	memcpy(s->s2->wact_data,buf,len);
-	if (p)
-		memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */
-
-	if (!s->s2->clear_text)
-		{
-		s->s2->wact_data_length=len+p;
-		ssl2_mac(s,s->s2->mac_data,1);
-		s->s2->wlength+=p+mac_size;
-		ssl2_enc(s,1);
-		}
-
-	/* package up the header */
-	s->s2->wpend_len=s->s2->wlength;
-	if (s->s2->three_byte_header) /* 3 byte header */
-		{
-		pp=s->s2->mac_data;
-		pp-=3;
-		pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8);
-		if (s->s2->escape) pp[0]|=SEC_ESC_BIT;
-		pp[1]=s->s2->wlength&0xff;
-		pp[2]=s->s2->padding;
-		s->s2->wpend_len+=3;
-		}
-	else
-		{
-		pp=s->s2->mac_data;
-		pp-=2;
-		pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT;
-		pp[1]=s->s2->wlength&0xff;
-		s->s2->wpend_len+=2;
-		}
-	s->s2->write_ptr=pp;
-	
-	INC32(s->s2->write_sequence); /* expect next number */
-
-	/* lets try to actually write the data */
-	s->s2->wpend_tot=olen;
-	s->s2->wpend_buf=buf;
-
-	s->s2->wpend_ret=len;
-
-	s->s2->wpend_off=0;
-	return(write_pending(s,buf,olen));
-	}
-
-int ssl2_part_read(SSL *s, unsigned long f, int i)
-	{
-	unsigned char *p;
-	int j;
-
-	if (i < 0)
-		{
-		/* ssl2_return_error(s); */
-		/* for non-blocking io,
-		 * this is not necessarily fatal */
-		return(i);
-		}
-	else
-		{
-		s->init_num+=i;
-
-		/* Check for error.  While there are recoverable errors,
-		 * this function is not called when those must be expected;
-		 * any error detected here is fatal. */
-		if (s->init_num >= 3)
-			{
-			p=(unsigned char *)s->init_buf->data;
-			if (p[0] == SSL2_MT_ERROR)
-				{
-				j=(p[1]<<8)|p[2];
-				SSLerr((int)f,ssl_mt_error(j));
-				s->init_num -= 3;
-				if (s->init_num > 0)
-					memmove(p, p+3, s->init_num);
-				}
-			}
-
-		/* If it's not an error message, we have some error anyway --
-		 * the message was shorter than expected.  This too is treated
-		 * as fatal (at least if SSL_get_error is asked for its opinion). */
-		return(0);
-		}
-	}
-
-int ssl2_do_write(SSL *s)
-	{
-	int ret;
-
-	ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num);
-	if (ret == s->init_num)
-		{
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
-		return(1);
-		}
-	if (ret < 0)
-		return(-1);
-	s->init_off+=ret;
-	s->init_num-=ret;
-	return(0);
-	}
-
-static int ssl_mt_error(int n)
-	{
-	int ret;
-
-	switch (n)
-		{
-	case SSL2_PE_NO_CIPHER:
-		ret=SSL_R_PEER_ERROR_NO_CIPHER;
-		break;
-	case SSL2_PE_NO_CERTIFICATE:
-		ret=SSL_R_PEER_ERROR_NO_CERTIFICATE;
-		break;
-	case SSL2_PE_BAD_CERTIFICATE:
-		ret=SSL_R_PEER_ERROR_CERTIFICATE;
-		break;
-	case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
-		ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
-		break;
-	default:
-		ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
-		break;
-		}
-	return(ret);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s2_srvr.c b/crypto/openssl/ssl/s2_srvr.c
deleted file mode 100644
index 62859a2d950e..000000000000
--- a/crypto/openssl/ssl/s2_srvr.c
+++ /dev/null
@@ -1,1157 +0,0 @@
-/* ssl/s2_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "cryptlib.h"
-
-static SSL_METHOD *ssl2_get_server_method(int ver);
-static int get_client_master_key(SSL *s);
-static int get_client_hello(SSL *s);
-static int server_hello(SSL *s); 
-static int get_client_finished(SSL *s);
-static int server_verify(SSL *s);
-static int server_finish(SSL *s);
-static int request_certificate(SSL *s);
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-	unsigned char *to,int padding);
-#define BREAK	break
-
-static SSL_METHOD *ssl2_get_server_method(int ver)
-	{
-	if (ver == SSL2_VERSION)
-		return(SSLv2_server_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv2_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_server_data.ssl_accept=ssl2_accept;
-			SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_server_data);
-	}
-
-int ssl2_accept(SSL *s)
-	{
-	unsigned long l=time(NULL);
-	BUF_MEM *buf=NULL;
-	int ret= -1;
-	long num1;
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	int new_state,state;
-
-	RAND_add(&l,sizeof(l),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-
-	/* init things to blank */
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-
-	if (s->cert == NULL)
-		{
-		SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
-		return(-1);
-		}
-
-	clear_sys_error();
-	for (;;)
-		{
-		state=s->state;
-
-		switch (s->state)
-			{
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server=1;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			s->version=SSL2_VERSION;
-			s->type=SSL_ST_ACCEPT;
-
-			buf=s->init_buf;
-			if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
-				{ ret= -1; goto end; }
-			if (!BUF_MEM_grow(buf,(int)
-				SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-				{ ret= -1; goto end; }
-			s->init_buf=buf;
-			s->init_num=0;
-			s->ctx->stats.sess_accept++;
-			s->handshake_func=ssl2_accept;
-			s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-			BREAK;
-
-		case SSL2_ST_GET_CLIENT_HELLO_A:
-		case SSL2_ST_GET_CLIENT_HELLO_B:
-		case SSL2_ST_GET_CLIENT_HELLO_C:
-			s->shutdown=0;
-			ret=get_client_hello(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_SEND_SERVER_HELLO_A;
-			BREAK;
-
-		case SSL2_ST_SEND_SERVER_HELLO_A:
-		case SSL2_ST_SEND_SERVER_HELLO_B:
-			ret=server_hello(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			if (!s->hit)
-				{
-				s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A;
-				BREAK;
-				}
-			else
-				{
-				s->state=SSL2_ST_SERVER_START_ENCRYPTION;
-				BREAK;
-				}
-		case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
-		case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
-			ret=get_client_master_key(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_SERVER_START_ENCRYPTION;
-			BREAK;
-
-		case SSL2_ST_SERVER_START_ENCRYPTION:
-			/* Ok we how have sent all the stuff needed to
-			 * start encrypting, the next packet back will
-			 * be encrypted. */
-			if (!ssl2_enc_init(s,0))
-				{ ret= -1; goto end; }
-			s->s2->clear_text=0;
-			s->state=SSL2_ST_SEND_SERVER_VERIFY_A;
-			BREAK;
-
-		case SSL2_ST_SEND_SERVER_VERIFY_A:
-		case SSL2_ST_SEND_SERVER_VERIFY_B:
-			ret=server_verify(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			if (s->hit)
-				{
-				/* If we are in here, we have been
-				 * buffering the output, so we need to
-				 * flush it and remove buffering from
-				 * future traffic */
-				s->state=SSL2_ST_SEND_SERVER_VERIFY_C;
-				BREAK;
-				}
-			else
-				{
-				s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
-				break;
-				}
-
- 		case SSL2_ST_SEND_SERVER_VERIFY_C:
- 			/* get the number of bytes to write */
- 			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
- 			if (num1 != 0)
- 				{
-				s->rwstate=SSL_WRITING;
- 				num1=BIO_flush(s->wbio);
- 				if (num1 <= 0) { ret= -1; goto end; }
-				s->rwstate=SSL_NOTHING;
-				}
-
- 			/* flushed and now remove buffering */
- 			s->wbio=BIO_pop(s->wbio);
-
- 			s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
-  			BREAK;
-
-		case SSL2_ST_GET_CLIENT_FINISHED_A:
-		case SSL2_ST_GET_CLIENT_FINISHED_B:
-			ret=get_client_finished(s);
-			if (ret <= 0)
-				goto end;
-			s->init_num=0;
-			s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
-			BREAK;
-
-		case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
-		case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
-		case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
-		case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
-			/* don't do a 'request certificate' if we
-			 * don't want to, or we already have one, and
-			 * we only want to do it once. */
-			if (!(s->verify_mode & SSL_VERIFY_PEER) ||
-				((s->session->peer != NULL) &&
-				(s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
-				{
-				s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
-				break;
-				}
-			else
-				{
-				ret=request_certificate(s);
-				if (ret <= 0) goto end;
-				s->init_num=0;
-				s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
-				}
-			BREAK;
-
-		case SSL2_ST_SEND_SERVER_FINISHED_A:
-		case SSL2_ST_SEND_SERVER_FINISHED_B:
-			ret=server_finish(s);
-			if (ret <= 0) goto end;
-			s->init_num=0;
-			s->state=SSL_ST_OK;
-			break;
-
-		case SSL_ST_OK:
-			BUF_MEM_free(s->init_buf);
-			ssl_free_wbio_buffer(s);
-			s->init_buf=NULL;
-			s->init_num=0;
-		/*	ERR_clear_error();*/
-
-			ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
-
-			s->ctx->stats.sess_accept_good++;
-			/* s->server=1; */
-			ret=1;
-
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
-			goto end;
-			/* BREAK; */
-
-		default:
-			SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
-			ret= -1;
-			goto end;
-			/* BREAK; */
-			}
-		
-		if ((cb != NULL) && (s->state != state))
-			{
-			new_state=s->state;
-			s->state=state;
-			cb(s,SSL_CB_ACCEPT_LOOP,1);
-			s->state=new_state;
-			}
-		}
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s,SSL_CB_ACCEPT_EXIT,ret);
-	return(ret);
-	}
-
-static int get_client_master_key(SSL *s)
-	{
-	int is_export,i,n,keya,ek;
-	unsigned long len;
-	unsigned char *p;
-	SSL_CIPHER *cp;
-	const EVP_CIPHER *c;
-	const EVP_MD *md;
-
-	p=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
-		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
-
-		if (i < (10-s->init_num))
-			return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
-		s->init_num = 10;
-
-		if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY)
-			{
-			if (p[-1] != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
-			return(-1);
-			}
-
-		cp=ssl2_get_cipher_by_char(p);
-		if (cp == NULL)
-			{
-			ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-			SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
-			return(-1);
-			}
-		s->session->cipher= cp;
-
-		p+=3;
-		n2s(p,i); s->s2->tmp.clear=i;
-		n2s(p,i); s->s2->tmp.enc=i;
-		n2s(p,i); s->session->key_arg_length=i;
-		if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
-			return -1;
-			}
-		s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
-		}
-
-	/* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
-	p=(unsigned char *)s->init_buf->data;
-	if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-	keya=s->session->key_arg_length;
-	len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
-	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
-		return -1;
-		}
-	n = (int)len - s->init_num;
-	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-	if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
-	p += 10;
-
-	memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
-		(unsigned int)keya);
-
-	if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
-		return(-1);
-		}
-	i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
-		&(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
-		(s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
-
-	is_export=SSL_C_IS_EXPORT(s->session->cipher);
-	
-	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
-		{
-		ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-		return(0);
-		}
-
-	if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
-		{
-		is_export=1;
-		ek=8;
-		}
-	else
-		ek=5;
-
-	/* bad decrypt */
-#if 1
-	/* If a bad decrypt, continue with protocol but with a
-	 * random master secret (Bleichenbacher attack) */
-	if ((i < 0) ||
-		((!is_export && (i != EVP_CIPHER_key_length(c)))
-		|| (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i !=
-			(unsigned int)EVP_CIPHER_key_length(c))))))
-		{
-		ERR_clear_error();
-		if (is_export)
-			i=ek;
-		else
-			i=EVP_CIPHER_key_length(c);
-		RAND_pseudo_bytes(p,i);
-		}
-#else
-	if (i < 0)
-		{
-		error=1;
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT);
-		}
-	/* incorrect number of key bytes for non export cipher */
-	else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
-		|| (is_export && ((i != ek) || (s->s2->tmp.clear+i !=
-			EVP_CIPHER_key_length(c)))))
-		{
-		error=1;
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS);
-		}
-	if (error)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		return(-1);
-		}
-#endif
-
-	if (is_export) i+=s->s2->tmp.clear;
-
-	if (i > SSL_MAX_MASTER_KEY_LENGTH)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-	s->session->master_key_length=i;
-	memcpy(s->session->master_key,p,(unsigned int)i);
-	return(1);
-	}
-
-static int get_client_hello(SSL *s)
-	{
-	int i,n;
-	unsigned long len;
-	unsigned char *p;
-	STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
-	STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
-	STACK_OF(SSL_CIPHER) *prio, *allow;
-	int z;
-
-	/* This is a bit of a hack to check for the correct packet
-	 * type the first time round. */
-	if (s->state == SSL2_ST_GET_CLIENT_HELLO_A)
-		{
-		s->first_packet=1;
-		s->state=SSL2_ST_GET_CLIENT_HELLO_B;
-		}
-
-	p=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_GET_CLIENT_HELLO_B)
-		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num);
-		if (i < (9-s->init_num)) 
-			return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
-		s->init_num = 9;
-	
-		if (*(p++) != SSL2_MT_CLIENT_HELLO)
-			{
-			if (p[-1] != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR);
-			return(-1);
-			}
-		n2s(p,i);
-		if (i < s->version) s->version=i;
-		n2s(p,i); s->s2->tmp.cipher_spec_length=i;
-		n2s(p,i); s->s2->tmp.session_id_length=i;
-		n2s(p,i); s->s2->challenge_length=i;
-		if (	(i < SSL2_MIN_CHALLENGE_LENGTH) ||
-			(i > SSL2_MAX_CHALLENGE_LENGTH))
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
-			return(-1);
-			}
-		s->state=SSL2_ST_GET_CLIENT_HELLO_C;
-		}
-
-	/* SSL2_ST_GET_CLIENT_HELLO_C */
-	p=(unsigned char *)s->init_buf->data;
-	len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
-	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
-		return -1;
-		}
-	n = (int)len - s->init_num;
-	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-	if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
-	p += 9;
-
-	/* get session-id before cipher stuff so we can get out session
-	 * structure if it is cached */
-	/* session-id */
-	if ((s->s2->tmp.session_id_length != 0) && 
-		(s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH))
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH);
-		return(-1);
-		}
-
-	if (s->s2->tmp.session_id_length == 0)
-		{
-		if (!ssl_get_new_session(s,1))
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			return(-1);
-			}
-		}
-	else
-		{
-		i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
-			s->s2->tmp.session_id_length);
-		if (i == 1)
-			{ /* previous session */
-			s->hit=1;
-			}
-		else if (i == -1)
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			return(-1);
-			}
-		else
-			{
-			if (s->cert == NULL)
-				{
-				ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
-				SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
-				return(-1);
-				}
-
-			if (!ssl_get_new_session(s,1))
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				return(-1);
-				}
-			}
-		}
-
-	if (!s->hit)
-		{
-		cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length,
-			&s->session->ciphers);
-		if (cs == NULL) goto mem_err;
-
-		cl=SSL_get_ciphers(s);
-
-		if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-		    {
-		    prio=sk_SSL_CIPHER_dup(cl);
-		    if (prio == NULL) goto mem_err;
-		    allow = cs;
-		    }
-		else
-		    {
-		    prio = cs;
-		    allow = cl;
-		    }
-		for (z=0; z<sk_SSL_CIPHER_num(prio); z++)
-			{
-			if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
-				{
-				sk_SSL_CIPHER_delete(prio,z);
-				z--;
-				}
-			}
-		if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-		    {
-		    sk_SSL_CIPHER_free(s->session->ciphers);
-		    s->session->ciphers = prio;
-		    }
-		/* s->session->ciphers should now have a list of
-		 * ciphers that are on both the client and server.
-		 * This list is ordered by the order the client sent
-		 * the ciphers or in the order of the server's preference
-		 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
-		 */
-		}
-	p+=s->s2->tmp.cipher_spec_length;
-	/* done cipher selection */
-
-	/* session id extracted already */
-	p+=s->s2->tmp.session_id_length;
-
-	/* challenge */
-	if (s->s2->challenge_length > sizeof s->s2->challenge)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-	memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
-	return(1);
-mem_err:
-	SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-static int server_hello(SSL *s)
-	{
-	unsigned char *p,*d;
-	int n,hit;
-	STACK_OF(SSL_CIPHER) *sk;
-
-	p=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
-		{
-		d=p+11;
-		*(p++)=SSL2_MT_SERVER_HELLO;		/* type */
-		hit=s->hit;
-		*(p++)=(unsigned char)hit;
-#if 1
-		if (!hit)
-			{
-			if (s->session->sess_cert != NULL)
-				/* This can't really happen because get_client_hello
-				 * has called ssl_get_new_session, which does not set
-				 * sess_cert. */
-				ssl_sess_cert_free(s->session->sess_cert);
-			s->session->sess_cert = ssl_sess_cert_new();
-			if (s->session->sess_cert == NULL)
-				{
-				SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
-				return(-1);
-				}
-			}
-		/* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
-		 * depending on whether it survived in the internal cache
-		 * or was retrieved from an external cache.
-		 * If it is NULL, we cannot put any useful data in it anyway,
-		 * so we don't touch it.
-		 */
-
-#else /* That's what used to be done when cert_st and sess_cert_st were
-	   * the same. */
-		if (!hit)
-			{			/* else add cert to session */
-			CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
-			if (s->session->sess_cert != NULL)
-				ssl_cert_free(s->session->sess_cert);
-			s->session->sess_cert=s->cert;		
-			}
-		else	/* We have a session id-cache hit, if the
-			 * session-id has no certificate listed against
-			 * the 'cert' structure, grab the 'old' one
-			 * listed against the SSL connection */
-			{
-			if (s->session->sess_cert == NULL)
-				{
-				CRYPTO_add(&s->cert->references,1,
-					CRYPTO_LOCK_SSL_CERT);
-				s->session->sess_cert=s->cert;
-				}
-			}
-#endif
-
-		if (s->cert == NULL)
-			{
-			ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
-			SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED);
-			return(-1);
-			}
-
-		if (hit)
-			{
-			*(p++)=0;		/* no certificate type */
-			s2n(s->version,p);	/* version */
-			s2n(0,p);		/* cert len */
-			s2n(0,p);		/* ciphers len */
-			}
-		else
-			{
-			/* EAY EAY */
-			/* put certificate type */
-			*(p++)=SSL2_CT_X509_CERTIFICATE;
-			s2n(s->version,p);	/* version */
-			n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
-			s2n(n,p);		/* certificate length */
-			i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d);
-			n=0;
-			
-			/* lets send out the ciphers we like in the
-			 * prefered order */
-			sk= s->session->ciphers;
-			n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d);
-			d+=n;
-			s2n(n,p);		/* add cipher length */
-			}
-
-		/* make and send conn_id */
-		s2n(SSL2_CONNECTION_ID_LENGTH,p);	/* add conn_id length */
-		s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
-		RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
-		memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
-		d+=SSL2_CONNECTION_ID_LENGTH;
-
-		s->state=SSL2_ST_SEND_SERVER_HELLO_B;
-		s->init_num=d-(unsigned char *)s->init_buf->data;
-		s->init_off=0;
-		}
-	/* SSL2_ST_SEND_SERVER_HELLO_B */
- 	/* If we are using TCP/IP, the performance is bad if we do 2
- 	 * writes without a read between them.  This occurs when
- 	 * Session-id reuse is used, so I will put in a buffering module
- 	 */
- 	if (s->hit)
- 		{
-		if (!ssl_init_wbio_buffer(s,1)) return(-1);
- 		}
- 
-	return(ssl2_do_write(s));
-	}
-
-static int get_client_finished(SSL *s)
-	{
-	unsigned char *p;
-	int i, n;
-	unsigned long len;
-
-	p=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
-		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
-		if (i < 1-s->init_num)
-			return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-		s->init_num += i;
-
-		if (*p != SSL2_MT_CLIENT_FINISHED)
-			{
-			if (*p != SSL2_MT_ERROR)
-				{
-				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-				SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
-				}
-			else
-				{
-				SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
-				/* try to read the error message */
-				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-				}
-			return(-1);
-			}
-		s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
-		}
-
-	/* SSL2_ST_GET_CLIENT_FINISHED_B */
-	if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-	len = 1 + (unsigned long)s->s2->conn_id_length;
-	n = (int)len - s->init_num;
-	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-	if (i < n)
-		{
-		return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-		}
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
-	p += 1;
-	if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0)
-		{
-		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-		SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
-		return(-1);
-		}
-	return(1);
-	}
-
-static int server_verify(SSL *s)
-	{
-	unsigned char *p;
-
-	if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL2_MT_SERVER_VERIFY;
-		if (s->s2->challenge_length > sizeof s->s2->challenge)
-			{
-			SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
-		/* p+=s->s2->challenge_length; */
-
-		s->state=SSL2_ST_SEND_SERVER_VERIFY_B;
-		s->init_num=s->s2->challenge_length+1;
-		s->init_off=0;
-		}
-	return(ssl2_do_write(s));
-	}
-
-static int server_finish(SSL *s)
-	{
-	unsigned char *p;
-
-	if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL2_MT_SERVER_FINISHED;
-
-		if (s->session->session_id_length > sizeof s->session->session_id)
-			{
-			SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length);
-		/* p+=s->session->session_id_length; */
-
-		s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
-		s->init_num=s->session->session_id_length+1;
-		s->init_off=0;
-		}
-
-	/* SSL2_ST_SEND_SERVER_FINISHED_B */
-	return(ssl2_do_write(s));
-	}
-
-/* send the request and check the response */
-static int request_certificate(SSL *s)
-	{
-	unsigned char *p,*p2,*buf2;
-	unsigned char *ccd;
-	int i,j,ctype,ret= -1;
-	unsigned long len;
-	X509 *x509=NULL;
-	STACK_OF(X509) *sk=NULL;
-
-	ccd=s->s2->tmp.ccl;
-	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL2_MT_REQUEST_CERTIFICATE;
-		*(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
-		RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
-		memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
-
-		s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
-		s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2;
-		s->init_off=0;
-		}
-
-	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B)
-		{
-		i=ssl2_do_write(s);
-		if (i <= 0)
-			{
-			ret=i;
-			goto end;
-			}
-
-		s->init_num=0;
-		s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
-		}
-
-	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */
-		if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
-		                        * (probably NO-CERTIFICATE-ERROR) */
-			{
-			ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
-			goto end;
-			}
-		s->init_num += i;
-
-		if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR))
-			{
-			n2s(p,i);
-			if (i != SSL2_PE_NO_CERTIFICATE)
-				{
-				/* not the error message we expected -- let ssl2_part_read handle it */
-				s->init_num -= 3;
-				ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3);
-				goto end;
-				}
-
-			if (s->msg_callback)
-				s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
-
-			/* this is the one place where we can recover from an SSL 2.0 error */
-
-			if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
-				{
-				ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-				SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-				goto end;
-				}
-			ret=1;
-			goto end;
-			}
-		if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6))
-			{
-			ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-			SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
-			goto end;
-			}
-		if (s->init_num != 6)
-			{
-			SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-			goto end;
-			}
-		
-		/* ok we have a response */
-		/* certificate type, there is only one right now. */
-		ctype= *(p++);
-		if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
-			{
-			ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-			SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
-			goto end;
-			}
-		n2s(p,i); s->s2->tmp.clen=i;
-		n2s(p,i); s->s2->tmp.rlen=i;
-		s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
-		}
-
-	/* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
-	p=(unsigned char *)s->init_buf->data;
-	len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
-	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-		{
-		SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG);
-		goto end;
-		}
-	j = (int)len - s->init_num;
-	i = ssl2_read(s,(char *)&(p[s->init_num]),j);
-	if (i < j) 
-		{
-		ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
-		goto end;
-		}
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
-	p += 6;
-
-	x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen);
-	if (x509 == NULL)
-		{
-		SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
-		goto msg_end;
-		}
-
-	if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509)))
-		{
-		SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		goto msg_end;
-		}
-
-	i=ssl_verify_cert_chain(s,sk);
-
-	if (i)	/* we like the packet, now check the chksum */
-		{
-		EVP_MD_CTX ctx;
-		EVP_PKEY *pkey=NULL;
-
-		EVP_MD_CTX_init(&ctx);
-		EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
-		EVP_VerifyUpdate(&ctx,s->s2->key_material,
-				 s->s2->key_material_length);
-		EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
-
-		i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
-		buf2=OPENSSL_malloc((unsigned int)i);
-		if (buf2 == NULL)
-			{
-			SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-			goto msg_end;
-			}
-		p2=buf2;
-		i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
-		EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
-		OPENSSL_free(buf2);
-
-		pkey=X509_get_pubkey(x509);
-		if (pkey == NULL) goto end;
-		i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey);
-		EVP_PKEY_free(pkey);
-		EVP_MD_CTX_cleanup(&ctx);
-
-		if (i) 
-			{
-			if (s->session->peer != NULL)
-				X509_free(s->session->peer);
-			s->session->peer=x509;
-			CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-			s->session->verify_result = s->verify_result;
-			ret=1;
-			goto end;
-			}
-		else
-			{
-			SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
-			goto msg_end;
-			}
-		}
-	else
-		{
-msg_end:
-		ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-		}
-end:
-	sk_X509_free(sk);
-	X509_free(x509);
-	return(ret);
-	}
-
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-	     unsigned char *to, int padding)
-	{
-	RSA *rsa;
-	int i;
-
-	if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL))
-		{
-		SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
-		return(-1);
-		}
-	if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA)
-		{
-		SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-		return(-1);
-		}
-	rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
-
-	/* we have the public key */
-	i=RSA_private_decrypt(len,from,to,rsa,padding);
-	if (i < 0)
-		SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
-	return(i);
-	}
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/openssl/ssl/s3_both.c b/crypto/openssl/ssl/s3_both.c
deleted file mode 100644
index 64d317b7ac35..000000000000
--- a/crypto/openssl/ssl/s3_both.c
+++ /dev/null
@@ -1,635 +0,0 @@
-/* ssl/s3_both.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <string.h>
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
-int ssl3_do_write(SSL *s, int type)
-	{
-	int ret;
-
-	ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
-	                     s->init_num);
-	if (ret < 0) return(-1);
-	if (type == SSL3_RT_HANDSHAKE)
-		/* should not be done for 'Hello Request's, but in that case
-		 * we'll ignore the result anyway */
-		ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
-	
-	if (ret == s->init_num)
-		{
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
-		return(1);
-		}
-	s->init_off+=ret;
-	s->init_num-=ret;
-	return(0);
-	}
-
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
-	{
-	unsigned char *p,*d;
-	int i;
-	unsigned long l;
-
-	if (s->state == a)
-		{
-		d=(unsigned char *)s->init_buf->data;
-		p= &(d[4]);
-
-		i=s->method->ssl3_enc->final_finish_mac(s,
-			&(s->s3->finish_dgst1),
-			&(s->s3->finish_dgst2),
-			sender,slen,s->s3->tmp.finish_md);
-		s->s3->tmp.finish_md_len = i;
-		memcpy(p, s->s3->tmp.finish_md, i);
-		p+=i;
-		l=i;
-
-#ifdef OPENSSL_SYS_WIN16
-		/* MSVC 1.5 does not clear the top bytes of the word unless
-		 * I do this.
-		 */
-		l&=0xffff;
-#endif
-
-		*(d++)=SSL3_MT_FINISHED;
-		l2n3(l,d);
-		s->init_num=(int)l+4;
-		s->init_off=0;
-
-		s->state=b;
-		}
-
-	/* SSL3_ST_SEND_xxxxxx_HELLO_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
-
-int ssl3_get_finished(SSL *s, int a, int b)
-	{
-	int al,i,ok;
-	long n;
-	unsigned char *p;
-
-	/* the mac has already been generated when we received the
-	 * change cipher spec message and is in s->s3->tmp.peer_finish_md
-	 */ 
-
-	n=ssl3_get_message(s,
-		a,
-		b,
-		SSL3_MT_FINISHED,
-		64, /* should actually be 36+4 :-) */
-		&ok);
-
-	if (!ok) return((int)n);
-
-	/* If this occurs, we have missed a message */
-	if (!s->s3->change_cipher_spec)
-		{
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
-		goto f_err;
-		}
-	s->s3->change_cipher_spec=0;
-
-	p = (unsigned char *)s->init_msg;
-	i = s->s3->tmp.peer_finish_md_len;
-
-	if (i != n)
-		{
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
-		goto f_err;
-		}
-
-	if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
-		{
-		al=SSL_AD_DECRYPT_ERROR;
-		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
-		goto f_err;
-		}
-
-	return(1);
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-	return(0);
-	}
-
-/* for these 2 messages, we need to
- * ssl->enc_read_ctx			re-init
- * ssl->s3->read_sequence		zero
- * ssl->s3->read_mac_secret		re-init
- * ssl->session->read_sym_enc		assign
- * ssl->session->read_compression	assign
- * ssl->session->read_hash		assign
- */
-int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
-	{ 
-	unsigned char *p;
-
-	if (s->state == a)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*p=SSL3_MT_CCS;
-		s->init_num=1;
-		s->init_off=0;
-
-		s->state=b;
-		}
-
-	/* SSL3_ST_CW_CHANGE_B */
-	return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
-	}
-
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
-	{
-	unsigned char *p;
-	int n,i;
-	unsigned long l=7;
-	BUF_MEM *buf;
-	X509_STORE_CTX xs_ctx;
-	X509_OBJECT obj;
-
-	int no_chain;
-
-	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
-		no_chain = 1;
-	else
-		no_chain = 0;
-
-	/* TLSv1 sends a chain with nothing in it, instead of an alert */
-	buf=s->init_buf;
-	if (!BUF_MEM_grow_clean(buf,10))
-		{
-		SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
-		return(0);
-		}
-	if (x != NULL)
-		{
-		if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
-			{
-			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
-			return(0);
-			}
-
-		for (;;)
-			{
-			n=i2d_X509(x,NULL);
-			if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
-				{
-				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
-				return(0);
-				}
-			p=(unsigned char *)&(buf->data[l]);
-			l2n3(n,p);
-			i2d_X509(x,&p);
-			l+=n+3;
-
-			if (no_chain)
-				break;
-
-			if (X509_NAME_cmp(X509_get_subject_name(x),
-				X509_get_issuer_name(x)) == 0) break;
-
-			i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
-				X509_get_issuer_name(x),&obj);
-			if (i <= 0) break;
-			x=obj.data.x509;
-			/* Count is one too high since the X509_STORE_get uped the
-			 * ref count */
-			X509_free(x);
-			}
-		if (!no_chain)
-			X509_STORE_CTX_cleanup(&xs_ctx);
-		}
-
-	/* Thawte special :-) */
-	if (s->ctx->extra_certs != NULL)
-	for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
-		{
-		x=sk_X509_value(s->ctx->extra_certs,i);
-		n=i2d_X509(x,NULL);
-		if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
-			{
-			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
-			return(0);
-			}
-		p=(unsigned char *)&(buf->data[l]);
-		l2n3(n,p);
-		i2d_X509(x,&p);
-		l+=n+3;
-		}
-
-	l-=7;
-	p=(unsigned char *)&(buf->data[4]);
-	l2n3(l,p);
-	l+=3;
-	p=(unsigned char *)&(buf->data[0]);
-	*(p++)=SSL3_MT_CERTIFICATE;
-	l2n3(l,p);
-	l+=4;
-	return(l);
-	}
-
-/* Obtain handshake message of message type 'mt' (any if mt == -1),
- * maximum acceptable body length 'max'.
- * The first four bytes (msg_type and length) are read in state 'st1',
- * the body is read in state 'stn'.
- */
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-	{
-	unsigned char *p;
-	unsigned long l;
-	long n;
-	int i,al;
-
-	if (s->s3->tmp.reuse_message)
-		{
-		s->s3->tmp.reuse_message=0;
-		if ((mt >= 0) && (s->s3->tmp.message_type != mt))
-			{
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-			}
-		*ok=1;
-		s->init_msg = s->init_buf->data + 4;
-		s->init_num = (int)s->s3->tmp.message_size;
-		return s->init_num;
-		}
-
-	p=(unsigned char *)s->init_buf->data;
-
-	if (s->state == st1) /* s->init_num < 4 */
-		{
-		int skip_message;
-
-		do
-			{
-			while (s->init_num < 4)
-				{
-				i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
-					4 - s->init_num, 0);
-				if (i <= 0)
-					{
-					s->rwstate=SSL_READING;
-					*ok = 0;
-					return i;
-					}
-				s->init_num+=i;
-				}
-			
-			skip_message = 0;
-			if (!s->server)
-				if (p[0] == SSL3_MT_HELLO_REQUEST)
-					/* The server may always send 'Hello Request' messages --
-					 * we are doing a handshake anyway now, so ignore them
-					 * if their format is correct. Does not count for
-					 * 'Finished' MAC. */
-					if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
-						{
-						s->init_num = 0;
-						skip_message = 1;
-
-						if (s->msg_callback)
-							s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg);
-						}
-			}
-		while (skip_message);
-
-		/* s->init_num == 4 */
-
-		if ((mt >= 0) && (*p != mt))
-			{
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-			}
-		if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
-					(st1 == SSL3_ST_SR_CERT_A) &&
-					(stn == SSL3_ST_SR_CERT_B))
-			{
-			/* At this point we have got an MS SGC second client
-			 * hello (maybe we should always allow the client to
-			 * start a new handshake?). We need to restart the mac.
-			 * Don't increment {num,total}_renegotiations because
-			 * we have not completed the handshake. */
-			ssl3_init_finished_mac(s);
-			}
-
-		s->s3->tmp.message_type= *(p++);
-
-		n2l3(p,l);
-		if (l > (unsigned long)max)
-			{
-			al=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
-			goto f_err;
-			}
-		if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */
-			{
-			al=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
-			goto f_err;
-			}
-		if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))
-			{
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
-			goto err;
-			}
-		s->s3->tmp.message_size=l;
-		s->state=stn;
-
-		s->init_msg = s->init_buf->data + 4;
-		s->init_num = 0;
-		}
-
-	/* next state (stn) */
-	p = s->init_msg;
-	n = s->s3->tmp.message_size - s->init_num;
-	while (n > 0)
-		{
-		i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
-		if (i <= 0)
-			{
-			s->rwstate=SSL_READING;
-			*ok = 0;
-			return i;
-			}
-		s->init_num += i;
-		n -= i;
-		}
-	ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);
-	*ok=1;
-	return s->init_num;
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	*ok=0;
-	return(-1);
-	}
-
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
-	{
-	EVP_PKEY *pk;
-	int ret= -1,i,j;
-
-	if (pkey == NULL)
-		pk=X509_get_pubkey(x);
-	else
-		pk=pkey;
-	if (pk == NULL) goto err;
-
-	i=pk->type;
-	if (i == EVP_PKEY_RSA)
-		{
-		ret=SSL_PKEY_RSA_ENC;
-		if (x != NULL)
-			{
-			j=X509_get_ext_count(x);
-			/* check to see if this is a signing only certificate */
-			/* EAY EAY EAY EAY */
-			}
-		}
-	else if (i == EVP_PKEY_DSA)
-		{
-		ret=SSL_PKEY_DSA_SIGN;
-		}
-	else if (i == EVP_PKEY_DH)
-		{
-		/* if we just have a key, we needs to be guess */
-
-		if (x == NULL)
-			ret=SSL_PKEY_DH_DSA;
-		else
-			{
-			j=X509_get_signature_type(x);
-			if (j == EVP_PKEY_RSA)
-				ret=SSL_PKEY_DH_RSA;
-			else if (j== EVP_PKEY_DSA)
-				ret=SSL_PKEY_DH_DSA;
-			else ret= -1;
-			}
-		}
-	else
-		ret= -1;
-
-err:
-	if(!pkey) EVP_PKEY_free(pk);
-	return(ret);
-	}
-
-int ssl_verify_alarm_type(long type)
-	{
-	int al;
-
-	switch(type)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-	case X509_V_ERR_UNABLE_TO_GET_CRL:
-	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-		al=SSL_AD_UNKNOWN_CA;
-		break;
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_CRL_NOT_YET_VALID:
-	case X509_V_ERR_CERT_UNTRUSTED:
-	case X509_V_ERR_CERT_REJECTED:
-		al=SSL_AD_BAD_CERTIFICATE;
-		break;
-	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-		al=SSL_AD_DECRYPT_ERROR;
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_CRL_HAS_EXPIRED:
-		al=SSL_AD_CERTIFICATE_EXPIRED;
-		break;
-	case X509_V_ERR_CERT_REVOKED:
-		al=SSL_AD_CERTIFICATE_REVOKED;
-		break;
-	case X509_V_ERR_OUT_OF_MEM:
-		al=SSL_AD_INTERNAL_ERROR;
-		break;
-	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-	case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-	case X509_V_ERR_INVALID_CA:
-		al=SSL_AD_UNKNOWN_CA;
-		break;
-	case X509_V_ERR_APPLICATION_VERIFICATION:
-		al=SSL_AD_HANDSHAKE_FAILURE;
-		break;
-	case X509_V_ERR_INVALID_PURPOSE:
-		al=SSL_AD_UNSUPPORTED_CERTIFICATE;
-		break;
-	default:
-		al=SSL_AD_CERTIFICATE_UNKNOWN;
-		break;
-		}
-	return(al);
-	}
-
-int ssl3_setup_buffers(SSL *s)
-	{
-	unsigned char *p;
-	unsigned int extra;
-	size_t len;
-
-	if (s->s3->rbuf.buf == NULL)
-		{
-		if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-			extra=SSL3_RT_MAX_EXTRA;
-		else
-			extra=0;
-		len = SSL3_RT_MAX_PACKET_SIZE + extra;
-		if ((p=OPENSSL_malloc(len)) == NULL)
-			goto err;
-		s->s3->rbuf.buf = p;
-		s->s3->rbuf.len = len;
-		}
-
-	if (s->s3->wbuf.buf == NULL)
-		{
-		len = SSL3_RT_MAX_PACKET_SIZE;
-		len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
-		if ((p=OPENSSL_malloc(len)) == NULL)
-			goto err;
-		s->s3->wbuf.buf = p;
-		s->s3->wbuf.len = len;
-		}
-	s->packet= &(s->s3->rbuf.buf[0]);
-	return(1);
-err:
-	SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c
deleted file mode 100644
index fae8eadadaea..000000000000
--- a/crypto/openssl/ssl/s3_clnt.c
+++ /dev/null
@@ -1,1980 +0,0 @@
-/* ssl/s3_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include "cryptlib.h"
-
-static SSL_METHOD *ssl3_get_client_method(int ver);
-static int ssl3_client_hello(SSL *s);
-static int ssl3_get_server_hello(SSL *s);
-static int ssl3_get_certificate_request(SSL *s);
-static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
-static int ssl3_get_server_done(SSL *s);
-static int ssl3_send_client_verify(SSL *s);
-static int ssl3_send_client_certificate(SSL *s);
-static int ssl3_send_client_key_exchange(SSL *s);
-static int ssl3_get_key_exchange(SSL *s);
-static int ssl3_get_server_certificate(SSL *s);
-static int ssl3_check_cert_and_algorithm(SSL *s);
-static SSL_METHOD *ssl3_get_client_method(int ver)
-	{
-	if (ver == SSL3_VERSION)
-		return(SSLv3_client_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv3_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_client_data.ssl_connect=ssl3_connect;
-			SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_client_data);
-	}
-
-int ssl3_connect(SSL *s)
-	{
-	BUF_MEM *buf=NULL;
-	unsigned long Time=time(NULL),l;
-	long num1;
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	int ret= -1;
-	int new_state,state,skip=0;;
-
-	RAND_add(&Time,sizeof(Time),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-	
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
-
-	for (;;)
-		{
-		state=s->state;
-
-		switch(s->state)
-			{
-		case SSL_ST_RENEGOTIATE:
-			s->new_session=1;
-			s->state=SSL_ST_CONNECT;
-			s->ctx->stats.sess_connect_renegotiate++;
-			/* break */
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			s->server=0;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			if ((s->version & 0xff00 ) != 0x0300)
-				{
-				SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
-				ret = -1;
-				goto end;
-				}
-				
-			/* s->version=SSL3_VERSION; */
-			s->type=SSL_ST_CONNECT;
-
-			if (s->init_buf == NULL)
-				{
-				if ((buf=BUF_MEM_new()) == NULL)
-					{
-					ret= -1;
-					goto end;
-					}
-				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
-					{
-					ret= -1;
-					goto end;
-					}
-				s->init_buf=buf;
-				buf=NULL;
-				}
-
-			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
-
-			/* setup buffing BIO */
-			if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
-
-			/* don't push the buffering BIO quite yet */
-
-			ssl3_init_finished_mac(s);
-
-			s->state=SSL3_ST_CW_CLNT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CW_CLNT_HELLO_A:
-		case SSL3_ST_CW_CLNT_HELLO_B:
-
-			s->shutdown=0;
-			ret=ssl3_client_hello(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CR_SRVR_HELLO_A;
-			s->init_num=0;
-
-			/* turn on buffering for the next lot of output */
-			if (s->bbio != s->wbio)
-				s->wbio=BIO_push(s->bbio,s->wbio);
-
-			break;
-
-		case SSL3_ST_CR_SRVR_HELLO_A:
-		case SSL3_ST_CR_SRVR_HELLO_B:
-			ret=ssl3_get_server_hello(s);
-			if (ret <= 0) goto end;
-			if (s->hit)
-				s->state=SSL3_ST_CR_FINISHED_A;
-			else
-				s->state=SSL3_ST_CR_CERT_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CR_CERT_A:
-		case SSL3_ST_CR_CERT_B:
-			/* Check if it is anon DH */
-			if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
-				{
-				ret=ssl3_get_server_certificate(s);
-				if (ret <= 0) goto end;
-				}
-			else
-				skip=1;
-			s->state=SSL3_ST_CR_KEY_EXCH_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CR_KEY_EXCH_A:
-		case SSL3_ST_CR_KEY_EXCH_B:
-			ret=ssl3_get_key_exchange(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CR_CERT_REQ_A;
-			s->init_num=0;
-
-			/* at this point we check that we have the
-			 * required stuff from the server */
-			if (!ssl3_check_cert_and_algorithm(s))
-				{
-				ret= -1;
-				goto end;
-				}
-			break;
-
-		case SSL3_ST_CR_CERT_REQ_A:
-		case SSL3_ST_CR_CERT_REQ_B:
-			ret=ssl3_get_certificate_request(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CR_SRVR_DONE_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CR_SRVR_DONE_A:
-		case SSL3_ST_CR_SRVR_DONE_B:
-			ret=ssl3_get_server_done(s);
-			if (ret <= 0) goto end;
-			if (s->s3->tmp.cert_req)
-				s->state=SSL3_ST_CW_CERT_A;
-			else
-				s->state=SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num=0;
-
-			break;
-
-		case SSL3_ST_CW_CERT_A:
-		case SSL3_ST_CW_CERT_B:
-		case SSL3_ST_CW_CERT_C:
-		case SSL3_ST_CW_CERT_D:
-			ret=ssl3_send_client_certificate(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CW_KEY_EXCH_A:
-		case SSL3_ST_CW_KEY_EXCH_B:
-			ret=ssl3_send_client_key_exchange(s);
-			if (ret <= 0) goto end;
-			l=s->s3->tmp.new_cipher->algorithms;
-			/* EAY EAY EAY need to check for DH fix cert
-			 * sent back */
-			/* For TLS, cert_req is set to 2, so a cert chain
-			 * of nothing is sent, but no verify packet is sent */
-			if (s->s3->tmp.cert_req == 1)
-				{
-				s->state=SSL3_ST_CW_CERT_VRFY_A;
-				}
-			else
-				{
-				s->state=SSL3_ST_CW_CHANGE_A;
-				s->s3->change_cipher_spec=0;
-				}
-
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CW_CERT_VRFY_A:
-		case SSL3_ST_CW_CERT_VRFY_B:
-			ret=ssl3_send_client_verify(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CW_CHANGE_A;
-			s->init_num=0;
-			s->s3->change_cipher_spec=0;
-			break;
-
-		case SSL3_ST_CW_CHANGE_A:
-		case SSL3_ST_CW_CHANGE_B:
-			ret=ssl3_send_change_cipher_spec(s,
-				SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CW_FINISHED_A;
-			s->init_num=0;
-
-			s->session->cipher=s->s3->tmp.new_cipher;
-			if (s->s3->tmp.new_compression == NULL)
-				s->session->compress_meth=0;
-			else
-				s->session->compress_meth=
-					s->s3->tmp.new_compression->id;
-			if (!s->method->ssl3_enc->setup_key_block(s))
-				{
-				ret= -1;
-				goto end;
-				}
-
-			if (!s->method->ssl3_enc->change_cipher_state(s,
-				SSL3_CHANGE_CIPHER_CLIENT_WRITE))
-				{
-				ret= -1;
-				goto end;
-				}
-
-			break;
-
-		case SSL3_ST_CW_FINISHED_A:
-		case SSL3_ST_CW_FINISHED_B:
-			ret=ssl3_send_finished(s,
-				SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
-				s->method->ssl3_enc->client_finished_label,
-				s->method->ssl3_enc->client_finished_label_len);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_CW_FLUSH;
-
-			/* clear flags */
-			s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
-			if (s->hit)
-				{
-				s->s3->tmp.next_state=SSL_ST_OK;
-				if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
-					{
-					s->state=SSL_ST_OK;
-					s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
-					s->s3->delay_buf_pop_ret=0;
-					}
-				}
-			else
-				{
-				s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
-				}
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CR_FINISHED_A:
-		case SSL3_ST_CR_FINISHED_B:
-
-			ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
-				SSL3_ST_CR_FINISHED_B);
-			if (ret <= 0) goto end;
-
-			if (s->hit)
-				s->state=SSL3_ST_CW_CHANGE_A;
-			else
-				s->state=SSL_ST_OK;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_CW_FLUSH:
-			/* number of bytes to be flushed */
-			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
-			if (num1 > 0)
-				{
-				s->rwstate=SSL_WRITING;
-				num1=BIO_flush(s->wbio);
-				if (num1 <= 0) { ret= -1; goto end; }
-				s->rwstate=SSL_NOTHING;
-				}
-
-			s->state=s->s3->tmp.next_state;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			ssl3_cleanup_key_block(s);
-
-			if (s->init_buf != NULL)
-				{
-				BUF_MEM_free(s->init_buf);
-				s->init_buf=NULL;
-				}
-
-			/* If we are not 'joining' the last two packets,
-			 * remove the buffering now */
-			if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-				ssl_free_wbio_buffer(s);
-			/* else do it later in ssl3_write */
-
-			s->init_num=0;
-			s->new_session=0;
-
-			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
-			if (s->hit) s->ctx->stats.sess_hit++;
-
-			ret=1;
-			/* s->server=0; */
-			s->handshake_func=ssl3_connect;
-			s->ctx->stats.sess_connect_good++;
-
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
-			goto end;
-			/* break; */
-			
-		default:
-			SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
-			ret= -1;
-			goto end;
-			/* break; */
-			}
-
-		/* did we do anything */
-		if (!s->s3->tmp.reuse_message && !skip)
-			{
-			if (s->debug)
-				{
-				if ((ret=BIO_flush(s->wbio)) <= 0)
-					goto end;
-				}
-
-			if ((cb != NULL) && (s->state != state))
-				{
-				new_state=s->state;
-				s->state=state;
-				cb(s,SSL_CB_CONNECT_LOOP,1);
-				s->state=new_state;
-				}
-			}
-		skip=0;
-		}
-end:
-	s->in_handshake--;
-	if (buf != NULL)
-		BUF_MEM_free(buf);
-	if (cb != NULL)
-		cb(s,SSL_CB_CONNECT_EXIT,ret);
-	return(ret);
-	}
-
-
-static int ssl3_client_hello(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-	int i,j;
-	unsigned long Time,l;
-	SSL_COMP *comp;
-
-	buf=(unsigned char *)s->init_buf->data;
-	if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
-		{
-		if ((s->session == NULL) ||
-			(s->session->ssl_version != s->version) ||
-			(s->session->not_resumable))
-			{
-			if (!ssl_get_new_session(s,0))
-				goto err;
-			}
-		/* else use the pre-loaded session */
-
-		p=s->s3->client_random;
-		Time=time(NULL);			/* Time */
-		l2n(Time,p);
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
-
-		/* Do the message type and length last */
-		d=p= &(buf[4]);
-
-		*(p++)=s->version>>8;
-		*(p++)=s->version&0xff;
-		s->client_version=s->version;
-
-		/* Random stuff */
-		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-
-		/* Session ID */
-		if (s->new_session)
-			i=0;
-		else
-			i=s->session->session_id_length;
-		*(p++)=i;
-		if (i != 0)
-			{
-			if (i > sizeof s->session->session_id)
-				{
-				SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			memcpy(p,s->session->session_id,i);
-			p+=i;
-			}
-		
-		/* Ciphers supported */
-		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
-		if (i == 0)
-			{
-			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-			goto err;
-			}
-		s2n(i,p);
-		p+=i;
-
-		/* COMPRESSION */
-		if (s->ctx->comp_methods == NULL)
-			j=0;
-		else
-			j=sk_SSL_COMP_num(s->ctx->comp_methods);
-		*(p++)=1+j;
-		for (i=0; i<j; i++)
-			{
-			comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
-			*(p++)=comp->id;
-			}
-		*(p++)=0; /* Add the NULL method */
-		
-		l=(p-d);
-		d=buf;
-		*(d++)=SSL3_MT_CLIENT_HELLO;
-		l2n3(l,d);
-
-		s->state=SSL3_ST_CW_CLNT_HELLO_B;
-		/* number of bytes to write */
-		s->init_num=p-buf;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
-	return(-1);
-	}
-
-static int ssl3_get_server_hello(SSL *s)
-	{
-	STACK_OF(SSL_CIPHER) *sk;
-	SSL_CIPHER *c;
-	unsigned char *p,*d;
-	int i,al,ok;
-	unsigned int j;
-	long n;
-	SSL_COMP *comp;
-
-	n=ssl3_get_message(s,
-		SSL3_ST_CR_SRVR_HELLO_A,
-		SSL3_ST_CR_SRVR_HELLO_B,
-		SSL3_MT_SERVER_HELLO,
-		300, /* ?? */
-		&ok);
-
-	if (!ok) return((int)n);
-	d=p=(unsigned char *)s->init_msg;
-
-	if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
-		{
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
-		s->version=(s->version&0xff00)|p[1];
-		al=SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-		}
-	p+=2;
-
-	/* load the server hello data */
-	/* load the server random */
-	memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-
-	/* get the session-id */
-	j= *(p++);
-
-	if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
-		{
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
-		goto f_err;
-		}
-
-	if (j != 0 && j == s->session->session_id_length
-	    && memcmp(p,s->session->session_id,j) == 0)
-	    {
-	    if(s->sid_ctx_length != s->session->sid_ctx_length
-	       || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
-		{
-		/* actually a client application bug */
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-		goto f_err;
-		}
-	    s->hit=1;
-	    }
-	else	/* a miss or crap from the other end */
-		{
-		/* If we were trying for session-id reuse, make a new
-		 * SSL_SESSION so we don't stuff up other people */
-		s->hit=0;
-		if (s->session->session_id_length > 0)
-			{
-			if (!ssl_get_new_session(s,0))
-				{
-				al=SSL_AD_INTERNAL_ERROR;
-				goto f_err;
-				}
-			}
-		s->session->session_id_length=j;
-		memcpy(s->session->session_id,p,j); /* j could be 0 */
-		}
-	p+=j;
-	c=ssl_get_cipher_by_char(s,p);
-	if (c == NULL)
-		{
-		/* unknown cipher */
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
-		goto f_err;
-		}
-	p+=ssl_put_cipher_by_char(s,NULL,NULL);
-
-	sk=ssl_get_ciphers_by_id(s);
-	i=sk_SSL_CIPHER_find(sk,c);
-	if (i < 0)
-		{
-		/* we did not say we would use this cipher */
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
-		goto f_err;
-		}
-
-	/* Depending on the session caching (internal/external), the cipher
-	   and/or cipher_id values may not be set. Make sure that
-	   cipher_id is set and use it for comparison. */
-	if (s->session->cipher)
-		s->session->cipher_id = s->session->cipher->id;
-	if (s->hit && (s->session->cipher_id != c->id))
-		{
-		if (!(s->options &
-			SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
-			{
-			al=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
-			goto f_err;
-			}
-		}
-	s->s3->tmp.new_cipher=c;
-
-	/* lets get the compression algorithm */
-	/* COMPRESSION */
-	j= *(p++);
-	if (j == 0)
-		comp=NULL;
-	else
-		comp=ssl3_comp_find(s->ctx->comp_methods,j);
-	
-	if ((j != 0) && (comp == NULL))
-		{
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-		goto f_err;
-		}
-	else
-		{
-		s->s3->tmp.new_compression=comp;
-		}
-
-	if (p != (d+n))
-		{
-		/* wrong packet length */
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
-		goto err;
-		}
-
-	return(1);
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	return(-1);
-	}
-
-static int ssl3_get_server_certificate(SSL *s)
-	{
-	int al,i,ok,ret= -1;
-	unsigned long n,nc,llen,l;
-	X509 *x=NULL;
-	unsigned char *p,*d,*q;
-	STACK_OF(X509) *sk=NULL;
-	SESS_CERT *sc;
-	EVP_PKEY *pkey=NULL;
-        int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
-
-	n=ssl3_get_message(s,
-		SSL3_ST_CR_CERT_A,
-		SSL3_ST_CR_CERT_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-
-	if (!ok) return((int)n);
-
-	if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
-		{
-		s->s3->tmp.reuse_message=1;
-		return(1);
-		}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
-		{
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
-		goto f_err;
-		}
-	d=p=(unsigned char *)s->init_msg;
-
-	if ((sk=sk_X509_new_null()) == NULL)
-		{
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	n2l3(p,llen);
-	if (llen+3 != n)
-		{
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-		}
-	for (nc=0; nc<llen; )
-		{
-		n2l3(p,l);
-		if ((l+nc+3) > llen)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-			}
-
-		q=p;
-		x=d2i_X509(NULL,&q,l);
-		if (x == NULL)
-			{
-			al=SSL_AD_BAD_CERTIFICATE;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
-			goto f_err;
-			}
-		if (q != (p+l))
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-			}
-		if (!sk_X509_push(sk,x))
-			{
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		x=NULL;
-		nc+=l+3;
-		p=q;
-		}
-
-	i=ssl_verify_cert_chain(s,sk);
-	if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
-#ifndef OPENSSL_NO_KRB5
-                && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
-                != (SSL_aKRB5|SSL_kKRB5)
-#endif /* OPENSSL_NO_KRB5 */
-                )
-		{
-		al=ssl_verify_alarm_type(s->verify_result);
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
-		goto f_err; 
-		}
-	ERR_clear_error(); /* but we keep s->verify_result */
-
-	sc=ssl_sess_cert_new();
-	if (sc == NULL) goto err;
-
-	if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
-	s->session->sess_cert=sc;
-
-	sc->cert_chain=sk;
-	/* Inconsistency alert: cert_chain does include the peer's
-	 * certificate, which we don't include in s3_srvr.c */
-	x=sk_X509_value(sk,0);
-	sk=NULL;
- 	/* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
-
-	pkey=X509_get_pubkey(x);
-
-        /* VRS: allow null cert if auth == KRB5 */
-        need_cert =	((s->s3->tmp.new_cipher->algorithms
-			& (SSL_MKEY_MASK|SSL_AUTH_MASK))
-                        == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
-
-#ifdef KSSL_DEBUG
-	printf("pkey,x = %p, %p\n", pkey,x);
-	printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
-	printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
-                s->s3->tmp.new_cipher->algorithms, need_cert);
-#endif    /* KSSL_DEBUG */
-
-	if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
-		{
-		x=NULL;
-		al=SSL3_AL_FATAL;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
-		goto f_err;
-		}
-
-	i=ssl_cert_type(x,pkey);
-	if (need_cert && i < 0)
-		{
-		x=NULL;
-		al=SSL3_AL_FATAL;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		goto f_err;
-		}
-
-        if (need_cert)
-                {
-                sc->peer_cert_type=i;
-                CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
-                /* Why would the following ever happen?
-                 * We just created sc a couple of lines ago. */
-                if (sc->peer_pkeys[i].x509 != NULL)
-                        X509_free(sc->peer_pkeys[i].x509);
-                sc->peer_pkeys[i].x509=x;
-                sc->peer_key= &(sc->peer_pkeys[i]);
-
-                if (s->session->peer != NULL)
-                        X509_free(s->session->peer);
-                CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
-                s->session->peer=x;
-                }
-        else
-                {
-                sc->peer_cert_type=i;
-                sc->peer_key= NULL;
-
-                if (s->session->peer != NULL)
-                        X509_free(s->session->peer);
-                s->session->peer=NULL;
-                }
-	s->session->verify_result = s->verify_result;
-
-	x=NULL;
-	ret=1;
-
-	if (0)
-		{
-f_err:
-		ssl3_send_alert(s,SSL3_AL_FATAL,al);
-		}
-err:
-	EVP_PKEY_free(pkey);
-	X509_free(x);
-	sk_X509_pop_free(sk,X509_free);
-	return(ret);
-	}
-
-static int ssl3_get_key_exchange(SSL *s)
-	{
-#ifndef OPENSSL_NO_RSA
-	unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
-#endif
-	EVP_MD_CTX md_ctx;
-	unsigned char *param,*p;
-	int al,i,j,param_len,ok;
-	long n,alg;
-	EVP_PKEY *pkey=NULL;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa=NULL;
-#endif
-#ifndef OPENSSL_NO_DH
-	DH *dh=NULL;
-#endif
-
-	/* use same message size as in ssl3_get_certificate_request()
-	 * as ServerKeyExchange message may be skipped */
-	n=ssl3_get_message(s,
-		SSL3_ST_CR_KEY_EXCH_A,
-		SSL3_ST_CR_KEY_EXCH_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-
-	if (!ok) return((int)n);
-
-	if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
-		{
-		s->s3->tmp.reuse_message=1;
-		return(1);
-		}
-
-	param=p=(unsigned char *)s->init_msg;
-
-	if (s->session->sess_cert != NULL)
-		{
-#ifndef OPENSSL_NO_RSA
-		if (s->session->sess_cert->peer_rsa_tmp != NULL)
-			{
-			RSA_free(s->session->sess_cert->peer_rsa_tmp);
-			s->session->sess_cert->peer_rsa_tmp=NULL;
-			}
-#endif
-#ifndef OPENSSL_NO_DH
-		if (s->session->sess_cert->peer_dh_tmp)
-			{
-			DH_free(s->session->sess_cert->peer_dh_tmp);
-			s->session->sess_cert->peer_dh_tmp=NULL;
-			}
-#endif
-		}
-	else
-		{
-		s->session->sess_cert=ssl_sess_cert_new();
-		}
-
-	param_len=0;
-	alg=s->s3->tmp.new_cipher->algorithms;
-	EVP_MD_CTX_init(&md_ctx);
-
-#ifndef OPENSSL_NO_RSA
-	if (alg & SSL_kRSA)
-		{
-		if ((rsa=RSA_new()) == NULL)
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		n2s(p,i);
-		param_len=i+2;
-		if (param_len > n)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
-			goto f_err;
-			}
-		if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
-			goto err;
-			}
-		p+=i;
-
-		n2s(p,i);
-		param_len+=i+2;
-		if (param_len > n)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
-			goto f_err;
-			}
-		if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
-			goto err;
-			}
-		p+=i;
-		n-=param_len;
-
-		/* this should be because we are using an export cipher */
-		if (alg & SSL_aRSA)
-			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-		else
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		s->session->sess_cert->peer_rsa_tmp=rsa;
-		rsa=NULL;
-		}
-#else /* OPENSSL_NO_RSA */
-	if (0)
-		;
-#endif
-#ifndef OPENSSL_NO_DH
-	else if (alg & SSL_kEDH)
-		{
-		if ((dh=DH_new()) == NULL)
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
-			goto err;
-			}
-		n2s(p,i);
-		param_len=i+2;
-		if (param_len > n)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
-			goto f_err;
-			}
-		if (!(dh->p=BN_bin2bn(p,i,NULL)))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
-			goto err;
-			}
-		p+=i;
-
-		n2s(p,i);
-		param_len+=i+2;
-		if (param_len > n)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
-			goto f_err;
-			}
-		if (!(dh->g=BN_bin2bn(p,i,NULL)))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
-			goto err;
-			}
-		p+=i;
-
-		n2s(p,i);
-		param_len+=i+2;
-		if (param_len > n)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
-			goto f_err;
-			}
-		if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
-			goto err;
-			}
-		p+=i;
-		n-=param_len;
-
-#ifndef OPENSSL_NO_RSA
-		if (alg & SSL_aRSA)
-			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-#else
-		if (0)
-			;
-#endif
-#ifndef OPENSSL_NO_DSA
-		else if (alg & SSL_aDSS)
-			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
-#endif
-		/* else anonymous DH, so no certificate or pkey. */
-
-		s->session->sess_cert->peer_dh_tmp=dh;
-		dh=NULL;
-		}
-	else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
-		{
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
-		goto f_err;
-		}
-#endif /* !OPENSSL_NO_DH */
-	if (alg & SSL_aFZA)
-		{
-		al=SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
-		goto f_err;
-		}
-
-
-	/* p points to the next byte, there are 'n' bytes left */
-
-
-	/* if it was signed, check the signature */
-	if (pkey != NULL)
-		{
-		n2s(p,i);
-		n-=2;
-		j=EVP_PKEY_size(pkey);
-
-		if ((i != n) || (n > j) || (n <= 0))
-			{
-			/* wrong packet length */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
-			goto f_err;
-			}
-
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			int num;
-
-			j=0;
-			q=md_buf;
-			for (num=2; num > 0; num--)
-				{
-				EVP_DigestInit_ex(&md_ctx,(num == 2)
-					?s->ctx->md5:s->ctx->sha1, NULL);
-				EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
-				EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-				EVP_DigestUpdate(&md_ctx,param,param_len);
-				EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
-				q+=i;
-				j+=i;
-				}
-			i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
-								pkey->pkey.rsa);
-			if (i < 0)
-				{
-				al=SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
-				goto f_err;
-				}
-			if (i == 0)
-				{
-				/* bad signature */
-				al=SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
-				goto f_err;
-				}
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (pkey->type == EVP_PKEY_DSA)
-			{
-			/* lets do DSS */
-			EVP_VerifyInit_ex(&md_ctx,EVP_dss1(), NULL);
-			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
-			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-			EVP_VerifyUpdate(&md_ctx,param,param_len);
-			if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
-				{
-				/* bad signature */
-				al=SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
-				goto f_err;
-				}
-			}
-		else
-#endif
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		}
-	else
-		{
-		/* still data left over */
-		if (!(alg & SSL_aNULL))
-			{
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		if (n != 0)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
-			goto f_err;
-			}
-		}
-	EVP_PKEY_free(pkey);
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return(1);
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	EVP_PKEY_free(pkey);
-#ifndef OPENSSL_NO_RSA
-	if (rsa != NULL)
-		RSA_free(rsa);
-#endif
-#ifndef OPENSSL_NO_DH
-	if (dh != NULL)
-		DH_free(dh);
-#endif
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return(-1);
-	}
-
-static int ssl3_get_certificate_request(SSL *s)
-	{
-	int ok,ret=0;
-	unsigned long n,nc,l;
-	unsigned int llen,ctype_num,i;
-	X509_NAME *xn=NULL;
-	unsigned char *p,*d,*q;
-	STACK_OF(X509_NAME) *ca_sk=NULL;
-
-	n=ssl3_get_message(s,
-		SSL3_ST_CR_CERT_REQ_A,
-		SSL3_ST_CR_CERT_REQ_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-
-	if (!ok) return((int)n);
-
-	s->s3->tmp.cert_req=0;
-
-	if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
-		{
-		s->s3->tmp.reuse_message=1;
-		return(1);
-		}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
-		{
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
-		goto err;
-		}
-
-	/* TLS does not like anon-DH with client cert */
-	if (s->version > SSL3_VERSION)
-		{
-		l=s->s3->tmp.new_cipher->algorithms;
-		if (l & SSL_aNULL)
-			{
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
-			goto err;
-			}
-		}
-
-	d=p=(unsigned char *)s->init_msg;
-
-	if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
-		{
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	/* get the certificate types */
-	ctype_num= *(p++);
-	if (ctype_num > SSL3_CT_NUMBER)
-		ctype_num=SSL3_CT_NUMBER;
-	for (i=0; i<ctype_num; i++)
-		s->s3->tmp.ctype[i]= p[i];
-	p+=ctype_num;
-
-	/* get the CA RDNs */
-	n2s(p,llen);
-#if 0
-{
-FILE *out;
-out=fopen("/tmp/vsign.der","w");
-fwrite(p,1,llen,out);
-fclose(out);
-}
-#endif
-
-	if ((llen+ctype_num+2+1) != n)
-		{
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
-		goto err;
-		}
-
-	for (nc=0; nc<llen; )
-		{
-		n2s(p,l);
-		if ((l+nc+2) > llen)
-			{
-			if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
-				goto cont; /* netscape bugs */
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
-			goto err;
-			}
-
-		q=p;
-
-		if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
-			{
-			/* If netscape tolerance is on, ignore errors */
-			if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
-				goto cont;
-			else
-				{
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
-				SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
-				goto err;
-				}
-			}
-
-		if (q != (p+l))
-			{
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
-			goto err;
-			}
-		if (!sk_X509_NAME_push(ca_sk,xn))
-			{
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-
-		p+=l;
-		nc+=l+2;
-		}
-
-	if (0)
-		{
-cont:
-		ERR_clear_error();
-		}
-
-	/* we should setup a certificate to return.... */
-	s->s3->tmp.cert_req=1;
-	s->s3->tmp.ctype_num=ctype_num;
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
-	s->s3->tmp.ca_names=ca_sk;
-	ca_sk=NULL;
-
-	ret=1;
-err:
-	if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
-	return(ret);
-	}
-
-static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
-	{
-	return(X509_NAME_cmp(*a,*b));
-	}
-
-static int ssl3_get_server_done(SSL *s)
-	{
-	int ok,ret=0;
-	long n;
-
-	n=ssl3_get_message(s,
-		SSL3_ST_CR_SRVR_DONE_A,
-		SSL3_ST_CR_SRVR_DONE_B,
-		SSL3_MT_SERVER_DONE,
-		30, /* should be very small, like 0 :-) */
-		&ok);
-
-	if (!ok) return((int)n);
-	if (n > 0)
-		{
-		/* should contain no data */
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
-		SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
-		return -1;
-		}
-	ret=1;
-	return(ret);
-	}
-
-static int ssl3_send_client_key_exchange(SSL *s)
-	{
-	unsigned char *p,*d;
-	int n;
-	unsigned long l;
-#ifndef OPENSSL_NO_RSA
-	unsigned char *q;
-	EVP_PKEY *pkey=NULL;
-#endif
-#ifndef OPENSSL_NO_KRB5
-        KSSL_ERR kssl_err;
-#endif /* OPENSSL_NO_KRB5 */
-
-	if (s->state == SSL3_ST_CW_KEY_EXCH_A)
-		{
-		d=(unsigned char *)s->init_buf->data;
-		p= &(d[4]);
-
-		l=s->s3->tmp.new_cipher->algorithms;
-
-                /* Fool emacs indentation */
-                if (0) {}
-#ifndef OPENSSL_NO_RSA
-		else if (l & SSL_kRSA)
-			{
-			RSA *rsa;
-			unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-
-			if (s->session->sess_cert->peer_rsa_tmp != NULL)
-				rsa=s->session->sess_cert->peer_rsa_tmp;
-			else
-				{
-				pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-				if ((pkey == NULL) ||
-					(pkey->type != EVP_PKEY_RSA) ||
-					(pkey->pkey.rsa == NULL))
-					{
-					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
-					goto err;
-					}
-				rsa=pkey->pkey.rsa;
-				EVP_PKEY_free(pkey);
-				}
-				
-			tmp_buf[0]=s->client_version>>8;
-			tmp_buf[1]=s->client_version&0xff;
-			if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
-					goto err;
-
-			s->session->master_key_length=sizeof tmp_buf;
-
-			q=p;
-			/* Fix buf for TLS and beyond */
-			if (s->version > SSL3_VERSION)
-				p+=2;
-			n=RSA_public_encrypt(sizeof tmp_buf,
-				tmp_buf,p,rsa,RSA_PKCS1_PADDING);
-#ifdef PKCS1_CHECK
-			if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
-			if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
-#endif
-			if (n <= 0)
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
-				goto err;
-				}
-
-			/* Fix buf for TLS and beyond */
-			if (s->version > SSL3_VERSION)
-				{
-				s2n(n,q);
-				n+=2;
-				}
-
-			s->session->master_key_length=
-				s->method->ssl3_enc->generate_master_secret(s,
-					s->session->master_key,
-					tmp_buf,sizeof tmp_buf);
-			OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
-			}
-#endif
-#ifndef OPENSSL_NO_KRB5
-		else if (l & SSL_kKRB5)
-                        {
-                        krb5_error_code	krb5rc;
-                        KSSL_CTX	*kssl_ctx = s->kssl_ctx;
-                        /*  krb5_data	krb5_ap_req;  */
-                        krb5_data	*enc_ticket;
-                        krb5_data	authenticator, *authp = NULL;
-			EVP_CIPHER_CTX	ciph_ctx;
-			EVP_CIPHER	*enc = NULL;
-			unsigned char	iv[EVP_MAX_IV_LENGTH];
-			unsigned char	tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-			unsigned char	epms[SSL_MAX_MASTER_KEY_LENGTH 
-						+ EVP_MAX_IV_LENGTH];
-			int 		padl, outl = sizeof(epms);
-
-			EVP_CIPHER_CTX_init(&ciph_ctx);
-
-#ifdef KSSL_DEBUG
-                        printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
-                                l, SSL_kKRB5);
-#endif	/* KSSL_DEBUG */
-
-			authp = NULL;
-#ifdef KRB5SENDAUTH
-			if (KRB5SENDAUTH)  authp = &authenticator;
-#endif	/* KRB5SENDAUTH */
-
-                        krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
-				&kssl_err);
-			enc = kssl_map_enc(kssl_ctx->enctype);
-                        if (enc == NULL)
-                            goto err;
-#ifdef KSSL_DEBUG
-                        {
-                        printf("kssl_cget_tkt rtn %d\n", krb5rc);
-                        if (krb5rc && kssl_err.text)
-			  printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
-                        }
-#endif	/* KSSL_DEBUG */
-
-                        if (krb5rc)
-                                {
-                                ssl3_send_alert(s,SSL3_AL_FATAL,
-						SSL_AD_HANDSHAKE_FAILURE);
-                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-						kssl_err.reason);
-                                goto err;
-                                }
-
-			/*  20010406 VRS - Earlier versions used KRB5 AP_REQ
-			**  in place of RFC 2712 KerberosWrapper, as in:
-			**
-                        **  Send ticket (copy to *p, set n = length)
-                        **  n = krb5_ap_req.length;
-                        **  memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
-                        **  if (krb5_ap_req.data)  
-                        **    kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
-                        **
-			**  Now using real RFC 2712 KerberosWrapper
-			**  (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
-			**  Note: 2712 "opaque" types are here replaced
-			**  with a 2-byte length followed by the value.
-			**  Example:
-			**  KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
-			**  Where "xx xx" = length bytes.  Shown here with
-			**  optional authenticator omitted.
-			*/
-
-			/*  KerberosWrapper.Ticket		*/
-			s2n(enc_ticket->length,p);
-			memcpy(p, enc_ticket->data, enc_ticket->length);
-			p+= enc_ticket->length;
-			n = enc_ticket->length + 2;
-
-			/*  KerberosWrapper.Authenticator	*/
-			if (authp  &&  authp->length)  
-				{
-				s2n(authp->length,p);
-				memcpy(p, authp->data, authp->length);
-				p+= authp->length;
-				n+= authp->length + 2;
-				
-				free(authp->data);
-				authp->data = NULL;
-				authp->length = 0;
-				}
-			else
-				{
-				s2n(0,p);/*  null authenticator length	*/
-				n+=2;
-				}
- 
-			if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
-			    goto err;
-
-			/*  20010420 VRS.  Tried it this way; failed.
-			**	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
-			**	EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
-			**				kssl_ctx->length);
-			**	EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
-			*/
-
-			memset(iv, 0, sizeof iv);  /* per RFC 1510 */
-			EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
-				kssl_ctx->key,iv);
-			EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
-				sizeof tmp_buf);
-			EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
-			outl += padl;
-			if (outl > sizeof epms)
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-			/*  KerberosWrapper.EncryptedPreMasterSecret	*/
-			s2n(outl,p);
-			memcpy(p, epms, outl);
-			p+=outl;
-			n+=outl + 2;
-
-                        s->session->master_key_length=
-                                s->method->ssl3_enc->generate_master_secret(s,
-					s->session->master_key,
-					tmp_buf, sizeof tmp_buf);
-
-			OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
-			OPENSSL_cleanse(epms, outl);
-                        }
-#endif
-#ifndef OPENSSL_NO_DH
-		else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
-			{
-			DH *dh_srvr,*dh_clnt;
-
-			if (s->session->sess_cert->peer_dh_tmp != NULL)
-				dh_srvr=s->session->sess_cert->peer_dh_tmp;
-			else
-				{
-				/* we get them from the cert */
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
-				goto err;
-				}
-			
-			/* generate a new random key */
-			if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
-				goto err;
-				}
-			if (!DH_generate_key(dh_clnt))
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
-				goto err;
-				}
-
-			/* use the 'p' output buffer for the DH key, but
-			 * make sure to clear it out afterwards */
-
-			n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
-
-			if (n <= 0)
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
-				goto err;
-				}
-
-			/* generate master key from the result */
-			s->session->master_key_length=
-				s->method->ssl3_enc->generate_master_secret(s,
-					s->session->master_key,p,n);
-			/* clean up */
-			memset(p,0,n);
-
-			/* send off the data */
-			n=BN_num_bytes(dh_clnt->pub_key);
-			s2n(n,p);
-			BN_bn2bin(dh_clnt->pub_key,p);
-			n+=2;
-
-			DH_free(dh_clnt);
-
-			/* perhaps clean things up a bit EAY EAY EAY EAY*/
-			}
-#endif
-		else
-			{
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		
-		*(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
-		l2n3(n,d);
-
-		s->state=SSL3_ST_CW_KEY_EXCH_B;
-		/* number of bytes to write */
-		s->init_num=n+4;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_CW_KEY_EXCH_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
-	return(-1);
-	}
-
-static int ssl3_send_client_verify(SSL *s)
-	{
-	unsigned char *p,*d;
-	unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
-	EVP_PKEY *pkey;
-#ifndef OPENSSL_NO_RSA
-	unsigned u=0;
-#endif
-	unsigned long n;
-#ifndef OPENSSL_NO_DSA
-	int j;
-#endif
-
-	if (s->state == SSL3_ST_CW_CERT_VRFY_A)
-		{
-		d=(unsigned char *)s->init_buf->data;
-		p= &(d[4]);
-		pkey=s->cert->key->privatekey;
-
-		s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
-			&(data[MD5_DIGEST_LENGTH]));
-
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			s->method->ssl3_enc->cert_verify_mac(s,
-				&(s->s3->finish_dgst1),&(data[0]));
-			if (RSA_sign(NID_md5_sha1, data,
-					 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
-					&(p[2]), &u, pkey->pkey.rsa) <= 0 )
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
-				goto err;
-				}
-			s2n(u,p);
-			n=u+2;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (pkey->type == EVP_PKEY_DSA)
-			{
-			if (!DSA_sign(pkey->save_type,
-				&(data[MD5_DIGEST_LENGTH]),
-				SHA_DIGEST_LENGTH,&(p[2]),
-				(unsigned int *)&j,pkey->pkey.dsa))
-				{
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
-				goto err;
-				}
-			s2n(j,p);
-			n=j+2;
-			}
-		else
-#endif
-			{
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
-			goto err;
-			}
-		*(d++)=SSL3_MT_CERTIFICATE_VERIFY;
-		l2n3(n,d);
-
-		s->init_num=(int)n+4;
-		s->init_off=0;
-		}
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
-	return(-1);
-	}
-
-static int ssl3_send_client_certificate(SSL *s)
-	{
-	X509 *x509=NULL;
-	EVP_PKEY *pkey=NULL;
-	int i;
-	unsigned long l;
-
-	if (s->state ==	SSL3_ST_CW_CERT_A)
-		{
-		if ((s->cert == NULL) ||
-			(s->cert->key->x509 == NULL) ||
-			(s->cert->key->privatekey == NULL))
-			s->state=SSL3_ST_CW_CERT_B;
-		else
-			s->state=SSL3_ST_CW_CERT_C;
-		}
-
-	/* We need to get a client cert */
-	if (s->state == SSL3_ST_CW_CERT_B)
-		{
-		/* If we get an error, we need to
-		 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
-		 * We then get retied later */
-		i=0;
-		if (s->ctx->client_cert_cb != NULL)
-			i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
-		if (i < 0)
-			{
-			s->rwstate=SSL_X509_LOOKUP;
-			return(-1);
-			}
-		s->rwstate=SSL_NOTHING;
-		if ((i == 1) && (pkey != NULL) && (x509 != NULL))
-			{
-			s->state=SSL3_ST_CW_CERT_B;
-			if (	!SSL_use_certificate(s,x509) ||
-				!SSL_use_PrivateKey(s,pkey))
-				i=0;
-			}
-		else if (i == 1)
-			{
-			i=0;
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-			}
-
-		if (x509 != NULL) X509_free(x509);
-		if (pkey != NULL) EVP_PKEY_free(pkey);
-		if (i == 0)
-			{
-			if (s->version == SSL3_VERSION)
-				{
-				s->s3->tmp.cert_req=0;
-				ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
-				return(1);
-				}
-			else
-				{
-				s->s3->tmp.cert_req=2;
-				}
-			}
-
-		/* Ok, we have a cert */
-		s->state=SSL3_ST_CW_CERT_C;
-		}
-
-	if (s->state == SSL3_ST_CW_CERT_C)
-		{
-		s->state=SSL3_ST_CW_CERT_D;
-		l=ssl3_output_cert_chain(s,
-			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
-		s->init_num=(int)l;
-		s->init_off=0;
-		}
-	/* SSL3_ST_CW_CERT_D */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
-
-#define has_bits(i,m)	(((i)&(m)) == (m))
-
-static int ssl3_check_cert_and_algorithm(SSL *s)
-	{
-	int i,idx;
-	long algs;
-	EVP_PKEY *pkey=NULL;
-	SESS_CERT *sc;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa;
-#endif
-#ifndef OPENSSL_NO_DH
-	DH *dh;
-#endif
-
-	sc=s->session->sess_cert;
-
-	if (sc == NULL)
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-
-	algs=s->s3->tmp.new_cipher->algorithms;
-
-	/* we don't have a certificate */
-	if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
-		return(1);
-
-#ifndef OPENSSL_NO_RSA
-	rsa=s->session->sess_cert->peer_rsa_tmp;
-#endif
-#ifndef OPENSSL_NO_DH
-	dh=s->session->sess_cert->peer_dh_tmp;
-#endif
-
-	/* This is the passed certificate */
-
-	idx=sc->peer_cert_type;
-	pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
-	i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
-	EVP_PKEY_free(pkey);
-
-	
-	/* Check that we have a certificate if we require one */
-	if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
-		goto f_err;
-		}
-#ifndef OPENSSL_NO_DSA
-	else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
-		goto f_err;
-		}
-#endif
-#ifndef OPENSSL_NO_RSA
-	if ((algs & SSL_kRSA) &&
-		!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
-		goto f_err;
-		}
-#endif
-#ifndef OPENSSL_NO_DH
-	if ((algs & SSL_kEDH) &&
-		!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
-		goto f_err;
-		}
-	else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
-		goto f_err;
-		}
-#ifndef OPENSSL_NO_DSA
-	else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
-		{
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
-		goto f_err;
-		}
-#endif
-#endif
-
-	if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
-		{
-#ifndef OPENSSL_NO_RSA
-		if (algs & SSL_kRSA)
-			{
-			if (rsa == NULL
-			    || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
-				{
-				SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
-				goto f_err;
-				}
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DH
-			if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
-			    {
-			    if (dh == NULL
-				|| DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
-				{
-				SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
-				goto f_err;
-				}
-			}
-		else
-#endif
-			{
-			SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
-			goto f_err;
-			}
-		}
-	return(1);
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-err:
-	return(0);
-	}
-
diff --git a/crypto/openssl/ssl/s3_enc.c b/crypto/openssl/ssl/s3_enc.c
deleted file mode 100644
index 559924d3681b..000000000000
--- a/crypto/openssl/ssl/s3_enc.c
+++ /dev/null
@@ -1,697 +0,0 @@
-/* ssl/s3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-static unsigned char ssl3_pad_1[48]={
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
-	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36 };
-
-static unsigned char ssl3_pad_2[48]={
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
-	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
-
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
-	const char *sender, int len, unsigned char *p);
-
-static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
-	{
-	EVP_MD_CTX m5;
-	EVP_MD_CTX s1;
-	unsigned char buf[16],smd[SHA_DIGEST_LENGTH];
-	unsigned char c='A';
-	int i,j,k;
-
-#ifdef CHARSET_EBCDIC
-	c = os_toascii[c]; /*'A' in ASCII */
-#endif
-	k=0;
-	EVP_MD_CTX_init(&m5);
-	EVP_MD_CTX_init(&s1);
-	for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
-		{
-		k++;
-		if (k > sizeof buf)
-			{
-			/* bug: 'buf' is too small for this ciphersuite */
-			SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
-			return 0;
-			}
-		
-		for (j=0; j<k; j++)
-			buf[j]=c;
-		c++;
-		EVP_DigestInit_ex(&s1,EVP_sha1(), NULL);
-		EVP_DigestUpdate(&s1,buf,k);
-		EVP_DigestUpdate(&s1,s->session->master_key,
-			s->session->master_key_length);
-		EVP_DigestUpdate(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
-		EVP_DigestUpdate(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
-		EVP_DigestFinal_ex(&s1,smd,NULL);
-
-		EVP_DigestInit_ex(&m5,EVP_md5(), NULL);
-		EVP_DigestUpdate(&m5,s->session->master_key,
-			s->session->master_key_length);
-		EVP_DigestUpdate(&m5,smd,SHA_DIGEST_LENGTH);
-		if ((i+MD5_DIGEST_LENGTH) > num)
-			{
-			EVP_DigestFinal_ex(&m5,smd,NULL);
-			memcpy(km,smd,(num-i));
-			}
-		else
-			EVP_DigestFinal_ex(&m5,km,NULL);
-
-		km+=MD5_DIGEST_LENGTH;
-		}
-	OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH);
-	EVP_MD_CTX_cleanup(&m5);
-	EVP_MD_CTX_cleanup(&s1);
-	return 1;
-	}
-
-int ssl3_change_cipher_state(SSL *s, int which)
-	{
-	unsigned char *p,*key_block,*mac_secret;
-	unsigned char exp_key[EVP_MAX_KEY_LENGTH];
-	unsigned char exp_iv[EVP_MAX_IV_LENGTH];
-	unsigned char *ms,*key,*iv,*er1,*er2;
-	EVP_CIPHER_CTX *dd;
-	const EVP_CIPHER *c;
-	COMP_METHOD *comp;
-	const EVP_MD *m;
-	EVP_MD_CTX md;
-	int exp,n,i,j,k,cl;
-	int reuse_dd = 0;
-
-	exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-	c=s->s3->tmp.new_sym_enc;
-	m=s->s3->tmp.new_hash;
-	if (s->s3->tmp.new_compression == NULL)
-		comp=NULL;
-	else
-		comp=s->s3->tmp.new_compression->method;
-	key_block=s->s3->tmp.key_block;
-
-	if (which & SSL3_CC_READ)
-		{
-		if (s->enc_read_ctx != NULL)
-			reuse_dd = 1;
-		else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-			goto err;
-		dd= s->enc_read_ctx;
-		s->read_hash=m;
-		/* COMPRESS */
-		if (s->expand != NULL)
-			{
-			COMP_CTX_free(s->expand);
-			s->expand=NULL;
-			}
-		if (comp != NULL)
-			{
-			s->expand=COMP_CTX_new(comp);
-			if (s->expand == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
-				goto err2;
-				}
-			if (s->s3->rrec.comp == NULL)
-				s->s3->rrec.comp=(unsigned char *)
-					OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH);
-			if (s->s3->rrec.comp == NULL)
-				goto err;
-			}
-		memset(&(s->s3->read_sequence[0]),0,8);
-		mac_secret= &(s->s3->read_mac_secret[0]);
-		}
-	else
-		{
-		if (s->enc_write_ctx != NULL)
-			reuse_dd = 1;
-		else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-			goto err;
-		dd= s->enc_write_ctx;
-		s->write_hash=m;
-		/* COMPRESS */
-		if (s->compress != NULL)
-			{
-			COMP_CTX_free(s->compress);
-			s->compress=NULL;
-			}
-		if (comp != NULL)
-			{
-			s->compress=COMP_CTX_new(comp);
-			if (s->compress == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
-				goto err2;
-				}
-			}
-		memset(&(s->s3->write_sequence[0]),0,8);
-		mac_secret= &(s->s3->write_mac_secret[0]);
-		}
-
-	if (reuse_dd)
-		EVP_CIPHER_CTX_cleanup(dd);
-	EVP_CIPHER_CTX_init(dd);
-
-	p=s->s3->tmp.key_block;
-	i=EVP_MD_size(m);
-	cl=EVP_CIPHER_key_length(c);
-	j=exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
-		 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
-	/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
-	k=EVP_CIPHER_iv_length(c);
-	if (	(which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-		(which == SSL3_CHANGE_CIPHER_SERVER_READ))
-		{
-		ms=  &(p[ 0]); n=i+i;
-		key= &(p[ n]); n+=j+j;
-		iv=  &(p[ n]); n+=k+k;
-		er1= &(s->s3->client_random[0]);
-		er2= &(s->s3->server_random[0]);
-		}
-	else
-		{
-		n=i;
-		ms=  &(p[ n]); n+=i+j;
-		key= &(p[ n]); n+=j+k;
-		iv=  &(p[ n]); n+=k;
-		er1= &(s->s3->server_random[0]);
-		er2= &(s->s3->client_random[0]);
-		}
-
-	if (n > s->s3->tmp.key_block_length)
-		{
-		SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
-		goto err2;
-		}
-
-	EVP_MD_CTX_init(&md);
-	memcpy(mac_secret,ms,i);
-	if (exp)
-		{
-		/* In here I set both the read and write key/iv to the
-		 * same value since only the correct one will be used :-).
-		 */
-		EVP_DigestInit_ex(&md,EVP_md5(), NULL);
-		EVP_DigestUpdate(&md,key,j);
-		EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
-		EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
-		EVP_DigestFinal_ex(&md,&(exp_key[0]),NULL);
-		key= &(exp_key[0]);
-
-		if (k > 0)
-			{
-			EVP_DigestInit_ex(&md,EVP_md5(), NULL);
-			EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
-			EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
-			EVP_DigestFinal_ex(&md,&(exp_iv[0]),NULL);
-			iv= &(exp_iv[0]);
-			}
-		}
-
-	s->session->key_arg_length=0;
-
-	EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
-
-	OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key));
-	OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv));
-	EVP_MD_CTX_cleanup(&md);
-	return(1);
-err:
-	SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
-err2:
-	return(0);
-	}
-
-int ssl3_setup_key_block(SSL *s)
-	{
-	unsigned char *p;
-	const EVP_CIPHER *c;
-	const EVP_MD *hash;
-	int num;
-	int ret = 0;
-	SSL_COMP *comp;
-
-	if (s->s3->tmp.key_block_length != 0)
-		return(1);
-
-	if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
-		{
-		SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-		return(0);
-		}
-
-	s->s3->tmp.new_sym_enc=c;
-	s->s3->tmp.new_hash=hash;
-	s->s3->tmp.new_compression=comp;
-
-	num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
-	num*=2;
-
-	ssl3_cleanup_key_block(s);
-
-	if ((p=OPENSSL_malloc(num)) == NULL)
-		goto err;
-
-	s->s3->tmp.key_block_length=num;
-	s->s3->tmp.key_block=p;
-
-	ret = ssl3_generate_key_block(s,p,num);
-
-	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
-		{
-		/* enable vulnerability countermeasure for CBC ciphers with
-		 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-		 */
-		s->s3->need_empty_fragments = 1;
-
-		if (s->session->cipher != NULL)
-			{
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
-				s->s3->need_empty_fragments = 0;
-			
-#ifndef OPENSSL_NO_RC4
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
-				s->s3->need_empty_fragments = 0;
-#endif
-			}
-		}
-
-	return ret;
-		
-err:
-	SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-void ssl3_cleanup_key_block(SSL *s)
-	{
-	if (s->s3->tmp.key_block != NULL)
-		{
-		OPENSSL_cleanse(s->s3->tmp.key_block,
-			s->s3->tmp.key_block_length);
-		OPENSSL_free(s->s3->tmp.key_block);
-		s->s3->tmp.key_block=NULL;
-		}
-	s->s3->tmp.key_block_length=0;
-	}
-
-int ssl3_enc(SSL *s, int send)
-	{
-	SSL3_RECORD *rec;
-	EVP_CIPHER_CTX *ds;
-	unsigned long l;
-	int bs,i;
-	const EVP_CIPHER *enc;
-
-	if (send)
-		{
-		ds=s->enc_write_ctx;
-		rec= &(s->s3->wrec);
-		if (s->enc_write_ctx == NULL)
-			enc=NULL;
-		else
-			enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-		}
-	else
-		{
-		ds=s->enc_read_ctx;
-		rec= &(s->s3->rrec);
-		if (s->enc_read_ctx == NULL)
-			enc=NULL;
-		else
-			enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-		}
-
-	if ((s->session == NULL) || (ds == NULL) ||
-		(enc == NULL))
-		{
-		memmove(rec->data,rec->input,rec->length);
-		rec->input=rec->data;
-		}
-	else
-		{
-		l=rec->length;
-		bs=EVP_CIPHER_block_size(ds->cipher);
-
-		/* COMPRESS */
-
-		if ((bs != 1) && send)
-			{
-			i=bs-((int)l%bs);
-
-			/* we need to add 'i-1' padding bytes */
-			l+=i;
-			rec->length+=i;
-			rec->input[l-1]=(i-1);
-			}
-		
-		if (!send)
-			{
-			if (l == 0 || l%bs != 0)
-				{
-				SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
-				return 0;
-				}
-			/* otherwise, rec->length >= bs */
-			}
-		
-		EVP_Cipher(ds,rec->data,rec->input,l);
-
-		if ((bs != 1) && !send)
-			{
-			i=rec->data[l-1]+1;
-			/* SSL 3.0 bounds the number of padding bytes by the block size;
-			 * padding bytes (except the last one) are arbitrary */
-			if (i > bs)
-				{
-				/* Incorrect padding. SSLerr() and ssl3_alert are done
-				 * by caller: we don't want to reveal whether this is
-				 * a decryption error or a MAC verification failure
-				 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
-				return -1;
-				}
-			/* now i <= bs <= rec->length */
-			rec->length-=i;
-			}
-		}
-	return(1);
-	}
-
-void ssl3_init_finished_mac(SSL *s)
-	{
-	EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL);
-	EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL);
-	}
-
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
-	{
-	EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len);
-	EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len);
-	}
-
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *ctx, unsigned char *p)
-	{
-	return(ssl3_handshake_mac(s,ctx,NULL,0,p));
-	}
-
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
-	     const char *sender, int len, unsigned char *p)
-	{
-	int ret;
-
-	ret=ssl3_handshake_mac(s,ctx1,sender,len,p);
-	p+=ret;
-	ret+=ssl3_handshake_mac(s,ctx2,sender,len,p);
-	return(ret);
-	}
-
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
-	     const char *sender, int len, unsigned char *p)
-	{
-	unsigned int ret;
-	int npad,n;
-	unsigned int i;
-	unsigned char md_buf[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX ctx;
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in_ctx);
-
-	n=EVP_MD_CTX_size(&ctx);
-	npad=(48/n)*n;
-
-	if (sender != NULL)
-		EVP_DigestUpdate(&ctx,sender,len);
-	EVP_DigestUpdate(&ctx,s->session->master_key,
-		s->session->master_key_length);
-	EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
-	EVP_DigestFinal_ex(&ctx,md_buf,&i);
-
-	EVP_DigestInit_ex(&ctx,EVP_MD_CTX_md(&ctx), NULL);
-	EVP_DigestUpdate(&ctx,s->session->master_key,
-		s->session->master_key_length);
-	EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
-	EVP_DigestUpdate(&ctx,md_buf,i);
-	EVP_DigestFinal_ex(&ctx,p,&ret);
-
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return((int)ret);
-	}
-
-int ssl3_mac(SSL *ssl, unsigned char *md, int send)
-	{
-	SSL3_RECORD *rec;
-	unsigned char *mac_sec,*seq;
-	EVP_MD_CTX md_ctx;
-	const EVP_MD *hash;
-	unsigned char *p,rec_char;
-	unsigned int md_size;
-	int npad,i;
-
-	if (send)
-		{
-		rec= &(ssl->s3->wrec);
-		mac_sec= &(ssl->s3->write_mac_secret[0]);
-		seq= &(ssl->s3->write_sequence[0]);
-		hash=ssl->write_hash;
-		}
-	else
-		{
-		rec= &(ssl->s3->rrec);
-		mac_sec= &(ssl->s3->read_mac_secret[0]);
-		seq= &(ssl->s3->read_sequence[0]);
-		hash=ssl->read_hash;
-		}
-
-	md_size=EVP_MD_size(hash);
-	npad=(48/md_size)*md_size;
-
-	/* Chop the digest off the end :-) */
-	EVP_MD_CTX_init(&md_ctx);
-
-	EVP_DigestInit_ex(  &md_ctx,hash, NULL);
-	EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
-	EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
-	EVP_DigestUpdate(&md_ctx,seq,8);
-	rec_char=rec->type;
-	EVP_DigestUpdate(&md_ctx,&rec_char,1);
-	p=md;
-	s2n(rec->length,p);
-	EVP_DigestUpdate(&md_ctx,md,2);
-	EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
-	EVP_DigestFinal_ex( &md_ctx,md,NULL);
-
-	EVP_DigestInit_ex(  &md_ctx,hash, NULL);
-	EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
-	EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
-	EVP_DigestUpdate(&md_ctx,md,md_size);
-	EVP_DigestFinal_ex( &md_ctx,md,&md_size);
-
-	EVP_MD_CTX_cleanup(&md_ctx);
-
-	for (i=7; i>=0; i--)
-		{
-		++seq[i];
-		if (seq[i] != 0) break; 
-		}
-
-	return(md_size);
-	}
-
-int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
-	     int len)
-	{
-	static const unsigned char *salt[3]={
-#ifndef CHARSET_EBCDIC
-		(const unsigned char *)"A",
-		(const unsigned char *)"BB",
-		(const unsigned char *)"CCC",
-#else
-		(const unsigned char *)"\x41",
-		(const unsigned char *)"\x42\x42",
-		(const unsigned char *)"\x43\x43\x43",
-#endif
-		};
-	unsigned char buf[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX ctx;
-	int i,ret=0;
-	unsigned int n;
-
-	EVP_MD_CTX_init(&ctx);
-	for (i=0; i<3; i++)
-		{
-		EVP_DigestInit_ex(&ctx,s->ctx->sha1, NULL);
-		EVP_DigestUpdate(&ctx,salt[i],strlen((const char *)salt[i]));
-		EVP_DigestUpdate(&ctx,p,len);
-		EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
-			SSL3_RANDOM_SIZE);
-		EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]),
-			SSL3_RANDOM_SIZE);
-		EVP_DigestFinal_ex(&ctx,buf,&n);
-
-		EVP_DigestInit_ex(&ctx,s->ctx->md5, NULL);
-		EVP_DigestUpdate(&ctx,p,len);
-		EVP_DigestUpdate(&ctx,buf,n);
-		EVP_DigestFinal_ex(&ctx,out,&n);
-		out+=n;
-		ret+=n;
-		}
-	EVP_MD_CTX_cleanup(&ctx);
-	return(ret);
-	}
-
-int ssl3_alert_code(int code)
-	{
-	switch (code)
-		{
-	case SSL_AD_CLOSE_NOTIFY:	return(SSL3_AD_CLOSE_NOTIFY);
-	case SSL_AD_UNEXPECTED_MESSAGE:	return(SSL3_AD_UNEXPECTED_MESSAGE);
-	case SSL_AD_BAD_RECORD_MAC:	return(SSL3_AD_BAD_RECORD_MAC);
-	case SSL_AD_DECRYPTION_FAILED:	return(SSL3_AD_BAD_RECORD_MAC);
-	case SSL_AD_RECORD_OVERFLOW:	return(SSL3_AD_BAD_RECORD_MAC);
-	case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
-	case SSL_AD_HANDSHAKE_FAILURE:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_NO_CERTIFICATE:	return(SSL3_AD_NO_CERTIFICATE);
-	case SSL_AD_BAD_CERTIFICATE:	return(SSL3_AD_BAD_CERTIFICATE);
-	case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
-	case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
-	case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
-	case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
-	case SSL_AD_ILLEGAL_PARAMETER:	return(SSL3_AD_ILLEGAL_PARAMETER);
-	case SSL_AD_UNKNOWN_CA:		return(SSL3_AD_BAD_CERTIFICATE);
-	case SSL_AD_ACCESS_DENIED:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_DECODE_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_DECRYPT_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_EXPORT_RESTRICTION:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_PROTOCOL_VERSION:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_INTERNAL_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_USER_CANCELLED:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_NO_RENEGOTIATION:	return(-1); /* Don't send it :-) */
-	default:			return(-1);
-		}
-	}
-
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
deleted file mode 100644
index 896b12fc4f38..000000000000
--- a/crypto/openssl/ssl/s3_lib.c
+++ /dev/null
@@ -1,1797 +0,0 @@
-/* ssl/s3_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/md5.h>
-
-const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
-
-#define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
-
-static long ssl3_default_timeout(void );
-
-OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
-/* The RSA ciphers */
-/* Cipher 01 */
-	{
-	1,
-	SSL3_TXT_RSA_NULL_MD5,
-	SSL3_CK_RSA_NULL_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 02 */
-	{
-	1,
-	SSL3_TXT_RSA_NULL_SHA,
-	SSL3_CK_RSA_NULL_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* anon DH */
-/* Cipher 17 */
-	{
-	1,
-	SSL3_TXT_ADH_RC4_40_MD5,
-	SSL3_CK_ADH_RC4_40_MD5,
-	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 18 */
-	{
-	1,
-	SSL3_TXT_ADH_RC4_128_MD5,
-	SSL3_CK_ADH_RC4_128_MD5,
-	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 19 */
-	{
-	1,
-	SSL3_TXT_ADH_DES_40_CBC_SHA,
-	SSL3_CK_ADH_DES_40_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 1A */
-	{
-	1,
-	SSL3_TXT_ADH_DES_64_CBC_SHA,
-	SSL3_CK_ADH_DES_64_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 1B */
-	{
-	1,
-	SSL3_TXT_ADH_DES_192_CBC_SHA,
-	SSL3_CK_ADH_DES_192_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* RSA again */
-/* Cipher 03 */
-	{
-	1,
-	SSL3_TXT_RSA_RC4_40_MD5,
-	SSL3_CK_RSA_RC4_40_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 04 */
-	{
-	1,
-	SSL3_TXT_RSA_RC4_128_MD5,
-	SSL3_CK_RSA_RC4_128_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 05 */
-	{
-	1,
-	SSL3_TXT_RSA_RC4_128_SHA,
-	SSL3_CK_RSA_RC4_128_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 06 */
-	{
-	1,
-	SSL3_TXT_RSA_RC2_40_MD5,
-	SSL3_CK_RSA_RC2_40_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 07 */
-	{
-	1,
-	SSL3_TXT_RSA_IDEA_128_SHA,
-	SSL3_CK_RSA_IDEA_128_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 08 */
-	{
-	1,
-	SSL3_TXT_RSA_DES_40_CBC_SHA,
-	SSL3_CK_RSA_DES_40_CBC_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 09 */
-	{
-	1,
-	SSL3_TXT_RSA_DES_64_CBC_SHA,
-	SSL3_CK_RSA_DES_64_CBC_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 0A */
-	{
-	1,
-	SSL3_TXT_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_RSA_DES_192_CBC3_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/*  The DH ciphers */
-/* Cipher 0B */
-	{
-	0,
-	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
-	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-	SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 0C */
-	{
-	0,
-	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
-	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-	SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 0D */
-	{
-	0,
-	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-	SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 0E */
-	{
-	0,
-	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
-	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-	SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 0F */
-	{
-	0,
-	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
-	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-	SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 10 */
-	{
-	0,
-	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-	SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
-	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
-	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 12 */
-	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 13 */
-	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 14 */
-	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
-	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 15 */
-	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 16 */
-	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Fortezza */
-/* Cipher 1C */
-	{
-	0,
-	SSL3_TXT_FZA_DMS_NULL_SHA,
-	SSL3_CK_FZA_DMS_NULL_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 1D */
-	{
-	0,
-	SSL3_TXT_FZA_DMS_FZA_SHA,
-	SSL3_CK_FZA_DMS_FZA_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	0,
-	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-#if 0
-/* Cipher 1E */
-	{
-	0,
-	SSL3_TXT_FZA_DMS_RC4_SHA,
-	SSL3_CK_FZA_DMS_RC4_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-#endif
-
-#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers
-** 20000107 VRS: And the first shall be last,
-** in hopes of avoiding the lynx ssl renegotiation problem.
-*/
-/* Cipher 1E VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_64_CBC_SHA,
-	SSL3_CK_KRB5_DES_64_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 1F VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
-	SSL3_CK_KRB5_DES_192_CBC3_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	112,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 20 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC4_128_SHA,
-	SSL3_CK_KRB5_RC4_128_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 21 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
-	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 22 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_64_CBC_MD5,
-	SSL3_CK_KRB5_DES_64_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 23 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
-	SSL3_CK_KRB5_DES_192_CBC3_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	112,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 24 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC4_128_MD5,
-	SSL3_CK_KRB5_RC4_128_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 25 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
-	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 26 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_40_CBC_SHA,
-	SSL3_CK_KRB5_DES_40_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 27 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
-	SSL3_CK_KRB5_RC2_40_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 28 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC4_40_SHA,
-	SSL3_CK_KRB5_RC4_40_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 29 VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_DES_40_CBC_MD5,
-	SSL3_CK_KRB5_DES_40_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 2A VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
-	SSL3_CK_KRB5_RC2_40_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* Cipher 2B VRS */
-	{
-	1,
-	SSL3_TXT_KRB5_RC4_40_MD5,
-	SSL3_CK_KRB5_RC4_40_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-#endif	/* OPENSSL_NO_KRB5 */
-
-
-#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
-	/* New TLS Export CipherSuites */
-	/* Cipher 60 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 61 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	    SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 62 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	    TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    56,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 63 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    56,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 64 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 65 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 66 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
-	    TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS
-	    },
-#endif
-	/* New AES ciphersuites */
-
-	/* Cipher 2F */
-	    {
-	    1,
-	    TLS1_TXT_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_RSA_WITH_AES_128_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 30 */
-	    {
-	    0,
-	    TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-	    TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 31 */
-	    {
-	    0,
-	    TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 32 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-	    TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 33 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 34 */
-	    {
-	    1,
-	    TLS1_TXT_ADH_WITH_AES_128_SHA,
-	    TLS1_CK_ADH_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-
-	/* Cipher 35 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_RSA_WITH_AES_256_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 36 */
-	    {
-	    0,
-	    TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-	    TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 37 */
-	    {
-	    0,
-	    TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 38 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-	    TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 39 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 3A */
-	    {
-	    1,
-	    TLS1_TXT_ADH_WITH_AES_256_SHA,
-	    TLS1_CK_ADH_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-
-/* end of list */
-	};
-
-static SSL3_ENC_METHOD SSLv3_enc_data={
-	ssl3_enc,
-	ssl3_mac,
-	ssl3_setup_key_block,
-	ssl3_generate_master_secret,
-	ssl3_change_cipher_state,
-	ssl3_final_finish_mac,
-	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
-	ssl3_cert_verify_mac,
-	SSL3_MD_CLIENT_FINISHED_CONST,4,
-	SSL3_MD_SERVER_FINISHED_CONST,4,
-	ssl3_alert_code,
-	};
-
-static SSL_METHOD SSLv3_data= {
-	SSL3_VERSION,
-	ssl3_new,
-	ssl3_clear,
-	ssl3_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl3_read,
-	ssl3_peek,
-	ssl3_write,
-	ssl3_shutdown,
-	ssl3_renegotiate,
-	ssl3_renegotiate_check,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl3_get_cipher_by_char,
-	ssl3_put_cipher_by_char,
-	ssl3_pending,
-	ssl3_num_ciphers,
-	ssl3_get_cipher,
-	ssl_bad_method,
-	ssl3_default_timeout,
-	&SSLv3_enc_data,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long ssl3_default_timeout(void)
-	{
-	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
-	 * is way too long for http, the cache would over fill */
-	return(60*60*2);
-	}
-
-SSL_METHOD *sslv3_base_method(void)
-	{
-	return(&SSLv3_data);
-	}
-
-int ssl3_num_ciphers(void)
-	{
-	return(SSL3_NUM_CIPHERS);
-	}
-
-SSL_CIPHER *ssl3_get_cipher(unsigned int u)
-	{
-	if (u < SSL3_NUM_CIPHERS)
-		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
-	else
-		return(NULL);
-	}
-
-int ssl3_pending(SSL *s)
-	{
-	if (s->rstate == SSL_ST_READ_BODY)
-		return 0;
-	
-	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
-	}
-
-int ssl3_new(SSL *s)
-	{
-	SSL3_STATE *s3;
-
-	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
-	memset(s3,0,sizeof *s3);
-	EVP_MD_CTX_init(&s3->finish_dgst1);
-	EVP_MD_CTX_init(&s3->finish_dgst2);
-
-	s->s3=s3;
-
-	s->method->ssl_clear(s);
-	return(1);
-err:
-	return(0);
-	}
-
-void ssl3_free(SSL *s)
-	{
-	if(s == NULL)
-	    return;
-
-	ssl3_cleanup_key_block(s);
-	if (s->s3->rbuf.buf != NULL)
-		OPENSSL_free(s->s3->rbuf.buf);
-	if (s->s3->wbuf.buf != NULL)
-		OPENSSL_free(s->s3->wbuf.buf);
-	if (s->s3->rrec.comp != NULL)
-		OPENSSL_free(s->s3->rrec.comp);
-#ifndef OPENSSL_NO_DH
-	if (s->s3->tmp.dh != NULL)
-		DH_free(s->s3->tmp.dh);
-#endif
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
-	OPENSSL_cleanse(s->s3,sizeof *s->s3);
-	OPENSSL_free(s->s3);
-	s->s3=NULL;
-	}
-
-void ssl3_clear(SSL *s)
-	{
-	unsigned char *rp,*wp;
-	size_t rlen, wlen;
-
-	ssl3_cleanup_key_block(s);
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
-
-	if (s->s3->rrec.comp != NULL)
-		{
-		OPENSSL_free(s->s3->rrec.comp);
-		s->s3->rrec.comp=NULL;
-		}
-#ifndef OPENSSL_NO_DH
-	if (s->s3->tmp.dh != NULL)
-		DH_free(s->s3->tmp.dh);
-#endif
-
-	rp = s->s3->rbuf.buf;
-	wp = s->s3->wbuf.buf;
-	rlen = s->s3->rbuf.len;
- 	wlen = s->s3->wbuf.len;
-
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
-
-	memset(s->s3,0,sizeof *s->s3);
-	s->s3->rbuf.buf = rp;
-	s->s3->wbuf.buf = wp;
-	s->s3->rbuf.len = rlen;
- 	s->s3->wbuf.len = wlen;
-
-	ssl_free_wbio_buffer(s);
-
-	s->packet_length=0;
-	s->s3->renegotiate=0;
-	s->s3->total_renegotiations=0;
-	s->s3->num_renegotiations=0;
-	s->s3->in_read_app_data=0;
-	s->version=SSL3_VERSION;
-	}
-
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
-	{
-	int ret=0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
-	if (
-#ifndef OPENSSL_NO_RSA
-	    cmd == SSL_CTRL_SET_TMP_RSA ||
-	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-#endif
-#ifndef OPENSSL_NO_DSA
-	    cmd == SSL_CTRL_SET_TMP_DH ||
-	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
-#endif
-		0)
-		{
-		if (!ssl_cert_inst(&s->cert))
-		    	{
-			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		}
-#endif
-
-	switch (cmd)
-		{
-	case SSL_CTRL_GET_SESSION_REUSED:
-		ret=s->hit;
-		break;
-	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
-		break;
-	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
-		ret=s->s3->num_renegotiations;
-		break;
-	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
-		ret=s->s3->num_renegotiations;
-		s->s3->num_renegotiations=0;
-		break;
-	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
-		ret=s->s3->total_renegotiations;
-		break;
-	case SSL_CTRL_GET_FLAGS:
-		ret=(int)(s->s3->flags);
-		break;
-#ifndef OPENSSL_NO_RSA
-	case SSL_CTRL_NEED_TMP_RSA:
-		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
-		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
-			ret = 1;
-		break;
-	case SSL_CTRL_SET_TMP_RSA:
-		{
-			RSA *rsa = (RSA *)parg;
-			if (rsa == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-				return(ret);
-				}
-			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
-				return(ret);
-				}
-			if (s->cert->rsa_tmp != NULL)
-				RSA_free(s->cert->rsa_tmp);
-			s->cert->rsa_tmp = rsa;
-			ret = 1;
-		}
-		break;
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		{
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(ret);
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case SSL_CTRL_SET_TMP_DH:
-		{
-			DH *dh = (DH *)parg;
-			if (dh == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-				return(ret);
-				}
-			if ((dh = DHparams_dup(dh)) == NULL)
-				{
-				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-				return(ret);
-				}
-			if (!(s->options & SSL_OP_SINGLE_DH_USE))
-				{
-				if (!DH_generate_key(dh))
-					{
-					DH_free(dh);
-					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-					return(ret);
-					}
-				}
-			if (s->cert->dh_tmp != NULL)
-				DH_free(s->cert->dh_tmp);
-			s->cert->dh_tmp = dh;
-			ret = 1;
-		}
-		break;
-	case SSL_CTRL_SET_TMP_DH_CB:
-		{
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(ret);
-		}
-		break;
-#endif
-	default:
-		break;
-		}
-	return(ret);
-	}
-
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
-	{
-	int ret=0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
-	if (
-#ifndef OPENSSL_NO_RSA
-	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-#endif
-#ifndef OPENSSL_NO_DSA
-	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
-#endif
-		0)
-		{
-		if (!ssl_cert_inst(&s->cert))
-			{
-			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		}
-#endif
-
-	switch (cmd)
-		{
-#ifndef OPENSSL_NO_RSA
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		{
-		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case SSL_CTRL_SET_TMP_DH_CB:
-		{
-		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-		}
-		break;
-#endif
-	default:
-		break;
-		}
-	return(ret);
-	}
-
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-	{
-	CERT *cert;
-
-	cert=ctx->cert;
-
-	switch (cmd)
-		{
-#ifndef OPENSSL_NO_RSA
-	case SSL_CTRL_NEED_TMP_RSA:
-		if (	(cert->rsa_tmp == NULL) &&
-			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
-			)
-			return(1);
-		else
-			return(0);
-		/* break; */
-	case SSL_CTRL_SET_TMP_RSA:
-		{
-		RSA *rsa;
-		int i;
-
-		rsa=(RSA *)parg;
-		i=1;
-		if (rsa == NULL)
-			i=0;
-		else
-			{
-			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
-				i=0;
-			}
-		if (!i)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
-			return(0);
-			}
-		else
-			{
-			if (cert->rsa_tmp != NULL)
-				RSA_free(cert->rsa_tmp);
-			cert->rsa_tmp=rsa;
-			return(1);
-			}
-		}
-		/* break; */
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		{
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(0);
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case SSL_CTRL_SET_TMP_DH:
-		{
-		DH *new=NULL,*dh;
-
-		dh=(DH *)parg;
-		if ((new=DHparams_dup(dh)) == NULL)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
-			return 0;
-			}
-		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
-			{
-			if (!DH_generate_key(new))
-				{
-				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
-				DH_free(new);
-				return 0;
-				}
-			}
-		if (cert->dh_tmp != NULL)
-			DH_free(cert->dh_tmp);
-		cert->dh_tmp=new;
-		return 1;
-		}
-		/*break; */
-	case SSL_CTRL_SET_TMP_DH_CB:
-		{
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(0);
-		}
-		break;
-#endif
-	/* A Thawte special :-) */
-	case SSL_CTRL_EXTRA_CHAIN_CERT:
-		if (ctx->extra_certs == NULL)
-			{
-			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
-				return(0);
-			}
-		sk_X509_push(ctx->extra_certs,(X509 *)parg);
-		break;
-
-	default:
-		return(0);
-		}
-	return(1);
-	}
-
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
-	{
-	CERT *cert;
-
-	cert=ctx->cert;
-
-	switch (cmd)
-		{
-#ifndef OPENSSL_NO_RSA
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		{
-		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case SSL_CTRL_SET_TMP_DH_CB:
-		{
-		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-		}
-		break;
-#endif
-	default:
-		return(0);
-		}
-	return(1);
-	}
-
-/* This function needs to check if the ciphers required are actually
- * available */
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
-	{
-	static int init=1;
-	static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
-	SSL_CIPHER c,*cp= &c,**cpp;
-	unsigned long id;
-	int i;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-
-		if (init)
-			{
-			for (i=0; i<SSL3_NUM_CIPHERS; i++)
-				sorted[i]= &(ssl3_ciphers[i]);
-
-			qsort(sorted,
-				SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-				FP_ICC ssl_cipher_ptr_id_cmp);
-
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
-
-	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
-	c.id=id;
-	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
-		(char *)sorted,
-		SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-		FP_ICC ssl_cipher_ptr_id_cmp);
-	if ((cpp == NULL) || !(*cpp)->valid)
-		return(NULL);
-	else
-		return(*cpp);
-	}
-
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-	{
-	long l;
-
-	if (p != NULL)
-		{
-		l=c->id;
-		if ((l & 0xff000000) != 0x03000000) return(0);
-		p[0]=((unsigned char)(l>> 8L))&0xFF;
-		p[1]=((unsigned char)(l     ))&0xFF;
-		}
-	return(2);
-	}
-
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
-	     STACK_OF(SSL_CIPHER) *srvr)
-	{
-	SSL_CIPHER *c,*ret=NULL;
-	STACK_OF(SSL_CIPHER) *prio, *allow;
-	int i,j,ok;
-	CERT *cert;
-	unsigned long alg,mask,emask;
-
-	/* Let's see which ciphers we can support */
-	cert=s->cert;
-
-#if 0
-	/* Do not set the compare functions, because this may lead to a
-	 * reordering by "id". We want to keep the original ordering.
-	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
-	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
-	 */
-	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
-	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
-#endif
-
-#ifdef CIPHER_DEBUG
-        printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
-        for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
-	    {
-	    c=sk_SSL_CIPHER_value(srvr,i);
-	    printf("%p:%s\n",c,c->name);
-	    }
-        printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
-        for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
-	    {
-	    c=sk_SSL_CIPHER_value(clnt,i);
-	    printf("%p:%s\n",c,c->name);
-	    }
-#endif
-
-	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-	    {
-	    prio = srvr;
-	    allow = clnt;
-	    }
-	else
-	    {
-	    prio = clnt;
-	    allow = srvr;
-	    }
-
-	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
-		{
-		c=sk_SSL_CIPHER_value(prio,i);
-
-		ssl_set_cert_masks(cert,c);
-		mask=cert->mask;
-		emask=cert->export_mask;
-			
-#ifdef KSSL_DEBUG
-		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
-#endif    /* KSSL_DEBUG */
-
-		alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
-#ifndef OPENSSL_NO_KRB5
-                if (alg & SSL_KRB5) 
-                        {
-                        if ( !kssl_keytab_is_available(s->kssl_ctx) )
-                            continue;
-                        }
-#endif /* OPENSSL_NO_KRB5 */
-		if (SSL_C_IS_EXPORT(c))
-			{
-			ok=((alg & emask) == alg)?1:0;
-#ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
-			       c,c->name);
-#endif
-			}
-		else
-			{
-			ok=((alg & mask) == alg)?1:0;
-#ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
-			       c->name);
-#endif
-			}
-
-		if (!ok) continue;
-	
-		j=sk_SSL_CIPHER_find(allow,c);
-		if (j >= 0)
-			{
-			ret=sk_SSL_CIPHER_value(allow,j);
-			break;
-			}
-		}
-	return(ret);
-	}
-
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
-	{
-	int ret=0;
-	unsigned long alg;
-
-	alg=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef OPENSSL_NO_DH
-	if (alg & (SSL_kDHr|SSL_kEDH))
-		{
-#  ifndef OPENSSL_NO_RSA
-		p[ret++]=SSL3_CT_RSA_FIXED_DH;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-		p[ret++]=SSL3_CT_DSS_FIXED_DH;
-#  endif
-		}
-	if ((s->version == SSL3_VERSION) &&
-		(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
-		{
-#  ifndef OPENSSL_NO_RSA
-		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
-#  endif
-		}
-#endif /* !OPENSSL_NO_DH */
-#ifndef OPENSSL_NO_RSA
-	p[ret++]=SSL3_CT_RSA_SIGN;
-#endif
-#ifndef OPENSSL_NO_DSA
-	p[ret++]=SSL3_CT_DSS_SIGN;
-#endif
-	return(ret);
-	}
-
-int ssl3_shutdown(SSL *s)
-	{
-
-	/* Don't do anything much if we have not done the handshake or
-	 * we don't want to send messages :-) */
-	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
-		{
-		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-		return(1);
-		}
-
-	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
-		{
-		s->shutdown|=SSL_SENT_SHUTDOWN;
-#if 1
-		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
-#endif
-		/* our shutdown alert has been sent now, and if it still needs
-	 	 * to be written, s->s3->alert_dispatch will be true */
-		}
-	else if (s->s3->alert_dispatch)
-		{
-		/* resend it if not sent */
-#if 1
-		ssl3_dispatch_alert(s);
-#endif
-		}
-	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
-		{
-		/* If we are waiting for a close from our peer, we are closed */
-		ssl3_read_bytes(s,0,NULL,0,0);
-		}
-
-	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
-		!s->s3->alert_dispatch)
-		return(1);
-	else
-		return(0);
-	}
-
-int ssl3_write(SSL *s, const void *buf, int len)
-	{
-	int ret,n;
-
-#if 0
-	if (s->shutdown & SSL_SEND_SHUTDOWN)
-		{
-		s->rwstate=SSL_NOTHING;
-		return(0);
-		}
-#endif
-	clear_sys_error();
-	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
-
-	/* This is an experimental flag that sends the
-	 * last handshake message in the same packet as the first
-	 * use data - used to see if it helps the TCP protocol during
-	 * session-id reuse */
-	/* The second test is because the buffer may have been removed */
-	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
-		{
-		/* First time through, we write into the buffer */
-		if (s->s3->delay_buf_pop_ret == 0)
-			{
-			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
-					     buf,len);
-			if (ret <= 0) return(ret);
-
-			s->s3->delay_buf_pop_ret=ret;
-			}
-
-		s->rwstate=SSL_WRITING;
-		n=BIO_flush(s->wbio);
-		if (n <= 0) return(n);
-		s->rwstate=SSL_NOTHING;
-
-		/* We have flushed the buffer, so remove it */
-		ssl_free_wbio_buffer(s);
-		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
-
-		ret=s->s3->delay_buf_pop_ret;
-		s->s3->delay_buf_pop_ret=0;
-		}
-	else
-		{
-		ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
-				     buf,len);
-		if (ret <= 0) return(ret);
-		}
-
-	return(ret);
-	}
-
-static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
-	{
-	int ret;
-	
-	clear_sys_error();
-	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
-	s->s3->in_read_app_data=1;
-	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-	if ((ret == -1) && (s->s3->in_read_app_data == 2))
-		{
-		/* ssl3_read_bytes decided to call s->handshake_func, which
-		 * called ssl3_read_bytes to read handshake data.
-		 * However, ssl3_read_bytes actually found application data
-		 * and thinks that application data makes sense here; so disable
-		 * handshake processing and try to read application data again. */
-		s->in_handshake++;
-		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-		s->in_handshake--;
-		}
-	else
-		s->s3->in_read_app_data=0;
-
-	return(ret);
-	}
-
-int ssl3_read(SSL *s, void *buf, int len)
-	{
-	return ssl3_read_internal(s, buf, len, 0);
-	}
-
-int ssl3_peek(SSL *s, void *buf, int len)
-	{
-	return ssl3_read_internal(s, buf, len, 1);
-	}
-
-int ssl3_renegotiate(SSL *s)
-	{
-	if (s->handshake_func == NULL)
-		return(1);
-
-	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-		return(0);
-
-	s->s3->renegotiate=1;
-	return(1);
-	}
-
-int ssl3_renegotiate_check(SSL *s)
-	{
-	int ret=0;
-
-	if (s->s3->renegotiate)
-		{
-		if (	(s->s3->rbuf.left == 0) &&
-			(s->s3->wbuf.left == 0) &&
-			!SSL_in_init(s))
-			{
-/*
-if we are the server, and we have sent a 'RENEGOTIATE' message, we
-need to go to SSL_ST_ACCEPT.
-*/
-			/* SSL_ST_ACCEPT */
-			s->state=SSL_ST_RENEGOTIATE;
-			s->s3->renegotiate=0;
-			s->s3->num_renegotiations++;
-			s->s3->total_renegotiations++;
-			ret=1;
-			}
-		}
-	return(ret);
-	}
-
diff --git a/crypto/openssl/ssl/s3_meth.c b/crypto/openssl/ssl/s3_meth.c
deleted file mode 100644
index 1fd7a96f87ba..000000000000
--- a/crypto/openssl/ssl/s3_meth.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* ssl/s3_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl3_get_method(int ver);
-static SSL_METHOD *ssl3_get_method(int ver)
-	{
-	if (ver == SSL3_VERSION)
-		return(SSLv3_method());
-	else 
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv3_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_data.ssl_connect=ssl3_connect;
-			SSLv3_data.ssl_accept=ssl3_accept;
-			SSLv3_data.get_ssl_method=ssl3_get_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_data);
-	}
-
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c
deleted file mode 100644
index 3f88429e79a6..000000000000
--- a/crypto/openssl/ssl/s3_pkt.c
+++ /dev/null
@@ -1,1302 +0,0 @@
-/* ssl/s3_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-			 unsigned int len, int create_empty_fragment);
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-			      unsigned int len);
-static int ssl3_get_record(SSL *s);
-static int do_compress(SSL *ssl);
-static int do_uncompress(SSL *ssl);
-static int do_change_cipher_spec(SSL *ssl);
-
-/* used only by ssl3_get_record */
-static int ssl3_read_n(SSL *s, int n, int max, int extend)
-	{
-	/* If extend == 0, obtain new n-byte packet; if extend == 1, increase
-	 * packet by another n bytes.
-	 * The packet will be in the sub-array of s->s3->rbuf.buf specified
-	 * by s->packet and s->packet_length.
-	 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
-	 * [plus s->packet_length bytes if extend == 1].)
-	 */
-	int i,off,newb;
-
-	if (!extend)
-		{
-		/* start with empty packet ... */
-		if (s->s3->rbuf.left == 0)
-			s->s3->rbuf.offset = 0;
-		s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
-		s->packet_length = 0;
-		/* ... now we can act as if 'extend' was set */
-		}
-
-	/* if there is enough in the buffer from a previous read, take some */
-	if (s->s3->rbuf.left >= (int)n)
-		{
-		s->packet_length+=n;
-		s->s3->rbuf.left-=n;
-		s->s3->rbuf.offset+=n;
-		return(n);
-		}
-
-	/* else we need to read more data */
-	if (!s->read_ahead)
-		max=n;
-
-	{
-		/* avoid buffer overflow */
-		int max_max = s->s3->rbuf.len - s->packet_length;
-		if (max > max_max)
-			max = max_max;
-	}
-	if (n > max) /* does not happen */
-		{
-		SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-
-	off = s->packet_length;
-	newb = s->s3->rbuf.left;
-	/* Move any available bytes to front of buffer:
-	 * 'off' bytes already pointed to by 'packet',
-	 * 'newb' extra ones at the end */
-	if (s->packet != s->s3->rbuf.buf)
-		{
-		/*  off > 0 */
-		memmove(s->s3->rbuf.buf, s->packet, off+newb);
-		s->packet = s->s3->rbuf.buf;
-		}
-
-	while (newb < n)
-		{
-		/* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
-		 * to read in more until we have off+n (up to off+max if possible) */
-
-		clear_sys_error();
-		if (s->rbio != NULL)
-			{
-			s->rwstate=SSL_READING;
-			i=BIO_read(s->rbio,	&(s->s3->rbuf.buf[off+newb]), max-newb);
-			}
-		else
-			{
-			SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
-			i = -1;
-			}
-
-		if (i <= 0)
-			{
-			s->s3->rbuf.left = newb;
-			return(i);
-			}
-		newb+=i;
-		}
-
-	/* done reading, now the book-keeping */
-	s->s3->rbuf.offset = off + n;
-	s->s3->rbuf.left = newb - n;
-	s->packet_length += n;
-	s->rwstate=SSL_NOTHING;
-	return(n);
-	}
-
-/* Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type    - is the type of record
- * ssl->s3->rrec.data, 	 - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by ssl3_read_bytes */
-static int ssl3_get_record(SSL *s)
-	{
-	int ssl_major,ssl_minor,al;
-	int enc_err,n,i,ret= -1;
-	SSL3_RECORD *rr;
-	SSL_SESSION *sess;
-	unsigned char *p;
-	unsigned char md[EVP_MAX_MD_SIZE];
-	short version;
-	unsigned int mac_size;
-	int clear=0;
-	size_t extra;
-	int decryption_failed_or_bad_record_mac = 0;
-	unsigned char *mac = NULL;
-
-	rr= &(s->s3->rrec);
-	sess=s->session;
-
-	if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-		extra=SSL3_RT_MAX_EXTRA;
-	else
-		extra=0;
-	if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
-		{
-		/* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
-		 * set after ssl3_setup_buffers() was done */
-		SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-
-again:
-	/* check if we have the header */
-	if (	(s->rstate != SSL_ST_READ_BODY) ||
-		(s->packet_length < SSL3_RT_HEADER_LENGTH)) 
-		{
-		n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
-		if (n <= 0) return(n); /* error or non-blocking */
-		s->rstate=SSL_ST_READ_BODY;
-
-		p=s->packet;
-
-		/* Pull apart the header into the SSL3_RECORD */
-		rr->type= *(p++);
-		ssl_major= *(p++);
-		ssl_minor= *(p++);
-		version=(ssl_major<<8)|ssl_minor;
-		n2s(p,rr->length);
-
-		/* Lets check version */
-		if (s->first_packet)
-			{
-			s->first_packet=0;
-			}
-		else
-			{
-			if (version != s->version)
-				{
-				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-				/* Send back error using their
-				 * version number :-) */
-				s->version=version;
-				al=SSL_AD_PROTOCOL_VERSION;
-				goto f_err;
-				}
-			}
-
-		if ((version>>8) != SSL3_VERSION_MAJOR)
-			{
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-			goto err;
-			}
-
-		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
-			{
-			al=SSL_AD_RECORD_OVERFLOW;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
-			goto f_err;
-			}
-
-		/* now s->rstate == SSL_ST_READ_BODY */
-		}
-
-	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
-	if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH)
-		{
-		/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
-		i=rr->length;
-		n=ssl3_read_n(s,i,i,1);
-		if (n <= 0) return(n); /* error or non-blocking io */
-		/* now n == rr->length,
-		 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
-		}
-
-	s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
-
-	/* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
-	 * and we have that many bytes in s->packet
-	 */
-	rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
-
-	/* ok, we can now read from 's->packet' data into 'rr'
-	 * rr->input points at rr->length bytes, which
-	 * need to be copied into rr->data by either
-	 * the decryption or by the decompression
-	 * When the data is 'copied' into the rr->data buffer,
-	 * rr->input will be pointed at the new buffer */ 
-
-	/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
-	 * rr->length bytes of encrypted compressed stuff. */
-
-	/* check is not needed I believe */
-	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
-		{
-		al=SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
-		goto f_err;
-		}
-
-	/* decrypt in place in 'rr->input' */
-	rr->data=rr->input;
-
-	enc_err = s->method->ssl3_enc->enc(s,0);
-	if (enc_err <= 0)
-		{
-		if (enc_err == 0)
-			/* SSLerr() and ssl3_send_alert() have been called */
-			goto err;
-
-		/* Otherwise enc_err == -1, which indicates bad padding
-		 * (rec->length has not been changed in this case).
-		 * To minimize information leaked via timing, we will perform
-		 * the MAC computation anyway. */
-		decryption_failed_or_bad_record_mac = 1;
-		}
-
-#ifdef TLS_DEBUG
-printf("dec %d\n",rr->length);
-{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
-printf("\n");
-#endif
-
-	/* r->length is now the compressed data plus mac */
-	if (	(sess == NULL) ||
-		(s->enc_read_ctx == NULL) ||
-		(s->read_hash == NULL))
-		clear=1;
-
-	if (!clear)
-		{
-		mac_size=EVP_MD_size(s->read_hash);
-
-		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
-			{
-#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
-			al=SSL_AD_RECORD_OVERFLOW;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
-			goto f_err;
-#else
-			decryption_failed_or_bad_record_mac = 1;
-#endif			
-			}
-		/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
-		if (rr->length >= mac_size)
-			{
-			rr->length -= mac_size;
-			mac = &rr->data[rr->length];
-			}
-		else
-			{
-			/* record (minus padding) is too short to contain a MAC */
-#if 0 /* OK only for stream ciphers */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
-			goto f_err;
-#else
-			decryption_failed_or_bad_record_mac = 1;
-			rr->length = 0;
-#endif
-			}
-		i=s->method->ssl3_enc->mac(s,md,0);
-		if (mac == NULL || memcmp(md, mac, mac_size) != 0)
-			{
-			decryption_failed_or_bad_record_mac = 1;
-			}
-		}
-
-	if (decryption_failed_or_bad_record_mac)
-		{
-		/* A separate 'decryption_failed' alert was introduced with TLS 1.0,
-		 * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
-		 * failure is directly visible from the ciphertext anyway,
-		 * we should not reveal which kind of error occured -- this
-		 * might become visible to an attacker (e.g. via a logfile) */
-		al=SSL_AD_BAD_RECORD_MAC;
-		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
-		goto f_err;
-		}
-
-	/* r->length is now just compressed */
-	if (s->expand != NULL)
-		{
-		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
-			{
-			al=SSL_AD_RECORD_OVERFLOW;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
-			goto f_err;
-			}
-		if (!do_uncompress(s))
-			{
-			al=SSL_AD_DECOMPRESSION_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
-			goto f_err;
-			}
-		}
-
-	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra)
-		{
-		al=SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
-		goto f_err;
-		}
-
-	rr->off=0;
-	/* So at this point the following is true
-	 * ssl->s3->rrec.type 	is the type of record
-	 * ssl->s3->rrec.length	== number of bytes in record
-	 * ssl->s3->rrec.off	== offset to first valid byte
-	 * ssl->s3->rrec.data	== where to take bytes from, increment
-	 *			   after use :-).
-	 */
-
-	/* we have pulled in a full packet so zero things */
-	s->packet_length=0;
-
-	/* just read a 0 length packet */
-	if (rr->length == 0) goto again;
-
-	return(1);
-
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	return(ret);
-	}
-
-static int do_uncompress(SSL *ssl)
-	{
-	int i;
-	SSL3_RECORD *rr;
-
-	rr= &(ssl->s3->rrec);
-	i=COMP_expand_block(ssl->expand,rr->comp,
-		SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
-	if (i < 0)
-		return(0);
-	else
-		rr->length=i;
-	rr->data=rr->comp;
-
-	return(1);
-	}
-
-static int do_compress(SSL *ssl)
-	{
-	int i;
-	SSL3_RECORD *wr;
-
-	wr= &(ssl->s3->wrec);
-	i=COMP_compress_block(ssl->compress,wr->data,
-		SSL3_RT_MAX_COMPRESSED_LENGTH,
-		wr->input,(int)wr->length);
-	if (i < 0)
-		return(0);
-	else
-		wr->length=i;
-
-	wr->input=wr->data;
-	return(1);
-	}
-
-/* Call this to write data in records of type 'type'
- * It will return <= 0 if not all data has been sent or non-blocking IO.
- */
-int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
-	{
-	const unsigned char *buf=buf_;
-	unsigned int tot,n,nw;
-	int i;
-
-	s->rwstate=SSL_NOTHING;
-	tot=s->s3->wnum;
-	s->s3->wnum=0;
-
-	if (SSL_in_init(s) && !s->in_handshake)
-		{
-		i=s->handshake_func(s);
-		if (i < 0) return(i);
-		if (i == 0)
-			{
-			SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return -1;
-			}
-		}
-
-	n=(len-tot);
-	for (;;)
-		{
-		if (n > SSL3_RT_MAX_PLAIN_LENGTH)
-			nw=SSL3_RT_MAX_PLAIN_LENGTH;
-		else
-			nw=n;
-
-		i=do_ssl3_write(s, type, &(buf[tot]), nw, 0);
-		if (i <= 0)
-			{
-			s->s3->wnum=tot;
-			return i;
-			}
-
-		if ((i == (int)n) ||
-			(type == SSL3_RT_APPLICATION_DATA &&
-			 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
-			{
-			/* next chunk of data should get another prepended empty fragment
-			 * in ciphersuites with known-IV weakness: */
-			s->s3->empty_fragment_done = 0;
-			
-			return tot+i;
-			}
-
-		n-=i;
-		tot+=i;
-		}
-	}
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-			 unsigned int len, int create_empty_fragment)
-	{
-	unsigned char *p,*plen;
-	int i,mac_size,clear=0;
-	int prefix_len = 0;
-	SSL3_RECORD *wr;
-	SSL3_BUFFER *wb;
-	SSL_SESSION *sess;
-
-	/* first check if there is a SSL3_BUFFER still being written
-	 * out.  This will happen with non blocking IO */
-	if (s->s3->wbuf.left != 0)
-		return(ssl3_write_pending(s,type,buf,len));
-
-	/* If we have an alert to send, lets send it */
-	if (s->s3->alert_dispatch)
-		{
-		i=ssl3_dispatch_alert(s);
-		if (i <= 0)
-			return(i);
-		/* if it went, fall through and send more stuff */
-		}
-
-	if (len == 0 && !create_empty_fragment)
-		return 0;
-
-	wr= &(s->s3->wrec);
-	wb= &(s->s3->wbuf);
-	sess=s->session;
-
-	if (	(sess == NULL) ||
-		(s->enc_write_ctx == NULL) ||
-		(s->write_hash == NULL))
-		clear=1;
-
-	if (clear)
-		mac_size=0;
-	else
-		mac_size=EVP_MD_size(s->write_hash);
-
-	/* 'create_empty_fragment' is true only when this function calls itself */
-	if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
-		{
-		/* countermeasure against known-IV weakness in CBC ciphersuites
-		 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
-
-		if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA)
-			{
-			/* recursive function call with 'create_empty_fragment' set;
-			 * this prepares and buffers the data for an empty fragment
-			 * (these 'prefix_len' bytes are sent out later
-			 * together with the actual payload) */
-			prefix_len = do_ssl3_write(s, type, buf, 0, 1);
-			if (prefix_len <= 0)
-				goto err;
-
-			if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
-				{
-				/* insufficient space */
-				SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-			}
-		
-		s->s3->empty_fragment_done = 1;
-		}
-
-	p = wb->buf + prefix_len;
-
-	/* write the header */
-
-	*(p++)=type&0xff;
-	wr->type=type;
-
-	*(p++)=(s->version>>8);
-	*(p++)=s->version&0xff;
-
-	/* field where we are to write out packet length */
-	plen=p; 
-	p+=2;
-
-	/* lets setup the record stuff. */
-	wr->data=p;
-	wr->length=(int)len;
-	wr->input=(unsigned char *)buf;
-
-	/* we now 'read' from wr->input, wr->length bytes into
-	 * wr->data */
-
-	/* first we compress */
-	if (s->compress != NULL)
-		{
-		if (!do_compress(s))
-			{
-			SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
-			goto err;
-			}
-		}
-	else
-		{
-		memcpy(wr->data,wr->input,wr->length);
-		wr->input=wr->data;
-		}
-
-	/* we should still have the output to wr->data and the input
-	 * from wr->input.  Length should be wr->length.
-	 * wr->data still points in the wb->buf */
-
-	if (mac_size != 0)
-		{
-		s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
-		wr->length+=mac_size;
-		wr->input=p;
-		wr->data=p;
-		}
-
-	/* ssl3_enc can only have an error on read */
-	s->method->ssl3_enc->enc(s,1);
-
-	/* record length after mac and block padding */
-	s2n(wr->length,plen);
-
-	/* we should now have
-	 * wr->data pointing to the encrypted data, which is
-	 * wr->length long */
-	wr->type=type; /* not needed but helps for debugging */
-	wr->length+=SSL3_RT_HEADER_LENGTH;
-
-	if (create_empty_fragment)
-		{
-		/* we are in a recursive call;
-		 * just return the length, don't write out anything here
-		 */
-		return wr->length;
-		}
-
-	/* now let's set up wb */
-	wb->left = prefix_len + wr->length;
-	wb->offset = 0;
-
-	/* memorize arguments so that ssl3_write_pending can detect bad write retries later */
-	s->s3->wpend_tot=len;
-	s->s3->wpend_buf=buf;
-	s->s3->wpend_type=type;
-	s->s3->wpend_ret=len;
-
-	/* we now just need to write the buffer */
-	return ssl3_write_pending(s,type,buf,len);
-err:
-	return -1;
-	}
-
-/* if s->s3->wbuf.left != 0, we need to call this */
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-			      unsigned int len)
-	{
-	int i;
-
-/* XXXX */
-	if ((s->s3->wpend_tot > (int)len)
-		|| ((s->s3->wpend_buf != buf) &&
-			!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
-		|| (s->s3->wpend_type != type))
-		{
-		SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
-		return(-1);
-		}
-
-	for (;;)
-		{
-		clear_sys_error();
-		if (s->wbio != NULL)
-			{
-			s->rwstate=SSL_WRITING;
-			i=BIO_write(s->wbio,
-				(char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
-				(unsigned int)s->s3->wbuf.left);
-			}
-		else
-			{
-			SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
-			i= -1;
-			}
-		if (i == s->s3->wbuf.left)
-			{
-			s->s3->wbuf.left=0;
-			s->rwstate=SSL_NOTHING;
-			return(s->s3->wpend_ret);
-			}
-		else if (i <= 0)
-			return(i);
-		s->s3->wbuf.offset+=i;
-		s->s3->wbuf.left-=i;
-		}
-	}
-
-/* Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- *   -  0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- *     Change cipher spec protocol
- *             just 1 byte needed, no need for keeping anything stored
- *     Alert protocol
- *             2 bytes needed (AlertLevel, AlertDescription)
- *     Handshake protocol
- *             4 bytes needed (HandshakeType, uint24 length) -- we just have
- *             to detect unexpected Client Hello and Hello Request messages
- *             here, anything else is handled by higher layers
- *     Application data protocol
- *             none of our business
- */
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-	{
-	int al,i,j,ret;
-	unsigned int n;
-	SSL3_RECORD *rr;
-	void (*cb)(const SSL *ssl,int type2,int val)=NULL;
-
-	if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-		if (!ssl3_setup_buffers(s))
-			return(-1);
-
-	if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
-	    (peek && (type != SSL3_RT_APPLICATION_DATA)))
-		{
-		SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		return -1;
-		}
-
-	if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
-		/* (partially) satisfy request from storage */
-		{
-		unsigned char *src = s->s3->handshake_fragment;
-		unsigned char *dst = buf;
-		unsigned int k;
-
-		/* peek == 0 */
-		n = 0;
-		while ((len > 0) && (s->s3->handshake_fragment_len > 0))
-			{
-			*dst++ = *src++;
-			len--; s->s3->handshake_fragment_len--;
-			n++;
-			}
-		/* move any remaining fragment bytes: */
-		for (k = 0; k < s->s3->handshake_fragment_len; k++)
-			s->s3->handshake_fragment[k] = *src++;
-		return n;
-	}
-
-	/* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
-
-	if (!s->in_handshake && SSL_in_init(s))
-		{
-		/* type == SSL3_RT_APPLICATION_DATA */
-		i=s->handshake_func(s);
-		if (i < 0) return(i);
-		if (i == 0)
-			{
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-		}
-start:
-	s->rwstate=SSL_NOTHING;
-
-	/* s->s3->rrec.type	    - is the type of record
-	 * s->s3->rrec.data,    - data
-	 * s->s3->rrec.off,     - offset into 'data' for next read
-	 * s->s3->rrec.length,  - number of bytes. */
-	rr = &(s->s3->rrec);
-
-	/* get new packet if necessary */
-	if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
-		{
-		ret=ssl3_get_record(s);
-		if (ret <= 0) return(ret);
-		}
-
-	/* we now have a packet which can be read and processed */
-
-	if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
-	                               * reset by ssl3_get_finished */
-		&& (rr->type != SSL3_RT_HANDSHAKE))
-		{
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
-		goto err;
-		}
-
-	/* If the other end has shut down, throw anything we read away
-	 * (even in 'peek' mode) */
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
-		{
-		rr->length=0;
-		s->rwstate=SSL_NOTHING;
-		return(0);
-		}
-
-
-	if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
-		{
-		/* make sure that we are not getting application data when we
-		 * are doing a handshake for the first time */
-		if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
-			(s->enc_read_ctx == NULL))
-			{
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
-			goto f_err;
-			}
-
-		if (len <= 0) return(len);
-
-		if ((unsigned int)len > rr->length)
-			n = rr->length;
-		else
-			n = (unsigned int)len;
-
-		memcpy(buf,&(rr->data[rr->off]),n);
-		if (!peek)
-			{
-			rr->length-=n;
-			rr->off+=n;
-			if (rr->length == 0)
-				{
-				s->rstate=SSL_ST_READ_HEADER;
-				rr->off=0;
-				}
-			}
-		return(n);
-		}
-
-
-	/* If we get here, then type != rr->type; if we have a handshake
-	 * message, then it was unexpected (Hello Request or Client Hello). */
-
-	/* In case of record types for which we have 'fragment' storage,
-	 * fill that so that we can process the data at a fixed place.
-	 */
-		{
-		unsigned int dest_maxlen = 0;
-		unsigned char *dest = NULL;
-		unsigned int *dest_len = NULL;
-
-		if (rr->type == SSL3_RT_HANDSHAKE)
-			{
-			dest_maxlen = sizeof s->s3->handshake_fragment;
-			dest = s->s3->handshake_fragment;
-			dest_len = &s->s3->handshake_fragment_len;
-			}
-		else if (rr->type == SSL3_RT_ALERT)
-			{
-			dest_maxlen = sizeof s->s3->alert_fragment;
-			dest = s->s3->alert_fragment;
-			dest_len = &s->s3->alert_fragment_len;
-			}
-
-		if (dest_maxlen > 0)
-			{
-			n = dest_maxlen - *dest_len; /* available space in 'dest' */
-			if (rr->length < n)
-				n = rr->length; /* available bytes */
-
-			/* now move 'n' bytes: */
-			while (n-- > 0)
-				{
-				dest[(*dest_len)++] = rr->data[rr->off++];
-				rr->length--;
-				}
-
-			if (*dest_len < dest_maxlen)
-				goto start; /* fragment was too small */
-			}
-		}
-
-	/* s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
-	 * s->s3->alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
-	 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
-
-	/* If we are a client, check for an incoming 'Hello Request': */
-	if ((!s->server) &&
-		(s->s3->handshake_fragment_len >= 4) &&
-		(s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
-		(s->session != NULL) && (s->session->cipher != NULL))
-		{
-		s->s3->handshake_fragment_len = 0;
-
-		if ((s->s3->handshake_fragment[1] != 0) ||
-			(s->s3->handshake_fragment[2] != 0) ||
-			(s->s3->handshake_fragment[3] != 0))
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
-			goto err;
-			}
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
-
-		if (SSL_is_init_finished(s) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-			!s->s3->renegotiate)
-			{
-			ssl3_renegotiate(s);
-			if (ssl3_renegotiate_check(s))
-				{
-				i=s->handshake_func(s);
-				if (i < 0) return(i);
-				if (i == 0)
-					{
-					SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
-					return(-1);
-					}
-
-				if (!(s->mode & SSL_MODE_AUTO_RETRY))
-					{
-					if (s->s3->rbuf.left == 0) /* no read-ahead left? */
-						{
-						BIO *bio;
-						/* In the case where we try to read application data,
-						 * but we trigger an SSL handshake, we return -1 with
-						 * the retry option set.  Otherwise renegotiation may
-						 * cause nasty problems in the blocking world */
-						s->rwstate=SSL_READING;
-						bio=SSL_get_rbio(s);
-						BIO_clear_retry_flags(bio);
-						BIO_set_retry_read(bio);
-						return(-1);
-						}
-					}
-				}
-			}
-		/* we either finished a handshake or ignored the request,
-		 * now try again to obtain the (application) data we were asked for */
-		goto start;
-		}
-
-	if (s->s3->alert_fragment_len >= 2)
-		{
-		int alert_level = s->s3->alert_fragment[0];
-		int alert_descr = s->s3->alert_fragment[1];
-
-		s->s3->alert_fragment_len = 0;
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb=s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb=s->ctx->info_callback;
-
-		if (cb != NULL)
-			{
-			j = (alert_level << 8) | alert_descr;
-			cb(s, SSL_CB_READ_ALERT, j);
-			}
-
-		if (alert_level == 1) /* warning */
-			{
-			s->s3->warn_alert = alert_descr;
-			if (alert_descr == SSL_AD_CLOSE_NOTIFY)
-				{
-				s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-				return(0);
-				}
-			}
-		else if (alert_level == 2) /* fatal */
-			{
-			char tmp[16];
-
-			s->rwstate=SSL_NOTHING;
-			s->s3->fatal_alert = alert_descr;
-			SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
-			BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
-			ERR_add_error_data(2,"SSL alert number ",tmp);
-			s->shutdown|=SSL_RECEIVED_SHUTDOWN;
-			SSL_CTX_remove_session(s->ctx,s->session);
-			return(0);
-			}
-		else
-			{
-			al=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
-			goto f_err;
-			}
-
-		goto start;
-		}
-
-	if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
-		{
-		s->rwstate=SSL_NOTHING;
-		rr->length=0;
-		return(0);
-		}
-
-	if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
-		{
-		/* 'Change Cipher Spec' is just a single byte, so we know
-		 * exactly what the record payload has to look like */
-		if (	(rr->length != 1) || (rr->off != 0) ||
-			(rr->data[0] != SSL3_MT_CCS))
-			{
-			i=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
-			goto err;
-			}
-
-		rr->length=0;
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg);
-
-		s->s3->change_cipher_spec=1;
-		if (!do_change_cipher_spec(s))
-			goto err;
-		else
-			goto start;
-		}
-
-	/* Unexpected handshake message (Client Hello, or protocol violation) */
-	if ((s->s3->handshake_fragment_len >= 4) &&	!s->in_handshake)
-		{
-		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
-			{
-#if 0 /* worked only because C operator preferences are not as expected (and
-       * because this is not really needed for clients except for detecting
-       * protocol violations): */
-			s->state=SSL_ST_BEFORE|(s->server)
-				?SSL_ST_ACCEPT
-				:SSL_ST_CONNECT;
-#else
-			s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#endif
-			s->new_session=1;
-			}
-		i=s->handshake_func(s);
-		if (i < 0) return(i);
-		if (i == 0)
-			{
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
-			return(-1);
-			}
-
-		if (!(s->mode & SSL_MODE_AUTO_RETRY))
-			{
-			if (s->s3->rbuf.left == 0) /* no read-ahead left? */
-				{
-				BIO *bio;
-				/* In the case where we try to read application data,
-				 * but we trigger an SSL handshake, we return -1 with
-				 * the retry option set.  Otherwise renegotiation may
-				 * cause nasty problems in the blocking world */
-				s->rwstate=SSL_READING;
-				bio=SSL_get_rbio(s);
-				BIO_clear_retry_flags(bio);
-				BIO_set_retry_read(bio);
-				return(-1);
-				}
-			}
-		goto start;
-		}
-
-	switch (rr->type)
-		{
-	default:
-#ifndef OPENSSL_NO_TLS
-		/* TLS just ignores unknown message types */
-		if (s->version == TLS1_VERSION)
-			{
-			rr->length = 0;
-			goto start;
-			}
-#endif
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
-		goto f_err;
-	case SSL3_RT_CHANGE_CIPHER_SPEC:
-	case SSL3_RT_ALERT:
-	case SSL3_RT_HANDSHAKE:
-		/* we already handled all of these, with the possible exception
-		 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
-		 * should not happen when type != rr->type */
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES,ERR_R_INTERNAL_ERROR);
-		goto f_err;
-	case SSL3_RT_APPLICATION_DATA:
-		/* At this point, we were expecting handshake data,
-		 * but have application data.  If the library was
-		 * running inside ssl3_read() (i.e. in_read_app_data
-		 * is set) and it makes sense to read application data
-		 * at this point (session renegotiation not yet started),
-		 * we will indulge it.
-		 */
-		if (s->s3->in_read_app_data &&
-			(s->s3->total_renegotiations != 0) &&
-			((
-				(s->state & SSL_ST_CONNECT) &&
-				(s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-				(s->state <= SSL3_ST_CR_SRVR_HELLO_A)
-				) || (
-					(s->state & SSL_ST_ACCEPT) &&
-					(s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-					(s->state >= SSL3_ST_SR_CLNT_HELLO_A)
-					)
-				))
-			{
-			s->s3->in_read_app_data=2;
-			return(-1);
-			}
-		else
-			{
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
-			goto f_err;
-			}
-		}
-	/* not reached */
-
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	return(-1);
-	}
-
-static int do_change_cipher_spec(SSL *s)
-	{
-	int i;
-	const char *sender;
-	int slen;
-
-	if (s->state & SSL_ST_ACCEPT)
-		i=SSL3_CHANGE_CIPHER_SERVER_READ;
-	else
-		i=SSL3_CHANGE_CIPHER_CLIENT_READ;
-
-	if (s->s3->tmp.key_block == NULL)
-		{
-		s->session->cipher=s->s3->tmp.new_cipher;
-		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
-		}
-
-	if (!s->method->ssl3_enc->change_cipher_state(s,i))
-		return(0);
-
-	/* we have to record the message digest at
-	 * this point so we can get it before we read
-	 * the finished message */
-	if (s->state & SSL_ST_CONNECT)
-		{
-		sender=s->method->ssl3_enc->server_finished_label;
-		slen=s->method->ssl3_enc->server_finished_label_len;
-		}
-	else
-		{
-		sender=s->method->ssl3_enc->client_finished_label;
-		slen=s->method->ssl3_enc->client_finished_label_len;
-		}
-
-	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
-		&(s->s3->finish_dgst1),
-		&(s->s3->finish_dgst2),
-		sender,slen,s->s3->tmp.peer_finish_md);
-
-	return(1);
-	}
-
-void ssl3_send_alert(SSL *s, int level, int desc)
-	{
-	/* Map tls/ssl alert value to correct one */
-	desc=s->method->ssl3_enc->alert_value(desc);
-	if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
-		desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */
-	if (desc < 0) return;
-	/* If a fatal one, remove from cache */
-	if ((level == 2) && (s->session != NULL))
-		SSL_CTX_remove_session(s->ctx,s->session);
-
-	s->s3->alert_dispatch=1;
-	s->s3->send_alert[0]=level;
-	s->s3->send_alert[1]=desc;
-	if (s->s3->wbuf.left == 0) /* data still being written out? */
-		ssl3_dispatch_alert(s);
-	/* else data is still being written out, we will get written
-	 * some time in the future */
-	}
-
-int ssl3_dispatch_alert(SSL *s)
-	{
-	int i,j;
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-
-	s->s3->alert_dispatch=0;
-	i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
-	if (i <= 0)
-		{
-		s->s3->alert_dispatch=1;
-		}
-	else
-		{
-		/* Alert sent to BIO.  If it is important, flush it now.
-		 * If the message does not get sent due to non-blocking IO,
-		 * we will not worry too much. */
-		if (s->s3->send_alert[0] == SSL3_AL_FATAL)
-			(void)BIO_flush(s->wbio);
-
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb=s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb=s->ctx->info_callback;
-
-		if (cb != NULL)
-			{
-			j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
-			cb(s,SSL_CB_WRITE_ALERT,j);
-			}
-		}
-	return(i);
-	}
diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c
deleted file mode 100644
index df4003237298..000000000000
--- a/crypto/openssl/ssl/s3_srvr.c
+++ /dev/null
@@ -1,2055 +0,0 @@
-/* ssl/s3_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
-
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/krb5_asn.h>
-#include <openssl/md5.h>
-#include "cryptlib.h"
-
-static SSL_METHOD *ssl3_get_server_method(int ver);
-static int ssl3_get_client_hello(SSL *s);
-static int ssl3_check_client_hello(SSL *s);
-static int ssl3_send_server_hello(SSL *s);
-static int ssl3_send_server_key_exchange(SSL *s);
-static int ssl3_send_certificate_request(SSL *s);
-static int ssl3_send_server_done(SSL *s);
-static int ssl3_get_client_key_exchange(SSL *s);
-static int ssl3_get_client_certificate(SSL *s);
-static int ssl3_get_cert_verify(SSL *s);
-static int ssl3_send_hello_request(SSL *s);
-
-static SSL_METHOD *ssl3_get_server_method(int ver)
-	{
-	if (ver == SSL3_VERSION)
-		return(SSLv3_server_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *SSLv3_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_server_data.ssl_accept=ssl3_accept;
-			SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_server_data);
-	}
-
-int ssl3_accept(SSL *s)
-	{
-	BUF_MEM *buf;
-	unsigned long l,Time=time(NULL);
-	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	long num1;
-	int ret= -1;
-	int new_state,state,skip=0;
-
-	RAND_add(&Time,sizeof(Time),0);
-	ERR_clear_error();
-	clear_sys_error();
-
-	if (s->info_callback != NULL)
-		cb=s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb=s->ctx->info_callback;
-
-	/* init things to blank */
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-
-	if (s->cert == NULL)
-		{
-		SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
-		return(-1);
-		}
-
-	for (;;)
-		{
-		state=s->state;
-
-		switch (s->state)
-			{
-		case SSL_ST_RENEGOTIATE:
-			s->new_session=1;
-			/* s->state=SSL_ST_ACCEPT; */
-
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server=1;
-			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-			if ((s->version>>8) != 3)
-				{
-				SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
-				return -1;
-				}
-			s->type=SSL_ST_ACCEPT;
-
-			if (s->init_buf == NULL)
-				{
-				if ((buf=BUF_MEM_new()) == NULL)
-					{
-					ret= -1;
-					goto end;
-					}
-				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
-					{
-					ret= -1;
-					goto end;
-					}
-				s->init_buf=buf;
-				}
-
-			if (!ssl3_setup_buffers(s))
-				{
-				ret= -1;
-				goto end;
-				}
-
-			s->init_num=0;
-
-			if (s->state != SSL_ST_RENEGOTIATE)
-				{
-				/* Ok, we now need to push on a buffering BIO so that
-				 * the output is sent in a way that TCP likes :-)
-				 */
-				if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
-				
-				ssl3_init_finished_mac(s);
-				s->state=SSL3_ST_SR_CLNT_HELLO_A;
-				s->ctx->stats.sess_accept++;
-				}
-			else
-				{
-				/* s->state == SSL_ST_RENEGOTIATE,
-				 * we will just send a HelloRequest */
-				s->ctx->stats.sess_accept_renegotiate++;
-				s->state=SSL3_ST_SW_HELLO_REQ_A;
-				}
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_A:
-		case SSL3_ST_SW_HELLO_REQ_B:
-
-			s->shutdown=0;
-			ret=ssl3_send_hello_request(s);
-			if (ret <= 0) goto end;
-			s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
-			s->state=SSL3_ST_SW_FLUSH;
-			s->init_num=0;
-
-			ssl3_init_finished_mac(s);
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_C:
-			s->state=SSL_ST_OK;
-			break;
-
-		case SSL3_ST_SR_CLNT_HELLO_A:
-		case SSL3_ST_SR_CLNT_HELLO_B:
-		case SSL3_ST_SR_CLNT_HELLO_C:
-
-			s->shutdown=0;
-			ret=ssl3_get_client_hello(s);
-			if (ret <= 0) goto end;
-			s->new_session = 2;
-			s->state=SSL3_ST_SW_SRVR_HELLO_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SW_SRVR_HELLO_A:
-		case SSL3_ST_SW_SRVR_HELLO_B:
-			ret=ssl3_send_server_hello(s);
-			if (ret <= 0) goto end;
-
-			if (s->hit)
-				s->state=SSL3_ST_SW_CHANGE_A;
-			else
-				s->state=SSL3_ST_SW_CERT_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SW_CERT_A:
-		case SSL3_ST_SW_CERT_B:
-			/* Check if it is anon DH */
-			if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
-				{
-				ret=ssl3_send_server_certificate(s);
-				if (ret <= 0) goto end;
-				}
-			else
-				skip=1;
-			s->state=SSL3_ST_SW_KEY_EXCH_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SW_KEY_EXCH_A:
-		case SSL3_ST_SW_KEY_EXCH_B:
-			l=s->s3->tmp.new_cipher->algorithms;
-
-			/* clear this, it may get reset by
-			 * send_server_key_exchange */
-			if ((s->options & SSL_OP_EPHEMERAL_RSA)
-#ifndef OPENSSL_NO_KRB5
-				&& !(l & SSL_KRB5)
-#endif /* OPENSSL_NO_KRB5 */
-				)
-				/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
-				 * even when forbidden by protocol specs
-				 * (handshake may fail as clients are not required to
-				 * be able to handle this) */
-				s->s3->tmp.use_rsa_tmp=1;
-			else
-				s->s3->tmp.use_rsa_tmp=0;
-
-			/* only send if a DH key exchange, fortezza or
-			 * RSA but we have a sign only certificate */
-			if (s->s3->tmp.use_rsa_tmp
-			    || (l & (SSL_DH|SSL_kFZA))
-			    || ((l & SSL_kRSA)
-				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
-				    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
-					&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
-					)
-				    )
-				)
-			    )
-				{
-				ret=ssl3_send_server_key_exchange(s);
-				if (ret <= 0) goto end;
-				}
-			else
-				skip=1;
-
-			s->state=SSL3_ST_SW_CERT_REQ_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SW_CERT_REQ_A:
-		case SSL3_ST_SW_CERT_REQ_B:
-			if (/* don't request cert unless asked for it: */
-				!(s->verify_mode & SSL_VERIFY_PEER) ||
-				/* if SSL_VERIFY_CLIENT_ONCE is set,
-				 * don't request cert during re-negotiation: */
-				((s->session->peer != NULL) &&
-				 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
-				/* never request cert in anonymous ciphersuites
-				 * (see section "Certificate request" in SSL 3 drafts
-				 * and in RFC 2246): */
-				((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
-				 /* ... except when the application insists on verification
-				  * (against the specs, but s3_clnt.c accepts this for SSL 3) */
-				 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
-                                 /* never request cert in Kerberos ciphersuites */
-                                (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
-				{
-				/* no cert request */
-				skip=1;
-				s->s3->tmp.cert_request=0;
-				s->state=SSL3_ST_SW_SRVR_DONE_A;
-				}
-			else
-				{
-				s->s3->tmp.cert_request=1;
-				ret=ssl3_send_certificate_request(s);
-				if (ret <= 0) goto end;
-#ifndef NETSCAPE_HANG_BUG
-				s->state=SSL3_ST_SW_SRVR_DONE_A;
-#else
-				s->state=SSL3_ST_SW_FLUSH;
-				s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
-#endif
-				s->init_num=0;
-				}
-			break;
-
-		case SSL3_ST_SW_SRVR_DONE_A:
-		case SSL3_ST_SW_SRVR_DONE_B:
-			ret=ssl3_send_server_done(s);
-			if (ret <= 0) goto end;
-			s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
-			s->state=SSL3_ST_SW_FLUSH;
-			s->init_num=0;
-			break;
-		
-		case SSL3_ST_SW_FLUSH:
-			/* number of bytes to be flushed */
-			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
-			if (num1 > 0)
-				{
-				s->rwstate=SSL_WRITING;
-				num1=BIO_flush(s->wbio);
-				if (num1 <= 0) { ret= -1; goto end; }
-				s->rwstate=SSL_NOTHING;
-				}
-
-			s->state=s->s3->tmp.next_state;
-			break;
-
-		case SSL3_ST_SR_CERT_A:
-		case SSL3_ST_SR_CERT_B:
-			/* Check for second client hello (MS SGC) */
-			ret = ssl3_check_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2)
-				s->state = SSL3_ST_SR_CLNT_HELLO_C;
-			else {
-				/* could be sent for a DH cert, even if we
-				 * have not asked for it :-) */
-				ret=ssl3_get_client_certificate(s);
-				if (ret <= 0) goto end;
-				s->init_num=0;
-				s->state=SSL3_ST_SR_KEY_EXCH_A;
-			}
-			break;
-
-		case SSL3_ST_SR_KEY_EXCH_A:
-		case SSL3_ST_SR_KEY_EXCH_B:
-			ret=ssl3_get_client_key_exchange(s);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_SR_CERT_VRFY_A;
-			s->init_num=0;
-
-			/* We need to get hashes here so if there is
-			 * a client cert, it can be verified */ 
-			s->method->ssl3_enc->cert_verify_mac(s,
-				&(s->s3->finish_dgst1),
-				&(s->s3->tmp.cert_verify_md[0]));
-			s->method->ssl3_enc->cert_verify_mac(s,
-				&(s->s3->finish_dgst2),
-				&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
-
-			break;
-
-		case SSL3_ST_SR_CERT_VRFY_A:
-		case SSL3_ST_SR_CERT_VRFY_B:
-
-			/* we should decide if we expected this one */
-			ret=ssl3_get_cert_verify(s);
-			if (ret <= 0) goto end;
-
-			s->state=SSL3_ST_SR_FINISHED_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SR_FINISHED_A:
-		case SSL3_ST_SR_FINISHED_B:
-			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
-				SSL3_ST_SR_FINISHED_B);
-			if (ret <= 0) goto end;
-			if (s->hit)
-				s->state=SSL_ST_OK;
-			else
-				s->state=SSL3_ST_SW_CHANGE_A;
-			s->init_num=0;
-			break;
-
-		case SSL3_ST_SW_CHANGE_A:
-		case SSL3_ST_SW_CHANGE_B:
-
-			s->session->cipher=s->s3->tmp.new_cipher;
-			if (!s->method->ssl3_enc->setup_key_block(s))
-				{ ret= -1; goto end; }
-
-			ret=ssl3_send_change_cipher_spec(s,
-				SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
-
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_SW_FINISHED_A;
-			s->init_num=0;
-
-			if (!s->method->ssl3_enc->change_cipher_state(s,
-				SSL3_CHANGE_CIPHER_SERVER_WRITE))
-				{
-				ret= -1;
-				goto end;
-				}
-
-			break;
-
-		case SSL3_ST_SW_FINISHED_A:
-		case SSL3_ST_SW_FINISHED_B:
-			ret=ssl3_send_finished(s,
-				SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
-				s->method->ssl3_enc->server_finished_label,
-				s->method->ssl3_enc->server_finished_label_len);
-			if (ret <= 0) goto end;
-			s->state=SSL3_ST_SW_FLUSH;
-			if (s->hit)
-				s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
-			else
-				s->s3->tmp.next_state=SSL_ST_OK;
-			s->init_num=0;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			ssl3_cleanup_key_block(s);
-
-			BUF_MEM_free(s->init_buf);
-			s->init_buf=NULL;
-
-			/* remove buffering on output */
-			ssl_free_wbio_buffer(s);
-
-			s->init_num=0;
-
-			if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
-				{
-				/* actually not necessarily a 'new' session unless
-				 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-				
-				s->new_session=0;
-				
-				ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
-				
-				s->ctx->stats.sess_accept_good++;
-				/* s->server=1; */
-				s->handshake_func=ssl3_accept;
-
-				if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-				}
-			
-			ret = 1;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
-			ret= -1;
-			goto end;
-			/* break; */
-			}
-		
-		if (!s->s3->tmp.reuse_message && !skip)
-			{
-			if (s->debug)
-				{
-				if ((ret=BIO_flush(s->wbio)) <= 0)
-					goto end;
-				}
-
-
-			if ((cb != NULL) && (s->state != state))
-				{
-				new_state=s->state;
-				s->state=state;
-				cb(s,SSL_CB_ACCEPT_LOOP,1);
-				s->state=new_state;
-				}
-			}
-		skip=0;
-		}
-end:
-	/* BIO_flush(s->wbio); */
-
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s,SSL_CB_ACCEPT_EXIT,ret);
-	return(ret);
-	}
-
-static int ssl3_send_hello_request(SSL *s)
-	{
-	unsigned char *p;
-
-	if (s->state == SSL3_ST_SW_HELLO_REQ_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL3_MT_HELLO_REQUEST;
-		*(p++)=0;
-		*(p++)=0;
-		*(p++)=0;
-
-		s->state=SSL3_ST_SW_HELLO_REQ_B;
-		/* number of bytes to write */
-		s->init_num=4;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_SW_HELLO_REQ_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
-
-static int ssl3_check_client_hello(SSL *s)
-	{
-	int ok;
-	long n;
-
-	/* this function is called when we really expect a Certificate message,
-	 * so permit appropriate message length */
-	n=ssl3_get_message(s,
-		SSL3_ST_SR_CERT_A,
-		SSL3_ST_SR_CERT_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-	if (!ok) return((int)n);
-	s->s3->tmp.reuse_message = 1;
-	if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
-		{
-		/* Throw away what we have done so far in the current handshake,
-		 * which will now be aborted. (A full SSL_clear would be too much.)
-		 * I hope that tmp.dh is the only thing that may need to be cleared
-		 * when a handshake is not completed ... */
-#ifndef OPENSSL_NO_DH
-		if (s->s3->tmp.dh != NULL)
-			{
-			DH_free(s->s3->tmp.dh);
-			s->s3->tmp.dh = NULL;
-			}
-#endif
-		return 2;
-		}
-	return 1;
-}
-
-static int ssl3_get_client_hello(SSL *s)
-	{
-	int i,j,ok,al,ret= -1;
-	long n;
-	unsigned long id;
-	unsigned char *p,*d,*q;
-	SSL_CIPHER *c;
-	SSL_COMP *comp=NULL;
-	STACK_OF(SSL_CIPHER) *ciphers=NULL;
-
-	/* We do this so that we will respond with our native type.
-	 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
-	 * This down switching should be handled by a different method.
-	 * If we are SSLv3, we will respond with SSLv3, even if prompted with
-	 * TLSv1.
-	 */
-	if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
-		{
-		s->first_packet=1;
-		s->state=SSL3_ST_SR_CLNT_HELLO_B;
-		}
-	n=ssl3_get_message(s,
-		SSL3_ST_SR_CLNT_HELLO_B,
-		SSL3_ST_SR_CLNT_HELLO_C,
-		SSL3_MT_CLIENT_HELLO,
-		SSL3_RT_MAX_PLAIN_LENGTH,
-		&ok);
-
-	if (!ok) return((int)n);
-	d=p=(unsigned char *)s->init_msg;
-
-	/* use version from inside client hello, not from record header
-	 * (may differ: see RFC 2246, Appendix E, second paragraph) */
-	s->client_version=(((int)p[0])<<8)|(int)p[1];
-	p+=2;
-
-	if (s->client_version < s->version)
-		{
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
-		if ((s->client_version>>8) == SSL3_VERSION_MAJOR) 
-			{
-			/* similar to ssl3_get_record, send alert using remote version number */
-			s->version = s->client_version;
-			}
-		al = SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-		}
-
-	/* load the client random */
-	memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-
-	/* get the session-id */
-	j= *(p++);
-
-	s->hit=0;
-	/* Versions before 0.9.7 always allow session reuse during renegotiation
-	 * (i.e. when s->new_session is true), option
-	 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7.
-	 * Maybe this optional behaviour should always have been the default,
-	 * but we cannot safely change the default behaviour (or new applications
-	 * might be written that become totally unsecure when compiled with
-	 * an earlier library version)
-	 */
-	if (j == 0 || (s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
-		{
-		if (!ssl_get_new_session(s,1))
-			goto err;
-		}
-	else
-		{
-		i=ssl_get_prev_session(s,p,j);
-		if (i == 1)
-			{ /* previous session */
-			s->hit=1;
-			}
-		else if (i == -1)
-			goto err;
-		else /* i == 0 */
-			{
-			if (!ssl_get_new_session(s,1))
-				goto err;
-			}
-		}
-
-	p+=j;
-	n2s(p,i);
-	if ((i == 0) && (j != 0))
-		{
-		/* we need a cipher if we are not resuming a session */
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
-		goto f_err;
-		}
-	if ((p+i) >= (d+n))
-		{
-		/* not enough data */
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-		}
-	if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
-		== NULL))
-		{
-		goto err;
-		}
-	p+=i;
-
-	/* If it is a hit, check that the cipher is in the list */
-	if ((s->hit) && (i > 0))
-		{
-		j=0;
-		id=s->session->cipher->id;
-
-#ifdef CIPHER_DEBUG
-		printf("client sent %d ciphers\n",sk_num(ciphers));
-#endif
-		for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
-			{
-			c=sk_SSL_CIPHER_value(ciphers,i);
-#ifdef CIPHER_DEBUG
-			printf("client [%2d of %2d]:%s\n",
-				i,sk_num(ciphers),SSL_CIPHER_get_name(c));
-#endif
-			if (c->id == id)
-				{
-				j=1;
-				break;
-				}
-			}
-		if (j == 0)
-			{
-			if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
-				{
-				/* Very bad for multi-threading.... */
-				s->session->cipher=sk_SSL_CIPHER_value(ciphers,
-								       0);
-				}
-			else
-				{
-				/* we need to have the cipher in the cipher
-				 * list if we are asked to reuse it */
-				al=SSL_AD_ILLEGAL_PARAMETER;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
-				goto f_err;
-				}
-			}
-		}
-
-	/* compression */
-	i= *(p++);
-	if ((p+i) > (d+n))
-		{
-		/* not enough data */
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-		}
-	q=p;
-	for (j=0; j<i; j++)
-		{
-		if (p[j] == 0) break;
-		}
-
-	p+=i;
-	if (j >= i)
-		{
-		/* no compress */
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
-		goto f_err;
-		}
-
-	/* Worst case, we will use the NULL compression, but if we have other
-	 * options, we will now look for them.  We have i-1 compression
-	 * algorithms from the client, starting at q. */
-	s->s3->tmp.new_compression=NULL;
-	if (s->ctx->comp_methods != NULL)
-		{ /* See if we have a match */
-		int m,nn,o,v,done=0;
-
-		nn=sk_SSL_COMP_num(s->ctx->comp_methods);
-		for (m=0; m<nn; m++)
-			{
-			comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
-			v=comp->id;
-			for (o=0; o<i; o++)
-				{
-				if (v == q[o])
-					{
-					done=1;
-					break;
-					}
-				}
-			if (done) break;
-			}
-		if (done)
-			s->s3->tmp.new_compression=comp;
-		else
-			comp=NULL;
-		}
-
-	/* TLS does not mind if there is extra stuff */
-	if (s->version == SSL3_VERSION)
-		{
-		if (p < (d+n))
-			{
-			/* wrong number of bytes,
-			 * there could be more to follow */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-			goto f_err;
-			}
-		}
-
-	/* Given s->session->ciphers and SSL_get_ciphers, we must
-	 * pick a cipher */
-
-	if (!s->hit)
-		{
-		s->session->compress_meth=(comp == NULL)?0:comp->id;
-		if (s->session->ciphers != NULL)
-			sk_SSL_CIPHER_free(s->session->ciphers);
-		s->session->ciphers=ciphers;
-		if (ciphers == NULL)
-			{
-			al=SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
-			goto f_err;
-			}
-		ciphers=NULL;
-		c=ssl3_choose_cipher(s,s->session->ciphers,
-				     SSL_get_ciphers(s));
-
-		if (c == NULL)
-			{
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
-			goto f_err;
-			}
-		s->s3->tmp.new_cipher=c;
-		}
-	else
-		{
-		/* Session-id reuse */
-#ifdef REUSE_CIPHER_BUG
-		STACK_OF(SSL_CIPHER) *sk;
-		SSL_CIPHER *nc=NULL;
-		SSL_CIPHER *ec=NULL;
-
-		if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
-			{
-			sk=s->session->ciphers;
-			for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-				{
-				c=sk_SSL_CIPHER_value(sk,i);
-				if (c->algorithms & SSL_eNULL)
-					nc=c;
-				if (SSL_C_IS_EXPORT(c))
-					ec=c;
-				}
-			if (nc != NULL)
-				s->s3->tmp.new_cipher=nc;
-			else if (ec != NULL)
-				s->s3->tmp.new_cipher=ec;
-			else
-				s->s3->tmp.new_cipher=s->session->cipher;
-			}
-		else
-#endif
-		s->s3->tmp.new_cipher=s->session->cipher;
-		}
-	
-	/* we now have the following setup. 
-	 * client_random
-	 * cipher_list 		- our prefered list of ciphers
-	 * ciphers 		- the clients prefered list of ciphers
-	 * compression		- basically ignored right now
-	 * ssl version is set	- sslv3
-	 * s->session		- The ssl session has been setup.
-	 * s->hit		- session reuse flag
-	 * s->tmp.new_cipher	- the new cipher to use.
-	 */
-
-	ret=1;
-	if (0)
-		{
-f_err:
-		ssl3_send_alert(s,SSL3_AL_FATAL,al);
-		}
-err:
-	if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
-	return(ret);
-	}
-
-static int ssl3_send_server_hello(SSL *s)
-	{
-	unsigned char *buf;
-	unsigned char *p,*d;
-	int i,sl;
-	unsigned long l,Time;
-
-	if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
-		{
-		buf=(unsigned char *)s->init_buf->data;
-		p=s->s3->server_random;
-		Time=time(NULL);			/* Time */
-		l2n(Time,p);
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
-		/* Do the message type and length last */
-		d=p= &(buf[4]);
-
-		*(p++)=s->version>>8;
-		*(p++)=s->version&0xff;
-
-		/* Random stuff */
-		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-
-		/* now in theory we have 3 options to sending back the
-		 * session id.  If it is a re-use, we send back the
-		 * old session-id, if it is a new session, we send
-		 * back the new session-id or we send back a 0 length
-		 * session-id if we want it to be single use.
-		 * Currently I will not implement the '0' length session-id
-		 * 12-Jan-98 - I'll now support the '0' length stuff.
-		 */
-		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
-			s->session->session_id_length=0;
-
-		sl=s->session->session_id_length;
-		if (sl > sizeof s->session->session_id)
-			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-			return -1;
-			}
-		*(p++)=sl;
-		memcpy(p,s->session->session_id,sl);
-		p+=sl;
-
-		/* put the cipher */
-		i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
-		p+=i;
-
-		/* put the compression method */
-		if (s->s3->tmp.new_compression == NULL)
-			*(p++)=0;
-		else
-			*(p++)=s->s3->tmp.new_compression->id;
-
-		/* do the header */
-		l=(p-d);
-		d=buf;
-		*(d++)=SSL3_MT_SERVER_HELLO;
-		l2n3(l,d);
-
-		s->state=SSL3_ST_CW_CLNT_HELLO_B;
-		/* number of bytes to write */
-		s->init_num=p-buf;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
-
-static int ssl3_send_server_done(SSL *s)
-	{
-	unsigned char *p;
-
-	if (s->state == SSL3_ST_SW_SRVR_DONE_A)
-		{
-		p=(unsigned char *)s->init_buf->data;
-
-		/* do the header */
-		*(p++)=SSL3_MT_SERVER_DONE;
-		*(p++)=0;
-		*(p++)=0;
-		*(p++)=0;
-
-		s->state=SSL3_ST_SW_SRVR_DONE_B;
-		/* number of bytes to write */
-		s->init_num=4;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
-
-static int ssl3_send_server_key_exchange(SSL *s)
-	{
-#ifndef OPENSSL_NO_RSA
-	unsigned char *q;
-	int j,num;
-	RSA *rsa;
-	unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
-	unsigned int u;
-#endif
-#ifndef OPENSSL_NO_DH
-	DH *dh=NULL,*dhp;
-#endif
-	EVP_PKEY *pkey;
-	unsigned char *p,*d;
-	int al,i;
-	unsigned long type;
-	int n;
-	CERT *cert;
-	BIGNUM *r[4];
-	int nr[4],kn;
-	BUF_MEM *buf;
-	EVP_MD_CTX md_ctx;
-
-	EVP_MD_CTX_init(&md_ctx);
-	if (s->state == SSL3_ST_SW_KEY_EXCH_A)
-		{
-		type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
-		cert=s->cert;
-
-		buf=s->init_buf;
-
-		r[0]=r[1]=r[2]=r[3]=NULL;
-		n=0;
-#ifndef OPENSSL_NO_RSA
-		if (type & SSL_kRSA)
-			{
-			rsa=cert->rsa_tmp;
-			if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
-				{
-				rsa=s->cert->rsa_tmp_cb(s,
-				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
-				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
-				if(rsa == NULL)
-				{
-					al=SSL_AD_HANDSHAKE_FAILURE;
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
-					goto f_err;
-				}
-				RSA_up_ref(rsa);
-				cert->rsa_tmp=rsa;
-				}
-			if (rsa == NULL)
-				{
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
-				goto f_err;
-				}
-			r[0]=rsa->n;
-			r[1]=rsa->e;
-			s->s3->tmp.use_rsa_tmp=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DH
-			if (type & SSL_kEDH)
-			{
-			dhp=cert->dh_tmp;
-			if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-				dhp=s->cert->dh_tmp_cb(s,
-				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
-				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
-			if (dhp == NULL)
-				{
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
-				goto f_err;
-				}
-
-			if (s->s3->tmp.dh != NULL)
-				{
-				DH_free(dh);
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-				goto err;
-				}
-
-			if ((dh=DHparams_dup(dhp)) == NULL)
-				{
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
-				goto err;
-				}
-
-			s->s3->tmp.dh=dh;
-			if ((dhp->pub_key == NULL ||
-			     dhp->priv_key == NULL ||
-			     (s->options & SSL_OP_SINGLE_DH_USE)))
-				{
-				if(!DH_generate_key(dh))
-				    {
-				    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-					   ERR_R_DH_LIB);
-				    goto err;
-				    }
-				}
-			else
-				{
-				dh->pub_key=BN_dup(dhp->pub_key);
-				dh->priv_key=BN_dup(dhp->priv_key);
-				if ((dh->pub_key == NULL) ||
-					(dh->priv_key == NULL))
-					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
-					goto err;
-					}
-				}
-			r[0]=dh->p;
-			r[1]=dh->g;
-			r[2]=dh->pub_key;
-			}
-		else 
-#endif
-			{
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
-			goto f_err;
-			}
-		for (i=0; r[i] != NULL; i++)
-			{
-			nr[i]=BN_num_bytes(r[i]);
-			n+=2+nr[i];
-			}
-
-		if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
-			{
-			if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
-				== NULL)
-				{
-				al=SSL_AD_DECODE_ERROR;
-				goto f_err;
-				}
-			kn=EVP_PKEY_size(pkey);
-			}
-		else
-			{
-			pkey=NULL;
-			kn=0;
-			}
-
-		if (!BUF_MEM_grow_clean(buf,n+4+kn))
-			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
-			goto err;
-			}
-		d=(unsigned char *)s->init_buf->data;
-		p= &(d[4]);
-
-		for (i=0; r[i] != NULL; i++)
-			{
-			s2n(nr[i],p);
-			BN_bn2bin(r[i],p);
-			p+=nr[i];
-			}
-
-		/* not anonymous */
-		if (pkey != NULL)
-			{
-			/* n is the length of the params, they start at &(d[4])
-			 * and p points to the space at the end. */
-#ifndef OPENSSL_NO_RSA
-			if (pkey->type == EVP_PKEY_RSA)
-				{
-				q=md_buf;
-				j=0;
-				for (num=2; num > 0; num--)
-					{
-					EVP_DigestInit_ex(&md_ctx,(num == 2)
-						?s->ctx->md5:s->ctx->sha1, NULL);
-					EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
-					EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-					EVP_DigestUpdate(&md_ctx,&(d[4]),n);
-					EVP_DigestFinal_ex(&md_ctx,q,
-						(unsigned int *)&i);
-					q+=i;
-					j+=i;
-					}
-				if (RSA_sign(NID_md5_sha1, md_buf, j,
-					&(p[2]), &u, pkey->pkey.rsa) <= 0)
-					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
-					goto err;
-					}
-				s2n(u,p);
-				n+=u+2;
-				}
-			else
-#endif
-#if !defined(OPENSSL_NO_DSA)
-				if (pkey->type == EVP_PKEY_DSA)
-				{
-				/* lets do DSS */
-				EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
-				EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
-				EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-				EVP_SignUpdate(&md_ctx,&(d[4]),n);
-				if (!EVP_SignFinal(&md_ctx,&(p[2]),
-					(unsigned int *)&i,pkey))
-					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
-					goto err;
-					}
-				s2n(i,p);
-				n+=i+2;
-				}
-			else
-#endif
-				{
-				/* Is this error check actually needed? */
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
-				goto f_err;
-				}
-			}
-
-		*(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
-		l2n3(n,d);
-
-		/* we should now have things packed up, so lets send
-		 * it off */
-		s->init_num=n+4;
-		s->init_off=0;
-		}
-
-	s->state = SSL3_ST_SW_KEY_EXCH_B;
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return(-1);
-	}
-
-static int ssl3_send_certificate_request(SSL *s)
-	{
-	unsigned char *p,*d;
-	int i,j,nl,off,n;
-	STACK_OF(X509_NAME) *sk=NULL;
-	X509_NAME *name;
-	BUF_MEM *buf;
-
-	if (s->state == SSL3_ST_SW_CERT_REQ_A)
-		{
-		buf=s->init_buf;
-
-		d=p=(unsigned char *)&(buf->data[4]);
-
-		/* get the list of acceptable cert types */
-		p++;
-		n=ssl3_get_req_cert_type(s,p);
-		d[0]=n;
-		p+=n;
-		n++;
-
-		off=n;
-		p+=2;
-		n+=2;
-
-		sk=SSL_get_client_CA_list(s);
-		nl=0;
-		if (sk != NULL)
-			{
-			for (i=0; i<sk_X509_NAME_num(sk); i++)
-				{
-				name=sk_X509_NAME_value(sk,i);
-				j=i2d_X509_NAME(name,NULL);
-				if (!BUF_MEM_grow_clean(buf,4+n+j+2))
-					{
-					SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
-					goto err;
-					}
-				p=(unsigned char *)&(buf->data[4+n]);
-				if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
-					{
-					s2n(j,p);
-					i2d_X509_NAME(name,&p);
-					n+=2+j;
-					nl+=2+j;
-					}
-				else
-					{
-					d=p;
-					i2d_X509_NAME(name,&p);
-					j-=2; s2n(j,d); j+=2;
-					n+=j;
-					nl+=j;
-					}
-				}
-			}
-		/* else no CA names */
-		p=(unsigned char *)&(buf->data[4+off]);
-		s2n(nl,p);
-
-		d=(unsigned char *)buf->data;
-		*(d++)=SSL3_MT_CERTIFICATE_REQUEST;
-		l2n3(n,d);
-
-		/* we should now have things packed up, so lets send
-		 * it off */
-
-		s->init_num=n+4;
-		s->init_off=0;
-#ifdef NETSCAPE_HANG_BUG
-		p=(unsigned char *)s->init_buf->data + s->init_num;
-
-		/* do the header */
-		*(p++)=SSL3_MT_SERVER_DONE;
-		*(p++)=0;
-		*(p++)=0;
-		*(p++)=0;
-		s->init_num += 4;
-#endif
-
-		}
-
-	/* SSL3_ST_SW_CERT_REQ_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
-	return(-1);
-	}
-
-static int ssl3_get_client_key_exchange(SSL *s)
-	{
-	int i,al,ok;
-	long n;
-	unsigned long l;
-	unsigned char *p;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa=NULL;
-	EVP_PKEY *pkey=NULL;
-#endif
-#ifndef OPENSSL_NO_DH
-	BIGNUM *pub=NULL;
-	DH *dh_srvr;
-#endif
-#ifndef OPENSSL_NO_KRB5
-        KSSL_ERR kssl_err;
-#endif /* OPENSSL_NO_KRB5 */
-
-	n=ssl3_get_message(s,
-		SSL3_ST_SR_KEY_EXCH_A,
-		SSL3_ST_SR_KEY_EXCH_B,
-		SSL3_MT_CLIENT_KEY_EXCHANGE,
-		2048, /* ??? */
-		&ok);
-
-	if (!ok) return((int)n);
-	p=(unsigned char *)s->init_msg;
-
-	l=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef OPENSSL_NO_RSA
-	if (l & SSL_kRSA)
-		{
-		/* FIX THIS UP EAY EAY EAY EAY */
-		if (s->s3->tmp.use_rsa_tmp)
-			{
-			if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
-				rsa=s->cert->rsa_tmp;
-			/* Don't do a callback because rsa_tmp should
-			 * be sent already */
-			if (rsa == NULL)
-				{
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
-				goto f_err;
-
-				}
-			}
-		else
-			{
-			pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
-			if (	(pkey == NULL) ||
-				(pkey->type != EVP_PKEY_RSA) ||
-				(pkey->pkey.rsa == NULL))
-				{
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
-				goto f_err;
-				}
-			rsa=pkey->pkey.rsa;
-			}
-
-		/* TLS */
-		if (s->version > SSL3_VERSION)
-			{
-			n2s(p,i);
-			if (n != i+2)
-				{
-				if (!(s->options & SSL_OP_TLS_D5_BUG))
-					{
-					SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
-					goto err;
-					}
-				else
-					p-=2;
-				}
-			else
-				n=i;
-			}
-
-		i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
-
-		al = -1;
-		
-		if (i != SSL_MAX_MASTER_KEY_LENGTH)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
-			}
-
-		if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
-			{
-			/* The premaster secret must contain the same version number as the
-			 * ClientHello to detect version rollback attacks (strangely, the
-			 * protocol does not offer such protection for DH ciphersuites).
-			 * However, buggy clients exist that send the negotiated protocol
-			 * version instead if the server does not support the requested
-			 * protocol version.
-			 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
-			if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
-				(p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
-				{
-				al=SSL_AD_DECODE_ERROR;
-				/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
-
-				/* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack
-				 * (http://eprint.iacr.org/2003/052/) exploits the version
-				 * number check as a "bad version oracle" -- an alert would
-				 * reveal that the plaintext corresponding to some ciphertext
-				 * made up by the adversary is properly formatted except
-				 * that the version number is wrong.  To avoid such attacks,
-				 * we should treat this just like any other decryption error. */
-				p[0] = (char)(int) "CAN-2003-0131 patch 2003-03-19";
-				}
-			}
-
-		if (al != -1)
-			{
-			/* Some decryption failure -- use random value instead as countermeasure
-			 * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
-			 * (see RFC 2246, section 7.4.7.1). */
-			ERR_clear_error();
-			i = SSL_MAX_MASTER_KEY_LENGTH;
-			p[0] = s->client_version >> 8;
-			p[1] = s->client_version & 0xff;
-			RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
-			}
-	
-		s->session->master_key_length=
-			s->method->ssl3_enc->generate_master_secret(s,
-				s->session->master_key,
-				p,i);
-		OPENSSL_cleanse(p,i);
-		}
-	else
-#endif
-#ifndef OPENSSL_NO_DH
-		if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
-		{
-		n2s(p,i);
-		if (n != i+2)
-			{
-			if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
-				{
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-				goto err;
-				}
-			else
-				{
-				p-=2;
-				i=(int)n;
-				}
-			}
-
-		if (n == 0L) /* the parameters are in the cert */
-			{
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
-			goto f_err;
-			}
-		else
-			{
-			if (s->s3->tmp.dh == NULL)
-				{
-				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
-				goto f_err;
-				}
-			else
-				dh_srvr=s->s3->tmp.dh;
-			}
-
-		pub=BN_bin2bn(p,i,NULL);
-		if (pub == NULL)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
-			goto err;
-			}
-
-		i=DH_compute_key(p,pub,dh_srvr);
-
-		if (i <= 0)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
-			goto err;
-			}
-
-		DH_free(s->s3->tmp.dh);
-		s->s3->tmp.dh=NULL;
-
-		BN_clear_free(pub);
-		pub=NULL;
-		s->session->master_key_length=
-			s->method->ssl3_enc->generate_master_secret(s,
-				s->session->master_key,p,i);
-		OPENSSL_cleanse(p,i);
-		}
-	else
-#endif
-#ifndef OPENSSL_NO_KRB5
-        if (l & SSL_kKRB5)
-                {
-                krb5_error_code		krb5rc;
-		krb5_data		enc_ticket;
-		krb5_data		authenticator;
-		krb5_data		enc_pms;
-                KSSL_CTX		*kssl_ctx = s->kssl_ctx;
-		EVP_CIPHER_CTX		ciph_ctx;
-		EVP_CIPHER		*enc = NULL;
-		unsigned char		iv[EVP_MAX_IV_LENGTH];
-		unsigned char		pms[SSL_MAX_MASTER_KEY_LENGTH
-                                               + EVP_MAX_BLOCK_LENGTH];
-		int                     padl, outl;
-		krb5_timestamp		authtime = 0;
-		krb5_ticket_times	ttimes;
-
-		EVP_CIPHER_CTX_init(&ciph_ctx);
-
-                if (!kssl_ctx)  kssl_ctx = kssl_ctx_new();
-
-		n2s(p,i);
-		enc_ticket.length = i;
-		enc_ticket.data = (char *)p;
-		p+=enc_ticket.length;
-
-		n2s(p,i);
-		authenticator.length = i;
-		authenticator.data = (char *)p;
-		p+=authenticator.length;
-
-		n2s(p,i);
-		enc_pms.length = i;
-		enc_pms.data = (char *)p;
-		p+=enc_pms.length;
-
-		/* Note that the length is checked again below,
-		** after decryption
-		*/
-		if(enc_pms.length > sizeof pms)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			       SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-			}
-
-		if (n != enc_ticket.length + authenticator.length +
-						enc_pms.length + 6)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-			}
-
-                if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
-					&kssl_err)) != 0)
-                        {
-#ifdef KSSL_DEBUG
-                        printf("kssl_sget_tkt rtn %d [%d]\n",
-                                krb5rc, kssl_err.reason);
-                        if (kssl_err.text)
-                                printf("kssl_err text= %s\n", kssl_err.text);
-#endif	/* KSSL_DEBUG */
-                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                kssl_err.reason);
-                        goto err;
-                        }
-
-		/*  Note: no authenticator is not considered an error,
-		**  but will return authtime == 0.
-		*/
-		if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
-					&authtime, &kssl_err)) != 0)
-			{
-#ifdef KSSL_DEBUG
-                        printf("kssl_check_authent rtn %d [%d]\n",
-                                krb5rc, kssl_err.reason);
-                        if (kssl_err.text)
-                                printf("kssl_err text= %s\n", kssl_err.text);
-#endif	/* KSSL_DEBUG */
-                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                kssl_err.reason);
-                        goto err;
-			}
-
-		if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
-			{
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
-                        goto err;
-			}
-
-#ifdef KSSL_DEBUG
-                kssl_ctx_show(kssl_ctx);
-#endif	/* KSSL_DEBUG */
-
-		enc = kssl_map_enc(kssl_ctx->enctype);
-                if (enc == NULL)
-                    goto err;
-
-		memset(iv, 0, sizeof iv);	/* per RFC 1510 */
-
-		if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DECRYPTION_FAILED);
-			goto err;
-			}
-		if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
-					(unsigned char *)enc_pms.data, enc_pms.length))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DECRYPTION_FAILED);
-			goto err;
-			}
-		if (outl > SSL_MAX_MASTER_KEY_LENGTH)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-			}
-		if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DECRYPTION_FAILED);
-			goto err;
-			}
-		outl += padl;
-		if (outl > SSL_MAX_MASTER_KEY_LENGTH)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-			}
-		EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-                s->session->master_key_length=
-                        s->method->ssl3_enc->generate_master_secret(s,
-                                s->session->master_key, pms, outl);
-
-                if (kssl_ctx->client_princ)
-                        {
-                        int len = strlen(kssl_ctx->client_princ);
-                        if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) 
-                                {
-                                s->session->krb5_client_princ_len = len;
-                                memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
-                                }
-                        }
-
-
-                /*  Was doing kssl_ctx_free() here,
-		**  but it caused problems for apache.
-                **  kssl_ctx = kssl_ctx_free(kssl_ctx);
-                **  if (s->kssl_ctx)  s->kssl_ctx = NULL;
-                */
-                }
-	else
-#endif	/* OPENSSL_NO_KRB5 */
-		{
-		al=SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				SSL_R_UNKNOWN_CIPHER_TYPE);
-		goto f_err;
-		}
-
-	return(1);
-f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
-err:
-#endif
-	return(-1);
-	}
-
-static int ssl3_get_cert_verify(SSL *s)
-	{
-	EVP_PKEY *pkey=NULL;
-	unsigned char *p;
-	int al,ok,ret=0;
-	long n;
-	int type=0,i,j;
-	X509 *peer;
-
-	n=ssl3_get_message(s,
-		SSL3_ST_SR_CERT_VRFY_A,
-		SSL3_ST_SR_CERT_VRFY_B,
-		-1,
-		514, /* 514? */
-		&ok);
-
-	if (!ok) return((int)n);
-
-	if (s->session->peer != NULL)
-		{
-		peer=s->session->peer;
-		pkey=X509_get_pubkey(peer);
-		type=X509_certificate_type(peer,pkey);
-		}
-	else
-		{
-		peer=NULL;
-		pkey=NULL;
-		}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
-		{
-		s->s3->tmp.reuse_message=1;
-		if ((peer != NULL) && (type | EVP_PKT_SIGN))
-			{
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
-			goto f_err;
-			}
-		ret=1;
-		goto end;
-		}
-
-	if (peer == NULL)
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		goto f_err;
-		}
-
-	if (!(type & EVP_PKT_SIGN))
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
-		al=SSL_AD_ILLEGAL_PARAMETER;
-		goto f_err;
-		}
-
-	if (s->s3->change_cipher_spec)
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		goto f_err;
-		}
-
-	/* we now have a signature that we need to verify */
-	p=(unsigned char *)s->init_msg;
-	n2s(p,i);
-	n-=2;
-	if (i > n)
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
-		al=SSL_AD_DECODE_ERROR;
-		goto f_err;
-		}
-
-	j=EVP_PKEY_size(pkey);
-	if ((i > j) || (n > j) || (n <= 0))
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
-		al=SSL_AD_DECODE_ERROR;
-		goto f_err;
-		}
-
-#ifndef OPENSSL_NO_RSA 
-	if (pkey->type == EVP_PKEY_RSA)
-		{
-		i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
-			MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i, 
-							pkey->pkey.rsa);
-		if (i < 0)
-			{
-			al=SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
-			goto f_err;
-			}
-		if (i == 0)
-			{
-			al=SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
-			goto f_err;
-			}
-		}
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		{
-		j=DSA_verify(pkey->save_type,
-			&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-			SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
-		if (j <= 0)
-			{
-			/* bad signature */
-			al=SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
-			goto f_err;
-			}
-		}
-	else
-#endif
-		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
-		al=SSL_AD_UNSUPPORTED_CERTIFICATE;
-		goto f_err;
-		}
-
-
-	ret=1;
-	if (0)
-		{
-f_err:
-		ssl3_send_alert(s,SSL3_AL_FATAL,al);
-		}
-end:
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-
-static int ssl3_get_client_certificate(SSL *s)
-	{
-	int i,ok,al,ret= -1;
-	X509 *x=NULL;
-	unsigned long l,nc,llen,n;
-	unsigned char *p,*d,*q;
-	STACK_OF(X509) *sk=NULL;
-
-	n=ssl3_get_message(s,
-		SSL3_ST_SR_CERT_A,
-		SSL3_ST_SR_CERT_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-
-	if (!ok) return((int)n);
-
-	if	(s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
-		{
-		if (	(s->verify_mode & SSL_VERIFY_PEER) &&
-			(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			goto f_err;
-			}
-		/* If tls asked for a client cert, the client must return a 0 list */
-		if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
-			al=SSL_AD_UNEXPECTED_MESSAGE;
-			goto f_err;
-			}
-		s->s3->tmp.reuse_message=1;
-		return(1);
-		}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
-		{
-		al=SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
-		goto f_err;
-		}
-	d=p=(unsigned char *)s->init_msg;
-
-	if ((sk=sk_X509_new_null()) == NULL)
-		{
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	n2l3(p,llen);
-	if (llen+3 != n)
-		{
-		al=SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-		}
-	for (nc=0; nc<llen; )
-		{
-		n2l3(p,l);
-		if ((l+nc+3) > llen)
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-			}
-
-		q=p;
-		x=d2i_X509(NULL,&p,l);
-		if (x == NULL)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		if (p != (q+l))
-			{
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-			}
-		if (!sk_X509_push(sk,x))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		x=NULL;
-		nc+=l+3;
-		}
-
-	if (sk_X509_num(sk) <= 0)
-		{
-		/* TLS does not mind 0 certs returned */
-		if (s->version == SSL3_VERSION)
-			{
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
-			goto f_err;
-			}
-		/* Fail for TLS only if we required a certificate */
-		else if ((s->verify_mode & SSL_VERIFY_PEER) &&
-			 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-			al=SSL_AD_HANDSHAKE_FAILURE;
-			goto f_err;
-			}
-		}
-	else
-		{
-		i=ssl_verify_cert_chain(s,sk);
-		if (!i)
-			{
-			al=ssl_verify_alarm_type(s->verify_result);
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
-			goto f_err;
-			}
-		}
-
-	if (s->session->peer != NULL) /* This should not be needed */
-		X509_free(s->session->peer);
-	s->session->peer=sk_X509_shift(sk);
-	s->session->verify_result = s->verify_result;
-
-	/* With the current implementation, sess_cert will always be NULL
-	 * when we arrive here. */
-	if (s->session->sess_cert == NULL)
-		{
-		s->session->sess_cert = ssl_sess_cert_new();
-		if (s->session->sess_cert == NULL)
-			{
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
-	if (s->session->sess_cert->cert_chain != NULL)
-		sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
-	s->session->sess_cert->cert_chain=sk;
-	/* Inconsistency alert: cert_chain does *not* include the
-	 * peer's own certificate, while we do include it in s3_clnt.c */
-
-	sk=NULL;
-
-	ret=1;
-	if (0)
-		{
-f_err:
-		ssl3_send_alert(s,SSL3_AL_FATAL,al);
-		}
-err:
-	if (x != NULL) X509_free(x);
-	if (sk != NULL) sk_X509_pop_free(sk,X509_free);
-	return(ret);
-	}
-
-int ssl3_send_server_certificate(SSL *s)
-	{
-	unsigned long l;
-	X509 *x;
-
-	if (s->state == SSL3_ST_SW_CERT_A)
-		{
-		x=ssl_get_server_send_cert(s);
-		if (x == NULL &&
-                        /* VRS: allow null cert if auth == KRB5 */
-                        (s->s3->tmp.new_cipher->algorithms
-                                & (SSL_MKEY_MASK|SSL_AUTH_MASK))
-                        != (SSL_aKRB5|SSL_kKRB5))
-			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
-			return(0);
-			}
-
-		l=ssl3_output_cert_chain(s,x);
-		s->state=SSL3_ST_SW_CERT_B;
-		s->init_num=(int)l;
-		s->init_off=0;
-		}
-
-	/* SSL3_ST_SW_CERT_B */
-	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-	}
diff --git a/crypto/openssl/ssl/ssl.h b/crypto/openssl/ssl/ssl.h
deleted file mode 100644
index 4ae845825949..000000000000
--- a/crypto/openssl/ssl/ssl.h
+++ /dev/null
@@ -1,1854 +0,0 @@
-/* ssl/ssl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SSL_H 
-#define HEADER_SSL_H 
-
-#include <openssl/e_os2.h>
-
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_X509
-#include <openssl/x509.h>
-#endif
-#include <openssl/kssl.h>
-#include <openssl/safestack.h>
-#include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/* Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-#define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-#define SSL_TXT_NULL_WITH_MD5		SSL2_TXT_NULL_WITH_MD5			
-#define SSL_TXT_RC4_128_WITH_MD5	SSL2_TXT_RC4_128_WITH_MD5		
-#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5	
-#define SSL_TXT_RC2_128_CBC_WITH_MD5	SSL2_TXT_RC2_128_CBC_WITH_MD5		
-#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5	
-#define SSL_TXT_IDEA_128_CBC_WITH_MD5	SSL2_TXT_IDEA_128_CBC_WITH_MD5		
-#define SSL_TXT_DES_64_CBC_WITH_MD5	SSL2_TXT_DES_64_CBC_WITH_MD5		
-#define SSL_TXT_DES_64_CBC_WITH_SHA	SSL2_TXT_DES_64_CBC_WITH_SHA		
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5	
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA	
-
-/*    VRS Additional Kerberos5 entries
- */
-#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-#define SSL_TXT_KRB5_RC4_128_SHA      SSL3_TXT_KRB5_RC4_128_SHA
-#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
-#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5       
-#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5       
-#define SSL_TXT_KRB5_RC4_128_MD5      SSL3_TXT_KRB5_RC4_128_MD5
-#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 
-
-#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA 
-#define SSL_TXT_KRB5_RC2_40_CBC_SHA   SSL3_TXT_KRB5_RC2_40_CBC_SHA 
-#define SSL_TXT_KRB5_RC4_40_SHA	      SSL3_TXT_KRB5_RC4_40_SHA
-#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5 
-#define SSL_TXT_KRB5_RC2_40_CBC_MD5   SSL3_TXT_KRB5_RC2_40_CBC_MD5 
-#define SSL_TXT_KRB5_RC4_40_MD5	      SSL3_TXT_KRB5_RC4_40_MD5
-
-#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
-#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
-#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
-#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-#define SSL_MAX_KRB5_PRINCIPAL_LENGTH  256
-
-#define SSL_MAX_SSL_SESSION_ID_LENGTH		32
-#define SSL_MAX_SID_CTX_LENGTH			32
-
-#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES	(512/8)
-#define SSL_MAX_KEY_ARG_LENGTH			8
-#define SSL_MAX_MASTER_KEY_LENGTH		48
-
-/* These are used to specify which ciphers to use and not to use */
-#define SSL_TXT_LOW		"LOW"
-#define SSL_TXT_MEDIUM		"MEDIUM"
-#define SSL_TXT_HIGH		"HIGH"
-#define SSL_TXT_kFZA		"kFZA"
-#define	SSL_TXT_aFZA		"aFZA"
-#define SSL_TXT_eFZA		"eFZA"
-#define SSL_TXT_FZA		"FZA"
-
-#define	SSL_TXT_aNULL		"aNULL"
-#define	SSL_TXT_eNULL		"eNULL"
-#define	SSL_TXT_NULL		"NULL"
-
-#define SSL_TXT_kKRB5     	"kKRB5"
-#define SSL_TXT_aKRB5     	"aKRB5"
-#define SSL_TXT_KRB5      	"KRB5"
-
-#define SSL_TXT_kRSA		"kRSA"
-#define SSL_TXT_kDHr		"kDHr"
-#define SSL_TXT_kDHd		"kDHd"
-#define SSL_TXT_kEDH		"kEDH"
-#define	SSL_TXT_aRSA		"aRSA"
-#define	SSL_TXT_aDSS		"aDSS"
-#define	SSL_TXT_aDH		"aDH"
-#define	SSL_TXT_DSS		"DSS"
-#define SSL_TXT_DH		"DH"
-#define SSL_TXT_EDH		"EDH"
-#define SSL_TXT_ADH		"ADH"
-#define SSL_TXT_RSA		"RSA"
-#define SSL_TXT_DES		"DES"
-#define SSL_TXT_3DES		"3DES"
-#define SSL_TXT_RC4		"RC4"
-#define SSL_TXT_RC2		"RC2"
-#define SSL_TXT_IDEA		"IDEA"
-#define SSL_TXT_AES		"AES"
-#define SSL_TXT_MD5		"MD5"
-#define SSL_TXT_SHA1		"SHA1"
-#define SSL_TXT_SHA		"SHA"
-#define SSL_TXT_EXP		"EXP"
-#define SSL_TXT_EXPORT		"EXPORT"
-#define SSL_TXT_EXP40		"EXPORT40"
-#define SSL_TXT_EXP56		"EXPORT56"
-#define SSL_TXT_SSLV2		"SSLv2"
-#define SSL_TXT_SSLV3		"SSLv3"
-#define SSL_TXT_TLSV1		"TLSv1"
-#define SSL_TXT_ALL		"ALL"
-
-/*
- * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
- * ciphers normally not being used.
- * Example: "RC4" will activate all ciphers using RC4 including ciphers
- * without authentication, which would normally disabled by DEFAULT (due
- * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
- * will make sure that it is also disabled in the specific selection.
- * COMPLEMENTOF* identifiers are portable between version, as adjustments
- * to the default cipher setup will also be included here.
- *
- * COMPLEMENTOFDEFAULT does not experience the same special treatment that
- * DEFAULT gets, as only selection is being done and no sorting as needed
- * for DEFAULT.
- */
-#define SSL_TXT_CMPALL		"COMPLEMENTOFALL"
-#define SSL_TXT_CMPDEF		"COMPLEMENTOFDEFAULT"
-
-/* The following cipher list is used by default.
- * It also is substituted when an application-defined cipher list string
- * starts with 'DEFAULT'. */
-#define SSL_DEFAULT_CIPHER_LIST	"ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-#define SSL_SENT_SHUTDOWN	1
-#define SSL_RECEIVED_SHUTDOWN	2
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/pem.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
-#define OPENSSL_NO_SSL2
-#endif
-
-#define SSL_FILETYPE_ASN1	X509_FILETYPE_ASN1
-#define SSL_FILETYPE_PEM	X509_FILETYPE_PEM
-
-/* This is needed to stop compilers complaining about the
- * 'struct ssl_st *' function parameters used to prototype callbacks
- * in SSL_CTX. */
-typedef struct ssl_st *ssl_crock_st;
-
-/* used to hold info on the particular ciphers used */
-typedef struct ssl_cipher_st
-	{
-	int valid;
-	const char *name;		/* text name */
-	unsigned long id;		/* id, 4 bytes, first is version */
-	unsigned long algorithms;	/* what ciphers are used */
-	unsigned long algo_strength;	/* strength and export flags */
-	unsigned long algorithm2;	/* Extra flags */
-	int strength_bits;		/* Number of bits really used */
-	int alg_bits;			/* Number of bits for algorithm */
-	unsigned long mask;		/* used for matching */
-	unsigned long mask_strength;	/* also used for matching */
-	} SSL_CIPHER;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
-
-/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-typedef struct ssl_method_st
-	{
-	int version;
-	int (*ssl_new)(SSL *s);
-	void (*ssl_clear)(SSL *s);
-	void (*ssl_free)(SSL *s);
-	int (*ssl_accept)(SSL *s);
-	int (*ssl_connect)(SSL *s);
-	int (*ssl_read)(SSL *s,void *buf,int len);
-	int (*ssl_peek)(SSL *s,void *buf,int len);
-	int (*ssl_write)(SSL *s,const void *buf,int len);
-	int (*ssl_shutdown)(SSL *s);
-	int (*ssl_renegotiate)(SSL *s);
-	int (*ssl_renegotiate_check)(SSL *s);
-	long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
-	long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
-	SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
-	int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
-	int (*ssl_pending)(SSL *s);
-	int (*num_ciphers)(void);
-	SSL_CIPHER *(*get_cipher)(unsigned ncipher);
-	struct ssl_method_st *(*get_ssl_method)(int version);
-	long (*get_timeout)(void);
-	struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
-	int (*ssl_version)();
-	long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
-	long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
-	} SSL_METHOD;
-
-/* Lets make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- *	version 		INTEGER,	-- structure version number
- *	SSLversion 		INTEGER,	-- SSL version number
- *	Cipher 			OCTET_STRING,	-- the 3 byte cipher ID
- *	Session_ID 		OCTET_STRING,	-- the Session ID
- *	Master_key 		OCTET_STRING,	-- the master key
- *	KRB5_principal		OCTET_STRING	-- optional Kerberos principal
- *	Key_Arg [ 0 ] IMPLICIT	OCTET_STRING,	-- the optional Key argument
- *	Time [ 1 ] EXPLICIT	INTEGER,	-- optional Start Time
- *	Timeout [ 2 ] EXPLICIT	INTEGER,	-- optional Timeout ins seconds
- *	Peer [ 3 ] EXPLICIT	X509,		-- optional Peer Certificate
- *	Session_ID_context [ 4 ] EXPLICIT OCTET_STRING,   -- the Session ID context
- *	Verify_result [ 5 ] EXPLICIT INTEGER    -- X509_V_... code for `Peer'
- *	Compression [6] IMPLICIT ASN1_OBJECT	-- compression OID XXXXX
- *	}
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-typedef struct ssl_session_st
-	{
-	int ssl_version;	/* what ssl version session info is
-				 * being kept in here? */
-
-	/* only really used in SSLv2 */
-	unsigned int key_arg_length;
-	unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
-	int master_key_length;
-	unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
-	/* session_id - valid? */
-	unsigned int session_id_length;
-	unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
-	/* this is used to determine whether the session is being reused in
-	 * the appropriate context. It is up to the application to set this,
-	 * via SSL_new */
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
-#ifndef OPENSSL_NO_KRB5
-        unsigned int krb5_client_princ_len;
-        unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
-#endif /* OPENSSL_NO_KRB5 */
-
-	int not_resumable;
-
-	/* The cert is the certificate used to establish this connection */
-	struct sess_cert_st /* SESS_CERT */ *sess_cert;
-
-	/* This is the cert for the other end.
-	 * On clients, it will be the same as sess_cert->peer_key->x509
-	 * (the latter is not enough as sess_cert is not retained
-	 * in the external representation of sessions, see ssl_asn1.c). */
-	X509 *peer;
-	/* when app_verify_callback accepts a session where the peer's certificate
-	 * is not ok, we must remember the error for session reuse: */
-	long verify_result; /* only for servers */
-
-	int references;
-	long timeout;
-	long time;
-
-	int compress_meth;		/* Need to lookup the method */
-
-	SSL_CIPHER *cipher;
-	unsigned long cipher_id;	/* when ASN.1 loaded, this
-					 * needs to be used to load
-					 * the 'cipher' structure */
-
-	STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-
-	CRYPTO_EX_DATA ex_data; /* application specific data */
-
-	/* These are used to make removal of session-ids more
-	 * efficient and to implement a maximum cache size. */
-	struct ssl_session_st *prev,*next;
-	} SSL_SESSION;
-
-
-#define SSL_OP_MICROSOFT_SESS_ID_BUG			0x00000001L
-#define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
-#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
-#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L
-#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x00000080L
-#define SSL_OP_TLS_D5_BUG				0x00000100L
-#define SSL_OP_TLS_BLOCK_PADDING_BUG			0x00000200L
-
-/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
- * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
- * the workaround is not needed.  Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include
- * it in SSL_OP_ALL. */
-#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
-
-/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
- *             This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL					0x00000FFFL
-
-/* As server, disallow session resumption on renegotiation */
-#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION	0x00010000L
-/* If set, always create a new key when using tmp_dh parameters */
-#define SSL_OP_SINGLE_DH_USE				0x00100000L
-/* Set to always use the tmp_rsa key when doing RSA operations,
- * even when this violates protocol specs */
-#define SSL_OP_EPHEMERAL_RSA				0x00200000L
-/* Set on servers to choose the cipher according to the server's
- * preferences */
-#define SSL_OP_CIPHER_SERVER_PREFERENCE			0x00400000L
-/* If set, a server will allow a client to issue a SSLv3.0 version number
- * as latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks. */
-#define SSL_OP_TLS_ROLLBACK_BUG				0x00800000L
-
-#define SSL_OP_NO_SSLv2					0x01000000L
-#define SSL_OP_NO_SSLv3					0x02000000L
-#define SSL_OP_NO_TLSv1					0x04000000L
-
-/* The next flag deliberately changes the ciphertest, this is a check
- * for the PKCS#1 attack */
-#define SSL_OP_PKCS1_CHECK_1				0x08000000L
-#define SSL_OP_PKCS1_CHECK_2				0x10000000L
-#define SSL_OP_NETSCAPE_CA_DN_BUG			0x20000000L
-#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x40000000L
-
-
-/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written): */
-#define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
-/* Make it possible to retry SSL_write() with changed buffer location
- * (buffer contents must stay the same!); this is not the default to avoid
- * the misconception that non-blocking SSL_write() behaves like
- * non-blocking write(): */
-#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/* Never bother the application with retries if the transport
- * is blocking: */
-#define SSL_MODE_AUTO_RETRY 0x00000004L
-/* Don't attempt to automatically build certificate chain */
-#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-
-
-/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
- * they cannot be used to clear bits. */
-
-#define SSL_CTX_set_options(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
-#define SSL_CTX_get_options(ctx) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
-#define SSL_set_options(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
-#define SSL_get_options(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
-
-#define SSL_CTX_set_mode(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
-#define SSL_CTX_get_mode(ctx) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
-#define SSL_set_mode(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
-#define SSL_get_mode(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
-
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-
-
-
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
-#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
-#else
-#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
-#endif
-
-#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT	(1024*20)
-
-/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
- * them. It is used to override the generation of SSL/TLS session IDs in a
- * server. Return value should be zero on an error, non-zero to proceed. Also,
- * callbacks should themselves check if the id they generate is unique otherwise
- * the SSL handshake will fail with an error - callbacks can do this using the
- * 'ssl' value they're passed by;
- *      SSL_has_matching_session_id(ssl, id, *id_len)
- * The length value passed in is set at the maximum size the session ID can be.
- * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
- * can alter this length to be less if desired, but under SSLv2 session IDs are
- * supposed to be fixed at 16 bytes so the id will be padded after the callback
- * returns in this case. It is also an error for the callback to set the size to
- * zero. */
-typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len);
-
-typedef struct ssl_comp_st
-	{
-	int id;
-	char *name;
-#ifndef OPENSSL_NO_COMP
-	COMP_METHOD *method;
-#else
-	char *method;
-#endif
-	} SSL_COMP;
-
-DECLARE_STACK_OF(SSL_COMP)
-
-struct ssl_ctx_st
-	{
-	SSL_METHOD *method;
-
-	STACK_OF(SSL_CIPHER) *cipher_list;
-	/* same as above but sorted for lookup */
-	STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
-	struct x509_store_st /* X509_STORE */ *cert_store;
-	struct lhash_st /* LHASH */ *sessions;	/* a set of SSL_SESSIONs */
-	/* Most session-ids that will be cached, default is
-	 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
-	unsigned long session_cache_size;
-	struct ssl_session_st *session_cache_head;
-	struct ssl_session_st *session_cache_tail;
-
-	/* This can have one of 2 values, ored together,
-	 * SSL_SESS_CACHE_CLIENT,
-	 * SSL_SESS_CACHE_SERVER,
-	 * Default is SSL_SESSION_CACHE_SERVER, which means only
-	 * SSL_accept which cache SSL_SESSIONS. */
-	int session_cache_mode;
-
-	/* If timeout is not 0, it is the default timeout value set
-	 * when SSL_new() is called.  This has been put in to make
-	 * life easier to set things up */
-	long session_timeout;
-
-	/* If this callback is not null, it will be called each
-	 * time a session id is added to the cache.  If this function
-	 * returns 1, it means that the callback will do a
-	 * SSL_SESSION_free() when it has finished using it.  Otherwise,
-	 * on 0, it means the callback has finished with it.
-	 * If remove_session_cb is not null, it will be called when
-	 * a session-id is removed from the cache.  After the call,
-	 * OpenSSL will SSL_SESSION_free() it. */
-	int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
-	void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
-	SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
-		unsigned char *data,int len,int *copy);
-
-	struct
-		{
-		int sess_connect;	/* SSL new conn - started */
-		int sess_connect_renegotiate;/* SSL reneg - requested */
-		int sess_connect_good;	/* SSL new conne/reneg - finished */
-		int sess_accept;	/* SSL new accept - started */
-		int sess_accept_renegotiate;/* SSL reneg - requested */
-		int sess_accept_good;	/* SSL accept/reneg - finished */
-		int sess_miss;		/* session lookup misses  */
-		int sess_timeout;	/* reuse attempt on timeouted session */
-		int sess_cache_full;	/* session removed due to full cache */
-		int sess_hit;		/* session reuse actually done */
-		int sess_cb_hit;	/* session-id that was not
-					 * in the cache was
-					 * passed back via the callback.  This
-					 * indicates that the application is
-					 * supplying session-id's from other
-					 * processes - spooky :-) */
-		} stats;
-
-	int references;
-
-	/* if defined, these override the X509_verify_cert() calls */
-	int (*app_verify_callback)(X509_STORE_CTX *, void *);
-	void *app_verify_arg;
-	/* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
-	 * ('app_verify_callback' was called with just one argument) */
-
-	/* Default password callback. */
-	pem_password_cb *default_passwd_callback;
-
-	/* Default password callback user data. */
-	void *default_passwd_callback_userdata;
-
-	/* get client cert callback */
-	int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-	CRYPTO_EX_DATA ex_data;
-
-	const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
-	const EVP_MD *md5;	/* For SSLv3/TLSv1 'ssl3-md5' */
-	const EVP_MD *sha1;   /* For SSLv3/TLSv1 'ssl3->sha1' */
-
-	STACK_OF(X509) *extra_certs;
-	STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
-
-
-	/* Default values used when no per-SSL value is defined follow */
-
-	void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
-
-	/* what we put in client cert requests */
-	STACK_OF(X509_NAME) *client_CA;
-
-
-	/* Default values to use in SSL structures follow (these are copied by SSL_new) */
-
-	unsigned long options;
-	unsigned long mode;
-	long max_cert_list;
-
-	struct cert_st /* CERT */ *cert;
-	int read_ahead;
-
-	/* callback that allows applications to peek at protocol messages */
-	void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
-	void *msg_callback_arg;
-
-	int verify_mode;
-	int verify_depth;
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
-
-	/* Default generate session ID callback. */
-	GEN_SESSION_CB generate_session_id;
-
-	int purpose;		/* Purpose setting */
-	int trust;		/* Trust setting */
-
-	int quiet_shutdown;
-	};
-
-#define SSL_SESS_CACHE_OFF			0x0000
-#define SSL_SESS_CACHE_CLIENT			0x0001
-#define SSL_SESS_CACHE_SERVER			0x0002
-#define SSL_SESS_CACHE_BOTH	(SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-#define SSL_SESS_CACHE_NO_AUTO_CLEAR		0x0080
-/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
-#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP	0x0100
-#define SSL_SESS_CACHE_NO_INTERNAL_STORE	0x0200
-#define SSL_SESS_CACHE_NO_INTERNAL \
-	(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-  struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
-#define SSL_CTX_sess_number(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-#define SSL_CTX_sess_connect(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-#define SSL_CTX_sess_connect_good(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-#define SSL_CTX_sess_connect_renegotiate(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-#define SSL_CTX_sess_accept_renegotiate(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept_good(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-#define SSL_CTX_sess_hits(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-#define SSL_CTX_sess_cb_hits(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-#define SSL_CTX_sess_misses(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-#define SSL_CTX_sess_timeouts(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-#define SSL_CTX_sess_cache_full(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-#define SSL_CTX_sess_set_new_cb(ctx,cb)	((ctx)->new_session_cb=(cb))
-#define SSL_CTX_sess_get_new_cb(ctx)	((ctx)->new_session_cb)
-#define SSL_CTX_sess_set_remove_cb(ctx,cb)	((ctx)->remove_session_cb=(cb))
-#define SSL_CTX_sess_get_remove_cb(ctx)	((ctx)->remove_session_cb)
-#define SSL_CTX_sess_set_get_cb(ctx,cb)	((ctx)->get_session_cb=(cb))
-#define SSL_CTX_sess_get_get_cb(ctx)	((ctx)->get_session_cb)
-#define SSL_CTX_set_info_callback(ctx,cb)	((ctx)->info_callback=(cb))
-#define SSL_CTX_get_info_callback(ctx)		((ctx)->info_callback)
-#define SSL_CTX_set_client_cert_cb(ctx,cb)	((ctx)->client_cert_cb=(cb))
-#define SSL_CTX_get_client_cert_cb(ctx)		((ctx)->client_cert_cb)
-
-#define SSL_NOTHING	1
-#define SSL_WRITING	2
-#define SSL_READING	3
-#define SSL_X509_LOOKUP	4
-
-/* These will only be used when doing non-blocking IO */
-#define SSL_want_nothing(s)	(SSL_want(s) == SSL_NOTHING)
-#define SSL_want_read(s)	(SSL_want(s) == SSL_READING)
-#define SSL_want_write(s)	(SSL_want(s) == SSL_WRITING)
-#define SSL_want_x509_lookup(s)	(SSL_want(s) == SSL_X509_LOOKUP)
-
-struct ssl_st
-	{
-	/* protocol version
-	 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
-	 */
-	int version;
-	int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
-
-	SSL_METHOD *method; /* SSLv3 */
-
-	/* There are 2 BIO's even though they are normally both the
-	 * same.  This is so data can be read and written to different
-	 * handlers */
-
-#ifndef OPENSSL_NO_BIO
-	BIO *rbio; /* used by SSL_read */
-	BIO *wbio; /* used by SSL_write */
-	BIO *bbio; /* used during session-id reuse to concatenate
-		    * messages */
-#else
-	char *rbio; /* used by SSL_read */
-	char *wbio; /* used by SSL_write */
-	char *bbio;
-#endif
-	/* This holds a variable that indicates what we were doing
-	 * when a 0 or -1 is returned.  This is needed for
-	 * non-blocking IO so we know what request needs re-doing when
-	 * in SSL_accept or SSL_connect */
-	int rwstate;
-
-	/* true when we are actually in SSL_accept() or SSL_connect() */
-	int in_handshake;
-	int (*handshake_func)();
-
-	/* Imagine that here's a boolean member "init" that is
-	 * switched as soon as SSL_set_{accept/connect}_state
-	 * is called for the first time, so that "state" and
-	 * "handshake_func" are properly initialized.  But as
-	 * handshake_func is == 0 until then, we use this
-	 * test instead of an "init" member.
-	 */
-
-	int server;	/* are we the server side? - mostly used by SSL_clear*/
-
-	int new_session;/* 1 if we are to use a new session.
-	                 * 2 if we are a server and are inside a handshake
-	                 *   (i.e. not just sending a HelloRequest)
-	                 * NB: For servers, the 'new' session may actually be a previously
-	                 * cached session or even the previous session unless
-	                 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-	int quiet_shutdown;/* don't send shutdown packets */
-	int shutdown;	/* we have shut things down, 0x01 sent, 0x02
-			 * for received */
-	int state;	/* where we are */
-	int rstate;	/* where we are when reading */
-
-	BUF_MEM *init_buf;	/* buffer used during init */
-	void *init_msg;   	/* pointer to handshake message body, set by ssl3_get_message() */
-	int init_num;		/* amount read/written */
-	int init_off;		/* amount read/written */
-
-	/* used internally to point at a raw packet */
-	unsigned char *packet;
-	unsigned int packet_length;
-
-	struct ssl2_state_st *s2; /* SSLv2 variables */
-	struct ssl3_state_st *s3; /* SSLv3 variables */
-
-	int read_ahead;		/* Read as many input bytes as possible
-	               	 	 * (for non-blocking reads) */
-
-	/* callback that allows applications to peek at protocol messages */
-	void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
-	void *msg_callback_arg;
-
-	int hit;		/* reusing a previous session */
-
-	int purpose;		/* Purpose setting */
-	int trust;		/* Trust setting */
-
-	/* crypto */
-	STACK_OF(SSL_CIPHER) *cipher_list;
-	STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
-	/* These are the ones being used, the ones in SSL_SESSION are
-	 * the ones to be 'copied' into these ones */
-
-	EVP_CIPHER_CTX *enc_read_ctx;		/* cryptographic state */
-	const EVP_MD *read_hash;		/* used for mac generation */
-#ifndef OPENSSL_NO_COMP
-	COMP_CTX *expand;			/* uncompress */
-#else
-	char *expand;
-#endif
-
-	EVP_CIPHER_CTX *enc_write_ctx;		/* cryptographic state */
-	const EVP_MD *write_hash;		/* used for mac generation */
-#ifndef OPENSSL_NO_COMP
-	COMP_CTX *compress;			/* compression */
-#else
-	char *compress;	
-#endif
-
-	/* session info */
-
-	/* client cert? */
-	/* This is used to hold the server certificate used */
-	struct cert_st /* CERT */ *cert;
-
-	/* the session_id_context is used to ensure sessions are only reused
-	 * in the appropriate context */
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
-	/* This can also be in the session once a session is established */
-	SSL_SESSION *session;
-
-	/* Default generate session ID callback. */
-	GEN_SESSION_CB generate_session_id;
-
-	/* Used in SSL2 and SSL3 */
-	int verify_mode;	/* 0 don't care about verify failure.
-				 * 1 fail if verify fails */
-	int verify_depth;
-	int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
-
-	void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
-
-	int error;		/* error bytes to be written */
-	int error_code;		/* actual code */
-
-#ifndef OPENSSL_NO_KRB5
-	KSSL_CTX *kssl_ctx;     /* Kerberos 5 context */
-#endif	/* OPENSSL_NO_KRB5 */
-
-	SSL_CTX *ctx;
-	/* set this flag to 1 and a sleep(1) is put into all SSL_read()
-	 * and SSL_write() calls, good for nbio debuging :-) */
-	int debug;	
-
-	/* extra application data */
-	long verify_result;
-	CRYPTO_EX_DATA ex_data;
-
-	/* for server side, keep the list of CA_dn we can use */
-	STACK_OF(X509_NAME) *client_CA;
-
-	int references;
-	unsigned long options; /* protocol behaviour */
-	unsigned long mode; /* API behaviour */
-	long max_cert_list;
-	int first_packet;
-	int client_version;	/* what was passed, used for
-				 * SSLv3/TLS rollback check */
-	};
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/ssl2.h>
-#include <openssl/ssl3.h>
-#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
-#include <openssl/ssl23.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-#define SSL_set_app_data(s,arg)		(SSL_set_ex_data(s,0,(char *)arg))
-#define SSL_get_app_data(s)		(SSL_get_ex_data(s,0))
-#define SSL_SESSION_set_app_data(s,a)	(SSL_SESSION_set_ex_data(s,0,(char *)a))
-#define SSL_SESSION_get_app_data(s)	(SSL_SESSION_get_ex_data(s,0))
-#define SSL_CTX_get_app_data(ctx)	(SSL_CTX_get_ex_data(ctx,0))
-#define SSL_CTX_set_app_data(ctx,arg)	(SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/* The following are the possible values for ssl->state are are
- * used to indicate where we are up to in the SSL connection establishment.
- * The macros that follow are about the only things you should need to use
- * and even then, only when using non-blocking IO.
- * It can also be useful to work out where you were when the connection
- * failed */
-
-#define SSL_ST_CONNECT			0x1000
-#define SSL_ST_ACCEPT			0x2000
-#define SSL_ST_MASK			0x0FFF
-#define SSL_ST_INIT			(SSL_ST_CONNECT|SSL_ST_ACCEPT)
-#define SSL_ST_BEFORE			0x4000
-#define SSL_ST_OK			0x03
-#define SSL_ST_RENEGOTIATE		(0x04|SSL_ST_INIT)
-
-#define SSL_CB_LOOP			0x01
-#define SSL_CB_EXIT			0x02
-#define SSL_CB_READ			0x04
-#define SSL_CB_WRITE			0x08
-#define SSL_CB_ALERT			0x4000 /* used in callback */
-#define SSL_CB_READ_ALERT		(SSL_CB_ALERT|SSL_CB_READ)
-#define SSL_CB_WRITE_ALERT		(SSL_CB_ALERT|SSL_CB_WRITE)
-#define SSL_CB_ACCEPT_LOOP		(SSL_ST_ACCEPT|SSL_CB_LOOP)
-#define SSL_CB_ACCEPT_EXIT		(SSL_ST_ACCEPT|SSL_CB_EXIT)
-#define SSL_CB_CONNECT_LOOP		(SSL_ST_CONNECT|SSL_CB_LOOP)
-#define SSL_CB_CONNECT_EXIT		(SSL_ST_CONNECT|SSL_CB_EXIT)
-#define SSL_CB_HANDSHAKE_START		0x10
-#define SSL_CB_HANDSHAKE_DONE		0x20
-
-/* Is the SSL_connection established? */
-#define SSL_get_state(a)		SSL_state(a)
-#define SSL_is_init_finished(a)		(SSL_state(a) == SSL_ST_OK)
-#define SSL_in_init(a)			(SSL_state(a)&SSL_ST_INIT)
-#define SSL_in_before(a)		(SSL_state(a)&SSL_ST_BEFORE)
-#define SSL_in_connect_init(a)		(SSL_state(a)&SSL_ST_CONNECT)
-#define SSL_in_accept_init(a)		(SSL_state(a)&SSL_ST_ACCEPT)
-
-/* The following 2 states are kept in ssl->rstate when reads fail,
- * you should not need these */
-#define SSL_ST_READ_HEADER			0xF0
-#define SSL_ST_READ_BODY			0xF1
-#define SSL_ST_READ_DONE			0xF2
-
-/* Obtain latest Finished message
- *   -- that we sent (SSL_get_finished)
- *   -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
-
-/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
- * are 'ored' with SSL_VERIFY_PEER if they are desired */
-#define SSL_VERIFY_NONE			0x00
-#define SSL_VERIFY_PEER			0x01
-#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT	0x02
-#define SSL_VERIFY_CLIENT_ONCE		0x04
-
-#define OpenSSL_add_ssl_algorithms()	SSL_library_init()
-#define SSLeay_add_ssl_algorithms()	SSL_library_init()
-
-/* this is for backward compatibility */
-#if 0 /* NEW_SSLEAY */
-#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
-#define SSL_set_pref_cipher(c,n)	SSL_set_cipher_list(c,n)
-#define SSL_add_session(a,b)            SSL_CTX_add_session((a),(b))
-#define SSL_remove_session(a,b)		SSL_CTX_remove_session((a),(b))
-#define SSL_flush_sessions(a,b)		SSL_CTX_flush_sessions((a),(b))
-#endif
-/* More backward compatibility */
-#define SSL_get_cipher(s) \
-		SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_cipher_bits(s,np) \
-		SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-#define SSL_get_cipher_version(s) \
-		SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-#define SSL_get_cipher_name(s) \
-		SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_time(a)		SSL_SESSION_get_time(a)
-#define SSL_set_time(a,b)	SSL_SESSION_set_time((a),(b))
-#define SSL_get_timeout(a)	SSL_SESSION_get_timeout(a)
-#define SSL_set_timeout(a,b)	SSL_SESSION_set_timeout((a),(b))
-
-#if 1 /*SSLEAY_MACROS*/
-#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
-	(char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
-	(bp),(unsigned char **)(s_id))
-#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
-	bp,(unsigned char *)s_id)
-#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define PEM_write_SSL_SESSION(fp,x) \
-	PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
-		PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_SSL_SESSION(bp,x) \
-	PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
-		PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#endif
-
-#define SSL_AD_REASON_OFFSET		1000
-/* These alert types are for SSLv3 and TLSv1 */
-#define SSL_AD_CLOSE_NOTIFY		SSL3_AD_CLOSE_NOTIFY
-#define SSL_AD_UNEXPECTED_MESSAGE	SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
-#define SSL_AD_BAD_RECORD_MAC		SSL3_AD_BAD_RECORD_MAC     /* fatal */
-#define SSL_AD_DECRYPTION_FAILED	TLS1_AD_DECRYPTION_FAILED
-#define SSL_AD_RECORD_OVERFLOW		TLS1_AD_RECORD_OVERFLOW
-#define SSL_AD_DECOMPRESSION_FAILURE	SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
-#define SSL_AD_HANDSHAKE_FAILURE	SSL3_AD_HANDSHAKE_FAILURE/* fatal */
-#define SSL_AD_NO_CERTIFICATE		SSL3_AD_NO_CERTIFICATE /* Not for TLS */
-#define SSL_AD_BAD_CERTIFICATE		SSL3_AD_BAD_CERTIFICATE
-#define SSL_AD_UNSUPPORTED_CERTIFICATE	SSL3_AD_UNSUPPORTED_CERTIFICATE
-#define SSL_AD_CERTIFICATE_REVOKED	SSL3_AD_CERTIFICATE_REVOKED
-#define SSL_AD_CERTIFICATE_EXPIRED	SSL3_AD_CERTIFICATE_EXPIRED
-#define SSL_AD_CERTIFICATE_UNKNOWN	SSL3_AD_CERTIFICATE_UNKNOWN
-#define SSL_AD_ILLEGAL_PARAMETER	SSL3_AD_ILLEGAL_PARAMETER   /* fatal */
-#define SSL_AD_UNKNOWN_CA		TLS1_AD_UNKNOWN_CA	/* fatal */
-#define SSL_AD_ACCESS_DENIED		TLS1_AD_ACCESS_DENIED	/* fatal */
-#define SSL_AD_DECODE_ERROR		TLS1_AD_DECODE_ERROR	/* fatal */
-#define SSL_AD_DECRYPT_ERROR		TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICTION	TLS1_AD_EXPORT_RESTRICTION/* fatal */
-#define SSL_AD_PROTOCOL_VERSION		TLS1_AD_PROTOCOL_VERSION /* fatal */
-#define SSL_AD_INSUFFICIENT_SECURITY	TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
-#define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */
-#define SSL_AD_USER_CANCELLED		TLS1_AD_USER_CANCELLED
-#define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION
-
-#define SSL_ERROR_NONE			0
-#define SSL_ERROR_SSL			1
-#define SSL_ERROR_WANT_READ		2
-#define SSL_ERROR_WANT_WRITE		3
-#define SSL_ERROR_WANT_X509_LOOKUP	4
-#define SSL_ERROR_SYSCALL		5 /* look at error stack/return value/errno */
-#define SSL_ERROR_ZERO_RETURN		6
-#define SSL_ERROR_WANT_CONNECT		7
-#define SSL_ERROR_WANT_ACCEPT		8
-
-#define SSL_CTRL_NEED_TMP_RSA			1
-#define SSL_CTRL_SET_TMP_RSA			2
-#define SSL_CTRL_SET_TMP_DH			3
-#define SSL_CTRL_SET_TMP_RSA_CB			4
-#define SSL_CTRL_SET_TMP_DH_CB			5
-
-#define SSL_CTRL_GET_SESSION_REUSED		6
-#define SSL_CTRL_GET_CLIENT_CERT_REQUEST	7
-#define SSL_CTRL_GET_NUM_RENEGOTIATIONS		8
-#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS	9
-#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS	10
-#define SSL_CTRL_GET_FLAGS			11
-#define SSL_CTRL_EXTRA_CHAIN_CERT		12
-
-#define SSL_CTRL_SET_MSG_CALLBACK               13
-#define SSL_CTRL_SET_MSG_CALLBACK_ARG           14
-
-/* Stats */
-#define SSL_CTRL_SESS_NUMBER			20
-#define SSL_CTRL_SESS_CONNECT			21
-#define SSL_CTRL_SESS_CONNECT_GOOD		22
-#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE	23
-#define SSL_CTRL_SESS_ACCEPT			24
-#define SSL_CTRL_SESS_ACCEPT_GOOD		25
-#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE	26
-#define SSL_CTRL_SESS_HIT			27
-#define SSL_CTRL_SESS_CB_HIT			28
-#define SSL_CTRL_SESS_MISSES			29
-#define SSL_CTRL_SESS_TIMEOUTS			30
-#define SSL_CTRL_SESS_CACHE_FULL		31
-#define SSL_CTRL_OPTIONS			32
-#define SSL_CTRL_MODE				33
-
-#define SSL_CTRL_GET_READ_AHEAD			40
-#define SSL_CTRL_SET_READ_AHEAD			41
-#define SSL_CTRL_SET_SESS_CACHE_SIZE		42
-#define SSL_CTRL_GET_SESS_CACHE_SIZE		43
-#define SSL_CTRL_SET_SESS_CACHE_MODE		44
-#define SSL_CTRL_GET_SESS_CACHE_MODE		45
-
-#define SSL_CTRL_GET_MAX_CERT_LIST		50
-#define SSL_CTRL_SET_MAX_CERT_LIST		51
-
-#define SSL_session_reused(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-#define SSL_num_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_clear_num_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_total_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-
-#define SSL_CTX_need_tmp_RSA(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_CTX_set_tmp_dh(ctx,dh) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-
-#define SSL_need_tmp_RSA(ssl) \
-	SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_set_tmp_rsa(ssl,rsa) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_set_tmp_dh(ssl,dh) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-
-#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-
-#ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_ssl(void);
-BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-int BIO_ssl_copy_session_id(BIO *to,BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-
-#endif
-
-int	SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
-void	SSL_CTX_free(SSL_CTX *);
-long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
-long SSL_CTX_get_timeout(SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
-int SSL_want(SSL *s);
-int	SSL_clear(SSL *s);
-
-void	SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
-
-SSL_CIPHER *SSL_get_current_cipher(SSL *s);
-int	SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
-char *	SSL_CIPHER_get_version(SSL_CIPHER *c);
-const char *	SSL_CIPHER_get_name(SSL_CIPHER *c);
-
-int	SSL_get_fd(SSL *s);
-int	SSL_get_rfd(SSL *s);
-int	SSL_get_wfd(SSL *s);
-const char  * SSL_get_cipher_list(SSL *s,int n);
-char *	SSL_get_shared_ciphers(SSL *s, char *buf, int len);
-int	SSL_get_read_ahead(SSL * s);
-int	SSL_pending(SSL *s);
-#ifndef OPENSSL_NO_SOCK
-int	SSL_set_fd(SSL *s, int fd);
-int	SSL_set_rfd(SSL *s, int fd);
-int	SSL_set_wfd(SSL *s, int fd);
-#endif
-#ifndef OPENSSL_NO_BIO
-void	SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
-BIO *	SSL_get_rbio(SSL *s);
-BIO *	SSL_get_wbio(SSL *s);
-#endif
-int	SSL_set_cipher_list(SSL *s, const char *str);
-void	SSL_set_read_ahead(SSL *s, int yes);
-int	SSL_get_verify_mode(SSL *s);
-int	SSL_get_verify_depth(SSL *s);
-int	(*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
-void	SSL_set_verify(SSL *s, int mode,
-		       int (*callback)(int ok,X509_STORE_CTX *ctx));
-void	SSL_set_verify_depth(SSL *s, int depth);
-#ifndef OPENSSL_NO_RSA
-int	SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-#endif
-int	SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int	SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-int	SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
-int	SSL_use_certificate(SSL *ssl, X509 *x);
-int	SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
-
-#ifndef OPENSSL_NO_STDIO
-int	SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-int	SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-int	SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-int	SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-int	SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-					    const char *file);
-#ifndef OPENSSL_SYS_VMS
-#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
-int	SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-					   const char *dir);
-#endif
-#endif
-
-#endif
-
-void	SSL_load_error_strings(void );
-const char *SSL_state_string(const SSL *s);
-const char *SSL_rstate_string(const SSL *s);
-const char *SSL_state_string_long(const SSL *s);
-const char *SSL_rstate_string_long(const SSL *s);
-long	SSL_SESSION_get_time(SSL_SESSION *s);
-long	SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long	SSL_SESSION_get_timeout(SSL_SESSION *s);
-long	SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void	SSL_copy_session_id(SSL *to,SSL *from);
-
-SSL_SESSION *SSL_SESSION_new(void);
-unsigned long SSL_SESSION_hash(SSL_SESSION *a);
-int	SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
-#ifndef OPENSSL_NO_FP_API
-int	SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
-#endif
-#ifndef OPENSSL_NO_BIO
-int	SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
-#endif
-void	SSL_SESSION_free(SSL_SESSION *ses);
-int	i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
-int	SSL_set_session(SSL *to, SSL_SESSION *session);
-int	SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int	SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
-int	SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-int	SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-int	SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-					unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
-
-#ifdef HEADER_X509_H
-X509 *	SSL_get_peer_certificate(SSL *s);
-#endif
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
-
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
-			int (*callback)(int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
-#ifndef OPENSSL_NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-#endif
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
-	unsigned char *d, long len);
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-int SSL_CTX_check_private_key(SSL_CTX *ctx);
-int SSL_check_private_key(SSL *ctx);
-
-int	SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
-				       unsigned int sid_ctx_len);
-
-SSL *	SSL_new(SSL_CTX *ctx);
-int	SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
-				   unsigned int sid_ctx_len);
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-int SSL_set_purpose(SSL *s, int purpose);
-int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-int SSL_set_trust(SSL *s, int trust);
-
-void	SSL_free(SSL *ssl);
-int 	SSL_accept(SSL *ssl);
-int 	SSL_connect(SSL *ssl);
-int 	SSL_read(SSL *ssl,void *buf,int num);
-int 	SSL_peek(SSL *ssl,void *buf,int num);
-int 	SSL_write(SSL *ssl,const void *buf,int num);
-long	SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
-long	SSL_callback_ctrl(SSL *, int, void (*)());
-long	SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg);
-long	SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
-
-int	SSL_get_error(SSL *s,int ret_code);
-const char *SSL_get_version(SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
-
-SSL_METHOD *SSLv2_method(void);		/* SSLv2 */
-SSL_METHOD *SSLv2_server_method(void);	/* SSLv2 */
-SSL_METHOD *SSLv2_client_method(void);	/* SSLv2 */
-
-SSL_METHOD *SSLv3_method(void);		/* SSLv3 */
-SSL_METHOD *SSLv3_server_method(void);	/* SSLv3 */
-SSL_METHOD *SSLv3_client_method(void);	/* SSLv3 */
-
-SSL_METHOD *SSLv23_method(void);	/* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_server_method(void);	/* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_client_method(void);	/* SSLv3 but can rollback to v2 */
-
-SSL_METHOD *TLSv1_method(void);		/* TLSv1.0 */
-SSL_METHOD *TLSv1_server_method(void);	/* TLSv1.0 */
-SSL_METHOD *TLSv1_client_method(void);	/* TLSv1.0 */
-
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
-
-int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-int SSL_renegotiate_pending(SSL *s);
-int SSL_shutdown(SSL *s);
-
-SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
-const char *SSL_alert_type_string_long(int value);
-const char *SSL_alert_type_string(int value);
-const char *SSL_alert_desc_string_long(int value);
-const char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
-int SSL_add_client_CA(SSL *ssl,X509 *x);
-int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-long SSL_get_default_timeout(SSL *s);
-
-int SSL_library_init(void );
-
-char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-SSL *SSL_dup(SSL *ssl);
-
-X509 *SSL_get_certificate(SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl,int mode);
-int SSL_get_quiet_shutdown(SSL *ssl);
-void SSL_set_shutdown(SSL *ssl,int mode);
-int SSL_get_shutdown(SSL *ssl);
-int SSL_version(SSL *ssl);
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-	const char *CApath);
-#define SSL_get0_session SSL_get_session /* just peek at pointer */
-SSL_SESSION *SSL_get_session(SSL *ssl);
-SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
-void SSL_set_info_callback(SSL *ssl,
-			   void (*cb)(const SSL *ssl,int type,int val));
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val);
-int SSL_state(SSL *ssl);
-
-void SSL_set_verify_result(SSL *ssl,long v);
-long SSL_get_verify_result(SSL *ssl);
-
-int SSL_set_ex_data(SSL *ssl,int idx,void *data);
-void *SSL_get_ex_data(SSL *ssl,int idx);
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
-void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
-int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
-void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void );
-
-#define SSL_CTX_sess_set_cache_size(ctx,t) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-#define SSL_CTX_sess_get_cache_size(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-#define SSL_CTX_set_session_cache_mode(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-#define SSL_CTX_get_session_cache_mode(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-#define SSL_CTX_get_read_ahead(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-#define SSL_CTX_set_read_ahead(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-#define SSL_CTX_get_max_cert_list(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-#define SSL_CTX_set_max_cert_list(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-#define SSL_get_max_cert_list(ssl) \
-	SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-#define SSL_set_max_cert_list(ssl,m) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-
-     /* NB: the keylength is only applicable when is_export is true */
-#ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
-				  RSA *(*cb)(SSL *ssl,int is_export,
-					     int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
-				  RSA *(*cb)(SSL *ssl,int is_export,
-					     int keylength));
-#endif
-#ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-				 DH *(*dh)(SSL *ssl,int is_export,
-					   int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
-				 DH *(*dh)(SSL *ssl,int is_export,
-					   int keylength));
-#endif
-
-#ifndef OPENSSL_NO_COMP
-int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
-#else
-int SSL_COMP_add_compression_method(int id,char *cm);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-#define SSL_F_CLIENT_CERTIFICATE			 100
-#define SSL_F_CLIENT_FINISHED				 238
-#define SSL_F_CLIENT_HELLO				 101
-#define SSL_F_CLIENT_MASTER_KEY				 102
-#define SSL_F_D2I_SSL_SESSION				 103
-#define SSL_F_DO_SSL3_WRITE				 104
-#define SSL_F_GET_CLIENT_FINISHED			 105
-#define SSL_F_GET_CLIENT_HELLO				 106
-#define SSL_F_GET_CLIENT_MASTER_KEY			 107
-#define SSL_F_GET_SERVER_FINISHED			 108
-#define SSL_F_GET_SERVER_HELLO				 109
-#define SSL_F_GET_SERVER_VERIFY				 110
-#define SSL_F_I2D_SSL_SESSION				 111
-#define SSL_F_READ_N					 112
-#define SSL_F_REQUEST_CERTIFICATE			 113
-#define SSL_F_SERVER_FINISH				 239
-#define SSL_F_SERVER_HELLO				 114
-#define SSL_F_SERVER_VERIFY				 240
-#define SSL_F_SSL23_ACCEPT				 115
-#define SSL_F_SSL23_CLIENT_HELLO			 116
-#define SSL_F_SSL23_CONNECT				 117
-#define SSL_F_SSL23_GET_CLIENT_HELLO			 118
-#define SSL_F_SSL23_GET_SERVER_HELLO			 119
-#define SSL_F_SSL23_PEEK				 237
-#define SSL_F_SSL23_READ				 120
-#define SSL_F_SSL23_WRITE				 121
-#define SSL_F_SSL2_ACCEPT				 122
-#define SSL_F_SSL2_CONNECT				 123
-#define SSL_F_SSL2_ENC_INIT				 124
-#define SSL_F_SSL2_GENERATE_KEY_MATERIAL		 241
-#define SSL_F_SSL2_PEEK					 234
-#define SSL_F_SSL2_READ					 125
-#define SSL_F_SSL2_READ_INTERNAL			 236
-#define SSL_F_SSL2_SET_CERTIFICATE			 126
-#define SSL_F_SSL2_WRITE				 127
-#define SSL_F_SSL3_ACCEPT				 128
-#define SSL_F_SSL3_CALLBACK_CTRL			 233
-#define SSL_F_SSL3_CHANGE_CIPHER_STATE			 129
-#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM		 130
-#define SSL_F_SSL3_CLIENT_HELLO				 131
-#define SSL_F_SSL3_CONNECT				 132
-#define SSL_F_SSL3_CTRL					 213
-#define SSL_F_SSL3_CTX_CTRL				 133
-#define SSL_F_SSL3_ENC					 134
-#define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
-#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135
-#define SSL_F_SSL3_GET_CERT_VERIFY			 136
-#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE		 137
-#define SSL_F_SSL3_GET_CLIENT_HELLO			 138
-#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE		 139
-#define SSL_F_SSL3_GET_FINISHED				 140
-#define SSL_F_SSL3_GET_KEY_EXCHANGE			 141
-#define SSL_F_SSL3_GET_MESSAGE				 142
-#define SSL_F_SSL3_GET_RECORD				 143
-#define SSL_F_SSL3_GET_SERVER_CERTIFICATE		 144
-#define SSL_F_SSL3_GET_SERVER_DONE			 145
-#define SSL_F_SSL3_GET_SERVER_HELLO			 146
-#define SSL_F_SSL3_OUTPUT_CERT_CHAIN			 147
-#define SSL_F_SSL3_PEEK					 235
-#define SSL_F_SSL3_READ_BYTES				 148
-#define SSL_F_SSL3_READ_N				 149
-#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST		 150
-#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE		 151
-#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE		 152
-#define SSL_F_SSL3_SEND_CLIENT_VERIFY			 153
-#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE		 154
-#define SSL_F_SSL3_SEND_SERVER_HELLO			 242
-#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE		 155
-#define SSL_F_SSL3_SETUP_BUFFERS			 156
-#define SSL_F_SSL3_SETUP_KEY_BLOCK			 157
-#define SSL_F_SSL3_WRITE_BYTES				 158
-#define SSL_F_SSL3_WRITE_PENDING			 159
-#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK	 215
-#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK	 216
-#define SSL_F_SSL_BAD_METHOD				 160
-#define SSL_F_SSL_BYTES_TO_CIPHER_LIST			 161
-#define SSL_F_SSL_CERT_DUP				 221
-#define SSL_F_SSL_CERT_INST				 222
-#define SSL_F_SSL_CERT_INSTANTIATE			 214
-#define SSL_F_SSL_CERT_NEW				 162
-#define SSL_F_SSL_CHECK_PRIVATE_KEY			 163
-#define SSL_F_SSL_CIPHER_PROCESS_RULESTR		 230
-#define SSL_F_SSL_CIPHER_STRENGTH_SORT			 231
-#define SSL_F_SSL_CLEAR					 164
-#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD		 165
-#define SSL_F_SSL_CREATE_CIPHER_LIST			 166
-#define SSL_F_SSL_CTRL					 232
-#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY			 168
-#define SSL_F_SSL_CTX_NEW				 169
-#define SSL_F_SSL_CTX_SET_PURPOSE			 226
-#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT		 219
-#define SSL_F_SSL_CTX_SET_SSL_VERSION			 170
-#define SSL_F_SSL_CTX_SET_TRUST				 229
-#define SSL_F_SSL_CTX_USE_CERTIFICATE			 171
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1		 172
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE	 220
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE		 173
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY			 174
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1		 175
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE		 176
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY			 177
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1		 178
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE		 179
-#define SSL_F_SSL_DO_HANDSHAKE				 180
-#define SSL_F_SSL_GET_NEW_SESSION			 181
-#define SSL_F_SSL_GET_PREV_SESSION			 217
-#define SSL_F_SSL_GET_SERVER_SEND_CERT			 182
-#define SSL_F_SSL_GET_SIGN_PKEY				 183
-#define SSL_F_SSL_INIT_WBIO_BUFFER			 184
-#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 185
-#define SSL_F_SSL_NEW					 186
-#define SSL_F_SSL_READ					 223
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 187
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 188
-#define SSL_F_SSL_SESSION_NEW				 189
-#define SSL_F_SSL_SESSION_PRINT_FP			 190
-#define SSL_F_SSL_SESS_CERT_NEW				 225
-#define SSL_F_SSL_SET_CERT				 191
-#define SSL_F_SSL_SET_FD				 192
-#define SSL_F_SSL_SET_PKEY				 193
-#define SSL_F_SSL_SET_PURPOSE				 227
-#define SSL_F_SSL_SET_RFD				 194
-#define SSL_F_SSL_SET_SESSION				 195
-#define SSL_F_SSL_SET_SESSION_ID_CONTEXT		 218
-#define SSL_F_SSL_SET_TRUST				 228
-#define SSL_F_SSL_SET_WFD				 196
-#define SSL_F_SSL_SHUTDOWN				 224
-#define SSL_F_SSL_UNDEFINED_FUNCTION			 197
-#define SSL_F_SSL_USE_CERTIFICATE			 198
-#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 199
-#define SSL_F_SSL_USE_CERTIFICATE_FILE			 200
-#define SSL_F_SSL_USE_PRIVATEKEY			 201
-#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 202
-#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 203
-#define SSL_F_SSL_USE_RSAPRIVATEKEY			 204
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 205
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 206
-#define SSL_F_SSL_VERIFY_CERT_CHAIN			 207
-#define SSL_F_SSL_WRITE					 208
-#define SSL_F_TLS1_CHANGE_CIPHER_STATE			 209
-#define SSL_F_TLS1_ENC					 210
-#define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
-#define SSL_F_WRITE_PENDING				 212
-
-/* Reason codes. */
-#define SSL_R_APP_DATA_IN_HANDSHAKE			 100
-#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-#define SSL_R_BAD_ALERT_RECORD				 101
-#define SSL_R_BAD_AUTHENTICATION_TYPE			 102
-#define SSL_R_BAD_CHANGE_CIPHER_SPEC			 103
-#define SSL_R_BAD_CHECKSUM				 104
-#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK		 106
-#define SSL_R_BAD_DECOMPRESSION				 107
-#define SSL_R_BAD_DH_G_LENGTH				 108
-#define SSL_R_BAD_DH_PUB_KEY_LENGTH			 109
-#define SSL_R_BAD_DH_P_LENGTH				 110
-#define SSL_R_BAD_DIGEST_LENGTH				 111
-#define SSL_R_BAD_DSA_SIGNATURE				 112
-#define SSL_R_BAD_HELLO_REQUEST				 105
-#define SSL_R_BAD_LENGTH				 271
-#define SSL_R_BAD_MAC_DECODE				 113
-#define SSL_R_BAD_MESSAGE_TYPE				 114
-#define SSL_R_BAD_PACKET_LENGTH				 115
-#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER		 116
-#define SSL_R_BAD_RESPONSE_ARGUMENT			 117
-#define SSL_R_BAD_RSA_DECRYPT				 118
-#define SSL_R_BAD_RSA_ENCRYPT				 119
-#define SSL_R_BAD_RSA_E_LENGTH				 120
-#define SSL_R_BAD_RSA_MODULUS_LENGTH			 121
-#define SSL_R_BAD_RSA_SIGNATURE				 122
-#define SSL_R_BAD_SIGNATURE				 123
-#define SSL_R_BAD_SSL_FILETYPE				 124
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 125
-#define SSL_R_BAD_STATE					 126
-#define SSL_R_BAD_WRITE_RETRY				 127
-#define SSL_R_BIO_NOT_SET				 128
-#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 129
-#define SSL_R_BN_LIB					 130
-#define SSL_R_CA_DN_LENGTH_MISMATCH			 131
-#define SSL_R_CA_DN_TOO_LONG				 132
-#define SSL_R_CCS_RECEIVED_EARLY			 133
-#define SSL_R_CERTIFICATE_VERIFY_FAILED			 134
-#define SSL_R_CERT_LENGTH_MISMATCH			 135
-#define SSL_R_CHALLENGE_IS_DIFFERENT			 136
-#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 137
-#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 138
-#define SSL_R_CIPHER_TABLE_SRC_ERROR			 139
-#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 140
-#define SSL_R_COMPRESSION_FAILURE			 141
-#define SSL_R_COMPRESSION_LIBRARY_ERROR			 142
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 143
-#define SSL_R_CONNECTION_TYPE_NOT_SET			 144
-#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 145
-#define SSL_R_DATA_LENGTH_TOO_LONG			 146
-#define SSL_R_DECRYPTION_FAILED				 147
-#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC	 1109
-#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 148
-#define SSL_R_DIGEST_CHECK_FAILED			 149
-#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 150
-#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY		 1092
-#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 151
-#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 152
-#define SSL_R_EXTRA_DATA_IN_MESSAGE			 153
-#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 154
-#define SSL_R_HTTPS_PROXY_REQUEST			 155
-#define SSL_R_HTTP_REQUEST				 156
-#define SSL_R_ILLEGAL_PADDING				 1110
-#define SSL_R_INVALID_CHALLENGE_LENGTH			 158
-#define SSL_R_INVALID_COMMAND				 280
-#define SSL_R_INVALID_PURPOSE				 278
-#define SSL_R_INVALID_TRUST				 279
-#define SSL_R_KEY_ARG_TOO_LONG				 1112
-#define SSL_R_KRB5					 1104
-#define SSL_R_KRB5_C_CC_PRINC				 1094
-#define SSL_R_KRB5_C_GET_CRED				 1095
-#define SSL_R_KRB5_C_INIT				 1096
-#define SSL_R_KRB5_C_MK_REQ				 1097
-#define SSL_R_KRB5_S_BAD_TICKET				 1098
-#define SSL_R_KRB5_S_INIT				 1099
-#define SSL_R_KRB5_S_RD_REQ				 1108
-#define SSL_R_KRB5_S_TKT_EXPIRED			 1105
-#define SSL_R_KRB5_S_TKT_NYV				 1106
-#define SSL_R_KRB5_S_TKT_SKEW				 1107
-#define SSL_R_LENGTH_MISMATCH				 159
-#define SSL_R_LENGTH_TOO_SHORT				 160
-#define SSL_R_LIBRARY_BUG				 274
-#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 161
-#define SSL_R_MASTER_KEY_TOO_LONG			 1112
-#define SSL_R_MESSAGE_TOO_LONG				 1111
-#define SSL_R_MISSING_DH_DSA_CERT			 162
-#define SSL_R_MISSING_DH_KEY				 163
-#define SSL_R_MISSING_DH_RSA_CERT			 164
-#define SSL_R_MISSING_DSA_SIGNING_CERT			 165
-#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 166
-#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 167
-#define SSL_R_MISSING_RSA_CERTIFICATE			 168
-#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 169
-#define SSL_R_MISSING_RSA_SIGNING_CERT			 170
-#define SSL_R_MISSING_TMP_DH_KEY			 171
-#define SSL_R_MISSING_TMP_RSA_KEY			 172
-#define SSL_R_MISSING_TMP_RSA_PKEY			 173
-#define SSL_R_MISSING_VERIFY_MESSAGE			 174
-#define SSL_R_NON_SSLV2_INITIAL_PACKET			 175
-#define SSL_R_NO_CERTIFICATES_RETURNED			 176
-#define SSL_R_NO_CERTIFICATE_ASSIGNED			 177
-#define SSL_R_NO_CERTIFICATE_RETURNED			 178
-#define SSL_R_NO_CERTIFICATE_SET			 179
-#define SSL_R_NO_CERTIFICATE_SPECIFIED			 180
-#define SSL_R_NO_CIPHERS_AVAILABLE			 181
-#define SSL_R_NO_CIPHERS_PASSED				 182
-#define SSL_R_NO_CIPHERS_SPECIFIED			 183
-#define SSL_R_NO_CIPHER_LIST				 184
-#define SSL_R_NO_CIPHER_MATCH				 185
-#define SSL_R_NO_CLIENT_CERT_RECEIVED			 186
-#define SSL_R_NO_COMPRESSION_SPECIFIED			 187
-#define SSL_R_NO_METHOD_SPECIFIED			 188
-#define SSL_R_NO_PRIVATEKEY				 189
-#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 190
-#define SSL_R_NO_PROTOCOLS_AVAILABLE			 191
-#define SSL_R_NO_PUBLICKEY				 192
-#define SSL_R_NO_SHARED_CIPHER				 193
-#define SSL_R_NO_VERIFY_CALLBACK			 194
-#define SSL_R_NULL_SSL_CTX				 195
-#define SSL_R_NULL_SSL_METHOD_PASSED			 196
-#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 197
-#define SSL_R_PACKET_LENGTH_TOO_LONG			 198
-#define SSL_R_PATH_TOO_LONG				 270
-#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 199
-#define SSL_R_PEER_ERROR				 200
-#define SSL_R_PEER_ERROR_CERTIFICATE			 201
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 202
-#define SSL_R_PEER_ERROR_NO_CIPHER			 203
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 204
-#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 205
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 206
-#define SSL_R_PROTOCOL_IS_SHUTDOWN			 207
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 208
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 209
-#define SSL_R_PUBLIC_KEY_NOT_RSA			 210
-#define SSL_R_READ_BIO_NOT_SET				 211
-#define SSL_R_READ_WRONG_PACKET_TYPE			 212
-#define SSL_R_RECORD_LENGTH_MISMATCH			 213
-#define SSL_R_RECORD_TOO_LARGE				 214
-#define SSL_R_RECORD_TOO_SMALL				 1093
-#define SSL_R_REQUIRED_CIPHER_MISSING			 215
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 216
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 217
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 218
-#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED		 277
-#define SSL_R_SHORT_READ				 219
-#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 220
-#define SSL_R_SSL23_DOING_SESSION_ID_REUSE		 221
-#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG		 1114
-#define SSL_R_SSL3_SESSION_ID_TOO_LONG			 1113
-#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 222
-#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		 1042
-#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		 1020
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		 1045
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		 1044
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		 1046
-#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE		 1030
-#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		 1040
-#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		 1047
-#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE		 1041
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 223
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 224
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 225
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
-#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		 1010
-#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 227
-#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	 1043
-#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 228
-#define SSL_R_SSL_HANDSHAKE_FAILURE			 229
-#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 230
-#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED		 1102
-#define SSL_R_SSL_SESSION_ID_CONFLICT			 1103
-#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG		 273
-#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH		 1101
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 231
-#define SSL_R_TLSV1_ALERT_ACCESS_DENIED			 1049
-#define SSL_R_TLSV1_ALERT_DECODE_ERROR			 1050
-#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED		 1021
-#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR			 1051
-#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		 1060
-#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY		 1071
-#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR		 1080
-#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		 1100
-#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		 1070
-#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		 1022
-#define SSL_R_TLSV1_ALERT_UNKNOWN_CA			 1048
-#define SSL_R_TLSV1_ALERT_USER_CANCELLED		 1090
-#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER	 232
-#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG	 234
-#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 235
-#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 236
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 237
-#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 238
-#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 239
-#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 240
-#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES		 241
-#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES		 242
-#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES		 243
-#define SSL_R_UNEXPECTED_MESSAGE			 244
-#define SSL_R_UNEXPECTED_RECORD				 245
-#define SSL_R_UNINITIALIZED				 276
-#define SSL_R_UNKNOWN_ALERT_TYPE			 246
-#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 247
-#define SSL_R_UNKNOWN_CIPHER_RETURNED			 248
-#define SSL_R_UNKNOWN_CIPHER_TYPE			 249
-#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 250
-#define SSL_R_UNKNOWN_PKEY_TYPE				 251
-#define SSL_R_UNKNOWN_PROTOCOL				 252
-#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 253
-#define SSL_R_UNKNOWN_SSL_VERSION			 254
-#define SSL_R_UNKNOWN_STATE				 255
-#define SSL_R_UNSUPPORTED_CIPHER			 256
-#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 257
-#define SSL_R_UNSUPPORTED_OPTION			 1091
-#define SSL_R_UNSUPPORTED_PROTOCOL			 258
-#define SSL_R_UNSUPPORTED_SSL_VERSION			 259
-#define SSL_R_WRITE_BIO_NOT_SET				 260
-#define SSL_R_WRONG_CIPHER_RETURNED			 261
-#define SSL_R_WRONG_MESSAGE_TYPE			 262
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 263
-#define SSL_R_WRONG_SIGNATURE_LENGTH			 264
-#define SSL_R_WRONG_SIGNATURE_SIZE			 265
-#define SSL_R_WRONG_SSL_VERSION				 266
-#define SSL_R_WRONG_VERSION_NUMBER			 267
-#define SSL_R_X509_LIB					 268
-#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS		 269
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/crypto/openssl/ssl/ssl2.h b/crypto/openssl/ssl/ssl2.h
deleted file mode 100644
index 99a52ea0dd99..000000000000
--- a/crypto/openssl/ssl/ssl2.h
+++ /dev/null
@@ -1,268 +0,0 @@
-/* ssl/ssl2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H 
-#define HEADER_SSL2_H 
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Protocol Version Codes */
-#define SSL2_VERSION		0x0002
-#define SSL2_VERSION_MAJOR	0x00
-#define SSL2_VERSION_MINOR	0x02
-/* #define SSL2_CLIENT_VERSION	0x0002 */
-/* #define SSL2_SERVER_VERSION	0x0002 */
-
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR			0
-#define SSL2_MT_CLIENT_HELLO		1
-#define SSL2_MT_CLIENT_MASTER_KEY	2
-#define SSL2_MT_CLIENT_FINISHED		3
-#define SSL2_MT_SERVER_HELLO		4
-#define SSL2_MT_SERVER_VERIFY		5
-#define SSL2_MT_SERVER_FINISHED		6
-#define SSL2_MT_REQUEST_CERTIFICATE	7
-#define SSL2_MT_CLIENT_CERTIFICATE	8
-
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR		0x0000
-#define SSL2_PE_NO_CIPHER		0x0001
-#define SSL2_PE_NO_CERTIFICATE		0x0002
-#define SSL2_PE_BAD_CERTIFICATE		0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5			0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5		0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5	0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5		0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5	0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5		0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5		0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA		0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5	0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA	0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5			0x02080080 /* MS hack */
- 
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1		0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL				0x02ff0810 /* SSLeay */
-
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1	"DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5			"NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5		"RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5	"EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5		"RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5	"EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5		"IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5		"DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA		"DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5	"DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA	"DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5		"RC4-64-MD5"
-
-#define SSL2_TXT_NULL				"NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC			0x01
-#define SSL2_CF_8_BYTE_ENC			0x02
-
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE		0x01
-
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION		0x01
-
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH		32
-
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS	256
-#ifdef OPENSSL_SYS_MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER	29998u
-#else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER	32767u  /* 2^15-1 */
-#endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER	16383 /* 2^14-1 */
-
-#define SSL2_CHALLENGE_LENGTH	16
-/*#define SSL2_CHALLENGE_LENGTH	32 */
-#define SSL2_MIN_CHALLENGE_LENGTH	16
-#define SSL2_MAX_CHALLENGE_LENGTH	32
-#define SSL2_CONNECTION_ID_LENGTH	16
-#define SSL2_MAX_CONNECTION_ID_LENGTH	16
-#define SSL2_SSL_SESSION_ID_LENGTH	16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH	32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH	16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH	24
-
-#ifndef HEADER_SSL_LOCL_H
-#define  CERT		char
-#endif
-
-typedef struct ssl2_state_st
-	{
-	int three_byte_header;
-	int clear_text;		/* clear text */
-	int escape;		/* not used in SSLv2 */
-	int ssl2_rollback;	/* used if SSLv23 rolled back to SSLv2 */
-
-	/* non-blocking io info, used to make sure the same
-	 * args were passwd */
-	unsigned int wnum;	/* number of bytes sent so far */
-	int wpend_tot;
-	const unsigned char *wpend_buf;
-
-	int wpend_off;	/* offset to data to write */
-	int wpend_len; 	/* number of bytes passwd to write */
-	int wpend_ret; 	/* number of bytes to return to caller */
-
-	/* buffer raw data */
-	int rbuf_left;
-	int rbuf_offs;
-	unsigned char *rbuf;
-	unsigned char *wbuf;
-
-	unsigned char *write_ptr;/* used to point to the start due to
-				  * 2/3 byte header. */
-
-	unsigned int padding;
-	unsigned int rlength; /* passed to ssl2_enc */
-	int ract_data_length; /* Set when things are encrypted. */
-	unsigned int wlength; /* passed to ssl2_enc */
-	int wact_data_length; /* Set when things are decrypted. */
-	unsigned char *ract_data;
-	unsigned char *wact_data;
-	unsigned char *mac_data;
-
-	unsigned char *read_key;
-	unsigned char *write_key;
-
-		/* Stuff specifically to do with this SSL session */
-	unsigned int challenge_length;
-	unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
-	unsigned int conn_id_length;
-	unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
-	unsigned int key_material_length;
-	unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
-
-	unsigned long read_sequence;
-	unsigned long write_sequence;
-
-	struct	{
-		unsigned int conn_id_length;
-		unsigned int cert_type;	
-		unsigned int cert_length;
-		unsigned int csl; 
-		unsigned int clear;
-		unsigned int enc; 
-		unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
-		unsigned int cipher_spec_length;
-		unsigned int session_id_length;
-		unsigned int clen;
-		unsigned int rlen;
-		} tmp;
-	} SSL2_STATE;
-
-/* SSLv2 */
-/* client */
-#define SSL2_ST_SEND_CLIENT_HELLO_A		(0x10|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_HELLO_B		(0x11|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_A		(0x20|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_B		(0x21|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A	(0x30|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B	(0x31|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_A		(0x40|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_B		(0x41|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A	(0x50|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B	(0x51|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C	(0x52|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D	(0x53|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_A		(0x60|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_B		(0x61|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_A		(0x70|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_B		(0x71|SSL_ST_CONNECT)
-#define SSL2_ST_CLIENT_START_ENCRYPTION		(0x80|SSL_ST_CONNECT)
-#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE	(0x90|SSL_ST_CONNECT)
-/* server */
-#define SSL2_ST_GET_CLIENT_HELLO_A		(0x10|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_B		(0x11|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_C		(0x12|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_A		(0x20|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_B		(0x21|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_A		(0x30|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_B		(0x31|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_A		(0x40|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_B		(0x41|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_C		(0x42|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_A		(0x50|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_B		(0x51|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_A		(0x60|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_B		(0x61|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A	(0x70|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B	(0x71|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C	(0x72|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D	(0x73|SSL_ST_ACCEPT)
-#define SSL2_ST_SERVER_START_ENCRYPTION		(0x80|SSL_ST_ACCEPT)
-#define SSL2_ST_X509_GET_SERVER_CERTIFICATE	(0x90|SSL_ST_ACCEPT)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/ssl/ssl23.h b/crypto/openssl/ssl/ssl23.h
deleted file mode 100644
index d3228983c759..000000000000
--- a/crypto/openssl/ssl/ssl23.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/* ssl/ssl23.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H 
-#define HEADER_SSL23_H 
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*client */
-/* write to server */
-#define SSL23_ST_CW_CLNT_HELLO_A	(0x210|SSL_ST_CONNECT)
-#define SSL23_ST_CW_CLNT_HELLO_B	(0x211|SSL_ST_CONNECT)
-/* read from server */
-#define SSL23_ST_CR_SRVR_HELLO_A	(0x220|SSL_ST_CONNECT)
-#define SSL23_ST_CR_SRVR_HELLO_B	(0x221|SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-#define SSL23_ST_SR_CLNT_HELLO_A	(0x210|SSL_ST_ACCEPT)
-#define SSL23_ST_SR_CLNT_HELLO_B	(0x211|SSL_ST_ACCEPT)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/ssl/ssl3.h b/crypto/openssl/ssl/ssl3.h
deleted file mode 100644
index 1153aeda7481..000000000000
--- a/crypto/openssl/ssl/ssl3.h
+++ /dev/null
@@ -1,526 +0,0 @@
-/* ssl/ssl3.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SSL3_H 
-#define HEADER_SSL3_H 
-
-#ifndef OPENSSL_NO_COMP
-#include <openssl/comp.h>
-#endif
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define SSL3_CK_RSA_NULL_MD5			0x03000001
-#define SSL3_CK_RSA_NULL_SHA			0x03000002
-#define SSL3_CK_RSA_RC4_40_MD5 			0x03000003
-#define SSL3_CK_RSA_RC4_128_MD5			0x03000004
-#define SSL3_CK_RSA_RC4_128_SHA			0x03000005
-#define SSL3_CK_RSA_RC2_40_MD5			0x03000006
-#define SSL3_CK_RSA_IDEA_128_SHA		0x03000007
-#define SSL3_CK_RSA_DES_40_CBC_SHA		0x03000008
-#define SSL3_CK_RSA_DES_64_CBC_SHA		0x03000009
-#define SSL3_CK_RSA_DES_192_CBC3_SHA		0x0300000A
-
-#define SSL3_CK_DH_DSS_DES_40_CBC_SHA		0x0300000B
-#define SSL3_CK_DH_DSS_DES_64_CBC_SHA		0x0300000C
-#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 	0x0300000D
-#define SSL3_CK_DH_RSA_DES_40_CBC_SHA		0x0300000E
-#define SSL3_CK_DH_RSA_DES_64_CBC_SHA		0x0300000F
-#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 	0x03000010
-
-#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA		0x03000011
-#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		0x03000012
-#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	0x03000013
-#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		0x03000014
-#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		0x03000015
-#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	0x03000016
-
-#define SSL3_CK_ADH_RC4_40_MD5			0x03000017
-#define SSL3_CK_ADH_RC4_128_MD5			0x03000018
-#define SSL3_CK_ADH_DES_40_CBC_SHA		0x03000019
-#define SSL3_CK_ADH_DES_64_CBC_SHA		0x0300001A
-#define SSL3_CK_ADH_DES_192_CBC_SHA		0x0300001B
-
-#define SSL3_CK_FZA_DMS_NULL_SHA		0x0300001C
-#define SSL3_CK_FZA_DMS_FZA_SHA			0x0300001D
-#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
-	 to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
-	 of the ietf-tls list */
-#define SSL3_CK_FZA_DMS_RC4_SHA			0x0300001E
-#endif
-
-/*    VRS Additional Kerberos5 entries
- */
-#define SSL3_CK_KRB5_DES_64_CBC_SHA		0x0300001E
-#define SSL3_CK_KRB5_DES_192_CBC3_SHA		0x0300001F
-#define SSL3_CK_KRB5_RC4_128_SHA		0x03000020
-#define SSL3_CK_KRB5_IDEA_128_CBC_SHA	       	0x03000021
-#define SSL3_CK_KRB5_DES_64_CBC_MD5       	0x03000022
-#define SSL3_CK_KRB5_DES_192_CBC3_MD5       	0x03000023
-#define SSL3_CK_KRB5_RC4_128_MD5	       	0x03000024
-#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 		0x03000025
-
-#define SSL3_CK_KRB5_DES_40_CBC_SHA 		0x03000026
-#define SSL3_CK_KRB5_RC2_40_CBC_SHA 		0x03000027
-#define SSL3_CK_KRB5_RC4_40_SHA	 		0x03000028
-#define SSL3_CK_KRB5_DES_40_CBC_MD5 		0x03000029
-#define SSL3_CK_KRB5_RC2_40_CBC_MD5 		0x0300002A
-#define SSL3_CK_KRB5_RC4_40_MD5	 		0x0300002B
-
-#define SSL3_TXT_RSA_NULL_MD5			"NULL-MD5"
-#define SSL3_TXT_RSA_NULL_SHA			"NULL-SHA"
-#define SSL3_TXT_RSA_RC4_40_MD5 		"EXP-RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_MD5		"RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_SHA		"RC4-SHA"
-#define SSL3_TXT_RSA_RC2_40_MD5			"EXP-RC2-CBC-MD5"
-#define SSL3_TXT_RSA_IDEA_128_SHA		"IDEA-CBC-SHA"
-#define SSL3_TXT_RSA_DES_40_CBC_SHA		"EXP-DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_64_CBC_SHA		"DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_192_CBC3_SHA		"DES-CBC3-SHA"
-
-#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA		"EXP-DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA		"DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA 	"DH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA		"EXP-DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA		"DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA 	"DH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA		"EXP-EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA		"EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA	"EDH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA		"EXP-EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA		"EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA	"EDH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_ADH_RC4_40_MD5			"EXP-ADH-RC4-MD5"
-#define SSL3_TXT_ADH_RC4_128_MD5		"ADH-RC4-MD5"
-#define SSL3_TXT_ADH_DES_40_CBC_SHA		"EXP-ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_64_CBC_SHA		"ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_192_CBC_SHA		"ADH-DES-CBC3-SHA"
-
-#define SSL3_TXT_FZA_DMS_NULL_SHA		"FZA-NULL-SHA"
-#define SSL3_TXT_FZA_DMS_FZA_SHA		"FZA-FZA-CBC-SHA"
-#define SSL3_TXT_FZA_DMS_RC4_SHA		"FZA-RC4-SHA"
-
-#define SSL3_TXT_KRB5_DES_64_CBC_SHA		"KRB5-DES-CBC-SHA"
-#define SSL3_TXT_KRB5_DES_192_CBC3_SHA		"KRB5-DES-CBC3-SHA"
-#define SSL3_TXT_KRB5_RC4_128_SHA		"KRB5-RC4-SHA"
-#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA	       	"KRB5-IDEA-CBC-SHA"
-#define SSL3_TXT_KRB5_DES_64_CBC_MD5       	"KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_DES_192_CBC3_MD5       	"KRB5-DES-CBC3-MD5"
-#define SSL3_TXT_KRB5_RC4_128_MD5		"KRB5-RC4-MD5"
-#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 		"KRB5-IDEA-CBC-MD5"
-
-#define SSL3_TXT_KRB5_DES_40_CBC_SHA 		"EXP-KRB5-DES-CBC-SHA"
-#define SSL3_TXT_KRB5_RC2_40_CBC_SHA 		"EXP-KRB5-RC2-CBC-SHA"
-#define SSL3_TXT_KRB5_RC4_40_SHA	 	"EXP-KRB5-RC4-SHA"
-#define SSL3_TXT_KRB5_DES_40_CBC_MD5 		"EXP-KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 		"EXP-KRB5-RC2-CBC-MD5"
-#define SSL3_TXT_KRB5_RC4_40_MD5	 	"EXP-KRB5-RC4-MD5"
-
-#define SSL3_SSL_SESSION_ID_LENGTH		32
-#define SSL3_MAX_SSL_SESSION_ID_LENGTH		32
-
-#define SSL3_MASTER_SECRET_SIZE			48
-#define SSL3_RANDOM_SIZE			32
-#define SSL3_SESSION_ID_SIZE			32
-#define SSL3_RT_HEADER_LENGTH			5
-
-/* Due to MS stuffing up, this can change.... */
-#if defined(OPENSSL_SYS_WIN16) || \
-	(defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
-#define SSL3_RT_MAX_EXTRA			(14000)
-#else
-#define SSL3_RT_MAX_EXTRA			(16384)
-#endif
-
-#define SSL3_RT_MAX_PLAIN_LENGTH		16384
-#define SSL3_RT_MAX_COMPRESSED_LENGTH	(1024+SSL3_RT_MAX_PLAIN_LENGTH)
-#define SSL3_RT_MAX_ENCRYPTED_LENGTH	(1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
-#define SSL3_RT_MAX_PACKET_SIZE		(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-#define SSL3_RT_MAX_DATA_SIZE			(1024*1024)
-
-#define SSL3_MD_CLIENT_FINISHED_CONST	"\x43\x4C\x4E\x54"
-#define SSL3_MD_SERVER_FINISHED_CONST	"\x53\x52\x56\x52"
-
-#define SSL3_VERSION			0x0300
-#define SSL3_VERSION_MAJOR		0x03
-#define SSL3_VERSION_MINOR		0x00
-
-#define SSL3_RT_CHANGE_CIPHER_SPEC	20
-#define SSL3_RT_ALERT			21
-#define SSL3_RT_HANDSHAKE		22
-#define SSL3_RT_APPLICATION_DATA	23
-
-#define SSL3_AL_WARNING			1
-#define SSL3_AL_FATAL			2
-
-#define SSL3_AD_CLOSE_NOTIFY		 0
-#define SSL3_AD_UNEXPECTED_MESSAGE	10	/* fatal */
-#define SSL3_AD_BAD_RECORD_MAC		20	/* fatal */
-#define SSL3_AD_DECOMPRESSION_FAILURE	30	/* fatal */
-#define SSL3_AD_HANDSHAKE_FAILURE	40	/* fatal */
-#define SSL3_AD_NO_CERTIFICATE		41
-#define SSL3_AD_BAD_CERTIFICATE		42
-#define SSL3_AD_UNSUPPORTED_CERTIFICATE	43
-#define SSL3_AD_CERTIFICATE_REVOKED	44
-#define SSL3_AD_CERTIFICATE_EXPIRED	45
-#define SSL3_AD_CERTIFICATE_UNKNOWN	46
-#define SSL3_AD_ILLEGAL_PARAMETER	47	/* fatal */
-
-typedef struct ssl3_record_st
-	{
-/*r */	int type;               /* type of record */
-/*rw*/	unsigned int length;    /* How many bytes available */
-/*r */	unsigned int off;       /* read/write offset into 'buf' */
-/*rw*/	unsigned char *data;    /* pointer to the record data */
-/*rw*/	unsigned char *input;   /* where the decode bytes are */
-/*r */	unsigned char *comp;    /* only used with decompression - malloc()ed */
-	} SSL3_RECORD;
-
-typedef struct ssl3_buffer_st
-	{
-	unsigned char *buf;     /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
-	                         * see ssl3_setup_buffers() */
-	size_t len;             /* buffer size */
-	int offset;             /* where to 'copy from' */
-	int left;               /* how many bytes left */
-	} SSL3_BUFFER;
-
-#define SSL3_CT_RSA_SIGN			1
-#define SSL3_CT_DSS_SIGN			2
-#define SSL3_CT_RSA_FIXED_DH			3
-#define SSL3_CT_DSS_FIXED_DH			4
-#define SSL3_CT_RSA_EPHEMERAL_DH		5
-#define SSL3_CT_DSS_EPHEMERAL_DH		6
-#define SSL3_CT_FORTEZZA_DMS			20
-#define SSL3_CT_NUMBER				7
-
-#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS	0x0001
-#define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
-#define SSL3_FLAGS_POP_BUFFER			0x0004
-#define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
-
-typedef struct ssl3_state_st
-	{
-	long flags;
-	int delay_buf_pop_ret;
-
-	unsigned char read_sequence[8];
-	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
-	unsigned char write_sequence[8];
-	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
-
-	unsigned char server_random[SSL3_RANDOM_SIZE];
-	unsigned char client_random[SSL3_RANDOM_SIZE];
-
-	/* flags for countermeasure against known-IV weakness */
-	int need_empty_fragments;
-	int empty_fragment_done;
-
-	SSL3_BUFFER rbuf;	/* read IO goes into here */
-	SSL3_BUFFER wbuf;	/* write IO goes into here */
-
-	SSL3_RECORD rrec;	/* each decoded record goes in here */
-	SSL3_RECORD wrec;	/* goes out from here */
-
-	/* storage for Alert/Handshake protocol data received but not
-	 * yet processed by ssl3_read_bytes: */
-	unsigned char alert_fragment[2];
-	unsigned int alert_fragment_len;
-	unsigned char handshake_fragment[4];
-	unsigned int handshake_fragment_len;
-
-	/* partial write - check the numbers match */
-	unsigned int wnum;	/* number of bytes sent so far */
-	int wpend_tot;		/* number bytes written */
-	int wpend_type;
-	int wpend_ret;		/* number of bytes submitted */
-	const unsigned char *wpend_buf;
-
-	/* used during startup, digest all incoming/outgoing packets */
-	EVP_MD_CTX finish_dgst1;
-	EVP_MD_CTX finish_dgst2;
-
-	/* this is set whenerver we see a change_cipher_spec message
-	 * come in when we are not looking for one */
-	int change_cipher_spec;
-
-	int warn_alert;
-	int fatal_alert;
-	/* we allow one fatal and one warning alert to be outstanding,
-	 * send close alert via the warning alert */
-	int alert_dispatch;
-	unsigned char send_alert[2];
-
-	/* This flag is set when we should renegotiate ASAP, basically when
-	 * there is no more data in the read or write buffers */
-	int renegotiate;
-	int total_renegotiations;
-	int num_renegotiations;
-
-	int in_read_app_data;
-
-	struct	{
-		/* actually only needs to be 16+20 */
-		unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-
-		/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
-		unsigned char finish_md[EVP_MAX_MD_SIZE*2];
-		int finish_md_len;
-		unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
-		int peer_finish_md_len;
-		
-		unsigned long message_size;
-		int message_type;
-
-		/* used to hold the new cipher we are going to use */
-		SSL_CIPHER *new_cipher;
-#ifndef OPENSSL_NO_DH
-		DH *dh;
-#endif
-		/* used when SSL_ST_FLUSH_DATA is entered */
-		int next_state;			
-
-		int reuse_message;
-
-		/* used for certificate requests */
-		int cert_req;
-		int ctype_num;
-		char ctype[SSL3_CT_NUMBER];
-		STACK_OF(X509_NAME) *ca_names;
-
-		int use_rsa_tmp;
-
-		int key_block_length;
-		unsigned char *key_block;
-
-		const EVP_CIPHER *new_sym_enc;
-		const EVP_MD *new_hash;
-#ifndef OPENSSL_NO_COMP
-		const SSL_COMP *new_compression;
-#else
-		char *new_compression;
-#endif
-		int cert_request;
-		} tmp;
-
-	} SSL3_STATE;
-
-/* SSLv3 */
-/*client */
-/* extra state */
-#define SSL3_ST_CW_FLUSH		(0x100|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CLNT_HELLO_A		(0x110|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CLNT_HELLO_B		(0x111|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_SRVR_HELLO_A		(0x120|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_HELLO_B		(0x121|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_A		(0x130|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_B		(0x131|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_A		(0x140|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_B		(0x141|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_A		(0x150|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_B		(0x151|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_A		(0x160|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_B		(0x161|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CERT_A		(0x170|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_B		(0x171|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_C		(0x172|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_D		(0x173|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_A		(0x180|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_B		(0x181|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_A		(0x190|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_B		(0x191|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_A		(0x1A0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_B		(0x1A1|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_A		(0x1B0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_B		(0x1B1|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_CHANGE_A		(0x1C0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CHANGE_B		(0x1C1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_A		(0x1D0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_B		(0x1D1|SSL_ST_CONNECT)
-
-/* server */
-/* extra state */
-#define SSL3_ST_SW_FLUSH		(0x100|SSL_ST_ACCEPT)
-/* read from client */
-/* Do not change the number values, they do matter */
-#define SSL3_ST_SR_CLNT_HELLO_A		(0x110|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_B		(0x111|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_C		(0x112|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_HELLO_REQ_A		(0x120|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_B		(0x121|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_C		(0x122|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_A		(0x130|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_B		(0x131|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_A		(0x140|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_B		(0x141|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_A		(0x150|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_B		(0x151|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_A		(0x160|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_B		(0x161|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_A		(0x170|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_B		(0x171|SSL_ST_ACCEPT)
-/* read from client */
-#define SSL3_ST_SR_CERT_A		(0x180|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_B		(0x181|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_A		(0x190|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_B		(0x191|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_A		(0x1A0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_B		(0x1A1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_A		(0x1B0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_B		(0x1B1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_A		(0x1C0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_B		(0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_CHANGE_A		(0x1D0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CHANGE_B		(0x1D1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_A		(0x1E0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_B		(0x1E1|SSL_ST_ACCEPT)
-
-#define SSL3_MT_HELLO_REQUEST			0
-#define SSL3_MT_CLIENT_HELLO			1
-#define SSL3_MT_SERVER_HELLO			2
-#define SSL3_MT_CERTIFICATE			11
-#define SSL3_MT_SERVER_KEY_EXCHANGE		12
-#define SSL3_MT_CERTIFICATE_REQUEST		13
-#define SSL3_MT_SERVER_DONE			14
-#define SSL3_MT_CERTIFICATE_VERIFY		15
-#define SSL3_MT_CLIENT_KEY_EXCHANGE		16
-#define SSL3_MT_FINISHED			20
-
-#define SSL3_MT_CCS				1
-
-/* These are used when changing over to a new cipher */
-#define SSL3_CC_READ		0x01
-#define SSL3_CC_WRITE		0x02
-#define SSL3_CC_CLIENT		0x10
-#define SSL3_CC_SERVER		0x20
-#define SSL3_CHANGE_CIPHER_CLIENT_WRITE	(SSL3_CC_CLIENT|SSL3_CC_WRITE)	
-#define SSL3_CHANGE_CIPHER_SERVER_READ	(SSL3_CC_SERVER|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_CLIENT_READ	(SSL3_CC_CLIENT|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_SERVER_WRITE	(SSL3_CC_SERVER|SSL3_CC_WRITE)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/ssl/ssl_algs.c b/crypto/openssl/ssl/ssl_algs.c
deleted file mode 100644
index 3d1299ee7b96..000000000000
--- a/crypto/openssl/ssl/ssl_algs.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* ssl/ssl_algs.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include "ssl_locl.h"
-
-int SSL_library_init(void)
-	{
-
-#ifndef OPENSSL_NO_DES
-	EVP_add_cipher(EVP_des_cbc());
-	EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef OPENSSL_NO_IDEA
-	EVP_add_cipher(EVP_idea_cbc());
-#endif
-#ifndef OPENSSL_NO_RC4
-	EVP_add_cipher(EVP_rc4());
-#endif  
-#ifndef OPENSSL_NO_RC2
-	EVP_add_cipher(EVP_rc2_cbc());
-#endif
-#ifndef OPENSSL_NO_AES
-	EVP_add_cipher(EVP_aes_128_cbc());
-	EVP_add_cipher(EVP_aes_192_cbc());
-	EVP_add_cipher(EVP_aes_256_cbc());
-#endif
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
-#endif
-#ifndef OPENSSL_NO_MD5
-	EVP_add_digest(EVP_md5());
-	EVP_add_digest_alias(SN_md5,"ssl2-md5");
-	EVP_add_digest_alias(SN_md5,"ssl3-md5");
-#endif
-#ifndef OPENSSL_NO_SHA
-	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
-	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
-	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
-	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
-	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
-	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
-#endif
-	/* If you want support for phased out ciphers, add the following */
-#if 0
-	EVP_add_digest(EVP_sha());
-	EVP_add_digest(EVP_dss());
-#endif
-	return(1);
-	}
-
diff --git a/crypto/openssl/ssl/ssl_asn1.c b/crypto/openssl/ssl/ssl_asn1.c
deleted file mode 100644
index 16bc11b559b1..000000000000
--- a/crypto/openssl/ssl/ssl_asn1.c
+++ /dev/null
@@ -1,399 +0,0 @@
-/* ssl/ssl_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "ssl_locl.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "cryptlib.h"
-
-typedef struct ssl_session_asn1_st
-	{
-	ASN1_INTEGER version;
-	ASN1_INTEGER ssl_version;
-	ASN1_OCTET_STRING cipher;
-	ASN1_OCTET_STRING master_key;
-	ASN1_OCTET_STRING session_id;
-	ASN1_OCTET_STRING session_id_context;
-	ASN1_OCTET_STRING key_arg;
-#ifndef OPENSSL_NO_KRB5
-        ASN1_OCTET_STRING krb5_princ;
-#endif /* OPENSSL_NO_KRB5 */
-	ASN1_INTEGER time;
-	ASN1_INTEGER timeout;
-	ASN1_INTEGER verify_result;
-	} SSL_SESSION_ASN1;
-
-int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
-	{
-#define LSIZE2 (sizeof(long)*2)
-	int v1=0,v2=0,v3=0,v4=0,v5=0;
-	unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
-	unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
-	long l;
-	SSL_SESSION_ASN1 a;
-	M_ASN1_I2D_vars(in);
-
-	if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
-		return(0);
-
-	/* Note that I cheat in the following 2 assignments.  I know
-	 * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
-	 * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
-	 * This is a bit evil but makes things simple, no dynamic allocation
-	 * to clean up :-) */
-	a.version.length=LSIZE2;
-	a.version.type=V_ASN1_INTEGER;
-	a.version.data=ibuf1;
-	ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
-
-	a.ssl_version.length=LSIZE2;
-	a.ssl_version.type=V_ASN1_INTEGER;
-	a.ssl_version.data=ibuf2;
-	ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
-
-	a.cipher.type=V_ASN1_OCTET_STRING;
-	a.cipher.data=buf;
-
-	if (in->cipher == NULL)
-		l=in->cipher_id;
-	else
-		l=in->cipher->id;
-	if (in->ssl_version == SSL2_VERSION)
-		{
-		a.cipher.length=3;
-		buf[0]=((unsigned char)(l>>16L))&0xff;
-		buf[1]=((unsigned char)(l>> 8L))&0xff;
-		buf[2]=((unsigned char)(l     ))&0xff;
-		}
-	else
-		{
-		a.cipher.length=2;
-		buf[0]=((unsigned char)(l>>8L))&0xff;
-		buf[1]=((unsigned char)(l    ))&0xff;
-		}
-
-	a.master_key.length=in->master_key_length;
-	a.master_key.type=V_ASN1_OCTET_STRING;
-	a.master_key.data=in->master_key;
-
-	a.session_id.length=in->session_id_length;
-	a.session_id.type=V_ASN1_OCTET_STRING;
-	a.session_id.data=in->session_id;
-
-	a.session_id_context.length=in->sid_ctx_length;
-	a.session_id_context.type=V_ASN1_OCTET_STRING;
-	a.session_id_context.data=in->sid_ctx;
-
-	a.key_arg.length=in->key_arg_length;
-	a.key_arg.type=V_ASN1_OCTET_STRING;
-	a.key_arg.data=in->key_arg;
-
-#ifndef OPENSSL_NO_KRB5
-	if (in->krb5_client_princ_len)
-		{
-		a.krb5_princ.length=in->krb5_client_princ_len;
-		a.krb5_princ.type=V_ASN1_OCTET_STRING;
-		a.krb5_princ.data=in->krb5_client_princ;
-		}
-#endif /* OPENSSL_NO_KRB5 */
- 
-	if (in->time != 0L)
-		{
-		a.time.length=LSIZE2;
-		a.time.type=V_ASN1_INTEGER;
-		a.time.data=ibuf3;
-		ASN1_INTEGER_set(&(a.time),in->time);
-		}
-
-	if (in->timeout != 0L)
-		{
-		a.timeout.length=LSIZE2;
-		a.timeout.type=V_ASN1_INTEGER;
-		a.timeout.data=ibuf4;
-		ASN1_INTEGER_set(&(a.timeout),in->timeout);
-		}
-
-	if (in->verify_result != X509_V_OK)
-		{
-		a.verify_result.length=LSIZE2;
-		a.verify_result.type=V_ASN1_INTEGER;
-		a.verify_result.data=ibuf5;
-		ASN1_INTEGER_set(&a.verify_result,in->verify_result);
-		}
-
-
-	M_ASN1_I2D_len(&(a.version),		i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(&(a.ssl_version),	i2d_ASN1_INTEGER);
-	M_ASN1_I2D_len(&(a.cipher),		i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len(&(a.session_id),		i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len(&(a.master_key),		i2d_ASN1_OCTET_STRING);
-#ifndef OPENSSL_NO_KRB5
-	if (in->krb5_client_princ_len)
-        	M_ASN1_I2D_len(&(a.krb5_princ),	i2d_ASN1_OCTET_STRING);
-#endif /* OPENSSL_NO_KRB5 */
-	if (in->key_arg_length > 0)
-		M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
-	if (in->time != 0L)
-		M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
-	if (in->timeout != 0L)
-		M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
-	if (in->peer != NULL)
-		M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
-	M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
-	if (in->verify_result != X509_V_OK)
-		M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(&(a.version),		i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(&(a.ssl_version),	i2d_ASN1_INTEGER);
-	M_ASN1_I2D_put(&(a.cipher),		i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put(&(a.session_id),		i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put(&(a.master_key),		i2d_ASN1_OCTET_STRING);
-#ifndef OPENSSL_NO_KRB5
-	if (in->krb5_client_princ_len)
-        	M_ASN1_I2D_put(&(a.krb5_princ),	i2d_ASN1_OCTET_STRING);
-#endif /* OPENSSL_NO_KRB5 */
-	if (in->key_arg_length > 0)
-		M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
-	if (in->time != 0L)
-		M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
-	if (in->timeout != 0L)
-		M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
-	if (in->peer != NULL)
-		M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
-	M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
-			       v4);
-	if (in->verify_result != X509_V_OK)
-		M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
-	M_ASN1_I2D_finish();
-	}
-
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
-	     long length)
-	{
-	int version,ssl_version=0,i;
-	long id;
-	ASN1_INTEGER ai,*aip;
-	ASN1_OCTET_STRING os,*osp;
-	M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
-
-	aip= &ai;
-	osp= &os;
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-
-	ai.data=NULL; ai.length=0;
-	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
-	version=(int)ASN1_INTEGER_get(aip);
-	if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
-
-	/* we don't care about the version right now :-) */
-	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
-	ssl_version=(int)ASN1_INTEGER_get(aip);
-	ret->ssl_version=ssl_version;
-	if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
-
-	os.data=NULL; os.length=0;
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if (ssl_version == SSL2_VERSION)
-		{
-		if (os.length != 3)
-			{
-			c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
-			goto err;
-			}
-		id=0x02000000L|
-			((unsigned long)os.data[0]<<16L)|
-			((unsigned long)os.data[1]<< 8L)|
-			 (unsigned long)os.data[2];
-		}
-	else if ((ssl_version>>8) == 3)
-		{
-		if (os.length != 2)
-			{
-			c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
-			goto err;
-			}
-		id=0x03000000L|
-			((unsigned long)os.data[0]<<8L)|
-			 (unsigned long)os.data[1];
-		}
-	else
-		{
-		SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
-		return(NULL);
-		}
-	
-	ret->cipher=NULL;
-	ret->cipher_id=id;
-
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if ((ssl_version>>8) == SSL3_VERSION)
-		i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
-	else /* if (ssl_version == SSL2_VERSION) */
-		i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
-
-	if (os.length > i)
-		os.length = i;
-	if (os.length > sizeof ret->session_id) /* can't happen */
-		os.length = sizeof ret->session_id;
-
-	ret->session_id_length=os.length;
-	OPENSSL_assert(os.length <= sizeof ret->session_id);
-	memcpy(ret->session_id,os.data,os.length);
-
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
-		ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
-	else
-		ret->master_key_length=os.length;
-	memcpy(ret->master_key,os.data,ret->master_key_length);
-
-	os.length=0;
-
-#ifndef OPENSSL_NO_KRB5
-	os.length=0;
-	M_ASN1_D2I_get_opt(osp,d2i_ASN1_OCTET_STRING,V_ASN1_OCTET_STRING);
-	if (os.data)
-		{
-        	if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
-            		ret->krb5_client_princ_len=0;
-		else
-			ret->krb5_client_princ_len=os.length;
-		memcpy(ret->krb5_client_princ,os.data,ret->krb5_client_princ_len);
-		OPENSSL_free(os.data);
-		os.data = NULL;
-		os.length = 0;
-		}
-	else
-		ret->krb5_client_princ_len=0;
-#endif /* OPENSSL_NO_KRB5 */
-
-	M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
-	if (os.length > SSL_MAX_KEY_ARG_LENGTH)
-		ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
-	else
-		ret->key_arg_length=os.length;
-	memcpy(ret->key_arg,os.data,ret->key_arg_length);
-	if (os.data != NULL) OPENSSL_free(os.data);
-
-	ai.length=0;
-	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
-	if (ai.data != NULL)
-		{
-		ret->time=ASN1_INTEGER_get(aip);
-		OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
-		}
-	else
-		ret->time=time(NULL);
-
-	ai.length=0;
-	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
-	if (ai.data != NULL)
-		{
-		ret->timeout=ASN1_INTEGER_get(aip);
-		OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
-		}
-	else
-		ret->timeout=3;
-
-	if (ret->peer != NULL)
-		{
-		X509_free(ret->peer);
-		ret->peer=NULL;
-		}
-	M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
-
-	os.length=0;
-	os.data=NULL;
-	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
-
-	if(os.data != NULL)
-	    {
-	    if (os.length > SSL_MAX_SID_CTX_LENGTH)
-		{
-		ret->sid_ctx_length=os.length;
-		SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
-		}
-	    else
-		{
-		ret->sid_ctx_length=os.length;
-		memcpy(ret->sid_ctx,os.data,os.length);
-		}
-	    OPENSSL_free(os.data); os.data=NULL; os.length=0;
-	    }
-	else
-	    ret->sid_ctx_length=0;
-
-	ai.length=0;
-	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
-	if (ai.data != NULL)
-		{
-		ret->verify_result=ASN1_INTEGER_get(aip);
-		OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
-		}
-	else
-		ret->verify_result=X509_V_OK;
-
-	M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
-	}
diff --git a/crypto/openssl/ssl/ssl_cert.c b/crypto/openssl/ssl/ssl_cert.c
deleted file mode 100644
index da90078a378b..000000000000
--- a/crypto/openssl/ssl/ssl_cert.c
+++ /dev/null
@@ -1,860 +0,0 @@
-/*! \file ssl/ssl_cert.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-
-#include "e_os.h"
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#if !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) && !defined(NeXT) && !defined(MAC_OS_pre_X)
-#include <dirent.h>
-#endif
-
-#if defined(WIN32)
-#include <windows.h>
-#endif
-
-#ifdef NeXT
-#include <sys/dir.h>
-#define dirent direct
-#endif
-
-#include <openssl/objects.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include "ssl_locl.h"
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void)
-	{
-	static volatile int ssl_x509_store_ctx_idx= -1;
-
-	if (ssl_x509_store_ctx_idx < 0)
-		{
-		/* any write lock will do; usually this branch
-		 * will only be taken once anyway */
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-		
-		if (ssl_x509_store_ctx_idx < 0)
-			{
-			ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
-				0,"SSL for verify callback",NULL,NULL,NULL);
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-		}
-	return ssl_x509_store_ctx_idx;
-	}
-
-CERT *ssl_cert_new(void)
-	{
-	CERT *ret;
-
-	ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
-	if (ret == NULL)
-		{
-		SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	memset(ret,0,sizeof(CERT));
-
-	ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
-	ret->references=1;
-
-	return(ret);
-	}
-
-CERT *ssl_cert_dup(CERT *cert)
-	{
-	CERT *ret;
-	int i;
-
-	ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
-	if (ret == NULL)
-		{
-		SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-
-	memset(ret, 0, sizeof(CERT));
-
-	ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
-	/* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
-	 * if you find that more readable */
-
-	ret->valid = cert->valid;
-	ret->mask = cert->mask;
-	ret->export_mask = cert->export_mask;
-
-#ifndef OPENSSL_NO_RSA
-	if (cert->rsa_tmp != NULL)
-		{
-		RSA_up_ref(cert->rsa_tmp);
-		ret->rsa_tmp = cert->rsa_tmp;
-		}
-	ret->rsa_tmp_cb = cert->rsa_tmp_cb;
-#endif
-
-#ifndef OPENSSL_NO_DH
-	if (cert->dh_tmp != NULL)
-		{
-		/* DH parameters don't have a reference count */
-		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
-		if (ret->dh_tmp == NULL)
-			{
-			SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
-			goto err;
-			}
-		if (cert->dh_tmp->priv_key)
-			{
-			BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-			if (!b)
-				{
-				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-				goto err;
-				}
-			ret->dh_tmp->priv_key = b;
-			}
-		if (cert->dh_tmp->pub_key)
-			{
-			BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-			if (!b)
-				{
-				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-				goto err;
-				}
-			ret->dh_tmp->pub_key = b;
-			}
-		}
-	ret->dh_tmp_cb = cert->dh_tmp_cb;
-#endif
-
-	for (i = 0; i < SSL_PKEY_NUM; i++)
-		{
-		if (cert->pkeys[i].x509 != NULL)
-			{
-			ret->pkeys[i].x509 = cert->pkeys[i].x509;
-			CRYPTO_add(&ret->pkeys[i].x509->references, 1,
-				CRYPTO_LOCK_X509);
-			}
-		
-		if (cert->pkeys[i].privatekey != NULL)
-			{
-			ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
-			CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
-				CRYPTO_LOCK_EVP_PKEY);
-
-			switch(i) 
-				{
-				/* If there was anything special to do for
-				 * certain types of keys, we'd do it here.
-				 * (Nothing at the moment, I think.) */
-
-			case SSL_PKEY_RSA_ENC:
-			case SSL_PKEY_RSA_SIGN:
-				/* We have an RSA key. */
-				break;
-				
-			case SSL_PKEY_DSA_SIGN:
-				/* We have a DSA key. */
-				break;
-				
-			case SSL_PKEY_DH_RSA:
-			case SSL_PKEY_DH_DSA:
-				/* We have a DH key. */
-				break;
-				
-			default:
-				/* Can't happen. */
-				SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
-				}
-			}
-		}
-	
-	/* ret->extra_certs *should* exist, but currently the own certificate
-	 * chain is held inside SSL_CTX */
-
-	ret->references=1;
-
-	return(ret);
-	
-#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
-err:
-#endif
-#ifndef OPENSSL_NO_RSA
-	if (ret->rsa_tmp != NULL)
-		RSA_free(ret->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-	if (ret->dh_tmp != NULL)
-		DH_free(ret->dh_tmp);
-#endif
-
-	for (i = 0; i < SSL_PKEY_NUM; i++)
-		{
-		if (ret->pkeys[i].x509 != NULL)
-			X509_free(ret->pkeys[i].x509);
-		if (ret->pkeys[i].privatekey != NULL)
-			EVP_PKEY_free(ret->pkeys[i].privatekey);
-		}
-
-	return NULL;
-	}
-
-
-void ssl_cert_free(CERT *c)
-	{
-	int i;
-
-	if(c == NULL)
-	    return;
-
-	i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
-#ifdef REF_PRINT
-	REF_PRINT("CERT",c);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"ssl_cert_free, bad reference count\n");
-		abort(); /* ok */
-		}
-#endif
-
-#ifndef OPENSSL_NO_RSA
-	if (c->rsa_tmp) RSA_free(c->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-	if (c->dh_tmp) DH_free(c->dh_tmp);
-#endif
-
-	for (i=0; i<SSL_PKEY_NUM; i++)
-		{
-		if (c->pkeys[i].x509 != NULL)
-			X509_free(c->pkeys[i].x509);
-		if (c->pkeys[i].privatekey != NULL)
-			EVP_PKEY_free(c->pkeys[i].privatekey);
-#if 0
-		if (c->pkeys[i].publickey != NULL)
-			EVP_PKEY_free(c->pkeys[i].publickey);
-#endif
-		}
-	OPENSSL_free(c);
-	}
-
-int ssl_cert_inst(CERT **o)
-	{
-	/* Create a CERT if there isn't already one
-	 * (which cannot really happen, as it is initially created in
-	 * SSL_CTX_new; but the earlier code usually allows for that one
-	 * being non-existant, so we follow that behaviour, as it might
-	 * turn out that there actually is a reason for it -- but I'm
-	 * not sure that *all* of the existing code could cope with
-	 * s->cert being NULL, otherwise we could do without the
-	 * initialization in SSL_CTX_new).
-	 */
-	
-	if (o == NULL) 
-		{
-		SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (*o == NULL)
-		{
-		if ((*o = ssl_cert_new()) == NULL)
-			{
-			SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
-		}
-	return(1);
-	}
-
-
-SESS_CERT *ssl_sess_cert_new(void)
-	{
-	SESS_CERT *ret;
-
-	ret = OPENSSL_malloc(sizeof *ret);
-	if (ret == NULL)
-		{
-		SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-		}
-
-	memset(ret, 0 ,sizeof *ret);
-	ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
-	ret->references = 1;
-
-	return ret;
-	}
-
-void ssl_sess_cert_free(SESS_CERT *sc)
-	{
-	int i;
-
-	if (sc == NULL)
-		return;
-
-	i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
-#ifdef REF_PRINT
-	REF_PRINT("SESS_CERT", sc);
-#endif
-	if (i > 0)
-		return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
-		abort(); /* ok */
-		}
-#endif
-
-	/* i == 0 */
-	if (sc->cert_chain != NULL)
-		sk_X509_pop_free(sc->cert_chain, X509_free);
-	for (i = 0; i < SSL_PKEY_NUM; i++)
-		{
-		if (sc->peer_pkeys[i].x509 != NULL)
-			X509_free(sc->peer_pkeys[i].x509);
-#if 0 /* We don't have the peer's private key.  These lines are just
-	   * here as a reminder that we're still using a not-quite-appropriate
-	   * data structure. */
-		if (sc->peer_pkeys[i].privatekey != NULL)
-			EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
-#endif
-		}
-
-#ifndef OPENSSL_NO_RSA
-	if (sc->peer_rsa_tmp != NULL)
-		RSA_free(sc->peer_rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-	if (sc->peer_dh_tmp != NULL)
-		DH_free(sc->peer_dh_tmp);
-#endif
-
-	OPENSSL_free(sc);
-	}
-
-int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
-	{
-	sc->peer_cert_type = type;
-	return(1);
-	}
-
-int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
-	{
-	X509 *x;
-	int i;
-	X509_STORE_CTX ctx;
-
-	if ((sk == NULL) || (sk_X509_num(sk) == 0))
-		return(0);
-
-	x=sk_X509_value(sk,0);
-	if(!X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk))
-		{
-		SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
-		return(0);
-		}
-	if (SSL_get_verify_depth(s) >= 0)
-		X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
-	X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
-
-	/* We need to set the verify purpose. The purpose can be determined by
-	 * the context: if its a server it will verify SSL client certificates
-	 * or vice versa.
-	 */
-	if (s->server)
-		i = X509_PURPOSE_SSL_CLIENT;
-	else
-		i = X509_PURPOSE_SSL_SERVER;
-
-	X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
-
-	if (s->verify_callback)
-		X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
-
-	if (s->ctx->app_verify_callback != NULL)
-#if 1 /* new with OpenSSL 0.9.7 */
-		i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg); 
-#else
-		i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
-#endif
-	else
-		{
-#ifndef OPENSSL_NO_X509_VERIFY
-		i=X509_verify_cert(&ctx);
-#else
-		i=0;
-		ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
-		SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
-#endif
-		}
-
-	s->verify_result=ctx.error;
-	X509_STORE_CTX_cleanup(&ctx);
-
-	return(i);
-	}
-
-static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list)
-	{
-	if (*ca_list != NULL)
-		sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
-
-	*ca_list=list;
-	}
-
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
-	{
-	int i;
-	STACK_OF(X509_NAME) *ret;
-	X509_NAME *name;
-
-	ret=sk_X509_NAME_new_null();
-	for (i=0; i<sk_X509_NAME_num(sk); i++)
-		{
-		name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
-		if ((name == NULL) || !sk_X509_NAME_push(ret,name))
-			{
-			sk_X509_NAME_pop_free(ret,X509_NAME_free);
-			return(NULL);
-			}
-		}
-	return(ret);
-	}
-
-void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
-	{
-	set_client_CA_list(&(s->client_CA),list);
-	}
-
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
-	{
-	set_client_CA_list(&(ctx->client_CA),list);
-	}
-
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
-	{
-	return(ctx->client_CA);
-	}
-
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
-	{
-	if (s->type == SSL_ST_CONNECT)
-		{ /* we are in the client */
-		if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
-			(s->s3 != NULL))
-			return(s->s3->tmp.ca_names);
-		else
-			return(NULL);
-		}
-	else
-		{
-		if (s->client_CA != NULL)
-			return(s->client_CA);
-		else
-			return(s->ctx->client_CA);
-		}
-	}
-
-static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
-	{
-	X509_NAME *name;
-
-	if (x == NULL) return(0);
-	if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
-		return(0);
-		
-	if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
-		return(0);
-
-	if (!sk_X509_NAME_push(*sk,name))
-		{
-		X509_NAME_free(name);
-		return(0);
-		}
-	return(1);
-	}
-
-int SSL_add_client_CA(SSL *ssl,X509 *x)
-	{
-	return(add_client_CA(&(ssl->client_CA),x));
-	}
-
-int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
-	{
-	return(add_client_CA(&(ctx->client_CA),x));
-	}
-
-static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
-	{
-	return(X509_NAME_cmp(*a,*b));
-	}
-
-#ifndef OPENSSL_NO_STDIO
-/*!
- * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
- * it doesn't really have anything to do with clients (except that a common use
- * for a stack of CAs is to send it to the client). Actually, it doesn't have
- * much to do with CAs, either, since it will load any old cert.
- * \param file the file containing one or more certs.
- * \return a ::STACK containing the certs.
- */
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
-	{
-	BIO *in;
-	X509 *x=NULL;
-	X509_NAME *xn=NULL;
-	STACK_OF(X509_NAME) *ret,*sk;
-
-	ret=sk_X509_NAME_new_null();
-	sk=sk_X509_NAME_new(xname_cmp);
-
-	in=BIO_new(BIO_s_file_internal());
-
-	if ((ret == NULL) || (sk == NULL) || (in == NULL))
-		{
-		SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	
-	if (!BIO_read_filename(in,file))
-		goto err;
-
-	for (;;)
-		{
-		if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
-			break;
-		if ((xn=X509_get_subject_name(x)) == NULL) goto err;
-		/* check for duplicates */
-		xn=X509_NAME_dup(xn);
-		if (xn == NULL) goto err;
-		if (sk_X509_NAME_find(sk,xn) >= 0)
-			X509_NAME_free(xn);
-		else
-			{
-			sk_X509_NAME_push(sk,xn);
-			sk_X509_NAME_push(ret,xn);
-			}
-		}
-
-	if (0)
-		{
-err:
-		if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
-		ret=NULL;
-		}
-	if (sk != NULL) sk_X509_NAME_free(sk);
-	if (in != NULL) BIO_free(in);
-	if (x != NULL) X509_free(x);
-	return(ret);
-	}
-#endif
-
-/*!
- * Add a file of certs to a stack.
- * \param stack the stack to add to.
- * \param file the file to add from. All certs in this file that are not
- * already in the stack will be added.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-					const char *file)
-	{
-	BIO *in;
-	X509 *x=NULL;
-	X509_NAME *xn=NULL;
-	int ret=1;
-	int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
-	
-	oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
-	
-	in=BIO_new(BIO_s_file_internal());
-	
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	
-	if (!BIO_read_filename(in,file))
-		goto err;
-	
-	for (;;)
-		{
-		if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
-			break;
-		if ((xn=X509_get_subject_name(x)) == NULL) goto err;
-		xn=X509_NAME_dup(xn);
-		if (xn == NULL) goto err;
-		if (sk_X509_NAME_find(stack,xn) >= 0)
-			X509_NAME_free(xn);
-		else
-			sk_X509_NAME_push(stack,xn);
-		}
-
-	if (0)
-		{
-err:
-		ret=0;
-		}
-	if(in != NULL)
-		BIO_free(in);
-	if(x != NULL)
-		X509_free(x);
-	
-	sk_X509_NAME_set_cmp_func(stack,oldcmp);
-
-	return ret;
-	}
-
-/*!
- * Add a directory of certs to a stack.
- * \param stack the stack to append to.
- * \param dir the directory to append from. All files in this directory will be
- * examined as potential certs. Any that are acceptable to
- * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
- * included.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-#ifndef OPENSSL_SYS_WIN32
-#ifndef OPENSSL_SYS_VMS		/* XXXX This may be fixed in the future */
-#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! */
-
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-				       const char *dir)
-	{
-	DIR *d;
-	struct dirent *dstruct;
-	int ret = 0;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
-	d = opendir(dir);
-
-	/* Note that a side effect is that the CAs will be sorted by name */
-	if(!d)
-		{
-		SYSerr(SYS_F_OPENDIR, get_last_sys_error());
-		ERR_add_error_data(3, "opendir('", dir, "')");
-		SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
-		goto err;
-		}
-	
-	while((dstruct=readdir(d)))
-		{
-		char buf[1024];
-		int r;
-		
-		if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
-			{
-			SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
-			goto err;
-			}
-		
-		r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
-		if (r <= 0 || r >= sizeof buf)
-			goto err;
-		if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
-			goto err;
-		}
-	ret = 1;
-
-err:	
-	if (d) closedir(d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
-	return ret;
-	}
-
-#endif
-#endif
-
-#else /* OPENSSL_SYS_WIN32 */
-
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-				       const char *dir)
-	{
-	WIN32_FIND_DATA FindFileData;
-	HANDLE hFind;
-	int ret = 0;
-#ifdef OPENSSL_SYS_WINCE
-	WCHAR* wdir = NULL;
-#endif
-
-	CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
-	
-#ifdef OPENSSL_SYS_WINCE
-	/* convert strings to UNICODE */
-	{
-		BOOL result = FALSE;
-		int i;
-		wdir = malloc((strlen(dir)+1)*2);
-		if (wdir == NULL)
-			goto err_noclose;
-		for (i=0; i<(int)strlen(dir)+1; i++)
-			wdir[i] = (short)dir[i];
-	}
-#endif
-
-#ifdef OPENSSL_SYS_WINCE
-	hFind = FindFirstFile(wdir, &FindFileData);
-#else
-	hFind = FindFirstFile(dir, &FindFileData);
-#endif
-	/* Note that a side effect is that the CAs will be sorted by name */
-	if(hFind == INVALID_HANDLE_VALUE)
-		{
-		SYSerr(SYS_F_OPENDIR, get_last_sys_error());
-		ERR_add_error_data(3, "opendir('", dir, "')");
-		SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
-		goto err_noclose;
-		}
-	
-	do 
-		{
-		char buf[1024];
-		int r;
-		
-#ifdef OPENSSL_SYS_WINCE
-		if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf)
-#else
-		if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
-#endif
-			{
-			SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
-			goto err;
-			}
-		
-		r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName);
-		if (r <= 0 || r >= sizeof buf)
-			goto err;
-		if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
-			goto err;
-		}
-	while (FindNextFile(hFind, &FindFileData) != FALSE);
-	ret = 1;
-
-err:	
-	FindClose(hFind);
-err_noclose:
-#ifdef OPENSSL_SYS_WINCE
-	if (wdir != NULL)
-		free(wdir);
-#endif
-	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
-	return ret;
-	}
-
-#endif
diff --git a/crypto/openssl/ssl/ssl_ciph.c b/crypto/openssl/ssl/ssl_ciph.c
deleted file mode 100644
index c72be89e9ae3..000000000000
--- a/crypto/openssl/ssl/ssl_ciph.c
+++ /dev/null
@@ -1,1138 +0,0 @@
-/* ssl/ssl_ciph.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-#include "ssl_locl.h"
-
-#define SSL_ENC_DES_IDX		0
-#define SSL_ENC_3DES_IDX	1
-#define SSL_ENC_RC4_IDX		2
-#define SSL_ENC_RC2_IDX		3
-#define SSL_ENC_IDEA_IDX	4
-#define SSL_ENC_eFZA_IDX	5
-#define SSL_ENC_NULL_IDX	6
-#define SSL_ENC_AES128_IDX	7
-#define SSL_ENC_AES256_IDX	8
-#define SSL_ENC_NUM_IDX		9
-
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
-	NULL,NULL,NULL,NULL,NULL,NULL,
-	};
-
-static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
-
-#define SSL_MD_MD5_IDX	0
-#define SSL_MD_SHA1_IDX	1
-#define SSL_MD_NUM_IDX	2
-static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
-	NULL,NULL,
-	};
-
-#define CIPHER_ADD	1
-#define CIPHER_KILL	2
-#define CIPHER_DEL	3
-#define CIPHER_ORD	4
-#define CIPHER_SPECIAL	5
-
-typedef struct cipher_order_st
-	{
-	SSL_CIPHER *cipher;
-	int active;
-	int dead;
-	struct cipher_order_st *next,*prev;
-	} CIPHER_ORDER;
-
-static const SSL_CIPHER cipher_aliases[]={
-	/* Don't include eNULL unless specifically enabled. */
-	{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
-        {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},  /* COMPLEMENT OF ALL */
-	{0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
-        {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0},  /* VRS Kerberos5 */
-	{0,SSL_TXT_kRSA,0,SSL_kRSA,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kDHr,0,SSL_kDHr,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kDHd,0,SSL_kDHd,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kEDH,0,SSL_kEDH,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kFZA,0,SSL_kFZA,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_DH,	0,SSL_DH,    0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_EDH,	0,SSL_EDH,   0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
-
-	{0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0},  /* VRS Kerberos5 */
-	{0,SSL_TXT_aRSA,0,SSL_aRSA,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aDSS,0,SSL_aDSS,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aFZA,0,SSL_aFZA,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aDH, 0,SSL_aDH,   0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_DSS,	0,SSL_DSS,   0,0,0,0,SSL_AUTH_MASK,0},
-
-	{0,SSL_TXT_DES,	0,SSL_DES,   0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_3DES,0,SSL_3DES,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_RC4,	0,SSL_RC4,   0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_RC2,	0,SSL_RC2,   0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_IDEA,0,SSL_IDEA,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_eFZA,0,SSL_eFZA,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_AES,	0,SSL_AES,   0,0,0,0,SSL_ENC_MASK,0},
-
-	{0,SSL_TXT_MD5,	0,SSL_MD5,   0,0,0,0,SSL_MAC_MASK,0},
-	{0,SSL_TXT_SHA1,0,SSL_SHA1,  0,0,0,0,SSL_MAC_MASK,0},
-	{0,SSL_TXT_SHA,	0,SSL_SHA,   0,0,0,0,SSL_MAC_MASK,0},
-
-	{0,SSL_TXT_NULL,0,SSL_NULL,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_KRB5,0,SSL_KRB5,  0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_RSA,	0,SSL_RSA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_ADH,	0,SSL_ADH,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_FZA,	0,SSL_FZA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
-
-	{0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
-	{0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
-	{0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
-
-	{0,SSL_TXT_EXP   ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
-	{0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
-	{0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_LOW,   0, 0,   SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_HIGH,  0, 0,  SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
-	};
-
-static int init_ciphers=1;
-
-static void load_ciphers(void)
-	{
-	init_ciphers=0;
-	ssl_cipher_methods[SSL_ENC_DES_IDX]= 
-		EVP_get_cipherbyname(SN_des_cbc);
-	ssl_cipher_methods[SSL_ENC_3DES_IDX]=
-		EVP_get_cipherbyname(SN_des_ede3_cbc);
-	ssl_cipher_methods[SSL_ENC_RC4_IDX]=
-		EVP_get_cipherbyname(SN_rc4);
-	ssl_cipher_methods[SSL_ENC_RC2_IDX]= 
-		EVP_get_cipherbyname(SN_rc2_cbc);
-	ssl_cipher_methods[SSL_ENC_IDEA_IDX]= 
-		EVP_get_cipherbyname(SN_idea_cbc);
-	ssl_cipher_methods[SSL_ENC_AES128_IDX]=
-	  EVP_get_cipherbyname(SN_aes_128_cbc);
-	ssl_cipher_methods[SSL_ENC_AES256_IDX]=
-	  EVP_get_cipherbyname(SN_aes_256_cbc);
-
-	ssl_digest_methods[SSL_MD_MD5_IDX]=
-		EVP_get_digestbyname(SN_md5);
-	ssl_digest_methods[SSL_MD_SHA1_IDX]=
-		EVP_get_digestbyname(SN_sha1);
-	}
-
-int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
-	     const EVP_MD **md, SSL_COMP **comp)
-	{
-	int i;
-	SSL_CIPHER *c;
-
-	c=s->cipher;
-	if (c == NULL) return(0);
-	if (comp != NULL)
-		{
-		SSL_COMP ctmp;
-
-		if (s->compress_meth == 0)
-			*comp=NULL;
-		else if (ssl_comp_methods == NULL)
-			{
-			/* bad */
-			*comp=NULL;
-			}
-		else
-			{
-
-			ctmp.id=s->compress_meth;
-			i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
-			if (i >= 0)
-				*comp=sk_SSL_COMP_value(ssl_comp_methods,i);
-			else
-				*comp=NULL;
-			}
-		}
-
-	if ((enc == NULL) || (md == NULL)) return(0);
-
-	switch (c->algorithms & SSL_ENC_MASK)
-		{
-	case SSL_DES:
-		i=SSL_ENC_DES_IDX;
-		break;
-	case SSL_3DES:
-		i=SSL_ENC_3DES_IDX;
-		break;
-	case SSL_RC4:
-		i=SSL_ENC_RC4_IDX;
-		break;
-	case SSL_RC2:
-		i=SSL_ENC_RC2_IDX;
-		break;
-	case SSL_IDEA:
-		i=SSL_ENC_IDEA_IDX;
-		break;
-	case SSL_eNULL:
-		i=SSL_ENC_NULL_IDX;
-		break;
-	case SSL_AES:
-		switch(c->alg_bits)
-			{
-		case 128: i=SSL_ENC_AES128_IDX; break;
-		case 256: i=SSL_ENC_AES256_IDX; break;
-		default: i=-1; break;
-			}
-		break;
-	default:
-		i= -1;
-		break;
-		}
-
-	if ((i < 0) || (i > SSL_ENC_NUM_IDX))
-		*enc=NULL;
-	else
-		{
-		if (i == SSL_ENC_NULL_IDX)
-			*enc=EVP_enc_null();
-		else
-			*enc=ssl_cipher_methods[i];
-		}
-
-	switch (c->algorithms & SSL_MAC_MASK)
-		{
-	case SSL_MD5:
-		i=SSL_MD_MD5_IDX;
-		break;
-	case SSL_SHA1:
-		i=SSL_MD_SHA1_IDX;
-		break;
-	default:
-		i= -1;
-		break;
-		}
-	if ((i < 0) || (i > SSL_MD_NUM_IDX))
-		*md=NULL;
-	else
-		*md=ssl_digest_methods[i];
-
-	if ((*enc != NULL) && (*md != NULL))
-		return(1);
-	else
-		return(0);
-	}
-
-#define ITEM_SEP(a) \
-	(((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
-
-static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
-	     CIPHER_ORDER **tail)
-	{
-	if (curr == *tail) return;
-	if (curr == *head)
-		*head=curr->next;
-	if (curr->prev != NULL)
-		curr->prev->next=curr->next;
-	if (curr->next != NULL) /* should always be true */
-		curr->next->prev=curr->prev;
-	(*tail)->next=curr;
-	curr->prev= *tail;
-	curr->next=NULL;
-	*tail=curr;
-	}
-
-static unsigned long ssl_cipher_get_disabled(void)
-	{
-	unsigned long mask;
-
-	mask = SSL_kFZA;
-#ifdef OPENSSL_NO_RSA
-	mask |= SSL_aRSA|SSL_kRSA;
-#endif
-#ifdef OPENSSL_NO_DSA
-	mask |= SSL_aDSS;
-#endif
-#ifdef OPENSSL_NO_DH
-	mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
-#endif
-#ifdef OPENSSL_NO_KRB5
-	mask |= SSL_kKRB5|SSL_aKRB5;
-#endif
-
-#ifdef SSL_FORBID_ENULL
-	mask |= SSL_eNULL;
-#endif
-
-	mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
-
-	mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
-	mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
-
-	return(mask);
-	}
-
-static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
-		int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
-		CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
-	{
-	int i, list_num;
-	SSL_CIPHER *c;
-
-	/*
-	 * We have num_of_ciphers descriptions compiled in, depending on the
-	 * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
-	 * These will later be sorted in a linked list with at most num
-	 * entries.
-	 */
-
-	/* Get the initial list of ciphers */
-	list_num = 0;	/* actual count of ciphers */
-	for (i = 0; i < num_of_ciphers; i++)
-		{
-		c = ssl_method->get_cipher(i);
-		/* drop those that use any of that is not available */
-		if ((c != NULL) && c->valid && !(c->algorithms & mask))
-			{
-			list[list_num].cipher = c;
-			list[list_num].next = NULL;
-			list[list_num].prev = NULL;
-			list[list_num].active = 0;
-			list_num++;
-#ifdef KSSL_DEBUG
-			printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms);
-#endif	/* KSSL_DEBUG */
-			/*
-			if (!sk_push(ca_list,(char *)c)) goto err;
-			*/
-			}
-		}
-
-	/*
-	 * Prepare linked list from list entries
-	 */	
-	for (i = 1; i < list_num - 1; i++)
-		{
-		list[i].prev = &(list[i-1]);
-		list[i].next = &(list[i+1]);
-		}
-	if (list_num > 0)
-		{
-		(*head_p) = &(list[0]);
-		(*head_p)->prev = NULL;
-		(*head_p)->next = &(list[1]);
-		(*tail_p) = &(list[list_num - 1]);
-		(*tail_p)->prev = &(list[list_num - 2]);
-		(*tail_p)->next = NULL;
-		}
-	}
-
-static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
-			int num_of_group_aliases, unsigned long mask,
-			CIPHER_ORDER *head)
-	{
-	CIPHER_ORDER *ciph_curr;
-	SSL_CIPHER **ca_curr;
-	int i;
-
-	/*
-	 * First, add the real ciphers as already collected
-	 */
-	ciph_curr = head;
-	ca_curr = ca_list;
-	while (ciph_curr != NULL)
-		{
-		*ca_curr = ciph_curr->cipher;
-		ca_curr++;
-		ciph_curr = ciph_curr->next;
-		}
-
-	/*
-	 * Now we add the available ones from the cipher_aliases[] table.
-	 * They represent either an algorithm, that must be fully
-	 * supported (not match any bit in mask) or represent a cipher
-	 * strength value (will be added in any case because algorithms=0).
-	 */
-	for (i = 0; i < num_of_group_aliases; i++)
-		{
-		if ((i == 0) ||		/* always fetch "ALL" */
-		    !(cipher_aliases[i].algorithms & mask))
-			{
-			*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
-			ca_curr++;
-			}
-		}
-
-	*ca_curr = NULL;	/* end of list */
-	}
-
-static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
-		unsigned long algo_strength, unsigned long mask_strength,
-		int rule, int strength_bits, CIPHER_ORDER *list,
-		CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
-	{
-	CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
-	SSL_CIPHER *cp;
-	unsigned long ma, ma_s;
-
-#ifdef CIPHER_DEBUG
-	printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
-		rule, algorithms, mask, algo_strength, mask_strength,
-		strength_bits);
-#endif
-
-	curr = head = *head_p;
-	curr2 = head;
-	tail2 = tail = *tail_p;
-	for (;;)
-		{
-		if ((curr == NULL) || (curr == tail2)) break;
-		curr = curr2;
-		curr2 = curr->next;
-
-		cp = curr->cipher;
-
-		/*
-		 * Selection criteria is either the number of strength_bits
-		 * or the algorithm used.
-		 */
-		if (strength_bits == -1)
-			{
-			ma = mask & cp->algorithms;
-			ma_s = mask_strength & cp->algo_strength;
-
-#ifdef CIPHER_DEBUG
-			printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
-			printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
-#endif
-			/*
-			 * Select: if none of the mask bit was met from the
-			 * cipher or not all of the bits were met, the
-			 * selection does not apply.
-			 */
-			if (((ma == 0) && (ma_s == 0)) ||
-			    ((ma & algorithms) != ma) ||
-			    ((ma_s & algo_strength) != ma_s))
-				continue; /* does not apply */
-			}
-		else if (strength_bits != cp->strength_bits)
-			continue;	/* does not apply */
-
-#ifdef CIPHER_DEBUG
-		printf("Action = %d\n", rule);
-#endif
-
-		/* add the cipher if it has not been added yet. */
-		if (rule == CIPHER_ADD)
-			{
-			if (!curr->active)
-				{
-				ll_append_tail(&head, curr, &tail);
-				curr->active = 1;
-				}
-			}
-		/* Move the added cipher to this location */
-		else if (rule == CIPHER_ORD)
-			{
-			if (curr->active)
-				{
-				ll_append_tail(&head, curr, &tail);
-				}
-			}
-		else if	(rule == CIPHER_DEL)
-			curr->active = 0;
-		else if (rule == CIPHER_KILL)
-			{
-			if (head == curr)
-				head = curr->next;
-			else
-				curr->prev->next = curr->next;
-			if (tail == curr)
-				tail = curr->prev;
-			curr->active = 0;
-			if (curr->next != NULL)
-				curr->next->prev = curr->prev;
-			if (curr->prev != NULL)
-				curr->prev->next = curr->next;
-			curr->next = NULL;
-			curr->prev = NULL;
-			}
-		}
-
-	*head_p = head;
-	*tail_p = tail;
-	}
-
-static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
-				     CIPHER_ORDER **tail_p)
-	{
-	int max_strength_bits, i, *number_uses;
-	CIPHER_ORDER *curr;
-
-	/*
-	 * This routine sorts the ciphers with descending strength. The sorting
-	 * must keep the pre-sorted sequence, so we apply the normal sorting
-	 * routine as '+' movement to the end of the list.
-	 */
-	max_strength_bits = 0;
-	curr = *head_p;
-	while (curr != NULL)
-		{
-		if (curr->active &&
-		    (curr->cipher->strength_bits > max_strength_bits))
-		    max_strength_bits = curr->cipher->strength_bits;
-		curr = curr->next;
-		}
-
-	number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
-	if (!number_uses)
-	{
-		SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
-		return(0);
-	}
-	memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
-
-	/*
-	 * Now find the strength_bits values actually used
-	 */
-	curr = *head_p;
-	while (curr != NULL)
-		{
-		if (curr->active)
-			number_uses[curr->cipher->strength_bits]++;
-		curr = curr->next;
-		}
-	/*
-	 * Go through the list of used strength_bits values in descending
-	 * order.
-	 */
-	for (i = max_strength_bits; i >= 0; i--)
-		if (number_uses[i] > 0)
-			ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
-					list, head_p, tail_p);
-
-	OPENSSL_free(number_uses);
-	return(1);
-	}
-
-static int ssl_cipher_process_rulestr(const char *rule_str,
-		CIPHER_ORDER *list, CIPHER_ORDER **head_p,
-		CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
-	{
-	unsigned long algorithms, mask, algo_strength, mask_strength;
-	const char *l, *start, *buf;
-	int j, multi, found, rule, retval, ok, buflen;
-	char ch;
-
-	retval = 1;
-	l = rule_str;
-	for (;;)
-		{
-		ch = *l;
-
-		if (ch == '\0')
-			break;		/* done */
-		if (ch == '-')
-			{ rule = CIPHER_DEL; l++; }
-		else if (ch == '+')
-			{ rule = CIPHER_ORD; l++; }
-		else if (ch == '!')
-			{ rule = CIPHER_KILL; l++; }
-		else if (ch == '@')
-			{ rule = CIPHER_SPECIAL; l++; }
-		else
-			{ rule = CIPHER_ADD; }
-
-		if (ITEM_SEP(ch))
-			{
-			l++;
-			continue;
-			}
-
-		algorithms = mask = algo_strength = mask_strength = 0;
-
-		start=l;
-		for (;;)
-			{
-			ch = *l;
-			buf = l;
-			buflen = 0;
-#ifndef CHARSET_EBCDIC
-			while (	((ch >= 'A') && (ch <= 'Z')) ||
-				((ch >= '0') && (ch <= '9')) ||
-				((ch >= 'a') && (ch <= 'z')) ||
-				 (ch == '-'))
-#else
-			while (	isalnum(ch) || (ch == '-'))
-#endif
-				 {
-				 ch = *(++l);
-				 buflen++;
-				 }
-
-			if (buflen == 0)
-				{
-				/*
-				 * We hit something we cannot deal with,
-				 * it is no command or separator nor
-				 * alphanumeric, so we call this an error.
-				 */
-				SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-				       SSL_R_INVALID_COMMAND);
-				retval = found = 0;
-				l++;
-				break;
-				}
-
-			if (rule == CIPHER_SPECIAL)
-				{
-				found = 0; /* unused -- avoid compiler warning */
-				break;	/* special treatment */
-				}
-
-			/* check for multi-part specification */
-			if (ch == '+')
-				{
-				multi=1;
-				l++;
-				}
-			else
-				multi=0;
-
-			/*
-			 * Now search for the cipher alias in the ca_list. Be careful
-			 * with the strncmp, because the "buflen" limitation
-			 * will make the rule "ADH:SOME" and the cipher
-			 * "ADH-MY-CIPHER" look like a match for buflen=3.
-			 * So additionally check whether the cipher name found
-			 * has the correct length. We can save a strlen() call:
-			 * just checking for the '\0' at the right place is
-			 * sufficient, we have to strncmp() anyway.
-			 */
-			 j = found = 0;
-			 while (ca_list[j])
-				{
-				if ((ca_list[j]->name[buflen] == '\0') &&
-				    !strncmp(buf, ca_list[j]->name, buflen))
-					{
-					found = 1;
-					break;
-					}
-				else
-					j++;
-				}
-			if (!found)
-				break;	/* ignore this entry */
-
-			algorithms |= ca_list[j]->algorithms;
-			mask |= ca_list[j]->mask;
-			algo_strength |= ca_list[j]->algo_strength;
-			mask_strength |= ca_list[j]->mask_strength;
-
-			if (!multi) break;
-			}
-
-		/*
-		 * Ok, we have the rule, now apply it
-		 */
-		if (rule == CIPHER_SPECIAL)
-			{	/* special command */
-			ok = 0;
-			if ((buflen == 8) &&
-				!strncmp(buf, "STRENGTH", 8))
-				ok = ssl_cipher_strength_sort(list,
-					head_p, tail_p);
-			else
-				SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-					SSL_R_INVALID_COMMAND);
-			if (ok == 0)
-				retval = 0;
-			/*
-			 * We do not support any "multi" options
-			 * together with "@", so throw away the
-			 * rest of the command, if any left, until
-			 * end or ':' is found.
-			 */
-			while ((*l != '\0') && ITEM_SEP(*l))
-				l++;
-			}
-		else if (found)
-			{
-			ssl_cipher_apply_rule(algorithms, mask,
-				algo_strength, mask_strength, rule, -1,
-				list, head_p, tail_p);
-			}
-		else
-			{
-			while ((*l != '\0') && ITEM_SEP(*l))
-				l++;
-			}
-		if (*l == '\0') break; /* done */
-		}
-
-	return(retval);
-	}
-
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
-		STACK_OF(SSL_CIPHER) **cipher_list,
-		STACK_OF(SSL_CIPHER) **cipher_list_by_id,
-		const char *rule_str)
-	{
-	int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
-	unsigned long disabled_mask;
-	STACK_OF(SSL_CIPHER) *cipherstack;
-	const char *rule_p;
-	CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
-	SSL_CIPHER **ca_list = NULL;
-
-	/*
-	 * Return with error if nothing to do.
-	 */
-	if (rule_str == NULL) return(NULL);
-
-	if (init_ciphers)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-		if (init_ciphers) load_ciphers();
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
-
-	/*
-	 * To reduce the work to do we only want to process the compiled
-	 * in algorithms, so we first get the mask of disabled ciphers.
-	 */
-	disabled_mask = ssl_cipher_get_disabled();
-
-	/*
-	 * Now we have to collect the available ciphers from the compiled
-	 * in ciphers. We cannot get more than the number compiled in, so
-	 * it is used for allocation.
-	 */
-	num_of_ciphers = ssl_method->num_ciphers();
-#ifdef KSSL_DEBUG
-	printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
-#endif    /* KSSL_DEBUG */
-	list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
-	if (list == NULL)
-		{
-		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
-		return(NULL);	/* Failure */
-		}
-
-	ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
-				   list, &head, &tail);
-
-	/*
-	 * We also need cipher aliases for selecting based on the rule_str.
-	 * There might be two types of entries in the rule_str: 1) names
-	 * of ciphers themselves 2) aliases for groups of ciphers.
-	 * For 1) we need the available ciphers and for 2) the cipher
-	 * groups of cipher_aliases added together in one list (otherwise
-	 * we would be happy with just the cipher_aliases table).
-	 */
-	num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
-	num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
-	ca_list =
-		(SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
-	if (ca_list == NULL)
-		{
-		OPENSSL_free(list);
-		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
-		return(NULL);	/* Failure */
-		}
-	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
-				   head);
-
-	/*
-	 * If the rule_string begins with DEFAULT, apply the default rule
-	 * before using the (possibly available) additional rules.
-	 */
-	ok = 1;
-	rule_p = rule_str;
-	if (strncmp(rule_str,"DEFAULT",7) == 0)
-		{
-		ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
-			list, &head, &tail, ca_list);
-		rule_p += 7;
-		if (*rule_p == ':')
-			rule_p++;
-		}
-
-	if (ok && (strlen(rule_p) > 0))
-		ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
-						ca_list);
-
-	OPENSSL_free(ca_list);	/* Not needed anymore */
-
-	if (!ok)
-		{	/* Rule processing failure */
-		OPENSSL_free(list);
-		return(NULL);
-		}
-	/*
-	 * Allocate new "cipherstack" for the result, return with error
-	 * if we cannot get one.
-	 */
-	if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
-		{
-		OPENSSL_free(list);
-		return(NULL);
-		}
-
-	/*
-	 * The cipher selection for the list is done. The ciphers are added
-	 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
-	 */
-	for (curr = head; curr != NULL; curr = curr->next)
-		{
-		if (curr->active)
-			{
-			sk_SSL_CIPHER_push(cipherstack, curr->cipher);
-#ifdef CIPHER_DEBUG
-			printf("<%s>\n",curr->cipher->name);
-#endif
-			}
-		}
-	OPENSSL_free(list);	/* Not needed any longer */
-
-	/*
-	 * The following passage is a little bit odd. If pointer variables
-	 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
-	 * the old memory pointed to is free()ed. Then, however, the
-	 * cipher_list entry will be assigned just a copy of the returned
-	 * cipher stack. For cipher_list_by_id a copy of the cipher stack
-	 * will be created. See next comment...
-	 */
-	if (cipher_list != NULL)
-		{
-		if (*cipher_list != NULL)
-			sk_SSL_CIPHER_free(*cipher_list);
-		*cipher_list = cipherstack;
-		}
-
-	if (cipher_list_by_id != NULL)
-		{
-		if (*cipher_list_by_id != NULL)
-			sk_SSL_CIPHER_free(*cipher_list_by_id);
-		*cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
-		}
-
-	/*
-	 * Now it is getting really strange. If something failed during
-	 * the previous pointer assignment or if one of the pointers was
-	 * not requested, the error condition is met. That might be
-	 * discussable. The strange thing is however that in this case
-	 * the memory "ret" pointed to is "free()ed" and hence the pointer
-	 * cipher_list becomes wild. The memory reserved for
-	 * cipher_list_by_id however is not "free()ed" and stays intact.
-	 */
-	if (	(cipher_list_by_id == NULL) ||
-		(*cipher_list_by_id == NULL) ||
-		(cipher_list == NULL) ||
-		(*cipher_list == NULL))
-		{
-		sk_SSL_CIPHER_free(cipherstack);
-		return(NULL);
-		}
-
-	sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
-
-	return(cipherstack);
-	}
-
-char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
-	{
-	int is_export,pkl,kl;
-	char *ver,*exp;
-	char *kx,*au,*enc,*mac;
-	unsigned long alg,alg2,alg_s;
-#ifdef KSSL_DEBUG
-	static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
-#else
-	static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
-#endif /* KSSL_DEBUG */
-
-	alg=cipher->algorithms;
-	alg_s=cipher->algo_strength;
-	alg2=cipher->algorithm2;
-
-	is_export=SSL_C_IS_EXPORT(cipher);
-	pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
-	kl=SSL_C_EXPORT_KEYLENGTH(cipher);
-	exp=is_export?" export":"";
-
-	if (alg & SSL_SSLV2)
-		ver="SSLv2";
-	else if (alg & SSL_SSLV3)
-		ver="SSLv3";
-	else
-		ver="unknown";
-
-	switch (alg&SSL_MKEY_MASK)
-		{
-	case SSL_kRSA:
-		kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
-		break;
-	case SSL_kDHr:
-		kx="DH/RSA";
-		break;
-	case SSL_kDHd:
-		kx="DH/DSS";
-		break;
-        case SSL_kKRB5:         /* VRS */
-        case SSL_KRB5:          /* VRS */
-            kx="KRB5";
-            break;
-	case SSL_kFZA:
-		kx="Fortezza";
-		break;
-	case SSL_kEDH:
-		kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
-		break;
-	default:
-		kx="unknown";
-		}
-
-	switch (alg&SSL_AUTH_MASK)
-		{
-	case SSL_aRSA:
-		au="RSA";
-		break;
-	case SSL_aDSS:
-		au="DSS";
-		break;
-	case SSL_aDH:
-		au="DH";
-		break;
-        case SSL_aKRB5:         /* VRS */
-        case SSL_KRB5:          /* VRS */
-            au="KRB5";
-            break;
-	case SSL_aFZA:
-	case SSL_aNULL:
-		au="None";
-		break;
-	default:
-		au="unknown";
-		break;
-		}
-
-	switch (alg&SSL_ENC_MASK)
-		{
-	case SSL_DES:
-		enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
-		break;
-	case SSL_3DES:
-		enc="3DES(168)";
-		break;
-	case SSL_RC4:
-		enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
-		  :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
-		break;
-	case SSL_RC2:
-		enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
-		break;
-	case SSL_IDEA:
-		enc="IDEA(128)";
-		break;
-	case SSL_eFZA:
-		enc="Fortezza";
-		break;
-	case SSL_eNULL:
-		enc="None";
-		break;
-	case SSL_AES:
-		switch(cipher->strength_bits)
-			{
-		case 128: enc="AES(128)"; break;
-		case 192: enc="AES(192)"; break;
-		case 256: enc="AES(256)"; break;
-		default: enc="AES(?""?""?)"; break;
-			}
-		break;
-	default:
-		enc="unknown";
-		break;
-		}
-
-	switch (alg&SSL_MAC_MASK)
-		{
-	case SSL_MD5:
-		mac="MD5";
-		break;
-	case SSL_SHA1:
-		mac="SHA1";
-		break;
-	default:
-		mac="unknown";
-		break;
-		}
-
-	if (buf == NULL)
-		{
-		len=128;
-		buf=OPENSSL_malloc(len);
-		if (buf == NULL) return("OPENSSL_malloc Error");
-		}
-	else if (len < 128)
-		return("Buffer too small");
-
-#ifdef KSSL_DEBUG
-	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg);
-#else
-	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
-#endif /* KSSL_DEBUG */
-	return(buf);
-	}
-
-char *SSL_CIPHER_get_version(SSL_CIPHER *c)
-	{
-	int i;
-
-	if (c == NULL) return("(NONE)");
-	i=(int)(c->id>>24L);
-	if (i == 3)
-		return("TLSv1/SSLv3");
-	else if (i == 2)
-		return("SSLv2");
-	else
-		return("unknown");
-	}
-
-/* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
-	{
-	if (c != NULL)
-		return(c->name);
-	return("(NONE)");
-	}
-
-/* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
-	{
-	int ret=0;
-
-	if (c != NULL)
-		{
-		if (alg_bits != NULL) *alg_bits = c->alg_bits;
-		ret = c->strength_bits;
-		}
-	return(ret);
-	}
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
-	{
-	SSL_COMP *ctmp;
-	int i,nn;
-
-	if ((n == 0) || (sk == NULL)) return(NULL);
-	nn=sk_SSL_COMP_num(sk);
-	for (i=0; i<nn; i++)
-		{
-		ctmp=sk_SSL_COMP_value(sk,i);
-		if (ctmp->id == n)
-			return(ctmp);
-		}
-	return(NULL);
-	}
-
-static int sk_comp_cmp(const SSL_COMP * const *a,
-			const SSL_COMP * const *b)
-	{
-	return((*a)->id-(*b)->id);
-	}
-
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
-	{
-	return(ssl_comp_methods);
-	}
-
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
-	{
-	SSL_COMP *comp;
-	STACK_OF(SSL_COMP) *sk;
-
-        if (cm == NULL || cm->type == NID_undef)
-                return 1;
-
-	MemCheck_off();
-	comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
-	comp->id=id;
-	comp->method=cm;
-	if (ssl_comp_methods == NULL)
-		sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
-	else
-		sk=ssl_comp_methods;
-	if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
-		{
-		MemCheck_on();
-		SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	else
-		{
-		MemCheck_on();
-		return(1);
-		}
-	}
diff --git a/crypto/openssl/ssl/ssl_err.c b/crypto/openssl/ssl/ssl_err.c
deleted file mode 100644
index d2cb18150322..000000000000
--- a/crypto/openssl/ssl/ssl_err.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/* ssl/ssl_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA SSL_str_functs[]=
-	{
-{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),	"CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0),	"CLIENT_FINISHED"},
-{ERR_PACK(0,SSL_F_CLIENT_HELLO,0),	"CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0),	"CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0),	"d2i_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0),	"DO_SSL3_WRITE"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0),	"GET_CLIENT_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0),	"GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0),	"GET_CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0),	"GET_SERVER_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0),	"GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0),	"GET_SERVER_VERIFY"},
-{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0),	"i2d_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_READ_N,0),	"READ_N"},
-{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0),	"REQUEST_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SERVER_FINISH,0),	"SERVER_FINISH"},
-{ERR_PACK(0,SSL_F_SERVER_HELLO,0),	"SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SERVER_VERIFY,0),	"SERVER_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0),	"SSL23_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0),	"SSL23_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_CONNECT,0),	"SSL23_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0),	"SSL23_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0),	"SSL23_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_PEEK,0),	"SSL23_PEEK"},
-{ERR_PACK(0,SSL_F_SSL23_READ,0),	"SSL23_READ"},
-{ERR_PACK(0,SSL_F_SSL23_WRITE,0),	"SSL23_WRITE"},
-{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),	"SSL2_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL2_CONNECT,0),	"SSL2_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0),	"SSL2_ENC_INIT"},
-{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0),	"SSL2_GENERATE_KEY_MATERIAL"},
-{ERR_PACK(0,SSL_F_SSL2_PEEK,0),	"SSL2_PEEK"},
-{ERR_PACK(0,SSL_F_SSL2_READ,0),	"SSL2_READ"},
-{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0),	"SSL2_READ_INTERNAL"},
-{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0),	"SSL2_SET_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL2_WRITE,0),	"SSL2_WRITE"},
-{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0),	"SSL3_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0),	"SSL3_CALLBACK_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0),	"SSL3_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0),	"SSL3_CHECK_CERT_AND_ALGORITHM"},
-{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0),	"SSL3_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_CONNECT,0),	"SSL3_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL3_CTRL,0),	"SSL3_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0),	"SSL3_CTX_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_ENC,0),	"SSL3_ENC"},
-{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0),	"SSL3_GENERATE_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0),	"SSL3_GET_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0),	"SSL3_GET_CERT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0),	"SSL3_GET_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0),	"SSL3_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0),	"SSL3_GET_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0),	"SSL3_GET_FINISHED"},
-{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0),	"SSL3_GET_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0),	"SSL3_GET_MESSAGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0),	"SSL3_GET_RECORD"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0),	"SSL3_GET_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0),	"SSL3_GET_SERVER_DONE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0),	"SSL3_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0),	"SSL3_OUTPUT_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL3_PEEK,0),	"SSL3_PEEK"},
-{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0),	"SSL3_READ_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_READ_N,0),	"SSL3_READ_N"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0),	"SSL3_SEND_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0),	"SSL3_SEND_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0),	"SSL3_SEND_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0),	"SSL3_SEND_CLIENT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0),	"SSL3_SEND_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0),	"SSL3_SEND_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0),	"SSL3_SEND_SERVER_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0),	"SSL3_SETUP_BUFFERS"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0),	"SSL3_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0),	"SSL3_WRITE_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0),	"SSL3_WRITE_PENDING"},
-{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0),	"SSL_add_dir_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0),	"SSL_add_file_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0),	"SSL_BAD_METHOD"},
-{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0),	"SSL_BYTES_TO_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0),	"SSL_CERT_DUP"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INST,0),	"SSL_CERT_INST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0),	"SSL_CERT_INSTANTIATE"},
-{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0),	"SSL_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0),	"SSL_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0),	"SSL_CIPHER_PROCESS_RULESTR"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0),	"SSL_CIPHER_STRENGTH_SORT"},
-{ERR_PACK(0,SSL_F_SSL_CLEAR,0),	"SSL_clear"},
-{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0),	"SSL_COMP_add_compression_method"},
-{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0),	"SSL_CREATE_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CTRL,0),	"SSL_ctrl"},
-{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0),	"SSL_CTX_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0),	"SSL_CTX_new"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0),	"SSL_CTX_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0),	"SSL_CTX_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0),	"SSL_CTX_set_ssl_version"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0),	"SSL_CTX_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0),	"SSL_CTX_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0),	"SSL_CTX_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0),	"SSL_CTX_use_certificate_chain_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0),	"SSL_CTX_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0),	"SSL_CTX_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0),	"SSL_CTX_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0),	"SSL_CTX_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0),	"SSL_CTX_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0),	"SSL_CTX_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0),	"SSL_CTX_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0),	"SSL_do_handshake"},
-{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0),	"SSL_GET_NEW_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0),	"SSL_GET_PREV_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0),	"SSL_GET_SERVER_SEND_CERT"},
-{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0),	"SSL_GET_SIGN_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0),	"SSL_INIT_WBIO_BUFFER"},
-{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0),	"SSL_load_client_CA_file"},
-{ERR_PACK(0,SSL_F_SSL_NEW,0),	"SSL_new"},
-{ERR_PACK(0,SSL_F_SSL_READ,0),	"SSL_read"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0),	"SSL_RSA_PRIVATE_DECRYPT"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0),	"SSL_RSA_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0),	"SSL_SESSION_new"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0),	"SSL_SESSION_print_fp"},
-{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0),	"SSL_SESS_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_SET_CERT,0),	"SSL_SET_CERT"},
-{ERR_PACK(0,SSL_F_SSL_SET_FD,0),	"SSL_set_fd"},
-{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0),	"SSL_SET_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0),	"SSL_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_SET_RFD,0),	"SSL_set_rfd"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0),	"SSL_set_session"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0),	"SSL_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0),	"SSL_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_SET_WFD,0),	"SSL_set_wfd"},
-{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0),	"SSL_shutdown"},
-{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0),	"SSL_UNDEFINED_FUNCTION"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0),	"SSL_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0),	"SSL_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0),	"SSL_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0),	"SSL_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0),	"SSL_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0),	"SSL_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0),	"SSL_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0),	"SSL_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0),	"SSL_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0),	"SSL_VERIFY_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL_WRITE,0),	"SSL_write"},
-{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0),	"TLS1_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_TLS1_ENC,0),	"TLS1_ENC"},
-{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0),	"TLS1_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_WRITE_PENDING,0),	"WRITE_PENDING"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA SSL_str_reasons[]=
-	{
-{SSL_R_APP_DATA_IN_HANDSHAKE             ,"app data in handshake"},
-{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
-{SSL_R_BAD_ALERT_RECORD                  ,"bad alert record"},
-{SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
-{SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
-{SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
-{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
-{SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
-{SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
-{SSL_R_BAD_DH_PUB_KEY_LENGTH             ,"bad dh pub key length"},
-{SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
-{SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
-{SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
-{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
-{SSL_R_BAD_LENGTH                        ,"bad length"},
-{SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
-{SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},
-{SSL_R_BAD_PACKET_LENGTH                 ,"bad packet length"},
-{SSL_R_BAD_PROTOCOL_VERSION_NUMBER       ,"bad protocol version number"},
-{SSL_R_BAD_RESPONSE_ARGUMENT             ,"bad response argument"},
-{SSL_R_BAD_RSA_DECRYPT                   ,"bad rsa decrypt"},
-{SSL_R_BAD_RSA_ENCRYPT                   ,"bad rsa encrypt"},
-{SSL_R_BAD_RSA_E_LENGTH                  ,"bad rsa e length"},
-{SSL_R_BAD_RSA_MODULUS_LENGTH            ,"bad rsa modulus length"},
-{SSL_R_BAD_RSA_SIGNATURE                 ,"bad rsa signature"},
-{SSL_R_BAD_SIGNATURE                     ,"bad signature"},
-{SSL_R_BAD_SSL_FILETYPE                  ,"bad ssl filetype"},
-{SSL_R_BAD_SSL_SESSION_ID_LENGTH         ,"bad ssl session id length"},
-{SSL_R_BAD_STATE                         ,"bad state"},
-{SSL_R_BAD_WRITE_RETRY                   ,"bad write retry"},
-{SSL_R_BIO_NOT_SET                       ,"bio not set"},
-{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG         ,"block cipher pad is wrong"},
-{SSL_R_BN_LIB                            ,"bn lib"},
-{SSL_R_CA_DN_LENGTH_MISMATCH             ,"ca dn length mismatch"},
-{SSL_R_CA_DN_TOO_LONG                    ,"ca dn too long"},
-{SSL_R_CCS_RECEIVED_EARLY                ,"ccs received early"},
-{SSL_R_CERTIFICATE_VERIFY_FAILED         ,"certificate verify failed"},
-{SSL_R_CERT_LENGTH_MISMATCH              ,"cert length mismatch"},
-{SSL_R_CHALLENGE_IS_DIFFERENT            ,"challenge is different"},
-{SSL_R_CIPHER_CODE_WRONG_LENGTH          ,"cipher code wrong length"},
-{SSL_R_CIPHER_OR_HASH_UNAVAILABLE        ,"cipher or hash unavailable"},
-{SSL_R_CIPHER_TABLE_SRC_ERROR            ,"cipher table src error"},
-{SSL_R_COMPRESSED_LENGTH_TOO_LONG        ,"compressed length too long"},
-{SSL_R_COMPRESSION_FAILURE               ,"compression failure"},
-{SSL_R_COMPRESSION_LIBRARY_ERROR         ,"compression library error"},
-{SSL_R_CONNECTION_ID_IS_DIFFERENT        ,"connection id is different"},
-{SSL_R_CONNECTION_TYPE_NOT_SET           ,"connection type not set"},
-{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED     ,"data between ccs and finished"},
-{SSL_R_DATA_LENGTH_TOO_LONG              ,"data length too long"},
-{SSL_R_DECRYPTION_FAILED                 ,"decryption failed"},
-{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
-{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG   ,"dh public value length is wrong"},
-{SSL_R_DIGEST_CHECK_FAILED               ,"digest check failed"},
-{SSL_R_ENCRYPTED_LENGTH_TOO_LONG         ,"encrypted length too long"},
-{SSL_R_ERROR_GENERATING_TMP_RSA_KEY      ,"error generating tmp rsa key"},
-{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST     ,"error in received cipher list"},
-{SSL_R_EXCESSIVE_MESSAGE_SIZE            ,"excessive message size"},
-{SSL_R_EXTRA_DATA_IN_MESSAGE             ,"extra data in message"},
-{SSL_R_GOT_A_FIN_BEFORE_A_CCS            ,"got a fin before a ccs"},
-{SSL_R_HTTPS_PROXY_REQUEST               ,"https proxy request"},
-{SSL_R_HTTP_REQUEST                      ,"http request"},
-{SSL_R_ILLEGAL_PADDING                   ,"illegal padding"},
-{SSL_R_INVALID_CHALLENGE_LENGTH          ,"invalid challenge length"},
-{SSL_R_INVALID_COMMAND                   ,"invalid command"},
-{SSL_R_INVALID_PURPOSE                   ,"invalid purpose"},
-{SSL_R_INVALID_TRUST                     ,"invalid trust"},
-{SSL_R_KEY_ARG_TOO_LONG                  ,"key arg too long"},
-{SSL_R_KRB5                              ,"krb5"},
-{SSL_R_KRB5_C_CC_PRINC                   ,"krb5 client cc principal (no tkt?)"},
-{SSL_R_KRB5_C_GET_CRED                   ,"krb5 client get cred"},
-{SSL_R_KRB5_C_INIT                       ,"krb5 client init"},
-{SSL_R_KRB5_C_MK_REQ                     ,"krb5 client mk_req (expired tkt?)"},
-{SSL_R_KRB5_S_BAD_TICKET                 ,"krb5 server bad ticket"},
-{SSL_R_KRB5_S_INIT                       ,"krb5 server init"},
-{SSL_R_KRB5_S_RD_REQ                     ,"krb5 server rd_req (keytab perms?)"},
-{SSL_R_KRB5_S_TKT_EXPIRED                ,"krb5 server tkt expired"},
-{SSL_R_KRB5_S_TKT_NYV                    ,"krb5 server tkt not yet valid"},
-{SSL_R_KRB5_S_TKT_SKEW                   ,"krb5 server tkt skew"},
-{SSL_R_LENGTH_MISMATCH                   ,"length mismatch"},
-{SSL_R_LENGTH_TOO_SHORT                  ,"length too short"},
-{SSL_R_LIBRARY_BUG                       ,"library bug"},
-{SSL_R_LIBRARY_HAS_NO_CIPHERS            ,"library has no ciphers"},
-{SSL_R_MASTER_KEY_TOO_LONG               ,"master key too long"},
-{SSL_R_MESSAGE_TOO_LONG                  ,"message too long"},
-{SSL_R_MISSING_DH_DSA_CERT               ,"missing dh dsa cert"},
-{SSL_R_MISSING_DH_KEY                    ,"missing dh key"},
-{SSL_R_MISSING_DH_RSA_CERT               ,"missing dh rsa cert"},
-{SSL_R_MISSING_DSA_SIGNING_CERT          ,"missing dsa signing cert"},
-{SSL_R_MISSING_EXPORT_TMP_DH_KEY         ,"missing export tmp dh key"},
-{SSL_R_MISSING_EXPORT_TMP_RSA_KEY        ,"missing export tmp rsa key"},
-{SSL_R_MISSING_RSA_CERTIFICATE           ,"missing rsa certificate"},
-{SSL_R_MISSING_RSA_ENCRYPTING_CERT       ,"missing rsa encrypting cert"},
-{SSL_R_MISSING_RSA_SIGNING_CERT          ,"missing rsa signing cert"},
-{SSL_R_MISSING_TMP_DH_KEY                ,"missing tmp dh key"},
-{SSL_R_MISSING_TMP_RSA_KEY               ,"missing tmp rsa key"},
-{SSL_R_MISSING_TMP_RSA_PKEY              ,"missing tmp rsa pkey"},
-{SSL_R_MISSING_VERIFY_MESSAGE            ,"missing verify message"},
-{SSL_R_NON_SSLV2_INITIAL_PACKET          ,"non sslv2 initial packet"},
-{SSL_R_NO_CERTIFICATES_RETURNED          ,"no certificates returned"},
-{SSL_R_NO_CERTIFICATE_ASSIGNED           ,"no certificate assigned"},
-{SSL_R_NO_CERTIFICATE_RETURNED           ,"no certificate returned"},
-{SSL_R_NO_CERTIFICATE_SET                ,"no certificate set"},
-{SSL_R_NO_CERTIFICATE_SPECIFIED          ,"no certificate specified"},
-{SSL_R_NO_CIPHERS_AVAILABLE              ,"no ciphers available"},
-{SSL_R_NO_CIPHERS_PASSED                 ,"no ciphers passed"},
-{SSL_R_NO_CIPHERS_SPECIFIED              ,"no ciphers specified"},
-{SSL_R_NO_CIPHER_LIST                    ,"no cipher list"},
-{SSL_R_NO_CIPHER_MATCH                   ,"no cipher match"},
-{SSL_R_NO_CLIENT_CERT_RECEIVED           ,"no client cert received"},
-{SSL_R_NO_COMPRESSION_SPECIFIED          ,"no compression specified"},
-{SSL_R_NO_METHOD_SPECIFIED               ,"no method specified"},
-{SSL_R_NO_PRIVATEKEY                     ,"no privatekey"},
-{SSL_R_NO_PRIVATE_KEY_ASSIGNED           ,"no private key assigned"},
-{SSL_R_NO_PROTOCOLS_AVAILABLE            ,"no protocols available"},
-{SSL_R_NO_PUBLICKEY                      ,"no publickey"},
-{SSL_R_NO_SHARED_CIPHER                  ,"no shared cipher"},
-{SSL_R_NO_VERIFY_CALLBACK                ,"no verify callback"},
-{SSL_R_NULL_SSL_CTX                      ,"null ssl ctx"},
-{SSL_R_NULL_SSL_METHOD_PASSED            ,"null ssl method passed"},
-{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED   ,"old session cipher not returned"},
-{SSL_R_PACKET_LENGTH_TOO_LONG            ,"packet length too long"},
-{SSL_R_PATH_TOO_LONG                     ,"path too long"},
-{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
-{SSL_R_PEER_ERROR                        ,"peer error"},
-{SSL_R_PEER_ERROR_CERTIFICATE            ,"peer error certificate"},
-{SSL_R_PEER_ERROR_NO_CERTIFICATE         ,"peer error no certificate"},
-{SSL_R_PEER_ERROR_NO_CIPHER              ,"peer error no cipher"},
-{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
-{SSL_R_PRE_MAC_LENGTH_TOO_LONG           ,"pre mac length too long"},
-{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
-{SSL_R_PROTOCOL_IS_SHUTDOWN              ,"protocol is shutdown"},
-{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR          ,"public key encrypt error"},
-{SSL_R_PUBLIC_KEY_IS_NOT_RSA             ,"public key is not rsa"},
-{SSL_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
-{SSL_R_READ_BIO_NOT_SET                  ,"read bio not set"},
-{SSL_R_READ_WRONG_PACKET_TYPE            ,"read wrong packet type"},
-{SSL_R_RECORD_LENGTH_MISMATCH            ,"record length mismatch"},
-{SSL_R_RECORD_TOO_LARGE                  ,"record too large"},
-{SSL_R_RECORD_TOO_SMALL                  ,"record too small"},
-{SSL_R_REQUIRED_CIPHER_MISSING           ,"required cipher missing"},
-{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO        ,"reuse cert length not zero"},
-{SSL_R_REUSE_CERT_TYPE_NOT_ZERO          ,"reuse cert type not zero"},
-{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO        ,"reuse cipher list not zero"},
-{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED  ,"session id context uninitialized"},
-{SSL_R_SHORT_READ                        ,"short read"},
-{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
-{SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
-{SSL_R_SSL2_CONNECTION_ID_TOO_LONG       ,"ssl2 connection id too long"},
-{SSL_R_SSL3_SESSION_ID_TOO_LONG          ,"ssl3 session id too long"},
-{SSL_R_SSL3_SESSION_ID_TOO_SHORT         ,"ssl3 session id too short"},
-{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE       ,"sslv3 alert bad certificate"},
-{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC        ,"sslv3 alert bad record mac"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED   ,"sslv3 alert certificate expired"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED   ,"sslv3 alert certificate revoked"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN   ,"sslv3 alert certificate unknown"},
-{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
-{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE     ,"sslv3 alert handshake failure"},
-{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER     ,"sslv3 alert illegal parameter"},
-{SSL_R_SSLV3_ALERT_NO_CERTIFICATE        ,"sslv3 alert no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER  ,"sslv3 alert peer error no cipher"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
-{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE    ,"sslv3 alert unexpected message"},
-{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
-{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
-{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
-{SSL_R_SSL_HANDSHAKE_FAILURE             ,"ssl handshake failure"},
-{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS        ,"ssl library has no ciphers"},
-{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED    ,"ssl session id callback failed"},
-{SSL_R_SSL_SESSION_ID_CONFLICT           ,"ssl session id conflict"},
-{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG   ,"ssl session id context too long"},
-{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH     ,"ssl session id has bad length"},
-{SSL_R_SSL_SESSION_ID_IS_DIFFERENT       ,"ssl session id is different"},
-{SSL_R_TLSV1_ALERT_ACCESS_DENIED         ,"tlsv1 alert access denied"},
-{SSL_R_TLSV1_ALERT_DECODE_ERROR          ,"tlsv1 alert decode error"},
-{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED     ,"tlsv1 alert decryption failed"},
-{SSL_R_TLSV1_ALERT_DECRYPT_ERROR         ,"tlsv1 alert decrypt error"},
-{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION    ,"tlsv1 alert export restriction"},
-{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
-{SSL_R_TLSV1_ALERT_INTERNAL_ERROR        ,"tlsv1 alert internal error"},
-{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION      ,"tlsv1 alert no renegotiation"},
-{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION      ,"tlsv1 alert protocol version"},
-{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW       ,"tlsv1 alert record overflow"},
-{SSL_R_TLSV1_ALERT_UNKNOWN_CA            ,"tlsv1 alert unknown ca"},
-{SSL_R_TLSV1_ALERT_USER_CANCELLED        ,"tlsv1 alert user cancelled"},
-{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
-{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
-{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
-{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER   ,"tried to use unsupported cipher"},
-{SSL_R_UNABLE_TO_DECODE_DH_CERTS         ,"unable to decode dh certs"},
-{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY      ,"unable to extract public key"},
-{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS      ,"unable to find dh parameters"},
-{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
-{SSL_R_UNABLE_TO_FIND_SSL_METHOD         ,"unable to find ssl method"},
-{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES  ,"unable to load ssl2 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES  ,"unable to load ssl3 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
-{SSL_R_UNEXPECTED_MESSAGE                ,"unexpected message"},
-{SSL_R_UNEXPECTED_RECORD                 ,"unexpected record"},
-{SSL_R_UNINITIALIZED                     ,"uninitialized"},
-{SSL_R_UNKNOWN_ALERT_TYPE                ,"unknown alert type"},
-{SSL_R_UNKNOWN_CERTIFICATE_TYPE          ,"unknown certificate type"},
-{SSL_R_UNKNOWN_CIPHER_RETURNED           ,"unknown cipher returned"},
-{SSL_R_UNKNOWN_CIPHER_TYPE               ,"unknown cipher type"},
-{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE         ,"unknown key exchange type"},
-{SSL_R_UNKNOWN_PKEY_TYPE                 ,"unknown pkey type"},
-{SSL_R_UNKNOWN_PROTOCOL                  ,"unknown protocol"},
-{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE         ,"unknown remote error type"},
-{SSL_R_UNKNOWN_SSL_VERSION               ,"unknown ssl version"},
-{SSL_R_UNKNOWN_STATE                     ,"unknown state"},
-{SSL_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
-{SSL_R_UNSUPPORTED_OPTION                ,"unsupported option"},
-{SSL_R_UNSUPPORTED_PROTOCOL              ,"unsupported protocol"},
-{SSL_R_UNSUPPORTED_SSL_VERSION           ,"unsupported ssl version"},
-{SSL_R_WRITE_BIO_NOT_SET                 ,"write bio not set"},
-{SSL_R_WRONG_CIPHER_RETURNED             ,"wrong cipher returned"},
-{SSL_R_WRONG_MESSAGE_TYPE                ,"wrong message type"},
-{SSL_R_WRONG_NUMBER_OF_KEY_BITS          ,"wrong number of key bits"},
-{SSL_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
-{SSL_R_WRONG_SIGNATURE_SIZE              ,"wrong signature size"},
-{SSL_R_WRONG_SSL_VERSION                 ,"wrong ssl version"},
-{SSL_R_WRONG_VERSION_NUMBER              ,"wrong version number"},
-{SSL_R_X509_LIB                          ,"x509 lib"},
-{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS  ,"x509 verification setup problems"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_SSL_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
-		ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
-#endif
-
-		}
-	}
diff --git a/crypto/openssl/ssl/ssl_err2.c b/crypto/openssl/ssl/ssl_err2.c
deleted file mode 100644
index ea95a5f983c1..000000000000
--- a/crypto/openssl/ssl/ssl_err2.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* ssl/ssl_err2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-void SSL_load_error_strings(void)
-	{
-#ifndef OPENSSL_NO_ERR
-	ERR_load_crypto_strings();
-	ERR_load_SSL_strings();
-#endif
-	}
-
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
deleted file mode 100644
index ddd811458779..000000000000
--- a/crypto/openssl/ssl/ssl_lib.c
+++ /dev/null
@@ -1,2315 +0,0 @@
-/*! \file ssl/ssl_lib.c
- *  \brief Version independent SSL functions.
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#ifdef REF_CHECK
-#  include <assert.h>
-#endif
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include <openssl/x509v3.h>
-#include "cryptlib.h"
-
-const char *SSL_version_str=OPENSSL_VERSION_TEXT;
-
-OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
-	/* evil casts, but these functions are only called if there's a library bug */
-	(int (*)(SSL *,int))ssl_undefined_function,
-	(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
-	ssl_undefined_function,
-	(int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
-	(int (*)(SSL*, int))ssl_undefined_function,
-	(int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
-	};
-
-int SSL_clear(SSL *s)
-	{
-
-	if (s->method == NULL)
-		{
-		SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
-		return(0);
-		}
-
-	if (ssl_clear_bad_session(s))
-		{
-		SSL_SESSION_free(s->session);
-		s->session=NULL;
-		}
-
-	s->error=0;
-	s->hit=0;
-	s->shutdown=0;
-
-#if 0 /* Disabled since version 1.10 of this file (early return not
-       * needed because SSL_clear is not called when doing renegotiation) */
-	/* This is set if we are doing dynamic renegotiation so keep
-	 * the old cipher.  It is sort of a SSL_clear_lite :-) */
-	if (s->new_session) return(1);
-#else
-	if (s->new_session)
-		{
-		SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
-		return 0;
-		}
-#endif
-
-	s->type=0;
-
-	s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
-
-	s->version=s->method->version;
-	s->client_version=s->version;
-	s->rwstate=SSL_NOTHING;
-	s->rstate=SSL_ST_READ_HEADER;
-#if 0
-	s->read_ahead=s->ctx->read_ahead;
-#endif
-
-	if (s->init_buf != NULL)
-		{
-		BUF_MEM_free(s->init_buf);
-		s->init_buf=NULL;
-		}
-
-	ssl_clear_cipher_ctx(s);
-
-	s->first_packet=0;
-
-#if 1
-	/* Check to see if we were changed into a different method, if
-	 * so, revert back if we are not doing session-id reuse. */
-	if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
-		{
-		s->method->ssl_free(s);
-		s->method=s->ctx->method;
-		if (!s->method->ssl_new(s))
-			return(0);
-		}
-	else
-#endif
-		s->method->ssl_clear(s);
-	return(1);
-	}
-
-/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
-	{
-	STACK_OF(SSL_CIPHER) *sk;
-
-	ctx->method=meth;
-
-	sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
-		&(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
-	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
-		{
-		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
-		return(0);
-		}
-	return(1);
-	}
-
-SSL *SSL_new(SSL_CTX *ctx)
-	{
-	SSL *s;
-
-	if (ctx == NULL)
-		{
-		SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
-		return(NULL);
-		}
-	if (ctx->method == NULL)
-		{
-		SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
-		return(NULL);
-		}
-
-	s=(SSL *)OPENSSL_malloc(sizeof(SSL));
-	if (s == NULL) goto err;
-	memset(s,0,sizeof(SSL));
-
-#ifndef	OPENSSL_NO_KRB5
-	s->kssl_ctx = kssl_ctx_new();
-#endif	/* OPENSSL_NO_KRB5 */
-
-	s->options=ctx->options;
-	s->mode=ctx->mode;
-	s->max_cert_list=ctx->max_cert_list;
-
-	if (ctx->cert != NULL)
-		{
-		/* Earlier library versions used to copy the pointer to
-		 * the CERT, not its contents; only when setting new
-		 * parameters for the per-SSL copy, ssl_cert_new would be
-		 * called (and the direct reference to the per-SSL_CTX
-		 * settings would be lost, but those still were indirectly
-		 * accessed for various purposes, and for that reason they
-		 * used to be known as s->ctx->default_cert).
-		 * Now we don't look at the SSL_CTX's CERT after having
-		 * duplicated it once. */
-
-		s->cert = ssl_cert_dup(ctx->cert);
-		if (s->cert == NULL)
-			goto err;
-		}
-	else
-		s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
-
-	s->read_ahead=ctx->read_ahead;
-	s->msg_callback=ctx->msg_callback;
-	s->msg_callback_arg=ctx->msg_callback_arg;
-	s->verify_mode=ctx->verify_mode;
-	s->verify_depth=ctx->verify_depth;
-	s->sid_ctx_length=ctx->sid_ctx_length;
-	OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
-	memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
-	s->verify_callback=ctx->default_verify_callback;
-	s->generate_session_id=ctx->generate_session_id;
-	s->purpose = ctx->purpose;
-	s->trust = ctx->trust;
-	s->quiet_shutdown=ctx->quiet_shutdown;
-
-	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
-	s->ctx=ctx;
-
-	s->verify_result=X509_V_OK;
-
-	s->method=ctx->method;
-
-	if (!s->method->ssl_new(s))
-		goto err;
-
-	s->references=1;
-	s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
-
-	SSL_clear(s);
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-	return(s);
-err:
-	if (s != NULL)
-		{
-		if (s->cert != NULL)
-			ssl_cert_free(s->cert);
-		if (s->ctx != NULL)
-			SSL_CTX_free(s->ctx); /* decrement reference count */
-		OPENSSL_free(s);
-		}
-	SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
-	return(NULL);
-	}
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
-				   unsigned int sid_ctx_len)
-    {
-    if(sid_ctx_len > sizeof ctx->sid_ctx)
-	{
-	SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-	return 0;
-	}
-    ctx->sid_ctx_length=sid_ctx_len;
-    memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
-
-    return 1;
-    }
-
-int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
-			       unsigned int sid_ctx_len)
-    {
-    if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
-	{
-	SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-	return 0;
-	}
-    ssl->sid_ctx_length=sid_ctx_len;
-    memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
-
-    return 1;
-    }
-
-int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	ctx->generate_session_id = cb;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	return 1;
-	}
-
-int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
-	{
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-	ssl->generate_session_id = cb;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-	return 1;
-	}
-
-int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-				unsigned int id_len)
-	{
-	/* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
-	 * we can "construct" a session to give us the desired check - ie. to
-	 * find if there's a session in the hash table that would conflict with
-	 * any new session built out of this id/id_len and the ssl_version in
-	 * use by this SSL. */
-	SSL_SESSION r, *p;
-
-	if(id_len > sizeof r.session_id)
-		return 0;
-
-	r.ssl_version = ssl->version;
-	r.session_id_length = id_len;
-	memcpy(r.session_id, id, id_len);
-	/* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
-	 * callback is calling us to check the uniqueness of a shorter ID, it
-	 * must be compared as a padded-out ID because that is what it will be
-	 * converted to when the callback has finished choosing it. */
-	if((r.ssl_version == SSL2_VERSION) &&
-			(id_len < SSL2_SSL_SESSION_ID_LENGTH))
-		{
-		memset(r.session_id + id_len, 0,
-			SSL2_SSL_SESSION_ID_LENGTH - id_len);
-		r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-		}
-
-	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-	p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
-	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-	return (p != NULL);
-	}
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
-	{
-	return X509_PURPOSE_set(&s->purpose, purpose);
-	}
-
-int SSL_set_purpose(SSL *s, int purpose)
-	{
-	return X509_PURPOSE_set(&s->purpose, purpose);
-	}
-
-int SSL_CTX_set_trust(SSL_CTX *s, int trust)
-	{
-	return X509_TRUST_set(&s->trust, trust);
-	}
-
-int SSL_set_trust(SSL *s, int trust)
-	{
-	return X509_TRUST_set(&s->trust, trust);
-	}
-
-void SSL_free(SSL *s)
-	{
-	int i;
-
-	if(s == NULL)
-	    return;
-
-	i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
-#ifdef REF_PRINT
-	REF_PRINT("SSL",s);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"SSL_free, bad reference count\n");
-		abort(); /* ok */
-		}
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-	if (s->bbio != NULL)
-		{
-		/* If the buffering BIO is in place, pop it off */
-		if (s->bbio == s->wbio)
-			{
-			s->wbio=BIO_pop(s->wbio);
-			}
-		BIO_free(s->bbio);
-		s->bbio=NULL;
-		}
-	if (s->rbio != NULL)
-		BIO_free_all(s->rbio);
-	if ((s->wbio != NULL) && (s->wbio != s->rbio))
-		BIO_free_all(s->wbio);
-
-	if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
-
-	/* add extra stuff */
-	if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
-	if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
-	/* Make the next call work :-) */
-	if (s->session != NULL)
-		{
-		ssl_clear_bad_session(s);
-		SSL_SESSION_free(s->session);
-		}
-
-	ssl_clear_cipher_ctx(s);
-
-	if (s->cert != NULL) ssl_cert_free(s->cert);
-	/* Free up if allocated */
-
-	if (s->ctx) SSL_CTX_free(s->ctx);
-
-	if (s->client_CA != NULL)
-		sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
-
-	if (s->method != NULL) s->method->ssl_free(s);
-
-	OPENSSL_free(s);
-	}
-
-void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
-	{
-	/* If the output buffering BIO is still in place, remove it
-	 */
-	if (s->bbio != NULL)
-		{
-		if (s->wbio == s->bbio)
-			{
-			s->wbio=s->wbio->next_bio;
-			s->bbio->next_bio=NULL;
-			}
-		}
-	if ((s->rbio != NULL) && (s->rbio != rbio))
-		BIO_free_all(s->rbio);
-	if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
-		BIO_free_all(s->wbio);
-	s->rbio=rbio;
-	s->wbio=wbio;
-	}
-
-BIO *SSL_get_rbio(SSL *s)
-	{ return(s->rbio); }
-
-BIO *SSL_get_wbio(SSL *s)
-	{ return(s->wbio); }
-
-int SSL_get_fd(SSL *s)
-	{
-	return(SSL_get_rfd(s));
-	}
-
-int SSL_get_rfd(SSL *s)
-	{
-	int ret= -1;
-	BIO *b,*r;
-
-	b=SSL_get_rbio(s);
-	r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
-	if (r != NULL)
-		BIO_get_fd(r,&ret);
-	return(ret);
-	}
-
-int SSL_get_wfd(SSL *s)
-	{
-	int ret= -1;
-	BIO *b,*r;
-
-	b=SSL_get_wbio(s);
-	r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
-	if (r != NULL)
-		BIO_get_fd(r,&ret);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_SOCK
-int SSL_set_fd(SSL *s,int fd)
-	{
-	int ret=0;
-	BIO *bio=NULL;
-
-	bio=BIO_new(BIO_s_socket());
-
-	if (bio == NULL)
-		{
-		SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
-		goto err;
-		}
-	BIO_set_fd(bio,fd,BIO_NOCLOSE);
-	SSL_set_bio(s,bio,bio);
-	ret=1;
-err:
-	return(ret);
-	}
-
-int SSL_set_wfd(SSL *s,int fd)
-	{
-	int ret=0;
-	BIO *bio=NULL;
-
-	if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
-		|| ((int)BIO_get_fd(s->rbio,NULL) != fd))
-		{
-		bio=BIO_new(BIO_s_socket());
-
-		if (bio == NULL)
-			{ SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
-		BIO_set_fd(bio,fd,BIO_NOCLOSE);
-		SSL_set_bio(s,SSL_get_rbio(s),bio);
-		}
-	else
-		SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
-	ret=1;
-err:
-	return(ret);
-	}
-
-int SSL_set_rfd(SSL *s,int fd)
-	{
-	int ret=0;
-	BIO *bio=NULL;
-
-	if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
-		|| ((int)BIO_get_fd(s->wbio,NULL) != fd))
-		{
-		bio=BIO_new(BIO_s_socket());
-
-		if (bio == NULL)
-			{
-			SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
-			goto err;
-			}
-		BIO_set_fd(bio,fd,BIO_NOCLOSE);
-		SSL_set_bio(s,bio,SSL_get_wbio(s));
-		}
-	else
-		SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
-	ret=1;
-err:
-	return(ret);
-	}
-#endif
-
-
-/* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count)
-	{
-	size_t ret = 0;
-	
-	if (s->s3 != NULL)
-		{
-		ret = s->s3->tmp.finish_md_len;
-		if (count > ret)
-			count = ret;
-		memcpy(buf, s->s3->tmp.finish_md, count);
-		}
-	return ret;
-	}
-
-/* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
-	{
-	size_t ret = 0;
-	
-	if (s->s3 != NULL)
-		{
-		ret = s->s3->tmp.peer_finish_md_len;
-		if (count > ret)
-			count = ret;
-		memcpy(buf, s->s3->tmp.peer_finish_md, count);
-		}
-	return ret;
-	}
-
-
-int SSL_get_verify_mode(SSL *s)
-	{
-	return(s->verify_mode);
-	}
-
-int SSL_get_verify_depth(SSL *s)
-	{
-	return(s->verify_depth);
-	}
-
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
-	{
-	return(s->verify_callback);
-	}
-
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
-	{
-	return(ctx->verify_mode);
-	}
-
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
-	{
-	return(ctx->verify_depth);
-	}
-
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
-	{
-	return(ctx->default_verify_callback);
-	}
-
-void SSL_set_verify(SSL *s,int mode,
-		    int (*callback)(int ok,X509_STORE_CTX *ctx))
-	{
-	s->verify_mode=mode;
-	if (callback != NULL)
-		s->verify_callback=callback;
-	}
-
-void SSL_set_verify_depth(SSL *s,int depth)
-	{
-	s->verify_depth=depth;
-	}
-
-void SSL_set_read_ahead(SSL *s,int yes)
-	{
-	s->read_ahead=yes;
-	}
-
-int SSL_get_read_ahead(SSL *s)
-	{
-	return(s->read_ahead);
-	}
-
-int SSL_pending(SSL *s)
-	{
-	/* SSL_pending cannot work properly if read-ahead is enabled
-	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
-	 * and it is impossible to fix since SSL_pending cannot report
-	 * errors that may be observed while scanning the new data.
-	 * (Note that SSL_pending() is often used as a boolean value,
-	 * so we'd better not return -1.)
-	 */
-	return(s->method->ssl_pending(s));
-	}
-
-X509 *SSL_get_peer_certificate(SSL *s)
-	{
-	X509 *r;
-	
-	if ((s == NULL) || (s->session == NULL))
-		r=NULL;
-	else
-		r=s->session->peer;
-
-	if (r == NULL) return(r);
-
-	CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
-
-	return(r);
-	}
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
-	{
-	STACK_OF(X509) *r;
-	
-	if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
-		r=NULL;
-	else
-		r=s->session->sess_cert->cert_chain;
-
-	/* If we are a client, cert_chain includes the peer's own
-	 * certificate; if we are a server, it does not. */
-	
-	return(r);
-	}
-
-/* Now in theory, since the calling process own 't' it should be safe to
- * modify.  We need to be able to read f without being hassled */
-void SSL_copy_session_id(SSL *t,SSL *f)
-	{
-	CERT *tmp;
-
-	/* Do we need to to SSL locking? */
-	SSL_set_session(t,SSL_get_session(f));
-
-	/* what if we are setup as SSLv2 but want to talk SSLv3 or
-	 * vice-versa */
-	if (t->method != f->method)
-		{
-		t->method->ssl_free(t);	/* cleanup current */
-		t->method=f->method;	/* change method */
-		t->method->ssl_new(t);	/* setup new */
-		}
-
-	tmp=t->cert;
-	if (f->cert != NULL)
-		{
-		CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
-		t->cert=f->cert;
-		}
-	else
-		t->cert=NULL;
-	if (tmp != NULL) ssl_cert_free(tmp);
-	SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
-	}
-
-/* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(SSL_CTX *ctx)
-	{
-	if (	(ctx == NULL) ||
-		(ctx->cert == NULL) ||
-		(ctx->cert->key->x509 == NULL))
-		{
-		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return(0);
-		}
-	if 	(ctx->cert->key->privatekey == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-		return(0);
-		}
-	return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
-	}
-
-/* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(SSL *ssl)
-	{
-	if (ssl == NULL)
-		{
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (ssl->cert == NULL)
-		{
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return 0;
-		}
-	if (ssl->cert->key->x509 == NULL)
-		{
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return(0);
-		}
-	if (ssl->cert->key->privatekey == NULL)
-		{
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-		return(0);
-		}
-	return(X509_check_private_key(ssl->cert->key->x509,
-		ssl->cert->key->privatekey));
-	}
-
-int SSL_accept(SSL *s)
-	{
-	if (s->handshake_func == 0)
-		/* Not properly initialized yet */
-		SSL_set_accept_state(s);
-
-	return(s->method->ssl_accept(s));
-	}
-
-int SSL_connect(SSL *s)
-	{
-	if (s->handshake_func == 0)
-		/* Not properly initialized yet */
-		SSL_set_connect_state(s);
-
-	return(s->method->ssl_connect(s));
-	}
-
-long SSL_get_default_timeout(SSL *s)
-	{
-	return(s->method->get_timeout());
-	}
-
-int SSL_read(SSL *s,void *buf,int num)
-	{
-	if (s->handshake_func == 0)
-		{
-		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
-		return -1;
-		}
-
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
-		{
-		s->rwstate=SSL_NOTHING;
-		return(0);
-		}
-	return(s->method->ssl_read(s,buf,num));
-	}
-
-int SSL_peek(SSL *s,void *buf,int num)
-	{
-	if (s->handshake_func == 0)
-		{
-		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
-		return -1;
-		}
-
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
-		{
-		return(0);
-		}
-	return(s->method->ssl_peek(s,buf,num));
-	}
-
-int SSL_write(SSL *s,const void *buf,int num)
-	{
-	if (s->handshake_func == 0)
-		{
-		SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
-		return -1;
-		}
-
-	if (s->shutdown & SSL_SENT_SHUTDOWN)
-		{
-		s->rwstate=SSL_NOTHING;
-		SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
-		return(-1);
-		}
-	return(s->method->ssl_write(s,buf,num));
-	}
-
-int SSL_shutdown(SSL *s)
-	{
-	/* Note that this function behaves differently from what one might
-	 * expect.  Return values are 0 for no success (yet),
-	 * 1 for success; but calling it once is usually not enough,
-	 * even if blocking I/O is used (see ssl3_shutdown).
-	 */
-
-	if (s->handshake_func == 0)
-		{
-		SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
-		return -1;
-		}
-
-	if ((s != NULL) && !SSL_in_init(s))
-		return(s->method->ssl_shutdown(s));
-	else
-		return(1);
-	}
-
-int SSL_renegotiate(SSL *s)
-	{
-	if (s->new_session == 0)
-		{
-		s->new_session=1;
-		}
-	return(s->method->ssl_renegotiate(s));
-	}
-
-int SSL_renegotiate_pending(SSL *s)
-	{
-	/* becomes true when negotiation is requested;
-	 * false again once a handshake has finished */
-	return (s->new_session != 0);
-	}
-
-long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
-	{
-	long l;
-
-	switch (cmd)
-		{
-	case SSL_CTRL_GET_READ_AHEAD:
-		return(s->read_ahead);
-	case SSL_CTRL_SET_READ_AHEAD:
-		l=s->read_ahead;
-		s->read_ahead=larg;
-		return(l);
-
-	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-		s->msg_callback_arg = parg;
-		return 1;
-
-	case SSL_CTRL_OPTIONS:
-		return(s->options|=larg);
-	case SSL_CTRL_MODE:
-		return(s->mode|=larg);
-	case SSL_CTRL_GET_MAX_CERT_LIST:
-		return(s->max_cert_list);
-	case SSL_CTRL_SET_MAX_CERT_LIST:
-		l=s->max_cert_list;
-		s->max_cert_list=larg;
-		return(l);
-	default:
-		return(s->method->ssl_ctrl(s,cmd,larg,parg));
-		}
-	}
-
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
-	{
-	switch(cmd)
-		{
-	case SSL_CTRL_SET_MSG_CALLBACK:
-		s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
-		return 1;
-		
-	default:
-		return(s->method->ssl_callback_ctrl(s,cmd,fp));
-		}
-	}
-
-struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
-	{
-	return ctx->sessions;
-	}
-
-long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
-	{
-	long l;
-
-	switch (cmd)
-		{
-	case SSL_CTRL_GET_READ_AHEAD:
-		return(ctx->read_ahead);
-	case SSL_CTRL_SET_READ_AHEAD:
-		l=ctx->read_ahead;
-		ctx->read_ahead=larg;
-		return(l);
-		
-	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-		ctx->msg_callback_arg = parg;
-		return 1;
-
-	case SSL_CTRL_GET_MAX_CERT_LIST:
-		return(ctx->max_cert_list);
-	case SSL_CTRL_SET_MAX_CERT_LIST:
-		l=ctx->max_cert_list;
-		ctx->max_cert_list=larg;
-		return(l);
-
-	case SSL_CTRL_SET_SESS_CACHE_SIZE:
-		l=ctx->session_cache_size;
-		ctx->session_cache_size=larg;
-		return(l);
-	case SSL_CTRL_GET_SESS_CACHE_SIZE:
-		return(ctx->session_cache_size);
-	case SSL_CTRL_SET_SESS_CACHE_MODE:
-		l=ctx->session_cache_mode;
-		ctx->session_cache_mode=larg;
-		return(l);
-	case SSL_CTRL_GET_SESS_CACHE_MODE:
-		return(ctx->session_cache_mode);
-
-	case SSL_CTRL_SESS_NUMBER:
-		return(ctx->sessions->num_items);
-	case SSL_CTRL_SESS_CONNECT:
-		return(ctx->stats.sess_connect);
-	case SSL_CTRL_SESS_CONNECT_GOOD:
-		return(ctx->stats.sess_connect_good);
-	case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
-		return(ctx->stats.sess_connect_renegotiate);
-	case SSL_CTRL_SESS_ACCEPT:
-		return(ctx->stats.sess_accept);
-	case SSL_CTRL_SESS_ACCEPT_GOOD:
-		return(ctx->stats.sess_accept_good);
-	case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
-		return(ctx->stats.sess_accept_renegotiate);
-	case SSL_CTRL_SESS_HIT:
-		return(ctx->stats.sess_hit);
-	case SSL_CTRL_SESS_CB_HIT:
-		return(ctx->stats.sess_cb_hit);
-	case SSL_CTRL_SESS_MISSES:
-		return(ctx->stats.sess_miss);
-	case SSL_CTRL_SESS_TIMEOUTS:
-		return(ctx->stats.sess_timeout);
-	case SSL_CTRL_SESS_CACHE_FULL:
-		return(ctx->stats.sess_cache_full);
-	case SSL_CTRL_OPTIONS:
-		return(ctx->options|=larg);
-	case SSL_CTRL_MODE:
-		return(ctx->mode|=larg);
-	default:
-		return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
-		}
-	}
-
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
-	{
-	switch(cmd)
-		{
-	case SSL_CTRL_SET_MSG_CALLBACK:
-		ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
-		return 1;
-
-	default:
-		return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
-		}
-	}
-
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
-	{
-	long l;
-
-	l=a->id-b->id;
-	if (l == 0L)
-		return(0);
-	else
-		return((l > 0)?1:-1);
-	}
-
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
-			const SSL_CIPHER * const *bp)
-	{
-	long l;
-
-	l=(*ap)->id-(*bp)->id;
-	if (l == 0L)
-		return(0);
-	else
-		return((l > 0)?1:-1);
-	}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
-	{
-	if (s != NULL)
-		{
-		if (s->cipher_list != NULL)
-			{
-			return(s->cipher_list);
-			}
-		else if ((s->ctx != NULL) &&
-			(s->ctx->cipher_list != NULL))
-			{
-			return(s->ctx->cipher_list);
-			}
-		}
-	return(NULL);
-	}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * algorithm id */
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
-	{
-	if (s != NULL)
-		{
-		if (s->cipher_list_by_id != NULL)
-			{
-			return(s->cipher_list_by_id);
-			}
-		else if ((s->ctx != NULL) &&
-			(s->ctx->cipher_list_by_id != NULL))
-			{
-			return(s->ctx->cipher_list_by_id);
-			}
-		}
-	return(NULL);
-	}
-
-/** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(SSL *s,int n)
-	{
-	SSL_CIPHER *c;
-	STACK_OF(SSL_CIPHER) *sk;
-
-	if (s == NULL) return(NULL);
-	sk=SSL_get_ciphers(s);
-	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
-		return(NULL);
-	c=sk_SSL_CIPHER_value(sk,n);
-	if (c == NULL) return(NULL);
-	return(c->name);
-	}
-
-/** specify the ciphers to be used by default by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
-	{
-	STACK_OF(SSL_CIPHER) *sk;
-	
-	sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
-		&ctx->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
-	}
-
-/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s,const char *str)
-	{
-	STACK_OF(SSL_CIPHER) *sk;
-	
-	sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
-		&s->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
-	}
-
-/* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
-	{
-	char *p;
-	const char *cp;
-	STACK_OF(SSL_CIPHER) *sk;
-	SSL_CIPHER *c;
-	int i;
-
-	if ((s->session == NULL) || (s->session->ciphers == NULL) ||
-		(len < 2))
-		return(NULL);
-
-	p=buf;
-	sk=s->session->ciphers;
-	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-		{
-		/* Decrement for either the ':' or a '\0' */
-		len--;
-		c=sk_SSL_CIPHER_value(sk,i);
-		for (cp=c->name; *cp; )
-			{
-			if (len-- == 0)
-				{
-				*p='\0';
-				return(buf);
-				}
-			else
-				*(p++)= *(cp++);
-			}
-		*(p++)=':';
-		}
-	p[-1]='\0';
-	return(buf);
-	}
-
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
-	{
-	int i,j=0;
-	SSL_CIPHER *c;
-	unsigned char *q;
-#ifndef OPENSSL_NO_KRB5
-        int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
-#endif /* OPENSSL_NO_KRB5 */
-
-	if (sk == NULL) return(0);
-	q=p;
-
-	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-		{
-		c=sk_SSL_CIPHER_value(sk,i);
-#ifndef OPENSSL_NO_KRB5
-                if ((c->algorithms & SSL_KRB5) && nokrb5)
-                    continue;
-#endif /* OPENSSL_NO_KRB5 */                    
-		j=ssl_put_cipher_by_char(s,c,p);
-		p+=j;
-		}
-	return(p-q);
-	}
-
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
-					       STACK_OF(SSL_CIPHER) **skp)
-	{
-	SSL_CIPHER *c;
-	STACK_OF(SSL_CIPHER) *sk;
-	int i,n;
-
-	n=ssl_put_cipher_by_char(s,NULL,NULL);
-	if ((num%n) != 0)
-		{
-		SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
-		return(NULL);
-		}
-	if ((skp == NULL) || (*skp == NULL))
-		sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
-	else
-		{
-		sk= *skp;
-		sk_SSL_CIPHER_zero(sk);
-		}
-
-	for (i=0; i<num; i+=n)
-		{
-		c=ssl_get_cipher_by_char(s,p);
-		p+=n;
-		if (c != NULL)
-			{
-			if (!sk_SSL_CIPHER_push(sk,c))
-				{
-				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			}
-		}
-
-	if (skp != NULL)
-		*skp=sk;
-	return(sk);
-err:
-	if ((skp == NULL) || (*skp == NULL))
-		sk_SSL_CIPHER_free(sk);
-	return(NULL);
-	}
-
-unsigned long SSL_SESSION_hash(SSL_SESSION *a)
-	{
-	unsigned long l;
-
-	l=(unsigned long)
-		((unsigned int) a->session_id[0]     )|
-		((unsigned int) a->session_id[1]<< 8L)|
-		((unsigned long)a->session_id[2]<<16L)|
-		((unsigned long)a->session_id[3]<<24L);
-	return(l);
-	}
-
-/* NB: If this function (or indeed the hash function which uses a sort of
- * coarser function than this one) is changed, ensure
- * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
- * able to construct an SSL_SESSION that will collide with any existing session
- * with a matching session ID. */
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
-	{
-	if (a->ssl_version != b->ssl_version)
-		return(1);
-	if (a->session_id_length != b->session_id_length)
-		return(1);
-	return(memcmp(a->session_id,b->session_id,a->session_id_length));
-	}
-
-/* These wrapper functions should remain rather than redeclaring
- * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
- * variable. The reason is that the functions aren't static, they're exposed via
- * ssl.h. */
-static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
-static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
-
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
-	{
-	SSL_CTX *ret=NULL;
-	
-	if (meth == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
-		return(NULL);
-		}
-
-	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
-		goto err;
-		}
-	ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
-	if (ret == NULL)
-		goto err;
-
-	memset(ret,0,sizeof(SSL_CTX));
-
-	ret->method=meth;
-
-	ret->cert_store=NULL;
-	ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
-	ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
-	ret->session_cache_head=NULL;
-	ret->session_cache_tail=NULL;
-
-	/* We take the system default */
-	ret->session_timeout=meth->get_timeout();
-
-	ret->new_session_cb=0;
-	ret->remove_session_cb=0;
-	ret->get_session_cb=0;
-	ret->generate_session_id=0;
-
-	memset((char *)&ret->stats,0,sizeof(ret->stats));
-
-	ret->references=1;
-	ret->quiet_shutdown=0;
-
-/*	ret->cipher=NULL;*/
-/*	ret->s2->challenge=NULL;
-	ret->master_key=NULL;
-	ret->key_arg=NULL;
-	ret->s2->conn_id=NULL; */
-
-	ret->info_callback=NULL;
-
-	ret->app_verify_callback=0;
-	ret->app_verify_arg=NULL;
-
-	ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
-	ret->read_ahead=0;
-	ret->msg_callback=0;
-	ret->msg_callback_arg=NULL;
-	ret->verify_mode=SSL_VERIFY_NONE;
-	ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
-	ret->sid_ctx_length=0;
-	ret->default_verify_callback=NULL;
-	if ((ret->cert=ssl_cert_new()) == NULL)
-		goto err;
-
-	ret->default_passwd_callback=0;
-	ret->default_passwd_callback_userdata=NULL;
-	ret->client_cert_cb=0;
-
-	ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
-			LHASH_COMP_FN(SSL_SESSION_cmp));
-	if (ret->sessions == NULL) goto err;
-	ret->cert_store=X509_STORE_new();
-	if (ret->cert_store == NULL) goto err;
-
-	ssl_create_cipher_list(ret->method,
-		&ret->cipher_list,&ret->cipher_list_by_id,
-		SSL_DEFAULT_CIPHER_LIST);
-	if (ret->cipher_list == NULL
-	    || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
-		goto err2;
-		}
-
-	if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
-		goto err2;
-		}
-	if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
-		goto err2;
-		}
-	if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
-		goto err2;
-		}
-
-	if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
-		goto err;
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
-
-	ret->extra_certs=NULL;
-	ret->comp_methods=SSL_COMP_get_compression_methods();
-
-	return(ret);
-err:
-	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
-err2:
-	if (ret != NULL) SSL_CTX_free(ret);
-	return(NULL);
-	}
-
-#if 0
-static void SSL_COMP_free(SSL_COMP *comp)
-    { OPENSSL_free(comp); }
-#endif
-
-void SSL_CTX_free(SSL_CTX *a)
-	{
-	int i;
-
-	if (a == NULL) return;
-
-	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
-#ifdef REF_PRINT
-	REF_PRINT("SSL_CTX",a);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"SSL_CTX_free, bad reference count\n");
-		abort(); /* ok */
-		}
-#endif
-
-	/*
-	 * Free internal session cache. However: the remove_cb() may reference
-	 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
-	 * after the sessions were flushed.
-	 * As the ex_data handling routines might also touch the session cache,
-	 * the most secure solution seems to be: empty (flush) the cache, then
-	 * free ex_data, then finally free the cache.
-	 * (See ticket [openssl.org #212].)
-	 */
-	if (a->sessions != NULL)
-		SSL_CTX_flush_sessions(a,0);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
-	if (a->sessions != NULL)
-		lh_free(a->sessions);
-
-	if (a->cert_store != NULL)
-		X509_STORE_free(a->cert_store);
-	if (a->cipher_list != NULL)
-		sk_SSL_CIPHER_free(a->cipher_list);
-	if (a->cipher_list_by_id != NULL)
-		sk_SSL_CIPHER_free(a->cipher_list_by_id);
-	if (a->cert != NULL)
-		ssl_cert_free(a->cert);
-	if (a->client_CA != NULL)
-		sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
-	if (a->extra_certs != NULL)
-		sk_X509_pop_free(a->extra_certs,X509_free);
-#if 0 /* This should never be done, since it removes a global database */
-	if (a->comp_methods != NULL)
-		sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
-#else
-	a->comp_methods = NULL;
-#endif
-	OPENSSL_free(a);
-	}
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
-	{
-	ctx->default_passwd_callback=cb;
-	}
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
-	{
-	ctx->default_passwd_callback_userdata=u;
-	}
-
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
-	{
-	ctx->app_verify_callback=cb;
-	ctx->app_verify_arg=arg;
-	}
-
-void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
-	{
-	ctx->verify_mode=mode;
-	ctx->default_verify_callback=cb;
-	}
-
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
-	{
-	ctx->verify_depth=depth;
-	}
-
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
-	{
-	CERT_PKEY *cpk;
-	int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
-	int rsa_enc_export,dh_rsa_export,dh_dsa_export;
-	int rsa_tmp_export,dh_tmp_export,kl;
-	unsigned long mask,emask;
-
-	if (c == NULL) return;
-
-	kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
-
-#ifndef OPENSSL_NO_RSA
-	rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
-	rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
-		(rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
-#else
-	rsa_tmp=rsa_tmp_export=0;
-#endif
-#ifndef OPENSSL_NO_DH
-	dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
-	dh_tmp_export=(c->dh_tmp_cb != NULL ||
-		(dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
-#else
-	dh_tmp=dh_tmp_export=0;
-#endif
-
-	cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
-	rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
-	rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-	cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
-	rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
-	cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
-	dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
-	cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
-	dh_rsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
-	dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-	cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
-/* FIX THIS EAY EAY EAY */
-	dh_dsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
-	dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-
-	mask=0;
-	emask=0;
-
-#ifdef CIPHER_DEBUG
-	printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
-		rsa_tmp,rsa_tmp_export,dh_tmp,
-		rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
-#endif
-
-	if (rsa_enc || (rsa_tmp && rsa_sign))
-		mask|=SSL_kRSA;
-	if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
-		emask|=SSL_kRSA;
-
-#if 0
-	/* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
-	if (	(dh_tmp || dh_rsa || dh_dsa) && 
-		(rsa_enc || rsa_sign || dsa_sign))
-		mask|=SSL_kEDH;
-	if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
-		(rsa_enc || rsa_sign || dsa_sign))
-		emask|=SSL_kEDH;
-#endif
-
-	if (dh_tmp_export) 
-		emask|=SSL_kEDH;
-
-	if (dh_tmp)
-		mask|=SSL_kEDH;
-
-	if (dh_rsa) mask|=SSL_kDHr;
-	if (dh_rsa_export) emask|=SSL_kDHr;
-
-	if (dh_dsa) mask|=SSL_kDHd;
-	if (dh_dsa_export) emask|=SSL_kDHd;
-
-	if (rsa_enc || rsa_sign)
-		{
-		mask|=SSL_aRSA;
-		emask|=SSL_aRSA;
-		}
-
-	if (dsa_sign)
-		{
-		mask|=SSL_aDSS;
-		emask|=SSL_aDSS;
-		}
-
-	mask|=SSL_aNULL;
-	emask|=SSL_aNULL;
-
-#ifndef OPENSSL_NO_KRB5
-	mask|=SSL_kKRB5|SSL_aKRB5;
-	emask|=SSL_kKRB5|SSL_aKRB5;
-#endif
-
-	c->mask=mask;
-	c->export_mask=emask;
-	c->valid=1;
-	}
-
-/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
-	{
-	unsigned long alg,mask,kalg;
-	CERT *c;
-	int i,is_export;
-
-	c=s->cert;
-	ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-	alg=s->s3->tmp.new_cipher->algorithms;
-	is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-	mask=is_export?c->export_mask:c->mask;
-	kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
-
-	if 	(kalg & SSL_kDHr)
-		i=SSL_PKEY_DH_RSA;
-	else if (kalg & SSL_kDHd)
-		i=SSL_PKEY_DH_DSA;
-	else if (kalg & SSL_aDSS)
-		i=SSL_PKEY_DSA_SIGN;
-	else if (kalg & SSL_aRSA)
-		{
-		if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
-			i=SSL_PKEY_RSA_SIGN;
-		else
-			i=SSL_PKEY_RSA_ENC;
-		}
-	else if (kalg & SSL_aKRB5)
-		{
-		/* VRS something else here? */
-		return(NULL);
-		}
-	else /* if (kalg & SSL_aNULL) */
-		{
-		SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
-		return(NULL);
-		}
-	if (c->pkeys[i].x509 == NULL) return(NULL);
-	return(c->pkeys[i].x509);
-	}
-
-EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
-	{
-	unsigned long alg;
-	CERT *c;
-
-	alg=cipher->algorithms;
-	c=s->cert;
-
-	if ((alg & SSL_aDSS) &&
-		(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
-		return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
-	else if (alg & SSL_aRSA)
-		{
-		if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
-			return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
-		else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
-			return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
-		else
-			return(NULL);
-		}
-	else /* if (alg & SSL_aNULL) */
-		{
-		SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
-		return(NULL);
-		}
-	}
-
-void ssl_update_cache(SSL *s,int mode)
-	{
-	int i;
-
-	/* If the session_id_length is 0, we are not supposed to cache it,
-	 * and it would be rather hard to do anyway :-) */
-	if (s->session->session_id_length == 0) return;
-
-	i=s->ctx->session_cache_mode;
-	if ((i & mode) && (!s->hit)
-		&& ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
-		    || SSL_CTX_add_session(s->ctx,s->session))
-		&& (s->ctx->new_session_cb != NULL))
-		{
-		CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
-		if (!s->ctx->new_session_cb(s,s->session))
-			SSL_SESSION_free(s->session);
-		}
-
-	/* auto flush every 255 connections */
-	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
-		((i & mode) == mode))
-		{
-		if (  (((mode & SSL_SESS_CACHE_CLIENT)
-			?s->ctx->stats.sess_connect_good
-			:s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
-			{
-			SSL_CTX_flush_sessions(s->ctx,time(NULL));
-			}
-		}
-	}
-
-SSL_METHOD *SSL_get_ssl_method(SSL *s)
-	{
-	return(s->method);
-	}
-
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
-	{
-	int conn= -1;
-	int ret=1;
-
-	if (s->method != meth)
-		{
-		if (s->handshake_func != NULL)
-			conn=(s->handshake_func == s->method->ssl_connect);
-
-		if (s->method->version == meth->version)
-			s->method=meth;
-		else
-			{
-			s->method->ssl_free(s);
-			s->method=meth;
-			ret=s->method->ssl_new(s);
-			}
-
-		if (conn == 1)
-			s->handshake_func=meth->ssl_connect;
-		else if (conn == 0)
-			s->handshake_func=meth->ssl_accept;
-		}
-	return(ret);
-	}
-
-int SSL_get_error(SSL *s,int i)
-	{
-	int reason;
-	unsigned long l;
-	BIO *bio;
-
-	if (i > 0) return(SSL_ERROR_NONE);
-
-	/* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
-	 * etc, where we do encode the error */
-	if ((l=ERR_peek_error()) != 0)
-		{
-		if (ERR_GET_LIB(l) == ERR_LIB_SYS)
-			return(SSL_ERROR_SYSCALL);
-		else
-			return(SSL_ERROR_SSL);
-		}
-
-	if ((i < 0) && SSL_want_read(s))
-		{
-		bio=SSL_get_rbio(s);
-		if (BIO_should_read(bio))
-			return(SSL_ERROR_WANT_READ);
-		else if (BIO_should_write(bio))
-			/* This one doesn't make too much sense ... We never try
-			 * to write to the rbio, and an application program where
-			 * rbio and wbio are separate couldn't even know what it
-			 * should wait for.
-			 * However if we ever set s->rwstate incorrectly
-			 * (so that we have SSL_want_read(s) instead of
-			 * SSL_want_write(s)) and rbio and wbio *are* the same,
-			 * this test works around that bug; so it might be safer
-			 * to keep it. */
-			return(SSL_ERROR_WANT_WRITE);
-		else if (BIO_should_io_special(bio))
-			{
-			reason=BIO_get_retry_reason(bio);
-			if (reason == BIO_RR_CONNECT)
-				return(SSL_ERROR_WANT_CONNECT);
-			else if (reason == BIO_RR_ACCEPT)
-				return(SSL_ERROR_WANT_ACCEPT);
-			else
-				return(SSL_ERROR_SYSCALL); /* unknown */
-			}
-		}
-
-	if ((i < 0) && SSL_want_write(s))
-		{
-		bio=SSL_get_wbio(s);
-		if (BIO_should_write(bio))
-			return(SSL_ERROR_WANT_WRITE);
-		else if (BIO_should_read(bio))
-			/* See above (SSL_want_read(s) with BIO_should_write(bio)) */
-			return(SSL_ERROR_WANT_READ);
-		else if (BIO_should_io_special(bio))
-			{
-			reason=BIO_get_retry_reason(bio);
-			if (reason == BIO_RR_CONNECT)
-				return(SSL_ERROR_WANT_CONNECT);
-			else if (reason == BIO_RR_ACCEPT)
-				return(SSL_ERROR_WANT_ACCEPT);
-			else
-				return(SSL_ERROR_SYSCALL);
-			}
-		}
-	if ((i < 0) && SSL_want_x509_lookup(s))
-		{
-		return(SSL_ERROR_WANT_X509_LOOKUP);
-		}
-
-	if (i == 0)
-		{
-		if (s->version == SSL2_VERSION)
-			{
-			/* assume it is the socket being closed */
-			return(SSL_ERROR_ZERO_RETURN);
-			}
-		else
-			{
-			if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-				(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
-				return(SSL_ERROR_ZERO_RETURN);
-			}
-		}
-	return(SSL_ERROR_SYSCALL);
-	}
-
-int SSL_do_handshake(SSL *s)
-	{
-	int ret=1;
-
-	if (s->handshake_func == NULL)
-		{
-		SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
-		return(-1);
-		}
-
-	s->method->ssl_renegotiate_check(s);
-
-	if (SSL_in_init(s) || SSL_in_before(s))
-		{
-		ret=s->handshake_func(s);
-		}
-	return(ret);
-	}
-
-/* For the next 2 functions, SSL_clear() sets shutdown and so
- * one of these calls will reset it */
-void SSL_set_accept_state(SSL *s)
-	{
-	s->server=1;
-	s->shutdown=0;
-	s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
-	s->handshake_func=s->method->ssl_accept;
-	/* clear the current cipher */
-	ssl_clear_cipher_ctx(s);
-	}
-
-void SSL_set_connect_state(SSL *s)
-	{
-	s->server=0;
-	s->shutdown=0;
-	s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
-	s->handshake_func=s->method->ssl_connect;
-	/* clear the current cipher */
-	ssl_clear_cipher_ctx(s);
-	}
-
-int ssl_undefined_function(SSL *s)
-	{
-	SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(0);
-	}
-
-SSL_METHOD *ssl_bad_method(int ver)
-	{
-	SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return(NULL);
-	}
-
-const char *SSL_get_version(SSL *s)
-	{
-	if (s->version == TLS1_VERSION)
-		return("TLSv1");
-	else if (s->version == SSL3_VERSION)
-		return("SSLv3");
-	else if (s->version == SSL2_VERSION)
-		return("SSLv2");
-	else
-		return("unknown");
-	}
-
-SSL *SSL_dup(SSL *s)
-	{
-	STACK_OF(X509_NAME) *sk;
-	X509_NAME *xn;
-	SSL *ret;
-	int i;
-		 
-	if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
-	    return(NULL);
-
-	ret->version = s->version;
-	ret->type = s->type;
-	ret->method = s->method;
-
-	if (s->session != NULL)
-		{
-		/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
-		SSL_copy_session_id(ret,s);
-		}
-	else
-		{
-		/* No session has been established yet, so we have to expect
-		 * that s->cert or ret->cert will be changed later --
-		 * they should not both point to the same object,
-		 * and thus we can't use SSL_copy_session_id. */
-
-		ret->method->ssl_free(ret);
-		ret->method = s->method;
-		ret->method->ssl_new(ret);
-
-		if (s->cert != NULL)
-			{
-			if (ret->cert != NULL)
-				{
-				ssl_cert_free(ret->cert);
-				}
-			ret->cert = ssl_cert_dup(s->cert);
-			if (ret->cert == NULL)
-				goto err;
-			}
-				
-		SSL_set_session_id_context(ret,
-			s->sid_ctx, s->sid_ctx_length);
-		}
-
-	ret->options=s->options;
-	ret->mode=s->mode;
-	SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
-	SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
-	ret->msg_callback = s->msg_callback;
-	ret->msg_callback_arg = s->msg_callback_arg;
-	SSL_set_verify(ret,SSL_get_verify_mode(s),
-		SSL_get_verify_callback(s));
-	SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
-	ret->generate_session_id = s->generate_session_id;
-
-	SSL_set_info_callback(ret,SSL_get_info_callback(s));
-	
-	ret->debug=s->debug;
-
-	/* copy app data, a little dangerous perhaps */
-	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
-		goto err;
-
-	/* setup rbio, and wbio */
-	if (s->rbio != NULL)
-		{
-		if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
-			goto err;
-		}
-	if (s->wbio != NULL)
-		{
-		if (s->wbio != s->rbio)
-			{
-			if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
-				goto err;
-			}
-		else
-			ret->wbio=ret->rbio;
-		}
-	ret->rwstate = s->rwstate;
-	ret->in_handshake = s->in_handshake;
-	ret->handshake_func = s->handshake_func;
-	ret->server = s->server;
-	ret->new_session = s->new_session;
-	ret->quiet_shutdown = s->quiet_shutdown;
-	ret->shutdown=s->shutdown;
-	ret->state=s->state; /* SSL_dup does not really work at any state, though */
-	ret->rstate=s->rstate;
-	ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
-	ret->hit=s->hit;
-	ret->purpose=s->purpose;
-	ret->trust=s->trust;
-
-	/* dup the cipher_list and cipher_list_by_id stacks */
-	if (s->cipher_list != NULL)
-		{
-		if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
-			goto err;
-		}
-	if (s->cipher_list_by_id != NULL)
-		if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
-			== NULL)
-			goto err;
-
-	/* Dup the client_CA list */
-	if (s->client_CA != NULL)
-		{
-		if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
-		ret->client_CA=sk;
-		for (i=0; i<sk_X509_NAME_num(sk); i++)
-			{
-			xn=sk_X509_NAME_value(sk,i);
-			if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
-				{
-				X509_NAME_free(xn);
-				goto err;
-				}
-			}
-		}
-
-	if (0)
-		{
-err:
-		if (ret != NULL) SSL_free(ret);
-		ret=NULL;
-		}
-	return(ret);
-	}
-
-void ssl_clear_cipher_ctx(SSL *s)
-	{
-	if (s->enc_read_ctx != NULL)
-		{
-		EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
-		OPENSSL_free(s->enc_read_ctx);
-		s->enc_read_ctx=NULL;
-		}
-	if (s->enc_write_ctx != NULL)
-		{
-		EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
-		OPENSSL_free(s->enc_write_ctx);
-		s->enc_write_ctx=NULL;
-		}
-	if (s->expand != NULL)
-		{
-		COMP_CTX_free(s->expand);
-		s->expand=NULL;
-		}
-	if (s->compress != NULL)
-		{
-		COMP_CTX_free(s->compress);
-		s->compress=NULL;
-		}
-	}
-
-/* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(SSL *s)
-	{
-	if (s->cert != NULL)
-		return(s->cert->key->x509);
-	else
-		return(NULL);
-	}
-
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *SSL_get_privatekey(SSL *s)
-	{
-	if (s->cert != NULL)
-		return(s->cert->key->privatekey);
-	else
-		return(NULL);
-	}
-
-SSL_CIPHER *SSL_get_current_cipher(SSL *s)
-	{
-	if ((s->session != NULL) && (s->session->cipher != NULL))
-		return(s->session->cipher);
-	return(NULL);
-	}
-
-int ssl_init_wbio_buffer(SSL *s,int push)
-	{
-	BIO *bbio;
-
-	if (s->bbio == NULL)
-		{
-		bbio=BIO_new(BIO_f_buffer());
-		if (bbio == NULL) return(0);
-		s->bbio=bbio;
-		}
-	else
-		{
-		bbio=s->bbio;
-		if (s->bbio == s->wbio)
-			s->wbio=BIO_pop(s->wbio);
-		}
-	(void)BIO_reset(bbio);
-/*	if (!BIO_set_write_buffer_size(bbio,16*1024)) */
-	if (!BIO_set_read_buffer_size(bbio,1))
-		{
-		SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
-		return(0);
-		}
-	if (push)
-		{
-		if (s->wbio != bbio)
-			s->wbio=BIO_push(bbio,s->wbio);
-		}
-	else
-		{
-		if (s->wbio == bbio)
-			s->wbio=BIO_pop(bbio);
-		}
-	return(1);
-	}
-
-void ssl_free_wbio_buffer(SSL *s)
-	{
-	if (s->bbio == NULL) return;
-
-	if (s->bbio == s->wbio)
-		{
-		/* remove buffering */
-		s->wbio=BIO_pop(s->wbio);
-#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
-		assert(s->wbio != NULL);
-#endif	
-	}
-	BIO_free(s->bbio);
-	s->bbio=NULL;
-	}
-	
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
-	{
-	ctx->quiet_shutdown=mode;
-	}
-
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
-	{
-	return(ctx->quiet_shutdown);
-	}
-
-void SSL_set_quiet_shutdown(SSL *s,int mode)
-	{
-	s->quiet_shutdown=mode;
-	}
-
-int SSL_get_quiet_shutdown(SSL *s)
-	{
-	return(s->quiet_shutdown);
-	}
-
-void SSL_set_shutdown(SSL *s,int mode)
-	{
-	s->shutdown=mode;
-	}
-
-int SSL_get_shutdown(SSL *s)
-	{
-	return(s->shutdown);
-	}
-
-int SSL_version(SSL *s)
-	{
-	return(s->version);
-	}
-
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
-	{
-	return(ssl->ctx);
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
-	{
-	return(X509_STORE_set_default_paths(ctx->cert_store));
-	}
-
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-		const char *CApath)
-	{
-	return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
-	}
-#endif
-
-void SSL_set_info_callback(SSL *ssl,
-			   void (*cb)(const SSL *ssl,int type,int val))
-	{
-	ssl->info_callback=cb;
-	}
-
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
-	{
-	return ssl->info_callback;
-	}
-
-int SSL_state(SSL *ssl)
-	{
-	return(ssl->state);
-	}
-
-void SSL_set_verify_result(SSL *ssl,long arg)
-	{
-	ssl->verify_result=arg;
-	}
-
-long SSL_get_verify_result(SSL *ssl)
-	{
-	return(ssl->verify_result);
-	}
-
-int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
-			 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
-				new_func, dup_func, free_func);
-	}
-
-int SSL_set_ex_data(SSL *s,int idx,void *arg)
-	{
-	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
-	}
-
-void *SSL_get_ex_data(SSL *s,int idx)
-	{
-	return(CRYPTO_get_ex_data(&s->ex_data,idx));
-	}
-
-int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
-			     CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
-				new_func, dup_func, free_func);
-	}
-
-int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
-	{
-	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
-	}
-
-void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
-	{
-	return(CRYPTO_get_ex_data(&s->ex_data,idx));
-	}
-
-int ssl_ok(SSL *s)
-	{
-	return(1);
-	}
-
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
-	{
-	return(ctx->cert_store);
-	}
-
-void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
-	{
-	if (ctx->cert_store != NULL)
-		X509_STORE_free(ctx->cert_store);
-	ctx->cert_store=store;
-	}
-
-int SSL_want(SSL *s)
-	{
-	return(s->rwstate);
-	}
-
-/*!
- * \brief Set the callback for generating temporary RSA keys.
- * \param ctx the SSL context.
- * \param cb the callback
- */
-
-#ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
-							  int is_export,
-							  int keylength))
-    {
-    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
-    }
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
-						  int is_export,
-						  int keylength))
-    {
-    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
-    }
-#endif
-
-#ifdef DOXYGEN
-/*!
- * \brief The RSA temporary key callback function.
- * \param ssl the SSL session.
- * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
- * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
- * of the required key in bits.
- * \return the temporary RSA key.
- * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
- */
-
-RSA *cb(SSL *ssl,int is_export,int keylength)
-    {}
-#endif
-
-/*!
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
-							int keylength))
-	{
-	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
-	}
-
-void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
-						int keylength))
-	{
-	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
-	}
-#endif
-
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
-	{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
-	}
-void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
-	{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
-	}
-
-
-
-#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
-#include "../crypto/bio/bss_file.c"
-#endif
-
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/crypto/openssl/ssl/ssl_locl.h b/crypto/openssl/ssl/ssl_locl.h
deleted file mode 100644
index dd6c7a7323f0..000000000000
--- a/crypto/openssl/ssl/ssl_locl.h
+++ /dev/null
@@ -1,620 +0,0 @@
-/* ssl/ssl_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SSL_LOCL_H
-#define HEADER_SSL_LOCL_H
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include <errno.h>
-
-#include "e_os.h"
-
-#include <openssl/buffer.h>
-#include <openssl/comp.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-#include <openssl/symhacks.h>
-
-#ifdef OPENSSL_BUILD_SHLIBSSL
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#define PKCS1_CHECK
-
-#define c2l(c,l)	(l = ((unsigned long)(*((c)++)))     , \
-			 l|=(((unsigned long)(*((c)++)))<< 8), \
-			 l|=(((unsigned long)(*((c)++)))<<16), \
-			 l|=(((unsigned long)(*((c)++)))<<24))
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-#define n2l(c,l)	(l =((unsigned long)(*((c)++)))<<24, \
-			 l|=((unsigned long)(*((c)++)))<<16, \
-			 l|=((unsigned long)(*((c)++)))<< 8, \
-			 l|=((unsigned long)(*((c)++))))
-
-#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)    )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-				} \
-			}
-
-#define n2s(c,s)	((s=(((unsigned int)(c[0]))<< 8)| \
-			    (((unsigned int)(c[1]))    )),c+=2)
-#define s2n(s,c)	((c[0]=(unsigned char)(((s)>> 8)&0xff), \
-			  c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
-
-#define n2l3(c,l)	((l =(((unsigned long)(c[0]))<<16)| \
-			     (((unsigned long)(c[1]))<< 8)| \
-			     (((unsigned long)(c[2]))    )),c+=3)
-
-#define l2n3(l,c)	((c[0]=(unsigned char)(((l)>>16)&0xff), \
-			  c[1]=(unsigned char)(((l)>> 8)&0xff), \
-			  c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
-
-/* LOCAL STUFF */
-
-#define SSL_DECRYPT	0
-#define SSL_ENCRYPT	1
-
-#define TWO_BYTE_BIT	0x80
-#define SEC_ESC_BIT	0x40
-#define TWO_BYTE_MASK	0x7fff
-#define THREE_BYTE_MASK	0x3fff
-
-#define INC32(a)	((a)=((a)+1)&0xffffffffL)
-#define DEC32(a)	((a)=((a)-1)&0xffffffffL)
-#define MAX_MAC_SIZE	20 /* up from 16 for SSLv3 */
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-#define SSL_MKEY_MASK		0x0000003FL
-#define SSL_kRSA		0x00000001L /* RSA key exchange */
-#define SSL_kDHr		0x00000002L /* DH cert RSA CA cert */
-#define SSL_kDHd		0x00000004L /* DH cert DSA CA cert */
-#define SSL_kFZA		0x00000008L
-#define SSL_kEDH		0x00000010L /* tmp DH key no DH cert */
-#define SSL_kKRB5		0x00000020L /* Kerberos5 key exchange */
-#define SSL_EDH			(SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
-
-#define SSL_AUTH_MASK		0x00000FC0L
-#define SSL_aRSA		0x00000040L /* Authenticate with RSA */
-#define SSL_aDSS 		0x00000080L /* Authenticate with DSS */
-#define SSL_DSS 		SSL_aDSS
-#define SSL_aFZA 		0x00000100L
-#define SSL_aNULL 		0x00000200L /* no Authenticate, ADH */
-#define SSL_aDH 		0x00000400L /* no Authenticate, ADH */
-#define SSL_aKRB5               0x00000800L /* Authenticate with KRB5 */
-
-#define SSL_NULL		(SSL_eNULL)
-#define SSL_ADH			(SSL_kEDH|SSL_aNULL)
-#define SSL_RSA			(SSL_kRSA|SSL_aRSA)
-#define SSL_DH			(SSL_kDHr|SSL_kDHd|SSL_kEDH)
-#define SSL_FZA			(SSL_aFZA|SSL_kFZA|SSL_eFZA)
-#define SSL_KRB5                (SSL_kKRB5|SSL_aKRB5)
-
-#define SSL_ENC_MASK		0x0087F000L
-#define SSL_DES			0x00001000L
-#define SSL_3DES		0x00002000L
-#define SSL_RC4			0x00004000L
-#define SSL_RC2			0x00008000L
-#define SSL_IDEA		0x00010000L
-#define SSL_eFZA		0x00020000L
-#define SSL_eNULL		0x00040000L
-#define SSL_AES			0x00800000L
-
-#define SSL_MAC_MASK		0x00180000L
-#define SSL_MD5			0x00080000L
-#define SSL_SHA1		0x00100000L
-#define SSL_SHA			(SSL_SHA1)
-
-#define SSL_SSL_MASK		0x00600000L
-#define SSL_SSLV2		0x00200000L
-#define SSL_SSLV3		0x00400000L
-#define SSL_TLSV1		SSL_SSLV3	/* for now */
-
-/* we have used 007fffff - 9 bits left to go */
-
-/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
- */
-#define SSL_EXP_MASK		0x00000003L
-#define SSL_NOT_EXP		0x00000001L
-#define SSL_EXPORT		0x00000002L
-
-#define SSL_STRONG_MASK		0x000000fcL
-#define SSL_STRONG_NONE		0x00000004L
-#define SSL_EXP40		0x00000008L
-#define SSL_MICRO		(SSL_EXP40)
-#define SSL_EXP56		0x00000010L
-#define SSL_MINI		(SSL_EXP56)
-#define SSL_LOW			0x00000020L
-#define SSL_MEDIUM		0x00000040L
-#define SSL_HIGH		0x00000080L
-
-/* we have used 000000ff - 24 bits left to go */
-
-/*
- * Macros to check the export status and cipher strength for export ciphers.
- * Even though the macros for EXPORT and EXPORT40/56 have similar names,
- * their meaning is different:
- * *_EXPORT macros check the 'exportable' status.
- * *_EXPORT40/56 macros are used to check whether a certain cipher strength
- *          is given.
- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
- * algorithm structure element to be passed (algorithms, algo_strength) and no
- * typechecking can be done as they are all of type unsigned long, their
- * direct usage is discouraged.
- * Use the SSL_C_* macros instead.
- */
-#define SSL_IS_EXPORT(a)	((a)&SSL_EXPORT)
-#define SSL_IS_EXPORT56(a)	((a)&SSL_EXP56)
-#define SSL_IS_EXPORT40(a)	((a)&SSL_EXP40)
-#define SSL_C_IS_EXPORT(c)	SSL_IS_EXPORT((c)->algo_strength)
-#define SSL_C_IS_EXPORT56(c)	SSL_IS_EXPORT56((c)->algo_strength)
-#define SSL_C_IS_EXPORT40(c)	SSL_IS_EXPORT40((c)->algo_strength)
-
-#define SSL_EXPORT_KEYLENGTH(a,s)	(SSL_IS_EXPORT40(s) ? 5 : \
-				 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
-#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-#define SSL_C_EXPORT_KEYLENGTH(c)	SSL_EXPORT_KEYLENGTH((c)->algorithms, \
-				(c)->algo_strength)
-#define SSL_C_EXPORT_PKEYLENGTH(c)	SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-
-
-#define SSL_ALL			0xffffffffL
-#define SSL_ALL_CIPHERS		(SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
-				SSL_MAC_MASK)
-#define SSL_ALL_STRENGTHS	(SSL_EXP_MASK|SSL_STRONG_MASK)
-
-/* Mostly for SSLv3 */
-#define SSL_PKEY_RSA_ENC	0
-#define SSL_PKEY_RSA_SIGN	1
-#define SSL_PKEY_DSA_SIGN	2
-#define SSL_PKEY_DH_RSA		3
-#define SSL_PKEY_DH_DSA		4
-#define SSL_PKEY_NUM		5
-
-/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- * 	    <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/*
-#define CERT_INVALID		0
-#define CERT_PUBLIC_KEY		1
-#define CERT_PRIVATE_KEY	2
-*/
-
-typedef struct cert_pkey_st
-	{
-	X509 *x509;
-	EVP_PKEY *privatekey;
-	} CERT_PKEY;
-
-typedef struct cert_st
-	{
-	/* Current active set */
-	CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
-			 * Probably it would make more sense to store
-			 * an index, not a pointer. */
- 
-	/* The following masks are for the key and auth
-	 * algorithms that are supported by the certs below */
-	int valid;
-	unsigned long mask;
-	unsigned long export_mask;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa_tmp;
-	RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
-#endif
-#ifndef OPENSSL_NO_DH
-	DH *dh_tmp;
-	DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
-#endif
-
-	CERT_PKEY pkeys[SSL_PKEY_NUM];
-
-	int references; /* >1 only if SSL_copy_session_id is used */
-	} CERT;
-
-
-typedef struct sess_cert_st
-	{
-	STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
-
-	/* The 'peer_...' members are used only by clients. */
-	int peer_cert_type;
-
-	CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
-	CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
-	/* Obviously we don't have the private keys of these,
-	 * so maybe we shouldn't even use the CERT_PKEY type here. */
-
-#ifndef OPENSSL_NO_RSA
-	RSA *peer_rsa_tmp; /* not used for SSL 2 */
-#endif
-#ifndef OPENSSL_NO_DH
-	DH *peer_dh_tmp; /* not used for SSL 2 */
-#endif
-
-	int references; /* actually always 1 at the moment */
-	} SESS_CERT;
-
-
-/*#define MAC_DEBUG	*/
-
-/*#define ERR_DEBUG	*/
-/*#define ABORT_DEBUG	*/
-/*#define PKT_DEBUG 1   */
-/*#define DES_DEBUG	*/
-/*#define DES_OFB_DEBUG	*/
-/*#define SSL_DEBUG	*/
-/*#define RSA_DEBUG	*/ 
-/*#define IDEA_DEBUG	*/ 
-
-#define FP_ICC  (int (*)(const void *,const void *))
-#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
-		((ssl)->method->put_cipher_by_char((ciph),(ptr)))
-#define ssl_get_cipher_by_char(ssl,ptr) \
-		((ssl)->method->get_cipher_by_char(ptr))
-
-/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
- * It is a bit of a mess of functions, but hell, think of it as
- * an opaque structure :-) */
-typedef struct ssl3_enc_method
-	{
-	int (*enc)(SSL *, int);
-	int (*mac)(SSL *, unsigned char *, int);
-	int (*setup_key_block)(SSL *);
-	int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
-	int (*change_cipher_state)(SSL *, int);
-	int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
-	int finish_mac_length;
-	int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
-	const char *client_finished_label;
-	int client_finished_label_len;
-	const char *server_finished_label;
-	int server_finished_label_len;
-	int (*alert_value)(int);
-	} SSL3_ENC_METHOD;
-
-/* Used for holding the relevant compression methods loaded into SSL_CTX */
-typedef struct ssl3_comp_st
-	{
-	int comp_id;	/* The identifier byte for this compression type */
-	char *name;	/* Text name used for the compression type */
-	COMP_METHOD *method; /* The method :-) */
-	} SSL3_COMP;
-
-OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
-OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
-
-#ifdef OPENSSL_SYS_VMS
-#undef SSL_COMP_get_compression_methods
-#define SSL_COMP_get_compression_methods	SSL_COMP_get_compress_methods
-#endif
-
-
-SSL_METHOD *ssl_bad_method(int ver);
-SSL_METHOD *sslv2_base_method(void);
-SSL_METHOD *sslv23_base_method(void);
-SSL_METHOD *sslv3_base_method(void);
-
-void ssl_clear_cipher_ctx(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-CERT *ssl_cert_new(void);
-CERT *ssl_cert_dup(CERT *cert);
-int ssl_cert_inst(CERT **o);
-void ssl_cert_free(CERT *c);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_set_peer_cert_type(SESS_CERT *c, int type);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
-			const SSL_CIPHER * const *bp);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
-					       STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
-					     STACK_OF(SSL_CIPHER) **pref,
-					     STACK_OF(SSL_CIPHER) **sorted,
-					     const char *rule_str);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
-		       SSL_COMP **comp);
-int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
-int ssl_undefined_function(SSL *s);
-X509 *ssl_get_server_send_cert(SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
-int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(long type);
-
-int ssl2_enc_init(SSL *s, int client);
-int ssl2_generate_key_material(SSL *s);
-void ssl2_enc(SSL *s,int send_data);
-void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
-int ssl2_part_read(SSL *s, unsigned long f, int i);
-int ssl2_do_write(SSL *s);
-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
-void ssl2_return_error(SSL *s,int reason);
-void ssl2_write_error(SSL *s);
-int ssl2_num_ciphers(void);
-SSL_CIPHER *ssl2_get_cipher(unsigned int u);
-int	ssl2_new(SSL *s);
-void	ssl2_free(SSL *s);
-int	ssl2_accept(SSL *s);
-int	ssl2_connect(SSL *s);
-int	ssl2_read(SSL *s, void *buf, int len);
-int	ssl2_peek(SSL *s, void *buf, int len);
-int	ssl2_write(SSL *s, const void *buf, int len);
-int	ssl2_shutdown(SSL *s);
-void	ssl2_clear(SSL *s);
-long	ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
-long	ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
-long	ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long	ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int	ssl2_pending(SSL *s);
-
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
-void ssl3_init_finished_mac(SSL *s);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_get_finished(SSL *s,int state_a,int state_b);
-int ssl3_setup_key_block(SSL *s);
-int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
-int ssl3_change_cipher_state(SSL *s,int which);
-void ssl3_cleanup_key_block(SSL *s);
-int ssl3_do_write(SSL *s,int type);
-void ssl3_send_alert(SSL *s,int level, int desc);
-int ssl3_generate_master_secret(SSL *s, unsigned char *out,
-	unsigned char *p, int len);
-int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
-int ssl3_num_ciphers(void);
-SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-int ssl3_renegotiate(SSL *ssl); 
-int ssl3_renegotiate_check(SSL *ssl); 
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
-	const char *sender, int slen,unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-int ssl3_enc(SSL *s, int send_data);
-int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,
-			       STACK_OF(SSL_CIPHER) *srvr);
-int	ssl3_setup_buffers(SSL *s);
-int	ssl3_new(SSL *s);
-void	ssl3_free(SSL *s);
-int	ssl3_accept(SSL *s);
-int	ssl3_connect(SSL *s);
-int	ssl3_read(SSL *s, void *buf, int len);
-int	ssl3_peek(SSL *s, void *buf, int len);
-int	ssl3_write(SSL *s, const void *buf, int len);
-int	ssl3_shutdown(SSL *s);
-void	ssl3_clear(SSL *s);
-long	ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
-long	ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
-long	ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long	ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int	ssl3_pending(SSL *s);
-
-int ssl23_accept(SSL *s);
-int ssl23_connect(SSL *s);
-int ssl23_read_bytes(SSL *s, int n);
-int ssl23_write_bytes(SSL *s);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
-long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
-SSL_METHOD *tlsv1_base_method(void );
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_change_cipher_state(SSL *s, int which);
-int tls1_setup_key_block(SSL *s);
-int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
-	const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
-int tls1_mac(SSL *ssl, unsigned char *md, int snd);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
-	unsigned char *p, int len);
-int tls1_alert_code(int code);
-int ssl3_alert_code(int code);
-int ssl_ok(SSL *s);
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-
-
-#endif
diff --git a/crypto/openssl/ssl/ssl_rsa.c b/crypto/openssl/ssl/ssl_rsa.c
deleted file mode 100644
index 03828b663262..000000000000
--- a/crypto/openssl/ssl/ssl_rsa.c
+++ /dev/null
@@ -1,815 +0,0 @@
-/* ssl/ssl_rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/bio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-static int ssl_set_cert(CERT *c, X509 *x509);
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
-int SSL_use_certificate(SSL *ssl, X509 *x)
-	{
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ssl->cert))
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	return(ssl_set_cert(ssl->cert,x));
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
-	{
-	int j;
-	BIO *in;
-	int ret=0;
-	X509 *x=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if (type == SSL_FILETYPE_ASN1)
-		{
-		j=ERR_R_ASN1_LIB;
-		x=d2i_X509_bio(in,NULL);
-		}
-	else if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
-		goto end;
-		}
-
-	ret=SSL_use_certificate(ssl,x);
-end:
-	if (x != NULL) X509_free(x);
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
-	{
-	X509 *x;
-	int ret;
-
-	x=d2i_X509(NULL,&d,(long)len);
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_use_certificate(ssl,x);
-	X509_free(x);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
-	{
-	EVP_PKEY *pkey;
-	int ret;
-
-	if (rsa == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ssl->cert))
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	if ((pkey=EVP_PKEY_new()) == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
-		return(0);
-		}
-
-	RSA_up_ref(rsa);
-	EVP_PKEY_assign_RSA(pkey,rsa);
-
-	ret=ssl_set_pkey(ssl->cert,pkey);
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-#endif
-
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
-	{
-	int i,ok=0,bad=0;
-
-	i=ssl_cert_type(NULL,pkey);
-	if (i < 0)
-		{
-		SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		return(0);
-		}
-
-	if (c->pkeys[i].x509 != NULL)
-		{
-		EVP_PKEY *pktmp;
-		pktmp =	X509_get_pubkey(c->pkeys[i].x509);
-		EVP_PKEY_copy_parameters(pktmp,pkey);
-		EVP_PKEY_free(pktmp);
-		ERR_clear_error();
-
-#ifndef OPENSSL_NO_RSA
-		/* Don't check the public/private key, this is mostly
-		 * for smart cards. */
-		if ((pkey->type == EVP_PKEY_RSA) &&
-			(RSA_flags(pkey->pkey.rsa) &
-			 RSA_METHOD_FLAG_NO_CHECK))
-			 ok=1;
-		else
-#endif
-			if (!X509_check_private_key(c->pkeys[i].x509,pkey))
-			{
-			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
-				{
-				i=(i == SSL_PKEY_DH_RSA)?
-					SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
-				if (c->pkeys[i].x509 == NULL)
-					ok=1;
-				else
-					{
-					if (!X509_check_private_key(
-						c->pkeys[i].x509,pkey))
-						bad=1;
-					else
-						ok=1;
-					}
-				}
-			else
-				bad=1;
-			}
-		else
-			ok=1;
-		}
-	else
-		ok=1;
-
-	if (bad)
-		{
-		X509_free(c->pkeys[i].x509);
-		c->pkeys[i].x509=NULL;
-		return(0);
-		}
-
-	if (c->pkeys[i].privatekey != NULL)
-		EVP_PKEY_free(c->pkeys[i].privatekey);
-	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	c->pkeys[i].privatekey=pkey;
-	c->key= &(c->pkeys[i]);
-
-	c->valid=0;
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_RSA
-#ifndef OPENSSL_NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
-	{
-	int j,ret=0;
-	BIO *in;
-	RSA *rsa=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if	(type == SSL_FILETYPE_ASN1)
-		{
-		j=ERR_R_ASN1_LIB;
-		rsa=d2i_RSAPrivateKey_bio(in,NULL);
-		}
-	else if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
-			ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-	if (rsa == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
-		goto end;
-		}
-	ret=SSL_use_RSAPrivateKey(ssl,rsa);
-	RSA_free(rsa);
-end:
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
-	{
-	int ret;
-	const unsigned char *p;
-	RSA *rsa;
-
-	p=d;
-	if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_use_RSAPrivateKey(ssl,rsa);
-	RSA_free(rsa);
-	return(ret);
-	}
-#endif /* !OPENSSL_NO_RSA */
-
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
-	{
-	int ret;
-
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ssl->cert))
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	ret=ssl_set_pkey(ssl->cert,pkey);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
-	{
-	int j,ret=0;
-	BIO *in;
-	EVP_PKEY *pkey=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		pkey=PEM_read_bio_PrivateKey(in,NULL,
-			ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
-		goto end;
-		}
-	ret=SSL_use_PrivateKey(ssl,pkey);
-	EVP_PKEY_free(pkey);
-end:
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
-	{
-	int ret;
-	unsigned char *p;
-	EVP_PKEY *pkey;
-
-	p=d;
-	if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
-		{
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_use_PrivateKey(ssl,pkey);
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
-	{
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ctx->cert))
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	return(ssl_set_cert(ctx->cert, x));
-	}
-
-static int ssl_set_cert(CERT *c, X509 *x)
-	{
-	EVP_PKEY *pkey;
-	int i,ok=0,bad=0;
-
-	pkey=X509_get_pubkey(x);
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
-		return(0);
-		}
-
-	i=ssl_cert_type(x,pkey);
-	if (i < 0)
-		{
-		SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		EVP_PKEY_free(pkey);
-		return(0);
-		}
-
-	if (c->pkeys[i].privatekey != NULL)
-		{
-		EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
-		ERR_clear_error();
-
-#ifndef OPENSSL_NO_RSA
-		/* Don't check the public/private key, this is mostly
-		 * for smart cards. */
-		if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
-			(RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
-			 RSA_METHOD_FLAG_NO_CHECK))
-			 ok=1;
-		else
-#endif
-		{
-		if (!X509_check_private_key(x,c->pkeys[i].privatekey))
-			{
-			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
-				{
-				i=(i == SSL_PKEY_DH_RSA)?
-					SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
-				if (c->pkeys[i].privatekey == NULL)
-					ok=1;
-				else
-					{
-					if (!X509_check_private_key(x,
-						c->pkeys[i].privatekey))
-						bad=1;
-					else
-						ok=1;
-					}
-				}
-			else
-				bad=1;
-			}
-		else
-			ok=1;
-		} /* OPENSSL_NO_RSA */
-		}
-	else
-		ok=1;
-
-	EVP_PKEY_free(pkey);
-	if (bad)
-		{
-		EVP_PKEY_free(c->pkeys[i].privatekey);
-		c->pkeys[i].privatekey=NULL;
-		}
-
-	if (c->pkeys[i].x509 != NULL)
-		X509_free(c->pkeys[i].x509);
-	CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
-	c->pkeys[i].x509=x;
-	c->key= &(c->pkeys[i]);
-
-	c->valid=0;
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
-	{
-	int j;
-	BIO *in;
-	int ret=0;
-	X509 *x=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if (type == SSL_FILETYPE_ASN1)
-		{
-		j=ERR_R_ASN1_LIB;
-		x=d2i_X509_bio(in,NULL);
-		}
-	else if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
-		goto end;
-		}
-
-	ret=SSL_CTX_use_certificate(ctx,x);
-end:
-	if (x != NULL) X509_free(x);
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
-	{
-	X509 *x;
-	int ret;
-
-	x=d2i_X509(NULL,&d,(long)len);
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_CTX_use_certificate(ctx,x);
-	X509_free(x);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
-	{
-	int ret;
-	EVP_PKEY *pkey;
-
-	if (rsa == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ctx->cert))
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	if ((pkey=EVP_PKEY_new()) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
-		return(0);
-		}
-
-	RSA_up_ref(rsa);
-	EVP_PKEY_assign_RSA(pkey,rsa);
-
-	ret=ssl_set_pkey(ctx->cert, pkey);
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-	{
-	int j,ret=0;
-	BIO *in;
-	RSA *rsa=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if	(type == SSL_FILETYPE_ASN1)
-		{
-		j=ERR_R_ASN1_LIB;
-		rsa=d2i_RSAPrivateKey_bio(in,NULL);
-		}
-	else if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
-			ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-	if (rsa == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
-		goto end;
-		}
-	ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
-	RSA_free(rsa);
-end:
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
-	{
-	int ret;
-	const unsigned char *p;
-	RSA *rsa;
-
-	p=d;
-	if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
-	RSA_free(rsa);
-	return(ret);
-	}
-#endif /* !OPENSSL_NO_RSA */
-
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
-	{
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
-		return(0);
-		}
-	if (!ssl_cert_inst(&ctx->cert))
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	return(ssl_set_pkey(ctx->cert,pkey));
-	}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-	{
-	int j,ret=0;
-	BIO *in;
-	EVP_PKEY *pkey=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-	if (type == SSL_FILETYPE_PEM)
-		{
-		j=ERR_R_PEM_LIB;
-		pkey=PEM_read_bio_PrivateKey(in,NULL,
-			ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
-		}
-	else
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-		}
-	if (pkey == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
-		goto end;
-		}
-	ret=SSL_CTX_use_PrivateKey(ctx,pkey);
-	EVP_PKEY_free(pkey);
-end:
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
-
-int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
-	     long len)
-	{
-	int ret;
-	unsigned char *p;
-	EVP_PKEY *pkey;
-
-	p=d;
-	if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
-		return(0);
-		}
-
-	ret=SSL_CTX_use_PrivateKey(ctx,pkey);
-	EVP_PKEY_free(pkey);
-	return(ret);
-	}
-
-
-#ifndef OPENSSL_NO_STDIO
-/* Read a file that contains our certificate in "PEM" format,
- * possibly followed by a sequence of CA certificates that should be
- * sent to the peer in the Certificate message.
- */
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
-	{
-	BIO *in;
-	int ret=0;
-	X509 *x=NULL;
-
-	in=BIO_new(BIO_s_file_internal());
-	if (in == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
-		goto end;
-		}
-
-	if (BIO_read_filename(in,file) <= 0)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
-		goto end;
-		}
-
-	x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
-	if (x == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
-		goto end;
-		}
-
-	ret=SSL_CTX_use_certificate(ctx,x);
-	if (ERR_peek_error() != 0)
-		ret = 0;  /* Key/certificate mismatch doesn't imply ret==0 ... */
-	if (ret)
-		{
-		/* If we could set up our certificate, now proceed to
-		 * the CA certificates.
-		 */
-		X509 *ca;
-		int r;
-		unsigned long err;
-		
-		if (ctx->extra_certs != NULL) 
-			{
-			sk_X509_pop_free(ctx->extra_certs, X509_free);
-			ctx->extra_certs = NULL;
-			}
-
-		while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
-			!= NULL)
-			{
-			r = SSL_CTX_add_extra_chain_cert(ctx, ca);
-			if (!r) 
-				{
-				X509_free(ca);
-				ret = 0;
-				goto end;
-				}
-			/* Note that we must not free r if it was successfully
-			 * added to the chain (while we must free the main
-			 * certificate, since its reference count is increased
-			 * by SSL_CTX_use_certificate). */
-			}
-		/* When the while loop ends, it's usually just EOF. */
-		err = ERR_peek_last_error();
-		if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
-			(void)ERR_get_error();
-		else 
-			ret = 0; /* some real error */
-		}
-
-end:
-	if (x != NULL) X509_free(x);
-	if (in != NULL) BIO_free(in);
-	return(ret);
-	}
-#endif
diff --git a/crypto/openssl/ssl/ssl_sess.c b/crypto/openssl/ssl/ssl_sess.c
deleted file mode 100644
index fbc30b94e63b..000000000000
--- a/crypto/openssl/ssl/ssl_sess.c
+++ /dev/null
@@ -1,755 +0,0 @@
-/* ssl/ssl_sess.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/rand.h>
-#include "ssl_locl.h"
-#include "cryptlib.h"
-
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
-static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
-
-SSL_SESSION *SSL_get_session(SSL *ssl)
-/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
-	{
-	return(ssl->session);
-	}
-
-SSL_SESSION *SSL_get1_session(SSL *ssl)
-/* variant of SSL_get_session: caller really gets something */
-	{
-	SSL_SESSION *sess;
-	/* Need to lock this all up rather than just use CRYPTO_add so that
-	 * somebody doesn't free ssl->session between when we check it's
-	 * non-null and when we up the reference count. */
-	CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
-	sess = ssl->session;
-	if(sess)
-		sess->references++;
-	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
-	return(sess);
-	}
-
-int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
-			new_func, dup_func, free_func);
-	}
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
-	}
-
-void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
-	{
-	return(CRYPTO_get_ex_data(&s->ex_data,idx));
-	}
-
-SSL_SESSION *SSL_SESSION_new(void)
-	{
-	SSL_SESSION *ss;
-
-	ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
-	if (ss == NULL)
-		{
-		SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	memset(ss,0,sizeof(SSL_SESSION));
-
-	ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
-	ss->references=1;
-	ss->timeout=60*5+4; /* 5 minute timeout by default */
-	ss->time=time(NULL);
-	ss->prev=NULL;
-	ss->next=NULL;
-	ss->compress_meth=0;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-	return(ss);
-	}
-
-/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
- * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
- * until we have no conflict is going to complete in one iteration pretty much
- * "most" of the time (btw: understatement). So, if it takes us 10 iterations
- * and we still can't avoid a conflict - well that's a reasonable point to call
- * it quits. Either the RAND code is broken or someone is trying to open roughly
- * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
- * store that many sessions is perhaps a more interesting question ... */
-
-#define MAX_SESS_ID_ATTEMPTS 10
-static int def_generate_session_id(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len)
-{
-	unsigned int retry = 0;
-	do
-		RAND_pseudo_bytes(id, *id_len);
-	while(SSL_has_matching_session_id(ssl, id, *id_len) &&
-		(++retry < MAX_SESS_ID_ATTEMPTS));
-	if(retry < MAX_SESS_ID_ATTEMPTS)
-		return 1;
-	/* else - woops a session_id match */
-	/* XXX We should also check the external cache --
-	 * but the probability of a collision is negligible, and
-	 * we could not prevent the concurrent creation of sessions
-	 * with identical IDs since we currently don't have means
-	 * to atomically check whether a session ID already exists
-	 * and make a reservation for it if it does not
-	 * (this problem applies to the internal cache as well).
-	 */
-	return 0;
-}
-
-int ssl_get_new_session(SSL *s, int session)
-	{
-	/* This gets used by clients and servers. */
-
-	unsigned int tmp;
-	SSL_SESSION *ss=NULL;
-	GEN_SESSION_CB cb = def_generate_session_id;
-
-	if ((ss=SSL_SESSION_new()) == NULL) return(0);
-
-	/* If the context has a default timeout, use it */
-	if (s->ctx->session_timeout == 0)
-		ss->timeout=SSL_get_default_timeout(s);
-	else
-		ss->timeout=s->ctx->session_timeout;
-
-	if (s->session != NULL)
-		{
-		SSL_SESSION_free(s->session);
-		s->session=NULL;
-		}
-
-	if (session)
-		{
-		if (s->version == SSL2_VERSION)
-			{
-			ss->ssl_version=SSL2_VERSION;
-			ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
-			}
-		else if (s->version == SSL3_VERSION)
-			{
-			ss->ssl_version=SSL3_VERSION;
-			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
-			}
-		else if (s->version == TLS1_VERSION)
-			{
-			ss->ssl_version=TLS1_VERSION;
-			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
-			}
-		else
-			{
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
-			SSL_SESSION_free(ss);
-			return(0);
-			}
-		/* Choose which callback will set the session ID */
-		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-		if(s->generate_session_id)
-			cb = s->generate_session_id;
-		else if(s->ctx->generate_session_id)
-			cb = s->ctx->generate_session_id;
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-		/* Choose a session ID */
-		tmp = ss->session_id_length;
-		if(!cb(s, ss->session_id, &tmp))
-			{
-			/* The callback failed */
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-				SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
-			SSL_SESSION_free(ss);
-			return(0);
-			}
-		/* Don't allow the callback to set the session length to zero.
-		 * nor set it higher than it was. */
-		if(!tmp || (tmp > ss->session_id_length))
-			{
-			/* The callback set an illegal length */
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-				SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
-			SSL_SESSION_free(ss);
-			return(0);
-			}
-		/* If the session length was shrunk and we're SSLv2, pad it */
-		if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
-			memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
-		else
-			ss->session_id_length = tmp;
-		/* Finally, check for a conflict */
-		if(SSL_has_matching_session_id(s, ss->session_id,
-						ss->session_id_length))
-			{
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-				SSL_R_SSL_SESSION_ID_CONFLICT);
-			SSL_SESSION_free(ss);
-			return(0);
-			}
-		}
-	else
-		{
-		ss->session_id_length=0;
-		}
-
-	if (s->sid_ctx_length > sizeof ss->sid_ctx)
-		{
-		SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
-		SSL_SESSION_free(ss);
-		return 0;
-		}
-	memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
-	ss->sid_ctx_length=s->sid_ctx_length;
-	s->session=ss;
-	ss->ssl_version=s->version;
-	ss->verify_result = X509_V_OK;
-
-	return(1);
-	}
-
-int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
-	{
-	/* This is used only by servers. */
-
-	SSL_SESSION *ret=NULL,data;
-	int fatal = 0;
-
-	data.ssl_version=s->version;
-	data.session_id_length=len;
-	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
-		goto err;
-	memcpy(data.session_id,session_id,len);
-
-	if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
-		{
-		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-		ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
-		if (ret != NULL)
-		    /* don't allow other threads to steal it: */
-		    CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-		}
-
-	if (ret == NULL)
-		{
-		int copy=1;
-	
-		s->ctx->stats.sess_miss++;
-		ret=NULL;
-		if (s->ctx->get_session_cb != NULL
-		    && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
-		       != NULL)
-			{
-			s->ctx->stats.sess_cb_hit++;
-
-			/* Increment reference count now if the session callback
-			 * asks us to do so (note that if the session structures
-			 * returned by the callback are shared between threads,
-			 * it must handle the reference count itself [i.e. copy == 0],
-			 * or things won't be thread-safe). */
-			if (copy)
-				CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-
-			/* Add the externally cached session to the internal
-			 * cache as well if and only if we are supposed to. */
-			if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
-				/* The following should not return 1, otherwise,
-				 * things are very strange */
-				SSL_CTX_add_session(s->ctx,ret);
-			}
-		if (ret == NULL)
-			goto err;
-		}
-
-	/* Now ret is non-NULL, and we own one of its reference counts. */
-
-	if((s->verify_mode&SSL_VERIFY_PEER)
-	   && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
-	       || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
-	    {
-		/* We've found the session named by the client, but we don't
-		 * want to use it in this context. */
-		
-		if (s->sid_ctx_length == 0)
-			{
-			/* application should have used SSL[_CTX]_set_session_id_context
-			 * -- we could tolerate this and just pretend we never heard
-			 * of this session, but then applications could effectively
-			 * disable the session cache by accident without anyone noticing */
-
-			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
-			fatal = 1;
-			goto err;
-			}
-		else
-			{
-#if 0 /* The client cannot always know when a session is not appropriate,
-	   * so we shouldn't generate an error message. */
-
-			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-#endif
-			goto err; /* treat like cache miss */
-			}
-		}
-
-	if (ret->cipher == NULL)
-		{
-		unsigned char buf[5],*p;
-		unsigned long l;
-
-		p=buf;
-		l=ret->cipher_id;
-		l2n(l,p);
-		if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
-			ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
-		else 
-			ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
-		if (ret->cipher == NULL)
-			goto err;
-		}
-
-
-#if 0 /* This is way too late. */
-
-	/* If a thread got the session, then 'swaped', and another got
-	 * it and then due to a time-out decided to 'OPENSSL_free' it we could
-	 * be in trouble.  So I'll increment it now, then double decrement
-	 * later - am I speaking rubbish?. */
-	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-#endif
-
-	if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
-		{
-		s->ctx->stats.sess_timeout++;
-		/* remove it from the cache */
-		SSL_CTX_remove_session(s->ctx,ret);
-		goto err;
-		}
-
-	s->ctx->stats.sess_hit++;
-
-	/* ret->time=time(NULL); */ /* rezero timeout? */
-	/* again, just leave the session 
-	 * if it is the same session, we have just incremented and
-	 * then decremented the reference count :-) */
-	if (s->session != NULL)
-		SSL_SESSION_free(s->session);
-	s->session=ret;
-	s->verify_result = s->session->verify_result;
-	return(1);
-
- err:
-	if (ret != NULL)
-		SSL_SESSION_free(ret);
-	if (fatal)
-		return -1;
-	else
-		return 0;
-	}
-
-int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
-	{
-	int ret=0;
-	SSL_SESSION *s;
-
-	/* add just 1 reference count for the SSL_CTX's session cache
-	 * even though it has two ways of access: each session is in a
-	 * doubly linked list and an lhash */
-	CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
-	/* if session c is in already in cache, we take back the increment later */
-
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
-	
-	/* s != NULL iff we already had a session with the given PID.
-	 * In this case, s == c should hold (then we did not really modify
-	 * ctx->sessions), or we're in trouble. */
-	if (s != NULL && s != c)
-		{
-		/* We *are* in trouble ... */
-		SSL_SESSION_list_remove(ctx,s);
-		SSL_SESSION_free(s);
-		/* ... so pretend the other session did not exist in cache
-		 * (we cannot handle two SSL_SESSION structures with identical
-		 * session ID in the same cache, which could happen e.g. when
-		 * two threads concurrently obtain the same session from an external
-		 * cache) */
-		s = NULL;
-		}
-
- 	/* Put at the head of the queue unless it is already in the cache */
-	if (s == NULL)
-		SSL_SESSION_list_add(ctx,c);
-
-	if (s != NULL)
-		{
-		/* existing cache entry -- decrement previously incremented reference
-		 * count because it already takes into account the cache */
-
-		SSL_SESSION_free(s); /* s == c */
-		ret=0;
-		}
-	else
-		{
-		/* new cache entry -- remove old ones if cache has become too large */
-		
-		ret=1;
-
-		if (SSL_CTX_sess_get_cache_size(ctx) > 0)
-			{
-			while (SSL_CTX_sess_number(ctx) >
-				SSL_CTX_sess_get_cache_size(ctx))
-				{
-				if (!remove_session_lock(ctx,
-					ctx->session_cache_tail, 0))
-					break;
-				else
-					ctx->stats.sess_cache_full++;
-				}
-			}
-		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	return(ret);
-	}
-
-int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
-	return remove_session_lock(ctx, c, 1);
-}
-
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
-	{
-	SSL_SESSION *r;
-	int ret=0;
-
-	if ((c != NULL) && (c->session_id_length != 0))
-		{
-		if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-		if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
-			{
-			ret=1;
-			r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
-			SSL_SESSION_list_remove(ctx,c);
-			}
-
-		if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-
-		if (ret)
-			{
-			r->not_resumable=1;
-			if (ctx->remove_session_cb != NULL)
-				ctx->remove_session_cb(ctx,r);
-			SSL_SESSION_free(r);
-			}
-		}
-	else
-		ret=0;
-	return(ret);
-	}
-
-void SSL_SESSION_free(SSL_SESSION *ss)
-	{
-	int i;
-
-	if(ss == NULL)
-	    return;
-
-	i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
-#ifdef REF_PRINT
-	REF_PRINT("SSL_SESSION",ss);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
-		abort(); /* ok */
-		}
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
-	OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
-	OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
-	OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
-	if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
-	if (ss->peer != NULL) X509_free(ss->peer);
-	if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
-	OPENSSL_cleanse(ss,sizeof(*ss));
-	OPENSSL_free(ss);
-	}
-
-int SSL_set_session(SSL *s, SSL_SESSION *session)
-	{
-	int ret=0;
-	SSL_METHOD *meth;
-
-	if (session != NULL)
-		{
-		meth=s->ctx->method->get_ssl_method(session->ssl_version);
-		if (meth == NULL)
-			meth=s->method->get_ssl_method(session->ssl_version);
-		if (meth == NULL)
-			{
-			SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
-			return(0);
-			}
-
-		if (meth != s->method)
-			{
-			if (!SSL_set_ssl_method(s,meth))
-				return(0);
-			if (s->ctx->session_timeout == 0)
-				session->timeout=SSL_get_default_timeout(s);
-			else
-				session->timeout=s->ctx->session_timeout;
-			}
-
-#ifndef OPENSSL_NO_KRB5
-                if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
-                    session->krb5_client_princ_len > 0)
-                {
-                    s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
-                    memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
-                            session->krb5_client_princ_len);
-                    s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
-                }
-#endif /* OPENSSL_NO_KRB5 */
-
-		/* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
-		CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
-		if (s->session != NULL)
-			SSL_SESSION_free(s->session);
-		s->session=session;
-		s->verify_result = s->session->verify_result;
-		/* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
-		ret=1;
-		}
-	else
-		{
-		if (s->session != NULL)
-			{
-			SSL_SESSION_free(s->session);
-			s->session=NULL;
-			}
-
-		meth=s->ctx->method;
-		if (meth != s->method)
-			{
-			if (!SSL_set_ssl_method(s,meth))
-				return(0);
-			}
-		ret=1;
-		}
-	return(ret);
-	}
-
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
-	{
-	if (s == NULL) return(0);
-	s->timeout=t;
-	return(1);
-	}
-
-long SSL_SESSION_get_timeout(SSL_SESSION *s)
-	{
-	if (s == NULL) return(0);
-	return(s->timeout);
-	}
-
-long SSL_SESSION_get_time(SSL_SESSION *s)
-	{
-	if (s == NULL) return(0);
-	return(s->time);
-	}
-
-long SSL_SESSION_set_time(SSL_SESSION *s, long t)
-	{
-	if (s == NULL) return(0);
-	s->time=t;
-	return(t);
-	}
-
-long SSL_CTX_set_timeout(SSL_CTX *s, long t)
-	{
-	long l;
-	if (s == NULL) return(0);
-	l=s->session_timeout;
-	s->session_timeout=t;
-	return(l);
-	}
-
-long SSL_CTX_get_timeout(SSL_CTX *s)
-	{
-	if (s == NULL) return(0);
-	return(s->session_timeout);
-	}
-
-typedef struct timeout_param_st
-	{
-	SSL_CTX *ctx;
-	long time;
-	LHASH *cache;
-	} TIMEOUT_PARAM;
-
-static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
-	{
-	if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
-		{
-		/* The reason we don't call SSL_CTX_remove_session() is to
-		 * save on locking overhead */
-		lh_delete(p->cache,s);
-		SSL_SESSION_list_remove(p->ctx,s);
-		s->not_resumable=1;
-		if (p->ctx->remove_session_cb != NULL)
-			p->ctx->remove_session_cb(p->ctx,s);
-		SSL_SESSION_free(s);
-		}
-	}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
-
-void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
-	{
-	unsigned long i;
-	TIMEOUT_PARAM tp;
-
-	tp.ctx=s;
-	tp.cache=s->sessions;
-	if (tp.cache == NULL) return;
-	tp.time=t;
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	i=tp.cache->down_load;
-	tp.cache->down_load=0;
-	lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
-	tp.cache->down_load=i;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	}
-
-int ssl_clear_bad_session(SSL *s)
-	{
-	if (	(s->session != NULL) &&
-		!(s->shutdown & SSL_SENT_SHUTDOWN) &&
-		!(SSL_in_init(s) || SSL_in_before(s)))
-		{
-		SSL_CTX_remove_session(s->ctx,s->session);
-		return(1);
-		}
-	else
-		return(0);
-	}
-
-/* locked by SSL_CTX in the calling function */
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
-	{
-	if ((s->next == NULL) || (s->prev == NULL)) return;
-
-	if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
-		{ /* last element in list */
-		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
-			{ /* only one element in list */
-			ctx->session_cache_head=NULL;
-			ctx->session_cache_tail=NULL;
-			}
-		else
-			{
-			ctx->session_cache_tail=s->prev;
-			s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
-			}
-		}
-	else
-		{
-		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
-			{ /* first element in list */
-			ctx->session_cache_head=s->next;
-			s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
-			}
-		else
-			{ /* middle of list */
-			s->next->prev=s->prev;
-			s->prev->next=s->next;
-			}
-		}
-	s->prev=s->next=NULL;
-	}
-
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
-	{
-	if ((s->next != NULL) && (s->prev != NULL))
-		SSL_SESSION_list_remove(ctx,s);
-
-	if (ctx->session_cache_head == NULL)
-		{
-		ctx->session_cache_head=s;
-		ctx->session_cache_tail=s;
-		s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
-		s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
-		}
-	else
-		{
-		s->next=ctx->session_cache_head;
-		s->next->prev=s;
-		s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
-		ctx->session_cache_head=s;
-		}
-	}
-
diff --git a/crypto/openssl/ssl/ssl_stat.c b/crypto/openssl/ssl/ssl_stat.c
deleted file mode 100644
index b16d25308105..000000000000
--- a/crypto/openssl/ssl/ssl_stat.c
+++ /dev/null
@@ -1,502 +0,0 @@
-/* ssl/ssl_stat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-
-const char *SSL_state_string_long(const SSL *s)
-	{
-	const char *str;
-
-	switch (s->state)
-		{
-case SSL_ST_BEFORE: str="before SSL initialization"; break;
-case SSL_ST_ACCEPT: str="before accept initialization"; break;
-case SSL_ST_CONNECT: str="before connect initialization"; break;
-case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
-case SSL_ST_RENEGOTIATE:	str="SSL renegotiate ciphers"; break;
-case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
-case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
-case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
-case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
-#ifndef OPENSSL_NO_SSL2
-case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
-case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
-case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
-case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
-case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
-case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
-case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
-case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
-case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
-case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
-case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
-case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
-#endif
-
-#ifndef OPENSSL_NO_SSL3
-/* SSLv3 additions */
-case SSL3_ST_CW_CLNT_HELLO_A:	str="SSLv3 write client hello A"; break;
-case SSL3_ST_CW_CLNT_HELLO_B:	str="SSLv3 write client hello B"; break;
-case SSL3_ST_CR_SRVR_HELLO_A:	str="SSLv3 read server hello A"; break;
-case SSL3_ST_CR_SRVR_HELLO_B:	str="SSLv3 read server hello B"; break;
-case SSL3_ST_CR_CERT_A:		str="SSLv3 read server certificate A"; break;
-case SSL3_ST_CR_CERT_B:		str="SSLv3 read server certificate B"; break;
-case SSL3_ST_CR_KEY_EXCH_A:	str="SSLv3 read server key exchange A"; break;
-case SSL3_ST_CR_KEY_EXCH_B:	str="SSLv3 read server key exchange B"; break;
-case SSL3_ST_CR_CERT_REQ_A:	str="SSLv3 read server certificate request A"; break;
-case SSL3_ST_CR_CERT_REQ_B:	str="SSLv3 read server certificate request B"; break;
-case SSL3_ST_CR_SRVR_DONE_A:	str="SSLv3 read server done A"; break;
-case SSL3_ST_CR_SRVR_DONE_B:	str="SSLv3 read server done B"; break;
-case SSL3_ST_CW_CERT_A:		str="SSLv3 write client certificate A"; break;
-case SSL3_ST_CW_CERT_B:		str="SSLv3 write client certificate B"; break;
-case SSL3_ST_CW_CERT_C:		str="SSLv3 write client certificate C"; break;
-case SSL3_ST_CW_CERT_D:		str="SSLv3 write client certificate D"; break;
-case SSL3_ST_CW_KEY_EXCH_A:	str="SSLv3 write client key exchange A"; break;
-case SSL3_ST_CW_KEY_EXCH_B:	str="SSLv3 write client key exchange B"; break;
-case SSL3_ST_CW_CERT_VRFY_A:	str="SSLv3 write certificate verify A"; break;
-case SSL3_ST_CW_CERT_VRFY_B:	str="SSLv3 write certificate verify B"; break;
-
-case SSL3_ST_CW_CHANGE_A:
-case SSL3_ST_SW_CHANGE_A:	str="SSLv3 write change cipher spec A"; break;
-case SSL3_ST_CW_CHANGE_B:	
-case SSL3_ST_SW_CHANGE_B:	str="SSLv3 write change cipher spec B"; break;
-case SSL3_ST_CW_FINISHED_A:	
-case SSL3_ST_SW_FINISHED_A:	str="SSLv3 write finished A"; break;
-case SSL3_ST_CW_FINISHED_B:	
-case SSL3_ST_SW_FINISHED_B:	str="SSLv3 write finished B"; break;
-case SSL3_ST_CR_CHANGE_A:	
-case SSL3_ST_SR_CHANGE_A:	str="SSLv3 read change cipher spec A"; break;
-case SSL3_ST_CR_CHANGE_B:	
-case SSL3_ST_SR_CHANGE_B:	str="SSLv3 read change cipher spec B"; break;
-case SSL3_ST_CR_FINISHED_A:	
-case SSL3_ST_SR_FINISHED_A:	str="SSLv3 read finished A"; break;
-case SSL3_ST_CR_FINISHED_B:	
-case SSL3_ST_SR_FINISHED_B:	str="SSLv3 read finished B"; break;
-
-case SSL3_ST_CW_FLUSH:
-case SSL3_ST_SW_FLUSH:		str="SSLv3 flush data"; break;
-
-case SSL3_ST_SR_CLNT_HELLO_A:	str="SSLv3 read client hello A"; break;
-case SSL3_ST_SR_CLNT_HELLO_B:	str="SSLv3 read client hello B"; break;
-case SSL3_ST_SR_CLNT_HELLO_C:	str="SSLv3 read client hello C"; break;
-case SSL3_ST_SW_HELLO_REQ_A:	str="SSLv3 write hello request A"; break;
-case SSL3_ST_SW_HELLO_REQ_B:	str="SSLv3 write hello request B"; break;
-case SSL3_ST_SW_HELLO_REQ_C:	str="SSLv3 write hello request C"; break;
-case SSL3_ST_SW_SRVR_HELLO_A:	str="SSLv3 write server hello A"; break;
-case SSL3_ST_SW_SRVR_HELLO_B:	str="SSLv3 write server hello B"; break;
-case SSL3_ST_SW_CERT_A:		str="SSLv3 write certificate A"; break;
-case SSL3_ST_SW_CERT_B:		str="SSLv3 write certificate B"; break;
-case SSL3_ST_SW_KEY_EXCH_A:	str="SSLv3 write key exchange A"; break;
-case SSL3_ST_SW_KEY_EXCH_B:	str="SSLv3 write key exchange B"; break;
-case SSL3_ST_SW_CERT_REQ_A:	str="SSLv3 write certificate request A"; break;
-case SSL3_ST_SW_CERT_REQ_B:	str="SSLv3 write certificate request B"; break;
-case SSL3_ST_SW_SRVR_DONE_A:	str="SSLv3 write server done A"; break;
-case SSL3_ST_SW_SRVR_DONE_B:	str="SSLv3 write server done B"; break;
-case SSL3_ST_SR_CERT_A:		str="SSLv3 read client certificate A"; break;
-case SSL3_ST_SR_CERT_B:		str="SSLv3 read client certificate B"; break;
-case SSL3_ST_SR_KEY_EXCH_A:	str="SSLv3 read client key exchange A"; break;
-case SSL3_ST_SR_KEY_EXCH_B:	str="SSLv3 read client key exchange B"; break;
-case SSL3_ST_SR_CERT_VRFY_A:	str="SSLv3 read certificate verify A"; break;
-case SSL3_ST_SR_CERT_VRFY_B:	str="SSLv3 read certificate verify B"; break;
-#endif
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-/* SSLv2/v3 compatibility states */
-/* client */
-case SSL23_ST_CW_CLNT_HELLO_A:	str="SSLv2/v3 write client hello A"; break;
-case SSL23_ST_CW_CLNT_HELLO_B:	str="SSLv2/v3 write client hello B"; break;
-case SSL23_ST_CR_SRVR_HELLO_A:	str="SSLv2/v3 read server hello A"; break;
-case SSL23_ST_CR_SRVR_HELLO_B:	str="SSLv2/v3 read server hello B"; break;
-/* server */
-case SSL23_ST_SR_CLNT_HELLO_A:	str="SSLv2/v3 read client hello A"; break;
-case SSL23_ST_SR_CLNT_HELLO_B:	str="SSLv2/v3 read client hello B"; break;
-#endif
-
-default:	str="unknown state"; break;
-		}
-	return(str);
-	}
-
-const char *SSL_rstate_string_long(const SSL *s)
-	{
-	const char *str;
-
-	switch (s->rstate)
-		{
-	case SSL_ST_READ_HEADER: str="read header"; break;
-	case SSL_ST_READ_BODY: str="read body"; break;
-	case SSL_ST_READ_DONE: str="read done"; break;
-	default: str="unknown"; break;
-		}
-	return(str);
-	}
-
-const char *SSL_state_string(const SSL *s)
-	{
-	const char *str;
-
-	switch (s->state)
-		{
-case SSL_ST_BEFORE:				str="PINIT "; break;
-case SSL_ST_ACCEPT:				str="AINIT "; break;
-case SSL_ST_CONNECT:				str="CINIT "; break;
-case SSL_ST_OK:			 		str="SSLOK "; break;
-#ifndef OPENSSL_NO_SSL2
-case SSL2_ST_CLIENT_START_ENCRYPTION:		str="2CSENC"; break;
-case SSL2_ST_SERVER_START_ENCRYPTION:		str="2SSENC"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_A:		str="2SCH_A"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_B:		str="2SCH_B"; break;
-case SSL2_ST_GET_SERVER_HELLO_A:		str="2GSH_A"; break;
-case SSL2_ST_GET_SERVER_HELLO_B:		str="2GSH_B"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:		str="2SCMKA"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:		str="2SCMKB"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_A:		str="2SCF_A"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_B:		str="2SCF_B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:		str="2SCC_A"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:		str="2SCC_B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:		str="2SCC_C"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:		str="2SCC_D"; break;
-case SSL2_ST_GET_SERVER_VERIFY_A:		str="2GSV_A"; break;
-case SSL2_ST_GET_SERVER_VERIFY_B:		str="2GSV_B"; break;
-case SSL2_ST_GET_SERVER_FINISHED_A:		str="2GSF_A"; break;
-case SSL2_ST_GET_SERVER_FINISHED_B:		str="2GSF_B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_A:		str="2GCH_A"; break;
-case SSL2_ST_GET_CLIENT_HELLO_B:		str="2GCH_B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_C:		str="2GCH_C"; break;
-case SSL2_ST_SEND_SERVER_HELLO_A:		str="2SSH_A"; break;
-case SSL2_ST_SEND_SERVER_HELLO_B:		str="2SSH_B"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_A:		str="2GCMKA"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_B:		str="2GCMKA"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_A:		str="2SSV_A"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_B:		str="2SSV_B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_C:		str="2SSV_C"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_A:		str="2GCF_A"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_B:		str="2GCF_B"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_A:		str="2SSF_A"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_B:		str="2SSF_B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:	str="2SRC_A"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:	str="2SRC_B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:	str="2SRC_C"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:	str="2SRC_D"; break;
-case SSL2_ST_X509_GET_SERVER_CERTIFICATE:	str="2X9GSC"; break;
-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:	str="2X9GCC"; break;
-#endif
-
-#ifndef OPENSSL_NO_SSL3
-/* SSLv3 additions */
-case SSL3_ST_SW_FLUSH:
-case SSL3_ST_CW_FLUSH:				str="3FLUSH"; break;
-case SSL3_ST_CW_CLNT_HELLO_A:			str="3WCH_A"; break;
-case SSL3_ST_CW_CLNT_HELLO_B:			str="3WCH_B"; break;
-case SSL3_ST_CR_SRVR_HELLO_A:			str="3RSH_A"; break;
-case SSL3_ST_CR_SRVR_HELLO_B:			str="3RSH_B"; break;
-case SSL3_ST_CR_CERT_A:				str="3RSC_A"; break;
-case SSL3_ST_CR_CERT_B:				str="3RSC_B"; break;
-case SSL3_ST_CR_KEY_EXCH_A:			str="3RSKEA"; break;
-case SSL3_ST_CR_KEY_EXCH_B:			str="3RSKEB"; break;
-case SSL3_ST_CR_CERT_REQ_A:			str="3RCR_A"; break;
-case SSL3_ST_CR_CERT_REQ_B:			str="3RCR_B"; break;
-case SSL3_ST_CR_SRVR_DONE_A:			str="3RSD_A"; break;
-case SSL3_ST_CR_SRVR_DONE_B:			str="3RSD_B"; break;
-case SSL3_ST_CW_CERT_A:				str="3WCC_A"; break;
-case SSL3_ST_CW_CERT_B:				str="3WCC_B"; break;
-case SSL3_ST_CW_CERT_C:				str="3WCC_C"; break;
-case SSL3_ST_CW_CERT_D:				str="3WCC_D"; break;
-case SSL3_ST_CW_KEY_EXCH_A:			str="3WCKEA"; break;
-case SSL3_ST_CW_KEY_EXCH_B:			str="3WCKEB"; break;
-case SSL3_ST_CW_CERT_VRFY_A:			str="3WCV_A"; break;
-case SSL3_ST_CW_CERT_VRFY_B:			str="3WCV_B"; break;
-
-case SSL3_ST_SW_CHANGE_A:
-case SSL3_ST_CW_CHANGE_A:			str="3WCCSA"; break;
-case SSL3_ST_SW_CHANGE_B:
-case SSL3_ST_CW_CHANGE_B:			str="3WCCSB"; break;
-case SSL3_ST_SW_FINISHED_A:
-case SSL3_ST_CW_FINISHED_A:			str="3WFINA"; break;
-case SSL3_ST_SW_FINISHED_B:
-case SSL3_ST_CW_FINISHED_B:			str="3WFINB"; break;
-case SSL3_ST_SR_CHANGE_A:
-case SSL3_ST_CR_CHANGE_A:			str="3RCCSA"; break;
-case SSL3_ST_SR_CHANGE_B:
-case SSL3_ST_CR_CHANGE_B:			str="3RCCSB"; break;
-case SSL3_ST_SR_FINISHED_A:
-case SSL3_ST_CR_FINISHED_A:			str="3RFINA"; break;
-case SSL3_ST_SR_FINISHED_B:
-case SSL3_ST_CR_FINISHED_B:			str="3RFINB"; break;
-
-case SSL3_ST_SW_HELLO_REQ_A:			str="3WHR_A"; break;
-case SSL3_ST_SW_HELLO_REQ_B:			str="3WHR_B"; break;
-case SSL3_ST_SW_HELLO_REQ_C:			str="3WHR_C"; break;
-case SSL3_ST_SR_CLNT_HELLO_A:			str="3RCH_A"; break;
-case SSL3_ST_SR_CLNT_HELLO_B:			str="3RCH_B"; break;
-case SSL3_ST_SR_CLNT_HELLO_C:			str="3RCH_C"; break;
-case SSL3_ST_SW_SRVR_HELLO_A:			str="3WSH_A"; break;
-case SSL3_ST_SW_SRVR_HELLO_B:			str="3WSH_B"; break;
-case SSL3_ST_SW_CERT_A:				str="3WSC_A"; break;
-case SSL3_ST_SW_CERT_B:				str="3WSC_B"; break;
-case SSL3_ST_SW_KEY_EXCH_A:			str="3WSKEA"; break;
-case SSL3_ST_SW_KEY_EXCH_B:			str="3WSKEB"; break;
-case SSL3_ST_SW_CERT_REQ_A:			str="3WCR_A"; break;
-case SSL3_ST_SW_CERT_REQ_B:			str="3WCR_B"; break;
-case SSL3_ST_SW_SRVR_DONE_A:			str="3WSD_A"; break;
-case SSL3_ST_SW_SRVR_DONE_B:			str="3WSD_B"; break;
-case SSL3_ST_SR_CERT_A:				str="3RCC_A"; break;
-case SSL3_ST_SR_CERT_B:				str="3RCC_B"; break;
-case SSL3_ST_SR_KEY_EXCH_A:			str="3RCKEA"; break;
-case SSL3_ST_SR_KEY_EXCH_B:			str="3RCKEB"; break;
-case SSL3_ST_SR_CERT_VRFY_A:			str="3RCV_A"; break;
-case SSL3_ST_SR_CERT_VRFY_B:			str="3RCV_B"; break;
-#endif
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-/* SSLv2/v3 compatibility states */
-/* client */
-case SSL23_ST_CW_CLNT_HELLO_A:			str="23WCHA"; break;
-case SSL23_ST_CW_CLNT_HELLO_B:			str="23WCHB"; break;
-case SSL23_ST_CR_SRVR_HELLO_A:			str="23RSHA"; break;
-case SSL23_ST_CR_SRVR_HELLO_B:			str="23RSHA"; break;
-/* server */
-case SSL23_ST_SR_CLNT_HELLO_A:			str="23RCHA"; break;
-case SSL23_ST_SR_CLNT_HELLO_B:			str="23RCHB"; break;
-#endif
-
-default:					str="UNKWN "; break;
-		}
-	return(str);
-	}
-
-const char *SSL_alert_type_string_long(int value)
-	{
-	value>>=8;
-	if (value == SSL3_AL_WARNING)
-		return("warning");
-	else if (value == SSL3_AL_FATAL)
-		return("fatal");
-	else
-		return("unknown");
-	}
-
-const char *SSL_alert_type_string(int value)
-	{
-	value>>=8;
-	if (value == SSL3_AL_WARNING)
-		return("W");
-	else if (value == SSL3_AL_FATAL)
-		return("F");
-	else
-		return("U");
-	}
-
-const char *SSL_alert_desc_string(int value)
-	{
-	const char *str;
-
-	switch (value & 0xff)
-		{
-	case SSL3_AD_CLOSE_NOTIFY:		str="CN"; break;
-	case SSL3_AD_UNEXPECTED_MESSAGE:	str="UM"; break;
-	case SSL3_AD_BAD_RECORD_MAC:		str="BM"; break;
-	case SSL3_AD_DECOMPRESSION_FAILURE:	str="DF"; break;
-	case SSL3_AD_HANDSHAKE_FAILURE:		str="HF"; break;
-	case SSL3_AD_NO_CERTIFICATE:		str="NC"; break;
-	case SSL3_AD_BAD_CERTIFICATE:		str="BC"; break;
-	case SSL3_AD_UNSUPPORTED_CERTIFICATE:	str="UC"; break;
-	case SSL3_AD_CERTIFICATE_REVOKED:	str="CR"; break;
-	case SSL3_AD_CERTIFICATE_EXPIRED:	str="CE"; break;
-	case SSL3_AD_CERTIFICATE_UNKNOWN:	str="CU"; break;
-	case SSL3_AD_ILLEGAL_PARAMETER:		str="IP"; break;
-	case TLS1_AD_DECRYPTION_FAILED:		str="DC"; break;
-	case TLS1_AD_RECORD_OVERFLOW:		str="RO"; break;
-	case TLS1_AD_UNKNOWN_CA:		str="CA"; break;
-	case TLS1_AD_ACCESS_DENIED:		str="AD"; break;
-	case TLS1_AD_DECODE_ERROR:		str="DE"; break;
-	case TLS1_AD_DECRYPT_ERROR:		str="CY"; break;
-	case TLS1_AD_EXPORT_RESTRICTION:	str="ER"; break;
-	case TLS1_AD_PROTOCOL_VERSION:		str="PV"; break;
-	case TLS1_AD_INSUFFICIENT_SECURITY:	str="IS"; break;
-	case TLS1_AD_INTERNAL_ERROR:		str="IE"; break;
-	case TLS1_AD_USER_CANCELLED:		str="US"; break;
-	case TLS1_AD_NO_RENEGOTIATION:		str="NR"; break;
-	default:				str="UK"; break;
-		}
-	return(str);
-	}
-
-const char *SSL_alert_desc_string_long(int value)
-	{
-	const char *str;
-
-	switch (value & 0xff)
-		{
-	case SSL3_AD_CLOSE_NOTIFY:
-		str="close notify";
-		break;
-	case SSL3_AD_UNEXPECTED_MESSAGE:
-		str="unexpected_message";
-		break;
-	case SSL3_AD_BAD_RECORD_MAC:
-		str="bad record mac";
-		break;
-	case SSL3_AD_DECOMPRESSION_FAILURE:
-		str="decompression failure";
-		break;
-	case SSL3_AD_HANDSHAKE_FAILURE:
-		str="handshake failure";
-		break;
-	case SSL3_AD_NO_CERTIFICATE:
-		str="no certificate";
-		break;
-	case SSL3_AD_BAD_CERTIFICATE:
-		str="bad certificate";
-		break;
-	case SSL3_AD_UNSUPPORTED_CERTIFICATE:
-		str="unsupported certificate";
-		break;
-	case SSL3_AD_CERTIFICATE_REVOKED:
-		str="certificate revoked";
-		break;
-	case SSL3_AD_CERTIFICATE_EXPIRED:
-		str="certificate expired";
-		break;
-	case SSL3_AD_CERTIFICATE_UNKNOWN:
-		str="certificate unknown";
-		break;
-	case SSL3_AD_ILLEGAL_PARAMETER:
-		str="illegal parameter";
-		break;
-	case TLS1_AD_DECRYPTION_FAILED:
-		str="decryption failed";
-		break;
-	case TLS1_AD_RECORD_OVERFLOW:
-		str="record overflow";
-		break;
-	case TLS1_AD_UNKNOWN_CA:
-		str="unknown CA";
-		break;
-	case TLS1_AD_ACCESS_DENIED:
-		str="access denied";
-		break;
-	case TLS1_AD_DECODE_ERROR:
-		str="decode error";
-		break;
-	case TLS1_AD_DECRYPT_ERROR:
-		str="decrypt error";
-		break;
-	case TLS1_AD_EXPORT_RESTRICTION:
-		str="export restriction";
-		break;
-	case TLS1_AD_PROTOCOL_VERSION:
-		str="protocol version";
-		break;
-	case TLS1_AD_INSUFFICIENT_SECURITY:
-		str="insufficient security";
-		break;
-	case TLS1_AD_INTERNAL_ERROR:
-		str="internal error";
-		break;
-	case TLS1_AD_USER_CANCELLED:
-		str="user canceled";
-		break;
-	case TLS1_AD_NO_RENEGOTIATION:
-		str="no renegotiation";
-		break;
-	default: str="unknown"; break;
-		}
-	return(str);
-	}
-
-const char *SSL_rstate_string(const SSL *s)
-	{
-	const char *str;
-
-	switch (s->rstate)
-		{
-	case SSL_ST_READ_HEADER:str="RH"; break;
-	case SSL_ST_READ_BODY:	str="RB"; break;
-	case SSL_ST_READ_DONE:	str="RD"; break;
-	default: str="unknown"; break;
-		}
-	return(str);
-	}
diff --git a/crypto/openssl/ssl/ssl_task.c b/crypto/openssl/ssl/ssl_task.c
deleted file mode 100644
index b5ce44b47c56..000000000000
--- a/crypto/openssl/ssl/ssl_task.c
+++ /dev/null
@@ -1,369 +0,0 @@
-/* ssl/ssl_task.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* VMS */
-/*
- * DECnet object for servicing SSL.  We accept the inbound and speak a
- * simple protocol for multiplexing the 2 data streams (application and
- * ssl data) over this logical link.
- *
- * Logical names:
- *    SSL_CIPHER	Defines a list of cipher specifications the server
- *			will support in order of preference.
- *    SSL_SERVER_CERTIFICATE
- *			Points to PEM (privacy enhanced mail) file that
- *			contains the server certificate and private password.
- *    SYS$NET		Logical created by netserver.exe as hook for completing
- *			DECnet logical link.
- *
- * Each NSP message sent over the DECnet link has the following structure:
- *    struct rpc_msg { 
- *      char channel;
- *      char function;
- *      short length;
- *      char data[MAX_DATA];
- *    } msg;
- *
- * The channel field designates the virtual data stream this message applies
- * to and is one of:
- *   A - Application data (payload).
- *   R - Remote client connection that initiated the SSL connection.  Encrypted
- *       data is sent over this connection.
- *   G - General data, reserved for future use.
- *
- * The data streams are half-duplex read/write and have following functions:
- *   G - Get, requests that up to msg.length bytes of data be returned.  The
- *       data is returned in the next 'C' function response that matches the
- *       requesting channel.
- *   P - Put, requests that the first msg.length bytes of msg.data be appended
- *       to the designated stream.
- *   C - Confirms a get or put.  Every get and put will get a confirm response,
- *       you cannot initiate another function on a channel until the previous
- *       operation has been confirmed.
- *
- *  The 2 channels may interleave their operations, for example:
- *        Server msg           Client msg
- *         A, Get, 4092          ---->
- *                               <----  R, get, 4092
- *         R, Confirm, {hello}   ---->
- *                               <----  R, put, {srv hello}
- *         R, Confirm, 0         ---->
- *                               .		(SSL handshake completed)
- *                               .              (read first app data).
- *                               <----  A, confirm, {http data}
- *         A, Put, {http data}   ---->
- *                               <----  A, confirm, 0
- *
- *  The length field is not permitted to be larger that 4092 bytes.
- *
- * Author: Dave Jones
- * Date:   22-JUL-1996
- */
-#include <stdlib.h>
-#include <stdio.h>
-#include <iodef.h>		/* VMS IO$_ definitions */
-#include <descrip.h>		/* VMS string descriptors */
-extern int SYS$QIOW(), SYS$ASSIGN();
-int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
-
-#include <string.h>		/* from ssltest.c */
-#include <errno.h>
-
-#include "e_os.h"
-
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-	int error);
-BIO *bio_err=NULL;
-BIO *bio_stdout=NULL;
-BIO_METHOD *BIO_s_rtcp();
-
-static char *cipher=NULL;
-int verbose=1;
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
-/*************************************************************************/
-struct rpc_msg {		/* Should have member alignment inhibited */
-   char channel;		/* 'A'-app data. 'R'-remote client 'G'-global */
-   char function;		/* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
-   unsigned short int length;	/* Amount of data returned or max to return */
-   char data[4092];		/* variable data */
-};
-#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
-
-static $DESCRIPTOR(sysnet, "SYS$NET");
-typedef unsigned short io_channel;
-
-struct io_status {
-    unsigned short status;
-    unsigned short count;
-    unsigned long stsval;
-};
-int doit(io_channel chan, SSL_CTX *s_ctx );
-/*****************************************************************************/
-/* Decnet I/O routines.
- */
-static int get ( io_channel chan, char *buffer, int maxlen, int *length )
-{
-    int status;
-    struct io_status iosb;
-    status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
-	buffer, maxlen, 0, 0, 0, 0 );
-    if ( (status&1) == 1 ) status = iosb.status;
-    if ( (status&1) == 1 ) *length = iosb.count;
-    return status;
-}
-
-static int put ( io_channel chan, char *buffer, int length )
-{
-    int status;
-    struct io_status iosb;
-    status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
-	buffer, length, 0, 0, 0, 0 );
-    if ( (status&1) == 1 ) status = iosb.status;
-    return status;
-}
-/***************************************************************************/
-/* Handle operations on the 'G' channel.
- */
-static int general_request ( io_channel chan, struct rpc_msg *msg, int length )
-{
-    return 48;
-}
-/***************************************************************************/
-int main ( int argc, char **argv )
-{
-    int status, length;
-    io_channel chan;
-    struct rpc_msg msg;
-
-	char *CApath=NULL,*CAfile=NULL;
-	int badop=0;
-	int ret=1;
-	int client_auth=0;
-	int server_auth=0;
-	SSL_CTX *s_ctx=NULL;
-    /*
-     * Confirm logical link with initiating client.
-     */
-    LIB$INIT_TIMER();
-    status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 );
-    printf("status of assign to SYS$NET: %d\n", status );
-    /*
-     * Initialize standard out and error files.
-     */
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
-	if (bio_stdout == NULL)
-		if ((bio_stdout=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_stdout,stdout,BIO_NOCLOSE);
-    /*
-     * get the preferred cipher list and other initialization
-     */
-	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
-	printf("cipher list: %s\n", cipher ? cipher : "{undefined}" );
-
-	SSL_load_error_strings();
-	OpenSSL_add_all_algorithms();
-
-/* DRM, this was the original, but there is no such thing as SSLv2()
-	s_ctx=SSL_CTX_new(SSLv2());
-*/
-	s_ctx=SSL_CTX_new(SSLv2_server_method());
-
-	if (s_ctx == NULL) goto end;
-
-	SSL_CTX_use_certificate_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
-	SSL_CTX_use_RSAPrivateKey_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
-	printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT );
-
-    /*
-     * Take commands from client until bad status.
-     */
-    LIB$SHOW_TIMER();
-    status = doit ( chan, s_ctx );
-    LIB$SHOW_TIMER();
-    /*
-     * do final cleanup and exit.
-     */
-end:
-	if (s_ctx != NULL) SSL_CTX_free(s_ctx);
-    LIB$SHOW_TIMER();
-    return 1;
-}
-
-int doit(io_channel chan, SSL_CTX *s_ctx )
-{
-    int status, length, link_state;
-     struct rpc_msg msg;
-
-	SSL *s_ssl=NULL;
-	BIO *c_to_s=NULL;
-	BIO *s_to_c=NULL;
-	BIO *c_bio=NULL;
-	BIO *s_bio=NULL;
-	int i;
-	int done=0;
-
-	s_ssl=SSL_new(s_ctx);
-	if (s_ssl == NULL) goto err;
-
-	c_to_s=BIO_new(BIO_s_rtcp());
-	s_to_c=BIO_new(BIO_s_rtcp());
-	if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
-/* original, DRM 24-SEP-1997
-	BIO_set_fd ( c_to_s, "", chan );
-	BIO_set_fd ( s_to_c, "", chan );
-*/
-	BIO_set_fd ( c_to_s, 0, chan );
-	BIO_set_fd ( s_to_c, 0, chan );
-
-	c_bio=BIO_new(BIO_f_ssl());
-	s_bio=BIO_new(BIO_f_ssl());
-	if ((c_bio == NULL) || (s_bio == NULL)) goto err;
-
-	SSL_set_accept_state(s_ssl);
-	SSL_set_bio(s_ssl,c_to_s,s_to_c);
-	BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE);
-
-	/* We can always do writes */
-	printf("Begin doit main loop\n");
-	/*
-	 * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
-	 */
-	for (link_state = 0; link_state < 3; ) {
-	    /*
-	     * Wait for remote end to request data action on A channel.
-	     */
-	    while ( link_state == 0 ) {
-		status = get ( chan, (char *) &msg, sizeof(msg), &length );
-		if ( (status&1) == 0 ) {
-		    printf("Error in main loop get: %d\n", status );
-		    link_state = 3;
-		    break;
-		}
-	   	if ( length < RPC_HDR_SIZE ) {
-		    printf("Error in main loop get size: %d\n", length );
-		    break;
-		    link_state = 3;
-		}
-	   	if ( msg.channel != 'A' ) {
-		    printf("Error in main loop, unexpected channel: %c\n", 
-			msg.channel );
-		    break;
-		    link_state = 3;
-		}
-		if ( msg.function == 'G' ) {
-		    link_state = 1;
-		} else if ( msg.function == 'P' ) {
-		    link_state = 2;	/* write pending */
-		} else if ( msg.function == 'X' ) {
-		    link_state = 3;
-		} else {
-		    link_state = 3;
-		}
-	    }
-	    if ( link_state == 1 ) {
-		i = BIO_read ( s_bio, msg.data, msg.length );
-		if ( i < 0 ) link_state = 3;
-		else {
-		    msg.channel = 'A';
-		    msg.function = 'C';		/* confirm */
-		    msg.length = i;
-		    status = put ( chan, (char *) &msg, i+RPC_HDR_SIZE );
-		    if ( (status&1) == 0 ) break;
-		    link_state = 0;
-		}
-	    } else if ( link_state == 2 ) {
-		i = BIO_write ( s_bio, msg.data, msg.length );
-		if ( i < 0 ) link_state = 3;
-		else {
-		    msg.channel = 'A';
-		    msg.function = 'C';		/* confirm */
-		    msg.length = 0;
-		    status = put ( chan, (char *) &msg, RPC_HDR_SIZE );
-		    if ( (status&1) == 0 ) break;
-		    link_state = 0;
-		}
-	    }
-	}
-	fprintf(stdout,"DONE\n");
-err:
-	/* We have to set the BIO's to NULL otherwise they will be
-	 * free()ed twice.  Once when th s_ssl is SSL_free()ed and
-	 * again when c_ssl is SSL_free()ed.
-	 * This is a hack required because s_ssl and c_ssl are sharing the same
-	 * BIO structure and SSL_set_bio() and SSL_free() automatically
-	 * BIO_free non NULL entries.
-	 * You should not normally do this or be required to do this */
-	s_ssl->rbio=NULL;
-	s_ssl->wbio=NULL;
-
-	if (c_to_s != NULL) BIO_free(c_to_s);
-	if (s_to_c != NULL) BIO_free(s_to_c);
-	if (c_bio != NULL) BIO_free(c_bio);
-	if (s_bio != NULL) BIO_free(s_bio);
-	return(0);
-}
diff --git a/crypto/openssl/ssl/ssl_txt.c b/crypto/openssl/ssl/ssl_txt.c
deleted file mode 100644
index 40b76b1b2692..000000000000
--- a/crypto/openssl/ssl/ssl_txt.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* ssl/ssl_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file_internal())) == NULL)
-		{
-		SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=SSL_SESSION_print(b,x);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
-	{
-	unsigned int i;
-	char *s;
-
-	if (x == NULL) goto err;
-	if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
-	if (x->ssl_version == SSL2_VERSION)
-		s="SSLv2";
-	else if (x->ssl_version == SSL3_VERSION)
-		s="SSLv3";
-	else if (x->ssl_version == TLS1_VERSION)
-		s="TLSv1";
-	else
-		s="unknown";
-	if (BIO_printf(bp,"    Protocol  : %s\n",s) <= 0) goto err;
-
-	if (x->cipher == NULL)
-		{
-		if (((x->cipher_id) & 0xff000000) == 0x02000000)
-			{
-			if (BIO_printf(bp,"    Cipher    : %06lX\n",x->cipher_id&0xffffff) <= 0)
-				goto err;
-			}
-		else
-			{
-			if (BIO_printf(bp,"    Cipher    : %04lX\n",x->cipher_id&0xffff) <= 0)
-				goto err;
-			}
-		}
-	else
-		{
-		if (BIO_printf(bp,"    Cipher    : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
-			goto err;
-		}
-	if (BIO_puts(bp,"    Session-ID: ") <= 0) goto err;
-	for (i=0; i<x->session_id_length; i++)
-		{
-		if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
-		}
-	if (BIO_puts(bp,"\n    Session-ID-ctx: ") <= 0) goto err;
-	for (i=0; i<x->sid_ctx_length; i++)
-		{
-		if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
-			goto err;
-		}
-	if (BIO_puts(bp,"\n    Master-Key: ") <= 0) goto err;
-	for (i=0; i<(unsigned int)x->master_key_length; i++)
-		{
-		if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
-		}
-	if (BIO_puts(bp,"\n    Key-Arg   : ") <= 0) goto err;
-	if (x->key_arg_length == 0)
-		{
-		if (BIO_puts(bp,"None") <= 0) goto err;
-		}
-	else
-		for (i=0; i<x->key_arg_length; i++)
-			{
-			if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
-			}
-#ifndef OPENSSL_NO_KRB5
-       if (BIO_puts(bp,"\n    Krb5 Principal: ") <= 0) goto err;
-            if (x->krb5_client_princ_len == 0)
-            {
-		if (BIO_puts(bp,"None") <= 0) goto err;
-		}
-	else
-		for (i=0; i<x->krb5_client_princ_len; i++)
-			{
-			if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
-			}
-#endif /* OPENSSL_NO_KRB5 */
-	if (x->compress_meth != 0)
-		{
-		SSL_COMP *comp;
-
-		ssl_cipher_get_evp(x,NULL,NULL,&comp);
-		if (comp == NULL)
-			{
-			if (BIO_printf(bp,"\n   Compression: %d",x->compress_meth) <= 0) goto err;
-			}
-		else
-			{
-			if (BIO_printf(bp,"\n   Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
-			}
-		}	
-	if (x->time != 0L)
-		{
-		if (BIO_printf(bp, "\n    Start Time: %ld",x->time) <= 0) goto err;
-		}
-	if (x->timeout != 0L)
-		{
-		if (BIO_printf(bp, "\n    Timeout   : %ld (sec)",x->timeout) <= 0) goto err;
-		}
-	if (BIO_puts(bp,"\n") <= 0) goto err;
-
-	if (BIO_puts(bp, "    Verify return code: ") <= 0) goto err;
-	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
-		X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
-		
-	return(1);
-err:
-	return(0);
-	}
-
diff --git a/crypto/openssl/ssl/ssltest.c b/crypto/openssl/ssl/ssltest.c
deleted file mode 100644
index 42b6f1fc8b14..000000000000
--- a/crypto/openssl/ssl/ssltest.c
+++ /dev/null
@@ -1,1638 +0,0 @@
-/* ssl/ssltest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define _BSD_SOURCE 1		/* Or gethostname won't be declared properly
-				   on Linux and GNU platforms. */
-
-#include <assert.h>
-#include <errno.h>
-#include <limits.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#define USE_SOCKETS
-#include "e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
-				     on Compaq platforms (at least with DEC C).
-				     Do not try to put it earlier, or IPv6 includes
-				     get screwed...
-				  */
-
-#ifdef OPENSSL_SYS_WINDOWS
-#include <winsock.h>
-#include "../crypto/bio/bss_file.c"
-#else
-#include OPENSSL_UNISTD
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-#  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
-#  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
-#elif defined(OPENSSL_SYS_WINCE)
-#  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
-#  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
-#else
-#  define TEST_SERVER_CERT "../apps/server.pem"
-#  define TEST_CLIENT_CERT "../apps/client.pem"
-#endif
-
-/* There is really no standard for this, so let's assign some tentative
-   numbers.  In any case, these numbers are only for this test */
-#define COMP_RLE	1
-#define COMP_ZLIB	2
-
-static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
-static void free_tmp_rsa(void);
-#endif
-static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
-#define APP_CALLBACK "Test Callback Argument"
-static char *app_verify_arg = APP_CALLBACK;
-
-#ifndef OPENSSL_NO_DH
-static DH *get_dh512(void);
-static DH *get_dh1024(void);
-static DH *get_dh1024dsa(void);
-#endif
-
-static BIO *bio_err=NULL;
-static BIO *bio_stdout=NULL;
-
-static char *cipher=NULL;
-static int verbose=0;
-static int debug=0;
-#if 0
-/* Not used yet. */
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-#endif
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-
-int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
-int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
-static void sv_usage(void)
-	{
-	fprintf(stderr,"usage: ssltest [args ...]\n");
-	fprintf(stderr,"\n");
-	fprintf(stderr," -server_auth  - check server certificate\n");
-	fprintf(stderr," -client_auth  - do client authentication\n");
-	fprintf(stderr," -v            - more output\n");
-	fprintf(stderr," -d            - debug output\n");
-	fprintf(stderr," -reuse        - use session-id reuse\n");
-	fprintf(stderr," -num <val>    - number of connections to perform\n");
-	fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
-#ifndef OPENSSL_NO_DH
-	fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
-	fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
-	fprintf(stderr," -no_dhe       - disable DHE\n");
-#endif
-#ifndef OPENSSL_NO_SSL2
-	fprintf(stderr," -ssl2         - use SSLv2\n");
-#endif
-#ifndef OPENSSL_NO_SSL3
-	fprintf(stderr," -ssl3         - use SSLv3\n");
-#endif
-#ifndef OPENSSL_NO_TLS1
-	fprintf(stderr," -tls1         - use TLSv1\n");
-#endif
-	fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
-	fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
-	fprintf(stderr," -cert arg     - Server certificate file\n");
-	fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
-	fprintf(stderr," -c_cert arg   - Client certificate file\n");
-	fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
-	fprintf(stderr," -cipher arg   - The cipher list\n");
-	fprintf(stderr," -bio_pair     - Use BIO pairs\n");
-	fprintf(stderr," -f            - Test even cases that can't work\n");
-	fprintf(stderr," -time         - measure processor time used by client and server\n");
-	fprintf(stderr," -zlib         - use zlib compression\n");
-	fprintf(stderr," -time         - use rle compression\n");
-	}
-
-static void print_details(SSL *c_ssl, const char *prefix)
-	{
-	SSL_CIPHER *ciph;
-	X509 *cert;
-		
-	ciph=SSL_get_current_cipher(c_ssl);
-	BIO_printf(bio_stdout,"%s%s, cipher %s %s",
-		prefix,
-		SSL_get_version(c_ssl),
-		SSL_CIPHER_get_version(ciph),
-		SSL_CIPHER_get_name(ciph));
-	cert=SSL_get_peer_certificate(c_ssl);
-	if (cert != NULL)
-		{
-		EVP_PKEY *pkey = X509_get_pubkey(cert);
-		if (pkey != NULL)
-			{
-			if (0) 
-				;
-#ifndef OPENSSL_NO_RSA
-			else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
-				&& pkey->pkey.rsa->n != NULL)
-				{
-				BIO_printf(bio_stdout, ", %d bit RSA",
-					BN_num_bits(pkey->pkey.rsa->n));
-				}
-#endif
-#ifndef OPENSSL_NO_DSA
-			else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
-				&& pkey->pkey.dsa->p != NULL)
-				{
-				BIO_printf(bio_stdout, ", %d bit DSA",
-					BN_num_bits(pkey->pkey.dsa->p));
-				}
-#endif
-			EVP_PKEY_free(pkey);
-			}
-		X509_free(cert);
-		}
-	/* The SSL API does not allow us to look at temporary RSA/DH keys,
-	 * otherwise we should print their lengths too */
-	BIO_printf(bio_stdout,"\n");
-	}
-
-static void lock_dbg_cb(int mode, int type, const char *file, int line)
-	{
-	static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
-	const char *errstr = NULL;
-	int rw;
-	
-	rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
-	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
-	if (type < 0 || type > CRYPTO_NUM_LOCKS)
-		{
-		errstr = "type out of bounds";
-		goto err;
-		}
-
-	if (mode & CRYPTO_LOCK)
-		{
-		if (modes[type])
-			{
-			errstr = "already locked";
-			/* must not happen in a single-threaded program
-			 * (would deadlock) */
-			goto err;
-			}
-
-		modes[type] = rw;
-		}
-	else if (mode & CRYPTO_UNLOCK)
-		{
-		if (!modes[type])
-			{
-			errstr = "not locked";
-			goto err;
-			}
-		
-		if (modes[type] != rw)
-			{
-			errstr = (rw == CRYPTO_READ) ?
-				"CRYPTO_r_unlock on write lock" :
-				"CRYPTO_w_unlock on read lock";
-			}
-
-		modes[type] = 0;
-		}
-	else
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
- err:
-	if (errstr)
-		{
-		/* we cannot use bio_err here */
-		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
-			errstr, mode, type, file, line);
-		}
-	}
-
-int main(int argc, char *argv[])
-	{
-	char *CApath=NULL,*CAfile=NULL;
-	int badop=0;
-	int bio_pair=0;
-	int force=0;
-	int tls1=0,ssl2=0,ssl3=0,ret=1;
-	int client_auth=0;
-	int server_auth=0,i;
-	int app_verify=0;
-	char *server_cert=TEST_SERVER_CERT;
-	char *server_key=NULL;
-	char *client_cert=TEST_CLIENT_CERT;
-	char *client_key=NULL;
-	SSL_CTX *s_ctx=NULL;
-	SSL_CTX *c_ctx=NULL;
-	SSL_METHOD *meth=NULL;
-	SSL *c_ssl,*s_ssl;
-	int number=1,reuse=0;
-	long bytes=1L;
-#ifndef OPENSSL_NO_DH
-	DH *dh;
-	int dhe1024 = 0, dhe1024dsa = 0;
-#endif
-	int no_dhe = 0;
-	int print_time = 0;
-	clock_t s_time = 0, c_time = 0;
-	int comp = 0;
-	COMP_METHOD *cm = NULL;
-
-	verbose = 0;
-	debug = 0;
-	cipher = 0;
-
-	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);	
-
-	CRYPTO_set_locking_callback(lock_dbg_cb);
-
-	/* enable memory leak checking unless explicitly disabled */
-	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
-		{
-		CRYPTO_malloc_debug_init();
-		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-		}
-	else
-		{
-		/* OPENSSL_DEBUG_MEMORY=off */
-		CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
-		}
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	RAND_seed(rnd_seed, sizeof rnd_seed);
-
-	bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
-
-	argc--;
-	argv++;
-
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-server_auth") == 0)
-			server_auth=1;
-		else if	(strcmp(*argv,"-client_auth") == 0)
-			client_auth=1;
-		else if	(strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-d") == 0)
-			debug=1;
-		else if	(strcmp(*argv,"-reuse") == 0)
-			reuse=1;
-		else if	(strcmp(*argv,"-dhe1024") == 0)
-			{
-#ifndef OPENSSL_NO_DH
-			dhe1024=1;
-#else
-			fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
-#endif
-			}
-		else if	(strcmp(*argv,"-dhe1024dsa") == 0)
-			{
-#ifndef OPENSSL_NO_DH
-			dhe1024dsa=1;
-#else
-			fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
-#endif
-			}
-		else if	(strcmp(*argv,"-no_dhe") == 0)
-			no_dhe=1;
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			ssl2=1;
-		else if	(strcmp(*argv,"-tls1") == 0)
-			tls1=1;
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			ssl3=1;
-		else if	(strncmp(*argv,"-num",4) == 0)
-			{
-			if (--argc < 1) goto bad;
-			number= atoi(*(++argv));
-			if (number == 0) number=1;
-			}
-		else if	(strcmp(*argv,"-bytes") == 0)
-			{
-			if (--argc < 1) goto bad;
-			bytes= atol(*(++argv));
-			if (bytes == 0L) bytes=1L;
-			i=strlen(argv[0]);
-			if (argv[0][i-1] == 'k') bytes*=1024L;
-			if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			server_cert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-s_cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			server_cert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			server_key= *(++argv);
-			}
-		else if	(strcmp(*argv,"-s_key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			server_key= *(++argv);
-			}
-		else if	(strcmp(*argv,"-c_cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			client_cert= *(++argv);
-			}
-		else if	(strcmp(*argv,"-c_key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			client_key= *(++argv);
-			}
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if	(strcmp(*argv,"-bio_pair") == 0)
-			{
-			bio_pair = 1;
-			}
-		else if	(strcmp(*argv,"-f") == 0)
-			{
-			force = 1;
-			}
-		else if	(strcmp(*argv,"-time") == 0)
-			{
-			print_time = 1;
-			}
-		else if	(strcmp(*argv,"-zlib") == 0)
-			{
-			comp = COMP_ZLIB;
-			}
-		else if	(strcmp(*argv,"-rle") == 0)
-			{
-			comp = COMP_RLE;
-			}
-		else if	(strcmp(*argv,"-app_verify") == 0)
-			{
-			app_verify = 1;
-			}
-		else
-			{
-			fprintf(stderr,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sv_usage();
-		goto end;
-		}
-
-	if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
-		{
-		fprintf(stderr, "This case cannot work.  Use -f to perform "
-			"the test anyway (and\n-d to see what happens), "
-			"or add one of -ssl2, -ssl3, -tls1, -reuse\n"
-			"to avoid protocol mismatch.\n");
-		EXIT(1);
-		}
-
-	if (print_time)
-		{
-		if (!bio_pair)
-			{
-			fprintf(stderr, "Using BIO pair (-bio_pair)\n");
-			bio_pair = 1;
-			}
-		if (number < 50 && !force)
-			fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
-		}
-
-/*	if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
-
-	SSL_library_init();
-	SSL_load_error_strings();
-
-	if (comp == COMP_ZLIB) cm = COMP_zlib();
-	if (comp == COMP_RLE) cm = COMP_rle();
-	if (cm != NULL)
-		{
-		if (cm->type != NID_undef)
-			SSL_COMP_add_compression_method(comp, cm);
-		else
-			{
-			fprintf(stderr,
-				"Warning: %s compression not supported\n",
-				(comp == COMP_RLE ? "rle" :
-					(comp == COMP_ZLIB ? "zlib" :
-						"unknown")));
-			ERR_print_errors_fp(stderr);
-			}
-		}
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	if (ssl2)
-		meth=SSLv2_method();
-	else 
-	if (tls1)
-		meth=TLSv1_method();
-	else
-	if (ssl3)
-		meth=SSLv3_method();
-	else
-		meth=SSLv23_method();
-#else
-#ifdef OPENSSL_NO_SSL2
-	meth=SSLv3_method();
-#else
-	meth=SSLv2_method();
-#endif
-#endif
-
-	c_ctx=SSL_CTX_new(meth);
-	s_ctx=SSL_CTX_new(meth);
-	if ((c_ctx == NULL) || (s_ctx == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (cipher != NULL)
-		{
-		SSL_CTX_set_cipher_list(c_ctx,cipher);
-		SSL_CTX_set_cipher_list(s_ctx,cipher);
-		}
-
-#ifndef OPENSSL_NO_DH
-	if (!no_dhe)
-		{
-		if (dhe1024dsa)
-			{
-			/* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
-			SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
-			dh=get_dh1024dsa();
-			}
-		else if (dhe1024)
-			dh=get_dh1024();
-		else
-			dh=get_dh512();
-		SSL_CTX_set_tmp_dh(s_ctx,dh);
-		DH_free(dh);
-		}
-#else
-	(void)no_dhe;
-#endif
-
-#ifndef OPENSSL_NO_RSA
-	SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
-#endif
-
-	if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
-		{
-		ERR_print_errors(bio_err);
-		}
-	else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
-		(server_key?server_key:server_cert), SSL_FILETYPE_PEM))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (client_auth)
-		{
-		SSL_CTX_use_certificate_file(c_ctx,client_cert,
-			SSL_FILETYPE_PEM);
-		SSL_CTX_use_PrivateKey_file(c_ctx,
-			(client_key?client_key:client_cert),
-			SSL_FILETYPE_PEM);
-		}
-
-	if (	(!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
-		(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(c_ctx)))
-		{
-		/* fprintf(stderr,"SSL_load_verify_locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	if (client_auth)
-		{
-		BIO_printf(bio_err,"client authentication\n");
-		SSL_CTX_set_verify(s_ctx,
-			SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
-			verify_callback);
-		if (app_verify) 
-			{
-			SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
-			}
-		}
-	if (server_auth)
-		{
-		BIO_printf(bio_err,"server authentication\n");
-		SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
-			verify_callback);
-		if (app_verify) 
-			{
-			SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
-			}
-		}
-	
-	{
-		int session_id_context = 0;
-		SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
-	}
-
-	c_ssl=SSL_new(c_ctx);
-	s_ssl=SSL_new(s_ctx);
-
-#ifndef OPENSSL_NO_KRB5
-	if (c_ssl  &&  c_ssl->kssl_ctx)
-                {
-                char	localhost[MAXHOSTNAMELEN+2];
-
-		if (gethostname(localhost, sizeof localhost-1) == 0)
-                        {
-			localhost[sizeof localhost-1]='\0';
-			if(strlen(localhost) == sizeof localhost-1)
-				{
-				BIO_printf(bio_err,"localhost name too long\n");
-				goto end;
-				}
-			kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
-                                localhost);
-			}
-		}
-#endif    /* OPENSSL_NO_KRB5  */
-
-	for (i=0; i<number; i++)
-		{
-		if (!reuse) SSL_set_session(c_ssl,NULL);
-		if (bio_pair)
-			ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
-		else
-			ret=doit(s_ssl,c_ssl,bytes);
-		}
-
-	if (!verbose)
-		{
-		print_details(c_ssl, "");
-		}
-	if ((number > 1) || (bytes > 1L))
-		BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
-	if (print_time)
-		{
-#ifdef CLOCKS_PER_SEC
-		/* "To determine the time in seconds, the value returned
-		 * by the clock function should be divided by the value
-		 * of the macro CLOCKS_PER_SEC."
-		 *                                       -- ISO/IEC 9899 */
-		BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
-			"Approximate total client time: %6.2f s\n",
-			(double)s_time/CLOCKS_PER_SEC,
-			(double)c_time/CLOCKS_PER_SEC);
-#else
-		/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
-		 *                            -- cc on NeXTstep/OpenStep */
-		BIO_printf(bio_stdout,
-			"Approximate total server time: %6.2f units\n"
-			"Approximate total client time: %6.2f units\n",
-			(double)s_time,
-			(double)c_time);
-#endif
-		}
-
-	SSL_free(s_ssl);
-	SSL_free(c_ssl);
-
-end:
-	if (s_ctx != NULL) SSL_CTX_free(s_ctx);
-	if (c_ctx != NULL) SSL_CTX_free(c_ctx);
-
-	if (bio_stdout != NULL) BIO_free(bio_stdout);
-
-#ifndef OPENSSL_NO_RSA
-	free_tmp_rsa();
-#endif
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_cleanup();
-#endif
-	CRYPTO_cleanup_all_ex_data();
-	ERR_free_strings();
-	ERR_remove_state(0);
-	EVP_cleanup();
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL) BIO_free(bio_err);
-	EXIT(ret);
-	}
-
-int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
-	clock_t *s_time, clock_t *c_time)
-	{
-	long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
-	BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
-	BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
-	int ret = 1;
-	
-	size_t bufsiz = 256; /* small buffer for testing */
-
-	if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
-		goto err;
-	if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
-		goto err;
-	
-	s_ssl_bio = BIO_new(BIO_f_ssl());
-	if (!s_ssl_bio)
-		goto err;
-
-	c_ssl_bio = BIO_new(BIO_f_ssl());
-	if (!c_ssl_bio)
-		goto err;
-
-	SSL_set_connect_state(c_ssl);
-	SSL_set_bio(c_ssl, client, client);
-	(void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
-
-	SSL_set_accept_state(s_ssl);
-	SSL_set_bio(s_ssl, server, server);
-	(void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
-
-	do
-		{
-		/* c_ssl_bio:          SSL filter BIO
-		 *
-		 * client:             pseudo-I/O for SSL library
-		 *
-		 * client_io:          client's SSL communication; usually to be
-		 *                     relayed over some I/O facility, but in this
-		 *                     test program, we're the server, too:
-		 *
-		 * server_io:          server's SSL communication
-		 *
-		 * server:             pseudo-I/O for SSL library
-		 *
-		 * s_ssl_bio:          SSL filter BIO
-		 *
-		 * The client and the server each employ a "BIO pair":
-		 * client + client_io, server + server_io.
-		 * BIO pairs are symmetric.  A BIO pair behaves similar
-		 * to a non-blocking socketpair (but both endpoints must
-		 * be handled by the same thread).
-		 * [Here we could connect client and server to the ends
-		 * of a single BIO pair, but then this code would be less
-		 * suitable as an example for BIO pairs in general.]
-		 *
-		 * Useful functions for querying the state of BIO pair endpoints:
-		 *
-		 * BIO_ctrl_pending(bio)              number of bytes we can read now
-		 * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
-		 *                                      other side's read attempt
-		 * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
-		 *
-		 * ..._read_request is never more than ..._write_guarantee;
-		 * it depends on the application which one you should use.
-		 */
-
-		/* We have non-blocking behaviour throughout this test program, but
-		 * can be sure that there is *some* progress in each iteration; so
-		 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
-		 * -- we just try everything in each iteration
-		 */
-
-			{
-			/* CLIENT */
-		
-			MS_STATIC char cbuf[1024*8];
-			int i, r;
-			clock_t c_clock = clock();
-
-			memset(cbuf, 0, sizeof(cbuf));
-
-			if (debug)
-				if (SSL_in_init(c_ssl))
-					printf("client waiting in SSL_connect - %s\n",
-						SSL_state_string_long(c_ssl));
-
-			if (cw_num > 0)
-				{
-				/* Write to server. */
-				
-				if (cw_num > (long)sizeof cbuf)
-					i = sizeof cbuf;
-				else
-					i = (int)cw_num;
-				r = BIO_write(c_ssl_bio, cbuf, i);
-				if (r < 0)
-					{
-					if (!BIO_should_retry(c_ssl_bio))
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						goto err;
-						}
-					/* BIO_should_retry(...) can just be ignored here.
-					 * The library expects us to call BIO_write with
-					 * the same arguments again, and that's what we will
-					 * do in the next iteration. */
-					}
-				else if (r == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("client wrote %d\n", r);
-					cw_num -= r;				
-					}
-				}
-
-			if (cr_num > 0)
-				{
-				/* Read from server. */
-
-				r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
-				if (r < 0)
-					{
-					if (!BIO_should_retry(c_ssl_bio))
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						goto err;
-						}
-					/* Again, "BIO_should_retry" can be ignored. */
-					}
-				else if (r == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("client read %d\n", r);
-					cr_num -= r;
-					}
-				}
-
-			/* c_time and s_time increments will typically be very small
-			 * (depending on machine speed and clock tick intervals),
-			 * but sampling over a large number of connections should
-			 * result in fairly accurate figures.  We cannot guarantee
-			 * a lot, however -- if each connection lasts for exactly
-			 * one clock tick, it will be counted only for the client
-			 * or only for the server or even not at all.
-			 */
-			*c_time += (clock() - c_clock);
-			}
-
-			{
-			/* SERVER */
-		
-			MS_STATIC char sbuf[1024*8];
-			int i, r;
-			clock_t s_clock = clock();
-
-			memset(sbuf, 0, sizeof(sbuf));
-
-			if (debug)
-				if (SSL_in_init(s_ssl))
-					printf("server waiting in SSL_accept - %s\n",
-						SSL_state_string_long(s_ssl));
-
-			if (sw_num > 0)
-				{
-				/* Write to client. */
-				
-				if (sw_num > (long)sizeof sbuf)
-					i = sizeof sbuf;
-				else
-					i = (int)sw_num;
-				r = BIO_write(s_ssl_bio, sbuf, i);
-				if (r < 0)
-					{
-					if (!BIO_should_retry(s_ssl_bio))
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						goto err;
-						}
-					/* Ignore "BIO_should_retry". */
-					}
-				else if (r == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("server wrote %d\n", r);
-					sw_num -= r;				
-					}
-				}
-
-			if (sr_num > 0)
-				{
-				/* Read from client. */
-
-				r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
-				if (r < 0)
-					{
-					if (!BIO_should_retry(s_ssl_bio))
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						goto err;
-						}
-					/* blah, blah */
-					}
-				else if (r == 0)
-					{
-					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("server read %d\n", r);
-					sr_num -= r;
-					}
-				}
-
-			*s_time += (clock() - s_clock);
-			}
-			
-			{
-			/* "I/O" BETWEEN CLIENT AND SERVER. */
-
-			size_t r1, r2;
-			BIO *io1 = server_io, *io2 = client_io;
-			/* we use the non-copying interface for io1
-			 * and the standard BIO_write/BIO_read interface for io2
-			 */
-			
-			static int prev_progress = 1;
-			int progress = 0;
-			
-			/* io1 to io2 */
-			do
-				{
-				size_t num;
-				int r;
-
-				r1 = BIO_ctrl_pending(io1);
-				r2 = BIO_ctrl_get_write_guarantee(io2);
-
-				num = r1;
-				if (r2 < num)
-					num = r2;
-				if (num)
-					{
-					char *dataptr;
-
-					if (INT_MAX < num) /* yeah, right */
-						num = INT_MAX;
-					
-					r = BIO_nread(io1, &dataptr, (int)num);
-					assert(r > 0);
-					assert(r <= (int)num);
-					/* possibly r < num (non-contiguous data) */
-					num = r;
-					r = BIO_write(io2, dataptr, (int)num);
-					if (r != (int)num) /* can't happen */
-						{
-						fprintf(stderr, "ERROR: BIO_write could not write "
-							"BIO_ctrl_get_write_guarantee() bytes");
-						goto err;
-						}
-					progress = 1;
-
-					if (debug)
-						printf((io1 == client_io) ?
-							"C->S relaying: %d bytes\n" :
-							"S->C relaying: %d bytes\n",
-							(int)num);
-					}
-				}
-			while (r1 && r2);
-
-			/* io2 to io1 */
-			{
-				size_t num;
-				int r;
-
-				r1 = BIO_ctrl_pending(io2);
-				r2 = BIO_ctrl_get_read_request(io1);
-				/* here we could use ..._get_write_guarantee instead of
-				 * ..._get_read_request, but by using the latter
-				 * we test restartability of the SSL implementation
-				 * more thoroughly */
-				num = r1;
-				if (r2 < num)
-					num = r2;
-				if (num)
-					{
-					char *dataptr;
-					
-					if (INT_MAX < num)
-						num = INT_MAX;
-
-					if (num > 1)
-						--num; /* test restartability even more thoroughly */
-					
-					r = BIO_nwrite0(io1, &dataptr);
-					assert(r > 0);
-					if (r < (int)num)
-						num = r;
-					r = BIO_read(io2, dataptr, (int)num);
-					if (r != (int)num) /* can't happen */
-						{
-						fprintf(stderr, "ERROR: BIO_read could not read "
-							"BIO_ctrl_pending() bytes");
-						goto err;
-						}
-					progress = 1;
-					r = BIO_nwrite(io1, &dataptr, (int)num);
-					if (r != (int)num) /* can't happen */
-						{
-						fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
-							"BIO_nwrite0() bytes");
-						goto err;
-						}
-					
-					if (debug)
-						printf((io2 == client_io) ?
-							"C->S relaying: %d bytes\n" :
-							"S->C relaying: %d bytes\n",
-							(int)num);
-					}
-			} /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
-
-			if (!progress && !prev_progress)
-				if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
-					{
-					fprintf(stderr, "ERROR: got stuck\n");
-					if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
-						{
-						fprintf(stderr, "This can happen for SSL2 because "
-							"CLIENT-FINISHED and SERVER-VERIFY are written \n"
-							"concurrently ...");
-						if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
-							&& strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
-							{
-							fprintf(stderr, " ok.\n");
-							goto end;
-							}
-						}
-					fprintf(stderr, " ERROR.\n");
-					goto err;
-					}
-			prev_progress = progress;
-			}
-		}
-	while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
-
-	if (verbose)
-		print_details(c_ssl, "DONE via BIO pair: ");
-end:
-	ret = 0;
-
- err:
-	ERR_print_errors(bio_err);
-	
-	if (server)
-		BIO_free(server);
-	if (server_io)
-		BIO_free(server_io);
-	if (client)
-		BIO_free(client);
-	if (client_io)
-		BIO_free(client_io);
-	if (s_ssl_bio)
-		BIO_free(s_ssl_bio);
-	if (c_ssl_bio)
-		BIO_free(c_ssl_bio);
-
-	return ret;
-	}
-
-
-#define W_READ	1
-#define W_WRITE	2
-#define C_DONE	1
-#define S_DONE	2
-
-int doit(SSL *s_ssl, SSL *c_ssl, long count)
-	{
-	MS_STATIC char cbuf[1024*8],sbuf[1024*8];
-	long cw_num=count,cr_num=count;
-	long sw_num=count,sr_num=count;
-	int ret=1;
-	BIO *c_to_s=NULL;
-	BIO *s_to_c=NULL;
-	BIO *c_bio=NULL;
-	BIO *s_bio=NULL;
-	int c_r,c_w,s_r,s_w;
-	int c_want,s_want;
-	int i,j;
-	int done=0;
-	int c_write,s_write;
-	int do_server=0,do_client=0;
-
-	memset(cbuf,0,sizeof(cbuf));
-	memset(sbuf,0,sizeof(sbuf));
-
-	c_to_s=BIO_new(BIO_s_mem());
-	s_to_c=BIO_new(BIO_s_mem());
-	if ((s_to_c == NULL) || (c_to_s == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	c_bio=BIO_new(BIO_f_ssl());
-	s_bio=BIO_new(BIO_f_ssl());
-	if ((c_bio == NULL) || (s_bio == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	SSL_set_connect_state(c_ssl);
-	SSL_set_bio(c_ssl,s_to_c,c_to_s);
-	BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
-
-	SSL_set_accept_state(s_ssl);
-	SSL_set_bio(s_ssl,c_to_s,s_to_c);
-	BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
-
-	c_r=0; s_r=1;
-	c_w=1; s_w=0;
-	c_want=W_WRITE;
-	s_want=0;
-	c_write=1,s_write=0;
-
-	/* We can always do writes */
-	for (;;)
-		{
-		do_server=0;
-		do_client=0;
-
-		i=(int)BIO_pending(s_bio);
-		if ((i && s_r) || s_w) do_server=1;
-
-		i=(int)BIO_pending(c_bio);
-		if ((i && c_r) || c_w) do_client=1;
-
-		if (do_server && debug)
-			{
-			if (SSL_in_init(s_ssl))
-				printf("server waiting in SSL_accept - %s\n",
-					SSL_state_string_long(s_ssl));
-/*			else if (s_write)
-				printf("server:SSL_write()\n");
-			else
-				printf("server:SSL_read()\n"); */
-			}
-
-		if (do_client && debug)
-			{
-			if (SSL_in_init(c_ssl))
-				printf("client waiting in SSL_connect - %s\n",
-					SSL_state_string_long(c_ssl));
-/*			else if (c_write)
-				printf("client:SSL_write()\n");
-			else
-				printf("client:SSL_read()\n"); */
-			}
-
-		if (!do_client && !do_server)
-			{
-			fprintf(stdout,"ERROR IN STARTUP\n");
-			ERR_print_errors(bio_err);
-			break;
-			}
-		if (do_client && !(done & C_DONE))
-			{
-			if (c_write)
-				{
-				j=(cw_num > (long)sizeof(cbuf))
-					?sizeof(cbuf):(int)cw_num;
-				i=BIO_write(c_bio,cbuf,j);
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						ERR_print_errors(bio_err);
-						goto err;
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("client wrote %d\n",i);
-					/* ok */
-					s_r=1;
-					c_write=0;
-					cw_num-=i;
-					}
-				}
-			else
-				{
-				i=BIO_read(c_bio,cbuf,sizeof(cbuf));
-				if (i < 0)
-					{
-					c_r=0;
-					c_w=0;
-					if (BIO_should_retry(c_bio))
-						{
-						if (BIO_should_read(c_bio))
-							c_r=1;
-						if (BIO_should_write(c_bio))
-							c_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in CLIENT\n");
-						ERR_print_errors(bio_err);
-						goto err;
-						}
-					}
-				else if (i == 0)
-					{
-					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("client read %d\n",i);
-					cr_num-=i;
-					if (sw_num > 0)
-						{
-						s_write=1;
-						s_w=1;
-						}
-					if (cr_num <= 0)
-						{
-						s_write=1;
-						s_w=1;
-						done=S_DONE|C_DONE;
-						}
-					}
-				}
-			}
-
-		if (do_server && !(done & S_DONE))
-			{
-			if (!s_write)
-				{
-				i=BIO_read(s_bio,sbuf,sizeof(cbuf));
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors(bio_err);
-						goto err;
-						}
-					}
-				else if (i == 0)
-					{
-					ERR_print_errors(bio_err);
-					fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("server read %d\n",i);
-					sr_num-=i;
-					if (cw_num > 0)
-						{
-						c_write=1;
-						c_w=1;
-						}
-					if (sr_num <= 0)
-						{
-						s_write=1;
-						s_w=1;
-						c_write=0;
-						}
-					}
-				}
-			else
-				{
-				j=(sw_num > (long)sizeof(sbuf))?
-					sizeof(sbuf):(int)sw_num;
-				i=BIO_write(s_bio,sbuf,j);
-				if (i < 0)
-					{
-					s_r=0;
-					s_w=0;
-					if (BIO_should_retry(s_bio))
-						{
-						if (BIO_should_read(s_bio))
-							s_r=1;
-						if (BIO_should_write(s_bio))
-							s_w=1;
-						}
-					else
-						{
-						fprintf(stderr,"ERROR in SERVER\n");
-						ERR_print_errors(bio_err);
-						goto err;
-						}
-					}
-				else if (i == 0)
-					{
-					ERR_print_errors(bio_err);
-					fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
-					goto err;
-					}
-				else
-					{
-					if (debug)
-						printf("server wrote %d\n",i);
-					sw_num-=i;
-					s_write=0;
-					c_r=1;
-					if (sw_num <= 0)
-						done|=S_DONE;
-					}
-				}
-			}
-
-		if ((done & S_DONE) && (done & C_DONE)) break;
-		}
-
-	if (verbose)
-		print_details(c_ssl, "DONE: ");
-	ret=0;
-err:
-	/* We have to set the BIO's to NULL otherwise they will be
-	 * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
-	 * again when c_ssl is SSL_free()ed.
-	 * This is a hack required because s_ssl and c_ssl are sharing the same
-	 * BIO structure and SSL_set_bio() and SSL_free() automatically
-	 * BIO_free non NULL entries.
-	 * You should not normally do this or be required to do this */
-	if (s_ssl != NULL)
-		{
-		s_ssl->rbio=NULL;
-		s_ssl->wbio=NULL;
-		}
-	if (c_ssl != NULL)
-		{
-		c_ssl->rbio=NULL;
-		c_ssl->wbio=NULL;
-		}
-
-	if (c_to_s != NULL) BIO_free(c_to_s);
-	if (s_to_c != NULL) BIO_free(s_to_c);
-	if (c_bio != NULL) BIO_free_all(c_bio);
-	if (s_bio != NULL) BIO_free_all(s_bio);
-	return(ret);
-	}
-
-static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	char *s,buf[256];
-
-	s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
-			    sizeof buf);
-	if (s != NULL)
-		{
-		if (ok)
-			fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf);
-		else
-			fprintf(stderr,"depth=%d error=%d %s\n",
-				ctx->error_depth,ctx->error,buf);
-		}
-
-	if (ok == 0)
-		{
-		switch (ctx->error)
-			{
-		case X509_V_ERR_CERT_NOT_YET_VALID:
-		case X509_V_ERR_CERT_HAS_EXPIRED:
-		case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-			ok=1;
-			}
-		}
-
-	return(ok);
-	}
-
-static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
-	{
-	char *s = NULL,buf[256];
-	int ok=1;
-
-	fprintf(stderr, "In app_verify_callback, allowing cert. ");
-	fprintf(stderr, "Arg is: %s\n", (char *)arg);
-	fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
-			(unsigned int)ctx, (unsigned int)ctx->cert);
-	if (ctx->cert)
-		s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
-	if (s != NULL)
-		{
-			fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
-		}
-
-	return(ok);
-	}
-
-#ifndef OPENSSL_NO_RSA
-static RSA *rsa_tmp=NULL;
-
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
-	{
-	if (rsa_tmp == NULL)
-		{
-		BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
-		(void)BIO_flush(bio_err);
-		rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
-		BIO_printf(bio_err,"\n");
-		(void)BIO_flush(bio_err);
-		}
-	return(rsa_tmp);
-	}
-
-static void free_tmp_rsa(void)
-	{
-	if (rsa_tmp != NULL)
-		{
-		RSA_free(rsa_tmp);
-		rsa_tmp = NULL;
-		}
-	}
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* These DH parameters have been generated as follows:
- *    $ openssl dhparam -C -noout 512
- *    $ openssl dhparam -C -noout 1024
- *    $ openssl dhparam -C -noout -dsaparam 1024
- * (The third function has been renamed to avoid name conflicts.)
- */
-static DH *get_dh512()
-	{
-	static unsigned char dh512_p[]={
-		0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
-		0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
-		0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
-		0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
-		0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
-		0x02,0xC5,0xAE,0x23,
-		};
-	static unsigned char dh512_g[]={
-		0x02,
-		};
-	DH *dh;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		{ DH_free(dh); return(NULL); }
-	return(dh);
-	}
-
-static DH *get_dh1024()
-	{
-	static unsigned char dh1024_p[]={
-		0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
-		0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
-		0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
-		0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
-		0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
-		0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
-		0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
-		0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
-		0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
-		0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
-		0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
-		};
-	static unsigned char dh1024_g[]={
-		0x02,
-		};
-	DH *dh;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		{ DH_free(dh); return(NULL); }
-	return(dh);
-	}
-
-static DH *get_dh1024dsa()
-	{
-	static unsigned char dh1024_p[]={
-		0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
-		0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
-		0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
-		0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
-		0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
-		0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
-		0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
-		0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
-		0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
-		0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
-		0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
-		};
-	static unsigned char dh1024_g[]={
-		0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
-		0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
-		0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
-		0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
-		0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
-		0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
-		0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
-		0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
-		0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
-		0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
-		0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
-		};
-	DH *dh;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		{ DH_free(dh); return(NULL); }
-	dh->length = 160;
-	return(dh);
-	}
-#endif
diff --git a/crypto/openssl/ssl/t1_clnt.c b/crypto/openssl/ssl/t1_clnt.c
deleted file mode 100644
index 57205fb429ab..000000000000
--- a/crypto/openssl/ssl/t1_clnt.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* ssl/t1_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static SSL_METHOD *tls1_get_client_method(int ver);
-static SSL_METHOD *tls1_get_client_method(int ver)
-	{
-	if (ver == TLS1_VERSION)
-		return(TLSv1_client_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *TLSv1_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_client_data.ssl_connect=ssl3_connect;
-			TLSv1_client_data.get_ssl_method=tls1_get_client_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&TLSv1_client_data);
-	}
-
diff --git a/crypto/openssl/ssl/t1_enc.c b/crypto/openssl/ssl/t1_enc.c
deleted file mode 100644
index 271e247eea74..000000000000
--- a/crypto/openssl/ssl/t1_enc.c
+++ /dev/null
@@ -1,814 +0,0 @@
-/* ssl/t1_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/comp.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-
-static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
-			int sec_len, unsigned char *seed, int seed_len,
-			unsigned char *out, int olen)
-	{
-	int chunk,n;
-	unsigned int j;
-	HMAC_CTX ctx;
-	HMAC_CTX ctx_tmp;
-	unsigned char A1[EVP_MAX_MD_SIZE];
-	unsigned int A1_len;
-	
-	chunk=EVP_MD_size(md);
-
-	HMAC_CTX_init(&ctx);
-	HMAC_CTX_init(&ctx_tmp);
-	HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
-	HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
-	HMAC_Update(&ctx,seed,seed_len);
-	HMAC_Final(&ctx,A1,&A1_len);
-
-	n=0;
-	for (;;)
-		{
-		HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
-		HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
-		HMAC_Update(&ctx,A1,A1_len);
-		HMAC_Update(&ctx_tmp,A1,A1_len);
-		HMAC_Update(&ctx,seed,seed_len);
-
-		if (olen > chunk)
-			{
-			HMAC_Final(&ctx,out,&j);
-			out+=j;
-			olen-=j;
-			HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
-			}
-		else	/* last one */
-			{
-			HMAC_Final(&ctx,A1,&A1_len);
-			memcpy(out,A1,olen);
-			break;
-			}
-		}
-	HMAC_CTX_cleanup(&ctx);
-	HMAC_CTX_cleanup(&ctx_tmp);
-	OPENSSL_cleanse(A1,sizeof(A1));
-	}
-
-static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
-		     unsigned char *label, int label_len,
-		     const unsigned char *sec, int slen, unsigned char *out1,
-		     unsigned char *out2, int olen)
-	{
-	int len,i;
-	const unsigned char *S1,*S2;
-
-	len=slen/2;
-	S1=sec;
-	S2= &(sec[len]);
-	len+=(slen&1); /* add for odd, make longer */
-
-	
-	tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
-	tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
-
-	for (i=0; i<olen; i++)
-		out1[i]^=out2[i];
-	}
-
-static void tls1_generate_key_block(SSL *s, unsigned char *km,
-	     unsigned char *tmp, int num)
-	{
-	unsigned char *p;
-	unsigned char buf[SSL3_RANDOM_SIZE*2+
-		TLS_MD_MAX_CONST_SIZE];
-	p=buf;
-
-	memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
-		TLS_MD_KEY_EXPANSION_CONST_SIZE);
-	p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
-	memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-	memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
-		 s->session->master_key,s->session->master_key_length,
-		 km,tmp,num);
-#ifdef KSSL_DEBUG
-	printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
-                s->session->master_key_length);
-	{
-        int i;
-        for (i=0; i < s->session->master_key_length; i++)
-                {
-                printf("%02X", s->session->master_key[i]);
-                }
-        printf("\n");  }
-#endif    /* KSSL_DEBUG */
-	}
-
-int tls1_change_cipher_state(SSL *s, int which)
-	{
-	static const unsigned char empty[]="";
-	unsigned char *p,*key_block,*mac_secret;
-	unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
-		SSL3_RANDOM_SIZE*2];
-	unsigned char tmp1[EVP_MAX_KEY_LENGTH];
-	unsigned char tmp2[EVP_MAX_KEY_LENGTH];
-	unsigned char iv1[EVP_MAX_IV_LENGTH*2];
-	unsigned char iv2[EVP_MAX_IV_LENGTH*2];
-	unsigned char *ms,*key,*iv,*er1,*er2;
-	int client_write;
-	EVP_CIPHER_CTX *dd;
-	const EVP_CIPHER *c;
-	const SSL_COMP *comp;
-	const EVP_MD *m;
-	int is_export,n,i,j,k,exp_label_len,cl;
-	int reuse_dd = 0;
-
-	is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-	c=s->s3->tmp.new_sym_enc;
-	m=s->s3->tmp.new_hash;
-	comp=s->s3->tmp.new_compression;
-	key_block=s->s3->tmp.key_block;
-
-#ifdef KSSL_DEBUG
-	printf("tls1_change_cipher_state(which= %d) w/\n", which);
-	printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
-                comp);
-	printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
-	printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
-                c->nid,c->block_size,c->key_len,c->iv_len);
-	printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
-	{
-        int i;
-        for (i=0; i<s->s3->tmp.key_block_length; i++)
-		printf("%02x", key_block[i]);  printf("\n");
-        }
-#endif	/* KSSL_DEBUG */
-
-	if (which & SSL3_CC_READ)
-		{
-		if (s->enc_read_ctx != NULL)
-			reuse_dd = 1;
-		else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-			goto err;
-		dd= s->enc_read_ctx;
-		s->read_hash=m;
-		if (s->expand != NULL)
-			{
-			COMP_CTX_free(s->expand);
-			s->expand=NULL;
-			}
-		if (comp != NULL)
-			{
-			s->expand=COMP_CTX_new(comp->method);
-			if (s->expand == NULL)
-				{
-				SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
-				goto err2;
-				}
-			if (s->s3->rrec.comp == NULL)
-				s->s3->rrec.comp=(unsigned char *)
-					OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
-			if (s->s3->rrec.comp == NULL)
-				goto err;
-			}
-		memset(&(s->s3->read_sequence[0]),0,8);
-		mac_secret= &(s->s3->read_mac_secret[0]);
-		}
-	else
-		{
-		if (s->enc_write_ctx != NULL)
-			reuse_dd = 1;
-		else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-			goto err;
-		if ((s->enc_write_ctx == NULL) &&
-			((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-			OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-			goto err;
-		dd= s->enc_write_ctx;
-		s->write_hash=m;
-		if (s->compress != NULL)
-			{
-			COMP_CTX_free(s->compress);
-			s->compress=NULL;
-			}
-		if (comp != NULL)
-			{
-			s->compress=COMP_CTX_new(comp->method);
-			if (s->compress == NULL)
-				{
-				SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
-				goto err2;
-				}
-			}
-		memset(&(s->s3->write_sequence[0]),0,8);
-		mac_secret= &(s->s3->write_mac_secret[0]);
-		}
-
-	if (reuse_dd)
-		EVP_CIPHER_CTX_cleanup(dd);
-	EVP_CIPHER_CTX_init(dd);
-
-	p=s->s3->tmp.key_block;
-	i=EVP_MD_size(m);
-	cl=EVP_CIPHER_key_length(c);
-	j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
-	               cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
-	/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
-	k=EVP_CIPHER_iv_length(c);
-	er1= &(s->s3->client_random[0]);
-	er2= &(s->s3->server_random[0]);
-	if (	(which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-		(which == SSL3_CHANGE_CIPHER_SERVER_READ))
-		{
-		ms=  &(p[ 0]); n=i+i;
-		key= &(p[ n]); n+=j+j;
-		iv=  &(p[ n]); n+=k+k;
-		exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
-		exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
-		client_write=1;
-		}
-	else
-		{
-		n=i;
-		ms=  &(p[ n]); n+=i+j;
-		key= &(p[ n]); n+=j+k;
-		iv=  &(p[ n]); n+=k;
-		exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
-		exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
-		client_write=0;
-		}
-
-	if (n > s->s3->tmp.key_block_length)
-		{
-		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
-		goto err2;
-		}
-
-	memcpy(mac_secret,ms,i);
-#ifdef TLS_DEBUG
-printf("which = %04X\nmac key=",which);
-{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
-#endif
-	if (is_export)
-		{
-		/* In here I set both the read and write key/iv to the
-		 * same value since only the correct one will be used :-).
-		 */
-		p=buf;
-		memcpy(p,exp_label,exp_label_len);
-		p+=exp_label_len;
-		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-		tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
-			 tmp1,tmp2,EVP_CIPHER_key_length(c));
-		key=tmp1;
-
-		if (k > 0)
-			{
-			p=buf;
-			memcpy(p,TLS_MD_IV_BLOCK_CONST,
-				TLS_MD_IV_BLOCK_CONST_SIZE);
-			p+=TLS_MD_IV_BLOCK_CONST_SIZE;
-			memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-			p+=SSL3_RANDOM_SIZE;
-			memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-			p+=SSL3_RANDOM_SIZE;
-			tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
-				 iv1,iv2,k*2);
-			if (client_write)
-				iv=iv1;
-			else
-				iv= &(iv1[k]);
-			}
-		}
-
-	s->session->key_arg_length=0;
-#ifdef KSSL_DEBUG
-	{
-        int i;
-	printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
-	printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
-	printf("\n");
-	printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
-	printf("\n");
-	}
-#endif	/* KSSL_DEBUG */
-
-	EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
-#ifdef TLS_DEBUG
-printf("which = %04X\nkey=",which);
-{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
-printf("\niv=");
-{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
-printf("\n");
-#endif
-
-	OPENSSL_cleanse(tmp1,sizeof(tmp1));
-	OPENSSL_cleanse(tmp2,sizeof(tmp1));
-	OPENSSL_cleanse(iv1,sizeof(iv1));
-	OPENSSL_cleanse(iv2,sizeof(iv2));
-	return(1);
-err:
-	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
-err2:
-	return(0);
-	}
-
-int tls1_setup_key_block(SSL *s)
-	{
-	unsigned char *p1,*p2;
-	const EVP_CIPHER *c;
-	const EVP_MD *hash;
-	int num;
-	SSL_COMP *comp;
-
-#ifdef KSSL_DEBUG
-	printf ("tls1_setup_key_block()\n");
-#endif	/* KSSL_DEBUG */
-
-	if (s->s3->tmp.key_block_length != 0)
-		return(1);
-
-	if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
-		{
-		SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-		return(0);
-		}
-
-	s->s3->tmp.new_sym_enc=c;
-	s->s3->tmp.new_hash=hash;
-
-	num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
-	num*=2;
-
-	ssl3_cleanup_key_block(s);
-
-	if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
-		goto err;
-	if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
-		goto err;
-
-	s->s3->tmp.key_block_length=num;
-	s->s3->tmp.key_block=p1;
-
-
-#ifdef TLS_DEBUG
-printf("client random\n");
-{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
-printf("server random\n");
-{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
-printf("pre-master\n");
-{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
-#endif
-	tls1_generate_key_block(s,p1,p2,num);
-	OPENSSL_cleanse(p2,num);
-	OPENSSL_free(p2);
-#ifdef TLS_DEBUG
-printf("\nkey block\n");
-{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
-#endif
-
-	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
-		{
-		/* enable vulnerability countermeasure for CBC ciphers with
-		 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-		 */
-		s->s3->need_empty_fragments = 1;
-
-		if (s->session->cipher != NULL)
-			{
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
-				s->s3->need_empty_fragments = 0;
-			
-#ifndef OPENSSL_NO_RC4
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
-				s->s3->need_empty_fragments = 0;
-#endif
-			}
-		}
-
-	return(1);
-err:
-	SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-int tls1_enc(SSL *s, int send)
-	{
-	SSL3_RECORD *rec;
-	EVP_CIPHER_CTX *ds;
-	unsigned long l;
-	int bs,i,ii,j,k,n=0;
-	const EVP_CIPHER *enc;
-
-	if (send)
-		{
-		if (s->write_hash != NULL)
-			n=EVP_MD_size(s->write_hash);
-		ds=s->enc_write_ctx;
-		rec= &(s->s3->wrec);
-		if (s->enc_write_ctx == NULL)
-			enc=NULL;
-		else
-			enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-		}
-	else
-		{
-		if (s->read_hash != NULL)
-			n=EVP_MD_size(s->read_hash);
-		ds=s->enc_read_ctx;
-		rec= &(s->s3->rrec);
-		if (s->enc_read_ctx == NULL)
-			enc=NULL;
-		else
-			enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-		}
-
-#ifdef KSSL_DEBUG
-	printf("tls1_enc(%d)\n", send);
-#endif    /* KSSL_DEBUG */
-
-	if ((s->session == NULL) || (ds == NULL) ||
-		(enc == NULL))
-		{
-		memmove(rec->data,rec->input,rec->length);
-		rec->input=rec->data;
-		}
-	else
-		{
-		l=rec->length;
-		bs=EVP_CIPHER_block_size(ds->cipher);
-
-		if ((bs != 1) && send)
-			{
-			i=bs-((int)l%bs);
-
-			/* Add weird padding of upto 256 bytes */
-
-			/* we need to add 'i' padding bytes of value j */
-			j=i-1;
-			if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
-				{
-				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
-					j++;
-				}
-			for (k=(int)l; k<(int)(l+i); k++)
-				rec->input[k]=j;
-			l+=i;
-			rec->length+=i;
-			}
-
-#ifdef KSSL_DEBUG
-		{
-                unsigned long ui;
-		printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
-                        ds,rec->data,rec->input,l);
-		printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
-                        ds->buf_len, ds->cipher->key_len,
-                        DES_KEY_SZ, DES_SCHEDULE_SZ,
-                        ds->cipher->iv_len);
-		printf("\t\tIV: ");
-		for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
-		printf("\n");
-		printf("\trec->input=");
-		for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
-		printf("\n");
-		}
-#endif	/* KSSL_DEBUG */
-
-		if (!send)
-			{
-			if (l == 0 || l%bs != 0)
-				{
-				SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
-				return 0;
-				}
-			}
-		
-		EVP_Cipher(ds,rec->data,rec->input,l);
-
-#ifdef KSSL_DEBUG
-		{
-                unsigned long i;
-                printf("\trec->data=");
-		for (i=0; i<l; i++)
-                        printf(" %02x", rec->data[i]);  printf("\n");
-                }
-#endif	/* KSSL_DEBUG */
-
-		if ((bs != 1) && !send)
-			{
-			ii=i=rec->data[l-1]; /* padding_length */
-			i++;
-			if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
-				{
-				/* First packet is even in size, so check */
-				if ((memcmp(s->s3->read_sequence,
-					"\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
-					s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
-				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
-					i--;
-				}
-			/* TLS 1.0 does not bound the number of padding bytes by the block size.
-			 * All of them must have value 'padding_length'. */
-			if (i > (int)rec->length)
-				{
-				/* Incorrect padding. SSLerr() and ssl3_alert are done
-				 * by caller: we don't want to reveal whether this is
-				 * a decryption error or a MAC verification failure
-				 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
-				return -1;
-				}
-			for (j=(int)(l-i); j<(int)l; j++)
-				{
-				if (rec->data[j] != ii)
-					{
-					/* Incorrect padding */
-					return -1;
-					}
-				}
-			rec->length-=i;
-			}
-		}
-	return(1);
-	}
-
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
-	{
-	unsigned int ret;
-	EVP_MD_CTX ctx;
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in_ctx);
-	EVP_DigestFinal_ex(&ctx,out,&ret);
-	EVP_MD_CTX_cleanup(&ctx);
-	return((int)ret);
-	}
-
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
-	     const char *str, int slen, unsigned char *out)
-	{
-	unsigned int i;
-	EVP_MD_CTX ctx;
-	unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
-	unsigned char *q,buf2[12];
-
-	q=buf;
-	memcpy(q,str,slen);
-	q+=slen;
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in1_ctx);
-	EVP_DigestFinal_ex(&ctx,q,&i);
-	q+=i;
-	EVP_MD_CTX_copy_ex(&ctx,in2_ctx);
-	EVP_DigestFinal_ex(&ctx,q,&i);
-	q+=i;
-
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
-		s->session->master_key,s->session->master_key_length,
-		out,buf2,sizeof buf2);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return sizeof buf2;
-	}
-
-int tls1_mac(SSL *ssl, unsigned char *md, int send)
-	{
-	SSL3_RECORD *rec;
-	unsigned char *mac_sec,*seq;
-	const EVP_MD *hash;
-	unsigned int md_size;
-	int i;
-	HMAC_CTX hmac;
-	unsigned char buf[5]; 
-
-	if (send)
-		{
-		rec= &(ssl->s3->wrec);
-		mac_sec= &(ssl->s3->write_mac_secret[0]);
-		seq= &(ssl->s3->write_sequence[0]);
-		hash=ssl->write_hash;
-		}
-	else
-		{
-		rec= &(ssl->s3->rrec);
-		mac_sec= &(ssl->s3->read_mac_secret[0]);
-		seq= &(ssl->s3->read_sequence[0]);
-		hash=ssl->read_hash;
-		}
-
-	md_size=EVP_MD_size(hash);
-
-	buf[0]=rec->type;
-	buf[1]=TLS1_VERSION_MAJOR;
-	buf[2]=TLS1_VERSION_MINOR;
-	buf[3]=rec->length>>8;
-	buf[4]=rec->length&0xff;
-
-	/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
-	HMAC_CTX_init(&hmac);
-	HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
-	HMAC_Update(&hmac,seq,8);
-	HMAC_Update(&hmac,buf,5);
-	HMAC_Update(&hmac,rec->input,rec->length);
-	HMAC_Final(&hmac,md,&md_size);
-	HMAC_CTX_cleanup(&hmac);
-
-#ifdef TLS_DEBUG
-printf("sec=");
-{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
-printf("seq=");
-{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
-printf("buf=");
-{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
-printf("rec=");
-{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
-#endif
-
-	for (i=7; i>=0; i--)
-		{
-		++seq[i];
-		if (seq[i] != 0) break; 
-		}
-
-#ifdef TLS_DEBUG
-{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
-#endif
-	return(md_size);
-	}
-
-int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
-	     int len)
-	{
-	unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
-	unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
-
-#ifdef KSSL_DEBUG
-	printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
-#endif	/* KSSL_DEBUG */
-
-	/* Setup the stuff to munge */
-	memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
-		TLS_MD_MASTER_SECRET_CONST_SIZE);
-	memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
-		s->s3->client_random,SSL3_RANDOM_SIZE);
-	memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
-		s->s3->server_random,SSL3_RANDOM_SIZE);
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,
-		buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
-		s->session->master_key,buff,sizeof buff);
-#ifdef KSSL_DEBUG
-	printf ("tls1_generate_master_secret() complete\n");
-#endif	/* KSSL_DEBUG */
-	return(SSL3_MASTER_SECRET_SIZE);
-	}
-
-int tls1_alert_code(int code)
-	{
-	switch (code)
-		{
-	case SSL_AD_CLOSE_NOTIFY:	return(SSL3_AD_CLOSE_NOTIFY);
-	case SSL_AD_UNEXPECTED_MESSAGE:	return(SSL3_AD_UNEXPECTED_MESSAGE);
-	case SSL_AD_BAD_RECORD_MAC:	return(SSL3_AD_BAD_RECORD_MAC);
-	case SSL_AD_DECRYPTION_FAILED:	return(TLS1_AD_DECRYPTION_FAILED);
-	case SSL_AD_RECORD_OVERFLOW:	return(TLS1_AD_RECORD_OVERFLOW);
-	case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
-	case SSL_AD_HANDSHAKE_FAILURE:	return(SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_NO_CERTIFICATE:	return(-1);
-	case SSL_AD_BAD_CERTIFICATE:	return(SSL3_AD_BAD_CERTIFICATE);
-	case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
-	case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
-	case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
-	case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
-	case SSL_AD_ILLEGAL_PARAMETER:	return(SSL3_AD_ILLEGAL_PARAMETER);
-	case SSL_AD_UNKNOWN_CA:		return(TLS1_AD_UNKNOWN_CA);
-	case SSL_AD_ACCESS_DENIED:	return(TLS1_AD_ACCESS_DENIED);
-	case SSL_AD_DECODE_ERROR:	return(TLS1_AD_DECODE_ERROR);
-	case SSL_AD_DECRYPT_ERROR:	return(TLS1_AD_DECRYPT_ERROR);
-	case SSL_AD_EXPORT_RESTRICTION:	return(TLS1_AD_EXPORT_RESTRICTION);
-	case SSL_AD_PROTOCOL_VERSION:	return(TLS1_AD_PROTOCOL_VERSION);
-	case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
-	case SSL_AD_INTERNAL_ERROR:	return(TLS1_AD_INTERNAL_ERROR);
-	case SSL_AD_USER_CANCELLED:	return(TLS1_AD_USER_CANCELLED);
-	case SSL_AD_NO_RENEGOTIATION:	return(TLS1_AD_NO_RENEGOTIATION);
-	default:			return(-1);
-		}
-	}
-
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c
deleted file mode 100644
index ca6c03d5af18..000000000000
--- a/crypto/openssl/ssl/t1_lib.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* ssl/t1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
-
-static long tls1_default_timeout(void);
-
-static SSL3_ENC_METHOD TLSv1_enc_data={
-	tls1_enc,
-	tls1_mac,
-	tls1_setup_key_block,
-	tls1_generate_master_secret,
-	tls1_change_cipher_state,
-	tls1_final_finish_mac,
-	TLS1_FINISH_MAC_LENGTH,
-	tls1_cert_verify_mac,
-	TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
-	TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
-	tls1_alert_code,
-	};
-
-static SSL_METHOD TLSv1_data= {
-	TLS1_VERSION,
-	tls1_new,
-	tls1_clear,
-	tls1_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl3_read,
-	ssl3_peek,
-	ssl3_write,
-	ssl3_shutdown,
-	ssl3_renegotiate,
-	ssl3_renegotiate_check,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl3_get_cipher_by_char,
-	ssl3_put_cipher_by_char,
-	ssl3_pending,
-	ssl3_num_ciphers,
-	ssl3_get_cipher,
-	ssl_bad_method,
-	tls1_default_timeout,
-	&TLSv1_enc_data,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long tls1_default_timeout(void)
-	{
-	/* 2 hours, the 24 hours mentioned in the TLSv1 spec
-	 * is way too long for http, the cache would over fill */
-	return(60*60*2);
-	}
-
-SSL_METHOD *tlsv1_base_method(void)
-	{
-	return(&TLSv1_data);
-	}
-
-int tls1_new(SSL *s)
-	{
-	if (!ssl3_new(s)) return(0);
-	s->method->ssl_clear(s);
-	return(1);
-	}
-
-void tls1_free(SSL *s)
-	{
-	ssl3_free(s);
-	}
-
-void tls1_clear(SSL *s)
-	{
-	ssl3_clear(s);
-	s->version=TLS1_VERSION;
-	}
-
-#if 0
-long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
-	{
-	return(0);
-	}
-
-long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
-	{
-	return(0);
-	}
-#endif
diff --git a/crypto/openssl/ssl/t1_meth.c b/crypto/openssl/ssl/t1_meth.c
deleted file mode 100644
index fcc243f78264..000000000000
--- a/crypto/openssl/ssl/t1_meth.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* ssl/t1_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *tls1_get_method(int ver);
-static SSL_METHOD *tls1_get_method(int ver)
-	{
-	if (ver == TLS1_VERSION)
-		return(TLSv1_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *TLSv1_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_data.ssl_connect=ssl3_connect;
-			TLSv1_data.ssl_accept=ssl3_accept;
-			TLSv1_data.get_ssl_method=tls1_get_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	
-	return(&TLSv1_data);
-	}
-
diff --git a/crypto/openssl/ssl/t1_srvr.c b/crypto/openssl/ssl/t1_srvr.c
deleted file mode 100644
index 1c1149e49fe1..000000000000
--- a/crypto/openssl/ssl/t1_srvr.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* ssl/t1_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-static SSL_METHOD *tls1_get_server_method(int ver);
-static SSL_METHOD *tls1_get_server_method(int ver)
-	{
-	if (ver == TLS1_VERSION)
-		return(TLSv1_server_method());
-	else
-		return(NULL);
-	}
-
-SSL_METHOD *TLSv1_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_server_data.ssl_accept=ssl3_accept;
-			TLSv1_server_data.get_ssl_method=tls1_get_server_method;
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&TLSv1_server_data);
-	}
-
diff --git a/crypto/openssl/ssl/tls1.h b/crypto/openssl/ssl/tls1.h
deleted file mode 100644
index 38838ea9a5da..000000000000
--- a/crypto/openssl/ssl/tls1.h
+++ /dev/null
@@ -1,195 +0,0 @@
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TLS1_H 
-#define HEADER_TLS1_H 
-
-#include <openssl/buffer.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES	1
-
-#define TLS1_VERSION			0x0301
-#define TLS1_VERSION_MAJOR		0x03
-#define TLS1_VERSION_MINOR		0x01
-
-#define TLS1_AD_DECRYPTION_FAILED	21
-#define TLS1_AD_RECORD_OVERFLOW		22
-#define TLS1_AD_UNKNOWN_CA		48	/* fatal */
-#define TLS1_AD_ACCESS_DENIED		49	/* fatal */
-#define TLS1_AD_DECODE_ERROR		50	/* fatal */
-#define TLS1_AD_DECRYPT_ERROR		51
-#define TLS1_AD_EXPORT_RESTRICTION	60	/* fatal */
-#define TLS1_AD_PROTOCOL_VERSION	70	/* fatal */
-#define TLS1_AD_INSUFFICIENT_SECURITY	71	/* fatal */
-#define TLS1_AD_INTERNAL_ERROR		80	/* fatal */
-#define TLS1_AD_USER_CANCELLED		90
-#define TLS1_AD_NO_RENEGOTIATION	100
-
-/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
- * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
- * s3_lib.c).  We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't. */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5		0x03000060
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	0x03000061
-#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA		0x03000062
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	0x03000063
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA		0x03000064
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	0x03000065
-#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA		0x03000066
-
-/* AES ciphersuites from RFC3268 */
-
-#define TLS1_CK_RSA_WITH_AES_128_SHA			0x0300002F
-#define TLS1_CK_DH_DSS_WITH_AES_128_SHA			0x03000030
-#define TLS1_CK_DH_RSA_WITH_AES_128_SHA			0x03000031
-#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA		0x03000032
-#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA		0x03000033
-#define TLS1_CK_ADH_WITH_AES_128_SHA			0x03000034
-
-#define TLS1_CK_RSA_WITH_AES_256_SHA			0x03000035
-#define TLS1_CK_DH_DSS_WITH_AES_256_SHA			0x03000036
-#define TLS1_CK_DH_RSA_WITH_AES_256_SHA			0x03000037
-#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA		0x03000038
-#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA		0x03000039
-#define TLS1_CK_ADH_WITH_AES_256_SHA			0x0300003A
-
-/* XXX
- * Inconsistency alert:
- * The OpenSSL names of ciphers with ephemeral DH here include the string
- * "DHE", while elsewhere it has always been "EDH".
- * (The alias for the list of all such ciphers also is "EDH".)
- * The specifications speak of "EDH"; maybe we should allow both forms
- * for everything. */
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5		"EXP1024-RC4-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	"EXP1024-RC2-CBC-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DES-CBC-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DHE-DSS-DES-CBC-SHA"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA		"EXP1024-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	"EXP1024-DHE-DSS-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA		"DHE-DSS-RC4-SHA"
-
-/* AES ciphersuites from RFC3268 */
-#define TLS1_TXT_RSA_WITH_AES_128_SHA			"AES128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA		"DH-DSS-AES128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA		"DH-RSA-AES128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA		"DHE-DSS-AES128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA		"DHE-RSA-AES128-SHA"
-#define TLS1_TXT_ADH_WITH_AES_128_SHA			"ADH-AES128-SHA"
-
-#define TLS1_TXT_RSA_WITH_AES_256_SHA			"AES256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA		"DH-DSS-AES256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA		"DH-RSA-AES256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA		"DHE-DSS-AES256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA		"DHE-RSA-AES256-SHA"
-#define TLS1_TXT_ADH_WITH_AES_256_SHA			"ADH-AES256-SHA"
-
-
-#define TLS_CT_RSA_SIGN			1
-#define TLS_CT_DSS_SIGN			2
-#define TLS_CT_RSA_FIXED_DH		3
-#define TLS_CT_DSS_FIXED_DH		4
-#define TLS_CT_NUMBER			4
-
-#define TLS1_FINISH_MAC_LENGTH		12
-
-#define TLS_MD_MAX_CONST_SIZE			20
-#define TLS_MD_CLIENT_FINISH_CONST		"client finished"
-#define TLS_MD_CLIENT_FINISH_CONST_SIZE		15
-#define TLS_MD_SERVER_FINISH_CONST		"server finished"
-#define TLS_MD_SERVER_FINISH_CONST_SIZE		15
-#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_KEY_EXPANSION_CONST		"key expansion"
-#define TLS_MD_KEY_EXPANSION_CONST_SIZE		13
-#define TLS_MD_CLIENT_WRITE_KEY_CONST		"client write key"
-#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_IV_BLOCK_CONST			"IV block"
-#define TLS_MD_IV_BLOCK_CONST_SIZE		8
-#define TLS_MD_MASTER_SECRET_CONST		"master secret"
-#define TLS_MD_MASTER_SECRET_CONST_SIZE		13
-
-#ifdef CHARSET_EBCDIC
-#undef TLS_MD_CLIENT_FINISH_CONST
-#define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*client finished*/
-#undef TLS_MD_SERVER_FINISH_CONST
-#define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*server finished*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
-#undef TLS_MD_KEY_EXPANSION_CONST
-#define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"  /*key expansion*/
-#undef TLS_MD_CLIENT_WRITE_KEY_CONST
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*client write key*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
-#undef TLS_MD_IV_BLOCK_CONST
-#define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"  /*IV block*/
-#undef TLS_MD_MASTER_SECRET_CONST
-#define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
-#endif
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/crypto/openssl/test/CAss.cnf b/crypto/openssl/test/CAss.cnf
deleted file mode 100644
index b941b7ae1570..000000000000
--- a/crypto/openssl/test/CAss.cnf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= sha1
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName		= Organization Name (eg, company)
-organizationName_value		= Dodgy Brothers
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Dodgy CA
diff --git a/crypto/openssl/test/CAssdh.cnf b/crypto/openssl/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679f7..000000000000
--- a/crypto/openssl/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DH certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = CU
-countryName_value             = CU
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = La Junta de la Revolucion
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Junta
-
diff --git a/crypto/openssl/test/CAssdsa.cnf b/crypto/openssl/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c95..000000000000
--- a/crypto/openssl/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
diff --git a/crypto/openssl/test/CAssrsa.cnf b/crypto/openssl/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0ef..000000000000
--- a/crypto/openssl/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
-
diff --git a/crypto/openssl/test/Makefile.save b/crypto/openssl/test/Makefile.save
deleted file mode 100644
index b4abd96e7093..000000000000
--- a/crypto/openssl/test/Makefile.save
+++ /dev/null
@@ -1,420 +0,0 @@
-#
-# test/Makefile.ssl
-#
-
-DIR=		test
-TOP=		..
-CC=		cc
-INCLUDES=	-I../include
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKEFILE=	Makefile.ssl
-MAKE=		make -f $(MAKEFILE)
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-PERL=		perl
-
-PEX_LIBS=
-EX_LIBS= #-lnsl -lsocket
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile.ssl maketests.com \
-	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
-	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
-	testca.com VMSca-response.1 VMSca-response.2
-
-DLIBCRYPTO= ../libcrypto.a
-DLIBSSL= ../libssl.a
-LIBCRYPTO= -L.. -lcrypto
-LIBSSL= -L.. -lssl
-
-BNTEST=		bntest
-EXPTEST=	exptest
-IDEATEST=	ideatest
-SHATEST=	shatest
-SHA1TEST=	sha1test
-MDC2TEST=	mdc2test
-RMDTEST=	rmdtest
-MD2TEST=	md2test
-MD4TEST=	md4test
-MD5TEST=	md5test
-HMACTEST=	hmactest
-RC2TEST=	rc2test
-RC4TEST=	rc4test
-RC5TEST=	rc5test
-BFTEST=		bftest
-CASTTEST=	casttest
-DESTEST=	destest
-RANDTEST=	randtest
-DHTEST=		dhtest
-DSATEST=	dsatest
-METHTEST=	methtest
-SSLTEST=	ssltest
-RSATEST=	rsa_test
-
-EXE=	$(BNTEST) $(IDEATEST) $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
-	$(RC2TEST) $(RC4TEST) $(RC5TEST) \
-	$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
-	$(RANDTEST) $(DHTEST) \
-	$(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST)
-
-# $(METHTEST)
-
-OBJ=	$(BNTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
-	$(HMACTEST).o \
-	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
-	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
-	$(RANDTEST).o $(DHTEST).o $(CASTTEST).o \
-	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o
-SRC=	$(BNTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
-	$(HMACTEST).c \
-	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
-	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
-	$(RANDTEST).c $(DHTEST).c $(CASTTEST).c \
-	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c
-
-EXHEADER= 
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(EXE)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-errors:
-
-install:
-
-tags:
-	ctags $(SRC)
-
-tests:	exe apps \
-	test_des test_idea test_sha test_md4 test_md5 test_hmac \
-	test_md2 test_mdc2 \
-	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast \
-	test_rand test_bn test_enc test_x509 test_rsa test_crl test_sid \
-	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
-	test_ss test_ca test_ssl
-
-apps:
-	@(cd ../apps; $(MAKE)  CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all)
-
-test_des:
-	./$(DESTEST)
-
-test_idea:
-	./$(IDEATEST)
-
-test_sha:
-	./$(SHATEST)
-	./$(SHA1TEST)
-
-test_mdc2:
-	./$(MDC2TEST)
-
-test_md5:
-	./$(MD5TEST)
-
-test_md4:
-	./$(MD4TEST)
-
-test_hmac:
-	./$(HMACTEST)
-
-test_md2:
-	./$(MD2TEST)
-
-test_rmd:
-	./$(RMDTEST)
-
-test_bf:
-	./$(BFTEST)
-
-test_cast:
-	./$(CASTTEST)
-
-test_rc2:
-	./$(RC2TEST)
-
-test_rc4:
-	./$(RC4TEST)
-
-test_rc5:
-	./$(RC5TEST)
-
-test_rand:
-	./$(RANDTEST)
-
-test_enc:
-	@sh ./testenc
-
-test_x509:
-	echo test normal x509v1 certificate
-	sh ./tx509 2>/dev/null
-	echo test first x509v3 certificate
-	sh ./tx509 v3-cert1.pem 2>/dev/null
-	echo test second x509v3 certificate
-	sh ./tx509 v3-cert2.pem 2>/dev/null
-
-test_rsa:
-	@sh ./trsa 2>/dev/null
-	./$(RSATEST)
-
-test_crl:
-	@sh ./tcrl 2>/dev/null
-
-test_sid:
-	@sh ./tsid 2>/dev/null
-
-test_req:
-	@sh ./treq 2>/dev/null
-	@sh ./treq testreq2.pem 2>/dev/null
-
-test_pkcs7:
-	@sh ./tpkcs7 2>/dev/null
-	@sh ./tpkcs7d 2>/dev/null
-
-test_bn:
-	@echo starting big number library test, could take a while...
-	@./$(BNTEST) >tmp.bntest
-	@echo quit >>tmp.bntest
-	@echo "running bc"
-	@<tmp.bntest sh -c "`sh ./bctest`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
-	@echo 'test a^b%c implementations'
-	./$(EXPTEST)
-
-test_verify:
-	@echo "The following command should have some OK's and some failures"
-	@echo "There are definitly a few expired certificates"
-	../apps/openssl verify -CApath ../certs ../certs/*.pem
-
-test_dh:
-	@echo "Generate a set of DH parameters"
-	./$(DHTEST)
-
-test_dsa:
-	@echo "Generate a set of DSA parameters"
-	./$(DSATEST)
-	./$(DSATEST) -app2_1
-
-test_gen:
-	@echo "Generate and verify a certificate request"
-	@sh ./testgen
-
-test_ss keyU.ss certU.ss certCA.ss: testss
-	@echo "Generate and certify a test certificate"
-	@sh ./testss
-
-test_ssl: keyU.ss certU.ss certCA.ss
-	@echo "test SSL protocol"
-	@sh ./testssl keyU.ss certU.ss certCA.ss
-
-test_ca:
-	@if ../apps/openssl no-rsa; then \
-	  echo "skipping CA.sh test -- requires RSA"; \
-	else \
-	  echo "Generate and certify a test certificate via the 'ca' program"; \
-	  sh ./testca; \
- 	fi
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss log
-
-$(DLIBSSL):
-	(cd ../ssl; $(MAKE))
-
-$(DLIBCRYPTO):
-	(cd ../crypto; $(MAKE))
-
-$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
-	$(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
-	$(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
-	$(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
-	$(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-	$(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bftest.o: ../include/openssl/blowfish.h
-bntest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-bntest.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-bntest.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-bntest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-bntest.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
-bntest.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-bntest.o: ../include/openssl/md2.h ../include/openssl/md4.h
-bntest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-bntest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-bntest.o: ../include/openssl/x509_vfy.h
-casttest.o: ../include/openssl/cast.h
-destest.o: ../include/openssl/des.h ../include/openssl/e_os2.h
-destest.o: ../include/openssl/opensslconf.h
-dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dhtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dsatest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dsatest.o: ../include/openssl/dsa.h ../include/openssl/err.h
-dsatest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-dsatest.o: ../include/openssl/opensslv.h ../include/openssl/rand.h
-dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-dsatest.o: ../include/openssl/symhacks.h
-exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-exptest.o: ../include/openssl/crypto.h ../include/openssl/err.h
-exptest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-exptest.o: ../include/openssl/opensslv.h ../include/openssl/rand.h
-exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-exptest.o: ../include/openssl/symhacks.h
-hmactest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-hmactest.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-hmactest.o: ../include/openssl/cast.h ../include/openssl/crypto.h
-hmactest.o: ../include/openssl/des.h ../include/openssl/dh.h
-hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-hmactest.o: ../include/openssl/idea.h ../include/openssl/md2.h
-hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
-hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-hmactest.o: ../include/openssl/opensslv.h ../include/openssl/rc2.h
-hmactest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-hmactest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h
-md2test.o: ../include/openssl/md2.h ../include/openssl/opensslconf.h
-md4test.o: ../include/openssl/md4.h
-md5test.o: ../include/openssl/md5.h
-mdc2test.o: ../include/openssl/des.h ../include/openssl/e_os2.h
-mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/opensslconf.h
-randtest.o: ../include/openssl/rand.h
-rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h
-rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
-rc5test.o: ../include/openssl/rc5.h
-rmdtest.o: ../include/openssl/ripemd.h
-rsa_test.o: ../include/openssl/bio.h ../include/openssl/bn.h
-rsa_test.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/rand.h
-rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-sha1test.o: ../include/openssl/sha.h
-shatest.o: ../include/openssl/sha.h
-ssltest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssltest.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ssltest.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ssltest.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssltest.o: ../include/openssl/des.h ../include/openssl/dh.h
-ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-ssltest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssltest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ssltest.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ssltest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssltest.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssltest.o: ../include/openssl/x509_vfy.h
diff --git a/crypto/openssl/test/Makefile.ssl b/crypto/openssl/test/Makefile.ssl
deleted file mode 100644
index 21ec82dd595f..000000000000
--- a/crypto/openssl/test/Makefile.ssl
+++ /dev/null
@@ -1,768 +0,0 @@
-#
-# test/Makefile.ssl
-#
-
-DIR=		test
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKEFILE=	Makefile.ssl
-MAKE=		make -f $(MAKEFILE)
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-PERL=		perl
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= #-lnsl -lsocket
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile.ssl maketests.com \
-	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
-	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
-	testca.com VMSca-response.1 VMSca-response.2
-
-DLIBCRYPTO= ../libcrypto.a
-DLIBSSL= ../libssl.a
-LIBCRYPTO= -L.. -lcrypto
-LIBSSL= -L.. -lssl
-
-BNTEST=		bntest
-ECTEST=		ectest
-EXPTEST=	exptest
-IDEATEST=	ideatest
-SHATEST=	shatest
-SHA1TEST=	sha1test
-MDC2TEST=	mdc2test
-RMDTEST=	rmdtest
-MD2TEST=	md2test
-MD4TEST=	md4test
-MD5TEST=	md5test
-HMACTEST=	hmactest
-RC2TEST=	rc2test
-RC4TEST=	rc4test
-RC5TEST=	rc5test
-BFTEST=		bftest
-CASTTEST=	casttest
-DESTEST=	destest
-RANDTEST=	randtest
-DHTEST=		dhtest
-DSATEST=	dsatest
-METHTEST=	methtest
-SSLTEST=	ssltest
-RSATEST=	rsa_test
-ENGINETEST=	enginetest
-EVPTEST=	evp_test
-
-TESTS=		alltests
-
-EXE=	$(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
-	$(RC2TEST) $(RC4TEST) $(RC5TEST) \
-	$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
-	$(RANDTEST) $(DHTEST) $(ENGINETEST) \
-	$(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
-	$(EVPTEST)
-
-# $(METHTEST)
-
-OBJ=	$(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
-	$(HMACTEST).o \
-	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
-	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
-	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
-	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
-	$(EVPTEST).o
-SRC=	$(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
-	$(HMACTEST).c \
-	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
-	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
-	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
-	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
-	$(EVPTEST).c
-
-EXHEADER= 
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
-
-all:	exe
-
-exe:	$(EXE) dummytest
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-generate: $(SRC)
-$(SRC):
-	@$(TOP)/util/point.sh dummytest.c $@
-
-errors:
-
-install:
-
-tags:
-	ctags $(SRC)
-
-tests:	exe apps $(TESTS)
-
-apps:
-	@(cd ..; $(MAKE) DIRS=apps all)
-
-SET_SO_PATHS=LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH="$$LIBPATH"; DYLD_LIBRARY_PATH="$$LIBPATH"; SHLIB_PATH="$$LIBPATH"; \
-		if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \
-		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH
-
-alltests: \
-	test_des test_idea test_sha test_md4 test_md5 test_hmac \
-	test_md2 test_mdc2 \
-	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-	test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
-	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
-	test_ss test_ca test_engine test_evp test_ssl
-
-test_evp:
-	$(SET_SO_PATHS); ./$(EVPTEST) evptests.txt
-
-test_des:
-	$(SET_SO_PATHS); ./$(DESTEST)
-
-test_idea:
-	$(SET_SO_PATHS); ./$(IDEATEST)
-
-test_sha:
-	$(SET_SO_PATHS); ./$(SHATEST)
-	$(SET_SO_PATHS); ./$(SHA1TEST)
-
-test_mdc2:
-	$(SET_SO_PATHS); ./$(MDC2TEST)
-
-test_md5:
-	$(SET_SO_PATHS); ./$(MD5TEST)
-
-test_md4:
-	$(SET_SO_PATHS); ./$(MD4TEST)
-
-test_hmac:
-	$(SET_SO_PATHS); ./$(HMACTEST)
-
-test_md2:
-	$(SET_SO_PATHS); ./$(MD2TEST)
-
-test_rmd:
-	$(SET_SO_PATHS); ./$(RMDTEST)
-
-test_bf:
-	$(SET_SO_PATHS); ./$(BFTEST)
-
-test_cast:
-	$(SET_SO_PATHS); ./$(CASTTEST)
-
-test_rc2:
-	$(SET_SO_PATHS); ./$(RC2TEST)
-
-test_rc4:
-	$(SET_SO_PATHS); ./$(RC4TEST)
-
-test_rc5:
-	$(SET_SO_PATHS); ./$(RC5TEST)
-
-test_rand:
-	$(SET_SO_PATHS); ./$(RANDTEST)
-
-test_enc:
-	@$(SET_SO_PATHS); sh ./testenc
-
-test_x509:
-	echo test normal x509v1 certificate
-	$(SET_SO_PATHS); sh ./tx509 2>/dev/null
-	echo test first x509v3 certificate
-	$(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null
-	echo test second x509v3 certificate
-	$(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null
-
-test_rsa:
-	@$(SET_SO_PATHS); sh ./trsa 2>/dev/null
-	$(SET_SO_PATHS); ./$(RSATEST)
-
-test_crl:
-	@$(SET_SO_PATHS); sh ./tcrl 2>/dev/null
-
-test_sid:
-	@$(SET_SO_PATHS); sh ./tsid 2>/dev/null
-
-test_req:
-	@$(SET_SO_PATHS); sh ./treq 2>/dev/null
-	@$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null
-
-test_pkcs7:
-	@$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null
-	@$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null
-
-test_bn:
-	@echo starting big number library test, could take a while...
-	@$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest
-	@echo quit >>tmp.bntest
-	@echo "running bc"
-	@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
-	@echo 'test a^b%c implementations'
-	$(SET_SO_PATHS); ./$(EXPTEST)
-
-test_ec:
-	@echo 'test elliptic curves'
-	$(SET_SO_PATHS); ./$(ECTEST)
-
-test_verify:
-	@echo "The following command should have some OK's and some failures"
-	@echo "There are definitly a few expired certificates"
-	-$(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem
-
-test_dh:
-	@echo "Generate a set of DH parameters"
-	$(SET_SO_PATHS); ./$(DHTEST)
-
-test_dsa:
-	@echo "Generate a set of DSA parameters"
-	$(SET_SO_PATHS); ./$(DSATEST)
-	$(SET_SO_PATHS); ./$(DSATEST) -app2_1
-
-test_gen:
-	@echo "Generate and verify a certificate request"
-	@$(SET_SO_PATHS); sh ./testgen
-
-test_ss keyU.ss certU.ss certCA.ss: testss
-	@echo "Generate and certify a test certificate"
-	@$(SET_SO_PATHS); sh ./testss
-
-test_engine: 
-	@echo "Manipulate the ENGINE structures"
-	$(SET_SO_PATHS); ./$(ENGINETEST)
-
-test_ssl: keyU.ss certU.ss certCA.ss
-	@echo "test SSL protocol"
-	@$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss
-
-test_ca:
-	@$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \
-	  echo "skipping CA.sh test -- requires RSA"; \
-	else \
-	  echo "Generate and certify a test certificate via the 'ca' program"; \
-	  sh ./testca; \
- 	fi
-
-test_aes: #$(AESTEST)
-#	@echo "test Rijndael"
-#	$(SET_SO_PATHS); ./$(AESTEST)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-	
-#$(AESTEST).o: $(AESTEST).c
-#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-
-#$(AESTEST): $(AESTEST).o $(DLIBCRYPTO)
-#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-#	  $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-#	else \
-#	  $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-#	fi
-
-dummytest: dummytest.o $(DLIBCRYPTO)
-	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-	else \
-	  $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-	fi
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
-bftest.o: ../include/openssl/opensslconf.h bftest.c
-bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-bntest.o: ../include/openssl/cast.h ../include/openssl/crypto.h
-bntest.o: ../include/openssl/des.h ../include/openssl/des_old.h
-bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-bntest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-bntest.o: ../include/openssl/evp.h ../include/openssl/idea.h
-bntest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-bntest.o: ../include/openssl/md4.h ../include/openssl/md5.h
-bntest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-bntest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-bntest.o: ../include/openssl/x509_vfy.h bntest.c
-casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
-casttest.o: ../include/openssl/opensslconf.h casttest.c
-destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-destest.o: ../include/openssl/ui_compat.h destest.c
-dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
-dsatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dsatest.o: ../include/openssl/ui.h dsatest.c
-ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
-ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
-enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
-enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-enginetest.o: enginetest.c
-evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-evp_test.o: ../include/openssl/des.h ../include/openssl/des_old.h
-evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
-evp_test.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-evp_test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-evp_test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-evp_test.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-evp_test.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
-evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-evp_test.o: ../include/openssl/ui_compat.h evp_test.c
-exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-exptest.o: ../include/openssl/symhacks.h exptest.c
-hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
-hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-hmactest.o: ../include/openssl/idea.h ../include/openssl/md2.h
-hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
-hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-hmactest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-hmactest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-hmactest.o: ../include/openssl/ui_compat.h hmactest.c
-ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
-ideatest.o: ../include/openssl/opensslconf.h ideatest.c
-md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-md2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-md2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-md2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
-md2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-md2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-md2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c
-md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-md4test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-md4test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-md4test.o: ../include/openssl/evp.h ../include/openssl/idea.h
-md4test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-md4test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-md4test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c
-md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-md5test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-md5test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-md5test.o: ../include/openssl/evp.h ../include/openssl/idea.h
-md5test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-md5test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-md5test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c
-mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-mdc2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-mdc2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-mdc2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
-mdc2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-mdc2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-mdc2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
-randtest.o: ../e_os.h ../include/openssl/e_os2.h
-randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
-randtest.o: ../include/openssl/rand.h randtest.c
-rc2test.o: ../e_os.h ../include/openssl/e_os2.h
-rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
-rc4test.o: ../e_os.h ../include/openssl/e_os2.h
-rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
-rc5test.o: ../e_os.h ../include/openssl/e_os2.h
-rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c
-rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h
-rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rmdtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-rmdtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-rmdtest.o: ../include/openssl/evp.h ../include/openssl/idea.h
-rmdtest.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rmdtest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-rmdtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-rmdtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c
-rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h
-rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsa_test.o: ../include/openssl/ui.h rsa_test.c
-sha1test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h
-sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-sha1test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-sha1test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-sha1test.o: ../include/openssl/evp.h ../include/openssl/idea.h
-sha1test.o: ../include/openssl/md2.h ../include/openssl/md4.h
-sha1test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-sha1test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c
-shatest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h
-shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-shatest.o: ../include/openssl/evp.h ../include/openssl/idea.h
-shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
-shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
-shatest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-shatest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-shatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h shatest.c
-ssltest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-ssltest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssltest.o: ../include/openssl/cast.h ../include/openssl/comp.h
-ssltest.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ssltest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
-ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
-ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h
-ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
-ssltest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-ssltest.o: ../include/openssl/x509_vfy.h ssltest.c
diff --git a/crypto/openssl/test/Sssdsa.cnf b/crypto/openssl/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef59..000000000000
--- a/crypto/openssl/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
-
diff --git a/crypto/openssl/test/Sssrsa.cnf b/crypto/openssl/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca87..000000000000
--- a/crypto/openssl/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
diff --git a/crypto/openssl/test/Uss.cnf b/crypto/openssl/test/Uss.cnf
deleted file mode 100644
index c89692d5199c..000000000000
--- a/crypto/openssl/test/Uss.cnf
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
diff --git a/crypto/openssl/test/VMSca-response.1 b/crypto/openssl/test/VMSca-response.1
deleted file mode 100644
index 8b137891791f..000000000000
--- a/crypto/openssl/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/crypto/openssl/test/VMSca-response.2 b/crypto/openssl/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf97a..000000000000
--- a/crypto/openssl/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
-y
-y
diff --git a/crypto/openssl/test/bctest b/crypto/openssl/test/bctest
deleted file mode 100755
index bdb3218f7aca..000000000000
--- a/crypto/openssl/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/sh
-
-# This script is used by test/Makefile.ssl to check whether a sane 'bc'
-# is installed.
-# ('make test_bn' should not try to run 'bc' if it does not exist or if
-# it is a broken 'bc' version that is known to cause trouble.)
-#
-# If 'bc' works, we also test if it knows the 'print' command.
-#
-# In any case, output an appropriate command line for running (or not
-# running) bc.
-
-
-IFS=:
-try_without_dir=true
-# First we try "bc", then "$dir/bc" for each item in $PATH.
-for dir in dummy:$PATH; do
-    if [ "$try_without_dir" = true ]; then
-      # first iteration
-      bc=bc
-      try_without_dir=false
-    else
-      # second and later iterations
-      bc="$dir/bc"
-      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
-        bc=''
-      fi
-    fi
-
-    if [ ! "$bc" = '' ]; then
-        failure=none
-
-
-        # Test for SunOS 5.[78] bc bug
-        "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
-a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
-CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
-10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
-C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
-3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
-4FC3CADF855448B24A9D7640BCF473E
-b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
-9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
-8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
-3ED0E2017D60A68775B75481449
-(a/b)*b + (a%b) - a
-EOF
-        if [ 0 != "`cat tmp.bctest`" ]; then
-            failure=SunOStest
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # Test for SCO bc bug.
-            "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
--FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
-9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
-11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
-1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
-AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
-F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
-B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
-02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
-85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
-A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
-E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
-8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
-04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
-89C8D71
-AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
-928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
-8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
-37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
-E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
-F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
-9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
-D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
-5296964
-EOF
-            if [ "0
-0" != "`cat tmp.bctest`" ]; then
-                failure=SCOtest
-            fi
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # bc works; now check if it knows the 'print' command.
-            if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
-            then
-                echo "$bc"
-            else
-                echo "sed 's/print.*//' | $bc"
-            fi
-            exit 0
-        fi
-
-        echo "$bc does not work properly ('$failure' failed).  Looking for another bc ..." >&2
-    fi
-done
-
-echo "No working bc found.  Consider installing GNU bc." >&2
-if [ "$1" = ignore ]; then
-  echo "cat >/dev/null"
-  exit 0
-fi
-exit 1
diff --git a/crypto/openssl/test/dsa-ca.pem b/crypto/openssl/test/dsa-ca.pem
deleted file mode 100644
index 9eb08f3ddd45..000000000000
--- a/crypto/openssl/test/dsa-ca.pem
+++ /dev/null
@@ -1,43 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
-
-svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
-Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
-Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
-par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
-zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
-uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
-rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
-1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
-HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
-MVqOsYxGCb+kez0FoDSTgw==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/test/dsa-pca.pem b/crypto/openssl/test/dsa-pca.pem
deleted file mode 100644
index e3641ad47e6b..000000000000
--- a/crypto/openssl/test/dsa-pca.pem
+++ /dev/null
@@ -1,49 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
-
-GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
-mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
-of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
-FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
-RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
-qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
-diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
-V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
-hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
-dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-
diff --git a/crypto/openssl/test/dummytest.c b/crypto/openssl/test/dummytest.c
deleted file mode 100644
index 5b4467e042bb..000000000000
--- a/crypto/openssl/test/dummytest.c
+++ /dev/null
@@ -1,48 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-
-int main(int argc, char *argv[])
-	{
-	char *p, *q = 0, *program;
-
-	p = strrchr(argv[0], '/');
-	if (!p) p = strrchr(argv[0], '\\');
-#ifdef OPENSSL_SYS_VMS
-	if (!p) p = strrchr(argv[0], ']');
-	if (p) q = strrchr(p, '>');
-	if (q) p = q;
-	if (!p) p = strrchr(argv[0], ':');
-	q = 0;
-#endif
-	if (p) p++;
-	if (!p) p = argv[0];
-	if (p) q = strchr(p, '.');
-	if (p && !q) q = p + strlen(p);
-
-	if (!p)
-		program = BUF_strdup("(unknown)");
-	else
-		{
-		program = OPENSSL_malloc((q - p) + 1);
-		strncpy(program, p, q - p);
-		program[q - p] = '\0';
-		}
-
-	for(p = program; *p; p++)
-		if (islower((unsigned char)(*p)))
-			*p = toupper((unsigned char)(*p));
-
-	q = strstr(program, "TEST");
-	if (q > p && q[-1] == '_') q--;
-	*q = '\0';
-
-	printf("No %s support\n", program);
-
-	OPENSSL_free(program);
-	return(0);
-	}
diff --git a/crypto/openssl/test/methtest.c b/crypto/openssl/test/methtest.c
deleted file mode 100644
index 005c2f48220e..000000000000
--- a/crypto/openssl/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* test/methtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include "meth.h"
-#include <openssl/err.h>
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	METHOD_CTX *top,*tmp1,*tmp2;
-
-	top=METH_new(x509_lookup()); /* get a top level context */
-	if (top == NULL) goto err;
-
-	tmp1=METH_new(x509_by_file());
-	if (top == NULL) goto err;
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
-
-	tmp2=METH_new(x509_by_dir());
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
-	METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
-
-/*	tmp=METH_new(x509_by_issuer_dir);
-	METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-
-	tmp=METH_new(x509_by_issuer_primary);
-	METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-*/
-
-	METH_init(top);
-	METH_control(tmp1,METH_CONTROL_DUMP,stdout);
-	METH_control(tmp2,METH_CONTROL_DUMP,stdout);
-	EXIT(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	EXIT(1);
-	return(0);
-	}
diff --git a/crypto/openssl/test/pkcs7-1.pem b/crypto/openssl/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af8893..000000000000
--- a/crypto/openssl/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN PKCS7-----
-MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
-SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
-AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
-eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
-MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
-bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
-ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
-FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
-9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
-BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
-bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
-BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
-j7Kie1x339mxW/w9VZNTUDQQweHh
------END PKCS7-----
diff --git a/crypto/openssl/test/pkcs7.pem b/crypto/openssl/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e13..000000000000
--- a/crypto/openssl/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
-     MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
-     AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
-     EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
-     cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
-     ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
-     MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-     c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
-     bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
-     CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
-     Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
-     CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
-     ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
-     l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
-     HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
-     Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
-     c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
-     YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
-     dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
-     dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
-     LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
-     ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
-     biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
-     IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
-     AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-     L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
-     HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
-     slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
-     ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
-     /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
-     aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
-     ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
-     OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
-     MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
-     Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
-     qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
-     sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
-     P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
-     A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
-     KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
-     Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
-     Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
-     hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
-     Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
-     dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
-     KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
-     dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
-     I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
-     ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
-     ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
-     ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
-     MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
-     /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
-     DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
-     b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/crypto/openssl/test/r160test.c b/crypto/openssl/test/r160test.c
deleted file mode 100644
index a172e393cab0..000000000000
--- a/crypto/openssl/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* test/r160test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
diff --git a/crypto/openssl/test/tcrl b/crypto/openssl/test/tcrl
deleted file mode 100644
index f71ef7a8630c..000000000000
--- a/crypto/openssl/test/tcrl
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl crl'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testcrl.pem
-fi
-
-echo testing crl conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/test.cnf b/crypto/openssl/test/test.cnf
deleted file mode 100644
index faad3914a859..000000000000
--- a/crypto/openssl/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/new_certs	# default place for new certs.
-
-certificate	= $dir/CAcert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/CAkey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= testkey.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Queensland
-stateOrProvinceName_value	=
-
-localityName			= Locality Name (eg, city)
-localityName_value		= Brisbane
-
-organizationName		= Organization Name (eg, company)
-organizationName_default	= 
-organizationName_value		= CryptSoft Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-organizationalUnitName_default	=
-organizationalUnitName_value	= .
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Eric Young
-
-emailAddress			= Email Address
-emailAddress_value		= eay@mincom.oz.au
diff --git a/crypto/openssl/test/testca b/crypto/openssl/test/testca
deleted file mode 100644
index 8215ebb5d1d0..000000000000
--- a/crypto/openssl/test/testca
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=./apps\;../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export SH PATH
-
-SSLEAY_CONFIG="-config CAss.cnf"
-export SSLEAY_CONFIG
-
-/bin/rm -fr demoCA
-$SH ../apps/CA.sh -newca <<EOF
-EOF
-
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-SSLEAY_CONFIG="-config Uss.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -newreq
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-
-SSLEAY_CONFIG="-config ../apps/openssl.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -sign  <<EOF
-y
-y
-EOF
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-
-$SH ../apps/CA.sh -verify newcert.pem
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-/bin/rm -fr demoCA newcert.pem newreq.pem
-#usage: CA -newcert|-newreq|-newca|-sign|-verify
-
diff --git a/crypto/openssl/test/testcrl.pem b/crypto/openssl/test/testcrl.pem
deleted file mode 100644
index 098978835471..000000000000
--- a/crypto/openssl/test/testcrl.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN X509 CRL-----
-MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
-F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
-IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
-MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
-MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
-MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
-MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
-MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
-MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
-NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
-NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
-AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
-wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
-JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
------END X509 CRL-----
diff --git a/crypto/openssl/test/testenc b/crypto/openssl/test/testenc
deleted file mode 100644
index 0656c7f52540..000000000000
--- a/crypto/openssl/test/testenc
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-
-testsrc=Makefile.ssl
-test=./p
-cmd=../apps/openssl
-
-cat $testsrc >$test;
-
-echo cat
-$cmd enc < $test > $test.cipher
-$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-echo base64
-$cmd enc -a -e < $test > $test.cipher
-$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-
-for i in `$cmd list-cipher-commands`
-do
-	echo $i
-	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-
-	echo $i base64
-	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-done
-rm -f $test
diff --git a/crypto/openssl/test/testgen b/crypto/openssl/test/testgen
deleted file mode 100644
index 3798543e0473..000000000000
--- a/crypto/openssl/test/testgen
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-T=testcert
-KEY=512
-CA=../certs/testca.pem
-
-/bin/rm -f $T.1 $T.2 $T.key
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH;
-else
-    PATH=../apps:$PATH;
-fi
-export PATH
-
-echo "generating certificate request"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-  echo "There should be a 2 sequences of .'s and some +'s."
-  echo "There should not be more that at most 80 per line"
-fi
-
-echo "This could take some time."
-
-rm -f testkey.pem testreq.pem
-
-../apps/openssl req -config test.cnf $req_new -out testreq.pem
-if [ $? != 0 ]; then
-echo problems creating request
-exit 1
-fi
-
-../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
-if [ $? != 0 ]; then
-echo signature on req is wrong
-exit 1
-fi
-
-exit 0
diff --git a/crypto/openssl/test/testp7.pem b/crypto/openssl/test/testp7.pem
deleted file mode 100644
index e5b7866c3154..000000000000
--- a/crypto/openssl/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN PKCS7-----
-MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
-cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
-DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
-BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
-HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
-ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
-biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
-aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
-aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
-VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
-UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
-AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
-BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
-ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
-IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
-bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
-OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
-IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
-ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
-cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
-QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
-MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
-AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
-cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
-AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
-dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
-Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
-TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
-AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
-2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
-47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
-AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
-ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
-BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
-ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
-MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
-sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
-XfZsaiiIgotQHjEA
------END PKCS7-----
diff --git a/crypto/openssl/test/testreq2.pem b/crypto/openssl/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc61..000000000000
--- a/crypto/openssl/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
-DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
-hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
-gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
------END CERTIFICATE REQUEST-----
diff --git a/crypto/openssl/test/testrsa.pem b/crypto/openssl/test/testrsa.pem
deleted file mode 100644
index aad21067a8f7..000000000000
--- a/crypto/openssl/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
-Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
-rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
-oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
-mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
-rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
-mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
------END RSA PRIVATE KEY-----
diff --git a/crypto/openssl/test/testsid.pem b/crypto/openssl/test/testsid.pem
deleted file mode 100644
index 7ffd008f6660..000000000000
--- a/crypto/openssl/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN SSL SESSION PARAMETERS-----
-MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
-bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
-ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
-YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
-A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
-LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
-CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
-TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
-hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
-CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
------END SSL SESSION PARAMETERS-----
diff --git a/crypto/openssl/test/testss b/crypto/openssl/test/testss
deleted file mode 100644
index 8d3557f356d9..000000000000
--- a/crypto/openssl/test/testss
+++ /dev/null
@@ -1,99 +0,0 @@
-#!/bin/sh
-
-digest='-md5'
-reqcmd="../apps/openssl req"
-x509cmd="../apps/openssl x509 $digest"
-verifycmd="../apps/openssl verify"
-dummycnf="../apps/openssl.cnf"
-
-CAkey="keyCA.ss"
-CAcert="certCA.ss"
-CAreq="reqCA.ss"
-CAconf="CAss.cnf"
-CAreq2="req2CA.ss"	# temp
-
-Uconf="Uss.cnf"
-Ukey="keyU.ss"
-Ureq="reqU.ss"
-Ucert="certU.ss"
-
-echo
-echo "make a certificate request using 'req'"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-fi
-
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a certificate request"
-	exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to self sign a certificate request"
-	exit 1
-fi
-
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' convert a certificate to a certificate request"
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
-	echo first generated request is invalid
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
-	echo second generated request is invalid
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
-	echo first generated cert is invalid
-	exit 1
-fi
-
-echo
-echo "make another certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a certificate request"
-	exit 1
-fi
-
-echo
-echo "sign certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a certificate request"
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-
-echo
-echo The generated CA certificate is $CAcert
-echo The generated CA private key is $CAkey
-
-echo The generated user certificate is $Ucert
-echo The generated user private key is $Ukey
-
-/bin/rm err.ss
-exit 0
diff --git a/crypto/openssl/test/testssl b/crypto/openssl/test/testssl
deleted file mode 100644
index ca8e718022aa..000000000000
--- a/crypto/openssl/test/testssl
+++ /dev/null
@@ -1,145 +0,0 @@
-#!/bin/sh
-
-if [ "$1" = "" ]; then
-  key=../apps/server.pem
-else
-  key="$1"
-fi
-if [ "$2" = "" ]; then
-  cert=../apps/server.pem
-else
-  cert="$2"
-fi
-ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
-
-if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
-  dsa_cert=YES
-else
-  dsa_cert=NO
-fi
-
-if [ "$3" = "" ]; then
-  CA="-CApath ../certs"
-else
-  CA="-CAfile $3"
-fi
-
-if [ "$4" = "" ]; then
-  extra=""
-else
-  extra="$4"
-fi
-
-#############################################################################
-
-echo test sslv2
-$ssltest -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication
-$ssltest -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication
-  $ssltest -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication
-  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3
-$ssltest -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication
-$ssltest -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication
-$ssltest -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication
-$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3
-$ssltest $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication
-$ssltest -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication
-$ssltest -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2 via BIO pair
-$ssltest -bio_pair -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication via BIO pair
-$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3 via BIO pair
-$ssltest -bio_pair -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 via BIO pair
-$ssltest $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2/sslv3 w/o DHE via BIO pair
-  $ssltest -bio_pair -no_dhe $extra || exit 1
-fi
-
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-
-#############################################################################
-
-if ../apps/openssl no-dh; then
-  echo skipping anonymous DH tests
-else
-  echo test tls1 with 1024bit anonymous DH, multiple handshakes
-  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-
-if ../apps/openssl no-rsa; then
-  echo skipping RSA tests
-else
-  echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
-  ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
-
-  if ../apps/openssl no-dh; then
-    echo skipping RSA+DHE tests
-  else
-    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
-    ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
-  fi
-fi
-
-exit 0
diff --git a/crypto/openssl/test/testx509.pem b/crypto/openssl/test/testx509.pem
deleted file mode 100644
index 8a85d14964f8..000000000000
--- a/crypto/openssl/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
-MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
-/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
-Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
-zl9HYIMxATFyqSiD9jsx
------END CERTIFICATE-----
diff --git a/crypto/openssl/test/times b/crypto/openssl/test/times
deleted file mode 100644
index 49aeebf216e8..000000000000
--- a/crypto/openssl/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
-
-More number for the questions about SSL overheads....
-
-The following numbers were generated on a pentium pro 200, running linux.
-They give an indication of the SSL protocol and encryption overheads.
-
-The program that generated them is an unreleased version of ssl/ssltest.c
-which is the SSLeay ssl protocol testing program.  It is a single process that
-talks both sides of the SSL protocol via a non-blocking memory buffer
-interface.
-
-How do I read this?  The protocol and cipher are reasonable obvious.
-The next number is the number of connections being made.  The next is the
-number of bytes exchanged bewteen the client and server side of the protocol.
-This is the number of bytes that the client sends to the server, and then
-the server sends back.  Because this is all happening in one process,
-the data is being encrypted, decrypted, encrypted and then decrypted again.
-It is a round trip of that many bytes.  Because the one process performs
-both the client and server sides of the protocol and it sends this many bytes
-each direction, multiply this number by 4 to generate the number
-of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
-elapsed doing a full SSL handshake, the second is the cost of one
-full handshake and the rest being session-id reuse.
-
-SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
-SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
-SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
-SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
-SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
-SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
-SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
-
-SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
-SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
-SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
-SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
-SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
-SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
-
-SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
-SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
-SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
-SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
-SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
-SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
-SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
-
-SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
-SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
-SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
-SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
-SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
-SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
-SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
-
-What does this all mean?  Well for a server, with no session-id reuse, with
-a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
-about 49 connections a second.  Reality will be quite different :-).
-
-Remeber the first number is 1000 full ssl handshakes, the second is
-1 full and 999 with session-id reuse.  The RSA overheads for each exchange
-would be one public and one private operation, but the protocol/MAC/cipher
-cost would be quite similar in both the client and server.
-
-eric (adding numbers to speculation)
-
---- Appendix ---
-- The time measured is user time but these number a very rough.
-- Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernal overhead of connection establishment is normally the
-  killer in SSL.  Often delays in the TCP protocol will make session-id
-  reuse look slower that new sessions, but this would not be the case on
-  a loaded server.
-- The TCP round trip latencies, while slowing indervidual connections,
-  would have minimal impact on throughput.
-- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
-- the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
-- A 512bit server key was being used except where noted.
-- No server key verification was being performed on the client side of the
-  protocol.  This would slow things down very little.
-- The library being used is SSLeay 0.8.x.
-- The normal mesauring system was commands of the form
-  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
-  This modified version of ssltest should be in the next public release of
-  SSLeay.
-
-The general cipher performace number for this platform are
-
-SSLeay 0.8.2a 04-Sep-1997
-built on Fri Sep  5 17:37:05 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               131.02k      368.41k      500.57k      549.21k      566.09k
-mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
-md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
-sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
-sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
-rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
-des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
-des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
-idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
-rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
-blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
-                  sign    verify
-rsa  512 bits   0.0100s   0.0011s
-rsa 1024 bits   0.0451s   0.0012s
-rsa 2048 bits   0.2605s   0.0086s
-rsa 4096 bits   1.6883s   0.0302s
-
diff --git a/crypto/openssl/test/tpkcs7 b/crypto/openssl/test/tpkcs7
deleted file mode 100644
index cf3bd9fadbe8..000000000000
--- a/crypto/openssl/test/tpkcs7
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testp7.pem
-fi
-
-echo testing pkcs7 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/tpkcs7d b/crypto/openssl/test/tpkcs7d
deleted file mode 100644
index 18f9311b0689..000000000000
--- a/crypto/openssl/test/tpkcs7d
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=pkcs7-1.pem
-fi
-
-echo "testing pkcs7 conversions (2)"
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/treq b/crypto/openssl/test/treq
deleted file mode 100644
index 47a8273cde62..000000000000
--- a/crypto/openssl/test/treq
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl req -config ../apps/openssl.cnf'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testreq.pem
-fi
-
-if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
-  echo "skipping req conversion test for $t"
-  exit 0
-fi
-
-echo testing req conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -verify -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -verify -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/trsa b/crypto/openssl/test/trsa
deleted file mode 100644
index 413e2ec0a0cd..000000000000
--- a/crypto/openssl/test/trsa
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-if ../apps/openssl no-rsa; then
-  echo skipping rsa conversion test
-  exit 0
-fi
-
-cmd='../apps/openssl rsa'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testrsa.pem
-fi
-
-echo testing rsa conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/tsid b/crypto/openssl/test/tsid
deleted file mode 100644
index 40a1dfa97ce8..000000000000
--- a/crypto/openssl/test/tsid
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl sess_id'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testsid.pem
-fi
-
-echo testing session-id conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/tx509 b/crypto/openssl/test/tx509
deleted file mode 100644
index d380963abce5..000000000000
--- a/crypto/openssl/test/tx509
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/bin/sh
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH
-else
-    PATH=../apps:$PATH
-fi
-export PATH
-
-cmd='../apps/openssl x509'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testx509.pem
-fi
-
-echo testing X509 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in fff.p -inform p -outform n >f.n
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> d"
-$cmd -in f.n -inform n -outform d >ff.d2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> n"
-$cmd -in f.d -inform d -outform n >ff.n1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> n"
-$cmd -in f.n -inform n -outform n >ff.n2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in f.p -inform p -outform n >ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> p"
-$cmd -in f.n -inform n -outform p >ff.p2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.n ff.n1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/crypto/openssl/test/v3-cert1.pem b/crypto/openssl/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c340..000000000000
--- a/crypto/openssl/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
-NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
-dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
-ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
-ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
-miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
-AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
-MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
-AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
-X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
-WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
------END CERTIFICATE-----
diff --git a/crypto/openssl/test/v3-cert2.pem b/crypto/openssl/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8de3..000000000000
--- a/crypto/openssl/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
-YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
-ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
-dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
-WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
-BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
-FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
-6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
-G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
-YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
-b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
-F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
-lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
-jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
------END CERTIFICATE-----
diff --git a/crypto/openssl/times/090/586-100.nt b/crypto/openssl/times/090/586-100.nt
deleted file mode 100644
index 297ec3e7f088..000000000000
--- a/crypto/openssl/times/090/586-100.nt
+++ /dev/null
@@ -1,32 +0,0 @@
-SSLeay 0.9.0 08-Apr-1998
-built on Wed Apr  8 12:47:17 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
-ptr2)
-C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
--DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 92.25k      256.80k      347.01k      380.40k      390.31k
-mdc2               240.72k      251.10k      252.00k      250.80k      251.40k
-md5               1013.61k     5651.94k    11831.61k    16294.89k    17901.43k
-hmac(md5)          419.50k     2828.07k     7770.11k    13824.34k    17091.70k
-sha1               524.31k     2721.45k     5216.15k     6766.10k     7308.42k
-rmd160             462.09k     2288.59k     4260.77k     5446.44k     5841.65k
-rc4               7895.90k    10326.73k    10555.43k    10728.22k    10429.44k
-des cbc           2036.86k     2208.92k     2237.68k     2237.20k     2181.35k
-des ede3           649.92k      739.42k      749.07k      748.86k      738.27k
-idea cbc           823.19k      885.10k      894.92k      896.45k      891.87k
-rc2 cbc            792.63k      859.00k      867.45k      868.96k      865.30k
-rc5-32/12 cbc     3502.26k     4026.79k     4107.23k     4121.76k     4073.72k
-blowfish cbc      3752.96k     4026.79k     4075.31k     3965.87k     3892.26k
-cast cbc          2566.27k     2807.43k     2821.79k     2792.48k     2719.34k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0179s   0.0020s     56.0    501.7
-rsa 1024 bits   0.0950s   0.0060s     10.5    166.6
-rsa 2048 bits   0.6299s   0.0209s      1.6     47.8
-rsa 4096 bits   4.5870s   0.0787s      0.2     12.7
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0180s   0.0339s     55.6     29.5
-dsa 1024 bits   0.0555s   0.1076s     18.0      9.3
-dsa 2048 bits   0.1971s   0.3918s      5.1      2.6
-
diff --git a/crypto/openssl/times/091/486-50.nt b/crypto/openssl/times/091/486-50.nt
deleted file mode 100644
index 84820d9c6509..000000000000
--- a/crypto/openssl/times/091/486-50.nt
+++ /dev/null
@@ -1,30 +0,0 @@
-486-50 NT 4.0
-
-SSLeay 0.9.1a 06-Jul-1998
-built on Sat Jul 18 18:03:20 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
-C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 28.77k       80.30k      108.50k      118.98k      122.47k
-mdc2                51.52k       54.06k       54.54k       54.65k       54.62k
-md5                304.39k     1565.04k     3061.54k     3996.10k     4240.10k
-hmac(md5)          119.53k      793.23k     2061.29k     3454.95k     4121.76k
-sha1               127.51k      596.93k     1055.54k     1313.84k     1413.18k
-rmd160             128.50k      572.49k     1001.03k     1248.01k     1323.63k
-rc4               1224.40k     1545.11k     1590.29k     1600.20k     1576.90k
-des cbc            448.19k      503.45k      512.30k      513.30k      508.23k
-des ede3           148.66k      162.48k      163.68k      163.94k      164.24k
-idea cbc           194.18k      211.10k      212.99k      213.18k      212.64k
-rc2 cbc            245.78k      271.01k      274.12k      274.38k      273.52k
-rc5-32/12 cbc     1252.48k     1625.20k     1700.03k     1711.12k     1677.18k
-blowfish cbc       725.16k      828.26k      850.01k      846.99k      833.79k
-cast cbc           643.30k      717.22k      739.48k      741.57k      735.33k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0904s   0.0104s     11.1     96.2
-rsa 1024 bits   0.5968s   0.0352s      1.7     28.4
-rsa 2048 bits   3.8860s   0.1017s      0.3      9.8
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.1006s   0.1249s      9.9      8.0
-dsa 1024 bits   0.3306s   0.4093s      3.0      2.4
-dsa 2048 bits   0.9454s   1.1707s      1.1      0.9
diff --git a/crypto/openssl/times/091/586-100.lnx b/crypto/openssl/times/091/586-100.lnx
deleted file mode 100644
index 92892a672db7..000000000000
--- a/crypto/openssl/times/091/586-100.lnx
+++ /dev/null
@@ -1,32 +0,0 @@
-Pentium 100mhz, linux
-
-SSLeay 0.9.0a 14-Apr-1998
-built on Fri Apr 17 08:47:07 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 56.65k      153.88k      208.47k      229.03k      237.57k
-mdc2               189.59k      204.95k      206.93k      208.90k      209.56k
-md5               1019.48k     5882.41k    12085.42k    16376.49k    18295.47k
-hmac(md5)          415.86k     2887.85k     7891.29k    13894.66k    17446.23k
-sha1               540.68k     2791.96k     5289.30k     6813.01k     7432.87k
-rmd160             298.37k     1846.87k     3869.10k     5273.94k     5892.78k
-rc4               7870.87k    10438.10k    10857.13k    10729.47k    10788.86k
-des cbc           1960.60k     2226.37k     2241.88k     2054.83k     2181.80k
-des ede3           734.44k      739.69k      779.43k      750.25k      772.78k
-idea cbc           654.07k      711.00k      716.89k      718.51k      720.90k
-rc2 cbc            648.83k      701.91k      708.61k      708.95k      709.97k
-rc5-32/12 cbc     3504.71k     4054.76k     4131.41k     4105.56k     4134.23k
-blowfish cbc      3762.25k     4313.79k     4460.54k     4356.78k     4317.18k
-cast cbc          2755.01k     3038.91k     3076.44k     3027.63k     2998.27k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0195s   0.0019s     51.4    519.9
-rsa 1024 bits   0.1000s   0.0059s     10.0    168.2
-rsa 2048 bits   0.6406s   0.0209s      1.6     47.8
-rsa 4096 bits   4.6100s   0.0787s      0.2     12.7
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0188s   0.0360s     53.1     27.8
-dsa 1024 bits   0.0570s   0.1126s     17.5      8.9
-dsa 2048 bits   0.1990s   0.3954s      5.0      2.5
-
diff --git a/crypto/openssl/times/091/68000.bsd b/crypto/openssl/times/091/68000.bsd
deleted file mode 100644
index a3a14e80873e..000000000000
--- a/crypto/openssl/times/091/68000.bsd
+++ /dev/null
@@ -1,32 +0,0 @@
-Motorolla 68020 20mhz, NetBSD
-
-SSLeay 0.9.0t 29-May-1998
-built on Fri Jun  5 12:42:23 EST 1998
-options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,16,long) idea(int) blowfish(idx) 
-C flags:gcc -DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               2176.00      5994.67      8079.73      8845.18      9077.01 
-mdc2              5730.67      6122.67      6167.66      6176.51      6174.87 
-md5                 29.10k      127.31k      209.66k      250.50k      263.99k
-hmac(md5)           12.33k       73.02k      160.17k      228.04k      261.15k
-sha1                11.27k       49.37k       84.31k      102.40k      109.23k
-rmd160              11.69k       48.62k       78.76k       93.15k       98.41k
-rc4                117.96k      148.94k      152.57k      153.09k      152.92k
-des cbc             27.13k       30.06k       30.38k       30.38k       30.53k
-des ede3            10.51k       10.94k       11.01k       11.01k       11.01k
-idea cbc            26.74k       29.23k       29.45k       29.60k       29.74k
-rc2 cbc             34.27k       39.39k       40.03k       40.07k       40.16k
-rc5-32/12 cbc       64.31k       83.18k       85.70k       86.70k       87.09k
-blowfish cbc        48.86k       59.18k       60.07k       60.42k       60.78k
-cast cbc            42.67k       50.01k       50.86k       51.20k       51.37k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.7738s   0.0774s      1.3     12.9
-rsa 1024 bits   4.3967s   0.2615s      0.2      3.8
-rsa 2048 bits  29.5200s   0.9664s      0.0      1.0
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.7862s   0.9709s      1.3      1.0
-dsa 1024 bits   2.5375s   3.1625s      0.4      0.3
-dsa 2048 bits   9.2150s  11.8200s      0.1      0.1
-
-
diff --git a/crypto/openssl/times/091/686-200.lnx b/crypto/openssl/times/091/686-200.lnx
deleted file mode 100644
index bb857d48d0e3..000000000000
--- a/crypto/openssl/times/091/686-200.lnx
+++ /dev/null
@@ -1,32 +0,0 @@
-Pentium Pro 200mhz, linux
-
-SSLeay 0.9.0d 26-Apr-1998
-built on Sun Apr 26 10:25:33 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                130.58k      364.54k      499.24k      545.79k      561.66k
-mdc2               526.68k      579.72k      588.37k      588.80k      589.82k
-md5               1917.71k    11434.69k    22512.21k    29495.30k    32677.89k
-hmac(md5)          749.18k     5264.83k    14227.20k    25018.71k    31760.38k
-sha1              1343.83k     6436.29k    11702.78k    14664.70k    15829.67k
-rmd160            1038.05k     5138.77k     8985.51k    10985.13k    11799.21k
-rc4              14891.04k    21334.06k    22376.79k    22579.54k    22574.42k
-des cbc           4131.97k     4568.31k     4645.29k     4631.21k     4572.73k
-des ede3          1567.17k     1631.13k     1657.32k     1653.08k     1643.86k
-idea cbc          2427.23k     2671.21k     2716.67k     2723.84k     2733.40k
-rc2 cbc           1629.90k     1767.38k     1788.50k     1797.12k     1799.51k
-rc5-32/12 cbc    10290.55k    13161.60k    13744.55k    14011.73k    14123.01k
-blowfish cbc      5896.42k     6920.77k     7122.01k     7151.62k     7146.15k
-cast cbc          6037.71k     6935.19k     7101.35k     7145.81k     7116.12k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0070s   0.0007s    142.6   1502.9
-rsa 1024 bits   0.0340s   0.0019s     29.4    513.3
-rsa 2048 bits   0.2087s   0.0066s      4.8    151.3
-rsa 4096 bits   1.4700s   0.0242s      0.7     41.2
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0064s   0.0121s    156.1     82.9
-dsa 1024 bits   0.0184s   0.0363s     54.4     27.5
-dsa 2048 bits   0.0629s   0.1250s     15.9      8.0
-
diff --git a/crypto/openssl/times/091/alpha064.osf b/crypto/openssl/times/091/alpha064.osf
deleted file mode 100644
index a8e7fdfd610e..000000000000
--- a/crypto/openssl/times/091/alpha064.osf
+++ /dev/null
@@ -1,32 +0,0 @@
-Alpha EV4.5 (21064) 275mhz, OSF1 V4.0
-SSLeay 0.9.0g 01-May-1998
-built on Mon May  4 17:26:09 CST 1998
-options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx) 
-C flags:cc -tune host -O4 -readonly_strings
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                119.58k      327.48k      443.28k      480.09k      495.16k
-mdc2               436.67k      456.35k      465.42k      466.57k      469.01k
-md5               1459.34k     6566.46k    11111.91k    13375.30k    14072.60k
-hmac(md5)          597.90k     3595.45k     8180.88k    12099.49k    13884.46k
-sha1               707.01k     3253.09k     6131.73k     7798.23k     8439.67k
-rmd160             618.57k     2729.07k     4711.33k     5825.16k     6119.23k
-rc4               8796.43k     9393.62k     9548.88k     9378.77k     9472.57k
-des cbc           2165.97k     2514.90k     2586.27k     2572.93k     2639.08k
-des ede3           945.44k     1004.03k     1005.96k     1017.33k     1020.85k
-idea cbc          1498.81k     1629.11k     1637.28k     1625.50k     1641.11k
-rc2 cbc           1866.00k     2044.92k     2067.12k     2064.00k     2068.96k
-rc5-32/12 cbc     4366.97k     5521.32k     5687.50k     5729.16k     5736.96k
-blowfish cbc      3997.31k     4790.60k     4937.84k     4954.56k     5024.85k
-cast cbc          2900.19k     3673.30k     3803.73k     3823.93k     3890.25k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0069s   0.0006s    144.2   1545.8
-rsa 1024 bits   0.0304s   0.0018s     32.9    552.6
-rsa 2048 bits   0.1887s   0.0062s      5.3    161.4
-rsa 4096 bits   1.3667s   0.0233s      0.7     42.9
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0067s   0.0123s    149.6     81.1
-dsa 1024 bits   0.0177s   0.0332s     56.6     30.1
-dsa 2048 bits   0.0590s   0.1162s     16.9      8.6
-
-
diff --git a/crypto/openssl/times/091/alpha164.lnx b/crypto/openssl/times/091/alpha164.lnx
deleted file mode 100644
index c994662698ce..000000000000
--- a/crypto/openssl/times/091/alpha164.lnx
+++ /dev/null
@@ -1,32 +0,0 @@
-Alpha EV5.6 (21164A) 533mhz, Linux 2.0.32
-
-SSLeay 0.9.0p 22-May-1998
-built on Sun May 27 14:23:38 GMT 2018
-options:bn(64,64) md2(int) rc4(ptr,int) des(idx,risc1,16,long) idea(int) blowfish(idx) 
-C flags:gcc -O3
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                295.78k      825.34k     1116.42k     1225.10k     1262.65k
-mdc2               918.16k     1017.55k     1032.18k     1034.24k     1035.60k
-md5               3574.93k    15517.05k    25482.67k    30434.31k    32210.51k
-hmac(md5)         1261.54k     7757.15k    18025.46k    27081.21k    31653.27k
-sha1              2251.89k    10056.84k    16990.19k    20651.04k    21973.29k
-rmd160            1615.49k     7017.13k    11601.11k    13875.62k    14690.31k
-rc4              22435.16k    24476.40k    24349.95k    23042.36k    24581.53k
-des cbc           5198.38k     6559.04k     6775.43k     6827.87k     6875.82k
-des ede3          2257.73k     2602.18k     2645.60k     2657.12k     2670.59k
-idea cbc          3694.42k     4125.61k     4180.74k     4193.28k     4192.94k
-rc2 cbc           4642.47k     5323.85k     5415.42k     5435.86k     5434.03k
-rc5-32/12 cbc     9705.26k    13277.79k    13843.46k    13989.66k    13987.57k
-blowfish cbc      7861.28k    10852.34k    11447.98k    11616.97k    11667.54k
-cast cbc          6718.13k     8599.98k     8967.17k     9070.81k     9099.28k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0018s   0.0002s    555.9   6299.5
-rsa 1024 bits   0.0081s   0.0005s    123.3   2208.7
-rsa 2048 bits   0.0489s   0.0015s     20.4    648.5
-rsa 4096 bits   0.3402s   0.0057s      2.9    174.7
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0019s   0.0032s    529.0    310.2
-dsa 1024 bits   0.0047s   0.0086s    214.1    115.7
-dsa 2048 bits   0.0150s   0.0289s     66.7     34.6
-
diff --git a/crypto/openssl/times/091/alpha164.osf b/crypto/openssl/times/091/alpha164.osf
deleted file mode 100644
index df712c689ff2..000000000000
--- a/crypto/openssl/times/091/alpha164.osf
+++ /dev/null
@@ -1,31 +0,0 @@
-Alpha EV5.6 (21164A) 400mhz, OSF1 V4.0
-
-SSLeay 0.9.0 10-Apr-1998
-built on Sun Apr 19 07:54:37 EST 1998
-options:bn(64,64) md2(int) rc4(ptr,int) des(ptr,risc2,4,int) idea(int) blowfish(idx) 
-C flags:cc -O4 -tune host -fast
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                276.30k      762.07k     1034.35k     1134.07k     1160.53k
-mdc2               814.99k      845.83k      849.09k      850.33k      849.24k
-md5               2468.43k    10945.27k    17963.48k    21430.89k    22544.38k
-hmac(md5)         1002.48k     6023.98k    13430.99k    19344.17k    22351.80k
-sha1              1984.93k     8882.47k    14856.47k    17878.70k    18955.10k
-rmd160            1286.96k     5595.52k     9167.00k    10957.74k    11582.30k
-rc4              15948.15k    16710.29k    16793.20k    17929.50k    18474.56k
-des cbc           3416.04k     4149.37k     4296.25k     4328.89k     4327.57k
-des ede3          1540.14k     1683.36k     1691.14k     1705.90k     1705.22k
-idea cbc          2795.87k     3192.93k     3238.13k     3238.17k     3256.66k
-rc2 cbc           3529.00k     4069.93k     4135.79k     4135.25k     4160.07k
-rc5-32/12 cbc     7212.35k     9849.71k    10260.91k    10423.38k    10439.99k
-blowfish cbc      6061.75k     8363.50k     8706.80k     8779.40k     8784.55k
-cast cbc          5401.75k     6433.31k     6638.18k     6662.40k     6702.80k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0022s   0.0002s    449.6   4916.2
-rsa 1024 bits   0.0105s   0.0006s     95.3   1661.2
-rsa 2048 bits   0.0637s   0.0020s     15.7    495.6
-rsa 4096 bits   0.4457s   0.0075s      2.2    132.7
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0028s   0.0048s    362.2    210.4
-dsa 1024 bits   0.0064s   0.0123s    155.2     81.6
-dsa 2048 bits   0.0201s   0.0394s     49.7     25.4
diff --git a/crypto/openssl/times/091/mips-rel.pl b/crypto/openssl/times/091/mips-rel.pl
deleted file mode 100644
index 4b2509315a41..000000000000
--- a/crypto/openssl/times/091/mips-rel.pl
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/local/bin/perl
-
-&doit(100,"Pentium   100 32",0.0195,0.1000,0.6406,4.6100);	# pentium-100
-&doit(200,"PPro      200 32",0.0070,0.0340,0.2087,1.4700);	# pentium-100
-&doit( 25,"R3000      25 32",0.0860,0.4825,3.2417,23.8833);	# R3000-25
-&doit(200,"R4400     200 32",0.0137,0.0717,0.4730,3.4367);	# R4400 32bit
-&doit(180,"R10000    180 32",0.0061,0.0311,0.1955,1.3871);	# R10000 32bit
-&doit(180,"R10000    180 64",0.0034,0.0149,0.0880,0.5933);	# R10000 64bit
-&doit(400,"DEC 21164 400 64",0.0022,0.0105,0.0637,0.4457);	# R10000 64bit
-
-sub doit
-	{
-	local($mhz,$label,@data)=@_;
-
-	for ($i=0; $i <= $#data; $i++)
-		{
-		$data[$i]=1/$data[$i]*200/$mhz;
-		}
-	printf("%s %6.1f %6.1f %6.1f %6.1f\n",$label,@data);
-	}
-
diff --git a/crypto/openssl/times/091/r10000.irx b/crypto/openssl/times/091/r10000.irx
deleted file mode 100644
index 237ee5d19291..000000000000
--- a/crypto/openssl/times/091/r10000.irx
+++ /dev/null
@@ -1,37 +0,0 @@
-MIPS R10000 32kI+32kD 180mhz, IRIX 6.4
-
-Using crypto/bn/mips3.s
-
-This is built for n32, which is faster for all benchmarks than the n64
-compilation model
-
-SSLeay 0.9.0b 19-Apr-1998
-built on Sat Apr 25 12:43:14 EST 1998
-options:bn(64,64) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(ptr) 
-C flags:cc -use_readonly_const -O2 -DTERMIOS -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                126.38k      349.38k      472.67k      517.01k      529.81k
-mdc2               501.64k      545.87k      551.80k      553.64k      554.41k
-md5               1825.77k     7623.64k    12630.47k    15111.74k    16012.09k
-hmac(md5)          780.81k     4472.86k     9667.22k    13802.67k    15777.89k
-sha1              1375.52k     6213.91k    11037.30k    13682.01k    14714.09k
-rmd160             856.72k     3454.40k     5598.33k     6689.94k     7073.48k
-rc4              11260.93k    13311.50k    13360.05k    13322.17k    13364.39k
-des cbc           2770.78k     3055.42k     3095.18k     3092.48k     3103.03k
-des ede3          1023.22k     1060.58k     1063.81k     1070.37k     1064.54k
-idea cbc          3029.09k     3334.30k     3375.29k     3375.65k     3380.64k
-rc2 cbc           2307.45k     2470.72k     2501.25k     2500.68k     2500.55k
-rc5-32/12 cbc     6770.91k     8629.89k     8909.58k     9009.64k     9044.95k
-blowfish cbc      4796.53k     5598.20k     5717.14k     5755.11k     5749.86k
-cast cbc          3986.20k     4426.17k     4465.04k     4476.84k     4475.08k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0034s   0.0003s    296.1   3225.4
-rsa 1024 bits   0.0139s   0.0008s     71.8   1221.8
-rsa 2048 bits   0.0815s   0.0026s     12.3    380.3
-rsa 4096 bits   0.5656s   0.0096s      1.8    103.7
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0034s   0.0061s    290.8    164.9
-dsa 1024 bits   0.0084s   0.0161s    119.1     62.3
-dsa 2048 bits   0.0260s   0.0515s     38.5     19.4
-
diff --git a/crypto/openssl/times/091/r3000.ult b/crypto/openssl/times/091/r3000.ult
deleted file mode 100644
index ecd33908bbd6..000000000000
--- a/crypto/openssl/times/091/r3000.ult
+++ /dev/null
@@ -1,32 +0,0 @@
-MIPS R3000 64kI+64kD 25mhz, ultrix 4.3
-
-SSLeay 0.9.0b 19-Apr-1998
-built on Thu Apr 23 07:22:31 EST 1998
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(idx) 
-C flags:cc -O2 -DL_ENDIAN -DNOPROTO -DNOCONST
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 14.63k       40.65k       54.70k       60.07k       61.78k
-mdc2                29.43k       37.27k       38.23k       38.57k       38.60k
-md5                140.04k      676.59k     1283.84k     1654.10k     1802.24k
-hmac(md5)           60.51k      378.90k      937.82k     1470.46k     1766.74k
-sha1                60.77k      296.79k      525.40k      649.90k      699.05k
-rmd160              48.82k      227.16k      417.19k      530.31k      572.05k
-rc4                904.76k      996.20k     1007.53k     1015.65k     1010.35k
-des cbc            178.87k      209.39k      213.42k      215.55k      214.53k
-des ede3            74.25k       79.30k       80.40k       80.21k       80.14k
-idea cbc           181.02k      209.37k      214.44k      214.36k      213.83k
-rc2 cbc            161.52k      184.98k      187.99k      188.76k      189.05k
-rc5-32/12 cbc      398.99k      582.91k      614.66k      626.07k      621.87k
-blowfish cbc       296.38k      387.69k      405.50k      412.57k      410.05k
-cast cbc           214.76k      260.63k      266.92k      268.63k      258.26k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0870s   0.0089s     11.5    112.4
-rsa 1024 bits   0.4881s   0.0295s      2.0     33.9
-rsa 2048 bits   3.2750s   0.1072s      0.3      9.3
-rsa 4096 bits  23.9833s   0.4093s      0.0      2.4
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0898s   0.1706s     11.1      5.9
-dsa 1024 bits   0.2847s   0.5565s      3.5      1.8
-dsa 2048 bits   1.0267s   2.0433s      1.0      0.5
-
diff --git a/crypto/openssl/times/091/r4400.irx b/crypto/openssl/times/091/r4400.irx
deleted file mode 100644
index 9b96ca110a9c..000000000000
--- a/crypto/openssl/times/091/r4400.irx
+++ /dev/null
@@ -1,32 +0,0 @@
-R4400 16kI+16kD 200mhz, Irix 5.3
-
-SSLeay 0.9.0e 27-Apr-1998
-built on Sun Apr 26 07:26:05 PDT 1998
-options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(ptr) 
-C flags:cc -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 79.80k      220.59k      298.01k      327.06k      338.60k
-mdc2               262.74k      285.30k      289.16k      288.36k      288.49k
-md5                930.35k     4167.13k     7167.91k     8678.23k     9235.86k
-hmac(md5)          399.44k     2367.57k     5370.74k     7884.28k     9076.98k
-sha1               550.96k     2488.17k     4342.76k     5362.50k     5745.40k
-rmd160             424.58k     1752.83k     2909.67k     3486.08k     3702.89k
-rc4               6687.79k     7834.63k     7962.61k     8035.65k     7915.28k
-des cbc           1544.20k     1725.94k     1748.35k     1758.17k     1745.61k
-des ede3           587.29k      637.75k      645.93k      643.17k      646.01k
-idea cbc          1575.52k     1719.75k     1732.41k     1736.69k     1740.11k
-rc2 cbc           1496.21k     1629.90k     1643.19k     1652.14k     1646.62k
-rc5-32/12 cbc     3452.48k     4276.47k     4390.74k     4405.25k     4400.12k
-blowfish cbc      2354.58k     3242.36k     3401.11k     3433.65k     3383.65k
-cast cbc          1942.22k     2152.28k     2187.51k     2185.67k     2177.20k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0130s   0.0014s     76.9    729.8
-rsa 1024 bits   0.0697s   0.0043s     14.4    233.9
-rsa 2048 bits   0.4664s   0.0156s      2.1     64.0
-rsa 4096 bits   3.4067s   0.0586s      0.3     17.1
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0140s   0.0261s     71.4     38.4
-dsa 1024 bits   0.0417s   0.0794s     24.0     12.6
-dsa 2048 bits   0.1478s   0.2929s      6.8      3.4
-
diff --git a/crypto/openssl/times/100.lnx b/crypto/openssl/times/100.lnx
deleted file mode 100644
index d0f45371d664..000000000000
--- a/crypto/openssl/times/100.lnx
+++ /dev/null
@@ -1,32 +0,0 @@
-SSLeay 0.8.4c 03-Aug-1999
-built on Tue Nov  4 02:52:29 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                53.27k      155.95k      201.30k      216.41k      236.78k
-mdc2              192.98k      207.98k      206.76k      206.17k      208.87k
-md5               993.15k     5748.27k    11944.70k    16477.53k    18287.27k
-hmac(md5)         404.97k     2787.58k     7690.07k    13744.43k    17601.88k
-sha1              563.24k     2851.67k     5363.71k     6879.23k     7441.07k
-rc4              7876.70k    10400.85k    10825.90k    10943.49k    10745.17k
-des cbc          2047.39k     2188.25k     2188.29k     2239.49k     2233.69k
-des ede3          660.55k      764.01k      773.55k      779.21k      780.97k
-idea cbc          653.93k      708.48k      715.43k      719.87k      720.90k
-rc2 cbc           648.08k      702.23k      708.78k      711.00k      709.97k
-blowfish cbc     3764.39k     4288.66k     4375.04k     4497.07k     4423.68k
-cast cbc         2757.14k     2993.75k     3035.31k     3078.90k     3055.62k
-
-blowfish cbc     3258.81k     3673.47k     3767.30k     3774.12k     3719.17k
-cast cbc         2677.05k     3164.78k     3273.05k     3287.38k     3244.03k
-
-
-                  sign    verify
-rsa  512 bits   0.0213s   0.0020s
-rsa 1024 bits   0.1073s   0.0063s
-rsa 2048 bits   0.6873s   0.0224s
-rsa 4096 bits   4.9333s   0.0845s
-                  sign    verify
-dsa  512 bits   0.0201s   0.0385s
-dsa 1024 bits   0.0604s   0.1190s
-dsa 2048 bits   0.2121s   0.4229s
diff --git a/crypto/openssl/times/100.nt b/crypto/openssl/times/100.nt
deleted file mode 100644
index 0dd7cfc478e1..000000000000
--- a/crypto/openssl/times/100.nt
+++ /dev/null
@@ -1,29 +0,0 @@
-SSLeay 0.8.4c 03-Aug-1999
-built on Tue Aug  3 09:49:58 EST 1999
-options:bn(64,32) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(
-ptr2)
-C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN
-_ASM -DMD5_ASM -DSHA1_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                93.07k      258.38k      349.03k      382.83k      392.87k
-mdc2              245.80k      259.02k      259.34k      259.16k      260.14k
-md5              1103.42k     6017.65k    12210.49k    16552.11k    18291.77k
-hmac(md5)         520.15k     3394.00k     8761.86k    14593.96k    17742.40k
-sha1              538.06k     2726.76k     5242.22k     6821.12k     7426.18k
-rc4              8283.90k    10513.09k    10886.38k    10929.50k    10816.75k
-des cbc          2073.10k     2232.91k     2251.61k     2256.46k     2232.44k
-des ede3          758.85k      782.46k      786.14k      786.08k      781.24k
-idea cbc          831.02k      892.63k      901.07k      903.48k      901.85k
-rc2 cbc           799.89k      866.09k      873.96k      876.22k      874.03k
-blowfish cbc     3835.32k     4418.78k     4511.94k     4494.54k     4416.92k
-cast cbc         2974.68k     3272.71k     3313.04k     3335.17k     3261.51k
-                  sign    verify
-rsa  512 bits   0.0202s   0.0019s
-rsa 1024 bits   0.1029s   0.0062s
-rsa 2048 bits   0.6770s   0.0220s
-rsa 4096 bits   4.8770s   0.0838s
-                  sign    verify
-dsa  512 bits   0.0191s   0.0364s
-dsa 1024 bits   0.0590s   0.1141s
-dsa 2048 bits   0.2088s   0.4171s
diff --git a/crypto/openssl/times/200.lnx b/crypto/openssl/times/200.lnx
deleted file mode 100644
index fd7e7f4e92b3..000000000000
--- a/crypto/openssl/times/200.lnx
+++ /dev/null
@@ -1,30 +0,0 @@
-This machine was slightly loaded :-(
-
-SSLeay 0.8.4c 03-Aug-1999
-built on Tue Nov  4 02:52:29 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               130.86k      365.31k      499.60k      547.75k      561.41k
-mdc2              526.03k      581.38k      587.12k      586.31k      589.60k
-md5              1919.49k    11173.23k    22387.60k    29553.47k    32587.21k
-hmac(md5)         747.09k     5248.35k    14275.44k    24713.26k    31737.13k
-sha1             1336.63k     6400.50k    11668.67k    14648.83k    15700.85k
-rc4             15002.32k    21327.21k    22301.63k    22503.78k    22549.26k
-des cbc          4115.16k     4521.08k     4632.37k     4607.28k     4570.57k
-des ede3         1540.29k     1609.76k     1623.64k     1620.76k     1624.18k
-idea cbc         2405.08k     2664.78k     2704.22k     2713.95k     2716.29k
-rc2 cbc          1634.07k     1764.30k     1780.23k     1790.27k     1788.12k
-blowfish cbc     5993.98k     6927.27k     7083.61k     7088.40k     7123.72k
-cast cbc         5981.52k     6900.44k     7079.70k     7110.40k     7057.72k
-                  sign    verify
-rsa  512 bits   0.0085s   0.0007s
-rsa 1024 bits   0.0377s   0.0020s
-rsa 2048 bits   0.2176s   0.0067s
-rsa 4096 bits   1.4800s   0.0242s
-sign    verify
-dsa  512 bits   0.0071s   0.0132s
-dsa 1024 bits   0.0192s   0.0376s
-dsa 2048 bits   0.0638s   0.1280s
-
diff --git a/crypto/openssl/times/486-66.dos b/crypto/openssl/times/486-66.dos
deleted file mode 100644
index 1644bf8022a3..000000000000
--- a/crypto/openssl/times/486-66.dos
+++ /dev/null
@@ -1,22 +0,0 @@
-MS-dos static libs, 16bit C build, 16bit assember
-
-SSLeay 0.6.1
-options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
-C flags:cl /ALw /Gx- /Gf /f- /Ocgnotb2 /G2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -D
-NO_SOCK
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             18.62k       55.54k       76.88k       85.39k       86.52k
-md5             94.03k      442.06k      794.38k      974.51k     1061.31k
-sha             38.37k      166.23k      272.78k      331.41k      353.77k
-sha1            34.38k      147.77k      244.77k      292.57k      312.08k
-rc4            641.25k      795.34k      817.16k      829.57k      817.16k
-des cfb        111.46k      118.08k      120.69k      119.16k      119.37k
-des cbc        122.96k      135.69k      137.10k      135.69k      135.40k
-des ede3        48.01k       50.92k       50.32k       50.96k       50.96k
-idea cfb        97.09k      100.21k      100.36k      101.14k      100.98k
-idea cbc       102.08k      109.41k      111.46k      111.65k      110.52k
-rc2 cfb        120.47k      125.55k      125.79k      125.55k      125.55k
-rc2 cbc        129.77k      140.33k      143.72k      142.16k      141.85k
-rsa  512 bits   0.264s
-rsa 1024 bits   1.494s
diff --git a/crypto/openssl/times/486-66.nt b/crypto/openssl/times/486-66.nt
deleted file mode 100644
index b26a9005d63e..000000000000
--- a/crypto/openssl/times/486-66.nt
+++ /dev/null
@@ -1,22 +0,0 @@
-SSLeay 0.6.1 02-Jul-1996
-built on Fri Jul 10 09:53:15 EST 1996
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,long) idea(int)
-C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /nologo -DWIN32 -DL_ENDIAN /MD
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             38.27k      107.28k      145.43k      159.60k      164.15k
-md5            399.00k     1946.13k     3610.80k     4511.94k     4477.27k
-sha            182.04k      851.26k     1470.65k     1799.20k     1876.48k
-sha1           151.83k      756.55k     1289.76k     1567.38k     1625.70k
-rc4           1853.92k     2196.25k     2232.91k     2241.31k     2152.96k
-des cfb        360.58k      382.69k      384.94k      386.07k      377.19k
-des cbc        376.10k      431.87k      436.32k      437.78k      430.45k
-des ede3       152.55k      160.38k      161.51k      161.33k      159.98k
-idea cfb       245.59k      255.60k      256.65k      257.16k      254.61k
-idea cbc       257.16k      276.12k      279.05k      279.11k      276.70k
-rc2 cfb        280.25k      293.49k      294.74k      294.15k      291.47k
-rc2 cbc        295.47k      321.57k      324.76k      324.76k      320.00k
-rsa  512 bits   0.084s
-rsa 1024 bits   0.495s
-rsa 2048 bits   3.435s
-
diff --git a/crypto/openssl/times/486-66.w31 b/crypto/openssl/times/486-66.w31
deleted file mode 100644
index 381f149b3286..000000000000
--- a/crypto/openssl/times/486-66.w31
+++ /dev/null
@@ -1,23 +0,0 @@
-Windows 3.1 DLL's, 16 bit C with 32bit assember
-
-SSLeay 0.6.1 02-Jul-1996
-built on Wed Jul 10 09:53:15 EST 1996
-options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
-C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             18.94k       54.27k       73.43k       80.91k       83.75k
-md5             78.96k      391.26k      734.30k      919.80k      992.97k
-sha             39.01k      168.04k      280.67k      336.08k      359.10k
-sha1            35.20k      150.14k      247.31k      294.54k      313.94k
-rc4            509.61k      655.36k      678.43k      677.02k      670.10k
-des cfb         97.09k      104.69k      106.56k      105.70k      106.56k
-des cbc        116.82k      129.77k      131.07k      131.07k      131.07k
-des ede3        44.22k       47.90k       48.53k       48.47k       47.86k
-idea cfb        83.49k       87.03k       87.03k       87.15k       87.73k
-idea cbc        89.04k       96.23k       96.95k       97.81k       97.09k
-rc2 cfb        108.32k      113.58k      113.78k      114.57k      114.77k
-rc2 cbc        118.08k      131.07k      134.02k      134.02k      132.66k
-rsa  512 bits   0.181s
-rsa 1024 bits   0.846s
-
diff --git a/crypto/openssl/times/5.lnx b/crypto/openssl/times/5.lnx
deleted file mode 100644
index 1c1e392a2956..000000000000
--- a/crypto/openssl/times/5.lnx
+++ /dev/null
@@ -1,29 +0,0 @@
-SSLeay 0.8.5g 24-Jan-1998
-built on Tue Jan 27 08:11:42 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 56.55k      156.69k      211.63k      231.77k      238.71k
-mdc2               192.26k      208.09k      210.09k      209.58k      210.26k
-md5                991.04k     5745.51k    11932.67k    16465.24k    18306.39k
-hmac(md5)          333.99k     2383.89k     6890.67k    13133.82k    17397.08k
-sha1               571.68k     2883.88k     5379.07k     6880.26k     7443.80k
-rmd160             409.41k     2212.91k     4225.45k     5456.55k     5928.28k
-rc4               6847.57k     8596.22k     8901.80k     8912.90k     8850.09k
-des cbc           2046.29k     2229.78k     2254.76k     2259.97k     2233.69k
-des ede3           751.11k      779.95k      783.96k      784.38k      780.97k
-idea cbc           653.40k      708.29k      718.42k      720.21k      720.90k
-rc2 cbc            647.19k      702.46k      709.21k      710.66k      709.97k
-rc5-32/12 cbc     3498.18k     4054.12k     4133.46k     4151.64k     4139.69k
-blowfish cbc      3763.95k     4437.74k     4532.74k     4515.50k     4448.26k
-cast cbc          2754.22k     3020.67k     3079.08k     3069.95k     3036.50k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0207s   0.0020s     48.3    511.3
-rsa 1024 bits   0.1018s   0.0059s      9.8    169.6
-rsa 2048 bits   0.6438s   0.0208s      1.6     48.0
-rsa 4096 bits   4.6033s   0.0793s      0.2     12.6
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0190s   0.0359s     52.6     27.8
-dsa 1024 bits   0.0566s   0.1109s     17.7      9.0
-dsa 2048 bits   0.1988s   0.3915s      5.0      2.6
diff --git a/crypto/openssl/times/586-085i.nt b/crypto/openssl/times/586-085i.nt
deleted file mode 100644
index 8a5797526f2e..000000000000
--- a/crypto/openssl/times/586-085i.nt
+++ /dev/null
@@ -1,29 +0,0 @@
-SSLeay 0.8.5i 28-Jan-1998
-built on Wed Jan 28 18:00:07 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
-C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                 92.74k      257.59k      348.16k      381.79k      392.14k
-mdc2               227.65k      247.82k      249.90k      250.65k      250.20k
-md5               1089.54k     5966.29k    12104.77k    16493.53k    18204.44k
-hmac(md5)          513.53k     3361.36k     8725.41k    14543.36k    17593.56k
-sha1               580.74k     2880.51k     5376.62k     6865.78k     7413.05k
-rmd160             508.06k     2427.96k     4385.51k     5510.84k     5915.80k
-rc4               8004.40k    10408.74k    10794.48k    10884.12k    10728.22k
-des cbc           2057.24k     2222.97k     2246.79k     2209.39k     2223.44k
-des ede3           739.42k      761.99k      765.48k      760.26k      760.97k
-idea cbc           827.08k      889.60k      898.83k      901.15k      897.98k
-rc2 cbc            795.64k      861.04k      871.13k      872.58k      871.13k
-rc5-32/12 cbc     3597.17k     4139.66k     4204.39k     4223.02k     4204.39k
-blowfish cbc      3807.47k     3996.10k     4156.07k     4204.39k     4105.62k
-cast cbc          2777.68k     2814.21k     2892.62k     2916.76k     2868.88k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0178s   0.0018s     56.3    541.6
-rsa 1024 bits   0.0945s   0.0059s     10.6    168.3
-rsa 2048 bits   0.6269s   0.0208s      1.6     48.0
-rsa 4096 bits   4.5560s   0.0784s      0.2     12.8
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0178s   0.0340s     56.2     29.4
-dsa 1024 bits   0.0552s   0.1077s     18.1      9.3
-dsa 2048 bits   0.1963s   0.3811s      5.1      2.6
diff --git a/crypto/openssl/times/586-100.LN3 b/crypto/openssl/times/586-100.LN3
deleted file mode 100644
index a6fa818f4bec..000000000000
--- a/crypto/openssl/times/586-100.LN3
+++ /dev/null
@@ -1,26 +0,0 @@
-SSLeay 0.8.3v 15-Oct-1997
-built on Wed Oct 15 10:05:00 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                56.27k      156.76k      211.46k      231.77k      238.71k
-mdc2              188.74k      206.12k      207.70k      207.87k      208.18k
-md5               991.56k     5718.31k    11748.61k    16090.79k    17850.37k
-hmac(md5)         387.56k     2636.01k     7327.83k    13340.33k    17091.24k
-sha1              463.55k     2274.18k     4071.17k     5072.90k     5447.68k
-rc4              3673.94k     4314.52k     4402.26k     4427.09k     4407.30k
-des cbc          2023.79k     2209.77k     2233.34k     2220.71k     2222.76k
-des ede3          747.17k      778.54k      781.57k      778.24k      778.24k
-idea cbc          614.64k      678.04k      683.52k      685.06k      685.40k
-rc2 cbc           536.83k      574.10k      578.05k      579.24k      578.90k
-blowfish cbc     3673.39k     4354.58k     4450.22k     4429.48k     4377.26k
-                  sign    verify
-rsa  512 bits   0.0217s   0.0021s
-rsa 1024 bits   0.1083s   0.0064s
-rsa 2048 bits   0.6867s   0.0223s
-rsa 4096 bits   4.9400s   0.0846s
-                  sign    verify
-dsa  512 bits   0.0203s   0.0387s
-dsa 1024 bits   0.0599s   0.1170s
-dsa 2048 bits   0.2115s   0.4242s
diff --git a/crypto/openssl/times/586-100.NT2 b/crypto/openssl/times/586-100.NT2
deleted file mode 100644
index 7f8c167b4692..000000000000
--- a/crypto/openssl/times/586-100.NT2
+++ /dev/null
@@ -1,26 +0,0 @@
-SSLeay 0.8.3e 30-Sep-1997
-built on Tue Sep 30 14:52:58 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
-C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DX86_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                92.99k      257.59k      348.16k      381.47k      392.14k
-mdc2              223.77k      235.30k      237.15k      236.77k      237.29k
-md5               862.53k     4222.17k     7842.75k     9925.00k    10392.23k
-sha               491.34k     2338.61k     4062.28k     4986.10k     5307.90k
-sha1              494.38k     2234.94k     3838.83k     4679.58k     4980.18k
-rc4              6338.10k     7489.83k     7676.25k     7698.80k     7631.56k
-des cbc          1654.17k     1917.66k     1961.05k     1968.05k     1960.69k
-des ede3          691.17k      739.42k      744.13k      745.82k      741.40k
-idea cbc          788.46k      870.33k      879.16k      881.38k      879.90k
-rc2 cbc           794.44k      859.63k      868.24k      869.68k      867.45k
-blowfish cbc     2379.88k     3017.48k     3116.12k     3134.76k     3070.50k
-                  sign    verify
-rsa  512 bits   0.0204s   0.0027s
-rsa 1024 bits   0.1074s   0.0032s
-rsa 2048 bits   0.6890s   0.0246s
-rsa 4096 bits   5.0180s   0.0911s
-                  sign    verify
-dsa  512 bits   0.0201s   0.0376s
-dsa 1024 bits   0.0608s   0.1193s
-dsa 2048 bits   0.2133s   0.4294s
diff --git a/crypto/openssl/times/586-100.dos b/crypto/openssl/times/586-100.dos
deleted file mode 100644
index 3085c256b119..000000000000
--- a/crypto/openssl/times/586-100.dos
+++ /dev/null
@@ -1,24 +0,0 @@
-ms-dos static libs, 16 bit C and 16 bit assmber 
-
-SSLeay 0.6.1 02-Jul-1996
-built on Tue Jul  9 22:52:54 EST 1996
-options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
-C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -DNO_SOCK
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             45.99k      130.75k      176.53k      199.35k      203.21k
-md5            236.17k     1072.16k     1839.61k     2221.56k     2383.13k
-sha            107.97k      459.10k      757.64k      908.64k      954.99k
-sha1            96.95k      409.92k      672.16k      788.40k      844.26k
-rc4           1659.14k     1956.30k     2022.72k     2022.72k     2022.72k
-des cfb        313.57k      326.86k      326.86k      331.83k      326.86k
-des cbc        345.84k      378.82k      378.82k      384.38k      378.82k
-des ede3       139.59k      144.66k      144.61k      144.45k      143.29k
-idea cfb       262.67k      274.21k      274.21k      274.21k      274.21k
-idea cbc       284.32k      318.14k      318.14k      318.14k      318.14k
-rc2 cfb        265.33k      274.21k      277.69k      277.11k      277.69k
-rc2 cbc        283.71k      310.60k      309.86k      313.57k      314.32k
-rsa  512 bits   0.104s
-rsa 1024 bits   0.566s
-rsa 2048 bits   3.680s
-rsa 4096 bits  26.740s
diff --git a/crypto/openssl/times/586-100.ln4 b/crypto/openssl/times/586-100.ln4
deleted file mode 100644
index 14a9db912be3..000000000000
--- a/crypto/openssl/times/586-100.ln4
+++ /dev/null
@@ -1,26 +0,0 @@
-SSLeay 0.8.3aa 24-Oct-1997
-built on Mon Oct 27 10:16:25 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                56.78k      156.71k      211.46k      231.77k      238.71k
-mdc2              187.45k      200.49k      201.64k      202.75k      202.77k
-md5              1002.51k     5798.66k    11967.15k    16449.19k    18251.78k
-hmac(md5)         468.71k     3173.46k     8386.99k    14305.56k    17607.34k
-sha1              586.98k     2934.87k     5393.58k     6863.19k     7408.30k
-rc4              3675.10k     4314.15k     4402.77k     4427.78k     4404.57k
-des cbc          1902.96k     2202.01k     2242.30k     2252.46k     2236.42k
-des ede3          700.15k      774.23k      783.70k      781.62k      783.70k
-idea cbc          618.46k      677.93k      683.61k      685.40k      685.40k
-rc2 cbc           536.97k      573.87k      577.96k      579.24k      578.90k
-blowfish cbc     3672.66k     4271.89k     4428.80k     4469.76k     4374.53k
-                  sign    verify
-rsa  512 bits   0.0213s   0.0021s
-rsa 1024 bits   0.1075s   0.0063s
-rsa 2048 bits   0.6853s   0.0224s
-rsa 4096 bits   4.9400s   0.0845s
-                  sign    verify
-dsa  512 bits   0.0203s   0.0380s
-dsa 1024 bits   0.0600s   0.1189s
-dsa 2048 bits   0.2110s   0.4250s
diff --git a/crypto/openssl/times/586-100.lnx b/crypto/openssl/times/586-100.lnx
deleted file mode 100644
index 0c051738c641..000000000000
--- a/crypto/openssl/times/586-100.lnx
+++ /dev/null
@@ -1,23 +0,0 @@
-SSLeay 0.7.3 30-Apr-1997
-built on Mon May 12 04:13:55 EST 1997
-options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                72.95k      202.77k      274.01k      300.37k      309.23k
-md5               770.57k     4094.02k     7409.41k     9302.36k     9986.05k
-sha               363.05k     1571.07k     2613.85k     3134.81k     3320.49k
-sha1              340.94k     1462.85k     2419.20k     2892.12k     3042.35k
-rc4              3676.91k     4314.94k     4407.47k     4430.51k     4412.76k
-des cbc          1489.95k     1799.08k     1841.66k     1851.73k     1848.66k
-des ede3          621.93k      711.19k      726.10k      729.77k      729.09k
-idea cbc          618.16k      676.99k      683.09k      684.37k      683.59k
-rc2 cbc           537.59k      573.93k      578.56k      579.58k      579.70k
-blowfish cbc     2077.57k     2682.20k     2827.18k     2840.92k     2842.62k
-rsa  512 bits   0.024s   0.003
-rsa 1024 bits   0.120s   0.003
-rsa 2048 bits   0.751s   0.026
-rsa 4096 bits   5.320s   0.096
-dsa  512 bits   0.022s   0.042
-dsa 1024 bits   0.065s   0.126
-dsa 2048 bits   0.227s   0.449
diff --git a/crypto/openssl/times/586-100.nt b/crypto/openssl/times/586-100.nt
deleted file mode 100644
index 9adcac31050a..000000000000
--- a/crypto/openssl/times/586-100.nt
+++ /dev/null
@@ -1,23 +0,0 @@
-SSLeay 0.7.3 30-Apr-1997
-built on Mon May 19 10:47:38 EST 1997
-options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
-C flags not available
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                89.57k      245.94k      331.59k      362.95k      373.29k
-md5               858.93k     4175.51k     7700.21k     9715.78k    10369.11k
-sha               466.18k     2103.67k     3607.69k     4399.31k     4669.16k
-sha1              449.59k     2041.02k     3496.13k     4256.45k     4512.92k
-rc4              5862.55k     7447.27k     7698.80k     7768.38k     7653.84k
-des cbc          1562.71k     1879.84k     1928.24k     1938.93k     1911.02k
-des ede3          680.27k      707.97k      728.62k      733.15k      725.98k
-idea cbc          797.46k      885.85k      895.68k      898.06k      896.45k
-rc2 cbc           609.46k      648.75k      654.01k      654.42k      653.60k
-blowfish cbc     2357.94k     3000.22k     3106.89k     3134.76k     3080.42k
-rsa  512 bits   0.022s   0.003
-rsa 1024 bits   0.112s   0.003
-rsa 2048 bits   0.726s   0.026
-rsa 4096 bits   5.268s   0.095
-dsa  512 bits   0.021s   0.039
-dsa 1024 bits   0.063s   0.127
-dsa 2048 bits   0.224s   0.451
diff --git a/crypto/openssl/times/586-100.ntx b/crypto/openssl/times/586-100.ntx
deleted file mode 100644
index 35166a5e9785..000000000000
--- a/crypto/openssl/times/586-100.ntx
+++ /dev/null
@@ -1,30 +0,0 @@
-SSLeay 0.8.5f 22-Jan-1998
-built on Wed Jan 21 17:11:53 EST 1998
-options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
-ptr2)
-C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
--DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                92.99k      257.43k      347.84k      381.82k      392.14k
-mdc2              232.19k      253.68k      257.57k      258.70k      258.70k
-md5              1094.09k     5974.79k    12139.81k    16487.04k    18291.77k
-hmac(md5)         375.70k     2590.04k     7309.70k    13469.18k    17447.19k
-sha1              613.78k     2982.93k     5446.44k     6889.46k     7424.86k
-rmd160            501.23k     2405.68k     4367.25k     5503.61k     5915.80k
-rc4              8167.75k    10429.44k    10839.12k    10929.50k    10772.30k
-des cbc          2057.24k     2218.27k     2237.20k     2227.69k     2213.59k
-des ede3          719.63k      727.11k      728.77k      719.56k      722.97k
-idea cbc          827.67k      888.85k      898.06k      900.30k      898.75k
-rc2 cbc           797.46k      862.53k      870.33k      872.58k      870.40k
-blowfish cbc     3835.32k     4435.60k     4513.89k     4513.89k     4416.92k
-cast cbc         2785.06k     3052.62k     3088.59k     3034.95k     3034.95k
-                  sign    verify    sign/s verify/s
-rsa  512 bits   0.0202s   0.0020s     49.4    500.2
-rsa 1024 bits   0.1030s   0.0063s      9.7    159.4
-rsa 2048 bits   0.6740s   0.0223s      1.5     44.9
-rsa 4096 bits   4.8970s   0.0844s      0.2     11.8
-                  sign    verify    sign/s verify/s
-dsa  512 bits   0.0191s   0.0361s     52.4     27.7
-dsa 1024 bits   0.0587s   0.1167s     17.0      8.6
-dsa 2048 bits   0.2091s   0.4123s      4.8      2.4
diff --git a/crypto/openssl/times/586-100.w31 b/crypto/openssl/times/586-100.w31
deleted file mode 100644
index d5b1c102435e..000000000000
--- a/crypto/openssl/times/586-100.w31
+++ /dev/null
@@ -1,27 +0,0 @@
-Pentium 100, Windows 3.1 DLL's, 16 bit C, 32bit assember.
-
-Running under Windows NT 4.0 Beta 2
-
-SSLeay 0.6.4 20-Aug-1996
-built on Thu Aug 22 08:44:21 EST 1996
-options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
-C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             45.83k      128.82k      180.17k      194.90k      198.59k
-md5            224.82k     1038.19k     1801.68k     2175.47k     2330.17k
-sha            105.11k      448.11k      739.48k      884.13k      944.66k
-sha1            94.71k      402.99k      667.88k      795.58k      844.26k
-rc4           1614.19k     1956.30k     2022.72k     2022.72k     2022.72k
-des cfb        291.27k      318.14k      318.14k      318.14k      322.84k
-des cbc        326.86k      356.17k      362.08k      362.08k      367.15k
-des ede3       132.40k      139.57k      139.53k      139.37k      140.97k
-idea cfb       265.33k      280.67k      280.67k      277.69k      281.27k
-idea cbc       274.21k      302.01k      306.24k      306.24k      305.53k
-rc2 cfb        264.79k      274.21k      274.78k      274.21k      274.21k
-rc2 cbc        281.27k      306.24k      309.86k      305.53k      309.86k
-rsa  512 bits   0.058s
-rsa 1024 bits   0.280s
-rsa 2048 bits   1.430s
-rsa 4096 bits  10.600s
-
diff --git a/crypto/openssl/times/586-1002.lnx b/crypto/openssl/times/586-1002.lnx
deleted file mode 100644
index d830bcea4227..000000000000
--- a/crypto/openssl/times/586-1002.lnx
+++ /dev/null
@@ -1,26 +0,0 @@
-SSLeay 0.8.3e 30-Sep-1997
-built on Wed Oct  1 03:01:44 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                56.21k      156.57k      211.29k      231.77k      237.92k
-mdc2              170.99k      191.70k      193.90k      195.58k      195.95k
-md5               770.50k     3961.96k     7291.22k     9250.82k     9942.36k
-sha               344.93k     1520.77k     2569.81k     3108.52k     3295.91k
-sha1              326.20k     1423.74k     2385.15k     2870.95k     3041.96k
-rc4              3672.88k     4309.65k     4374.41k     4408.66k     4355.41k
-des cbc          1349.73k     1689.05k     1735.34k     1748.99k     1739.43k
-des ede3          638.70k      704.00k      711.85k      714.41k      712.70k
-idea cbc          619.55k      677.33k      683.26k      685.06k      685.40k
-rc2 cbc           521.18k      571.20k      573.46k      578.90k      578.90k
-blowfish cbc     2079.67k     2592.49k     2702.34k     2730.33k     2695.17k
-                  sign    verify
-rsa  512 bits   0.0213s   0.0026s
-rsa 1024 bits   0.1099s   0.0031s
-rsa 2048 bits   0.7007s   0.0248s
-rsa 4096 bits   5.0500s   0.0921s
-                  sign    verify
-dsa  512 bits   0.0203s   0.0389s
-dsa 1024 bits   0.0614s   0.1222s
-dsa 2048 bits   0.2149s   0.4283s
diff --git a/crypto/openssl/times/586p-100.lnx b/crypto/openssl/times/586p-100.lnx
deleted file mode 100644
index 561eb3114fe2..000000000000
--- a/crypto/openssl/times/586p-100.lnx
+++ /dev/null
@@ -1,26 +0,0 @@
-Pentium 100 - Linux 1.2.13 - gcc 2.7.2p
-This is the pentium specific version of gcc
-
-SSLeay 0.6.4 20-Aug-1996
-built on Thu Aug 22 08:27:58 EST 1996
-options:bn(64,32) md2(char) rc4(idx,int) des(idx,long) idea(int)
-C flags:gcc -DL_ENDIAN -DTERMIO -O6 -fomit-frame-pointer -mpentium -Wall
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             74.90k      208.43k      282.11k      309.59k      318.43k
-md5            807.08k     4205.67k     7801.51k     9958.06k    10810.71k
-sha            405.98k     1821.55k     3119.10k     3799.04k     4052.31k
-sha1           389.13k     1699.50k     2852.78k     3437.57k     3656.36k
-rc4           3621.15k     4130.07k     4212.74k     4228.44k     4213.42k
-des cfb        794.39k      828.37k      831.74k      832.51k      832.85k
-des cbc        817.68k      886.17k      894.72k      896.00k      892.93k
-des ede3       308.83k      323.29k      324.61k      324.95k      324.95k
-idea cfb       690.41k      715.39k      718.51k      719.19k      718.17k
-idea cbc       696.80k      760.60k      767.32k      768.68k      770.05k
-rc2 cfb        619.91k      639.74k      642.30k      642.73k      641.71k
-rc2 cbc        631.99k      671.42k      676.35k      676.18k      677.21k
-rsa  512 bits   0.025s
-rsa 1024 bits   0.123s
-rsa 2048 bits   0.756s
-rsa 4096 bits   5.365s
-
diff --git a/crypto/openssl/times/686-200.bsd b/crypto/openssl/times/686-200.bsd
deleted file mode 100644
index f23c580e09f5..000000000000
--- a/crypto/openssl/times/686-200.bsd
+++ /dev/null
@@ -1,25 +0,0 @@
-Pentium Pro 200mhz
-FreeBSD 2.1.5
-gcc 2.7.2.2
-
-SSLeay 0.7.0 30-Jan-1997
-built on Tue Apr 22 12:14:36 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               130.99k      367.68k      499.09k      547.04k      566.50k
-md5              1924.98k     8293.50k    13464.41k    16010.39k    16820.68k
-sha              1250.75k     5330.43k     8636.88k    10227.36k    10779.14k
-sha1             1071.55k     4572.50k     7459.98k     8791.96k     9341.61k
-rc4             10724.22k    14546.25k    15240.18k    15259.50k    15265.63k
-des cbc          3309.11k     3883.01k     3968.25k     3971.86k     3979.14k
-des ede3         1442.98k     1548.33k     1562.48k     1562.00k     1563.33k
-idea cbc         2195.69k     2506.39k     2529.59k     2545.66k     2546.54k
-rc2 cbc           806.00k      833.52k      837.58k      838.52k      836.69k
-blowfish cbc     4687.34k     5949.97k     6182.43k     6248.11k     6226.09k
-rsa  512 bits   0.010s
-rsa 1024 bits   0.045s
-rsa 2048 bits   0.260s
-rsa 4096 bits   1.690s
-
diff --git a/crypto/openssl/times/686-200.lnx b/crypto/openssl/times/686-200.lnx
deleted file mode 100644
index a10cc2fd012f..000000000000
--- a/crypto/openssl/times/686-200.lnx
+++ /dev/null
@@ -1,26 +0,0 @@
-SSLeay 0.8.2a 04-Sep-1997
-built on Fri Sep  5 17:37:05 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               131.02k      368.41k      500.57k      549.21k      566.09k
-mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
-md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
-sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
-sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
-rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
-des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
-des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
-idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
-rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
-blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
-                  sign    verify
-rsa  512 bits   0.0100s   0.0011s
-rsa 1024 bits   0.0451s   0.0012s
-rsa 2048 bits   0.2605s   0.0086s
-rsa 4096 bits   1.6883s   0.0302s
-                  sign    verify
-dsa  512 bits   0.0083s   0.0156s
-dsa 1024 bits   0.0228s   0.0454s
-dsa 2048 bits   0.0719s   0.1446s
-
diff --git a/crypto/openssl/times/686-200.nt b/crypto/openssl/times/686-200.nt
deleted file mode 100644
index c8cbaa04e39d..000000000000
--- a/crypto/openssl/times/686-200.nt
+++ /dev/null
@@ -1,24 +0,0 @@
-built on Tue May 13 08:24:51 EST 1997
-options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfi
-sh(ptr2)
-C flags not available
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               156.39k      427.99k      576.14k      628.36k      647.27k
-md5              2120.48k    10255.02k    18396.07k    22795.13k    24244.53k
-sha              1468.59k     6388.89k    10686.12k    12826.62k    13640.01k
-sha1             1393.46k     6013.34k     9974.56k    11932.59k    12633.45k
-rc4             13833.46k    19275.29k    20321.24k    20281.93k    20520.08k
-des cbc          3382.50k     4104.02k     4152.78k     4194.30k     4194.30k
-des ede3         1465.51k     1533.00k     1549.96k     1553.29k     1570.29k
-idea cbc         2579.52k     3079.52k     3130.08k     3153.61k     3106.89k
-rc2 cbc          1204.57k     1276.42k     1285.81k     1289.76k     1285.81k
-blowfish cbc     5229.81k     6374.32k     6574.14k     6574.14k     6594.82k
-rsa  512 bits   0.008s   0.001
-rsa 1024 bits   0.038s   0.001
-rsa 2048 bits   0.231s   0.008
-rsa 4096 bits   1.540s   0.027
-dsa  512 bits   0.007s   0.013
-dsa 1024 bits   0.021s   0.040
-dsa 2048 bits   0.066s   0.130
-
diff --git a/crypto/openssl/times/L1 b/crypto/openssl/times/L1
deleted file mode 100644
index 09253d727956..000000000000
--- a/crypto/openssl/times/L1
+++ /dev/null
@@ -1,27 +0,0 @@
-SSLeay 0.8.3ad 27-Oct-1997
-built on Wed Oct 29 00:36:17 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
-C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                56.16k      156.50k      211.46k      231.77k      238.71k
-mdc2              183.37k      205.21k      205.57k      209.92k      207.53k
-md5              1003.65k     5605.56k    11628.54k    15887.70k    17522.69k
-hmac(md5)         411.24k     2803.46k     7616.94k    13475.84k    16864.60k
-sha1              542.66k     2843.50k     5320.53k     6833.49k     7389.18k
-rc4              3677.15k     4313.73k     4407.89k     4429.82k     4404.57k
-des cbc          1787.94k     2174.51k     2236.76k     2249.73k     2230.95k
-des ede3          719.46k      777.26k      784.81k      780.29k      783.70k
-idea cbc          619.56k      677.89k      684.12k      685.40k      685.40k
-rc2 cbc           537.51k      573.93k      578.47k      579.24k      578.90k
-blowfish cbc     3226.76k     4221.65k     4424.19k     4468.39k     4377.26k
-cast cbc         2866.13k     3165.35k     3263.15k     3287.04k     3233.11k
-                  sign    verify
-rsa  512 bits   0.0212s   0.0021s
-rsa 1024 bits   0.1072s   0.0064s
-rsa 2048 bits   0.6853s   0.0222s
-rsa 4096 bits   4.9300s   0.0848s
-                  sign    verify
-dsa  512 bits   0.0200s   0.0380s
-dsa 1024 bits   0.0600s   0.1180s
-dsa 2048 bits   0.2110s   0.4221s
diff --git a/crypto/openssl/times/R10000.t b/crypto/openssl/times/R10000.t
deleted file mode 100644
index 6b3874c8665d..000000000000
--- a/crypto/openssl/times/R10000.t
+++ /dev/null
@@ -1,24 +0,0 @@
-IRIX 6.2 - R10000 195mhz
-SLeay 0.6.5a 06-Dec-1996
-built on Tue Dec 24 03:51:45 EST 1996
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
-C flags:cc -O2 -DTERMIOS -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2            156.34k      424.03k      571.88k      628.88k      646.01k
-md5           1885.02k     8181.72k    13440.53k    16020.60k    16947.54k
-sha           1587.12k     7022.05k    11951.24k    14440.12k    15462.74k
-sha1          1413.13k     6215.86k    10571.16k    12736.22k    13628.51k
-rc4          10556.28k    11974.08k    12077.10k    12111.38k    12103.20k
-des cfb       2977.71k     3252.27k     3284.36k     3302.66k     3290.54k
-des cbc       3298.31k     3704.96k     3771.30k     3730.73k     3778.80k
-des ede3      1278.28k     1328.82k     1342.66k     1339.82k     1343.27k
-idea cfb      2843.34k     3138.04k     3180.95k     3176.46k     3188.54k
-idea cbc      3115.21k     3558.03k     3590.61k     3591.24k     3601.18k
-rc2 cfb       2006.66k     2133.33k     2149.03k     2159.36k     2149.71k
-rc2 cbc       2167.07k     2315.30k     2338.05k     2329.34k     2333.90k
-rsa  512 bits   0.008s
-rsa 1024 bits   0.043s
-rsa 2048 bits   0.280s
-rsa 4096 bits   2.064s
-
diff --git a/crypto/openssl/times/R4400.t b/crypto/openssl/times/R4400.t
deleted file mode 100644
index af8848ffe369..000000000000
--- a/crypto/openssl/times/R4400.t
+++ /dev/null
@@ -1,26 +0,0 @@
-IRIX 5.3
-R4400 200mhz
-cc -O2
-SSLeay 0.6.5a 06-Dec-1996
-built on Mon Dec 23 11:51:11 EST 1996
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
-C flags:cc -O2 -DTERMIOS -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2            100.62k      280.25k      380.15k      416.02k      428.82k
-md5            828.62k     3525.05k     6311.98k     7742.51k     8328.04k
-sha            580.04k     2513.74k     4251.73k     5101.04k     5394.80k
-sha1           520.23k     2382.94k     4107.82k     5024.62k     5362.56k
-rc4           5871.53k     6323.08k     6357.49k     6392.04k     6305.45k
-des cfb       1016.76k     1156.72k     1176.59k     1180.55k     1181.65k
-des cbc       1016.38k     1303.81k     1349.10k     1359.41k     1356.62k
-des ede3       607.39k      650.74k      655.11k      657.52k      654.18k
-idea cfb      1296.10k     1348.66k     1353.80k     1358.75k     1355.40k
-idea cbc      1453.90k     1554.68k     1567.84k     1569.89k     1573.57k
-rc2 cfb       1199.86k     1251.69k     1253.57k     1259.56k     1251.31k
-rc2 cbc       1334.60k     1428.55k     1441.89k     1445.42k     1441.45k
-rsa  512 bits   0.024s
-rsa 1024 bits   0.125s
-rsa 2048 bits   0.806s
-rsa 4096 bits   5.800s
-
diff --git a/crypto/openssl/times/aix.t b/crypto/openssl/times/aix.t
deleted file mode 100644
index 4f24e3980e55..000000000000
--- a/crypto/openssl/times/aix.t
+++ /dev/null
@@ -1,34 +0,0 @@
-from Paco Garcia <pgarcia@ctv.es>
-This machine is a Bull Estrella  Minitower Model MT604-100
-Processor        : PPC604 
-P.Speed          : 100Mhz 
-Data/Instr Cache :    16 K
-L2 Cache         :   256 K
-PCI BUS Speed    :    33 Mhz
-TransfRate PCI   :   132 MB/s
-Memory           :    96 MB
-
-AIX 4.1.4
-
-SSLeay 0.6.6 14-Jan-1997
-built on Mon Jan 13 21:36:03 CUT 1997
-options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish
-(idx)
-C flags:cc -O -DAIX -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                53.83k      147.46k      197.63k      215.72k     221.70k
-md5              1278.13k     5354.77k     8679.60k    10195.09k   10780.56k
-sha              1055.34k     4600.37k     7721.30k     9298.94k    9868.63k
-sha1              276.90k     1270.25k     2187.95k     2666.84k    2850.82k
-rc4              4660.57k     5268.93k     5332.48k     5362.47k    5346.65k
-des cbc          1774.16k     1981.10k     1979.56k     2032.71k    1972.25k
-des ede3          748.81k      781.42k      785.66k      785.75k     780.84k
-idea cbc         2066.19k     2329.58k     2378.91k     2379.86k    2380.89k
-rc2 cbc          1278.53k     1379.69k     1389.99k     1393.66k    1389.91k
-blowfish cbc     2812.91k     3307.90k     3364.91k     3386.37k    3374.32k
-rsa  512 bits   0.019s
-rsa 1024 bits   0.096s
-rsa 2048 bits   0.614s
-rsa 4096 bits   4.433s
-
diff --git a/crypto/openssl/times/aixold.t b/crypto/openssl/times/aixold.t
deleted file mode 100644
index 0b51412cf9f0..000000000000
--- a/crypto/openssl/times/aixold.t
+++ /dev/null
@@ -1,23 +0,0 @@
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 04:06:32 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish(idx)
-C flags:cc -O -DAIX -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                19.09k       52.47k       71.23k       77.49k       78.93k
-md5               214.56k      941.21k     1585.43k     1883.12k     1988.70k
-sha               118.35k      521.65k      860.28k     1042.27k     1100.46k
-sha1              109.52k      478.98k      825.90k      995.48k     1049.69k
-rc4              1263.63k     1494.24k     1545.70k     1521.66k     1518.99k
-des cbc           259.62k      286.55k      287.15k      288.15k      289.45k
-des ede3          104.92k      107.88k      109.27k      109.25k      109.96k
-idea cbc          291.63k      320.07k      319.40k      320.51k      318.27k
-rc2 cbc           220.04k      237.76k      241.44k      245.90k      244.08k
-blowfish cbc      407.95k      474.83k      480.99k      485.71k      481.07k
-rsa  512 bits   0.157s   0.019
-rsa 1024 bits   0.908s   0.023
-rsa 2048 bits   6.225s   0.218
-rsa 4096 bits  46.500s   0.830
-dsa  512 bits   0.159s   0.312
-dsa 1024 bits   0.536s   1.057
-dsa 2048 bits   1.970s   3.977
diff --git a/crypto/openssl/times/alpha.t b/crypto/openssl/times/alpha.t
deleted file mode 100644
index 3a7c6c498362..000000000000
--- a/crypto/openssl/times/alpha.t
+++ /dev/null
@@ -1,81 +0,0 @@
-SSLeay-051 Alpha gcc -O3 64Bit (assember bn_mul)
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             44.40k      121.56k      162.73k      179.20k      185.01k
-md5            780.85k     3278.53k     5281.52k     6327.98k     6684.67k
-sha            501.40k     2249.19k     3855.27k     4801.19k     5160.96k
-sha-1          384.99k     1759.72k     3113.64k     3946.92k     4229.80k
-rc4           3505.05k     3724.54k     3723.78k     3555.33k     3694.68k
-des cfb        946.96k     1015.27k     1021.87k     1033.56k     1037.65k
-des cbc       1001.24k     1220.20k     1243.31k     1272.73k     1265.87k
-des ede3       445.34k      491.65k      500.53k      502.10k      502.44k
-idea cfb       643.53k      667.49k      663.81k      666.28k      664.51k
-idea cbc       650.42k      735.41k      733.27k      742.74k      745.47k
-rsa  512 bits   0.031s
-rsa 1024 bits   0.141s
-rsa 2048 bits   0.844s
-rsa 4096 bits   6.033s
-
-SSLeay-051 Alpha cc -O2 64bit (assember bn_mul)
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             45.37k      122.86k      165.97k      182.95k      188.42k
-md5            842.42k     3629.93k     5916.76k     7039.17k     7364.61k
-sha            498.93k     2197.23k     3895.60k     4756.48k     5132.13k
-sha-1          382.02k     1757.21k     3112.53k     3865.23k     4128.77k
-rc4           2975.25k     3049.33k     3180.97k     3214.68k     3424.26k
-des cfb        901.55k      990.83k     1006.08k     1011.19k     1004.89k
-des cbc        947.84k     1127.84k     1163.67k     1162.24k     1157.80k
-des ede3       435.62k      485.57k      493.67k      491.52k      491.52k
-idea cfb       629.31k      648.66k      647.77k      648.53k      649.90k
-idea cbc       565.15k      608.00k      613.46k      613.38k      617.13k
-rsa  512 bits   0.030s
-rsa 1024 bits   0.141s
-rsa 2048 bits   0.854s
-rsa 4096 bits   6.067s
-
-des cfb        718.28k      822.64k      833.11k      836.27k      841.05k
-des cbc        806.10k      951.42k      975.83k      983.73k      991.23k
-des ede3       329.50k      379.11k      387.95k      387.41k      388.33k
-
-des cfb        871.62k      948.65k      951.81k      953.00k      955.58k
-des cbc        953.60k     1174.27k     1206.70k     1216.10k     1216.44k
-des ede3       349.34k      418.05k      427.26k      429.74k      431.45k
-
-
-
-
-SSLeay-045c Alpha gcc -O3 64Bit
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             44.95k      122.22k      164.27k      180.62k      184.66k
-md5            808.71k     3371.95k     5415.68k     6385.66k     6684.67k
-sha            493.68k     2162.05k     3725.82k     4552.02k     4838.74k
-rc4           3317.32k     3649.09k     3728.30k     3744.09k     3691.86k
-cfb des        996.45k     1050.77k     1058.30k     1059.16k     1064.96k
-cbc des       1096.52k     1255.49k     1282.13k     1289.90k     1299.80k
-ede3 des       482.14k      513.51k      518.66k      520.19k      521.39k
-cfb idea       519.90k      533.40k      535.21k      535.55k      535.21k
-cbc idea       619.34k      682.21k      688.04k      689.15k      690.86k
-rsa  512 bits   0.050s
-rsa 1024 bits   0.279s
-rsa 2048 bits   1.908s
-rsa 4096 bits  14.750s
-
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             37.31k      102.77k      137.64k      151.55k      155.78k
-md5            516.65k     2535.21k     4655.72k     5859.66k     6343.34k
-rc4           3519.61k     3707.01k     3746.86k     3755.39k     3675.48k
-cfb des        780.27k      894.68k      913.10k      921.26k      922.97k
-cbc des        867.54k     1040.13k     1074.17k     1075.54k     1084.07k
-ede3 des       357.19k      397.36k      398.08k      402.28k      401.41k
-cbc idea       646.53k      686.44k      694.03k      691.20k      693.59k
-rsa  512 bits   0.046s
-rsa 1024 bits   0.270s
-rsa 2048 bits   1.858s
-rsa 4096 bits  14.350s
-
-md2      C      37.83k      103.17k      137.90k      150.87k      155.37k
-md2      L      37.30k      102.04k      139.01k      152.74k      155.78k
-rc4       I   3532.24k     3718.08k     3750.83k     3768.78k     3694.59k
-rc4      CI   2662.97k     2873.26k     2907.22k     2920.63k     2886.31k
-rc4      LI   3514.63k     3738.72k     3747.41k     3752.96k     3708.49k
-cbc idea S     619.01k      658.68k      661.50k      662.53k      663.55k
-cbc idea  L    645.69k      684.22k      694.55k      692.57k      690.86k
diff --git a/crypto/openssl/times/alpha400.t b/crypto/openssl/times/alpha400.t
deleted file mode 100644
index 079e0d187ce3..000000000000
--- a/crypto/openssl/times/alpha400.t
+++ /dev/null
@@ -1,25 +0,0 @@
-Alpha EV5.6 (21164A) 400mhz
-
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 03:39:58 EST 1997
-options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx)
-C flags:cc -arch host -tune host -fast -std -O4 -inline speed
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               274.98k      760.96k     1034.27k     1124.69k     1148.69k
-md5              2524.46k    11602.60k    19838.81k    24075.26k    25745.10k
-sha              1848.46k     8335.66k    14232.49k    17247.91k    18530.30k
-sha1             1639.67k     7336.53k    12371.80k    14807.72k    15870.63k
-rc4             17950.93k    19390.66k    19652.44k    19700.39k    19412.31k
-des cbc          4018.59k     4872.06k     4988.76k     5003.26k     4995.73k
-des ede3         1809.11k     1965.67k     1984.26k     1986.90k     1982.46k
-idea cbc         2848.82k     3204.33k     3250.26k     3257.34k     3260.42k
-rc2 cbc          3766.08k     4349.50k     4432.21k     4448.94k     4448.26k
-blowfish cbc     6694.88k     9042.35k     9486.93k     9598.98k     9624.91k
-rsa  512 bits   0.003s   0.000
-rsa 1024 bits   0.013s   0.000
-rsa 2048 bits   0.081s   0.003
-rsa 4096 bits   0.577s   0.011
-dsa  512 bits   0.003s   0.005
-dsa 1024 bits   0.007s   0.014
-dsa 2048 bits   0.025s   0.050
diff --git a/crypto/openssl/times/cyrix100.lnx b/crypto/openssl/times/cyrix100.lnx
deleted file mode 100644
index 010a2216b1e8..000000000000
--- a/crypto/openssl/times/cyrix100.lnx
+++ /dev/null
@@ -1,22 +0,0 @@
-SSLeay 0.6.6 06-Dec-1996
-built on Fri Dec  6 10:05:20 GMT 1996
-options:bn(64,32) md2(char) rc4(idx,int) des(idx,risc,16,long) idea(int)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             36.77k      102.48k      138.00k      151.57k      155.78k
-md5            513.59k     2577.22k     4623.51k     5768.99k     6214.53k
-sha            259.89k     1105.45k     1814.97k     2156.16k     2292.13k
-sha1           242.43k     1040.95k     1719.44k     2049.74k     2164.64k
-rc4           1984.48k     2303.41k     2109.37k     2071.47k     1985.61k
-des cfb        712.08k      758.29k      753.17k      752.06k      748.67k
-des cbc        787.37k      937.64k      956.77k      961.61k      957.54k
-des ede3       353.97k      377.28k      379.99k      379.34k      379.11k
-idea cfb       403.80k      418.50k      416.60k      415.78k      415.03k
-idea cbc       426.54k      466.40k      471.31k      472.67k      473.14k
-rc2 cfb        405.15k      420.05k      418.16k      416.72k      416.36k
-rc2 cbc        428.21k      468.43k      473.09k      472.59k      474.70k
-rsa  512 bits   0.040s
-rsa 1024 bits   0.195s
-rsa 2048 bits   1.201s
-rsa 4096 bits   8.700s
diff --git a/crypto/openssl/times/dgux-x86.t b/crypto/openssl/times/dgux-x86.t
deleted file mode 100644
index 70635c536b45..000000000000
--- a/crypto/openssl/times/dgux-x86.t
+++ /dev/null
@@ -1,23 +0,0 @@
-version:SSLeay 0.5.2c 15-May-1996
-built Fri Jun 14 19:47:04 EST 1996
-options:bn(LLONG,thirty_two) md2(CHAR) rc4(IDX,int) des(ary,long) idea(int)
-C flags:gcc -O3 -fomit-frame-pointer -DL_ENDIAN
-
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2            113.86k      316.48k      428.36k      467.63k      481.56k
-md5           1001.99k     5037.99k     9545.94k    12036.95k    11800.38k
-sha            628.77k     2743.48k     5113.42k     6206.99k     6165.42k
-sha1           583.83k     2638.66k     4538.85k     5532.09k     5917.04k
-rc4           5493.27k     6369.39k     6511.30k     6577.83k     6486.73k
-des cfb       1219.01k     1286.06k     1299.33k     1288.87k     1381.72k
-des cbc       1360.58k     1469.04k     1456.96k     1454.08k     1513.57k
-des ede3       544.45k      567.84k      568.99k      570.37k      566.09k
-idea cfb      1012.39k     1056.30k     1063.52k      989.17k      863.24k
-idea cbc       985.36k     1090.44k     1105.92k     1108.65k     1090.17k
-rc2 cfb        963.86k      979.06k      995.30k      937.35k      827.39k
-rc2 cbc        951.72k     1042.11k     1049.60k     1047.21k     1059.11k
-rsa  512 bits   0.032s
-rsa 1024 bits   0.159s
-rsa 2048 bits   1.025s
-rsa 4096 bits   7.270s
-
diff --git a/crypto/openssl/times/dgux.t b/crypto/openssl/times/dgux.t
deleted file mode 100644
index c7f7564e8dab..000000000000
--- a/crypto/openssl/times/dgux.t
+++ /dev/null
@@ -1,17 +0,0 @@
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             38.54k      106.28k      144.00k      157.46k      161.72k
-md5            323.23k     1471.62k     2546.11k     3100.20k     3309.57k
-rc4        I  1902.74k     2055.20k     2080.42k     2077.88k     2065.46k
-cfb des        456.23k      475.22k      481.79k      488.42k      487.17k
-cbc des        484.30k      537.50k      553.09k      558.08k      558.67k
-ede3 des       199.97k      209.05k      211.03k      211.85k      212.78k
-cbc idea       478.50k      519.33k      523.42k      525.09k      526.44k
-rsa  512 bits   0.159s !RSA_LLONG
-rsa 1024 bits   1.053s
-rsa 2048 bits   7.600s
-rsa 4096 bits  59.760s
-
-md2       C     30.53k       83.58k      112.84k      123.22k      126.24k
-rc4           1844.56k     1975.50k     1997.73k     1994.95k     1984.88k
-rc4       C   1800.09k     1968.85k     1995.20k     1992.36k     1996.80k
-rc4       CI  1830.81k     2035.75k     2067.28k     2070.23k     2062.77k
diff --git a/crypto/openssl/times/hpux-acc.t b/crypto/openssl/times/hpux-acc.t
deleted file mode 100644
index 0c0e936d1932..000000000000
--- a/crypto/openssl/times/hpux-acc.t
+++ /dev/null
@@ -1,25 +0,0 @@
-HPUX 887
-
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 02:59:45 EST 1997
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
-C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                58.99k      166.85k      225.07k      247.21k      253.76k
-md5               639.22k     2726.98k     4477.25k     5312.69k     5605.20k
-sha               381.08k     1661.49k     2793.84k     3368.86k     3581.23k
-sha1              349.54k     1514.56k     2536.63k     3042.59k     3224.39k
-rc4              2891.10k     4238.01k     4464.11k     4532.49k     4545.87k
-des cbc           717.05k      808.76k      820.14k      821.97k      821.96k
-des ede3          288.21k      303.50k      303.69k      305.82k      305.14k
-idea cbc          325.83k      334.36k      335.89k      336.61k      333.43k
-rc2 cbc           793.00k      915.81k      926.69k      933.28k      929.53k
-blowfish cbc     1561.91k     2051.97k     2122.65k     2139.40k     2145.92k
-rsa  512 bits   0.031s   0.004
-rsa 1024 bits   0.164s   0.004
-rsa 2048 bits   1.055s   0.037
-rsa 4096 bits   7.600s   0.137
-dsa  512 bits   0.029s   0.057
-dsa 1024 bits   0.092s   0.177
-dsa 2048 bits   0.325s   0.646
diff --git a/crypto/openssl/times/hpux-kr.t b/crypto/openssl/times/hpux-kr.t
deleted file mode 100644
index ad4a0adc1876..000000000000
--- a/crypto/openssl/times/hpux-kr.t
+++ /dev/null
@@ -1,23 +0,0 @@
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 02:17:35 EST 1997
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,cisc,16,long) idea(int) blowfish(idx)
-C flags:cc -DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                35.30k       98.36k      133.41k      146.34k      150.69k
-md5               391.20k     1737.31k     2796.65k     3313.75k     3503.74k
-sha               189.55k      848.14k     1436.72k     1735.87k     1848.03k
-sha1              175.30k      781.14k     1310.32k     1575.61k     1675.81k
-rc4              2070.55k     2501.47k     2556.65k     2578.34k     2584.91k
-des cbc           465.13k      536.85k      545.87k      547.86k      548.89k
-des ede3          190.05k      200.99k      202.31k      202.22k      202.75k
-idea cbc          263.44k      277.77k      282.13k      281.51k      283.15k
-rc2 cbc           448.37k      511.39k      519.54k      522.00k      521.31k
-blowfish cbc      839.98k     1097.70k     1131.16k     1145.64k     1144.67k
-rsa  512 bits   0.048s   0.005
-rsa 1024 bits   0.222s   0.006
-rsa 2048 bits   1.272s   0.042
-rsa 4096 bits   8.445s   0.149
-dsa  512 bits   0.041s   0.077
-dsa 1024 bits   0.111s   0.220
-dsa 2048 bits   0.363s   0.726
diff --git a/crypto/openssl/times/hpux.t b/crypto/openssl/times/hpux.t
deleted file mode 100644
index dcf7615edf36..000000000000
--- a/crypto/openssl/times/hpux.t
+++ /dev/null
@@ -1,86 +0,0 @@
-HP-UX A.09.05 9000/712
-
-SSLeay 0.6.6 14-Jan-1997
-built on Tue Jan 14 16:36:31 WET 1997
-options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) 
-blowfish(idx)
-C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                66.56k      184.92k      251.82k      259.86k      282.62k
-md5               615.54k     2805.92k     4764.30k     5724.21k     6084.39k
-sha               358.23k     1616.46k     2781.50k     3325.72k     3640.89k
-sha1              327.50k     1497.98k     2619.44k     3220.26k     3460.85k
-rc4              3500.47k     3890.99k     3943.81k     3883.74k     3900.02k
-des cbc           742.65k      871.66k      887.15k      891.21k      895.40k
-des ede3          302.42k      322.50k      324.46k      326.66k      326.05k
-idea cbc          664.41k      755.87k      765.61k      772.70k      773.69k
-rc2 cbc           798.78k      931.04k      947.69k      950.31k      952.04k
-blowfish cbc     1353.32k     1932.29k     2021.93k     2047.02k     2053.66k
-rsa  512 bits   0.059s
-rsa 1024 bits   0.372s
-rsa 2048 bits   2.697s
-rsa 4096 bits  20.790s
-
-SSLeay 0.6.6 14-Jan-1997
-built on Tue Jan 14 15:37:30 WET 1997
-options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) 
-blowfish(idx)
-C flags:gcc -DB_ENDIAN -O3
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                44.91k      122.57k      167.71k      183.89k      190.24k
-md5               532.50k     2316.27k     3965.72k     4740.11k     5055.06k
-sha               363.76k     1684.09k     2978.53k     3730.86k     3972.72k
-sha1              385.76k     1743.53k     2997.69k     3650.74k     3899.08k
-rc4              3178.84k     3621.31k     3672.71k     3684.01k     3571.54k
-des cbc           733.00k      844.70k      863.28k      863.72k      868.73k
-des ede3          289.99k      308.94k      310.11k      309.64k      312.08k
-idea cbc          624.07k      713.91k      724.76k      723.35k      725.13k
-rc2 cbc           704.34k      793.39k      804.25k      805.99k      782.63k
-blowfish cbc     1371.24k     1823.66k     1890.05k     1915.51k     1920.12k
-rsa  512 bits   0.030s
-rsa 1024 bits   0.156s
-rsa 2048 bits   1.113s
-rsa 4096 bits   7.480s
-
-
-HPUX B.10.01 V 9000/887 - HP92453-01 A.10.11 HP C Compiler
-SSLeay 0.5.2 - -Aa +ESlit +Oall +O4 -Wl,-a,archive
-
-HPUX A.09.04 B 9000/887
-
-ssleay 0.5.1 gcc v 2.7.0 -O3 -mpa-risc-1-1
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             53.00k      166.81k      205.66k      241.95k      242.20k
-md5            743.22k     3128.44k     6031.85k     6142.07k     7025.26k
-sha            481.30k     2008.24k     3361.31k     3985.07k     4180.74k
-sha-1          463.60k     1916.15k     3139.24k     3786.27k     3997.70k
-rc4           3708.61k     4125.16k     4547.53k     4206.21k     4390.07k
-des cfb        665.91k      705.97k      698.48k      694.25k      666.08k
-des cbc        679.80k      741.90k      769.85k      747.62k      719.47k
-des ede3       264.31k      270.22k      265.63k      273.07k      273.07k
-idea cfb       635.91k      673.40k      605.60k      699.53k      672.36k
-idea cbc       705.85k      774.63k      750.60k      715.83k      721.50k
-rsa  512 bits   0.066s
-rsa 1024 bits   0.372s
-rsa 2048 bits   2.177s
-rsa 4096 bits  16.230s
-
-HP92453-01 A.09.61 HP C Compiler
-ssleay 0.5.1 cc -Ae +ESlit +Oall -Wl,-a,archive
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             58.69k      163.30k      213.57k      230.40k      254.23k
-md5            608.60k     2596.82k     3871.43k     4684.10k     4763.88k
-sha            343.26k     1482.43k     2316.80k     2766.27k     2860.26k
-sha-1          319.15k     1324.13k     2106.03k     2527.82k     2747.95k
-rc4           2467.47k     3374.41k     3265.49k     3354.39k     3368.55k
-des cfb        812.05k      814.90k      851.20k      819.20k      854.56k
-des cbc        836.35k      994.06k      916.02k     1020.01k      988.14k
-des ede3       369.78k      389.15k      401.01k      382.94k      408.03k
-idea cfb       290.40k      298.06k      286.11k      296.92k      299.46k
-idea cbc       301.30k      297.72k      304.34k      300.10k      309.70k
-rsa  512 bits   0.350s
-rsa 1024 bits   2.635s
-rsa 2048 bits  19.930s
-
diff --git a/crypto/openssl/times/p2.w95 b/crypto/openssl/times/p2.w95
deleted file mode 100644
index 82d1e5515d59..000000000000
--- a/crypto/openssl/times/p2.w95
+++ /dev/null
@@ -1,22 +0,0 @@
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               235.90k      652.30k      893.36k      985.74k      985.74k
-mdc2              779.61k      816.81k      825.65k      816.01k      825.65k
-md5              2788.77k    13508.23k    24672.38k    30504.03k    33156.55k
-sha              1938.22k     8397.01k    14122.24k    16980.99k    18196.55k
-sha1             1817.29k     7832.50k    13168.93k    15738.48k    16810.84k
-rc4             15887.52k    21709.65k    22745.68k    22995.09k    22995.09k
-des cbc          4599.02k     5377.31k     5377.31k     5533.38k     5533.38k
-des ede3         1899.59k     2086.71k     2086.67k     2086.51k     2085.90k
-idea cbc         3350.08k     3934.62k     3979.42k     4017.53k     4017.53k
-rc2 cbc          1534.13k     1630.76k     1625.70k     1644.83k     1653.91k
-blowfish cbc     6678.83k     8490.49k     8701.88k     8848.74k     8886.24k
-                  sign    verify
-rsa  512 bits   0.0062s   0.0008s
-rsa 1024 bits   0.0287s   0.0009s
-rsa 2048 bits   0.1785s   0.0059s
-rsa 4096 bits   1.1300s   0.0205s
-                  sign    verify
-dsa  512 bits   0.0055s   0.0100s
-dsa 1024 bits   0.0154s   0.0299s
-dsa 2048 bits   0.0502s   0.0996s
diff --git a/crypto/openssl/times/pent2.t b/crypto/openssl/times/pent2.t
deleted file mode 100644
index b6dc269155ac..000000000000
--- a/crypto/openssl/times/pent2.t
+++ /dev/null
@@ -1,24 +0,0 @@
-pentium 2, 266mhz, Visual C++ 5.0, Windows 95
-
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               235.90k      652.30k      893.36k      985.74k      985.74k
-mdc2              779.61k      816.81k      825.65k      816.01k      825.65k
-md5              2788.77k    13508.23k    24672.38k    30504.03k    33156.55k
-sha              1938.22k     8397.01k    14122.24k    16980.99k    18196.55k
-sha1             1817.29k     7832.50k    13168.93k    15738.48k    16810.84k
-rc4             15887.52k    21709.65k    22745.68k    22995.09k    22995.09k
-des cbc          4599.02k     5377.31k     5377.31k     5533.38k     5533.38k
-des ede3         1899.59k     2086.71k     2086.67k     2086.51k     2085.90k
-idea cbc         3350.08k     3934.62k     3979.42k     4017.53k     4017.53k
-rc2 cbc          1534.13k     1630.76k     1625.70k     1644.83k     1653.91k
-blowfish cbc     6678.83k     8490.49k     8701.88k     8848.74k     8886.24k
-                  sign    verify
-rsa  512 bits   0.0062s   0.0008s
-rsa 1024 bits   0.0287s   0.0009s
-rsa 2048 bits   0.1785s   0.0059s
-rsa 4096 bits   1.1300s   0.0205s
-                  sign    verify
-dsa  512 bits   0.0055s   0.0100s
-dsa 1024 bits   0.0154s   0.0299s
-dsa 2048 bits   0.0502s   0.0996s
diff --git a/crypto/openssl/times/readme b/crypto/openssl/times/readme
deleted file mode 100644
index 7074f5815b9d..000000000000
--- a/crypto/openssl/times/readme
+++ /dev/null
@@ -1,11 +0,0 @@
-The 'times' in this directory are not all for the most recent version of
-the library and it should be noted that on some CPUs (specifically sparc
-and Alpha), the locations of files in the application after linking can
-make upto a %10 speed difference when running benchmarks on things like
-cbc mode DES.  To put it mildly this can be very anoying.
-
-About the only way to get around this would be to compile the library as one
-object file, or to 'include' the source files in a specific order.
-
-The best way to get an idea of the 'raw' DES speed is to build the 
-'speed' program in crypto/des.
diff --git a/crypto/openssl/times/s586-100.lnx b/crypto/openssl/times/s586-100.lnx
deleted file mode 100644
index cbc3e3c4fb91..000000000000
--- a/crypto/openssl/times/s586-100.lnx
+++ /dev/null
@@ -1,25 +0,0 @@
-Shared library build
-
-SSLeay 0.7.3 30-Apr-1997
-built on Tue May 13 03:43:56 EST 1997
-options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                68.95k      191.40k      258.22k      283.31k      291.21k
-md5               627.37k     3064.75k     5370.15k     6765.91k     7255.38k
-sha               323.35k     1431.32k     2417.07k     2916.69k     3102.04k
-sha1              298.08k     1318.34k     2228.82k     2694.83k     2864.47k
-rc4              3404.13k     4026.33k     4107.43k     4136.28k     4117.85k
-des cbc          1414.60k     1782.53k     1824.24k     1847.64k     1840.47k
-des ede3          588.36k      688.19k      700.33k      702.46k      704.51k
-idea cbc          582.96k      636.71k      641.54k      642.39k      642.30k
-rc2 cbc           569.34k      612.37k      617.64k      617.47k      619.86k
-blowfish cbc     2015.77k     2534.49k     2609.65k     2607.10k     2615.98k
-rsa  512 bits   0.027s   0.003
-rsa 1024 bits   0.128s   0.003
-rsa 2048 bits   0.779s   0.027
-rsa 4096 bits   5.450s   0.098
-dsa  512 bits   0.024s   0.045
-dsa 1024 bits   0.068s   0.132
-dsa 2048 bits   0.231s   0.469
diff --git a/crypto/openssl/times/s586-100.nt b/crypto/openssl/times/s586-100.nt
deleted file mode 100644
index 8e3baf6d5e62..000000000000
--- a/crypto/openssl/times/s586-100.nt
+++ /dev/null
@@ -1,23 +0,0 @@
-SSLeay 0.7.3 30-Apr-1997
-built on Mon May 19 10:47:38 EST 1997
-options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
-C flags not available
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                90.26k      248.57k      335.06k      366.09k      376.64k
-md5               863.95k     4205.24k     7628.78k     9582.60k    10290.25k
-sha               463.93k     2102.51k     3623.28k     4417.85k     4695.29k
-sha1              458.23k     2005.88k     3385.78k     4094.00k     4340.13k
-rc4              5843.60k     7543.71k     7790.31k     7836.89k     7791.47k
-des cbc          1583.95k     1910.67k     1960.69k     1972.12k     1946.13k
-des ede3          654.79k      722.60k      740.97k      745.82k      738.27k
-idea cbc          792.04k      876.96k      887.35k      892.63k      890.36k
-rc2 cbc           603.50k      652.38k      661.85k      662.69k      661.44k
-blowfish cbc     2379.88k     3043.76k     3153.61k     3153.61k     3134.76k
-rsa  512 bits   0.022s   0.003
-rsa 1024 bits   0.111s   0.003
-rsa 2048 bits   0.716s   0.025
-rsa 4096 bits   5.188s   0.094
-dsa  512 bits   0.020s   0.039
-dsa 1024 bits   0.062s   0.124
-dsa 2048 bits   0.221s   0.441
diff --git a/crypto/openssl/times/sgi.t b/crypto/openssl/times/sgi.t
deleted file mode 100644
index 7963610150b7..000000000000
--- a/crypto/openssl/times/sgi.t
+++ /dev/null
@@ -1,29 +0,0 @@
-SGI Challenge R4400 200mhz IRIX 5.3 - gcc (2.6.3)
-SSLeay 0.6.1 02-Jul-1996
-built on Tue Jul  2 16:25:30 EST 1996
-options:bn(64,32) md2(char) rc4(idx,char) des(idx,long) idea(int)
-C flags:gcc -O2 -mips2 -DTERMIOS -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2             96.53k      266.70k      360.09k      393.70k      405.07k
-md5            971.15k     4382.56k     7406.90k     8979.99k     9559.18k
-sha            596.86k     2832.26k     4997.30k     6277.75k     6712.89k
-sha1           578.34k     2630.16k     4632.05k     5684.34k     6083.37k
-rc4           5641.12k     6821.76k     6996.13k     7052.61k     6913.32k
-des cfb       1354.86k     1422.11k     1434.58k     1433.24k     1432.89k
-des cbc       1467.13k     1618.92k     1630.08k     1637.00k     1629.62k
-des ede3       566.13k      591.91k      596.86k      596.18k      592.54k
-idea cfb      1190.60k     1264.49k     1270.38k     1267.84k     1272.37k
-idea cbc      1271.45k     1410.37k     1422.49k     1426.46k     1421.73k
-rc2 cfb       1285.73k     1371.40k     1380.92k     1383.13k     1379.23k
-rc2 cbc       1386.61k     1542.10k     1562.49k     1572.45k     1567.93k
-rsa  512 bits   0.018s
-rsa 1024 bits   0.106s
-rsa 2048 bits   0.738s
-rsa 4096 bits   5.535s
-
-version:SSLeay 0.5.2c 15-May-1996
-rsa  512 bits   0.035s
-rsa 1024 bits   0.204s
-rsa 2048 bits   1.423s
-rsa 4096 bits  10.800s
diff --git a/crypto/openssl/times/sparc.t b/crypto/openssl/times/sparc.t
deleted file mode 100644
index 1611f76570a4..000000000000
--- a/crypto/openssl/times/sparc.t
+++ /dev/null
@@ -1,26 +0,0 @@
-gcc 2.7.2
-Sparc 10 - Solaris 2.3 - 50mhz
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 00:55:51 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
-C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                54.88k      154.52k      210.35k      231.08k      237.21k
-md5               550.75k     2460.49k     4116.01k     4988.74k     5159.86k
-sha               340.28k     1461.76k     2430.10k     2879.87k     2999.15k
-sha1              307.27k     1298.41k     2136.26k     2540.07k     2658.28k
-rc4              2652.21k     2805.24k     3301.63k     4003.98k     4071.18k
-des cbc           811.78k      903.93k      914.19k      921.60k      932.29k
-des ede3          328.21k      344.93k      349.64k      351.48k      345.07k
-idea cbc          685.06k      727.42k      734.41k      730.11k      739.21k
-rc2 cbc           718.59k      777.02k      781.96k      784.38k      782.60k
-blowfish cbc     1268.85k     1520.64k     1568.88k     1587.54k     1591.98k
-rsa  512 bits   0.037s   0.005
-rsa 1024 bits   0.213s   0.006
-rsa 2048 bits   1.471s   0.053
-rsa 4096 bits  11.100s   0.202
-dsa  512 bits   0.038s   0.074
-dsa 1024 bits   0.128s   0.248
-dsa 2048 bits   0.473s   0.959
-
diff --git a/crypto/openssl/times/sparc2 b/crypto/openssl/times/sparc2
deleted file mode 100644
index 4b0dd805efc0..000000000000
--- a/crypto/openssl/times/sparc2
+++ /dev/null
@@ -1,21 +0,0 @@
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                14.56k       40.25k       54.95k       60.13k       62.18k
-mdc2               53.59k       57.45k       58.11k       58.21k       58.51k
-md5               176.95k      764.75k     1270.36k     1520.14k     1608.36k
-hmac(md5)          55.88k      369.70k      881.15k     1337.05k     1567.40k
-sha1               92.69k      419.75k      723.63k      878.82k      939.35k
-rc4              1247.28k     1414.09k     1434.30k     1434.34k     1441.13k
-des cbc           284.41k      318.58k      323.07k      324.09k      323.87k
-des ede3          109.99k      119.99k      121.60k      121.87k      121.66k
-idea cbc           43.06k       43.68k       43.84k       43.64k       44.07k
-rc2 cbc           278.85k      311.44k      316.50k      316.57k      317.37k
-blowfish cbc      468.89k      569.35k      581.61k      568.34k      559.54k
-cast cbc          285.84k      338.79k      345.71k      346.19k      341.09k
-                  sign    verify
-rsa  512 bits   0.4175s   0.0519s
-rsa 1024 bits   2.9325s   0.1948s
-rsa 2048 bits  22.3600s   0.7669s
-		  sign    verify
-dsa  512 bits   0.5178s   1.0300s
-dsa 1024 bits   1.8780s   3.7167s
-dsa 2048 bits   7.3500s  14.4800s
diff --git a/crypto/openssl/times/sparcLX.t b/crypto/openssl/times/sparcLX.t
deleted file mode 100644
index 2fdaed7cc500..000000000000
--- a/crypto/openssl/times/sparcLX.t
+++ /dev/null
@@ -1,22 +0,0 @@
-Sparc Station LX
-SSLeay 0.7.3 30-Apr-1997
-built on Thu May  1 10:44:02 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
-C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2                17.60k       48.72k       66.47k       72.70k       74.72k
-md5               226.24k     1082.21k     1982.72k     2594.02k     2717.01k
-sha                71.38k      320.71k      551.08k      677.76k      720.90k
-sha1               63.08k      280.79k      473.86k      576.94k      608.94k
-rc4              1138.30k     1257.67k     1304.49k     1377.78k     1364.42k
-des cbc           265.34k      308.85k      314.28k      315.39k      317.20k
-des ede3           83.23k       93.13k       94.04k       94.50k       94.63k
-idea cbc          254.48k      274.26k      275.88k      274.68k      275.80k
-rc2 cbc           328.27k      375.39k      381.43k      381.61k      380.83k
-blowfish cbc      487.00k      498.02k      510.12k      515.41k      516.10k
-rsa  512 bits   0.093s
-rsa 1024 bits   0.537s
-rsa 2048 bits   3.823s
-rsa 4096 bits  28.650s
-
diff --git a/crypto/openssl/times/usparc.t b/crypto/openssl/times/usparc.t
deleted file mode 100644
index 2215624f9f2e..000000000000
--- a/crypto/openssl/times/usparc.t
+++ /dev/null
@@ -1,25 +0,0 @@
-Sparc 2000? - Solaris 2.5.1 - 167mhz Ultra sparc
-
-SSLeay 0.7.3r 20-May-1997
-built on Mon Jun  2 02:25:48 EST 1997
-options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long) idea(int) blowfish(ptr)
-C flags:cc cc -xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa -DB_ENDIAN
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               135.23k      389.87k      536.66k      591.87k      603.48k
-md5              1534.38k     6160.41k     9842.69k    11446.95k    11993.09k
-sha              1178.30k     5020.74k     8532.22k    10275.50k    11010.05k
-sha1             1114.22k     4703.94k     7703.81k     9236.14k     9756.67k
-rc4             10818.03k    13327.57k    13711.10k    13810.69k    13836.29k
-des cbc          3052.44k     3320.02k     3356.25k     3369.98k     3295.91k
-des ede3         1310.32k     1359.98k     1367.47k     1362.94k     1362.60k
-idea cbc         1749.52k     1833.13k     1844.74k     1848.32k     1848.66k
-rc2 cbc          1950.25k     2053.23k     2064.21k     2072.58k     2072.58k
-blowfish cbc     4927.16k     5659.75k     5762.73k     5797.55k     5805.40k
-rsa  512 bits   0.021s   0.003
-rsa 1024 bits   0.126s   0.003
-rsa 2048 bits   0.888s   0.032
-rsa 4096 bits   6.770s   0.122
-dsa  512 bits   0.022s   0.043
-dsa 1024 bits   0.076s   0.151
-dsa 2048 bits   0.286s   0.574
diff --git a/crypto/openssl/times/x86/bfs.cpp b/crypto/openssl/times/x86/bfs.cpp
deleted file mode 100644
index d74c45776078..000000000000
--- a/crypto/openssl/times/x86/bfs.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/blowfish.h>
-
-void main(int argc,char *argv[])
-	{
-	BF_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			BF_encrypt(&data[0],&key);
-			GetTSC(s1);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e2);
-			BF_encrypt(&data[0],&key);
-			}
-
-		printf("blowfish %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/casts.cpp b/crypto/openssl/times/x86/casts.cpp
deleted file mode 100644
index 7661191acf5c..000000000000
--- a/crypto/openssl/times/x86/casts.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/cast.h>
-
-void main(int argc,char *argv[])
-	{
-	CAST_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			CAST_encrypt(&data[0],&key);
-			GetTSC(s1);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e2);
-			CAST_encrypt(&data[0],&key);
-			}
-
-		printf("cast %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/des3s.cpp b/crypto/openssl/times/x86/des3s.cpp
deleted file mode 100644
index 02d527c057c2..000000000000
--- a/crypto/openssl/times/x86/des3s.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key1,key2,key3;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(s1);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/dess.cpp b/crypto/openssl/times/x86/dess.cpp
deleted file mode 100644
index 753e67ad9be2..000000000000
--- a/crypto/openssl/times/x86/dess.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt(&data[0],key,1);
-			GetTSC(s1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			GetTSC(e2);
-			des_encrypt(&data[0],key,1);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/md4s.cpp b/crypto/openssl/times/x86/md4s.cpp
deleted file mode 100644
index c0ec97fc9f9b..000000000000
--- a/crypto/openssl/times/x86/md4s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md4.h>
-
-extern "C" {
-void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD4_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md4_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md4_block_x86(&ctx,buffer,num);
-			}
-		printf("md4 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/md5s.cpp b/crypto/openssl/times/x86/md5s.cpp
deleted file mode 100644
index dd343fd4e6ed..000000000000
--- a/crypto/openssl/times/x86/md5s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md5.h>
-
-extern "C" {
-void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD5_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md5_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md5_block_x86(&ctx,buffer,num);
-			}
-		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/rc4s.cpp b/crypto/openssl/times/x86/rc4s.cpp
deleted file mode 100644
index 3814fde9972f..000000000000
--- a/crypto/openssl/times/x86/rc4s.cpp
+++ /dev/null
@@ -1,73 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rc4.h>
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[1024];
-	RC4_KEY ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=64,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=256;
-	if (num > 1024-16) num=1024-16;
-	numm=num+8;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(s1);
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(e1);
-			GetTSC(s2);
-			RC4(&ctx,num,buffer,buffer);
-			GetTSC(e2);
-			RC4(&ctx,num,buffer,buffer);
-			}
-
-		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
-			e1-s1,e2-s2,(e1-s1)-(e2-s2));
-		}
-	}
-
diff --git a/crypto/openssl/times/x86/sha1s.cpp b/crypto/openssl/times/x86/sha1s.cpp
deleted file mode 100644
index 3103e1871bbe..000000000000
--- a/crypto/openssl/times/x86/sha1s.cpp
+++ /dev/null
@@ -1,79 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-extern "C" {
-void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	SHA_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			sha1_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			sha1_block_x86(&ctx,buffer,num);
-			}
-
-		printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/openssl/tools/Makefile.ssl b/crypto/openssl/tools/Makefile.ssl
deleted file mode 100644
index bf0cd29c7745..000000000000
--- a/crypto/openssl/tools/Makefile.ssl
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# SSLeay/tools/Makefile
-#
-
-DIR=	tools
-TOP=	..
-CC=	cc
-INCLUDES= -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile.ssl
-TEST=
-APPS= c_rehash
-MISC_APPS= c_hash c_info c_issuer c_name
-
-all:
-
-install:
-	@for i in $(APPS) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	done;
-	@for i in $(MISC_APPS) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	done;
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-
-tags:
-
-errors:
-
-depend:
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-errors:
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/openssl/tools/c89.sh b/crypto/openssl/tools/c89.sh
deleted file mode 100755
index b25c9fda2df1..000000000000
--- a/crypto/openssl/tools/c89.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh -k
-#
-# Re-order arguments so that -L comes first
-#
-opts=""
-lopts=""
-        
-for arg in $* ; do
-  case $arg in
-    -L*) lopts="$lopts $arg" ;;
-    *) opts="$opts $arg" ;;
-  esac
-done
-
-c89 $lopts $opts
diff --git a/crypto/openssl/tools/c_hash b/crypto/openssl/tools/c_hash
deleted file mode 100644
index 5e0a9081755d..000000000000
--- a/crypto/openssl/tools/c_hash
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-# print out the hash values 
-#
-
-for i in $*
-do
-	h=`openssl x509 -hash -noout -in $i`
-	echo "$h.0 => $i"
-done
diff --git a/crypto/openssl/tools/c_info b/crypto/openssl/tools/c_info
deleted file mode 100644
index 0e1e633b6fb7..000000000000
--- a/crypto/openssl/tools/c_info
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-#
-# print the subject
-#
-
-for i in $*
-do
-	n=`openssl x509 -subject -issuer -enddate -noout -in $i`
-	echo "$i"
-	echo "$n"
-	echo "--------"
-done
diff --git a/crypto/openssl/tools/c_issuer b/crypto/openssl/tools/c_issuer
deleted file mode 100644
index 4c691201bb47..000000000000
--- a/crypto/openssl/tools/c_issuer
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-#
-# print out the issuer
-#
-
-for i in $*
-do
-	n=`openssl x509 -issuer -noout -in $i`
-	echo "$i\t$n"
-done
diff --git a/crypto/openssl/tools/c_name b/crypto/openssl/tools/c_name
deleted file mode 100644
index 28800c0b30c1..000000000000
--- a/crypto/openssl/tools/c_name
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-#
-# print the subject
-#
-
-for i in $*
-do
-	n=`openssl x509 -subject -noout -in $i`
-	echo "$i	$n"
-done
diff --git a/crypto/openssl/tools/c_rehash b/crypto/openssl/tools/c_rehash
deleted file mode 100644
index 3e9ba1efe490..000000000000
--- a/crypto/openssl/tools/c_rehash
+++ /dev/null
@@ -1,160 +0,0 @@
-#!/usr/local/bin/perl
-
-
-# Perl c_rehash script, scan all files in a directory
-# and add symbolic links to their hash values.
-
-my $openssl;
-
-my $dir = "/usr/local/ssl";
-
-if(defined $ENV{OPENSSL}) {
-	$openssl = $ENV{OPENSSL};
-} else {
-	$openssl = "openssl";
-	$ENV{OPENSSL} = $openssl;
-}
-
-$ENV{PATH} .= ":$dir/bin";
-
-if(! -x $openssl) {
-	my $found = 0;
-	foreach (split /:/, $ENV{PATH}) {
-		if(-x "$_/$openssl") {
-			$found = 1;
-			last;
-		}	
-	}
-	if($found == 0) {
-		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
-		exit 0;
-	}
-}
-
-if(@ARGV) {
-	@dirlist = @ARGV;
-} elsif($ENV{SSL_CERT_DIR}) {
-	@dirlist = split /:/, $ENV{SSL_CERT_DIR};
-} else {
-	$dirlist[0] = "$dir/certs";
-}
-
-
-foreach (@dirlist) {
-	if(-d $_ and -w $_) {
-		hash_dir($_);
-	}
-}
-
-sub hash_dir {
-	my %hashlist;
-	print "Doing $_[0]\n";
-	chdir $_[0];
-	opendir(DIR, ".");
-	my @flist = readdir(DIR);
-	# Delete any existing symbolic links
-	foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
-		if(-l $_) {
-			unlink $_;
-		}
-	}
-	closedir DIR;
-	FILE: foreach $fname (grep {/\.pem$/} @flist) {
-		# Check to see if certificates and/or CRLs present.
-		my ($cert, $crl) = check_file($fname);
-		if(!$cert && !$crl) {
-			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
-			next;
-		}
-		link_hash_cert($fname) if($cert);
-		link_hash_crl($fname) if($crl);
-	}
-}
-
-sub check_file {
-	my ($is_cert, $is_crl) = (0,0);
-	my $fname = $_[0];
-	open IN, $fname;
-	while(<IN>) {
-		if(/^-----BEGIN (.*)-----/) {
-			my $hdr = $1;
-			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
-				$is_cert = 1;
-				last if($is_crl);
-			} elsif($hdr eq "X509 CRL") {
-				$is_crl = 1;
-				last if($is_cert);
-			}
-		}
-	}
-	close IN;
-	return ($is_cert, $is_crl);
-}
-
-
-# Link a certificate to its subject name hash value, each hash is of
-# the form <hash>.<n> where n is an integer. If the hash value already exists
-# then we need to up the value of n, unless its a duplicate in which
-# case we skip the link. We check for duplicates by comparing the
-# certificate fingerprints
-
-sub link_hash_cert {
-		my $fname = $_[0];
-		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
-		chomp $hash;
-		chomp $fprint;
-		$fprint =~ s/^.*=//;
-		$fprint =~ tr/://d;
-		my $suffix = 0;
-		# Search for an unused hash filename
-		while(exists $hashlist{"$hash.$suffix"}) {
-			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.$suffix"} eq $fprint) {
-				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
-				return;
-			}
-			$suffix++;
-		}
-		$hash .= ".$suffix";
-		print "$fname => $hash\n";
-		$symlink_exists=eval {symlink("",""); 1};
-		if ($symlink_exists) {
-			symlink $fname, $hash;
-		} else {
-			system ("cp", $fname, $hash);
-		}
-		$hashlist{$hash} = $fprint;
-}
-
-# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
-
-sub link_hash_crl {
-		my $fname = $_[0];
-		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`;
-		chomp $hash;
-		chomp $fprint;
-		$fprint =~ s/^.*=//;
-		$fprint =~ tr/://d;
-		my $suffix = 0;
-		# Search for an unused hash filename
-		while(exists $hashlist{"$hash.r$suffix"}) {
-			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.r$suffix"} eq $fprint) {
-				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
-				return;
-			}
-			$suffix++;
-		}
-		$hash .= ".r$suffix";
-		print "$fname => $hash\n";
-		$symlink_exists=eval {symlink("",""); 1};
-		if ($symlink_exists) {
-			symlink $fname, $hash;
-		} else {
-			system ("cp", $fname, $hash);
-		}
-		$hashlist{$hash} = $fprint;
-}
-
diff --git a/crypto/openssl/tools/c_rehash.in b/crypto/openssl/tools/c_rehash.in
deleted file mode 100644
index 4497cbd9f178..000000000000
--- a/crypto/openssl/tools/c_rehash.in
+++ /dev/null
@@ -1,160 +0,0 @@
-#!/usr/local/bin/perl
-
-
-# Perl c_rehash script, scan all files in a directory
-# and add symbolic links to their hash values.
-
-my $openssl;
-
-my $dir;
-
-if(defined $ENV{OPENSSL}) {
-	$openssl = $ENV{OPENSSL};
-} else {
-	$openssl = "openssl";
-	$ENV{OPENSSL} = $openssl;
-}
-
-$ENV{PATH} .= ":$dir/bin";
-
-if(! -x $openssl) {
-	my $found = 0;
-	foreach (split /:/, $ENV{PATH}) {
-		if(-x "$_/$openssl") {
-			$found = 1;
-			last;
-		}	
-	}
-	if($found == 0) {
-		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
-		exit 0;
-	}
-}
-
-if(@ARGV) {
-	@dirlist = @ARGV;
-} elsif($ENV{SSL_CERT_DIR}) {
-	@dirlist = split /:/, $ENV{SSL_CERT_DIR};
-} else {
-	$dirlist[0] = "$dir/certs";
-}
-
-
-foreach (@dirlist) {
-	if(-d $_ and -w $_) {
-		hash_dir($_);
-	}
-}
-
-sub hash_dir {
-	my %hashlist;
-	print "Doing $_[0]\n";
-	chdir $_[0];
-	opendir(DIR, ".");
-	my @flist = readdir(DIR);
-	# Delete any existing symbolic links
-	foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
-		if(-l $_) {
-			unlink $_;
-		}
-	}
-	closedir DIR;
-	FILE: foreach $fname (grep {/\.pem$/} @flist) {
-		# Check to see if certificates and/or CRLs present.
-		my ($cert, $crl) = check_file($fname);
-		if(!$cert && !$crl) {
-			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
-			next;
-		}
-		link_hash_cert($fname) if($cert);
-		link_hash_crl($fname) if($crl);
-	}
-}
-
-sub check_file {
-	my ($is_cert, $is_crl) = (0,0);
-	my $fname = $_[0];
-	open IN, $fname;
-	while(<IN>) {
-		if(/^-----BEGIN (.*)-----/) {
-			my $hdr = $1;
-			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
-				$is_cert = 1;
-				last if($is_crl);
-			} elsif($hdr eq "X509 CRL") {
-				$is_crl = 1;
-				last if($is_cert);
-			}
-		}
-	}
-	close IN;
-	return ($is_cert, $is_crl);
-}
-
-
-# Link a certificate to its subject name hash value, each hash is of
-# the form <hash>.<n> where n is an integer. If the hash value already exists
-# then we need to up the value of n, unless its a duplicate in which
-# case we skip the link. We check for duplicates by comparing the
-# certificate fingerprints
-
-sub link_hash_cert {
-		my $fname = $_[0];
-		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
-		chomp $hash;
-		chomp $fprint;
-		$fprint =~ s/^.*=//;
-		$fprint =~ tr/://d;
-		my $suffix = 0;
-		# Search for an unused hash filename
-		while(exists $hashlist{"$hash.$suffix"}) {
-			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.$suffix"} eq $fprint) {
-				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
-				return;
-			}
-			$suffix++;
-		}
-		$hash .= ".$suffix";
-		print "$fname => $hash\n";
-		$symlink_exists=eval {symlink("",""); 1};
-		if ($symlink_exists) {
-			symlink $fname, $hash;
-		} else {
-			system ("cp", $fname, $hash);
-		}
-		$hashlist{$hash} = $fprint;
-}
-
-# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
-
-sub link_hash_crl {
-		my $fname = $_[0];
-		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`;
-		chomp $hash;
-		chomp $fprint;
-		$fprint =~ s/^.*=//;
-		$fprint =~ tr/://d;
-		my $suffix = 0;
-		# Search for an unused hash filename
-		while(exists $hashlist{"$hash.r$suffix"}) {
-			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.r$suffix"} eq $fprint) {
-				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
-				return;
-			}
-			$suffix++;
-		}
-		$hash .= ".r$suffix";
-		print "$fname => $hash\n";
-		$symlink_exists=eval {symlink("",""); 1};
-		if ($symlink_exists) {
-			symlink $fname, $hash;
-		} else {
-			system ("cp", $fname, $hash);
-		}
-		$hashlist{$hash} = $fprint;
-}
-
diff --git a/crypto/openssl/util/FreeBSD.sh b/crypto/openssl/util/FreeBSD.sh
deleted file mode 100755
index db8edfc6aa28..000000000000
--- a/crypto/openssl/util/FreeBSD.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-perl util/perlpath.pl /usr/bin
-perl util/ssldir.pl /usr/local  
-perl util/mk1mf.pl FreeBSD >Makefile.FreeBSD
-perl Configure FreeBSD
diff --git a/crypto/openssl/util/add_cr.pl b/crypto/openssl/util/add_cr.pl
deleted file mode 100755
index c7b62c11ec96..000000000000
--- a/crypto/openssl/util/add_cr.pl
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/usr/local/bin/perl
-#
-# This adds a copyright message to a souce code file.
-# It also gets the file name correct.
-#
-# perl util/add_cr.pl *.[ch] */*.[ch] */*/*.[ch]
-#
-
-foreach (@ARGV)
-	{
-	&dofile($_);
-	}
-
-sub dofile
-	{
-	local($file)=@_;
-
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-
-	print STDERR "doing $file\n";
-	@in=<IN>;
-
-	return(1) if ($in[0] =~ / NOCW /);
-
-	@out=();
-	open(OUT,">$file.out") || die "unable to open $file.$$:$!\n";
-	push(@out,"/* $file */\n");
-	if (($in[1] !~ /^\/\* Copyright \(C\) [0-9-]+ Eric Young \(eay\@cryptsoft.com\)/))
-		{
-		push(@out,&Copyright);
-		$i=2;
-		@a=grep(/ Copyright \(C\) /,@in);
-		if ($#a >= 0)
-			{
-			while (($i <= $#in) && ($in[$i] ne " */\n"))
-				{ $i++; }
-			$i++ if ($in[$i] eq " */\n");
-
-			while (($i <= $#in) && ($in[$i] =~ /^\s*$/))
-				{ $i++; }
-
-			push(@out,"\n");
-			for ( ; $i <= $#in; $i++)
-				{ push(@out,$in[$i]); }
-			}
-		else
-			{ push(@out,@in); }
-		}
-	else
-		{
-		shift(@in);
-		push(@out,@in);
-		}
-	print OUT @out;
-	close(IN);
-	close(OUT);
-	rename("$file","$file.orig") || die "unable to rename $file:$!\n";
-	rename("$file.out",$file) || die "unable to rename $file.out:$!\n";
-	}
-
-
-
-sub Copyright
-	{
-	return <<'EOF';
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-EOF
-	}
diff --git a/crypto/openssl/util/bat.sh b/crypto/openssl/util/bat.sh
deleted file mode 100755
index 4d9a8287d0cf..000000000000
--- a/crypto/openssl/util/bat.sh
+++ /dev/null
@@ -1,134 +0,0 @@
-#!/usr/local/bin/perl
-
-$infile="/home/eay/ssl/SSLeay/MINFO";
-
-open(IN,"<$infile") || die "unable to open $infile:$!\n";
-$_=<IN>;
-for (;;)
-	{
-	chop;
-
-	($key,$val)=/^([^=]+)=(.*)/;
-	if ($key eq "RELATIVE_DIRECTORY")
-		{
-		if ($lib ne "")
-			{
-			$uc=$lib;
-			$uc =~ s/^lib(.*)\.a/$1/;
-			$uc =~ tr/a-z/A-Z/;
-			$lib_nam{$uc}=$uc;
-			$lib_obj{$uc}.=$libobj." ";
-			}
-		last if ($val eq "FINISHED");
-		$lib="";
-		$libobj="";
-		$dir=$val;
-		}
-
-	if ($key eq "TEST")
-		{ $test.=&var_add($dir,$val); }
-
-	if (($key eq "PROGS") || ($key eq "E_OBJ"))
-		{ $e_exe.=&var_add($dir,$val); }
-
-	if ($key eq "LIB")
-		{
-		$lib=$val;
-		$lib =~ s/^.*\/([^\/]+)$/$1/;
-		}
-
-	if ($key eq "EXHEADER")
-		{ $exheader.=&var_add($dir,$val); }
-
-	if ($key eq "HEADER")
-		{ $header.=&var_add($dir,$val); }
-
-	if ($key eq "LIBSRC")
-		{ $libsrc.=&var_add($dir,$val); }
-
-	if (!($_=<IN>))
-		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
-	}
-close(IN);
-
-@a=split(/\s+/,$libsrc);
-foreach (@a)
-	{
-	print "${_}.c\n";
-	}
-
-sub var_add
-	{
-	local($dir,$val)=@_;
-	local(@a,$_,$ret);
-
-	return("") if $no_engine && $dir =~ /\/engine/;
-	return("") if $no_idea && $dir =~ /\/idea/;
-	return("") if $no_rc2  && $dir =~ /\/rc2/;
-	return("") if $no_rc4  && $dir =~ /\/rc4/;
-	return("") if $no_rsa  && $dir =~ /\/rsa/;
-	return("") if $no_rsa  && $dir =~ /^rsaref/;
-	return("") if $no_dsa  && $dir =~ /\/dsa/;
-	return("") if $no_dh   && $dir =~ /\/dh/;
-	if ($no_des && $dir =~ /\/des/)
-		{
-		if ($val =~ /read_pwd/)
-			{ return("$dir/read_pwd "); }
-		else
-			{ return(""); }
-		}
-	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
-	return("") if $no_sock && $dir =~ /\/proxy/;
-	return("") if $no_bf   && $dir =~ /\/bf/;
-	return("") if $no_cast && $dir =~ /\/cast/;
-
-	$val =~ s/^\s*(.*)\s*$/$1/;
-	@a=split(/\s+/,$val);
-	grep(s/\.[och]$//,@a);
-
-	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
-	@a=grep(!/^e_.*_d$/,@a) if $no_des;
-	@a=grep(!/^e_.*_i$/,@a) if $no_idea;
-	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
-	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
-	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
-	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
-
-	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
-	@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
-
-	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
-
-	@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
-	@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
-
-	@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
-	@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
-	@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
-
-	@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
-	@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
-
-	@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
-
-	@a=grep(!/_dhp$/,@a) if $no_dh;
-
-	@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
-	@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-	@a=grep(!/_mdc2$/,@a) if $no_mdc2;
-
-	@a=grep(!/^engine$/,@a) if $no_engine;
-	@a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
-	@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
-	@a=grep(!/^gendsa$/,@a) if $no_sha1;
-	@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
-
-	@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-
-	grep($_="$dir/$_",@a);
-	@a=grep(!/(^|\/)s_/,@a) if $no_sock;
-	@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
-	$ret=join(' ',@a)." ";
-	return($ret);
-	}
-
diff --git a/crypto/openssl/util/ck_errf.pl b/crypto/openssl/util/ck_errf.pl
deleted file mode 100755
index 7a24d6c5a2e2..000000000000
--- a/crypto/openssl/util/ck_errf.pl
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/usr/local/bin/perl
-#
-# This is just a quick script to scan for cases where the 'error'
-# function name in a XXXerr() macro is wrong.
-# 
-# Run in the top level by going
-# perl util/ck_errf.pl */*.c */*/*.c
-#
-
-foreach $file (@ARGV)
-	{
-	open(IN,"<$file") || die "unable to open $file\n";
-	$func="";
-	while (<IN>)
-		{
-		if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/)
-			{
-			$func=$1;
-			$func =~ tr/A-Z/a-z/;
-			}
-		if (/([A-Z0-9]+)err\(([^,]+)/)
-			{
-			next if ($func eq "");
-			$errlib=$1;
-			$n=$2;
-			if ($n !~ /([^_]+)_F_(.+)$/)
-				{
-		#		print "check -$file:$.:$func:$n\n";
-				next;
-				}
-			$lib=$1;
-			$n=$2;
-
-			if ($lib ne $errlib)
-				{ print "$file:$.:$func:$n\n"; next; }
-
-			$n =~ tr/A-Z/a-z/;
-			if (($n ne $func) && ($errlib ne "SYS"))
-				{ print "$file:$.:$func:$n\n"; next; }
-	#		print "$func:$1\n";
-			}
-		}
-	close(IN);
-        }
-
diff --git a/crypto/openssl/util/clean-depend.pl b/crypto/openssl/util/clean-depend.pl
deleted file mode 100755
index 6c485d1e2fb1..000000000000
--- a/crypto/openssl/util/clean-depend.pl
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/usr/local/bin/perl -w
-# Clean the dependency list in a makefile of standard includes...
-# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
-
-use strict;
-
-while(<STDIN>) {
-    print;
-    last if /^# DO NOT DELETE THIS LINE/;
-}
-
-my %files;
-
-my $thisfile="";
-while(<STDIN>) {
-    my ($dummy, $file,$deps)=/^((.*):)? (.*)$/;
-    my $origfile="";
-    $thisfile=$file if defined $file;
-    next if !defined $deps;
-    $origfile=$thisfile;
-    $origfile=~s/\.o$/.c/;
-    my @deps=split ' ',$deps;
-    @deps=grep(!/^\//,@deps);
-    @deps=grep(!/^\\$/,@deps);
-    @deps=grep(!/^$origfile$/,@deps);
-# pull out the kludged kerberos header (if present).
-    @deps=grep(!/^[.\/]+\/krb5.h/,@deps);
-    push @{$files{$thisfile}},@deps;
-}
-
-my $file;
-foreach $file (sort keys %files) {
-    my $len=0;
-    my $dep;
-    my $origfile=$file;
-    $origfile=~s/\.o$/.c/;
-    $file=~s/^\.\///;
-    push @{$files{$file}},$origfile;
-    my $prevdep="";
-    foreach $dep (sort @{$files{$file}}) {
-	$dep=~s/^\.\///;
-	next if $prevdep eq $dep; # to exterminate duplicates...
-	$prevdep = $dep;
-	$len=0 if $len+length($dep)+1 >= 80;
-	if($len == 0) {
-	    print "\n$file:";
-	    $len=length($file)+1;
-	}
-	print " $dep";
-	$len+=length($dep)+1;
-    }
-}
-
-print "\n";
diff --git a/crypto/openssl/util/deleof.pl b/crypto/openssl/util/deleof.pl
deleted file mode 100755
index 155acd88ff13..000000000000
--- a/crypto/openssl/util/deleof.pl
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/local/bin/perl
-
-while (<>)
-	{
-	print
-	last if (/^# DO NOT DELETE THIS LINE/);
-	}
diff --git a/crypto/openssl/util/dirname.pl b/crypto/openssl/util/dirname.pl
deleted file mode 100644
index d7a66d96accf..000000000000
--- a/crypto/openssl/util/dirname.pl
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/usr/local/bin/perl
-
-if ($#ARGV < 0) {
-    die "dirname.pl: too few arguments\n";
-} elsif ($#ARGV > 0) {
-    die "dirname.pl: too many arguments\n";
-}
-
-my $d = $ARGV[0];
-
-if ($d =~ m|.*/.*|) {
-    $d =~ s|/[^/]*$||;
-} else {
-    $d = ".";
-}
-
-print $d,"\n";
-exit(0);
diff --git a/crypto/openssl/util/do_ms.sh b/crypto/openssl/util/do_ms.sh
deleted file mode 100755
index 515b074cffbc..000000000000
--- a/crypto/openssl/util/do_ms.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-#
-# generate the Microsoft makefiles and .def files
-#
-
-PATH=util:../util:$PATH
-
-# perl util/mk1mf.pl no-sock VC-MSDOS >ms/msdos.mak
-# perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
-perl util/mk1mf.pl dll VC-WIN16 >ms/w31dll.mak
-# perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
-perl util/mk1mf.pl dll VC-WIN32 >ms/ntdll.mak
-perl util/mk1mf.pl Mingw32 >ms/mingw32.mak
-perl util/mk1mf.pl Mingw32-files >ms/mingw32f.mak
-
-perl util/mkdef.pl 16 libeay > ms/libeay16.def
-perl util/mkdef.pl 32 libeay > ms/libeay32.def
-perl util/mkdef.pl 16 ssleay > ms/ssleay16.def
-perl util/mkdef.pl 32 ssleay > ms/ssleay32.def
diff --git a/crypto/openssl/util/domd b/crypto/openssl/util/domd
deleted file mode 100755
index 49310bbdd1af..000000000000
--- a/crypto/openssl/util/domd
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-# Do a makedepend, only leave out the standard headers
-# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
-
-TOP=$1
-shift
-if [ "$1" = "-MD" ]; then
-    shift
-    MAKEDEPEND=$1
-    shift
-fi
-if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi
-
-cp Makefile.ssl Makefile.save
-# fake the presence of Kerberos
-touch $TOP/krb5.h
-if [ "$MAKEDEPEND" = "gcc" ]; then
-    args=""
-    while [ $# -gt 0 ]; do
-	if [ "$1" != "--" ]; then args="$args $1"; fi
-	shift
-    done
-    sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp
-    echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-    gcc -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp
-    ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
-    rm -f Makefile.tmp
-else
-    ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@
-    ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
-fi
-mv Makefile.new Makefile.ssl
-# unfake the presence of Kerberos
-rm $TOP/krb5.h
diff --git a/crypto/openssl/util/err-ins.pl b/crypto/openssl/util/err-ins.pl
deleted file mode 100755
index 31b70df8d0e2..000000000000
--- a/crypto/openssl/util/err-ins.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/local/bin/perl
-#
-# tack error codes onto the end of a file
-#
-
-open(ERR,$ARGV[0]) || die "unable to open error file '$ARGV[0]':$!\n";
-@err=<ERR>;
-close(ERR);
-
-open(IN,$ARGV[1]) || die "unable to open header file '$ARGV[1]':$!\n";
-
-@out="";
-while (<IN>)
-	{
-	push(@out,$_);
-	last if /BEGIN ERROR CODES/;
-	}
-close(IN);
-
-open(OUT,">$ARGV[1]") || die "unable to open header file '$ARGV[1]':$1\n";
-print OUT @out;
-print OUT @err;
-print OUT <<"EOF";
- 
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
-EOF
-close(OUT);
-
-
diff --git a/crypto/openssl/util/extract-names.pl b/crypto/openssl/util/extract-names.pl
deleted file mode 100644
index d413a045cc45..000000000000
--- a/crypto/openssl/util/extract-names.pl
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/perl
-
-$/ = "";			# Eat a paragraph at once.
-while(<STDIN>) {
-    chop;
-    s/\n/ /gm;
-    if (/^=head1 /) {
-	$name = 0;
-    } elsif ($name) {
-	if (/ - /) {
-	    s/ - .*//;
-	    s/[ \t,]+/ /g;
-	    push @words, split ' ';
-	}
-    }
-    if (/^=head1 *NAME *$/) {
-	$name = 1;
-    }
-}
-
-print join("\n", @words),"\n";
-
diff --git a/crypto/openssl/util/files.pl b/crypto/openssl/util/files.pl
deleted file mode 100755
index 41f033e3b9aa..000000000000
--- a/crypto/openssl/util/files.pl
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/usr/local/bin/perl
-#
-# used to generate the file MINFO for use by util/mk1mf.pl
-# It is basically a list of all variables from the passed makefile
-#
-
-$s="";
-while (<>)
-	{
-	chop;
-	s/#.*//;
-	if (/^(\S+)\s*=\s*(.*)$/)
-		{
-		$o="";
-		($s,$b)=($1,$2);
-		for (;;)
-			{
-			if ($b =~ /\\$/)
-				{
-				chop($b);
-				$o.=$b." ";
-				$b=<>;
-				chop($b);
-				}
-			else
-				{
-				$o.=$b." ";
-				last;
-				}
-			}
-		$o =~ s/^\s+//;
-		$o =~ s/\s+$//;
-		$o =~ s/\s+/ /g;
-
-		$o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
-		$sym{$s}=$o;
-		}
-	}
-
-$pwd=`pwd`; chop($pwd);
-
-if ($sym{'TOP'} eq ".")
-	{
-	$n=0;
-	$dir=".";
-	}
-else	{
-	$n=split(/\//,$sym{'TOP'});
-	@_=split(/\//,$pwd);
-	$z=$#_-$n+1;
-	foreach $i ($z .. $#_) { $dir.=$_[$i]."/"; }
-	chop($dir);
-	}
-
-print "RELATIVE_DIRECTORY=$dir\n";
-
-foreach (sort keys %sym)
-	{
-	print "$_=$sym{$_}\n";
-	}
-print "RELATIVE_DIRECTORY=\n";
diff --git a/crypto/openssl/util/fixNT.sh b/crypto/openssl/util/fixNT.sh
deleted file mode 100755
index ce4f19299ba5..000000000000
--- a/crypto/openssl/util/fixNT.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-#
-# clean up the mess that NT makes of my source tree
-#
-
-if [ -f makefile.ssl -a ! -f Makefile.ssl ]; then
-	/bin/mv makefile.ssl Makefile.ssl
-fi
-chmod +x Configure util/*
-echo cleaning
-/bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
-echo 'removing those damn ^M'
-perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
-make -f Makefile.ssl links
diff --git a/crypto/openssl/util/install.sh b/crypto/openssl/util/install.sh
deleted file mode 100755
index e1d0c982df50..000000000000
--- a/crypto/openssl/util/install.sh
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5; it is not part of GNU.
-#
-# $XConsortium: install.sh,v 1.2 89/12/18 14:47:22 jim Exp $
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.
-#
-
-
-# set DOITPROG to echo to test this script
-
-doit="${DOITPROG:-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG:-mv}"
-cpprog="${CPPROG:-cp}"
-chmodprog="${CHMODPROG:-chmod}"
-chownprog="${CHOWNPROG:-chown}"
-chgrpprog="${CHGRPPROG:-chgrp}"
-stripprog="${STRIPPROG:-strip}"
-rmprog="${RMPROG:-rm}"
-
-instcmd="$mvprog"
-chmodcmd=""
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-src=""
-dst=""
-
-while [ x"$1" != x ]; do
-    case $1 in
-	-c) instcmd="$cpprog"
-	    shift
-	    continue;;
-
-	-m) chmodcmd="$chmodprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-o) chowncmd="$chownprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-g) chgrpcmd="$chgrpprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-s) stripcmd="$stripprog"
-	    shift
-	    continue;;
-
-	*)  if [ x"$src" = x ]
-	    then
-		src=$1
-	    else
-		dst=$1
-	    fi
-	    shift
-	    continue;;
-    esac
-done
-
-if [ x"$src" = x ]
-then
-	echo "install:  no input file specified"
-	exit 1
-fi
-
-if [ x"$dst" = x ]
-then
-	echo "install:  no destination specified"
-	exit 1
-fi
-
-
-# if destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
-if [ -d $dst ]
-then
-	dst="$dst"/`basename $src`
-fi
-
-
-# get rid of the old one and mode the new one in
-
-$doit $rmcmd $dst
-$doit $instcmd $src $dst
-
-
-# and set any options; do chmod last to preserve setuid bits
-
-if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; fi
-if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; fi
-if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; fi
-if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; fi
-
-exit 0
diff --git a/crypto/openssl/util/libeay.num b/crypto/openssl/util/libeay.num
deleted file mode 100755
index f5c8c0be8a0b..000000000000
--- a/crypto/openssl/util/libeay.num
+++ /dev/null
@@ -1,2803 +0,0 @@
-SSLeay                                  1	EXIST::FUNCTION:
-SSLeay_version                          2	EXIST::FUNCTION:
-ASN1_BIT_STRING_asn1_meth               3	EXIST::FUNCTION:
-ASN1_HEADER_free                        4	EXIST::FUNCTION:
-ASN1_HEADER_new                         5	EXIST::FUNCTION:
-ASN1_IA5STRING_asn1_meth                6	EXIST::FUNCTION:
-ASN1_INTEGER_get                        7	EXIST::FUNCTION:
-ASN1_INTEGER_set                        8	EXIST::FUNCTION:
-ASN1_INTEGER_to_BN                      9	EXIST::FUNCTION:
-ASN1_OBJECT_create                      10	EXIST::FUNCTION:
-ASN1_OBJECT_free                        11	EXIST::FUNCTION:
-ASN1_OBJECT_new                         12	EXIST::FUNCTION:
-ASN1_PRINTABLE_type                     13	EXIST::FUNCTION:
-ASN1_STRING_cmp                         14	EXIST::FUNCTION:
-ASN1_STRING_dup                         15	EXIST::FUNCTION:
-ASN1_STRING_free                        16	EXIST::FUNCTION:
-ASN1_STRING_new                         17	EXIST::FUNCTION:
-ASN1_STRING_print                       18	EXIST::FUNCTION:BIO
-ASN1_STRING_set                         19	EXIST::FUNCTION:
-ASN1_STRING_type_new                    20	EXIST::FUNCTION:
-ASN1_TYPE_free                          21	EXIST::FUNCTION:
-ASN1_TYPE_new                           22	EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_to_string          23	EXIST::FUNCTION:
-ASN1_UTCTIME_check                      24	EXIST::FUNCTION:
-ASN1_UTCTIME_print                      25	EXIST::FUNCTION:BIO
-ASN1_UTCTIME_set                        26	EXIST::FUNCTION:
-ASN1_check_infinite_end                 27	EXIST::FUNCTION:
-ASN1_d2i_bio                            28	EXIST::FUNCTION:BIO
-ASN1_d2i_fp                             29	EXIST::FUNCTION:FP_API
-ASN1_digest                             30	EXIST::FUNCTION:EVP
-ASN1_dup                                31	EXIST::FUNCTION:
-ASN1_get_object                         32	EXIST::FUNCTION:
-ASN1_i2d_bio                            33	EXIST::FUNCTION:BIO
-ASN1_i2d_fp                             34	EXIST::FUNCTION:FP_API
-ASN1_object_size                        35	EXIST::FUNCTION:
-ASN1_parse                              36	EXIST::FUNCTION:BIO
-ASN1_put_object                         37	EXIST::FUNCTION:
-ASN1_sign                               38	EXIST::FUNCTION:EVP
-ASN1_verify                             39	EXIST::FUNCTION:EVP
-BF_cbc_encrypt                          40	EXIST::FUNCTION:BF
-BF_cfb64_encrypt                        41	EXIST::FUNCTION:BF
-BF_ecb_encrypt                          42	EXIST::FUNCTION:BF
-BF_encrypt                              43	EXIST::FUNCTION:BF
-BF_ofb64_encrypt                        44	EXIST::FUNCTION:BF
-BF_options                              45	EXIST::FUNCTION:BF
-BF_set_key                              46	EXIST::FUNCTION:BF
-BIO_CONNECT_free                        47	NOEXIST::FUNCTION:
-BIO_CONNECT_new                         48	NOEXIST::FUNCTION:
-BIO_accept                              51	EXIST::FUNCTION:
-BIO_ctrl                                52	EXIST::FUNCTION:
-BIO_int_ctrl                            53	EXIST::FUNCTION:
-BIO_debug_callback                      54	EXIST::FUNCTION:
-BIO_dump                                55	EXIST::FUNCTION:
-BIO_dup_chain                           56	EXIST::FUNCTION:
-BIO_f_base64                            57	EXIST::FUNCTION:BIO
-BIO_f_buffer                            58	EXIST::FUNCTION:
-BIO_f_cipher                            59	EXIST::FUNCTION:BIO
-BIO_f_md                                60	EXIST::FUNCTION:BIO
-BIO_f_null                              61	EXIST::FUNCTION:
-BIO_f_proxy_server                      62	NOEXIST::FUNCTION:
-BIO_fd_non_fatal_error                  63	EXIST::FUNCTION:
-BIO_fd_should_retry                     64	EXIST::FUNCTION:
-BIO_find_type                           65	EXIST::FUNCTION:
-BIO_free                                66	EXIST::FUNCTION:
-BIO_free_all                            67	EXIST::FUNCTION:
-BIO_get_accept_socket                   69	EXIST::FUNCTION:
-BIO_get_filter_bio                      70	NOEXIST::FUNCTION:
-BIO_get_host_ip                         71	EXIST::FUNCTION:
-BIO_get_port                            72	EXIST::FUNCTION:
-BIO_get_retry_BIO                       73	EXIST::FUNCTION:
-BIO_get_retry_reason                    74	EXIST::FUNCTION:
-BIO_gethostbyname                       75	EXIST::FUNCTION:
-BIO_gets                                76	EXIST::FUNCTION:
-BIO_new                                 78	EXIST::FUNCTION:
-BIO_new_accept                          79	EXIST::FUNCTION:
-BIO_new_connect                         80	EXIST::FUNCTION:
-BIO_new_fd                              81	EXIST::FUNCTION:
-BIO_new_file                            82	EXIST:!WIN16:FUNCTION:FP_API
-BIO_new_fp                              83	EXIST:!WIN16:FUNCTION:FP_API
-BIO_new_socket                          84	EXIST::FUNCTION:
-BIO_pop                                 85	EXIST::FUNCTION:
-BIO_printf                              86	EXIST::FUNCTION:
-BIO_push                                87	EXIST::FUNCTION:
-BIO_puts                                88	EXIST::FUNCTION:
-BIO_read                                89	EXIST::FUNCTION:
-BIO_s_accept                            90	EXIST::FUNCTION:
-BIO_s_connect                           91	EXIST::FUNCTION:
-BIO_s_fd                                92	EXIST::FUNCTION:
-BIO_s_file                              93	EXIST:!WIN16:FUNCTION:FP_API
-BIO_s_mem                               95	EXIST::FUNCTION:
-BIO_s_null                              96	EXIST::FUNCTION:
-BIO_s_proxy_client                      97	NOEXIST::FUNCTION:
-BIO_s_socket                            98	EXIST::FUNCTION:
-BIO_set                                 100	EXIST::FUNCTION:
-BIO_set_cipher                          101	EXIST::FUNCTION:BIO
-BIO_set_tcp_ndelay                      102	EXIST::FUNCTION:
-BIO_sock_cleanup                        103	EXIST::FUNCTION:
-BIO_sock_error                          104	EXIST::FUNCTION:
-BIO_sock_init                           105	EXIST::FUNCTION:
-BIO_sock_non_fatal_error                106	EXIST::FUNCTION:
-BIO_sock_should_retry                   107	EXIST::FUNCTION:
-BIO_socket_ioctl                        108	EXIST::FUNCTION:
-BIO_write                               109	EXIST::FUNCTION:
-BN_CTX_free                             110	EXIST::FUNCTION:
-BN_CTX_new                              111	EXIST::FUNCTION:
-BN_MONT_CTX_free                        112	EXIST::FUNCTION:
-BN_MONT_CTX_new                         113	EXIST::FUNCTION:
-BN_MONT_CTX_set                         114	EXIST::FUNCTION:
-BN_add                                  115	EXIST::FUNCTION:
-BN_add_word                             116	EXIST::FUNCTION:
-BN_hex2bn                               117	EXIST::FUNCTION:
-BN_bin2bn                               118	EXIST::FUNCTION:
-BN_bn2hex                               119	EXIST::FUNCTION:
-BN_bn2bin                               120	EXIST::FUNCTION:
-BN_clear                                121	EXIST::FUNCTION:
-BN_clear_bit                            122	EXIST::FUNCTION:
-BN_clear_free                           123	EXIST::FUNCTION:
-BN_cmp                                  124	EXIST::FUNCTION:
-BN_copy                                 125	EXIST::FUNCTION:
-BN_div                                  126	EXIST::FUNCTION:
-BN_div_word                             127	EXIST::FUNCTION:
-BN_dup                                  128	EXIST::FUNCTION:
-BN_free                                 129	EXIST::FUNCTION:
-BN_from_montgomery                      130	EXIST::FUNCTION:
-BN_gcd                                  131	EXIST::FUNCTION:
-BN_generate_prime                       132	EXIST::FUNCTION:
-BN_get_word                             133	EXIST::FUNCTION:
-BN_is_bit_set                           134	EXIST::FUNCTION:
-BN_is_prime                             135	EXIST::FUNCTION:
-BN_lshift                               136	EXIST::FUNCTION:
-BN_lshift1                              137	EXIST::FUNCTION:
-BN_mask_bits                            138	EXIST::FUNCTION:
-BN_mod                                  139	NOEXIST::FUNCTION:
-BN_mod_exp                              140	EXIST::FUNCTION:
-BN_mod_exp_mont                         141	EXIST::FUNCTION:
-BN_mod_exp_simple                       143	EXIST::FUNCTION:
-BN_mod_inverse                          144	EXIST::FUNCTION:
-BN_mod_mul                              145	EXIST::FUNCTION:
-BN_mod_mul_montgomery                   146	EXIST::FUNCTION:
-BN_mod_word                             148	EXIST::FUNCTION:
-BN_mul                                  149	EXIST::FUNCTION:
-BN_new                                  150	EXIST::FUNCTION:
-BN_num_bits                             151	EXIST::FUNCTION:
-BN_num_bits_word                        152	EXIST::FUNCTION:
-BN_options                              153	EXIST::FUNCTION:
-BN_print                                154	EXIST::FUNCTION:
-BN_print_fp                             155	EXIST::FUNCTION:FP_API
-BN_rand                                 156	EXIST::FUNCTION:
-BN_reciprocal                           157	EXIST::FUNCTION:
-BN_rshift                               158	EXIST::FUNCTION:
-BN_rshift1                              159	EXIST::FUNCTION:
-BN_set_bit                              160	EXIST::FUNCTION:
-BN_set_word                             161	EXIST::FUNCTION:
-BN_sqr                                  162	EXIST::FUNCTION:
-BN_sub                                  163	EXIST::FUNCTION:
-BN_to_ASN1_INTEGER                      164	EXIST::FUNCTION:
-BN_ucmp                                 165	EXIST::FUNCTION:
-BN_value_one                            166	EXIST::FUNCTION:
-BUF_MEM_free                            167	EXIST::FUNCTION:
-BUF_MEM_grow                            168	EXIST::FUNCTION:
-BUF_MEM_new                             169	EXIST::FUNCTION:
-BUF_strdup                              170	EXIST::FUNCTION:
-CONF_free                               171	EXIST::FUNCTION:
-CONF_get_number                         172	EXIST::FUNCTION:
-CONF_get_section                        173	EXIST::FUNCTION:
-CONF_get_string                         174	EXIST::FUNCTION:
-CONF_load                               175	EXIST::FUNCTION:
-CRYPTO_add_lock                         176	EXIST::FUNCTION:
-CRYPTO_dbg_free                         177	EXIST::FUNCTION:
-CRYPTO_dbg_malloc                       178	EXIST::FUNCTION:
-CRYPTO_dbg_realloc                      179	EXIST::FUNCTION:
-CRYPTO_dbg_remalloc                     180	NOEXIST::FUNCTION:
-CRYPTO_free                             181	EXIST::FUNCTION:
-CRYPTO_get_add_lock_callback            182	EXIST::FUNCTION:
-CRYPTO_get_id_callback                  183	EXIST::FUNCTION:
-CRYPTO_get_lock_name                    184	EXIST::FUNCTION:
-CRYPTO_get_locking_callback             185	EXIST::FUNCTION:
-CRYPTO_get_mem_functions                186	EXIST::FUNCTION:
-CRYPTO_lock                             187	EXIST::FUNCTION:
-CRYPTO_malloc                           188	EXIST::FUNCTION:
-CRYPTO_mem_ctrl                         189	EXIST::FUNCTION:
-CRYPTO_mem_leaks                        190	EXIST::FUNCTION:
-CRYPTO_mem_leaks_cb                     191	EXIST::FUNCTION:
-CRYPTO_mem_leaks_fp                     192	EXIST::FUNCTION:FP_API
-CRYPTO_realloc                          193	EXIST::FUNCTION:
-CRYPTO_remalloc                         194	EXIST::FUNCTION:
-CRYPTO_set_add_lock_callback            195	EXIST::FUNCTION:
-CRYPTO_set_id_callback                  196	EXIST::FUNCTION:
-CRYPTO_set_locking_callback             197	EXIST::FUNCTION:
-CRYPTO_set_mem_functions                198	EXIST::FUNCTION:
-CRYPTO_thread_id                        199	EXIST::FUNCTION:
-DH_check                                200	EXIST::FUNCTION:DH
-DH_compute_key                          201	EXIST::FUNCTION:DH
-DH_free                                 202	EXIST::FUNCTION:DH
-DH_generate_key                         203	EXIST::FUNCTION:DH
-DH_generate_parameters                  204	EXIST::FUNCTION:DH
-DH_new                                  205	EXIST::FUNCTION:DH
-DH_size                                 206	EXIST::FUNCTION:DH
-DHparams_print                          207	EXIST::FUNCTION:BIO,DH
-DHparams_print_fp                       208	EXIST::FUNCTION:DH,FP_API
-DSA_free                                209	EXIST::FUNCTION:DSA
-DSA_generate_key                        210	EXIST::FUNCTION:DSA
-DSA_generate_parameters                 211	EXIST::FUNCTION:DSA
-DSA_is_prime                            212	NOEXIST::FUNCTION:
-DSA_new                                 213	EXIST::FUNCTION:DSA
-DSA_print                               214	EXIST::FUNCTION:BIO,DSA
-DSA_print_fp                            215	EXIST::FUNCTION:DSA,FP_API
-DSA_sign                                216	EXIST::FUNCTION:DSA
-DSA_sign_setup                          217	EXIST::FUNCTION:DSA
-DSA_size                                218	EXIST::FUNCTION:DSA
-DSA_verify                              219	EXIST::FUNCTION:DSA
-DSAparams_print                         220	EXIST::FUNCTION:BIO,DSA
-DSAparams_print_fp                      221	EXIST::FUNCTION:DSA,FP_API
-ERR_clear_error                         222	EXIST::FUNCTION:
-ERR_error_string                        223	EXIST::FUNCTION:
-ERR_free_strings                        224	EXIST::FUNCTION:
-ERR_func_error_string                   225	EXIST::FUNCTION:
-ERR_get_err_state_table                 226	EXIST::FUNCTION:LHASH
-ERR_get_error                           227	EXIST::FUNCTION:
-ERR_get_error_line                      228	EXIST::FUNCTION:
-ERR_get_state                           229	EXIST::FUNCTION:
-ERR_get_string_table                    230	EXIST::FUNCTION:LHASH
-ERR_lib_error_string                    231	EXIST::FUNCTION:
-ERR_load_ASN1_strings                   232	EXIST::FUNCTION:
-ERR_load_BIO_strings                    233	EXIST::FUNCTION:
-ERR_load_BN_strings                     234	EXIST::FUNCTION:
-ERR_load_BUF_strings                    235	EXIST::FUNCTION:
-ERR_load_CONF_strings                   236	EXIST::FUNCTION:
-ERR_load_DH_strings                     237	EXIST::FUNCTION:DH
-ERR_load_DSA_strings                    238	EXIST::FUNCTION:DSA
-ERR_load_ERR_strings                    239	EXIST::FUNCTION:
-ERR_load_EVP_strings                    240	EXIST::FUNCTION:
-ERR_load_OBJ_strings                    241	EXIST::FUNCTION:
-ERR_load_PEM_strings                    242	EXIST::FUNCTION:
-ERR_load_PROXY_strings                  243	NOEXIST::FUNCTION:
-ERR_load_RSA_strings                    244	EXIST::FUNCTION:RSA
-ERR_load_X509_strings                   245	EXIST::FUNCTION:
-ERR_load_crypto_strings                 246	EXIST::FUNCTION:
-ERR_load_strings                        247	EXIST::FUNCTION:
-ERR_peek_error                          248	EXIST::FUNCTION:
-ERR_peek_error_line                     249	EXIST::FUNCTION:
-ERR_print_errors                        250	EXIST::FUNCTION:BIO
-ERR_print_errors_fp                     251	EXIST::FUNCTION:FP_API
-ERR_put_error                           252	EXIST::FUNCTION:
-ERR_reason_error_string                 253	EXIST::FUNCTION:
-ERR_remove_state                        254	EXIST::FUNCTION:
-EVP_BytesToKey                          255	EXIST::FUNCTION:
-EVP_CIPHER_CTX_cleanup                  256	EXIST::FUNCTION:
-EVP_CipherFinal                         257	EXIST::FUNCTION:
-EVP_CipherInit                          258	EXIST::FUNCTION:
-EVP_CipherUpdate                        259	EXIST::FUNCTION:
-EVP_DecodeBlock                         260	EXIST::FUNCTION:
-EVP_DecodeFinal                         261	EXIST::FUNCTION:
-EVP_DecodeInit                          262	EXIST::FUNCTION:
-EVP_DecodeUpdate                        263	EXIST::FUNCTION:
-EVP_DecryptFinal                        264	EXIST::FUNCTION:
-EVP_DecryptInit                         265	EXIST::FUNCTION:
-EVP_DecryptUpdate                       266	EXIST::FUNCTION:
-EVP_DigestFinal                         267	EXIST::FUNCTION:
-EVP_DigestInit                          268	EXIST::FUNCTION:
-EVP_DigestUpdate                        269	EXIST::FUNCTION:
-EVP_EncodeBlock                         270	EXIST::FUNCTION:
-EVP_EncodeFinal                         271	EXIST::FUNCTION:
-EVP_EncodeInit                          272	EXIST::FUNCTION:
-EVP_EncodeUpdate                        273	EXIST::FUNCTION:
-EVP_EncryptFinal                        274	EXIST::FUNCTION:
-EVP_EncryptInit                         275	EXIST::FUNCTION:
-EVP_EncryptUpdate                       276	EXIST::FUNCTION:
-EVP_OpenFinal                           277	EXIST::FUNCTION:RSA
-EVP_OpenInit                            278	EXIST::FUNCTION:RSA
-EVP_PKEY_assign                         279	EXIST::FUNCTION:
-EVP_PKEY_copy_parameters                280	EXIST::FUNCTION:
-EVP_PKEY_free                           281	EXIST::FUNCTION:
-EVP_PKEY_missing_parameters             282	EXIST::FUNCTION:
-EVP_PKEY_new                            283	EXIST::FUNCTION:
-EVP_PKEY_save_parameters                284	EXIST::FUNCTION:
-EVP_PKEY_size                           285	EXIST::FUNCTION:
-EVP_PKEY_type                           286	EXIST::FUNCTION:
-EVP_SealFinal                           287	EXIST::FUNCTION:RSA
-EVP_SealInit                            288	EXIST::FUNCTION:RSA
-EVP_SignFinal                           289	EXIST::FUNCTION:
-EVP_VerifyFinal                         290	EXIST::FUNCTION:
-EVP_add_alias                           291	NOEXIST::FUNCTION:
-EVP_add_cipher                          292	EXIST::FUNCTION:
-EVP_add_digest                          293	EXIST::FUNCTION:
-EVP_bf_cbc                              294	EXIST::FUNCTION:BF
-EVP_bf_cfb                              295	EXIST::FUNCTION:BF
-EVP_bf_ecb                              296	EXIST::FUNCTION:BF
-EVP_bf_ofb                              297	EXIST::FUNCTION:BF
-EVP_cleanup                             298	EXIST::FUNCTION:
-EVP_des_cbc                             299	EXIST::FUNCTION:DES
-EVP_des_cfb                             300	EXIST::FUNCTION:DES
-EVP_des_ecb                             301	EXIST::FUNCTION:DES
-EVP_des_ede                             302	EXIST::FUNCTION:DES
-EVP_des_ede3                            303	EXIST::FUNCTION:DES
-EVP_des_ede3_cbc                        304	EXIST::FUNCTION:DES
-EVP_des_ede3_cfb                        305	EXIST::FUNCTION:DES
-EVP_des_ede3_ofb                        306	EXIST::FUNCTION:DES
-EVP_des_ede_cbc                         307	EXIST::FUNCTION:DES
-EVP_des_ede_cfb                         308	EXIST::FUNCTION:DES
-EVP_des_ede_ofb                         309	EXIST::FUNCTION:DES
-EVP_des_ofb                             310	EXIST::FUNCTION:DES
-EVP_desx_cbc                            311	EXIST::FUNCTION:DES
-EVP_dss                                 312	EXIST::FUNCTION:DSA,SHA
-EVP_dss1                                313	EXIST::FUNCTION:DSA,SHA
-EVP_enc_null                            314	EXIST::FUNCTION:
-EVP_get_cipherbyname                    315	EXIST::FUNCTION:
-EVP_get_digestbyname                    316	EXIST::FUNCTION:
-EVP_get_pw_prompt                       317	EXIST::FUNCTION:
-EVP_idea_cbc                            318	EXIST::FUNCTION:IDEA
-EVP_idea_cfb                            319	EXIST::FUNCTION:IDEA
-EVP_idea_ecb                            320	EXIST::FUNCTION:IDEA
-EVP_idea_ofb                            321	EXIST::FUNCTION:IDEA
-EVP_md2                                 322	EXIST::FUNCTION:MD2
-EVP_md5                                 323	EXIST::FUNCTION:MD5
-EVP_md_null                             324	EXIST::FUNCTION:
-EVP_rc2_cbc                             325	EXIST::FUNCTION:RC2
-EVP_rc2_cfb                             326	EXIST::FUNCTION:RC2
-EVP_rc2_ecb                             327	EXIST::FUNCTION:RC2
-EVP_rc2_ofb                             328	EXIST::FUNCTION:RC2
-EVP_rc4                                 329	EXIST::FUNCTION:RC4
-EVP_read_pw_string                      330	EXIST::FUNCTION:
-EVP_set_pw_prompt                       331	EXIST::FUNCTION:
-EVP_sha                                 332	EXIST::FUNCTION:SHA
-EVP_sha1                                333	EXIST::FUNCTION:SHA
-MD2                                     334	EXIST::FUNCTION:MD2
-MD2_Final                               335	EXIST::FUNCTION:MD2
-MD2_Init                                336	EXIST::FUNCTION:MD2
-MD2_Update                              337	EXIST::FUNCTION:MD2
-MD2_options                             338	EXIST::FUNCTION:MD2
-MD5                                     339	EXIST::FUNCTION:MD5
-MD5_Final                               340	EXIST::FUNCTION:MD5
-MD5_Init                                341	EXIST::FUNCTION:MD5
-MD5_Update                              342	EXIST::FUNCTION:MD5
-MDC2                                    343	EXIST::FUNCTION:MDC2
-MDC2_Final                              344	EXIST::FUNCTION:MDC2
-MDC2_Init                               345	EXIST::FUNCTION:MDC2
-MDC2_Update                             346	EXIST::FUNCTION:MDC2
-NETSCAPE_SPKAC_free                     347	EXIST::FUNCTION:
-NETSCAPE_SPKAC_new                      348	EXIST::FUNCTION:
-NETSCAPE_SPKI_free                      349	EXIST::FUNCTION:
-NETSCAPE_SPKI_new                       350	EXIST::FUNCTION:
-NETSCAPE_SPKI_sign                      351	EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_verify                    352	EXIST::FUNCTION:EVP
-OBJ_add_object                          353	EXIST::FUNCTION:
-OBJ_bsearch                             354	EXIST::FUNCTION:
-OBJ_cleanup                             355	EXIST::FUNCTION:
-OBJ_cmp                                 356	EXIST::FUNCTION:
-OBJ_create                              357	EXIST::FUNCTION:
-OBJ_dup                                 358	EXIST::FUNCTION:
-OBJ_ln2nid                              359	EXIST::FUNCTION:
-OBJ_new_nid                             360	EXIST::FUNCTION:
-OBJ_nid2ln                              361	EXIST::FUNCTION:
-OBJ_nid2obj                             362	EXIST::FUNCTION:
-OBJ_nid2sn                              363	EXIST::FUNCTION:
-OBJ_obj2nid                             364	EXIST::FUNCTION:
-OBJ_sn2nid                              365	EXIST::FUNCTION:
-OBJ_txt2nid                             366	EXIST::FUNCTION:
-PEM_ASN1_read                           367	EXIST:!WIN16:FUNCTION:
-PEM_ASN1_read_bio                       368	EXIST::FUNCTION:BIO
-PEM_ASN1_write                          369	EXIST:!WIN16:FUNCTION:
-PEM_ASN1_write_bio                      370	EXIST::FUNCTION:BIO
-PEM_SealFinal                           371	EXIST::FUNCTION:RSA
-PEM_SealInit                            372	EXIST::FUNCTION:RSA
-PEM_SealUpdate                          373	EXIST::FUNCTION:RSA
-PEM_SignFinal                           374	EXIST::FUNCTION:
-PEM_SignInit                            375	EXIST::FUNCTION:
-PEM_SignUpdate                          376	EXIST::FUNCTION:
-PEM_X509_INFO_read                      377	EXIST:!WIN16:FUNCTION:
-PEM_X509_INFO_read_bio                  378	EXIST::FUNCTION:BIO
-PEM_X509_INFO_write_bio                 379	EXIST::FUNCTION:BIO
-PEM_dek_info                            380	EXIST::FUNCTION:
-PEM_do_header                           381	EXIST::FUNCTION:
-PEM_get_EVP_CIPHER_INFO                 382	EXIST::FUNCTION:
-PEM_proc_type                           383	EXIST::FUNCTION:
-PEM_read                                384	EXIST:!WIN16:FUNCTION:
-PEM_read_DHparams                       385	EXIST:!WIN16:FUNCTION:DH
-PEM_read_DSAPrivateKey                  386	EXIST:!WIN16:FUNCTION:DSA
-PEM_read_DSAparams                      387	EXIST:!WIN16:FUNCTION:DSA
-PEM_read_PKCS7                          388	EXIST:!WIN16:FUNCTION:
-PEM_read_PrivateKey                     389	EXIST:!WIN16:FUNCTION:
-PEM_read_RSAPrivateKey                  390	EXIST:!WIN16:FUNCTION:RSA
-PEM_read_X509                           391	EXIST:!WIN16:FUNCTION:
-PEM_read_X509_CRL                       392	EXIST:!WIN16:FUNCTION:
-PEM_read_X509_REQ                       393	EXIST:!WIN16:FUNCTION:
-PEM_read_bio                            394	EXIST::FUNCTION:BIO
-PEM_read_bio_DHparams                   395	EXIST::FUNCTION:DH
-PEM_read_bio_DSAPrivateKey              396	EXIST::FUNCTION:DSA
-PEM_read_bio_DSAparams                  397	EXIST::FUNCTION:DSA
-PEM_read_bio_PKCS7                      398	EXIST::FUNCTION:
-PEM_read_bio_PrivateKey                 399	EXIST::FUNCTION:
-PEM_read_bio_RSAPrivateKey              400	EXIST::FUNCTION:RSA
-PEM_read_bio_X509                       401	EXIST::FUNCTION:
-PEM_read_bio_X509_CRL                   402	EXIST::FUNCTION:
-PEM_read_bio_X509_REQ                   403	EXIST::FUNCTION:
-PEM_write                               404	EXIST:!WIN16:FUNCTION:
-PEM_write_DHparams                      405	EXIST:!WIN16:FUNCTION:DH
-PEM_write_DSAPrivateKey                 406	EXIST:!WIN16:FUNCTION:DSA
-PEM_write_DSAparams                     407	EXIST:!WIN16:FUNCTION:DSA
-PEM_write_PKCS7                         408	EXIST:!WIN16:FUNCTION:
-PEM_write_PrivateKey                    409	EXIST:!WIN16:FUNCTION:
-PEM_write_RSAPrivateKey                 410	EXIST:!WIN16:FUNCTION:RSA
-PEM_write_X509                          411	EXIST:!WIN16:FUNCTION:
-PEM_write_X509_CRL                      412	EXIST:!WIN16:FUNCTION:
-PEM_write_X509_REQ                      413	EXIST:!WIN16:FUNCTION:
-PEM_write_bio                           414	EXIST::FUNCTION:BIO
-PEM_write_bio_DHparams                  415	EXIST::FUNCTION:DH
-PEM_write_bio_DSAPrivateKey             416	EXIST::FUNCTION:DSA
-PEM_write_bio_DSAparams                 417	EXIST::FUNCTION:DSA
-PEM_write_bio_PKCS7                     418	EXIST::FUNCTION:
-PEM_write_bio_PrivateKey                419	EXIST::FUNCTION:
-PEM_write_bio_RSAPrivateKey             420	EXIST::FUNCTION:RSA
-PEM_write_bio_X509                      421	EXIST::FUNCTION:
-PEM_write_bio_X509_CRL                  422	EXIST::FUNCTION:
-PEM_write_bio_X509_REQ                  423	EXIST::FUNCTION:
-PKCS7_DIGEST_free                       424	EXIST::FUNCTION:
-PKCS7_DIGEST_new                        425	EXIST::FUNCTION:
-PKCS7_ENCRYPT_free                      426	EXIST::FUNCTION:
-PKCS7_ENCRYPT_new                       427	EXIST::FUNCTION:
-PKCS7_ENC_CONTENT_free                  428	EXIST::FUNCTION:
-PKCS7_ENC_CONTENT_new                   429	EXIST::FUNCTION:
-PKCS7_ENVELOPE_free                     430	EXIST::FUNCTION:
-PKCS7_ENVELOPE_new                      431	EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_digest          432	EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_free            433	EXIST::FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_new             434	EXIST::FUNCTION:
-PKCS7_RECIP_INFO_free                   435	EXIST::FUNCTION:
-PKCS7_RECIP_INFO_new                    436	EXIST::FUNCTION:
-PKCS7_SIGNED_free                       437	EXIST::FUNCTION:
-PKCS7_SIGNED_new                        438	EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_free                  439	EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_new                   440	EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_free                441	EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_new                 442	EXIST::FUNCTION:
-PKCS7_dup                               443	EXIST::FUNCTION:
-PKCS7_free                              444	EXIST::FUNCTION:
-PKCS7_new                               445	EXIST::FUNCTION:
-PROXY_ENTRY_add_noproxy                 446	NOEXIST::FUNCTION:
-PROXY_ENTRY_clear_noproxy               447	NOEXIST::FUNCTION:
-PROXY_ENTRY_free                        448	NOEXIST::FUNCTION:
-PROXY_ENTRY_get_noproxy                 449	NOEXIST::FUNCTION:
-PROXY_ENTRY_new                         450	NOEXIST::FUNCTION:
-PROXY_ENTRY_set_server                  451	NOEXIST::FUNCTION:
-PROXY_add_noproxy                       452	NOEXIST::FUNCTION:
-PROXY_add_server                        453	NOEXIST::FUNCTION:
-PROXY_check_by_host                     454	NOEXIST::FUNCTION:
-PROXY_check_url                         455	NOEXIST::FUNCTION:
-PROXY_clear_noproxy                     456	NOEXIST::FUNCTION:
-PROXY_free                              457	NOEXIST::FUNCTION:
-PROXY_get_noproxy                       458	NOEXIST::FUNCTION:
-PROXY_get_proxies                       459	NOEXIST::FUNCTION:
-PROXY_get_proxy_entry                   460	NOEXIST::FUNCTION:
-PROXY_load_conf                         461	NOEXIST::FUNCTION:
-PROXY_new                               462	NOEXIST::FUNCTION:
-PROXY_print                             463	NOEXIST::FUNCTION:
-RAND_bytes                              464	EXIST::FUNCTION:
-RAND_cleanup                            465	EXIST::FUNCTION:
-RAND_file_name                          466	EXIST::FUNCTION:
-RAND_load_file                          467	EXIST::FUNCTION:
-RAND_screen                             468	EXIST:WIN32:FUNCTION:
-RAND_seed                               469	EXIST::FUNCTION:
-RAND_write_file                         470	EXIST::FUNCTION:
-RC2_cbc_encrypt                         471	EXIST::FUNCTION:RC2
-RC2_cfb64_encrypt                       472	EXIST::FUNCTION:RC2
-RC2_ecb_encrypt                         473	EXIST::FUNCTION:RC2
-RC2_encrypt                             474	EXIST::FUNCTION:RC2
-RC2_ofb64_encrypt                       475	EXIST::FUNCTION:RC2
-RC2_set_key                             476	EXIST::FUNCTION:RC2
-RC4                                     477	EXIST::FUNCTION:RC4
-RC4_options                             478	EXIST::FUNCTION:RC4
-RC4_set_key                             479	EXIST::FUNCTION:RC4
-RSAPrivateKey_asn1_meth                 480	EXIST::FUNCTION:RSA
-RSAPrivateKey_dup                       481	EXIST::FUNCTION:RSA
-RSAPublicKey_dup                        482	EXIST::FUNCTION:RSA
-RSA_PKCS1_SSLeay                        483	EXIST::FUNCTION:RSA
-RSA_free                                484	EXIST::FUNCTION:RSA
-RSA_generate_key                        485	EXIST::FUNCTION:RSA
-RSA_new                                 486	EXIST::FUNCTION:RSA
-RSA_new_method                          487	EXIST::FUNCTION:RSA
-RSA_print                               488	EXIST::FUNCTION:BIO,RSA
-RSA_print_fp                            489	EXIST::FUNCTION:FP_API,RSA
-RSA_private_decrypt                     490	EXIST::FUNCTION:RSA
-RSA_private_encrypt                     491	EXIST::FUNCTION:RSA
-RSA_public_decrypt                      492	EXIST::FUNCTION:RSA
-RSA_public_encrypt                      493	EXIST::FUNCTION:RSA
-RSA_set_default_method                  494	EXIST::FUNCTION:RSA
-RSA_sign                                495	EXIST::FUNCTION:RSA
-RSA_sign_ASN1_OCTET_STRING              496	EXIST::FUNCTION:RSA
-RSA_size                                497	EXIST::FUNCTION:RSA
-RSA_verify                              498	EXIST::FUNCTION:RSA
-RSA_verify_ASN1_OCTET_STRING            499	EXIST::FUNCTION:RSA
-SHA                                     500	EXIST::FUNCTION:SHA,SHA0
-SHA1                                    501	EXIST::FUNCTION:SHA,SHA1
-SHA1_Final                              502	EXIST::FUNCTION:SHA,SHA1
-SHA1_Init                               503	EXIST::FUNCTION:SHA,SHA1
-SHA1_Update                             504	EXIST::FUNCTION:SHA,SHA1
-SHA_Final                               505	EXIST::FUNCTION:SHA,SHA0
-SHA_Init                                506	EXIST::FUNCTION:SHA,SHA0
-SHA_Update                              507	EXIST::FUNCTION:SHA,SHA0
-OpenSSL_add_all_algorithms              508	NOEXIST::FUNCTION:
-OpenSSL_add_all_ciphers                 509	EXIST::FUNCTION:
-OpenSSL_add_all_digests                 510	EXIST::FUNCTION:
-TXT_DB_create_index                     511	EXIST::FUNCTION:
-TXT_DB_free                             512	EXIST::FUNCTION:
-TXT_DB_get_by_index                     513	EXIST::FUNCTION:
-TXT_DB_insert                           514	EXIST::FUNCTION:
-TXT_DB_read                             515	EXIST::FUNCTION:BIO
-TXT_DB_write                            516	EXIST::FUNCTION:BIO
-X509_ALGOR_free                         517	EXIST::FUNCTION:
-X509_ALGOR_new                          518	EXIST::FUNCTION:
-X509_ATTRIBUTE_free                     519	EXIST::FUNCTION:
-X509_ATTRIBUTE_new                      520	EXIST::FUNCTION:
-X509_CINF_free                          521	EXIST::FUNCTION:
-X509_CINF_new                           522	EXIST::FUNCTION:
-X509_CRL_INFO_free                      523	EXIST::FUNCTION:
-X509_CRL_INFO_new                       524	EXIST::FUNCTION:
-X509_CRL_add_ext                        525	EXIST::FUNCTION:
-X509_CRL_cmp                            526	EXIST::FUNCTION:
-X509_CRL_delete_ext                     527	EXIST::FUNCTION:
-X509_CRL_dup                            528	EXIST::FUNCTION:
-X509_CRL_free                           529	EXIST::FUNCTION:
-X509_CRL_get_ext                        530	EXIST::FUNCTION:
-X509_CRL_get_ext_by_NID                 531	EXIST::FUNCTION:
-X509_CRL_get_ext_by_OBJ                 532	EXIST::FUNCTION:
-X509_CRL_get_ext_by_critical            533	EXIST::FUNCTION:
-X509_CRL_get_ext_count                  534	EXIST::FUNCTION:
-X509_CRL_new                            535	EXIST::FUNCTION:
-X509_CRL_sign                           536	EXIST::FUNCTION:EVP
-X509_CRL_verify                         537	EXIST::FUNCTION:EVP
-X509_EXTENSION_create_by_NID            538	EXIST::FUNCTION:
-X509_EXTENSION_create_by_OBJ            539	EXIST::FUNCTION:
-X509_EXTENSION_dup                      540	EXIST::FUNCTION:
-X509_EXTENSION_free                     541	EXIST::FUNCTION:
-X509_EXTENSION_get_critical             542	EXIST::FUNCTION:
-X509_EXTENSION_get_data                 543	EXIST::FUNCTION:
-X509_EXTENSION_get_object               544	EXIST::FUNCTION:
-X509_EXTENSION_new                      545	EXIST::FUNCTION:
-X509_EXTENSION_set_critical             546	EXIST::FUNCTION:
-X509_EXTENSION_set_data                 547	EXIST::FUNCTION:
-X509_EXTENSION_set_object               548	EXIST::FUNCTION:
-X509_INFO_free                          549	EXIST::FUNCTION:EVP
-X509_INFO_new                           550	EXIST::FUNCTION:EVP
-X509_LOOKUP_by_alias                    551	EXIST::FUNCTION:
-X509_LOOKUP_by_fingerprint              552	EXIST::FUNCTION:
-X509_LOOKUP_by_issuer_serial            553	EXIST::FUNCTION:
-X509_LOOKUP_by_subject                  554	EXIST::FUNCTION:
-X509_LOOKUP_ctrl                        555	EXIST::FUNCTION:
-X509_LOOKUP_file                        556	EXIST::FUNCTION:
-X509_LOOKUP_free                        557	EXIST::FUNCTION:
-X509_LOOKUP_hash_dir                    558	EXIST::FUNCTION:
-X509_LOOKUP_init                        559	EXIST::FUNCTION:
-X509_LOOKUP_new                         560	EXIST::FUNCTION:
-X509_LOOKUP_shutdown                    561	EXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_NID           562	EXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_OBJ           563	EXIST::FUNCTION:
-X509_NAME_ENTRY_dup                     564	EXIST::FUNCTION:
-X509_NAME_ENTRY_free                    565	EXIST::FUNCTION:
-X509_NAME_ENTRY_get_data                566	EXIST::FUNCTION:
-X509_NAME_ENTRY_get_object              567	EXIST::FUNCTION:
-X509_NAME_ENTRY_new                     568	EXIST::FUNCTION:
-X509_NAME_ENTRY_set_data                569	EXIST::FUNCTION:
-X509_NAME_ENTRY_set_object              570	EXIST::FUNCTION:
-X509_NAME_add_entry                     571	EXIST::FUNCTION:
-X509_NAME_cmp                           572	EXIST::FUNCTION:
-X509_NAME_delete_entry                  573	EXIST::FUNCTION:
-X509_NAME_digest                        574	EXIST::FUNCTION:EVP
-X509_NAME_dup                           575	EXIST::FUNCTION:
-X509_NAME_entry_count                   576	EXIST::FUNCTION:
-X509_NAME_free                          577	EXIST::FUNCTION:
-X509_NAME_get_entry                     578	EXIST::FUNCTION:
-X509_NAME_get_index_by_NID              579	EXIST::FUNCTION:
-X509_NAME_get_index_by_OBJ              580	EXIST::FUNCTION:
-X509_NAME_get_text_by_NID               581	EXIST::FUNCTION:
-X509_NAME_get_text_by_OBJ               582	EXIST::FUNCTION:
-X509_NAME_hash                          583	EXIST::FUNCTION:
-X509_NAME_new                           584	EXIST::FUNCTION:
-X509_NAME_oneline                       585	EXIST::FUNCTION:EVP
-X509_NAME_print                         586	EXIST::FUNCTION:BIO
-X509_NAME_set                           587	EXIST::FUNCTION:
-X509_OBJECT_free_contents               588	EXIST::FUNCTION:
-X509_OBJECT_retrieve_by_subject         589	EXIST::FUNCTION:
-X509_OBJECT_up_ref_count                590	EXIST::FUNCTION:
-X509_PKEY_free                          591	EXIST::FUNCTION:
-X509_PKEY_new                           592	EXIST::FUNCTION:
-X509_PUBKEY_free                        593	EXIST::FUNCTION:
-X509_PUBKEY_get                         594	EXIST::FUNCTION:
-X509_PUBKEY_new                         595	EXIST::FUNCTION:
-X509_PUBKEY_set                         596	EXIST::FUNCTION:
-X509_REQ_INFO_free                      597	EXIST::FUNCTION:
-X509_REQ_INFO_new                       598	EXIST::FUNCTION:
-X509_REQ_dup                            599	EXIST::FUNCTION:
-X509_REQ_free                           600	EXIST::FUNCTION:
-X509_REQ_get_pubkey                     601	EXIST::FUNCTION:
-X509_REQ_new                            602	EXIST::FUNCTION:
-X509_REQ_print                          603	EXIST::FUNCTION:BIO
-X509_REQ_print_fp                       604	EXIST::FUNCTION:FP_API
-X509_REQ_set_pubkey                     605	EXIST::FUNCTION:
-X509_REQ_set_subject_name               606	EXIST::FUNCTION:
-X509_REQ_set_version                    607	EXIST::FUNCTION:
-X509_REQ_sign                           608	EXIST::FUNCTION:EVP
-X509_REQ_to_X509                        609	EXIST::FUNCTION:
-X509_REQ_verify                         610	EXIST::FUNCTION:EVP
-X509_REVOKED_add_ext                    611	EXIST::FUNCTION:
-X509_REVOKED_delete_ext                 612	EXIST::FUNCTION:
-X509_REVOKED_free                       613	EXIST::FUNCTION:
-X509_REVOKED_get_ext                    614	EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_NID             615	EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_OBJ             616	EXIST::FUNCTION:
-X509_REVOKED_get_ext_by_critical        617	EXIST:!VMS:FUNCTION:
-X509_REVOKED_get_ext_by_critic          617	EXIST:VMS:FUNCTION:
-X509_REVOKED_get_ext_count              618	EXIST::FUNCTION:
-X509_REVOKED_new                        619	EXIST::FUNCTION:
-X509_SIG_free                           620	EXIST::FUNCTION:
-X509_SIG_new                            621	EXIST::FUNCTION:
-X509_STORE_CTX_cleanup                  622	EXIST::FUNCTION:
-X509_STORE_CTX_init                     623	EXIST::FUNCTION:
-X509_STORE_add_cert                     624	EXIST::FUNCTION:
-X509_STORE_add_lookup                   625	EXIST::FUNCTION:
-X509_STORE_free                         626	EXIST::FUNCTION:
-X509_STORE_get_by_subject               627	EXIST::FUNCTION:
-X509_STORE_load_locations               628	EXIST::FUNCTION:STDIO
-X509_STORE_new                          629	EXIST::FUNCTION:
-X509_STORE_set_default_paths            630	EXIST::FUNCTION:STDIO
-X509_VAL_free                           631	EXIST::FUNCTION:
-X509_VAL_new                            632	EXIST::FUNCTION:
-X509_add_ext                            633	EXIST::FUNCTION:
-X509_asn1_meth                          634	EXIST::FUNCTION:
-X509_certificate_type                   635	EXIST::FUNCTION:
-X509_check_private_key                  636	EXIST::FUNCTION:
-X509_cmp_current_time                   637	EXIST::FUNCTION:
-X509_delete_ext                         638	EXIST::FUNCTION:
-X509_digest                             639	EXIST::FUNCTION:EVP
-X509_dup                                640	EXIST::FUNCTION:
-X509_free                               641	EXIST::FUNCTION:
-X509_get_default_cert_area              642	EXIST::FUNCTION:
-X509_get_default_cert_dir               643	EXIST::FUNCTION:
-X509_get_default_cert_dir_env           644	EXIST::FUNCTION:
-X509_get_default_cert_file              645	EXIST::FUNCTION:
-X509_get_default_cert_file_env          646	EXIST::FUNCTION:
-X509_get_default_private_dir            647	EXIST::FUNCTION:
-X509_get_ext                            648	EXIST::FUNCTION:
-X509_get_ext_by_NID                     649	EXIST::FUNCTION:
-X509_get_ext_by_OBJ                     650	EXIST::FUNCTION:
-X509_get_ext_by_critical                651	EXIST::FUNCTION:
-X509_get_ext_count                      652	EXIST::FUNCTION:
-X509_get_issuer_name                    653	EXIST::FUNCTION:
-X509_get_pubkey                         654	EXIST::FUNCTION:
-X509_get_pubkey_parameters              655	EXIST::FUNCTION:
-X509_get_serialNumber                   656	EXIST::FUNCTION:
-X509_get_subject_name                   657	EXIST::FUNCTION:
-X509_gmtime_adj                         658	EXIST::FUNCTION:
-X509_issuer_and_serial_cmp              659	EXIST::FUNCTION:
-X509_issuer_and_serial_hash             660	EXIST::FUNCTION:
-X509_issuer_name_cmp                    661	EXIST::FUNCTION:
-X509_issuer_name_hash                   662	EXIST::FUNCTION:
-X509_load_cert_file                     663	EXIST::FUNCTION:STDIO
-X509_new                                664	EXIST::FUNCTION:
-X509_print                              665	EXIST::FUNCTION:BIO
-X509_print_fp                           666	EXIST::FUNCTION:FP_API
-X509_set_issuer_name                    667	EXIST::FUNCTION:
-X509_set_notAfter                       668	EXIST::FUNCTION:
-X509_set_notBefore                      669	EXIST::FUNCTION:
-X509_set_pubkey                         670	EXIST::FUNCTION:
-X509_set_serialNumber                   671	EXIST::FUNCTION:
-X509_set_subject_name                   672	EXIST::FUNCTION:
-X509_set_version                        673	EXIST::FUNCTION:
-X509_sign                               674	EXIST::FUNCTION:EVP
-X509_subject_name_cmp                   675	EXIST::FUNCTION:
-X509_subject_name_hash                  676	EXIST::FUNCTION:
-X509_to_X509_REQ                        677	EXIST::FUNCTION:
-X509_verify                             678	EXIST::FUNCTION:EVP
-X509_verify_cert                        679	EXIST::FUNCTION:
-X509_verify_cert_error_string           680	EXIST::FUNCTION:
-X509v3_add_ext                          681	EXIST::FUNCTION:
-X509v3_add_extension                    682	NOEXIST::FUNCTION:
-X509v3_add_netscape_extensions          683	NOEXIST::FUNCTION:
-X509v3_add_standard_extensions          684	NOEXIST::FUNCTION:
-X509v3_cleanup_extensions               685	NOEXIST::FUNCTION:
-X509v3_data_type_by_NID                 686	NOEXIST::FUNCTION:
-X509v3_data_type_by_OBJ                 687	NOEXIST::FUNCTION:
-X509v3_delete_ext                       688	EXIST::FUNCTION:
-X509v3_get_ext                          689	EXIST::FUNCTION:
-X509v3_get_ext_by_NID                   690	EXIST::FUNCTION:
-X509v3_get_ext_by_OBJ                   691	EXIST::FUNCTION:
-X509v3_get_ext_by_critical              692	EXIST::FUNCTION:
-X509v3_get_ext_count                    693	EXIST::FUNCTION:
-X509v3_pack_string                      694	NOEXIST::FUNCTION:
-X509v3_pack_type_by_NID                 695	NOEXIST::FUNCTION:
-X509v3_pack_type_by_OBJ                 696	NOEXIST::FUNCTION:
-X509v3_unpack_string                    697	NOEXIST::FUNCTION:
-_des_crypt                              698	NOEXIST::FUNCTION:
-a2d_ASN1_OBJECT                         699	EXIST::FUNCTION:
-a2i_ASN1_INTEGER                        700	EXIST::FUNCTION:BIO
-a2i_ASN1_STRING                         701	EXIST::FUNCTION:BIO
-asn1_Finish                             702	EXIST::FUNCTION:
-asn1_GetSequence                        703	EXIST::FUNCTION:
-bn_div_words                            704	EXIST::FUNCTION:
-bn_expand2                              705	EXIST::FUNCTION:
-bn_mul_add_words                        706	EXIST::FUNCTION:
-bn_mul_words                            707	EXIST::FUNCTION:
-BN_uadd                                 708	EXIST::FUNCTION:
-BN_usub                                 709	EXIST::FUNCTION:
-bn_sqr_words                            710	EXIST::FUNCTION:
-_ossl_old_crypt                         711	EXIST:!NeXT,!PERL5:FUNCTION:DES
-d2i_ASN1_BIT_STRING                     712	EXIST::FUNCTION:
-d2i_ASN1_BOOLEAN                        713	EXIST::FUNCTION:
-d2i_ASN1_HEADER                         714	EXIST::FUNCTION:
-d2i_ASN1_IA5STRING                      715	EXIST::FUNCTION:
-d2i_ASN1_INTEGER                        716	EXIST::FUNCTION:
-d2i_ASN1_OBJECT                         717	EXIST::FUNCTION:
-d2i_ASN1_OCTET_STRING                   718	EXIST::FUNCTION:
-d2i_ASN1_PRINTABLE                      719	EXIST::FUNCTION:
-d2i_ASN1_PRINTABLESTRING                720	EXIST::FUNCTION:
-d2i_ASN1_SET                            721	EXIST::FUNCTION:
-d2i_ASN1_T61STRING                      722	EXIST::FUNCTION:
-d2i_ASN1_TYPE                           723	EXIST::FUNCTION:
-d2i_ASN1_UTCTIME                        724	EXIST::FUNCTION:
-d2i_ASN1_bytes                          725	EXIST::FUNCTION:
-d2i_ASN1_type_bytes                     726	EXIST::FUNCTION:
-d2i_DHparams                            727	EXIST::FUNCTION:DH
-d2i_DSAPrivateKey                       728	EXIST::FUNCTION:DSA
-d2i_DSAPrivateKey_bio                   729	EXIST::FUNCTION:BIO,DSA
-d2i_DSAPrivateKey_fp                    730	EXIST::FUNCTION:DSA,FP_API
-d2i_DSAPublicKey                        731	EXIST::FUNCTION:DSA
-d2i_DSAparams                           732	EXIST::FUNCTION:DSA
-d2i_NETSCAPE_SPKAC                      733	EXIST::FUNCTION:
-d2i_NETSCAPE_SPKI                       734	EXIST::FUNCTION:
-d2i_Netscape_RSA                        735	EXIST::FUNCTION:RSA
-d2i_PKCS7                               736	EXIST::FUNCTION:
-d2i_PKCS7_DIGEST                        737	EXIST::FUNCTION:
-d2i_PKCS7_ENCRYPT                       738	EXIST::FUNCTION:
-d2i_PKCS7_ENC_CONTENT                   739	EXIST::FUNCTION:
-d2i_PKCS7_ENVELOPE                      740	EXIST::FUNCTION:
-d2i_PKCS7_ISSUER_AND_SERIAL             741	EXIST::FUNCTION:
-d2i_PKCS7_RECIP_INFO                    742	EXIST::FUNCTION:
-d2i_PKCS7_SIGNED                        743	EXIST::FUNCTION:
-d2i_PKCS7_SIGNER_INFO                   744	EXIST::FUNCTION:
-d2i_PKCS7_SIGN_ENVELOPE                 745	EXIST::FUNCTION:
-d2i_PKCS7_bio                           746	EXIST::FUNCTION:
-d2i_PKCS7_fp                            747	EXIST::FUNCTION:FP_API
-d2i_PrivateKey                          748	EXIST::FUNCTION:
-d2i_PublicKey                           749	EXIST::FUNCTION:
-d2i_RSAPrivateKey                       750	EXIST::FUNCTION:RSA
-d2i_RSAPrivateKey_bio                   751	EXIST::FUNCTION:BIO,RSA
-d2i_RSAPrivateKey_fp                    752	EXIST::FUNCTION:FP_API,RSA
-d2i_RSAPublicKey                        753	EXIST::FUNCTION:RSA
-d2i_X509                                754	EXIST::FUNCTION:
-d2i_X509_ALGOR                          755	EXIST::FUNCTION:
-d2i_X509_ATTRIBUTE                      756	EXIST::FUNCTION:
-d2i_X509_CINF                           757	EXIST::FUNCTION:
-d2i_X509_CRL                            758	EXIST::FUNCTION:
-d2i_X509_CRL_INFO                       759	EXIST::FUNCTION:
-d2i_X509_CRL_bio                        760	EXIST::FUNCTION:BIO
-d2i_X509_CRL_fp                         761	EXIST::FUNCTION:FP_API
-d2i_X509_EXTENSION                      762	EXIST::FUNCTION:
-d2i_X509_NAME                           763	EXIST::FUNCTION:
-d2i_X509_NAME_ENTRY                     764	EXIST::FUNCTION:
-d2i_X509_PKEY                           765	EXIST::FUNCTION:
-d2i_X509_PUBKEY                         766	EXIST::FUNCTION:
-d2i_X509_REQ                            767	EXIST::FUNCTION:
-d2i_X509_REQ_INFO                       768	EXIST::FUNCTION:
-d2i_X509_REQ_bio                        769	EXIST::FUNCTION:BIO
-d2i_X509_REQ_fp                         770	EXIST::FUNCTION:FP_API
-d2i_X509_REVOKED                        771	EXIST::FUNCTION:
-d2i_X509_SIG                            772	EXIST::FUNCTION:
-d2i_X509_VAL                            773	EXIST::FUNCTION:
-d2i_X509_bio                            774	EXIST::FUNCTION:BIO
-d2i_X509_fp                             775	EXIST::FUNCTION:FP_API
-DES_cbc_cksum                           777	EXIST::FUNCTION:DES
-DES_cbc_encrypt                         778	EXIST::FUNCTION:DES
-DES_cblock_print_file                   779	NOEXIST::FUNCTION:
-DES_cfb64_encrypt                       780	EXIST::FUNCTION:DES
-DES_cfb_encrypt                         781	EXIST::FUNCTION:DES
-DES_decrypt3                            782	EXIST::FUNCTION:DES
-DES_ecb3_encrypt                        783	EXIST::FUNCTION:DES
-DES_ecb_encrypt                         784	EXIST::FUNCTION:DES
-DES_ede3_cbc_encrypt                    785	EXIST::FUNCTION:DES
-DES_ede3_cfb64_encrypt                  786	EXIST::FUNCTION:DES
-DES_ede3_ofb64_encrypt                  787	EXIST::FUNCTION:DES
-DES_enc_read                            788	EXIST::FUNCTION:DES
-DES_enc_write                           789	EXIST::FUNCTION:DES
-DES_encrypt1                            790	EXIST::FUNCTION:DES
-DES_encrypt2                            791	EXIST::FUNCTION:DES
-DES_encrypt3                            792	EXIST::FUNCTION:DES
-DES_fcrypt                              793	EXIST::FUNCTION:DES
-DES_is_weak_key                         794	EXIST::FUNCTION:DES
-DES_key_sched                           795	EXIST::FUNCTION:DES
-DES_ncbc_encrypt                        796	EXIST::FUNCTION:DES
-DES_ofb64_encrypt                       797	EXIST::FUNCTION:DES
-DES_ofb_encrypt                         798	EXIST::FUNCTION:DES
-DES_options                             799	EXIST::FUNCTION:DES
-DES_pcbc_encrypt                        800	EXIST::FUNCTION:DES
-DES_quad_cksum                          801	EXIST::FUNCTION:DES
-DES_random_key                          802	EXIST::FUNCTION:DES
-_ossl_old_des_random_seed               803	EXIST::FUNCTION:DES
-_ossl_old_des_read_2passwords           804	EXIST::FUNCTION:DES
-_ossl_old_des_read_password             805	EXIST::FUNCTION:DES
-_ossl_old_des_read_pw                   806	EXIST::FUNCTION:
-_ossl_old_des_read_pw_string            807	EXIST::FUNCTION:
-DES_set_key                             808	EXIST::FUNCTION:DES
-DES_set_odd_parity                      809	EXIST::FUNCTION:DES
-DES_string_to_2keys                     810	EXIST::FUNCTION:DES
-DES_string_to_key                       811	EXIST::FUNCTION:DES
-DES_xcbc_encrypt                        812	EXIST::FUNCTION:DES
-DES_xwhite_in2out                       813	EXIST::FUNCTION:DES
-fcrypt_body                             814	NOEXIST::FUNCTION:
-i2a_ASN1_INTEGER                        815	EXIST::FUNCTION:BIO
-i2a_ASN1_OBJECT                         816	EXIST::FUNCTION:BIO
-i2a_ASN1_STRING                         817	EXIST::FUNCTION:BIO
-i2d_ASN1_BIT_STRING                     818	EXIST::FUNCTION:
-i2d_ASN1_BOOLEAN                        819	EXIST::FUNCTION:
-i2d_ASN1_HEADER                         820	EXIST::FUNCTION:
-i2d_ASN1_IA5STRING                      821	EXIST::FUNCTION:
-i2d_ASN1_INTEGER                        822	EXIST::FUNCTION:
-i2d_ASN1_OBJECT                         823	EXIST::FUNCTION:
-i2d_ASN1_OCTET_STRING                   824	EXIST::FUNCTION:
-i2d_ASN1_PRINTABLE                      825	EXIST::FUNCTION:
-i2d_ASN1_SET                            826	EXIST::FUNCTION:
-i2d_ASN1_TYPE                           827	EXIST::FUNCTION:
-i2d_ASN1_UTCTIME                        828	EXIST::FUNCTION:
-i2d_ASN1_bytes                          829	EXIST::FUNCTION:
-i2d_DHparams                            830	EXIST::FUNCTION:DH
-i2d_DSAPrivateKey                       831	EXIST::FUNCTION:DSA
-i2d_DSAPrivateKey_bio                   832	EXIST::FUNCTION:BIO,DSA
-i2d_DSAPrivateKey_fp                    833	EXIST::FUNCTION:DSA,FP_API
-i2d_DSAPublicKey                        834	EXIST::FUNCTION:DSA
-i2d_DSAparams                           835	EXIST::FUNCTION:DSA
-i2d_NETSCAPE_SPKAC                      836	EXIST::FUNCTION:
-i2d_NETSCAPE_SPKI                       837	EXIST::FUNCTION:
-i2d_Netscape_RSA                        838	EXIST::FUNCTION:RSA
-i2d_PKCS7                               839	EXIST::FUNCTION:
-i2d_PKCS7_DIGEST                        840	EXIST::FUNCTION:
-i2d_PKCS7_ENCRYPT                       841	EXIST::FUNCTION:
-i2d_PKCS7_ENC_CONTENT                   842	EXIST::FUNCTION:
-i2d_PKCS7_ENVELOPE                      843	EXIST::FUNCTION:
-i2d_PKCS7_ISSUER_AND_SERIAL             844	EXIST::FUNCTION:
-i2d_PKCS7_RECIP_INFO                    845	EXIST::FUNCTION:
-i2d_PKCS7_SIGNED                        846	EXIST::FUNCTION:
-i2d_PKCS7_SIGNER_INFO                   847	EXIST::FUNCTION:
-i2d_PKCS7_SIGN_ENVELOPE                 848	EXIST::FUNCTION:
-i2d_PKCS7_bio                           849	EXIST::FUNCTION:
-i2d_PKCS7_fp                            850	EXIST::FUNCTION:FP_API
-i2d_PrivateKey                          851	EXIST::FUNCTION:
-i2d_PublicKey                           852	EXIST::FUNCTION:
-i2d_RSAPrivateKey                       853	EXIST::FUNCTION:RSA
-i2d_RSAPrivateKey_bio                   854	EXIST::FUNCTION:BIO,RSA
-i2d_RSAPrivateKey_fp                    855	EXIST::FUNCTION:FP_API,RSA
-i2d_RSAPublicKey                        856	EXIST::FUNCTION:RSA
-i2d_X509                                857	EXIST::FUNCTION:
-i2d_X509_ALGOR                          858	EXIST::FUNCTION:
-i2d_X509_ATTRIBUTE                      859	EXIST::FUNCTION:
-i2d_X509_CINF                           860	EXIST::FUNCTION:
-i2d_X509_CRL                            861	EXIST::FUNCTION:
-i2d_X509_CRL_INFO                       862	EXIST::FUNCTION:
-i2d_X509_CRL_bio                        863	EXIST::FUNCTION:BIO
-i2d_X509_CRL_fp                         864	EXIST::FUNCTION:FP_API
-i2d_X509_EXTENSION                      865	EXIST::FUNCTION:
-i2d_X509_NAME                           866	EXIST::FUNCTION:
-i2d_X509_NAME_ENTRY                     867	EXIST::FUNCTION:
-i2d_X509_PKEY                           868	EXIST::FUNCTION:
-i2d_X509_PUBKEY                         869	EXIST::FUNCTION:
-i2d_X509_REQ                            870	EXIST::FUNCTION:
-i2d_X509_REQ_INFO                       871	EXIST::FUNCTION:
-i2d_X509_REQ_bio                        872	EXIST::FUNCTION:BIO
-i2d_X509_REQ_fp                         873	EXIST::FUNCTION:FP_API
-i2d_X509_REVOKED                        874	EXIST::FUNCTION:
-i2d_X509_SIG                            875	EXIST::FUNCTION:
-i2d_X509_VAL                            876	EXIST::FUNCTION:
-i2d_X509_bio                            877	EXIST::FUNCTION:BIO
-i2d_X509_fp                             878	EXIST::FUNCTION:FP_API
-idea_cbc_encrypt                        879	EXIST::FUNCTION:IDEA
-idea_cfb64_encrypt                      880	EXIST::FUNCTION:IDEA
-idea_ecb_encrypt                        881	EXIST::FUNCTION:IDEA
-idea_encrypt                            882	EXIST::FUNCTION:IDEA
-idea_ofb64_encrypt                      883	EXIST::FUNCTION:IDEA
-idea_options                            884	EXIST::FUNCTION:IDEA
-idea_set_decrypt_key                    885	EXIST::FUNCTION:IDEA
-idea_set_encrypt_key                    886	EXIST::FUNCTION:IDEA
-lh_delete                               887	EXIST::FUNCTION:
-lh_doall                                888	EXIST::FUNCTION:
-lh_doall_arg                            889	EXIST::FUNCTION:
-lh_free                                 890	EXIST::FUNCTION:
-lh_insert                               891	EXIST::FUNCTION:
-lh_new                                  892	EXIST::FUNCTION:
-lh_node_stats                           893	EXIST::FUNCTION:FP_API
-lh_node_stats_bio                       894	EXIST::FUNCTION:BIO
-lh_node_usage_stats                     895	EXIST::FUNCTION:FP_API
-lh_node_usage_stats_bio                 896	EXIST::FUNCTION:BIO
-lh_retrieve                             897	EXIST::FUNCTION:
-lh_stats                                898	EXIST::FUNCTION:FP_API
-lh_stats_bio                            899	EXIST::FUNCTION:BIO
-lh_strhash                              900	EXIST::FUNCTION:
-sk_delete                               901	EXIST::FUNCTION:
-sk_delete_ptr                           902	EXIST::FUNCTION:
-sk_dup                                  903	EXIST::FUNCTION:
-sk_find                                 904	EXIST::FUNCTION:
-sk_free                                 905	EXIST::FUNCTION:
-sk_insert                               906	EXIST::FUNCTION:
-sk_new                                  907	EXIST::FUNCTION:
-sk_pop                                  908	EXIST::FUNCTION:
-sk_pop_free                             909	EXIST::FUNCTION:
-sk_push                                 910	EXIST::FUNCTION:
-sk_set_cmp_func                         911	EXIST::FUNCTION:
-sk_shift                                912	EXIST::FUNCTION:
-sk_unshift                              913	EXIST::FUNCTION:
-sk_zero                                 914	EXIST::FUNCTION:
-BIO_f_nbio_test                         915	EXIST::FUNCTION:
-ASN1_TYPE_get                           916	EXIST::FUNCTION:
-ASN1_TYPE_set                           917	EXIST::FUNCTION:
-PKCS7_content_free                      918	NOEXIST::FUNCTION:
-ERR_load_PKCS7_strings                  919	EXIST::FUNCTION:
-X509_find_by_issuer_and_serial          920	EXIST::FUNCTION:
-X509_find_by_subject                    921	EXIST::FUNCTION:
-PKCS7_ctrl                              927	EXIST::FUNCTION:
-PKCS7_set_type                          928	EXIST::FUNCTION:
-PKCS7_set_content                       929	EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_set                   930	EXIST::FUNCTION:
-PKCS7_add_signer                        931	EXIST::FUNCTION:
-PKCS7_add_certificate                   932	EXIST::FUNCTION:
-PKCS7_add_crl                           933	EXIST::FUNCTION:
-PKCS7_content_new                       934	EXIST::FUNCTION:
-PKCS7_dataSign                          935	NOEXIST::FUNCTION:
-PKCS7_dataVerify                        936	EXIST::FUNCTION:
-PKCS7_dataInit                          937	EXIST::FUNCTION:
-PKCS7_add_signature                     938	EXIST::FUNCTION:
-PKCS7_cert_from_signer_info             939	EXIST::FUNCTION:
-PKCS7_get_signer_info                   940	EXIST::FUNCTION:
-EVP_delete_alias                        941	NOEXIST::FUNCTION:
-EVP_mdc2                                942	EXIST::FUNCTION:MDC2
-PEM_read_bio_RSAPublicKey               943	EXIST::FUNCTION:RSA
-PEM_write_bio_RSAPublicKey              944	EXIST::FUNCTION:RSA
-d2i_RSAPublicKey_bio                    945	EXIST::FUNCTION:BIO,RSA
-i2d_RSAPublicKey_bio                    946	EXIST::FUNCTION:BIO,RSA
-PEM_read_RSAPublicKey                   947	EXIST:!WIN16:FUNCTION:RSA
-PEM_write_RSAPublicKey                  949	EXIST:!WIN16:FUNCTION:RSA
-d2i_RSAPublicKey_fp                     952	EXIST::FUNCTION:FP_API,RSA
-i2d_RSAPublicKey_fp                     954	EXIST::FUNCTION:FP_API,RSA
-BIO_copy_next_retry                     955	EXIST::FUNCTION:
-RSA_flags                               956	EXIST::FUNCTION:RSA
-X509_STORE_add_crl                      957	EXIST::FUNCTION:
-X509_load_crl_file                      958	EXIST::FUNCTION:STDIO
-EVP_rc2_40_cbc                          959	EXIST::FUNCTION:RC2
-EVP_rc4_40                              960	EXIST::FUNCTION:RC4
-EVP_CIPHER_CTX_init                     961	EXIST::FUNCTION:
-HMAC                                    962	EXIST::FUNCTION:HMAC
-HMAC_Init                               963	EXIST::FUNCTION:HMAC
-HMAC_Update                             964	EXIST::FUNCTION:HMAC
-HMAC_Final                              965	EXIST::FUNCTION:HMAC
-ERR_get_next_error_library              966	EXIST::FUNCTION:
-EVP_PKEY_cmp_parameters                 967	EXIST::FUNCTION:
-HMAC_cleanup                            968	NOEXIST::FUNCTION:
-BIO_ptr_ctrl                            969	EXIST::FUNCTION:
-BIO_new_file_internal                   970	EXIST:WIN16:FUNCTION:FP_API
-BIO_new_fp_internal                     971	EXIST:WIN16:FUNCTION:FP_API
-BIO_s_file_internal                     972	EXIST:WIN16:FUNCTION:FP_API
-BN_BLINDING_convert                     973	EXIST::FUNCTION:
-BN_BLINDING_invert                      974	EXIST::FUNCTION:
-BN_BLINDING_update                      975	EXIST::FUNCTION:
-RSA_blinding_on                         977	EXIST::FUNCTION:RSA
-RSA_blinding_off                        978	EXIST::FUNCTION:RSA
-i2t_ASN1_OBJECT                         979	EXIST::FUNCTION:
-BN_BLINDING_new                         980	EXIST::FUNCTION:
-BN_BLINDING_free                        981	EXIST::FUNCTION:
-EVP_cast5_cbc                           983	EXIST::FUNCTION:CAST
-EVP_cast5_cfb                           984	EXIST::FUNCTION:CAST
-EVP_cast5_ecb                           985	EXIST::FUNCTION:CAST
-EVP_cast5_ofb                           986	EXIST::FUNCTION:CAST
-BF_decrypt                              987	EXIST::FUNCTION:BF
-CAST_set_key                            988	EXIST::FUNCTION:CAST
-CAST_encrypt                            989	EXIST::FUNCTION:CAST
-CAST_decrypt                            990	EXIST::FUNCTION:CAST
-CAST_ecb_encrypt                        991	EXIST::FUNCTION:CAST
-CAST_cbc_encrypt                        992	EXIST::FUNCTION:CAST
-CAST_cfb64_encrypt                      993	EXIST::FUNCTION:CAST
-CAST_ofb64_encrypt                      994	EXIST::FUNCTION:CAST
-RC2_decrypt                             995	EXIST::FUNCTION:RC2
-OBJ_create_objects                      997	EXIST::FUNCTION:
-BN_exp                                  998	EXIST::FUNCTION:
-BN_mul_word                             999	EXIST::FUNCTION:
-BN_sub_word                             1000	EXIST::FUNCTION:
-BN_dec2bn                               1001	EXIST::FUNCTION:
-BN_bn2dec                               1002	EXIST::FUNCTION:
-BIO_ghbn_ctrl                           1003	NOEXIST::FUNCTION:
-CRYPTO_free_ex_data                     1004	EXIST::FUNCTION:
-CRYPTO_get_ex_data                      1005	EXIST::FUNCTION:
-CRYPTO_set_ex_data                      1007	EXIST::FUNCTION:
-ERR_load_CRYPTO_strings                 1009	EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-ERR_load_CRYPTOlib_strings              1009	EXIST:OS2,VMS,WIN16:FUNCTION:
-EVP_PKEY_bits                           1010	EXIST::FUNCTION:
-MD5_Transform                           1011	EXIST::FUNCTION:MD5
-SHA1_Transform                          1012	EXIST::FUNCTION:SHA,SHA1
-SHA_Transform                           1013	EXIST::FUNCTION:SHA,SHA0
-X509_STORE_CTX_get_chain                1014	EXIST::FUNCTION:
-X509_STORE_CTX_get_current_cert         1015	EXIST::FUNCTION:
-X509_STORE_CTX_get_error                1016	EXIST::FUNCTION:
-X509_STORE_CTX_get_error_depth          1017	EXIST::FUNCTION:
-X509_STORE_CTX_get_ex_data              1018	EXIST::FUNCTION:
-X509_STORE_CTX_set_cert                 1020	EXIST::FUNCTION:
-X509_STORE_CTX_set_chain                1021	EXIST::FUNCTION:
-X509_STORE_CTX_set_error                1022	EXIST::FUNCTION:
-X509_STORE_CTX_set_ex_data              1023	EXIST::FUNCTION:
-CRYPTO_dup_ex_data                      1025	EXIST::FUNCTION:
-CRYPTO_get_new_lockid                   1026	EXIST::FUNCTION:
-CRYPTO_new_ex_data                      1027	EXIST::FUNCTION:
-RSA_set_ex_data                         1028	EXIST::FUNCTION:RSA
-RSA_get_ex_data                         1029	EXIST::FUNCTION:RSA
-RSA_get_ex_new_index                    1030	EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_type_1            1031	EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_type_2            1032	EXIST::FUNCTION:RSA
-RSA_padding_add_SSLv23                  1033	EXIST::FUNCTION:RSA
-RSA_padding_add_none                    1034	EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_type_1          1035	EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_type_2          1036	EXIST::FUNCTION:RSA
-RSA_padding_check_SSLv23                1037	EXIST::FUNCTION:RSA
-RSA_padding_check_none                  1038	EXIST::FUNCTION:RSA
-bn_add_words                            1039	EXIST::FUNCTION:
-d2i_Netscape_RSA_2                      1040	NOEXIST::FUNCTION:
-CRYPTO_get_ex_new_index                 1041	EXIST::FUNCTION:
-RIPEMD160_Init                          1042	EXIST::FUNCTION:RIPEMD
-RIPEMD160_Update                        1043	EXIST::FUNCTION:RIPEMD
-RIPEMD160_Final                         1044	EXIST::FUNCTION:RIPEMD
-RIPEMD160                               1045	EXIST::FUNCTION:RIPEMD
-RIPEMD160_Transform                     1046	EXIST::FUNCTION:RIPEMD
-RC5_32_set_key                          1047	EXIST::FUNCTION:RC5
-RC5_32_ecb_encrypt                      1048	EXIST::FUNCTION:RC5
-RC5_32_encrypt                          1049	EXIST::FUNCTION:RC5
-RC5_32_decrypt                          1050	EXIST::FUNCTION:RC5
-RC5_32_cbc_encrypt                      1051	EXIST::FUNCTION:RC5
-RC5_32_cfb64_encrypt                    1052	EXIST::FUNCTION:RC5
-RC5_32_ofb64_encrypt                    1053	EXIST::FUNCTION:RC5
-BN_bn2mpi                               1058	EXIST::FUNCTION:
-BN_mpi2bn                               1059	EXIST::FUNCTION:
-ASN1_BIT_STRING_get_bit                 1060	EXIST::FUNCTION:
-ASN1_BIT_STRING_set_bit                 1061	EXIST::FUNCTION:
-BIO_get_ex_data                         1062	EXIST::FUNCTION:
-BIO_get_ex_new_index                    1063	EXIST::FUNCTION:
-BIO_set_ex_data                         1064	EXIST::FUNCTION:
-X509v3_get_key_usage                    1066	NOEXIST::FUNCTION:
-X509v3_set_key_usage                    1067	NOEXIST::FUNCTION:
-a2i_X509v3_key_usage                    1068	NOEXIST::FUNCTION:
-i2a_X509v3_key_usage                    1069	NOEXIST::FUNCTION:
-EVP_PKEY_decrypt                        1070	EXIST::FUNCTION:
-EVP_PKEY_encrypt                        1071	EXIST::FUNCTION:
-PKCS7_RECIP_INFO_set                    1072	EXIST::FUNCTION:
-PKCS7_add_recipient                     1073	EXIST::FUNCTION:
-PKCS7_add_recipient_info                1074	EXIST::FUNCTION:
-PKCS7_set_cipher                        1075	EXIST::FUNCTION:
-ASN1_TYPE_get_int_octetstring           1076	EXIST::FUNCTION:
-ASN1_TYPE_get_octetstring               1077	EXIST::FUNCTION:
-ASN1_TYPE_set_int_octetstring           1078	EXIST::FUNCTION:
-ASN1_TYPE_set_octetstring               1079	EXIST::FUNCTION:
-ASN1_UTCTIME_set_string                 1080	EXIST::FUNCTION:
-ERR_add_error_data                      1081	EXIST::FUNCTION:BIO
-ERR_set_error_data                      1082	EXIST::FUNCTION:
-EVP_CIPHER_asn1_to_param                1083	EXIST::FUNCTION:
-EVP_CIPHER_param_to_asn1                1084	EXIST::FUNCTION:
-EVP_CIPHER_get_asn1_iv                  1085	EXIST::FUNCTION:
-EVP_CIPHER_set_asn1_iv                  1086	EXIST::FUNCTION:
-EVP_rc5_32_12_16_cbc                    1087	EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_cfb                    1088	EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_ecb                    1089	EXIST::FUNCTION:RC5
-EVP_rc5_32_12_16_ofb                    1090	EXIST::FUNCTION:RC5
-asn1_add_error                          1091	EXIST::FUNCTION:
-d2i_ASN1_BMPSTRING                      1092	EXIST::FUNCTION:
-i2d_ASN1_BMPSTRING                      1093	EXIST::FUNCTION:
-BIO_f_ber                               1094	NOEXIST::FUNCTION:
-BN_init                                 1095	EXIST::FUNCTION:
-COMP_CTX_new                            1096	EXIST::FUNCTION:
-COMP_CTX_free                           1097	EXIST::FUNCTION:
-COMP_CTX_compress_block                 1098	NOEXIST::FUNCTION:
-COMP_CTX_expand_block                   1099	NOEXIST::FUNCTION:
-X509_STORE_CTX_get_ex_new_index         1100	EXIST::FUNCTION:
-OBJ_NAME_add                            1101	EXIST::FUNCTION:
-BIO_socket_nbio                         1102	EXIST::FUNCTION:
-EVP_rc2_64_cbc                          1103	EXIST::FUNCTION:RC2
-OBJ_NAME_cleanup                        1104	EXIST::FUNCTION:
-OBJ_NAME_get                            1105	EXIST::FUNCTION:
-OBJ_NAME_init                           1106	EXIST::FUNCTION:
-OBJ_NAME_new_index                      1107	EXIST::FUNCTION:
-OBJ_NAME_remove                         1108	EXIST::FUNCTION:
-BN_MONT_CTX_copy                        1109	EXIST::FUNCTION:
-BIO_new_socks4a_connect                 1110	NOEXIST::FUNCTION:
-BIO_s_socks4a_connect                   1111	NOEXIST::FUNCTION:
-PROXY_set_connect_mode                  1112	NOEXIST::FUNCTION:
-RAND_SSLeay                             1113	EXIST::FUNCTION:
-RAND_set_rand_method                    1114	EXIST::FUNCTION:
-RSA_memory_lock                         1115	EXIST::FUNCTION:RSA
-bn_sub_words                            1116	EXIST::FUNCTION:
-bn_mul_normal                           1117	NOEXIST::FUNCTION:
-bn_mul_comba8                           1118	NOEXIST::FUNCTION:
-bn_mul_comba4                           1119	NOEXIST::FUNCTION:
-bn_sqr_normal                           1120	NOEXIST::FUNCTION:
-bn_sqr_comba8                           1121	NOEXIST::FUNCTION:
-bn_sqr_comba4                           1122	NOEXIST::FUNCTION:
-bn_cmp_words                            1123	NOEXIST::FUNCTION:
-bn_mul_recursive                        1124	NOEXIST::FUNCTION:
-bn_mul_part_recursive                   1125	NOEXIST::FUNCTION:
-bn_sqr_recursive                        1126	NOEXIST::FUNCTION:
-bn_mul_low_normal                       1127	NOEXIST::FUNCTION:
-BN_RECP_CTX_init                        1128	EXIST::FUNCTION:
-BN_RECP_CTX_new                         1129	EXIST::FUNCTION:
-BN_RECP_CTX_free                        1130	EXIST::FUNCTION:
-BN_RECP_CTX_set                         1131	EXIST::FUNCTION:
-BN_mod_mul_reciprocal                   1132	EXIST::FUNCTION:
-BN_mod_exp_recp                         1133	EXIST::FUNCTION:
-BN_div_recp                             1134	EXIST::FUNCTION:
-BN_CTX_init                             1135	EXIST::FUNCTION:
-BN_MONT_CTX_init                        1136	EXIST::FUNCTION:
-RAND_get_rand_method                    1137	EXIST::FUNCTION:
-PKCS7_add_attribute                     1138	EXIST::FUNCTION:
-PKCS7_add_signed_attribute              1139	EXIST::FUNCTION:
-PKCS7_digest_from_attributes            1140	EXIST::FUNCTION:
-PKCS7_get_attribute                     1141	EXIST::FUNCTION:
-PKCS7_get_issuer_and_serial             1142	EXIST::FUNCTION:
-PKCS7_get_signed_attribute              1143	EXIST::FUNCTION:
-COMP_compress_block                     1144	EXIST::FUNCTION:
-COMP_expand_block                       1145	EXIST::FUNCTION:
-COMP_rle                                1146	EXIST::FUNCTION:
-COMP_zlib                               1147	EXIST::FUNCTION:
-ms_time_diff                            1148	EXIST::FUNCTION:
-ms_time_new                             1149	EXIST::FUNCTION:
-ms_time_free                            1150	EXIST::FUNCTION:
-ms_time_cmp                             1151	EXIST::FUNCTION:
-ms_time_get                             1152	EXIST::FUNCTION:
-PKCS7_set_attributes                    1153	EXIST::FUNCTION:
-PKCS7_set_signed_attributes             1154	EXIST::FUNCTION:
-X509_ATTRIBUTE_create                   1155	EXIST::FUNCTION:
-X509_ATTRIBUTE_dup                      1156	EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_check              1157	EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_print              1158	EXIST::FUNCTION:BIO
-ASN1_GENERALIZEDTIME_set                1159	EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_set_string         1160	EXIST::FUNCTION:
-ASN1_TIME_print                         1161	EXIST::FUNCTION:BIO
-BASIC_CONSTRAINTS_free                  1162	EXIST::FUNCTION:
-BASIC_CONSTRAINTS_new                   1163	EXIST::FUNCTION:
-ERR_load_X509V3_strings                 1164	EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_free             1165	EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_new              1166	EXIST::FUNCTION:
-OBJ_txt2obj                             1167	EXIST::FUNCTION:
-PEM_read_NETSCAPE_CERT_SEQUENCE         1168	EXIST:!VMS,!WIN16:FUNCTION:
-PEM_read_NS_CERT_SEQ                    1168	EXIST:VMS:FUNCTION:
-PEM_read_bio_NETSCAPE_CERT_SEQUENCE     1169	EXIST:!VMS:FUNCTION:
-PEM_read_bio_NS_CERT_SEQ                1169	EXIST:VMS:FUNCTION:
-PEM_write_NETSCAPE_CERT_SEQUENCE        1170	EXIST:!VMS,!WIN16:FUNCTION:
-PEM_write_NS_CERT_SEQ                   1170	EXIST:VMS:FUNCTION:
-PEM_write_bio_NETSCAPE_CERT_SEQUENCE    1171	EXIST:!VMS:FUNCTION:
-PEM_write_bio_NS_CERT_SEQ               1171	EXIST:VMS:FUNCTION:
-X509V3_EXT_add                          1172	EXIST::FUNCTION:
-X509V3_EXT_add_alias                    1173	EXIST::FUNCTION:
-X509V3_EXT_add_conf                     1174	EXIST::FUNCTION:
-X509V3_EXT_cleanup                      1175	EXIST::FUNCTION:
-X509V3_EXT_conf                         1176	EXIST::FUNCTION:
-X509V3_EXT_conf_nid                     1177	EXIST::FUNCTION:
-X509V3_EXT_get                          1178	EXIST::FUNCTION:
-X509V3_EXT_get_nid                      1179	EXIST::FUNCTION:
-X509V3_EXT_print                        1180	EXIST::FUNCTION:
-X509V3_EXT_print_fp                     1181	EXIST::FUNCTION:
-X509V3_add_standard_extensions          1182	EXIST::FUNCTION:
-X509V3_add_value                        1183	EXIST::FUNCTION:
-X509V3_add_value_bool                   1184	EXIST::FUNCTION:
-X509V3_add_value_int                    1185	EXIST::FUNCTION:
-X509V3_conf_free                        1186	EXIST::FUNCTION:
-X509V3_get_value_bool                   1187	EXIST::FUNCTION:
-X509V3_get_value_int                    1188	EXIST::FUNCTION:
-X509V3_parse_list                       1189	EXIST::FUNCTION:
-d2i_ASN1_GENERALIZEDTIME                1190	EXIST::FUNCTION:
-d2i_ASN1_TIME                           1191	EXIST::FUNCTION:
-d2i_BASIC_CONSTRAINTS                   1192	EXIST::FUNCTION:
-d2i_NETSCAPE_CERT_SEQUENCE              1193	EXIST::FUNCTION:
-d2i_ext_ku                              1194	NOEXIST::FUNCTION:
-ext_ku_free                             1195	NOEXIST::FUNCTION:
-ext_ku_new                              1196	NOEXIST::FUNCTION:
-i2d_ASN1_GENERALIZEDTIME                1197	EXIST::FUNCTION:
-i2d_ASN1_TIME                           1198	EXIST::FUNCTION:
-i2d_BASIC_CONSTRAINTS                   1199	EXIST::FUNCTION:
-i2d_NETSCAPE_CERT_SEQUENCE              1200	EXIST::FUNCTION:
-i2d_ext_ku                              1201	NOEXIST::FUNCTION:
-EVP_MD_CTX_copy                         1202	EXIST::FUNCTION:
-i2d_ASN1_ENUMERATED                     1203	EXIST::FUNCTION:
-d2i_ASN1_ENUMERATED                     1204	EXIST::FUNCTION:
-ASN1_ENUMERATED_set                     1205	EXIST::FUNCTION:
-ASN1_ENUMERATED_get                     1206	EXIST::FUNCTION:
-BN_to_ASN1_ENUMERATED                   1207	EXIST::FUNCTION:
-ASN1_ENUMERATED_to_BN                   1208	EXIST::FUNCTION:
-i2a_ASN1_ENUMERATED                     1209	EXIST::FUNCTION:BIO
-a2i_ASN1_ENUMERATED                     1210	EXIST::FUNCTION:BIO
-i2d_GENERAL_NAME                        1211	EXIST::FUNCTION:
-d2i_GENERAL_NAME                        1212	EXIST::FUNCTION:
-GENERAL_NAME_new                        1213	EXIST::FUNCTION:
-GENERAL_NAME_free                       1214	EXIST::FUNCTION:
-GENERAL_NAMES_new                       1215	EXIST::FUNCTION:
-GENERAL_NAMES_free                      1216	EXIST::FUNCTION:
-d2i_GENERAL_NAMES                       1217	EXIST::FUNCTION:
-i2d_GENERAL_NAMES                       1218	EXIST::FUNCTION:
-i2v_GENERAL_NAMES                       1219	EXIST::FUNCTION:
-i2s_ASN1_OCTET_STRING                   1220	EXIST::FUNCTION:
-s2i_ASN1_OCTET_STRING                   1221	EXIST::FUNCTION:
-X509V3_EXT_check_conf                   1222	NOEXIST::FUNCTION:
-hex_to_string                           1223	EXIST::FUNCTION:
-string_to_hex                           1224	EXIST::FUNCTION:
-DES_ede3_cbcm_encrypt                   1225	EXIST::FUNCTION:DES
-RSA_padding_add_PKCS1_OAEP              1226	EXIST::FUNCTION:RSA
-RSA_padding_check_PKCS1_OAEP            1227	EXIST::FUNCTION:RSA
-X509_CRL_print_fp                       1228	EXIST::FUNCTION:FP_API
-X509_CRL_print                          1229	EXIST::FUNCTION:BIO
-i2v_GENERAL_NAME                        1230	EXIST::FUNCTION:
-v2i_GENERAL_NAME                        1231	EXIST::FUNCTION:
-i2d_PKEY_USAGE_PERIOD                   1232	EXIST::FUNCTION:
-d2i_PKEY_USAGE_PERIOD                   1233	EXIST::FUNCTION:
-PKEY_USAGE_PERIOD_new                   1234	EXIST::FUNCTION:
-PKEY_USAGE_PERIOD_free                  1235	EXIST::FUNCTION:
-v2i_GENERAL_NAMES                       1236	EXIST::FUNCTION:
-i2s_ASN1_INTEGER                        1237	EXIST::FUNCTION:
-X509V3_EXT_d2i                          1238	EXIST::FUNCTION:
-name_cmp                                1239	EXIST::FUNCTION:
-str_dup                                 1240	NOEXIST::FUNCTION:
-i2s_ASN1_ENUMERATED                     1241	EXIST::FUNCTION:
-i2s_ASN1_ENUMERATED_TABLE               1242	EXIST::FUNCTION:
-BIO_s_log                               1243	EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
-BIO_f_reliable                          1244	EXIST::FUNCTION:BIO
-PKCS7_dataFinal                         1245	EXIST::FUNCTION:
-PKCS7_dataDecode                        1246	EXIST::FUNCTION:
-X509V3_EXT_CRL_add_conf                 1247	EXIST::FUNCTION:
-BN_set_params                           1248	EXIST::FUNCTION:
-BN_get_params                           1249	EXIST::FUNCTION:
-BIO_get_ex_num                          1250	NOEXIST::FUNCTION:
-BIO_set_ex_free_func                    1251	NOEXIST::FUNCTION:
-EVP_ripemd160                           1252	EXIST::FUNCTION:RIPEMD
-ASN1_TIME_set                           1253	EXIST::FUNCTION:
-i2d_AUTHORITY_KEYID                     1254	EXIST::FUNCTION:
-d2i_AUTHORITY_KEYID                     1255	EXIST::FUNCTION:
-AUTHORITY_KEYID_new                     1256	EXIST::FUNCTION:
-AUTHORITY_KEYID_free                    1257	EXIST::FUNCTION:
-ASN1_seq_unpack                         1258	EXIST::FUNCTION:
-ASN1_seq_pack                           1259	EXIST::FUNCTION:
-ASN1_unpack_string                      1260	EXIST::FUNCTION:
-ASN1_pack_string                        1261	EXIST::FUNCTION:
-PKCS12_pack_safebag                     1262	NOEXIST::FUNCTION:
-PKCS12_MAKE_KEYBAG                      1263	EXIST::FUNCTION:
-PKCS8_encrypt                           1264	EXIST::FUNCTION:
-PKCS12_MAKE_SHKEYBAG                    1265	EXIST::FUNCTION:
-PKCS12_pack_p7data                      1266	EXIST::FUNCTION:
-PKCS12_pack_p7encdata                   1267	EXIST::FUNCTION:
-PKCS12_add_localkeyid                   1268	EXIST::FUNCTION:
-PKCS12_add_friendlyname_asc             1269	EXIST::FUNCTION:
-PKCS12_add_friendlyname_uni             1270	EXIST::FUNCTION:
-PKCS12_get_friendlyname                 1271	EXIST::FUNCTION:
-PKCS12_pbe_crypt                        1272	EXIST::FUNCTION:
-PKCS12_decrypt_d2i                      1273	NOEXIST::FUNCTION:
-PKCS12_i2d_encrypt                      1274	NOEXIST::FUNCTION:
-PKCS12_init                             1275	EXIST::FUNCTION:
-PKCS12_key_gen_asc                      1276	EXIST::FUNCTION:
-PKCS12_key_gen_uni                      1277	EXIST::FUNCTION:
-PKCS12_gen_mac                          1278	EXIST::FUNCTION:
-PKCS12_verify_mac                       1279	EXIST::FUNCTION:
-PKCS12_set_mac                          1280	EXIST::FUNCTION:
-PKCS12_setup_mac                        1281	EXIST::FUNCTION:
-asc2uni                                 1282	EXIST::FUNCTION:
-uni2asc                                 1283	EXIST::FUNCTION:
-i2d_PKCS12_BAGS                         1284	EXIST::FUNCTION:
-PKCS12_BAGS_new                         1285	EXIST::FUNCTION:
-d2i_PKCS12_BAGS                         1286	EXIST::FUNCTION:
-PKCS12_BAGS_free                        1287	EXIST::FUNCTION:
-i2d_PKCS12                              1288	EXIST::FUNCTION:
-d2i_PKCS12                              1289	EXIST::FUNCTION:
-PKCS12_new                              1290	EXIST::FUNCTION:
-PKCS12_free                             1291	EXIST::FUNCTION:
-i2d_PKCS12_MAC_DATA                     1292	EXIST::FUNCTION:
-PKCS12_MAC_DATA_new                     1293	EXIST::FUNCTION:
-d2i_PKCS12_MAC_DATA                     1294	EXIST::FUNCTION:
-PKCS12_MAC_DATA_free                    1295	EXIST::FUNCTION:
-i2d_PKCS12_SAFEBAG                      1296	EXIST::FUNCTION:
-PKCS12_SAFEBAG_new                      1297	EXIST::FUNCTION:
-d2i_PKCS12_SAFEBAG                      1298	EXIST::FUNCTION:
-PKCS12_SAFEBAG_free                     1299	EXIST::FUNCTION:
-ERR_load_PKCS12_strings                 1300	EXIST::FUNCTION:
-PKCS12_PBE_add                          1301	EXIST::FUNCTION:
-PKCS8_add_keyusage                      1302	EXIST::FUNCTION:
-PKCS12_get_attr_gen                     1303	EXIST::FUNCTION:
-PKCS12_parse                            1304	EXIST::FUNCTION:
-PKCS12_create                           1305	EXIST::FUNCTION:
-i2d_PKCS12_bio                          1306	EXIST::FUNCTION:
-i2d_PKCS12_fp                           1307	EXIST::FUNCTION:
-d2i_PKCS12_bio                          1308	EXIST::FUNCTION:
-d2i_PKCS12_fp                           1309	EXIST::FUNCTION:
-i2d_PBEPARAM                            1310	EXIST::FUNCTION:
-PBEPARAM_new                            1311	EXIST::FUNCTION:
-d2i_PBEPARAM                            1312	EXIST::FUNCTION:
-PBEPARAM_free                           1313	EXIST::FUNCTION:
-i2d_PKCS8_PRIV_KEY_INFO                 1314	EXIST::FUNCTION:
-PKCS8_PRIV_KEY_INFO_new                 1315	EXIST::FUNCTION:
-d2i_PKCS8_PRIV_KEY_INFO                 1316	EXIST::FUNCTION:
-PKCS8_PRIV_KEY_INFO_free                1317	EXIST::FUNCTION:
-EVP_PKCS82PKEY                          1318	EXIST::FUNCTION:
-EVP_PKEY2PKCS8                          1319	EXIST::FUNCTION:
-PKCS8_set_broken                        1320	EXIST::FUNCTION:
-EVP_PBE_ALGOR_CipherInit                1321	NOEXIST::FUNCTION:
-EVP_PBE_alg_add                         1322	EXIST::FUNCTION:
-PKCS5_pbe_set                           1323	EXIST::FUNCTION:
-EVP_PBE_cleanup                         1324	EXIST::FUNCTION:
-i2d_SXNET                               1325	EXIST::FUNCTION:
-d2i_SXNET                               1326	EXIST::FUNCTION:
-SXNET_new                               1327	EXIST::FUNCTION:
-SXNET_free                              1328	EXIST::FUNCTION:
-i2d_SXNETID                             1329	EXIST::FUNCTION:
-d2i_SXNETID                             1330	EXIST::FUNCTION:
-SXNETID_new                             1331	EXIST::FUNCTION:
-SXNETID_free                            1332	EXIST::FUNCTION:
-DSA_SIG_new                             1333	EXIST::FUNCTION:DSA
-DSA_SIG_free                            1334	EXIST::FUNCTION:DSA
-DSA_do_sign                             1335	EXIST::FUNCTION:DSA
-DSA_do_verify                           1336	EXIST::FUNCTION:DSA
-d2i_DSA_SIG                             1337	EXIST::FUNCTION:DSA
-i2d_DSA_SIG                             1338	EXIST::FUNCTION:DSA
-i2d_ASN1_VISIBLESTRING                  1339	EXIST::FUNCTION:
-d2i_ASN1_VISIBLESTRING                  1340	EXIST::FUNCTION:
-i2d_ASN1_UTF8STRING                     1341	EXIST::FUNCTION:
-d2i_ASN1_UTF8STRING                     1342	EXIST::FUNCTION:
-i2d_DIRECTORYSTRING                     1343	EXIST::FUNCTION:
-d2i_DIRECTORYSTRING                     1344	EXIST::FUNCTION:
-i2d_DISPLAYTEXT                         1345	EXIST::FUNCTION:
-d2i_DISPLAYTEXT                         1346	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509                    1379	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509                    1380	NOEXIST::FUNCTION:
-i2d_PBKDF2PARAM                         1397	EXIST::FUNCTION:
-PBKDF2PARAM_new                         1398	EXIST::FUNCTION:
-d2i_PBKDF2PARAM                         1399	EXIST::FUNCTION:
-PBKDF2PARAM_free                        1400	EXIST::FUNCTION:
-i2d_PBE2PARAM                           1401	EXIST::FUNCTION:
-PBE2PARAM_new                           1402	EXIST::FUNCTION:
-d2i_PBE2PARAM                           1403	EXIST::FUNCTION:
-PBE2PARAM_free                          1404	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_GENERAL_NAME            1421	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_GENERAL_NAME            1422	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_SXNETID                 1439	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_SXNETID                 1440	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_POLICYQUALINFO          1457	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_POLICYQUALINFO          1458	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_POLICYINFO              1475	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_POLICYINFO              1476	NOEXIST::FUNCTION:
-SXNET_add_id_asc                        1477	EXIST::FUNCTION:
-SXNET_add_id_ulong                      1478	EXIST::FUNCTION:
-SXNET_add_id_INTEGER                    1479	EXIST::FUNCTION:
-SXNET_get_id_asc                        1480	EXIST::FUNCTION:
-SXNET_get_id_ulong                      1481	EXIST::FUNCTION:
-SXNET_get_id_INTEGER                    1482	EXIST::FUNCTION:
-X509V3_set_conf_lhash                   1483	EXIST::FUNCTION:
-i2d_CERTIFICATEPOLICIES                 1484	EXIST::FUNCTION:
-CERTIFICATEPOLICIES_new                 1485	EXIST::FUNCTION:
-CERTIFICATEPOLICIES_free                1486	EXIST::FUNCTION:
-d2i_CERTIFICATEPOLICIES                 1487	EXIST::FUNCTION:
-i2d_POLICYINFO                          1488	EXIST::FUNCTION:
-POLICYINFO_new                          1489	EXIST::FUNCTION:
-d2i_POLICYINFO                          1490	EXIST::FUNCTION:
-POLICYINFO_free                         1491	EXIST::FUNCTION:
-i2d_POLICYQUALINFO                      1492	EXIST::FUNCTION:
-POLICYQUALINFO_new                      1493	EXIST::FUNCTION:
-d2i_POLICYQUALINFO                      1494	EXIST::FUNCTION:
-POLICYQUALINFO_free                     1495	EXIST::FUNCTION:
-i2d_USERNOTICE                          1496	EXIST::FUNCTION:
-USERNOTICE_new                          1497	EXIST::FUNCTION:
-d2i_USERNOTICE                          1498	EXIST::FUNCTION:
-USERNOTICE_free                         1499	EXIST::FUNCTION:
-i2d_NOTICEREF                           1500	EXIST::FUNCTION:
-NOTICEREF_new                           1501	EXIST::FUNCTION:
-d2i_NOTICEREF                           1502	EXIST::FUNCTION:
-NOTICEREF_free                          1503	EXIST::FUNCTION:
-X509V3_get_string                       1504	EXIST::FUNCTION:
-X509V3_get_section                      1505	EXIST::FUNCTION:
-X509V3_string_free                      1506	EXIST::FUNCTION:
-X509V3_section_free                     1507	EXIST::FUNCTION:
-X509V3_set_ctx                          1508	EXIST::FUNCTION:
-s2i_ASN1_INTEGER                        1509	EXIST::FUNCTION:
-CRYPTO_set_locked_mem_functions         1510	EXIST::FUNCTION:
-CRYPTO_get_locked_mem_functions         1511	EXIST::FUNCTION:
-CRYPTO_malloc_locked                    1512	EXIST::FUNCTION:
-CRYPTO_free_locked                      1513	EXIST::FUNCTION:
-BN_mod_exp2_mont                        1514	EXIST::FUNCTION:
-ERR_get_error_line_data                 1515	EXIST::FUNCTION:
-ERR_peek_error_line_data                1516	EXIST::FUNCTION:
-PKCS12_PBE_keyivgen                     1517	EXIST::FUNCTION:
-X509_ALGOR_dup                          1518	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_DIST_POINT              1535	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_DIST_POINT              1536	NOEXIST::FUNCTION:
-i2d_CRL_DIST_POINTS                     1537	EXIST::FUNCTION:
-CRL_DIST_POINTS_new                     1538	EXIST::FUNCTION:
-CRL_DIST_POINTS_free                    1539	EXIST::FUNCTION:
-d2i_CRL_DIST_POINTS                     1540	EXIST::FUNCTION:
-i2d_DIST_POINT                          1541	EXIST::FUNCTION:
-DIST_POINT_new                          1542	EXIST::FUNCTION:
-d2i_DIST_POINT                          1543	EXIST::FUNCTION:
-DIST_POINT_free                         1544	EXIST::FUNCTION:
-i2d_DIST_POINT_NAME                     1545	EXIST::FUNCTION:
-DIST_POINT_NAME_new                     1546	EXIST::FUNCTION:
-DIST_POINT_NAME_free                    1547	EXIST::FUNCTION:
-d2i_DIST_POINT_NAME                     1548	EXIST::FUNCTION:
-X509V3_add_value_uchar                  1549	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_ATTRIBUTE          1555	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_ASN1_TYPE               1560	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_EXTENSION          1567	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_NAME_ENTRY         1574	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_TYPE               1589	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_ATTRIBUTE          1615	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_EXTENSION          1624	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_NAME_ENTRY         1633	NOEXIST::FUNCTION:
-X509V3_EXT_i2d                          1646	EXIST::FUNCTION:
-X509V3_EXT_val_prn                      1647	EXIST::FUNCTION:
-X509V3_EXT_add_list                     1648	EXIST::FUNCTION:
-EVP_CIPHER_type                         1649	EXIST::FUNCTION:
-EVP_PBE_CipherInit                      1650	EXIST::FUNCTION:
-X509V3_add_value_bool_nf                1651	EXIST::FUNCTION:
-d2i_ASN1_UINTEGER                       1652	EXIST::FUNCTION:
-sk_value                                1653	EXIST::FUNCTION:
-sk_num                                  1654	EXIST::FUNCTION:
-sk_set                                  1655	EXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_REVOKED            1661	NOEXIST::FUNCTION:
-sk_sort                                 1671	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_REVOKED            1674	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_ALGOR              1682	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_X509_CRL                1685	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_ALGOR              1696	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_X509_CRL                1702	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO       1723	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7_RECIP_INFO        1738	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO       1748	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS7_RECIP_INFO        1753	NOEXIST::FUNCTION:
-PKCS5_PBE_add                           1775	EXIST::FUNCTION:
-PEM_write_bio_PKCS8                     1776	EXIST::FUNCTION:
-i2d_PKCS8_fp                            1777	EXIST::FUNCTION:FP_API
-PEM_read_bio_PKCS8_PRIV_KEY_INFO        1778	EXIST:!VMS:FUNCTION:
-PEM_read_bio_P8_PRIV_KEY_INFO           1778	EXIST:VMS:FUNCTION:
-d2i_PKCS8_bio                           1779	EXIST::FUNCTION:BIO
-d2i_PKCS8_PRIV_KEY_INFO_fp              1780	EXIST::FUNCTION:FP_API
-PEM_write_bio_PKCS8_PRIV_KEY_INFO       1781	EXIST:!VMS:FUNCTION:
-PEM_write_bio_P8_PRIV_KEY_INFO          1781	EXIST:VMS:FUNCTION:
-PEM_read_PKCS8                          1782	EXIST:!WIN16:FUNCTION:
-d2i_PKCS8_PRIV_KEY_INFO_bio             1783	EXIST::FUNCTION:BIO
-d2i_PKCS8_fp                            1784	EXIST::FUNCTION:FP_API
-PEM_write_PKCS8                         1785	EXIST:!WIN16:FUNCTION:
-PEM_read_PKCS8_PRIV_KEY_INFO            1786	EXIST:!VMS,!WIN16:FUNCTION:
-PEM_read_P8_PRIV_KEY_INFO               1786	EXIST:VMS:FUNCTION:
-PEM_read_bio_PKCS8                      1787	EXIST::FUNCTION:
-PEM_write_PKCS8_PRIV_KEY_INFO           1788	EXIST:!VMS,!WIN16:FUNCTION:
-PEM_write_P8_PRIV_KEY_INFO              1788	EXIST:VMS:FUNCTION:
-PKCS5_PBE_keyivgen                      1789	EXIST::FUNCTION:
-i2d_PKCS8_bio                           1790	EXIST::FUNCTION:BIO
-i2d_PKCS8_PRIV_KEY_INFO_fp              1791	EXIST::FUNCTION:FP_API
-i2d_PKCS8_PRIV_KEY_INFO_bio             1792	EXIST::FUNCTION:BIO
-BIO_s_bio                               1793	EXIST::FUNCTION:
-PKCS5_pbe2_set                          1794	EXIST::FUNCTION:
-PKCS5_PBKDF2_HMAC_SHA1                  1795	EXIST::FUNCTION:
-PKCS5_v2_PBE_keyivgen                   1796	EXIST::FUNCTION:
-PEM_write_bio_PKCS8PrivateKey           1797	EXIST::FUNCTION:
-PEM_write_PKCS8PrivateKey               1798	EXIST::FUNCTION:
-BIO_ctrl_get_read_request               1799	EXIST::FUNCTION:
-BIO_ctrl_pending                        1800	EXIST::FUNCTION:
-BIO_ctrl_wpending                       1801	EXIST::FUNCTION:
-BIO_new_bio_pair                        1802	EXIST::FUNCTION:
-BIO_ctrl_get_write_guarantee            1803	EXIST::FUNCTION:
-CRYPTO_num_locks                        1804	EXIST::FUNCTION:
-CONF_load_bio                           1805	EXIST::FUNCTION:
-CONF_load_fp                            1806	EXIST::FUNCTION:FP_API
-i2d_ASN1_SET_OF_ASN1_OBJECT             1837	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_OBJECT             1844	NOEXIST::FUNCTION:
-PKCS7_signatureVerify                   1845	EXIST::FUNCTION:
-RSA_set_method                          1846	EXIST::FUNCTION:RSA
-RSA_get_method                          1847	EXIST::FUNCTION:RSA
-RSA_get_default_method                  1848	EXIST::FUNCTION:RSA
-RSA_check_key                           1869	EXIST::FUNCTION:RSA
-OBJ_obj2txt                             1870	EXIST::FUNCTION:
-DSA_dup_DH                              1871	EXIST::FUNCTION:DH,DSA
-X509_REQ_get_extensions                 1872	EXIST::FUNCTION:
-X509_REQ_set_extension_nids             1873	EXIST::FUNCTION:
-BIO_nwrite                              1874	EXIST::FUNCTION:
-X509_REQ_extension_nid                  1875	EXIST::FUNCTION:
-BIO_nread                               1876	EXIST::FUNCTION:
-X509_REQ_get_extension_nids             1877	EXIST::FUNCTION:
-BIO_nwrite0                             1878	EXIST::FUNCTION:
-X509_REQ_add_extensions_nid             1879	EXIST::FUNCTION:
-BIO_nread0                              1880	EXIST::FUNCTION:
-X509_REQ_add_extensions                 1881	EXIST::FUNCTION:
-BIO_new_mem_buf                         1882	EXIST::FUNCTION:
-DH_set_ex_data                          1883	EXIST::FUNCTION:DH
-DH_set_method                           1884	EXIST::FUNCTION:DH
-DSA_OpenSSL                             1885	EXIST::FUNCTION:DSA
-DH_get_ex_data                          1886	EXIST::FUNCTION:DH
-DH_get_ex_new_index                     1887	EXIST::FUNCTION:DH
-DSA_new_method                          1888	EXIST::FUNCTION:DSA
-DH_new_method                           1889	EXIST::FUNCTION:DH
-DH_OpenSSL                              1890	EXIST::FUNCTION:DH
-DSA_get_ex_new_index                    1891	EXIST::FUNCTION:DSA
-DH_get_default_method                   1892	EXIST::FUNCTION:DH
-DSA_set_ex_data                         1893	EXIST::FUNCTION:DSA
-DH_set_default_method                   1894	EXIST::FUNCTION:DH
-DSA_get_ex_data                         1895	EXIST::FUNCTION:DSA
-X509V3_EXT_REQ_add_conf                 1896	EXIST::FUNCTION:
-NETSCAPE_SPKI_print                     1897	EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_set_pubkey                1898	EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_b64_encode                1899	EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_get_pubkey                1900	EXIST::FUNCTION:EVP
-NETSCAPE_SPKI_b64_decode                1901	EXIST::FUNCTION:EVP
-UTF8_putc                               1902	EXIST::FUNCTION:
-UTF8_getc                               1903	EXIST::FUNCTION:
-RSA_null_method                         1904	EXIST::FUNCTION:RSA
-ASN1_tag2str                            1905	EXIST::FUNCTION:
-BIO_ctrl_reset_read_request             1906	EXIST::FUNCTION:
-DISPLAYTEXT_new                         1907	EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_free               1908	EXIST::FUNCTION:
-X509_REVOKED_get_ext_d2i                1909	EXIST::FUNCTION:
-X509_set_ex_data                        1910	EXIST::FUNCTION:
-X509_reject_set_bit_asc                 1911	NOEXIST::FUNCTION:
-X509_NAME_add_entry_by_txt              1912	EXIST::FUNCTION:
-X509_NAME_add_entry_by_NID              1914	EXIST::FUNCTION:
-X509_PURPOSE_get0                       1915	EXIST::FUNCTION:
-PEM_read_X509_AUX                       1917	EXIST:!WIN16:FUNCTION:
-d2i_AUTHORITY_INFO_ACCESS               1918	EXIST::FUNCTION:
-PEM_write_PUBKEY                        1921	EXIST:!WIN16:FUNCTION:
-ACCESS_DESCRIPTION_new                  1925	EXIST::FUNCTION:
-X509_CERT_AUX_free                      1926	EXIST::FUNCTION:
-d2i_ACCESS_DESCRIPTION                  1927	EXIST::FUNCTION:
-X509_trust_clear                        1928	EXIST::FUNCTION:
-X509_TRUST_add                          1931	EXIST::FUNCTION:
-ASN1_VISIBLESTRING_new                  1932	EXIST::FUNCTION:
-X509_alias_set1                         1933	EXIST::FUNCTION:
-ASN1_PRINTABLESTRING_free               1934	EXIST::FUNCTION:
-EVP_PKEY_get1_DSA                       1935	EXIST::FUNCTION:DSA
-ASN1_BMPSTRING_new                      1936	EXIST::FUNCTION:
-ASN1_mbstring_copy                      1937	EXIST::FUNCTION:
-ASN1_UTF8STRING_new                     1938	EXIST::FUNCTION:
-DSA_get_default_method                  1941	EXIST::FUNCTION:DSA
-i2d_ASN1_SET_OF_ACCESS_DESCRIPTION      1945	NOEXIST::FUNCTION:
-ASN1_T61STRING_free                     1946	EXIST::FUNCTION:
-DSA_set_method                          1949	EXIST::FUNCTION:DSA
-X509_get_ex_data                        1950	EXIST::FUNCTION:
-ASN1_STRING_type                        1951	EXIST::FUNCTION:
-X509_PURPOSE_get_by_sname               1952	EXIST::FUNCTION:
-ASN1_TIME_free                          1954	EXIST::FUNCTION:
-ASN1_OCTET_STRING_cmp                   1955	EXIST::FUNCTION:
-ASN1_BIT_STRING_new                     1957	EXIST::FUNCTION:
-X509_get_ext_d2i                        1958	EXIST::FUNCTION:
-PEM_read_bio_X509_AUX                   1959	EXIST::FUNCTION:
-ASN1_STRING_set_default_mask_asc        1960	EXIST:!VMS:FUNCTION:
-ASN1_STRING_set_def_mask_asc            1960	EXIST:VMS:FUNCTION:
-PEM_write_bio_RSA_PUBKEY                1961	EXIST::FUNCTION:RSA
-ASN1_INTEGER_cmp                        1963	EXIST::FUNCTION:
-d2i_RSA_PUBKEY_fp                       1964	EXIST::FUNCTION:FP_API,RSA
-X509_trust_set_bit_asc                  1967	NOEXIST::FUNCTION:
-PEM_write_bio_DSA_PUBKEY                1968	EXIST::FUNCTION:DSA
-X509_STORE_CTX_free                     1969	EXIST::FUNCTION:
-EVP_PKEY_set1_DSA                       1970	EXIST::FUNCTION:DSA
-i2d_DSA_PUBKEY_fp                       1971	EXIST::FUNCTION:DSA,FP_API
-X509_load_cert_crl_file                 1972	EXIST::FUNCTION:STDIO
-ASN1_TIME_new                           1973	EXIST::FUNCTION:
-i2d_RSA_PUBKEY                          1974	EXIST::FUNCTION:RSA
-X509_STORE_CTX_purpose_inherit          1976	EXIST::FUNCTION:
-PEM_read_RSA_PUBKEY                     1977	EXIST:!WIN16:FUNCTION:RSA
-d2i_X509_AUX                            1980	EXIST::FUNCTION:
-i2d_DSA_PUBKEY                          1981	EXIST::FUNCTION:DSA
-X509_CERT_AUX_print                     1982	EXIST::FUNCTION:BIO
-PEM_read_DSA_PUBKEY                     1984	EXIST:!WIN16:FUNCTION:DSA
-i2d_RSA_PUBKEY_bio                      1985	EXIST::FUNCTION:BIO,RSA
-ASN1_BIT_STRING_num_asc                 1986	EXIST::FUNCTION:
-i2d_PUBKEY                              1987	EXIST::FUNCTION:
-ASN1_UTCTIME_free                       1988	EXIST::FUNCTION:
-DSA_set_default_method                  1989	EXIST::FUNCTION:DSA
-X509_PURPOSE_get_by_id                  1990	EXIST::FUNCTION:
-ACCESS_DESCRIPTION_free                 1994	EXIST::FUNCTION:
-PEM_read_bio_PUBKEY                     1995	EXIST::FUNCTION:
-ASN1_STRING_set_by_NID                  1996	EXIST::FUNCTION:
-X509_PURPOSE_get_id                     1997	EXIST::FUNCTION:
-DISPLAYTEXT_free                        1998	EXIST::FUNCTION:
-OTHERNAME_new                           1999	EXIST::FUNCTION:
-X509_CERT_AUX_new                       2001	EXIST::FUNCTION:
-X509_TRUST_cleanup                      2007	EXIST::FUNCTION:
-X509_NAME_add_entry_by_OBJ              2008	EXIST::FUNCTION:
-X509_CRL_get_ext_d2i                    2009	EXIST::FUNCTION:
-X509_PURPOSE_get0_name                  2011	EXIST::FUNCTION:
-PEM_read_PUBKEY                         2012	EXIST:!WIN16:FUNCTION:
-i2d_DSA_PUBKEY_bio                      2014	EXIST::FUNCTION:BIO,DSA
-i2d_OTHERNAME                           2015	EXIST::FUNCTION:
-ASN1_OCTET_STRING_free                  2016	EXIST::FUNCTION:
-ASN1_BIT_STRING_set_asc                 2017	EXIST::FUNCTION:
-X509_get_ex_new_index                   2019	EXIST::FUNCTION:
-ASN1_STRING_TABLE_cleanup               2020	EXIST::FUNCTION:
-X509_TRUST_get_by_id                    2021	EXIST::FUNCTION:
-X509_PURPOSE_get_trust                  2022	EXIST::FUNCTION:
-ASN1_STRING_length                      2023	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_ACCESS_DESCRIPTION      2024	NOEXIST::FUNCTION:
-ASN1_PRINTABLESTRING_new                2025	EXIST::FUNCTION:
-X509V3_get_d2i                          2026	EXIST::FUNCTION:
-ASN1_ENUMERATED_free                    2027	EXIST::FUNCTION:
-i2d_X509_CERT_AUX                       2028	EXIST::FUNCTION:
-X509_STORE_CTX_set_trust                2030	EXIST::FUNCTION:
-ASN1_STRING_set_default_mask            2032	EXIST::FUNCTION:
-X509_STORE_CTX_new                      2033	EXIST::FUNCTION:
-EVP_PKEY_get1_RSA                       2034	EXIST::FUNCTION:RSA
-DIRECTORYSTRING_free                    2038	EXIST::FUNCTION:
-PEM_write_X509_AUX                      2039	EXIST:!WIN16:FUNCTION:
-ASN1_OCTET_STRING_set                   2040	EXIST::FUNCTION:
-d2i_DSA_PUBKEY_fp                       2041	EXIST::FUNCTION:DSA,FP_API
-d2i_RSA_PUBKEY                          2044	EXIST::FUNCTION:RSA
-X509_TRUST_get0_name                    2046	EXIST::FUNCTION:
-X509_TRUST_get0                         2047	EXIST::FUNCTION:
-AUTHORITY_INFO_ACCESS_free              2048	EXIST::FUNCTION:
-ASN1_IA5STRING_new                      2049	EXIST::FUNCTION:
-d2i_DSA_PUBKEY                          2050	EXIST::FUNCTION:DSA
-X509_check_purpose                      2051	EXIST::FUNCTION:
-ASN1_ENUMERATED_new                     2052	EXIST::FUNCTION:
-d2i_RSA_PUBKEY_bio                      2053	EXIST::FUNCTION:BIO,RSA
-d2i_PUBKEY                              2054	EXIST::FUNCTION:
-X509_TRUST_get_trust                    2055	EXIST::FUNCTION:
-X509_TRUST_get_flags                    2056	EXIST::FUNCTION:
-ASN1_BMPSTRING_free                     2057	EXIST::FUNCTION:
-ASN1_T61STRING_new                      2058	EXIST::FUNCTION:
-ASN1_UTCTIME_new                        2060	EXIST::FUNCTION:
-i2d_AUTHORITY_INFO_ACCESS               2062	EXIST::FUNCTION:
-EVP_PKEY_set1_RSA                       2063	EXIST::FUNCTION:RSA
-X509_STORE_CTX_set_purpose              2064	EXIST::FUNCTION:
-ASN1_IA5STRING_free                     2065	EXIST::FUNCTION:
-PEM_write_bio_X509_AUX                  2066	EXIST::FUNCTION:
-X509_PURPOSE_get_count                  2067	EXIST::FUNCTION:
-CRYPTO_add_info                         2068	NOEXIST::FUNCTION:
-X509_NAME_ENTRY_create_by_txt           2071	EXIST::FUNCTION:
-ASN1_STRING_get_default_mask            2072	EXIST::FUNCTION:
-X509_alias_get0                         2074	EXIST::FUNCTION:
-ASN1_STRING_data                        2075	EXIST::FUNCTION:
-i2d_ACCESS_DESCRIPTION                  2077	EXIST::FUNCTION:
-X509_trust_set_bit                      2078	NOEXIST::FUNCTION:
-ASN1_BIT_STRING_free                    2080	EXIST::FUNCTION:
-PEM_read_bio_RSA_PUBKEY                 2081	EXIST::FUNCTION:RSA
-X509_add1_reject_object                 2082	EXIST::FUNCTION:
-X509_check_trust                        2083	EXIST::FUNCTION:
-PEM_read_bio_DSA_PUBKEY                 2088	EXIST::FUNCTION:DSA
-X509_PURPOSE_add                        2090	EXIST::FUNCTION:
-ASN1_STRING_TABLE_get                   2091	EXIST::FUNCTION:
-ASN1_UTF8STRING_free                    2092	EXIST::FUNCTION:
-d2i_DSA_PUBKEY_bio                      2093	EXIST::FUNCTION:BIO,DSA
-PEM_write_RSA_PUBKEY                    2095	EXIST:!WIN16:FUNCTION:RSA
-d2i_OTHERNAME                           2096	EXIST::FUNCTION:
-X509_reject_set_bit                     2098	NOEXIST::FUNCTION:
-PEM_write_DSA_PUBKEY                    2101	EXIST:!WIN16:FUNCTION:DSA
-X509_PURPOSE_get0_sname                 2105	EXIST::FUNCTION:
-EVP_PKEY_set1_DH                        2107	EXIST::FUNCTION:DH
-ASN1_OCTET_STRING_dup                   2108	EXIST::FUNCTION:
-ASN1_BIT_STRING_set                     2109	EXIST::FUNCTION:
-X509_TRUST_get_count                    2110	EXIST::FUNCTION:
-ASN1_INTEGER_free                       2111	EXIST::FUNCTION:
-OTHERNAME_free                          2112	EXIST::FUNCTION:
-i2d_RSA_PUBKEY_fp                       2113	EXIST::FUNCTION:FP_API,RSA
-ASN1_INTEGER_dup                        2114	EXIST::FUNCTION:
-d2i_X509_CERT_AUX                       2115	EXIST::FUNCTION:
-PEM_write_bio_PUBKEY                    2117	EXIST::FUNCTION:
-ASN1_VISIBLESTRING_free                 2118	EXIST::FUNCTION:
-X509_PURPOSE_cleanup                    2119	EXIST::FUNCTION:
-ASN1_mbstring_ncopy                     2123	EXIST::FUNCTION:
-ASN1_GENERALIZEDTIME_new                2126	EXIST::FUNCTION:
-EVP_PKEY_get1_DH                        2128	EXIST::FUNCTION:DH
-ASN1_OCTET_STRING_new                   2130	EXIST::FUNCTION:
-ASN1_INTEGER_new                        2131	EXIST::FUNCTION:
-i2d_X509_AUX                            2132	EXIST::FUNCTION:
-ASN1_BIT_STRING_name_print              2134	EXIST::FUNCTION:BIO
-X509_cmp                                2135	EXIST::FUNCTION:
-ASN1_STRING_length_set                  2136	EXIST::FUNCTION:
-DIRECTORYSTRING_new                     2137	EXIST::FUNCTION:
-X509_add1_trust_object                  2140	EXIST::FUNCTION:
-PKCS12_newpass                          2141	EXIST::FUNCTION:
-SMIME_write_PKCS7                       2142	EXIST::FUNCTION:
-SMIME_read_PKCS7                        2143	EXIST::FUNCTION:
-DES_set_key_checked                     2144	EXIST::FUNCTION:DES
-PKCS7_verify                            2145	EXIST::FUNCTION:
-PKCS7_encrypt                           2146	EXIST::FUNCTION:
-DES_set_key_unchecked                   2147	EXIST::FUNCTION:DES
-SMIME_crlf_copy                         2148	EXIST::FUNCTION:
-i2d_ASN1_PRINTABLESTRING                2149	EXIST::FUNCTION:
-PKCS7_get0_signers                      2150	EXIST::FUNCTION:
-PKCS7_decrypt                           2151	EXIST::FUNCTION:
-SMIME_text                              2152	EXIST::FUNCTION:
-PKCS7_simple_smimecap                   2153	EXIST::FUNCTION:
-PKCS7_get_smimecap                      2154	EXIST::FUNCTION:
-PKCS7_sign                              2155	EXIST::FUNCTION:
-PKCS7_add_attrib_smimecap               2156	EXIST::FUNCTION:
-CRYPTO_dbg_set_options                  2157	EXIST::FUNCTION:
-CRYPTO_remove_all_info                  2158	EXIST::FUNCTION:
-CRYPTO_get_mem_debug_functions          2159	EXIST::FUNCTION:
-CRYPTO_is_mem_check_on                  2160	EXIST::FUNCTION:
-CRYPTO_set_mem_debug_functions          2161	EXIST::FUNCTION:
-CRYPTO_pop_info                         2162	EXIST::FUNCTION:
-CRYPTO_push_info_                       2163	EXIST::FUNCTION:
-CRYPTO_set_mem_debug_options            2164	EXIST::FUNCTION:
-PEM_write_PKCS8PrivateKey_nid           2165	EXIST::FUNCTION:
-PEM_write_bio_PKCS8PrivateKey_nid       2166	EXIST:!VMS:FUNCTION:
-PEM_write_bio_PKCS8PrivKey_nid          2166	EXIST:VMS:FUNCTION:
-d2i_PKCS8PrivateKey_bio                 2167	EXIST::FUNCTION:
-ASN1_NULL_free                          2168	EXIST::FUNCTION:
-d2i_ASN1_NULL                           2169	EXIST::FUNCTION:
-ASN1_NULL_new                           2170	EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_bio                 2171	EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_fp                  2172	EXIST::FUNCTION:
-i2d_ASN1_NULL                           2173	EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_nid_fp              2174	EXIST::FUNCTION:
-d2i_PKCS8PrivateKey_fp                  2175	EXIST::FUNCTION:
-i2d_PKCS8PrivateKey_nid_bio             2176	EXIST::FUNCTION:
-i2d_PKCS8PrivateKeyInfo_fp              2177	EXIST::FUNCTION:FP_API
-i2d_PKCS8PrivateKeyInfo_bio             2178	EXIST::FUNCTION:BIO
-PEM_cb                                  2179	NOEXIST::FUNCTION:
-i2d_PrivateKey_fp                       2180	EXIST::FUNCTION:FP_API
-d2i_PrivateKey_bio                      2181	EXIST::FUNCTION:BIO
-d2i_PrivateKey_fp                       2182	EXIST::FUNCTION:FP_API
-i2d_PrivateKey_bio                      2183	EXIST::FUNCTION:BIO
-X509_reject_clear                       2184	EXIST::FUNCTION:
-X509_TRUST_set_default                  2185	EXIST::FUNCTION:
-d2i_AutoPrivateKey                      2186	EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_type                2187	EXIST::FUNCTION:
-X509_ATTRIBUTE_set1_data                2188	EXIST::FUNCTION:
-X509at_get_attr                         2189	EXIST::FUNCTION:
-X509at_get_attr_count                   2190	EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_NID            2191	EXIST::FUNCTION:
-X509_ATTRIBUTE_set1_object              2192	EXIST::FUNCTION:
-X509_ATTRIBUTE_count                    2193	EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_OBJ            2194	EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_object              2195	EXIST::FUNCTION:
-X509at_get_attr_by_NID                  2196	EXIST::FUNCTION:
-X509at_add1_attr                        2197	EXIST::FUNCTION:
-X509_ATTRIBUTE_get0_data                2198	EXIST::FUNCTION:
-X509at_delete_attr                      2199	EXIST::FUNCTION:
-X509at_get_attr_by_OBJ                  2200	EXIST::FUNCTION:
-RAND_add                                2201	EXIST::FUNCTION:
-BIO_number_written                      2202	EXIST::FUNCTION:
-BIO_number_read                         2203	EXIST::FUNCTION:
-X509_STORE_CTX_get1_chain               2204	EXIST::FUNCTION:
-ERR_load_RAND_strings                   2205	EXIST::FUNCTION:
-RAND_pseudo_bytes                       2206	EXIST::FUNCTION:
-X509_REQ_get_attr_by_NID                2207	EXIST::FUNCTION:
-X509_REQ_get_attr                       2208	EXIST::FUNCTION:
-X509_REQ_add1_attr_by_NID               2209	EXIST::FUNCTION:
-X509_REQ_get_attr_by_OBJ                2210	EXIST::FUNCTION:
-X509at_add1_attr_by_NID                 2211	EXIST::FUNCTION:
-X509_REQ_add1_attr_by_OBJ               2212	EXIST::FUNCTION:
-X509_REQ_get_attr_count                 2213	EXIST::FUNCTION:
-X509_REQ_add1_attr                      2214	EXIST::FUNCTION:
-X509_REQ_delete_attr                    2215	EXIST::FUNCTION:
-X509at_add1_attr_by_OBJ                 2216	EXIST::FUNCTION:
-X509_REQ_add1_attr_by_txt               2217	EXIST::FUNCTION:
-X509_ATTRIBUTE_create_by_txt            2218	EXIST::FUNCTION:
-X509at_add1_attr_by_txt                 2219	EXIST::FUNCTION:
-BN_pseudo_rand                          2239	EXIST::FUNCTION:
-BN_is_prime_fasttest                    2240	EXIST::FUNCTION:
-BN_CTX_end                              2241	EXIST::FUNCTION:
-BN_CTX_start                            2242	EXIST::FUNCTION:
-BN_CTX_get                              2243	EXIST::FUNCTION:
-EVP_PKEY2PKCS8_broken                   2244	EXIST::FUNCTION:
-ASN1_STRING_TABLE_add                   2245	EXIST::FUNCTION:
-CRYPTO_dbg_get_options                  2246	EXIST::FUNCTION:
-AUTHORITY_INFO_ACCESS_new               2247	EXIST::FUNCTION:
-CRYPTO_get_mem_debug_options            2248	EXIST::FUNCTION:
-DES_crypt                               2249	EXIST::FUNCTION:DES
-PEM_write_bio_X509_REQ_NEW              2250	EXIST::FUNCTION:
-PEM_write_X509_REQ_NEW                  2251	EXIST:!WIN16:FUNCTION:
-BIO_callback_ctrl                       2252	EXIST::FUNCTION:
-RAND_egd                                2253	EXIST::FUNCTION:
-RAND_status                             2254	EXIST::FUNCTION:
-bn_dump1                                2255	NOEXIST::FUNCTION:
-DES_check_key_parity                    2256	EXIST::FUNCTION:DES
-lh_num_items                            2257	EXIST::FUNCTION:
-RAND_event                              2258	EXIST:WIN32:FUNCTION:
-DSO_new                                 2259	EXIST::FUNCTION:
-DSO_new_method                          2260	EXIST::FUNCTION:
-DSO_free                                2261	EXIST::FUNCTION:
-DSO_flags                               2262	EXIST::FUNCTION:
-DSO_up                                  2263	NOEXIST::FUNCTION:
-DSO_set_default_method                  2264	EXIST::FUNCTION:
-DSO_get_default_method                  2265	EXIST::FUNCTION:
-DSO_get_method                          2266	EXIST::FUNCTION:
-DSO_set_method                          2267	EXIST::FUNCTION:
-DSO_load                                2268	EXIST::FUNCTION:
-DSO_bind_var                            2269	EXIST::FUNCTION:
-DSO_METHOD_null                         2270	EXIST::FUNCTION:
-DSO_METHOD_openssl                      2271	EXIST::FUNCTION:
-DSO_METHOD_dlfcn                        2272	EXIST::FUNCTION:
-DSO_METHOD_win32                        2273	EXIST::FUNCTION:
-ERR_load_DSO_strings                    2274	EXIST::FUNCTION:
-DSO_METHOD_dl                           2275	EXIST::FUNCTION:
-NCONF_load                              2276	EXIST::FUNCTION:
-NCONF_load_fp                           2278	EXIST::FUNCTION:FP_API
-NCONF_new                               2279	EXIST::FUNCTION:
-NCONF_get_string                        2280	EXIST::FUNCTION:
-NCONF_free                              2281	EXIST::FUNCTION:
-NCONF_get_number                        2282	NOEXIST::FUNCTION:
-CONF_dump_fp                            2283	EXIST::FUNCTION:
-NCONF_load_bio                          2284	EXIST::FUNCTION:
-NCONF_dump_fp                           2285	EXIST::FUNCTION:
-NCONF_get_section                       2286	EXIST::FUNCTION:
-NCONF_dump_bio                          2287	EXIST::FUNCTION:
-CONF_dump_bio                           2288	EXIST::FUNCTION:
-NCONF_free_data                         2289	EXIST::FUNCTION:
-CONF_set_default_method                 2290	EXIST::FUNCTION:
-ERR_error_string_n                      2291	EXIST::FUNCTION:
-BIO_snprintf                            2292	EXIST::FUNCTION:
-DSO_ctrl                                2293	EXIST::FUNCTION:
-i2d_ASN1_SET_OF_ASN1_INTEGER            2317	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS12_SAFEBAG          2320	NOEXIST::FUNCTION:
-i2d_ASN1_SET_OF_PKCS7                   2328	NOEXIST::FUNCTION:
-BIO_vfree                               2334	EXIST::FUNCTION:
-d2i_ASN1_SET_OF_ASN1_INTEGER            2339	NOEXIST::FUNCTION:
-d2i_ASN1_SET_OF_PKCS12_SAFEBAG          2341	NOEXIST::FUNCTION:
-ASN1_UTCTIME_get                        2350	NOEXIST::FUNCTION:
-X509_REQ_digest                         2362	EXIST::FUNCTION:EVP
-X509_CRL_digest                         2391	EXIST::FUNCTION:EVP
-d2i_ASN1_SET_OF_PKCS7                   2397	NOEXIST::FUNCTION:
-EVP_CIPHER_CTX_set_key_length           2399	EXIST::FUNCTION:
-EVP_CIPHER_CTX_ctrl                     2400	EXIST::FUNCTION:
-BN_mod_exp_mont_word                    2401	EXIST::FUNCTION:
-RAND_egd_bytes                          2402	EXIST::FUNCTION:
-X509_REQ_get1_email                     2403	EXIST::FUNCTION:
-X509_get1_email                         2404	EXIST::FUNCTION:
-X509_email_free                         2405	EXIST::FUNCTION:
-i2d_RSA_NET                             2406	EXIST::FUNCTION:RSA
-d2i_RSA_NET_2                           2407	NOEXIST::FUNCTION:
-d2i_RSA_NET                             2408	EXIST::FUNCTION:RSA
-DSO_bind_func                           2409	EXIST::FUNCTION:
-CRYPTO_get_new_dynlockid                2410	EXIST::FUNCTION:
-sk_new_null                             2411	EXIST::FUNCTION:
-CRYPTO_set_dynlock_destroy_callback     2412	EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_destroy_cb           2412	EXIST:VMS:FUNCTION:
-CRYPTO_destroy_dynlockid                2413	EXIST::FUNCTION:
-CRYPTO_set_dynlock_size                 2414	NOEXIST::FUNCTION:
-CRYPTO_set_dynlock_create_callback      2415	EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_create_cb            2415	EXIST:VMS:FUNCTION:
-CRYPTO_set_dynlock_lock_callback        2416	EXIST:!VMS:FUNCTION:
-CRYPTO_set_dynlock_lock_cb              2416	EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_lock_callback        2417	EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_lock_cb              2417	EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_destroy_callback     2418	EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_destroy_cb           2418	EXIST:VMS:FUNCTION:
-CRYPTO_get_dynlock_value                2419	EXIST::FUNCTION:
-CRYPTO_get_dynlock_create_callback      2420	EXIST:!VMS:FUNCTION:
-CRYPTO_get_dynlock_create_cb            2420	EXIST:VMS:FUNCTION:
-c2i_ASN1_BIT_STRING                     2421	EXIST::FUNCTION:
-i2c_ASN1_BIT_STRING                     2422	EXIST::FUNCTION:
-RAND_poll                               2423	EXIST::FUNCTION:
-c2i_ASN1_INTEGER                        2424	EXIST::FUNCTION:
-i2c_ASN1_INTEGER                        2425	EXIST::FUNCTION:
-BIO_dump_indent                         2426	EXIST::FUNCTION:
-ASN1_parse_dump                         2427	EXIST::FUNCTION:BIO
-c2i_ASN1_OBJECT                         2428	EXIST::FUNCTION:
-X509_NAME_print_ex_fp                   2429	EXIST::FUNCTION:FP_API
-ASN1_STRING_print_ex_fp                 2430	EXIST::FUNCTION:FP_API
-X509_NAME_print_ex                      2431	EXIST::FUNCTION:BIO
-ASN1_STRING_print_ex                    2432	EXIST::FUNCTION:BIO
-MD4                                     2433	EXIST::FUNCTION:MD4
-MD4_Transform                           2434	EXIST::FUNCTION:MD4
-MD4_Final                               2435	EXIST::FUNCTION:MD4
-MD4_Update                              2436	EXIST::FUNCTION:MD4
-MD4_Init                                2437	EXIST::FUNCTION:MD4
-EVP_md4                                 2438	EXIST::FUNCTION:MD4
-i2d_PUBKEY_bio                          2439	EXIST::FUNCTION:BIO
-i2d_PUBKEY_fp                           2440	EXIST::FUNCTION:FP_API
-d2i_PUBKEY_bio                          2441	EXIST::FUNCTION:BIO
-ASN1_STRING_to_UTF8                     2442	EXIST::FUNCTION:
-BIO_vprintf                             2443	EXIST::FUNCTION:
-BIO_vsnprintf                           2444	EXIST::FUNCTION:
-d2i_PUBKEY_fp                           2445	EXIST::FUNCTION:FP_API
-X509_cmp_time                           2446	EXIST::FUNCTION:
-X509_STORE_CTX_set_time                 2447	EXIST::FUNCTION:
-X509_STORE_CTX_get1_issuer              2448	EXIST::FUNCTION:
-X509_OBJECT_retrieve_match              2449	EXIST::FUNCTION:
-X509_OBJECT_idx_by_subject              2450	EXIST::FUNCTION:
-X509_STORE_CTX_set_flags                2451	EXIST::FUNCTION:
-X509_STORE_CTX_trusted_stack            2452	EXIST::FUNCTION:
-X509_time_adj                           2453	EXIST::FUNCTION:
-X509_check_issued                       2454	EXIST::FUNCTION:
-ASN1_UTCTIME_cmp_time_t                 2455	EXIST::FUNCTION:
-DES_set_weak_key_flag                   2456	NOEXIST::FUNCTION:
-DES_check_key                           2457	NOEXIST::FUNCTION:
-DES_rw_mode                             2458	NOEXIST::FUNCTION:
-RSA_PKCS1_RSAref                        2459	NOEXIST::FUNCTION:
-X509_keyid_set1                         2460	EXIST::FUNCTION:
-BIO_next                                2461	EXIST::FUNCTION:
-DSO_METHOD_vms                          2462	EXIST::FUNCTION:
-BIO_f_linebuffer                        2463	EXIST:VMS:FUNCTION:
-BN_bntest_rand                          2464	EXIST::FUNCTION:
-OPENSSL_issetugid                       2465	EXIST::FUNCTION:
-BN_rand_range                           2466	EXIST::FUNCTION:
-ERR_load_ENGINE_strings                 2467	EXIST::FUNCTION:ENGINE
-ENGINE_set_DSA                          2468	EXIST::FUNCTION:ENGINE
-ENGINE_get_finish_function              2469	EXIST::FUNCTION:ENGINE
-ENGINE_get_default_RSA                  2470	EXIST::FUNCTION:ENGINE
-ENGINE_get_BN_mod_exp                   2471	NOEXIST::FUNCTION:
-DSA_get_default_openssl_method          2472	NOEXIST::FUNCTION:
-ENGINE_set_DH                           2473	EXIST::FUNCTION:ENGINE
-ENGINE_set_def_BN_mod_exp_crt           2474	NOEXIST::FUNCTION:
-ENGINE_set_default_BN_mod_exp_crt       2474	NOEXIST::FUNCTION:
-ENGINE_init                             2475	EXIST::FUNCTION:ENGINE
-DH_get_default_openssl_method           2476	NOEXIST::FUNCTION:
-RSA_set_default_openssl_method          2477	NOEXIST::FUNCTION:
-ENGINE_finish                           2478	EXIST::FUNCTION:ENGINE
-ENGINE_load_public_key                  2479	EXIST::FUNCTION:ENGINE
-ENGINE_get_DH                           2480	EXIST::FUNCTION:ENGINE
-ENGINE_ctrl                             2481	EXIST::FUNCTION:ENGINE
-ENGINE_get_init_function                2482	EXIST::FUNCTION:ENGINE
-ENGINE_set_init_function                2483	EXIST::FUNCTION:ENGINE
-ENGINE_set_default_DSA                  2484	EXIST::FUNCTION:ENGINE
-ENGINE_get_name                         2485	EXIST::FUNCTION:ENGINE
-ENGINE_get_last                         2486	EXIST::FUNCTION:ENGINE
-ENGINE_get_prev                         2487	EXIST::FUNCTION:ENGINE
-ENGINE_get_default_DH                   2488	EXIST::FUNCTION:ENGINE
-ENGINE_get_RSA                          2489	EXIST::FUNCTION:ENGINE
-ENGINE_set_default                      2490	EXIST::FUNCTION:ENGINE
-ENGINE_get_RAND                         2491	EXIST::FUNCTION:ENGINE
-ENGINE_get_first                        2492	EXIST::FUNCTION:ENGINE
-ENGINE_by_id                            2493	EXIST::FUNCTION:ENGINE
-ENGINE_set_finish_function              2494	EXIST::FUNCTION:ENGINE
-ENGINE_get_def_BN_mod_exp_crt           2495	NOEXIST::FUNCTION:
-ENGINE_get_default_BN_mod_exp_crt       2495	NOEXIST::FUNCTION:
-RSA_get_default_openssl_method          2496	NOEXIST::FUNCTION:
-ENGINE_set_RSA                          2497	EXIST::FUNCTION:ENGINE
-ENGINE_load_private_key                 2498	EXIST::FUNCTION:ENGINE
-ENGINE_set_default_RAND                 2499	EXIST::FUNCTION:ENGINE
-ENGINE_set_BN_mod_exp                   2500	NOEXIST::FUNCTION:
-ENGINE_remove                           2501	EXIST::FUNCTION:ENGINE
-ENGINE_free                             2502	EXIST::FUNCTION:ENGINE
-ENGINE_get_BN_mod_exp_crt               2503	NOEXIST::FUNCTION:
-ENGINE_get_next                         2504	EXIST::FUNCTION:ENGINE
-ENGINE_set_name                         2505	EXIST::FUNCTION:ENGINE
-ENGINE_get_default_DSA                  2506	EXIST::FUNCTION:ENGINE
-ENGINE_set_default_BN_mod_exp           2507	NOEXIST::FUNCTION:
-ENGINE_set_default_RSA                  2508	EXIST::FUNCTION:ENGINE
-ENGINE_get_default_RAND                 2509	EXIST::FUNCTION:ENGINE
-ENGINE_get_default_BN_mod_exp           2510	NOEXIST::FUNCTION:
-ENGINE_set_RAND                         2511	EXIST::FUNCTION:ENGINE
-ENGINE_set_id                           2512	EXIST::FUNCTION:ENGINE
-ENGINE_set_BN_mod_exp_crt               2513	NOEXIST::FUNCTION:
-ENGINE_set_default_DH                   2514	EXIST::FUNCTION:ENGINE
-ENGINE_new                              2515	EXIST::FUNCTION:ENGINE
-ENGINE_get_id                           2516	EXIST::FUNCTION:ENGINE
-DSA_set_default_openssl_method          2517	NOEXIST::FUNCTION:
-ENGINE_add                              2518	EXIST::FUNCTION:ENGINE
-DH_set_default_openssl_method           2519	NOEXIST::FUNCTION:
-ENGINE_get_DSA                          2520	EXIST::FUNCTION:ENGINE
-ENGINE_get_ctrl_function                2521	EXIST::FUNCTION:ENGINE
-ENGINE_set_ctrl_function                2522	EXIST::FUNCTION:ENGINE
-BN_pseudo_rand_range                    2523	EXIST::FUNCTION:
-X509_STORE_CTX_set_verify_cb            2524	EXIST::FUNCTION:
-ERR_load_COMP_strings                   2525	EXIST::FUNCTION:
-PKCS12_item_decrypt_d2i                 2526	EXIST::FUNCTION:
-ASN1_UTF8STRING_it                      2527	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UTF8STRING_it                      2527	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_unregister_ciphers               2528	EXIST::FUNCTION:ENGINE
-ENGINE_get_ciphers                      2529	EXIST::FUNCTION:ENGINE
-d2i_OCSP_BASICRESP                      2530	EXIST::FUNCTION:
-KRB5_CHECKSUM_it                        2531	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_CHECKSUM_it                        2531	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_POINT_add                            2532	EXIST::FUNCTION:EC
-ASN1_item_ex_i2d                        2533	EXIST::FUNCTION:
-OCSP_CERTID_it                          2534	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CERTID_it                          2534	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_RESPBYTES                      2535	EXIST::FUNCTION:
-X509V3_add1_i2d                         2536	EXIST::FUNCTION:
-PKCS7_ENVELOPE_it                       2537	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENVELOPE_it                       2537	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_add_input_boolean                    2538	EXIST::FUNCTION:
-ENGINE_unregister_RSA                   2539	EXIST::FUNCTION:ENGINE
-X509V3_EXT_nconf                        2540	EXIST::FUNCTION:
-ASN1_GENERALSTRING_free                 2541	EXIST::FUNCTION:
-d2i_OCSP_CERTSTATUS                     2542	EXIST::FUNCTION:
-X509_REVOKED_set_serialNumber           2543	EXIST::FUNCTION:
-X509_print_ex                           2544	EXIST::FUNCTION:BIO
-OCSP_ONEREQ_get1_ext_d2i                2545	EXIST::FUNCTION:
-ENGINE_register_all_RAND                2546	EXIST::FUNCTION:ENGINE
-ENGINE_load_dynamic                     2547	EXIST::FUNCTION:ENGINE
-PBKDF2PARAM_it                          2548	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBKDF2PARAM_it                          2548	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EXTENDED_KEY_USAGE_new                  2549	EXIST::FUNCTION:
-EC_GROUP_clear_free                     2550	EXIST::FUNCTION:EC
-OCSP_sendreq_bio                        2551	EXIST::FUNCTION:
-ASN1_item_digest                        2552	EXIST::FUNCTION:EVP
-OCSP_BASICRESP_delete_ext               2553	EXIST::FUNCTION:
-OCSP_SIGNATURE_it                       2554	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SIGNATURE_it                       2554	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_it                             2555	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CRL_it                             2555	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_BASICRESP_add_ext                  2556	EXIST::FUNCTION:
-KRB5_ENCKEY_it                          2557	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_ENCKEY_it                          2557	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_method_set_closer                    2558	EXIST::FUNCTION:
-X509_STORE_set_purpose                  2559	EXIST::FUNCTION:
-i2d_ASN1_GENERALSTRING                  2560	EXIST::FUNCTION:
-OCSP_response_status                    2561	EXIST::FUNCTION:
-i2d_OCSP_SERVICELOC                     2562	EXIST::FUNCTION:
-ENGINE_get_digest_engine                2563	EXIST::FUNCTION:ENGINE
-EC_GROUP_set_curve_GFp                  2564	EXIST::FUNCTION:EC
-OCSP_REQUEST_get_ext_by_OBJ             2565	EXIST::FUNCTION:
-_ossl_old_des_random_key                2566	EXIST::FUNCTION:DES
-ASN1_T61STRING_it                       2567	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_T61STRING_it                       2567	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_method_of                      2568	EXIST::FUNCTION:EC
-i2d_KRB5_APREQ                          2569	EXIST::FUNCTION:
-_ossl_old_des_encrypt                   2570	EXIST::FUNCTION:DES
-ASN1_PRINTABLE_new                      2571	EXIST::FUNCTION:
-HMAC_Init_ex                            2572	EXIST::FUNCTION:HMAC
-d2i_KRB5_AUTHENT                        2573	EXIST::FUNCTION:
-OCSP_archive_cutoff_new                 2574	EXIST::FUNCTION:
-EC_POINT_set_Jprojective_coordinates_GFp 2575	EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_Jproj_coords_GFp           2575	EXIST:VMS:FUNCTION:EC
-_ossl_old_des_is_weak_key               2576	EXIST::FUNCTION:DES
-OCSP_BASICRESP_get_ext_by_OBJ           2577	EXIST::FUNCTION:
-EC_POINT_oct2point                      2578	EXIST::FUNCTION:EC
-OCSP_SINGLERESP_get_ext_count           2579	EXIST::FUNCTION:
-UI_ctrl                                 2580	EXIST::FUNCTION:
-_shadow_DES_rw_mode                     2581	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
-_shadow_DES_rw_mode                     2581	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
-asn1_do_adb                             2582	EXIST::FUNCTION:
-ASN1_template_i2d                       2583	EXIST::FUNCTION:
-ENGINE_register_DH                      2584	EXIST::FUNCTION:ENGINE
-UI_construct_prompt                     2585	EXIST::FUNCTION:
-X509_STORE_set_trust                    2586	EXIST::FUNCTION:
-UI_dup_input_string                     2587	EXIST::FUNCTION:
-d2i_KRB5_APREQ                          2588	EXIST::FUNCTION:
-EVP_MD_CTX_copy_ex                      2589	EXIST::FUNCTION:
-OCSP_request_is_signed                  2590	EXIST::FUNCTION:
-i2d_OCSP_REQINFO                        2591	EXIST::FUNCTION:
-KRB5_ENCKEY_free                        2592	EXIST::FUNCTION:
-OCSP_resp_get0                          2593	EXIST::FUNCTION:
-GENERAL_NAME_it                         2594	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_NAME_it                         2594	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_GENERALIZEDTIME_it                 2595	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_GENERALIZEDTIME_it                 2595	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_STORE_set_flags                    2596	EXIST::FUNCTION:
-EC_POINT_set_compressed_coordinates_GFp 2597	EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GFp           2597	EXIST:VMS:FUNCTION:EC
-OCSP_response_status_str                2598	EXIST::FUNCTION:
-d2i_OCSP_REVOKEDINFO                    2599	EXIST::FUNCTION:
-OCSP_basic_add1_cert                    2600	EXIST::FUNCTION:
-ERR_get_implementation                  2601	EXIST::FUNCTION:
-EVP_CipherFinal_ex                      2602	EXIST::FUNCTION:
-OCSP_CERTSTATUS_new                     2603	EXIST::FUNCTION:
-CRYPTO_cleanup_all_ex_data              2604	EXIST::FUNCTION:
-OCSP_resp_find                          2605	EXIST::FUNCTION:
-BN_nnmod                                2606	EXIST::FUNCTION:
-X509_CRL_sort                           2607	EXIST::FUNCTION:
-X509_REVOKED_set_revocationDate         2608	EXIST::FUNCTION:
-ENGINE_register_RAND                    2609	EXIST::FUNCTION:ENGINE
-OCSP_SERVICELOC_new                     2610	EXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GFp     2611	EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GFp          2611	EXIST:VMS:FUNCTION:EC
-_ossl_old_des_options                   2612	EXIST::FUNCTION:DES
-SXNET_it                                2613	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-SXNET_it                                2613	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_dup_input_boolean                    2614	EXIST::FUNCTION:
-PKCS12_add_CSPName_asc                  2615	EXIST::FUNCTION:
-EC_POINT_is_at_infinity                 2616	EXIST::FUNCTION:EC
-ENGINE_load_cryptodev                   2617	EXIST::FUNCTION:ENGINE
-DSO_convert_filename                    2618	EXIST::FUNCTION:
-POLICYQUALINFO_it                       2619	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICYQUALINFO_it                       2619	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_register_ciphers                 2620	EXIST::FUNCTION:ENGINE
-BN_mod_lshift_quick                     2621	EXIST::FUNCTION:
-DSO_set_filename                        2622	EXIST::FUNCTION:
-ASN1_item_free                          2623	EXIST::FUNCTION:
-KRB5_TKTBODY_free                       2624	EXIST::FUNCTION:
-AUTHORITY_KEYID_it                      2625	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-AUTHORITY_KEYID_it                      2625	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_APREQBODY_new                      2626	EXIST::FUNCTION:
-X509V3_EXT_REQ_add_nconf                2627	EXIST::FUNCTION:
-ENGINE_ctrl_cmd_string                  2628	EXIST::FUNCTION:ENGINE
-i2d_OCSP_RESPDATA                       2629	EXIST::FUNCTION:
-EVP_MD_CTX_init                         2630	EXIST::FUNCTION:
-EXTENDED_KEY_USAGE_free                 2631	EXIST::FUNCTION:
-PKCS7_ATTR_SIGN_it                      2632	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ATTR_SIGN_it                      2632	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_add_error_string                     2633	EXIST::FUNCTION:
-KRB5_CHECKSUM_free                      2634	EXIST::FUNCTION:
-OCSP_REQUEST_get_ext                    2635	EXIST::FUNCTION:
-ENGINE_load_ubsec                       2636	EXIST::FUNCTION:ENGINE
-ENGINE_register_all_digests             2637	EXIST::FUNCTION:ENGINE
-PKEY_USAGE_PERIOD_it                    2638	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKEY_USAGE_PERIOD_it                    2638	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_unpack_authsafes                 2639	EXIST::FUNCTION:
-ASN1_item_unpack                        2640	EXIST::FUNCTION:
-NETSCAPE_SPKAC_it                       2641	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_SPKAC_it                       2641	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_REVOKED_it                         2642	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REVOKED_it                         2642	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_STRING_encode                      2643	EXIST::FUNCTION:
-EVP_aes_128_ecb                         2644	EXIST::FUNCTION:AES
-KRB5_AUTHENT_free                       2645	EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_by_critical      2646	EXIST:!VMS:FUNCTION:
-OCSP_BASICRESP_get_ext_by_crit          2646	EXIST:VMS:FUNCTION:
-OCSP_cert_status_str                    2647	EXIST::FUNCTION:
-d2i_OCSP_REQUEST                        2648	EXIST::FUNCTION:
-UI_dup_info_string                      2649	EXIST::FUNCTION:
-_ossl_old_des_xwhite_in2out             2650	EXIST::FUNCTION:DES
-PKCS12_it                               2651	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_it                               2651	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_get_ext_by_critical     2652	EXIST:!VMS:FUNCTION:
-OCSP_SINGLERESP_get_ext_by_crit         2652	EXIST:VMS:FUNCTION:
-OCSP_CERTSTATUS_free                    2653	EXIST::FUNCTION:
-_ossl_old_des_crypt                     2654	EXIST::FUNCTION:DES
-ASN1_item_i2d                           2655	EXIST::FUNCTION:
-EVP_DecryptFinal_ex                     2656	EXIST::FUNCTION:
-ENGINE_load_openssl                     2657	EXIST::FUNCTION:ENGINE
-ENGINE_get_cmd_defns                    2658	EXIST::FUNCTION:ENGINE
-ENGINE_set_load_privkey_function        2659	EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_set_load_privkey_fn              2659	EXIST:VMS:FUNCTION:ENGINE
-EVP_EncryptFinal_ex                     2660	EXIST::FUNCTION:
-ENGINE_set_default_digests              2661	EXIST::FUNCTION:ENGINE
-X509_get0_pubkey_bitstr                 2662	EXIST::FUNCTION:
-asn1_ex_i2c                             2663	EXIST::FUNCTION:
-ENGINE_register_RSA                     2664	EXIST::FUNCTION:ENGINE
-ENGINE_unregister_DSA                   2665	EXIST::FUNCTION:ENGINE
-_ossl_old_des_key_sched                 2666	EXIST::FUNCTION:DES
-X509_EXTENSION_it                       2667	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_EXTENSION_it                       2667	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_KRB5_AUTHENT                        2668	EXIST::FUNCTION:
-SXNETID_it                              2669	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-SXNETID_it                              2669	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_SINGLERESP                     2670	EXIST::FUNCTION:
-EDIPARTYNAME_new                        2671	EXIST::FUNCTION:
-PKCS12_certbag2x509                     2672	EXIST::FUNCTION:
-_ossl_old_des_ofb64_encrypt             2673	EXIST::FUNCTION:DES
-d2i_EXTENDED_KEY_USAGE                  2674	EXIST::FUNCTION:
-ERR_print_errors_cb                     2675	EXIST::FUNCTION:
-ENGINE_set_ciphers                      2676	EXIST::FUNCTION:ENGINE
-d2i_KRB5_APREQBODY                      2677	EXIST::FUNCTION:
-UI_method_get_flusher                   2678	EXIST::FUNCTION:
-X509_PUBKEY_it                          2679	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_PUBKEY_it                          2679	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_enc_read                  2680	EXIST::FUNCTION:DES
-PKCS7_ENCRYPT_it                        2681	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENCRYPT_it                        2681	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_OCSP_RESPONSE                       2682	EXIST::FUNCTION:
-EC_GROUP_get_cofactor                   2683	EXIST::FUNCTION:EC
-PKCS12_unpack_p7data                    2684	EXIST::FUNCTION:
-d2i_KRB5_AUTHDATA                       2685	EXIST::FUNCTION:
-OCSP_copy_nonce                         2686	EXIST::FUNCTION:
-KRB5_AUTHDATA_new                       2687	EXIST::FUNCTION:
-OCSP_RESPDATA_new                       2688	EXIST::FUNCTION:
-EC_GFp_mont_method                      2689	EXIST::FUNCTION:EC
-OCSP_REVOKEDINFO_free                   2690	EXIST::FUNCTION:
-UI_get_ex_data                          2691	EXIST::FUNCTION:
-KRB5_APREQBODY_free                     2692	EXIST::FUNCTION:
-EC_GROUP_get0_generator                 2693	EXIST::FUNCTION:EC
-UI_get_default_method                   2694	EXIST::FUNCTION:
-X509V3_set_nconf                        2695	EXIST::FUNCTION:
-PKCS12_item_i2d_encrypt                 2696	EXIST::FUNCTION:
-X509_add1_ext_i2d                       2697	EXIST::FUNCTION:
-PKCS7_SIGNER_INFO_it                    2698	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGNER_INFO_it                    2698	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_PRINCNAME_new                      2699	EXIST::FUNCTION:
-PKCS12_SAFEBAG_it                       2700	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_SAFEBAG_it                       2700	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_get_order                      2701	EXIST::FUNCTION:EC
-d2i_OCSP_RESPID                         2702	EXIST::FUNCTION:
-OCSP_request_verify                     2703	EXIST::FUNCTION:
-NCONF_get_number_e                      2704	EXIST::FUNCTION:
-_ossl_old_des_decrypt3                  2705	EXIST::FUNCTION:DES
-X509_signature_print                    2706	EXIST::FUNCTION:EVP
-OCSP_SINGLERESP_free                    2707	EXIST::FUNCTION:
-ENGINE_load_builtin_engines             2708	EXIST::FUNCTION:ENGINE
-i2d_OCSP_ONEREQ                         2709	EXIST::FUNCTION:
-OCSP_REQUEST_add_ext                    2710	EXIST::FUNCTION:
-OCSP_RESPBYTES_new                      2711	EXIST::FUNCTION:
-EVP_MD_CTX_create                       2712	EXIST::FUNCTION:
-OCSP_resp_find_status                   2713	EXIST::FUNCTION:
-X509_ALGOR_it                           2714	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_ALGOR_it                           2714	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_TIME_it                            2715	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_TIME_it                            2715	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_set1_name                  2716	EXIST::FUNCTION:
-OCSP_ONEREQ_get_ext_count               2717	EXIST::FUNCTION:
-UI_get0_result                          2718	EXIST::FUNCTION:
-PKCS12_AUTHSAFES_it                     2719	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_AUTHSAFES_it                     2719	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_256_ecb                         2720	EXIST::FUNCTION:AES
-PKCS12_pack_authsafes                   2721	EXIST::FUNCTION:
-ASN1_IA5STRING_it                       2722	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_IA5STRING_it                       2722	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get_input_flags                      2723	EXIST::FUNCTION:
-EC_GROUP_set_generator                  2724	EXIST::FUNCTION:EC
-_ossl_old_des_string_to_2keys           2725	EXIST::FUNCTION:DES
-OCSP_CERTID_free                        2726	EXIST::FUNCTION:
-X509_CERT_AUX_it                        2727	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CERT_AUX_it                        2727	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CERTIFICATEPOLICIES_it                  2728	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CERTIFICATEPOLICIES_it                  2728	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_ede3_cbc_encrypt          2729	EXIST::FUNCTION:DES
-RAND_set_rand_engine                    2730	EXIST::FUNCTION:ENGINE
-DSO_get_loaded_filename                 2731	EXIST::FUNCTION:
-X509_ATTRIBUTE_it                       2732	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_ATTRIBUTE_it                       2732	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_ONEREQ_get_ext_by_NID              2733	EXIST::FUNCTION:
-PKCS12_decrypt_skey                     2734	EXIST::FUNCTION:
-KRB5_AUTHENT_it                         2735	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHENT_it                         2735	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_dup_error_string                     2736	EXIST::FUNCTION:
-RSAPublicKey_it                         2737	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
-RSAPublicKey_it                         2737	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
-i2d_OCSP_REQUEST                        2738	EXIST::FUNCTION:
-PKCS12_x509crl2certbag                  2739	EXIST::FUNCTION:
-OCSP_SERVICELOC_it                      2740	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SERVICELOC_it                      2740	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_item_sign                          2741	EXIST::FUNCTION:EVP
-X509_CRL_set_issuer_name                2742	EXIST::FUNCTION:
-OBJ_NAME_do_all_sorted                  2743	EXIST::FUNCTION:
-i2d_OCSP_BASICRESP                      2744	EXIST::FUNCTION:
-i2d_OCSP_RESPBYTES                      2745	EXIST::FUNCTION:
-PKCS12_unpack_p7encdata                 2746	EXIST::FUNCTION:
-HMAC_CTX_init                           2747	EXIST::FUNCTION:HMAC
-ENGINE_get_digest                       2748	EXIST::FUNCTION:ENGINE
-OCSP_RESPONSE_print                     2749	EXIST::FUNCTION:
-KRB5_TKTBODY_it                         2750	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_TKTBODY_it                         2750	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ACCESS_DESCRIPTION_it                   2751	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ACCESS_DESCRIPTION_it                   2751	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS7_ISSUER_AND_SERIAL_it              2752	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ISSUER_AND_SERIAL_it              2752	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PBE2PARAM_it                            2753	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBE2PARAM_it                            2753	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_certbag2x509crl                  2754	EXIST::FUNCTION:
-PKCS7_SIGNED_it                         2755	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGNED_it                         2755	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_cipher                       2756	EXIST::FUNCTION:ENGINE
-i2d_OCSP_CRLID                          2757	EXIST::FUNCTION:
-OCSP_SINGLERESP_new                     2758	EXIST::FUNCTION:
-ENGINE_cmd_is_executable                2759	EXIST::FUNCTION:ENGINE
-RSA_up_ref                              2760	EXIST::FUNCTION:RSA
-ASN1_GENERALSTRING_it                   2761	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_GENERALSTRING_it                   2761	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_register_DSA                     2762	EXIST::FUNCTION:ENGINE
-X509V3_EXT_add_nconf_sk                 2763	EXIST::FUNCTION:
-ENGINE_set_load_pubkey_function         2764	EXIST::FUNCTION:ENGINE
-PKCS8_decrypt                           2765	EXIST::FUNCTION:
-PEM_bytes_read_bio                      2766	EXIST::FUNCTION:BIO
-DIRECTORYSTRING_it                      2767	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIRECTORYSTRING_it                      2767	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_CRLID                          2768	EXIST::FUNCTION:
-EC_POINT_is_on_curve                    2769	EXIST::FUNCTION:EC
-CRYPTO_set_locked_mem_ex_functions      2770	EXIST:!VMS:FUNCTION:
-CRYPTO_set_locked_mem_ex_funcs          2770	EXIST:VMS:FUNCTION:
-d2i_KRB5_CHECKSUM                       2771	EXIST::FUNCTION:
-ASN1_item_dup                           2772	EXIST::FUNCTION:
-X509_it                                 2773	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_it                                 2773	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_add                              2774	EXIST::FUNCTION:
-KRB5_AUTHDATA_free                      2775	EXIST::FUNCTION:
-_ossl_old_des_cbc_cksum                 2776	EXIST::FUNCTION:DES
-ASN1_item_verify                        2777	EXIST::FUNCTION:EVP
-CRYPTO_set_mem_ex_functions             2778	EXIST::FUNCTION:
-EC_POINT_get_Jprojective_coordinates_GFp 2779	EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_Jproj_coords_GFp           2779	EXIST:VMS:FUNCTION:EC
-ZLONG_it                                2780	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ZLONG_it                                2780	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CRYPTO_get_locked_mem_ex_functions      2781	EXIST:!VMS:FUNCTION:
-CRYPTO_get_locked_mem_ex_funcs          2781	EXIST:VMS:FUNCTION:
-ASN1_TIME_check                         2782	EXIST::FUNCTION:
-UI_get0_user_data                       2783	EXIST::FUNCTION:
-HMAC_CTX_cleanup                        2784	EXIST::FUNCTION:HMAC
-DSA_up_ref                              2785	EXIST::FUNCTION:DSA
-_ossl_old_des_ede3_cfb64_encrypt        2786	EXIST:!VMS:FUNCTION:DES
-_ossl_odes_ede3_cfb64_encrypt           2786	EXIST:VMS:FUNCTION:DES
-ASN1_BMPSTRING_it                       2787	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BMPSTRING_it                       2787	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_tag2bit                            2788	EXIST::FUNCTION:
-UI_method_set_flusher                   2789	EXIST::FUNCTION:
-X509_ocspid_print                       2790	EXIST::FUNCTION:BIO
-KRB5_ENCDATA_it                         2791	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_ENCDATA_it                         2791	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_load_pubkey_function         2792	EXIST::FUNCTION:ENGINE
-UI_add_user_data                        2793	EXIST::FUNCTION:
-OCSP_REQUEST_delete_ext                 2794	EXIST::FUNCTION:
-UI_get_method                           2795	EXIST::FUNCTION:
-OCSP_ONEREQ_free                        2796	EXIST::FUNCTION:
-ASN1_PRINTABLESTRING_it                 2797	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_PRINTABLESTRING_it                 2797	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_set_nextUpdate                 2798	EXIST::FUNCTION:
-OCSP_REQUEST_it                         2799	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REQUEST_it                         2799	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_BASICRESP_it                       2800	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_BASICRESP_it                       2800	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_ecb_encrypt                         2801	EXIST::FUNCTION:AES
-BN_mod_sqr                              2802	EXIST::FUNCTION:
-NETSCAPE_CERT_SEQUENCE_it               2803	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_CERT_SEQUENCE_it               2803	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_NAMES_it                        2804	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_NAMES_it                        2804	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AUTHORITY_INFO_ACCESS_it                2805	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-AUTHORITY_INFO_ACCESS_it                2805	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_FBOOLEAN_it                        2806	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_FBOOLEAN_it                        2806	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_ex_data                          2807	EXIST::FUNCTION:
-_ossl_old_des_string_to_key             2808	EXIST::FUNCTION:DES
-ENGINE_register_all_RSA                 2809	EXIST::FUNCTION:ENGINE
-d2i_KRB5_PRINCNAME                      2810	EXIST::FUNCTION:
-OCSP_RESPBYTES_it                       2811	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPBYTES_it                       2811	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CINF_it                            2812	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CINF_it                            2812	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_unregister_digests               2813	EXIST::FUNCTION:ENGINE
-d2i_EDIPARTYNAME                        2814	EXIST::FUNCTION:
-d2i_OCSP_SERVICELOC                     2815	EXIST::FUNCTION:
-ENGINE_get_digests                      2816	EXIST::FUNCTION:ENGINE
-_ossl_old_des_set_odd_parity            2817	EXIST::FUNCTION:DES
-OCSP_RESPDATA_free                      2818	EXIST::FUNCTION:
-d2i_KRB5_TICKET                         2819	EXIST::FUNCTION:
-OTHERNAME_it                            2820	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OTHERNAME_it                            2820	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_MD_CTX_cleanup                      2821	EXIST::FUNCTION:
-d2i_ASN1_GENERALSTRING                  2822	EXIST::FUNCTION:
-X509_CRL_set_version                    2823	EXIST::FUNCTION:
-BN_mod_sub                              2824	EXIST::FUNCTION:
-OCSP_SINGLERESP_get_ext_by_NID          2825	EXIST::FUNCTION:
-ENGINE_get_ex_new_index                 2826	EXIST::FUNCTION:ENGINE
-OCSP_REQUEST_free                       2827	EXIST::FUNCTION:
-OCSP_REQUEST_add1_ext_i2d               2828	EXIST::FUNCTION:
-X509_VAL_it                             2829	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_VAL_it                             2829	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_POINTs_make_affine                   2830	EXIST::FUNCTION:EC
-EC_POINT_mul                            2831	EXIST::FUNCTION:EC
-X509V3_EXT_add_nconf                    2832	EXIST::FUNCTION:
-X509_TRUST_set                          2833	EXIST::FUNCTION:
-X509_CRL_add1_ext_i2d                   2834	EXIST::FUNCTION:
-_ossl_old_des_fcrypt                    2835	EXIST::FUNCTION:DES
-DISPLAYTEXT_it                          2836	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DISPLAYTEXT_it                          2836	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_CRL_set_lastUpdate                 2837	EXIST::FUNCTION:
-OCSP_BASICRESP_free                     2838	EXIST::FUNCTION:
-OCSP_BASICRESP_add1_ext_i2d             2839	EXIST::FUNCTION:
-d2i_KRB5_AUTHENTBODY                    2840	EXIST::FUNCTION:
-CRYPTO_set_ex_data_implementation       2841	EXIST:!VMS:FUNCTION:
-CRYPTO_set_ex_data_impl                 2841	EXIST:VMS:FUNCTION:
-KRB5_ENCDATA_new                        2842	EXIST::FUNCTION:
-DSO_up_ref                              2843	EXIST::FUNCTION:
-OCSP_crl_reason_str                     2844	EXIST::FUNCTION:
-UI_get0_result_string                   2845	EXIST::FUNCTION:
-ASN1_GENERALSTRING_new                  2846	EXIST::FUNCTION:
-X509_SIG_it                             2847	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_SIG_it                             2847	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ERR_set_implementation                  2848	EXIST::FUNCTION:
-ERR_load_EC_strings                     2849	EXIST::FUNCTION:EC
-UI_get0_action_string                   2850	EXIST::FUNCTION:
-OCSP_ONEREQ_get_ext                     2851	EXIST::FUNCTION:
-EC_POINT_method_of                      2852	EXIST::FUNCTION:EC
-i2d_KRB5_APREQBODY                      2853	EXIST::FUNCTION:
-_ossl_old_des_ecb3_encrypt              2854	EXIST::FUNCTION:DES
-CRYPTO_get_mem_ex_functions             2855	EXIST::FUNCTION:
-ENGINE_get_ex_data                      2856	EXIST::FUNCTION:ENGINE
-UI_destroy_method                       2857	EXIST::FUNCTION:
-ASN1_item_i2d_bio                       2858	EXIST::FUNCTION:BIO
-OCSP_ONEREQ_get_ext_by_OBJ              2859	EXIST::FUNCTION:
-ASN1_primitive_new                      2860	EXIST::FUNCTION:
-ASN1_PRINTABLE_it                       2861	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_PRINTABLE_it                       2861	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_192_ecb                         2862	EXIST::FUNCTION:AES
-OCSP_SIGNATURE_new                      2863	EXIST::FUNCTION:
-LONG_it                                 2864	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-LONG_it                                 2864	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_VISIBLESTRING_it                   2865	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_VISIBLESTRING_it                   2865	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_add1_ext_i2d            2866	EXIST::FUNCTION:
-d2i_OCSP_CERTID                         2867	EXIST::FUNCTION:
-ASN1_item_d2i_fp                        2868	EXIST::FUNCTION:FP_API
-CRL_DIST_POINTS_it                      2869	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CRL_DIST_POINTS_it                      2869	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_NAME_print                      2870	EXIST::FUNCTION:
-OCSP_SINGLERESP_delete_ext              2871	EXIST::FUNCTION:
-PKCS12_SAFEBAGS_it                      2872	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_SAFEBAGS_it                      2872	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_SIGNATURE                      2873	EXIST::FUNCTION:
-OCSP_request_add1_nonce                 2874	EXIST::FUNCTION:
-ENGINE_set_cmd_defns                    2875	EXIST::FUNCTION:ENGINE
-OCSP_SERVICELOC_free                    2876	EXIST::FUNCTION:
-EC_GROUP_free                           2877	EXIST::FUNCTION:EC
-ASN1_BIT_STRING_it                      2878	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BIT_STRING_it                      2878	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_REQ_it                             2879	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REQ_it                             2879	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_cbc_encrypt               2880	EXIST::FUNCTION:DES
-ERR_unload_strings                      2881	EXIST::FUNCTION:
-PKCS7_SIGN_ENVELOPE_it                  2882	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_SIGN_ENVELOPE_it                  2882	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EDIPARTYNAME_free                       2883	EXIST::FUNCTION:
-OCSP_REQINFO_free                       2884	EXIST::FUNCTION:
-EC_GROUP_new_curve_GFp                  2885	EXIST::FUNCTION:EC
-OCSP_REQUEST_get1_ext_d2i               2886	EXIST::FUNCTION:
-PKCS12_item_pack_safebag                2887	EXIST::FUNCTION:
-asn1_ex_c2i                             2888	EXIST::FUNCTION:
-ENGINE_register_digests                 2889	EXIST::FUNCTION:ENGINE
-i2d_OCSP_REVOKEDINFO                    2890	EXIST::FUNCTION:
-asn1_enc_restore                        2891	EXIST::FUNCTION:
-UI_free                                 2892	EXIST::FUNCTION:
-UI_new_method                           2893	EXIST::FUNCTION:
-EVP_EncryptInit_ex                      2894	EXIST::FUNCTION:
-X509_pubkey_digest                      2895	EXIST::FUNCTION:EVP
-EC_POINT_invert                         2896	EXIST::FUNCTION:EC
-OCSP_basic_sign                         2897	EXIST::FUNCTION:
-i2d_OCSP_RESPID                         2898	EXIST::FUNCTION:
-OCSP_check_nonce                        2899	EXIST::FUNCTION:
-ENGINE_ctrl_cmd                         2900	EXIST::FUNCTION:ENGINE
-d2i_KRB5_ENCKEY                         2901	EXIST::FUNCTION:
-OCSP_parse_url                          2902	EXIST::FUNCTION:
-OCSP_SINGLERESP_get_ext                 2903	EXIST::FUNCTION:
-OCSP_CRLID_free                         2904	EXIST::FUNCTION:
-OCSP_BASICRESP_get1_ext_d2i             2905	EXIST::FUNCTION:
-RSAPrivateKey_it                        2906	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
-RSAPrivateKey_it                        2906	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
-ENGINE_register_all_DH                  2907	EXIST::FUNCTION:ENGINE
-i2d_EDIPARTYNAME                        2908	EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GFp     2909	EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GFp          2909	EXIST:VMS:FUNCTION:EC
-OCSP_CRLID_new                          2910	EXIST::FUNCTION:
-ENGINE_get_flags                        2911	EXIST::FUNCTION:ENGINE
-OCSP_ONEREQ_it                          2912	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_ONEREQ_it                          2912	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_process                              2913	EXIST::FUNCTION:
-ASN1_INTEGER_it                         2914	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_INTEGER_it                         2914	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_CipherInit_ex                       2915	EXIST::FUNCTION:
-UI_get_string_type                      2916	EXIST::FUNCTION:
-ENGINE_unregister_DH                    2917	EXIST::FUNCTION:ENGINE
-ENGINE_register_all_DSA                 2918	EXIST::FUNCTION:ENGINE
-OCSP_ONEREQ_get_ext_by_critical         2919	EXIST::FUNCTION:
-bn_dup_expand                           2920	EXIST::FUNCTION:
-OCSP_cert_id_new                        2921	EXIST::FUNCTION:
-BASIC_CONSTRAINTS_it                    2922	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-BASIC_CONSTRAINTS_it                    2922	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_add_quick                        2923	EXIST::FUNCTION:
-EC_POINT_new                            2924	EXIST::FUNCTION:EC
-EVP_MD_CTX_destroy                      2925	EXIST::FUNCTION:
-OCSP_RESPBYTES_free                     2926	EXIST::FUNCTION:
-EVP_aes_128_cbc                         2927	EXIST::FUNCTION:AES
-OCSP_SINGLERESP_get1_ext_d2i            2928	EXIST::FUNCTION:
-EC_POINT_free                           2929	EXIST::FUNCTION:EC
-DH_up_ref                               2930	EXIST::FUNCTION:DH
-X509_NAME_ENTRY_it                      2931	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_NAME_ENTRY_it                      2931	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get_ex_new_index                     2932	EXIST::FUNCTION:
-BN_mod_sub_quick                        2933	EXIST::FUNCTION:
-OCSP_ONEREQ_add_ext                     2934	EXIST::FUNCTION:
-OCSP_request_sign                       2935	EXIST::FUNCTION:
-EVP_DigestFinal_ex                      2936	EXIST::FUNCTION:
-ENGINE_set_digests                      2937	EXIST::FUNCTION:ENGINE
-OCSP_id_issuer_cmp                      2938	EXIST::FUNCTION:
-OBJ_NAME_do_all                         2939	EXIST::FUNCTION:
-EC_POINTs_mul                           2940	EXIST::FUNCTION:EC
-ENGINE_register_complete                2941	EXIST::FUNCTION:ENGINE
-X509V3_EXT_nconf_nid                    2942	EXIST::FUNCTION:
-ASN1_SEQUENCE_it                        2943	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_SEQUENCE_it                        2943	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_default_method                   2944	EXIST::FUNCTION:
-RAND_query_egd_bytes                    2945	EXIST::FUNCTION:
-UI_method_get_writer                    2946	EXIST::FUNCTION:
-UI_OpenSSL                              2947	EXIST::FUNCTION:
-PEM_def_callback                        2948	EXIST::FUNCTION:
-ENGINE_cleanup                          2949	EXIST::FUNCTION:ENGINE
-DIST_POINT_it                           2950	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIST_POINT_it                           2950	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_SINGLERESP_it                      2951	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_SINGLERESP_it                      2951	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_KRB5_TKTBODY                        2952	EXIST::FUNCTION:
-EC_POINT_cmp                            2953	EXIST::FUNCTION:EC
-OCSP_REVOKEDINFO_new                    2954	EXIST::FUNCTION:
-i2d_OCSP_CERTSTATUS                     2955	EXIST::FUNCTION:
-OCSP_basic_add1_nonce                   2956	EXIST::FUNCTION:
-ASN1_item_ex_d2i                        2957	EXIST::FUNCTION:
-BN_mod_lshift1_quick                    2958	EXIST::FUNCTION:
-UI_set_method                           2959	EXIST::FUNCTION:
-OCSP_id_get0_info                       2960	EXIST::FUNCTION:
-BN_mod_sqrt                             2961	EXIST::FUNCTION:
-EC_GROUP_copy                           2962	EXIST::FUNCTION:EC
-KRB5_ENCDATA_free                       2963	EXIST::FUNCTION:
-_ossl_old_des_cfb_encrypt               2964	EXIST::FUNCTION:DES
-OCSP_SINGLERESP_get_ext_by_OBJ          2965	EXIST::FUNCTION:
-OCSP_cert_to_id                         2966	EXIST::FUNCTION:
-OCSP_RESPID_new                         2967	EXIST::FUNCTION:
-OCSP_RESPDATA_it                        2968	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPDATA_it                        2968	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_OCSP_RESPDATA                       2969	EXIST::FUNCTION:
-ENGINE_register_all_complete            2970	EXIST::FUNCTION:ENGINE
-OCSP_check_validity                     2971	EXIST::FUNCTION:
-PKCS12_BAGS_it                          2972	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_BAGS_it                          2972	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_url_svcloc_new                     2973	EXIST::FUNCTION:
-ASN1_template_free                      2974	EXIST::FUNCTION:
-OCSP_SINGLERESP_add_ext                 2975	EXIST::FUNCTION:
-KRB5_AUTHENTBODY_it                     2976	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHENTBODY_it                     2976	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509_supported_extension                2977	EXIST::FUNCTION:
-i2d_KRB5_AUTHDATA                       2978	EXIST::FUNCTION:
-UI_method_get_opener                    2979	EXIST::FUNCTION:
-ENGINE_set_ex_data                      2980	EXIST::FUNCTION:ENGINE
-OCSP_REQUEST_print                      2981	EXIST::FUNCTION:
-CBIGNUM_it                              2982	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-CBIGNUM_it                              2982	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_TICKET_new                         2983	EXIST::FUNCTION:
-KRB5_APREQ_new                          2984	EXIST::FUNCTION:
-EC_GROUP_get_curve_GFp                  2985	EXIST::FUNCTION:EC
-KRB5_ENCKEY_new                         2986	EXIST::FUNCTION:
-ASN1_template_d2i                       2987	EXIST::FUNCTION:
-_ossl_old_des_quad_cksum                2988	EXIST::FUNCTION:DES
-OCSP_single_get0_status                 2989	EXIST::FUNCTION:
-BN_swap                                 2990	EXIST::FUNCTION:
-POLICYINFO_it                           2991	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICYINFO_it                           2991	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_set_destroy_function             2992	EXIST::FUNCTION:ENGINE
-asn1_enc_free                           2993	EXIST::FUNCTION:
-OCSP_RESPID_it                          2994	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPID_it                          2994	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GROUP_new                            2995	EXIST::FUNCTION:EC
-EVP_aes_256_cbc                         2996	EXIST::FUNCTION:AES
-i2d_KRB5_PRINCNAME                      2997	EXIST::FUNCTION:
-_ossl_old_des_encrypt2                  2998	EXIST::FUNCTION:DES
-_ossl_old_des_encrypt3                  2999	EXIST::FUNCTION:DES
-PKCS8_PRIV_KEY_INFO_it                  3000	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS8_PRIV_KEY_INFO_it                  3000	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQINFO_it                         3001	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REQINFO_it                         3001	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PBEPARAM_it                             3002	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PBEPARAM_it                             3002	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_AUTHENTBODY_new                    3003	EXIST::FUNCTION:
-X509_CRL_add0_revoked                   3004	EXIST::FUNCTION:
-EDIPARTYNAME_it                         3005	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-EDIPARTYNAME_it                         3005	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-NETSCAPE_SPKI_it                        3006	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NETSCAPE_SPKI_it                        3006	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_get0_test_string                     3007	EXIST::FUNCTION:
-ENGINE_get_cipher_engine                3008	EXIST::FUNCTION:ENGINE
-ENGINE_register_all_ciphers             3009	EXIST::FUNCTION:ENGINE
-EC_POINT_copy                           3010	EXIST::FUNCTION:EC
-BN_kronecker                            3011	EXIST::FUNCTION:
-_ossl_old_des_ede3_ofb64_encrypt        3012	EXIST:!VMS:FUNCTION:DES
-_ossl_odes_ede3_ofb64_encrypt           3012	EXIST:VMS:FUNCTION:DES
-UI_method_get_reader                    3013	EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_count            3014	EXIST::FUNCTION:
-ASN1_ENUMERATED_it                      3015	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_ENUMERATED_it                      3015	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_set_result                           3016	EXIST::FUNCTION:
-i2d_KRB5_TICKET                         3017	EXIST::FUNCTION:
-X509_print_ex_fp                        3018	EXIST::FUNCTION:FP_API
-EVP_CIPHER_CTX_set_padding              3019	EXIST::FUNCTION:
-d2i_OCSP_RESPONSE                       3020	EXIST::FUNCTION:
-ASN1_UTCTIME_it                         3021	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UTCTIME_it                         3021	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-_ossl_old_des_enc_write                 3022	EXIST::FUNCTION:DES
-OCSP_RESPONSE_new                       3023	EXIST::FUNCTION:
-AES_set_encrypt_key                     3024	EXIST::FUNCTION:AES
-OCSP_resp_count                         3025	EXIST::FUNCTION:
-KRB5_CHECKSUM_new                       3026	EXIST::FUNCTION:
-ENGINE_load_cswift                      3027	EXIST::FUNCTION:ENGINE
-OCSP_onereq_get0_id                     3028	EXIST::FUNCTION:
-ENGINE_set_default_ciphers              3029	EXIST::FUNCTION:ENGINE
-NOTICEREF_it                            3030	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NOTICEREF_it                            3030	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509V3_EXT_CRL_add_nconf                3031	EXIST::FUNCTION:
-OCSP_REVOKEDINFO_it                     3032	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_REVOKEDINFO_it                     3032	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_encrypt                             3033	EXIST::FUNCTION:AES
-OCSP_REQUEST_new                        3034	EXIST::FUNCTION:
-ASN1_ANY_it                             3035	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_ANY_it                             3035	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-CRYPTO_ex_data_new_class                3036	EXIST::FUNCTION:
-_ossl_old_des_ncbc_encrypt              3037	EXIST::FUNCTION:DES
-i2d_KRB5_TKTBODY                        3038	EXIST::FUNCTION:
-EC_POINT_clear_free                     3039	EXIST::FUNCTION:EC
-AES_decrypt                             3040	EXIST::FUNCTION:AES
-asn1_enc_init                           3041	EXIST::FUNCTION:
-UI_get_result_maxsize                   3042	EXIST::FUNCTION:
-OCSP_CERTID_new                         3043	EXIST::FUNCTION:
-ENGINE_unregister_RAND                  3044	EXIST::FUNCTION:ENGINE
-UI_method_get_closer                    3045	EXIST::FUNCTION:
-d2i_KRB5_ENCDATA                        3046	EXIST::FUNCTION:
-OCSP_request_onereq_count               3047	EXIST::FUNCTION:
-OCSP_basic_verify                       3048	EXIST::FUNCTION:
-KRB5_AUTHENTBODY_free                   3049	EXIST::FUNCTION:
-ASN1_item_d2i                           3050	EXIST::FUNCTION:
-ASN1_primitive_free                     3051	EXIST::FUNCTION:
-i2d_EXTENDED_KEY_USAGE                  3052	EXIST::FUNCTION:
-i2d_OCSP_SIGNATURE                      3053	EXIST::FUNCTION:
-asn1_enc_save                           3054	EXIST::FUNCTION:
-ENGINE_load_nuron                       3055	EXIST::FUNCTION:ENGINE
-_ossl_old_des_pcbc_encrypt              3056	EXIST::FUNCTION:DES
-PKCS12_MAC_DATA_it                      3057	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS12_MAC_DATA_it                      3057	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_accept_responses_new               3058	EXIST::FUNCTION:
-asn1_do_lock                            3059	EXIST::FUNCTION:
-PKCS7_ATTR_VERIFY_it                    3060	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ATTR_VERIFY_it                    3060	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_APREQBODY_it                       3061	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_APREQBODY_it                       3061	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_OCSP_SINGLERESP                     3062	EXIST::FUNCTION:
-ASN1_item_ex_new                        3063	EXIST::FUNCTION:
-UI_add_verify_string                    3064	EXIST::FUNCTION:
-_ossl_old_des_set_key                   3065	EXIST::FUNCTION:DES
-KRB5_PRINCNAME_it                       3066	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_PRINCNAME_it                       3066	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_DecryptInit_ex                      3067	EXIST::FUNCTION:
-i2d_OCSP_CERTID                         3068	EXIST::FUNCTION:
-ASN1_item_d2i_bio                       3069	EXIST::FUNCTION:BIO
-EC_POINT_dbl                            3070	EXIST::FUNCTION:EC
-asn1_get_choice_selector                3071	EXIST::FUNCTION:
-i2d_KRB5_CHECKSUM                       3072	EXIST::FUNCTION:
-ENGINE_set_table_flags                  3073	EXIST::FUNCTION:ENGINE
-AES_options                             3074	EXIST::FUNCTION:AES
-ENGINE_load_chil                        3075	EXIST::FUNCTION:ENGINE
-OCSP_id_cmp                             3076	EXIST::FUNCTION:
-OCSP_BASICRESP_new                      3077	EXIST::FUNCTION:
-OCSP_REQUEST_get_ext_by_NID             3078	EXIST::FUNCTION:
-KRB5_APREQ_it                           3079	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_APREQ_it                           3079	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_destroy_function             3080	EXIST::FUNCTION:ENGINE
-CONF_set_nconf                          3081	EXIST::FUNCTION:
-ASN1_PRINTABLE_free                     3082	EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext_by_NID           3083	EXIST::FUNCTION:
-DIST_POINT_NAME_it                      3084	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-DIST_POINT_NAME_it                      3084	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-X509V3_extensions_print                 3085	EXIST::FUNCTION:
-_ossl_old_des_cfb64_encrypt             3086	EXIST::FUNCTION:DES
-X509_REVOKED_add1_ext_i2d               3087	EXIST::FUNCTION:
-_ossl_old_des_ofb_encrypt               3088	EXIST::FUNCTION:DES
-KRB5_TKTBODY_new                        3089	EXIST::FUNCTION:
-ASN1_OCTET_STRING_it                    3090	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OCTET_STRING_it                    3090	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ERR_load_UI_strings                     3091	EXIST::FUNCTION:
-i2d_KRB5_ENCKEY                         3092	EXIST::FUNCTION:
-ASN1_template_new                       3093	EXIST::FUNCTION:
-OCSP_SIGNATURE_free                     3094	EXIST::FUNCTION:
-ASN1_item_i2d_fp                        3095	EXIST::FUNCTION:FP_API
-KRB5_PRINCNAME_free                     3096	EXIST::FUNCTION:
-PKCS7_RECIP_INFO_it                     3097	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_RECIP_INFO_it                     3097	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EXTENDED_KEY_USAGE_it                   3098	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-EXTENDED_KEY_USAGE_it                   3098	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EC_GFp_simple_method                    3099	EXIST::FUNCTION:EC
-EC_GROUP_precompute_mult                3100	EXIST::FUNCTION:EC
-OCSP_request_onereq_get0                3101	EXIST::FUNCTION:
-UI_method_set_writer                    3102	EXIST::FUNCTION:
-KRB5_AUTHENT_new                        3103	EXIST::FUNCTION:
-X509_CRL_INFO_it                        3104	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CRL_INFO_it                        3104	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-DSO_set_name_converter                  3105	EXIST::FUNCTION:
-AES_set_decrypt_key                     3106	EXIST::FUNCTION:AES
-PKCS7_DIGEST_it                         3107	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_DIGEST_it                         3107	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS12_x5092certbag                     3108	EXIST::FUNCTION:
-EVP_DigestInit_ex                       3109	EXIST::FUNCTION:
-i2a_ACCESS_DESCRIPTION                  3110	EXIST::FUNCTION:
-OCSP_RESPONSE_it                        3111	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_RESPONSE_it                        3111	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PKCS7_ENC_CONTENT_it                    3112	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_ENC_CONTENT_it                    3112	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_add0_id                    3113	EXIST::FUNCTION:
-EC_POINT_make_affine                    3114	EXIST::FUNCTION:EC
-DSO_get_filename                        3115	EXIST::FUNCTION:
-OCSP_CERTSTATUS_it                      3116	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CERTSTATUS_it                      3116	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_request_add1_cert                  3117	EXIST::FUNCTION:
-UI_get0_output_string                   3118	EXIST::FUNCTION:
-UI_dup_verify_string                    3119	EXIST::FUNCTION:
-BN_mod_lshift                           3120	EXIST::FUNCTION:
-KRB5_AUTHDATA_it                        3121	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_AUTHDATA_it                        3121	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-asn1_set_choice_selector                3122	EXIST::FUNCTION:
-OCSP_basic_add1_status                  3123	EXIST::FUNCTION:
-OCSP_RESPID_free                        3124	EXIST::FUNCTION:
-asn1_get_field_ptr                      3125	EXIST::FUNCTION:
-UI_add_input_string                     3126	EXIST::FUNCTION:
-OCSP_CRLID_it                           3127	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-OCSP_CRLID_it                           3127	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_KRB5_AUTHENTBODY                    3128	EXIST::FUNCTION:
-OCSP_REQUEST_get_ext_count              3129	EXIST::FUNCTION:
-ENGINE_load_atalla                      3130	EXIST::FUNCTION:ENGINE
-X509_NAME_it                            3131	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_NAME_it                            3131	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-USERNOTICE_it                           3132	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-USERNOTICE_it                           3132	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQINFO_new                        3133	EXIST::FUNCTION:
-OCSP_BASICRESP_get_ext                  3134	EXIST::FUNCTION:
-CRYPTO_get_ex_data_implementation       3135	EXIST:!VMS:FUNCTION:
-CRYPTO_get_ex_data_impl                 3135	EXIST:VMS:FUNCTION:
-ASN1_item_pack                          3136	EXIST::FUNCTION:
-i2d_KRB5_ENCDATA                        3137	EXIST::FUNCTION:
-X509_PURPOSE_set                        3138	EXIST::FUNCTION:
-X509_REQ_INFO_it                        3139	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_REQ_INFO_it                        3139	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-UI_method_set_opener                    3140	EXIST::FUNCTION:
-ASN1_item_ex_free                       3141	EXIST::FUNCTION:
-ASN1_BOOLEAN_it                         3142	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_BOOLEAN_it                         3142	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ENGINE_get_table_flags                  3143	EXIST::FUNCTION:ENGINE
-UI_create_method                        3144	EXIST::FUNCTION:
-OCSP_ONEREQ_add1_ext_i2d                3145	EXIST::FUNCTION:
-_shadow_DES_check_key                   3146	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
-_shadow_DES_check_key                   3146	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
-d2i_OCSP_REQINFO                        3147	EXIST::FUNCTION:
-UI_add_info_string                      3148	EXIST::FUNCTION:
-UI_get_result_minsize                   3149	EXIST::FUNCTION:
-ASN1_NULL_it                            3150	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_NULL_it                            3150	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-BN_mod_lshift1                          3151	EXIST::FUNCTION:
-d2i_OCSP_ONEREQ                         3152	EXIST::FUNCTION:
-OCSP_ONEREQ_new                         3153	EXIST::FUNCTION:
-KRB5_TICKET_it                          3154	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_TICKET_it                          3154	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-EVP_aes_192_cbc                         3155	EXIST::FUNCTION:AES
-KRB5_TICKET_free                        3156	EXIST::FUNCTION:
-UI_new                                  3157	EXIST::FUNCTION:
-OCSP_response_create                    3158	EXIST::FUNCTION:
-_ossl_old_des_xcbc_encrypt              3159	EXIST::FUNCTION:DES
-PKCS7_it                                3160	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PKCS7_it                                3160	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_REQUEST_get_ext_by_critical        3161	EXIST:!VMS:FUNCTION:
-OCSP_REQUEST_get_ext_by_crit            3161	EXIST:VMS:FUNCTION:
-ENGINE_set_flags                        3162	EXIST::FUNCTION:ENGINE
-_ossl_old_des_ecb_encrypt               3163	EXIST::FUNCTION:DES
-OCSP_response_get1_basic                3164	EXIST::FUNCTION:
-EVP_Digest                              3165	EXIST::FUNCTION:
-OCSP_ONEREQ_delete_ext                  3166	EXIST::FUNCTION:
-ASN1_TBOOLEAN_it                        3167	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_TBOOLEAN_it                        3167	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_item_new                           3168	EXIST::FUNCTION:
-ASN1_TIME_to_generalizedtime            3169	EXIST::FUNCTION:
-BIGNUM_it                               3170	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-BIGNUM_it                               3170	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-AES_cbc_encrypt                         3171	EXIST::FUNCTION:AES
-ENGINE_get_load_privkey_function        3172	EXIST:!VMS:FUNCTION:ENGINE
-ENGINE_get_load_privkey_fn              3172	EXIST:VMS:FUNCTION:ENGINE
-OCSP_RESPONSE_free                      3173	EXIST::FUNCTION:
-UI_method_set_reader                    3174	EXIST::FUNCTION:
-i2d_ASN1_T61STRING                      3175	EXIST::FUNCTION:
-EC_POINT_set_to_infinity                3176	EXIST::FUNCTION:EC
-ERR_load_OCSP_strings                   3177	EXIST::FUNCTION:
-EC_POINT_point2oct                      3178	EXIST::FUNCTION:EC
-KRB5_APREQ_free                         3179	EXIST::FUNCTION:
-ASN1_OBJECT_it                          3180	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OBJECT_it                          3180	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_crlID_new                          3181	EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-OCSP_crlID2_new                         3181	EXIST:OS2,VMS,WIN16:FUNCTION:
-CONF_modules_load_file                  3182	EXIST::FUNCTION:
-CONF_imodule_set_usr_data               3183	EXIST::FUNCTION:
-ENGINE_set_default_string               3184	EXIST::FUNCTION:ENGINE
-CONF_module_get_usr_data                3185	EXIST::FUNCTION:
-ASN1_add_oid_module                     3186	EXIST::FUNCTION:
-CONF_modules_finish                     3187	EXIST::FUNCTION:
-OPENSSL_config                          3188	EXIST::FUNCTION:
-CONF_modules_unload                     3189	EXIST::FUNCTION:
-CONF_imodule_get_value                  3190	EXIST::FUNCTION:
-CONF_module_set_usr_data                3191	EXIST::FUNCTION:
-CONF_parse_list                         3192	EXIST::FUNCTION:
-CONF_module_add                         3193	EXIST::FUNCTION:
-CONF_get1_default_config_file           3194	EXIST::FUNCTION:
-CONF_imodule_get_flags                  3195	EXIST::FUNCTION:
-CONF_imodule_get_module                 3196	EXIST::FUNCTION:
-CONF_modules_load                       3197	EXIST::FUNCTION:
-CONF_imodule_get_name                   3198	EXIST::FUNCTION:
-ERR_peek_top_error                      3199	NOEXIST::FUNCTION:
-CONF_imodule_get_usr_data               3200	EXIST::FUNCTION:
-CONF_imodule_set_flags                  3201	EXIST::FUNCTION:
-ENGINE_add_conf_module                  3202	EXIST::FUNCTION:ENGINE
-ERR_peek_last_error_line                3203	EXIST::FUNCTION:
-ERR_peek_last_error_line_data           3204	EXIST::FUNCTION:
-ERR_peek_last_error                     3205	EXIST::FUNCTION:
-DES_read_2passwords                     3206	EXIST::FUNCTION:DES
-DES_read_password                       3207	EXIST::FUNCTION:DES
-UI_UTIL_read_pw                         3208	EXIST::FUNCTION:
-UI_UTIL_read_pw_string                  3209	EXIST::FUNCTION:
-ENGINE_load_aep                         3210	EXIST::FUNCTION:ENGINE
-ENGINE_load_sureware                    3211	EXIST::FUNCTION:ENGINE
-OPENSSL_add_all_algorithms_noconf       3212	EXIST:!VMS:FUNCTION:
-OPENSSL_add_all_algo_noconf             3212	EXIST:VMS:FUNCTION:
-OPENSSL_add_all_algorithms_conf         3213	EXIST:!VMS:FUNCTION:
-OPENSSL_add_all_algo_conf               3213	EXIST:VMS:FUNCTION:
-OPENSSL_load_builtin_modules            3214	EXIST::FUNCTION:
-AES_ofb128_encrypt                      3215	EXIST::FUNCTION:AES
-AES_ctr128_encrypt                      3216	EXIST::FUNCTION:AES
-AES_cfb128_encrypt                      3217	EXIST::FUNCTION:AES
-ENGINE_load_4758cca                     3218	EXIST::FUNCTION:ENGINE
-_ossl_096_des_random_seed               3219	EXIST::FUNCTION:DES
-EVP_aes_256_ofb                         3220	EXIST::FUNCTION:AES
-EVP_aes_192_ofb                         3221	EXIST::FUNCTION:AES
-EVP_aes_128_cfb                         3222	EXIST::FUNCTION:AES
-EVP_aes_256_cfb                         3223	EXIST::FUNCTION:AES
-EVP_aes_128_ofb                         3224	EXIST::FUNCTION:AES
-EVP_aes_192_cfb                         3225	EXIST::FUNCTION:AES
-CONF_modules_free                       3226	EXIST::FUNCTION:
-NCONF_default                           3227	EXIST::FUNCTION:
-OPENSSL_no_config                       3228	EXIST::FUNCTION:
-NCONF_WIN32                             3229	EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_new                3230	EXIST::FUNCTION:
-EVP_des_ede_ecb                         3231	EXIST::FUNCTION:DES
-i2d_ASN1_UNIVERSALSTRING                3232	EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_free               3233	EXIST::FUNCTION:
-ASN1_UNIVERSALSTRING_it                 3234	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_UNIVERSALSTRING_it                 3234	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-d2i_ASN1_UNIVERSALSTRING                3235	EXIST::FUNCTION:
-EVP_des_ede3_ecb                        3236	EXIST::FUNCTION:DES
-X509_REQ_print_ex                       3237	EXIST::FUNCTION:BIO
-ENGINE_up_ref                           3238	EXIST::FUNCTION:ENGINE
-BUF_MEM_grow_clean                      3239	EXIST::FUNCTION:
-CRYPTO_realloc_clean                    3240	EXIST::FUNCTION:
-BUF_strlcat                             3241	EXIST::FUNCTION:
-BIO_indent                              3242	EXIST::FUNCTION:
-BUF_strlcpy                             3243	EXIST::FUNCTION:
-OpenSSLDie                              3244	EXIST::FUNCTION:
-OPENSSL_cleanse                         3245	EXIST::FUNCTION:
diff --git a/crypto/openssl/util/mk1mf.pl b/crypto/openssl/util/mk1mf.pl
deleted file mode 100755
index 936b063ca495..000000000000
--- a/crypto/openssl/util/mk1mf.pl
+++ /dev/null
@@ -1,933 +0,0 @@
-#!/usr/local/bin/perl
-# A bit of an evil hack but it post processes the file ../MINFO which
-# is generated by `make files` in the top directory.
-# This script outputs one mega makefile that has no shell stuff or any
-# funny stuff
-#
-
-$INSTALLTOP="/usr/local/ssl";
-$OPTIONS="";
-$ssl_version="";
-$banner="\t\@echo Building OpenSSL";
-
-open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n";
-while(<IN>) {
-    $ssl_version=$1 if (/^VERSION=(.*)$/);
-    $OPTIONS=$1 if (/^OPTIONS=(.*)$/);
-    $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/);
-}
-close(IN);
-
-die "Makefile.ssl is not the toplevel Makefile!\n" if $ssl_version eq "";
-
-$infile="MINFO";
-
-%ops=(
-	"VC-WIN32",   "Microsoft Visual C++ [4-6] - Windows NT or 9X",
-	"VC-CE",   "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
-	"VC-NT",   "Microsoft Visual C++ [4-6] - Windows NT ONLY",
-	"VC-W31-16",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
-	"VC-WIN16",   "Alias for VC-W31-32",
-	"VC-W31-32",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+",
-	"VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS",
-	"Mingw32", "GNU C++ - Windows NT or 9x",
-	"Mingw32-files", "Create files with DOS copy ...",
-	"BC-NT",   "Borland C++ 4.5 - Windows NT",
-	"BC-W31",  "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
-	"BC-MSDOS","Borland C++ 4.5 - MSDOS",
-	"linux-elf","Linux elf",
-	"ultrix-mips","DEC mips ultrix",
-	"FreeBSD","FreeBSD distribution",
-	"OS2-EMX", "EMX GCC OS/2",
-	"default","cc under unix",
-	);
-
-$platform="";
-foreach (@ARGV)
-	{
-	if (!&read_options && !defined($ops{$_}))
-		{
-		print STDERR "unknown option - $_\n";
-		print STDERR "usage: perl mk1mf.pl [options] [system]\n";
-		print STDERR "\nwhere [system] can be one of the following\n";
-		foreach $i (sort keys %ops)
-		{ printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
-		print STDERR <<"EOF";
-and [options] can be one of
-	no-md2 no-md4 no-md5 no-sha no-mdc2	- Skip this digest
-	no-ripemd
-	no-rc2 no-rc4 no-rc5 no-idea no-des     - Skip this symetric cipher
-	no-bf no-cast no-aes
-	no-rsa no-dsa no-dh			- Skip this public key cipher
-	no-ssl2 no-ssl3				- Skip this version of SSL
-	just-ssl				- remove all non-ssl keys/digest
-	no-asm 					- No x86 asm
-	no-krb5					- No KRB5
-	no-ec					- No EC
-	no-engine				- No engine
-	no-hw					- No hw
-	nasm 					- Use NASM for x86 asm
-	gaswin					- Use GNU as with Mingw32
-	no-socks				- No socket code
-	no-err					- No error strings
-	dll/shlib				- Build shared libraries (MS)
-	debug					- Debug build
-        profile                                 - Profiling build
-	gcc					- Use Gcc (unix)
-
-Values that can be set
-TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
-
--L<ex_lib_path> -l<ex_lib>			- extra library flags (unix)
--<ex_cc_flags>					- extra 'cc' flags,
-						  added (MS), or replace (unix)
-EOF
-		exit(1);
-		}
-	$platform=$_;
-	}
-foreach (grep(!/^$/, split(/ /, $OPTIONS)))
-	{
-	print STDERR "unknown option - $_\n" if !&read_options;
-	}
-
-$no_mdc2=1 if ($no_des);
-
-$no_ssl3=1 if ($no_md5 || $no_sha);
-$no_ssl3=1 if ($no_rsa && $no_dh);
-
-$no_ssl2=1 if ($no_md5);
-$no_ssl2=1 if ($no_rsa);
-
-$out_def="out";
-$inc_def="outinc";
-$tmp_def="tmp";
-
-$mkdir="-mkdir";
-
-($ssl,$crypto)=("ssl","crypto");
-$ranlib="echo ranlib";
-
-$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
-$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
-$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
-
-# $bin_dir.=$o causes a core dump on my sparc :-(
-
-$NT=0;
-
-push(@INC,"util/pl","pl");
-if ($platform eq "VC-MSDOS")
-	{
-	$asmbits=16;
-	$msdos=1;
-	require 'VC-16.pl';
-	}
-elsif ($platform eq "VC-W31-16")
-	{
-	$asmbits=16;
-	$msdos=1; $win16=1;
-	require 'VC-16.pl';
-	}
-elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16"))
-	{
-	$asmbits=32;
-	$msdos=1; $win16=1;
-	require 'VC-16.pl';
-	}
-elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
-	{
-	$NT = 1 if $platform eq "VC-NT";
-	require 'VC-32.pl';
-	}
-elsif ($platform eq "VC-CE")
-	{
-	require 'VC-CE.pl';
-	}
-elsif ($platform eq "Mingw32")
-	{
-	require 'Mingw32.pl';
-	}
-elsif ($platform eq "Mingw32-files")
-	{
-	require 'Mingw32f.pl';
-	}
-elsif ($platform eq "BC-NT")
-	{
-	$bc=1;
-	require 'BC-32.pl';
-	}
-elsif ($platform eq "BC-W31")
-	{
-	$bc=1;
-	$msdos=1; $w16=1;
-	require 'BC-16.pl';
-	}
-elsif ($platform eq "BC-Q16")
-	{
-	$msdos=1; $w16=1; $shlib=0; $qw=1;
-	require 'BC-16.pl';
-	}
-elsif ($platform eq "BC-MSDOS")
-	{
-	$asmbits=16;
-	$msdos=1;
-	require 'BC-16.pl';
-	}
-elsif ($platform eq "FreeBSD")
-	{
-	require 'unix.pl';
-	$cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
-	}
-elsif ($platform eq "linux-elf")
-	{
-	require "unix.pl";
-	require "linux.pl";
-	$unix=1;
-	}
-elsif ($platform eq "ultrix-mips")
-	{
-	require "unix.pl";
-	require "ultrix.pl";
-	$unix=1;
-	}
-elsif ($platform eq "OS2-EMX")
-	{
-	$wc=1;
-	require 'OS2-EMX.pl';
-	}
-else
-	{
-	require "unix.pl";
-
-	$unix=1;
-	$cflags.=' -DTERMIO';
-	}
-
-$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
-$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
-$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
-
-$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
-
-$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
-$cflags.=" -DOPENSSL_NO_AES"  if $no_aes;
-$cflags.=" -DOPENSSL_NO_RC2"  if $no_rc2;
-$cflags.=" -DOPENSSL_NO_RC4"  if $no_rc4;
-$cflags.=" -DOPENSSL_NO_RC5"  if $no_rc5;
-$cflags.=" -DOPENSSL_NO_MD2"  if $no_md2;
-$cflags.=" -DOPENSSL_NO_MD4"  if $no_md4;
-$cflags.=" -DOPENSSL_NO_MD5"  if $no_md5;
-$cflags.=" -DOPENSSL_NO_SHA"  if $no_sha;
-$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
-$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
-$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
-$cflags.=" -DOPENSSL_NO_BF"  if $no_bf;
-$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
-$cflags.=" -DOPENSSL_NO_DES"  if $no_des;
-$cflags.=" -DOPENSSL_NO_RSA"  if $no_rsa;
-$cflags.=" -DOPENSSL_NO_DSA"  if $no_dsa;
-$cflags.=" -DOPENSSL_NO_DH"   if $no_dh;
-$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
-$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
-$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
-$cflags.=" -DOPENSSL_NO_ERR"  if $no_err;
-$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
-$cflags.=" -DOPENSSL_NO_EC"   if $no_ec;
-$cflags.=" -DOPENSSL_NO_ENGINE"   if $no_engine;
-$cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
-#$cflags.=" -DRSAref"  if $rsaref ne "";
-
-## if ($unix)
-##	{ $cflags="$c_flags" if ($c_flags ne ""); }
-##else
-	{ $cflags="$c_flags$cflags" if ($c_flags ne ""); }
-
-$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
-
-%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
-		  "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
-
-if ($msdos)
-	{
-	$banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n";
-	$banner.="\t\@echo top level directory, if you don't have perl, you will\n";
-	$banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
-	$banner.="\t\@echo documentation for details.\n";
-	}
-
-# have to do this to allow $(CC) under unix
-$link="$bin_dir$link" if ($link !~ /^\$/);
-
-$INSTALLTOP =~ s|/|$o|g;
-
-$defs= <<"EOF";
-# This makefile has been automatically generated from the OpenSSL distribution.
-# This single makefile will build the complete OpenSSL distribution and
-# by default leave the 'intertesting' output files in .${o}out and the stuff
-# that needs deleting in .${o}tmp.
-# The file was generated by running 'make makefile.one', which
-# does a 'make files', which writes all the environment variables from all
-# the makefiles to the file call MINFO.  This file is used by
-# util${o}mk1mf.pl to generate makefile.one.
-# The 'makefile per directory' system suites me when developing this
-# library and also so I can 'distribute' indervidual library sections.
-# The one monster makefile better suits building in non-unix
-# environments.
-
-EOF
-
-if ($platform eq "VC-CE")
-	{
-	$defs.= <<"EOF";
-!INCLUDE <\$(WCECOMPAT)/wcedefs.mak>
-
-EOF
-	}
-
-$defs.= <<"EOF";
-INSTALLTOP=$INSTALLTOP
-
-# Set your compiler options
-PLATFORM=$platform
-CC=$bin_dir${cc}
-CFLAG=$cflags
-APP_CFLAG=$app_cflag
-LIB_CFLAG=$lib_cflag
-SHLIB_CFLAG=$shl_cflag
-APP_EX_OBJ=$app_ex_obj
-SHLIB_EX_OBJ=$shlib_ex_obj
-# add extra libraries to this define, for solaris -lsocket -lnsl would
-# be added
-EX_LIBS=$ex_libs
-
-# The OpenSSL directory
-SRC_D=$src_dir
-
-LINK=$link
-LFLAGS=$lflags
-
-BN_ASM_OBJ=$bn_asm_obj
-BN_ASM_SRC=$bn_asm_src
-BNCO_ASM_OBJ=$bnco_asm_obj
-BNCO_ASM_SRC=$bnco_asm_src
-DES_ENC_OBJ=$des_enc_obj
-DES_ENC_SRC=$des_enc_src
-BF_ENC_OBJ=$bf_enc_obj
-BF_ENC_SRC=$bf_enc_src
-CAST_ENC_OBJ=$cast_enc_obj
-CAST_ENC_SRC=$cast_enc_src
-RC4_ENC_OBJ=$rc4_enc_obj
-RC4_ENC_SRC=$rc4_enc_src
-RC5_ENC_OBJ=$rc5_enc_obj
-RC5_ENC_SRC=$rc5_enc_src
-MD5_ASM_OBJ=$md5_asm_obj
-MD5_ASM_SRC=$md5_asm_src
-SHA1_ASM_OBJ=$sha1_asm_obj
-SHA1_ASM_SRC=$sha1_asm_src
-RMD160_ASM_OBJ=$rmd160_asm_obj
-RMD160_ASM_SRC=$rmd160_asm_src
-
-# The output directory for everything intersting
-OUT_D=$out_dir
-# The output directory for all the temporary muck
-TMP_D=$tmp_dir
-# The output directory for the header files
-INC_D=$inc_dir
-INCO_D=$inc_dir${o}openssl
-
-CP=$cp
-RM=$rm
-RANLIB=$ranlib
-MKDIR=$mkdir
-MKLIB=$bin_dir$mklib
-MLFLAGS=$mlflags
-ASM=$bin_dir$asm
-
-######################################################
-# You should not need to touch anything below this point
-######################################################
-
-E_EXE=openssl
-SSL=$ssl
-CRYPTO=$crypto
-
-# BIN_D  - Binary output directory
-# TEST_D - Binary test file output directory
-# LIB_D  - library output directory
-# Note: if you change these point to different directories then uncomment out
-# the lines around the 'NB' comment below.
-# 
-BIN_D=\$(OUT_D)
-TEST_D=\$(OUT_D)
-LIB_D=\$(OUT_D)
-
-# INCL_D - local library directory
-# OBJ_D  - temp object file directory
-OBJ_D=\$(TMP_D)
-INCL_D=\$(TMP_D)
-
-O_SSL=     \$(LIB_D)$o$plib\$(SSL)$shlibp
-O_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
-SO_SSL=    $plib\$(SSL)$so_shlibp
-SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
-L_SSL=     \$(LIB_D)$o$plib\$(SSL)$libp
-L_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$libp
-
-L_LIBS= \$(L_SSL) \$(L_CRYPTO)
-
-######################################################
-# Don't touch anything below this point
-######################################################
-
-INC=-I\$(INC_D) -I\$(INCL_D)
-APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
-LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
-SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
-LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
-
-#############################################
-EOF
-
-$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
-
-banner:
-$banner
-
-\$(TMP_D):
-	\$(MKDIR) \$(TMP_D)
-# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
-#\$(BIN_D):
-#	\$(MKDIR) \$(BIN_D)
-#
-#\$(TEST_D):
-#	\$(MKDIR) \$(TEST_D)
-
-\$(LIB_D):
-	\$(MKDIR) \$(LIB_D)
-
-\$(INCO_D): \$(INC_D)
-	\$(MKDIR) \$(INCO_D)
-
-\$(INC_D):
-	\$(MKDIR) \$(INC_D)
-
-headers: \$(HEADER) \$(EXHEADER)
-	@
-
-lib: \$(LIBS_DEP)
-
-exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
-
-install:
-	\$(MKDIR) \$(INSTALLTOP)
-	\$(MKDIR) \$(INSTALLTOP)${o}bin
-	\$(MKDIR) \$(INSTALLTOP)${o}include
-	\$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl
-	\$(MKDIR) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl
-	\$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
-	\$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib
-
-clean:
-	\$(RM) \$(TMP_D)$o*.*
-
-vclean:
-	\$(RM) \$(TMP_D)$o*.*
-	\$(RM) \$(OUT_D)$o*.*
-
-EOF
-    
-my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
-$platform_cpp_symbol =~ s/-/_/g;
-if (open(IN,"crypto/buildinf.h"))
-	{
-	# Remove entry for this platform in existing file buildinf.h.
-
-	my $old_buildinf_h = "";
-	while (<IN>)
-		{
-		if (/^\#ifdef $platform_cpp_symbol$/)
-			{
-			while (<IN>) { last if (/^\#endif/); }
-			}
-		else
-			{
-			$old_buildinf_h .= $_;
-			}
-		}
-	close(IN);
-
-	open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
-	print OUT $old_buildinf_h;
-	close(OUT);
-	}
-
-open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
-printf OUT <<EOF;
-#ifdef $platform_cpp_symbol
-  /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
-  #define CFLAGS "$cc $cflags"
-  #define PLATFORM "$platform"
-EOF
-printf OUT "  #define DATE \"%s\"\n", scalar gmtime();
-printf OUT "#endif\n";
-close(OUT);
-
-#############################################
-# We parse in input file and 'store' info for later printing.
-open(IN,"<$infile") || die "unable to open $infile:$!\n";
-$_=<IN>;
-for (;;)
-	{
-	chop;
-
-	($key,$val)=/^([^=]+)=(.*)/;
-	if ($key eq "RELATIVE_DIRECTORY")
-		{
-		if ($lib ne "")
-			{
-			$uc=$lib;
-			$uc =~ s/^lib(.*)\.a/$1/;
-			$uc =~ tr/a-z/A-Z/;
-			$lib_nam{$uc}=$uc;
-			$lib_obj{$uc}.=$libobj." ";
-			}
-		last if ($val eq "FINISHED");
-		$lib="";
-		$libobj="";
-		$dir=$val;
-		}
-
-	if ($key eq "TEST")
-		{ $test.=&var_add($dir,$val); }
-
-	if (($key eq "PROGS") || ($key eq "E_OBJ"))
-		{ $e_exe.=&var_add($dir,$val); }
-
-	if ($key eq "LIB")
-		{
-		$lib=$val;
-		$lib =~ s/^.*\/([^\/]+)$/$1/;
-		}
-
-	if ($key eq "EXHEADER")
-		{ $exheader.=&var_add($dir,$val); }
-
-	if ($key eq "HEADER")
-		{ $header.=&var_add($dir,$val); }
-
-	if ($key eq "LIBOBJ")
-		{ $libobj=&var_add($dir,$val); }
-
-	if (!($_=<IN>))
-		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
-	}
-close(IN);
-
-# Strip of trailing ' '
-foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
-$test=&clean_up_ws($test);
-$e_exe=&clean_up_ws($e_exe);
-$exheader=&clean_up_ws($exheader);
-$header=&clean_up_ws($header);
-
-# First we strip the exheaders from the headers list
-foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
-foreach (split(/\s+/,$header))	{ $h.=$_." " unless $h{$_}; }
-chop($h); $header=$h;
-
-$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h");
-$rules.=&do_copy_rule("\$(INCL_D)",$header,".h");
-
-$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h");
-$rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h");
-
-$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
-$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
-
-$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
-$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
-
-foreach (values %lib_nam)
-	{
-	$lib_obj=$lib_obj{$_};
-	local($slib)=$shlib;
-
-	if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
-		{
-		$rules.="\$(O_SSL):\n\n"; 
-		next;
-		}
-
-	if (($bn_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
-		$rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
-		}
-	if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj .= "\$(BNCO_ASM_OBJ)";
-		$rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
-		}
-	if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
-		$lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
-		$rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
-		}
-	if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
-		$rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
-		}
-	if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
-		$rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
-		}
-	if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
-		$rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
-		}
-	if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
-		$rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
-		}
-	if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
-		$rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
-		}
-	if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
-		$rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
-		}
-	if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
-		$rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
-		}
-	$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
-	$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
-	$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
-	}
-
-$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
-foreach (split(/\s+/,$test))
-	{
-	$t=&bname($_);
-	$tt="\$(OBJ_D)${o}$t${obj}";
-	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
-	}
-
-$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
-
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
-
-print $defs;
-
-if ($platform eq "linux-elf") {
-    print <<"EOF";
-# Generate perlasm output files
-%.cpp:
-	(cd \$(\@D)/..; PERL=perl make -f Makefile.ssl asm/\$(\@F))
-EOF
-}
-print "###################################################################\n";
-print $rules;
-
-###############################################
-# strip off any trailing .[och] and append the relative directory
-# also remembering to do nothing if we are in one of the dropped
-# directories
-sub var_add
-	{
-	local($dir,$val)=@_;
-	local(@a,$_,$ret);
-
-	return("") if $no_engine && $dir =~ /\/engine/;
-	return("") if $no_hw   && $dir =~ /\/hw/;
-	return("") if $no_idea && $dir =~ /\/idea/;
-	return("") if $no_aes  && $dir =~ /\/aes/;
-	return("") if $no_rc2  && $dir =~ /\/rc2/;
-	return("") if $no_rc4  && $dir =~ /\/rc4/;
-	return("") if $no_rc5  && $dir =~ /\/rc5/;
-	return("") if $no_rsa  && $dir =~ /\/rsa/;
-	return("") if $no_rsa  && $dir =~ /^rsaref/;
-	return("") if $no_dsa  && $dir =~ /\/dsa/;
-	return("") if $no_dh   && $dir =~ /\/dh/;
-	if ($no_des && $dir =~ /\/des/)
-		{
-		if ($val =~ /read_pwd/)
-			{ return("$dir/read_pwd "); }
-		else
-			{ return(""); }
-		}
-	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
-	return("") if $no_sock && $dir =~ /\/proxy/;
-	return("") if $no_bf   && $dir =~ /\/bf/;
-	return("") if $no_cast && $dir =~ /\/cast/;
-
-	$val =~ s/^\s*(.*)\s*$/$1/;
-	@a=split(/\s+/,$val);
-	grep(s/\.[och]$//,@a);
-
-	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
-	@a=grep(!/^e_.*_d$/,@a) if $no_des;
-	@a=grep(!/^e_.*_ae$/,@a) if $no_idea;
-	@a=grep(!/^e_.*_i$/,@a) if $no_aes;
-	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
-	@a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
-	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
-	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
-	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
-
-	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
-	@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
-
-	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
-
-	@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
-	@a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4;
-	@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
-	@a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd;
-
-	@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
-	@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
-	@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
-
-	@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
-	@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
-
-	@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
-
-	@a=grep(!/_dhp$/,@a) if $no_dh;
-
-	@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
-	@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-	@a=grep(!/_mdc2$/,@a) if $no_mdc2;
-
-	@a=grep(!/^engine$/,@a) if $no_engine;
-	@a=grep(!/^hw$/,@a) if $no_hw;
-	@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
-	@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
-	@a=grep(!/^gendsa$/,@a) if $no_sha1;
-	@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
-
-	@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-
-	grep($_="$dir/$_",@a);
-	@a=grep(!/(^|\/)s_/,@a) if $no_sock;
-	@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
-	$ret=join(' ',@a)." ";
-	return($ret);
-	}
-
-# change things so that each 'token' is only separated by one space
-sub clean_up_ws
-	{
-	local($w)=@_;
-
-	$w =~ s/^\s*(.*)\s*$/$1/;
-	$w =~ s/\s+/ /g;
-	return($w);
-	}
-
-sub do_defs
-	{
-	local($var,$files,$location,$postfix)=@_;
-	local($_,$ret,$pf);
-	local(*OUT,$tmp,$t);
-
-	$files =~ s/\//$o/g if $o ne '/';
-	$ret="$var="; 
-	$n=1;
-	$Vars{$var}.="";
-	foreach (split(/ /,$files))
-		{
-		$orig=$_;
-		$_=&bname($_) unless /^\$/;
-		if ($n++ == 2)
-			{
-			$n=0;
-			$ret.="\\\n\t";
-			}
-		if (($_ =~ /bss_file/) && ($postfix eq ".h"))
-			{ $pf=".c"; }
-		else	{ $pf=$postfix; }
-		if ($_ =~ /BN_ASM/)	{ $t="$_ "; }
-		elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
-		elsif ($_ =~ /DES_ENC/)	{ $t="$_ "; }
-		elsif ($_ =~ /BF_ENC/)	{ $t="$_ "; }
-		elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
-		elsif ($_ =~ /RC4_ENC/)	{ $t="$_ "; }
-		elsif ($_ =~ /RC5_ENC/)	{ $t="$_ "; }
-		elsif ($_ =~ /MD5_ASM/)	{ $t="$_ "; }
-		elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
-		elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
-		else	{ $t="$location${o}$_$pf "; }
-
-		$Vars{$var}.="$t ";
-		$ret.=$t;
-		}
-	chop($ret);
-	$ret.="\n\n";
-	return($ret);
-	}
-
-# return the name with the leading path removed
-sub bname
-	{
-	local($ret)=@_;
-	$ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
-	return($ret);
-	}
-
-
-##############################################################
-# do a rule for each file that says 'compile' to new direcory
-# compile the files in '$files' into $to
-sub do_compile_rule
-	{
-	local($to,$files,$ex)=@_;
-	local($ret,$_,$n);
-	
-	$files =~ s/\//$o/g if $o ne '/';
-	foreach (split(/\s+/,$files))
-		{
-		$n=&bname($_);
-		$ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
-		}
-	return($ret);
-	}
-
-##############################################################
-# do a rule for each file that says 'compile' to new direcory
-sub cc_compile_target
-	{
-	local($target,$source,$ex_flags)=@_;
-	local($ret);
-	
-	$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
-	$target =~ s/\//$o/g if $o ne "/";
-	$source =~ s/\//$o/g if $o ne "/";
-	$ret ="$target: \$(SRC_D)$o$source\n\t";
-	$ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
-	return($ret);
-	}
-
-##############################################################
-sub do_asm_rule
-	{
-	local($target,$src)=@_;
-	local($ret,@s,@t,$i);
-
-	$target =~ s/\//$o/g if $o ne "/";
-	$src =~ s/\//$o/g if $o ne "/";
-
-	@s=split(/\s+/,$src);
-	@t=split(/\s+/,$target);
-
-	for ($i=0; $i<=$#s; $i++)
-		{
-		$ret.="$t[$i]: $s[$i]\n";
-		$ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
-		}
-	return($ret);
-	}
-
-sub do_shlib_rule
-	{
-	local($n,$def)=@_;
-	local($ret,$nn);
-	local($t);
-
-	($nn=$n) =~ tr/a-z/A-Z/;
-	$ret.="$n.dll: \$(${nn}OBJ)\n";
-	if ($vc && $w32)
-		{
-		$ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n  \$(${nn}OBJ_F)\n<<\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-# do a rule for each file that says 'copy' to new direcory on change
-sub do_copy_rule
-	{
-	local($to,$files,$p)=@_;
-	local($ret,$_,$n,$pp);
-	
-	$files =~ s/\//$o/g if $o ne '/';
-	foreach (split(/\s+/,$files))
-		{
-		$n=&bname($_);
-		if ($n =~ /bss_file/)
-			{ $pp=".c"; }
-		else	{ $pp=$p; }
-		$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n";
-		}
-	return($ret);
-	}
-
-sub read_options
-	{
-	if    (/^no-rc2$/)	{ $no_rc2=1; }
-	elsif (/^no-rc4$/)	{ $no_rc4=1; }
-	elsif (/^no-rc5$/)	{ $no_rc5=1; }
-	elsif (/^no-idea$/)	{ $no_idea=1; }
-	elsif (/^no-aes$/)	{ $no_aes=1; }
-	elsif (/^no-des$/)	{ $no_des=1; }
-	elsif (/^no-bf$/)	{ $no_bf=1; }
-	elsif (/^no-cast$/)	{ $no_cast=1; }
-	elsif (/^no-md2$/)  	{ $no_md2=1; }
-	elsif (/^no-md4$/)	{ $no_md4=1; }
-	elsif (/^no-md5$/)	{ $no_md5=1; }
-	elsif (/^no-sha$/)	{ $no_sha=1; }
-	elsif (/^no-sha1$/)	{ $no_sha1=1; }
-	elsif (/^no-ripemd$/)	{ $no_ripemd=1; }
-	elsif (/^no-mdc2$/)	{ $no_mdc2=1; }
-	elsif (/^no-patents$/)	{ $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; }
-	elsif (/^no-rsa$/)	{ $no_rsa=1; }
-	elsif (/^no-dsa$/)	{ $no_dsa=1; }
-	elsif (/^no-dh$/)	{ $no_dh=1; }
-	elsif (/^no-hmac$/)	{ $no_hmac=1; }
-	elsif (/^no-aes$/)	{ $no_aes=1; }
-	elsif (/^no-asm$/)	{ $no_asm=1; }
-	elsif (/^nasm$/)	{ $nasm=1; }
-	elsif (/^gaswin$/)	{ $gaswin=1; }
-	elsif (/^no-ssl2$/)	{ $no_ssl2=1; }
-	elsif (/^no-ssl3$/)	{ $no_ssl3=1; }
-	elsif (/^no-err$/)	{ $no_err=1; }
-	elsif (/^no-sock$/)	{ $no_sock=1; }
-	elsif (/^no-krb5$/)	{ $no_krb5=1; }
-	elsif (/^no-ec$/)	{ $no_ec=1; }
-	elsif (/^no-engine$/)	{ $no_engine=1; }
-	elsif (/^no-hw$/)	{ $no_hw=1; }
-
-	elsif (/^just-ssl$/)	{ $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
-				  $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;
-				  $no_ssl2=$no_err=$no_ripemd=$no_rc5=1;
-				  $no_aes=1; }
-
-	elsif (/^rsaref$/)	{ }
-	elsif (/^gcc$/)		{ $gcc=1; }
-	elsif (/^debug$/)	{ $debug=1; }
-	elsif (/^profile$/)	{ $profile=1; }
-	elsif (/^shlib$/)	{ $shlib=1; }
-	elsif (/^dll$/)		{ $shlib=1; }
-	elsif (/^shared$/)	{ } # We just need to ignore it for now...
-	elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
-	elsif (/^-[lL].*$/)	{ $l_flags.="$_ "; }
-	elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
-		{ $c_flags.="$_ "; }
-	else { return(0); }
-	return(1);
-	}
diff --git a/crypto/openssl/util/mkcerts.sh b/crypto/openssl/util/mkcerts.sh
deleted file mode 100755
index 0184fcb70ece..000000000000
--- a/crypto/openssl/util/mkcerts.sh
+++ /dev/null
@@ -1,220 +0,0 @@
-#!/bin/sh
-
-# This script will re-make all the required certs.
-# cd apps
-# sh ../util/mkcerts.sh
-# mv ca-cert.pem pca-cert.pem ../certs
-# cd ..
-# cat certs/*.pem >>apps/server.pem
-# cat certs/*.pem >>apps/server2.pem
-# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
-# sh tools/c_rehash certs
-#
- 
-CAbits=1024
-SSLEAY="../apps/openssl"
-CONF="-config ../apps/openssl.cnf"
-
-# create pca request.
-echo creating $CAbits bit PCA cert request
-$SSLEAY req $CONF \
-	-new -md5 -newkey $CAbits \
-	-keyout pca-key.pem \
-	-out pca-req.pem -nodes >/dev/null <<EOF
-AU
-Queensland
-.
-CryptSoft Pty Ltd
-.
-Test PCA (1024 bit)
-
-
-
-EOF
-
-if [ $? != 0 ]; then
-	echo problems generating PCA request
-	exit 1
-fi
-
-#sign it.
-echo
-echo self signing PCA
-$SSLEAY x509 -md5 -days 1461 \
-	-req -signkey pca-key.pem \
-	-CAcreateserial -CAserial pca-cert.srl \
-	-in pca-req.pem -out pca-cert.pem
-
-if [ $? != 0 ]; then
-	echo problems self signing PCA cert
-	exit 1
-fi
-echo
-
-# create ca request.
-echo creating $CAbits bit CA cert request
-$SSLEAY req $CONF \
-	-new -md5 -newkey $CAbits \
-	-keyout ca-key.pem \
-	-out ca-req.pem -nodes >/dev/null <<EOF
-AU
-Queensland
-.
-CryptSoft Pty Ltd
-.
-Test CA (1024 bit)
-
-
-
-EOF
-
-if [ $? != 0 ]; then
-	echo problems generating CA request
-	exit 1
-fi
-
-#sign it.
-echo
-echo signing CA
-$SSLEAY x509 -md5 -days 1461 \
-	-req \
-	-CAcreateserial -CAserial pca-cert.srl \
-	-CA pca-cert.pem -CAkey pca-key.pem \
-	-in ca-req.pem -out ca-cert.pem
-
-if [ $? != 0 ]; then
-	echo problems signing CA cert
-	exit 1
-fi
-echo
-
-# create server request.
-echo creating 512 bit server cert request
-$SSLEAY req $CONF \
-	-new -md5 -newkey 512 \
-	-keyout s512-key.pem \
-	-out s512-req.pem -nodes >/dev/null <<EOF
-AU
-Queensland
-.
-CryptSoft Pty Ltd
-.
-Server test cert (512 bit)
-
-
-
-EOF
-
-if [ $? != 0 ]; then
-	echo problems generating 512 bit server cert request
-	exit 1
-fi
-
-#sign it.
-echo
-echo signing 512 bit server cert
-$SSLEAY x509 -md5 -days 365 \
-	-req \
-	-CAcreateserial -CAserial ca-cert.srl \
-	-CA ca-cert.pem -CAkey ca-key.pem \
-	-in s512-req.pem -out server.pem
-
-if [ $? != 0 ]; then
-	echo problems signing 512 bit server cert
-	exit 1
-fi
-echo
-
-# create 1024 bit server request.
-echo creating 1024 bit server cert request
-$SSLEAY req $CONF \
-	-new -md5 -newkey 1024 \
-	-keyout s1024key.pem \
-	-out s1024req.pem -nodes >/dev/null <<EOF
-AU
-Queensland
-.
-CryptSoft Pty Ltd
-.
-Server test cert (1024 bit)
-
-
-
-EOF
-
-if [ $? != 0 ]; then
-	echo problems generating 1024 bit server cert request
-	exit 1
-fi
-
-#sign it.
-echo
-echo signing 1024 bit server cert
-$SSLEAY x509 -md5 -days 365 \
-	-req \
-	-CAcreateserial -CAserial ca-cert.srl \
-	-CA ca-cert.pem -CAkey ca-key.pem \
-	-in s1024req.pem -out server2.pem
-
-if [ $? != 0 ]; then
-	echo problems signing 1024 bit server cert
-	exit 1
-fi
-echo
-
-# create 512 bit client request.
-echo creating 512 bit client cert request
-$SSLEAY req $CONF \
-	-new -md5 -newkey 512 \
-	-keyout c512-key.pem \
-	-out c512-req.pem -nodes >/dev/null <<EOF
-AU
-Queensland
-.
-CryptSoft Pty Ltd
-.
-Client test cert (512 bit)
-
-
-
-EOF
-
-if [ $? != 0 ]; then
-	echo problems generating 512 bit client cert request
-	exit 1
-fi
-
-#sign it.
-echo
-echo signing 512 bit client cert
-$SSLEAY x509 -md5 -days 365 \
-	-req \
-	-CAcreateserial -CAserial ca-cert.srl \
-	-CA ca-cert.pem -CAkey ca-key.pem \
-	-in c512-req.pem -out client.pem
-
-if [ $? != 0 ]; then
-	echo problems signing 512 bit client cert
-	exit 1
-fi
-
-echo cleanup
-
-cat pca-key.pem  >> pca-cert.pem
-cat ca-key.pem   >> ca-cert.pem
-cat s512-key.pem >> server.pem
-cat s1024key.pem >> server2.pem
-cat c512-key.pem >> client.pem
-
-for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
-do
-$SSLEAY x509 -issuer -subject -in $i -noout >$$
-cat $$
-/bin/cat $i >>$$
-/bin/mv $$ $i
-done
-
-#/bin/rm -f *key.pem *req.pem *.srl
-
-echo Finished
-
diff --git a/crypto/openssl/util/mkdef.pl b/crypto/openssl/util/mkdef.pl
deleted file mode 100755
index dacb9565ef8c..000000000000
--- a/crypto/openssl/util/mkdef.pl
+++ /dev/null
@@ -1,1364 +0,0 @@
-#!/usr/local/bin/perl -w
-#
-# generate a .def file
-#
-# It does this by parsing the header files and looking for the
-# prototyped functions: it then prunes the output.
-#
-# Intermediary files are created, call libeay.num and ssleay.num,...
-# Previously, they had the following format:
-#
-#	routine-name	nnnn
-#
-# But that isn't enough for a number of reasons, the first on being that
-# this format is (needlessly) very Win32-centric, and even then...
-# One of the biggest problems is that there's no information about what
-# routines should actually be used, which varies with what crypto algorithms
-# are disabled.  Also, some operating systems (for example VMS with VAX C)
-# need to keep track of the global variables as well as the functions.
-#
-# So, a remake of this script is done so as to include information on the
-# kind of symbol it is (function or variable) and what algorithms they're
-# part of.  This will allow easy translating to .def files or the corresponding
-# file in other operating systems (a .opt file for VMS, possibly with a .mar
-# file).
-#
-# The format now becomes:
-#
-#	routine-name	nnnn	info
-#
-# and the "info" part is actually a colon-separated string of fields with
-# the following meaning:
-#
-#	existence:platform:kind:algorithms
-#
-# - "existence" can be "EXIST" or "NOEXIST" depending on if the symbol is
-#   found somewhere in the source, 
-# - "platforms" is empty if it exists on all platforms, otherwise it contains
-#   comma-separated list of the platform, just as they are if the symbol exists
-#   for those platforms, or prepended with a "!" if not.  This helps resolve
-#   symbol name variants for platforms where the names are too long for the
-#   compiler or linker, or if the systems is case insensitive and there is a
-#   clash, or the symbol is implemented differently (see
-#   EXPORT_VAR_AS_FUNCTION).  This script assumes renaming of symbols is found
-#   in the file crypto/symhacks.h.
-#   The semantics for the platforms is that every item is checked against the
-#   environment.  For the negative items ("!FOO"), if any of them is false
-#   (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
-#   used.  For the positive itms, if all of them are false in the environment,
-#   the corresponding symbol can't be used.  Any combination of positive and
-#   negative items are possible, and of course leave room for some redundancy.
-# - "kind" is "FUNCTION" or "VARIABLE".  The meaning of that is obvious.
-# - "algorithms" is a comma-separated list of algorithm names.  This helps
-#   exclude symbols that are part of an algorithm that some user wants to
-#   exclude.
-#
-
-my $debug=0;
-
-my $crypto_num= "util/libeay.num";
-my $ssl_num=    "util/ssleay.num";
-my $libname;
-
-my $do_update = 0;
-my $do_rewrite = 1;
-my $do_crypto = 0;
-my $do_ssl = 0;
-my $do_ctest = 0;
-my $do_ctestall = 0;
-my $do_checkexist = 0;
-
-my $VMSVAX=0;
-my $VMSAlpha=0;
-my $VMS=0;
-my $W32=0;
-my $W16=0;
-my $NT=0;
-my $OS2=0;
-# Set this to make typesafe STACK definitions appear in DEF
-my $safe_stack_def = 0;
-
-my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
-			"EXPORT_VAR_AS_FUNCTION" );
-my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
-			 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
-			 "RIPEMD",
-			 "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES",
-			 # Envelope "algorithms"
-			 "EVP", "X509", "ASN1_TYPEDEFS",
-			 # Helper "algorithms"
-			 "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
-			 "LOCKING",
-			 # External "algorithms"
-			 "FP_API", "STDIO", "SOCK", "KRB5", "ENGINE", "HW" );
-
-my $options="";
-open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n";
-while(<IN>) {
-    $options=$1 if (/^OPTIONS=(.*)$/);
-}
-close(IN);
-
-# The following ciphers may be excluded (by Configure). This means functions
-# defined with ifndef(NO_XXX) are not included in the .def file, and everything
-# in directory xxx is ignored.
-my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
-my $no_cast;
-my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
-my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
-my $no_ec; my $no_engine; my $no_hw;
-my $no_fp_api;
-
-foreach (@ARGV, split(/ /, $options))
-	{
-	$debug=1 if $_ eq "debug";
-	$W32=1 if $_ eq "32";
-	$W16=1 if $_ eq "16";
-	if($_ eq "NT") {
-		$W32 = 1;
-		$NT = 1;
-	}
-	if ($_ eq "VMS-VAX") {
-		$VMS=1;
-		$VMSVAX=1;
-	}
-	if ($_ eq "VMS-Alpha") {
-		$VMS=1;
-		$VMSAlpha=1;
-	}
-	$VMS=1 if $_ eq "VMS";
-	$OS2=1 if $_ eq "OS2";
-
-	$do_ssl=1 if $_ eq "ssleay";
-	if ($_ eq "ssl") {
-		$do_ssl=1; 
-		$libname=$_
-	}
-	$do_crypto=1 if $_ eq "libeay";
-	if ($_ eq "crypto") {
-		$do_crypto=1;
-		$libname=$_;
-	}
-	$do_update=1 if $_ eq "update";
-	$do_rewrite=1 if $_ eq "rewrite";
-	$do_ctest=1 if $_ eq "ctest";
-	$do_ctestall=1 if $_ eq "ctestall";
-	$do_checkexist=1 if $_ eq "exist";
-	#$safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK";
-
-	if    (/^no-rc2$/)      { $no_rc2=1; }
-	elsif (/^no-rc4$/)      { $no_rc4=1; }
-	elsif (/^no-rc5$/)      { $no_rc5=1; }
-	elsif (/^no-idea$/)     { $no_idea=1; }
-	elsif (/^no-des$/)      { $no_des=1; $no_mdc2=1; }
-	elsif (/^no-bf$/)       { $no_bf=1; }
-	elsif (/^no-cast$/)     { $no_cast=1; }
-	elsif (/^no-md2$/)      { $no_md2=1; }
-	elsif (/^no-md4$/)      { $no_md4=1; }
-	elsif (/^no-md5$/)      { $no_md5=1; }
-	elsif (/^no-sha$/)      { $no_sha=1; }
-	elsif (/^no-ripemd$/)   { $no_ripemd=1; }
-	elsif (/^no-mdc2$/)     { $no_mdc2=1; }
-	elsif (/^no-rsa$/)      { $no_rsa=1; }
-	elsif (/^no-dsa$/)      { $no_dsa=1; }
-	elsif (/^no-dh$/)       { $no_dh=1; }
-	elsif (/^no-ec$/)       { $no_ec=1; }
-	elsif (/^no-hmac$/)	{ $no_hmac=1; }
-	elsif (/^no-aes$/)	{ $no_aes=1; }
-	elsif (/^no-evp$/)	{ $no_evp=1; }
-	elsif (/^no-lhash$/)	{ $no_lhash=1; }
-	elsif (/^no-stack$/)	{ $no_stack=1; }
-	elsif (/^no-err$/)	{ $no_err=1; }
-	elsif (/^no-buffer$/)	{ $no_buffer=1; }
-	elsif (/^no-bio$/)	{ $no_bio=1; }
-	#elsif (/^no-locking$/)	{ $no_locking=1; }
-	elsif (/^no-comp$/)	{ $no_comp=1; }
-	elsif (/^no-dso$/)	{ $no_dso=1; }
-	elsif (/^no-krb5$/)	{ $no_krb5=1; }
-	elsif (/^no-engine$/)	{ $no_engine=1; }
-	elsif (/^no-hw$/)	{ $no_hw=1; }
-	}
-
-
-if (!$libname) { 
-	if ($do_ssl) {
-		$libname="SSLEAY";
-	}
-	if ($do_crypto) {
-		$libname="LIBEAY";
-	}
-}
-
-# If no platform is given, assume WIN32
-if ($W32 + $W16 + $VMS + $OS2 == 0) {
-	$W32 = 1;
-}
-
-# Add extra knowledge
-if ($W16) {
-	$no_fp_api=1;
-}
-
-if (!$do_ssl && !$do_crypto)
-	{
-	print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
-	exit(1);
-	}
-
-%ssl_list=&load_numbers($ssl_num);
-$max_ssl = $max_num;
-%crypto_list=&load_numbers($crypto_num);
-$max_crypto = $max_num;
-
-my $ssl="ssl/ssl.h";
-$ssl.=" ssl/kssl.h";
-
-my $crypto ="crypto/crypto.h";
-$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
-$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
-$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
-$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
-$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
-$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
-$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
-$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
-$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
-$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
-$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
-$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
-$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
-$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
-
-$crypto.=" crypto/bn/bn.h";
-$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
-$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
-$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
-$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
-$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
-
-$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
-$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
-$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
-$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
-$crypto.=" crypto/dso/dso.h" ; # unless $no_dso;
-$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash;
-$crypto.=" crypto/conf/conf.h";
-$crypto.=" crypto/txt_db/txt_db.h";
-
-$crypto.=" crypto/evp/evp.h" ; # unless $no_evp;
-$crypto.=" crypto/objects/objects.h";
-$crypto.=" crypto/pem/pem.h";
-#$crypto.=" crypto/meth/meth.h";
-$crypto.=" crypto/asn1/asn1.h";
-$crypto.=" crypto/asn1/asn1t.h";
-$crypto.=" crypto/asn1/asn1_mac.h";
-$crypto.=" crypto/err/err.h" ; # unless $no_err;
-$crypto.=" crypto/pkcs7/pkcs7.h";
-$crypto.=" crypto/pkcs12/pkcs12.h";
-$crypto.=" crypto/x509/x509.h";
-$crypto.=" crypto/x509/x509_vfy.h";
-$crypto.=" crypto/x509v3/x509v3.h";
-$crypto.=" crypto/rand/rand.h";
-$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
-$crypto.=" crypto/ocsp/ocsp.h";
-$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
-$crypto.=" crypto/krb5/krb5_asn.h";
-$crypto.=" crypto/tmdiff.h";
-
-my $symhacks="crypto/symhacks.h";
-
-my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks);
-my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks);
-
-if ($do_update) {
-
-if ($do_ssl == 1) {
-
-	&maybe_add_info("SSLEAY",*ssl_list,@ssl_symbols);
-	if ($do_rewrite == 1) {
-		open(OUT, ">$ssl_num");
-		&rewrite_numbers(*OUT,"SSLEAY",*ssl_list,@ssl_symbols);
-	} else {
-		open(OUT, ">>$ssl_num");
-	}
-	&update_numbers(*OUT,"SSLEAY",*ssl_list,$max_ssl,@ssl_symbols);
-	close OUT;
-}
-
-if($do_crypto == 1) {
-
-	&maybe_add_info("LIBEAY",*crypto_list,@crypto_symbols);
-	if ($do_rewrite == 1) {
-		open(OUT, ">$crypto_num");
-		&rewrite_numbers(*OUT,"LIBEAY",*crypto_list,@crypto_symbols);
-	} else {
-		open(OUT, ">>$crypto_num");
-	}
-	&update_numbers(*OUT,"LIBEAY",*crypto_list,$max_crypto,@crypto_symbols);
-	close OUT;
-} 
-
-} elsif ($do_checkexist) {
-	&check_existing(*ssl_list, @ssl_symbols)
-		if $do_ssl == 1;
-	&check_existing(*crypto_list, @crypto_symbols)
-		if $do_crypto == 1;
-} elsif ($do_ctest || $do_ctestall) {
-
-	print <<"EOF";
-
-/* Test file to check all DEF file symbols are present by trying
- * to link to all of them. This is *not* intended to be run!
- */
-
-int main()
-{
-EOF
-	&print_test_file(*STDOUT,"SSLEAY",*ssl_list,$do_ctestall,@ssl_symbols)
-		if $do_ssl == 1;
-
-	&print_test_file(*STDOUT,"LIBEAY",*crypto_list,$do_ctestall,@crypto_symbols)
-		if $do_crypto == 1;
-
-	print "}\n";
-
-} else {
-
-	&print_def_file(*STDOUT,$libname,*ssl_list,@ssl_symbols)
-		if $do_ssl == 1;
-
-	&print_def_file(*STDOUT,$libname,*crypto_list,@crypto_symbols)
-		if $do_crypto == 1;
-
-}
-
-
-sub do_defs
-{
-	my($name,$files,$symhacksfile)=@_;
-	my $file;
-	my @ret;
-	my %syms;
-	my %platform;		# For anything undefined, we assume ""
-	my %kind;		# For anything undefined, we assume "FUNCTION"
-	my %algorithm;		# For anything undefined, we assume ""
-	my %variant;
-	my %variant_cnt;	# To be able to allocate "name{n}" if "name"
-				# is the same name as the original.
-	my $cpp;
-	my %unknown_algorithms = ();
-
-	foreach $file (split(/\s+/,$symhacksfile." ".$files))
-		{
-		print STDERR "DEBUG: starting on $file:\n" if $debug;
-		open(IN,"<$file") || die "unable to open $file:$!\n";
-		my $line = "", my $def= "";
-		my %tag = (
-			(map { $_ => 0 } @known_platforms),
-			(map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms),
-			(map { "OPENSSL_NO_".$_ => 0 } @known_algorithms),
-			NOPROTO		=> 0,
-			PERL5		=> 0,
-			_WINDLL		=> 0,
-			CONST_STRICT	=> 0,
-			TRUE		=> 1,
-		);
-		my $symhacking = $file eq $symhacksfile;
-		my @current_platforms = ();
-		my @current_algorithms = ();
-
-		# params: symbol, alias, platforms, kind
-		# The reason to put this subroutine in a variable is that
-		# it will otherwise create it's own, unshared, version of
-		# %tag and %variant...
-		my $make_variant = sub
-		{
-			my ($s, $a, $p, $k) = @_;
-			my ($a1, $a2);
-
-			print STDERR "DEBUG: make_variant: Entered with ",$s,", ",$a,", ",(defined($p)?$p:""),", ",(defined($k)?$k:""),"\n" if $debug;
-			if (defined($p))
-			{
-				$a1 = join(",",$p,
-					   grep(!/^$/,
-						map { $tag{$_} == 1 ? $_ : "" }
-						@known_platforms));
-			}
-			else
-			{
-				$a1 = join(",",
-					   grep(!/^$/,
-						map { $tag{$_} == 1 ? $_ : "" }
-						@known_platforms));
-			}
-			$a2 = join(",",
-				   grep(!/^$/,
-					map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : "" }
-					@known_ossl_platforms));
-			print STDERR "DEBUG: make_variant: a1 = $a1; a2 = $a2\n" if $debug;
-			if ($a1 eq "") { $a1 = $a2; }
-			elsif ($a1 ne "" && $a2 ne "") { $a1 .= ",".$a2; }
-			if ($a eq $s)
-			{
-				if (!defined($variant_cnt{$s}))
-				{
-					$variant_cnt{$s} = 0;
-				}
-				$variant_cnt{$s}++;
-				$a .= "{$variant_cnt{$s}}";
-			}
-			my $toadd = $a.":".$a1.(defined($k)?":".$k:"");
-			my $togrep = $s.'(\{[0-9]+\})?:'.$a1.(defined($k)?":".$k:"");
-			if (!grep(/^$togrep$/,
-				  split(/;/, defined($variant{$s})?$variant{$s}:""))) {
-				if (defined($variant{$s})) { $variant{$s} .= ";"; }
-				$variant{$s} .= $toadd;
-			}
-			print STDERR "DEBUG: make_variant: Exit with variant of ",$s," = ",$variant{$s},"\n" if $debug;
-		};
-
-		print STDERR "DEBUG: parsing ----------\n" if $debug;
-		while(<IN>) {
-			last if (/\/\* Error codes for the \w+ functions\. \*\//);
-			if ($line ne '') {
-				$_ = $line . $_;
-				$line = '';
-			}
-
-			if (/\\$/) {
-				chomp; # remove eol
-				chop; # remove ending backslash
-				$line = $_;
-				next;
-			}
-
-	    		$cpp = 1 if /^\#.*ifdef.*cplusplus/;
-			if ($cpp) {
-				$cpp = 0 if /^\#.*endif/;
-				next;
-	    		}
-
-			s/\/\*.*?\*\///gs;                   # ignore comments
-			s/{[^{}]*}//gs;                      # ignore {} blocks
-			print STDERR "DEBUG: \$_=\"$_\"\n" if $debug;
-			if (/^\#\s*ifndef\s+(.*)/) {
-				push(@tag,"-");
-				push(@tag,$1);
-				$tag{$1}=-1;
-				print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
-			} elsif (/^\#\s*if\s+!defined\(([^\)]+)\)/) {
-				push(@tag,"-");
-				if (/^\#\s*if\s+(!defined\(([^\)]+)\)(\s+\&\&\s+!defined\(([^\)]+)\))*)$/) {
-					my $tmp_1 = $1;
-					my $tmp_;
-					foreach $tmp_ (split '\&\&',$tmp_1) {
-						$tmp_ =~ /!defined\(([^\)]+)\)/;
-						print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
-						push(@tag,$1);
-						$tag{$1}=-1;
-					}
-				} else {
-					print STDERR "Warning: $file: complicated expression: $_" if $debug; # because it is O...
-					print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
-					push(@tag,$1);
-					$tag{$1}=-1;
-				}
-			} elsif (/^\#\s*ifdef\s+(.*)/) {
-				push(@tag,"-");
-				push(@tag,$1);
-				$tag{$1}=1;
-				print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
-			} elsif (/^\#\s*if\s+defined\(([^\)]+)\)/) {
-				push(@tag,"-");
-				if (/^\#\s*if\s+(defined\(([^\)]+)\)(\s+\|\|\s+defined\(([^\)]+)\))*)$/) {
-					my $tmp_1 = $1;
-					my $tmp_;
-					foreach $tmp_ (split '\|\|',$tmp_1) {
-						$tmp_ =~ /defined\(([^\)]+)\)/;
-						print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
-						push(@tag,$1);
-						$tag{$1}=1;
-					}
-				} else {
-					print STDERR "Warning: $file: complicated expression: $_\n" if $debug; # because it is O...
-					print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
-					push(@tag,$1);
-					$tag{$1}=1;
-				}
-			} elsif (/^\#\s*error\s+(\w+) is disabled\./) {
-				my $tag_i = $#tag;
-				while($tag[$tag_i] ne "-") {
-					if ($tag[$tag_i] eq "OPENSSL_NO_".$1) {
-						$tag{$tag[$tag_i]}=2;
-						print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
-					}
-					$tag_i--;
-				}
-			} elsif (/^\#\s*endif/) {
-				my $tag_i = $#tag;
-				while($tag[$tag_i] ne "-") {
-					my $t=$tag[$tag_i];
-					print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
-					if ($tag{$t}==2) {
-						$tag{$t}=-1;
-					} else {
-						$tag{$t}=0;
-					}
-					print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
-					pop(@tag);
-					if ($t =~ /^OPENSSL_NO_([A-Z0-9_]+)$/) {
-						$t=$1;
-					} else {
-						$t="";
-					}
-					if ($t ne ""
-					    && !grep(/^$t$/, @known_algorithms)) {
-						$unknown_algorithms{$t} = 1;
-						#print STDERR "DEBUG: Added as unknown algorithm: $t\n" if $debug;
-					}
-					$tag_i--;
-				}
-				pop(@tag);
-			} elsif (/^\#\s*else/) {
-				my $tag_i = $#tag;
-				while($tag[$tag_i] ne "-") {
-					my $t=$tag[$tag_i];
-					$tag{$t}= -$tag{$t};
-					print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
-					$tag_i--;
-				}
-			} elsif (/^\#\s*if\s+1/) {
-				push(@tag,"-");
-				# Dummy tag
-				push(@tag,"TRUE");
-				$tag{"TRUE"}=1;
-				print STDERR "DEBUG: $file: found 1\n" if $debug;
-			} elsif (/^\#\s*if\s+0/) {
-				push(@tag,"-");
-				# Dummy tag
-				push(@tag,"TRUE");
-				$tag{"TRUE"}=-1;
-				print STDERR "DEBUG: $file: found 0\n" if $debug;
-			} elsif (/^\#\s*define\s+(\w+)\s+(\w+)/
-				 && $symhacking && $tag{'TRUE'} != -1) {
-				# This is for aliasing.  When we find an alias,
-				# we have to invert
-				&$make_variant($1,$2);
-				print STDERR "DEBUG: $file: defined $1 = $2\n" if $debug;
-			}
-			if (/^\#/) {
-				@current_platforms =
-				    grep(!/^$/,
-					 map { $tag{$_} == 1 ? $_ :
-						   $tag{$_} == -1 ? "!".$_  : "" }
-					 @known_platforms);
-				push @current_platforms
-				    , grep(!/^$/,
-					   map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ :
-						     $tag{"OPENSSL_SYS_".$_} == -1 ? "!".$_  : "" }
-					   @known_ossl_platforms);
-				@current_algorithms =
-				    grep(!/^$/,
-					 map { $tag{"OPENSSL_NO_".$_} == -1 ? $_ : "" }
-					 @known_algorithms);
-				$def .=
-				    "#INFO:"
-					.join(',',@current_platforms).":"
-					    .join(',',@current_algorithms).";";
-				next;
-			}
-			if ($tag{'TRUE'} != -1) {
-				if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
-					next;
-				} elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
-					$def .= "int d2i_$3(void);";
-					$def .= "int i2d_$3(void);";
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $2_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$2_it","$2_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS_fname\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
-					$def .= "int d2i_$3(void);";
-					$def .= "int i2d_$3(void);";
-					$def .= "int $3_free(void);";
-					$def .= "int $3_new(void);";
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $2_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$2_it","$2_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS\s*\(\s*(\w*)\s*\)/ ||
-					 /^\s*DECLARE_ASN1_FUNCTIONS_const\s*\(\s*(\w*)\s*\)/) {
-					$def .= "int d2i_$1(void);";
-					$def .= "int i2d_$1(void);";
-					$def .= "int $1_free(void);";
-					$def .= "int $1_new(void);";
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $1_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$1_it","$1_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS_const\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
-					$def .= "int d2i_$2(void);";
-					$def .= "int i2d_$2(void);";
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $2_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$2_it","$2_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
-					$def .= "int d2i_$2(void);";
-					$def .= "int i2d_$2(void);";
-					$def .= "int $2_free(void);";
-					$def .= "int $2_new(void);";
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $2_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$2_it","$2_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_ITEM\s*\(\s*(\w*)\s*\)/) {
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int $1_it;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("$1_it","$1_it",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-					next;
-				} elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
-					next;
-				} elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) {
-					next;
-				} elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
-					 /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) {
-					# Things not in Win16
-					$def .=
-					    "#INFO:"
-						.join(',',"!WIN16",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "int PEM_read_$1(void);";
-					$def .= "int PEM_write_$1(void);";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Things that are everywhere
-					$def .= "int PEM_read_bio_$1(void);";
-					$def .= "int PEM_write_bio_$1(void);";
-					next;
-				} elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
-					 /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
-					# Things not in Win16
-					$def .=
-					    "#INFO:"
-						.join(',',"!WIN16",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "int PEM_write_$1(void);";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Things that are everywhere
-					$def .= "int PEM_write_bio_$1(void);";
-					next;
-				} elsif (/^DECLARE_PEM_read\s*\(\s*(\w*)\s*,/ ||
-					 /^DECLARE_PEM_read_cb\s*\(\s*(\w*)\s*,/ ) {
-					# Things not in Win16
-					$def .=
-					    "#INFO:"
-						.join(',',"!WIN16",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "int PEM_read_$1(void);";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Things that are everywhere
-					$def .= "int PEM_read_bio_$1(void);";
-					next;
-				} elsif (/^OPENSSL_DECLARE_GLOBAL\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
-					# Variant for platforms that do not
-					# have to access globale variables
-					# in shared libraries through functions
-					$def .=
-					    "#INFO:"
-						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					$def .= "OPENSSL_EXTERN int _shadow_$2;";
-					$def .=
-					    "#INFO:"
-						.join(',',@current_platforms).":"
-						    .join(',',@current_algorithms).";";
-					# Variant for platforms that have to
-					# access globale variables in shared
-					# libraries through functions
-					&$make_variant("_shadow_$2","_shadow_$2",
-						      "EXPORT_VAR_AS_FUNCTION",
-						      "FUNCTION");
-				} elsif ($tag{'CONST_STRICT'} != 1) {
-					if (/\{|\/\*|\([^\)]*$/) {
-						$line = $_;
-					} else {
-						$def .= $_;
-					}
-				}
-			}
-		}
-		close(IN);
-
-		my $algs;
-		my $plays;
-
-		print STDERR "DEBUG: postprocessing ----------\n" if $debug;
-		foreach (split /;/, $def) {
-			my $s; my $k = "FUNCTION"; my $p; my $a;
-			s/^[\n\s]*//g;
-			s/[\n\s]*$//g;
-			next if(/\#undef/);
-			next if(/typedef\W/);
-			next if(/\#define/);
-
-			print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
-			if (/^\#INFO:([^:]*):(.*)$/) {
-				$plats = $1;
-				$algs = $2;
-				print STDERR "DEBUG: found info on platforms ($plats) and algorithms ($algs)\n" if $debug;
-				next;
-			} elsif (/^\s*OPENSSL_EXTERN\s.*?(\w+(\{[0-9]+\})?)(\[[0-9]*\])*\s*$/) {
-				$s = $1;
-				$k = "VARIABLE";
-				print STDERR "DEBUG: found external variable $s\n" if $debug;
-			} elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) {
-				$s = $1;
-				print STDERR "DEBUG: found ANSI C function $s\n" if $debug;
-			} elsif (/\w+\W+(\w+)\W*\(\s*\)$/s) {
-				# K&R C
-				print STDERR "DEBUG: found K&R C function $s\n" if $debug;
-				next;
-			} elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)$/s) {
-				while (not /\(\)$/s) {
-					s/[^\(\)]*\)$/\)/s;
-					s/\([^\(\)]*\)\)$/\)/s;
-				}
-				s/\(void\)//;
-				/(\w+(\{[0-9]+\})?)\W*\(\)/s;
-				$s = $1;
-				print STDERR "DEBUG: found function $s\n" if $debug;
-			} elsif (/\(/ and not (/=/)) {
-				print STDERR "File $file: cannot parse: $_;\n";
-				next;
-			} else {
-				next;
-			}
-
-			$syms{$s} = 1;
-			$kind{$s} = $k;
-
-			$p = $plats;
-			$a = $algs;
-			$a .= ",BF" if($s =~ /EVP_bf/);
-			$a .= ",CAST" if($s =~ /EVP_cast/);
-			$a .= ",DES" if($s =~ /EVP_des/);
-			$a .= ",DSA" if($s =~ /EVP_dss/);
-			$a .= ",IDEA" if($s =~ /EVP_idea/);
-			$a .= ",MD2" if($s =~ /EVP_md2/);
-			$a .= ",MD4" if($s =~ /EVP_md4/);
-			$a .= ",MD5" if($s =~ /EVP_md5/);
-			$a .= ",RC2" if($s =~ /EVP_rc2/);
-			$a .= ",RC4" if($s =~ /EVP_rc4/);
-			$a .= ",RC5" if($s =~ /EVP_rc5/);
-			$a .= ",RIPEMD" if($s =~ /EVP_ripemd/);
-			$a .= ",SHA" if($s =~ /EVP_sha/);
-			$a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/);
-			$a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
-			$a .= ",RSA" if($s =~ /RSAPrivateKey/);
-			$a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
-
-			$platform{$s} =
-			    &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
-			$algorithm{$s} .= ','.$a;
-
-			if (defined($variant{$s})) {
-				foreach $v (split /;/,$variant{$s}) {
-					(my $r, my $p, my $k) = split(/:/,$v);
-					my $ip = join ',',map({ /^!(.*)$/ ? $1 : "!".$_ } split /,/, $p);
-					$syms{$r} = 1;
-					if (!defined($k)) { $k = $kind{$s}; }
-					$kind{$r} = $k."(".$s.")";
-					$algorithm{$r} = $algorithm{$s};
-					$platform{$r} = &reduce_platforms($platform{$s}.",".$p.",".$p);
-					$platform{$s} = &reduce_platforms($platform{$s}.','.$ip.','.$ip);
-					print STDERR "DEBUG: \$variant{\"$s\"} = ",$v,"; \$r = $r; \$p = ",$platform{$r},"; \$a = ",$algorithm{$r},"; \$kind = ",$kind{$r},"\n" if $debug;
-				}
-			}
-			print STDERR "DEBUG: \$s = $s; \$p = ",$platform{$s},"; \$a = ",$algorithm{$s},"; \$kind = ",$kind{$s},"\n" if $debug;
-		}
-	}
-
-	# Prune the returned symbols
-
-        delete $syms{"bn_dump1"};
-	$platform{"BIO_s_log"} .= ",!WIN32,!WIN16,!macintosh";
-
-	$platform{"PEM_read_NS_CERT_SEQ"} = "VMS";
-	$platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
-	$platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
-	$platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
-
-	# Info we know about
-
-	push @ret, map { $_."\\".&info_string($_,"EXIST",
-					      $platform{$_},
-					      $kind{$_},
-					      $algorithm{$_}) } keys %syms;
-
-	if (keys %unknown_algorithms) {
-		print STDERR "WARNING: mkdef.pl doesn't know the following algorithms:\n";
-		print STDERR "\t",join("\n\t",keys %unknown_algorithms),"\n";
-	}
-	return(@ret);
-}
-
-# Param: string of comma-separated platform-specs.
-sub reduce_platforms
-{
-	my ($platforms) = @_;
-	my $pl = defined($platforms) ? $platforms : "";
-	my %p = map { $_ => 0 } split /,/, $pl;
-	my $ret;
-
-	print STDERR "DEBUG: Entered reduce_platforms with \"$platforms\"\n"
-	    if $debug;
-	# We do this, because if there's code like the following, it really
-	# means the function exists in all cases and should therefore be
-	# everywhere.  By increasing and decreasing, we may attain 0:
-	#
-	# ifndef WIN16
-	#    int foo();
-	# else
-	#    int _fat foo();
-	# endif
-	foreach $platform (split /,/, $pl) {
-		if ($platform =~ /^!(.*)$/) {
-			$p{$1}--;
-		} else {
-			$p{$platform}++;
-		}
-	}
-	foreach $platform (keys %p) {
-		if ($p{$platform} == 0) { delete $p{$platform}; }
-	}
-
-	delete $p{""};
-
-	$ret = join(',',sort(map { $p{$_} < 0 ? "!".$_ : $_ } keys %p));
-	print STDERR "DEBUG: Exiting reduce_platforms with \"$ret\"\n"
-	    if $debug;
-	return $ret;
-}
-
-sub info_string {
-	(my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_;
-
-	my %a = defined($algorithms) ?
-	    map { $_ => 1 } split /,/, $algorithms : ();
-	my $k = defined($kind) ? $kind : "FUNCTION";
-	my $ret;
-	my $p = &reduce_platforms($platforms);
-
-	delete $a{""};
-
-	$ret = $exist;
-	$ret .= ":".$p;
-	$ret .= ":".$k;
-	$ret .= ":".join(',',sort keys %a);
-	return $ret;
-}
-
-sub maybe_add_info {
-	(my $name, *nums, my @symbols) = @_;
-	my $sym;
-	my $new_info = 0;
-	my %syms=();
-
-	print STDERR "Updating $name info\n";
-	foreach $sym (@symbols) {
-		(my $s, my $i) = split /\\/, $sym;
-		if (defined($nums{$s})) {
-			$i =~ s/^(.*?:.*?:\w+)(\(\w+\))?/$1/;
-			(my $n, my $dummy) = split /\\/, $nums{$s};
-			if (!defined($dummy) || $i ne $dummy) {
-				$nums{$s} = $n."\\".$i;
-				$new_info++;
-				print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n" if $debug;
-			}
-		}
-		$syms{$s} = 1;
-	}
-
-	my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums;
-	foreach $sym (@s) {
-		(my $n, my $i) = split /\\/, $nums{$sym};
-		if (!defined($syms{$sym}) && $i !~ /^NOEXIST:/) {
-			$new_info++;
-			print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n" if $debug;
-		}
-	}
-	if ($new_info) {
-		print STDERR "$new_info old symbols got an info update\n";
-		if (!$do_rewrite) {
-			print STDERR "You should do a rewrite to fix this.\n";
-		}
-	} else {
-		print STDERR "No old symbols needed info update\n";
-	}
-}
-
-# Param: string of comma-separated keywords, each possibly prefixed with a "!"
-sub is_valid
-{
-	my ($keywords_txt,$platforms) = @_;
-	my (@keywords) = split /,/,$keywords_txt;
-	my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords));
-
-	# Param: one keyword
-	sub recognise
-	{
-		my ($keyword,$platforms) = @_;
-
-		if ($platforms) {
-			# platforms
-			if ($keyword eq "VMS" && $VMS) { return 1; }
-			if ($keyword eq "WIN32" && $W32) { return 1; }
-			if ($keyword eq "WIN16" && $W16) { return 1; }
-			if ($keyword eq "WINNT" && $NT) { return 1; }
-			if ($keyword eq "OS2" && $OS2) { return 1; }
-			# Special platforms:
-			# EXPORT_VAR_AS_FUNCTION means that global variables
-			# will be represented as functions.  This currently
-			# only happens on VMS-VAX.
-			if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
-				return 1;
-			}
-			return 0;
-		} else {
-			# algorithms
-			if ($keyword eq "RC2" && $no_rc2) { return 0; }
-			if ($keyword eq "RC4" && $no_rc4) { return 0; }
-			if ($keyword eq "RC5" && $no_rc5) { return 0; }
-			if ($keyword eq "IDEA" && $no_idea) { return 0; }
-			if ($keyword eq "DES" && $no_des) { return 0; }
-			if ($keyword eq "BF" && $no_bf) { return 0; }
-			if ($keyword eq "CAST" && $no_cast) { return 0; }
-			if ($keyword eq "MD2" && $no_md2) { return 0; }
-			if ($keyword eq "MD4" && $no_md4) { return 0; }
-			if ($keyword eq "MD5" && $no_md5) { return 0; }
-			if ($keyword eq "SHA" && $no_sha) { return 0; }
-			if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
-			if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
-			if ($keyword eq "RSA" && $no_rsa) { return 0; }
-			if ($keyword eq "DSA" && $no_dsa) { return 0; }
-			if ($keyword eq "DH" && $no_dh) { return 0; }
-			if ($keyword eq "EC" && $no_ec) { return 0; }
-			if ($keyword eq "HMAC" && $no_hmac) { return 0; }
-			if ($keyword eq "AES" && $no_aes) { return 0; }
-			if ($keyword eq "EVP" && $no_evp) { return 0; }
-			if ($keyword eq "LHASH" && $no_lhash) { return 0; }
-			if ($keyword eq "STACK" && $no_stack) { return 0; }
-			if ($keyword eq "ERR" && $no_err) { return 0; }
-			if ($keyword eq "BUFFER" && $no_buffer) { return 0; }
-			if ($keyword eq "BIO" && $no_bio) { return 0; }
-			if ($keyword eq "COMP" && $no_comp) { return 0; }
-			if ($keyword eq "DSO" && $no_dso) { return 0; }
-			if ($keyword eq "KRB5" && $no_krb5) { return 0; }
-			if ($keyword eq "ENGINE" && $no_engine) { return 0; }
-			if ($keyword eq "HW" && $no_hw) { return 0; }
-			if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
-
-			# Nothing recognise as true
-			return 1;
-		}
-	}
-
-	foreach $k (@keywords) {
-		if ($k =~ /^!(.*)$/) {
-			$falsesum += &recognise($1,$platforms);
-		} else {
-			$truesum += &recognise($k,$platforms);
-		}
-	}
-	print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
-	return (!$falsesum) && $truesum;
-}
-
-sub print_test_file
-{
-	(*OUT,my $name,*nums,my $testall,my @symbols)=@_;
-	my $n = 1; my @e; my @r;
-	my $sym; my $prev = ""; my $prefSSLeay;
-
-	(@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols);
-	(@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:.*/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols);
-	@symbols=((sort @e),(sort @r));
-
-	foreach $sym (@symbols) {
-		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
-		my $v = 0;
-		$v = 1 if $i=~ /^.*?:.*?:VARIABLE/;
-		my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
-		my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
-		if (!defined($nums{$s})) {
-			print STDERR "Warning: $s does not have a number assigned\n"
-			    if(!$do_update);
-		} elsif (is_valid($p,1) && is_valid($a,0)) {
-			my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
-			if ($prev eq $s2) {
-				print OUT "\t/* The following has already appeared previously */\n";
-				print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
-			}
-			$prev = $s2;	# To warn about duplicates...
-
-			($nn,$ni)=($nums{$s2} =~ /^(.*?)\\(.*)$/);
-			if ($v) {
-				print OUT "\textern int $s2; /* type unknown */ /* $nn $ni */\n";
-			} else {
-				print OUT "\textern int $s2(); /* type unknown */ /* $nn $ni */\n";
-			}
-		}
-	}
-}
-
-sub print_def_file
-{
-	(*OUT,my $name,*nums,my @symbols)=@_;
-	my $n = 1; my @e; my @r; my @v; my $prev="";
-	my $liboptions="";
-
-	if ($W32)
-		{ $name.="32"; }
-	elsif ($W16)
-		{ $name.="16"; }
-	elsif ($OS2)
-		{ $liboptions = "INITINSTANCE\nDATA NONSHARED"; }
-
-	print OUT <<"EOF";
-;
-; Definition file for the DLL version of the $name library from OpenSSL
-;
-
-LIBRARY         $name	$liboptions
-
-DESCRIPTION     'OpenSSL $name - http://www.openssl.org/'
-
-EOF
-
-	if ($W16) {
-		print <<"EOF";
-CODE            PRELOAD MOVEABLE
-DATA            PRELOAD MOVEABLE SINGLE
-
-EXETYPE		WINDOWS
-
-HEAPSIZE	4096
-STACKSIZE	8192
-
-EOF
-	}
-
-	print "EXPORTS\n";
-
-	(@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols);
-	(@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:FUNCTION/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols);
-	(@v)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:VARIABLE/,@symbols);
-	@symbols=((sort @e),(sort @r), (sort @v));
-
-
-	foreach $sym (@symbols) {
-		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
-		my $v = 0;
-		$v = 1 if $i =~ /^.*?:.*?:VARIABLE/;
-		if (!defined($nums{$s})) {
-			printf STDERR "Warning: $s does not have a number assigned\n"
-			    if(!$do_update);
-		} else {
-			(my $n, my $dummy) = split /\\/, $nums{$s};
-			my %pf = ();
-			my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
-			my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
-			if (is_valid($p,1) && is_valid($a,0)) {
-				my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
-				if ($prev eq $s2) {
-					print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
-				}
-				$prev = $s2;	# To warn about duplicates...
-				if($v && !$OS2) {
-					printf OUT "    %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
-				} else {
-					printf OUT "    %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
-				}
-			}
-		}
-	}
-	printf OUT "\n";
-}
-
-sub load_numbers
-{
-	my($name)=@_;
-	my(@a,%ret);
-
-	$max_num = 0;
-	$num_noinfo = 0;
-	$prev = "";
-	$prev_cnt = 0;
-
-	open(IN,"<$name") || die "unable to open $name:$!\n";
-	while (<IN>) {
-		chop;
-		s/#.*$//;
-		next if /^\s*$/;
-		@a=split;
-		if (defined $ret{$a[0]}) {
-			# This is actually perfectly OK
-			#print STDERR "Warning: Symbol '",$a[0],"' redefined. old=",$ret{$a[0]},", new=",$a[1],"\n";
-		}
-		if ($max_num > $a[1]) {
-			print STDERR "Warning: Number decreased from ",$max_num," to ",$a[1],"\n";
-		}
-		elsif ($max_num == $a[1]) {
-			# This is actually perfectly OK
-			#print STDERR "Warning: Symbol ",$a[0]," has same number as previous ",$prev,": ",$a[1],"\n";
-			if ($a[0] eq $prev) {
-				$prev_cnt++;
-				$a[0] .= "{$prev_cnt}";
-			}
-		}
-		else {
-			$prev_cnt = 0;
-		}
-		if ($#a < 2) {
-			# Existence will be proven later, in do_defs
-			$ret{$a[0]}=$a[1];
-			$num_noinfo++;
-		} else {
-			$ret{$a[0]}=$a[1]."\\".$a[2]; # \\ is a special marker
-		}
-		$max_num = $a[1] if $a[1] > $max_num;
-		$prev=$a[0];
-	}
-	if ($num_noinfo) {
-		print STDERR "Warning: $num_noinfo symbols were without info.";
-		if ($do_rewrite) {
-			printf STDERR "  The rewrite will fix this.\n";
-		} else {
-			printf STDERR "  You should do a rewrite to fix this.\n";
-		}
-	}
-	close(IN);
-	return(%ret);
-}
-
-sub parse_number
-{
-	(my $str, my $what) = @_;
-	(my $n, my $i) = split(/\\/,$str);
-	if ($what eq "n") {
-		return $n;
-	} else {
-		return $i;
-	}
-}
-
-sub rewrite_numbers
-{
-	(*OUT,$name,*nums,@symbols)=@_;
-	my $thing;
-
-	print STDERR "Rewriting $name\n";
-
-	my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols);
-	my $r; my %r; my %rsyms;
-	foreach $r (@r) {
-		(my $s, my $i) = split /\\/, $r;
-		my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
-		$i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
-		$r{$a} = $s."\\".$i;
-		$rsyms{$s} = 1;
-	}
-
-	my %syms = ();
-	foreach $_ (@symbols) {
-		(my $n, my $i) = split /\\/;
-		$syms{$n} = 1;
-	}
-
-	my @s=sort {
-	    &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n")
-	    || $a cmp $b
-	} keys %nums;
-	foreach $sym (@s) {
-		(my $n, my $i) = split /\\/, $nums{$sym};
-		next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/;
-		next if defined($rsyms{$sym});
-		print STDERR "DEBUG: rewrite_numbers for sym = ",$sym,": i = ",$i,", n = ",$n,", rsym{sym} = ",$rsyms{$sym},"syms{sym} = ",$syms{$sym},"\n" if $debug;
-		$i="NOEXIST::FUNCTION:"
-			if !defined($i) || $i eq "" || !defined($syms{$sym});
-		my $s2 = $sym;
-		$s2 =~ s/\{[0-9]+\}$//;
-		printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
-		if (exists $r{$sym}) {
-			(my $s, $i) = split /\\/,$r{$sym};
-			my $s2 = $s;
-			$s2 =~ s/\{[0-9]+\}$//;
-			printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
-		}
-	}
-}
-
-sub update_numbers
-{
-	(*OUT,$name,*nums,my $start_num, my @symbols)=@_;
-	my $new_syms = 0;
-
-	print STDERR "Updating $name numbers\n";
-
-	my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols);
-	my $r; my %r; my %rsyms;
-	foreach $r (@r) {
-		(my $s, my $i) = split /\\/, $r;
-		my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
-		$i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
-		$r{$a} = $s."\\".$i;
-		$rsyms{$s} = 1;
-	}
-
-	foreach $sym (@symbols) {
-		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
-		next if $i =~ /^.*?:.*?:\w+\(\w+\)/;
-		next if defined($rsyms{$sym});
-		die "ERROR: Symbol $sym had no info attached to it."
-		    if $i eq "";
-		if (!exists $nums{$s}) {
-			$new_syms++;
-			my $s2 = $s;
-			$s2 =~ s/\{[0-9]+\}$//;
-			printf OUT "%s%-39s %d\t%s\n","",$s2, ++$start_num,$i;
-			if (exists $r{$s}) {
-				($s, $i) = split /\\/,$r{$s};
-				$s =~ s/\{[0-9]+\}$//;
-				printf OUT "%s%-39s %d\t%s\n","",$s, $start_num,$i;
-			}
-		}
-	}
-	if($new_syms) {
-		print STDERR "$new_syms New symbols added\n";
-	} else {
-		print STDERR "No New symbols Added\n";
-	}
-}
-
-sub check_existing
-{
-	(*nums, my @symbols)=@_;
-	my %existing; my @remaining;
-	@remaining=();
-	foreach $sym (@symbols) {
-		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
-		$existing{$s}=1;
-	}
-	foreach $sym (keys %nums) {
-		if (!exists $existing{$sym}) {
-			push @remaining, $sym;
-		}
-	}
-	if(@remaining) {
-		print STDERR "The following symbols do not seem to exist:\n";
-		foreach $sym (@remaining) {
-			print STDERR "\t",$sym,"\n";
-		}
-	}
-}
-
diff --git a/crypto/openssl/util/mkdir-p.pl b/crypto/openssl/util/mkdir-p.pl
deleted file mode 100755
index 6c69c2daa4d0..000000000000
--- a/crypto/openssl/util/mkdir-p.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/local/bin/perl
-
-# mkdir-p.pl
-
-# On some systems, the -p option to mkdir (= also create any missing parent
-# directories) is not available.
-
-my $arg;
-
-foreach $arg (@ARGV) {
-  &do_mkdir_p($arg);
-}
-
-
-sub do_mkdir_p {
-  local($dir) = @_;
-
-  $dir =~ s|/*\Z(?!\n)||s;
-
-  if (-d $dir) {
-    return;
-  }
-
-  if ($dir =~ m|[^/]/|s) {
-    local($parent) = $dir;
-    $parent =~ s|[^/]*\Z(?!\n)||s;
-
-    do_mkdir_p($parent);
-  }
-
-  mkdir($dir, 0777) || die "Cannot create directory $dir: $!\n";
-  print "created directory `$dir'\n";
-}
diff --git a/crypto/openssl/util/mkerr.pl b/crypto/openssl/util/mkerr.pl
deleted file mode 100644
index 4105047b217d..000000000000
--- a/crypto/openssl/util/mkerr.pl
+++ /dev/null
@@ -1,629 +0,0 @@
-#!/usr/local/bin/perl -w
-
-my $config = "crypto/err/openssl.ec";
-my $debug = 0;
-my $rebuild = 0;
-my $static = 1;
-my $recurse = 0;
-my $reindex = 0;
-my $dowrite = 0;
-my $staticloader = "";
-
-while (@ARGV) {
-	my $arg = $ARGV[0];
-	if($arg eq "-conf") {
-		shift @ARGV;
-		$config = shift @ARGV;
-	} elsif($arg eq "-debug") {
-		$debug = 1;
-		shift @ARGV;
-	} elsif($arg eq "-rebuild") {
-		$rebuild = 1;
-		shift @ARGV;
-	} elsif($arg eq "-recurse") {
-		$recurse = 1;
-		shift @ARGV;
-	} elsif($arg eq "-reindex") {
-		$reindex = 1;
-		shift @ARGV;
-	} elsif($arg eq "-nostatic") {
-		$static = 0;
-		shift @ARGV;
-	} elsif($arg eq "-staticloader") {
-		$staticloader = "static ";
-		shift @ARGV;
-	} elsif($arg eq "-write") {
-		$dowrite = 1;
-		shift @ARGV;
-	} else {
-		last;
-	}
-}
-
-if($recurse) {
-	@source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>);
-} else {
-	@source = @ARGV;
-}
-
-# Read in the config file
-
-open(IN, "<$config") || die "Can't open config file $config";
-
-# Parse config file
-
-while(<IN>)
-{
-	if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
-		$hinc{$1} = $2;
-		$libinc{$2} = $1;
-		$cskip{$3} = $1;
-		if($3 ne "NONE") {
-			$csrc{$1} = $3;
-			$fmax{$1} = 99;
-			$rmax{$1} = 99;
-			$fnew{$1} = 0;
-			$rnew{$1} = 0;
-		}
-	} elsif (/^F\s+(\S+)/) {
-	# Add extra function with $1
-	} elsif (/^R\s+(\S+)\s+(\S+)/) {
-		$rextra{$1} = $2;
-		$rcodes{$1} = $2;
-	}
-}
-
-close IN;
-
-# Scan each header file in turn and make a list of error codes
-# and function names
-
-while (($hdr, $lib) = each %libinc)
-{
-	next if($hdr eq "NONE");
-	print STDERR "Scanning header file $hdr\n" if $debug; 
-	my $line = "", $def= "", $linenr = 0, $gotfile = 0;
-	if (open(IN, "<$hdr")) {
-	    $gotfile = 1;
-	    while(<IN>) {
-		$linenr++;
-		print STDERR "line: $linenr\r" if $debug;
-
-		last if(/BEGIN\s+ERROR\s+CODES/);
-		if ($line ne '') {
-		    $_ = $line . $_;
-		    $line = '';
-		}
-
-		if (/\\$/) {
-		    $line = $_;
-		    next;
-		}
-
-		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
-		if ($cpp) {
-		    $cpp = 0 if /^#.*endif/;
-		    next;
-		}
-
-		next if (/^\#/);                      # skip preprocessor directives
-
-		s/\/\*.*?\*\///gs;                   # ignore comments
-		s/{[^{}]*}//gs;                      # ignore {} blocks
-
-		if (/\{|\/\*/) { # Add a } so editor works...
-		    $line = $_;
-		} else {
-		    $def .= $_;
-		}
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-        $defnr = 0;
-	foreach (split /;/, $def) {
-	    $defnr++;
-	    print STDERR "def: $defnr\r" if $debug;
-
-	    s/^[\n\s]*//g;
-	    s/[\n\s]*$//g;
-	    next if(/typedef\W/);
-	    if (/\(\*(\w*)\([^\)]+/) {
-		my $name = $1;
-		$name =~ tr/[a-z]/[A-Z]/;
-		$ftrans{$name} = $1;
-	    } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){
-		# K&R C
-		next ;
-	    } elsif (/\w+\W+\w+\W*\(.*\)$/s) {
-		while (not /\(\)$/s) {
-		    s/[^\(\)]*\)$/\)/s;
-		    s/\([^\(\)]*\)\)$/\)/s;
-		}
-		s/\(void\)//;
-		/(\w+)\W*\(\)/s;
-		my $name = $1;
-		$name =~ tr/[a-z]/[A-Z]/;
-		$ftrans{$name} = $1;
-	    } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) {
-		print STDERR "Header $hdr: cannot parse: $_;\n";
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-
-	next if $reindex;
-
-	# Scan function and reason codes and store them: keep a note of the
-	# maximum code used.
-
-	if ($gotfile) {
-	    while(<IN>) {
-		if(/^\#define\s+(\S+)\s+(\S+)/) {
-			$name = $1;
-			$code = $2;
-			next if $name =~ /^${lib}err/;
-			unless($name =~ /^${lib}_([RF])_(\w+)$/) {
-				print STDERR "Invalid error code $name\n";
-				next;
-			}
-			if($1 eq "R") {
-				$rcodes{$name} = $code;
-				if(!(exists $rextra{$name}) &&
-					 ($code > $rmax{$lib}) ) {
-					$rmax{$lib} = $code;
-				}
-			} else {
-				if($code > $fmax{$lib}) {
-					$fmax{$lib} = $code;
-				}
-				$fcodes{$name} = $code;
-			}
-		}
-	    }
-	}
-	close IN;
-}
-
-# Scan each C source file and look for function and reason codes
-# This is done by looking for strings that "look like" function or
-# reason codes: basically anything consisting of all upper case and
-# numerics which has _F_ or _R_ in it and which has the name of an
-# error library at the start. This seems to work fine except for the
-# oddly named structure BIO_F_CTX which needs to be ignored.
-# If a code doesn't exist in list compiled from headers then mark it
-# with the value "X" as a place holder to give it a value later.
-# Store all function and reason codes found in %ufcodes and %urcodes
-# so all those unreferenced can be printed out.
-
-
-print STDERR "Files loaded: " if $debug;
-foreach $file (@source) {
-	# Don't parse the error source file.
-	next if exists $cskip{$file};
-	print STDERR $file if $debug;
-	open(IN, "<$file") || die "Can't open source file $file\n";
-	while(<IN>) {
-		if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
-			next unless exists $csrc{$2};
-			next if($1 eq "BIO_F_BUFFER_CTX");
-			$ufcodes{$1} = 1;
-			if(!exists $fcodes{$1}) {
-				$fcodes{$1} = "X";
-				$fnew{$2}++;
-			}
-			$notrans{$1} = 1 unless exists $ftrans{$3};
-		}
-		if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
-			next unless exists $csrc{$2};
-			$urcodes{$1} = 1;
-			if(!exists $rcodes{$1}) {
-				$rcodes{$1} = "X";
-				$rnew{$2}++;
-			}
-		} 
-	}
-	close IN;
-}
-print STDERR "\n" if $debug;
-
-# Now process each library in turn.
-
-foreach $lib (keys %csrc)
-{
-	my $hfile = $hinc{$lib};
-	my $cfile = $csrc{$lib};
-	if(!$fnew{$lib} && !$rnew{$lib}) {
-		print STDERR "$lib:\t\tNo new error codes\n";
-		next unless $rebuild;
-	} else {
-		print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
-		print STDERR " $rnew{$lib} New Reasons.\n";
-		next unless $dowrite;
-	}
-
-	# If we get here then we have some new error codes so we
-	# need to rebuild the header file and C file.
-
-	# Make a sorted list of error and reason codes for later use.
-
-	my @function = sort grep(/^${lib}_/,keys %fcodes);
-	my @reasons = sort grep(/^${lib}_/,keys %rcodes);
-
-	# Rewrite the header file
-
-	if (open(IN, "<$hfile")) {
-	    # Copy across the old file
-	    while(<IN>) {
-		push @out, $_;
-		last if (/BEGIN ERROR CODES/);
-	    }
-	    close IN;
-	} else {
-	    push @out,
-"/* ====================================================================\n",
-" * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.\n",
-" *\n",
-" * Redistribution and use in source and binary forms, with or without\n",
-" * modification, are permitted provided that the following conditions\n",
-" * are met:\n",
-" *\n",
-" * 1. Redistributions of source code must retain the above copyright\n",
-" *    notice, this list of conditions and the following disclaimer. \n",
-" *\n",
-" * 2. Redistributions in binary form must reproduce the above copyright\n",
-" *    notice, this list of conditions and the following disclaimer in\n",
-" *    the documentation and/or other materials provided with the\n",
-" *    distribution.\n",
-" *\n",
-" * 3. All advertising materials mentioning features or use of this\n",
-" *    software must display the following acknowledgment:\n",
-" *    \"This product includes software developed by the OpenSSL Project\n",
-" *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)\"\n",
-" *\n",
-" * 4. The names \"OpenSSL Toolkit\" and \"OpenSSL Project\" must not be used to\n",
-" *    endorse or promote products derived from this software without\n",
-" *    prior written permission. For written permission, please contact\n",
-" *    openssl-core\@openssl.org.\n",
-" *\n",
-" * 5. Products derived from this software may not be called \"OpenSSL\"\n",
-" *    nor may \"OpenSSL\" appear in their names without prior written\n",
-" *    permission of the OpenSSL Project.\n",
-" *\n",
-" * 6. Redistributions of any form whatsoever must retain the following\n",
-" *    acknowledgment:\n",
-" *    \"This product includes software developed by the OpenSSL Project\n",
-" *    for use in the OpenSSL Toolkit (http://www.openssl.org/)\"\n",
-" *\n",
-" * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\n",
-" * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n",
-" * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n",
-" * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR\n",
-" * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n",
-" * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n",
-" * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n",
-" * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n",
-" * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n",
-" * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n",
-" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n",
-" * OF THE POSSIBILITY OF SUCH DAMAGE.\n",
-" * ====================================================================\n",
-" *\n",
-" * This product includes cryptographic software written by Eric Young\n",
-" * (eay\@cryptsoft.com).  This product includes software written by Tim\n",
-" * Hudson (tjh\@cryptsoft.com).\n",
-" *\n",
-" */\n",
-"\n",
-"#ifndef HEADER_${lib}_ERR_H\n",
-"#define HEADER_${lib}_ERR_H\n",
-"\n",
-"/* BEGIN ERROR CODES */\n";
-	}
-	open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
-
-	print OUT @out;
-	undef @out;
-	print OUT <<"EOF";
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-EOF
-	if($static) {
-		print OUT <<"EOF";
-${staticloader}void ERR_load_${lib}_strings(void);
-
-EOF
-	} else {
-		print OUT <<"EOF";
-${staticloader}void ERR_load_${lib}_strings(void);
-${staticloader}void ERR_unload_${lib}_strings(void);
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line);
-#define ${lib}err(f,r) ERR_${lib}_error((f),(r),__FILE__,__LINE__)
-
-EOF
-	}
-	print OUT <<"EOF";
-/* Error codes for the $lib functions. */
-
-/* Function codes. */
-EOF
-
-	foreach $i (@function) {
-		$z=6-int(length($i)/8);
-		if($fcodes{$i} eq "X") {
-			$fcodes{$i} = ++$fmax{$lib};
-			print STDERR "New Function code $i\n" if $debug;
-		}
-		printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
-	}
-
-	print OUT "\n/* Reason codes. */\n";
-
-	foreach $i (@reasons) {
-		$z=6-int(length($i)/8);
-		if($rcodes{$i} eq "X") {
-			$rcodes{$i} = ++$rmax{$lib};
-			print STDERR "New Reason code   $i\n" if $debug;
-		}
-		printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
-	}
-	print OUT <<"EOF";
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-EOF
-	close OUT;
-
-	# Rewrite the C source file containing the error details.
-
-	# First, read any existing reason string definitions:
-	my %err_reason_strings;
-	if (open(IN,"<$cfile")) {
-		while (<IN>) {
-			if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
-				$err_reason_strings{$1} = $2;
-			}
-		}
-		close(IN);
-	}
-
-	my $hincf;
-	if($static) {
-		$hfile =~ /([^\/]+)$/;
-		$hincf = "<openssl/$1>";
-	} else {
-		$hincf = "\"$hfile\"";
-	}
-
-
-	open (OUT,">$cfile") || die "Can't open $cfile for writing";
-
-	print OUT <<"EOF";
-/* $cfile */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core\@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay\@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh\@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include $hincf
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ${lib}_str_functs[]=
-	{
-EOF
-	# Add each function code: if a function name is found then use it.
-	foreach $i (@function) {
-		my $fn;
-		$i =~ /^${lib}_F_(\S+)$/;
-		$fn = $1;
-		if(exists $ftrans{$fn}) {
-			$fn = $ftrans{$fn};
-		}
-		print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n";
-	}
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ${lib}_str_reasons[]=
-	{
-EOF
-	# Add each reason code.
-	foreach $i (@reasons) {
-		my $rn;
-		my $nspc = 0;
-		if (exists $err_reason_strings{$i}) {
-			$rn = $err_reason_strings{$i};
-		} else {
-			$i =~ /^${lib}_R_(\S+)$/;
-			$rn = $1;
-			$rn =~ tr/_[A-Z]/ [a-z]/;
-		}
-		$nspc = 40 - length($i) unless length($i) > 40;
-		$nspc = " " x $nspc;
-		print OUT "{${i}${nspc},\"$rn\"},\n";
-	}
-if($static) {
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-#endif
-
-${staticloader}void ERR_load_${lib}_strings(void)
-	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs);
-		ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons);
-#endif
-
-		}
-	}
-EOF
-} else {
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-#endif
-
-#ifdef ${lib}_LIB_NAME
-static ERR_STRING_DATA ${lib}_lib_name[]=
-        {
-{0	,${lib}_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int ${lib}_lib_error_code=0;
-static int ${lib}_error_init=1;
-
-${staticloader}void ERR_load_${lib}_strings(void)
-	{
-	if (${lib}_lib_error_code == 0)
-		${lib}_lib_error_code=ERR_get_next_error_library();
-
-	if (${lib}_error_init)
-		{
-		${lib}_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs);
-		ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-		${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0);
-		ERR_load_strings(0,${lib}_lib_name);
-#endif
-		}
-	}
-
-${staticloader}void ERR_unload_${lib}_strings(void)
-	{
-	if (${lib}_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_functs);
-		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-		ERR_unload_strings(0,${lib}_lib_name);
-#endif
-		${lib}_error_init=1;
-		}
-	}
-
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line)
-	{
-	if (${lib}_lib_error_code == 0)
-		${lib}_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line);
-	}
-EOF
-
-}
-
-	close OUT;
-	undef %err_reason_strings;
-}
-
-if($debug && defined(%notrans)) {
-	print STDERR "The following function codes were not translated:\n";
-	foreach(sort keys %notrans)
-	{
-		print STDERR "$_\n";
-	}
-}
-
-# Make a list of unreferenced function and reason codes
-
-foreach (keys %fcodes) {
-	push (@funref, $_) unless exists $ufcodes{$_};
-}
-
-foreach (keys %rcodes) {
-	push (@runref, $_) unless exists $urcodes{$_};
-}
-
-if($debug && defined(@funref) ) {
-	print STDERR "The following function codes were not referenced:\n";
-	foreach(sort @funref)
-	{
-		print STDERR "$_\n";
-	}
-}
-
-if($debug && defined(@runref) ) {
-	print STDERR "The following reason codes were not referenced:\n";
-	foreach(sort @runref)
-	{
-		print STDERR "$_\n";
-	}
-}
diff --git a/crypto/openssl/util/mkfiles.pl b/crypto/openssl/util/mkfiles.pl
deleted file mode 100755
index 29e1404c6950..000000000000
--- a/crypto/openssl/util/mkfiles.pl
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/usr/local/bin/perl
-#
-# This is a hacked version of files.pl for systems that can't do a 'make files'.
-# Do a perl util/mkminfo.pl >MINFO to build MINFO
-# Written by Steve Henson 1999.
-
-# List of directories to process
-
-my @dirs = (
-".",
-"crypto",
-"crypto/md2",
-"crypto/md4",
-"crypto/md5",
-"crypto/sha",
-"crypto/mdc2",
-"crypto/hmac",
-"crypto/ripemd",
-"crypto/des",
-"crypto/rc2",
-"crypto/rc4",
-"crypto/rc5",
-"crypto/idea",
-"crypto/bf",
-"crypto/cast",
-"crypto/aes",
-"crypto/bn",
-"crypto/rsa",
-"crypto/dsa",
-"crypto/dso",
-"crypto/dh",
-"crypto/ec",
-"crypto/buffer",
-"crypto/bio",
-"crypto/stack",
-"crypto/lhash",
-"crypto/rand",
-"crypto/err",
-"crypto/objects",
-"crypto/evp",
-"crypto/asn1",
-"crypto/pem",
-"crypto/x509",
-"crypto/x509v3",
-"crypto/conf",
-"crypto/txt_db",
-"crypto/pkcs7",
-"crypto/pkcs12",
-"crypto/comp",
-"crypto/engine",
-"crypto/ocsp",
-"crypto/ui",
-"crypto/krb5",
-"ssl",
-"apps",
-"test",
-"tools"
-);
-
-foreach (@dirs) {
-	&files_dir ($_, "Makefile.ssl");
-}
-
-exit(0);
-
-sub files_dir
-{
-my ($dir, $makefile) = @_;
-
-my %sym;
-
-open (IN, "$dir/$makefile") || die "Can't open $dir/$makefile";
-
-my $s="";
-
-while (<IN>)
-	{
-	chop;
-	s/#.*//;
-	if (/^(\S+)\s*=\s*(.*)$/)
-		{
-		$o="";
-		($s,$b)=($1,$2);
-		for (;;)
-			{
-			if ($b =~ /\\$/)
-				{
-				chop($b);
-				$o.=$b." ";
-				$b=<IN>;
-				chop($b);
-				}
-			else
-				{
-				$o.=$b." ";
-				last;
-				}
-			}
-		$o =~ s/^\s+//;
-		$o =~ s/\s+$//;
-		$o =~ s/\s+/ /g;
-
-		$o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
-		$sym{$s}=$o;
-		}
-	}
-
-print "RELATIVE_DIRECTORY=$dir\n";
-
-foreach (sort keys %sym)
-	{
-	print "$_=$sym{$_}\n";
-	}
-print "RELATIVE_DIRECTORY=\n";
-
-close (IN);
-}
diff --git a/crypto/openssl/util/mklink.pl b/crypto/openssl/util/mklink.pl
deleted file mode 100755
index 9386da7aa4c3..000000000000
--- a/crypto/openssl/util/mklink.pl
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/usr/local/bin/perl
-
-# mklink.pl
-
-# The first command line argument is a non-empty relative path
-# specifying the "from" directory.
-# Each other argument is a file name not containing / and
-# names a file in the current directory.
-#
-# For each of these files, we create in the "from" directory a link
-# of the same name pointing to the local file.
-#
-# We assume that the directory structure is a tree, i.e. that it does
-# not contain symbolic links and that the parent of / is never referenced.
-# Apart from this, this script should be able to handle even the most
-# pathological cases.
-
-my $from = shift;
-my @files = @ARGV;
-
-my @from_path = split(/[\\\/]/, $from);
-my $pwd = `pwd`;
-chop($pwd);
-my @pwd_path = split(/[\\\/]/, $pwd);
-
-my @to_path = ();
-
-my $dirname;
-foreach $dirname (@from_path) {
-
-    # In this loop, @to_path always is a relative path from
-    # @pwd_path (interpreted is an absolute path) to the original pwd.
-
-    # At the end, @from_path (as a relative path from the original pwd)
-    # designates the same directory as the absolute path @pwd_path,
-    # which means that @to_path then is a path from there to the original pwd.
-
-    next if ($dirname eq "" || $dirname eq ".");
-
-    if ($dirname eq "..") {
-	@to_path = (pop(@pwd_path), @to_path);
-    } else {
-	@to_path = ("..", @to_path);
-	push(@pwd_path, $dirname);
-    }
-}
-
-my $to = join('/', @to_path);
-
-my $file;
-$symlink_exists=eval {symlink("",""); 1};
-foreach $file (@files) {
-    my $err = "";
-    if ($symlink_exists) {
-	symlink("$to/$file", "$from/$file") or $err = " [$!]";
-    } else {
-	unlink "$from/$file"; 
-	open (OLD, "<$file") or die "Can't open $file: $!";
-	open (NEW, ">$from/$file") or die "Can't open $from/$file: $!";
-	binmode(OLD);
-	binmode(NEW);
-	while (<OLD>) {
-	    print NEW $_;
-	}
-	close (OLD) or die "Can't close $file: $!";
-	close (NEW) or die "Can't close $from/$file: $!";
-    }
-    print $file . " => $from/$file$err\n";
-}
diff --git a/crypto/openssl/util/mkstack.pl b/crypto/openssl/util/mkstack.pl
deleted file mode 100755
index 085c50f790f2..000000000000
--- a/crypto/openssl/util/mkstack.pl
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/usr/local/bin/perl -w
-
-# This is a utility that searches out "DECLARE_STACK_OF()"
-# declarations in .h and .c files, and updates/creates/replaces
-# the corresponding macro declarations in crypto/stack/safestack.h.
-# As it's not generally possible to have macros that generate macros,
-# we need to control this from the "outside", here in this script.
-#
-# Geoff Thorpe, June, 2000 (with massive Perl-hacking
-#                           help from Steve Robb)
-
-my $safestack = "crypto/stack/safestack";
-
-my $do_write;
-while (@ARGV) {
-	my $arg = $ARGV[0];
-	if($arg eq "-write") {
-		$do_write = 1;
-	}
-	shift @ARGV;
-}
-
-
-@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>);
-foreach $file (@source) {
-	next if -l $file;
-
-	# Open the .c/.h file for reading
-	open(IN, "< $file") || die "Can't open $file for reading: $!";
-
-	while(<IN>) {
-		if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
-			push @stacklst, $1;
-		} if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
-			push @asn1setlst, $1;
-		} if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
-			push @p12stklst, $1;
-		}
-	}
-	close(IN);
-}
-
-
-
-my $old_stackfile = "";
-my $new_stackfile = "";
-my $inside_block = 0;
-my $type_thing;
-
-open(IN, "< $safestack.h") || die "Can't open input file: $!";
-while(<IN>) {
-	$old_stackfile .= $_;
-
-	if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) {
-		$inside_block = 1;
-	}
-	if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) {
-		$inside_block = 0;
-	} elsif ($inside_block == 0) {
-		$new_stackfile .= $_;
-	}
-	next if($inside_block != 1);
-	$new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
-		
-	foreach $type_thing (sort @stacklst) {
-		$new_stackfile .= <<EOF;
-
-#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
-#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
-#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
-#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
-#define sk_${type_thing}_value(st, i) SKM_sk_value($type_thing, (st), (i))
-#define sk_${type_thing}_set(st, i, val) SKM_sk_set($type_thing, (st), (i), (val))
-#define sk_${type_thing}_zero(st) SKM_sk_zero($type_thing, (st))
-#define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val))
-#define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val))
-#define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val))
-#define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i))
-#define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr))
-#define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i))
-#define sk_${type_thing}_set_cmp_func(st, cmp) SKM_sk_set_cmp_func($type_thing, (st), (cmp))
-#define sk_${type_thing}_dup(st) SKM_sk_dup($type_thing, st)
-#define sk_${type_thing}_pop_free(st, free_func) SKM_sk_pop_free($type_thing, (st), (free_func))
-#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
-#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
-#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
-EOF
-	}
-	foreach $type_thing (sort @asn1setlst) {
-		$new_stackfile .= <<EOF;
-
-#define d2i_ASN1_SET_OF_${type_thing}(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \\
-	SKM_ASN1_SET_OF_d2i($type_thing, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_${type_thing}(st, pp, i2d_func, ex_tag, ex_class, is_set) \\
-	SKM_ASN1_SET_OF_i2d($type_thing, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_${type_thing}(st, i2d_func, buf, len) \\
-	SKM_ASN1_seq_pack($type_thing, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_${type_thing}(buf, len, d2i_func, free_func) \\
-	SKM_ASN1_seq_unpack($type_thing, (buf), (len), (d2i_func), (free_func))
-EOF
-	}
-	foreach $type_thing (sort @p12stklst) {
-		$new_stackfile .= <<EOF;
-
-#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
-	SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-EOF
-	}
-	$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
-	$inside_block = 2;
-}
-
-
-if ($new_stackfile eq $old_stackfile) {
-	print "No changes to $safestack.h.\n";
-	exit 0; # avoid unnecessary rebuild
-}
-
-if ($do_write) {
-	print "Writing new $safestack.h.\n";
-	open OUT, ">$safestack.h" || die "Can't open output file";
-	print OUT $new_stackfile;
-	close OUT;
-}
diff --git a/crypto/openssl/util/perlpath.pl b/crypto/openssl/util/perlpath.pl
deleted file mode 100755
index a1f236bd9843..000000000000
--- a/crypto/openssl/util/perlpath.pl
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/usr/local/bin/perl
-#
-# modify the '#!/usr/local/bin/perl'
-# line in all scripts that rely on perl.
-#
-
-require "find.pl";
-
-$#ARGV == 0 || print STDERR "usage: perlpath newpath  (eg /usr/bin)\n";
-&find(".");
-
-sub wanted
-	{
-	return unless /\.pl$/ || /^[Cc]onfigur/;
-
-	open(IN,"<$_") || die "unable to open $dir/$_:$!\n";
-	@a=<IN>;
-	close(IN);
-
-	if (-d $ARGV[0]) {
-		$a[0]="#!$ARGV[0]/perl\n";
-	}
-	else {
-		$a[0]="#!$ARGV[0]\n";
-	}
-
-	# Playing it safe...
-	$new="$_.new";
-	open(OUT,">$new") || die "unable to open $dir/$new:$!\n";
-	print OUT @a;
-	close(OUT);
-
-	rename($new,$_) || die "unable to rename $dir/$new:$!\n";
-	chmod(0755,$_) || die "unable to chmod $dir/$new:$!\n";
-	}
diff --git a/crypto/openssl/util/pl/BC-16.pl b/crypto/openssl/util/pl/BC-16.pl
deleted file mode 100644
index 2033f524ca5a..000000000000
--- a/crypto/openssl/util/pl/BC-16.pl
+++ /dev/null
@@ -1,146 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='bcc';
-
-if ($debug)
-	{ $op="-v "; }
-else	{ $op="-O "; }
-
-$cflags="-d -ml $op -DL_ENDIAN";
-# I add the stack opt
-$base_lflags="/c /C";
-$lflags="$base_lflags";
-
-if ($win16)
-	{
-	$shlib=1;
-	$cflags.=" -DOPENSSL_SYSNAME_WIN16";
-	$app_cflag="-W";
-	$lib_cflag="-WD";
-	$lflags.="/Twe";
-	}
-else
-	{
-	$cflags.=" -DOENSSL_SYSNAME_MSDOS";
-	$lflags.=" /Tde";
-	}
-
-if ($shlib)
-	{
-	$mlflags=" /Twd $base_lflags"; # stack if defined in .def file
-	$libs="libw ldllcew";
-	$no_asm=1;
-	}
-else
-	{ $mlflags=''; }
-
-$obj='.obj';
-$ofile="-o";
-
-# EXE linking stuff
-$link="tlink";
-$efile="";
-$exep='.exe';
-$ex_libs="CL";
-$ex_libs.=$no_sock?"":" winsock.lib";
-
-$app_ex_obj="C0L.obj ";
-$shlib_ex_obj="" if ($shlib);
-
-# static library stuff
-$mklib='tlib';
-$ranlib='echo no ranlib';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='bcc -c -B -Tml';
-$afile='/o';
-if ($no_asm)
-	{
-	$bn_asm_obj='';
-	$bn_asm_src='';
-	}
-elsif ($asmbits == 32)
-	{
-	$bn_asm_obj='crypto\bn\asm\x86w32.obj';
-	$bn_asm_src='crypto\bn\asm\x86w32.asm';
-	}
-else
-	{
-	$bn_asm_obj='crypto\bn\asm\x86w16.obj';
-	$bn_asm_src='crypto\bn\asm\x86w16.asm';
-	}
-
-sub do_lib_rule
-	{
-	local($target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) \$(O_$Name)\n";
-
-	# Due to a pathetic line length limit, I unwrap the args.
-	local($lib_names)="";
-	local($dll_names)="";
-	foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
-		{
-		$lib_names.="  +$_ &\n";
-		$dll_names.="  $_\n";
-		}
-
-	if (!$shlib)
-		{
-		$ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
-		}
-	else
-		{
-		local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
-		$ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
-		$ret.=$dll_names;
-		$ret.="\n  $target\n\n  $ex $libs\nms$o${name}16.def;\n|\n";
-		($out_lib=$target) =~ s/O_/L_/;
-		$ret.="\timplib /nowep $out_lib $target\n\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$f,$_,@f);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) @&&|";
-	
-	# Due to a pathetic line length limit, I have to unwrap the args.
-	$ret.=" \$(LFLAGS) ";
-	if ($files =~ /\(([^)]*)\)$/)
-		{
-		$ret.=" \$(APP_EX_OBJ)";
-		foreach $_ (sort split(/\s+/,$Vars{$1}))
-			{ $ret.="\n  $r $_ +"; }
-		chop($ret);
-		$ret.="\n";
-		}
-	else
-		{ $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
-	$ret.="  $target\n\n  $libs\n\n|\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/BC-32.pl b/crypto/openssl/util/pl/BC-32.pl
deleted file mode 100644
index e83b3361908f..000000000000
--- a/crypto/openssl/util/pl/BC-32.pl
+++ /dev/null
@@ -1,135 +0,0 @@
-#!/usr/local/bin/perl
-# Borland C++ builder 3 and 4 -- Janez Jere <jj@void.si>
-#
-
-$ssl=	"ssleay32";
-$crypto="libeay32";
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='bcc32';
-$lflags="-ap -Tpe -x -Gn ";
-$mlflags='';
-
-$out_def="out32";
-$tmp_def="tmp32";
-$inc_def="inc32";
-#enable max error messages, disable most common warnings
-$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp ";
-if ($debug)
-{
-    $cflags.="-Od -y -v -vi- -D_DEBUG";
-    $mlflags.=' ';
-}
-else
-{
-    $cflags.="-O2 -ff -fp";
-}
-
-$obj='.obj';
-$ofile="-o";
-
-# EXE linking stuff
-$link="ilink32";
-$efile="";
-$exep='.exe';
-if ($no_sock)
-	{ $ex_libs=""; }
-else	{ $ex_libs="cw32mt.lib import32.lib"; }
-
-# static library stuff
-$mklib='tlib /P64';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$shlib_ex_obj="";
-$app_ex_obj="c0x32.obj"; 
-
-$asm='nasmw -f obj';
-$asm.=" /Zi" if $debug;
-$afile='-o';
-
-$bn_mulw_obj='';
-$bn_mulw_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
-	{
-	$bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
-	$bn_mulw_src='crypto\bn\asm\bn_win32.asm';
-	$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
-	$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
-	$bf_enc_obj='crypto\bf\asm\b_win32.obj';
-	$bf_enc_src='crypto\bf\asm\b_win32.asm';
-	$cast_enc_obj='crypto\cast\asm\c_win32.obj';
-	$cast_enc_src='crypto\cast\asm\c_win32.asm';
-	$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
-	$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
-	$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
-	$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
-	$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
-	$md5_asm_src='crypto\md5\asm\m5_win32.asm';
-	$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
-	$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
-	$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
-	$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
-	}
-
-if ($shlib)
-	{
-	$mlflags.=" $lflags /dll";
-#	$cflags =~ s| /MD| /MT|;
-	$lib_cflag=" /GD -D_WINDLL -D_DLL";
-	$out_def="out32dll";
-	$tmp_def="tmp32dll";
-	}
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-	if (!$shlib)
-		{
-		#		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ret.="\techo LIB $<\n";    
-                $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-		$ex.=' wsock32.lib gdi32.lib';
-		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/Mingw32.pl b/crypto/openssl/util/pl/Mingw32.pl
deleted file mode 100644
index 45ab685974e0..000000000000
--- a/crypto/openssl/util/pl/Mingw32.pl
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-#
-# Mingw32.pl -- Mingw32 with GNU cp (Mingw32f.pl uses DOS tools) 
-#
-
-$o='/';
-$cp='cp';
-$rm='rem'; # use 'rm -f' if using GNU file utilities
-$mkdir='gmkdir';
-
-# gcc wouldn't accept backslashes in paths
-#$o='\\';
-#$cp='copy';
-#$rm='del';
-
-# C compiler stuff
-
-$cc='gcc';
-if ($debug)
-	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
-else
-	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; }
-
-if ($gaswin and !$no_asm)
-	{
-        $bn_asm_obj='$(OBJ_D)/bn-win32.o';
-        $bn_asm_src='crypto/bn/asm/bn-win32.s';
-        $bnco_asm_obj='$(OBJ_D)/co-win32.o';
-        $bnco_asm_src='crypto/bn/asm/co-win32.s';
-        $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o';
-        $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
-        $bf_enc_obj='$(OBJ_D)/b-win32.o';
-        $bf_enc_src='crypto/bf/asm/b-win32.s';
-#       $cast_enc_obj='$(OBJ_D)/c-win32.o';
-#       $cast_enc_src='crypto/cast/asm/c-win32.s';
-        $rc4_enc_obj='$(OBJ_D)/r4-win32.o';
-        $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
-        $rc5_enc_obj='$(OBJ_D)/r5-win32.o';
-        $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
-        $md5_asm_obj='$(OBJ_D)/m5-win32.o';
-        $md5_asm_src='crypto/md5/asm/m5-win32.s';
-        $rmd160_asm_obj='$(OBJ_D)/rm-win32.o';
-        $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
-        $sha1_asm_obj='$(OBJ_D)/s1-win32.o';
-        $sha1_asm_src='crypto/sha/asm/s1-win32.s';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
-	}
-
-
-$obj='.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS}';
-$efile='-o ';
-$exep='';
-$ex_libs="-lwsock32 -lgdi32";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib='ranlib';
-$plib='lib';
-$libp=".a";
-$shlibp=".a";
-$lfile='';
-
-$asm='as';
-$afile='-o ';
-#$bn_asm_obj="";
-#$bn_asm_src="";
-#$des_enc_obj="";
-#$des_enc_src="";
-#$bf_enc_obj="";
-#$bf_enc_src="";
-
-sub do_lib_rule
-	{
-	local($obj,$target,$name,$shlib)=@_;
-	local($ret,$_,$Name);
-
-	$target =~ s/\//$o/g if $o ne '/';
-	$target="$target";
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) $target\n";
-	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
-	$ret.="\t\$(RANLIB) $target\n\n";
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-1;
diff --git a/crypto/openssl/util/pl/Mingw32f.pl b/crypto/openssl/util/pl/Mingw32f.pl
deleted file mode 100644
index 44f5673d7aaf..000000000000
--- a/crypto/openssl/util/pl/Mingw32f.pl
+++ /dev/null
@@ -1,73 +0,0 @@
-#!/usr/local/bin/perl
-#
-# Mingw32f.pl -- copy files; Mingw32.pl is needed to do the compiling. 
-#
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-
-$cc='gcc';
-if ($debug)
-	{ $cflags="-g2 -ggdb -DDSO_WIN32"; }
-else
-	{ $cflags="-O3 -fomit-frame-pointer -DDSO_WIN32"; }
-
-$obj='.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS}';
-$efile='-o ';
-$exep='';
-$ex_libs="-lwsock32 -lgdi32";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib='ranlib';
-$plib='lib';
-$libp=".a";
-$shlibp=".a";
-$lfile='';
-
-$asm='as';
-$afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
-
-sub do_lib_rule
-	{
-	local($obj,$target,$name,$shlib)=@_;
-	local($ret,$_,$Name);
-
-	$target =~ s/\//$o/g if $o ne '/';
-	$target="$target";
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) $target\n";
-	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
-	$ret.="\t\$(RANLIB) $target\n\n";
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-1;
-
diff --git a/crypto/openssl/util/pl/OS2-EMX.pl b/crypto/openssl/util/pl/OS2-EMX.pl
deleted file mode 100644
index d695dda623dc..000000000000
--- a/crypto/openssl/util/pl/OS2-EMX.pl
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/usr/local/bin/perl
-#
-# OS2-EMX.pl - for EMX GCC on OS/2
-#
-
-$o='\\';
-$cp='copy';
-$rm='rm -f';
-
-# C compiler stuff
-
-$cc='gcc';
-$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
-$cflags.="-Zomf " if $shlib;
-$shl_cflag="-Zdll";
-
-if ($debug) { 
-	$cflags.="-g "; 
-}
-
-$obj=$shlib ? '.obj' : '.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS} -Zbsd-signals -s';
-$efile='-o ';
-$exep='.exe';
-$ex_libs="-lsocket";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib="ar s";
-$plib='';
-$libp=$shlib ? ".lib" : ".a";
-$shlibp=$shlib ? ".dll" : ".a";
-$lfile='';
-
-$asm=$shlib ? 'as -Zomf' : 'as';
-$afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
-
-if (!$no_asm)
-	{
-	$bn_asm_obj="crypto\\bn\\asm\\bn-os2$obj crypto\\bn\\asm\\co-os2$obj";
-	$bn_asm_src="crypto\\bn\\asm\\bn-os2.asm crypto\\bn\\asm\\co-os2.asm";
-	$des_enc_obj="crypto\\des\\asm\\d-os2$obj crypto\\des\\asm\\y-os2$obj";
-	$des_enc_src="crypto\\des\\asm\\d-os2.asm crypto\\des\\asm\\y-os2.asm";
-	$bf_enc_obj="crypto\\bf\\asm\\b-os2$obj";
-	$bf_enc_src="crypto\\bf\\asm\\b-os2.asm";
-	$cast_enc_obj="crypto\\cast\\asm\\c-os2$obj";
-	$cast_enc_src="crypto\\cast\\asm\\c-os2.asm";
-	$rc4_enc_obj="crypto\\rc4\\asm\\r4-os2$obj";
-	$rc4_enc_src="crypto\\rc4\\asm\\r4-os2.asm";
-	$rc5_enc_obj="crypto\\rc5\\asm\\r5-os2$obj";
-	$rc5_enc_src="crypto\\rc5\\asm\\r5-os2.asm";
-	$md5_asm_obj="crypto\\md5\\asm\\m5-os2$obj";
-	$md5_asm_src="crypto\\md5\\asm\\m5-os2.asm";
-	$sha1_asm_obj="crypto\\sha\\asm\\s1-os2$obj";
-	$sha1_asm_src="crypto\\sha\\asm\\s1-os2.asm";
-	$rmd160_asm_obj="crypto\\ripemd\\asm\\rm-os2$obj";
-	$rmd160_asm_src="crypto\\ripemd\\asm\\rm-os2.asm";
-	}
-
-if ($shlib)
-	{
-	$mlflags.=" $lflags -Zdll";
-	$lib_cflag=" -D_DLL";
-	$out_def="out_dll";
-	$tmp_def="tmp_dll";
-	}
-
-sub do_lib_rule
-	{
-	local($obj,$target,$name,$shlib)=@_;
-	local($ret,$_,$Name);
-
-	$target =~ s/\//$o/g if $o ne '/';
-	$target="$target";
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	if (!$shlib) 
-		{
-		$ret.="\t\$(RM) $target\n";
-		$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
-		$ret.="\t\$(RANLIB) $target\n\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-		$ex.=' -lsocket';
-		$ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
-		$ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
-		$ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
-		}
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/VC-16.pl b/crypto/openssl/util/pl/VC-16.pl
deleted file mode 100644
index 7cda5e67a940..000000000000
--- a/crypto/openssl/util/pl/VC-16.pl
+++ /dev/null
@@ -1,172 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$ssl=	"ssleay16";
-$crypto="libeay16";
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='cl';
-
-$out_def="out16";
-$tmp_def="tmp16";
-$inc_def="inc16";
-
-if ($debug)
-	{
-	$op="/Od /Zi /Zd";
-	$base_lflags="/CO";
-	}
-else	{
-	$op="/G2 /f- /Ocgnotb2";
-	}
-$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
-if ($win16) { $base_lflags.=" /PACKD:60000"; }
-
-$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
-# I add the stack opt
-$lflags="$base_lflags /STACK:20000";
-
-if ($win16)
-	{
-	$cflags.=" -DOPENSSL_SYSNAME_WIN16";
-	$app_cflag="/Gw /FPi87";
-	$lib_cflag="/Gw";
-	$lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
-	$lib_cflag.=" -DWIN16TTY" if !$shlib;
-	$lflags.=" /ALIGN:256";
-	$ex_libs.="oldnames llibcewq libw";
-	}
-else
-	{
-	$no_sock=1;
-	$cflags.=" -DMSDOS";
-	$lflags.=" /EXEPACK";
-	$ex_libs.="oldnames.lib llibce.lib";
-	}
-
-if ($shlib)
-	{
-	$mlflags="$base_lflags";
-	$libs="oldnames ldllcew libw";
-	$shlib_ex_obj="";
-#	$no_asm=1;
-	$out_def="out16dll";
-	$tmp_def="tmp16dll";
-	}
-else
-	{ $mlflags=''; }
-
-$app_ex_obj="setargv.obj";
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="";
-$exep='.exe';
-$ex_libs.=$no_sock?"":" winsock";
-
-# static library stuff
-$mklib='lib /PAGESIZE:1024';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='ml /Cp /c /Cx';
-$afile='/Fo';
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
-	{
-	if ($asmbits == 32)
-		{
-		$bn_asm_obj='crypto\bn\asm\x86w32.obj';
-		$bn_asm_src='crypto\bn\asm\x86w32.asm';
-		}
-	else
-		{
-		$bn_asm_obj='crypto\bn\asm\x86w16.obj';
-		$bn_asm_src='crypto\bn\asm\x86w16.asm';
-		}
-	}
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-#	$ret.="\t\$(RM) \$(O_$Name)\n";
-
-	# Due to a pathetic line length limit, I unwrap the args.
-	local($lib_names)="";
-	local($dll_names)="  \$(SHLIB_EX_OBJ) +\n";
-	($obj)= ($objs =~ /\((.*)\)/);
-	foreach $_ (sort split(/\s+/,$Vars{$obj}))
-		{
-		$lib_names.="+$_ &\n";
-		$dll_names.="  $_ +\n";
-		}
-
-	if (!$shlib)
-		{
-		$ret.="\tdel $target\n";
-		$ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
-		$ex.=' winsock';
-		$ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
-		$ret.=$dll_names;
-		$ret.="\n  $target\n\n  $ex $libs\nms$o${name}.def;\n<<\n";
-		($out_lib=$target) =~ s/O_/L_/;
-		$ret.="\timplib /noignorecase /nowep $out_lib $target\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$f,$_,@f);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) @<<\n";
-	
-	# Due to a pathetic line length limit, I have to unwrap the args.
-	if ($files =~ /\(([^)]*)\)$/)
-		{
-		@a=('$(APP_EX_OBJ)');
-		push(@a,sort split(/\s+/,$Vars{$1}));
-		for $_ (@a)
-			{ $ret.="  $_ +\n"; }
-		}
-	else
-		{ $ret.="  \$(APP_EX_OBJ) $files"; }
-	$ret.="\n  $target\n\n  $libs\n\n<<\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/VC-32.pl b/crypto/openssl/util/pl/VC-32.pl
deleted file mode 100644
index 285990c5896d..000000000000
--- a/crypto/openssl/util/pl/VC-32.pl
+++ /dev/null
@@ -1,140 +0,0 @@
-#!/usr/local/bin/perl
-# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
-#
-
-$ssl=	"ssleay32";
-$crypto="libeay32";
-
-$o='\\';
-$cp='copy nul+';	# Timestamps get stuffed otherwise
-$rm='del';
-
-# C compiler stuff
-$cc='cl';
-$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
-$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
-$mlflags='';
-
-$out_def="out32";
-$tmp_def="tmp32";
-$inc_def="inc32";
-
-if ($debug)
-	{
-	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
-	$lflags.=" /debug";
-	$mlflags.=' /debug';
-	}
-$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1;
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="/out:";
-$exep='.exe';
-if ($no_sock)
-	{ $ex_libs=""; }
-else	{ $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
-
-# static library stuff
-$mklib='lib';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='/out:';
-
-$shlib_ex_obj="";
-$app_ex_obj="setargv.obj";
-if ($nasm) {
-	$asm='nasmw -f win32';
-	$afile='-o ';
-} else {
-	$asm='ml /Cp /coff /c /Cx';
-	$asm.=" /Zi" if $debug;
-	$afile='/Fo';
-}
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
-	{
-	$bn_asm_obj='crypto\bn\asm\bn_win32.obj';
-	$bn_asm_src='crypto\bn\asm\bn_win32.asm';
-	$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
-	$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
-	$bf_enc_obj='crypto\bf\asm\b_win32.obj';
-	$bf_enc_src='crypto\bf\asm\b_win32.asm';
-	$cast_enc_obj='crypto\cast\asm\c_win32.obj';
-	$cast_enc_src='crypto\cast\asm\c_win32.asm';
-	$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
-	$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
-	$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
-	$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
-	$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
-	$md5_asm_src='crypto\md5\asm\m5_win32.asm';
-	$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
-	$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
-	$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
-	$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
-	}
-
-if ($shlib)
-	{
-	$mlflags.=" $lflags /dll";
-#	$cflags =~ s| /MD| /MT|;
-	$lib_cflag=" -D_WINDLL";
-	$out_def="out32dll";
-	$tmp_def="tmp32dll";
-	}
-
-$cflags.=" /Fd$out_def";
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-	if (!$shlib)
-		{
-#		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ex =' advapi32.lib';
-		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-		$ex.=' wsock32.lib gdi32.lib advapi32.lib';
-		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
-	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/VC-CE.pl b/crypto/openssl/util/pl/VC-CE.pl
deleted file mode 100644
index 1805ef9d9760..000000000000
--- a/crypto/openssl/util/pl/VC-CE.pl
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/usr/local/bin/perl
-# VC-CE.pl - the file for eMbedded Visual C++ 3.0 for windows CE, static libraries
-#
-
-$ssl=	"ssleay32";
-$crypto="libeay32";
-$RSAref="RSAref32";
-
-$o='\\';
-$cp='copy nul+';	# Timestamps get stuffed otherwise
-$rm='del';
-
-# C compiler stuff
-$cc='$(CC)';
-$cflags=' /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo $(WCETARGETDEFS) -DUNICODE -D_UNICODE -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include';
-$lflags='/nologo /subsystem:windowsce,$(WCELDVERSION) /machine:$(WCELDMACHINE) /opt:ref';
-$mlflags='';
-
-$out_def='out32_$(TARGETCPU)';
-$tmp_def='tmp32_$(TARGETCPU)';
-$inc_def="inc32";
-
-if ($debug)
-	{
-	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
-	$lflags.=" /debug";
-	$mlflags.=' /debug';
-	}
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="/out:";
-$exep='.exe';
-if ($no_sock)
-	{ $ex_libs=""; }
-else	{ $ex_libs='winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib $(WCELDFLAGS)'; }
-
-# static library stuff
-$mklib='lib';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='/out:';
-
-$shlib_ex_obj="";
-#$app_ex_obj="setargv.obj";
-$app_ex_obj="";
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if ($shlib)
-	{
-	$mlflags.=" $lflags /dll";
-#	$cflags =~ s| /MD| /MT|;
-	$lib_cflag=" -D_WINDLL -D_DLL";
-	$out_def='out32dll_$(TARGETCPU)';
-	$tmp_def='tmp32dll_$(TARGETCPU)';
-	}
-
-$cflags.=" /Fd$out_def";
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-	if (!$shlib)
-		{
-#		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ex =' ';
-		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-#		$ex.=' winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib';
-		$ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib';
-		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
-	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/linux.pl b/crypto/openssl/util/pl/linux.pl
deleted file mode 100644
index 8924ed54808a..000000000000
--- a/crypto/openssl/util/pl/linux.pl
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-#
-# linux.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-$cc='gcc';
-if ($debug)
-	{ $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
-elsif ($profile)
-	{ $cflags="-pg -O3"; }
-else
-	{ $cflags="-O3 -fomit-frame-pointer"; }
-
-if (!$no_asm)
-	{
-	$bn_asm_obj='$(OBJ_D)/bn86-elf.o';
-	$bn_asm_src='crypto/bn/asm/bn86unix.cpp';
-	$bnco_asm_obj='$(OBJ_D)/co86-elf.o';
-	$bnco_asm_src='crypto/bn/asm/co86unix.cpp';
-	$des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
-	$des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
-	$bf_enc_obj='$(OBJ_D)/bx86-elf.o';
-	$bf_enc_src='crypto/bf/asm/bx86unix.cpp';
-	$cast_enc_obj='$(OBJ_D)/cx86-elf.o';
-	$cast_enc_src='crypto/cast/asm/cx86unix.cpp';
-	$rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
-	$rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
-	$rc5_enc_obj='$(OBJ_D)/r586-elf.o';
-	$rc5_enc_src='crypto/rc5/asm/r586unix.cpp';
-	$md5_asm_obj='$(OBJ_D)/mx86-elf.o';
-	$md5_asm_src='crypto/md5/asm/mx86unix.cpp';
-	$rmd160_asm_obj='$(OBJ_D)/rm86-elf.o';
-	$rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp';
-	$sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
-	$sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
-	}
-
-$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
-
-if ($shlib)
-	{
-	$shl_cflag=" -DPIC -fpic";
-	$shlibp=".so.$ssl_version";
-	$so_shlibp=".so";
-	}
-
-sub do_shlib_rule
-	{
-	local($obj,$target,$name,$shlib,$so_name)=@_;
-	local($ret,$_,$Name);
-
-	$target =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) target\n";
-	$ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n";
-	($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
-	if ($so_name ne "")
-		{
-		$ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
-		$ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
-		}
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-
-sub do_asm_rule
-	{
-	local($target,$src)=@_;
-	local($ret,@s,@t,$i);
-
-	$target =~ s/\//$o/g if $o ne "/";
-	$src =~ s/\//$o/g if $o ne "/";
-
-	@s=split(/\s+/,$src);
-	@t=split(/\s+/,$target);
-
-	for ($i=0; $i<=$#s; $i++)
-		{
-		$ret.="$t[$i]: $s[$i]\n";
-		$ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
-		}
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/ultrix.pl b/crypto/openssl/util/pl/ultrix.pl
deleted file mode 100644
index ea370c71f968..000000000000
--- a/crypto/openssl/util/pl/ultrix.pl
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/local/bin/perl
-#
-# linux.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-$cc='cc';
-if ($debug)
-	{ $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
-else
-	{ $cflags="-O2"; }
-
-$cflags.=" -std1 -DL_ENDIAN";
-
-if (!$no_asm)
-	{
-	$bn_asm_obj='$(OBJ_D)/mips1.o';
-	$bn_asm_src='crypto/bn/asm/mips1.s';
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/crypto/openssl/util/pl/unix.pl b/crypto/openssl/util/pl/unix.pl
deleted file mode 100644
index 146611ad9958..000000000000
--- a/crypto/openssl/util/pl/unix.pl
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/usr/local/bin/perl
-#
-# unix.pl - the standard unix makefile stuff.
-#
-
-$o='/';
-$cp='/bin/cp';
-$rm='/bin/rm -f';
-
-# C compiler stuff
-
-if ($gcc)
-	{
-	$cc='gcc';
-	if ($debug)
-		{ $cflags="-g2 -ggdb"; }
-	else
-		{ $cflags="-O3 -fomit-frame-pointer"; }
-	}
-else
-	{
-	$cc='cc';
-	if ($debug)
-		{ $cflags="-g"; }
-	else
-		{ $cflags="-O"; }
-	}
-$obj='.o';
-$ofile='-o ';
-
-# EXE linking stuff
-$link='${CC}';
-$lflags='${CFLAGS}';
-$efile='-o ';
-$exep='';
-$ex_libs="";
-
-# static library stuff
-$mklib='ar r';
-$mlflags='';
-$ranlib=&which("ranlib") or $ranlib="true";
-$plib='lib';
-$libp=".a";
-$shlibp=".a";
-$lfile='';
-
-$asm='as';
-$afile='-o ';
-$bn_asm_obj="";
-$bn_asm_src="";
-$des_enc_obj="";
-$des_enc_src="";
-$bf_enc_obj="";
-$bf_enc_src="";
-
-sub do_lib_rule
-	{
-	local($obj,$target,$name,$shlib)=@_;
-	local($ret,$_,$Name);
-
-	$target =~ s/\//$o/g if $o ne '/';
-	$target="$target";
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) $target\n";
-	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
-	$ret.="\t\$(RANLIB) $target\n\n";
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($target);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
-	return($ret);
-	}
-
-sub which
-	{
-	my ($name)=@_;
-	my $path;
-	foreach $path (split /:/, $ENV{PATH})
-		{
-		if (-x "$path/$name")
-			{
-			return "$path/$name";
-			}
-		}
-	}
-
-1;
diff --git a/crypto/openssl/util/pod2man.pl b/crypto/openssl/util/pod2man.pl
deleted file mode 100755
index 657e4e264e07..000000000000
--- a/crypto/openssl/util/pod2man.pl
+++ /dev/null
@@ -1,1183 +0,0 @@
-: #!/usr/bin/perl-5.005
-    eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
-	if $running_under_some_shell;
-
-$DEF_PM_SECTION = '3pm' || '3';
-
-=head1 NAME
-
-pod2man - translate embedded Perl pod directives into man pages
-
-=head1 SYNOPSIS
-
-B<pod2man>
-[ B<--section=>I<manext> ]
-[ B<--release=>I<relpatch> ]
-[ B<--center=>I<string> ]
-[ B<--date=>I<string> ]
-[ B<--fixed=>I<font> ]
-[ B<--official> ]
-[ B<--lax> ]
-I<inputfile>
-
-=head1 DESCRIPTION
-
-B<pod2man> converts its input file containing embedded pod directives (see
-L<perlpod>) into nroff source suitable for viewing with nroff(1) or
-troff(1) using the man(7) macro set.
-
-Besides the obvious pod conversions, B<pod2man> also takes care of
-func(), func(n), and simple variable references like $foo or @bar so
-you don't have to use code escapes for them; complex expressions like
-C<$fred{'stuff'}> will still need to be escaped, though.  Other nagging
-little roffish things that it catches include translating the minus in
-something like foo-bar, making a long dash--like this--into a real em
-dash, fixing up "paired quotes", putting a little space after the
-parens in something like func(), making C++ and PI look right, making
-double underbars have a little tiny space between them, making ALLCAPS
-a teeny bit smaller in troff(1), and escaping backslashes so you don't
-have to.
-
-=head1 OPTIONS
-
-=over 8
-
-=item center
-
-Set the centered header to a specific string.  The default is
-"User Contributed Perl Documentation", unless the C<--official> flag is
-given, in which case the default is "Perl Programmers Reference Guide".
-
-=item date
-
-Set the left-hand footer string to this value.  By default,
-the modification date of the input file will be used.
-
-=item fixed
-
-The fixed font to use for code refs.  Defaults to CW.
-
-=item official
-
-Set the default header to indicate that this page is of
-the standard release in case C<--center> is not given.
-
-=item release
-
-Set the centered footer.  By default, this is the current
-perl release.
-
-=item section
-
-Set the section for the C<.TH> macro.  The standard conventions on
-sections are to use 1 for user commands,  2 for system calls, 3 for
-functions, 4 for devices, 5 for file formats, 6 for games, 7 for
-miscellaneous information, and 8 for administrator commands.  This works
-best if you put your Perl man pages in a separate tree, like
-F</usr/local/perl/man/>.  By default, section 1 will be used
-unless the file ends in F<.pm> in which case section 3 will be selected.
-
-=item lax
-
-Don't complain when required sections aren't present.
-
-=back
-
-=head1 Anatomy of a Proper Man Page
-
-For those not sure of the proper layout of a man page, here's
-an example of the skeleton of a proper man page.  Head of the
-major headers should be setout as a C<=head1> directive, and
-are historically written in the rather startling ALL UPPER CASE
-format, although this is not mandatory.
-Minor headers may be included using C<=head2>, and are
-typically in mixed case.
-
-=over 10
-
-=item NAME
-
-Mandatory section; should be a comma-separated list of programs or
-functions documented by this podpage, such as:
-
-    foo, bar - programs to do something
-
-=item SYNOPSIS
-
-A short usage summary for programs and functions, which
-may someday be deemed mandatory.
-
-=item DESCRIPTION
-
-Long drawn out discussion of the program.  It's a good idea to break this
-up into subsections using the C<=head2> directives, like
-
-    =head2 A Sample Subection
-
-    =head2 Yet Another Sample Subection
-
-=item OPTIONS
-
-Some people make this separate from the description.
-
-=item RETURN VALUE
-
-What the program or function returns if successful.
-
-=item ERRORS
-
-Exceptions, return codes, exit stati, and errno settings.
-
-=item EXAMPLES
-
-Give some example uses of the program.
-
-=item ENVIRONMENT
-
-Envariables this program might care about.
-
-=item FILES
-
-All files used by the program.  You should probably use the FE<lt>E<gt>
-for these.
-
-=item SEE ALSO
-
-Other man pages to check out, like man(1), man(7), makewhatis(8), or catman(8).
-
-=item NOTES
-
-Miscellaneous commentary.
-
-=item CAVEATS
-
-Things to take special care with; sometimes called WARNINGS.
-
-=item DIAGNOSTICS
-
-All possible messages the program can print out--and
-what they mean.
-
-=item BUGS
-
-Things that are broken or just don't work quite right.
-
-=item RESTRICTIONS
-
-Bugs you don't plan to fix :-)
-
-=item AUTHOR
-
-Who wrote it (or AUTHORS if multiple).
-
-=item HISTORY
-
-Programs derived from other sources sometimes have this, or
-you might keep a modification log here.
-
-=back
-
-=head1 EXAMPLES
-
-    pod2man program > program.1
-    pod2man some_module.pm > /usr/perl/man/man3/some_module.3
-    pod2man --section=7 note.pod > note.7
-
-=head1 DIAGNOSTICS
-
-The following diagnostics are generated by B<pod2man>.  Items
-marked "(W)" are non-fatal, whereas the "(F)" errors will cause
-B<pod2man> to immediately exit with a non-zero status.
-
-=over 4
-
-=item bad option in paragraph %d of %s: ``%s'' should be [%s]<%s>
-
-(W) If you start include an option, you should set it off
-as bold, italic, or code.
-
-=item can't open %s: %s
-
-(F) The input file wasn't available for the given reason.
-
-=item Improper man page - no dash in NAME header in paragraph %d of %s
-
-(W) The NAME header did not have an isolated dash in it.  This is
-considered important.
-
-=item Invalid man page - no NAME line in %s
-
-(F) You did not include a NAME header, which is essential.
-
-=item roff font should be 1 or 2 chars, not `%s'  (F)
-
-(F) The font specified with the C<--fixed> option was not
-a one- or two-digit roff font.
-
-=item %s is missing required section: %s
-
-(W) Required sections include NAME, DESCRIPTION, and if you're
-using a section starting with a 3, also a SYNOPSIS.  Actually,
-not having a NAME is a fatal.
-
-=item Unknown escape: %s in %s
-
-(W) An unknown HTML entity (probably for an 8-bit character) was given via
-a C<EE<lt>E<gt>> directive.  Besides amp, lt, gt, and quot, recognized
-entities are Aacute, aacute, Acirc, acirc, AElig, aelig, Agrave, agrave,
-Aring, aring, Atilde, atilde, Auml, auml, Ccedil, ccedil, Eacute, eacute,
-Ecirc, ecirc, Egrave, egrave, ETH, eth, Euml, euml, Iacute, iacute, Icirc,
-icirc, Igrave, igrave, Iuml, iuml, Ntilde, ntilde, Oacute, oacute, Ocirc,
-ocirc, Ograve, ograve, Oslash, oslash, Otilde, otilde, Ouml, ouml, szlig,
-THORN, thorn, Uacute, uacute, Ucirc, ucirc, Ugrave, ugrave, Uuml, uuml,
-Yacute, yacute, and yuml.
-
-=item Unmatched =back
-
-(W) You have a C<=back> without a corresponding C<=over>.
-
-=item Unrecognized pod directive: %s
-
-(W) You specified a pod directive that isn't in the known list of
-C<=head1>, C<=head2>, C<=item>, C<=over>, C<=back>, or C<=cut>.
-
-
-=back
-
-=head1 NOTES
-
-If you would like to print out a lot of man page continuously, you
-probably want to set the C and D registers to set contiguous page
-numbering and even/odd paging, at least on some versions of man(7).
-Settting the F register will get you some additional experimental
-indexing:
-
-    troff -man -rC1 -rD1 -rF1 perl.1 perldata.1 perlsyn.1 ...
-
-The indexing merely outputs messages via C<.tm> for each
-major page, section, subsection, item, and any C<XE<lt>E<gt>>
-directives.
-
-
-=head1 RESTRICTIONS
-
-None at this time.
-
-=head1 BUGS
-
-The =over and =back directives don't really work right.  They
-take absolute positions instead of offsets, don't nest well, and
-making people count is suboptimal in any event.
-
-=head1 AUTHORS
-
-Original prototype by Larry Wall, but so massively hacked over by
-Tom Christiansen such that Larry probably doesn't recognize it anymore.
-
-=cut
-
-$/ = "";
-$cutting = 1;
-@Indices = ();
-
-# We try first to get the version number from a local binary, in case we're
-# running an installed version of Perl to produce documentation from an
-# uninstalled newer version's pod files.
-if ($^O ne 'plan9' and $^O ne 'dos' and $^O ne 'os2' and $^O ne 'MSWin32') {
-  my $perl = (-x './perl' && -f './perl' ) ?
-                 './perl' :
-                 ((-x '../perl' && -f '../perl') ?
-                      '../perl' :
-                      '');
-  ($version,$patch) = `$perl -e 'print $]'` =~ /^(\d\.\d{3})(\d{2})?/ if $perl;
-}
-# No luck; we'll just go with the running Perl's version
-($version,$patch) = $] =~ /^(.{5})(\d{2})?/ unless $version;
-$DEF_RELEASE  = "perl $version";
-$DEF_RELEASE .= ", patch $patch" if $patch;
-
-
-sub makedate {
-    my $secs = shift;
-    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($secs);
-    my $mname = (qw{Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec})[$mon];
-    $year += 1900;
-    return "$mday/$mname/$year";
-}
-
-use Getopt::Long;
-
-$DEF_SECTION = 1;
-$DEF_CENTER = "User Contributed Perl Documentation";
-$STD_CENTER = "Perl Programmers Reference Guide";
-$DEF_FIXED = 'CW';
-$DEF_LAX = 0;
-
-sub usage {
-    warn "$0: @_\n" if @_;
-    die <<EOF;
-usage: $0 [options] podpage
-Options are:
-	--section=manext      (default "$DEF_SECTION")
-	--release=relpatch    (default "$DEF_RELEASE")
-	--center=string       (default "$DEF_CENTER")
-	--date=string         (default "$DEF_DATE")
-	--fixed=font	      (default "$DEF_FIXED")
-	--official	      (default NOT)
-	--lax                 (default NOT)
-EOF
-}
-
-$uok = GetOptions( qw(
-	section=s
-	release=s
-	center=s
-	date=s
-	fixed=s
-	official
-	lax
-	help));
-
-$DEF_DATE = makedate((stat($ARGV[0]))[9] || time());
-
-usage("Usage error!") unless $uok;
-usage() if $opt_help;
-usage("Need one and only one podpage argument") unless @ARGV == 1;
-
-$section = $opt_section || ($ARGV[0] =~ /\.pm$/
-				? $DEF_PM_SECTION : $DEF_SECTION);
-$RP = $opt_release || $DEF_RELEASE;
-$center = $opt_center || ($opt_official ? $STD_CENTER : $DEF_CENTER);
-$lax = $opt_lax || $DEF_LAX;
-
-$CFont = $opt_fixed || $DEF_FIXED;
-
-if (length($CFont) == 2) {
-    $CFont_embed = "\\f($CFont";
-}
-elsif (length($CFont) == 1) {
-    $CFont_embed = "\\f$CFont";
-}
-else {
-    die "roff font should be 1 or 2 chars, not `$CFont_embed'";
-}
-
-$date = $opt_date || $DEF_DATE;
-
-for (qw{NAME DESCRIPTION}) {
-# for (qw{NAME DESCRIPTION AUTHOR}) {
-    $wanna_see{$_}++;
-}
-$wanna_see{SYNOPSIS}++ if $section =~ /^3/;
-
-
-$name = @ARGV ? $ARGV[0] : "<STDIN>";
-$Filename = $name;
-if ($section =~ /^1/) {
-    require File::Basename;
-    $name = uc File::Basename::basename($name);
-}
-$name =~ s/\.(pod|p[lm])$//i;
-
-# Lose everything up to the first of
-#     */lib/*perl*	standard or site_perl module
-#     */*perl*/lib	from -D prefix=/opt/perl
-#     */*perl*/		random module hierarchy
-# which works.
-$name =~ s-//+-/-g;
-if ($name =~ s-^.*?/lib/[^/]*perl[^/]*/--i
-	or $name =~ s-^.*?/[^/]*perl[^/]*/lib/--i
-	or $name =~ s-^.*?/[^/]*perl[^/]*/--i) {
-    # Lose ^site(_perl)?/.
-    $name =~ s-^site(_perl)?/--;
-    # Lose ^arch/.	(XXX should we use Config? Just for archname?)
-    $name =~ s~^(.*-$^O|$^O-.*)/~~o;
-    # Lose ^version/.
-    $name =~ s-^\d+\.\d+/--;
-}
-
-# Translate Getopt/Long to Getopt::Long, etc.
-$name =~ s(/)(::)g;
-
-if ($name ne 'something') {
-    FCHECK: {
-	open(F, "< $ARGV[0]") || die "can't open $ARGV[0]: $!";
-	while (<F>) {
-	    next unless /^=\b/;
-	    if (/^=head1\s+NAME\s*$/) {  # an /m would forgive mistakes
-		$_ = <F>;
-		unless (/\s*-+\s+/) {
-		    $oops++;
-		    warn "$0: Improper man page - no dash in NAME header in paragraph $. of $ARGV[0]\n"
-                } else {
-		    my @n = split /\s+-+\s+/;
-		    if (@n != 2) {
-			$oops++;
-			warn "$0: Improper man page - malformed NAME header in paragraph $. of $ARGV[0]\n"
-		    }
-		    else {
-			$n[0] =~ s/\n/ /g;
-			$n[1] =~ s/\n/ /g;
-			%namedesc = @n;
-		    }
-		}
-		last FCHECK;
-	    }
-	    next if /^=cut\b/;	# DB_File and Net::Ping have =cut before NAME
-	    next if /^=pod\b/;  # It is OK to have =pod before NAME
-	    die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
-	}
-	die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
-    }
-    close F;
-}
-
-print <<"END";
-.rn '' }`
-''' \$RCSfile\$\$Revision\$\$Date\$
-'''
-''' \$Log\$
-'''
-.de Sh
-.br
-.if t .Sp
-.ne 5
-.PP
-\\fB\\\\\$1\\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\\\n(.\$>=3 .ne \\\\\$3
-.el .ne 3
-.IP "\\\\\$1" \\\\\$2
-..
-.de Vb
-.ft $CFont
-.nf
-.ne \\\\\$1
-..
-.de Ve
-.ft R
-
-.fi
-..
-'''
-'''
-'''     Set up \\*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Bell System Logo is used as a dummy character.
-'''
-.tr \\(*W-|\\(bv\\*(Tr
-.ie n \\{\\
-.ds -- \\(*W-
-.ds PI pi
-.if (\\n(.H=4u)&(1m=24u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-12u'-\\" diablo 10 pitch
-.if (\\n(.H=4u)&(1m=20u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-8u'-\\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-'''   \\*(M", \\*(S", \\*(N" and \\*(T" are the equivalent of
-'''   \\*(L" and \\*(R", except that they are used on ".xx" lines,
-'''   such as .IP and .SH, which do another additional levels of
-'''   double-quote interpretation
-.ds M" """
-.ds S" """
-.ds N" """""
-.ds T" """""
-.ds L' '
-.ds R' '
-.ds M' '
-.ds S' '
-.ds N' '
-.ds T' '
-'br\\}
-.el\\{\\
-.ds -- \\(em\\|
-.tr \\*(Tr
-.ds L" ``
-.ds R" ''
-.ds M" ``
-.ds S" ''
-.ds N" ``
-.ds T" ''
-.ds L' `
-.ds R' '
-.ds M' `
-.ds S' '
-.ds N' `
-.ds T' '
-.ds PI \\(*p
-'br\\}
-END
-
-print <<'END';
-.\"	If the F register is turned on, we'll generate
-.\"	index entries out stderr for the following things:
-.\"		TH	Title 
-.\"		SH	Header
-.\"		Sh	Subsection 
-.\"		Ip	Item
-.\"		X<>	Xref  (embedded
-.\"	Of course, you have to process the output yourself
-.\"	in some meaninful fashion.
-.if \nF \{
-.de IX
-.tm Index:\\$1\t\\n%\t"\\$2"
-..
-.nr % 0
-.rr F
-.\}
-END
-
-print <<"END";
-.TH $name $section "$RP" "$date" "$center"
-.UC
-END
-
-push(@Indices, qq{.IX Title "$name $section"});
-
-while (($name, $desc) = each %namedesc) {
-    for ($name, $desc) { s/^\s+//; s/\s+$//; }
-    push(@Indices, qq(.IX Name "$name - $desc"\n));
-}
-
-print <<'END';
-.if n .hy 0
-.if n .na
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.de CQ          \" put $1 in typewriter font
-END
-print ".ft $CFont\n";
-print <<'END';
-'if n "\c
-'if t \\&\\$1\c
-'if n \\&\\$1\c
-'if n \&"
-\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
-'.ft R
-..
-.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
-.	\" AM - accent mark definitions
-.bd B 3
-.	\" fudge factors for nroff and troff
-.if n \{\
-.	ds #H 0
-.	ds #V .8m
-.	ds #F .3m
-.	ds #[ \f1
-.	ds #] \fP
-.\}
-.if t \{\
-.	ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-.	ds #V .6m
-.	ds #F 0
-.	ds #[ \&
-.	ds #] \&
-.\}
-.	\" simple accents for nroff and troff
-.if n \{\
-.	ds ' \&
-.	ds ` \&
-.	ds ^ \&
-.	ds , \&
-.	ds ~ ~
-.	ds ? ?
-.	ds ! !
-.	ds /
-.	ds q
-.\}
-.if t \{\
-.	ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-.	ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-.	ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-.	ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-.	ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-.	ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
-.	ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
-.	ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.	ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
-.\}
-.	\" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
-.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
-.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
-.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-.ds oe o\h'-(\w'o'u*4/10)'e
-.ds Oe O\h'-(\w'O'u*4/10)'E
-.	\" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-.	\" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-.	ds : e
-.	ds 8 ss
-.	ds v \h'-1'\o'\(aa\(ga'
-.	ds _ \h'-1'^
-.	ds . \h'-1'.
-.	ds 3 3
-.	ds o a
-.	ds d- d\h'-1'\(ga
-.	ds D- D\h'-1'\(hy
-.	ds th \o'bp'
-.	ds Th \o'LP'
-.	ds ae ae
-.	ds Ae AE
-.	ds oe oe
-.	ds Oe OE
-.\}
-.rm #[ #] #H #V #F C
-END
-
-$indent = 0;
-
-$begun = "";
-
-# Unrolling [^A-Z>]|[A-Z](?!<) gives:    // MRE pp 165.
-my $nonest = '(?:[^A-Z>]*(?:[A-Z](?!<)[^A-Z>]*)*)';
-
-while (<>) {
-    if ($cutting) {
-	next unless /^=/;
-	$cutting = 0;
-    }
-    if ($begun) {
-	if (/^=end\s+$begun/) {
-            $begun = "";
-	}
-	elsif ($begun =~ /^(roff|man)$/) {
-	    print STDOUT $_;
-        }
-	next;
-    }
-    chomp;
-
-    # Translate verbatim paragraph
-
-    if (/^\s/) {
-	@lines = split(/\n/);
-	for (@lines) {
-	    1 while s
-		{^( [^\t]* ) \t ( \t* ) }
-		{ $1 . ' ' x (8 - (length($1)%8) + 8 * (length($2))) }ex;
-	    s/\\/\\e/g;
-	    s/\A/\\&/s;
-	}
-	$lines = @lines;
-	makespace() unless $verbatim++;
-	print ".Vb $lines\n";
-	print join("\n", @lines), "\n";
-	print ".Ve\n";
-	$needspace = 0;
-	next;
-    }
-
-    $verbatim = 0;
-
-    if (/^=for\s+(\S+)\s*/s) {
-	if ($1 eq "man" or $1 eq "roff") {
-	    print STDOUT $',"\n\n";
-	} else {
-	    # ignore unknown for
-	}
-	next;
-    }
-    elsif (/^=begin\s+(\S+)\s*/s) {
-	$begun = $1;
-	if ($1 eq "man" or $1 eq "roff") {
-	    print STDOUT $'."\n\n";
-	}
-	next;
-    }
-
-    # check for things that'll hosed our noremap scheme; affects $_
-    init_noremap();
-
-    if (!/^=item/) {
-
-	# trofficate backslashes; must do it before what happens below
-	s/\\/noremap('\\e')/ge;
-
-	# protect leading periods and quotes against *roff
-	# mistaking them for directives
-	s/^(?:[A-Z]<)?[.']/\\&$&/gm;
-
-	# first hide the escapes in case we need to
-	# intuit something and get it wrong due to fmting
-
-	1 while s/([A-Z]<$nonest>)/noremap($1)/ge;
-
-	# func() is a reference to a perl function
-	s{
-	    \b
-	    (
-		[:\w]+ \(\)
-	    )
-	} {I<$1>}gx;
-
-	# func(n) is a reference to a perl function or a man page
-	s{
-	    ([:\w]+)
-	    (
-		\( [^\051]+ \)
-	    )
-	} {I<$1>\\|$2}gx;
-
-	# convert simple variable references
-	s/(\s+)([\$\@%][\w:]+)(?!\()/${1}C<$2>/g;
-
-	if (m{ (
-		    [\-\w]+
-		    \(
-			[^\051]*?
-			[\@\$,]
-			[^\051]*?
-		    \)
-		)
-	    }x && $` !~ /([LCI]<[^<>]*|-)$/ && !/^=\w/)
-	{
-	    warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [LCI]<$1>\n";
-	    $oops++;
-	}
-
-	while (/(-[a-zA-Z])\b/g && $` !~ /[\w\-]$/) {
-	    warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [CB]<$1>\n";
-	    $oops++;
-	}
-
-	# put it back so we get the <> processed again;
-	clear_noremap(0); # 0 means leave the E's
-
-    } else {
-	# trofficate backslashes
-	s/\\/noremap('\\e')/ge;
-
-    }
-
-    # need to hide E<> first; they're processed in clear_noremap
-    s/(E<[^<>]+>)/noremap($1)/ge;
-
-
-    $maxnest = 10;
-    while ($maxnest-- && /[A-Z]</) {
-
-	# can't do C font here
-	s/([BI])<($nonest)>/font($1) . $2 . font('R')/eg;
-
-	# files and filelike refs in italics
-	s/F<($nonest)>/I<$1>/g;
-
-	# no break -- usually we want C<> for this
-	s/S<($nonest)>/nobreak($1)/eg;
-
-	# LREF: a la HREF L<show this text|man/section>
-	s:L<([^|>]+)\|[^>]+>:$1:g;
-
-	# LREF: a manpage(3f)
-	s:L<([a-zA-Z][^\s\/]+)(\([^\)]+\))?>:the I<$1>$2 manpage:g;
-
-	# LREF: an =item on another manpage
-	s{
-	    L<
-		([^/]+)
-		/
-		(
-		    [:\w]+
-		    (\(\))?
-		)
-	    >
-	} {the C<$2> entry in the I<$1> manpage}gx;
-
-	# LREF: an =item on this manpage
-	s{
-	   ((?:
-	    L<
-		/
-		(
-		    [:\w]+
-		    (\(\))?
-		)
-	    >
-	    (,?\s+(and\s+)?)?
-	  )+)
-	} { internal_lrefs($1) }gex;
-
-	# LREF: a =head2 (head1?), maybe on a manpage, maybe right here
-	# the "func" can disambiguate
-	s{
-	    L<
-		(?:
-		    ([a-zA-Z]\S+?) /
-		)?
-		"?(.*?)"?
-	    >
-	}{
-	    do {
-		$1 	# if no $1, assume it means on this page.
-		    ?  "the section on I<$2> in the I<$1> manpage"
-		    :  "the section on I<$2>"
-	    }
-	}gesx; # s in case it goes over multiple lines, so . matches \n
-
-	s/Z<>/\\&/g;
-
-	# comes last because not subject to reprocessing
-	s/C<($nonest)>/noremap("${CFont_embed}${1}\\fR")/eg;
-    }
-
-    if (s/^=//) {
-	$needspace = 0;		# Assume this.
-
-	s/\n/ /g;
-
-	($Cmd, $_) = split(' ', $_, 2);
-
-	$dotlevel = 1;
-	if ($Cmd eq 'head1') {
-	   $dotlevel = 1;
-	}
-	elsif ($Cmd eq 'head2') {
-	   $dotlevel = 1;
-	}
-	elsif ($Cmd eq 'item') {
-	   $dotlevel = 2;
-	}
-
-	if (defined $_) {
-	    &escapes($dotlevel);
-	    s/"/""/g;
-	}
-
-	clear_noremap(1);
-
-	if ($Cmd eq 'cut') {
-	    $cutting = 1;
-	}
-	elsif ($Cmd eq 'head1') {
-	    s/\s+$//;
-	    delete $wanna_see{$_} if exists $wanna_see{$_};
-	    print qq{.SH "$_"\n};
-      push(@Indices, qq{.IX Header "$_"\n});
-	}
-	elsif ($Cmd eq 'head2') {
-	    print qq{.Sh "$_"\n};
-      push(@Indices, qq{.IX Subsection "$_"\n});
-	}
-	elsif ($Cmd eq 'over') {
-	    push(@indent,$indent);
-	    $indent += ($_ + 0) || 5;
-	}
-	elsif ($Cmd eq 'back') {
-	    $indent = pop(@indent);
-	    warn "$0: Unmatched =back in paragraph $. of $ARGV\n" unless defined $indent;
-	    $needspace = 1;
-	}
-	elsif ($Cmd eq 'item') {
-	    s/^\*( |$)/\\(bu$1/g;
-	    # if you know how to get ":s please do
-	    s/\\\*\(L"([^"]+?)\\\*\(R"/'$1'/g;
-	    s/\\\*\(L"([^"]+?)""/'$1'/g;
-	    s/[^"]""([^"]+?)""[^"]/'$1'/g;
-	    # here do something about the $" in perlvar?
-	    print STDOUT qq{.Ip "$_" $indent\n};
-      push(@Indices, qq{.IX Item "$_"\n});
-	}
-	elsif ($Cmd eq 'pod') {
-	    # this is just a comment
-	} 
-	else {
-	    warn "$0: Unrecognized pod directive in paragraph $. of $ARGV: $Cmd\n";
-	}
-    }
-    else {
-	if ($needspace) {
-	    &makespace;
-	}
-	&escapes(0);
-	clear_noremap(1);
-	print $_, "\n";
-	$needspace = 1;
-    }
-}
-
-print <<"END";
-
-.rn }` ''
-END
-
-if (%wanna_see && !$lax) {
-    @missing = keys %wanna_see;
-    warn "$0: $Filename is missing required section"
-	.  (@missing > 1 && "s")
-	.  ": @missing\n";
-    $oops++;
-}
-
-foreach (@Indices) { print "$_\n"; }
-
-exit;
-#exit ($oops != 0);
-
-#########################################################################
-
-sub nobreak {
-    my $string = shift;
-    $string =~ s/ /\\ /g;
-    $string;
-}
-
-sub escapes {
-    my $indot = shift;
-
-    s/X<(.*?)>/mkindex($1)/ge;
-
-    # translate the minus in foo-bar into foo\-bar for roff
-    s/([^0-9a-z-])-([^-])/$1\\-$2/g;
-
-    # make -- into the string version \*(-- (defined above)
-    s/\b--\b/\\*(--/g;
-    s/"--([^"])/"\\*(--$1/g;  # should be a better way
-    s/([^"])--"/$1\\*(--"/g;
-
-    # fix up quotes; this is somewhat tricky
-    my $dotmacroL = 'L';
-    my $dotmacroR = 'R';
-    if ( $indot == 1 ) {
-	$dotmacroL = 'M';
-	$dotmacroR = 'S';
-    }  
-    elsif ( $indot >= 2 ) {
-	$dotmacroL = 'N';
-	$dotmacroR = 'T';
-    }  
-    if (!/""/) {
-	s/(^|\s)(['"])/noremap("$1\\*($dotmacroL$2")/ge;
-	s/(['"])($|[\-\s,;\\!?.])/noremap("\\*($dotmacroR$1$2")/ge;
-    }
-
-    #s/(?!")(?:.)--(?!")(?:.)/\\*(--/g;
-    #s/(?:(?!")(?:.)--(?:"))|(?:(?:")--(?!")(?:.))/\\*(--/g;
-
-
-    # make sure that func() keeps a bit a space tween the parens
-    ### s/\b\(\)/\\|()/g;
-    ### s/\b\(\)/(\\|)/g;
-
-    # make C++ into \*C+, which is a squinched version (defined above)
-    s/\bC\+\+/\\*(C+/g;
-
-    # make double underbars have a little tiny space between them
-    s/__/_\\|_/g;
-
-    # PI goes to \*(PI (defined above)
-    s/\bPI\b/noremap('\\*(PI')/ge;
-
-    # make all caps a teeny bit smaller, but don't muck with embedded code literals
-    my $hidCFont = font('C');
-    if ($Cmd !~ /^head1/) { # SH already makes smaller
-	# /g isn't enough; 1 while or we'll be off
-
-#	1 while s{
-#	    (?!$hidCFont)(..|^.|^)
-#	    \b
-#	    (
-#		[A-Z][\/A-Z+:\-\d_$.]+
-#	    )
-#	    (s?) 		
-#	    \b
-#	} {$1\\s-1$2\\s0}gmox;
-
-	1 while s{
-	    (?!$hidCFont)(..|^.|^)
-	    (
-		\b[A-Z]{2,}[\/A-Z+:\-\d_\$]*\b
-	    )
-	} {
-	    $1 . noremap( '\\s-1' .  $2 . '\\s0' )
-	}egmox;
-
-    }
-}
-
-# make troff just be normal, but make small nroff get quoted
-# decided to just put the quotes in the text; sigh;
-sub ccvt {
-    local($_,$prev) = @_;
-    noremap(qq{.CQ "$_" \n\\&});
-}
-
-sub makespace {
-    if ($indent) {
-	print ".Sp\n";
-    }
-    else {
-	print ".PP\n";
-    }
-}
-
-sub mkindex {
-    my ($entry) = @_;
-    my @entries = split m:\s*/\s*:, $entry;
-    push @Indices, ".IX Xref " . join ' ', map {qq("$_")} @entries;
-    return '';
-}
-
-sub font {
-    local($font) = shift;
-    return '\\f' . noremap($font);
-}
-
-sub noremap {
-    local($thing_to_hide) = shift;
-    $thing_to_hide =~ tr/\000-\177/\200-\377/;
-    return $thing_to_hide;
-}
-
-sub init_noremap {
-	# escape high bit characters in input stream
-	s/([\200-\377])/"E<".ord($1).">"/ge;
-}
-
-sub clear_noremap {
-    my $ready_to_print = $_[0];
-
-    tr/\200-\377/\000-\177/;
-
-    # trofficate backslashes
-    # s/(?!\\e)(?:..|^.|^)\\/\\e/g;
-
-    # now for the E<>s, which have been hidden until now
-    # otherwise the interative \w<> processing would have
-    # been hosed by the E<gt>
-    s {
-	    E<
-	    (
-	        ( \d + ) 
-	        | ( [A-Za-z]+ )	
-	    )
-	    >	
-    } {
-	 do {
-	     defined $2
-		? chr($2)
-		:	
-	     exists $HTML_Escapes{$3}
-		? do { $HTML_Escapes{$3} }
-		: do {
-		    warn "$0: Unknown escape in paragraph $. of $ARGV: ``$&''\n";
-		    "E<$1>";
-		}
-	 }
-    }egx if $ready_to_print;
-}
-
-sub internal_lrefs {
-    local($_) = shift;
-    local $trailing_and = s/and\s+$// ? "and " : "";
-
-    s{L</([^>]+)>}{$1}g;
-    my(@items) = split( /(?:,?\s+(?:and\s+)?)/ );
-    my $retstr = "the ";
-    my $i;
-    for ($i = 0; $i <= $#items; $i++) {
-	$retstr .= "C<$items[$i]>";
-	$retstr .= ", " if @items > 2 && $i != $#items;
-	$retstr .= " and " if $i+2 == @items;
-    }
-
-    $retstr .= " entr" . ( @items > 1  ? "ies" : "y" )
-	    .  " elsewhere in this document";
-    # terminal space to avoid words running together (pattern used
-    # strips terminal spaces)
-    $retstr .= " " if length $trailing_and;
-    $retstr .=  $trailing_and;
-
-    return $retstr;
-
-}
-
-BEGIN {
-%HTML_Escapes = (
-    'amp'	=>	'&',	#   ampersand
-    'lt'	=>	'<',	#   left chevron, less-than
-    'gt'	=>	'>',	#   right chevron, greater-than
-    'quot'	=>	'"',	#   double quote
-
-    "Aacute"	=>	"A\\*'",	#   capital A, acute accent
-    "aacute"	=>	"a\\*'",	#   small a, acute accent
-    "Acirc"	=>	"A\\*^",	#   capital A, circumflex accent
-    "acirc"	=>	"a\\*^",	#   small a, circumflex accent
-    "AElig"	=>	'\*(AE',	#   capital AE diphthong (ligature)
-    "aelig"	=>	'\*(ae',	#   small ae diphthong (ligature)
-    "Agrave"	=>	"A\\*`",	#   capital A, grave accent
-    "agrave"	=>	"A\\*`",	#   small a, grave accent
-    "Aring"	=>	'A\\*o',	#   capital A, ring
-    "aring"	=>	'a\\*o',	#   small a, ring
-    "Atilde"	=>	'A\\*~',	#   capital A, tilde
-    "atilde"	=>	'a\\*~',	#   small a, tilde
-    "Auml"	=>	'A\\*:',	#   capital A, dieresis or umlaut mark
-    "auml"	=>	'a\\*:',	#   small a, dieresis or umlaut mark
-    "Ccedil"	=>	'C\\*,',	#   capital C, cedilla
-    "ccedil"	=>	'c\\*,',	#   small c, cedilla
-    "Eacute"	=>	"E\\*'",	#   capital E, acute accent
-    "eacute"	=>	"e\\*'",	#   small e, acute accent
-    "Ecirc"	=>	"E\\*^",	#   capital E, circumflex accent
-    "ecirc"	=>	"e\\*^",	#   small e, circumflex accent
-    "Egrave"	=>	"E\\*`",	#   capital E, grave accent
-    "egrave"	=>	"e\\*`",	#   small e, grave accent
-    "ETH"	=>	'\\*(D-',	#   capital Eth, Icelandic
-    "eth"	=>	'\\*(d-',	#   small eth, Icelandic
-    "Euml"	=>	"E\\*:",	#   capital E, dieresis or umlaut mark
-    "euml"	=>	"e\\*:",	#   small e, dieresis or umlaut mark
-    "Iacute"	=>	"I\\*'",	#   capital I, acute accent
-    "iacute"	=>	"i\\*'",	#   small i, acute accent
-    "Icirc"	=>	"I\\*^",	#   capital I, circumflex accent
-    "icirc"	=>	"i\\*^",	#   small i, circumflex accent
-    "Igrave"	=>	"I\\*`",	#   capital I, grave accent
-    "igrave"	=>	"i\\*`",	#   small i, grave accent
-    "Iuml"	=>	"I\\*:",	#   capital I, dieresis or umlaut mark
-    "iuml"	=>	"i\\*:",	#   small i, dieresis or umlaut mark
-    "Ntilde"	=>	'N\*~',		#   capital N, tilde
-    "ntilde"	=>	'n\*~',		#   small n, tilde
-    "Oacute"	=>	"O\\*'",	#   capital O, acute accent
-    "oacute"	=>	"o\\*'",	#   small o, acute accent
-    "Ocirc"	=>	"O\\*^",	#   capital O, circumflex accent
-    "ocirc"	=>	"o\\*^",	#   small o, circumflex accent
-    "Ograve"	=>	"O\\*`",	#   capital O, grave accent
-    "ograve"	=>	"o\\*`",	#   small o, grave accent
-    "Oslash"	=>	"O\\*/",	#   capital O, slash
-    "oslash"	=>	"o\\*/",	#   small o, slash
-    "Otilde"	=>	"O\\*~",	#   capital O, tilde
-    "otilde"	=>	"o\\*~",	#   small o, tilde
-    "Ouml"	=>	"O\\*:",	#   capital O, dieresis or umlaut mark
-    "ouml"	=>	"o\\*:",	#   small o, dieresis or umlaut mark
-    "szlig"	=>	'\*8',		#   small sharp s, German (sz ligature)
-    "THORN"	=>	'\\*(Th',	#   capital THORN, Icelandic
-    "thorn"	=>	'\\*(th',,	#   small thorn, Icelandic
-    "Uacute"	=>	"U\\*'",	#   capital U, acute accent
-    "uacute"	=>	"u\\*'",	#   small u, acute accent
-    "Ucirc"	=>	"U\\*^",	#   capital U, circumflex accent
-    "ucirc"	=>	"u\\*^",	#   small u, circumflex accent
-    "Ugrave"	=>	"U\\*`",	#   capital U, grave accent
-    "ugrave"	=>	"u\\*`",	#   small u, grave accent
-    "Uuml"	=>	"U\\*:",	#   capital U, dieresis or umlaut mark
-    "uuml"	=>	"u\\*:",	#   small u, dieresis or umlaut mark
-    "Yacute"	=>	"Y\\*'",	#   capital Y, acute accent
-    "yacute"	=>	"y\\*'",	#   small y, acute accent
-    "yuml"	=>	"y\\*:",	#   small y, dieresis or umlaut mark
-);
-}
-
diff --git a/crypto/openssl/util/pod2mantest b/crypto/openssl/util/pod2mantest
deleted file mode 100755
index 412ca8d6d88b..000000000000
--- a/crypto/openssl/util/pod2mantest
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/sh
-
-# This script is used by test/Makefile.ssl to check whether a sane 'pod2man'
-# is installed.
-# ('make install' should not try to run 'pod2man' if it does not exist or if
-# it is a broken 'pod2man' version that is known to cause trouble. if we find
-# the system 'pod2man' to be broken, we use our own copy instead)
-#
-# In any case, output an appropriate command line for running (or not
-# running) pod2man.
-
-
-IFS=:
-if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi
-
-try_without_dir=true
-# First we try "pod2man", then "$dir/pod2man" for each item in $PATH.
-for dir in dummy${IFS}$PATH; do
-    if [ "$try_without_dir" = true ]; then
-      # first iteration
-      pod2man=pod2man
-      try_without_dir=false
-    else
-      # second and later iterations
-      pod2man="$dir/pod2man"
-      if [ ! -f "$pod2man" ]; then  # '-x' is not available on Ultrix
-        pod2man=''
-      fi
-    fi
-
-    if [ ! "$pod2man" = '' ]; then
-        failure=none
-
-	if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | fgrep OpenSSL >/dev/null; then
-	    :
-	else
-	    failure=BasicTest
-	fi
-
-	if [ "$failure" = none ]; then
-	    if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | grep '^MARKER - ' >/dev/null; then
-	        failure=MultilineTest
-	    fi
-	fi
-
-
-        if [ "$failure" = none ]; then
-            echo "$pod2man"
-            exit 0
-        fi
-
-        echo "$pod2man does not work properly ('$failure' failed).  Looking for another pod2man ..." >&2
-    fi
-done
-
-echo "No working pod2man found.  Consider installing a new version." >&2
-echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2
-echo "$1 ../../util/pod2man.pl"
diff --git a/crypto/openssl/util/pod2mantest.pod b/crypto/openssl/util/pod2mantest.pod
deleted file mode 100644
index 5d2539a17fb1..000000000000
--- a/crypto/openssl/util/pod2mantest.pod
+++ /dev/null
@@ -1,15 +0,0 @@
-=pod
-
-=head1 NAME
-
-foo, bar,
-MARKER - test of multiline name section
-
-=head1 DESCRIPTION
-
-This is a test .pod file to see if we have a buggy pod2man or not.
-If we have a buggy implementation, we will get a line matching the
-regular expression "^ +MARKER - test of multiline name section *$"
-at the end of the resulting document.
-
-=cut
diff --git a/crypto/openssl/util/point.sh b/crypto/openssl/util/point.sh
deleted file mode 100755
index ce7dcc56dfa7..000000000000
--- a/crypto/openssl/util/point.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-rm -f $2
-if test "$OSTYPE" = msdosdjgpp; then
-    cp $1 $2
-else
-    ln -s $1 $2
-fi
-echo "$2 => $1"
-
diff --git a/crypto/openssl/util/selftest.pl b/crypto/openssl/util/selftest.pl
deleted file mode 100644
index 276b81183d29..000000000000
--- a/crypto/openssl/util/selftest.pl
+++ /dev/null
@@ -1,195 +0,0 @@
-#!/usr/local/bin/perl -w
-#
-# Run the test suite and generate a report
-#
-
-if (! -f "Configure") {
-    print "Please run perl util/selftest.pl in the OpenSSL directory.\n";
-    exit 1;
-}
-
-my $report="testlog";
-my $os="??";
-my $version="??";
-my $platform0="??";
-my $platform="??";
-my $options="??";
-my $last="??";
-my $ok=0;
-my $cc="cc";
-my $cversion="??";
-my $sep="-----------------------------------------------------------------------------\n";
-my $not_our_fault="\nPlease ask your system administrator/vendor for more information.\n[Problems with your operating system setup should not be reported\nto the OpenSSL project.]\n";
-
-open(OUT,">$report") or die;
-
-print OUT "OpenSSL self-test report:\n\n";
-
-$uname=`uname -a`;
-$uname="??\n" if $uname eq "";
-
-$c=`sh config -t`;
-foreach $_ (split("\n",$c)) {
-    $os=$1 if (/Operating system: (.*)$/);
-    $platform0=$1 if (/Configuring for (.*)$/);
-}
-
-system "sh config" if (! -f "Makefile.ssl");
-
-if (open(IN,"<Makefile.ssl")) {
-    while (<IN>) {
-	$version=$1 if (/^VERSION=(.*)$/);
-	$platform=$1 if (/^PLATFORM=(.*)$/);
-	$options=$1 if (/^OPTIONS=(.*)$/);
-	$cc=$1 if (/^CC= *(.*)$/);
-    }
-    close(IN);
-} else {
-    print OUT "Error running config!\n";
-}
-
-$cversion=`$cc -v 2>&1`;
-$cversion=`$cc -V 2>&1` if $cversion =~ "usage";
-$cversion=`$cc -V |head -1` if $cversion =~ "Error";
-$cversion=`$cc --version` if $cversion eq "";
-$cversion =~ s/Reading specs.*\n//;
-$cversion =~ s/usage.*\n//;
-chomp $cversion;
-
-if (open(IN,"<CHANGES")) {
-    while(<IN>) {
-	if (/\*\) (.{0,55})/ && !/applies to/) {
-	    $last=$1;
-	    last;
-	}
-    }
-    close(IN);
-}
-
-print OUT "OpenSSL version:  $version\n";
-print OUT "Last change:      $last...\n";
-print OUT "Options:          $options\n" if $options ne "";
-print OUT "OS (uname):       $uname";
-print OUT "OS (config):      $os\n";
-print OUT "Target (default): $platform0\n";
-print OUT "Target:           $platform\n";
-print OUT "Compiler:         $cversion\n";
-print OUT "\n";
-
-print "Checking compiler...\n";
-if (open(TEST,">cctest.c")) {
-    print TEST "#include <stdio.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
-    close(TEST);
-    system("$cc -o cctest cctest.c");
-    if (`./cctest` !~ /Hello world/) {
-	print OUT "Compiler doesn't work.\n";
-	print OUT $not_our_fault;
-	goto err;
-    }
-    system("ar r cctest.a /dev/null");
-    if (not -f "cctest.a") {
-	print OUT "Check your archive tool (ar).\n";
-	print OUT $not_our_fault;
-	goto err;
-    }
-} else {
-    print OUT "Can't create cctest.c\n";
-}
-if (open(TEST,">cctest.c")) {
-    print TEST "#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
-    close(TEST);
-    system("$cc -o cctest -Iinclude cctest.c");
-    $cctest = `./cctest`;
-    if ($cctest !~ /OpenSSL $version/) {
-	if ($cctest =~ /OpenSSL/) {
-	    print OUT "#include uses headers from different OpenSSL version!\n";
-	} else {
-	    print OUT "Can't compile test program!\n";
-	}
-	print OUT $not_our_fault;
-	goto err;
-    }
-} else {
-    print OUT "Can't create cctest.c\n";
-}
-
-print "Running make...\n";
-if (system("make 2>&1 | tee make.log") > 255) {
-
-    print OUT "make failed!\n";
-    if (open(IN,"<make.log")) {
-	print OUT $sep;
-	while (<IN>) {
-	    print OUT;
-	}
-	close(IN);
-	print OUT $sep;
-    } else {
-	print OUT "make.log not found!\n";
-    }
-    goto err;
-}
-
-$_=$options;
-s/no-asm//;
-s/no-shared//;
-s/no-krb5//;
-if (/no-/)
-{
-    print OUT "Test skipped.\n";
-    goto err;
-}
-
-print "Running make test...\n";
-if (system("make test 2>&1 | tee maketest.log") > 255)
- {
-    print OUT "make test failed!\n";
-} else {
-    $ok=1;
-}
-
-if ($ok and open(IN,"<maketest.log")) {
-    while (<IN>) {
-	$ok=2 if /^platform: $platform/;
-    }
-    close(IN);
-}
-
-if ($ok != 2) {
-    print OUT "Failure!\n";
-    if (open(IN,"<make.log")) {
-	print OUT $sep;
-	while (<IN>) {
-	    print OUT;
-	}
-	close(IN);
-	print OUT $sep;
-    } else {
-	print OUT "make.log not found!\n";
-    }
-    if (open(IN,"<maketest.log")) {
-	while (<IN>) {
-	    print OUT;
-	}
-	close(IN);
-	print OUT $sep;
-    } else {
-	print OUT "maketest.log not found!\n";
-    }
-} else {
-    print OUT "Test passed.\n";
-}
-err:
-close(OUT);
-
-print "\n";
-open(IN,"<$report") or die;
-while (<IN>) {
-    if (/$sep/) {
-	print "[...]\n";
-	last;
-    }
-    print;
-}
-print "\nTest report in file $report\n";
-
diff --git a/crypto/openssl/util/sep_lib.sh b/crypto/openssl/util/sep_lib.sh
deleted file mode 100755
index 34c2c9f8ba9a..000000000000
--- a/crypto/openssl/util/sep_lib.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-cwd=`pwd`
-/bin/rm -fr tmp/*
-
-cd crypto/des
-make -f Makefile.uni tar
-make -f Makefile.uni tar_lit
-/bin/mv libdes.tgz $cwd/tmp
-/bin/mv libdes-l.tgz $cwd/tmp
-cd $cwd
-
-for name in md5 sha cast bf idea rc4 rc2
-do
-	echo doing $name
-	(cd crypto; tar cfh - $name)|(cd tmp; tar xf -)
-	cd tmp/$name
-	/bin/rm -f Makefile
-	/bin/rm -f Makefile.ssl
-	/bin/rm -f Makefile.ssl.orig
-	/bin/rm -f *.old
-	/bin/mv Makefile.uni Makefile
-
-	if [ -d asm ]; then
-		mkdir asm/perlasm
-		cp $cwd/crypto/perlasm/*.pl asm/perlasm
-	fi
-	cd ..
-	tar cf - $name|gzip >$name.tgz
-#	/bin/rm -fr $name
-	cd $cwd
-done
-
-
diff --git a/crypto/openssl/util/sp-diff.pl b/crypto/openssl/util/sp-diff.pl
deleted file mode 100755
index 9d6c60387fa1..000000000000
--- a/crypto/openssl/util/sp-diff.pl
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/local/bin/perl
-#
-# This file takes as input, the files that have been output from
-# ssleay speed.
-# It prints a table of the relative differences with %100 being 'no difference'
-#
-
-($#ARGV == 1) || die "$0 speedout1 speedout2\n";
-
-%one=&loadfile($ARGV[0]);
-%two=&loadfile($ARGV[1]);
-
-$line=0;
-foreach $a ("md2","md4","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
-	"idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc")
-	{
-	if (defined($one{$a,8}) && defined($two{$a,8}))
-		{
-		print "type              8 byte%    64 byte%   256 byte%  1024 byte%  8192 byte%\n"
-			unless $line;
-		$line++;
-		printf "%-12s ",$a;
-		foreach $b (8,64,256,1024,8192)
-			{
-			$r=$two{$a,$b}/$one{$a,$b}*100;
-			printf "%12.2f",$r;
-			}
-		print "\n";
-		}
-	}
-
-foreach $a	(
-		"rsa  512","rsa 1024","rsa 2048","rsa 4096",
-		"dsa  512","dsa 1024","dsa 2048",
-		)
-	{
-	if (defined($one{$a,1}) && defined($two{$a,1}))
-		{
-		$r1=($one{$a,1}/$two{$a,1})*100;
-		$r2=($one{$a,2}/$two{$a,2})*100;
-		printf "$a bits %%    %6.2f %%    %6.2f\n",$r1,$r2;
-		}
-	}
-
-sub loadfile
-	{
-	local($file)=@_;
-	local($_,%ret);
-
-	open(IN,"<$file") || die "unable to open '$file' for input\n";
-	$header=1;
-	while (<IN>)
-		{
-		$header=0 if /^[dr]sa/;
-		if (/^type/) { $header=0; next; }
-		next if $header;
-		chop;
-		@a=split;
-		if ($a[0] =~ /^[dr]sa$/)
-			{
-			($n,$t1,$t2)=($_ =~ /^([dr]sa\s+\d+)\s+bits\s+([.\d]+)s\s+([.\d]+)/);
-			$ret{$n,1}=$t1;
-			$ret{$n,2}=$t2;
-			}
-		else
-			{
-			$n=join(' ',grep(/[^k]$/,@a));
-			@k=grep(s/k$//,@a);
-			
-			$ret{$n,   8}=$k[0];
-			$ret{$n,  64}=$k[1];
-			$ret{$n, 256}=$k[2];
-			$ret{$n,1024}=$k[3];
-			$ret{$n,8192}=$k[4];
-			}
-		}
-	close(IN);
-	return(%ret);
-	}
-
diff --git a/crypto/openssl/util/speed.sh b/crypto/openssl/util/speed.sh
deleted file mode 100755
index f489706197b2..000000000000
--- a/crypto/openssl/util/speed.sh
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-
-#
-# This is a ugly script use, in conjuction with editing the 'b'
-# configuration in the $(TOP)/Configure script which will
-# output when finished a file called speed.log which is the
-# timings of SSLeay with various options turned on or off.
-#
-# from the $(TOP) directory
-# Edit Configure, modifying things to do with the b/bl-4c-2c etc
-# configurations.
-#
-
-make clean
-perl Configure b
-make
-apps/ssleay version -v -b -f >speed.1
-apps/ssleay speed >speed.1l
-
-perl Configure bl-4c-2c
-/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
-make
-apps/ssleay speed rc4 rsa md2 >speed.2l
-
-perl Configure bl-4c-ri
-/bin/rm -f crypto/rc4/rc4*.o
-make
-apps/ssleay speed rc4 >speed.3l
-
-perl Configure b2-is-ri-dp
-/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
-apps/ssleay speed rsa rc4 idea des >speed.4l
-
-cat speed.1 >speed.log
-cat speed.1l >>speed.log
-perl util/sp-diff.pl speed.1l speed.2l >>speed.log
-perl util/sp-diff.pl speed.1l speed.3l >>speed.log
-perl util/sp-diff.pl speed.1l speed.4l >>speed.log
-
diff --git a/crypto/openssl/util/src-dep.pl b/crypto/openssl/util/src-dep.pl
deleted file mode 100755
index ad997e474683..000000000000
--- a/crypto/openssl/util/src-dep.pl
+++ /dev/null
@@ -1,147 +0,0 @@
-#!/usr/local/bin/perl
-
-# we make up an array of
-# $file{function_name}=filename;
-# $unres{filename}="func1 func2 ...."
-$debug=1;
-#$nm_func="parse_linux";
-$nm_func="parse_solaris";
-
-foreach (@ARGV)
-	{
-	&$nm_func($_);
-	}
-
-foreach $file (sort keys %unres)
-	{
-	@a=split(/\s+/,$unres{$file});
-	%ff=();
-	foreach $func (@a)
-		{
-		$f=$file{$func};
-		$ff{$f}=1 if $f ne "";
-		}
-
-	foreach $a (keys %ff)
-		{ $we_need{$file}.="$a "; }
-	}
-
-foreach $file (sort keys %we_need)
-	{
-#	print "	$file $we_need{$file}\n";
-	foreach $bit (split(/\s+/,$we_need{$file}))
-		{ push(@final,&walk($bit)); }
-
-	foreach (@final) { $fin{$_}=1; }
-	@final="";
-	foreach (sort keys %fin)
-		{ push(@final,$_); }
-
-	print "$file: @final\n";
-	}
-
-sub walk
-	{
-	local($f)=@_;
-	local(@a,%seen,@ret,$r);
-
-	@ret="";
-	$f =~ s/^\s+//;
-	$f =~ s/\s+$//;
-	return "" if ($f =~ "^\s*$");
-
-	return(split(/\s/,$done{$f})) if defined ($done{$f});
-
-	return if $in{$f} > 0;
-	$in{$f}++;
-	push(@ret,$f);
-	foreach $r (split(/\s+/,$we_need{$f}))
-		{
-		push(@ret,&walk($r));
-		}
-	$in{$f}--;
-	$done{$f}=join(" ",@ret);
-	return(@ret);
-	}
-
-sub parse_linux
-	{
-	local($name)=@_;
-
-	open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
-	while (<IN>)
-		{
-		chop;
-		next if /^\s*$/;
-		if (/^[^[](.*):$/)
-			{
-			$file=$1;
-			$file="$1.c" if /\[(.*).o\]/;
-			print STDERR "$file\n";
-			$we_need{$file}=" ";
-			next;
-			}
-
-		@a=split(/\s*\|\s*/);
-		next unless $#a == 7;
-		next unless $a[4] eq "GLOB";
-		if ($a[6] eq "UNDEF")
-			{
-			$unres{$file}.=$a[7]." ";
-			}
-		else
-			{
-			if ($file{$a[7]} ne "")
-				{
-				print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
-				}
-			else
-				{
-				$file{$a[7]}=$file;
-				}
-			}
-		}
-	close(IN);
-	}
-
-sub parse_solaris
-	{
-	local($name)=@_;
-
-	open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
-	while (<IN>)
-		{
-		chop;
-		next if /^\s*$/;
-		if (/^(\S+):$/)
-			{
-			$file=$1;
-			#$file="$1.c" if $file =~ /^(.*).o$/;
-			print STDERR "$file\n";
-			$we_need{$file}=" ";
-			next;
-			}
-		@a=split(/\s*\|\s*/);
-		next unless $#a == 7;
-		next unless $a[4] eq "GLOB";
-		if ($a[6] eq "UNDEF")
-			{
-			$unres{$file}.=$a[7]." ";
-			print STDERR "$file needs $a[7]\n" if $debug;
-			}
-		else
-			{
-			if ($file{$a[7]} ne "")
-				{
-				print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
-				}
-			else
-				{
-				$file{$a[7]}=$file;
-				print STDERR "$file has $a[7]\n" if $debug;
-				}
-			}
-		}
-	close(IN);
-	}
-
diff --git a/crypto/openssl/util/ssleay.num b/crypto/openssl/util/ssleay.num
deleted file mode 100755
index 46e38a131f99..000000000000
--- a/crypto/openssl/util/ssleay.num
+++ /dev/null
@@ -1,217 +0,0 @@
-ERR_load_SSL_strings                    1	EXIST::FUNCTION:
-SSL_CIPHER_description                  2	EXIST::FUNCTION:
-SSL_CTX_add_client_CA                   3	EXIST::FUNCTION:
-SSL_CTX_add_session                     4	EXIST::FUNCTION:
-SSL_CTX_check_private_key               5	EXIST::FUNCTION:
-SSL_CTX_ctrl                            6	EXIST::FUNCTION:
-SSL_CTX_flush_sessions                  7	EXIST::FUNCTION:
-SSL_CTX_free                            8	EXIST::FUNCTION:
-SSL_CTX_get_client_CA_list              9	EXIST::FUNCTION:
-SSL_CTX_get_verify_callback             10	EXIST::FUNCTION:
-SSL_CTX_get_verify_mode                 11	EXIST::FUNCTION:
-SSL_CTX_new                             12	EXIST::FUNCTION:
-SSL_CTX_remove_session                  13	EXIST::FUNCTION:
-SSL_CTX_set_cipher_list                 15	EXIST::FUNCTION:
-SSL_CTX_set_client_CA_list              16	EXIST::FUNCTION:
-SSL_CTX_set_default_passwd_cb           17	EXIST::FUNCTION:
-SSL_CTX_set_ssl_version                 19	EXIST::FUNCTION:
-SSL_CTX_set_verify                      21	EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey                  22	EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey_ASN1             23	EXIST::FUNCTION:
-SSL_CTX_use_PrivateKey_file             24	EXIST::FUNCTION:STDIO
-SSL_CTX_use_RSAPrivateKey               25	EXIST::FUNCTION:RSA
-SSL_CTX_use_RSAPrivateKey_ASN1          26	EXIST::FUNCTION:RSA
-SSL_CTX_use_RSAPrivateKey_file          27	EXIST::FUNCTION:RSA,STDIO
-SSL_CTX_use_certificate                 28	EXIST::FUNCTION:
-SSL_CTX_use_certificate_ASN1            29	EXIST::FUNCTION:
-SSL_CTX_use_certificate_file            30	EXIST::FUNCTION:STDIO
-SSL_SESSION_free                        31	EXIST::FUNCTION:
-SSL_SESSION_new                         32	EXIST::FUNCTION:
-SSL_SESSION_print                       33	EXIST::FUNCTION:BIO
-SSL_SESSION_print_fp                    34	EXIST::FUNCTION:FP_API
-SSL_accept                              35	EXIST::FUNCTION:
-SSL_add_client_CA                       36	EXIST::FUNCTION:
-SSL_alert_desc_string                   37	EXIST::FUNCTION:
-SSL_alert_desc_string_long              38	EXIST::FUNCTION:
-SSL_alert_type_string                   39	EXIST::FUNCTION:
-SSL_alert_type_string_long              40	EXIST::FUNCTION:
-SSL_check_private_key                   41	EXIST::FUNCTION:
-SSL_clear                               42	EXIST::FUNCTION:
-SSL_connect                             43	EXIST::FUNCTION:
-SSL_copy_session_id                     44	EXIST::FUNCTION:
-SSL_ctrl                                45	EXIST::FUNCTION:
-SSL_dup                                 46	EXIST::FUNCTION:
-SSL_dup_CA_list                         47	EXIST::FUNCTION:
-SSL_free                                48	EXIST::FUNCTION:
-SSL_get_certificate                     49	EXIST::FUNCTION:
-SSL_get_cipher_list                     52	EXIST::FUNCTION:
-SSL_get_ciphers                         55	EXIST::FUNCTION:
-SSL_get_client_CA_list                  56	EXIST::FUNCTION:
-SSL_get_default_timeout                 57	EXIST::FUNCTION:
-SSL_get_error                           58	EXIST::FUNCTION:
-SSL_get_fd                              59	EXIST::FUNCTION:
-SSL_get_peer_cert_chain                 60	EXIST::FUNCTION:
-SSL_get_peer_certificate                61	EXIST::FUNCTION:
-SSL_get_rbio                            63	EXIST::FUNCTION:BIO
-SSL_get_read_ahead                      64	EXIST::FUNCTION:
-SSL_get_shared_ciphers                  65	EXIST::FUNCTION:
-SSL_get_ssl_method                      66	EXIST::FUNCTION:
-SSL_get_verify_callback                 69	EXIST::FUNCTION:
-SSL_get_verify_mode                     70	EXIST::FUNCTION:
-SSL_get_version                         71	EXIST::FUNCTION:
-SSL_get_wbio                            72	EXIST::FUNCTION:BIO
-SSL_load_client_CA_file                 73	EXIST::FUNCTION:STDIO
-SSL_load_error_strings                  74	EXIST::FUNCTION:
-SSL_new                                 75	EXIST::FUNCTION:
-SSL_peek                                76	EXIST::FUNCTION:
-SSL_pending                             77	EXIST::FUNCTION:
-SSL_read                                78	EXIST::FUNCTION:
-SSL_renegotiate                         79	EXIST::FUNCTION:
-SSL_rstate_string                       80	EXIST::FUNCTION:
-SSL_rstate_string_long                  81	EXIST::FUNCTION:
-SSL_set_accept_state                    82	EXIST::FUNCTION:
-SSL_set_bio                             83	EXIST::FUNCTION:BIO
-SSL_set_cipher_list                     84	EXIST::FUNCTION:
-SSL_set_client_CA_list                  85	EXIST::FUNCTION:
-SSL_set_connect_state                   86	EXIST::FUNCTION:
-SSL_set_fd                              87	EXIST::FUNCTION:SOCK
-SSL_set_read_ahead                      88	EXIST::FUNCTION:
-SSL_set_rfd                             89	EXIST::FUNCTION:SOCK
-SSL_set_session                         90	EXIST::FUNCTION:
-SSL_set_ssl_method                      91	EXIST::FUNCTION:
-SSL_set_verify                          94	EXIST::FUNCTION:
-SSL_set_wfd                             95	EXIST::FUNCTION:SOCK
-SSL_shutdown                            96	EXIST::FUNCTION:
-SSL_state_string                        97	EXIST::FUNCTION:
-SSL_state_string_long                   98	EXIST::FUNCTION:
-SSL_use_PrivateKey                      99	EXIST::FUNCTION:
-SSL_use_PrivateKey_ASN1                 100	EXIST::FUNCTION:
-SSL_use_PrivateKey_file                 101	EXIST::FUNCTION:STDIO
-SSL_use_RSAPrivateKey                   102	EXIST::FUNCTION:RSA
-SSL_use_RSAPrivateKey_ASN1              103	EXIST::FUNCTION:RSA
-SSL_use_RSAPrivateKey_file              104	EXIST::FUNCTION:RSA,STDIO
-SSL_use_certificate                     105	EXIST::FUNCTION:
-SSL_use_certificate_ASN1                106	EXIST::FUNCTION:
-SSL_use_certificate_file                107	EXIST::FUNCTION:STDIO
-SSL_write                               108	EXIST::FUNCTION:
-SSLeay_add_ssl_algorithms               109	NOEXIST::FUNCTION:
-SSLv23_client_method                    110	EXIST::FUNCTION:RSA
-SSLv23_method                           111	EXIST::FUNCTION:RSA
-SSLv23_server_method                    112	EXIST::FUNCTION:RSA
-SSLv2_client_method                     113	EXIST::FUNCTION:RSA
-SSLv2_method                            114	EXIST::FUNCTION:RSA
-SSLv2_server_method                     115	EXIST::FUNCTION:RSA
-SSLv3_client_method                     116	EXIST::FUNCTION:
-SSLv3_method                            117	EXIST::FUNCTION:
-SSLv3_server_method                     118	EXIST::FUNCTION:
-d2i_SSL_SESSION                         119	EXIST::FUNCTION:
-i2d_SSL_SESSION                         120	EXIST::FUNCTION:
-BIO_f_ssl                               121	EXIST::FUNCTION:BIO
-BIO_new_ssl                             122	EXIST::FUNCTION:BIO
-BIO_proxy_ssl_copy_session_id           123	NOEXIST::FUNCTION:
-BIO_ssl_copy_session_id                 124	EXIST::FUNCTION:BIO
-SSL_do_handshake                        125	EXIST::FUNCTION:
-SSL_get_privatekey                      126	EXIST::FUNCTION:
-SSL_get_current_cipher                  127	EXIST::FUNCTION:
-SSL_CIPHER_get_bits                     128	EXIST::FUNCTION:
-SSL_CIPHER_get_version                  129	EXIST::FUNCTION:
-SSL_CIPHER_get_name                     130	EXIST::FUNCTION:
-BIO_ssl_shutdown                        131	EXIST::FUNCTION:BIO
-SSL_SESSION_cmp                         132	EXIST::FUNCTION:
-SSL_SESSION_hash                        133	EXIST::FUNCTION:
-SSL_SESSION_get_time                    134	EXIST::FUNCTION:
-SSL_SESSION_set_time                    135	EXIST::FUNCTION:
-SSL_SESSION_get_timeout                 136	EXIST::FUNCTION:
-SSL_SESSION_set_timeout                 137	EXIST::FUNCTION:
-SSL_CTX_get_ex_data                     138	EXIST::FUNCTION:
-SSL_CTX_get_quiet_shutdown              140	EXIST::FUNCTION:
-SSL_CTX_load_verify_locations           141	EXIST::FUNCTION:
-SSL_CTX_set_default_verify_paths        142	EXIST:!VMS:FUNCTION:
-SSL_CTX_set_def_verify_paths            142	EXIST:VMS:FUNCTION:
-SSL_CTX_set_ex_data                     143	EXIST::FUNCTION:
-SSL_CTX_set_quiet_shutdown              145	EXIST::FUNCTION:
-SSL_SESSION_get_ex_data                 146	EXIST::FUNCTION:
-SSL_SESSION_set_ex_data                 148	EXIST::FUNCTION:
-SSL_get_SSL_CTX                         150	EXIST::FUNCTION:
-SSL_get_ex_data                         151	EXIST::FUNCTION:
-SSL_get_quiet_shutdown                  153	EXIST::FUNCTION:
-SSL_get_session                         154	EXIST::FUNCTION:
-SSL_get_shutdown                        155	EXIST::FUNCTION:
-SSL_get_verify_result                   157	EXIST::FUNCTION:
-SSL_set_ex_data                         158	EXIST::FUNCTION:
-SSL_set_info_callback                   160	EXIST::FUNCTION:
-SSL_set_quiet_shutdown                  161	EXIST::FUNCTION:
-SSL_set_shutdown                        162	EXIST::FUNCTION:
-SSL_set_verify_result                   163	EXIST::FUNCTION:
-SSL_version                             164	EXIST::FUNCTION:
-SSL_get_info_callback                   165	EXIST::FUNCTION:
-SSL_state                               166	EXIST::FUNCTION:
-SSL_CTX_get_ex_new_index                167	EXIST::FUNCTION:
-SSL_SESSION_get_ex_new_index            168	EXIST::FUNCTION:
-SSL_get_ex_new_index                    169	EXIST::FUNCTION:
-TLSv1_method                            170	EXIST::FUNCTION:
-TLSv1_server_method                     171	EXIST::FUNCTION:
-TLSv1_client_method                     172	EXIST::FUNCTION:
-BIO_new_buffer_ssl_connect              173	EXIST::FUNCTION:BIO
-BIO_new_ssl_connect                     174	EXIST::FUNCTION:BIO
-SSL_get_ex_data_X509_STORE_CTX_idx      175	EXIST:!VMS:FUNCTION:
-SSL_get_ex_d_X509_STORE_CTX_idx         175	EXIST:VMS:FUNCTION:
-SSL_CTX_set_tmp_dh_callback             176	EXIST::FUNCTION:DH
-SSL_CTX_set_tmp_rsa_callback            177	EXIST::FUNCTION:RSA
-SSL_CTX_set_timeout                     178	EXIST::FUNCTION:
-SSL_CTX_get_timeout                     179	EXIST::FUNCTION:
-SSL_CTX_get_cert_store                  180	EXIST::FUNCTION:
-SSL_CTX_set_cert_store                  181	EXIST::FUNCTION:
-SSL_want                                182	EXIST::FUNCTION:
-SSL_library_init                        183	EXIST::FUNCTION:
-SSL_COMP_add_compression_method         184	EXIST::FUNCTION:COMP
-SSL_add_file_cert_subjects_to_stack     185	EXIST:!VMS:FUNCTION:STDIO
-SSL_add_file_cert_subjs_to_stk          185	EXIST:VMS:FUNCTION:STDIO
-SSL_set_tmp_rsa_callback                186	EXIST::FUNCTION:RSA
-SSL_set_tmp_dh_callback                 187	EXIST::FUNCTION:DH
-SSL_add_dir_cert_subjects_to_stack      188	EXIST:!VMS:FUNCTION:STDIO
-SSL_add_dir_cert_subjs_to_stk           188	NOEXIST::FUNCTION:
-SSL_set_session_id_context              189	EXIST::FUNCTION:
-SSL_CTX_use_certificate_chain_file      222	EXIST:!VMS:FUNCTION:STDIO
-SSL_CTX_use_cert_chain_file             222	EXIST:VMS:FUNCTION:STDIO
-SSL_CTX_set_verify_depth                225	EXIST::FUNCTION:
-SSL_set_verify_depth                    226	EXIST::FUNCTION:
-SSL_CTX_get_verify_depth                228	EXIST::FUNCTION:
-SSL_get_verify_depth                    229	EXIST::FUNCTION:
-SSL_CTX_set_session_id_context          231	EXIST::FUNCTION:
-SSL_CTX_set_cert_verify_callback        232	EXIST:!VMS:FUNCTION:
-SSL_CTX_set_cert_verify_cb              232	EXIST:VMS:FUNCTION:
-SSL_CTX_set_default_passwd_cb_userdata  235	EXIST:!VMS:FUNCTION:
-SSL_CTX_set_def_passwd_cb_ud            235	EXIST:VMS:FUNCTION:
-SSL_set_purpose                         236	EXIST::FUNCTION:
-SSL_CTX_set_trust                       237	EXIST::FUNCTION:
-SSL_CTX_set_purpose                     238	EXIST::FUNCTION:
-SSL_set_trust                           239	EXIST::FUNCTION:
-SSL_get_finished                        240	EXIST::FUNCTION:
-SSL_get_peer_finished                   241	EXIST::FUNCTION:
-SSL_get1_session                        242	EXIST::FUNCTION:
-SSL_CTX_callback_ctrl                   243	EXIST::FUNCTION:
-SSL_callback_ctrl                       244	EXIST::FUNCTION:
-SSL_CTX_sessions                        245	EXIST::FUNCTION:
-SSL_get_rfd                             246	EXIST::FUNCTION:
-SSL_get_wfd                             247	EXIST::FUNCTION:
-kssl_cget_tkt                           248	EXIST::FUNCTION:KRB5
-SSL_has_matching_session_id             249	EXIST::FUNCTION:
-kssl_err_set                            250	EXIST::FUNCTION:KRB5
-kssl_ctx_show                           251	EXIST::FUNCTION:KRB5
-kssl_validate_times                     252	EXIST::FUNCTION:KRB5
-kssl_check_authent                      253	EXIST::FUNCTION:KRB5
-kssl_ctx_new                            254	EXIST::FUNCTION:KRB5
-kssl_build_principal_2                  255	EXIST::FUNCTION:KRB5
-kssl_skip_confound                      256	EXIST::FUNCTION:KRB5
-kssl_sget_tkt                           257	EXIST::FUNCTION:KRB5
-SSL_set_generate_session_id             258	EXIST::FUNCTION:
-kssl_ctx_setkey                         259	EXIST::FUNCTION:KRB5
-kssl_ctx_setprinc                       260	EXIST::FUNCTION:KRB5
-kssl_ctx_free                           261	EXIST::FUNCTION:KRB5
-kssl_krb5_free_data_contents            262	EXIST::FUNCTION:KRB5
-kssl_ctx_setstring                      263	EXIST::FUNCTION:KRB5
-SSL_CTX_set_generate_session_id         264	EXIST::FUNCTION:
-SSL_renegotiate_pending                 265	EXIST::FUNCTION:
-SSL_CTX_set_msg_callback                266	EXIST::FUNCTION:
-SSL_set_msg_callback                    267	EXIST::FUNCTION:
diff --git a/crypto/openssl/util/tab_num.pl b/crypto/openssl/util/tab_num.pl
deleted file mode 100755
index a81ed0edc245..000000000000
--- a/crypto/openssl/util/tab_num.pl
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/usr/local/bin/perl
-
-$num=1;
-$width=40;
-
-while (<>)
-	{
-	chop;
-
-	$i=length($_);
-
-	$n=$width-$i;
-	$i=int(($n+7)/8);
-	print $_.("\t" x $i).$num."\n";
-	$num++;
-	}
-
diff --git a/crypto/openssl/util/x86asm.sh b/crypto/openssl/util/x86asm.sh
deleted file mode 100755
index d2090a98493f..000000000000
--- a/crypto/openssl/util/x86asm.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-
-echo Generating x86 assember
-echo Bignum
-(cd crypto/bn/asm; perl x86.pl cpp > bn86unix.cpp)
-(cd crypto/bn/asm; perl x86.pl win32 > bn-win32.asm)
-
-echo DES
-(cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp)
-(cd crypto/des/asm; perl des-586.pl win32 > d-win32.asm)
-
-echo "crypt(3)"
-(cd crypto/des/asm; perl crypt586.pl cpp > yx86unix.cpp)
-(cd crypto/des/asm; perl crypt586.pl win32 > y-win32.asm)
-
-echo Blowfish
-(cd crypto/bf/asm; perl bf-586.pl cpp > bx86unix.cpp)
-(cd crypto/bf/asm; perl bf-586.pl win32 > b-win32.asm)
-
-echo CAST5
-(cd crypto/cast/asm; perl cast-586.pl cpp > cx86unix.cpp)
-(cd crypto/cast/asm; perl cast-586.pl win32 > c-win32.asm)
-
-echo RC4
-(cd crypto/rc4/asm; perl rc4-586.pl cpp > rx86unix.cpp)
-(cd crypto/rc4/asm; perl rc4-586.pl win32 > r4-win32.asm)
-
-echo MD5
-(cd crypto/md5/asm; perl md5-586.pl cpp > mx86unix.cpp)
-(cd crypto/md5/asm; perl md5-586.pl win32 > m5-win32.asm)
-
-echo SHA1
-(cd crypto/sha/asm; perl sha1-586.pl cpp > sx86unix.cpp)
-(cd crypto/sha/asm; perl sha1-586.pl win32 > s1-win32.asm)
-
-echo RIPEMD160
-(cd crypto/ripemd/asm; perl rmd-586.pl cpp > rm86unix.cpp)
-(cd crypto/ripemd/asm; perl rmd-586.pl win32 > rm-win32.asm)
-
-echo RC5/32
-(cd crypto/rc5/asm; perl rc5-586.pl cpp > r586unix.cpp)
-(cd crypto/rc5/asm; perl rc5-586.pl win32 > r5-win32.asm)